The branch main has been updated by kevans:
URL:
https://cgit.FreeBSD.org/src/commit/?id=d2eb8a023547b03246f16ce455d20a4acfd552c4
commit d2eb8a023547b03246f16ce455d20a4acfd552c4
Author: Kyle Evans <kev...@freebsd.org>
AuthorDate: 2025-07-24 14:59:07 +0000
Commit: Kyle Evans <kev...@freebsd.org>
CommitDate: 2025-07-24 14:59:07 +0000
bluetooth: sdpd: switch to getpeereid() instead of LOCAL_PEERCRED
sdpd's usage was mostly fine, though it debatably should have been
checking the xucred version to avoid mishaps. Switch it to getpeereid()
anyways to avoid embedding xucred layout details in more program.
Reviewed by: emax
Differential Revision: https://reviews.freebsd.org/D51152
---
usr.sbin/bluetooth/sdpd/server.c | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/usr.sbin/bluetooth/sdpd/server.c b/usr.sbin/bluetooth/sdpd/server.c
index ab398cd9339f..05a4cb5f0236 100644
--- a/usr.sbin/bluetooth/sdpd/server.c
+++ b/usr.sbin/bluetooth/sdpd/server.c
@@ -345,14 +345,12 @@ server_accept_client(server_p srv, int32_t fd)
return;
}
} else {
- struct xucred cr;
+ uid_t uid;
+ gid_t gid;
struct passwd *pw;
/* Get peer's credentials */
- memset(&cr, 0, sizeof(cr));
- size = sizeof(cr);
-
- if (getsockopt(cfd, 0, LOCAL_PEERCRED, &cr, &size) < 0) {
+ if (getpeereid(cfd, &uid, &gid) < 0) {
log_err("Could not get peer's credentials. %s (%d)",
strerror(errno), errno);
close(cfd);
@@ -360,12 +358,12 @@ server_accept_client(server_p srv, int32_t fd)
}
/* Check credentials */
- pw = getpwuid(cr.cr_uid);
+ pw = getpwuid(uid);
if (pw != NULL)
priv = (strcmp(pw->pw_name, "root") == 0);
else
log_warning("Could not verify credentials for uid %d",
- cr.cr_uid);
+ uid);
memcpy(&srv->req_sa.l2cap_bdaddr, NG_HCI_BDADDR_ANY,
sizeof(srv->req_sa.l2cap_bdaddr));
