Attachment 9626 Details for Bug 12355 – diff against httpd-2.0.48

[patch] diff against httpd-2.0.48

diff.txt (text/plain), 6.51 KB, created by keilh on 2003-12-18 12:33:22 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: keilh

Created: 2003-12-18 12:33:22 UTC

Size: 6.51 KB

patch

obsolete

>*** mod_ssl.h.patched	Thu Dec 18 13:11:48 2003
>--- mod_ssl.h	Thu Dec 18 13:13:19 2003
>***************
>*** 709,714 ****
>--- 709,715 ----
>  void         ssl_io_filter_init(conn_rec *, SSL *);
>  void         ssl_io_filter_register(apr_pool_t *);
>  long         ssl_io_data_cb(BIO *, int, MODSSL_BIO_CB_ARG_TYPE *, int, long, long);
>+ long         ssl_io_suck(request_rec *);
>  
>  /*  PRNG  */
>  int          ssl_rand_seed(server_rec *, apr_pool_t *, ssl_rsctx_t, char *);
>*** ssl_engine_kernel.c.patched	Thu Dec 18 13:11:39 2003
>--- ssl_engine_kernel.c	Thu Dec 18 13:15:04 2003
>***************
>*** 583,596 ****
>       *
>       * !! BUT ALL THIS IS STILL NOT RE-IMPLEMENTED FOR APACHE 2.0 !!
>       */
>!     if (renegotiate && !renegotiate_quick && (r->method_number == M_POST)) {
>          ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
>                       "SSL Re-negotiation in conjunction "
>                       "with POST method not supported!\n"
>                       "hint: try SSLOptions +OptRenegotiate");
>! 
>          return HTTP_METHOD_NOT_ALLOWED;
>      }
>  
>      /*
>       * now do the renegotiation if anything was actually reconfigured
>--- 583,602 ----
>       *
>       * !! BUT ALL THIS IS STILL NOT RE-IMPLEMENTED FOR APACHE 2.0 !!
>       */
>! 	if (renegotiate && !renegotiate_quick && (r->method_number == M_POST)) {
>! #ifdef SSL_CONSERVATIVE 		
>          ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
>                       "SSL Re-negotiation in conjunction "
>                       "with POST method not supported!\n"
>                       "hint: try SSLOptions +OptRenegotiate");
>! 		
>          return HTTP_METHOD_NOT_ALLOWED;
>+ #else		
>+ 		if( ssl_io_suck(r) != OK) {
>+ 			return HTTP_METHOD_NOT_ALLOWED;
>+ 		}
>      }
>+ #endif /* SSL_CONSERVATIVE */
>  
>      /*
>       * now do the renegotiation if anything was actually reconfigured
>*** ssl_engine_io.c.patched	Thu Dec 18 13:12:02 2003
>--- ssl_engine_io.c	Thu Dec 18 13:21:31 2003
>***************
>*** 897,902 ****
>--- 897,987 ----
>  }
>  
>  static const char ssl_io_filter[] = "SSL/TLS Filter";
>+ static const char ssl_buff_filter[] = "SSL/TLS Buffering Filter";
>+ /*
>+  * reads the buffered data during a POST request with renegotiation
>+  * will be registere at runtime.
>+  * NOTE: we try to buffer the complete body. Use the attribute 'LimitRequestBody'
>+  * preventing DOS attacks.
>+  */
>+ long ssl_io_suck(request_rec *r)
>+ {
>+ 	apr_bucket *bucket;
>+ 	apr_bucket_brigade *bb = apr_brigade_create(r->pool,r->connection->bucket_alloc);
>+ 
>+ 	int readed = 0;
>+ 	int len = 0;
>+ 	int toRead= 0;
>+ 	char *buffer = NULL;
>+ 	char *pos = NULL;
>+ 	
>+ 	if(ap_setup_client_block(r,REQUEST_CHUNKED_DECHUNK) !=OK) {
>+ 		return HTTP_METHOD_NOT_ALLOWED; 
>+ 	}
>+ 
>+ 	if(!ap_should_client_block(r)) {
>+ 		return OK;
>+ 	}
>+ 	
>+ 	do {
>+ 		buffer = apr_pcalloc(r->pool,HUGE_STRING_LEN);
>+ 		toRead = HUGE_STRING_LEN;
>+ 
>+ 		/* check malloc */
>+ 		if(buffer == NULL) {
>+ 			ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
>+                      "SSL Re-negotiation in conjunction "
>+ 				     "with POST (buffering body failed)!\n");
>+ 			apr_brigade_destroy(bb);
>+ 			return HTTP_METHOD_NOT_ALLOWED;			
>+ 		}
>+ 		
>+ 		/* fill the bucket */
>+ 		pos = buffer;
>+ 		len = 0;
>+ 		do {
