mirror of https://github.com/omar-polo/gmid.git
Compare commits
7 Commits
6130e0eeac
...
97b306cbee
Author | SHA1 | Date |
---|---|---|
Omar Polo | 97b306cbee | |
Omar Polo | 77718c121f | |
Omar Polo | 17493a486c | |
Omar Polo | eb4f96c10a | |
Omar Polo | e92efb0d8e | |
Omar Polo | 872a717687 | |
Omar Polo | b24c6fcc1c |
11
fcgi.c
11
fcgi.c
|
@ -290,7 +290,7 @@ fcgi_read(struct bufferevent *bev, void *d)
|
|||
/* TODO: do something with the status? */
|
||||
c->type = REQUEST_DONE;
|
||||
client_write(c->bev, c);
|
||||
break;
|
||||
return;
|
||||
|
||||
case FCGI_STDERR:
|
||||
/* discard stderr (for now) */
|
||||
|
@ -344,6 +344,7 @@ void
|
|||
fcgi_req(struct client *c)
|
||||
{
|
||||
char addr[NI_MAXHOST], buf[22];
|
||||
char *qs;
|
||||
int e;
|
||||
time_t tim;
|
||||
struct tm tminfo;
|
||||
|
@ -368,6 +369,14 @@ fcgi_req(struct client *c)
|
|||
fcgi_send_param(c->cgibev, "SERVER_PROTOCOL", "GEMINI");
|
||||
fcgi_send_param(c->cgibev, "SERVER_SOFTWARE", GMID_VERSION);
|
||||
|
||||
if (*c->iri.query != '\0' &&
|
||||
strchr(c->iri.query, '=') == NULL &&
|
||||
(qs = strdup(c->iri.query)) != NULL) {
|
||||
pct_decode_str(qs);
|
||||
fcgi_send_param(c->cgibev, "GEMINI_SEARCH_STRING", qs);
|
||||
free(qs);
|
||||
}
|
||||
|
||||
TAILQ_FOREACH(p, &c->host->params, envs) {
|
||||
fcgi_send_param(c->cgibev, p->name, p->value);
|
||||
}
|
||||
|
|
7
gmid.c
7
gmid.c
|
@ -296,9 +296,10 @@ drop_priv(void)
|
|||
}
|
||||
|
||||
if (pw != NULL) {
|
||||
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
|
||||
fatal("setresuid(%d): %s", pw->pw_uid,
|
||||
strerror(errno));
|
||||
if (setgroups(1, &pw->pw_gid) == -1 ||
|
||||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 ||
|
||||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
|
||||
fatal("cannot drop privileges");
|
||||
}
|
||||
|
||||
if (getuid() == 0)
|
||||
|
|
|
@ -286,6 +286,12 @@ Full path to the FastCGI script being executed.
|
|||
The full IRI of the request.
|
||||
.It Ev GEMINI_URL_PATH
|
||||
The path of the request.
|
||||
.It Ev GEMINI_SEARCH_STRING
|
||||
The decoded
|
||||
.Ev QUERY_STRING
|
||||
if defined in the request and if it doesn't contain any unencoded
|
||||
.Sq =
|
||||
characters, otherwise unset.
|
||||
.It Ev PATH_INFO
|
||||
The portion of the requested path that is derived from the the IRI
|
||||
path hierarchy following the part that identifies the script itself.
|
||||
|
@ -301,7 +307,7 @@ builds this by appending the
|
|||
.Ev PATH_INFO
|
||||
to the virtual host directory root.
|
||||
.It Ev QUERY_STRING
|
||||
The decoded query string.
|
||||
The URL-encoded search or parameter string.
|
||||
.It Ev REMOTE_ADDR , Ev REMOTE_HOST
|
||||
Textual representation of the client IP.
|
||||
.It Ev REQUEST_METHOD
|
||||
|
|
4
iri.c
4
iri.c
|
@ -488,7 +488,9 @@ pct_decode_str(char *s)
|
|||
char *t;
|
||||
|
||||
for (t = s; *t; ++t) {
|
||||
if (*t == '%' && valid_pct_enc_string(t))
|
||||
if (*t == '+')
|
||||
*t = ' ';
|
||||
else if (*t == '%' && valid_pct_enc_string(t))
|
||||
pct_decode(t);
|
||||
}
|
||||
|
||||
|
|
3
parse.y
3
parse.y
|
@ -1178,7 +1178,8 @@ fastcgi_conf(const char *path, const char *port)
|
|||
if (*f->path == '\0') {
|
||||
f->id = i;
|
||||
(void) strlcpy(f->path, path, sizeof(f->path));
|
||||
(void) strlcpy(f->port, port, sizeof(f->port));
|
||||
if (port != NULL)
|
||||
(void) strlcpy(f->port, port, sizeof(f->port));
|
||||
return i;
|
||||
}
|
||||
|
||||
|
|
|
@ -611,14 +611,14 @@ sandbox_server_process(int can_open_sockets)
|
|||
if (*l->dir == '\0')
|
||||
continue;
|
||||
|
||||
if (unveil(l->dir, "r") == -1)
|
||||
if (unveil(l->dir, "rw") == -1)
|
||||
fatal("unveil %s for domain %s",
|
||||
l->dir,
|
||||
h->domain);
|
||||
}
|
||||
}
|
||||
|
||||
if (pledge("stdio recvfd rpath inet dns", NULL) == -1)
|
||||
if (pledge("stdio recvfd rpath unix inet dns", NULL) == -1)
|
||||
fatal("pledge");
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue