[Bug 62136] New: Satisfy Any has mismatched logging/behavior

Mon, 26 Feb 2018 18:56:11 -0800 

https://bz.apache.org/bugzilla/show_bug.cgi?id=62136

            Bug ID: 62136
           Summary: Satisfy Any has mismatched logging/behavior
           Product: Apache httpd-2
           Version: 2.4.29
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_auth
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

When satisfy any follows a deny/allow rule like the following and hit from an
IP that is NOT allowed it says it blocks it:

AH01797: client denied by server configuration: /var/www/html

But in fact the page is allowed, and the access_log shows a 200 response code.

These are the lines in question:

Order Deny,Allow
Deny from all
Allow from 88.88.88.88
Satisfy any

I would expect that if the apache error_log says it is blocking the request it
really does block the request.

The mismatch behavior makes me wonder if while processing it sees the Deny and
says "This is being blocked" but since the Deny is "satisfied" the Satisfy any
then allows it through?



# httpd -V
Server version: Apache/2.4.29
Server built:   Feb  2 2018 14:40:21
Server's Module Magic Number: 20120211:68
Server loaded:  APR 1.5.2, APR-UTIL 1.5.2
Compiled using: APR 1.5.2, APR-UTIL 1.5.2
Architecture:   64-bit
Server MPM:     event
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses disabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to