Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-1407

ATS blocks unknown methods (eg PROPFIND) and doesn't work with webdav

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.0
    • Fix Version/s: 3.3.1
    • Component/s: Security
    • Labels:
      None
    • Backport to Version:

      Description

      Setting the ip-allow.config to ALL for the method type doesn't include methods not known to ATS. Currently the method PROPFIND can't work in ATS making it not work with webdav.

      The way the ALL_METHOD_MASK is created is by turning the bits on for the number of methods that ATS knows about. I am going to change the code to turn on all bits in the mask:

      void IpAllow::InitInstance() {
      ALL_METHOD_MASK = ~0;
      }

      Right now:
      [bcall@snowball trafficserver]$ sudo proxy/traffic_server -T ip-allow
      [Aug 14 14:24:34.476] Server

      {0x7f6cbff5c700}

      DEBUG: (ip-allow) Quick filter denial on 192.168.1.12:(null) with mask 7ff

      [bcall@snowball trafficserver]$ curl -D - -X PROPFIND -x snowball:8080 http://caldav.calendar.yahoo.com/
      HTTP/1.1 403 Access Denied

      After the change:

      [bcall@snowball trafficserver]$ sudo proxy/traffic_server -T ip-allow
      [Aug 14 14:26:13.046] Server

      {0x7f97c815d700}

      DEBUG: (ip-allow) Quick filter denial on 192.168.1.12:(null) with mask ffffffff and method: ffffffff

      [bcall@snowball trafficserver]$ curl -D - -X PROPFIND -x snowball:8080 http://caldav.calendar.yahoo.com/
      HTTP/1.1 401 Unauthorized <---- error from origin, ATS is proxying...

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                bcall Bryan Call
                Reporter:
                bcall Bryan Call
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: