From d451ccc45ad2c5f5df2ea1365cba3d0b431d231f Mon Sep 17 00:00:00 2001
From: Joe Orton <jorton@apache.org>
Date: Sun, 30 Oct 2005 13:25:28 +0000
Subject: [PATCH] Fix handling of unknown state tokens in If headers:

* modules/dav/main/mod_dav.h: Add dav_if_unknown to dav_if_state_type
enum.

* modules/dav/main/util.c (dav_add_if_state): Set returned type to
dav_if_unknown for an unknown state token.
(dav_validate_resource_state): Evaluate dav_if_unknown to fail
match unless in a Not condition.

PR: 37288


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@329562 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/dav/main/mod_dav.h |  3 ++-
 modules/dav/main/util.c    | 20 ++++++++++++++++----
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/modules/dav/main/mod_dav.h b/modules/dav/main/mod_dav.h
index 68531d8561..c4f0ac5617 100644
--- a/modules/dav/main/mod_dav.h
+++ b/modules/dav/main/mod_dav.h
@@ -686,7 +686,8 @@ DAV_DECLARE(const dav_provider *) dav_lookup_provider(const char *name);
 typedef enum
 {
     dav_if_etag,
-    dav_if_opaquelock
+    dav_if_opaquelock,
+    dav_if_unknown /* the "unknown" state type; always matches false. */   
 } dav_if_state_type;
 
 typedef struct dav_if_state_list
diff --git a/modules/dav/main/util.c b/modules/dav/main/util.c
index 0593298786..c60fc266af 100644
--- a/modules/dav/main/util.c
+++ b/modules/dav/main/util.c
@@ -539,11 +539,11 @@ static dav_error * dav_add_if_state(apr_pool_t *p, dav_if_header *ih,
 
         if ((err = (*locks_hooks->parse_locktoken)(p, state_token,
                                                    &new_sl->locktoken)) != NULL) {
-            /* In cases where the state token is invalid, we'll just skip
-             * it rather than return 400.
-             */
+            /* If the state token cannot be parsed, treat it as an
+             * unknown state; this will evaluate to "false" later
+             * during If header validation. */
             if (err->error_id == DAV_ERR_LOCK_UNK_STATE_TOKEN) {
-                return NULL;
+                new_sl->type = dav_if_unknown;
             }
             else {
                 /* ### maybe add a higher-level description */
@@ -1200,6 +1200,18 @@ static dav_error * dav_validate_resource_state(apr_pool_t *p,
 
                 break;
 
+            case dav_if_unknown:
+                /* Request is predicated on some unknown state token,
+                 * which must be presumed to *not* match, so fail
+                 * unless this is a Not condition. */
+                
+                if (state_list->condition == DAV_IF_COND_NORMAL) {
+                    reason = 
+                        "an unknown state token was supplied";
+                    goto state_list_failed;
+                }
+                break;
+
             } /* switch */
         } /* foreach ( state_list ) */
 
-- 
2.50.0