[api] check against a sha-1 digest hex length of 40 chars
This commit is contained in:
parent
285833b1f8
commit
64b67598d7
2 changed files with 20 additions and 14 deletions
|
@ -50,11 +50,26 @@ check_version(_, _) ->
|
||||||
{false, false}.
|
{false, false}.
|
||||||
|
|
||||||
check_sensor(Sensor) ->
|
check_sensor(Sensor) ->
|
||||||
check_32hex(Sensor).
|
check_hex(Sensor, 32).
|
||||||
|
|
||||||
check_32hex(String) ->
|
check_token(undefined, undefined) ->
|
||||||
|
{false, false};
|
||||||
|
check_token(Token, undefined) ->
|
||||||
|
check_hex(Token, 32);
|
||||||
|
check_token(undefined, Token) ->
|
||||||
|
check_hex(Token, 32);
|
||||||
|
check_token(_, _) ->
|
||||||
|
{false, false}.
|
||||||
|
|
||||||
|
check_digest(Digest) ->
|
||||||
|
check_hex(Digest, 40).
|
||||||
|
|
||||||
|
check_device(Device) ->
|
||||||
|
check_hex(Device, 32).
|
||||||
|
|
||||||
|
check_hex(String, Length) ->
|
||||||
case re:run(String, "[0-9a-f]+", []) of
|
case re:run(String, "[0-9a-f]+", []) of
|
||||||
{match, [{0,32}]} -> {String, true};
|
{match, [{0, Length}]} -> {String, true};
|
||||||
_ -> {false, false}
|
_ -> {false, false}
|
||||||
end.
|
end.
|
||||||
|
|
||||||
|
@ -102,15 +117,6 @@ check_unit(Unit) ->
|
||||||
{_Unit, RrdFactor} -> {RrdFactor, true}
|
{_Unit, RrdFactor} -> {RrdFactor, true}
|
||||||
end.
|
end.
|
||||||
|
|
||||||
check_token(undefined, undefined) ->
|
|
||||||
{false, false};
|
|
||||||
check_token(Token, undefined) ->
|
|
||||||
check_32hex(Token);
|
|
||||||
check_token(undefined, Token) ->
|
|
||||||
check_32hex(Token);
|
|
||||||
check_token(_, _) ->
|
|
||||||
{false, false}.
|
|
||||||
|
|
||||||
check_jsonp_callback(undefined) ->
|
check_jsonp_callback(undefined) ->
|
||||||
{undefined, true};
|
{undefined, true};
|
||||||
check_jsonp_callback(JsonpCallback) ->
|
check_jsonp_callback(JsonpCallback) ->
|
||||||
|
|
|
@ -40,8 +40,8 @@ allowed_methods(ReqData, State) ->
|
||||||
|
|
||||||
malformed_request(ReqData, State) ->
|
malformed_request(ReqData, State) ->
|
||||||
{_Version, ValidVersion} = check_version(wrq:get_req_header("X-Version", ReqData)),
|
{_Version, ValidVersion} = check_version(wrq:get_req_header("X-Version", ReqData)),
|
||||||
{_Device, ValidDevice} = check_32hex(wrq:get_req_header("X-Device", ReqData)),
|
{_Device, ValidDevice} = check_device(wrq:get_req_header("X-Device", ReqData)),
|
||||||
{_Digest, ValidDigest} = check_32hex(wrq:get_req_header("X-Digest", ReqData)),
|
{_Digest, ValidDigest} = check_digest(wrq:get_req_header("X-Digest", ReqData)),
|
||||||
|
|
||||||
{case {ValidVersion, ValidDevice, ValidDigest} of
|
{case {ValidVersion, ValidDevice, ValidDigest} of
|
||||||
{true, true, true} -> false;
|
{true, true, true} -> false;
|
||||||
|
|
Loading…
Reference in a new issue