subject:"cvs commit\: apache\-1.3\/src\/main http_config.c http

cvs commit: apache-1.3/src/main http_config.c http_protocol.c

1998-08-09 Thread fielding

fielding98/08/08 23:37:19

  Modified:src  CHANGES
   src/include http_config.h httpd.h
   src/main http_config.c http_protocol.c
  Log:
  Added default limits for various aspects of reading a
  client request to avoid some simple denial of service attacks,
  including limits on maximum request-line size, number of header
  fields, size of any one header field, and size of the request
  message body.
  
  Bumped MMN for addition of limit_req_line, limit_req_fields,
  limit_req_fieldsize and limit_req_body variables to server_rec.
  
  Revision  ChangesPath
  1.1012+6 -0  apache-1.3/src/CHANGES
  
  Index: CHANGES
  ===
  RCS file: /home/cvs/apache-1.3/src/CHANGES,v
  retrieving revision 1.1011
  retrieving revision 1.1012
  diff -u -r1.1011 -r1.1012
  --- CHANGES   1998/08/08 13:26:04 1.1011
  +++ CHANGES   1998/08/09 06:37:12 1.1012
  @@ -1,5 +1,11 @@
   Changes with Apache 1.3.2
   
  +  *) SECURITY: Added default limits for various aspects of reading a
  + client request to avoid some simple denial of service attacks,
  + including limits on maximum request-line size, number of header
  + fields, size of any one header field, and size of the request
  + message body.  [Roy Fielding]
  +
 *) Make status module aware of DNS and logging states, even if
STATUS not defined.  [Jim Jagielski]
   
  
  
  
  1.92  +1 -1  apache-1.3/src/include/http_config.h
  
  Index: http_config.h
  ===
  RCS file: /home/cvs/apache-1.3/src/include/http_config.h,v
  retrieving revision 1.91
  retrieving revision 1.92
  diff -u -r1.91 -r1.92
  --- http_config.h 1998/08/06 17:30:23 1.91
  +++ http_config.h 1998/08/09 06:37:15 1.92
  @@ -275,7 +275,7 @@
* handle it back-compatibly, or at least signal an error).
*/
   
  -#define MODULE_MAGIC_NUMBER 19980806
  +#define MODULE_MAGIC_NUMBER 19980808
   #define STANDARD_MODULE_STUFF MODULE_MAGIC_NUMBER, -1, __FILE__, NULL, NULL
   
   /* Generic accessors for other modules to get at their own module-specific
  
  
  
  1.231 +29 -2 apache-1.3/src/include/httpd.h
  
  Index: httpd.h
  ===
  RCS file: /home/cvs/apache-1.3/src/include/httpd.h,v
  retrieving revision 1.230
  retrieving revision 1.231
  diff -u -r1.230 -r1.231
  --- httpd.h   1998/08/06 19:13:52 1.230
  +++ httpd.h   1998/08/09 06:37:16 1.231
  @@ -541,6 +541,28 @@
   #define REQUEST_CHUNKED_DECHUNK  2
   #define REQUEST_CHUNKED_PASS 3
   
  +/* Limits on the size of various request items.  These limits primarily
  + * exist to prevent simple denial-of-service attacks on a server based
  + * on misuse of the protocol.  The recommended values will depend on the
  + * nature of the server resources -- CGI scripts and database backends
  + * might require large values, but most servers could get by with much
  + * smaller limits than we use below.  These limits can be reset on a
  + * per-server basis using the LimitRequestLine, LimitRequestFields,
  + * LimitRequestFieldSize, and LimitRequestBody configuration directives.
  + */
  +#ifndef DEFAULT_LIMIT_REQUEST_LINE
  +#define DEFAULT_LIMIT_REQUEST_LINE 8190
  +#endif /* default limit on bytes in Request-Line (Method+URI+HTTP-version) */
  +#ifndef DEFAULT_LIMIT_REQUEST_FIELDS
  +#define DEFAULT_LIMIT_REQUEST_FIELDS 100
  +#endif /* default limit on number of header fields */
  +#ifndef DEFAULT_LIMIT_REQUEST_FIELDSIZE
  +#define DEFAULT_LIMIT_REQUEST_FIELDSIZE 8190
  +#endif /* default limit on bytes in any one field  */
  +#ifndef DEFAULT_LIMIT_REQUEST_BODY
  +#define DEFAULT_LIMIT_REQUEST_BODY 33554432ul
  +#endif /* default limit on bytes in request body   */
  +
   /* Things which may vary per file-lookup WITHIN a request ---
* e.g., state of MIME config.  Basically, the name of an object, info
* about the object, and any other info we may ahve which may need to
  @@ -821,9 +843,14 @@
   
   array_header *names; /* Normal names for ServerAlias servers */
   array_header *wild_names;/* Wildcarded names for ServerAlias 
servers */
  +
  +uid_t server_uid;/* effective user id when calling exec wrapper 
*/
  +gid_t server_gid;/* effective group id when calling exec wrapper 
*/
   
