X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=gocheese.go;h=c2a4d0b8028bd99367d8153a4a3f47d716c0a2ee;hb=14a6f9c7e18e3698ecf7e0c8b28680d6615db3bd;hp=75a7c1caf120a5b83803f6a099bc8625032d64d7;hpb=7463a4bbcd0ace5790125f2d3f01eb48abaca985;p=gocheese.git

diff --git a/gocheese.go b/gocheese.go
index 75a7c1c..c2a4d0b 100644
--- a/gocheese.go
+++ b/gocheese.go
@@ -151,12 +151,21 @@ func refreshDir(
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return false
 		}
+		if !strings.HasPrefix(pkgURL.Fragment, SHA256Prefix) {
+			log.Println(r.RemoteAddr, "pypi", filename, "no SHA256 digest provided")
+			http.Error(w, "no SHA256 digest provided", http.StatusBadGateway)
+			return false
+		}
 		digest, err = hex.DecodeString(strings.TrimPrefix(pkgURL.Fragment, SHA256Prefix))
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusBadGateway)
 			return false
 		}
 		pkgURL.Fragment = ""
+		uri = pkgURL.String()
+		if pkgURL.Host == "" {
+			uri = *pypiURL + strings.TrimPrefix(uri, "/")
+		}
 		path = filepath.Join(dirPath, filename)
 		if filename == filenameGet {
 			if killed {
@@ -165,8 +174,9 @@ func refreshDir(
 				return false
 			}
 			log.Println(r.RemoteAddr, "pypi download", filename)
-			resp, err = http.Get(pkgURL.String())
+			resp, err = http.Get(uri)
 			if err != nil {
+				log.Println(r.RemoteAddr, "pypi download error:", err.Error())
 				http.Error(w, err.Error(), http.StatusBadGateway)
 				return false
 			}
@@ -188,7 +198,7 @@ func refreshDir(
 				log.Println(r.RemoteAddr, "pypi", filename, "digest mismatch")
 				os.Remove(dst.Name())
 				dst.Close()
-				http.Error(w, err.Error(), http.StatusBadGateway)
+				http.Error(w, "digest mismatch", http.StatusBadGateway)
 				return false
 			}
 			if err = dst.Sync(); err != nil {
@@ -208,20 +218,29 @@ func refreshDir(
 			}
 		}
 		if filename == filenameGet || gpgUpdate {
-			if _, err = os.Stat(path); err == nil {
-				if resp, err := http.Get(pkgURL.String() + GPGSigExt); err == nil {
-					sig, err := ioutil.ReadAll(resp.Body)
-					resp.Body.Close()
-					if err == nil {
-						if err = WriteFileSync(dirPath, path+GPGSigExt, sig); err != nil {
-							http.Error(w, err.Error(), http.StatusInternalServerError)
-							return false
-						}
-						log.Println(r.RemoteAddr, "pypi downloaded signature", filename)
-					}
-				}
+			if _, err = os.Stat(path); err != nil {
+				goto GPGSigSkip
+			}
+			resp, err := http.Get(uri + GPGSigExt)
+			if err != nil {
+				goto GPGSigSkip
+			}
+			if resp.StatusCode != http.StatusOK {
+				resp.Body.Close()
+				goto GPGSigSkip
+			}
+			sig, err := ioutil.ReadAll(resp.Body)
+			resp.Body.Close()
+			if err != nil {
+				goto GPGSigSkip
+			}
+			if err = WriteFileSync(dirPath, path+GPGSigExt, sig); err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return false
 			}
+			log.Println(r.RemoteAddr, "pypi downloaded signature", filename)
 		}
+	GPGSigSkip:
 		path = path + SHA256Ext
 		_, err = os.Stat(path)
 		if err == nil {
@@ -544,10 +563,10 @@ func goodIntegrity() bool {
 				log.Fatal(err)
 			}
 			if bytes.Compare(hasher.Sum(digest[:0]), data) == 0 {
-				log.Println(pkgName, "GOOD")
+				fmt.Println(pkgName, "GOOD")
 			} else {
 				isGood = false
-				log.Println(pkgName, "BAD")
+				fmt.Println(pkgName, "BAD")
 			}
 			hasher.Reset()
 		}