jenkins-core-weekly: update to 2.491
[oi-userland.git] / components / python / python39 / patches / 03-ucred.patch
blob907ecc74cb3523cdd04b93827339a8c27f2d14f6
1 This patch provides Python ucred support. It may be contributed upstream at
2 some point, but the suitability (or lack thereof) has not yet been determined.
4 diff --git Python-2.6.4/Modules/ucred.c Python-2.6.4/Modules/ucred.c
5 new file mode 100644
6 --- Python-3.9.1/Modules/ucred.c
7 +++ Python-3.9.1/Modules/ucred.c
8 @@ -0,0 +1,404 @@
9 +/*
10 + * Permission is hereby granted, free of charge, to any person obtaining a copy
11 + * of this software and associated documentation files (the "Software"), to
12 + * deal in the Software without restriction, including without limitation the
13 + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
14 + * sell copies of the Software, and to permit persons to whom the Software is
15 + * furnished to do so, subject to the following conditions:
16 + *
17 + * The above copyright notice and this permission notice shall be included in
18 + * all copies or substantial portions of the Software.
19 + *
20 + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21 + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22 + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23 + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24 + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
25 + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
26 + * DEALINGS IN THE SOFTWARE.
27 + *
28 + * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
29 + */
31 +#include <Python.h>
33 +#include <stdio.h>
34 +#include <priv.h>
35 +#include <ucred.h>
36 +#include <ctype.h>
37 +#include <tsol/label.h>
39 +typedef struct {
40 + PyObject_HEAD
41 + ucred_t *ucred;
42 +} pyucred_t;
44 +#define pyucred_getlongid(name, type) \
45 + static PyObject * \
46 + pyucred_get##name(pyucred_t *uc) \
47 + { \
48 + type val; \
49 + \
50 + if (uc->ucred == NULL) { \
51 + errno = EINVAL; \
52 + PyErr_SetFromErrno(PyExc_OSError); \
53 + return (NULL); \
54 + } \
55 + \
56 + if ((val = ucred_get##name(uc->ucred)) == -1) { \
57 + PyErr_SetFromErrno(PyExc_OSError); \
58 + return (NULL); \
59 + } \
60 + \
61 + return (Py_BuildValue("l", (long)val)); \
62 + }
64 +pyucred_getlongid(euid, uid_t)
65 +pyucred_getlongid(ruid, uid_t)
66 +pyucred_getlongid(suid, uid_t)
67 +pyucred_getlongid(egid, gid_t)
68 +pyucred_getlongid(rgid, gid_t)
69 +pyucred_getlongid(sgid, gid_t)
70 +pyucred_getlongid(pid, pid_t)
71 +pyucred_getlongid(projid, projid_t)
72 +pyucred_getlongid(zoneid, zoneid_t)
74 +static PyObject *
75 +pyucred_getgroups(pyucred_t *uc)
77 + const gid_t *groups;
78 + PyObject *list;
79 + int len;
80 + int i;
82 + if (uc->ucred == NULL) {
83 + errno = EINVAL;
84 + PyErr_SetFromErrno(PyExc_OSError);
85 + return (NULL);
86 + }
88 + if ((len = ucred_getgroups(uc->ucred, &groups)) == -1) {
89 + PyErr_SetFromErrno(PyExc_OSError);
90 + return (NULL);
91 + }
93 + if ((list = PyList_New(len)) == NULL)
94 + return (NULL);
96 + for (i = 0; i < len; i++) {
97 + PyObject *gid = Py_BuildValue("l", (long)groups[i]);
98 + if (PyList_SetItem(list, i, gid) == -1)
99 + return (NULL);
102 + return (list);
105 +static PyObject *
106 +pyucred_getlabel(pyucred_t *uc)
108 + m_label_t *label;
109 + PyObject *ret;
110 + char *str;
112 + if (uc->ucred == NULL) {
113 + errno = EINVAL;
114 + PyErr_SetFromErrno(PyExc_OSError);
115 + return (NULL);
118 + label = ucred_getlabel(uc->ucred);
119 + if (label == NULL)
120 + return (Py_BuildValue("s", ""));
122 + if (label_to_str(label, &str, M_LABEL, DEF_NAMES) == -1) {
123 + PyErr_SetFromErrno(PyExc_OSError);
124 + return (NULL);
127 + ret = Py_BuildValue("s", str);
128 + free(str);
129 + return (ret);
132 +static PyObject *
133 +pyucred_getpflags(pyucred_t *uc, PyObject *args, PyObject *kwargs)
135 + static char *kwlist[] = { "flags", NULL };
136 + uint_t flags;
138 + if (uc->ucred == NULL) {
139 + errno = EINVAL;
140 + PyErr_SetFromErrno(PyExc_OSError);
141 + return (NULL);
144 + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "i", kwlist,
145 + &flags))
146 + return (NULL);
148 + if ((flags = ucred_getpflags(uc->ucred, flags)) == (uint_t)-1) {
149 + PyErr_SetFromErrno(PyExc_OSError);
150 + return (NULL);
153 + return (Py_BuildValue("i", flags));
156 +static PyObject *
157 +pyucred_has_priv(pyucred_t *uc, PyObject *args, PyObject *kwargs)
159 + static char *kwlist[] = { "set", "priv", NULL };
160 + const priv_set_t *privs;
161 + const char *set;
162 + const char *priv;
164 + if (uc->ucred == NULL) {
165 + errno = EINVAL;
166 + PyErr_SetFromErrno(PyExc_OSError);
167 + return (NULL);
170 + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "ss", kwlist,
171 + &set, &priv))
172 + return (NULL);
174 + if ((privs = ucred_getprivset(uc->ucred, set)) == NULL) {
175 + PyErr_SetFromErrno(PyExc_OSError);
176 + return (NULL);
179 + if (priv_ismember(privs, priv)) {
180 + Py_INCREF(Py_True);
181 + return Py_True;
184 + Py_INCREF(Py_False);
185 + return Py_False;
188 +PyDoc_STRVAR(pyucred_getlabel_doc,
189 + "getlabel() -> string\n"
190 + "\n"
191 + "Return the Trusted Extensions label string, or an "
192 + "empty string if not available. The label string is "
193 + "converted using the default name and M_LABEL (human-readable). "
194 + "Raises OSError. See label_to_str(3TSOL).");
195 +PyDoc_STRVAR(pyucred_getpflags_doc,
196 + "getpflags(flags) -> int\n"
197 + "\n"
198 + "Return the values of the specified privilege flags.");
199 +PyDoc_STRVAR(pyucred_has_priv_doc,
200 + "has_priv(set, priv) -> bool\n"
201 + "\n"
202 + "Return true if the given privilege is set in the "
203 + "specified set. Raises OSError if the set or privilege is "
204 + "invalid, or a problem occurs.\n"
205 + "\n"
206 + "Currently, the following privilege sets are defined, as "
207 + "described in privileges(5):\n"
208 + "\n"
209 + "Effective\n"
210 + "Permitted\n"
211 + "Inheritable\n"
212 + "Limit\n");
214 +static PyMethodDef pyucred_methods[] = {
215 + { "geteuid", (PyCFunction)pyucred_geteuid, METH_NOARGS,
216 + "Return the effective user ID." },
217 + { "getruid", (PyCFunction)pyucred_getruid, METH_NOARGS,
218 + "Return the real user ID." },
219 + { "getsuid", (PyCFunction)pyucred_getsuid, METH_NOARGS,
220 + "Return the saved user ID." },
221 + { "getegid", (PyCFunction)pyucred_getegid, METH_NOARGS,
222 + "Return the effective group ID." },
223 + { "getrgid", (PyCFunction)pyucred_getrgid, METH_NOARGS,
224 + "Return the real group ID." },
225 + { "getsgid", (PyCFunction)pyucred_getsgid, METH_NOARGS,
226 + "Return the saved group ID." },
227 + { "getpid", (PyCFunction)pyucred_getpid, METH_NOARGS,
228 + "Return the effective user ID." },
229 + { "getprojid", (PyCFunction)pyucred_getprojid, METH_NOARGS,
230 + "Return the project ID." },
231 + { "getzoneid", (PyCFunction)pyucred_getzoneid, METH_NOARGS,
232 + "Return the zone ID." },
233 + { "getgroups", (PyCFunction)pyucred_getgroups, METH_NOARGS,
234 + "Return a list of group IDs." },
235 + { "getlabel", (PyCFunction)pyucred_getlabel, METH_NOARGS,
236 + pyucred_getlabel_doc },
237 + { "getpflags", (PyCFunction)pyucred_getpflags,
238 + METH_VARARGS|METH_KEYWORDS, pyucred_getpflags_doc },
239 + { "has_priv", (PyCFunction)pyucred_has_priv,
240 + METH_VARARGS|METH_KEYWORDS, pyucred_has_priv_doc },
241 + { NULL, NULL }
244 +static int
245 +pyucred_init(PyObject *self, PyObject *args, PyObject *kwargs)
247 + pyucred_t *uc = (pyucred_t *)self;
248 + uc->ucred = NULL;
249 + return (0);
252 +static void
253 +pyucred_dealloc(PyObject *self)
255 + pyucred_t *uc = (pyucred_t *)self;
256 + if (uc->ucred != NULL)
257 + ucred_free(uc->ucred);
258 + Py_TYPE(self)->tp_free(self);
261 +static PyTypeObject pyucred_type = {
262 + PyVarObject_HEAD_INIT(NULL, 0)
263 + "ucred.ucred", /*tp_name*/
264 + sizeof (pyucred_t), /*tp_basicsize*/
265 + 0, /*tp_itemsize*/
266 + pyucred_dealloc, /*tp_dealloc*/
267 + 0, /*tp_print*/
268 + 0, /*tp_getattr*/
269 + 0, /*tp_setattr*/
270 + 0, /*tp_reserved*/
271 + 0, /*tp_repr*/
272 + 0, /*tp_as_number*/
273 + 0, /*tp_as_sequence*/
274 + 0, /*tp_as_mapping*/
275 + 0, /*tp_hash */
276 + 0, /*tp_call*/
277 + 0, /*tp_str*/
278 + 0, /*tp_getattro*/
279 + 0, /*tp_setattro*/
280 + 0, /*tp_as_buffer*/
281 + Py_TPFLAGS_DEFAULT, /*tp_flags*/
282 + "user credentials", /*tp_doc */
283 + 0, /* tp_traverse */
284 + 0, /* tp_clear */
285 + 0, /* tp_richcompare */
286 + 0, /* tp_weaklistoffset */
287 + 0, /* tp_iter */
288 + 0, /* tp_iternext */
289 + pyucred_methods, /* tp_methods */
290 + 0, /* tp_members */
291 + 0, /* tp_getset */
292 + 0, /* tp_base */
293 + 0, /* tp_dict */
294 + 0, /* tp_descr_get */
295 + 0, /* tp_descr_set */
296 + 0, /* tp_dictoffset */
297 + (initproc)pyucred_init, /* tp_init */
298 + 0, /* tp_alloc */
299 + 0, /* tp_new */
300 + 0, /* tp_free */
301 + 0, /* tp_is_gc */
304 +static PyObject *
305 +pyucred_new(const ucred_t *uc)
307 + pyucred_t *self;
309 + self = (pyucred_t *)PyObject_CallObject((PyObject *)&pyucred_type, NULL);
311 + if (self == NULL)
312 + return (NULL);
314 + self->ucred = (ucred_t *)uc;
316 + return ((PyObject *)self);
319 +static PyObject *
320 +pyucred_get(PyObject *o, PyObject *args, PyObject *kwargs)
322 + static char *kwlist[] = { "pid", NULL };
323 + ucred_t *ucred = NULL;
324 + int pid;
326 + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "i", kwlist,
327 + &pid))
328 + return (NULL);
330 + ucred = ucred_get(pid);
332 + if (ucred == NULL) {
333 + PyErr_SetFromErrno(PyExc_OSError);
334 + return (NULL);
337 + return (pyucred_new(ucred));
340 +static PyObject *
341 +pyucred_getpeer(PyObject *o, PyObject *args, PyObject *kwargs)
343 + static char *kwlist[] = { "fd", NULL };
344 + ucred_t *ucred = NULL;
345 + int fd;
347 + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "i", kwlist,
348 + &fd))
349 + return (NULL);
351 + if (getpeerucred(fd, &ucred) == -1) {
352 + PyErr_SetFromErrno(PyExc_OSError);
353 + return (NULL);
356 + return (pyucred_new(ucred));
359 +PyDoc_STRVAR(pyucred_get_doc,
360 + "get(pid) -> ucred\n"
361 + "\n"
362 + "Return the credentials of the specified process ID. "
363 + "Raises OSError. See ucred_get(3C).");
364 +PyDoc_STRVAR(pyucred_getpeer_doc,
365 + "getpeer(fd) -> ucred\n"
366 + "\n"
367 + "Return the credentials of the peer endpoint of a "
368 + "connection-oriented socket (SOCK_STREAM) or STREAM fd "
369 + "at the time the endpoint was created or the connection "
370 + "was established. Raises OSError. See getpeerucred(3C).");
372 +static struct PyMethodDef pyucred_module_methods[] = {
373 + { "get", (PyCFunction) pyucred_get,
374 + METH_VARARGS|METH_KEYWORDS, pyucred_get_doc },
375 + { "getpeer", (PyCFunction) pyucred_getpeer,
376 + METH_VARARGS|METH_KEYWORDS, pyucred_getpeer_doc },
377 + { NULL, NULL, 0, NULL }
380 +PyDoc_STRVAR(pyucred_module_doc,
381 + "This module provides an interface to the user credential access "
382 + "methods, obtainable either by process ID or file descriptor.");
384 +PyMODINIT_FUNC
385 +PyInit_ucred (void)
387 + PyObject *m;
389 + static struct PyModuleDef moduledef = {
390 + PyModuleDef_HEAD_INIT,
391 + "ucred",
392 + pyucred_module_doc,
393 + -1,
394 + pyucred_module_methods,
395 + NULL,
396 + NULL,
397 + NULL,
398 + NULL,
399 + };
401 + m = PyModule_Create(&moduledef);
403 + pyucred_type.tp_new = PyType_GenericNew;
404 + if (PyType_Ready(&pyucred_type) < 0)
405 + return NULL;
407 + Py_INCREF(&pyucred_type);
409 + PyModule_AddObject(m, "ucred", (PyObject *)&pyucred_type);
411 + return m;
413 --- Python-3.9.1/setup.py
414 +++ Python-3.9.1/setup.py
415 @@ -1814,6 +1814,13 @@ class PyBuildExt(build_ext):
416 else:
417 self.missing.append('_uuid')
419 + def detect_ucred(self):
420 + # ucred module (Solaris)
421 + ucred_inc = find_file('ucred.h', [], self.inc_dirs)
422 + tsol_inc = find_file('tsol/label.h', [], self.inc_dirs)
423 + if ucred_inc is not None and tsol_inc is not None:
424 + self.add(Extension('ucred', ['ucred.c'], libraries=['tsol']))
426 def detect_modules(self):
427 self.configure_compiler()
428 self.init_inc_lib_dirs()
429 @@ -1834,6 +1841,7 @@ class PyBuildExt(build_ext):
430 self.detect_expat_elementtree()
431 self.detect_multibytecodecs()
432 self.detect_decimal()
433 + self.detect_ucred()
434 self.detect_ctypes()
435 self.detect_multiprocessing()
436 if not self.detect_tkinter():
437 --- Python-3.9.1/Lib/test/ucredtest.py
438 +++ Python-3.9.1/Lib/test/ucredtest.py
439 @@ -0,0 +1,45 @@
440 +#!/usr/bin/python3.9
442 +import ucred
443 +import os
445 +uc = ucred.get(os.getpid())
447 +print("pid = %d" % uc.getpid())
448 +print("euid = %d" % uc.geteuid())
449 +print("ruid = %d" % uc.getruid())
450 +print("suid = %d" % uc.getsuid())
451 +print("egid = %d" % uc.getegid())
452 +print("rgid = %d" % uc.getrgid())
453 +print("sgid = %d" % uc.getsgid())
454 +print("zoneid = %d" % uc.getzoneid())
455 +print("projid = %d" % uc.getprojid())
456 +print("groups = %s" % uc.getgroups())
457 +print("label = %s" % uc.getlabel())
459 +print("getpflags(0x1) = %d" % uc.getpflags(0x1))
460 +print("getpflags(0x2) = %d" % uc.getpflags(0x2))
461 +print("has_priv(Effective, proc_fork) = %d" % uc.has_priv("Effective", "proc_fork"))
462 +print("has_priv(Permitted, proc_fork) = %d" % uc.has_priv("Permitted", "proc_fork"))
463 +print("has_priv(Inheritable, proc_fork) = %d" % uc.has_priv("Inheritable", "proc_fork"))
464 +print("has_priv(Limit, file_setid) = %d" % uc.has_priv("Limit", "file_setid"))
465 +print("has_priv(Effective, file_setid) = %d" % uc.has_priv("Effective", "file_setid"))
466 +try:
467 + uc.has_priv("Effective", "proc_bork")
468 +except OSError as e:
469 + print(e)
470 +try:
471 + uc.has_priv("Defective", "proc_fork")
472 +except OSError as e:
473 + print(e)
474 +try:
475 + uc.has_priv("Defective", "proc_bork")
476 +except OSError as e:
477 + print(e)
479 +del uc
480 +uc = ucred.ucred()
481 +try:
482 + uc.getpid()
483 +except OSError as e:
484 + print(e)