From dda68034a8b2962da6dc6915c139ae901ca43dba Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Fri, 9 Mar 2018 09:19:44 +0000 Subject: [PATCH] Merge r1667676, r1826207 from trunk: * mod_access_compat, mod_authz_host: Handle '#' character. For mod_access_compat, disable '#' in hostname completely. For mod_authz_host, treat '#' as a comment and ignore everything after that. This allows better handling of admin errors like 'Require host localhost# Add example.com later'. * modules/aaa/mod_authz_host.c (host_check_authorization): Simplify comment stripping in "Require host"; log a warning if a comment is used in 'Require host', or an error if the expression is empty with the comment stripped. (Currently in 2.4, #comment part is parsed) Submitted by: jkaluza, jorton Reviewed by: jorton, jim, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826309 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 7 +++++++ modules/aaa/mod_access_compat.c | 3 +++ modules/aaa/mod_authz_host.c | 21 +++++++++++++++++++++ 3 files changed, 31 insertions(+) diff --git a/CHANGES b/CHANGES index 09923968b5..3ae7d27d8f 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,13 @@ -*- coding: utf-8 -*- Changes with Apache 2.4.32 + *) mod_access_compat: Fail if a comment is found in an Allow or Deny + directive. [Jan Kaluza] + + *) mod_authz_host: Ignore comments after "Require host", logging a + warning, or logging an error if the line is otherwise empty. + [Jan Kaluza, Joe Orton] + *) rotatelogs: Fix expansion of %Z in localtime (-l) mode, and fix Y2K38 bug. [Joe Orton] diff --git a/modules/aaa/mod_access_compat.c b/modules/aaa/mod_access_compat.c index 30238033c9..e9f1abe483 100644 --- a/modules/aaa/mod_access_compat.c +++ b/modules/aaa/mod_access_compat.c @@ -187,6 +187,9 @@ static const char *allow_cmd(cmd_parms *cmd, void *dv, const char *from, return apr_psprintf(cmd->pool, "%pm", &rv); a->type = T_IP; } + else if (ap_strchr(where, '#')) { + return "No comments are allowed here"; + } else { /* no slash, didn't look like an IP address => must be a host */ a->type = T_HOST; } diff --git a/modules/aaa/mod_authz_host.c b/modules/aaa/mod_authz_host.c index 76f95b8460..b43414f410 100644 --- a/modules/aaa/mod_authz_host.c +++ b/modules/aaa/mod_authz_host.c @@ -192,6 +192,27 @@ static authz_status host_check_authorization(request_rec *r, host names to check rather than a single name. This is different from the previous host based syntax. */ t = require; + + /* '#' is not a valid hostname character and admin could + * specify 'Require host localhost# Add example.com later'. We + * should not grant access to 'example.com' in that case. */ + w = ap_strchr_c(t, '#'); + if (w) { + if (w == t) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10120) + "authz_host authorize: dubious empty " + "'Require host %s' with only comment", t); + return AUTHZ_DENIED; + } + + ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(10121) + "authz_host authorize: ignoring comment in " + "'Require host %s'", t); + + /* Truncate the string at the #. */ + t = apr_pstrmemdup(r->pool, t, w - t); + } + while ((w = ap_getword_conf(r->pool, &t)) && w[0]) { if (in_domain(w, remotehost)) { return AUTHZ_GRANTED; -- 2.40.0