zlink_core/connection/credentials.rs
1//! Connection credentials.
2
3use super::{Pid, Uid};
4
5/// Credentials of a peer connection.
6#[derive(Debug)]
7pub struct Credentials {
8 unix_user_id: Uid,
9 process_id: Pid,
10 #[cfg(target_os = "linux")]
11 process_fd: std::os::fd::OwnedFd,
12}
13
14impl Credentials {
15 /// Create new credentials for a peer connection.
16 ///
17 /// # Arguments
18 /// * `unix_user_id` - The numeric Unix user ID.
19 /// * `process_id` - The numeric process ID.
20 /// * `process_fd` (Linux only) - A file descriptor pinning the process.
21 pub(crate) fn new(
22 unix_user_id: Uid,
23 process_id: Pid,
24 #[cfg(target_os = "linux")] process_fd: std::os::fd::OwnedFd,
25 ) -> Self {
26 Self {
27 unix_user_id,
28 process_id,
29 #[cfg(target_os = "linux")]
30 process_fd,
31 }
32 }
33
34 /// The numeric Unix user ID, as defined by POSIX.
35 pub fn unix_user_id(&self) -> Uid {
36 self.unix_user_id
37 }
38
39 /// The numeric process ID, on platforms that have this concept.
40 ///
41 /// On Unix, this is the process ID defined by POSIX.
42 pub fn process_id(&self) -> Pid {
43 self.process_id
44 }
45
46 /// A file descriptor pinning the process, on platforms that have this concept.
47 ///
48 /// On Linux, the SO_PEERPIDFD socket option is a suitable implementation. This is safer to use
49 /// to identify a process than the ProcessID, as the latter is subject to re-use attacks, while
50 /// the FD cannot be recycled. If the original process no longer exists the FD will no longer
51 /// be resolvable.
52 #[cfg(target_os = "linux")]
53 pub fn process_fd(&self) -> std::os::fd::BorrowedFd<'_> {
54 use std::os::fd::AsFd;
55
56 self.process_fd.as_fd()
57 }
58}