mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

improve error message

Browse source 
This commit was sponsored by Jack Hill on Patreon.
This commit is contained in:
Joey Hess 2018-06-19 14:21:41 -04:00
parent 47cd8001bc
commit 923578ad78
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
2 changed files with 18 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Annex/Url.hs
View file

@ -75,11 +75,13 @@ getUrlOptions = Annex.getState Annex.urloptions >>= \case
| isLoopbackAddress addr = False | isLoopbackAddress addr = False
| isPrivateAddress addr = False | isPrivateAddress addr = False
| otherwise = True | otherwise = True
let connectionrestricted = addrConnectionRestricted
("Configuration of annex.security.allowed-http-addresses does not allow accessing address " ++)
let r = Restriction let r = Restriction
{ addressRestriction = \addr -> { addressRestriction = \addr ->
if isallowed (addrAddress addr) if isallowed (addrAddress addr)
then Nothing then Nothing
else Just (addrConnectionRestricted addr) else Just (connectionrestricted addr)
} }
(settings, pr) <- liftIO $ (settings, pr) <- liftIO $
restrictManagerSettings r U.managerSettings restrictManagerSettings r U.managerSettings

25
Utility/HttpManagerRestricted.hs
View file

@ -16,6 +16,7 @@ module Utility.HttpManagerRestricted (
ConnectionRestricted(..), ConnectionRestricted(..),
addrConnectionRestricted, addrConnectionRestricted,
ProxyRestricted(..), ProxyRestricted(..),
IPAddrString,
) where ) where
import Network.HTTP.Client import Network.HTTP.Client
@ -34,25 +35,29 @@ data Restriction = Restriction
{ addressRestriction :: AddrInfo -> Maybe ConnectionRestricted { addressRestriction :: AddrInfo -> Maybe ConnectionRestricted
} }
-- | An exception used to indicate that the connection was restricted.
data ConnectionRestricted = ConnectionRestricted String data ConnectionRestricted = ConnectionRestricted String
deriving (Show, Typeable) deriving (Show, Typeable)
instance Exception ConnectionRestricted instance Exception ConnectionRestricted
addrConnectionRestricted :: AddrInfo -> ConnectionRestricted type IPAddrString = String
addrConnectionRestricted addr = ConnectionRestricted $ unwords
[ "Configuration does not allow accessing address" -- | Constructs a ConnectionRestricted, passing the function a string
, showSockAddress (addrAddress addr) -- containing the IP address.
] addrConnectionRestricted :: (IPAddrString -> String) -> AddrInfo -> ConnectionRestricted
addrConnectionRestricted mkmessage =
ConnectionRestricted . mkmessage . showSockAddress . addrAddress
data ProxyRestricted = ProxyRestricted data ProxyRestricted = ProxyRestricted
deriving (Show) deriving (Show)
-- | Adjusts a ManagerSettings to enforce a Restriction. -- | Adjusts a ManagerSettings to enforce a Restriction. The restriction
-- will be checked each time a Request is made, and for each redirect
-- followed.
-- --
-- This includes checking the http proxy against the Restriction. -- The http proxy is also checked against the Restriction, and if
-- If access to it is blocked, the ManagerSettings will be made to -- access to it is blocked, the http proxy will not be used.
-- not use the proxy.
restrictManagerSettings restrictManagerSettings
:: Restriction :: Restriction
-> ManagerSettings -> ManagerSettings
@ -219,7 +224,7 @@ convertConnection conn = makeConnection
-- For ipv4 and ipv6, the string will contain only the IP address, -- For ipv4 and ipv6, the string will contain only the IP address,
-- omitting the port that the Show instance includes. -- omitting the port that the Show instance includes.
showSockAddress :: SockAddr -> String showSockAddress :: SockAddr -> IPAddrString
showSockAddress a@(SockAddrInet _ _) = showSockAddress a@(SockAddrInet _ _) =
takeWhile (/= ':') $ show a takeWhile (/= ':') $ show a
showSockAddress a@(SockAddrInet6 _ _ _ _) = showSockAddress a@(SockAddrInet6 _ _ _ _) =