[aadk-commits] kpfleming: uClinux/trunk r278 - /uClinux/trunk/uClinux-dist/user/mini_httpd/

aadk-commits at lists.digium.com aadk-commits at lists.digium.com
Thu Mar 29 11:46:29 MST 2007 

Author: kpfleming
Date: Thu Mar 29 13:46:28 2007
New Revision: 278

URL: http://svn.digium.com/view/aadk?view=rev&rev=278
Log:
remove authentication checking
fix up path checking to prepare for POST-to-file support

Modified:
    uClinux/trunk/uClinux-dist/user/mini_httpd/mini_httpd.c

Modified: uClinux/trunk/uClinux-dist/user/mini_httpd/mini_httpd.c
URL: http://svn.digium.com/view/aadk/uClinux/trunk/uClinux-dist/user/mini_httpd/mini_httpd.c?view=diff&rev=278&r1=277&r2=278
==============================================================================
--- uClinux/trunk/uClinux-dist/user/mini_httpd/mini_httpd.c (original)
+++ uClinux/trunk/uClinux-dist/user/mini_httpd/mini_httpd.c Thu Mar 29 13:46:28 2007
@@ -158,8 +158,6 @@
 static char** make_argp( void );
 static char** make_envp( void );
 static char* build_env( char* fmt, char* arg );
-static void auth_check( char* dirname );
-static void send_authenticate( char* realm );
 static char* virtual_file( char* file );
 static void send_error( int s, char* title, char* extra_header, char* text );
 static void send_error_body( int s, char* title, char* text );
@@ -749,18 +747,24 @@
     if ( vhost )
 	file = virtual_file( file );
 
-    if ( stat( file, &sb ) < 0 )
+    /* path must exist for GET or HEAD */
+    if ( (stat( file, &sb ) < 0) && (method != METHOD_POST) )
 	send_error( 404, "Not Found", (char*) 0, "File not found." );
+
     if ( ! S_ISDIR( sb.st_mode ) )
 	do_file();
-    else
-	{
-	char idx[10000];
+
+    /* can't POST to a directory path */
+    if (method == METHOD_POST)
+	    send_error( 400, "Bad Request", (char*) 0, "Not a writable path." );
+
+    
+    {
+	char idx[512];
 	if ( file[strlen(file) - 1] != '/' )
 	    {
-	    char location[10000];
-	    (void) snprintf( location, sizeof(location), "Location: %s/", path );
-	    send_error( 302, "Found", location, "Directories must end with a slash." );
+	    (void) snprintf( idx, sizeof(idx), "Location: %s/", path );
+	    send_error( 302, "Found", idx, "Directories must end with a slash." );
 	    }
 	(void) snprintf( idx, sizeof(idx), "%sindex.html", file );
 	if ( stat( idx, &sb ) >= 0 )
@@ -843,7 +847,6 @@
 	(void) strcpy( buf, "." );
     else
 	*cp = '\0';
-    auth_check( buf );
 
     /* Check if the filename is the AUTH_FILE itself - that's verboten. */
     if ( strcmp( file, AUTH_FILE ) == 0 ||
@@ -898,9 +901,6 @@
     char* contents;
     int contents_size, contents_len;
     FILE* fp;
-
-    /* Check authorization for this directory. */
-    auth_check( file );
 
     contents_size = 0;
     buflen = snprintf( buf, sizeof(buf),
@@ -1357,101 +1357,6 @@
 	exit( 1 );
 	}
     return cp;
-    }
-
-
-static void
-auth_check( char* dirname )
-    {
-    char authpath[10000];
-    struct stat sb;
-    char authinfo[500];
-    char* authpass;
-    static char line[10000];
-    int l;
-    FILE* fp;
-    char* cryp;
-
-    /* Construct auth filename. */
-    if ( dirname[strlen(dirname) - 1] == '/' )
-	(void) snprintf( authpath, sizeof(authpath), "%s%s", dirname, AUTH_FILE );
-    else
-	(void) snprintf( authpath, sizeof(authpath), "%s/%s", dirname, AUTH_FILE );
-
-    /* Does this directory have an auth file? */
-    if ( stat( authpath, &sb ) < 0 )
-	/* Nope, let the request go through. */
-	return;
-
-    /* Does this request contain authorization info? */
-    if ( authorization == (char*) 0 )
-	/* Nope, return a 401 Unauthorized. */
-	send_authenticate( dirname );
-
-    /* Basic authorization info? */
-    if ( strncmp( authorization, "Basic ", 6 ) != 0 )
-	send_authenticate( dirname );
-
-    /* Decode it. */
-    l = b64_decode( &(authorization[6]), authinfo, sizeof(authinfo) );
-    authinfo[l] = '\0';
-    /* Split into user and password. */
-    authpass = strchr( authinfo, ':' );
-    if ( authpass == (char*) 0 )
-	/* No colon?  Bogus auth info. */
-	send_authenticate( dirname );
-    *authpass++ = '\0';
-
-    /* Open the password file. */
-    fp = fopen( authpath, "r" );
-    if ( fp == (FILE*) 0 )
-	/* The file exists but we can't open it?  Disallow access. */
-	send_error( 403, "Forbidden", (char*) 0, "File is protected." );
-
-    /* Read it. */
-    while ( fgets( line, sizeof(line), fp ) != (char*) 0 )
-	{
-	/* Nuke newline. */
-	l = strlen( line );
-	if ( line[l - 1] == '\n' )
-	    line[l - 1] = '\0';
-	/* Split into user and encrypted password. */
-	cryp = strchr( line, ':' );
-	if ( cryp == (char*) 0 )
-	    continue;
-	*cryp++ = '\0';
-	/* Is this the right user? */
-	if ( strcmp( line, authinfo ) == 0 )
-	    {
-	    /* Yes. */
-	    (void) fclose( fp );
-	    /* So is the password right? */
-	    if ( strcmp( crypt( authpass, cryp ), cryp ) == 0 )
-		{
-		/* Ok! */
-		remoteuser = line;
-		return;
-		}
-	    else
-		/* No. */
-		send_authenticate( dirname );
-	    }
-	}
-
-    /* Didn't find that user.  Access denied. */
-    (void) fclose( fp );
-    send_authenticate( dirname );
-    }
-
-
-static void
-send_authenticate( char* realm )
-    {
-    char header[10000];
-
-    (void) snprintf(
-	header, sizeof(header), "WWW-Authenticate: Basic realm=\"%s\"", realm );
-    send_error( 401, "Unauthorized", header, "Authorization required." );
     }

More information about the aadk-commits mailing list