[Fedora-directory-commits] dsgw Makefile.am, 1.5, 1.6 auth.c, 1.1.1.1, 1.2 cgiutil.c, 1.1.1.1, 1.2 config.c, 1.3, 1.4 csearch.c, 1.1.1.1, 1.2 dnedit.c, 1.1.1.1, 1.2 dosearch.c, 1.1.1.1, 1.2 dsgw-httpd.conf.in, 1.3, 1.4 dsgw.h, 1.3, 1.4 dsgwgetlang.c, 1.2, 1.3 dsgwutil.c, 1.3, 1.4 edit.c, 1.1.1.1, 1.2 emitf.c, 1.1.1.1, 1.2 error.c, 1.1.1.1, 1.2 htmlout.c, 1.1.1.1, 1.2 htmlparse.c, 1.1.1.1, 1.2 lang.c, 1.1.1.1, 1.2 newentry.c, 1.1.1.1, 1.2 search.c, 1.1.1.1, 1.2 tutor.c, 1.1.1.1, 1.2 unauth.c, 1.1.1.1, 1.2 utf8compare.c, 1.1.1.1, 1.2 aclocal.m4, 1.2, 1.3 configure, 1.5, 1.6 missing, 1.1.1.1, 1.2 install-sh, 1.1.1.1, 1.2 depcomp, 1.1.1.1, 1.2 config.sub, 1.1, 1.2 config.guess, 1.1, 1.2 compile, 1.1, 1.2 Makefile.in, 1.5, 1.6
Richard Allen Megginson (rmeggins)
fedora-directory-commits at redhat.com
Mon Jan 14 22:58:32 UTC 2008
Author: rmeggins
Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9445/dsgw
Modified Files:
Makefile.am auth.c cgiutil.c config.c csearch.c dnedit.c
dosearch.c dsgw-httpd.conf.in dsgw.h dsgwgetlang.c dsgwutil.c
edit.c emitf.c error.c htmlout.c htmlparse.c lang.c newentry.c
search.c tutor.c unauth.c utf8compare.c aclocal.m4 configure
missing install-sh depcomp config.sub config.guess compile
Makefile.in
Log Message:
Initial pass at using adminutil for CGI code
Fix resource file usage
Add uri mappings for legacy urls
Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- Makefile.am 14 Jan 2008 22:31:17 -0000 1.5
+++ Makefile.am 14 Jan 2008 22:58:30 -0000 1.6
@@ -180,9 +180,9 @@
#nodist_context_SCRIPTS = setup-dirsrv-gw
# add more here for localized bundles
-nodist_property_DATA = dsgw_root.res
+nodist_property_DATA = root.res en.res en_US.res
-MOSTLYCLEANFILES = dsgw.conf dsgw_root.res dsgw.properties setup dsgw-httpd.conf
+MOSTLYCLEANFILES = dsgw.conf root.res dsgw.properties setup dsgw-httpd.conf en.res en_US.res
# Resource Bundle Compiler
if WINNT
@@ -194,13 +194,13 @@
# The root resource bundle is based on English (en) locale;
# This bundle must be always distributed and there is no need to have
# *_en.properties resource bundle source files.
-RESOURCE_BUNDLES_ROOT = dsgw_root.res
+RESOURCE_BUNDLES_ROOT = root.res
# French resource bundles (for the French localization in the future)
-RESOURCE_BUNDLES_FR = dsgw_fr.res
+RESOURCE_BUNDLES_FR = fr.res
# German resource bundles (for the German localization in the future)
-RESOURCE_BUNDLES_DE = dsgw_de.res
+RESOURCE_BUNDLES_DE = de.res
# By default create only the default root bundle (english).
# Other locales should be created during the localization process.
@@ -212,14 +212,17 @@
dsgw.properties: ./propmaker dbtdsgw.h
./propmaker $@
-dsgw_root.res : dsgw.properties
- $(ICU_GENRB) -s. -d. --encoding 8859-1 --package-name dsgw $+
+root.res : dsgw.properties
+ $(ICU_GENRB) -s. -d. --encoding 8859-1 $+
-%_fr.res : %_fr.properties
- $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+
+fr.res : fr.properties
+ $(ICU_GENRB) -s. -d. --encoding 8859-2 $+
-%_de.res : %_de.properties
- $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+
+de.res : de.properties
+ $(ICU_GENRB) -s. -d. --encoding 8859-2 $+
+
+en.res en_US.res : root.res
+ cp -p $< $@
# these are for the config files and scripts that we need to generate and replace
# the paths and other tokens with the real values set during configure/make
Index: auth.c
===================================================================
RCS file: /cvs/dirsec/dsgw/auth.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- auth.c 1 Jun 2006 19:43:39 -0000 1.1.1.1
+++ auth.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -54,31 +54,6 @@
) {
int reqmethod;
char *binddn = NULL;
- char *qs = NULL;
-
- if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
- /* parse the query string: */
- auto char *p, *iter = NULL;
- qs = dsgw_ch_strdup( qs );
- for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL;
- p = ldap_utf8strtok_r( NULL, "&", &iter )) {
-
- /*Get the context.*/
- if ( !strncasecmp( p, "context=", 8 )) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- continue;
- }
-
- /*Get the dn*/
- if ( !strncasecmp( p, "dn=", 3 )) {
- binddn = dsgw_ch_strdup( p + 3 );
- dsgw_form_unescape( binddn );
- continue;
- }
- }
- free( qs ); qs = NULL;
- }
reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET );
@@ -89,6 +64,7 @@
if ( reqmethod == DSGW_METHOD_POST ) {
post_request();
} else {
+ binddn = dsgw_get_cgi_var("dn", DSGW_CGIVAR_OPTIONAL);
get_request(binddn);
}
Index: cgiutil.c
===================================================================
RCS file: /cvs/dirsec/dsgw/cgiutil.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- cgiutil.c 1 Jun 2006 19:43:44 -0000 1.1.1.1
+++ cgiutil.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -35,6 +35,15 @@
* Copyright (C) 2005 Red Hat, Inc.
* All rights reserved.
--- END COPYRIGHT BLOCK --- */
+
+/*
+ emacs settings
+ Local Variables:
+ indent-tabs-mode: t
+ tab-width: 8
+ End:
+*/
+
/*
* cgiutil.c -- CGI-related utility functions -- HTTP gateway
*
@@ -49,12 +58,6 @@
#include <unicode/ucnv.h>
#include <unicode/ustring.h>
-/* globals */
-static char **formvars = NULL;
-
-/* functions */
-static char **dsgw_string_to_vec(char *in);
-
static void
dsgw_vec_convert (char** vec)
/* Convert input from the charset named in it (if any) to UTF_8.
