http.Error(w, err.Error(), http.StatusBadRequest)
return
}
+ var digestExpected []byte
+ if digestExpectedHex, exists := r.MultipartForm.Value["sha256_digest"]; exists {
+ digestExpected, err = hex.DecodeString(digestExpectedHex[0])
+ if err != nil {
+ http.Error(w, "bad sha256_digest: "+err.Error(), http.StatusBadRequest)
+ return
+ }
+ }
for _, file := range r.MultipartForm.File["content"] {
filename := file.Filename
log.Println(r.RemoteAddr, "put", filename, "by", username)
return
}
dst.Close()
+ digest := hasher.Sum(nil)
+ if digestExpected != nil {
+ if bytes.Compare(digestExpected, digest) == 0 {
+ log.Println(r.RemoteAddr, filename, "good checksum received")
+ } else {
+ log.Println(r.RemoteAddr, filename, "bad checksum received")
+ http.Error(w, "bad checksum", http.StatusBadRequest)
+ os.Remove(dst.Name())
+ return
+ }
+ }
if err = os.Rename(dst.Name(), path); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
- if err = ioutil.WriteFile(path+SHA256Ext, hasher.Sum(nil), os.FileMode(0666)); err != nil {
+ if err = ioutil.WriteFile(path+SHA256Ext, digest, os.FileMode(0666)); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}