From b86a09131bd4bf60d939a40e3adb317a613cd7ce Mon Sep 17 00:00:00 2001
From: John Doty <john@d0ty.me>
Date: Sat, 10 Aug 2024 06:58:22 -0700
Subject: [PATCH] Don't enable anonymous ports by default

---
 src/client/ui.rs | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/src/client/ui.rs b/src/client/ui.rs
index 7fb0968..8ee3691 100644
--- a/src/client/ui.rs
+++ b/src/client/ui.rs
@@ -605,12 +605,21 @@ impl UI {
                         listener.connect(self.socks_port, port_desc);
                     } else {
                         assert!(!self.config.contains_key(port_desc.port));
+
+                        // The server can send us these ports it knows nothing about.
+                        // These might be dangerous to enable by default, so don't.
+                        let enabled = if port_desc.desc.is_empty() {
+                            false
+                        } else {
+                            self.config.auto()
+                        };
+
                         self.ports.insert(
                             port_desc.port,
                             Listener::from_desc(
                                 self.socks_port,
                                 port_desc,
-                                self.config.auto(),
+                                enabled,
                             ),
                         );
                     }
@@ -1135,4 +1144,21 @@ mod tests {
 
         drop(sender);
     }
+
+    #[test]
+    fn empty_port_desc_disabled_by_default() {
+        let (sender, receiver) = mpsc::channel(64);
+        let config = ServerConfig::default();
+        let mut ui = UI::new(receiver, config);
+
+        ui.handle_internal_event(Some(UIEvent::Ports(vec![PortDesc {
+            port: 8080,
+            desc: "".to_string(),
+        }])));
+
+        let listener = ui.ports.get(&8080).unwrap();
+        assert_eq!(listener.state(), State::Disabled);
+
+        drop(sender);
+    }
 }