Re: Fixed Referer/User Agent patch: msg#00054 web.lighttpd

On Thu, Sep 16, 2004 at 10:57:23PM -0500, Matt Levine wrote:

Hi Matt,

> Woops..first post was broken for some modules I wasn't using.

hihi, that's what I meant in my last mail :)

And we still have a problem:

why do you copy the buffer ?

l = ds->value;

is enough in this case and the buffer_free() can be removed. Otherwise
you will also free con->uri.path and srv_sock->srv_token in case you
uses $SERVER["socket"] or the other $HTTP options.

> IMHO, a good goal for a someone who's a better coder than myself (hi Jan
> :P):
>
> re-read config on sighup.. Given the power of the conditional config, I
> think it would be great to enable reconfiguration on the fly.

That's something on the long-term todo.

> Matt
>

> --- lighttpd-1.3.0/src/config.c Sun Sep 12 10:10:24 2004
> +++ lighttpd-1.3.0-patch/src/config.c Thu Sep 16 01:41:38 2004
> @@ -259,6 +259,7 @@
>
> int config_check_cond(server *srv, connection *con, data_config *dc) {
> buffer *l;
> + data_string *ds;
> server_socket *srv_sock = con->srv_socket;
> /* pass the rules */
>
> @@ -270,10 +271,23 @@
> l = con->uri.path;
> } else if (0 == strcmp(dc->comp_key->ptr, "SERVERsocket")) {
> l = srv_sock->srv_token;
> + } else if ( 0 == strcmp(dc->comp_key->ptr, "HTTPreferer")) {
> + if (NULL != (ds = (data_string
> *)array_get_element(con->request.headers, "Referer"))) {
> + l = buffer_init();
> + buffer_copy_string_buffer(l, ds->value);
> + } else {
> + return 0;
> + }
> + } else if ( 0 == strcmp(dc->comp_key->ptr, "HTTPuseragent")) {
> + if (NULL != (ds = (data_string
> *)array_get_element(con->request.headers, "User-Agent"))) {
> + l = buffer_init();
> + buffer_copy_string_buffer(l, ds->value);
> + } else {
> + return 0;
> + }
> } else {
> return 0;
> }
> -
> switch(dc->cond) {
> case CONFIG_COND_NE:
> case CONFIG_COND_EQ:
> @@ -291,7 +305,7 @@
> int n;
>
> n = pcre_exec(dc->match.regex, NULL, l->ptr, l->used - 1, 0, 0,
> ovec, N * 3);
> -
> + buffer_free(l);
> if (n > 0) {
> return (dc->cond == CONFIG_COND_MATCH) ? 1 : 0;
> } else {
> --- lighttpd-1.3.0/src/fcgi.c Sun Sep 12 03:22:36 2004
> +++ lighttpd-1.3.0-patch/src/fcgi.c Thu Sep 16 20:21:09 2004
> @@ -1499,7 +1499,8 @@
> fcgi_setup_connection(srv, con, p);
> fcgi_patch_connection(srv, con, p, CONST_STR_LEN("HTTPhost"));
> fcgi_patch_connection(srv, con, p, CONST_STR_LEN("HTTPurl"));
> -
> + fcgi_patch_connection(srv, con, p, CONST_STR_LEN("HTTPreferer"));
> + fcgi_patch_connection(srv, con, p, CONST_STR_LEN("HTTPuseragent"));
> path_info_offset = 0;
>
> /* check if extension matches */
> --- lighttpd-1.3.0/src/mod_access.c Thu Aug 26 13:59:06 2004
> +++ lighttpd-1.3.0-patch/src/mod_access.c Thu Sep 16 20:21:25 2004
> @@ -147,7 +147,8 @@
> mod_access_setup_connection(srv, con, p);
> mod_access_patch_connection(srv, con, p, CONST_STR_LEN("HTTPhost"));
> mod_access_patch_connection(srv, con, p, CONST_STR_LEN("HTTPurl"));
> -
> + mod_access_patch_connection(srv, con, p, CONST_STR_LEN("HTTPreferer"));
