httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: [PATCH] limiting server-info's accessibility
Date Sun, 16 Feb 1997 19:50:44 GMT

These kind of changes border on feature changes IMO. I fail to
see the sensitivity of this information. When do we draw the
line.

Even *I* (a known to be "lets add one more goodie" supporter) sees
that it is time to shove this thing out the door.



>     Reminder of the problem: *any*one can put directives into a
>     .htaccess file (e.g., "AddHandler server-{status,info} spy") that
>     permit access to the configuration details.  I think this
>     *definitely* needs to be fixed before 1.2 final.
> 
>     After working on this one for a few days, the simplest thing (for
>     1.2 at least) appears to be to pursue Rob's suggestion to add
>     limiting directives.  I've worked up an experimental patch to
>     mod_info to do this, which is included below.  If this gets enough
>     +1s, I'll duplicate the work for mod_status.
> 
>     I also added a function to util.h to return the raw URI minus any
>     path-info.  mod_info currently allows selection of finer details
>     via arguments, and it seems reasonable that path-info might also be
>     used to convey instructions to handlers.  I added base_uri() so that
>     the "am I allowed here?" decision will be unaffected by such added
>     data.  Of course, I'm still not all that familiar with lots of the
>     code, so I may have duplicated something already available.  {sigh}
> 
>     The directive is "InfoOnlyVia <uri>...", and it's only allowed in
>     the server configuration.
> 
>     One down-side to this is that anyone that uses the info module will
>     need to add InfoOnlyVia directives at 1.2 upgrade time in order to
>     keep the functionality..
> 
>     #ken    :-)}
> 
> Index: mod_info.c
> ===================================================================
> RCS file: /usr/users/coar/myApache/repository/apache/src/mod_info.c,v
> retrieving revision 1.13
> diff -c -r1.13 mod_info.c
> *** 1.13	1997/01/30 08:52:27
> --- mod_info.c	1997/02/16 19:13:15
> ***************
> *** 83,88 ****
> --- 83,102 ----
>   	struct mod_info_config_lines *next;
>   } mod_info_config_lines;
>   
> + /*
> +  * Define what's in each slot in an array of allowed paths.
> +  */
> + typedef struct item {
> +     char *via;
> + } item;
> + 
> + /*
> +  * Define the per-directory configuration record layout.
> +  */
> + typedef struct info_dir_config {
> +     array_header *allowed;
> + } info_dir_config;
> + 
>   module info_module;
>   extern module *top_module;
>   
> ***************
> *** 277,282 ****
> --- 291,304 ----
>   	extern char server_root[MAX_STRING_LEN];
>   	extern char server_confname[MAX_STRING_LEN];
>   
> + 	/*
> + 	 * First things first - see if we're in a location from which we're
> + 	 * permitted to display this stuff.
> + 	 */
> + 	if (! allowed_via (r)) {
> + 	    return HTTP_FORBIDDEN;
> + 	};
> + 
>   	/* Init timeout */
>   	soft_timeout ("send server info", r);
>   	r->content_type = "text/html";		
> ***************
> *** 283,289 ****
>   	send_http_header(r);
>   	if(r->header_only) {
>   		return 0;
> !     }
>   	
>   	rputs("<html><head><title>Server Information</title></head>\n",r);
>   	rputs("<body><h1 align=center>Apache Server Information</h1>\n",r);
> --- 305,311 ----
>   	send_http_header(r);
>   	if(r->header_only) {
>   		return 0;
> ! 	}
>   	
>   	rputs("<html><head><title>Server Information</title></head>\n",r);
>   	rputs("<body><h1 align=center>Apache Server Information</h1>\n",r);
> ***************
> *** 421,426 ****
> --- 443,512 ----
>   	return 0;
>   }
>   
> + /*
> +  * Check through the list of configured "allowed-via" directories to see
> +  * whether the current URI matches one.
> +  */
> + 
> + int allowed_via (request_rec *r) {
> +     info_dir_config *cfg;
> +     item *dirs;
> +     char *location = (char *) base_uri (r);
> +     int access = 0;
> +     int i;
> + 
> +     cfg = get_module_config (r->per_dir_config, &info_module);
> +     if (cfg != NULL) {
> + 	dirs = (item *) cfg->allowed->elts;
> + 	for (i = 0; i < cfg->allowed->nelts; i++) {
> + 	    item *p = &dirs[i];
> + 	    if (! strcmp (p->via, location)) {
> + 		access = 1;
> + 		break;
> + 	    };
> + 	};
> +     };
> +     return (access);
> + };
> + 
> + /*
> +  * Create a configuration record for the current directory.
> +  */
> + void *info_dir_create (pool *p, char *dir) {
> +     info_dir_config *cfg = pcalloc (p, sizeof(info_dir_config));
> + 
> +     cfg->allowed = make_array (p, 1, sizeof(item));
> +     return (void *) cfg;
> + };
> + 
> + /*
> +  * Process an InfoOnlyVia directive, which restricts where the "server-info"
> +  * handler is permitted.
> +  */
> + const char *cmd_infoonlyvia (cmd_parms *cmd, void *modconfig, char *arg) {
> +     info_dir_config *cfg = (info_dir_config *) modconfig;
> +     item *loc = (item *) push_array (cfg->allowed);
> + 
> +     loc->via = pstrdup (cmd->pool, arg);
> +     return (NULL);
> + };
> + 
> + /*
> +  * List of directives specific to our module.
> +  */
> + command_rec info_commands[] = {
> +     {
> + 	"InfoOnlyVia",			/* directive name */
> + 	cmd_infoonlyvia,		/* action routine for directive */
> + 	NULL,				/* argument to include in call */
> + 	RSRC_CONF,			/* where available */
> + 	ITERATE,			/* arguments */
> + 	"Lists the only locations where server-info may be used"
> + 					/* directive description */
> +     },
> +     {NULL}
> + };
> + 
>   handler_rec info_handlers[] = {
>   	{ "server-info", display_info },
>   	{ NULL }
> ***************
> *** 429,440 ****
>   module info_module = {
>   	STANDARD_MODULE_STUFF,
>   	NULL,				/* initializer */
> ! 	NULL,				/* dir config creater */
>   	NULL,				/* dir merger --- default is to override */
>   	NULL,				/* server config */
>   	NULL,				/* merge server config */
> ! 	NULL,				/* command table */
> ! 	info_handlers,		/* handlers */
>   	NULL,				/* filename translation */
>   	NULL,				/* check_user_id */
>   	NULL,				/* check auth */
> --- 515,526 ----
>   module info_module = {
>   	STANDARD_MODULE_STUFF,
>   	NULL,				/* initializer */
> ! 	info_dir_create,		/* dir config creater */
>   	NULL,				/* dir merger --- default is to override */
>   	NULL,				/* server config */
>   	NULL,				/* merge server config */
> ! 	info_commands,			/* command table */
> ! 	info_handlers,			/* handlers */
>   	NULL,				/* filename translation */
>   	NULL,				/* check_user_id */
>   	NULL,				/* check auth */
> 
> Index: util.c
> ===================================================================
> RCS file: /usr/users/coar/myApache/repository/apache/src/util.c,v
> retrieving revision 1.42
> diff -c -r1.42 util.c
> *** 1.42	1997/02/04 23:54:24
> --- util.c	1997/02/16 19:14:23
> ***************
> *** 1345,1347 ****
> --- 1345,1365 ----
>       return (p);
>   }
>   #endif
> + 
> + /*
> +  * Extract and return the base portion of an URI - that is, minus any
> +  * arguments and path_info.  (In actual point of fact, any arguments
> +  * appear to already have been removed from the URI.)
> +  */
> + char *base_uri (request_rec *r) {
> +     char *uri = pstrdup (r->pool, r->uri);
> +     char *pinfo;
> + 
> +     if ((r->path_info != NULL) && (strlen (r->path_info) != 0)) {
> + 	pinfo = &uri[strlen (uri) - strlen (r->path_info)];
> + 	if (! strcmp (pinfo, r->path_info)) {
> + 	    *pinfo = '\0';
> + 	};
> +     };
> +     return (uri);
> + };




Mime
View raw message