1 /*
2 * Copyright (C) NGINX, Inc.
3 */
4
5 #ifndef _NXT_SOCKET_MSG_H_INCLUDED_
6 #define _NXT_SOCKET_MSG_H_INCLUDED_
7
8 #if (NXT_HAVE_UCRED)
9 #include <sys/un.h>
10 #endif
11
12
13 #if (NXT_HAVE_UCRED)
14 #define NXT_CRED_USECMSG 1
15 #define NXT_CRED_CMSGTYPE SCM_CREDENTIALS
16 #define NXT_CRED_GETPID(u) (u->pid)
17
18 typedef struct ucred nxt_socket_cred_t;
19
20 #elif (NXT_HAVE_MSGHDR_CMSGCRED)
21 #define NXT_CRED_USECMSG 1
22 #define NXT_CRED_CMSGTYPE SCM_CREDS
23 #define NXT_CRED_GETPID(u) (u->cmcred_pid)
24
25 typedef struct cmsgcred nxt_socket_cred_t;
26 #endif
27
28 #if (NXT_CRED_USECMSG)
29 #define NXT_OOB_RECV_SIZE \
30 (CMSG_SPACE(2 * sizeof(int)) + CMSG_SPACE(sizeof(nxt_socket_cred_t)))
31 #else
32 #define NXT_OOB_RECV_SIZE \
33 CMSG_SPACE(2 * sizeof(int))
34 #endif
35
36 #if (NXT_HAVE_MSGHDR_CMSGCRED)
37 #define NXT_OOB_SEND_SIZE \
38 (CMSG_SPACE(2 * sizeof(int)) + CMSG_SPACE(sizeof(nxt_socket_cred_t)))
39 #else
40 #define NXT_OOB_SEND_SIZE \
41 CMSG_SPACE(2 * sizeof(int))
42 #endif
43
44
45 typedef struct {
46 size_t size;
47 u_char buf[NXT_OOB_RECV_SIZE];
48 } nxt_recv_oob_t;
49
50
51 typedef struct {
52 size_t size;
53 u_char buf[NXT_OOB_SEND_SIZE];
54 } nxt_send_oob_t;
55
56
57 /**
58 * The nxt_sendmsg is a wrapper for sendmsg.
59 * The oob struct must be initialized using nxt_socket_msg_oob_init().
60 */
61 NXT_EXPORT ssize_t nxt_sendmsg(nxt_socket_t s, nxt_iobuf_t *iob,
62 nxt_uint_t niob, const nxt_send_oob_t *oob);
63
64 /**
65 * The nxt_recvmsg is a wrapper for recvmsg.
66 * The oob buffer must be consumed by using nxt_socket_msg_oob_get().
67 */
68 NXT_EXPORT ssize_t nxt_recvmsg(nxt_socket_t s,
69 nxt_iobuf_t *iob, nxt_uint_t niob, nxt_recv_oob_t *oob);
70
71
72 nxt_inline struct cmsghdr *
NXT_CMSG_NXTHDR(struct msghdr * msgh,struct cmsghdr * cmsg)73 NXT_CMSG_NXTHDR(struct msghdr *msgh, struct cmsghdr *cmsg)
74 {
75 #if !defined(__GLIBC__) && defined(__clang__)
76 #pragma clang diagnostic push
77 #pragma clang diagnostic ignored "-Wsign-compare"
78 #endif
79 return CMSG_NXTHDR(msgh, cmsg);
80 #if !defined(__GLIBC__) && defined(__clang__)
81 #pragma clang diagnostic pop
82 #endif
83 }
84
85
86 nxt_inline void
nxt_socket_msg_oob_init(nxt_send_oob_t * oob,int * fds)87 nxt_socket_msg_oob_init(nxt_send_oob_t *oob, int *fds)
88 {
89 int nfds;
90 struct cmsghdr *cmsg;
91
92 #if (NXT_HAVE_MSGHDR_CMSGCRED)
93 cmsg = (struct cmsghdr *) (oob->buf);
94 /*
95 * Fill all padding fields with 0.
96 * Code in Go 1.11 validate cmsghdr using padding field as part of len.
97 * See Cmsghdr definition and socketControlMessageHeaderAndData function.
