Ted C. Cheng writes:
I have revised the patch to (1) initialize rname buffer, (2) ignore the comparison "llen == rlen",
Might be OK, but...
(3) compare st.st_mode only against S_IFIFO, but not S_ISUID|S_IRWXU.
No. You're getting proper use to work on Solaris, but that's the easy part. That fchmod and corresponding mode test is there for a reason: The code must also reject attempts to impersonate other users or groups. A user could find and open a named socket/pipe owned by some other user, or start someone's setuid program which opens a Unix domain socket and then runs his program as his own user, or something like that. I don't remember exactly. But OSes and OS releases differ about which of these impersonation attempts might work if this code were insufficiently paranoid, so you have quite some exporation work ahead of you if you want to tweak this FD passing safely.
You can instead look for a mechanism with built-in credential passing, apparently like Solaris "doors". Or look at what some other well-tested and portable package does and suggest we steal its code. Or live with the fact that SASL/EXTERNAL over ldapi:// is supported on your platform.
The socket path comparison demands full-path match, e.g., "/var/suum/run/socket" won't match against "/var/suum/run//socket".