1 |
Dnia 2015-01-25, o godz. 13:43:14 |
2 |
Zac Medico <zmedico@g.o> napisał(a): |
3 |
|
4 |
> On 01/25/2015 06:00 AM, Michał Górny wrote: |
5 |
> > diff --git a/bin/socks5-server.py b/bin/socks5-server.py |
6 |
> > new file mode 100644 |
7 |
> > index 0000000..c079018 |
8 |
> > --- /dev/null |
9 |
> > +++ b/bin/socks5-server.py |
10 |
> > @@ -0,0 +1,218 @@ |
11 |
> > +#!/usr/bin/env python |
12 |
> > +# SOCKSv5 proxy server for network-sandbox |
13 |
> > +# Copyright 2015 Gentoo Foundation |
14 |
> > +# Distributed under the terms of the GNU General Public License v2 |
15 |
> > + |
16 |
> > +import asyncore |
17 |
> > +import errno |
18 |
> > +import socket |
19 |
> > +import struct |
20 |
> > +import sys |
21 |
> > + |
22 |
> > + |
23 |
> > +class ProxyConnection(asyncore.dispatcher_with_send): |
24 |
> > + _addr = None |
25 |
> > + _connected = False |
26 |
> > + _family = socket.AF_INET |
27 |
> > + _proxy_conn = None |
28 |
> > + |
29 |
> > + def __init__(self, proxy_conn): |
30 |
> > + self._proxy_conn = proxy_conn |
31 |
> > + asyncore.dispatcher_with_send.__init__(self) |
32 |
> > + self.create_socket(self._family, socket.SOCK_STREAM) |
33 |
> > + |
34 |
> > + def start_connection(self, host, port): |
35 |
> > + try: |
36 |
> > + self.connect((host, port)) |
37 |
> > + except: |
38 |
> > + self.handle_error() |
39 |
> |
40 |
> This except handler should at least allow SystemExit and |
41 |
> KeyboardInterrupt to raise. |
42 |
|
43 |
handle_error() has conditional exception reraising code. |
44 |
|
45 |
> > diff --git a/pym/portage/package/ebuild/_config/special_env_vars.py b/pym/portage/package/ebuild/_config/special_env_vars.py |
46 |
> > index 6bb3c95..905d5e7 100644 |
47 |
> > --- a/pym/portage/package/ebuild/_config/special_env_vars.py |
48 |
> > +++ b/pym/portage/package/ebuild/_config/special_env_vars.py |
49 |
> > @@ -71,7 +71,7 @@ environ_whitelist += [ |
50 |
> > "PORTAGE_PYM_PATH", "PORTAGE_PYTHON", |
51 |
> > "PORTAGE_PYTHONPATH", "PORTAGE_QUIET", |
52 |
> > "PORTAGE_REPO_NAME", "PORTAGE_REPOSITORIES", "PORTAGE_RESTRICT", |
53 |
> > - "PORTAGE_SIGPIPE_STATUS", |
54 |
> > + "PORTAGE_SIGPIPE_STATUS", "PORTAGE_SOCKS5_PROXY", |
55 |
> > "PORTAGE_TMPDIR", "PORTAGE_UPDATE_ENV", "PORTAGE_USERNAME", |
56 |
> > "PORTAGE_VERBOSE", "PORTAGE_WORKDIR_MODE", "PORTAGE_XATTR_EXCLUDE", |
57 |
> > "PORTDIR", "PORTDIR_OVERLAY", "PREROOTPATH", |
58 |
> |
59 |
> The DISTCC_SOCKS_PROXY variable should also be added to the whitelist. |
60 |
|
61 |
There's a regexp for DISTCC_* below. |
62 |
|
63 |
> Other than these 2 minor issues, the patch looks to me. I guess there's |
64 |
> no point in using portage's event loop instead of asyncore, since we |
65 |
> want the proxy to drop privileges, and therefore it can't run in the |
66 |
> main portage process. |
67 |
|
68 |
To be honest, I didn't even think about it. Asyncore seemed like |
69 |
the Python way of doing non-blocking socket I/O. |
70 |
|
71 |
-- |
72 |
Best regards, |
73 |
Michał Górny |