mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/element-hq/dendrite.git synced 2025-09-14 05:12:26 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

added federation api allow/deny ip list checking

Browse source 
Signed-off-by: adnull <d.lexand@gmail.com>
This commit is contained in:
adnull 2025-01-21 11:57:44 +01:00
parent e697b920a4
commit 8fa0fcecfa
7 changed files with 219 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

10
mediaapi/routing/routing.go
View file

@ -8,10 +8,13 @@ package routing
import (
"encoding/json"
"net"
"net/http"
"strings"
"time"
"github.com/element-hq/dendrite/federationapi/routing"
"github.com/element-hq/dendrite/internal"
"github.com/element-hq/dendrite/internal/httputil"
"github.com/element-hq/dendrite/mediaapi/storage"
"github.com/element-hq/dendrite/mediaapi/types"
@ -89,7 +92,6 @@ func Setup(
}
// v1 url_preview endpoint requiring auth
downloadHandler := makeDownloadAPI("download_unauthed", &cfg.MediaAPI, rateLimits, db, client, federationClient, activeRemoteRequests, activeThumbnailGeneration, false)
v3mux.Handle("/download/{serverName}/{mediaId}", downloadHandler).Methods(http.MethodGet, http.MethodOptions)
v3mux.Handle("/download/{serverName}/{mediaId}/{downloadName}", downloadHandler).Methods(http.MethodGet, http.MethodOptions)
@ -104,7 +106,11 @@ func Setup(
v1mux.Handle("/download/{serverName}/{mediaId}", downloadHandlerAuthed).Methods(http.MethodGet, http.MethodOptions)
v1mux.Handle("/download/{serverName}/{mediaId}/{downloadName}", downloadHandlerAuthed).Methods(http.MethodGet, http.MethodOptions)
urlPreviewHandler := httputil.MakeAuthAPI("preview_url", userAPI, makeUrlPreviewHandler(&cfg.MediaAPI, rateLimits, db, activeThumbnailGeneration))
var dialer *net.Dialer
if cfg.FederationAPI.AllowNetworkCIDRs != nil || cfg.FederationAPI.DenyNetworkCIDRs != nil {
dialer = internal.GetDialer(cfg.FederationAPI.AllowNetworkCIDRs, cfg.FederationAPI.DenyNetworkCIDRs, time.Duration(cfg.MediaAPI.UrlPreviewTimeout))
}
urlPreviewHandler := httputil.MakeAuthAPI("preview_url", userAPI, makeUrlPreviewHandler(&cfg.MediaAPI, dialer, rateLimits, db, activeThumbnailGeneration))
v1mux.Handle("/preview_url", urlPreviewHandler).Methods(http.MethodGet, http.MethodOptions)
// That method is deprecated according to spec but still in use
v3mux.Handle("/preview_url", urlPreviewHandler).Methods(http.MethodGet, http.MethodOptions)