diff --git a/Cargo.lock b/Cargo.lock index e64eb51..af065b1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -551,7 +551,7 @@ dependencies = [ [[package]] name = "datatrash" -version = "2.4.0" +version = "2.4.1" dependencies = [ "actix-files", "actix-governor", diff --git a/Cargo.toml b/Cargo.toml index 5a16295..dc42810 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "datatrash" -version = "2.4.0" +version = "2.4.1" authors = ["neri"] edition = "2021" diff --git a/src/deleter.rs b/src/deleter.rs index 1c3c986..a8af24b 100644 --- a/src/deleter.rs +++ b/src/deleter.rs @@ -24,7 +24,7 @@ pub(crate) async fn delete_old_files( .fetch(&db); while let Some(row) = rows.try_next().await? { let file_id: String = row.try_get("file_id").expect("we selected this column"); - delete_content(&file_id, &files_dir).await? + delete_content(&file_id, &files_dir).await?; } sqlx::query("DELETE FROM files WHERE valid_till < $1") diff --git a/src/rate_limit.rs b/src/rate_limit.rs index c277706..c6c8dc4 100644 --- a/src/rate_limit.rs +++ b/src/rate_limit.rs @@ -19,11 +19,21 @@ impl KeyExtractor for ForwardedPeerIpKeyExtractor { fn extract(&self, req: &ServiceRequest) -> Result { let forwarded_for = req.headers().get("x-forwarded-for"); - if self.proxied && forwarded_for.is_some() { - read_forwareded_for(forwarded_for).map_err(SimpleKeyExtractionError::new) + let mut ip = if self.proxied && forwarded_for.is_some() { + read_forwareded_for(forwarded_for).map_err(SimpleKeyExtractionError::new)? } else { - PeerIpKeyExtractor.extract(req) + PeerIpKeyExtractor.extract(req)? + }; + + // only keep the first /56 for ipv6 addresses + // mask 0xffff_ffff_ffff_ff00_0000_0000_0000_0000 + if let IpAddr::V6(ipv6) = ip { + let mut octets = ipv6.octets(); + octets[7..16].fill(0); + ip = IpAddr::V6(octets.into()); } + + Ok(ip) } fn exceed_rate_limit_response(