You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by wo...@apache.org on 2017/10/25 16:35:40 UTC

[couchdb] branch blacklist-config-sections created (now 209bd3f)

This is an automated email from the ASF dual-hosted git repository.

wohali pushed a change to branch blacklist-config-sections
in repository https://gitbox.apache.org/repos/asf/couchdb.git.


      at 209bd3f  Blacklist some config sections from HTTP PUT/DELETE operations

This branch includes the following new commits:

     new 209bd3f  Blacklist some config sections from HTTP PUT/DELETE operations

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


-- 
To stop receiving notification emails like this one, please contact
['"commits@couchdb.apache.org" <co...@couchdb.apache.org>'].

[couchdb] 01/01: Blacklist some config sections from HTTP PUT/DELETE operations

Posted by wo...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

wohali pushed a commit to branch blacklist-config-sections
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit 209bd3fc36d1446d350fe4cbcde2d0b6d7324206
Author: Joan Touzet <jo...@atypical.net>
AuthorDate: Wed Oct 25 12:35:02 2017 -0400

    Blacklist some config sections from HTTP PUT/DELETE operations
---
 src/chttpd/src/chttpd_misc.erl              |  2 ++
 src/couch/src/couch_httpd_misc_handlers.erl |  1 +
 src/couch/src/couch_util.erl                | 22 ++++++++++++++++++++++
 test/javascript/tests/config.js             |  8 ++++++++
 4 files changed, 33 insertions(+)

diff --git a/src/chttpd/src/chttpd_misc.erl b/src/chttpd/src/chttpd_misc.erl
index cfeeb3f..fefb852 100644
--- a/src/chttpd/src/chttpd_misc.erl
+++ b/src/chttpd/src/chttpd_misc.erl
@@ -256,6 +256,7 @@ handle_node_req(#httpd{path_parts=[_, _Node, <<"_config">>, _Section]}=Req) ->
 % PUT /_node/$node/_config/Section/Key
 % "value"
 handle_node_req(#httpd{method='PUT', path_parts=[_, Node, <<"_config">>, Section, Key]}=Req) ->
+    couch_util:check_config_blacklist(Section),
     Value = chttpd:json_body(Req),
     Persist = chttpd:header_value(Req, "X-Couch-Persist") /= "false",
     OldValue = call_node(Node, config, get, [Section, Key, ""]),
@@ -271,6 +272,7 @@ handle_node_req(#httpd{method='GET', path_parts=[_, Node, <<"_config">>, Section
     end;
 % DELETE /_node/$node/_config/Section/Key
 handle_node_req(#httpd{method='DELETE',path_parts=[_, Node, <<"_config">>, Section, Key]}=Req) ->
+    couch_util:check_config_blacklist(Section),
     Persist = chttpd:header_value(Req, "X-Couch-Persist") /= "false",
     case call_node(Node, config, get, [Section, Key, undefined]) of
     undefined ->
diff --git a/src/couch/src/couch_httpd_misc_handlers.erl b/src/couch/src/couch_httpd_misc_handlers.erl
index eb75a94..1def948 100644
--- a/src/couch/src/couch_httpd_misc_handlers.erl
+++ b/src/couch/src/couch_httpd_misc_handlers.erl
@@ -199,6 +199,7 @@ handle_config_req(#httpd{method='POST', path_parts=[_, <<"_reload">>]}=Req) ->
 handle_config_req(#httpd{method=Method, path_parts=[_, Section, Key]}=Req)
       when (Method == 'PUT') or (Method == 'DELETE') ->
     ok = couch_httpd:verify_is_server_admin(Req),
+    couch_util:check_config_blacklist(Section),
     Persist = couch_httpd:header_value(Req, "X-Couch-Persist") /= "false",
     case config:get("httpd", "config_whitelist", undefined) of
         undefined ->
diff --git a/src/couch/src/couch_util.erl b/src/couch/src/couch_util.erl
index 54a92fc..4d3d73d 100644
--- a/src/couch/src/couch_util.erl
+++ b/src/couch/src/couch_util.erl
@@ -35,12 +35,25 @@
 -export([with_proc/4]).
 -export([process_dict_get/2, process_dict_get/3]).
 -export([unique_monotonic_integer/0]).
+-export([check_config_blacklist/1]).
 
 -include_lib("couch/include/couch_db.hrl").
 
 % arbitrarily chosen amount of memory to use before flushing to disk
 -define(FLUSH_MAX_MEM, 10000000).
 
+-define(BLACKLIST_CONFIG_SECTIONS, [
+    <<"daemons">>,
+    <<"external">>,
+    <<"httpd_design_handlers">>,
+    <<"httpd_db_handlers">>,
+    <<"httpd_global_handlers">>,
+    <<"native_query_servers">>,
+    <<"os_daemons">>,
+    <<"query_servers">>
+]).
+
+
 priv_dir() ->
     case code:priv_dir(couch) of
         {error, bad_name} ->
@@ -640,3 +653,12 @@ unique_monotonic_integer() ->
     erlang:unique_integer([monotonic, positive]).
 
 -endif.
+
+check_config_blacklist(Section) ->
+    case lists:member(Section, ?BLACKLIST_CONFIG_SECTIONS) of
+    true ->
+        Msg = <<"Config section blacklisted for modification over HTTP API.">>,
+        throw({forbidden, Msg});
+    _ ->
+        ok
+    end.
diff --git a/test/javascript/tests/config.js b/test/javascript/tests/config.js
index ee51ef5..8c7ce99 100644
--- a/test/javascript/tests/config.js
+++ b/test/javascript/tests/config.js
@@ -212,4 +212,12 @@ couchTests.config = function(debug) {
     headers: {"X-Couch-Persist": "false"}
   });
   TEquals(200, xhr.status, "Reset config whitelist to undefined");
+
+  // Confirm that the blacklist is functional
+  ["daemons", "external", "httpd_design_handlers", "httpd_db_handlers", "native_query_servers", "os_daemons", "query_servers"].forEach(function(section) {
+    xhr = CouchDB.request("PUT", "/_node/node1@127.0.0.1/_config/" + section + "/wohali",{
+      body: "\"rules\""
+    });
+    TEquals(403, xhr.status, "Blacklisted config section " + section);
+  });
 };

-- 
To stop receiving notification emails like this one, please contact
"commits@couchdb.apache.org" <co...@couchdb.apache.org>.