Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/sys/unix: want more platform support for UNIX domain socket peer credentials #41659

Open
gdamore opened this issue Sep 27, 2020 · 4 comments
Open

Comments

@gdamore
Copy link

@gdamore gdamore commented Sep 27, 2020

What version of Go are you using (go version)?

$ go version
PS C:\Users\garre> go version
go version go1.14.4 windows/amd64

(Although I use many different versions of Go on illumos, Linux, darwin, etc.)

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env

Feature request

As this is a feature request, I'm not including typical bug report details.

What I'd like is a way for us to obtain peer credentials more broadly. I am most interested in illumos/solaris (which uses getpeerucred() in libc, but I see this being useful for Darwin, FreeBSD, and possibly others.

With Linux we can do GetsockoptUcred with SO_PEERCRED. Which is great. I would like to have a similar way to do this for other platforms (platform specific probably) without having to resort to cgo if possible.

@gopherbot gopherbot added this to the Unreleased milestone Sep 27, 2020
@ianlancetaylor
Copy link
Contributor

@ianlancetaylor ianlancetaylor commented Sep 28, 2020

What are the mechanisms available on other systems?

@gdamore
Copy link
Author

@gdamore gdamore commented Sep 28, 2020

So Solaris and illumos have getpeerucred. I believe BSD systems have SO_LOCAL and LOCAL_PEERCRED and LOCAL_PEERPID. There is also a version of SO_PEERCRED that uses sockpeercred instead of ucred.

This is a mess of non portable APIs. But it would be nice if I could access this tags and not have to resort to cgo.

@gopherbot
Copy link

@gopherbot gopherbot commented Feb 22, 2021

Change https://golang.org/cl/294989 mentions this issue: unix: add Xucred, GetsockoptXucred on freebsd

@tklauser
Copy link
Member

@tklauser tklauser commented Feb 22, 2021

FWIW, https://golang.org/cl/292330 added this for Darwin already, courtesy of @bradfitz . I'm about to send CLs adding support on the BSDs and possibly Illumos/Solaris as well.

Once these landed in x/sys/unix, I hope we can add support for these additional platforms to inet.af/peercred as well which provides a portable API for peer credentials.

gopherbot pushed a commit to golang/sys that referenced this issue Feb 23, 2021
Follow CL 292330 which added these on darwin.

Generated on FreeBSD 13.0BETA3

For golang/go#41659

Change-Id: I30eeef43c4f61a9449f3fe8b5cc0033f46dfe822
Reviewed-on: https://go-review.googlesource.com/c/sys/+/294989
Trust: Tobias Klauser <tobias.klauser@gmail.com>
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants