[CRIU] [PATCH 1/3] p.haul: do not use getsockname() as a hash_name, v4

[Ruslan Kuprieiev]

Currently xem_rpc is not proxy-resistant.
It means that if there is a proxy somewhere in
between client and server, p.haul will fail,
because getsockname() on client != getpeername()
on server.

v2, Pavel suggested to solve it like this:

1. On main rpc socket after init_rpc() the server
   reports back the name by which it sees the client
   socket.

2. After calling connect() on data socket the client
   should mix the name from step 1 to the data socket
   name to distinguish his data socket from those
   created by other clients.

v3, use rpc to transfer socket name
v4, use init option in _make_sk

Signed-off-by: Ruslan Kuprieiev <kupruser at gmail.com>
---
 xem_rpc.py | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/xem_rpc.py b/xem_rpc.py
index 9718eef..71ca051 100644
--- a/xem_rpc.py
+++ b/xem_rpc.py
@@ -3,6 +3,7 @@ import select
 import threading
 import traceback
 import util
+import struct
 
 rpc_port = 12345
 rpc_sk_buf = 256
@@ -41,22 +42,26 @@ class _rpc_proxy_caller:
 class rpc_proxy:
 	def __init__(self, conn, *args):
 		self._srv = conn
-		self._rpc_sk = self._make_sk()
+		self._rpc_sk = self._make_sk(init=True)
 		util.set_cloexec(self._rpc_sk)
 		_rpc_proxy_caller(self._rpc_sk, RPC_CMD, "init_rpc")(args)
 
 	def __getattr__(self, attr):
 		return _rpc_proxy_caller(self._rpc_sk, RPC_CALL, attr)
 
-	def _make_sk(self):
+	def _make_sk(self, init=False):
 		sk = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 		sk.connect((self._srv, rpc_port))
-		return sk
+		if init:
+			return sk
+		else:
+			host = _rpc_proxy_caller(sk, RPC_CMD, "get_name")()
+			return (sk, host)
 
 	def open_socket(self, uname):
-		sk = self._make_sk()
+		sk, host = self._make_sk()
 		c = _rpc_proxy_caller(self._rpc_sk, RPC_CMD, "pick_channel")
-		c(sk.getsockname(), uname)
+		c(host, uname)
 		return sk
 
 
@@ -76,6 +81,9 @@ class _rpc_server_sk:
 	def hash_name(self):
 		return self._sk.getpeername()
 
+	def get_name(self, mgr):
+		return self.hash_name()
+
 	def work(self, mgr):
 		raw_data = self._sk.recv(rpc_sk_buf)
 		if not raw_data:
-- 
1.9.3