diff options
author | Andrew M. Kuchling <amk@amk.ca> | 2005-12-04 15:07:41 (GMT) |
---|---|---|
committer | Andrew M. Kuchling <amk@amk.ca> | 2005-12-04 15:07:41 (GMT) |
commit | 3a97605500919ceeff8c6cd2dd7d352baa1142d8 (patch) | |
tree | a04ece7d62a1d1376f0579536bf9e2c1a60cd657 | |
parent | cf6b7c99d9242a2c811035eb5e6486e8054e549c (diff) | |
download | cpython-3a97605500919ceeff8c6cd2dd7d352baa1142d8.zip cpython-3a97605500919ceeff8c6cd2dd7d352baa1142d8.tar.gz cpython-3a97605500919ceeff8c6cd2dd7d352baa1142d8.tar.bz2 |
[Bug #1222790] Set reuse-address and close-on-exec flags on the HTTP listening socket
-rw-r--r-- | Lib/SimpleXMLRPCServer.py | 12 | ||||
-rw-r--r-- | Misc/NEWS | 3 |
2 files changed, 14 insertions, 1 deletions
diff --git a/Lib/SimpleXMLRPCServer.py b/Lib/SimpleXMLRPCServer.py index 5e39840..ae06bda 100644 --- a/Lib/SimpleXMLRPCServer.py +++ b/Lib/SimpleXMLRPCServer.py @@ -104,7 +104,7 @@ from xmlrpclib import Fault import SocketServer import BaseHTTPServer import sys -import os +import os, fcntl def resolve_dotted_attribute(obj, attr, allow_dotted_names=True): """resolve_dotted_attribute(a, 'b.c.d') => a.b.c.d @@ -465,6 +465,8 @@ class SimpleXMLRPCServer(SocketServer.TCPServer, from SimpleXMLRPCDispatcher to change this behavior. """ + allow_reuse_address = True + def __init__(self, addr, requestHandler=SimpleXMLRPCRequestHandler, logRequests=1): self.logRequests = logRequests @@ -472,6 +474,14 @@ class SimpleXMLRPCServer(SocketServer.TCPServer, SimpleXMLRPCDispatcher.__init__(self) SocketServer.TCPServer.__init__(self, addr, requestHandler) + # [Bug #1222790] If possible, set close-on-exec flag; if a + # method spawns a subprocess, the subprocess shouldn't have + # the listening socket open. + if hasattr(fcntl, 'FD_CLOEXEC'): + flags = fcntl.fcntl(self.fileno(), fcntl.F_GETFD) + flags |= fcntl.FD_CLOEXEC + fcntl.fcntl(self.fileno(), fcntl.F_SETFD, flags) + class CGIXMLRPCRequestHandler(SimpleXMLRPCDispatcher): """Simple handler for XML-RPC data passed through CGI.""" @@ -448,6 +448,9 @@ Library disables recursive traversal through instance attributes, which can be exploited in various ways. +- Bug #1222790: in SimpleXMLRPCServer, set the reuse-address and close-on-exec + flags on the HTTP listening socket. + - Bug #1110478: Revert os.environ.update to do putenv again. - Bug #1103844: fix distutils.install.dump_dirs() with negated options. |