smeserver-mod_dav/contribs10/smeserver-mod_dav-1.1-bz12051-24syntax.patch

diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays
--- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays   2022-07-28 23:51:31.454000000 -0400
+++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays       2022-07-29 00:52:11.073000000 -0400
@@ -13,7 +13,7 @@
        $OUT .= "\n    # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
        next if $access eq 'none';
        # true if have to be password accessible from somewhere.
-       my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
+       my $satisfy = ($access eq 'global-pw-remote')? 'RequireAny': 'RequireAll';
         if ($properties{'ModDav'})
         {
             if ($properties{'ModDav'} eq 'enabled')
@@ -32,10 +32,10 @@
                if ($dynamicContent eq 'enabled' && $secureEXEC eq 'enabled')
                {
                  # we do not want PHP or CGI to be runt there for security reason 
-                 $OUT .= "    <FilesMatch \\.php\$>\n";                
+                 $OUT .= "    <FilesMatch \\.(phar|php)\$>\n";                
                  $OUT .= "        #disabling php\n";
                   $OUT .= "        SetHandler !\n"; # could use also SetHandler  none
-                 $OUT .= "        deny from all\n" if ( $properties{'ModDavHidePHP'} || 'enabled' ) eq 'enabled';
+                 $OUT .= "        Require all denied\n" if ( $properties{'ModDavHidePHP'} || 'enabled' ) eq 'enabled';
                   $OUT .= "    </FilesMatch>\n";               
                   $OUT .= "    Options -ExecCGI\n";
                  $OUT .= "    RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo\n";
@@ -54,15 +54,14 @@
                 $OUT .= "    DirectoryIndex disabled\n\n" unless ( ($properties{'ModDavNoDirectoryIndex'}||"enabled" ) eq "disabled");
                 $OUT .= "    #DirectoryIndex disabled : DavNoDirectoryIndex has been defined to force DirectoryIndex \n\n" if ( ($properties{'ModDavNoDirectoryIndex'}||"enabled" ) eq "disabled");
 
-                $OUT .= "    order deny,allow\n";
-                $OUT .= "    deny from all\n";
-                $OUT .= "    " . $ReadAllow . "\n";
                 $OUT .= "    AuthName \"$properties{'Name'}\"\n";
                 $OUT .= "    AuthBasicProvider external\n";
                 $OUT .= "    AuthType Basic\n";
                 $OUT .= "    AuthExternal pwauth\n";
-                $OUT .= "    " . $ReadRequire . "\n";
-                $OUT .= "    Satisfy $satisfy\n\n";
+                $OUT .= "    <$satisfy>\n";
+                $OUT .= "      " . $ReadRequire . "\n";
+                $OUT .= "      " . $ReadAllow . "\n";
+                $OUT .= "    </$satisfy>\n\n";
 
                 # Ensure only valid users get to do stuff... update 2021/02:
                # GET, POST, PUT, DELETE, CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK
@@ -72,14 +71,15 @@
                # however we put our limit to the whole folder with the Require user .... above, so the whole block under seems useless
                # unless we reduce it to one user, or are fool to enlarge to Require valid-user
 #                $OUT .= "    <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>\n\n";
-#                $OUT .= "        Allow from all\n";
+#                $OUT .= "        #Require all granted\n";
 #                $OUT .= "        Require user $userlist\n\n";
 #                $OUT .= "    </Limit>\n\n";
 
                 $OUT .= "    <LimitExcept GET POST PROPFIND OPTIONS CONNECT>\n";
-                $OUT .= "      " . $WriteRequire . "\n";
-               $OUT .= "      Satisfy All\n";
-                $OUT .= "      ". $WriteAllow ."\n";
+                $OUT .= "      <RequireAll>\n";
+                $OUT .= "        " . $WriteRequire . "\n";
+                $OUT .= "        ". $WriteAllow ."\n";
+               $OUT .= "      </RequireAll>\n";
                 $OUT .= "    </LimitExcept>\n\n";
                 $OUT .= "</Directory>\n";
             }
diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav
--- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav    2022-07-28 23:51:31.454000000 -0400
+++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav        2022-07-29 00:03:53.101000000 -0400
@@ -14,8 +14,6 @@
         $OUT .= "\n    # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
         next if $access eq 'none';
         # true if have to be password accessible from somewhere.
-        my $ispassibay = $access =~ /-pw/;
-        my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
         if ($properties{'ModDav'})
         {
             if ($properties{'ModDav'} eq 'enabled')
diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm
--- smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm    2022-07-28 23:51:31.457000000 -0400
+++ smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm        2022-07-29 00:09:32.842000000 -0400
@@ -67,22 +67,22 @@
   sub getAllow {
     my ($mode, $key, $localAccess ) = @_;
     $localAccess = (defined $localAccess ) ? $localAccess : "127.0.0.1";
-    my $ibay = $adb->get($key) or return "allow from 127.0.0.1";
-    my %properties = $ibay->props or return "allow from 127.0.0.1";
+    my $ibay = $adb->get($key) or return "Require ip 127.0.0.1";
+    my %properties = $ibay->props or return "Require ip 127.0.0.1";
     my $Public = $properties{'PublicAccess'} || 'none'; 
 