  -uid_t server_uid;/* effective user id when calling exec 
wrapper */
  -gid_t server_gid;/* effective group id when calling exec 
wrapper */
  +unsigned int  limit_req_line;  /* limit on bytes in Request-Line   */
  +unsigned int  limit_req_fields;/* limit on number of header fields */
  +unsigned long limit_req_fieldsize; /* limit on bytes in any one field  */
  +unsigned long limit_req_body;  /* limit on bytes in request body   */
   };
   
   /* These a

cvs commit: apache-1.3/src/main http_config.c http_protocol.c

1998-09-25 Thread fielding

fielding98/09/25 15:45:01

  Modified:src/main http_config.c http_protocol.c
  Log:
  Fix warnings and add error-notes to HTTP_REQUEST_URI_TOO_LARGE.
  
  Revision  ChangesPath
  1.131 +4 -1  apache-1.3/src/main/http_config.c
  
  Index: http_config.c
  ===
  RCS file: /home/cvs/apache-1.3/src/main/http_config.c,v
  retrieving revision 1.130
  retrieving revision 1.131
  diff -u -r1.130 -r1.131
  --- http_config.c 1998/09/25 15:42:12 1.130
  +++ http_config.c 1998/09/25 22:45:00 1.131
  @@ -1229,7 +1229,10 @@
filename = ap_make_full_path(r->pool, d, w);
f = ap_pcfg_openfile(r->pool, filename);
   }
  -if (f) {
  +if (!access_name[0]) {
  + dc = NULL;
  +}
  +else if (f) {
dc = ap_create_per_dir_config(r->pool);
   
parms.config_file = f;
  
  
  
  1.241 +7 -4  apache-1.3/src/main/http_protocol.c
  
  Index: http_protocol.c
  ===
  RCS file: /home/cvs/apache-1.3/src/main/http_protocol.c,v
  retrieving revision 1.240
  retrieving revision 1.241
  diff -u -r1.240 -r1.241
  --- http_protocol.c   1998/09/25 12:27:05 1.240
  +++ http_protocol.c   1998/09/25 22:45:00 1.241
  @@ -2158,7 +2158,7 @@
case BAD_REQUEST:
ap_bputs("Your browser sent a request that\n", fd);
ap_bputs("this server could not understand.\n", fd);
  - if (error_notes = ap_table_get(r->notes, "error-notes") != NULL) {
  + if ((error_notes = ap_table_get(r->notes, "error-notes")) != NULL) {
ap_bvputs(fd, error_notes, "\n", NULL);
}
break;
  @@ -2195,7 +2195,7 @@
case LENGTH_REQUIRED:
ap_bvputs(fd, "A request of the requested method ", r->method,
  " requires a valid Content-length.\n", NULL);
  - if (error_notes = ap_table_get(r->notes, "error-notes") != NULL) {
  + if ((error_notes = ap_table_get(r->notes, "error-notes")) != NULL) {
ap_bvputs(fd, error_notes, "\n", NULL);
}
break;
  @@ -2238,7 +2238,10 @@
break;
case HTTP_REQUEST_URI_TOO_LARGE:
ap_bputs("The requested URL's length exceeds the capacity\n", fd);
  - ap_bputs("limit for this server.\n", fd);
  + ap_bputs("limit for this server.\n", fd);
  + if ((error_notes = ap_table_get(r->notes, "error-notes")) != NULL) {
  + ap_bvputs(fd, error_notes, "\n", NULL);
  + }
break;
case HTTP_UNSUPPORTED_MEDIA_TYPE:
ap_bputs("The supplied request data is not in a format\n", fd);
  @@ -2263,7 +2266,7 @@
ap_bputs(" and inform them of the time the error occurred,\n", fd);
ap_bputs("and anything you might have done that may have\n", fd);
ap_bputs("caused the error.\n", fd);
  - if (error_notes = ap_table_get(r->notes, "error-notes") != NULL) {
  + if ((error_notes = ap_table_get(r->notes, "error-notes")) != NULL) {
ap_bvputs(fd, error_notes, "\n", NULL);
}
break;

cvs commit: apache-1.3/src/main http_config.c http_protocol.c

cvs commit: apache-1.3/src/main http_config.c http_protocol.c

2 matches

Site Navigation

Mail list logo

Footer information