>+ 			readed  = ap_get_client_block(r,pos,toRead);
>+ 
>+ 			if(readed <=0) {
>+ 				break;
>+ 			}
>+ 			
>+ 			toRead  -= readed;
>+ 			
>+ 			/* sanity */
>+ 			if(toRead<0) {
>+ 				return HTTP_METHOD_NOT_ALLOWED;
>+ 			}
>+ 
>+ 			pos += readed;
>+ 			len += readed;	
>+ 		}
>+ 		while(toRead>0);
>+ 
>+ 		/* check last read result */
>+ 		if(readed<0) {
>+ 			ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
>+                      "SSL Re-negotiation in conjunction "
>+ 				     "with POST (reading body failed)!\n");
>+ 			apr_brigade_destroy(bb);
>+ 			return HTTP_METHOD_NOT_ALLOWED; 
>+ 		}
>+ 		
>+ 		/* check if we have readed everything */
>+ 		if(len == 0) {
>+ 			break;
>+ 		}
>+ 		bucket = apr_bucket_pool_create(buffer,len,r->pool,r->connection->bucket_alloc);
>+ 		
>+         APR_BRIGADE_INSERT_TAIL(bb, bucket);
>+ 	} 
>+ 	while(1);
>+ 	
>+ 	//add the ssl_buff_filter_input
>+ 	ap_add_input_filter(ssl_buff_filter, bb, r, r->connection);
>+ 	
>+ 	return OK;									  
>+ }
>  
>  /*
>   *  Close the SSL part of the socket connection
>***************
>*** 1361,1366 ****
>--- 1446,1529 ----
>      return status;
>  }
>  
>+ static apr_status_t ssl_buff_filter_input(ap_filter_t *f,
>+                                         apr_bucket_brigade *bb,
>+                                         ap_input_mode_t mode,
>+                                         apr_read_type_e block,
>+                                         apr_off_t readbytes)
>+ {
>+ 	apr_bucket_brigade *aa = f->ctx;
>+ 	apr_status_t  rv;
>+ 	
>+ 	if(aa && !APR_BRIGADE_EMPTY(aa)) {
>+ 
>+ 		if(mode == AP_MODE_READBYTES) {
>+ 			apr_bucket *b;
>+ 			apr_off_t missing = readbytes;
>+ 			apr_size_t len;
>+ 			const char *tmp;
>+ 	
>+ 			while (!APR_BRIGADE_EMPTY(aa)) {
>+ 				b = APR_BRIGADE_FIRST(aa);
>+ 			
>+ 				rv = apr_bucket_read(b, &tmp, &len, APR_BLOCK_READ);
>+ 				if (rv != APR_SUCCESS) {
>+ 					return rv;
>+ 				}
>+ 				
>+ 				/* consume whole bucket */
>+ 				if(missing >= len) {
>+ 					APR_BUCKET_REMOVE(b);
>+ 					APR_BRIGADE_INSERT_TAIL(bb,b);
>+ 				}
>+ 				/* comsume only a part */ 
>+ 				else{
>+ 					rv = apr_bucket_split(b, missing);
>+ 					if (rv != APR_SUCCESS) {
>+ 						return rv;
>+ 					}
>+ 					
>+ 					APR_BUCKET_REMOVE(b);
>+ 					APR_BRIGADE_INSERT_TAIL(bb, b);
>+ 					break;
>+ 				}
>+ 				
>+ 				missing -= len;
>+ 				
>+ 				if (missing = 0) {
>+ 					break;
>+ 				}
>+ 
>+ 				if(missing<0) {
>+ 					return AP_FILTER_ERROR;
>+ 				}
>+ 			}
>+ 			return APR_SUCCESS;
>+ 		}
>+ 		else if (mode == AP_MODE_READBYTES) {
>+ 			apr_bucket_brigade *nb = apr_brigade_create(f->r->pool,f->c->bucket_alloc);
>+ 			
>+ 			/* split */
>+ 			rv = apr_brigade_split_line(nb,aa,block,readbytes);
>+ 			if( rv != APR_SUCCESS) {				
>+ 				return rv;
>+ 			} 
>+ 
>+ 			/* concatinate */
>+ 			APR_BRIGADE_CONCAT(bb,aa);
>+ 			
>+ 			/* remember the rest */
>+ 			f->ctx = nb;
>+ 			
>+ 			return APR_SUCCESS;	
>+ 		}
>+ 		
>+ 	}
>+ 	
>+ 	
>+ 	return ap_pass_brigade(f->next, bb);
>+ }
>+ 
>  static void ssl_io_input_add_filter(ssl_filter_ctx_t *filter_ctx, conn_rec *c,
>                                      SSL *ssl)
>  {
>***************
>*** 1417,1422 ****
>--- 1580,1586 ----
>  {
>      ap_register_input_filter  (ssl_io_filter, ssl_io_filter_input,  NULL, AP_FTYPE_CONNECTION + 5);
>      ap_register_output_filter (ssl_io_filter, ssl_io_filter_output, NULL, AP_FTYPE_CONNECTION + 5);
>+     ap_register_input_filter  (ssl_buff_filter, ssl_buff_filter_input,  NULL, AP_FTYPE_PROTOCOL - 1);
>      return;
>  }
>

Actions: View | Diff

Attachments on bug 12355: 9626 | 11681 | 11736 | 11745 | 16491 | 16495