3party/libzmq
0
0
Fork 0
mirror of https://github.com/zeromq/libzmq.git synced 2025-01-15 18:38:00 +08:00
Code Issues Projects Releases Wiki Activity
libzmq/src/ipc_listener.hpp
Brandon Carpenter 8662f44efa Intial IPC accept filter support. 
Adds sets of process (Linux only), user, and group IDs for filtering
connections from peer processes over IPC transport.  If all of the
filter sets are empty, every connection is accepted.  Otherwise,
credentials for a connecting process are checked against the filter sets
and the connection is only accepted if a match is found.

This commit is part of LIBZMQ-568 and only adds the filter sets and
implements the filter in the IPC accept method.  The interface for
adding IDs to filter sets are included in a separate commit.

IPC accept filtering is supported only on Linux and OS X.
2013-12-04 14:12:29 -08:00

105 lines
2.9 KiB
C++
Raw Blame History

/*
Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file
This file is part of 0MQ.
0MQ is free software; you can redistribute it and/or modify it under
the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
0MQ is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __ZMQ_IPC_LISTENER_HPP_INCLUDED__
#define __ZMQ_IPC_LISTENER_HPP_INCLUDED__
#include "platform.hpp"
#if !defined ZMQ_HAVE_WINDOWS && !defined ZMQ_HAVE_OPENVMS
#include <string>
#include "fd.hpp"
#include "own.hpp"
#include "stdint.hpp"
#include "io_object.hpp"
namespace zmq
{
class io_thread_t;
class socket_base_t;
class ipc_listener_t : public own_t, public io_object_t
{
public:
ipc_listener_t (zmq::io_thread_t *io_thread_,
zmq::socket_base_t *socket_, const options_t &options_);
~ipc_listener_t ();
// Set address to listen on.
int set_address (const char *addr_);
// Get the bound address for use with wildcards
int get_address (std::string &addr_);
private:
// Handlers for incoming commands.
void process_plug ();
void process_term (int linger_);
// Handlers for I/O events.
void in_event ();
// Close the listening socket.
int close ();
// Filter new connections if the OS provides a mechanism to get
// the credentials of the peer process. Called from accept().
# if defined ZMQ_HAVE_SO_PEERCRED || defined ZMQ_HAVE_LOCAL_PEERCRED
bool filter (fd_t sock);
# endif
// Accept the new connection. Returns the file descriptor of the
// newly created connection. The function may return retired_fd
// if the connection was dropped while waiting in the listen backlog.
fd_t accept ();
// True, if the undelying file for UNIX domain socket exists.
bool has_file;
// Name of the file associated with the UNIX domain address.
std::string filename;
// Underlying socket.
fd_t s;
// Handle corresponding to the listening socket.
handle_t handle;
// Socket the listerner belongs to.
zmq::socket_base_t *socket;
// String representation of endpoint to bind to
std::string endpoint;
ipc_listener_t (const ipc_listener_t&);
const ipc_listener_t &operator = (const ipc_listener_t&);
};
}
#endif
#endif
Reference in New Issue View Git Blame Copy Permalink