httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject [PATCH] PR#817: htaccess ignored if unreadable
Date Sun, 17 Aug 1997 21:00:43 GMT
The below changes things so that if the htaccess can't be opened for any
reason other than not existing, the request is denied.

This _does_ change the behavior of the server.  It _will_ catch some
people.  Regardless, I think it is important to fix.

Note that if you have a case where there is no .htaccess but the directory
is unreadable, then it will be caught by this check instead of the one
later on.

I'm also not yet convinced if I should use log_unixerr or make my own one
with log_printf. 

It is arguable that it should return HTTP_INTERNAL_SERVER_ERROR instead,
but I prefer forbidden.

Index: core/http_config.c
===================================================================
RCS file: /export/home/cvs/apachen/src/core/http_config.c,v
retrieving revision 1.72
diff -u -r1.72 http_config.c
--- http_config.c	1997/08/06 20:21:21	1.72
+++ http_config.c	1997/08/17 20:59:43
@@ -931,8 +931,15 @@
 	}
 	
 	*result = dc;
-    } else
-	dc = NULL;
+    } else {
+	if (errno == ENOENT)
+	    dc = NULL;
+	else {
+	    log_unixerr("pfopen", filename, 
+		"unable to check for htaccess file", r->server);
+	    return HTTP_FORBIDDEN;
+	}
+    }
 
 /* cache it */
     new = palloc(r->pool, sizeof(struct htaccess_result));


Mime
View raw message