1 // Copyright 2012 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
16 "golang.org/x/sys/unix"
19 // TestSCMCredentials tests the sending and receiving of credentials
20 // (PID, UID, GID) in an ancillary message between two UNIX
21 // sockets. The SO_PASSCRED socket option is enabled on the sending
22 // socket for this to work.
23 func TestSCMCredentials(t *testing.T) {
24 socketTypeTests := []struct {
37 for _, tt := range socketTypeTests {
38 fds, err := unix.Socketpair(unix.AF_LOCAL, tt.socketType, 0)
40 t.Fatalf("Socketpair: %v", err)
42 defer unix.Close(fds[0])
43 defer unix.Close(fds[1])
45 err = unix.SetsockoptInt(fds[0], unix.SOL_SOCKET, unix.SO_PASSCRED, 1)
47 t.Fatalf("SetsockoptInt: %v", err)
50 srvFile := os.NewFile(uintptr(fds[0]), "server")
52 srv, err := net.FileConn(srvFile)
54 t.Errorf("FileConn: %v", err)
59 cliFile := os.NewFile(uintptr(fds[1]), "client")
61 cli, err := net.FileConn(cliFile)
63 t.Errorf("FileConn: %v", err)
70 ucred.Pid = int32(os.Getpid())
73 oob := unix.UnixCredentials(&ucred)
74 _, _, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil)
75 if op, ok := err.(*net.OpError); ok {
78 if sys, ok := err.(*os.SyscallError); ok {
81 if err != syscall.EPERM {
82 t.Fatalf("WriteMsgUnix failed with %v, want EPERM", err)
86 ucred.Pid = int32(os.Getpid())
87 ucred.Uid = uint32(os.Getuid())
88 ucred.Gid = uint32(os.Getgid())
89 oob := unix.UnixCredentials(&ucred)
91 // On SOCK_STREAM, this is internally going to send a dummy byte
92 n, oobn, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil)
94 t.Fatalf("WriteMsgUnix: %v", err)
97 t.Fatalf("WriteMsgUnix n = %d, want 0", n)
100 t.Fatalf("WriteMsgUnix oobn = %d, want %d", oobn, len(oob))
103 oob2 := make([]byte, 10*len(oob))
104 n, oobn2, flags, _, err := srv.(*net.UnixConn).ReadMsgUnix(nil, oob2)
106 t.Fatalf("ReadMsgUnix: %v", err)
109 t.Fatalf("ReadMsgUnix flags = 0x%x, want 0", flags)
112 t.Fatalf("ReadMsgUnix n = %d, want %d", n, tt.dataLen)
115 // without SO_PASSCRED set on the socket, ReadMsgUnix will
116 // return zero oob bytes
117 t.Fatalf("ReadMsgUnix oobn = %d, want %d", oobn2, oobn)
120 if !bytes.Equal(oob, oob2) {
121 t.Fatal("ReadMsgUnix oob bytes don't match")
124 scm, err := unix.ParseSocketControlMessage(oob2)
126 t.Fatalf("ParseSocketControlMessage: %v", err)
128 newUcred, err := unix.ParseUnixCredentials(&scm[0])
130 t.Fatalf("ParseUnixCredentials: %v", err)
132 if *newUcred != ucred {
133 t.Fatalf("ParseUnixCredentials = %+v, want %+v", newUcred, ucred)