Merge pull request #2956 from ipfs/feature/unrestricted-api

Resurrect --unrestricted-api

cmd/ipfs/daemon.go

@@ -134,7 +134,7 @@ Headers.
 		cmds.BoolOption(writableKwd, "Enable writing objects (with POST, PUT and DELETE)").Default(false),
 		cmds.StringOption(ipfsMountKwd, "Path to the mountpoint for IPFS (if using --mount). Defaults to config setting."),
 		cmds.StringOption(ipnsMountKwd, "Path to the mountpoint for IPNS (if using --mount). Defaults to config setting."),
-		cmds.BoolOption(unrestrictedApiAccessKwd, "This option has no effect since v0.4.3").Default(false),
+		cmds.BoolOption(unrestrictedApiAccessKwd, "Allow API access to unlisted hashes").Default(false),
 		cmds.BoolOption(unencryptTransportKwd, "Disable transport encryption (for debugging protocols)").Default(false),
 		cmds.BoolOption(enableGCKwd, "Enable automatic periodic repo garbage collection").Default(false),
 		cmds.BoolOption(adjustFDLimitKwd, "Check and raise file descriptor limits if needed").Default(true),
@@ -363,11 +363,24 @@ func serveHTTPApi(req cmds.Request) (error, <-chan error) {
 	apiMaddr = apiLis.Multiaddr()
 	fmt.Printf("API server listening on %s\n", apiMaddr)
 
+	// by default, we don't let you load arbitrary ipfs objects through the api,
+	// because this would open up the api to scripting vulnerabilities.
+	// only the webui objects are allowed.
+	// if you know what you're doing, go ahead and pass --unrestricted-api.
+	unrestricted, _, err := req.Option(unrestrictedApiAccessKwd).Bool()
+	if err != nil {
+		return fmt.Errorf("serveHTTPApi: Option(%s) failed: %s", unrestrictedApiAccessKwd, err), nil
+	}
+	gatewayOpt := corehttp.GatewayOption(corehttp.WebUIPaths...)
+	if unrestricted {
+		gatewayOpt = corehttp.GatewayOption("/ipfs", "/ipns")
+	}
+
 	var opts = []corehttp.ServeOption{
 		corehttp.MetricsCollectionOption("api"),
 		corehttp.CommandsOption(*req.InvocContext()),
 		corehttp.WebUIOption,
-		corehttp.GatewayOption(corehttp.WebUIPaths...),
+		gatewayOpt,
 		corehttp.VersionOption(),
 		defaultMux("/debug/vars"),
 		defaultMux("/debug/pprof/"),

test/Makefile

@@ -7,8 +7,6 @@ RANDOM_FILES_SRC = ../Godeps/_workspace/src/github.com/jbenet/go-random-files
 POLLENDPOINT_SRC= ../thirdparty/pollEndpoint
 GOSLEEP_SRC = ./dependencies/go-sleep
 
-GX_RELATIVE_PATH = gx/ipfs
-
 export PATH := ../bin:${PATH}
 
 # User might want to override those on the command line
@@ -53,16 +51,16 @@ bin/go-sleep: $(call find_go_files, $(GOSLEEP_SRC)) IPFS-BUILD-OPTIONS
 # gx dependencies
 
 multihash_src:
-	$(eval MULTIHASH_HASH := $(shell cd .. && gx deps find go-multihash))
+	$(eval MULTIHASH_HASH := $(shell cd .. && bin/gx deps find go-multihash))
-	$(eval MULTIHASH_SRC := $(GX_RELATIVE_PATH)/$(MULTIHASH_HASH)/go-multihash)
+	$(eval MULTIHASH_SRC := gx/ipfs/$(MULTIHASH_HASH)/go-multihash)
 
 bin/multihash: multihash_src $(call find_go_files, $(MULTIHASH_SRC)) IPFS-BUILD-OPTIONS
 	@echo "*** installing $@ ***"
 	go build $(GOFLAGS) -o bin/multihash $(MULTIHASH_SRC)/multihash
 
 iptb_src:
-	$(eval IPTB_HASH := $(shell cd .. && gx deps find iptb))
+	$(eval IPTB_HASH := $(shell cd .. && bin/gx deps find iptb))
-	$(eval IPTB_SRC := $(GX_RELATIVE_PATH)/$(IPTB_HASH)/iptb)
+	$(eval IPTB_SRC := gx/ipfs/$(IPTB_HASH)/iptb)
 
 bin/iptb: iptb_src $(call find_go_files, $(IPTB_SRC)) IPFS-BUILD-OPTIONS
 	@echo "*** installing $@ ***"

test/sharness/t0110-gateway.sh

@@ -32,10 +32,6 @@ test_expect_success "GET IPFS path output looks good" '
   rm actual
 '
 
-test_expect_success "GET IPFS path on API unavailable" '
-  test_curl_resp_http_code "http://127.0.0.1:$apiport/ipfs/$HASH" "HTTP/1.1 404 Not Found"
-'
-
 test_expect_success "GET IPFS directory path succeeds" '
   mkdir dir &&
   echo "12345" >dir/test &&

test/sharness/t0400-api-security.sh

@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# Copyright (c) 2016 Lars Gierth
+# MIT Licensed; see the LICENSE file in this repository.
+#
+
+test_description="Test API security"
+
+. lib/test-lib.sh
+
+test_init_ipfs
+
+# by default, we don't let you load arbitrary ipfs objects through the api,
+# because this would open up the api to scripting vulnerabilities.
+# only the webui objects are allowed.
+# if you know what you're doing, go ahead and pass --unrestricted-api.
+
+test_launch_ipfs_daemon
+test_expect_success "Gateway on API unavailable" '
+  HASH=$(echo "testing" | ipfs add -q)
+  test_curl_resp_http_code "http://127.0.0.1:$API_PORT/ipfs/$HASH" "HTTP/1.1 404 Not Found"
+'
+test_kill_ipfs_daemon
+
+test_launch_ipfs_daemon --unrestricted-api
+test_expect_success "Gateway on --unrestricted-api API available" '
+  HASH=$(echo "testing" | ipfs add -q)
+  test_curl_resp_http_code "http://127.0.0.1:$API_PORT/ipfs/$HASH" "HTTP/1.1 200 OK"
+'
+test_kill_ipfs_daemon
+
+test_done