From abffa184870bd7c33d999bb475f05100b2e94475 Mon Sep 17 00:00:00 2001
From: Corey Donohoe <atmos@atmos.org>
Date: Mon, 13 Dec 2010 23:48:03 -0800
Subject: [PATCH 1/4] filter private ips that aren't normally accessible

---
 server.coffee      | 10 ++++++++--
 test/proxy_test.rb | 18 ++++++++++++++++++
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/server.coffee b/server.coffee
index 2c07f27..df96284 100644
--- a/server.coffee
+++ b/server.coffee
@@ -15,6 +15,12 @@ log = (msg) ->
     console.log(msg)
     console.log("--------------------------------------------")
 
+RESTRICTED_IPS = /// ^(
+    10\.0    # 10.0.0.0/8
+   |172\.16  # 172.16.0.0/16
+   |192\.168 # 192.168.0.0/24
+) ///
+
 server = Http.createServer (req, resp) ->
   if req.method != 'GET' || req.url == '/'
     resp.writeHead 200
@@ -52,7 +58,7 @@ server = Http.createServer (req, resp) ->
       if hmac_digest == query_digest
         url = Url.parse query_params.url
 
-        if url.host?
+        if url.host? && !url.host.match(RESTRICTED_IPS)
           src = Http.createClient url.port || 80, url.hostname
 
           src.on 'error', (error) ->
@@ -112,7 +118,7 @@ server = Http.createServer (req, resp) ->
           srcReq.end()
 
         else
-          four_oh_four("No host found")
+          four_oh_four("No host found #{url.host}")
       else
         four_oh_four("checksum mismatch #{hmac_digest}:#{query_digest}")
     else
diff --git a/test/proxy_test.rb b/test/proxy_test.rb
index 452f84d..358068c 100644
--- a/test/proxy_test.rb
+++ b/test/proxy_test.rb
@@ -62,4 +62,22 @@ def test_404s_on_non_image_content_type
       request('https://github.com/atmos/cinderella/raw/master/bootstrap.sh')
     end
   end
+
+  def test_404s_on_10_0_ip_range
+    assert_raise RestClient::ResourceNotFound do
+      request('http://10.0.0.1/foo.cgi')
+    end
+  end
+
+  def test_404s_on_172_16_ip_range
+    assert_raise RestClient::ResourceNotFound do
+      request('http://172.16.0.1/foo.cgi')
+    end
+  end
+
+  def test_404s_on_192_168_ip_range
+    assert_raise RestClient::ResourceNotFound do
+      request('http://192.168.0.1/foo.cgi')
+    end
+  end
 end

From 8f69a6327d795114c812eac3ff57ba627fd0db17 Mon Sep 17 00:00:00 2001
From: Corey Donohoe <atmos@atmos.org>
Date: Tue, 14 Dec 2010 00:44:36 -0800
Subject: [PATCH 2/4] i really fucked that first regexp up :\

---
 server.coffee      | 6 +-----
 test/proxy_test.rb | 8 +++++---
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/server.coffee b/server.coffee
index df96284..b336393 100644
--- a/server.coffee
+++ b/server.coffee
@@ -15,11 +15,7 @@ log = (msg) ->
     console.log(msg)
     console.log("--------------------------------------------")
 
-RESTRICTED_IPS = /// ^(
-    10\.0    # 10.0.0.0/8
-   |172\.16  # 172.16.0.0/16
-   |192\.168 # 192.168.0.0/24
-) ///
+RESTRICTED_IPS = /^(10\.)|(127\.)|(192\.168)|(172\.(1[6-9])|(2[0-9])|(3[0-1]))/
 
 server = Http.createServer (req, resp) ->
   if req.method != 'GET' || req.url == '/'
diff --git a/test/proxy_test.rb b/test/proxy_test.rb
index 358068c..61b156d 100644
--- a/test/proxy_test.rb
+++ b/test/proxy_test.rb
@@ -69,9 +69,11 @@ def test_404s_on_10_0_ip_range
     end
   end
 
-  def test_404s_on_172_16_ip_range
-    assert_raise RestClient::ResourceNotFound do
-      request('http://172.16.0.1/foo.cgi')
+  16.upto(31) do |i|
+    define_method :"test_404s_on_172_#{i}_ip_range" do
+      assert_raise RestClient::ResourceNotFound do
+        request("http://172.#{i}.0.1/foo.cgi")
+      end
     end
   end
 

From 108045f5bc23d8ed5f2e1520f2d3a6570b3dcf4a Mon Sep 17 00:00:00 2001
From: Corey Donohoe <atmos@atmos.org>
Date: Tue, 14 Dec 2010 00:46:59 -0800
Subject: [PATCH 3/4] do 169.254 too

---
 server.coffee      | 2 +-
 test/proxy_test.rb | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/server.coffee b/server.coffee
index b336393..cfbd6ae 100644
--- a/server.coffee
+++ b/server.coffee
@@ -15,7 +15,7 @@ log = (msg) ->
     console.log(msg)
     console.log("--------------------------------------------")
 
-RESTRICTED_IPS = /^(10\.)|(127\.)|(192\.168)|(172\.(1[6-9])|(2[0-9])|(3[0-1]))/
+RESTRICTED_IPS = /^(10\.)|(127\.)|(169\.254)|(192\.168)|(172\.(1[6-9])|(2[0-9])|(3[0-1]))/
 
 server = Http.createServer (req, resp) ->
   if req.method != 'GET' || req.url == '/'
diff --git a/test/proxy_test.rb b/test/proxy_test.rb
index 61b156d..b1e6916 100644
--- a/test/proxy_test.rb
+++ b/test/proxy_test.rb
@@ -77,6 +77,12 @@ def test_404s_on_10_0_ip_range
     end
   end
 
+  def test_404s_on_169_254_ip_range
+    assert_raise RestClient::ResourceNotFound do
+      request('http://169.254.0.1/foo.cgi')
+    end
+  end
+
   def test_404s_on_192_168_ip_range
     assert_raise RestClient::ResourceNotFound do
       request('http://192.168.0.1/foo.cgi')

From d90b212b8fbd032ee3d7d73da41dd7bd260dbc59 Mon Sep 17 00:00:00 2001
From: Corey Donohoe <atmos@atmos.org>
Date: Tue, 14 Dec 2010 01:58:29 -0800
Subject: [PATCH 4/4] allow for environmental variables to be blacklisted

---
 server.coffee      | 5 +++++
 test/proxy_test.rb | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/server.coffee b/server.coffee
index cfbd6ae..2c5e15b 100644
--- a/server.coffee
+++ b/server.coffee
@@ -6,6 +6,7 @@ QueryString = require 'querystring'
 
 port            = parseInt process.env.PORT        || 8081
 version         = "0.3.0"
+excluded        = process.env.CAMO_HOST_EXCLUSIONS || '*.example.org'
 shared_key      = process.env.CAMO_KEY             || '0x24FEEDFACEDEADBEEFCAFE'
 logging_enabled = process.env.CAMO_LOGGING_ENABLED || "disabled"
 
@@ -15,6 +16,7 @@ log = (msg) ->
     console.log(msg)
     console.log("--------------------------------------------")
 
+EXCLUDED_HOSTS = new RegExp(excluded.replace(".", "\\.").replace("*", "\\.*"))
 RESTRICTED_IPS = /^(10\.)|(127\.)|(169\.254)|(192\.168)|(172\.(1[6-9])|(2[0-9])|(3[0-1]))/
 
 server = Http.createServer (req, resp) ->
@@ -55,6 +57,9 @@ server = Http.createServer (req, resp) ->
         url = Url.parse query_params.url
 
         if url.host? && !url.host.match(RESTRICTED_IPS)
+          if url.host.match(EXCLUDED_HOSTS)
+            return four_oh_four("Hitting excluded hostnames")
+
           src = Http.createClient url.port || 80, url.hostname
 
           src.on 'error', (error) ->
diff --git a/test/proxy_test.rb b/test/proxy_test.rb
index b1e6916..4c49308 100644
--- a/test/proxy_test.rb
+++ b/test/proxy_test.rb
@@ -88,4 +88,10 @@ def test_404s_on_192_168_ip_range
       request('http://192.168.0.1/foo.cgi')
     end
   end
+
+  def test_404s_on_environmental_excludes
+    assert_raise RestClient::ResourceNotFound do
+      request('http://iphone.internal.example.org/foo.cgi')
+    end
+  end
 end