From: Colm MacCarthaigh Date: Sun, 23 Apr 2006 17:21:58 +0000 (+0000) Subject: * Backport the include directive patch for 1.3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=92fb39029e2e38e490a048f28bc9c108471ae4f4;p=thirdparty%2Fapache%2Fhttpd.git * Backport the include directive patch for 1.3 * Add a changelog entry for same * reorder the changelog to put security first. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@396294 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index 4e4fd73ef4c..48d7e4d6a01 100644 --- a/STATUS +++ b/STATUS @@ -74,11 +74,6 @@ PROPOSED PATCHES FOR THIS RELEASE: +1: nd, jerenkrantz, wrowe (in principal) -1: jim (until we see the 1.3 version) - *) core: Make "Include" directives work inside previously "Include"'d - files. - http://people.apache.org/~colm/include_directive-1.3.patch - +1: colm, wrowe, jim - RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: * backport fix for mod_log_config logging "0" for %b diff --git a/src/CHANGES b/src/CHANGES index ba2c64662c2..e162ac22f37 100644 --- a/src/CHANGES +++ b/src/CHANGES @@ -1,16 +1,19 @@ Changes with Apache 1.3.35 - *) HTML-escape the Expect error message. Not classed as security as - an attacker has no way to influence the Expect header a victim will - send to a target site. Reported by Thiago Zaninotti - . [Mark Cox] - *) SECURITY: CVE-2005-3352 (cve.mitre.org) mod_imap: Escape untrusted referer header before outputting in HTML to avoid potential cross-site scripting. Change also made to ap_escape_html so we escape quotes. Reported by JPCERT. [Mark Cox] + *) core: Allow usage of the "Include" configuration directive within + previously "Include"d files. [Colm MacCarthaigh] + + *) HTML-escape the Expect error message. Not classed as security as + an attacker has no way to influence the Expect header a victim will + send to a target site. Reported by Thiago Zaninotti + . [Mark Cox] + *) mod_cgi: Remove block on OPTIONS method so that scripts can respond to OPTIONS directly rather than via server default. [Roy Fielding] PR 15242 diff --git a/src/include/http_config.h b/src/include/http_config.h index c2f9f40bf76..ec43fa5febb 100644 --- a/src/include/http_config.h +++ b/src/include/http_config.h @@ -330,6 +330,8 @@ CORE_EXPORT(int) ap_parse_htaccess(void **result, request_rec *r, int override, CORE_EXPORT(const char *) ap_init_virtual_host(pool *p, const char *hostname, server_rec *main_server, server_rec **); CORE_EXPORT(void) ap_process_resource_config(server_rec *s, char *fname, pool *p, pool *ptemp); +CORE_EXPORT(void) ap_process_include_config(server_rec *s, char *fname, pool *p, pool *ptemp, + cmd_parms *parms); /* ap_check_cmd_context() definitions: */ API_EXPORT(const char *) ap_check_cmd_context(cmd_parms *cmd, unsigned forbidden); diff --git a/src/main/http_config.c b/src/main/http_config.c index 6f56d4971c9..6071e0b8818 100644 --- a/src/main/http_config.c +++ b/src/main/http_config.c @@ -1164,6 +1164,101 @@ static int fname_alphasort(const void *fn1, const void *fn2) return strcmp(f1->fname,f2->fname); } +CORE_EXPORT(void) ap_process_include_config(server_rec *s, char *fname, pool *p, pool *ptemp, + cmd_parms *parms) +{ + const char *errmsg; + struct stat finfo; + + fname = ap_server_root_relative(p, fname); + + if (stat(fname, &finfo) == -1) + return; + + /* + * here we want to check if the candidate file is really a + * directory, and most definitely NOT a symlink (to prevent + * horrible loops). If so, let's recurse and toss it back into + * the function. + */ + if (ap_is_rdirectory(fname)) { + DIR *dirp; + struct DIR_TYPE *dir_entry; + int current; + array_header *candidates = NULL; + fnames *fnew; + + /* + * first course of business is to grok all the directory + * entries here and store 'em away. Recall we need full pathnames + * for this. + */ + fprintf(stderr, "Processing config directory: %s\n", fname); + dirp = ap_popendir(p, fname); + if (dirp == NULL) { + perror("fopen"); + fprintf(stderr, "%s: could not open config directory %s\n", + ap_server_argv0, fname); +#ifdef NETWARE + clean_parent_exit(1); +#else + exit(1); +#endif + } + candidates = ap_make_array(p, 1, sizeof(fnames)); + while ((dir_entry = readdir(dirp)) != NULL) { + /* strip out '.' and '..' */ + if (strcmp(dir_entry->d_name, ".") && + strcmp(dir_entry->d_name, "..")) { + fnew = (fnames *) ap_push_array(candidates); + fnew->fname = ap_make_full_path(p, fname, dir_entry->d_name); + } + } + ap_pclosedir(p, dirp); + if (candidates->nelts != 0) { + qsort((void *) candidates->elts, candidates->nelts, + sizeof(fnames), fname_alphasort); + /* + * Now recurse these... we handle errors and subdirectories + * via the recursion, which is nice + */ + for (current = 0; current < candidates->nelts; ++current) { + fnew = &((fnames *) candidates->elts)[current]; + fprintf(stderr, " Processing config file: %s\n", fnew->fname); + ap_process_resource_config(s, fnew->fname, p, ptemp); + } + } + return; + } + + if (!(parms->config_file = ap_pcfg_openfile(p,fname))) { + perror("fopen"); + fprintf(stderr, "%s: could not open document config file %s\n", + ap_server_argv0, fname); +#ifdef NETWARE + clean_parent_exit(1); +#else + exit(1); +#endif + } + + errmsg = ap_srm_command_loop(parms, s->lookup_defaults); + + if (errmsg) { + fprintf(stderr, "Syntax error on line %d of %s:\n", + parms->config_file->line_number, parms->config_file->name); + fprintf(stderr, "%s\n", errmsg); +#ifdef NETWARE + clean_parent_exit(1); +#else + exit(1); +#endif + } + + ap_cfg_closefile(parms->config_file); +} + + CORE_EXPORT(void) ap_process_resource_config(server_rec *s, char *fname, pool *p, pool *ptemp) { const char *errmsg; diff --git a/src/main/http_core.c b/src/main/http_core.c index 752530d86c2..28dba44abe9 100644 --- a/src/main/http_core.c +++ b/src/main/http_core.c @@ -2770,9 +2770,12 @@ static const char *set_coredumpdir (cmd_parms *cmd, void *dummy, char *arg) static const char *include_config (cmd_parms *cmd, void *dummy, char *name) { + static cmd_parms parms; name = ap_server_root_relative(cmd->pool, name); + + memcpy(&parms, cmd, sizeof(parms)); - ap_process_resource_config(cmd->server, name, cmd->pool, cmd->temp_pool); + ap_process_include_config(cmd->server, name, cmd->pool, cmd->temp_pool, &parms); return NULL; }