mirror of
https://github.com/tailscale/tailscale.git
synced 2025-09-22 22:21:05 +02:00
a1dcf12b67
As of this commit (per the issue), the Taildrive code remains where it was, but in new files that are protected by the new ts_omit_drive build tag. Future commits will move it. Updates #17058 Change-Id: Idf0a51db59e41ae8da6ea2b11d238aefc48b219e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
111 lines
3.0 KiB
Go
111 lines
3.0 KiB
Go
// Copyright (c) Tailscale Inc & AUTHORS
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
//go:build !ts_omit_drive
|
|
|
|
package ipnlocal
|
|
|
|
import (
|
|
"net/http"
|
|
"path/filepath"
|
|
"strings"
|
|
|
|
"tailscale.com/drive"
|
|
"tailscale.com/tailcfg"
|
|
"tailscale.com/util/httpm"
|
|
)
|
|
|
|
const (
|
|
taildrivePrefix = "/v0/drive"
|
|
)
|
|
|
|
func init() {
|
|
peerAPIHandlerPrefixes[taildrivePrefix] = handleServeDrive
|
|
}
|
|
|
|
func handleServeDrive(hi PeerAPIHandler, w http.ResponseWriter, r *http.Request) {
|
|
h := hi.(*peerAPIHandler)
|
|
|
|
h.logfv1("taildrive: got %s request from %s", r.Method, h.peerNode.Key().ShortString())
|
|
if !h.ps.b.DriveSharingEnabled() {
|
|
h.logf("taildrive: not enabled")
|
|
http.Error(w, "taildrive not enabled", http.StatusNotFound)
|
|
return
|
|
}
|
|
|
|
capsMap := h.PeerCaps()
|
|
driveCaps, ok := capsMap[tailcfg.PeerCapabilityTaildrive]
|
|
if !ok {
|
|
h.logf("taildrive: not permitted")
|
|
http.Error(w, "taildrive not permitted", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
rawPerms := make([][]byte, 0, len(driveCaps))
|
|
for _, cap := range driveCaps {
|
|
rawPerms = append(rawPerms, []byte(cap))
|
|
}
|
|
|
|
p, err := drive.ParsePermissions(rawPerms)
|
|
if err != nil {
|
|
h.logf("taildrive: error parsing permissions: %v", err)
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
fs, ok := h.ps.b.sys.DriveForRemote.GetOK()
|
|
if !ok {
|
|
h.logf("taildrive: not supported on platform")
|
|
http.Error(w, "taildrive not supported on platform", http.StatusNotFound)
|
|
return
|
|
}
|
|
wr := &httpResponseWrapper{
|
|
ResponseWriter: w,
|
|
}
|
|
bw := &requestBodyWrapper{
|
|
ReadCloser: r.Body,
|
|
}
|
|
r.Body = bw
|
|
|
|
defer func() {
|
|
switch wr.statusCode {
|
|
case 304:
|
|
// 304s are particularly chatty so skip logging.
|
|
default:
|
|
log := h.logf
|
|
if r.Method != httpm.PUT && r.Method != httpm.GET {
|
|
log = h.logfv1
|
|
}
|
|
contentType := "unknown"
|
|
if ct := wr.Header().Get("Content-Type"); ct != "" {
|
|
contentType = ct
|
|
}
|
|
|
|
log("taildrive: share: %s from %s to %s: status-code=%d ext=%q content-type=%q tx=%.f rx=%.f", r.Method, h.peerNode.Key().ShortString(), h.selfNode.Key().ShortString(), wr.statusCode, parseDriveFileExtensionForLog(r.URL.Path), contentType, roundTraffic(wr.contentLength), roundTraffic(bw.bytesRead))
|
|
}
|
|
}()
|
|
|
|
r.URL.Path = strings.TrimPrefix(r.URL.Path, taildrivePrefix)
|
|
fs.ServeHTTPWithPerms(p, wr, r)
|
|
}
|
|
|
|
// parseDriveFileExtensionForLog parses the file extension, if available.
|
|
// If a file extension is not present or parsable, the file extension is
|
|
// set to "unknown". If the file extension contains a double quote, it is
|
|
// replaced with "removed".
|
|
// All whitespace is removed from a parsed file extension.
|
|
// File extensions including the leading ., e.g. ".gif".
|
|
func parseDriveFileExtensionForLog(path string) string {
|
|
fileExt := "unknown"
|
|
if fe := filepath.Ext(path); fe != "" {
|
|
if strings.Contains(fe, "\"") {
|
|
// Do not log include file extensions with quotes within them.
|
|
return "removed"
|
|
}
|
|
// Remove white space from user defined inputs.
|
|
fileExt = strings.ReplaceAll(fe, " ", "")
|
|
}
|
|
|
|
return fileExt
|
|
}
|