Партнёры:
Хостинг:
unix - UNIX-domain protocol family
struct sockaddr_un {
u_char sun_len;
u_char sun_family;
char sun_path[104];
};
Binding a name to a UNIX socket with bind(2) causes a socket file to be created in the file system. This file is not removed when the socket is closed --- unlink(2) must be used to remove the file.
The length of
UNIX
address, required by
bind(2)
and
connect(2),
can be calculated by the macro
SUN_LEN ();
defined in
In sys/un.h .
The
sun_path
field must be terminated by a
NUL
character to be used with
SUN_LEN (,);
but the terminating
NUL
is
not
part of the address.
The UNIX protocol family does not support broadcast addressing or any form of ``wildcard'' matching on incoming messages. All addresses are absolute- or relative-pathnames of other UNIX sockets. Normal file system access-control mechanisms are also applied when referencing pathnames; e.g., the destination of a connect(2) or sendto(2) must be writable.
Any valid descriptor may be sent in a message. The file descriptor(s) to be passed are described using a Vt struct cmsghdr that is defined in the include file In sys/socket.h . The type of the message is SCM_RIGHTS and the data portion of the messages is an array of integers representing the file descriptors to be passed. The number of descriptors being passed is defined by the length field of the message; the length field is the sum of the size of the header plus the size of the array of file descriptors.
The received descriptor is a duplicate of the sender's descriptor, as if it were created with a call to dup(2). Per-process descriptor flags, set with fcntl(2), are not passed to a receiver. Descriptors that are awaiting delivery, or that are purposely not received, are automatically closed by the system when the destination socket is closed.
The effective credentials (i.e., the user ID and group list) of a peer on a SOCK_STREAM socket may be obtained using the LOCAL_PEERCRED socket option. This may be used by a server to obtain and verify the credentials of its client, and vice versa by the client to verify the credentials of the server. These will arrive in the form of a filled in Vt struct xucred (defined in In sys/ucred.h ) . The credentials presented to the server (the listen(2) caller) are those of the client when it called connect(2); the credentials presented to the client (the connect(2) caller) are those of the server when it called listen(2). This mechanism is reliable; there is no way for either party to influence the credentials presented to its peer except by calling the appropriate system call (e.g., connect(2) or listen(2)) under different effective credentials.
UNIX domain sockets support a number of socket options which can be set with setsockopt(2) and tested with getsockopt(2):
struct sockcred {
uid_t sc_uid; /* real user id */
uid_t sc_euid; /* effective user id */
gid_t sc_gid; /* real group id */
gid_t sc_egid; /* effective group id */
int sc_ngroups; /* number of supplemental groups */
gid_t sc_groups[1]; /* variable length */
};
The
SOCKCREDSIZE ();
macro computes the size of the
Vt sockcred
structure for a specified number
of groups.
The
Vt cmsghdr
fields have the following values:
cmsg_len = CMSG_LEN(SOCKCREDSIZE(ngroups)) cmsg_level = SOL_SOCKET cmsg_type = SCM_CREDS
|
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |