httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@locus.apache.org
Subject cvs commit: apache-1.3/src/os/mpeix Makefile.tmpl dlopen.c os-inline.c
Date Thu, 28 Sep 2000 13:32:44 GMT
wrowe       00/09/28 06:32:44

  Modified:    .        configure
               src      CHANGES Configure
               src/include ap_config.h
               src/main http_main.c
               src/modules/proxy proxy_cache.c proxy_util.c
               src/os/mpeix Makefile.tmpl dlopen.c os-inline.c
  Log:
    Updating the MPE DSO code to be compatible with an OS patch fixing an
    earlier DSO problem.
  
    Refining how MPE deals with UID/GID management and dealing with some MPE
    limitations in this area.
  
    First-time support for mod_proxy.
  
    #include tweakage required for using apxs to build modules without access
    to the full source tree.
  
    Other minor tweaks.
  
  PR:            6587
  Obtained from: <87FB8F5CE210D311B60500A0C9F4871C073DA372@xcup01.cup.hp.com>
  Submitted by:  [Mark Bixby <mark_bixby@hp.com>]
  Reviewed by:   William Rowe
  
  Revision  Changes    Path
  1.126     +3 -3      apache-1.3/configure
  
  Index: configure
  ===================================================================
  RCS file: /home/cvs/apache-1.3/configure,v
  retrieving revision 1.125
  retrieving revision 1.126
  diff -u -r1.125 -r1.126
  --- configure	2000/09/25 23:45:54	1.125
  +++ configure	2000/09/28 13:32:28	1.126
  @@ -351,9 +351,9 @@
           iflags_core="${iflags_core} -e .exe" 
           ;;
       *MPE/iX* )
  -       default_layout="Apache"
  -       iflags_program="-m 755"
  -       ;;
  +	default_layout="Apache"
  +	iflags_program="-m 755"
  +	;;
       *)
   	default_layout="Apache"
   	;;
  
  
  
  1.1582    +12 -0     apache-1.3/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/CHANGES,v
  retrieving revision 1.1581
  retrieving revision 1.1582
  diff -u -r1.1581 -r1.1582
  --- CHANGES	2000/09/28 09:25:56	1.1581
  +++ CHANGES	2000/09/28 13:32:31	1.1582
  @@ -1,5 +1,17 @@
   Changes with Apache 1.3.13
   
  +  *) Initial support added for mod_proxy under MPE/iX.
  +     [Mark Bixby <mark_bixby@hp.com>]
  +
  +  *) Refined UID/GID management and permissions on MPE/iX to deal 
  +     with some limitations. [Mark Bixby <mark_bixby@hp.com>]
  +
  +  *) Updated the MPE DSO code to be compatible with an OS patch that
  +     fixed an earlier DSO problem,  #include tweakage required for 
  +     using apxs to build modules without access to the full source 
  +     tree, and other minor MPE tweaks.  
  +     [Mark Bixby <mark_bixby@hp.com>]
  +
     *) Tighten up the syntax checking of Host: headers to fix a
        security bug in some mass virtual hosting configurations
        that can allow a remote attacker to retrieve some files
  
  
  
  1.403     +0 -1      apache-1.3/src/Configure
  
  Index: Configure
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/Configure,v
  retrieving revision 1.402
  retrieving revision 1.403
  diff -u -r1.402 -r1.403
  --- Configure	2000/09/13 20:49:42	1.402
  +++ Configure	2000/09/28 13:32:32	1.403
  @@ -1032,7 +1032,6 @@
   	    LD_SHLIB=ld	
   	    LDFLAGS_SHLIB='-b -a archive'
   	    LDFLAGS_MOD_SHLIB=$LDFLAGS_SHLIB
  -	    LIBS_SHLIB='$(OSDIR)/mpe_dl_stub.o'	
   	    ;;
   	*-linux1)
   	    CFLAGS_SHLIB="-fpic"
  
  
  
  1.293     +12 -3     apache-1.3/src/include/ap_config.h
  
  Index: ap_config.h
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/include/ap_config.h,v
  retrieving revision 1.292
  retrieving revision 1.293
  diff -u -r1.292 -r1.293
  --- ap_config.h	2000/07/15 15:55:34	1.292
  +++ ap_config.h	2000/09/28 13:32:35	1.293
  @@ -135,8 +135,16 @@
   #define NO_WRITEV
   #define HAVE_SHMGET 1
   #define USE_SHMGET_SCOREBOARD
  -#define SHM_R 0400  /* Read permission */
  -#define SHM_W 0200  /* Write permission */
  +/* 
  +   UID/GID isn't a native concept for MPE, and it's definitely not a 100%
  +   Unix implementation.  There isn't a traditional superuser concept either,
  +   so we're forced to liberalize SHM security a bit so the parent & children
  +   can communicate when they're running with different UIDs within the same
  +   GID (the GID will *always* be the same on MPE).  Thus the weird SHM_R and
  +   SHM_W below.
  +*/
  +#define SHM_R 0440  /* Read permission */
  +#define SHM_W 0220  /* Write permission */
   #define NEED_INITGROUPS
   #define NEED_STRCASECMP
   #define NEED_STRDUP
  @@ -149,6 +157,7 @@
   #define S_IREAD  S_IRUSR
   #define S_IWRITE S_IWUSR
   #define PF_INET  AF_INET
  +#define USE_FCNTL_SERIALIZED_ACCEPT
   
