trousers/patches/tcs_rpc_tcstp_rpc_ps.c.patch

# Add Solaris-specific code to verify the socket peer credential when
# a key is registered.
# This change was developed in-house and is not suitable for upstream use.
#
--- src/tcs/rpc/tcstp/rpc_ps.c  2014-04-24 11:05:44.000000000 -0700
+++ src/tcs/rpc/tcstp/rpc_ps.c  2016-04-18 13:55:57.830151412 -0700
@@ -26,6 +26,29 @@
 #include "tcs_utils.h"
 #include "rpc_tcstp_tcs.h"

+#ifdef SOLARIS
+#include <ucred.h>
+#include <errno.h>
+
+static TSS_RESULT
+verify_peer(struct tcsd_thread_data *data)
+{
+   ucred_t *uc = NULL;
+   if (getpeerucred(data->sock, &uc)) {
+       LogError("Failed to get peer credential (%s)",
+           strerror(errno));
+       return TCSERR(TSS_E_TSP_AUTHFAIL);
+   }
+   if (ucred_geteuid(uc) != 0) {
+       LogError("Unauthorized attempt to modify a system key",
+           strerror(errno));
+       ucred_free(uc);
+       return TCSERR(TSS_E_TSP_AUTHFAIL);
+   }
+   ucred_free(uc);
+   return (TSS_SUCCESS);
+}
+#endif

 TSS_RESULT
 tcs_wrap_RegisterKey(struct tcsd_thread_data *data)
@@ -38,6 +61,10 @@
    UINT32 cVendorData;
    BYTE *gbVendorData;
    TSS_RESULT result;
+#ifdef SOLARIS
+   if ( (result = verify_peer(data)) != TSS_SUCCESS)
+       return (result);
+#endif

    if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
        return TCSERR(TSS_E_INTERNAL_ERROR);
@@ -102,6 +129,10 @@
    TCS_CONTEXT_HANDLE hContext;
    TSS_UUID uuid;
    TSS_RESULT result;
+#ifdef SOLARIS
+   if ( (result = verify_peer(data)) != TSS_SUCCESS)
+       return (result);
+#endif

    if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
        return TCSERR(TSS_E_INTERNAL_ERROR);