LBRYCommunity/tracker
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Compare commits

merge into: LBRYCommunity:main
Branches Tags
LBRYCommunity:main
LBRYCommunity:middleware_mod
LBRYCommunity:dependabot/go_modules/github.com/spf13/cobra-1.4.0
LBRYCommunity:dependabot/go_modules/github.com/stretchr/testify-1.7.1
LBRYCommunity:dependabot/github_actions/docker/build-push-action-2.10.0
LBRYCommunity:dependabot/github_actions/actions/checkout-3
LBRYCommunity:dependabot/go_modules/github.com/anacrolix/torrent-1.41.0
LBRYCommunity:dependabot/github_actions/golangci/golangci-lint-action-3.1.0
LBRYCommunity:dependabot/go_modules/github.com/prometheus/client_golang-1.12.1
LBRYCommunity:dependabot/github_actions/nosborn/github-action-markdown-cli-3.0.1
LBRYCommunity:dependabot/add-v2-config-file
LBRYCommunity:release-v1.0
LBRYCommunity:v2.0.0-rc.2
LBRYCommunity:v2.0.0-rc.1
LBRYCommunity:v1.0.2
LBRYCommunity:v1.0.1
LBRYCommunity:v1.0.0
LBRYCommunity:v2014.08.07-1
...
pull from: LBRYCommunity:release-v1.0
Branches Tags
LBRYCommunity:middleware_mod
LBRYCommunity:main
LBRYCommunity:dependabot/go_modules/github.com/spf13/cobra-1.4.0
LBRYCommunity:dependabot/go_modules/github.com/stretchr/testify-1.7.1
LBRYCommunity:dependabot/github_actions/docker/build-push-action-2.10.0
LBRYCommunity:dependabot/github_actions/actions/checkout-3
LBRYCommunity:dependabot/go_modules/github.com/anacrolix/torrent-1.41.0
LBRYCommunity:dependabot/github_actions/golangci/golangci-lint-action-3.1.0
LBRYCommunity:dependabot/go_modules/github.com/prometheus/client_golang-1.12.1
LBRYCommunity:dependabot/github_actions/nosborn/github-action-markdown-cli-3.0.1
LBRYCommunity:dependabot/add-v2-config-file
LBRYCommunity:release-v1.0
LBRYCommunity:v2.0.0-rc.2
LBRYCommunity:v2.0.0-rc.1
LBRYCommunity:v1.0.2
LBRYCommunity:v1.0.1
LBRYCommunity:v1.0.0
LBRYCommunity:v2014.08.07-1

6 commits
main ... release-v1

Author SHA1 Message Date
Jimmy Zelinskie
c994988ad5 Merge pull request #237 from jzelinskie/v1jwtfix 
jwt: verifying JWT are now client errors
 2016-09-30 09:57:58 -04:00
Jimmy Zelinskie
eca06c4c88 jwt: verifying JWT are now client errors 
These were previously raising a 500 in the HTTP server; rather, they
should return 200 but explain the the client that their JWTs are
invalid.
 2016-09-29 15:52:52 -04:00
Jimmy Zelinskie
f9ca2eb515 docker: move to alpine & mount config file only 2016-09-27 13:39:27 -04:00
Jimmy Zelinskie
7dda58a940 README: fix docker instructions 2016-09-27 13:14:48 -04:00
Jimmy Zelinskie
b4c9c403cb Merge pull request #183 from schwarz/release-v1.0 
readme: fix broken configuration links
 2016-06-28 10:35:43 -04:00
Bernhard Schwarz
6a27a3ec0d readme: fix broken configuration links 
These files don't exist or have changed in master, a relative link is needed.
 2016-06-28 13:09:59 +02:00
3 changed files with 29 additions and 25 deletions
Show stats Expand all files Collapse all files

20
Dockerfile
View file

@ -1,17 +1,18 @@
# vim: ft=dockerfile
FROM golang
FROM golang:alpine
MAINTAINER Jimmy Zelinskie <jimmyzelinskie@gmail.com>
# Add files
# Create source directory
WORKDIR /go/src/github.com/chihaya/chihaya/
RUN mkdir -p /go/src/github.com/chihaya/chihaya/
# Dependencies
# Install dependencies
RUN apk update && apk add git
RUN go get github.com/tools/godep
ADD Godeps /go/src/github.com/chihaya/chihaya/Godeps
RUN godep restore
# Add source
# Add source files
ADD *.go /go/src/github.com/chihaya/chihaya/
ADD api /go/src/github.com/chihaya/chihaya/api
ADD cmd /go/src/github.com/chihaya/chihaya/cmd
@ -20,14 +21,13 @@ ADD http /go/src/github.com/chihaya/chihaya/http
ADD stats /go/src/github.com/chihaya/chihaya/stats
ADD tracker /go/src/github.com/chihaya/chihaya/tracker
ADD udp /go/src/github.com/chihaya/chihaya/udp
ADD example_config.json /config.json
# Install
# Install chihaya
RUN go install github.com/chihaya/chihaya/cmd/chihaya
# Configuration/environment
VOLUME ["/config"]
# Setup the entrypoint
# docker run -p 6880-6882:6880-6882 -v $PATH_TO_CONFIG_FILE:/config.json:ro quay.io/jzelinskie/chihaya:latest -v=5
EXPOSE 6880-6882
# docker run -p 6880-6882:6880-6882 -v $PATH_TO_DIR_WITH_CONF_FILE:/config:ro -e quay.io/jzelinskie/chihaya:latest -v=5
ENTRYPOINT ["chihaya", "-config=/config/config.json", "-logtostderr=true"]
ENTRYPOINT ["chihaya", "-config=/config.json", "-logtostderr=true"]
CMD ["-v=5"]

