You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2008/05/08 02:09:54 UTC

svn commit: r654332 - in /httpd/httpd/trunk: CHANGES modules/generators/mod_cgid.c

Author: covener
Date: Wed May  7 17:09:53 2008
New Revision: 654332

URL: http://svn.apache.org/viewvc?rev=654332&view=rev
Log:
*) mod_cgid: Explicitly set permissions of the socket (ScriptSock) shared by
   mod_cgid and request processing threads, for OS'es such as HPUX and AIX
   that do not use umask for AF_UNIX socket permissions.
   [Eric Covener, Jeff Trawick]


Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/generators/mod_cgid.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=654332&r1=654331&r2=654332&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed May  7 17:09:53 2008
@@ -2,6 +2,11 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_cgid: Explicitly set permissions of the socket (ScriptSock) shared by
+     mod_cgid and request processing threads, for OS'es such as HPUX and AIX
+     that do not use umask for AF_UNIX socket permissions.
+     [Eric Covener, Jeff Trawick]
+
   *) mod_cgid: Don't try to restart the daemon if it fails to initialize
      the socket.  [Jeff Trawick]
 

Modified: httpd/httpd/trunk/modules/generators/mod_cgid.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?rev=654332&r1=654331&r2=654332&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/generators/mod_cgid.c (original)
+++ httpd/httpd/trunk/modules/generators/mod_cgid.c Wed May  7 17:09:53 2008
@@ -573,6 +573,7 @@
     apr_pool_t *ptrans;
     server_rec *main_server = data;
     apr_hash_t *script_hash = apr_hash_make(pcgi);
+    apr_status_t rv;
 
     apr_pool_create(&ptrans, pcgi);
 
@@ -607,6 +608,15 @@
         return errno;
     }
 
+    /* Not all flavors of unix use the current umask for AF_UNIX perms */
+    rv = apr_file_perms_set(sockname, APR_FPROT_UREAD|APR_FPROT_UWRITE|APR_FPROT_UEXECUTE);
+    if (rv != APR_SUCCESS) {
+        ap_log_error(APLOG_MARK, APLOG_CRIT, rv, main_server,
+                     "Couldn't set permissions on unix domain socket %s",
+                     sockname);
+        return rv;
+    }
+
     if (listen(sd, DEFAULT_CGID_LISTENBACKLOG) < 0) {
         ap_log_error(APLOG_MARK, APLOG_ERR, errno, main_server,
                      "Couldn't listen on unix domain socket");