/[smecontribs]/rpms/smeserver-mod_dav/contribs10/smeserver-mod_dav-1.1-bz12051-24syntax.patch
ViewVC logotype

Contents of /rpms/smeserver-mod_dav/contribs10/smeserver-mod_dav-1.1-bz12051-24syntax.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (show annotations) (download)
Fri Jul 29 04:55:57 2022 UTC (2 years, 4 months ago) by jpp
Branch: MAIN
CVS Tags: smeserver-mod_dav-1_1-8_el7_sme, HEAD
Changes since 1.1: +9 -5 lines
* Thu Jul 28 2022 Jean-Philippe Pialasse <tests@pialasse.com> 1.1-8.sme
- update to apache 2.4 access syntax [SME: 12051]

1 diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays
2 --- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays 2022-07-28 23:51:31.454000000 -0400
3 +++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95Addmod_dav2ibays 2022-07-29 00:52:11.073000000 -0400
4 @@ -13,7 +13,7 @@
5 $OUT .= "\n # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
6 next if $access eq 'none';
7 # true if have to be password accessible from somewhere.
8 - my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
9 + my $satisfy = ($access eq 'global-pw-remote')? 'RequireAny': 'RequireAll';
10 if ($properties{'ModDav'})
11 {
12 if ($properties{'ModDav'} eq 'enabled')
13 @@ -32,10 +32,10 @@
14 if ($dynamicContent eq 'enabled' && $secureEXEC eq 'enabled')
15 {
16 # we do not want PHP or CGI to be runt there for security reason
17 - $OUT .= " <FilesMatch \\.php\$>\n";
18 + $OUT .= " <FilesMatch \\.(phar|php)\$>\n";
19 $OUT .= " #disabling php\n";
20 $OUT .= " SetHandler !\n"; # could use also SetHandler none
21 - $OUT .= " deny from all\n" if ( $properties{'ModDavHidePHP'} || 'enabled' ) eq 'enabled';
22 + $OUT .= " Require all denied\n" if ( $properties{'ModDavHidePHP'} || 'enabled' ) eq 'enabled';
23 $OUT .= " </FilesMatch>\n";
24 $OUT .= " Options -ExecCGI\n";
25 $OUT .= " RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo\n";
26 @@ -54,15 +54,14 @@
27 $OUT .= " DirectoryIndex disabled\n\n" unless ( ($properties{'ModDavNoDirectoryIndex'}||"enabled" ) eq "disabled");
28 $OUT .= " #DirectoryIndex disabled : DavNoDirectoryIndex has been defined to force DirectoryIndex \n\n" if ( ($properties{'ModDavNoDirectoryIndex'}||"enabled" ) eq "disabled");
29
30 - $OUT .= " order deny,allow\n";
31 - $OUT .= " deny from all\n";
32 - $OUT .= " " . $ReadAllow . "\n";
33 $OUT .= " AuthName \"$properties{'Name'}\"\n";
34 $OUT .= " AuthBasicProvider external\n";
35 $OUT .= " AuthType Basic\n";
36 $OUT .= " AuthExternal pwauth\n";
37 - $OUT .= " " . $ReadRequire . "\n";
38 - $OUT .= " Satisfy $satisfy\n\n";
39 + $OUT .= " <$satisfy>\n";
40 + $OUT .= " " . $ReadRequire . "\n";
41 + $OUT .= " " . $ReadAllow . "\n";
42 + $OUT .= " </$satisfy>\n\n";
43
44 # Ensure only valid users get to do stuff... update 2021/02:
45 # GET, POST, PUT, DELETE, CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK
46 @@ -72,14 +71,15 @@
47 # however we put our limit to the whole folder with the Require user .... above, so the whole block under seems useless
48 # unless we reduce it to one user, or are fool to enlarge to Require valid-user
49 # $OUT .= " <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>\n\n";
50 -# $OUT .= " Allow from all\n";
51 +# $OUT .= " #Require all granted\n";
52 # $OUT .= " Require user $userlist\n\n";
53 # $OUT .= " </Limit>\n\n";
54
55 $OUT .= " <LimitExcept GET POST PROPFIND OPTIONS CONNECT>\n";
56 - $OUT .= " " . $WriteRequire . "\n";
57 - $OUT .= " Satisfy All\n";
58 - $OUT .= " ". $WriteAllow ."\n";
59 + $OUT .= " <RequireAll>\n";
60 + $OUT .= " " . $WriteRequire . "\n";
61 + $OUT .= " ". $WriteAllow ."\n";
62 + $OUT .= " </RequireAll>\n";
63 $OUT .= " </LimitExcept>\n\n";
64 $OUT .= "</Directory>\n";
65 }
66 diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav
67 --- smeserver-mod_dav-1.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav 2022-07-28 23:51:31.454000000 -0400
68 +++ smeserver-mod_dav-1.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/21IbayWebDav 2022-07-29 00:03:53.101000000 -0400
69 @@ -14,8 +14,6 @@
70 $OUT .= "\n # ibay $key disabled for httpd so no DAV access\n" if $access eq 'none';
71 next if $access eq 'none';
72 # true if have to be password accessible from somewhere.
73 - my $ispassibay = $access =~ /-pw/;
74 - my $satisfy = ($access eq 'global-pw-remote')? 'any': 'all';
75 if ($properties{'ModDav'})
76 {
77 if ($properties{'ModDav'} eq 'enabled')
78 diff -Nur --no-dereference smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm
79 --- smeserver-mod_dav-1.1.old/root/usr/share/perl5/vendor_perl/esmith/DAV.pm 2022-07-28 23:51:31.457000000 -0400
80 +++ smeserver-mod_dav-1.1/root/usr/share/perl5/vendor_perl/esmith/DAV.pm 2022-07-29 00:09:32.842000000 -0400
81 @@ -67,22 +67,22 @@
82 sub getAllow {
83 my ($mode, $key, $localAccess ) = @_;
84 $localAccess = (defined $localAccess ) ? $localAccess : "127.0.0.1";
85 - my $ibay = $adb->get($key) or return "allow from 127.0.0.1";
86 - my %properties = $ibay->props or return "allow from 127.0.0.1";
87 + my $ibay = $adb->get($key) or return "Require ip 127.0.0.1";
88 + my %properties = $ibay->props or return "Require ip 127.0.0.1";
89 my $Public = $properties{'PublicAccess'} || 'none';
90
91 - my $allow = "allow from 127.0.0.1";
92 + my $allow = "Require ip 127.0.0.1";
93 if ($Public eq 'none')
94 {
95 $allow = "# allow from set to NONE";
96 }
97 elsif ($Public =~ /(local|remote)/ )
98 {
99 - $allow = "allow from " . $localAccess;
100 + $allow = "Require ip " . $localAccess;
101 }
102 elsif ($Public =~ /global/)
103 {
104 - $allow = "allow from all";
105 + $allow = "Require all granted";
106 }
107 return $allow;
108 }

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed