Bug 54222 - ServerTokens checking is not complete
Summary: ServerTokens checking is not complete
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Core (show other bugs)
Version: 2.4.3
Hardware: PC Linux
: P2 minor (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords: FixedInTrunk, PatchAvailable
Depends on:
Blocks:
 
Reported: 2012-11-28 23:39 UTC by Jackie Zhang
Modified: 2012-11-29 00:31 UTC (History)
1 user (show)



Attachments
"harmless" patch which add a log message (740 bytes, patch)
2012-11-28 23:39 UTC, Jackie Zhang
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jackie Zhang 2012-11-28 23:39:02 UTC
Created attachment 29650 [details]
"harmless" patch which add a log message

Hi, 

This's a configuration related patch. Basically for the "ServerTokens" config directive, any random string will be regarded as the "Full" option. This bugged me when my input has typos, e.g., 

ServerTokens Mionr

What the patch does is to check whether the user input matches any option keyword, and prints out a log message to notify users if their input does not match any keyword. It still uses the "Full" option if none are matched so that it won't affect legacy systems, but only provide verbosity.

Thanks,
Jackie
Comment 1 Eric Covener 2012-11-29 00:15:59 UTC
thanks for the report. I think we should fail startup here though even in 2.4.x
Comment 2 Jackie Zhang 2012-11-29 00:26:27 UTC
(In reply to comment #1)
> thanks for the report. I think we should fail startup here though even in
> 2.4.x

Thank you, Eric. 

My concern for failing startup is that it may be inconsistent with the old system behavior, and may cause complaints.

I'm fine if httpd uses "Full" and let me know its decision. Afterall, it won't cause severe problems.  

If you need the fail startup patch, please let me know.