Contains the Concourse pipeline definition for building a line-server container
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

337 lines
8.2 KiB

9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
  1. package main
  2. import (
  3. "bytes"
  4. "encoding/json"
  5. "errors"
  6. "fmt"
  7. "io"
  8. "net/http"
  9. "net/url"
  10. "os"
  11. "path"
  12. "path/filepath"
  13. "regexp"
  14. "strconv"
  15. "strings"
  16. "time"
  17. "bitbucket.org/taruti/mimemagic"
  18. "github.com/dchest/uniuri"
  19. "github.com/zenazn/goji/web"
  20. )
  21. var fileBlacklist = map[string]bool{
  22. "favicon.ico": true,
  23. "index.htm": true,
  24. "index.html": true,
  25. "index.php": true,
  26. "robots.txt": true,
  27. }
  28. // Describes metadata directly from the user request
  29. type UploadRequest struct {
  30. src io.Reader
  31. filename string
  32. expiry time.Duration // Seconds until expiry, 0 = never
  33. randomBarename bool
  34. deletionKey string // Empty string if not defined
  35. }
  36. // Metadata associated with a file as it would actually be stored
  37. type Upload struct {
  38. Filename string // Final filename on disk
  39. Metadata Metadata
  40. }
  41. func uploadPostHandler(c web.C, w http.ResponseWriter, r *http.Request) {
  42. upReq := UploadRequest{}
  43. uploadHeaderProcess(r, &upReq)
  44. contentType := r.Header.Get("Content-Type")
  45. if strings.HasPrefix(contentType, "multipart/form-data") {
  46. file, headers, err := r.FormFile("file")
  47. if err != nil {
  48. oopsHandler(c, w, r, RespHTML, "Could not upload file.")
  49. return
  50. }
  51. defer file.Close()
  52. r.ParseForm()
  53. if r.Form.Get("randomize") == "true" {
  54. upReq.randomBarename = true
  55. }
  56. upReq.expiry = parseExpiry(r.Form.Get("expires"))
  57. upReq.src = file
  58. upReq.filename = headers.Filename
  59. } else {
  60. if r.FormValue("content") == "" {
  61. oopsHandler(c, w, r, RespHTML, "Empty file")
  62. return
  63. }
  64. extension := r.FormValue("extension")
  65. if extension == "" {
  66. extension = "txt"
  67. }
  68. upReq.src = strings.NewReader(r.FormValue("content"))
  69. upReq.expiry = parseExpiry(r.FormValue("expires"))
  70. upReq.filename = r.FormValue("filename") + "." + extension
  71. }
  72. upload, err := processUpload(upReq)
  73. if strings.EqualFold("application/json", r.Header.Get("Accept")) {
  74. if err != nil {
  75. oopsHandler(c, w, r, RespJSON, "Could not upload file: "+err.Error())
  76. return
  77. }
  78. js := generateJSONresponse(upload)
  79. w.Header().Set("Content-Type", "application/json; charset=UTF-8")
  80. w.Write(js)
  81. } else {
  82. if err != nil {
  83. oopsHandler(c, w, r, RespHTML, "Could not upload file: "+err.Error())
  84. return
  85. }
  86. http.Redirect(w, r, "/"+upload.Filename, 301)
  87. }
  88. }
  89. func uploadPutHandler(c web.C, w http.ResponseWriter, r *http.Request) {
  90. upReq := UploadRequest{}
  91. uploadHeaderProcess(r, &upReq)
  92. defer r.Body.Close()
  93. upReq.filename = c.URLParams["name"]
  94. upReq.src = r.Body
  95. upload, err := processUpload(upReq)
  96. if strings.EqualFold("application/json", r.Header.Get("Accept")) {
  97. if err != nil {
  98. oopsHandler(c, w, r, RespJSON, "Could not upload file: "+err.Error())
  99. return
  100. }
  101. js := generateJSONresponse(upload)
  102. w.Header().Set("Content-Type", "application/json; charset=UTF-8")
  103. w.Write(js)
  104. } else {
  105. if err != nil {
  106. oopsHandler(c, w, r, RespPLAIN, "Could not upload file: "+err.Error())
  107. return
  108. }
  109. fmt.Fprintf(w, Config.siteURL+upload.Filename)
  110. }
  111. }
  112. func uploadRemote(c web.C, w http.ResponseWriter, r *http.Request) {
  113. if r.FormValue("url") == "" {
  114. http.Redirect(w, r, "/", 301)
  115. return
  116. }
  117. upReq := UploadRequest{}
  118. grabUrl, _ := url.Parse(r.FormValue("url"))
  119. resp, err := http.Get(grabUrl.String())
  120. if err != nil {
  121. oopsHandler(c, w, r, RespAUTO, "Could not retrieve URL")
  122. return
  123. }
  124. upReq.filename = filepath.Base(grabUrl.Path)
  125. upReq.src = resp.Body
  126. upReq.deletionKey = r.FormValue("deletekey")
  127. upReq.expiry = parseExpiry(r.FormValue("expiry"))
  128. upload, err := processUpload(upReq)
  129. if strings.EqualFold("application/json", r.Header.Get("Accept")) {
  130. if err != nil {
  131. oopsHandler(c, w, r, RespJSON, "Could not upload file: "+err.Error())
  132. return
  133. }
  134. js := generateJSONresponse(upload)
  135. w.Header().Set("Content-Type", "application/json; charset=UTF-8")
  136. w.Write(js)
  137. } else {
  138. if err != nil {
  139. oopsHandler(c, w, r, RespHTML, "Could not upload file: "+err.Error())
  140. return
  141. }
  142. http.Redirect(w, r, "/"+upload.Filename, 301)
  143. }
  144. }
  145. func uploadHeaderProcess(r *http.Request, upReq *UploadRequest) {
  146. if r.Header.Get("Linx-Randomize") == "yes" {
  147. upReq.randomBarename = true
  148. }
  149. upReq.deletionKey = r.Header.Get("Linx-Delete-Key")
  150. // Get seconds until expiry. Non-integer responses never expire.
