| Commit info | |
|---|---|
| ID | 04d1ed40ca996a61490c2656654fe8e729711bdd |
| Author | Runxi Yu<me@runxiyu.org> |
| Author date | Wed, 12 Feb 2025 20:06:03 +0800 |
| Committer | Runxi Yu<me@runxiyu.org> |
| Committer date | Wed, 12 Feb 2025 20:06:03 +0800 |
| Actions | Get patch |
router_{http,ssh}.go, url_misc.go: Fix escaping
package main
import (
"errors"
"fmt"
"net/http"
"strings"
)
type http_router_t struct{}
func (router *http_router_t) ServeHTTP(w http.ResponseWriter, r *http.Request) {
segments, _, err := parse_request_uri(r.RequestURI)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if segments[0] == ":" {
if len(segments) < 2 {
http.Error(w, "Blank system endpoint", http.StatusNotFound)
return
}
switch segments[1] {
case "static":
static_handler.ServeHTTP(w, r)
case "source":
source_handler.ServeHTTP(w, r)
default:
http.Error(w, fmt.Sprintf("Unknown system module type: %s", segments[1]), http.StatusNotFound)
}
return
}
separator_index := -1
for i, part := range segments {
if part == ":" {
separator_index = i
break
}
}
non_empty_last_segments_len := len(segments)
dir_mode := false
if segments[len(segments)-1] == "" {
non_empty_last_segments_len--
dir_mode = true
}
params := make(map[string]string)
_ = params
switch {
case non_empty_last_segments_len == 0:
handle_index(w, r)
case separator_index == -1:
http.Error(w, "Group indexing hasn't been implemented yet", http.StatusNotImplemented)
case non_empty_last_segments_len == separator_index+1:
http.Error(w, "Group root hasn't been implemented yet", http.StatusNotImplemented)
case non_empty_last_segments_len == separator_index+2:
module_type := segments[separator_index+1]
params["group_name"] = segments[0]
switch module_type {
case "repos":
handle_group_repos(w, r, params)
default:
http.Error(w, fmt.Sprintf("Unknown module type: %s", module_type), http.StatusNotFound)
}
default:
module_type := segments[separator_index+1]
module_name := segments[separator_index+2]
params["group_name"] = segments[0]
switch module_type {
case "repos":
params["repo_name"] = module_name
// TODO: subgroups
if non_empty_last_segments_len == separator_index+3 {
if !dir_mode {
http.Redirect(w, r, r.URL.Path+"/", http.StatusSeeOther)
return
}
handle_repo_index(w, r, params)
return
}
repo_feature := segments[separator_index+3]
switch repo_feature {
case "info": handle_repo_info(w, r, params)
case "tree":
params["rest"] = strings.Join(segments[separator_index+4:], "/")
handle_repo_tree(w, r, params)
case "raw":
params["rest"] = strings.Join(segments[separator_index+4:], "/")
handle_repo_raw(w, r, params)
case "log":
if non_empty_last_segments_len != separator_index+5 {
http.Error(w, "Too many parameters", http.StatusBadRequest)
return
}
if dir_mode {
http.Redirect(w, r, strings.TrimSuffix(r.URL.Path, "/"), http.StatusSeeOther)
return
}
params["ref"] = segments[separator_index+4]
handle_repo_log(w, r, params)
case "commit":
if dir_mode {
http.Redirect(w, r, strings.TrimSuffix(r.URL.Path, "/"), http.StatusSeeOther)
return
}
params["commit_id"] = segments[separator_index+4]
handle_repo_commit(w, r, params)
default:
http.Error(w, fmt.Sprintf("Unknown repo feature: %s", repo_feature), http.StatusNotFound)
}
default:
http.Error(w, fmt.Sprintf("Unknown module type: %s", module_type), http.StatusNotFound)
}
}
}
var err_bad_request = errors.New("Bad Request")
package main
import (
"context"
"errors"
"net/url"
"strings"
)
var err_ssh_illegal_endpoint = errors.New("Illegal endpoint during SSH access")
func get_repo_path_from_ssh_path(ctx context.Context, ssh_path string) (repo_path string, err error) {
segments := strings.Split(strings.TrimPrefix(ssh_path, "/"), "/")
for i, segment := range segments {
var err error
segments[i], err = url.QueryUnescape(segment)
segments[i], err = url.PathUnescape(segment)
if err != nil {
return "", err
}
}
if segments[0] == ":" {
return "", err_ssh_illegal_endpoint
}
separator_index := -1
for i, part := range segments {
if part == ":" {
separator_index = i
break
}
}
if segments[len(segments)-1] == "" {
segments = segments[:len(segments)-1]
}
switch {
case separator_index == -1:
return "", err_ssh_illegal_endpoint
case len(segments) <= separator_index+2:
return "", err_ssh_illegal_endpoint
}
group_name := segments[0]
module_type := segments[separator_index+1]
module_name := segments[separator_index+2]
switch module_type {
case "repos":
var fs_path string
err := database.QueryRow(ctx, "SELECT r.filesystem_path FROM repos r JOIN groups g ON r.group_id = g.id WHERE g.name = $1 AND r.name = $2;", group_name, module_name).Scan(&fs_path)
return fs_path, err
default:
return "", err_ssh_illegal_endpoint
}
}
package main
import (
"errors"
"net/http"
"net/url"
"strings"
"go.lindenii.runxiyu.org/lindenii-common/misc"
)
var (
err_duplicate_ref_spec = errors.New("Duplicate ref spec")
err_no_ref_spec = errors.New("No ref spec")
)
func get_param_ref_and_type(r *http.Request) (ref_type, ref string, err error) {
qr := r.URL.RawQuery
q, err := url.ParseQuery(qr)
if err != nil {
return
}
done := false
for _, _ref_type := range []string{"commit", "branch", "tag"} {
_ref, ok := q[_ref_type]
if ok {
if done {
err = err_duplicate_ref_spec
return
} else {
done = true
if len(_ref) != 1 {
err = err_duplicate_ref_spec
return
}
ref = _ref[0]
ref_type = _ref_type
}
}
}
if !done {
err = err_no_ref_spec
}
return
}
func parse_request_uri(request_uri string) (segments []string, params url.Values, err error) {
path, params_string, _ := strings.Cut(request_uri, "?")
segments = strings.Split(strings.TrimPrefix(path, "/"), "/")
for i, segment := range segments {
segments[i], err = url.QueryUnescape(segment)
segments[i], err = url.PathUnescape(segment)
if err != nil {
return nil, nil, misc.Wrap_one_error(err_bad_request, err)
}
}
params, err = url.ParseQuery(params_string)
if err != nil {
return nil, nil, misc.Wrap_one_error(err_bad_request, err)
}
return
}