httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pque...@apache.org
Subject cvs commit: httpd-2.0/server config.c core.c request.c
Date Wed, 14 Jul 2004 06:36:42 GMT
pquerna     2004/07/13 23:36:42

  Modified:    .        CHANGES
               docs/manual/mod core.xml
               include  http_config.h http_core.h httpd.h
               server   config.c core.c request.c
  Log:
  Added 'AllowOverride Options=Indexes,MultiViews' to give an admin better
  control over what options can be used in .htaccess files.
  
  PR: 29310
  Submitted by: Tom Alsberg <alsbergt-apache cs.huji.ac.il>
  
  Revision  Changes    Path
  1.1537    +4 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1536
  retrieving revision 1.1537
  diff -u -r1.1536 -r1.1537
  --- CHANGES	12 Jul 2004 17:04:40 -0000	1.1536
  +++ CHANGES	14 Jul 2004 06:36:41 -0000	1.1537
  @@ -2,6 +2,10 @@
   
     [Remove entries to the current 2.0 section below, when backported]
   
  +  *) core: Add Options= syntax to AllowOverride to specify which options
  +     may be overridden in .htaccess files. PR 29310.
  +     [Tom Alsberg <alsbergt cs.huji.ac.il>, Paul Querna]
  +
     *) ab: Handle long URLs with an error instead of an buffer overflow.
        PR 28204. [Erik Weide <erik.weidel mplus-technologies.de>, Paul Querna]
   
  
  
  
  1.89      +6 -3      httpd-2.0/docs/manual/mod/core.xml
  
  Index: core.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/core.xml,v
  retrieving revision 1.88
  retrieving revision 1.89
  diff -u -r1.88 -r1.89
  --- core.xml	6 Jun 2004 14:28:13 -0000	1.88
  +++ core.xml	14 Jul 2004 06:36:41 -0000	1.89
  @@ -355,12 +355,15 @@
         module="mod_authz_host">Deny</directive> and <directive
         module="mod_authz_host">Order</directive>).</dd>
   
  -      <dt>Options</dt>
  +      <dt>Options[=<var>Option</var>,...]</dt>
   
         <dd>
         Allow use of the directives controlling specific directory
         features (<directive module="core">Options</directive> and
  -      <directive module="mod_include">XBitHack</directive>).</dd>
  +      <directive module="mod_include">XBitHack</directive>).
  +      An equal sign may be given followed by a comma (but no spaces)
  +      separated lists of options that may be set using the Options
  +      command.</dd>
       </dl>
   
       <p>Example:</p>
  
  
  
  1.111     +4 -0      httpd-2.0/include/http_config.h
  
  Index: http_config.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/include/http_config.h,v
  retrieving revision 1.110
  retrieving revision 1.111
  diff -u -r1.110 -r1.111
  --- http_config.h	4 Jun 2004 22:40:46 -0000	1.110
  +++ http_config.h	14 Jul 2004 06:36:41 -0000	1.111
  @@ -291,6 +291,9 @@
       struct ap_conf_vector_t *context;
       /** directive with syntax error */
       const ap_directive_t *err_directive;
  +
  +    /** Which allow-override-opts bits are set */
  +    int override_opts;
   };
   
   /**
  @@ -854,6 +857,7 @@
    */
   AP_CORE_DECLARE(int) ap_parse_htaccess(ap_conf_vector_t **result, 
                                          request_rec *r, int override,
  +                                       int override_opts,
                                          const char *path, 
                                          const char *access_name);
   
  
  
  
  1.83      +1 -0      httpd-2.0/include/http_core.h
  
  Index: http_core.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/include/http_core.h,v
  retrieving revision 1.82
  retrieving revision 1.83
  diff -u -r1.82 -r1.83
  --- http_core.h	24 Mar 2004 02:53:35 -0000	1.82
  +++ http_core.h	14 Jul 2004 06:36:41 -0000	1.83
  @@ -412,6 +412,7 @@
       allow_options_t opts_add;
       allow_options_t opts_remove;
       overrides_t override;
  +    allow_options_t override_opts;
       
       /* MIME typing --- the core doesn't do anything at all with this,
        * but it does know what to slap on a request for a document which
  
  
  
  1.211     +2 -0      httpd-2.0/include/httpd.h
  
  Index: httpd.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/include/httpd.h,v
  retrieving revision 1.210
  retrieving revision 1.211
  diff -u -r1.210 -r1.211
  --- httpd.h	26 Feb 2004 13:32:34 -0000	1.210
  +++ httpd.h	14 Jul 2004 06:36:41 -0000	1.211
  @@ -651,6 +651,8 @@
       const char *dir;
       /** the overrides allowed for the .htaccess file */
       int override;
  +    /** the override options allowed for the .htaccess file */
  +    int override_opts;
       /** the configuration directives */
       struct ap_conf_vector_t *htaccess;
       /** the next one, or NULL if no more; N.B. never change this */
  
  
  
  1.178     +6 -0      httpd-2.0/server/config.c
  
  Index: config.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/config.c,v
  retrieving revision 1.177
  retrieving revision 1.178
  diff -u -r1.177 -r1.178
  --- config.c	25 Apr 2004 17:23:31 -0000	1.177
  +++ config.c	14 Jul 2004 06:36:42 -0000	1.178
  @@ -1384,6 +1384,7 @@
       parms.temp_pool = ptemp;
       parms.server = s;
       parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
  +    parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
   
       parms.config_file = ap_pcfg_open_custom(p, "-c/-C directives",
                                               &arr_parms, NULL,
  @@ -1490,6 +1491,7 @@
       parms.temp_pool = ptemp;
       parms.server = s;
       parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
  +    parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
   
       if (ap_pcfg_openfile(&cfp, p, fname) != APR_SUCCESS) {
           return apr_pstrcat(p, "Could not open document config file ",
  @@ -1625,6 +1627,7 @@
       parms.temp_pool = ptemp;
       parms.server = s;
       parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
  +    parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
       parms.limited = -1;
   
       errmsg = ap_walk_config(conftree, &parms, s->lookup_defaults);
  @@ -1643,6 +1646,7 @@
   
   AP_CORE_DECLARE(int) ap_parse_htaccess(ap_conf_vector_t **result,
                                          request_rec *r, int override,
  +				       int override_opts,
                                          const char *d, const char *access_name)
   {
       ap_configfile_t *f = NULL;
  @@ -1663,6 +1667,7 @@
   
       parms = default_parms;
       parms.override = override;
  +    parms.override_opts = override_opts;
       parms.pool = r->pool;
       parms.temp_pool = r->pool;
       parms.server = r->server;
  @@ -1719,6 +1724,7 @@
       new = apr_palloc(r->pool, sizeof(struct htaccess_result));
       new->dir = parms.path;
       new->override = override;
  +    new->override_opts = override_opts;
       new->htaccess = dc;
   
       /* add to head of list */
  
  
  
  1.281     +86 -4     httpd-2.0/server/core.c
  
  Index: core.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/core.c,v
  retrieving revision 1.280
  retrieving revision 1.281
  diff -u -r1.280 -r1.281
  --- core.c	4 Jun 2004 22:40:47 -0000	1.280
  +++ core.c	14 Jul 2004 06:36:42 -0000	1.281
  @@ -108,6 +108,8 @@
       conf->opts = dir ? OPT_UNSET : OPT_UNSET|OPT_ALL;
       conf->opts_add = conf->opts_remove = OPT_NONE;
       conf->override = dir ? OR_UNSET : OR_UNSET|OR_ALL;
  +    conf->override_opts = OPT_UNSET | OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER
  +   			 | OPT_MULTI;
   
       conf->content_md5 = 2;
       conf->accept_path_info = 3;
  @@ -257,6 +259,10 @@
           conf->override = new->override;
       }
   
  +    if (!(new->override_opts & OPT_UNSET)) {
  +	conf->override_opts = new->override_opts;
  +    }
  +
       if (new->ap_default_type) {
           conf->ap_default_type = new->ap_default_type;
       }
  @@ -1220,10 +1226,72 @@
       return NULL;
   }
   
