summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBen Reser <breser@apache.org>2013-10-03 07:29:35 +0200
committerBen Reser <breser@apache.org>2013-10-03 07:29:35 +0200
commit3c6d4757a1e04cfc3c5acf5f3be2a27ee35e529e (patch)
treeb1978e54d8b05391cf915329bd66a3617cd681b6
parent *) mod_rewrite: Make rewrite websocket aware to allow proxying. (diff)
downloadapache2-3c6d4757a1e04cfc3c5acf5f3be2a27ee35e529e.tar.xz
apache2-3c6d4757a1e04cfc3c5acf5f3be2a27ee35e529e.zip
mod_dav: Fix PR 55306.
Makes mod_dav no longer require that the lock token be provided when the source of a COPY is locked. The prior behavior was in violating of RFC 4918 which says that the lock token is only required on resources that may be modified by the method. * modules/dav/main/mod_dav.h (DAV_VALIDATE_NO_MODIFY): New flag to be passed to dav_validate_* functions. * modules/dav/main/mod_dav.c (dav_method_copymove): Use the new flag when calling dav_validate_request() on the COPY source. * modules/dav/main/util.c (dav_validate_resource_state): Use the flag to decide to ignore if the lock token is not provided. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1528718 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r--modules/dav/main/mod_dav.c3
-rw-r--r--modules/dav/main/mod_dav.h3
-rw-r--r--modules/dav/main/util.c7
3 files changed, 10 insertions, 3 deletions
diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c
index 73970f0daa..9299220b2a 100644
--- a/modules/dav/main/mod_dav.c
+++ b/modules/dav/main/mod_dav.c
@@ -2774,7 +2774,8 @@ static int dav_method_copymove(request_rec *r, int is_move)
if ((err = dav_validate_request(r, resource, depth, NULL,
&multi_response,
(is_move ? DAV_VALIDATE_PARENT
- : DAV_VALIDATE_RESOURCE)
+ : DAV_VALIDATE_RESOURCE
+ | DAV_VALIDATE_NO_MODIFY)
| DAV_VALIDATE_USE_424,
NULL)) != NULL) {
err = dav_push_error(r->pool, err->status, 0,
diff --git a/modules/dav/main/mod_dav.h b/modules/dav/main/mod_dav.h
index 7b91b63cf2..74b421b534 100644
--- a/modules/dav/main/mod_dav.h
+++ b/modules/dav/main/mod_dav.h
@@ -1297,6 +1297,9 @@ DAV_DECLARE(dav_error *) dav_validate_request(request_rec *r,
the 424 DAV:response */
#define DAV_VALIDATE_USE_424 0x0080 /* return 424 status, not 207 */
#define DAV_VALIDATE_IS_PARENT 0x0100 /* for internal use */
+#define DAV_VALIDATE_NO_MODIFY 0x0200 /* resource is not being modified
+ so allow even if lock token
+ is not provided */
/* Lock-null related public lock functions */
DAV_DECLARE(int) dav_get_resource_state(request_rec *r,
diff --git a/modules/dav/main/util.c b/modules/dav/main/util.c
index ab42af0229..1f393401b2 100644
--- a/modules/dav/main/util.c
+++ b/modules/dav/main/util.c
@@ -954,13 +954,16 @@ static dav_error * dav_validate_resource_state(apr_pool_t *p,
/*
** For methods other than LOCK:
**
- ** If we have no locks, then <seen_locktoken> can be set to true --
+ ** If we have no locks or if the resource is not being modified
+ ** (per RFC 4918 the lock token is not required on resources
+ ** we are not changing), then <seen_locktoken> can be set to true --
** pretending that we've already met the requirement of seeing one
** of the resource's locks in the If: header.
**
** Otherwise, it must be cleared and we'll look for one.
*/
- seen_locktoken = (lock_list == NULL);
+ seen_locktoken = (lock_list == NULL
+ || flags & DAV_VALIDATE_NO_MODIFY);
}
/*