~mdw
/
userv-utils
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
www-cgi/: Clean up environment filtering doc
[userv-utils]
/
www-cgi
/
ucgi.c
diff --git
a/www-cgi/ucgi.c
b/www-cgi/ucgi.c
index
c4c072d
..
845eb44
100644
(file)
--- a/
www-cgi/ucgi.c
+++ b/
www-cgi/ucgi.c
@@
-30,13
+30,34
@@
#include "ucgi.h"
#include "ucgi.h"
+static const char *const default_envok[] = {
+ "AUTH_TYPE",
+ "CONTENT_TYPE",
+ "CONTENT_LENGTH",
+ "DOCUMENT_ROOT",
+ "GATEWAY_INTERFACE",
+ "HTTP_*",
+ "HTTPS",
+ "PATH_INFO",
+ "PATH_TRANSLATED",
+ "QUERY_STRING",
+ "REDIRECT_*",
+ "REMOTE_*",
+ "REQUEST_METHOD",
+ "REQUEST_URI",
+ "SCRIPT_*",
+ "SERVER_*",
+ "SSL_*",
+ 0
+};
+
struct buildargs {
const char **v;
int n, max;
};
static void addarg(struct buildargs *args, const char *a) {
struct buildargs {
const char **v;
int n, max;
};
static void addarg(struct buildargs *args, const char *a) {
- if (args->n > args->max) error("too many arguments");
+ if (args->n > args->max) error("too many arguments"
, 500
);
args->v[args->n++]= a;
}
args->v[args->n++]= a;
}
@@
-46,7
+67,8
@@
static void add_userv_var(const char *fulln,
size_t l;
char *a;
size_t l;
char *a;
- l= strlen(ev); if (l > MAX_ENVVAR_VALUE) error("environment variable too long");
+ l= strlen(ev);
+ if (l > MAX_ENVVAR_VALUE) error("environment variable too long", 500);
a= xmalloc(strlen(en)+l+6);
sprintf(a,"-DE_%s=%s",en,ev);
addarg(args, a);
a= xmalloc(strlen(en)+l+6);
sprintf(a,"-DE_%s=%s",en,ev);
addarg(args, a);
@@
-54,7
+76,8
@@
static void add_userv_var(const char *fulln,
int main(int argc, const char **argv) {
char *username;
int main(int argc, const char **argv) {
char *username;
- const char *slash2, *pathi, *av;
+ const char *slash2, *pathi, *ev, *av;
+ const char *const *envok = 0;
size_t usernamelen, l;
struct buildargs args;
pid_t child, rchild;
size_t usernamelen, l;
struct buildargs args;
pid_t child, rchild;
@@
-70,24
+93,33
@@
int main(int argc, const char **argv) {
D( printf(";;; UCGI\n"); )
}
D( printf(";;; UCGI\n"); )
}
- if (argc > MAX_ARGS) error("too many arguments");
+ if (argc > MAX_ARGS) error("too many arguments", 500);
+
+ ev= getenv("UCGI_ENV_FILTER");
+ if (ev)
+ envok= load_filters(LOADF_MUST, ev, LF_END);
+ else
+ envok= load_filters(0, "/etc/userv/ucgi.env-filter", LF_END);
pathi= getenv("PATH_INFO");
pathi= getenv("PATH_INFO");
- if (!pathi) error("PATH_INFO not found");
+ if (!pathi) error("PATH_INFO not found"
, 500
);
D( if (debugmode) {
printf(";; find user name...\n"
";; initial PATH_INFO = `%s'\n",
pathi);
} )
D( if (debugmode) {
printf(";; find user name...\n"
";; initial PATH_INFO = `%s'\n",
pathi);
} )
- if (pathi[0] != '/' || pathi[1] != '~') error("PATH_INFO must start with /~");
- slash2= strchr(pathi+2,'/'); if (!slash2) error("PATH_INFO must have more than one /");
+ if (pathi[0] != '/' || pathi[1] != '~')
+ error("PATH_INFO must start with /~", 400);
+ slash2= strchr(pathi+2,'/');
+ if (!slash2) error("PATH_INFO must have more than one /", 400);
usernamelen= slash2-(pathi+2);
usernamelen= slash2-(pathi+2);
- if (usernamelen > MAX_USERNAME_LEN) error("PATH_INFO username too long");
+ if (usernamelen > MAX_USERNAME_LEN) error("PATH_INFO username too long"
, 400
);
username= xmalloc(usernamelen+1);
memcpy(username,pathi+2,usernamelen); username[usernamelen]= 0;
D( if (debugmode)
printf(";; user = `%s'; tail = `%s'\n", username, slash2); )
username= xmalloc(usernamelen+1);
memcpy(username,pathi+2,usernamelen); username[usernamelen]= 0;
D( if (debugmode)
printf(";; user = `%s'; tail = `%s'\n", username, slash2); )
- if (!isalpha(username[0])) error("username 1st character is not alphabetic");
+ if (!isalpha(username[0]))
+ error("username 1st character is not alphabetic", 400);
xsetenv("PATH_INFO",slash2,1);
args.n= 0; args.max= argc + MAX_ENVVARS + 10;
xsetenv("PATH_INFO",slash2,1);
args.n= 0; args.max= argc + MAX_ENVVARS + 10;
@@
-96,7
+128,8
@@
int main(int argc, const char **argv) {
addarg(&args, "userv");
if (debugmode) addarg(&args, "-DDEBUG=1");
addarg(&args, "userv");
if (debugmode) addarg(&args, "-DDEBUG=1");
- filter_environment(FILTF_WILDCARD, "", envok, add_userv_var, &args);
+ filter_environment(FILTF_WILDCARD, "", envok, default_envok,
+ add_userv_var, &args);
addarg(&args, username);
addarg(&args, "www-cgi");
addarg(&args, username);
addarg(&args, "www-cgi");