From Hackepedia
Jump to navigationJump to search

Sockets are an API for IPC or network communication with a process. For IPC Unix domain sockets are used, for network communication INET sockets are preferred. Sockets provide a descriptor to a process with which data or control data can be exchanged with the kernel.

Unix domain sockets

When a Unix domain socket is set up it is bound to the local systems filesystem. The path it can be bound to is limited to 103 characters (see /usr/include/sys/un.h) instead of the filesystem limit of 1023 characters. This means that a socket should be set up close to the root perhaps in /tmp (as sshd does). Unix domain sockets make preferred IPC in OpenBSD because of the availability of the getpeereid syscall which allows a daemon to check the credentials of who is connecting to the socket. A socket in the filesystem looks like this:

$ ls -l /tmp/ssh*
total 0
srwxr-xr-x  1 pbug  wheel  0 Oct  8 11:27 agent.1327

notice the 's' indicating that this file is a socket.

INET sockets

In order to communicate with the Internet a program can communicate with it via the Kernel which has a built-in internet stack. Common protocols that one can talk via sockets are TCP and UDP as well as ICMP which are grouped into the raw mode of sockets. When a program is a TCP server the common sequence of syscalls are socket(2), bind(2), listen(2), and accept(2). When a program is a TCP client the common sequence of syscalls are socket(2), connect(2).