From f6b66cd130e72d1edfc676d1a190a8962e4b75f1 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 26 Oct 2015 20:19:17 +0100 Subject: [PATCH 01/21] mod_http_upload: Support thumbnail generation Import thumbnail support from the mod_http_upload version shipped with ejabberd. --- mod_http_upload/README.txt | 7 ++ mod_http_upload/src/mod_http_upload.erl | 140 +++++++++++++++++++++--- 2 files changed, 133 insertions(+), 14 deletions(-) diff --git a/mod_http_upload/README.txt b/mod_http_upload/README.txt index dd2c3f5..49d503c 100644 --- a/mod_http_upload/README.txt +++ b/mod_http_upload/README.txt @@ -84,6 +84,13 @@ The configurable mod_http_upload options are: mod_http_upload. Otherwise, a SHA-1 hash of the user's bare JID is included instead. +- thumbnail: (default: 'true') + + This option specifies whether ejabberd should create thumbnails of + uploaded images. If a thumbnail is created, a element that + contains the download and some metadata is returned with the PUT + response. + - file_mode (default: 'undefined') This option defines the permission bits of uploaded files. The bits are diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index ab76b62..e15e742 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -90,10 +90,17 @@ put_url :: binary(), get_url :: binary(), service_url :: binary() | undefined, + thumbnail :: boolean(), slots = dict:new() :: term()}). % dict:dict() requires Erlang 17. +-record(media_info, + {type :: string(), + height :: integer(), + width :: integer()}). + -type state() :: #state{}. -type slot() :: [binary()]. +-type media_info() :: #media_info{}. %%-------------------------------------------------------------------- %% gen_mod/supervisor callbacks. @@ -188,10 +195,12 @@ mod_opt_type(custom_headers) -> end; mod_opt_type(rm_on_unregister) -> fun(B) when is_boolean(B) -> B end; +mod_opt_type(thumbnail) -> + fun(B) when is_boolean(B) -> B end; mod_opt_type(_) -> [host, name, access, max_size, secret_length, jid_in_url, file_mode, dir_mode, docroot, put_url, get_url, service_url, custom_headers, - rm_on_unregister]. + rm_on_unregister, thumbnail]. %%-------------------------------------------------------------------- %% gen_server callbacks. @@ -242,6 +251,9 @@ init({ServerHost, Opts}) -> fun(<<"http://", _/binary>> = URL) -> URL; (<<"https://", _/binary>> = URL) -> URL end), + Thumbnail = gen_mod:get_opt(thumbnail, Opts, + fun(B) when is_boolean(B) -> B end, + true), case ServiceURL of undefined -> ok; @@ -265,6 +277,7 @@ init({ServerHost, Opts}) -> access = Access, max_size = MaxSize, secret_length = SecretLength, jid_in_url = JIDinURL, file_mode = FileMode, dir_mode = DirMode, + thumbnail = Thumbnail, docroot = expand_home(str:strip(DocRoot, right, $/)), put_url = expand_host(str:strip(PutURL, right, $/), ServerHost), get_url = expand_host(str:strip(GetURL, right, $/), ServerHost), @@ -278,13 +291,16 @@ init({ServerHost, Opts}) -> handle_call({use_slot, Slot}, _From, #state{file_mode = FileMode, dir_mode = DirMode, + get_url = GetPrefix, + thumbnail = Thumbnail, docroot = DocRoot} = State) -> case get_slot(Slot, State) of {ok, {Size, Timer}} -> timer:cancel(Timer), NewState = del_slot(Slot, State), Path = str:join([DocRoot | Slot], <<$/>>), - {reply, {ok, Size, Path, FileMode, DirMode}, NewState}; + {reply, {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail}, + NewState}; error -> {reply, {error, <<"Invalid slot">>}, State} end; @@ -349,16 +365,20 @@ process(LocalPath, #request{method = 'PUT', host = Host, ip = IP, data = Data}) -> Proc = gen_mod:get_module_proc(Host, ?PROCNAME), case catch gen_server:call(Proc, {use_slot, LocalPath}) of - {ok, Size, Path, FileMode, DirMode} when byte_size(Data) == Size -> + {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail} + when byte_size(Data) == Size -> ?DEBUG("Storing file from ~s for ~s: ~s", [?ADDR_TO_STR(IP), Host, Path]), - case store_file(Path, Data, FileMode, DirMode) of - ok -> - http_response(Host, 201); - {error, Error} -> - ?ERROR_MSG("Cannot store file ~s from ~s for ~s: ~p", - [Path, ?ADDR_TO_STR(IP), Host, Error]), - http_response(Host, 500) + case store_file(Path, Data, FileMode, DirMode, + GetPrefix, LocalPath, Thumbnail) of + ok -> + http_response(Host, 201); + {ok, Headers, OutData} -> + http_response(Host, 201, Headers, OutData); + {error, Error} -> + ?ERROR_MSG("Cannot store file ~s from ~s for ~s: ~p", + [Path, ?ADDR_TO_STR(IP), Host, Error]), + http_response(Host, 500) end; {ok, Size, Path} -> ?INFO_MSG("Rejecting file ~s from ~s for ~s: Size is ~B, not ~B", @@ -701,12 +721,38 @@ iq_disco_info(Lang, Name) -> %% HTTP request handling. --spec store_file(file:filename_all(), binary(), - integer() | undefined, - integer() | undefined) +store_file(Path, Data, FileMode, DirMode, GetPrefix, LocalPath, Thumbnail) -> + case do_store_file(Path, Data, FileMode, DirMode) of + ok when Thumbnail -> + case identify(Path) of + {ok, MediaInfo} -> + case convert(Path, MediaInfo) of + pass -> + ok; + {ok, OutPath} -> + [UserDir, RandDir|_] = LocalPath, + FileName = filename:basename(OutPath), + URL = str:join([GetPrefix, UserDir, + RandDir, FileName], <<$/>>), + ThumbEl = thumb_el(OutPath, URL), + {ok, + [{<<"Content-Type">>, + <<"text/xml; charset=utf-8">>}], + xml:element_to_binary(ThumbEl)} + end; + {error, _} -> + ok + end; + ok -> + ok; + Err -> + Err + end. + +-spec do_store_file(file:filename_all(), binary(), integer(), integer()) -> ok | {error, term()}. -store_file(Path, Data, FileMode, DirMode) -> +do_store_file(Path, Data, FileMode, DirMode) -> try ok = filelib:ensure_dir(Path), {ok, Io} = file:open(Path, [write, exclusive, raw]), @@ -786,6 +832,72 @@ code_to_message(413) -> <<"File size doesn't match requested size.">>; code_to_message(500) -> <<"Internal server error.">>; code_to_message(_Code) -> <<"">>. +%%-------------------------------------------------------------------- +%% Image manipulation stuff +%%-------------------------------------------------------------------- +-spec identify(string()) -> {ok, media_info()} | {error, string()}. + +identify(Path) -> + Cmd = lists:flatten(io_lib:fwrite("identify -format \"ok %m %h %w\" ~s", + [Path])), + Res = os:cmd(Cmd), + case string:tokens(Res, " ") of + ["ok", T, H, W] -> + {ok, #media_info{ + type = string:to_lower(T), + height = list_to_integer(H), + width = list_to_integer(W)}}; + _ -> + ?ERROR_MSG("failed to identify type of ~s: ~s", [Path, Res]), + {error, Res} + end. + +-spec convert(string(), media_info()) -> {ok, string()} | pass. + +convert(Path, #media_info{type = T, width = W, height = H}) -> + if W*H >= 25000000 -> + ?DEBUG("the image ~s is more than 25 Mbpx", [Path]), + pass; + (W =< 300) and (H =< 300) -> + {ok, Path}; + T == "gif"; T == "jpeg"; T == "png"; T == "webp" -> + Dir = filename:dirname(Path), + FileName = binary_to_list(randoms:get_string()) ++ "." ++ T, + OutPath = filename:join(Dir, FileName), + Cmd = lists:flatten(io_lib:fwrite("convert -resize 300 ~s ~s", + [Path, OutPath])), + case os:cmd(Cmd) of + "" -> + {ok, OutPath}; + Err -> + ?ERROR_MSG("failed to convert ~s to ~s: ~s", + [Path, OutPath, Err]), + pass + end; + true -> + ?DEBUG("do not call 'convert' for unknown type ~s", [T]), + pass + end. + +-spec thumb_el(string(), binary()) -> xmlel(). + +thumb_el(Path, URI) -> + ContentType = guess_content_type(Path), + case identify(Path) of + {ok, #media_info{height = H, width = W}} -> + #xmlel{name = <<"thumbnail">>, + attrs = [{<<"xmlns">>, ?NS_THUMBS_1}, + {<<"media-type">>, ContentType}, + {<<"uri">>, URI}, + {<<"height">>, jlib:integer_to_binary(H)}, + {<<"width">>, jlib:integer_to_binary(W)}]}; + {error, _} -> + #xmlel{name = <<"thumbnail">>, + attrs = [{<<"xmlns">>, ?NS_THUMBS_1}, + {<<"uri">>, URI}, + {<<"media-type">>, ContentType}]} + end. + %%-------------------------------------------------------------------- %% Remove user. %%-------------------------------------------------------------------- From d29795fb24ffd674b24744326e49c359472e974c Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 26 Oct 2015 22:10:32 +0100 Subject: [PATCH 02/21] mod_http_upload: Strip newline from command output The list_to_integer/1 function doesn't cope with trailing newline characters. --- mod_http_upload/src/mod_http_upload.erl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index e15e742..fd7294c 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -840,7 +840,7 @@ code_to_message(_Code) -> <<"">>. identify(Path) -> Cmd = lists:flatten(io_lib:fwrite("identify -format \"ok %m %h %w\" ~s", [Path])), - Res = os:cmd(Cmd), + Res = string:strip(os:cmd(Cmd), right, $\n), case string:tokens(Res, " ") of ["ok", T, H, W] -> {ok, #media_info{ @@ -871,7 +871,7 @@ convert(Path, #media_info{type = T, width = W, height = H}) -> {ok, OutPath}; Err -> ?ERROR_MSG("failed to convert ~s to ~s: ~s", - [Path, OutPath, Err]), + [Path, OutPath, string:strip(Err, right, $\n)]), pass end; true -> From 08f7291a24aac43dc239c97b8892bbf2bbe87f4d Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 26 Oct 2015 22:30:58 +0100 Subject: [PATCH 03/21] mod_http_upload: Add/fix function specifications --- mod_http_upload/src/mod_http_upload.erl | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index fd7294c..c29bf53 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -721,6 +721,12 @@ iq_disco_info(Lang, Name) -> %% HTTP request handling. +-spec store_file(file:filename_all(), binary(), + integer() | undefined, + integer() | undefined, + binary(), binary(), boolean()) + -> ok | {ok, [{binary(), binary()}], binary()} | {error, term()}. + store_file(Path, Data, FileMode, DirMode, GetPrefix, LocalPath, Thumbnail) -> case do_store_file(Path, Data, FileMode, DirMode) of ok when Thumbnail -> @@ -749,7 +755,9 @@ store_file(Path, Data, FileMode, DirMode, GetPrefix, LocalPath, Thumbnail) -> Err end. --spec do_store_file(file:filename_all(), binary(), integer(), integer()) +-spec do_store_file(file:filename_all(), binary(), + integer() | undefined, + integer() | undefined) -> ok | {error, term()}. do_store_file(Path, Data, FileMode, DirMode) -> From 0b4e0e720e0a195b7591404a10cf4ac592edd779 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 26 Oct 2015 22:32:12 +0100 Subject: [PATCH 04/21] mod_http_upload: Fix string()/binary() type issue --- mod_http_upload/src/mod_http_upload.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index c29bf53..41b8841 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -890,7 +890,7 @@ convert(Path, #media_info{type = T, width = W, height = H}) -> -spec thumb_el(string(), binary()) -> xmlel(). thumb_el(Path, URI) -> - ContentType = guess_content_type(Path), + ContentType = guess_content_type(list_to_binary(Path)), case identify(Path) of {ok, #media_info{height = H, width = W}} -> #xmlel{name = <<"thumbnail">>, From d46ee127e7d66f2878c2480ecbf7cb6d8d778ed6 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Sun, 1 Nov 2015 23:29:22 +0100 Subject: [PATCH 05/21] mod_http_upload: Suppress error on non-image files Don't log an error (but only a debug) message if ImageMagick fails to indentify the file type for thumbnail creation. The image might be encrypted, or it could be a non-image file. --- mod_http_upload/src/mod_http_upload.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 41b8841..6c086f6 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -856,7 +856,7 @@ identify(Path) -> height = list_to_integer(H), width = list_to_integer(W)}}; _ -> - ?ERROR_MSG("failed to identify type of ~s: ~s", [Path, Res]), + ?DEBUG("failed to identify type of ~s: ~s", [Path, Res]), {error, Res} end. From 5359525d3cb5407fd8865cffda3a5be3c2bdb151 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 2 Nov 2015 01:12:10 +0100 Subject: [PATCH 06/21] mod_http_upload: Check availability of ImageMagick Log an error message during startup if the thumbnail option is enabled but ImageMagick is not installed. --- mod_http_upload/src/mod_http_upload.erl | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 6c086f6..3689a80 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -272,6 +272,18 @@ init({ServerHost, Opts}) -> Mode -> file:change_mode(DocRoot, Mode) end, + case Thumbnail of + true -> + case string:str(os:cmd("identify"), "Magick") of + 0 -> + ?ERROR_MSG("Cannot find 'identify' command, please install " + "ImageMagick or disable thumbnail creation", []); + _ -> + ok + end; + false -> + ok + end, ejabberd_router:register_route(Host), {ok, #state{server_host = ServerHost, host = Host, name = Name, access = Access, max_size = MaxSize, From 9cd4e405c81068200738e5a9edfd41525a6133f7 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 2 Nov 2015 23:46:31 +0100 Subject: [PATCH 07/21] mod_http_upload: Use binary strings in most places Switch to binary strings to fix a type issue, and for consistency. --- mod_http_upload/src/mod_http_upload.erl | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 3689a80..4b4c370 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -94,7 +94,7 @@ slots = dict:new() :: term()}). % dict:dict() requires Erlang 17. -record(media_info, - {type :: string(), + {type :: binary(), height :: integer(), width :: integer()}). @@ -733,7 +733,7 @@ iq_disco_info(Lang, Name) -> %% HTTP request handling. --spec store_file(file:filename_all(), binary(), +-spec store_file(binary(), binary(), integer() | undefined, integer() | undefined, binary(), binary(), boolean()) @@ -855,7 +855,7 @@ code_to_message(_Code) -> <<"">>. %%-------------------------------------------------------------------- %% Image manipulation stuff %%-------------------------------------------------------------------- --spec identify(string()) -> {ok, media_info()} | {error, string()}. +-spec identify(binary()) -> {ok, media_info()} | {error, binary()}. identify(Path) -> Cmd = lists:flatten(io_lib:fwrite("identify -format \"ok %m %h %w\" ~s", @@ -864,15 +864,15 @@ identify(Path) -> case string:tokens(Res, " ") of ["ok", T, H, W] -> {ok, #media_info{ - type = string:to_lower(T), + type = list_to_binary(string:to_lower(T)), height = list_to_integer(H), width = list_to_integer(W)}}; _ -> ?DEBUG("failed to identify type of ~s: ~s", [Path, Res]), - {error, Res} + {error, list_to_binary(Res)} end. --spec convert(string(), media_info()) -> {ok, string()} | pass. +-spec convert(binary(), media_info()) -> {ok, binary()} | pass. convert(Path, #media_info{type = T, width = W, height = H}) -> if W*H >= 25000000 -> @@ -880,9 +880,9 @@ convert(Path, #media_info{type = T, width = W, height = H}) -> pass; (W =< 300) and (H =< 300) -> {ok, Path}; - T == "gif"; T == "jpeg"; T == "png"; T == "webp" -> + T == <<"gif">>; T == <<"jpeg">>; T == <<"png">>; T == <<"webp">> -> Dir = filename:dirname(Path), - FileName = binary_to_list(randoms:get_string()) ++ "." ++ T, + FileName = <<(randoms:get_string())/binary, $., T/binary>>, OutPath = filename:join(Dir, FileName), Cmd = lists:flatten(io_lib:fwrite("convert -resize 300 ~s ~s", [Path, OutPath])), @@ -899,10 +899,10 @@ convert(Path, #media_info{type = T, width = W, height = H}) -> pass end. --spec thumb_el(string(), binary()) -> xmlel(). +-spec thumb_el(binary(), binary()) -> xmlel(). thumb_el(Path, URI) -> - ContentType = guess_content_type(list_to_binary(Path)), + ContentType = guess_content_type(Path), case identify(Path) of {ok, #media_info{height = H, width = W}} -> #xmlel{name = <<"thumbnail">>, From 1ee63657acfa9a7ae7ec9f7e700fede0557b258f Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 2 Nov 2015 23:46:58 +0100 Subject: [PATCH 08/21] mod_http_upload: Don't complain during shutdown Ignore the case where, for some reason, no process is found to be stopped. Closes #810. --- mod_http_upload/src/mod_http_upload.erl | 4 ++-- mod_http_upload/src/mod_http_upload_quota.erl | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 4b4c370..3d54ca3 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -148,8 +148,8 @@ stop(ServerHost) -> false -> ok end, Proc = get_proc_name(ServerHost, ?PROCNAME), - ok = supervisor:terminate_child(ejabberd_sup, Proc), - ok = supervisor:delete_child(ejabberd_sup, Proc). + supervisor:terminate_child(ejabberd_sup, Proc), + supervisor:delete_child(ejabberd_sup, Proc). -spec mod_opt_type(atom()) -> fun((term()) -> term()) | [atom()]. diff --git a/mod_http_upload/src/mod_http_upload_quota.erl b/mod_http_upload/src/mod_http_upload_quota.erl index 1b7828a..6ff8c84 100644 --- a/mod_http_upload/src/mod_http_upload_quota.erl +++ b/mod_http_upload/src/mod_http_upload_quota.erl @@ -75,8 +75,8 @@ start(ServerHost, Opts) -> stop(ServerHost) -> Proc = mod_http_upload:get_proc_name(ServerHost, ?PROCNAME), - ok = supervisor:terminate_child(ejabberd_sup, Proc), - ok = supervisor:delete_child(ejabberd_sup, Proc). + supervisor:terminate_child(ejabberd_sup, Proc), + supervisor:delete_child(ejabberd_sup, Proc). -spec mod_opt_type(atom()) -> fun((term()) -> term()) | [atom()]. From 73e945fd1d69cac5398be41a7feeb9a8a4676999 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Tue, 3 Nov 2015 00:00:44 +0100 Subject: [PATCH 09/21] mod_http_upload_quota: Omit info message The mod_http_upload_quota module attempts to delete a directory whenever it removes a file from that directory. However, if thumbnail creation is enabled, directories will often contain two files. Therefore, don't log an info (but only a debug) message if directory removal fails. --- mod_http_upload/src/mod_http_upload_quota.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod_http_upload/src/mod_http_upload_quota.erl b/mod_http_upload/src/mod_http_upload_quota.erl index 6ff8c84..7d8ff10 100644 --- a/mod_http_upload/src/mod_http_upload_quota.erl +++ b/mod_http_upload/src/mod_http_upload_quota.erl @@ -332,7 +332,7 @@ del_file_and_dir(File) -> ok -> ?DEBUG("Removed ~s", [Dir]); {error, Error} -> - ?INFO_MSG("Cannot remove ~s: ~s", [Dir, ?FORMAT(Error)]) + ?DEBUG("Cannot remove ~s: ~s", [Dir, ?FORMAT(Error)]) end; {error, Error} -> ?WARNING_MSG("Cannot remove ~s: ~s", [File, ?FORMAT(Error)]) From 8c470c6a01ab8ee12b7797eb245f8163692e469b Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 9 Nov 2015 18:41:31 +0100 Subject: [PATCH 10/21] mod_http_upload: Don't let identify/1 return error Let identify/1 return 'pass' when it failed to identify the file type, as this doesn't (necessarily) indicate an error condition. This also makes it consistent with the return value of convert/2. --- mod_http_upload/src/mod_http_upload.erl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 3d54ca3..37d3306 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -758,7 +758,7 @@ store_file(Path, Data, FileMode, DirMode, GetPrefix, LocalPath, Thumbnail) -> <<"text/xml; charset=utf-8">>}], xml:element_to_binary(ThumbEl)} end; - {error, _} -> + pass -> ok end; ok -> @@ -855,7 +855,7 @@ code_to_message(_Code) -> <<"">>. %%-------------------------------------------------------------------- %% Image manipulation stuff %%-------------------------------------------------------------------- --spec identify(binary()) -> {ok, media_info()} | {error, binary()}. +-spec identify(binary()) -> {ok, media_info()} | pass. identify(Path) -> Cmd = lists:flatten(io_lib:fwrite("identify -format \"ok %m %h %w\" ~s", @@ -869,7 +869,7 @@ identify(Path) -> width = list_to_integer(W)}}; _ -> ?DEBUG("failed to identify type of ~s: ~s", [Path, Res]), - {error, list_to_binary(Res)} + pass end. -spec convert(binary(), media_info()) -> {ok, binary()} | pass. @@ -911,7 +911,7 @@ thumb_el(Path, URI) -> {<<"uri">>, URI}, {<<"height">>, jlib:integer_to_binary(H)}, {<<"width">>, jlib:integer_to_binary(W)}]}; - {error, _} -> + pass -> #xmlel{name = <<"thumbnail">>, attrs = [{<<"xmlns">>, ?NS_THUMBS_1}, {<<"uri">>, URI}, From 0cfd521b7ab0a7b8de825012fb1c0874ed4c6e7b Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 9 Nov 2015 18:50:45 +0100 Subject: [PATCH 11/21] mod_http_upload: Don't flatten command strings --- mod_http_upload/src/mod_http_upload.erl | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 37d3306..912a7e9 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -858,8 +858,7 @@ code_to_message(_Code) -> <<"">>. -spec identify(binary()) -> {ok, media_info()} | pass. identify(Path) -> - Cmd = lists:flatten(io_lib:fwrite("identify -format \"ok %m %h %w\" ~s", - [Path])), + Cmd = io_lib:fwrite("identify -format \"ok %m %h %w\" ~s", [Path]), Res = string:strip(os:cmd(Cmd), right, $\n), case string:tokens(Res, " ") of ["ok", T, H, W] -> @@ -884,8 +883,7 @@ convert(Path, #media_info{type = T, width = W, height = H}) -> Dir = filename:dirname(Path), FileName = <<(randoms:get_string())/binary, $., T/binary>>, OutPath = filename:join(Dir, FileName), - Cmd = lists:flatten(io_lib:fwrite("convert -resize 300 ~s ~s", - [Path, OutPath])), + Cmd = io_lib:fwrite("convert -resize 300 ~s ~s", [Path, OutPath]), case os:cmd(Cmd) of "" -> {ok, OutPath}; From 0a24936e92a3a46932721930f3da705730cd7dbf Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 9 Nov 2015 19:12:08 +0100 Subject: [PATCH 12/21] mod_http_upload: Apply cosmetic changes --- mod_http_upload/src/mod_http_upload.erl | 42 ++++++++++++------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 912a7e9..1248321 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -99,7 +99,7 @@ width :: integer()}). -type state() :: #state{}. --type slot() :: [binary()]. +-type slot() :: [binary(), ...]. -type media_info() :: #media_info{}. %%-------------------------------------------------------------------- @@ -432,7 +432,7 @@ process(LocalPath, #request{method = Method, host = Host, ip = IP}) [Path, ?ADDR_TO_STR(IP)]), http_response(Host, 403); {error, enoent} -> - ?INFO_MSG("Cannot serve ~s to ~s: No such file or directory", + ?INFO_MSG("Cannot serve ~s to ~s: No such file", [Path, ?ADDR_TO_STR(IP)]), http_response(Host, 404); {error, eisdir} -> @@ -618,7 +618,7 @@ create_slot(#state{service_url = ServiceURL}, [jlib:jid_to_string(JID), File]), {ok, PutURL, GetURL}; Lines -> - ?ERROR_MSG("Cannot parse data received for ~s from <~s>: ~p", + ?ERROR_MSG("Can't parse data received for ~s from <~s>: ~p", [jlib:jid_to_string(JID), ServiceURL, Lines]), {error, ?ERR_SERVICE_UNAVAILABLE} end; @@ -736,7 +736,7 @@ iq_disco_info(Lang, Name) -> -spec store_file(binary(), binary(), integer() | undefined, integer() | undefined, - binary(), binary(), boolean()) + binary(), slot(), boolean()) -> ok | {ok, [{binary(), binary()}], binary()} | {error, term()}. store_file(Path, Data, FileMode, DirMode, GetPrefix, LocalPath, Thumbnail) -> @@ -745,10 +745,8 @@ store_file(Path, Data, FileMode, DirMode, GetPrefix, LocalPath, Thumbnail) -> case identify(Path) of {ok, MediaInfo} -> case convert(Path, MediaInfo) of - pass -> - ok; {ok, OutPath} -> - [UserDir, RandDir|_] = LocalPath, + [UserDir, RandDir | _] = LocalPath, FileName = filename:basename(OutPath), URL = str:join([GetPrefix, UserDir, RandDir, FileName], <<$/>>), @@ -756,7 +754,9 @@ store_file(Path, Data, FileMode, DirMode, GetPrefix, LocalPath, Thumbnail) -> {ok, [{<<"Content-Type">>, <<"text/xml; charset=utf-8">>}], - xml:element_to_binary(ThumbEl)} + xml:element_to_binary(ThumbEl)}; + pass -> + ok end; pass -> ok @@ -853,47 +853,47 @@ code_to_message(500) -> <<"Internal server error.">>; code_to_message(_Code) -> <<"">>. %%-------------------------------------------------------------------- -%% Image manipulation stuff +%% Image manipulation stuff. %%-------------------------------------------------------------------- + -spec identify(binary()) -> {ok, media_info()} | pass. identify(Path) -> - Cmd = io_lib:fwrite("identify -format \"ok %m %h %w\" ~s", [Path]), + Cmd = io_lib:format("identify -format 'ok %m %h %w' ~s", [Path]), Res = string:strip(os:cmd(Cmd), right, $\n), case string:tokens(Res, " ") of ["ok", T, H, W] -> - {ok, #media_info{ - type = list_to_binary(string:to_lower(T)), - height = list_to_integer(H), - width = list_to_integer(W)}}; + {ok, #media_info{type = list_to_binary(string:to_lower(T)), + height = list_to_integer(H), + width = list_to_integer(W)}}; _ -> - ?DEBUG("failed to identify type of ~s: ~s", [Path, Res]), + ?DEBUG("Cannot identify type of ~s: ~s", [Path, Res]), pass end. -spec convert(binary(), media_info()) -> {ok, binary()} | pass. convert(Path, #media_info{type = T, width = W, height = H}) -> - if W*H >= 25000000 -> - ?DEBUG("the image ~s is more than 25 Mbpx", [Path]), + if W * H >= 25000000 -> + ?DEBUG("The image ~s is more than 25 Mpix", [Path]), pass; - (W =< 300) and (H =< 300) -> + W =< 300, H =< 300 -> {ok, Path}; T == <<"gif">>; T == <<"jpeg">>; T == <<"png">>; T == <<"webp">> -> Dir = filename:dirname(Path), FileName = <<(randoms:get_string())/binary, $., T/binary>>, OutPath = filename:join(Dir, FileName), - Cmd = io_lib:fwrite("convert -resize 300 ~s ~s", [Path, OutPath]), + Cmd = io_lib:format("convert -resize 300 ~s ~s", [Path, OutPath]), case os:cmd(Cmd) of "" -> {ok, OutPath}; Err -> - ?ERROR_MSG("failed to convert ~s to ~s: ~s", + ?ERROR_MSG("Failed to convert ~s to ~s: ~s", [Path, OutPath, string:strip(Err, right, $\n)]), pass end; true -> - ?DEBUG("do not call 'convert' for unknown type ~s", [T]), + ?DEBUG("Won't call 'convert' for unknown type ~s", [T]), pass end. From ea4964dccd387ab76864cad7a514f9a0353d88fa Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 9 Nov 2015 19:23:52 +0100 Subject: [PATCH 13/21] mod_http_upload: Make case indentation consistent Use four spaces (or the corresponding amount of tab characters) for case indentation everywhere in mod_http_upload and mod_http_upload_quota. --- mod_http_upload/src/mod_http_upload.erl | 439 +++++++++--------- mod_http_upload/src/mod_http_upload_quota.erl | 153 +++--- 2 files changed, 300 insertions(+), 292 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 1248321..2d252b9 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -118,12 +118,13 @@ start(ServerHost, Opts) -> case gen_mod:get_opt(rm_on_unregister, Opts, fun(B) when is_boolean(B) -> B end, true) of - true -> - ejabberd_hooks:add(remove_user, ServerHost, ?MODULE, - remove_user, 50), - ejabberd_hooks:add(anonymous_purge_hook, ServerHost, ?MODULE, - remove_user, 50); - false -> ok + true -> + ejabberd_hooks:add(remove_user, ServerHost, ?MODULE, + remove_user, 50), + ejabberd_hooks:add(anonymous_purge_hook, ServerHost, ?MODULE, + remove_user, 50); + false -> + ok end, Proc = get_proc_name(ServerHost, ?PROCNAME), Spec = {Proc, @@ -140,12 +141,13 @@ stop(ServerHost) -> case gen_mod:get_module_opt(ServerHost, ?MODULE, rm_on_unregister, fun(B) when is_boolean(B) -> B end, true) of - true -> - ejabberd_hooks:delete(remove_user, ServerHost, ?MODULE, - remove_user, 50), - ejabberd_hooks:delete(anonymous_purge_hook, ServerHost, ?MODULE, - remove_user, 50); - false -> ok + true -> + ejabberd_hooks:delete(remove_user, ServerHost, ?MODULE, + remove_user, 50), + ejabberd_hooks:delete(anonymous_purge_hook, ServerHost, ?MODULE, + remove_user, 50); + false -> + ok end, Proc = get_proc_name(ServerHost, ?PROCNAME), supervisor:terminate_child(ejabberd_sup, Proc), @@ -255,34 +257,34 @@ init({ServerHost, Opts}) -> fun(B) when is_boolean(B) -> B end, true), case ServiceURL of - undefined -> - ok; - <<"http://", _/binary>> -> - application:start(inets); - <<"https://", _/binary>> -> - application:start(inets), - application:start(crypto), - application:start(asn1), - application:start(public_key), - application:start(ssl) + undefined -> + ok; + <<"http://", _/binary>> -> + application:start(inets); + <<"https://", _/binary>> -> + application:start(inets), + application:start(crypto), + application:start(asn1), + application:start(public_key), + application:start(ssl) end, case DirMode of - undefined -> - ok; - Mode -> - file:change_mode(DocRoot, Mode) + undefined -> + ok; + Mode -> + file:change_mode(DocRoot, Mode) end, case Thumbnail of - true -> - case string:str(os:cmd("identify"), "Magick") of - 0 -> - ?ERROR_MSG("Cannot find 'identify' command, please install " - "ImageMagick or disable thumbnail creation", []); - _ -> - ok - end; - false -> - ok + true -> + case string:str(os:cmd("identify"), "Magick") of + 0 -> + ?ERROR_MSG("Cannot find 'identify' command, please install " + "ImageMagick or disable thumbnail creation", []); + _ -> + ok + end; + false -> + ok end, ejabberd_router:register_route(Host), {ok, #state{server_host = ServerHost, host = Host, name = Name, @@ -307,14 +309,14 @@ handle_call({use_slot, Slot}, _From, #state{file_mode = FileMode, thumbnail = Thumbnail, docroot = DocRoot} = State) -> case get_slot(Slot, State) of - {ok, {Size, Timer}} -> - timer:cancel(Timer), - NewState = del_slot(Slot, State), - Path = str:join([DocRoot | Slot], <<$/>>), - {reply, {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail}, - NewState}; - error -> - {reply, {error, <<"Invalid slot">>}, State} + {ok, {Size, Timer}} -> + timer:cancel(Timer), + NewState = del_slot(Slot, State), + Path = str:join([DocRoot | Slot], <<$/>>), + {reply, {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail}, + NewState}; + error -> + {reply, {error, <<"Invalid slot">>}, State} end; handle_call(get_docroot, _From, #state{docroot = DocRoot} = State) -> {reply, {ok, DocRoot}, State}; @@ -333,12 +335,12 @@ handle_cast(Request, State) -> handle_info({route, From, To, #xmlel{name = <<"iq">>} = Stanza}, State) -> Request = jlib:iq_query_info(Stanza), {Reply, NewState} = case process_iq(From, Request, State) of - R when is_record(R, iq) -> - {R, State}; - {R, S} -> - {R, S}; - not_request -> - {none, State} + R when is_record(R, iq) -> + {R, State}; + {R, S} -> + {R, S}; + not_request -> + {none, State} end, if Reply /= none -> ejabberd_router:route(To, From, jlib:iq_to_xml(Reply)); @@ -377,77 +379,77 @@ process(LocalPath, #request{method = 'PUT', host = Host, ip = IP, data = Data}) -> Proc = gen_mod:get_module_proc(Host, ?PROCNAME), case catch gen_server:call(Proc, {use_slot, LocalPath}) of - {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail} - when byte_size(Data) == Size -> - ?DEBUG("Storing file from ~s for ~s: ~s", - [?ADDR_TO_STR(IP), Host, Path]), - case store_file(Path, Data, FileMode, DirMode, - GetPrefix, LocalPath, Thumbnail) of - ok -> - http_response(Host, 201); - {ok, Headers, OutData} -> - http_response(Host, 201, Headers, OutData); - {error, Error} -> - ?ERROR_MSG("Cannot store file ~s from ~s for ~s: ~p", - [Path, ?ADDR_TO_STR(IP), Host, Error]), - http_response(Host, 500) - end; - {ok, Size, Path} -> - ?INFO_MSG("Rejecting file ~s from ~s for ~s: Size is ~B, not ~B", - [Path, ?ADDR_TO_STR(IP), Host, byte_size(Data), Size]), - http_response(Host, 413); - {error, Error} -> - ?INFO_MSG("Rejecting file from ~s for ~s: ~p", - [?ADDR_TO_STR(IP), Host, Error]), - http_response(Host, 403); - Error -> - ?ERROR_MSG("Cannot handle PUT request from ~s for ~s: ~p", - [?ADDR_TO_STR(IP), Host, Error]), - http_response(Host, 500) + {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail} + when byte_size(Data) == Size -> + ?DEBUG("Storing file from ~s for ~s: ~s", + [?ADDR_TO_STR(IP), Host, Path]), + case store_file(Path, Data, FileMode, DirMode, + GetPrefix, LocalPath, Thumbnail) of + ok -> + http_response(Host, 201); + {ok, Headers, OutData} -> + http_response(Host, 201, Headers, OutData); + {error, Error} -> + ?ERROR_MSG("Cannot store file ~s from ~s for ~s: ~p", + [Path, ?ADDR_TO_STR(IP), Host, Error]), + http_response(Host, 500) + end; + {ok, Size, Path} -> + ?INFO_MSG("Rejecting file ~s from ~s for ~s: Size is ~B, not ~B", + [Path, ?ADDR_TO_STR(IP), Host, byte_size(Data), Size]), + http_response(Host, 413); + {error, Error} -> + ?INFO_MSG("Rejecting file from ~s for ~s: ~p", + [?ADDR_TO_STR(IP), Host, Error]), + http_response(Host, 403); + Error -> + ?ERROR_MSG("Cannot handle PUT request from ~s for ~s: ~p", + [?ADDR_TO_STR(IP), Host, Error]), + http_response(Host, 500) end; process(LocalPath, #request{method = Method, host = Host, ip = IP}) when Method == 'GET'; Method == 'HEAD' -> Proc = gen_mod:get_module_proc(Host, ?PROCNAME), case catch gen_server:call(Proc, get_docroot) of - {ok, DocRoot} -> - Path = str:join([DocRoot | LocalPath], <<$/>>), - case file:read_file(Path) of - {ok, Data} -> - ?INFO_MSG("Serving ~s to ~s", [Path, ?ADDR_TO_STR(IP)]), - FileName = lists:last(LocalPath), - ContentType = guess_content_type(FileName), - Headers1 = case ContentType of - <<"image/", _SubType/binary>> -> []; - <<"text/", _SubType/binary>> -> []; - _ -> - [{<<"Content-Disposition">>, - <<"attachment; filename=", - $", FileName/binary, $">>}] - end, - Headers2 = [{<<"Content-Type">>, ContentType} | Headers1], - http_response(Host, 200, Headers2, Data); - {error, eacces} -> - ?INFO_MSG("Cannot serve ~s to ~s: Permission denied", - [Path, ?ADDR_TO_STR(IP)]), - http_response(Host, 403); - {error, enoent} -> - ?INFO_MSG("Cannot serve ~s to ~s: No such file", - [Path, ?ADDR_TO_STR(IP)]), - http_response(Host, 404); - {error, eisdir} -> - ?INFO_MSG("Cannot serve ~s to ~s: Is a directory", - [Path, ?ADDR_TO_STR(IP)]), - http_response(Host, 404); - {error, Error} -> - ?INFO_MSG("Cannot serve ~s to ~s: ~s", - [Path, ?ADDR_TO_STR(IP), ?FORMAT(Error)]), - http_response(Host, 500) - end; - Error -> - ?ERROR_MSG("Cannot handle ~s request from ~s for ~s: ~p", - [Method, ?ADDR_TO_STR(IP), Host, Error]), - http_response(Host, 500) + {ok, DocRoot} -> + Path = str:join([DocRoot | LocalPath], <<$/>>), + case file:read_file(Path) of + {ok, Data} -> + ?INFO_MSG("Serving ~s to ~s", [Path, ?ADDR_TO_STR(IP)]), + FileName = lists:last(LocalPath), + ContentType = guess_content_type(FileName), + Headers1 = case ContentType of + <<"image/", _SubType/binary>> -> []; + <<"text/", _SubType/binary>> -> []; + _ -> + [{<<"Content-Disposition">>, + <<"attachment; filename=", + $", FileName/binary, $">>}] + end, + Headers2 = [{<<"Content-Type">>, ContentType} | Headers1], + http_response(Host, 200, Headers2, Data); + {error, eacces} -> + ?INFO_MSG("Cannot serve ~s to ~s: Permission denied", + [Path, ?ADDR_TO_STR(IP)]), + http_response(Host, 403); + {error, enoent} -> + ?INFO_MSG("Cannot serve ~s to ~s: No such file", + [Path, ?ADDR_TO_STR(IP)]), + http_response(Host, 404); + {error, eisdir} -> + ?INFO_MSG("Cannot serve ~s to ~s: Is a directory", + [Path, ?ADDR_TO_STR(IP)]), + http_response(Host, 404); + {error, Error} -> + ?INFO_MSG("Cannot serve ~s to ~s: ~s", + [Path, ?ADDR_TO_STR(IP), ?FORMAT(Error)]), + http_response(Host, 500) + end; + Error -> + ?ERROR_MSG("Cannot handle ~s request from ~s for ~s: ~p", + [Method, ?ADDR_TO_STR(IP), Host, Error]), + http_response(Host, 500) end; process(_LocalPath, #request{method = 'OPTIONS', host = Host, ip = IP}) -> ?DEBUG("Responding to OPTIONS request from ~s for ~s", @@ -507,31 +509,33 @@ process_iq(From, when XMLNS == ?NS_HTTP_UPLOAD; XMLNS == ?NS_HTTP_UPLOAD_OLD -> case acl:match_rule(ServerHost, Access, From) of - allow -> - case parse_request(SubEl, Lang) of - {ok, File, Size, ContentType} -> - case create_slot(State, From, File, Size, ContentType, Lang) of - {ok, Slot} -> - {ok, Timer} = timer:send_after(?SLOT_TIMEOUT, - {slot_timed_out, Slot}), - NewState = add_slot(Slot, Size, Timer, State), - SlotEl = slot_el(Slot, State, XMLNS), - {IQ#iq{type = result, sub_el = [SlotEl]}, NewState}; - {ok, PutURL, GetURL} -> - SlotEl = slot_el(PutURL, GetURL, XMLNS), - IQ#iq{type = result, sub_el = [SlotEl]}; - {error, Error} -> - IQ#iq{type = error, sub_el = [SubEl, Error]} - end; - {error, Error} -> - ?DEBUG("Cannot parse request from ~s", - [jlib:jid_to_string(From)]), - IQ#iq{type = error, sub_el = [SubEl, Error]} - end; - deny -> - ?DEBUG("Denying HTTP upload slot request from ~s", - [jlib:jid_to_string(From)]), - IQ#iq{type = error, sub_el = [SubEl, ?ERR_FORBIDDEN]} + allow -> + case parse_request(SubEl, Lang) of + {ok, File, Size, ContentType} -> + case create_slot(State, From, File, Size, ContentType, + Lang) of + {ok, Slot} -> + {ok, Timer} = timer:send_after(?SLOT_TIMEOUT, + {slot_timed_out, + Slot}), + NewState = add_slot(Slot, Size, Timer, State), + SlotEl = slot_el(Slot, State, XMLNS), + {IQ#iq{type = result, sub_el = [SlotEl]}, NewState}; + {ok, PutURL, GetURL} -> + SlotEl = slot_el(PutURL, GetURL, XMLNS), + IQ#iq{type = result, sub_el = [SlotEl]}; + {error, Error} -> + IQ#iq{type = error, sub_el = [SubEl, Error]} + end; + {error, Error} -> + ?DEBUG("Cannot parse request from ~s", + [jlib:jid_to_string(From)]), + IQ#iq{type = error, sub_el = [SubEl, Error]} + end; + deny -> + ?DEBUG("Denying HTTP upload slot request from ~s", + [jlib:jid_to_string(From)]), + IQ#iq{type = error, sub_el = [SubEl, ?ERR_FORBIDDEN]} end; process_iq(_From, #iq{sub_el = SubEl} = IQ, _State) -> IQ#iq{type = error, sub_el = [SubEl, ?ERR_NOT_ALLOWED]}; @@ -545,25 +549,25 @@ process_iq(_From, invalid, _State) -> parse_request(#xmlel{name = <<"request">>, attrs = Attrs} = Request, Lang) -> case xml:get_attr(<<"xmlns">>, Attrs) of - {value, XMLNS} when XMLNS == ?NS_HTTP_UPLOAD; - XMLNS == ?NS_HTTP_UPLOAD_OLD -> - case {xml:get_subtag_cdata(Request, <<"filename">>), - xml:get_subtag_cdata(Request, <<"size">>), - xml:get_subtag_cdata(Request, <<"content-type">>)} of - {File, SizeStr, ContentType} when byte_size(File) > 0 -> - case catch jlib:binary_to_integer(SizeStr) of - Size when is_integer(Size), Size > 0 -> - {ok, File, Size, yield_content_type(ContentType)}; - _ -> - Text = <<"Please specify file size.">>, - {error, ?ERRT_BAD_REQUEST(Lang, Text)} - end; - _ -> - Text = <<"Please specify file name.">>, - {error, ?ERRT_BAD_REQUEST(Lang, Text)} - end; - _ -> - {error, ?ERR_BAD_REQUEST} + {value, XMLNS} when XMLNS == ?NS_HTTP_UPLOAD; + XMLNS == ?NS_HTTP_UPLOAD_OLD -> + case {xml:get_subtag_cdata(Request, <<"filename">>), + xml:get_subtag_cdata(Request, <<"size">>), + xml:get_subtag_cdata(Request, <<"content-type">>)} of + {File, SizeStr, ContentType} when byte_size(File) > 0 -> + case catch jlib:binary_to_integer(SizeStr) of + Size when is_integer(Size), Size > 0 -> + {ok, File, Size, yield_content_type(ContentType)}; + _ -> + Text = <<"Please specify file size.">>, + {error, ?ERRT_BAD_REQUEST(Lang, Text)} + end; + _ -> + Text = <<"Please specify file name.">>, + {error, ?ERRT_BAD_REQUEST(Lang, Text)} + end; + _ -> + {error, ?ERR_BAD_REQUEST} end; parse_request(_El, _Lang) -> {error, ?ERR_BAD_REQUEST}. @@ -588,16 +592,16 @@ create_slot(#state{service_url = undefined, UserDir = <>, case ejabberd_hooks:run_fold(http_upload_slot_request, ServerHost, allow, [JID, UserDir, Size, Lang]) of - allow -> - RandStr = make_rand_string(SecretLength), - FileStr = make_file_string(File), - ?INFO_MSG("Got HTTP upload slot for ~s (file: ~s)", - [jlib:jid_to_string(JID), File]), - {ok, [UserStr, RandStr, FileStr]}; - deny -> - {error, ?ERR_SERVICE_UNAVAILABLE}; - #xmlel{} = Error -> - {error, Error} + allow -> + RandStr = make_rand_string(SecretLength), + FileStr = make_file_string(File), + ?INFO_MSG("Got HTTP upload slot for ~s (file: ~s)", + [jlib:jid_to_string(JID), File]), + {ok, [UserStr, RandStr, FileStr]}; + deny -> + {error, ?ERR_SERVICE_UNAVAILABLE}; + #xmlel{} = Error -> + {error, Error} end; create_slot(#state{service_url = ServiceURL}, #jid{luser = U, lserver = S} = JID, File, Size, ContentType, @@ -611,37 +615,38 @@ create_slot(#state{service_url = ServiceURL}, "&size=" ++ ?URL_ENC(SizeStr) ++ "&content_type=" ++ ?URL_ENC(ContentType), case httpc:request(get, {GetRequest, []}, HttpOptions, Options) of - {ok, {Code, Body}} when Code >= 200, Code =< 299 -> - case binary:split(Body, <<$\n>>, [global, trim]) of - [<<"http", _/binary>> = PutURL, <<"http", _/binary>> = GetURL] -> - ?INFO_MSG("Got HTTP upload slot for ~s (file: ~s)", - [jlib:jid_to_string(JID), File]), - {ok, PutURL, GetURL}; - Lines -> - ?ERROR_MSG("Can't parse data received for ~s from <~s>: ~p", - [jlib:jid_to_string(JID), ServiceURL, Lines]), - {error, ?ERR_SERVICE_UNAVAILABLE} - end; - {ok, {402, _Body}} -> - ?INFO_MSG("Got status code 402 for ~s from <~s>", - [jlib:jid_to_string(JID), ServiceURL]), - {error, ?ERR_RESOURCE_CONSTRAINT}; - {ok, {403, _Body}} -> - ?INFO_MSG("Got status code 403 for ~s from <~s>", - [jlib:jid_to_string(JID), ServiceURL]), - {error, ?ERR_NOT_ALLOWED}; - {ok, {413, _Body}} -> - ?INFO_MSG("Got status code 413 for ~s from <~s>", - [jlib:jid_to_string(JID), ServiceURL]), - {error, ?ERR_NOT_ACCEPTABLE}; - {ok, {Code, _Body}} -> - ?ERROR_MSG("Got unexpected status code for ~s from <~s>: ~B", - [jlib:jid_to_string(JID), ServiceURL, Code]), - {error, ?ERR_SERVICE_UNAVAILABLE}; - {error, Reason} -> - ?ERROR_MSG("Error requesting upload slot for ~s from <~s>: ~p", - [jlib:jid_to_string(JID), ServiceURL, Reason]), - {error, ?ERR_SERVICE_UNAVAILABLE} + {ok, {Code, Body}} when Code >= 200, Code =< 299 -> + case binary:split(Body, <<$\n>>, [global, trim]) of + [<<"http", _/binary>> = PutURL, + <<"http", _/binary>> = GetURL] -> + ?INFO_MSG("Got HTTP upload slot for ~s (file: ~s)", + [jlib:jid_to_string(JID), File]), + {ok, PutURL, GetURL}; + Lines -> + ?ERROR_MSG("Can't parse data received for ~s from <~s>: ~p", + [jlib:jid_to_string(JID), ServiceURL, Lines]), + {error, ?ERR_SERVICE_UNAVAILABLE} + end; + {ok, {402, _Body}} -> + ?INFO_MSG("Got status code 402 for ~s from <~s>", + [jlib:jid_to_string(JID), ServiceURL]), + {error, ?ERR_RESOURCE_CONSTRAINT}; + {ok, {403, _Body}} -> + ?INFO_MSG("Got status code 403 for ~s from <~s>", + [jlib:jid_to_string(JID), ServiceURL]), + {error, ?ERR_NOT_ALLOWED}; + {ok, {413, _Body}} -> + ?INFO_MSG("Got status code 413 for ~s from <~s>", + [jlib:jid_to_string(JID), ServiceURL]), + {error, ?ERR_NOT_ACCEPTABLE}; + {ok, {Code, _Body}} -> + ?ERROR_MSG("Got unexpected status code for ~s from <~s>: ~B", + [jlib:jid_to_string(JID), ServiceURL, Code]), + {error, ?ERR_SERVICE_UNAVAILABLE}; + {error, Reason} -> + ?ERROR_MSG("Error requesting upload slot for ~s from <~s>: ~p", + [jlib:jid_to_string(JID), ServiceURL, Reason]), + {error, ?ERR_SERVICE_UNAVAILABLE} end. -spec add_slot(slot(), pos_integer(), timer:tref(), state()) -> state(). @@ -793,10 +798,10 @@ do_store_file(Path, Data, FileMode, DirMode) -> end, ok = Ok % Raise an exception if file:write/2 failed. catch - _:{badmatch, {error, Error}} -> - {error, ?FORMAT(Error)}; - _:Error -> - {error, Error} + _:{badmatch, {error, Error}} -> + {error, ?FORMAT(Error)}; + _:Error -> + {error, Error} end. -spec guess_content_type(binary()) -> binary(). @@ -834,11 +839,11 @@ http_response(Host, Code, ExtraHeaders, Body) -> end, []), Headers = case proplists:is_defined(<<"Content-Type">>, ExtraHeaders) of - true -> - [ServerHeader | ExtraHeaders]; - false -> - [ServerHeader, {<<"Content-Type">>, <<"text/plain">>} | - ExtraHeaders] + true -> + [ServerHeader | ExtraHeaders]; + false -> + [ServerHeader, {<<"Content-Type">>, <<"text/plain">>} | + ExtraHeaders] end ++ CustomHeaders, {Code, Headers, Body}. @@ -954,16 +959,16 @@ del_tree(Dir) -> {ok, Entries} = file:list_dir(Dir), lists:foreach(fun(Path) -> case filelib:is_dir(Path) of - true -> - ok = del_tree(Path); - false -> - ok = file:delete(Path) + true -> + ok = del_tree(Path); + false -> + ok = file:delete(Path) end end, [Dir ++ "/" ++ Entry || Entry <- Entries]), ok = file:del_dir(Dir) catch - _:{badmatch, {error, Error}} -> - {error, ?FORMAT(Error)}; - _:Error -> - {error, Error} + _:{badmatch, {error, Error}} -> + {error, ?FORMAT(Error)}; + _:Error -> + {error, Error} end. diff --git a/mod_http_upload/src/mod_http_upload_quota.erl b/mod_http_upload/src/mod_http_upload_quota.erl index 7d8ff10..8b78dec 100644 --- a/mod_http_upload/src/mod_http_upload_quota.erl +++ b/mod_http_upload/src/mod_http_upload_quota.erl @@ -143,42 +143,42 @@ handle_cast({handle_slot_request, #jid{user = U, server = S} = JID, Path, Size}, access_hard_quota = AccessHardQuota, disk_usage = DiskUsage} = State) -> HardQuota = case acl:match_rule(ServerHost, AccessHardQuota, JID) of - Hard when is_integer(Hard), Hard > 0 -> - Hard * 1024 * 1024; - _ -> - 0 + Hard when is_integer(Hard), Hard > 0 -> + Hard * 1024 * 1024; + _ -> + 0 end, SoftQuota = case acl:match_rule(ServerHost, AccessSoftQuota, JID) of - Soft when is_integer(Soft), Soft > 0 -> - Soft * 1024 * 1024; - _ -> - 0 + Soft when is_integer(Soft), Soft > 0 -> + Soft * 1024 * 1024; + _ -> + 0 end, OldSize = case dict:find({U, S}, DiskUsage) of - {ok, Value} -> - Value; - error -> - undefined + {ok, Value} -> + Value; + error -> + undefined end, NewSize = case {HardQuota, SoftQuota} of - {0, 0} -> - ?DEBUG("No quota specified for ~s", - [jlib:jid_to_string(JID)]), - Size; - {0, _} -> + {0, 0} -> + ?DEBUG("No quota specified for ~s", + [jlib:jid_to_string(JID)]), + Size; + {0, _} -> ?WARNING_MSG("No hard quota specified for ~s", [jlib:jid_to_string(JID)]), enforce_quota(Path, Size, OldSize, SoftQuota, SoftQuota); - {_, 0} -> + {_, 0} -> ?WARNING_MSG("No soft quota specified for ~s", [jlib:jid_to_string(JID)]), enforce_quota(Path, Size, OldSize, HardQuota, HardQuota); - _ when SoftQuota > HardQuota -> + _ when SoftQuota > HardQuota -> ?WARNING_MSG("Bad quota for ~s (soft: ~p, hard: ~p)", [jlib:jid_to_string(JID), SoftQuota, HardQuota]), enforce_quota(Path, Size, OldSize, SoftQuota, SoftQuota); - _ -> + _ -> ?DEBUG("Enforcing quota for ~s", [jlib:jid_to_string(JID)]), enforce_quota(Path, Size, OldSize, SoftQuota, HardQuota) @@ -196,17 +196,19 @@ handle_info(sweep, #state{server_host = ServerHost, when is_integer(MaxDays), MaxDays > 0 -> ?DEBUG("Got 'sweep' message for ~s", [ServerHost]), case file:list_dir(DocRoot) of - {ok, Entries} -> - BackThen = secs_since_epoch() - (MaxDays * 86400), - DocRootS = binary_to_list(DocRoot), - PathNames = lists:map(fun(Entry) -> DocRootS ++ "/" ++ Entry end, - Entries), - UserDirs = lists:filter(fun filelib:is_dir/1, PathNames), - lists:foreach(fun(UserDir) -> delete_old_files(UserDir, BackThen) end, - UserDirs); - {error, Error} -> - ?ERROR_MSG("Cannot open document root ~s: ~s", - [DocRoot, ?FORMAT(Error)]) + {ok, Entries} -> + BackThen = secs_since_epoch() - (MaxDays * 86400), + DocRootS = binary_to_list(DocRoot), + PathNames = lists:map(fun(Entry) -> + DocRootS ++ "/" ++ Entry + end, Entries), + UserDirs = lists:filter(fun filelib:is_dir/1, PathNames), + lists:foreach(fun(UserDir) -> + delete_old_files(UserDir, BackThen) + end, UserDirs); + {error, Error} -> + ?ERROR_MSG("Cannot open document root ~s: ~s", + [DocRoot, ?FORMAT(Error)]) end, {noreply, State}; handle_info(Info, State) -> @@ -276,14 +278,14 @@ enforce_quota(UserDir, SlotSize, _OldSize, MinSize, MaxSize) -> -spec delete_old_files(file:filename_all(), integer()) -> ok. -delete_old_files(UserDir, Timestamp) -> +delete_old_files(UserDir, CutOff) -> FileInfo = gather_file_info(UserDir), - case [Path || {Path, _Size, Time} <- FileInfo, Time < Timestamp] of - [] -> - ok; - OldFiles -> - lists:foreach(fun(File) -> del_file_and_dir(File) end, OldFiles), - file:del_dir(UserDir) % In case it's empty, now. + case [Path || {Path, _Size, Time} <- FileInfo, Time < CutOff] of + [] -> + ok; + OldFiles -> + lists:foreach(fun(File) -> del_file_and_dir(File) end, OldFiles), + file:del_dir(UserDir) % In case it's empty, now. end. -spec gather_file_info(file:filename_all()) @@ -293,49 +295,50 @@ gather_file_info(Dir) when is_binary(Dir) -> gather_file_info(binary_to_list(Dir)); gather_file_info(Dir) -> case file:list_dir(Dir) of - {ok, Entries} -> - lists:foldl(fun(Entry, Acc) -> - Path = Dir ++ "/" ++ Entry, - case file:read_file_info(Path, [{time, posix}]) of - {ok, #file_info{type = directory}} -> - gather_file_info(Path) ++ Acc; - {ok, #file_info{type = regular, - mtime = Time, - size = Size}} -> - [{Path, Size, Time} | Acc]; - {ok, _Info} -> - ?DEBUG("Won't stat(2) non-regular file ~s", - [Path]), - Acc; - {error, Error} -> - ?ERROR_MSG("Cannot stat(2) ~s: ~s", - [Path, ?FORMAT(Error)]), - Acc - end - end, [], Entries); - {error, enoent} -> - ?DEBUG("Directory ~s doesn't exist", [Dir]), - []; - {error, Error} -> - ?ERROR_MSG("Cannot open directory ~s: ~s", [Dir, ?FORMAT(Error)]), - [] + {ok, Entries} -> + lists:foldl(fun(Entry, Acc) -> + Path = Dir ++ "/" ++ Entry, + case file:read_file_info(Path, + [{time, posix}]) of + {ok, #file_info{type = directory}} -> + gather_file_info(Path) ++ Acc; + {ok, #file_info{type = regular, + mtime = Time, + size = Size}} -> + [{Path, Size, Time} | Acc]; + {ok, _Info} -> + ?DEBUG("Won't stat(2) non-regular file ~s", + [Path]), + Acc; + {error, Error} -> + ?ERROR_MSG("Cannot stat(2) ~s: ~s", + [Path, ?FORMAT(Error)]), + Acc + end + end, [], Entries); + {error, enoent} -> + ?DEBUG("Directory ~s doesn't exist", [Dir]), + []; + {error, Error} -> + ?ERROR_MSG("Cannot open directory ~s: ~s", [Dir, ?FORMAT(Error)]), + [] end. -spec del_file_and_dir(file:name_all()) -> ok. del_file_and_dir(File) -> case file:delete(File) of - ok -> - ?INFO_MSG("Removed ~s", [File]), - Dir = filename:dirname(File), - case file:del_dir(Dir) of - ok -> - ?DEBUG("Removed ~s", [Dir]); - {error, Error} -> - ?DEBUG("Cannot remove ~s: ~s", [Dir, ?FORMAT(Error)]) - end; - {error, Error} -> - ?WARNING_MSG("Cannot remove ~s: ~s", [File, ?FORMAT(Error)]) + ok -> + ?INFO_MSG("Removed ~s", [File]), + Dir = filename:dirname(File), + case file:del_dir(Dir) of + ok -> + ?DEBUG("Removed ~s", [Dir]); + {error, Error} -> + ?DEBUG("Cannot remove ~s: ~s", [Dir, ?FORMAT(Error)]) + end; + {error, Error} -> + ?WARNING_MSG("Cannot remove ~s: ~s", [File, ?FORMAT(Error)]) end. -spec secs_since_epoch() -> non_neg_integer(). From b6f52732286bfd8f4779bfec3fe9f3ccabdeaeed Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Tue, 10 Nov 2015 22:08:16 +0100 Subject: [PATCH 14/21] mod_http_upload_quota: Don't track all users Don't track the disk usage of accounts that have an unlimited quota. --- mod_http_upload/src/mod_http_upload_quota.erl | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload_quota.erl b/mod_http_upload/src/mod_http_upload_quota.erl index 8b78dec..a232e30 100644 --- a/mod_http_upload/src/mod_http_upload_quota.erl +++ b/mod_http_upload/src/mod_http_upload_quota.erl @@ -164,7 +164,7 @@ handle_cast({handle_slot_request, #jid{user = U, server = S} = JID, Path, Size}, {0, 0} -> ?DEBUG("No quota specified for ~s", [jlib:jid_to_string(JID)]), - Size; + undefined; {0, _} -> ?WARNING_MSG("No hard quota specified for ~s", [jlib:jid_to_string(JID)]), @@ -183,7 +183,12 @@ handle_cast({handle_slot_request, #jid{user = U, server = S} = JID, Path, Size}, [jlib:jid_to_string(JID)]), enforce_quota(Path, Size, OldSize, SoftQuota, HardQuota) end, - {noreply, State#state{disk_usage = dict:store({U, S}, NewSize, DiskUsage)}}; + NewDiskUsage = if is_integer(NewSize) -> + dict:store({U, S}, NewSize, DiskUsage); + true -> + DiskUsage + end, + {noreply, State#state{disk_usage = NewDiskUsage}}; handle_cast(Request, State) -> ?ERROR_MSG("Got unexpected request: ~p", [Request]), {noreply, State}. From f2f8fe25f7cc81e99c6187fc83f722c7477ef341 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Wed, 11 Nov 2015 22:51:40 +0100 Subject: [PATCH 15/21] mod_http_upload: Log message if URL looks wrong Log an [info] message if a PUT request looks like the specified "put_url" contains a path component that doesn't match the "request_handlers" path, as in the following configuration: listen: - module: ejabberd_http port: 5444 request_handlers: "/": mod_http_upload modules: mod_http_upload: put_url: "http://example.com/path/" --- mod_http_upload/src/mod_http_upload.erl | 27 ++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 2d252b9..1d1e180 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -375,16 +375,16 @@ code_change(_OldVsn, #state{server_host = ServerHost} = State, _Extra) -> -spec process([binary()], #request{}) -> {pos_integer(), [{binary(), binary()}], binary()}. -process(LocalPath, #request{method = 'PUT', host = Host, ip = IP, - data = Data}) -> +process([_UserDir, _RandDir, _FileName] = Slot, + #request{method = 'PUT', host = Host, ip = IP, data = Data}) -> Proc = gen_mod:get_module_proc(Host, ?PROCNAME), - case catch gen_server:call(Proc, {use_slot, LocalPath}) of + case catch gen_server:call(Proc, {use_slot, Slot}) of {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail} when byte_size(Data) == Size -> ?DEBUG("Storing file from ~s for ~s: ~s", [?ADDR_TO_STR(IP), Host, Path]), case store_file(Path, Data, FileMode, DirMode, - GetPrefix, LocalPath, Thumbnail) of + GetPrefix, Slot, Thumbnail) of ok -> http_response(Host, 201); {ok, Headers, OutData} -> @@ -407,17 +407,17 @@ process(LocalPath, #request{method = 'PUT', host = Host, ip = IP, [?ADDR_TO_STR(IP), Host, Error]), http_response(Host, 500) end; -process(LocalPath, #request{method = Method, host = Host, ip = IP}) +process([_UserDir, _RandDir, FileName] = Slot, + #request{method = Method, host = Host, ip = IP}) when Method == 'GET'; Method == 'HEAD' -> Proc = gen_mod:get_module_proc(Host, ?PROCNAME), case catch gen_server:call(Proc, get_docroot) of {ok, DocRoot} -> - Path = str:join([DocRoot | LocalPath], <<$/>>), + Path = str:join([DocRoot | Slot], <<$/>>), case file:read_file(Path) of {ok, Data} -> ?INFO_MSG("Serving ~s to ~s", [Path, ?ADDR_TO_STR(IP)]), - FileName = lists:last(LocalPath), ContentType = guess_content_type(FileName), Headers1 = case ContentType of <<"image/", _SubType/binary>> -> []; @@ -451,6 +451,19 @@ process(LocalPath, #request{method = Method, host = Host, ip = IP}) [Method, ?ADDR_TO_STR(IP), Host, Error]), http_response(Host, 500) end; +process(LocalPath, #request{method = 'PUT', host = Host, ip = IP}) + when length(LocalPath) > 3 -> + ?INFO_MSG("Rejecting PUT request from ~s for ~s: Too many path components", + [?ADDR_TO_STR(IP), Host]), + ?INFO_MSG("Check whether 'request_handlers' path matches 'put_url'", []), + http_response(Host, 404); +process(_LocalPath, #request{method = Method, host = Host, ip = IP}) + when Method == 'PUT'; + Method == 'GET'; + Method == 'HEAD' -> + ?DEBUG("Rejecting ~s request from ~s for ~s: Too few/many path components", + [Method, ?ADDR_TO_STR(IP), Host]), + http_response(Host, 404); process(_LocalPath, #request{method = 'OPTIONS', host = Host, ip = IP}) -> ?DEBUG("Responding to OPTIONS request from ~s for ~s", [?ADDR_TO_STR(IP), Host]), From ddf70d60df8898d6da6a306d8ab3f0a6a82d64dd Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Tue, 17 Nov 2015 00:12:20 +0100 Subject: [PATCH 16/21] mod_http_upload: Return error atoms, not strings Don't convert error atoms to strings before actually logging them. This avoids a bogus error message when a user who has no uploaded files is removed. --- mod_http_upload/src/mod_http_upload.erl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 1d1e180..0a6074b 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -391,7 +391,7 @@ process([_UserDir, _RandDir, _FileName] = Slot, http_response(Host, 201, Headers, OutData); {error, Error} -> ?ERROR_MSG("Cannot store file ~s from ~s for ~s: ~p", - [Path, ?ADDR_TO_STR(IP), Host, Error]), + [Path, ?ADDR_TO_STR(IP), Host, ?FORMAT(Error)]), http_response(Host, 500) end; {ok, Size, Path} -> @@ -812,7 +812,7 @@ do_store_file(Path, Data, FileMode, DirMode) -> ok = Ok % Raise an exception if file:write/2 failed. catch _:{badmatch, {error, Error}} -> - {error, ?FORMAT(Error)}; + {error, Error}; _:Error -> {error, Error} end. @@ -959,7 +959,7 @@ remove_user(User, Server) -> ?DEBUG("Found no HTTP upload directory of ~s@~s", [User, Server]); {error, Error} -> ?ERROR_MSG("Cannot remove HTTP upload directory of ~s@~s: ~p", - [User, Server, Error]) + [User, Server, ?FORMAT(Error)]) end, ok. @@ -981,7 +981,7 @@ del_tree(Dir) -> ok = file:del_dir(Dir) catch _:{badmatch, {error, Error}} -> - {error, ?FORMAT(Error)}; + {error, Error}; _:Error -> {error, Error} end. From ce64f79b632ceed496a0c1672f0444bd51ac2a3a Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 4 Jan 2016 01:01:14 +0100 Subject: [PATCH 17/21] mod_http_upload: Fix logging of file size mismatch --- mod_http_upload/src/mod_http_upload.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 0a6074b..84c4fe4 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -394,7 +394,7 @@ process([_UserDir, _RandDir, _FileName] = Slot, [Path, ?ADDR_TO_STR(IP), Host, ?FORMAT(Error)]), http_response(Host, 500) end; - {ok, Size, Path} -> + {ok, Size, Path, _FileMode, _DirMode, _GetPrefix, _Thumbnail} -> ?INFO_MSG("Rejecting file ~s from ~s for ~s: Size is ~B, not ~B", [Path, ?ADDR_TO_STR(IP), Host, byte_size(Data), Size]), http_response(Host, 413); From 99d89ce59d9d16d5c5e71c32243bf2443b589bbe Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Tue, 5 Jan 2016 22:06:34 +0100 Subject: [PATCH 18/21] mod_http_upload: Rename variable for clarity --- mod_http_upload/src/mod_http_upload.erl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index 84c4fe4..bf46421 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -757,14 +757,14 @@ iq_disco_info(Lang, Name) -> binary(), slot(), boolean()) -> ok | {ok, [{binary(), binary()}], binary()} | {error, term()}. -store_file(Path, Data, FileMode, DirMode, GetPrefix, LocalPath, Thumbnail) -> +store_file(Path, Data, FileMode, DirMode, GetPrefix, Slot, Thumbnail) -> case do_store_file(Path, Data, FileMode, DirMode) of ok when Thumbnail -> case identify(Path) of {ok, MediaInfo} -> case convert(Path, MediaInfo) of {ok, OutPath} -> - [UserDir, RandDir | _] = LocalPath, + [UserDir, RandDir | _] = Slot, FileName = filename:basename(OutPath), URL = str:join([GetPrefix, UserDir, RandDir, FileName], <<$/>>), From d4d8b15413446690e46005afdd3eb188a3b1ba3c Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Wed, 6 Jan 2016 00:12:36 +0100 Subject: [PATCH 19/21] mod_http_upload: Use full PUT URL for process name Don't just use the "put_url" domain name, but also any path components of the specified URL, to generate a mod_http_upload process name. This way, a single domain name can be used for multiple virtual hosts by specifying a "put_url" such as "https://example.com/@HOST@/". --- mod_http_upload/README.txt | 2 +- mod_http_upload/src/mod_http_upload.erl | 53 ++++++++++++++----------- 2 files changed, 31 insertions(+), 24 deletions(-) diff --git a/mod_http_upload/README.txt b/mod_http_upload/README.txt index 49d503c..e6a6e6d 100644 --- a/mod_http_upload/README.txt +++ b/mod_http_upload/README.txt @@ -115,7 +115,7 @@ The configurable mod_http_upload options are: This option specifies the initial part of the PUT URLs used for file uploads. The keyword @HOST@ is replaced with the virtual host name. - NOTE: Different virtual hosts cannot use the same PUT URL domain. + NOTE: Different virtual hosts cannot use the same PUT URL. - get_url (default: $put_url) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index bf46421..cf339d6 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -375,9 +375,17 @@ code_change(_OldVsn, #state{server_host = ServerHost} = State, _Extra) -> -spec process([binary()], #request{}) -> {pos_integer(), [{binary(), binary()}], binary()}. -process([_UserDir, _RandDir, _FileName] = Slot, - #request{method = 'PUT', host = Host, ip = IP, data = Data}) -> - Proc = gen_mod:get_module_proc(Host, ?PROCNAME), +process(LocalPath, #request{method = Method, host = Host, ip = IP}) + when length(LocalPath) < 3, + Method == 'PUT' orelse + Method == 'GET' orelse + Method == 'HEAD' -> + ?DEBUG("Rejecting ~s request from ~s for ~s: Too few path components", + [Method, ?ADDR_TO_STR(IP), Host]), + http_response(Host, 404); +process(_LocalPath, #request{method = 'PUT', host = Host, ip = IP, + data = Data} = Request) -> + {Proc, Slot} = parse_http_request(Request), case catch gen_server:call(Proc, {use_slot, Slot}) of {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail} when byte_size(Data) == Size -> @@ -407,11 +415,10 @@ process([_UserDir, _RandDir, _FileName] = Slot, [?ADDR_TO_STR(IP), Host, Error]), http_response(Host, 500) end; -process([_UserDir, _RandDir, FileName] = Slot, - #request{method = Method, host = Host, ip = IP}) +process(_LocalPath, #request{method = Method, host = Host, ip = IP} = Request) when Method == 'GET'; Method == 'HEAD' -> - Proc = gen_mod:get_module_proc(Host, ?PROCNAME), + {Proc, [_UserDir, _RandDir, FileName] = Slot} = parse_http_request(Request), case catch gen_server:call(Proc, get_docroot) of {ok, DocRoot} -> Path = str:join([DocRoot | Slot], <<$/>>), @@ -451,19 +458,6 @@ process([_UserDir, _RandDir, FileName] = Slot, [Method, ?ADDR_TO_STR(IP), Host, Error]), http_response(Host, 500) end; -process(LocalPath, #request{method = 'PUT', host = Host, ip = IP}) - when length(LocalPath) > 3 -> - ?INFO_MSG("Rejecting PUT request from ~s for ~s: Too many path components", - [?ADDR_TO_STR(IP), Host]), - ?INFO_MSG("Check whether 'request_handlers' path matches 'put_url'", []), - http_response(Host, 404); -process(_LocalPath, #request{method = Method, host = Host, ip = IP}) - when Method == 'PUT'; - Method == 'GET'; - Method == 'HEAD' -> - ?DEBUG("Rejecting ~s request from ~s for ~s: Too few/many path components", - [Method, ?ADDR_TO_STR(IP), Host]), - http_response(Host, 404); process(_LocalPath, #request{method = 'OPTIONS', host = Host, ip = IP}) -> ?DEBUG("Responding to OPTIONS request from ~s for ~s", [?ADDR_TO_STR(IP), Host]), @@ -486,10 +480,10 @@ get_proc_name(ServerHost, ModuleName) -> (_) -> <<"http://@HOST@">> end, <<"http://@HOST@">>), - [_, ProcHost | _] = binary:split(expand_host(PutURL, ServerHost), - [<<"http://">>, <<"https://">>, - <<":">>, <<"/">>], [global]), - gen_mod:get_module_proc(ProcHost, ModuleName). + {ok, {_Scheme, _UserInfo, Host, _Port, Path, _Query}} = + http_uri:parse(binary_to_list(expand_host(PutURL, ServerHost))), + ProcPrefix = list_to_binary(string:strip(Host ++ Path, right, $/)), + gen_mod:get_module_proc(ProcPrefix, ModuleName). -spec expand_home(binary()) -> binary(). @@ -751,6 +745,19 @@ iq_disco_info(Lang, Name) -> %% HTTP request handling. +-spec parse_http_request(#request{}) -> {atom(), slot()}. + +parse_http_request(#request{host = Host, path = Path}) -> + PrefixLength = length(Path) - 3, + {ProcURL, Slot} = if PrefixLength > 0 -> + Prefix = lists:sublist(Path, PrefixLength), + {str:join([Host | Prefix], $/), + lists:nthtail(PrefixLength, Path)}; + true -> + {Host, Path} + end, + {gen_mod:get_module_proc(ProcURL, ?PROCNAME), Slot}. + -spec store_file(binary(), binary(), integer() | undefined, integer() | undefined, From 1696107f434e847e1d800973f5714c339c427a33 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 11 Jan 2016 11:58:08 +0100 Subject: [PATCH 20/21] mod_http_upload: Add note regarding "get_url" --- mod_http_upload/README.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mod_http_upload/README.txt b/mod_http_upload/README.txt index e6a6e6d..23115c1 100644 --- a/mod_http_upload/README.txt +++ b/mod_http_upload/README.txt @@ -125,6 +125,9 @@ The configurable mod_http_upload options are: files served by a proper HTTP server such as Nginx or Apache. The keyword @HOST@ is replaced with the virtual host name. + NOTE: If GET requests are handled by mod_http_upload, the 'get_url' must + match the 'put_url'. + - service_url (default: 'undefined') If a 'service_url' is specified, HTTP upload slot requests are forwarded From 4deb2fd2c3ad69ca48ea366fb6622b1542918646 Mon Sep 17 00:00:00 2001 From: Matthias Rieber Date: Mon, 11 Jan 2016 12:11:24 +0100 Subject: [PATCH 21/21] mod_http_upload: Use application/octet-stream instead of text/html for security reasons --- mod_http_upload/src/mod_http_upload.erl | 1 - 1 file changed, 1 deletion(-) diff --git a/mod_http_upload/src/mod_http_upload.erl b/mod_http_upload/src/mod_http_upload.erl index cf339d6..37ddb18 100644 --- a/mod_http_upload/src/mod_http_upload.erl +++ b/mod_http_upload/src/mod_http_upload.erl @@ -25,7 +25,6 @@ {<<".bz2">>, <<"application/x-bzip2">>}, {<<".gif">>, <<"image/gif">>}, {<<".gz">>, <<"application/x-gzip">>}, - {<<".html">>, <<"text/html">>}, {<<".jpeg">>, <<"image/jpeg">>}, {<<".jpg">>, <<"image/jpeg">>}, {<<".mp3">>, <<"audio/mpeg">>},