| [2469] | 1 | From c9e5769ec7163cadd44a1b1a75a12a75a5a1db58 Mon Sep 17 00:00:00 2001 |
|---|
| [2422] | 2 | From: Alexander Chernyakhovsky <achernya@mit.edu> |
|---|
| 3 | Date: Fri, 3 May 2013 21:39:17 -0400 |
|---|
| [2469] | 4 | Subject: [PATCH] Prevent mod_status from taking effect in .htaccess files |
|---|
| [2422] | 5 | |
|---|
| 6 | Introduce a directive to the Apache configuration that is only |
|---|
| 7 | permitted in a directory context, called "PermitStatusHandler", to |
|---|
| 8 | prevent users from enabling mod_status from their .htaccess files. |
|---|
| 9 | |
|---|
| 10 | Signed-off-by: Quentin Smith <quentin@mit.edu> |
|---|
| 11 | Signed-off-by: Geoffrey Thomas <geofft@mit.edu> |
|---|
| 12 | --- |
|---|
| [2469] | 13 | modules/generators/mod_status.c | 33 +++++++++++++++++++++++++++++---- |
|---|
| [2439] | 14 | 1 file changed, 29 insertions(+), 4 deletions(-) |
|---|
| [2422] | 15 | |
|---|
| 16 | diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c |
|---|
| [2469] | 17 | index fe832b3..92a6f69 100644 |
|---|
| [2422] | 18 | --- a/modules/generators/mod_status.c |
|---|
| 19 | +++ b/modules/generators/mod_status.c |
|---|
| [2439] | 20 | @@ -103,6 +103,27 @@ APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ap, STATUS, int, status_hook, |
|---|
| [2422] | 21 | static pid_t child_pid; |
|---|
| 22 | #endif |
|---|
| 23 | |
|---|
| 24 | +typedef struct { |
|---|
| 25 | + int permit_status_handler; |
|---|
| 26 | +} status_config_rec; |
|---|
| 27 | + |
|---|
| 28 | +static void *create_status_dir_config(apr_pool_t *p, char *d) |
|---|
| 29 | +{ |
|---|
| 30 | + status_config_rec *conf = apr_pcalloc(p, sizeof(*conf)); |
|---|
| 31 | + conf->permit_status_handler = 0; |
|---|
| 32 | + return conf; |
|---|
| 33 | +} |
|---|
| 34 | + |
|---|
| 35 | +static const command_rec status_module_cmds[] = |
|---|
| 36 | +{ |
|---|
| 37 | + AP_INIT_FLAG("PermitStatusHandler", ap_set_flag_slot, |
|---|
| 38 | + (void *)APR_OFFSETOF(status_config_rec, permit_status_handler), |
|---|
| 39 | + ACCESS_CONF, |
|---|
| 40 | + "As a security measure, only permit status handlers where this flag " |
|---|
| 41 | + "is set. Only legal in directory context, not .htaccess."), |
|---|
| 42 | + {NULL} |
|---|
| 43 | +}; |
|---|
| 44 | + |
|---|
| 45 | /* Format the number of bytes nicely */ |
|---|
| 46 | static void format_byte_out(request_rec *r, apr_off_t bytes) |
|---|
| 47 | { |
|---|
| [2439] | 48 | @@ -207,8 +228,12 @@ static int status_handler(request_rec *r) |
|---|
| [2422] | 49 | int times_per_thread; |
|---|
| 50 | #endif |
|---|
| 51 | |
|---|
| 52 | - if (strcmp(r->handler, STATUS_MAGIC_TYPE) && strcmp(r->handler, |
|---|
| 53 | - "server-status")) { |
|---|
| 54 | + status_config_rec *conf = ap_get_module_config(r->per_dir_config, |
|---|
| 55 | + &status_module); |
|---|
| 56 | + |
|---|
| 57 | + if ((strcmp(r->handler, STATUS_MAGIC_TYPE) && |
|---|
| 58 | + strcmp(r->handler, "server-status")) || |
|---|
| 59 | + !conf->permit_status_handler) { |
|---|
| 60 | return DECLINED; |
|---|
| 61 | } |
|---|
| 62 | |
|---|
| [2469] | 63 | @@ -948,10 +973,10 @@ static void register_hooks(apr_pool_t *p) |
|---|
| [2422] | 64 | AP_DECLARE_MODULE(status) = |
|---|
| 65 | { |
|---|
| 66 | STANDARD20_MODULE_STUFF, |
|---|
| 67 | - NULL, /* dir config creater */ |
|---|
| 68 | + create_status_dir_config, /* dir config creater */ |
|---|
| 69 | NULL, /* dir merger --- default is to override */ |
|---|
| 70 | NULL, /* server config */ |
|---|
| 71 | NULL, /* merge server config */ |
|---|
| [2439] | 72 | - NULL, /* command table */ |
|---|
| 73 | + status_module_cmds, /* command table */ |
|---|
| 74 | register_hooks /* register_hooks */ |
|---|
| 75 | }; |
|---|
| [2422] | 76 | -- |
|---|
| [2469] | 77 | 1.8.1.2 |
|---|
| [2422] | 78 | |
|---|
