1 /* ====================================================================
2 * The Apache Software License, Version 1.1
3 *
4 * Copyright (c) 2000-2003 The Apache Software Foundation. All rights
5 * reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * 3. The end-user documentation included with the redistribution,
20 * if any, must include the following acknowledgment:
21 * "This product includes software developed by the
22 * Apache Software Foundation (http://www.apache.org/)."
23 * Alternately, this acknowledgment may appear in the software itself,
24 * if and wherever such third-party acknowledgments normally appear.
25 *
26 * 4. The names "Apache" and "Apache Software Foundation" must
27 * not be used to endorse or promote products derived from this
28 * software without prior written permission. For written
29 * permission, please contact apache@apache.org.
30 *
31 * 5. Products derived from this software may not be called "Apache",
32 * nor may "Apache" appear in their name, without prior written
33 * permission of the Apache Software Foundation.
34 *
35 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
46 * SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Software Foundation. For more
51 * information on the Apache Software Foundation, please see
52 * <http://www.apache.org/>.
53 *
54 * Portions of this software are based upon public domain software
55 * originally written at the National Center for Supercomputing Applications,
56 * University of Illinois, Urbana-Champaign.
57 */
58
59 /*
60 * mod_dir.c: handle default index files, and trailing-/ redirects
61 */
62
63 #include "httpd.h"
64 #include "http_config.h"
65 #include "http_core.h"
66 #include "http_request.h"
67 #include "http_protocol.h"
68 #include "http_log.h"
69 #include "http_main.h"
70 #include "util_script.h"
71
72 __RCSID("$MirOS: src/usr.sbin/httpd/src/modules/standard/mod_dir.c,v 1.5 2007/07/03 07:19:18 tg Exp $");
73
74 module MODULE_VAR_EXPORT dir_module;
75
76 typedef struct dir_config_struct {
77 array_header *index_names;
78 } dir_config_rec;
79
80 #define DIR_CMD_PERMS OR_INDEXES
81
add_index(cmd_parms * cmd,void * dummy,char * arg)82 static const char *add_index(cmd_parms *cmd, void *dummy, char *arg)
83 {
84 dir_config_rec *d = dummy;
85
86 if (!d->index_names) {
87 d->index_names = ap_make_array(cmd->pool, 2, sizeof(char *));
88 }
89 *(char **)ap_push_array(d->index_names) = arg;
90 return NULL;
91 }
92
93 static const command_rec dir_cmds[] =
94 {
95 {"DirectoryIndex", add_index, NULL,
96 DIR_CMD_PERMS, ITERATE,
97 "a list of file names"},
98 {NULL}
99 };
100
create_dir_config(pool * p,char * dummy)101 static void *create_dir_config(pool *p, char *dummy)
102 {
103 dir_config_rec *new =
104 (dir_config_rec *) ap_pcalloc(p, sizeof(dir_config_rec));
105
106 new->index_names = NULL;
107 return (void *) new;
108 }
109
merge_dir_configs(pool * p,void * basev,void * addv)110 static void *merge_dir_configs(pool *p, void *basev, void *addv)
111 {
112 dir_config_rec *new = (dir_config_rec *) ap_pcalloc(p, sizeof(dir_config_rec));
113 dir_config_rec *base = (dir_config_rec *) basev;
114 dir_config_rec *add = (dir_config_rec *) addv;
115
116 new->index_names = add->index_names ? add->index_names : base->index_names;
117 return new;
118 }
119
handle_dir(request_rec * r)120 static int handle_dir(request_rec *r)
121 {
122 dir_config_rec *d =
123 (dir_config_rec *) ap_get_module_config(r->per_dir_config,
124 &dir_module);
125 char *dummy_ptr[1];
126 char **names_ptr;
127 int num_names;
128 int error_notfound = 0;
129
130 if (r->uri[strlen(r->uri) - 1] != '/') {
131 const char *xuri, *xargs;
132
133 xuri = ap_escape_html(r->pool, r->uri);
134 if (r->args) {
135 xargs = ap_pstrcat(r->pool, ap_escape_uri(r->pool, r->uri),
136 "/?", r->args, NULL);
137 r->mtime = 0; /* dynamic, never cache this */
138 } else {
139 xargs = ap_pstrcat(r->pool, ap_escape_uri(r->pool, r->uri),
140 "/", NULL);
141 r->mtime = 1; /* static, always cache this */
142 }
143 r->content_type = "text/html";
144 ap_send_http_header(r);
145 ap_rvputs(r, "<html><head><title>404: ", xuri, " is a directory"
146 "</title></head>\n<body>\n"
147 "<h1>404 Is A Directory</h1>\n<p>The file you have requested"
148 " was not found. Additionally, a directory with the same name"
149 " was found. If you want to retrieve the contents of that"
150 " directory, please add a trailing slash to your request URI."
