X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=apt_p2p%2FHTTPServer.py;h=f3d6de72525281df73660f35adc252f26d630414;hb=40ef1ce5ded865bc9c339d15e667e87fc5775a7c;hp=3a9a3a3177ced71374c3d4c4a51b0979d617bd0c;hpb=6d23f1559df1435172f1da25ae0f57ae11a24bde;p=quix0rs-apt-p2p.git

diff --git a/apt_p2p/HTTPServer.py b/apt_p2p/HTTPServer.py
index 3a9a3a3..f3d6de7 100644
--- a/apt_p2p/HTTPServer.py
+++ b/apt_p2p/HTTPServer.py
@@ -56,7 +56,7 @@ class FileDownloader(static.File):
 class FileUploaderStream(stream.FileStream):
     """Modified to make it suitable for streaming to peers.
     
-    Streams the file is small chunks to make it easier to throttle the
+    Streams the file in small chunks to make it easier to throttle the
     streaming to peers.
     
     @ivar CHUNK_SIZE: the size of chunks of data to send at a time
@@ -214,7 +214,8 @@ class TopLevel(resource.Resource):
                 return None, ()
             
             # Find the file in the database
-            hash = unquote_plus(segments[1])
+            # Have to unquote_plus the uri, because the segments are unquoted by twisted
+            hash = unquote_plus(request.uri[3:])
             files = self.db.lookupHash(hash)
             if files:
                 # If it is a file, return it
@@ -226,13 +227,17 @@ class TopLevel(resource.Resource):
                     log.msg('Sending torrent string %s to %s' % (b2a_hex(hash), request.remoteAddr))
                     return static.Data(bencode({'t': files[0]['pieces']}), 'application/x-bencoded'), ()
             else:
-                log.msg('Hash could not be found in database: %s' % hash)
+                log.msg('Hash could not be found in database: %r' % hash)
 
         # Only local requests (apt) get past this point
         if request.remoteAddr.host != "127.0.0.1":
             log.msg('Blocked illegal access to %s from %s' % (request.uri, request.remoteAddr))
             return None, ()
-            
+        
+        # Block access to index .diff files (for now)
+        if 'Packages.diff' in segments or 'Sources.diff' in segments:
+            return None, ()
+         
         if len(name) > 1:
             # It's a request from apt
             return FileDownloader(self.directory.path, self.manager), segments[0:]
@@ -258,7 +263,7 @@ if __name__ == '__builtin__':
                 return [{'pieces': 'abcdefghij0123456789\xca\xec\xb8\x0c\x00\xe7\x07\xf8~])\x8f\x9d\xe5_B\xff\x1a\xc4!'}]
             return [{'path': FilePath(os.path.expanduser('~/school/optout'))}]
     
-    t = TopLevel(FilePath(os.path.expanduser('~')), DB(), None)
+    t = TopLevel(FilePath(os.path.expanduser('~')), DB(), None, 0)
     factory = t.getHTTPFactory()
     
     # Standard twisted application Boilerplate