[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 02/10] slirp: Canonicalize restrict syntax
From: |
Jan Kiszka |
Subject: |
[Qemu-devel] [PATCH 02/10] slirp: Canonicalize restrict syntax |
Date: |
Wed, 20 Jul 2011 12:20:14 +0200 |
All other boolean arguments accept on|off - except for slirp's restrict.
Fix that while still accepting the formerly allowed yes|y|no|n, but
reject everything else. This avoids accidentally allowing external
connections because syntax errors were so far interpreted as
'restrict=no'.
CC: Gleb Natapov <address@hidden>
Signed-off-by: Jan Kiszka <address@hidden>
---
net/slirp.c | 21 +++++++++++++++------
qemu-options.hx | 4 ++--
2 files changed, 17 insertions(+), 8 deletions(-)
diff --git a/net/slirp.c b/net/slirp.c
index e057a14..71e2577 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -240,7 +240,8 @@ static int net_slirp_init(VLANState *vlan, const char
*model,
nc = qemu_new_net_client(&net_slirp_info, vlan, NULL, model, name);
snprintf(nc->info_str, sizeof(nc->info_str),
- "net=%s, restricted=%c", inet_ntoa(net), restricted ? 'y' : 'n');
+ "net=%s,restrict=%s", inet_ntoa(net),
+ restricted ? "on" : "off");
s = DO_UPCAST(SlirpState, nc, nc);
@@ -689,6 +690,7 @@ int net_init_slirp(QemuOpts *opts,
const char *bootfile;
const char *smb_export;
const char *vsmbsrv;
+ const char *restrict_opt;
char *vnet = NULL;
int restricted = 0;
int ret;
@@ -702,6 +704,18 @@ int net_init_slirp(QemuOpts *opts,
smb_export = qemu_opt_get(opts, "smb");
vsmbsrv = qemu_opt_get(opts, "smbserver");
+ restrict_opt = qemu_opt_get(opts, "restrict");
+ if (restrict_opt) {
+ if (!strcmp(restrict_opt, "on") ||
+ !strcmp(restrict_opt, "yes") || !strcmp(restrict_opt, "y")) {
+ restricted = 1;
+ } else if (strcmp(restrict_opt, "off") &&
+ strcmp(restrict_opt, "no") && strcmp(restrict_opt, "n")) {
+ error_report("invalid option: 'restrict=%s'", restrict_opt);
+ return -1;
+ }
+ }
+
if (qemu_opt_get(opts, "ip")) {
const char *ip = qemu_opt_get(opts, "ip");
int l = strlen(ip) + strlen("/24") + 1;
@@ -720,11 +734,6 @@ int net_init_slirp(QemuOpts *opts,
vnet = qemu_strdup(qemu_opt_get(opts, "net"));
}
- if (qemu_opt_get(opts, "restrict") &&
- qemu_opt_get(opts, "restrict")[0] == 'y') {
- restricted = 1;
- }
-
qemu_opt_foreach(opts, net_init_slirp_configs, NULL, 0);
ret = net_slirp_init(vlan, "user", name, restricted, vnet, vhost,
diff --git a/qemu-options.hx b/qemu-options.hx
index e6d7adc..0f58e27 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1092,7 +1092,7 @@ DEF("net", HAS_ARG, QEMU_OPTION_net,
"-net
nic[,vlan=n][,macaddr=mac][,model=type][,name=str][,addr=str][,vectors=v]\n"
" create a new Network Interface Card and connect it to
VLAN 'n'\n"
#ifdef CONFIG_SLIRP
- "-net
user[,vlan=n][,name=str][,net=addr[/mask]][,host=addr][,restrict=y|n]\n"
+ "-net
user[,vlan=n][,name=str][,net=addr[/mask]][,host=addr][,restrict=on|off]\n"
"
[,hostname=host][,dhcpstart=addr][,dns=addr][,tftp=dir][,bootfile=f]\n"
" [,hostfwd=rule][,guestfwd=rule]"
#ifndef _WIN32
@@ -1185,7 +1185,7 @@ either in the form a.b.c.d or as number of valid top-most
bits. Default is
Specify the guest-visible address of the host. Default is the 2nd IP in the
guest network, i.e. x.x.x.2.
address@hidden restrict=y|yes|n|no
address@hidden restrict=on|off
If this option is enabled, the guest will be isolated, i.e. it will not be
able to contact the host and no guest IP packets will be routed over the host
to the outside. This option does not affect any explicitly set forwarding
rules.
--
1.7.3.4
- [Qemu-devel] [PATCH 00/10] [RESEND] Various net and slirp fixes & enhancements, Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 01/10] slirp: Fix restricted mode, Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 02/10] slirp: Canonicalize restrict syntax,
Jan Kiszka <=
- [Qemu-devel] [PATCH 05/10] slirp: Put forked exec into separate process group, Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 04/10] slirp: Replace m_freem with m_free, Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 07/10] net: Improve layout of 'info network', Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 08/10] net: Refactor net_client_types, Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 09/10] net: Dump client type 'info network', Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 03/10] slirp: Strictly associate DHCP/BOOTP and TFTP with virtual host, Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 06/10] slirp: Forward ICMP echo requests via unprivileged sockets, Jan Kiszka, 2011/07/20
- [Qemu-devel] [PATCH 10/10] net: Consistently use qemu_macaddr_default_if_unset, Jan Kiszka, 2011/07/20
- Re: [Qemu-devel] [PATCH 00/10] [RESEND] Various net and slirp fixes & enhancements, Markus Armbruster, 2011/07/22
- Re: [Qemu-devel] [PATCH 00/10] [RESEND] Various net and slirp fixes & enhancements, Anthony Liguori, 2011/07/23