diff options
| author | Carlos Garnacho <carlosg@gnome.org> | 2020-12-12 19:44:37 +0100 |
|---|---|---|
| committer | Carlos Garnacho <carlosg@gnome.org> | 2020-12-13 20:52:08 +0100 |
| commit | cb03c76b804c7e4edd14c71d55eefe7a5a7ebef8 (patch) | |
| tree | 97ce070232c3cc558e88ed382221b23840aef144 /src/tracker | |
| parent | 31653cd4f700a40e3bb91ad2331d8972ed3e3786 (diff) | |
| download | tracker-cb03c76b804c7e4edd14c71d55eefe7a5a7ebef8.tar.gz | |
tracker: Add --loopback option to "tracker3 endpoint"
This combines with --http-port and HTTP endpoints. Allows running the
endpoint in a way that only connections via the loopback device are
allowed.
This might be useful for testing, without maybe leaking undesired
details on the outside.
Diffstat (limited to 'src/tracker')
| -rw-r--r-- | src/tracker/tracker-endpoint.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/src/tracker/tracker-endpoint.c b/src/tracker/tracker-endpoint.c index 33d096171..f0c7a298f 100644 --- a/src/tracker/tracker-endpoint.c +++ b/src/tracker/tracker-endpoint.c @@ -43,6 +43,7 @@ static gboolean system_bus = FALSE; static gboolean name_owned = FALSE; static gboolean list = FALSE; static gint http_port = -1; +static gboolean http_loopback; static GOptionEntry entries[] = { { "database", 'd', 0, G_OPTION_ARG_FILENAME, &database_path, @@ -65,6 +66,10 @@ static GOptionEntry entries[] = { N_("HTTP port"), NULL }, + { "loopback", 0, 0, G_OPTION_ARG_NONE, &http_loopback, + N_("Whether to only allow HTTP connections in the loopback device"), + NULL + }, { "session", 0, 0, G_OPTION_ARG_NONE, &session_bus, N_("Use session bus"), NULL @@ -141,6 +146,28 @@ name_lost_cb (GDBusConnection *connection, } static gboolean +block_http_handler (TrackerEndpointHttp *endpoint_http, + GSocketAddress *address, + gpointer user_data) +{ + GInetAddress *inet_address; + + if (!G_IS_INET_SOCKET_ADDRESS (address)) + return TRUE; + + inet_address = g_inet_socket_address_get_address (G_INET_SOCKET_ADDRESS (address)); + + if (http_loopback) { + if (g_inet_address_get_is_loopback (inet_address)) + return FALSE; + + return TRUE; + } + + return FALSE; +} + +static gboolean run_http_endpoint (TrackerSparqlConnection *connection, GError **error) { @@ -171,6 +198,9 @@ run_http_endpoint (TrackerSparqlConnection *connection, return FALSE; } + g_signal_connect (endpoint, "block-remote-address", + G_CALLBACK (block_http_handler), NULL); + main_loop = g_main_loop_new (NULL, FALSE); g_print ("%s\n", _("Listening to SPARQL commands. Press Ctrl-C to stop.")); |