Linux vmi284606.contaboserver.net 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
Apache/2.4.57 (Ubuntu)
: 167.86.127.34 | : 216.73.217.31
Cant Read [ /etc/named.conf ]
7.2.24-0ubuntu0.18.04.17
root
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
usr /
local /
go /
src /
cmd /
go /
internal /
modfetch /
[ HOME SHELL ]
Name
Size
Permission
Action
codehost
[ DIR ]
drwxr-xr-x
zip_sum_test
[ DIR ]
drwxr-xr-x
bootstrap.go
385
B
-rw-r--r--
cache.go
18.19
KB
-rw-r--r--
cache_test.go
505
B
-rw-r--r--
coderepo.go
32.85
KB
-rw-r--r--
coderepo_test.go
24.54
KB
-rw-r--r--
fetch.go
25.15
KB
-rw-r--r--
insecure.go
455
B
-rw-r--r--
key.go
309
B
-rw-r--r--
proxy.go
12.86
KB
-rw-r--r--
pseudo.go
7.95
KB
-rw-r--r--
pseudo_test.go
4.35
KB
-rw-r--r--
repo.go
14.79
KB
-rw-r--r--
sumdb.go
7.61
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : proxy.go
// Copyright 2018 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package modfetch import ( "encoding/json" "errors" "fmt" "io" "io/ioutil" "net/url" "os" "path" pathpkg "path" "path/filepath" "strings" "sync" "time" "cmd/go/internal/base" "cmd/go/internal/cfg" "cmd/go/internal/modfetch/codehost" "cmd/go/internal/web" "golang.org/x/mod/module" "golang.org/x/mod/semver" ) var HelpGoproxy = &base.Command{ UsageLine: "goproxy", Short: "module proxy protocol", Long: ` A Go module proxy is any web server that can respond to GET requests for URLs of a specified form. The requests have no query parameters, so even a site serving from a fixed file system (including a file:/// URL) can be a module proxy. The GET requests sent to a Go module proxy are: GET $GOPROXY/<module>/@v/list returns a list of known versions of the given module, one per line. GET $GOPROXY/<module>/@v/<version>.info returns JSON-formatted metadata about that version of the given module. GET $GOPROXY/<module>/@v/<version>.mod returns the go.mod file for that version of the given module. GET $GOPROXY/<module>/@v/<version>.zip returns the zip archive for that version of the given module. GET $GOPROXY/<module>/@latest returns JSON-formatted metadata about the latest known version of the given module in the same format as <module>/@v/<version>.info. The latest version should be the version of the module the go command may use if <module>/@v/list is empty or no listed version is suitable. <module>/@latest is optional and may not be implemented by a module proxy. When resolving the latest version of a module, the go command will request <module>/@v/list, then, if no suitable versions are found, <module>/@latest. The go command prefers, in order: the semantically highest release version, the semantically highest pre-release version, and the chronologically most recent pseudo-version. In Go 1.12 and earlier, the go command considered pseudo-versions in <module>/@v/list to be pre-release versions, but this is no longer true since Go 1.13. To avoid problems when serving from case-sensitive file systems, the <module> and <version> elements are case-encoded, replacing every uppercase letter with an exclamation mark followed by the corresponding lower-case letter: github.com/Azure encodes as github.com/!azure. The JSON-formatted metadata about a given module corresponds to this Go data structure, which may be expanded in the future: type Info struct { Version string // version string Time time.Time // commit time } The zip archive for a specific version of a given module is a standard zip file that contains the file tree corresponding to the module's source code and related files. The archive uses slash-separated paths, and every file path in the archive must begin with <module>@<version>/, where the module and version are substituted directly, not case-encoded. The root of the module file tree corresponds to the <module>@<version>/ prefix in the archive. Even when downloading directly from version control systems, the go command synthesizes explicit info, mod, and zip files and stores them in its local cache, $GOPATH/pkg/mod/cache/download, the same as if it had downloaded them directly from a proxy. The cache layout is the same as the proxy URL space, so serving $GOPATH/pkg/mod/cache/download at (or copying it to) https://example.com/proxy would let other users access those cached module versions with GOPROXY=https://example.com/proxy. `, } var proxyOnce struct { sync.Once list []string err error } func proxyURLs() ([]string, error) { proxyOnce.Do(func() { if