svn commit: r317544 - head/usr.sbin/bhyve

[Gleb Smirnoff]

Author: glebius
Date: Fri Apr 28 05:32:26 2017
New Revision: 317544
URL: https://svnweb.freebsd.org/changeset/base/317544

Log:
  - For security reasons by default listen on localhost address,
    not on wildcard. [1]
  - Move the default port assignment from pci_fbuf.c to rfb.c,
    to avoid polluting pci_fbuf.c with network things.
  
  Suggested by:	grehan

Modified:
  head/usr.sbin/bhyve/pci_fbuf.c
  head/usr.sbin/bhyve/rfb.c

Modified: head/usr.sbin/bhyve/pci_fbuf.c
==============================================================================
--- head/usr.sbin/bhyve/pci_fbuf.c	Fri Apr 28 05:13:27 2017	(r317543)
+++ head/usr.sbin/bhyve/pci_fbuf.c	Fri Apr 28 05:32:26 2017	(r317544)
@@ -365,8 +365,6 @@ pci_fbuf_init(struct vmctx *ctx, struct 
 
 	sc->fsc_pi = pi;
 
-	sc->rfb_port = 5900;
-
 	error = pci_fbuf_parse_opts(sc, opts);
 	if (error != 0)
 		goto done;

Modified: head/usr.sbin/bhyve/rfb.c
==============================================================================
--- head/usr.sbin/bhyve/rfb.c	Fri Apr 28 05:13:27 2017	(r317543)
+++ head/usr.sbin/bhyve/rfb.c	Fri Apr 28 05:32:26 2017	(r317544)
@@ -897,11 +897,11 @@ rfb_init(char *hostname, int port, int w
 
 	sin.sin_len = sizeof(sin);
 	sin.sin_family = AF_INET;
-	sin.sin_port = htons(port);
+	sin.sin_port = port ? htons(port) : htons(5900);
 	if (hostname && strlen(hostname) > 0)
 		inet_pton(AF_INET, hostname, &(sin.sin_addr));
 	else
-		sin.sin_addr.s_addr = htonl(INADDR_ANY);
+		sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
 
 	if (bind(rc->sfd, (struct sockaddr *)&sin, sizeof(sin)) < 0) {
 		perror("bind");