--auth-ident like identification for PF_UNIX sockets

[Enrik Berkhan <En...@akk.org>]

Hi,

setup summary:

spamc called from exim on a per-user-basis:

spamcheck:
   driver = pipe
   use_bsmtp = true
   batch_max = 1
   command = /usr/sbin/exim4 -oMr spam-scanned -bS
   transport_filter = /usr/bin/spamc -u ${local_part} -U /var/run/spamd
   user = Debian-exim
   group = Debian-exim
   ...

spamd:
   /usr/sbin/spamd --socketpath=/var/run/spamd ...

Of course, this is insecure, because any local user can call spamc on 
another local user's behalf.

To solve this, I've implemented

1.) SO_PEERCRED authentication for PF_UNIX sockets (including unsolved 
portability issue concerning "struct ucred" unpacking)
2.) a "trusted user" who may set any other user via the User: header if 
identified correctly

Thus, Debian-exim (trusted user) can use "-u $local_part" even with 
identification. Now the spamd command line becomes

/usr/sbin/spamd --socketpath=/var/run/spamd --auth-ident --trusted-user 
Debian-exim ...

I'll include the spamd diff just in case someone finds it useful. Of 
course, the --trusted-user option could be augmented to allow an array 
of trusted users.

Cheers,
Enrik