]> Sergey Matveev's repositories - uploader.git/blob - main.go
projects / uploader.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Umask friendly permissions
[uploader.git] / main.go
1 /*
2 uploader -- simplest form file uploader
3 Copyright (C) 2018-2020 Sergey Matveev <stargrave@stargrave.org>
4
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, version 3 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program.  If not, see <http://www.gnu.org/licenses/>.
16 */
17
18 package main
19
20 import (
21         "bufio"
22         "bytes"
23         "encoding/base64"
24         "encoding/hex"
25         "flag"
26         "fmt"
27         "html/template"
28         "io"
29         "io/ioutil"
30         "log"
31         "mime"
32         "net"
33         "net/http"
34         "os"
35         "os/exec"
36         "strconv"
37         "strings"
38         "time"
39
40         "go.cypherpunks.ru/recfile"
41         "go.cypherpunks.ru/tai64n"
42         "golang.org/x/crypto/blake2b"
43         "golang.org/x/net/netutil"
44 )
45
46 const (
47         WriteBufSize     = 1 << 20
48         FileFieldName    = "file"
49         CommentFieldName = "comment"
50
51         SendmailCmd = "/usr/sbin/sendmail"
52 )
53
54 var (
55         Index = template.Must(template.New("index").Parse(`<html>
56 <head><title>Upload</title></head><body>
57 <pre>
58 Example command line usage:
59
60     $ curl -F file=@somedata.tar.gpg [-F comment="optional comment"] http://.../upload/
61     $ b2sum -a blake2b somedata.tar.gpg # to verify checksum
62 </pre>
63 <form enctype="multipart/form-data" action="/upload/" method="post">
64 <label for="file">File to upload:</label><br/>
65 <input name="file" type="file" name="{{.}}" /><br/>
66 <label for="comment">Optional comment:</label></br>
67 <textarea name="comment" cols="80" rows="25" name="comment"></textarea><br/>
68 <input type="submit" />
69 </form></body></html>`))
70         NotifyFromAddr *string
71         NotifyToAddr   *string
72 )
73
74 func notify(tai, filename string, size int64, comment string) {
75         if *NotifyToAddr == "" {
76                 return
77         }
78         var rec bytes.Buffer
79         w := recfile.NewWriter(&rec)
80         w.WriteFields(
81                 recfile.Field{Name: "TAI64N", Value: tai},
82                 recfile.Field{Name: "Size", Value: strconv.FormatInt(size, 10)},
83                 recfile.Field{Name: "Filename", Value: filename},
84         )
85         w.WriteFieldMultiline("Comment", strings.Split(comment, "\n"))
86         cmd := exec.Command(SendmailCmd, *NotifyToAddr)
87         cmd.Stdin = io.MultiReader(
88                 strings.NewReader(fmt.Sprintf(
89                         `From: %s
90 To: %s
91 Subject: %s
92 MIME-Version: 1.0
93 Content-Type: text/plain; charset=utf-8
94 Content-Transfer-Encoding: base64
95
96 `,
97                         *NotifyFromAddr,
98                         *NotifyToAddr,
99                         mime.BEncoding.Encode("UTF-8", fmt.Sprintf("%s (%d KiB)", filename, size/1024)),
100                 )),
101                 strings.NewReader(base64.StdEncoding.EncodeToString(rec.Bytes())),
102         )
103         cmd.Run()
104 }
105
106 func upload(w http.ResponseWriter, r *http.Request) {
107         log.Println(r.RemoteAddr, "connected")
108         if r.Method == http.MethodGet {
109                 if err := Index.Execute(w, FileFieldName); err != nil {
110                         log.Println(r.RemoteAddr, err)
111                 }
112                 return
113         }
114         mr, err := r.MultipartReader()
115         if err != nil {
116                 log.Println(r.RemoteAddr, err)
117                 return
118         }
119         p, err := mr.NextPart()
120         if err != nil {
121                 log.Println(r.RemoteAddr, err)
122                 return
123         }
124         if p.FormName() != FileFieldName {