   #elif defined(SUNOS4)
   #define HAVE_GMTOFF 1
  @@ -1133,7 +1142,7 @@
   #undef NSIG
   #endif
   #include <errno.h>
  -#if !defined(QNX) && !defined(CONVEXOS11) && !defined(NEXT) &&
!defined(TPF) && !defined(NETWARE)
  +#if !defined(QNX) && !defined(CONVEXOS11) && !defined(NEXT) &&
!defined(TPF) && !defined(NETWARE) && !defined(MPE)
   #include <memory.h>
   #endif
   
  
  
  
  1.510     +31 -18    apache-1.3/src/main/http_main.c
  
  Index: http_main.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/main/http_main.c,v
  retrieving revision 1.509
  retrieving revision 1.510
  diff -u -r1.509 -r1.510
  --- http_main.c	2000/08/19 01:52:52	1.509
  +++ http_main.c	2000/09/28 13:32:36	1.510
  @@ -3137,12 +3137,21 @@
   	 * Set the GID before initgroups(), since on some platforms
   	 * setgid() is known to zap the group list.
   	 */
  +#ifdef MPE
  +	GETPRIVMODE();
  +#endif
   	if (setgid(ap_group_id) == -1) {
  +#ifdef MPE
  +	    GETUSERMODE();
  +#endif
   	    ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
   			"setgid: unable to set group id to Group %u",
   			(unsigned)ap_group_id);
   	    clean_child_exit(APEXIT_CHILDFATAL);
   	}
  +#ifdef MPE
  +	GETUSERMODE();
  +#endif
   
   	/* Reset `groups' attributes. */
   
  @@ -3843,17 +3852,15 @@
   
       set_group_privs();
   #ifdef MPE
  -    /* Only try to switch if we're running as MANAGER.SYS */
  -    if (geteuid() == 1 && ap_user_id > 1) {
  -	GETPRIVMODE();
  -	if (setuid(ap_user_id) == -1) {
  -	    GETUSERMODE();
  -	    ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
  -			"setuid: unable to change to uid: %d", ap_user_id);
  -	    exit(1);
  -	}
  +    /* No such thing as root on MPE, so try to switch unconditionally */
  +    GETPRIVMODE();
  +    if (setuid(ap_user_id) == -1) {
   	GETUSERMODE();
  +	ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
  +		    "setuid: unable to change to uid: %d", ap_user_id);
  +	exit(1);
       }
  +    GETUSERMODE();
   #else
       /* Only try to switch if we're running as root */
       if (!geteuid() && (
  @@ -5040,17 +5047,15 @@
   	set_group_privs();
   
   #ifdef MPE
  -	/* Only try to switch if we're running as MANAGER.SYS */
  -	if (geteuid() == 1 && ap_user_id > 1) {
  -	    GETPRIVMODE();
  -	    if (setuid(ap_user_id) == -1) {
  -		GETUSERMODE();
  -		ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
  -			    "setuid: unable to change to uid: %d", ap_user_id);
  -		exit(1);
  -	    }
  +	/* No such thing as root on MPE, so try to switch unconditionally */
  +	GETPRIVMODE();
  +	if (setuid(ap_user_id) == -1) {
   	    GETUSERMODE();
  +	    ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
  +			"setuid: unable to change to uid: %d", ap_user_id);
  +	    exit(1);
   	}
  +	GETUSERMODE();
   #else
   	/* Only try to switch if we're running as root */
   	if (!geteuid() && setuid(ap_user_id) == -1) {
  @@ -7132,6 +7137,14 @@
   	}
       }
   
  +#ifdef MPE
  +    /*
  +     * MPE doesn't currently initialize the envp parameter.  Instead, we must
  +     * use the global variable environ. 
  +     */
  +    envp = environ;
  +#endif
  +	
       /* 
        * create path to SHARED_CORE_EXECUTABLE_PROGRAM
        */
  
  
  
  1.71      +1 -1      apache-1.3/src/modules/proxy/proxy_cache.c
  
  Index: proxy_cache.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/modules/proxy/proxy_cache.c,v
  retrieving revision 1.70
  retrieving revision 1.71
  diff -u -r1.70 -r1.71
  --- proxy_cache.c	2000/06/22 23:49:50	1.70
  +++ proxy_cache.c	2000/09/28 13:32:39	1.71
  @@ -1206,7 +1206,7 @@
   	    *p = '/';
   	    ++p;
   	}
  -#if defined(OS2) || defined(WIN32) || defined(NETWARE)
  +#if defined(OS2) || defined(WIN32) || defined(NETWARE) || defined(MPE)
   	/* Under OS/2 use rename. */
   	if (rename(c->tempfile, c->filename) == -1)
   	    ap_log_error(APLOG_MARK, APLOG_ERR, s,
  
  
  
