diff options
Diffstat (limited to '')
-rw-r--r-- | debian/patches/0055-CVE-2023-25690-Regression-1.patch | 131 |
1 files changed, 0 insertions, 131 deletions
diff --git a/debian/patches/0055-CVE-2023-25690-Regression-1.patch b/debian/patches/0055-CVE-2023-25690-Regression-1.patch deleted file mode 100644 index d57a71c..0000000 --- a/debian/patches/0055-CVE-2023-25690-Regression-1.patch +++ /dev/null @@ -1,131 +0,0 @@ -From 815cf05bb2d506f44a35b65e93de393d5410c779 Mon Sep 17 00:00:00 2001 -From: Yann Ylavic <ylavic@apache.org> -Date: Tue, 1 Mar 2022 13:26:03 +0000 -Subject: [PATCH] mod_rewrite: URI-to-filename rewrites to transparently handle - proxy mappings. - -Since mod_rewrite works on r->filename and mod_proxy's mapping=servlet|decoded -sets its "proxy:" URL there at pre_translate_name stage (i.e. before -mod_rewrite's translate_name hook), users have to match the full proxy URL in -their RewriteRules to handle proxy mappings, which is not very friendly nor -consistent with how proxy non-mapping requests have to be matched. - -Let's use r->filename = r->uri in hook_uri2file() for pre_trans'ed reverse -proxy requests, and restore r->filename to its original value if the request -was finally DECLINED (like in hook_fixup). - -But if a proxy mapping gets rewritten to a non-proxy request, clear any -proxy specific r->proxyreq or r->handler so that processing continues -accordingly. - - - -git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1898509 13f79535-47bb-0310-9956-ffa450edef68 ---- - changes-entries/rewrite_vs_proxy_mapping.txt | 2 ++ - modules/mappers/mod_rewrite.c | 38 +++++++++++++++----- - 2 files changed, 32 insertions(+), 8 deletions(-) - create mode 100644 changes-entries/rewrite_vs_proxy_mapping.txt - -Index: apache2/changes-entries/rewrite_vs_proxy_mapping.txt -=================================================================== ---- /dev/null -+++ apache2/changes-entries/rewrite_vs_proxy_mapping.txt -@@ -0,0 +1,2 @@ -+ *) mod_rewrite: Make URI-to-filename rewrites work transparently with -+ proxy early mappings (mapping=servlet/decoded). [Yann Ylavic] -\ No newline at end of file -Index: apache2/modules/mappers/mod_rewrite.c -=================================================================== ---- apache2.orig/modules/mappers/mod_rewrite.c -+++ apache2/modules/mappers/mod_rewrite.c -@@ -4575,6 +4575,7 @@ static int hook_uri2file(request_rec *r) - unsigned int port; - int rulestatus; - void *skipdata; -+ char *ofilename; - const char *oargs; - - /* -@@ -4628,7 +4629,10 @@ static int hook_uri2file(request_rec *r) - /* - * remember the original query string for later check, since we don't - * want to apply URL-escaping when no substitution has changed it. -+ * also, we'll restore original r->filename if we decline this -+ * request. - */ -+ ofilename = r->filename; - oargs = r->args; - - /* -@@ -4671,13 +4675,15 @@ static int hook_uri2file(request_rec *r) - apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URI, var); - - if (!(saved_rulestatus = apr_table_get(r->notes,"mod_rewrite_rewritten"))) { -- /* if filename was not initially set, -- * we start with the requested URI -+ /* If r->filename was not initially set or if it's a pre_trans reverse -+ * "proxy:" scheme, we start with the requested URI. - */ -- if (r->filename == NULL) { -+ if (r->filename == NULL || (r->proxyreq == PROXYREQ_REVERSE && -+ strncmp(r->filename, "proxy:", 6) == 0)) { - r->filename = apr_pstrdup(r->pool, r->uri); -- rewritelog((r, 2, NULL, "init rewrite engine with requested uri %s", -- r->filename)); -+ rewritelog((r, 2, NULL, "init rewrite engine with requested uri " -+ "%s. Original filename = %s", r->filename, -+ ((ofilename) ? ofilename : "n/a"))); - } - else { - rewritelog((r, 2, NULL, "init rewrite engine with passed filename " -@@ -4701,6 +4707,7 @@ static int hook_uri2file(request_rec *r) - if (rulestatus) { - unsigned skip; - apr_size_t flen; -+ int to_proxyreq; - - if (r->args && *(ap_scan_vchar_obstext(r->args))) { - /* -@@ -4721,7 +4728,19 @@ static int hook_uri2file(request_rec *r) - } - - flen = r->filename ? strlen(r->filename) : 0; -- if (flen > 6 && strncmp(r->filename, "proxy:", 6) == 0) { -+ to_proxyreq = (flen > 6 && strncmp(r->filename, "proxy:", 6) == 0); -+ -+ /* If a pre_trans reverse "proxy:" filename gets rewritten to -+ * a non-proxy one this is not a proxy request anymore. -+ */ -+ if (r->proxyreq == PROXYREQ_REVERSE && !to_proxyreq) { -+ if (r->handler && strcmp(r->handler, "proxy-server") == 0) { -+ r->handler = NULL; -+ } -+ r->proxyreq = PROXYREQ_NONE; -+ } -+ -+ if (to_proxyreq) { - /* it should be go on as an internal proxy request */ - - /* check if the proxy module is enabled, so -@@ -4888,7 +4907,9 @@ static int hook_uri2file(request_rec *r) - } - } - else { -- rewritelog((r, 1, NULL, "pass through %s", r->filename)); -+ rewritelog((r, 1, NULL, "pass through %s, filename %s", -+ r->filename, ((ofilename) ? ofilename : "n/a"))); -+ r->filename = ofilename; - return DECLINED; - } - } -@@ -5234,7 +5255,8 @@ static int hook_fixup(request_rec *r) - } - } - else { -- rewritelog((r, 1, dconf->directory, "pass through %s", r->filename)); -+ rewritelog((r, 1, dconf->directory, "pass through %s, filename %s", -+ r->filename, ((ofilename) ? ofilename : "n/a"))); - r->filename = ofilename; - return DECLINED; - } |