X-Git-Url: http://git.nikiroo.be/?a=blobdiff_plain;f=src%2Fbe%2Fnikiroo%2Ffanfix%2Flibrary%2FRemoteLibraryServer.java;h=59819bb948903a1893b9e9d2751f43ca8d3a66a5;hb=4a464a06db3158e31c64aa798ddce9df1ec7f5f5;hp=a40103c0b40f5d6e18995609b5731f5fda918a50;hpb=27eba894912a5b9a748d85c647f2f3a5b3a8a1c4;p=nikiroo-utils.git
diff --git a/src/be/nikiroo/fanfix/library/RemoteLibraryServer.java b/src/be/nikiroo/fanfix/library/RemoteLibraryServer.java
index a40103c..59819bb 100644
--- a/src/be/nikiroo/fanfix/library/RemoteLibraryServer.java
+++ b/src/be/nikiroo/fanfix/library/RemoteLibraryServer.java
@@ -3,10 +3,16 @@ package be.nikiroo.fanfix.library;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Date;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
+
+import javax.net.ssl.SSLException;
import be.nikiroo.fanfix.Instance;
+import be.nikiroo.fanfix.bundles.Config;
import be.nikiroo.fanfix.data.Chapter;
import be.nikiroo.fanfix.data.MetaData;
import be.nikiroo.fanfix.data.Paragraph;
@@ -24,19 +30,16 @@ import be.nikiroo.utils.serial.server.ServerObject;
* The available commands are given as arrays of objects (first item is the
* command, the rest are the arguments).
*
- * All commands, including PING, will first return a random value to you that
- * you must hash with your key and return before processing the rest; if the
- * value not correct, the connection will be closed.
+ * All the commands are always prefixed by the subkey (which can be EMPTY if
+ * none).
*
- * BTW: this system is by no means secure. It is just slightly
- * obfuscated, and operate on clear text (because Google decided not to support
- * anonymous SSL exchanges on Android, and the main use case for this server is
- * Android).
*
- *
PING: will return PONG if the key is accepted
+ *
PING: will return the mode if the key is accepted (mode can be: "r/o" or
+ * "r/w")
*
GET_METADATA *: will return the metadata of all the stories in the
* library (array)
*
- *
GET_METADATA [luid]: will return the metadata of the story of LUID luid
+ *
GET_METADATA [luid]: will return the metadata of the story of LUID
+ * luid
*
GET_STORY [luid]: will return the given story if it exists (or NULL if
* not)
*
SAVE_STORY [luid]: save the story (that must be sent just after the
@@ -57,118 +60,222 @@ import be.nikiroo.utils.serial.server.ServerObject;
* @author niki
*/
public class RemoteLibraryServer extends ServerObject {
- private final String key;
+ private Map commands = new HashMap();
+ private Map times = new HashMap();
+ private Map wls = new HashMap();
+ private Map bls = new HashMap();
+ private Map rws = new HashMap();
/**
* Create a new remote server (will not be active until
* {@link RemoteLibraryServer#start()} is called).
- *
- * @param key
- * the key that will restrict access to this server
- * @param port
- * the port to listen on
+ *
+ * Note: the key we use here is the encryption key (it must not contain a
+ * subkey).
*
* @throws IOException
* in case of I/O error
*/
- public RemoteLibraryServer(String key, int port) throws IOException {
- super("Fanfix remote library", port, false);
- this.key = key;
-
- setTraceHandler(Instance.getTraceHandler());
+ public RemoteLibraryServer() throws IOException {
+ super("Fanfix remote library",
+ Instance.getInstance().getConfig()
+ .getInteger(Config.SERVER_PORT),
+ Instance.getInstance().getConfig()
+ .getString(Config.SERVER_KEY));
+
+ setTraceHandler(Instance.getInstance().getTraceHandler());
}
@Override
protected Object onRequest(ConnectActionServerObject action,
- Version clientVersion, Object data) throws Exception {
+ Version clientVersion, Object data, long id) throws Exception {
long start = new Date().getTime();
+ // defaults are positive (as previous versions without the feature)
+ boolean rw = true;
+ boolean wl = true;
+ boolean bl = true;
+
+ String subkey = "";
String command = "";
Object[] args = new Object[0];
if (data instanceof Object[]) {
Object[] dataArray = (Object[]) data;
if (dataArray.length > 0) {
- command = "" + dataArray[0];
+ subkey = "" + dataArray[0];
+ }
+ if (dataArray.length > 1) {
+ command = "" + dataArray[1];
- args = new Object[dataArray.length - 1];
- for (int i = 1; i < dataArray.length; i++) {
- args[i - 1] = dataArray[i];
+ args = new Object[dataArray.length - 2];
+ for (int i = 2; i < dataArray.length; i++) {
+ args[i - 2] = dataArray[i];
}
}
}
- String trace = "[ " + command + "] ";
- for (Object arg : args) {
- trace += arg + " ";
+ List whitelist = Instance.getInstance().getConfig()
+ .getList(Config.SERVER_WHITELIST);
+ if (whitelist == null) {
+ whitelist = new ArrayList();
+ }
+ List blacklist = Instance.getInstance().getConfig()
+ .getList(Config.SERVER_BLACKLIST);
+ if (blacklist == null) {
+ blacklist = new ArrayList();
}
- System.out.println(trace);
- // Authentication:
- String random = StringUtils.getMd5Hash(Double.toString(Math.random()));
- action.send(random);
- String answer = "" + action.rec();
+ if (whitelist.isEmpty()) {
+ wl = false;
+ }
- if (!answer.equals(RemoteLibrary.hashKey(key, random))) {
- System.out.println("Key rejected.");
- action.close();
- return null;
+ rw = Instance.getInstance().getConfig().getBoolean(Config.SERVER_RW,
+ rw);
+ if (!subkey.isEmpty()) {
+ List allowed = Instance.getInstance().getConfig()
+ .getList(Config.SERVER_ALLOWED_SUBKEYS);
+ if (allowed.contains(subkey)) {
+ if ((subkey + "|").contains("|rw|")) {
+ rw = true;
+ }
+ if ((subkey + "|").contains("|wl|")) {
+ wl = false; // |wl| = bypass whitelist
+ whitelist = new ArrayList();
+ }
+ if ((subkey + "|").contains("|bl|")) {
+ bl = false; // |bl| = bypass blacklist
+ blacklist = new ArrayList();
+ }
+ }
}
- //
- Object rep = doRequest(action, command, args);
+ String mode = display(wl, bl, rw);
+
+ String trace = mode + "[ " + command + "] ";
+ for (Object arg : args) {
+ trace += arg + " ";
+ }
+ long now = System.currentTimeMillis();
+ System.out.println(StringUtils.fromTime(now) + ": " + trace);
+
+ Object rep = null;
+ try {
+ rep = doRequest(action, command, args, rw, whitelist, blacklist);
+ } catch (IOException e) {
+ rep = new RemoteLibraryException(e, true);
+ }
- String rec = StringUtils.formatNumber(action.getBytesReceived()) + "b";
- String sent = StringUtils.formatNumber(action.getBytesSent()) + "b";
- System.out.println(String.format("[>%s]: (%s sent, %s rec) in %d ms",
- command, sent, rec, (new Date().getTime() - start)));
+ commands.put(id, command);
+ wls.put(id, wl);
+ bls.put(id, bl);
+ rws.put(id, rw);
+ times.put(id, (new Date().getTime() - start));
return rep;
}
+ private String display(boolean whitelist, boolean blacklist, boolean rw) {
+ String mode = "";
+ if (!rw) {
+ mode += "RO: ";
+ }
+ if (whitelist) {
+ mode += "WL: ";
+ }
+ if (blacklist) {
+ mode += "BL: ";
+ }
+
+ return mode;
+ }
+
+ @Override
+ protected void onRequestDone(long id, long bytesReceived, long bytesSent) {
+ boolean whitelist = wls.get(id);
+ boolean blacklist = bls.get(id);
+ boolean rw = rws.get(id);
+ wls.remove(id);
+ bls.remove(id);
+ rws.remove(id);
+
+ String rec = StringUtils.formatNumber(bytesReceived) + "b";
+ String sent = StringUtils.formatNumber(bytesSent) + "b";
+ long now = System.currentTimeMillis();
+ System.out.println(StringUtils.fromTime(now) + ": "
+ + String.format("%s[>%s]: (%s sent, %s rec) in %d ms",
+ display(whitelist, blacklist, rw), commands.get(id),
+ sent, rec, times.get(id)));
+
+ commands.remove(id);
+ times.remove(id);
+ }
+
private Object doRequest(ConnectActionServerObject action, String command,
- Object[] args) throws NoSuchFieldException, NoSuchMethodException,
- ClassNotFoundException, IOException {
+ Object[] args, boolean rw, List whitelist,
+ List blacklist) throws NoSuchFieldException,
+ NoSuchMethodException, ClassNotFoundException, IOException {
if ("PING".equals(command)) {
- return "PONG";
+ return rw ? "r/w" : "r/o";
} else if ("GET_METADATA".equals(command)) {
+ List metas = new ArrayList();
+
if ("*".equals(args[0])) {
Progress pg = createPgForwarder(action);
- List metas = new ArrayList();
-
- for (MetaData meta : Instance.getLibrary().getMetas(pg)) {
- MetaData light;
- if (meta.getCover() == null) {
- light = meta;
- } else {
- light = meta.clone();
- light.setCover(null);
- }
-
- metas.add(light);
+ for (MetaData meta : Instance.getInstance().getLibrary()
+ .getMetas(pg)) {
+ metas.add(removeCover(meta));
}
forcePgDoneSent(pg);
- return metas.toArray(new MetaData[] {});
+ } else {
+ MetaData meta = Instance.getInstance().getLibrary()
+ .getInfo((String) args[0]);
+ MetaData light;
+ if (meta.getCover() == null) {
+ light = meta;
+ } else {
+ light = meta.clone();
+ light.setCover(null);
+ }
+
+ metas.add(light);
+ }
+
+ for (int i = 0; i < metas.size(); i++) {
+ if (!isAllowed(metas.get(i), whitelist, blacklist)) {
+ metas.remove(i);
+ i--;
+ }
}
- return new MetaData[] { Instance.getLibrary().getInfo(
- (String) args[0]) };
+ return metas.toArray(new MetaData[0]);
+
} else if ("GET_STORY".equals(command)) {
- MetaData meta = Instance.getLibrary().getInfo((String) args[0]);
+ MetaData meta = Instance.getInstance().getLibrary()
+ .getInfo((String) args[0]);
+ if (meta == null || !isAllowed(meta, whitelist, blacklist)) {
+ return null;
+ }
+
meta = meta.clone();
meta.setCover(null);
action.send(meta);
action.rec();
- Story story = Instance.getLibrary()
+ Story story = Instance.getInstance().getLibrary()
.getStory((String) args[0], null);
for (Object obj : breakStory(story)) {
action.send(obj);
action.rec();
}
} else if ("SAVE_STORY".equals(command)) {
+ if (!rw) {
+ throw new RemoteLibraryException(
+ "Read-Only remote library: " + args[0], false);
+ }
+
List