Project

General

Profile

Feature #1904 ยป securedownload.diff

Include URL parameters in URL - mimbert, 2009-02-17 15:20

View differences:

src/mod_secure_download.c 2009-02-17 09:24:44.000000000 -0500
38 38
	buffer *uri_prefix;
39 39

  
40 40
	unsigned short timeout;
41
	unsigned short md5_params;
41 42
} plugin_config;
42 43

  
43 44
typedef struct {
......
100 101
		{ "secdownload.document-root",     NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },       /* 1 */
101 102
		{ "secdownload.uri-prefix",        NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },       /* 2 */
102 103
		{ "secdownload.timeout",           NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },        /* 3 */
104
		{ "secdownload.md5-params",        NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION },      /* 4 */
103 105
		{ NULL,                            NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
104 106
	};
105 107

  
......
115 117
		s->doc_root      = buffer_init();
116 118
		s->uri_prefix    = buffer_init();
117 119
		s->timeout       = 60;
120
		s->md5_params    = 0;
118 121

  
119 122
		cv[0].destination = s->secret;
120 123
		cv[1].destination = s->doc_root;
121 124
		cv[2].destination = s->uri_prefix;
122 125
		cv[3].destination = &(s->timeout);
126
		cv[4].destination = &(s->md5_params);
123 127

  
124 128
		p->config_storage[i] = s;
125 129

  
......
166 170
	PATCH(doc_root);
167 171
	PATCH(uri_prefix);
168 172
	PATCH(timeout);
173
	PATCH(md5_params);
169 174

  
170 175
	/* skip the first, the global context */
171 176
	for (i = 1; i < srv->config_context->used; i++) {
......
187 192
				PATCH(uri_prefix);
188 193
			} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.timeout"))) {
189 194
				PATCH(timeout);
195
			} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.md5-params"))) {
196
				PATCH(md5_params);
190 197
			}
191 198
		}
192 199
	}
......
200 207
	plugin_data *p = p_d;
201 208
	MD5_CTX Md5Ctx;
202 209
	HASH HA1;
203
	const char *rel_uri, *ts_str, *md5_str;
210
	const char *rel_uri, *ts_str, *md5_str, *uri_params = NULL;
204 211
	time_t ts = 0;
205 212
	size_t i;
206 213

  
......
243 250
	for (i = 0; i < 8; i++) {
244 251
		ts = (ts << 4) + hex2int(*(ts_str + i));
245 252
	}
253
	
254
	if (con->uri.query->ptr != NULL ) {
255
		uri_params = con->uri.query->ptr;
256
	}
246 257

  
247 258
	/* timed-out */
248 259
	if ( (srv->cur_ts > ts && srv->cur_ts - ts > p->conf.timeout) ||
......
263 274
	buffer_copy_string_buffer(p->md5, p->conf.secret);
264 275
	buffer_append_string(p->md5, rel_uri);
265 276
	buffer_append_string_len(p->md5, ts_str, 8);
277
	
278
	/* Add GET parameters string to signature */
279
	if ((p->conf.md5_params == 1) && (uri_params != NULL)) {
280
		buffer_append_string(p->md5, uri_params);
281
	} 
266 282

  
267 283
	MD5_Init(&Md5Ctx);
268 284
	MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);
    (1-1/1)