chiark / gitweb /
Always choose the cookie with the longest path.
[disorder] / server / cgimain.c
CommitLineData
460b9539 1/*
2 * This file is part of DisOrder.
ac169f8a 3 * Copyright (C) 2004, 2005, 2007, 2008 Richard Kettlewell
460b9539 4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
18 * USA
19 */
20
21#include <config.h>
6d2d327c 22#include "types.h"
460b9539 23
24#include <stdio.h>
25#include <errno.h>
26#include <stdlib.h>
27#include <sys/types.h>
28#include <sys/socket.h>
29#include <locale.h>
30#include <string.h>
31#include <stdarg.h>
32
33#include "client.h"
34#include "sink.h"
35#include "cgi.h"
460b9539 36#include "mem.h"
37#include "log.h"
38#include "configuration.h"
39#include "disorder.h"
40#include "api-client.h"
fdf98378 41#include "mime.h"
b64c2805 42#include "printf.h"
938d8157 43#include "dcgi.h"
36bde473 44#include "url.h"
fdf98378 45
ac169f8a 46/** @brief Return true if @p a is better than @p b
47 *
48 * NB. We don't bother checking if the path is right, we merely check for the
49 * longest path. This isn't a security hole: if the browser wants to send us
50 * bad cookies it's quite capable of sending just the right path anyway. The
51 * point of choosing the longest path is to avoid using a cookie set by another
52 * CGI script which shares a path prefix with us, which would allow it to
53 * maliciously log users out.
54 *
55 * Such a script could still "maliciously" log someone in, if it had acquired a
56 * suitable cookie. But it could just log in directly if it had that, so there
57 * is no obvious vulnerability here either.
58 */
59static int better_cookie(const struct cookie *a, const struct cookie *b) {
60 if(a->path && b->path)
61 /* If both have a path then the one with the longest path is best */
62 return strlen(a->path) > strlen(b->path);
63 else if(a->path)
64 /* If only @p a has a path then it is better */
65 return 1;
66 else
67 /* If neither have a path, or if only @p b has a path, then @p b is
68 * better */
69 return 0;
70}
71
460b9539 72int main(int argc, char **argv) {
fdf98378 73 const char *cookie_env, *conf;
460b9539 74 dcgi_global g;
75 dcgi_state s;
76 cgi_sink output;
ac169f8a 77 int n, best_cookie;
fdf98378 78 struct cookiedata cd;
460b9539 79
460b9539 80 if(argc > 0) progname = argv[0];
81 cgi_parse();
82 if((conf = getenv("DISORDER_CONFIG"))) configfile = xstrdup(conf);
83 if(getenv("DISORDER_DEBUG")) debugging = 1;
c00fce3a 84 if(config_read(0)) exit(EXIT_FAILURE);
36bde473 85 if(!config->url)
86 config->url = infer_url();
460b9539 87 memset(&g, 0, sizeof g);
88 memset(&s, 0, sizeof s);
89 s.g = &g;
90 g.client = disorder_get_client();
91 output.quote = 1;
b64c2805 92 output.sink = sink_stdio("stdout", stdout);
fdf98378 93 /* See if there's a cookie */
94 cookie_env = getenv("HTTP_COOKIE");
95 if(cookie_env) {
96 /* This will be an HTTP header */
97 if(!parse_cookie(cookie_env, &cd)) {
ac169f8a 98 /* Pick the best available cookie from all those offered */
99 best_cookie = -1;
100 for(n = 0; n < cd.ncookies; ++n) {
101 /* Is this the right cookie? */
102 if(strcmp(cd.cookies[n].name, "disorder"))
103 continue;
104 /* Is it better than anything we've seen so far? */
105 if(best_cookie < 0
106 || better_cookie(&cd.cookies[n], &cd.cookies[best_cookie]))
107 best_cookie = n;
108 }
109 if(best_cookie != -1)
110 login_cookie = cd.cookies[best_cookie].value;
fdf98378 111 }
460b9539 112 }
938d8157 113 disorder_cgi_login(&s, &output);
b64c2805 114 /* TODO RFC 3875 s8.2 recommendations e.g. concerning PATH_INFO */
460b9539 115 disorder_cgi(&output, &s);
116 if(fclose(stdout) < 0) fatal(errno, "error closing stdout");
117 return 0;
118}
119
120/*
121Local Variables:
122c-basic-offset:2
123comment-column:40
ac169f8a 124fill-column:79
125indent-tabs-mode:nil
460b9539 126End:
127*/