Skip to content
Browse files

Merge branch 'master' of github.com:bradfitz/batt

  • Loading branch information...
2 parents d85c6db + b0d92ae commit ab1f40587816f8168d37e965c51e09adf988e2d6 @adg adg committed Apr 24, 2012
Showing with 29 additions and 9 deletions.
  1. +29 −9 battd/battd.go
View
38 battd/battd.go
@@ -3,6 +3,7 @@ package main
import (
"bytes"
"crypto/rand"
+ "crypto/hmac"
"crypto/sha1"
"errors"
"flag"
@@ -36,7 +37,7 @@ var (
var homeTemplate = template.Must(template.New("home").Parse(`
<html>
<head>
- <title>build *all* the things!</title>
+ <title>gophorge</title>
</head>
<style>
body {
@@ -154,6 +155,10 @@ func accept(rw http.ResponseWriter, r *http.Request) {
http.Error(rw, "bad sha1", 400)
return
}
+ if q.Get("k") != hmacSHA1(qsha1) {
+ http.Error(rw, "bad hmac key", 400)
+ return
+ }
var buf bytes.Buffer
s1 := sha1.New()
@@ -318,10 +323,17 @@ func platforms() (s []string) {
return
}
+func randomBytes(n int) []byte {
+ b := make([]byte, n)
+ _, err := io.ReadFull(rand.Reader, b)
+ if err != nil {
+ panic(err)
+ }
+ return b
+}
+
func newHandle() string {
- randBuf := make([]byte, 16)
- io.ReadFull(rand.Reader, randBuf)
- return fmt.Sprintf("%x", randBuf)
+ return fmt.Sprintf("%x", randomBytes(16))
}
type BuildRequest struct {
@@ -403,26 +415,26 @@ func (w *Worker) loop() {
br.Res <- BuildResult{Error: errors.New(errText)}
continue
}
- sha1 := m.Get("sha1")
- rc, ok := findCachedSHA1(sha1)
+ sha := m.Get("sha1")
+ rc, ok := findCachedSHA1(sha)
if ok {
delete(outstanding, handle)
br.Res <- BuildResult{rc, m.Get("filename"), nil}
return
}
- registerSHA1Callback(sha1, func() {
+ registerSHA1Callback(sha, func() {
w.in <- func() {
delete(outstanding, handle)
- rc, ok := findCachedSHA1(sha1)
+ rc, ok := findCachedSHA1(sha)
if !ok {
br.Res <- BuildResult{Error: errors.New("missing expected sha1 file")}
return
}
br.Res <- BuildResult{rc, m.Get("filename"), nil}
}
})
- acceptURL := *baseURL + "/accept?size=" + m.Get("size") + "&sha1=" + sha1
+ acceptURL := *baseURL + "/accept?size=" + m.Get("size") + "&sha1=" + sha + "&k=" + hmacSHA1(sha)
w.Conn.Write(batt.Message{
Verb: "accept",
Values: url.Values{
@@ -450,6 +462,14 @@ func (w *Worker) loop() {
}
}
+var serverKey = randomBytes(128)
+
+func hmacSHA1(in string) string {
+ h := hmac.New(sha1.New, serverKey)
+ io.WriteString(h, in)
+ return fmt.Sprintf("%x", h.Sum(nil))
+}
+
var validSHA1 = regexp.MustCompile(`^[0-9a-f]{40,40}$`)
func findCachedSHA1(sha1 string) (io.ReadCloser, bool) {

0 comments on commit ab1f405

Please sign in to comment.
Something went wrong with that request. Please try again.