-rw-r--r-- | src/eyefiworker.cc | 157 |
1 files changed, 80 insertions, 77 deletions
diff --git a/src/eyefiworker.cc b/src/eyefiworker.cc index 645069e..597a3f2 100644 --- a/src/eyefiworker.cc +++ b/src/eyefiworker.cc | |||
@@ -1,341 +1,344 @@ | |||
1 | #include <signal.h> | 1 | #include <signal.h> |
2 | #ifndef NDEBUG | 2 | #ifndef NDEBUG |
3 | # include <sys/resource.h> | 3 | # include <sys/resource.h> |
4 | #endif | 4 | #endif |
5 | #include <syslog.h> | 5 | #include <syslog.h> |
6 | #include <cassert> | 6 | #include <cassert> |
7 | #include <iostream> | 7 | #include <iostream> |
8 | #include <fstream> | 8 | #include <fstream> |
9 | #include <stdexcept> | 9 | #include <stdexcept> |
10 | #include <iterator> | 10 | #include <iterator> |
11 | #include <algorithm> | 11 | #include <algorithm> |
12 | #include <sys/wait.h> | 12 | #include <sys/wait.h> |
13 | #include <autosprintf.h> | 13 | #include <autosprintf.h> |
14 | #include "eyekinfig.h" | 14 | #include "eyekinfig.h" |
15 | #include "eyetil.h" | 15 | #include "eyetil.h" |
16 | #include "eyefiworker.h" | 16 | #include "eyefiworker.h" |
17 | #ifdef HAVE_SQLITE | 17 | #ifdef HAVE_SQLITE |
18 | # include "iiidb.h" | 18 | # include "iiidb.h" |
19 | #endif | 19 | #endif |
20 | 20 | ||
21 | eyefiworker::eyefiworker() | 21 | eyefiworker::eyefiworker() |
22 | : eyefiService(SOAP_IO_STORE|SOAP_IO_KEEPALIVE) { | 22 | : eyefiService(SOAP_IO_STORE|SOAP_IO_KEEPALIVE) { |
23 | bind_flags = SO_REUSEADDR; max_keep_alive = 0; | 23 | bind_flags = SO_REUSEADDR; max_keep_alive = 0; |
24 | socket_flags = | 24 | socket_flags = |
25 | #if defined(MSG_NOSIGNAL) | 25 | #if defined(MSG_NOSIGNAL) |
26 | MSG_NOSIGNAL | 26 | MSG_NOSIGNAL |
27 | #elif defined(SO_NOSIGPIPE) | 27 | #elif defined(SO_NOSIGPIPE) |
28 | SO_NOSIGPIPE | 28 | SO_NOSIGPIPE |
29 | #else | 29 | #else |
30 | #error Something is wrong with sigpipe prevention on the platform | 30 | #error Something is wrong with sigpipe prevention on the platform |
31 | #endif | 31 | #endif |
32 | ; | 32 | ; |
33 | #ifdef HAVE_SQLITE | 33 | #ifdef HAVE_SQLITE |
34 | sqlite3_initialize(); | 34 | sqlite3_initialize(); |
35 | #endif | 35 | #endif |
36 | } | 36 | } |
37 | eyefiworker::~eyefiworker() { | 37 | |
38 | static void *fmimewriteopen_(struct soap *soap, | ||
39 | void *handle, const char *id, const char *type, const char *description, | ||
40 | enum soap_mime_encoding encoding) { | ||
41 | return static_cast<eyefiworker*>(soap)->mime_writeopen(handle,id,type,description,encoding); | ||
42 | } | ||
43 | static int fmimewrite_(struct soap *soap,void *handle,const char *buf,size_t len) { | ||
44 | return static_cast<eyefiworker*>(soap)->mime_write(handle,buf,len); | ||
45 | } | ||
46 | static void fmimewriteclose_(struct soap *soap,void *handle) { | ||
47 | static_cast<eyefiworker*>(soap)->mime_writeclose(handle); | ||
38 | } | 48 | } |
39 | 49 | ||
40 | int eyefiworker::run(int bindport) { | 50 | int eyefiworker::run(int bindport) { |
41 | if(!soap_valid_socket(bind(0,bindport,64))) | 51 | if(!soap_valid_socket(bind(0,bindport,64))) |
42 | throw std::runtime_error("failed to bind()"); | 52 | throw std::runtime_error("failed to bind()"); |
43 | signal(SIGCHLD,SIG_IGN); | 53 | signal(SIGCHLD,SIG_IGN); |
54 | fmimewriteopen=fmimewriteopen_; fmimewrite=fmimewrite_; fmimewriteclose=fmimewriteclose_; | ||
44 | while(true) { | 55 | while(true) { |
45 | if(!soap_valid_socket(accept())) | 56 | if(!soap_valid_socket(accept())) |
