Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/libexec/httpd o don't display special files in the director...
details: https://anonhg.NetBSD.org/src/rev/11269919df05
branches: trunk
changeset: 838546:11269919df05
user: mrg <mrg%NetBSD.org@localhost>
date: Tue Jan 22 05:32:57 2019 +0000
description:
o don't display special files in the directory index. they aren't
served, but links to them are generated.
diffstat:
libexec/httpd/CHANGES | 6 +++++-
libexec/httpd/auth-bozo.c | 4 ++--
libexec/httpd/bozohttpd.c | 24 +++++++++++++++---------
libexec/httpd/bozohttpd.h | 6 ++++--
libexec/httpd/dir-index-bozo.c | 5 ++++-
5 files changed, 30 insertions(+), 15 deletions(-)
diffs (142 lines):
diff -r f5830725a18f -r 11269919df05 libexec/httpd/CHANGES
--- a/libexec/httpd/CHANGES Tue Jan 22 03:47:45 2019 +0000
+++ b/libexec/httpd/CHANGES Tue Jan 22 05:32:57 2019 +0000
@@ -1,4 +1,8 @@
-$NetBSD: CHANGES,v 1.36 2019/01/17 07:46:16 mrg Exp $
+$NetBSD: CHANGES,v 1.37 2019/01/22 05:32:57 mrg Exp $
+
+changes in bozohttpd 20190121:
+ o don't display special files in the directory index. they aren't
+ served, but links to them are generated.
changes in bozohttpd 20190116:
o fix CGI '+' parameter handling, some error checking, and a double
diff -r f5830725a18f -r 11269919df05 libexec/httpd/auth-bozo.c
--- a/libexec/httpd/auth-bozo.c Tue Jan 22 03:47:45 2019 +0000
+++ b/libexec/httpd/auth-bozo.c Tue Jan 22 05:32:57 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: auth-bozo.c,v 1.22 2018/11/22 08:54:08 mrg Exp $ */
+/* $NetBSD: auth-bozo.c,v 1.23 2019/01/22 05:32:57 mrg Exp $ */
/* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */
@@ -64,7 +64,7 @@
strcpy(dir, ".");
else {
*basename++ = '\0';
- if (bozo_check_special_files(request, basename))
+ if (bozo_check_special_files(request, basename, true))
return 1;
}
request->hr_authrealm = bozostrdup(httpd, request, dir);
diff -r f5830725a18f -r 11269919df05 libexec/httpd/bozohttpd.c
--- a/libexec/httpd/bozohttpd.c Tue Jan 22 03:47:45 2019 +0000
+++ b/libexec/httpd/bozohttpd.c Tue Jan 22 05:32:57 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.c,v 1.110 2019/01/18 06:04:10 mrg Exp $ */
+/* $NetBSD: bozohttpd.c,v 1.111 2019/01/22 05:32:57 mrg Exp $ */
/* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */
@@ -109,7 +109,7 @@
#define INDEX_HTML "index.html"
#endif
#ifndef SERVER_SOFTWARE
-#define SERVER_SOFTWARE "bozohttpd/20190116"
+#define SERVER_SOFTWARE "bozohttpd/20190121"
#endif
#ifndef PUBLIC_HTML
#define PUBLIC_HTML "public_html"
@@ -140,7 +140,6 @@
#include <signal.h>
#include <stdarg.h>
#include <stdlib.h>
-#include <stdbool.h>
#include <strings.h>
#include <string.h>
#include <syslog.h>
@@ -1461,7 +1460,7 @@
*basename++ = '\0';
strcpy(path, dir);
}
- if (bozo_check_special_files(request, basename))
+ if (bozo_check_special_files(request, basename, true))
return -1;
debug((httpd, DEBUG_FAT, "check_bzredirect: path %s", path));
@@ -1913,17 +1912,24 @@
/* make sure we're not trying to access special files */
int
-bozo_check_special_files(bozo_httpreq_t *request, const char *name)
+bozo_check_special_files(bozo_httpreq_t *request, const char *name, bool doerror)
{
bozohttpd_t *httpd = request->hr_httpd;
size_t i;
+ int error = 0;
- for (i = 0; specials[i].file; i++)
- if (strcmp(name, specials[i].file) == 0)
- return bozo_http_error(httpd, 403, request,
+ for (i = 0; specials[i].file; i++) {
+ if (strcmp(name, specials[i].file) == 0) {
+ if (doerror) {
+ error = bozo_http_error(httpd, 403, request,
specials[i].name);
+ } else {
+ error = -1;
+ }
+ }
+ }
- return 0;
+ return error;
}
/* generic header printing routine */
diff -r f5830725a18f -r 11269919df05 libexec/httpd/bozohttpd.h
--- a/libexec/httpd/bozohttpd.h Tue Jan 22 03:47:45 2019 +0000
+++ b/libexec/httpd/bozohttpd.h Tue Jan 22 05:32:57 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.h,v 1.57 2018/11/24 13:02:46 christos Exp $ */
+/* $NetBSD: bozohttpd.h,v 1.58 2019/01/22 05:32:57 mrg Exp $ */
/* $eterna: bozohttpd.h,v 1.39 2011/11/18 09:21:15 mrg Exp $ */
@@ -34,6 +34,8 @@
#include "netbsd_queue.h"
+#include <stdbool.h>
+
#include <sys/stat.h>
#ifndef NO_LUA_SUPPORT
@@ -259,7 +261,7 @@
/* be sure to always return this error up */
int bozo_http_error(bozohttpd_t *, int, bozo_httpreq_t *, const char *);
-int bozo_check_special_files(bozo_httpreq_t *, const char *) BOZO_CHECKRET;
+int bozo_check_special_files(bozo_httpreq_t *, const char *, bool) BOZO_CHECKRET;
char *bozo_http_date(char *, size_t);
void bozo_print_header(bozo_httpreq_t *, struct stat *, const char *,
const char *);
diff -r f5830725a18f -r 11269919df05 libexec/httpd/dir-index-bozo.c
--- a/libexec/httpd/dir-index-bozo.c Tue Jan 22 03:47:45 2019 +0000
+++ b/libexec/httpd/dir-index-bozo.c Tue Jan 22 05:32:57 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: dir-index-bozo.c,v 1.30 2019/01/17 07:46:16 mrg Exp $ */
+/* $NetBSD: dir-index-bozo.c,v 1.31 2019/01/22 05:32:57 mrg Exp $ */
/* $eterna: dir-index-bozo.c,v 1.20 2011/11/18 09:21:15 mrg Exp $ */
@@ -148,6 +148,9 @@
httpd->hide_dots && name[0] == '.'))
continue;
+ if (bozo_check_special_files(request, name, false))
+ continue;
+
snprintf(buf, sizeof buf, "%s/%s", dirpath, name);
if (stat(buf, &sb))
nostat = 1;
Home |
Main Index |
Thread Index |
Old Index