125                 log.Println(r.RemoteAddr, "non file form field")
126                 return
127         }
128         h, err := blake2b.New512(nil)
129         if err != nil {
130                 panic(err)
131         }
132         t := time.Now()
133         ts := new(tai64n.TAI64N)
134         tai64n.FromTime(t, ts)
135         tai := ts.Encode()[1:]
136         fnOrig := p.FileName()
137         fd, err := os.OpenFile(tai+".part", os.O_WRONLY|os.O_CREATE, 0666)
138         if err != nil {
139                 log.Println(r.RemoteAddr, tai, fnOrig, err)
140                 return
141         }
142         fdBuf := bufio.NewWriterSize(fd, WriteBufSize)
143         mw := io.MultiWriter(fdBuf, h)
144         n, err := io.Copy(mw, p)
145         if err != nil {
146                 log.Println(r.RemoteAddr, tai, fnOrig, err)
147                 fd.Close()
148                 return
149         }
150         if n == 0 {
151                 log.Println(r.RemoteAddr, tai, fnOrig, "empty")
152                 os.Remove(tai + ".part")
153                 fd.Close()
154                 fmt.Fprintf(w, "Empty file")
155                 return
156         }
157         if err = fdBuf.Flush(); err != nil {
158                 log.Println(r.RemoteAddr, tai, fnOrig, err)
159                 fd.Close()
160                 return
161         }
162         if err = fd.Sync(); err != nil {
163                 log.Println(r.RemoteAddr, tai, fnOrig, err)
164                 fd.Close()
165                 return
166         }
167         fd.Close()
168         sum := hex.EncodeToString(h.Sum(nil))
169         if err = os.Rename(tai+".part", tai); err != nil {
170                 log.Println(r.RemoteAddr, tai, fnOrig, n, sum, err)
171                 return
172         }
173         var rec bytes.Buffer
174         wr := recfile.NewWriter(&rec)
175         if _, err = wr.WriteFields(
176                 recfile.Field{Name: "TAI64N", Value: tai},
177                 recfile.Field{Name: "Size", Value: strconv.FormatInt(n, 10)},
178                 recfile.Field{Name: "Checksum", Value: sum},
179         ); err != nil {
180                 log.Println(r.RemoteAddr, tai, fnOrig, n, sum, err)
181                 return
182         }
183         io.Copy(w, &rec)
184         log.Println(r.RemoteAddr, tai, fnOrig, n, sum)
185         p, err = mr.NextPart()
186         if err != nil || p.FormName() != CommentFieldName {
187                 go notify(fnOrig, tai, n, "")
188                 return
189         }
190         comment, err := ioutil.ReadAll(p)
191         if err != nil || len(comment) == 0 {
192                 go notify(tai, fnOrig, n, "")
193                 return
194         }
195         ioutil.WriteFile(tai+".txt", comment, os.FileMode(0666))
196         go notify(tai, fnOrig, n, string(comment))
197 }
198
199 func main() {
200         bind := flag.String("bind", "[::]:8086", "Address to bind to")
201         conns := flag.Int("conns", 2, "Maximal number of connections")
202         NotifyFromAddr = flag.String("notify-from", "uploader@example.com", "Address notifications are send to")
203         NotifyToAddr = flag.String("notify-to", "", "Address notifications are send from")
204         flag.Parse()
205         if len(*NotifyFromAddr) == 0 && len(*NotifyToAddr) > 0 {
206                 log.Fatalln("notify-from address can not be empty, if notify-to is set")
207         }
208         ln, err := net.Listen("tcp", *bind)
209         if err != nil {
210                 log.Fatalln(err)
211         }
212         log.Println("listening", *bind)
213         ln = netutil.LimitListener(ln, *conns)
214         s := &http.Server{
215                 ReadHeaderTimeout: 10 * time.Second,
216                 MaxHeaderBytes:    10 * (1 << 10),
217         }
218         http.HandleFunc("/upload/", upload)
219         s.Serve(ln)
220 }
Simplest form file uploader