linaro-license-protection

Merge lp:~gesha/linaro-license-protection/fix-https-and-chrome into lp:~linaro-automation/linaro-license-protection/trunk

  1. fix-https-and-chrome
  2. Merge into trunk
Proposed by Georgy Redkozubov
Status: Merged
Merged at revision: 63
Proposed branch: lp:~gesha/linaro-license-protection/fix-https-and-chrome
Merge into: lp:~linaro-automation/linaro-license-protection/trunk
Diff against target: 221 lines (+84/-36)
3 files modified
.htaccess (+18/-5)
licenses/license.php (+64/-29)
licenses/ste.html (+2/-2)
To merge this branch: bzr merge lp:~gesha/linaro-license-protection/fix-https-and-chrome
Reviewer Review Type Date Requested Status
James Tunnicliffe (community) Approve
Paul Sokolovsky Approve
Review via email: mp+103482@code.launchpad.net

Description of the change

This branch adds https processing and fixes cookies handling.

To post a comment you must log in.
lp:~gesha/linaro-license-protection/fix-https-and-chrome updated
67. By Georgy Redkozubov

Updated filename handling

68. By Georgy Redkozubov

Added symlinks support

Revision history for this message
Paul Sokolovsky (pfalcon) wrote :

I was here and eyeballed it for typos, etc.

Not sure I understand functionality enough to comment on that. One thing I could point to is:

+function check_file($fn)
70 +{
71 + if (is_file($fn) or is_link($fn)) {

if (file_exists($fn) and check_file($fn)) { // Requested download is file

Symlink is assumed to be a file, but it can point to a dir too.

review: Approve
Revision history for this message
James Tunnicliffe (dooferlad) wrote :

This looks fine to me. I assume it passes the tests :-)

On the subject of tests, I don't think we have one for the condition that Paul spotted (simlink to something that isn't a file). I don't think it is worth holding up releasing this since I don't think we simlink to directories at the moment on snapshots or releases, but it is worth filing a bug and getting it fixed when you have the time.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file '.htaccess'
--- .htaccess 2012-04-24 08:30:45 +0000
+++ .htaccess 2012-04-25 16:35:48 +0000
@@ -11,11 +11,13 @@
1111
12## CO_DOMAIN is set to host name or host address12## CO_DOMAIN is set to host name or host address
13## without port number for use in cookie domain13## without port number for use in cookie domain
14RewriteCond %{SERVER_PORT} !^80$14RewriteCond %{SERVER_PORT} !^80$ [OR]
15RewriteCond %{SERVER_PORT} !^443$
15RewriteCond %{HTTP_HOST} (.*)(\:.*)16RewriteCond %{HTTP_HOST} (.*)(\:.*)
16RewriteRule .* - [E=CO_DOMAIN:%1]17RewriteRule .* - [E=CO_DOMAIN:%1]
1718
18RewriteCond %{SERVER_PORT} ^80$19RewriteCond %{SERVER_PORT} !^80$ [OR]
20RewriteCond %{SERVER_PORT} !^443$
19RewriteCond %{HTTP_HOST} (^.*$)21RewriteCond %{HTTP_HOST} (^.*$)
20RewriteRule .* - [E=CO_DOMAIN:%1]22RewriteRule .* - [E=CO_DOMAIN:%1]
2123
@@ -50,7 +52,7 @@
50## Unset it to be able to process several protected files in the same dir52## Unset it to be able to process several protected files in the same dir
51RewriteCond %{HTTP_COOKIE} licenseaccepted=true53RewriteCond %{HTTP_COOKIE} licenseaccepted=true
52RewriteCond %{HTTP_COOKIE} downloadrequested=([^\;]*\/)([^/\;]*)54RewriteCond %{HTTP_COOKIE} downloadrequested=([^\;]*\/)([^/\;]*)
53RewriteRule .* - [CO=licenseaccepted:INVALID:;:-1:%1,L]55RewriteRule .* - [CO=licenseaccepted:INVALID:.%{ENV:CO_DOMAIN}:-1:%1,L]
5456
55## When license is accepted, set the cookie.57## When license is accepted, set the cookie.
56RewriteCond %{REQUEST_URI} licenses/.*-accepted.html$58RewriteCond %{REQUEST_URI} licenses/.*-accepted.html$
@@ -62,6 +64,17 @@
62RewriteCond %{HTTP_COOKIE} downloadrequested=(.*)64RewriteCond %{HTTP_COOKIE} downloadrequested=(.*)
63RewriteRule .* /licenses/nolicense.html [L]65RewriteRule .* /licenses/nolicense.html [L]
6466
67## Exception for images.
68RewriteCond %{REQUEST_URI} /favicon.ico [OR]
69RewriteCond %{REQUEST_URI} .*\.png
70RewriteRule .* - [L]
71
72## Exception for restricted area
73RewriteCond %{REQUEST_URI} .*openid.* [OR]
74RewriteCond %{REQUEST_URI} .*restricted.* [OR]
75RewriteCond %{REQUEST_URI} .*private.*
76RewriteRule .* - [L]
77
65## Pass through any non-protected dirs.78## Pass through any non-protected dirs.
66RewriteCond %{REQUEST_FILENAME} -d79RewriteCond %{REQUEST_FILENAME} -d
67RewriteCond %{REQUEST_FILENAME}/OPEN-EULA.txt -f 80RewriteCond %{REQUEST_FILENAME}/OPEN-EULA.txt -f
@@ -73,11 +86,11 @@
7386
74## Unset cookie indicating redirect from license.php87## Unset cookie indicating redirect from license.php
75RewriteCond %{HTTP_COOKIE} redirectlicensephp=yes88RewriteCond %{HTTP_COOKIE} redirectlicensephp=yes
76RewriteRule .* - [CO=redirectlicensephp:INVALID:;:-1,L]89RewriteRule .* - [CO=redirectlicensephp:INVALID:.%{ENV:CO_DOMAIN}:-1,L]
7790
78## Redirect to the Samsung license file protected builds.91## Redirect to the Samsung license file protected builds.
79RewriteCond %{REQUEST_URI} !^/$ 92RewriteCond %{REQUEST_URI} !^/$
80RewriteRule .* /licenses/license.php [CO=downloadrequested:%{REQUEST_URI}:.%{ENV:CO_DOMAIN},L,R]93RewriteRule .* /licenses/license.php [CO=downloadrequested:%{REQUEST_URI}:.%{ENV:CO_DOMAIN}:5:/,L,R]
8194
82## Return "Permission denied" if no EULA/OPEN-EULA exists95## Return "Permission denied" if no EULA/OPEN-EULA exists
83RewriteCond %{REQUEST_URI} !^/$96RewriteCond %{REQUEST_URI} !^/$
8497
=== modified file 'licenses/license.php'
--- licenses/license.php 2012-04-24 08:30:45 +0000
+++ licenses/license.php 2012-04-25 16:35:48 +0000
@@ -1,12 +1,20 @@
1<?php1<?php
2// Get list of files into array to process them later.2// Get list of files into array to process them later.
3// Used to find special licenses and dirs with only subdirs.3// Used to find special licenses and dirs with only subdirs.
4function check_file($fn)
5{
6 if (is_file($fn) or is_link($fn)) {
7 return true;
8 }
9 return false;
10}
11
4function getFilesList($dirname)12function getFilesList($dirname)
5{13{
6 $files = array(); 14 $files = array();
7 if ($handle = opendir($dirname)) {15 if ($handle = opendir($dirname)) {
8 while ($handle && false !== ($entry = readdir($handle))) {16 while ($handle && false !== ($entry = readdir($handle))) {
9 if ($entry != "." && $entry != ".." && !is_dir($dirname.$entry) && !is_link($dirname.$entry)) {17 if ($entry != "." && $entry != ".." && !is_dir($dirname.$entry) && $entry != "HEADER.html") {
10 $files[] = $entry;18 $files[] = $entry;
11 }19 }
12 }20 }
@@ -55,31 +63,58 @@
55 } else {63 } else {
56 $theme = "linaro";64 $theme = "linaro";
57 }65 }
58 } 66 }
59 return $theme;67 return $theme;
60}68}
6169
70function status_forbidden($dir)
71{
72 header("Status: 403");
73 header("HTTP/1.1 403 Forbidden");
74 echo "<h1>Forbidden</h1>";
75 echo "You don't have permission to access ".$dir." on this server.";
76 exit;
77}
78
79function status_ok($dir, $domain)
80{
81 header("Status: 200");
82 header("Location: ".$dir);
83 setcookie("redirectlicensephp", "yes", 0, "/", ".".$domain);
84 exit;
85}
86
87function status_not_found()
88{
89 header("Status: 404");
90 header("HTTP/1.0 404 Not Found");
91 echo "<h1>404 Not Found</h1>";
92 echo "The requested URL was not found on this server.";
93 exit;
94}
95
62$down = $_COOKIE["downloadrequested"];96$down = $_COOKIE["downloadrequested"];
63$host = $_SERVER["HTTP_HOST"];97$host = $_SERVER["HTTP_HOST"];
64$doc = $_SERVER["DOCUMENT_ROOT"];98$doc = $_SERVER["DOCUMENT_ROOT"];
99$domain = $_SERVER["CO_DOMAIN"];
65$fn = $doc.$down; // Filename on server100$fn = $doc.$down; // Filename on server
66$flist = array();101$flist = array();
67$eula = '';102$eula = '';
68103
69if (file_exists($fn) and is_file($fn)) { // Requested download is file104if (preg_match("/.*openid.*/", $fn) or preg_match("/.*restricted.*/", $fn) or preg_match("/.*private.*/", $fn)) {
105 status_ok($down, $domain);
106}
107
108if (file_exists($fn) and check_file($fn)) { // Requested download is file
70 $search_dir = dirname($fn);109 $search_dir = dirname($fn);
71 $repl = dirname($down);110 $repl = dirname($down);
72 $name_only = splitFilename(basename($down));111 $name_only = array(basename($down), '');
73} elseif (is_dir($fn)) { // Requested download is directory112} elseif (is_dir($fn)) { // Requested download is directory
74 $search_dir = $fn;113 $search_dir = $fn;
75 $repl = $down;114 $repl = $down;
76 $name_only = array();115 $name_only = array();
77} else { // Requested download not found on server116} else { // Requested download not found on server
78 header("HTTP/1.0 404 Not Found");117 status_not_found();
79 header("Status: 404");
80 echo "<h1>404 Not Found</h1>";
81 echo "The requested URL was not found on this server.";
82 exit;
83}118}
84119
85$flist = getFilesList($search_dir);120$flist = getFilesList($search_dir);
@@ -89,26 +124,26 @@
89 $eula = findSpecialEULA($flist, $pattern);124 $eula = findSpecialEULA($flist, $pattern);
90}125}
91126
92if (is_file($doc."/".$repl."/".$eula)) { // Special EULA found127if (check_file($fn)) {
93 $theme = getTheme($eula, $down);128 if (check_file($doc."/".$repl."/".$eula)) { // Special EULA found
94} elseif (is_file($doc."/".$repl."/EULA.txt")) { // No special EULA found129 $theme = getTheme($eula, $down);
95 $theme = getTheme("EULA.txt", $down);130 } elseif (check_file($doc."/".$repl."/EULA.txt")) { // No special EULA found
96} elseif (file_exists($fn) and findSpecialEULA($flist, "/.*EULA.txt.*/")) {131 $theme = getTheme("EULA.txt", $down);
97 // If file is requested but no special EULA for it and no EULA.txt is present,132 } elseif (findSpecialEULA($flist, "/.*EULA.txt.*/")) {
98 // look for any EULA and if found decide that current file is not protected.133 // If file is requested but no special EULA for it and no EULA.txt is present,
99 setcookie("redirectlicensephp", "yes", 0, "/");134 // look for any EULA and if found decide that current file is not protected.
100 header("Location: ".$down);135 status_ok($down, $domain);
101 exit;136 } else {
102} elseif (empty($flist)) { // Directory contains only subdirs137 status_forbidden($down);
103 setcookie("redirectlicensephp", "yes", 0, "/");138 }
104 header("Location: ".$down);139} elseif (is_dir($fn)) {
105 exit;140 if (empty($flist) or findSpecialEULA($flist, "/.*EULA.txt.*/")) { // Directory contains only subdirs or any EULA
106} else { // No special EULA, no EULA.txt, no OPEN-EULA.txt found141 status_ok($down, $domain);
107 header("HTTP/1.1 403 Forbidden");142 } else { // No special EULA, no EULA.txt, no OPEN-EULA.txt found
108 header("Status: 403");143 status_forbidden($down);
109 echo "<h1>Forbidden</h1>";144 }
110 echo "You don't have permission to access ".$down." on this server.";145} else {
111 exit;146 status_forbidden($down);
112}147}
113148
114$template_content = file_get_contents($doc."/licenses/".$theme.".html");149$template_content = file_get_contents($doc."/licenses/".$theme.".html");
115150
=== modified file 'licenses/ste.html'
--- licenses/ste.html 2012-04-24 08:30:45 +0000
+++ licenses/ste.html 2012-04-25 16:35:48 +0000
@@ -108,8 +108,6 @@
108EULA.txt108EULA.txt
109</div><!-- license-text -->109</div><!-- license-text -->
110110
111</div><!-- content -->
112
113<div id="actions">111<div id="actions">
114112
115<div style="float: left;">If accepting the license doesn't work, enable113<div style="float: left;">If accepting the license doesn't work, enable
@@ -120,5 +118,7 @@
120118
121</div>119</div>
122120
121</div><!-- content -->
122
123</body>123</body>
124</html>124</html>

Subscribers

People subscribed via source and target branches