-    my $allow = "allow from 127.0.0.1";
+    my $allow = "Require ip 127.0.0.1";
     if ($Public eq 'none')
     {
         $allow = "# allow from set to NONE";
     }
     elsif ($Public =~ /(local|remote)/  )
     {
-        $allow   = "allow from " . $localAccess;
+        $allow   = "Require ip " . $localAccess;
     }
     elsif ($Public =~ /global/)
     {
-        $allow   = "allow from all";
+        $allow   = "Require all granted";
     }
     return $allow;
   }
1	diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays
2	--- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays 2022-07-28 23:51:31.454000000 -0400
3	+++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays 2022-07-29 00:52:11.073000000 -0400
4	@@ -13,7 +13,7 @@
5	$OUT .= "\n # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
6	next if $access eq 'none';
7	# true if have to be password accessible from somewhere.
8	- my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
9	+ my $satisfy = ($access eq 'global-pw-remote')? 'RequireAny': 'RequireAll';
10	if ($properties{'ModDav'})
11	{
12	if ($properties{'ModDav'} eq 'enabled')
13	@@ -32,10 +32,10 @@
14	if ($dynamicContent eq 'enabled' && $secureEXEC eq 'enabled')
15	{
16	# we do not want PHP or CGI to be runt there for security reason
17	- $OUT .= " <FilesMatch \\.php\$>\n";
18	+ $OUT .= " <FilesMatch \\.(phar\|php)\$>\n";
19	$OUT .= " #disabling php\n";
20	$OUT .= " SetHandler !\n"; # could use also SetHandler none
21	- $OUT .= " deny from all\n" if ( $properties{'ModDavHidePHP'} \|\| 'enabled' ) eq 'enabled';
22	+ $OUT .= " Require all denied\n" if ( $properties{'ModDavHidePHP'} \|\| 'enabled' ) eq 'enabled';
23	$OUT .= " </FilesMatch>\n";
24	$OUT .= " Options -ExecCGI\n";
25	$OUT .= " RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo\n";
26	@@ -54,15 +54,14 @@
27	$OUT .= " DirectoryIndex disabled\n\n" unless ( ($properties{'ModDavNoDirectoryIndex'}\|\|"enabled" ) eq "disabled");
28	$OUT .= " #DirectoryIndex disabled : DavNoDirectoryIndex has been defined to force DirectoryIndex \n\n" if ( ($properties{'ModDavNoDirectoryIndex'}\|\|"enabled" ) eq "disabled");
29
30	- $OUT .= " order deny,allow\n";
31	- $OUT .= " deny from all\n";
32	- $OUT .= " " . $ReadAllow . "\n";
33	$OUT .= " AuthName \"$properties{'Name'}\"\n";
34	$OUT .= " AuthBasicProvider external\n";
35	$OUT .= " AuthType Basic\n";
36	$OUT .= " AuthExternal pwauth\n";
37	- $OUT .= " " . $ReadRequire . "\n";
38	- $OUT .= " Satisfy $satisfy\n\n";
39	+ $OUT .= " <$satisfy>\n";
40	+ $OUT .= " " . $ReadRequire . "\n";
41	+ $OUT .= " " . $ReadAllow . "\n";
42	+ $OUT .= " </$satisfy>\n\n";
43
44	# Ensure only valid users get to do stuff... update 2021/02:
45	# GET, POST, PUT, DELETE, CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK
46	@@ -72,14 +71,15 @@
47	# however we put our limit to the whole folder with the Require user .... above, so the whole block under seems useless
48	# unless we reduce it to one user, or are fool to enlarge to Require valid-user
49	# $OUT .= " <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>\n\n";
50	-# $OUT .= " Allow from all\n";
51	+# $OUT .= " #Require all granted\n";
52	# $OUT .= " Require user $userlist\n\n";
53	# $OUT .= " </Limit>\n\n";
54
55	$OUT .= " <LimitExcept GET POST PROPFIND OPTIONS CONNECT>\n";
56	- $OUT .= " " . $WriteRequire . "\n";
57	- $OUT .= " Satisfy All\n";
58	- $OUT .= " ". $WriteAllow ."\n";
59	+ $OUT .= " <RequireAll>\n";
60	+ $OUT .= " " . $WriteRequire . "\n";
61	+ $OUT .= " ". $WriteAllow ."\n";
62	+ $OUT .= " </RequireAll>\n";
63	$OUT .= " </LimitExcept>\n\n";
64	$OUT .= "</Directory>\n";
65	}
66	diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav
67	--- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav 2022-07-28 23:51:31.454000000 -0400
68	+++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav 2022-07-29 00:03:53.101000000 -0400
69	@@ -14,8 +14,6 @@
70	$OUT .= "\n # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
71	next if $access eq 'none';
72	# true if have to be password accessible from somewhere.
73	- my $ispassibay = $access =~ /-pw/;
74	- my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
75	if ($properties{'ModDav'})
76	{
77	if ($properties{'ModDav'} eq 'enabled')
78	diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm
79	--- smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm 2022-07-28 23:51:31.457000000 -0400
80	+++ smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm 2022-07-29 00:09:32.842000000 -0400
81	@@ -67,22 +67,22 @@
82	sub getAllow {
83	my ($mode, $key, $localAccess ) = @_;
84	$localAccess = (defined $localAccess ) ? $localAccess : "127.0.0.1";
85	- my $ibay = $adb->get($key) or return "allow from 127.0.0.1";
86	- my %properties = $ibay->props or return "allow from 127.0.0.1";
87	+ my $ibay = $adb->get($key) or return "Require ip 127.0.0.1";
88	+ my %properties = $ibay->props or return "Require ip 127.0.0.1";
89	my $Public = $properties{'PublicAccess'} \|\| 'none';
90
91	- my $allow = "allow from 127.0.0.1";
92	+ my $allow = "Require ip 127.0.0.1";
93	if ($Public eq 'none')
94	{
95	$allow = "# allow from set to NONE";
96	}
97	elsif ($Public =~ /(local\|remote)/ )
98	{
99	- $allow = "allow from " . $localAccess;
100	+ $allow = "Require ip " . $localAccess;
101	}
102	elsif ($Public =~ /global/)
103	{
104	- $allow = "allow from all";
105	+ $allow = "Require all granted";
106	}
107	return $allow;
108	}