48k.eu-mirror
/
ogserver
mirror of https://git.48k.eu/ogserver
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

core: restrict rest API to 127.0.0.1 

Until there is TLS support for this, frontend and ogserver needs to be in the
same box by now.
master
OpenGnSys Support Team 2023-11-14 11:11:02 +01:00
parent 485bf92216
commit 944fef7b04
3 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/core.c
View File

@ -399,11 +399,17 @@ void og_server_accept_cb(struct ev_loop *loop, struct ev_io *io, int events)
og_agent_send_refresh(cli);
}
int og_socket_server_init(const char *port)
int og_socket_server_init(const char *addr, const char *port)
{
struct sockaddr_in local;
uint32_t s_addr;
int sd, on = 1;
if (!inet_pton(AF_INET, addr, &s_addr)) {
syslog(LOG_ERR, "listener address `%s' not valid\n", addr);
return -1;
}
sd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sd < 0) {
syslog(LOG_ERR, "cannot create main socket\n");
@ -411,7 +417,7 @@ int og_socket_server_init(const char *port)
}
setsockopt(sd, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(int));
local.sin_addr.s_addr = htonl(INADDR_ANY);
local.sin_addr.s_addr = s_addr;
local.sin_family = AF_INET;
local.sin_port = htons(atoi(port));

2
src/core.h
View File

@ -5,7 +5,7 @@ extern int socket_rest, socket_agent_rest;
extern struct ev_loop *og_loop;
extern time_t start_time;
int og_socket_server_init(const char *port);
int og_socket_server_init(const char *addr, const char *port);
void og_server_accept_cb(struct ev_loop *loop, struct ev_io *io, int events);
#endif

4
src/main.c
View File

@ -74,7 +74,7 @@ int main(int argc, char *argv[])
if (parse_json_config(config_file, &ogconfig) < 0)
return EXIT_FAILURE;
socket_rest = og_socket_server_init(ogconfig.rest.port);
socket_rest = og_socket_server_init("127.0.0.1", ogconfig.rest.port);
if (socket_rest < 0) {
syslog(LOG_ERR, "Cannot open REST API server socket\n");
exit(EXIT_FAILURE);
@ -83,7 +83,7 @@ int main(int argc, char *argv[])
ev_io_init(&ev_io_server_rest, og_server_accept_cb, socket_rest, EV_READ);
ev_io_start(og_loop, &ev_io_server_rest);
socket_agent_rest = og_socket_server_init("8889");
socket_agent_rest = og_socket_server_init("0.0.0.0", "8889");
if (socket_agent_rest < 0) {
syslog(LOG_ERR, "Cannot open ogClient server socket\n");
exit(EXIT_FAILURE);