smeserver-mod_dav/contribs10/smeserver-mod_dav-1.1-bz12051-24syntax.patch

diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays
--- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays   2022-07-28 23:51:31.454000000 -0400
+++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays       2022-07-29 00:52:11.073000000 -0400
@@ -13,7 +13,7 @@
        $OUT .= "\n    # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
        next if $access eq 'none';
        # true if have to be password accessible from somewhere.
-       my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
+       my $satisfy = ($access eq 'global-pw-remote')? 'RequireAny': 'RequireAll';
         if ($properties{'ModDav'})
         {
             if ($properties{'ModDav'} eq 'enabled')
@@ -32,10 +32,10 @@
                if ($dynamicContent eq 'enabled' && $secureEXEC eq 'enabled')
                {
                  # we do not want PHP or CGI to be runt there for security reason 
-                 $OUT .= "    <FilesMatch \\.php\$>\n";                
+                 $OUT .= "    <FilesMatch \\.(phar|php)\$>\n";                
                  $OUT .= "        #disabling php\n";
                   $OUT .= "        SetHandler !\n"; # could use also SetHandler  none
-                 $OUT .= "        deny from all\n" if ( $properties{'ModDavHidePHP'} || 'enabled' ) eq 'enabled';
+                 $OUT .= "        Require all denied\n" if ( $properties{'ModDavHidePHP'} || 'enabled' ) eq 'enabled';
                   $OUT .= "    </FilesMatch>\n";               
                   $OUT .= "    Options -ExecCGI\n";
                  $OUT .= "    RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo\n";
@@ -54,15 +54,14 @@
                 $OUT .= "    DirectoryIndex disabled\n\n" unless ( ($properties{'ModDavNoDirectoryIndex'}||"enabled" ) eq "disabled");
                 $OUT .= "    #DirectoryIndex disabled : DavNoDirectoryIndex has been defined to force DirectoryIndex \n\n" if ( ($properties{'ModDavNoDirectoryIndex'}||"enabled" ) eq "disabled");
 
-                $OUT .= "    order deny,allow\n";
-                $OUT .= "    deny from all\n";
-                $OUT .= "    " . $ReadAllow . "\n";
                 $OUT .= "    AuthName \"$properties{'Name'}\"\n";
                 $OUT .= "    AuthBasicProvider external\n";
                 $OUT .= "    AuthType Basic\n";
                 $OUT .= "    AuthExternal pwauth\n";
-                $OUT .= "    " . $ReadRequire . "\n";
-                $OUT .= "    Satisfy $satisfy\n\n";
+                $OUT .= "    <$satisfy>\n";
+                $OUT .= "      " . $ReadRequire . "\n";
+                $OUT .= "      " . $ReadAllow . "\n";
+                $OUT .= "    </$satisfy>\n\n";
 
                 # Ensure only valid users get to do stuff... update 2021/02:
                # GET, POST, PUT, DELETE, CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK
@@ -72,14 +71,15 @@
                # however we put our limit to the whole folder with the Require user .... above, so the whole block under seems useless
                # unless we reduce it to one user, or are fool to enlarge to Require valid-user
 #                $OUT .= "    <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>\n\n";
-#                $OUT .= "        Allow from all\n";
+#                $OUT .= "        #Require all granted\n";
 #                $OUT .= "        Require user $userlist\n\n";
 #                $OUT .= "    </Limit>\n\n";
 
