Bug #6086 » 0001-fixes-6086-CVE-2014-0007-fixed-TFTP-boot-API-remote-.patch
| lib/proxy/tftp.rb | ||
|---|---|---|
|
class << self
|
||
|
include Proxy::Util
|
||
|
def fetch_boot_file dst, src
|
||
|
filename = src.split("/")[-1]
|
||
|
destination = Pathname.new("#{SETTINGS.tftproot}/#{dst}-#{filename}")
|
||
|
filename = escape_for_filename(dst + '-' + src.split("/")[-1])
|
||
|
destination = Pathname.new("#{SETTINGS.tftproot}/#{filename}")
|
||
|
# Ensure that our image directory exists
|
||
|
# as the dst might contain another sub directory
|
||
|
FileUtils.mkdir_p destination.parent
|
||
|
wget = which("wget")
|
||
|
cmd = "#{wget} --timeout=10 --tries=3 --no-check-certificate -nv -c #{src} -O \"#{destination}\""
|
||
|
cmd = "#{wget} --timeout=10 --tries=3 --no-check-certificate -nv -c #{escape_for_shell(src)} -O \"#{escape_for_shell(destination)}\""
|
||
|
CommandTask.new(cmd)
|
||
|
end
|
||
|
end
|
||
| lib/proxy/util.rb | ||
|---|---|---|
|
end
|
||
|
end
|
||
|
def escape_for_filename(string)
|
||
|
string.gsub(/[\/\0]/n, '_')
|
||
|
end
|
||
|
def strict_encode64(str)
|
||
|
if Base64.respond_to?(:strict_encode64)
|
||
|
Base64.strict_encode64(str)
|
||