[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[myserver-commit] [SCM] GNU MyServer branch, master, updated. 0_9_2-202-
|
From: |
Giuseppe Scrivano |
|
Subject: |
[myserver-commit] [SCM] GNU MyServer branch, master, updated. 0_9_2-202-g4e59d27 |
|
Date: |
Wed, 28 Apr 2010 23:11:37 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU MyServer".
The branch, master has been updated
via 4e59d2772ef1687ae184a1f5179679882af45bda (commit)
via 88fd12d5e199b803b1264bf245284ed606080d45 (commit)
via cf2936ece5fb9b9f0dc6f9d1b7f7f6c439efc9ad (commit)
via 6f0a48c0ad4e070e7bf4cbdcebcbe71c74225cb5 (commit)
via 8835c592264ae90296b4cc793c6f3be342f60dfc (commit)
from da4c4695dacdc94e22a3f21e3abd946cbac15f6e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4e59d2772ef1687ae184a1f5179679882af45bda
Author: Giuseppe Scrivano <address@hidden>
Date: Thu Apr 29 01:09:35 2010 +0200
HTTP checks if the file a symlink after it has been opened
Same rationale as commit 88fd12d5e199b803b1264bf245284ed606080d45
diff --git a/myserver/src/http_handler/http_file/http_file.cpp
b/myserver/src/http_handler/http_file/http_file.cpp
index 310b74d..8018654 100644
--- a/myserver/src/http_handler/http_file/http_file.cpp
+++ b/myserver/src/http_handler/http_file/http_file.cpp
@@ -37,6 +37,17 @@ using namespace std;
#endif
+/* FIXME: move somewhere else, duplicated in ftp.cpp. */
+static bool
+areSymlinkAllowed (HttpThreadContext *td)
+{
+ const char *perm = td->securityToken.getData ("symlinks.follow",
+ MYSERVER_VHOST_CONF
+ | MYSERVER_SERVER_CONF,
+ "NO");
+ return strcasecmp (perm, "YES") == 0;
+}
+
/*!
Main function to handle the HTTP PUT command.
*/
@@ -57,8 +68,9 @@ int HttpFile::putFile (HttpThreadContext* td, string&
filename)
File file;
try
{
+ int symFlags = areSymlinkAllowed (td) ? 0 :
File::NO_FOLLOW_SYMLINK;
file.openFile (td->filenamePath.c_str (), File::OPEN_IF_EXISTS
- | File::WRITE);
+ | File::WRITE | symFlags);
}
catch (exception & e)
{
@@ -108,8 +120,9 @@ int HttpFile::putFile (HttpThreadContext* td, string&
filename)
File file;
try
{
+ int symFlags = areSymlinkAllowed (td) ? 0 :
File::NO_FOLLOW_SYMLINK;
file.openFile (td->filenamePath.c_str (), File::FILE_CREATE_ALWAYS
- | File::WRITE);
+ | File::WRITE | symFlags);
}
catch (exception & e)
{
@@ -272,7 +285,9 @@ int HttpFile::send (HttpThreadContext* td, const char
*filenamePath,
try
{
- file = Server::getInstance ()->getCachedFiles ()->open
(filenamePath);
+ int symFlags = areSymlinkAllowed (td) ? 0 : File::NO_FOLLOW_SYMLINK;
+ file = Server::getInstance ()->getCachedFiles ()->open (filenamePath,
+ symFlags);
if (! file)
return td->http->raiseHTTPError (500);
}
diff --git a/myserver/src/protocol/http/http.cpp
b/myserver/src/protocol/http/http.cpp
index 22799cb..5551af4 100644
--- a/myserver/src/protocol/http/http.cpp
+++ b/myserver/src/protocol/http/http.cpp
@@ -295,15 +295,6 @@ int Http::getFilePermissions (string& filename, string&
directory, string& file,
bool isDirectory = false;
try
{
- if (FilesUtility::isLink (td->filenamePath.c_str ()))
- {
- const char *perm = td->securityToken.getData ("symlinks.follow",
- MYSERVER_VHOST_CONF | MYSERVER_SERVER_CONF,
"NO");
-
- if (!perm || strcasecmp (perm, "YES"))
- return 401;
- }
-
isDirectory = FilesUtility::isDirectory (filenamePath.c_str ());
}
catch (FileNotFoundException & e)
commit 88fd12d5e199b803b1264bf245284ed606080d45
Author: Giuseppe Scrivano <address@hidden>
Date: Thu Apr 29 00:59:02 2010 +0200
FTP checks if the file a symlink while it is opened
Fix a race condition that a symlink could be opened even in the case
symlinks following is disabled.
diff --git a/myserver/include/protocol/ftp/ftp.h
b/myserver/include/protocol/ftp/ftp.h
index 9bc982e..631e65e 100644
--- a/myserver/include/protocol/ftp/ftp.h
+++ b/myserver/include/protocol/ftp/ftp.h
@@ -98,7 +98,7 @@ struct FtpThreadContext
SecurityToken st;
};
-class Ftp:public Protocol
+class Ftp : public Protocol
{
public:
Ftp ();
@@ -197,6 +197,7 @@ public:
std::string m_sFilePath;
bool m_bappend;
Ftp *m_pFtp;
+ SecurityToken *st;
};
int getFtpReply (int nReplyCode, std::string & sReply);
@@ -209,7 +210,7 @@ void yyerror (YYLTYPE * pLoc, Ftp * pContext, const char
*msg);
/*!
*Adapter class to make Ftp reentrant.
*/
-class FtpProtocol:public Protocol
+class FtpProtocol : public Protocol
{
public:
FtpProtocol ()
diff --git a/myserver/src/protocol/ftp/ftp.cpp
b/myserver/src/protocol/ftp/ftp.cpp
index 28373f8..59c23b3 100644
--- a/myserver/src/protocol/ftp/ftp.cpp
+++ b/myserver/src/protocol/ftp/ftp.cpp
@@ -47,6 +47,19 @@ static DEFINE_THREAD (SendImageFile, pParam);
static DEFINE_THREAD (ReceiveAsciiFile, pParam);
static DEFINE_THREAD (ReceiveImageFile, pParam);
+
+/* FIXME: move somewhere else, duplicated in http_file.cpp. */
+static bool
+areSymlinkAllowed (SecurityToken *st)
+{
+ const char *perm = st->getData ("symlinks.follow",
+ MYSERVER_VHOST_CONF
+ | MYSERVER_SERVER_CONF,
+ "NO");
+ return strcasecmp (perm, "YES") == 0;
+}
+
+
void setFtpHost (FtpHost & out, const FtpHost & in)
{
out.h1 = in.h1;
@@ -614,6 +627,7 @@ void Ftp::retrstor (bool bretr, bool bappend, const
std::string & sPath)
pData->m_bappend = bappend || pFtpuserData->m_nrestartOffset > 0;
pData->m_sFilePath = sLocalPath;
pData->m_pFtp = this;
+ pData->st = &td.st;
pFtpuserData->m_sCurrentFileName = "";
pFtpuserData->m_nFileSize = 0;
@@ -721,9 +735,11 @@ DEFINE_THREAD (SendAsciiFile, pParam)
#endif
}
+ int symFlags = areSymlinkAllowed (pWt->st) ? 0
+ : File::NO_FOLLOW_SYMLINK;
file =
Server::getInstance ()->getCachedFiles ()->open (pWt->m_sFilePath.
- c_str ());
+ c_str (), symFlags);
if (file == NULL)
{
ftpReply (pConnection, 451);
@@ -959,9 +975,11 @@ DEFINE_THREAD (SendImageFile, pParam)
#endif
}
+ int symFlags = areSymlinkAllowed (pWt->st) ? 0
+ : File::NO_FOLLOW_SYMLINK;
file =
Server::getInstance ()->getCachedFiles ()->open (pWt->m_sFilePath.
