Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix an issue with the chroot jail. At the ability to 404 certain Referer values. |
|---|---|
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
cf0aea0254c329b3bf67828996b59c48 |
| User & Date: | drh 2012-06-17 23:53:30 |
Context
|
2012-06-19
| ||
| 14:08 | In althttpd, if the requested file is not found, look for the "not-found.html" file in the same directory and use it instead. check-in: e4391f7f58 user: drh tags: trunk | |
|
2012-06-17
| ||
| 23:53 | Fix an issue with the chroot jail. At the ability to 404 certain Referer values. check-in: cf0aea0254 user: drh tags: trunk | |
|
2012-06-14
| ||
| 17:04 | Minor correction to the 3.7.13 news. check-in: 78b3be0bd9 user: drh tags: trunk | |
Changes
Changes to misc/althttpd.c.
933 934 935 936 937 938 939 940 941 942 943 944 945 946 ... 977 978 979 980 981 982 983 984 985 986 987 988 989 990 .... 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 .... 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 .... 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 |
}
/* Get all the optional fields that follow the first line.
*/
zCookie = 0;
zAuthType = 0;
zRemoteUser = 0;
while( fgets(zLine,sizeof(zLine),stdin) ){
char *zFieldName;
char *zVal;
nIn += strlen(zLine);
zFieldName = GetFirstElement(zLine,&zVal);
if( zFieldName==0 || *zFieldName==0 ) break;
................................................................................
if( zRealPort ){
zServerPort = StrDup(zRealPort);
}
}else if( strcasecmp(zFieldName,"Authorization:")==0 ){
zAuthType = GetFirstElement(StrDup(zVal), &zAuthArg);
}
}
/* Make an extra effort to get a valid server name and port number.
** Only Netscape provides this information. If the browser is
** Internet Explorer, then we have to find out the information for
** ourselves.
*/
if( zServerName==0 ){
................................................................................
int main(int argc, char **argv){
int i; /* Loop counter */
char *zPermUser = 0; /* Run daemon with this user's permissions */
int iPort = 0; /* Implement an HTTP server process */
int useChrootJail = 1; /* True to use a change-root jail */
/* Record the time when processing begins.
*/
time(&beginTime);
/* Parse command-line arguments
*/
................................................................................
/* Change directories to the root of the HTTP filesystem. Then
** create a chroot jail there.
*/
if( chdir(zRoot)!=0 ){
Malfunction(__LINE__, "cannot change to directory [%s]", zRoot);
}
if( zPermUser && useChrootJail && getuid()==0 ){
if( chroot(".")<0 ){
Malfunction(__LINE__, "unable to create chroot jail");
}else{
zRoot = "";
}
}
................................................................................
if( iPort && http_server(iPort, 0) ){
Malfunction(__LINE__, "failed to start server");
}
/* Drop root privileges.
*/
if( zPermUser ){
struct passwd *pwd = getpwnam(zPermUser);
if( pwd ){
setgid(pwd->pw_gid);
setuid(pwd->pw_uid);
}else{
Malfunction(__LINE__, "no such user [%s]", zPermUser);
}
}
|
> > > > > > > > > > > > > > > > > | > > > > < |
933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 ... 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 .... 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 .... 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 .... 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 |
} /* Get all the optional fields that follow the first line. */ zCookie = 0; zAuthType = 0; zRemoteUser = 0; zReferer = 0; while( fgets(zLine,sizeof(zLine),stdin) ){ char *zFieldName; char *zVal; nIn += strlen(zLine); zFieldName = GetFirstElement(zLine,&zVal); if( zFieldName==0 || *zFieldName==0 ) break; ................................................................................ if( zRealPort ){ zServerPort = StrDup(zRealPort); } }else if( strcasecmp(zFieldName,"Authorization:")==0 ){ zAuthType = GetFirstElement(StrDup(zVal), &zAuthArg); } } /* Disallow referring from certain servers */ #if 0 if( zReferer ){ static const char *azDisallow[] = { "skidrowcrack.com", "hoshiyuugi.tistory.com", "skidrowgames.net", }; int i; for(i=0; i<sizeof(azDisallow)/sizeof(azDisallow[0]); i++){ if( strstr(zReferer, azDisallow[i])!=0 ) NotFound(__LINE__); } } #endif /* Make an extra effort to get a valid server name and port number. ** Only Netscape provides this information. If the browser is ** Internet Explorer, then we have to find out the information for ** ourselves. */ if( zServerName==0 ){ ................................................................................ int main(int argc, char **argv){ int i; /* Loop counter */ char *zPermUser = 0; /* Run daemon with this user's permissions */ int iPort = 0; /* Implement an HTTP server process */ int useChrootJail = 1; /* True to use a change-root jail */ struct passwd *pwd = 0; /* Information about the user */ /* Record the time when processing begins. */ time(&beginTime); /* Parse command-line arguments */ ................................................................................ /* Change directories to the root of the HTTP filesystem. Then ** create a chroot jail there. */ if( chdir(zRoot)!=0 ){ Malfunction(__LINE__, "cannot change to directory [%s]", zRoot); } /* Get information about the user if available */ if( zPermUser ) pwd = getpwnam(zPermUser); /* Enter the chroot jail if requested */ if( zPermUser && useChrootJail && getuid()==0 ){ if( chroot(".")<0 ){ Malfunction(__LINE__, "unable to create chroot jail"); }else{ zRoot = ""; } } ................................................................................ if( iPort && http_server(iPort, 0) ){ Malfunction(__LINE__, "failed to start server"); } /* Drop root privileges. */ if( zPermUser ){ if( pwd ){ setgid(pwd->pw_gid); setuid(pwd->pw_uid); }else{ Malfunction(__LINE__, "no such user [%s]", zPermUser); } } |