1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright 2013 Red Hat, Inc.
5 * SPDX-License-Identifier: LGPL-2.1-or-later
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General
18 * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #ifndef __G_CREDENTIALS_PRIVATE_H__
22 #define __G_CREDENTIALS_PRIVATE_H__
24 #include "gio/gcredentials.h"
25 #include "gio/gnetworking.h"
28 * G_CREDENTIALS_SUPPORTED:
30 * Defined to 1 if GCredentials works.
32 #undef G_CREDENTIALS_SUPPORTED
35 * G_CREDENTIALS_USE_LINUX_UCRED, etc.:
37 * Defined to 1 if GCredentials uses Linux `struct ucred`, etc.
39 #undef G_CREDENTIALS_USE_LINUX_UCRED
40 #undef G_CREDENTIALS_USE_FREEBSD_CMSGCRED
41 #undef G_CREDENTIALS_USE_NETBSD_UNPCBID
42 #undef G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED
43 #undef G_CREDENTIALS_USE_SOLARIS_UCRED
44 #undef G_CREDENTIALS_USE_APPLE_XUCRED
45 #undef G_CREDENTIALS_USE_WIN32_PID
48 * G_CREDENTIALS_NATIVE_TYPE:
50 * Defined to one of G_CREDENTIALS_TYPE_LINUX_UCRED, etc.
52 #undef G_CREDENTIALS_NATIVE_TYPE
55 * G_CREDENTIALS_NATIVE_SIZE:
57 * Defined to the size of the %G_CREDENTIALS_NATIVE_TYPE
59 #undef G_CREDENTIALS_NATIVE_SIZE
62 * G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED:
64 * Defined to 1 if we have a message-passing API in which credentials
65 * are attached to a particular message, such as `SCM_CREDENTIALS` on Linux
66 * or `SCM_CREDS` on FreeBSD.
68 #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED
71 * G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED:
73 * Defined to 1 if we have a `getsockopt()`-style API in which one end of
74 * a socket connection can directly query the credentials of the process
75 * that initiated the other end, such as `getsockopt SO_PEERCRED` on Linux
76 * or `getpeereid()` on multiple operating systems.
78 #undef G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED
81 * G_CREDENTIALS_SPOOFING_SUPPORTED:
83 * Defined to 1 if privileged processes can spoof their credentials when
84 * using the message-passing API.
86 #undef G_CREDENTIALS_SPOOFING_SUPPORTED
89 * G_CREDENTIALS_PREFER_MESSAGE_PASSING:
91 * Defined to 1 if the data structure transferred by the message-passing
92 * API is strictly more informative than the one transferred by the
93 * `getsockopt()`-style API, and hence should be preferred, even for
94 * protocols like D-Bus that are defined in terms of the credentials of
95 * the (process that opened the) socket, as opposed to the credentials
96 * of an individual message.
98 #undef G_CREDENTIALS_PREFER_MESSAGE_PASSING
101 * G_CREDENTIALS_HAS_PID:
103 * Defined to 1 if the %G_CREDENTIALS_NATIVE_TYPE contains the process ID.
105 #undef G_CREDENTIALS_HAS_PID
108 #define G_CREDENTIALS_SUPPORTED 1
109 #define G_CREDENTIALS_USE_LINUX_UCRED 1
110 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_LINUX_UCRED
111 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct ucred))
112 #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1
113 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
114 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
115 #define G_CREDENTIALS_HAS_PID 1
117 #elif defined(__FreeBSD__) || \
118 defined(__FreeBSD_kernel__) /* Debian GNU/kFreeBSD */ || \
119 defined(__GNU__) /* GNU Hurd */ || \
120 defined(__DragonFly__) /* DragonFly BSD */
121 #define G_CREDENTIALS_SUPPORTED 1
122 #define G_CREDENTIALS_USE_FREEBSD_CMSGCRED 1
123 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED
124 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct cmsgcred))
125 #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1
126 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
127 /* GLib doesn't implement it yet, but FreeBSD's getsockopt()-style API
128 * is getpeereid(), which is not as informative as struct cmsgcred -
129 * it does not tell us the PID. As a result, libdbus prefers to use
130 * SCM_CREDS, and if we implement getpeereid() in future, we should
132 #define G_CREDENTIALS_PREFER_MESSAGE_PASSING 1
133 #define G_CREDENTIALS_HAS_PID 1
135 #elif defined(__NetBSD__)
136 #define G_CREDENTIALS_SUPPORTED 1
137 #define G_CREDENTIALS_USE_NETBSD_UNPCBID 1
138 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_NETBSD_UNPCBID
139 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct unpcbid))
140 /* #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED */
141 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
142 #define G_CREDENTIALS_HAS_PID 1
144 #elif defined(__OpenBSD__)
145 #define G_CREDENTIALS_SUPPORTED 1
146 #define G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED 1
147 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED
148 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct sockpeercred))
149 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
150 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
151 #define G_CREDENTIALS_HAS_PID 1
153 #elif defined(__sun__) || defined(__illumos__) || defined (__OpenSolaris_kernel__)
155 #define G_CREDENTIALS_SUPPORTED 1
156 #define G_CREDENTIALS_USE_SOLARIS_UCRED 1
157 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_SOLARIS_UCRED
158 #define G_CREDENTIALS_NATIVE_SIZE (ucred_size ())
159 #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1
160 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
161 #define G_CREDENTIALS_HAS_PID 1
163 #elif defined(__APPLE__)
164 #include <sys/ucred.h>
165 #define G_CREDENTIALS_SUPPORTED 1
166 #define G_CREDENTIALS_USE_APPLE_XUCRED 1
167 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_APPLE_XUCRED
168 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct xucred))
169 #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED
170 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
171 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
172 #define G_CREDENTIALS_HAS_PID 0
174 void _g_credentials_set_local_peerid (GCredentials *credentials,
177 #elif defined(_WIN32)
178 #define G_CREDENTIALS_SUPPORTED 1
179 #define G_CREDENTIALS_USE_WIN32_PID 1
180 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_WIN32_PID
181 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (DWORD))
182 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
183 #define G_CREDENTIALS_HAS_PID 1
187 #endif /* __G_CREDENTIALS_PRIVATE_H__ */