Hi, I already use mod_secure_download successfully. However I'd like to use a rather long expiry period like one week or so, but there seems to be a limit to secdownload.timeout at approx. 65000. I.e. if I chose a higher timeout link expire prematurely. The location of the limit suggests an unsigned integer overflow, so maybe it's only a small wish if I ask for an extension to 32-bit integers? Thanks a lot. Cheers.
on 11.05.2008 11:26
on 15.05.2008 07:26
I did not dare to touch too much, so I just hacked the time stamp
comparison to check minutes not seconds. This might not be the right
thing for everybody (and implies hacking your code for link generation
as well), but here's the patch:
--- lighttpd-1.4.13/src/mod_secure_download.c.old 2008-05-15
07:58:21.000000000 +0200
+++ lighttpd-1.4.13/src/mod_secure_download.c 2008-05-15
08:05:56.000000000 +0200
@@ -243,8 +243,8 @@
}
/* timed-out */
- if (srv->cur_ts - ts > p->conf.timeout ||
- srv->cur_ts - ts < -p->conf.timeout) {
+ if ((srv->cur_ts / 60) - ts > p->conf.timeout ||
+ (srv->cur_ts / 60) - ts < -p->conf.timeout) {
/* "Gone" as the url will never be valid again instead
of "408 - Timeout" where the request may be repeated */
con->http_status = 410;