@@ -135,8 +138,8 @@
int
dsgw_post_begin(FILE *in)
{
- char *ct, *vars = NULL, *tmp = NULL;
- int cl;
+ char *ct, *tmp = NULL;
+ char **vars = NULL;
if (( ct = getenv( "CONTENT_TYPE" )) == NULL ||
strcasecmp( ct, "application/x-www-form-urlencoded" ) != 0 ||
@@ -144,26 +147,20 @@
return( DSGW_ERR_BADFORMDATA );
}
- cl = atoi(tmp);
-
- vars = (char *)dsgw_ch_malloc(cl+1);
-
- if ( fread(vars, 1, cl, in) != cl ) {
+ if (0 != post_begin(in)) {
return( DSGW_ERR_BADFORMDATA );
}
- vars[cl] = '\0';
#ifdef DSGW_DEBUG
dsgw_log ("vars=\"%s\"\n", vars);
#endif
- formvars = dsgw_string_to_vec (vars);
- free( vars );
- dsgw_vec_convert (formvars);
+ vars = get_input_ptr();
+ dsgw_vec_convert (vars); /* convert to utf8 */
#ifdef DSGW_DEBUG
- dsgw_logstringarray( "formvars", formvars );
+ dsgw_logstringarray( "formvars", vars );
if (0) {
- char** var = formvars;
+ char** var = vars;
if (var) {
printf ("Content-type: text/html;charset=UTF-8\n\n<HTML><BODY>\n");
for (; *var; ++var) {
@@ -178,37 +175,27 @@
return( 0 );
}
+void
+dsgw_get_begin(char *qs)
+{
+ char **vars = NULL;
+
+ get_begin(qs);
+ vars = get_input_ptr();
+ dsgw_vec_convert (vars); /* convert to utf8 */
+
+ return;
+}
+
/* Unescape the %xx variables as they're sent in. */
void
dsgw_form_unescape(char *str)
{
- register int x = 0, y = 0;
- int l = strlen(str);
- char digit;
-
- while(x < l) {
- if((str[x] == '%') && (x < (l - 2))) {
- ++x;
- digit = (str[x] >= 'A' ?
- ((str[x] & 0xdf) - 'A')+10 : (str[x] - '0'));
- digit *= 16;
-
- ++x;
- digit += (str[x] >= 'A' ?
- ((str[x] & 0xdf) - 'A')+10 : (str[x] - '0'));
-
- str[y] = digit;
- }
- else if(str[x] == '+') {
- str[y] = ' ';
- } else {
- str[y] = str[x];
- }
- x++;
- y++;
- }
- str[y] = '\0';
+ /* this is now a no-op - get/post_begin already unescapes
+ the values - we must use get/post_begin rather than
+ parsing URL/post arguments */
+ return;
}
@@ -216,22 +203,11 @@
char *
dsgw_get_cgi_var(char *varname, int required)
{
- register int x = 0;
- int len = strlen(varname);
- char *ans = NULL;
-
- while(formvars != NULL && formvars[x]) {
- /* We want to get rid of the =, so len, len+1 */
- if((!strncmp(formvars[x], varname, len)) &&
- (*(formvars[x]+len) == '=')) {
- ans = dsgw_ch_strdup(formvars[x] + len + 1);
- if(!strcmp(ans, "")) {
- free(ans);
- ans = NULL;
- }
- break;
- } else
- x++;
+ char *ans = get_cgi_var(varname, NULL, NULL);
+ if (!ans) { /* try all uppercase varname */
+ char *upvarname = dsgw_utf8StrToUpper(varname);
+ ans = get_cgi_var(upvarname, NULL, NULL);
+ PL_strfree(upvarname);
}
if ( required == DSGW_CGIVAR_REQUIRED && ans == NULL ) {
@@ -311,43 +287,6 @@
}
-/* Convert the input from stdin to a usable variable vector. */
-static char **
-dsgw_string_to_vec(char *in)
-{
- char **ans;
- int vars = 0;
- register int x = 0;
- char *tmp;
-
- while(in[x])
- if(in[x++]=='=')
- vars++;
-
- ans = (char **) dsgw_ch_malloc((sizeof(char *)) * (vars+1));
- if (ans) {
- x=0;
- /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */
- tmp = strtok(in, "&");
- if (tmp && *tmp && strchr(tmp, '=')) {
- ans[x]=dsgw_ch_strdup(tmp);
- dsgw_form_unescape(ans[x++]);
-
- while((x <= vars) && (tmp = strtok(NULL, "&"))) {
- if ( strchr( tmp, '=' ) == NULL ) {
- break;
- }
- ans[x] = dsgw_ch_strdup(tmp);
- dsgw_form_unescape(ans[x++]);
- }
- }
- ans[x] = NULL;
- }
-
- return(ans);
-}
-
-
/*
* Step through all the CGI POSTed variables. A malloc'd copy of the variable
* name is returned and *valuep is set to point to the value (not malloc'd).
@@ -361,6 +300,7 @@
{
char *name;
int namelen;
+ char **formvars = get_input_ptr();
if ( formvars == NULL || formvars[ *indexp ] == NULL ) {
return( NULL );
Index: config.c
===================================================================
RCS file: /cvs/dirsec/dsgw/config.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- config.c 14 Jan 2008 22:31:17 -0000 1.3
+++ config.c 14 Jan 2008 22:58:30 -0000 1.4
@@ -35,8 +35,9 @@
* Copyright (C) 2005 Red Hat, Inc.
* All rights reserved.
--- END COPYRIGHT BLOCK --- */
+
/*
- * config.c -- parse config file for directory server gateway
+ * Config.c -- parse config file for directory server gateway
*/
@@ -119,7 +120,6 @@
gc->gc_docdir = DSGW_DOCDIR_HTTP;
gc->gc_tmpldir = DSGW_TMPLDIR_HTTP; /* may be overridden below */
gc->gc_urlpfxmain = DSGW_URLPREFIX_MAIN_HTTP; /* may be overridden below */
- /*gc->gc_urlpfxcgi = DSGW_URLPREFIX_CGI_HTTP;*/
gc->gc_urlpfxcgi = CGIURIBASE; /* may be overridden below */
gc->gc_binddn = gc->gc_bindpw = "";
gc->gc_charset = NULL; /* implicitly ISO-8859-1 */
@@ -216,21 +216,17 @@
fname = dsgw_ch_malloc( len+MAXPATHLEN );
if ( GetFileForLanguage( path, gc->gc_ClientLanguage, fname ) < 0 ) {
if (context == NULL) {
- PR_snprintf( fname, len+MAXPATHLEN, "%s%s", DSGW_CONFIGDIR_HTTP,
+ PR_snprintf( fname, len+MAXPATHLEN, "%s/%s", DSGW_CONFIGDIR_HTTP,
DSGW_CONFIGFILE);
} else {
- PR_snprintf( fname, len+MAXPATHLEN, "%s%s.conf",
+ PR_snprintf( fname, len+MAXPATHLEN, "%s/%s.conf",
DSGW_CONTEXTDIR_HTTP, context);
}
}
free( path );
if (context != NULL) {
- char urlpfx[MAXPATHLEN];
- /*set the urlpfxmain to be "lang?context=CONTEXT&file="*/
- /*sprintf(urlpfx, "%slang?context=%s&file=", DSGW_URLPREFIX_CGI_HTTP, context);*/
- PR_snprintf(urlpfx, MAXPATHLEN, "%s?context=%s&file=", dsgw_getvp(DSGW_CGINUM_LANG), context);
- gc->gc_urlpfxmain = dsgw_ch_strdup( urlpfx );
+ gc->gc_urlpfxmain = PR_smprintf("%s?context=%s&file=", dsgw_getvp(DSGW_CGINUM_LANG), context);
}
read_dsgwconfig( fname, NULL, gc->gc_admserv, 0 );
@@ -1197,7 +1193,7 @@
* Description: context is the name of the config file
* that is passed into the CGI.
* Let's say context = pb
- * then it gets translated into: ../context/pb.conf
+ * then it gets translated into: CONTEXTDIR/pb.conf
* so we have to make sure that context
* only contains numbers or letters, and nothing else
*
@@ -1500,3 +1496,11 @@
}
return result;
}
+
+/*
+ emacs settings
+ Local Variables:
+ indent-tabs-mode: t
+ tab-width: 8
+ End:
+*/
Index: csearch.c
===================================================================
RCS file: /cvs/dirsec/dsgw/csearch.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- csearch.c 1 Jun 2006 19:43:40 -0000 1.1.1.1
+++ csearch.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -54,41 +54,8 @@
#endif
{
int reqmethod;
- char *qs = NULL;
char *fname = NULL;
- /* Parse out the file=blah.html from the query string*/
- if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
- /* parse the query string: */
- auto char *p, *iter = NULL;
- qs = dsgw_ch_strdup( qs );
- for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL;
- p = ldap_utf8strtok_r( NULL, "&", &iter )) {
-
- /*
- * Get the conf file name. It'll be translated
- * into /dsgw/context/CONTEXT.conf if
- * CONTEXT is all alphanumeric (no slahes,
- * or dots). CONTEXT is passed into the cgi.
- * if context=CONTEXT is not there, or PATH_INFO
- * was used, then use dsgw.conf
- */
- if ( !strncasecmp( p, "context=", 8 )) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- continue;
- }
-
- if ( !strncasecmp( p, "file=", 5 )) {
- fname = dsgw_ch_strdup( p + 5 );
- dsgw_form_unescape( fname );
- continue;
- }
- }
- free( qs ); qs = NULL;
- }
-
-
reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET );
dsgw_send_header();
@@ -102,6 +69,7 @@
#endif
if ( reqmethod == DSGW_METHOD_POST || reqmethod == DSGW_METHOD_GET ) {
+ fname = dsgw_get_cgi_var("file", DSGW_CGIVAR_OPTIONAL);
get_request(fname);
}
Index: dnedit.c
===================================================================
RCS file: /cvs/dirsec/dsgw/dnedit.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- dnedit.c 1 Jun 2006 19:43:46 -0000 1.1.1.1
+++ dnedit.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -48,7 +48,7 @@
int main(int argc, char *argv[] )
#endif /* DSGW_DEBUG */
{
- char *tmplname, *attrname, *attrdesc, *qs, *dn, *edn;
+ char *tmplname, *attrname, *attrdesc, *dn, *edn;
char *attrs[ 2 ], **attrvals, **xdn, *avedn, *js0, *js1;
LDAP *ld;
LDAPMessage *msgp;
@@ -67,53 +67,6 @@
* for keeping backward compatibility.
*/
tmplname = attrname = attrdesc = dn = edn = NULL;
- if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
- char *p, *q;
- q = qs + strlen( qs );
- while ((( p = strrchr( qs, '&' )) != NULL ) || ( q - qs > 1 )) {
- if ( p )
- *p++ = '\0';
- else
- p = qs;
- q = p;
-
- if ( p != NULL && strncasecmp( p, "dn=", 3 ) == 0 ) {
- edn = dsgw_ch_strdup( p + 3 );
- dn = dsgw_ch_strdup( p + 3 );
- dsgw_form_unescape( dn );
- } else if ( p != NULL && strncasecmp( p, "template=", 9 ) == 0 ) {
- tmplname = dsgw_ch_strdup( p + 9 );
- dsgw_form_unescape( tmplname );
- } else if ( p != NULL && strncasecmp( p, "attr=", 5 ) == 0 ) {
- attrname = dsgw_ch_strdup( p + 5 );
- dsgw_form_unescape( attrname );
- } else if ( p != NULL && strncasecmp( p, "desc=", 5 ) == 0 ) {
- attrdesc = dsgw_ch_strdup( p + 5 );
- /* Don't bother unescaping it;
- we're only going to put it back in another URL. */
- } else if ( p != NULL && strncasecmp( p, "context=", 8 ) == 0) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- }
-
- }
-
- if ( !tmplname )
- dsgw_error( DSGW_ERR_MISSINGINPUT, "template", DSGW_ERROPT_EXIT,
- 0, NULL );
- if ( !attrname )
- dsgw_error( DSGW_ERR_MISSINGINPUT, "attr", DSGW_ERROPT_EXIT,
- 0, NULL );
- if ( !attrdesc )
- dsgw_error( DSGW_ERR_MISSINGINPUT, "desc", DSGW_ERROPT_EXIT,
- 0, NULL );
- } else {
- dsgw_error( DSGW_ERR_MISSINGINPUT, NULL, DSGW_ERROPT_EXIT, 0, NULL );
- }
-
- if ( dn == NULL ) {
- dsgw_error( DSGW_ERR_MISSINGINPUT, "dn", DSGW_ERROPT_EXIT, 0, NULL );
- }
(void)dsgw_init( argc, argv, DSGW_METHOD_GET );
@@ -121,6 +74,12 @@
dsgw_logstringarray( "env", env );
#endif
+ tmplname = dsgw_get_cgi_var("template", DSGW_CGIVAR_REQUIRED);
+ attrname = dsgw_get_cgi_var("attr", DSGW_CGIVAR_REQUIRED);
+ attrdesc = dsgw_get_cgi_var("desc", DSGW_CGIVAR_REQUIRED);
+ dn = dsgw_get_cgi_var("dn", DSGW_CGIVAR_REQUIRED);
+ edn = dsgw_strdup_escaped(dn);
+
dsgw_send_header();
Index: dosearch.c
===================================================================
RCS file: /cvs/dirsec/dsgw/dosearch.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- dosearch.c 1 Jun 2006 19:43:45 -0000 1.1.1.1
+++ dosearch.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -53,10 +53,12 @@
#endif
{
int reqmethod;
- char *qs = NULL;
char *dn = NULL;
char *hostport = NULL;
char *ldapquery = NULL;
+ int index = 0;
+ char *varname = NULL;
+ char *val = NULL;
#ifndef __LP64__
#ifdef HPUX
#ifndef __ia64
@@ -65,66 +67,30 @@
#endif
#endif
#endif
+
+ reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET );
+
+ hostport = dsgw_get_cgi_var("hp", DSGW_CGIVAR_OPTIONAL);
+ ldapquery = dsgw_get_cgi_var("ldq", DSGW_CGIVAR_OPTIONAL);
+ dn = dsgw_get_cgi_var("dn", DSGW_CGIVAR_OPTIONAL);
/*
- * Parse out the GET args, if any. See the comments under
- * get_request for an explanation of what's going on here
+ * If it doesn't match any of the above, or "context", then
+ * tack it onto the end of ldapquery.
