Author: poeml Date: Fri Nov 5 13:04:39 2010 New Revision: 8194 URL: http://svn.mirrorbrain.org/viewvc/mirrorbrain?rev=8194&view=rev Log: mod_mirrorbrain: - add experimental feature for restricted downloads, by redirecting to temporary URLs, whose validity can be verified by the mirrors. See http://www.mail-archive.com/mirrorbrain_at_mirrorbrain.org/msg00011.html Consider this a prototype implementation that could be changed later, hence the Apache config directive is called MirrorBrainRedirectStampKey_EXPERIMENTAL. Modified: trunk/mod_mirrorbrain/mod_mirrorbrain.c Modified: trunk/mod_mirrorbrain/mod_mirrorbrain.c URL: http://svn.mirrorbrain.org/viewvc/mirrorbrain/trunk/mod_mirrorbrain/mod_mirrorbrain.c?rev=8194&r1=8193&r2=8194&view=diff ============================================================================== --- trunk/mod_mirrorbrain/mod_mirrorbrain.c (original) +++ trunk/mod_mirrorbrain/mod_mirrorbrain.c Fri Nov 5 13:04:39 2010 _at_@ -232,6 +232,7 @@ apr_array_header_t *exclude_ips; ap_regex_t *exclude_filemask; ap_regex_t *metalink_torrentadd_mask; + const char *stampkey; } mb_dir_conf; /* per-server configuration */ _at_@ -380,6 +381,7 @@ new->exclude_ips = apr_array_make(p, 4, sizeof (char *)); new->exclude_filemask = NULL; new->metalink_torrentadd_mask = NULL; + new->stampkey = NULL; return (void *) new; } _at_@ -409,6 +411,7 @@ mrg->exclude_ips = apr_array_append(p, base->exclude_ips, add->exclude_ips); mrg->exclude_filemask = (add->exclude_filemask == NULL) ? base->exclude_filemask : add->exclude_filemask; mrg->metalink_torrentadd_mask = (add->metalink_torrentadd_mask == NULL) ? base->metalink_torrentadd_mask : add->metalink_torrentadd_mask; + cfgMergeString(stampkey); return (void *) mrg; } _at_@ -484,6 +487,14 @@ mb_dir_conf *cfg = (mb_dir_conf *) config; cfg->engine_on = flag; cfg->mirror_base = apr_pstrdup(cmd->pool, cmd->path); + return NULL; +} + +static const char *mb_cmd_redirect_stamp_key(cmd_parms *cmd, void *config, + const char* arg1) +{ + mb_dir_conf *cfg = (mb_dir_conf *) config; + cfg->stampkey = arg1; return NULL; } _at_@ -3111,8 +3122,21 @@ + /* Build target URI */ + if (cfg->stampkey) { + const char* epoch = apr_itoa(r->pool, apr_time_sec(r->request_time)); + const char* epochkey = apr_pstrcat(r->pool, epoch, " ", cfg->stampkey, NULL); + const char* stamp = ap_md5(r->pool, (unsigned const char *)epochkey); + + debugLog(r, cfg, "stamp: '%s' -> %s", epochkey, stamp); + uri = apr_pstrcat(r->pool, chosen->baseurl, filename, + "?time=", epoch, + "&stamp=", stamp, NULL); + } else { + uri = apr_pstrcat(r->pool, chosen->baseurl, filename, NULL); + } + /* Send it away: set a "Location:" header and 302 redirect. */ - uri = apr_pstrcat(r->pool, chosen->baseurl, filename, NULL); debugLog(r, cfg, "Redirect to '%s'", uri); /* for _conditional_ logging, leave some mark */ _at_@ -3267,6 +3291,12 @@ "mirror can be found in the database. These mirrors are assumed to have " "*all* files. (Or they could be configured per directory.)"), + AP_INIT_TAKE1("MirrorBrainRedirectStampKey_EXPERIMENTAL", mb_cmd_redirect_stamp_key, NULL, + ACCESS_CONF, + "Causes MirrorBrain to append a signed timestamp to redirection URLs. The " + "argument is a string that defines the key to encrypt the timestamp with. " + "Can be configured on directory-level."), + /* to be used only in server context */ AP_INIT_TAKE1("MirrorBrainDBDQuery", mb_cmd_dbd_query, NULL, RSRC_CONF, _______________________________________________ mirrorbrain-commits mailing list Archive: http://mirrorbrain.org/archive/mirrorbrain-commits/ Note: To remove yourself from this list, send a mail with the content unsubscribe to the address mirrorbrain-commits-request_at_mirrorbrain.orgReceived on Fri Nov 05 2010 - 12:04:43 GMT
This archive was generated by hypermail 2.3.0 : Fri Nov 05 2010 - 12:17:06 GMT