Merge branch 'webdav2' into 'master'

Till Brehm · Till Brehm · commit d379cb0949be · 2017-03-16T12:12:07.000+01:00
webdav improved

a) Removes any handler inside webdav directory.

b) Removes any index, such as index.html, index.php, so that the AutoIndexes are shown properly.

c) Removes the dependency for apache module auth_compat if Apache version is greater than 2.2

See merge request !555
diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master
@@ -482,23 +482,20 @@
 			AssignUserId <tmpl_var name='system_user'> <tmpl_var name='system_group'>
 		</IfModule>
 
-		<IfModule mod_dav_fs.c>
-		# Do not execute PHP files in webdav directory
-			<Directory {tmpl_var name='document_root'}/webdav>
-				<ifModule mod_security2.c>
-					SecRuleRemoveById 960015
-					SecRuleRemoveById 960032
-				</ifModule>
-				<FilesMatch "\.ph(p3?|tml)$">
-					SetHandler None
-				</FilesMatch>
-			</Directory>
-			DavLockDB {tmpl_var name='document_root'}/tmp/DavLock
-			# DO NOT REMOVE THE COMMENTS!
-			# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
-			# WEBDAV BEGIN
-			# WEBDAV END
+	<IfModule mod_dav_fs.c>
+	<Location /webdav>
+		<IfModule mod_security2.c>
+		SecRuleRemoveById 960015
+		SecRuleRemoveById 960032
 		</IfModule>
+		DirectoryIndex disabled
+		SetHandler None
+	</Location>
+	DavLockDB {tmpl_var name='document_root'}/tmp/DavLock
+	# needed by apache2_plugin.inc.php
+	# WEBDAV BEGIN
+	# WEBDAV END
+	</IfModule>
 
 <tmpl_var name='apache_directives'>
 <tmpl_hook name='apache2_vhost:vhost_footer'>
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
@@ -2878,76 +2878,49 @@ private function _patchVhostWebdav($fileName, $webdavRoot) {
 		$in = fopen($fileName, 'r');
 		$output = '';
 		$inWebdavSection = false;
-
-		/*
-		 * read line by line and search for the username and authname
-		*/
+		//* read line by line and search for the username and authname
 		while ($line = fgets($in)) {
-			/*
-			 *  is the "replace-comment" found...
-			*/
+			//* is the "replace-comment" found...
 			if (trim($line) == '# WEBDAV BEGIN') {
-				/*
-				 * The begin of the webdav - section is found, so ignore all lines til the end  is found
-				*/
+				//* The begin of the webdav - section is found, so ignore all lines til the end  is found
 				$inWebdavSection = true;
-
-				$output .= "      # WEBDAV BEGIN\n";
-
-				/*
-				 * add all the webdav-dirs to the webdav-section
-				*/
+				$output .= "# WEBDAV BEGIN\n";
+				//* add all the webdav-dirs to the webdav-section
 				$files = @scandir($webdavRoot);
 				if(is_array($files)) {
 					foreach($files as $file) {
 						if (substr($file, strlen($file) - strlen('.htdigest')) == '.htdigest' && preg_match("/^[a-zA-Z0-9\-_\.]*$/", $file)) {
-							/*
-						 * found a htdigest - file, so add it to webdav
-						*/
+							//* found a htdigest - file, so add it to webdav
 							$fn = substr($file, 0, strlen($file) - strlen('.htdigest'));
-							$output .= "\n";
-							// $output .= "      Alias /" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
-							// $output .= "      <Location /" . $fn . ">\n";
-							$output .= "      Alias /webdav/" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
-							$output .= "      <Location /webdav/" . $fn . ">\n";
-							$output .= "        DAV On\n";
-							$output .= '        BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On'."\n";
-							$output .= "        AuthType Digest\n";
-							$output .= "        AuthName \"" . $fn . "\"\n";
-							$output .= "        AuthUserFile " . $webdavRoot . '/' . $file . "\n";
-							$output .= "        Require valid-user \n";
-							$output .= "        Options +Indexes \n";
-							$output .= "        Order allow,deny \n";
-							$output .= "        Allow from all \n";
-							$output .= "      </Location> \n";
+							$output .= "Alias /webdav/$fn $webdavRoot/$fn\n";
+							$output .= "<Location /webdav/$fn>\n";
+							$output .= "Dav On\n";
+							$output .= "BrowserMatch MSIE AuthDigestEnableQueryStringHack=On\n";
+							$output .= "AuthType Digest\n";
+							$output .= "AuthName \"$fn\"\n";
+							$output .= "AuthUserFile $webdavRoot/$file\n";
+							$output .= "Require valid-user\n";
+							$output .= "Options +Indexes\n";
+							if($app->system->getapacheversion()<=2.2)
+								$output .= "Order allow,deny\nAllow from all\n";
+							$output .= "</Location>\n";
 						}
 					}
 				}
 			}
-			/*
-			 *  is the "replace-comment-end" found...
-			*/
+			//*  is the "replace-comment-end" found...
 			if (trim($line) == '# WEBDAV END') {
-				/*
-				 * The end of the webdav - section is found, so stop ignoring
-				*/
+				//* The end of the webdav - section is found, so stop ignoring
 				$inWebdavSection = false;
 			}
-
-			/*
-			 * Write the line to the output, if it is not in the section
-			*/
+			//* Write the line to the output, if it is not in the section
 			if (!$inWebdavSection) {
 				$output .= $line;
 			}
 		}
 		fclose($in);
-
-		/*
-		 * Now lets write the new file
-		*/
+		//* Now lets write the new file
 		$app->system->file_put_contents($fileName, $output);
-
 	}
 
 	//* Update the awstats configuration file
