add filter_private_ips option to discard private IPs.

Might be used when tracker is behind reverse proxy and one of provided addresses in `real_ip_header` is private/local address. Additional changes: * check if provided address is not multicast/broadcast * configure `http.Server.ReadHeaderTimeout` with `http.ReadTimeout` to mitigate Slowloris * update dependencies * minor docs fixes
2026-05-19 22:34:47 -07:00 · 2022-07-23 15:30:12 +03:00
parent 3e36ad7cbf
commit 96653c45a3
13 changed files with 125 additions and 63 deletions
--- a/bittorrent/sanitize.go
+++ b/bittorrent/sanitize.go
@@ -15,13 +15,13 @@ var (

 // SanitizeAnnounce enforces a max and default NumWant and coerces the peer's
 // IP address into the proper format.
-func SanitizeAnnounce(r *AnnounceRequest, maxNumWant, defaultNumWant uint32) error {
+func SanitizeAnnounce(r *AnnounceRequest, maxNumWant, defaultNumWant uint32, filterPrivate bool) error {
 	logger.Trace().Object("request", r).Msg("source announce")
 	if r.Port == 0 {
 		return ErrInvalidPort
 	}

-	if !r.Validate() {
+	if !r.Sanitize(filterPrivate) {
 		return ErrInvalidIP
 	}

@@ -37,13 +37,13 @@ func SanitizeAnnounce(r *AnnounceRequest, maxNumWant, defaultNumWant uint32) err

 // SanitizeScrape enforces a max number of infohashes for a single scrape
 // request and checks if addresses are valid.
-func SanitizeScrape(r *ScrapeRequest, maxScrapeInfoHashes uint32) error {
+func SanitizeScrape(r *ScrapeRequest, maxScrapeInfoHashes uint32, filterPrivate bool) error {
 	logger.Trace().Object("request", r).Msg("source scrape")
 	if len(r.InfoHashes) > int(maxScrapeInfoHashes) {
 		r.InfoHashes = r.InfoHashes[:maxScrapeInfoHashes]
 	}

-	if !r.Validate() {
+	if !r.Sanitize(filterPrivate) {
 		return ErrInvalidIP
 	}