source: branches/fc19-dev/server/common/patches/httpd-mod_status-security.patch @ 2422

Last change on this file since 2422 was 2422, checked in by tboning, 9 years ago
Rebase Scripts httpd patches for httpd 2.4:
File size: 3.5 KB
  • modules/generators/mod_status.c

    From 0c2aac95f8df4e7c243ea00d54d4050e32f7868b Mon Sep 17 00:00:00 2001
    From: Alexander Chernyakhovsky <achernya@mit.edu>
    Date: Fri, 3 May 2013 21:39:17 -0400
    Subject: [PATCH 2/4] Prevent mod_status from taking effect in .htaccess files
    
    Introduce a directive to the Apache configuration that is only
    permitted in a directory context, called "PermitStatusHandler", to
    prevent users from enabling mod_status from their .htaccess files.
    
    Signed-off-by: Quentin Smith <quentin@mit.edu>
    Signed-off-by: Geoffrey Thomas <geofft@mit.edu>
    ---
     modules/generators/mod_status.c |   60 +++++++++++++++++++++++++++++++++++++--
     1 file changed, 57 insertions(+), 3 deletions(-)
    
    diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c
    index 0237f1d..c7fd0e0 100644
    a b APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ap, STATUS, int, status_hook, 
    103103static pid_t child_pid;
    104104#endif
    105105
     106typedef struct {
     107  int permit_status_handler;
     108} status_config_rec;
     109
     110/*
     111 * command-related code. This is here to prevent use of ExtendedStatus
     112 * without status_module included.
     113 */
     114static const char *set_extended_status(cmd_parms *cmd, void *dummy, int arg)
     115{
     116    const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
     117    if (err != NULL) {
     118        return err;
     119    }
     120    ap_extended_status = arg;
     121    return NULL;
     122}
     123
     124static const char *set_reqtail(cmd_parms *cmd, void *dummy, int arg)
     125{
     126    const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
     127    if (err != NULL) {
     128        return err;
     129    }
     130    ap_mod_status_reqtail = arg;
     131    return NULL;
     132}
     133
     134static void *create_status_dir_config(apr_pool_t *p, char *d)
     135{
     136  status_config_rec *conf = apr_pcalloc(p, sizeof(*conf));
     137  conf->permit_status_handler = 0;
     138  return conf;
     139}
     140
     141static const command_rec status_module_cmds[] =
     142{
     143    AP_INIT_FLAG("ExtendedStatus", set_extended_status, NULL, RSRC_CONF,
     144      "\"On\" to enable extended status information, \"Off\" to disable"),
     145    AP_INIT_FLAG("SeeRequestTail", set_reqtail, NULL, RSRC_CONF,
     146      "For verbose requests, \"On\" to see the last 63 chars of the request, "
     147      "\"Off\" (default) to see the first 63 in extended status display"),
     148    AP_INIT_FLAG("PermitStatusHandler", ap_set_flag_slot,
     149                 (void *)APR_OFFSETOF(status_config_rec, permit_status_handler),
     150                 ACCESS_CONF,
     151      "As a security measure, only permit status handlers where this flag "
     152      "is set. Only legal in directory context, not .htaccess."),
     153    {NULL}
     154};
     155
    106156/* Format the number of bytes nicely */
    107157static void format_byte_out(request_rec *r, apr_off_t bytes)
    108158{
    static int status_handler(request_rec *r) 
    207257    int times_per_thread;
    208258#endif
    209259
    210     if (strcmp(r->handler, STATUS_MAGIC_TYPE) && strcmp(r->handler,
    211             "server-status")) {
     260    status_config_rec *conf = ap_get_module_config(r->per_dir_config,
     261                                                   &status_module);
     262
     263    if ((strcmp(r->handler, STATUS_MAGIC_TYPE) &&
     264         strcmp(r->handler, "server-status")) ||
     265        !conf->permit_status_handler) {
    212266        return DECLINED;
    213267    }
    214268
    static void register_hooks(apr_pool_t *p) 
    9741028AP_DECLARE_MODULE(status) =
    9751029{
    9761030    STANDARD20_MODULE_STUFF,
    977     NULL,                       /* dir config creater */
     1031    create_status_dir_config,   /* dir config creater */
    9781032    NULL,                       /* dir merger --- default is to override */
    9791033    NULL,                       /* server config */
    9801034    NULL,                       /* merge server config */
Note: See TracBrowser for help on using the repository browser.