fix: Fix peer credentials call on Darwin

tigrisdata-archive · Jun 6, 2023 · 5ef2c29 · 5ef2c29
1 parent 53ba9fe
commit 5ef2c29
Show file tree

Hide file tree

Showing 6 changed files with 111 additions and 38 deletions.
diff --git a/server/muxer/grpc.go b/server/muxer/grpc.go
@@ -88,14 +88,14 @@ func (*UnixPeerCredentials) ServerHandshake(conn net.Conn) (net.Conn, credential
 		return conn, &ai, nil
 	}
 
-	creds, err := util.ReadPeerCreds(c.Conn)
+	uid, err := util.ReadPeerCreds(c.Conn)
 	if err != nil {
 		return conn, &ai, nil //nolint:nilerr
 	}
 
-	log.Debug().Msgf("grpc server handshake. user id=%v", creds.Uid)
+	log.Debug().Msgf("grpc server handshake. user id=%v", uid)
 
-	ai.LocalRoot = creds.Uid == 0
+	ai.LocalRoot = uid == 0
 
 	if ai.LocalRoot {
 		log.Debug().Msg("Local root user detected")

diff --git a/server/muxer/http.go b/server/muxer/http.go
@@ -108,8 +108,8 @@ func (s *HTTPServer) Start(mux cmux.CMux) error {
 					nc = c.Conn
 				}
 
-				creds, err := util.ReadPeerCreds(nc)
-				if err == nil && creds.Uid == 0 {
+				uid, err := util.ReadPeerCreds(nc)
+				if err == nil && uid == 0 {
 					log.Debug().Msgf("local root on http")
 					return request.SetLocalRoot(ctx)
 				}

diff --git a/test/v1/server/unix_test.go b/test/v1/server/unix_test.go
@@ -84,9 +84,8 @@ func TestReadPeerCreds(t *testing.T) {
 	conn, err := l.Accept()
 	require.NoError(t, err)
 
-	creds, err := util.ReadPeerCreds(conn)
+	uid, err := util.ReadPeerCreds(conn)
 	require.NoError(t, err)
 
-	require.Equal(t, os.Geteuid(), int(creds.Uid))
-	require.Equal(t, os.Getegid(), int(creds.Gid))
+	require.Equal(t, os.Geteuid(), int(uid))
 }
diff --git a/util/util.go b/util/util.go
@@ -19,7 +19,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"net"
 	"os"
 	"strings"
 	"text/template"
@@ -29,7 +28,6 @@ import (
 	"github.com/rs/zerolog/log"
 	"github.com/tigrisdata/tigris/lib/container"
 	ulog "github.com/tigrisdata/tigris/util/log"
-	"golang.org/x/sys/unix"
 )
 
 const (
@@ -189,31 +187,3 @@ func RawMessageToByte(arr []jsoniter.RawMessage) [][]byte {
 	ptr := unsafe.Pointer(&arr)
 	return *(*[][]byte)(ptr)
 }
-
-func ReadPeerCreds(c net.Conn) (*unix.Ucred, error) {
-	var cred *unix.Ucred
-
-	uc, ok := c.(*net.UnixConn)
-	if !ok {
-		return nil, ErrNotUnixConn
-	}
-
-	raw, err := uc.SyscallConn()
-	if err != nil {
-		return nil, fmt.Errorf("error getting raw connection: %s", err)
-	}
-
-	err1 := raw.Control(func(fd uintptr) {
-		cred, err = unix.GetsockoptUcred(int(fd), unix.SOL_SOCKET, unix.SO_PEERCRED)
-	})
-
-	if err != nil {
-		return nil, fmt.Errorf("getsockoptUcred error: %s", err)
-	}
-
-	if err1 != nil {
-		return nil, fmt.Errorf("control error: %s", err1)
-	}
-
-	return cred, nil
-}
diff --git a/util/util_darwin.go b/util/util_darwin.go
@@ -0,0 +1,52 @@
+// Copyright 2022-2023 Tigris Data, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build darwin
+
+package util
+
+import (
+	"fmt"
+	"net"
+
+	"golang.org/x/sys/unix"
+)
+
+func ReadPeerCreds(c net.Conn) (uint32, error) {
+	var cred *unix.Xucred
+
+	uc, ok := c.(*net.UnixConn)
+	if !ok {
+		return 0, ErrNotUnixConn
+	}
+
+	raw, err := uc.SyscallConn()
+	if err != nil {
+		return 0, fmt.Errorf("error getting raw connection: %s", err)
+	}
+
+	err1 := raw.Control(func(fd uintptr) {
+		cred, err = unix.GetsockoptXucred(int(fd), unix.SOL_LOCAL, unix.LOCAL_PEERCRED)
+	})
+
+	if err != nil {
+		return 0, fmt.Errorf("getsockoptxucred error: %s", err)
+	}
+
+	if err1 != nil {
+		return 0, fmt.Errorf("control error: %s", err1)
+	}
+
+	return cred.Uid, nil
+}
diff --git a/util/util_linux.go b/util/util_linux.go
@@ -0,0 +1,52 @@
+// Copyright 2022-2023 Tigris Data, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build linux
+
+package util
+
+import (
+	"fmt"
+	"net"
+
+	"golang.org/x/sys/unix"
+)
+
+func ReadPeerCreds(c net.Conn) (uint32, error) {
+	var cred *unix.Ucred
+
+	uc, ok := c.(*net.UnixConn)
+	if !ok {
+		return 0, ErrNotUnixConn
+	}
+
+	raw, err := uc.SyscallConn()
+	if err != nil {
+		return 0, fmt.Errorf("error getting raw connection: %s", err)
+	}
+
+	err1 := raw.Control(func(fd uintptr) {
+		cred, err = unix.GetsockoptUcred(int(fd), unix.SOL_SOCKET, unix.SO_PEERCRED)
+	})
+
+	if err != nil {
+		return 0, fmt.Errorf("getsockoptUcred error: %s", err)
+	}
+
+	if err1 != nil {
+		return 0, fmt.Errorf("control error: %s", err1)
+	}
+
+	return cred.Uid, nil
+}