--- thttpd/libhttpd.c 2001/06/18 21:19:51 1.1.2.1 +++ thttpd/libhttpd.c 2001/07/08 08:22:33 1.1.4.6 @@ -157,8 +157,8 @@ static void cgi_interpose_input( httpd_conn* hc, int wfd ); static void post_post_garbage_hack( httpd_conn* hc ); static void cgi_interpose_output( httpd_conn* hc, int rfd ); -static void cgi_child( httpd_conn* hc, char* exefilename ); -static off_t cgi( httpd_conn* hc, char* exefilename ); +static void cgi_child( httpd_conn* hc ); +static off_t cgi( httpd_conn* hc ); static int really_start_request( httpd_conn* hc, struct timeval* nowP ); static void make_log_entry( httpd_conn* hc, struct timeval* nowP ); static int check_referer( httpd_conn* hc ); @@ -240,8 +240,6 @@ free( (void*) hs->binding_hostname ); if ( hs->cwd != (char*) 0 ) free( (void*) hs->cwd ); - if ( hs->autoindex_prog != (char*) 0 ) - free( (void*) hs->autoindex_prog ); if ( hs->cgi_pattern != (char*) 0 ) free( (void*) hs->cgi_pattern ); if ( hs->charset != (char*) 0 ) @@ -259,8 +257,7 @@ char* hostname, httpd_sockaddr* sa4P, httpd_sockaddr* sa6P, int port, char* cgi_pattern, char* charset, char* cwd, int no_log, FILE* logfp, int no_symlink, int vhost, int global_passwd, char* url_pattern, - char* local_pattern, int no_empty_referers, - char* autoindex_prog) + char* local_pattern, int no_empty_referers ) { httpd_server* hs; static char ghnbuf[256]; @@ -332,7 +329,6 @@ while ( ( cp = strstr( hs->cgi_pattern, "|/" ) ) != (char*) 0 ) (void) strcpy( cp + 1, cp + 2 ); } - hs->autoindex_prog = autoindex_prog ? strdup( autoindex_prog ) : 0; hs->charset = strdup( charset ); hs->cwd = strdup( cwd ); if ( hs->cwd == (char*) 0 ) @@ -826,6 +822,43 @@ #endif /* ERR_DIR */ } +void +httpd_send_err_blocked( httpd_conn* hc ) + { + char *protocol = hc->protocol; + +#ifdef ERR_DIR + char filename[1000]; +#endif + + hc->protocol = "HTTP/1.0"; + +#ifdef ERR_DIR + /* Try virtual host error page. */ + if ( hc->hs->vhost && hc->hostdir[0] != '\0' ) + { + (void) my_snprintf( filename, sizeof(filename), + "%s/%s/err403blocked.html", hc->hostdir, ERR_DIR ); + if ( send_err_file( hc, 403, err403title, "", filename ) ) + return; + } + + /* Try server-wide error page. */ + (void) my_snprintf( filename, sizeof(filename), + "%s/err403blocked.html", ERR_DIR ); + if ( send_err_file( hc, 403, err403title, "", filename ) ) + return; + + /* Fall back on built-in error page. */ + send_response( hc, 403, err403title, "", err403form, "" ); + +#else /* ERR_DIR */ + + send_response( hc, 403, err403title, "", err403form, "" ); + +#endif /* ERR_DIR */ + hc->protocol = protocol; + } #ifdef ERR_DIR static int @@ -1440,6 +1473,8 @@ restlen = strlen( path ); httpd_realloc_str( &rest, &maxrest, restlen ); (void) strcpy( rest, path ); + if ( rest[restlen - 1] == '/' ) + rest[--restlen] = '\0'; /* trim trailing slash */ if ( ! tildemapped ) /* Remove any leading slashes. */ while ( rest[0] == '/' ) @@ -3129,7 +3164,7 @@ /* CGI child process. */ static void -cgi_child( httpd_conn* hc, char* exefilename ) +cgi_child( httpd_conn* hc ) { int r; char** argp; @@ -3281,25 +3316,20 @@ ** to the program's own directory. This isn't in the CGI 1.1 ** spec, but it's what other HTTP servers do. */ - if (exefilename) - binary = exefilename; + directory = strdup( hc->expnfilename ); + if ( directory == (char*) 0 ) + binary = hc->expnfilename; /* ignore errors */ else - { - directory = strdup( exefilename ? exefilename : hc->expnfilename ); - if ( directory == (char*) 0 ) - binary = exefilename; /* ignore errors */ - else - { - binary = strrchr( directory, '/' ); - if ( binary == (char*) 0 ) - binary = exefilename; - else - { - *binary++ = '\0'; - (void) chdir( directory ); /* ignore errors */ - } - } - } + { + binary = strrchr( directory, '/' ); + if ( binary == (char*) 0 ) + binary = hc->expnfilename; + else + { + *binary++ = '\0'; + (void) chdir( directory ); /* ignore errors */ + } + } /* Default behavior for SIGPIPE. */ (void) signal( SIGPIPE, SIG_DFL ); @@ -3315,7 +3345,7 @@ static off_t -cgi( httpd_conn* hc, char* exefilename ) +cgi( httpd_conn* hc ) { int r; ClientData client_data; @@ -3333,7 +3363,7 @@ if ( r == 0 ) { unlisten( hc->hs ); - cgi_child( hc, exefilename ); + cgi_child( hc ); } /* Parent process. */ @@ -3473,7 +3503,7 @@ if ( ! check_referer( hc ) ) return -1; /* Ok, generate an index. */ - return hc->hs->autoindex_prog ? cgi( hc, hc->hs->autoindex_prog) : ls( hc ); + return ls( hc ); #else /* GENERATE_INDEXES */ syslog( LOG_INFO, "%.80s URL \"%.80s\" tried to index a directory", @@ -3566,7 +3596,7 @@ if ( hc->hs->cgi_pattern != (char*) 0 && ( hc->sb.st_mode & S_IXOTH ) && match( hc->hs->cgi_pattern, hc->expnfilename ) ) - return cgi( hc, 0 ); + return cgi( hc ); /* It's not CGI. If it's executable or there's pathinfo, someone's ** trying to either serve or run a non-CGI file as CGI. Either case @@ -3656,6 +3686,10 @@ if ( hc->hs->no_log ) return; + /* don't log UNKNOWN protocol requests (blocks etc..) */ + if ( hc->method == METHOD_UNKNOWN ) + return; + /* This is straight CERN Combined Log Format - the only tweak ** being that if we're using syslog() we leave out the date, because ** syslogd puts it in. The included syslogtocern script turns the