[csw-devel] SF.net SVN: opencsw:[398] catalog_signatures/catalog_gpg

bdwalton at users.sourceforge.net bdwalton at users.sourceforge.net
Thu Jul 21 04:57:36 CEST 2011


Revision: 398
          http://opencsw.svn.sourceforge.net/opencsw/?rev=398&view=rev
Author:   bdwalton
Date:     2011-07-21 02:57:36 +0000 (Thu, 21 Jul 2011)

Log Message:
-----------
initial proof of concept for a restful catalog signing daemon

Signed-off-by: Ben Walton <bwalton at artsci.utoronto.ca>

Added Paths:
-----------
    catalog_signatures/catalog_gpg

Added: catalog_signatures/catalog_gpg
===================================================================
--- catalog_signatures/catalog_gpg	                        (rev 0)
+++ catalog_signatures/catalog_gpg	2011-07-21 02:57:36 UTC (rev 398)
@@ -0,0 +1,80 @@
+#!/usr/bin/env ruby
+
+require 'webrick'
+require 'pp'
+
+class GPGDaemon < WEBrick::HTTPServlet::AbstractServlet
+  VALID_TREES = %w(unstable current)
+  VALID_ARCHES = %w(i386 sparc)
+  VALID_RELEASE = %w(5.9 5.10 5.11)
+
+  def initialize(server, mirror_path)
+    @mirror_path = mirror_path
+    @gpg = "gpg --batch --yes --no-tty -a --output /dev/stdout"
+  end
+
+  def do_GET(request, response)
+    mode, *rest = request.path.split('/')[1..-1]
+    mode = 'detach-sign' if mode.eql?('detachsign')
+
+    tmp = File.join(@mirror_path, rest.join('.'))
+    p = validate_path(rest.join('/'))
+
+    if p
+      cmd = "#{@gpg} --#{mode} '#{p}'"
+      content = `cmd`
+      if $?.eql?(0)
+        response.status = 200
+        response['Content-type'] = 'text/plain'
+        response.body = content
+      else
+        response.status = 500
+        response['Content-type'] = 'text/plain'
+        response.body = "500 There was a problem processing the request."
+      end
+    else
+      response.status = 400
+      response['Content-type'] = 'text/plain'
+      response.body = "400 Invalid request."
+    end
+  end
+
+  private
+  def validate_path(path)
+
+    begin
+      parts = path.split('/')
+      cat_file = File.join(@mirror_path, path, 'catalog')
+
+      return false unless parts.size.eql?(3)
+      return false unless VALID_TREES.include?(parts[0])
+      return false unless VALID_ARCHES.include?(parts[1])
+      return false unless VALID_RELEASE.include?(parts[2])
+
+      begin
+        cat_stat = File.stat(cat_file)
+        return false unless cat_stat.file? or cat.stat.symlink?
+      rescue Errno::ENOENT, Errno::ENOTDIR => e
+        #FIXME: Use the webrick logger here...
+        $stderr.puts "Bad catalog file lookup on #{cat_file}"
+        return false
+      end
+
+      return cat_file
+    rescue => e
+      # if we missed something here, we should log it, but return
+      # false to prevent leaking something
+      # FIXME: Use the webrick logger here...
+      #stderr.puts "Rescued exception: #{e.class} -> #{e.message}"
+      return false
+    end
+  end
+end
+
+mirror_path = File.dirname($0)
+
+server = WEBrick::HTTPServer.new({ :Port => 9981 })
+server.mount "/clearsign", GPGDaemon, mirror_path
+server.mount "/detachsign", GPGDaemon, mirror_path
+trap('INT') { server.shutdown }
+server.start


Property changes on: catalog_signatures/catalog_gpg
___________________________________________________________________
Added: svn:executable
   + *


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


More information about the devel mailing list