Transition file push paths to lists

To support multiple platforms, it will be difficult to try to account for various path seperators and drive lettering schemes on the receiving end of a file push. Instead, transition to an interface wherein the file path is first split and seperators removed prior to it being sent from the minion to the master.
2024-11-07 17:09:03 +00:00 · 2016-08-12 18:33:20 +09:00 · 2016-08-12 18:33:20 +09:00 · 81c4d136c5
commit 81c4d136c5
parent d9c20c0456
2 changed files with 24 additions and 10 deletions
--- a/salt/master.py
+++ b/salt/master.py
@ -1061,10 +1061,9 @@ class AESFuncs(object):
        '''
        if any(key not in load for key in ('id', 'path', 'loc')):
            return False
-        if not self.opts['file_recv'] or os.path.isabs(load['path']):
+        if not isinstance(load['path'], list):
            return False
-        if os.path.isabs(load['path']) or '../' in load['path']:
-            # Can overwrite master files!!
+        if not self.opts['file_recv'] or os.path.isabs(load['path']):
            return False
        if not salt.utils.verify.valid_id(self.opts, load['id']):
            return False
@ -1100,12 +1099,17 @@ class AESFuncs(object):
            )
            return {}
        load.pop('tok')
-        # Normalize Windows paths
-        normpath = load['path']
-        if ':' in normpath:
-            # make sure double backslashes are normalized
-            normpath = normpath.replace('\\', '/')
-            normpath = os.path.normpath(normpath)
+
+        # Path normalization should have been done by the sending
+        # minion but we can't guarantee it. Re-do it here.
+        normpath = os.path.normpath(os.path.join(load['path']))
+
+        # Ensure that this safety check is done after the path
+        # have been normalized.
+        if os.path.isabs(normpath) or '../' in load['path']:
+            # Can overwrite master files!!
+            return False
+
        cpath = os.path.join(
            self.opts['cachedir'],
            'minions',
--- a/salt/modules/cp.py
+++ b/salt/modules/cp.py
@ -782,9 +782,19 @@ def push(path, keep_symlinks=False, upload_path=None):
        load_path = upload_path.lstrip(os.sep)
    else:
        load_path = path.lstrip(os.sep)
+    # Normalize the path. This does not eliminate
+    # the possibility that relative entries will still be present
+    load_path_normal = os.path.normpath(load_path)
+
+    # If this is Windows and a drive letter is present, remove it
+    load_path_split_drive = os.path.splitdrive(load_path_normal)[1:]
+
+    # Finally, split the remaining path into a list for delivery to the master
+    load_path_list = os.path.split(load_path)
+
    load = {'cmd': '_file_recv',
            'id': __opts__['id'],
-            'path': load_path,
+            'path': load_path_list,
            'tok': auth.gen_token('salt')}
    channel = salt.transport.Channel.factory(__opts__)
    with salt.utils.fopen(path, 'rb') as fp_: