C remusock: a tool to make a local unix domain socket available on a remote machine

[jbo@]

Would you be able to add a list of possible use-cases / scenarios for this piece of software? Might go well in the repo's readme.

 

[zirias@]

Well, one reason to post this thread was to find out whether someone would have a usecase (and whether it would be useful if I added stuff like TLS and authentication). So far, I only know my own (slightly obscure) usecase:

The standard way for an MTA to use dovecot's authentication is through a local unix socket. This is supported by exim. dovecot has the option to offer a TCP socket for auth as well, but unfortunately, exim can't use it. I have a setup with an internal mailer and an external "mail gateway", both have dovecot and exim installed. For auth, the external MTA needs to use the internal dovecot's socket, cause dovecot in proxy mode uses some kind of tunneled auth and the external dovecot socket will succeed with any credentials (I only noticed that after some spammer started abusing my external MTA) I had to disable authenticated relaying quickly, and to re-enable it, I wrote this tool…

I think kpedersen (?) outlined another possible usecase in a different thread: forwarding X11's local socket to a jail on the same machine that's on a different FS. Not sure whether this has been tested so far

Jose: lol – there are for sure obscure optimizations, not all conforming to the C standard. But from -O3, you should expect that it respects the standard. So, if the result is broken, either your code or the compiler is broken – and in this case, I couldn't blame the compiler, without volatile, it's indeed incorrect. Guess last year, I was mislead to believe volatile was already implied by sig_atomic_t.

 

[covacat]

stunnel seems to support af_unix sockets so some interest exists

 

[zirias@]

Now that I released my poser framework, I also refactored "remusock" to use it (and drop a lot of built-in code). Actually, most of the code that's now in "poser" started its life with "remusock"

As "poser" already has TLS support for both servers and clients available, this would give the chance to offer encrypted TLS connections in "remusock" as well. Of course, just adding encryption won't add much value, but when some authn/authz is added as well, this would allow using "remusock" across untrusted networks, making it much more useful in general.

Now, I'm thinking about how to implement authn/authz.

The by far easiest solution seems to rely on (X.509) client certificates (could require them to be issued by some private CA, and maybe additionally have a list of allowed subject names ...). On the plus side, X.509 is proven and secure. On the "dev plus side" (for me ), there would be no need to change the protocol, authentication would take place in the TLS handshake before the application protocol even starts

On the other hand, lots of people seem to struggle with using (and maintaining) certificates, let alone setting up their own CA.

Asking for opinions here, do you think client certificate auth is a good idea? Or should I design something more "simple", like pre-shared keys or user/password credentials (with their drawbacks regarding security)?