1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
= nng_ipc(7)
//
// Copyright 2018 Staysail Systems, Inc. <info@staysail.tech>
// Copyright 2018 Capitar IT Group BV <info@capitar.com>
//
// This document is supplied under the terms of the MIT License, a
// copy of which should be located in the distribution where this
// file was obtained (LICENSE.txt). A copy of the license may also be
// found online at https://opensource.org/licenses/MIT.
//
== NAME
nng_ipc - IPC transport
== SYNOPSIS
[source,c]
----
#include <nng/transport/ipc/ipc.h>
int nng_ipc_register(void);
----
== DESCRIPTION
(((IPC)))(((transport, _ipc_)))
The ((_ipc_ transport)) provides communication support between
_nng_ sockets within different processes on the same host.
For POSIX platforms, this is implemented using ((UNIX domain sockets)).
For Windows, this is implemented using Windows ((Named Pipes)).
Other platforms may have different implementation strategies.
// We need to insert a reference to the nanomsg RFC.
=== Registration
The _ipc_ transport is generally built-in to the _nng_ core, so
no extra steps to use it should be necessary.
=== URI Format
(((URI, `ipc://`)))
This transport uses URIs using the scheme `ipc://`, followed by a path
name in the file system where the socket or named pipe should be created.
TIP: On Windows, all names are prefixed by `\\.\pipe\` and do not
reside in the normal file system.
On POSIX platforms, the path is taken literally, and is relative to
the current directory, unless it begins with `/`, in which case it is
relative to the root directory.
NOTE: When using relative paths on POSIX systems, the address used and returned
in properties like `NNG_OPT_LOCADDR` and `NNG_OPT_URL` will also be relative.
Consequently, they will only be interpreted the same by processes that have
the same working directory.
To ensure maximum portability and safety, absolute paths are recommended
whenever possible.
NOTE: If compatibility with legacy _nanomsg_ applications is required,
then pathnames must not be longer than 122 bytes, including the final
`NUL` byte.
This is because legacy versions of _nanomsg_ cannot express URLs
longer than 128 bytes, including the `ipc://` prefix.
=== Socket Address
When using an `<<nng_sockaddr.5#,nng_sockaddr>>` structure,
the actual structure is of type `<<nng_sockaddr_ipc.5#,nng_sockaddr_ipc>>`.
=== Transport Options
((`NNG_OPT_IPC_PERMISSIONS`))::
(`int`)
This write-only option may be applied to a listener to configure the
permissions that are used on the UNIX domain socket created by that listener.
This property is only supported on POSIX systems.
The value is of type `int`, representing the normal permission bits
on a file, such as `0600` (typically meaning read-write to the owner, and
no permissions for anyone else.)
The default is system-specific, most often `0644`.
IMPORTANT: Not all systems validate these permissions.
In particular, illumos and Solaris are known to ignore these permission
settings when connecting.
NOTE: Normally both read and write permission will be necessary for a
peer dialer to connect.
See your system documentation for UNIX domain sockets for more information.
NOTE: The _umask_ of the process is *not* applied to these bits.
TIP: The best practice for limiting access is to place the socket in a
directory writable only by the server, and only readable and searchable
by clients.
All mainstream POSIX systems will fail to permit a client to connect
to a socket located in a directory for which the client lacks search (execute)
permission.
TIP: Also consider using the `NNG_OPT_IPC_PEER_UID` property from within a
a pipe notification callback (`<<nng_pipe_notify.3#,nng_pipe_notify()>>`)
to validate peer credentials.
((`NNG_OPT_IPC_SECURITY_DESCRIPTOR`))::
(`PSECURITY_DESCRIPTOR`)
This write-only option may be used on listeners on Windows platforms to
configure the `SECURITY_DESCRIPTOR` that is used when creating the underlying
named pipe.
The value is a pointer, `PSECURITY_DESCRIPTOR`, and may only be
applied to listeners that have not been started yet.
((`NNG_OPT_IPC_PEER_UID`))::
(`uint64_t`)
This read-only option may be read from a pipe to determine the peer user id.
This is the effective user id of the peer when either the underlying
`listen()` or `connect()` calls were made, and is not forgeable.
This option is generally only available on POSIX systems.
((`NNG_OPT_IPC_PEER_GID`))::
(`uint64_t`)
This read-only option may be read from a pipe to determine the peer primary
group id.
This is the effective group id of the peer when either the underlying
`listen()` or `connect()` calls were made, and is not forgeable.
This option is generally only available on POSIX systems.
((`NNG_OPT_IPC_PEER_PID`))::
(`uint64_t`)
This read-only option may be read from a pipe to determine the process id
of the peer.
This option is only available on Windows, Linux, and certain other systems.
NOTE: Applications should not assume that the process ID does not change,
as it is possible (although unsupported!) for a nefarious process to pass a
file descriptor between processes.
However, it is not possible for a nefarious application to forge the identity
of a well-behaved one using this method.
((`NNG_OPT_IPC_PEER_ZONEID`))::
(`uint64_t`)
This read-only option may be read from a pipe to determine the zone id
of the peer.
Zones (and this option) are only supported on Solaris and illumos systems.
== SEE ALSO
[.text-left]
<<nng_sockaddr.5#,nng_sockaddr(5)>>,
<<nng.7#,nng(7)>>
|
