aboutsummaryrefslogtreecommitdiff
path: root/captain
diff options
context:
space:
mode:
Diffstat (limited to 'captain')
-rw-r--r--captain/api.f9026
-rw-r--r--captain/db.f9020
-rw-r--r--captain/external.f9016
-rw-r--r--captain/gemini.f9015
-rw-r--r--captain/levitating-captain.prj3
-rw-r--r--captain/queryutils.f9012
-rw-r--r--captain/response.f902
-rw-r--r--captain/security.f90107
8 files changed, 188 insertions, 13 deletions
diff --git a/captain/api.f90 b/captain/api.f90
index 4d9545e..7b99ec7 100644
--- a/captain/api.f90
+++ b/captain/api.f90
@@ -182,6 +182,7 @@ contains
use server_response
use special_filenames
use logging
+ use security, only: validate_token => validate_titan_token
implicit none
type(titan_request), intent(in)::req
@@ -200,20 +201,25 @@ contains
! Task - "/api/player/{name}/job/{jobid}/task/{task num}"
if(trim(req%component(2)) == "player" .and. &
trim(req%component(4)) == "job" .and. &
- trim(req%component(6)) == "task") then
+ trim(req%component(6)) == "task") &
+ then
- job_id = req%path_component_int(5)
+ if(validate_token(req%token, req%component(3))) then
+
+ job_id = req%path_component_int(5)
- task_num = req%path_component_int(7)
+ task_num = req%path_component_int(7)
- write(job_text, '(I6)') job_id
- write(task_text, '(I6)') task_num
-
- call write_log("Handling a task update for job "//trim(job_text)//" task "//trim(task_text), LOG_INFO)
- call handle_task_request(req)
+ write(job_text, '(I6)') job_id
+ write(task_text, '(I6)') task_num
+
+ call write_log("Handling a task update for job "//trim(job_text)//" task "//trim(task_text), LOG_INFO)
+ call handle_task_request(req)
+
+ fullpath => get_task_result_static_filename(job_id, task_num)
+
+ end if
- fullpath => get_task_result_static_filename(job_id, task_num)
-
end if
if(associated(fullpath)) then
diff --git a/captain/db.f90 b/captain/db.f90
index 1f9bc01..448c17d 100644
--- a/captain/db.f90
+++ b/captain/db.f90
@@ -146,6 +146,26 @@ contains
end subroutine update_player_token_db
+ subroutine get_player_token_db(name, token)
+ implicit none
+
+ character(*), intent(in)::name
+ character(*), intent(out)::token
+ type(sqlite3_stmt)::stmt
+
+ token = " "
+
+ if(stmt%prepare(db, "SELECT token FROM players WHERE name=?") == SQLITE_OK) then
+ if(stmt%bind_text(1, name) == SQLITE_OK ) then
+ if(stmt%step() == SQLITE_ROW) then
+ call stmt%column_text(0, token)
+ end if
+ end if
+ end if
+ call stmt%finalize()
+
+ end subroutine get_player_token_db
+
function player_has_token_db(name)
implicit none
diff --git a/captain/external.f90 b/captain/external.f90
index edbe997..f5ba409 100644
--- a/captain/external.f90
+++ b/captain/external.f90
@@ -685,19 +685,33 @@ contains
function external_request_titan(req) result(resp)
use server_response
use special_filenames
+ use query_utilities
+ use security
use logging
implicit none
type(titan_request), intent(in)::req
type(response)::resp
+ type(query)::q
+
character(len=:), pointer::fullpath
character(12)::job_text, task_text
integer::job_id, task_num
+ logical::proceed_to_create_filename
+
character(64)::msg
- fullpath => get_full_filename_from_request(req)
+ fullpath => null()
+
+ proceed_to_create_filename = .false.
