haiwen/seafile-server
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-server.git synced 2025-09-13 13:51:53 +00:00
Code Issues Releases Wiki Activity

Don't parse seahub secret key

Browse Source
This commit is contained in:
杨赫然
2024-08-29 09:52:30 +08:00
parent 4f450ea8e0
commit 915be2dc90
8 changed files with 25 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ci/serverctl.py
View File

@@ -10,6 +10,7 @@ import sys
from collections import namedtuple from collections import namedtuple
from contextlib import contextmanager from contextlib import contextmanager
from os.path import abspath, basename, dirname, exists, join from os.path import abspath, basename, dirname, exists, join
import shutil
import requests import requests
from tenacity import TryAgain, retry, stop_after_attempt, wait_fixed from tenacity import TryAgain, retry, stop_after_attempt, wait_fixed
@@ -24,6 +25,7 @@ logger = logging.getLogger(__name__)
class ServerCtl(object): class ServerCtl(object):
def __init__(self, topdir, projectdir, datadir, fileserver, db='sqlite3', seaf_server_bin='seaf-server', ccnet_server_bin='ccnet-server'): def __init__(self, topdir, projectdir, datadir, fileserver, db='sqlite3', seaf_server_bin='seaf-server', ccnet_server_bin='ccnet-server'):
self.db = db self.db = db
self.topdir = topdir
self.datadir = datadir self.datadir = datadir
self.central_conf_dir = join(datadir, 'conf') self.central_conf_dir = join(datadir, 'conf')
self.seafile_conf_dir = join(datadir, 'seafile-data') self.seafile_conf_dir = join(datadir, 'seafile-data')
@@ -53,6 +55,9 @@ class ServerCtl(object):
os.mkdir (self.central_conf_dir, 0o755) os.mkdir (self.central_conf_dir, 0o755)
os.mkdir (self.seafile_conf_dir, 0o755) os.mkdir (self.seafile_conf_dir, 0o755)
os.mkdir (self.ccnet_conf_dir, 0o755) os.mkdir (self.ccnet_conf_dir, 0o755)
src = join(self.projectdir, 'tests/conf/seahub_settings.py')
dst = join(self.central_conf_dir, 'seahub_settings.py')
shutil.copyfile(src, dst)
self.init_ccnet() self.init_ccnet()
self.init_seafile() self.init_seafile()

8
common/merge-new.c
View File

@@ -71,9 +71,7 @@ merge_conflict_filename (const char *store_id, int version,
seaf_commit_unref (commit); seaf_commit_unref (commit);
} }
nickname = modifier; nickname = get_nickname_by_modifier (opt->email_to_nickname, modifier);
if (seaf->seahub_pk)
nickname = get_nickname_by_modifier (opt->email_to_nickname, modifier);
conflict_name = gen_conflict_path (filename, nickname, mtime); conflict_name = gen_conflict_path (filename, nickname, mtime);
@@ -104,9 +102,7 @@ merge_conflict_dirname (const char *store_id, int version,
modifier = g_strdup(commit->creator_name); modifier = g_strdup(commit->creator_name);
seaf_commit_unref (commit); seaf_commit_unref (commit);
nickname = modifier; nickname = get_nickname_by_modifier (opt->email_to_nickname, modifier);
if (seaf->seahub_pk)
nickname = get_nickname_by_modifier (opt->email_to_nickname, modifier);
conflict_name = gen_conflict_path (dirname, nickname, (gint64)time(NULL)); conflict_name = gen_conflict_path (dirname, nickname, (gint64)time(NULL));

