securedownload.diff - Lighttpd - lighty labs

Feature #1904 » securedownload.diff

Include URL parameters in URL - mimbert, 2009-02-17 15:20

     	buffer *uri_prefix;
     	unsigned short timeout;
     	unsigned short md5_params;
     } plugin_config;
     typedef struct {
-...
     		{ "secdownload.document-root",     NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },       /* 1 */
     		{ "secdownload.uri-prefix",        NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },       /* 2 */
     		{ "secdownload.timeout",           NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },        /* 3 */
     		{ "secdownload.md5-params",        NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION },      /* 4 */
     		{ NULL,                            NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
     	};
-...
     		s->doc_root      = buffer_init();
     		s->uri_prefix    = buffer_init();
     		s->timeout       = 60;
     		s->md5_params    = 0;
     		cv[0].destination = s->secret;
     		cv[1].destination = s->doc_root;
     		cv[2].destination = s->uri_prefix;
     		cv[3].destination = &(s->timeout);
     		cv[4].destination = &(s->md5_params);
     		p->config_storage[i] = s;
-...
     	PATCH(doc_root);
     	PATCH(uri_prefix);
     	PATCH(timeout);
     	PATCH(md5_params);
     	/* skip the first, the global context */
     	for (i = 1; i < srv->config_context->used; i++) {
-...
     				PATCH(uri_prefix);
     			} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.timeout"))) {
     				PATCH(timeout);
     			} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("secdownload.md5-params"))) {
     				PATCH(md5_params);
+    			}
+    		}
+    	}
-...
     	plugin_data *p = p_d;
     	MD5_CTX Md5Ctx;
     	HASH HA1;
     	const char *rel_uri, *ts_str, *md5_str;
     	const char *rel_uri, *ts_str, *md5_str, *uri_params = NULL;
     	time_t ts = 0;
     	size_t i;
-...
     	for (i = 0; i < 8; i++) {
     		ts = (ts << 4) + hex2int(*(ts_str + i));
+    	}
     	if (con->uri.query->ptr != NULL ) {
     		uri_params = con->uri.query->ptr;
+    	}
     	/* timed-out */
     	if ( (srv->cur_ts > ts && srv->cur_ts - ts > p->conf.timeout) ||
-...
     	buffer_copy_string_buffer(p->md5, p->conf.secret);
     	buffer_append_string(p->md5, rel_uri);
     	buffer_append_string_len(p->md5, ts_str, 8);
     	/* Add GET parameters string to signature */
     	if ((p->conf.md5_params == 1) && (uri_params != NULL)) {
     		buffer_append_string(p->md5, uri_params);
+    	}
     	MD5_Init(&Md5Ctx);
     	MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);

(1-1/1)

Project

General

Profile

Lighttpd

Feature #1904 » securedownload.diff