[Fedora-directory-commits] adminserver/admserv/cgi-src40 repl-monitor-cgi.pl.in, 1.1, 1.2

Richard Allen Megginson (rmeggins) fedora-directory-commits at redhat.com
Mon Jun 9 15:42:49 UTC 2008 

Author: rmeggins

Update of /cvs/dirsec/adminserver/admserv/cgi-src40
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14565/adminserver/admserv/cgi-src40

Modified Files:
	repl-monitor-cgi.pl.in 
Log Message:
Resolves: CVE-2008-0892 and 437320
Description: Directory Server: shell command injection in CGI replication
monitor
Directory Server: unrestricted access to CGI scripts
Fix Description: remove ScriptAlias for bin/admin/admin/bin - do not use that
directory for CGI URIs - use only protected URIs for CGIs requiring
authentication
Remove most CGI parameters from repl-monitor-cgi.pl - user must supply
replmon.conf in the admin server config directory instead of passing in this
pathname - repl-monitor-cgi.pl does not use system to call repl-monitor.pl, it
"includes" that script (using perl import).
Platforms tested: all supported platforms
Flag Day: no
Doc impact: release notes are available

Resolves: CVE-2008-0892 and 437320
Description: Directory Server: shell command injection in CGI replication
monitor
Directory Server: unrestricted access to CGI scripts
Fix Description: remove ScriptAlias for bin/admin/admin/bin - do not use that
directory for CGI URIs - use only protected URIs for CGIs requiring
authentication
Remove most CGI parameters from repl-monitor-cgi.pl - user must supply
replmon.conf in the admin server config directory instead of passing in this
pathname - repl-monitor-cgi.pl does not use system to call repl-monitor.pl, it
"includes" that script (using perl import).
Platforms tested: all supported platforms
Flag Day: no
Doc impact: release notes are available



Index: repl-monitor-cgi.pl.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/repl-monitor-cgi.pl.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- repl-monitor-cgi.pl.in	5 Sep 2007 16:45:59 -0000	1.1
+++ repl-monitor-cgi.pl.in	9 Jun 2008 15:42:47 -0000	1.2
@@ -42,22 +42,25 @@
 
 my $query = CGI->new;
 
-$params = "";
-$params .= " -h " . $query->url_param('servhost') if $query->url_param('servhost');
-$params .= " -p " . $query->url_param('servport') if $query->url_param('servport');
-$params .= " -f " . $query->url_param('configfile') if $query->url_param('configfile');
-$params .= " -t " . $query->url_param('refreshinterval') if $query->url_param('refreshinterval');
-if ($query->url_param('admurl')) {
-	$admurl = $query->url_param('admurl');
-	if ( $ENV{'QUERY_STRING'} ) {
-		$admurl .= "?$ENV{'QUERY_STRING'}";
-	}
-	elsif ( $ENV{'CONTENT_LENGTH'} ) {
-		$admurl .= "?$CGI::CONTENT";
-	}
-	$params .= " -u \"$admurl\"";
+ at ARGV = (); # clear it out
+my $configfile;
+if ($ENV{DS_CONFIG_DIR} and -d $ENV{DS_CONFIG_DIR}) {
+    $configfile = "$ENV{DS_CONFIG_DIR}/@instancename@/replmon.conf";
+} elsif ("@instconfigdir@" and -d "@instconfigdir@") {
+    $configfile = "@instconfigdir@/replmon.conf";
 }
 
+push @ARGV, '-f', $configfile;
+
+my $refreshinterval = $query->url_param('refreshinterval') ? int($query->url_param('refreshinterval')) : "300";
+push @ARGV, '-t', $refreshinterval;
+
+my $admurl = "http://";
+if ($ENV{HTTPS} and (lc($ENV{HTTPS}) eq "on")) {
+    $admurl = "https://";
+}
+$admurl .= $ENV{HTTP_HOST} . $ENV{SCRIPT_NAME} . "?refreshinterval=$refreshinterval";
+push @ARGV, '-u', $admurl;
+
 # Now the real work
-$replmon = "@bindir@/repl-monitor.pl";
-system("$replmon $params");
+require "@bindir@/repl-monitor.pl";

More information about the Fedora-directory-commits mailing list