  151. expStr := r.Header.Get("Linx-Expiry")
  152. upReq.expiry = parseExpiry(expStr)
  153. }
  154. func processUpload(upReq UploadRequest) (upload Upload, err error) {
  155. // Determine the appropriate filename, then write to disk
  156. barename, extension := barePlusExt(upReq.filename)
  157. if upReq.randomBarename || len(barename) == 0 {
  158. barename = generateBarename()
  159. }
  160. var header []byte
  161. if len(extension) == 0 {
  162. // Pull the first 512 bytes off for use in MIME detection
  163. header = make([]byte, 512)
  164. n, _ := upReq.src.Read(header)
  165. if n == 0 {
  166. return upload, errors.New("Empty file")
  167. }
  168. header = header[:n]
  169. // Determine the type of file from header
  170. mimetype := mimemagic.Match("", header)
  171. // If the mime type is in our map, use that
  172. // otherwise just use "ext"
  173. if val, exists := mimeToExtension[mimetype]; exists {
  174. extension = val
  175. } else {
  176. extension = "ext"
  177. }
  178. }
  179. upload.Filename = strings.Join([]string{barename, extension}, ".")
  180. _, err = os.Stat(path.Join(Config.filesDir, upload.Filename))
  181. fileexists := err == nil
  182. // Check if the delete key matches, in which case overwrite
  183. if fileexists {
  184. metad, merr := metadataRead(upload.Filename)
  185. if merr == nil {
  186. if upReq.deletionKey == metad.DeleteKey {
  187. fileexists = false
  188. }
  189. }
  190. }
  191. for fileexists {
  192. counter, err := strconv.Atoi(string(barename[len(barename)-1]))
  193. if err != nil {
  194. barename = barename + "1"
  195. } else {
  196. barename = barename[:len(barename)-1] + strconv.Itoa(counter+1)
  197. }
  198. upload.Filename = strings.Join([]string{barename, extension}, ".")
  199. _, err = os.Stat(path.Join(Config.filesDir, upload.Filename))
  200. fileexists = err == nil
  201. }
  202. if fileBlacklist[strings.ToLower(upload.Filename)] {
  203. return upload, errors.New("Prohibited filename")
  204. }
  205. dst, err := os.Create(path.Join(Config.filesDir, upload.Filename))
  206. if err != nil {
  207. return
  208. }
  209. defer dst.Close()
  210. // Get the rest of the metadata needed for storage
  211. var expiry time.Time
  212. if upReq.expiry == 0 {
  213. expiry = neverExpire
  214. } else {
  215. expiry = time.Now().Add(upReq.expiry)
  216. }
  217. bytes, err := io.Copy(dst, io.MultiReader(bytes.NewReader(header), upReq.src))
  218. if bytes == 0 {
  219. os.Remove(path.Join(Config.filesDir, upload.Filename))
  220. return upload, errors.New("Empty file")
  221. } else if err != nil {
  222. os.Remove(path.Join(Config.filesDir, upload.Filename))
  223. return
  224. } else if bytes > Config.maxSize {
  225. os.Remove(path.Join(Config.filesDir, upload.Filename))
  226. return upload, errors.New("File too large")
  227. }
  228. upload.Metadata, err = generateMetadata(upload.Filename, expiry, upReq.deletionKey)
  229. if err != nil {
  230. os.Remove(path.Join(Config.filesDir, upload.Filename))
  231. os.Remove(path.Join(Config.metaDir, upload.Filename))
  232. return
  233. }
  234. err = metadataWrite(upload.Filename, &upload.Metadata)
  235. if err != nil {
  236. os.Remove(path.Join(Config.filesDir, upload.Filename))
  237. os.Remove(path.Join(Config.metaDir, upload.Filename))
  238. return
  239. }
  240. return
  241. }
  242. func generateBarename() string {
  243. return uniuri.NewLenChars(8, []byte("abcdefghijklmnopqrstuvwxyz0123456789"))
  244. }
  245. func generateJSONresponse(upload Upload) []byte {
  246. js, _ := json.Marshal(map[string]string{
  247. "url": Config.siteURL + upload.Filename,
  248. "filename": upload.Filename,
  249. "delete_key": upload.Metadata.DeleteKey,
  250. "expiry": strconv.FormatInt(upload.Metadata.Expiry.Unix(), 10),
  251. "size": strconv.FormatInt(upload.Metadata.Size, 10),
  252. "mimetype": upload.Metadata.Mimetype,
  253. "sha256sum": upload.Metadata.Sha256sum,
  254. })
  255. return js
  256. }
  257. var barePlusRe = regexp.MustCompile(`[^A-Za-z0-9\-]`)
  258. func barePlusExt(filename string) (barename, extension string) {
  259. filename = strings.TrimSpace(filename)
  260. filename = strings.ToLower(filename)
  261. extension = path.Ext(filename)
  262. barename = filename[:len(filename)-len(extension)]
  263. extension = barePlusRe.ReplaceAllString(extension, "")
  264. barename = barePlusRe.ReplaceAllString(barename, "")
  265. return
  266. }
  267. func parseExpiry(expStr string) time.Duration {
  268. if expStr == "" {
  269. return 0
  270. } else {
  271. expiry, err := strconv.ParseInt(expStr, 10, 64)
  272. if err != nil {
  273. return 0
  274. } else {
  275. return time.Duration(expiry) * time.Second
  276. }
  277. }
  278. }