You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2006/04/19 12:23:05 UTC
svn commit: r395199 - in /httpd/httpd/branches/2.0.x: CHANGES STATUS
modules/generators/mod_cgid.c
Author: colm
Date: Wed Apr 19 03:22:58 2006
New Revision: 395199
URL: http://svn.apache.org/viewcvs?rev=395199&view=rev
Log:
Merge r264759 and r264788 from trunk;
* mod_cgid suexec_get_identity now runs from the httpd side
of the cgid socket.
Author: colm
Modified:
httpd/httpd/branches/2.0.x/CHANGES
httpd/httpd/branches/2.0.x/STATUS
httpd/httpd/branches/2.0.x/modules/generators/mod_cgid.c
Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?rev=395199&r1=395198&r2=395199&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.0.x/CHANGES [utf-8] Wed Apr 19 03:22:58 2006
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.0.57
+ *) mod_cgid: run the get_suexec_identity hook within the request-handler
+ instead of within cgid. PR 36410. [Colm MacCarthaigh]
+
*) core: Prevent read of unitialized memory in ap_rgetline_core. PR 39282.
[Davi Arnaut <davi haxent.com.br>]
Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?rev=395199&r1=395198&r2=395199&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Wed Apr 19 03:22:58 2006
@@ -111,16 +111,6 @@
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_cgid: Fix PR 36410. Invoke the set_suexec_identity hook from
- the non-cgid side of the handler, where the full per-server/dir/etc
- configuration is available instead of using two mod_suexec and
- mod_userdir specific hacks. See mod_vhost_ldap for an example
- third-party get_suexec_identity implementation.
- http://people.apache.org/~colm/2.0.x-suexec-cgid.patch
- see also a verbose patch explanation at;
- http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=113813652015559
- +1: colm, trawick, jim
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ please place SVN revisions from trunk here, so it is easy to
identify exactly what the proposed changes are! Add all new
Modified: httpd/httpd/branches/2.0.x/modules/generators/mod_cgid.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/generators/mod_cgid.c?rev=395199&r1=395198&r2=395199&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/generators/mod_cgid.c (original)
+++ httpd/httpd/branches/2.0.x/modules/generators/mod_cgid.c Wed Apr 19 03:22:58 2006
@@ -90,10 +90,20 @@
static int daemon_should_exit = 0;
static server_rec *root_server = NULL;
static apr_pool_t *root_pool = NULL;
+static ap_unix_identity_t empty_ugid = { (uid_t)-1, (gid_t)-1, -1 };
/* Read and discard the data in the brigade produced by a CGI script */
static void discard_script_output(apr_bucket_brigade *bb);
+/* This doer will only ever be called when we are sure that we have
+ * a valid ugid.
+ */
+static ap_unix_identity_t *cgid_suexec_id_doer(const request_rec *r)
+{
+ return (ap_unix_identity_t *)
+ ap_get_module_config(r->request_config, &cgid_module);
+}
+
/* KLUDGE --- for back-combatibility, we don't have to check ExecCGI
* in ScriptAliased directories, which means we need to know if this
* request came through ScriptAlias or not... so the Alias module
@@ -156,15 +166,12 @@
* process to be cleaned up
*/
int core_module_index;
- int have_suexec;
- int suexec_module_index;
- suexec_config_t suexec_cfg;
int env_count;
+ ap_unix_identity_t ugid;
apr_size_t filename_len;
apr_size_t argv0_len;
apr_size_t uri_len;
apr_size_t args_len;
- apr_size_t mod_userdir_user_len;
int loglevel; /* to stuff in server_rec */
} cgid_req_t;
@@ -316,10 +323,9 @@
cgid_req_t *req)
{
int i;
- char *user;
char **environ;
- core_dir_config *temp_core;
- void **dconf;
+ core_request_config *temp_core;
+ void **rconf;
apr_status_t stat;
r->server = apr_pcalloc(r->pool, sizeof(server_rec));
@@ -336,17 +342,13 @@
}
/* handle module indexes and such */
- dconf = (void **) apr_pcalloc(r->pool, sizeof(void *) * (total_modules + DYNAMIC_MODULE_LIMIT));
-
- temp_core = (core_dir_config *)apr_palloc(r->pool, sizeof(core_module));
- dconf[req->core_module_index] = (void *)temp_core;
-
- if (req->have_suexec) {
- dconf[req->suexec_module_index] = &req->suexec_cfg;
- }
-
- r->per_dir_config = (ap_conf_vector_t *)dconf;
+ rconf = (void **) apr_pcalloc(r->pool, sizeof(void *) * (total_modules + DYNAMIC_MODULE_LIMIT));
+ temp_core = (core_request_config *)apr_palloc(r->pool, sizeof(core_module));
+ rconf[req->core_module_index] = (void *)temp_core;
+ r->request_config = (ap_conf_vector_t *)rconf;
+ ap_set_module_config(r->request_config, &cgid_module, (void *)&req->ugid);
+
/* Read the filename, argv0, uri, and args */
r->filename = apr_pcalloc(r->pool, req->filename_len + 1);
*argv0 = apr_pcalloc(r->pool, req->argv0_len + 1);
@@ -379,19 +381,6 @@
}
*env = environ;
- /* basic notes table to avoid segfaults */
- r->notes = apr_table_make(r->pool, 1);
-
- /* mod_userdir requires the mod_userdir_user note */
- if (req->mod_userdir_user_len) {
- user = apr_pcalloc(r->pool, req->mod_userdir_user_len + 1); /* last byte is '\0' */
- stat = sock_read(fd, user, req->mod_userdir_user_len);
- if (stat != APR_SUCCESS) {
- return stat;
- }
- apr_table_set(r->notes, "mod_userdir_user", (const char *)user);
- }
-
#if 0
#ifdef RLIMIT_CPU
sock_read(fd, &j, sizeof(int));
@@ -434,22 +423,19 @@
int req_type)
{
int i;
- const char *user;
- module *suexec_mod = ap_find_linked_module("mod_suexec.c");
cgid_req_t req = {0};
- suexec_config_t *suexec_cfg;
apr_status_t stat;
+ ap_unix_identity_t * ugid = ap_run_get_suexec_identity(r);
+
+ if (ugid == NULL) {
+ req.ugid = empty_ugid;
+ } else {
+ memcpy(&req.ugid, ugid, sizeof(ap_unix_identity_t));
+ }
req.req_type = req_type;
req.conn_id = r->connection->id;
req.core_module_index = core_module.module_index;
- if (suexec_mod) {
- req.have_suexec = 1;
- req.suexec_module_index = suexec_mod->module_index;
- suexec_cfg = ap_get_module_config(r->per_dir_config,
- suexec_mod);
- req.suexec_cfg = *suexec_cfg;
- }
for (req.env_count = 0; env[req.env_count]; req.env_count++) {
continue;
}
@@ -457,10 +443,6 @@
req.argv0_len = strlen(argv0);
req.uri_len = strlen(r->uri);
req.args_len = r->args ? strlen(r->args) : 0;
- user = (const char *)apr_table_get(r->notes, "mod_userdir_user");
- if (user != NULL) {
- req.mod_userdir_user_len = strlen(user);
- }
req.loglevel = r->server->loglevel;
/* Write the request header */
@@ -493,13 +475,6 @@
}
}
- /* send a minimal notes table */
- if (user) {
- if ((stat = sock_write(fd, user, req.mod_userdir_user_len)) != APR_SUCCESS) {
- return stat;
- }
- }
-
#if 0
#ifdef RLIMIT_CPU
if (conf->limit_cpu) {
@@ -593,6 +568,11 @@
/* just a warning; don't bail out */
}
+ /* cgid should use its own suexec doer */
+ ap_hook_get_suexec_identity(cgid_suexec_id_doer, NULL, NULL,
+ APR_HOOK_REALLY_FIRST);
+ apr_hook_sort_all();
+
if ((sd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
ap_log_error(APLOG_MARK, APLOG_ERR, errno, main_server,
"Couldn't create unix domain socket");
@@ -738,10 +718,19 @@
*/
close(sd2);
- rc = ap_os_create_privileged_process(r, procnew, argv0, argv,
- (const char * const *)env,
- procattr, ptrans);
-
+ if (memcmp(&empty_ugid, &cgid_req.ugid, sizeof(empty_ugid))) {
+ /* We have a valid identity, and can be sure that
+ * cgid_suexec_id_doer will return a valid ugid
+ */
+ rc = ap_os_create_privileged_process(r, procnew, argv0, argv,
+ (const char * const *)env,
+ procattr, ptrans);
+ } else {
+ rc = apr_proc_create(procnew, argv0, argv,
+ (const char * const *)env,
+ procattr, ptrans);
+ }
+
if (rc != APR_SUCCESS) {
/* Bad things happened. Everyone should have cleaned up.
* ap_log_rerror() won't work because the header table used by