Mercurial > hg > webserver / annotate

src/server/safs/pathcheck.c@14ae3d8c01ae (annotated)

src/server/safs/pathcheck.c

Sun, 23 Nov 2025 13:45:55 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sun, 23 Nov 2025 13:45:55 +0100
changeset 638
14ae3d8c01ae
parent 415
d938228c382e
child 643
f4dc9b37a250
permissions
-rw-r--r--

add apply_location_config SAF

23
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
1 /*
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
3 *
44
3da1f7b6847f added some error messages
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 23
diff changeset
4 * Copyright 2013 Olaf Wintermann. All rights reserved.
23
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
5 *
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
6 * Redistribution and use in source and binary forms, with or without
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
7 * modification, are permitted provided that the following conditions are met:
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
8 *
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
9 * 1. Redistributions of source code must retain the above copyright
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
10 * notice, this list of conditions and the following disclaimer.
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
11 *
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
12 * 2. Redistributions in binary form must reproduce the above copyright
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
13 * notice, this list of conditions and the following disclaimer in the
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
14 * documentation and/or other materials provided with the distribution.
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
15 *
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
26 * POSSIBILITY OF SUCH DAMAGE.
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
27 */
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
28
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
29 #include <cx/string.h>
92
382bff43c6eb fixed some includes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 87
diff changeset
30
23
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
31 #include "pathcheck.h"
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
32
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
33 #include "../util/pblock.h"
51
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
34 #include "../daemon/config.h"
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
35 #include "../daemon/acl.h"
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
36 #include "../daemon/acldata.h"
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
37 #include "../daemon/session.h"
61
c858850f3d3a improved configuration reloading
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 52
diff changeset
38 #include "../daemon/vserver.h"
638
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
39 #include "../daemon/request.h"
23
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
40
142
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
41 #include "../daemon/vfs.h"
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
42
52
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
43 #include "../config/acl.h"
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
44
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
45 #define PATHCHECK_MAX_TOKENS 2048
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
46
23
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
47 int require_auth(pblock *pb, Session *sn, Request *rq) {
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
48 char *user = pblock_findkeyval(pb_key_auth_user, rq->vars);
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
49
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
50 if(user == NULL) {
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
51 pblock_nvinsert(
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
52 "www-authenticate",
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
53 "Basic realm=\"Webserver\"",
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
54 rq->srvhdrs);
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
55
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
56 protocol_status(sn, rq, PROTOCOL_UNAUTHORIZED, NULL);
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
57 return REQ_ABORTED;
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
58 }
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
59
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
60 return REQ_PROCEED;
a2c8fc23c90e Added basic authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
61 }
51
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
62
52
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
63 int require_access(pblock *pb, Session *sn, Request *rq) {
141
ff311b63c3af many fixes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 131
diff changeset
64 char *mask_str = pblock_findval("mask", pb);
52
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
65 if(!mask_str) {
77
f1cff81e425a some fixes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 69
diff changeset
66 log_ereport(LOG_MISCONFIG, "require-access: missing mask parameter");
f1cff81e425a some fixes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 69
diff changeset
67 protocol_status(sn, rq, 500, NULL);
52
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
68 return REQ_ABORTED;
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
69 }
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
70
143
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
71 char *method = pblock_findval("method", pb);
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
72 if(method) {
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
73 char *m = pblock_findkeyval(pb_key_method, rq->reqpb);
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
74 if(strcmp(method, m)) {
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
75 return REQ_NOACTION;
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
76 }
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
77 }
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
78
52
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
79 uint32_t access_mask = 0;
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
80 cxstring *rights = NULL;
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
81 ssize_t n = cx_strsplit_a(pool_allocator(sn->pool), cx_str(mask_str), (cxstring){",", 1}, PATHCHECK_MAX_TOKENS, &rights);
52
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
82 for(int i=0;i<n;i++) {
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
83 cxstring right = rights[i];
52
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
84 access_mask = access_mask | accstr2int(right);
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
85 }
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
86 pool_free(sn->pool, rights);
69
4a10bc0ee80d compiles on os x
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 61
diff changeset
87
143
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
88 rq->aclreqaccess = access_mask;
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
89
69
4a10bc0ee80d compiles on os x
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 61
diff changeset
90 return REQ_PROCEED;
52
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
91 }
aced2245fb1c new pathcheck saf and code cleanup
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 51
diff changeset
92
638
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
93 static int add_acl(Session *sn, Request *rq, const char *aclname) {
61
c858850f3d3a improved configuration reloading
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 52
diff changeset
94 const VirtualServer *vs = request_get_vs(rq);
638
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
95 ACLList *acl = acl_get(vs->acls, aclname);
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
96 if(!acl) {
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
97 log_ereport(
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
98 LOG_MISCONFIG,
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
99 "append-acl: acl %s not found", aclname);
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
100 return 1;
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
101 }
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
102 return acllist_append(sn, rq, acl);
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
103 }
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
104
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
105 int append_acl(pblock *pb, Session *sn, Request *rq) {
51
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
106 char *aclname = pblock_findval("acl", pb);
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
107 if(aclname) {
638
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
108 if(add_acl(sn, rq, aclname)) {
77
f1cff81e425a some fixes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 69
diff changeset
109 protocol_status(sn, rq, 500, NULL);
51
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
110 return REQ_ABORTED;
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
111 }
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
112 }
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
113
87
bdec069d2239 fixed pathcheck behavior
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 77
diff changeset
114 return REQ_PROCEED;
51
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
115 }
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
116
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
117
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
118 int check_acl(pblock *pb, Session *sn, Request *rq) {
143
6bf5d2f37425 fixes some acl safs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 142
diff changeset
119 int access_mask = ACL_READ_DATA | rq->aclreqaccess; // TODO: check method and path
