Merge r1832280 from trunk: (8912df6d) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

CHANGES

+5 −0

Original line number	Diff line number	Diff line
		-- coding: utf-8 --
		Changes with Apache 2.4.34

		*) mod_proxy: Fix a corner case where the ProxyPassReverseCookieDomain or
		ProxyPassReverseCookiePath directive could fail to update correctly
		'domain=' or 'path=' in the 'Set-Cookie' header. PR 61560.
		[Christophe Jaillet]

		*) mod_ratelimit: fix behavior when proxing content. PR 62362.
		[Luca Toscano, Yann Ylavic]

modules/proxy/proxy_util.c

+54 −48

Original line number	Diff line number	Diff line
		@@ -959,7 +959,7 @@ PROXY_DECLARE(const char ) ap_proxy_cookie_reverse_map(request_rec r,
		int i;
		int ddiff = 0;
		int pdiff = 0;
		char *ret;
		char tmpstr, tmpstr_orig, token, last, *ret;

		if (r->proxyreq != PROXYREQ_REVERSE) {
		return str;
		@@ -969,12 +969,18 @@ PROXY_DECLARE(const char ) ap_proxy_cookie_reverse_map(request_rec r,
		* Find the match and replacement, but save replacing until we've done
		* both path and domain so we know the new strlen
		*/
		if ((pathp = apr_strmatch(ap_proxy_strmatch_path, str, len)) != NULL) {
		pathp += 5;
		poffs = pathp - str;
		pathe = ap_strchr_c(pathp, ';');
		l1 = pathe ? (pathe - pathp) : strlen(pathp);
		pathe = pathp + l1 ;
		tmpstr_orig = tmpstr = apr_pstrdup(r->pool, str);
		while ((token = apr_strtok(tmpstr, ";", &last))) {
		/* skip leading spaces */
		while (apr_isspace(*token)) {
		++token;
		}

		if (ap_cstr_casecmpn("path=", token, 5) == 0) {
		pathp = token + 5;
		poffs = pathp - tmpstr_orig;
		l1 = strlen(pathp);
		pathe = str + poffs + l1;
		if (conf->interpolate_env == 1) {
		ent = (struct proxy_alias *)rconf->cookie_paths->elts;
		}
		@@ -990,13 +996,11 @@ PROXY_DECLARE(const char ) ap_proxy_cookie_reverse_map(request_rec r,
		}
		}
		}

		if ((domainp = apr_strmatch(ap_proxy_strmatch_domain, str, len)) != NULL) {
		domainp += 7;
		doffs = domainp - str;
		domaine = ap_strchr_c(domainp, ';');
		l1 = domaine ? (domaine - domainp) : strlen(domainp);
		domaine = domainp + l1;
		else if (ap_cstr_casecmpn("domain=", token, 7) == 0) {
		domainp = token + 7;
		doffs = domainp - tmpstr_orig;
		l1 = strlen(domainp);
		domaine = str + doffs + l1;
		if (conf->interpolate_env == 1) {
		ent = (struct proxy_alias *)rconf->cookie_domains->elts;
		}
		@@ -1013,6 +1017,10 @@ PROXY_DECLARE(const char ) ap_proxy_cookie_reverse_map(request_rec r,
		}
		}

		/* Iterate the remaining tokens using apr_strtok(NULL, ...) */
		tmpstr = NULL;
		}

		if (newpath) {
		ret = apr_palloc(r->pool, len + pdiff + ddiff + 1);
		l1 = strlen(newpath);
		@@ -1021,14 +1029,14 @@ PROXY_DECLARE(const char ) ap_proxy_cookie_reverse_map(request_rec r,
		if (doffs > poffs) {
		memcpy(ret, str, poffs);
		memcpy(ret + poffs, newpath, l1);
		memcpy(ret + poffs + l1, pathe, domainp - pathe);
		memcpy(ret + poffs + l1, pathe, str + doffs - pathe);
		memcpy(ret + doffs + pdiff, newdomain, l2);
		strcpy(ret + doffs + pdiff + l2, domaine);
		}
		else {
		memcpy(ret, str, doffs) ;
		memcpy(ret + doffs, newdomain, l2);
		memcpy(ret + doffs + l2, domaine, pathp - domaine);
		memcpy(ret + doffs + l2, domaine, str + poffs - domaine);
		memcpy(ret + poffs + ddiff, newpath, l1);
		strcpy(ret + poffs + ddiff + l1, pathe);
		}
		@@ -1039,9 +1047,8 @@ PROXY_DECLARE(const char ) ap_proxy_cookie_reverse_map(request_rec r,
		strcpy(ret + poffs + l1, pathe);
		}
		}
		else {
		if (newdomain) {
		ret = apr_palloc(r->pool, len + pdiff + ddiff + 1);
		else if (newdomain) {
		ret = apr_palloc(r->pool, len + ddiff + 1);
		l2 = strlen(newdomain);
		memcpy(ret, str, doffs);
		memcpy(ret + doffs, newdomain, l2);
		@@ -1050,7 +1057,6 @@ PROXY_DECLARE(const char ) ap_proxy_cookie_reverse_map(request_rec r,
		else {
		ret = (char )str; / no change */
		}
		}

		return ret;
		}