lighttpd 1.4.x https://www.lighttpd.net/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

319 lines
7.6 KiB

#include "base.h"
#include "log.h"
#include "buffer.h"
#include "plugin.h"
#include <ctype.h>
#include <stdlib.h>
#include <string.h>
#ifdef USE_OPENSSL
#include <openssl/sha.h>
#endif
#include "md5.h"
#define HASHLEN 16
typedef unsigned char HASH[HASHLEN];
#define HASHHEXLEN 32
typedef char HASHHEX[HASHHEXLEN+1];
#ifdef USE_OPENSSL
#define IN const
#else
#define IN
#endif
#define OUT
/* plugin config for all request/connections */
typedef struct {
buffer *doc_root;
buffer *secret;
buffer *uri_prefix;
unsigned int timeout;
} plugin_config;
typedef struct {
PLUGIN_DATA;
buffer *md5;
plugin_config **config_storage;
plugin_config conf;
} plugin_data;
static int const_time_memeq(const char *a, const char *b, size_t len) {
/* constant time memory compare, unless the compiler figures it out */
char diff = 0;
size_t i;
for (i = 0; i < len; ++i) {
diff |= (a[i] ^ b[i]);
}
return 0 == diff;
}
/* init the plugin data */
INIT_FUNC(mod_secdownload_init) {
plugin_data *p;
p = calloc(1, sizeof(*p));
p->md5 = buffer_init();
return p;
}
/* detroy the plugin data */
FREE_FUNC(mod_secdownload_free) {
plugin_data *p = p_d;
UNUSED(srv);
if (!p) return HANDLER_GO_ON;
if (p->config_storage) {
size_t i;
for (i = 0; i < srv->config_context->used; i++) {
plugin_config *s = p->config_storage[i];
if (NULL == s) continue;
buffer_free(s->secret);
buffer_free(s->doc_root);
buffer_free(s->uri_prefix);
free(s);
}
free(p->config_storage);
}
buffer_free(p->md5);
free(p);
return HANDLER_GO_ON;
}
/* handle plugin config and check values */
SETDEFAULTS_FUNC(mod_secdownload_set_defaults) {
plugin_data *p = p_d;
size_t i = 0;
config_values_t cv[] = {
{ "secdownload.secret", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
{ "secdownload.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
{ "secdownload.uri-prefix", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
{ "secdownload.timeout", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
{ NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
};
if (!p) return HANDLER_ERROR;
p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
for (i = 0; i < srv->config_context->used; i++) {
data_config const* config = (data_config const*)srv->config_context->data[i];
plugin_config *s;
s = calloc(1, sizeof(plugin_config));
s->secret = buffer_init();
s->doc_root = buffer_init();
s->uri_prefix = buffer_init();
s->timeout = 60;
cv[0].destination = s->secret;
cv[1].destination = s->doc_root;
cv[2].destination = s->uri_prefix;
cv[3].destination = &(s->timeout);
p->config_storage[i] = s;
if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) {
return HANDLER_ERROR;
}
}
return HANDLER_GO_ON;
}
/**
* checks if the supplied string is a MD5 string
*
* @param str a possible MD5 string
* @return if the supplied string is a valid MD5 string 1 is returned otherwise 0
*/
static int is_hex_len(const char *str, size_t len) {
size_t i;
if (NULL == str) return 0;
for (i = 0; i < len && *str; i++, str++) {
/* illegal characters */
if (!((*str >= '0' && *str <= '9') ||
(*str >= 'a' && *str <= 'f') ||
(*str >= 'A' && *str <= 'F'))
) {
return 0;
}
}
return i == len;
}
#define PATCH(x) \
p->conf.x = s->x;
static int mod_secdownload_patch_connection(server *srv, connection *con, plugin_data *p) {
size_t i, j;
plugin_config *s = p->config_storage[0];
PATCH(secret);
PATCH(doc_root);
PATCH(uri_prefix);
PATCH(timeout);
/* skip the first, the global context */
for (i = 1; i < srv->config_context->used; i++) {
