[apple/libc.git] / gen / FreeBSD / getpeereid.3

.\"
.\" Copyright (c) 2001 Dima Dorfman.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD: src/lib/libc/gen/getpeereid.3,v 1.6 2002/12/18 10:13:54 ru Exp $
.\"
.Dd July 15, 2001
.Dt GETPEEREID 3
.Os
.Sh NAME
.Nm getpeereid
.Nd get the effective credentials of a UNIX-domain peer
.Sh LIBRARY
.Lb libc
.Sh SYNOPSIS
.In sys/types.h
.In unistd.h
.Ft int
.Fn getpeereid "int s" "uid_t *euid" "gid_t *egid"
.Sh DESCRIPTION
The
.Fn getpeereid
function returns the effective user and group IDs of the
peer connected to a
.Ux Ns -domain
socket.
The argument
.Fa s
must be a
.Ux Ns -domain
socket
.Pq Xr unix 4
of type
.Dv SOCK_STREAM
on which either
.Xr connect 2
or
.Xr listen 2
have been called.
The effective used ID is placed in
.Fa euid ,
and the effective group ID in
.Fa egid .
.Pp
The credentials returned to the
.Xr listen 2
caller are those of its peer at the time it called
.Xr connect 2 ;
the credentials returned to the
.Xr connect 2
caller are those of its peer at the time it called
.Xr listen 2 .
This mechanism is reliable; there is no way for either side to influence
the credentials returned to its peer except by calling the appropriate
system call (i.e., either
.Xr connect 2
or
.Xr listen 2 )
under different effective credentials.
.Pp
One common use of this routine is for a
.Ux Ns -domain
server
to verify the credentials of its client.
Likewise, the client can verify the credentials of the server.
.Sh IMPLEMENTATION NOTES
On
.Fx ,
.Fn getpeereid
is implemented in terms of the
.Dv LOCAL_PEERCRED
.Xr unix 4
socket option.
.Sh RETURN VALUES
.Rv -std getpeereid
.Sh ERRORS
The
.Fn getpeereid
function
fails if:
.Bl -tag -width Er
.It Bq Er EBADF
The argument
.Fa s
is not a valid descriptor.
.It Bq Er ENOTSOCK
The argument
.Fa s
is a file, not a socket.
.It Bq Er ENOTCONN
The argument
.Fa s
does not refer to a socket on which
.Xr connect 2
or
.Xr listen 2
have been called.
.It Bq Er EINVAL
The argument
.Fa s
does not refer to a socket of type
.Dv SOCK_STREAM ,
or the kernel returned invalid data.
.El
.Sh SEE ALSO
.Xr connect 2 ,
.Xr getpeername 2 ,
.Xr getsockname 2 ,
.Xr getsockopt 2 ,
.Xr listen 2 ,
.Xr unix 4
.Sh HISTORY
The
.Fn getpeereid
function appeared in
.Fx 4.6 .
Commit	Line	Data
59e0d9fe A	1	.\"
	2	.\" Copyright (c) 2001 Dima Dorfman.
	3	.\" All rights reserved.
	4	.\"
	5	.\" Redistribution and use in source and binary forms, with or without
	6	.\" modification, are permitted provided that the following conditions
	7	.\" are met:
	8	.\" 1. Redistributions of source code must retain the above copyright
	9	.\" notice, this list of conditions and the following disclaimer.
	10	.\" 2. Redistributions in binary form must reproduce the above copyright
	11	.\" notice, this list of conditions and the following disclaimer in the
	12	.\" documentation and/or other materials provided with the distribution.
	13	.\"
	14	.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
	15	.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	16	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	17	.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	18	.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	19	.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	20	.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	21	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	22	.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	23	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	24	.\" SUCH DAMAGE.
	25	.\"
	26	.\" $FreeBSD: src/lib/libc/gen/getpeereid.3,v 1.6 2002/12/18 10:13:54 ru Exp $
	27	.\"
	28	.Dd July 15, 2001
	29	.Dt GETPEEREID 3
	30	.Os
	31	.Sh NAME
	32	.Nm getpeereid
	33	.Nd get the effective credentials of a UNIX-domain peer
	34	.Sh LIBRARY
	35	.Lb libc
	36	.Sh SYNOPSIS
	37	.In sys/types.h
	38	.In unistd.h
	39	.Ft int
	40	.Fn getpeereid "int s" "uid_t euid" "gid_t egid"
	41	.Sh DESCRIPTION
	42	The
	43	.Fn getpeereid
	44	function returns the effective user and group IDs of the
	45	peer connected to a
	46	.Ux Ns -domain
	47	socket.
	48	The argument
	49	.Fa s
	50	must be a
	51	.Ux Ns -domain
	52	socket
	53	.Pq Xr unix 4
	54	of type
	55	.Dv SOCK_STREAM
	56	on which either
	57	.Xr connect 2
	58	or
	59	.Xr listen 2
	60	have been called.
	61	The effective used ID is placed in
	62	.Fa euid ,
	63	and the effective group ID in
	64	.Fa egid .
65	.Pp
66	The credentials returned to the
67	.Xr listen 2
68	caller are those of its peer at the time it called
69	.Xr connect 2 ;
70	the credentials returned to the
71	.Xr connect 2
72	caller are those of its peer at the time it called
73	.Xr listen 2 .
74	This mechanism is reliable; there is no way for either side to influence
75	the credentials returned to its peer except by calling the appropriate
76	system call (i.e., either
77	.Xr connect 2
78	or
79	.Xr listen 2 )
80	under different effective credentials.
81	.Pp
82	One common use of this routine is for a
83	.Ux Ns -domain
84	server
85	to verify the credentials of its client.
86	Likewise, the client can verify the credentials of the server.
87	.Sh IMPLEMENTATION NOTES
88	On
89	.Fx ,
90	.Fn getpeereid
91	is implemented in terms of the
92	.Dv LOCAL_PEERCRED
93	.Xr unix 4
94	socket option.
95	.Sh RETURN VALUES
96	.Rv -std getpeereid
97	.Sh ERRORS
98	The
99	.Fn getpeereid
100	function
101	fails if:
102	.Bl -tag -width Er
103	.It Bq Er EBADF
104	The argument
105	.Fa s
106	is not a valid descriptor.
107	.It Bq Er ENOTSOCK
108	The argument
109	.Fa s
110	is a file, not a socket.
111	.It Bq Er ENOTCONN
112	The argument
113	.Fa s
114	does not refer to a socket on which
115	.Xr connect 2
116	or
117	.Xr listen 2
118	have been called.
119	.It Bq Er EINVAL
120	The argument
121	.Fa s
122	does not refer to a socket of type
123	.Dv SOCK_STREAM ,
124	or the kernel returned invalid data.
125	.El
126	.Sh SEE ALSO
127	.Xr connect 2 ,
128	.Xr getpeername 2 ,
129	.Xr getsockname 2 ,
130	.Xr getsockopt 2 ,
131	.Xr listen 2 ,
132	.Xr unix 4
133	.Sh HISTORY
134	The
135	.Fn getpeereid
136	function appeared in
137	.Fx 4.6 .