You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by pq...@apache.org on 2004/07/14 08:36:42 UTC
cvs commit: httpd-2.0/server config.c core.c request.c
pquerna 2004/07/13 23:36:42
Modified: . CHANGES
docs/manual/mod core.xml
include http_config.h http_core.h httpd.h
server config.c core.c request.c
Log:
Added 'AllowOverride Options=Indexes,MultiViews' to give an admin better
control over what options can be used in .htaccess files.
PR: 29310
Submitted by: Tom Alsberg <alsbergt-apache cs.huji.ac.il>
Revision Changes Path
1.1537 +4 -0 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.1536
retrieving revision 1.1537
diff -u -r1.1536 -r1.1537
--- CHANGES 12 Jul 2004 17:04:40 -0000 1.1536
+++ CHANGES 14 Jul 2004 06:36:41 -0000 1.1537
@@ -2,6 +2,10 @@
[Remove entries to the current 2.0 section below, when backported]
+ *) core: Add Options= syntax to AllowOverride to specify which options
+ may be overridden in .htaccess files. PR 29310.
+ [Tom Alsberg <alsbergt cs.huji.ac.il>, Paul Querna]
+
*) ab: Handle long URLs with an error instead of an buffer overflow.
PR 28204. [Erik Weide <erik.weidel mplus-technologies.de>, Paul Querna]
1.89 +6 -3 httpd-2.0/docs/manual/mod/core.xml
Index: core.xml
===================================================================
RCS file: /home/cvs/httpd-2.0/docs/manual/mod/core.xml,v
retrieving revision 1.88
retrieving revision 1.89
diff -u -r1.88 -r1.89
--- core.xml 6 Jun 2004 14:28:13 -0000 1.88
+++ core.xml 14 Jul 2004 06:36:41 -0000 1.89
@@ -355,12 +355,15 @@
module="mod_authz_host">Deny</directive> and <directive
module="mod_authz_host">Order</directive>).</dd>
- <dt>Options</dt>
+ <dt>Options[=<var>Option</var>,...]</dt>
<dd>
Allow use of the directives controlling specific directory
features (<directive module="core">Options</directive> and
- <directive module="mod_include">XBitHack</directive>).</dd>
+ <directive module="mod_include">XBitHack</directive>).
+ An equal sign may be given followed by a comma (but no spaces)
+ separated lists of options that may be set using the Options
+ command.</dd>
</dl>
<p>Example:</p>
1.111 +4 -0 httpd-2.0/include/http_config.h
Index: http_config.h
===================================================================
RCS file: /home/cvs/httpd-2.0/include/http_config.h,v
retrieving revision 1.110
retrieving revision 1.111
diff -u -r1.110 -r1.111
--- http_config.h 4 Jun 2004 22:40:46 -0000 1.110
+++ http_config.h 14 Jul 2004 06:36:41 -0000 1.111
@@ -291,6 +291,9 @@
struct ap_conf_vector_t *context;
/** directive with syntax error */
const ap_directive_t *err_directive;
+
+ /** Which allow-override-opts bits are set */
+ int override_opts;
};
/**
@@ -854,6 +857,7 @@
*/
AP_CORE_DECLARE(int) ap_parse_htaccess(ap_conf_vector_t **result,
request_rec *r, int override,
+ int override_opts,
const char *path,
const char *access_name);
1.83 +1 -0 httpd-2.0/include/http_core.h
Index: http_core.h
===================================================================
RCS file: /home/cvs/httpd-2.0/include/http_core.h,v
retrieving revision 1.82
retrieving revision 1.83
diff -u -r1.82 -r1.83
--- http_core.h 24 Mar 2004 02:53:35 -0000 1.82
+++ http_core.h 14 Jul 2004 06:36:41 -0000 1.83
@@ -412,6 +412,7 @@
allow_options_t opts_add;
allow_options_t opts_remove;
overrides_t override;
+ allow_options_t override_opts;
/* MIME typing --- the core doesn't do anything at all with this,
* but it does know what to slap on a request for a document which
1.211 +2 -0 httpd-2.0/include/httpd.h
Index: httpd.h
===================================================================
RCS file: /home/cvs/httpd-2.0/include/httpd.h,v
retrieving revision 1.210
retrieving revision 1.211
diff -u -r1.210 -r1.211
--- httpd.h 26 Feb 2004 13:32:34 -0000 1.210
+++ httpd.h 14 Jul 2004 06:36:41 -0000 1.211
@@ -651,6 +651,8 @@
const char *dir;
/** the overrides allowed for the .htaccess file */
int override;
+ /** the override options allowed for the .htaccess file */
+ int override_opts;
/** the configuration directives */
struct ap_conf_vector_t *htaccess;
/** the next one, or NULL if no more; N.B. never change this */
