Matthew Penner
d1c0ca5260
server(filesystem): rebuild everything imaginable
...
This wonderfully large commit replaces basically everything under the
`server/filesystem` package, re-implementing essentially everything.
This is related to
https://github.com/pterodactyl/wings/security/advisories/GHSA-494h-9924-xww9
If any vulnerabilities related to symlinks persist after this commit, I
will be very upset.
Signed-off-by: Matthew Penner <me@matthewp.io>
2024-03-13 12:27:29 -06:00
Matthew Penner
93664fd112
router: add additional fields to remote file pull
2022-02-23 15:03:15 -07:00
Matthew Penner
3a738e44d6
run gofumpt
2022-02-23 15:02:19 -07:00
Dane Everitt
34c0db9dff
Replace encoding/json with goccy/go-json for cpu and memory usage improvement
...
This new package has significant better resource usage, and we do a _lot_ of JSON parsing in this application, so any amount of improvement becomes significant
2022-01-23 15:17:40 -05:00
Matthew Penner
2a370a8776
downloader: fix internal range check
2021-08-02 15:16:38 -06:00
Matthew Penner
3c54c1f840
break everything
...
- upgrade dependencies
- run gofmt and goimports to organize code
- fix typos
- other small tweaks
2021-08-02 15:07:00 -06:00
Matthew Penner
00195b4a5b
downloader: properly detect and handle integer IPs
2021-02-12 16:35:51 -07:00
Dane Everitt
96256ac63e
[security] fix vulnerability when handling remote file redirects
...
Also adds the ability for an admin to just completely disable this service if it is not needed on the node.
2021-01-09 17:52:27 -08:00
Dane Everitt
b82f5f9a32
[security] deny downloading files from internal locations
2021-01-06 21:34:18 -08:00
Matthew Penner
3a7c4822f8
Improve logged stacktraces
2020-12-27 13:55:58 -07:00
Dane Everitt
3842f054a5
These need spaces?
2020-12-25 15:14:21 -08:00
Dane Everitt
510d46289b
security: don't reveal wings version in remote API calls
2020-12-25 15:06:17 -08:00
Dane Everitt
f7f5623c71
Set UA and limit simultaneous downloads
2020-12-24 09:01:00 -08:00
Dane Everitt
184013b652
Include endpoints for getting active downloads for a server
2020-12-20 13:14:07 -08:00
Dane Everitt
c8d297a056
Support canceling an in-progress download
2020-12-20 12:53:40 -08:00
Dane Everitt
c718da20e3
Check disk space before trying a write from the downloader; don't make empty directories if we can't even write the file
2020-12-20 11:17:53 -08:00
Dane Everitt
9c53436470
Check disk before even trying to run the download
2020-12-20 11:08:01 -08:00
Dane Everitt
17daa2071f
Update base logic for handling server file downloads
2020-12-20 10:59:07 -08:00