*/
- if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
- /* parse the query string: */
- auto char *p, *iter = NULL;
- qs = dsgw_ch_strdup( qs );
-
- for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL;
- p = ldap_utf8strtok_r( NULL, "&", &iter )) {
-
- /*
- * Get the conf file name. It'll be translated
- * into /dsgw/context/CONTEXT.conf if
- * CONTEXT is all alphanumeric (no slahes,
- * or dots). CONTEXT is passed into the cgi.
- * if context=CONTEXT is not there, or PATH_INFO
- * was used, then use dsgw.conf
- */
- if ( !strncasecmp( p, "context=", 8 )) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- continue;
- }
-
- if ( !strncasecmp( p, "hp=", 3 )) {
- hostport = dsgw_ch_strdup( p + 3 );
- dsgw_form_unescape( hostport );
- continue;
- }
-
- if ( !strncasecmp( p, "ldq=", 4 )) {
- ldapquery = dsgw_ch_strdup( p + 4 );
- dsgw_form_unescape( ldapquery );
- continue;
- }
-
- if ( !strncasecmp( p, "dn=", 3 )) {
- dn = dsgw_ch_strdup( p + 3 );
- dsgw_form_unescape( dn );
- continue;
- }
-
- /*
- * If it doesn't match any of the above, then
- * tack it onto the end of ldapquery.
- */
- if (ldapquery != NULL) {
- ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(p) + 2));
- sprintf( ldapquery, "%s&%s", ldapquery, p );
- }
+ while ( (varname = dsgw_next_cgi_var( &index, &val )) != NULL) {
+ if (!strcmp(varname, "hp") || !strcmp(varname, "ldq") ||
+ !strcmp(varname, "dn") || !strcmp(varname, "context")) {
+ continue;
+ }
+ ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(varname) + 1));
+ PL_strcat(ldapquery, varname);
+ if (val && *val) {
+ ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(val) + 2));
+ PL_strcat(ldapquery, "=");
+ PL_strcat(ldapquery, val);
}
-
- free( qs ); qs = NULL;
}
-
- reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET );
-
/*
* Note: we don't call dsgw_send_header() here like we usually do because
* on a GET we may be asked to return a MIME type other than the default
Index: dsgw-httpd.conf.in
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgw-httpd.conf.in,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- dsgw-httpd.conf.in 11 Jan 2008 21:58:09 -0000 1.3
+++ dsgw-httpd.conf.in 14 Jan 2008 22:58:30 -0000 1.4
@@ -26,12 +26,20 @@
SetEnv DSGW_CONTEXT_DIR "@contextdir@"
# Enable CGI execution for these uris in this directory
-ScriptAlias @cgiuri@ "@cgibindir@"
+ScriptAlias @cgiuri@ "@cgibindir@/"
+# legacy mapping
+ScriptAlias /clients/dsgw/bin/ "@cgibindir@/"
# URI aliases for html content
Alias @dsgwuri@ @htmldir@
Alias @orguri@ @orghtmldir@
+# legacy mappings
+Alias /clients/dsgw/html @htmldir@
+Alias /clients/dsgw/pbhtml @pbhtmldir@
+Alias /clients/dsgw/config @configdir@
+Alias /clients/dsgw/pbconfig @pbconfigdir@
+
# Allow access to the dsgw html files
<Directory "@htmldir@">
AllowOverride None
@@ -75,7 +83,7 @@
# Allow access to the cgi programs
<Directory "@cgibindir@">
AllowOverride None
- Options None
+ Options +ExecCGI
Order allow,deny
Allow from all
</Directory>
Index: dsgw.h
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgw.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- dsgw.h 14 Jan 2008 22:31:17 -0000 1.3
+++ dsgw.h 14 Jan 2008 22:58:30 -0000 1.4
@@ -108,7 +108,7 @@
#define DSGW_TMPLDIR_HTTP CONFIGDIR
#define DSGW_TMPLDIR_ADMSERV HTMLDIR
#define DSGW_DOCDIR_HTTP HTMLDIR
-#define DSGW_CONTEXTDIR_HTTP CONTEXTDIR
+#define DSGW_CONTEXTDIR_HTTP (getenv("DSGW_CONTEXT_DIR") ? getenv("DSGW_CONTEXT_DIR") : CONTEXTDIR)
#define DSGW_HTMLDIR HTMLDIR
#define DSGW_MANROOT MANUALDIR
#define DSGW_MANUALSHORTCUT ".MANUAL"
@@ -758,6 +758,7 @@
* in cgiutil.c
*/
int dsgw_post_begin( FILE *in );
+void dsgw_get_begin( char *qs );
void dsgw_form_unescape( char *str );
char *dsgw_get_cgi_var( char *varname, int required );
int dsgw_get_int_var( char *varname, int required, int defval );
@@ -1033,6 +1034,7 @@
*/
int dsgw_utf8casecmp(unsigned char *s0, unsigned char *s1);
int dsgw_utf8ncasecmp(unsigned char *s0, unsigned char *s1, int n);
+char *dsgw_utf8StrToUpper(char *s);
/*
* dsgwutil.c
Index: dsgwgetlang.c
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgwgetlang.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- dsgwgetlang.c 10 Jan 2008 01:19:36 -0000 1.2
+++ dsgwgetlang.c 14 Jan 2008 22:58:30 -0000 1.3
@@ -351,5 +351,5 @@
XP_InitStringDatabase(const char *path, const char *dbname)
{
database_name = strdup(dbname);
- i18nResource = res_init_resource(path, database_name);
+ i18nResource = res_init_resource(path, NULL);
}
Index: dsgwutil.c
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgwutil.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- dsgwutil.c 14 Jan 2008 22:31:17 -0000 1.3
+++ dsgwutil.c 14 Jan 2008 22:58:30 -0000 1.4
@@ -35,6 +35,7 @@
* Copyright (C) 2005 Red Hat, Inc.
* All rights reserved.
--- END COPYRIGHT BLOCK --- */
+
/*
* dsgwutil.c -- misc. utility functions -- HTTP gateway
*/
@@ -126,19 +127,26 @@
/*Have to get the context before we read the config file.*/
if (( m = getenv( "REQUEST_METHOD" )) != NULL ) {
if ( strcasecmp( m, "GET" ) == 0 || strcasecmp( m, "HEAD" ) == 0 ) {
+ char *qs = getenv("QUERY_STRING");
method = DSGW_METHOD_GET;
+ if (qs && *qs) {
+ dsgw_get_begin(qs);
+ } else {
+ /* error? */
+ }
} else if ( strcasecmp( m, "POST" ) == 0 ) {
method = DSGW_METHOD_POST;
- if (( err = dsgw_post_begin( stdin )) == 0 ) {
- context = dsgw_get_cgi_var( "context", DSGW_CGIVAR_OPTIONAL );
+ if (( err = dsgw_post_begin( stdin )) != 0 ) {
+ dsgw_error(err, NULL, DSGW_ERROPT_EXIT, 0, NULL);
}
}
}
if ( method == 0 || ( methods_handled & method ) == 0 ) {
dsgw_error( DSGW_ERR_BADMETHOD, NULL, DSGW_ERROPT_EXIT, 0, NULL );
- }
+ }
+ context = dsgw_get_cgi_var( "context", DSGW_CGIVAR_OPTIONAL );
/*If no context was given, try default.conf.*/
if (context == NULL) {
context = dsgw_ch_strdup("default");
@@ -659,9 +667,9 @@
dsgw_emitf( "<INPUT TYPE=\"button\" VALUE=\"%s\" onClick=\""
"if ( top.helpwin ) {"
" top.helpwin.focus();"
- " top.helpwin.infotopic.location='%s?!%s&context=%s';"
+ " top.helpwin.infotopic.location='%s?tutor=!%s&context=%s';"
"} else {"
- " window.open('%s?%s&context=%s', 'infowin_dsgw', "
+ " window.open('%s?tutor=%s&context=%s', 'infowin_dsgw', "
" 'resizable=1,width=400,height=500');"
"}\">\n",
XP_GetClientStr(DBT_help_1), tutorvp, topic, context,
@@ -1326,3 +1334,11 @@
return server_url;
}
+
+/*
+ emacs settings
+ Local Variables:
+ indent-tabs-mode: t
+ tab-width: 8
+ End:
+*/
Index: edit.c
===================================================================
RCS file: /cvs/dirsec/dsgw/edit.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- edit.c 1 Jun 2006 19:43:42 -0000 1.1.1.1
+++ edit.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -55,7 +55,8 @@
{
- char *dn, *tmplname, *p;
+ char *dn, *tmplname;
+ char *add = NULL;
unsigned long options;
/*
@@ -82,6 +83,11 @@
* the content has a risk to get broken especially when
* it contains 8-bit UTF-8 data. (This is a known problem
* on localized Windows machines.)
+ *
+ * NOTE: The new code uses adminutil to parse the get/post arguments.
+ * This requires name=value pairs. So instead of just ADD, the
+ * argument must be ADD=1 (or some other value). Also, instead of
+ * just "template", the argument should be tmplname=template.
*/
options = DSGW_DISPLAY_OPT_EDITABLE;
@@ -95,61 +101,19 @@
#endif
#endif
- if (( tmplname = getenv( "QUERY_STRING" )) != NULL && *tmplname != '\0' ) {
- tmplname = dsgw_ch_strdup( tmplname );
- while ( tmplname != NULL && ((( p = strrchr( tmplname, '&' )) != NULL ) || (p=tmplname) != NULL )) {
- if (p == tmplname) {
- tmplname = NULL;
- } else {
- *p++ = '\0';
- }
-
- if ( strcasecmp( p, "add" ) == 0 ) {
- options |= DSGW_DISPLAY_OPT_ADDING;
- if (( p = strrchr( tmplname, '&' )) != NULL ) {
- *p++ = '\0';
- }
- }
+ (void)dsgw_init( argc, argv, DSGW_METHOD_GET );
- if ( p != NULL && strncasecmp( p, "info=", 5 ) == 0 ) {
- dsgw_last_op_info = dsgw_ch_strdup( p + 5 );
- dsgw_form_unescape( dsgw_last_op_info );
- continue;
- }
- if ( p != NULL && strncasecmp( p, "dn=", 3 ) == 0 ) {
- dn = dsgw_ch_strdup( p + 3 );
- dsgw_form_unescape( dn );
- continue;
- }
- if ( p != NULL && strncasecmp( p, "dnattr=", 7 ) == 0 ) {
- dsgw_dnattr = dsgw_ch_strdup( p + 7 );
- dsgw_form_unescape( dsgw_dnattr );
- continue;
- }
- if ( p != NULL && strncasecmp( p, "dndesc=", 7 ) == 0 ) {
- dsgw_dndesc = dsgw_ch_strdup( p + 7 );
- dsgw_form_unescape( dsgw_dndesc );
- continue;
- }
- if ( p != NULL && strncasecmp( p, "context=", 8 ) == 0) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- continue;
- }
-
- /*
- * If none of the if-statements above matched,
- * then it's the template name
- */
- tmplname = p;
- break;
- }
-
- } else {
- tmplname = NULL;
+ dsgw_last_op_info = dsgw_get_cgi_var("info", DSGW_CGIVAR_OPTIONAL);
+ dn = dsgw_get_cgi_var("dn", DSGW_CGIVAR_OPTIONAL);
+ dsgw_dnattr = dsgw_get_cgi_var("dnattr", DSGW_CGIVAR_OPTIONAL);
+ dsgw_dndesc = dsgw_get_cgi_var("dndesc", DSGW_CGIVAR_OPTIONAL);
+ add = dsgw_get_cgi_var("add", DSGW_CGIVAR_OPTIONAL);
+ if (add && *add) {
+ options |= DSGW_DISPLAY_OPT_ADDING;
}
+ PL_strfree(add);
+ tmplname = dsgw_get_cgi_var("tmplname", DSGW_CGIVAR_OPTIONAL);
- (void)dsgw_init( argc, argv, DSGW_METHOD_GET );
dsgw_send_header();
#ifdef DSGW_DEBUG
Index: emitf.c
===================================================================
RCS file: /cvs/dirsec/dsgw/emitf.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- emitf.c 1 Jun 2006 19:43:44 -0000 1.1.1.1
+++ emitf.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -861,3 +861,11 @@
}
return charset;
}
+
+/*
+ emacs settings
+ Local Variables:
+ indent-tabs-mode: t
+ tab-width: 8
+ End:
+*/
Index: error.c
===================================================================
RCS file: /cvs/dirsec/dsgw/error.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- error.c 1 Jun 2006 19:43:44 -0000 1.1.1.1
+++ error.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -568,3 +568,11 @@
return msg;
}
}
+
+/*
+ emacs settings
+ Local Variables:
+ indent-tabs-mode: t
+ tab-width: 8
+ End:
+*/
Index: htmlout.c
===================================================================
RCS file: /cvs/dirsec/dsgw/htmlout.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- htmlout.c 1 Jun 2006 19:43:43 -0000 1.1.1.1
+++ htmlout.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -457,3 +457,11 @@
if (frame) dsgw_emitf ("%s.", frame);
dsgw_emits ( "document.confirmForm.submit();\n");
}
+
+/*
+ emacs settings
+ Local Variables:
+ indent-tabs-mode: t
+ tab-width: 8
+ End:
+*/
Index: htmlparse.c
===================================================================
RCS file: /cvs/dirsec/dsgw/htmlparse.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- htmlparse.c 1 Jun 2006 19:43:44 -0000 1.1.1.1
+++ htmlparse.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -842,3 +842,11 @@
return( p );
}
+
+/*
+ emacs settings
+ Local Variables:
+ indent-tabs-mode: t
+ tab-width: 8
+ End:
+*/
Index: lang.c
===================================================================
RCS file: /cvs/dirsec/dsgw/lang.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- lang.c 1 Jun 2006 19:43:39 -0000 1.1.1.1
+++ lang.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -143,70 +143,29 @@
char* docname = NULL;
char* tfname;
int result = 0;
- char *qs = NULL;
int manual_file = 0; /* Flag: is the file a documentation file? */
+
+ (void)dsgw_init( argc, argv, DSGW_METHOD_GET | DSGW_METHOD_POST );
- /* Parse out the file=blah.html */
- if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
- /* parse the query string: */
- auto char *p, *iter = NULL;
- qs = dsgw_ch_strdup( qs );
-
- for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL;
- p = ldap_utf8strtok_r( NULL, "&", &iter )) {
-
- /*
- * Get the conf file name. It'll be translated
- * into /dsgw/context/CONTEXT.conf if
- * CONTEXT is all alphanumeric (no slahes,
- * or dots). CONTEXT is passed into the cgi.
- * if context=CONTEXT is not there, or PATH_INFO
- * was used, then use dsgw.conf
- */
- if ( !strncasecmp( p, "context=", 8 )) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- continue;
- }
-
-
- /*Get the filename and check it for naughtiness -RJP*/
- if ( !strncasecmp( p, "file=", 5 )) {
-
- /*If there is no file specified, go with index.html*/
- if (strlen(p) == 5) {
- docname = dsgw_ch_strdup("index.html");
- } else {
- docname = dsgw_ch_strdup( p + 5 );
- dsgw_form_unescape( docname );
- }
-
-
- /*If we're handling a help page, forgo the filename check*/
- if ( strlen( docname ) > DSGW_MANUALSHORTCUT_LEN &&
- strncmp( docname, DSGW_MANUALSHORTCUT,
- DSGW_MANUALSHORTCUT_LEN ) == 0 ) {
- manual_file = 1;
- }
-
- /*
- * Make sure the person isn't trying to get
- * some file not in the gateway.
- */
- if (manual_file == 0 && !dsgw_valid_docname(docname)) {
- dsgw_error( DSGW_ERR_BADFILEPATH, docname,
- DSGW_ERROPT_EXIT, 0, NULL );
- }
- continue;
- }
-
-
+ dsgw_last_op_info = dsgw_get_cgi_var("info", DSGW_CGIVAR_OPTIONAL);
+ docname = dsgw_get_cgi_var("file", DSGW_CGIVAR_OPTIONAL);
+ if (docname) {
+ /*If we're handling a help page, forgo the filename check*/
+ if ( strlen( docname ) > DSGW_MANUALSHORTCUT_LEN &&
+ strncmp( docname, DSGW_MANUALSHORTCUT,
+ DSGW_MANUALSHORTCUT_LEN ) == 0 ) {
+ manual_file = 1;
+ }
+ /*
+ * Make sure the person isn't trying to get
+ * some file not in the gateway.
+ */
+ if (manual_file == 0 && !dsgw_valid_docname(docname)) {
+ dsgw_error( DSGW_ERR_BADFILEPATH, docname,
+ DSGW_ERROPT_EXIT, 0, NULL );
}
-
- free( qs ); qs = NULL;
}
-
- (void)dsgw_init( argc, argv, DSGW_METHOD_GET | DSGW_METHOD_POST );
+
docdir = dsgw_get_docdir();
/*If there is no docname, default to index.html*/
@@ -214,11 +173,12 @@
docname = dsgw_ch_strdup("index.html");
}
+ /* I think this is a no op - dsgw_valid_docname will reject "/" */
if (!strcmp (docname, "/")) {
printf( "Location: %s?context=%s\n\n",
dsgw_getvp( DSGW_CGINUM_SEARCH ), context );
return( result );
- } else {
+ } /* I think this is a no op? else {
char* p;
if (*docname == '/') ++docname;
docname = dsgw_ch_strdup( docname );
@@ -229,7 +189,7 @@
dsgw_form_unescape( dsgw_last_op_info );
}
}
- }
+ } */
if (manual_file) {
/* check filename */
@@ -287,3 +247,11 @@
return result;
}
+
+/*
+ emacs settings
+ Local Variables:
+ indent-tabs-mode: t
+ tab-width: 8
+ End:
+*/
Index: newentry.c
===================================================================
RCS file: /cvs/dirsec/dsgw/newentry.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- newentry.c 1 Jun 2006 19:43:45 -0000 1.1.1.1
+++ newentry.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -251,6 +251,8 @@
static char*
compute_newurl()
{
+ char *tmplname = "tmplname=";
+ size_t tmplnamelen = strlen(tmplname);
auto char* entryType = dsgw_get_cgi_var( "entrytype", DSGW_CGIVAR_REQUIRED );
auto char* entryName = dsgw_get_cgi_var( "entryname", DSGW_CGIVAR_REQUIRED );
auto char* rdnTag = dsgw_get_cgi_var( "rdntag", DSGW_CGIVAR_REQUIRED );
@@ -281,15 +283,16 @@
{
auto char* edn = dsgw_strdup_escaped (dn);
auto const char* const prefix = DSGW_URLPREFIX_CGI_HTTP "edit?";
- auto const char* const suffix = "&ADD";
+ auto const char* const suffix = "&ADD=1";
auto const size_t ednLen = strlen (edn);
auto const size_t prefixLen = strlen (prefix);
auto const size_t suffixLen = strlen (suffix);
auto const size_t contextLen = strlen (context) + 9;
- newurl = dsgw_ch_malloc (prefixLen + entryTypeLen + contextLen + suffixLen + 4 + ednLen + 1);
+ newurl = dsgw_ch_malloc (prefixLen + tmplnamelen + entryTypeLen + contextLen + suffixLen + 4 + ednLen + 1);
memcpy (newurl, prefix, prefixLen + 1);
+ strcat (newurl, tmplname);
strcat (newurl, entryType);
strcat (newurl, "&context=");
strcat (newurl, context);
@@ -389,60 +392,18 @@
#endif
{
auto int reqmethod;
- char *qs = NULL;
char *docname = NULL;
char *etype = NULL;
- /* Parse out the file=blah.html */
- if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
- /* parse the query string: */
- auto char *p, *iter = NULL;
- qs = dsgw_ch_strdup( qs );
-
- for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL;
- p = ldap_utf8strtok_r( NULL, "&", &iter )) {
-
- /*
- * Get the conf file name. It'll be translated
- * into /dsgw/context/CONTEXT.conf if
- * CONTEXT is all alphanumeric (no slahes,
- * or dots). CONTEXT is passed into the cgi.
