diff options
author | 2014-03-04 09:59:26 +0100 | |
---|---|---|
committer | 2014-03-31 10:06:46 -0700 | |
commit | 44b35f773529f1cfc046aed8734de05585b3c2da (patch) | |
tree | 844385289fe739d25866db09bfe0cc0e3e24c99d /share | |
parent | 0d3169ef70032559e201a500aff2197a2854aa72 (diff) |
fish_config: Listen on both IPv6 and IPv4.
A subclass of TCPServer was created to deny any non-local connections and to
listen using an IPv6 socket.
Diffstat (limited to 'share')
-rwxr-xr-x | share/tools/web_config/webconfig.py | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/share/tools/web_config/webconfig.py b/share/tools/web_config/webconfig.py index 1236885d..e5915ebd 100755 --- a/share/tools/web_config/webconfig.py +++ b/share/tools/web_config/webconfig.py @@ -411,6 +411,16 @@ class BindingParser: return readable_command + result +class FishConfigTCPServer(SocketServer.TCPServer): + """TCPServer that only accepts connections from localhost (IPv4/IPv6).""" + WHITELIST = set(['::1', '::ffff:127.0.0.1', '127.0.0.1']) + + address_family = socket.AF_INET6 + + def verify_request(self, request, client_address): + return client_address[0] in FishConfigTCPServer.WHITELIST + + class FishConfigHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler): def write_to_wfile(self, txt): @@ -812,7 +822,7 @@ PORT = 8000 while PORT <= 9000: try: Handler = FishConfigHTTPRequestHandler - httpd = SocketServer.TCPServer(("127.0.0.1", PORT), Handler) + httpd = FishConfigTCPServer(("::", PORT), Handler) # Success break except socket.error: |