1.178 +6 -0 httpd-2.0/server/config.c
Index: config.c
===================================================================
RCS file: /home/cvs/httpd-2.0/server/config.c,v
retrieving revision 1.177
retrieving revision 1.178
diff -u -r1.177 -r1.178
--- config.c 25 Apr 2004 17:23:31 -0000 1.177
+++ config.c 14 Jul 2004 06:36:42 -0000 1.178
@@ -1384,6 +1384,7 @@
parms.temp_pool = ptemp;
parms.server = s;
parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
+ parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
parms.config_file = ap_pcfg_open_custom(p, "-c/-C directives",
&arr_parms, NULL,
@@ -1490,6 +1491,7 @@
parms.temp_pool = ptemp;
parms.server = s;
parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
+ parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
if (ap_pcfg_openfile(&cfp, p, fname) != APR_SUCCESS) {
return apr_pstrcat(p, "Could not open document config file ",
@@ -1625,6 +1627,7 @@
parms.temp_pool = ptemp;
parms.server = s;
parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
+ parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
parms.limited = -1;
errmsg = ap_walk_config(conftree, &parms, s->lookup_defaults);
@@ -1643,6 +1646,7 @@
AP_CORE_DECLARE(int) ap_parse_htaccess(ap_conf_vector_t **result,
request_rec *r, int override,
+ int override_opts,
const char *d, const char *access_name)
{
ap_configfile_t *f = NULL;
@@ -1663,6 +1667,7 @@
parms = default_parms;
parms.override = override;
+ parms.override_opts = override_opts;
parms.pool = r->pool;
parms.temp_pool = r->pool;
parms.server = r->server;
@@ -1719,6 +1724,7 @@
new = apr_palloc(r->pool, sizeof(struct htaccess_result));
new->dir = parms.path;
new->override = override;
+ new->override_opts = override_opts;
new->htaccess = dc;
/* add to head of list */
1.281 +86 -4 httpd-2.0/server/core.c
Index: core.c
===================================================================
RCS file: /home/cvs/httpd-2.0/server/core.c,v
retrieving revision 1.280
retrieving revision 1.281
diff -u -r1.280 -r1.281
--- core.c 4 Jun 2004 22:40:47 -0000 1.280
+++ core.c 14 Jul 2004 06:36:42 -0000 1.281
@@ -108,6 +108,8 @@
conf->opts = dir ? OPT_UNSET : OPT_UNSET|OPT_ALL;
conf->opts_add = conf->opts_remove = OPT_NONE;
conf->override = dir ? OR_UNSET : OR_UNSET|OR_ALL;
+ conf->override_opts = OPT_UNSET | OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER
+ | OPT_MULTI;
conf->content_md5 = 2;
conf->accept_path_info = 3;
@@ -257,6 +259,10 @@
conf->override = new->override;
}
+ if (!(new->override_opts & OPT_UNSET)) {
+ conf->override_opts = new->override_opts;
+ }
+
if (new->ap_default_type) {
conf->ap_default_type = new->ap_default_type;
}
@@ -1220,10 +1226,72 @@
return NULL;
}
+static const char *set_allow_opts(cmd_parms *cmd, allow_options_t *opts,
+ const char *l)
+{
+ allow_options_t opt;
+ int first = 1;
+
+ char *p = (char *) l;
+
+ while (p && *p) {
+ char *w = strsep(&p, ",");
+
+ if (first) {
+ *opts = OPT_NONE;
+ first = 0;
+ }
+
+ if (!w)
+ continue;
+
+ if (!strcasecmp(w, "Indexes")) {
+ opt = OPT_INDEXES;
+ }
+ else if (!strcasecmp(w, "Includes")) {
+ opt = OPT_INCLUDES;
+ }
+ else if (!strcasecmp(w, "IncludesNOEXEC")) {
+ opt = (OPT_INCLUDES | OPT_INCNOEXEC);
+ }
+ else if (!strcasecmp(w, "FollowSymLinks")) {
+ opt = OPT_SYM_LINKS;
+ }
+ else if (!strcasecmp(w, "SymLinksIfOwnerMatch")) {
+ opt = OPT_SYM_OWNER;
+ }
+ else if (!strcasecmp(w, "ExecCGI")) {
+ opt = OPT_EXECCGI;
+ }
+ else if (!strcasecmp(w, "MultiViews")) {
+ opt = OPT_MULTI;
+ }
+ else if (!strcasecmp(w, "RunScripts")) { /* AI backcompat. Yuck */
+ opt = OPT_MULTI|OPT_EXECCGI;
+ }
+ else if (!strcasecmp(w, "None")) {
+ opt = OPT_NONE;
+ }
+ else if (!strcasecmp(w, "All")) {
+ opt = OPT_ALL;
+ }
+ else {
+ return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
+ }
+
+ *opts |= opt;
+ }
+
+ (*opts) &= (~OPT_UNSET);
+
+ return NULL;
+}
+
static const char *set_override(cmd_parms *cmd, void *d_, const char *l)
{
core_dir_config *d = d_;
char *w;
+ char *k, *v;
const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
if (err != NULL) {