36
common/seaf-utils.c
View File

@@ -386,31 +386,26 @@ load_ccnet_database_config (SeafileSession *session)
#ifdef FULL_FEATURE #ifdef FULL_FEATURE
void int
load_seahub_private_key (SeafileSession *session, const char *conf_dir) load_seahub_config (SeafileSession *session, const char *conf_dir)
{ {
char *conf_path = g_build_filename(conf_dir, "seahub_settings.py", NULL); char *conf_path = g_build_filename(conf_dir, "seahub_settings.py", NULL);
char *data = NULL; char *data = NULL;
GRegex *secret_key_regex = NULL;
GRegex *site_root_regex = NULL; GRegex *site_root_regex = NULL;
GError *error = NULL; GError *error = NULL;
int ret = 0;
FILE *file = fopen(conf_path, "r"); FILE *file = fopen(conf_path, "r");
if (!file) { if (!file) {
ret = -1;
seaf_warning ("Failed to open seahub_settings.py: %s\n", strerror(errno)); seaf_warning ("Failed to open seahub_settings.py: %s\n", strerror(errno));
goto out; goto out;
} }
secret_key_regex = g_regex_new ("SECRET_KEY\\s*=\\s*'(.+)'", 0, 0, &error);
if (error) {
g_clear_error (&error);
seaf_warning ("Failed to create secret key regex: %s\n", error->message);
goto out;
}
site_root_regex = g_regex_new ("SITE_ROOT\\s*=\\s*'(.+)'", 0, 0, &error); site_root_regex = g_regex_new ("SITE_ROOT\\s*=\\s*'(.+)'", 0, 0, &error);
if (error) { if (error) {
g_clear_error (&error); g_clear_error (&error);
ret = -1;
seaf_warning ("Failed to create site root regex: %s\n", error->message); seaf_warning ("Failed to create site root regex: %s\n", error->message);
goto out; goto out;
} }
@@ -419,32 +414,25 @@ load_seahub_private_key (SeafileSession *session, const char *conf_dir)
char *site_root = NULL; char *site_root = NULL;
while (fgets(line, sizeof(line), file)) { while (fgets(line, sizeof(line), file)) {
GMatchInfo *match_info; GMatchInfo *match_info;
if (g_regex_match (secret_key_regex, line, 0, &match_info)) {
char *sk = g_match_info_fetch (match_info, 1);
session->seahub_pk = sk;
}
if (g_regex_match (site_root_regex, line, 0, &match_info)) { if (g_regex_match (site_root_regex, line, 0, &match_info)) {
site_root = g_match_info_fetch (match_info, 1); site_root = g_match_info_fetch (match_info, 1);
} }
} }
if (session->seahub_pk) { if (site_root) {
if (site_root) { session->seahub_url = g_strdup_printf("http://127.0.0.1:8000%sapi/v2.1/internal/user-list/", site_root);
session->seahub_url = g_strdup_printf("http://127.0.0.1:8000%sapi/v2.1/internal/user-list/", site_root); } else {
} else { session->seahub_url = g_strdup("http://127.0.0.1:8000/api/v2.1/internal/user-list/");
session->seahub_url = g_strdup("http://127.0.0.1:8000/api/v2.1/internal/user-list/");
}
session->seahub_conn_pool = connection_pool_new ();
} }
session->seahub_conn_pool = connection_pool_new ();
out: out:
if (secret_key_regex)
g_regex_unref (secret_key_regex);
if (site_root_regex) if (site_root_regex)
g_regex_unref (site_root_regex); g_regex_unref (site_root_regex);
g_free (conf_path); g_free (conf_path);
g_free (data); g_free (data);
return ret;
} }
char * char *

4
common/seaf-utils.h
View File

@@ -17,8 +17,8 @@ int
load_ccnet_database_config (struct _SeafileSession *session); load_ccnet_database_config (struct _SeafileSession *session);
#ifdef FULL_FEATURE #ifdef FULL_FEATURE
void int
load_seahub_private_key (SeafileSession *session, const char *conf_dir); load_seahub_config (SeafileSession *session, const char *conf_dir);
#endif #endif
char * char *

1
server/gc/seafile-session.h
View File

@@ -24,7 +24,6 @@ struct _SeafileSession {
GKeyFile *ccnet_config; GKeyFile *ccnet_config;
SeafDB *db; SeafDB *db;
SeafDB *ccnet_db; SeafDB *ccnet_db;
char *seahub_pk;
SeafBlockManager *block_mgr; SeafBlockManager *block_mgr;
SeafFSManager *fs_mgr; SeafFSManager *fs_mgr;

53
server/http-tx-mgr.c
View File

@@ -437,48 +437,6 @@ out:
return nickname; return nickname;
} }
static char *
gen_jwt_token ()
{
char *jwt_token = NULL;
gint64 now = (gint64)time(NULL);
jwt_t *jwt = NULL;
if (!seaf->seahub_pk) {
return NULL;
}
int ret = jwt_new (&jwt);
if (ret != 0 || jwt == NULL) {
seaf_warning ("Failed to create jwt\n");
goto out;
}
ret = jwt_add_grant_bool (jwt, "is_internal", TRUE);
if (ret != 0) {
seaf_warning ("Failed to add is_internal to jwt\n");
goto out;
}
ret = jwt_add_grant_int (jwt, "exp", now + 300);
if (ret != 0) {
seaf_warning ("Failed to add expire time to jwt\n");
goto out;
}
ret = jwt_set_alg (jwt, JWT_ALG_HS256, (unsigned char *)seaf->seahub_pk, strlen(seaf->seahub_pk));
if (ret != 0) {
seaf_warning ("Failed to set alg\n");
goto out;
}
jwt_token = jwt_encode_str (jwt);
out:
jwt_free (jwt);
return jwt_token;
}
char * char *
http_tx_manager_get_nickname (const char *modifier) http_tx_manager_get_nickname (const char *modifier)
{ {
@@ -491,19 +449,12 @@ http_tx_manager_get_nickname (const char *modifier)
json_t *array = NULL; json_t *array = NULL;
int rsp_status; int rsp_status;
char *req_content = NULL; char *req_content = NULL;
char *jwt_token = NULL;
char *rsp_content = NULL; char *rsp_content = NULL;
char *nickname = NULL; char *nickname = NULL;
gint64 rsp_size; gint64 rsp_size;
jwt_token = gen_jwt_token ();
if (!jwt_token) {
return NULL;
}
conn = connection_pool_get_connection (seaf->seahub_conn_pool); conn = connection_pool_get_connection (seaf->seahub_conn_pool);
if (!conn) { if (!conn) {
g_free (jwt_token);
seaf_warning ("Failed to get connection: out of memory.\n"); seaf_warning ("Failed to get connection: out of memory.\n");
return NULL; return NULL;
} }
@@ -522,13 +473,12 @@ http_tx_manager_get_nickname (const char *modifier)
curl = conn->curl; curl = conn->curl;
headers = curl_slist_append (headers, "User-Agent: Seafile/"SEAFILE_CLIENT_VERSION" ("USER_AGENT_OS")"); headers = curl_slist_append (headers, "User-Agent: Seafile/"SEAFILE_CLIENT_VERSION" ("USER_AGENT_OS")");
token_header = g_strdup_printf ("Authorization: Token %s", jwt_token);
headers = curl_slist_append (headers, token_header); headers = curl_slist_append (headers, token_header);
headers = curl_slist_append (headers, "Content-Type: application/json"); headers = curl_slist_append (headers, "Content-Type: application/json");
g_free (token_header); g_free (token_header);
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
ret = http_post_common (curl, seaf->seahub_url, jwt_token, req_content, strlen(req_content), ret = http_post_common (curl, seaf->seahub_url, NULL, req_content, strlen(req_content),
&rsp_status, &rsp_content, &rsp_size, TRUE, 1); &rsp_status, &rsp_content, &rsp_size, TRUE, 1);
if (ret < 0) { if (ret < 0) {
conn->release = TRUE; conn->release = TRUE;
@@ -543,7 +493,6 @@ http_tx_manager_get_nickname (const char *modifier)
nickname = parse_nickname (rsp_content, rsp_size); nickname = parse_nickname (rsp_content, rsp_size);
out: out:
g_free (jwt_token);
g_free (req_content); g_free (req_content);
g_free (rsp_content); g_free (rsp_content);
connection_pool_return_connection (seaf->seahub_conn_pool, conn); connection_pool_return_connection (seaf->seahub_conn_pool, conn);

4
server/seafile-session.c
View File

@@ -218,7 +218,9 @@ seafile_session_new(const char *central_config_dir,
goto onerror; goto onerror;
} }
load_seahub_private_key (session, abs_central_config_dir ? abs_central_config_dir : abs_seafile_dir); if (load_seahub_config (session, abs_central_config_dir ? abs_central_config_dir : abs_seafile_dir) < 0) {
seaf_warning ("Failed to load seahub config.\n");
}
session->cfg_mgr = seaf_cfg_manager_new (session); session->cfg_mgr = seaf_cfg_manager_new (session);
if (!session->cfg_mgr) if (!session->cfg_mgr)

1
server/seafile-session.h
View File

@@ -48,7 +48,6 @@ struct _SeafileSession {
GKeyFile *ccnet_config; GKeyFile *ccnet_config;
SeafDB *db; SeafDB *db;
CcnetDB *ccnet_db; CcnetDB *ccnet_db;
char *seahub_pk;
char *seahub_url; char *seahub_url;
ConnectionPool *seahub_conn_pool; ConnectionPool *seahub_conn_pool;