Mercurial Hosting > luan
changeset 1698:2dbcc8360a3e
backup security
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Mon, 27 Jun 2022 20:51:49 -0600 |
parents | aff2309ae510 |
children | e6750146faa1 |
files | src/goodjava/io/IoUtils.java src/goodjava/lucene/backup/BackupServer.java src/luan/modules/IoLuan.java |
diffstat | 3 files changed, 29 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
diff -r aff2309ae510 -r 2dbcc8360a3e src/goodjava/io/IoUtils.java --- a/src/goodjava/io/IoUtils.java Mon Jun 27 18:36:56 2022 -0600 +++ b/src/goodjava/io/IoUtils.java Mon Jun 27 20:51:49 2022 -0600 @@ -8,9 +8,15 @@ import java.io.Writer; import java.io.StringWriter; import java.io.IOException; +import java.net.InetAddress; +import java.net.Inet4Address; +import java.net.NetworkInterface; import java.nio.file.Files; import java.nio.file.attribute.FileTime; import java.security.Security; +import java.util.Set; +import java.util.HashSet; +import java.util.Enumeration; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.SSLServerSocketFactory; import goodjava.logging.Logger; @@ -103,6 +109,17 @@ return cs; } + public static Set<InetAddress> getInetAddresses() throws IOException { + Set<InetAddress> set = new HashSet<InetAddress>(); + for( Enumeration<NetworkInterface> e1 = NetworkInterface.getNetworkInterfaces(); e1.hasMoreElements(); ) { + NetworkInterface ni = e1.nextElement(); + for( Enumeration<InetAddress> e2 = ni.getInetAddresses(); e2.hasMoreElements(); ) { + InetAddress ia = e2.nextElement(); + set.add(ia); + } + } + return set; + } public static class ProcException extends IOException {
diff -r aff2309ae510 -r 2dbcc8360a3e src/goodjava/lucene/backup/BackupServer.java --- a/src/goodjava/lucene/backup/BackupServer.java Mon Jun 27 18:36:56 2022 -0600 +++ b/src/goodjava/lucene/backup/BackupServer.java Mon Jun 27 20:51:49 2022 -0600 @@ -122,6 +122,15 @@ } else if( backup != null ) { backup.handle(rpc,call); } else if( call.cmd.equals("copy") ) { + try { + if( !IoUtils.getInetAddresses().contains(rpc.socket.getInetAddress()) ) { + rpc.write( new RpcException("only localhost allowed") ); + rpc.close(); + return; + } + } catch(IOException e) { + throw new RuntimeException(e); + } String dirName = (String)call.args[0]; copy(new File(dirName)); rpc.write(Rpc.OK);
diff -r aff2309ae510 -r 2dbcc8360a3e src/luan/modules/IoLuan.java --- a/src/luan/modules/IoLuan.java Mon Jun 27 18:36:56 2022 -0600 +++ b/src/luan/modules/IoLuan.java Mon Jun 27 20:51:49 2022 -0600 @@ -22,10 +22,8 @@ import java.net.URL; import java.net.InetAddress; import java.net.Inet4Address; -import java.net.NetworkInterface; import java.net.MalformedURLException; import java.net.UnknownHostException; -import java.util.Enumeration; import java.util.Map; import javax.naming.NamingException; import javax.naming.NameNotFoundException; @@ -642,13 +640,9 @@ public static LuanTable my_ips(Luan luan) throws IOException, LuanException { LuanTable tbl = new LuanTable(); - for( Enumeration<NetworkInterface> e1 = NetworkInterface.getNetworkInterfaces(); e1.hasMoreElements(); ) { - NetworkInterface ni = e1.nextElement(); - for( Enumeration<InetAddress> e2 = ni.getInetAddresses(); e2.hasMoreElements(); ) { - InetAddress ia = e2.nextElement(); - if( ia instanceof Inet4Address ) - tbl.put(luan,ia.getHostAddress(),true); - } + for( InetAddress ia : IoUtils.getInetAddresses() ) { + if( ia instanceof Inet4Address ) + tbl.put(luan,ia.getHostAddress(),true); } return tbl; }