fix: secure download URLs when downloading tar archive of exported files

2025-12-14 09:35:41 +00:00 · 2024-05-05 12:08:44 -07:00
parent a75a5c2297
commit a30d5efe1c
12 changed files with 279 additions and 79 deletions
--- a/internal/api/backresthandler.go
+++ b/internal/api/backresthandler.go
@@ -2,6 +2,8 @@ package api

 import (
 	"context"
+	"encoding/binary"
+	"encoding/hex"
 	"errors"
 	"fmt"
 	"os"
@@ -466,6 +468,26 @@ func (s *BackrestHandler) GetLogs(ctx context.Context, req *connect.Request[v1.L
 	return connect.NewResponse(&types.BytesValue{Value: data}), nil
 }

+func (s *BackrestHandler) GetDownloadURL(ctx context.Context, req *connect.Request[types.Int64Value]) (*connect.Response[types.StringValue], error) {
+	op, err := s.oplog.Get(req.Msg.Value)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get operation %v: %w", req.Msg.Value, err)
+	}
+	_, ok := op.Op.(*v1.Operation_OperationRestore)
+	if !ok {
+		return nil, fmt.Errorf("operation %v is not a restore operation", req.Msg.Value)
+	}
+	b := make([]byte, 8)
+	binary.BigEndian.PutUint64(b, uint64(op.Id))
+	signature, err := generateSignature(b)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate signature: %w", err)
+	}
+	return connect.NewResponse(&types.StringValue{
+		Value: fmt.Sprintf("./download/%x-%s/", op.Id, hex.EncodeToString(signature)),
+	}), nil
+}
+
 func (s *BackrestHandler) PathAutocomplete(ctx context.Context, path *connect.Request[types.StringValue]) (*connect.Response[types.StringList], error) {
 	ents, err := os.ReadDir(path.Msg.Value)
 	if errors.Is(err, os.ErrNotExist) {