X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=upload.go;h=a3daa9357e97cc336cf1c02f633b0be5aea3bdff;hb=d92ea43465ba141be89483d09a5625a6f593726b;hp=cd98df5ba5954db50c2889393c882c3b77be4994;hpb=37facf3dde161d2df4d430896dc87ebb5740cc64;p=gocheese.git

diff --git a/upload.go b/upload.go
index cd98df5..a3daa93 100644
--- a/upload.go
+++ b/upload.go
@@ -29,8 +29,15 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
+	"regexp"
+	"strings"
+	"time"
+
+	"go.cypherpunks.ru/recfile"
 )
 
+var NormalizationRe = regexp.MustCompilePOSIX("[-_.]+")
+
 func serveUpload(w http.ResponseWriter, r *http.Request) {
 	// Authentication
 	username, password, ok := r.BasicAuth()
@@ -59,17 +66,27 @@ func serveUpload(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "single name is expected in request", http.StatusBadRequest)
 		return
 	}
-	pkgName := normalizationRe.ReplaceAllString(pkgNames[0], "-")
-	dirPath := filepath.Join(*root, pkgName)
-	var digestExpected []byte
-	if digestExpectedHex, exists := r.MultipartForm.Value["sha256_digest"]; exists {
-		digestExpected, err = hex.DecodeString(digestExpectedHex[0])
+	pkgName := strings.ToLower(NormalizationRe.ReplaceAllString(pkgNames[0], "-"))
+	dirPath := filepath.Join(Root, pkgName)
+	gpgSigsExpected := make(map[string]struct{})
+	now := time.Now().UTC()
+
+	var digestSHA256Expected []byte
+	if digestSHA256ExpectedHex, exists := r.MultipartForm.Value["sha256_digest"]; exists {
+		digestSHA256Expected, err = hex.DecodeString(digestSHA256ExpectedHex[0])
 		if err != nil {
 			http.Error(w, "bad sha256_digest: "+err.Error(), http.StatusBadRequest)
 			return
 		}
 	}
-	gpgSigsExpected := make(map[string]struct{})
+	var digestBLAKE2b256Expected []byte
+	if digestBLAKE2b256ExpectedHex, exists := r.MultipartForm.Value["blake2_256_digest"]; exists {
+		digestBLAKE2b256Expected, err = hex.DecodeString(digestBLAKE2b256ExpectedHex[0])
+		if err != nil {
+			http.Error(w, "bad blake2_256_digest: "+err.Error(), http.StatusBadRequest)
+			return
+		}
+	}
 
