67 lines
1.8 KiB
Perl
Executable file
67 lines
1.8 KiB
Perl
Executable file
#!/usr/bin/env perl
|
|
#
|
|
# Replace apache's mod_access_compat directives to mod_authz_host ones, to
|
|
# securly migrate to apache 2.2 to 2.4. This script only migrate most
|
|
# common pattern.
|
|
|
|
# use re "debug";
|
|
use strict;
|
|
use warnings;
|
|
|
|
# TODO Maybe use a redo in of clauses to avoid missing substitutions
|
|
|
|
# our $^I = '.bak';
|
|
|
|
# our @ARGV = ($ARGV[0]); # We don't want to use STDIN when eof get called
|
|
|
|
# open(my $fh, "+<", $ARGV[0])
|
|
# or die "Can't open ARGv[0]!";
|
|
|
|
# Regex for spaces bettwen word (including comment character)
|
|
my $s = '[#\s]*';
|
|
|
|
while (<>) {
|
|
# ** Order
|
|
# Default of mod_access_compat
|
|
next if /Order${s}deny,allow/i;
|
|
|
|
if (/(Order${s}Allow,Deny)/i) {
|
|
$_ .= <> unless eof;
|
|
# NOTE We replace with dpreceated directive, because they are
|
|
# replaced with the current one down the line.
|
|
s/${1}${s}(Deny${s}from${s}all)/$1/i;
|
|
s/${1}${s}(Allow${s}from${s}localhost.*)/$1/i;
|
|
# When someone was mixing directives
|
|
s/${1}${s}(Require*)/$1/i;
|
|
};
|
|
|
|
# ** Satisfy
|
|
# Correspond to the new default, from mod_authz_host, to have an implicit <RequireAny>
|
|
next if /Satisfy${s}any/i;
|
|
|
|
# ** Misc
|
|
if (/(Require${s}valid-user)/i) {
|
|
$_ .= <>.<>.<> unless eof;
|
|
s/(${1})${s}Order${s}Deny,Allow${s}Deny${s}from${s}all/$1/i;
|
|
};
|
|
|
|
# ** Deny
|
|
if (/(Deny${s}from${s}all)/i) {
|
|
$_ .= <> unless eof;
|
|
s/${1}${s}Allow${s}from/Require ip/i;
|
|
s/Deny${s}from${s}all/Require all denied/i;
|
|
};
|
|
|
|
# https://bz.apache.org/bugzilla/show_bug.cgi?id=60946
|
|
s/Deny${s}from${s}env=(!?)(\S+)/ "Require expr \"-".( $1 ? "n" : "z")." %{reqenv:$2}\""/ei;
|
|
|
|
# ** Allow
|
|
s/Allow${s}from${s}all/Require all granted/i;
|
|
s/Allow${s}from${s}localhost.*/Require ip local/i;
|
|
s/Allow${s}from/Require ip/i;
|
|
|
|
print;
|
|
}
|
|
|
|
# close $fh;
|