File CVE-2017-15091-3.4.11.patch of Package pdns34

diff -ru pdns-3.4.11.orig/pdns/ws-auth.cc pdns-3.4.11/pdns/ws-auth.cc
--- pdns-3.4.11.orig/pdns/ws-auth.cc	2017-01-13 09:13:16.000000000 +0100
+++ pdns-3.4.11/pdns/ws-auth.cc	2017-11-02 18:03:50.635753956 +0100
@@ -895,7 +895,7 @@
 static void apiServerZoneAxfrRetrieve(HttpRequest* req, HttpResponse* resp) {
   string zonename = apiZoneIdToName(req->parameters["id"]);
 
-  if(req->method != "PUT")
+  if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
     throw HttpMethodNotAllowedException();
 
   UeberBackend B;
@@ -914,7 +914,7 @@
 static void apiServerZoneNotify(HttpRequest* req, HttpResponse* resp) {
   string zonename = apiZoneIdToName(req->parameters["id"]);
 
-  if(req->method != "PUT")
+  if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
     throw HttpMethodNotAllowedException();
 
   UeberBackend B;
@@ -1195,7 +1195,7 @@
 }
 
 void apiServerFlushCache(HttpRequest* req, HttpResponse* resp) {
-  if(req->method != "PUT")
+  if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly"))
     throw HttpMethodNotAllowedException();
 
   extern PacketCache PC;