Tree - rpms/httpd24-httpd - CentOS Git server

rpms / httpd24-httpd

Blame SOURCES/httpd-2.4.34-CVE-2019-10092.patch

Blob History Raw

		ad4e62	`From c0ce3a729218279a6b4b03aab7a71bb8ae9d6259 Mon Sep 17 00:00:00 2001`
		ad4e62	`From: Eric Covener <covener@apache.org>`
		ad4e62	`Date: Fri, 2 Aug 2019 01:27:37 +0000`
		ad4e62	`Subject: [PATCH] remove request details from error documents (CVE-2019-10092).`
		ad4e62
		ad4e62	`git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1864191 13f79535-47bb-0310-9956-ffa450edef68`
		ad4e62	`---`
		ad4e62	`CHANGES \| 2 +`
		ad4e62	`modules/http/http_protocol.c \| 86 +++++++++++------------------------`
		ad4e62	`modules/proxy/mod_proxy.c \| 7 +--`
		ad4e62	`modules/proxy/mod_proxy_ftp.c \| 5 +-`
		ad4e62	`modules/proxy/proxy_util.c \| 5 +-`
		ad4e62	`5 files changed, 36 insertions(+), 69 deletions(-)`
		ad4e62
		ad4e62	`diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c`
		ad4e62	`index 8543fd1..b85e2f7 100644`
		ad4e62	`--- a/modules/http/http_protocol.c`
		ad4e62	`+++ b/modules/http/http_protocol.c`
		ad4e62	`@@ -1133,13 +1133,10 @@ static const char *get_canned_error_string(int status,`
		ad4e62	`"\">here. \n",`
		ad4e62	`NULL));`
		ad4e62	`case HTTP_USE_PROXY:`
		ad4e62	`- return(apr_pstrcat(p,`
		ad4e62	`- "This resource is only accessible "`
		ad4e62	`- "through the proxy\n",`
		ad4e62	`- ap_escape_html(r->pool, location),`
		ad4e62	`- " \nYou will need to configure "`
		ad4e62	`- "your client to use that proxy. \n",`
		ad4e62	`- NULL));`
		ad4e62	`+ return("This resource is only accessible "`
		ad4e62	`+ "through the proxy\n"`
		ad4e62	`+ " \nYou will need to configure "`
		ad4e62	`+ "your client to use that proxy. \n");`
		ad4e62	`case HTTP_PROXY_AUTHENTICATION_REQUIRED:`
		ad4e62	`case HTTP_UNAUTHORIZED:`
		ad4e62	`return("This server could not verify that you\n"`
		ad4e62	`@@ -1155,34 +1152,20 @@ static const char *get_canned_error_string(int status,`
		ad4e62	`"error-notes",`
		ad4e62	`" \n"));`
		ad4e62	`case HTTP_FORBIDDEN:`
		ad4e62	`- s1 = apr_pstrcat(p,`
		ad4e62	`- "You don't have permission to access ",`
		ad4e62	`- ap_escape_html(r->pool, r->uri),`
		ad4e62	`- "\non this server. \n",`
		ad4e62	`- NULL);`
		ad4e62	`- return(add_optional_notes(r, s1, "error-notes", " \n"));`
		ad4e62	`+ return(add_optional_notes(r, "You don't have permission to access this resource.", "error-notes", " \n"));`
		ad4e62	`case HTTP_NOT_FOUND:`
		ad4e62	`- return(apr_pstrcat(p,`
		ad4e62	`- "The requested URL ",`
		ad4e62	`- ap_escape_html(r->pool, r->uri),`
		ad4e62	`- " was not found on this server. \n",`
		ad4e62	`- NULL));`
		ad4e62	`+ return("The requested URL was not found on this server. \n");`
		ad4e62	`case HTTP_METHOD_NOT_ALLOWED:`
		ad4e62	`return(apr_pstrcat(p,`
		ad4e62	`"The requested method ",`
		ad4e62	`ap_escape_html(r->pool, r->method),`
		ad4e62	`- " is not allowed for the URL ",`
		ad4e62	`- ap_escape_html(r->pool, r->uri),`
		ad4e62	`- ". \n",`
		ad4e62	`+ " is not allowed for this URL. \n",`
		ad4e62	`NULL));`
		ad4e62	`case HTTP_NOT_ACCEPTABLE:`
		ad4e62	`- s1 = apr_pstrcat(p,`
		ad4e62	`- "An appropriate representation of the "`
		ad4e62	`- "requested resource ",`
		ad4e62	`- ap_escape_html(r->pool, r->uri),`
		ad4e62	`- " could not be found on this server. \n",`
		ad4e62	`- NULL);`
		ad4e62	`- return(add_optional_notes(r, s1, "variant-list", ""));`
		ad4e62	`+ return(add_optional_notes(r,`
		ad4e62	`+ "An appropriate representation of the requested resource "`
		ad4e62	`+ "could not be found on this server. \n",`
		ad4e62	`+ "variant-list", ""));`
		ad4e62	`case HTTP_MULTIPLE_CHOICES:`
		ad4e62	`return(add_optional_notes(r, "", "variant-list", ""));`
		ad4e62	`case HTTP_LENGTH_REQUIRED:`
		ad4e62	`@@ -1193,18 +1176,13 @@ static const char *get_canned_error_string(int status,`
		ad4e62	`NULL);`
		ad4e62	`return(add_optional_notes(r, s1, "error-notes", " \n"));`
		ad4e62	`case HTTP_PRECONDITION_FAILED:`
		ad4e62	`- return(apr_pstrcat(p,`
		ad4e62	`- "The precondition on the request "`
		ad4e62	`- "for the URL ",`
		ad4e62	`- ap_escape_html(r->pool, r->uri),`
		ad4e62	`- " evaluated to false. \n",`
		ad4e62	`- NULL));`
		ad4e62	`+ return("The precondition on the request "`
		ad4e62	`+ "for this URL evaluated to false. \n");`
		ad4e62	`case HTTP_NOT_IMPLEMENTED:`
		ad4e62	`s1 = apr_pstrcat(p,`
		ad4e62	`"",`
		ad4e62	`- ap_escape_html(r->pool, r->method), " to ",`
		ad4e62	`- ap_escape_html(r->pool, r->uri),`
		ad4e62	`- " not supported. \n",`
		ad4e62	`+ ap_escape_html(r->pool, r->method), " ",`
		ad4e62	`+ " not supported for current URL. \n",`
		ad4e62	`NULL);`
		ad4e62	`return(add_optional_notes(r, s1, "error-notes", " \n"));`
		ad4e62	`case HTTP_BAD_GATEWAY:`
		ad4e62	`@@ -1212,29 +1190,19 @@ static const char *get_canned_error_string(int status,`
		ad4e62	`"response from an upstream server. " CRLF;`
		ad4e62	`return(add_optional_notes(r, s1, "error-notes", " \n"));`
		ad4e62	`case HTTP_VARIANT_ALSO_VARIES:`
		ad4e62	`- return(apr_pstrcat(p,`
		ad4e62	`- "A variant for the requested "`
		ad4e62	`- "resource\n\n",`
		ad4e62	`- ap_escape_html(r->pool, r->uri),`
		ad4e62	`- "\n\nis itself a negotiable resource. "`
		ad4e62	`- "This indicates a configuration error. \n",`
		ad4e62	`- NULL));`
		ad4e62	`+ return("A variant for the requested "`
		ad4e62	`+ "resource\n\n"`
		ad4e62	`+ "\n\nis itself a negotiable resource. "`
		ad4e62	`+ "This indicates a configuration error. \n");`
		ad4e62	`case HTTP_REQUEST_TIME_OUT:`
		ad4e62	`return("Server timeout waiting for the HTTP request from the client. \n");`
		ad4e62	`case HTTP_GONE:`
		ad4e62	`- return(apr_pstrcat(p,`
		ad4e62	`- "The requested resource ",`
		ad4e62	`- ap_escape_html(r->pool, r->uri),`
		ad4e62	`- " \nis no longer available on this server "`
		ad4e62	`- "and there is no forwarding address.\n"`
		ad4e62	`- "Please remove all references to this "`
		ad4e62	`- "resource. \n",`
		ad4e62	`- NULL));`
		ad4e62	`+ return("The requested resource is no longer available on this server"`
		ad4e62	`+ " and there is no forwarding address.\n"`
		ad4e62	`+ "Please remove all references to this resource. \n");`
		ad4e62	`case HTTP_REQUEST_ENTITY_TOO_LARGE:`
		ad4e62	`return(apr_pstrcat(p,`
		ad4e62	`- "The requested resource ",`
		ad4e62	`- ap_escape_html(r->pool, r->uri), " \n",`
		ad4e62	`- "does not allow request data with ",`
		ad4e62	`+ "The requested resource does not allow request data with ",`
		ad4e62	`ap_escape_html(r->pool, r->method),`
		ad4e62	`" requests, or the amount of data provided in\n"`
		ad4e62	`"the request exceeds the capacity limit.\n",`
		ad4e62	`@@ -1318,11 +1286,9 @@ static const char *get_canned_error_string(int status,`
