From: Guido van Rossum <guido@python.org>
Date: Sat, 19 Jul 1997 21:29:28 +0000 (+0000)
Subject: Reformulate security check using getsockname().
X-Git-Tag: v1.5a3~196
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=42ded89c088a2b101731c5106b08299341cf7deb;p=python

Reformulate security check using getsockname().
---

diff --git a/Demo/pysvr/pysvr.py b/Demo/pysvr/pysvr.py
index 329909b686..a62fc5c013 100755
--- a/Demo/pysvr/pysvr.py
+++ b/Demo/pysvr/pysvr.py
@@ -48,14 +48,15 @@ def main_thread(port):
     print "Listening on port", port, "..."
     while 1:
 	(conn, addr) = sock.accept()
+	if addr[0] != conn.getsockname()[0]:
+	    conn.close()
+	    print "Refusing connection from non-local host", addr[0], "."
+	    continue
 	thread.start_new_thread(service_thread, (conn, addr))
 	del conn, addr
 
 def service_thread(conn, addr):
     (caddr, cport) = addr
-    if caddr != socket.gethostbyname(socket.gethostname()):
-	print "Connection from", caddr, "not accepted."
-	return
     print "Thread %s has connection from %s.\n" % (str(thread.get_ident()),
 						   caddr),
     stdin = conn.makefile("r")