aboutsummaryrefslogtreecommitdiff
path: root/server_file.c
diff options
context:
space:
mode:
Diffstat (limited to 'server_file.c')
-rw-r--r--server_file.c28
1 files changed, 12 insertions, 16 deletions
diff --git a/server_file.c b/server_file.c
index c4814a0..a21c48c 100644
--- a/server_file.c
+++ b/server_file.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: server_file.c,v 1.13 2014/07/25 13:10:18 reyk Exp $ */
+/* $OpenBSD: server_file.c,v 1.14 2014/07/25 20:13:06 reyk Exp $ */
/*
* Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -54,7 +54,9 @@ int
server_file_access(struct http_descriptor *desc, char *path, size_t len,
struct stat *st)
{
+ char *newpath;
errno = 0;
+
if (access(path, R_OK) == -1) {
goto fail;
} else if (stat(path, st) == -1) {
@@ -70,13 +72,10 @@ server_file_access(struct http_descriptor *desc, char *path, size_t len,
/* Redirect to path with trailing "/" */
if (path[strlen(path) - 1] != '/') {
- /* Remove the document root to get the relative URL */
- if (canonicalize_path(NULL,
- desc->http_path, path, len) == NULL ||
- strlcat(path, "/", len) >= len) {
- errno = EINVAL;
- goto fail;
- }
+ if (asprintf(&newpath, "%s/", desc->http_path) == -1)
+ return (500);
+ free(desc->http_path);
+ desc->http_path = newpath;
/* Indicate that the file has been moved */
return (301);
@@ -99,10 +98,6 @@ server_file_access(struct http_descriptor *desc, char *path, size_t len,
return (0);
fail:
- /* Remove the document root */
- if (len && canonicalize_path(NULL, desc->http_path, path, len) == NULL)
- return (500);
-
switch (errno) {
case ENOENT:
return (404);
@@ -126,16 +121,17 @@ server_file(struct httpd *env, struct client *clt)
char path[MAXPATHLEN];
struct stat st;
- if (canonicalize_path(srv_conf->docroot,
- desc->http_path, path, sizeof(path)) == NULL) {
+ /* Request path is already canonicalized */
+ if ((size_t)snprintf(path, sizeof(path), "%s/%s",
+ srv_conf->docroot, desc->http_path) >= sizeof(path)) {
/* Do not echo the uncanonicalized path */
- server_abort_http(clt, 500, "invalid request path");
+ server_abort_http(clt, 500, desc->http_path);
return (-1);
}
/* Returns HTTP status code on error */
if ((ret = server_file_access(desc, path, sizeof(path), &st)) != 0) {
- server_abort_http(clt, ret, path);
+ server_abort_http(clt, ret, desc->http_path);
return (-1);
}
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion