[CRIU] [PATCH 1/3] p.haul: do not use getsockname() as a hash_name, v4

[Ruslan Kuprieiev]

On 29.10.2014 10:17, Pavel Emelyanov wrote:
> On 10/28/2014 01:18 AM, Ruslan Kuprieiev wrote:
>> Currently xem_rpc is not proxy-resistant.
>> It means that if there is a proxy somewhere in
>> between client and server, p.haul will fail,
>> because getsockname() on client != getpeername()
>> on server.
>>
>> v2, Pavel suggested to solve it like this:
>>
>> 1. On main rpc socket after init_rpc() the server
>>     reports back the name by which it sees the client
>>     socket.
>>
>> 2. After calling connect() on data socket the client
>>     should mix the name from step 1 to the data socket
>>     name to distinguish his data socket from those
>>     created by other clients.
>>
>> v3, use rpc to transfer socket name
>> v4, use init option in _make_sk
>>
>> Signed-off-by: Ruslan Kuprieiev <kupruser at gmail.com>
>> ---
>>   xem_rpc.py | 18 +++++++++++++-----
>>   1 file changed, 13 insertions(+), 5 deletions(-)
>>
>> diff --git a/xem_rpc.py b/xem_rpc.py
>> index 9718eef..71ca051 100644
>> --- a/xem_rpc.py
>> +++ b/xem_rpc.py
>> @@ -3,6 +3,7 @@ import select
>>   import threading
>>   import traceback
>>   import util
>> +import struct
>>   
>>   rpc_port = 12345
>>   rpc_sk_buf = 256
>> @@ -41,22 +42,26 @@ class _rpc_proxy_caller:
>>   class rpc_proxy:
>>   	def __init__(self, conn, *args):
>>   		self._srv = conn
>> -		self._rpc_sk = self._make_sk()
>> +		self._rpc_sk = self._make_sk(init=True)
>>   		util.set_cloexec(self._rpc_sk)
>>   		_rpc_proxy_caller(self._rpc_sk, RPC_CMD, "init_rpc")(args)
>>   
>>   	def __getattr__(self, attr):
>>   		return _rpc_proxy_caller(self._rpc_sk, RPC_CALL, attr)
>>   
>> -	def _make_sk(self):
>> +	def _make_sk(self, init=False):
> Plz, make it w/o argument to _make_sk(). Let the caller of it
> call the RPC_CMD "get_name" or smth himself.

Ok.

>>   		sk = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
>>   		sk.connect((self._srv, rpc_port))
>> -		return sk
>> +		if init:
>> +			return sk
>> +		else:
>> +			host = _rpc_proxy_caller(sk, RPC_CMD, "get_name")()
>> +			return (sk, host)
>>   
>>   	def open_socket(self, uname):
>> -		sk = self._make_sk()
>> +		sk, host = self._make_sk()
>>   		c = _rpc_proxy_caller(self._rpc_sk, RPC_CMD, "pick_channel")
>> -		c(sk.getsockname(), uname)
>> +		c(host, uname)
>>   		return sk
>>   
>>   
>> @@ -76,6 +81,9 @@ class _rpc_server_sk:
>>   	def hash_name(self):
>>   		return self._sk.getpeername()
>>   
>> +	def get_name(self, mgr):
>> +		return self.hash_name()
>> +
>>   	def work(self, mgr):
>>   		raw_data = self._sk.recv(rpc_sk_buf)
>>   		if not raw_data:
>>