mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-29 07:29:31 +01:00
Output unix socket credentials where applicable
thanks @ajaspers!
This commit is contained in:
parent
e990bc9baa
commit
f12384c5a6
@ -9,6 +9,7 @@ import (
|
||||
"net"
|
||||
"regexp"
|
||||
"strings"
|
||||
"syscall"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -195,10 +196,24 @@ func HandleXForwardedFor(remoteAddr string, xForwardedFor string, whitelist []ne
|
||||
return
|
||||
}
|
||||
|
||||
func DescribeConn(conn net.Conn) string {
|
||||
// XXX for unix domain sockets, this is not informative enough for an operator
|
||||
// to determine who holds the other side of the connection. there seems to be
|
||||
// no way to get either the correct file descriptor of the connection, or the
|
||||
// udiag_ino from `man 7 sock_diag`. maybe there's something else we can do?
|
||||
// Output a description of a connection that can identify it to other systems
|
||||
// administration tools.
|
||||
func DescribeConn(c net.Conn) (description string) {
|
||||
description = "<error>"
|
||||
switch conn := c.(type) {
|
||||
case *net.UnixConn:
|
||||
f, err := conn.File()
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
defer f.Close()
|
||||
ucred, err := syscall.GetsockoptUcred(int(f.Fd()), syscall.SOL_SOCKET, syscall.SO_PEERCRED)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
return fmt.Sprintf("%s <-> %s [pid=%d, uid=%d]", conn.LocalAddr().String(), conn.RemoteAddr().String(), ucred.Pid, ucred.Uid)
|
||||
default:
|
||||
// *net.TCPConn or *tls.Conn
|
||||
return fmt.Sprintf("%s <-> %s", conn.LocalAddr().String(), conn.RemoteAddr().String())
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user