commit
2a3a02ce2c
|
@ -134,25 +134,6 @@ namespace UDPT
|
||||||
"</html>");
|
"</html>");
|
||||||
}
|
}
|
||||||
|
|
||||||
bool WebApp::isAllowedIP (WebApp *app, string key, uint32_t ip)
|
|
||||||
{
|
|
||||||
std::map<std::string, list<uint32_t> >::iterator it, end;
|
|
||||||
end = app->ip_whitelist.end ();
|
|
||||||
it = app->ip_whitelist.find (key);
|
|
||||||
if (it == app->ip_whitelist.end())
|
|
||||||
return false; // no such key
|
|
||||||
|
|
||||||
list<uint32_t> *lst = &it->second;
|
|
||||||
list<uint32_t>::iterator ipit;
|
|
||||||
for (ipit = lst->begin();ipit != lst->end();ipit++)
|
|
||||||
{
|
|
||||||
if (*ipit == ip)
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
void WebApp::doRemoveTorrent (HTTPServer::Request *req, HTTPServer::Response *resp)
|
void WebApp::doRemoveTorrent (HTTPServer::Request *req, HTTPServer::Response *resp)
|
||||||
{
|
{
|
||||||
string strHash = req->getParam("hash");
|
string strHash = req->getParam("hash");
|
||||||
|
@ -208,18 +189,14 @@ namespace UDPT
|
||||||
throw ServerException (0, "IPv4 supported Only.");
|
throw ServerException (0, "IPv4 supported Only.");
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string key = req->getParam("auth");
|
|
||||||
if (key.length() <= 0)
|
|
||||||
throw ServerException (0, "Bad Authentication Key");
|
|
||||||
|
|
||||||
WebApp *app = (WebApp*)srv->getData("webapp");
|
WebApp *app = (WebApp*)srv->getData("webapp");
|
||||||
if (app == NULL)
|
if (app == NULL)
|
||||||
throw ServerException(0, "WebApp object wasn't found");
|
throw ServerException(0, "WebApp object wasn't found");
|
||||||
|
|
||||||
if (!isAllowedIP(app, key, req->getAddress()->sin_addr.s_addr))
|
if (req->getAddress()->sin_addr.s_addr != 0x0100007f)
|
||||||
{
|
{
|
||||||
resp->setStatus(403, "Forbidden");
|
resp->setStatus(403, "Forbidden");
|
||||||
resp->write("IP not whitelisted. Access Denied.");
|
resp->write("Access Denied. Only 127.0.0.1 can access this method.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -47,12 +47,10 @@ namespace UDPT
|
||||||
std::shared_ptr<HTTPServer> m_server;
|
std::shared_ptr<HTTPServer> m_server;
|
||||||
UDPT::Data::DatabaseDriver *db;
|
UDPT::Data::DatabaseDriver *db;
|
||||||
const boost::program_options::variables_map& m_conf;
|
const boost::program_options::variables_map& m_conf;
|
||||||
std::map<std::string, list<uint32_t> > ip_whitelist;
|
|
||||||
|
|
||||||
static void handleRoot (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
|
static void handleRoot (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
|
||||||
static void handleAnnounce (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
|
static void handleAnnounce (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
|
||||||
static void handleAPI (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
|
static void handleAPI (HTTPServer*,HTTPServer::Request*, HTTPServer::Response*);
|
||||||
static bool isAllowedIP (WebApp *, string, uint32_t);
|
|
||||||
|
|
||||||
void doAddTorrent (HTTPServer::Request*, HTTPServer::Response*);
|
void doAddTorrent (HTTPServer::Request*, HTTPServer::Response*);
|
||||||
void doRemoveTorrent (HTTPServer::Request*, HTTPServer::Response*);
|
void doRemoveTorrent (HTTPServer::Request*, HTTPServer::Response*);
|
||||||
|
|
|
@ -86,6 +86,7 @@ int main(int argc, char *argv[])
|
||||||
#endif
|
#endif
|
||||||
;
|
;
|
||||||
|
|
||||||
|
|
||||||
boost::program_options::options_description configOptions("Configuration options");
|
boost::program_options::options_description configOptions("Configuration options");
|
||||||
configOptions.add_options()
|
configOptions.add_options()
|
||||||
("db.driver", boost::program_options::value<std::string>()->default_value("sqlite3"), "database driver to use")
|
("db.driver", boost::program_options::value<std::string>()->default_value("sqlite3"), "database driver to use")
|
||||||
|
@ -100,7 +101,7 @@ int main(int argc, char *argv[])
|
||||||
("tracker.cleanup_interval", boost::program_options::value<unsigned>()->default_value(120), "sets database cleanup interval")
|
("tracker.cleanup_interval", boost::program_options::value<unsigned>()->default_value(120), "sets database cleanup interval")
|
||||||
|
|
||||||
("apiserver.enable", boost::program_options::value<bool>()->default_value(0), "Enable API server?")
|
("apiserver.enable", boost::program_options::value<bool>()->default_value(0), "Enable API server?")
|
||||||
("apiserver.threads", boost::program_options::value<unsigned>()->default_value(1), "threads for API server")
|
("apiserver.threads", boost::program_options::value<unsigned short>()->default_value(1), "threads for API server")
|
||||||
("apiserver.port", boost::program_options::value<unsigned short>()->default_value(6969), "TCP port to listen on")
|
("apiserver.port", boost::program_options::value<unsigned short>()->default_value(6969), "TCP port to listen on")
|
||||||
|
|
||||||
("logging.filename", boost::program_options::value<std::string>()->default_value("stdout"), "file to write logs to")
|
("logging.filename", boost::program_options::value<std::string>()->default_value("stdout"), "file to write logs to")
|
||||||
|
|
|
@ -58,6 +58,8 @@ namespace UDPT
|
||||||
}
|
}
|
||||||
|
|
||||||
this->m_localEndpoint = addrs.front();
|
this->m_localEndpoint = addrs.front();
|
||||||
|
|
||||||
|
this->m_conn = std::shared_ptr<DatabaseDriver>(new Data::SQLite3Driver(m_conf, this->m_isDynamic));
|
||||||
}
|
}
|
||||||
|
|
||||||
UDPTracker::~UDPTracker()
|
UDPTracker::~UDPTracker()
|
||||||
|
@ -111,8 +113,6 @@ namespace UDPT
|
||||||
|
|
||||||
this->m_sock = sock;
|
this->m_sock = sock;
|
||||||
|
|
||||||
this->m_conn = std::shared_ptr<DatabaseDriver>(new Data::SQLite3Driver(m_conf, this->m_isDynamic));
|
|
||||||
|
|
||||||
ss.str("");
|
ss.str("");
|
||||||
ss << "Starting maintenance thread (1/" << ((int)this->m_threadCount) << ")";
|
ss << "Starting maintenance thread (1/" << ((int)this->m_threadCount) << ")";
|
||||||
logger->log(Logger::LL_INFO, ss.str());
|
logger->log(Logger::LL_INFO, ss.str());
|
||||||
|
|
Loading…
Reference in a new issue