Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 322917 - Specify host address when opening console port
Summary: Specify host address when opening console port
Status: RESOLVED FIXED
Alias: None
Product: Equinox
Classification: Eclipse Project
Component: Framework (show other bugs)
Version: 3.6   Edit
Hardware: PC Windows Vista
: P3 enhancement (vote)
Target Milestone: 3.7 M5   Edit
Assignee: Thomas Watson CLA
QA Contact:
URL:
Whiteboard:
Keywords:
: 337248 (view as bug list)
Depends on:
Blocks:
 
Reported: 2010-08-17 11:48 EDT by Lazar Kirchev CLA
Modified: 2011-02-15 16:46 EST (History)
2 users (show)

See Also:

Attachments
Patch to restrict the local host address on which equinox listens for telnet connections (3.73 KB, patch)
2011-01-12 08:09 EST, Lazar Kirchev CLA 		tjwatson: iplog+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Lazar Kirchev CLA 2010-08-17 11:48:21 EDT 
Currently when a port is specified through the -console option, there is no way to specify the host address, on which the port will be open. When the server socket to listen on this port is created, by default it opens the port on address 0.0.0.0. This results in the socket accepting connections on all of the local addresses (in the case of multiple local addresses). In this way it is not possible to restrict remote connections to a single address. This may lead to security issues when restrictions on the connections are necessary.

Probably a new option / property should be introduced for specifying the host?
Comment 1 Thomas Watson CLA 2011-01-11 08:09:54 EST 
I would suggest the use of a colon for the -console option to separate the host from the port:

  -console [<host address>:]<port>

Lazar, you have this opened against the framework.  I assume you intend to have this fixed in the built-in framework console.  Is it acceptable for you to fix this in the console running on top?
Comment 2 Lazar Kirchev CLA 2011-01-11 12:01:05 EST 
(In reply to comment #1)
> I would suggest the use of a colon for the -console option to separate the host
> from the port:
> 
>   -console [<host address>:]<port>
> 
> Lazar, you have this opened against the framework.  I assume you intend to have
> this fixed in the built-in framework console.  Is it acceptable for you to fix
> this in the console running on top?

Yes, I intended it to be fixed in the buildt-in console, since it will be used for production purposes throughout 3.7. In the other console I will add this feature - actually, in one of its versions prior to submitting it in the incubator, I implemented it as you suggest. I will shortly add it to the current version in the incubator as well, but this does not solve the issue in 3.7. The fix is rather small, will it be a problem to contribute it to the builtin console (in the ConsoleManager class) too?
Comment 3 Thomas Watson CLA 2011-01-11 13:50:51 EST 
(In reply to comment #2)
> The fix is rather small, will it be a problem to contribute it to the
> builtin console (in the ConsoleManager class) too?

No problem, please provide a patch.  Thank you!
Comment 4 Lazar Kirchev CLA 2011-01-12 08:09:53 EST 
Created attachment 186619 [details]
Patch to restrict the local host address on which equinox listens for telnet connections

This patch provides functionality for restricting the local address on which equinox listens for telnet connections. Currently it listens on all network interfaces.
Comment 5 Thomas Watson CLA 2011-01-12 09:26:43 EST 
I released the patch with a small change to print the host name to the console along with the port number.
Comment 6 Thomas Watson CLA 2011-01-12 09:27:00 EST 
Comment on attachment 186619 [details]
Patch to restrict the local host address on which equinox listens for telnet connections

Thanks for the patch!
Comment 7 Lazar Kirchev CLA 2011-01-12 09:29:54 EST 
Thanks!
Comment 8 Thomas Watson CLA 2011-02-15 16:46:33 EST 
*** Bug 337248 has been marked as a duplicate of this bug. ***