diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2024-01-31 04:33:23 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska@appnovation.com> | 2024-01-31 04:33:23 +0000 |
| commit | 8a77310de280361dac86429dfda2c21d9cc7ac44 (patch) | |
| tree | e27a6a2fb40019ff1e5ec385b2e411e21da12e44 | |
| parent | a9739559f76a0a3dd691c580242ea0f5721d5b67 (diff) | |
| download | apaste-8a77310de280361dac86429dfda2c21d9cc7ac44.tar.gz | |
apasted options: change to -n maxfiles, add -s maxsize
Signed-off-by: Laurent Bercot <ska@appnovation.com>
| -rw-r--r-- | doc/apasted.html | 11 | ||||
| -rw-r--r-- | src/server/apasted.c | 16 |
2 files changed, 17 insertions, 10 deletions
diff --git a/doc/apasted.html b/doc/apasted.html index 878b5cd..8840ff3 100644 --- a/doc/apasted.html +++ b/doc/apasted.html @@ -30,7 +30,7 @@ stored files. <h2> Interface </h2> <pre> - apasted [ -r <em>rtimeout</em> ] [ -w <em>wtimeout</em> ] [ -d <em>rootdir</em> ] [ -p <em>prefix</em> ] [ -m <em>maxfiles</em> ] + apasted [ -r <em>rtimeout</em> ] [ -w <em>wtimeout</em> ] [ -d <em>rootdir</em> ] [ -p <em>prefix</em> ] [ -n <em>maxfiles</em> ] [ -s <em>maxsize</em> ] </pre> <ul> @@ -83,10 +83,15 @@ a web server's document hierarchy, which is the intended case. If <em>prefix</em is the URL of apasted's base directory, then the slug can directly be used as a URL to access the client's files. </dd> - <dt> -m <em>maxfiles</em> </dt> + <dt> -n <em>maxfiles</em> </dt> <dd> Accept a maximum of <em>maxfiles</em> files at a time from the client. The default is 0, meaning unlimited: the client can send as many files as it wants and apasted will still store them if it is possible. </dd> + + <dt> -s <em>maxsize</em> </dt> + <dd> Accept a maximum of <em>maxsize</em> bytes for each file. +0 means unlimited: the files can be as big as the client +wants, which is not a very good idea. The default is 1 MB. </dd> </dl> <h2> Typical usage </h2> @@ -112,7 +117,7 @@ the server. As such, it is very easy to abuse, and caution should be taken when running an apasted server: <ul> <li> If possible, have quotas on the filesystem hosting the apasted storage area </li> - <li> Use the <tt>-m</tt> option to avoid trivial inode exhaustion attacks </li> + <li> Use the <tt>-n</tt> option to avoid trivial inode exhaustion attacks </li> <li> Use your super-server's options to mitigate client patterns of abuse, log and block the IPs of problematic clients </li> <li> Run scripts that regularly delete old <em>subdir</em>s (and their contents) diff --git a/src/server/apasted.c b/src/server/apasted.c index b338154..a2bed17 100644 --- a/src/server/apasted.c +++ b/src/server/apasted.c @@ -27,7 +27,7 @@ #include <apaste/config.h> #include "apaste-common.h" -#define USAGE "apasted [ -r rtimeout ] [ -w wtimeout ] [ -d rootdir ] [ -p prefix ] [ -m maxfiles ]" +#define USAGE "apasted [ -r rtimeout ] [ -w wtimeout ] [ -d rootdir ] [ -p prefix ] [ -n maxfiles ] [ -s maxsize ]" #define dieusage() strerr_dieusage(100, USAGE) #define FORBIDDEN " \t\r\n\"<>&;" @@ -155,7 +155,7 @@ static inline size_t add_unique (stralloc *sa, size_t *indices, uint32_t n, char return blen ; } -static void read_one_file (char const *dir, buffer *b, buffer *ib, stralloc *sa, size_t *indices, uint32_t n, tain const *deadline) +static void read_one_file (char const *dir, buffer *b, buffer *ib, stralloc *sa, size_t *indices, uint32_t n, uint64_t maxsize, tain const *deadline) { uint64_t filelen ; size_t bnamelen ; @@ -201,7 +201,7 @@ static void read_one_file (char const *dir, buffer *b, buffer *ib, stralloc *sa, char fmt[UINT64_FMT] ; if (sanitize_read(timed_getlnmax_g(b, fmt, UINT64_FMT, &w, '\n', deadline)) <= 0) goto err ; m = uint64_scan(fmt, &filelen) ; - if (!m || m+1 != w || fmt[m] != '\n') goto err ; + if (!m || m+1 != w || fmt[m] != '\n' || filelen > maxsize) goto err ; } { @@ -246,6 +246,7 @@ int main (int argc, char const *const *argv) char const *prefix = "" ; tain rtto = TAIN_INFINITE_RELATIVE, wtto = TAIN_INFINITE_RELATIVE ; tain deadline ; + uint64_t maxsize = 1048576 ; uint32_t maxfiles = 0 ; uint32_t n ; char buf[4097] ; @@ -258,7 +259,7 @@ int main (int argc, char const *const *argv) subgetopt l = SUBGETOPT_ZERO ; for (;;) { - int opt = subgetopt_r(argc, argv, "r:w:d:p:m:", &l) ; + int opt = subgetopt_r(argc, argv, "r:w:d:p:n:s:", &l) ; if (opt == -1) break ; switch (opt) { @@ -266,7 +267,8 @@ int main (int argc, char const *const *argv) case 'w' : if (!uint320_scan(l.arg, &wt)) dieusage() ; break ; case 'd' : rootdir = l.arg ; break ; case 'p' : prefix = l.arg ; break ; - case 'm' : if (!uint320_scan(l.arg, &maxfiles)) dieusage() ; break ; + case 'n' : if (!uint320_scan(l.arg, &maxfiles)) dieusage() ; break ; + case 's' : if (!uint640_scan(l.arg, &maxsize)) dieusage() ; break ; default : dieusage() ; } } @@ -302,7 +304,7 @@ int main (int argc, char const *const *argv) } if (!mkdtemp(dir)) strerr_diefu1sys(111, "mkdtemp") ; - if (n == 1) read_one_file(dir, &b, 0, 0, 0, 0, &deadline) ; + if (n == 1) read_one_file(dir, &b, 0, 0, 0, 0, maxsize, &deadline) ; else { stralloc sa = STRALLOC_ZERO ; @@ -310,7 +312,7 @@ int main (int argc, char const *const *argv) buffer ib ; char ibuf[4096] ; prepare_index(&ib, dir, ibuf, 4096) ; - for (uint32_t i = 0 ; i < n ; i++) read_one_file(dir, &b, &ib, &sa, indices, i, &deadline) ; + for (uint32_t i = 0 ; i < n ; i++) read_one_file(dir, &b, &ib, &sa, indices, i, maxsize, &deadline) ; finish_index(&ib, dir) ; } |