import java.io.IOException;
import java.net.URL;
+import java.nio.file.AccessDeniedException;
import java.util.ArrayList;
import java.util.Date;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
+
+import javax.net.ssl.SSLException;
import be.nikiroo.fanfix.Instance;
+import be.nikiroo.fanfix.bundles.Config;
import be.nikiroo.fanfix.data.Chapter;
import be.nikiroo.fanfix.data.MetaData;
import be.nikiroo.fanfix.data.Paragraph;
* The available commands are given as arrays of objects (first item is the
* command, the rest are the arguments).
* <p>
- * All commands, including PING, will first return a random value to you that
- * you must hash with your key and return before processing the rest; if the
- * value is OK, it will return "true", if not, it will return NULL and stop the
- * connection.
+ * All the commands are always prefixed by the subkey (which can be EMPTY if
+ * none).
* <p>
- * BTW: this system <b>is by no means secure</b>. It is just slightly
- * obfuscated, and operate on clear text (because Google decided not to support
- * anonymous SSL exchanges on Android, and the main use case for this server is
- * Android).
* <ul>
- * <li>PING: will return PONG if the key is accepted</li>
+ * <li>PING: will return the mode if the key is accepted (mode can be: "r/o" or
+ * "r/w")</li>
* <li>GET_METADATA *: will return the metadata of all the stories in the
* library (array)</li> *
* <li>GET_METADATA [luid]: will return the metadata of the story of LUID luid</li>
* @author niki
*/
public class RemoteLibraryServer extends ServerObject {
- private final String key;
+ private Map<Long, String> commands = new HashMap<Long, String>();
+ private Map<Long, Long> times = new HashMap<Long, Long>();
+ private Map<Long, Boolean> wls = new HashMap<Long, Boolean>();
+ private Map<Long, Boolean> rws = new HashMap<Long, Boolean>();
/**
* Create a new remote server (will not be active until
* {@link RemoteLibraryServer#start()} is called).
+ * <p>
+ * Note: the key we use here is the encryption key (it must not contain a
+ * subkey).
*
* @param key
* the key that will restrict access to this server
* in case of I/O error
*/
public RemoteLibraryServer(String key, int port) throws IOException {
- super("Fanfix remote library", port, false);
- this.key = key;
-
+ super("Fanfix remote library", port, key);
setTraceHandler(Instance.getTraceHandler());
}
@Override
protected Object onRequest(ConnectActionServerObject action,
- Version clientVersion, Object data) throws Exception {
+ Version clientVersion, Object data, long id) throws Exception {
long start = new Date().getTime();
+ // defaults are positive (as previous versions without the feature)
+ boolean rw = true;
+ boolean wl = true;
+
+ String subkey = "";
String command = "";
Object[] args = new Object[0];
if (data instanceof Object[]) {
Object[] dataArray = (Object[]) data;
- if (dataArray.length >= 2) {
- command = "" + dataArray[0];
+ if (dataArray.length > 0) {
+ subkey = "" + dataArray[0];
+ }
+ if (dataArray.length > 1) {
+ command = "" + dataArray[1];
+
+ args = new Object[dataArray.length - 2];
+ for (int i = 2; i < dataArray.length; i++) {
+ args[i - 2] = dataArray[i];
+ }
+ }
+ }
+
+ List<String> whitelist = Instance.getConfig().getList(
+ Config.SERVER_WHITELIST);
+ if (whitelist == null) {
+ whitelist = new ArrayList<String>();
+ }
- args = new Object[dataArray.length - 1];
