Resolves: #2217726 - Make PROPFIND tolerant of deletion race

2023-07-05 15:36:33 +01:00 · 2023-07-05 15:36:33 +01:00 · 931da42665
parent e0badf3bc2
commit 931da42665
2 changed files with 59 additions and 1 deletions
--- a/httpd-2.4.57-davenoent.patch
+++ b/httpd-2.4.57-davenoent.patch
@ -0,0 +1,51 @@
+--- httpd-2.4.57/modules/dav/fs/repos.c.davenoent
+++ httpd-2.4.57/modules/dav/fs/repos.c
+@@ -35,6 +35,7 @@
+ #include "mod_dav.h"
+ #include "repos.h"
+ 
+APLOG_USE_MODULE(dav_fs);
+ 
+ /* to assist in debugging mod_dav's GET handling */
+ #define DEBUG_GET_HANDLER       0
+@@ -1586,6 +1587,19 @@
+         status = apr_stat(&fsctx->info1.finfo, fsctx->path1.buf,
+                           DAV_FINFO_MASK, pool);
+         if (status != APR_SUCCESS && status != APR_INCOMPLETE) {
+            dav_resource_private *ctx = params->root->info;
+
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, status, ctx->r,
+                          APLOGNO(10472) "could not access file (%s) during directory walk",
+                          fsctx->path1.buf);
+
+            /* If being tolerant, ignore failure due to losing a race
+             * with some other process deleting files out from under
+             * the directory walk. */
+            if ((params->walk_type & DAV_WALKTYPE_TOLERANT)
+                && APR_STATUS_IS_ENOENT(status)) {
+                continue;
+            }
+             /* woah! where'd it go? */
+             /* ### should have a better error here */
+             err = dav_new_error(pool, HTTP_NOT_FOUND, 0, status, NULL);
+--- httpd-2.4.57/modules/dav/main/mod_dav.c.davenoent
+++ httpd-2.4.57/modules/dav/main/mod_dav.c
+@@ -2187,7 +2187,7 @@
+         return HTTP_BAD_REQUEST;
+     }
+ 
+-    ctx.w.walk_type = DAV_WALKTYPE_NORMAL | DAV_WALKTYPE_AUTH;
+    ctx.w.walk_type = DAV_WALKTYPE_NORMAL | DAV_WALKTYPE_AUTH | DAV_WALKTYPE_TOLERANT;
+     ctx.w.func = dav_propfind_walker;
+     ctx.w.walk_ctx = &ctx;
+     ctx.w.pool = r->pool;
+--- httpd-2.4.57/modules/dav/main/mod_dav.h.davenoent
+++ httpd-2.4.57/modules/dav/main/mod_dav.h
+@@ -1823,6 +1823,7 @@
+ #define DAV_WALKTYPE_AUTH       0x0001  /* limit to authorized files */
+ #define DAV_WALKTYPE_NORMAL     0x0002  /* walk normal files */
+ #define DAV_WALKTYPE_LOCKNULL   0x0004  /* walk locknull resources */
+#define DAV_WALKTYPE_TOLERANT   0x0008  /* tolerate non-fatal errors */
+ 
+     /* callback function and a client context for the walk */
+     dav_error * (*func)(dav_walk_resource *wres, int calltype);
--- a/httpd.spec
+++ b/httpd.spec
@ -13,7 +13,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.4.57
-Release: 3%{?dist}
+Release: 4%{?dist}
 URL: https://httpd.apache.org/
 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@ -114,6 +114,8 @@ Patch68: httpd-2.4.53-r1878890.patch
 Patch69: httpd-2.4.57-covscan.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=2222001
 Patch70: httpd-2.4.57-mod_status-duplicate-key.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=2217726
+Patch71: httpd-2.4.57-davenoent.patch


 # Security fixes
@ -286,6 +288,8 @@ written in the Lua programming language.
 %patch68 -p1 -b .r1878890
 %patch69 -p1 -b .covstan
 %patch70 -p1 -b .duplicate-key
+%patch71 -p1 -b .davenoent
+

 # Patch in the vendor string
 sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
@ -846,6 +850,9 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd

 %changelog
+* Tue Jul 18 2023 Joe Orton <jorton@redhat.com> - 2.4.57-4
+- Resolves: #2217726 - Make PROPFIND tolerant of deletion race
+
 * Tue Jul 11 2023 Tomas Korbar <tkorbar@redhat.com> - 2.4.57-3
 - Resolves: #2222001 - mod_status lists BusyWorkers IdleWorkers keys twice