3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-29 07:29:31 +01:00

Output unix socket credentials where applicable

thanks @ajaspers!
This commit is contained in:
Shivaram Lingamneni 2020-09-24 10:59:30 -04:00
parent e990bc9baa
commit f12384c5a6

View File

@ -9,6 +9,7 @@ import (
"net"
"regexp"
"strings"
"syscall"
)
var (
@ -195,10 +196,24 @@ func HandleXForwardedFor(remoteAddr string, xForwardedFor string, whitelist []ne
return
}
func DescribeConn(conn net.Conn) string {
// XXX for unix domain sockets, this is not informative enough for an operator
// to determine who holds the other side of the connection. there seems to be
// no way to get either the correct file descriptor of the connection, or the
// udiag_ino from `man 7 sock_diag`. maybe there's something else we can do?
// Output a description of a connection that can identify it to other systems
// administration tools.
func DescribeConn(c net.Conn) (description string) {
description = "<error>"
switch conn := c.(type) {
case *net.UnixConn:
f, err := conn.File()
if err != nil {
return
}
defer f.Close()
ucred, err := syscall.GetsockoptUcred(int(f.Fd()), syscall.SOL_SOCKET, syscall.SO_PEERCRED)
if err != nil {
return
}
return fmt.Sprintf("%s <-> %s [pid=%d, uid=%d]", conn.LocalAddr().String(), conn.RemoteAddr().String(), ucred.Pid, ucred.Uid)
default:
// *net.TCPConn or *tls.Conn
return fmt.Sprintf("%s <-> %s", conn.LocalAddr().String(), conn.RemoteAddr().String())
}
}