source: trunk/server/common/patches/httpd-2.2.x-mod_status-security.patch @ 1931

Last change on this file since 1931 was 795, checked in by geofft, 14 years ago
httpd: Commit quentin's mod_status patch, which disallows server-status in .htaccess files
File size: 2.3 KB
  • modules/generators/mod_status.c

    Prevents mod_status from taking effect in .htaccess files, by requiring
    a directive that's only permitted in directory context.
    
    Signed-off-by: Quentin Smith <quentin@mit.edu>
    Signed-off-by: Geoffrey Thomas <geofft@mit.edu>
    a b  
    115115static pid_t child_pid;
    116116#endif
    117117
     118typedef struct {
     119  int permit_status_handler;
     120} status_config_rec;
     121
    118122/*
    119123 * command-related code. This is here to prevent use of ExtendedStatus
    120124 * without status_module included.
     
    139143    return NULL;
    140144}
    141145
     146static void *create_status_dir_config(apr_pool_t *p, char *d)
     147{
     148  status_config_rec *conf = apr_pcalloc(p, sizeof(*conf));
     149  conf->permit_status_handler = 0;
     150  return conf;
     151}
     152
    142153
    143154static const command_rec status_module_cmds[] =
    144155{
     
    147158    AP_INIT_FLAG("SeeRequestTail", set_reqtail, NULL, RSRC_CONF,
    148159      "For verbose requests, \"On\" to see the last 63 chars of the request, "
    149160      "\"Off\" (default) to see the first 63 in extended status display"),
     161    AP_INIT_FLAG("PermitStatusHandler", ap_set_flag_slot,
     162                 (void *)APR_OFFSETOF(status_config_rec, permit_status_handler),
     163                 ACCESS_CONF,
     164      "As a security measure, only permit status handlers where this flag "
     165      "is set. Only legal in directory context, not .htaccess."),
    150166    {NULL}
    151167};
    152168
     
    247263    pid_t *pid_buffer, worker_pid;
    248264    clock_t tu, ts, tcu, tcs;
    249265    ap_generation_t worker_generation;
    250 
    251     if (strcmp(r->handler, STATUS_MAGIC_TYPE) &&
    252         strcmp(r->handler, "server-status")) {
     266   
     267    status_config_rec *conf = ap_get_module_config(r->per_dir_config,
     268                                                      &status_module);
     269
     270    if ((strcmp(r->handler, STATUS_MAGIC_TYPE) &&
     271         strcmp(r->handler, "server-status")) ||
     272        !conf->permit_status_handler) {
    253273        return DECLINED;
    254274    }
    255275
     
    871891module AP_MODULE_DECLARE_DATA status_module =
    872892{
    873893    STANDARD20_MODULE_STUFF,
    874     NULL,                       /* dir config creater */
     894    create_status_dir_config,   /* dir config creater */
    875895    NULL,                       /* dir merger --- default is to override */
    876896    NULL,                       /* server config */
    877897    NULL,                       /* merge server config */
Note: See TracBrowser for help on using the repository browser.