 |
Implement RFC 8615 (Well-Known URIs) and refine access errors - quark - quark w… |
 |
git clone git://git.suckless.org/quark |
 |
Log |
|
Files |
|
Refs |
|
LICENSE |
|
--- |
|
commit 3bd49b24561ce3c7be916ab0abbc78288721ddc4 |
|
parent 660699492fb2275335d24fb26ec3c6529f623af0 |
|
Author: Laslo Hunhold <[email protected]> |
|
Date: Mon, 17 Aug 2020 10:33:55 +0200 |
|
|
|
Implement RFC 8615 (Well-Known URIs) and refine access errors |
|
|
|
We generally rejected any URI that had a path component beginning |
|
with a '.', i.e. a hidden file. RFC 8615 specifies the well-known URI, |
|
which is used, for instance, with the "http-01" challenge type in |
|
acme-client(1) and will probably see more usage in the future. |
|
|
|
To support it, we move the hidden target check after the stat(), so we |
|
don't have to worry about canonicalization of dir-URIs (i.e. missing |
|
trailing '/'). This changes the behaviour a bit, as now quark won't |
|
only send out a 403 whenever a hidden target is requested, but only |
|
if it actually exists, and a 404 otherwise. |
|
|
|
Given the earlier call to normabspath() ensures that our path begins |
|
with a '/', we don't need the first check "realtarget[0] == '.'" |
|
anymore, so it can be removed. |
|
|
|
Thanks to Robert Russell <[email protected]> for reporting |
|
the lack of support of the RFC 8615 in quark. |
|
|
|
Signed-off-by: Laslo Hunhold <[email protected]> |
|
|
|
Diffstat: |
|
M http.c | 14 +++++++++----- |
|
|
|
1 file changed, 9 insertions(+), 5 deletions(-) |
|
--- |
|
diff --git a/http.c b/http.c |
|
@@ -600,11 +600,6 @@ http_send_response(int fd, const struct request *req) |
|
return http_send_status(fd, S_BAD_REQUEST); |
|
} |
|
|
|
- /* reject hidden target */ |
|
- if (realtarget[0] == '.' || strstr(realtarget, "/.")) { |
|
- return http_send_status(fd, S_FORBIDDEN); |
|
- } |
|
- |
|
/* stat the target */ |
|
if (stat(RELPATH(realtarget), &st) < 0) { |
|
return http_send_status(fd, (errno == EACCES) ? |
|
@@ -623,6 +618,15 @@ http_send_response(int fd, const struct request *req) |
|
} |
|
} |
|
|
|
+ /* |
|
+ * reject hidden target, except if it is a well-known URI |
|
+ * according to RFC 8615 |
|
+ */ |
|
+ if (strstr(realtarget, "/.") && strncmp(realtarget, |
|
+ "/.well-known/", sizeof("/.well-known/") - 1)) { |
|
+ return http_send_status(fd, S_FORBIDDEN); |
|
+ } |
|
+ |
|
/* redirect if targets differ, host is non-canonical or we prefixed */ |
|
if (strcmp(req->target, realtarget) || (s.vhost && vhostmatch && |
|
strcmp(req->field[REQ_HOST], vhostmatch))) { |
