httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: Fix for CVE-2011-4317 broke RewriteRule in forward proxy?
Date Fri, 23 Mar 2012 17:11:59 GMT
It should be RewriteRule not RewriteMap in my previous mail. I 
simplified the config to a single RewriteRule but forgot to adjst 
subject and intro of my mail. The problem remains the same.

On 23.03.2012 18:00, Rainer Jung wrote:
> It seems using a rewrite map in a forward proxy is broken in 2.2.22. It
> was working until 2.2.21. The problem is the fix for CVE-2011-4317 which
> returns DECLINED in hook_uri2file() in mod_rewrite.
>
> The config is roughly:
>
> Listen 3128
> <VirtualHost *:3128>
>
> ProxyRequests on
> RewriteEngine on
>
> RewriteRule http://myserver.example.com/dummy.txt
> /opt/apache/htdocs/dummy.txt
>
> </VirtualHost>
>
> The actual config is more complex, but the above suffices to reproduce.
>
> In case you wonder why one would want to do that: the real config has a
> list of rewrite rules (actually a rewrite map) containing URLs of large
> files which have been deployed directly on the forward proxy and should
> not be proxied, instead be delivered from the local file system.
>
> The actual rules then have a part that fall back to normal proxying any
> URL, which is not handled by the rewrite rules. I ommitted these here,
> because they are not relevant for reproduction.
>
> I added a log statement and it is indeed the new "return DECLINED" we
> have backported from trunk in 2.2.22. The triggering case is that the
> uri does not start with a "/".
>
> Test case:
>
> curl -x localhost:3128 http://myserver.example.com/dummy.txt
>
> Expected result: getting the file /opt/data/dummy.txt
> Actual result: The RewriteMap is not being called, instead the fallback
> config I removed here is executed and the file is retrieved from the
> origin server
>
> Any idea how to fix? Or do you think this is correct behaviour?
>
> Regards,
>
> Rainer

-- 
kippdata
informationstechnologie GmbH   Tel: 0228 98549 -0
Bornheimer Str. 33a            Fax: 0228 98549 -50
53111 Bonn                     www.kippdata.de

HRB 8018 Amtsgericht Bonn / USt.-IdNr. DE 196 457 417
Geschäftsführer: Dr. Thomas Höfer, Rainer Jung, Sven Maurmann

Mime
View raw message