httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aa...@apache.org
Subject cvs commit: httpd-2.0/support suexec.c
Date Thu, 22 Nov 2001 07:42:13 GMT
aaron       01/11/21 23:42:13

  Modified:    support  suexec.c
  Log:
  Just some style changes from when I was working on the recent suexec
  patch. No more tabs, intended alignment remains.
  
  Revision  Changes    Path
  1.17      +132 -133  httpd-2.0/support/suexec.c
  
  Index: suexec.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/support/suexec.c,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- suexec.c	2001/10/30 17:38:03	1.16
  +++ suexec.c	2001/11/22 07:42:13	1.17
  @@ -105,7 +105,7 @@
   #if defined(NEED_INITGROUPS)
   int initgroups(const char *name, gid_t basegid)
   {
  -/* QNX and MPE do not appear to support supplementary groups. */
  +    /* QNX and MPE do not appear to support supplementary groups. */
       return 0;
   }
   #endif
  @@ -175,19 +175,19 @@
       struct tm *lt;
   
       if (!log) {
  -	if ((log = fopen(AP_LOG_EXEC, "a")) == NULL) {
  -	    fprintf(stderr, "failed to open log file\n");
  -	    perror("fopen");
  -	    exit(1);
  -	}
  +        if ((log = fopen(AP_LOG_EXEC, "a")) == NULL) {
  +            fprintf(stderr, "failed to open log file\n");
  +            perror("fopen");
  +            exit(1);
  +        }
       }
   
       time(&timevar);
       lt = localtime(&timevar);
   
       fprintf(log, "[%d-%.2d-%.2d %.2d:%.2d:%.2d]: ",
  -	    lt->tm_year + 1900, lt->tm_mon + 1, lt->tm_mday,
  -	    lt->tm_hour, lt->tm_min, lt->tm_sec);
  +            lt->tm_year + 1900, lt->tm_mon + 1, lt->tm_mday,
  +            lt->tm_hour, lt->tm_min, lt->tm_sec);
   
       vfprintf(log, fmt, ap);
   
  @@ -219,7 +219,7 @@
   
       if ((cleanenv = (char **) calloc(AP_ENVBUF, sizeof(char *))) == NULL) {
           log_err("failed to malloc memory for environment\n");
  -	exit(120);
  +        exit(120);
       }
   
       sprintf(pathbuf, "PATH=%s", AP_SAFE_PATH);
  @@ -227,20 +227,20 @@
       cidx++;
   
       for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
  -	if (!strncmp(*ep, "HTTP_", 5)) {
  -	    cleanenv[cidx] = *ep;
  -	    cidx++;
  -	}
  -	else {
  -	    for (idx = 0; safe_env_lst[idx]; idx++) {
  -		if (!strncmp(*ep, safe_env_lst[idx],
  -			     strlen(safe_env_lst[idx]))) {
  -		    cleanenv[cidx] = *ep;
  -		    cidx++;
  -		    break;
  -		}
  -	    }
  -	}
  +        if (!strncmp(*ep, "HTTP_", 5)) {
  +            cleanenv[cidx] = *ep;
  +            cidx++;
  +        }
  +        else {
  +            for (idx = 0; safe_env_lst[idx]; idx++) {
  +                if (!strncmp(*ep, safe_env_lst[idx],
  +                             strlen(safe_env_lst[idx]))) {
  +                    cleanenv[cidx] = *ep;
  +                    cidx++;
  +                    break;
  +                }
  +            }
  +        }
       }
   
       cleanenv[cidx] = NULL;
  @@ -250,22 +250,22 @@
   
   int main(int argc, char *argv[])
   {
  -    int userdir = 0;		/* ~userdir flag             */
  -    uid_t uid;			/* user information          */
  -    gid_t gid;			/* target group placeholder  */
  -    char *target_uname;		/* target user name          */
  -    char *target_gname;		/* target group name         */
  -    char *target_homedir;	/* target home directory     */
  -    char *actual_uname;		/* actual user name          */
  -    char *actual_gname;		/* actual group name         */
  -    char *prog;			/* name of this program      */
  -    char *cmd;			/* command to be executed    */
  -    char cwd[AP_MAXPATH];	/* current working directory */
  -    char dwd[AP_MAXPATH];	/* docroot working directory */
  -    struct passwd *pw;		/* password entry holder     */
  -    struct group *gr;		/* group entry holder        */
  -    struct stat dir_info;	/* directory info holder     */
  -    struct stat prg_info;	/* program info holder       */
  +    int userdir = 0;        /* ~userdir flag             */
  +    uid_t uid;              /* user information          */
  +    gid_t gid;              /* target group placeholder  */
  +    char *target_uname;     /* target user name          */
  +    char *target_gname;     /* target group name         */
  +    char *target_homedir;   /* target home directory     */
  +    char *actual_uname;     /* actual user name          */
  +    char *actual_gname;     /* actual group name         */
  +    char *prog;             /* name of this program      */
  +    char *cmd;              /* command to be executed    */
  +    char cwd[AP_MAXPATH];   /* current working directory */
  +    char dwd[AP_MAXPATH];   /* docroot working directory */
  +    struct passwd *pw;      /* password entry holder     */
  +    struct group *gr;       /* group entry holder        */
  +    struct stat dir_info;   /* directory info holder     */
  +    struct stat prg_info;   /* program info holder       */
   
       prog = argv[0];
       /*
  @@ -274,8 +274,8 @@
        */
       uid = getuid();
       if ((pw = getpwuid(uid)) == NULL) {
  -	log_err("crit: invalid uid: (%ld)\n", uid);
  -	exit(102);
  +        log_err("crit: invalid uid: (%ld)\n", uid);
  +        exit(102);
       }
       /*
        * See if this is a 'how were you compiled' request, and
  @@ -322,8 +322,8 @@
        * all of them to variables.  Otherwise, error out.
        */
       if (argc < 4) {
  -	log_err("too few arguments\n");
  -	exit(101);
  +        log_err("too few arguments\n");
  +        exit(101);
       }
       target_uname = argv[1];
       target_gname = argv[2];
  @@ -338,12 +338,12 @@
       /* User name comparisons are case insensitive on BS2000/OSD */
       if (strcasecmp(AP_HTTPD_USER, pw->pw_name)) {
           log_err("user mismatch (%s instead of %s)\n", pw->pw_name, AP_HTTPD_USER);
  -	exit(103);
  +        exit(103);
       }
   #else  /*_OSD_POSIX*/
       if (strcmp(AP_HTTPD_USER, pw->pw_name)) {
           log_err("user mismatch (%s instead of %s)\n", pw->pw_name, AP_HTTPD_USER);
  -	exit(103);
  +        exit(103);
       }
   #endif /*_OSD_POSIX*/
   
  @@ -354,9 +354,9 @@
        * found, error out.  Naughty naughty crackers.
        */
       if ((cmd[0] == '/') || (!strncmp(cmd, "../", 3))
  -	|| (strstr(cmd, "/../") != NULL)) {
  +        || (strstr(cmd, "/../") != NULL)) {
           log_err("invalid command (%s)\n", cmd);
  -	exit(104);
  +        exit(104);
       }
   
       /*
  @@ -365,8 +365,8 @@
        * target username.
        */
       if (!strncmp("~", target_uname, 1)) {
  -	target_uname++;
  -	userdir = 1;
  +        target_uname++;
  +        userdir = 1;
       }
   