+
+ proceed_to_create_filename = validate_titan_token(req%token)
+
+ if(proceed_to_create_filename) then
+ fullpath => get_full_filename_from_request(req)
+ end if
if(associated(fullpath)) then
diff --git a/captain/gemini.f90 b/captain/gemini.f90
index ff83554..6070dbe 100644
--- a/captain/gemini.f90
+++ b/captain/gemini.f90
@@ -32,6 +32,7 @@ contains
subroutine read_request(ssl, req)
use jessl, only: ssl_read
use iso_c_binding
+ use logging
implicit none
type(c_ptr)::ssl
@@ -44,8 +45,9 @@ contains
req = " "
i = 1
-
+ call sleep(1)
bufread = ssl_read(ssl, buf)
+
do while(bufread > 0)
do j = 1, bufread
@@ -60,6 +62,11 @@ contains
end do
+ if(j > bufread) then
+ j = bufread
+ end if
+
+
if(buf(j) == c_new_line) then
exit
end if
@@ -67,6 +74,8 @@ contains
bufread = ssl_read(ssl, buf)
end do
+ call write_log("Request Read: "//trim(req), LOG_DEBUG)
+
end subroutine read_request
function read_into_buffer(unit_number, buffer)
@@ -288,6 +297,7 @@ contains
call req%path_component(1, first)
if(trim(first) == 'api') then
call write_log("API call encountered", LOG_DEBUG)
+
if(req%protocol == "gemini") then
resp = api_request_gemini(req)
call write_log("resp filename is: '"//trim(resp%body_filename)//"'", LOG_DEBUG)
@@ -295,13 +305,16 @@ contains
call treq%init_from_request(req, ssl)
resp = api_request_titan(treq)
end if
+
else
+
if(req%protocol == "gemini") then
resp = external_request_gemini(req)
else if(req%protocol == "titan") then
call treq%init_from_request(req, ssl)
resp = external_request_titan(treq)
end if
+
end if
call write_log("Handling response", LOG_DEBUG)
diff --git a/captain/levitating-captain.prj b/captain/levitating-captain.prj
index 392ac52..0e786f6 100644
--- a/captain/levitating-captain.prj
+++ b/captain/levitating-captain.prj
@@ -113,6 +113,9 @@
"filename":"response.f90",
"enabled":"1"
},{
+ "filename":"security.f90",
+ "enabled":"1"
+ },{
"filename":"special.f90",
"enabled":"1"
},{
diff --git a/captain/queryutils.f90 b/captain/queryutils.f90
index 550a2f3..00a914b 100644
--- a/captain/queryutils.f90
+++ b/captain/queryutils.f90
@@ -48,6 +48,7 @@ implicit none
procedure :: component_count => query_component_count
procedure :: get_value_by_index => get_query_value_from_index
procedure :: get_value_by_key => get_query_value_from_key
+ procedure :: has_key => query_has_key
generic, public :: get_value => get_value_by_index, get_value_by_key
@@ -240,4 +241,15 @@ contains
end function get_query_value_from_key
+ function query_has_key(self, key)
+ implicit none
+
+ class(query), intent(in)::self
+ character(*), intent(in)::key
+ logical::query_has_key
+
+ query_has_key = associated(self%get_value_by_key(key))
+
+ end function query_has_key
+
end module query_utilities
diff --git a/captain/response.f90 b/captain/response.f90
index e743d0d..b091a42 100644
--- a/captain/response.f90
+++ b/captain/response.f90
@@ -503,7 +503,7 @@ contains
if(j<=0) then
j = n
else
- j = j+i
+ j = j+i-1
end if
i = i + label_width + 2
diff --git a/captain/security.f90 b/captain/security.f90
new file mode 100644
index 0000000..2f5fa4c
--- /dev/null
+++ b/captain/security.f90
@@ -0,0 +1,107 @@
+! Copyright (c) 2021 Approximatrix, LLC <support@approximatrix.com>
+!
+! Permission is hereby granted, free of charge, to any person obtaining a copy
+! of this software and associated documentation files (the "Software"), to deal
+! in the Software without restriction, including without limitation the rights
+! to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+! copies of the Software, and to permit persons to whom the Software is
+! furnished to do so, subject to the following conditions:
+!
+! The above copyright notice and this permission notice shall be included in
+! all copies or substantial portions of the Software.
+!
+! The Software shall be used for Good, not Evil.
+!
+! THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+! IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+! FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+! AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+! LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+! OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+! SOFTWARE.
+
+module security
+implicit none
+
+contains
+
+ function validate_titan_token(token_string, player_name)
+ use captain_db
+ use logging
+ implicit none
+
+ character(*), intent(in)::token_string
+ character(*), intent(in), optional::player_name
+ logical::validate_titan_token
+ character(len=:), pointer::dbtoken, internal_player
+
+ integer::player_id, i, j
+
+ validate_titan_token = .false.
+
+ i = index(token_string, ":")
+ j = len_trim(token_string)
+
+ if(present(player_name)) then
+
+ allocate(character(len=len_trim(player_name)) :: internal_player)
+ internal_player = player_name
+
+ else
+
+ if(i > 0) then
+ allocate(character(len=i-1) :: internal_player)
+ internal_player = token_string(1:i-1)
+ end if
+
+ end if
+
+ if(associated(internal_player)) then
+
+ player_id = get_player_id(internal_player)
+ if(player_id >= 0) then
+
+ if(.not. player_has_token_db(internal_player)) then
+
+ validate_titan_token = .true.
+
+ else
+
+ allocate(character(len=(len_trim(token_string) + 1)) :: dbtoken)
+ dbtoken = " "
+
+ call get_player_token_db(internal_player, dbtoken)
+
+ if(i <= 0) then
+ i = 1
+ else
+ i = i + 1
+ end if
+
+ call write_log("Tokens '"//trim(dbtoken)//"' vs. '"//token_string(i:j)//"'")
+
+ validate_titan_token = (trim(dbtoken) == token_string(i:j))
+
+ deallocate(dbtoken)
+
+ end if
+
+ end if
+
+ if(validate_titan_token) then
+ call write_log("Titan token valid for "//trim(internal_player))
+ else
+ call write_log("Titan token FAILURE for "//trim(internal_player))
+ end if
+
+ deallocate(internal_player)
+
+ else
+
+ call write_log("Titan token did not include a player - REJECTED")
+
+ end if
+
+ end function validate_titan_token
+
+end module security \ No newline at end of file