Faster checking for blocked domains

main
Bob Mottram 2020-03-28 10:33:04 +00:00
parent 71b5e1e57a
commit 36267ac5f4
3 changed files with 45 additions and 3 deletions

View File

@ -8,6 +8,7 @@ __status__="Production"
import os
from utils import isEvil
from utils import evilIncarnate
def addGlobalBlock(baseDir: str, \
blockNickname: str,blockDomain: str) -> bool:
@ -113,6 +114,23 @@ def isBlockedHashtag(baseDir: str,hashtag: str) -> bool:
return True
return False
def getDomainBlocklist(baseDir: str) -> str:
"""Returns all globally blocked domains as a string
This can be used for fast matching to mitigate flooding
"""
blockedStr=''
evilDomains=evilIncarnate()
for evil in evilDomains:
blockedStr+=evil+'\n'
globalBlockingFilename=baseDir+'/accounts/blocking.txt'
if not os.path.isfile(globalBlockingFilename):
return blockedStr
with open(globalBlockingFilename, 'r') as file:
blockedStr += file.read()
return blockedStr
def isBlockedDomain(baseDir: str,domain: str) -> bool:
"""Is the given domain blocked?
"""

View File

@ -107,6 +107,7 @@ from blocking import addGlobalBlock
from blocking import removeGlobalBlock
from blocking import isBlockedHashtag
from blocking import isBlockedDomain
from blocking import getDomainBlocklist
from config import setConfigParam
from config import getConfigParam
from roles import outboxDelegate
@ -936,7 +937,14 @@ class PubServer(BaseHTTPRequestHandler):
callingDomain=None
if self.headers.get('Host'):
callingDomain=self.headers['Host']
if isBlockedDomain(self.server.baseDir,callingDomain):
if self.server.blocklistUpdateCtr<=0:
self.server.blocklistUpdateCtr=self.server.blocklistUpdateInterval
self.server.domainBlocklist=getDomainBlocklist(self.server.baseDir)
self.server.blocklistUpdateCtr-=1
if callingDomain in self.server.domainBlocklist:
print('GET domain blocked: '+callingDomain)
self._400()
return
@ -4381,7 +4389,14 @@ class PubServer(BaseHTTPRequestHandler):
callingDomain=None
if self.headers.get('Host'):
callingDomain=self.headers['Host']
if isBlockedDomain(self.server.baseDir,callingDomain):
if self.server.blocklistUpdateCtr<=0:
self.server.blocklistUpdateCtr=self.server.blocklistUpdateInterval
self.server.domainBlocklist=getDomainBlocklist(self.server.baseDir)
self.server.blocklistUpdateCtr-=1
if callingDomain in self.server.domainBlocklist:
print('POST domain blocked: '+callingDomain)
self._400()
return
@ -6194,6 +6209,12 @@ def runDaemon(blogsInstance: bool,mediaInstance: bool, \
print('ERROR: HTTP server failed to start. '+str(e))
return False
# This counter is used to update the list of blocked domains in memory.
# It helps to avoid touching the disk and so improves flooding resistance
httpd.blocklistUpdateCtr=0
httpd.blocklistUpdateInterval=100
httpd.domainBlocklist=getDomainBlocklist(baseDir)
httpd.onionDomain=onionDomain
httpd.useBlurHash=useBlurHash
httpd.mediaInstance=mediaInstance

View File

@ -93,12 +93,15 @@ def getStatusNumber() -> (str,str):
published=currTime.strftime("%Y-%m-%dT%H:%M:%SZ")
return statusNumber,published
def evilIncarnate() -> []:
return ('gab.com','gabfed.com','spinster.xyz','kiwifarms.cc','djitter.com')
def isEvil(domain: str) -> bool:
if not isinstance(domain, str):
print('WARN: Malformed domain '+str(domain))
return True
# https://www.youtube.com/watch?v=5qw1hcevmdU
evilDomains=('gab.com','gabfed.com','spinster.xyz','kiwifarms.cc','djitter.com')
evilDomains=evilIncarnate()
for concentratedEvil in evilDomains:
if domain.endswith(concentratedEvil):
return True