// TODO write more of a proper parser? (probably not worthwhile given that 2822 is the preferred format)
func ParseLineBasedLine(line string, defaults Manifest2822Entry) (*Manifest2822Entry, error) {
entry := defaults.Clone()
parts := strings.SplitN(line, ":", 2)
if len(parts) < 2 {
return nil, fmt.Errorf("manifest line missing ':': %s", line)
}
entry.Tags = []string{strings.TrimSpace(parts[0])}
parts = strings.SplitN(parts[1], "@", 2)
if len(parts) < 2 {
return nil, fmt.Errorf("manifest line missing '@': %s", line)
}
entry.GitRepo = strings.TrimSpace(parts[0])
parts = strings.SplitN(parts[1], " ", 2)
entry.GitCommit = strings.TrimSpace(parts[0])
if len(parts) > 1 {
entry.Directory = strings.TrimSpace(parts[1])
}
if entry.GitFetch == DefaultLineBasedFetch && !GitCommitRegex.MatchString(entry.GitCommit) {
// doesn't look like a commit, must be a tag
entry.GitFetch = "refs/tags/" + entry.GitCommit
entry.GitCommit = "FETCH_HEAD"
}
return &entry, nil
}
// Split a version into parts.
// "1.2.3-beta.2" -> []int{1, 2, 3}, []interface{}{"beta", 2}
func versionParts(v string) ([]int, []interface{}) {
if strings.HasPrefix(v, "v") || strings.HasPrefix(v, "V") {
// Strip initial 'v' or 'V' prefix if present.
v = v[1:]
}
parts := strings.SplitN(v, "+", 2)
parts = strings.SplitN(parts[0], "-", 2)
fields := strings.Split(parts[0], ".")
release := make([]int, len(fields))
for i, s := range fields {
v, _ := strconv.Atoi(s)
release[i] = v
}
var prerelease []interface{}
if len(parts) > 1 {
fields = strings.Split(parts[1], ".")
prerelease = make([]interface{}, len(fields))
for i, s := range fields {
v, err := strconv.Atoi(s)
if err == nil {
prerelease[i] = v
} else {
prerelease[i] = s
}
}
}
return release, prerelease
}
// Extract the username and password from the authorization
// line of an HTTP header. This function will handle the
// parsing and decoding of the line.
func ParseRaw(authLine string) (string, string, error) {
parts := strings.SplitN(authLine, " ", 2)
if len(parts) != 2 {
return "", "", errors.New("Authorization header malformed.")
}
method := parts[0]
if method != "Basic" {
return "", "", errors.New("Authorization must be basic.")
}
payload := parts[1]
decodedPayload, err := base64.StdEncoding.DecodeString(payload)
if err != nil {
return "", "", err
}
userPass := strings.SplitN(string(decodedPayload), ":", 2)
switch len(userPass) {
case 1:
return userPass[0], "", nil
case 2:
return userPass[0], userPass[1], nil
}
return "", "", errors.New("Unable to parse username or password.")
}
// This creates the elastic filter porition of a query
func ProcessLSKeys(keystring, filter string, filtered *elastic.FilteredQuery) ([]lsKeyMatch, error) {
var keys []lsKeyMatch
var filters []elastic.Filter
for _, section := range strings.Split(keystring, ",") {
sp := strings.SplitN(section, ":", 2)
k := lsKeyMatch{Key: sp[0]}
if len(sp) == 2 {
k.RawPattern = sp[1]
var err error
k.Pattern, err = regexp.Compile(k.RawPattern)
if err != nil {
return nil, err
}
re := elastic.NewRegexpFilter(k.Key, k.RawPattern)
filters = append(filters, re)
}
keys = append(keys, k)
}
if filter != "" {
for _, section := range strings.Split(filter, ",") {
sp := strings.SplitN(section, ":", 2)
if len(sp) != 2 {
return nil, fmt.Errorf("error parsing filter string")
}
re := elastic.NewRegexpFilter(sp[0], sp[1])
filters = append(filters, re)
}
}
if len(filters) > 0 {
and := elastic.NewAndFilter(filters...)
