technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Introduced SCM_CREDENTIALS / SCM_CREDS in the socket control msgs.

Browse Source
This commit is contained in:
Tiago Natel de Moura
2021-11-09 15:48:44 +03:00
parent e878f6d543
commit ff6a7053f5
16 changed files with 578 additions and 349 deletions
Download Patch File Download Diff File Expand all files Collapse all files

201
src/nxt_socketpair.c
View File

@@ -5,7 +5,7 @@
*/
#include <nxt_main.h>
#include <nxt_socket_msg.h>
/*
* SOCK_SEQPACKET protocol is supported for AF_UNIX in Solaris 8 X/Open
@@ -20,12 +20,6 @@
#endif
static ssize_t nxt_sendmsg(nxt_socket_t s, nxt_fd_t *fd, nxt_iobuf_t *iob,
nxt_uint_t niob);
static ssize_t nxt_recvmsg(nxt_socket_t s, nxt_fd_t *fd, nxt_iobuf_t *iob,
nxt_uint_t niob);
nxt_int_t
nxt_socketpair_create(nxt_task_t *task, nxt_socket_t *pair)
{
@@ -52,6 +46,24 @@ nxt_socketpair_create(nxt_task_t *task, nxt_socket_t *pair)
goto fail;
}
#if NXT_HAVE_SOCKOPT_SO_PASSCRED
int enable_creds = 1;
if (nxt_slow_path(setsockopt(pair[0], SOL_SOCKET, SO_PASSCRED,
&enable_creds, sizeof(enable_creds)) == -1))
{
nxt_alert(task, "failed to set SO_PASSCRED %E", nxt_errno);
goto fail;
}
if (nxt_slow_path(setsockopt(pair[1], SOL_SOCKET, SO_PASSCRED,
&enable_creds, sizeof(enable_creds)) == -1))
{
nxt_alert(task, "failed to set SO_PASSCRED %E", nxt_errno);
goto fail;
}
#endif
return NXT_OK;
fail:
@@ -74,11 +86,14 @@ ssize_t
nxt_socketpair_send(nxt_fd_event_t *ev, nxt_fd_t *fd, nxt_iobuf_t *iob,
nxt_uint_t niob)
{
ssize_t n;
nxt_err_t err;
ssize_t n;
nxt_err_t err;
nxt_send_oob_t oob;
nxt_socket_msg_oob_init(&oob, fd);
for ( ;; ) {
n = nxt_sendmsg(ev->fd, fd, iob, niob);
n = nxt_sendmsg(ev->fd, iob, niob, &oob);
err = (n == -1) ? nxt_socket_errno : 0;
@@ -123,19 +138,19 @@ nxt_socketpair_send(nxt_fd_event_t *ev, nxt_fd_t *fd, nxt_iobuf_t *iob,
ssize_t
nxt_socketpair_recv(nxt_fd_event_t *ev, nxt_fd_t *fd, nxt_iobuf_t *iob,
nxt_uint_t niob)
nxt_socketpair_recv(nxt_fd_event_t *ev, nxt_iobuf_t *iob, nxt_uint_t niob,
void *oob)
{
ssize_t n;
nxt_err_t err;
for ( ;; ) {
n = nxt_recvmsg(ev->fd, fd, iob, niob);
n = nxt_recvmsg(ev->fd, iob, niob, oob);
err = (n == -1) ? nxt_socket_errno : 0;
nxt_debug(ev->task, "recvmsg(%d, %FD, %FD, %ui): %z", ev->fd, fd[0],
fd[1], niob, n);
nxt_debug(ev->task, "recvmsg(%d, %ui, %uz): %z",
ev->fd, niob, ((nxt_recv_oob_t *) oob)->size, n);
if (n > 0) {
return n;
@@ -163,162 +178,10 @@ nxt_socketpair_recv(nxt_fd_event_t *ev, nxt_fd_t *fd, nxt_iobuf_t *iob,
continue;
default:
nxt_alert(ev->task, "recvmsg(%d, %p, %ui) failed %E",
ev->fd, fd, niob, err);
nxt_alert(ev->task, "recvmsg(%d, %ui) failed %E",
ev->fd, niob, err);
return NXT_ERROR;
}
}
}
#if (NXT_HAVE_MSGHDR_MSG_CONTROL)
/*
* Linux, FreeBSD, Solaris X/Open sockets,