		ad4e62	`"the Server Name Indication (SNI) in use for this\n"`
		ad4e62	`"connection. \n");`
		ad4e62	`case HTTP_UNAVAILABLE_FOR_LEGAL_REASONS:`
		ad4e62	`- s1 = apr_pstrcat(p,`
		ad4e62	`- "Access to ", ap_escape_html(r->pool, r->uri),`
		ad4e62	`- "\nhas been denied for legal reasons. \n",`
		ad4e62	`- NULL);`
		ad4e62	`- return(add_optional_notes(r, s1, "error-notes", " \n"));`
		ad4e62	`+ return(add_optional_notes(r,`
		ad4e62	`+ "Access to this URL has been denied for legal reasons. \n",`
		ad4e62	`+ "error-notes", " \n"));`
		ad4e62	`default: /* HTTP_INTERNAL_SERVER_ERROR */`
		ad4e62	`/*`
		ad4e62	`* This comparison to expose error-notes could be modified to`
		ad4e62	`diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c`
		ad4e62	`index 2336496..e6120d2 100644`
		ad4e62	`--- a/modules/proxy/mod_proxy.c`
		ad4e62	`+++ b/modules/proxy/mod_proxy.c`
		ad4e62	`@@ -1049,9 +1049,10 @@ static int proxy_handler(request_rec *r)`
		ad4e62	`char *end;`
		ad4e62	`maxfwd = apr_strtoi64(str, &end, 10);`
		ad4e62	`if (maxfwd < 0 \|\| maxfwd == APR_INT64_MAX \|\| *end) {`
		ad4e62	`- return ap_proxyerror(r, HTTP_BAD_REQUEST,`
		ad4e62	`- apr_psprintf(r->pool,`
		ad4e62	`- "Max-Forwards value '%s' could not be parsed", str));`
		ad4e62	`+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO()`
		ad4e62	`+ "Max-Forwards value '%s' could not be parsed", str);`
		ad4e62	`+ return ap_proxyerror(r, HTTP_BAD_REQUEST,`
		ad4e62	`+ "Max-Forwards request header could not be parsed");`
		ad4e62	`}`
		ad4e62	`else if (maxfwd == 0) {`
		ad4e62	`switch (r->method_number) {`
		ad4e62	`diff --git a/modules/proxy/mod_proxy_ftp.c b/modules/proxy/mod_proxy_ftp.c`
		ad4e62	`index 4a10987..8f6f853 100644`
		ad4e62	`--- a/modules/proxy/mod_proxy_ftp.c`
		ad4e62	`+++ b/modules/proxy/mod_proxy_ftp.c`
		ad4e62	`@@ -1024,8 +1024,9 @@ static int proxy_ftp_handler(request_rec r, proxy_worker worker,`
		ad4e62	`/* We break the URL into host, port, path-search */`
		ad4e62	`if (r->parsed_uri.hostname == NULL) {`
		ad4e62	`if (APR_SUCCESS != apr_uri_parse(p, url, &uri)) {`
		ad4e62	`- return ap_proxyerror(r, HTTP_BAD_REQUEST,`
		ad4e62	`- apr_psprintf(p, "URI cannot be parsed: %s", url));`
		ad4e62	`+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO()`
		ad4e62	`+ "URI cannot be parsed: %s", url);`
		ad4e62	`+ return ap_proxyerror(r, HTTP_BAD_REQUEST, "URI cannot be parsed");`
		ad4e62	`}`
		ad4e62	`connectname = uri.hostname;`
		ad4e62	`connectport = uri.port;`
		ad4e62	`diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c`
		ad4e62	`index 7b76144..4f6c458 100644`
		ad4e62	`--- a/modules/proxy/proxy_util.c`
		ad4e62	`+++ b/modules/proxy/proxy_util.c`
		ad4e62	`@@ -364,12 +364,9 @@ PROXY_DECLARE(char *)`
		ad4e62
		ad4e62	`PROXY_DECLARE(int) ap_proxyerror(request_rec r, int statuscode, const char message)`
		ad4e62	`{`
		ad4e62	`- const char *uri = ap_escape_html(r->pool, r->uri);`
		ad4e62	`apr_table_setn(r->notes, "error-notes",`
		ad4e62	`apr_pstrcat(r->pool,`
		ad4e62	`- "The proxy server could not handle the request`
		ad4e62	`- uri, "\">", ap_escape_html(r->pool, r->method), " ", uri,`
		ad4e62	`- ".\n"`
		ad4e62	`+ "The proxy server could not handle the request"`
		ad4e62	`"Reason: ", ap_escape_html(r->pool, message),`
		ad4e62	`" ",`
		ad4e62	`NULL));`

rpms / httpd24-httpd

Source Code

Blame SOURCES/httpd-2.4.34-CVE-2019-10092.patch