Socket creator

This is not about the goal for it, everybody here knows that ;-). Here are some ideas about implementation.

The process itself

There's discussion on the mailing list. My idea was not to use any unnecessary libraries and minimise both the complexity of code and the amount of code running. However, the use of pointers is questionable.

The comunnication now needs a unix domain socket (it is impossible to send created sockets over a pipe, at last on linux), the process expects it to be dup()ed to it's stdio.

On some systems, it should be possible to drop all privileges except the one to create low-number ports, which would increase the security even more.

Transfer of sockets

The other processes should communicate with Boss somehow. The socket creator should be hidden behind it. We either need to send it trough the msgq (which would need to learn how, but it would make sense, it could be used to transfer sockets between ath and xfrout as well and unify it) or the process needs to create a new unix socket each time to boss. This should be hidden in some kind of library, so the process can just call getSocket(port, address) and use it.


The Boss should cache the created sockets. It there are multiple auth servers, for example, they will want to have the same socket probably. So when the next request for the same socket comes, Boss should provide it out of its pocket instead of asking the socket creator. For this reason, all request for soctkets should go to the socket creator (at last these that can be shared, no need for that in case of randomly generated ports for asking other servers).

This needs some way to close the sockets when they are not needed any more. So the processes that ask for sockets should release them when they are not needed. However, if the process crashes, it should be released too ‒ we might need a way to subscribe to the msgq and ask it for notification of disconnected clients (we would know ID of the process that asked us for the socket, so we know what sockets to release).

Current status

The process itself is working, however it contains pointers. Boss contains empty class for parser (no implementation yet) and tests for it. However, the protocol might change. It is in the branches/vorner-sockcreator branch. The protocol is described in the README file there. Anyone is welcome to take it over and continue.

Last modified 7 years ago Last modified on Oct 27, 2010, 6:01:10 PM