GNOME Bugzilla – Bug 727563
no way to use Unix Domain Sockets (AF_UNIX or AF_LOCAL)
Last modified: 2018-09-21 16:20:12 UTC
Currently there isn't any way to use Unix Domain Sockets with libsoup. There is a patch floating around that allows soup_server to accept an already open socket, I think this is mostly used for systemd, but could help here. But I don't see any way to do this for the client side yet. I believe one of the major blockers on this is what URI to use that would specify a unix domain socket? I don't see anything in the client code that would allow working directly with a socket, everything expects a URI of some sort. And how do we encapsulate a local socket into a URI? Thanks
some additional info in this thread.. https://mail.gnome.org/archives/libsoup-list/2013-January/msg00002.html
continued here https://mail.gnome.org/archives/libsoup-list/2013-February/msg00001.html and here https://mail.gnome.org/archives/libsoup-list/2013-March/msg00000.html
[mass-moving all "UNCONFIRMED" libsoup bugs to "NEW" after disabling the "UNCONFIRMED" status for this product now that bugzilla.gnome.org allows that. bugspam-libsoup-20150210]
This feature would be really useful in snapd-glib [1]. We're currently using hand-written HTTP parsing code and as much of libsoup as we can but would much prefer to use libsoup with a unix socket. I've read the threads and looked at the code and I'm not sure the correct way this should be implemented in libsoup. If someone can give me some pointers I'd be happy to work on a patch. [1] https://launchpad.net/snapd-glib
It would also be nice for communicating with Docker.
(In reply to Robert Ancell from comment #4) > I've read the threads and looked at the code and I'm not sure the correct > way this should be implemented in libsoup. If someone can give me some > pointers I'd be happy to work on a patch. The linked thread was about connecting to a proxy server listening on a UNIX-domain socket and was mostly about trying to get around restrictions in GProxy; talking directly to an HTTP server on a UNIX domain socket would be much simpler. Basically it just comes down to: - Figure out an appropriate way to represent this in a URI (a little bit weird since you have to be able to specify both the path to the socket and the HTTP path to request after connecting to the socket). There might be precedent in other HTTP libraries we could follow. - Add support for connecting to such URIs in SoupSession... I think this would probably involve making SoupConnection into a GTypeInterface and moving the existing code to "SoupConnectionHTTP" and adding a new SoupConnectionUnix with the connecting-to-a-unix-socket code. Or maybe the amount of changed code would be so small that it would make more sense to just put both HTTP and unix into the existing SoupConnection. You'd also have to figure out if it made more sense to extend SoupSocket with unix-domain socket support, or to just bypass SoupSocket in this case and use GSocket directly.
Created attachment 371916 [details] [review] 0001-Allow-http-over-unix-socket.patch In theory we could do something like this (also prototyped in the attached patch): 1. Add an option to SoupSession to specify that Unix sockets have to be used (e.g. SOUP_SESSION_UNIX_SOCKET_PATH specifying also the path to the socket) 2. This option will be passed through to SoupConnection 3. Allow AF_UNIX in SoupAddress 4. If is SOUP_SESSION_UNIX_SOCKET_PATH, SoupConnection will create a SoupAddress with the correct family type 5. Regarding the uri we just need to skip the host part (e.g. http:///login) This is a solution similar to the one proposed by libcurl. Other possible solutions: 1. The one proposed by requests-unixsocket (urlencode the path to the socket e.g. http+unix://%2Fvar%2Frun%2Fdocker.sock/info). 2. Adding a mapping between a mock hostname and a socketpath. I saw some library doing that, but I cannot find them right now. Also do we need to support just client-side use of the library or server-side too? P.S. The attached patch is intended just to show the overall idea and to start a discussion.
Review of attachment 371916 [details] [review]: ::: libsoup/soup-session.c @@ +3871,3 @@ + **/ + /** + * SoupSession:nix-socket-path: Missing 'u' after ':'
When thinking about this I came to the conclusion that you wouldn't want to do the 'http+unix://' style URLs (your alternative option 1) as this could accidentally allow libsoup clients to connect to random unix sockets (i.e. it would introduce a security risk). I was thinking of going down the path of explicitly making the hostname map to a unix socket (your alternative option 2). i.e. soup_sessing_map_host_to_unix_socket (session, "snapd", "/run/snapd.socket"); then using "http://snapd/v2/snaps" etc. However, I don't think there's any practical case where this would be more useful than what your patch is proposing. And the map would probably be a more complex solution. It feels odd to me that the hostname is completely ignored, but it seems to work fine for curl.
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/libsoup/issues/75.