  +static const char *set_allow_opts(cmd_parms *cmd, allow_options_t *opts,
  +                                  const char *l)
  +{
  +    allow_options_t opt;
  +    int first = 1;
  +
  +    char *p = (char *) l;
  +
  +    while (p && *p) {
  +        char *w = strsep(&p, ",");
  +
  +        if (first) {
  +            *opts = OPT_NONE;
  +            first = 0;
  +        }
  +
  +	if (!w)
  +	    continue;
  +
  +        if (!strcasecmp(w, "Indexes")) {
  +            opt = OPT_INDEXES;
  +        }
  +        else if (!strcasecmp(w, "Includes")) {
  +            opt = OPT_INCLUDES;
  +        }
  +        else if (!strcasecmp(w, "IncludesNOEXEC")) {
  +            opt = (OPT_INCLUDES | OPT_INCNOEXEC);
  +        }
  +        else if (!strcasecmp(w, "FollowSymLinks")) {
  +            opt = OPT_SYM_LINKS;
  +        }
  +        else if (!strcasecmp(w, "SymLinksIfOwnerMatch")) {
  +            opt = OPT_SYM_OWNER;
  +        }
  +        else if (!strcasecmp(w, "ExecCGI")) {
  +            opt = OPT_EXECCGI;
  +        }
  +        else if (!strcasecmp(w, "MultiViews")) {
  +            opt = OPT_MULTI;
  +        }
  +        else if (!strcasecmp(w, "RunScripts")) { /* AI backcompat. Yuck */
  +            opt = OPT_MULTI|OPT_EXECCGI;
  +        }
  +        else if (!strcasecmp(w, "None")) {
  +            opt = OPT_NONE;
  +        }
  +        else if (!strcasecmp(w, "All")) {
  +            opt = OPT_ALL;
  +        }
  +        else {
  +            return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
  +        }
  +
  +        *opts |= opt;
  +    }
  +
  +    (*opts) &= (~OPT_UNSET);
  +
  +    return NULL;
  +}
  +
   static const char *set_override(cmd_parms *cmd, void *d_, const char *l)
   {
       core_dir_config *d = d_;
       char *w;
  +    char *k, *v;
   
       const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
       if (err != NULL) {
  @@ -1240,11 +1308,22 @@
       d->override = OR_NONE;
       while (l[0]) {
           w = ap_getword_conf(cmd->pool, &l);
  +
  +	k = w;
  +	v = strchr(k, '=');
  +	if (v) {
  +		*v++ = '\0';
  +	}
  +
           if (!strcasecmp(w, "Limit")) {
               d->override |= OR_LIMIT;
           }
  -        else if (!strcasecmp(w, "Options")) {
  +        else if (!strcasecmp(k, "Options")) {
               d->override |= OR_OPTIONS;
  +	    if (v) 
  +                set_allow_opts(cmd, &(d->override_opts), v);
  +	    else
  +	        d->override_opts = OPT_ALL;
           }
           else if (!strcasecmp(w, "FileInfo")) {
               d->override |= OR_FILEINFO;
  @@ -1305,7 +1384,7 @@
           else if (!strcasecmp(w, "SymLinksIfOwnerMatch")) {
               opt = OPT_SYM_OWNER;
           }
  -        else if (!strcasecmp(w, "execCGI")) {
  +        else if (!strcasecmp(w, "ExecCGI")) {
               opt = OPT_EXECCGI;
           }
           else if (!strcasecmp(w, "MultiViews")) {
  @@ -1324,8 +1403,11 @@
               return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
           }
   
  -        /* we ensure the invariant (d->opts_add & d->opts_remove) == 0 */
  -        if (action == '-') {
  +	if (!(cmd->override_opts & opt) && opt != OPT_NONE) {
  +	    return apr_pstrcat(cmd->pool, "Option ", w, " not allowed here", NULL);
  +        }
  +        else if (action == '-') {
  +            /* we ensure the invariant (d->opts_add & d->opts_remove) == 0 */
               d->opts_remove |= opt;
               d->opts_add &= ~opt;
               d->opts &= ~opt;
  
  
  
  1.136     +5 -0      httpd-2.0/server/request.c
  
  Index: request.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/request.c,v
  retrieving revision 1.135
  retrieving revision 1.136
  diff -u -r1.135 -r1.136
  --- request.c	9 Feb 2004 20:40:49 -0000	1.135
  +++ request.c	14 Jul 2004 06:36:42 -0000	1.136
  @@ -418,6 +418,7 @@
           allow_options_t add;
           allow_options_t remove;
           overrides_t override;
  +        overrides_t override_opts;
   } core_opts_t;
   
   static void core_opts_merge(const ap_conf_vector_t *sec, core_opts_t *opts)
  @@ -444,6 +445,9 @@
       if (!(this_dir->override & OR_UNSET)) {
           opts->override = this_dir->override;
       }
  +    if (!(this_dir->override_opts & OR_UNSET)) {
  +        opts->override_opts = this_dir->override_opts;
  +    }
   }
   
   
  @@ -821,6 +825,7 @@
                   }
   
                   res = ap_parse_htaccess(&htaccess_conf, r, opts.override,
  +					opts.override_opts,
                                           apr_pstrdup(r->pool, r->filename),
                                           sconf->access_name);
                   if (res) {
  
  
  

Mime
View raw message