diff options
author | Matthew Gamble | 2021-03-26 10:22:43 +1100 |
---|---|---|
committer | Matthew Gamble | 2021-03-26 10:22:43 +1100 |
commit | 00f8289cc66e7fd93f7193b5d648338bad579a66 (patch) | |
tree | c61c71b1785dc7569f071a386a47f7d6319e2da1 | |
parent | 46ce0cec730099f9df08fbcb91da6b4041eff239 (diff) | |
download | aur-00f8289cc66e7fd93f7193b5d648338bad579a66.tar.gz |
Apply patch
-rw-r--r-- | .SRCINFO | 5 | ||||
-rw-r--r-- | PKGBUILD | 9 | ||||
-rw-r--r-- | customise-server-host-addr.patch | 36 |
3 files changed, 47 insertions, 3 deletions
@@ -1,16 +1,19 @@ pkgbase = snapdrop pkgdesc = A Progressive Web App for local file sharing pkgver = 2021.03.10 - pkgrel = 1 + pkgrel = 2 url = https://github.com/RobinLinus/snapdrop arch = any license = GPL3 + license = MIT makedepends = npm depends = nodejs source = https://github.com/RobinLinus/snapdrop/archive/fad4632eb903ea6de9ecbec90df0ac6bd7410e68.tar.gz source = example-nginx.conf + source = customise-server-host-addr.patch sha256sums = 8886ae45aa5910606c8125e27cc589ae26fe162eedc11a396ca864f4788f2c2a sha256sums = a20b5daf7e2b49d0dc54e93911e22b2fea244ecf2ef3ee58960e3c2aacde586a + sha256sums = c91545d65af2bfd6f09e05c7263b00340a98870ee9f3ded7447891e56b296fb6 pkgname = snapdrop @@ -2,7 +2,7 @@ pkgname="snapdrop" pkgver=2021.03.10 -pkgrel=1 +pkgrel=2 _githash="fad4632eb903ea6de9ecbec90df0ac6bd7410e68" pkgdesc="A Progressive Web App for local file sharing" url="https://github.com/RobinLinus/snapdrop" @@ -13,14 +13,19 @@ makedepends=("npm") source=( "https://github.com/RobinLinus/snapdrop/archive/${_githash}.tar.gz" "example-nginx.conf" + "customise-server-host-addr.patch" ) sha256sums=( "8886ae45aa5910606c8125e27cc589ae26fe162eedc11a396ca864f4788f2c2a" "a20b5daf7e2b49d0dc54e93911e22b2fea244ecf2ef3ee58960e3c2aacde586a" + "c91545d65af2bfd6f09e05c7263b00340a98870ee9f3ded7447891e56b296fb6" ) prepare() { - cd "snapdrop-${_githash}/server" + cd "snapdrop-${_githash}" + patch -p1 < "${srcdir}/customise-server-host-addr.patch" + + cd "server" npm ci } diff --git a/customise-server-host-addr.patch b/customise-server-host-addr.patch new file mode 100644 index 000000000000..15873f5d3b6a --- /dev/null +++ b/customise-server-host-addr.patch @@ -0,0 +1,36 @@ +From 0bd29cad075b9345c62d16b504d4cbcaf63f7b2c Mon Sep 17 00:00:00 2001 +From: Matthew Gamble <git@matthewgamble.net> +Date: Fri, 26 Mar 2021 10:07:18 +1100 +Subject: [PATCH] Allow selection of which network interface(s) to bind to + +This is important for security reasons, as it allows someone to lock +down who can talk directly to the Snapdrop server. If someone wants to +run Snapdrop behind a reverse proxy (for example), it doesn't help if +someone can still talk directly to the Nodejs process. +--- + server/index.js | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/server/index.js b/server/index.js +index 38fa399..b2b2c87 100644 +--- a/server/index.js ++++ b/server/index.js +@@ -16,9 +16,9 @@ const { uniqueNamesGenerator, animals, colors } = require('unique-names-generato + + class SnapdropServer { + +- constructor(port) { ++ constructor(host, port) { + const WebSocket = require('ws'); +- this._wss = new WebSocket.Server({ port: port }); ++ this._wss = new WebSocket.Server({ host: host, port: port }); + this._wss.on('connection', (socket, request) => this._onConnection(new Peer(socket, request))); + this._wss.on('headers', (headers, response) => this._onHeaders(headers, response)); + +@@ -288,4 +288,4 @@ Object.defineProperty(String.prototype, 'hashCode', { + } + }); + +-const server = new SnapdropServer(process.env.PORT || 3000); +\ No newline at end of file ++const server = new SnapdropServer(process.env.HOST || null, process.env.PORT || 3000); |