cfg.GONOPROXY != "" && cfg.GOPROXY != "direct" { proxyOnce.list = append(proxyOnce.list, "noproxy") } for _, proxyURL := range strings.Split(cfg.GOPROXY, ",") { proxyURL = strings.TrimSpace(proxyURL) if proxyURL == "" { continue } if proxyURL == "off" { // "off" always fails hard, so can stop walking list. proxyOnce.list = append(proxyOnce.list, "off") break } if proxyURL == "direct" { proxyOnce.list = append(proxyOnce.list, "direct") // For now, "direct" is the end of the line. We may decide to add some // sort of fallback behavior for them in the future, so ignore // subsequent entries for forward-compatibility. break } // Single-word tokens are reserved for built-in behaviors, and anything // containing the string ":/" or matching an absolute file path must be a // complete URL. For all other paths, implicitly add "https://". if strings.ContainsAny(proxyURL, ".:/") && !strings.Contains(proxyURL, ":/") && !filepath.IsAbs(proxyURL) && !path.IsAbs(proxyURL) { proxyURL = "https://" + proxyURL } // Check that newProxyRepo accepts the URL. // It won't do anything with the path. _, err := newProxyRepo(proxyURL, "golang.org/x/text") if err != nil { proxyOnce.err = err return } proxyOnce.list = append(proxyOnce.list, proxyURL) } }) return proxyOnce.list, proxyOnce.err } // TryProxies iterates f over each configured proxy (including "noproxy" and // "direct" if applicable) until f returns an error that is not // equivalent to os.ErrNotExist. // // TryProxies then returns that final error. // // If GOPROXY is set to "off", TryProxies invokes f once with the argument // "off". func TryProxies(f func(proxy string) error) error { proxies, err := proxyURLs() if err != nil { return err } if len(proxies) == 0 { return f("off") } var lastAttemptErr error for _, proxy := range proxies { err = f(proxy) if !errors.Is(err, os.ErrNotExist) { lastAttemptErr = err break } // The error indicates that the module does not exist. // In general we prefer to report the last such error, // because it indicates the error that occurs after all other // options have been exhausted. // // However, for modules in the NOPROXY list, the most useful error occurs // first (with proxy set to "noproxy"), and the subsequent errors are all // errNoProxy (which is not particularly helpful). Do not overwrite a more // useful error with errNoproxy. if lastAttemptErr == nil || !errors.Is(err, errNoproxy) { lastAttemptErr = err } } return lastAttemptErr } type proxyRepo struct { url *url.URL path string } func newProxyRepo(baseURL, path string) (Repo, error) { base, err := url.Parse(baseURL) if err != nil { return nil, err } switch base.Scheme { case "http", "https": // ok case "file": if *base != (url.URL{Scheme: base.Scheme, Path: base.Path, RawPath: base.RawPath}) { return nil, fmt.Errorf("invalid file:// proxy URL with non-path elements: %s", web.Redacted(base)) } case "": return nil, fmt.Errorf("invalid proxy URL missing scheme: %s", web.Redacted(base)) default: return nil, fmt.Errorf("invalid proxy URL scheme (must be https, http, file): %s", web.Redacted(base)) } enc, err := module.EscapePath(path) if err != nil { return nil, err } base.Path = strings.TrimSuffix(base.Path, "/") + "/" + enc base.RawPath = strings.TrimSuffix(base.RawPath, "/") + "/" + pathEscape(enc) return &proxyRepo{base, path}, nil } func (p *proxyRepo) ModulePath() string { return p.path } // versionError returns err wrapped in a ModuleError for p.path. func (p *proxyRepo) versionError(version string, err error) error { if version != "" && version != module.CanonicalVersion(version) { return &module.ModuleError{ Path: p.path, Err: &module.InvalidVersionError{ Version: version, Pseudo: IsPseudoVersion(version), Err: err, }, } } return &module.ModuleError{ Path: p.path, Version: version, Err: err, } } func (p *proxyRepo) getBytes(path string) ([]byte, error) { body, err := p.getBody(path) if err != nil { return nil, err } defer body.Close() return ioutil.ReadAll(body) } func (p *proxyRepo) getBody(path string) (io.ReadCloser, error) { fullPath := pathpkg.Join(p.url.Path, path) target := *p.url target.Path = fullPath target.RawPath = pathpkg.Join(target.RawPath, pathEscape(path)) resp, err := web.Get(web.DefaultSecurity, &target) if err != nil { return nil, err } if err := resp.Err(); err != nil { resp.Body.Close() return nil, err } return resp.Body, nil } func (p *proxyRepo) Versions(prefix string) ([]string, error) { data, err := p.getBytes("@v/list") if err != nil { return nil, p.versionError("", err) } var list []string for _, line := range strings.Split(string(data), "\n") { f := strings.Fields(line) if len(f) >= 1 && semver.IsValid(f[0]) && strings.HasPrefix(f[0], prefix) && !IsPseudoVersion(f[0]) { list = append(list, f[0]) } } SortVersions(list) return list, nil } func (p *proxyRepo) latest() (*RevInfo, error) { data, err := p.getBytes("@v/list") if err != nil { return nil, p.versionError("", err) } var ( bestTime time.Time bestTimeIsFromPseudo bool bestVersion string ) for _, line := range strings.Split(string(data), "\n") { f := strings.Fields(line) if len(f) >= 1 && semver.IsValid(f[0]) { // If the proxy includes timestamps, prefer the timestamp it reports. // Otherwise, derive the timestamp from the pseudo-version. var ( ft time.Time ftIsFromPseudo = false ) if len(f) >= 2 { ft, _ = time.Parse(time.RFC3339, f[1]) } else if IsPseudoVersion(f[0]) { ft, _ = PseudoVersionTime(f[0]) ftIsFromPseudo = true } else { // Repo.Latest promises that this method is only called where there are // no tagged versions. Ignore any tagged versions that were added in the // meantime. continue } if bestTime.Before(ft) { bestTime = ft bestTimeIsFromPseudo = ftIsFromPseudo bestVersion = f[0] } } } if bestVersion == "" { return nil, p.versionError("", codehost.ErrNoCommits) } if bestTimeIsFromPseudo { // We parsed bestTime from the pseudo-version, but that's in UTC and we're // supposed to report the timestamp as reported by the VCS. // Stat the selected version to canonicalize the timestamp. // // TODO(bcmills): Should we also stat other versions to ensure that we // report the correct Name and Short for the revision? return p.Stat(bestVersion) } return &RevInfo{ Version: bestVersion, Name: bestVersion, Short: bestVersion, Time: bestTime, }, nil } func (p *proxyRepo) Stat(rev string) (*RevInfo, error) { encRev, err := module.EscapeVersion(rev) if err != nil { return nil, p.versionError(rev, err) } data, err := p.getBytes("@v/" + encRev + ".info") if err != nil { return nil, p.versionError(rev, err) } info := new(RevInfo) if err := json.Unmarshal(data, info); err != nil { return nil, p.versionError(rev, err) } if info.Version != rev && rev == module.CanonicalVersion(rev) && module.Check(p.path, rev) == nil { // If we request a correct, appropriate version for the module path, the // proxy must return either exactly that version or an error — not some // arbitrary other version. return nil, p.versionError(rev, fmt.Errorf("proxy returned info for version %s instead of requested version", info.Version)) } return info, nil } func (p *proxyRepo) Latest() (*RevInfo, error) { data, err := p.getBytes("@latest") if err != nil { if !errors.Is(err, os.ErrNotExist) { return nil, p.versionError("", err) } return p.latest() } info := new(RevInfo) if err := json.Unmarshal(data, info); err != nil { return nil, p.versionError("", err) } return info, nil } func (p *proxyRepo) GoMod(version string) ([]byte, error) { if version != module.CanonicalVersion(version) { return nil, p.versionError(version, fmt.Errorf("internal error: version passed to GoMod is not canonical")) } encVer, err := module.EscapeVersion(version) if err != nil { return nil, p.versionError(version, err) } data, err := p.getBytes("@v/" + encVer + ".mod") if err != nil { return nil, p.versionError(version, err) } return data, nil } func (p *proxyRepo) Zip(dst io.Writer, version string) error { if version != module.CanonicalVersion(version) { return p.versionError(version, fmt.Errorf("internal error: version passed to Zip is not canonical")) } encVer, err := module.EscapeVersion(version) if err != nil { return p.versionError(version, err) } body, err := p.getBody("@v/" + encVer + ".zip") if err != nil { return p.versionError(version, err) } defer body.Close() lr := &io.LimitedReader{R: body, N: codehost.MaxZipFile + 1} if _, err := io.Copy(dst, lr); err != nil { return p.versionError(version, err) } if lr.N <= 0 { return p.versionError(version, fmt.Errorf("downloaded zip file too large")) } return nil } // pathEscape escapes s so it can be used in a path. // That is, it escapes things like ? and # (which really shouldn't appear anyway). // It does not escape / to %2F: our REST API is designed so that / can be left as is. func pathEscape(s string) string { return strings.ReplaceAll(url.PathEscape(s), "%2F", "/") }
Close