data_config *dc = (data_config *)srv->config_context->data[i];
s = p->config_storage[i];
/* condition didn't match */
if (!config_check_cond(srv, con, dc)) continue;
/* merge config */
for (j = 0; j < dc->value->used; j++) {
data_unset *du = dc->value->data[j];
if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.secret"))) {
PATCH(secret);
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.document-root"))) {
PATCH(doc_root);
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.uri-prefix"))) {
PATCH(uri_prefix);
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.timeout"))) {
PATCH(timeout);
}
}
}
return 0;
}
#undef PATCH
URIHANDLER_FUNC(mod_secdownload_uri_handler) {
plugin_data *p = p_d;
li_MD5_CTX Md5Ctx;
HASH HA1;
const char *rel_uri, *ts_str, *md5_str;
time_t ts = 0;
size_t i;
if (con->mode != DIRECT) return HANDLER_GO_ON;
if (buffer_is_empty(con->uri.path)) return HANDLER_GO_ON;
mod_secdownload_patch_connection(srv, con, p);
if (buffer_is_empty(p->conf.uri_prefix)) return HANDLER_GO_ON;
if (buffer_string_is_empty(p->conf.secret)) {
log_error_write(srv, __FILE__, __LINE__, "s",
"secdownload.secret has to be set");
return HANDLER_ERROR;
}
if (buffer_string_is_empty(p->conf.doc_root)) {
log_error_write(srv, __FILE__, __LINE__, "s",
"secdownload.document-root has to be set");
return HANDLER_ERROR;
}
/*
* /<uri-prefix>[a-f0-9]{32}/[a-f0-9]{8}/<rel-path>
*/
if (0 != strncmp(con->uri.path->ptr, p->conf.uri_prefix->ptr, buffer_string_length(p->conf.uri_prefix))) return HANDLER_GO_ON;
md5_str = con->uri.path->ptr + buffer_string_length(p->conf.uri_prefix);
if (!is_hex_len(md5_str, 32)) return HANDLER_GO_ON;
if (*(md5_str + 32) != '/') return HANDLER_GO_ON;
ts_str = md5_str + 32 + 1;
if (!is_hex_len(ts_str, 8)) return HANDLER_GO_ON;
if (*(ts_str + 8) != '/') return HANDLER_GO_ON;
for (i = 0; i < 8; i++) {
ts = (ts << 4) + hex2int(ts_str[i]);
}
/* timed-out */
if ( (srv->cur_ts > ts && (unsigned int) (srv->cur_ts - ts) > p->conf.timeout) ||
(srv->cur_ts < ts && (unsigned int) (ts - srv->cur_ts) > p->conf.timeout) ) {
/* "Gone" as the url will never be valid again instead of "408 - Timeout" where the request may be repeated */
con->http_status = 410;
return HANDLER_FINISHED;
}
rel_uri = ts_str + 8;
/* checking MD5
*
* <secret><rel-path><timestamp-hex>
*/
buffer_copy_buffer(p->md5, p->conf.secret);
buffer_append_string(p->md5, rel_uri);
buffer_append_string_len(p->md5, ts_str, 8);
li_MD5_Init(&Md5Ctx);
li_MD5_Update(&Md5Ctx, CONST_BUF_LEN(p->md5));
li_MD5_Final(HA1, &Md5Ctx);
buffer_copy_string_hex(p->md5, (char *)HA1, 16);
if (!const_time_memeq(md5_str, p->md5->ptr, 32)) {
con->http_status = 403;
log_error_write(srv, __FILE__, __LINE__, "sss",
"md5 invalid:",
md5_str, p->md5->ptr);
return HANDLER_FINISHED;
}
/* starting with the last / we should have relative-path to the docroot
*/
buffer_copy_buffer(con->physical.doc_root, p->conf.doc_root);
buffer_copy_buffer(con->physical.basedir, p->conf.doc_root);
buffer_copy_string(con->physical.rel_path, rel_uri);
buffer_copy_buffer(con->physical.path, con->physical.doc_root);
buffer_append_string_buffer(con->physical.path, con->physical.rel_path);
return HANDLER_GO_ON;
}
/* this function is called at dlopen() time and inits the callbacks */
int mod_secdownload_plugin_init(plugin *p);
int mod_secdownload_plugin_init(plugin *p) {
p->version = LIGHTTPD_VERSION_ID;
p->name = buffer_init_string("secdownload");
p->init = mod_secdownload_init;
p->handle_physical = mod_secdownload_uri_handler;
p->set_defaults = mod_secdownload_set_defaults;
p->cleanup = mod_secdownload_free;
p->data = NULL;
return 0;
}