If several parameters are used in a AuthzProviderAlias directive, if these
parameters are not enclosed in quotation mark, only the first one is handled.
The other ones are silently ignored.
Add a message to warn about such a spurious configuration.
PR 62469
Inspired by: Hank Ibell <hwibell gmail.com>
Submitted by: jailletc36
Reviewed by: jailletc36, covener, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1834843 13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.4.34
+ *) mod_authz_core: If several parameters are used in a AuthzProviderAlias
+ directive, if these parameters are not enclosed in quotation mark, only
+ the first one is handled. The other ones are silently ignored.
+ Add a message to warn about such a spurious configuration.
+ PR 62469 [Hank Ibell <hwibell gmail.com>, Christophe Jaillet]
*) mod_md: improvements and bugfixes
- MDNotifyCmd now takes additional parameter that are passed on to the called command.
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_authz_core: If several parameters are used in a AuthzProviderAlias directive,
- if these parameters are not enclosed in quotation mark, only the first one is
- handled. The other ones are silently ignored.
- PR 62469.
- trunk patch: http://svn.apache.org/r1834209
- 2.4.x patch: trunk works (modulo CHANGES and next-number)
- svn merge -c 1834209 ^/httpd/httpd/trunk .
- +1: jailletc36, covener, jim
-
*) Easy patches: synch 2.4.x and trunk
- mod_env: remove an empty line
- mod_ssl: Simplify code, no functional change
authorization directives that can be referenced by the alias name using the
directive <directive module="mod_authz_core">Require</directive>.</p>
+ <p>If several parameters are needed in <var>Require-Parameters</var>,
+ they must be enclosed in quotation marks. Otherwise, only the first one
+ is taken into account.</p>
+
+ <highlight language="config">
+# In this example, for both addresses to be taken into account, they MUST be enclosed
+# between quotation marks
+<AuthzProviderAlias ip blacklisted-ips "XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY">
+</AuthzProviderAlias>
+
+<Directory "/path/to/dir">
+ <RequireAll>
+ Require not blacklisted-ips
+ Require all granted
+ </RequireAll>
+</Directory>
+ </highlight>
</usage>
</directivesynopsis>
const char *endp = ap_strrchr_c(args, '>');
char *provider_name;
char *provider_alias;
- char *provider_args;
+ char *provider_args, *extra_args;
ap_conf_vector_t *new_authz_config;
int old_overrides = cmd->override;
const char *errmsg;
provider_name = ap_getword_conf(cmd->pool, &args);
provider_alias = ap_getword_conf(cmd->pool, &args);
provider_args = ap_getword_conf(cmd->pool, &args);
+ extra_args = ap_getword_conf(cmd->pool, &args);
if (!provider_name[0] || !provider_alias[0]) {
return apr_pstrcat(cmd->pool, cmd->cmd->name,
"> directive requires additional arguments", NULL);
}
+
+ /* We only handle one "Require-Parameters" parameter. If several parameters
+ are needed, they must be enclosed between quotes */
+ if (extra_args && *extra_args) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(10142)
+ "When several arguments (%s %s...) are passed to a %s directive, "
+ "they must be enclosed in quotation marks. Otherwise, only the "
+ "first one is taken into account",
+ provider_args, extra_args, cmd->cmd->name);
+ }
new_authz_config = ap_create_per_dir_config(cmd->pool);