src/server/safs/pathcheck.c

changeset 415
d938228c382e
parent 405
162f122b96a1
equal deleted inserted replaced
414:99a34860c105 415:d938228c382e
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE. 26 * POSSIBILITY OF SUCH DAMAGE.
27 */ 27 */
28 28
29 #include <ucx/string.h> 29 #include <cx/string.h>
30 30
31 #include "pathcheck.h" 31 #include "pathcheck.h"
32 32
33 #include "../util/pblock.h" 33 #include "../util/pblock.h"
34 #include "../daemon/config.h" 34 #include "../daemon/config.h"
39 39
40 #include "../daemon/vfs.h" 40 #include "../daemon/vfs.h"
41 41
42 #include "../config/acl.h" 42 #include "../config/acl.h"
43 43
44 #define PATHCHECK_MAX_TOKENS 2048
45
44 int require_auth(pblock *pb, Session *sn, Request *rq) { 46 int require_auth(pblock *pb, Session *sn, Request *rq) {
45 char *user = pblock_findkeyval(pb_key_auth_user, rq->vars); 47 char *user = pblock_findkeyval(pb_key_auth_user, rq->vars);
46 48
47 if(user == NULL) { 49 if(user == NULL) {
48 pblock_nvinsert( 50 pblock_nvinsert(
72 return REQ_NOACTION; 74 return REQ_NOACTION;
73 } 75 }
74 } 76 }
75 77
76 uint32_t access_mask = 0; 78 uint32_t access_mask = 0;
77 ssize_t n = 0; 79 cxstring *rights = NULL;
78 sstr_t *rights = sstrsplit(sstr(mask_str), sstrn(",", 1), &n); 80 ssize_t n = cx_strsplit_a(pool_allocator(sn->pool), cx_str(mask_str), (cxstring){",", 1}, PATHCHECK_MAX_TOKENS, &rights);
79 for(int i=0;i<n;i++) { 81 for(int i=0;i<n;i++) {
80 sstr_t right = rights[i]; 82 cxstring right = rights[i];
81 access_mask = access_mask | accstr2int(right); 83 access_mask = access_mask | accstr2int(right);
82 free(right.ptr); 84 }
83 } 85 pool_free(sn->pool, rights);
84 free(rights);
85 86
86 rq->aclreqaccess = access_mask; 87 rq->aclreqaccess = access_mask;
87 88
88 return REQ_PROCEED; 89 return REQ_PROCEED;
89 } 90 }
130 LOG_MISCONFIG, 131 LOG_MISCONFIG,
131 "find-index: index-names parameter missing"); 132 "find-index: index-names parameter missing");
132 return REQ_ABORTED; 133 return REQ_ABORTED;
133 } 134 }
134 135
135 ssize_t ni = 0; 136 cxstring *names = NULL;
136 sstr_t *names = sstrsplit(sstr(inames), S(","), &ni); 137 ssize_t ni = cx_strsplit_a(pool_allocator(sn->pool), cx_str(inames), (cxstring)CX_STR(","), PATHCHECK_MAX_TOKENS, &names);
137 if(ni <= 0) { 138 if(ni <= 0) {
138 log_ereport( 139 log_ereport(
139 LOG_MISCONFIG, 140 LOG_MISCONFIG,
140 "find-index: no files specified in index-names parameter"); 141 "find-index: no files specified in index-names parameter");
141 return REQ_ABORTED; 142 return REQ_ABORTED;
152 VFSContext *vfs = vfs_request_context(sn, rq); 153 VFSContext *vfs = vfs_request_context(sn, rq);
153 int ret = REQ_NOACTION; 154 int ret = REQ_NOACTION;
154 155
155 char *path = pblock_findkeyval(pb_key_path, rq->vars); 156 char *path = pblock_findkeyval(pb_key_path, rq->vars);
156 size_t pathlen = strlen(path); 157 size_t pathlen = strlen(path);
157 sstr_t p = sstrn(path, pathlen); 158 cxstring p = cx_strn(path, pathlen);
158 if(path[pathlen-1] == '/') { 159 if(path[pathlen-1] == '/') {
159 for(int i=0;i<ni;i++) { 160 for(int i=0;i<ni;i++) {
160 sstr_t newpath = sstrcat(2, p, sstrtrim(names[i])); 161 cxmutstr newpath = cx_strcat(2, p, cx_strtrim(names[i]));
161 struct stat s; 162 struct stat s;
162 if(!vfs_stat(vfs, newpath.ptr, &s)) { 163 if(!vfs_stat(vfs, newpath.ptr, &s)) {
163 pblock_kvinsert( 164 pblock_kvinsert(
164 pb_key_path, 165 pb_key_path,
165 newpath.ptr, 166 newpath.ptr,
171 free(newpath.ptr); 172 free(newpath.ptr);
172 } 173 }
173 } 174 }
174 } 175 }
175 176
176 for(int i=0;i<ni;i++) { 177 pool_free(sn->pool, names);
177 free(names[i].ptr);
178 }
179 free(names);
180 178
181 return ret; 179 return ret;
182 } 180 }
183 181
184 int dir_redirect(pblock *pb, Session *sn, Request *rq) { 182 int dir_redirect(pblock *pb, Session *sn, Request *rq) {

mercurial