Merge pull request #18 from naim94a/bugfix/issue-17

Bugfix/issue 17

src/http/webapp.cpp

@@ -134,25 +134,6 @@ namespace UDPT
 					"</html>");
 		}
 
-		bool WebApp::isAllowedIP (WebApp *app, string key, uint32_t ip)
-		{
-			std::map<std::string, list<uint32_t> >::iterator it, end;
-			end = app->ip_whitelist.end ();
-			it = app->ip_whitelist.find (key);
-			if (it == app->ip_whitelist.end())
-				return false;	// no such key
-
-			list<uint32_t> *lst = &it->second;
-			list<uint32_t>::iterator ipit;
-			for (ipit = lst->begin();ipit != lst->end();ipit++)
-			{
-				if (*ipit == ip)
-					return true;
-			}
-
-			return false;
-		}
-
 		void WebApp::doRemoveTorrent (HTTPServer::Request *req, HTTPServer::Response *resp)
 		{
 			string strHash = req->getParam("hash");
@@ -208,18 +189,14 @@ namespace UDPT
 				throw ServerException (0, "IPv4 supported Only.");
 			}
 
-			std::string key = req->getParam("auth");
-			if (key.length() <= 0)
-				throw ServerException (0, "Bad Authentication Key");
-
 			WebApp *app = (WebApp*)srv->getData("webapp");
 			if (app == NULL)
 				throw ServerException(0, "WebApp object wasn't found");
 
-			if (!isAllowedIP(app, key, req->getAddress()->sin_addr.s_addr))
+			if (req->getAddress()->sin_addr.s_addr != 0x0100007f)
 			{
 				resp->setStatus(403, "Forbidden");
-				resp->write("IP not whitelisted. Access Denied.");
+				resp->write("Access Denied. Only 127.0.0.1 can access this method.");
 				return;
 			}
 

src/http/webapp.hpp

@@ -47,12 +47,10 @@ namespace UDPT
 			std::shared_ptr<HTTPServer> m_server;
 			UDPT::Data::DatabaseDriver *db;
 			const boost::program_options::variables_map& m_conf;
-			std::map<std::string, list<uint32_t> > ip_whitelist;
 
 			static void handleRoot (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
 			static void handleAnnounce (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
 			static void handleAPI (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
-			static bool isAllowedIP (WebApp *, string, uint32_t);
 
 			void doAddTorrent (HTTPServer::Request*, HTTPServer::Response*);
 			void doRemoveTorrent (HTTPServer::Request*, HTTPServer::Response*);

src/main.cpp

@@ -86,6 +86,7 @@ int main(int argc, char *argv[])
 #endif
 		;
 
+
 	boost::program_options::options_description configOptions("Configuration options");
 	configOptions.add_options()
 		("db.driver", boost::program_options::value<std::string>()->default_value("sqlite3"), "database driver to use")
@@ -100,7 +101,7 @@ int main(int argc, char *argv[])
 		("tracker.cleanup_interval", boost::program_options::value<unsigned>()->default_value(120), "sets database cleanup interval")
 		
 		("apiserver.enable", boost::program_options::value<bool>()->default_value(0), "Enable API server?")
-		("apiserver.threads", boost::program_options::value<unsigned>()->default_value(1), "threads for API server")
+		("apiserver.threads", boost::program_options::value<unsigned short>()->default_value(1), "threads for API server")
 		("apiserver.port", boost::program_options::value<unsigned short>()->default_value(6969), "TCP port to listen on")
 
 		("logging.filename", boost::program_options::value<std::string>()->default_value("stdout"), "file to write logs to")

src/udpTracker.cpp

@@ -58,6 +58,8 @@ namespace UDPT
 		}
 
 		this->m_localEndpoint = addrs.front();
+
+		this->m_conn = std::shared_ptr<DatabaseDriver>(new Data::SQLite3Driver(m_conf, this->m_isDynamic));
 	}
 
 	UDPTracker::~UDPTracker()
@@ -111,8 +113,6 @@ namespace UDPT
 
 		this->m_sock = sock;
 
-		this->m_conn = std::shared_ptr<DatabaseDriver>(new Data::SQLite3Driver(m_conf, this->m_isDynamic));
-
 		ss.str("");
 		ss << "Starting maintenance thread (1/" << ((int)this->m_threadCount) << ")";
 		logger->log(Logger::LL_INFO, ss.str());