1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
#!/usr/bin/env perl
BEGIN {
# add current source dir to the include-path
# we need this for make distcheck
(my $srcdir = $0) =~ s,/[^/]+$,/,;
unshift @INC, $srcdir;
}
use strict;
use IO::Socket;
use Test::More tests => 10;
use LightyTest;
my $tf = LightyTest->new();
my $t;
my $docroot = $tf->{'TESTDIR'}."/tmp/lighttpd/servers/www.example.org/pages";
sub init_testbed {
return 0 unless eval { symlink("",""); 1 };
my $f = "$docroot/index.html";
my $l = "$docroot/index.xhtml";
my $rc = undef;
unless (-l $l) {
return 0 unless symlink($f,$l);
};
$f = "$docroot/expire";
$l = "$docroot/symlinked";
$rc = undef;
unless (-l $l) {
return 0 unless symlink($f,$l);
}
return 1;
};
SKIP: {
skip "perl does not support symlinking or setting up the symlinks failed.", 10 unless init_testbed;
ok($tf->start_proc == 0, "Starting lighttpd") or die();
# allow case
# simple file
$t->{REQUEST} = ( <<EOF
GET /index.html HTTP/1.0
Host: symlink.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
ok($tf->handle_http($t) == 0, 'allow: simple file');
# symlinked file
$t->{REQUEST} = ( <<EOF
GET /index.xhtml HTTP/1.0
Host: symlink.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
ok($tf->handle_http($t) == 0, 'allow: symlinked file');
# directly symlinked dir
$t->{REQUEST} = ( <<EOF
GET /symlinked/ HTTP/1.0
Host: symlink.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
ok($tf->handle_http($t) == 0, 'allow: directly symlinked dir');
# symlinked dir in path
$t->{REQUEST} = ( <<EOF
GET /symlinked/access.txt HTTP/1.0
Host: symlink.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
ok($tf->handle_http($t) == 0, 'allow: symlinked dir in path');
# deny case
# simple file
$t->{REQUEST} = ( <<EOF
GET /index.html HTTP/1.0
Host: nosymlink.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
ok($tf->handle_http($t) == 0, 'deny: simple file');
# symlinked file
$t->{REQUEST} = ( <<EOF
GET /index.xhtml HTTP/1.0
Host: nosymlink.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
ok($tf->handle_http($t) == 0, 'deny: symlinked file');
# directly symlinked dir
$t->{REQUEST} = ( <<EOF
GET /symlinked/ HTTP/1.0
Host: nosymlink.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
ok($tf->handle_http($t) == 0, 'deny: directly symlinked dir');
# symlinked dir in path
$t->{REQUEST} = ( <<EOF
GET /symlinked/access.txt HTTP/1.0
Host: nosymlink.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
ok($tf->handle_http($t) == 0, 'deny: symlinked dir in path');
# cleanup
ok($tf->stop_proc == 0, "Stopping lighttpd");
};
|
