From fe0ac45b8e5d623a0511360a5b723e7998feb5de Mon Sep 17 00:00:00 2001 From: Stefan Fritsch Date: Mon, 10 Oct 2011 08:42:30 +0000 Subject: [PATCH] Remove OID match which was never in a GA releas and is obsoleted by SetEnvIfExpr with PeerExtList() git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1180828 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 ++ docs/manual/mod/mod_setenvif.html.en | 14 ------ docs/manual/mod/mod_setenvif.xml | 14 ------ modules/metadata/mod_setenvif.c | 72 +--------------------------- 4 files changed, 4 insertions(+), 99 deletions(-) diff --git a/CHANGES b/CHANGES index 267245f57f..28db55e03e 100644 --- a/CHANGES +++ b/CHANGES @@ -12,6 +12,9 @@ Changes with Apache 2.3.15 PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener, ] + *) mod_setenvif: Remove OID match which is obsoleted by SetEnvIfExpr with + PeerExtList(). [Stefan Fritsch] + *) mpm_prefork, mpm_worker, mpm_event: If a child is created just before graceful restart and then exits because of a missing lock file, don't shutdown the whole server. PR 39311. [Shawn Michael diff --git a/docs/manual/mod/mod_setenvif.html.en b/docs/manual/mod/mod_setenvif.html.en index b3d1966f78..34ffa036f5 100644 --- a/docs/manual/mod/mod_setenvif.html.en +++ b/docs/manual/mod/mod_setenvif.html.en @@ -192,14 +192,6 @@ Environment variables will be considered only if there was no match among request characteristics and a regular expression was not used for the attribute. -
  • - A reference to an extension of an SSL client certificate, located by - its object id oid. - If a non-SSL request, or in absense of the configured oid, - no variable will be set. If the oid is found multiple times, - the individual strings will be concatenated, separated by a comma ','. - The oid should reference a string-valued extension. -

    • The second argument (regex) is a regular expression. If the regex @@ -236,8 +228,6 @@ of

    :
    SetEnvIf object_is_image xbm XBIT_PROCESSING=1
    :
    - SetEnvIf OID("2.16.840.1.113730.1.13") "(.*)" NetscapeComment=$1
    - :
    SetEnvIf ^TS ^[a-z] HAVE_TS

    @@ -247,10 +237,6 @@ of

    the referring page was somewhere on the www.mydomain.example.com Web site.

    -

    The sixth example will set the NetscapeComment - environment variable to the string found in the corresponding - SSL client certificate field (if found).

    -

    The last example will set environment variable HAVE_TS if the request contains any headers that begin with "TS" whose values begins with any character in the diff --git a/docs/manual/mod/mod_setenvif.xml b/docs/manual/mod/mod_setenvif.xml index 2e0fd11086..9ff7ff404e 100644 --- a/docs/manual/mod/mod_setenvif.xml +++ b/docs/manual/mod/mod_setenvif.xml @@ -184,14 +184,6 @@ Environment variables will be considered only if there was no match among request characteristics and a regular expression was not used for the attribute. -

  • - A reference to an extension of an SSL client certificate, located by - its object id oid. - If a non-SSL request, or in absense of the configured oid, - no variable will be set. If the oid is found multiple times, - the individual strings will be concatenated, separated by a comma ','. - The oid should reference a string-valued extension. -

    • The second argument (regex) is a :
    SetEnvIf object_is_image xbm XBIT_PROCESSING=1
    :
    - SetEnvIf OID("2.16.840.1.113730.1.13") "(.*)" NetscapeComment=$1
    - :
    SetEnvIf ^TS ^[a-z] HAVE_TS
    @@ -240,10 +230,6 @@ of

    the referring page was somewhere on the www.mydomain.example.com Web site.

    -

    The sixth example will set the NetscapeComment - environment variable to the string found in the corresponding - SSL client certificate field (if found).

