the implementation matches the comments. (Note: The current virtual
hosting code does case-insensitive host matching, so this fix is useful
mostly to help ensure that custom modules and any future vhosting code
don't get tripped up by case-sensitivity issues.)
Submitted by: Perry Harrington <pedward@webcom.com>
Reviewed by: Brian Pane
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95866 13f79535-47bb-0310-9956-ffa450edef68
Previously, request that sent:
GET / HTTP/1.1
Host:
would get a 400. RFC 2616 specifically allows for a "blank" host field.
The read_request code properly handled this, but the fix_hostname in
vhost.c would cause the 400. Now, simply return in fix_hostname when
we see a blank hostname rather than erroring out.
PR: 7441
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94655 13f79535-47bb-0310-9956-ffa450edef68
There were a couple of bogus IPv4-specific comparisons which prevented
the data structures from being built correctly in ap_fini_vhost_config().
One of these (INADDR_ANY) can be easily rewritten to work with IPv6. The
other (DEFAULT_VHOST_ADDR) isn't necessary for IPv6. Note that this is
because we don't support the various flavors of _default_ that
Apache-1.3+KAME-patch supports.
PR: 8118
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92054 13f79535-47bb-0310-9956-ffa450edef68
The first step is to remove the socket from the conn_rec,
the server now lives in a context that is passed to the
core's input and output filters. This forces us to be very
careful when adding calls that use the socket directly,
because the socket isn't available in most locations.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91887 13f79535-47bb-0310-9956-ffa450edef68
referential uri's, and updated the manual accordingly.
XXX There is a kludge here: XXX the port number from the client's Host:
header used to be tossed, and there is no clean mechanism to pass it
(in the request_rec) to other consumers. As the unparsed_uri structure
(which could avoid repeated parsing of URI, Host, Port etc) seems to be
mostly unused currently, I used that to pass the port.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91798 13f79535-47bb-0310-9956-ffa450edef68
arbitrarily and inconsistently wrap lines. I apologise ahead of time for
mucking up the cvslog, but this needed to be done.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91792 13f79535-47bb-0310-9956-ffa450edef68
apr_parse_addr_port() assumes that if there is just a number it must
be a port, but here we need to assume that it is a host.
todo: pass a flag into apr_parse_addr_port()? unclear whether or
not that is cleaner overall
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90734 13f79535-47bb-0310-9956-ffa450edef68
INLINE. Now, we just have APR_INLINE and APR_HAS_INLINE.
- convert all usage
- note that apr_general messed up the defn (compared to apr.h)
- simplify the inline decision logic in os/*/os.h
- simplify the code in os/*/os-inline.c
*) toss ap_checkconv() [no longer used]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88298 13f79535-47bb-0310-9956-ffa450edef68
- explicitly include apr_lib.h since ap_config.h doesn't
- use apr_want.h where possible
- use APR_HAVE_ where possible
- remove some unneeded includes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88060 13f79535-47bb-0310-9956-ffa450edef68
are sensitive to the filesystem are rejected, i.e. forward slashes,
backward slashes, and sequences of more than one dot. This supports iDNS
without compromising the safety of mass vhosting.
PR: 6635
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87803 13f79535-47bb-0310-9956-ffa450edef68
. use apr_parse_addr_port() so we handle IPv6 addresses on
NameVirtualHost and <VirtualHost > directives
. don't hardcode AF_INET when a hostname or IP address was
coded
dump_a_vhost()
. check the address family before looking for certain IPv4
addresses
ap_fini_vhost_config()
. pass apr_status_t to ap_log_error() after apr_getnameinfo()
fails
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87377 13f79535-47bb-0310-9956-ffa450edef68
code by a small (okay, tiny) amount and lets IPv6 numeric address
strings be passed through.
Obtained from: the idea is from the KAME IPv6 patch for Apache 1.3
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87370 13f79535-47bb-0310-9956-ffa450edef68
representation of the bound address to something which handles
IPv6; this also allows us to switch to APR resolver routines
in places instead of calling gethostbyname() and gethostbyaddr()
directly
Issues remaining with this set of changes:
1) apr_snprintf()'s %pA formatting needs to change to take
apr_sockaddr_t * instead of sockaddr_in * -OR- just get rid
of that type of formatting
2) apr_get_inaddr() is no longer used and should be removed
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87363 13f79535-47bb-0310-9956-ffa450edef68
the hostname is interpolated into the filename, we need to be sure
that the result of interpolation doesn't expose parts of the
filesystem that should be private. This was done by checking the
syntax of the Host: header according to RFC 1123 and RFC 952. However,
many people have broken configurations that violate this syntax
(frequently because they use underscores in their names), and it also
doesn't accommodate the current effort to internationalize the DNS. I
don't think the former is a compelling reason to relax the syntax
checking, but the latter does justify this change.
The only RFC on internationalized DNS at the moment is RFC 2825 which
is an introduction to how difficult the whole thing is; the other
official documentation is a pile of Internet Drafts produced by the
Internationalized Domain Names Working Group of the IETF (with names
starting "draft-ietf-idn-"). However they have very little to say
about URIs, and the current Internet draft about internationalized
URIs (draft-masinter-url-i18n-05) has very little to say about
hostnames :-( On the gripping hand there is some useful information at
<http://www.apng.org/idns/> where there is some iDNS testbed work
going on. The basic idea is that although the format of the hostnames
in the DNS itself remains compatible with RFC 1123, the actual
hostname presented to the resolver is in UTF8, and therefore the
hostname in the URL and Host: header is also in UTF8.
This change relaxes the checking so that only character sequences that
are sensitive to the filesystem are rejected, i.e. forward slashes,
backward slashes, and sequences of more than one dot.
PR: 6635
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86898 13f79535-47bb-0310-9956-ffa450edef68
Alter http_vhost.c to use the new apr_get_inaddr fucntion. Old code is still
there just in case it breaks. can someone check it who knows this stuff?
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86890 13f79535-47bb-0310-9956-ffa450edef68
functions to use it. This is onyl the start and I'll pause a while before
I continue in case people really hate this. The patch can be backed out and
all evidence will be removed, but I think this makes maintaining/developing
the code easier in the long term.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86870 13f79535-47bb-0310-9956-ffa450edef68
This file will need a lot of work as it's using a lot of "raw" information
from socket structures that won't work with IPv6. Needs to be abstracted out
and use APR instead.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86869 13f79535-47bb-0310-9956-ffa450edef68
security bug in some mass virtual hosting configurations
that can allow a remote attacker to retrieve some files
on the system that should be inaccessible. The problem
occured with requests including the line "Host: ..." --
the last dot is stripped and the remaining ".." then
reveals a parent directory.
Reported by: Peter Christoffersen <pch@mindpass.com>
Message-ID: <8quts6$2el$1@news.inet.tele.dk>
Newsgroups: comp.infosystems.www.servers.unix
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86637 13f79535-47bb-0310-9956-ffa450edef68
