From cvs-return-29343-apmail-httpd-cvs-archive=httpd.apache.org@httpd.apache.org Mon Mar 03 06:14:36 2008 Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 31898 invoked from network); 3 Mar 2008 06:14:35 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 3 Mar 2008 06:14:35 -0000 Received: (qmail 17586 invoked by uid 500); 3 Mar 2008 06:14:30 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 17525 invoked by uid 500); 3 Mar 2008 06:14:30 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 17514 invoked by uid 99); 3 Mar 2008 06:14:30 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 02 Mar 2008 22:14:30 -0800 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Mar 2008 06:13:41 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id CBDF61A9832; Sun, 2 Mar 2008 22:14:01 -0800 (PST) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r632947 - in /httpd/httpd/trunk: CHANGES server/request.c Date: Mon, 03 Mar 2008 06:14:01 -0000 To: cvs@httpd.apache.org From: niq@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20080303061401.CBDF61A9832@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: niq Date: Sun Mar 2 22:13:59 2008 New Revision: 632947 URL: http://svn.apache.org/viewvc?rev=632947&view=rev Log: core: fix SymlinksIfOwnerMatch checking: (1) Fix Origin checking (PR 36783 - Robert L Mathews) (2) Check ownership if both FollowSymlinks and SymlinksIfOwnerMatch are set Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/server/request.c Modified: httpd/httpd/trunk/CHANGES URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=632947&r1=632946&r2=632947&view=diff ============================================================================== --- httpd/httpd/trunk/CHANGES [utf-8] (original) +++ httpd/httpd/trunk/CHANGES [utf-8] Sun Mar 2 22:13:59 2008 @@ -2,6 +2,12 @@ Changes with Apache 2.3.0 [ When backported to 2.2.x, remove entry from this file ] + *) core: check symlink ownership if both FollowSymlinks and + SymlinksIfOwnerMatch are set [Nick Kew] + + *) core: fix origin checking in SymlinksIfOwnerMatch + PR 36783 [Robert L Mathews ] + *) mod_cache: Revalidate cache entities which have Cache-Control: no-cache set in their response headers. PR 44511 [Ruediger Pluem] Modified: httpd/httpd/trunk/server/request.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/request.c?rev=632947&r1=632946&r2=632947&view=diff ============================================================================== --- httpd/httpd/trunk/server/request.c (original) +++ httpd/httpd/trunk/server/request.c Sun Mar 2 22:13:59 2008 @@ -331,7 +331,8 @@ /* Save the name from the valid bits. */ savename = (lfi->valid & APR_FINFO_NAME) ? lfi->name : NULL; - if (opts & OPT_SYM_LINKS) { + /* if OPT_SYM_OWNER is unset, we only need to check target accessible */ + if (!(opts & OPT_SYM_OWNER)) { if ((res = apr_stat(&fi, d, lfi->valid & ~(APR_FINFO_NAME | APR_FINFO_LINK), p)) != APR_SUCCESS) { @@ -353,7 +354,7 @@ * owner of the symlink, then get the info of the target. */ if (!(lfi->valid & APR_FINFO_OWNER)) { - if ((res = apr_stat(&fi, d, + if ((res = apr_stat(&lfi, d, lfi->valid | APR_FINFO_LINK | APR_FINFO_OWNER, p)) != APR_SUCCESS) { return HTTP_FORBIDDEN;