diff -urNp lighttpd-1.4.8/src/mod_auth.c lighttpd-new2/src/mod_auth.c
|
old
|
new
|
|
| 168 | 168 | } |
| 169 | 169 | #undef PATCH |
| 170 | 170 | |
| 171 | | static handler_t mod_auth_uri_handler(server *srv, connection *con, void *p_d) { |
| | 171 | static handler_t mod_auth_subrequest_handler(server *srv, connection *con, void *p_d) { |
| 172 | 172 | size_t k; |
| 173 | 173 | int auth_required = 0, auth_satisfied = 0; |
| 174 | 174 | char *http_authorization = NULL; |
| … |
… |
|
| 193 | 193 | |
| 194 | 194 | /* search auth-directives for path */ |
| 195 | 195 | for (k = 0; k < p->conf.auth_require->used; k++) { |
| | 196 | data_string *use_physical; |
| 196 | 197 | if (p->conf.auth_require->data[k]->key->used == 0) continue; |
| 197 | | |
| 198 | | if (0 == strncmp(con->uri.path->ptr, p->conf.auth_require->data[k]->key->ptr, p->conf.auth_require->data[k]->key->used - 1)) { |
| 199 | | auth_required = 1; |
| 200 | | break; |
| | 198 | |
| | 199 | req = ((data_array *)(p->conf.auth_require->data[k]))->value; |
| | 200 | use_physical = (data_string *)array_get_element(req, "use_physical"); |
| | 201 | if (con->physical.path != NULL && con->physical.path->ptr != NULL && use_physical != NULL && |
| | 202 | use_physical->value->ptr != NULL && strcmp(use_physical->value->ptr, "yes") == 0) |
| | 203 | { |
| | 204 | char resolved_path[PATH_MAX]; |
| | 205 | |
| | 206 | if (realpath(con->physical.path->ptr, resolved_path) == NULL) continue; |
| | 207 | if (strncmp(resolved_path, p->conf.auth_require->data[k]->key->ptr, |
| | 208 | p->conf.auth_require->data[k]->key->used - 1) == 0) |
| | 209 | { |
| | 210 | auth_required = 1; |
| | 211 | break; |
| | 212 | } |
| | 213 | } |
| | 214 | else if (0 == strncmp(con->uri.path->ptr, p->conf.auth_require->data[k]->key->ptr, p->conf.auth_require->data[k]->key->used - 1)) |
| | 215 | { |
| | 216 | data_string *authority; |
| | 217 | authority = (data_string *)array_get_element(req, "authority"); |
| | 218 | if (authority == NULL || authority->value->ptr == NULL || |
| | 219 | strcmp(authority->value->ptr, con->uri.authority->ptr) == 0) |
| | 220 | { |
| | 221 | auth_required = 1; |
| | 222 | break; |
| | 223 | } |
| 201 | 224 | } |
| 202 | 225 | } |
| 203 | 226 | |
| … |
… |
|
| 384 | 407 | for (n = 0; n < da->value->used; n++) { |
| 385 | 408 | size_t m; |
| 386 | 409 | data_array *da_file = (data_array *)da->value->data[n]; |
| 387 | | const char *method, *realm, *require |
| | 410 | const char *method, *realm, *require, *authority, *use_physical; |
| 388 | 411 | |
| 389 | 412 | if (da->value->data[n]->type != TYPE_ARRAY) { |
| 390 | 413 | log_error_write(srv, __FILE__, __LINE__, "sssbs", |
| … |
… |
|
| 393 | 416 | return HANDLER_ERROR; |
| 394 | 417 | } |
| 395 | 418 | |
| 396 | | method = realm = require = |
| | 419 | method = realm = require = authority = use_physical = NULL; |
| 397 | 420 | |
| 398 | 421 | for (m = 0; m < da_file->value->used; m++) { |
| 399 | 422 | if (da_file->value->data[m]->type == TYPE_STRING) { |
| … |
… |
|
| 403 | 426 | realm = ((data_string *)(da_file->value->data[m]))->value->ptr; |
| 404 | 427 | } else if (0 == strcmp(da_file->value->data[m]->key->ptr, "require")) { |
| 405 | 428 | require = ((data_string *)(da_file->value->data[m]))->value->ptr; |
| | 429 | } else if (0 == strcmp(da_file->value->data[m]->key->ptr, "authority")) { |
| | 430 | authority = ((data_string *)(da_file->value->data[m]))->value->ptr; |
| | 431 | } else if (0 == strcmp(da_file->value->data[m]->key->ptr, "use_physical")) { |
| | 432 | use_physical = ((data_string *)(da_file->value->data[m]))->value->ptr; |
| 406 | 433 | } else { |
| 407 | 434 | log_error_write(srv, __FILE__, __LINE__, "sssbs", "unexpected type for key: ", "auth.require", "[", da_file->value->data[m]->key, "](string)"); |
| 408 | 435 | return HANDLER_ERROR; |
| … |
… |
|
| 462 | 489 | buffer_copy_string(ds->value, require); |
| 463 | 490 | |
| 464 | 491 | array_insert_unique(a->value, (data_unset *)ds); |
| | 492 | |
| | 493 | if (authority) |
| | 494 | { |
| | 495 | ds = data_string_init(); |
| | 496 | |
| | 497 | buffer_copy_string(ds->key, "authority"); |
| | 498 | buffer_copy_string(ds->value, authority); |
| | 499 | |
| | 500 | array_insert_unique(a->value, (data_unset *)ds); |
| | 501 | } |
| | 502 | |
| | 503 | if (use_physical) |
| | 504 | { |
| | 505 | ds = data_string_init(); |
| | 506 | |
| | 507 | buffer_copy_string(ds->key, "use_physical"); |
| | 508 | buffer_copy_string(ds->value, use_physical); |
| | 509 | |
| | 510 | array_insert_unique(a->value, (data_unset *)ds); |
| | 511 | } |
| 465 | 512 | |
| 466 | 513 | array_insert_unique(s->auth_require, (data_unset *)a); |
| 467 | 514 | } |
| … |
… |
|
| 609 | 656 | p->name = buffer_init_string("auth"); |
| 610 | 657 | p->init = mod_auth_init; |
| 611 | 658 | p->set_defaults = mod_auth_set_defaults; |
| 612 | | p->handle_uri_clean = mod_auth_uri_handler; |
| | 659 | p->handle_subrequest_start = mod_auth_subrequest_handler; |
| 613 | 660 | p->cleanup = mod_auth_free; |
| 614 | 661 | |
| 615 | 662 | p->data = NULL; |
