[3.13] gh-122133: Authenticate socket connection for socket.socketpair() fallback (GH-122134) (GH-122424)

Authenticate socket connection for `socket.socketpair()` fallback when the platform does not have a native `socketpair` C API. We authenticate in-process using `getsocketname` and `getpeername` (thanks to Nathaniel J Smith for that suggestion). (cherry picked from commit 78df1043db) Co-authored-by: Seth Michael Larson <seth@python.org> Co-authored-by: Gregory P. Smith <greg@krypto.org>
2025-07-09 20:35:26 +00:00 · 2024-07-30 05:40:02 +02:00 · 2024-07-30 05:40:02 +02:00 · b252317956
commit b252317956
parent 55554fd215
3 changed files with 147 additions and 3 deletions
--- a/Lib/socket.py
+++ b/Lib/socket.py
@ -650,6 +650,23 @@ else:
                raise
        finally:
            lsock.close()
+
+        # Authenticating avoids using a connection from something else
+        # able to connect to {host}:{port} instead of us.
+        # We expect only AF_INET and AF_INET6 families.
+        try:
+            if (
+                ssock.getsockname() != csock.getpeername()
+                or csock.getsockname() != ssock.getpeername()
+            ):
+                raise ConnectionError("Unexpected peer connection")
+        except:
+            # getsockname() and getpeername() can fail
+            # if either socket isn't connected.
+            ssock.close()
+            csock.close()
+            raise
+
        return (ssock, csock)
    __all__.append("socketpair")