* MacOSX, NetBSD, AIX, HP-UX X/Open sockets.
*/
static ssize_t
nxt_sendmsg(nxt_socket_t s, nxt_fd_t *fd, nxt_iobuf_t *iob, nxt_uint_t niob)
{
size_t csize;
struct msghdr msg;
union {
struct cmsghdr cm;
char space[CMSG_SPACE(sizeof(int) * 2)];
} cmsg;
msg.msg_name = NULL;
msg.msg_namelen = 0;
msg.msg_iov = iob;
msg.msg_iovlen = niob;
/* Flags are cleared just to suppress valgrind warning. */
msg.msg_flags = 0;
if (fd[0] != -1) {
csize = (fd[1] == -1) ? sizeof(int) : sizeof(int) * 2;
msg.msg_control = (caddr_t) &cmsg;
msg.msg_controllen = CMSG_SPACE(csize);
#if (NXT_VALGRIND)
nxt_memzero(&cmsg, sizeof(cmsg));
#endif
cmsg.cm.cmsg_len = CMSG_LEN(csize);
cmsg.cm.cmsg_level = SOL_SOCKET;
cmsg.cm.cmsg_type = SCM_RIGHTS;
/*
* nxt_memcpy() is used instead of simple
* *(int *) CMSG_DATA(&cmsg.cm) = fd;
* because GCC 4.4 with -O2/3/s optimization may issue a warning:
* dereferencing type-punned pointer will break strict-aliasing rules
*
* Fortunately, GCC with -O1 compiles this nxt_memcpy()
* in the same simple assignment as in the code above.
*/
nxt_memcpy(CMSG_DATA(&cmsg.cm), fd, csize);
} else {
msg.msg_control = NULL;
msg.msg_controllen = 0;
}
return sendmsg(s, &msg, 0);
}
static ssize_t
nxt_recvmsg(nxt_socket_t s, nxt_fd_t *fd, nxt_iobuf_t *iob, nxt_uint_t niob)
{
ssize_t n;
struct msghdr msg;
union {
struct cmsghdr cm;
char space[CMSG_SPACE(sizeof(int) * 2)];
} cmsg;
msg.msg_name = NULL;
msg.msg_namelen = 0;
msg.msg_iov = iob;
msg.msg_iovlen = niob;
msg.msg_control = (caddr_t) &cmsg;
msg.msg_controllen = sizeof(cmsg);
fd[0] = -1;
fd[1] = -1;
#if (NXT_VALGRIND)
nxt_memzero(&cmsg, sizeof(cmsg));
#endif
n = recvmsg(s, &msg, 0);
if (n > 0
&& cmsg.cm.cmsg_level == SOL_SOCKET
&& cmsg.cm.cmsg_type == SCM_RIGHTS)
{
if (cmsg.cm.cmsg_len == CMSG_LEN(sizeof(int))) {
nxt_memcpy(fd, CMSG_DATA(&cmsg.cm), sizeof(int));
}
if (cmsg.cm.cmsg_len == CMSG_LEN(sizeof(int) * 2)) {
nxt_memcpy(fd, CMSG_DATA(&cmsg.cm), sizeof(int) * 2);
}
}
return n;
}
#else
/* Solaris 4.3BSD sockets. */
static ssize_t
nxt_sendmsg(nxt_socket_t s, nxt_fd_t *fd, nxt_iobuf_t *iob, nxt_uint_t niob)
{
struct msghdr msg;
msg.msg_name = NULL;
msg.msg_namelen = 0;
msg.msg_iov = iob;
msg.msg_iovlen = niob;
if (fd[0] != -1) {
msg.msg_accrights = (caddr_t) fd;
msg.msg_accrightslen = sizeof(int);
if (fd[1] != -1) {
msg.msg_accrightslen += sizeof(int);
}
} else {
msg.msg_accrights = NULL;
msg.msg_accrightslen = 0;
}
return sendmsg(s, &msg, 0);
}
static ssize_t
nxt_recvmsg(nxt_socket_t s, nxt_fd_t *fd, nxt_iobuf_t *iob, nxt_uint_t niob)
{
struct msghdr msg;
fd[0] = -1;
fd[1] = -1;
msg.msg_name = NULL;
msg.msg_namelen = 0;
msg.msg_iov = iob;
msg.msg_iovlen = niob;
msg.msg_accrights = (caddr_t) fd;
msg.msg_accrightslen = sizeof(int) * 2;
return recvmsg(s, &msg, 0);
}
#endif