diff options
author | Kali Kaneko <kali@leap.se> | 2015-02-23 11:54:16 -0400 |
---|---|---|
committer | Ivan Alejandro <ivanalejandro0@gmail.com> | 2015-02-23 15:34:36 -0300 |
commit | e3ddc783ca9fb21105845d275a4b38ad6b2cd3e2 (patch) | |
tree | e65c35d3c065459e38f1b89d3a3cdb804a78bb37 /src/leap/bitmask | |
parent | 00b8cbaa31d48326b36928228269ac14276fd5ee (diff) |
Use unix sockets for the fallback, and set permissions
... on them, to user-writeable only.
I think we could consider ipc for the curve-case too, at least for the
platforms that support them.
Diffstat (limited to 'src/leap/bitmask')
-rw-r--r-- | src/leap/bitmask/backend/backend.py | 14 | ||||
-rw-r--r-- | src/leap/bitmask/backend/backend_proxy.py | 7 | ||||
-rw-r--r-- | src/leap/bitmask/backend/signaler.py | 7 | ||||
-rw-r--r-- | src/leap/bitmask/backend/signaler_qt.py | 12 |
4 files changed, 30 insertions, 10 deletions
diff --git a/src/leap/bitmask/backend/backend.py b/src/leap/bitmask/backend/backend.py index 32f5c953..cff731ba 100644 --- a/src/leap/bitmask/backend/backend.py +++ b/src/leap/bitmask/backend/backend.py @@ -20,6 +20,7 @@ # TODO use txzmq bindings instead. import json +import os import threading import time @@ -47,12 +48,15 @@ class Backend(object): Backend server. Receives signals from backend_proxy and emit signals if needed. """ - # XXX this should not be hardcoded. Make it configurable. - PORT = '5556' - # XXX we might want to make this configurable per-platform, # and use the most performant socket type on each one. - BIND_ADDR = "tcp://127.0.0.1:%s" % PORT + if flags.ZMQ_HAS_CURVE: + # XXX this should not be hardcoded. Make it configurable. + PORT = '5556' + BIND_ADDR = "tcp://127.0.0.1:%s" % PORT + else: + SOCKET_FILE = "/tmp/bitmask.socket.0" + BIND_ADDR = "ipc://%s" % SOCKET_FILE PING_INTERVAL = 2 # secs @@ -92,6 +96,8 @@ class Backend(object): socket.curve_server = True # must come before bind socket.bind(self.BIND_ADDR) + if not flags.ZMQ_HAS_CURVE: + os.chmod(self.SOCKET_FILE, 0600) self._zmq_socket = socket diff --git a/src/leap/bitmask/backend/backend_proxy.py b/src/leap/bitmask/backend/backend_proxy.py index 06e6d840..b2f79a70 100644 --- a/src/leap/bitmask/backend/backend_proxy.py +++ b/src/leap/bitmask/backend/backend_proxy.py @@ -42,8 +42,11 @@ class BackendProxy(object): to the backend. """ - PORT = '5556' - SERVER = "tcp://localhost:%s" % PORT + if flags.ZMQ_HAS_CURVE: + PORT = '5556' + SERVER = "tcp://localhost:%s" % PORT + else: + SERVER = "ipc:///tmp/bitmask.socket.0" POLL_TIMEOUT = 4000 # ms POLL_TRIES = 3 diff --git a/src/leap/bitmask/backend/signaler.py b/src/leap/bitmask/backend/signaler.py index a8498d11..aec2f606 100644 --- a/src/leap/bitmask/backend/signaler.py +++ b/src/leap/bitmask/backend/signaler.py @@ -37,8 +37,11 @@ class Signaler(object): Signaler client. Receives signals from the backend and sends to the signaling server. """ - PORT = "5667" - SERVER = "tcp://localhost:%s" % PORT + if flags.ZMQ_HAS_CURVE: + PORT = "5667" + SERVER = "tcp://localhost:%s" % PORT + else: + SERVER = "ipc:///tmp/bitmask.socket.1" POLL_TIMEOUT = 2000 # ms POLL_TRIES = 500 diff --git a/src/leap/bitmask/backend/signaler_qt.py b/src/leap/bitmask/backend/signaler_qt.py index 94c24648..b7f48d21 100644 --- a/src/leap/bitmask/backend/signaler_qt.py +++ b/src/leap/bitmask/backend/signaler_qt.py @@ -18,6 +18,7 @@ Signaling server. Receives signals from the signaling client and emit Qt signals for the GUI. """ +import os import threading import time @@ -42,8 +43,12 @@ class SignalerQt(QtCore.QObject): Signaling server. Receives signals from the signaling client and emit Qt signals for the GUI. """ - PORT = "5667" - BIND_ADDR = "tcp://127.0.0.1:%s" % PORT + if flags.ZMQ_HAS_CURVE: + PORT = "5667" + BIND_ADDR = "tcp://127.0.0.1:%s" % PORT + else: + SOCKET_FILE = "/tmp/bitmask.socket.1" + BIND_ADDR = "ipc://%s" % SOCKET_FILE def __init__(self): QtCore.QObject.__init__(self) @@ -86,6 +91,9 @@ class SignalerQt(QtCore.QObject): socket.bind(self.BIND_ADDR) + if not flags.ZMQ_HAS_CURVE: + os.chmod(self.SOCKET_FILE, 0600) + while self._do_work.is_set(): # Wait for next request from client try: |