diff options
| author | Jan Kiszka <jan.kiszka@siemens.com> | 2011-07-20 12:20:14 +0200 |
|---|---|---|
| committer | Anthony Liguori <aliguori@us.ibm.com> | 2011-07-23 10:19:49 -0500 |
| commit | c54ed5bcdd8ed29f9cdfcfc0e456b6ec1f25d2c3 (patch) | |
| tree | 8aef013391d00fc25269423ebe4d6bc379554564 | |
| parent | 12b513d837c9da5277390ddaf98ca0058339977a (diff) | |
| download | focaccia-qemu-c54ed5bcdd8ed29f9cdfcfc0e456b6ec1f25d2c3.tar.gz focaccia-qemu-c54ed5bcdd8ed29f9cdfcfc0e456b6ec1f25d2c3.zip | |
slirp: Canonicalize restrict syntax
All other boolean arguments accept on|off - except for slirp's restrict. Fix that while still accepting the formerly allowed yes|y|no|n, but reject everything else. This avoids accidentally allowing external connections because syntax errors were so far interpreted as 'restrict=no'. CC: Gleb Natapov <gleb@redhat.com> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
| -rw-r--r-- | net/slirp.c | 21 | ||||
| -rw-r--r-- | qemu-options.hx | 4 |
2 files changed, 17 insertions, 8 deletions
diff --git a/net/slirp.c b/net/slirp.c index e057a14ce9..71e2577b6f 100644 --- a/net/slirp.c +++ b/net/slirp.c @@ -240,7 +240,8 @@ static int net_slirp_init(VLANState *vlan, const char *model, nc = qemu_new_net_client(&net_slirp_info, vlan, NULL, model, name); snprintf(nc->info_str, sizeof(nc->info_str), - "net=%s, restricted=%c", inet_ntoa(net), restricted ? 'y' : 'n'); + "net=%s,restrict=%s", inet_ntoa(net), + restricted ? "on" : "off"); s = DO_UPCAST(SlirpState, nc, nc); @@ -689,6 +690,7 @@ int net_init_slirp(QemuOpts *opts, const char *bootfile; const char *smb_export; const char *vsmbsrv; + const char *restrict_opt; char *vnet = NULL; int restricted = 0; int ret; @@ -702,6 +704,18 @@ int net_init_slirp(QemuOpts *opts, smb_export = qemu_opt_get(opts, "smb"); vsmbsrv = qemu_opt_get(opts, "smbserver"); + restrict_opt = qemu_opt_get(opts, "restrict"); + if (restrict_opt) { + if (!strcmp(restrict_opt, "on") || + !strcmp(restrict_opt, "yes") || !strcmp(restrict_opt, "y")) { + restricted = 1; + } else if (strcmp(restrict_opt, "off") && + strcmp(restrict_opt, "no") && strcmp(restrict_opt, "n")) { + error_report("invalid option: 'restrict=%s'", restrict_opt); + return -1; + } + } + if (qemu_opt_get(opts, "ip")) { const char *ip = qemu_opt_get(opts, "ip"); int l = strlen(ip) + strlen("/24") + 1; @@ -720,11 +734,6 @@ int net_init_slirp(QemuOpts *opts, vnet = qemu_strdup(qemu_opt_get(opts, "net")); } - if (qemu_opt_get(opts, "restrict") && - qemu_opt_get(opts, "restrict")[0] == 'y') { - restricted = 1; - } - qemu_opt_foreach(opts, net_init_slirp_configs, NULL, 0); ret = net_slirp_init(vlan, "user", name, restricted, vnet, vhost, diff --git a/qemu-options.hx b/qemu-options.hx index 1233f834df..1d57f64888 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -1115,7 +1115,7 @@ DEF("net", HAS_ARG, QEMU_OPTION_net, "-net nic[,vlan=n][,macaddr=mac][,model=type][,name=str][,addr=str][,vectors=v]\n" " create a new Network Interface Card and connect it to VLAN 'n'\n" #ifdef CONFIG_SLIRP - "-net user[,vlan=n][,name=str][,net=addr[/mask]][,host=addr][,restrict=y|n]\n" + "-net user[,vlan=n][,name=str][,net=addr[/mask]][,host=addr][,restrict=on|off]\n" " [,hostname=host][,dhcpstart=addr][,dns=addr][,tftp=dir][,bootfile=f]\n" " [,hostfwd=rule][,guestfwd=rule]" #ifndef _WIN32 @@ -1208,7 +1208,7 @@ either in the form a.b.c.d or as number of valid top-most bits. Default is Specify the guest-visible address of the host. Default is the 2nd IP in the guest network, i.e. x.x.x.2. -@item restrict=y|yes|n|no +@item restrict=on|off If this option is enabled, the guest will be isolated, i.e. it will not be able to contact the host and no guest IP packets will be routed over the host to the outside. This option does not affect any explicitly set forwarding rules. |