[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[myserver-commit] [SCM] GNU MyServer branch, master, updated. v0.9.2-382
|
From: |
Giuseppe Scrivano |
|
Subject: |
[myserver-commit] [SCM] GNU MyServer branch, master, updated. v0.9.2-382-ga31b099 |
|
Date: |
Sun, 29 Aug 2010 13:32:50 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU MyServer".
The branch, master has been updated
via a31b099e0be9149abedea8b28e7f8ef9891c93a6 (commit)
from 5c729562268bb36eb9ccd1a11d14e91f7e0ecf8f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a31b099e0be9149abedea8b28e7f8ef9891c93a6
Author: Giuseppe Scrivano <address@hidden>
Date: Sun Aug 29 15:32:37 2010 +0200
Possibility to change response header values from security files.
diff --git a/myserver/NEWS b/myserver/NEWS
index d078ad5..08f1834 100644
--- a/myserver/NEWS
+++ b/myserver/NEWS
@@ -24,6 +24,9 @@ GNU myserver NEWS -*-
outline -*-
Web-based Distributed Authoring and Versioning (WebDAV) support.
+ Possibility to change response header values from the local configuration
+ files.
+�
* Noteworthy changes in release 0.9.2
** Bug fixes
@@ -33,8 +36,7 @@ GNU myserver NEWS -*-
outline -*-
Sockets operations under Windows are now done using gnulib.
Fix the X-Sendfile directive when using keep-alive connections.
-
-
+�
* Noteworthy changes in release 0.9.1
** New features
diff --git a/myserver/documentation/security.texi
b/myserver/documentation/security.texi
index f9235f7..c433d3e 100644
--- a/myserver/documentation/security.texi
+++ b/myserver/documentation/security.texi
@@ -255,3 +255,22 @@ there is need to do like:
Pay attention, if at the same time you want to change the permissions
then you will need to specify them explicitly by the @code{PERMISSION}
command.
+
address@hidden SET_HEADER
+The @code{SET_HEADER} directive specifies a value to be used for the
+response header, for protocols supporting it.
+
+This directive, for HTTP/HTTPS, overwrites default values for the
+response header, anything specified at this stage of the pipeline can be
+modified later by web applications, such as CGIs.
+
+For example, it is possible to specify a directive for caching using
+something like:
+
address@hidden
+<SET_HEADER name="Cache-Control" value="no-store" />
address@hidden example
+
+The server doesn't check how these values are changed and if they can
+cause problems in the protocol flow, it is your responsibility to use
+safe values.
diff --git a/myserver/include/conf/security/security_token.h
b/myserver/include/conf/security/security_token.h
index 1665a93..97e901b 100644
--- a/myserver/include/conf/security/security_token.h
+++ b/myserver/include/conf/security/security_token.h
@@ -46,6 +46,12 @@ enum SECURITY_RING
MYSERVER_SERVER_CONF = (1 << 4),
};
+class SecurityHeaderData
+{
+public:
+ virtual string* setValue (const char *name, const char *in) = 0;
+};
+
class SecurityToken
{
public:
@@ -214,7 +220,20 @@ public:
mimeRecord = mr;
}
+ void setResponseHeaderData (SecurityHeaderData *header)
+ {
+ this->responseHeader = header;
+ }
+
+ SecurityHeaderData *getResponseHeaderData ()
+ {
+ return responseHeader;
+ }
+
private:
+ /*! Protocol specific response header data. */
+ SecurityHeaderData *responseHeader;
+
/*! User to check for. */
string user;
diff --git a/myserver/include/conf/security/xml_validator.h
b/myserver/include/conf/security/xml_validator.h
index c95c3cd..0ccae7e 100644
--- a/myserver/include/conf/security/xml_validator.h
+++ b/myserver/include/conf/security/xml_validator.h
@@ -60,6 +60,9 @@ private:
SecurityToken *st,
HashMap<string, SecurityDomain*> *hashedDomains);
+ void doSetHeader (xmlNodePtr node,
+ SecurityToken *st);
+
void doPermission (xmlNodePtr node,
SecurityToken *st,
HashMap<string, SecurityDomain*> *hashedDomains);
diff --git a/myserver/include/protocol/http/http_header.h
b/myserver/include/protocol/http/http_header.h
index f004b8a..3aeb745 100644
--- a/myserver/include/protocol/http/http_header.h
+++ b/myserver/include/protocol/http/http_header.h
@@ -20,14 +20,18 @@
# define HTTP_HEADER_H
# include "myserver.h"
-
# include <string>
+
+/* Include for SecurityHeaderData. */
+# include <include/conf/security/security_token.h>
+
# include <include/base/hash_map/hash_map.h>
using namespace std;
-struct HttpHeader
+class HttpHeader : public SecurityHeaderData
{
+public:
struct Entry
{
string name;
diff --git a/myserver/src/conf/security/security_token.cpp
b/myserver/src/conf/security/security_token.cpp
index a2a8c83..2d4afbb 100644
--- a/myserver/src/conf/security/security_token.cpp
+++ b/myserver/src/conf/security/security_token.cpp
@@ -53,6 +53,7 @@ void SecurityToken::reset ()
for (;it != values.end (); it++)
delete (*it);
values.clear ();
+ responseHeader = NULL;
}
/*!
diff --git a/myserver/src/conf/security/xml_validator.cpp
b/myserver/src/conf/security/xml_validator.cpp
index e64f03c..1a17f97 100644
--- a/myserver/src/conf/security/xml_validator.cpp
+++ b/myserver/src/conf/security/xml_validator.cpp
@@ -254,31 +254,15 @@ XmlValidator::computeXmlNode (xmlNodePtr node,
if (!node)
return 0;
- xmlNodePtr cur = node->children;
- for (;;)
+ for (xmlNodePtr cur = node->children; cur; cur = cur->next)
{
- if (cur->next == NULL)
- {
- cur = cur->parent;
-
- /* The root is reached. */
- if (cur == node)
- return 1;
-
- /* This should never happen. */
- if (cur == NULL)
- return 0;
- }
- else
- cur = cur->next;
-
if (cur->type != XML_ELEMENT_NODE)
continue;
if (!xmlStrcmp (cur->name, (const xmlChar *) "CONDITION"))
{
if (doCondition (cur, hashedDomains))
- cur = cur->children;
+ computeXmlNode (cur, st, cmd, hashedDomains);
}
else if (!xmlStrcmp (cur->name, (const xmlChar *) "RETURN"))
{
@@ -287,6 +271,8 @@ XmlValidator::computeXmlNode (xmlNodePtr node,
}
else if (!xmlStrcmp (cur->name, (const xmlChar *) "DEFINE"))
doDefine (cur, st, hashedDomains);
+ else if (!xmlStrcmp (cur->name, (const xmlChar *) "SET_HEADER"))
+ doSetHeader (cur, st);
else if (!xmlStrcmp (cur->name, (const xmlChar *) "PERMISSION"))
doPermission (cur, st, hashedDomains);
}
@@ -425,3 +411,35 @@ void XmlValidator::doReturn (xmlNodePtr node, int *cmd,
else
*cmd = 0;
}
+
+/*!
+ Handle a SET_HEADER.
+ */
+void XmlValidator::doSetHeader (xmlNodePtr node, SecurityToken *st)
+{
+ xmlAttr *attrs = node->properties;
+ const char *name = NULL;
+ const char *value = NULL;
+ SecurityHeaderData *headerData = st->getResponseHeaderData ();
+
+ if (headerData == NULL)
+ return;
+
+ while (attrs)
+ {
+ if (!xmlStrcmp (attrs->name, (const xmlChar *) "name") &&
+ attrs->children && attrs->children->content)
+ name = (const char *) attrs->children->content;
+
+ if (!xmlStrcmp (attrs->name, (const xmlChar *) "value") &&
+ attrs->children && attrs->children->content)
+ value = (const char *) attrs->children->content;
+
+ attrs = attrs->next;
+ }
+
+ if (name == NULL || value == NULL)
+ return;
+
+ headerData->setValue (name, value);
+}
diff --git a/myserver/src/protocol/http/http.cpp
b/myserver/src/protocol/http/http.cpp
index 18e1df7..c2f6838 100644
--- a/myserver/src/protocol/http/http.cpp
+++ b/myserver/src/protocol/http/http.cpp
@@ -860,6 +860,8 @@ int Http::controlConnection (ConnectionPtr a, char*, char*,
u_long, u_long,
HttpHeaders::buildDefaultHTTPResponseHeader (&(td->response));
+ td->securityToken.setResponseHeaderData (&td->response);
+
/* Reset the HTTP status once per request. */
td->response.httpStatus = 200;
-----------------------------------------------------------------------
Summary of changes:
myserver/NEWS | 6 ++-
myserver/documentation/security.texi | 19 ++++++++
myserver/include/conf/security/security_token.h | 19 ++++++++
myserver/include/conf/security/xml_validator.h | 3 +
myserver/include/protocol/http/http_header.h | 8 +++-
myserver/src/conf/security/security_token.cpp | 1 +
myserver/src/conf/security/xml_validator.cpp | 54 +++++++++++++++--------
myserver/src/protocol/http/http.cpp | 2 +
8 files changed, 90 insertions(+), 22 deletions(-)
hooks/post-receive
--
GNU MyServer
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [myserver-commit] [SCM] GNU MyServer branch, master, updated. v0.9.2-382-ga31b099,
Giuseppe Scrivano <=