Onionr/src/lan/server/__init__.py

"""Onionr - Private P2P Communication.

LAN transport server thread
"""
from gevent.pywsgi import WSGIServer
from flask import Flask
from flask import Response
from flask import request
from flask import abort

from onionrblocks.onionrblockapi import Block
from httpapi.fdsafehandler import FDSafeHandler
from netcontroller import get_open_port
import config
from coredb.blockmetadb import get_block_list
from lan.getip import best_ip
from onionrutils import stringvalidators
from httpapi.miscpublicapi.upload import accept_upload
import logger
"""
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.
"""


class LANServer:
    def __init__(self, shared_state):
        app = Flask(__name__)
        self.app = app
        self.host = config.get('lan.bind_ip', '')
        self.server = None
        if self.host == '':
            self.host = best_ip
        self.port = None

        @app.before_request
        def dns_rebinding_prevention():
            if request.host != f'{self.host}:{self.port}':
                logger.warn('Potential DNS rebinding attack on LAN server:')
                logger.warn(f'Hostname {request.host} was used instead of {self.host}:{self.port}')
                abort(403)

        @app.route('/blist/<time>')
        def get_block_list_for_lan(time):
            return Response('\n'.join(get_block_list(dateRec=time)))

        @app.route('/get/<block>')
        def get_block_data(block):
            if not stringvalidators.validate_hash(block):
                raise ValueError
            return Response(
                Block(block).raw, mimetype='application/octet-stream')

        @app.route("/ping")
        def ping():
            return Response("onionr!")

        @app.route('/upload', methods=['POST'])
        def upload_endpoint():
            return accept_upload(request)

    def start_server(self):
        self.server = WSGIServer((self.host, get_open_port()),
                                 self.app, log=None,
                                 handler_class=FDSafeHandler)
        self.port = self.server.server_port
        logger.info(f'Serving to LAN on {self.host}:{self.port}', terminal=True)
        self.server.serve_forever()