Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 322917

Summary:

Specify host address when opening console port

Product:

[Eclipse Project] Equinox

Reporter:

Lazar Kirchev <l.kirchev>

Component:

Framework

Assignee:

Thomas Watson <tjwatson>

Status:

RESOLVED FIXED

QA Contact:

Severity:

enhancement

Priority:

CC:

alasdair, tjwatson

Version:

3.6

Target Milestone:

3.7 M5

Hardware:

OS:

Windows Vista

Whiteboard:

Attachments:

Description	Flags
Patch to restrict the local host address on which equinox listens for telnet connections	tjwatson: iplog+

Description Lazar Kirchev

2010-08-17 11:48:21 EDT

Currently when a port is specified through the -console option, there is no way to specify the host address, on which the port will be open. When the server socket to listen on this port is created, by default it opens the port on address 0.0.0.0. This results in the socket accepting connections on all of the local addresses (in the case of multiple local addresses). In this way it is not possible to restrict remote connections to a single address. This may lead to security issues when restrictions on the connections are necessary.

Probably a new option / property should be introduced for specifying the host?

Comment 1 Thomas Watson

2011-01-11 08:09:54 EST

I would suggest the use of a colon for the -console option to separate the host from the port:

  -console [<host address>:]<port>

Lazar, you have this opened against the framework.  I assume you intend to have this fixed in the built-in framework console.  Is it acceptable for you to fix this in the console running on top?

Comment 2 Lazar Kirchev

2011-01-11 12:01:05 EST

(In reply to comment #1)
> I would suggest the use of a colon for the -console option to separate the host
> from the port:
> 
>   -console [<host address>:]<port>
> 
> Lazar, you have this opened against the framework.  I assume you intend to have
> this fixed in the built-in framework console.  Is it acceptable for you to fix
> this in the console running on top?

Yes, I intended it to be fixed in the buildt-in console, since it will be used for production purposes throughout 3.7. In the other console I will add this feature - actually, in one of its versions prior to submitting it in the incubator, I implemented it as you suggest. I will shortly add it to the current version in the incubator as well, but this does not solve the issue in 3.7. The fix is rather small, will it be a problem to contribute it to the builtin console (in the ConsoleManager class) too?

Comment 3 Thomas Watson

2011-01-11 13:50:51 EST

(In reply to comment #2)
> The fix is rather small, will it be a problem to contribute it to the
> builtin console (in the ConsoleManager class) too?

No problem, please provide a patch.  Thank you!

Comment 4 Lazar Kirchev

2011-01-12 08:09:53 EST

Created attachment 186619 [details]
Patch to restrict the local host address on which equinox listens for telnet connections

This patch provides functionality for restricting the local address on which equinox listens for telnet connections. Currently it listens on all network interfaces.

Comment 5 Thomas Watson

2011-01-12 09:26:43 EST

I released the patch with a small change to print the host name to the console along with the port number.

Comment 6 Thomas Watson

2011-01-12 09:27:00 EST

Comment on attachment 186619 [details]
Patch to restrict the local host address on which equinox listens for telnet connections

Thanks for the patch!

Comment 7 Lazar Kirchev

2011-01-12 09:29:54 EST

Thanks!

Comment 8 Thomas Watson

2011-02-15 16:46:33 EST

*** Bug 337248 has been marked as a duplicate of this bug. ***