You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2013/11/11 15:03:50 UTC
svn commit: r1540730 - in /httpd/httpd/branches/2.2.x: ./ docs/ docs/conf/
docs/manual/mod/ modules/dav/fs/ modules/dav/main/ support/
Author: jim
Date: Mon Nov 11 14:03:49 2013
New Revision: 1540730
URL: http://svn.apache.org/r1540730
Log:
Merge r1529559, r1531505 from trunk:
Fix PR 55397: dav_resource->uri treated as an unparsed uri.
The change made for PR 54611 caused this field to be treated as
unescaped. mod_dav_svn however, provided escaped URIs. Essentially
breaking support for paths with non-URI safe characters in SVN.
Adjust the code so that dav_resource->uri is assumed to be escaped and
adjust mod_dav_fs so that it uses escaped URIs in this field.
* modules/dav/fs/repos.c
(dav_fs_get_resource): Use the unparsed_uri to contruct the resource uri.
* modules/dav/main/mod_dav.c
(dav_xml_escape_uri): Do not uri escape, just handle xml escaping.
(dav_created): Assume that locn if provided is escaped.
(dav_method_copymove, dav_method_bind): Use the unparsed_uri on the request
when calling dav_created() to adjust to locn assuming it is escaped.
* modules/dav/main/mod_dav.h
(dav_resource): Document that uri is escaped.
Followup to r1529559: mod_dav_fs: Fix encoding of hrefs in PROPFIND response.
Previous commit missed encoding the names of the children of the PROPFIND
request when the depth wasn't 0.
* modules/dav/fs/repos.c
(dav_fs_append_uri): New function
(dav_fs_walker): Use dav_fs_append_uri() and adjust length calculations to
use the encoded length.
Submitted by: breser
Reviewed/backported by: jim
Modified:
httpd/httpd/branches/2.2.x/ (props changed)
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/docs/ (props changed)
httpd/httpd/branches/2.2.x/docs/conf/mime.types (props changed)
httpd/httpd/branches/2.2.x/docs/manual/mod/ (props changed)
httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_basic.xml (props changed)
httpd/httpd/branches/2.2.x/docs/manual/mod/mod_autoindex.xml (props changed)
httpd/httpd/branches/2.2.x/modules/dav/fs/repos.c
httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c
httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.h
httpd/httpd/branches/2.2.x/support/ab.c (props changed)
httpd/httpd/branches/2.2.x/support/suexec.c (props changed)
Propchange: httpd/httpd/branches/2.2.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1529559,1531505
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1540730&r1=1540729&r2=1540730&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Mon Nov 11 14:03:49 2013
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.2.26
+ *) mod_dav: dav_resource->uri treated as unencoded. This was an
+ unnecessary ABI changed introduced in 2.2.25 PR 55397. [Ben Reser]
+
*) mod_dav: Do not validate locks against parent collection of COPY
source URI. PR 55304. [Ben Reser]
@@ -19,6 +22,9 @@ Changes with Apache 2.2.26
support for SSLv2. Problem was introduced in 2.2.25. PR 55194.
[Rainer Jung, Kaspar Brand]
+ *) mod_dav: Fix double encoding of URIs in XML and Location header (caused
+ by unintential ABI change in 2.2.25). PR 55397. [Ben Reser]
+
Changes with Apache 2.2.25
*) SECURITY: CVE-2013-1896 (cve.mitre.org)
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1540730&r1=1540729&r2=1540730&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Mon Nov 11 14:03:49 2013
@@ -105,14 +105,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
2.2.x patch: trunk patch to ssl_engine_config.c (above) applies with offset
+1: trawick, jorton, wrowe
- * mod_dav: Fix 55397. dav_resource->uri treated as unencoded. This was an
- unnecessary ABI changed introduced in 2.2.25
- trunk patches: https://svn.apache.org/r1529559
- https://svn.apache.org/r1531505
- 2.4.x: trunk works, CHANGES needs to be written when merging
- 2.2.x: https://people.apache.org/~breser/httpd/2.2.x/patches/pr55397.patch
- +1: breser, minfrin, wrowe
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
Propchange: httpd/httpd/branches/2.2.x/docs/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk/docs:r1529559,1531505
Propchange: httpd/httpd/branches/2.2.x/docs/conf/mime.types
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk/docs/conf/mime.types:r1529559,1531505
Propchange: httpd/httpd/branches/2.2.x/docs/manual/mod/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk/docs/manual/mod:r1529559,1531505
Propchange: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_basic.xml
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk/docs/manual/mod/mod_auth_basic.xml:r1529559,1531505
Propchange: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_autoindex.xml
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk/docs/manual/mod/mod_autoindex.xml:r1529559,1531505
Modified: httpd/httpd/branches/2.2.x/modules/dav/fs/repos.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/dav/fs/repos.c?rev=1540730&r1=1540729&r2=1540730&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/dav/fs/repos.c (original)
+++ httpd/httpd/branches/2.2.x/modules/dav/fs/repos.c Mon Nov 11 14:03:49 2013
@@ -683,14 +683,13 @@ static dav_error * dav_fs_get_resource(
resource->pool = r->pool;
/* make sure the URI does not have a trailing "/" */
- len = strlen(r->uri);
