diff options
| author | Sjoerd Simons <sjoerd@luon.net> | 2016-10-17 22:35:40 +0200 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2016-11-05 17:34:09 +0000 |
| commit | 6303e2d67b7280fcafbf0c03cf5b09b0a0da72a4 (patch) | |
| tree | 3145ac6cb3bb94d0e6777ae24614043e6410fa35 /src/ostree/ot-builtin-trivial-httpd.c | |
| parent | be9a3a7a19336ba680bc5f4a7b62add4bbfddb81 (diff) | |
| download | ostree-6303e2d67b7280fcafbf0c03cf5b09b0a0da72a4.tar.gz | |
trivial-httpd: Add support for checking cookies
Allow passsing a list of cookie key/values to trivial-httpd which should
be provided to allow downloads
Closes: #531
Approved by: cgwalters
Diffstat (limited to 'src/ostree/ot-builtin-trivial-httpd.c')
| -rw-r--r-- | src/ostree/ot-builtin-trivial-httpd.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/src/ostree/ot-builtin-trivial-httpd.c b/src/ostree/ot-builtin-trivial-httpd.c index 2b6bda25..6e6415dd 100644 --- a/src/ostree/ot-builtin-trivial-httpd.c +++ b/src/ostree/ot-builtin-trivial-httpd.c @@ -44,6 +44,8 @@ static int opt_random_500s_percentage; static int opt_random_500s_max = 100; static gint opt_port = 0; +static gchar **opt_expected_cookies; + static guint emitted_random_500s_count = 0; typedef struct { @@ -61,6 +63,7 @@ static GOptionEntry options[] = { { "random-500s", 0, 0, G_OPTION_ARG_INT, &opt_random_500s_percentage, "Generate random HTTP 500 errors approximately for PERCENTAGE requests", "PERCENTAGE" }, { "random-500s-max", 0, 0, G_OPTION_ARG_INT, &opt_random_500s_max, "Limit HTTP 500 errors to MAX (default 100)", "MAX" }, { "log-file", 0, 0, G_OPTION_ARG_FILENAME, &opt_log, "Put logs here", "PATH" }, + { "expected-cookies", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_expected_cookies, "Expect given cookies in the http request", "KEY=VALUE" }, { NULL } }; @@ -199,6 +202,42 @@ do_get (OtTrivialHttpd *self, struct stat stbuf; httpd_log (self, "serving %s\n", path); + + if (opt_expected_cookies) + { + GSList *cookies = soup_cookies_from_request (msg); + GSList *l; + int i; + + for (i = 0 ; opt_expected_cookies[i] != NULL; i++) + { + gboolean found = FALSE; + gchar *k = opt_expected_cookies[i]; + gchar *v = strchr (k, '=') + 1; + + for (l = cookies; l != NULL ; l = g_slist_next (l)) + { + SoupCookie *c = l->data; + + if (!strncmp (k, soup_cookie_get_name (c), v - k - 1) && + !strcmp (v, soup_cookie_get_value (c))) + { + found = TRUE; + break; + } + } + + if (!found) + { + httpd_log (self, "Expected cookie not found %s\n", k); + soup_message_set_status (msg, SOUP_STATUS_FORBIDDEN); + soup_cookies_free (cookies); + goto out; + } + } + soup_cookies_free (cookies); + } + if (strstr (path, "../") != NULL) { soup_message_set_status (msg, SOUP_STATUS_FORBIDDEN); |