X-Git-Url: http://git.nikiroo.be/?a=blobdiff_plain;f=src%2Fbe%2Fnikiroo%2Ffanfix%2Flibrary%2FRemoteLibraryServer.java;h=4f89a1fa19263c9d4bedf513274442660d3a023f;hb=4452446c58411c3f8e13f1fb5c3eecd0e9140d15;hp=d62b41b0283e5b2fe49abe2a47059e98ce8e6bca;hpb=ea734ab478afa830550dd63800e855618a4cab4d;p=nikiroo-utils.git
diff --git a/src/be/nikiroo/fanfix/library/RemoteLibraryServer.java b/src/be/nikiroo/fanfix/library/RemoteLibraryServer.java
index d62b41b..4f89a1f 100644
--- a/src/be/nikiroo/fanfix/library/RemoteLibraryServer.java
+++ b/src/be/nikiroo/fanfix/library/RemoteLibraryServer.java
@@ -4,9 +4,14 @@ import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Date;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
+
+import javax.net.ssl.SSLException;
import be.nikiroo.fanfix.Instance;
+import be.nikiroo.fanfix.bundles.Config;
import be.nikiroo.fanfix.data.Chapter;
import be.nikiroo.fanfix.data.MetaData;
import be.nikiroo.fanfix.data.Paragraph;
@@ -24,27 +29,21 @@ import be.nikiroo.utils.serial.server.ServerObject;
* The available commands are given as arrays of objects (first item is the
* command, the rest are the arguments).
*
- * All commands, including PING, will first return a random value to you that
- * you must hash with your key and return before processing the rest; if the
- * value is OK, it will return "true", if not, it will return NULL and stop the
- * connection.
+ * All the commands are always prefixed by the subkey (which can be EMPTY if
+ * none).
*
- * BTW: this system is by no means secure. It is just slightly
- * obfuscated, and operate on clear text (because Google decided not to support
- * anonymous SSL exchanges on Android, and the main use case for this server is
- * Android).
*
- *
PING: will return PONG if the key is accepted
+ *
PING: will return the mode if the key is accepted (mode can be: "r/o" or
+ * "r/w")
*
GET_METADATA *: will return the metadata of all the stories in the
* library (array)
*
- *
GET_METADATA [luid]: will return the metadata of the story of LUID
- * luid
+ *
GET_METADATA [luid]: will return the metadata of the story of LUID luid
*
GET_STORY [luid]: will return the given story if it exists (or NULL if
* not)
*
SAVE_STORY [luid]: save the story (that must be sent just after the
* command) with the given LUID, then return the LUID
- *
IMPORT [url]: save the story found at the given URL, then return the
- * LUID
+ *
IMPORT [url]: save the story found at the given URL, then return the LUID
+ *
*
DELETE_STORY [luid]: delete the story of LUID luid
*
GET_COVER [luid]: return the cover of the story
*
GET_CUSTOM_COVER ["SOURCE"|"AUTHOR"] [source]: return the cover for this
@@ -59,11 +58,17 @@ import be.nikiroo.utils.serial.server.ServerObject;
* @author niki
*/
public class RemoteLibraryServer extends ServerObject {
- private final String key;
+ private Map commands = new HashMap();
+ private Map times = new HashMap();
+ private Map wls = new HashMap();
+ private Map rws = new HashMap();
/**
* Create a new remote server (will not be active until
* {@link RemoteLibraryServer#start()} is called).
+ *
+ * Note: the key we use here is the encryption key (it must not contain a
+ * subkey).
*
* @param key
* the key that will restrict access to this server
@@ -74,74 +79,129 @@ public class RemoteLibraryServer extends ServerObject {
* in case of I/O error
*/
public RemoteLibraryServer(String key, int port) throws IOException {
- super("Fanfix remote library", port, false);
- this.key = key;
-
- setTraceHandler(Instance.getTraceHandler());
+ super("Fanfix remote library", port, key);
+ setTraceHandler(Instance.getInstance().getTraceHandler());
}
@Override
protected Object onRequest(ConnectActionServerObject action,
- Version clientVersion, Object data) throws Exception {
+ Version clientVersion, Object data, long id) throws Exception {
long start = new Date().getTime();
+ // defaults are positive (as previous versions without the feature)
+ boolean rw = true;
+ boolean wl = true;
+
+ String subkey = "";
String command = "";
Object[] args = new Object[0];
if (data instanceof Object[]) {
Object[] dataArray = (Object[]) data;
- if (dataArray.length >= 2) {
- command = "" + dataArray[0];
+ if (dataArray.length > 0) {
+ subkey = "" + dataArray[0];
+ }
+ if (dataArray.length > 1) {
+ command = "" + dataArray[1];
+
+ args = new Object[dataArray.length - 2];
+ for (int i = 2; i < dataArray.length; i++) {
+ args[i - 2] = dataArray[i];
+ }
+ }
+ }
+
+ List whitelist = Instance.getInstance().getConfig().getList(Config.SERVER_WHITELIST);
+ if (whitelist == null) {
+ whitelist = new ArrayList();
+ }
- args = new Object[dataArray.length - 1];
