From a8186531740326e4eace928b84f78d130e67c319 Mon Sep 17 00:00:00 2001 From: Junegunn Choi Date: Sun, 5 Nov 2023 10:50:11 +0900 Subject: Add --listen-unsafe=ADDR to allow remote process execution (#3498) --- src/server.go | 50 +++++++++++++++++++++++++++++--------------------- 1 file changed, 29 insertions(+), 21 deletions(-) (limited to 'src/server.go') diff --git a/src/server.go b/src/server.go index 56fce30f..a52dcfde 100644 --- a/src/server.go +++ b/src/server.go @@ -26,13 +26,12 @@ type getParams struct { } const ( - crlf = "\r\n" - httpOk = "HTTP/1.1 200 OK" + crlf - httpBadRequest = "HTTP/1.1 400 Bad Request" + crlf - httpUnauthorized = "HTTP/1.1 401 Unauthorized" + crlf - httpReadTimeout = 10 * time.Second - maxContentLength = 1024 * 1024 - defaultListenAddr = "localhost:0" + crlf = "\r\n" + httpOk = "HTTP/1.1 200 OK" + crlf + httpBadRequest = "HTTP/1.1 400 Bad Request" + crlf + httpUnauthorized = "HTTP/1.1 401 Unauthorized" + crlf + httpReadTimeout = 10 * time.Second + maxContentLength = 1024 * 1024 ) type httpServer struct { @@ -41,38 +40,47 @@ type httpServer struct { responseChannel chan string } -func parseListenAddress(address string) (error, string, int) { +type listenAddress struct { + host string + port int +} + +func (addr listenAddress) IsLocal() bool { + return addr.host == "localhost" || addr.host == "127.0.0.1" +} + +var defaultListenAddr = listenAddress{"localhost", 0} + +func parseListenAddress(address string) (error, listenAddress) { parts := strings.SplitN(address, ":", 3) if len(parts) == 1 { parts = []string{"localhost", parts[0]} } if len(parts) != 2 { - return fmt.Errorf("invalid listen address: %s", address), "", 0 + return fmt.Errorf("invalid listen address: %s", address), defaultListenAddr } portStr := parts[len(parts)-1] port, err := strconv.Atoi(portStr) if err != nil || port < 0 || port > 65535 { - return fmt.Errorf("invalid listen port: %s", portStr), "", 0 + return fmt.Errorf("invalid listen port: %s", portStr), defaultListenAddr } if len(parts[0]) == 0 { parts[0] = "localhost" } - return nil, parts[0], port + return nil, listenAddress{parts[0], port} } -func startHttpServer(address string, actionChannel chan []*action, responseChannel chan string) (error, int) { - err, host, port := parseListenAddress(address) - if err != nil { - return err, port - } - +func startHttpServer(address listenAddress, actionChannel chan []*action, responseChannel chan string) (error, int) { + host := address.host + port := address.port apiKey := os.Getenv("FZF_API_KEY") - if host != "localhost" && host != "127.0.0.1" && len(apiKey) == 0 { - return fmt.Errorf("FZF_API_KEY is required for remote access"), port + if !address.IsLocal() && len(apiKey) == 0 { + return fmt.Errorf("FZF_API_KEY is required to allow remote access"), port } - listener, err := net.Listen("tcp", fmt.Sprintf("%s:%d", host, port)) + addrStr := fmt.Sprintf("%s:%d", host, port) + listener, err := net.Listen("tcp", addrStr) if err != nil { - return fmt.Errorf("failed to listen on %s", address), port + return fmt.Errorf("failed to listen on %s", addrStr), port } if port == 0 { addr := listener.Addr().String() -- cgit v1.2.3