config: remove banned_ip_for_download? option.

* Remove `banned_ip_for_download?` config option. This isn't something that usually needs to be configured. * Replace the `ipaddress` gem with `ipaddress_2`. The `ipaddress` gem has several methods we need (`link_local?`, etc) that are only available in master because the gem hasn't had an official release in several years. `ipaddress_2` is a fork that is more actively maintained.
2020-06-02 15:32:19 -05:00
parent 63f675b7d6
commit 9997db44d8
4 changed files with 15 additions and 38 deletions
--- a/app/logical/downloads/file.rb
+++ b/app/logical/downloads/file.rb
@@ -95,15 +95,25 @@ module Downloads
      ip_addr = IPAddr.new(Resolv.getaddress(url.hostname))
      CloudflareService.new.ips.any? { |subnet| subnet.include?(ip_addr) }
    end
+
+    def self.banned_ip?(ip)
+      ip = IPAddress.parse(ip.to_s) unless ip.is_a?(IPAddress)
+
+      if ip.ipv4?
+        ip.loopback? || ip.link_local? || ip.multicast? || ip.private?
+      elsif ip.ipv6?
+        ip.loopback? || ip.link_local? || ip.unique_local? || ip.unspecified?
+      end
+    end
  end

  # Hook into HTTParty to validate the IP before following redirects.
  # https://www.rubydoc.info/github/jnunemaker/httparty/HTTParty/ConnectionAdapter
  class ValidatingConnectionAdapter < HTTParty::ConnectionAdapter
    def self.call(uri, options)
-      ip_addr = IPAddr.new(::Resolv.getaddress(uri.hostname))
+      ip_addr = IPAddress.parse(::Resolv.getaddress(uri.hostname))

-      if Danbooru.config.banned_ip_for_download?(ip_addr)
+      if Downloads::File.banned_ip?(ip_addr)
        raise Downloads::File::Error, "Downloads from #{ip_addr} are not allowed"
      end