Change debugserver to open the socket it listens
to in INADDR_LOOPBACK mode by default ("localhost only")
instead of INADDR_ANY ("accept connections from any system").
Add a new command line argument to debugserver, --open-connection
or -H which will enable the previous behavior. It would be used
if you were doing two-system debugging, with lldb running on one
system and debugserver running on the other. But it is a less
common workflow and should not be the default.
<rdar://problem/12583284>
llvm-svn: 177790
diff --git a/lldb/tools/debugserver/source/debugserver.cpp b/lldb/tools/debugserver/source/debugserver.cpp
index 35918a3..ecafaaf 100644
--- a/lldb/tools/debugserver/source/debugserver.cpp
+++ b/lldb/tools/debugserver/source/debugserver.cpp
@@ -684,13 +684,13 @@
}
static int
-StartListening (RNBRemote *remote, int listen_port, const char *unix_socket_name)
+StartListening (RNBRemote *remote, int listen_port, const char *unix_socket_name, bool localhost_only)
{
if (!remote->Comm().IsConnected())
{
if (listen_port != 0)
RNBLogSTDOUT ("Listening to port %i...\n", listen_port);
- if (remote->Comm().Listen(listen_port, PortWasBoundCallback, unix_socket_name) != rnb_success)
+ if (remote->Comm().Listen(listen_port, PortWasBoundCallback, unix_socket_name, localhost_only) != rnb_success)
{
RNBLogSTDERR ("Failed to get connection from a remote gdb process.\n");
return 0;
@@ -786,6 +786,7 @@
{ "working-dir", required_argument, NULL, 'W' }, // The working directory that the inferior process should have (only if debugserver launches the process)
{ "platform", required_argument, NULL, 'p' }, // Put this executable into a remote platform mode
{ "unix-socket", required_argument, NULL, 'u' }, // If we need to handshake with our parent process, an option will be passed down that specifies a unix socket name to use
+ { "open-connection", no_argument, NULL, 'H' }, // If debugserver is listening to a TCP port, allow connections from any host (as opposed to just "localhost" connections)
{ NULL, 0, NULL, 0 }
};
@@ -841,6 +842,7 @@
useconds_t waitfor_interval = 1000; // Time in usecs between process lists polls when waiting for a process by name, default 1 msec.
useconds_t waitfor_duration = 0; // Time in seconds to wait for a process by name, 0 means wait forever.
bool no_stdio = false;
+ bool localhost_only = true;
#if !defined (DNBLOG_ENABLED)
compile_options += "(no-logging) ";
@@ -1080,7 +1082,10 @@
case 'u':
unix_socket_name.assign (optarg);
break;
-
+
+ case 'H':
+ localhost_only = false;
+ break;
}
}
@@ -1286,7 +1291,7 @@
#endif
if (listen_port != INT32_MAX)
{
- if (!StartListening (remote, listen_port, unix_socket_name.c_str()))
+ if (!StartListening (remote, listen_port, unix_socket_name.c_str(), localhost_only))
mode = eRNBRunLoopModeExit;
}
else if (str[0] == '/')
@@ -1399,7 +1404,7 @@
{
if (listen_port != INT32_MAX)
{
- if (!StartListening (remote, listen_port, unix_socket_name.c_str()))
+ if (!StartListening (remote, listen_port, unix_socket_name.c_str(), localhost_only))
mode = eRNBRunLoopModeExit;
}
else if (str[0] == '/')
@@ -1424,7 +1429,7 @@
{
if (listen_port != INT32_MAX)
{
- if (!StartListening (remote, listen_port, unix_socket_name.c_str()))
+ if (!StartListening (remote, listen_port, unix_socket_name.c_str(), localhost_only))
mode = eRNBRunLoopModeExit;
}
else if (str[0] == '/')
@@ -1451,7 +1456,7 @@
case eRNBRunLoopModePlatformMode:
if (listen_port != INT32_MAX)
{
- if (!StartListening (remote, listen_port, unix_socket_name.c_str()))
+ if (!StartListening (remote, listen_port, unix_socket_name.c_str(), localhost_only))
mode = eRNBRunLoopModeExit;
}
else if (str[0] == '/')