Pastebin launched a little side project called HostCabi.net, check it out ;-)Don't like ads? PRO users don't see any ads ;-)
Guest

openlitespeed 1.0.4 - hide server version patch

By: steve81 on Jul 10th, 2013  |  syntax: Diff  |  size: 3.30 KB  |  hits: 36  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. diff -urN openlitespeed-1.0.4.orig/src/http/httpresp.cpp openlitespeed-1.0.4/src/http/httpresp.cpp
  2. --- openlitespeed-1.0.4.orig/src/http/httpresp.cpp      2013-06-20 22:11:19.000000000 +0200
  3. +++ openlitespeed-1.0.4/src/http/httpresp.cpp   2013-07-10 11:00:54.764032924 +0200
  4. @@ -127,22 +127,30 @@
  5.  {
  6.      char achDateTime[60];
  7.      char * p = s_sCommonHeaders;
  8. -    memcpy( p, "Server: ", 8 );
  9. -    p += 8;
  10. -    memcpy( p, HttpServerVersion::getVersion(),
  11. -            HttpServerVersion::getVersionLen() );
  12. -    p += HttpServerVersion::getVersionLen();
  13. -    
  14. +    if( HttpServerVersion::getVersionLen() )
  15. +    {
  16. +      memcpy( p, "Server: ", 8 );
  17. +      p += 8;
  18. +      memcpy( p, HttpServerVersion::getVersion(),
  19. +              HttpServerVersion::getVersionLen() );
  20. +      p += HttpServerVersion::getVersionLen();
  21. +      memcpy( p, "\r\n", 2 );
  22. +      p += 2;
  23. +    }
  24.      p += safe_snprintf( p, sizeof( s_sCommonHeaders ) - ( p - s_sCommonHeaders ),
  25. -            "\r\n" "Date: %s\r\n" "Accept-Ranges: bytes\r\n",
  26. +            "Date: %s\r\n" "Accept-Ranges: bytes\r\n",
  27.              DateTime::getRFCTime( DateTime::s_curTime, achDateTime ) );
  28.      s_iCommonHeaderLen = p - s_sCommonHeaders - RANGE_HEADER_LEN;
  29.  }
  30.  
  31.  void HttpResp::updateDateHeader()
  32.  {
  33. -    char * pDateValue = &s_sCommonHeaders[ 10 + 6 +
  34. -                    HttpServerVersion::getVersionLen()];
  35. +    int vLen = HttpServerVersion::getVersionLen();
  36. +
  37. +    if ( vLen > 0 )
  38. +        vLen += 10;
  39. +
  40. +    char * pDateValue = &s_sCommonHeaders[ 6 + vLen];
  41.      DateTime::getRFCTime( DateTime::s_curTime, pDateValue);
  42.      *(pDateValue + RFC_1123_TIME_LEN) = '\r';
  43.  }
  44. diff -urN openlitespeed-1.0.4.orig/src/http/httpserverversion.cpp openlitespeed-1.0.4/src/http/httpserverversion.cpp
  45. --- openlitespeed-1.0.4.orig/src/http/httpserverversion.cpp     2013-06-20 22:11:19.000000000 +0200
  46. +++ openlitespeed-1.0.4/src/http/httpserverversion.cpp  2013-07-10 09:58:21.208033354 +0200
  47. @@ -23,9 +23,11 @@
  48.  
  49.  void HttpServerVersion::hideDetail( int hide )
  50.  {
  51. -    if ( hide )
  52. +    if ( !hide )
  53.          s_iVersionLen = 9;
  54. +    else if ( 2 == hide )
  55. +       s_iVersionLen = 0;
  56.      else
  57. -        s_iVersionLen = sizeof( s_pVersion ) - 1;
  58. +       s_iVersionLen = sizeof( s_pVersion ) - 1;
  59.  }
  60.  
  61. diff -urN openlitespeed-1.0.4.orig/src/main/httpserverbuilder.cpp openlitespeed-1.0.4/src/main/httpserverbuilder.cpp
  62. --- openlitespeed-1.0.4.orig/src/main/httpserverbuilder.cpp     2013-06-20 22:11:19.000000000 +0200
  63. +++ openlitespeed-1.0.4/src/main/httpserverbuilder.cpp  2013-07-10 09:47:48.196032760 +0200
  64. @@ -3855,13 +3855,18 @@
  65.          if ( pURI )
  66.              m_sAutoIndexURI.setStr( pURI );
  67.  
  68. -        int sv = getLongValue( pRoot, "showVersionNumber", 0, 1, 0 );
  69. -        HttpServerVersion::hideDetail( !sv );
  70. -        if ( !sv )
  71. +        int sv = getLongValue( pRoot, "showVersionNumber", 0, 2, 0 );
  72. +        HttpServerVersion::hideDetail( sv );
  73. +        if ( 0 == sv )
  74.          {
  75.              LOG_INFO(( "[%s] For better obscurity, server version number is hidden"
  76.                         " in the response header.", getLogId() ));
  77.          }
  78. +        if ( 2 == sv )
  79. +        {
  80. +            LOG_INFO(( "[%s] For better obscurity, server header is hidden.",
  81. +                       getLogId(), sv ));
  82. +        }
  83.  
  84.          denyAccessFiles( NULL, ".ht*", 0 );