You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Yann Ylavic <yl...@gmail.com> on 2016/12/23 00:00:36 UTC
Re: svn commit: r1775705 - in /httpd/httpd/branches/2.2.x-merge-http-strict:
./ server/protocol.c
On Thu, Dec 22, 2016 at 8:20 PM, <wr...@apache.org> wrote:
> Author: wrowe
> Date: Thu Dec 22 19:20:25 2016
> New Revision: 1775705
>
> URL: http://svn.apache.org/viewvc?rev=1775705&view=rev
> Log:
> Backports: r1185385
> Submitted by: sf
> Downgrade some more log messages indicating client errors from level error to
> info. Add log messages for various reasons to return HTTP_BAD_REQUEST.
Hmm, in 2.2, users are used to get an error message when httpd refuses
the request (moreover before any module had seen the request).
Is it really 2.2 material?
>
> Modified: httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c?rev=1775705&r1=1775704&r2=1775705&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c (original)
> +++ httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c Thu Dec 22 19:20:25 2016
> @@ -702,9 +702,21 @@ static int table_do_fn_check_lengths(voi
> "\n<pre>\n",
> ap_escape_html(r->pool, key),
> "</pre>\n", NULL));
> + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, "Request header exceeds "
> + "LimitRequestFieldSize after merging: %s", key);
> return 0;
> }
>
> +/* get the length of the field name for logging, but no more than 80 bytes */
> +#define LOG_NAME_MAX_LEN 80
> +static int field_name_len(const char *field)
> +{
> + const char *end = ap_strchr_c(field, ':');
> + if (end == NULL || end - field > LOG_NAME_MAX_LEN)
> + return LOG_NAME_MAX_LEN;
> + return end - field;
> +}
> +
> AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb)
> {
> char *last_field = NULL;
> @@ -755,6 +767,9 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> "Request header exceeds LimitRequestFieldSize: "
> "%.*s", field_name_len(field), field);
> + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> + "Request header exceeds LimitRequestFieldSize: "
> + "%.*s", field_name_len(field), field);
Double logging?
> }
> return;
> }
> @@ -786,6 +801,10 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> "Request header exceeds LimitRequestFieldSize "
> "after folding: %.*s",
> field_name_len(last_field), last_field);
> + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> + "Request header exceeds LimitRequestFieldSize "
> + "after folding: %.*s",
> + field_name_len(last_field), last_field);
Likewise?
> return;
> }
>
> @@ -811,6 +830,9 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> apr_table_setn(r->notes, "error-notes",
> "The number of request header fields "
> "exceeds this server's limit.");
> + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> + "Number of request headers exceeds "
> + "LimitRequestFields");
> return;
> }
>
> @@ -829,6 +851,10 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> "separator: %.*s", (int)LOG_NAME_MAX_LEN,
> last_field);
>
> + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> + "Request header field is missing ':' "
> + "separator: %.*s", (int)LOG_NAME_MAX_LEN,
> + last_field);
Likewise?
> return;
> }
Re: svn commit: r1775705 - in /httpd/httpd/branches/2.2.x-merge-http-strict:
./ server/protocol.c
Posted by William A Rowe Jr <wr...@rowe-clan.net>.
On Thu, Dec 22, 2016 at 6:00 PM, Yann Ylavic <yl...@gmail.com> wrote:
> On Thu, Dec 22, 2016 at 8:20 PM, <wr...@apache.org> wrote:
> > Author: wrowe
> > Date: Thu Dec 22 19:20:25 2016
> > New Revision: 1775705
> >
> > URL: http://svn.apache.org/viewvc?rev=1775705&view=rev
> > Log:
> > Backports: r1185385
> > Submitted by: sf
> > Downgrade some more log messages indicating client errors from level
> error to
> > info. Add log messages for various reasons to return HTTP_BAD_REQUEST.
>
> Hmm, in 2.2, users are used to get an error message when httpd refuses
> the request (moreover before any module had seen the request).
>
> Is it really 2.2 material?
>
> >
> > Modified: httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c
> > URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x-
> merge-http-strict/server/protocol.c?rev=1775705&r1=
> 1775704&r2=1775705&view=diff
> > ============================================================
> ==================
> > --- httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c
> (original)
> > +++ httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c Thu
> Dec 22 19:20:25 2016
> > @@ -702,9 +702,21 @@ static int table_do_fn_check_lengths(voi
> > "\n<pre>\n",
> > ap_escape_html(r->pool, key),
> > "</pre>\n", NULL));
> > + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, "Request header exceeds
> "
> > + "LimitRequestFieldSize after merging: %s", key);
> > return 0;
> > }
> >
> > +/* get the length of the field name for logging, but no more than 80
> bytes */
> > +#define LOG_NAME_MAX_LEN 80
> > +static int field_name_len(const char *field)
> > +{
> > + const char *end = ap_strchr_c(field, ':');
> > + if (end == NULL || end - field > LOG_NAME_MAX_LEN)
> > + return LOG_NAME_MAX_LEN;
> > + return end - field;
> > +}
> > +
> > AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r,
> apr_bucket_brigade *bb)
> > {
> > char *last_field = NULL;
> > @@ -755,6 +767,9 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> > ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> > "Request header exceeds
> LimitRequestFieldSize: "
> > "%.*s", field_name_len(field), field);
> > + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> > + "Request header exceeds
> LimitRequestFieldSize: "
> > + "%.*s", field_name_len(field), field);
>
> Double logging?
>
> > }
> > return;
> > }
> > @@ -786,6 +801,10 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> > "Request header exceeds
> LimitRequestFieldSize "
> > "after folding: %.*s",
> > field_name_len(last_field),
> last_field);
> > + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> > + "Request header exceeds
> LimitRequestFieldSize "
> > + "after folding: %.*s",
> > + field_name_len(last_field),
> last_field);
>
> Likewise?
>
> > return;
> > }
> >
> > @@ -811,6 +830,9 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> > apr_table_setn(r->notes, "error-notes",
> > "The number of request header fields
> "
> > "exceeds this server's limit.");
> > + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> > + "Number of request headers exceeds "
> > + "LimitRequestFields");
> > return;
> > }
> >
> > @@ -829,6 +851,10 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> > "separator: %.*s",
> (int)LOG_NAME_MAX_LEN,
> > last_field);
> >
> > + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
> > + "Request header field is missing ':' "
> > + "separator: %.*s",
> (int)LOG_NAME_MAX_LEN,
> > + last_field);
>
> Likewise?
>
> > return;
> > }
>
Yes, doubled merge. Believe I have these cleaned up in r1775774.