backport revisions 1162584, 1164861, 1162587 from trunk:

Add MaxRanges directive and limit # of accepted ranges to 200 by default.

Submitted By: Eric Covener, Guenter Knauf
Reviewed By: covener, fuankg, sf

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1164894 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index ad77029276cbd636061c9de1b63a3a4a0e57cd0b..550df4546f54a67b44171348fb9818520796cdfa 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.21
 
+  *) core: Add MaxRanges directive to control the number of ranges permitted
+     before returning the entire resource, with a default limit of 200.
+     [Eric Covener]
 
 Changes with Apache 2.2.20
 

diff --git a/docs/conf/httpd.conf.in b/docs/conf/httpd.conf.in
index 3719f9a6803e57fa8dd56de4be52700a3c0a834a..b524fdd6305b1bca83d5f68b762e2497136f9920 100644 (file)
--- a/docs/conf/httpd.conf.in
+++ b/docs/conf/httpd.conf.in
@@ -349,6 +349,12 @@ DefaultType text/plain
 #ErrorDocument 402 http://www.example.com/subscription_info.html
 #
 
+#
+# MaxRanges: Maximum number of Ranges in a request before
+# returning the entire resource, or 0 for unlimited
+# Default setting is to accept 200 Ranges
+#MaxRanges 0
+
 #
 # EnableMMAP and EnableSendfile: On systems that support it, 
 # memory-mapping or the sendfile syscall is used to deliver

diff --git a/docs/manual/mod/core.xml b/docs/manual/mod/core.xml
index 75f49943f16b2f550309de6369909af239840fc2..313501a28918f53f2814933a26706b7293411f79 100644 (file)
--- a/docs/manual/mod/core.xml
+++ b/docs/manual/mod/core.xml
@@ -2298,6 +2298,24 @@ connection</description>
     </example>
 </usage>
 </directivesynopsis>
+<directivesynopsis>
+<name>MaxRanges</name>
+<description>Number of ranges allowed before returning the complete
+resource </description>
+<syntax>MaxRanges <var>number</var> (0 = no limit)</syntax>
+<default>MaxRanges 200</default>
+<contextlist><context>server config</context><context>virtual host</context>
+<context>directory</context>
+</contextlist>
+<compatibility>Available in Apache HTTP Server 2.3.15 and later</compatibility>
+
+<usage>
+    <p>The <directive>MaxRanges</directive> directive
+    limits the number of HTTP ranges the server is willing to 
+    return to the client.  If more ranges then permitted are requested, 
+    the complete resource is returned instead.</p>
+</usage>
+</directivesynopsis>
 
 <directivesynopsis>
 <name>NameVirtualHost</name>

diff --git a/include/ap_mmn.h b/include/ap_mmn.h
index 58951c0ecfd0de0fbf4c0f8140def0abeebef17f..50fe52cfcbf41ef149a4ec832b070d06eace0868 100644 (file)
--- a/include/ap_mmn.h
+++ b/include/ap_mmn.h
@@ -146,6 +146,7 @@
  *                      Add core_dir_config.decode_encoded_slashes.
  * 20051115.28 (2.2.19) Restore ap_unescape_url_keep2f(char *url) signature 
  *                      altered in 2.2.18.  Add ap_unescape_url_keep2f_ex().
+ * 20051115.29 (2.2.21) add max_ranges to core_dir_config
  */
 
 #define MODULE_MAGIC_COOKIE 0x41503232UL /* "AP22" */
@@ -153,7 +154,7 @@
 #ifndef MODULE_MAGIC_NUMBER_MAJOR
 #define MODULE_MAGIC_NUMBER_MAJOR 20051115
 #endif
-#define MODULE_MAGIC_NUMBER_MINOR 28                    /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 29                    /* 0...n */
 
 /**
  * Determine if the server's current MODULE_MAGIC_NUMBER is at least a

diff --git a/include/http_core.h b/include/http_core.h
index 0b96cca5aa989d3c145860d52f467205cf64bfee..9d78e081b5f720d1f6743d7819319264a52f6f15 100644 (file)
--- a/include/http_core.h
+++ b/include/http_core.h
@@ -570,6 +570,10 @@ typedef struct {
 
 
     unsigned int decode_encoded_slashes : 1; /* whether to decode encoded slashes in URLs */
+
+    /** Number of Ranges before returning HTTP_OK, 0/unlimited -1/unset. **/
+    int max_ranges;
+
 } core_dir_config;
 
