From: Graham Leggett Date: Mon, 29 Mar 2010 22:09:35 +0000 (+0000) Subject: core: Introduce the IncludeStrict directive, which explicitly fails X-Git-Tag: 2.3.6~277 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ea767fff9d6847b64b1d181b029baa71c293d004;p=apache core: Introduce the IncludeStrict directive, which explicitly fails server startup if no files or directories match a wildcard path. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@928916 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 413ed65f44..ab616cc91e 100644 --- a/CHANGES +++ b/CHANGES @@ -28,6 +28,10 @@ Changes with Apache 2.3.7 processing is completed, avoiding orphaned callback pointers. [Brett Gervasoni , Jeff Trawick] + *) core: Introduce the IncludeStrict directive, which explicitly fails + server startup if no files or directories match a wildcard path. + [Graham Leggett] + *) htcacheclean: Report additional statistics about entries deleted. PR 48944. [Mark Drayton mark markdrayton.info] diff --git a/docs/manual/mod/core.xml b/docs/manual/mod/core.xml index 3f9e1d3301..69fe0ccc5b 100644 --- a/docs/manual/mod/core.xml +++ b/docs/manual/mod/core.xml @@ -1539,7 +1539,8 @@ later. Include Includes other configuration files from within the server configuration files -Include file-path|directory-path +Include file-path|directory-path| +wildcard server configvirtual host directory @@ -1571,6 +1572,11 @@ wildcard matching available in 2.3.6 and later for placeholder files to exist so that at least one file or directory is found by the wildcard.

+

Under certain circumstances, it may be required for the server to fail + explicitly when no files or directories match a specific wildcard. In these + cases, use the IncludeStrict + directive instead.

+

The file path specified may be an absolute path, or may be relative to the ServerRoot directory.

@@ -1602,6 +1608,47 @@ wildcard matching available in 2.3.6 and later apachectl + +IncludeStrict +Includes other configuration files from within the server +configuration files, throwing an error if no files or directories match +a wildcard + +IncludeStrict file-path|directory-path| +wildcard +server configvirtual host +directory + +Available in 2.3.6 and later + + +

This directive allows inclusion of other configuration files + from within the server configuration files.

+ +

It is functionally equivalent to the + Include directive, with the additional + restriction that any wildcards are required to match at least one file or + directory.

+ +

The file path specified may be an absolute path, or may be relative + to the ServerRoot directory.

+ +

Example:

+ +

The server will fail to load if the wildcard path + /usr/local/apache2/conf/vhosts/*.conf does not match at least + one file or directory.

