gh-122133: Authenticate socket connection for socket.socketpair() fallback (GH-122134)

* Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API. We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion). Co-authored-by: Gregory P. Smith <greg@krypto.org>
2025-08-04 08:59:19 +00:00 · 2024-07-29 16:44:35 -05:00 · 2024-07-29 16:44:35 -05:00 · 78df1043db
commit 78df1043db
parent 76bdfa4cd0
3 changed files with 147 additions and 3 deletions
--- a/Lib/socket.py
+++ b/Lib/socket.py
@ -650,6 +650,23 @@ else:
                raise
        finally:
            lsock.close()
+
+        # Authenticating avoids using a connection from something else
+        # able to connect to {host}:{port} instead of us.
+        # We expect only AF_INET and AF_INET6 families.
+        try:
+            if (
+                ssock.getsockname() != csock.getpeername()
+                or csock.getsockname() != ssock.getpeername()
+            ):
+                raise ConnectionError("Unexpected peer connection")
+        except:
+            # getsockname() and getpeername() can fail
+            # if either socket isn't connected.
+            ssock.close()
+            csock.close()
+            raise
+
        return (ssock, csock)
    __all__.append("socketpair")