 /* Per-server core configuration */

diff --git a/modules/http/byterange_filter.c b/modules/http/byterange_filter.c
index 6843df1bf89bd3f6f15200f0bf0e93ae2d3d6119..ffc8287701c5541c96fbe08a8ec80b20620bfc0f 100644 (file)
--- a/modules/http/byterange_filter.c
+++ b/modules/http/byterange_filter.c
@@ -55,6 +55,10 @@
 #include <unistd.h>
 #endif
 
+#ifndef DEFAULT_MAX_RANGES
+#define DEFAULT_MAX_RANGES 200
+#endif
+
 static int ap_set_byterange(request_rec *r, apr_off_t clength,
                             apr_array_header_t **indexes);
 
@@ -243,6 +247,12 @@ typedef struct indexes_t {
     apr_off_t end;
 } indexes_t;
 
+static int get_max_ranges(request_rec *r) { 
+    core_dir_config *core_conf = ap_get_module_config(r->per_dir_config, 
+                                                      &core_module);
+    return core_conf->max_ranges == -1 ? DEFAULT_MAX_RANGES : core_conf->max_ranges;
+}
+
 AP_CORE_DECLARE_NONSTD(apr_status_t) ap_byterange_filter(ap_filter_t *f,
                                                          apr_bucket_brigade *bb)
 {
@@ -263,6 +273,7 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_byterange_filter(ap_filter_t *f,
     indexes_t *idx;
     int original_status;
     int i;
+    int max_ranges = get_max_ranges(r);
 
     /*
      * Iterate through the brigade until reaching EOS or a bucket with
@@ -290,7 +301,7 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_byterange_filter(ap_filter_t *f,
     num_ranges = ap_set_byterange(r, clength, &indexes);
 
     /* We have nothing to do, get out of the way. */
-    if (num_ranges == 0) {
+    if (num_ranges == 0 || (max_ranges > 0 && num_ranges > max_ranges)) {
         r->status = original_status;
         ap_remove_output_filter(f);
         return ap_pass_brigade(f->next, bb);

diff --git a/server/core.c b/server/core.c
index ea01ca926d7fdae97497a7a4b3136881438c70bc..d21e29240408f041e283d79d97f502dfbf243097 100644 (file)
--- a/server/core.c
+++ b/server/core.c
@@ -165,6 +165,8 @@ static void *create_core_dir_config(apr_pool_t *a, char *dir)
     conf->enable_sendfile = ENABLE_SENDFILE_UNSET;
     conf->allow_encoded_slashes = 0;
     conf->decode_encoded_slashes = 0;
+ 
+    conf->max_ranges = -1;
 
     return (void *)conf;
 }
@@ -453,6 +455,8 @@ static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv)
     conf->allow_encoded_slashes = new->allow_encoded_slashes;
     conf->decode_encoded_slashes = new->decode_encoded_slashes;
 
+    conf->max_ranges = new->max_ranges != -1 ? new->max_ranges : base->max_ranges;
+
     return (void*)conf;
 }
 
@@ -2978,6 +2982,16 @@ static const char *set_limit_xml_req_body(cmd_parms *cmd, void *conf_,
     return NULL;
 }
 
+static const char *set_max_ranges(cmd_parms *cmd, void *conf_, const char *arg)
+{
+    core_dir_config *conf = conf_;
+
+    conf->max_ranges = atoi(arg);
+    if (conf->max_ranges < 0)
+        return "MaxRanges requires a non-negative integer (0 = unlimited)";
+
+    return NULL;
+}
 AP_DECLARE(size_t) ap_get_limit_xml_body(const request_rec *r)
 {
     core_dir_config *conf;
@@ -3407,6 +3421,9 @@ AP_INIT_TAKE1("LimitXMLRequestBody", set_limit_xml_req_body, NULL, OR_ALL,
               "Limit (in bytes) on maximum size of an XML-based request "
               "body"),
 
+AP_INIT_TAKE1("MaxRanges", set_max_ranges, NULL, RSRC_CONF|ACCESS_CONF,
+              "Maximum number of Ranges in a request before returning the entire "
+              "resource, or 0 for unlimited"),
 /* System Resource Controls */
 #ifdef RLIMIT_CPU
 AP_INIT_TAKE12("RLimitCPU", set_limit_cpu,