You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2017/06/07 00:52:10 UTC
svn commit: r1797844 - in /httpd/httpd/trunk: CHANGES server/core.c
Author: covener
Date: Wed Jun 7 00:52:10 2017
New Revision: 1797844
URL: http://svn.apache.org/viewvc?rev=1797844&view=rev
Log:
allow quoted paths in <IfFile>
The boilerplate code for config sections conflicts with TAKE1
because of the trailing stuff to terminate the opening tag.
Change from TAKE1 to RAW_ARGS and call ap_getword_conf()
directly.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/server/core.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1797844&r1=1797843&r2=1797844&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Jun 7 00:52:10 2017
@@ -1,6 +1,10 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) Allow the argument to <IfFile>, <IfDefine>, <IfSection>, <IfDirective>,
+ and <IfModule> to be quoted. This is primarily for the benefit of
+ <IfFile>. [Eric Covener]
+
*) Introduce request taint checking framework to prevent privilege
hijacking through .htaccess. [Nick Kew]
Modified: httpd/httpd/trunk/server/core.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?rev=1797844&r1=1797843&r2=1797844&view=diff
==============================================================================
--- httpd/httpd/trunk/server/core.c (original)
+++ httpd/httpd/trunk/server/core.c Wed Jun 7 00:52:10 2017
@@ -2779,6 +2779,7 @@ static const char *start_cond_section(cm
const char *endp = ap_strrchr_c(arg, '>');
int result, not = (arg[0] == '!');
test_cond_section_fn testfn = (test_cond_section_fn)cmd->info;
+ const char *arg1;
if (endp == NULL) {
return unclosed_directive(cmd);
@@ -2790,11 +2791,13 @@ static const char *start_cond_section(cm
arg++;
}
- if (!arg[0]) {
+ arg1 = ap_getword_conf(cmd->temp_pool, &arg);
+
+ if (!arg1[0]) {
return missing_container_arg(cmd);
}
- result = testfn(cmd, arg);
+ result = testfn(cmd, arg1);
if ((!not && result) || (not && !result)) {
ap_directive_t *parent = NULL;
@@ -4457,19 +4460,19 @@ AP_INIT_RAW_ARGS("<LimitExcept", ap_limi
OR_LIMIT | OR_AUTHCFG,
"Container for authentication directives to be applied when any HTTP "
"method other than those specified is used to access the resource"),
-AP_INIT_TAKE1("<IfModule", start_cond_section, (void *)test_ifmod_section,
+AP_INIT_RAW_ARGS("<IfModule", start_cond_section, (void *)test_ifmod_section,
EXEC_ON_READ | OR_ALL,
"Container for directives based on existence of specified modules"),
-AP_INIT_TAKE1("<IfDefine", start_cond_section, (void *)test_ifdefine_section,
+AP_INIT_RAW_ARGS("<IfDefine", start_cond_section, (void *)test_ifdefine_section,
EXEC_ON_READ | OR_ALL,
"Container for directives based on existence of command line defines"),
-AP_INIT_TAKE1("<IfFile", start_cond_section, (void *)test_iffile_section,
+AP_INIT_RAW_ARGS("<IfFile", start_cond_section, (void *)test_iffile_section,
EXEC_ON_READ | OR_ALL,
"Container for directives based on existence of files on disk"),
-AP_INIT_TAKE1("<IfDirective", start_cond_section, (void *)test_ifdirective_section,
+AP_INIT_RAW_ARGS("<IfDirective", start_cond_section, (void *)test_ifdirective_section,
EXEC_ON_READ | OR_ALL,
"Container for directives based on existence of named directive"),
-AP_INIT_TAKE1("<IfSection", start_cond_section, (void *)test_ifsection_section,
+AP_INIT_RAW_ARGS("<IfSection", start_cond_section, (void *)test_ifsection_section,
EXEC_ON_READ | OR_ALL,
"Container for directives based on existence of named section"),
AP_INIT_RAW_ARGS("<DirectoryMatch", dirsection, (void*)1, RSRC_CONF,