[Bug #1222790] Set reuse-address and close-on-exec flags on the HTTP listening socket

andrew.kuchling · andrew.kuchling · commit bbff134f6ecd · 2005-12-04T15:07:41.000Z
git-svn-id: http://svn.python.org/projects/python/trunk@41585 6015fed2-1504-0410-9fe1-9d1591cc4771
diff --git a/Lib/SimpleXMLRPCServer.py b/Lib/SimpleXMLRPCServer.py
@@ -104,7 +104,7 @@ def export_add(self, x, y):
 import SocketServer
 import BaseHTTPServer
 import sys
-import os
+import os, fcntl
 
 def resolve_dotted_attribute(obj, attr, allow_dotted_names=True):
     """resolve_dotted_attribute(a, 'b.c.d') => a.b.c.d
@@ -465,13 +465,23 @@ class SimpleXMLRPCServer(SocketServer.TCPServer,
     from SimpleXMLRPCDispatcher to change this behavior.
     """
 
+    allow_reuse_address = True
+
     def __init__(self, addr, requestHandler=SimpleXMLRPCRequestHandler,
                  logRequests=1):
         self.logRequests = logRequests
 
         SimpleXMLRPCDispatcher.__init__(self)
         SocketServer.TCPServer.__init__(self, addr, requestHandler)
 
+        # [Bug #1222790] If possible, set close-on-exec flag; if a 
+        # method spawns a subprocess, the subprocess shouldn't have 
+        # the listening socket open.
+        if hasattr(fcntl, 'FD_CLOEXEC'):
+            flags = fcntl.fcntl(self.fileno(), fcntl.F_GETFD)
+            flags |= fcntl.FD_CLOEXEC
+            fcntl.fcntl(self.fileno(), fcntl.F_SETFD, flags)
+
 class CGIXMLRPCRequestHandler(SimpleXMLRPCDispatcher):
     """Simple handler for XML-RPC data passed through CGI."""
 
diff --git a/Misc/NEWS b/Misc/NEWS
@@ -448,6 +448,9 @@ Library
   disables recursive traversal through instance attributes, which can
   be exploited in various ways.
 
+- Bug #1222790: in SimpleXMLRPCServer, set the reuse-address and close-on-exec 
+  flags on the HTTP listening socket.
+
 - Bug #1110478: Revert os.environ.update to do putenv again.
 
 - Bug #1103844: fix distutils.install.dump_dirs() with negated options.
