summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLuca Stauble <gnekoz@gmail.com>2012-02-04 01:25:04 +0100
committerJohannes Schindelin <johannes.schindelin@gmx.de>2012-02-03 22:13:11 -0600
commitfe2e2e4b59454f1dcc23715f57b17db331ad36ff (patch)
tree16d263d20fd2e7784c3ee8c242f33b1c1d8b9f3a
parent5ea7e51e6bd25f3753a3943271e7410e2cb78f5e (diff)
downloadlibtdevnc-fe2e2e4b59454f1dcc23715f57b17db331ad36ff.tar.gz
libtdevnc-fe2e2e4b59454f1dcc23715f57b17db331ad36ff.zip
Add an optional parameter to specify the ip address for reverse connections
For security reasons, it can be important to limit which IP addresses a LibVNCClient-based client should listen for reverse connections. This commit adds that option. To preserve binary backwards-compatibility, the field was added to the end of the rfbclient struct, and the function ListenAtTcpPort retains its signature (but calls the new ListenAtTcpPortAndAddress). [jes: shortened the commit subject, added a longer explanation in the commit body and adjusted style] Signed-off-by: Luca Stauble <gnekoz@gmail.com> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
-rw-r--r--libvncclient/listen.c4
-rw-r--r--libvncclient/sockets.c19
-rw-r--r--libvncclient/vncviewer.c1
-rw-r--r--rfb/rfbclient.h4
4 files changed, 25 insertions, 3 deletions
diff --git a/libvncclient/listen.c b/libvncclient/listen.c
index 58275a0..2e9fafb 100644
--- a/libvncclient/listen.c
+++ b/libvncclient/listen.c
@@ -55,7 +55,7 @@ listenForIncomingConnections(rfbClient* client)
client->listenSpecified = TRUE;
- listenSocket = ListenAtTcpPort(client->listenPort);
+ listenSocket = ListenAtTcpPortAndAddress(client->listenPort, client->listenAddress);
if ((listenSocket < 0))
return;
@@ -133,7 +133,7 @@ listenForIncomingConnectionsNoFork(rfbClient* client, int timeout)
if (client->listenSock < 0)
{
- client->listenSock = ListenAtTcpPort(client->listenPort);
+ client->listenSock = ListenAtTcpPortAndAddress(client->listenPort, client->listenAddress);
if (client->listenSock < 0)
return -1;
diff --git a/libvncclient/sockets.c b/libvncclient/sockets.c
index 6c8cec1..be9924a 100644
--- a/libvncclient/sockets.c
+++ b/libvncclient/sockets.c
@@ -480,13 +480,30 @@ FindFreeTcpPort(void)
int
ListenAtTcpPort(int port)
{
+ return ListenAtTcpPortAndAddress(port, NULL);
+}
+
+
+
+/*
+ * ListenAtTcpPortAndAddress starts listening at the given TCP port on
+ * the given IP address
+ */
+
+int
+ListenAtTcpPortAndAddress(int port, const char *address)
+{
int sock;
struct sockaddr_in addr;
int one = 1;
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
- addr.sin_addr.s_addr = htonl(INADDR_ANY);
+ if (address) {
+ addr.sin_addr.s_addr = inet_addr(address);
+ } else {
+ addr.sin_addr.s_addr = htonl(INADDR_ANY);
+ }
if (!initSockets())
return -1;
diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c
index 1c5ea6e..10b430f 100644
--- a/libvncclient/vncviewer.c
+++ b/libvncclient/vncviewer.c
@@ -196,6 +196,7 @@ rfbClient* rfbGetClient(int bitsPerSample,int samplesPerPixel,
#endif
client->sock = -1;
client->listenSock = -1;
+ client->listenAddress = NULL;
client->clientAuthSchemes = NULL;
return client;
}
diff --git a/rfb/rfbclient.h b/rfb/rfbclient.h
index b3f2cd7..36ffe13 100644
--- a/rfb/rfbclient.h
+++ b/rfb/rfbclient.h
@@ -345,6 +345,9 @@ typedef struct _rfbClient {
int listenSock;
FinishedFrameBufferUpdateProc FinishedFrameBufferUpdate;
+
+ char *listenAddress;
+
} rfbClient;
/* cursor.c */
@@ -541,6 +544,7 @@ extern rfbBool ReadFromRFBServer(rfbClient* client, char *out, unsigned int n);
extern rfbBool WriteToRFBServer(rfbClient* client, char *buf, int n);
extern int FindFreeTcpPort(void);
extern int ListenAtTcpPort(int port);
+extern int ListenAtTcpPortAndAddress(int port, const char *address);
extern int ConnectClientToTcpAddr(unsigned int host, int port);
extern int ConnectClientToTcpAddr6(const char *hostname, int port);
extern int ConnectClientToUnixSock(const char *sockFile);