[PATCH] Disable AF_UNIX handshake with setsockopt(..., SO_PEERCRED, ...)
Corinna Vinschen
corinna-cygwin@cygwin.com
Mon Oct 13 08:20:00 GMT 2014
On Oct 13 07:37, Christian Franke wrote:
> Corinna Vinschen wrote:
> >On Oct 10 20:04, Corinna Vinschen wrote:
> >>In short, the whole code is written under the assumption that any sane
> >>application calling nonblocking connect would always call select/poll to
> >>check if connect succeeded in the first place. Obviously, as postfix
> >>shows, this is a wrong assumption.
> >>
> >>I'm not yet sure how to fix this, but I'll look into this next week.
> >I applied a fix which, I think, is much more elegant than the former
> >solution. The af_local_connect call is now called as soon as an
> >FD_CONNECT event is generated and read by a call to wait_event. It
> >worked for me, so I have tender hopes that I didn't miss something.
> >
> >I also applied your patch on top of this new stuff and I'm just building
> >a new developer snapshot for testing.
>
> A quick test of current postfix draft with the snapshot works as expected.
> Thanks.
Did you run other network-related tools, too, in the meantime? Any
fallout which could be a result my change?
> > In setsockopt I added a check for
> >socket family and type so setsockopt(SO_PEERCRED) only works for
> >AF_LOCAL/SOCK_STREAM sockets, just as the entire handshake stuff.
>
> Probably not needed because this check was already in
> af_local_set_no_getpeereid() itself.
Doh! I reverted this part of my change. I completely missed the
redundancy here, sorry.
> > I
> >also added a comment to explain why we do this and a FIXME comment so we
> >don't forget we're still looking for a more generic solution for the
> >SO_PEERCRED exchange.
>
> Definitely, at least because the current AF_LOCAL emulation has some
> security issues.
-v?
Thanks,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin-patches/attachments/20141013/0c4786b1/attachment.sig>
More information about the Cygwin-patches
mailing list