From dc47bf0861fccdb48360e34d7c4883ac0e969cf8 Mon Sep 17 00:00:00 2001 From: Knut Ahlers Date: Thu, 23 Nov 2023 10:36:36 +0100 Subject: [PATCH] [#154] Add debug logging for rejected attachment types & strip meta-info from mime-type (#155) --- cmd/ots-cli/cmd_root.go | 3 +++ cmd/ots-cli/main.go | 4 +++- pkg/client/client.go | 11 +++++++++++ pkg/client/sanity.go | 4 +++- 4 files changed, 20 insertions(+), 2 deletions(-) diff --git a/cmd/ots-cli/cmd_root.go b/cmd/ots-cli/cmd_root.go index 48928f8..43316a3 100644 --- a/cmd/ots-cli/cmd_root.go +++ b/cmd/ots-cli/cmd_root.go @@ -3,6 +3,7 @@ package main import ( "fmt" + "github.com/Luzifer/ots/pkg/client" "github.com/sirupsen/logrus" "github.com/spf13/cobra" ) @@ -28,5 +29,7 @@ func rootPersistentPreRunE(cmd *cobra.Command, _ []string) error { } logrus.SetLevel(ll) + client.Logger = logrus.NewEntry(logrus.StandardLogger()) + return nil } diff --git a/cmd/ots-cli/main.go b/cmd/ots-cli/main.go index 2e7006e..068527e 100644 --- a/cmd/ots-cli/main.go +++ b/cmd/ots-cli/main.go @@ -1,6 +1,8 @@ package main -import "os" +import ( + "os" +) func main() { if err := rootCmd.Execute(); err != nil { diff --git a/pkg/client/client.go b/pkg/client/client.go index 1a59e46..decc283 100644 --- a/pkg/client/client.go +++ b/pkg/client/client.go @@ -17,6 +17,7 @@ import ( "time" "github.com/Luzifer/go-openssl/v4" + "github.com/sirupsen/logrus" ) type ( @@ -41,6 +42,10 @@ var HTTPClient HTTPClientIntf = http.DefaultClient // source code. var KeyDerivationFunc = openssl.NewPBKDF2Generator(sha512.New, 300000) //nolint:gomnd // that's the definition +// Logger can be set to enable logging from the library. By default +// all log-messages will be discarded. +var Logger *logrus.Entry + // PasswordLength defines the length of the generated encryption password var PasswordLength = 20 @@ -54,6 +59,12 @@ var RequestTimeout = 5 * time.Second // provide an URL to useful information about your tool. var UserAgent = "ots-client/1.x +https://github.com/Luzifer/ots" +func init() { + l := logrus.New() + l.SetOutput(io.Discard) + Logger = logrus.NewEntry(l) +} + // Create serializes the secret and creates a new secret on the // instance given by its URL. // diff --git a/pkg/client/sanity.go b/pkg/client/sanity.go index 6c7ad68..0cfa717 100644 --- a/pkg/client/sanity.go +++ b/pkg/client/sanity.go @@ -72,11 +72,12 @@ func SanityCheck(instanceURL string, secret Secret) error { } func attachmentAllowed(file SecretAttachment, allowed []string) bool { + mimeType, _, _ := strings.Cut(file.Type, ";") for _, a := range allowed { switch { case mimeRegex.MatchString(a): // That's a mime type - if glob.Glob(a, file.Type) { + if glob.Glob(a, mimeType) { // The mime "glob" matches the file type return true } @@ -90,6 +91,7 @@ func attachmentAllowed(file SecretAttachment, allowed []string) bool { } } + Logger.WithField("content-type", mimeType).Debug("attachment type not allowed") return false }