Browse Source

don't set a global uri-prefix and added checks (fixes #235)

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@641 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.2
Jan Kneschke 17 years ago
parent
commit
7d4f64c476
  1. 10
      src/mod_secure_download.c
  2. 9
      tests/lighttpd.conf
  3. 30
      tests/mod-secdownload.t

10
src/mod_secure_download.c

@ -115,13 +115,7 @@ SETDEFAULTS_FUNC(mod_secdownload_set_defaults) {
s->secret = buffer_init();
s->doc_root = buffer_init();
s->uri_prefix = buffer_init();
s->timeout = 0;
/* set global default */
if (i == 0) {
s->timeout = 60;
buffer_copy_string(s->uri_prefix, "/");
}
s->timeout = 60;
cv[0].destination = s->secret;
cv[1].destination = s->doc_root;
@ -214,6 +208,8 @@ URIHANDLER_FUNC(mod_secdownload_uri_handler) {
if (con->uri.path->used == 0) return HANDLER_GO_ON;
mod_secdownload_patch_connection(srv, con, p);
if (buffer_is_empty(p->conf.uri_prefix)) return HANDLER_GO_ON;
if (buffer_is_empty(p->conf.secret)) {
log_error_write(srv, __FILE__, __LINE__, "s",

9
tests/lighttpd.conf

@ -65,11 +65,6 @@ mimetype.assign = ( ".png" => "image/png",
compress.cache-dir = "@SRCDIR@/tmp/lighttpd/cache/compress/"
compress.filetype = ("text/plain", "text/html")
secdownload.secret = "verysecret"
secdownload.document-root = "/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.uri-prefix = "/sec/"
secdownload.timeout = 120
setenv.add-environment = ( "TRAC_ENV" => "foo")
setenv.add-request-header = ( "FOO" => "foo")
setenv.add-response-header = ( "BAR" => "foo")
@ -137,6 +132,10 @@ status.config-url = "/server-config"
$HTTP["host"] == "vvv.example.org" {
server.document-root = "@SRCDIR@/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.secret = "verysecret"
secdownload.document-root = "/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.uri-prefix = "/sec/"
secdownload.timeout = 120
}
$HTTP["host"] == "zzz.example.org" {

30
tests/mod-secdownload.t

@ -8,7 +8,7 @@ BEGIN {
use strict;
use IO::Socket;
use Test::More tests => 5;
use Test::More tests => 7;
use LightyTest;
use Digest::MD5 qw(md5_hex);
@ -22,10 +22,9 @@ my $f = "/index.html";
my $thex = sprintf("%08x", time);
my $m = md5_hex($secret.$f.$thex);
# mod-cgi
#
$t->{REQUEST} = ( <<EOF
GET /sec/$m/$thex$f HTTP/1.0
Host: vvv.example.org
EOF
);
$t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } );
@ -35,24 +34,41 @@ ok($tf->handle_http($t) == 0, 'secdownload');
$thex = sprintf("%08x", time - 1800);
$m = md5_hex($secret.$f.$thex);
# mod-cgi
#
$t->{REQUEST} = ( <<EOF
GET /sec/$m/$thex$f HTTP/1.0
Host: vvv.example.org
EOF
);
$t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 408 } );
ok($tf->handle_http($t) == 0, 'secdownload - timeout');
$t->{REQUEST} = ( <<EOF
GET /sec$f HTTP/1.0
Host: vvv.example.org
EOF
);
$t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } );
ok($tf->handle_http($t) == 0, 'secdownload - direct access');
$t->{REQUEST} = ( <<EOF
GET $f HTTP/1.0
Host: www.example.org
EOF
);
$t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } );
ok($tf->handle_http($t) == 0, 'secdownload - conditional access');
$f = "/noexists";
$thex = sprintf("%08x", time);
$m = md5_hex($secret.$f.$thex);
# mod-cgi
#
$t->{REQUEST} = ( <<EOF
GET /sec/$m/$thex$f HTTP/1.0
Host: vvv.example.org
EOF
);
$t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } );

Loading…
Cancel
Save