Browse Source

don't try to guess, do a read check if we can open it.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@682 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.6
Jan Kneschke 17 years ago
parent
commit
603d6ace1d
  1. 18
      src/response.c
  2. 12
      src/stat_cache.c

18
src/response.c

@ -414,24 +414,6 @@ handler_t http_response_prepare(server *srv, connection *con) {
}
/* can we read the file ? */
if (!(sce->st.st_mode & S_IROTH) &&
!(srv->gid == sce->st.st_gid &&
sce->st.st_mode & S_IRGRP) &&
!(srv->uid == sce->st.st_uid &&
sce->st.st_mode & S_IRUSR)) {
con->http_status = 403;
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
buffer_reset(con->physical.path);
return HANDLER_FINISHED;
}
} else {
switch (errno) {
case EACCES:

12
src/stat_cache.c

@ -420,10 +420,20 @@ handler_t stat_cache_get_entry(server *srv, connection *con, buffer *name, stat_
/* stat() failed, ENOENT, ... and so on */
return HANDLER_ERROR;
}
if (S_ISREG(st.st_mode) || S_ISDIR(st.st_mode)) {
size_t k;
if (S_ISREG(st.st_mode)) {
int fd;
/* see if we can open the file for reading */
if (-1 == (fd = open(name->ptr, O_RDONLY))) {
return HANDLER_ERROR;
}
close(fd);
}
if (NULL == sce) {
int osize = 0;

Loading…
Cancel
Save