Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trying to add a podcast hosted on HTTPS on local network causes INTERNAL_ASSERTION crash #1187

Closed
fmillion-mnsu opened this issue Apr 21, 2024 · 3 comments
Closed

Trying to add a podcast hosted on HTTPS on local network causes INTERNAL_ASSERTION crash #1187

fmillion-mnsu opened this issue Apr 21, 2024 · 3 comments
Labels
bug Something isn't working

Comments

@fmillion-mnsu
Copy link

fmillion-mnsu commented Apr 21, 2024
edited
Loading

I have a perhaps unique use case. I have a series of recordings I want to make available to users accessing ABS in a podcast-like format, but the recordings themselves aren't actually a podcast. So I generated my own XML file for the audio files so that they can be accessed "like a podcast" and hosted the files on a temporary web server. However, I don't want to expose the podcast itself directly, nor do I want to host it on a public facing server with a public IP address. (Only authorized users can access ABS, but anyone could access a public podcast feed.)

I initially tried doing this without SSL and by using direct IP addresses - example, I tried adding http://192.168.32.3:8080/podcast/rss.xml. This failed with this error:

[2024-04-21 02:20:36.374] ERROR: [podcastUtils] getPodcastFeed Error Error: Call to 192.168.32.3 is blocked.
    at agent.createConnection (/node_modules/ssrf-req-filter/lib/index.js:31:13)
    at Agent.createSocket (node:_http_agent:340:26)
    at Agent.addRequest (node:_http_agent:288:10)
    at new ClientRequest (node:_http_client:337:16)
    at Object.request (node:http:103:10)
    at RedirectableRequest._performRequest (/node_modules/follow-redirects/index.js:326:24)
    at new RedirectableRequest (/node_modules/follow-redirects/index.js:100:8)
    at Object.request (/node_modules/follow-redirects/index.js:532:14)
    at dispatchHttpRequest (/node_modules/axios/lib/adapters/http.js:262:25)
    at new Promise (<anonymous>) (podcastUtils.js:265)

I researched this and discovered that the ssrf-req-filter is the culprit here. However, I assumed switching to HTTPS would fix the issue based on some other posts I found regarding issues with non-HTTPS connections. I therefore installed Traefik and setup a subdomain pointing at the LAN address and a DNS-based SSL cert with LetsEncrypt.

Steps to reproduce

  1. Generate a valid podcast XML RSS feed file.

  2. Host the podcast XML and its files on an internal web server (i.e. on a private IP address like 192.168.32.3) but using HTTPS with a valid certificate.

    I accomplished this using Traefik with a DNS-based LetsEncrypt challenge for a domain I own, with a subdomain pointing at the IP address 192.168.32.3.

  3. Access Audiobookshelf's web UI and try to add a podcast XML feed served on this server to Audiobookshelf.

    Example: add https://internal.mydomain.org/podcast/rss.xml

    In this example, internal.mydomain.org points to an internal IP address like 192.168.32.3. A valid SSL certificate generated by LetsEncrypt via DNS challenge exists on the server hosting the file.

Expected behaviour

  • Podcast should be added and episodes should be downloadable

Actual behaviour

  • Audiobookshelf crashes and terminates with this error:
[2024-04-21 02:30:15.086] FATAL: [Server] Uncaught exception origin: uncaughtException, error: Error [ERR_INTERNAL_ASSERTION]: This is caused by either a bug in Node.js or incorrect usage of Node.js internals.
Please open an issue with this stack trace at https://github.com/nodejs/node/issues
    at assert (node:internal/assert:14:11)
    at internalConnect (node:net:1037:3)
    at defaultTriggerAsyncIdScope (node:internal/async_hooks:464:18)
    at GetAddrInfoReqWrap.emitLookup [as callback] (node:net:1481:9)
    at GetAddrInfoReqWrap.onlookupall [as oncomplete] (node:dns:130:8) {
  code: 'ERR_INTERNAL_ASSERTION'
} (Server.js:158)
node:internal/assert:14
    throw new ERR_INTERNAL_ASSERTION(message);
    ^
Error [ERR_INTERNAL_ASSERTION]: This is caused by either a bug in Node.js or incorrect usage of Node.js internals.
Please open an issue with this stack trace at https://github.com/nodejs/node/issues
    at assert (node:internal/assert:14:11)
    at internalConnect (node:net:1037:3)
    at defaultTriggerAsyncIdScope (node:internal/async_hooks:464:18)
    at GetAddrInfoReqWrap.emitLookup [as callback] (node:net:1481:9)
    at GetAddrInfoReqWrap.onlookupall [as oncomplete] (node:dns:130:8) {
  code: 'ERR_INTERNAL_ASSERTION'
}

Node.js v20.11.1

Environment data

Audiobookshelf Version: 2.8.1 (in Docker container)
@fmillion-mnsu fmillion-mnsu added the bug Something isn't working label Apr 21, 2024
@nichwall
Copy link
Contributor

nichwall commented Apr 21, 2024
edited
Loading

Duplicate of advplyr/audiobookshelf#2752. Can't find the exact message, but this should be fixed in the next ABS release because it will be using a newer version of node 20 that includes a fix for the referenced issue.

@advplyr
Copy link
Owner

advplyr commented Apr 21, 2024

Thanks yeah it is this one nodejs/node#47644, node 20 bug.

@advplyr advplyr closed this as not planned Won't fix, can't repro, duplicate, stale Apr 21, 2024
@fmillion-mnsu
Copy link
Author

Thanks. The Node link pointed me to a short-term fix (add NODE_OPTIONS=--no-network-family-autoselection to environment). It appears SSRF still blocks local network access even using HTTPS however.

@fmillion-mnsu fmillion-mnsu mentioned this issue Apr 21, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nichwall @advplyr @fmillion-mnsu