diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-11-30 16:38:16 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-11-30 16:46:02 -0400 |
commit | ad7afb05bba11b372d66a6d5b685e013bb79a1a3 (patch) | |
tree | 2b7b6f94a0d61e10d7e80807e8ad216da27ec382 /RemoteDaemon | |
parent | deca4cd90ad599f859fc9efafe509ed7375c6f39 (diff) |
actually check p2p authtokens for tor connections
This commit was sponsored by Ethan Aubin.
Diffstat (limited to 'RemoteDaemon')
-rw-r--r-- | RemoteDaemon/Transport/Tor.hs | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/RemoteDaemon/Transport/Tor.hs b/RemoteDaemon/Transport/Tor.hs index ccb84d1e9..172948d37 100644 --- a/RemoteDaemon/Transport/Tor.hs +++ b/RemoteDaemon/Transport/Tor.hs @@ -12,9 +12,11 @@ import RemoteDaemon.Types import RemoteDaemon.Common import Utility.Tor import Utility.FileMode +import Utility.AuthToken import Remote.Helper.Tor import P2P.Protocol import P2P.IO +import P2P.Auth import Annex.UUID import Types.UUID import Messages @@ -33,7 +35,7 @@ server th@(TransportHandle (LocalRepo r) _) = do q <- newTBQueueIO maxConnections replicateM_ maxConnections $ - forkIO $ forever $ serveClient u r q + forkIO $ forever $ serveClient th u r q uid <- getRealUserID let ident = fromUUID u @@ -66,12 +68,21 @@ server th@(TransportHandle (LocalRepo r) _) = do maxConnections :: Int maxConnections = 10 -serveClient :: UUID -> Repo -> TBQueue Handle -> IO () -serveClient u r q = bracket setup cleanup go +serveClient :: TransportHandle -> UUID -> Repo -> TBQueue Handle -> IO () +serveClient th u r q = bracket setup cleanup go where setup = atomically $ readTBQueue q cleanup = hClose go h = do debugM "remotedaemon" "serving a TOR connection" - void $ runNetProtoHandle h h r (serve u) + -- Load auth tokens for every connection, to notice + -- when the allowed set is changed. + allowed <- liftAnnex th loadP2PAuthTokens + let runenv = RunEnv + { runRepo = r + , runCheckAuth = (`isAllowedAuthToken` allowed) + , runIhdl = h + , runOhdl = h + } + void $ runNetProtoHandle runenv (serve u) debugM "remotedaemon" "done with TOR connection" |