46 | throw std::runtime_error("failed to accept()"); | 57 | throw std::runtime_error("failed to accept()"); |
47 | pid_t p = fork(); | 58 | pid_t p = fork(); |
48 | if(p<0) throw std::runtime_error("failed to fork()"); | 59 | if(p<0) throw std::runtime_error("failed to fork()"); |
49 | if(!p) { | 60 | if(!p) { |
50 | recv_timeout = 600; send_timeout = 120; | 61 | recv_timeout = 600; send_timeout = 120; |
51 | (void)serve(); | 62 | (void)serve(); |
52 | soap_destroy(this); soap_end(this); soap_done(this); | 63 | soap_destroy(this); soap_end(this); soap_done(this); |
53 | #ifndef NDEBUG | 64 | #ifndef NDEBUG |
54 | struct rusage ru; | 65 | struct rusage ru; |
55 | if(getrusage(RUSAGE_SELF,&ru)) { | 66 | if(getrusage(RUSAGE_SELF,&ru)) { |
56 | syslog(LOG_NOTICE,"Failed to getrusage(): %d",errno); | 67 | syslog(LOG_NOTICE,"Failed to getrusage(): %d",errno); |
57 | }else{ | 68 | }else{ |
58 | syslog(LOG_INFO,"maxrss: %ld\n",ru.ru_maxrss); | 69 | syslog(LOG_INFO,"maxrss: %ld\n",ru.ru_maxrss); |
59 | } | 70 | } |
60 | #endif /* NDEBUG */ | 71 | #endif /* NDEBUG */ |
61 | throw throwable_exit(0); | 72 | throw throwable_exit(0); |
62 | } | 73 | } |
63 | close(socket); socket = SOAP_INVALID_SOCKET; | 74 | close(socket); socket = SOAP_INVALID_SOCKET; |
64 | } | 75 | } |
65 | } | 76 | } |
66 | 77 | ||
67 | static binary_t session_nonce; | 78 | static binary_t session_nonce; |
68 | #ifdef HAVE_SQLITE | 79 | #ifdef HAVE_SQLITE |
69 | static struct { | 80 | static struct { |
70 | std::string filesignature; | 81 | std::string filesignature; |
71 | long filesize; | 82 | long filesize; |
72 | std::string filename; | 83 | std::string filename; |
73 | inline void reset() { filesignature.erase(); filename.erase(); filesize=0; } | 84 | inline void reset() { filesignature.erase(); filename.erase(); filesize=0; } |
74 | inline void set(const std::string n,const std::string sig,long siz) { | 85 | inline void set(const std::string n,const std::string sig,long siz) { |
75 | filename = n; filesignature = sig; filesize = siz; | 86 | filename = n; filesignature = sig; filesize = siz; |
76 | } | 87 | } |
77 | inline bool is(const std::string n,const std::string sig,long siz) { | 88 | inline bool is(const std::string n,const std::string sig,long siz) { |
78 | return filesize==siz && filename==n && filesignature==sig; | 89 | return filesize==siz && filename==n && filesignature==sig; |
79 | } | 90 | } |
80 | } already; | 91 | } already; |
81 | #endif /* HAVE_SQLITE */ | 92 | #endif /* HAVE_SQLITE */ |
82 | 93 | ||
83 | static bool detached_child() { | 94 | static bool detached_child() { |
84 | pid_t p = fork(); | 95 | pid_t p = fork(); |
85 | if(p<0) { | 96 | if(p<0) { |
86 | syslog(LOG_ERR,"Failed to fork away for hook execution"); | 97 | syslog(LOG_ERR,"Failed to fork away for hook execution"); |
87 | _exit(-1); | 98 | _exit(-1); |
88 | } | 99 | } |
89 | if(!p) { | 100 | if(!p) { |
90 | setsid(); | 101 | setsid(); |
91 | for(int i=getdtablesize();i>=0;--i) close(i); | 102 | for(int i=getdtablesize();i>=0;--i) close(i); |
92 | int i=open("/dev/null",O_RDWR); assert(i==0); | 103 | int i=open("/dev/null",O_RDWR); assert(i==0); |
93 | i = dup(i); assert(i==1); | 104 | i = dup(i); assert(i==1); |
94 | i = dup(i); assert(i==2); | 105 | i = dup(i); assert(i==2); |
95 | return true; | 106 | return true; |
96 | } | 107 | } |
97 | return false; | 108 | return false; |
98 | } | 109 | } |
99 | 110 | ||
100 | static int E(eyefiworker* efs,const char *c,const std::exception& e) { | 111 | static int E(eyefiworker* efs,const char *c,const std::exception& e) { |
101 | efs->keep_alive=0; | 112 | efs->keep_alive=0; |
102 | syslog(LOG_ERR,"error while processing %s: %s",c,e.what()); | 113 | syslog(LOG_ERR,"error while processing %s: %s",c,e.what()); |
103 | return soap_sender_fault(efs,gnu::autosprintf("error processing %s",c),0); | 114 | return soap_sender_fault(efs,gnu::autosprintf("error processing %s",c),0); |
104 | } | 115 | } |
105 | 116 | ||
106 | int eyefiworker::StartSession( | 117 | int eyefiworker::StartSession( |
107 | std::string macaddress,std::string cnonce, | 118 | std::string macaddress,std::string cnonce, |
108 | int transfermode,long transfermodetimestamp, | 119 | int transfermode,long transfermodetimestamp, |
109 | struct rns__StartSessionResponse &r ) try { | 120 | struct rns__StartSessionResponse &r ) try { |
110 | syslog(LOG_INFO, | 121 | syslog(LOG_INFO, |
111 | "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", | 122 | "StartSession request from %s with cnonce=%s, transfermode=%d, transfermodetimestamp=%ld", |
112 | macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); | 123 | macaddress.c_str(), cnonce.c_str(), transfermode, transfermodetimestamp ); |
113 | eyekinfig_t eyekinfig(macaddress); | 124 | kinfig.reset(new eyekinfig_t(macaddress)); |
114 | r.credential = binary_t(macaddress+cnonce+eyekinfig.get_upload_key()).md5().hex(); | 125 | umask(kinfig->get_umask()); |
126 | |||
127 | r.credential = binary_t(macaddress+cnonce+kinfig->get_upload_key()).md5().hex(); | ||
115 | 128 | ||
116 | r.snonce = session_nonce.make_nonce().hex(); | 129 | r.snonce = session_nonce.make_nonce().hex(); |
117 | r.transfermode=transfermode; | 130 | r.transfermode=transfermode; |
118 | r.transfermodetimestamp=transfermodetimestamp; | 131 | r.transfermodetimestamp=transfermodetimestamp; |
119 | r.upsyncallowed=false; | 132 | r.upsyncallowed=false; |
120 | 133 | ||
121 | std::string cmd = eyekinfig.get_on_start_session(); | 134 | std::string cmd = kinfig->get_on_start_session(); |
122 | if(!cmd.empty()) { | 135 | if(!cmd.empty()) { |
123 | if(detached_child()) { | 136 | if(detached_child()) { |
124 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | 137 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); |
125 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); | 138 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODE=%d",transfermode) ); |
126 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); | 139 | putenv( gnu::autosprintf("EYEFI_TRANSFERMODETIMESTAMP=%ld",transfermodetimestamp) ); |
127 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | 140 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; |
128 | execv("/bin/sh",argv); | 141 | execv("/bin/sh",argv); |
129 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | 142 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); |
130 | _exit(-1); | 143 | _exit(-1); |
131 | } | 144 | } |
132 | } | 145 | } |
133 | return SOAP_OK; | 146 | return SOAP_OK; |
134 | }catch(const std::exception& e) { return E(this,"StartSession",e); } | 147 | }catch(const std::exception& e) { return E(this,"StartSession",e); } |
135 | 148 | ||
136 | int eyefiworker::GetPhotoStatus( | 149 | int eyefiworker::GetPhotoStatus( |
137 | std::string credential, std::string macaddress, | 150 | std::string credential, std::string macaddress, |
138 | std::string filename, long filesize, std::string filesignature, | 151 | std::string filename, long filesize, std::string filesignature, |
139 | int flags, | 152 | int flags, |
140 | struct rns__GetPhotoStatusResponse &r ) try { | 153 | struct rns__GetPhotoStatusResponse &r ) try { |
141 | syslog(LOG_INFO, | 154 | syslog(LOG_INFO, |
142 | "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", | 155 | "GetPhotoStatus request from %s with credential=%s, filename=%s, filesize=%ld, filesignature=%s, flags=%d; session nonce=%s", |
143 | macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, | 156 | macaddress.c_str(), credential.c_str(), filename.c_str(), filesize, filesignature.c_str(), flags, |
144 | session_nonce.hex().c_str() ); | 157 | session_nonce.hex().c_str() ); |
145 | 158 | ||
146 | eyekinfig_t eyekinfig(macaddress); | 159 | if(!(kinfig && kinfig->macaddress==macaddress)) |
147 | std::string computed_credential = binary_t(macaddress+eyekinfig.get_upload_key()+session_nonce.hex()).md5().hex(); | 160 | throw std::runtime_error("I'm not talking to this peer"); |
161 | |||
162 | std::string computed_credential = binary_t(macaddress+kinfig->get_upload_key()+session_nonce.hex()).md5().hex(); | ||
148 | 163 | ||
149 | #ifndef NDEBUG | 164 | #ifndef NDEBUG |
150 | syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); | 165 | syslog(LOG_DEBUG, " computed credential=%s", computed_credential.c_str()); |
151 | #endif | 166 | #endif |
152 | 167 | ||
153 | if (credential != computed_credential) throw std::runtime_error("card authentication failed"); | 168 | if (credential != computed_credential) throw std::runtime_error("card authentication failed"); |
154 | 169 | ||
170 | indir.reset(new tmpdir_t(kinfig->get_targetdir()+"/.incoming.XXXXXX")); | ||
171 | |||
155 | #ifdef HAVE_SQLITE | 172 | #ifdef HAVE_SQLITE |
156 | iiidb_t D(eyekinfig); | 173 | iiidb_t D(*kinfig); |
157 | seclude::stmt_t S = D.prepare( | 174 | seclude::stmt_t S = D.prepare( |
158 | "SELECT fileid FROM photo" | 175 | "SELECT fileid FROM photo" |
159 | " WHERE mac=:mac AND filename=:filename" | 176 | " WHERE mac=:mac AND filename=:filename" |
160 | " AND filesize=:filesize AND filesignature=:filesignature" | 177 | " AND filesize=:filesize AND filesignature=:filesignature" |
161 | ).bind(":mac",macaddress) | 178 | ).bind(":mac",macaddress) |
162 | .bind(":filename",filename).bind(":filesize",filesize) | 179 | .bind(":filename",filename).bind(":filesize",filesize) |
163 | .bind(":filesignature",filesignature); | 180 | .bind(":filesignature",filesignature); |
164 | if(!S.step()) { | 181 | if(!S.step()) { |
165 | r.fileid = 1; r.offset = 0; | 182 | r.fileid = 1; r.offset = 0; |
166 | }else{ | 183 | }else{ |
167 | r.fileid = S.column<long>(0); | 184 | r.fileid = S.column<long>(0); |
168 | r.offset = filesize; | 185 | r.offset = filesize; |
169 | already.set(filename,filesignature,filesize); | 186 | already.set(filename,filesignature,filesize); |
170 | } | 187 | } |
171 | #else /* HAVE_SQLITE */ | 188 | #else /* HAVE_SQLITE */ |
172 | r.fileid=1, r.offset=0; | 189 | r.fileid=1, r.offset=0; |
173 | #endif /* HAVE_SQLITE */ | 190 | #endif /* HAVE_SQLITE */ |
174 | return SOAP_OK; | 191 | return SOAP_OK; |
175 | }catch(const std::exception& e) { return E(this,"GetPhotoStatus",e); } | 192 | }catch(const std::exception& e) { return E(this,"GetPhotoStatus",e); } |
176 | 193 | ||
177 | int eyefiworker::MarkLastPhotoInRoll( | 194 | int eyefiworker::MarkLastPhotoInRoll( |
178 | std::string macaddress, int mergedelta, | 195 | std::string macaddress, int mergedelta, |
179 | struct rns__MarkLastPhotoInRollResponse&/* r */ ) try { | 196 | struct rns__MarkLastPhotoInRollResponse&/* r */ ) try { |
180 | syslog(LOG_INFO, | 197 | syslog(LOG_INFO, |
181 | "MarkLastPhotoInRoll request from %s with mergedelta=%d", | 198 | "MarkLastPhotoInRoll request from %s with mergedelta=%d", |
182 | macaddress.c_str(), mergedelta ); | 199 | macaddress.c_str(), mergedelta ); |
183 | std::string cmd = eyekinfig_t(macaddress).get_on_mark_last_photo_in_roll(); | 200 | if(!(kinfig && kinfig->macaddress==macaddress)) |
201 | throw std::runtime_error("I'm not talking to this peer"); | ||
202 | |||
203 | std::string cmd = kinfig->get_on_mark_last_photo_in_roll(); | ||
184 | if(!cmd.empty()) { | 204 | if(!cmd.empty()) { |
185 | if(detached_child()) { | 205 | if(detached_child()) { |
186 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | 206 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); |
187 | putenv( gnu::autosprintf("EYEFI_MERGEDELTA=%d",mergedelta) ); | 207 | putenv( gnu::autosprintf("EYEFI_MERGEDELTA=%d",mergedelta) ); |
188 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | 208 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; |
189 | execv("/bin/sh",argv); | 209 | execv("/bin/sh",argv); |
190 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | 210 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); |
191 | _exit(-1); | 211 | _exit(-1); |
192 | } | 212 | } |
193 | } | 213 | } |
194 | keep_alive = 0; | 214 | keep_alive = 0; |
195 | return SOAP_OK; | 215 | return SOAP_OK; |
196 | }catch(const std::exception& e) { return E(this,"MarkLastPhotoInRoll",e); } | 216 | }catch(const std::exception& e) { return E(this,"MarkLastPhotoInRoll",e); } |
197 | 217 | ||
218 | void *eyefiworker::mime_writeopen(void *handle,const char *id,const char *type,const char *description, | ||
219 | enum soap_mime_encoding encoding) { | ||
220 | if(!id) return NULL; | ||
221 | if(!strcmp(id,"FILENAME")) { | ||
222 | mime_tarfile.reset(new mimewrite_tarfile(*indir)); | ||
223 | return mime_tarfile.get(); | ||
224 | }else if(!strcmp(id,"INTEGRITYDIGEST")) { | ||
225 | mime_idigest.reset(new mimewrite_string()); | ||
226 | return mime_idigest.get(); | ||
227 | } | ||
228 | return NULL; | ||
229 | } | ||
230 | int eyefiworker::mime_write(void *handle,const char *buf,size_t len) { | ||
231 | if(!handle) return SOAP_ERR; | ||
232 | return static_cast<mimewrite_base*>(handle)->write(buf,len); | ||
233 | } | ||
234 | void eyefiworker::mime_writeclose(void *handle) { | ||
235 | if(handle) static_cast<mimewrite_base*>(handle)->close(); | ||
236 | } | ||
237 | |||
198 | int eyefiworker::UploadPhoto( | 238 | int eyefiworker::UploadPhoto( |
199 | int fileid, std::string macaddress, | 239 | int fileid, std::string macaddress, |
200 | std::string filename, long filesize, std::string filesignature, | 240 | std::string filename, long filesize, std::string filesignature, |
201 | std::string encryption, int flags, | 241 | std::string encryption, int flags, |
202 | struct rns__UploadPhotoResponse& r ) try { | 242 | struct rns__UploadPhotoResponse& r ) try { |
203 | syslog(LOG_INFO, | 243 | syslog(LOG_INFO, |
204 | "UploadPhoto request from %s with fileid=%d, filename=%s, filesize=%ld," | 244 | "UploadPhoto request from %s with fileid=%d, filename=%s, filesize=%ld," |
