mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-10-17 20:28:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Reformulate security check using getsockname().

Browse source
This commit is contained in:
Guido van Rossum 1997-07-19 21:29:28 +00:00
parent eca991df27
commit 42ded89c08
1 changed files with 4 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
Demo/pysvr/pysvr.py
View file

@ -48,14 +48,15 @@ def main_thread(port):
print "Listening on port", port, "..." print "Listening on port", port, "..."
while 1: while 1:
(conn, addr) = sock.accept() (conn, addr) = sock.accept()
if addr[0] != conn.getsockname()[0]:
conn.close()
print "Refusing connection from non-local host", addr[0], "."
continue
thread.start_new_thread(service_thread, (conn, addr)) thread.start_new_thread(service_thread, (conn, addr))
del conn, addr del conn, addr
def service_thread(conn, addr): def service_thread(conn, addr):
(caddr, cport) = addr (caddr, cport) = addr
if caddr != socket.gethostbyname(socket.gethostname()):
print "Connection from", caddr, "not accepted."
return
print "Thread %s has connection from %s.\n" % (str(thread.get_ident()), print "Thread %s has connection from %s.\n" % (str(thread.get_ident()),
caddr), caddr),
stdin = conn.makefile("r") stdin = conn.makefile("r")