From be77f9608449f98fae53e7a154564b78b600ab3a Mon Sep 17 00:00:00 2001
From: Guido van Rossum <guido@python.org>
Date: Sat, 19 Jul 1997 21:29:28 +0000
Subject: Reformulate security check using getsockname().

---
 Demo/pysvr/pysvr.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'Demo/pysvr')

diff --git a/Demo/pysvr/pysvr.py b/Demo/pysvr/pysvr.py
index 329909b686..a62fc5c013 100755
--- a/Demo/pysvr/pysvr.py
+++ b/Demo/pysvr/pysvr.py
@@ -48,14 +48,15 @@ def main_thread(port):
     print "Listening on port", port, "..."
     while 1:
 	(conn, addr) = sock.accept()
+	if addr[0] != conn.getsockname()[0]:
+	    conn.close()
+	    print "Refusing connection from non-local host", addr[0], "."
+	    continue
 	thread.start_new_thread(service_thread, (conn, addr))
 	del conn, addr
 
 def service_thread(conn, addr):
     (caddr, cport) = addr
-    if caddr != socket.gethostbyname(socket.gethostname()):
-	print "Connection from", caddr, "not accepted."
-	return
     print "Thread %s has connection from %s.\n" % (str(thread.get_ident()),
 						   caddr),
     stdin = conn.makefile("r")
-- 
cgit v1.2.1