invidious-nadeko.net/piped-proxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Set socket permissions to 777 (ChatGPT Code xd)
Some checks failed
Build using Cargo / build (push) Has been cancelled
Details

Browse source
This commit is contained in:
Fijxu 2024-10-23 20:00:33 -03:00
parent be3183a62e
commit a4047bee63
Signed by: Fijxu
GPG key ID: 32C1DDF333EDA6A4
1 changed files with 61 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

109
src/main.rs
View file

@ -13,6 +13,8 @@ use std::io::ErrorKind;
use std::net::TcpListener; use std::net::TcpListener;
use std::os::unix::net::UnixListener; use std::os::unix::net::UnixListener;
use std::{env, io}; use std::{env, io};
use std::fs;
use std::os::unix::fs::PermissionsExt;
#[cfg(not(any(feature = "reqwest-native-tls", feature = "reqwest-rustls")))] #[cfg(not(any(feature = "reqwest-native-tls", feature = "reqwest-rustls")))]
compile_error!("feature \"reqwest-native-tls\" or \"reqwest-rustls\" must be set for proxy to have TLS support"); compile_error!("feature \"reqwest-native-tls\" or \"reqwest-rustls\" must be set for proxy to have TLS support");
@ -80,7 +82,18 @@ async fn main() -> std::io::Result<()> {
server = if utils::get_env_bool("UDS") { server = if utils::get_env_bool("UDS") {
let socket_path = let socket_path =
env::var("BIND_UNIX").unwrap_or_else(|_| "./socket/actix.sock".to_string()); env::var("BIND_UNIX").unwrap_or_else(|_| "./socket/actix.sock".to_string());
server.bind_uds(socket_path)? // Create the socket directory if it doesn't exist
if let Some(pos) = socket_path.rfind('/') {
let dir = &socket_path[..pos];
fs::create_dir_all(dir).expect("Failed to create socket directory");
}
let listener = server.bind_uds(socket_path.clone())?;
// Set permissions to 777
let permissions = fs::metadata(&socket_path)?.permissions();
let mut mode = permissions.mode();
mode |= 0o777; // Set to 777
fs::set_permissions(&socket_path, fs::Permissions::from_mode(mode))?;
listener
} else { } else {
let bind = env::var("BIND").unwrap_or_else(|_| "0.0.0.0:8080".to_string()); let bind = env::var("BIND").unwrap_or_else(|_| "0.0.0.0:8080".to_string());
server.bind(bind)? server.bind(bind)?
@ -91,10 +104,10 @@ async fn main() -> std::io::Result<()> {
} }
static RE_DOMAIN: Lazy<Regex> = static RE_DOMAIN: Lazy<Regex> =
Lazy::new(|| Regex::new(r"^(?:[a-z\d.-]*\.)?([a-z\d-]*\.[a-z\d-]*)$").unwrap()); Lazy::new(|| Regex::new(r"^(?:[a-z\d.-]*\.)?([a-z\d-]*\.[a-z\d-]*)$").unwrap());
static RE_MANIFEST: Lazy<Regex> = Lazy::new(|| Regex::new("(?m)URI=\"([^\"]+)\"").unwrap()); static RE_MANIFEST: Lazy<Regex> = Lazy::new(|| Regex::new("(?m)URI=\"([^\"]+)\"").unwrap());
static RE_DASH_MANIFEST: Lazy<Regex> = static RE_DASH_MANIFEST: Lazy<Regex> =
Lazy::new(|| Regex::new("BaseURL>(https://[^<]+)</BaseURL").unwrap()); Lazy::new(|| Regex::new("BaseURL>(https://[^<]+)</BaseURL").unwrap());
static CLIENT: Lazy<Client> = Lazy::new(|| { static CLIENT: Lazy<Client> = Lazy::new(|| {
let builder = Client::builder() let builder = Client::builder()
@ -124,7 +137,7 @@ static CLIENT: Lazy<Client> = Lazy::new(|| {
builder builder
} }
.build() .build()
.unwrap() .unwrap()
}); });
const ANDROID_USER_AGENT: &str = "com.google.android.youtube/1537338816 (Linux; U; Android 13; en_US; ; Build/TQ2A.230505.002; Cronet/113.0.5672.24)"; const ANDROID_USER_AGENT: &str = "com.google.android.youtube/1537338816 (Linux; U; Android 13; en_US; ; Build/TQ2A.230505.002; Cronet/113.0.5672.24)";
@ -155,20 +168,20 @@ fn is_header_allowed(header: &str) -> bool {
!matches!( !matches!(
header, header,
"host" "host"
| "content-length" | "content-length"
| "set-cookie" | "set-cookie"
| "alt-svc" | "alt-svc"
| "accept-ch" | "accept-ch"
| "report-to" | "report-to"
| "strict-transport-security" | "strict-transport-security"
