[hurd] 18/70: libshouldbeinlibc: Add nullauth.{c,h}

[Samuel Thibault]

This is an automated email from the git hooks/post-receive script.

sthibault pushed a commit to branch upstream
in repository hurd.

commit 4c28f07bf1fbfbcee9dcd47e8ee124567c40f5e5
Author: Justus Winter <address@hidden>
Date:   Sat Jul 27 15:32:03 2013 +0200

    libshouldbeinlibc: Add nullauth.{c,h}
    
    setnullauth () obtains an empty authentication handle and uses it for
    further authentication purposes.  This effectively drops all Unix
    privileges.
    
    * libshouldbeinlibc/nullauth.c: New file.
    * libshouldbeinlibc/nullauth.h: Likewise.
    * libshouldbeinlibc/Makefile: Add nullauth.{c,h}.
---
 libshouldbeinlibc/Makefile   |    4 ++--
 libshouldbeinlibc/nullauth.c |   47 ++++++++++++++++++++++++++++++++++++++++++
 libshouldbeinlibc/nullauth.h |   31 ++++++++++++++++++++++++++++
 3 files changed, 80 insertions(+), 2 deletions(-)

diff --git a/libshouldbeinlibc/Makefile b/libshouldbeinlibc/Makefile
index 31a940f..14a7939 100644
--- a/libshouldbeinlibc/Makefile
+++ b/libshouldbeinlibc/Makefile
@@ -27,9 +27,9 @@ SRCS = termsize.c timefmt.c exec-reauth.c maptime-funcs.c \
        idvec-impgids.c idvec-verify.c idvec-rep.c \
        ugids.c ugids-argp.c ugids-rep.c ugids-verify.c ugids-subtract.c \
        ugids-auth.c ugids-xinl.c ugids-merge.c ugids-imply.c ugids-posix.c \
-       ugids-verify-auth.c
+       ugids-verify-auth.c nullauth.c
 installhdrs = idvec.h timefmt.h maptime.h \
-             wire.h portinfo.h portxlate.h cacheq.h ugids.h
+             wire.h portinfo.h portxlate.h cacheq.h ugids.h nullauth.h
 installhdrsubdir = .
 
 OBJS = $(SRCS:.c=.o)
diff --git a/libshouldbeinlibc/nullauth.c b/libshouldbeinlibc/nullauth.c
new file mode 100644
index 0000000..4ba10a7
--- /dev/null
+++ b/libshouldbeinlibc/nullauth.c
@@ -0,0 +1,47 @@
+/* Drop all authentication credentials.
+
+   Copyright (C) 2013 Free Software Foundation, Inc.
+
+   Written by Justus Winter <address@hidden>
+
+   This file is part of the GNU Hurd.
+
+   This program is free software; you can redistribute it and/or
+   modify it under the terms of the GNU General Public License as
+   published by the Free Software Foundation; either version 2, or (at
+   your option) any later version.
+
+   This program is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+
+#include <error.h>
+#include <errno.h>
+#include <hurd.h>
+
+/* Obtain an empty authentication handle and use it for further
+   authentication purposes.  This effectively drops all Unix
+   privileges.  */
+error_t
+setnullauth (void)
+{
+  error_t err;
+
+  auth_t nullauth;
+  err = auth_makeauth (getauth (),
+                      NULL, MACH_MSG_TYPE_COPY_SEND, 0,
+                      NULL, 0,
+                      NULL, 0,
+                      NULL, 0,
+                      NULL, 0,
+                      &nullauth);
+  if (err)
+    return err;
+
+  err = setauth (nullauth);
+  return err;
+}
diff --git a/libshouldbeinlibc/nullauth.h b/libshouldbeinlibc/nullauth.h
new file mode 100644
index 0000000..efdb5f3
--- /dev/null
+++ b/libshouldbeinlibc/nullauth.h
@@ -0,0 +1,31 @@
+/* Drop all authentication credentials.
+
+   Copyright (C) 2013 Free Software Foundation, Inc.
+
+   Written by Justus Winter <address@hidden>
+
+   This file is part of the GNU Hurd.
+
+   This program is free software; you can redistribute it and/or
+   modify it under the terms of the GNU General Public License as
+   published by the Free Software Foundation; either version 2, or (at
+   your option) any later version.
+
+   This program is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+
+#ifndef __NULLAUTH_H__
+#define __NULLAUTH_H__
+
+/* Obtain an empty authentication handle and use it for further
+   authentication purposes.  This effectively drops all Unix
+   privileges.  */
+error_t
+setnullauth (void);
+
+#endif  /* __NULLAUTH_H__ */

-- 
Alioth's /usr/local/bin/git-commit-notice on 
/srv/git.debian.org/git/pkg-hurd/hurd.git