%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /opt/cpanel/ea-ruby27/src/passenger-release-6.0.23/src/cxx_supportlib/
Upload File :
Create Path :
Current File : //opt/cpanel/ea-ruby27/src/passenger-release-6.0.23/src/cxx_supportlib/AppLocalConfigFileUtils.h

/*
 *  Phusion Passenger - https://www.phusionpassenger.com/
 *  Copyright (c) 2018 Phusion Holding B.V.
 *
 *  "Passenger", "Phusion Passenger" and "Union Station" are registered
 *  trademarks of Phusion Holding B.V.
 *
 *  Permission is hereby granted, free of charge, to any person obtaining a copy
 *  of this software and associated documentation files (the "Software"), to deal
 *  in the Software without restriction, including without limitation the rights
 *  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 *  copies of the Software, and to permit persons to whom the Software is
 *  furnished to do so, subject to the following conditions:
 *
 *  The above copyright notice and this permission notice shall be included in
 *  all copies or substantial portions of the Software.
 *
 *  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 *  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 *  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 *  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 *  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 *  THE SOFTWARE.
 */
#ifndef _PASSENGER_APP_LOCAL_CONFIG_FILE_UTILS_H_
#define _PASSENGER_APP_LOCAL_CONFIG_FILE_UTILS_H_

#include <oxt/system_calls.hpp>
#include <oxt/backtrace.hpp>

#include <cerrno>
#include <fcntl.h>

#include <jsoncpp/json.h>

#include <StaticString.h>
#include <Constants.h>
#include <Exceptions.h>
#include <IOTools/IOUtils.h>
#include <Utils/ScopeGuard.h>

namespace Passenger {

using namespace std;


struct AppLocalConfig {
	string appStartCommand;
	bool appSupportsKuriaProtocol;

	AppLocalConfig()
		: appSupportsKuriaProtocol(false)
		{ }
};


inline AppLocalConfig
parseAppLocalConfigFile(const StaticString appRoot) {
	TRACE_POINT();
	string path = appRoot + "/Passengerfile.json";

	// Reading from Passengerfile.json from a root process is unsafe
	// because of symlink attacks and other kinds of attacks. See the
	// comments for safeReadFile().
	//
	// We are unable to use safeReadFile() here because we do not
	// control the safety of the directories leading up to appRoot.
	//
	// What we can do is preventing the contents of an arbitrary
	// file read from leaking out. Therefore, our result struct
	// only contains a limited number of fields, that are known
	// not to contain sensitive information. We also don't propagate
	// JSON parsing error messages, which may contain the content.

	int fd = syscalls::open(path.c_str(), O_RDONLY | O_NONBLOCK);
	if (fd == -1) {
		if (errno == ENOENT) {
			return AppLocalConfig();
		} else {
			int e = errno;
			throw FileSystemException("Error opening '" + path
				+ "' for reading", e, path);
		}
	}

	UPDATE_TRACE_POINT();
	FdGuard fdGuard(fd, __FILE__, __LINE__);
	pair<string, bool> content;
	try {
		content = readAll(fd, 1024 * 512);
	} catch (const SystemException &e) {
		throw FileSystemException("Error reading from '" + path + "'",
			e.code(), path);
	}
	if (!content.second) {
		throw SecurityException("Error parsing " + path
			+ ": file exceeds size limit of 512 KB");
	}
	fdGuard.runNow();

	UPDATE_TRACE_POINT();
	Json::Reader reader;
	Json::Value config;
	if (!reader.parse(content.first, config)) {
		if (geteuid() == 0) {
			throw RuntimeException("Error parsing " + path
				+ " (error messages suppressed for security reasons)");
		} else {
			throw RuntimeException("Error parsing " + path + ": "
				+ reader.getFormattedErrorMessages());
		}
	}
	// We no longer need the raw data so free the memory.
	content.first.resize(0);


	UPDATE_TRACE_POINT();
	AppLocalConfig result;

	if (!config.isObject()) {
		throw RuntimeException("Config file " + path
			+ " is not valid: top-level JSON object expected");
	}
	if (config.isMember("app_start_command")) {
		if (config["app_start_command"].isString()) {
			result.appStartCommand = config["app_start_command"].asString();
		} else {
			throw RuntimeException("Config file " + path
				+ " is not valid: key 'app_start_command' must be a boolean");
		}
	}
	if (config.isMember("app_supports_kuria_protocol")) {
		if (config["app_supports_kuria_protocol"].isBool()) {
			result.appSupportsKuriaProtocol = config["app_supports_kuria_protocol"].asBool();
		} else {
			throw RuntimeException("Config file " + path
				+ " is not valid: key 'app_supports_kuria_protocol' must be a boolean");
		}
	}

	return result;
}


} // namespace Passenger

#endif /* _PASSENGER_APP_LOCAL_CONFIG_FILE_UTILS_H_ */

Zerion Mini Shell 1.0