main.go

   1 /*
   2 uploader -- simplest form file uploader
   3 Copyright (C) 2018-2020 Sergey Matveev <stargrave@stargrave.org>
   4
   5 This program is free software: you can redistribute it and/or modify
   6 it under the terms of the GNU General Public License as published by
   7 the Free Software Foundation, version 3 of the License.
   8
   9 This program is distributed in the hope that it will be useful,
  10 but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 GNU General Public License for more details.
  13
  14 You should have received a copy of the GNU General Public License
  15 along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16 */
  17
  18 package main
  19
  20 import (
  21         "bufio"
  22         "bytes"
  23         "encoding/base64"
  24         "encoding/hex"
  25         "flag"
  26         "fmt"
  27         "html/template"
  28         "io"
  29         "io/ioutil"
  30         "log"
  31         "mime"
  32         "net"
  33         "net/http"
  34         "os"
  35         "os/exec"
  36         "strconv"
  37         "strings"
  38         "time"
  39
  40         "go.cypherpunks.ru/recfile"
  41         "go.cypherpunks.ru/tai64n"
  42         "golang.org/x/crypto/blake2b"
  43         "golang.org/x/net/netutil"
  44 )
  45
  46 const (
  47         WriteBufSize     = 1 << 20
  48         FileFieldName    = "file"
  49         CommentFieldName = "comment"
  50
  51         SendmailCmd = "/usr/sbin/sendmail"
  52 )
  53
  54 var (
  55         Index = template.Must(template.New("index").Parse(`<html>
  56 <head><title>Upload</title></head><body>
  57 Example command line usage:
  58 <pre>
  59 $ curl -F file=@somedata.tar.gpg [-F comment="optional comment"] http://.../upload/
  60 $ b2sum -a blake2b somedata.tar.gpg # to verify checksum
  61 </pre>
  62 <form enctype="multipart/form-data" action="/upload/" method="post">
  63 <label for="file">File to upload:</label><br/>
  64 <input name="file" type="file" name="{{.}}" /><br/>
  65 <label for="comment">Optional comment:</label></br>
  66 <textarea name="comment" cols="80" rows="25" name="comment"></textarea><br/>
  67 <input type="submit" />
  68 </form></body></html>`))
  69         NotifyFromAddr *string
  70         NotifyToAddr   *string
  71 )
  72
  73 func notify(tai, filename string, size int64, comment string) {
  74         if *NotifyToAddr == "" {
  75                 return
  76         }
  77         var rec bytes.Buffer
  78         w := recfile.NewWriter(&rec)
  79         w.WriteFields(
  80                 recfile.Field{Name: "TAI64N", Value: tai},
  81                 recfile.Field{Name: "Size", Value: strconv.FormatInt(size, 10)},
  82                 recfile.Field{Name: "Filename", Value: filename},
  83         )
  84         w.WriteFieldMultiline("Comment", strings.Split(comment, "\n"))
  85         cmd := exec.Command(SendmailCmd, *NotifyToAddr)
  86         cmd.Stdin = io.MultiReader(
  87                 strings.NewReader(fmt.Sprintf(
  88                         `From: %s
  89 To: %s
  90 Subject: %s
  91 MIME-Version: 1.0
  92 Content-Type: text/plain; charset=utf-8
  93 Content-Transfer-Encoding: base64
  94
  95 `,
  96                         *NotifyFromAddr,
  97                         *NotifyToAddr,
  98                         mime.BEncoding.Encode("UTF-8", fmt.Sprintf("%s (%d KiB)", filename, size/1024)),
  99                 )),
 100                 strings.NewReader(base64.StdEncoding.EncodeToString(rec.Bytes())),
 101         )
 102         cmd.Run()
 103 }
 104
 105 func upload(w http.ResponseWriter, r *http.Request) {
 106         log.Println(r.RemoteAddr, "connected")
 107         if r.Method == http.MethodGet {
 108                 if err := Index.Execute(w, FileFieldName); err != nil {
 109                         log.Println(r.RemoteAddr, err)
 110                 }
 111                 return
 112         }
 113         mr, err := r.MultipartReader()
 114         if err != nil {
 115                 log.Println(r.RemoteAddr, err)
 116                 return
 117         }
 118         p, err := mr.NextPart()
 119         if err != nil {
 120                 log.Println(r.RemoteAddr, err)
 121                 return
 122         }
 123         if p.FormName() != FileFieldName {
 124                 log.Println(r.RemoteAddr, "non file form field")
 125                 return
 126         }
 127         h, err := blake2b.New512(nil)
 128         if err != nil {
 129                 panic(err)
 130         }
 131         t := time.Now()
 132         ts := new(tai64n.TAI64N)
 133         tai64n.FromTime(t, ts)
 134         tai := ts.Encode()[1:]
 135         fnOrig := p.FileName()
 136         fd, err := os.OpenFile(tai+".part", os.O_WRONLY|os.O_CREATE|os.O_EXCL, 0666)
 137         if err != nil {
 138                 log.Println(r.RemoteAddr, tai, fnOrig, err)
 139                 return
 140         }
 141         fdBuf := bufio.NewWriterSize(fd, WriteBufSize)
 142         mw := io.MultiWriter(fdBuf, h)
 143         n, err := io.Copy(mw, p)
 144         if err != nil {
 145                 log.Println(r.RemoteAddr, tai, fnOrig, err)
 146                 fd.Close()
 147                 return
 148         }
 149         if n == 0 {
 150                 log.Println(r.RemoteAddr, tai, fnOrig, "empty")
 151                 os.Remove(tai + ".part")
 152                 fd.Close()
 153                 fmt.Fprintf(w, "Empty file")
 154                 return
 155         }
 156         if err = fdBuf.Flush(); err != nil {
 157                 log.Println(r.RemoteAddr, tai, fnOrig, err)
 158                 fd.Close()
 159                 return
 160         }
 161         if err = fd.Sync(); err != nil {
 162                 log.Println(r.RemoteAddr, tai, fnOrig, err)
 163                 fd.Close()
 164                 return
 165         }
 166         fd.Close()
 167         sum := hex.EncodeToString(h.Sum(nil))
 168         if err = os.Rename(tai+".part", tai); err != nil {
 169                 log.Println(r.RemoteAddr, tai, fnOrig, n, sum, err)
 170                 return
 171         }
 172         var rec bytes.Buffer
 173         wr := recfile.NewWriter(&rec)
 174         if _, err = wr.WriteFields(
 175                 recfile.Field{Name: "TAI64N", Value: tai},
 176                 recfile.Field{Name: "Size", Value: strconv.FormatInt(n, 10)},
 177                 recfile.Field{Name: "Checksum", Value: sum},
 178         ); err != nil {
 179                 log.Println(r.RemoteAddr, tai, fnOrig, n, sum, err)
 180                 return
 181         }
 182         io.Copy(w, &rec)
 183         log.Println(r.RemoteAddr, tai, fnOrig, n, sum)
 184         p, err = mr.NextPart()
 185         if err != nil || p.FormName() != CommentFieldName {
 186                 go notify(fnOrig, tai, n, "")
 187                 return
 188         }
 189         comment, err := ioutil.ReadAll(p)
 190         if err != nil || len(comment) == 0 {
 191                 go notify(tai, fnOrig, n, "")
 192                 return
 193         }
 194         ioutil.WriteFile(tai+".txt", comment, os.FileMode(0666))
 195         go notify(tai, fnOrig, n, string(comment))
 196 }
 197
 198 func main() {
 199         bind := flag.String("bind", "[::]:8086", "Address to bind to")
 200         conns := flag.Int("conns", 2, "Maximal number of connections")
 201         NotifyFromAddr = flag.String("notify-from", "uploader@example.com", "Address notifications are sent to")
 202         NotifyToAddr = flag.String("notify-to", "", "Address notifications are sent from")
 203         flag.Parse()
 204         log.SetFlags(log.Lshortfile)
 205         log.SetOutput(os.Stdout)
 206         if len(*NotifyFromAddr) == 0 && len(*NotifyToAddr) > 0 {
 207                 log.Fatalln("notify-from address can not be empty, if notify-to is set")
 208         }
 209         ln, err := net.Listen("tcp", *bind)
 210         if err != nil {
 211                 log.Fatalln(err)
 212         }
 213         log.Println("listening", *bind)
 214         ln = netutil.LimitListener(ln, *conns)
 215         s := &http.Server{
 216                 ReadHeaderTimeout: 10 * time.Second,
 217                 MaxHeaderBytes:    10 * (1 << 10),
 218         }
 219         http.HandleFunc("/upload/", upload)
 220         s.Serve(ln)
 221 }