[csw-devel] SF.net SVN: opencsw:[412] catalog_signatures/lib/csw/gpg_daemon.rb

bdwalton at users.sourceforge.net bdwalton at users.sourceforge.net
Thu Jul 21 05:03:00 CEST 2011


Revision: 412
          http://opencsw.svn.sourceforge.net/opencsw/?rev=412&view=rev
Author:   bdwalton
Date:     2011-07-21 03:03:00 +0000 (Thu, 21 Jul 2011)

Log Message:
-----------
streamline path validation now that we have multiple mounts in webrick (no need for separate method)

Signed-off-by: Ben Walton <bwalton at artsci.utoronto.ca>

Modified Paths:
--------------
    catalog_signatures/lib/csw/gpg_daemon.rb

Modified: catalog_signatures/lib/csw/gpg_daemon.rb
===================================================================
--- catalog_signatures/lib/csw/gpg_daemon.rb	2011-07-21 03:02:37 UTC (rev 411)
+++ catalog_signatures/lib/csw/gpg_daemon.rb	2011-07-21 03:03:00 UTC (rev 412)
@@ -12,17 +12,21 @@
   def do_GET(request, response)
     mode, *rest = request.path.split('/')[1..-1]
     mode = 'detach-sign' if mode.eql?('detachsign')
+    cat_reg = "^/(detachsign|clearsign)/#{@catalog_path}(/catalog)*"
+    cmd = "#{@gpg} --#{mode} '#{@catalog_file}'"
 
-    p = validate_path(rest.join('/'))
-
     response['Content-type'] = 'text/plain'
 
-    if p
-      cmd = "#{@gpg} --#{mode} '#{p}'"
-      content = `#{cmd}`
-      if $?.exitstatus.eql?(0)
-        response.status = 200
-        response.body = content
+    if request.path.match(cat_reg)
+      if File.exists?(@catalog_file)
+        content = `#{cmd}`
+        if $?.exitstatus.eql?(0)
+          response.status = 200
+          response.body = content
+        else
+          response.status = 500
+          response.body = "500 There was a problem processing the request."
+        end
       else
         response.status = 500
         response.body = "500 There was a problem processing the request."
@@ -32,32 +36,4 @@
       response.body = "400 Invalid request."
     end
   end
-
-  private
-  def validate_path(path)
-
-    begin
-      parts = path.split('/')
-      cat_file = File.join(@mirror_path, path, 'catalog')
-
-      return false unless parts.size.eql?(3)
-
-      begin
-        cat_stat = File.stat(cat_file)
-        return false unless cat_stat.file? or cat.stat.symlink?
-      rescue Errno::ENOENT, Errno::ENOTDIR => e
-        #FIXME: Use the webrick logger here...
-        $stderr.puts "Bad catalog file lookup on #{cat_file}"
-        return false
-      end
-
-      return cat_file
-    rescue => e
-      # if we missed something here, we should log it, but return
-      # false to prevent leaking something
-      # FIXME: Use the webrick logger here...
-      #stderr.puts "Rescued exception: #{e.class} -> #{e.message}"
-      return false
-    end
-  end
 end


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


More information about the devel mailing list