github.com/etecs-ru/go-sys-wineventlog@v0.0.0-20210227233244-4c3abb794018/unix/creds_test.go

github.com/etecs-ru/go-sys-wineventlog@v0.0.0-20210227233244-4c3abb794018/unix/creds_test.go (about)

     1  // Copyright 2012 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build linux
     6  // +build linux
     7  
     8  package unix_test
     9  
    10  import (
    11  	"bytes"
    12  	"net"
    13  	"os"
    14  	"testing"
    15  
    16  	"golang.org/x/sys/unix"
    17  )
    18  
    19  // TestSCMCredentials tests the sending and receiving of credentials
    20  // (PID, UID, GID) in an ancillary message between two UNIX
    21  // sockets. The SO_PASSCRED socket option is enabled on the sending
    22  // socket for this to work.
    23  func TestSCMCredentials(t *testing.T) {
    24  	socketTypeTests := []struct {
    25  		socketType int
    26  		dataLen    int
    27  	}{
    28  		{
    29  			unix.SOCK_STREAM,
    30  			1,
    31  		}, {
    32  			unix.SOCK_DGRAM,
    33  			0,
    34  		},
    35  	}
    36  
    37  	for _, tt := range socketTypeTests {
    38  		fds, err := unix.Socketpair(unix.AF_LOCAL, tt.socketType, 0)
    39  		if err != nil {
    40  			t.Fatalf("Socketpair: %v", err)
    41  		}
    42  		defer unix.Close(fds[0])
    43  		defer unix.Close(fds[1])
    44  
    45  		err = unix.SetsockoptInt(fds[0], unix.SOL_SOCKET, unix.SO_PASSCRED, 1)
    46  		if err != nil {
    47  			t.Fatalf("SetsockoptInt: %v", err)
    48  		}
    49  
    50  		srvFile := os.NewFile(uintptr(fds[0]), "server")
    51  		defer srvFile.Close()
    52  		srv, err := net.FileConn(srvFile)
    53  		if err != nil {
    54  			t.Errorf("FileConn: %v", err)
    55  			return
    56  		}
    57  		defer srv.Close()
    58  
    59  		cliFile := os.NewFile(uintptr(fds[1]), "client")
    60  		defer cliFile.Close()
    61  		cli, err := net.FileConn(cliFile)
    62  		if err != nil {
    63  			t.Errorf("FileConn: %v", err)
    64  			return
    65  		}
    66  		defer cli.Close()
    67  
    68  		var ucred unix.Ucred
    69  		ucred.Pid = int32(os.Getpid())
    70  		ucred.Uid = uint32(os.Getuid())
    71  		ucred.Gid = uint32(os.Getgid())
    72  		oob := unix.UnixCredentials(&ucred)
    73  
    74  		// On SOCK_STREAM, this is internally going to send a dummy byte
    75  		n, oobn, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil)
    76  		if err != nil {
    77  			t.Fatalf("WriteMsgUnix: %v", err)
    78  		}
    79  		if n != 0 {
    80  			t.Fatalf("WriteMsgUnix n = %d, want 0", n)
    81  		}
    82  		if oobn != len(oob) {
    83  			t.Fatalf("WriteMsgUnix oobn = %d, want %d", oobn, len(oob))
    84  		}
    85  
    86  		oob2 := make([]byte, 10*len(oob))
    87  		n, oobn2, flags, _, err := srv.(*net.UnixConn).ReadMsgUnix(nil, oob2)
    88  		if err != nil {
    89  			t.Fatalf("ReadMsgUnix: %v", err)
    90  		}
    91  		if flags != 0 {
    92  			t.Fatalf("ReadMsgUnix flags = 0x%x, want 0", flags)
    93  		}
    94  		if n != tt.dataLen {
    95  			t.Fatalf("ReadMsgUnix n = %d, want %d", n, tt.dataLen)
    96  		}
    97  		if oobn2 != oobn {
    98  			// without SO_PASSCRED set on the socket, ReadMsgUnix will
    99  			// return zero oob bytes
   100  			t.Fatalf("ReadMsgUnix oobn = %d, want %d", oobn2, oobn)
   101  		}
   102  		oob2 = oob2[:oobn2]
   103  		if !bytes.Equal(oob, oob2) {
   104  			t.Fatal("ReadMsgUnix oob bytes don't match")
   105  		}
   106  
   107  		scm, err := unix.ParseSocketControlMessage(oob2)
   108  		if err != nil {
   109  			t.Fatalf("ParseSocketControlMessage: %v", err)
   110  		}
   111  		newUcred, err := unix.ParseUnixCredentials(&scm[0])
   112  		if err != nil {
   113  			t.Fatalf("ParseUnixCredentials: %v", err)
   114  		}
   115  		if *newUcred != ucred {
   116  			t.Fatalf("ParseUnixCredentials = %+v, want %+v", newUcred, ucred)
   117  		}
   118  	}
   119  }