tAdd nocgi flag support. - geomyidae - A small C-based gopherd. (gopher://bitreich.org/1/scm/geomyidae)

git clone git://r-36.net/geomyidae

Log

Files

Refs

README

LICENSE

---

commit 41351723302568be16bae736faecf9135fb612c3

parent ce4493bfe5e03be7d7366962600933b1178ebbfd

Author: Christoph Lohmann <20h@r-36.net>

Date:   Fri, 22 Jun 2018 17:09:40 +0200

Add nocgi flag support.

* Fix naming of error messages.
* Add better error, if some file is not found.
* Add hint for further handler implementations.

Thanks Solene, for the suggestion!

Diffstat:
  geomyidae.8                         |       4 ++++
  ind.c                               |       5 +++++
  main.c                              |      32 +++++++++++++++++++++++--------

3 files changed, 33 insertions(+), 8 deletions(-)
---

diff --git a/geomyidae.8 b/geomyidae.8

t@@ -15,6 +15,7 @@
 .Op Fl 6
 .Op Fl c
 .Op Fl d
+.Op Fl e
 .Op Fl n
 .Op Fl l Ar logfile
 .Op Fl v Ar loglevel
t@@ -99,6 +100,9 @@ directory (by default off).
 Don't fork into background. If no log file is given, this implies logging to
 the standard output.
 .
+.It Fl e
+Disable execution of any CGI or DCGI script.
+.
 .It Fl n
 Don't perform reverse lookups.
 .

diff --git a/ind.c b/ind.c

t@@ -30,6 +30,11 @@
 #include "ind.h"
 #include "handlr.h"
 
+/*
+ * Be careful, to look at handlerequest(), in case you add any executing
+ * handler, so nocgi will be valuable.
+ */
+
 filetype type[] = {
         {"default", "9", handlebin},
         {"gph", "1", handlegph},

diff --git a/main.c b/main.c

t@@ -47,8 +47,11 @@ char *argv0;
 char *stdbase = "/var/gopher";
 char *stdport = "70";
 char *indexf[] = {"/index.gph", "/index.cgi", "/index.dcgi", "/index.bin"};
-char *err = "3Sorry, but the requested token '%s' could not be found.\tErr"
-            "\tlocalhost\t70\r\n.\r\n\r\n";
+char *nocgierr = "3Sorry, execution of the token '%s' was requested, but this "
+            "is disabled in the server configuration.\tErr"
+            "\tlocalhost\t70\r\n";
+char *notfounderr = "3Sorry, but the requested token '%s' could not be found.\tErr"
+            "\tlocalhost\t70\r\n";
 char *htredir = "\n"
                 "\n"
t@@ -110,7 +113,7 @@ logentry(char *host, char *port, char *qry, char *status)
 
 void
 handlerequest(int sock, char *base, char *ohost, char *port, char *clienth,
-                        char *clientp)
+                        char *clientp, int nocgi)
 {
         struct stat dir;
         char recvc[1025], recvb[1025], path[1025], *args, *sear, *c;
t@@ -203,6 +206,7 @@ handlerequest(int sock, char *base, char *ohost, char *port, char *clienth,
         } else {
                 fd = open(path, O_RDONLY);
                 if (fd < 0) {
+                        dprintf(sock, notfounderr, recvc);
                         if (loglvl & ERRORS)
                                 logentry(clienth, clientp, recvc, strerror(errno));
                         return;
t@@ -218,7 +222,14 @@ handlerequest(int sock, char *base, char *ohost, char *port, char *clienth,
                 if (c == nil)
                         c = path;
                 type = gettype(c);
-                type->f(sock, path, port, base, args, sear, ohost, clienth);
+                if (nocgi && (type->f == handledcgi || type->f == handlecgi)) {
+                        dprintf(sock, nocgierr, recvc);
+                        if (loglvl & ERRORS)
+                                logentry(clienth, clientp, recvc, "nocgi error");
+                } else {
+                        type->f(sock, path, port, base, args, sear, ohost,
+                                clienth);
+                }
         } else {
                 if (S_ISDIR(dir.st_mode)) {
                         handledir(sock, path, port, base, args, sear, ohost,
t@@ -230,7 +241,7 @@ handlerequest(int sock, char *base, char *ohost, char *port, char *clienth,
                         return;
                 }
 
-                dprintf(sock, err, recvc);
+                dprintf(sock, notfounderr, recvc);
                 if (loglvl & ERRORS)
                         logentry(clienth, clientp, recvc, "not found");
         }
t@@ -334,7 +345,7 @@ getlistenfd(struct addrinfo *hints, char *bindip, char *port)
 void
 usage(void)
 {
-        dprintf(2, "usage: %s [-4] [-6] [-c] [-d] [-n] [-l logfile] "
+        dprintf(2, "usage: %s [-46cden] [-l logfile] "
                    "[-v loglvl] [-b base] [-p port] [-o sport] "
                    "[-u user] [-g group] [-h host] [-i IP]\n",
                    argv0);
t@@ -347,7 +358,7 @@ main(int argc, char *argv[])
         struct addrinfo hints;
         struct sockaddr_storage clt;
         socklen_t cltlen;
-        int sock, dofork, v4, v6, usechroot = 0;
+        int sock, dofork, v4, v6, usechroot, nocgi;
         char *port, *base, clienth[NI_MAXHOST], clientp[NI_MAXSERV];
         char *user, *group, *bindip, *ohost, *sport;
         struct passwd *us;
t@@ -365,6 +376,8 @@ main(int argc, char *argv[])
         sport = port;
         v4 = 1;
         v6 = 1;
+        usechroot = 0;
+        nocgi = 0;
 
         ARGBEGIN {
         case '4':
t@@ -388,6 +401,9 @@ main(int argc, char *argv[])
         case 'd':
                 dofork = 0;
                 break;
+        case 'e':
+                nocgi = 1;
+                break;
         case 'v':
                 loglvl = atoi(EARGF(usage()));
                 break;
t@@ -560,7 +576,7 @@ main(int argc, char *argv[])
                         signal(SIGALRM, SIG_DFL);
 
                         handlerequest(sock, base, ohost, sport, clienth,
-                                                clientp);
+                                                clientp, nocgi);
 
                         waitforpendingbytes(sock);