Introduced SCM_CREDENTIALS / SCM_CREDS in the socket control msgs.

nginx · Nov 9, 2021 · ff6a705 · ff6a705
1 parent e878f6d
commit ff6a705
Show file tree

Hide file tree

Showing 16 changed files with 578 additions and 349 deletions.
diff --git a/auto/make b/auto/make
@@ -59,6 +59,7 @@ $echo >> $NXT_MAKEFILE
 $echo "NXT_LIB_UNIT_OBJS = \\" >> $NXT_MAKEFILE
 $echo "	$NXT_BUILD_DIR/src/nxt_lvlhsh.o \\" >> $NXT_MAKEFILE
 $echo "	$NXT_BUILD_DIR/src/nxt_murmur_hash.o \\" >> $NXT_MAKEFILE
+$echo "	$NXT_BUILD_DIR/src/nxt_socket_msg.o \\" >> $NXT_MAKEFILE
 $echo "	$NXT_BUILD_DIR/src/nxt_websocket.o \\" >> $NXT_MAKEFILE
 
 for nxt_src in $NXT_LIB_UNIT_SRCS

diff --git a/auto/sockets b/auto/sockets
@@ -158,6 +158,58 @@ nxt_feature_test="#include <stdio.h>
                   }"
 . auto/feature
 
+if [ $nxt_found = no ]; then
+    $echo
+    $echo $0: error: no msghdr.msg_control struct member.
+    $echo
+    exit 1;
+fi
+
+
+nxt_feature="sockopt SO_PASSCRED"
+nxt_feature_name=NXT_HAVE_SOCKOPT_SO_PASSCRED
+nxt_feature_run=
+nxt_feature_incs=
+nxt_feature_libs=
+nxt_feature_test="#define _GNU_SOURCE
+                  #include <sys/socket.h>
+
+                  int main() {
+                      return SO_PASSCRED == 0;
+                  }"
+. auto/feature
+
+
+if [ $nxt_found = yes ]; then
+    nxt_feature="struct ucred"
+    nxt_feature_name=NXT_HAVE_UCRED
+    nxt_feature_run=
+    nxt_feature_incs=
+    nxt_feature_libs=
+    nxt_feature_test="#define _GNU_SOURCE
+                      #include <sys/socket.h>
+                      #include <sys/un.h>
+
+                      int main() {
+                          return sizeof(struct ucred);
+                      }"
+    . auto/feature
+fi
+
+
+nxt_feature="struct cmsgcred"
+nxt_feature_name=NXT_HAVE_MSGHDR_CMSGCRED
+nxt_feature_run=
+nxt_feature_incs=
+nxt_feature_libs=
+nxt_feature_test="#define _GNU_SOURCE
+                  #include <sys/socket.h>
+
+                  int main() {
+                      return sizeof(struct cmsgcred);
+                  }"
+. auto/feature
+
 
 nxt_feature="sys/filio.h"
 nxt_feature_name=NXT_HAVE_SYS_FILIO_H

diff --git a/auto/sources b/auto/sources
@@ -13,6 +13,7 @@ NXT_LIB_SRCS=" \
     src/nxt_mem_map.c \
     src/nxt_socket.c \
     src/nxt_socketpair.c \
+    src/nxt_socket_msg.c \
     src/nxt_credential.c \
     src/nxt_isolation.c \
     src/nxt_process.c \

diff --git a/go/nxt_cgo_lib.c b/go/nxt_cgo_lib.c
@@ -10,10 +10,10 @@
 #include <nxt_unit_request.h>
 
 
-static ssize_t nxt_cgo_port_send(nxt_unit_ctx_t *, nxt_unit_port_t *port,
+static ssize_t nxt_cgo_port_send(nxt_unit_ctx_t *ctx, nxt_unit_port_t *port,
     const void *buf, size_t buf_size, const void *oob, size_t oob_size);
-static ssize_t nxt_cgo_port_recv(nxt_unit_ctx_t *, nxt_unit_port_t *port,
-    void *buf, size_t buf_size, void *oob, size_t oob_size);
+static ssize_t nxt_cgo_port_recv(nxt_unit_ctx_t *ctx, nxt_unit_port_t *port,
+    void *buf, size_t buf_size, void *oob, size_t *oob_size);
 
 int
 nxt_cgo_run(uintptr_t handler)
@@ -58,7 +58,7 @@ nxt_cgo_port_send(nxt_unit_ctx_t *ctx, nxt_unit_port_t *port,
 
 static ssize_t
 nxt_cgo_port_recv(nxt_unit_ctx_t *ctx, nxt_unit_port_t *port,
-    void *buf, size_t buf_size, void *oob, size_t oob_size)
+    void *buf, size_t buf_size, void *oob, size_t *oob_size)
 {
     return nxt_go_port_recv(port->id.pid, port->id.id,
                             buf, buf_size, oob, oob_size);

diff --git a/go/port.go b/go/port.go
@@ -169,7 +169,7 @@ func nxt_go_port_send(pid C.int, id C.int, buf unsafe.Pointer, buf_size C.int,
 
