smeserver-shared-folders/contribs10/smeserver-shared-folders-0.3-bz12060-httpd24.patch

diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares       2022-07-25 02:05:42.911000000 -0400
+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares   2022-07-25 02:50:54.087000000 -0400
@@ -11,10 +11,14 @@
         my $key = $share->key;
 
        my $allow;
+       my $allow24;
         my $pass;
         my $satisfy;
+       my $satisfy24begin;
+       my $satisfy24end;
         my $davreaders;
         my $davwallow = '';
+       my $davwallow24 = '';
         my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0;
 
         # Find which users have read or write access
@@ -65,33 +69,49 @@
         if ($properties{'httpAccess'}) {
             if ($properties{'httpAccess'} eq 'local') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 0;
                 $satisfy = 'all';
+               $satisfy24begin = "<RequireAll>";
+               $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'local-pw') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 1;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global') {
                 $allow   = 'all';
+                $allow24 = "all granted";
                 $pass    = 0;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'global-pw') {
                 $allow   = 'all';
+                $allow24 = "all granted";
                 $pass    = 1;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $davwallow = 'all';
+               $davwallow24 = "all granted"; 
                 $pass    = 1;
                 $satisfy = 'any';
+                $satisfy24begin = "<RequireAny>";
+                $satisfy24end = "</RequireAny>";
                 $davreaders = "Require user $readers";
             }
             else {
@@ -99,6 +119,7 @@
             }
         }
         $davwallow = $allow if ($davwallow eq '');
+       $davwallow24 = $allow24 if ($davwallow24 eq '');
         my $allowOverride = $properties{'AllowOverride'} || "None";
         my $followSymLinks = $properties{'FollowSymLinks'} || "disabled";
         my $indexes = $properties{'Indexes'} || "enabled";
@@ -152,26 +173,41 @@
             $OUT .= "    DirectoryIndex index.shtml index.htm index.html\n";
             $OUT .= "    Options +IncludesNOEXEC\n";
             $OUT .= "    <FilesMatch \"\\.(php|php3|phtml|cgi|pl)\$\">\n";
+            $OUT .= "      <IfModule mod_access_compat.c>\n";
             $OUT .= "        order deny,allow\n";
             $OUT .= "        Deny from all\n"; 
+            $OUT .= "      </IfModule>\n";
+            $OUT .= "      <IfModule !mod_access_compat.c>\n";
+            $OUT .= "        Require all denied\n";
+            $OUT .= "      </IfModule>\n";
             $OUT .= "    </FilesMatch>\n";
         }
 
         $OUT .= "    AllowOverride $allowOverride\n";
         unless ($webdav){
-            $OUT .=<<"HERE";
-    order deny,allow
-    deny from all
-    allow from $allow
-HERE
+            $OUT .= "    <IfModule mod_access_compat.c>\n";
+            $OUT .= "      order deny,allow\n";
+            $OUT .= "      deny from all\n";
+            $OUT .= "      allow from $allow\n";
+            $OUT .= "    </IfModule>\n";
+            $OUT .= "    <IfModule !mod_access_compat.c>\n";
+            $OUT .= "      $satisfy24begin\n"; 
+            $OUT .= "        require user $readers\n" if ($pass);
+            $OUT .= "        Require $allow24\n";
+            $OUT .= "      $satisfy24end\n";
+            $OUT .= "    </IfModule>\n";
         }
         if ($pass || $webdav) {
             $OUT .= "    AuthName \"$properties{'Name'}\"\n";
             $OUT .= "    AuthType Basic\n";
             $OUT .= "    AuthExternal pwauth\n";
             $OUT .= "    AuthBasicProvider external\n";
-            $OUT .= "    require user $readers\n" unless ($webdav);
-            $OUT .= "    Satisfy $satisfy\n" unless ($webdav);
+            $OUT .= "    <IfModule mod_access_compat.c>\n" unless ($webdav);
+            $OUT .= "      require user $readers\n" unless ($webdav);
+            $OUT .= "      Satisfy $satisfy\n" unless ($webdav);
+            $OUT .= "    </IfModule>\n" unless ($webdav);
+
+
         }
         # WebDav is enabled only when auth is required
         if ($webdav) {
@@ -180,19 +216,35 @@
     Dav on
     # Read only access
     <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+      <IfModule mod_access_compat.c>
         order deny,allow
         deny from all
         allow from $allow
         $davreaders
         Satisfy $satisfy
+      </IfModule>
+      <IfModule !mod_access_compat.c>
+        $satisfy24begin
+          Require $allow24
+          $davreaders
+        $satisfy24end
+      </IfModule>
     </Limit>
     # Write access through webdav always requires authentication
     <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+      <IfModule mod_access_compat.c>
         order deny,allow
         deny from all
         allow from $davwallow
         Require user $writers
         Satisfy all
+      </IfModule>
+      <IfModule !mod_access_compat.c>
+        <RequireAll>
+          Require $davwallow
+          Require user $writers
+        </RequireAll>
+      </IfModule>
     </LimitExcept>
 
 HERE
@@ -206,8 +258,13 @@
         }
         else {
             $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
-            $OUT .= "    order deny,allow\n";
-            $OUT .= "    Deny from all\n";
+            $OUT .= "    <IfModule mod_access_compat.c>\n";
+            $OUT .= "      order deny,allow\n";
+            $OUT .= "      Deny from all\n";
+            $OUT .= "    </IfModule>\n";
+            $OUT .= "    <IfModule !mod_access_compat.c>\n";
+            $OUT .= "      Require all denied\n";
+            $OUT .= "    </IfModule>\n";
             $OUT .= "</DirectoryMatch>\n";
         }
     }
diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares       2022-08-01 00:04:59.295000000 -0400
+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares   2022-08-01 00:15:44.054000000 -0400
@@ -13,11 +13,9 @@
        my $allow;
        my $allow24;
         my $pass;
-        my $satisfy;
        my $satisfy24begin;
        my $satisfy24end;
         my $davreaders;
-        my $davwallow = '';
        my $davwallow24 = '';
         my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0;
 
@@ -68,48 +66,37 @@
        
         if ($properties{'httpAccess'}) {
             if ($properties{'httpAccess'} eq 'local') {
-                $allow   = "$localAccess $externalSSLAccess";
                 $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 0;
-                $satisfy = 'all';
                $satisfy24begin = "<RequireAll>";
                $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'local-pw') {
-                $allow   = "$localAccess $externalSSLAccess";
                 $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 1;
-                $satisfy = 'all';
                 $satisfy24begin = "<RequireAll>";
                 $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global') {
-                $allow   = 'all';
                 $allow24 = "all granted";
                 $pass    = 0;
-                $satisfy = 'all';
                 $satisfy24begin = "<RequireAll>";
                 $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'global-pw') {
-                $allow   = 'all';
                 $allow24 = "all granted";
                 $pass    = 1;
-                $satisfy = 'all';
                 $satisfy24begin = "<RequireAll>";
                 $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
-                $allow   = "$localAccess $externalSSLAccess";
                 $allow24 = "ip $localAccess $externalSSLAccess";
-                $davwallow = 'all';
                $davwallow24 = "all granted"; 
                 $pass    = 1;
-                $satisfy = 'any';
                 $satisfy24begin = "<RequireAny>";
                 $satisfy24end = "</RequireAny>";
                 $davreaders = "Require user $readers";
@@ -118,7 +105,6 @@
                 next;
             }
         }
-        $davwallow = $allow if ($davwallow eq '');
        $davwallow24 = $allow24 if ($davwallow24 eq '');
         my $allowOverride = $properties{'AllowOverride'} || "None";
         my $followSymLinks = $properties{'FollowSymLinks'} || "disabled";
@@ -173,41 +159,22 @@
             $OUT .= "    DirectoryIndex index.shtml index.htm index.html\n";
             $OUT .= "    Options +IncludesNOEXEC\n";
             $OUT .= "    <FilesMatch \"\\.(php|php3|phtml|cgi|pl)\$\">\n";
-            $OUT .= "      <IfModule mod_access_compat.c>\n";
-            $OUT .= "        order deny,allow\n";
-            $OUT .= "        Deny from all\n"; 
-            $OUT .= "      </IfModule>\n";
-            $OUT .= "      <IfModule !mod_access_compat.c>\n";
-            $OUT .= "        Require all denied\n";
-            $OUT .= "      </IfModule>\n";
+            $OUT .= "      Require all denied\n";
             $OUT .= "    </FilesMatch>\n";
         }
 
         $OUT .= "    AllowOverride $allowOverride\n";
         unless ($webdav){
-            $OUT .= "    <IfModule mod_access_compat.c>\n";
-            $OUT .= "      order deny,allow\n";
-            $OUT .= "      deny from all\n";
-            $OUT .= "      allow from $allow\n";
-            $OUT .= "    </IfModule>\n";
-            $OUT .= "    <IfModule !mod_access_compat.c>\n";
             $OUT .= "      $satisfy24begin\n"; 
             $OUT .= "        require user $readers\n" if ($pass);
             $OUT .= "        Require $allow24\n";
             $OUT .= "      $satisfy24end\n";
-            $OUT .= "    </IfModule>\n";
         }
         if ($pass || $webdav) {
             $OUT .= "    AuthName \"$properties{'Name'}\"\n";
             $OUT .= "    AuthType Basic\n";
             $OUT .= "    AuthExternal pwauth\n";
             $OUT .= "    AuthBasicProvider external\n";
-            $OUT .= "    <IfModule mod_access_compat.c>\n" unless ($webdav);
-            $OUT .= "      require user $readers\n" unless ($webdav);
-            $OUT .= "      Satisfy $satisfy\n" unless ($webdav);
-            $OUT .= "    </IfModule>\n" unless ($webdav);
-
-
         }
         # WebDav is enabled only when auth is required
         if ($webdav) {
@@ -216,35 +183,17 @@
     Dav on
     # Read only access
     <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
-      <IfModule mod_access_compat.c>
-        order deny,allow
-        deny from all
-        allow from $allow
-        $davreaders
-        Satisfy $satisfy
-      </IfModule>
-      <IfModule !mod_access_compat.c>
         $satisfy24begin
           Require $allow24
           $davreaders
         $satisfy24end
-      </IfModule>
     </Limit>
     # Write access through webdav always requires authentication
     <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
-      <IfModule mod_access_compat.c>
-        order deny,allow
-        deny from all
-        allow from $davwallow
-        Require user $writers
-        Satisfy all
-      </IfModule>
-      <IfModule !mod_access_compat.c>
         <RequireAll>
-          Require $davwallow
+          Require $davwallow24
           Require user $writers
         </RequireAll>
-      </IfModule>
     </LimitExcept>
 
 HERE
@@ -258,13 +207,7 @@
         }
         else {
             $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
-            $OUT .= "    <IfModule mod_access_compat.c>\n";
-            $OUT .= "      order deny,allow\n";
-            $OUT .= "      Deny from all\n";
-            $OUT .= "    </IfModule>\n";
-            $OUT .= "    <IfModule !mod_access_compat.c>\n";
-            $OUT .= "      Require all denied\n";
-            $OUT .= "    </IfModule>\n";
+            $OUT .= "    Require all denied\n";
             $OUT .= "</DirectoryMatch>\n";
         }
     }
1	jpp	1.1	diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
2			--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-07-25 02:05:42.911000000 -0400
3			+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-07-25 02:50:54.087000000 -0400
4			@@ -11,10 +11,14 @@
5			my $key = $share->key;
6
7			my $allow;
8			+ my $allow24;
9			my $pass;
10			my $satisfy;
11			+ my $satisfy24begin;
12			+ my $satisfy24end;
13			my $davreaders;
14			my $davwallow = '';
15			+ my $davwallow24 = '';
16			my $webdav = (($properties{'WebDav'} \|\| 'disabled') =~ m/^(enabled\|on\|yes)$/i) ? 1 : 0;
17
18			# Find which users have read or write access
19			@@ -65,33 +69,49 @@
20			if ($properties{'httpAccess'}) {
21			if ($properties{'httpAccess'} eq 'local') {
22			$allow = "$localAccess $externalSSLAccess";
23			+ $allow24 = "ip $localAccess $externalSSLAccess";
24			$pass = 0;
25			$satisfy = 'all';
26			+ $satisfy24begin = "<RequireAll>";
27			+ $satisfy24end = "</RequireAll>";
28			$davreaders = '';
29			}
30			elsif ($properties{'httpAccess'} eq 'local-pw') {
31			$allow = "$localAccess $externalSSLAccess";
32			+ $allow24 = "ip $localAccess $externalSSLAccess";
33			$pass = 1;
34			$satisfy = 'all';
35			+ $satisfy24begin = "<RequireAll>";
36			+ $satisfy24end = "</RequireAll>";
37			$davreaders = "Require user $readers";
38			}
39			elsif ($properties{'httpAccess'} eq 'global') {
40			$allow = 'all';
41			+ $allow24 = "all granted";
42			$pass = 0;
43			$satisfy = 'all';
44			+ $satisfy24begin = "<RequireAll>";
45			+ $satisfy24end = "</RequireAll>";
46			$davreaders = '';
47			}
48			elsif ($properties{'httpAccess'} eq 'global-pw') {
49			$allow = 'all';
50			+ $allow24 = "all granted";
51			$pass = 1;
52			$satisfy = 'all';
53			+ $satisfy24begin = "<RequireAll>";
54			+ $satisfy24end = "</RequireAll>";
55			$davreaders = "Require user $readers";
56			}
57			elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
58			$allow = "$localAccess $externalSSLAccess";
59			+ $allow24 = "ip $localAccess $externalSSLAccess";
60			$davwallow = 'all';
61			+ $davwallow24 = "all granted";
62			$pass = 1;
63			$satisfy = 'any';
64			+ $satisfy24begin = "<RequireAny>";
65			+ $satisfy24end = "</RequireAny>";
66			$davreaders = "Require user $readers";
67			}
68			else {
69			@@ -99,6 +119,7 @@
70			}
71			}
72			$davwallow = $allow if ($davwallow eq '');
73			+ $davwallow24 = $allow24 if ($davwallow24 eq '');
74			my $allowOverride = $properties{'AllowOverride'} \|\| "None";
75			my $followSymLinks = $properties{'FollowSymLinks'} \|\| "disabled";
76			my $indexes = $properties{'Indexes'} \|\| "enabled";
77			@@ -152,26 +173,41 @@
78			$OUT .= " DirectoryIndex index.shtml index.htm index.html\n";
79			$OUT .= " Options +IncludesNOEXEC\n";
80			$OUT .= " <FilesMatch \"\\.(php\|php3\|phtml\|cgi\|pl)\$\">\n";
81			+ $OUT .= " <IfModule mod_access_compat.c>\n";
82			$OUT .= " order deny,allow\n";
83			$OUT .= " Deny from all\n";
84			+ $OUT .= " </IfModule>\n";
85			+ $OUT .= " <IfModule !mod_access_compat.c>\n";
86			+ $OUT .= " Require all denied\n";
87			+ $OUT .= " </IfModule>\n";
88			$OUT .= " </FilesMatch>\n";
89			}
90
91			$OUT .= " AllowOverride $allowOverride\n";
92			unless ($webdav){
93			- $OUT .=<<"HERE";
94			- order deny,allow
95			- deny from all
96			- allow from $allow
97			-HERE
98			+ $OUT .= " <IfModule mod_access_compat.c>\n";
99			+ $OUT .= " order deny,allow\n";
100			+ $OUT .= " deny from all\n";
101			+ $OUT .= " allow from $allow\n";
102			+ $OUT .= " </IfModule>\n";
103			+ $OUT .= " <IfModule !mod_access_compat.c>\n";
104			+ $OUT .= " $satisfy24begin\n";
105			+ $OUT .= " require user $readers\n" if ($pass);
106			+ $OUT .= " Require $allow24\n";
107			+ $OUT .= " $satisfy24end\n";
108			+ $OUT .= " </IfModule>\n";
109			}
110			if ($pass \|\| $webdav) {
111			$OUT .= " AuthName \"$properties{'Name'}\"\n";
112			$OUT .= " AuthType Basic\n";
113			$OUT .= " AuthExternal pwauth\n";
114			$OUT .= " AuthBasicProvider external\n";
115			- $OUT .= " require user $readers\n" unless ($webdav);
116			- $OUT .= " Satisfy $satisfy\n" unless ($webdav);
117			+ $OUT .= " <IfModule mod_access_compat.c>\n" unless ($webdav);
118			+ $OUT .= " require user $readers\n" unless ($webdav);
119			+ $OUT .= " Satisfy $satisfy\n" unless ($webdav);
120			+ $OUT .= " </IfModule>\n" unless ($webdav);
121			+
122			+
123			}
124			# WebDav is enabled only when auth is required
125			if ($webdav) {
126			@@ -180,19 +216,35 @@
127			Dav on
128			# Read only access
129			<Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
130			+ <IfModule mod_access_compat.c>
131			order deny,allow
132			deny from all
133			allow from $allow
134			$davreaders
135			Satisfy $satisfy
136			+ </IfModule>
137			+ <IfModule !mod_access_compat.c>
138			+ $satisfy24begin
139			+ Require $allow24
140			+ $davreaders
141			+ $satisfy24end
142			+ </IfModule>
143			</Limit>
144			# Write access through webdav always requires authentication
145			<LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
146			+ <IfModule mod_access_compat.c>
147			order deny,allow
148			deny from all
149			allow from $davwallow
150			Require user $writers
151			Satisfy all
152			+ </IfModule>
153			+ <IfModule !mod_access_compat.c>
154			+ <RequireAll>
155			+ Require $davwallow
156			+ Require user $writers
157			+ </RequireAll>
158			+ </IfModule>
159			</LimitExcept>
160
161			HERE
162			@@ -206,8 +258,13 @@
163			}
164			else {
165			$OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
166			- $OUT .= " order deny,allow\n";
167			- $OUT .= " Deny from all\n";
168			+ $OUT .= " <IfModule mod_access_compat.c>\n";
169			+ $OUT .= " order deny,allow\n";
170			+ $OUT .= " Deny from all\n";
171			+ $OUT .= " </IfModule>\n";
172			+ $OUT .= " <IfModule !mod_access_compat.c>\n";
173			+ $OUT .= " Require all denied\n";
174			+ $OUT .= " </IfModule>\n";
175			$OUT .= "</DirectoryMatch>\n";
176			}
177			}
178	jpp	1.2	diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
179			--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-08-01 00:04:59.295000000 -0400
180			+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-08-01 00:15:44.054000000 -0400
181			@@ -13,11 +13,9 @@
182			my $allow;
183			my $allow24;
184			my $pass;
185			- my $satisfy;
186			my $satisfy24begin;
187			my $satisfy24end;
188			my $davreaders;
189			- my $davwallow = '';
190			my $davwallow24 = '';
191			my $webdav = (($properties{'WebDav'} \|\| 'disabled') =~ m/^(enabled\|on\|yes)$/i) ? 1 : 0;
192
193			@@ -68,48 +66,37 @@
194
195			if ($properties{'httpAccess'}) {
196			if ($properties{'httpAccess'} eq 'local') {
197			- $allow = "$localAccess $externalSSLAccess";
198			$allow24 = "ip $localAccess $externalSSLAccess";
199			$pass = 0;
200			- $satisfy = 'all';
201			$satisfy24begin = "<RequireAll>";
202			$satisfy24end = "</RequireAll>";
203			$davreaders = '';
204			}
205			elsif ($properties{'httpAccess'} eq 'local-pw') {
206			- $allow = "$localAccess $externalSSLAccess";
207			$allow24 = "ip $localAccess $externalSSLAccess";
208			$pass = 1;
209			- $satisfy = 'all';
210			$satisfy24begin = "<RequireAll>";
211			$satisfy24end = "</RequireAll>";
212			$davreaders = "Require user $readers";
213			}
214			elsif ($properties{'httpAccess'} eq 'global') {
215			- $allow = 'all';
216			$allow24 = "all granted";
217			$pass = 0;
218			- $satisfy = 'all';
219			$satisfy24begin = "<RequireAll>";
220			$satisfy24end = "</RequireAll>";
221			$davreaders = '';
222			}
223			elsif ($properties{'httpAccess'} eq 'global-pw') {
224			- $allow = 'all';
225			$allow24 = "all granted";
226			$pass = 1;
227			- $satisfy = 'all';
228			$satisfy24begin = "<RequireAll>";
229			$satisfy24end = "</RequireAll>";
230			$davreaders = "Require user $readers";
231			}
232			elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
233			- $allow = "$localAccess $externalSSLAccess";
234			$allow24 = "ip $localAccess $externalSSLAccess";
235			- $davwallow = 'all';
236			$davwallow24 = "all granted";
237			$pass = 1;
238			- $satisfy = 'any';
239			$satisfy24begin = "<RequireAny>";
240			$satisfy24end = "</RequireAny>";
241			$davreaders = "Require user $readers";
242			@@ -118,7 +105,6 @@
243			next;
244			}
245			}
246			- $davwallow = $allow if ($davwallow eq '');
247			$davwallow24 = $allow24 if ($davwallow24 eq '');
248			my $allowOverride = $properties{'AllowOverride'} \|\| "None";
249			my $followSymLinks = $properties{'FollowSymLinks'} \|\| "disabled";
250			@@ -173,41 +159,22 @@
251			$OUT .= " DirectoryIndex index.shtml index.htm index.html\n";
252			$OUT .= " Options +IncludesNOEXEC\n";
253			$OUT .= " <FilesMatch \"\\.(php\|php3\|phtml\|cgi\|pl)\$\">\n";
254			- $OUT .= " <IfModule mod_access_compat.c>\n";
255			- $OUT .= " order deny,allow\n";
256			- $OUT .= " Deny from all\n";
257			- $OUT .= " </IfModule>\n";
258			- $OUT .= " <IfModule !mod_access_compat.c>\n";
259			- $OUT .= " Require all denied\n";
260			- $OUT .= " </IfModule>\n";
261			+ $OUT .= " Require all denied\n";
262			$OUT .= " </FilesMatch>\n";
263			}
264
265			$OUT .= " AllowOverride $allowOverride\n";
266			unless ($webdav){
267			- $OUT .= " <IfModule mod_access_compat.c>\n";
268			- $OUT .= " order deny,allow\n";
269			- $OUT .= " deny from all\n";
270			- $OUT .= " allow from $allow\n";
271			- $OUT .= " </IfModule>\n";
272			- $OUT .= " <IfModule !mod_access_compat.c>\n";
273			$OUT .= " $satisfy24begin\n";
274			$OUT .= " require user $readers\n" if ($pass);
275			$OUT .= " Require $allow24\n";
276			$OUT .= " $satisfy24end\n";
277			- $OUT .= " </IfModule>\n";
278			}
279			if ($pass \|\| $webdav) {
280			$OUT .= " AuthName \"$properties{'Name'}\"\n";
281			$OUT .= " AuthType Basic\n";
282			$OUT .= " AuthExternal pwauth\n";
283			$OUT .= " AuthBasicProvider external\n";
284			- $OUT .= " <IfModule mod_access_compat.c>\n" unless ($webdav);
285			- $OUT .= " require user $readers\n" unless ($webdav);
286			- $OUT .= " Satisfy $satisfy\n" unless ($webdav);
287			- $OUT .= " </IfModule>\n" unless ($webdav);
288			-
289			-
290			}
291			# WebDav is enabled only when auth is required
292			if ($webdav) {
293			@@ -216,35 +183,17 @@
294			Dav on
295			# Read only access
296			<Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
297			- <IfModule mod_access_compat.c>
298			- order deny,allow
299			- deny from all
300			- allow from $allow
301			- $davreaders
302			- Satisfy $satisfy
303			- </IfModule>
304			- <IfModule !mod_access_compat.c>
305			$satisfy24begin
306			Require $allow24
307			$davreaders
308			$satisfy24end
309			- </IfModule>
310			</Limit>
311			# Write access through webdav always requires authentication
312			<LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
313			- <IfModule mod_access_compat.c>
314			- order deny,allow
315			- deny from all
316			- allow from $davwallow
317			- Require user $writers
318			- Satisfy all
319			- </IfModule>
320			- <IfModule !mod_access_compat.c>
321			<RequireAll>
322			- Require $davwallow
323			+ Require $davwallow24
324			Require user $writers
325			</RequireAll>
326			- </IfModule>
327			</LimitExcept>
328
329			HERE
330			@@ -258,13 +207,7 @@
331			}
332			else {
333			$OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
334			- $OUT .= " <IfModule mod_access_compat.c>\n";
335			- $OUT .= " order deny,allow\n";
336			- $OUT .= " Deny from all\n";
337			- $OUT .= " </IfModule>\n";
338			- $OUT .= " <IfModule !mod_access_compat.c>\n";
339			- $OUT .= " Require all denied\n";
340			- $OUT .= " </IfModule>\n";
341			+ $OUT .= " Require all denied\n";
342			$OUT .= "</DirectoryMatch>\n";
343			}
344			}