qrexec-client: Use XID to connect to qrexec daemon when possible

Unlike domain name, the Xen domain ID (XID) is guaranteed to not be
reused until reboot.  It is currently possible for qrexec-client to use
the XID for all connections to the source VM, but not for connections to
the destination VM.

Author: DemiMarie

daemon/qrexec-client.c

@@ -603,6 +603,13 @@ int main(int argc, char **argv)
         usage(argv[0]);
     }
 
+    char src_domain_id_str[11];
+    {
+        int snprintf_res = snprintf(src_domain_id_str, sizeof(src_domain_id_str), "%d", src_domain_id);
+        if (snprintf_res < 0 || snprintf_res >= (int)sizeof(src_domain_id_str))
+            err(1, "snprintf()");
+    }
+
     if (strcmp(domname, "dom0") == 0 || strcmp(domname, "@adminvm") == 0) {
         if (request_id != NULL) {
             msg_type = MSG_SERVICE_CONNECT;
@@ -617,7 +624,7 @@ int main(int argc, char **argv)
             abort();
         }
         set_remote_domain(src_domain_name);
-        s = connect_unix_socket(src_domain_name);
+        s = connect_unix_socket(src_domain_id_str);
         negotiate_connection_params(s,
                 0, /* dom0 */
                 msg_type,
@@ -676,7 +683,7 @@ int main(int argc, char **argv)
         buffer_init(&stdin_buffer);
         prepare_ret = prepare_local_fds(local_cmdline, &stdin_buffer);
         if (request_id) {
-            s = connect_unix_socket(src_domain_name);
+            s = connect_unix_socket(src_domain_id_str);
             send_service_connect(s, request_id, data_domain, data_port);
             close(s);
             if (wait_connection_end) {

qrexec/tests/socket/daemon.py

@@ -493,9 +493,12 @@ def stop_client(self):
             self.client.communicate()
             self.client = None
 
-    def connect_daemon(self, domain_name):
+    def connect_daemon(self, domain_id, domain_name):
+        assert isinstance(domain_id, int), "domain ID is first"
+        assert isinstance(domain_name, str), "domain name is second"
         daemon = qrexec.socket_server(
-            os.path.join(self.tempdir, "qrexec.{}".format(domain_name))
+            os.path.join(self.tempdir, "qrexec.{}".format(domain_id)),
+            os.path.join(self.tempdir, "qrexec.{}".format(domain_name)),
         )
         self.addCleanup(daemon.close)
         return daemon
@@ -516,7 +519,7 @@ def test_run_vm_command_from_dom0(self):
         target_domain = 42
         target_port = 513
 
-        target_daemon = self.connect_daemon(target_domain_name)
+        target_daemon = self.connect_daemon(target_domain, target_domain_name)
         self.start_client(["-d", target_domain_name, cmd])
         target_daemon.accept()
         target_daemon.handshake()
@@ -552,7 +555,7 @@ def test_run_vm_command_from_dom0_with_local_command(self):
         target_domain = 42
         target_port = 513
 
-        target_daemon = self.connect_daemon(target_domain_name)
+        target_daemon = self.connect_daemon(target_domain, target_domain_name)
         self.start_client(["-d", target_domain_name, "-l", local_cmd, cmd])
         target_daemon.accept()
         target_daemon.handshake()
@@ -599,8 +602,8 @@ def test_run_vm_command_and_connect_vm(self):
         target_domain = 42
         target_port = 513
 
-        target_daemon = self.connect_daemon(target_domain_name)
-        src_daemon = self.connect_daemon(src_domain_name)
+        target_daemon = self.connect_daemon(target_domain, target_domain_name)
+        src_daemon = self.connect_daemon(src_domain, src_domain_name)
 
         self.start_client(
             [
@@ -649,7 +652,7 @@ def connect_service_request(self, cmd):
         src_domain = 43
         src_port = 42
 
-        src_daemon = self.connect_daemon(src_domain_name)
+        src_daemon = self.connect_daemon(src_domain, src_domain_name)
         source = self.connect_source(src_domain, src_port)
 
         self.start_client(

qrexec/tests/socket/qrexec.py

@@ -131,13 +131,21 @@ def vchan_server(socket_dir, domain, remote_domain, port):
     return socket_server(vchan_socket_path)
 
 
-def socket_server(socket_path):
+def socket_server(socket_path, socket_path_alt=None):
     try:
         os.unlink(socket_path)
     except FileNotFoundError:
         pass
+    if socket_path_alt is not None:
+        assert socket_path_alt[0] == '/', "path not absolute"
+        try:
+            os.unlink(socket_path_alt)
+        except FileNotFoundError:
+            pass
     server = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
     server.bind(socket_path)
+    if socket_path_alt is not None:
+        os.symlink(socket_path, socket_path_alt)
     server.listen(1)
     return QrexecServer(server)