[PATCH] updated support for unix socket in abstract namespace

Igor Sysoev igor at sysoev.ru
Sat Jun 4 09:49:15 MSD 2011


On Sat, Jun 04, 2011 at 07:27:07AM +0200, Roberto De Ioris wrote:
> Hi all,
> attached there is an updated patch for adding support for unix socket in
> abstract namespace.
> 
> As requested by Igor, the syntax is now
> 
> unix:\0foobar
> 
> instead of
> 
> unix:@foobar
> 
> The only relevant note is this part of code:
> 
> +    if (saun->sun_path[0] != '\0') {
> +        u->addrs[0].socklen = sizeof(struct sockaddr_un);
> +    }
> +    else {
> +        u->addrs[0].socklen = sizeof(saun->sun_family) + len;
> +    }
> 
> 
> it looks like using
> 
> u->addrs[0].socklen = sizeof(saun->sun_family) + len;
> 
> is not reliable in all os (NetBSD and OpenBSD in my tests did not work) so
> i think
> an exception (as i did) is more "secure".
> 
> Probably, as linux is the only os supporting abstract namespace, we could
> use:
> 
> #ifdef __linux__
>     u->addrs[0].socklen = sizeof(saun->sun_family) + len;
> #else
>     u->addrs[0].socklen = sizeof(struct sockaddr_un);
> #endif

Thank you for the patch, I will look how to resolve this on all platforms.
The one issue remains - how to log this address in error_log.
My first thought was to use "@foobar" as Linux does, but now I think
it's better to create a name with slash "\0foobar".


-- 
Igor Sysoev



More information about the nginx mailing list