if binding to 0.0.0.0, don't validate source ip in client api

This commit is contained in:
Kevin Froman 2021-01-22 21:14:34 +00:00
parent b1441e8c10
commit 45b691a06a
2 changed files with 5 additions and 4 deletions

View File

@ -54,9 +54,10 @@ class ClientAPISecurity:
"""Validate request has set password & is the correct hostname.""" """Validate request has set password & is the correct hostname."""
# For the purpose of preventing DNS rebinding attacks # For the purpose of preventing DNS rebinding attacks
localhost = True localhost = True
if request.host != '%s:%s' % \ if client_api.host != '0.0.0.0':
(client_api.host, client_api.bindPort): if request.host != '%s:%s' % \
localhost = False (client_api.host, client_api.bindPort):
localhost = False
if not localhost and public_remote_enabled: if not localhost and public_remote_enabled:
if request.host not in public_remote_hostnames: if request.host not in public_remote_hostnames:

View File

@ -91,7 +91,7 @@ class NetController:
if '100' not in line.decode(): if '100' not in line.decode():
logger.info(line.decode().strip(), terminal=True) logger.info(line.decode().strip(), terminal=True)
if 'bootstrapped 100' in line.decode().lower(): if 'bootstrapped 100' in line.decode().lower():
logger.info(line.decode()) logger.info(line.decode(), terminal=True)
break break
elif 'opening socks listener' in line.decode().lower(): elif 'opening socks listener' in line.decode().lower():
logger.debug(line.decode().replace('\n', '')) logger.debug(line.decode().replace('\n', ''))