re-implemented setuid/setgid support

1 files changed, 22 insertions, 2 deletions

diff --git a/tlsserver.go b/tlsserver.go
index 09618b4..452aead 100644
--- a/tlsserver.go
+++ b/tlsserver.go
@@ -55,7 +55,7 @@ func main() {
 
 	// set uid/gid
 	if *gid >= 0 {
-		err := syscall.Setgid(*gid)
+		err := setgid(*gid) // syscall.Setgid(*gid)
 		if err != nil {
 			fmt.Println("Couldn't setgid to", *gid, ":", err)
 			os.Exit(4)
@@ -63,7 +63,7 @@ func main() {
 	}
 
 	if *uid >= 0 {
-		err := syscall.Setuid(*uid)
+		err := setuid(*uid) // syscall.Setuid(*uid)
 		if err != nil {
 			fmt.Println("Couldn't setuid to", *uid, ":", err)
 			os.Exit(4)
@@ -117,3 +117,23 @@ func handleConnection(conn net.Conn) {
 	}
 	log.Println("Done with connection", conn.RemoteAddr())
 }
+
+// Since go1.4 the setgid syscall is deliberatelly not supported anymore, as it
+// only applies to the calling thread.  So we try this here:
+func setgid(gid int) error {
+	// RawSyscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
+	_, _, e := syscall.RawSyscall(syscall.SYS_SETGID, uintptr(gid), 0, 0)
+	if e != 0 {
+		return fmt.Errorf(e.Error())
+	}
+	return nil
+}
+
+func setuid(uid int) error {
+	// RawSyscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
+	_, _, e := syscall.RawSyscall(syscall.SYS_SETUID, uintptr(uid), 0, 0)
+	if e != 0 {
+		return fmt.Errorf(e.Error())
+	}
+	return nil
+}