From 345fa64ad04587e290c7343f8159512a589c3b5b Mon Sep 17 00:00:00 2001
From: _ <>
Date: Sun, 8 Nov 2020 15:01:15 +0000
Subject: [PATCH] Hide ptth_server.toml with 403 Forbidden
---
src/bin/ptth_file_server.rs | 3 ++-
src/bin/ptth_server.rs | 6 ++++--
src/lib.rs | 2 +-
src/server/file_server.rs | 11 ++++++++++-
src/server/mod.rs | 8 ++++++--
todo.md | 10 +++++++---
6 files changed, 30 insertions(+), 10 deletions(-)
diff --git a/src/bin/ptth_file_server.rs b/src/bin/ptth_file_server.rs
index d765e9e..18b1865 100644
--- a/src/bin/ptth_file_server.rs
+++ b/src/bin/ptth_file_server.rs
@@ -69,7 +69,8 @@ async fn handle_all (req: Request
, state: Arc >)
file_server_root,
ptth_req.method,
&ptth_req.uri,
- &ptth_req.headers
+ &ptth_req.headers,
+ None
).await;
let mut resp = Response::builder ()
diff --git a/src/bin/ptth_server.rs b/src/bin/ptth_server.rs
index aad61c7..d335867 100644
--- a/src/bin/ptth_server.rs
+++ b/src/bin/ptth_server.rs
@@ -14,10 +14,12 @@ struct Opt {
#[tokio::main]
async fn main () -> Result <(), Box > {
tracing_subscriber::fmt::init ();
- let config_file = ptth::load_toml::load ("config/ptth_server.toml");
+ let path = PathBuf::from ("./config/ptth_server.toml");
+ let config_file = ptth::load_toml::load (&path);
ptth::server::run_server (
config_file,
- ptth::graceful_shutdown::init ()
+ ptth::graceful_shutdown::init (),
+ Some (path)
).await
}
diff --git a/src/lib.rs b/src/lib.rs
index 16d239c..12fc7b4 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -132,7 +132,7 @@ mod tests {
let (stop_server_tx, stop_server_rx) = oneshot::channel ();
let task_server = {
spawn (async move {
- server::run_server (config_file, stop_server_rx).await.unwrap ();
+ server::run_server (config_file, stop_server_rx, None).await.unwrap ();
})
};
diff --git a/src/server/file_server.rs b/src/server/file_server.rs
index 76511ed..e25b7e3 100644
--- a/src/server/file_server.rs
+++ b/src/server/file_server.rs
@@ -248,7 +248,8 @@ pub async fn serve_all (
root: &Path,
method: http_serde::Method,
uri: &str,
- headers: &HashMap >
+ headers: &HashMap >,
+ hidden_path: Option <&Path>
)
-> http_serde::Response
{
@@ -285,6 +286,14 @@ pub async fn serve_all (
let mut full_path = PathBuf::from (root);
full_path.push (path);
+ debug! ("full_path = {:?}", full_path);
+
+ if let Some (hidden_path) = hidden_path {
+ if full_path == hidden_path {
+ return serve_error (http_serde::StatusCode::Forbidden, "403 Forbidden".into ()).await;
+ }
+ }
+
if let Ok (dir) = read_dir (&full_path).await {
serve_dir (
handlebars,
diff --git a/src/server/mod.rs b/src/server/mod.rs
index 0d23170..aa3e041 100644
--- a/src/server/mod.rs
+++ b/src/server/mod.rs
@@ -29,6 +29,7 @@ struct ServerState {
config: Config,
handlebars: Handlebars <'static>,
client: Client,
+ hidden_path: Option ,
}
fn status_reply (c: http_serde::StatusCode, body: &str) -> http_serde::Response
@@ -76,7 +77,8 @@ async fn handle_req_resp <'a> (
file_server_root,
parts.method,
uri,
- &parts.headers
+ &parts.headers,
+ state.hidden_path.as_ref ().map (|p| p.as_path ())
).await
}
else {
@@ -138,7 +140,8 @@ pub struct Config {
pub async fn run_server (
config_file: ConfigFile,
- shutdown_oneshot: oneshot::Receiver <()>
+ shutdown_oneshot: oneshot::Receiver <()>,
+ hidden_path: Option
)
-> Result <(), Box >
{
@@ -168,6 +171,7 @@ pub async fn run_server (
},
handlebars,
client,
+ hidden_path,
});
let mut backoff_delay = 0;
diff --git a/todo.md b/todo.md
index e91173c..b62398a 100644
--- a/todo.md
+++ b/todo.md
@@ -1,16 +1,16 @@
- Not working behind Nginx (Works okay behind Caddy)
-- Still getting the slow request turtle in FF - 500-900 ms wait time
+- Reduce idle memory use?
+- Folder icons in dir list
- ".." from server to server list is broken
- Redirect to add trailing slashes
- Add file size in directory listing
- Allow spaces in server names
-- Make file_server_root mandatory
- Deny unused HTTP methods for endpoints
-- Hide ptth_server.toml from file server
- ETag cache based on mtime
- Server-side hash?
- Log / audit log?
+- Add "Last check-in time" to server list
- Prevent directory traversal attacks in file_server.rs
- Error handling
@@ -27,3 +27,7 @@ Relay can't shut down gracefully if Firefox is connected to it, e.g. if Firefox
kept a connection open while watching a video.
I'm pretty sure this is a bug in Hyper, so for now I've worked around it with a
forced shutdown timer.
+
+Sometimes I get the turtle icon in Firefox's network debugger. But this happens
+even with Caddy running a static file server, so I can't prove that it's on my
+side. The VPS is cheap, and the datacenter is far away.