v3.0.0

分支 (260)

标签 (244)

管理

管理

master

8-63-stable

8-59-stable

jv-move-issues

jv-move-workhorse

mk/poc-geo-secondary-proxy-to-primary

8-65-stable

8-58-stable

8-64-stable

sh-fix-long-polling-50s

toplevel-git-http-routes

mk/labkit-error-tracking

jv-ci-rails

345-rubygems-route

jv-git-http-routing

ash2k/cleanup-auth-req-headers

jv-341-skip-iccp-chunk

341-skip-iccp-chunk

gitaly-client-identity-smarthttp

sh-update-gocloud

v8.65.0

v8.58.4

v8.59.2

v8.63.2

v8.64.2

v8.58.3

v8.59.1

v8.63.1

v8.64.1

v8.64.0

v8.63.0

v8.62.0

v8.61.0

v8.60.0

v8.59.0

v8.58.2

v8.54.2

v8.51.2

v8.58.1

v8.54.1

gitlab-workhorsesource
/
internal
/
lfs
/
lfs.go

/*
In this file we handle git lfs objects downloads and uploads
*/

package lfs

import (
	"bytes"
	"crypto/sha256"
	"encoding/hex"
	"fmt"
	"io"
	"io/ioutil"
	"net/http"
	"os"
	"path/filepath"

	"gitlab.com/gitlab-org/gitlab-workhorse/internal/api"
	"gitlab.com/gitlab-org/gitlab-workhorse/internal/helper"
)

func PutStore(a *api.API, h http.Handler) http.Handler {
	return lfsAuthorizeHandler(a, handleStoreLfsObject(h))
}

func lfsAuthorizeHandler(myAPI *api.API, handleFunc api.HandleFunc) http.Handler {
	return myAPI.PreAuthorizeHandler(func(w http.ResponseWriter, r *http.Request, a *api.Response) {

		if a.StoreLFSPath == "" {
			helper.Fail500(w, r, fmt.Errorf("lfsAuthorizeHandler: StoreLFSPath empty"))
			return
		}

		if a.LfsOid == "" {
			helper.Fail500(w, r, fmt.Errorf("lfsAuthorizeHandler: LfsOid empty"))
			return
		}

		if err := os.MkdirAll(a.StoreLFSPath, 0700); err != nil {
			helper.Fail500(w, r, fmt.Errorf("lfsAuthorizeHandler: mkdir StoreLFSPath: %v", err))
			return
		}

		handleFunc(w, r, a)
	}, "/authorize")
}

func handleStoreLfsObject(h http.Handler) api.HandleFunc {
	return func(w http.ResponseWriter, r *http.Request, a *api.Response) {
		file, err := ioutil.TempFile(a.StoreLFSPath, a.LfsOid)
		if err != nil {
			helper.Fail500(w, r, fmt.Errorf("handleStoreLfsObject: create tempfile: %v", err))
			return
		}
		defer os.Remove(file.Name())
		defer file.Close()

		hash := sha256.New()
		hw := io.MultiWriter(hash, file)

		written, err := io.Copy(hw, r.Body)
		if err != nil {
			helper.Fail500(w, r, fmt.Errorf("handleStoreLfsObject: copy body to tempfile: %v", err))
			return
		}
		file.Close()

		if written != a.LfsSize {
			helper.Fail500(w, r, fmt.Errorf("handleStoreLfsObject: expected size %d, wrote %d", a.LfsSize, written))
			return
		}

		shaStr := hex.EncodeToString(hash.Sum(nil))
		if shaStr != a.LfsOid {
			helper.Fail500(w, r, fmt.Errorf("handleStoreLfsObject: expected sha256 %s, got %s", a.LfsOid, shaStr))
			return
		}

		// Inject header and body
		r.Header.Set("X-GitLab-Lfs-Tmp", filepath.Base(file.Name()))
		r.Body = ioutil.NopCloser(&bytes.Buffer{})
		r.ContentLength = 0

		// And proxy the request
		h.ServeHTTP(w, r)
	}
}