aspera-cli 4.25.5 → 4.26.0

data/lib/aspera/api/node.rb

@@ -14,6 +14,22 @@ require 'net/ssh/buffer'
 
 module Aspera
   module Api
+    # Combination of Node API with access key and file identifier on that node
+    class NodeFileId
+      # @param api [Aspera::Api::Node] API client
+      attr_reader :node_api
+      # @param id [String] File identifier
+      attr_reader :file_id
+
+      # Initialize a new instance of NodeFileId
+      # @param api [Aspera::Api::Node] API client
+      # @param id [String] File identifier in access key
+      def initialize(api, id)
+        @node_api = api
+        @file_id = id
+      end
+    end
+
     # Aspera Node API client
     # with gen4 extensions (access keys)
     class Node < Rest
@@ -32,23 +48,18 @@ module Aspera
       SIGNATURE_DELIMITER = '==SIGNATURE=='
       # Default validity when generating a bearer token "manually"
       BEARER_TOKEN_VALIDITY_DEFAULT = 86400
-      # Fields in @app_info
-      REQUIRED_APP_INFO_FIELDS = %i[api app node_info workspace_id workspace_name].freeze
-      # Methods of @app_info[:api]
-      REQUIRED_APP_API_METHODS = %i[node_api_from add_ts_tags].freeze
       private_constant :MATCH_TYPES,
-        :SIGNATURE_DELIMITER, :BEARER_TOKEN_VALIDITY_DEFAULT,
-        :REQUIRED_APP_INFO_FIELDS, :REQUIRED_APP_API_METHODS
+        :SIGNATURE_DELIMITER, :BEARER_TOKEN_VALIDITY_DEFAULT
       # Node API permissions: delete list mkdir preview read rename write
       ACCESS_LEVELS = %w[delete list mkdir preview read rename write].freeze
       # Special HTTP Headers
       HEADER_X_ASPERA_ACCESS_KEY = 'X-Aspera-AccessKey'
       HEADER_X_CACHE_CONTROL = 'X-Aspera-Cache-Control'
-      HEADER_X_TOTAL_COUNT = 'X-Total-Count'
       HEADER_X_NEXT_ITER_TOKEN = 'X-Aspera-Next-Iteration-Token'
       HEADER_ACCEPT_VERSION = 'Accept-Version'
       # / in cloud
       PATH_SEPARATOR = '/'
+      HEADER_X_TOTAL_COUNT = 'X-Total-Count'
 
       # Register node special token decoder
       OAuth::Factory.instance.register_decoder(lambda{ |token| Node.decode_bearer_token(token)})
@@ -95,6 +106,7 @@ module Aspera
 
         # Adds fields `public_keys` in provided Hash, if dynamic key is set.
         # @param h [Hash] Hash to add public key to
+        # @return [Hash] Hash with public key added
         def add_public_key(h)
           if @dynamic_key
             ssh_key = Net::SSH::Buffer.from(:key, @dynamic_key)
@@ -202,13 +214,14 @@ module Aspera
         end
       end
 
+      # @return [Api::AoC::AppInfo,nil] set for AoC
       attr_reader :app_info
 
-      # @param app_info  [Hash,NilClass]   App information, typically AoC
-      # @param add_tspec [Hash,NilClass]   Additional transfer spec
-      # @param base_url  [String]          Rest parameters
-      # @param auth      [String,NilClass] Rest parameters
-      # @param headers   [String,NilClass] Rest parameters
+      # @param app_info  [Api::AoC::AppInfo,nil] App information, typically AoC
+      # @param add_tspec [Hash,nil]   Additional transfer spec
+      # @param base_url  [String]     Rest parameters
+      # @param auth      [String,nil] Rest parameters
+      # @param headers   [String,nil] Rest parameters
       def initialize(app_info: nil, add_tspec: nil, **rest_args)
         # Init Rest
         super(**rest_args)
@@ -217,14 +230,6 @@ module Aspera
         # This is added to transfer spec, for instance to add tags (COS)
         @add_tspec = add_tspec
         @std_t_spec_cache = nil
-        if !@app_info.nil?
-          REQUIRED_APP_INFO_FIELDS.each do |field|
-            Aspera.assert(@app_info.key?(field)){"app_info lacks field #{field}"}
-          end
-          REQUIRED_APP_API_METHODS.each do |method|
-            Aspera.assert(@app_info[:api].respond_to?(method)){"#{@app_info[:api].class} lacks method #{method}"}
-          end
-        end
       end
 