- c_str ());
+ c_str (), symFlags);
if (file == NULL)
{
ftpReply (pConnection, 451);
@@ -1151,6 +1169,8 @@ DEFINE_THREAD (ReceiveAsciiFile, pParam)
flags = File::APPEND | File::WRITE;
else
flags = File::FILE_CREATE_ALWAYS | File::WRITE;
+ flags |= areSymlinkAllowed (pWt->st) ? 0 : File::NO_FOLLOW_SYMLINK;
+
if (file.openFile (pWt->m_sFilePath.c_str (), flags))
{
ftpReply (pConnection, 451);
@@ -1349,6 +1369,8 @@ DEFINE_THREAD (ReceiveImageFile, pParam)
flags = File::APPEND | File::WRITE;
else
flags = File::FILE_CREATE_ALWAYS | File::WRITE;
+ flags |= areSymlinkAllowed (pWt->st) ? 0 : File::NO_FOLLOW_SYMLINK;
+
if (file.openFile (pWt->m_sFilePath.c_str (), flags))
{
ftpReply (pConnection, 451);
@@ -2500,7 +2522,9 @@ void Ftp::size (const std::string & sPath)
}
File f;
- if (f.openFile (sLocalPath.c_str (), File::OPEN_IF_EXISTS | File::READ))
+ int flags = File::OPEN_IF_EXISTS | File::READ;
+ flags |= areSymlinkAllowed (&td.st) ? 0 : File::NO_FOLLOW_SYMLINK;
+ if (f.openFile (sLocalPath.c_str (), flags))
{
ftpReply (550);
return;
commit cf2936ece5fb9b9f0dc6f9d1b7f7f6c439efc9ad
Author: Giuseppe Scrivano <address@hidden>
Date: Thu Apr 29 00:52:55 2010 +0200
Now `CachedFileFactory::open' accepts a new `flags' parameter
diff --git a/myserver/include/base/files_cache/cached_file_factory.h
b/myserver/include/base/files_cache/cached_file_factory.h
index fe1ce94..f012a62 100644
--- a/myserver/include/base/files_cache/cached_file_factory.h
+++ b/myserver/include/base/files_cache/cached_file_factory.h
@@ -30,6 +30,8 @@
# include <string>
# include <list>
+# include <sys/stat.h>
+
using namespace std;
class CachedFileFactory
@@ -45,7 +47,7 @@ public:
u_long getUsedSize (){return usedSize;}
u_long getUsed (){return used;}
- File *open (const char* file);
+ File *open (const char* file, int flags = 0);
void nullReferences (CachedFileBuffer* cfb);
void setMaxSize (u_long maxSize);
@@ -78,7 +80,8 @@ protected:
struct CachedFileFactoryRecord
{
- CachedFileBuffer* buffer;
+ struct stat fstat;
+
/*! Number of times the cache record was used. */
u_long used;
@@ -93,6 +96,8 @@ protected:
/*! This entry is not valid and will be removed when refCount = 0. */
bool invalidCache;
+
+ CachedFileBuffer* buffer;
};
list<CachedFileFactoryRecord*> buffersToRemove;
diff --git a/myserver/src/base/files_cache/cached_file_factory.cpp
b/myserver/src/base/files_cache/cached_file_factory.cpp
index 2ea785e..4b85055 100644
--- a/myserver/src/base/files_cache/cached_file_factory.cpp
+++ b/myserver/src/base/files_cache/cached_file_factory.cpp
@@ -129,11 +129,13 @@ void CachedFileFactory::initialize (u_long size)
}
/*!
- *Open a new file in read-only mode, if the file is present in the cache then
- *use the cache instead of a real file.
- *\param filename The file name.
- */
-File* CachedFileFactory::open (const char* filename)
+ Open a new file in read-only mode, if the file is present in the cache then
+ use the cache instead of a real file.
