13
0
geforkt von Mirrors/Velocity

Fixed possible IOException if forwarding-secret-file path is a directory (#743)

* Fixed possible IOException if path is a directory

* Removed File usage

* Catch possible NumberFormatException on invalid config version

!Files.exists -> Files.notExists
Dieser Commit ist enthalten in:
Adrian 2022-06-18 19:06:51 -05:00 committet von GitHub
Ursprung 74edac9642
Commit 508c1edb3a
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: 4AEE18F83AFDEB23

Datei anzeigen

@ -424,7 +424,7 @@ public class VelocityConfiguration implements ProxyConfig {
// Create the forwarding-secret file on first-time startup if it doesn't exist
Path defaultForwardingSecretPath = Path.of("forwarding.secret");
if (!path.toFile().exists() && !defaultForwardingSecretPath.toFile().exists()) {
if (Files.notExists(path) && Files.notExists(defaultForwardingSecretPath)) {
Files.writeString(defaultForwardingSecretPath, generateRandomString(12));
}
@ -448,8 +448,16 @@ public class VelocityConfiguration implements ProxyConfig {
CommentedFileConfig defaultConfig = CommentedFileConfig.of(tmpFile, TomlFormat.instance());
defaultConfig.load();
// Whether or not this config is version 1.0 which uses the deprecated "forwarding-secret" parameter
boolean legacyConfig = config.getOrElse("config-version", "").equalsIgnoreCase("1.0");
// TODO: migrate this on Velocity Polymer
double configVersion;
try {
configVersion = Double.parseDouble(config.getOrElse("config-version", "1.0"));
} catch (NumberFormatException e) {
configVersion = 1.0;
}
// Whether or not this config version is older than 2.0 which uses the deprecated "forwarding-secret" parameter
boolean legacyConfig = configVersion < 2.0;
String forwardingSecretString;
byte[] forwardingSecret;
@ -478,8 +486,19 @@ public class VelocityConfiguration implements ProxyConfig {
// New handling
forwardingSecretString = System.getenv().getOrDefault("VELOCITY_FORWARDING_SECRET", "");
if (forwardingSecretString.isEmpty()) {
String forwardSecretFile = config.getOrElse("forwarding-secret-file", "");
forwardingSecretString = String.join("", Files.readAllLines(Path.of(forwardSecretFile)));
String forwardSecretFile = config.get("forwarding-secret-file");
Path secretPath = forwardSecretFile == null
? defaultForwardingSecretPath
: Path.of(forwardSecretFile);
if (Files.exists(secretPath)) {
if (Files.isRegularFile(secretPath)) {
forwardingSecretString = String.join("", Files.readAllLines(secretPath));
} else {
throw new RuntimeException("The file " + forwardSecretFile + " is not a valid file or it is a directory.");
}
} else {
throw new RuntimeException("The forwarding-secret-file does not exists.");
}
}
}
forwardingSecret = forwardingSecretString.getBytes(StandardCharsets.UTF_8);