github.com/Aayushi-Bansal/sys@v0.0.0-20180118120756-90d962a959d8/unix/creds_test.go (about) 1 // Copyright 2012 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // +build linux 6 7 package unix_test 8 9 import ( 10 "bytes" 11 "go/build" 12 "net" 13 "os" 14 "syscall" 15 "testing" 16 17 "golang.org/x/sys/unix" 18 ) 19 20 // TestSCMCredentials tests the sending and receiving of credentials 21 // (PID, UID, GID) in an ancillary message between two UNIX 22 // sockets. The SO_PASSCRED socket option is enabled on the sending 23 // socket for this to work. 24 func TestSCMCredentials(t *testing.T) { 25 socketTypeTests := []struct { 26 socketType int 27 dataLen int 28 }{ 29 { 30 unix.SOCK_STREAM, 31 1, 32 }, { 33 unix.SOCK_DGRAM, 34 0, 35 }, 36 } 37 38 for _, tt := range socketTypeTests { 39 if tt.socketType == unix.SOCK_DGRAM && !atLeast1p10() { 40 t.Log("skipping DGRAM test on pre-1.10") 41 continue 42 } 43 44 fds, err := unix.Socketpair(unix.AF_LOCAL, tt.socketType, 0) 45 if err != nil { 46 t.Fatalf("Socketpair: %v", err) 47 } 48 defer unix.Close(fds[0]) 49 defer unix.Close(fds[1]) 50 51 err = unix.SetsockoptInt(fds[0], unix.SOL_SOCKET, unix.SO_PASSCRED, 1) 52 if err != nil { 53 t.Fatalf("SetsockoptInt: %v", err) 54 } 55 56 srvFile := os.NewFile(uintptr(fds[0]), "server") 57 defer srvFile.Close() 58 srv, err := net.FileConn(srvFile) 59 if err != nil { 60 t.Errorf("FileConn: %v", err) 61 return 62 } 63 defer srv.Close() 64 65 cliFile := os.NewFile(uintptr(fds[1]), "client") 66 defer cliFile.Close() 67 cli, err := net.FileConn(cliFile) 68 if err != nil { 69 t.Errorf("FileConn: %v", err) 70 return 71 } 72 defer cli.Close() 73 74 var ucred unix.Ucred 75 if os.Getuid() != 0 { 76 ucred.Pid = int32(os.Getpid()) 77 ucred.Uid = 0 78 ucred.Gid = 0 79 oob := unix.UnixCredentials(&ucred) 80 _, _, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil) 81 if op, ok := err.(*net.OpError); ok { 82 err = op.Err 83 } 84 if sys, ok := err.(*os.SyscallError); ok { 85 err = sys.Err 86 } 87 if err != syscall.EPERM { 88 t.Fatalf("WriteMsgUnix failed with %v, want EPERM", err) 89 } 90 } 91 92 ucred.Pid = int32(os.Getpid()) 93 ucred.Uid = uint32(os.Getuid()) 94 ucred.Gid = uint32(os.Getgid()) 95 oob := unix.UnixCredentials(&ucred) 96 97 // On SOCK_STREAM, this is internally going to send a dummy byte 98 n, oobn, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil) 99 if err != nil { 100 t.Fatalf("WriteMsgUnix: %v", err) 101 } 102 if n != 0 { 103 t.Fatalf("WriteMsgUnix n = %d, want 0", n) 104 } 105 if oobn != len(oob) { 106 t.Fatalf("WriteMsgUnix oobn = %d, want %d", oobn, len(oob)) 107 } 108 109 oob2 := make([]byte, 10*len(oob)) 110 n, oobn2, flags, _, err := srv.(*net.UnixConn).ReadMsgUnix(nil, oob2) 111 if err != nil { 112 t.Fatalf("ReadMsgUnix: %v", err) 113 } 114 if flags != 0 { 115 t.Fatalf("ReadMsgUnix flags = 0x%x, want 0", flags) 116 } 117 if n != tt.dataLen { 118 t.Fatalf("ReadMsgUnix n = %d, want %d", n, tt.dataLen) 119 } 120 if oobn2 != oobn { 121 // without SO_PASSCRED set on the socket, ReadMsgUnix will 122 // return zero oob bytes 123 t.Fatalf("ReadMsgUnix oobn = %d, want %d", oobn2, oobn) 124 } 125 oob2 = oob2[:oobn2] 126 if !bytes.Equal(oob, oob2) { 127 t.Fatal("ReadMsgUnix oob bytes don't match") 128 } 129 130 scm, err := unix.ParseSocketControlMessage(oob2) 131 if err != nil { 132 t.Fatalf("ParseSocketControlMessage: %v", err) 133 } 134 newUcred, err := unix.ParseUnixCredentials(&scm[0]) 135 if err != nil { 136 t.Fatalf("ParseUnixCredentials: %v", err) 137 } 138 if *newUcred != ucred { 139 t.Fatalf("ParseUnixCredentials = %+v, want %+v", newUcred, ucred) 140 } 141 } 142 } 143 144 // atLeast1p10 reports whether we are running on Go 1.10 or later. 145 func atLeast1p10() bool { 146 for _, ver := range build.Default.ReleaseTags { 147 if ver == "go1.10" { 148 return true 149 } 150 } 151 return false 152 }