auth: work around darwin lameness

Change-Id: I5899bffd9383dd22cac3f4fe5e4cd4da11b3a167
2012-04-27 18:49:42 -07:00 · 2012-04-27 18:49:42 -07:00 · 8bcae0d59b
parent 3195c87512
commit 8bcae0d59b
1 changed files with 19 additions and 0 deletions
--- a/pkg/auth/auth.go
+++ b/pkg/auth/auth.go
@ -20,8 +20,10 @@ import (
 	"encoding/base64"
 	"fmt"
 	"net/http"
+	"log"
 	"os"
 	"regexp"
+	"runtime"
 	"strings"

 	"camlistore.org/pkg/netutil"
@ -169,6 +171,19 @@ func localhostAuthorized(req *http.Request) bool {
 				to = "127.0.0.1:" + toPort
 			}
 		}
+
+		// TODO(bradfitz): netutil on OS X uses "lsof" to figure out
+		// ownership of tcp connections, but when fuse is mounted and a
+		// request is outstanding (for instance, a fuse request that's
+		// making a request to camlistored and landing in this code
+		// path), lsof then blocks forever waiting on a lock held by the
+		// VFS, leading to a deadlock.  Instead, on darwin, just trust
+		// any localhost connection here, which is kinda lame, but
+		// whatever.  Macs aren't very multi-user anyway.
+		if runtime.GOOS == "darwin" && isLocalhost(from) && isLocalhost(to) {
+			return true
+		}
+
 		owner, err := netutil.AddrPairUserid(from, to)
 		if err == nil && owner == uid {
 			return true
@ -177,6 +192,10 @@ func localhostAuthorized(req *http.Request) bool {
 	return false
 }

+func isLocalhost(addrPort string) bool {
+	return strings.HasPrefix(addrPort, "127.0.0.1:") || strings.HasPrefix(addrPort, "[::1]:")
+}
+
 func LocalhostAuthorized(req *http.Request) bool {
 	return localhostAuthorized(req)
 }