diff options
| -rw-r--r-- | config/wallet | 2 | ||||
| -rw-r--r-- | docs/setup | 8 | ||||
| -rwxr-xr-x | server/wallet-backend | 11 | ||||
| -rwxr-xr-x | tests/server/backend-t | 26 |
4 files changed, 36 insertions, 11 deletions
diff --git a/config/wallet b/config/wallet index 2e0b142..06dc39d 100644 --- a/config/wallet +++ b/config/wallet @@ -3,5 +3,5 @@ # This is a remctld configuration fragment to run wallet-backend, which # implements the server side of the wallet system. -wallet store /usr/sbin/wallet-backend logmask=4 ANYUSER +wallet store /usr/sbin/wallet-backend stdin=4 ANYUSER wallet ALL /usr/sbin/wallet-backend ANYUSER @@ -64,10 +64,10 @@ Wallet Configuration On the wallet server, install remctld. Then, install the configuration fragment in config/wallet in the remctld configuration. - You can do this either by adding the one non-comment line of that file - to your remctl.conf or, if your remctl.conf includes a directory of - configuration fragments, drop config/wallet into that directory. You - may need to change the path to wallet-backend. + You can do this either by adding the two non-comment lines of that + file to your remctl.conf or, if your remctl.conf includes a directory + of configuration fragments, drop config/wallet into that directory. + You may need to change the path to wallet-backend. Note that the default wallet configuration allows any authenticated user to run the wallet backend and relies on the wallet's ACLs for all diff --git a/server/wallet-backend b/server/wallet-backend index 7780758..453aa79 100755 --- a/server/wallet-backend +++ b/server/wallet-backend @@ -284,7 +284,11 @@ sub command { failure ($server->error, @_); } } elsif ($command eq 'store') { - check_args (3, 3, [3], @args); + check_args (2, 3, [3], @args); + if (@args == 2) { + local $/; + $args[2] = <STDIN>; + } splice (@_, 3); $server->store (@args) or failure ($server->error, @_); } else { @@ -536,10 +540,11 @@ name, the owner, any specific ACLs set on the object, the expiration if any, and the user, remote host, and time when the object was created, last stored, and last downloaded. -=item store <type> <name> <data> +=item store <type> <name> [<data>] Stores <data> for the object identified by <type> and <name> for later -retrieval with C<get>. Not all object types support this. +retrieval with C<get>. Not all object types support this. If <data> is +not given as an argument, it will be read from standard input. Currently, <data> is limited to not containing nul characters and may therefore not be binary data, and is limited by the maximum command line diff --git a/tests/server/backend-t b/tests/server/backend-t index 2fc6a53..b58d02c 100755 --- a/tests/server/backend-t +++ b/tests/server/backend-t @@ -9,7 +9,7 @@ # See LICENSE for licensing terms. use strict; -use Test::More tests => 1263; +use Test::More tests => 1269; # Create a dummy class for Wallet::Server that prints what method was called # with its arguments and returns data for testing. @@ -163,6 +163,7 @@ package main; $INC{'Wallet/Server.pm'} = 'FAKE'; my $OUTPUT; our $SYSLOG = \$OUTPUT; +my $INPUT = ''; eval { do "$ENV{SOURCE}/../server/wallet-backend" }; # Run the wallet backend. This fun hack takes advantage of the fact that the @@ -173,6 +174,8 @@ sub run_backend { my $result = ''; open (OUTPUT, '>', \$result) or die "cannot create output string: $!\n"; select OUTPUT; + close STDIN; + open (STDIN, '<', \$INPUT) or die "cannot change stdin: $!\n"; local $| = 1; eval { command (@args) }; my $error = $@; @@ -224,7 +227,7 @@ my %commands = (autocreate => [2, 2], setacl => [4, 4], setattr => [4, 9], show => [2, 2], - store => [3, 3]); + store => [2, 3]); my %acl_commands = (add => [3, 3], create => [1, 1], destroy => [1, 1], @@ -326,6 +329,7 @@ for my $command (qw/autocreate create destroy setacl setattr store/) { $method ||= $command; my @extra = ('foo') x ($commands{$command}[0] - 2); my $extra = @extra ? join (' ', '', @extra) : ''; + $extra = ' ' if $command eq 'store'; ($out, $err) = run_backend ($command, 'type', 'name', @extra); my $ran; if ($command eq 'store') { @@ -413,7 +417,7 @@ for my $command (qw/check expires get getacl getattr history owner show/) { ' and ran the right method with output'); } ($out, $err) = run_backend ($command, 'error', 'name', @extra); - my $ran = "$command error name" . (@extra ? " @extra" : ''); + $ran = "$command error name" . (@extra ? " @extra" : ''); is ($err, "error count $error\n", "Command $command ran with errors"); is ($OUTPUT, "command $ran from admin (1.2.3.4) failed: error count" . " $error\n", ' and syslog correct'); @@ -468,6 +472,22 @@ for my $command (sort keys %flag_commands) { $error++; } +# Special check for store allowing nul characters on standard input. +$INPUT = "Some data\000with a nul character"; +($out, $err) = run_backend ('store', 'type', 'name'); +is ($err, '', 'store with nul data ran with no errors'); +is ($OUTPUT, "command store type name from admin (1.2.3.4) succeeded\n", + ' and success logged'); +is ($out, "$new\nstore type name $INPUT\n", + ' and ran the right method'); +$INPUT = ''; +($out, $err) = run_backend ('store', 'type', 'name'); +is ($err, '', 'store with empty stdin data ran with no errors'); +is ($OUTPUT, "command store type name from admin (1.2.3.4) succeeded\n", + ' and success logged'); +is ($out, "$new\nstore type name \n", + ' and ran the right method'); + # Almost done. All that remains is to test the robustness of the bad # character checks against every possible character and test permitting the # empty argument. |