[src/trunk]: src/libexec/httpd Check for needed authentication even before re...

[martin <martin%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/5e1d77cb0aa0
branches:  trunk
changeset: 787640:5e1d77cb0aa0
user:      martin <martin%NetBSD.org@localhost>
date:      Thu Jun 27 13:11:11 2013 +0000

description:
Check for needed authentication even before redirecting.

diffstat:

 libexec/httpd/bozohttpd.c |  12 +++++++++---
 1 files changed, 9 insertions(+), 3 deletions(-)

diffs (33 lines):

diff -r 742dc02ee128 -r 5e1d77cb0aa0 libexec/httpd/bozohttpd.c
--- a/libexec/httpd/bozohttpd.c Thu Jun 27 13:00:43 2013 +0000
+++ b/libexec/httpd/bozohttpd.c Thu Jun 27 13:11:11 2013 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bozohttpd.c,v 1.38 2013/06/27 13:00:43 martin Exp $    */
+/*     $NetBSD: bozohttpd.c,v 1.39 2013/06/27 13:11:11 martin Exp $    */
 
 /*     $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $      */
 
@@ -1124,7 +1124,8 @@
 check_bzredirect(bozo_httpreq_t *request)
 {
        struct stat sb;
-       char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1];
+       char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1],
+           path[MAXPATHLEN];
        char *basename, *finalredir;
        int rv, absolute;
 
@@ -1167,7 +1168,12 @@
        redirpath[rv] = '\0';
        debug((request->hr_httpd, DEBUG_FAT,
               "readlink returned \"%s\"", redirpath));
-       
+
+       /* check if we need authentication */
+       snprintf(path, sizeof(path), "%s/", dir);
+       if (bozo_auth_check(request, path))
+               return 1;
+
        /* now we have the link pointer, redirect to the real place */
        if (absolute)
                finalredir = redirpath;