From: Jim Jagielski Date: Thu, 3 Mar 2022 13:30:46 +0000 (+0000) Subject: dbm backport approved and merged X-Git-Tag: 2.4.53-rc1-candidate~22 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a086e1885f0d5ab84d39ca85e554aeab085ca56e;p=thirdparty%2Fapache%2Fhttpd.git dbm backport approved and merged git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1898566 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index b198da2457a..9ab3d6d19f0 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,10 @@ -*- coding: utf-8 -*- Changes with Apache 2.4.53 + *) dbm: Split the loading of a dbm driver from the opening of a dbm file. When + an attempt to load a dbm driver fails, log clearly which driver triggered + the error (not "default"), and what the error was. [Graham Leggett] + *) mod_proxy: Use the maxium of front end and backend timeouts instead of the minimum when tunneling requests (websockets, CONNECT requests). Backend timeouts can be configured more selectively (per worker if needed) @@ -609,7 +613,7 @@ Changes with Apache 2.4.47 *) mod_ssl: Improve the coalescing filter to buffer into larger TLS records, and avoid revealing the HTTP header size via TLS record boundaries (for common response generators). - [Joe Orton, Ruediger Pluem] + [Joe Orton, Ruediger Pluem] *) mod_proxy_hcheck: Don't pile up health checks if the previous one did not finish before hcinterval. PR 63010. [Yann Ylavic] @@ -630,7 +634,7 @@ Changes with Apache 2.4.47 allowing for (non-)Upgrade negotiation with the origin server. [Yann Ylavic] - *) mod_proxy: Allow ProxyErrorOverride to be restricted to specific status + *) mod_proxy: Allow ProxyErrorOverride to be restricted to specific status codes. PR63628. [Martin Drößler ] *) core: Add ReadBufferSize, FlushMaxThreshold and FlushMaxPipelined @@ -663,7 +667,7 @@ Changes with Apache 2.4.47 *) mod_rewrite: Extend the [CO] (cookie) flag of RewriteRule to accept a SameSite attribute. [Eric Covener] - *) mod_proxy: Add proxy check_trans hook. This allows proxy + *) mod_proxy: Add proxy check_trans hook. This allows proxy modules to decline request handling at early stage. *) mod_proxy_wstunnel: Decline requests without an Upgrade @@ -718,10 +722,10 @@ Changes with Apache 2.4.44 *) mod_proxy_uwsgi: Error out on HTTP header larger than 16K (hard protocol limit). [Yann Ylavic] - *) mod_http2: - Fixes : + *) mod_http2: + Fixes : "LimitRequestFields 0" now disables the limit, as documented. - Fixes : + Fixes : Do not count repeated headers with same name against the field count limit. The are merged internally, as if sent in a single HTTP/1 line. [Stefan Eissing] @@ -788,7 +792,7 @@ Changes with Apache 2.4.42 *) mod_proxy_http: Fix the forwarding of requests with content body when a balancer member is unavailable; the retry on the next member was issued - with an empty body (regression introduced in 2.4.41). PR63891. + with an empty body (regression introduced in 2.4.41). PR63891. [Yann Ylavic] *) core: Use a temporary file when writing the pid file, avoiding @@ -806,7 +810,7 @@ Changes with Apache 2.4.42 *) mod_authz_groupfile: Drop AH01666 from loglevel "error" to "info". PR64172. - *) mod_usertrack: Add CookieSameSite, CookieHTTPOnly, and CookieSecure + *) mod_usertrack: Add CookieSameSite, CookieHTTPOnly, and CookieSecure to allow customization of the usertrack cookie. PR64077. [Prashant Keshvani , Eric Covener] @@ -845,7 +849,7 @@ Changes with Apache 2.4.42 allow for use in and sections. If all possible variations lead to the configuration you wanted in the first place, is another matter. [Michael Kaufmann , Timothe Litt (@tlhackque), - Michal Karm Babacek (@Karm), Stefan Eissing (@icing)] + Michal Karm Babacek (@Karm), Stefan Eissing (@icing)] *) test: Added continuous testing with Travis CI. This tests various scenarios on Ubuntu with the full test suite. @@ -874,18 +878,18 @@ Changes with Apache 2.4.42 r:notes_table, r:subprocess_env_table as read-only native table alternatives that can be iterated over. [Eric Covener] - *) mod_http2: Fixed rare cases where a h2 worker could deadlock the main connection. + *) mod_http2: Fixed rare cases where a h2 worker could deadlock the main connection. [Yann Ylavic, Stefan Eissing] - *) mod_lua: Accept nil assignments to the exposed tables (r.subprocess_env, - r.headers_out, etc) to remove the key from the table. PR63971. + *) mod_lua: Accept nil assignments to the exposed tables (r.subprocess_env, + r.headers_out, etc) to remove the key from the table. PR63971. [Eric Covener] *) mod_http2: Fixed interaction with mod_reqtimeout. A loaded mod_http2 was disabling the - ssl handshake timeouts. Also, fixed a mistake of the last version that made `H2Direct` + ssl handshake timeouts. Also, fixed a mistake of the last version that made `H2Direct` always `on`, regardless of configuration. Found and reported by and - . [Stefan Eissing] + . [Stefan Eissing] *) mod_http2: Multiple field length violations in the same request no longer cause several log entries to be written. [@mkauf] @@ -895,7 +899,7 @@ Changes with Apache 2.4.42 *) mod_proxy_html, mod_xml2enc: Fix build issues with macOS due to r1864469 [Jim Jagielski] - + *) mod_authn_socache: Increase the maximum length of strings that can be cached by the module from 100 to 256. PR 62149 [] @@ -909,7 +913,7 @@ Changes with Apache 2.4.42 *) mod_deflate, mod_brotli: honor "Accept-Encoding: foo;q=0" as per RFC 7231; which means 'foo' is "not acceptable". PR 58158 [Chistophe Jaillet] - *) mod_md v2.2.3: + *) mod_md v2.2.3: - Configuring MDCAChallenges replaces any previous existing challenge configuration. It had been additive before which was not the intended behaviour. [@mkauf] - Fixing order of ACME challenges used when nothing else configured. Code now behaves as @@ -932,7 +936,7 @@ Changes with Apache 2.4.42 locations or formats. [Stefan Eissing] - *) mod_proxy_balancer: Fix case-sensitive referer check related to CSRF/XSS + *) mod_proxy_balancer: Fix case-sensitive referer check related to CSRF/XSS protection. PR 63688. [Armin Abfalterer ] Changes with Apache 2.4.41 @@ -968,7 +972,7 @@ Changes with Apache 2.4.41 leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client. [Stefan Eissing] - *) mod_proxy_balancer: Improve balancer-manager protection against + *) mod_proxy_balancer: Improve balancer-manager protection against XSS/XSRF attacks from trusted users. [Joe Orton, Niels Heinen ] @@ -984,7 +988,7 @@ Changes with Apache 2.4.41 Changes with Apache 2.4.40 - *) core, mod_rewrite: Set PCRE_DOTALL by default. Revert via + *) core, mod_rewrite: Set PCRE_DOTALL by default. Revert via RegexDefaultOptions -DOTALL [Yann Ylavic] *) core: Remove request details from built-in error documents [Eric Covener] @@ -1016,13 +1020,13 @@ Changes with Apache 2.4.40 other modules want to provide those. Falls back to own implementation with same behaviour as before. [Stefan Eissing] - + *) mod_md: new features - protocol - supports the ACMEv2 protocol. It is the default and will be used on the next certificate renewal, unless another "MDCertificateAuthority" is configured - ACMEv2 endpoints use the GET via empty POST way of accessing resources, see - announcement by Let's Encrypt: + announcement by Let's Encrypt: https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380 - challenges - new challenge method 'tls-alpn-01' implemented @@ -1134,41 +1138,41 @@ Changes with Apache 2.4.39 *) core: new configuration option 'MergeSlashes on|off' that controls handling of multiple, consecutive slash ('/') characters in the path component of the request URL. [Eric Covener] - + *) mod_http2: when SSL renegotiation is inhibited and a 403 ErrorDocument is in play, the proper HTTP/2 stream reset did not trigger with H2_ERR_HTTP_1_1_REQUIRED. - Fixed. [Michael Kaufmann] + Fixed. [Michael Kaufmann] - *) mod_http2: new configuration directive: `H2Padding numbits` to control + *) mod_http2: new configuration directive: `H2Padding numbits` to control padding of HTTP/2 payload frames. 'numbits' is a number from 0-8, controlling the range of padding bytes added to a frame. The actual number added is chosen randomly per frame. This applies to HEADERS, DATA and PUSH_PROMISE - frames equally. The default continues to be 0, e.g. no padding. [Stefan Eissing] - + frames equally. The default continues to be 0, e.g. no padding. [Stefan Eissing] + *) mod_http2: ripping out all the h2_req_engine internal features now that mod_proxy_http2 has no more need for it. Optional functions are still declared but no longer implemented. While previous mod_proxy_http2 will work with this, it is recommended to run the matching versions of both modules. [Stefan Eissing] - + *) mod_proxy_http2: changed mod_proxy_http2 implementation and fixed several bugs which resolve PR63170. The proxy module does now a single h2 request on the (reused) connection and returns. [Stefan Eissing] - - *) mod_http2/mod_proxy_http2: proxy_http2 checks correct master connection aborted status + + *) mod_http2/mod_proxy_http2: proxy_http2 checks correct master connection aborted status to trigger immediate shutdown of backend connections. This is now always signalled - by mod_http2 when the the session is being released. + by mod_http2 when the the session is being released. proxy_http2 now only sends a PING frame to the backend when there is not already one in flight. [Stefan Eissing] - *) mod_proxy_http2: fixed an issue where a proxy_http2 handler entered an infinite - loop when encountering certain errors on the backend connection. + *) mod_proxy_http2: fixed an issue where a proxy_http2 handler entered an infinite + loop when encountering certain errors on the backend connection. See . [Stefan Eissing] - *) mod_http2: Configuration directives H2Push and H2Upgrade can now be specified per + *) mod_http2: Configuration directives H2Push and H2Upgrade can now be specified per Location/Directory, e.g. disabling PUSH for a specific set of resources. [Stefan Eissing] *) mod_http2: HEAD requests to some module such as mod_cgid caused the stream to - terminate improperly and cause a HTTP/2 PROTOCOL_ERROR. + terminate improperly and cause a HTTP/2 PROTOCOL_ERROR. Fixes . [Michael Kaufmann] *) http: Fix possible empty response with mod_ratelimit for HEAD requests. @@ -1216,13 +1220,13 @@ Changes with Apache 2.4.38 *) mod_negotiation: Treat LanguagePriority as case-insensitive to match AddLanguage behavior and HTTP specification. PR 39730 [Christophe Jaillet] - + *) mod_md: incorrect behaviour when synchronizing ongoing ACME challenges have been fixed. [Michael Kaufmann, Stefan Eissing] - + *) mod_setenvif: We can have expressions that become true if a regex pattern in the expression does NOT match. In this case val is NULL - and we should just set the value for the environment variable + and we should just set the value for the environment variable like in the pattern case. [Ruediger Pluem] *) mod_session: Always decode session attributes early. [Hank Ibell] @@ -1231,7 +1235,7 @@ Changes with Apache 2.4.38 multiple environment variables are specified in a directive. [Hank Ibell] *) mod_rewrite: Only create the global mutex used by "RewriteMap prg:" when - this type of map is present in the configuration. PR62311. + this type of map is present in the configuration. PR62311. [Hank Ibell ] *) mod_dav: Fix invalid Location header when a resource is created by @@ -1255,7 +1259,7 @@ Changes with Apache 2.4.38 *) mod_proxy: If ProxyPassReverse is used for reverse mapping of relative redirects, subsequent ProxyPassReverse statements, whether they are relative or absolute, may fail. PR 60408. [Peter Haworth ] - + *) mod_lua: Now marked as a stable module [https://s.apache.org/Xnh1] Changes with Apache 2.4.37 @@ -1284,9 +1288,9 @@ Changes with Apache 2.4.36 [Eric Covener] *) mod_http2: adding defensive code for stream EOS handling, in case the request handler - missed to signal it the normal way (eos buckets). Addresses github issues + missed to signal it the normal way (eos buckets). Addresses github issues https://github.com/icing/mod_h2/issues/164, https://github.com/icing/mod_h2/issues/167 - and https://github.com/icing/mod_h2/issues/170. [Stefan Eissing] + and https://github.com/icing/mod_h2/issues/170. [Stefan Eissing] *) ab: Add client certificate support. PR 55774. [Graham Leggett] @@ -1364,7 +1368,7 @@ Changes with Apache 2.4.35 *) mod_watchdog: Correct some log messages. [Rainer Jung] *) mod_md: When the last domain name from an MD is moved to another one, - that now empty MD gets moved to the store archive. PR 62572. + that now empty MD gets moved to the store archive. PR 62572. [Stefan Eissing] *) mod_ssl: Fix