Commit 96771ccc authored by Gregor Riepl's avatar Gregor Riepl Committed by Dick Hollenbeck

The listener is opened on INADDR_ANY, so it will accept any network

connection, no matter if it is originating locally or from the outside
of the host. There is no check in place to discard non-local
connections. The only security against a malicious attack would be
provided by a local firewall, which is not guaranteed to be installed on
every workstation kicad is used on.

I tested this, and a host running eeschema accepts connections on TCP
port 4243 from other hosts on the internet.

A patch to remedy this potentially serious security hole is attached. It
creates the listener on localhost instead. A flag is provided to allow
the creation of sockets on 0.0.0.0 instead, if required. localhost is
the default.
parent 3a07ab1f
...@@ -35,12 +35,15 @@ void SetupServerFunction( void (*remotefct)(const char* remotecmd) ) ...@@ -35,12 +35,15 @@ void SetupServerFunction( void (*remotefct)(const char* remotecmd) )
/* Function to initialize a server socket /* Function to initialize a server socket
*/ */
WinEDA_Server* CreateServer( wxWindow* window, int service ) WinEDA_Server* CreateServer( wxWindow* window, int service, bool local )
{ {
wxIPV4address addr; wxIPV4address addr;
// Create a new server // Create a new server
addr.Service( service ); addr.Service( service );
// Listen on localhost only if requested
if( local )
addr.Hostname( HOSTNAME );
server = new wxServer( addr ); server = new wxServer( addr );
......
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
/* autres fonctions */ /* autres fonctions */
/********************/ /********************/
WinEDA_Server * CreateServer( wxWindow * window, int port ); WinEDA_Server * CreateServer( wxWindow * window, int port, bool local = true );
bool SendCommand( int port, const char* cmdline ); bool SendCommand( int port, const char* cmdline );
void SetupServerFunction( void (*remotefct) (const char* remotecmd) ); void SetupServerFunction( void (*remotefct) (const char* remotecmd) );
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment