fish_config: Listen on both IPv6 and IPv4.

A subclass of TCPServer was created to deny any non-local connections and to listen using an IPv6 socket.
author: Anders Bergh <anders1@gmail.com> 2014-03-04 09:59:26 +0100
committer: ridiculousfish <corydoras@ridiculousfish.com> 2014-03-31 10:06:46 -0700
commit: 44b35f773529f1cfc046aed8734de05585b3c2da (patch)
tree: 844385289fe739d25866db09bfe0cc0e3e24c99d /share
parent: 0d3169ef70032559e201a500aff2197a2854aa72 (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/share/tools/web_config/webconfig.py b/share/tools/web_config/webconfig.py
index 1236885d..e5915ebd 100755
--- a/share/tools/web_config/webconfig.py
+++ b/share/tools/web_config/webconfig.py
@@ -411,6 +411,16 @@ class BindingParser:
         return readable_command + result
 
 
+class FishConfigTCPServer(SocketServer.TCPServer):
+    """TCPServer that only accepts connections from localhost (IPv4/IPv6)."""
+    WHITELIST = set(['::1', '::ffff:127.0.0.1', '127.0.0.1'])
+
+    address_family = socket.AF_INET6
+
+    def verify_request(self, request, client_address):
+        return client_address[0] in FishConfigTCPServer.WHITELIST
+
+
 class FishConfigHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
 
     def write_to_wfile(self, txt):
@@ -812,7 +822,7 @@ PORT = 8000
 while PORT <= 9000:
     try:
         Handler = FishConfigHTTPRequestHandler
-        httpd = SocketServer.TCPServer(("127.0.0.1", PORT), Handler)
+        httpd = FishConfigTCPServer(("::", PORT), Handler)
         # Success
         break
     except socket.error:
author	Anders Bergh <anders1@gmail.com>	2014-03-04 09:59:26 +0100
committer	ridiculousfish <corydoras@ridiculousfish.com>	2014-03-31 10:06:46 -0700
commit	44b35f773529f1cfc046aed8734de05585b3c2da (patch)
tree	844385289fe739d25866db09bfe0cc0e3e24c99d /share
parent	0d3169ef70032559e201a500aff2197a2854aa72 (diff)