mirror of https://github.com/OpenRCT2/OpenRCT2.git
Add localhost limitation
This commit is contained in:
Ted John
parent
703dc1efa7
commit
5da5804f84
|
|
@ -80,6 +80,12 @@ namespace OpenRCT2::Scripting
|
||||||
private:
|
private:
|
||||||
std::shared_ptr<Plugin> _plugin;
|
std::shared_ptr<Plugin> _plugin;
|
||||||
|
|
||||||
|
protected:
|
||||||
|
static bool IsLocalhostAddress(const std::string_view& s)
|
||||||
|
{
|
||||||
|
return s == "localhost" || s == "127.0.0.1" || s == "::";
|
||||||
|
}
|
||||||
|
|
||||||
public:
|
public:
|
||||||
ScSocketBase(const std::shared_ptr<Plugin>& plugin)
|
ScSocketBase(const std::shared_ptr<Plugin>& plugin)
|
||||||
: _plugin(plugin)
|
: _plugin(plugin)
|
||||||
|
|
@ -166,6 +172,10 @@ namespace OpenRCT2::Scripting
|
||||||
{
|
{
|
||||||
duk_error(ctx, DUK_ERR_ERROR, "Socket is already connecting.");
|
duk_error(ctx, DUK_ERR_ERROR, "Socket is already connecting.");
|
||||||
}
|
}
|
||||||
|
else if (!IsLocalhostAddress(host))
|
||||||
|
{
|
||||||
|
duk_error(ctx, DUK_ERR_ERROR, "For security reasons, only connecting to localhost is allowed.");
|
||||||
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
_socket = CreateTcpSocket();
|
_socket = CreateTcpSocket();
|
||||||
|
|
@ -354,11 +364,11 @@ namespace OpenRCT2::Scripting
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
ScSocketServer* listen(int32_t port, const DukValue& callback)
|
ScSocketServer* listen(int32_t port, const DukValue& dukHost)
|
||||||
{
|
{
|
||||||
|
auto ctx = GetContext()->GetScriptEngine().GetContext();
|
||||||
if (_disposed)
|
if (_disposed)
|
||||||
{
|
{
|
||||||
auto ctx = GetContext()->GetScriptEngine().GetContext();
|
|
||||||
duk_error(ctx, DUK_ERR_ERROR, "Socket is disposed.");
|
duk_error(ctx, DUK_ERR_ERROR, "Socket is disposed.");
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
@ -370,12 +380,26 @@ namespace OpenRCT2::Scripting
|
||||||
|
|
||||||
if (_socket->GetStatus() == SOCKET_STATUS_LISTENING)
|
if (_socket->GetStatus() == SOCKET_STATUS_LISTENING)
|
||||||
{
|
{
|
||||||
auto ctx = GetContext()->GetScriptEngine().GetContext();
|
|
||||||
duk_error(ctx, DUK_ERR_ERROR, "Server is already listening.");
|
duk_error(ctx, DUK_ERR_ERROR, "Server is already listening.");
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
_socket->Listen(port);
|
if (dukHost.type() == DukValue::Type::STRING)
|
||||||
|
{
|
||||||
|
auto host = dukHost.as_string();
|
||||||
|
if (IsLocalhostAddress(host))
|
||||||
|
{
|
||||||
|
_socket->Listen(host, port);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
duk_error(ctx, DUK_ERR_ERROR, "For security reasons, only binding to localhost is allowed.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
_socket->Listen("127.0.0.1", port);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return this;
|
return this;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue