summaryrefslogtreecommitdiff
path: root/RemoteDaemon
diff options
context:
space:
mode:
authorGravatar Joey Hess <joeyh@joeyh.name>2016-11-30 16:38:16 -0400
committerGravatar Joey Hess <joeyh@joeyh.name>2016-11-30 16:46:02 -0400
commitad7afb05bba11b372d66a6d5b685e013bb79a1a3 (patch)
tree2b7b6f94a0d61e10d7e80807e8ad216da27ec382 /RemoteDaemon
parentdeca4cd90ad599f859fc9efafe509ed7375c6f39 (diff)
actually check p2p authtokens for tor connections
This commit was sponsored by Ethan Aubin.
Diffstat (limited to 'RemoteDaemon')
-rw-r--r--RemoteDaemon/Transport/Tor.hs19
1 files changed, 15 insertions, 4 deletions
diff --git a/RemoteDaemon/Transport/Tor.hs b/RemoteDaemon/Transport/Tor.hs
index ccb84d1e9..172948d37 100644
--- a/RemoteDaemon/Transport/Tor.hs
+++ b/RemoteDaemon/Transport/Tor.hs
@@ -12,9 +12,11 @@ import RemoteDaemon.Types
import RemoteDaemon.Common
import Utility.Tor
import Utility.FileMode
+import Utility.AuthToken
import Remote.Helper.Tor
import P2P.Protocol
import P2P.IO
+import P2P.Auth
import Annex.UUID
import Types.UUID
import Messages
@@ -33,7 +35,7 @@ server th@(TransportHandle (LocalRepo r) _) = do
q <- newTBQueueIO maxConnections
replicateM_ maxConnections $
- forkIO $ forever $ serveClient u r q
+ forkIO $ forever $ serveClient th u r q
uid <- getRealUserID
let ident = fromUUID u
@@ -66,12 +68,21 @@ server th@(TransportHandle (LocalRepo r) _) = do
maxConnections :: Int
maxConnections = 10
-serveClient :: UUID -> Repo -> TBQueue Handle -> IO ()
-serveClient u r q = bracket setup cleanup go
+serveClient :: TransportHandle -> UUID -> Repo -> TBQueue Handle -> IO ()
+serveClient th u r q = bracket setup cleanup go
where
setup = atomically $ readTBQueue q
cleanup = hClose
go h = do
debugM "remotedaemon" "serving a TOR connection"
- void $ runNetProtoHandle h h r (serve u)
+ -- Load auth tokens for every connection, to notice
+ -- when the allowed set is changed.
+ allowed <- liftAnnex th loadP2PAuthTokens
+ let runenv = RunEnv
+ { runRepo = r
+ , runCheckAuth = (`isAllowedAuthToken` allowed)
+ , runIhdl = h
+ , runOhdl = h
+ }
+ void $ runNetProtoHandle runenv (serve u)
debugM "remotedaemon" "done with TOR connection"