Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix an issue with the chroot jail. At the ability to 404 certain Referer values. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
cf0aea0254c329b3bf67828996b59c48 |
| User & Date: | drh 2012-06-17 23:53:30.637 |
Context
|
2012-06-19
| ||
| 14:08 | In althttpd, if the requested file is not found, look for the "not-found.html" file in the same directory and use it instead. (check-in: e4391f7f58 user: drh tags: trunk) | |
|
2012-06-17
| ||
| 23:53 | Fix an issue with the chroot jail. At the ability to 404 certain Referer values. (check-in: cf0aea0254 user: drh tags: trunk) | |
|
2012-06-14
| ||
| 17:04 | Minor correction to the 3.7.13 news. (check-in: 78b3be0bd9 user: drh tags: trunk) | |
Changes
Changes to misc/althttpd.c.
| ︙ | ︙ | |||
933 934 935 936 937 938 939 940 941 942 943 944 945 946 |
}
/* Get all the optional fields that follow the first line.
*/
zCookie = 0;
zAuthType = 0;
zRemoteUser = 0;
while( fgets(zLine,sizeof(zLine),stdin) ){
char *zFieldName;
char *zVal;
nIn += strlen(zLine);
zFieldName = GetFirstElement(zLine,&zVal);
if( zFieldName==0 || *zFieldName==0 ) break;
| > | 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 |
}
/* Get all the optional fields that follow the first line.
*/
zCookie = 0;
zAuthType = 0;
zRemoteUser = 0;
zReferer = 0;
while( fgets(zLine,sizeof(zLine),stdin) ){
char *zFieldName;
char *zVal;
nIn += strlen(zLine);
zFieldName = GetFirstElement(zLine,&zVal);
if( zFieldName==0 || *zFieldName==0 ) break;
|
| ︙ | ︙ | |||
977 978 979 980 981 982 983 984 985 986 987 988 989 990 |
if( zRealPort ){
zServerPort = StrDup(zRealPort);
}
}else if( strcasecmp(zFieldName,"Authorization:")==0 ){
zAuthType = GetFirstElement(StrDup(zVal), &zAuthArg);
}
}
/* Make an extra effort to get a valid server name and port number.
** Only Netscape provides this information. If the browser is
** Internet Explorer, then we have to find out the information for
** ourselves.
*/
if( zServerName==0 ){
| > > > > > > > > > > > > > > > | 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 |
if( zRealPort ){
zServerPort = StrDup(zRealPort);
}
}else if( strcasecmp(zFieldName,"Authorization:")==0 ){
zAuthType = GetFirstElement(StrDup(zVal), &zAuthArg);
}
}
/* Disallow referring from certain servers */
#if 0
if( zReferer ){
static const char *azDisallow[] = {
"skidrowcrack.com",
"hoshiyuugi.tistory.com",
"skidrowgames.net",
};
int i;
for(i=0; i<sizeof(azDisallow)/sizeof(azDisallow[0]); i++){
if( strstr(zReferer, azDisallow[i])!=0 ) NotFound(__LINE__);
}
}
#endif
/* Make an extra effort to get a valid server name and port number.
** Only Netscape provides this information. If the browser is
** Internet Explorer, then we have to find out the information for
** ourselves.
*/
if( zServerName==0 ){
|
| ︙ | ︙ | |||
1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 |
int main(int argc, char **argv){
int i; /* Loop counter */
char *zPermUser = 0; /* Run daemon with this user's permissions */
int iPort = 0; /* Implement an HTTP server process */
int useChrootJail = 1; /* True to use a change-root jail */
/* Record the time when processing begins.
*/
time(&beginTime);
/* Parse command-line arguments
*/
| > | 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 |
int main(int argc, char **argv){
int i; /* Loop counter */
char *zPermUser = 0; /* Run daemon with this user's permissions */
int iPort = 0; /* Implement an HTTP server process */
int useChrootJail = 1; /* True to use a change-root jail */
struct passwd *pwd = 0; /* Information about the user */
/* Record the time when processing begins.
*/
time(&beginTime);
/* Parse command-line arguments
*/
|
| ︙ | ︙ | |||
1569 1570 1571 1572 1573 1574 1575 |
/* Change directories to the root of the HTTP filesystem. Then
** create a chroot jail there.
*/
if( chdir(zRoot)!=0 ){
Malfunction(__LINE__, "cannot change to directory [%s]", zRoot);
}
| | > > > > < | 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 |
/* Change directories to the root of the HTTP filesystem. Then
** create a chroot jail there.
*/
if( chdir(zRoot)!=0 ){
Malfunction(__LINE__, "cannot change to directory [%s]", zRoot);
}
/* Get information about the user if available */
if( zPermUser ) pwd = getpwnam(zPermUser);
/* Enter the chroot jail if requested */
if( zPermUser && useChrootJail && getuid()==0 ){
if( chroot(".")<0 ){
Malfunction(__LINE__, "unable to create chroot jail");
}else{
zRoot = "";
}
}
/* Activate the server, if requested */
if( iPort && http_server(iPort, 0) ){
Malfunction(__LINE__, "failed to start server");
}
/* Drop root privileges.
*/
if( zPermUser ){
if( pwd ){
setgid(pwd->pw_gid);
setuid(pwd->pw_uid);
}else{
Malfunction(__LINE__, "no such user [%s]", zPermUser);
}
}
|
| ︙ | ︙ |