unix_send_fd.c

[詳解]

/*++
/* NAME
/*  unix_send_fd 3
/* SUMMARY
/*  send file descriptor
/* SYNOPSIS
/*  #include <iostuff.h>
/*
/*  int unix_send_fd(fd, sendfd)
/*  int fd;
/*  int sendfd;
/* DESCRIPTION
/*  unix_send_fd() sends a file descriptor over the specified
/*  UNIX-domain socket.
/*
/*  Arguments:
/* .IP fd
/*  File descriptor that connects the sending and receiving processes.
/* .IP sendfd
/*  The file descriptor to be sent.
/* DIAGNOSTICS
/*  unix_send_fd() returns -1 upon failure.
/* LICENSE
/* .ad
/* .fi
/*  The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/*  Wietse Venema
/*  IBM T.J. Watson Research
/*  P.O. Box 704
/*  Yorktown Heights, NY 10598, USA
/*--*/

/* System library. */

#include <sys_defs.h>           /* includes <sys/types.h> */
#include <sys/socket.h>
#include <sys/uio.h>
#include <string.h>

/* Utility library. */

#include <msg.h>
#include <iostuff.h>

/* unix_send_fd - send file descriptor */

int     unix_send_fd(int fd, int sendfd)
{

    /*
     * This code does not work with version <2.2 Linux kernels, and it does
     * not compile with version <2 Linux libraries.
     */
#ifdef CANT_USE_SEND_RECV_MSG
    const char *myname = "unix_send_fd";

    msg_warn("%s: your system has no support for file descriptor passing",
         myname);
    return (-1);
#else
    struct msghdr msg;
    struct iovec iov[1];

    /*
     * Adapted from: W. Richard Stevens, UNIX Network Programming, Volume 1,
     * Second edition. Except that we use CMSG_LEN instead of CMSG_SPACE, for
     * portability to some LP64 environments. See also unix_recv_fd.c.
     */
#if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL)
    union {
    struct cmsghdr just_for_alignment;
    char    control[CMSG_SPACE(sizeof(sendfd))];
    }       control_un;
    struct cmsghdr *cmptr;

    memset((void *) &msg, 0, sizeof(msg));  /* Fix 200512 */
    msg.msg_control = control_un.control;
    if (unix_pass_fd_fix & UNIX_PASS_FD_FIX_CMSG_LEN) {
    msg.msg_controllen = CMSG_LEN(sizeof(sendfd));  /* Fix 200506 */
    } else {
    msg.msg_controllen = sizeof(control_un.control);    /* normal */
    }
    cmptr = CMSG_FIRSTHDR(&msg);
    cmptr->cmsg_len = CMSG_LEN(sizeof(sendfd));
    cmptr->cmsg_level = SOL_SOCKET;
    cmptr->cmsg_type = SCM_RIGHTS;
    *(int *) CMSG_DATA(cmptr) = sendfd;
#else
    msg.msg_accrights = (char *) &sendfd;
    msg.msg_accrightslen = sizeof(sendfd);
#endif

    msg.msg_name = 0;
    msg.msg_namelen = 0;

    /*
     * XXX We don't want to pass any data, just a file descriptor. However,
     * setting msg.msg_iov = 0 and msg.msg_iovlen = 0 causes trouble. See the
     * comments in the unix_recv_fd() routine.
     */
    iov->iov_base = "";
    iov->iov_len = 1;
    msg.msg_iov = iov;
    msg.msg_iovlen = 1;

    /*
     * The CMSG_LEN send/receive workaround was originally developed for
     * OpenBSD 3.6 on SPARC64. After the workaround was verified to not break
     * Solaris 8 on SPARC64, it was hard-coded with Postfix 2.3 for all
     * platforms because of increasing pressure to work on other things. The
     * workaround does nothing for 32-bit systems.
     * 
     * The investigation was reopened with Postfix 2.7 because the workaround
     * broke with NetBSD 5.0 on 64-bit architectures. This time it was found
     * that OpenBSD <= 4.3 on AMD64 and SPARC64 needed the workaround for
     * sending only. The following platforms worked with and without the
     * workaround: OpenBSD 4.5 on AMD64 and SPARC64, FreeBSD 7.2 on AMD64,
     * Solaris 8 on SPARC64, and Linux 2.6-11 on x86_64.
     * 
     * As this appears to have been an OpenBSD-specific problem, we revert to
     * the Postfix 2.2 behavior. Instead of hard-coding the workaround for
     * all platforms, we now detect sendmsg() errors at run time and turn on
     * the workaround dynamically.
     * 
     * The workaround was made run-time configurable to investigate the problem
     * on multiple platforms. Though set_unix_pass_fd_fix() is over-kill for
     * this specific problem, it is left in place so that it can serve as an
     * example of how to add run-time configurable workarounds to Postfix.
     */
    if (sendmsg(fd, &msg, 0) >= 0)
    return (0);
    if (unix_pass_fd_fix == 0) {
    if (msg_verbose)
        msg_info("sendmsg error (%m). Trying CMSG_LEN workaround.");
    unix_pass_fd_fix = UNIX_PASS_FD_FIX_CMSG_LEN;
    return (unix_send_fd(fd, sendfd));
    } else {
    return (-1);
    }
#endif
}

#ifdef TEST

 /*
  * Proof-of-concept program. Open a file and send the descriptor, presumably
  * to the unix_recv_fd test program.
  */
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <fcntl.h>
#include <split_at.h>
#include <connect.h>

int     main(int argc, char **argv)
{
    char   *transport;
    char   *endpoint;
    char   *path;
    int     server_sock;
    int     client_fd;

    msg_verbose = 1;

    if (argc < 3
    || (endpoint = split_at(transport = argv[1], ':')) == 0
    || *endpoint == 0 || *transport == 0)
    msg_fatal("usage: %s transport:endpoint file...", argv[0]);

    if (strcmp(transport, "unix") == 0) {
    server_sock = unix_connect(endpoint, BLOCKING, 0);
    } else {
    msg_fatal("invalid transport name: %s", transport);
    }
    if (server_sock < 0)
    msg_fatal("connect %s:%s: %m", transport, endpoint);

    argv += 2;
    while ((path = *argv++) != 0) {
    if ((client_fd = open(path, O_RDONLY, 0)) < 0)
        msg_fatal("open %s: %m", path);
    msg_info("path=%s fd=%d", path, client_fd);
    if (unix_send_fd(server_sock, client_fd) < 0)
        msg_fatal("send file descriptor: %m");
    if (close(client_fd) != 0)
        msg_fatal("close(%d): %m", client_fd);
    }
    exit(0);
}

#endif