6 use POSIX qw(strftime);
8 use File::Copy qw( copy );
11 use Digest::SHA qw(sha256_hex sha1);
17 use Time::HiRes qw( usleep ualarm gettimeofday tv_interval );
20 my $transaction="unknown";
22 my $logfile = "/var/log/download.log";
23 my $datadir = "/var/www/server.example.com/public_html/download/";
24 my $secretfile="/etc/apache2/download.secret";
33 my $now = strftime "%a, %d %b %Y %T %z", localtime;
34 print $log "$now: [$$][$transaction]: ";
41 close $log if defined($log);
48 open ($log, '>>', $logfile) || die ("Cannot open logfile $logfile: $!");
55 lprintf "ERROR: $err\n";
58 my $error = encode_entities( $err );
59 print "Status: 404 Not Found\n";
60 print "Content-type: text/html\n\n";
61 print "<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>$error</p><hr><address>Download Server</address>";
62 print "</body></html>\n";
71 qdie ("Received SIG$signame");
76 my $name = basename($file);
78 open my $fh, '<:raw', $file
79 or qdie "Cannot open '$file': $!";
83 -type => 'application/octet-stream',
87 binmode STDOUT, ':raw';
89 unless (copy $fh => \*STDOUT, 8192)
91 qdie "Cannot write to STDOUT";
95 or qdie "Cannot close '$file': $!";
102 return sha256_hex(shift @_);
107 my $query = CGI::url(-absolute=>1);
108 my $clienttime = CGI::url_param('time');
109 my $clientid = CGI::url_param('id');
110 my $clienthash = CGI::url_param('hash');
111 my $clientfile = CGI::url_param('file');
112 $clientfile = "default" unless(defined($clientfile));
113 qdie ("Bad parameters") unless (defined($clienttime) && defined($clientid) && defined($clienthash) && ($clienttime=~/^[0-9]+$/));
114 my $drift = time()-$clienttime;
115 qdie ("Client time has drifted - we have ".time()) if (($drift < -$maxdrift) || ($drift > $maxdrift));
116 qdie ("Bad ID") unless ($clientid=~/^[-+._\@a-zA-Z0-9]+$/);
117 qdie ("Bad filename") unless ($clientfile=~/^[-+._a-zA-Z0-9]+$/);
118 qdie ("Bad filename") if ($clientfile=~/^\./);
120 my $hash = gethash($clienttime.":".$clientid.":".$clientfile.":".$secret);
121 qdie ("Bad hash") unless ($hash eq $clienthash);
122 my $fn = $datadir.$clientfile;
123 $fn = File::Spec->rel2abs( readlink($fn) ) if (-l $fn);
124 qdie ("File not found") unless ( -f $fn);
125 $clientfile = basename ($fn);
126 $transaction=$hash." ".$clientfile." ".$clientid;
130 open (my $sfh, "<", $secretfile) || qdie("Can't open secret file $secretfile: $!");
131 chomp($secret=join("",<$sfh>));
134 if (!defined($ENV{DOCUMENT_ROOT}) && !defined($ENV{SERVER_NAME}))
136 die ("Bad parameters") unless ($#ARGV == 1);
138 printf "id=%s&file=%s&time=%s&hash=%s",uri_escape($ARGV[0]),uri_escape($ARGV[1]),$t,gethash($t.":".$ARGV[0].":".$ARGV[1].":".$secret)."\n";
144 my $file = decodeparams;
145 my $sb = stat($file);
146 my $size = $sb->size;
147 my $t0 = [gettimeofday];
148 lprintf("STARTING\n");
149 $SIG{INT} = \&caughtsignal;
150 $SIG{QUIT} = \&caughtsignal;
151 $SIG{PIPE} = \&caughtsignal;
152 $SIG{HUP} = \&caughtsignal;
153 $SIG{KILL} = \&caughtsignal;
154 $SIG{TERM} = \&caughtsignal;
156 my $elapsed = tv_interval ( $t0, [gettimeofday]);
157 lprintf("SUCCESS %d bytes %.3f MB/s\n", $size, $size/(1000000.0*(($elapsed<0.001)?0.001:$elapsed)));