merging of SSLOCSPOverrideResponder. [Jeff Trawick, diff --git a/STATUS b/STATUS index db9af614977..47d8cd05cab 100644 --- a/STATUS +++ b/STATUS @@ -147,17 +147,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - *) dbm: Split the loading of a dbm driver from the opening of a dbm file. When - an attempt to load a dbm driver fails, log clearly which driver triggered - the error (not "default"), and what the error was. - Trunk version of patch: - https://svn.apache.org/r1891019 - Backport version for 2.4.x of patch: - https://svn.apache.org/repos/asf/httpd/httpd/patches/2.4.x/httpd-dbm.patch - +1: minfrin, icing, jim - jailletc36: part of r1891023 is needed to fill some APLOGNO() - icing: seems there is some potential to wrap this into a common function? - *) mod_proxy: Bump shared worker name to 384 chars. PR 53218 trunk patch: http://svn.apache.org/r1896253 http://svn.apache.org/r1897859 (CHANGES entry, not in patch) diff --git a/modules/aaa/mod_authn_dbm.c b/modules/aaa/mod_authn_dbm.c index 6eae9e052ab..a5eb00febec 100644 --- a/modules/aaa/mod_authn_dbm.c +++ b/modules/aaa/mod_authn_dbm.c @@ -72,18 +72,39 @@ static const command_rec authn_dbm_cmds[] = module AP_MODULE_DECLARE_DATA authn_dbm_module; -static apr_status_t fetch_dbm_value(const char *dbmtype, const char *dbmfile, - const char *user, char **value, - apr_pool_t *pool) +static apr_status_t fetch_dbm_value(request_rec *r, const char *dbmtype, + const char *dbmfile, + const char *user, char **value) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *f; apr_datum_t key, val; apr_status_t rv; +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + rv = apr_dbm_get_driver(&driver, dbmtype, &err, r->pool); + + if (rv != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO() + "could not load '%s' dbm library: %s", + err->reason, err->msg); + return rv; + } + + rv = apr_dbm_open2(&f, driver, dbmfile, APR_DBM_READONLY, + APR_OS_DEFAULT, r->pool); +#else rv = apr_dbm_open_ex(&f, dbmtype, dbmfile, APR_DBM_READONLY, - APR_OS_DEFAULT, pool); + APR_OS_DEFAULT, r->pool); +#endif if (rv != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO() + "could not open dbm (type %s) file: %s", + dbmtype, dbmfile); return rv; } @@ -97,7 +118,7 @@ static apr_status_t fetch_dbm_value(const char *dbmtype, const char *dbmfile, *value = NULL; if (apr_dbm_fetch(f, key, &val) == APR_SUCCESS && val.dptr) { - *value = apr_pstrmemdup(pool, val.dptr, val.dsize); + *value = apr_pstrmemdup(r->pool, val.dptr, val.dsize); } apr_dbm_close(f); @@ -118,13 +139,9 @@ static authn_status check_dbm_pw(request_rec *r, const char *user, char *dbm_password; char *colon_pw; - rv = fetch_dbm_value(conf->dbmtype, conf->pwfile, user, &dbm_password, - r->pool); + rv = fetch_dbm_value(r, conf->dbmtype, conf->pwfile, user, &dbm_password); if (rv != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01754) - "could not open dbm (type %s) auth file: %s", - conf->dbmtype, conf->pwfile); return AUTH_GENERAL_ERROR; } @@ -156,14 +173,11 @@ static authn_status get_dbm_realm_hash(request_rec *r, const char *user, char *dbm_hash; char *colon_hash; - rv = fetch_dbm_value(conf->dbmtype, conf->pwfile, + rv = fetch_dbm_value(r, conf->dbmtype, conf->pwfile, apr_pstrcat(r->pool, user, ":", realm, NULL), - &dbm_hash, r->pool); + &dbm_hash); if (rv != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01755) - "Could not open dbm (type %s) hash file: %s", - conf->dbmtype, conf->pwfile); return AUTH_GENERAL_ERROR; } diff --git a/modules/aaa/mod_authz_dbm.c b/modules/aaa/mod_authz_dbm.c index 843d9a8e43f..683a5fd0dbd 100644 --- a/modules/aaa/mod_authz_dbm.c +++ b/modules/aaa/mod_authz_dbm.c @@ -96,14 +96,35 @@ static apr_status_t get_dbm_grp(request_rec *r, char *key1, char *key2, const char *dbmgrpfile, const char *dbtype, const char ** out) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif char *grp_colon, *val; apr_status_t retval; apr_dbm_t *f; +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + rv = apr_dbm_get_driver(&driver, dbmtype, &err, r->pool); + + if (rv != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO() + "could not load '%s' dbm library: %s", + err->reason, err->msg); + return retval; + } + + retval = apr_dbm_open2(&f, driver, dbmgrpfile, APR_DBM_READONLY, + APR_OS_DEFAULT, r->pool); +#else retval = apr_dbm_open_ex(&f, dbtype, dbmgrpfile, APR_DBM_READONLY, APR_OS_DEFAULT, r->pool); +#endif if (retval != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, retval, r, APLOGNO(01799) + "could not open dbm (type %s) group access " + "file: %s", dbtype, dbmgrpfile); return retval; } @@ -166,9 +187,6 @@ static authz_status dbmgroup_check_authorization(request_rec *r, user, conf->grpfile, conf->dbmtype, &groups); if (status != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(01799) - "could not open dbm (type %s) group access " - "file: %s", conf->dbmtype, conf->grpfile); return AUTHZ_GENERAL_ERROR; } @@ -241,9 +259,6 @@ static authz_status dbmfilegroup_check_authorization(request_rec *r, user, conf->grpfile, conf->dbmtype, &groups); if (status != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(01803) - "could not open dbm (type %s) group access " - "file: %s", conf->dbmtype, conf->grpfile); return AUTHZ_DENIED; } diff --git a/modules/cache/mod_socache_dbm.c b/modules/cache/mod_socache_dbm.c index 67246457cd9..8af188f24a9 100644 --- a/modules/cache/mod_socache_dbm.c +++ b/modules/cache/mod_socache_dbm.c @@ -121,6 +121,10 @@ static apr_status_t socache_dbm_init(ap_socache_instance_t *ctx, const struct ap_socache_hints *hints, server_rec *s, apr_pool_t *p) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *dbm; apr_status_t rv; @@ -142,6 +146,22 @@ static apr_status_t socache_dbm_init(ap_socache_instance_t *ctx, /* open it once to create it and to make sure it _can_ be created */ apr_pool_clear(ctx->pool); +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_get_driver(&driver, NULL, &err, + ctx->pool) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO() + "Cannot load socache DBM library '%s': %s", + err->reason, err->msg); + return rv; + } + if ((rv = apr_dbm_open2(&dbm, driver, ctx->data_file, + APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00804) + "Cannot create socache DBM file `%s'", + ctx->data_file); + return DECLINED; + } +#else if ((rv = apr_dbm_open(&dbm, ctx->data_file, APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00804) @@ -149,6 +169,7 @@ static apr_status_t socache_dbm_init(ap_socache_instance_t *ctx, ctx->data_file); return rv; } +#endif apr_dbm_close(dbm); ctx->expiry_interval = (hints && hints->expiry_interval @@ -193,6 +214,10 @@ static apr_status_t socache_dbm_store(ap_socache_instance_t *ctx, unsigned char *ucaData, unsigned int nData, apr_pool_t *pool) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *dbm; apr_datum_t dbmkey; apr_datum_t dbmval; @@ -228,6 +253,25 @@ static apr_status_t socache_dbm_store(ap_socache_instance_t *ctx, /* and store it to the DBM file */ apr_pool_clear(ctx->pool); +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_get_driver(&driver, NULL, &err, + ctx->pool) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO() + "Cannot load socache DBM library '%s' (store): %s", + err->reason, err->msg); + free(dbmval.dptr); + return rv; + } + if ((rv = apr_dbm_open2(&dbm, driver, ctx->data_file, + APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00807) + "Cannot open socache DBM file `%s' for writing " + "(store)", + ctx->data_file); + free(dbmval.dptr); + return rv; + } +#else if ((rv = apr_dbm_open(&dbm, ctx->data_file, APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00807) @@ -237,6 +281,7 @@ static apr_status_t socache_dbm_store(ap_socache_instance_t *ctx, free(dbmval.dptr); return rv; } +#endif if ((rv = apr_dbm_store(dbm, dbmkey, dbmval)) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00808) "Cannot store socache object to DBM file `%s'", @@ -261,6 +306,10 @@ static apr_status_t socache_dbm_retrieve(ap_socache_instance_t *ctx, server_rec unsigned char *dest, unsigned int *destlen, apr_pool_t *p) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *dbm; apr_datum_t dbmkey; apr_datum_t dbmval; @@ -281,6 +330,23 @@ static apr_status_t socache_dbm_retrieve(ap_socache_instance_t *ctx, server_rec * do the apr_dbm_close? This would make the code a bit cleaner. */ apr_pool_clear(ctx->pool); +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_get_driver(&driver, NULL, &err, + ctx->pool) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO() + "Cannot