tAdd special sticky bit case for the base dir. - geomyidae - A small C-based gopherd. (gopher://bitreich.org/1/scm/geomyidae)
(HTM) git clone git://r-36.net/geomyidae
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit fdd8c5b2210b2c3719bce020dfec54bbe36adb49
(DIR) parent 8d1047f9e55a6210bdee47aecde5728c0ae12c60
(HTM) Author: Christoph Lohmann <20h@r-36.net>
Date: Sun, 3 Apr 2022 09:49:55 +0200
Add special sticky bit case for the base dir.
Diffstat:
geomyidae.8 | 5 ++++-
main.c | 13 +++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
---
(DIR) diff --git a/geomyidae.8 b/geomyidae.8
t@@ -530,7 +530,10 @@ ex.
.
.Sh ENCRYPTION ONLY
If you set the sticky bit (chmod +t) on some file or directory, geomyidae
-will only serve it over an encrypted connection.
+will only serve it over an encrypted connection. There is the special
+case, that when the sticky bit is set on the
+.Ar base
+directory, all content will only be served over tls.
.
.Sh FILES
README, LICENSE, CGI, index.gph, rc.d/, LINKS, gph/
(DIR) diff --git a/main.c b/main.c
t@@ -142,6 +142,19 @@ handlerequest(int sock, char *req, int rlen, char *base, char *ohost,
int len = 0, fd, i, maxrecv;
filetype *type;
+ if (!istls) {
+ if (stat(base, &dir) == -1)
+ return;
+ if (dir.st_mode & S_ISVTX) {
+ dprintf(sock, tlserr, recvc);
+ if (loglvl & ERRORS) {
+ logentry(clienth, clientp, recvc,
+ "encryption only");
+ }
+ return;
+ }
+ }
+
memset(&dir, 0, sizeof(dir));
memset(recvb, 0, sizeof(recvb));
memset(recvc, 0, sizeof(recvc));