mirror of
https://github.com/gophernicus/gophernicus.git
synced 2024-10-27 05:20:18 -04:00
Merge remote-tracking branch 'upstream/master' into exec-map-leak
This commit is contained in:
Edd Barrett
commit
1e5456cc73
6
Makefile
6
Makefile
@ -9,9 +9,9 @@ NAME = gophernicus
|
|||||||
PACKAGE = $(NAME)
|
PACKAGE = $(NAME)
|
||||||
BINARY = in.$(NAME)
|
BINARY = in.$(NAME)
|
||||||
VERSION = `./version`
|
VERSION = `./version`
|
||||||
CODENAME = Prison Edition
|
CODENAME = Dungeon Edition
|
||||||
AUTHOR = Kim Holviala
|
AUTHOR = Kim Holviala and others
|
||||||
EMAIL = kimholviala@fastmail.com
|
EMAIL = hb9kns+gophernicus@gmail.com
|
||||||
STARTED = 2009
|
STARTED = 2009
|
||||||
|
|
||||||
SOURCES = $(NAME).c file.c menu.c string.c platform.c session.c options.c
|
SOURCES = $(NAME).c file.c menu.c string.c platform.c session.c options.c
|
||||||
|
|||||||
5
README
5
README
@ -1,4 +1,4 @@
|
|||||||
Gophernicus - Copyright (c) 2009-2018 Kim Holviala <kimholviala@fastmail.com>
|
Gophernicus - Copyright (c) 2009-2019 Kim Holviala and others
|
||||||
|
|
||||||
Gophernicus is a modern full-featured (and hopefully) secure gopher
|
Gophernicus is a modern full-featured (and hopefully) secure gopher
|
||||||
daemon. It is licensed under the BSD license.
|
daemon. It is licensed under the BSD license.
|
||||||
@ -44,6 +44,7 @@ Command line options:
|
|||||||
-nm Disable shared memory use (for debugging)
|
-nm Disable shared memory use (for debugging)
|
||||||
-nr Disable root user checking (for debugging)
|
-nr Disable root user checking (for debugging)
|
||||||
-np Disable HAproxy proxy protocol
|
-np Disable HAproxy proxy protocol
|
||||||
|
-nx Disable execution of gophermaps and scripts
|
||||||
|
|
||||||
-d Debug output in syslog and /server-status
|
-d Debug output in syslog and /server-status
|
||||||
-v Display version number and build date
|
-v Display version number and build date
|
||||||
@ -288,5 +289,3 @@ service = in.gophernicus-tls
|
|||||||
accept = :::7070
|
accept = :::7070
|
||||||
connect = 127.0.0.1:70
|
connect = 127.0.0.1:70
|
||||||
protocol = proxy
|
protocol = proxy
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
4
file.c
4
file.c
@ -366,11 +366,15 @@ void setenv_cgi(state *st, char *script)
|
|||||||
*/
|
*/
|
||||||
void run_cgi(state *st, char *script, char *arg)
|
void run_cgi(state *st, char *script, char *arg)
|
||||||
{
|
{
|
||||||
|
if (st->opt_exec) {
|
||||||
|
|
||||||
/* Setup environment & execute the binary */
|
/* Setup environment & execute the binary */
|
||||||
if (st->debug) syslog(LOG_INFO, "executing script \"%s\"", script);
|
if (st->debug) syslog(LOG_INFO, "executing script \"%s\"", script);
|
||||||
|
|
||||||
setenv_cgi(st, script);
|
setenv_cgi(st, script);
|
||||||
execl(script, script, arg, NULL);
|
execl(script, script, arg, NULL);
|
||||||
|
}
|
||||||
|
else if (st->debug) syslog(LOG_INFO, "script \"%s\" was blocked by -nx", script);
|
||||||
|
|
||||||
/* Didn't work - die */
|
/* Didn't work - die */
|
||||||
die(st, ERR_ACCESS, NULL);
|
die(st, ERR_ACCESS, NULL);
|
||||||
|
|||||||
@ -463,6 +463,7 @@ void init_state(state *st)
|
|||||||
st->opt_shm = TRUE;
|
st->opt_shm = TRUE;
|
||||||
st->opt_root = TRUE;
|
st->opt_root = TRUE;
|
||||||
st->opt_proxy = TRUE;
|
st->opt_proxy = TRUE;
|
||||||
|
st->opt_exec = TRUE;
|
||||||
st->debug = FALSE;
|
st->debug = FALSE;
|
||||||
|
|
||||||
/* Load default suffix -> filetype mappings */
|
/* Load default suffix -> filetype mappings */
|
||||||
|
|||||||
@ -359,6 +359,7 @@ typedef struct {
|
|||||||
char opt_shm;
|
char opt_shm;
|
||||||
char opt_root;
|
char opt_root;
|
||||||
char opt_proxy;
|
char opt_proxy;
|
||||||
|
char opt_exec;
|
||||||
char debug;
|
char debug;
|
||||||
} state;
|
} state;
|
||||||
|
|
||||||
|
|||||||
11
menu.c
11
menu.c
@ -306,12 +306,17 @@ int gophermap(state *st, char *mapfile, int depth)
|
|||||||
|
|
||||||
/* Debug output */
|
/* Debug output */
|
||||||
if (st->debug) {
|
if (st->debug) {
|
||||||
if (exe) syslog(LOG_INFO, "parsing executable gophermap \"%s\"", mapfile);
|
if (exe) {
|
||||||
|
if (st->opt_exec)
|
||||||
|
syslog(LOG_INFO, "parsing executable gophermap \"%s\"", mapfile);
|
||||||
|
else
|
||||||
|
syslog(LOG_INFO, "parsing executable gophermap \"%s\" forbidden by -nx", mapfile);
|
||||||
|
}
|
||||||
else syslog(LOG_INFO, "parsing static gophermap \"%s\"", mapfile);
|
else syslog(LOG_INFO, "parsing static gophermap \"%s\"", mapfile);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Try to execute or open the mapfile */
|
/* Try to execute or open the mapfile */
|
||||||
if (exe) {
|
if (exe & st->opt_exec) {
|
||||||
#ifdef HAVE_POPEN
|
#ifdef HAVE_POPEN
|
||||||
setenv_cgi(st, mapfile);
|
setenv_cgi(st, mapfile);
|
||||||
if ((fp = popen(command, "r")) == NULL) return OK;
|
if ((fp = popen(command, "r")) == NULL) return OK;
|
||||||
@ -428,7 +433,7 @@ int gophermap(state *st, char *mapfile, int depth)
|
|||||||
|
|
||||||
/* Clean up & return */
|
/* Clean up & return */
|
||||||
#ifdef HAVE_POPEN
|
#ifdef HAVE_POPEN
|
||||||
if (exe) pclose(fp);
|
if (exe & st->opt_exec) pclose(fp);
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
fclose(fp);
|
fclose(fp);
|
||||||
|
|||||||
@ -144,6 +144,7 @@ void parse_args(state *st, int argc, char *argv[])
|
|||||||
if (*optarg == 'm') { st->opt_shm = FALSE; break; }
|
if (*optarg == 'm') { st->opt_shm = FALSE; break; }
|
||||||
if (*optarg == 'r') { st->opt_root = FALSE; break; }
|
if (*optarg == 'r') { st->opt_root = FALSE; break; }
|
||||||
if (*optarg == 'p') { st->opt_proxy = FALSE; break; }
|
if (*optarg == 'p') { st->opt_proxy = FALSE; break; }
|
||||||
|
if (*optarg == 'x') { st->opt_exec = FALSE; break; }
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'd': st->debug = TRUE; break;
|
case 'd': st->debug = TRUE; break;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user