local:// sanitzes path now

3 files changed, 13 insertions, 11 deletions

diff --git a/src/helsinki.at/rhimport/conf.go b/src/helsinki.at/rhimport/conf.go
index 2386ba9..5f22782 100644
--- a/src/helsinki.at/rhimport/conf.go
+++ b/src/helsinki.at/rhimport/conf.go
@@ -43,6 +43,7 @@ type Config struct {
 	db_user         string
 	db_passwd       string
 	db_db           string
+	LocalFetchDir   string
 	ImportParamDefaults
 }
 
@@ -67,7 +68,7 @@ func (self *Config) read_config_file() error {
 	return nil
 }
 
-func NewConfig(configfile, rdxport_endpoint, temp_dir *string) (conf *Config, err error) {
+func NewConfig(configfile, rdxport_endpoint, temp_dir, local_fetch_dir *string) (conf *Config, err error) {
 	conf = new(Config)
 	conf.configfile = *configfile
 	if err = conf.read_config_file(); err != nil {
@@ -75,6 +76,7 @@ func NewConfig(configfile, rdxport_endpoint, temp_dir *string) (conf *Config, er
 	}
 	conf.RDXportEndpoint = *rdxport_endpoint
 	conf.TempDir = *temp_dir
+	conf.LocalFetchDir = *local_fetch_dir
 	conf.ImportParamDefaults.Channels = 2
 	conf.ImportParamDefaults.NormalizationLevel = -12
 	conf.ImportParamDefaults.AutotrimLevel = 0
diff --git a/src/helsinki.at/rhimport/fetcher.go b/src/helsinki.at/rhimport/fetcher.go
index 38e1d7f..fed51bf 100644
--- a/src/helsinki.at/rhimport/fetcher.go
+++ b/src/helsinki.at/rhimport/fetcher.go
@@ -32,6 +32,7 @@ import (
 	"net/url"
 	"os"
 	"path"
+	"path/filepath"
 	"strings"
 )
 
@@ -129,19 +130,18 @@ func FetchFileCurl(ctx *ImportContext, uri *url.URL) (err error) {
 	return
 }
 
-// TODO: check path to import from -> don't touch problematic files like /etc/shadow...
-//       the daemon shouldn't be running as a user who can do any harm anyway
-//       still: let's make a special configurable directory the local:/// dir
-//              and only allow absolute paths here which will be based on the
-//              'local' directory
-// TODO: also check if file exists and is accessable!!! otherwise curl will blow up
-//       with a not-easy-to-understand error
 func FetchFileLocal(ctx *ImportContext, uri *url.URL) (err error) {
 	rhl.Printf("Local fetcher called for '%s'", ctx.SourceUri)
 	if ctx.ProgressCallBack != nil {
 		ctx.ProgressCallBack(1, "fetching", 1.0, ctx.ProgressCallBackData)
 	}
-	ctx.SourceFile = uri.Path
+
+	ctx.SourceFile = filepath.Join(ctx.Config.LocalFetchDir, path.Clean("/"+uri.Path))
+	var src *os.File
+	if src, err = os.Open(ctx.SourceFile); err != nil {
+		return
+	}
+	defer src.Close()
 	ctx.DeleteSourceFile = false
 	ctx.DeleteSourceDir = false
 	return
@@ -182,7 +182,6 @@ func fetcher_init() {
 	}
 }
 
-// TODO: make sure a (partially) fetched file get's deleted on error
 func FetchFile(ctx *ImportContext) (err error) {
 
 	var uri *url.URL
diff --git a/src/helsinki.at/rhimportd/main.go b/src/helsinki.at/rhimportd/main.go
index 1b9e5e0..32b81d7 100644
--- a/src/helsinki.at/rhimportd/main.go
+++ b/src/helsinki.at/rhimportd/main.go
@@ -46,6 +46,7 @@ func main() {
 	rdconf_s := flag.String("rdconf", "/etc/rd.conf", "path to the Rivendell config file")
 	rdxport_url_s := flag.String("rdxport-url", "http://localhost/rd-bin/rdxport.cgi", "the url to the Rivendell web-api")
 	temp_dir_s := flag.String("tmp-dir", os.TempDir(), "path to temporary files")
+	local_fetch_dir_s := flag.String("local-fetch-dir", os.TempDir(), "path to files that can be imported using local://")
 	help := flag.Bool("help", false, "show usage")
 
 	flag.Parse()
@@ -54,7 +55,7 @@ func main() {
 		return
 	}
 
-	conf, err := rhimport.NewConfig(rdconf_s, rdxport_url_s, temp_dir_s)
+	conf, err := rhimport.NewConfig(rdconf_s, rdxport_url_s, temp_dir_s, local_fetch_dir_s)
 	if err != nil {
 		rhl.Println("Error reading configuration:", err)
 		return