diff options
author | erdgeist <> | 2007-07-22 00:40:10 +0000 |
---|---|---|
committer | erdgeist <> | 2007-07-22 00:40:10 +0000 |
commit | c0b00c0bf5b9414f93c76bb6daef9c01e2b49628 (patch) | |
tree | 9069c6cefb424cccfc32c44662112e2d68f27cb4 | |
parent | 3f0a18ba080c4c72cea714ff216735c9e80ecd90 (diff) |
* fixed "nobody " -> "nobody" fuckup when getpwnam-ing
* implemented basic blacklisting:
** the file specified with -b <BLACKLIST> is read and added to a blacklist vector
** if an announce hits a torrent in that blacklist vector, add_peer_to_torrent fails
** sending a SIGHUP to the program forces it to reread the blacklists
** the server returns with a 500, which is not exactly nice but does the job for now
** an adaequat "failure reason:" should be delivered... TODO
-rw-r--r-- | Makefile | 2 | ||||
-rw-r--r-- | opentracker.c | 62 | ||||
-rw-r--r-- | trackerlogic.c | 29 | ||||
-rw-r--r-- | trackerlogic.h | 4 |
4 files changed, 93 insertions, 4 deletions
@@ -1,5 +1,5 @@ | |||
1 | CC?=gcc | 1 | CC?=gcc |
2 | FEATURES=#-DWANT_IP_FROM_QUERY_STRING -D_DEBUG_HTTPERROR | 2 | FEATURES=-DWANT_BLACKLISTING #-DWANT_IP_FROM_QUERY_STRING -D_DEBUG_HTTPERROR |
3 | OPTS_debug=-g -ggdb #-pg # -fprofile-arcs -ftest-coverage | 3 | OPTS_debug=-g -ggdb #-pg # -fprofile-arcs -ftest-coverage |
4 | OPTS_production=-s -Os | 4 | OPTS_production=-s -Os |
5 | CFLAGS+=-I../libowfat -Wall -pipe -Wextra #-pedantic #-ansi | 5 | CFLAGS+=-I../libowfat -Wall -pipe -Wextra #-pedantic #-ansi |
diff --git a/opentracker.c b/opentracker.c index bb3de02..b13dc11 100644 --- a/opentracker.c +++ b/opentracker.c | |||
@@ -38,6 +38,9 @@ static time_t ot_start_time; | |||
38 | static const size_t SUCCESS_HTTP_HEADER_LENGTH = 80; | 38 | static const size_t SUCCESS_HTTP_HEADER_LENGTH = 80; |
39 | static const size_t SUCCESS_HTTP_SIZE_OFF = 17; | 39 | static const size_t SUCCESS_HTTP_SIZE_OFF = 17; |
40 | static char g_adminip[4] = {0,0,0,0}; | 40 | static char g_adminip[4] = {0,0,0,0}; |
41 | #ifdef WANT_BLACKLISTING | ||
42 | static char *blacklist_filename = NULL; | ||
43 | #endif | ||
41 | 44 | ||
42 | /* To always have space for error messages ;) */ | 45 | /* To always have space for error messages ;) */ |
43 | 46 | ||
@@ -495,8 +498,11 @@ static void help( char *name ) { | |||
495 | HELPLINE("-i ip","specify ip to bind to (default: *, you may specify more than one)"); | 498 | HELPLINE("-i ip","specify ip to bind to (default: *, you may specify more than one)"); |
496 | HELPLINE("-p port","specify tcp port to bind to (default: 6969, you may specify more than one)"); | 499 | HELPLINE("-p port","specify tcp port to bind to (default: 6969, you may specify more than one)"); |
497 | HELPLINE("-P port","specify udp port to bind to (default: 6969, you may specify more than one)"); | 500 | HELPLINE("-P port","specify udp port to bind to (default: 6969, you may specify more than one)"); |
498 | HELPLINE("-d dir","specify directory containing white- or black listed torrent info_hashes (default: \".\")"); | 501 | HELPLINE("-d dir","specify directory to try to chroot to (default: \".\")"); |
499 | HELPLINE("-A ip","bless an ip address as admin address (e.g. to allow syncs from this address)"); | 502 | HELPLINE("-A ip","bless an ip address as admin address (e.g. to allow syncs from this address)"); |
503 | #ifdef WANT_BLACKLISTING | ||
504 | HELPLINE("-b file","specify blacklist file."); | ||
505 | #endif | ||
500 | 506 | ||
501 | fprintf( stderr, "\nExample: ./opentracker -i 127.0.0.1 -p 6969 -P 6969 -i 10.1.1.23 -p 2710 -p 80\n" ); | 507 | fprintf( stderr, "\nExample: ./opentracker -i 127.0.0.1 -p 6969 -P 6969 -i 10.1.1.23 -p 2710 -p 80\n" ); |
