From 0554b0aa4837f2ec852d3d09773c8df0d522a494 Mon Sep 17 00:00:00 2001
From: treydock <tdockendorf@osc.edu>
Date: Mon, 29 Nov 2021 13:47:49 -0500
Subject: [PATCH] Removed Index from Public RootOptions as to not allow
 Directory Index (#1622)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Removed Index from Public RootOptions as to not allow Directory Index… (#1618)

* Removed Index from Public RootOptions as to not allow Directory Indexing - Issues #1617

* Cleaned up ood-portal.conf.erb and updated fixtures to not contain Indexes

* Updated CheckSum for ood-portal.conf.default

* Add checksum helper script

* Updated default's checksum

Co-authored-by: Gerald Byrket <gbyrket@osc.edu>
---
 ood-portal-generator/checksum.rb                 | 16 ++++++++++++++++
 .../spec/fixtures/ood-portal.conf.all            |  6 +++---
 .../spec/fixtures/ood-portal.conf.default        |  2 +-
 .../spec/fixtures/ood-portal.conf.dex            |  2 +-
 .../spec/fixtures/ood-portal.conf.dex-full       |  2 +-
 .../spec/fixtures/ood-portal.conf.dex-ldap       |  2 +-
 .../spec/fixtures/ood-portal.conf.maint_with_ips |  2 +-
 .../spec/fixtures/ood-portal.conf.nomaint        |  2 +-
 .../spec/fixtures/ood-portal.conf.oidc           |  2 +-
 .../spec/fixtures/ood-portal.conf.oidc-ssl       |  2 +-
 .../spec/fixtures/ood-portal.dex-full.proxy.conf |  2 +-
 ood-portal-generator/spec/fixtures/sum.default   |  2 +-
 .../templates/ood-portal.conf.erb                |  6 +++---
 13 files changed, 32 insertions(+), 16 deletions(-)
 create mode 100755 ood-portal-generator/checksum.rb

diff --git a/ood-portal-generator/checksum.rb b/ood-portal-generator/checksum.rb
new file mode 100755
index 0000000000..f40d77b5a9
--- /dev/null
+++ b/ood-portal-generator/checksum.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+
+# use this file when you need to generate a new checksum for testing against.
+# ./checksum.rb spec/fixture/the-file-i-changed
+
+require "digest"
+
+def read_file_omitting_comments(input)
+  File.readlines(input).reject { |line| line =~ /^\s*#/ }.join('')
+end
+
+def checksum(input)
+  Digest::SHA256.hexdigest(read_file_omitting_comments(input))
+end
+
+puts checksum(ARGV[0])
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.all b/ood-portal-generator/spec/fixtures/ood-portal.conf.all
index bbb0a1d0f1..e20461b516 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.all
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.all
@@ -119,7 +119,7 @@ Listen 8080
   #
   Alias "/assets" "/var/www/configured/public"
   <Directory "/var/www/configured/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
@@ -240,7 +240,7 @@ Listen 8080
   #
   Alias "/discover" "/var/www/ood/discover"
   <Directory "/var/www/ood/discover">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
@@ -254,7 +254,7 @@ Listen 8080
   #
   Alias "/register" "/var/www/ood/register"
   <Directory "/var/www/ood/register">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
 
     AuthType openid-connect
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.default b/ood-portal-generator/spec/fixtures/ood-portal.conf.default
index 408c95b4b0..add7d97b28 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.default
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.default
@@ -87,7 +87,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.dex b/ood-portal-generator/spec/fixtures/ood-portal.conf.dex
index db65fc5aeb..87aade73b3 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.dex
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.dex
@@ -101,7 +101,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.dex-full b/ood-portal-generator/spec/fixtures/ood-portal.conf.dex-full
index d4f0e240b4..a9f226f11e 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.dex-full
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.dex-full
@@ -119,7 +119,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.dex-ldap b/ood-portal-generator/spec/fixtures/ood-portal.conf.dex-ldap
index 9fab1e637b..bf5fc3f7cf 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.dex-ldap
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.dex-ldap
@@ -119,7 +119,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.maint_with_ips b/ood-portal-generator/spec/fixtures/ood-portal.conf.maint_with_ips
index bf4d1d17ba..14240d7ce3 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.maint_with_ips
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.maint_with_ips
@@ -89,7 +89,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.nomaint b/ood-portal-generator/spec/fixtures/ood-portal.conf.nomaint
index cb28fcb66e..423109aa7d 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.nomaint
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.nomaint
@@ -78,7 +78,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.oidc b/ood-portal-generator/spec/fixtures/ood-portal.conf.oidc
index b8d1505c22..54a9aa072a 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.oidc
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.oidc
@@ -109,7 +109,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.conf.oidc-ssl b/ood-portal-generator/spec/fixtures/ood-portal.conf.oidc-ssl
index 52cf9ab78f..bd218b2184 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.conf.oidc-ssl
+++ b/ood-portal-generator/spec/fixtures/ood-portal.conf.oidc-ssl
@@ -123,7 +123,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/ood-portal.dex-full.proxy.conf b/ood-portal-generator/spec/fixtures/ood-portal.dex-full.proxy.conf
index ed7745998f..8810ad49ef 100644
--- a/ood-portal-generator/spec/fixtures/ood-portal.dex-full.proxy.conf
+++ b/ood-portal-generator/spec/fixtures/ood-portal.dex-full.proxy.conf
@@ -119,7 +119,7 @@
   #
   Alias "/public" "/var/www/ood/public"
   <Directory "/var/www/ood/public">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
diff --git a/ood-portal-generator/spec/fixtures/sum.default b/ood-portal-generator/spec/fixtures/sum.default
index 0ffb1c93a7..48aa47c1cc 100644
--- a/ood-portal-generator/spec/fixtures/sum.default
+++ b/ood-portal-generator/spec/fixtures/sum.default
@@ -1 +1 @@
-051c639f68c21bf54d6dfe1ee3df3da0726dae906322a03137b51d34a5064a79 /opt/rh/httpd24/root/etc/httpd/conf.d/ood-portal.conf
+e5891fae1abde47d878ecbda0edbed7a132afa7ea166ecdaecb2214547fe102d /opt/rh/httpd24/root/etc/httpd/conf.d/ood-portal.conf
diff --git a/ood-portal-generator/templates/ood-portal.conf.erb b/ood-portal-generator/templates/ood-portal.conf.erb
index db06ba960a..189398f5d0 100644
--- a/ood-portal-generator/templates/ood-portal.conf.erb
+++ b/ood-portal-generator/templates/ood-portal.conf.erb
@@ -180,7 +180,7 @@ Listen <%= addr_port %>
   #
   Alias "<%= @public_uri %>" "<%= @public_root %>"
   <Directory "<%= @public_root %>">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
@@ -322,7 +322,7 @@ Listen <%= addr_port %>
   #
   Alias "<%= @oidc_discover_uri %>" "<%= @oidc_discover_root %>"
   <Directory "<%= @oidc_discover_root %>">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
   </Directory>
@@ -337,7 +337,7 @@ Listen <%= addr_port %>
   #
   Alias "<%= @register_uri %>" "<%= @register_root %>"
   <Directory "<%= @register_root %>">
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
 
     <%- @auth.each do |line| -%>