 //export nxt_go_port_recv
 func nxt_go_port_recv(pid C.int, id C.int, buf unsafe.Pointer, buf_size C.int,
-	oob unsafe.Pointer, oob_size C.int) C.ssize_t {
+	oob unsafe.Pointer, oob_size *C.size_t) C.ssize_t {
 
 	key := port_key{
 		pid: int(pid),
@@ -184,7 +184,7 @@ func nxt_go_port_recv(pid C.int, id C.int, buf unsafe.Pointer, buf_size C.int,
 	}
 
 	n, oobn, _, _, err := p.rcv.ReadMsgUnix(GoBytes(buf, buf_size),
-		GoBytes(oob, oob_size))
+		GoBytes(oob, C.int(*oob_size)))
 
 	if err != nil {
 		if nerr, ok := err.(*net.OpError); ok {
@@ -196,6 +196,9 @@ func nxt_go_port_recv(pid C.int, id C.int, buf unsafe.Pointer, buf_size C.int,
 		nxt_go_warn("read result %d (%d), %s", n, oobn, err)
 
 		n = -1
+
+	} else {
+		*oob_size = C.size_t(oobn)
 	}
 
 	return C.ssize_t(n)

diff --git a/src/nxt_cert.c b/src/nxt_cert.c
@@ -1135,7 +1135,17 @@ nxt_cert_store_get_handler(nxt_task_t *task, nxt_port_recv_msg_t *msg)
     port = nxt_runtime_port_find(task->thread->runtime, msg->port_msg.pid,
                                  msg->port_msg.reply_port);
 
-    if (port == NULL) {
+    if (nxt_slow_path(port == NULL)) {
+        nxt_alert(task, "process port not found (pid %PI, reply_port %d)",
+                  msg->port_msg.pid, msg->port_msg.reply_port);
+        return;
+    }
+
+    if (nxt_slow_path(port->type != NXT_PROCESS_CONTROLLER
+                      && port->type != NXT_PROCESS_ROUTER))
+    {
+        nxt_alert(task, "process %PI cannot store certificates",
+                  msg->port_msg.pid);
         return;
     }
 
@@ -1206,10 +1216,23 @@ nxt_cert_store_delete_handler(nxt_task_t *task, nxt_port_recv_msg_t *msg)
 {
     u_char           *p;
     nxt_str_t        name;
+    nxt_port_t       *ctl_port;
     nxt_runtime_t    *rt;
     nxt_file_name_t  *path;
 
     rt = task->thread->runtime;
+    ctl_port = rt->port_by_type[NXT_PROCESS_CONTROLLER];
+
+    if (nxt_slow_path(ctl_port == NULL)) {
+        nxt_alert(task, "controller port not found");
+        return;
+    }
+
+    if (nxt_slow_path(nxt_recv_msg_cmsg_pid(msg) != ctl_port->pid)) {
+        nxt_alert(task, "process %PI cannot delete certificates",
+                  nxt_recv_msg_cmsg_pid(msg));
+        return;
+    }
 
     if (nxt_slow_path(rt->certs.start == NULL)) {
         nxt_alert(task, "no certificates storage directory");

diff --git a/src/nxt_main_process.c b/src/nxt_main_process.c
@@ -355,6 +355,19 @@ nxt_port_main_start_process_handler(nxt_task_t *task, nxt_port_recv_msg_t *msg)
 
     rt = task->thread->runtime;
 
+    port = rt->port_by_type[NXT_PROCESS_ROUTER];
+    if (nxt_slow_path(port == NULL)) {
+        nxt_alert(task, "router port not found");
+        return;
+    }
+
+    if (nxt_slow_path(port->pid != nxt_recv_msg_cmsg_pid(msg))) {
+        nxt_alert(task, "process %PI cannot start processes",
+                  nxt_recv_msg_cmsg_pid(msg));
+
+        return;
+    }
+
     process = nxt_main_process_new(task, rt);
     if (nxt_slow_path(process == NULL)) {
         return;
@@ -1023,6 +1036,13 @@ nxt_main_port_socket_handler(nxt_task_t *task, nxt_port_recv_msg_t *msg)
         return;
     }
 