> + mod_access_patch_connection(srv, con, p,
> CONST_STR_LEN("HTTPuseragent"));
> s_len = con->uri.path->used - 1;
>
> for (k = 0; k < p->conf.access_deny->used; k++) {
> --- lighttpd-1.3.0/src/mod_compress.c Thu Aug 26 13:56:54 2004
> +++ lighttpd-1.3.0-patch/src/mod_compress.c Thu Sep 16 20:21:42 2004
> @@ -592,7 +592,8 @@
> mod_compress_setup_connection(srv, con, p);
> mod_compress_patch_connection(srv, con, p, CONST_STR_LEN("HTTPhost"));
> mod_compress_patch_connection(srv, con, p, CONST_STR_LEN("HTTPurl"));
> -
> + mod_compress_patch_connection(srv, con, p,
> CONST_STR_LEN("HTTPreferer"));
> + mod_compress_patch_connection(srv, con, p,
> CONST_STR_LEN("HTTPuseragent"));
>
> max_fsize = p->conf.compress_max_filesize;
>
> --- lighttpd-1.3.0/src/mod_redirect.c Fri Aug 20 02:58:07 2004
> +++ lighttpd-1.3.0-patch/src/mod_redirect.c Thu Sep 16 08:35:47 2004
> @@ -185,7 +185,8 @@
> mod_redirect_setup_connection(srv, con, p);
> mod_redirect_patch_connection(srv, con, p, "HTTPhost");
> mod_redirect_patch_connection(srv, con, p, "HTTPurl");
> -
> + mod_redirect_patch_connection(srv, con, p, "HTTPreferer");
> + mod_redirect_patch_connection(srv, con, p, "HTTPuseragent");
> buffer_copy_string_buffer(p->match_buf, con->request.uri);
>
> for (i = 0; i < p->conf.redirect->used; i++) {
> --- lighttpd-1.3.0/src/mod_rewrite.c Thu Aug 26 14:03:11 2004
> +++ lighttpd-1.3.0-patch/src/mod_rewrite.c Thu Sep 16 20:22:05 2004
> @@ -194,7 +194,8 @@
> mod_rewrite_setup_connection(srv, con, p);
> mod_rewrite_patch_connection(srv, con, p, CONST_STR_LEN("HTTPhost"));
> mod_rewrite_patch_connection(srv, con, p, CONST_STR_LEN("HTTPurl"));
> -
> + mod_rewrite_patch_connection(srv, con, p,
> CONST_STR_LEN("HTTPreferer"));
> + mod_rewrite_patch_connection(srv, con, p,
> CONST_STR_LEN("HTTPuseragent"));
> buffer_copy_string_buffer(p->match_buf, con->request.uri);
>
> for (i = 0; i < p->conf.rewrite->used; i++) {
> --- lighttpd-1.3.0/src/response.c Sun Sep 12 10:12:01 2004
> +++ lighttpd-1.3.0-patch/src/response.c Thu Sep 16 08:36:06 2004
> @@ -779,7 +779,9 @@
> buffer_copy_string_buffer(con->uri.authority,
> con->request.http_host);
>
> config_patch_connection(srv, con, CONST_STR_LEN("HTTPhost"));
> /* HTTPhost*/
> -
> + config_patch_connection(srv, con, CONST_STR_LEN("HTTPreferer"));
> + config_patch_connection(srv, con,
> CONST_STR_LEN("HTTPuseragent"));
> +
> /** extract query string from request.uri */
> if (NULL != (qstr = strchr(con->request.uri->ptr, '?'))) {
> buffer_copy_string (con->uri.query, qstr + 1);

Jan

--
Jan Kneschke http://jan.kneschke.de/
Perhaps you want to say 'thank you, jan': http://jk.123.org/wishlist/

Previous by Date:	Fixed Referer/User Agent patch: 00054, Matt Levine
Next by Date:	Semantic problems with mod_rewrite and [F]CGI scripts.: 00054, Aredridel
Previous by Thread:	Fixed Referer/User Agent patchi: 00054, Matt Levine
Next by Thread:	Re: Fixed Referer/User Agent patch: 00054, Jan Kneschke
Indexes:	[Date] [Thread] [Top] [All Lists]