Hi Gary,

ACK from me.

Best Regards,
ThuanTr

-----Original Message-----
From: Gary Lee <gary....@dektech.com.au> 
Sent: Friday, October 11, 2019 10:33 AM
To: hans.nordeb...@ericsson.com; minh.c...@dektech.com.au; 
thuan.t...@dektech.com.au
Cc: opensaf-devel@lists.sourceforge.net
Subject: Re: [PATCH 1/1] osaf: perform handshake in tcp_server in new thread 
[#3099]

Hi

I should have put one more comment in.

Currently, the handshake is done in the equivalent of accept() running 
in the 'main thread'. If a client is malicious or faulty, then no one 
else can connect. But finish_request() is run from the thread created 
for each client.

Gary

On 11/10/19 2:22 pm, Gary Lee wrote:
> ---
>   src/osaf/consensus/plugins/tcp/tcp_server.py | 7 ++++++-
>   1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/src/osaf/consensus/plugins/tcp/tcp_server.py 
> b/src/osaf/consensus/plugins/tcp/tcp_server.py
> index a7f22f2..c10859c 100755
> --- a/src/osaf/consensus/plugins/tcp/tcp_server.py
> +++ b/src/osaf/consensus/plugins/tcp/tcp_server.py
> @@ -73,10 +73,15 @@ class ThreadedRPCServer(ThreadingMixIn,
>               certfile=CERTFILE,
>               keyfile=KEYFILE,
>               cert_reqs=ssl.CERT_NONE,
> -            ssl_version=ssl.PROTOCOL_TLSv1_2)
> +            ssl_version=ssl.PROTOCOL_TLSv1_2,
> +            do_handshake_on_connect=False)
>           self.server_bind()
>           self.server_activate()
>   
> +    def finish_request(self, request, client_address):
> +         request.do_handshake()
> +         return SimpleXMLRPCServer.finish_request(self, request, 
> client_address)
> +
>   
>   class Arbitrator(object):
>       """ Implementation of a simple arbitrator """




_______________________________________________
Opensaf-devel mailing list
Opensaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensaf-devel

Reply via email to