httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject cvs commit: httpd-2.0/server/mpm/worker worker.c
Date Thu, 16 Aug 2001 13:59:14 GMT
trawick     01/08/16 06:59:14

  Modified:    .        CHANGES configure.in
               os/unix  unixd.c unixd.h
               server   mpm_common.c
               server/mpm/prefork prefork.c
               server/mpm/threaded threaded.c
               server/mpm/worker worker.c
  Log:
  The Unix MPMs other than perchild now allow child server
  processes to use the accept mutex when starting as root and
  using SysV sems for the accept mutex.  Previously, this
  combination would lead to fatal errors in the child server
  processes.  perchild can't use SysV sems because of security
  issues.
  
  translation: steal apache 1.3 code to call semop(IPC_SET) on
  the semaphore to set permissions and uid/gid
  
  Revision  Changes    Path
  1.299     +7 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.298
  retrieving revision 1.299
  diff -u -r1.298 -r1.299
  --- CHANGES	2001/08/16 08:24:18	1.298
  +++ CHANGES	2001/08/16 13:59:13	1.299
  @@ -1,5 +1,12 @@
   Changes with Apache 2.0.24-dev
   
  +  *) The Unix MPMs other than perchild now allow child server 
  +     processes to use the accept mutex when starting as root and 
  +     using SysV sems for the accept mutex.  Previously, this 
  +     combination would lead to fatal errors in the child server 
  +     processes.  perchild can't use SysV sems because of security
  +     issues.  [Jeff Trawick, Greg Ames]
  +
     *) Added Win32 revision stamp resources to all http binaries
        (including modules/ and support/ tools.)  PR7322  [William Rowe]
   
  
  
  
  1.169     +2 -1      httpd-2.0/configure.in
  
  Index: configure.in
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/configure.in,v
  retrieving revision 1.168
  retrieving revision 1.169
  diff -u -r1.168 -r1.169
  --- configure.in	2001/08/13 15:44:00	1.168
  +++ configure.in	2001/08/16 13:59:13	1.169
  @@ -186,7 +186,8 @@
   pwd.h \
   grp.h \
   strings.h \
  -sys/processor.h
  +sys/processor.h \
  +sys/sem.h
   )
   AC_HEADER_SYS_WAIT
   
  
  
  
  1.39      +36 -0     httpd-2.0/os/unix/unixd.c
  
  Index: unixd.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/os/unix/unixd.c,v
  retrieving revision 1.38
  retrieving revision 1.39
  diff -u -r1.38 -r1.39
  --- unixd.c	2001/08/13 04:57:34	1.38
  +++ unixd.c	2001/08/16 13:59:14	1.39
  @@ -69,6 +69,7 @@
   #include "ap_mpm.h"
   #include "apr_thread_proc.h"
   #include "apr_strings.h"
  +#include "apr_portable.h"
   #ifdef HAVE_PWD_H
   #include <pwd.h>
   #endif
  @@ -86,6 +87,9 @@
   #ifdef HAVE_STRINGS_H
   #include <strings.h>
   #endif
  +#ifdef HAVE_SYS_SEM_H
  +#include <sys/sem.h>
  +#endif
   
   unixd_config_rec unixd_config;
   
  @@ -371,5 +375,37 @@
   
       return ap_unix_create_privileged_process(newproc, progname, args, env,
                                                 attr, ugid, p);
  +}
  +
  +AP_DECLARE(apr_status_t) unixd_set_lock_perms(apr_lock_t *lock)
  +{
  +/* MPM shouldn't call us unless we're actually using a SysV sem;
  + * this is just to avoid compile issues on systems without that
  + * feature
  + */
  +#if APR_HAS_SYSVSEM_SERIALIZE
  +    apr_os_lock_t oslock;
  +#if !APR_HAVE_UNION_SEMUN
  +    union semun {
  +        long val;
  +        struct semid_ds *buf;
  +        ushort *array;
  +};
  +#endif
  +    union semun ick;
  +    struct semid_ds buf;
  +
  +    if (!geteuid()) {
  +        apr_os_lock_get(&oslock, lock);
  +        buf.sem_perm.uid = unixd_config.user_id;
  +        buf.sem_perm.gid = unixd_config.group_id;
  +        buf.sem_perm.mode = 0600;
  +        ick.buf = &buf;
  +        if (semctl(oslock.crossproc, 0, IPC_SET, ick) < 0) {
  +            return errno;
  +        }
  +    }
  +#endif
  +    return APR_SUCCESS;
   }
   
  
  
  
  1.24      +2 -1      httpd-2.0/os/unix/unixd.h
  
  Index: unixd.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/os/unix/unixd.h,v
  retrieving revision 1.23
  retrieving revision 1.24
  diff -u -r1.23 -r1.24
  --- unixd.h	2001/07/30 17:55:38	1.23
  +++ unixd.h	2001/08/16 13:59:14	1.24
  @@ -69,6 +69,7 @@
   #endif
   #include "apr_hooks.h"
   #include "apr_thread_proc.h"
  +#include "apr_lock.h"
   
