On Oct 13 07:37, Christian Franke wrote: > Corinna Vinschen wrote: > >On Oct 10 20:04, Corinna Vinschen wrote: > >>In short, the whole code is written under the assumption that any sane > >>application calling nonblocking connect would always call select/poll to > >>check if connect succeeded in the first place. Obviously, as postfix > >>shows, this is a wrong assumption. > >> > >>I'm not yet sure how to fix this, but I'll look into this next week. > >I applied a fix which, I think, is much more elegant than the former > >solution. The af_local_connect call is now called as soon as an > >FD_CONNECT event is generated and read by a call to wait_event. It > >worked for me, so I have tender hopes that I didn't miss something. > > > >I also applied your patch on top of this new stuff and I'm just building > >a new developer snapshot for testing. > > A quick test of current postfix draft with the snapshot works as expected. > Thanks.
Did you run other network-related tools, too, in the meantime? Any fallout which could be a result my change? > > In setsockopt I added a check for > >socket family and type so setsockopt(SO_PEERCRED) only works for > >AF_LOCAL/SOCK_STREAM sockets, just as the entire handshake stuff. > > Probably not needed because this check was already in > af_local_set_no_getpeereid() itself. Doh! I reverted this part of my change. I completely missed the redundancy here, sorry. > > I > >also added a comment to explain why we do this and a FIXME comment so we > >don't forget we're still looking for a more generic solution for the > >SO_PEERCRED exchange. > > Definitely, at least because the current AF_LOCAL emulation has some > security issues. -v? Thanks, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgpqci1iA9oyK.pgp
Description: PGP signature