                 $OUT .= "    <LimitExcept GET POST PROPFIND OPTIONS CONNECT>\n";
-                $OUT .= "      " . $WriteRequire . "\n";
-               $OUT .= "      Satisfy All\n";
-                $OUT .= "      ". $WriteAllow ."\n";
+                $OUT .= "      <RequireAll>\n";
+                $OUT .= "        " . $WriteRequire . "\n";
+                $OUT .= "        ". $WriteAllow ."\n";
+               $OUT .= "      </RequireAll>\n";
                 $OUT .= "    </LimitExcept>\n\n";
                 $OUT .= "</Directory>\n";
             }
diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav
--- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav    2022-07-28 23:51:31.454000000 -0400
+++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav        2022-07-29 00:03:53.101000000 -0400
@@ -14,8 +14,6 @@
         $OUT .= "\n    # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
         next if $access eq 'none';
         # true if have to be password accessible from somewhere.
-        my $ispassibay = $access =~ /-pw/;
-        my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
         if ($properties{'ModDav'})
         {
             if ($properties{'ModDav'} eq 'enabled')
diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm
--- smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm    2022-07-28 23:51:31.457000000 -0400
+++ smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm        2022-07-29 00:09:32.842000000 -0400
@@ -67,22 +67,22 @@
   sub getAllow {
     my ($mode, $key, $localAccess ) = @_;
     $localAccess = (defined $localAccess ) ? $localAccess : "127.0.0.1";
-    my $ibay = $adb->get($key) or return "allow from 127.0.0.1";
-    my %properties = $ibay->props or return "allow from 127.0.0.1";
+    my $ibay = $adb->get($key) or return "Require ip 127.0.0.1";
+    my %properties = $ibay->props or return "Require ip 127.0.0.1";
     my $Public = $properties{'PublicAccess'} || 'none'; 
 
