[Libguestfs] [PATCH nbdkit v2 1/3] server: Add new APIs for reading the client’s SO_PEERCRED.
Richard W.M. Jones
rjones at redhat.com
Mon Oct 5 13:34:35 UTC 2020
On Mon, Oct 05, 2020 at 08:21:50AM -0500, Eric Blake wrote:
> On 10/3/20 1:50 PM, Richard W.M. Jones wrote:
> > New nbdkit_peer_pid, nbdkit_peer_uid and nbdkit_peer_gid calls can be
> > used on Linux (only) to read the peer PID, UID and GID from clients
> > connected over a Unix domain socket. This can be used in the
> > preconnect phase to add additional filtering.
> >
> > One use for this is to add an extra layer of authentication for local
> > connections. A subsequent commit will enhance the now misnamed
> > nbdkit-ip-filter to allow filtering on these extra fields.
> >
> > It appears as if it would be possible to implement this for FreeBSD
> > too (see comment in code).
> > ---
> > docs/nbdkit-plugin.pod | 47 +++++++++++++++--
> > include/nbdkit-common.h | 3 ++
> > server/nbdkit.syms | 3 ++
> > server/public.c | 108 ++++++++++++++++++++++++++++++++++++++++
> > 4 files changed, 156 insertions(+), 5 deletions(-)
> >
>
> > +=head2 C<nbdkit_peer_pid>
> > +
> > +(nbdkit E<ge> 1.24)
> > +
> > + int nbdkit_peer_pid (void);
> > +
> > +Return the peer process ID. This is only available when the client
> > +connected over a Unix domain socket, and only works for Linux.
> > +
> > +On success this returns the peer process ID. On error,
> > +C<nbdkit_error> is called and this call returns C<-1>.
>
> Is int always going to be sufficient? Or are there platforms with
> 64-bit pid_t? Mingw is an interesting beast; I've seen conflicting
> stories on whether 64-bit windows has 32- or 64-bit pids (the spawn APIs
> manage 64-bit handles, but other windows APIs return 32-bit int), so
> 64-bit pid_t on mingw does seem to be a real concern.
>
> > +
> > +=head2 C<nbdkit_peer_uid>
> > +
> > +(nbdkit E<ge> 1.24)
> > +
> > + int nbdkit_peer_uid (void);
> > +
> > +Return the peer user ID. This is only available when the client
> > +connected over a Unix domain socket, and only works for Linux.
> > +
> > +On success this returns the user ID. On error, C<nbdkit_error> is
> > +called and this call returns C<-1>.
> > +
> > +=head2 C<nbdkit_peer_gid>
> > +
> > +(nbdkit E<ge> 1.24)
> > +
> > + int nbdkit_peer_gid (void);
>
> int for these two is probably fine.
>
> > +
> > +Return the peer group ID. This is only available when the client
> > +connected over a Unix domain socket, and only works for Linux.
> > +
> > +On success this returns the user ID. On error, C<nbdkit_error> is
> > +called and this call returns C<-1>.
> > +
> > =head1 DEBUGGING
> >
>
> > +static int
> > +get_peercred (int s, int *pid, int *uid, int *gid)
> > +{
> > + struct ucred ucred;
> > + socklen_t n = sizeof ucred;
> > +
> > + if (getsockopt (s, SOL_SOCKET, SO_PEERCRED, &ucred, &n) == -1) {
> > + nbdkit_error ("getsockopt: SO_PEERCRED: %m");
> > + return -1;
> > + }
> > +
> > + if (pid && ucred.pid >= 1) {
> > + if (ucred.pid <= INT_MAX)
> > + *pid = ucred.pid;
> > + else
> > + nbdkit_error ("pid out of range: cannot be mapped to int");
> > + }
>
> well, at least you are acknowledging that int might not always map to pid_t.
>
> Otherwise, looks fine to me.
I wonder if I should just change all of them to int64_t?
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org
More information about the Libguestfs
mailing list