From fe2e2e4b59454f1dcc23715f57b17db331ad36ff Mon Sep 17 00:00:00 2001 From: Luca Stauble Date: Sat, 4 Feb 2012 01:25:04 +0100 Subject: [PATCH] Add an optional parameter to specify the ip address for reverse connections For security reasons, it can be important to limit which IP addresses a LibVNCClient-based client should listen for reverse connections. This commit adds that option. To preserve binary backwards-compatibility, the field was added to the end of the rfbclient struct, and the function ListenAtTcpPort retains its signature (but calls the new ListenAtTcpPortAndAddress). [jes: shortened the commit subject, added a longer explanation in the commit body and adjusted style] Signed-off-by: Luca Stauble Signed-off-by: Johannes Schindelin --- libvncclient/listen.c | 4 ++-- libvncclient/sockets.c | 19 ++++++++++++++++++- libvncclient/vncviewer.c | 1 + rfb/rfbclient.h | 4 ++++ 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/libvncclient/listen.c b/libvncclient/listen.c index 58275a0..2e9fafb 100644 --- a/libvncclient/listen.c +++ b/libvncclient/listen.c @@ -55,7 +55,7 @@ listenForIncomingConnections(rfbClient* client) client->listenSpecified = TRUE; - listenSocket = ListenAtTcpPort(client->listenPort); + listenSocket = ListenAtTcpPortAndAddress(client->listenPort, client->listenAddress); if ((listenSocket < 0)) return; @@ -133,7 +133,7 @@ listenForIncomingConnectionsNoFork(rfbClient* client, int timeout) if (client->listenSock < 0) { - client->listenSock = ListenAtTcpPort(client->listenPort); + client->listenSock = ListenAtTcpPortAndAddress(client->listenPort, client->listenAddress); if (client->listenSock < 0) return -1; diff --git a/libvncclient/sockets.c b/libvncclient/sockets.c index 6c8cec1..be9924a 100644 --- a/libvncclient/sockets.c +++ b/libvncclient/sockets.c @@ -479,6 +479,19 @@ FindFreeTcpPort(void) int ListenAtTcpPort(int port) +{ + return ListenAtTcpPortAndAddress(port, NULL); +} + + + +/* + * ListenAtTcpPortAndAddress starts listening at the given TCP port on + * the given IP address + */ + +int +ListenAtTcpPortAndAddress(int port, const char *address) { int sock; struct sockaddr_in addr; @@ -486,7 +499,11 @@ ListenAtTcpPort(int port) addr.sin_family = AF_INET; addr.sin_port = htons(port); - addr.sin_addr.s_addr = htonl(INADDR_ANY); + if (address) { + addr.sin_addr.s_addr = inet_addr(address); + } else { + addr.sin_addr.s_addr = htonl(INADDR_ANY); + } if (!initSockets()) return -1; diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c index 1c5ea6e..10b430f 100644 --- a/libvncclient/vncviewer.c +++ b/libvncclient/vncviewer.c @@ -196,6 +196,7 @@ rfbClient* rfbGetClient(int bitsPerSample,int samplesPerPixel, #endif client->sock = -1; client->listenSock = -1; + client->listenAddress = NULL; client->clientAuthSchemes = NULL; return client; } diff --git a/rfb/rfbclient.h b/rfb/rfbclient.h index b3f2cd7..36ffe13 100644 --- a/rfb/rfbclient.h +++ b/rfb/rfbclient.h @@ -345,6 +345,9 @@ typedef struct _rfbClient { int listenSock; FinishedFrameBufferUpdateProc FinishedFrameBufferUpdate; + + char *listenAddress; + } rfbClient; /* cursor.c */ @@ -541,6 +544,7 @@ extern rfbBool ReadFromRFBServer(rfbClient* client, char *out, unsigned int n); extern rfbBool WriteToRFBServer(rfbClient* client, char *buf, int n); extern int FindFreeTcpPort(void); extern int ListenAtTcpPort(int port); +extern int ListenAtTcpPortAndAddress(int port, const char *address); extern int ConnectClientToTcpAddr(unsigned int host, int port); extern int ConnectClientToTcpAddr6(const char *hostname, int port); extern int ConnectClientToUnixSock(const char *sockFile);