From 56ac87fffcaf958f53e019f23fa34e320603dbd8 Mon Sep 17 00:00:00 2001 From: Erich Eckner Date: Sat, 29 Sep 2018 12:37:26 +0200 Subject: httpdocs/index.php: return http error codes on errors --- httpdocs/index.php | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/httpdocs/index.php b/httpdocs/index.php index 941fee9..2e4df12 100644 --- a/httpdocs/index.php +++ b/httpdocs/index.php @@ -1,26 +1,34 @@ \n" . $extra_message; + die(); +}; + $work_dir = dirname(dirname(__FILE__)) . '/work/'; if (isset($_GET['r'])) { if (base64_decode($_GET['r'],true)===false) - die('Invalid base64'); + throw_http_error(400, 'Invalid base64'); if (!isset($_GET['t'])) - die('Repository type not given'); + throw_http_error(400, 'Repository type not given'); if (($_GET['t']!='git') && ($_GET['t']!='hg')) - die('Repository type not implemented'); + throw_http_error(501, 'Repository type not implemented'); if (!is_dir($work_dir . 'repositories/' . $_GET['t'] . '/' . $_GET['r'])) { $wish_list = fopen($work_dir . 'wish-list','a'); if ($wish_list === false) - die('Cannot open wish-list'); + throw_http_error(500, 'Internal Server Error' , 'Cannot open wish-list'); fwrite($wish_list, $_GET['t'] . " " . $_GET['r'] . "\n"); fclose($wish_list); - die('I put repository onto wish-list'); + throw_http_error(503, 'Service Unavailable', 'I put repository onto wish-list'); } if (isset($_GET['tag'])) { @@ -33,7 +41,7 @@ if (isset($_GET['r'])) { ')'; } elseif (($_GET['t']=='git') && isset($_GET['commit'])) { if (!preg_match('/^[A-Fa-f0-9]{40}$/', $_GET['commit'])) - die('The given commit does not have exactly 40 hex digits'); + throw_http_error(400, 'The given commit does not have exactly 40 hex digits'); $commit_identifier = $_GET['commit']; } @@ -43,7 +51,7 @@ if (isset($_GET['r'])) { elseif (preg_match('/^[A-Fa-f0-9]{40}$/', $key)) return $key; else - die('The given key does not have exactly 16 or 40 hex digits'); + throw_http_error(400, 'The given key does not have exactly 16 or 40 hex digits'); } if (isset($commit_identifier)) { @@ -71,13 +79,13 @@ if (isset($_GET['r'])) { 'GNUPGHOME="' . $work_dir . 'gnupg" git -C "' . $work_dir . 'repositories/' . $_GET['t'] . '/' . $_GET['r'] . '" verify-tag --raw "' . $commit_identifier . '" 2>&1 | ' . 'grep -c "\[GNUPG:\] VALIDSIG ' . $key_regex . ' "' )) == '0') - die('Commit ' . $commit_identifier . ' is not signed by ' . $_GET['valid_keys']); + throw_http_error(409, 'Commit ' . $commit_identifier . ' is not signed by ' . $_GET['valid_keys']); } else - die('Checking signatures is not implemented for ' . $_GET['t'] . ' repositories'); + throw_http_error(400, 'Checking signatures is not implemented for ' . $_GET['t'] . ' repositories'); } if (isset($_GET['p'])) { if (base64_decode($_GET['p'],true)===false) - die('Invalid base64'); + throw_http_error(400, 'Invalid base64'); $prefix = ' --prefix="$(' . 'echo "' . $_GET['p'] . '" | ' . 'base64 -d' . @@ -107,7 +115,7 @@ if (isset($_GET['r'])) { else $handle = false; if ($handle === false) - die('Unable to create archive'); + throw_http_error(500, 'Unable to create archive'); header('Content-type: application/x-gzip'); header('Content-Disposition: attachment; filename="archive.tar.gz"'); fpassthru($handle); @@ -115,7 +123,7 @@ if (isset($_GET['r'])) { die(); } - die('errrm, this is not yet implemented'); + throw_http_error(501, 'Not implemented'); } -- cgit v1.2.3