From 289c5cd24f51313c09883bc0d3f8238c2700f2c0 Mon Sep 17 00:00:00 2001 From: kaso17 Date: Fri, 11 Aug 2017 15:14:40 +0200 Subject: [PATCH] encrypt original path in download links and move apikey to parameters --- src/Jackett/Controllers/BlackholeController.cs | 12 ++++++++---- src/Jackett/Controllers/DownloadController.cs | 9 ++++++--- src/Jackett/Services/ServerService.cs | 7 +++++-- src/Jackett/Startup.cs | 4 ++-- 4 files changed, 21 insertions(+), 11 deletions(-) diff --git a/src/Jackett/Controllers/BlackholeController.cs b/src/Jackett/Controllers/BlackholeController.cs index 542dfd7cf..a65444dbd 100644 --- a/src/Jackett/Controllers/BlackholeController.cs +++ b/src/Jackett/Controllers/BlackholeController.cs @@ -23,16 +23,18 @@ namespace Jackett.Controllers private Logger logger; private IIndexerManagerService indexerService; IServerService serverService; + IProtectionService protectionService; - public BlackholeController(IIndexerManagerService i, Logger l, IServerService s) + public BlackholeController(IIndexerManagerService i, Logger l, IServerService s, IProtectionService ps) { logger = l; indexerService = i; serverService = s; + protectionService = ps; } [HttpGet] - public async Task Blackhole(string indexerID, string path, string apikey, string file) + public async Task Blackhole(string indexerID, string path, string jackett_apikey, string file) { var jsonReply = new JObject(); @@ -45,10 +47,12 @@ namespace Jackett.Controllers throw new Exception("This indexer is not configured."); } - if (serverService.Config.APIKey != apikey) + if (serverService.Config.APIKey != jackett_apikey) throw new Exception("Incorrect API key"); - var remoteFile = new Uri(Encoding.UTF8.GetString(HttpServerUtility.UrlTokenDecode(path)), UriKind.RelativeOrAbsolute); + path = Encoding.UTF8.GetString(HttpServerUtility.UrlTokenDecode(path)); + path = protectionService.UnProtect(path); + var remoteFile = new Uri(path, UriKind.RelativeOrAbsolute); var downloadBytes = await indexer.Download(remoteFile); if (string.IsNullOrWhiteSpace(Engine.Server.Config.BlackholeDir)) diff --git a/src/Jackett/Controllers/DownloadController.cs b/src/Jackett/Controllers/DownloadController.cs index 41fa5197c..36cb6b90b 100644 --- a/src/Jackett/Controllers/DownloadController.cs +++ b/src/Jackett/Controllers/DownloadController.cs @@ -22,16 +22,18 @@ namespace Jackett.Controllers Logger logger; IIndexerManagerService indexerService; IServerService serverService; + IProtectionService protectionService; - public DownloadController(IIndexerManagerService i, Logger l, IServerService s) + public DownloadController(IIndexerManagerService i, Logger l, IServerService s, IProtectionService ps) { logger = l; indexerService = i; serverService = s; + protectionService = ps; } [HttpGet] - public async Task Download(string indexerID, string path, string apikey, string file) + public async Task Download(string indexerID, string path, string jackett_apikey, string file) { try { @@ -44,8 +46,9 @@ namespace Jackett.Controllers } path = Encoding.UTF8.GetString(HttpServerUtility.UrlTokenDecode(path)); + path = protectionService.UnProtect(path); - if (serverService.Config.APIKey != apikey) + if (serverService.Config.APIKey != jackett_apikey) return new HttpResponseMessage(HttpStatusCode.Unauthorized); var target = new Uri(path, UriKind.RelativeOrAbsolute); diff --git a/src/Jackett/Services/ServerService.cs b/src/Jackett/Services/ServerService.cs index 45e859142..6dd6f5c3f 100644 --- a/src/Jackett/Services/ServerService.cs +++ b/src/Jackett/Services/ServerService.cs @@ -46,6 +46,7 @@ namespace Jackett.Services private IWebClient client; private IUpdateService updater; private List _notices = new List(); + IProtectionService protectionService; public ServerService(IIndexerManagerService i, IProcessService p, ISerializeService s, IConfigurationService c, Logger l, IWebClient w, IUpdateService u, IProtectionService protectionService) { @@ -56,6 +57,7 @@ namespace Jackett.Services logger = l; client = w; updater = u; + this.protectionService = protectionService; LoadConfig(); // "TEMPORARY" HACK @@ -80,9 +82,10 @@ namespace Jackett.Services if (link == null || (link.IsAbsoluteUri && link.Scheme == "magnet")) return link; - var encodedLink = HttpServerUtility.UrlTokenEncode(Encoding.UTF8.GetBytes(link.ToString())); + var encryptedLink = protectionService.Protect(link.ToString()); + var encodedLink = HttpServerUtility.UrlTokenEncode(Encoding.UTF8.GetBytes(encryptedLink)); string urlEncodedFile = WebUtility.UrlEncode(file); - var proxyLink = string.Format("{0}{1}/{2}/{3}?path={4}&file={5}", serverUrl, action, indexerId, config.APIKey, encodedLink, urlEncodedFile); + var proxyLink = string.Format("{0}{1}/{2}/?jackett_apikey={3}&path={4}&file={5}", serverUrl, action, indexerId, config.APIKey, encodedLink, urlEncodedFile); return new Uri(proxyLink); } diff --git a/src/Jackett/Startup.cs b/src/Jackett/Startup.cs index b09b0fef8..64ea553c1 100644 --- a/src/Jackett/Startup.cs +++ b/src/Jackett/Startup.cs @@ -210,13 +210,13 @@ namespace Jackett config.Routes.MapHttpRoute( name: "download", - routeTemplate: "dl/{indexerID}/{apiKey}", + routeTemplate: "dl/{indexerID}", defaults: new { controller = "Download", action = "Download" } ); config.Routes.MapHttpRoute( name: "blackhole", - routeTemplate: "bh/{indexerID}/{apikey}", + routeTemplate: "bh/{indexerID}", defaults: new { controller = "Blackhole", action = "Blackhole" } );