- * if context=CONTEXT is not there, or PATH_INFO
- * was used, then use dsgw.conf
- */
- if ( !strncasecmp( p, "context=", 8 )) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- continue;
- }
-
- /*
- * file will be either "name", "type", or nothing.
- * It'll be mapped into an html file in get_request
- */
- if ( !strncasecmp( p, "file=", 5 )) {
- docname = dsgw_ch_strdup( p + 5 );
- dsgw_form_unescape( docname );
-
- continue;
- }
-
- /* etype will be ntgroup, or person, etc */
- if ( !strncasecmp( p, "etype=", 6 )) {
- etype = dsgw_ch_strdup( p + 6 );
- dsgw_form_unescape( etype );
-
- continue;
- }
- }
- free( qs ); qs = NULL;
- }
+ reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET);
+
+ docname = dsgw_get_cgi_var("file", DSGW_CGIVAR_OPTIONAL);
if (docname != NULL && *docname == '/') {
docname++;
}
-
- reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET);
+ etype = dsgw_get_cgi_var("etype", DSGW_CGIVAR_OPTIONAL);
+
dsgw_send_header();
#ifdef DSGW_DEBUG
dsgw_logstringarray( "env", env );
Index: search.c
===================================================================
RCS file: /cvs/dirsec/dsgw/search.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- search.c 1 Jun 2006 19:43:39 -0000 1.1.1.1
+++ search.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -54,56 +54,14 @@
{
auto int reqmethod;
char *docname = NULL;
- char *qs = NULL;
-
- /* Parse out the file=blah.html */
- if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
- /* parse the query string: */
- auto char *p, *iter = NULL;
- qs = dsgw_ch_strdup( qs );
-
- for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL;
- p = ldap_utf8strtok_r( NULL, "&", &iter )) {
-
- /*
- * Get the conf file name. It'll be translated
- * into /dsgw/context/CONTEXT.conf if
- * CONTEXT is all alphanumeric (no slahes,
- * or dots). CONTEXT is passed into the cgi.
- * if context=CONTEXT is not there, or PATH_INFO
- * was used, then use dsgw.conf
- */
- if ( !strncasecmp( p, "context=", 8 )) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- continue;
- }
-
-
- /*Get the filename and check it for naughtiness -RJP*/
- if ( !strncasecmp( p, "file=", 5 )) {
- docname = dsgw_ch_strdup( p + 5 );
- dsgw_form_unescape( docname );
-
- /*
- * Make sure the person isn't trying to get
- * some file not in the gateway.
- */
- if (! dsgw_valid_docname(docname)) {
- dsgw_error( DSGW_ERR_BADFILEPATH, docname,
- DSGW_ERROPT_EXIT, 0, NULL );
- }
- continue;
- }
-
-
- }
-
- free( qs ); qs = NULL;
- }
-
reqmethod = dsgw_init( argc, argv, DSGW_METHOD_GET );
+
+ docname = dsgw_get_cgi_var("file", DSGW_CGIVAR_OPTIONAL);
+ if (docname && ! dsgw_valid_docname(docname)) {
+ dsgw_error( DSGW_ERR_BADFILEPATH, docname,
+ DSGW_ERROPT_EXIT, 0, NULL );
+ }
dsgw_send_header();
#ifdef DSGW_DEBUG
Index: tutor.c
===================================================================
RCS file: /cvs/dirsec/dsgw/tutor.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- tutor.c 1 Jun 2006 19:43:47 -0000 1.1.1.1
+++ tutor.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -139,44 +139,25 @@
#endif
)
{
- char *qs = getenv("QUERY_STRING");
+ char *param = NULL;
char *html=NULL;
char *base=NULL;
#ifdef DSGW_DEBUG
dsgw_logstringarray( "env", env );
#endif
-
- if(qs == NULL || *qs == '\0') {
+
+ dsgw_init( argc, argv, DSGW_METHOD_GET );
+
+ param = dsgw_get_cgi_var("tutor", DSGW_CGIVAR_OPTIONAL);
+ if (!param || !*param) {
dsgw_send_header();
_my_return_html_file(BASE_MAN_DIRECTORY HELP_INDEX_HTML, NULL);
exit(0);
- } else {
- /* parse the query string: */
- auto char *p, *iter = NULL;
-
- /*get a pointer to the context. It should be the last part of the qs*/
- p = ldap_utf8strtok_r( qs, "&", &iter );
-
- /*
- * Get the conf file name. It'll be translated
- * into /dsgw/context/CONTEXT.conf if
- * CONTEXT is all alphanumeric (no slahes,
- * or dots). CONTEXT is passed into the cgi.
- * if context=CONTEXT is not there, or PATH_INFO
- * was used, then use dsgw.conf
- */
- if ( iter != NULL && !strncasecmp( iter, "context=", 8 )) {
- context = dsgw_ch_strdup( iter + 8 );
- dsgw_form_unescape( context );
- }
-
}
- dsgw_init( argc, argv, DSGW_METHOD_GET );
-
- html = (char *) dsgw_ch_malloc(strlen(qs)+10+10);
- sprintf(html, "%s.html", qs);
+ html = (char *) dsgw_ch_malloc(strlen(param)+10+10);
+ sprintf(html, "%s.html", param);
if (my_util_uri_is_evil(html)) {
dsgw_send_header();
dsgw_emits( "<CENTER><H2>Error</H2></CENTER>\n"
@@ -186,17 +167,17 @@
exit( 0 );
}
- if(qs[0]=='!') {
- qs++;
- if(!strncmp(qs, BASE_INFO_DIRECTORY, strlen(BASE_INFO_DIRECTORY))) {
- sprintf(html, "%s.html", qs);
- } else if(!strncmp(qs, BASE_MAN_DIRECTORY, strlen(BASE_MAN_DIRECTORY))) {
- if(!strstr(qs, ".html")) {
- sprintf(html, "%s.htm", qs);
+ if(param[0]=='!') {
+ param++;
+ if(!strncmp(param, BASE_INFO_DIRECTORY, strlen(BASE_INFO_DIRECTORY))) {
+ sprintf(html, "%s.html", param);
+ } else if(!strncmp(param, BASE_MAN_DIRECTORY, strlen(BASE_MAN_DIRECTORY))) {
+ if(!strstr(param, ".html")) {
+ sprintf(html, "%s.htm", param);
} else {
- sprintf(html, "%s", qs);
+ sprintf(html, "%s", param);
}
- base=qs;
+ base=param;
}
else {
char line[BIG_LINE];
@@ -245,7 +226,7 @@
if(!found) continue;
/* script name is in head */
- if(strncasecmp(head, qs, strlen(qs))) {
+ if(strncasecmp(head, param, strlen(param))) {
continue;
}
/* match found. get the actual file name */
@@ -278,7 +259,7 @@
ohwell:
if(!html[0])
- sprintf(html, "%s%s.html", BASE_MAN_DIRECTORY, qs);
+ sprintf(html, "%s%s.html", BASE_MAN_DIRECTORY, param);
}
dsgw_send_header();
_my_return_html_file(html, base);
