equal
deleted
inserted
replaced
|
1 --- src/tcs/rpc/tcstp/rpc_ps.c.orig 2011-03-23 11:01:54.707428173 -0700 |
|
2 +++ src/tcs/rpc/tcstp/rpc_ps.c 2011-03-23 11:27:00.753845441 -0700 |
|
3 @@ -26,6 +26,29 @@ |
|
4 #include "tcs_utils.h" |
|
5 #include "rpc_tcstp_tcs.h" |
|
6 |
|
7 +#ifdef SOLARIS |
|
8 +#include <ucred.h> |
|
9 +#include <errno.h> |
|
10 + |
|
11 +static TSS_RESULT |
|
12 +verify_peer(struct tcsd_thread_data *data) |
|
13 +{ |
|
14 + ucred_t *uc = NULL; |
|
15 + if (getpeerucred(data->sock, &uc)) { |
|
16 + LogError("Failed to get peer credential (%s)", |
|
17 + strerror(errno)); |
|
18 + return TCSERR(TSS_E_TSP_AUTHFAIL); |
|
19 + } |
|
20 + if (ucred_geteuid(uc) != 0) { |
|
21 + LogError("Unauthorized attempt to modify a system key", |
|
22 + strerror(errno)); |
|
23 + ucred_free(uc); |
|
24 + return TCSERR(TSS_E_TSP_AUTHFAIL); |
|
25 + } |
|
26 + ucred_free(uc); |
|
27 + return (TSS_SUCCESS); |
|
28 +} |
|
29 +#endif |
|
30 |
|
31 TSS_RESULT |
|
32 tcs_wrap_RegisterKey(struct tcsd_thread_data *data) |
|
33 @@ -38,6 +61,10 @@ |
|
34 UINT32 cVendorData; |
|
35 BYTE *gbVendorData; |
|
36 TSS_RESULT result; |
|
37 +#ifdef SOLARIS |
|
38 + if ( (result = verify_peer(data)) != TSS_SUCCESS) |
|
39 + return (result); |
|
40 +#endif |
|
41 |
|
42 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) |
|
43 return TCSERR(TSS_E_INTERNAL_ERROR); |
|
44 @@ -99,6 +126,10 @@ |
|
45 TCS_CONTEXT_HANDLE hContext; |
|
46 TSS_UUID uuid; |
|
47 TSS_RESULT result; |
|
48 +#ifdef SOLARIS |
|
49 + if ( (result = verify_peer(data)) != TSS_SUCCESS) |
|
50 + return (result); |
|
51 +#endif |
|
52 |
|
53 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) |
|
54 return TCSERR(TSS_E_INTERNAL_ERROR); |