Bug Report 2001/09/09-v1.0b26-br01


[MAIN]
[News]
[Intro]
[Features]
[Download]
[Installation]
[Support]
[Support+]
[Docu]
[Tutorial]
[Bugs]
[forum ]
[wiki]
[Mirror]
[Authors]
[Future]
[License]
[Win98 Setup Bug]
[Subscribe]
Bug Report id=2001/09/09-v1.0b26-br01
Affected versions:v1.0b26 only Eszter SB Application Engine
Severity:Low

Bug Description

In some configuration the Eszter SB Application serves the connection even when the client is not within the allowed IP domain.

Bug Reason, What Causes the Bug

The engine check the allowed and denied IP parameters only if there are at least one allowed AND at least one denied parameter. This is due to a simple programming mistake in the source file httpd.c line 755 that reads
  if( pHT->cAllowed && pHT->cDenied ){

Solution

Patch the source file httpd.c:
755c755
<   if( pHT->cAllowed && pHT->cDenied ){
---
>   if( pHT->cAllowed || pHT->cDenied ){

The next release will contain the correction. In the meantime anyone can alter the source and recompile the program or use the workaround (see below).

Bug Workaround Until Solution is Available

If you happen to have a special configuration that has only allowed or only denied ip specification include a dummy allowed or denied specification as well that allows/denies nobody having no other effect but overcoming the bug mentioned in this report. For example:
allowed "0.0.0.0/0.0.0.0"


or
denied "0.0.0.0/0.0.0.0"

Acknowledgement

N/A

This page was generated January 28, 2010 9:58:42