X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=Debbugs%2FLibravatar.pm;h=8dcbad09033055b925a631b077005c4b89163014;hb=aae281560aaba1950b00f66175b78fd7d7128c47;hp=08915fd4f1dab8612f41fae02c738bbb5afeeb18;hpb=d22d1698e88a5f82eb23ac0a47fa5b8327db926e;p=debbugs.git diff --git a/Debbugs/Libravatar.pm b/Debbugs/Libravatar.pm index 08915fd..8dcbad0 100644 --- a/Debbugs/Libravatar.pm +++ b/Debbugs/Libravatar.pm @@ -41,6 +41,8 @@ use Debbugs::CGI qw(cgi_parameters); use Digest::MD5 qw(md5_hex); use LWP::UserAgent; use File::Temp qw(tempfile); +use File::LibMagic; +use Cwd qw(abs_path); use Carp; @@ -49,7 +51,7 @@ BEGIN{ $DEBUG = 0 unless defined $DEBUG; @EXPORT = (); - %EXPORT_TAGS = (libravatar => [qw(cache_valid serve_cache retrieve_libravatar cache_location)] + %EXPORT_TAGS = (libravatar => [qw(cache_valid retrieve_libravatar cache_location)] ); @EXPORT_OK = (); Exporter::export_ok_tags(keys %EXPORT_TAGS); @@ -66,9 +68,11 @@ sub cache_valid{ return 0; } -=item retreive_libravatar +=over - $cache_location = retreive_libravatar(location => $cache_location, +=item retrieve_libravatar + + $cache_location = retrieve_libravatar(location => $cache_location, email => lc($param{email}), ); @@ -78,7 +82,7 @@ there isn't a matching avatar, or there is an error, returns undef. =cut -sub retreive_libravatar{ +sub retrieve_libravatar{ my %type_mapping = (jpeg => 'jpg', png => 'png', @@ -90,7 +94,7 @@ sub retreive_libravatar{ ); my %param = @_; my $cache_location = $param{location}; - $cache_location =~ s/\.[^\.]+$//; + $cache_location =~ s/\.[^\.\/]+$//; # take out a lock on the cache location so that if another request # is made while we are serving this one, we don't do double work my ($fh,$lockfile,$errors) = @@ -155,7 +159,7 @@ sub retreive_libravatar{ $temp_fn, $cache_location.'.'.$dest_type) == 0 or die "convert file failed"; - unlink($temp_fh); + unlink($temp_fn); }; if ($@) { unlink($cache_location.'.'.$dest_type) if -e $cache_location.'.'.$dest_type; @@ -173,6 +177,22 @@ sub retreive_libravatar{ return $cache_location.'.'.$dest_type; } +sub blocked_libravatar { + my ($email,$md5sum) = @_; + my $blocked = 0; + for my $blocker (@{$config{libravatar_blacklist}||[]}) { + for my $element ($email,$md5sum) { + next unless defined $element; + eval { + if ($element =~ /$blocker/) { + $blocked=1; + } + }; + } + } + return $blocked; +} + sub cache_location { my %param = @_; my $md5sum; @@ -183,6 +203,7 @@ sub cache_location { } else { croak("cache_location must be called with one of md5sum or email"); } + return undef if blocked_libravatar($param{email},$md5sum); for my $ext (qw(.png .jpg)) { if (-e $config{libravatar_cache_dir}.'/'.$md5sum.$ext) { return $config{libravatar_cache_dir}.'/'.$md5sum.$ext; @@ -225,7 +246,7 @@ sub handler { my $location = $r->location(); my ($email) = $uri =~ m/\Q$location\E\/?(.*)$/; if (not length $email) { - return Apache2::Const::NOT_FOUND; + return Apache2::Const::NOT_FOUND(); } my $q = CGI::Simple->new(); my %param = cgi_parameters(query => $q, @@ -244,7 +265,7 @@ sub handler { serve_cache_mod_perl($cache_location,$r); return Apache2::Const::DECLINED(); } - $cache_location = retreive_libravatar(location => $cache_location, + $cache_location = retrieve_libravatar(location => $cache_location, email => $email, ); if (not defined $cache_location) { @@ -258,17 +279,29 @@ sub handler { } + +our $magic; + sub serve_cache_mod_perl { my ($cache_location,$r) = @_; if (not defined $cache_location or not length $cache_location) { # serve the default image $cache_location = $config{libravatar_default_image}; } + $magic = File::LibMagic->new() if not defined $magic; + + return Apache2::Const::DECLINED() if not defined $magic; + + $r->content_type($magic->checktype_filename(abs_path($cache_location))); + $r->filename($cache_location); $r->path_info(''); - $r->finfo(APR::Finfo::stat($cache_location, APR::Const::FINFO_NORM, $r->pool)); + $r->finfo(APR::Finfo::stat($cache_location, APR::Const::FINFO_NORM(), $r->pool)); } +=back + +=cut 1;