TODO updates.

[sgt/agedu] / httpd.c

diff --git a/httpd.c b/httpd.c
index bbe82ab..90d4e42 100644 (file)
--- a/httpd.c
+++ b/httpd.c
@@ -262,23 +262,29 @@ char *got_data(struct connctx *ctx, char *data, int length,
        if (!magic_access && !auth_correct) {
            if (auth_string) {
                ret = http_error("401", "Unauthorized",
-                                "WWW-Authenticate: Basic realm=\""PNAME"\"\r",
+                                "WWW-Authenticate: Basic realm=\""PNAME"\"\r\n",
                                 "\nYou must authenticate to view these pages.");
            } else {
                ret = http_error("403", "Forbidden", NULL,
                                 "This is a restricted-access set of pages.");
            }
        } else {
+           char *q;
            p = ctx->url;
            p += strspn(p, "/?");
-           index = strtoul(p, NULL, 10);
-           document = html_query(ctx->t, index, cfg);
-           if (document) {
-               ret = http_success("text/html", 1, document);
-               sfree(document);
-           } else {
+           index = strtoul(p, &q, 10);
+           if (*q) {
                ret = http_error("404", "Not Found", NULL,
-                                "Pathname index out of range.");
+                                "This is not a valid pathname index.");
+           } else {
+               document = html_query(ctx->t, index, cfg, 1);
+               if (document) {
+                   ret = http_success("text/html", 1, document);
+                   sfree(document);
+               } else {
+                   ret = http_error("404", "Not Found", NULL,
+                                    "Pathname index out of range.");
+               }
            }
        }
        return ret;
@@ -362,9 +368,11 @@ int check_owning_uid(int fd, int flip)
        while (fgets(linebuf, sizeof(linebuf), fp)) {
            if (strlen(linebuf) >= 75 &&
                !strncmp(linebuf+6, matchbuf, strlen(matchbuf))) {
+               fclose(fp);
                return atoi(linebuf + 75);
            }
        }
+       fclose(fp);
     }
 
     return -1;
@@ -406,7 +414,6 @@ void run_httpd(const void *t, int authmask, const struct httpd_config *dcfg,
     int fd, ret;
     int authtype;
     char *authstring = NULL;
-    unsigned long ipaddr;
     struct fd *f;
     struct sockaddr_in addr;
     socklen_t addrlen;
@@ -423,22 +430,28 @@ void run_httpd(const void *t, int authmask, const struct httpd_config *dcfg,
        fprintf(stderr, "socket(PF_INET): %s\n", strerror(errno));
        exit(1);
     }
+    memset(&addr, 0, sizeof(addr));
     addr.sin_family = AF_INET;
     if (!dcfg->address) {
+#ifdef RANDOM_LOCALHOST
+       unsigned long ipaddr;
        srand(0L);
        ipaddr = 0x7f000000;
        ipaddr += (1 + rand() % 255) << 16;
        ipaddr += (1 + rand() % 255) << 8;
        ipaddr += (1 + rand() % 255);
        addr.sin_addr.s_addr = htonl(ipaddr);
+#else
+       addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+#endif
        addr.sin_port = htons(0);
-       
     } else {
        addr.sin_addr.s_addr = inet_addr(dcfg->address);
        addr.sin_port = dcfg->port ? htons(dcfg->port) : 0;
     }
     addrlen = sizeof(addr);
     ret = bind(fd, (const struct sockaddr *)&addr, addrlen);
+#ifdef RANDOM_LOCALHOST
     if (ret < 0 && errno == EADDRNOTAVAIL && !dcfg->address) {
        /*
         * Some systems don't like us binding to random weird
@@ -449,6 +462,7 @@ void run_httpd(const void *t, int authmask, const struct httpd_config *dcfg,
        addr.sin_port = htons(0);
        ret = bind(fd, (const struct sockaddr *)&addr, addrlen);
     }
+#endif
     if (ret < 0) {
        fprintf(stderr, "bind: %s\n", strerror(errno));
        exit(1);