       # Update transfer spec with special additional tags
@@ -235,18 +240,21 @@ module Aspera
         return tspec
       end
 
-      # @returns [Node] a Node Api object or nil if no App defined
+      # @returns [Node, nil] a Node Api object or nil if no App defined
       def node_id_to_node(node_id)
         if !@app_info.nil?
-          return self if node_id.eql?(@app_info[:node_info]['id'])
-          return @app_info[:api].node_api_from(
+          return self if node_id.eql?(@app_info.node_info['id'])
+          return @app_info.api.node_api_from(
             node_id: node_id,
-            workspace_id: @app_info[:workspace_id],
-            workspace_name: @app_info[:workspace_name]
+            workspace_id: @app_info.workspace_id,
+            workspace_name: @app_info.workspace_name
           )
         end
         Log.log.warn{"Cannot resolve link with node id #{node_id}, no resolver"}
         return
+      rescue RestCallError => e
+        Log.log.warn{"Cannot resolve link with node id #{node_id}: #{e.message}"}
+        return
       end
 
       # Check if a link entry in folder has target information
@@ -264,14 +272,26 @@ module Aspera
         return false
       end
 
-      # Read folder content, with pagination management for gen4, not recursive
-      # if `Accept-Version: 4.0` is not specified:
-      #     if `page` and `per_page` are not specified, then all entries are returned.
-      #     if either `page` or `per_page` is specified, then both are required, else 400
-      # if `Accept-Version: 4.0` is specified:
-      #     those queries are not available: page (not mentioned), sort, min_size, max_size, min_modified_time, max_modified_time, target_id, target_node_id, files_prefetch_count, page, name_iglob : either ignored or result in API error 400.
-      #     query include is accepted, but seems to do nothing as access_levels and recursive_counts are already included in results.
-      #     query `iteration_token` is accepted and allows to get paginated results, with `X-Aspera-Next-Iteration-Token` header in response to get next page token. `X-Aspera-Total-Count` header gives total count of entries.
+      # Read folder content with pagination management for gen4 (non-recursive)
+      #
+      # Behavior WITHOUT `Accept-Version: 4.0`:
+      # - Without `page` and `per_page`: all entries are returned
+      # - With `page` or `per_page`: both parameters are required, otherwise returns 400 error
+      #
+      # Behavior WITH `Accept-Version: 4.0`:
+      # - Unavailable query parameters (ignored or return 400 error):
+      #   page, sort, min_size, max_size, min_modified_time, max_modified_time,
+      #   target_id, target_node_id, files_prefetch_count, name_iglob
+      # - Query parameter `include`: accepted but has no effect (access_levels and recursive_counts already included)
+      # - Query parameter `iteration_token`: enables pagination
+      #   * Response header `X-Aspera-Next-Iteration-Token`: token for next page
+      #   * Response header `X-Aspera-Total-Count`: total count of entries
+      #
+      # @param file_id [String] The folder file identifier
