Skip to content

Instantly share code, notes, and snippets.

@win-t

win-t/client.go

Last active August 28, 2024 09:41
Show Gist options
  • Save win-t/c08556fc7091937981c71287eb9ee658 to your computer and use it in GitHub Desktop.
Save win-t/c08556fc7091937981c71287eb9ee658 to your computer and use it in GitHub Desktop.
Download ZIP
golang: unix socket: get peer credential
Raw
client.go
package main
import (
"fmt"
"net"
"os"
)
func main() {
addr, _ := net.ResolveUnixAddr("unix", "@testabstractsocket")
client, err := net.DialUnix("unix", nil, addr)
if err != nil {
fmt.Println("Cannot dial", err.Error())
os.Exit(1)
}
defer client.Close()
fmt.Println("Connected!")
}
Raw
server.go
package main
import (
"fmt"
"net"
"os"
"syscall"
)
func main() {
addr, _ := net.ResolveUnixAddr("unix", "@testabstractsocket")
server, err := net.ListenUnix("unix", addr)
if err != nil {
fmt.Println("Cannot listen", err.Error())
os.Exit(1)
}
for {
client, err := server.AcceptUnix()
if err != nil {
fmt.Println("Cannot accept", err.Error())
continue
}
go serve(client)
}
}
func serve(client *net.UnixConn) {
defer client.Close()
f, err := client.File()
if err != nil {
fmt.Println("Cannot get underlying file", err.Error())
return
}
defer f.Close()
cred, err := syscall.GetsockoptUcred(int(f.Fd()), syscall.SOL_SOCKET, syscall.SO_PEERCRED)
if err != nil {
fmt.Println("Cannot get peer credential", err.Error())
return
}
if cred.Uid == 0 {
fmt.Println("root client connected, do something dangerous !")
} else {
fmt.Println("non-root client connected, do nothing !")
}
}
@decentral1se
Copy link

Thanks for this! Totally adjacent but a really handy example on how to do socket auth!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment