[csw-devel] SF.net SVN: opencsw:[398] catalog_signatures/catalog_gpg
bdwalton at users.sourceforge.net
bdwalton at users.sourceforge.net
Thu Jul 21 04:57:36 CEST 2011
Revision: 398
http://opencsw.svn.sourceforge.net/opencsw/?rev=398&view=rev
Author: bdwalton
Date: 2011-07-21 02:57:36 +0000 (Thu, 21 Jul 2011)
Log Message:
-----------
initial proof of concept for a restful catalog signing daemon
Signed-off-by: Ben Walton <bwalton at artsci.utoronto.ca>
Added Paths:
-----------
catalog_signatures/catalog_gpg
Added: catalog_signatures/catalog_gpg
===================================================================
--- catalog_signatures/catalog_gpg (rev 0)
+++ catalog_signatures/catalog_gpg 2011-07-21 02:57:36 UTC (rev 398)
@@ -0,0 +1,80 @@
+#!/usr/bin/env ruby
+
+require 'webrick'
+require 'pp'
+
+class GPGDaemon < WEBrick::HTTPServlet::AbstractServlet
+ VALID_TREES = %w(unstable current)
+ VALID_ARCHES = %w(i386 sparc)
+ VALID_RELEASE = %w(5.9 5.10 5.11)
+
+ def initialize(server, mirror_path)
+ @mirror_path = mirror_path
+ @gpg = "gpg --batch --yes --no-tty -a --output /dev/stdout"
+ end
+
+ def do_GET(request, response)
+ mode, *rest = request.path.split('/')[1..-1]
+ mode = 'detach-sign' if mode.eql?('detachsign')
+
+ tmp = File.join(@mirror_path, rest.join('.'))
+ p = validate_path(rest.join('/'))
+
+ if p
+ cmd = "#{@gpg} --#{mode} '#{p}'"
+ content = `cmd`
+ if $?.eql?(0)
+ response.status = 200
+ response['Content-type'] = 'text/plain'
+ response.body = content
+ else
+ response.status = 500
+ response['Content-type'] = 'text/plain'
+ response.body = "500 There was a problem processing the request."
+ end
+ else
+ response.status = 400
+ response['Content-type'] = 'text/plain'
+ response.body = "400 Invalid request."
+ end
+ end
+
+ private
+ def validate_path(path)
+
+ begin
+ parts = path.split('/')
+ cat_file = File.join(@mirror_path, path, 'catalog')
+
+ return false unless parts.size.eql?(3)
+ return false unless VALID_TREES.include?(parts[0])
+ return false unless VALID_ARCHES.include?(parts[1])
+ return false unless VALID_RELEASE.include?(parts[2])
+
+ begin
+ cat_stat = File.stat(cat_file)
+ return false unless cat_stat.file? or cat.stat.symlink?
+ rescue Errno::ENOENT, Errno::ENOTDIR => e
+ #FIXME: Use the webrick logger here...
+ $stderr.puts "Bad catalog file lookup on #{cat_file}"
+ return false
+ end
+
+ return cat_file
+ rescue => e
+ # if we missed something here, we should log it, but return
+ # false to prevent leaking something
+ # FIXME: Use the webrick logger here...
+ #stderr.puts "Rescued exception: #{e.class} -> #{e.message}"
+ return false
+ end
+ end
+end
+
+mirror_path = File.dirname($0)
+
+server = WEBrick::HTTPServer.new({ :Port => 9981 })
+server.mount "/clearsign", GPGDaemon, mirror_path
+server.mount "/detachsign", GPGDaemon, mirror_path
+trap('INT') { server.shutdown }
+server.start
Property changes on: catalog_signatures/catalog_gpg
___________________________________________________________________
Added: svn:executable
+ *
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
More information about the devel
mailing list