forked from freedomofpress/securedrop
/
source.py
101 lines (83 loc) · 3.31 KB
/
source.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# -*- coding: utf-8 -*-
import os, time, datetime
import web
import config, crypto, background, store
urls = (
'/', 'index',
'/generate/', 'generate',
'/lookup/', 'lookup',
)
render = web.template.render(config.SOURCE_TEMPLATES_DIR, base='base')
class index:
def GET(self):
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return render.index()
class generate:
def GET(self):
raise web.seeother('/')
def POST(self):
iid = crypto.genrandomid()
if os.path.exists(store.path(crypto.shash(iid))):
# if this happens, we're not using very secure crypto
store.log('Got a duplicate ID.')
else:
os.mkdir(store.path(crypto.shash(iid)))
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return render.generate(iid)
class lookup:
def GET(self):
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return render.lookup_get()
def POST(self):
i = web.input('id', fh={}, msg=None, mid=None, action=None)
sid = crypto.shash(i.id)
loc = store.path(sid)
if not os.path.exists(loc): raise web.notfound()
received = False
if i.action == 'upload':
if i.msg:
loc1 = store.path(sid, '%s_msg.gpg' % time.time())
crypto.encrypt(config.JOURNALIST_KEY, i.msg, loc1)
received = 2
if i.fh.value:
# we put two zeroes here so that we don't save a file
# with the same name as the message
loc2 = store.path(sid, '%s_doc.gpg' % time.time())
crypto.encrypt(config.JOURNALIST_KEY, i.fh.file, loc2, fn=i.fh.filename)
received = i.fh.filename or '[unnamed]'
if not crypto.getkey(sid):
background.execute(lambda: crypto.genkeypair(sid, i.id))
elif i.action == 'delete':
potential_files = os.listdir(loc)
if i.mid not in potential_files: raise web.notfound()
assert '/' not in i.mid
crypto.secureunlink(store.path(sid, i.mid))
msgs = []
for fn in os.listdir(loc):
if fn.startswith('reply-'):
msgs.append(web.storage(
id=fn,
date=datetime.datetime.fromtimestamp(float(store.cleanname(fn))),
msg=crypto.decrypt(sid, i.id, file(store.path(sid, fn)).read())
))
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return render.lookup(i.id, msgs, received=received)
def notfound():
web.header('Cache-Control', 'no-cache, no-store, must-revalidate')
web.header('Pragma', 'no-cache')
web.header('Expires', '-1')
return web.notfound(render.notfound())
web.config.debug = False
app = web.application(urls, locals())
app.notfound = notfound
application = app.wsgifunc()
if __name__ == "__main__":
app.run()