From: Sangwan Kwon Date: Thu, 16 Jan 2020 06:50:34 +0000 (+0900) Subject: Get credentials from peer X-Git-Tag: submit/tizen/20200810.073515~94 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=e04dc6150355dd2f79c6c531f552a7cc0c238530;p=platform%2Fcore%2Fsecurity%2Fvist.git Get credentials from peer Signed-off-by: Sangwan Kwon --- diff --git a/src/vist/rmi/impl/credentials.hpp b/src/vist/rmi/impl/credentials.hpp new file mode 100644 index 0000000..f4af021 --- /dev/null +++ b/src/vist/rmi/impl/credentials.hpp @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2020-present Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#pragma once + +#include + +#include +#include + +namespace vist { +namespace rmi { +namespace impl { + +struct Credentials { + pid_t pid; + uid_t uid; + gid_t gid; + + static Credentials GetPeers(int fd) + { + struct ucred cred; + socklen_t credsz = sizeof(cred); + errno = 0; + if (::getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cred, &credsz)) + THROW(ErrCode::RuntimeError) << "Failed to get peer credential: " << errno; + + return {cred.pid, cred.uid, cred.gid}; + } +}; + +} // namespace impl +} // namespace rmi +} // namespace vist diff --git a/src/vist/rmi/impl/tests/socket.cpp b/src/vist/rmi/impl/tests/socket.cpp index 2437e3a..85d4e25 100644 --- a/src/vist/rmi/impl/tests/socket.cpp +++ b/src/vist/rmi/impl/tests/socket.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2020-present Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,13 +14,13 @@ * limitations under the License */ +#include #include -#include +#include #include +#include #include -#include -#include #include @@ -38,8 +38,6 @@ TEST(SocketTests, socket_read_write) bool output2 = false; auto client = std::thread([&]() { - std::this_thread::sleep_for(std::chrono::seconds(1)); - // Send input to server. Socket connected = Socket::connect(sockPath); connected.send(&input); @@ -75,8 +73,6 @@ TEST(SocketTests, socket_abstract) bool output2 = false; auto client = std::thread([&]() { - std::this_thread::sleep_for(std::chrono::seconds(1)); - // Send input to server. Socket connected = Socket::connect(sockPath); connected.send(&input); @@ -99,3 +95,28 @@ TEST(SocketTests, socket_abstract) if (client.joinable()) client.join(); } + +TEST(SocketTests, peer_credeintials) +{ + std::string sockPath = "@sock"; + Socket socket(sockPath); + + int input = std::numeric_limits::max(); + auto client = std::thread([&]() { + Socket connected = Socket::connect(sockPath); + connected.send(&input); + }); + + Socket accepted = socket.accept(); + + auto cred = Credentials::GetPeers(accepted.getFd()); + EXPECT_TRUE(cred.pid > 0); + + // Recv input from client. + int output = 0; + accepted.recv(&output); + EXPECT_EQ(input, output); + + if (client.joinable()) + client.join(); +}