502 | } | 508 | } |
@@ -745,6 +751,43 @@ static void ot_try_bind( char ip[4], uint16 port, int is_tcp ) { | |||
745 | ++ot_sockets_count; | 751 | ++ot_sockets_count; |
746 | } | 752 | } |
747 | 753 | ||
754 | #ifdef WANT_BLACKLISTING | ||
755 | /* Read initial black list */ | ||
756 | void read_blacklist_file( int foo ) { | ||
757 | FILE * blacklist_filehandle = fopen( blacklist_filename, "r" ); | ||
758 | ot_hash infohash; | ||
759 | foo = foo; | ||
760 | |||
761 | /* Free blacklist vector in trackerlogic.c*/ | ||
762 | blacklist_reset(); | ||
763 | |||
764 | if( blacklist_filehandle == NULL ) { | ||
765 | fprintf( stderr, "Warning: Can't open blacklist file: %s (but will try to create it later, if necessary and possible).", blacklist_filename ); | ||
766 | return; | ||
767 | } | ||
768 | |||
769 | /* We do ignore anything that is not of the form "^[:xdigit:]{40}[^:xdigit:].*" */ | ||
770 | while( fgets( static_inbuf, sizeof(static_inbuf), blacklist_filehandle ) ) { | ||
771 | int i; | ||
772 | for( i=0; i<20; ++i ) { | ||
773 | int eger = 16 * scan_fromhex( static_inbuf[ 2*i ] ) + scan_fromhex( static_inbuf[ 1 + 2*i ] ); | ||
774 | if( eger < 0 ) | ||
775 | goto ignore_line; | ||
776 | infohash[i] = eger; | ||
777 | } | ||
778 | if( scan_fromhex( static_inbuf[ 40 ] ) >= 0 ) | ||
779 | goto ignore_line; | ||
780 | |||
781 | /* Append blacklist to blacklist vector */ | ||
782 | blacklist_addentry( &infohash ); | ||
783 | |||
784 | ignore_line: | ||
785 | continue; | ||
786 | } | ||
787 | fclose( blacklist_filehandle ); | ||
788 | } | ||
789 | #endif | ||
790 | |||
748 | int main( int argc, char **argv ) { | 791 | int main( int argc, char **argv ) { |
749 | struct passwd *pws = NULL; | 792 | struct passwd *pws = NULL; |
750 | char serverip[4] = {0,0,0,0}; | 793 | char serverip[4] = {0,0,0,0}; |
@@ -752,10 +795,13 @@ int main( int argc, char **argv ) { | |||
752 | int scanon = 1; | 795 | int scanon = 1; |
753 | 796 | ||
754 | while( scanon ) { | 797 | while( scanon ) { |
755 | switch( getopt( argc, argv, ":i:p:A:P:d:ocbBh" ) ) { | 798 | switch( getopt( argc, argv, ":i:p:A:P:d:b:h" ) ) { |
756 | case -1 : scanon = 0; break; | 799 | case -1 : scanon = 0; break; |
757 | case 'i': scan_ip4( optarg, serverip ); break; | 800 | case 'i': scan_ip4( optarg, serverip ); break; |
758 | case 'A': scan_ip4( optarg, g_adminip ); break; | 801 | case 'A': scan_ip4( optarg, g_adminip ); break; |
802 | #ifdef WANT_BLACKLISTING | ||
803 | case 'b': blacklist_filename = optarg; break; | ||
804 | #endif | ||
759 | case 'p': ot_try_bind( serverip, (uint16)atol( optarg ), 1 ); break; | 805 | case 'p': ot_try_bind( serverip, (uint16)atol( optarg ), 1 ); break; |
760 | case 'P': ot_try_bind( serverip, (uint16)atol( optarg ), 0 ); break; | 806 | case 'P': ot_try_bind( serverip, (uint16)atol( optarg ), 0 ); break; |
761 | case 'd': serverdir = optarg; break; | 807 | case 'd': serverdir = optarg; break; |
@@ -771,7 +817,8 @@ int main( int argc, char **argv ) { | |||
771 | ot_try_bind( serverip, 6969, 0 ); | 817 | ot_try_bind( serverip, 6969, 0 ); |
772 | } | 818 | } |
773 | 819 | ||
774 | pws = getpwnam( "nobody "); | 820 | /* Drop permissions */ |
821 | pws = getpwnam( "nobody" ); | ||
775 | if( !pws ) { | 822 | if( !pws ) { |
776 | setegid( (gid_t)-2 ); setuid( (uid_t)-2 ); | 823 | setegid( (gid_t)-2 ); setuid( (uid_t)-2 ); |
777 | setgid( (gid_t)-2 ); seteuid( (uid_t)-2 ); | 824 | setgid( (gid_t)-2 ); seteuid( (uid_t)-2 ); |
@@ -781,8 +828,17 @@ int main( int argc, char **argv ) { | |||
781 | } | 828 | } |
782 | endpwent(); | 829 | endpwent(); |
783 | 830 | ||
831 | #ifdef WANT_BLACKLISTING | ||
