From: Jim Jagielski <jim@apache.org>
Date: Wed, 25 Aug 2010 14:15:54 +0000 (+0000)
Subject: Merge r632947, r633174 from trunk:
X-Git-Tag: 2.2.17~62
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=72f9e00c13d4179c86a7178f1ca6f83ffcb24772;p=thirdparty%2Fapache%2Fhttpd.git

Merge r632947, r633174 from trunk:

core: fix SymlinksIfOwnerMatch checking:
  (1) Fix Origin checking (PR 36783 - Robert L Mathews)
  (2) Check ownership if both FollowSymlinks and SymlinksIfOwnerMatch are set


* lfi is already a pointer in contrast fi which was used before.

Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@989124 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index cd347a8f28a..f98c17a5fc9 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,12 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.17
 
+  *) core: check symlink ownership if both FollowSymlinks and
+     SymlinksIfOwnerMatch are set [Nick Kew]
+
+  *) core: fix origin checking in SymlinksIfOwnerMatch
+     PR 36783 [Robert L Mathews <rob-apache.org.bugs tigertech.net>]
+
   *) mod_headers: Enable multi-match-and-replace edit option
      PR 46594 [Nick Kew]
 
diff --git a/STATUS b/STATUS
index 6901a53662a..b182eb3220d 100644
--- a/STATUS
+++ b/STATUS
@@ -87,13 +87,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * Core: fix symlinks ownership tests
-     PR 36783
-     Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=632947
-                  http://svn.apache.org/viewvc?view=revision&revision=633174
-     2.2 patch: trunk patch Works with offset.
-     +1: niq, rpluem, jim
-
  * mod_proxy_ajp: Don't log error when client disconnects.
      Trunk version of patch:
        http://svn.apache.org/viewvc?view=rev&revision=986591
diff --git a/server/request.c b/server/request.c
index 0a53529f916..1801cf7b5ec 100644
--- a/server/request.c
+++ b/server/request.c
@@ -351,7 +351,8 @@ static int resolve_symlink(char *d, apr_finfo_t *lfi, int opts, apr_pool_t *p)
     /* Save the name from the valid bits. */
     savename = (lfi->valid & APR_FINFO_NAME) ? lfi->name : NULL;
 
-    if (opts & OPT_SYM_LINKS) {
+    /* if OPT_SYM_OWNER is unset, we only need to check target accessible */
+    if (!(opts & OPT_SYM_OWNER)) {
         if ((res = apr_stat(&fi, d, lfi->valid & ~(APR_FINFO_NAME
                                                  | APR_FINFO_LINK), p))
                  != APR_SUCCESS) {
@@ -373,7 +374,7 @@ static int resolve_symlink(char *d, apr_finfo_t *lfi, int opts, apr_pool_t *p)
      * owner of the symlink, then get the info of the target.
      */
     if (!(lfi->valid & APR_FINFO_OWNER)) {
-        if ((res = apr_stat(&fi, d,
+        if ((res = apr_stat(lfi, d,
                             lfi->valid | APR_FINFO_LINK | APR_FINFO_OWNER, p))
             != APR_SUCCESS) {
             return HTTP_FORBIDDEN;