rocket-cgi 0.2.1

Simple CGI (RFC 3875) handler for Rocket
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

use rocket::log::error_;
use std::{fs::Metadata, path::Path};

pub fn has_dot_file(c: impl AsRef<Path>) -> bool {
    let mut c = c.as_ref();
    loop {
        if let Some(f) = c.file_name() {
            if let Some(f) = f.to_str() {
                if f.starts_with('.') {
                    break true;
                }
            } else {
                error_!("Non UTF-8 path encountered");
                break true;
            }
        }
        if let Some(parent) = c.parent() {
            c = parent;
        } else {
            break false;
        }
    }
}

/// Windows constants
#[allow(unused)]
const FILE_ATTRIBUTE_TEMPORARY: u32 = 0x100;
#[allow(unused)]
const FILE_ATTRIBUTE_SYSTEM: u32 = 0x4;
#[allow(unused)]
const FILE_ATTRIBUTE_HIDDEN: u32 = 0x2;

#[cfg(windows)]
pub fn has_hidden_file(m: &Metadata) -> bool {
    use std::os::windows::fs::MetadataExt;
    m.file_attributes() & FILE_ATTRIBUTE_HIDDEN != 0
}

#[cfg(not(windows))]
pub fn has_hidden_file(m: &Metadata) -> bool {
    false
}

/// Linux constants
#[allow(unused)]
const SETUID: u32 = 0o4000;
#[allow(unused)]
const SETGID: u32 = 0o2000;

#[cfg(unix)]
pub fn has_setuid(m: &Metadata) -> bool {
    use std::os::unix::prelude::MetadataExt;
    m.mode() & (SETUID | SETGID) != 0
}

#[cfg(not(unix))]
pub fn has_setuid(_c: &Metadata) -> bool {
    false
}

#[cfg(unix)]
pub fn allowed(c: &Metadata) -> bool {
    true
}

#[cfg(windows)]
pub fn allowed(c: &Metadata) -> bool {
    use std::os::windows::fs::MetadataExt;
    c.file_attributes() & (FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_TEMPORARY) != 0
}

#[cfg(not(any(unix, windows)))]
pub fn allowed(c: &Metadata) -> bool {
    true
}

pub fn is_writable(c: &Metadata) -> bool {
    !c.permissions().readonly()
}

#[cfg(all(test, unix))]
mod unix_tests {
    use std::{fs::metadata, process::Command};

    use super::*;
    pub type Res = std::io::Result<()>;

    pub fn cmd(s: &str) -> Res {
        let mut parts = s.split_whitespace();
        let mut cmd = Command::new(parts.next().unwrap());
        cmd.args(parts);
        assert!(cmd.spawn()?.wait()?.success());
        Ok(())
    }

    #[test]
    fn check_setuid() -> Res {
        cmd("touch /tmp/file_perms")?;
        assert_eq!(has_setuid(&metadata("/tmp/file_perms")?), false);
        cmd("chmod u+s /tmp/file_perms")?;
        assert_eq!(has_setuid(&metadata("/tmp/file_perms")?), true);
        cmd("chmod g+s /tmp/file_perms")?;
        assert_eq!(has_setuid(&metadata("/tmp/file_perms")?), true);
        cmd("chmod u-s /tmp/file_perms")?;
        assert_eq!(has_setuid(&metadata("/tmp/file_perms")?), true);
        cmd("chmod g-s /tmp/file_perms")?;
        assert_eq!(has_setuid(&metadata("/tmp/file_perms")?), false);
        Ok(())
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn check_for_dotfile() {
        assert_eq!(has_dot_file(".file/something"), true);
        assert_eq!(has_dot_file("file/.something"), true);
        assert_eq!(has_dot_file("file/something."), false);
        assert_eq!(has_dot_file("file/something"), false);
        assert_eq!(has_dot_file("file/something.txt"), false);
    }
}