+      # @param query [Hash, nil] Optional query parameters for the API request
+      # @param exception [Boolean] If true, raises exceptions on errors; if false, logs warnings
+      # @param path [String, nil] Optional path for logging purposes
+      # @return [Array<Hash>] List of folder entries (files, folders, links)
       def read_folder_content(file_id, query = nil, exception: true, path: nil)
         folder_items = []
         begin
@@ -300,7 +320,7 @@ module Aspera
           end
         rescue StandardError => e
           raise e if exception
-          Log.log.warn{"#{path}: #{e.class} #{e.message}"}
+          Log.log.warn{"#{path || file_id}: #{e.class} #{e.message}"}
           Log.log.debug{(['Backtrace:'] + e.backtrace).join("\n")}
         ensure
           RestParameters.instance.spinner_cb.call(folder_items.count, action: :success)
@@ -318,7 +338,7 @@ module Aspera
       # @para query [Hash, nil] optional query for `read`
       def process_folder_tree(method_sym:, state:, top_file_id:, top_file_path: '/', query: nil)
         Aspera.assert(!top_file_path.nil?){'top_file_path not set'}
-        Log.log.debug{"process_folder_tree: node=#{@app_info ? @app_info[:node_info]['id'] : 'nil'}, file id=#{top_file_id},  path=#{top_file_path}"}
+        Log.log.debug{"process_folder_tree: node=#{@app_info ? @app_info.node_info['id'] : 'nil'}, file id=#{top_file_id},  path=#{top_file_path}"}
         # Start at top folder
         folders_to_explore = [{id: top_file_id, path: top_file_path}]
         Log.dump(:folders_to_explore, folders_to_explore)
@@ -361,26 +381,28 @@ module Aspera
       # @param top_file_id [String] id initial file id
       # @param path [String] file or folder path (end with "/" is like setting process_last_link)
       # @param process_last_link [Boolean] if true, follow the last link
-      # @return [Hash] Result data
-      # @option return [Rest] :api     REST client instance
-      # @option return [String]       :file_id File identifier
+      # @return [NodeFileId] Full reference to file on node
       def resolve_api_fid(top_file_id, path, process_last_link = false)
         Aspera.assert_type(top_file_id, String)
         Aspera.assert_type(path, String)
         process_last_link ||= path.end_with?(PATH_SEPARATOR)
         path_elements = path.split(PATH_SEPARATOR).reject(&:empty?)
-        return {api: self, file_id: top_file_id} if path_elements.empty?
+        return NodeFileId.new(self, top_file_id) if path_elements.empty?
         resolve_state = {path: path_elements, consumed: [], result: nil, process_last_link: process_last_link}
         process_folder_tree(method_sym: :process_api_fid, state: resolve_state, top_file_id: top_file_id)
         raise ParameterError, "Entry not found: #{resolve_state[:path].first} in /#{resolve_state[:consumed].join(PATH_SEPARATOR)}" if resolve_state[:result].nil?
-        Log.log.debug{"resolve_api_fid: #{path} -> #{resolve_state[:result][:api].base_url} #{resolve_state[:result][:file_id]}"}
+        Log.log.debug{"resolve_api_fid: #{path} -> #{resolve_state[:result].node_api.base_url} #{resolve_state[:result].file_id}"}
         return resolve_state[:result]
       end
 
       # Given a list of paths, finds a common root and list of sub-paths
       # @param top_file_id [String] Root file id
       # @param paths [Array(Hash)] List of paths
-      # @return [Array] size=2: apfid, paths (Array(Hash))
+      # @return [Array<(NodeFileId, Array<Hash>)>] Tuple containing the file identifier and paths
+      #   - [0] NodeFileId: Reference to the file on the node
+      #   - [1] Array<Hash>: Transfer paths, each Hash having:
+      #     - 'source' [String]: Source path
+      #     - 'destination' [String]: Destination path (optional)
       def resolve_api_fid_paths(top_file_id, paths)
         Aspera.assert_type(paths, Array)
         Aspera.assert(paths.size.positive?)
@@ -401,7 +423,7 @@ module Aspera
         # If a single item
         if source_paths.size.eql?(1)
           # Get precise info in this element
-          file_info = apifid[:api].read("files/#{apifid[:file_id]}")
+          file_info = apifid.node_api.read("files/#{apifid.file_id}")
           source_paths =
             case file_info['type']
             when 'file'
@@ -496,15 +518,16 @@ module Aspera
         add_tspec_info(transfer_spec)
         transfer_spec.deep_merge!(ts_merge) unless ts_merge.nil?
         # Add application specific tags (AoC)
-        @app_info[:api].add_ts_tags(transfer_spec: transfer_spec, app_info: @app_info) unless @app_info.nil?
+        @app_info&.api&.add_ts_tags(transfer_spec: transfer_spec, app_info: @app_info)
         # Add remote host info
         if self.class.api_options[:standard_ports]
           # Get default TCP/UDP ports and transfer user
           transfer_spec.merge!(Transfer::Spec::AK_TSPEC_BASE)
           # By default: same address as node API
           transfer_spec['remote_host'] = URI.parse(base_url).host
-          # AoC allows specification of other url
-          transfer_spec['remote_host'] = @app_info[:node_info]['transfer_url'] if !@app_info.nil? && !@app_info[:node_info]['transfer_url'].nil? && !@app_info[:node_info]['transfer_url'].empty?
+          # AoC allows specification of other url (in UI: `Transfer endpoint (optional)`)
+          transfer_url = @app_info&.node_info&.[]('transfer_url').to_s
+          transfer_spec['remote_host'] = transfer_url unless transfer_url.empty?
           info = read('info')
           # Get the transfer user from info on access key
           transfer_spec['remote_user'] = info['transfer_user'] if info['transfer_user']
@@ -530,37 +553,79 @@ module Aspera
         Aspera.assert_type(query, Hash, NilClass){'query'}
         Aspera.assert(!call_args.key?(:query))
         query = {} if query.nil?
-        query[:iteration_token] = iteration[0] unless iteration.nil?
+        query[:iteration_token] = iteration[0] unless iteration.nil? || iteration[0].nil?
         max = query.delete(RestList::MAX_ITEMS)
+        # Return empty list immediately if max is 0
+        return [] if max&.zero?
         item_list = []
         loop do
           data, http = read(subpath, query, **call_args, ret: :both)
           Aspera.assert_type(data, Array){"Expected data to be an Array, got: #{data.class}"}
           # no data
           break if data.empty?
-          # get next iteration token from link
-          next_iteration_token = nil
-          link_info = http['Link']
-          unless link_info.nil?
-            m = link_info.match(/<([^>]+)>/)
-            Aspera.assert(m){"Cannot parse iteration in Link: #{link_info}"}
-            next_iteration_token = Rest.query_to_h(URI.parse(m[1]).query)['iteration_token']
-          end
-          # same as last iteration: stop
-          break if next_iteration_token&.eql?(query[:iteration_token])
-          query[:iteration_token] = next_iteration_token
           item_list.concat(data)
+          # Check if we reached the max limit
           if max&.<=(item_list.length)
             item_list = item_list.slice(0, max)
             break
           end
+          # Update progress spinner
+          RestParameters.instance.spinner_cb.call(item_list.length)
+          # Parse Link header according to RFC 8288 to extract next iteration token
+          next_url = Rest.parse_link_header(http['Link'], rel: 'next')
+          next_iteration_token = nil
+          if next_url
+            begin
+              parsed_uri = URI.parse(next_url)
+              query_params = Rest.query_to_h(parsed_uri.query) if parsed_uri.query
+              next_iteration_token = query_params['iteration_token'] if query_params
+            rescue URI::InvalidURIError => e
+              Log.log.warn{"Invalid URI in Link header: #{next_url} - #{e.message}"}
+            end
+          end
+          # Stop if no next token
           break if next_iteration_token.nil?
+          # Stop if same token as current (infinite loop protection)
+          break if next_iteration_token.eql?(query[:iteration_token])
+          # Update token for next iteration
+          query[:iteration_token] = next_iteration_token
         end
+        # Signal completion
+        RestParameters.instance.spinner_cb.call(action: :success)
         # save iteration token if needed
         iteration[0] = query[:iteration_token] unless iteration.nil?
         item_list
       end
 
