From cdd1d58159140759052ec043bc9828d94ba97bc7 Mon Sep 17 00:00:00 2001
From: Jon TURNEY <jon.turney@dronecode.org.uk>
Date: Mon, 6 Jul 2015 17:15:44 +0100
Subject: [PATCH] mingw: Fix NO_LOCAL_CLIENT_CRED build

Commit 4b4b9086 "os: support new implicit local user access mode [CVE-2015-3164
2/3]" carefully places the relevant code it adds under !NO_LOCAL_CLIENT_CRED,
but unfortunately doesn't notice that NO_LOCAL_CLIENT_CRED is defined as a
side-effect in the middle of GetLocalClientCreds(), so many of these checks
precede its definition.

Move the check if NO_LOCAL_CLIENT_CRED should be defined to configure.ac, so it
always occurs before it's first use.

v2:
Move check to configure.ac

v3:
Use AC_CACHE_CHECK and name cache varaible appropriately

[ajax: Massaged commit message]

Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Ray Strode <rstrode@redhat.com>
---
 configure.ac            | 18 ++++++++++++++++++
 include/dix-config.h.in |  3 +++
 os/access.c             |  1 -
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index bab7d89bd..0ab756dc7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -223,6 +223,24 @@ AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup])
 
 AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]])
 
+dnl Check for SO_PEERCRED #define
+AC_CACHE_CHECK([for SO_PEERCRED in sys/socket.h],
+	       [xorg_cv_sys_have_so_peercred],
+	       [AC_EGREP_CPP(yes_have_so_peercred,[
+#include <sys/types.h>
+#include <sys/socket.h>
+#ifdef SO_PEERCRED
+yes_have_so_peercred
+#endif
+],
+	       [xorg_cv_sys_have_so_peercred=yes],
+	       [xorg_cv_sys_have_so_peercred=no])])
+
+dnl define NO_LOCAL_CLIENT_CRED if no getpeereid, getpeerucred or SO_PEERCRED
+if test "x$ac_cv_func_getpeereid" = xno && test "x$ac_cv_func_getpeerucred" = xno && test "x$xorg_cv_sys_have_so_peercred" = xno ; then
+	AC_DEFINE([NO_LOCAL_CLIENT_CRED], 1, [Define to 1 if no local socket credentials interface exists])
+fi
+
 dnl Find the math libary, then check for cbrt function in it.
 AC_CHECK_LIB(m, sqrt)
 AC_CHECK_FUNCS([cbrt])
diff --git a/include/dix-config.h.in b/include/dix-config.h.in
index c2ba4347f..daaff8d5a 100644
--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
@@ -518,4 +518,7 @@
 /* Listen on local socket */
 #undef LISTEN_LOCAL
 
+/* Define if no local socket credentials interface exists */
+#undef NO_LOCAL_CLIENT_CRED
+
 #endif /* _DIX_CONFIG_H_ */
diff --git a/os/access.c b/os/access.c
index 75e7a6983..54f069024 100644
--- a/os/access.c
+++ b/os/access.c
@@ -1221,7 +1221,6 @@ GetLocalClientCreds(ClientPtr client, LocalClientCredRec ** lccp)
 #endif
 #else
     /* No system call available to get the credentials of the peer */
-#define NO_LOCAL_CLIENT_CRED
     return -1;
 #endif
 }