haiwen/seafile-server
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-server.git synced 2025-09-10 11:48:53 +00:00
Code Issues Releases Wiki Activity

Add read JWT_PRIVATE_KEY (#690)

Browse Source 
* Add read JWT_PRIVATE_KEY

* Go add read JWT_PRIVATE_KEY

* Add seahub_settings.py

---------

Co-authored-by: 杨赫然 <heran.yang@seafile.com>
This commit is contained in:
feiniks
2024-09-03 18:43:11 +08:00
committed by GitHub
parent 1e8278122f
commit f3f818881f
8 changed files with 44 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ci/run.py
View File

@@ -62,6 +62,8 @@ def make_build_env():
_env_add('PKG_CONFIG_PATH', ccnet_dir)
_env_add('LD_LIBRARY_PATH', join(PREFIX, 'lib'))
_env_add('JWT_PRIVATE_KEY', '@%ukmcl$k=9u-grs4azdljk(sn0kd!=mzc17xd7x8#!u$1x@kl')
# Prepend the seafile-server/python to PYTHONPATH so we don't need to "make
# install" each time after editing python files.
_env_add('PYTHONPATH', join(SeafileServer().projectdir, 'python'))

28
common/seaf-utils.c
View File

@@ -386,31 +386,26 @@ load_ccnet_database_config (SeafileSession *session)
#ifdef FULL_FEATURE
void
load_seahub_private_key (SeafileSession *session, const char *conf_dir)
int
load_seahub_config (SeafileSession *session, const char *conf_dir)
{
char *conf_path = g_build_filename(conf_dir, "seahub_settings.py", NULL);
char *data = NULL;
GRegex *secret_key_regex = NULL;
GRegex *site_root_regex = NULL;
GError *error = NULL;
int ret = 0;
FILE *file = fopen(conf_path, "r");
if (!file) {
ret = -1;
seaf_warning ("Failed to open seahub_settings.py: %s\n", strerror(errno));
goto out;
}
secret_key_regex = g_regex_new ("SECRET_KEY\\s*=\\s*'(.+)'", 0, 0, &error);
if (error) {
g_clear_error (&error);
seaf_warning ("Failed to create secret key regex: %s\n", error->message);
goto out;
}
site_root_regex = g_regex_new ("SITE_ROOT\\s*=\\s*'(.+)'", 0, 0, &error);
if (error) {
g_clear_error (&error);
ret = -1;
seaf_warning ("Failed to create site root regex: %s\n", error->message);
goto out;
}
@@ -418,14 +413,7 @@ load_seahub_private_key (SeafileSession *session, const char *conf_dir)
char line[256];
char *site_root = NULL;
while (fgets(line, sizeof(line), file)) {
GMatchInfo *match_info = NULL;
if (g_regex_match (secret_key_regex, line, 0, &match_info)) {
char *sk = g_match_info_fetch (match_info, 1);
session->seahub_pk = sk;
}
g_match_info_free (match_info);
match_info = NULL;
GMatchInfo *match_info;
if (g_regex_match (site_root_regex, line, 0, &match_info)) {
site_root = g_match_info_fetch (match_info, 1);
}
@@ -445,12 +433,12 @@ load_seahub_private_key (SeafileSession *session, const char *conf_dir)
g_free (site_root);
out:
if (secret_key_regex)
g_regex_unref (secret_key_regex);
if (site_root_regex)
g_regex_unref (site_root_regex);
g_free (conf_path);
g_free (data);
return ret;
}
char *

4
common/seaf-utils.h
View File

@@ -17,8 +17,8 @@ int
load_ccnet_database_config (struct _SeafileSession *session);
#ifdef FULL_FEATURE
void
load_seahub_private_key (SeafileSession *session, const char *conf_dir);
int
load_seahub_config (SeafileSession *session, const char *conf_dir);
#endif
char *

35
fileserver/fileserver.go
View File

@@ -266,39 +266,31 @@ func loadSeafileDB() {
dbType = dbEngine
}
func loadSeahubPK() {
func loadSeahubConfig() error {
seahubPK = os.Getenv("JWT_PRIVATE_KEY")
if seahubPK == "" {
return fmt.Errorf("failed to read JWT_PRIVATE_KEY")
}
confPath := filepath.Join(centralDir, "seahub_settings.py")
file, err := os.Open(confPath)
if err != nil {
log.Warnf("Failed to open seahub_settings.py: %v", err)
return
return fmt.Errorf("Failed to open seahub_settings.py: %v", err)
}
defer file.Close()
scanner := bufio.NewScanner(file)
pkExp := "SECRET_KEY\\s*=\\s*'([^']*)'"
pkRe, err := regexp.Compile(pkExp)
if err != nil {
log.Warnf("Failed to compile regex: %v", err)
return
}
siteRootExpr := "SITE_ROOT\\s*=\\s*'([^']*)'"
siteRootRe, err := regexp.Compile(siteRootExpr)
if err != nil {
log.Warnf("Failed to compile regex: %v", err)
return
return fmt.Errorf("Failed to compile regex: %v", err)
}
siteRoot := ""
for scanner.Scan() {
line := scanner.Text()
matches := pkRe.FindStringSubmatch(line)
if matches != nil {
seahubPK = matches[1]
}
matches = siteRootRe.FindStringSubmatch(line)
matches := siteRootRe.FindStringSubmatch(line)
if matches != nil {
siteRoot = matches[1]
}
@@ -306,11 +298,10 @@ func loadSeahubPK() {
if siteRoot != "" {
seahubURL = fmt.Sprintf("http://127.0.0.1:8000%sapi/v2.1/internal", siteRoot)
} else {
seahubURL = ("http://127.0.0.1:8000/api/v2.1/internal")
}
if seahubPK == "" {
log.Warnf("No seahub private key is configured")
seahubURL = "http://127.0.0.1:8000/api/v2.1/internal"
}
return nil
}
func writePidFile(pid_file_path string) error {
@@ -411,7 +402,9 @@ func main() {
fp.Close()
}
loadSeahubPK()
if err := loadSeahubConfig(); err != nil {
log.Fatalf("Failed to read seahub config: %v", err)
}
repomgr.Init(seafileDB)

11
server/seaf-server.c
View File

@@ -1195,7 +1195,7 @@ test_seafile_config(const char *central_config_dir, const char *config_dir, cons
event_init ();
seaf = seafile_session_new (central_config_dir, seafile_dir, config_dir);
seaf = seafile_session_new (central_config_dir, seafile_dir, config_dir, NULL);
if (!seaf) {
fprintf (stderr, "Error: failed to create ccnet session\n");
return -1;
@@ -1220,6 +1220,7 @@ main (int argc, char **argv)
int daemon_mode = 1;
gboolean test_config = FALSE;
char *repo_id = NULL;
const char *private_key = NULL;
#ifdef WIN32
argv = get_argv_utf8 (&argc);
@@ -1315,6 +1316,12 @@ main (int argc, char **argv)
debug_str = g_getenv("SEAFILE_DEBUG");
seafile_debug_set_flags_string (debug_str);
private_key = g_getenv("JWT_PRIVATE_KEY");
if (!private_key) {
seaf_warning ("Failed to read JWT_PRIVATE_KEY.\n");
exit (1);
}
if (seafile_dir == NULL)
seafile_dir = g_build_filename (ccnet_dir, "seafile", NULL);
if (logfile == NULL)
@@ -1337,7 +1344,7 @@ main (int argc, char **argv)
exit (0);
}
seaf = seafile_session_new (central_config_dir, seafile_dir, ccnet_dir);
seaf = seafile_session_new (central_config_dir, seafile_dir, ccnet_dir, private_key);
if (!seaf) {
seaf_warning ("Failed to create seafile session.\n");
exit (1);

9
server/seafile-session.c
View File

@@ -107,7 +107,8 @@ load_fileserver_config (SeafileSession *session)
SeafileSession *
seafile_session_new(const char *central_config_dir,
const char *seafile_dir,
const char *ccnet_dir)
const char *ccnet_dir,
const char *private_key)
{
char *abs_central_config_dir = NULL;
char *abs_seafile_dir;
@@ -218,7 +219,11 @@ seafile_session_new(const char *central_config_dir,
goto onerror;
}
load_seahub_private_key (session, abs_central_config_dir ? abs_central_config_dir : abs_seafile_dir);
session->seahub_pk = g_strdup (private_key);
if (load_seahub_config (session, abs_central_config_dir ? abs_central_config_dir : abs_seafile_dir) < 0) {
seaf_warning ("Failed to load seahub config.\n");
goto onerror;
}
session->cfg_mgr = seaf_cfg_manager_new (session);
if (!session->cfg_mgr)

3
server/seafile-session.h
View File

@@ -103,7 +103,8 @@ extern SeafileSession *seaf;
SeafileSession *
seafile_session_new(const char *central_config_dir,
const char *seafile_dir,
const char *ccnet_dir);
const char *ccnet_dir,
const char *private_key);
SeafileSession *
seafile_repair_session_new(const char *central_config_dir,

1
tests/conf/seahub_settings.py
View File

@@ -1,2 +1 @@
SECRET_KEY='122h5qj(4&n2712ybr$0mn8x!#sz&(w2w*-zrxe&$!yrzbu9'
SITE_ROOT= '/seahub/'