Better / fixed validation of uploaded torrent files
Cette révision appartient à :
Parent
7b2968e430
révision
f9b29af311
4 fichiers modifiés avec 61 ajouts et 6 suppressions
|
@ -1,5 +1,6 @@
|
|||
package config
|
||||
|
||||
// remember to update the FAQ when updating these
|
||||
var Trackers = []string{
|
||||
"udp://tracker.coppersurfer.tk:6969",
|
||||
"udp://zer0day.to:1337/announce",
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"net/url"
|
||||
"strconv"
|
||||
"strings"
|
||||
"regexp"
|
||||
|
||||
"github.com/ewhal/nyaa/service/captcha"
|
||||
"github.com/ewhal/nyaa/util"
|
||||
|
@ -47,6 +48,10 @@ const UploadFormDescription = "desc"
|
|||
// error indicating a torrent is private
|
||||
var ErrPrivateTorrent = errors.New("torrent is private")
|
||||
|
||||
// error indicating a problem with its trackers
|
||||
// FIXME: hardcoded link
|
||||
var ErrTrackerProblem = errors.New("torrent does not have any (working) trackers: https://nyaa.pantsu.cat/faq#trackers")
|
||||
|
||||
// error indicating a torrent's name is invalid
|
||||
var ErrInvalidTorrentName = errors.New("torrent name is invalid")
|
||||
|
||||
|
@ -78,10 +83,9 @@ func (f *UploadForm) ExtractInfo(r *http.Request) error {
|
|||
return ErrInvalidTorrentName
|
||||
}
|
||||
|
||||
if len(f.Description) == 0 {
|
||||
return ErrInvalidTorrentDescription
|
||||
|
||||
}
|
||||
//if len(f.Description) == 0 {
|
||||
// return ErrInvalidTorrentDescription
|
||||
//}
|
||||
|
||||
catsSplit := strings.Split(f.Category, "_")
|
||||
// need this to prevent out of index panics
|
||||
|
@ -120,6 +124,12 @@ func (f *UploadForm) ExtractInfo(r *http.Request) error {
|
|||
return ErrPrivateTorrent
|
||||
}
|
||||
|
||||
// check trackers
|
||||
trackers := torrent.GetAllAnnounceURLS()
|
||||
if !CheckTrackers(trackers) {
|
||||
return ErrTrackerProblem
|
||||
}
|
||||
|
||||
// generate magnet
|
||||
binInfohash := torrent.Infohash()
|
||||
f.Infohash = hex.EncodeToString(binInfohash[:])
|
||||
|
@ -135,12 +145,44 @@ func (f *UploadForm) ExtractInfo(r *http.Request) error {
|
|||
return metainfo.ErrInvalidTorrentFile
|
||||
} else {
|
||||
f.Infohash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
|
||||
matched, err := regexp.MatchString("^[0-9A-F]{40}$", f.Infohash)
|
||||
if err != nil || !matched {
|
||||
return metainfo.ErrInvalidTorrentFile
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
var dead_trackers = []string{ // substring matches!
|
||||
"://open.nyaatorrents.info:6544",
|
||||
"://tracker.openbittorrent.com:80",
|
||||
"://tracker.publicbt.com:80",
|
||||
"://stats.anisource.net:2710",
|
||||
"://exodus.desync.com",
|
||||
"://open.demonii.com:1337",
|
||||
"://tracker.istole.it:80",
|
||||
"://tracker.ccc.de:80",
|
||||
"://bt2.careland.com.cn:6969",
|
||||
"://announce.torrentsmd.com:8080"}
|
||||
|
||||
func CheckTrackers(trackers []string) bool {
|
||||
var numGood int
|
||||
for _, t := range trackers {
|
||||
var good bool = true
|
||||
for _, check := range dead_trackers {
|
||||
if strings.Contains(t, check) {
|
||||
good = false
|
||||
}
|
||||
}
|
||||
if good {
|
||||
numGood += 1
|
||||
}
|
||||
}
|
||||
return numGood > 0
|
||||
}
|
||||
|
||||
// NewUploadForm creates a new upload form given parameters as list
|
||||
func NewUploadForm(params ...string) (uploadForm UploadForm) {
|
||||
if len(params) > 1 {
|
||||
|
|
|
@ -43,6 +43,18 @@
|
|||
<p>The magnet link should look like this: <span style="font-family:monospace">
|
||||
magnet:?xt=urn:btih:[hash]&dn=[name]&tr=[tracker]&tr=[...]</span></p>
|
||||
|
||||
<h2 id="trackers">Which trackers do you recommend using?</h2>
|
||||
<p>If your torrent upload is denied because of trackers you'll need to add some of these:</p>
|
||||
<pre>udp://tracker.coppersurfer.tk:6969
|
||||
udp://zer0day.to:1337/announce
|
||||
udp://tracker.leechers-paradise.org:6969
|
||||
udp://explodie.org:6969
|
||||
udp://tracker.opentrackr.org:1337
|
||||
udp://tracker.internetwarriors.net:1337/announce
|
||||
udp://eddie4.nl:6969/announce
|
||||
http://mgtracker.org:6969/announce
|
||||
http://tracker.baka-sub.cf/announce</pre>
|
||||
|
||||
<h2>How can I help?</h2>
|
||||
<p>If you have website development expertise, you can join the #nyaapantsu IRC channel on irc.rizon.net.
|
||||
If you have any current databases, especially for sukebei, <b>UPLOAD THEM</b>.</p>
|
||||
|
@ -54,7 +66,7 @@
|
|||
<p>It's the author's favorite programming language.</p>
|
||||
|
||||
<br />
|
||||
<img src="https://my.mixtape.moe/omrskw.png">
|
||||
<img src="https://my.mixtape.moe/omrskw.png" alt="funny meme">
|
||||
|
||||
<br />
|
||||
<h2>nyaa.pantsu.cat and sukebei.pantsu.cat do not host any files.</h2>
|
||||
|
|
|
@ -110,7 +110,7 @@ func (tf *TorrentFile) TorrentName() string {
|
|||
|
||||
// return true if this torrent is private otherwise return false
|
||||
func (tf *TorrentFile) IsPrivate() bool {
|
||||
return tf.Info.Private == nil || *tf.Info.Private == 0
|
||||
return tf.Info.Private != nil && *tf.Info.Private == 1
|
||||
}
|
||||
|
||||
// calculate infohash
|
||||
|
|
Référencer dans un nouveau ticket