You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2010/03/30 00:09:36 UTC
svn commit: r928916 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml server/config.c server/core.c
Author: minfrin
Date: Mon Mar 29 22:09:35 2010
New Revision: 928916
URL: http://svn.apache.org/viewvc?rev=928916&view=rev
Log:
core: Introduce the IncludeStrict directive, which explicitly fails
server startup if no files or directories match a wildcard path.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/docs/manual/mod/core.xml
httpd/httpd/trunk/server/config.c
httpd/httpd/trunk/server/core.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=928916&r1=928915&r2=928916&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Mon Mar 29 22:09:35 2010
@@ -28,6 +28,10 @@ Changes with Apache 2.3.7
processing is completed, avoiding orphaned callback pointers.
[Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
+ *) core: Introduce the IncludeStrict directive, which explicitly fails
+ server startup if no files or directories match a wildcard path.
+ [Graham Leggett]
+
*) htcacheclean: Report additional statistics about entries deleted.
PR 48944. [Mark Drayton mark markdrayton.info]
Modified: httpd/httpd/trunk/docs/manual/mod/core.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/core.xml?rev=928916&r1=928915&r2=928916&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/core.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/core.xml Mon Mar 29 22:09:35 2010
@@ -1539,7 +1539,8 @@ later.</compatibility>
<name>Include</name>
<description>Includes other configuration files from within
the server configuration files</description>
-<syntax>Include <var>file-path</var>|<var>directory-path</var></syntax>
+<syntax>Include <var>file-path</var>|<var>directory-path</var>|
+<var>wildcard</var></syntax>
<contextlist><context>server config</context><context>virtual host</context>
<context>directory</context>
</contextlist>
@@ -1571,6 +1572,11 @@ wildcard matching available in 2.3.6 and
for placeholder files to exist so that at least one file or directory is
found by the wildcard.</p>
+ <p>Under certain circumstances, it may be required for the server to fail
+ explicitly when no files or directories match a specific wildcard. In these
+ cases, use the <directive module="code">IncludeStrict</directive>
+ directive instead.</p>
+
<p>The file path specified may be an absolute path, or may be relative
to the <directive module="core">ServerRoot</directive> directory.</p>
@@ -1603,6 +1609,47 @@ wildcard matching available in 2.3.6 and
</directivesynopsis>
<directivesynopsis>
+<name>IncludeStrict</name>
+<description>Includes other configuration files from within the server
+configuration files, throwing an error if no files or directories match
+a wildcard
+</description>
+<syntax>IncludeStrict <var>file-path</var>|<var>directory-path</var>|
+<var>wildcard</var></syntax>
+<contextlist><context>server config</context><context>virtual host</context>
+<context>directory</context>
+</contextlist>
+<compatibility>Available in 2.3.6 and later</compatibility>
+
+<usage>
+ <p>This directive allows inclusion of other configuration files
+ from within the server configuration files.</p>
+
+ <p>It is functionally equivalent to the
+ <directive module="core">Include</directive> directive, with the additional
+ restriction that any wildcards are required to match at least one file or
+ directory.</p>
+
+ <p>The file path specified may be an absolute path, or may be relative
+ to the <directive module="core">ServerRoot</directive> directory.</p>
+
+ <p>Example:</p>
+
+ <p>The server will fail to load if the wildcard path
+ <var>/usr/local/apache2/conf/vhosts/*.conf</var> does not match at least
+ one file or directory.</p>
+
+ <example>
+ IncludeStrict /usr/local/apache2/conf/ssl.conf<br />
+ IncludeStrict /usr/local/apache2/conf/vhosts/*.conf
+ </example>
+
+</usage>
+
+<seealso><program>apachectl</program></seealso>
+</directivesynopsis>
+
+<directivesynopsis>
<name>KeepAlive</name>
<description>Enables HTTP persistent connections</description>
<syntax>KeepAlive On|Off</syntax>
Modified: httpd/httpd/trunk/server/config.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/config.c?rev=928916&r1=928915&r2=928916&view=diff
==============================================================================
--- httpd/httpd/trunk/server/config.c (original)
+++ httpd/httpd/trunk/server/config.c Mon Mar 29 22:09:35 2010
@@ -1558,7 +1558,8 @@ static const char *process_resource_conf
ap_directive_t **conftree,
apr_pool_t *p,
apr_pool_t *ptemp,
- unsigned depth)
+ unsigned depth,
+ int strict)
{
cmd_parms parms;
ap_configfile_t *cfp;
@@ -1615,7 +1616,7 @@ static const char *process_resource_conf
fnew = &((fnames *) candidates->elts)[current];
error = process_resource_config_nofnmatch(s, fnew->fname,
conftree, p, ptemp,
- depth);
+ depth, strict);
if (error) {
return error;
}
@@ -1659,7 +1660,8 @@ static const char *process_resource_conf
ap_directive_t **conftree,
apr_pool_t *p,
apr_pool_t *ptemp,
- unsigned depth)
+ unsigned depth,
+ int strict)
{
const char *rest;
apr_status_t rv;
@@ -1682,12 +1684,12 @@ static const char *process_resource_conf
if (!rest) {
return process_resource_config_nofnmatch(s, path,
conftree, p,
- ptemp, 0);
+ ptemp, 0, strict);
}
else {
return process_resource_config_fnmatch(s, path, rest,
conftree, p,
- ptemp, 0);
+ ptemp, 0, strict);
}
}
@@ -1738,27 +1740,32 @@ static const char *process_resource_conf
if (!rest) {
error = process_resource_config_nofnmatch(s, fnew->fname,
conftree, p,
- ptemp, 0);
+ ptemp, 0, strict);
}
else {
error = process_resource_config_fnmatch(s, fnew->fname, rest,
conftree, p,
- ptemp, 0);
+ ptemp, 0, strict);
}
if (error) {
return error;
}
}
}
+ else if (strict) {
+ return apr_psprintf(p, "No matches for the wildcard '%s' in %s",
+ fname, path);
+ }
return NULL;
}
-AP_DECLARE(const char *) ap_process_resource_config(server_rec *s,
- const char *fname,
- ap_directive_t **conftree,
- apr_pool_t *p,
- apr_pool_t *ptemp)
+AP_DECLARE(const char *) ap_process_resource_config_ex(server_rec *s,
+ const char *fname,
+ ap_directive_t **conftree,
+ apr_pool_t *p,
+ apr_pool_t *ptemp,
+ int strict)
{
/* XXX: lstat() won't work on the wildcard pattern...
*/
@@ -1775,7 +1782,7 @@ AP_DECLARE(const char *) ap_process_reso
if (!apr_fnmatch_test(fname)) {
return process_resource_config_nofnmatch(s, fname, conftree, p, ptemp,
- 0);
+ 0, strict);
}
else {
apr_status_t status;
@@ -1794,13 +1801,22 @@ AP_DECLARE(const char *) ap_process_reso
/* walk the filepath */
return process_resource_config_fnmatch(s, rootpath, filepath, conftree, p, ptemp,
- 0);
+ 0, strict);
}
return NULL;
}
+AP_DECLARE(const char *) ap_process_resource_config(server_rec *s,
+ const char *fname,
+ ap_directive_t **conftree,
+ apr_pool_t *p,
+ apr_pool_t *ptemp)
+{
+ return ap_process_resource_config_ex(s, fname, conftree, p, ptemp, 0);
+}
+
AP_DECLARE(int) ap_process_config_tree(server_rec *s,
ap_directive_t *conftree,
apr_pool_t *p,
Modified: httpd/httpd/trunk/server/core.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?rev=928916&r1=928915&r2=928916&view=diff
==============================================================================
--- httpd/httpd/trunk/server/core.c (original)
+++ httpd/httpd/trunk/server/core.c Mon Mar 29 22:09:35 2010
@@ -2566,9 +2566,8 @@ static const char *set_use_canonical_phy
return NULL;
}
-
static const char *include_config (cmd_parms *cmd, void *dummy,
- const char *name)
+ const char *name, int strict)
{
ap_directive_t *conftree = NULL;
const char* conffile, *error;
@@ -2599,8 +2598,8 @@ static const char *include_config (cmd_p
name, NULL);
}
- error = ap_process_resource_config(cmd->server, conffile,
- &conftree, cmd->pool, cmd->temp_pool);
+ error = ap_process_resource_config_ex(cmd->server, conffile,
+ &conftree, cmd->pool, cmd->temp_pool, strict);
if (error) {
*recursion = 0;
return error;
@@ -2616,6 +2615,18 @@ static const char *include_config (cmd_p
return NULL;
}
+static const char *include_regular_config(cmd_parms *cmd, void *dummy,
+ const char *name)
+{
+ return include_config(cmd, dummy, name, 0);
+}
+
+static const char *include_strict_config(cmd_parms *cmd, void *dummy,
+ const char *name)
+{
+ return include_config(cmd, dummy, name, 1);
+}
+
static const char *set_loglevel(cmd_parms *cmd, void *dummy, const char *arg)
{
char *str;
@@ -3302,9 +3313,12 @@ AP_INIT_TAKE1("UseCanonicalPhysicalPort"
"Whether to use the physical Port when constructing URLs"),
/* TODO: RlimitFoo should all be part of mod_cgi, not in the core */
/* TODO: ListenBacklog in MPM */
-AP_INIT_TAKE1("Include", include_config, NULL,
+AP_INIT_TAKE1("Include", include_regular_config, NULL,
+ (RSRC_CONF | ACCESS_CONF | EXEC_ON_READ),
+ "Name of the config file to be included, ignore wildcards with no match"),
+AP_INIT_TAKE1("IncludeStrict", include_strict_config, NULL,
(RSRC_CONF | ACCESS_CONF | EXEC_ON_READ),
- "Name of the config file to be included"),
+ "Name of the config file to be included, fail if wildcards don't match"),
AP_INIT_TAKE1("LogLevel", set_loglevel, NULL, RSRC_CONF,
"Level of verbosity in error logging"),
AP_INIT_TAKE1("NameVirtualHost", ap_set_name_virtual_host, NULL, RSRC_CONF,
Re: svn commit: r928916 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
server/config.c server/core.c
Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.
