Search
j0ke.net Open Build Service
>
Projects
>
server:dns
>
pdns34
> CVE-2017-15091-3.4.11.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File CVE-2017-15091-3.4.11.patch of Package pdns34 (Revision 14)
Currently displaying revision
14
,
show latest
diff -ru pdns-3.4.11.orig/pdns/ws-auth.cc pdns-3.4.11/pdns/ws-auth.cc --- pdns-3.4.11.orig/pdns/ws-auth.cc 2017-01-13 09:13:16.000000000 +0100 +++ pdns-3.4.11/pdns/ws-auth.cc 2017-11-02 18:03:50.635753956 +0100 @@ -895,7 +895,7 @@ static void apiServerZoneAxfrRetrieve(HttpRequest* req, HttpResponse* resp) { string zonename = apiZoneIdToName(req->parameters["id"]); - if(req->method != "PUT") + if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly")) throw HttpMethodNotAllowedException(); UeberBackend B; @@ -914,7 +914,7 @@ static void apiServerZoneNotify(HttpRequest* req, HttpResponse* resp) { string zonename = apiZoneIdToName(req->parameters["id"]); - if(req->method != "PUT") + if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly")) throw HttpMethodNotAllowedException(); UeberBackend B; @@ -1195,7 +1195,7 @@ } void apiServerFlushCache(HttpRequest* req, HttpResponse* resp) { - if(req->method != "PUT") + if(req->method != "PUT" || ::arg().mustDo("experimental-api-readonly")) throw HttpMethodNotAllowedException(); extern PacketCache PC;