server: Refine 153f660 so that it reverts back to the original behavior by default.

Introduce a new template macro <RANDFILE_*/>. This will inject a random number into the result file names making them hard to guess.
2015-11-18 13:30:57 -05:00 · 2015-11-18 13:30:57 -05:00 · 3cecde776b
parent 7c28f74d82
commit 3cecde776b
2 changed files with 30 additions and 11 deletions
--- a/tools/backend_lib.cpp
+++ b/tools/backend_lib.cpp
@ -51,14 +51,6 @@

 using std::string;

-// the random part of output filenames needs to be hard to guess
-//
-static struct random_init {
-    random_init() {
-        srand48(getpid() + time(0));
-    }
-} random_init;
-
 int read_file(FILE* f, char* buf, int len) {
    int n = fread(buf, 1, len, f);
    buf[n] = 0;
@ -164,7 +156,7 @@ int create_result(

    result.priority += priority_increase;
    sprintf(result.name, "%s_%s", wu.name, result_name_suffix);
-    sprintf(base_outfile_name, "%s_%ld", result.name, lrand48());
+    sprintf(base_outfile_name, "%s_", result.name);
    retval = read_filename(
        result_template_filename, result_template, sizeof(result_template)
    );
--- a/tools/process_result_template.cpp
+++ b/tools/process_result_template.cpp
@ -32,9 +32,18 @@
 #include "fcgi_stdio.h"
 #endif

-#define OUTFILE_MACRO   "<OUTFILE_"
+#define OUTFILE_MACRO         "<OUTFILE_"
+#define RANDFILE_MACRO        "<RANDFILE_"
 #define UPLOAD_URL_MACRO      "<UPLOAD_URL/>"

+// the random part of output filenames needs to be hard to guess
+//
+static struct random_init {
+    random_init() {
+        srand48(getpid() + time(0));
+    }
+} random_init;
+
 // Add a signature at the end of every <file_info> element,
 //
 int add_signatures(char* xml, R_RSA_PRIVATE_KEY& key) {
@ -107,6 +116,8 @@ int remove_signatures(char* xml) {

 // macro-substitute a result template:
 // - replace OUTFILE_x with base_filename_x, etc.
+// - replace RANDFILE_x with base_filename_r_x, etc., where r is a
+//   large random number
 // - add signatures for file uploads
 // - strip enclosing <output_template> tags
 //
@ -120,7 +131,7 @@ int process_result_template(
    SCHED_CONFIG& config_loc
 ) {
    char* p,*q;
-    char temp[BLOB_SIZE], buf[256];
+    char temp[BLOB_SIZE], buf[256], buf2[256];
    int retval;

    while (1) {
@ -138,6 +149,22 @@ int process_result_template(
            strcat(p, temp);
            continue;
        }
+        p = strstr(result_template, RANDFILE_MACRO);
+        if (p) {
+            q = p+strlen(RANDFILE_MACRO);
+            char* endptr = strstr(q, "/>");
+            if (!endptr) return ERR_XML_PARSE;
+            if (strchr(q, '>') != endptr+1) return ERR_XML_PARSE;
+            *endptr = 0;
+            strcpy(buf, q);
+            sprintf(buf2, "%ld_", lrand48());
+            strcpy(temp, endptr+2);
+            strcpy(p, base_filename);
+            strcpy(p, buf2);
+            strcat(p, buf);
+            strcat(p, temp);
+            continue;
+        }
        p = strstr(result_template, UPLOAD_URL_MACRO);
        if (p) {
            strcpy(temp, p+strlen(UPLOAD_URL_MACRO));