source:
branches/fc19-dev/server/common/patches/httpd-mod_status-security.patch
@
2423
Last change on this file since 2423 was 2422, checked in by tboning, 11 years ago | |
---|---|
File size: 3.5 KB |
-
modules/generators/mod_status.c
From 0c2aac95f8df4e7c243ea00d54d4050e32f7868b Mon Sep 17 00:00:00 2001 From: Alexander Chernyakhovsky <achernya@mit.edu> Date: Fri, 3 May 2013 21:39:17 -0400 Subject: [PATCH 2/4] Prevent mod_status from taking effect in .htaccess files Introduce a directive to the Apache configuration that is only permitted in a directory context, called "PermitStatusHandler", to prevent users from enabling mod_status from their .htaccess files. Signed-off-by: Quentin Smith <quentin@mit.edu> Signed-off-by: Geoffrey Thomas <geofft@mit.edu> --- modules/generators/mod_status.c | 60 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 57 insertions(+), 3 deletions(-) diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c index 0237f1d..c7fd0e0 100644
a b APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ap, STATUS, int, status_hook, 103 103 static pid_t child_pid; 104 104 #endif 105 105 106 typedef struct { 107 int permit_status_handler; 108 } status_config_rec; 109 110 /* 111 * command-related code. This is here to prevent use of ExtendedStatus 112 * without status_module included. 113 */ 114 static const char *set_extended_status(cmd_parms *cmd, void *dummy, int arg) 115 { 116 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); 117 if (err != NULL) { 118 return err; 119 } 120 ap_extended_status = arg; 121 return NULL; 122 } 123 124 static const char *set_reqtail(cmd_parms *cmd, void *dummy, int arg) 125 { 126 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); 127 if (err != NULL) { 128 return err; 129 } 130 ap_mod_status_reqtail = arg; 131 return NULL; 132 } 133 134 static void *create_status_dir_config(apr_pool_t *p, char *d) 135 { 136 status_config_rec *conf = apr_pcalloc(p, sizeof(*conf)); 137 conf->permit_status_handler = 0; 138 return conf; 139 } 140 141 static const command_rec status_module_cmds[] = 142 { 143 AP_INIT_FLAG("ExtendedStatus", set_extended_status, NULL, RSRC_CONF, 144 "\"On\" to enable extended status information, \"Off\" to disable"), 145 AP_INIT_FLAG("SeeRequestTail", set_reqtail, NULL, RSRC_CONF, 146 "For verbose requests, \"On\" to see the last 63 chars of the request, " 147 "\"Off\" (default) to see the first 63 in extended status display"), 148 AP_INIT_FLAG("PermitStatusHandler", ap_set_flag_slot, 149 (void *)APR_OFFSETOF(status_config_rec, permit_status_handler), 150 ACCESS_CONF, 151 "As a security measure, only permit status handlers where this flag " 152 "is set. Only legal in directory context, not .htaccess."), 153 {NULL} 154 }; 155 106 156 /* Format the number of bytes nicely */ 107 157 static void format_byte_out(request_rec *r, apr_off_t bytes) 108 158 { … … static int status_handler(request_rec *r) 207 257 int times_per_thread; 208 258 #endif 209 259 210 if (strcmp(r->handler, STATUS_MAGIC_TYPE) && strcmp(r->handler, 211 "server-status")) { 260 status_config_rec *conf = ap_get_module_config(r->per_dir_config, 261 &status_module); 262 263 if ((strcmp(r->handler, STATUS_MAGIC_TYPE) && 264 strcmp(r->handler, "server-status")) || 265 !conf->permit_status_handler) { 212 266 return DECLINED; 213 267 } 214 268 … … static void register_hooks(apr_pool_t *p) 974 1028 AP_DECLARE_MODULE(status) = 975 1029 { 976 1030 STANDARD20_MODULE_STUFF, 977 NULL,/* dir config creater */1031 create_status_dir_config, /* dir config creater */ 978 1032 NULL, /* dir merger --- default is to override */ 979 1033 NULL, /* server config */ 980 1034 NULL, /* merge server config */
Note: See TracBrowser
for help on using the repository browser.