server: bind to IPv4 localhost by default

Since OpenOCD basically allows to perform arbitrary actions on behalf of
the running user, it makes sense to restrict the exposure by default.

If you need network connectivity and your environment is safe enough,
use "bindto 0.0.0.0" to switch to the old behaviour.

Change-Id: I4a4044b90d0ecb30118cea96fc92a7bcff0924e0
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Reviewed-on: http://openocd.zylin.com/4331
Reviewed-by: Jonathan McDowell <noodles-openocd@earth.li>
Reviewed-by: Antonio Borneo <borneo.antonio@gmail.com>
Tested-by: jenkins

diff --git a/doc/openocd.texi b/doc/openocd.texi
index 6362b41f29ba732d95125ec80431324eaba7af9c..73d64b3dc2cdf26f4b59ecca10a5c3a28c16b532 100644 (file)
--- a/doc/openocd.texi
+++ b/doc/openocd.texi
@@ -7132,9 +7132,11 @@ the initial log output channel is stderr.
 Add @var{directory} to the file/script search path.
 @end deffn
 
-@deffn Command bindto [name]
-Specify address by name on which to listen for incoming TCP/IP connections.
-By default, OpenOCD will listen on all available interfaces.
+@deffn Command bindto [@var{name}]
+Specify hostname or IPv4 address on which to listen for incoming
+TCP/IP connections. By default, OpenOCD will listen on the loopback
+interface only. If your network environment is safe, @code{bindto
+0.0.0.0} can be used to cover all available interfaces.
 @end deffn
 
 @anchor{targetstatehandling}

diff --git a/src/server/server.c b/src/server/server.c
index 8fd2d71d4fc52247a3bc7a83a2a5ceb4fec62876..4e806563ca9d1986777c1f77a323794cb811570a 100644 (file)
--- a/src/server/server.c
+++ b/src/server/server.c
@@ -259,7 +259,7 @@ int add_service(char *name,
                c->sin.sin_family = AF_INET;
 
                if (bindto_name == NULL)
-                       c->sin.sin_addr.s_addr = INADDR_ANY;
+                       c->sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
                else {
                        hp = gethostbyname(bindto_name);
                        if (hp == NULL) {