load socache DBM library '%s' (fetch): %s", + err->reason, err->msg); + return rc; + } + if ((rv = apr_dbm_open2(&dbm, driver, ctx->data_file, + APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rc, s, APLOGNO(00809) + "Cannot open socache DBM file `%s' for reading " + "(fetch)", + ctx->data_file); + return rc; + } +#else if ((rc = apr_dbm_open(&dbm, ctx->data_file, APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rc, s, APLOGNO(00809) @@ -289,6 +355,7 @@ static apr_status_t socache_dbm_retrieve(ap_socache_instance_t *ctx, server_rec ctx->data_file); return rc; } +#endif rc = apr_dbm_fetch(dbm, dbmkey, &dbmval); if (rc != APR_SUCCESS) { apr_dbm_close(dbm); @@ -326,6 +393,10 @@ static apr_status_t socache_dbm_remove(ap_socache_instance_t *ctx, server_rec *s, const unsigned char *id, unsigned int idlen, apr_pool_t *p) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *dbm; apr_datum_t dbmkey; apr_status_t rv; @@ -337,6 +408,23 @@ static apr_status_t socache_dbm_remove(ap_socache_instance_t *ctx, /* and delete it from the DBM file */ apr_pool_clear(ctx->pool); +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_get_driver(&driver, NULL, &err, + ctx->pool) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO() + "Cannot load socache DBM library '%s' (delete): %s", + err->reason, err->msg); + return rv; + } + if ((rv = apr_dbm_open2(&dbm, driver, ctx->data_file, + APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00810) + "Cannot open socache DBM file `%s' for writing " + "(delete)", + ctx->data_file); + return rv; + } +#else if ((rv = apr_dbm_open(&dbm, ctx->data_file, APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00810) @@ -345,6 +433,7 @@ static apr_status_t socache_dbm_remove(ap_socache_instance_t *ctx, ctx->data_file); return rv; } +#endif apr_dbm_delete(dbm, dbmkey); apr_dbm_close(dbm); @@ -353,6 +442,10 @@ static apr_status_t socache_dbm_remove(ap_socache_instance_t *ctx, static void socache_dbm_expire(ap_socache_instance_t *ctx, server_rec *s) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *dbm; apr_datum_t dbmkey; apr_datum_t dbmval; @@ -378,6 +471,16 @@ static void socache_dbm_expire(ap_socache_instance_t *ctx, server_rec *s) ctx->last_expiry = now; +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_get_driver(&driver, NULL, &err, + ctx->pool) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO() + "Cannot load socache DBM library '%s' (expire): %s", + err->reason, err->msg); + return rv; + } +#endif + /* * Here we have to be very carefully: Not all DBM libraries are * smart enough to allow one to iterate over the elements and at the @@ -401,6 +504,16 @@ static void socache_dbm_expire(ap_socache_instance_t *ctx, server_rec *s) /* pass 1: scan DBM database */ keyidx = 0; +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_open2(&dbm, driver, ctx->data_file, APR_DBM_RWCREATE, + DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00811) + "Cannot open socache DBM file `%s' for " + "scanning", + ctx->data_file); + break; + } +#else if ((rv = apr_dbm_open(&dbm, ctx->data_file, APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00811) @@ -409,6 +522,7 @@ static void socache_dbm_expire(ap_socache_instance_t *ctx, server_rec *s) ctx->data_file); break; } +#endif apr_dbm_firstkey(dbm, &dbmkey); while (dbmkey.dptr != NULL) { elts++; @@ -434,6 +548,16 @@ static void socache_dbm_expire(ap_socache_instance_t *ctx, server_rec *s) apr_dbm_close(dbm); /* pass 2: delete expired elements */ +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if (apr_dbm_open2(&dbm, driver, ctx->data_file, APR_DBM_RWCREATE, + DBM_FILE_MODE, ctx->pool) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00812) + "Cannot re-open socache DBM file `%s' for " + "expiring", + ctx->data_file); + break; + } +#else if (apr_dbm_open(&dbm, ctx->data_file, APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00812) @@ -442,6 +566,7 @@ static void socache_dbm_expire(ap_socache_instance_t *ctx, server_rec *s) ctx->data_file); break; } +#endif for (i = 0; i < keyidx; i++) { apr_dbm_delete(dbm, keylist[i]); deleted++; @@ -461,6 +586,10 @@ static void socache_dbm_expire(ap_socache_instance_t *ctx, server_rec *s) static void socache_dbm_status(ap_socache_instance_t *ctx, request_rec *r, int flags) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *dbm; apr_datum_t dbmkey; apr_datum_t dbmval; @@ -473,14 +602,32 @@ static void socache_dbm_status(ap_socache_instance_t *ctx, request_rec *r, size = 0; apr_pool_clear(ctx->pool); +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_get_driver(&driver, NULL, &err, + ctx->pool) != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO() + "Cannot load socache DBM library '%s' (status retrieval): %s", + err->reason, err->msg); + return; + } + if ((rv = apr_dbm_open2(&dbm, driver, ctx->data_file, APR_DBM_RWCREATE, + DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00814) + "Cannot open socache DBM file `%s' for status " + "retrieval", + ctx->data_file); + return; + } +#else if ((rv = apr_dbm_open(&dbm, ctx->data_file, APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00814) "Cannot open socache DBM file `%s' for status " - "retrival", + "retrieval", ctx->data_file); return; } +#endif /* * XXX - Check the return value of apr_dbm_firstkey, apr_dbm_fetch - TBD */ @@ -516,6 +663,10 @@ static apr_status_t socache_dbm_iterate(ap_socache_instance_t *ctx, ap_socache_iterator_t *iterator, apr_pool_t *pool) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *dbm; apr_datum_t dbmkey; apr_datum_t dbmval; @@ -528,6 +679,22 @@ static apr_status_t socache_dbm_iterate(ap_socache_instance_t *ctx, * make sure the expired records are omitted */ now = apr_time_now(); +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_get_driver(&driver, NULL, &err, + ctx->pool) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO() + "Cannot load socache DBM library '%s' (iterating): %s", + err->reason, err->msg); + return rv; + } + if ((rv = apr_dbm_open2(&dbm, driver, ctx->data_file, APR_DBM_RWCREATE, + DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00815) + "Cannot open socache DBM file `%s' for " + "iterating", ctx->data_file); + return rv; + } +#else if ((rv = apr_dbm_open(&dbm, ctx->data_file, APR_DBM_RWCREATE, DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(00815) @@ -535,6 +702,7 @@ static apr_status_t socache_dbm_iterate(ap_socache_instance_t *ctx, "iterating", ctx->data_file); return rv; } +#endif rv = apr_dbm_firstkey(dbm, &dbmkey); while (rv == APR_SUCCESS && dbmkey.dptr != NULL) { expired = FALSE; diff --git a/modules/dav/fs/dbm.c b/modules/dav/fs/dbm.c index 0d12831f021..fd109affa50 100644 --- a/modules/dav/fs/dbm.c +++ b/modules/dav/fs/dbm.c @@ -127,11 +127,30 @@ void dav_fs_ensure_state_dir(apr_pool_t * p, const char *dirname) dav_error * dav_dbm_open_direct(apr_pool_t *p, const char *pathname, int ro, dav_db **pdb) { - apr_status_t status; +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *file = NULL; + apr_status_t status; *pdb = NULL; +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((status = apr_dbm_get_driver(&driver, NULL, &err, p)) != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, status, ap_server_conf, APLOGNO() + "mod_dav_fs: The DBM library '%s' could not be loaded: %s", + err->reason, err->msg); + return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 1, status, + "Could not load library for property database."); + } + if ((status = apr_dbm_open2(&file, driver, pathname, + ro ? APR_DBM_READONLY : APR_DBM_RWCREATE, + APR_OS_DEFAULT, p)) + != APR_SUCCESS && !ro) { + return dav_fs_dbm_error(NULL, p, status); + } +#else if ((status = apr_dbm_open(&file, pathname, ro ? APR_DBM_READONLY : APR_DBM_RWCREATE, APR_OS_DEFAULT, p)) @@ -143,6 +162,7 @@ dav_error * dav_dbm_open_direct(apr_pool_t *p, const char *pathname, int ro, and we need to write */ return dav_fs_dbm_error(NULL, p, status); } +#endif /* may be NULL if we tried to open a non-existent db as read-only */ if (file != NULL) { diff --git a/modules/dav/lock/locks.c b/modules/dav/lock/locks.c index 17b9ee69c02..9b204392d16 100644 --- a/modules/dav/lock/locks.c +++ b/modules/dav/lock/locks.c @@ -311,6 +311,10 @@ static int dav_generic_compare_locktoken(const dav_locktoken *lt1, */ static dav_error * dav_generic_really_open_lockdb(dav_lockdb *lockdb) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif dav_error *err; apr_status_t status; @@ -318,9 +322,25 @@ static dav_error * dav_generic_really_open_lockdb(dav_lockdb *lockdb) return NULL; } +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + status = apr_dbm_get_driver(&driver, NULL, &err, p); + + if (status) { + ap_log_error(APLOG_MARK, APLOG_ERR, status, ap_server_conf, APLOGNO() + "mod_dav_lock: The DBM library '%s' could not be loaded: %s", + err->reason, err->msg); + return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 1, status, + "Could not load library for property database."); + } + + status = apr_dbm_open2(&lockdb->info->db, driver, lockdb->info->lockdb_path, + lockdb->ro ? APR_DBM_READONLY : APR_DBM_RWCREATE, + APR_OS_DEFAULT, lockdb->info->pool); +else status = apr_dbm_open(&lockdb->info->db, lockdb->info->lockdb_path, lockdb->ro ? APR_DBM_READONLY : APR_DBM_RWCREATE, APR_OS_DEFAULT, lockdb->info->pool); +#endif if (status) { err = dav_generic_dbm_new_error(lockdb->info->db, lockdb->info->pool, diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index 80fbc9e84ff..699a01f9478 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -1357,12 +1357,31 @@ static char *lookup_map_txtfile(request_rec *r, const char *file, char *key) static char *lookup_map_dbmfile(request_rec *r, const char *file, const char *dbmtype, char *key) { +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif apr_dbm_t *dbmfp = NULL; apr_datum_t dbmkey; apr_datum_t dbmval; char *value; apr_status_t rv; +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + if ((rv = apr_dbm_get_driver(&driver, dbmtype, &err, + ctx->pool) != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO() + "mod_rewrite: can't load DBM library '%s': %s", + err->reason, err->msg); + return NULL; + } + if ((rv = apr_dbm_open2(&dbm, driver, ctx->data_file, APR_DBM_RWCREATE, + DBM_FILE_MODE, ctx->pool)) != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00656) + "mod_rewrite: can't open DBM RewriteMap %s", file); + return NULL; + } +#else if ((rv = apr_dbm_open_ex(&dbmfp, dbmtype, file, APR_DBM_READONLY, APR_OS_DEFAULT, r->pool)) != APR_SUCCESS) { @@ -1370,6 +1389,7 @@ static char *lookup_map_dbmfile(request_rec *r, const char *file, "mod_rewrite: can't open DBM RewriteMap %s", file); return NULL; } +#endif dbmkey.dptr = key; dbmkey.dsize = strlen(key); diff --git a/modules/proxy/mod_proxy_express.c b/modules/proxy/mod_proxy_express.c index 0f5d604295c..3f1d5ad2efd 100644 --- a/modules/proxy/mod_proxy_express.c +++ b/modules/proxy/mod_proxy_express.c @@ -19,6 +19,11 @@ module AP_MODULE_DECLARE_DATA proxy_express_module; +#include "apr_version.h" +#if !APR_VERSION_AT_LEAST(2,0,0) +#include "apu_version.h" +#endif + static int proxy_available = 0; typedef struct { @@ -115,6 +120,10 @@ static int xlate_name(request_rec *r) struct proxy_alias *ralias; proxy_dir_conf *dconf; express_server_conf *sconf; +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + const apr_dbm_driver_t *driver; + const apu_err_t *err; +#endif sconf = ap_get_module_config(r->server->module_config, &proxy_express_module); dconf = ap_get_module_config(r->per_dir_config, &proxy_module); @@ -132,11 +141,31 @@ static int xlate_name(request_rec *r) ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01002) "proxy_express: Opening DBM file: %s (%s)", sconf->dbmfile, sconf->dbmtype); + +#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 7) + rv = apr_dbm_get_driver(&driver, sconf->dbmtype, &err, r->pool); + if (rv != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, + APLOGNO() "The dbm library '%s' could not be loaded: %s (%s: %d)", + sconf->dbmtype, err->msg, err->reason, err->rc); + return DECLINED; + } + + rv = apr_dbm_open2(&db, driver, sconf->dbmfile, APR_DBM_READONLY, + APR_OS_DEFAULT, r->pool); + if (rv != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, + APLOGNO() "The '%s' file '%s' could not be loaded", + sconf->dbmtype, sconf->dbmfile); + return DECLINED; + } +#else rv = apr_dbm_open_ex(&db, sconf->dbmtype, sconf->dbmfile, APR_DBM_READONLY, APR_OS_DEFAULT, r->pool); if (rv != APR_SUCCESS) { return DECLINED; } +#endif name = ap_get_server_name(r); ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01003)