commit fdd8c5b2210b2c3719bce020dfec54bbe36adb49
parent 8d1047f9e55a6210bdee47aecde5728c0ae12c60
Author: Christoph Lohmann <20h@r-36.net>
Date: Sun, 3 Apr 2022 09:49:55 +0200
Add special sticky bit case for the base dir.
Diffstat:
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/geomyidae.8 b/geomyidae.8
@@ -530,7 +530,10 @@ ex.
.
.Sh ENCRYPTION ONLY
If you set the sticky bit (chmod +t) on some file or directory, geomyidae
-will only serve it over an encrypted connection.
+will only serve it over an encrypted connection. There is the special
+case, that when the sticky bit is set on the
+.Ar base
+directory, all content will only be served over tls.
.
.Sh FILES
README, LICENSE, CGI, index.gph, rc.d/, LINKS, gph/
diff --git a/main.c b/main.c
@@ -142,6 +142,19 @@ handlerequest(int sock, char *req, int rlen, char *base, char *ohost,
int len = 0, fd, i, maxrecv;
filetype *type;
+ if (!istls) {
+ if (stat(base, &dir) == -1)
+ return;
+ if (dir.st_mode & S_ISVTX) {
+ dprintf(sock, tlserr, recvc);
+ if (loglvl & ERRORS) {
+ logentry(clienth, clientp, recvc,
+ "encryption only");
+ }
+ return;
+ }
+ }
+
memset(&dir, 0, sizeof(dir));
memset(recvb, 0, sizeof(recvb));
memset(recvc, 0, sizeof(recvc));