98 */
99 nxt_memzero(cmsg, sizeof(struct cmsghdr));
100
101 cmsg->cmsg_len = CMSG_LEN(sizeof(nxt_socket_cred_t));
102 cmsg->cmsg_level = SOL_SOCKET;
103 cmsg->cmsg_type = NXT_CRED_CMSGTYPE;
104
105 oob->size = CMSG_SPACE(sizeof(nxt_socket_cred_t));
106
107 #else
108 oob->size = 0;
109 #endif
110
111 nfds = (fds[0] != -1 ? 1 : 0) + (fds[1] != -1 ? 1 : 0);
112
113 if (nfds == 0) {
114 return;
115 }
116
117 cmsg = (struct cmsghdr *) (oob->buf + oob->size);
118
119 nxt_memzero(cmsg, sizeof(struct cmsghdr));
120
121 cmsg->cmsg_len = CMSG_LEN(nfds * sizeof(int));
122 cmsg->cmsg_level = SOL_SOCKET;
123 cmsg->cmsg_type = SCM_RIGHTS;
124
125 /*
126 * nxt_memcpy() is used instead of simple
127 * *(int *) CMSG_DATA(&cmsg.cm) = fd;
128 * because GCC 4.4 with -O2/3/s optimization may issue a warning:
129 * dereferencing type-punned pointer will break strict-aliasing rules
130 *
131 * Fortunately, GCC with -O1 compiles this nxt_memcpy()
132 * in the same simple assignment as in the code above.
133 */
134 nxt_memcpy(CMSG_DATA(cmsg), fds, nfds * sizeof(int));
135
136 oob->size += CMSG_SPACE(nfds * sizeof(int));
137 }
138
139
140 nxt_inline nxt_int_t
nxt_socket_msg_oob_get_fds(nxt_recv_oob_t * oob,nxt_fd_t * fd)141 nxt_socket_msg_oob_get_fds(nxt_recv_oob_t *oob, nxt_fd_t *fd)
142 {
143 size_t size;
144 struct msghdr msg;
145 struct cmsghdr *cmsg;
146
147 msg.msg_control = oob->buf;
148 msg.msg_controllen = oob->size;
149
150 for (cmsg = CMSG_FIRSTHDR(&msg);
151 cmsg != NULL;
152 cmsg = NXT_CMSG_NXTHDR(&msg, cmsg))
153 {
154 size = cmsg->cmsg_len - CMSG_LEN(0);
155
156 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
157 if (nxt_slow_path(size != sizeof(int) && size != 2 * sizeof(int))) {
158 return NXT_ERROR;
159 }
160
161 nxt_memcpy(fd, CMSG_DATA(cmsg), size);
162
163 return NXT_OK;
164 }
165 }
166
167 return NXT_OK;
168 }
169
170
171 nxt_inline nxt_int_t
nxt_socket_msg_oob_get(nxt_recv_oob_t * oob,nxt_fd_t * fd,nxt_pid_t * pid)172 nxt_socket_msg_oob_get(nxt_recv_oob_t *oob, nxt_fd_t *fd, nxt_pid_t *pid)
173 {
174 size_t size;
175 struct msghdr msg;
176 struct cmsghdr *cmsg;
177
178 if (oob->size == 0) {
179 return NXT_OK;
180 }
181
182 #if (NXT_CRED_USECMSG)
183 *pid = -1;
184 #endif
185
186 msg.msg_control = oob->buf;
187 msg.msg_controllen = oob->size;
188
189 for (cmsg = CMSG_FIRSTHDR(&msg);
190 cmsg != NULL;
191 cmsg = NXT_CMSG_NXTHDR(&msg, cmsg))
192 {
193 size = cmsg->cmsg_len - CMSG_LEN(0);
194
195 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
196 if (nxt_slow_path(size != sizeof(int) && size != 2 * sizeof(int))) {
197 return NXT_ERROR;
198 }
199
200 nxt_memcpy(fd, CMSG_DATA(cmsg), size);
201
202 #if (!NXT_CRED_USECMSG)
203 break;
204 #endif
205 }
206
207 #if (NXT_CRED_USECMSG)
208 else if (cmsg->cmsg_level == SOL_SOCKET
209 && cmsg->cmsg_type == NXT_CRED_CMSGTYPE)
210 {
211 nxt_socket_cred_t *creds;
212
213 if (nxt_slow_path(size != sizeof(nxt_socket_cred_t))) {
214 return NXT_ERROR;
215 }
216
217 creds = (nxt_socket_cred_t *) CMSG_DATA(cmsg);
218 *pid = NXT_CRED_GETPID(creds);
219 }
220 #endif
221 }
222
223 #if (NXT_CRED_USECMSG)
224 /* For platforms supporting credential passing, it's enforced */
225 if (nxt_slow_path(*pid == -1)) {
226 return NXT_ERROR;
227 }
228 #endif
229
230 return NXT_OK;
231 }
232
233
234 #endif /* _NXT_SOCKET_MSG_H_INCLUDED_ */
235