Only allow GET and HEAD for static files or return 405.

ok florian@
author: reyk <reyk@openbsd.org> 2014-08-03 22:47:25 +0000
committer: reyk <reyk@openbsd.org> 2014-08-03 22:47:25 +0000
commit: b4a1c449cd30b7cd4b724fad059b0200e69bde66 (patch)
tree: 4e144a6ce0108bbc45a8afa2ebe853d954c34443
parent: Also write log messages, like 404 Not Found, on error. This is a bit (diff)
download: wireguard-openbsd-b4a1c449cd30b7cd4b724fad059b0200e69bde66.tar.xz
wireguard-openbsd-b4a1c449cd30b7cd4b724fad059b0200e69bde66.zip
1 files changed, 10 insertions, 1 deletions
diff --git a/usr.sbin/httpd/server_file.c b/usr.sbin/httpd/server_file.c
index 19414ab23af..705bb9f07ac 100644
--- a/usr.sbin/httpd/server_file.c
+++ b/usr.sbin/httpd/server_file.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: server_file.c,v 1.26 2014/08/03 22:38:12 reyk Exp $	*/
+/*	$OpenBSD: server_file.c,v 1.27 2014/08/03 22:47:25 reyk Exp $	*/
 
 /*
  * Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -63,6 +63,15 @@ server_file_access(struct client *clt, char *path, size_t len,
 
 	errno = 0;
 
+	switch (desc->http_method) {
+	case HTTP_METHOD_GET:
+	case HTTP_METHOD_HEAD:
+		break;
+	default:
+		/* Other methods are not allowed */
+		return (405);
+	}
+
 	if (access(path, R_OK) == -1) {
 		goto fail;
 	} else if (stat(path, st) == -1) {
author	reyk <reyk@openbsd.org>	2014-08-03 22:47:25 +0000
committer	reyk <reyk@openbsd.org>	2014-08-03 22:47:25 +0000
commit	b4a1c449cd30b7cd4b724fad059b0200e69bde66 (patch)
tree	4e144a6ce0108bbc45a8afa2ebe853d954c34443
parent	Also write log messages, like 404 Not Found, on error. This is a bit (diff)
download	wireguard-openbsd-b4a1c449cd30b7cd4b724fad059b0200e69bde66.tar.xz wireguard-openbsd-b4a1c449cd30b7cd4b724fad059b0200e69bde66.zip