MetzNet
/
dfhack
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a flag for functions considered safe for a remote computer to call.

develop
Japa 2017-10-02 19:55:16 +05:30
parent 54b0d2fcb6
commit 8dffd48f70
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/RemoteServer.cpp
Unescape Escape View File

@ -284,7 +284,11 @@ void ServerConnection::threadFn()
} }
else else
{ {
if (!fn->in()->ParseFromArray(buf.get(), header.size)) if (((fn->flags & SF_ALLOW_REMOTE) != SF_ALLOW_REMOTE) && strcmp(socket->GetClientAddr(), "127.0.0.1") != 0)
{
stream.printerr("In call to %s: forbidden host: %s\n", fn->name, socket->GetClientAddr());
}
else if (!fn->in()->ParseFromArray(buf.get(), header.size))
{ {
stream.printerr("In call to %s: could not decode input args.\n", fn->name); stream.printerr("In call to %s: could not decode input args.\n", fn->name);
} }

5
library/include/RemoteServer.h
Unescape Escape View File

@ -46,7 +46,10 @@ namespace DFHack
SF_CALLED_ONCE = 1, SF_CALLED_ONCE = 1,
// Don't automatically suspend the core around the call. // Don't automatically suspend the core around the call.
// The function is supposed to manage locking itself. // The function is supposed to manage locking itself.
SF_DONT_SUSPEND = 2 SF_DONT_SUSPEND = 2,
// The function is considered safe to call from a remote computer.
// All other functions cannot be allowed for security reasons.
SF_ALLOW_REMOTE = 4
}; };
class DFHACK_EXPORT ServerFunctionBase : public RPCFunctionBase { class DFHACK_EXPORT ServerFunctionBase : public RPCFunctionBase {