Lines 111-116
Link Here
|
111 |
} |
111 |
} |
112 |
#undef PATCH |
112 |
#undef PATCH |
113 |
|
113 |
|
|
|
114 |
/** |
115 |
* URI handler |
116 |
* |
117 |
* we will get called twice: |
118 |
* - after the clean up of the URL and |
119 |
* - after the pathinfo checks are done |
120 |
* |
121 |
* this handles the issue of trailing slashes |
122 |
*/ |
114 |
URIHANDLER_FUNC(mod_access_uri_handler) { |
123 |
URIHANDLER_FUNC(mod_access_uri_handler) { |
115 |
plugin_data *p = p_d; |
124 |
plugin_data *p = p_d; |
116 |
int s_len; |
125 |
int s_len; |
Lines 122-149
Link Here
|
122 |
|
131 |
|
123 |
s_len = con->uri.path->used - 1; |
132 |
s_len = con->uri.path->used - 1; |
124 |
|
133 |
|
|
|
134 |
if (con->conf.log_request_handling) { |
135 |
log_error_write(srv, __FILE__, __LINE__, "s", |
136 |
"-- mod_access_uri_handler called"); |
137 |
} |
138 |
|
125 |
for (k = 0; k < p->conf.access_deny->used; k++) { |
139 |
for (k = 0; k < p->conf.access_deny->used; k++) { |
126 |
data_string *ds = (data_string *)p->conf.access_deny->data[k]; |
140 |
data_string *ds = (data_string *)p->conf.access_deny->data[k]; |
127 |
int ct_len = ds->value->used - 1; |
141 |
int ct_len = ds->value->used - 1; |
|
|
142 |
int denied = 0; |
128 |
|
143 |
|
|
|
144 |
|
129 |
if (ct_len > s_len) continue; |
145 |
if (ct_len > s_len) continue; |
130 |
|
|
|
131 |
if (ds->value->used == 0) continue; |
146 |
if (ds->value->used == 0) continue; |
132 |
|
147 |
|
133 |
/* if we have a case-insensitive FS we have to lower-case the URI here too */ |
148 |
/* if we have a case-insensitive FS we have to lower-case the URI here too */ |
134 |
|
149 |
|
135 |
if (con->conf.force_lowercase_filenames) { |
150 |
if (con->conf.force_lowercase_filenames) { |
136 |
if (0 == strncasecmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) { |
151 |
if (0 == strncasecmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) { |
137 |
con->http_status = 403; |
152 |
denied = 1; |
138 |
|
|
|
139 |
return HANDLER_FINISHED; |
140 |
} |
153 |
} |
141 |
} else { |
154 |
} else { |
142 |
if (0 == strncmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) { |
155 |
if (0 == strncmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) { |
143 |
con->http_status = 403; |
156 |
denied = 1; |
|
|
157 |
} |
158 |
} |
144 |
|
159 |
|
145 |
return HANDLER_FINISHED; |
160 |
if (denied) { |
|
|
161 |
con->http_status = 403; |
162 |
|
163 |
if (con->conf.log_request_handling) { |
164 |
log_error_write(srv, __FILE__, __LINE__, "sb", |
165 |
"url denied as we match:", ds->value); |
146 |
} |
166 |
} |
|
|
167 |
|
168 |
return HANDLER_FINISHED; |
147 |
} |
169 |
} |
148 |
} |
170 |
} |
149 |
|
171 |
|
Lines 158-164
Link Here
|
158 |
|
180 |
|
159 |
p->init = mod_access_init; |
181 |
p->init = mod_access_init; |
160 |
p->set_defaults = mod_access_set_defaults; |
182 |
p->set_defaults = mod_access_set_defaults; |
161 |
p->handle_uri_clean = mod_access_uri_handler; |
183 |
p->handle_uri_clean = mod_access_uri_handler; |
|
|
184 |
p->handle_subrequest_start = mod_access_uri_handler; |
162 |
p->cleanup = mod_access_free; |
185 |
p->cleanup = mod_access_free; |
163 |
|
186 |
|
164 |
p->data = NULL; |
187 |
p->data = NULL; |