Bug 64365 - ProxyFCGISetEnvIf does not evaluate condition when unsetting variables.
Summary: ProxyFCGISetEnvIf does not evaluate condition when unsetting variables.
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_proxy_fcgi (show other bugs)
Version: 2.4.43
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Keywords: FixedInTrunk, PatchAvailable
Depends on:
Reported: 2020-04-18 09:10 UTC by Michael König
Modified: 2020-07-05 13:00 UTC (History)
0 users

A patch that appears to fix the problem for me (2.31 KB, patch)
2020-04-18 09:10 UTC, Michael König
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Michael König 2020-04-18 09:10:38 UTC
Created attachment 37183 [details]
A patch that appears to fix the problem for me

The ProxyFCGISetEnvIf directive allows overriding variables sent to FastCGI servers. It comes in two forms:
* Setting   variables, taking 3 arguments: ProxyFCGISetEnvIf <condition> <varname> <value>
* Unsetting variables, taking 2 arguments: ProxyFCGISetEnvIf <condition> !<varname>

The Bug
When using the directive's second form, the variable is always unset, ignoring the condition.

Steps to Reproduce
1. Try unsetting a FastCGI variable conditionally, or (for purpose of demonstration) even with a condition of "false".
        ProxyFCGISetEnvIf "false" !SERVER_SOFTWARE
        ProxyFCGISetEnvIf "%{QUERY_STRING} =~ /hello/" !SERVER_SOFTWARE
        ProxyFCGISetEnvIf "-z reqenv('cloudflare')" !HTTP_CF_CONNECTING_IP
2. Observe the specified variables being unset even if the condition evaluates to false.
    Example PHP script:
        <?php var_dump($_SERVER['SERVER_SOFTWARE']);
    Example output:
    Expected output:
        string(6) "Apache"
Note that the example directive conditions above work as expected when used with setting instead of unsetting variables.

Proposed Solution
I looked into the code (functions "cmd_setenv" and "fix_cgivars" in "modules/proxy/mod_proxy_fcgi.c") and it appears the condition is correctly parsed but during request handling unsetting takes precedence over even evaluating the condition, see line 178.

I created a small patch (see attachment) which appears to fix the problem for me, but it would be good if someone familiar with the code took a look.

As far as I can tell, both the problem and my patch apply to all versions of httpd since the ProxyFCGISetEnvIf directive was introduced in version 2.4.26, including the current development version.
Comment 1 Millay Moede 2020-04-24 06:17:57 UTC
Apache ia mainly using as the local server for testing the website. but sometimes it gives error then you can restart the apache sever. For instant support related to the email please visit https://www.emailexpert247.com/ or dial Email Support Number for the best solution.
Comment 2 Eric Covener 2020-05-16 18:30:28 UTC
Thanks for the report and patch Michael, I committed with some additions in r1877829 and will propose for backport.
Comment 3 Graham Leggett 2020-07-05 13:00:08 UTC
Backported to v2.4.44.