X-Git-Url: http://wpitchoune.net/gitweb/?p=psensor-pkg-debian.git;a=blobdiff_plain;f=src%2Fserver%2Fserver.c;h=fb6b63c3826dc8c981fa3dfe992de40b37778d76;hp=d868d86163fcdc3a724921ddc97b42b2baad5d00;hb=bd7036af56a4b61b2b473dccbeac5e26f78b57da;hpb=48da1ac5531838d157762882ee455cec4da05728;ds=sidebyside diff --git a/src/server/server.c b/src/server/server.c index d868d86..fb6b63c 100644 --- a/src/server/server.c +++ b/src/server/server.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010-2014 jeanfi@gmail.com + * Copyright (C) 2010-2016 jeanfi@gmail.com * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as @@ -65,15 +65,15 @@ static const int DEFAULT_PORT = 3131; "Page not found - Go to Main page

")) static struct option long_options[] = { - {"version", no_argument, 0, 'v'}, - {"help", no_argument, 0, 'h'}, - {"port", required_argument, 0, 'p'}, - {"wdir", required_argument, 0, 'w'}, - {"debug", required_argument, 0, 'd'}, - {"log-file", required_argument, 0, 'l'}, - {"sensor-log-file", required_argument, 0, 0}, - {"sensor-log-interval", required_argument, 0, 0}, - {0, 0, 0, 0} + {"version", no_argument, NULL, 'v'}, + {"help", no_argument, NULL, 'h'}, + {"port", required_argument, NULL, 'p'}, + {"wdir", required_argument, NULL, 'w'}, + {"debug", required_argument, NULL, 'd'}, + {"log-file", required_argument, NULL, 'l'}, + {"sensor-log-file", required_argument, NULL, 0}, + {"sensor-log-interval", required_argument, NULL, 0}, + {NULL, 0, NULL, 0} }; static struct server_data server_data; @@ -82,7 +82,7 @@ static pthread_mutex_t mutex; static int server_stop_requested; -static void print_version() +static void print_version(void) { printf("psensor-server %s\n", VERSION); printf(_("Copyright (C) %s jeanfi@gmail.com\n" @@ -93,7 +93,7 @@ static void print_version() "2010-2012"); } -static void print_help() +static void print_help(void) { printf(_("Usage: %s [OPTION]...\n"), program_name); @@ -244,28 +244,52 @@ static struct MHD_Response *create_response_file(const char *nurl, return NULL; } +static int is_access_allowed(char *path) +{ + char *rpath; + int n, ret; + + rpath = realpath(path, NULL); + if (rpath) { + n = strlen(server_data.www_dir); + if (!strncmp(server_data.www_dir, rpath, n) + || !strcmp(rpath, + "/usr/share/javascript/jquery/jquery.js")) { + ret = 1; + } else { + ret = 0; + + log_err(_("Resource access refused %s real path is %s"), + path, + rpath); + } + + free(rpath); + } else { + log_err(_("Cannot get real path of %s"), path); + + ret = 0; + } + + return ret; +} + static struct MHD_Response * create_response(const char *nurl, const char *method, unsigned int *rp_code) { - char *page, *fpath, *rpath; + char *page, *fpath; struct MHD_Response *resp = NULL; - int n; if (!strncmp(nurl, URL_BASE_API_1_1, strlen(URL_BASE_API_1_1))) { resp = create_response_api(nurl, method, rp_code); } else { fpath = get_path(nurl, server_data.www_dir); - rpath = realpath(fpath, NULL); - if (rpath) { - n = strlen(server_data.www_dir); - if (!strncmp(server_data.www_dir, rpath, n)) - resp = create_response_file(nurl, - method, - rp_code, - fpath); - free(rpath); - } + if (is_access_allowed(fpath)) + resp = create_response_file(nurl, + method, + rp_code, + fpath); free(fpath); } @@ -287,7 +311,8 @@ static int cbk_http_request(void *cls, const char *method, const char *version, const char *upload_data, - size_t *upload_data_size, void **ptr) + size_t *upload_data_size, + void **ptr) { static int dummy; struct MHD_Response *response; @@ -300,7 +325,8 @@ static int cbk_http_request(void *cls, if (&dummy != *ptr) { /* The first time only the headers are valid, do not - respond in the first round... */ + * respond in the first round... + */ *ptr = &dummy; return MHD_YES; } @@ -422,7 +448,7 @@ int main(int argc, char *argv[]) server_data.cpu_usage = create_cpu_usage_sensor(600); #endif - if (!*server_data.sensors) + if (!server_data.sensors || !*server_data.sensors) log_err(_("No sensors detected.")); d = MHD_start_daemon(MHD_USE_THREAD_PER_CONNECTION, @@ -481,7 +507,7 @@ int main(int argc, char *argv[]) psensor_free(server_data.cpu_usage); #endif free(server_data.www_dir); - sensors_cleanup(); + lmsensor_cleanup(); #ifdef HAVE_GTOP sysinfo_cleanup();