*filtered = filtered.Filter(and)
}
return keys, nil
}
// ParseDigestAuthorizationHeader parses an Authorization header and returns a DigestAuthorization object
func ParseDigestAuthorizationHeader(header string) (*DigestAuthorization, error) {
auth := DigestAuthorization{}
if len(header) == 0 {
return &auth, errors.New("Cannot parse Authorization header: no header present")
}
opts := make(map[string]string)
parts := strings.SplitN(header, " ", 2)
opts["type"] = parts[0]
parts = strings.Split(parts[1], ",")
for _, part := range parts {
vals := strings.SplitN(strings.TrimSpace(part), "=", 2)
key := vals[0]
val := strings.Replace(vals[1], "\"", "", -1)
opts[key] = val
}
auth = DigestAuthorization{
opts["type"],
opts["source"],
opts["username"],
opts["nonce"],
opts["sig"],
}
return &auth, nil
}
func GetKernelVersion() (*KernelVersionInfo, error) {
var (
flavor string
kernel, major, minor int
err error
)
uts, err := uname()
if err != nil {
return nil, err
}
release := make([]byte, len(uts.Release))
i := 0
for _, c := range uts.Release {
release[i] = byte(c)
i++
}
// Remove the \x00 from the release for Atoi to parse correctly
release = release[:bytes.IndexByte(release, 0)]
tmp := strings.SplitN(string(release), "-", 2)
tmp2 := strings.SplitN(tmp[0], ".", 3)
if len(tmp2) > 0 {
kernel, err = strconv.Atoi(tmp2[0])
if err != nil {
return nil, err
}
}
if len(tmp2) > 1 {
major, err = strconv.Atoi(tmp2[1])
if err != nil {
return nil, err
}
}
if len(tmp2) > 2 {
minor, err = strconv.Atoi(tmp2[2])
if err != nil {
return nil, err
}
}
if len(tmp) == 2 {
flavor = tmp[1]
} else {
flavor = ""
}
return &KernelVersionInfo{
Kernel: kernel,
Major: major,
Minor: minor,
Flavor: flavor,
}, nil
}
func httpAuth(h http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, request *http.Request) {
if len(request.Header["Authorization"]) == 0 {
log.Trace(fmt.Sprintf("httpAuth(): 'Authorization' Header Required"))
http.Error(w, "Authorization Required", http.StatusUnauthorized)
return
}
auth := strings.SplitN(request.Header["Authorization"][0], " ", 2)
if len(auth) != 2 || auth[0] != "Basic" {
log.Error(fmt.Sprintf("httpAuth(): Unhandled Authorization Type, Expected Basic"))
http.Error(w, "Unhandled Authorization Type, Expected Basic\n", http.StatusBadRequest)
return
}
payload, err := base64.StdEncoding.DecodeString(auth[1])
if err != nil {
log.Error(fmt.Sprintf("httpAuth(): Authorization base64.StdEncoding.DecodeString() Failed"))
http.Error(w, "Authorization Failed\n", http.StatusUnauthorized)
return
}
nv := strings.SplitN(string(payload), ":", 2)
if (len(nv) != 2) || !isAuthorized(nv[0], nv[1]) {
log.Error(fmt.Sprintf("httpAuth(): Authorization Failed: !isAuthorized() nv: %+v", nv))
http.Error(w, "Authorization Failed\n", http.StatusUnauthorized)
return
}
h(w, request)
}
}
/*
Constructor.
If bond is supplied, it is assumed to be a one element slice containing another
link from which the allotment obligation is fetched and will be referenced by the
link rather than creating a new obligation. Binding two links to an obligation
allows for easy accounting of total usage allocated (both directions) if the link
isn't full dupliex.
*/
func Mk_link(sw1 *string, sw2 *string, capacity int64, alarm_thresh int, mlag *string, bond ...*Link) (l *Link) {
var id string
id = fmt.Sprintf("%s-%s", *sw1, *sw2)
tokens := strings.SplitN(*sw1, "@", 2) // for host@interface names we want only the host as the switch name
sw1 = &tokens[0]
tokens = strings.SplitN(*sw2, "@", 2)
sw2 = &tokens[0]
l = &Link{
id: &id,
sw1: sw1,
sw2: sw2,
mlag: mlag,
Cost: 1, // for now all links are equal
port1: -2,
port2: -2,
}
if bond == nil || bond[0] == nil {
l.allotment = Mk_obligation(capacity, alarm_thresh)
} else {
l.allotment = bond[0].Get_allotment()
}
return
}
// Factoid add: 'key := value' or 'key :is value'
func insert(line *base.Line) {
if !line.Addressed || !util.IsFactoidAddition(line.Args[1]) {
return
}
var key, val string
if strings.Index(line.Args[1], ":=") != -1 {
kv := strings.SplitN(line.Args[1], ":=", 2)
key = ToKey(kv[0], false)
val = strings.TrimSpace(kv[1])
} else {
// we use :is to add val = "key is val"
kv := strings.SplitN(line.Args[1], ":is", 2)
key = ToKey(kv[0], false)
val = strings.Join([]string{strings.TrimSpace(kv[0]),
"is", strings.TrimSpace(kv[1])}, " ")
}
n, c := line.Storable()
fact := factoids.NewFactoid(key, val, n, c)
// The "randomwoot" factoid contains random positive phrases for success.
joy := "Woo"
if rand := fc.GetPseudoRand("randomwoot"); rand != nil {
joy = rand.Value
}
if err := fc.Insert(fact); err == nil {
count := fc.GetCount(key)
bot.ReplyN(line, "%s, I now know %d things about '%s'.", joy, count, key)
} else {
bot.ReplyN(line, "Error storing factoid: %s.", err)
}
}
// environ merges os.Environ and the given "key=value" pairs.
// If a key is in both os.Environ and kv, kv takes precedence.
func environ(kv []string) []string {
cur := os.Environ()
new := make([]string, 0, len(cur)+len(kv))
envs := make(map[string]string, len(cur))
for _, ev := range cur {
elem := strings.SplitN(ev, "=", 2)
if len(elem) != 2 || elem[0] == "" {
// pass the env var of unusual form untouched.
// e.g. Windows may have env var names starting with "=".
new = append(new, ev)
continue
}
if goos == "windows" {
elem[0] = strings.ToUpper(elem[0])
}
envs[elem[0]] = elem[1]
}
for _, ev := range kv {
elem := strings.SplitN(ev, "=", 2)
if len(elem) != 2 || elem[0] == "" {
panic(fmt.Sprintf("malformed env var %q from input", ev))
}
if goos == "windows" {
elem[0] = strings.ToUpper(elem[0])
}
envs[elem[0]] = elem[1]
}
for k, v := range envs {
new = append(new, k+"="+v)
}
return new
}
// decode decodes a mutation into an equivalent doozer.Event,
// from ../../store/store.go:/decode.
func decode(mut string) (ev doozer.Event, err error) {
cm := strings.SplitN(mut, ":", 2)
if len(cm) != 2 {
err = ErrBadMutation
return
}
ev.Rev, err = strconv.ParseInt(cm[0], 10, 64)
if err != nil {
return
}
kv := strings.SplitN(cm[1], "=", 2)
ev.Path = kv[0]
switch len(kv) {
case 1:
ev.Flag = del
case 2:
ev.Body = []byte(kv[1])
ev.Flag = set
}
return
}
func (r *templateRouter) FilterNamespaces(namespaces sets.String) {
r.lock.Lock()
defer r.lock.Unlock()
if len(namespaces) == 0 {
r.state = make(map[string]ServiceAliasConfig)
r.serviceUnits = make(map[string]ServiceUnit)
}
for k := range r.serviceUnits {
// TODO: the id of a service unit should be defined inside this class, not passed in from the outside
// remove the leak of the abstraction when we refactor this code
ns := strings.SplitN(k, "/", 2)[0]
if namespaces.Has(ns) {
continue
}
delete(r.serviceUnits, k)
}
for k := range r.state {
ns := strings.SplitN(k, "_", 2)[0]
if namespaces.Has(ns) {
continue
}
delete(r.state, k)
}
}
// url2BucketAndObject gives bucketName and objectName from URL path
func (c *s3Client) url2BucketAndObject() (bucketName, objectName string) {
path := c.hostURL.Path
// Convert any virtual host styled requests
//
// For the time being this check is introduced for S3,
// if you have custom virtual styled hosts please. list them below
match, _ := filepath.Match("*.s3*.amazonaws.com", c.hostURL.Host)
switch {
case match == true:
hostSplits := strings.SplitN(c.hostURL.Host, ".", 2)
path = string(c.hostURL.Separator) + hostSplits[0] + c.hostURL.Path
}
splits := strings.SplitN(path, string(c.hostURL.Separator), 3)
switch len(splits) {
case 0, 1:
bucketName = ""
objectName = ""
case 2:
bucketName = splits[1]
objectName = ""
case 3:
bucketName = splits[1]
objectName = splits[2]
}
return bucketName, objectName
}
// Given a command line string representing a resource, break it into type, host identity, and suffix
func SplitTypeHostSuffix(value string) (res ResourceType, host string, suffix string, err error) {
if value == "" {
err = errors.New("The identifier must be specified as <host>/<id> or <id>")
return
}
locatorParts := strings.SplitN(value, "://", 2)
if len(locatorParts) == 2 {
res = ResourceType(locatorParts[0])
value = locatorParts[1]
}
sections := strings.SplitN(value, "/", 2)
if len(sections) == 1 {
suffix = sections[0]
return
}
if strings.TrimSpace(sections[0]) == "" {
err = errors.New("You must specify <host>/<id> or <id>")
return
}
host = sections[0]
suffix = sections[1]
return
}
func (ff *ForwardFrontend) basicAuth(pass http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if ff.routeryConfig.Auth != nil {
if r.Header["Authorization"] == nil || len(r.Header["Authorization"]) <= 0 {
w.Header().Add("WWW-Authenticate", "Basic")
http.Error(w, "", 401)
return
}
auth := strings.SplitN(r.Header["Authorization"][0], " ", 2)
if len(auth) != 2 || auth[0] != "Basic" {
http.Error(w, "bad syntax", http.StatusBadRequest)
return
}
payload, _ := base64.StdEncoding.DecodeString(auth[1])
pair := strings.SplitN(string(payload), ":", 2)
log.Printf("Auth received for user: %v\n", pair[0])
if len(pair) != 2 || !authentication.Authenticate(ff.routeryConfig, pair[0], pair[1]) {
http.Error(w, "authorization failed", http.StatusUnauthorized)
return
}
}
pass(w, r)
}
}
func (p *OauthProxy) CheckBasicAuth(req *http.Request) (*providers.SessionState, error) {
if p.HtpasswdFile == nil {
return nil, nil
}
auth := req.Header.Get("Authorization")
if auth == "" {
return nil, nil
}
s := strings.SplitN(auth, " ", 2)
if len(s) != 2 || s[0] != "Basic" {
return nil, fmt.Errorf("invalid Authorization header %s", req.Header.Get("Authorization"))
}
b, err := base64.StdEncoding.DecodeString(s[1])
if err != nil {
return nil, err
}
pair := strings.SplitN(string(b), ":", 2)
if len(pair) != 2 {
return nil, fmt.Errorf("invalid format %s", b)
}
if p.HtpasswdFile.Validate(pair[0], pair[1]) {
log.Printf("authenticated %q via basic auth", pair[0])
return &providers.SessionState{User: pair[0]}, nil
}
return nil, fmt.Errorf("%s not in HtpasswdFile", pair[0])
}
func auth(config *Config, next http.Handler) http.Handler {
unauthorized := func(w http.ResponseWriter) {
send(w, http.StatusUnauthorized, Json{"error": "Unauthorized"})
}
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
if config.Auth != "" {
s := strings.SplitN(req.Header.Get("Authorization"), " ", 2)
if len(s) != 2 || s[0] != "Basic" {
unauthorized(w)
return
}
base, err := base64.StdEncoding.DecodeString(s[1])
if err != nil {
unauthorized(w)
return
}
pair := strings.SplitN(string(base), ":", 2)
if len(pair) != 2 {
unauthorized(w)
return
}
password := pair[1]
if config.Auth != password {
unauthorized(w)
return
}
}
next.ServeHTTP(w, req)
})
}
// New - instantiate minio client API with your input Config{}.
func New(config Config) (CloudStorageAPI, error) {
if strings.TrimSpace(config.Region) == "" || len(config.Region) == 0 {
u, err := url.Parse(config.Endpoint)
if err != nil {
return API{}, err
}
match, _ := filepath.Match("*.s3*.amazonaws.com", u.Host)
if match {
config.isVirtualStyle = true
hostSplits := strings.SplitN(u.Host, ".", 2)
u.Host = hostSplits[1]
}
matchGoogle, _ := filepath.Match("*.storage.googleapis.com", u.Host)
if matchGoogle {
config.isVirtualStyle = true
hostSplits := strings.SplitN(u.Host, ".", 2)
u.Host = hostSplits[1]
}
config.Region = getRegion(u.Host)
if config.Region == "google" {
// Google cloud storage is signature V2
config.Signature = SignatureV2
}
}
config.SetUserAgent(LibraryName, LibraryVersion, runtime.GOOS, runtime.GOARCH)
config.isUserAgentSet = false // default
return API{apiCore{&config}}, nil
}
// Open new connection. The uri need to have the following syntax:
//
// [PROTOCOL_SPECFIIC*]DBNAME/USER/PASSWD
//
// where protocol spercific part may be empty (this means connection to
// local server using default protocol). Currently possible forms:
// DBNAME/USER/PASSWD
// unix:SOCKPATH*DBNAME/USER/PASSWD
// tcp:ADDR*DBNAME/USER/PASSWD
func (d *Driver) Open(uri string) (driver.Conn, error) {
pd := strings.SplitN(uri, "*", 2)
if len(pd) == 2 {
// Parse protocol part of URI
p := strings.SplitN(pd[0], ":", 2)
if len(p) != 2 {
return nil, errors.New("Wrong protocol part of URI")
}
d.proto = p[0]
d.raddr = p[1]
// Remove protocol part
pd = pd[1:]
}
// Parse database part of URI
dup := strings.SplitN(pd[0], "/", 3)
if len(dup) != 3 {
return nil, errors.New("Wrong database part of URI")
}
d.db = dup[0]
d.user = dup[1]
d.passwd = dup[2]
// Establish the connection
c := conn{mysql.New(d.proto, d.laddr, d.raddr, d.user, d.passwd, d.db)}
for _, q := range d.initCmds {
c.my.Register(q) // Register initialisation commands
}
if err := c.my.Connect(); err != nil {
return nil, errFilter(err)
}
return &c, nil
}
func DecodeAuthHeader(req *http.Request) (string, string, int) {
header := req.Header.Get("Authorization") //req.Header["Authorization"]
if header == "" {
return "", "", http.StatusUnauthorized
}
auth := strings.SplitN(header, " ", 2)
if len(auth) != 2 || auth[0] != "Basic" {
println("auth funny")
return "", "", http.StatusUnauthorized
}
payload, _ := base64.StdEncoding.DecodeString(auth[1])
pair := strings.SplitN(string(payload), ":", 2)
// fmt.Printf("Pair is %v\n", pair)
// TODO check pair len = 2 ?
if len(pair) < 2 {
println("pair funny")
return "", "", http.StatusUnauthorized
}
return pair[0], pair[1], http.StatusOK
// return pair[0], pair[1], http.StatusOK
}
// as per http://www.mssqltips.com/sqlservertip/2563/understanding-the-sql-server-select-version-command/
func serverVersion(db *sql.DB) (sqlVersion, sqlPartNumber, osVersion string, err error) {
var v string
if err = db.QueryRow("select @@version").Scan(&v); err != nil {
return "", "", "", err
}
a := strings.SplitN(v, "\n", -1)
if len(a) < 4 {
return "", "", "", errors.New("SQL Server version string must have at least 4 lines: " + v)
}
for i := range a {
a[i] = strings.Trim(a[i], " \t")
}
l1 := strings.SplitN(a[0], "-", -1)
if len(l1) != 2 {
return "", "", "", errors.New("SQL Server version first line must have - in it: " + v)
}
i := strings.Index(a[3], " on ")
if i < 0 {
return "", "", "", errors.New("SQL Server version fourth line must have 'on' in it: " + v)
}
sqlVersion = l1[0] + a[3][:i]
osVersion = a[3][i+4:]
sqlPartNumber = strings.Trim(l1[1], " ")
l12 := strings.SplitN(sqlPartNumber, " ", -1)
if len(l12) < 2 {
return "", "", "", errors.New("SQL Server version first line must have space after part number in it: " + v)
}
sqlPartNumber = l12[0]
return sqlVersion, sqlPartNumber, osVersion, nil
}
func (srv *Server) DockerInfo() *APIInfo {
images, _ := srv.runtime.graph.Map()
var imgcount int
if images == nil {
imgcount = 0
} else {
imgcount = len(images)
}
lxcVersion := ""
if output, err := exec.Command("lxc-version").CombinedOutput(); err == nil {
outputStr := string(output)
if len(strings.SplitN(outputStr, ":", 2)) == 2 {
lxcVersion = strings.TrimSpace(strings.SplitN(string(output), ":", 2)[1])
}
}
kernelVersion := "<unknown>"
if kv, err := utils.GetKernelVersion(); err == nil {
kernelVersion = kv.String()
}
return &APIInfo{
Containers: len(srv.runtime.List()),
Images: imgcount,
MemoryLimit: srv.runtime.capabilities.MemoryLimit,
SwapLimit: srv.runtime.capabilities.SwapLimit,
IPv4Forwarding: !srv.runtime.capabilities.IPv4ForwardingDisabled,
Debug: os.Getenv("DEBUG") != "",
NFd: utils.GetTotalUsedFds(),
NGoroutines: runtime.NumGoroutine(),
LXCVersion: lxcVersion,
NEventsListener: len(srv.events),
KernelVersion: kernelVersion,
IndexServerAddress: auth.IndexServerAddress(),
}
}
func loadApplication(title string) (*Application, error) {
filename := title + ".txt"
raw := strings.SplitN(string(title), "-", 2)
parent := raw[0]
body2, err := ioutil.ReadFile(filename)
if err != nil {
return nil, err
}
// split body
raw = strings.SplitN(string(body2), "\n", 6)
position := raw[0]
company := raw[1]
dateapplied := raw[2]
followup := raw[3]
action := raw[4]
notes := []byte(raw[5])
tmp := strings.Split(string(notes), "\n")
notesRows := len(tmp) + 1
newApplication := Application{Title: title, Parent: parent, Position: position, Company: company, DateApplied: dateapplied, Followup: followup, Action: action, Notes: notes, NotesRows: notesRows}
newApplication.Attention = ""
// newApplication.Attention = ContactRequiringAttention(&newContact)
// return &Application{Title: title, Parent: parent, Position: position, Company: company, DateApplied: dateapplied, Followup: followup, Action: action, Notes: notes, NotesRows: notesRows}, nil
return &newApplication, nil
}
/*
Checks the username/password combination from the request. Returns
either an empty string (authentication failed) or the name of the
authenticated user.
Supports MD5 and SHA1 password entries
*/
func (a *BasicAuth) CheckAuth(r *http.Request) string {
s := strings.SplitN(r.Header.Get("Authorization"), " ", 2)
if len(s) != 2 || s[0] != "Basic" {
return ""
}
b, err := base64.StdEncoding.DecodeString(s[1])
if err != nil {
return ""
}
pair := strings.SplitN(string(b), ":", 2)
if len(pair) != 2 {
return ""
}
passwd := a.Secrets(pair[0], a.Realm)
if passwd == "" {
return ""
}
if passwd[:5] == "{SHA}" {
d := sha1.New()
d.Write([]byte(pair[1]))
if passwd[5:] != base64.StdEncoding.EncodeToString(d.Sum(nil)) {
return ""
}
} else {
e := NewMD5Entry(passwd)
if e == nil {
return ""
}
if passwd != string(MD5Crypt([]byte(pair[1]), e.Salt, e.Magic)) {
return ""
}
}
return pair[0]
}
// ParseDigestAuthenticateHeader parses an Authenticate header and returns a DigestAuthentication object
func ParseDigestAuthenticateHeader(header string) (*DigestAuthentication, error) {
auth := DigestAuthentication{}
if len(header) == 0 {
return &auth, errors.New("Cannot parse WWW-Authenticate header: no header present")
}
opts := make(map[string]string)
parts := strings.SplitN(header, " ", 2)
opts["type"] = parts[0]
parts = strings.Split(parts[1], ",")
for _, part := range parts {
vals := strings.SplitN(strings.TrimSpace(part), "=", 2)
key := vals[0]
val := strings.Replace(vals[1], "\"", "", -1)
opts[key] = val
}
auth = DigestAuthentication{
opts["type"],
opts["source"],
opts["username"],
opts["realm"],
opts["nonce"],
opts["uri"],
opts["qop"],
opts["nc"],
opts["qnonce"],
opts["response"],
opts["opaque"],
opts["algorithm"],
}
return &auth, nil
}
// takes a local seccomp daemon, reads the file contents for sending to the daemon
func parseSecurityOpts(securityOpts []string) ([]string, error) {
for key, opt := range securityOpts {
con := strings.SplitN(opt, "=", 2)
if len(con) == 1 && con[0] != "no-new-privileges" {
if strings.Index(opt, ":") != -1 {
con = strings.SplitN(opt, ":", 2)
} else {
return securityOpts, fmt.Errorf("Invalid --security-opt: %q", opt)
}
}
if con[0] == "seccomp" && con[1] != "unconfined" {
f, err := ioutil.ReadFile(con[1])
if err != nil {
return securityOpts, fmt.Errorf("opening seccomp profile (%s) failed: %v", con[1], err)
}
b := bytes.NewBuffer(nil)
if err := json.Compact(b, f); err != nil {
return securityOpts, fmt.Errorf("compacting json for seccomp profile (%s) failed: %v", con[1], err)
}
securityOpts[key] = fmt.Sprintf("seccomp=%s", b.Bytes())
}
}
return securityOpts, nil
}
func parseInstanceIndex(body string) int {
strs := strings.SplitN(body, "index: ", -1)
indexStr := strings.SplitN(strs[len(strs)-1], "!", -1)
index, err := strconv.ParseInt(indexStr[0], 10, 0)
Expect(err).ToNot(HaveOccurred())
return int(index)
}
// StandardizeURL standardizes the url by making sure it has a schema and converting IDNA domains into ASCII.
func StandardizeURL(url string) string {
link := url
var schema, domain, path string
// Try to get the schema
slice := strings.SplitN(url, "://", 2)
if len(slice) == 2 && len(slice[0]) < 10 { // schema exists
schema = slice[0] + "://"
link = slice[1]
} else {
schema = "http://"
}
// Get the domain
slice = strings.SplitN(link, "/", 2)
if len(slice) == 2 {
domain = slice[0]
path = "/" + slice[1]
} else {
domain = slice[0]
path = "/"
}
domain, _ = idna.ToASCII(domain)
link = schema + domain + path
return link
}
func PostComment(w http.ResponseWriter, r *http.Request) {
if !authenticated(w, r) {
return
}
entryID := mux.Vars(r)["entry_id"]
row := db.QueryRow(`SELECT * FROM entries WHERE id = ?`, entryID)
var id, userID, private int
var body string
var createdAt time.Time
err := row.Scan(&id, &userID, &private, &body, &createdAt)
if err == sql.ErrNoRows {
checkErr(ErrContentNotFound)
}
checkErr(err)
entry := Entry{id, userID, private == 1, strings.SplitN(body, "\n", 2)[0], strings.SplitN(body, "\n", 2)[1], createdAt}
owner := getUser(w, entry.UserID)
if entry.Private {
if !permitted(w, r, owner.ID) {
checkErr(ErrPermissionDenied)
}
}
user := getCurrentUser(w, r)
_, err = db.Exec(`INSERT INTO comments (entry_id, user_id, comment) VALUES (?,?,?)`, entry.ID, user.ID, r.FormValue("comment"))
checkErr(err)
http.Redirect(w, r, "/diary/entry/"+strconv.Itoa(entry.ID), http.StatusSeeOther)
}
// parseURLPrefixTag expects an input in the form of 'tag-host/path[ opts]'
// and returns the lower cased host and the unaltered path if the
// prefix matches the tag.
func parseURLPrefixTag(s, prefix string, env map[string]string) (route, opts string, ok bool) {
// expand $x or ${x} to env[x] or ""
expand := func(s string) string {
return os.Expand(s, func(x string) string {
if env == nil {
return ""
}
return env[x]
})
}
s = strings.TrimSpace(s)
if !strings.HasPrefix(s, prefix) {
return "", "", false
}
s = strings.TrimSpace(s[len(prefix):])
p := strings.SplitN(s, " ", 2)
if len(p) == 2 {
opts = p[1]
}
s = p[0]
p = strings.SplitN(s, "/", 2)
if len(p) == 1 {
log.Printf("[WARN] consul: Invalid %s tag %q - You need to have a trailing slash!", prefix, s)
return "", "", false
}
host, path := p[0], p[1]
return strings.ToLower(expand(host)) + "/" + expand(path), opts, true
}