       /*
  @@ -374,8 +374,8 @@
        */
       if (strspn(target_uname, "1234567890") != strlen(target_uname)) {
           if ((pw = getpwnam(target_uname)) == NULL) {
  -    	    log_err("invalid target user name: (%s)\n", target_uname);
  -    	    exit(105);
  +            log_err("invalid target user name: (%s)\n", target_uname);
  +            exit(105);
           }
       }
       else {
  @@ -389,16 +389,16 @@
        * Error out if the target group name is invalid.
        */
       if (strspn(target_gname, "1234567890") != strlen(target_gname)) {
  -	if ((gr = getgrnam(target_gname)) == NULL) {
  -	    log_err("invalid target group name: (%s)\n", target_gname);
  -	    exit(106);
  -	}
  -	gid = gr->gr_gid;
  -	actual_gname = strdup(gr->gr_name);
  +        if ((gr = getgrnam(target_gname)) == NULL) {
  +            log_err("invalid target group name: (%s)\n", target_gname);
  +            exit(106);
  +        }
  +        gid = gr->gr_gid;
  +        actual_gname = strdup(gr->gr_name);
       }
       else {
  -	gid = atoi(target_gname);
  -	actual_gname = strdup(target_gname);
  +        gid = atoi(target_gname);
  +        actual_gname = strdup(target_gname);
       }
   
   #ifdef _OSD_POSIX
  @@ -406,28 +406,28 @@
        * Initialize BS2000 user environment
        */
       {
  -	pid_t pid;
  -	int status;
  +        pid_t pid;
  +        int status;
   
  -	switch (pid = ufork(target_uname))
  -	{
  -	case -1:	/* Error */
  -	    log_err("failed to setup bs2000 environment for user %s: %s\n",
  -		    target_uname, strerror(errno));
  -	    exit(150);
  -	case 0:	/* Child */
  -	    break;
  -	default:	/* Father */
  -	    while (pid != waitpid(pid, &status, 0))
  -		;
  -	    /* @@@ FIXME: should we deal with STOP signals as well? */
  -	    if (WIFSIGNALED(status))
  -		kill (getpid(), WTERMSIG(status));
  -	    exit(WEXITSTATUS(status));
  -	}
  +        switch (pid = ufork(target_uname)) {
  +        case -1:    /* Error */
  +            log_err("failed to setup bs2000 environment for user %s: %s\n",
  +                    target_uname, strerror(errno));
  +            exit(150);
  +        case 0:     /* Child */
  +            break;
  +        default:    /* Father */
  +            while (pid != waitpid(pid, &status, 0))
  +                ;
  +            /* @@@ FIXME: should we deal with STOP signals as well? */
  +            if (WIFSIGNALED(status)) {
  +                kill (getpid(), WTERMSIG(status));
  +            }
  +            exit(WEXITSTATUS(status));
  +        }
       }
   #endif /*_OSD_POSIX*/
  -
  +    
       /*
        * Save these for later since initgroups will hose the struct
        */
  @@ -440,17 +440,17 @@
        * before we setuid().
        */
       log_err("uid: (%s/%s) gid: (%s/%s) cmd: %s\n",
  -	    target_uname, actual_uname,
  -	    target_gname, actual_gname,
  -	    cmd);
  +            target_uname, actual_uname,
  +            target_gname, actual_gname,
  +            cmd);
   
       /*
        * Error out if attempt is made to execute as root or as
        * a UID less than AP_UID_MIN.  Tsk tsk.
        */
       if ((uid == 0) || (uid < AP_UID_MIN)) {
  -	log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd);
  -	exit(107);
  +        log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd);
  +        exit(107);
       }
   
       /*
  @@ -458,8 +458,8 @@
        * or as a GID less than AP_GID_MIN.  Tsk tsk.
        */
       if ((gid == 0) || (gid < AP_GID_MIN)) {
  -	log_err("cannot run as forbidden gid (%d/%s)\n", gid, cmd);
  -	exit(108);
  +        log_err("cannot run as forbidden gid (%d/%s)\n", gid, cmd);
  +        exit(108);
       }
   
       /*
  @@ -469,16 +469,16 @@
        * and setgid() to the target group. If unsuccessful, error out.
        */
       if (((setgid(gid)) != 0) || (initgroups(actual_uname, gid) != 0)) {
  -	log_err("failed to setgid (%ld: %s)\n", gid, cmd);
  -	exit(109);
  +        log_err("failed to setgid (%ld: %s)\n", gid, cmd);
  +        exit(109);
       }
   
