modules/mappers/mod_userdir.c - httpd - Git at Google

 /* ====================================================================
  * Copyright (c) 1995-1999 The Apache Group.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
  *    the documentation and/or other materials provided with the
  *    distribution.
  *
  * 3. All advertising materials mentioning features or use of this
  *    software must display the following acknowledgment:
  *    "This product includes software developed by the Apache Group
  *    for use in the Apache HTTP server project (http://www.apache.org/)."
  *
  * 4. The names "Apache Server" and "Apache Group" must not be used to
  *    endorse or promote products derived from this software without
  *    prior written permission. For written permission, please contact
  *    apache@apache.org.
  *
  * 5. Products derived from this software may not be called "Apache"
  *    nor may "Apache" appear in their names without prior written
  *    permission of the Apache Group.
  *
  * 6. Redistributions of any form whatsoever must retain the following
  *    acknowledgment:
  *    "This product includes software developed by the Apache Group
  *    for use in the Apache HTTP server project (http://www.apache.org/)."
  *
  * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE APACHE GROUP OR
  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  * ====================================================================
  *
  * This software consists of voluntary contributions made by many
  * individuals on behalf of the Apache Group and was originally based
  * on public domain software written at the National Center for
  * Supercomputing Applications, University of Illinois, Urbana-Champaign.
  * For more information on the Apache Group and the Apache HTTP server
  * project, please see <http://www.apache.org/>.
  *
  */

 /*
  * mod_userdir... implement the UserDir command.  Broken away from the
  * Alias stuff for a couple of good and not-so-good reasons:
  *
  * 1) It shows a real minimal working example of how to do something like
  *    this.
  * 2) I know people who are actually interested in changing this *particular*
  *    aspect of server functionality without changing the rest of it.  That's
  *    what this whole modular arrangement is supposed to be good at...
  *
  * Modified by Alexei Kosut to support the following constructs
  * (server running at www.foo.com, request for /~bar/one/two.html)
  *
  * UserDir public_html      -> ~bar/public_html/one/two.html
  * UserDir /usr/web         -> /usr/web/bar/one/two.html
  * UserDir /home/ * /www     -> /home/bar/www/one/two.html
  *  NOTE: theses ^ ^ space only added allow it to work in a comment, ignore
  * UserDir http://x/users   -> (302) http://x/users/bar/one/two.html
  * UserDir http://x/ * /y     -> (302) http://x/bar/y/one/two.html
  *  NOTE: here also ^ ^
  *
  * In addition, you can use multiple entries, to specify alternate
  * user directories (a la Directory Index). For example:
  *
  * UserDir public_html /usr/web http://www.xyz.com/users
  *
  * Modified by Ken Coar to provide for the following:
  *
  * UserDir disable[d] username ...
  * UserDir enable[d] username ...
  *
  * If "disabled" has no other arguments, *all* ~<username> references are
  * disabled, except those explicitly turned on with the "enabled" keyword.
  */

 #include "httpd.h"
 #include "http_config.h"

 module userdir_module;

 typedef struct userdir_config {
     int globally_disabled;
     char *userdir;
     table *enabled_users;
     table *disabled_users;
 }              userdir_config;

 /*
  * Server config for this module: global disablement flag, a list of usernames
  * ineligible for UserDir access, a list of those immune to global (but not
  * explicit) disablement, and the replacement string for all others.
  */

 static void *create_userdir_config(pool *p, server_rec *s)
 {
     userdir_config
     * newcfg = (userdir_config *) ap_pcalloc(p, sizeof(userdir_config));

     newcfg->globally_disabled = 0;
     newcfg->userdir = DEFAULT_USER_DIR;
     newcfg->enabled_users = ap_make_table(p, 4);
     newcfg->disabled_users = ap_make_table(p, 4);
     return (void *) newcfg;
 }

 #define O_DEFAULT 0
 #define O_ENABLE 1
 #define O_DISABLE 2

 static const char *set_user_dir(cmd_parms *cmd, void *dummy, char *arg)
 {
     userdir_config
     * s_cfg = (userdir_config *) ap_get_module_config
     (
      cmd->server->module_config,
      &userdir_module
     );
     char *username;
     const char
         *usernames = arg;
     char *kw = ap_getword_conf(cmd->pool, &usernames);
     table *usertable;

     /*
      * Let's do the comparisons once.
      */
     if ((!strcasecmp(kw, "disable")) || (!strcasecmp(kw, "disabled"))) {
         /*
          * If there are no usernames specified, this is a global disable - we
          * need do no more at this point than record the fact.
          */
         if (strlen(usernames) == 0) {
             s_cfg->globally_disabled = 1;
             return NULL;
         }
         usertable = s_cfg->disabled_users;
     }
     else if ((!strcasecmp(kw, "enable")) || (!strcasecmp(kw, "enabled"))) {
         /*
          * The "disable" keyword can stand alone or take a list of names, but
          * the "enable" keyword requires the list.  Whinge if it doesn't have
          * it.
          */
         if (strlen(usernames) == 0) {
             return "UserDir \"enable\" keyword requires a list of usernames";
         }
         usertable = s_cfg->enabled_users;
     }
     else {
         /*
          * If the first (only?) value isn't one of our keywords, just copy
          * the string to the userdir string.
          */
         s_cfg->userdir = ap_pstrdup(cmd->pool, arg);
         return NULL;
     }
     /*
      * Now we just take each word in turn from the command line and add it to
      * the appropriate table.
      */
     while (*usernames) {
         username = ap_getword_conf(cmd->pool, &usernames);
         ap_table_setn(usertable, username, kw);
     }
     return NULL;
 }

 static const command_rec userdir_cmds[] = {
     {"UserDir", set_user_dir, NULL, RSRC_CONF, RAW_ARGS,
     "the public subdirectory in users' home directories, or 'disabled', or 'disabled username username...', or 'enabled username username...'"},
     {NULL}
 };

 static int translate_userdir(request_rec *r)
 {
     void *server_conf = r->server->module_config;
     const userdir_config *s_cfg =
     (userdir_config *) ap_get_module_config(server_conf, &userdir_module);
     char *name = r->uri;
     const char *userdirs = s_cfg->userdir;
     const char *w, *dname;
     char *redirect;
     char *x = NULL;
     struct stat statbuf;

     /*
      * If the URI doesn't match our basic pattern, we've nothing to do with
      * it.
      */
     if (
         (s_cfg->userdir == NULL) ||
         (name[0] != '/') ||
         (name[1] != '~')
         ) {
         return DECLINED;
     }

     dname = name + 2;
     w = ap_getword(r->pool, &dname, '/');

     /*
      * The 'dname' funny business involves backing it up to capture the '/'
      * delimiting the "/~user" part from the rest of the URL, in case there
      * was one (the case where there wasn't being just "GET /~user HTTP/1.0",
      * for which we don't want to tack on a '/' onto the filename).
      */

     if (dname[-1] == '/') {
         --dname;
     }

     /*
      * If there's no username, it's not for us.  Ignore . and .. as well.
      */
     if (w[0] == '\0' || (w[1] == '.' && (w[2] == '\0' || (w[2] == '.' && w[3] == '\0')))) {
         return DECLINED;
     }
     /*
      * Nor if there's an username but it's in the disabled list.
      */
     if (ap_table_get(s_cfg->disabled_users, w) != NULL) {
         return DECLINED;
     }
     /*
      * If there's a global interdiction on UserDirs, check to see if this
      * name is one of the Blessed.
      */
     if (
         s_cfg->globally_disabled &&
         (ap_table_get(s_cfg->enabled_users, w) == NULL)
         ) {
         return DECLINED;
     }

     /*
      * Special cases all checked, onward to normal substitution processing.
      */

     while (*userdirs) {
         const char *userdir = ap_getword_conf(r->pool, &userdirs);
         char *filename = NULL;

         if (strchr(userdir, '*'))
             x = ap_getword(r->pool, &userdir, '*');

 	if (userdir[0] == '\0' || ap_os_is_path_absolute(userdir)) {
             if (x) {
 #ifdef HAVE_DRIVE_LETTERS
                 /*
                  * Crummy hack. Need to figure out whether we have been
                  * redirected to a URL or to a file on some drive. Since I
                  * know of no protocols that are a single letter, if the : is
                  * the second character, I will assume a file was specified
                  */
                 if (strchr(x + 2, ':'))
 #else
                 if (strchr(x, ':'))
 #endif                          /* WIN32 */
 		{
                     redirect = ap_pstrcat(r->pool, x, w, userdir, dname, NULL);
                     ap_table_setn(r->headers_out, "Location", redirect);
                     return REDIRECT;
                 }
                 else
                     filename = ap_pstrcat(r->pool, x, w, userdir, NULL);
             }
             else
                 filename = ap_pstrcat(r->pool, userdir, "/", w, NULL);
         }
         else if (strchr(userdir, ':')) {
             redirect = ap_pstrcat(r->pool, userdir, "/", w, dname, NULL);
             ap_table_setn(r->headers_out, "Location", redirect);
             return REDIRECT;
         }
         else {
 #ifdef WIN32
             /* Need to figure out home dirs on NT */
             return DECLINED;
 #else                           /* WIN32 */
             struct passwd *pw;
             if ((pw = getpwnam(w))) {
 #ifdef OS2
                 /* Need to manually add user name for OS/2 */
                 filename = ap_pstrcat(r->pool, pw->pw_dir, w, "/", userdir, NULL);
 #else
                 filename = ap_pstrcat(r->pool, pw->pw_dir, "/", userdir, NULL);
 #endif
             }
 #endif                          /* WIN32 */
         }

         /*
          * Now see if it exists, or we're at the last entry. If we are at the
          * last entry, then use the filename generated (if there is one)
          * anyway, in the hope that some handler might handle it. This can be
          * used, for example, to run a CGI script for the user.
          */
         if (filename && (!*userdirs || stat(filename, &statbuf) != -1)) {
             r->filename = ap_pstrcat(r->pool, filename, dname, NULL);
 	    /* when statbuf contains info on r->filename we can save a syscall
 	     * by copying it to r->finfo
 	     */
 	    if (*userdirs && dname[0] == 0)
 		r->finfo = statbuf;
             return OK;
         }
     }

     return DECLINED;
 }

 module userdir_module = {
     STANDARD_MODULE_STUFF,
     NULL,                       /* initializer */
     NULL,                       /* dir config creater */
     NULL,                       /* dir merger --- default is to override */
     create_userdir_config,      /* server config */
     NULL,                       /* merge server config */
     userdir_cmds,               /* command table */
     NULL,                       /* handlers */
     translate_userdir,          /* filename translation */
     NULL,                       /* check_user_id */
     NULL,                       /* check auth */
     NULL,                       /* check access */
     NULL,                       /* type_checker */
     NULL,                       /* fixups */
     NULL,                       /* logger */
     NULL,                       /* header parser */
     NULL,                       /* child_init */
     NULL,                       /* child_exit */
     NULL                        /* post read-request */
 };
	/* ====================================================================
	* Copyright (c) 1995-1999 The Apache Group. All rights reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	*
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	*
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in
	* the documentation and/or other materials provided with the
	* distribution.
	*
	* 3. All advertising materials mentioning features or use of this
	* software must display the following acknowledgment:
	* "This product includes software developed by the Apache Group
	* for use in the Apache HTTP server project (http://www.apache.org/)."
	*
	* 4. The names "Apache Server" and "Apache Group" must not be used to
	* endorse or promote products derived from this software without
	* prior written permission. For written permission, please contact
	* apache@apache.org.
	*
	* 5. Products derived from this software may not be called "Apache"
	* nor may "Apache" appear in their names without prior written
	* permission of the Apache Group.
	*
	* 6. Redistributions of any form whatsoever must retain the following
	* acknowledgment:
	* "This product includes software developed by the Apache Group
	* for use in the Apache HTTP server project (http://www.apache.org/)."
	*
	* THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	* OF THE POSSIBILITY OF SUCH DAMAGE.
	* ====================================================================
	*
	* This software consists of voluntary contributions made by many
	* individuals on behalf of the Apache Group and was originally based
	* on public domain software written at the National Center for
	* Supercomputing Applications, University of Illinois, Urbana-Champaign.
	* For more information on the Apache Group and the Apache HTTP server
	* project, please see <http://www.apache.org/>.
	*
	*/

	/*
	* mod_userdir... implement the UserDir command. Broken away from the
	* Alias stuff for a couple of good and not-so-good reasons:
	*
	* 1) It shows a real minimal working example of how to do something like
	* this.
	* 2) I know people who are actually interested in changing this particular
	* aspect of server functionality without changing the rest of it. That's
	* what this whole modular arrangement is supposed to be good at...
	*
	* Modified by Alexei Kosut to support the following constructs
	* (server running at www.foo.com, request for /~bar/one/two.html)
	*
	* UserDir public_html -> ~bar/public_html/one/two.html
	* UserDir /usr/web -> /usr/web/bar/one/two.html
	* UserDir /home/ * /www -> /home/bar/www/one/two.html
	* NOTE: theses ^ ^ space only added allow it to work in a comment, ignore
	* UserDir http://x/users -> (302) http://x/users/bar/one/two.html
	* UserDir http://x/ * /y -> (302) http://x/bar/y/one/two.html
	* NOTE: here also ^ ^
	*
	* In addition, you can use multiple entries, to specify alternate
	* user directories (a la Directory Index). For example:
	*
	* UserDir public_html /usr/web http://www.xyz.com/users
	*
	* Modified by Ken Coar to provide for the following:
	*
	* UserDir disable[d] username ...
	* UserDir enable[d] username ...
	*
	* If "disabled" has no other arguments, all ~<username> references are
	* disabled, except those explicitly turned on with the "enabled" keyword.
	*/

	#include "httpd.h"
	#include "http_config.h"

	module userdir_module;

	typedef struct userdir_config {
	int globally_disabled;
	char *userdir;
	table *enabled_users;
	table *disabled_users;
	} userdir_config;

	/*
	* Server config for this module: global disablement flag, a list of usernames
	* ineligible for UserDir access, a list of those immune to global (but not
	* explicit) disablement, and the replacement string for all others.
	*/

	static void create_userdir_config(pool p, server_rec *s)
	{
	userdir_config
	* newcfg = (userdir_config *) ap_pcalloc(p, sizeof(userdir_config));

	newcfg->globally_disabled = 0;
	newcfg->userdir = DEFAULT_USER_DIR;
	newcfg->enabled_users = ap_make_table(p, 4);
	newcfg->disabled_users = ap_make_table(p, 4);
	return (void *) newcfg;
	}

	#define O_DEFAULT 0
	#define O_ENABLE 1
	#define O_DISABLE 2

	static const char set_user_dir(cmd_parms cmd, void dummy, char arg)
	{
	userdir_config
	* s_cfg = (userdir_config *) ap_get_module_config
	(
	cmd->server->module_config,
	&userdir_module
	);
	char *username;
	const char
	*usernames = arg;
	char *kw = ap_getword_conf(cmd->pool, &usernames);
	table *usertable;

	/*
	* Let's do the comparisons once.
	*/
	if ((!strcasecmp(kw, "disable")) \|\| (!strcasecmp(kw, "disabled"))) {
	/*
	* If there are no usernames specified, this is a global disable - we
	* need do no more at this point than record the fact.
	*/
	if (strlen(usernames) == 0) {
	s_cfg->globally_disabled = 1;
	return NULL;
	}
	usertable = s_cfg->disabled_users;
	}
	else if ((!strcasecmp(kw, "enable")) \|\| (!strcasecmp(kw, "enabled"))) {
	/*
	* The "disable" keyword can stand alone or take a list of names, but
	* the "enable" keyword requires the list. Whinge if it doesn't have
	* it.
	*/
	if (strlen(usernames) == 0) {
	return "UserDir \"enable\" keyword requires a list of usernames";
	}
	usertable = s_cfg->enabled_users;
	}
	else {
	/*
	* If the first (only?) value isn't one of our keywords, just copy
	* the string to the userdir string.
	*/
	s_cfg->userdir = ap_pstrdup(cmd->pool, arg);
	return NULL;
	}
	/*
	* Now we just take each word in turn from the command line and add it to
	* the appropriate table.
	*/
	while (*usernames) {
	username = ap_getword_conf(cmd->pool, &usernames);
	ap_table_setn(usertable, username, kw);
	}
	return NULL;
	}

	static const command_rec userdir_cmds[] = {
	{"UserDir", set_user_dir, NULL, RSRC_CONF, RAW_ARGS,
	"the public subdirectory in users' home directories, or 'disabled', or 'disabled username username...', or 'enabled username username...'"},
	{NULL}
	};

	static int translate_userdir(request_rec *r)
	{
	void *server_conf = r->server->module_config;
	const userdir_config *s_cfg =
	(userdir_config *) ap_get_module_config(server_conf, &userdir_module);
	char *name = r->uri;
	const char *userdirs = s_cfg->userdir;
	const char w, dname;
	char *redirect;
	char *x = NULL;
	struct stat statbuf;

	/*
	* If the URI doesn't match our basic pattern, we've nothing to do with
	* it.
	*/
	if (
	(s_cfg->userdir == NULL) \|\|
	(name[0] != '/') \|\|
	(name[1] != '~')
	) {
	return DECLINED;
	}

	dname = name + 2;
	w = ap_getword(r->pool, &dname, '/');

	/*
	* The 'dname' funny business involves backing it up to capture the '/'
	* delimiting the "/~user" part from the rest of the URL, in case there
	* was one (the case where there wasn't being just "GET /~user HTTP/1.0",
	* for which we don't want to tack on a '/' onto the filename).
	*/

	if (dname[-1] == '/') {
	--dname;
	}

	/*
	* If there's no username, it's not for us. Ignore . and .. as well.
	*/
	if (w[0] == '\0' \|\| (w[1] == '.' && (w[2] == '\0' \|\| (w[2] == '.' && w[3] == '\0')))) {
	return DECLINED;
	}
	/*
	* Nor if there's an username but it's in the disabled list.
	*/
	if (ap_table_get(s_cfg->disabled_users, w) != NULL) {
	return DECLINED;
	}
	/*
	* If there's a global interdiction on UserDirs, check to see if this
	* name is one of the Blessed.
	*/
	if (
	s_cfg->globally_disabled &&
	(ap_table_get(s_cfg->enabled_users, w) == NULL)
	) {
	return DECLINED;
	}

	/*
	* Special cases all checked, onward to normal substitution processing.
	*/

	while (*userdirs) {
	const char *userdir = ap_getword_conf(r->pool, &userdirs);
	char *filename = NULL;

	if (strchr(userdir, '*'))
	x = ap_getword(r->pool, &userdir, '*');

	if (userdir[0] == '\0' \|\| ap_os_is_path_absolute(userdir)) {
	if (x) {
	#ifdef HAVE_DRIVE_LETTERS
	/*
	* Crummy hack. Need to figure out whether we have been
	* redirected to a URL or to a file on some drive. Since I
	* know of no protocols that are a single letter, if the : is
	* the second character, I will assume a file was specified
	*/
	if (strchr(x + 2, ':'))
	#else
	if (strchr(x, ':'))
	#endif /* WIN32 */
	{
	redirect = ap_pstrcat(r->pool, x, w, userdir, dname, NULL);
	ap_table_setn(r->headers_out, "Location", redirect);
	return REDIRECT;
	}
	else
	filename = ap_pstrcat(r->pool, x, w, userdir, NULL);
	}
	else
	filename = ap_pstrcat(r->pool, userdir, "/", w, NULL);
	}
	else if (strchr(userdir, ':')) {
	redirect = ap_pstrcat(r->pool, userdir, "/", w, dname, NULL);
	ap_table_setn(r->headers_out, "Location", redirect);
	return REDIRECT;
	}
	else {
	#ifdef WIN32
	/* Need to figure out home dirs on NT */
	return DECLINED;
	#else /* WIN32 */
	struct passwd *pw;
	if ((pw = getpwnam(w))) {
	#ifdef OS2
	/* Need to manually add user name for OS/2 */
	filename = ap_pstrcat(r->pool, pw->pw_dir, w, "/", userdir, NULL);
	#else
	filename = ap_pstrcat(r->pool, pw->pw_dir, "/", userdir, NULL);
	#endif
	}
	#endif /* WIN32 */
	}

	/*
	* Now see if it exists, or we're at the last entry. If we are at the
	* last entry, then use the filename generated (if there is one)
	* anyway, in the hope that some handler might handle it. This can be
	* used, for example, to run a CGI script for the user.
	*/
	if (filename && (!*userdirs \|\| stat(filename, &statbuf) != -1)) {
	r->filename = ap_pstrcat(r->pool, filename, dname, NULL);
	/* when statbuf contains info on r->filename we can save a syscall
	* by copying it to r->finfo
	*/
	if (*userdirs && dname[0] == 0)
	r->finfo = statbuf;
	return OK;
	}
	}

	return DECLINED;
	}

	module userdir_module = {
	STANDARD_MODULE_STUFF,
	NULL, /* initializer */
	NULL, /* dir config creater */
	NULL, /* dir merger --- default is to override */
	create_userdir_config, /* server config */
	NULL, /* merge server config */
	userdir_cmds, /* command table */
	NULL, /* handlers */
	translate_userdir, /* filename translation */
	NULL, /* check_user_id */
	NULL, /* check auth */
	NULL, /* check access */
	NULL, /* type_checker */
	NULL, /* fixups */
	NULL, /* logger */
	NULL, /* header parser */
	NULL, /* child_init */
	NULL, /* child_exit */
	NULL /* post read-request */
	};