diff options
| author | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2015-02-10 21:11:27 +0100 |
|---|---|---|
| committer | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2015-02-10 21:11:27 +0100 |
| commit | 1be1c4a21bb54e60ec60456374d9ef55aaf55e2f (patch) | |
| tree | 94a554229c0232baad0585aeaef9e354e3f630a8 /nxcomp/Loop.cpp | |
| parent | 79f218b563f6a4d3b17e92ee85ad242575daf8da (diff) | |
| download | nx-libs-1be1c4a21bb54e60ec60456374d9ef55aaf55e2f.tar.gz nx-libs-1be1c4a21bb54e60ec60456374d9ef55aaf55e2f.tar.bz2 nx-libs-1be1c4a21bb54e60ec60456374d9ef55aaf55e2f.zip | |
Force NX proxy to bind to loopback devices only (loopback option) (220_nxproxy_bind-loopback-only.full+lite.patch).
Diffstat (limited to 'nxcomp/Loop.cpp')
| -rw-r--r-- | nxcomp/Loop.cpp | 41 |
1 files changed, 37 insertions, 4 deletions
diff --git a/nxcomp/Loop.cpp b/nxcomp/Loop.cpp index 05b514570..77b0c806c 100644 --- a/nxcomp/Loop.cpp +++ b/nxcomp/Loop.cpp @@ -952,6 +952,7 @@ static char listenHost[DEFAULT_STRING_LENGTH] = { 0 }; static char displayHost[DEFAULT_STRING_LENGTH] = { 0 }; static char authCookie[DEFAULT_STRING_LENGTH] = { 0 }; +static int loopbackBind = DEFAULT_LOOPBACK_BIND; static int proxyPort = DEFAULT_NX_PROXY_PORT; static int xPort = DEFAULT_NX_X_PORT; @@ -3959,7 +3960,14 @@ int SetupTcpSocket() tcpAddr.sin_family = AF_INET; tcpAddr.sin_port = htons(proxyPortTCP); - tcpAddr.sin_addr.s_addr = htonl(INADDR_ANY); + if ( loopbackBind ) + { + tcpAddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + } + else + { + tcpAddr.sin_addr.s_addr = htonl(INADDR_ANY); + } if (bind(tcpFD, (sockaddr *) &tcpAddr, sizeof(tcpAddr)) == -1) { @@ -4550,7 +4558,14 @@ int ListenConnection(int port, const char *label) tcpAddr.sin_family = AF_INET; tcpAddr.sin_port = htons(portTCP); - tcpAddr.sin_addr.s_addr = htonl(INADDR_ANY); + if ( loopbackBind ) + { + tcpAddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + } + else + { + tcpAddr.sin_addr.s_addr = htonl(INADDR_ANY); + } if (bind(newFD, (sockaddr *) &tcpAddr, sizeof(tcpAddr)) == -1) { @@ -6718,7 +6733,14 @@ int WaitForRemote(int portNum) #ifdef __APPLE__ - tcpAddr.sin_addr.s_addr = htonl(INADDR_ANY); + if ( loopbackBind ) + { + tcpAddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + } + else + { + tcpAddr.sin_addr.s_addr = htonl(INADDR_ANY); + } #else @@ -8397,6 +8419,10 @@ int ParseEnvironmentOptions(const char *env, int force) listenPort = ValidateArg("local", name, value); } + else if (strcasecmp(name, "loopback") == 0) + { + loopbackBind = ValidateArg("local", name, value); + } else if (strcasecmp(name, "accept") == 0) { if (*connectHost != '\0') @@ -13778,7 +13804,14 @@ int ParseListenOption(int &address) } else { - address = htonl(INADDR_ANY); + if ( loopbackBind ) + { + address = htonl(INADDR_LOOPBACK); + } + else + { + address = htonl(INADDR_ANY); + } } } else |