[PATCH] updated support for unix socket in abstract namespace
Roberto De Ioris
roberto at unbit.it
Sat Jun 4 10:19:46 MSD 2011
> On Sat, Jun 04, 2011 at 07:27:07AM +0200, Roberto De Ioris wrote:
>> Hi all,
>> attached there is an updated patch for adding support for unix socket in
>> abstract namespace.
>>
>> As requested by Igor, the syntax is now
>>
>> unix:\0foobar
>>
>> instead of
>>
>> unix:@foobar
>>
>> The only relevant note is this part of code:
>>
>> + if (saun->sun_path[0] != '\0') {
>> + u->addrs[0].socklen = sizeof(struct sockaddr_un);
>> + }
>> + else {
>> + u->addrs[0].socklen = sizeof(saun->sun_family) + len;
>> + }
>>
>>
>> it looks like using
>>
>> u->addrs[0].socklen = sizeof(saun->sun_family) + len;
>>
>> is not reliable in all os (NetBSD and OpenBSD in my tests did not work)
>> so
>> i think
>> an exception (as i did) is more "secure".
>>
>> Probably, as linux is the only os supporting abstract namespace, we
>> could
>> use:
>>
>> #ifdef __linux__
>> u->addrs[0].socklen = sizeof(saun->sun_family) + len;
>> #else
>> u->addrs[0].socklen = sizeof(struct sockaddr_un);
>> #endif
>
> Thank you for the patch, I will look how to resolve this on all platforms.
> The one issue remains - how to log this address in error_log.
> My first thought was to use "@foobar" as Linux does, but now I think
> it's better to create a name with slash "\0foobar".
>
>
I would suggest \0 for sure. Users can be fooled by different naming scheme.
I have added support in uWSGI for \0 too, to avoid this sort of problems.
--
Roberto De Ioris
http://unbit.it
More information about the nginx
mailing list