mod_userdir.c revision 20be52a1d742b6dad4b799009d70a51522a8f8f1
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
*
* Portions of this software are based upon public domain software
* originally written at the National Center for Supercomputing Applications,
* University of Illinois, Urbana-Champaign.
*/
/*
* mod_userdir... implement the UserDir command. Broken away from the
* Alias stuff for a couple of good and not-so-good reasons:
*
* 1) It shows a real minimal working example of how to do something like
* this.
* 2) I know people who are actually interested in changing this *particular*
* aspect of server functionality without changing the rest of it. That's
* what this whole modular arrangement is supposed to be good at...
*
* Modified by Alexei Kosut to support the following constructs
*
* UserDir public_html -> ~bar/public_html/one/two.html
* NOTE: theses ^ ^ space only added allow it to work in a comment, ignore
* UserDir http://x/users -> (302) http://x/users/bar/one/two.html
* UserDir http://x/ * /y -> (302) http://x/bar/y/one/two.html
* NOTE: here also ^ ^
*
* In addition, you can use multiple entries, to specify alternate
* user directories (a la Directory Index). For example:
*
* UserDir public_html /usr/web http://www.xyz.com/users
*
* Modified by Ken Coar to provide for the following:
*
* UserDir disable[d] username ...
* UserDir enable[d] username ...
*
* If "disabled" has no other arguments, *all* ~<username> references are
* disabled, except those explicitly turned on with the "enabled" keyword.
*/
#define HAVE_UNIX_SUEXEC
#endif
#include "apr_strings.h"
#include "ap_config.h"
#include "httpd.h"
#include "http_config.h"
#include "http_request.h"
#ifdef HAVE_UNIX_SUEXEC
#include "unixd.h" /* Contains the suexec_identity hook used on Unix */
#endif
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
#ifdef HAVE_STRINGS_H
#include <strings.h>
#endif
/* The default directory in user's home dir */
#ifndef DEFAULT_USER_DIR
#define DEFAULT_USER_DIR "public_html"
#endif
typedef struct userdir_config {
int globally_disabled;
char *userdir;
/*
* Server config for this module: global disablement flag, a list of usernames
* ineligible for UserDir access, a list of those immune to global (but not
* explicit) disablement, and the replacement string for all others.
*/
{
newcfg->globally_disabled = 0;
return (void *) newcfg;
}
#define O_DEFAULT 0
#define O_ENABLE 1
#define O_DISABLE 2
{
(
);
char *username;
const char
/*
* Let's do the comparisons once.
*/
/*
* If there are no usernames specified, this is a global disable - we
* need do no more at this point than record the fact.
*/
return NULL;
}
}
/*
* The "disable" keyword can stand alone or take a list of names, but
* the "enable" keyword requires the list. Whinge if it doesn't have
* it.
*/
return "UserDir \"enable\" keyword requires a list of usernames";
}
}
else {
/*
* If the first (only?) value isn't one of our keywords, just copy
* the string to the userdir string.
*/
return NULL;
}
/*
* Now we just take each word in turn from the command line and add it to
* the appropriate table.
*/
while (*usernames) {
}
return NULL;
}
static const command_rec userdir_cmds[] = {
"the public subdirectory in users' home directories, or "
"'disabled', or 'disabled username username...', or "
"'enabled username username...'"),
{NULL}
};
static int translate_userdir(request_rec *r)
{
const userdir_config *s_cfg =
const char *w, *dname;
char *redirect;
char *x = NULL;
/*
* If the URI doesn't match our basic pattern, we've nothing to do with
* it.
*/
if (
(name[0] != '/') ||
) {
return DECLINED;
}
/*
* The 'dname' funny business involves backing it up to capture the '/'
* delimiting the "/~user" part from the rest of the URL, in case there
* was one (the case where there wasn't being just "GET /~user HTTP/1.0",
* for which we don't want to tack on a '/' onto the filename).
*/
--dname;
}
/*
* If there's no username, it's not for us. Ignore . and .. as well.
*/
if (w[0] == '\0' || (w[1] == '.' && (w[2] == '\0' || (w[2] == '.' && w[3] == '\0')))) {
return DECLINED;
}
/*
* Nor if there's an username but it's in the disabled list.
*/
return DECLINED;
}
/*
* If there's a global interdiction on UserDirs, check to see if this
* name is one of the Blessed.
*/
if (
) {
return DECLINED;
}
/*
* Special cases all checked, onward to normal substitution processing.
*/
while (*userdirs) {
if (x) {
#ifdef HAVE_DRIVE_LETTERS
/*
* Crummy hack. Need to figure out whether we have been
* redirected to a URL or to a file on some drive. Since I
* know of no protocols that are a single letter, ignore
* a : as the first or second character, and assume a file
* was specified
*
* XXX: Still no good for NETWARE, since : is embedded (sys:/home)
*/
#else
if (strchr(x, ':'))
#endif /* HAVE_DRIVE_LETTERS */
{
return HTTP_MOVED_TEMPORARILY;
}
else
}
else
}
return HTTP_MOVED_TEMPORARILY;
}
else {
#ifdef WIN32
/* Need to figure out home dirs on NT */
return DECLINED;
#else /* WIN32 */
#ifdef OS2
/* Need to manually add user name for OS/2 */
#else
#endif
}
#endif /* WIN32 */
}
/*
* Now see if it exists, or we're at the last entry. If we are at the
* last entry, then use the filename generated (if there is one)
* anyway, in the hope that some handler might handle it. This can be
* used, for example, to run a CGI script for the user.
*/
/* when statbuf contains info on r->filename we can save a syscall
* by copying it to r->finfo
*/
/* For use in the get_suexec_identity phase */
return OK;
}
}
return DECLINED;
}
#ifdef HAVE_UNIX_SUEXEC
{
return NULL;
}
return NULL;
}
return ugid;
}
#endif /* HAVE_UNIX_SUEXEC */
static void register_hooks(void)
{
#ifdef HAVE_UNIX_SUEXEC
#endif
}
module userdir_module = {
NULL, /* dir config creater */
NULL, /* dir merger --- default is to override */
create_userdir_config, /* server config */
NULL, /* merge server config */
userdir_cmds, /* command apr_table_t */
NULL, /* handlers */
register_hooks /* register hooks */
};