1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
|
/*
* Copyright (C) NGINX, Inc.
*/
#ifndef _NXT_SOCKET_MSG_H_INCLUDED_
#define _NXT_SOCKET_MSG_H_INCLUDED_
#if (NXT_HAVE_UCRED)
#include <sys/un.h>
#endif
#if (NXT_HAVE_UCRED)
#define NXT_CRED_USECMSG 1
#define NXT_CRED_CMSGTYPE SCM_CREDENTIALS
#define NXT_CRED_GETPID(u) (u->pid)
typedef struct ucred nxt_socket_cred_t;
#elif (NXT_HAVE_MSGHDR_CMSGCRED)
#define NXT_CRED_USECMSG 1
#define NXT_CRED_CMSGTYPE SCM_CREDS
#define NXT_CRED_GETPID(u) (u->cmcred_pid)
typedef struct cmsgcred nxt_socket_cred_t;
#endif
#if (NXT_CRED_USECMSG)
#define NXT_OOB_RECV_SIZE \
(CMSG_SPACE(2 * sizeof(int)) + CMSG_SPACE(sizeof(nxt_socket_cred_t)))
#else
#define NXT_OOB_RECV_SIZE \
CMSG_SPACE(2 * sizeof(int))
#endif
#if (NXT_HAVE_MSGHDR_CMSGCRED)
#define NXT_OOB_SEND_SIZE \
(CMSG_SPACE(2 * sizeof(int)) + CMSG_SPACE(sizeof(nxt_socket_cred_t)))
#else
#define NXT_OOB_SEND_SIZE \
CMSG_SPACE(2 * sizeof(int))
#endif
typedef struct {
size_t size;
u_char buf[NXT_OOB_RECV_SIZE];
} nxt_recv_oob_t;
typedef struct {
size_t size;
u_char buf[NXT_OOB_SEND_SIZE];
} nxt_send_oob_t;
/**
* The nxt_sendmsg is a wrapper for sendmsg.
* The oob struct must be initialized using nxt_socket_msg_oob_init().
*/
NXT_EXPORT ssize_t nxt_sendmsg(nxt_socket_t s, nxt_iobuf_t *iob,
nxt_uint_t niob, const nxt_send_oob_t *oob);
/**
* The nxt_recvmsg is a wrapper for recvmsg.
* The oob buffer must be consumed by using nxt_socket_msg_oob_get().
*/
NXT_EXPORT ssize_t nxt_recvmsg(nxt_socket_t s,
nxt_iobuf_t *iob, nxt_uint_t niob, nxt_recv_oob_t *oob);
nxt_inline void
nxt_socket_msg_oob_init(nxt_send_oob_t *oob, int *fds)
{
int nfds;
struct cmsghdr *cmsg;
#if (NXT_HAVE_MSGHDR_CMSGCRED)
cmsg = (struct cmsghdr *) (oob->buf);
/*
* Fill all padding fields with 0.
* Code in Go 1.11 validate cmsghdr using padding field as part of len.
* See Cmsghdr definition and socketControlMessageHeaderAndData function.
*/
nxt_memzero(cmsg, sizeof(struct cmsghdr));
cmsg->cmsg_len = CMSG_LEN(sizeof(nxt_socket_cred_t));
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = NXT_CRED_CMSGTYPE;
oob->size = CMSG_SPACE(sizeof(nxt_socket_cred_t));
#else
oob->size = 0;
#endif
nfds = (fds[0] != -1 ? 1 : 0) + (fds[1] != -1 ? 1 : 0);
if (nfds == 0) {
return;
}
cmsg = (struct cmsghdr *) (oob->buf + oob->size);
nxt_memzero(cmsg, sizeof(struct cmsghdr));
cmsg->cmsg_len = CMSG_LEN(nfds * sizeof(int));
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = SCM_RIGHTS;
/*
* nxt_memcpy() is used instead of simple
* *(int *) CMSG_DATA(&cmsg.cm) = fd;
* because GCC 4.4 with -O2/3/s optimization may issue a warning:
* dereferencing type-punned pointer will break strict-aliasing rules
*
* Fortunately, GCC with -O1 compiles this nxt_memcpy()
* in the same simple assignment as in the code above.
*/
nxt_memcpy(CMSG_DATA(cmsg), fds, nfds * sizeof(int));
oob->size += CMSG_SPACE(nfds * sizeof(int));
}
nxt_inline nxt_int_t
nxt_socket_msg_oob_get_fds(nxt_recv_oob_t *oob, nxt_fd_t *fd)
{
size_t size;
struct msghdr msg;
struct cmsghdr *cmsg;
msg.msg_control = oob->buf;
msg.msg_controllen = oob->size;
for (cmsg = CMSG_FIRSTHDR(&msg);
cmsg != NULL;
cmsg = CMSG_NXTHDR(&msg, cmsg))
{
size = cmsg->cmsg_len - CMSG_LEN(0);
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
if (nxt_slow_path(size != sizeof(int) && size != 2 * sizeof(int))) {
return NXT_ERROR;
}
nxt_memcpy(fd, CMSG_DATA(cmsg), size);
return NXT_OK;
}
}
return NXT_OK;
}
nxt_inline nxt_int_t
nxt_socket_msg_oob_get(nxt_recv_oob_t *oob, nxt_fd_t *fd, nxt_pid_t *pid)
{
size_t size;
struct msghdr msg;
struct cmsghdr *cmsg;
if (oob->size == 0) {
return NXT_OK;
}
#if (NXT_CRED_USECMSG)
*pid = -1;
#endif
msg.msg_control = oob->buf;
msg.msg_controllen = oob->size;
for (cmsg = CMSG_FIRSTHDR(&msg);
cmsg != NULL;
cmsg = CMSG_NXTHDR(&msg, cmsg))
{
size = cmsg->cmsg_len - CMSG_LEN(0);
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
if (nxt_slow_path(size != sizeof(int) && size != 2 * sizeof(int))) {
return NXT_ERROR;
}
nxt_memcpy(fd, CMSG_DATA(cmsg), size);
#if (!NXT_CRED_USECMSG)
break;
#endif
}
#if (NXT_CRED_USECMSG)
else if (cmsg->cmsg_level == SOL_SOCKET
&& cmsg->cmsg_type == NXT_CRED_CMSGTYPE)
{
nxt_socket_cred_t *creds;
if (nxt_slow_path(size != sizeof(nxt_socket_cred_t))) {
return NXT_ERROR;
}
creds = (nxt_socket_cred_t *) CMSG_DATA(cmsg);
*pid = NXT_CRED_GETPID(creds);
}
#endif
}
#if (NXT_CRED_USECMSG)
/* For platforms supporting credential passing, it's enforced */
if (nxt_slow_path(*pid == -1)) {
return NXT_ERROR;
}
#endif
return NXT_OK;
}
#endif /* _NXT_SOCKET_MSG_H_INCLUDED_ */
|