151 "<br />Do not forget to update your bookmarks!</p>\n<p>The failed"
152 " path was: <tt>", xuri, "</tt></p><p>Use the following hypertext"
153 " reference to go to <a href=\"", xargs, "\">", xuri, "/</a>"
154 "<br />and do not forget to update your bookmarks and future"
155 " behaviour!</p>\n", ap_psignature("<hr />", r),
156 "</body></html>\n", NULL);
157 ap_kill_timeout(r);
158 ap_finalize_request_protocol(r);
159 ap_rflush(r);
160 return 0; /*HTTP_NOT_FOUND;*/
161 } else if (r->uri[0] == '\0') {
162 char *ifile;
163 if (r->args != NULL)
164 ifile = ap_pstrcat(r->pool, ap_escape_uri(r->pool, r->uri),
165 "/", "?", r->args, NULL);
166 else
167 ifile = ap_pstrcat(r->pool, ap_escape_uri(r->pool, r->uri),
168 "/", NULL);
169
170 ap_table_setn(r->headers_out, "Location",
171 ap_construct_url(r->pool, ifile, r));
172 return HTTP_MOVED_PERMANENTLY;
173 }
174
175 /* KLUDGE --- make the sub_req lookups happen in the right directory.
176 * Fixing this in the sub_req_lookup functions themselves is difficult,
177 * and would probably break virtual includes...
178 */
179
180 if (r->filename[strlen(r->filename) - 1] != '/') {
181 r->filename = ap_pstrcat(r->pool, r->filename, "/", NULL);
182 }
183
184 if (d->index_names) {
185 names_ptr = (char **)d->index_names->elts;
186 num_names = d->index_names->nelts;
187 }
188 else {
189 dummy_ptr[0] = DEFAULT_INDEX;
190 names_ptr = dummy_ptr;
191 num_names = 1;
192 }
193
194 for (; num_names; ++names_ptr, --num_names) {
195 char *name_ptr = *names_ptr;
196 request_rec *rr = ap_sub_req_lookup_uri(name_ptr, r);
197
198 if (rr->status == HTTP_OK && S_ISREG(rr->finfo.st_mode)) {
199 char *new_uri = ap_escape_uri(r->pool, rr->uri);
200
201 if (rr->args != NULL)
202 new_uri = ap_pstrcat(r->pool, new_uri, "?", rr->args, NULL);
203 else if (r->args != NULL)
204 new_uri = ap_pstrcat(r->pool, new_uri, "?", r->args, NULL);
205
206 ap_destroy_sub_req(rr);
207 ap_internal_redirect(new_uri, r);
208 return OK;
209 }
210
211 /* If the request returned a redirect, propagate it to the client */
212
213 if (ap_is_HTTP_REDIRECT(rr->status) ||
214 (rr->status == HTTP_NOT_ACCEPTABLE && num_names == 1) ||
215 (rr->status == HTTP_UNAUTHORIZED && num_names == 1)) {
216
217 ap_pool_join(r->pool, rr->pool);
218 error_notfound = rr->status;
219 r->notes = ap_overlay_tables(r->pool, r->notes, rr->notes);
220 r->headers_out = ap_overlay_tables(r->pool, r->headers_out,
221 rr->headers_out);
222 r->err_headers_out = ap_overlay_tables(r->pool, r->err_headers_out,
223 rr->err_headers_out);
224 return error_notfound;
225 }
226
227 /* If the request returned something other than 404 (or 200),
228 * it means the module encountered some sort of problem. To be
229 * secure, we should return the error, rather than create
230 * along a (possibly unsafe) directory index.
231 *
232 * So we store the error, and if none of the listed files
233 * exist, we return the last error response we got, instead
234 * of a directory listing.
235 */
236 if (rr->status && rr->status != HTTP_NOT_FOUND && rr->status != HTTP_OK)
237 error_notfound = rr->status;
238
239 ap_destroy_sub_req(rr);
240 }
241
242 if (error_notfound)
243 return error_notfound;
244
245 if (r->method_number != M_GET)
246 return DECLINED;
247
248 /* nothing for us to do, pass on through */
249
250 return DECLINED;
251 }
252
253
254 static const handler_rec dir_handlers[] =
255 {
256 {DIR_MAGIC_TYPE, handle_dir},
257 {NULL}
258 };
259
260 module MODULE_VAR_EXPORT dir_module =
261 {
262 STANDARD_MODULE_STUFF,
263 NULL, /* initializer */
264 create_dir_config, /* dir config creater */
265 merge_dir_configs, /* dir merger --- default is to override */
266 NULL, /* server config */
267 NULL, /* merge server config */
268 dir_cmds, /* command table */
269 dir_handlers, /* handlers */
270 NULL, /* filename translation */
271 NULL, /* check_user_id */
272 NULL, /* check auth */
273 NULL, /* check access */
274 NULL, /* type_checker */
275 NULL, /* fixups */
276 NULL, /* logger */
277 NULL, /* header parser */
278 NULL, /* child_init */
279 NULL, /* child_exit */
280 NULL /* post read-request */
281 };
282