You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2008/05/08 02:09:54 UTC
svn commit: r654332 - in /httpd/httpd/trunk: CHANGES
modules/generators/mod_cgid.c
Author: covener
Date: Wed May 7 17:09:53 2008
New Revision: 654332
URL: http://svn.apache.org/viewvc?rev=654332&view=rev
Log:
*) mod_cgid: Explicitly set permissions of the socket (ScriptSock) shared by
mod_cgid and request processing threads, for OS'es such as HPUX and AIX
that do not use umask for AF_UNIX socket permissions.
[Eric Covener, Jeff Trawick]
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/generators/mod_cgid.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=654332&r1=654331&r2=654332&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed May 7 17:09:53 2008
@@ -2,6 +2,11 @@
Changes with Apache 2.3.0
[ When backported to 2.2.x, remove entry from this file ]
+ *) mod_cgid: Explicitly set permissions of the socket (ScriptSock) shared by
+ mod_cgid and request processing threads, for OS'es such as HPUX and AIX
+ that do not use umask for AF_UNIX socket permissions.
+ [Eric Covener, Jeff Trawick]
+
*) mod_cgid: Don't try to restart the daemon if it fails to initialize
the socket. [Jeff Trawick]
Modified: httpd/httpd/trunk/modules/generators/mod_cgid.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?rev=654332&r1=654331&r2=654332&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/generators/mod_cgid.c (original)
+++ httpd/httpd/trunk/modules/generators/mod_cgid.c Wed May 7 17:09:53 2008
@@ -573,6 +573,7 @@
apr_pool_t *ptrans;
server_rec *main_server = data;
apr_hash_t *script_hash = apr_hash_make(pcgi);
+ apr_status_t rv;
apr_pool_create(&ptrans, pcgi);
@@ -607,6 +608,15 @@
return errno;
}
+ /* Not all flavors of unix use the current umask for AF_UNIX perms */
+ rv = apr_file_perms_set(sockname, APR_FPROT_UREAD|APR_FPROT_UWRITE|APR_FPROT_UEXECUTE);
+ if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rv, main_server,
+ "Couldn't set permissions on unix domain socket %s",
+ sockname);
+ return rv;
+ }
+
if (listen(sd, DEFAULT_CGID_LISTENBACKLOG) < 0) {
ap_log_error(APLOG_MARK, APLOG_ERR, errno, main_server,
"Couldn't listen on unix domain socket");