+ \param filename The file name.
+ \param flags Additional flags, actually only File::NO_FOLLOW_SYMLINK is
+ supported.
+*/
+File* CachedFileFactory::open (const char* filename, int flags)
{
CachedFileFactoryRecord *record;
CachedFileBuffer *buffer;
@@ -144,34 +146,33 @@ File* CachedFileFactory::open (const char* filename)
try
{
-
- ticks = getTicks ();
record = buffers.get (filename);
buffer = record ? record->buffer : 0;
used++;
- /*!
- * If the file on the file system has a different mtime then don't use
- * the cache, in this way when opened instance of this file will be
closed
- * the null reference callback can be called and the file reloaded.
- */
+ /*
+ If the file on the file system has a different mtime then don't use
+ the cache, in this way when opened instance of this file will be closed
+ the null reference callback can be called and the file reloaded.
+ */
if (record)
{
- if (ticks - record->lastModTimeCheck > MYSERVER_SEC (5))
- {
- record->invalidCache = FilesUtility::getLastModTime (filename)
- != record->mtime;
- record->lastModTimeCheck = ticks;
- }
+ record->invalidCache = FilesUtility::getLastModTime (filename)
+ != record->mtime;
+ record->lastModTimeCheck = ticks;
+
+ bool noSymlink = (! (flags & File::NO_FOLLOW_SYMLINK))
+ && S_ISLNK (record->fstat.st_mode);
- if (record->invalidCache)
+ if (record->invalidCache || noSymlink)
{
mutex.unlock ();
File *file = new File ();
- if (file->openFile (filename, File::OPEN_IF_EXISTS |
- File::READ))
+ flags = flags & File::NO_FOLLOW_SYMLINK;
+ if (file->openFile (filename, File::OPEN_IF_EXISTS | flags
+ | File::READ))
{
delete file;
return NULL;
@@ -184,7 +185,9 @@ File* CachedFileFactory::open (const char* filename)
{
u_long fileSize;
File *file = new File ();
- if (file->openFile (filename, File::OPEN_IF_EXISTS | File::READ))
+ flags = flags & File::NO_FOLLOW_SYMLINK;
+ if (file->openFile (filename, File::OPEN_IF_EXISTS | flags
+ | File::READ))
{
mutex.unlock ();
delete file;
@@ -202,30 +205,16 @@ File* CachedFileFactory::open (const char* filename)
else
{
record = new CachedFileFactoryRecord ();
- if (!record)
- {
- delete record;
- file->close ();
- delete file;
- mutex.unlock ();
- return 0;
- }
-
buffer = new CachedFileBuffer (file);
record->mtime = file->getLastModTime ();
+ file->fstat (&record->fstat);
file->close ();
delete file;
- if (!buffer)
- {
- delete record;
- mutex.unlock ();
- return 0;
- }
buffer->setFactoryToNotify (this);
record->created = ticks;
record->buffer = buffer;
- buffers.put ((char *)filename, record);
+ buffers.put ((char *) filename, record);
usedSize += fileSize;
}
}
commit 6f0a48c0ad4e070e7bf4cbdcebcbe71c74225cb5
Author: Giuseppe Scrivano <address@hidden>
Date: Thu Apr 29 00:51:30 2010 +0200
Add new `fstat' method to the `File' class
diff --git a/myserver/include/base/file/file.h
b/myserver/include/base/file/file.h
index 1f5668c..df77f65 100644
--- a/myserver/include/base/file/file.h
+++ b/myserver/include/base/file/file.h
@@ -23,9 +23,9 @@
# include "myserver.h"
# include <include/filter/stream.h>
# include <string>
-
# include <include/base/socket/socket.h>
# include <include/base/mem_buff/mem_buff.h>
+# include <sys/stat.h>
using namespace std;
@@ -81,6 +81,8 @@ public:
int truncate (u_long size = 0);
+ void fstat (struct stat *fstat);
+
/*! Get the options mask used with openFile. */
u_long getOpenOptions (){return opt;}
protected:
diff --git a/myserver/src/base/file/file.cpp b/myserver/src/base/file/file.cpp
index 9ece6b7..ceb65ac 100644
--- a/myserver/src/base/file/file.cpp
+++ b/myserver/src/base/file/file.cpp
@@ -131,6 +131,15 @@ int File::truncate (u_long size)
}
/*!
