lib/rpc/xml/server/dispatcher.rb in arachni-0.2.2.2 vs lib/rpc/xml/server/dispatcher.rb in arachni-0.2.3
- old
+ new
@@ -37,11 +37,11 @@
# If it doesn't the system will be eaten away by idle instances of XMLRPC servers.
#
# @author: Tasos "Zapotek" Laskos
# <tasos.laskos@gmail.com>
# <zapotek@segfault.gr>
-# @version: 0.1.1
+# @version: 0.1.2
#
class Dispatcher < Base
include Arachni::Module::Utilities
include Arachni::UI::Output
@@ -219,14 +219,10 @@
SSL --------------------------
(All SSL options will be honored by the dispatched XMLRPC instances as well.)
(Do *not* use encrypted keys!)
- --ssl use SSL?
- (If you want encryption without authentication
- you can skip rest of the SSL options.)
-
--ssl-pkey <file> location of the SSL private key (.pem)
(Used to verify the server to the clients.)
--ssl-cert <file> location of the SSL certificate (.pem)
(Used to verify the server to the clients.)
@@ -250,14 +246,15 @@
(@pool.size - @opts.pool_size).abs.times {
exception_jail{
# get an available port for the child
@opts.rpc_port = avail_port( )
+ @token = secret()
pid = Kernel.fork {
exception_jail {
- server = Arachni::RPC::XML::Server::Instance.new( @opts )
+ server = Arachni::RPC::XML::Server::Instance.new( @opts, @token )
trap( "INT", "IGNORE" )
server.run
}
# restore logging
@@ -269,18 +266,20 @@
print_status( "Server added to pool -- PID: #{pid} - " +
"Port: #{@opts.rpc_port} - Owner: #{owner}" )
@pool << {
+ 'token' => @token,
'pid' => pid,
'port' => @opts.rpc_port,
'owner' => owner,
'birthdate' => Time.now
}
# let the child go about his business
Process.detach( pid )
+ @token = nil
}
}
end
@@ -327,9 +326,18 @@
# Returns a random port
#
def rand_port
range = (1025..65535).to_a
range[ rand( 65535 - 1025 ) ]
+ end
+
+ def secret
+ secret = ''
+ 1000.times {
+ secret += rand( 1000 ).to_s
+ }
+
+ return Digest::MD5.hexdigest( secret )
end
#
# Checks whether the port number is available
#