diff options
| author | Stefan Fritsch <sf@apache.org> | 2012-12-22 23:55:38 +0100 |
|---|---|---|
| committer | Stefan Fritsch <sf@apache.org> | 2012-12-22 23:55:38 +0100 |
| commit | b5c09660069ab60641fde8417ce7a40bca60e062 (patch) | |
| tree | 604f2d815d236aa9c86adaeb466f7377d4d3e747 /server/protocol.c | |
| parent | style fixes, add comment (diff) | |
| download | apache2-b5c09660069ab60641fde8417ce7a40bca60e062.tar.xz apache2-b5c09660069ab60641fde8417ce7a40bca60e062.zip | |
Change HttpProtocol to again only allow to enable/disable 0.9
This reverts r1407643, but changes the syntax of HttpProtocol to
min=0.9|1.0, which is less ambiguous than the previous +0.9|-0.9.
Allowing to configure an arbitrary version range was a bad idea,
because it only checked the version in the request line, without
affecting the semantics of the headers, etc.
A tighter restriction off the version in the request line is still
possible with <If "%{SERVER_PROTOCOL_NUM} ..."> .
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425366 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to '')
| -rw-r--r-- | server/protocol.c | 30 |
1 files changed, 13 insertions, 17 deletions
diff --git a/server/protocol.c b/server/protocol.c index a3710a58f6..57f33cdb45 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -566,8 +566,6 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb) apr_size_t len; int num_blank_lines = 0; int max_blank_lines = r->server->limit_req_fields; - core_server_config *conf = - ap_get_core_module_config(r->server->module_config); if (max_blank_lines <= 0) { max_blank_lines = DEFAULT_LIMIT_REQUEST_FIELDS; @@ -646,9 +644,22 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb) pro = ll; len = strlen(ll); } else { + core_server_config *conf; + conf = ap_get_core_module_config(r->server->module_config); r->assbackwards = 1; pro = "HTTP/0.9"; len = 8; + if (conf->http09_enable == AP_HTTP09_DISABLE) { + r->status = HTTP_VERSION_NOT_SUPPORTED; + r->protocol = apr_pstrmemdup(r->pool, pro, len); + /* If we deny 0.9, send error message with 1.x */ + r->assbackwards = 0; + r->proto_num = HTTP_VERSION(0, 9); + r->connection->keepalive = AP_CONN_CLOSE; + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02401) + "HTTP/0.9 denied by server configuration"); + return 0; + } } r->protocol = apr_pstrmemdup(r->pool, pro, len); @@ -666,21 +677,6 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb) else r->proto_num = HTTP_VERSION(1, 0); - if (conf->min_http_version != AP_HTTP_VERSION_UNSET - && ( conf->min_http_version > r->proto_num - || conf->max_http_version < r->proto_num)) { - r->status = HTTP_VERSION_NOT_SUPPORTED; - if (r->proto_num == HTTP_VERSION(0, 9)) { - /* If we deny 0.9, send error message with 1.x */ - r->assbackwards = 0; - } - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02401) - "HTTP/%d.%d denied by server configuration", - HTTP_VERSION_MAJOR(r->proto_num), - HTTP_VERSION_MINOR(r->proto_num)); - return 0; - } - return 1; } |