1 1.16 mrg /* $NetBSD: tilde-luzah-bozo.c,v 1.16 2018/11/22 08:54:08 mrg Exp $ */ 2 1.2 tls 3 1.9 mrg /* $eterna: tilde-luzah-bozo.c,v 1.16 2011/11/18 09:21:15 mrg Exp $ */ 4 1.1 tls 5 1.1 tls /* 6 1.15 mrg * Copyright (c) 1997-2018 Matthew R. Green 7 1.1 tls * All rights reserved. 8 1.1 tls * 9 1.1 tls * Redistribution and use in source and binary forms, with or without 10 1.1 tls * modification, are permitted provided that the following conditions 11 1.1 tls * are met: 12 1.1 tls * 1. Redistributions of source code must retain the above copyright 13 1.1 tls * notice, this list of conditions and the following disclaimer. 14 1.1 tls * 2. Redistributions in binary form must reproduce the above copyright 15 1.1 tls * notice, this list of conditions and the following disclaimer and 16 1.1 tls * dedication in the documentation and/or other materials provided 17 1.1 tls * with the distribution. 18 1.1 tls * 19 1.1 tls * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 1.1 tls * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 1.1 tls * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 1.1 tls * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 1.1 tls * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 1.1 tls * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 1.1 tls * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 1.1 tls * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 1.1 tls * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 1.1 tls * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 1.1 tls * SUCH DAMAGE. 30 1.1 tls * 31 1.1 tls */ 32 1.1 tls 33 1.1 tls /* this code implements ~user support for bozohttpd */ 34 1.1 tls 35 1.1 tls #ifndef NO_USER_SUPPORT 36 1.1 tls 37 1.1 tls #include <sys/param.h> 38 1.1 tls 39 1.11 shm #include <assert.h> 40 1.1 tls #include <errno.h> 41 1.1 tls #include <pwd.h> 42 1.5 mrg #include <stdlib.h> 43 1.1 tls #include <string.h> 44 1.1 tls #include <unistd.h> 45 1.1 tls 46 1.1 tls #include "bozohttpd.h" 47 1.1 tls 48 1.1 tls /* 49 1.6 mrg * bozo_user_transform does this: 50 1.1 tls * - chdir's /~user/public_html 51 1.1 tls * - returns the rest of the file, index.html appended if required 52 1.5 mrg * - returned malloced file to serve in request->hr_file, 53 1.5 mrg * ala transform_request(). 54 1.1 tls * 55 1.1 tls * transform_request() is supposed to check that we have user support 56 1.16 mrg * enabled. returns 0 if handled/error, 1 if continue. 57 1.1 tls */ 58 1.5 mrg int 59 1.12 shm bozo_user_transform(bozo_httpreq_t *request) 60 1.1 tls { 61 1.6 mrg bozohttpd_t *httpd = request->hr_httpd; 62 1.12 shm char *s, *file = NULL, *user; 63 1.1 tls struct passwd *pw; 64 1.1 tls 65 1.11 shm /* find username */ 66 1.12 shm user = strchr(request->hr_file + 1, '~'); 67 1.11 shm 68 1.11 shm /* this shouldn't happen, but "better paranoid than sorry" */ 69 1.11 shm assert(user != NULL); 70 1.11 shm 71 1.11 shm user++; 72 1.11 shm 73 1.11 shm if ((s = strchr(user, '/')) != NULL) { 74 1.1 tls *s++ = '\0'; 75 1.1 tls } 76 1.1 tls 77 1.6 mrg debug((httpd, DEBUG_OBESE, "looking for user %s", 78 1.11 shm user)); 79 1.11 shm pw = getpwnam(user); 80 1.13 mrg request->hr_user = bozostrdup(httpd, request, user); 81 1.12 shm 82 1.1 tls /* fix this up immediately */ 83 1.12 shm if (s) { 84 1.1 tls s[-1] = '/'; 85 1.12 shm /* omit additional slashes at the beginning */ 86 1.12 shm while (*s == '/') 87 1.12 shm s++; 88 1.12 shm } 89 1.12 shm 90 1.5 mrg if (pw == NULL) { 91 1.12 shm free(request->hr_user); 92 1.12 shm request->hr_user = NULL; 93 1.16 mrg bozo_http_error(httpd, 404, request, "no such user"); 94 1.5 mrg return 0; 95 1.5 mrg } 96 1.1 tls 97 1.8 mrg debug((httpd, DEBUG_OBESE, "user %s dir %s/%s uid %d gid %d", 98 1.8 mrg pw->pw_name, pw->pw_dir, httpd->public_html, 99 1.8 mrg pw->pw_uid, pw->pw_gid)); 100 1.1 tls 101 1.1 tls if (chdir(pw->pw_dir) < 0) { 102 1.14 mrg bozowarn(httpd, "chdir1 error: %s: %s", pw->pw_dir, 103 1.6 mrg strerror(errno)); 104 1.16 mrg bozo_http_error(httpd, 404, request, "can't chdir to homedir"); 105 1.5 mrg return 0; 106 1.1 tls } 107 1.6 mrg if (chdir(httpd->public_html) < 0) { 108 1.14 mrg bozowarn(httpd, "chdir2 error: %s: %s", httpd->public_html, 109 1.6 mrg strerror(errno)); 110 1.16 mrg bozo_http_error(httpd, 404, request, 111 1.16 mrg "can't chdir to public_html"); 112 1.5 mrg return 0; 113 1.1 tls } 114 1.1 tls if (s == NULL || *s == '\0') { 115 1.13 mrg file = bozostrdup(httpd, request, "/"); 116 1.1 tls } else { 117 1.12 shm file = bozomalloc(httpd, strlen(s) + 2); 118 1.12 shm strcpy(file, "/"); 119 1.12 shm strcat(file, s); 120 1.5 mrg } 121 1.1 tls 122 1.5 mrg free(request->hr_file); 123 1.5 mrg request->hr_file = file; 124 1.1 tls 125 1.6 mrg debug((httpd, DEBUG_FAT, "transform_user returning %s under %s", file, 126 1.1 tls pw->pw_dir)); 127 1.5 mrg return 1; 128 1.1 tls } 129 1.1 tls #endif /* NO_USER_SUPPORT */ 130
Indexes created Fri Sep 26 08:10:20 GMT 2025