diff -urN openlitespeed-1.0.4.orig/src/http/httpresp.cpp openlitespeed-1.0.4/src/http/httpresp.cpp
--- openlitespeed-1.0.4.orig/src/http/httpresp.cpp 2013-06-20 22:11:19.000000000 +0200
+++ openlitespeed-1.0.4/src/http/httpresp.cpp 2013-07-10 11:00:54.764032924 +0200
@@ -127,22 +127,30 @@
{
char achDateTime[60];
char * p = s_sCommonHeaders;
- memcpy( p, "Server: ", 8 );
- p += 8;
- memcpy( p, HttpServerVersion::getVersion(),
- HttpServerVersion::getVersionLen() );
- p += HttpServerVersion::getVersionLen();
-
+ if( HttpServerVersion::getVersionLen() )
+ {
+ memcpy( p, "Server: ", 8 );
+ p += 8;
+ memcpy( p, HttpServerVersion::getVersion(),
+ HttpServerVersion::getVersionLen() );
+ p += HttpServerVersion::getVersionLen();
+ memcpy( p, "\r\n", 2 );
+ p += 2;
+ }
p += safe_snprintf( p, sizeof( s_sCommonHeaders ) - ( p - s_sCommonHeaders ),
- "\r\n" "Date: %s\r\n" "Accept-Ranges: bytes\r\n",
+ "Date: %s\r\n" "Accept-Ranges: bytes\r\n",
DateTime::getRFCTime( DateTime::s_curTime, achDateTime ) );
s_iCommonHeaderLen = p - s_sCommonHeaders - RANGE_HEADER_LEN;
}
void HttpResp::updateDateHeader()
{
- char * pDateValue = &s_sCommonHeaders[ 10 + 6 +
- HttpServerVersion::getVersionLen()];
+ int vLen = HttpServerVersion::getVersionLen();
+
+ if ( vLen > 0 )
+ vLen += 10;
+
+ char * pDateValue = &s_sCommonHeaders[ 6 + vLen];
DateTime::getRFCTime( DateTime::s_curTime, pDateValue);
*(pDateValue + RFC_1123_TIME_LEN) = '\r';
}
diff -urN openlitespeed-1.0.4.orig/src/http/httpserverversion.cpp openlitespeed-1.0.4/src/http/httpserverversion.cpp
--- openlitespeed-1.0.4.orig/src/http/httpserverversion.cpp 2013-06-20 22:11:19.000000000 +0200
+++ openlitespeed-1.0.4/src/http/httpserverversion.cpp 2013-07-10 09:58:21.208033354 +0200
@@ -23,9 +23,11 @@
void HttpServerVersion::hideDetail( int hide )
{
- if ( hide )
+ if ( !hide )
s_iVersionLen = 9;
+ else if ( 2 == hide )
+ s_iVersionLen = 0;
else
- s_iVersionLen = sizeof( s_pVersion ) - 1;
+ s_iVersionLen = sizeof( s_pVersion ) - 1;
}
diff -urN openlitespeed-1.0.4.orig/src/main/httpserverbuilder.cpp openlitespeed-1.0.4/src/main/httpserverbuilder.cpp
--- openlitespeed-1.0.4.orig/src/main/httpserverbuilder.cpp 2013-06-20 22:11:19.000000000 +0200
+++ openlitespeed-1.0.4/src/main/httpserverbuilder.cpp 2013-07-10 09:47:48.196032760 +0200
@@ -3855,13 +3855,18 @@
if ( pURI )
m_sAutoIndexURI.setStr( pURI );
- int sv = getLongValue( pRoot, "showVersionNumber", 0, 1, 0 );
- HttpServerVersion::hideDetail( !sv );
- if ( !sv )
+ int sv = getLongValue( pRoot, "showVersionNumber", 0, 2, 0 );
+ HttpServerVersion::hideDetail( sv );
+ if ( 0 == sv )
{
LOG_INFO(( "[%s] For better obscurity, server version number is hidden"
" in the response header.", getLogId() ));
}
+ if ( 2 == sv )
+ {
+ LOG_INFO(( "[%s] For better obscurity, server header is hidden.",
+ getLogId(), sv ));
+ }
denyAccessFiles( NULL, ".ht*", 0 );