mod_http_upload: Add "secret_length" option

The new "secret_length" option allows for specifying the length of the
random string included in the URLs generated by mod_http_upload.
This commit is contained in:
Holger Weiss 2015-08-22 00:45:45 +02:00
parent 216e244b6a
commit a17a554a8c
2 changed files with 17 additions and 4 deletions

View File

@ -66,6 +66,12 @@ The configurable mod_http_upload options are:
This option limits the acceptable file size. Either a number of bytes This option limits the acceptable file size. Either a number of bytes
(larger than zero) or 'infinity' must be specified. (larger than zero) or 'infinity' must be specified.
- secret_length (default: 40)
This option defines the length of the random string included in the GET
and PUT URLs generated by mod_http_upload. The minimum length is 8
characters, but it is recommended to choose a larger value.
- jid_in_url (default: 'sha1') - jid_in_url (default: 'sha1')
When this option is set to 'node', the node identifier of the user's JID When this option is set to 'node', the node identifier of the user's JID

View File

@ -75,6 +75,7 @@
name :: binary(), name :: binary(),
access :: atom(), access :: atom(),
max_size :: pos_integer() | infinity, max_size :: pos_integer() | infinity,
secret_length :: pos_integer(),
jid_in_url :: sha1 | node, jid_in_url :: sha1 | node,
docroot :: binary(), docroot :: binary(),
put_url :: binary(), put_url :: binary(),
@ -143,6 +144,8 @@ mod_opt_type(max_size) ->
fun (I) when is_integer(I), I > 0 -> I; fun (I) when is_integer(I), I > 0 -> I;
(infinity) -> infinity (infinity) -> infinity
end; end;
mod_opt_type(secret_length) ->
fun (I) when is_integer(I), I >= 8-> I end;
mod_opt_type(jid_in_url) -> mod_opt_type(jid_in_url) ->
fun(sha1) -> sha1; fun(sha1) -> sha1;
(node) -> node (node) -> node
@ -162,7 +165,7 @@ mod_opt_type(service_url) ->
(<<"https://", _/binary>> = URL) -> URL (<<"https://", _/binary>> = URL) -> URL
end; end;
mod_opt_type(_) -> mod_opt_type(_) ->
[host, name, access, max_size, jid_in_url, docroot, [host, name, access, max_size, secret_length, jid_in_url, docroot,
put_url, get_url, service_url]. put_url, get_url, service_url].
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
@ -182,6 +185,9 @@ init({ServerHost, Opts}) ->
fun (I) when is_integer(I), I > 0 -> I; fun (I) when is_integer(I), I > 0 -> I;
(infinity) -> infinity (infinity) -> infinity
end, 104857600), end, 104857600),
SecretLength = gen_mod:get_opt(secret_length, Opts,
fun(I) when is_integer(I), I >= 8 -> I end,
40),
JIDinURL = gen_mod:get_opt(jid_in_url, Opts, JIDinURL = gen_mod:get_opt(jid_in_url, Opts,
fun(sha1) -> sha1; fun(sha1) -> sha1;
(node) -> node (node) -> node
@ -222,7 +228,7 @@ init({ServerHost, Opts}) ->
ejabberd_router:register_route(Host), ejabberd_router:register_route(Host),
{ok, #state{server_host = ServerHost, host = Host, name = Name, {ok, #state{server_host = ServerHost, host = Host, name = Name,
access = Access, max_size = MaxSize, access = Access, max_size = MaxSize,
jid_in_url = JIDinURL, secret_length = SecretLength, jid_in_url = JIDinURL,
docroot = DocRoot, docroot = DocRoot,
put_url = str:strip(PutURL, right, $/), put_url = str:strip(PutURL, right, $/),
get_url = str:strip(GetURL, right, $/), get_url = str:strip(GetURL, right, $/),
@ -454,10 +460,11 @@ create_slot(#state{service_url = undefined, max_size = MaxSize},
[File, User, Size]), [File, User, Size]),
{error, ?ERRT_NOT_ACCEPTABLE(Lang, Text)}; {error, ?ERRT_NOT_ACCEPTABLE(Lang, Text)};
create_slot(#state{service_url = undefined, create_slot(#state{service_url = undefined,
jid_in_url = JIDinURL}, jid_in_url = JIDinURL,
secret_length = SecretLength},
User, File, _Size, _ContentType, _Lang) -> User, File, _Size, _ContentType, _Lang) ->
UserStr = make_user_string(User, JIDinURL), UserStr = make_user_string(User, JIDinURL),
RandStr = make_rand_string(40), RandStr = make_rand_string(SecretLength),
SaneFile = re:replace(File, <<"[^a-zA-Z0-9_.-]">>, <<$_>>, SaneFile = re:replace(File, <<"[^a-zA-Z0-9_.-]">>, <<$_>>,
[global, {return, binary}]), [global, {return, binary}]),
?INFO_MSG("Got HTTP upload slot for ~s (file: ~s)", [User, File]), ?INFO_MSG("Got HTTP upload slot for ~s (file: ~s)", [User, File]),