2015-01-28 12:03:22 +03:00
|
|
|
/*
|
|
|
|
* Bittorrent Client using Qt and libtorrent.
|
|
|
|
* Copyright (C) 2014 Vladimir Golovnev <glassez@yandex.ru>
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
*
|
|
|
|
* In addition, as a special exception, the copyright holders give permission to
|
|
|
|
* link this program with the OpenSSL project's "OpenSSL" library (or with
|
|
|
|
* modified versions of it that use the same license as the "OpenSSL" library),
|
|
|
|
* and distribute the linked executables. You must obey the GNU General Public
|
|
|
|
* License in all respects for all of the code used other than "OpenSSL". If you
|
|
|
|
* modify file(s), you may extend this exception to your version of the file(s),
|
|
|
|
* but you are not obligated to do so. If you do not wish to do so, delete this
|
|
|
|
* exception statement from your version.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <QCoreApplication>
|
|
|
|
#include <QDateTime>
|
|
|
|
#include <QDebug>
|
|
|
|
#include <QDir>
|
|
|
|
#include <QFile>
|
|
|
|
#include <QNetworkCookie>
|
|
|
|
#include <QTemporaryFile>
|
|
|
|
#include <QTimer>
|
|
|
|
|
2015-04-13 19:19:53 +03:00
|
|
|
#include "core/preferences.h"
|
2015-01-28 12:03:22 +03:00
|
|
|
#include "websessiondata.h"
|
|
|
|
#include "abstractwebapplication.h"
|
|
|
|
|
|
|
|
// UnbanTimer
|
|
|
|
|
|
|
|
class UnbanTimer: public QTimer
|
|
|
|
{
|
|
|
|
public:
|
2015-02-05 19:54:15 +03:00
|
|
|
UnbanTimer(const QHostAddress& peer_ip, QObject *parent)
|
|
|
|
: QTimer(parent), m_peerIp(peer_ip)
|
|
|
|
{
|
|
|
|
setSingleShot(true);
|
|
|
|
setInterval(BAN_TIME);
|
|
|
|
}
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
inline const QHostAddress& peerIp() const { return m_peerIp; }
|
2015-01-28 12:03:22 +03:00
|
|
|
|
|
|
|
private:
|
2015-02-05 19:54:15 +03:00
|
|
|
QHostAddress m_peerIp;
|
2015-01-28 12:03:22 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
// WebSession
|
|
|
|
|
|
|
|
struct WebSession
|
|
|
|
{
|
|
|
|
const QString id;
|
|
|
|
uint timestamp;
|
|
|
|
WebSessionData data;
|
|
|
|
|
|
|
|
WebSession(const QString& id)
|
|
|
|
: id(id)
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
void updateTimestamp()
|
|
|
|
{
|
|
|
|
timestamp = QDateTime::currentDateTime().toTime_t();
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
// AbstractWebApplication
|
|
|
|
|
|
|
|
AbstractWebApplication::AbstractWebApplication(QObject *parent)
|
2015-02-05 19:54:15 +03:00
|
|
|
: Http::ResponseBuilder(parent)
|
|
|
|
, session_(0)
|
2015-01-28 12:03:22 +03:00
|
|
|
{
|
|
|
|
QTimer *timer = new QTimer(this);
|
|
|
|
timer->setInterval(60000); // 1 min.
|
|
|
|
connect(timer, SIGNAL(timeout()), SLOT(removeInactiveSessions()));
|
|
|
|
}
|
|
|
|
|
|
|
|
AbstractWebApplication::~AbstractWebApplication()
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
// cleanup sessions data
|
2015-01-28 12:03:22 +03:00
|
|
|
qDeleteAll(sessions_);
|
|
|
|
}
|
|
|
|
|
|
|
|
Http::Response AbstractWebApplication::processRequest(const Http::Request &request, const Http::Environment &env)
|
|
|
|
{
|
2015-04-29 17:13:43 +03:00
|
|
|
session_ = 0;
|
2015-01-28 12:03:22 +03:00
|
|
|
request_ = request;
|
|
|
|
env_ = env;
|
|
|
|
|
|
|
|
clear(); // clear response
|
|
|
|
|
|
|
|
sessionInitialize();
|
|
|
|
if (!sessionActive() && !isAuthNeeded())
|
|
|
|
sessionStart();
|
|
|
|
|
|
|
|
if (isBanned()) {
|
|
|
|
status(403, "Forbidden");
|
|
|
|
print(QObject::tr("Your IP address has been banned after too many failed authentication attempts."), Http::CONTENT_TYPE_TXT);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
processRequest();
|
|
|
|
}
|
|
|
|
|
|
|
|
return response();
|
|
|
|
}
|
|
|
|
|
|
|
|
void AbstractWebApplication::UnbanTimerEvent()
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
UnbanTimer* ubantimer = static_cast<UnbanTimer*>(sender());
|
|
|
|
qDebug("Ban period has expired for %s", qPrintable(ubantimer->peerIp().toString()));
|
|
|
|
clientFailedAttempts_.remove(ubantimer->peerIp());
|
|
|
|
ubantimer->deleteLater();
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void AbstractWebApplication::removeInactiveSessions()
|
|
|
|
{
|
|
|
|
const uint now = QDateTime::currentDateTime().toTime_t();
|
|
|
|
|
|
|
|
foreach (const QString &id, sessions_.keys()) {
|
|
|
|
if ((now - sessions_[id]->timestamp) > INACTIVE_TIME)
|
|
|
|
delete sessions_.take(id);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
bool AbstractWebApplication::sessionInitialize()
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
static const QString SID_START = QLatin1String(C_SID) + QLatin1String("=");
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
if (session_ == 0)
|
2015-01-28 12:03:22 +03:00
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
QString cookie = request_.headers.value("cookie");
|
|
|
|
//qDebug() << Q_FUNC_INFO << "cookie: " << cookie;
|
|
|
|
|
|
|
|
QString sessionId;
|
|
|
|
int pos = cookie.indexOf(SID_START);
|
|
|
|
if (pos >= 0) {
|
|
|
|
pos += SID_START.length();
|
|
|
|
int end = cookie.indexOf(QRegExp("[,;]"), pos);
|
|
|
|
sessionId = cookie.mid(pos, end >= 0 ? end - pos : end);
|
|
|
|
}
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
// TODO: Additional session check
|
|
|
|
|
|
|
|
if (!sessionId.isNull()) {
|
|
|
|
if (sessions_.contains(sessionId)) {
|
|
|
|
session_ = sessions_[sessionId];
|
|
|
|
session_->updateTimestamp();
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
qDebug() << Q_FUNC_INFO << "session does not exist!";
|
|
|
|
}
|
|
|
|
}
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
return false;
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
bool AbstractWebApplication::readFile(const QString& path, QByteArray &data, QString &type)
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
QString ext = "";
|
|
|
|
int index = path.lastIndexOf('.') + 1;
|
|
|
|
if (index > 0)
|
|
|
|
ext = path.mid(index);
|
|
|
|
|
|
|
|
// find translated file in cache
|
|
|
|
if (translatedFiles_.contains(path)) {
|
|
|
|
data = translatedFiles_[path];
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
2015-02-05 19:54:15 +03:00
|
|
|
else {
|
|
|
|
QFile file(path);
|
|
|
|
if (!file.open(QIODevice::ReadOnly)) {
|
|
|
|
qDebug("File %s was not found!", qPrintable(path));
|
|
|
|
return false;
|
|
|
|
}
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
data = file.readAll();
|
|
|
|
file.close();
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
// Translate the file
|
|
|
|
if ((ext == "html") || ((ext == "js") && !path.endsWith("excanvas-compressed.js"))) {
|
|
|
|
QString dataStr = QString::fromUtf8(data.constData());
|
|
|
|
translateDocument(dataStr);
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-05-23 20:20:04 +03:00
|
|
|
if (path.endsWith("about.html") || path.endsWith("index.html") || path.endsWith("client.js"))
|
2015-02-05 19:54:15 +03:00
|
|
|
dataStr.replace("${VERSION}", VERSION);
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
data = dataStr.toUtf8();
|
|
|
|
translatedFiles_[path] = data; // cashing translated file
|
|
|
|
}
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
type = CONTENT_TYPE_BY_EXT[ext];
|
|
|
|
return true;
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
WebSessionData *AbstractWebApplication::session()
|
|
|
|
{
|
|
|
|
Q_ASSERT(session_ != 0);
|
|
|
|
return &session_->data;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
QString AbstractWebApplication::generateSid()
|
|
|
|
{
|
|
|
|
QString sid;
|
|
|
|
|
|
|
|
qsrand(QDateTime::currentDateTime().toTime_t());
|
2015-02-05 19:54:15 +03:00
|
|
|
do {
|
|
|
|
const size_t size = 6;
|
|
|
|
quint32 tmp[size];
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
for (size_t i = 0; i < size; ++i)
|
|
|
|
tmp[i] = qrand();
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
sid = QByteArray::fromRawData(reinterpret_cast<const char *>(tmp), sizeof(quint32) * size).toBase64();
|
|
|
|
}
|
|
|
|
while (sessions_.contains(sid));
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
return sid;
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void AbstractWebApplication::translateDocument(QString& data)
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
const QRegExp regex("QBT_TR\\((([^\\)]|\\)(?!QBT_TR))+)\\)QBT_TR");
|
|
|
|
const QRegExp mnemonic("\\(?&([a-zA-Z]?\\))?");
|
|
|
|
const std::string contexts[] = {
|
|
|
|
"TransferListFiltersWidget", "TransferListWidget", "PropertiesWidget",
|
|
|
|
"HttpServer", "confirmDeletionDlg", "TrackerList", "TorrentFilesModel",
|
|
|
|
"options_imp", "Preferences", "TrackersAdditionDlg", "ScanFoldersModel",
|
|
|
|
"PropTabBar", "TorrentModel", "downloadFromURL", "MainWindow", "misc",
|
2015-05-23 21:35:25 +03:00
|
|
|
"StatusBar", "AboutDlg", "about", "PeerListWidget"
|
2015-02-05 19:54:15 +03:00
|
|
|
};
|
|
|
|
const size_t context_count = sizeof(contexts) / sizeof(contexts[0]);
|
|
|
|
int i = 0;
|
|
|
|
bool found = true;
|
|
|
|
|
|
|
|
const QString locale = Preferences::instance()->getLocale();
|
|
|
|
bool isTranslationNeeded = !locale.startsWith("en") || locale.startsWith("en_AU") || locale.startsWith("en_GB");
|
|
|
|
|
|
|
|
while(i < data.size() && found) {
|
|
|
|
i = regex.indexIn(data, i);
|
|
|
|
if (i >= 0) {
|
|
|
|
//qDebug("Found translatable string: %s", regex.cap(1).toUtf8().data());
|
|
|
|
QByteArray word = regex.cap(1).toUtf8();
|
|
|
|
|
|
|
|
QString translation = word;
|
|
|
|
if (isTranslationNeeded) {
|
|
|
|
size_t context_index = 0;
|
|
|
|
while ((context_index < context_count) && (translation == word)) {
|
2015-01-28 12:03:22 +03:00
|
|
|
#if (QT_VERSION < QT_VERSION_CHECK(5, 0, 0))
|
2015-02-05 19:54:15 +03:00
|
|
|
translation = qApp->translate(contexts[context_index].c_str(), word.constData(), 0, QCoreApplication::UnicodeUTF8, 1);
|
2015-01-28 12:03:22 +03:00
|
|
|
#else
|
2015-02-05 19:54:15 +03:00
|
|
|
translation = qApp->translate(contexts[context_index].c_str(), word.constData(), 0, 1);
|
2015-01-28 12:03:22 +03:00
|
|
|
#endif
|
2015-02-05 19:54:15 +03:00
|
|
|
++context_index;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// Remove keyboard shortcuts
|
|
|
|
translation.replace(mnemonic, "");
|
|
|
|
|
2015-04-27 21:44:12 +03:00
|
|
|
// Use HTML code for quotes to prevent issues with JS
|
|
|
|
translation.replace("'", "'");
|
|
|
|
translation.replace("\"", """);
|
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
data.replace(i, regex.matchedLength(), translation);
|
|
|
|
i += translation.length();
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
found = false; // no more translatable strings
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
bool AbstractWebApplication::isBanned() const
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
return clientFailedAttempts_.value(env_.clientAddress, 0) >= MAX_AUTH_FAILED_ATTEMPTS;
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
int AbstractWebApplication::failedAttempts() const
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
return clientFailedAttempts_.value(env_.clientAddress, 0);
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void AbstractWebApplication::resetFailedAttempts()
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
clientFailedAttempts_.remove(env_.clientAddress);
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void AbstractWebApplication::increaseFailedAttempts()
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
const int nb_fail = clientFailedAttempts_.value(env_.clientAddress, 0) + 1;
|
|
|
|
|
|
|
|
clientFailedAttempts_[env_.clientAddress] = nb_fail;
|
|
|
|
if (nb_fail == MAX_AUTH_FAILED_ATTEMPTS) {
|
|
|
|
// Max number of failed attempts reached
|
|
|
|
// Start ban period
|
|
|
|
UnbanTimer* ubantimer = new UnbanTimer(env_.clientAddress, this);
|
|
|
|
connect(ubantimer, SIGNAL(timeout()), SLOT(UnbanTimerEvent()));
|
|
|
|
ubantimer->start();
|
|
|
|
}
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
bool AbstractWebApplication::isAuthNeeded()
|
|
|
|
{
|
|
|
|
return (env_.clientAddress != QHostAddress::LocalHost
|
|
|
|
&& env_.clientAddress != QHostAddress::LocalHostIPv6)
|
|
|
|
|| Preferences::instance()->isWebUiLocalAuthEnabled();
|
|
|
|
}
|
|
|
|
|
|
|
|
void AbstractWebApplication::printFile(const QString& path)
|
|
|
|
{
|
|
|
|
QByteArray data;
|
|
|
|
QString type;
|
|
|
|
|
|
|
|
if (!readFile(path, data, type)) {
|
|
|
|
status(404, "Not Found");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
print(data, type);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool AbstractWebApplication::sessionStart()
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
if (session_ == 0) {
|
|
|
|
session_ = new WebSession(generateSid());
|
|
|
|
session_->updateTimestamp();
|
|
|
|
sessions_[session_->id] = session_;
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
QNetworkCookie cookie(C_SID, session_->id.toUtf8());
|
|
|
|
cookie.setPath(QLatin1String("/"));
|
|
|
|
header(Http::HEADER_SET_COOKIE, cookie.toRawForm());
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
return true;
|
|
|
|
}
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
return false;
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
bool AbstractWebApplication::sessionEnd()
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
if ((session_ != 0) && (sessions_.contains(session_->id))) {
|
|
|
|
QNetworkCookie cookie(C_SID, session_->id.toUtf8());
|
|
|
|
cookie.setPath(QLatin1String("/"));
|
|
|
|
cookie.setExpirationDate(QDateTime::currentDateTime());
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
sessions_.remove(session_->id);
|
|
|
|
delete session_;
|
|
|
|
session_ = 0;
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
header(Http::HEADER_SET_COOKIE, cookie.toRawForm());
|
|
|
|
return true;
|
|
|
|
}
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
return false;
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
QString AbstractWebApplication::saveTmpFile(const QByteArray &data)
|
|
|
|
{
|
|
|
|
QTemporaryFile tmpfile(QDir::temp().absoluteFilePath("qBT-XXXXXX.torrent"));
|
|
|
|
tmpfile.setAutoRemove(false);
|
|
|
|
if (tmpfile.open()) {
|
|
|
|
tmpfile.write(data);
|
|
|
|
tmpfile.close();
|
|
|
|
return tmpfile.fileName();
|
|
|
|
}
|
|
|
|
|
|
|
|
qWarning() << "I/O Error: Could not create temporary file";
|
|
|
|
return QString();
|
|
|
|
}
|
|
|
|
|
|
|
|
QStringMap AbstractWebApplication::initializeContentTypeByExtMap()
|
|
|
|
{
|
2015-02-05 19:54:15 +03:00
|
|
|
QStringMap map;
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
map["htm"] = Http::CONTENT_TYPE_HTML;
|
|
|
|
map["html"] = Http::CONTENT_TYPE_HTML;
|
|
|
|
map["css"] = Http::CONTENT_TYPE_CSS;
|
|
|
|
map["gif"] = Http::CONTENT_TYPE_GIF;
|
|
|
|
map["png"] = Http::CONTENT_TYPE_PNG;
|
|
|
|
map["js"] = Http::CONTENT_TYPE_JS;
|
2015-01-28 12:03:22 +03:00
|
|
|
|
2015-02-05 19:54:15 +03:00
|
|
|
return map;
|
2015-01-28 12:03:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
const QStringMap AbstractWebApplication::CONTENT_TYPE_BY_EXT = AbstractWebApplication::initializeContentTypeByExtMap();
|