haiwen/seafile-server
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-server.git synced 2025-09-12 21:35:30 +00:00
Code Issues Releases Wiki Activity

Don't parse seahub secret key

Browse Source
This commit is contained in:
杨赫然
2024-08-29 09:52:30 +08:00
parent 4f450ea8e0
commit 915be2dc90
8 changed files with 25 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ci/serverctl.py
View File

@@ -10,6 +10,7 @@ import sys
from collections import namedtuple
from contextlib import contextmanager
from os.path import abspath, basename, dirname, exists, join
import shutil
import requests
from tenacity import TryAgain, retry, stop_after_attempt, wait_fixed
@@ -24,6 +25,7 @@ logger = logging.getLogger(__name__)
class ServerCtl(object):
def __init__(self, topdir, projectdir, datadir, fileserver, db='sqlite3', seaf_server_bin='seaf-server', ccnet_server_bin='ccnet-server'):
self.db = db
self.topdir = topdir
self.datadir = datadir
self.central_conf_dir = join(datadir, 'conf')
self.seafile_conf_dir = join(datadir, 'seafile-data')
@@ -53,6 +55,9 @@ class ServerCtl(object):
os.mkdir (self.central_conf_dir, 0o755)
os.mkdir (self.seafile_conf_dir, 0o755)
os.mkdir (self.ccnet_conf_dir, 0o755)
src = join(self.projectdir, 'tests/conf/seahub_settings.py')
dst = join(self.central_conf_dir, 'seahub_settings.py')
shutil.copyfile(src, dst)
self.init_ccnet()
self.init_seafile()

8
common/merge-new.c
View File

@@ -71,9 +71,7 @@ merge_conflict_filename (const char *store_id, int version,
seaf_commit_unref (commit);
}
nickname = modifier;
if (seaf->seahub_pk)
nickname = get_nickname_by_modifier (opt->email_to_nickname, modifier);
nickname = get_nickname_by_modifier (opt->email_to_nickname, modifier);
conflict_name = gen_conflict_path (filename, nickname, mtime);
@@ -104,9 +102,7 @@ merge_conflict_dirname (const char *store_id, int version,
modifier = g_strdup(commit->creator_name);
seaf_commit_unref (commit);
nickname = modifier;
if (seaf->seahub_pk)
nickname = get_nickname_by_modifier (opt->email_to_nickname, modifier);
nickname = get_nickname_by_modifier (opt->email_to_nickname, modifier);
conflict_name = gen_conflict_path (dirname, nickname, (gint64)time(NULL));

36
common/seaf-utils.c
View File

@@ -386,31 +386,26 @@ load_ccnet_database_config (SeafileSession *session)
#ifdef FULL_FEATURE
void
load_seahub_private_key (SeafileSession *session, const char *conf_dir)
int
load_seahub_config (SeafileSession *session, const char *conf_dir)
{
char *conf_path = g_build_filename(conf_dir, "seahub_settings.py", NULL);
char *data = NULL;
GRegex *secret_key_regex = NULL;
GRegex *site_root_regex = NULL;
GError *error = NULL;
int ret = 0;
FILE *file = fopen(conf_path, "r");
if (!file) {
ret = -1;
seaf_warning ("Failed to open seahub_settings.py: %s\n", strerror(errno));
goto out;
}
secret_key_regex = g_regex_new ("SECRET_KEY\\s*=\\s*'(.+)'", 0, 0, &error);
if (error) {
g_clear_error (&error);
seaf_warning ("Failed to create secret key regex: %s\n", error->message);
goto out;
}
site_root_regex = g_regex_new ("SITE_ROOT\\s*=\\s*'(.+)'", 0, 0, &error);
if (error) {
g_clear_error (&error);
ret = -1;
seaf_warning ("Failed to create site root regex: %s\n", error->message);
goto out;
}
@@ -419,32 +414,25 @@ load_seahub_private_key (SeafileSession *session, const char *conf_dir)
char *site_root = NULL;
while (fgets(line, sizeof(line), file)) {
GMatchInfo *match_info;
if (g_regex_match (secret_key_regex, line, 0, &match_info)) {
char *sk = g_match_info_fetch (match_info, 1);
session->seahub_pk = sk;
}
if (g_regex_match (site_root_regex, line, 0, &match_info)) {
site_root = g_match_info_fetch (match_info, 1);
}
}
if (session->seahub_pk) {
if (site_root) {
session->seahub_url = g_strdup_printf("http://127.0.0.1:8000%sapi/v2.1/internal/user-list/", site_root);
} else {
session->seahub_url = g_strdup("http://127.0.0.1:8000/api/v2.1/internal/user-list/");
}
session->seahub_conn_pool = connection_pool_new ();
if (site_root) {
session->seahub_url = g_strdup_printf("http://127.0.0.1:8000%sapi/v2.1/internal/user-list/", site_root);
} else {
session->seahub_url = g_strdup("http://127.0.0.1:8000/api/v2.1/internal/user-list/");
}
session->seahub_conn_pool = connection_pool_new ();
out:
if (secret_key_regex)
g_regex_unref (secret_key_regex);
if (site_root_regex)
g_regex_unref (site_root_regex);
g_free (conf_path);
g_free (data);
return ret;
}
char *

4
common/seaf-utils.h
View File

@@ -17,8 +17,8 @@ int
load_ccnet_database_config (struct _SeafileSession *session);
#ifdef FULL_FEATURE
void
load_seahub_private_key (SeafileSession *session, const char *conf_dir);
int
load_seahub_config (SeafileSession *session, const char *conf_dir);
#endif
char *

1
server/gc/seafile-session.h
View File

@@ -24,7 +24,6 @@ struct _SeafileSession {
GKeyFile *ccnet_config;
SeafDB *db;
SeafDB *ccnet_db;
char *seahub_pk;
SeafBlockManager *block_mgr;
SeafFSManager *fs_mgr;

53
server/http-tx-mgr.c
View File

@@ -437,48 +437,6 @@ out:
return nickname;
}
static char *
gen_jwt_token ()
{
char *jwt_token = NULL;
gint64 now = (gint64)time(NULL);
jwt_t *jwt = NULL;
if (!seaf->seahub_pk) {
return NULL;
}
int ret = jwt_new (&jwt);
if (ret != 0 || jwt == NULL) {
seaf_warning ("Failed to create jwt\n");
goto out;
}
ret = jwt_add_grant_bool (jwt, "is_internal", TRUE);
if (ret != 0) {
seaf_warning ("Failed to add is_internal to jwt\n");
goto out;
}
ret = jwt_add_grant_int (jwt, "exp", now + 300);
if (ret != 0) {
seaf_warning ("Failed to add expire time to jwt\n");
goto out;
}
ret = jwt_set_alg (jwt, JWT_ALG_HS256, (unsigned char *)seaf->seahub_pk, strlen(seaf->seahub_pk));
if (ret != 0) {
seaf_warning ("Failed to set alg\n");
goto out;
}
jwt_token = jwt_encode_str (jwt);
out:
jwt_free (jwt);
return jwt_token;
}
char *
http_tx_manager_get_nickname (const char *modifier)
{
@@ -491,19 +449,12 @@ http_tx_manager_get_nickname (const char *modifier)
json_t *array = NULL;
int rsp_status;
char *req_content = NULL;
char *jwt_token = NULL;
char *rsp_content = NULL;
char *nickname = NULL;
gint64 rsp_size;
jwt_token = gen_jwt_token ();
if (!jwt_token) {
return NULL;
}
conn = connection_pool_get_connection (seaf->seahub_conn_pool);
if (!conn) {
g_free (jwt_token);
seaf_warning ("Failed to get connection: out of memory.\n");
return NULL;
}
@@ -522,13 +473,12 @@ http_tx_manager_get_nickname (const char *modifier)
curl = conn->curl;
headers = curl_slist_append (headers, "User-Agent: Seafile/"SEAFILE_CLIENT_VERSION" ("USER_AGENT_OS")");
token_header = g_strdup_printf ("Authorization: Token %s", jwt_token);
headers = curl_slist_append (headers, token_header);
headers = curl_slist_append (headers, "Content-Type: application/json");
g_free (token_header);
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
ret = http_post_common (curl, seaf->seahub_url, jwt_token, req_content, strlen(req_content),
ret = http_post_common (curl, seaf->seahub_url, NULL, req_content, strlen(req_content),
&rsp_status, &rsp_content, &rsp_size, TRUE, 1);
if (ret < 0) {
conn->release = TRUE;
@@ -543,7 +493,6 @@ http_tx_manager_get_nickname (const char *modifier)
nickname = parse_nickname (rsp_content, rsp_size);
out:
g_free (jwt_token);
g_free (req_content);
g_free (rsp_content);
connection_pool_return_connection (seaf->seahub_conn_pool, conn);

4
server/seafile-session.c
View File

@@ -218,7 +218,9 @@ seafile_session_new(const char *central_config_dir,
goto onerror;
}
load_seahub_private_key (session, abs_central_config_dir ? abs_central_config_dir : abs_seafile_dir);
if (load_seahub_config (session, abs_central_config_dir ? abs_central_config_dir : abs_seafile_dir) < 0) {
seaf_warning ("Failed to load seahub config.\n");
}
session->cfg_mgr = seaf_cfg_manager_new (session);
if (!session->cfg_mgr)

1
server/seafile-session.h
View File

@@ -48,7 +48,6 @@ struct _SeafileSession {
GKeyFile *ccnet_config;
SeafDB *db;
CcnetDB *ccnet_db;
char *seahub_pk;
char *seahub_url;
ConnectionPool *seahub_conn_pool;