github.com/dolotech/hongbao@v0.0.0-20191130105438-fd59d7a5dda5/src/golang.org/x/sys/unix/creds_test.go (about) 1 // Copyright 2012 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // +build linux 6 7 package unix_test 8 9 import ( 10 "bytes" 11 "net" 12 "os" 13 "syscall" 14 "testing" 15 16 "golang.org/x/sys/unix" 17 ) 18 19 // TestSCMCredentials tests the sending and receiving of credentials 20 // (PID, UID, GID) in an ancillary message between two UNIX 21 // sockets. The SO_PASSCRED socket option is enabled on the sending 22 // socket for this to work. 23 func TestSCMCredentials(t *testing.T) { 24 socketTypeTests := []struct { 25 socketType int 26 dataLen int 27 }{ 28 { 29 unix.SOCK_STREAM, 30 1, 31 }, { 32 unix.SOCK_DGRAM, 33 0, 34 }, 35 } 36 37 for _, tt := range socketTypeTests { 38 fds, err := unix.Socketpair(unix.AF_LOCAL, tt.socketType, 0) 39 if err != nil { 40 t.Fatalf("Socketpair: %v", err) 41 } 42 defer unix.Close(fds[0]) 43 defer unix.Close(fds[1]) 44 45 err = unix.SetsockoptInt(fds[0], unix.SOL_SOCKET, unix.SO_PASSCRED, 1) 46 if err != nil { 47 t.Fatalf("SetsockoptInt: %v", err) 48 } 49 50 srvFile := os.NewFile(uintptr(fds[0]), "server") 51 defer srvFile.Close() 52 srv, err := net.FileConn(srvFile) 53 if err != nil { 54 t.Errorf("FileConn: %v", err) 55 return 56 } 57 defer srv.Close() 58 59 cliFile := os.NewFile(uintptr(fds[1]), "client") 60 defer cliFile.Close() 61 cli, err := net.FileConn(cliFile) 62 if err != nil { 63 t.Errorf("FileConn: %v", err) 64 return 65 } 66 defer cli.Close() 67 68 var ucred unix.Ucred 69 if os.Getuid() != 0 { 70 ucred.Pid = int32(os.Getpid()) 71 ucred.Uid = 0 72 ucred.Gid = 0 73 oob := unix.UnixCredentials(&ucred) 74 _, _, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil) 75 if op, ok := err.(*net.OpError); ok { 76 err = op.Err 77 } 78 if sys, ok := err.(*os.SyscallError); ok { 79 err = sys.Err 80 } 81 if err != syscall.EPERM { 82 t.Fatalf("WriteMsgUnix failed with %v, want EPERM", err) 83 } 84 } 85 86 ucred.Pid = int32(os.Getpid()) 87 ucred.Uid = uint32(os.Getuid()) 88 ucred.Gid = uint32(os.Getgid()) 89 oob := unix.UnixCredentials(&ucred) 90 91 // On SOCK_STREAM, this is internally going to send a dummy byte 92 n, oobn, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil) 93 if err != nil { 94 t.Fatalf("WriteMsgUnix: %v", err) 95 } 96 if n != 0 { 97 t.Fatalf("WriteMsgUnix n = %d, want 0", n) 98 } 99 if oobn != len(oob) { 100 t.Fatalf("WriteMsgUnix oobn = %d, want %d", oobn, len(oob)) 101 } 102 103 oob2 := make([]byte, 10*len(oob)) 104 n, oobn2, flags, _, err := srv.(*net.UnixConn).ReadMsgUnix(nil, oob2) 105 if err != nil { 106 t.Fatalf("ReadMsgUnix: %v", err) 107 } 108 if flags != 0 { 109 t.Fatalf("ReadMsgUnix flags = 0x%x, want 0", flags) 110 } 111 if n != tt.dataLen { 112 t.Fatalf("ReadMsgUnix n = %d, want %d", n, tt.dataLen) 113 } 114 if oobn2 != oobn { 115 // without SO_PASSCRED set on the socket, ReadMsgUnix will 116 // return zero oob bytes 117 t.Fatalf("ReadMsgUnix oobn = %d, want %d", oobn2, oobn) 118 } 119 oob2 = oob2[:oobn2] 120 if !bytes.Equal(oob, oob2) { 121 t.Fatal("ReadMsgUnix oob bytes don't match") 122 } 123 124 scm, err := unix.ParseSocketControlMessage(oob2) 125 if err != nil { 126 t.Fatalf("ParseSocketControlMessage: %v", err) 127 } 128 newUcred, err := unix.ParseUnixCredentials(&scm[0]) 129 if err != nil { 130 t.Fatalf("ParseUnixCredentials: %v", err) 131 } 132 if *newUcred != ucred { 133 t.Fatalf("ParseUnixCredentials = %+v, want %+v", newUcred, ucred) 134 } 135 } 136 }