From: Jim Jagielski <jim@apache.org>
Date: Mon, 11 Nov 2013 14:01:23 +0000 (+0000)
Subject: Merge r1528718 from trunk:
X-Git-Tag: 2.2.26~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0a753597756969344e621ec30343596e0f816089;p=thirdparty%2Fapache%2Fhttpd.git

Merge r1528718 from trunk:

mod_dav: Fix PR 55306.

Makes mod_dav no longer require that the lock token be provided when the
source of a COPY is locked.  The prior behavior was in violating of
RFC 4918 which says that the lock token is only required on resources
that may be modified by the method.

* modules/dav/main/mod_dav.h
  (DAV_VALIDATE_NO_MODIFY): New flag to be passed to dav_validate_* functions.

* modules/dav/main/mod_dav.c
  (dav_method_copymove): Use the new flag when calling dav_validate_request()
    on the COPY source.

* modules/dav/main/util.c
  (dav_validate_resource_state): Use the flag to decide to ignore if the lock
    token is not provided.

Submitted by: breser
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1540728 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index b92e7676973..74772fa0030 100644
--- a/STATUS
+++ b/STATUS
@@ -97,20 +97,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
   
-  * mod_ssl: Support ECC keys
-    trunk patch: http://svn.apache.org/r834378 
-                 http://svn.apache.org/r835046
-                 http://svn.apache.org/r1040304
-                 http://svn.apache.org/r1040373
-                 http://svn.apache.org/r1090645
-                 http://svn.apache.org/r1294306
-                 http://svn.apache.org/r1509872
-    2.4.x patch: first five from above, plus
-                 http://svn.apache.org/r1308862
-                 http://svn.apache.org/r1509875
-    2.2.x patch: http://people.apache.org/~sf/ECC-2.2-v2.diff
-    +1: sf, trawick, wrowe
-
   * mod_ssl config: Fix range check bug with SSLRenegBufferSize
     trunk patch: http://svn.apache.org/r954641
                  (only this part, which has the only non-style fix applicable to 2.2.x:
@@ -119,11 +105,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
     2.2.x patch: trunk patch to ssl_engine_config.c (above) applies with offset
     +1: trawick, jorton, wrowe
 
-  * mod_dav: Fix 55306.  Don't require lock tokens for COPY source.
-    trunk patches: https://svn.apache.org/r1528718
-    2.2.x: trunk works, CHANGES needs to be written when merging
-    +1: breser, minfrin, wrowe
-
   * mod_dav: Fix 55397.  dav_resource->uri treated as unencoded. This was an
     unnecessary ABI changed introduced in 2.2.25
     trunk patches: https://svn.apache.org/r1529559
diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c
index b15185f911d..ddb9af01a9c 100644
--- a/modules/dav/main/mod_dav.c
+++ b/modules/dav/main/mod_dav.c
@@ -2734,7 +2734,8 @@ static int dav_method_copymove(request_rec *r, int is_move)
     if ((err = dav_validate_request(r, resource, depth, NULL,
                                     &multi_response,
                                     (is_move ? DAV_VALIDATE_PARENT
-                                             : DAV_VALIDATE_RESOURCE)
+                                             : DAV_VALIDATE_RESOURCE
+                                               | DAV_VALIDATE_NO_MODIFY)
                                     | DAV_VALIDATE_USE_424,
                                     NULL)) != NULL) {
         err = dav_push_error(r->pool, err->status, 0,
diff --git a/modules/dav/main/mod_dav.h b/modules/dav/main/mod_dav.h
index f0075311c3b..8f2560dce04 100644
--- a/modules/dav/main/mod_dav.h
+++ b/modules/dav/main/mod_dav.h
@@ -1281,6 +1281,9 @@ DAV_DECLARE(dav_error *) dav_validate_request(request_rec *r,
                                            the 424 DAV:response */
 #define DAV_VALIDATE_USE_424    0x0080  /* return 424 status, not 207 */
 #define DAV_VALIDATE_IS_PARENT  0x0100  /* for internal use */
+#define DAV_VALIDATE_NO_MODIFY  0x0200  /* resource is not being modified
+                                           so allow even if lock token
+                                           is not provided */
 
 /* Lock-null related public lock functions */
 DAV_DECLARE(int) dav_get_resource_state(request_rec *r,
diff --git a/modules/dav/main/util.c b/modules/dav/main/util.c
index 4b6bdee4e26..ddbd6212180 100644
--- a/modules/dav/main/util.c
+++ b/modules/dav/main/util.c
@@ -929,13 +929,16 @@ static dav_error * dav_validate_resource_state(apr_pool_t *p,
         /*
         ** For methods other than LOCK:
         **
-        ** If we have no locks, then <seen_locktoken> can be set to true --
+        ** If we have no locks or if the resource is not being modified
+        ** (per RFC 4918 the lock token is not required on resources
+        ** we are not changing), then <seen_locktoken> can be set to true --
         ** pretending that we've already met the requirement of seeing one
         ** of the resource's locks in the If: header.
         **
         ** Otherwise, it must be cleared and we'll look for one.
         */
-        seen_locktoken = (lock_list == NULL);
+        seen_locktoken = (lock_list == NULL
+                          || flags & DAV_VALIDATE_NO_MODIFY);
     }
 
     /*