Hi I should have put one more comment in.
Currently, the handshake is done in the equivalent of accept() running in the 'main thread'. If a client is malicious or faulty, then no one else can connect. But finish_request() is run from the thread created for each client.
Gary On 11/10/19 2:22 pm, Gary Lee wrote:
--- src/osaf/consensus/plugins/tcp/tcp_server.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/osaf/consensus/plugins/tcp/tcp_server.py b/src/osaf/consensus/plugins/tcp/tcp_server.py index a7f22f2..c10859c 100755 --- a/src/osaf/consensus/plugins/tcp/tcp_server.py +++ b/src/osaf/consensus/plugins/tcp/tcp_server.py @@ -73,10 +73,15 @@ class ThreadedRPCServer(ThreadingMixIn, certfile=CERTFILE, keyfile=KEYFILE, cert_reqs=ssl.CERT_NONE, - ssl_version=ssl.PROTOCOL_TLSv1_2) + ssl_version=ssl.PROTOCOL_TLSv1_2, + do_handshake_on_connect=False) self.server_bind() self.server_activate()+ def finish_request(self, request, client_address):+ request.do_handshake() + return SimpleXMLRPCServer.finish_request(self, request, client_address) +class Arbitrator(object):""" Implementation of a simple arbitrator """
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Opensaf-devel mailing list Opensaf-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/opensaf-devel