@@ -1240,11 +1308,22 @@
d->override = OR_NONE;
while (l[0]) {
w = ap_getword_conf(cmd->pool, &l);
+
+ k = w;
+ v = strchr(k, '=');
+ if (v) {
+ *v++ = '\0';
+ }
+
if (!strcasecmp(w, "Limit")) {
d->override |= OR_LIMIT;
}
- else if (!strcasecmp(w, "Options")) {
+ else if (!strcasecmp(k, "Options")) {
d->override |= OR_OPTIONS;
+ if (v)
+ set_allow_opts(cmd, &(d->override_opts), v);
+ else
+ d->override_opts = OPT_ALL;
}
else if (!strcasecmp(w, "FileInfo")) {
d->override |= OR_FILEINFO;
@@ -1305,7 +1384,7 @@
else if (!strcasecmp(w, "SymLinksIfOwnerMatch")) {
opt = OPT_SYM_OWNER;
}
- else if (!strcasecmp(w, "execCGI")) {
+ else if (!strcasecmp(w, "ExecCGI")) {
opt = OPT_EXECCGI;
}
else if (!strcasecmp(w, "MultiViews")) {
@@ -1324,8 +1403,11 @@
return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
}
- /* we ensure the invariant (d->opts_add & d->opts_remove) == 0 */
- if (action == '-') {
+ if (!(cmd->override_opts & opt) && opt != OPT_NONE) {
+ return apr_pstrcat(cmd->pool, "Option ", w, " not allowed here", NULL);
+ }
+ else if (action == '-') {
+ /* we ensure the invariant (d->opts_add & d->opts_remove) == 0 */
d->opts_remove |= opt;
d->opts_add &= ~opt;
d->opts &= ~opt;
1.136 +5 -0 httpd-2.0/server/request.c
Index: request.c
===================================================================
RCS file: /home/cvs/httpd-2.0/server/request.c,v
retrieving revision 1.135
retrieving revision 1.136
diff -u -r1.135 -r1.136
--- request.c 9 Feb 2004 20:40:49 -0000 1.135
+++ request.c 14 Jul 2004 06:36:42 -0000 1.136
@@ -418,6 +418,7 @@
allow_options_t add;
allow_options_t remove;
overrides_t override;
+ overrides_t override_opts;
} core_opts_t;
static void core_opts_merge(const ap_conf_vector_t *sec, core_opts_t *opts)
@@ -444,6 +445,9 @@
if (!(this_dir->override & OR_UNSET)) {
opts->override = this_dir->override;
}
+ if (!(this_dir->override_opts & OR_UNSET)) {
+ opts->override_opts = this_dir->override_opts;
+ }
}
@@ -821,6 +825,7 @@
}
res = ap_parse_htaccess(&htaccess_conf, r, opts.override,
+ opts.override_opts,
apr_pstrdup(r->pool, r->filename),
sconf->access_name);
if (res) {
Re: Apache 2 and EBCDIC doc
Posted by Joshua Slive <jo...@slive.ca>.
On Wed, 14 Jul 2004, Henri Gomez wrote:
> Hi,
>
> In Platform Specific Notes for EBCDIC,
> http://httpd.apache.org/docs-2.0/platform/ebcdic.html,
> it could be worth to mentions another EBCDIC platform who
> support and use Apache 2.0, iSeries (AS/400).
>
> Also in the Third Party Modules' Status, you could add mod_jk
> 1.2.x which works on both BS2000 and iSeries.
As far as I know, that document is total garbage. It hasn't had any
updates since 1.3 and doesn't reflect the current state of EBCDIC.
Joshua.
Apache 2 and EBCDIC doc
Posted by Henri Gomez <hg...@apache.org>.
Hi,
In Platform Specific Notes for EBCDIC,
http://httpd.apache.org/docs-2.0/platform/ebcdic.html,
it could be worth to mentions another EBCDIC platform who
support and use Apache 2.0, iSeries (AS/400).
Also in the Third Party Modules' Status, you could add mod_jk
1.2.x which works on both BS2000 and iSeries.
Regards :)
Re: cvs commit: httpd-2.0/server config.c core.c request.c
Posted by Paul Querna <ch...@force-elite.com>.
On Wed, 2004-07-14 at 09:01 +0200, André Malo wrote:
> * pquerna@apache.org wrote:
>
> > Modified: . CHANGES
> > docs/manual/mod core.xml
> > include http_config.h http_core.h httpd.h
> > server config.c core.c request.c
> > Log:
> > Added 'AllowOverride Options=Indexes,MultiViews' to give an admin better
> > control over what options can be used in .htaccess files.
>
> Please do not use tabs (just four spaces for indentation).
>
Fixed.
Re: cvs commit: httpd-2.0/server config.c core.c request.c
Posted by André Malo <nd...@perlig.de>.
* pquerna@apache.org wrote:
> Modified: . CHANGES
> docs/manual/mod core.xml
> include http_config.h http_core.h httpd.h
> server config.c core.c request.c
> Log:
> Added 'AllowOverride Options=Indexes,MultiViews' to give an admin better
> control over what options can be used in .htaccess files.
Please do not use tabs (just four spaces for indentation).
nd