[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: spipe optimization: avoid socketpair(2) when unnecessary
On 04/14/13 16:42, Bill Trost wrote:
> Colin Percival wrote:
> On 04/14/13 16:02, Bill Trost wrote:
> > Below is a quick hack to eliminate the socket pair used to
> > pushbits in the case that file descriptor 0 really is a socket.
>
> Interesting -- do you have a use case where this optimization
> is likely to matter? It seems to me that this is only relevant
> if you are pushing a very large number of bits through; and
> even then, I'd expect the cryptographic work to overwhelm the
> data-copying and keep the speedup from this to a minimum.
>
> I agree. My plan was to use this between thunderbird and an
> spipe connection to my IMAP client, using a little wrapper
> around spipe to verify that the connecting client has the
> same user ID as the wrapper. It seemed easier than trying to
> convince thunderbird to connect to a unix-domain socket....
I take it you're on a multi-user system? I use spiped to protect
connections from my laptop to my POP3 server, but I'm the only user
on my laptop (by which I mean "human", not uid), and my POP3 account
has a password on it anyway, so I'm not too concerned about checking
which uid is connecting to 127.0.0.1:110.
> > [...]
> > /* Set up a connection. */
> > - if (proto_conn_create(s[1], sas_t, 0, opt_f, K, opt_o,
> > + if (proto_conn_create(socket0 ? 0 : s[1], sas_t, 0, opt_f, K, opt_o,
>
> This is a bug.... In some cases spipe will be called with
> descriptors 0 and 1 being the same socket, but not always...
>
> Wow, talk about obscure use cases! :-)
>
> Yeah, I can see where someone might want to do that. OK, never
> mind, I never claimed it was a particularly good idea....
Actually, I like this idea -- it just needs a bit more work. :-)
--
Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid