luzifer/ots
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[#154] Add debug logging for rejected attachment types & strip meta-info from mime-type (#155)

Browse Source
This commit is contained in:
Knut Ahlers 2023-11-23 10:36:36 +01:00 committed by GitHub
parent eb2bce3119
commit dc47bf0861
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/ots-cli/cmd_root.go
View File

@ -3,6 +3,7 @@ package main
import ( import (
"fmt" "fmt"
"github.com/Luzifer/ots/pkg/client"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/spf13/cobra" "github.com/spf13/cobra"
) )
@ -28,5 +29,7 @@ func rootPersistentPreRunE(cmd *cobra.Command, _ []string) error {
} }
logrus.SetLevel(ll) logrus.SetLevel(ll)
client.Logger = logrus.NewEntry(logrus.StandardLogger())
return nil return nil
} }

4
cmd/ots-cli/main.go
View File

@ -1,6 +1,8 @@
package main package main
import "os" import (
"os"
)
func main() { func main() {
if err := rootCmd.Execute(); err != nil { if err := rootCmd.Execute(); err != nil {

11
pkg/client/client.go
View File

@ -17,6 +17,7 @@ import (
"time" "time"
"github.com/Luzifer/go-openssl/v4" "github.com/Luzifer/go-openssl/v4"
"github.com/sirupsen/logrus"
) )
type ( type (
@ -41,6 +42,10 @@ var HTTPClient HTTPClientIntf = http.DefaultClient
// source code. // source code.
var KeyDerivationFunc = openssl.NewPBKDF2Generator(sha512.New, 300000) //nolint:gomnd // that's the definition var KeyDerivationFunc = openssl.NewPBKDF2Generator(sha512.New, 300000) //nolint:gomnd // that's the definition
// Logger can be set to enable logging from the library. By default
// all log-messages will be discarded.
var Logger *logrus.Entry
// PasswordLength defines the length of the generated encryption password // PasswordLength defines the length of the generated encryption password
var PasswordLength = 20 var PasswordLength = 20
@ -54,6 +59,12 @@ var RequestTimeout = 5 * time.Second
// provide an URL to useful information about your tool. // provide an URL to useful information about your tool.
var UserAgent = "ots-client/1.x +https://github.com/Luzifer/ots" var UserAgent = "ots-client/1.x +https://github.com/Luzifer/ots"
func init() {
l := logrus.New()
l.SetOutput(io.Discard)
Logger = logrus.NewEntry(l)
}
// Create serializes the secret and creates a new secret on the // Create serializes the secret and creates a new secret on the
// instance given by its URL. // instance given by its URL.
// //

4
pkg/client/sanity.go
View File

@ -72,11 +72,12 @@ func SanityCheck(instanceURL string, secret Secret) error {
} }
func attachmentAllowed(file SecretAttachment, allowed []string) bool { func attachmentAllowed(file SecretAttachment, allowed []string) bool {
mimeType, _, _ := strings.Cut(file.Type, ";")
for _, a := range allowed { for _, a := range allowed {
switch { switch {
case mimeRegex.MatchString(a): case mimeRegex.MatchString(a):
// That's a mime type // That's a mime type
if glob.Glob(a, file.Type) { if glob.Glob(a, mimeType) {
// The mime "glob" matches the file type // The mime "glob" matches the file type
return true return true
} }
@ -90,6 +91,7 @@ func attachmentAllowed(file SecretAttachment, allowed []string) bool {
} }
} }
Logger.WithField("content-type", mimeType).Debug("attachment type not allowed")
return false return false
} }