[CRIU] [PATCH] p.haul: do not use getsockname() as a hash_name, v6
Ruslan Kuprieiev
kupruser at gmail.com
Sun Nov 2 19:51:07 PST 2014
Currently xem_rpc is not proxy-resistant.
It means that if there is a proxy somewhere in
between client and server, p.haul will fail,
because getsockname() on client != getpeername()
on server.
v2, Pavel suggested to solve it like this:
1. On main rpc socket after init_rpc() the server
reports back the name by which it sees the client
socket.
2. After calling connect() on data socket the client
should mix the name from step 1 to the data socket
name to distinguish his data socket from those
created by other clients.
v3, use rpc to transfer socket name
v4, use init option in _make_sk
v5, do not use init option
v6, remove redundant "import struct"
Signed-off-by: Ruslan Kuprieiev <kupruser at gmail.com>
---
xem_rpc.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/xem_rpc.py b/xem_rpc.py
index 9718eef..f441992 100644
--- a/xem_rpc.py
+++ b/xem_rpc.py
@@ -55,8 +55,9 @@ class rpc_proxy:
def open_socket(self, uname):
sk = self._make_sk()
+ host = _rpc_proxy_caller(sk, RPC_CMD, "get_name")()
c = _rpc_proxy_caller(self._rpc_sk, RPC_CMD, "pick_channel")
- c(sk.getsockname(), uname)
+ c(host, uname)
return sk
@@ -76,6 +77,9 @@ class _rpc_server_sk:
def hash_name(self):
return self._sk.getpeername()
+ def get_name(self, mgr):
+ return self.hash_name()
+
def work(self, mgr):
raw_data = self._sk.recv(rpc_sk_buf)
if not raw_data:
--
1.9.3
More information about the CRIU
mailing list