guile

mirror of https://git.savannah.gnu.org/git/guile.git synced 2025-05-03 05:20:16 +02:00

History

Mark H Weaver 08c021916d REPL Server: Guard against HTTP inter-protocol exploitation attacks. Reported by Christopher Allan Webber <cwebber@dustycloud.org> Co-authored-by: Ludovic Courtès <ludo@gnu.org> This commit adds protection to Guile's REPL servers against HTTP inter-protocol exploitation attacks, a scenario whereby an attacker can, via an HTML page, cause a web browser to send data to TCP servers listening on a loopback interface or private network. See <https://en.wikipedia.org/wiki/Inter-protocol_exploitation> and <https://www.jochentopf.com/hfpa/hfpa.pdf>, The HTML Form Protocol Attack (2001) by Tochen Topf <jochen@remote.org>. Here we add a procedure to 'before-read-hook' that looks for a possible HTTP request-line in the first line of input from the client socket. If present, the socket is drained and closed, and a loud warning is written to stderr (POSIX file descriptor 2). * module/system/repl/server.scm: Add 'maybe-check-for-http-request' to 'before-read-hook' when this module is loaded. (with-temporary-port-encoding, with-saved-port-line+column) (drain-input-and-close, permissive-http-request-line?) (check-for-http-request, guard-against-http-request) (maybe-check-for-http-request): New procedures. (serve-client): Use 'guard-against-http-request'. * module/system/repl/coop-server.scm (start-repl-client): Use 'guard-against-http-request'. * doc/ref/guile-invoke.texi (Command-line Options): In the description of the --listen option, make the security warning more prominent. Mention the new protection added here. Recommend using UNIX domain sockets for REPL servers. "a path to" => "the file name of".		2016-10-11 11:29:09 +02:00
..
maint	Placate a number of `syntax-check' verifications.	2012-01-05 23:38:10 +01:00
r5rs	doc: Allow compilation of r5rs.texi with Texinfo 5.0.	2013-03-07 00:05:46 +01:00
ref	REPL Server: Guard against HTTP inter-protocol exploitation attacks.	2016-10-11 11:29:09 +02:00
.gitignore	More `.gitignore'.	2008-04-07 23:48:48 +02:00
BUGS
ChangeLog-2008	Rename `ChangeLog' files to` ChangeLog-2008'.	2008-09-12 21:49:58 +02:00
ChangeLog-guile-doc
gendocs_template	Update Gnulib to 6835fc458f30b94f15d69c35a79cbc2dfabe2d06.	2016-06-29 11:32:05 +02:00
gendocs_template_min	Update Gnulib to 6835fc458f30b94f15d69c35a79cbc2dfabe2d06.	2016-06-29 11:32:05 +02:00
goops.mail
groupings.alist	Change Guile license to LGPLv3+	2009-06-17 00:22:09 +01:00
guile-api.alist	Deprecate scm_array_fill_int()	2013-04-05 22:54:14 +02:00
guile.1	Fix typo in the man page.	2015-06-19 15:44:24 -04:00
hacks.el
Makefile.am	Remove doc/example-smob/	2014-04-28 17:46:59 +02:00
NEWS	merge from 1.8 branch	2006-04-16 23:18:55 +00:00
README	Remove doc/example-smob/	2014-04-28 17:46:59 +02:00
recipe-guidelines.txt
release.org	doc: Update `release.org'.	2013-04-10 01:09:28 +02:00
texinfo.tex	autotooling, version bump to 0.7	2008-05-20 12:10:18 +02:00
THANKS
use-cases.fig
use-cases.txt

README

This directory contains documentation on the Guile core.         -*-text-*-

The documentation consists of the following manuals.

- The Guile Tutorial (guile-tut.texi) contains a tutorial introduction
  to using Guile.

- The Guile Reference Manual (guile.texi) contains (or is intended to
  contain) reference documentation on all aspects of Guile.

- The Revised^5 Report on the Algorithmic Language Scheme (r5rs.texi).

Please be aware that this is all very much work in progress (apart
from the Revised^5 Report).  Bug reports and contributions are
welcome!

The `sources' directory includes some stuff relevant to the Guile
reference manual, and which may eventually be folded in to it.  It's
not immediately relevant, however, which is why it's not in this
directory.

The Revised^4 Report (r4rs.texi) is no longer in this distribution, as
it is completely superseded by the Revised^5 Report.  If you need to
consult R4RS, it is still widely available, for example at
http://www-swiss.ai.mit.edu/projects/info/SchemeDocs/r4rs/.