From 1521a3caaa186ccd36d7ec7a8d0be89496d8214c Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 7 Jun 2013 11:36:34 +0200 Subject: [PATCH] Removed ability to send binary files. --- doc/sample.config | 5 +--- src/config.c | 1 - src/vpn.h | 1 - src/worker-extras.c | 62 --------------------------------------------- src/worker-vpn.c | 4 --- src/worker.h | 1 - 6 files changed, 1 insertion(+), 73 deletions(-) diff --git a/doc/sample.config b/doc/sample.config index 7cc1148c..1807985d 100644 --- a/doc/sample.config +++ b/doc/sample.config @@ -175,10 +175,7 @@ route = 192.168.1.0/255.255.255.0 # Client profile xml. A sample file exists in doc/profile.xml. # This file must be accessible from inside the worker's chroot. # The profile is ignored by the openconnect client. -user-profile = profile.xml - -# Binary files' location. Must be within any chroot environment. -binary-files = ./binaries/ +#user-profile = profile.xml # Unless set to false it is required for clients to present their # certificate even if they are authenticating via a previously granted diff --git a/src/config.c b/src/config.c index 5bd310a3..cc4124c9 100644 --- a/src/config.c +++ b/src/config.c @@ -165,7 +165,6 @@ unsigned j; READ_STRING("pin-file", config->pin_file, 0); READ_STRING("srk-pin-file", config->srk_pin_file, 0); #ifdef ANYCONNECT_CLIENT_COMPAT - READ_STRING("binary-files", config->binary_path, 0); READ_STRING("user-profile", config->xml_config_file, 0); #endif diff --git a/src/vpn.h b/src/vpn.h index 0acaf364..017bb861 100644 --- a/src/vpn.h +++ b/src/vpn.h @@ -114,7 +114,6 @@ struct cfg_st { char *disconnect_script; #ifdef ANYCONNECT_CLIENT_COMPAT - char *binary_path; /* a path to binary files */ char *xml_config_file; char *xml_config_hash; char *cert_hash; diff --git a/src/worker-extras.c b/src/worker-extras.c index 08a6b298..dd50b23c 100644 --- a/src/worker-extras.c +++ b/src/worker-extras.c @@ -178,66 +178,4 @@ int ret; return 0; } -int get_file_handler(worker_st *ws, unsigned http_ver) -{ -int ret; -const char* file; -char path[_POSIX_PATH_MAX]; -struct stat st; - - if (ws->config->binary_path == NULL || ws->req.url == NULL) - return -1; - - file = strrchr(ws->req.url, '/'); - if (file == NULL) - return -1; - file++; - - snprintf(path, sizeof(path), "%s/%s", ws->config->binary_path, file); - - if (stat(path, &st) == -1) { - oclog(ws, LOG_DEBUG, "file %s was not found", path); - tls_printf(ws->session, "HTTP/1.%u 503 Not found\r\n", http_ver); - - return -1; - } - - tls_cork(ws->session); - ret = tls_printf(ws->session, "HTTP/1.%u 200 OK\r\n", http_ver); - if (ret < 0) - return -1; - - ret = tls_puts(ws->session, "Connection: Keep-Alive\r\n"); - if (ret < 0) - return -1; - - ret = tls_puts(ws->session, "Content-Type: application/x-executable\r\n"); - if (ret < 0) - return -1; - - ret = tls_printf(ws->session, "Content-Length: %u\r\n", ((unsigned int)st.st_size)); - if (ret < 0) - return -1; - - ret = tls_puts(ws->session, "X-Transcend-Version: 1\r\n"); - if (ret < 0) - return -1; - - ret = tls_puts(ws->session, "\r\n"); - if (ret < 0) - return -1; - - ret = tls_uncork(ws->session); - if (ret < 0) - return -1; - - ret = tls_send_file(ws->session, path); - if (ret < 0) - return -1; - - oclog(ws, LOG_DEBUG, "sent file %s (%u bytes)", path, (unsigned)st.st_size); - - return 0; -} - #endif diff --git a/src/worker-vpn.c b/src/worker-vpn.c index eb815998..f7bb30aa 100644 --- a/src/worker-vpn.c +++ b/src/worker-vpn.c @@ -100,10 +100,6 @@ const static struct known_urls_st known_urls[] = { LL("/1/index.html", get_auth_handler, post_auth_handler), LL("/profiles", get_config_handler, NULL), LL("/+CSCOT+/translation-table", get_cscot_handler, NULL), - LL("/1/Windows", get_empty_handler, NULL), - LL("/1/Linux_64", get_empty_handler, NULL), - LL("/1/Linux_32", get_empty_handler, NULL), - LL_DIR("/1/binaries/", get_file_handler, NULL), #endif {NULL, 0, 0, NULL, NULL} }; diff --git a/src/worker.h b/src/worker.h index e4c59e1d..6ca08cb6 100644 --- a/src/worker.h +++ b/src/worker.h @@ -121,7 +121,6 @@ int get_auth_handler(worker_st *server, unsigned http_ver); int post_auth_handler(worker_st *server, unsigned http_ver); int get_empty_handler(worker_st *server, unsigned http_ver); -int get_file_handler(worker_st *ws, unsigned http_ver); int get_config_handler(worker_st *ws, unsigned http_ver); int get_cscot_handler(worker_st *ws, unsigned http_ver);