indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Extra checks for nodeinfo calling domain

merge-requests/30/head
Bob Mottram 2022-01-30 17:21:28 +00:00
parent ee49df6805
commit 10696e12c1
2 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
daemon.py
View File

@ -245,6 +245,7 @@ from languages import set_actor_languages
from languages import get_understood_languages from languages import get_understood_languages
from like import update_likes_collection from like import update_likes_collection
from reaction import update_reaction_collection from reaction import update_reaction_collection
from utils import local_network_host
from utils import undo_reaction_collection_entry from utils import undo_reaction_collection_entry
from utils import get_new_post_endpoints from utils import get_new_post_endpoints
from utils import has_actor from utils import has_actor
@ -1135,6 +1136,9 @@ class PubServer(BaseHTTPRequestHandler):
def _nodeinfo(self, ua_str: str, calling_domain: str, def _nodeinfo(self, ua_str: str, calling_domain: str,
httpPrefix: str, calling_site_timeout: int, httpPrefix: str, calling_site_timeout: int,
debug: bool) -> bool: debug: bool) -> bool:
if self.path.startswith('/nodeinfo/1.0'):
self._400()
return True
if not self.path.startswith('/nodeinfo/2.0'): if not self.path.startswith('/nodeinfo/2.0'):
return False return False
if calling_domain == self.server.domain_full: if calling_domain == self.server.domain_full:
@ -1142,14 +1146,32 @@ class PubServer(BaseHTTPRequestHandler):
return True return True
if self.server.nodeinfo_is_active: if self.server.nodeinfo_is_active:
print('nodeinfo is busy') print('nodeinfo is busy')
self._404() self._503()
return True return True
self.server.nodeinfo_is_active = True self.server.nodeinfo_is_active = True
# is this a real website making the call ? # is this a real website making the call ?
if not debug: if not debug and not self.server.unit_test:
# Does calling_domain look like a domain?
if ' ' in calling_domain or \
';' in calling_domain or \
'.' not in calling_domain:
print('nodeinfo calling domain does not look like a domain ' +
calling_domain)
self._400()
self.server.nodeinfo_is_active = False
return True
if not self.server.allow_local_network_access:
if local_network_host(calling_domain):
print('nodeinfo calling domain is from the ' +
'local network ' + calling_domain)
self._400()
self.server.nodeinfo_is_active = False
return True
if not site_is_active(httpPrefix + '://' + calling_domain, if not site_is_active(httpPrefix + '://' + calling_domain,
calling_site_timeout): calling_site_timeout):
self._404() print('nodeinfo calling domain is not active ' +
calling_domain)
self._400()
self.server.nodeinfo_is_active = False self.server.nodeinfo_is_active = False
return True return True
if self.server.debug: if self.server.debug:

4
utils.py
View File

@ -179,7 +179,7 @@ def get_sha_512(msg: str):
return digest.finalize() return digest.finalize()
def _local_network_host(host: str) -> bool: def local_network_host(host: str) -> bool:
"""Returns true if the given host is on the local network """Returns true if the given host is on the local network
""" """
if host.startswith('localhost') or \ if host.startswith('localhost') or \
@ -196,7 +196,7 @@ def decoded_host(host: str) -> str:
""" """
if ':' not in host: if ':' not in host:
# eg. mydomain:8000 # eg. mydomain:8000
if not _local_network_host(host): if not local_network_host(host):
if not host.endswith('.onion'): if not host.endswith('.onion'):
if not host.endswith('.i2p'): if not host.endswith('.i2p'):
return idna.decode(host) return idna.decode(host)