Re: python > 3.5: Issue with unix domain sockets

public inbox for cygwin-developers@cygwin.com
 help / color / mirror / Atom feed

From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin-developers@cygwin.com
Subject: Re: python > 3.5: Issue with unix domain sockets
Date: Thu, 6 May 2021 12:30:25 +0200	[thread overview]
Message-ID: <YJPFQWH0KM1gqcdz@calimero.vinschen.de> (raw)
In-Reply-To: <50e76a43-48a1-f655-674a-1b4865dc62cf@maxrnd.com>

On May  6 02:24, Mark Geisert wrote:
> Corinna Vinschen wrote:
> > On May  4 22:04, Mark Geisert wrote:
> > > Corinna Vinschen wrote:
> > > > On May  4 02:45, Mark Geisert wrote:
> > > > > [blah blah...]
> > > > You're supposed to call the special setsockopt(SO_PEERCRED) on the
> > > > accepting socket.  The no_getpeereid property is inherited by the
> > > > accepted socket.
> > > 
> > > Ah, of course.  Well, I couldn't figure out a way to do the setsockopt()
> > > call some times but not others, because Python can't reach into the Cygwin
> > > DLL.  Nor should it.
> > > 
> > > Since this Python patch is supposed to be a temporary workaround, I took the
> > > tack that it should just ignore an error return from
> > > setsockopt(SO_PEERCRED).  In this fashion the handshake will be turned off
> > > when it can be, and when it can't (on the accepted socket) the attempt will
> > > error but that error will be ignored.
> > 
> > Sorry Mark, but I don't understand how you concluded that ignoring the
> > error from setsockopt(SO_PEERCRED) is the solution I pointed out above.
> > 
> > The right thing to do is to call setsockopt(SO_PEERCRED) (and check its
> > return value) before calling listen() on the accepting socket.  The
> > no_getpeereid property gets propagated to the accepted sockets and thus
> > there's no need to call it again for these sockets.
> 
> The strategy requires more precise language than I used, sorry.  I do
> understand what you're saying most recently, and have since my "of course"
> statement.
> 
> Inside the Python runtime environment, I only get visibility to the socket
> Cygwin has provided at one point, which is where Python inits its own
> context for that socket.  I can't tell whether the socket is the result of a
> socket() call or from an accept() call.  I can't even tell whether it's
> connected.  I can tell that it's AF_UNIX and can tell whether it's
> SOCK_DGRAM or SOCK_STREAM.

Ah, ok.  Sounds like a shitty interface to me, but if that's what you
have to work with...

> So in this constrained situation, I decided to just call
> setsockopt(SO_PEERCRED) and ignore any errors.  (Case 1:) If it doesn't
> error, the socket came from socket() and now has the peer handshake turned
> off.  (Case 2:) If it does error, the socket came from accept(), i.e. it's
> an accepted socket, and though we couldn't turn off handshake here, it's
> already turned off due to inheritance from the accepting socket.  The
> accepting socket has it turned off already because it was earlier Case 1
> (i.e. both ends of the connection get treated, as long as they are both
> Python apps).
> 
> I know that in general it's poor practice to ignore errors but given the
> constraints here and that the possible cases are (I believe) well known,
> this is a solution that works to solve the most recent issue and the
> original issue.  Now that I think about it, the patch could be tightened up
> by only ignoring EALREADY rather than ignoring all errors.  Would you be
> okay with that?

Sounds good to me.

Thanks for explaining the situation!


Corinna

next prev parent reply	other threads:[~2021-05-06 10:30 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1620046759893.5340@bmw.de>
     [not found] ` <2cde4128-6a3d-7431-6608-a2184d23964a@cornell.edu>
     [not found]   ` <af597ace-e986-35a0-9983-99256c440791@maxrnd.com>
2021-05-04  9:45     ` Mark Geisert
2021-05-04 12:27       ` Corinna Vinschen
2021-05-05  5:04         ` Mark Geisert
2021-05-06  8:35           ` Corinna Vinschen
2021-05-06  9:24             ` Mark Geisert
2021-05-06 10:30               ` Corinna Vinschen [this message]
2021-05-06 12:18                 ` Marco Atzeri

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YJPFQWH0KM1gqcdz@calimero.vinschen.de \
    --to=corinna-cygwin@cygwin.com \
    --cc=cygwin-developers@cygwin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).