    -

    The last example will set environment variable HAVE_TS if the request contains any headers that begin with "TS" whose values begins with any character in the diff --git a/modules/metadata/mod_setenvif.c b/modules/metadata/mod_setenvif.c index 423258010f..2db353b860 100644 --- a/modules/metadata/mod_setenvif.c +++ b/modules/metadata/mod_setenvif.c @@ -94,8 +94,6 @@ #include "http_log.h" #include "http_protocol.h" -#include "mod_ssl.h" - enum special { SPECIAL_NOT, SPECIAL_REMOTE_ADDR, @@ -103,8 +101,7 @@ enum special { SPECIAL_REQUEST_URI, SPECIAL_REQUEST_METHOD, SPECIAL_REQUEST_PROTOCOL, - SPECIAL_SERVER_ADDR, - SPECIAL_OID_VALUE + SPECIAL_SERVER_ADDR }; typedef struct { char *name; /* header name */ @@ -124,8 +121,6 @@ typedef struct { module AP_MODULE_DECLARE_DATA setenvif_module; -static APR_OPTIONAL_FN_TYPE(ssl_ext_list) *ssl_ext_list_func = NULL; - /* * These routines, the create- and merge-config functions, are called * for both the server-wide and the per-directory contexts. This is @@ -380,31 +375,6 @@ static const char *add_setenvif_core(cmd_parms *cmd, void *mconfig, else if (!strcasecmp(fname, "server_addr")) { new->special_type = SPECIAL_SERVER_ADDR; } - else if (!strncasecmp(fname, "oid(",4)) { - ap_regmatch_t match[AP_MAX_REG_MATCH]; - - new->special_type = SPECIAL_OID_VALUE; - - /* Syntax check and extraction of the OID as a regex: */ - new->pnamereg = ap_pregcomp(cmd->temp_pool, - "^oid\\(\"?([0-9.]+)\"?\\)$", - (AP_REG_EXTENDED /* | AP_REG_NOSUB */ - | AP_REG_ICASE)); - /* this can never happen, as long as pcre works: - if (new->pnamereg == NULL) - return apr_pstrcat(cmd->pool, cmd->cmd->name, - "OID regex could not be compiled.", NULL); - */ - if (ap_regexec(new->pnamereg, fname, AP_MAX_REG_MATCH, match, 0) == AP_REG_NOMATCH) { - return apr_pstrcat(cmd->pool, cmd->cmd->name, - "OID syntax is: oid(\"1.2.3.4.5\"); error in: ", - fname, NULL); - } - new->pnamereg = NULL; - /* The name field is used for the stripped oid string */ - new->name = fname = apr_pstrdup(cmd->pool, fname+match[1].rm_so); - fname[match[1].rm_eo - match[1].rm_so] = '\0'; - } else { new->special_type = SPECIAL_NOT; /* Handle fname as a regular expression. @@ -552,8 +522,6 @@ static int match_headers(request_rec *r) * same header. Remember we don't need to strcmp the two header * names because we made sure the pointers were equal during * configuration. - * In the case of SPECIAL_OID_VALUE values, each oid string is - * dynamically allocated, thus there are no duplicates. */ if (b->name != last_name) { last_name = b->name; @@ -577,35 +545,6 @@ static int match_headers(request_rec *r) case SPECIAL_REQUEST_PROTOCOL: val = r->protocol; break; - case SPECIAL_OID_VALUE: - /* If mod_ssl is not loaded, the accessor function is NULL */ - if (ssl_ext_list_func != NULL) - { - apr_array_header_t *oid_array; - char **oid_value; - int j, len = 0; - char *retval = NULL; - - /* The given oid can occur multiple times. Concatenate the values */ - if ((oid_array = ssl_ext_list_func(r->pool, r->connection, 1, - b->name)) != NULL) { - oid_value = (char **) oid_array->elts; - /* pass 1: determine the size of the string */ - for (len=j=0; j < oid_array->nelts; j++) { - len += strlen(oid_value[j]) + 1; /* +1 for ',' or terminating NIL */ - } - retval = apr_palloc(r->pool, len); - /* pass 2: fill the string */ - for (j=0; j < oid_array->nelts; j++) { - if (j > 0) { - strcat(retval, ","); - } - strcat(retval, oid_value[j]); - } - } - val = retval; - } - break; case SPECIAL_NOT: if (b->pnamereg) { /* Matching headers_in against a regex. Iterate through @@ -683,19 +622,10 @@ static int match_headers(request_rec *r) return DECLINED; } -static int setenvif_post_config(apr_pool_t *pconf, apr_pool_t *plog, - apr_pool_t *ptemp, server_rec *s) -{ - ssl_ext_list_func = APR_RETRIEVE_OPTIONAL_FN(ssl_ext_list); - return OK; -} - static void register_hooks(apr_pool_t *p) { ap_hook_header_parser(match_headers, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_post_read_request(match_headers, NULL, NULL, APR_HOOK_MIDDLE); - /* post config handling */ - ap_hook_post_config(setenvif_post_config, NULL, NULL, APR_HOOK_MIDDLE); } AP_DECLARE_MODULE(setenvif) = -- 2.40.0