   #include <pwd.h>
   #include <grp.h>
  @@ -111,7 +112,7 @@
   AP_DECLARE(void) unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit,
                              const char *arg, const char * arg2, int type);
   #endif
  -
  +AP_DECLARE(apr_status_t) unixd_set_lock_perms(apr_lock_t *lock);
   
   #ifdef HAVE_KILLPG
   #define unixd_killpg(x, y)	(killpg ((x), (y)))
  
  
  
  1.65      +8 -3      httpd-2.0/server/mpm_common.c
  
  Index: mpm_common.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm_common.c,v
  retrieving revision 1.64
  retrieving revision 1.65
  diff -u -r1.64 -r1.65
  --- mpm_common.c	2001/08/14 12:30:49	1.64
  +++ mpm_common.c	2001/08/16 13:59:14	1.65
  @@ -593,7 +593,12 @@
           ap_accept_lock_mech = APR_LOCK_FCNTL;
       }
   #endif
  -#if APR_HAS_SYSVSEM_SERIALIZE
  +    /* perchild can't use SysV sems because the permissions on the accept
  +     * mutex can't be set to allow all processes to use the mutex and
  +     * at the same time keep all users from being able to dink with the
  +     * mutex
  +     */
  +#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
       else if (!strcasecmp(arg, "sysvsem")) {
           ap_accept_lock_mech = APR_LOCK_SYSVSEM;
       }
  @@ -605,14 +610,14 @@
   #endif
       else {
           return apr_pstrcat(cmd->pool, arg, " is an invalid mutex mechanism; valid "
  -                           "ones for this platform are: default"
  +                           "ones for this platform and MPM are: default"
   #if APR_HAS_FLOCK_SERIALIZE
                              ", flock"
   #endif
   #if APR_HAS_FCNTL_SERIALIZE
                              ", fcntl"
   #endif
  -#if APR_HAS_SYSVSEM_SERIALIZE
  +#if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
                              ", sysvsem"
   #endif
   #if APR_HAS_PROC_PTHREAD_SERIALIZE
  
  
  
  1.196     +14 -0     httpd-2.0/server/mpm/prefork/prefork.c
  
  Index: prefork.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm/prefork/prefork.c,v
  retrieving revision 1.195
  retrieving revision 1.196
  diff -u -r1.195 -r1.196
  --- prefork.c	2001/08/14 12:30:50	1.195
  +++ prefork.c	2001/08/16 13:59:14	1.196
  @@ -276,6 +276,20 @@
   	ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "couldn't create accept mutex");
           exit(APEXIT_INIT);
       }
  +
  +#if APR_USE_SYSVSEM_SERIALIZE
  +    if (ap_accept_lock_mech == APR_LOCK_DEFAULT || 
  +        ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
  +#else
  +    if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
  +#endif
  +        rv = unixd_set_lock_perms(accept_lock);
  +        if (rv != APR_SUCCESS) {
  +            ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
  +                         "Couldn't set permissions on cross-process lock");
  +            exit(APEXIT_INIT);
  +        }
  +    }
   }
   
   static void accept_mutex_on(void)
  
  
  
  1.61      +14 -0     httpd-2.0/server/mpm/threaded/threaded.c
  
  Index: threaded.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm/threaded/threaded.c,v
  retrieving revision 1.60
  retrieving revision 1.61
  diff -u -r1.60 -r1.61
  --- threaded.c	2001/08/14 12:30:50	1.60
  +++ threaded.c	2001/08/16 13:59:14	1.61
  @@ -1229,6 +1229,20 @@
           return 1;
       }
   
  +#if APR_USE_SYSVSEM_SERIALIZE
  +    if (ap_accept_lock_mech == APR_LOCK_DEFAULT || 
  +        ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
  +#else
  +    if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
  +#endif
  +        rv = unixd_set_lock_perms(accept_mutex);
  +        if (rv != APR_SUCCESS) {
  +            ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
  +                         "Couldn't set permissions on cross-process lock");
  +            return 1;
  +        }
  +    }
  +
       if (!is_graceful) {
           ap_run_pre_mpm(pconf, SB_SHARED);
       }
  
  
  
  1.14      +14 -0     httpd-2.0/server/mpm/worker/worker.c
  
  Index: worker.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/mpm/worker/worker.c,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- worker.c	2001/08/14 12:30:50	1.13
  +++ worker.c	2001/08/16 13:59:14	1.14
  @@ -1272,6 +1272,20 @@
           return 1;
       }
   
  +#if APR_USE_SYSVSEM_SERIALIZE
  +    if (ap_accept_lock_mech == APR_LOCK_DEFAULT || 
  +        ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
  +#else
  +    if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
  +#endif
  +        rv = unixd_set_lock_perms(accept_mutex);
  +        if (rv != APR_SUCCESS) {
  +            ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
  +                         "Couldn't set permissions on cross-process lock");
  +            return 1;
  +        }
  +    }
  +
       if (!is_graceful) {
           ap_run_pre_mpm(pconf, SB_SHARED);
       }
  
  
  

Mime
View raw message