| Anonymous | Login | Signup for a new account | 2024-11-21 10:26 CET | |
| My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||||
| 0000955 | aMule | Preferences | public | 2006-08-29 10:19 | 2017-05-30 08:49 | ||||||||
| Reporter | hramrach | ||||||||||||
| Assigned To | Kry | ||||||||||||
| Priority | high | Severity | minor | Reproducibility | always | ||||||||
| Status | assigned | Resolution | open | ||||||||||
| Platform | OS | OS Version | |||||||||||
| Product Version | 2.1.3 | ||||||||||||
| Target Version | Fixed in Version | ||||||||||||
| Summary | 0000955: add option to specify listening address for amuleweb | ||||||||||||
| Description | It is possible to specify an address on which amule(d) listens as ECServer but it is not possible to specify the address on which amuleweb listens. | ||||||||||||
| Additional Information | Could be used to allow the web only on one interface of machines that have several interfaces, or to allow only local connections so that it is possible to connect only from localhost or through ssh tunnels. | ||||||||||||
| Tags | configure, connection | ||||||||||||
| Fixed in Revision | |||||||||||||
| Operating System | Any | ||||||||||||
| Attached Files | |||||||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0003534) bugmi (reporter) 2011-01-29 17:47 |
Nothing yet? it would be really useful. |
|
(0003702) uqbar (reporter) 2017-05-30 08:10 edited on: 2017-05-30 08:49 |
This is actually a major bug to be addressed asap. It's a real bug as the amule.conf file has an ECAddress setting to limit the "external connections" address, but amuleweb is happily ignoring it and is not able to connect unless it's unset! And it's a security bug as well. The web UI has no encryption (aka SSL) and opening a web UI over any network without encryption is a security nightmare. Now, besides adding encryption, there's an easy solution: fix just this bug. Let amuleweb listen on loopback only at any address from 127.0.0.1 to 127.255.255.254. Then open an SSH TCP port forward/SOCKSv5 proxy from remote client to the amuleweb host. This should add very strong encryption to amuleweb with just a tiny fix. Maybe the offendig code is here: file:src/sebserver/WebServer.cpp, line 285 amuleIPV4Address addr; addr.AnyAddress(); addr.Service(webInterface->m_WebserverPort); it looks like it's setting the listening address to 0.0.0.0 . What's hard to find to me (so far) is where it's connecting to for amuled. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2006-08-29 10:19 | hramrach | New Issue | |
| 2006-08-29 10:19 | hramrach | Operating System | => Any |
| 2006-08-31 12:36 | Kry | Status | new => assigned |
| 2006-08-31 12:36 | Kry | Assigned To | => Kry |
| 2006-09-26 05:07 | Kry | Priority | normal => high |
| 2006-11-09 22:40 | pcmaster | Note Added: 0002157 | |
| 2006-11-09 22:40 | pcmaster | Note Deleted: 0002157 | |
| 2011-01-29 17:47 | bugmi | Note Added: 0003534 | |
| 2017-05-30 08:10 | uqbar | Note Added: 0003702 | |
| 2017-05-30 08:31 | uqbar | Note Edited: 0003702 | View Revisions |
| 2017-05-30 08:35 | uqbar | Tag Attached: configure | |
| 2017-05-30 08:35 | uqbar | Tag Attached: connection | |
| 2017-05-30 08:49 | uqbar | Note Edited: 0003702 | View Revisions |
|
Issue History |
| Copyright © 2000 - 2024 MantisBT Team |
 |