From 77c972c898b325997fa2f527264a9706f1e414a5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 17 Jul 2014 15:41:11 +0200 Subject: nix-daemon: Only print connection info if we have SO_PEERCRED --- src/nix-daemon/nix-daemon.cc | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc index ab9e4b968483..f486806353b9 100644 --- a/src/nix-daemon/nix-daemon.cc +++ b/src/nix-daemon/nix-daemon.cc @@ -854,22 +854,25 @@ static void daemonLoop() closeOnExec(remote); - /* Get the identity of the caller, if possible. */ - uid_t clientUid = -1; - pid_t clientPid = -1; bool trusted = false; + pid_t clientPid = -1; + #if defined(SO_PEERCRED) + /* Get the identity of the caller, if possible. */ + uid_t clientUid = -1; + ucred cred; socklen_t credLen = sizeof(cred); - if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) != -1) { - clientPid = cred.pid; - clientUid = cred.uid; - if (clientUid == 0) trusted = true; - } -#endif + if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) == -1) + throw SysError("getting peer credentials"); + + clientPid = cred.pid; + clientUid = cred.uid; + if (clientUid == 0) trusted = true; printMsg(lvlInfo, format("accepted connection from pid %1%, uid %2%") % clientPid % clientUid); +#endif /* Fork a child to handle the connection. */ startProcess([&]() { -- cgit 1.4.1