SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Make CSAF upload size configurable. Defaults to 50MB

Browse source
This commit is contained in:
Sascha L. Teichmann 2021-12-14 22:04:44 +01:00
parent 8623728a9a
commit bba9dcec8f
2 changed files with 24 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

7
cmd/csaf_provider/actions.go
View file

@ -37,7 +37,7 @@ func cleanFileName(s string) string {
return s return s
} }
func loadCSAF(r *http.Request) (string, []byte, error) { func (c *controller) loadCSAF(r *http.Request) (string, []byte, error) {
file, handler, err := r.FormFile("csaf") file, handler, err := r.FormFile("csaf")
if err != nil { if err != nil {
return "", nil, err return "", nil, err
@ -45,8 +45,7 @@ func loadCSAF(r *http.Request) (string, []byte, error) {
defer file.Close() defer file.Close()
var buf bytes.Buffer var buf bytes.Buffer
lr := io.LimitReader(file, 10*1024*1024) if _, err := io.Copy(&buf, c.cfg.uploadLimiter(file)); err != nil {
if _, err := io.Copy(&buf, lr); err != nil {
return "", nil, err return "", nil, err
} }
return cleanFileName(handler.Filename), buf.Bytes(), nil return cleanFileName(handler.Filename), buf.Bytes(), nil
@ -138,7 +137,7 @@ func (c *controller) create(*http.Request) (interface{}, error) {
func (c *controller) upload(r *http.Request) (interface{}, error) { func (c *controller) upload(r *http.Request) (interface{}, error) {
newCSAF, data, err := loadCSAF(r) newCSAF, data, err := c.loadCSAF(r)
if err != nil { if err != nil {
return nil, err return nil, err
} }

26
cmd/csaf_provider/config.go
View file

@ -10,6 +10,7 @@ package main
import ( import (
"fmt" "fmt"
"io"
"os" "os"
"strings" "strings"
@ -20,11 +21,12 @@ import (
) )
const ( const (
configEnv = "CSAF_CONFIG" configEnv = "CSAF_CONFIG"
defaultConfigPath = "/usr/lib/casf/config.toml" defaultConfigPath = "/usr/lib/casf/config.toml"
defaultFolder = "/var/www/" defaultFolder = "/var/www/"
defaultWeb = "/var/www/html" defaultWeb = "/var/www/html"
defaultOpenPGPURL = "https://openpgp.circl.lu/pks/lookup?op=get&search=${FINGERPRINT}" defaultOpenPGPURL = "https://openpgp.circl.lu/pks/lookup?op=get&search=${FINGERPRINT}"
defaultUploadLimit = 50 * 1024 * 1024
) )
type config struct { type config struct {
@ -41,6 +43,7 @@ type config struct {
NoWebUI bool `toml:"no_web_ui"` NoWebUI bool `toml:"no_web_ui"`
DynamicProviderMetaData bool `toml:"dynamic_provider_metadata"` DynamicProviderMetaData bool `toml:"dynamic_provider_metadata"`
Publisher *csaf.Publisher `toml:"publisher"` Publisher *csaf.Publisher `toml:"publisher"`
UploadLimit *int64 `toml:"upload_limit"`
} }
type tlp string type tlp string
@ -70,6 +73,14 @@ func (t *tlp) UnmarshalText(text []byte) error {
return fmt.Errorf("invalid config TLP value: %v", string(text)) return fmt.Errorf("invalid config TLP value: %v", string(text))
} }
func (cfg *config) uploadLimiter(r io.Reader) io.Reader {
// Zero or less means no upload limit.
if cfg.UploadLimit == nil || *cfg.UploadLimit < 1 {
return r
}
return io.LimitReader(r, *cfg.UploadLimit)
}
func (cfg *config) GetOpenPGPURL(key *crypto.Key) string { func (cfg *config) GetOpenPGPURL(key *crypto.Key) string {
if key == nil { if key == nil {
return cfg.OpenPGPURL return cfg.OpenPGPURL
@ -143,5 +154,10 @@ func loadConfig() (*config, error) {
} }
} }
if cfg.UploadLimit == nil {
ul := int64(defaultUploadLimit)
cfg.UploadLimit = &ul
}
return &cfg, nil return &cfg, nil
} }