From 3a97605500919ceeff8c6cd2dd7d352baa1142d8 Mon Sep 17 00:00:00 2001
From: "Andrew M. Kuchling" <amk@amk.ca>
Date: Sun, 4 Dec 2005 15:07:41 +0000
Subject: [Bug #1222790] Set reuse-address and close-on-exec flags on the HTTP
 listening socket

---
 Lib/SimpleXMLRPCServer.py | 12 +++++++++++-
 Misc/NEWS                 |  3 +++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/Lib/SimpleXMLRPCServer.py b/Lib/SimpleXMLRPCServer.py
index 5e39840..ae06bda 100644
--- a/Lib/SimpleXMLRPCServer.py
+++ b/Lib/SimpleXMLRPCServer.py
@@ -104,7 +104,7 @@ from xmlrpclib import Fault
 import SocketServer
 import BaseHTTPServer
 import sys
-import os
+import os, fcntl
 
 def resolve_dotted_attribute(obj, attr, allow_dotted_names=True):
     """resolve_dotted_attribute(a, 'b.c.d') => a.b.c.d
@@ -465,6 +465,8 @@ class SimpleXMLRPCServer(SocketServer.TCPServer,
     from SimpleXMLRPCDispatcher to change this behavior.
     """
 
+    allow_reuse_address = True
+
     def __init__(self, addr, requestHandler=SimpleXMLRPCRequestHandler,
                  logRequests=1):
         self.logRequests = logRequests
@@ -472,6 +474,14 @@ class SimpleXMLRPCServer(SocketServer.TCPServer,
         SimpleXMLRPCDispatcher.__init__(self)
         SocketServer.TCPServer.__init__(self, addr, requestHandler)
 
+        # [Bug #1222790] If possible, set close-on-exec flag; if a 
+        # method spawns a subprocess, the subprocess shouldn't have 
+        # the listening socket open.
+        if hasattr(fcntl, 'FD_CLOEXEC'):
+            flags = fcntl.fcntl(self.fileno(), fcntl.F_GETFD)
+            flags |= fcntl.FD_CLOEXEC
+            fcntl.fcntl(self.fileno(), fcntl.F_SETFD, flags)
+
 class CGIXMLRPCRequestHandler(SimpleXMLRPCDispatcher):
     """Simple handler for XML-RPC data passed through CGI."""
 
diff --git a/Misc/NEWS b/Misc/NEWS
index cd947a9..c140d7c 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -448,6 +448,9 @@ Library
   disables recursive traversal through instance attributes, which can
   be exploited in various ways.
 
+- Bug #1222790: in SimpleXMLRPCServer, set the reuse-address and close-on-exec 
+  flags on the HTTP listening socket.
+
 - Bug #1110478: Revert os.environ.update to do putenv again.
 
 - Bug #1103844: fix distutils.install.dump_dirs() with negated options.
-- 
cgit v0.12