Changeset 2760 for trunk/server/common/oursrc

Timestamp:

Feb 27, 2016, 2:16:45 AM (8 years ago)

Author:

andersk

Message:

mod_vhost_ldap: Quote configuration arguments for ap_getword_conf

File:

• trunk/server/common/oursrc/httpdmods/mod_vhost_ldap.c (modified) (7 diffs)

trunk/server/common/oursrc/httpdmods/mod_vhost_ldap.c

@@ -399 +399 @@
 }
 
+static const char *escape(apr_pool_t *p, const char *input)
+{
+    static const char *const to_escape = "'\\";
+
+    const char *x = input + strcspn(input, to_escape);
+    if (*x == '\0')
+        return input;
+    const char *y = x;
+    size_t extra = 0;
+    while (*y != '\0') {
+        extra++;
+        size_t k = strcspn(y + 1, to_escape) + 1;
+        y += k;
+    }
+
+    char *output = apr_palloc(p, y - input + extra + 1);
+
+    memcpy(output, input, x - input);
+    char *z = output + (x - input);
+    while (*x != '\0') {
+        *z++ = '\\';
+        size_t k = strcspn(x + 1, to_escape) + 1;
+        memcpy(z, x, k);
+        x += k;
+        z += k;
+    }
+    *z = '\0';
+
+    return output;
+}
+
 static int reconfigure_directive(apr_pool_t *p,
                                  server_rec *s,
@@ -583 +614 @@
         for (i = 0; attributes[i]; i++) {
 
-            const char *directive;
             char *val = apr_pstrdup (r->pool, vals[i]);
             /* These do not correspond to any real directives */
@@ -602 +632 @@
                 continue;
             }
-
-            if (strcasecmp (attributes[i], "scriptsVhostName") == 0) {
+            else if (strcasecmp (attributes[i], "scriptsVhostName") == 0) {
                 reqc->name = val;
-                directive = "ServerName";
+                continue;
             }
             else {
@@ -614 +643 @@
                 continue;
             }
-
-            if (val == NULL)
-                continue;
-
-            if ((code = reconfigure_directive(r->pool, server, directive, val)) != 0)
-                return code;
         }
     }
@@ -639 +662 @@
     }
 
+    if ((code = reconfigure_directive(
+             r->pool, server, "ServerName",
+             apr_pstrcat(r->pool, "'", escape(r->pool, reqc->name), "'", (const char *)NULL))) != 0)
+        return code;
+
     char *docroot =
         strcmp(reqc->directory, ".") == 0 ?
         apr_pstrcat(r->pool, reqc->home, "/web_scripts", (const char *)NULL) :
         apr_pstrcat(r->pool, reqc->home, "/web_scripts/", reqc->directory, (const char *)NULL);
-    if ((code = reconfigure_directive(r->pool, server, "DocumentRoot", docroot)) != 0)
+    if ((code = reconfigure_directive(
+             r->pool, server, "DocumentRoot",
+             apr_pstrcat(r->pool, "'", escape(r->pool, docroot), "'", (const char *)NULL))) != 0)
         return code;
 
@@ -651 +681 @@
         uid_t uid = (uid_t) atoll(reqc->uid);
 
-        if ((code = reconfigure_directive(r->pool, server, "UserDir", USERDIR)) != 0)
+        if ((code = reconfigure_directive(
+                 r->pool, server, "UserDir",
+                 apr_pstrcat(r->pool, "'", escape(r->pool, USERDIR), "'", (const char *)NULL))) != 0)
             return code;
 
@@ -664 +696 @@
         }
 
-        userdir_val = apr_pstrcat(r->pool, "enabled ", username, (const char *)NULL);
+        userdir_val = apr_pstrcat(r->pool, "enabled '", escape(r->pool, username), "'", (const char *)NULL);
 
         if ((code = reconfigure_directive(r->pool, server, "UserDir", userdir_val)) != 0)