 	// Checking is it internal package
 	if _, err = os.Stat(filepath.Join(dirPath, InternalFlag)); err != nil {
@@ -105,8 +122,9 @@ func serveUpload(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 		dstBuf := bufio.NewWriter(dst)
-		hasher := sha256.New()
-		wr := io.MultiWriter(hasher, dst)
+		hasherSHA256 := sha256.New()
+		hasherBLAKE2b256 := blake2b256New()
+		wr := io.MultiWriter(hasherSHA256, hasherBLAKE2b256, dst)
 		if _, err = io.Copy(wr, src); err != nil {
 			log.Println("error", r.RemoteAddr, filename, err)
 			os.Remove(dst.Name())
@@ -131,17 +149,30 @@ func serveUpload(w http.ResponseWriter, r *http.Request) {
 			}
 		}
 		dst.Close()
-		digest := hasher.Sum(nil)
-		if digestExpected != nil {
-			if bytes.Compare(digestExpected, digest) == 0 {
-				log.Println(r.RemoteAddr, filename, "good checksum received")
+
+		digestSHA256 := hasherSHA256.Sum(nil)
+		digestBLAKE2b256 := hasherBLAKE2b256.Sum(nil)
+		if digestSHA256Expected != nil {
+			if bytes.Compare(digestSHA256Expected, digestSHA256) == 0 {
+				log.Println(r.RemoteAddr, filename, "good SHA256 checksum received")
 			} else {
-				log.Println(r.RemoteAddr, filename, "bad checksum received")
-				http.Error(w, "bad checksum", http.StatusBadRequest)
+				log.Println(r.RemoteAddr, filename, "bad SHA256 checksum received")
+				http.Error(w, "bad sha256 checksum", http.StatusBadRequest)
 				os.Remove(dst.Name())
 				return
 			}
 		}
+		if digestBLAKE2b256Expected != nil {
+			if bytes.Compare(digestBLAKE2b256Expected, digestBLAKE2b256) == 0 {
+				log.Println(r.RemoteAddr, filename, "good BLAKE2b-256 checksum received")
+			} else {
+				log.Println(r.RemoteAddr, filename, "bad BLAKE2b-256 checksum received")
+				http.Error(w, "bad blake2_256 checksum", http.StatusBadRequest)
+				os.Remove(dst.Name())
+				return
+			}
+		}
+
 		if err = os.Rename(dst.Name(), path); err != nil {
 			log.Println("error", r.RemoteAddr, path, err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -152,11 +183,16 @@ func serveUpload(w http.ResponseWriter, r *http.Request) {
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
-		if err = WriteFileSync(dirPath, path+"."+HashAlgoSHA256, digest); err != nil {
+		if err = WriteFileSync(dirPath, path+"."+HashAlgoSHA256, digestSHA256, now); err != nil {
 			log.Println("error", r.RemoteAddr, path+"."+HashAlgoSHA256, err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
+		if err = WriteFileSync(dirPath, path+"."+HashAlgoBLAKE2b256, digestBLAKE2b256, now); err != nil {
+			log.Println("error", r.RemoteAddr, path+"."+HashAlgoBLAKE2b256, err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
 	}
 	for _, file := range r.MultipartForm.File["gpg_signature"] {
 		filename := file.Filename
@@ -186,10 +222,62 @@ func serveUpload(w http.ResponseWriter, r *http.Request) {
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
-		if err = WriteFileSync(dirPath, path, sig); err != nil {
+		if err = WriteFileSync(dirPath, path, sig, now); err != nil {
 			log.Println("error", r.RemoteAddr, path, err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 	}
+
+	var buf bytes.Buffer
+	wr := recfile.NewWriter(&buf)
+	for _, m := range [][2]string{
+		{"name", MetadataFieldName},
+		{"version", MetadataFieldVersion},
+		{"platform", MetadataFieldPlatform},
+		{"supported_platform", MetadataFieldSupportedPlatform},
+		{"summary", MetadataFieldSummary},
+		{"description", MetadataFieldDescription},
+		{"description_content_type", MetadataFieldDescriptionContentType},
+		{"keywords", MetadataFieldKeywords},
+		{"home_page", MetadataFieldHomePage},
+		{"author", MetadataFieldAuthor},
+		{"author_email", MetadataFieldAuthorEmail},
+		{"maintainer", MetadataFieldMaintainer},
+		{"maintainer_email", MetadataFieldMaintainerEmail},
+		{"license", MetadataFieldLicense},
+		{"classifiers", MetadataFieldClassifier},
+		{"requires_dist", MetadataFieldRequiresDist},
+		{"requires_python", MetadataFieldRequiresPython},
+		{"requires_external", MetadataFieldRequiresExternal},
+		{"project_url", MetadataFieldProjectURL},
+		{"provides_extra", MetadataFieldProvidesExtra},
+	} {
+		formField, recField := m[0], m[1]
+		if vs, exists := r.MultipartForm.Value[formField]; exists {
+			for _, v := range vs {
+				lines := strings.Split(v, "\n")
+				if len(lines) > 1 {
+					_, err = wr.WriteFieldMultiline(
+						metadataFieldToRecField(recField),
+						lines,
+					)
+				} else {
+					_, err = wr.WriteFields(recfile.Field{
+						Name:  metadataFieldToRecField(recField),
+						Value: lines[0],
+					})
+				}
+				if err != nil {
+					log.Fatalln(err)
+				}
+			}
+		}
+	}
+	path := filepath.Join(dirPath, MetadataFile)
+	if err = WriteFileSync(dirPath, path, buf.Bytes(), now); err != nil {
+		log.Println("error", r.RemoteAddr, path, err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
 }