- if (len > 1 && r->uri[len - 1] == '/') {
- s = apr_pstrdup(r->pool, r->uri);
- s[len - 1] = '\0';
+ len = strlen(r->unparsed_uri);
+ if (len > 1 && r->unparsed_uri[len - 1] == '/') {
+ s = apr_pstrmemdup(r->pool, r->unparsed_uri, len-1);
resource->uri = s;
}
else {
- resource->uri = r->uri;
+ resource->uri = r->unparsed_uri;
}
if (r->finfo.filetype != 0) {
@@ -1407,6 +1406,18 @@ static dav_error * dav_fs_remove_resourc
return dav_fs_deleteset(info->pool, resource);
}
+/* Take an unescaped path component and escape it and append it onto a
+ * dav_buffer for a URI */
+static apr_size_t dav_fs_append_uri(apr_pool_t *p, dav_buffer *pbuf,
+ const char *path, apr_size_t pad)
+{
+ const char *epath = ap_escape_uri(p, path);
+ apr_size_t epath_len = strlen(epath);
+
+ dav_buffer_place_mem(p, pbuf, epath, epath_len + 1, pad);
+ return epath_len;
+}
+
/* ### move this to dav_util? */
/* Walk recursively down through directories, *
* including lock-null resources as we go. */
@@ -1461,6 +1472,7 @@ static dav_error * dav_fs_walker(dav_fs_
}
while ((apr_dir_read(&dirent, APR_FINFO_DIRENT, dirp)) == APR_SUCCESS) {
apr_size_t len;
+ apr_size_t escaped_len;
apr_status_t status;
len = strlen(dirent.name);
@@ -1500,7 +1512,7 @@ static dav_error * dav_fs_walker(dav_fs_
/* copy the file to the URI, too. NOTE: we will pad an extra byte
for the trailing slash later. */
- dav_buffer_place_mem(pool, &fsctx->uri_buf, dirent.name, len + 1, 1);
+ escaped_len = dav_fs_append_uri(pool, &fsctx->uri_buf, dirent.name, 1);
/* if there is a secondary path, then do that, too */
if (fsctx->path2.buf != NULL) {
@@ -1533,7 +1545,7 @@ static dav_error * dav_fs_walker(dav_fs_
fsctx->path2.cur_len += len;
/* adjust URI length to incorporate subdir and a slash */
- fsctx->uri_buf.cur_len += len + 1;
+ fsctx->uri_buf.cur_len += escaped_len + 1;
fsctx->uri_buf.buf[fsctx->uri_buf.cur_len - 1] = '/';
fsctx->uri_buf.buf[fsctx->uri_buf.cur_len] = '\0';
@@ -1599,8 +1611,8 @@ static dav_error * dav_fs_walker(dav_fs_
*/
dav_buffer_place_mem(pool, &fsctx->path1,
fsctx->locknull_buf.buf + offset, len + 1, 0);
- dav_buffer_place_mem(pool, &fsctx->uri_buf,
- fsctx->locknull_buf.buf + offset, len + 1, 0);
+ dav_fs_append_uri(pool, &fsctx->uri_buf,
+ fsctx->locknull_buf.buf + offset, 0);
if (fsctx->path2.buf != NULL) {
dav_buffer_place_mem(pool, &fsctx->path2,
fsctx->locknull_buf.buf + offset,
Modified: httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c?rev=1540730&r1=1540729&r2=1540730&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c (original)
+++ httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c Mon Nov 11 14:03:49 2013
@@ -400,11 +400,9 @@ static int dav_error_response_tag(reques
*/
static const char *dav_xml_escape_uri(apr_pool_t *p, const char *uri)
{
- const char *e_uri = ap_escape_uri(p, uri);
-
/* check the easy case... */
- if (ap_strchr_c(e_uri, '&') == NULL)
- return e_uri;
+ if (ap_strchr_c(uri, '&') == NULL)
+ return uri;
/* there was a '&', so more work is needed... sigh. */
@@ -412,7 +410,7 @@ static const char *dav_xml_escape_uri(ap
* Note: this is a teeny bit of overkill since we know there are no
* '<' or '>' characters, but who cares.
*/
- return apr_xml_quote_string(p, e_uri, 0);
+ return apr_xml_quote_string(p, uri, 0);
}
@@ -616,7 +614,8 @@ static int dav_handle_err(request_rec *r
return DONE;
}
-/* handy function for return values of methods that (may) create things */
+/* handy function for return values of methods that (may) create things.
+ * locn if provided is assumed to be escaped. */
static int dav_created(request_rec *r, const char *locn, const char *what,
int replaced)
{
@@ -624,8 +623,6 @@ static int dav_created(request_rec *r, c
if (locn == NULL) {
locn = r->unparsed_uri;
- } else {
- locn = ap_escape_uri(r->pool, locn);
}
/* did the target resource already exist? */
@@ -2972,7 +2969,7 @@ static int dav_method_copymove(request_r
}
/* return an appropriate response (HTTP_CREATED or HTTP_NO_CONTENT) */
- return dav_created(r, lookup.rnew->uri, "Destination",
+ return dav_created(r, lookup.rnew->unparsed_uri, "Destination",
resnew_state == DAV_RESOURCE_EXISTS);
}
@@ -4562,7 +4559,7 @@ static int dav_method_bind(request_rec *
/* return an appropriate response (HTTP_CREATED) */
/* ### spec doesn't say what happens when destination was replaced */
- return dav_created(r, lookup.rnew->uri, "Binding", 0);
+ return dav_created(r, lookup.rnew->unparsed_uri, "Binding", 0);
}
Modified: httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.h?rev=1540730&r1=1540729&r2=1540730&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.h (original)
+++ httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.h Mon Nov 11 14:03:49 2013
@@ -370,7 +370,7 @@ typedef struct dav_resource {
* REGULAR and WORKSPACE resources,
* and is always 1 for WORKING */
- const char *uri; /* the URI for this resource */
+ const char *uri; /* the escaped URI for this resource */
dav_resource_private *info; /* the provider's private info */
Propchange: httpd/httpd/branches/2.2.x/support/ab.c
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk/support/ab.c:r1529559,1531505
Propchange: httpd/httpd/branches/2.2.x/support/suexec.c
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk/support/suexec.c:r1529559,1531505