+      # Read resource content with pagination (page, per_page)
+      #
+      # @param subpath [String] API Path
+      # @param query [Hash, nil] Optional query parameters for the API request
+      # @param kwargs [Hash] Other parameters for Rest.read
+      #
+      # @return [Array<Hash>] List of folder entries (files, folders, links)
+      def read_with_pages(subpath, query = nil, **kwargs)
+        items = []
+        query ||= {}
+        query['per_page'] ||= 500
+        query['page'] ||= 1
+        suffix = nil
+        loop do
+          RestParameters.instance.spinner_cb.call("#{items.count}#{suffix}")
+          data, http = read(subpath, query, **kwargs, ret: :both)
+          items.concat(data)
+          break if data.length < query['per_page']
+          suffix ||= "/#{http[HEADER_X_TOTAL_COUNT]}" if http[HEADER_X_TOTAL_COUNT]
+          query['page'] += 1
+        end
+      rescue StandardError => e
+        Log.log.warn{"#{e.class} #{e.message}"}
+        Log.log.debug{(['Backtrace:'] + e.backtrace).join("\n")}
+      ensure
+        RestParameters.instance.spinner_cb.call(items.count, action: :success)
+        return items # rubocop:disable Lint/EnsureReturn
+      end
+
       private
 
       # Method called in loop for each entry for `resolve_api_fid`
@@ -577,12 +642,12 @@ module Aspera
           raise "#{entry['name']} is a file, expecting folder to find: #{state[:path]}" unless path_fully_consumed
           # It's terminal, we found it
           Log.log.debug{"process_api_fid: found #{path} -> #{entry['id']}"}
-          state[:result] = {api: self, file_id: entry['id']}
+          state[:result] = NodeFileId.new(self, entry['id'])
           return false
         when 'folder'
           if path_fully_consumed
             # We found it
-            state[:result] = {api: self, file_id: entry['id']}
+            state[:result] = NodeFileId.new(self, entry['id'])
             return false
           end
         when 'link'
@@ -592,10 +657,10 @@ module Aspera
               other_node = nil
               other_node = node_id_to_node(entry['target_node_id']) if entry_has_link_information(entry)
               raise Error, 'Cannot resolve link' if other_node.nil?
-              state[:result] = {api: other_node, file_id: entry['target_id']}
+              state[:result] = NodeFileId.new(other_node, entry['target_id'])
             else
               # We found it but we do not process the link
-              state[:result] = {api: self, file_id: entry['id']}
+              state[:result] = NodeFileId.new(self, entry['id'])
             end
             return false
           end

data/lib/aspera/ascp/installation.rb

@@ -38,7 +38,7 @@ module Aspera
       FIRST_FOUND = 'FIRST'
 
       # Loads YAML from cloud with locations of SDK archives for all platforms
-      # @return location structure
+      # @return [Hash] location structure
       def sdk_locations
         location_url = @transferd_urls
         transferd_locations = UriReader.read(location_url)
@@ -74,7 +74,7 @@ module Aspera
           end
         Log.log.debug{"ascp_folder=#{folder}"}
         Products::Transferd.sdk_directory = folder
-        return
+        nil
       end
 
