debian-mirror-gitlab/workhorse/internal/upload/rewrite.go

223 lines
5.4 KiB
Go
Raw Normal View History

2021-02-22 17:27:13 +05:30
package upload
import (
"context"
"errors"
"fmt"
"io"
2022-04-04 11:22:00 +05:30
"mime"
2021-02-22 17:27:13 +05:30
"mime/multipart"
"net/http"
2022-04-04 11:22:00 +05:30
"net/textproto"
2021-04-29 21:17:54 +05:30
"path/filepath"
2021-02-22 17:27:13 +05:30
"strings"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promauto"
2021-10-27 15:23:28 +05:30
"gitlab.com/gitlab-org/gitlab/workhorse/internal/api"
2022-05-07 20:08:51 +05:30
"gitlab.com/gitlab-org/gitlab/workhorse/internal/upload/destination"
2021-10-27 15:23:28 +05:30
"gitlab.com/gitlab-org/gitlab/workhorse/internal/upload/exif"
2021-02-22 17:27:13 +05:30
)
2022-01-26 12:08:38 +05:30
const maxFilesAllowed = 10
2021-02-22 17:27:13 +05:30
// ErrInjectedClientParam means that the client sent a parameter that overrides one of our own fields
2021-10-29 20:43:33 +05:30
var (
2022-01-26 12:08:38 +05:30
ErrInjectedClientParam = errors.New("injected client parameter")
ErrTooManyFilesUploaded = fmt.Errorf("upload request contains more than %v files", maxFilesAllowed)
2021-10-29 20:43:33 +05:30
)
2021-02-22 17:27:13 +05:30
var (
multipartUploadRequests = promauto.NewCounterVec(
prometheus.CounterOpts{
Name: "gitlab_workhorse_multipart_upload_requests",
Help: "How many multipart upload requests have been processed by gitlab-workhorse. Partitioned by type.",
},
[]string{"type"},
)
multipartFileUploadBytes = promauto.NewCounterVec(
prometheus.CounterOpts{
Name: "gitlab_workhorse_multipart_upload_bytes",
Help: "How many disk bytes of multipart file parts have been successfully written by gitlab-workhorse. Partitioned by type.",
},
[]string{"type"},
)
multipartFiles = promauto.NewCounterVec(
prometheus.CounterOpts{
Name: "gitlab_workhorse_multipart_upload_files",
Help: "How many multipart file parts have been processed by gitlab-workhorse. Partitioned by type.",
},
[]string{"type"},
)
)
type rewriter struct {
2022-07-23 23:45:48 +05:30
writer *multipart.Writer
fileAuthorizer
Preparer
2021-02-22 17:27:13 +05:30
filter MultipartFormProcessor
finalizedFields map[string]bool
}
2022-07-23 23:45:48 +05:30
func rewriteFormFilesFromMultipart(r *http.Request, writer *multipart.Writer, filter MultipartFormProcessor, fa fileAuthorizer, preparer Preparer) error {
2021-02-22 17:27:13 +05:30
// Create multipart reader
reader, err := r.MultipartReader()
if err != nil {
if err == http.ErrNotMultipart {
// We want to be able to recognize http.ErrNotMultipart elsewhere so no fmt.Errorf
return http.ErrNotMultipart
}
return fmt.Errorf("get multipart reader: %v", err)
}
multipartUploadRequests.WithLabelValues(filter.Name()).Inc()
rew := &rewriter{
writer: writer,
2022-07-23 23:45:48 +05:30
fileAuthorizer: fa,
Preparer: preparer,
2021-02-22 17:27:13 +05:30
filter: filter,
finalizedFields: make(map[string]bool),
}
for {
p, err := reader.NextPart()
if err != nil {
if err == io.EOF {
break
}
return err
}
2022-04-04 11:22:00 +05:30
name, filename := parseAndNormalizeContentDisposition(p.Header)
2021-02-22 17:27:13 +05:30
if name == "" {
continue
}
if rew.finalizedFields[name] {
return ErrInjectedClientParam
}
2022-04-04 11:22:00 +05:30
if filename != "" {
2022-07-23 23:45:48 +05:30
err = rew.handleFilePart(r, name, p)
2021-02-22 17:27:13 +05:30
} else {
err = rew.copyPart(r.Context(), name, p)
}
if err != nil {
return err
}
}
return nil
}
2022-04-04 11:22:00 +05:30
func parseAndNormalizeContentDisposition(header textproto.MIMEHeader) (string, string) {
const key = "Content-Disposition"
mediaType, params, _ := mime.ParseMediaType(header.Get(key))
header.Set(key, mime.FormatMediaType(mediaType, params))
return params["name"], params["filename"]
}
2022-07-23 23:45:48 +05:30
func (rew *rewriter) handleFilePart(r *http.Request, name string, p *multipart.Part) error {
2022-01-26 12:08:38 +05:30
if rew.filter.Count() >= maxFilesAllowed {
return ErrTooManyFilesUploaded
2021-10-29 20:43:33 +05:30
}
2021-02-22 17:27:13 +05:30
multipartFiles.WithLabelValues(rew.filter.Name()).Inc()
2021-06-08 01:23:25 +05:30
filename := filepath.Base(p.FileName())
2021-04-29 21:17:54 +05:30
2021-02-22 17:27:13 +05:30
if strings.Contains(filename, "/") || filename == "." || filename == ".." {
return fmt.Errorf("illegal filename: %q", filename)
}
2022-07-23 23:45:48 +05:30
apiResponse, err := rew.AuthorizeFile(r)
if err != nil {
return err
}
opts, err := rew.Prepare(apiResponse)
if err != nil {
return err
2021-02-22 17:27:13 +05:30
}
2022-07-23 23:45:48 +05:30
ctx := r.Context()
inputReader, err := rew.filter.TransformContents(ctx, filename, p)
if err != nil {
return err
}
2021-02-22 17:27:13 +05:30
defer inputReader.Close()
2022-07-23 23:45:48 +05:30
fh, err := destination.Upload(ctx, inputReader, -1, filename, opts)
2021-02-22 17:27:13 +05:30
if err != nil {
switch err {
2022-05-07 20:08:51 +05:30
case destination.ErrEntityTooLarge, exif.ErrRemovingExif:
2021-02-22 17:27:13 +05:30
return err
default:
2022-08-13 15:12:31 +05:30
return fmt.Errorf("persisting multipart file: %w", err)
2021-02-22 17:27:13 +05:30
}
}
fields, err := fh.GitLabFinalizeFields(name)
if err != nil {
return fmt.Errorf("failed to finalize fields: %v", err)
}
for key, value := range fields {
rew.writer.WriteField(key, value)
rew.finalizedFields[key] = true
}
multipartFileUploadBytes.WithLabelValues(rew.filter.Name()).Add(float64(fh.Size))
return rew.filter.ProcessFile(ctx, name, fh, rew.writer)
}
2022-07-23 23:45:48 +05:30
func (rew *rewriter) copyPart(ctx context.Context, name string, p *multipart.Part) error {
np, err := rew.writer.CreatePart(p.Header)
2021-04-15 22:33:27 +05:30
if err != nil {
2022-07-23 23:45:48 +05:30
return fmt.Errorf("create multipart field: %v", err)
2021-04-29 21:17:54 +05:30
}
2022-07-23 23:45:48 +05:30
if _, err := io.Copy(np, p); err != nil {
return fmt.Errorf("duplicate multipart field: %v", err)
2021-04-15 22:33:27 +05:30
}
2022-07-23 23:45:48 +05:30
if err := rew.filter.ProcessField(ctx, name, rew.writer); err != nil {
return fmt.Errorf("process multipart field: %v", err)
2021-02-22 17:27:13 +05:30
}
2022-07-23 23:45:48 +05:30
return nil
2021-02-22 17:27:13 +05:30
}
2022-07-23 23:45:48 +05:30
type fileAuthorizer interface {
AuthorizeFile(*http.Request) (*api.Response, error)
}
2021-04-15 22:33:27 +05:30
2022-07-23 23:45:48 +05:30
type eagerAuthorizer struct{ response *api.Response }
2021-04-15 22:33:27 +05:30
2022-07-23 23:45:48 +05:30
func (ea *eagerAuthorizer) AuthorizeFile(r *http.Request) (*api.Response, error) {
return ea.response, nil
2021-04-15 22:33:27 +05:30
}
2022-07-23 23:45:48 +05:30
var _ fileAuthorizer = &eagerAuthorizer{}
2021-04-15 22:33:27 +05:30
2022-07-23 23:45:48 +05:30
type apiAuthorizer struct {
api *api.API
2021-04-15 22:33:27 +05:30
}
2022-07-23 23:45:48 +05:30
func (aa *apiAuthorizer) AuthorizeFile(r *http.Request) (*api.Response, error) {
return aa.api.PreAuthorizeFixedPath(
r,
"POST",
"/api/v4/internal/workhorse/authorize_upload",
)
2021-02-22 17:27:13 +05:30
}
2022-07-23 23:45:48 +05:30
var _ fileAuthorizer = &apiAuthorizer{}