205 | " filesignature=%s, encryption=%s, flags=%04X", | 245 | " filesignature=%s, encryption=%s, flags=%04X", |
206 | macaddress.c_str(), fileid, filename.c_str(), filesize, | 246 | macaddress.c_str(), fileid, filename.c_str(), filesize, |
207 | filesignature.c_str(), encryption.c_str(), flags ); | 247 | filesignature.c_str(), encryption.c_str(), flags ); |
248 | if(!(kinfig && kinfig->macaddress==macaddress)) | ||
249 | throw std::runtime_error("I'm not talking to this peer"); | ||
250 | |||
208 | std::string::size_type fnl=filename.length(); | 251 | std::string::size_type fnl=filename.length(); |
209 | if(fnl<sizeof(".tar") || strncmp(filename.c_str()+fnl-sizeof(".tar")+sizeof(""),".tar",sizeof(".tar"))) | 252 | if(fnl<sizeof(".tar") || strncmp(filename.c_str()+fnl-sizeof(".tar")+sizeof(""),".tar",sizeof(".tar"))) |
210 | throw std::runtime_error(gnu::autosprintf("honestly, I expected the tarball coming here, not '%s'",filename.c_str())); | 253 | throw std::runtime_error(gnu::autosprintf("honestly, I expected the tarball coming here, not '%s'",filename.c_str())); |
211 | std::string the_file(filename,0,fnl-sizeof(".tar")+sizeof("")); | 254 | std::string the_file(filename,0,fnl-sizeof(".tar")+sizeof("")); |
212 | std::string the_log = the_file+".log"; | 255 | std::string the_log = the_file+".log"; |
213 | 256 | ||
214 | eyekinfig_t eyekinfig(macaddress); | 257 | if(!indir) throw std::runtime_error("I haven't even created a directory!"); |
215 | 258 | shared_ptr<tmpdir_t> dir; dir.swap(indir); | |
216 | umask(eyekinfig.get_umask()); | 259 | if(!mime_tarfile) throw std::runtime_error("I haven't written the tarball!"); |
217 | 260 | shared_ptr<mimewrite_tarfile> file; file.swap(mime_tarfile); | |
218 | std::string td = eyekinfig.get_targetdir(); | 261 | if(!mime_idigest) throw std::runtime_error("I haven't seen the integrity digest!"); |
219 | tmpdir_t indir(td+"/.incoming.XXXXXX"); | 262 | shared_ptr<mimewrite_string> idigest; idigest.swap(mime_idigest); |
220 | |||
221 | std::string tf,lf; | ||
222 | binary_t digest, idigest; | ||
223 | #ifdef HAVE_SQLITE | ||
224 | bool beenthere = false; | ||
225 | #endif | ||
226 | |||
227 | for(soap_multipart::iterator i=mime.begin(),ie=mime.end();i!=ie;++i) { | ||
228 | #ifndef NDEBUG | ||
229 | syslog(LOG_DEBUG, | ||
230 | " MIME attachment with id=%s, type=%s, size=%ld", | ||
231 | (*i).id, (*i).type, (long)(*i).size ); | ||
232 | #endif | ||
233 | |||
234 | if((*i).id && !strcmp((*i).id,"INTEGRITYDIGEST")) { | ||
235 | std::string idigestr((*i).ptr,(*i).size); | ||
236 | #ifndef NDEBUG | ||
237 | syslog(LOG_DEBUG, " INTEGRITYDIGEST=%s", idigestr.c_str()); | ||
238 | #endif | ||
239 | idigest.from_hex(idigestr); | ||
240 | } | ||
241 | if( (*i).id && !strcmp((*i).id,"FILENAME") ) { | ||
242 | assert( (*i).type && !strcmp((*i).type,"application/x-tar") ); | ||
243 | #ifdef III_SAVE_TARS | ||
244 | std::string tarfile = indir.get_file(filename); | ||
245 | { | ||
246 | std::ofstream(tarfile.c_str(),std::ios::out|std::ios::binary).write((*i).ptr,(*i).size); | ||
247 | } | ||
248 | #endif | ||
249 | 263 | ||
250 | if(!tf.empty()) throw std::runtime_error("already seen tarball"); | ||
251 | if(!digest.empty()) throw std::runtime_error("already have integrity digest"); | ||
252 | digest = integrity_digest((*i).ptr,(*i).size,eyekinfig.get_upload_key()); | ||
253 | #ifndef NDEBUG | ||
254 | syslog(LOG_DEBUG," computed integrity digest=%s", digest.hex().c_str()); | ||
255 | #endif | ||
256 | #ifdef HAVE_SQLITE | 264 | #ifdef HAVE_SQLITE |
257 | if(!(*i).size) { | 265 | if(!file->f.tellg()) { |
258 | if(!already.is(filename,filesignature,filesize)) | 266 | if(!already.is(filename,filesignature,filesize)) |
259 | throw std::runtime_error("got zero-length upload for unknown file"); | 267 | throw std::runtime_error("got zero-length upload for unknown file"); |
260 | beenthere = true; continue; | 268 | r.success = true; |
261 | } | 269 | return SOAP_OK; |
270 | } | ||
262 | #endif | 271 | #endif |
263 | 272 | ||
264 | tarchive_t a((*i).ptr,(*i).size); | 273 | if(idigest->str != file->idigest.final(kinfig->get_upload_key()).hex()) |
265 | while(a.read_next_header()) { | 274 | throw std::runtime_error("Integrity digest doesn't match, disintegrating."); |
266 | std::string ep = a.entry_pathname(), f = indir.get_file(ep); | ||
267 | if(ep==the_file) tf = f; | ||
268 | else if(ep==the_log) lf = f; | ||
269 | else continue; | ||
270 | int fd=open(f.c_str(),O_CREAT|O_WRONLY,0666); | ||
271 | if(fd<0) | ||
272 | throw std::runtime_error(gnu::autosprintf("failed to create output file '%s'",f.c_str())); | ||
273 | if(!a.read_data_into_fd(fd)) | ||
274 | throw std::runtime_error(gnu::autosprintf("failed to untar file into '%s'",f.c_str())); | ||
275 | close(fd); | ||
276 | } | ||
277 | } | ||
278 | } | ||
279 | 275 | ||
280 | #ifdef HAVE_SQLITE | 276 | std::string tf, lf; |
281 | if(beenthere) { | 277 | for(tarchive_t a(file->fn.c_str());a.read_next_header();) { |
282 | r.success=true; | 278 | std::string ep = a.entry_pathname(), f = dir->get_file(ep); |
283 | return SOAP_OK; | 279 | if(ep==the_file) tf = f; |
280 | else if(ep==the_log) lf = f; | ||
281 | else continue; | ||
282 | int fd=open(f.c_str(),O_CREAT|O_WRONLY,0666); | ||
283 | if(fd<0) | ||
284 | throw std::runtime_error(gnu::autosprintf("failed to create output file '%s'",f.c_str())); | ||
285 | if(!a.read_data_into_fd(fd)) | ||
286 | throw std::runtime_error(gnu::autosprintf("failed to untar file into '%s'",f.c_str())); | ||
287 | close(fd); | ||
284 | } | 288 | } |
285 | #endif | ||
286 | 289 | ||
287 | if(tf.empty()) throw std::runtime_error("haven't seen THE file"); | 290 | if(tf.empty()) throw std::runtime_error("haven't seen THE file"); |
288 | if(digest!=idigest) throw std::runtime_error("integrity digest verification failed"); | ||
289 | 291 | ||
290 | std::string::size_type ls = tf.rfind('/'); | 292 | std::string::size_type ls = tf.rfind('/'); |
291 | // XXX: actually, lack of '/' signifies error here | 293 | // XXX: actually, lack of '/' signifies error here |
292 | std::string tbn = (ls==std::string::npos)?tf:tf.substr(ls+1); | 294 | std::string tbn = (ls==std::string::npos)?tf:tf.substr(ls+1); |
293 | ls = lf.rfind('/'); | 295 | ls = lf.rfind('/'); |
294 | std::string lbn = (ls==std::string::npos)?lf:lf.substr(ls+1); | 296 | std::string lbn = (ls==std::string::npos)?lf:lf.substr(ls+1); |
295 | std::string ttf,tlf; | 297 | std::string ttf,tlf; |
296 | bool success = false; | 298 | bool success = false; |
299 | std::string td = kinfig->get_targetdir(); | ||
297 | for(int i=0;i<32767;++i) { | 300 | for(int i=0;i<32767;++i) { |
298 | const char *fmt = i ? "%1$s/(%3$05d)%2$s" : "%1$s/%2$s"; | 301 | const char *fmt = i ? "%1$s/(%3$05d)%2$s" : "%1$s/%2$s"; |
299 | ttf = (const char*)gnu::autosprintf(fmt,td.c_str(),tbn.c_str(),i); | 302 | ttf = (const char*)gnu::autosprintf(fmt,td.c_str(),tbn.c_str(),i); |
300 | if(!lf.empty()) tlf = (const char*)gnu::autosprintf(fmt,td.c_str(),lbn.c_str(),i); | 303 | if(!lf.empty()) tlf = (const char*)gnu::autosprintf(fmt,td.c_str(),lbn.c_str(),i); |
301 | if( (!link(tf.c_str(),ttf.c_str())) && (lf.empty() || !link(lf.c_str(),tlf.c_str())) ) { | 304 | if( (!link(tf.c_str(),ttf.c_str())) && (lf.empty() || !link(lf.c_str(),tlf.c_str())) ) { |
302 | unlink(tf.c_str()); | 305 | unlink(tf.c_str()); |
303 | if(!lf.empty()) unlink(lf.c_str()); | 306 | if(!lf.empty()) unlink(lf.c_str()); |
304 | success=true; | 307 | success=true; |
305 | break; | 308 | break; |
306 | } | 309 | } |
307 | } | 310 | } |
308 | std::string cmd = eyekinfig.get_on_upload_photo(); | 311 | std::string cmd = kinfig->get_on_upload_photo(); |
309 | if(success) { | 312 | if(success) { |
310 | #ifdef HAVE_SQLITE | 313 | #ifdef HAVE_SQLITE |
311 | { | 314 | { |
312 | iiidb_t D(eyekinfig); | 315 | iiidb_t D(*kinfig); |
313 | D.prepare( | 316 | D.prepare( |
314 | "INSERT INTO photo" | 317 | "INSERT INTO photo" |
315 | " (ctime,mac,fileid,filename,filesize,filesignature,encryption,flags)" | 318 | " (ctime,mac,fileid,filename,filesize,filesignature,encryption,flags)" |
316 | " VALUES" | 319 | " VALUES" |
317 | " (:ctime,:mac,:fileid,:filename,:filesize,:filesignature,:encryption,:flags)" | 320 | " (:ctime,:mac,:fileid,:filename,:filesize,:filesignature,:encryption,:flags)" |
318 | ).bind(":ctime",time(0)) | 321 | ).bind(":ctime",time(0)) |
319 | .bind(":mac",macaddress) | 322 | .bind(":mac",macaddress) |
320 | .bind(":fileid",fileid).bind(":filename",filename) | 323 | .bind(":fileid",fileid).bind(":filename",filename) |
321 | .bind(":filesize",filesize).bind(":filesignature",filesignature) | 324 | .bind(":filesize",filesize).bind(":filesignature",filesignature) |
322 | .bind(":encryption",encryption).bind(":flags",flags) | 325 | .bind(":encryption",encryption).bind(":flags",flags) |
323 | .step(); | 326 | .step(); |
324 | } | 327 | } |
325 | #endif /* HAVE_SQLITE */ | 328 | #endif /* HAVE_SQLITE */ |
326 | if((!cmd.empty()) && detached_child()) { | 329 | if((!cmd.empty()) && detached_child()) { |
327 | putenv( gnu::autosprintf("EYEFI_UPLOADED_ORIG=%s",tbn.c_str()) ); | 330 | putenv( gnu::autosprintf("EYEFI_UPLOADED_ORIG=%s",tbn.c_str()) ); |
328 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); | 331 | putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) ); |
329 | putenv( gnu::autosprintf("EYEFI_UPLOADED=%s",ttf.c_str()) ); | 332 | putenv( gnu::autosprintf("EYEFI_UPLOADED=%s",ttf.c_str()) ); |
330 | if(!lf.empty()) putenv( gnu::autosprintf("EYEFI_LOG=%s",tlf.c_str()) ); | 333 | if(!lf.empty()) putenv( gnu::autosprintf("EYEFI_LOG=%s",tlf.c_str()) ); |
331 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; | 334 | char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 }; |
332 | execv("/bin/sh",argv); | 335 | execv("/bin/sh",argv); |
333 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); | 336 | syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str()); |
334 | _exit(-1); | 337 | _exit(-1); |
335 | } | 338 | } |
336 | } | 339 | } |
337 | 340 | ||
338 | r.success = true; | 341 | r.success = true; |
339 | return SOAP_OK; | 342 | return SOAP_OK; |
340 | }catch(const std::exception& e) { return E(this,"UploadPhoto",e); } | 343 | }catch(const std::exception& e) { return E(this,"UploadPhoto",e); } |
341 | 344 | ||