@@ -289,11 +270,11 @@
dsgw_emits("<frameset BORDER=0 FRAMEBORDER=NO rows=\"57,*\" "
"onLoad=\"top.master=top.opener.top;top.master.helpwin=self;\" "
"onUnload=\"if (top.master) { top.master.helpwin=0; }\">\n" );
- dsgw_emitf("<frame src=\"%s?!info/infonav&context=%s\" scrolling=no "
+ dsgw_emitf("<frame src=\"%s?tutor=!info/infonav&context=%s\" scrolling=no "
"marginwidth=0 marginheight=0 "
"name=\"infobuttons\">\n", dsgw_getvp(DSGW_CGINUM_TUTOR), context);
- dsgw_emitf("<frame src=\"%s?!%s&context=%s\" "
- "name=\"infotopic\">\n", dsgw_getvp(DSGW_CGINUM_TUTOR), qs, context);
+ dsgw_emitf("<frame src=\"%s?tutor=!%s&context=%s\" "
+ "name=\"infotopic\">\n", dsgw_getvp(DSGW_CGINUM_TUTOR), param, context);
dsgw_emits("</frameset>\n");
}
return 1;
Index: unauth.c
===================================================================
RCS file: /cvs/dirsec/dsgw/unauth.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- unauth.c 1 Jun 2006 19:43:39 -0000 1.1.1.1
+++ unauth.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -42,7 +42,6 @@
#include "dsgw.h"
#include "dbtdsgw.h"
-char *get_auth_cookie( char *cookie );
void generate_message( int type );
#define CKEXP_SUCCESS 1
@@ -53,37 +52,7 @@
int reqmethod;
char *expck;
char *authck;
- int rc;
- char *qs = NULL;
-
- /* Parse out the context=blah.html */
- if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
- /* parse the query string: */
- auto char *p, *iter = NULL;
- qs = dsgw_ch_strdup( qs );
-
- for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL;
- p = ldap_utf8strtok_r( NULL, "&", &iter )) {
-
- /*
- * Get the conf file name. It'll be translated
- * into /dsgw/context/CONTEXT.conf if
- * CONTEXT is all alphanumeric (no slahes,
- * or dots). CONTEXT is passed into the cgi.
- * if context=CONTEXT is not there, or PATH_INFO
- * was used, then use dsgw.conf
- */
- if ( !strncasecmp( p, "context=", 8 )) {
- context = dsgw_ch_strdup( p + 8 );
- dsgw_form_unescape( context );
- continue;
- }
-
- }
-
- free( qs ); qs = NULL;
- }
-
+ int rc;
reqmethod = dsgw_init( argc, argv, DSGW_METHOD_GET );
@@ -109,36 +78,6 @@
exit( 0 );
}
-
-
-/*
- * It's quite likely that there will be more than one cookie in the
- * Cookie: header. See if we've got an authentication cookie, and if
- * so, parse it out and return a pointer to it. If no auth cookie
- * is present, return NULL.
- */
-char *
-get_auth_cookie( char *cookie )
-{
- char *p, *e;
-
- if ( cookie == NULL ) {
- return NULL;
- }
-
- if (( p = strstr( cookie, DSGW_AUTHCKNAME )) == NULL ) {
- return NULL;
- }
-
- if (( e = strchr( p, ';' )) != NULL ) {
- *e = '\0';
- }
-
- return p;
-}
-
-
-
void
generate_message( int type )
{
Index: utf8compare.c
===================================================================
RCS file: /cvs/dirsec/dsgw/utf8compare.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- utf8compare.c 1 Jun 2006 19:43:46 -0000 1.1.1.1
+++ utf8compare.c 14 Jan 2008 22:58:30 -0000 1.2
@@ -1822,16 +1822,17 @@
* Output string is allocated in this function, which needs to be
* released when it's not needed any more.
*/
-unsigned char *
-dsgw_utf8StrToUpper(unsigned char *s)
+char *
+dsgw_utf8StrToUpper(char *input)
{
+ unsigned char *s = (unsigned char *)input;
UpperLowerTbl_t *ultp;
unsigned char *p, *np, *tail;
unsigned char *up, *uphead;
int len, sz;
if (s == NULL || *s == '\0') {
- return s;
+ return (char *)s;
}
len = strlen((char *)s);
tail = s + len;
@@ -1891,7 +1892,7 @@
}
}
*up = '\0';
- return uphead;
+ return (char *)uphead;
}
/*
Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- Makefile.in 14 Jan 2008 22:31:17 -0000 1.5
+++ Makefile.in 14 Jan 2008 22:58:30 -0000 1.6
@@ -480,8 +480,8 @@
#nodist_context_SCRIPTS = setup-dirsrv-gw
# add more here for localized bundles
-nodist_property_DATA = dsgw_root.res
-MOSTLYCLEANFILES = dsgw.conf dsgw_root.res dsgw.properties setup dsgw-httpd.conf
+nodist_property_DATA = root.res en.res en_US.res
+MOSTLYCLEANFILES = dsgw.conf root.res dsgw.properties setup dsgw-httpd.conf en.res en_US.res
@WINNT_FALSE at ICU_GENRB = sh $(srcdir)/genrb_wrapper.sh @icu_bin@ @icu_lib@
# Resource Bundle Compiler
@@ -490,13 +490,13 @@
# The root resource bundle is based on English (en) locale;
# This bundle must be always distributed and there is no need to have
# *_en.properties resource bundle source files.
-RESOURCE_BUNDLES_ROOT = dsgw_root.res
+RESOURCE_BUNDLES_ROOT = root.res
# French resource bundles (for the French localization in the future)
-RESOURCE_BUNDLES_FR = dsgw_fr.res
+RESOURCE_BUNDLES_FR = fr.res
# German resource bundles (for the German localization in the future)
-RESOURCE_BUNDLES_DE = dsgw_de.res
+RESOURCE_BUNDLES_DE = de.res
# these are for the config files and scripts that we need to generate and replace
# the paths and other tokens with the real values set during configure/make
@@ -1178,14 +1178,17 @@
dsgw.properties: ./propmaker dbtdsgw.h
./propmaker $@
-dsgw_root.res : dsgw.properties
- $(ICU_GENRB) -s. -d. --encoding 8859-1 --package-name dsgw $+
+root.res : dsgw.properties
+ $(ICU_GENRB) -s. -d. --encoding 8859-1 $+
-%_fr.res : %_fr.properties
- $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+
+fr.res : fr.properties
+ $(ICU_GENRB) -s. -d. --encoding 8859-2 $+
-%_de.res : %_de.properties
- $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+
+de.res : de.properties
+ $(ICU_GENRB) -s. -d. --encoding 8859-2 $+
+
+en.res en_US.res : root.res
+ cp -p $< $@
% : %.in
if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
More information about the Fedora-directory-commits
mailing list