summaryrefslogtreecommitdiffabout
authorMichael Krelin <hacker@klever.net>2009-04-05 13:32:38 (UTC)
committer Michael Krelin <hacker@klever.net>2009-04-05 13:32:38 (UTC)
commit702c6bc69bb9bf511f6f5639d90d49139674339c (patch) (side-by-side diff)
tree9672670cc28f5e743f372a82fd1aefb2bb87479e
parent878315238f71307b5b62ed314096f4a7c465bf3e (diff)
downloadiii-702c6bc69bb9bf511f6f5639d90d49139674339c.zip
iii-702c6bc69bb9bf511f6f5639d90d49139674339c.tar.gz
iii-702c6bc69bb9bf511f6f5639d90d49139674339c.tar.bz2
check uploaded file integrity
Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--src/eyefiservice.cc75
1 files changed, 46 insertions, 29 deletions
diff --git a/src/eyefiservice.cc b/src/eyefiservice.cc
index 153a7c4..d233a07 100644
--- a/src/eyefiservice.cc
+++ b/src/eyefiservice.cc
@@ -123,4 +123,7 @@ int eyefiService::UploadPhoto(
tmpdir_t indir(td+"/.incoming.XXXXXX");
+ std::string jf;
+ binary_t digest, idigest;
+
for(soap_multipart::iterator i=mime.begin(),ie=mime.end();i!=ie;++i) {
#ifndef NDEBUG
@@ -130,10 +133,11 @@ int eyefiService::UploadPhoto(
#endif
-#ifndef NDEBUG
if((*i).id && !strcmp((*i).id,"INTEGRITYDIGEST")) {
- std::string idigest((*i).ptr,(*i).size);
- syslog(LOG_DEBUG, " INTEGRITYDIGEST=%s", idigest.c_str());
- }
+ std::string idigestr((*i).ptr,(*i).size);
+#ifndef NDEBUG
+ syslog(LOG_DEBUG, " INTEGRITYDIGEST=%s", idigestr.c_str());
#endif
+ idigest.from_hex(idigestr);
+ }
if( (*i).id && !strcmp((*i).id,"FILENAME") ) {
assert( (*i).type && !strcmp((*i).type,"application/x-tar") );
@@ -144,41 +148,54 @@ int eyefiService::UploadPhoto(
}
#endif
+
+ if(!jf.empty()) throw std::runtime_error("already seen tarball");
+ if(!digest.empty()) throw std::runtime_error("already have integrity digest");
+ digest = integrity_digest((*i).ptr,(*i).size,eyekinfig.get_upload_key());
+#ifndef NDEBUG
+ syslog(LOG_DEBUG," computed integrity digest=%s", digest.hex().c_str());
+#endif
+
tarchive_t a((*i).ptr,(*i).size);
if(!a.read_next_header())
throw std::runtime_error("failed to tarchive_t::read_next_header())");
- std::string jf = indir.get_file(a.entry_pathname());
- std::string::size_type ls = jf.rfind('/');
- std::string jbn = (ls==std::string::npos)?jf:jf.substr(ls+1);
+ jf = indir.get_file(a.entry_pathname());
int fd=open(jf.c_str(),O_CREAT|O_WRONLY,0666);
assert(fd>0);
a.read_data_into_fd(fd);
close(fd);
- std::string tf = td+'/'+jbn;
- bool success = false;
+ }
+ }
+
+ if(jf.empty()) throw std::runtime_error("haven't seen jpeg file");
+ if(digest!=idigest) throw std::runtime_error("integrity digest verification failed");
+
+ std::string::size_type ls = jf.rfind('/');
+ std::string jbn = (ls==std::string::npos)?jf:jf.substr(ls+1);
+ std::string tf = td+'/'+jbn;
+ bool success = false;
+ if(!link(jf.c_str(), tf.c_str())) {
+ unlink(jf.c_str()); success = true;
+ }else{
+ for(int i=1;i<32767;++i) {
+ tf = (const char*)gnu::autosprintf( "%s/(%05d)%s",
+ td.c_str(), i, jbn.c_str() );
if(!link(jf.c_str(), tf.c_str())) {
unlink(jf.c_str()); success = true;
- }else{
- for(int i=1;i<32767;++i) {
- tf = (const char*)gnu::autosprintf( "%s/(%05d)%s",
- td.c_str(), i, jbn.c_str() );
- if(!link(jf.c_str(), tf.c_str())) {
- unlink(jf.c_str()); success = true;
- break;
- }
- }
- }
- std::string cmd = eyekinfig.get_on_upload_photo();
- if(success && !cmd.empty()) {
- if(detached_child()) {
- putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) );
- putenv( gnu::autosprintf("EYEFI_UPLOADED=%s",tf.c_str()) );
- char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 };
- execv("/bin/sh",argv);
- syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str());
- _exit(-1);
- }
+ break;
}
}
}
+ std::string cmd = eyekinfig.get_on_upload_photo();
+ if(success && !cmd.empty()) {
+ if(detached_child()) {
+ putenv( gnu::autosprintf("EYEFI_MACADDRESS=%s",macaddress.c_str()) );
+ putenv( gnu::autosprintf("EYEFI_UPLOADED=%s",tf.c_str()) );
+ char *argv[] = { (char*)"/bin/sh", (char*)"-c", (char*)cmd.c_str(), 0 };
+ execv("/bin/sh",argv);
+ syslog(LOG_ERR,"Failed to execute '%s'",cmd.c_str());
+ _exit(-1);
+ }
+ }
+
r.success = true;
return SOAP_OK;