IPC Unix domain socket / Windows named pipe #3742
Conversation
|
Travis passed the test. Codacy problems are coming from the Nailgun code's variable names. |
|
Why does this include a bunch of Nailgun source code? |
|
@dwijnand The only available nailgun artifact on Maven Central is 0.9.1, and the code that I am borrowing from them is fairly new stuff for nailgun 2.x. |
| prepareSocketfile() | ||
| new NGUnixDomainServerSocket(socketfile.getAbsolutePath) | ||
| case ConnectionType.Tcp => new ServerSocket(port, 50, InetAddress.getByName(host)) | ||
| case ConnectionType.Ssh => sys.error("ssh it not yet supported") |
There was a problem hiding this comment.
Hmm, maybe it's best to introduce this enum value when it's supported.
The Java socket implementation for IPC is lifted from facebook/nailgun. https://github.com/facebook/nailgun/tree/af623fddedfdca010df46302a0711ce0e2cc1ba6/
In addition to TCP, this adds sbt server support for IPC (interprocess communication) using Unix domain socket and Windows named pipe. The use of Unix domain socket has performance and security benefits.
|
Is there an issue about having a binary release on Maven Central? |
Binary release for Nailgun? 0.9.1 from 2012 is published, but there hasn't been public release yet since. The interesting bits that I am after were committed in 2017. It could mean that 0.9.2 is not yet out, or ppl are releasing in-house as app. |
Either of nailgun or a subset of nailgun that includes the classes we're importing here. I see you've created facebookarchive/nailgun#108 (comment) - I'd've preferred a standalone, more easily findable, issue, but I'm not going to make that get in the way of this landing. |
|
Would there be any security benefit to applying these same Sockets to ForkTests? Reading the code it seems like there's a very small window between ForkTests opening a loopback port and accepting at-most-one connections from the child process. So benefit seems minimal, at a glance, but would like to hear other opinions. |
|
I think any inter-process communication is worth reviewing to see either Unix domain socket and/or server is applicable. |
|
I filed #3938 after closer inspection of the NamedPipes code, because by my reading it looks like it would still allow other users on the same machine to snoop on traffic. |
Fixes #3723
In addition to TCP, this adds support for IPC (interprocess communication) using Unix domain socket and Windows named pipe. The Java socket implementation for IPC is lifted from facebook/nailgun, which is released under Apache v2.
The use of Unix domain socket has performance and security benefits.
Here's screenshot of this running on a Windows virtual machine:
serverConnectionType
This introduces a new setting key called
serverConnectionType, which is set toConnectionType.Localby default:The other option is
ConnectionType.Tcp.active.json
To communicate to the clients about the connection type, it uses URI with
local:as the protocol.