fixes #6 Security attributes support

fixes #382 Permissions support for IPC on POSIX

This adds support for permission management on Windows and
POSIX systems.  There are two different properties, and they
are very different.

Tests and documentation are included.

2 files changed, 61 insertions, 2 deletions

diff --git a/src/transport/ipc/ipc.c b/src/transport/ipc/ipc.c
index 61b89f20..3dbccb50 100644
--- a/src/transport/ipc/ipc.c
+++ b/src/transport/ipc/ipc.c
@@ -13,6 +13,7 @@
 #include <string.h>
 
 #include "core/nng_impl.h"
+#include "ipc.h"
 
 // IPC transport.   Platform specific IPC operations must be
 // supplied as well.  Normally the IPC is UNIX domain sockets or
@@ -739,6 +740,40 @@ nni_ipc_ep_get_addr(void *arg, void *data, size_t *szp, int typ)
 	return (nni_copyout_sockaddr(&ep->sa, data, szp, typ));
 }
 
+static int
+nni_ipc_ep_setopt_permissions(void *arg, const void *data, size_t sz, int typ)
+{
+	nni_ipc_ep *ep = arg;
+	int         val;
+	int         rv;
+
+	// Probably we could further limit this -- most systems don't have
+	// meaningful chmod beyond the lower 9 bits.
+	rv = nni_copyin_int(&val, data, sz, 0, 0x7FFFFFFF, typ);
+	if ((rv == 0) && (ep != NULL)) {
+		rv = nni_plat_ipc_ep_set_permissions(ep->iep, val);
+	}
+	return (rv);
+}
+
+static int
+nni_ipc_ep_setopt_security_desc(
+    void *arg, const void *data, size_t sz, int typ)
+{
+	nni_ipc_ep *ep = arg;
+	void *      ptr;
+	int         rv;
+
+	if ((rv = nni_copyin_ptr((void **) &ptr, data, sz, typ)) != 0) {
+		return (rv);
+	}
+
+	if (ep == NULL) {
+		return (0);
+	}
+	return (nni_plat_ipc_ep_set_security_descriptor(ep->iep, ptr));
+}
+
 static nni_tran_pipe_option nni_ipc_pipe_options[] = {
 	{
 	    .po_name   = NNG_OPT_REMADDR,
@@ -779,6 +814,18 @@ static nni_tran_ep_option nni_ipc_ep_options[] = {
 	    .eo_getopt = nni_ipc_ep_get_addr,
 	    .eo_setopt = NULL,
 	},
+	{
+	    .eo_name   = NNG_OPT_IPC_SECURITY_DESCRIPTOR,
+	    .eo_type   = NNI_TYPE_POINTER,
+	    .eo_getopt = NULL,
+	    .eo_setopt = nni_ipc_ep_setopt_security_desc,
+	},
+	{
+	    .eo_name   = NNG_OPT_IPC_PERMISSIONS,
+	    .eo_type   = NNI_TYPE_INT32,
+	    .eo_getopt = NULL,
+	    .eo_setopt = nni_ipc_ep_setopt_permissions,
+	},
 	// terminate list
 	{
 	    .eo_name = NULL,
diff --git a/src/transport/ipc/ipc.h b/src/transport/ipc/ipc.h
index 4c4c5708..42cbdb08 100644
--- a/src/transport/ipc/ipc.h
+++ b/src/transport/ipc/ipc.h
@@ -1,6 +1,6 @@
 //
-// Copyright 2017 Garrett D'Amore <garrett@damore.org>
-// Copyright 2017 Capitar IT Group BV <info@capitar.com>
+// Copyright 2018 Staysail Systems, Inc. <info@staysail.tech>
+// Copyright 2018 Capitar IT Group BV <info@capitar.com>
 //
 // This software is supplied under the terms of the MIT License, a
 // copy of which should be located in the distribution where this
@@ -16,4 +16,16 @@
 
 NNG_DECL int nng_ipc_register(void);
 
+// Security Descriptor.  This option may only be set on listeners
+// on the Windows platform, where the object is a pointer to a
+// a Windows SECURITY_DESCRIPTOR.
+#define NNG_OPT_IPC_SECURITY_DESCRIPTOR "ipc:security-descriptor"
+
+// Permissions bits.  This option is only valid for listeners on
+// POSIX platforms and others that honor UNIX style permission bits.
+// Note that some platforms may not honor the permissions here, although
+// at least Linux and macOS seem to do so.  Check before you rely on
+// this for security.
+#define NNG_OPT_IPC_PERMISSIONS "ipc:permissions"
+
 #endif // NNG_TRANSPORT_IPC_IPC_H