       def sdk_folder
@@ -139,6 +139,7 @@ module Aspera
       end
 
       # default bypass key phrase
+      # @return [String]
       def ssh_cert_uuid
         return DataRepository.instance.item(:uuid)
       end
@@ -178,33 +179,32 @@ module Aspera
       # Folder, PVCL, version, license information
       def ascp_info_from_log
         data = {}
+        _, stderr, status = Environment.secure_execute(path(:ascp), '-DDL-', mode: :capture, exception: false)
         # read PATHs from ascp directly, and pvcl modules as well
-        Open3.popen3(path(:ascp), '-DDL-') do |_stdin, _stdout, stderr, thread|
-          last_line = ''
-          while (line = stderr.gets)
-            line.chomp!
-            # skip lines that may have accents
-            next unless line.valid_encoding?
-            last_line = line
-            case line
-            when /^DBG Path ([^ ]+) (dir|file) +: (.*)$/
-              data[Regexp.last_match(1)] = Regexp.last_match(3)
-            when /^DBG Added module group:"(?<module>[^"]+)" name:"(?<scheme>[^"]+)", version:"(?<version>[^"]+)" interface:"(?<interface>[^"]+)"$/
-              c = Regexp.last_match.named_captures.symbolize_keys
-              data[c[:interface]] ||= {}
-              data[c[:interface]][c[:module]] ||= []
-              data[c[:interface]][c[:module]].push("#{c[:scheme]} v#{c[:version]}")
-            when %r{^DBG License result \(/license/(\S+)\): (.+)$}
-              data[Regexp.last_match(1)] = Regexp.last_match(2)
-            when /^LOG (.+) version ([0-9.]+)$/
-              data['product_name'] = Regexp.last_match(1)
-              data['product_version'] = Regexp.last_match(2)
-            when /^LOG Initializing FASP version ([^,]+),/
-              data['ascp_version'] = Regexp.last_match(1)
-            end
+        last_line = ''
+        stderr.lines do |line|
+          line.chomp!
+          # Skip lines that may have accents
+          next unless line.valid_encoding?
+          last_line = line
+          case line
+          when /^DBG Path ([^ ]+) (dir|file) +: (.*)$/
+            data[Regexp.last_match(1)] = Regexp.last_match(3)
+          when /^DBG Added module group:"(?<module>[^"]+)" name:"(?<scheme>[^"]+)", version:"(?<version>[^"]+)" interface:"(?<interface>[^"]+)"$/
+            c = Regexp.last_match.named_captures.symbolize_keys
+            data[c[:interface]] ||= {}
+            data[c[:interface]][c[:module]] ||= []
+            data[c[:interface]][c[:module]].push("#{c[:scheme]} v#{c[:version]}")
+          when %r{^DBG License result \(/license/(\S+)\): (.+)$}
+            data[Regexp.last_match(1)] = Regexp.last_match(2)
+          when /^LOG (.+) version ([0-9.]+)$/
+            data['product_name'] = Regexp.last_match(1)
+            data['product_version'] = Regexp.last_match(2)
+          when /^LOG Initializing FASP version ([^,]+),/
+            data['ascp_version'] = Regexp.last_match(1)
           end
-          raise last_line if !thread.value.exitstatus.eql?(1) && !data.key?('root')
         end
+        raise last_line if !status.exitstatus.eql?(1) && !data.key?('root')
         return data
       end
 
@@ -242,7 +242,8 @@ module Aspera
         return info.first['url']
       end
 
-      # @param &block called with entry information
+      # @param sdk_archive_path [String] path to SDK archive
+      # @param &block called with: file path, data stream, link target if link?
       def extract_archive_files(sdk_archive_path)
         Aspera.assert(block_given?){'missing block'}
         case sdk_archive_path
@@ -276,32 +277,33 @@ module Aspera
       end
 
       # Retrieves ascp binary for current system architecture from URL or file
-      # @param url      [String]  URL to SDK archive, or SpecialValues::DEF
-      # @param folder   [String]  Destination folder path
-      # @param backup   [Boolean] If destination folder exists, then rename
-      # @param with_exe [Boolean] If false, only retrieves files, but do not generate or restrict access
-      # @param &block   [Proc]    A lambda that receives a file path from archive and tells destination sub folder(end with /) or file, or nil to not extract
+      # @param folder  [String]      Destination folder path
+      # @param url     [nil, String] URL to SDK archive, if nil: default url for version
+      # @param version [nil, String] Specific version, if nil: latest version
+      # @param backup  [Boolean]     If destination folder exists, then rename
+      # @param &block  [nil, Proc]   A lambda that receives a file path from archive and tells destination sub folder(end with /) or file, or nil to not extract
       # @return [Array] name, ascp version (from execution), folder
-      def install_sdk(url: nil, version: nil, folder: nil, backup: true, with_exe: true, &block)
-        url = sdk_url_for_platform(version: version) if url.nil? || url.eql?('DEF')
-        folder = Products::Transferd.sdk_directory if folder.nil?
-        subfolder_lambda = block
-        if subfolder_lambda.nil?
-          # default files to extract directly to main folder if in selected source folders
-          subfolder_lambda = ->(name) do
-            Products::Transferd::RUNTIME_FOLDERS.any?{ |i| name.match?(%r{^[^/]*/#{i}/})} ? '/' : nil
-          end
-        end
-        FileUtils.mkdir_p(folder)
-        # rename old install
-        if backup && !Dir.empty?(folder)
+      def install_sdk(folder:, url: nil, version: nil, backup: true)
+        url ||= sdk_url_for_platform(version: version)
+        # Rename old install
+        if backup && Dir.exist?(folder) && !Dir.empty?(folder)
           Log.log.warn('Previous install exists, renaming folder.')
           File.rename(folder, "#{folder}.#{Time.now.strftime('%Y%m%d%H%M%S')}")
-          # TODO: delete old archives ?
+          # TODO: cleanup old archives ?
         end
+        FileUtils.mkdir_p(folder)
+        # Security: Track extracted file paths to detect basename collisions
+        extracted_files = {}
+        # Security: Get canonical path of installation directory for boundary checks
+        install_boundary = File.realpath(folder)
         sdk_archive_path = UriReader.read_as_file(url)
         extract_archive_files(sdk_archive_path) do |entry_name, entry_stream, link_target|
-          dest_folder = subfolder_lambda.call(entry_name)
+          dest_folder = if block_given?
+            yield(entry_name)
+          else
+            # default files to extract directly to main folder if in selected source folders
+            Products::Transferd::RUNTIME_FOLDERS.any?{ |i| entry_name.match?(%r{^[^/]*/#{i}/})} ? '/' : nil
+          end
           next if dest_folder.nil?
           dest_folder = File.join(folder, dest_folder)
           if dest_folder.end_with?('/')
@@ -310,26 +312,86 @@ module Aspera
             dest_file = dest_folder
             dest_folder = File.dirname(dest_file)
           end
+          # Security: Detect basename collisions that could overwrite symlinks
+          file_basename = File.basename(dest_file)
+          if extracted_files.key?(file_basename)
+            Log.log.warn{"Rejecting file with duplicate basename: #{entry_name} (basename: #{file_basename}, previous: #{extracted_files[file_basename]})"}
+            next
+          end
+          extracted_files[file_basename] = entry_name
           FileUtils.mkdir_p(dest_folder)
           if link_target.nil?
+            # Security: Check if destination already exists
+            if File.exist?(dest_file)
+              Log.log.warn{"Rejecting write to existing file or link: #{dest_file}"}
+              next
+            end
+            # Security: Verify the resolved path stays within installation boundary
+            begin
+              # Create parent directory if needed for realpath check
+              FileUtils.mkdir_p(File.dirname(dest_file))
+              # Check where the file would resolve to (handles existing symlinks in path)
+              resolved_dest = File.realpath(File.dirname(dest_file))
+              unless resolved_dest.start_with?(install_boundary)
+                Log.log.warn{"Rejecting file outside installation directory: #{dest_file} resolves to #{resolved_dest}"}
+                next
+              end
+            rescue Errno::ENOENT
+              # Directory doesn't exist yet, verify the intended path
+              unless dest_file.start_with?(folder)
+                Log.log.warn{"Rejecting file with path outside installation directory: #{dest_file}"}
+                next
+              end
+            end
             File.open(dest_file, 'wb'){ |output_stream| IO.copy_stream(entry_stream, output_stream)}
           else
+            # Security: Validate symlink target stays within installation boundary
+            # Resolve the symlink target relative to its location
+            link_dir = File.dirname(dest_file)
+            resolved_target = if link_target.start_with?('/')
+              # Absolute symlink target
+              link_target
+            else
+              # Relative symlink target
+              File.expand_path(link_target, link_dir)
+            end
+            # Check if resolved target would be outside installation directory
+            unless resolved_target.start_with?(install_boundary)
+              Log.log.warn{"Rejecting symlink pointing outside installation directory: #{entry_name} -> #{link_target} (resolves to #{resolved_target})"}
+              next
+            end
             File.symlink(link_target, dest_file)
           end
         end
-        return unless with_exe
-        # Ensure necessary files are there, or generate them
+      end
+
+      # Retrieve SDK either from specified URL, or specified version from standard location, or latest version
+      # @param url [nil, String] URL
+      # @param version [nil, String] URL
+      def retrieve_sdk(url: nil, version: nil)
+        folder = Products::Transferd.sdk_directory
+        install_sdk(folder: folder, url: url, version: version)
+        # Ensure necessary files are there, or generate them, restrict file access on SDK executables
         SDK_FILES.each do |file_id_sym|
           file_path = path(file_id_sym)
           if file_path && EXE_FILES.include?(file_id_sym)
             Environment.restrict_file_access(file_path, mode: 0o755) if File.exist?(file_path)
           end
         end
-        sdk_ascp_version = get_ascp_version(path(:ascp))
-        transferd_version = get_exe_version(path(:transferd), 'version')
-        sdk_name = 'IBM Aspera Transfer SDK'
-        sdk_version = transferd_version || sdk_ascp_version
-        File.write(File.join(folder, Products::Other::INFO_META_FILE), "<product><name>#{sdk_name}</name><version>#{sdk_version}</version></product>")
+        # Generate meta data XML file in SDK if needed, based on actual binaries versions
+        meta_data_file = File.join(folder, Products::Other::INFO_META_FILE)
+        if File.exist?(meta_data_file)
+          # file is there, read values:
+          meta_data = File.read(meta_data_file)
+          sdk_name = meta_data.scan(%r{<name>(.*?)</name>}).flatten.first || 'unknown'
+          sdk_version = meta_data.scan(%r{<version>(.*?)</version>}).flatten.first || 'unknown'
+        else
+          sdk_ascp_version = get_ascp_version(path(:ascp))
+          transferd_version = get_exe_version(path(:transferd), 'version')
+          sdk_name = 'IBM Aspera Transfer SDK'
+          sdk_version = transferd_version || sdk_ascp_version
+          File.write(meta_data_file, "<product><name>#{sdk_name}</name><version>#{sdk_version}</version></product>")
+        end
         return sdk_name, sdk_version, folder
       end
 
@@ -350,6 +412,7 @@ module Aspera
       END_OF_CONFIG_FILE
       # all executable files from SDK
       EXE_FILES = %i[ascp ascp4 async transferd].freeze
+      # IDs of files present in SDK
       SDK_FILES = %i[ssh_private_dsa ssh_private_rsa aspera_license aspera_conf fallback_certificate fallback_private_key].unshift(*EXE_FILES).freeze
       TRANSFERD_ARCHIVE_LOCATION_URL = 'https://ibm.biz/sdk_location'
       # filename for ascp with optional extension (Windows)

data/lib/aspera/cli/extended_value.rb

@@ -96,6 +96,7 @@ module Aspera
           path:   lambda{ |i| File.expand_path(i)},
           re:     lambda{ |i| Regexp.new(i, Regexp::MULTILINE)},
           ruby:   lambda{ |i| Environment.secure_eval(i, __FILE__, __LINE__)},
+          s:      lambda{ |i| i.to_s},
           secret: lambda{ |i| prompt = i.empty? ? 'secret' : i; $stdin.getpass("#{prompt}> ")}, # rubocop:disable Style/Semicolon
           stdin:  lambda{ |i| ExtendedValue.read_stdin(i)},
           yaml:   lambda{ |i| YAML.load(i)},