You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rb...@apache.org on 2002/04/01 05:37:21 UTC
cvs commit: httpd-2.0/server/mpm/perchild perchild.c
rbb 02/03/31 19:37:21
Modified: server/mpm/perchild perchild.c
Log:
Make perchild work with the new bucket_allocation API. Also, allow
the Perchild directives to take both numerical UID/GID and the
logical user name/group name.
PR: 9784
Submitted by: named UID/GID logic: Scott Lamb <sl...@slamb.org>
Revision Changes Path
1.119 +26 -9 httpd-2.0/server/mpm/perchild/perchild.c
Index: perchild.c
===================================================================
RCS file: /home/cvs/httpd-2.0/server/mpm/perchild/perchild.c,v
retrieving revision 1.118
retrieving revision 1.119
diff -u -r1.118 -r1.119
--- perchild.c 1 Apr 2002 00:32:39 -0000 1.118
+++ perchild.c 1 Apr 2002 03:37:21 -0000 1.119
@@ -537,7 +537,8 @@
* Child process main loop.
*/
-static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id)
+static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id,
+ apr_bucket_alloc_t *bucket_alloc)
{
conn_rec *current_conn;
int csd;
@@ -564,7 +565,8 @@
}
ap_create_sb_handle(&sbh, p, conn_id / thread_limit, thread_num);
- current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, sbh);
+ current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id,
+ sbh, bucket_alloc);
if (current_conn) {
ap_process_connection(current_conn, sock);
ap_lingering_close(current_conn);
@@ -658,6 +660,7 @@
ap_listen_rec *lr;
int n;
apr_socket_t *childsock = NULL;
+ apr_bucket_alloc_t *bucket_alloc;
apr_lock_acquire(thread_pool_parent_mutex);
apr_pool_create(&tpool, thread_pool_parent);
@@ -668,6 +671,8 @@
SERVER_STARTING,
(request_rec *) NULL);
+ bucket_alloc = apr_bucket_alloc_create(apr_thread_pool_get(thd));
+
apr_poll_setup(&pollset, num_listensocks + 1, tpool);
for(lr = ap_listeners; lr != NULL; lr = lr->next) {
apr_poll_socket_add(pollset, lr->sd, APR_POLLIN);
@@ -730,14 +735,14 @@
/* apr_poll_revents_get(&event, listenfds[0], pollset);
if (event & APR_POLLIN) {
- /* A process got a signal on the shutdown pipe. Check if we're
+ * A process got a signal on the shutdown pipe. Check if we're
* the lucky process to die.
check_pipe_of_death();
continue;
}
apr_poll_revents_get(&event, listenfds[1], pollset);
if (event & APR_POLLIN || event & APR_POLLOUT) {
- /* This request is from another child in our current process.
+ * This request is from another child in our current process.
* We should set a flag here, and then below we will read
* two bytes (the socket number and the NULL byte.
thread_socket_table[thread_num] = AP_PERCHILD_OTHERCHILD;
@@ -822,7 +827,7 @@
apr_os_sock_put(&csd, &child_info_table[child_num].sd, ptrans);
}
if (setjmp(jmpbuffer) != 1) {
- process_socket(ptrans, csd, conn_id);
+ process_socket(ptrans, csd, conn_id, bucket_alloc);
}
else {
thread_socket_table[thread_num] = AP_PERCHILD_THISCHILD;
@@ -861,6 +866,8 @@
}
apr_lock_release(worker_thread_count_mutex);
+ apr_bucket_alloc_destroy(bucket_alloc);
+
return NULL;
}
@@ -1867,8 +1874,13 @@
"NumServers in your config file.";
}
- ug->uid = atoi(u);
- ug->gid = atoi(g);
+ ug->uid = ap_uname2id(u);
+ ug->gid = ap_uname2id(g);
+#ifndef BIG_SECURITY_HOLE
+ if (ug->uid == 0 || ug->gid == 0) {
+ return "Assigning root user/group to a child.";
+ }
+#endif
}
return NULL;
}
@@ -1877,8 +1889,9 @@
const char *gid)
{
int i;
- int u = atoi(uid);
- int g = atoi(gid);
+ int matching = 0;
+ int u = ap_uname2id(uid);
+ int g = ap_uname2id(gid);
const char *errstr;
int socks[2];
perchild_server_conf *sconf = (perchild_server_conf *)
@@ -1898,9 +1911,13 @@
for (i = 0; i < num_daemons; i++) {
if (u == child_info_table[i].uid && g == child_info_table[i].gid) {
child_info_table[i].sd = sconf->sd;
+ matching++;
}
}
+ if (!matching) {
+ return "Unable to find process with matching uid/gid.";
+ }
return NULL;
}