smeserver-shared-folders/contribs10/smeserver-shared-folders-0.3-bz12060-httpd24.patch

diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares       2022-07-25 02:05:42.911000000 -0400
+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares   2022-07-25 02:50:54.087000000 -0400
@@ -11,10 +11,14 @@
         my $key = $share->key;
 
        my $allow;
+       my $allow24;
         my $pass;
         my $satisfy;
+       my $satisfy24begin;
+       my $satisfy24end;
         my $davreaders;
         my $davwallow = '';
+       my $davwallow24 = '';
         my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0;
 
         # Find which users have read or write access
@@ -65,33 +69,49 @@
         if ($properties{'httpAccess'}) {
             if ($properties{'httpAccess'} eq 'local') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 0;
                 $satisfy = 'all';
+               $satisfy24begin = "<RequireAll>";
+               $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'local-pw') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 1;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global') {
                 $allow   = 'all';
+                $allow24 = "all granted";
                 $pass    = 0;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'global-pw') {
                 $allow   = 'all';
+                $allow24 = "all granted";
                 $pass    = 1;
                 $satisfy = 'all';
+                $satisfy24begin = "<RequireAll>";
+                $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
                 $allow   = "$localAccess $externalSSLAccess";
+                $allow24 = "ip $localAccess $externalSSLAccess";
                 $davwallow = 'all';
+               $davwallow24 = "all granted"; 
                 $pass    = 1;
                 $satisfy = 'any';
+                $satisfy24begin = "<RequireAny>";
+                $satisfy24end = "</RequireAny>";
                 $davreaders = "Require user $readers";
             }
             else {
@@ -99,6 +119,7 @@
             }
         }
         $davwallow = $allow if ($davwallow eq '');
+       $davwallow24 = $allow24 if ($davwallow24 eq '');
         my $allowOverride = $properties{'AllowOverride'} || "None";
         my $followSymLinks = $properties{'FollowSymLinks'} || "disabled";
         my $indexes = $properties{'Indexes'} || "enabled";
@@ -152,26 +173,41 @@
             $OUT .= "    DirectoryIndex index.shtml index.htm index.html\n";
             $OUT .= "    Options +IncludesNOEXEC\n";
             $OUT .= "    <FilesMatch \"\\.(php|php3|phtml|cgi|pl)\$\">\n";
+            $OUT .= "      <IfModule mod_access_compat.c>\n";
             $OUT .= "        order deny,allow\n";
             $OUT .= "        Deny from all\n"; 
+            $OUT .= "      </IfModule>\n";
+            $OUT .= "      <IfModule !mod_access_compat.c>\n";
+            $OUT .= "        Require all denied\n";
+            $OUT .= "      </IfModule>\n";
             $OUT .= "    </FilesMatch>\n";
         }
 
         $OUT .= "    AllowOverride $allowOverride\n";
         unless ($webdav){
-            $OUT .=<<"HERE";
-    order deny,allow
-    deny from all
-    allow from $allow
-HERE
+            $OUT .= "    <IfModule mod_access_compat.c>\n";
+            $OUT .= "      order deny,allow\n";
+            $OUT .= "      deny from all\n";
+            $OUT .= "      allow from $allow\n";
+            $OUT .= "    </IfModule>\n";
+            $OUT .= "    <IfModule !mod_access_compat.c>\n";
+            $OUT .= "      $satisfy24begin\n"; 
+            $OUT .= "        require user $readers\n" if ($pass);
+            $OUT .= "        Require $allow24\n";
+            $OUT .= "      $satisfy24end\n";
+            $OUT .= "    </IfModule>\n";
         }
         if ($pass || $webdav) {
             $OUT .= "    AuthName \"$properties{'Name'}\"\n";
             $OUT .= "    AuthType Basic\n";
             $OUT .= "    AuthExternal pwauth\n";
             $OUT .= "    AuthBasicProvider external\n";
-            $OUT .= "    require user $readers\n" unless ($webdav);
-            $OUT .= "    Satisfy $satisfy\n" unless ($webdav);
+            $OUT .= "    <IfModule mod_access_compat.c>\n" unless ($webdav);
+            $OUT .= "      require user $readers\n" unless ($webdav);
+            $OUT .= "      Satisfy $satisfy\n" unless ($webdav);
+            $OUT .= "    </IfModule>\n" unless ($webdav);
+
+
         }
         # WebDav is enabled only when auth is required
         if ($webdav) {
@@ -180,19 +216,35 @@
     Dav on
     # Read only access
     <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+      <IfModule mod_access_compat.c>
         order deny,allow
         deny from all
         allow from $allow
         $davreaders
         Satisfy $satisfy
+      </IfModule>
+      <IfModule !mod_access_compat.c>
+        $satisfy24begin
+          Require $allow24
+          $davreaders
+        $satisfy24end
+      </IfModule>
     </Limit>
     # Write access through webdav always requires authentication
     <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
+      <IfModule mod_access_compat.c>
         order deny,allow
         deny from all
         allow from $davwallow
         Require user $writers
         Satisfy all
+      </IfModule>
+      <IfModule !mod_access_compat.c>
+        <RequireAll>
+          Require $davwallow
+          Require user $writers
+        </RequireAll>
+      </IfModule>
     </LimitExcept>
 
 HERE
@@ -206,8 +258,13 @@
         }
         else {
             $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
-            $OUT .= "    order deny,allow\n";
-            $OUT .= "    Deny from all\n";
+            $OUT .= "    <IfModule mod_access_compat.c>\n";
+            $OUT .= "      order deny,allow\n";
+            $OUT .= "      Deny from all\n";
+            $OUT .= "    </IfModule>\n";
+            $OUT .= "    <IfModule !mod_access_compat.c>\n";
+            $OUT .= "      Require all denied\n";
+            $OUT .= "    </IfModule>\n";
             $OUT .= "</DirectoryMatch>\n";
         }
     }
diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares       2022-08-01 00:04:59.295000000 -0400
+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares   2022-08-01 00:15:44.054000000 -0400
@@ -13,11 +13,9 @@
        my $allow;
        my $allow24;
         my $pass;
-        my $satisfy;
        my $satisfy24begin;
        my $satisfy24end;
         my $davreaders;
-        my $davwallow = '';
        my $davwallow24 = '';
         my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0;
 
@@ -68,48 +66,37 @@
        
         if ($properties{'httpAccess'}) {
             if ($properties{'httpAccess'} eq 'local') {
-                $allow   = "$localAccess $externalSSLAccess";
                 $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 0;
-                $satisfy = 'all';
                $satisfy24begin = "<RequireAll>";
                $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'local-pw') {
-                $allow   = "$localAccess $externalSSLAccess";
                 $allow24 = "ip $localAccess $externalSSLAccess";
                 $pass    = 1;
-                $satisfy = 'all';
                 $satisfy24begin = "<RequireAll>";
                 $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global') {
-                $allow   = 'all';
                 $allow24 = "all granted";
                 $pass    = 0;
-                $satisfy = 'all';
                 $satisfy24begin = "<RequireAll>";
                 $satisfy24end = "</RequireAll>";
                 $davreaders = '';
             }
             elsif ($properties{'httpAccess'} eq 'global-pw') {
-                $allow   = 'all';
                 $allow24 = "all granted";
                 $pass    = 1;
-                $satisfy = 'all';
                 $satisfy24begin = "<RequireAll>";
                 $satisfy24end = "</RequireAll>";
                 $davreaders = "Require user $readers";
             }
             elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
-                $allow   = "$localAccess $externalSSLAccess";
                 $allow24 = "ip $localAccess $externalSSLAccess";
-                $davwallow = 'all';
                $davwallow24 = "all granted"; 
                 $pass    = 1;
-                $satisfy = 'any';
                 $satisfy24begin = "<RequireAny>";
                 $satisfy24end = "</RequireAny>";
                 $davreaders = "Require user $readers";
@@ -118,7 +105,6 @@
                 next;
             }
         }
-        $davwallow = $allow if ($davwallow eq '');
        $davwallow24 = $allow24 if ($davwallow24 eq '');
         my $allowOverride = $properties{'AllowOverride'} || "None";
         my $followSymLinks = $properties{'FollowSymLinks'} || "disabled";
@@ -173,41 +159,22 @@
             $OUT .= "    DirectoryIndex index.shtml index.htm index.html\n";
             $OUT .= "    Options +IncludesNOEXEC\n";
             $OUT .= "    <FilesMatch \"\\.(php|php3|phtml|cgi|pl)\$\">\n";
-            $OUT .= "      <IfModule mod_access_compat.c>\n";
-            $OUT .= "        order deny,allow\n";
-            $OUT .= "        Deny from all\n"; 
-            $OUT .= "      </IfModule>\n";
-            $OUT .= "      <IfModule !mod_access_compat.c>\n";
-            $OUT .= "        Require all denied\n";
-            $OUT .= "      </IfModule>\n";
+            $OUT .= "      Require all denied\n";
             $OUT .= "    </FilesMatch>\n";
         }
 
         $OUT .= "    AllowOverride $allowOverride\n";
         unless ($webdav){
-            $OUT .= "    <IfModule mod_access_compat.c>\n";
-            $OUT .= "      order deny,allow\n";
-            $OUT .= "      deny from all\n";
-            $OUT .= "      allow from $allow\n";
-            $OUT .= "    </IfModule>\n";
-            $OUT .= "    <IfModule !mod_access_compat.c>\n";
             $OUT .= "      $satisfy24begin\n"; 
             $OUT .= "        require user $readers\n" if ($pass);
             $OUT .= "        Require $allow24\n";
             $OUT .= "      $satisfy24end\n";
-            $OUT .= "    </IfModule>\n";
         }
         if ($pass || $webdav) {
             $OUT .= "    AuthName \"$properties{'Name'}\"\n";
             $OUT .= "    AuthType Basic\n";
             $OUT .= "    AuthExternal pwauth\n";
             $OUT .= "    AuthBasicProvider external\n";
-            $OUT .= "    <IfModule mod_access_compat.c>\n" unless ($webdav);
-            $OUT .= "      require user $readers\n" unless ($webdav);
-            $OUT .= "      Satisfy $satisfy\n" unless ($webdav);
-            $OUT .= "    </IfModule>\n" unless ($webdav);
-
-
         }
         # WebDav is enabled only when auth is required
         if ($webdav) {
@@ -216,35 +183,17 @@
     Dav on
     # Read only access
     <Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
-      <IfModule mod_access_compat.c>
-        order deny,allow
-        deny from all
-        allow from $allow
-        $davreaders
-        Satisfy $satisfy
-      </IfModule>
-      <IfModule !mod_access_compat.c>
         $satisfy24begin
           Require $allow24
           $davreaders
         $satisfy24end
-      </IfModule>
     </Limit>
     # Write access through webdav always requires authentication
     <LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
-      <IfModule mod_access_compat.c>
-        order deny,allow
-        deny from all
-        allow from $davwallow
-        Require user $writers
-        Satisfy all
-      </IfModule>
-      <IfModule !mod_access_compat.c>
         <RequireAll>
-          Require $davwallow
+          Require $davwallow24
           Require user $writers
         </RequireAll>
-      </IfModule>
     </LimitExcept>
 
 HERE
@@ -258,13 +207,7 @@
         }
         else {
             $OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
-            $OUT .= "    <IfModule mod_access_compat.c>\n";
-            $OUT .= "      order deny,allow\n";
-            $OUT .= "      Deny from all\n";
-            $OUT .= "    </IfModule>\n";
-            $OUT .= "    <IfModule !mod_access_compat.c>\n";
-            $OUT .= "      Require all denied\n";
-            $OUT .= "    </IfModule>\n";
+            $OUT .= "    Require all denied\n";
             $OUT .= "</DirectoryMatch>\n";
         }
     }
1	diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
2	--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-07-25 02:05:42.911000000 -0400
3	+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-07-25 02:50:54.087000000 -0400
4	@@ -11,10 +11,14 @@
5	my $key = $share->key;
6
7	my $allow;
8	+ my $allow24;
9	my $pass;
10	my $satisfy;
11	+ my $satisfy24begin;
12	+ my $satisfy24end;
13	my $davreaders;
14	my $davwallow = '';
15	+ my $davwallow24 = '';
16	my $webdav = (($properties{'WebDav'} \|\| 'disabled') =~ m/^(enabled\|on\|yes)$/i) ? 1 : 0;
17
18	# Find which users have read or write access
19	@@ -65,33 +69,49 @@
20	if ($properties{'httpAccess'}) {
21	if ($properties{'httpAccess'} eq 'local') {
22	$allow = "$localAccess $externalSSLAccess";
23	+ $allow24 = "ip $localAccess $externalSSLAccess";
24	$pass = 0;
25	$satisfy = 'all';
26	+ $satisfy24begin = "<RequireAll>";
27	+ $satisfy24end = "</RequireAll>";
28	$davreaders = '';
29	}
30	elsif ($properties{'httpAccess'} eq 'local-pw') {
31	$allow = "$localAccess $externalSSLAccess";
32	+ $allow24 = "ip $localAccess $externalSSLAccess";
33	$pass = 1;
34	$satisfy = 'all';
35	+ $satisfy24begin = "<RequireAll>";
36	+ $satisfy24end = "</RequireAll>";
37	$davreaders = "Require user $readers";
38	}
39	elsif ($properties{'httpAccess'} eq 'global') {
40	$allow = 'all';
41	+ $allow24 = "all granted";
42	$pass = 0;
43	$satisfy = 'all';
44	+ $satisfy24begin = "<RequireAll>";
45	+ $satisfy24end = "</RequireAll>";
46	$davreaders = '';
47	}
48	elsif ($properties{'httpAccess'} eq 'global-pw') {
49	$allow = 'all';
50	+ $allow24 = "all granted";
51	$pass = 1;
52	$satisfy = 'all';
53	+ $satisfy24begin = "<RequireAll>";
54	+ $satisfy24end = "</RequireAll>";
55	$davreaders = "Require user $readers";
56	}
57	elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
58	$allow = "$localAccess $externalSSLAccess";
59	+ $allow24 = "ip $localAccess $externalSSLAccess";
60	$davwallow = 'all';
61	+ $davwallow24 = "all granted";
62	$pass = 1;
63	$satisfy = 'any';
64	+ $satisfy24begin = "<RequireAny>";
65	+ $satisfy24end = "</RequireAny>";
66	$davreaders = "Require user $readers";
67	}
68	else {
69	@@ -99,6 +119,7 @@
70	}
71	}
72	$davwallow = $allow if ($davwallow eq '');
73	+ $davwallow24 = $allow24 if ($davwallow24 eq '');
74	my $allowOverride = $properties{'AllowOverride'} \|\| "None";
75	my $followSymLinks = $properties{'FollowSymLinks'} \|\| "disabled";
76	my $indexes = $properties{'Indexes'} \|\| "enabled";
77	@@ -152,26 +173,41 @@
78	$OUT .= " DirectoryIndex index.shtml index.htm index.html\n";
79	$OUT .= " Options +IncludesNOEXEC\n";
80	$OUT .= " <FilesMatch \"\\.(php\|php3\|phtml\|cgi\|pl)\$\">\n";
81	+ $OUT .= " <IfModule mod_access_compat.c>\n";
82	$OUT .= " order deny,allow\n";
83	$OUT .= " Deny from all\n";
84	+ $OUT .= " </IfModule>\n";
85	+ $OUT .= " <IfModule !mod_access_compat.c>\n";
86	+ $OUT .= " Require all denied\n";
87	+ $OUT .= " </IfModule>\n";
88	$OUT .= " </FilesMatch>\n";
89	}
90
91	$OUT .= " AllowOverride $allowOverride\n";
92	unless ($webdav){
93	- $OUT .=<<"HERE";
94	- order deny,allow
95	- deny from all
96	- allow from $allow
97	-HERE
98	+ $OUT .= " <IfModule mod_access_compat.c>\n";
99	+ $OUT .= " order deny,allow\n";