51
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
120
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
121 int ret = acl_evaluate(sn, rq, access_mask);
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
122 if(ret == REQ_ABORTED) {
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
123 // TODO: status, error, ...
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
124 return REQ_ABORTED;
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
125 }
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
126
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
127 return REQ_PROCEED;
b28cf69f42e8 added acls
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 44
diff changeset
128 }
131
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
129
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
130 int find_index(pblock *pb, Session *sn, Request *rq) {
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
131 char *inames = pblock_findval("index-names", pb);
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
132 if(!inames) {
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
133 log_ereport(
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
134 LOG_MISCONFIG,
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
135 "find-index: index-names parameter missing");
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
136 return REQ_ABORTED;
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
137 }
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
138
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
139 cxstring *names = NULL;
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
140 ssize_t ni = cx_strsplit_a(pool_allocator(sn->pool), cx_str(inames), (cxstring)CX_STR(","), PATHCHECK_MAX_TOKENS, &names);
131
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
141 if(ni <= 0) {
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
142 log_ereport(
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
143 LOG_MISCONFIG,
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
144 "find-index: no files specified in index-names parameter");
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
145 return REQ_ABORTED;
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
146 }
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
147
404
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
148 // only find index for GET requests
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
149 // maybe we want to support find-index for other methods, in that case
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
150 // we should implement a parameter for this
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
151 char *method = pblock_findkeyval(pb_key_method, rq->reqpb);
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
152 if(strcmp(method, "GET")) {
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
153 return REQ_NOACTION;
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
154 }
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
155
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
156 VFSContext *vfs = vfs_request_context(sn, rq);
131
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
157 int ret = REQ_NOACTION;
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
158
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
159 char *path = pblock_findkeyval(pb_key_path, rq->vars);
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
160 size_t pathlen = strlen(path);
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
161 cxstring p = cx_strn(path, pathlen);
131
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
162 if(path[pathlen-1] == '/') {
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
163 for(int i=0;i<ni;i++) {
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
164 cxmutstr newpath = cx_strcat(2, p, cx_strtrim(names[i]));
131
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
165 struct stat s;
404
e0e0754efd46 add vfs support to find_index
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 145
diff changeset
166 if(!vfs_stat(vfs, newpath.ptr, &s)) {
131
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
167 pblock_kvinsert(
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
168 pb_key_path,
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
169 newpath.ptr,
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
170 newpath.length,
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
171 rq->vars);
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
172 free(newpath.ptr);
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
173 ret = REQ_PROCEED;
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
174 } else {
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
175 free(newpath.ptr);
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
176 }
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
177 }
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
178 }
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
179
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 405
diff changeset
180 pool_free(sn->pool, names);
131
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
181
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
182 return ret;
70010b94bda5 adds find-index saf
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 100
diff changeset
183 }
142
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
184
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
185 int dir_redirect(pblock *pb, Session *sn, Request *rq) {
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
186 char *path = pblock_findkeyval(pb_key_path, rq->vars);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
187
405
162f122b96a1 add vfs support to dir_redirect
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
188 VFSContext *vfs = vfs_request_context(sn, rq);
142
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
189
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
190 struct stat s;
405
162f122b96a1 add vfs support to dir_redirect
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
191 if(vfs_stat(vfs, path, &s) != 0) {
142
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
192 return REQ_NOACTION;
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
193 }
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
194
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
195 // TODO: remove code duplication (service.c)
405
162f122b96a1 add vfs support to dir_redirect
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
196 // TODO: make response code configurable
142
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
197 if(S_ISDIR(s.st_mode) && path[strlen(path)-1] != '/') {
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
198 pblock_nvinsert("content-length", "0", rq->srvhdrs);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
199 pblock_removekey(pb_key_content_type, rq->srvhdrs);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
200 char *uri = pblock_findkeyval(pb_key_uri, rq->reqpb);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
201 size_t urilen = strlen(uri);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
202 char *location = pool_malloc(sn->pool, urilen + 2);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
203 memcpy(location, uri, urilen);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
204 location[urilen] = '/';
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
205 location[urilen+1] = '\0';
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
206 pblock_kvinsert(pb_key_location, location, urilen + 1, rq->srvhdrs);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
207 protocol_status(sn, rq, 302, NULL);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
208 http_start_response(sn, rq);
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
209 return REQ_ABORTED;
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
210 }
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
211
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
212 return REQ_PROCEED;
55298bc9ed28 adds new a pathcheck saf and improves content type matchin and improves content type matching
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 141
diff changeset
213 }
638
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
214
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
215 int apply_location_config(pblock *pb, Session *sn, Request *rq) {
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
216 NSAPIRequest *req = (NSAPIRequest*)rq;
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
217 WSLocationConfig *config = req->location;
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
218 if(!config) {
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
219 return REQ_NOACTION;
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
220 }
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
221
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
222 if(config->set_forcetls && config->forcetls) {
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
223 // TODO
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
224 }
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
225
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
226 CxIterator i = cxListIterator(config->acls);
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
227 cx_foreach(char*, aclname, i) {
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
228 if(add_acl(sn, rq, aclname)) {
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
229 return REQ_ABORTED;
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
230 }
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
231 }
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
232
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
233 return REQ_PROCEED;
14ae3d8c01ae add apply_location_config SAF
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
234 }

Mercurial Repository: webserver

mercurial