| "user-agent" | "user-agent"
| "range" | "range"
| "transfer-encoding" | "transfer-encoding"
| "x-real-ip" | "x-real-ip"
| "origin" | "origin"
| "referer" | "referer"
// the 'x-title' header contains non-ascii characters which is not allowed on some HTTP clients // the 'x-title' header contains non-ascii characters which is not allowed on some HTTP clients
| "x-title" | "x-title"
) )
} }
@ -227,7 +240,7 @@ async fn index(req: HttpRequest) -> Result<HttpResponse, Box<dyn Error>> {
// Find the slice before "/range/" // Find the slice before "/range/"
if let Some(position) = path if let Some(position) = path
.windows(range_marker.len()) .windows(range_marker.len())
.position(|window| window == range_marker) .position(|window| window == range_marker)
{ {
// Update the hasher with the part of the path before "/range/" // Update the hasher with the part of the path before "/range/"
// We add +1 to include the "/" in the hash // We add +1 to include the "/" in the hash
@ -244,7 +257,7 @@ async fn index(req: HttpRequest) -> Result<HttpResponse, Box<dyn Error>> {
hash[..8].to_owned() hash[..8].to_owned()
}) })
.await .await
.unwrap(); .unwrap();
if hash != qhash { if hash != qhash {
return Err("Invalid qhash provided".into()); return Err("Invalid qhash provided".into());
@ -370,38 +383,38 @@ async fn index(req: HttpRequest) -> Result<HttpResponse, Box<dyn Error>> {
#[cfg(feature = "avif")] #[cfg(feature = "avif")]
if !disallow_image_transcoding if !disallow_image_transcoding
&& (content_type == "image/webp" || content_type == "image/jpeg" && avif) && (content_type == "image/webp" || content_type == "image/jpeg" && avif)
{ {
let resp_bytes = resp.bytes().await.unwrap(); let resp_bytes = resp.bytes().await.unwrap();
let (body, content_type) = spawn_blocking(|| { let (body, content_type) = spawn_blocking(|| {
use ravif::{Encoder, Img}; use ravif::{Encoder, Img};
use rgb::FromSlice; use rgb::FromSlice;
let image = image::load_from_memory(&resp_bytes).unwrap(); let image = image::load_from_memory(&resp_bytes).unwrap();
let width = image.width() as usize; let width = image.width() as usize;
let height = image.height() as usize; let height = image.height() as usize;
let buf = image.into_rgb8(); let buf = image.into_rgb8();
let buf = buf.as_raw().as_rgb(); let buf = buf.as_raw().as_rgb();
let buffer = Img::new(buf, width, height); let buffer = Img::new(buf, width, height);
let res = Encoder::new() let res = Encoder::new()
.with_quality(80f32) .with_quality(80f32)
.with_speed(7) .with_speed(7)
.encode_rgb(buffer); .encode_rgb(buffer);
if let Ok(res) = res { if let Ok(res) = res {
(res.avif_file.to_vec(), "image/avif") (res.avif_file.to_vec(), "image/avif")
} else { } else {
(resp_bytes.into(), "image/jpeg") (resp_bytes.into(), "image/jpeg")
} }
}) })
.await .await
.unwrap(); .unwrap();
response.content_type(content_type); response.content_type(content_type);
return Ok(response.body(body)); return Ok(response.body(body));
} }
#[cfg(feature = "webp")] #[cfg(feature = "webp")]
if !disallow_image_transcoding && content_type == "image/jpeg" { if !disallow_image_transcoding && content_type == "image/jpeg" {
@ -440,7 +453,7 @@ async fn index(req: HttpRequest) -> Result<HttpResponse, Box<dyn Error>> {
} }
}) })
.await .await
.unwrap(); .unwrap();
response.content_type(content_type); response.content_type(content_type);
return Ok(response.body(body)); return Ok(response.body(body));
} }
@ -465,7 +478,7 @@ async fn index(req: HttpRequest) -> Result<HttpResponse, Box<dyn Error>> {
} }
utils::localize_url(line, host.as_str()) utils::localize_url(line, host.as_str())
}) })
.collect::<Vec<String>>() .collect::<Vec<String>>()
.join("\n"); .join("\n");
return Ok(response.body(modified)); return Ok(response.body(modified));