mcstransd: don't reinvent getpeercon, badly.

libselinux provides a proper getpeercon() implementation that uses
getsockopt with SO_PEERSEC to reliably obtain the peer's security
context from the kernel.  mcstransd for reasons unknown rolled its
own get_peer_con() function that uses getsockopt SO_PEERCRED
to obtain the peer PID and then calls getpidcon_raw().  That's
less efficient and less secure (subject to races; peer context
may have changed since connect).  Don't do that.

The peer context doesn't appear to be used for anything currently,
although there is a comment suggesting adding a permission check to
see if the requester dominates the label to be translated to control
what labels can be translated by what peers.  Could likely dispense
with it altogether.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

policycoreutils/mcstrans/src/mcstransd.c

@@ -138,24 +138,6 @@ get_peer_pid(int fd, pid_t *pid)
 }
 
 
-static int
-get_peer_con(int fd, char **peercon)
-{
-	int ret;
-	pid_t pid;
-	ret = get_peer_pid(fd, &pid);
-	if (ret)
-		return -1;
-	ret = getpidcon_raw(pid, peercon);
-	if (ret) {
-		syslog(LOG_ERR, 
-			"Failed to get context of client process (pid=%u)",
-			pid);
-		return -1;
-	}
-	return 0;
-}
-
 static int
 process_request(int fd, uint32_t function, char *data1, char *UNUSED(data2))
 {
@@ -164,8 +146,8 @@ process_request(int fd, uint32_t function, char *data1, char *UNUSED(data2))
 	char *peercon = NULL;
 	int ret;
 
-	ret = get_peer_con(fd, &peercon);
+	ret = getpeercon_raw(fd, &peercon);
-	if (ret)
+	if (ret < 0)
 		return ret;
 
 	/* TODO: Check if MLS clearance (in peercon) dominates the MLS label