Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 24210 invoked from network); 16 Oct 2010 10:17:19 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 16 Oct 2010 10:17:19 -0000 Received: (qmail 80632 invoked by uid 500); 16 Oct 2010 10:17:18 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 80533 invoked by uid 500); 16 Oct 2010 10:17:17 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 80526 invoked by uid 99); 16 Oct 2010 10:17:16 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 16 Oct 2010 10:17:16 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 16 Oct 2010 10:17:15 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 4BE002388978; Sat, 16 Oct 2010 10:16:19 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: svn commit: r1023232 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/allmodules.xml modules/aaa/NWGNUallowmethods modules/aaa/NWGNUmakefile modules/aaa/config.m4 modules/aaa/mod_allowmethods.c modules/aaa/mod_allowmethods.dsp Date: Sat, 16 Oct 2010 10:16:19 -0000 To: cvs@httpd.apache.org From: sf@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101016101619.4BE002388978@eris.apache.org> Author: sf Date: Sat Oct 16 10:16:18 2010 New Revision: 1023232 URL: http://svn.apache.org/viewvc?rev=1023232&view=rev Log: Build mod_allowmethods (windows and netware stuff needs to be tested). Change method bit vector to 64 bits Added: httpd/httpd/trunk/modules/aaa/NWGNUallowmethods (with props) httpd/httpd/trunk/modules/aaa/mod_allowmethods.dsp (with props) Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/docs/manual/mod/allmodules.xml httpd/httpd/trunk/modules/aaa/NWGNUmakefile httpd/httpd/trunk/modules/aaa/config.m4 httpd/httpd/trunk/modules/aaa/mod_allowmethods.c Modified: httpd/httpd/trunk/CHANGES URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1023232&r1=1023231&r2=1023232&view=diff ============================================================================== --- httpd/httpd/trunk/CHANGES [utf-8] (original) +++ httpd/httpd/trunk/CHANGES [utf-8] Sat Oct 16 10:16:18 2010 @@ -6,6 +6,10 @@ Changes with Apache 2.3.9 Fix a denial of service attack against mod_reqtimeout. [Stefan Fritsch] + *) mod_allowmethods: New module to deny certain HTTP methods without + interfering with authentication/authorization. [Paul Querna, + Igor Galić, Stefan Fritsch] + *) core: Log a warning if or are used. They are deprecated and may go away in 2.4. [Stefan Fritsch] Modified: httpd/httpd/trunk/docs/manual/mod/allmodules.xml URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/allmodules.xml?rev=1023232&r1=1023231&r2=1023232&view=diff ============================================================================== --- httpd/httpd/trunk/docs/manual/mod/allmodules.xml (original) +++ httpd/httpd/trunk/docs/manual/mod/allmodules.xml Sat Oct 16 10:16:18 2010 @@ -7,6 +7,7 @@ mod_actions.xml mod_alias.xml mod_asis.xml + mod_allowmethods.xml mod_auth_basic.xml mod_auth_digest.xml mod_auth_form.xml Added: httpd/httpd/trunk/modules/aaa/NWGNUallowmethods URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/NWGNUallowmethods?rev=1023232&view=auto ============================================================================== --- httpd/httpd/trunk/modules/aaa/NWGNUallowmethods (added) +++ httpd/httpd/trunk/modules/aaa/NWGNUallowmethods Sat Oct 16 10:16:18 2010 @@ -0,0 +1,248 @@ +# +# Make sure all needed macro's are defined +# + +# +# Get the 'head' of the build environment if necessary. This includes default +# targets and paths to tools +# + +ifndef EnvironmentDefined +include $(AP_WORK)\build\NWGNUhead.inc +endif + +# +# These directories will be at the beginning of the include list, followed by +# INCDIRS +# +XINCDIRS += \ + $(APR)/include \ + $(APRUTIL)/include \ + $(AP_WORK)/include \ + $(NWOS) \ + $(EOLIST) + +# +# These flags will come after CFLAGS +# +XCFLAGS += \ + $(EOLIST) + +# +# These defines will come after DEFINES +# +XDEFINES += \ + $(EOLIST) + +# +# These flags will be added to the link.opt file +# +XLFLAGS += \ + $(EOLIST) + +# +# These values will be appended to the correct variables based on the value of +# RELEASE +# +ifeq "$(RELEASE)" "debug" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +ifeq "$(RELEASE)" "noopt" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +ifeq "$(RELEASE)" "release" +XINCDIRS += \ + $(EOLIST) + +XCFLAGS += \ + $(EOLIST) + +XDEFINES += \ + $(EOLIST) + +XLFLAGS += \ + $(EOLIST) +endif + +# +# These are used by the link target if an NLM is being generated +# This is used by the link 'name' directive to name the nlm. If left blank +# TARGET_nlm (see below) will be used. +# +NLM_NAME = allowmethods + +# +# This is used by the link '-desc ' directive. +# If left blank, NLM_NAME will be used. +# +NLM_DESCRIPTION = Apache $(VERSION_STR) Method Restriction Module + +# +# This is used by the '-threadname' directive. If left blank, +# NLM_NAME Thread will be used. +# +NLM_THREAD_NAME = Allowmethods Module + +# +# If this is specified, it will override VERSION value in +# $(AP_WORK)\build\NWGNUenvironment.inc +# +NLM_VERSION = + +# +# If this is specified, it will override the default of 64K +# +NLM_STACK_SIZE = 8192 + + +# +# If this is specified it will be used by the link '-entry' directive +# +NLM_ENTRY_SYM = _LibCPrelude + +# +# If this is specified it will be used by the link '-exit' directive +# +NLM_EXIT_SYM = _LibCPostlude + +# +# If this is specified it will be used by the link '-check' directive +# +NLM_CHECK_SYM = + +# +# If these are specified it will be used by the link '-flags' directive +# +NLM_FLAGS = AUTOUNLOAD, PSEUDOPREEMPTION + +# +# If this is specified it will be linked in with the XDCData option in the def +# file instead of the default of $(NWOS)/apache.xdc. XDCData can be disabled +# by setting APACHE_UNIPROC in the environment +# +XDCDATA = + +# +# If there is an NLM target, put it here +# +TARGET_nlm = \ + $(OBJDIR)/allowmethods.nlm \ + $(EOLIST) + +# +# If there is an LIB target, put it here +# +TARGET_lib = \ + $(EOLIST) + +# +# These are the OBJ files needed to create the NLM target above. +# Paths must all use the '/' character +# +FILES_nlm_objs = \ + $(OBJDIR)/mod_allowmethods.o \ + $(EOLIST) + +# +# These are the LIB files needed to create the NLM target above. +# These will be added as a library command in the link.opt file. +# +FILES_nlm_libs = \ + libcpre.o \ + $(EOLIST) + +# +# These are the modules that the above NLM target depends on to load. +# These will be added as a module command in the link.opt file. +# +FILES_nlm_modules = \ + aprlib \ + libc \ + $(EOLIST) + +# +# If the nlm has a msg file, put it's path here +# +FILE_nlm_msg = + +# +# If the nlm has a hlp file put it's path here +# +FILE_nlm_hlp = + +# +# If this is specified, it will override $(NWOS)\copyright.txt. +# +FILE_nlm_copyright = + +# +# Any additional imports go here +# +FILES_nlm_Ximports = \ + @$(APR)/aprlib.imp \ + @$(NWOS)/httpd.imp \ + @libc.imp \ + $(EOLIST) + +# +# Any symbols exported to here +# +FILES_nlm_exports = \ + allowmethods_module \ + $(EOLIST) + +# +# These are the OBJ files needed to create the LIB target above. +# Paths must all use the '/' character +# +FILES_lib_objs = \ + $(EOLIST) + +# +# implement targets and dependancies (leave this section alone) +# + +libs :: $(OBJDIR) $(TARGET_lib) + +nlms :: libs $(TARGET_nlm) + +# +# Updated this target to create necessary directories and copy files to the +# correct place. (See $(AP_WORK)\build\NWGNUhead.inc for examples) +# +install :: nlms FORCE + +# +# Any specialized rules here +# + +# +# Include the 'tail' makefile that has targets that depend on variables defined +# in this makefile +# + +include $(AP_WORK)\build\NWGNUtail.inc + + Propchange: httpd/httpd/trunk/modules/aaa/NWGNUallowmethods ------------------------------------------------------------------------------ svn:eol-style = native Modified: httpd/httpd/trunk/modules/aaa/NWGNUmakefile URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/NWGNUmakefile?rev=1023232&r1=1023231&r2=1023232&view=diff ============================================================================== --- httpd/httpd/trunk/modules/aaa/NWGNUmakefile (original) +++ httpd/httpd/trunk/modules/aaa/NWGNUmakefile Sat Oct 16 10:16:18 2010 @@ -164,6 +164,7 @@ TARGET_nlm = \ $(OBJDIR)/authzdbm.nlm \ $(OBJDIR)/authzgrp.nlm \ $(OBJDIR)/authzusr.nlm \ + $(OBJDIR)/allowmethods.nlm \ $(OBJDIR)/accesscompat.nlm \ $(EOLIST) Modified: httpd/httpd/trunk/modules/aaa/config.m4 URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/config.m4?rev=1023232&r1=1023231&r2=1023232&view=diff ============================================================================== --- httpd/httpd/trunk/modules/aaa/config.m4 (original) +++ httpd/httpd/trunk/modules/aaa/config.m4 Sat Oct 16 10:16:18 2010 @@ -65,6 +65,8 @@ APACHE_MODULE(auth_digest, RFC2617 Diges fi ]) +APACHE_MODULE(allowmethods, restrict allowed HTTP methods, , , yes) + APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current]) APACHE_MODPATH_FINISH Modified: httpd/httpd/trunk/modules/aaa/mod_allowmethods.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_allowmethods.c?rev=1023232&r1=1023231&r2=1023232&view=diff ============================================================================== --- httpd/httpd/trunk/modules/aaa/mod_allowmethods.c (original) +++ httpd/httpd/trunk/modules/aaa/mod_allowmethods.c Sat Oct 16 10:16:18 2010 @@ -44,7 +44,7 @@ */ typedef struct am_conf_t { - int allowed; + apr_int64_t allowed; } am_conf_t; module AP_MODULE_DECLARE_DATA allowmethods_module; Added: httpd/httpd/trunk/modules/aaa/mod_allowmethods.dsp URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_allowmethods.dsp?rev=1023232&view=auto ============================================================================== --- httpd/httpd/trunk/modules/aaa/mod_allowmethods.dsp (added) +++ httpd/httpd/trunk/modules/aaa/mod_allowmethods.dsp Sat Oct 16 10:16:18 2010 @@ -0,0 +1,111 @@ +# Microsoft Developer Studio Project File - Name="mod_allowmethods" - Package Owner=<4> +# Microsoft Developer Studio Generated Build File, Format Version 6.00 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 + +CFG=mod_allowmethods - Win32 Debug +!MESSAGE This is not a valid makefile. To build this project using NMAKE, +!MESSAGE use the Export Makefile command and run +!MESSAGE +!MESSAGE NMAKE /f "mod_allowmethods.mak". +!MESSAGE +!MESSAGE You can specify a configuration when running NMAKE +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "mod_allowmethods.mak" CFG="mod_allowmethods - Win32 Debug" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "mod_allowmethods - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "mod_allowmethods - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE + +# Begin Project +# PROP AllowPerConfigDependencies 0 +# PROP Scc_ProjName "" +# PROP Scc_LocalPath "" +CPP=cl.exe +MTL=midl.exe +RSC=rc.exe + +!IF "$(CFG)" == "mod_allowmethods - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "Release" +# PROP BASE Intermediate_Dir "Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "Release" +# PROP Intermediate_Dir "Release" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c +# ADD CPP /nologo /MD /W3 /O2 /Oy- /Zi /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Release\mod_allowmethods_src" /FD /c +# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL" +# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL" +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /fo"Release/mod_allowmethods.res" /i "../../include" /i "../../srclib/apr/include" /d "NDEBUG" /d BIN_NAME="mod_allowmethods.so" /d LONG_NAME="allowmethods_module for Apache" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /out:".\Release\mod_allowmethods.so" /base:@..\..\os\win32\BaseAddr.ref,mod_allowmethods.so +# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:".\Release\mod_allowmethods.so" /base:@..\..\os\win32\BaseAddr.ref,mod_allowmethods.so /opt:ref +# Begin Special Build Tool +TargetPath=.\Release\mod_allowmethods.so +SOURCE="$(InputPath)" +PostBuild_Desc=Embed .manifest +PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2 +# End Special Build Tool + +!ELSEIF "$(CFG)" == "mod_allowmethods - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "Debug" +# PROP BASE Intermediate_Dir "Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "Debug" +# PROP Intermediate_Dir "Debug" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c +# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Debug\mod_allowmethods_src" /FD /c +# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL" +# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL" +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /fo"Debug/mod_allowmethods.res" /i "../../include" /i "../../srclib/apr/include" /d "_DEBUG" /d BIN_NAME="mod_allowmethods.so" /d LONG_NAME="allowmethods_module for Apache" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:".\Debug\mod_allowmethods.so" /base:@..\..\os\win32\BaseAddr.ref,mod_allowmethods.so +# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:".\Debug\mod_allowmethods.so" /base:@..\..\os\win32\BaseAddr.ref,mod_allowmethods.so +# Begin Special Build Tool +TargetPath=.\Debug\mod_allowmethods.so +SOURCE="$(InputPath)" +PostBuild_Desc=Embed .manifest +PostBuild_Cmds=if exist $(TargetPath).manifest mt.exe -manifest $(TargetPath).manifest -outputresource:$(TargetPath);2 +# End Special Build Tool + +!ENDIF + +# Begin Target + +# Name "mod_allowmethods - Win32 Release" +# Name "mod_allowmethods - Win32 Debug" +# Begin Source File + +SOURCE=.\mod_allowmethods.c +# End Source File +# Begin Source File + +SOURCE=..\..\build\win32\httpd.rc +# End Source File +# End Target +# End Project Propchange: httpd/httpd/trunk/modules/aaa/mod_allowmethods.dsp ------------------------------------------------------------------------------ svn:eol-style = native