On 3/29/2010 5:09 PM, minfrin@apache.org wrote:
> Author: minfrin
> Date: Mon Mar 29 22:09:35 2010
> New Revision: 928916
>
> URL: http://svn.apache.org/viewvc?rev=928916&view=rev
> Log:
> core: Introduce the IncludeStrict directive, which explicitly fails
> server startup if no files or directories match a wildcard path.
Veto; the default behavior should revert to behavior expected by the typical
user, not the expert packagers, of which there are less than 20. I'm happy
to revert this tomorrow, if you don't care to offer the IncludeNomatches or
similar new directive, as proposed in the dev@ discussion already.
Re: svn commit: r928916 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml server/config.c server/core.c
Posted by Graham Leggett <mi...@sharp.fm>.
On 31 Mar 2010, at 8:09 PM, Ruediger Pluem wrote:
> A prototype for this function is missing. This causes a warning.
Thanks for the heads up, a missing part of the patch was missed, and
is fixed in r929663.
Regards,
Graham
--
Re: svn commit: r928916 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
server/config.c server/core.c
Posted by Ruediger Pluem <rp...@apache.org>.
On 30.03.2010 00:09, minfrin@apache.org wrote:
> Author: minfrin
> Date: Mon Mar 29 22:09:35 2010
> New Revision: 928916
>
> URL: http://svn.apache.org/viewvc?rev=928916&view=rev
> Log:
> core: Introduce the IncludeStrict directive, which explicitly fails
> server startup if no files or directories match a wildcard path.
>
> Modified:
> httpd/httpd/trunk/CHANGES
> httpd/httpd/trunk/docs/manual/mod/core.xml
> httpd/httpd/trunk/server/config.c
> httpd/httpd/trunk/server/core.c
>
> Modified: httpd/httpd/trunk/CHANGES
> Modified: httpd/httpd/trunk/server/config.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/config.c?rev=928916&r1=928915&r2=928916&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/server/config.c (original)
> +++ httpd/httpd/trunk/server/config.c Mon Mar 29 22:09:35 2010
> @@ -1738,27 +1740,32 @@ static const char *process_resource_conf
> if (!rest) {
> error = process_resource_config_nofnmatch(s, fnew->fname,
> conftree, p,
> - ptemp, 0);
> + ptemp, 0, strict);
> }
> else {
> error = process_resource_config_fnmatch(s, fnew->fname, rest,
> conftree, p,
> - ptemp, 0);
> + ptemp, 0, strict);
> }
> if (error) {
> return error;
> }
> }
> }
> + else if (strict) {
> + return apr_psprintf(p, "No matches for the wildcard '%s' in %s",
> + fname, path);
> + }
>
> return NULL;
> }
>
> -AP_DECLARE(const char *) ap_process_resource_config(server_rec *s,
> - const char *fname,
> - ap_directive_t **conftree,
> - apr_pool_t *p,
> - apr_pool_t *ptemp)
> +AP_DECLARE(const char *) ap_process_resource_config_ex(server_rec *s,
> + const char *fname,
> + ap_directive_t **conftree,
> + apr_pool_t *p,
> + apr_pool_t *ptemp,
> + int strict)
A prototype for this function is missing. This causes a warning.
Regards
RĂ¼diger