From 3790608b0daf708b43a30bcefcf640b3a30c81da Mon Sep 17 00:00:00 2001 From: aszlig Date: Wed, 8 Jul 2020 06:22:48 +0200 Subject: [PATCH 1/4] Revert "github: Remove workflow for Mac OS X" This reverts commit c945f586c390bf591bc30cc67e67b3a63b6587db. I initially removed the workflow because it was failing all the time and always seeing commit messages with failed CI checks is not only pretty unhelpful but we might miss other *relevant* failures because of that. So this brings back the workflow for Darwin since we're now actually working on at least trying to implement support for it. The reason why I'm not adding this *after* adding support is that I don't have a Mac OS X machine, so I have to purely relying on the GitHub Actions workflow. Signed-off-by: aszlig --- .github/workflows/main.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1b1cf14..623bec1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -21,3 +21,20 @@ jobs: with: name: Linux_Meson_Testlog path: build/meson-logs/testlog.txt + + macos: + runs-on: macos-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: '3.x' + - run: brew install yaml-cpp asciidoctor + - run: pip install meson ninja + - run: meson setup build + - run: meson test -C build -v + - uses: actions/upload-artifact@v1 + if: failure() + with: + name: MacOS_Meson_Testlog + path: build/meson-logs/testlog.txt From 3581ecb0f41562fe3bc14a07af595b6b2fac4d6e Mon Sep 17 00:00:00 2001 From: aszlig Date: Wed, 8 Jul 2020 06:38:10 +0200 Subject: [PATCH 2/4] darwin: Use LOCAL_PEERCRED instead of SO_PEERCRED While LOCAL_PEERCRED is somewhat similar to SO_PEERCRED, we unfortunately don't have access to the PID of the remote peer. This is something we actually need to properly distinguish the remote peer by giving it an IP address with the PID encoded, otherwise we'd end up with duplicate IPs. On the other hand, using random IP addresses also is not a very good solution here, since we actually *want* to have the same IP for the same process. Right now the UID and GID fields are not used at all on Darwin, but we really need to figure out a way to properly assign fake IP addresses. Signed-off-by: aszlig --- src/sockaddr.cc | 25 ++++++++++++++++++++----- src/sockaddr.hh | 8 ++++++++ src/socket.cc | 22 ++++++++++++++++++++++ 3 files changed, 50 insertions(+), 5 deletions(-) diff --git a/src/sockaddr.cc b/src/sockaddr.cc index 76e7fba..5297e79 100644 --- a/src/sockaddr.cc +++ b/src/sockaddr.cc @@ -114,11 +114,23 @@ bool SockAddr::set_host(const SockAddr &other) return false; } -bool SockAddr::set_host(const ucred &peercred) +#if defined(SO_PEERCRED) +#define PEERCRED_TYPE ucred +#define PEERCRED_PID peercred.pid +#define PEERCRED_GID peercred.gid +#define PEERCRED_UID peercred.uid +#else +#define PEERCRED_TYPE xucred +#define PEERCRED_PID peercred.cr_pid +#define PEERCRED_GID peercred.cr_gid +#define PEERCRED_UID peercred.cr_uid +#endif + +bool SockAddr::set_host(const PEERCRED_TYPE &peercred) { if (this->is_inet4()) { this->cast4()->sin_addr.s_addr = - htonl(static_cast(peercred.pid)); + htonl(static_cast(PEERCRED_PID)); return true; } @@ -128,12 +140,15 @@ bool SockAddr::set_host(const ucred &peercred) addr->sin6_addr.s6_addr[1] = 0x80; addr->sin6_addr.s6_addr[2] = 0x00; addr->sin6_addr.s6_addr[3] = 0x00; - uint32_t part = htonl(static_cast(peercred.uid)); + uint32_t part = htonl(static_cast(PEERCRED_UID)); memcpy(addr->sin6_addr.s6_addr + 4, &part, 4); - part = htonl(static_cast(peercred.gid)); +// XXX! +#if defined(SO_PEERCRED) + part = htonl(static_cast(PEERCRED_GID)); memcpy(addr->sin6_addr.s6_addr + 8, &part, 4); - part = htonl(static_cast(peercred.pid)); + part = htonl(static_cast(PEERCRED_PID)); memcpy(addr->sin6_addr.s6_addr + 12, &part, 4); +#endif return true; } diff --git a/src/sockaddr.hh b/src/sockaddr.hh index 753fb90..82285c6 100644 --- a/src/sockaddr.hh +++ b/src/sockaddr.hh @@ -13,6 +13,10 @@ #include #include +#if defined(__APPLE__) +#include +#endif + struct sockaddr_in6; struct sockaddr_in; @@ -27,7 +31,11 @@ struct SockAddr std::optional get_host(void) const; bool set_host(const std::string&); +#if defined(SO_PEERCRED) bool set_host(const ucred&); +#else + bool set_host(const xucred&); +#endif bool set_host(const SockAddr&); bool set_random_host(void); diff --git a/src/socket.cc b/src/socket.cc index 7858553..f8f0d5b 100644 --- a/src/socket.cc +++ b/src/socket.cc @@ -15,6 +15,10 @@ #include #include +#if defined(__APPLE__) +#include +#endif + std::optional Socket::find(int fd) { using itype = decltype(Socket::registry)::const_iterator; @@ -272,10 +276,19 @@ bool Socket::create_binding(const SockAddr &addr) if (!local.set_host(addr)) return false; } else { +#if defined(SO_PEERCRED) ucred local_cred; local_cred.uid = getuid(); local_cred.gid = getgid(); local_cred.pid = getpid(); +#else + xucred local_cred; + local_cred.cr_uid = getuid(); + /* XXX! + local_cred.cr_gid = getgid(); + local_cred.cr_pid = getpid(); + */ +#endif // Our local sockaddr, which we only need if we didn't have a // bind() before our connect. @@ -460,11 +473,20 @@ int Socket::accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen) } else { // We use SO_PEERCRED to get uid, gid and pid in order to generate // unique IP addresses. +#if defined(SO_PEERCRED) ucred peercred; socklen_t len = sizeof peercred; if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &peercred, &len) == -1) return -1; +#else + xucred peercred; + socklen_t len = sizeof peercred; + + if (getsockopt(sockfd, SOL_LOCAL, LOCAL_PEERCRED, &peercred, + &len) == -1) + return -1; +#endif if (!peer.set_host(peercred)) { errno = EINVAL; From 714d2a859480f51ddcfd4458f892820b5b9c770f Mon Sep 17 00:00:00 2001 From: aszlig Date: Sun, 6 Aug 2023 18:03:12 +0200 Subject: [PATCH 3/4] github: Add pytest to macos workflow This is needed in order to run integration tests, which we certainly want to run on Darwin, because I do not have a single machine running MacOS and thus for me the only way to check whether something is broken is by checking whether the integration tests have failed. Signed-off-by: aszlig --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 623bec1..297df8e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -30,7 +30,7 @@ jobs: with: python-version: '3.x' - run: brew install yaml-cpp asciidoctor - - run: pip install meson ninja + - run: pip install meson ninja pytest - run: meson setup build - run: meson test -C build -v - uses: actions/upload-artifact@v1 From a4efd837135102bb344955a8d999f1f6b7f7247d Mon Sep 17 00:00:00 2001 From: aszlig Date: Sun, 6 Aug 2023 18:06:12 +0200 Subject: [PATCH 4/4] fixup! Revert "github: Remove workflow for Mac OS X" --- .github/workflows/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 297df8e..001387d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -24,6 +24,9 @@ jobs: macos: runs-on: macos-latest + if: github.event_name != 'pull_request' || + github.event.pull_request.head.repo.full_name != + github.event.pull_request.base.repo.full_name steps: - uses: actions/checkout@v2 - uses: actions/setup-python@v1