spewimage.php 4.09 KB
Newer Older
1 2
<?php
#
3
# Copyright (c) 2003-2016 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
#
include("defs.php3");
include_once("imageid_defs.php");

function SPITERROR($code, $msg)
{
    header("HTTP/1.0 $code $msg");
    exit();
}

#
# Capture script errors and report back to user.
#
$session_interactive  = 0;
$session_errorhandler = 'handle_error';

function handle_error($message, $death)
{
    SPITERROR(400, $message);
}

#
# Must be SSL, even though we do not require an account login.
#
47
if (!isset($_SERVER["SSL_PROTOCOL"])) {
48 49 50 51 52 53 54 55
    SPITERROR(400, "Must use https:// to access this page!");
}

#
# Verify page arguments.
#
$reqargs = RequiredPageArguments("image",	PAGEARG_IMAGE,
				 "access_key",	PAGEARG_STRING);
56
$optargs = OptionalPageArguments("stamp",       PAGEARG_INTEGER,
57
                                 "delta",       PAGEARG_BOOLEAN,
58
                                 "sigfile",     PAGEARG_BOOLEAN);
59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82

#
# A cleanup function to keep the child from becoming a zombie, since
# the script is terminated, but the children are left to roam.
#
$fp = 0;

function SPEWCLEANUP()
{
    global $fp;

    if (!$fp || !connection_aborted()) {
	exit();
    }
    pclose($fp);
    exit();
}
set_time_limit(0);
register_shutdown_function("SPEWCLEANUP");

#
# Invoke backend script to do it all.
#
$imageid    = $image->imageid();
83
$versid     = $image->versid();
84
$access_key = escapeshellarg($access_key);
85 86 87
$arg        = "";
$arg       .= (isset($stamp) ? "-t " . escapeshellarg($stamp) : "");
$arg       .= (isset($sigfile) && $sigfile ? "-s " : "");
88
$arg       .= (isset($delta) && $delta ? "-e " : "");
89 90 91
$group      = $image->Group();
$pid        = $group->pid();
$unix_gid   = $group->unix_gid();
92 93
$project    = $image->Project();
$unix_pid   = $project->unix_gid();
94

95 96 97 98 99 100 101 102
#
# Datasets are special, they cannot be downloaded on this path
# unless they are global.
#
if ($image->isdataset() && !$image->isglobal()) {
    SPITERROR(403, "No permission to access image");
}

103 104 105 106 107 108 109 110 111 112
#
# We want to support HEAD requests to avoid send the file.
#
$ishead  = 0;
$headarg = "";
if ($_SERVER['REQUEST_METHOD'] == "HEAD") {
    $ishead  = 1;
    $headarg = "-h";
}

113
if ($fp = popen("$TBSUEXEC_PATH nobody $unix_pid,$unix_gid ".
114
		"webspewimage $arg $headarg -k $access_key $versid", "r")) {
115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165
    header("Content-Type: application/octet-stream");
    header("Cache-Control: no-cache, must-revalidate");
    header("Pragma: no-cache");

    #
    # If this is a head request, then the output needs to be sent as
    # headers. Then exit.
    #
    if ($ishead) {
	while (!feof($fp) && connection_status() == 0) {
	    $string = fgets($fp);
	    if ($string) {
		$string = rtrim($string);
		header($string);
	    }
	}
    }
    else {
        #
        # The point of this is to allow the backend script to return status
        # that the file has not been modified and does not need to be sent.
        # The first read will come back with no output, which means nothing is
        # going to be sent except the headers.
        #
	$string = fread($fp, 1024);
	if ($string) {
	    print($string);
	    while (!feof($fp) && connection_status() == 0) {
		print(fread($fp, 1024*32));
		flush();
	    }
	}
    }
    $retval = pclose($fp);
    $fp = 0;

    if ($retval) {
	if ($retval == 2) {
	    SPITERROR(304, "File has not changed");
	}
	else {
	    SPITERROR(404, "Could not verify file: $retval!");
	}
    }
    flush();
}
else {
    SPITERROR(404, "Could not find $file!");
}

?>