From: Valentine Krasnobaeva <vkrasnobaeva@haproxy.com>
Date: Tue, 23 Apr 2024 21:11:15 +0000 (+0200)
Subject: MEDIUM: proto_uxst: take in account server namespace
X-Git-Tag: v3.0-dev10~31
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=84babc93ce4def6ef8643a66e486be1923cab830;p=thirdparty%2Fhaproxy.git

MEDIUM: proto_uxst: take in account server namespace

As UNIX Domain sockets could be attached to Linux namespaces (see more details
about it from the Linux kernel patch set below:

	https://lore.kernel.org/netdev/m1hbl7hxo3.fsf@fess.ebiederm.org),

it is better to use sock_create_server_socket() in UNIX stream protocol
implementation, as this function calls my_socket_at() and the latter takes
in account server network namespace, which could be configured as in example
below:

       backend be_bar
                ...
                server rpicam0 /run/ustreamer.sock namespace foonet

So, for UNIX Domain socket, used as an address of some backend server, this
patch makes possible to perform connect() to this backend server from the same
network namespace, where the server is running, or where its listening socket
was created.

Using sock_create_server_socket() in UNIX stream protocol implementation also
makes the code of uxst_connect_server() more uniform with tcp_connect_server()
and quic_connect_server().
---

diff --git a/src/proto_uxst.c b/src/proto_uxst.c
index 7988e00d15..cd584aa9ab 100644
--- a/src/proto_uxst.c
+++ b/src/proto_uxst.c
@@ -239,7 +239,8 @@ static int uxst_connect_server(struct connection *conn, int flags)
 		return SF_ERR_INTERNAL;
 	}
 
-	if ((fd = conn->handle.fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) {
+	fd = conn->handle.fd = sock_create_server_socket(conn);
+	if (fd == -1) {
 		qfprintf(stderr, "Cannot get a server socket.\n");
 
 		if (errno == ENFILE) {