Fix sodium and bad cache mimetype stuff
This commit is contained in:
parent
6b23564f75
commit
eab29ba2a3
|
@ -6,15 +6,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
### Added
|
### Added
|
||||||
- [2020-07-13] Added reloading client setting without stopping client by [@radonbark]
|
- [2020-07-13] Added reloading client setting without stopping client by [@radonbark].
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
- [2020-07-29] Disallow unsafe ports [@m3ch_mania].
|
||||||
|
|
||||||
### Deprecated
|
### Deprecated
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
- [2020-07-29] Fixed stupid libsodium bugs [@carbotaniuman].
|
||||||
|
- [2020-07-29] Fixed issues from the Great Cache Propagation [@carbotaniuman].
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
|
|
@ -76,8 +76,6 @@ class ImageServer(
|
||||||
private val executor = Executors.newCachedThreadPool()
|
private val executor = Executors.newCachedThreadPool()
|
||||||
|
|
||||||
fun handler(dataSaver: Boolean, tokenized: Boolean = false): HttpHandler {
|
fun handler(dataSaver: Boolean, tokenized: Boolean = false): HttpHandler {
|
||||||
val sodium = LazySodiumJava(SodiumJava())
|
|
||||||
|
|
||||||
return baseHandler().then { request ->
|
return baseHandler().then { request ->
|
||||||
val chapterHash = Path.of("chapterHash")(request)
|
val chapterHash = Path.of("chapterHash")(request)
|
||||||
val fileName = Path.of("fileName")(request)
|
val fileName = Path.of("fileName")(request)
|
||||||
|
@ -102,7 +100,7 @@ class ImageServer(
|
||||||
val token = try {
|
val token = try {
|
||||||
JACKSON.readValue<Token>(
|
JACKSON.readValue<Token>(
|
||||||
try {
|
try {
|
||||||
sodium.cryptoBoxOpenEasyAfterNm(
|
SODIUM.cryptoBoxOpenEasyAfterNm(
|
||||||
tokenArr.sliceArray(24 until tokenArr.size), tokenArr.sliceArray(0 until 24), serverSettings.tokenKey
|
tokenArr.sliceArray(24 until tokenArr.size), tokenArr.sliceArray(0 until 24), serverSettings.tokenKey
|
||||||
)
|
)
|
||||||
} catch (_: SodiumException) {
|
} catch (_: SodiumException) {
|
||||||
|
@ -144,12 +142,12 @@ class ImageServer(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (snapshot != null && imageDatum != null) {
|
if (snapshot != null && imageDatum != null && imageDatum.contentType.isImageMimetype()) {
|
||||||
request.handleCacheHit(sanitizedUri, getRc4(rc4Bytes), snapshot, imageDatum)
|
request.handleCacheHit(sanitizedUri, getRc4(rc4Bytes), snapshot, imageDatum)
|
||||||
} else {
|
} else {
|
||||||
if (snapshot != null) {
|
if (snapshot != null) {
|
||||||
snapshot.close()
|
snapshot.close()
|
||||||
LOGGER.warn { "Removing cache file for $sanitizedUri without corresponding DB entry" }
|
LOGGER.warn { "Removing broken cache file for $sanitizedUri" }
|
||||||
cache.removeUnsafe(imageId.toCacheId())
|
cache.removeUnsafe(imageId.toCacheId())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -218,12 +216,18 @@ class ImageServer(
|
||||||
return Response(mdResponse.status)
|
return Response(mdResponse.status)
|
||||||
}
|
}
|
||||||
|
|
||||||
LOGGER.trace { "Upstream query for $sanitizedUri succeeded" }
|
|
||||||
|
|
||||||
val contentType = mdResponse.header("Content-Type")!!
|
val contentType = mdResponse.header("Content-Type")!!
|
||||||
val contentLength = mdResponse.header("Content-Length")
|
val contentLength = mdResponse.header("Content-Length")
|
||||||
val lastModified = mdResponse.header("Last-Modified")
|
val lastModified = mdResponse.header("Last-Modified")
|
||||||
|
|
||||||
|
if (!contentType.isImageMimetype()) {
|
||||||
|
LOGGER.trace { "Upstream query for $sanitizedUri returned bad mimetype $contentType" }
|
||||||
|
mdResponse.close()
|
||||||
|
return Response(Status.INTERNAL_SERVER_ERROR)
|
||||||
|
}
|
||||||
|
|
||||||
|
LOGGER.trace { "Upstream query for $sanitizedUri succeeded" }
|
||||||
|
|
||||||
val editor = cache.editUnsafe(imageId.toCacheId())
|
val editor = cache.editUnsafe(imageId.toCacheId())
|
||||||
|
|
||||||
// A null editor means that this file is being written to
|
// A null editor means that this file is being written to
|
||||||
|
@ -291,6 +295,7 @@ class ImageServer(
|
||||||
.header("X-Cache", if (cached) "HIT" else "MISS")
|
.header("X-Cache", if (cached) "HIT" else "MISS")
|
||||||
|
|
||||||
companion object {
|
companion object {
|
||||||
|
private val SODIUM = LazySodiumJava(SodiumJava())
|
||||||
private val LOGGER = LoggerFactory.getLogger(ImageServer::class.java)
|
private val LOGGER = LoggerFactory.getLogger(ImageServer::class.java)
|
||||||
private val JACKSON: ObjectMapper = jacksonObjectMapper()
|
private val JACKSON: ObjectMapper = jacksonObjectMapper()
|
||||||
.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false)
|
.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false)
|
||||||
|
@ -329,3 +334,5 @@ private fun printHexString(bytes: ByteArray): String {
|
||||||
}
|
}
|
||||||
return sb.toString()
|
return sb.toString()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private fun String.isImageMimetype() = this.toLowerCase().startsWith("image/")
|
Loading…
Reference in a new issue