+    if (nxt_slow_path(port->type != NXT_PROCESS_ROUTER)) {
+        nxt_alert(task, "process %PI cannot create listener sockets",
+                  msg->port_msg.pid);
+
+        return;
+    }
+
     b = msg->buf;
     sa = (nxt_sockaddr_t *) b->mem.pos;
 
@@ -1266,6 +1286,7 @@ nxt_main_port_modules_handler(nxt_task_t *task, nxt_port_recv_msg_t *msg)
     rt = task->thread->runtime;
 
     if (msg->port_msg.pid != rt->port_by_type[NXT_PROCESS_DISCOVERY]->pid) {
+        nxt_alert(task, "process %PI cannot send modules", msg->port_msg.pid);
         return;
     }
 
@@ -1428,9 +1449,19 @@ nxt_main_port_conf_store_handler(nxt_task_t *task, nxt_port_recv_msg_t *msg)
     void           *p;
     size_t         n, size;
     nxt_int_t      ret;
+    nxt_port_t     *ctl_port;
     nxt_runtime_t  *rt;
     u_char         ver[NXT_INT_T_LEN];
 
+    rt = task->thread->runtime;
+
+    ctl_port = rt->port_by_type[NXT_PROCESS_CONTROLLER];
+
+    if (nxt_slow_path(msg->port_msg.pid != ctl_port->pid)) {
+        nxt_alert(task, "process %PI cannot store conf", msg->port_msg.pid);
+        return;
+    }
+
     p = MAP_FAILED;
 
     /*
@@ -1463,8 +1494,6 @@ nxt_main_port_conf_store_handler(nxt_task_t *task, nxt_port_recv_msg_t *msg)
 
     nxt_debug(task, "conf_store_handler(%uz): %*s", size, size, p);
 
-    rt = task->thread->runtime;
-
     if (nxt_conf_ver != NXT_VERNUM) {
         n = nxt_sprintf(ver, ver + NXT_INT_T_LEN, "%d", NXT_VERNUM) - ver;
 

diff --git a/src/nxt_port.h b/src/nxt_port.h
@@ -153,7 +153,9 @@ typedef enum {
 /* Passed as a first iov chunk. */
 typedef struct {
     uint32_t             stream;
-    nxt_pid_t            pid;
+
+    nxt_pid_t            pid;       /* not used on Linux and FreeBSD */
+
     nxt_port_id_t        reply_port;
 
     uint8_t              type;
@@ -186,13 +188,19 @@ typedef struct {
     uint8_t             allocated;  /* 1 bit */
 } nxt_port_send_msg_t;
 
+#if (NXT_HAVE_UCRED) || (NXT_HAVE_MSGHDR_CMSGCRED)
+#define NXT_USE_CMSG_PID    1
+#endif
 
 struct nxt_port_recv_msg_s {
     nxt_fd_t            fd[2];
     nxt_buf_t           *buf;
     nxt_port_t          *port;
     nxt_port_msg_t      port_msg;
     size_t              size;
+#if (NXT_USE_CMSG_PID)
+    nxt_pid_t           cmsg_pid;
+#endif
     nxt_bool_t          cancelled;
     union {
         nxt_port_t      *new_port;
@@ -201,6 +209,15 @@ struct nxt_port_recv_msg_s {
     } u;
 };
 
+
+#if (NXT_USE_CMSG_PID)
+#define nxt_recv_msg_cmsg_pid(msg)      ((msg)->cmsg_pid)
+#define nxt_recv_msg_cmsg_pid_ref(msg)  (&(msg)->cmsg_pid)
+#else
+#define nxt_recv_msg_cmsg_pid(msg)      ((msg)->port_msg.pid)
+#define nxt_recv_msg_cmsg_pid_ref(msg)  (NULL)
+#endif
+
 typedef struct nxt_app_s  nxt_app_t;
 
 struct nxt_port_s {

diff --git a/src/nxt_port_rpc.c b/src/nxt_port_rpc.c
@@ -393,8 +393,8 @@ nxt_port_rpc_remove_peer(nxt_task_t *task, nxt_port_t *port, nxt_pid_t peer)
     msg.fd[1] = -1;
     msg.buf = &buf;
     msg.port = port;
-
-    msg.port_msg.pid = peer;
+    msg.u.removed_pid = peer;
+    msg.port_msg.pid = nxt_pid;
     msg.port_msg.type = _NXT_PORT_MSG_REMOVE_PID;
 
     peer_link = lhq.value;