Submitting https://codereview.chromium.org/23116003/ for Cihat Imamoglu.
[chromium-blink-merge.git] / ipc / unix_domain_socket_util.cc
blob7f513a3ab4806f781ec3046d28d62917f283bcdf
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "ipc/unix_domain_socket_util.h"
7 #include <errno.h>
8 #include <fcntl.h>
9 #include <sys/socket.h>
10 #include <sys/stat.h>
11 #include <sys/un.h>
12 #include <unistd.h>
14 #include "base/file_util.h"
15 #include "base/files/file_path.h"
16 #include "base/logging.h"
17 #include "base/posix/eintr_wrapper.h"
19 namespace IPC {
21 // Verify that kMaxSocketNameLength is a decent size.
22 COMPILE_ASSERT(sizeof(((sockaddr_un*)0)->sun_path) >= kMaxSocketNameLength,
23 BAD_SUN_PATH_LENGTH);
25 namespace {
27 // Returns fd (>= 0) on success, -1 on failure. If successful, fills in
28 // |unix_addr| with the appropriate data for the socket, and sets
29 // |unix_addr_len| to the length of the data therein.
30 int MakeUnixAddrForPath(const std::string& socket_name,
31 struct sockaddr_un* unix_addr,
32 size_t* unix_addr_len) {
33 DCHECK(unix_addr);
34 DCHECK(unix_addr_len);
36 if (socket_name.length() == 0) {
37 LOG(ERROR) << "Empty socket name provided for unix socket address.";
38 return -1;
40 // We reject socket_name.length() == kMaxSocketNameLength to make room for
41 // the NUL terminator at the end of the string.
42 if (socket_name.length() >= kMaxSocketNameLength) {
43 LOG(ERROR) << "Socket name too long: " << socket_name;
44 return -1;
47 // Create socket.
48 int fd = socket(AF_UNIX, SOCK_STREAM, 0);
49 if (fd < 0) {
50 PLOG(ERROR) << "socket";
51 return -1;
53 file_util::ScopedFD scoped_fd(&fd);
55 // Make socket non-blocking
56 if (HANDLE_EINTR(fcntl(fd, F_SETFL, O_NONBLOCK)) < 0) {
57 PLOG(ERROR) << "fcntl(O_NONBLOCK)";
58 return -1;
61 // Create unix_addr structure.
62 memset(unix_addr, 0, sizeof(struct sockaddr_un));
63 unix_addr->sun_family = AF_UNIX;
64 strncpy(unix_addr->sun_path, socket_name.c_str(), kMaxSocketNameLength);
65 *unix_addr_len =
66 offsetof(struct sockaddr_un, sun_path) + socket_name.length();
67 return *scoped_fd.release();
70 } // namespace
72 bool CreateServerUnixDomainSocket(const base::FilePath& socket_path,
73 int* server_listen_fd) {
74 DCHECK(server_listen_fd);
76 std::string socket_name = socket_path.value();
77 base::FilePath socket_dir = socket_path.DirName();
79 struct sockaddr_un unix_addr;
80 size_t unix_addr_len;
81 int fd = MakeUnixAddrForPath(socket_name, &unix_addr, &unix_addr_len);
82 if (fd < 0)
83 return false;
84 file_util::ScopedFD scoped_fd(&fd);
86 // Make sure the path we need exists.
87 if (!file_util::CreateDirectory(socket_dir)) {
88 LOG(ERROR) << "Couldn't create directory: " << socket_dir.value();
89 return false;
92 // Delete any old FS instances.
93 if (unlink(socket_name.c_str()) < 0 && errno != ENOENT) {
94 PLOG(ERROR) << "unlink " << socket_name;
95 return false;
98 // Bind the socket.
99 if (bind(fd, reinterpret_cast<const sockaddr*>(&unix_addr),
100 unix_addr_len) < 0) {
101 PLOG(ERROR) << "bind " << socket_path.value();
102 return false;
105 // Start listening on the socket.
106 if (listen(fd, SOMAXCONN) < 0) {
107 PLOG(ERROR) << "listen " << socket_path.value();
108 unlink(socket_name.c_str());
109 return false;
112 *server_listen_fd = *scoped_fd.release();
113 return true;
116 bool CreateClientUnixDomainSocket(const base::FilePath& socket_path,
117 int* client_socket) {
118 DCHECK(client_socket);
120 std::string socket_name = socket_path.value();
121 base::FilePath socket_dir = socket_path.DirName();
123 struct sockaddr_un unix_addr;
124 size_t unix_addr_len;
125 int fd = MakeUnixAddrForPath(socket_name, &unix_addr, &unix_addr_len);
126 if (fd < 0)
127 return false;
128 file_util::ScopedFD scoped_fd(&fd);
130 if (HANDLE_EINTR(connect(fd, reinterpret_cast<sockaddr*>(&unix_addr),
131 unix_addr_len)) < 0) {
132 PLOG(ERROR) << "connect " << socket_path.value();
133 return false;
136 *client_socket = *scoped_fd.release();
137 return true;
140 bool GetPeerEuid(int fd, uid_t* peer_euid) {
141 DCHECK(peer_euid);
142 #if defined(OS_MACOSX) || defined(OS_OPENBSD) || defined(OS_FREEBSD)
143 uid_t socket_euid;
144 gid_t socket_gid;
145 if (getpeereid(fd, &socket_euid, &socket_gid) < 0) {
146 PLOG(ERROR) << "getpeereid " << fd;
147 return false;
149 *peer_euid = socket_euid;
150 return true;
151 #else
152 struct ucred cred;
153 socklen_t cred_len = sizeof(cred);
154 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len) < 0) {
155 PLOG(ERROR) << "getsockopt " << fd;
156 return false;
158 if (static_cast<unsigned>(cred_len) < sizeof(cred)) {
159 NOTREACHED() << "Truncated ucred from SO_PEERCRED?";
160 return false;
162 *peer_euid = cred.uid;
163 return true;
164 #endif
167 bool IsPeerAuthorized(int peer_fd) {
168 uid_t peer_euid;
169 if (!GetPeerEuid(peer_fd, &peer_euid))
170 return false;
171 if (peer_euid != geteuid()) {
172 DLOG(ERROR) << "Client euid is not authorised";
173 return false;
175 return true;
178 bool IsRecoverableError(int err) {
179 return errno == ECONNABORTED || errno == EMFILE || errno == ENFILE ||
180 errno == ENOMEM || errno == ENOBUFS;
183 bool ServerAcceptConnection(int server_listen_fd, int* server_socket) {
184 DCHECK(server_socket);
185 *server_socket = -1;
187 int accept_fd = HANDLE_EINTR(accept(server_listen_fd, NULL, 0));
188 if (accept_fd < 0)
189 return IsRecoverableError(errno);
190 file_util::ScopedFD scoped_fd(&accept_fd);
191 if (HANDLE_EINTR(fcntl(accept_fd, F_SETFL, O_NONBLOCK)) < 0) {
192 PLOG(ERROR) << "fcntl(O_NONBLOCK) " << accept_fd;
193 // It's safe to keep listening on |server_listen_fd| even if the attempt to
194 // set O_NONBLOCK failed on the client fd.
195 return true;
198 *server_socket = *scoped_fd.release();
199 return true;
202 } // namespace IPC