100	+ $OUT .= " deny from all\n";
101	+ $OUT .= " allow from $allow\n";
102	+ $OUT .= " </IfModule>\n";
103	+ $OUT .= " <IfModule !mod_access_compat.c>\n";
104	+ $OUT .= " $satisfy24begin\n";
105	+ $OUT .= " require user $readers\n" if ($pass);
106	+ $OUT .= " Require $allow24\n";
107	+ $OUT .= " $satisfy24end\n";
108	+ $OUT .= " </IfModule>\n";
109	}
110	if ($pass \|\| $webdav) {
111	$OUT .= " AuthName \"$properties{'Name'}\"\n";
112	$OUT .= " AuthType Basic\n";
113	$OUT .= " AuthExternal pwauth\n";
114	$OUT .= " AuthBasicProvider external\n";
115	- $OUT .= " require user $readers\n" unless ($webdav);
116	- $OUT .= " Satisfy $satisfy\n" unless ($webdav);
117	+ $OUT .= " <IfModule mod_access_compat.c>\n" unless ($webdav);
118	+ $OUT .= " require user $readers\n" unless ($webdav);
119	+ $OUT .= " Satisfy $satisfy\n" unless ($webdav);
120	+ $OUT .= " </IfModule>\n" unless ($webdav);
121	+
122	+
123	}
124	# WebDav is enabled only when auth is required
125	if ($webdav) {
126	@@ -180,19 +216,35 @@
127	Dav on
128	# Read only access
129	<Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
130	+ <IfModule mod_access_compat.c>
131	order deny,allow
132	deny from all
133	allow from $allow
134	$davreaders
135	Satisfy $satisfy
136	+ </IfModule>
137	+ <IfModule !mod_access_compat.c>
138	+ $satisfy24begin
139	+ Require $allow24
140	+ $davreaders
141	+ $satisfy24end
142	+ </IfModule>
143	</Limit>
144	# Write access through webdav always requires authentication
145	<LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
146	+ <IfModule mod_access_compat.c>
147	order deny,allow
148	deny from all
149	allow from $davwallow
150	Require user $writers
151	Satisfy all
152	+ </IfModule>
153	+ <IfModule !mod_access_compat.c>
154	+ <RequireAll>
155	+ Require $davwallow
156	+ Require user $writers
157	+ </RequireAll>
158	+ </IfModule>
159	</LimitExcept>
160
161	HERE
162	@@ -206,8 +258,13 @@
163	}
164	else {
165	$OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
166	- $OUT .= " order deny,allow\n";
167	- $OUT .= " Deny from all\n";
168	+ $OUT .= " <IfModule mod_access_compat.c>\n";
169	+ $OUT .= " order deny,allow\n";
170	+ $OUT .= " Deny from all\n";
171	+ $OUT .= " </IfModule>\n";
172	+ $OUT .= " <IfModule !mod_access_compat.c>\n";
173	+ $OUT .= " Require all denied\n";
174	+ $OUT .= " </IfModule>\n";
175	$OUT .= "</DirectoryMatch>\n";
176	}
177	}
178	diff -Nur --no-dereference smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
179	--- smeserver-shared-folders-0.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-08-01 00:04:59.295000000 -0400
180	+++ smeserver-shared-folders-0.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2022-08-01 00:15:44.054000000 -0400
181	@@ -13,11 +13,9 @@
182	my $allow;
183	my $allow24;
184	my $pass;
185	- my $satisfy;
186	my $satisfy24begin;
187	my $satisfy24end;
188	my $davreaders;
189	- my $davwallow = '';
190	my $davwallow24 = '';
191	my $webdav = (($properties{'WebDav'} \|\| 'disabled') =~ m/^(enabled\|on\|yes)$/i) ? 1 : 0;
192
193	@@ -68,48 +66,37 @@
194
195	if ($properties{'httpAccess'}) {
196	if ($properties{'httpAccess'} eq 'local') {
197	- $allow = "$localAccess $externalSSLAccess";
198	$allow24 = "ip $localAccess $externalSSLAccess";
199	$pass = 0;
200	- $satisfy = 'all';
201	$satisfy24begin = "<RequireAll>";
202	$satisfy24end = "</RequireAll>";
203	$davreaders = '';
204	}
205	elsif ($properties{'httpAccess'} eq 'local-pw') {
206	- $allow = "$localAccess $externalSSLAccess";
207	$allow24 = "ip $localAccess $externalSSLAccess";
208	$pass = 1;
209	- $satisfy = 'all';
210	$satisfy24begin = "<RequireAll>";
211	$satisfy24end = "</RequireAll>";
212	$davreaders = "Require user $readers";
213	}
214	elsif ($properties{'httpAccess'} eq 'global') {
215	- $allow = 'all';
216	$allow24 = "all granted";
217	$pass = 0;
218	- $satisfy = 'all';
219	$satisfy24begin = "<RequireAll>";
220	$satisfy24end = "</RequireAll>";
221	$davreaders = '';
222	}
223	elsif ($properties{'httpAccess'} eq 'global-pw') {
224	- $allow = 'all';
225	$allow24 = "all granted";
226	$pass = 1;
227	- $satisfy = 'all';
228	$satisfy24begin = "<RequireAll>";
229	$satisfy24end = "</RequireAll>";
230	$davreaders = "Require user $readers";
231	}
232	elsif ($properties{'httpAccess'} eq 'global-pw-remote') {
233	- $allow = "$localAccess $externalSSLAccess";
234	$allow24 = "ip $localAccess $externalSSLAccess";
235	- $davwallow = 'all';
236	$davwallow24 = "all granted";
237	$pass = 1;
238	- $satisfy = 'any';
239	$satisfy24begin = "<RequireAny>";
240	$satisfy24end = "</RequireAny>";
241	$davreaders = "Require user $readers";
242	@@ -118,7 +105,6 @@
243	next;
244	}
245	}
246	- $davwallow = $allow if ($davwallow eq '');
247	$davwallow24 = $allow24 if ($davwallow24 eq '');
248	my $allowOverride = $properties{'AllowOverride'} \|\| "None";
249	my $followSymLinks = $properties{'FollowSymLinks'} \|\| "disabled";
250	@@ -173,41 +159,22 @@
251	$OUT .= " DirectoryIndex index.shtml index.htm index.html\n";
252	$OUT .= " Options +IncludesNOEXEC\n";
253	$OUT .= " <FilesMatch \"\\.(php\|php3\|phtml\|cgi\|pl)\$\">\n";
254	- $OUT .= " <IfModule mod_access_compat.c>\n";
255	- $OUT .= " order deny,allow\n";
256	- $OUT .= " Deny from all\n";
257	- $OUT .= " </IfModule>\n";
258	- $OUT .= " <IfModule !mod_access_compat.c>\n";
259	- $OUT .= " Require all denied\n";
260	- $OUT .= " </IfModule>\n";
261	+ $OUT .= " Require all denied\n";
262	$OUT .= " </FilesMatch>\n";
263	}
264
265	$OUT .= " AllowOverride $allowOverride\n";
266	unless ($webdav){
267	- $OUT .= " <IfModule mod_access_compat.c>\n";
268	- $OUT .= " order deny,allow\n";
269	- $OUT .= " deny from all\n";
270	- $OUT .= " allow from $allow\n";
271	- $OUT .= " </IfModule>\n";
272	- $OUT .= " <IfModule !mod_access_compat.c>\n";
273	$OUT .= " $satisfy24begin\n";
274	$OUT .= " require user $readers\n" if ($pass);
275	$OUT .= " Require $allow24\n";
276	$OUT .= " $satisfy24end\n";
277	- $OUT .= " </IfModule>\n";
278	}
279	if ($pass \|\| $webdav) {
280	$OUT .= " AuthName \"$properties{'Name'}\"\n";
281	$OUT .= " AuthType Basic\n";
282	$OUT .= " AuthExternal pwauth\n";
283	$OUT .= " AuthBasicProvider external\n";
284	- $OUT .= " <IfModule mod_access_compat.c>\n" unless ($webdav);
285	- $OUT .= " require user $readers\n" unless ($webdav);
286	- $OUT .= " Satisfy $satisfy\n" unless ($webdav);
287	- $OUT .= " </IfModule>\n" unless ($webdav);
288	-
289	-
290	}
291	# WebDav is enabled only when auth is required
292	if ($webdav) {
293	@@ -216,35 +183,17 @@
294	Dav on
295	# Read only access
296	<Limit GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
297	- <IfModule mod_access_compat.c>
298	- order deny,allow
299	- deny from all
300	- allow from $allow
301	- $davreaders
302	- Satisfy $satisfy
303	- </IfModule>
304	- <IfModule !mod_access_compat.c>
305	$satisfy24begin
306	Require $allow24
307	$davreaders
308	$satisfy24end
309	- </IfModule>
310	</Limit>
311	# Write access through webdav always requires authentication
312	<LimitExcept GET PROPFIND OPTIONS LOCK UNLOCK REPORT>
313	- <IfModule mod_access_compat.c>
314	- order deny,allow
315	- deny from all
316	- allow from $davwallow
317	- Require user $writers
318	- Satisfy all
319	- </IfModule>
320	- <IfModule !mod_access_compat.c>
321	<RequireAll>
322	- Require $davwallow
323	+ Require $davwallow24
324	Require user $writers
325	</RequireAll>
326	- </IfModule>
327	</LimitExcept>
328
329	HERE
330	@@ -258,13 +207,7 @@
331	}
332	else {
333	$OUT .= "<DirectoryMatch /home/e-smith/files/shares/$key/files/cgi-bin>\n";
334	- $OUT .= " <IfModule mod_access_compat.c>\n";
335	- $OUT .= " order deny,allow\n";
336	- $OUT .= " Deny from all\n";
337	- $OUT .= " </IfModule>\n";
338	- $OUT .= " <IfModule !mod_access_compat.c>\n";
339	- $OUT .= " Require all denied\n";
340	- $OUT .= " </IfModule>\n";
341	+ $OUT .= " Require all denied\n";
342	$OUT .= "</DirectoryMatch>\n";
343	}
344	}