  1.91      +1 -1      apache-1.3/src/modules/proxy/proxy_util.c
  
  Index: proxy_util.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/modules/proxy/proxy_util.c,v
  retrieving revision 1.90
  retrieving revision 1.91
  diff -u -r1.90 -r1.91
  --- proxy_util.c	2000/06/02 18:01:59	1.90
  +++ proxy_util.c	2000/09/28 13:32:39	1.91
  @@ -740,7 +740,7 @@
       char tmp[22];
       int i, k, d;
       unsigned int x;
  -#if defined(AIX) && defined(__ps2__)
  +#if defined(MPE) || (defined(AIX) && defined(__ps2__))
       /* Believe it or not, AIX 1.x does not allow you to name a file '@',
        * so hack around it in the encoding. */
       static const char enc_table[64] =
  
  
  
  1.2       +2 -3      apache-1.3/src/os/mpeix/Makefile.tmpl
  
  Index: Makefile.tmpl
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/os/mpeix/Makefile.tmpl,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- Makefile.tmpl	1999/12/10 11:03:57	1.1
  +++ Makefile.tmpl	2000/09/28 13:32:41	1.2
  @@ -4,11 +4,11 @@
   LDFLAGS=$(LDFLAGS1) $(EXTRA_LDFLAGS)
   
   LIBOBJS=	os.o os-inline.o dlopen.o gettimeofday.o
  -OBJS=	$(LIBOBJS) mpe_dl_stub.o
  +OBJS=	$(LIBOBJS)
   
   LIB=	libos.a
   
  -all:	$(LIB) mpe_dl_stub.o
  +all:	$(LIB)
   
   $(LIB): $(LIBOBJS)
   	rm -f $@
  @@ -41,7 +41,6 @@
   # DO NOT REMOVE
   dlopen.o: dlopen.c
   gettimeofday.o: gettimeofday.c
  -mpe_dl_stub.o: mpe_dl_stub.c
   os-inline.o: os-inline.c $(INCDIR)/ap_config.h \
    $(INCDIR)/ap_mmn.h $(INCDIR)/ap_config_auto.h \
    $(OSDIR)/os.h $(INCDIR)/ap_ctype.h $(INCDIR)/hsregex.h
  
  
  
  1.2       +9 -1      apache-1.3/src/os/mpeix/dlopen.c
  
  Index: dlopen.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/os/mpeix/dlopen.c,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- dlopen.c	1999/12/10 11:03:44	1.1
  +++ dlopen.c	2000/09/28 13:32:42	1.2
  @@ -79,6 +79,8 @@
   } else
   	ap_snprintf(library, sizeof(library), " %s ", libname);
   
  +#define MPE_WITHOUT_MPELX44
  +#ifdef MPE_WITHOUT_MPELX44
   /*
   Unfortunately if we simply tried to load the module structure data item
   directly in dlsym(), it would complain about unresolved function pointer 
  @@ -86,6 +88,9 @@
   
   However, if we first load an actual dummy procedure, we can then subsequently 
   load the data item without trouble.  Go figure.
  +
  +This bug is fixed by patch MPELX44A on MPE/iX 6.0 and patch MPELX44B on
  +MPE/iX 6.5.
   */
   
   /* Load the dummy procedure mpe_dl_stub */
  @@ -100,7 +105,10 @@
   	mpe_dl_symtype, &datalen, 1, 0, 0);
   
   /* We consider it to be a failure if the dummy procedure doesn't exist */
  -if (mpe_dl_status != 0) return NULL;
  +/* if (mpe_dl_status != 0) return NULL; */
  +/* Or not.  If we failed to load mpe_dl_stub, press on and try to load the
  +   real data item later in dlsym(). */
  +#endif /* MPE_WITHOUT_MPELX44 */
   
   mpe_dl_symtype = 2;
   
  
  
  
  1.2       +31 -1     apache-1.3/src/os/mpeix/os-inline.c
  
  Index: os-inline.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/os/mpeix/os-inline.c,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- os-inline.c	1999/12/10 11:03:47	1.1
  +++ os-inline.c	2000/09/28 13:32:42	1.2
  @@ -1 +1,31 @@
  -#include "../unix/os-inline.c"
  +/*
  + * This file contains functions which can be inlined if the compiler
  + * has an "inline" modifier. Because of this, this file is both a
  + * header file and a compilable module.
  + *
  + * Only inlineable functions should be defined in here. They must all
  + * include the INLINE modifier. 
  + *
  + * If the compiler supports inline, this file will be #included as a
  + * header file from os.h to create all the inline function
  + * definitions. INLINE will be defined to whatever is required on
  + * function definitions to make them inline declarations.
  + *
  + * If the compiler does not support inline, this file will be compiled
  + * as a normal C file into libos.a (along with os.c). In this case
  + * INLINE will _not_ be set so we can use this to test if we are
  + * compiling this source file.  
  + */
  +
  +#ifndef INLINE
  +#define INLINE
  +
  +/* Anything required only when compiling */
  +#include "ap_config.h"
  +
  +#endif
  +
  +INLINE int ap_os_is_path_absolute(const char *file)
  +{
  +  return file[0] == '/';
  +}
  
  
  

Mime
View raw message