> On 07/19/2006 10:25 PM, William A. Rowe, Jr. wrote:
>>> Ruediger Pluem wrote:
>>
>>> On 19.07.2006 17:38, William A. Rowe, Jr. wrote:
>>>
>>>> Actually, does this handle the nested case (more than one level depth?)
>>>
>>>
>>> Which case exactly do you have in mind?
>>
>>
>> I have to investigate which modules can cause redirects similar to
>> mod_dir's
>> internal redirect, but the gist is <Directory /webcontent>, user accesses
>> /one/document.html, user is served /two/document.html from a redirect,
>> where
>> document.html in /webcontent/two/ is our evil symlink.
>>
>> Just to be sure that we are on the same page:
As I have not heard any further comments and the tests submitted by Kanagasabai
are passed I committed the patch to trunk (r423886). Please find attached
the flavours of this patch for 2.0.58 and 2.2.2.
Please let me know if you think that I should place them into the patches
directory for 2.0.58 / 2.2.2.
Regards
RĂ¼diger
--- server/request.c 2006-04-24 19:12:21.000000000 +0200
+++ server/request.c 2006-07-20 14:34:33.000000000 +0200
@@ -558,17 +558,50 @@
&& (!r->path_info || !*r->path_info)))
&& (cache->dir_conf_tested == sec_ent)
&& (strcmp(entry_dir, cache->cached) == 0)) {
+ int familar = 0;
+
/* Well this looks really familiar! If our end-result (per_dir_result)
* didn't change, we have absolutely nothing to do :)
* Otherwise (as is the case with most dir_merged/file_merged requests)
* we must merge our dir_conf_merged onto this new r->per_dir_config.
*/
if (r->per_dir_config == cache->per_dir_result) {
- return OK;
+ familar = 1;
}
if (r->per_dir_config == cache->dir_conf_merged) {
r->per_dir_config = cache->per_dir_result;
+ familar = 1;
+ }
+
+ if (familar) {
+ apr_finfo_t thisinfo;
+ int res;
+ allow_options_t opts;
+ core_dir_config *this_dir;
+
+ this_dir = ap_get_module_config(r->per_dir_config, &core_module);
+ opts = this_dir->opts;
+ /*
+ * If Symlinks are allowed in general we do not need the following
+ * check.
+ */
+ if (!(opts & OPT_SYM_LINKS)) {
+ apr_stat(&thisinfo, r->filename,
+ APR_FINFO_MIN | APR_FINFO_NAME | APR_FINFO_LINK,
+ r->pool);
+ if (thisinfo.filetype == APR_LNK) {
+ /* Is this a possibly acceptable symlink? */
+ if ((res = resolve_symlink(r->filename, &thisinfo,
+ opts, r->pool)) != OK) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Symbolic link not allowed "
+ "or link target not accessible: %s",
+ r->filename);
+ return r->status = res;
+ }
+ }
+ }
return OK;
}
--- server/request.c 2006-04-22 03:53:06.000000000 +0200
+++ server/request.c 2006-07-20 14:34:56.000000000 +0200
@@ -562,17 +562,50 @@
&& (!r->path_info || !*r->path_info)))
&& (cache->dir_conf_tested == sec_ent)
&& (strcmp(entry_dir, cache->cached) == 0)) {
+ int familar = 0;
+
/* Well this looks really familiar! If our end-result (per_dir_result)
* didn't change, we have absolutely nothing to do :)
* Otherwise (as is the case with most dir_merged/file_merged requests)
* we must merge our dir_conf_merged onto this new r->per_dir_config.
*/
if (r->per_dir_config == cache->per_dir_result) {
- return OK;
+ familar = 1;
}
if (r->per_dir_config == cache->dir_conf_merged) {
r->per_dir_config = cache->per_dir_result;
+ familar = 1;
+ }
+
+ if (familar) {
+ apr_finfo_t thisinfo;
+ int res;
+ allow_options_t opts;
+ core_dir_config *this_dir;
+
+ this_dir = ap_get_module_config(r->per_dir_config, &core_module);
+ opts = this_dir->opts;
+ /*
+ * If Symlinks are allowed in general we do not need the following
+ * check.
+ */
+ if (!(opts & OPT_SYM_LINKS)) {
+ apr_stat(&thisinfo, r->filename,
+ APR_FINFO_MIN | APR_FINFO_NAME | APR_FINFO_LINK,
+ r->pool);
+ if (thisinfo.filetype == APR_LNK) {
+ /* Is this a possibly acceptable symlink? */
+ if ((res = resolve_symlink(r->filename, &thisinfo,
+ opts, r->pool)) != OK) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Symbolic link not allowed "
+ "or link target not accessible: %s",
+ r->filename);
+ return r->status = res;
+ }
+ }
+ }
return OK;
}
