Mercurial > hg > nginx
comparison src/core/ngx_file.c @ 6730:1606a817c1d4
Core: ngx_conf_set_access_slot() user access (ticket #1096).
Previously, user access bits were always set to "rw" unconditionally,
even with "user:r" explicitly specified. With this change we only add
default user access bits (0600) if they weren't set explicitly.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 07 Oct 2016 16:59:14 +0300 |
parents | 8bf484eef9ab |
children | 1a917932db96 |
comparison
equal
deleted
inserted
replaced
6729:cecf415643d7 | 6730:1606a817c1d4 |
---|---|
439 { | 439 { |
440 char *confp = conf; | 440 char *confp = conf; |
441 | 441 |
442 u_char *p; | 442 u_char *p; |
443 ngx_str_t *value; | 443 ngx_str_t *value; |
444 ngx_uint_t i, right, shift, *access; | 444 ngx_uint_t i, right, shift, *access, user; |
445 | 445 |
446 access = (ngx_uint_t *) (confp + cmd->offset); | 446 access = (ngx_uint_t *) (confp + cmd->offset); |
447 | 447 |
448 if (*access != NGX_CONF_UNSET_UINT) { | 448 if (*access != NGX_CONF_UNSET_UINT) { |
449 return "is duplicate"; | 449 return "is duplicate"; |
450 } | 450 } |
451 | 451 |
452 value = cf->args->elts; | 452 value = cf->args->elts; |
453 | 453 |
454 *access = 0600; | 454 *access = 0; |
455 user = 0600; | |
455 | 456 |
456 for (i = 1; i < cf->args->nelts; i++) { | 457 for (i = 1; i < cf->args->nelts; i++) { |
457 | 458 |
458 p = value[i].data; | 459 p = value[i].data; |
459 | 460 |
460 if (ngx_strncmp(p, "user:", sizeof("user:") - 1) == 0) { | 461 if (ngx_strncmp(p, "user:", sizeof("user:") - 1) == 0) { |
461 shift = 6; | 462 shift = 6; |
462 p += sizeof("user:") - 1; | 463 p += sizeof("user:") - 1; |
464 user = 0; | |
463 | 465 |
464 } else if (ngx_strncmp(p, "group:", sizeof("group:") - 1) == 0) { | 466 } else if (ngx_strncmp(p, "group:", sizeof("group:") - 1) == 0) { |
465 shift = 3; | 467 shift = 3; |
466 p += sizeof("group:") - 1; | 468 p += sizeof("group:") - 1; |
467 | 469 |
483 goto invalid; | 485 goto invalid; |
484 } | 486 } |
485 | 487 |
486 *access |= right << shift; | 488 *access |= right << shift; |
487 } | 489 } |
490 | |
491 *access |= user; | |
488 | 492 |
489 return NGX_CONF_OK; | 493 return NGX_CONF_OK; |
490 | 494 |
491 invalid: | 495 invalid: |
492 | 496 |