- for (int i = 1; i < dataArray.length; i++) {
- args[i - 1] = dataArray[i];
+ if (whitelist.isEmpty()) {
+ wl = false;
+ }
+
+ rw = Instance.getInstance().getConfig().getBoolean(Config.SERVER_RW, rw);
+ if (!subkey.isEmpty()) {
+ List allowed = Instance.getInstance().getConfig().getList(Config.SERVER_ALLOWED_SUBKEYS);
+ if (allowed.contains(subkey)) {
+ if ((subkey + "|").contains("|rw|")) {
+ rw = true;
+ }
+ if ((subkey + "|").contains("|wl|")) {
+ wl = false; // |wl| = bypass whitelist
+ whitelist = new ArrayList();
}
}
}
- String trace = "[ " + command + "] ";
+ String mode = display(wl, rw);
+
+ String trace = mode + "[ " + command + "] ";
for (Object arg : args) {
trace += arg + " ";
}
- getTraceHandler().trace(trace);
+ long now = System.currentTimeMillis();
+ System.out.println(StringUtils.fromTime(now) + ": " + trace);
- // Authentication:
- String random = StringUtils.getMd5Hash(Double.toString(Math.random()));
- action.send(random);
- String answer = "";
+ Object rep = null;
try {
- answer += action.rec();
- } catch (NullPointerException e) {
- return null;
+ rep = doRequest(action, command, args, rw, whitelist);
+ } catch (IOException e) {
+ rep = new RemoteLibraryException(e, true);
}
- if (answer.equals(RemoteLibrary.hashKey(key, random))) {
- action.send(true);
- } else {
- getTraceHandler().trace("Key rejected.");
- return null;
- }
+ commands.put(id, command);
+ wls.put(id, wl);
+ rws.put(id, rw);
+ times.put(id, (new Date().getTime() - start));
- Object rep = doRequest(action, command, args);
+ return rep;
+ }
+
+ private String display(boolean whitelist, boolean rw) {
+ String mode = "";
+ if (!rw) {
+ mode += "RO: ";
+ }
+ if (whitelist) {
+ mode += "WL: ";
+ }
- getTraceHandler().trace(String.format("[>%s]: %d ms", command,
- (new Date().getTime() - start)));
+ return mode;
+ }
- return rep;
+ @Override
+ protected void onRequestDone(long id, long bytesReceived, long bytesSent) {
+ boolean whitelist = wls.get(id);
+ boolean rw = rws.get(id);
+ wls.remove(id);
+ rws.remove(id);
+
+ String rec = StringUtils.formatNumber(bytesReceived) + "b";
+ String sent = StringUtils.formatNumber(bytesSent) + "b";
+ long now = System.currentTimeMillis();
+ System.out.println(StringUtils.fromTime(now)
+ + ": "
+ + String.format("%s[>%s]: (%s sent, %s rec) in %d ms",
+ display(whitelist, rw), commands.get(id), sent, rec,
+ times.get(id)));
+
+ commands.remove(id);
+ times.remove(id);
}
private Object doRequest(ConnectActionServerObject action, String command,
- Object[] args) throws NoSuchFieldException, NoSuchMethodException,
+ Object[] args, boolean rw, List whitelist)
+ throws NoSuchFieldException, NoSuchMethodException,
ClassNotFoundException, IOException {
if ("PING".equals(command)) {
- return "PONG";
+ return rw ? "r/w" : "r/o";
} else if ("GET_METADATA".equals(command)) {
+ List metas = new ArrayList();
+
if ("*".equals(args[0])) {
Progress pg = createPgForwarder(action);
- List metas = new ArrayList();
-
- for (MetaData meta : Instance.getLibrary().getMetas(pg)) {
+ for (MetaData meta : Instance.getInstance().getLibrary().getMetas(pg)) {
MetaData light;
if (meta.getCover() == null) {
light = meta;
@@ -154,26 +214,58 @@ public class RemoteLibraryServer extends ServerObject {
}
forcePgDoneSent(pg);
- return metas.toArray(new MetaData[] {});
+ } else {
+ MetaData meta = Instance.getInstance().getLibrary().getInfo((String) args[0]);
+ MetaData light;
+ if (meta.getCover() == null) {
+ light = meta;
+ } else {
+ light = meta.clone();
+ light.setCover(null);
+ }
+
+ metas.add(light);
}
- return new MetaData[] {
- Instance.getLibrary().getInfo((String) args[0]) };
+ if (!whitelist.isEmpty()) {
+ for (int i = 0; i < metas.size(); i++) {
+ if (!whitelist.contains(metas.get(i).getSource())) {
+ metas.remove(i);
+ i--;
+ }
+ }
+ }
+
+ return metas.toArray(new MetaData[0]);
} else if ("GET_STORY".equals(command)) {
- MetaData meta = Instance.getLibrary().getInfo((String) args[0]);
+ MetaData meta = Instance.getInstance().getLibrary().getInfo((String) args[0]);
+ if (meta == null) {
+ return null;
+ }
+
+ if (!whitelist.isEmpty()) {
+ if (!whitelist.contains(meta.getSource())) {
+ return null;
+ }
+ }
+
meta = meta.clone();
meta.setCover(null);
action.send(meta);
action.rec();
- Story story = Instance.getLibrary().getStory((String) args[0],
- null);
+ Story story = Instance.getInstance().getLibrary().getStory((String) args[0], null);
for (Object obj : breakStory(story)) {
action.send(obj);
action.rec();
}
} else if ("SAVE_STORY".equals(command)) {
+ if (!rw) {
+ throw new RemoteLibraryException("Read-Only remote library: "
+ + args[0], false);
+ }
+
List