From 246284f735a90437f363fe8818443d7af834e106 Mon Sep 17 00:00:00 2001
From: Arie Peterson <arie@greenhost.nl>
Date: Thu, 29 Jun 2017 16:36:56 +0200
Subject: [PATCH] Listen only to localhost

---
 src/cryptops-api.c             | 9 ++++++++-
 src/includes/common-includes.h | 2 ++
 src/includes/settings.h        | 1 +
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/cryptops-api.c b/src/cryptops-api.c
index ba0711d..48fbb92 100644
--- a/src/cryptops-api.c
+++ b/src/cryptops-api.c
@@ -15,8 +15,15 @@ int main(int argc, char ** argv)
     y_init_logs("cryptops-api", Y_LOG_MODE_CONSOLE, Y_LOG_LEVEL_DEBUG,
         NULL, "Starting cryptops-api");
 
+    // Set address to bind to.
+    struct sockaddr_in address;
+    bzero(&address, sizeof(address));
+    address.sin_family = AF_INET;
+    address.sin_port = htons((unsigned short)PORT);
+    inet_pton(AF_INET, BIND_ADDRESS, &address.sin_addr);
+
     struct _u_instance instance;
-    if (ulfius_init_instance(&instance, PORT, NULL, NULL) != U_OK)
+    if (ulfius_init_instance(&instance, PORT, &address, NULL) != U_OK)
     {
         y_log_message(Y_LOG_LEVEL_ERROR, "Error ulfius_init_instance, abort");
         return(1);
diff --git a/src/includes/common-includes.h b/src/includes/common-includes.h
index b54967d..44b0c7f 100644
--- a/src/includes/common-includes.h
+++ b/src/includes/common-includes.h
@@ -7,6 +7,8 @@
 #include <sys/statvfs.h>
 #include <linux/fs.h>
 #include <fcntl.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
 
 #define U_DISABLE_CURL
 #define U_DISABLE_WEBSOCKET
diff --git a/src/includes/settings.h b/src/includes/settings.h
index 12ee0fe..8418c58 100644
--- a/src/includes/settings.h
+++ b/src/includes/settings.h
@@ -1,5 +1,6 @@
 #define PREFIX "/cryptops/v0"
 #define PORT 8000
+#define BIND_ADDRESS "127.0.0.1"
 #define CONTAINER_DEVICE "/dev/xvda1"
 #define MAPPED_DEVICE_NAME "xvda1_crypt"
 #define MAPPED_DEVICE_PATH "/dev/mapper/" MAPPED_DEVICE_NAME
-- 
GitLab