From: Luca Toscano <elukey@apache.org>
Date: Sun, 3 Jul 2016 09:48:06 +0000 (+0000)
Subject: Improve the FCGI/CGI Last-Modified header value handling.
X-Git-Tag: 2.5.0-alpha~1431
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=edf1a4d4baf6897a75afca6b998be559fc69cbee;p=thirdparty%2Fapache%2Fhttpd.git

Improve the FCGI/CGI Last-Modified header value handling.

Patch from Yann after a discussion on the dev@ mailing list.
ap_scan_script_header_err_core_ex is now using apr_date_parse_rfc
in order to recognize non-GMT datestr following RFC822/1123
and transforming them to GMT rather than replacing the value
with GMT now (that could add httpd's processing time to the
original value). Logging has also been improved from my initial
solution.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1751138 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/server/util_script.c b/server/util_script.c
index 4f839cd7940..5e071a2f840 100644
--- a/server/util_script.c
+++ b/server/util_script.c
@@ -665,28 +665,25 @@ AP_DECLARE(int) ap_scan_script_header_err_core_ex(request_rec *r, char *buffer,
          * pass it on blindly because of restrictions on future or invalid values.
          */
         else if (!ap_cstr_casecmp(w, "Last-Modified")) {
-            apr_time_t last_modified_date = apr_date_parse_http(l);
-            if (last_modified_date != APR_DATE_BAD) {
+            apr_time_t parsed_date = apr_date_parse_rfc(l);
+            if (parsed_date != APR_DATE_BAD) {
+                apr_time_t last_modified_date = parsed_date;
+                apr_time_t now = apr_time_now();
+                if (parsed_date > now) {
+                    last_modified_date = now;
+                }
                 ap_update_mtime(r, last_modified_date);
                 ap_set_last_modified(r);
-                if (APLOGrtrace1(r)) {
-                    const char* datestr = apr_table_get(r->headers_out,
-                                                        "Last-Modified");
-                    apr_time_t timestamp = apr_date_parse_http(datestr);
-                    if (timestamp < last_modified_date) {
-                        char *last_modified_datestr = apr_palloc(r->pool,
-                                                                 APR_RFC822_DATE_LEN);
-                        apr_rfc822_date(last_modified_datestr, last_modified_date);
-                        ap_log_rerror(SCRIPT_LOG_MARK, APLOG_TRACE1, 0, r,
-                                      "The Last-Modified header value '%s' "
-                                      "(parsed as RFC822/RFC1123 datetime, "
-                                      "that assumes the GMT timezone) "
-                                      "has been replaced with: '%s'. "
-                                      "An origin server with a clock must not send "
-                                      "a Last-Modified date that is later than the "
-                                      "server's time of message origination.",
-                                      last_modified_datestr, datestr);
-                    }
+                if (APLOGrtrace1(r) &&
+                        (parsed_date > now ||
+                         parsed_date != apr_date_parse_http(l))) {
+                    ap_log_rerror(SCRIPT_LOG_MARK, APLOG_TRACE1, 0, r,
+                                  "The Last-Modified header value '%s' (%s) "
+                                  "has been replaced with '%s'", l,
+                                  parsed_date > now ? "in the future"
+                                                    : "non GMT",
+                                  apr_table_get(r->headers_out,
+                                                "Last-Modified"));
                 }
             }
             else {