+ Do a fstat on the file.
+ \param fstat stat structure to fill.
+*/
+void File::fstat (struct stat *fstat)
+{
+ checked::fstat (handle, fstat);
+}
+
+/*!
*Open (or create if not exists) a file, but must explicitly use read and/or
*write flags and open flag.
*\param nfilename Filename to open.
commit 8835c592264ae90296b4cc793c6f3be342f60dfc
Author: Giuseppe Scrivano <address@hidden>
Date: Wed Apr 28 22:50:56 2010 +0200
Now `File::openFile' accepts a new flag `NO_FOLLOW_SYMLINK'
diff --git a/myserver/include/base/file/file.h
b/myserver/include/base/file/file.h
index 016e308..1f5668c 100644
--- a/myserver/include/base/file/file.h
+++ b/myserver/include/base/file/file.h
@@ -42,6 +42,7 @@ public:
static const u_long APPEND;
static const u_long FILE_CREATE_ALWAYS;
static const u_long NO_INHERIT;
+ static const u_long NO_FOLLOW_SYMLINK;
File ();
File (char *,int);
diff --git a/myserver/src/base/file/file.cpp b/myserver/src/base/file/file.cpp
index 95db601..9ece6b7 100644
--- a/myserver/src/base/file/file.cpp
+++ b/myserver/src/base/file/file.cpp
@@ -60,6 +60,7 @@ const u_long File::OPEN_IF_EXISTS = (1 << 6);
const u_long File::APPEND = (1 << 7);
const u_long File::FILE_CREATE_ALWAYS = (1 << 8);
const u_long File::NO_INHERIT = (1 << 9);
+const u_long File::NO_FOLLOW_SYMLINK = (1 << 10);
/*!
@@ -150,9 +151,11 @@ int File::openFile (const char* nfilename, u_long opt)
else if (opt & File::WRITE)
flags = O_WRONLY;
+ if (opt & File::NO_FOLLOW_SYMLINK)
+ flags = O_NOFOLLOW;
+
/* FIXME: how avoid a stat? */
bool exists = stat (filename.c_str (), &fStats) == 0;
-
if (opt & File::OPEN_IF_EXISTS && !exists)
return 1;
@@ -162,7 +165,8 @@ int File::openFile (const char* nfilename, u_long opt)
if (exists)
handle = checked::open (filename.c_str (), O_APPEND | flags);
else
- handle = checked::open (filename.c_str (), O_CREAT | flags, S_IRUSR |
S_IWUSR);
+ handle = checked::open (filename.c_str (), O_CREAT | flags,
+ S_IRUSR | S_IWUSR);
try
{
-----------------------------------------------------------------------
Summary of changes:
myserver/include/base/file/file.h | 5 +-
.../include/base/files_cache/cached_file_factory.h | 9 ++-
myserver/include/protocol/ftp/ftp.h | 5 +-
myserver/src/base/file/file.cpp | 17 +++++-
.../src/base/files_cache/cached_file_factory.cpp | 65 ++++++++-----------
myserver/src/http_handler/http_file/http_file.cpp | 21 ++++++-
myserver/src/protocol/ftp/ftp.cpp | 30 ++++++++-
myserver/src/protocol/http/http.cpp | 9 ---
8 files changed, 101 insertions(+), 60 deletions(-)
hooks/post-receive
--
GNU MyServer
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [myserver-commit] [SCM] GNU MyServer branch, master, updated. 0_9_2-202-g4e59d27,
Giuseppe Scrivano <=