You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2004/11/24 12:24:34 UTC
svn commit: r106408 - /httpd/httpd/trunk/CHANGES /httpd/httpd/trunk/modules/generators/mod_cgid.c
Author: trawick
Date: Wed Nov 24 03:24:32 2004
New Revision: 106408
URL: http://svn.apache.org/viewcvs?view=rev&rev=106408
Log:
mod_cgid: Catch configuration problem where two web server instances
share same ServerRoot but admin forgot to use ScriptSock.
reviewed by: nd, stoddard
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/generators/mod_cgid.c
Modified: httpd/httpd/trunk/CHANGES
Url: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?view=diff&rev=106408&p1=httpd/httpd/trunk/CHANGES&r1=106407&p2=httpd/httpd/trunk/CHANGES&r2=106408
==============================================================================
--- httpd/httpd/trunk/CHANGES (original)
+++ httpd/httpd/trunk/CHANGES Wed Nov 24 03:24:32 2004
@@ -2,6 +2,10 @@
[Remove entries to the current 2.0 section below, when backported]
+ *) mod_cgid: Catch configuration problem where two web server instances
+ share same ServerRoot but admin forgot to use ScriptSock.
+ [Jeff Trawick]
+
*) mod_cgi: Ensure that all stderr is logged for a script which returns
a Location header to generate a non-local redirect. PR 20111.
[Joe Orton]
Modified: httpd/httpd/trunk/modules/generators/mod_cgid.c
Url: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/generators/mod_cgid.c?view=diff&rev=106408&p1=httpd/httpd/trunk/modules/generators/mod_cgid.c&r1=106407&p2=httpd/httpd/trunk/modules/generators/mod_cgid.c&r2=106408
==============================================================================
--- httpd/httpd/trunk/modules/generators/mod_cgid.c (original)
+++ httpd/httpd/trunk/modules/generators/mod_cgid.c Wed Nov 24 03:24:32 2004
@@ -89,6 +89,7 @@
static server_rec *root_server = NULL;
static apr_pool_t *root_pool = NULL;
static const char *sockname;
+static pid_t parent_pid;
/* Read and discard the data in the brigade produced by a CGI script */
static void discard_script_output(apr_bucket_brigade *bb);
@@ -153,6 +154,9 @@
* to find the script pid when it is time for that
* process to be cleaned up
*/
+ pid_t ppid; /* sanity check for config problems leading to
+ * wrong cgid socket use
+ */
int core_module_index;
int have_suexec;
int suexec_module_index;
@@ -439,6 +443,7 @@
apr_status_t stat;
req.req_type = req_type;
+ req.ppid = parent_pid;
req.conn_id = r->connection->id;
req.core_module_index = core_module.module_index;
if (suexec_mod) {
@@ -667,6 +672,14 @@
continue;
}
+ if (cgid_req.ppid != parent_pid) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, 0, main_server,
+ "CGI request received from wrong server instance; "
+ "see ScriptSock directive");
+ close(sd2);
+ continue;
+ }
+
if (cgid_req.req_type == GETPID_REQ) {
pid_t pid;
@@ -839,6 +852,7 @@
for (m = ap_preloaded_modules; *m != NULL; m++)
total_modules++;
+ parent_pid = getpid();
sockname = ap_server_root_relative(p, sockname);
ret = cgid_start(p, main_server, procnew);
if (ret != OK ) {
@@ -1237,6 +1251,7 @@
/* we got a socket, and there is already a cleanup registered for it */
req.req_type = GETPID_REQ;
+ req.ppid = parent_pid;
req.conn_id = info->r->connection->id;
stat = sock_write(sd, &req, sizeof(req));