Commit a999e510 authored by Rob Swindell's avatar Rob Swindell 💬
Browse files

By default, don't recognize filebase virtual path prefix for vhosts

If the request is to a virtual web host, don't recognize the filebase vpath prefix (FileVPathPrefix setting) unless FileVPathForVHosts is set to "true" (in the [web] section of sbbs.ini).

This addresses another of Deuce's concerns about this feature.
parent 52b2e20a
......@@ -63,7 +63,8 @@ static const char* strJavaScriptLoadPath ="JavaScriptLoadPath";
static const char* strJavaScriptOptions ="JavaScriptOptions";
static const char* strSemFileCheckFrequency ="SemFileCheckFrequency";
static const char* strIniFileName ="iniFileName";
static const char* strFileVpathPrefix ="FileVPathPrefix";
static const char* strFileVPathPrefix ="FileVPathPrefix";
static const char* strFileVPathForVHosts ="FileVPathForVHosts";
#define DEFAULT_LOG_LEVEL LOG_DEBUG
#define DEFAULT_BIND_RETRY_COUNT 2
......@@ -457,7 +458,7 @@ void sbbs_read_ini(
bbs->login_attempt = get_login_attempt_settings(list, section, global);
bbs->max_concurrent_connections = iniGetInteger(list, section, strMaxConConn, 0);
SAFECOPY(bbs->web_file_vpath_prefix, iniGetString(list, "web", strFileVpathPrefix, nulstr, value));
SAFECOPY(bbs->web_file_vpath_prefix, iniGetString(list, "web", strFileVPathPrefix, nulstr, value));
}
/***********************************************************************/
......@@ -715,7 +716,8 @@ void sbbs_read_ini(
SAFECOPY(web->logfile_base
,iniGetString(list,section,"HttpLogFile",nulstr,value));
SAFECOPY(web->file_vpath_prefix
,iniGetString(list, section, strFileVpathPrefix, nulstr, value));
,iniGetString(list, section, strFileVPathPrefix, nulstr, value));
web->file_vpath_for_vhosts = iniGetBool(list, section, strFileVPathForVHosts, FALSE);
SAFECOPY(web->default_cgi_content
,iniGetString(list,section,"DefaultCGIContent",WEB_DEFAULT_CGI_CONTENT,value));
......@@ -1268,7 +1270,9 @@ BOOL sbbs_write_ini(
break;
if(!iniSetString(lp,section,"HttpLogFile",web->logfile_base,&style))
break;
if(!iniSetString(lp,section,strFileVpathPrefix, web->file_vpath_prefix, &style))
if(!iniSetString(lp,section,strFileVPathPrefix, web->file_vpath_prefix, &style))
break;
if(!iniSetBool(lp,section,strFileVPathForVHosts, web->file_vpath_for_vhosts, &style))
break;
if(!iniSetString(lp,section,"DefaultCGIContent",web->default_cgi_content,&style))
......
......@@ -3129,6 +3129,7 @@ static BOOL get_request_headers(http_session_t * session)
static BOOL get_fullpath(http_session_t * session)
{
char str[MAX_PATH+1];
bool vhost = false;
if(alias_list != NULL) {
for(size_t i = 0; alias_list[i] != NULL; i++) {
......@@ -3143,19 +3144,22 @@ static BOOL get_fullpath(http_session_t * session)
}
}
if(startup->file_vpath_prefix[0] && strncmp(session->req.physical_path, startup->file_vpath_prefix, strlen(startup->file_vpath_prefix)) == 0) {
session->filebase_access = TRUE;
return TRUE;
}
if(session->req.vhost[0] && startup->options&WEB_OPT_VIRTUAL_HOSTS) {
safe_snprintf(str,sizeof(str),"%s/%s",root_dir,session->req.vhost);
if(isdir(str))
if(isdir(str)) {
vhost = true;
safe_snprintf(str,sizeof(str),"%s/%s%s",root_dir,session->req.vhost,session->req.physical_path);
else
} else
safe_snprintf(str,sizeof(str),"%s%s",root_dir,session->req.physical_path);
} else
safe_snprintf(str,sizeof(str),"%s%s",root_dir,session->req.physical_path);
if(startup->file_vpath_prefix[0] && (vhost == false || startup->file_vpath_for_vhosts == true)
&& strncmp(session->req.physical_path, startup->file_vpath_prefix, strlen(startup->file_vpath_prefix)) == 0) {
session->filebase_access = TRUE;
return TRUE;
}
if(FULLPATH(session->req.physical_path,str,sizeof(session->req.physical_path))==NULL)
return(FALSE);
......
......@@ -69,6 +69,7 @@ typedef struct {
char logfile_base[INI_MAX_VALUE_LEN]; /* Logfile base name (date is appended) */
char ini_fname[INI_MAX_VALUE_LEN];
char file_vpath_prefix[INI_MAX_VALUE_LEN];
BOOL file_vpath_for_vhosts;
/* Misc */
char host_name[128];
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment