• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: determining if connection is local
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: determining if connection is local

  • Subject: Re: determining if connection is local
  • From: Chaz McGarvey <email@hidden>
  • Date: Thu, 25 Sep 2003 18:03:45 -0600
On Thursday, September 25, 2003, at 03:44 PM, Quinn wrote:

At 15:06 -0600 25/9/03, Chaz McGarvey wrote:
The reason I'm interesting in this is because I have a program which has its user interface and "get work done" interface separated by sockets because I also want to allow remote clients to connect and use a remote interface with the local "get work done" interface (and visa versa). I don't always want remote clients to connect to my local computer, but I always want my local user interface to be able to connect to my local "get work done" interface. So, yes, it's a matter of security. This is my first project that needs to be networked. I'm definitely new to security, so if what I'm trying to do doesn't sound secure or if you can tell I'm missing a networking concept, I'd like to know.

If you control the client, you should make sure that the client does not bind its socket (or binds it to INET_ANY) before connecting. That will guarantee that it gets bound to 127.0.0.1. Then all your server needs to do is check for that peer address.

That's the thing. I meant to say this in my first reply. I am not binding the client at all (though I have tried binding to INET_ANY after your first reply with no improvement). The accepter still sees the client as 192.168.0.3, and I obviously can't compare against that because it's not locally assigned.

My client goes:
socket()
connect()
send(), recv()

And my listener goes:
socket()
setsockopt()
bind()
listen()
accept()
pass_to_server_handler()

A batch search verifies there's only one call to bind() in my whole project (In case I have some code somewhere that I don't know about? Good to be safe I guess) and that's in my listener code.

So, what do you think about that?

Thanks,
Chaz McGarvey
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • Re: determining if connection is local
      • From: Quinn <email@hidden>
References: 
 >Re: determining if connection is local (From: Quinn <email@hidden>)

  • Prev by Date: Re: determining if connection is local
  • Next by Date: Re: Using BSD sockets with MacOS 8 and 9
  • Previous by thread: Re: determining if connection is local
  • Next by thread: Re: determining if connection is local
  • Index(es):
    • Date
    • Thread