YGGverse/aquatic
1
0
Fork 0
mirror of https://github.com/YGGverse/aquatic.git synced 2026-04-02 18:55:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

aquatic_http: check access list in announce request handler

Browse source
This commit is contained in:
Joakim Frostegård 2021-10-15 22:49:07 +02:00
parent 4fa199a1e0
commit 7fec41099b
4 changed files with 73 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

3
aquatic_http/src/lib/common.rs
View file

@ -112,19 +112,18 @@ pub type TorrentMap<I> = HashMap<InfoHash, TorrentData<I>>;
pub struct TorrentMaps { pub struct TorrentMaps {
pub ipv4: TorrentMap<Ipv4Addr>, pub ipv4: TorrentMap<Ipv4Addr>,
pub ipv6: TorrentMap<Ipv6Addr>, pub ipv6: TorrentMap<Ipv6Addr>,
pub access_list: AccessList,
} }
#[derive(Clone)] #[derive(Clone)]
pub struct State { pub struct State {
pub torrent_maps: Arc<Mutex<TorrentMaps>>, pub torrent_maps: Arc<Mutex<TorrentMaps>>,
pub access_list: Arc<Mutex<AccessList>>,
} }
impl Default for State { impl Default for State {
fn default() -> Self { fn default() -> Self {
Self { Self {
torrent_maps: Arc::new(Mutex::new(TorrentMaps::default())), torrent_maps: Arc::new(Mutex::new(TorrentMaps::default())),
access_list: Arc::new(Mutex::new(AccessList::default())),
} }
} }
} }

120
aquatic_http/src/lib/handler.rs
View file

@ -105,69 +105,77 @@ pub fn handle_announce_requests(
let valid_until = ValidUntil::new(config.cleaning.max_peer_age); let valid_until = ValidUntil::new(config.cleaning.max_peer_age);
for (meta, request) in requests { for (meta, request) in requests {
let peer_ip = convert_ipv4_mapped_ipv6(meta.peer_addr.ip()); let info_hash_allowed = torrent_maps
.access_list
.allows(config.access_list.mode, &request.info_hash.0);
::log::debug!("peer ip: {:?}", peer_ip); let response = if info_hash_allowed {
let peer_ip = convert_ipv4_mapped_ipv6(meta.peer_addr.ip());
let response = match peer_ip { ::log::debug!("peer ip: {:?}", peer_ip);
IpAddr::V4(peer_ip_address) => {
let torrent_data: &mut TorrentData<Ipv4Addr> =
torrent_maps.ipv4.entry(request.info_hash).or_default();
let peer_connection_meta = PeerConnectionMeta { match peer_ip {
worker_index: meta.worker_index, IpAddr::V4(peer_ip_address) => {
poll_token: meta.poll_token, let torrent_data: &mut TorrentData<Ipv4Addr> =
peer_ip_address, torrent_maps.ipv4.entry(request.info_hash).or_default();
};
let (seeders, leechers, response_peers) = upsert_peer_and_get_response_peers( let peer_connection_meta = PeerConnectionMeta {
config, worker_index: meta.worker_index,
rng, poll_token: meta.poll_token,
peer_connection_meta, peer_ip_address,
torrent_data, };
request,
valid_until,
);
let response = AnnounceResponse { let (seeders, leechers, response_peers) = upsert_peer_and_get_response_peers(
complete: seeders, config,
incomplete: leechers, rng,
announce_interval: config.protocol.peer_announce_interval, peer_connection_meta,
peers: ResponsePeerListV4(response_peers), torrent_data,
peers6: ResponsePeerListV6(vec![]), request,
}; valid_until,
);
Response::Announce(response) let response = AnnounceResponse {
} complete: seeders,
IpAddr::V6(peer_ip_address) => { incomplete: leechers,
let torrent_data: &mut TorrentData<Ipv6Addr> = announce_interval: config.protocol.peer_announce_interval,
torrent_maps.ipv6.entry(request.info_hash).or_default(); peers: ResponsePeerListV4(response_peers),
peers6: ResponsePeerListV6(vec![]),
let peer_connection_meta = PeerConnectionMeta { };
worker_index: meta.worker_index,
poll_token: meta.poll_token, Response::Announce(response)
peer_ip_address, }
}; IpAddr::V6(peer_ip_address) => {
let torrent_data: &mut TorrentData<Ipv6Addr> =
let (seeders, leechers, response_peers) = upsert_peer_and_get_response_peers( torrent_maps.ipv6.entry(request.info_hash).or_default();
config,
rng, let peer_connection_meta = PeerConnectionMeta {
peer_connection_meta, worker_index: meta.worker_index,
torrent_data, poll_token: meta.poll_token,
request, peer_ip_address,
valid_until, };
);
let (seeders, leechers, response_peers) = upsert_peer_and_get_response_peers(
let response = AnnounceResponse { config,
complete: seeders, rng,
incomplete: leechers, peer_connection_meta,
announce_interval: config.protocol.peer_announce_interval, torrent_data,
peers: ResponsePeerListV4(vec![]), request,
peers6: ResponsePeerListV6(response_peers), valid_until,
}; );
Response::Announce(response) let response = AnnounceResponse {
complete: seeders,
incomplete: leechers,
announce_interval: config.protocol.peer_announce_interval,
peers: ResponsePeerListV4(vec![]),
peers6: ResponsePeerListV6(response_peers),
};
Response::Announce(response)
}
} }
} else {
Response::Failure(FailureResponse::new("Info hash not allowed"))
}; };
response_channel_sender.send(meta, response); response_channel_sender.send(meta, response);

3
aquatic_http/src/lib/lib.rs
View file

@ -27,8 +27,9 @@ pub fn run(config: Config) -> anyhow::Result<()> {
match config.access_list.mode { match config.access_list.mode {
AccessListMode::Require | AccessListMode::Forbid => { AccessListMode::Require | AccessListMode::Forbid => {
state state
.access_list .torrent_maps
.lock() .lock()
.access_list
.update_from_path(&config.access_list.path)?; .update_from_path(&config.access_list.path)?;
} }
AccessListMode::Ignore => {} AccessListMode::Ignore => {}

6
aquatic_http_protocol/src/response.rs
View file

@ -135,6 +135,12 @@ pub struct FailureResponse {
} }
impl FailureResponse { impl FailureResponse {
pub fn new(reason: &str) -> Self {
Self {
failure_reason: reason.into()
}
}
fn write<W: Write>(&self, output: &mut W) -> ::std::io::Result<usize> { fn write<W: Write>(&self, output: &mut W) -> ::std::io::Result<usize> {
let mut bytes_written = 0usize; let mut bytes_written = 0usize;