janl closed pull request #939: Blacklist some config sections from HTTP
PUT/DELETE operations
URL: https://github.com/apache/couchdb/pull/939
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/share/www/script/test/config.js b/share/www/script/test/config.js
index 193aa89bc4..22824b2f06 100644
--- a/share/www/script/test/config.js
+++ b/share/www/script/test/config.js
@@ -208,4 +208,12 @@ couchTests.config = function(debug) {
headers: {"X-Couch-Persist": "false"}
});
TEquals(200, xhr.status, "Reset config whitelist to undefined");
+
+ // Confirm that the blacklist is functional
+ ["daemons", "external", "httpd_design_handlers", "httpd_db_handlers",
"native_query_servers", "os_daemons",
"query_servers"].forEach(function(section) {
+ xhr = CouchDB.request("PUT", "/_config/" + section + "/wohali",{
+ body: "\"rules\""
+ });
+ TEquals(403, xhr.status, "Blacklisted config section " + section);
+ });
};
diff --git a/src/couchdb/couch_httpd_misc_handlers.erl
b/src/couchdb/couch_httpd_misc_handlers.erl
index dbf698c0ac..a284e7a31b 100644
--- a/src/couchdb/couch_httpd_misc_handlers.erl
+++ b/src/couchdb/couch_httpd_misc_handlers.erl
@@ -168,6 +168,7 @@ handle_config_req(#httpd{method='GET', path_parts=[_,
Section, Key]}=Req) ->
handle_config_req(#httpd{method=Method, path_parts=[_, Section, Key]}=Req)
when (Method == 'PUT') or (Method == 'DELETE') ->
ok = couch_httpd:verify_is_server_admin(Req),
+ couch_util:check_config_blacklist(Section),
Persist = couch_httpd:header_value(Req, "X-Couch-Persist") /= "false",
case couch_config:get(<<"httpd">>, <<"config_whitelist">>, null) of
null ->
diff --git a/src/couchdb/couch_util.erl b/src/couchdb/couch_util.erl
index 2509bef929..00530848a7 100644
--- a/src/couchdb/couch_util.erl
+++ b/src/couchdb/couch_util.erl
@@ -30,12 +30,33 @@
-export([with_db/2]).
-export([rfc1123_date/0, rfc1123_date/1]).
-export([find_in_binary/2]).
+-export([check_config_blacklist/1]).
-include("couch_db.hrl").
% arbitrarily chosen amount of memory to use before flushing to disk
-define(FLUSH_MAX_MEM, 10000000).
+-define(BLACKLIST_CONFIG_SECTIONS, [
+ <<"daemons">>,
+ <<"external">>,
+ <<"httpd_design_handlers">>,
+ <<"httpd_db_handlers">>,
+ <<"httpd_global_handlers">>,
+ <<"native_query_servers">>,
+ <<"os_daemons">>,
+ <<"query_servers">>
+]).
+
+check_config_blacklist(Section) ->
+ case lists:member(Section, ?BLACKLIST_CONFIG_SECTIONS) of
+ true ->
+ Msg = <<"Config section blacklisted for modification over HTTP API.">>,
+ throw({forbidden, Msg});
+ _ ->
+ ok
+ end.
+
priv_dir() ->
case code:priv_dir(couch) of
{error, bad_name} ->
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
