login-validator: Generate cpio archive

2022-02-26 17:36:44 +01:00 · 2022-02-26 17:36:44 +01:00 · aa753b4075
commit aa753b4075
parent 0e3bdb4a6b
3 changed files with 33 additions and 6 deletions
--- a/pkg/login-validator/cmd/go.mod
+++ b/pkg/login-validator/cmd/go.mod
@ -3,6 +3,7 @@ module git.nemunai.re/srs/adlin/pkg/login-validator
 go 1.17

 require (
+	github.com/cavaliergopher/cpio v1.0.1
 	github.com/go-ldap/ldap/v3 v3.4.2
 	github.com/jcmturner/gokrb5/v8 v8.4.2
 )
--- a/pkg/login-validator/cmd/go.sum
+++ b/pkg/login-validator/cmd/go.sum
@ -1,5 +1,7 @@
 github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c h1:/IBSNwUN8+eKzUzbJPqhK839ygXJ82sde8x3ogr6R28=
 github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
+github.com/cavaliergopher/cpio v1.0.1 h1:KQFSeKmZhv0cr+kawA3a0xTQCU4QxXF1vhU7P7av2KM=
+github.com/cavaliergopher/cpio v1.0.1/go.mod h1:pBdaqQjnvXxdS/6CvNDwIANIFSP0xRKI16PX4xejRQc=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/go-asn1-ber/asn1-ber v1.5.1 h1:pDbRAunXzIUXfx4CB2QJFv5IuPiuoW+sWvr/Us009o8=
--- a/pkg/login-validator/cmd/passwd.go
+++ b/pkg/login-validator/cmd/passwd.go
@ -7,6 +7,8 @@ import (
 	"net/http"
 	"os"
 	"path"
+
+	"github.com/cavaliergopher/cpio"
 )

 func passwd(w http.ResponseWriter, r *http.Request) {
@ -33,7 +35,7 @@ func passwd(w http.ResponseWriter, r *http.Request) {
 	// Authenticate the request

 	// Retrieve the file
-	file, _, err := r.FormFile("shadow")
+	file, header, err := r.FormFile("shadow")
 	if err != nil {
 		log.Println("Error when retrieving shadow file from", r.RemoteAddr, err.Error())
 		http.Error(w, "Unable to read your passwd file: something is wrong in your request", http.StatusBadRequest)
@ -42,7 +44,7 @@ func passwd(w http.ResponseWriter, r *http.Request) {
 	defer file.Close()

 	// Save the file
-	fd, err := os.Create(path.Join(tftpDir, fmt.Sprintf("%s.shadow", r.RemoteAddr)))
+	fd, err := os.Create(path.Join(tftpDir, "shadows", fmt.Sprintf("%s.cpio", r.RemoteAddr)))
 	if err != nil {
 		log.Println("Error when creating shadow file from", r.RemoteAddr, err.Error())
 		http.Error(w, "Unable to treat your passwd file, please try again later", http.StatusInternalServerError)
@ -50,14 +52,36 @@ func passwd(w http.ResponseWriter, r *http.Request) {
 	}
 	defer fd.Close()

-	_, err = io.Copy(fd, file)
+	// Generate the new cpio archive
+	wcpio := cpio.NewWriter(fd)
+
+	hdr := &cpio.Header{
+		Name: "etc/shadow",
+		Mode: 0640,
+		Size: header.Size,
+	}
+	if err := wcpio.WriteHeader(hdr); err != nil {
+		log.Println("Error when writing cpio header from", r.RemoteAddr, err.Error())
+		http.Error(w, "Unable to treat your passwd file, please try again later", http.StatusInternalServerError)
+		return
+	}
+	body, err := io.ReadAll(file)
 	if err != nil {
-		log.Println("Error when saving shadow file from", r.RemoteAddr, err.Error())
-		http.Error(w, "Unable to save your passwd file, please try again later", http.StatusInternalServerError)
+		log.Println("Error when writing cpio body from", r.RemoteAddr, err.Error())
+		http.Error(w, "Unable to treat your passwd file, please try again later", http.StatusInternalServerError)
+		return
+	}
+	if _, err := wcpio.Write(body); err != nil {
+		log.Println("Error when writing cpio file from", r.RemoteAddr, err.Error())
+		http.Error(w, "Unable to treat your passwd file, please try again later", http.StatusInternalServerError)
 		return
 	}

-	// Generate the new cpio archive
+	if err := wcpio.Close(); err != nil {
+		log.Println("Error when closing cpio file from", r.RemoteAddr, err.Error())
+		http.Error(w, "Unable to treat your passwd file, please try again later", http.StatusInternalServerError)
+		return
+	}

 	log.Println("Registered shadow from", r.RemoteAddr)
 	http.Error(w, "Success", http.StatusOK)