1// Copyright 2011 The Go Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style
3// license that can be found in the LICENSE file.
4
5// Socket control messages
6
7package syscall
8
9import "unsafe"
10
11// UnixCredentials encodes credentials into a socket control message
12// for sending to another process. This can be used for
13// authentication.
14func UnixCredentials(ucred *Ucred) []byte {
15	b := make([]byte, CmsgSpace(SizeofUcred))
16	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
17	h.Level = SOL_SOCKET
18	h.Type = SCM_CREDENTIALS
19	h.SetLen(CmsgLen(SizeofUcred))
20	*((*Ucred)(cmsgData(h))) = *ucred
21	return b
22}
23
24// ParseUnixCredentials decodes a socket control message that contains
25// credentials in a Ucred structure. To receive such a message, the
26// SO_PASSCRED option must be enabled on the socket.
27func ParseUnixCredentials(m *SocketControlMessage) (*Ucred, error) {
28	if m.Header.Level != SOL_SOCKET {
29		return nil, EINVAL
30	}
31	if m.Header.Type != SCM_CREDENTIALS {
32		return nil, EINVAL
33	}
34	if uintptr(len(m.Data)) < unsafe.Sizeof(Ucred{}) {
35		return nil, EINVAL
36	}
37	ucred := *(*Ucred)(unsafe.Pointer(&m.Data[0]))
38	return &ucred, nil
39}
40