diff options
Diffstat (limited to 'APACHE_1_3_42/src/modules/standard/mod_userdir.c')
-rw-r--r-- | APACHE_1_3_42/src/modules/standard/mod_userdir.c | 363 |
1 files changed, 363 insertions, 0 deletions
diff --git a/APACHE_1_3_42/src/modules/standard/mod_userdir.c b/APACHE_1_3_42/src/modules/standard/mod_userdir.c new file mode 100644 index 0000000000..1ab6f1188d --- /dev/null +++ b/APACHE_1_3_42/src/modules/standard/mod_userdir.c @@ -0,0 +1,363 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * mod_userdir... implement the UserDir command. Broken away from the + * Alias stuff for a couple of good and not-so-good reasons: + * + * 1) It shows a real minimal working example of how to do something like + * this. + * 2) I know people who are actually interested in changing this *particular* + * aspect of server functionality without changing the rest of it. That's + * what this whole modular arrangement is supposed to be good at... + * + * Modified by Alexei Kosut to support the following constructs + * (server running at www.foo.com, request for /~bar/one/two.html) + * + * UserDir public_html -> ~bar/public_html/one/two.html + * UserDir /usr/web -> /usr/web/bar/one/two.html + * UserDir /home/ * /www -> /home/bar/www/one/two.html + * NOTE: theses ^ ^ space only added allow it to work in a comment, ignore + * UserDir http://x/users -> (302) http://x/users/bar/one/two.html + * UserDir http://x/ * /y -> (302) http://x/bar/y/one/two.html + * NOTE: here also ^ ^ + * + * In addition, you can use multiple entries, to specify alternate + * user directories (a la Directory Index). For example: + * + * UserDir public_html /usr/web http://www.xyz.com/users + * + * Modified by Ken Coar to provide for the following: + * + * UserDir disable[d] username ... + * UserDir enable[d] username ... + * + * If "disabled" has no other arguments, *all* ~<username> references are + * disabled, except those explicitly turned on with the "enabled" keyword. + */ + +#include "httpd.h" +#include "http_config.h" + +module userdir_module; + +typedef struct userdir_config { + int globally_disabled; + char *userdir; + table *enabled_users; + table *disabled_users; +} userdir_config; + +/* + * Server config for this module: global disablement flag, a list of usernames + * ineligible for UserDir access, a list of those immune to global (but not + * explicit) disablement, and the replacement string for all others. + */ + +static void *create_userdir_config(pool *p, server_rec *s) +{ + userdir_config *newcfg; + + newcfg = (userdir_config *) ap_pcalloc(p, sizeof(userdir_config)); + newcfg->globally_disabled = 0; + newcfg->userdir = DEFAULT_USER_DIR; + newcfg->enabled_users = ap_make_table(p, 4); + newcfg->disabled_users = ap_make_table(p, 4); + return (void *) newcfg; +} + +#define O_DEFAULT 0 +#define O_ENABLE 1 +#define O_DISABLE 2 + +static const char *set_user_dir(cmd_parms *cmd, void *dummy, char *arg) +{ + userdir_config *s_cfg; + char *username; + const char *usernames = arg; + char *kw = ap_getword_conf(cmd->pool, &usernames); + table *usertable; + + s_cfg = (userdir_config *) ap_get_module_config(cmd->server->module_config, + &userdir_module); + /* + * Let's do the comparisons once. + */ + if ((!strcasecmp(kw, "disable")) || (!strcasecmp(kw, "disabled"))) { + /* + * If there are no usernames specified, this is a global disable - we + * need do no more at this point than record the fact. + */ + if (strlen(usernames) == 0) { + s_cfg->globally_disabled = 1; + return NULL; + } + usertable = s_cfg->disabled_users; + } + else if ((!strcasecmp(kw, "enable")) || (!strcasecmp(kw, "enabled"))) { + /* + * The "disable" keyword can stand alone or take a list of names, but + * the "enable" keyword requires the list. Whinge if it doesn't have + * it. + */ + if (strlen(usernames) == 0) { + return "UserDir \"enable\" keyword requires a list of usernames"; + } + usertable = s_cfg->enabled_users; + } + else { + /* + * If the first (only?) value isn't one of our keywords, look at each + * config 'word' for validity and copy the entire arg to the userdir + * if all paths are valid. + */ + const char *userdirs = arg; + while (*userdirs) { + char *thisdir = ap_getword_conf(cmd->pool, &userdirs); + if (!ap_os_is_path_absolute(thisdir) && !strchr(thisdir, ':')) { +#if defined(WIN32) || defined(NETWARE) + return "UserDir must specify an absolute redirect " + "or absolute file path"; +#else + if (strchr(thisdir, '*')) { + return "UserDir cannot specify '*' substitution within " + "a relative path"; + } +#endif + } + } + s_cfg->userdir = ap_pstrdup(cmd->pool, arg); +#if defined(WIN32) || defined(OS2) || defined(NETWARE) + /* These are incomplete paths, so we cannot canonicalize them yet. + * but any backslashes will confuse the parser, later, so simply + * change them to slash form. + */ + arg = s_cfg->userdir; + while (arg = strchr(arg, '\\')) { + *(arg++) = '/'; + } +#endif + return NULL; + } + /* + * Now we just take each word in turn from the command line and add it to + * the appropriate table. + */ + while (*usernames) { + username = ap_getword_conf(cmd->pool, &usernames); + ap_table_setn(usertable, username, kw); + } + return NULL; +} + +static const command_rec userdir_cmds[] = +{ + {"UserDir", set_user_dir, NULL, RSRC_CONF, RAW_ARGS, + "the public subdirectory in users' home directories, or " + "'disabled', or 'disabled username username...', or " + "'enabled username username...'"}, + {NULL} +}; + +static int translate_userdir(request_rec *r) +{ + void *server_conf = r->server->module_config; + const userdir_config *s_cfg = + (userdir_config *) ap_get_module_config(server_conf, &userdir_module); + char *name = r->uri; + const char *userdirs = s_cfg->userdir; + const char *w, *dname; + char *redirect; + struct stat statbuf; + + /* + * If the URI doesn't match our basic pattern, we've nothing to do with + * it. + */ + if ((s_cfg->userdir == NULL) + || (name[0] != '/') + || (name[1] != '~')) { + return DECLINED; + } + + dname = name + 2; + w = ap_getword(r->pool, &dname, '/'); + + /* + * The 'dname' funny business involves backing it up to capture the '/' + * delimiting the "/~user" part from the rest of the URL, in case there + * was one (the case where there wasn't being just "GET /~user HTTP/1.0", + * for which we don't want to tack on a '/' onto the filename). + */ + + if (dname[-1] == '/') { + --dname; + } + + /* + * If there's no username, it's not for us. Ignore . and .. as well. + */ + if ((w[0] == '\0') + || ((w[1] == '.') + && ((w[2] == '\0') + || ((w[2] == '.') && (w[3] == '\0'))))) { + return DECLINED; + } + /* + * Nor if there's an username but it's in the disabled list. + */ + if (ap_table_get(s_cfg->disabled_users, w) != NULL) { + return DECLINED; + } + /* + * If there's a global interdiction on UserDirs, check to see if this + * name is one of the Blessed. + */ + if (s_cfg->globally_disabled + && (ap_table_get(s_cfg->enabled_users, w) == NULL)) { + return DECLINED; + } + + /* + * Special cases all checked, onward to normal substitution processing. + */ + + while (*userdirs) { + const char *userdir = ap_getword_conf(r->pool, &userdirs); + char *filename = NULL; + int is_absolute = ap_os_is_path_absolute(userdir); + + if (strchr(userdir, '*')) { + /* token '*' embedded: + */ + char *x = ap_getword(r->pool, &userdir, '*'); + if (is_absolute) { + /* token '*' within absolute path + * serves [UserDir arg-pre*][user][UserDir arg-post*] + * /somepath/ * /somedir + /~smith -> /somepath/smith/somedir + */ + filename = ap_pstrcat(r->pool, x, w, userdir, NULL); + } + else if (strchr(x, ':')) { + /* token '*' within a redirect path + * serves [UserDir arg-pre*][user][UserDir arg-post*] + * http://server/user/ * + /~smith/foo -> + * http://server/user/smith/foo + */ + redirect = ap_pstrcat(r->pool, x, w, userdir, dname, NULL); + ap_table_setn(r->headers_out, "Location", redirect); + return REDIRECT; + } + else { + /* Not a redirect, not an absolute path, '*' token: + * serves [homedir]/[UserDir arg] + * something/ * /public_html + * Shouldn't happen, we trap for this in set_user_dir + */ + return DECLINED; + } + } + else if (is_absolute) { + /* An absolute path, no * token: + * serves [UserDir arg]/[user] + * /home + /~smith -> /home/smith + */ + if (userdir[strlen(userdir) - 1] == '/') + filename = ap_pstrcat(r->pool, userdir, w, NULL); + else + filename = ap_pstrcat(r->pool, userdir, "/", w, NULL); + } + else if (strchr(userdir, ':')) { + /* A redirect, not an absolute path, no * token: + * serves [UserDir arg]/[user][dname] + * http://server/ + /~smith/foo -> http://server/smith/foo + */ + if (userdir[strlen(userdir) - 1] == '/') { + redirect = ap_pstrcat(r->pool, userdir, w, dname, NULL); + } + else { + redirect = ap_pstrcat(r->pool, userdir, "/", w, dname, NULL); + } + ap_table_setn(r->headers_out, "Location", redirect); + return REDIRECT; + } + else { + /* Not a redirect, not an absolute path, no * token: + * serves [homedir]/[UserDir arg] + * e.g. /~smith -> /home/smith/public_html + */ +#if defined(WIN32) || defined(NETWARE) + /* Need to figure out home dirs on NT and NetWare + * Shouldn't happen here, though, we trap for this in set_user_dir + */ + return DECLINED; +#else /* WIN32 & NetWare */ + struct passwd *pw; + if ((pw = getpwnam(w))) { +#ifdef OS2 + /* Need to manually add user name for OS/2 */ + filename = ap_pstrcat(r->pool, pw->pw_dir, w, "/", + userdir, NULL); +#else + filename = ap_pstrcat(r->pool, pw->pw_dir, "/", + userdir, NULL); +#endif + } +#endif /* WIN32 & NetWare */ + } + + /* + * Now see if it exists, or we're at the last entry. If we are at the + * last entry, then use the filename generated (if there is one) + * anyway, in the hope that some handler might handle it. This can be + * used, for example, to run a CGI script for the user. + */ + if (filename && (!*userdirs || stat(filename, &statbuf) != -1)) { + r->filename = ap_pstrcat(r->pool, filename, dname, NULL); + /* when statbuf contains info on r->filename we can save a syscall + * by copying it to r->finfo + */ + if (*userdirs && dname[0] == 0) { + r->finfo = statbuf; + } + return OK; + } + } + + return DECLINED; +} + +module userdir_module = { + STANDARD_MODULE_STUFF, + NULL, /* initializer */ + NULL, /* dir config creater */ + NULL, /* dir merger --- default is to override */ + create_userdir_config, /* server config */ + NULL, /* merge server config */ + userdir_cmds, /* command table */ + NULL, /* handlers */ + translate_userdir, /* filename translation */ + NULL, /* check_user_id */ + NULL, /* check auth */ + NULL, /* check access */ + NULL, /* type_checker */ + NULL, /* fixups */ + NULL, /* logger */ + NULL, /* header parser */ + NULL, /* child_init */ + NULL, /* child_exit */ + NULL /* post read-request */ +}; |