ASF Bugzilla – Attachment 37497 Details for
Bug 64785
allowmethods should be able to disable individual methods
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
mod_allowmethods implementation of +-METHOD options
file_64785.txt (text/plain), 5.11 KB, created by
Marcel Montes
on 2020-10-12 18:32:31 UTC
(
hide
)
Description:
mod_allowmethods implementation of +-METHOD options
Filename:
MIME Type:
Creator:
Marcel Montes
Created:
2020-10-12 18:32:31 UTC
Size:
5.11 KB
patch
obsolete
>Index: modules/aaa/mod_allowmethods.c >=================================================================== >--- modules/aaa/mod_allowmethods.c (revision 1882304) >+++ modules/aaa/mod_allowmethods.c (working copy) >@@ -44,8 +44,11 @@ > */ > > typedef struct am_conf_t { >- int allowed_set; >- ap_method_mask_t allowed; >+ int allowed_set; /* AllowMethods has been set/changed flag */ >+ int enforce_methods; /* Enforce AllowMethods flag */ >+ ap_method_mask_t add; /* Methods Added by +METHOD mask */ >+ ap_method_mask_t remove; /* Methods Removed by -METHOD mask */ >+ ap_method_mask_t allowed; /* Allowed Methods mask */ > } am_conf_t; > > module AP_MODULE_DECLARE_DATA allowmethods_module; >@@ -57,7 +60,8 @@ > > conf = (am_conf_t *) ap_get_module_config(r->per_dir_config, > &allowmethods_module); >- if (!conf || conf->allowed == 0) { >+ >+ if (!conf || conf->enforce_methods == 0) { > return DECLINED; > } > >@@ -80,8 +84,11 @@ > { > am_conf_t *conf = apr_pcalloc(p, sizeof(am_conf_t)); > >- conf->allowed = 0; >- conf->allowed_set = 0; >+ conf->allowed = 0; >+ conf->allowed_set = 0; >+ conf->add = 0; >+ conf->remove = 0; >+ conf->enforce_methods = 0; > return conf; > } > >@@ -92,12 +99,38 @@ > am_conf_t *conf = apr_palloc(pool, sizeof(am_conf_t)); > > if (add->allowed_set) { >- conf->allowed = add->allowed; >- conf->allowed_set = add->allowed_set; >+ conf->add = add->add; >+ conf->remove = add->remove; >+ >+ /* Add/Remove AllowedMethods set with + or - */ >+ if( add->add || add->remove ) { >+ conf->allowed = base->allowed; >+ >+ if( add->add ) { >+ conf->allowed |= add->add; >+ } >+ if( add->remove ) { >+ conf->allowed &= ~(add->remove); >+ } >+ >+ conf->enforce_methods = 1; >+ conf->allowed_set = 1; >+ } >+ /* Straightforward AllowMethods settings, just set it */ >+ else >+ { >+ conf->allowed = add->allowed; >+ conf->allowed_set = add->allowed_set; >+ conf->enforce_methods = add->enforce_methods; >+ } > } >- else { >- conf->allowed = base->allowed; >- conf->allowed_set = base->allowed_set; >+ else >+ { >+ conf->allowed = base->allowed; >+ conf->add = base->add; >+ conf->remove = base->remove; >+ conf->allowed_set = base->allowed_set; >+ conf->enforce_methods = base->enforce_methods; > } > > return conf; >@@ -108,30 +141,75 @@ > { > int i; > am_conf_t *conf = (am_conf_t *)d; >+ int merge = 0; >+ int first = 1; >+ char *method; >+ char action; > > if (argc == 0) { > return "AllowMethods: No method or 'reset' keyword given"; > } > if (argc == 1) { >- if (strcasecmp("reset", argv[0]) == 0) { >- conf->allowed = 0; >- conf->allowed_set = 1; >+ if (!ap_cstr_casecmp(argv[0], "reset")) { >+ conf->allowed = 0; >+ conf->enforce_methods = 0; >+ conf->add = 0; >+ conf->remove = 0; >+ conf->allowed_set = 1; > return NULL; > } > } > >+ conf->allowed = 0; >+ conf->add = 0; >+ conf->remove = 0; >+ > for (i = 0; i < argc; i++) { > int m; >+ char *w = argv[i]; > >- m = ap_method_number_of(argv[i]); >+ if( *w == '-' || *w == '+' ) { >+ if (!merge && !first) { >+ return "Either all methods in AllowMethods must start with + or -, or no methods may."; >+ } >+ >+ action = *(w++); >+ method = w; >+ merge = 1; >+ } >+ else if (merge) { >+ return "Either all methods in AllowMethods must start with + or -, or no methods may."; >+ } >+ else { >+ method = w; >+ } >+ >+ m = ap_method_number_of((char const*)method); >+ > if (m == M_INVALID) { > return apr_pstrcat(cmd->pool, "AllowMethods: Invalid Method '", >- argv[i], "'", NULL); >+ method, "'", NULL); > } > >- conf->allowed |= (AP_METHOD_BIT << m); >+ if( action == '-' ) { >+ conf->remove |= (AP_METHOD_BIT << m); >+ conf->add &= ~(AP_METHOD_BIT << m); >+ conf->allowed &= ~(AP_METHOD_BIT << m); >+ } >+ else if( action == '+' ) { >+ conf->remove &= ~(AP_METHOD_BIT << m); >+ conf->add |= (AP_METHOD_BIT << m); >+ conf->allowed |= (AP_METHOD_BIT << m); >+ } >+ else { >+ conf->allowed |= (AP_METHOD_BIT << m); >+ } >+ >+ first = 0; > } >- conf->allowed_set = 1; >+ conf->allowed_set = 1; >+ conf->enforce_methods = 1; >+ > return NULL; > } >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 64785
:
37484
|
37490
|
37491
|
37495
|
37497
|
37500
|
37501
|
37523