diff options
author | Guido van Rossum <guido@python.org> | 1997-07-19 21:33:10 (GMT) |
---|---|---|
committer | Guido van Rossum <guido@python.org> | 1997-07-19 21:33:10 (GMT) |
commit | e0c69013697efbff6edba8a3c349a8ef64a5fa68 (patch) | |
tree | 98cef73af52cb1673da35d9f98f652e0c247dd94 | |
parent | 42ded89c088a2b101731c5106b08299341cf7deb (diff) | |
download | cpython-e0c69013697efbff6edba8a3c349a8ef64a5fa68.zip cpython-e0c69013697efbff6edba8a3c349a8ef64a5fa68.tar.gz cpython-e0c69013697efbff6edba8a3c349a8ef64a5fa68.tar.bz2 |
Added leading comment and security check.
-rw-r--r-- | Demo/pysvr/pysvr.c | 33 |
1 files changed, 28 insertions, 5 deletions
diff --git a/Demo/pysvr/pysvr.c b/Demo/pysvr/pysvr.c index f6f9e08..133b785 100644 --- a/Demo/pysvr/pysvr.c +++ b/Demo/pysvr/pysvr.c @@ -1,3 +1,13 @@ +/* A multi-threaded telnet-like server that gives a Python prompt. + +Usage: pysvr [port] + +For security reasons, it only accepts requests from the current host. +This can still be insecure, but restricts violations from people who +can log in on your machine. Use with caution! + +*/ + #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -88,8 +98,8 @@ usage() static void main_thread(int port) { - int sock; - struct sockaddr_in addr; + int sock, conn, size; + struct sockaddr_in addr, clientaddr; sock = socket(PF_INET, SOCK_STREAM, 0); if (sock < 0) { @@ -117,9 +127,7 @@ main_thread(int port) fprintf(stderr, "Listening on port %d...\n", port); for (;;) { - struct sockaddr_in clientaddr; - int conn, size; - + size = sizeof clientaddr; conn = accept(sock, (struct sockaddr *) &clientaddr, &size); if (conn < 0) { oprogname(); @@ -127,6 +135,21 @@ main_thread(int port) exit(1); } + size = sizeof addr; + if (getsockname(conn, (struct sockaddr *)&addr, &size) < 0) { + oprogname(); + perror("can't get socket name of connection"); + exit(1); + } + if (clientaddr.sin_addr.s_addr != addr.sin_addr.s_addr) { + oprogname(); + perror("connection from non-local host refused"); + fprintf(stderr, "(addr=%lx, clientaddr=%lx)\n", + ntohl(addr.sin_addr.s_addr), + ntohl(clientaddr.sin_addr.s_addr)); + close(conn); + continue; + } create_thread(conn, &clientaddr); } } |