On 2/16/07, Patrick Dowler <patrick.dowler-at-nrc-cnrc.gc.ca> wrote:
> On a multi-user machine, the initial hand-shake could exchange the user-name
> to make sure client and hub are running under the same user (spoofable, but
> we aren't trying to make this overly secure, just simple for users).
>
> If there is a collision on the port in a multi-user environment, just
> increment the port number and try again. So clients and hubs start by
> connecting to port N and checking the user; if they connect and find the same
> user is running the hub, the client proceeds and the (2nd) hub terminates
> quietly (or not). If the new hub doesn't find anything, it tries to take the
> port (starts listening). If the client or hub finds a hub but user doesn't
> match, they try again on port N+1. If the client doesn't find a hub, it
> probably has to check higher port numbers (in case that users hub was not the
> first to start and hence is on port N+something). For sanity and quick
> failure, one would want relatively short socket connection timeouts and to
> limit the number of times one would increment the port number and try again.
Admittedly it will be a rare case, but I think I see a hole in this
scheme: Assume
two users start msg-enabled apps at about the same time, so the first users
get the well-know port (say 2000) and the second user gets (N+1, 2001). If
the first user shuts down then port 2000 is now free, if the second user then
starts another msg-enabled app in their session it will try to connect
to port 2000
and/or possibly start a second hub since the port is free and it has
no reason to
look for N+1.
How about a scheme where the address is some agreed base value (call
it 2000) but apps/hubs use the userid as an offset? This guarantees a
unique
port for each user, can be overridden by an env var to start a separate session,
and avoids "port scanning" since a user will only every try a single
port number.
I dont know if Windows has a concept of 'userid' but they could just fallback to
the base address anyway. Assuming the userid is the same across a LAN all
we need is a host name to connect to "our" hub on a remote machine since
we'll already know what the port will be.
-Mike Received on 2007-02-17Z06:15:58