diff options
| -rw-r--r-- | INSTALL | 4 | ||||
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | doc/config/conf.d/Makefile.am | 1 | ||||
| -rw-r--r-- | doc/config/conf.d/secdownload.conf | 35 | ||||
| -rw-r--r-- | doc/config/modules.conf | 7 | ||||
| -rw-r--r-- | doc/outdated/Makefile.am | 2 | ||||
| -rw-r--r-- | doc/outdated/configuration.txt | 2 | ||||
| -rw-r--r-- | doc/outdated/secdownload.txt | 147 | ||||
| -rw-r--r-- | src/mod_userdir.c | 4 | ||||
| -rw-r--r-- | src/rand.c | 2 |
10 files changed, 2 insertions, 204 deletions
@@ -196,7 +196,3 @@ build using CMake and Xcode on Mac OS X with MacPorts $ cmake -Wno-dev -DWITH_PCRE2=1 -DWITH_OPENSSL=1 -DWITH_LUA=1 -DWITH_ZLIB=1 -DWITH_ZSTD=1 -DWITH_BROTLI=1 -DWITH_WEBDAV_PROPS=1 . $ make -j 4 $ make test - - # Note: many tests fail if not built with openssl - # lighttpd will not start up with tests/lighttpd.conf - # (mod_secdownload fails to configure hmac-sha1 and hmac-sha256) diff --git a/configure.ac b/configure.ac index 1cf87b27..7fcba4b3 100644 --- a/configure.ac +++ b/configure.ac @@ -1678,7 +1678,6 @@ do_build="\ mod_rewrite \ mod_rrdtool \ mod_scgi \ - mod_secdownload \ mod_setenv \ mod_simple_vhost \ mod_sockproxy \ @@ -1686,7 +1685,6 @@ do_build="\ mod_staticfile \ mod_status \ mod_userdir \ - mod_usertrack \ mod_vhostdb \ mod_webdav \ mod_wstunnel \ diff --git a/doc/config/conf.d/Makefile.am b/doc/config/conf.d/Makefile.am index 7c976afe..a1eb33b9 100644 --- a/doc/config/conf.d/Makefile.am +++ b/doc/config/conf.d/Makefile.am @@ -13,7 +13,6 @@ EXTRA_DIST=access_log.conf \ proxy.conf \ rrdtool.conf \ scgi.conf \ - secdownload.conf \ simple_vhost.conf \ ssi.conf \ status.conf \ diff --git a/doc/config/conf.d/secdownload.conf b/doc/config/conf.d/secdownload.conf deleted file mode 100644 index 7262e62c..00000000 --- a/doc/config/conf.d/secdownload.conf +++ /dev/null @@ -1,35 +0,0 @@ -####################################################################### -## -## Secure Download Module -## ------------------------ -## -## See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModSecDownload -## -server.modules += ( "mod_secdownload" ) - -## -## Document root for the download area. -## The directory should not be below your normal -## document root! -## -#secdownload.document-root = server_root + "/downloads" - -## -## Secret string that will be used for the checksum calculation. -## -#secdownload.secret = "" - -## -## How long is the secret valid? -## -## Default: 60 seconds -## -#secdownload.timeout = 60 - -## -## Prefix for the download area. -## -#secdownload.uri-prefix = "/download/" - -## -####################################################################### diff --git a/doc/config/modules.conf b/doc/config/modules.conf index f1a3e864..75235b55 100644 --- a/doc/config/modules.conf +++ b/doc/config/modules.conf @@ -30,7 +30,6 @@ ## - mod_scgi -> conf.d/scgi.conf ## - mod_fastcgi -> conf.d/fastcgi.conf ## - mod_proxy -> conf.d/proxy.conf -## - mod_secdownload -> conf.d/secdownload.conf ## - mod_expire -> conf.d/expire.conf ## ## NOTE: The order of modules in server.modules is important. @@ -48,7 +47,6 @@ server.modules = ( # "mod_rewrite", "mod_access", -# "mod_evasive", # "mod_auth", # "mod_authn_file", # "mod_redirect", @@ -105,11 +103,6 @@ server.modules = ( #include conf_dir + "/conf.d/rrdtool.conf" ## -## mod_secdownload -## -#include conf_dir + "/conf.d/secdownload.conf" - -## ####################################################################### ####################################################################### diff --git a/doc/outdated/Makefile.am b/doc/outdated/Makefile.am index 0ee37207..b901f501 100644 --- a/doc/outdated/Makefile.am +++ b/doc/outdated/Makefile.am @@ -12,7 +12,6 @@ plugins.txt \ proxy.txt \ redirect.txt \ rewrite.txt \ -secdownload.txt \ security.txt \ simple-vhost.txt \ skeleton.txt \ @@ -47,7 +46,6 @@ HTMLDOCS=accesslog.html \ proxy.html \ redirect.html \ rewrite.html \ - secdownload.html \ security.html \ simple-vhost.html \ skeleton.html \ diff --git a/doc/outdated/configuration.txt b/doc/outdated/configuration.txt index de7b2be5..c3cf6924 100644 --- a/doc/outdated/configuration.txt +++ b/doc/outdated/configuration.txt @@ -369,13 +369,11 @@ server.modules "mod_simple_vhost", "mod_evhost", "mod_userdir", - "mod_secdownload", "mod_fastcgi", "mod_proxy", "mod_cgi", "mod_ssi", "mod_deflate", - "mod_usertrack", "mod_expire", "mod_rrdtool", "mod_accesslog" ) diff --git a/doc/outdated/secdownload.txt b/doc/outdated/secdownload.txt deleted file mode 100644 index 6b2de072..00000000 --- a/doc/outdated/secdownload.txt +++ /dev/null @@ -1,147 +0,0 @@ -=========================== -Secure and Fast Downloading -=========================== - ------------------------ -Module: mod_secdownload ------------------------ - -:Author: Jan Kneschke -:Date: $Date: 2004/08/01 07:01:29 $ -:Revision: $Revision: 1.1 $ - -:abstract: - authenticated file requests and a countermeasure against - deep-linking can be achieved easily by using mod_secdownload - -.. meta:: - :keywords: lighttpd, secure, fast, downloads - -.. contents:: Table of Contents - -Options -======= - -:: - - secdownload.secret = <string> - secdownload.document-root = <string> - secdownload.uri-prefix = <string> (default: /) - secdownload.timeout = <short> (default: 60 seconds) - -Description -=========== - -there are multiple ways to handle secured download mechanisms: - -1. use the webserver and the internal HTTP authentication -2. use the application to authenticate and send the file - through the application - -Both ways have limitations: - -webserver: - -- ``+`` fast download -- ``+`` no additional system load -- ``-`` inflexible authentication handling - -application: - -- ``+`` integrated into the overall layout -- ``+`` very flexible permission management -- ``-`` the download occupies an application thread/process - -A simple way to combine the two ways could be: - -1. app authenticates user and checks permissions to - download the file. -2. app redirects user to the file accessible by the webserver - for further downloading. -3. the webserver transfers the file to the user. - -As the webserver doesn't know anything about the permissions -used in the app, the resulting URL would be available to every -user who knows the URL. - -mod_secdownload removes this problem by introducing a way to -authenticate a URL for a specified time. The application has -to generate a token and a timestamp which are checked by the -webserver before it allows the file to be downloaded by the -webserver. - -The generated URL has to have the format: - -<uri-prefix><token>/<timestamp-in-hex><rel-path> - -<token> is an MD5 of - -1. a secret string (user supplied) -2. <rel-path> (starts with /) -3. <timestamp-in-hex> - - -As you can see, the token is not bound to the user at all. The -only limiting factor is the timestamp which is used to -invalidate the URL after a given timeout (secdownload.timeout). - -.. Note:: - Be sure to choose a another secret than the one used in the - examples, as this is the only part of the token that is not - known to the user. - - - -If the user tries to fake the URL by choosing a random token, -status 403 'Forbidden' will be sent out. - -If the timeout is reached, status 408 'Request Timeout' will be -sent. (This does not really conform to the standard, but should -do the trick). - -If token and timeout are valid, the <rel-path> is appended to -the configured (secdownload.document-root) and passed to the -normal internal file transfer functionality. This might lead to -status 200 or 404. - -Example -======= - -Application ------------ - -Your application has to generate the correct URLs. The following sample -code for PHP should be easily adaptable to any other language: :: - - <?php - - $secret = "verysecret"; - $uri_prefix = "/dl/"; - - # filename - $f = "/secret-file.txt"; - - # current timestamp - $t = time(); - - $t_hex = sprintf("%08x", $t); - $m = md5($secret.$f.$t_hex); - - # generate link - printf('<a href="%s%s/%s%s">%s</a>', - $uri_prefix, $m, $t_hex, $f, $f); - ?> - -Webserver ---------- - -The server has to be configured in the same way. The URI prefix and -secret have to match: :: - - server.modules = ( ..., "mod_secdownload", ... ) - - secdownload.secret = "verysecret" - secdownload.document-root = "/home/www/servers/download-area/" - secdownload.uri-prefix = "/dl/" - secdownload.timeout = 120 - secdownload.algorithm = "md5" diff --git a/src/mod_userdir.c b/src/mod_userdir.c index 3bd8e77e..00f98cab 100644 --- a/src/mod_userdir.c +++ b/src/mod_userdir.c @@ -260,9 +260,7 @@ static handler_t mod_userdir_docroot_construct(request_st * const r, plugin_data * and some special handling for trailing '.', ' ' and '/' on windows * we assume that no docroot/physical handler changed this * (docroot should only set the docroot/server name, physical should only - * change the physical.path; - * the exception mod_secdownload doesn't work with userdir anyway) - */ + * change the physical.path) */ buffer_append_slash(&r->physical.path); /* if no second '/' is found, we assume that it was stripped from the * uri.path for the special handling on windows. we do not care about the @@ -107,7 +107,7 @@ * Update: li_rand_init() is now deferred until first use so that installations * that do not use modules which use these routines do need to potentially block * at startup. Current use by core lighttpd modules is in mod_auth HTTP Digest - * auth and in mod_usertrack. Deferring collection of random data until first + * auth. Deferring collection of random data until first * use may allow sufficient entropy to be collected by kernel before first use, * helping reduce or avoid situations in low-entropy-generating embedded devices * which might otherwise block lighttpd for minutes at device startup. |