File libtirpc-0.1.9-0009-Fix-getpeereid.patch of Package libtirpc

From 6c487efe74adb5c29f7bee5bd51b3ebef4968f7d Mon Sep 17 00:00:00 2001
From: Olaf Kirch <okir@suse.de>
Date: Tue, 30 Sep 2008 15:09:06 -0400
Subject: [PATCH] Fix getpeereid

getpeereid fails because it uses an incorrect getsockopt call to obtain
the peer credentials on a AF_LOCAL socket.  This in turn will cause all
RPC services to be registered with rpcbind to show up as having been
registered by "unknown".

This has a serious impact on security - a service owned by "unknown"
can essentially be unregistered (and thus replaced) by anyone.

Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
---
 src/getpeereid.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/getpeereid.c b/src/getpeereid.c
index 9207d9d..57ee197 100644
--- a/src/getpeereid.c
+++ b/src/getpeereid.c
@@ -41,7 +41,7 @@ getpeereid(int s, uid_t *euid, gid_t *egid)
 	int error;
 
 	uclen = sizeof(uc); 
-	error = getsockopt(s, 0, SO_PEERCRED, &uc, &uclen); /*  SCM_CREDENTIALS */
+	error = getsockopt(s, SOL_SOCKET, SO_PEERCRED, &uc, &uclen); /*  SCM_CREDENTIALS */
 	if (error != 0)
 		return (error);
 	//	if (uc.cr_version != XUCRED_VERSION)
-- 
1.5.6