Open gdamore opened 4 years ago
What are the mechanisms available on other systems?
So Solaris and illumos have getpeerucred. I believe BSD systems have SO_LOCAL and LOCAL_PEERCRED and LOCAL_PEERPID. There is also a version of SO_PEERCRED that uses sockpeercred instead of ucred.
This is a mess of non portable APIs. But it would be nice if I could access this tags and not have to resort to cgo.
Change https://golang.org/cl/294989 mentions this issue: unix: add Xucred, GetsockoptXucred on freebsd
FWIW, https://golang.org/cl/292330 added this for Darwin already, courtesy of @bradfitz . I'm about to send CLs adding support on the BSDs and possibly Illumos/Solaris as well.
Once these landed in x/sys/unix
, I hope we can add support for these additional platforms to inet.af/peercred as well which provides a portable API for peer credentials.
This was initially requested in https://github.com/golang/go/issues/1101, however that issue was hijacked to instead cover sending over credentials and file descriptors, and it deemed resolved in 2017.
This would be really nice to have a cross platform API for this.
What version of Go are you using (
go version
)?(Although I use many different versions of Go on illumos, Linux, darwin, etc.)
Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (
go env
)?go env
OutputFeature request
As this is a feature request, I'm not including typical bug report details.
What I'd like is a way for us to obtain peer credentials more broadly. I am most interested in illumos/solaris (which uses getpeerucred() in libc, but I see this being useful for Darwin, FreeBSD, and possibly others.
With Linux we can do GetsockoptUcred with SO_PEERCRED. Which is great. I would like to have a similar way to do this for other platforms (platform specific probably) without having to resort to cgo if possible.