YGGverse/aquatic
1
0
Fork 0
mirror of https://github.com/YGGverse/aquatic.git synced 2026-04-02 18:55:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

aquatic_http: check access list in announce request handler

Browse source
This commit is contained in:
Joakim Frostegård 2021-10-15 22:49:07 +02:00
parent 4fa199a1e0
commit 7fec41099b
4 changed files with 73 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

3
aquatic_http/src/lib/common.rs
View file

@ -112,19 +112,18 @@ pub type TorrentMap<I> = HashMap<InfoHash, TorrentData<I>>;
pub struct TorrentMaps { pub struct TorrentMaps {
pub ipv4: TorrentMap<Ipv4Addr>, pub ipv4: TorrentMap<Ipv4Addr>,
pub ipv6: TorrentMap<Ipv6Addr>, pub ipv6: TorrentMap<Ipv6Addr>,
pub access_list: AccessList,
} }
#[derive(Clone)] #[derive(Clone)]
pub struct State { pub struct State {
pub torrent_maps: Arc<Mutex<TorrentMaps>>, pub torrent_maps: Arc<Mutex<TorrentMaps>>,
pub access_list: Arc<Mutex<AccessList>>,
} }
impl Default for State { impl Default for State {
fn default() -> Self { fn default() -> Self {
Self { Self {
torrent_maps: Arc::new(Mutex::new(TorrentMaps::default())), torrent_maps: Arc::new(Mutex::new(TorrentMaps::default())),
access_list: Arc::new(Mutex::new(AccessList::default())),
} }
} }
} }

10
aquatic_http/src/lib/handler.rs
View file

@ -105,11 +105,16 @@ pub fn handle_announce_requests(
let valid_until = ValidUntil::new(config.cleaning.max_peer_age); let valid_until = ValidUntil::new(config.cleaning.max_peer_age);
for (meta, request) in requests { for (meta, request) in requests {
let info_hash_allowed = torrent_maps
.access_list
.allows(config.access_list.mode, &request.info_hash.0);
let response = if info_hash_allowed {
let peer_ip = convert_ipv4_mapped_ipv6(meta.peer_addr.ip()); let peer_ip = convert_ipv4_mapped_ipv6(meta.peer_addr.ip());
::log::debug!("peer ip: {:?}", peer_ip); ::log::debug!("peer ip: {:?}", peer_ip);
let response = match peer_ip { match peer_ip {
IpAddr::V4(peer_ip_address) => { IpAddr::V4(peer_ip_address) => {
let torrent_data: &mut TorrentData<Ipv4Addr> = let torrent_data: &mut TorrentData<Ipv4Addr> =
torrent_maps.ipv4.entry(request.info_hash).or_default(); torrent_maps.ipv4.entry(request.info_hash).or_default();
@ -168,6 +173,9 @@ pub fn handle_announce_requests(
Response::Announce(response) Response::Announce(response)
} }
}
} else {
Response::Failure(FailureResponse::new("Info hash not allowed"))
}; };
response_channel_sender.send(meta, response); response_channel_sender.send(meta, response);

3
aquatic_http/src/lib/lib.rs
View file

@ -27,8 +27,9 @@ pub fn run(config: Config) -> anyhow::Result<()> {
match config.access_list.mode { match config.access_list.mode {
AccessListMode::Require | AccessListMode::Forbid => { AccessListMode::Require | AccessListMode::Forbid => {
state state
.access_list .torrent_maps
.lock() .lock()
.access_list
.update_from_path(&config.access_list.path)?; .update_from_path(&config.access_list.path)?;
} }
AccessListMode::Ignore => {} AccessListMode::Ignore => {}

6
aquatic_http_protocol/src/response.rs
View file

@ -135,6 +135,12 @@ pub struct FailureResponse {
} }
impl FailureResponse { impl FailureResponse {
pub fn new(reason: &str) -> Self {
Self {
failure_reason: reason.into()
}
}
fn write<W: Write>(&self, output: &mut W) -> ::std::io::Result<usize> { fn write<W: Write>(&self, output: &mut W) -> ::std::io::Result<usize> {
let mut bytes_written = 0usize; let mut bytes_written = 0usize;