+ + + IncludeStrict /usr/local/apache2/conf/ssl.conf
+ IncludeStrict /usr/local/apache2/conf/vhosts/*.conf + + + + +apachectl + + KeepAlive Enables HTTP persistent connections diff --git a/server/config.c b/server/config.c index 7378e8263d..5c48256236 100644 --- a/server/config.c +++ b/server/config.c @@ -1558,7 +1558,8 @@ static const char *process_resource_config_nofnmatch(server_rec *s, ap_directive_t **conftree, apr_pool_t *p, apr_pool_t *ptemp, - unsigned depth) + unsigned depth, + int strict) { cmd_parms parms; ap_configfile_t *cfp; @@ -1615,7 +1616,7 @@ static const char *process_resource_config_nofnmatch(server_rec *s, fnew = &((fnames *) candidates->elts)[current]; error = process_resource_config_nofnmatch(s, fnew->fname, conftree, p, ptemp, - depth); + depth, strict); if (error) { return error; } @@ -1659,7 +1660,8 @@ static const char *process_resource_config_fnmatch(server_rec *s, ap_directive_t **conftree, apr_pool_t *p, apr_pool_t *ptemp, - unsigned depth) + unsigned depth, + int strict) { const char *rest; apr_status_t rv; @@ -1682,12 +1684,12 @@ static const char *process_resource_config_fnmatch(server_rec *s, if (!rest) { return process_resource_config_nofnmatch(s, path, conftree, p, - ptemp, 0); + ptemp, 0, strict); } else { return process_resource_config_fnmatch(s, path, rest, conftree, p, - ptemp, 0); + ptemp, 0, strict); } } @@ -1738,27 +1740,32 @@ static const char *process_resource_config_fnmatch(server_rec *s, if (!rest) { error = process_resource_config_nofnmatch(s, fnew->fname, conftree, p, - ptemp, 0); + ptemp, 0, strict); } else { error = process_resource_config_fnmatch(s, fnew->fname, rest, conftree, p, - ptemp, 0); + ptemp, 0, strict); } if (error) { return error; } } } + else if (strict) { + return apr_psprintf(p, "No matches for the wildcard '%s' in %s", + fname, path); + } return NULL; } -AP_DECLARE(const char *) ap_process_resource_config(server_rec *s, - const char *fname, - ap_directive_t **conftree, - apr_pool_t *p, - apr_pool_t *ptemp) +AP_DECLARE(const char *) ap_process_resource_config_ex(server_rec *s, + const char *fname, + ap_directive_t **conftree, + apr_pool_t *p, + apr_pool_t *ptemp, + int strict) { /* XXX: lstat() won't work on the wildcard pattern... */ @@ -1775,7 +1782,7 @@ AP_DECLARE(const char *) ap_process_resource_config(server_rec *s, if (!apr_fnmatch_test(fname)) { return process_resource_config_nofnmatch(s, fname, conftree, p, ptemp, - 0); + 0, strict); } else { apr_status_t status; @@ -1794,13 +1801,22 @@ AP_DECLARE(const char *) ap_process_resource_config(server_rec *s, /* walk the filepath */ return process_resource_config_fnmatch(s, rootpath, filepath, conftree, p, ptemp, - 0); + 0, strict); } return NULL; } +AP_DECLARE(const char *) ap_process_resource_config(server_rec *s, + const char *fname, + ap_directive_t **conftree, + apr_pool_t *p, + apr_pool_t *ptemp) +{ + return ap_process_resource_config_ex(s, fname, conftree, p, ptemp, 0); +} + AP_DECLARE(int) ap_process_config_tree(server_rec *s, ap_directive_t *conftree, apr_pool_t *p, diff --git a/server/core.c b/server/core.c index 27fc034abd..4e333ace2b 100644 --- a/server/core.c +++ b/server/core.c @@ -2566,9 +2566,8 @@ static const char *set_use_canonical_phys_port(cmd_parms *cmd, void *d_, return NULL; } - static const char *include_config (cmd_parms *cmd, void *dummy, - const char *name) + const char *name, int strict) { ap_directive_t *conftree = NULL; const char* conffile, *error; @@ -2599,8 +2598,8 @@ static const char *include_config (cmd_parms *cmd, void *dummy, name, NULL); } - error = ap_process_resource_config(cmd->server, conffile, - &conftree, cmd->pool, cmd->temp_pool); + error = ap_process_resource_config_ex(cmd->server, conffile, + &conftree, cmd->pool, cmd->temp_pool, strict); if (error) { *recursion = 0; return error; @@ -2616,6 +2615,18 @@ static const char *include_config (cmd_parms *cmd, void *dummy, return NULL; } +static const char *include_regular_config(cmd_parms *cmd, void *dummy, + const char *name) +{ + return include_config(cmd, dummy, name, 0); +} + +static const char *include_strict_config(cmd_parms *cmd, void *dummy, + const char *name) +{ + return include_config(cmd, dummy, name, 1); +} + static const char *set_loglevel(cmd_parms *cmd, void *dummy, const char *arg) { char *str; @@ -3302,9 +3313,12 @@ AP_INIT_TAKE1("UseCanonicalPhysicalPort", set_use_canonical_phys_port, NULL, "Whether to use the physical Port when constructing URLs"), /* TODO: RlimitFoo should all be part of mod_cgi, not in the core */ /* TODO: ListenBacklog in MPM */ -AP_INIT_TAKE1("Include", include_config, NULL, +AP_INIT_TAKE1("Include", include_regular_config, NULL, + (RSRC_CONF | ACCESS_CONF | EXEC_ON_READ), + "Name of the config file to be included, ignore wildcards with no match"), +AP_INIT_TAKE1("IncludeStrict", include_strict_config, NULL, (RSRC_CONF | ACCESS_CONF | EXEC_ON_READ), - "Name of the config file to be included"), + "Name of the config file to be included, fail if wildcards don't match"), AP_INIT_TAKE1("LogLevel", set_loglevel, NULL, RSRC_CONF, "Level of verbosity in error logging"), AP_INIT_TAKE1("NameVirtualHost", ap_set_name_virtual_host, NULL, RSRC_CONF,