packages/httpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
httpd/backport-Merge-r1589986-r1589995-r1633528-from-trunk.patch
chengyechun b981a203d9 change default value of HeartbeatMaxServers 
fix setting and comparison of IPs fileds
avoid voerflow in case of indecently large session
make ap_escape_quotes() work correctly
fix lua_request with cast first
Handle children killed pathologically
q
2022-12-14 10:54:40 +08:00

63 lines
2.0 KiB
Diff
Raw Blame History

From 73ce13be5aa9ae541472bc6a8a2f7de8dd2db34 Mon Sep 17 00:00:00 2001
From: Christophe Jaillet <jailletc36@apache.org>
Date: Sat, 19 Feb 2022 13:47:02 UTC
Subject: [PATCH] Merge r1589986 r1589985 r1633528 from trunk
*) Add the ldap function to the expression API, allowing ldap filters
and distinguished names based on expression to be excaped correctly
to guared against LDAP injection.
Conflict:NA
Reference:https://github.com/apache/httpd/commit/73ce13be5aa9ae5414772bc6a8a2f7de8dd2db34
---
server/util_expr_eval.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/server/util_expr_eval.c b/server/util_expr_eval.c
index 2e031d0..75295ba 100644
--- a/server/util_expr_eval.c
+++ b/server/util_expr_eval.c
@@ -32,6 +32,10 @@
#include "apr_fnmatch.h"
#include "apr_base64.h"
#include "apr_sha1.h"
+#include "apr_version.h"
+#if APR_VERSION_AT_LEAST(1,5,0)
+#include "apr_escape.h"
+#endif
#include <limits.h> /* for INT_MAX */
@@ -1087,9 +1091,16 @@ static const char *sha1_func(ap_expr_eval_ctx_t *ctx, const void *data,
static const char *md5_func(ap_expr_eval_ctx_t *ctx, const void *data,
const char *arg)
{
- return ap_md5(ctx->p, (const unsigned char *)arg);
+ return ap_md5(ctx->p, (const unsigned char *)arg);
}
+#if APR_VERSION_AT_LEAST(1,6,0)
+static const char *ldap_func(ap_expr_eval_ctx_t *ctx, const void *data,
+ const char *arg)
+{
+ return apr_pescape_ldap(ctx->p, arg, APR_ESCAPE_STRING, APR_ESCAPE_LDAP_ALL);
+}
+#endif
#define MAX_FILE_SIZE 10*1024*1024
static const char *file_func(ap_expr_eval_ctx_t *ctx, const void *data,
@@ -1667,6 +1678,9 @@ static const struct expr_provider_single string_func_providers[] = {
{ unbase64_func, "unbase64", NULL, 0 },
{ sha1_func, "sha1", NULL, 0 },
{ md5_func, "md5", NULL, 0 },
+#if APR_VERSION_AT_LEAST(1,6,0)
+ { ldap_func, "ldap", NULL, 0 },
+#endif
{ NULL, NULL, NULL}
};
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink