smeserver-shared-folders/contribs10/smeserver-shared-folders-0.3-bz12060-httpd24.patch

diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares       2022-07-25 02:05:42.911000000 -0400
+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares   2022-07-25 02:50:54.087000000 -0400
@@ -11,10 +11,14 @@
         my $key = $share->key;
 
        my $allow;
+       my $allow24;
         my $pass;
         my $satisfy;
+       my $satisfy24begin;
+       my $satisfy24end;
         my $davreaders;
         my $davwallow = '';
+       my $davwallow24 = '';
         my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0;
 
         # Find which users have read or write access
@@ -65,33 +69,49 @@
         if ($properties{'httpAccess'}) {
             if ($properties{'httpAccess'} eq 'local') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 0;
                 $satisfy = 'all';
+               $satisfy24begin = "<RequireAll>";
+               $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'local-pw') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 1;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global') {
                 $allow   = 'all';
+                $allow24 = "all granted";
                 $pass    = 0;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'global-pw') {
                 $allow   = 'all';
+                $allow24 = "all granted";
                 $pass    = 1;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $davwallow = 'all';
+               $davwallow24 = "all granted"; 
                 $pass    = 1;
                 $satisfy = 'any';
+                $satisfy24begin = "<RequireAny>";
+                $satisfy24end = "</RequireAny>";
                 $davreaders = "Require user $readers";
             }
             else {
@@ -99,6 +119,7 @@
             }
         }
         $davwallow = $allow if ($davwallow eq '');
+       $davwallow24 = $allow24 if ($davwallow24 eq '');
         my $allowOverride = $properties{'AllowOverride'} || "None";
         my $followSymLinks = $properties{'FollowSymLinks'} || "disabled";
         my $indexes = $properties{'Indexes'} || "enabled";
@@ -152,26 +173,41 @@
             $OUT .= "    DirectoryIndex index.shtml index.htm index.html\n";
             $OUT .= "    Options +IncludesNOEXEC\n";
             $OUT .= "    <FilesMatch \"\\.(php|php3|phtml|cgi|pl)\$\">\n";
+            $OUT .= "      <IfModule mod_access_compat.c>\n";
             $OUT .= "        order deny,allow\n";
             $OUT .= "        Deny from all\n"; 
+            $OUT .= "      </IfModule>\n";
+            $OUT .= "      <IfModule !mod_access_compat.c>\n";
+            $OUT .= "        Require all denied\n";
+            $OUT .= "      </IfModule>\n";
             $OUT .= "    </FilesMatch>\n";
         }
 
         $OUT .= "    AllowOverride $allowOverride\n";
         unless ($webdav){
-            $OUT .=<<"HERE";
-    order deny,allow
-    deny from all
-    allow from $allow
-HERE
+            $OUT .= "    <IfModule mod_access_compat.c>\n";
+            $OUT .= "      order deny,allow\n";
+            $OUT .= "      deny from all\n";
+            $OUT .= "      allow from $allow\n";
+            $OUT .= "    </IfModule>\n";
+            $OUT .= "    <IfModule !mod_access_compat.c>\n";
+            $OUT .= "      $satisfy24begin\n"; 
+            $OUT .= "        require user $readers\n" if ($pass);
+            $OUT .= "        Require $allow24\n";
+            $OUT .= "      $satisfy24end\n";
+            $OUT .= "    </IfModule>\n";
         }
         if ($pass || $webdav) {
             $OUT .= "    AuthName \"$properties{'Name'}\"\n";
             $OUT .= "    AuthType Basic\n";
             $OUT .= "    AuthExternal pwauth\n";
             $OUT .= "    AuthBasicProvider external\n";
-            $OUT .= "    require user $readers\n" unless ($webdav);
-            $OUT .= "    Satisfy $satisfy\n" unless ($webdav);
+            $OUT .= "    <IfModule mod_access_compat.c>\n" unless ($webdav);
+            $OUT .= "      require user $readers\n" unless ($webdav);
+            $OUT .= "      Satisfy $satisfy\n" unless ($webdav);
+            $OUT .= "    </IfModule>\n" unless ($webdav);
+
+
         }
         # WebDav is enabled only when auth is required
         if ($webdav) {
@@ -180,19 +216,35 @@
     Dav on
     # Read only access
     <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+      <IfModule mod_access_compat.c>
         order deny,allow
         deny from all
         allow from $allow
         $davreaders
         Satisfy $satisfy
+      </IfModule>
+      <IfModule !mod_access_compat.c>
+        $satisfy24begin
+          Require $allow24
+          $davreaders
+        $satisfy24end
+      </IfModule>
     </Limit>
     # Write access through webdav always requires authentication
     <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+      <IfModule mod_access_compat.c>
         order deny,allow
         deny from all
         allow from $davwallow
         Require user $writers
         Satisfy all
+      </IfModule>
+      <IfModule !mod_access_compat.c>
+        <RequireAll>
+          Require $davwallow
+          Require user $writers
+        </RequireAll>
+      </IfModule>
     </LimitExcept>
 
 HERE
@@ -206,8 +258,13 @@
         }
         else {
             $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
-            $OUT .= "    order deny,allow\n";
-            $OUT .= "    Deny from all\n";
+            $OUT .= "    <IfModule mod_access_compat.c>\n";
+            $OUT .= "      order deny,allow\n";
+            $OUT .= "      Deny from all\n";
+            $OUT .= "    </IfModule>\n";
+            $OUT .= "    <IfModule !mod_access_compat.c>\n";
+            $OUT .= "      Require all denied\n";
+            $OUT .= "    </IfModule>\n";
             $OUT .= "</DirectoryMatch>\n";
         }
     }
1	diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
2	--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-07-25 02:05:42.911000000 -0400
3	+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-07-25 02:50:54.087000000 -0400
4	@@ -11,10 +11,14 @@
5	my $key = $share->key;
6
7	my $allow;
8	+ my $allow24;
9	my $pass;
10	my $satisfy;
11	+ my $satisfy24begin;
12	+ my $satisfy24end;
13	my $davreaders;
14	my $davwallow = '';
15	+ my $davwallow24 = '';
16	my $webdav = (($properties{'WebDav'} \|\| 'disabled') =~ m/^(enabled\|on\|yes)$/i) ? 1 : 0;
17
18	# Find which users have read or write access
19	@@ -65,33 +69,49 @@
20	if ($properties{'httpAccess'}) {
21	if ($properties{'httpAccess'} eq 'local') {
22	$allow = "$localAccess $externalSSLAccess";
23	+ $allow24 = "ip $localAccess $externalSSLAccess";
24	$pass = 0;
25	$satisfy = 'all';
26	+ $satisfy24begin = "<RequireAll>";
27	+ $satisfy24end = "</RequireAll>";
28	$davreaders = '';
29	}
30	elsif ($properties{'httpAccess'} eq 'local-pw') {
31	$allow = "$localAccess $externalSSLAccess";
32	+ $allow24 = "ip $localAccess $externalSSLAccess";
33	$pass = 1;
34	$satisfy = 'all';
35	+ $satisfy24begin = "<RequireAll>";
36	+ $satisfy24end = "</RequireAll>";
37	$davreaders = "Require user $readers";
38	}
39	elsif ($properties{'httpAccess'} eq 'global') {
40	$allow = 'all';
41	+ $allow24 = "all granted";
42	$pass = 0;
43	$satisfy = 'all';
44	+ $satisfy24begin = "<RequireAll>";
45	+ $satisfy24end = "</RequireAll>";
46	$davreaders = '';
47	}
48	elsif ($properties{'httpAccess'} eq 'global-pw') {
49	$allow = 'all';
50	+ $allow24 = "all granted";
51	$pass = 1;
52	$satisfy = 'all';
53	+ $satisfy24begin = "<RequireAll>";
54	+ $satisfy24end = "</RequireAll>";
55	$davreaders = "Require user $readers";
56	}
57	elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
58	$allow = "$localAccess $externalSSLAccess";
59	+ $allow24 = "ip $localAccess $externalSSLAccess";
60	$davwallow = 'all';
61	+ $davwallow24 = "all granted";
62	$pass = 1;
63	$satisfy = 'any';
64	+ $satisfy24begin = "<RequireAny>";
65	+ $satisfy24end = "</RequireAny>";
66	$davreaders = "Require user $readers";
67	}
68	else {
69	@@ -99,6 +119,7 @@
70	}
71	}
72	$davwallow = $allow if ($davwallow eq '');
73	+ $davwallow24 = $allow24 if ($davwallow24 eq '');
74	my $allowOverride = $properties{'AllowOverride'} \|\| "None";
75	my $followSymLinks = $properties{'FollowSymLinks'} \|\| "disabled";
76	my $indexes = $properties{'Indexes'} \|\| "enabled";
77	@@ -152,26 +173,41 @@
78	$OUT .= " DirectoryIndex index.shtml index.htm index.html\n";
79	$OUT .= " Options +IncludesNOEXEC\n";
80	$OUT .= " <FilesMatch \"\\.(php\|php3\|phtml\|cgi\|pl)\$\">\n";
81	+ $OUT .= " <IfModule mod_access_compat.c>\n";
82	$OUT .= " order deny,allow\n";
83	$OUT .= " Deny from all\n";
84	+ $OUT .= " </IfModule>\n";
85	+ $OUT .= " <IfModule !mod_access_compat.c>\n";
86	+ $OUT .= " Require all denied\n";
87	+ $OUT .= " </IfModule>\n";
88	$OUT .= " </FilesMatch>\n";
89	}
90
91	$OUT .= " AllowOverride $allowOverride\n";
92	unless ($webdav){
93	- $OUT .=<<"HERE";
94	- order deny,allow
95	- deny from all
96	- allow from $allow
97	-HERE
98	+ $OUT .= " <IfModule mod_access_compat.c>\n";
99	+ $OUT .= " order deny,allow\n";
100	+ $OUT .= " deny from all\n";
101	+ $OUT .= " allow from $allow\n";
102	+ $OUT .= " </IfModule>\n";
103	+ $OUT .= " <IfModule !mod_access_compat.c>\n";
104	+ $OUT .= " $satisfy24begin\n";
105	+ $OUT .= " require user $readers\n" if ($pass);
106	+ $OUT .= " Require $allow24\n";
107	+ $OUT .= " $satisfy24end\n";
108	+ $OUT .= " </IfModule>\n";
109	}
110	if ($pass \|\| $webdav) {
111	$OUT .= " AuthName \"$properties{'Name'}\"\n";
112	$OUT .= " AuthType Basic\n";
113	$OUT .= " AuthExternal pwauth\n";
114	$OUT .= " AuthBasicProvider external\n";
115	- $OUT .= " require user $readers\n" unless ($webdav);
116	- $OUT .= " Satisfy $satisfy\n" unless ($webdav);
117	+ $OUT .= " <IfModule mod_access_compat.c>\n" unless ($webdav);
118	+ $OUT .= " require user $readers\n" unless ($webdav);
119	+ $OUT .= " Satisfy $satisfy\n" unless ($webdav);
120	+ $OUT .= " </IfModule>\n" unless ($webdav);
121	+
122	+
123	}
124	# WebDav is enabled only when auth is required
125	if ($webdav) {
126	@@ -180,19 +216,35 @@
127	Dav on
128	# Read only access
129	<Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
130	+ <IfModule mod_access_compat.c>
131	order deny,allow
132	deny from all
133	allow from $allow
134	$davreaders
135	Satisfy $satisfy
136	+ </IfModule>
137	+ <IfModule !mod_access_compat.c>
138	+ $satisfy24begin
139	+ Require $allow24
140	+ $davreaders
141	+ $satisfy24end
142	+ </IfModule>
143	</Limit>
144	# Write access through webdav always requires authentication
145	<LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
146	+ <IfModule mod_access_compat.c>
147	order deny,allow
148	deny from all
149	allow from $davwallow
150	Require user $writers
151	Satisfy all
152	+ </IfModule>
153	+ <IfModule !mod_access_compat.c>
154	+ <RequireAll>
155	+ Require $davwallow
156	+ Require user $writers
157	+ </RequireAll>
158	+ </IfModule>
159	</LimitExcept>
160
161	HERE
162	@@ -206,8 +258,13 @@
163	}
164	else {
165	$OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
166	- $OUT .= " order deny,allow\n";
167	- $OUT .= " Deny from all\n";
168	+ $OUT .= " <IfModule mod_access_compat.c>\n";
169	+ $OUT .= " order deny,allow\n";
170	+ $OUT .= " Deny from all\n";
171	+ $OUT .= " </IfModule>\n";
172	+ $OUT .= " <IfModule !mod_access_compat.c>\n";
173	+ $OUT .= " Require all denied\n";
174	+ $OUT .= " </IfModule>\n";
175	$OUT .= "</DirectoryMatch>\n";
176	}
177	}