Partial redesigned of resolver away from exceptions and returning ERROR Values instead
Simplification of tftp_provisioner.php Signed-off-by: Diederik de Groot <ddegroot@talon.nl>
This commit is contained in:
Diederik de Groot
119
lib/resolver.php
119
lib/resolver.php
@@ -15,6 +15,17 @@ include_once("utils.php");
|
||||
|
||||
- Could use some more test-cases, especially error ones
|
||||
*/
|
||||
class ResolveResult {
|
||||
const Ok = 0;
|
||||
const EmptyRequest = 1;
|
||||
const RequestNotAString = 2;
|
||||
const RequestContainsInvalidChar = 3;
|
||||
const RequestContainsPathWalk = 4;
|
||||
const FileNotFound = 5;
|
||||
const InvalidFilename = 6;
|
||||
const InvalidPath = 7;
|
||||
}
|
||||
|
||||
class Resolver {
|
||||
private $isDirty = FALSE;
|
||||
private $cache = array();
|
||||
@@ -33,21 +44,31 @@ class Resolver {
|
||||
function __destruct() {
|
||||
// $this->printCache()
|
||||
if ($this->isDirty) {
|
||||
if (!is_writable($this->config['main']['cache_filename'])) {
|
||||
$this->log_error_and_throw("Could not write to file '".$this->config['cache_filename']."' at Resolver::destruct");
|
||||
}
|
||||
if (!file_put_contents($this->config['main']['cache_filename'], serialize($this->cache))) {
|
||||
$this->log_error_and_throw("Could not write to file '".$this->config['cache_filename']."' at Resolver::destruct");
|
||||
}
|
||||
}
|
||||
}
|
||||
function log_error_and_throw($message) {
|
||||
global $logger;
|
||||
$logger->log('LOG_ERROR', $message);
|
||||
throw new Exception($message);
|
||||
}
|
||||
function log_debug($message) {
|
||||
|
||||
public function log_debug($message) {
|
||||
global $logger;
|
||||
$logger->log('LOG_DEBUG', $message);
|
||||
}
|
||||
function searchForFile($filename) {
|
||||
|
||||
public function log_error($message) {
|
||||
global $logger;
|
||||
$logger->log('LOG_ERROR', $message);
|
||||
}
|
||||
|
||||
public function log_error_and_throw($message) {
|
||||
$this->log_error($message);
|
||||
throw new Exception($message);
|
||||
}
|
||||
|
||||
public function searchForFile($filename) {
|
||||
foreach($this->config['subdirs'] as $key => $value) {
|
||||
if ($key === "firmware" || $key === "tftproot" ) {
|
||||
continue;
|
||||
@@ -58,9 +79,11 @@ class Resolver {
|
||||
return $path;
|
||||
}
|
||||
}
|
||||
$this->log_error_and_throw("File '$filename' does not exist");
|
||||
$this->log_error("File '$filename' does not exist");
|
||||
return ResolveResult::FileNotFound;
|
||||
}
|
||||
function buildCleanCache() {
|
||||
|
||||
public function buildCleanCache() {
|
||||
foreach($this->config['subdirs'] as $key =>$value) {
|
||||
if ($key === "tftproot") {
|
||||
continue;
|
||||
@@ -81,50 +104,66 @@ class Resolver {
|
||||
}
|
||||
$this->isDirty = TRUE;
|
||||
}
|
||||
function addFile($requestpath, $truepath) {
|
||||
//$this->logger->log('LOG_DEBUG', "Adding $requestpath");
|
||||
|
||||
public function addFile($requestpath, $truepath) {
|
||||
$this->log_debug("Adding $requestpath");
|
||||
$this->cache[$requestpath] = $truepath;
|
||||
$this->isDirty =TRUE;
|
||||
}
|
||||
function removeFile($requestpath) {
|
||||
|
||||
public function removeFile($requestpath) {
|
||||
$this->log_debug("Removing $hash");
|
||||
unset($this->cache[$requestpath]);
|
||||
$this->isDirty = TRUE;
|
||||
}
|
||||
function validateRequest($request) {
|
||||
|
||||
public function validateRequest($request) {
|
||||
/* make sure request does not startwith or contain: "/", "../" or "/./" */
|
||||
/* make sure request only starts with filename or one of $config[$subdir]['locale'] or $config[$subdir]['wallpaper'] */
|
||||
/* check uri/url decode */
|
||||
if (!$request || empty($request)) {
|
||||
$this->log_error("Request is empty");
|
||||
return ResolveResult::EmptyRequest;
|
||||
}
|
||||
if (!is_string($request)) {
|
||||
$this->log_error_and_throw("Request is not a string");
|
||||
$this->log_error("Request is not a string");
|
||||
return ResolveResult::RequestNotAString;
|
||||
}
|
||||
$this->log_debug($request . ":" . escapeshellarg($request) . ":" . utf8_urldecode($request) . "\n");
|
||||
$escaped_request = escapeshellarg(utf8_urldecode($request));
|
||||
if ($escaped_request !== "'" . $request . "'") {
|
||||
$this->log_error_and_throw("Request '$request' contains invalid characters");
|
||||
$this->log_error("Request '$request' contains invalid characters");
|
||||
return ResolveResult::RequestContainsInvalidChar;
|
||||
}
|
||||
if (strstr($escaped_request, "..")) {
|
||||
$this->log_error_and_throw("Request '$request' containst '..'");
|
||||
$this->log_error("Request '$request' contains '..'");
|
||||
return ResolveResult::RequestContainsPathWalk;
|
||||
}
|
||||
return ResolveResult::Ok;
|
||||
}
|
||||
function resolve($request) /* canthrow */ {
|
||||
$this->validateRequest($request);
|
||||
|
||||
public function resolve($request) /* canthrow */ {
|
||||
$path = '';
|
||||
$result = $this->validateRequest($request);
|
||||
if ($result !== ResolveResult::Ok) {
|
||||
return $result;
|
||||
}
|
||||
if (array_key_exists($request, $this->cache)) {
|
||||
if ($path = $this->cache[$request]) {
|
||||
if (!file_exists($path)) {
|
||||
$this->removeFile($request);
|
||||
$this->log_error_and_throw("File '$request' does not exist on FS");
|
||||
$this->log_error("File '$request' does not exist on FS");
|
||||
return ResolveResult::FileNotFound;
|
||||
}
|
||||
return $path;
|
||||
}
|
||||
}
|
||||
if ($this->searchForFile($request)) {
|
||||
return $this->cache[$request];
|
||||
$path = $this->cache[$request];
|
||||
}
|
||||
return $path;
|
||||
}
|
||||
|
||||
/* temporary */
|
||||
function printCache() {
|
||||
print_r($this->cache);
|
||||
@@ -134,32 +173,36 @@ class Resolver {
|
||||
// Testing
|
||||
if(defined('STDIN') ) {
|
||||
$resolver = new Resolver($config);
|
||||
|
||||
$test_cases = Array(
|
||||
Array('request' => 'jar70sccp.9-4-2ES26.sbn', 'expected' => '/tftpboot/firmware/7970/jar70sccp.9-4-2ES26.sbn', 'throws' => FALSE),
|
||||
Array('request' => 'Russian_Russian_Federation/be-sccp.jar', 'expected' => '/tftpboot/locales/languages/Russian_Russian_Federation/be-sccp.jar', 'throws' => FALSE),
|
||||
Array('request' => 'Spain/g3-tones.xml', 'expected' => '/tftpboot/locales/countries/Spain/g3-tones.xml', 'throws' => FALSE),
|
||||
Array('request' => '320x196x4/Chan-SCCP-b.png', 'expected' => '/tftpboot/wallpapers/320x196x4/Chan-SCCP-b.png', 'throws' => FALSE),
|
||||
Array('request' => 'XMLDefault.cnf.xml', 'expected' => '/tftpboot/settings/bak/XMLDefault.cnf.xml', 'throws' => FALSE),
|
||||
Array('request' => '../XMLDefault.cnf.xml', 'expected' => '', 'throws' => TRUE),
|
||||
Array('request' => 'XMLDefault.cnf.xml/../../text.xml', 'expected' => '', 'throws' => TRUE),
|
||||
|
||||
Array('request' => 'jar70sccp.9-4-2ES26.sbn', 'expected' => '/tftpboot/firmware/7970/jar70sccp.9-4-2ES26.sbn'),
|
||||
Array('request' => 'Russian_Russian_Federation/be-sccp.jar', 'expected' => '/tftpboot/locales/languages/Russian_Russian_Federation/be-sccp.jar'),
|
||||
Array('request' => 'Spain/g3-tones.xml', 'expected' => '/tftpboot/locales/countries/Spain/g3-tones.xml'),
|
||||
Array('request' => '320x196x4/Chan-SCCP-b.png', 'expected' => '/tftpboot/wallpapers/320x196x4/Chan-SCCP-b.png'),
|
||||
Array('request' => 'XMLDefault.cnf.xml', 'expected' => '/tftpboot/settings/bak/XMLDefault.cnf.xml'),
|
||||
Array('request' => '../XMLDefault.cnf.xml', 'expected' => ResolveResult::RequestContainsPathWalk),
|
||||
Array('request' => 'XMLDefault.cnf.xml/../../text.xml', 'expected' => ResolveResult::RequestContainsPathWalk),
|
||||
);
|
||||
foreach($test_cases as $test) {
|
||||
try {
|
||||
$result = $resolver->resolve($test['request']);
|
||||
if ($result !== $base_path . $test['expected']) {
|
||||
print("Error: expected result does not match what we got\n");
|
||||
print("request:'".$test['request']."', result:'" . $base_path . $test['expected'] . "'\n");
|
||||
if (is_string($result)) {
|
||||
if ($result === $base_path . $test['expected']) {
|
||||
print("'" . $test['request'] . "' => '" . $result . "'\n");
|
||||
continue;
|
||||
}
|
||||
} else {
|
||||
print("'" . $test['request'] . "' => '" . $result . "'\n");
|
||||
if ($result === $test['expected']) {
|
||||
print("'" . $test['request'] . "' => '" . $result . "'\n");
|
||||
continue;
|
||||
}
|
||||
}
|
||||
print("Error: expected result does not match what we got\n");
|
||||
print("request:'".$test['request']."'\n");
|
||||
print("expected:'" . $base_path . $test['expected'] . "'\n");
|
||||
print("result:'" . $result . "'\n\n");
|
||||
} catch (Exception $e) {
|
||||
if (!$test['throws']) {
|
||||
print("Error: request was expected to throw: $e\n");
|
||||
} else {
|
||||
print("'" . $test['request'] . "' => throws error as expected\n");
|
||||
}
|
||||
print("'" . $test['request'] . "' => throws error as expected\n");
|
||||
print("Exception: " . $e->getMessage() . "\n");
|
||||
}
|
||||
}
|
||||
unset($resolver);
|
||||
|
||||
@@ -8,7 +8,7 @@ class TFTPProvisioner extends TFTPServer
|
||||
{
|
||||
private $_debug;
|
||||
private $_resolver;
|
||||
private $_filename;
|
||||
private $_settings_path;
|
||||
|
||||
function __construct($server_url, $config, $logger = NULL, $debug = false)
|
||||
{
|
||||
@@ -20,42 +20,32 @@ class TFTPProvisioner extends TFTPServer
|
||||
$this->_debug = $debug;
|
||||
$this->max_put_size = 60000000;
|
||||
$this->_resolver = new Resolver($config);
|
||||
}
|
||||
|
||||
public function exists($peer, $req_filename)
|
||||
{
|
||||
if (($this->_filename = $this->_resolver->resolve($req_filename))) {
|
||||
return file_exists($this->_filename);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public function readable($peer, $req_filename)
|
||||
{
|
||||
return is_readable($this->_filename);
|
||||
}
|
||||
|
||||
public function get($peer, $req_filename, $mode)
|
||||
{
|
||||
return file_get_contents($this->_filename);
|
||||
$this->_settings_path = $this->_config['main']['base_path'] . DIRECTORY_SEPARATOR
|
||||
. $this->_config['subdirs']['settings']['path'] . DIRECTORY_SEPARATOR;
|
||||
}
|
||||
|
||||
public function writable($peer, $req_filename)
|
||||
{
|
||||
// check $req_filename starts with 'settings/' (SPA phones can write to tftpboot)
|
||||
$settings_path = $this->_config['main']['base_path'] . DIRECTORY_SEPARATOR
|
||||
. $this->_config['subdirs']['settings']['path'] . DIRECTORY_SEPARATOR;
|
||||
$filename = $settings_path . basename($req_filename);
|
||||
if (is_writable($filename) || (!file_exists($filename) && is_writable($settings_path))) {
|
||||
$this->_filename = $filename;
|
||||
return true;
|
||||
$filename = $this->_settings_path . basename($req_filename);
|
||||
if (file_exists($filename)) {
|
||||
return is_writable($filename);
|
||||
}
|
||||
return is_writable($this->_settings_path);
|
||||
}
|
||||
|
||||
public function get($peer, $req_filename, $mode)
|
||||
{
|
||||
$filename = $this->_resolver->resolve($req_filename);
|
||||
if (file_exists($filename) && is_readable($filename))
|
||||
return file_get_contents($filename);
|
||||
return false;
|
||||
}
|
||||
|
||||
public function put($peer, $filename, $mode, $content)
|
||||
public function put($peer, $req_filename, $mode, $content)
|
||||
{
|
||||
return file_put_contents($this->_filename, $content);
|
||||
// (SPA phones can write to tftpboot -> redirect PUT request to 'settings' folder)
|
||||
$filename = $this->_settings_path . basename($req_filename);
|
||||
return file_put_contents($filename, $content);
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
Reference in New Issue
Block a user