openwsman/SOURCES/openwsman-2.6.8-CVE-2019-38...

diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c
--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig	2019-03-13 08:52:06.112090942 +0100
+++ openwsman-2.6.8/src/server/shttpd/shttpd.c	2019-03-13 09:01:15.496156789 +0100
@@ -336,10 +336,12 @@ date_to_epoch(const char *s)
 }
 
 static void
-remove_double_dots(char *s)
+remove_all_leading_dots(char *s)
 {
 	char	*p = s;
 
+	while (*s != '\0' && *s == '.') s++;
+
 	while (*s != '\0') {
 		*p++ = *s++;
 		if (s[-1] == '/' || s[-1] == '\\')
@@ -546,7 +548,7 @@ decide_what_to_do(struct conn *c)
 		*c->query++ = '\0';
 
 	_shttpd_url_decode(c->uri, strlen(c->uri), c->uri, strlen(c->uri) + 1);
-	remove_double_dots(c->uri);
+	remove_all_leading_dots(c->uri);
 
 	root = c->ctx->options[OPT_ROOT];
 	if (strlen(c->uri) + strlen(root) >= sizeof(path)) {
@@ -556,6 +558,7 @@ decide_what_to_do(struct conn *c)
 
 	(void) _shttpd_snprintf(path, sizeof(path), "%s%s", root, c->uri);
 
+	DBG(("decide_what_to_do -> processed path: [%s]", path));
 	/* User may use the aliases - check URI for mount point */
 	if (is_alias(c->ctx, c->uri, &alias_uri, &alias_path) != NULL) {
 		(void) _shttpd_snprintf(path, sizeof(path), "%.*s%s",
@@ -572,7 +575,10 @@ decide_what_to_do(struct conn *c)
 	if ((ruri = _shttpd_is_registered_uri(c->ctx, c->uri)) != NULL) {
 		_shttpd_setup_embedded_stream(c,
 		    ruri->callback, ruri->callback_data);
-	} else
+	} else {
+		_shttpd_send_server_error(c, 403, "Forbidden");
+	}
+#if 0
 	if (strstr(path, HTPASSWD)) {
 		/* Do not allow to view passwords files */
 		_shttpd_send_server_error(c, 403, "Forbidden");
@@ -656,6 +662,7 @@ decide_what_to_do(struct conn *c)
 	} else {
 		_shttpd_send_server_error(c, 500, "Internal Error");
 	}
+#endif
 }
 
 static int
diff -up openwsman-2.6.8/src/server/wsmand.c.orig openwsman-2.6.8/src/server/wsmand.c
--- openwsman-2.6.8/src/server/wsmand.c.orig	2018-10-12 12:06:26.000000000 +0200
+++ openwsman-2.6.8/src/server/wsmand.c	2019-03-13 09:03:25.919181279 +0100
@@ -198,6 +198,10 @@ static void daemonize(void)
 	int fd;
 	char *pid;
 
+	/* Change our CWD to / */
+	i = chdir("/");
+	assert(i == 0);
+
 	if (wsmand_options_get_foreground_debug() > 0) {
 		return;
 	}
@@ -214,10 +218,6 @@ static void daemonize(void)
 	log_pid = 0;
 	setsid();
 
-	/* Change our CWD to / */
-	i=chdir("/");
-        assert(i == 0);
-
 	/* Close all file descriptors. */
 	for (i = getdtablesize(); i >= 0; --i)
 		close(i);
import openwsman-2.6.8-22.el9 3 years ago			`diff -up openwsman-2.6.8/src/server/shttpd/shttpd.c.orig openwsman-2.6.8/src/server/shttpd/shttpd.c`
			`--- openwsman-2.6.8/src/server/shttpd/shttpd.c.orig 2019-03-13 08:52:06.112090942 +0100`
			`+++ openwsman-2.6.8/src/server/shttpd/shttpd.c 2019-03-13 09:01:15.496156789 +0100`
			`@@ -336,10 +336,12 @@ date_to_epoch(const char *s)`
			`}`

			`static void`
			`-remove_double_dots(char *s)`
			`+remove_all_leading_dots(char *s)`
			`{`
			`char *p = s;`

			`+ while (s != '\0' && s == '.') s++;`
			`+`
			`while (*s != '\0') {`
			`p++ = s++;`
			`if (s[-1] == '/' \|\| s[-1] == '\\')`
			`@@ -546,7 +548,7 @@ decide_what_to_do(struct conn *c)`
			`*c->query++ = '\0';`

			`_shttpd_url_decode(c->uri, strlen(c->uri), c->uri, strlen(c->uri) + 1);`
			`- remove_double_dots(c->uri);`
			`+ remove_all_leading_dots(c->uri);`

			`root = c->ctx->options[OPT_ROOT];`
			`if (strlen(c->uri) + strlen(root) >= sizeof(path)) {`
			`@@ -556,6 +558,7 @@ decide_what_to_do(struct conn *c)`

			`(void) _shttpd_snprintf(path, sizeof(path), "%s%s", root, c->uri);`

			`+ DBG(("decide_what_to_do -> processed path: [%s]", path));`
			`/* User may use the aliases - check URI for mount point */`
			`if (is_alias(c->ctx, c->uri, &alias_uri, &alias_path) != NULL) {`
			`(void) _shttpd_snprintf(path, sizeof(path), "%.*s%s",`
			`@@ -572,7 +575,10 @@ decide_what_to_do(struct conn *c)`
			`if ((ruri = _shttpd_is_registered_uri(c->ctx, c->uri)) != NULL) {`
			`_shttpd_setup_embedded_stream(c,`
			`ruri->callback, ruri->callback_data);`
			`- } else`
			`+ } else {`
			`+ _shttpd_send_server_error(c, 403, "Forbidden");`
			`+ }`
			`+#if 0`
			`if (strstr(path, HTPASSWD)) {`
			`/* Do not allow to view passwords files */`
			`_shttpd_send_server_error(c, 403, "Forbidden");`
			`@@ -656,6 +662,7 @@ decide_what_to_do(struct conn *c)`
			`} else {`
			`_shttpd_send_server_error(c, 500, "Internal Error");`
			`}`
			`+#endif`
			`}`

			`static int`
			`diff -up openwsman-2.6.8/src/server/wsmand.c.orig openwsman-2.6.8/src/server/wsmand.c`
			`--- openwsman-2.6.8/src/server/wsmand.c.orig 2018-10-12 12:06:26.000000000 +0200`
			`+++ openwsman-2.6.8/src/server/wsmand.c 2019-03-13 09:03:25.919181279 +0100`
			`@@ -198,6 +198,10 @@ static void daemonize(void)`
			`int fd;`
			`char *pid;`

			`+ /* Change our CWD to / */`
			`+ i = chdir("/");`
			`+ assert(i == 0);`
			`+`
			`if (wsmand_options_get_foreground_debug() > 0) {`
			`return;`
			`}`
			`@@ -214,10 +218,6 @@ static void daemonize(void)`
			`log_pid = 0;`
			`setsid();`

			`- /* Change our CWD to / */`
			`- i=chdir("/");`
			`- assert(i == 0);`
			`-`
			`/* Close all file descriptors. */`
			`for (i = getdtablesize(); i >= 0; --i)`
			`close(i);`