Projects/mysqladm-rs
12
2
Fork 0
Code Issues 44 Pull Requests Actions Packages Releases Activity

Replace socket authentication mechanism with SO_PEERCRED

Browse Source
This commit is contained in:
Oystein Kristoffer Tveit
2024-08-18 22:20:56 +02:00
parent 94c9a54c14
commit 53f19b3d05
5 changed files with 14 additions and 479 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/server/command.rs
View File

@@ -7,7 +7,6 @@ use clap::Parser;
use std::os::unix::net::UnixStream as StdUnixStream;
use tokio::net::UnixStream as TokioUnixStream;
use crate::core::bootstrap::authenticated_unix_socket;
use crate::core::common::UnixUser;
use crate::server::config::read_config_from_path_with_arg_overrides;
use crate::server::server_loop::listen_for_incoming_connections;
@@ -53,8 +52,8 @@ pub async fn handle_command(
async fn socket_activate(config: ServerConfig) -> anyhow::Result<()> {
// TODO: allow getting socket path from other socket activation sources
let mut conn = get_socket_from_systemd().await?;
let uid = authenticated_unix_socket::server_authenticate(&mut conn).await?;
let conn = get_socket_from_systemd().await?;
let uid = conn.peer_cred()?.uid();
let unix_user = UnixUser::from_uid(uid.into())?;
handle_requests_for_single_session(conn, &unix_user, &config).await?;