13
README.md
View file

@ -44,15 +44,18 @@ This is particularly useful behavior for private tracker use-cases.
Copy [`example_config.json`] to your choice of location, and update the values as required.
An explanation of the available keys can be found in [CONFIGURATION.md].
[`example_config.json`]: https://github.com/chihaya/chihaya/blob/master/example_config.json
[CONFIGURATION.md]: https://github.com/chihaya/chihaya/blob/master/CONFIGURATION.md
[`example_config.json`]: ./example_config.json
[CONFIGURATION.md]: ./CONFIGURATION.md
### Docker
```sh
$ docker pull quay.io/jzelinskie/chihaya:latest
$ export CHIHAYA_LOG_LEVEL=5 # most verbose, and the default
$ docker run -p 6880-6882:6880-6882 -v $PATH_TO_DIR_WITH_CONF_FILE:/config:ro -e quay.io/jzelinskie/chihaya:latest -v=$CHIHAYA_LOG_LEVEL
# Download and edit the example config
curl -L https://raw.githubusercontent.com/chihaya/chihaya/release-v1.0/example_config.json -o config.json
vi config.json
# Run the container with the config file mounted
docker run -p 6880-6882:6880-6882 -v $PWD/config.json:/config.json:ro quay.io/jzelinskie/chihaya:v1.0.1 -v=5
```
## Developing Chihaya

21
tracker/jwt.go
View file

@ -7,7 +7,6 @@ package tracker
import (
"encoding/json"
"errors"
"fmt"
"net/http"
"net/url"
"time"
@ -15,6 +14,8 @@ import (
oidchttp "github.com/coreos/go-oidc/http"
"github.com/coreos/go-oidc/jose"
"github.com/golang/glog"
"github.com/chihaya/chihaya/tracker/models"
)
const jwkTTLFallback = 5 * time.Minute
@ -101,46 +102,46 @@ func validateJWTSignature(jwt *jose.JWT, jwkSet *jwkSet) (bool, error) {
func (tkr *Tracker) validateJWT(jwtStr, infohash string) error {
jwkSet := tkr.jwkSet
if time.Now().After(jwkSet.validUntil) {
return fmt.Errorf("Failed verify JWT due to stale JWK Set")
return errors.New("Failed verify JWT due to stale JWK Set")
}
jwt, err := jose.ParseJWT(jwtStr)
if err != nil {
return err
return models.ClientError("Failed to parse JWT")
}
validated, err := validateJWTSignature(&jwt, &jwkSet)
if err != nil {
return err
} else if !validated {
return errors.New("Failed to verify JWT with all available verifiers")
return models.ClientError("Failed to verify JWT signature with available verifiers")
}
claims, err := jwt.Claims()
if err != nil {
return err
return models.ClientError("Failed to decode JWT claims")
}
if claimedIssuer, ok, err := claims.StringClaim("iss"); claimedIssuer != jwkSet.Issuer || err != nil || !ok {
return errors.New("Failed to validate JWT issuer claim")
return models.ClientError("Failed to validate JWT issuer claim")
}
if claimedAudience, ok, err := claims.StringClaim("aud"); claimedAudience != tkr.Config.JWTAudience || err != nil || !ok {
return errors.New("Failed to validate JWT audience claim")
return models.ClientError("Failed to validate JWT audience claim")
}
claimedInfohash, ok, err := claims.StringClaim("infohash")
if err != nil || !ok {
return errors.New("Failed to validate JWT infohash claim")
return models.ClientError("Failed to validate JWT infohash claim")
}
unescapedInfohash, err := url.QueryUnescape(claimedInfohash)
if err != nil {
return errors.New("Failed to unescape JWT infohash claim")
return models.ClientError("Failed to unescape JWT infohash claim")
}
if unescapedInfohash != infohash {
return errors.New("Failed to match infohash claim with requested infohash")
return models.ClientError("Failed to match infohash claim with requested infohash")
}
return nil