- for (int i = 1; i < dataArray.length; i++) {
- args[i - 1] = dataArray[i];
+ if (whitelist.isEmpty()) {
+ wl = false;
+ }
+
+ rw = Instance.getConfig().getBoolean(Config.SERVER_RW, rw);
+ if (!subkey.isEmpty()) {
+ List<String> allowed = Instance.getConfig().getList(
+ Config.SERVER_ALLOWED_SUBKEYS);
+ if (allowed.contains(subkey)) {
+ if ((subkey + "|").contains("|rw|")) {
+ rw = true;
+ }
+ if ((subkey + "|").contains("|wl|")) {
+ wl = false; // |wl| = bypass whitelist
+ whitelist = new ArrayList<String>();
}
}
}
- String trace = "[ " + command + "] ";
+ String mode = display(wl, rw);
+
+ String trace = mode + "[ " + command + "] ";
for (Object arg : args) {
trace += arg + " ";
}
- getTraceHandler().trace(trace);
+ System.out.println(trace);
- // Authentication:
- String random = StringUtils.getMd5Hash(Double.toString(Math.random()));
- action.send(random);
- String answer = "";
+ Object rep = null;
try {
- answer += action.rec();
- } catch (NullPointerException e) {
- return null;
+ rep = doRequest(action, command, args, rw, whitelist);
+ } catch (IOException e) {
+ rep = new RemoteLibraryException(e);
}
- if (answer.equals(RemoteLibrary.hashKey(key, random))) {
- action.send(true);
- } else {
- getTraceHandler().trace("Key rejected.");
- return null;
- }
+ commands.put(id, command);
+ wls.put(id, wl);
+ rws.put(id, rw);
+ times.put(id, (new Date().getTime() - start));
- Object rep = doRequest(action, command, args);
+ return rep;
+ }
- String rec = StringUtils.formatNumber(action.getBytesReceived()) + "b";
- String sent = StringUtils.formatNumber(action.getBytesSent()) + "b";
- getTraceHandler().trace(
- String.format("[>%s]: (%s sent, %s rec) in %d ms", command,
- sent, rec, (new Date().getTime() - start)));
+ private String display(boolean whitelist, boolean rw) {
+ String mode = "";
+ if (!rw) {
+ mode += "RO: ";
+ }
+ if (whitelist) {
+ mode += "WL: ";
+ }
- return rep;
+ return mode;
+ }
+
+ @Override
+ protected void onRequestDone(long id, long bytesReceived, long bytesSent) {
+ boolean whitelist = wls.get(id);
+ boolean rw = rws.get(id);
+ wls.remove(id);
+ rws.remove(id);
+
+ String rec = StringUtils.formatNumber(bytesReceived) + "b";
+ String sent = StringUtils.formatNumber(bytesSent) + "b";
+ System.out.println(String.format("%s[>%s]: (%s sent, %s rec) in %d ms",
+ display(whitelist, rw), commands.get(id), sent, rec,
+ times.get(id)));
+
+ commands.remove(id);
+ times.remove(id);
}
private Object doRequest(ConnectActionServerObject action, String command,
- Object[] args) throws NoSuchFieldException, NoSuchMethodException,
+ Object[] args, boolean rw, List<String> whitelist)
+ throws NoSuchFieldException, NoSuchMethodException,
ClassNotFoundException, IOException {
if ("PING".equals(command)) {
- return "PONG";
+ return rw ? "r/w" : "r/o";
} else if ("GET_METADATA".equals(command)) {
+ List<MetaData> metas = new ArrayList<MetaData>();
+
if ("*".equals(args[0])) {
Progress pg = createPgForwarder(action);
- List<MetaData> metas = new ArrayList<MetaData>();
-
for (MetaData meta : Instance.getLibrary().getMetas(pg)) {
MetaData light;
if (meta.getCover() == null) {
}
forcePgDoneSent(pg);
- return metas.toArray(new MetaData[] {});
+ } else {
+ MetaData meta = Instance.getLibrary().getInfo((String) args[0]);
+ MetaData light;
+ if (meta.getCover() == null) {
+ light = meta;
+ } else {
+ light = meta.clone();
+ light.setCover(null);
+ }
+
+ metas.add(light);
}
- return new MetaData[] { Instance.getLibrary().getInfo(
- (String) args[0]) };
+ if (!whitelist.isEmpty()) {
+ for (int i = 0; i < metas.size(); i++) {
+ if (!whitelist.contains(metas.get(i).getSource())) {
+ metas.remove(i);
+ i--;
+ }
+ }
+ }
+
+ return metas.toArray(new MetaData[0]);
} else if ("GET_STORY".equals(command)) {
MetaData meta = Instance.getLibrary().getInfo((String) args[0]);
+ if (meta == null) {
+ return null;
+ }
+
+ if (!whitelist.isEmpty()) {
+ if (!whitelist.contains(meta.getSource())) {
+ return null;
+ }
+ }
+
meta = meta.clone();
meta.setCover(null);
action.rec();
}
} else if ("SAVE_STORY".equals(command)) {
+ if (!rw) {
+ throw new AccessDeniedException("" + args[0], null,
+ "Read-Only remote library");
+ }
+
List<Object> list = new ArrayList<Object>();
action.send(null);
Instance.getLibrary().save(story, (String) args[0], null);
return story.getMeta().getLuid();
} else if ("IMPORT".equals(command)) {
+ if (!rw) {
+ throw new AccessDeniedException("" + args[0], null,
+ "Read-Only remote library");
+ }
+
Progress pg = createPgForwarder(action);
Story story = Instance.getLibrary().imprt(
new URL((String) args[0]), pg);
forcePgDoneSent(pg);
return story.getMeta().getLuid();
} else if ("DELETE_STORY".equals(command)) {
+ if (!rw) {
+ throw new AccessDeniedException("" + args[0], null,
+ "Read-Only remote library");
+ }
+
Instance.getLibrary().delete((String) args[0]);
} else if ("GET_COVER".equals(command)) {
return Instance.getLibrary().getCover((String) args[0]);
return null;
}
} else if ("SET_COVER".equals(command)) {
+ if (!rw) {
+ throw new AccessDeniedException("" + args[0], "" + args[1],
+ "Read-Only remote library");
+ }
+
if ("SOURCE".equals(args[0])) {
Instance.getLibrary().setSourceCover((String) args[1],
(String) args[2]);
(String) args[2]);
}
} else if ("CHANGE_STA".equals(command)) {
+ if (!rw) {
+ throw new AccessDeniedException("" + args[0], "" + args[1],
+ "Read-Only remote library");
+ }
+
Progress pg = createPgForwarder(action);
Instance.getLibrary().changeSTA((String) args[0], (String) args[1],
(String) args[2], (String) args[3], pg);
forcePgDoneSent(pg);
} else if ("EXIT".equals(command)) {
+ if (!rw) {
+ throw new AccessDeniedException("EXIT", "",
+ "Read-Only remote library, cannot close it");
+ }
+
stop(0, false);
}
@Override
protected void onError(Exception e) {
- getTraceHandler().error(e);
+ if (e instanceof SSLException) {
+ System.out.println("[Client connection refused (bad key)]");
+ } else {
+ getTraceHandler().error(e);
+ }
}
/**
*
* @return the {@link Progress}
*/
- private static Progress createPgForwarder(
- final ConnectActionServerObject action) {
+ private Progress createPgForwarder(final ConnectActionServerObject action) {
final Boolean[] isDoneForwarded = new Boolean[] { false };
final Progress pg = new Progress() {
@Override
action.send(new Integer[] { min, max, relativeProgress });
action.rec();
} catch (Exception e) {
- Instance.getTraceHandler().error(e);
+ getTraceHandler().error(e);
}
lastTime[0] = new Date().getTime();
}
// with 30 seconds timeout
- private static void forcePgDoneSent(Progress pg) {
+ private void forcePgDoneSent(Progress pg) {
long start = new Date().getTime();
pg.done();
while (!pg.isDone() && new Date().getTime() - start < 30000) {
try {
Thread.sleep(100);
} catch (InterruptedException e) {
- Instance.getTraceHandler().error(e);
+ getTraceHandler().error(e);
}
}
}