832 | /* Passing "0" since read_blacklist_file also is SIGHUP handler */ | ||
833 | if( blacklist_filename ) { | ||
834 | read_blacklist_file( 0 ); | ||
835 | signal( SIGHUP, read_blacklist_file ); | ||
836 | } | ||
837 | #endif | ||
838 | |||
784 | signal( SIGPIPE, SIG_IGN ); | 839 | signal( SIGPIPE, SIG_IGN ); |
785 | signal( SIGINT, graceful ); | 840 | signal( SIGINT, graceful ); |
841 | |||
786 | if( init_logic( serverdir ) == -1 ) | 842 | if( init_logic( serverdir ) == -1 ) |
787 | panic( "Logic not started" ); | 843 | panic( "Logic not started" ); |
788 | 844 | ||
diff --git a/trackerlogic.c b/trackerlogic.c index ebfb1f8..98fcef9 100644 --- a/trackerlogic.c +++ b/trackerlogic.c | |||
@@ -22,6 +22,10 @@ | |||
22 | /* GLOBAL VARIABLES */ | 22 | /* GLOBAL VARIABLES */ |
23 | static ot_vector all_torrents[256]; | 23 | static ot_vector all_torrents[256]; |
24 | static ot_vector changeset; | 24 | static ot_vector changeset; |
25 | #ifdef WANT_BLACKLISTING | ||
26 | static ot_vector blacklist; | ||
27 | #endif | ||
28 | |||
25 | size_t changeset_size = 0; | 29 | size_t changeset_size = 0; |
26 | time_t last_clean_time = 0; | 30 | time_t last_clean_time = 0; |
27 | 31 | ||
@@ -155,6 +159,12 @@ ot_torrent *add_peer_to_torrent( ot_hash *hash, ot_peer *peer, int from_changese | |||
155 | ot_vector *torrents_list = &all_torrents[*hash[0]], *peer_pool; | 159 | ot_vector *torrents_list = &all_torrents[*hash[0]], *peer_pool; |
156 | int base_pool = 0; | 160 | int base_pool = 0; |
157 | 161 | ||
162 | #ifdef WANT_BLACKLISTING | ||
163 | binary_search( hash, blacklist.data, blacklist.size, OT_HASH_COMPARE_SIZE, OT_HASH_COMPARE_SIZE, &exactmatch ); | ||
164 | if( exactmatch ) | ||
165 | return NULL; | ||
166 | #endif | ||
167 | |||
158 | torrent = vector_find_or_insert( torrents_list, (void*)hash, sizeof( ot_torrent ), OT_HASH_COMPARE_SIZE, &exactmatch ); | 168 | torrent = vector_find_or_insert( torrents_list, (void*)hash, sizeof( ot_torrent ), OT_HASH_COMPARE_SIZE, &exactmatch ); |
159 | if( !torrent ) return NULL; | 169 | if( !torrent ) return NULL; |
160 | 170 | ||
@@ -672,3 +682,22 @@ void deinit_logic( void ) { | |||
672 | byte_zero( &changeset, sizeof( changeset ) ); | 682 | byte_zero( &changeset, sizeof( changeset ) ); |
673 | changeset_size = 0; | 683 | changeset_size = 0; |
674 | } | 684 | } |
685 | |||
686 | #ifdef WANT_BLACKLISTING | ||
687 | void blacklist_reset( void ) { | ||
688 | free( blacklist.data ); | ||
689 | byte_zero( &blacklist, sizeof( blacklist ) ); | ||
690 | } | ||
691 | |||
692 | int blacklist_addentry( ot_hash *infohash ) { | ||
693 | int em; | ||
694 | void *insert = vector_find_or_insert( &blacklist, infohash, OT_HASH_COMPARE_SIZE, OT_HASH_COMPARE_SIZE, &em ); | ||
695 | |||
696 | if( !insert ) | ||
697 | return -1; | ||
698 | |||
699 | memmove( insert, infohash, OT_HASH_COMPARE_SIZE ); | ||
700 | |||
701 | return 0; | ||
702 | } | ||
703 | #endif | ||
diff --git a/trackerlogic.h b/trackerlogic.h index 4fa48eb..eb4d4f6 100644 --- a/trackerlogic.h +++ b/trackerlogic.h | |||
@@ -97,5 +97,9 @@ size_t return_memstat_for_tracker( char **reply ); | |||
97 | size_t return_changeset_for_tracker( char **reply ); | 97 | size_t return_changeset_for_tracker( char **reply ); |
98 | void clean_all_torrents( void ); | 98 | void clean_all_torrents( void ); |
99 | void remove_peer_from_torrent( ot_hash *hash, ot_peer *peer ); | 99 | void remove_peer_from_torrent( ot_hash *hash, ot_peer *peer ); |
100 | #ifdef WANT_BLACKLISTING | ||
101 | int blacklist_addentry( ot_hash *hash ); | ||
102 | void blacklist_reset( void ); | ||
103 | #endif | ||
100 | 104 | ||
101 | #endif | 105 | #endif |