-    my $allow = "allow from 127.0.0.1";
+    my $allow = "Require ip 127.0.0.1";
     if ($Public eq 'none')
     {
         $allow = "# allow from set to NONE";
     }
     elsif ($Public =~ /(local|remote)/  )
     {
-        $allow   = "allow from " . $localAccess;
+        $allow   = "Require ip " . $localAccess;
     }
     elsif ($Public =~ /global/)
     {
-        $allow   = "allow from all";
+        $allow   = "Require all granted";
     }
     return $allow;
   }
1	jpp	1.1	diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays
2			--- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays 2022-07-28 23:51:31.454000000 -0400
3	jpp	1.2	+++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays 2022-07-29 00:52:11.073000000 -0400
4	jpp	1.1	@@ -13,7 +13,7 @@
5			$OUT .= "\n # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
6			next if $access eq 'none';
7			# true if have to be password accessible from somewhere.
8			- my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
9			+ my $satisfy = ($access eq 'global-pw-remote')? 'RequireAny': 'RequireAll';
10			if ($properties{'ModDav'})
11			{
12			if ($properties{'ModDav'} eq 'enabled')
13	jpp	1.2	@@ -32,10 +32,10 @@
14			if ($dynamicContent eq 'enabled' && $secureEXEC eq 'enabled')
15			{
16			# we do not want PHP or CGI to be runt there for security reason
17			- $OUT .= " <FilesMatch \\.php\$>\n";
18			+ $OUT .= " <FilesMatch \\.(phar\|php)\$>\n";
19	jpp	1.1	$OUT .= " #disabling php\n";
20			$OUT .= " SetHandler !\n"; # could use also SetHandler none
21			- $OUT .= " deny from all\n" if ( $properties{'ModDavHidePHP'} \|\| 'enabled' ) eq 'enabled';
22			+ $OUT .= " Require all denied\n" if ( $properties{'ModDavHidePHP'} \|\| 'enabled' ) eq 'enabled';
23			$OUT .= " </FilesMatch>\n";
24			$OUT .= " Options -ExecCGI\n";
25			$OUT .= " RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo\n";
26			@@ -54,15 +54,14 @@
27			$OUT .= " DirectoryIndex disabled\n\n" unless ( ($properties{'ModDavNoDirectoryIndex'}\|\|"enabled" ) eq "disabled");
28			$OUT .= " #DirectoryIndex disabled : DavNoDirectoryIndex has been defined to force DirectoryIndex \n\n" if ( ($properties{'ModDavNoDirectoryIndex'}\|\|"enabled" ) eq "disabled");
29
30			- $OUT .= " order deny,allow\n";
31			- $OUT .= " deny from all\n";
32			- $OUT .= " " . $ReadAllow . "\n";
33			$OUT .= " AuthName \"$properties{'Name'}\"\n";
34			$OUT .= " AuthBasicProvider external\n";
35			$OUT .= " AuthType Basic\n";
36			$OUT .= " AuthExternal pwauth\n";
37			- $OUT .= " " . $ReadRequire . "\n";
38			- $OUT .= " Satisfy $satisfy\n\n";
39			+ $OUT .= " <$satisfy>\n";
40			+ $OUT .= " " . $ReadRequire . "\n";
41			+ $OUT .= " " . $ReadAllow . "\n";
42			+ $OUT .= " </$satisfy>\n\n";
43
44			# Ensure only valid users get to do stuff... update 2021/02:
45			# GET, POST, PUT, DELETE, CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK
46			@@ -72,14 +71,15 @@
47			# however we put our limit to the whole folder with the Require user .... above, so the whole block under seems useless
48			# unless we reduce it to one user, or are fool to enlarge to Require valid-user
49			# $OUT .= " <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>\n\n";
50			-# $OUT .= " Allow from all\n";
51			+# $OUT .= " #Require all granted\n";
52			# $OUT .= " Require user $userlist\n\n";
53			# $OUT .= " </Limit>\n\n";
54
55			$OUT .= " <LimitExcept GET POST PROPFIND OPTIONS CONNECT>\n";
56			- $OUT .= " " . $WriteRequire . "\n";
57			- $OUT .= " Satisfy All\n";
58			- $OUT .= " ". $WriteAllow ."\n";
59	jpp	1.2	+ $OUT .= " <RequireAll>\n";
60	jpp	1.1	+ $OUT .= " " . $WriteRequire . "\n";
61			+ $OUT .= " ". $WriteAllow ."\n";
62	jpp	1.2	+ $OUT .= " </RequireAll>\n";
63	jpp	1.1	$OUT .= " </LimitExcept>\n\n";
64			$OUT .= "</Directory>\n";
65			}
66			diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav
67			--- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav 2022-07-28 23:51:31.454000000 -0400
68			+++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav 2022-07-29 00:03:53.101000000 -0400
69			@@ -14,8 +14,6 @@
70			$OUT .= "\n # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
71			next if $access eq 'none';
72			# true if have to be password accessible from somewhere.
73			- my $ispassibay = $access =~ /-pw/;
74			- my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
75			if ($properties{'ModDav'})
76			{
77			if ($properties{'ModDav'} eq 'enabled')
78			diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm
79			--- smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm 2022-07-28 23:51:31.457000000 -0400
80			+++ smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm 2022-07-29 00:09:32.842000000 -0400
81			@@ -67,22 +67,22 @@
82			sub getAllow {
83			my ($mode, $key, $localAccess ) = @_;
84			$localAccess = (defined $localAccess ) ? $localAccess : "127.0.0.1";
85			- my $ibay = $adb->get($key) or return "allow from 127.0.0.1";
86			- my %properties = $ibay->props or return "allow from 127.0.0.1";
87			+ my $ibay = $adb->get($key) or return "Require ip 127.0.0.1";
88			+ my %properties = $ibay->props or return "Require ip 127.0.0.1";
89			my $Public = $properties{'PublicAccess'} \|\| 'none';
90
91			- my $allow = "allow from 127.0.0.1";
92			+ my $allow = "Require ip 127.0.0.1";
93			if ($Public eq 'none')
94			{
95			$allow = "# allow from set to NONE";
96			}
97			elsif ($Public =~ /(local\|remote)/ )
98			{
99			- $allow = "allow from " . $localAccess;
100			+ $allow = "Require ip " . $localAccess;
101			}
102			elsif ($Public =~ /global/)
103			{
104			- $allow = "allow from all";
105			+ $allow = "Require all granted";
106			}
107			return $allow;
108			}