other_mirrors/ Xray-core
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-core.git synced 2024-11-22 20:59:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refine domain socket permission

This commit is contained in:
hmol233 2021-06-14 20:30:46 +08:00 committed by yuhan6665
parent b6f77e4944
commit b3ab94ef5b
1 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
transport/internet/system_listener.go
View File

@ -2,7 +2,10 @@ package internet
import ( import (
"context" "context"
"os"
"runtime" "runtime"
"strconv"
"strings"
"syscall" "syscall"
"github.com/pires/go-proxyproto" "github.com/pires/go-proxyproto"
@ -39,11 +42,10 @@ func getControlFunc(ctx context.Context, sockopt *SocketConfig, controllers []co
} }
} }
func (dl *DefaultListener) Listen(ctx context.Context, addr net.Addr, sockopt *SocketConfig) (net.Listener, error) { func (dl *DefaultListener) Listen(ctx context.Context, addr net.Addr, sockopt *SocketConfig) (l net.Listener, err error) {
var lc net.ListenConfig var lc net.ListenConfig
var l net.Listener
var err error
var network, address string var network, address string
switch addr := addr.(type) { switch addr := addr.(type) {
case *net.TCPAddr: case *net.TCPAddr:
network = addr.Network() network = addr.Network()
@ -53,6 +55,24 @@ func (dl *DefaultListener) Listen(ctx context.Context, addr net.Addr, sockopt *S
lc.Control = nil lc.Control = nil
network = addr.Network() network = addr.Network()
address = addr.Name address = addr.Name
if s := strings.Split(address, ","); len(s) == 2 {
address = s[0]
perm, perr := strconv.ParseUint(s[1], 8, 32)
if perr != nil {
return nil, newError("failed to parse permission: " + s[1]).Base(perr)
}
defer func(file string, permission os.FileMode) {
if err == nil {
cerr := os.Chmod(address, permission)
if cerr != nil {
err = newError("failed to set permission for " + file).Base(cerr)
}
}
}(address, os.FileMode(perm))
}
if (runtime.GOOS == "linux" || runtime.GOOS == "android") && address[0] == '@' { if (runtime.GOOS == "linux" || runtime.GOOS == "android") && address[0] == '@' {
// linux abstract unix domain socket is lockfree // linux abstract unix domain socket is lockfree
if len(address) > 1 && address[1] == '@' { if len(address) > 1 && address[1] == '@' {