You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "Robert S. Thau" <rs...@ai.mit.edu> on 1995/08/21 15:21:16 UTC
Another patch on hyperreal...
I put this one up yesterday evening, but forgot to announce it. It's
a bugfix, up on hyperreal is patch10.log-noaccess; the bug it corrects
is that access denial due to symlink checks or an invalid client
address wasn't getting noted in the error log. The patch itself
follows:
*** ../http_request.c Sun Aug 20 20:24:40 1995
--- http_request.c Sun Aug 20 20:57:13 1995
***************
*** 231,237 ****
--- 230,239 ----
*/
if ((res = check_symlinks (this_dir, allowed_here)))
+ {
+ log_reason("Symbolic link not allowed", this_dir, r);
return res;
+ }
/* Begin *this* level by looking for matching <Directory> sections from
* access.conf.
***************
*** 300,306 ****
--- 302,311 ----
r->per_dir_config = per_dir_defaults;
if ((res = check_symlinks (r->filename, allow_options(r))))
+ {
+ log_reason("Symbolic link not allowed", r->filename, r);
return res;
+ }
return OK; /* Can only "fail" if access denied
* by the symlink goop.
*** mod_access.c Sun Aug 20 14:15:44 1995
--- ../mod_access.c Sun Aug 20 21:03:34 1995
***************
*** 208,213 ****
--- 208,216 ----
ret = FORBIDDEN;
}
+ if (ret == FORBIDDEN)
+ log_reason ("Client denied by server configuration", r->filename, r);
+
return ret;
}