       /*
        * setuid() to the target user.  Error out on fail.
        */
       if ((setuid(uid)) != 0) {
  -	log_err("failed to setuid (%ld: %s)\n", uid, cmd);
  -	exit(110);
  +        log_err("failed to setuid (%ld: %s)\n", uid, cmd);
  +        exit(110);
       }
   
       /*
  @@ -490,71 +490,71 @@
        * directories.  Yuck.
        */
       if (getcwd(cwd, AP_MAXPATH) == NULL) {
  -	log_err("cannot get current working directory\n");
  -	exit(111);
  +        log_err("cannot get current working directory\n");
  +        exit(111);
       }
   
       if (userdir) {
  -	if (((chdir(target_homedir)) != 0) ||
  -	    ((chdir(AP_USERDIR_SUFFIX)) != 0) ||
  -	    ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
  -	    ((chdir(cwd)) != 0)) {
  -	    log_err("cannot get docroot information (%s)\n", target_homedir);
  -	    exit(112);
  -	}
  +        if (((chdir(target_homedir)) != 0) ||
  +            ((chdir(AP_USERDIR_SUFFIX)) != 0) ||
  +            ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
  +            ((chdir(cwd)) != 0)) {
  +            log_err("cannot get docroot information (%s)\n", target_homedir);
  +            exit(112);
  +        }
       }
       else {
  -	if (((chdir(AP_DOC_ROOT)) != 0) ||
  -	    ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
  -	    ((chdir(cwd)) != 0)) {
  -	    log_err("cannot get docroot information (%s)\n", AP_DOC_ROOT);
  -	    exit(113);
  -	}
  +        if (((chdir(AP_DOC_ROOT)) != 0) ||
  +            ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
  +            ((chdir(cwd)) != 0)) {
  +            log_err("cannot get docroot information (%s)\n", AP_DOC_ROOT);
  +            exit(113);
  +        }
       }
   
       if ((strncmp(cwd, dwd, strlen(dwd))) != 0) {
  -	log_err("command not in docroot (%s/%s)\n", cwd, cmd);
  -	exit(114);
  +        log_err("command not in docroot (%s/%s)\n", cwd, cmd);
  +        exit(114);
       }
   
       /*
        * Stat the cwd and verify it is a directory, or error out.
        */
       if (((lstat(cwd, &dir_info)) != 0) || !(S_ISDIR(dir_info.st_mode))) {
  -	log_err("cannot stat directory: (%s)\n", cwd);
  -	exit(115);
  +        log_err("cannot stat directory: (%s)\n", cwd);
  +        exit(115);
       }
   
       /*
        * Error out if cwd is writable by others.
        */
       if ((dir_info.st_mode & S_IWOTH) || (dir_info.st_mode & S_IWGRP)) {
  -	log_err("directory is writable by others: (%s)\n", cwd);
  -	exit(116);
  +        log_err("directory is writable by others: (%s)\n", cwd);
  +        exit(116);
       }
   
       /*
        * Error out if we cannot stat the program.
        */
       if (((lstat(cmd, &prg_info)) != 0) || (S_ISLNK(prg_info.st_mode))) {
  -	log_err("cannot stat program: (%s)\n", cmd);
  -	exit(117);
  +        log_err("cannot stat program: (%s)\n", cmd);
  +        exit(117);
       }
   
       /*
        * Error out if the program is writable by others.
        */
       if ((prg_info.st_mode & S_IWOTH) || (prg_info.st_mode & S_IWGRP)) {
  -	log_err("file is writable by others: (%s/%s)\n", cwd, cmd);
  -	exit(118);
  +        log_err("file is writable by others: (%s/%s)\n", cwd, cmd);
  +        exit(118);
       }
   
       /*
        * Error out if the file is setuid or setgid.
        */
       if ((prg_info.st_mode & S_ISUID) || (prg_info.st_mode & S_ISGID)) {
  -	log_err("file is either setuid or setgid: (%s/%s)\n", cwd, cmd);
  -	exit(119);
  +        log_err("file is either setuid or setgid: (%s/%s)\n", cwd, cmd);
  +        exit(119);
       }
   
       /*
  @@ -562,15 +562,15 @@
        * the name/group of the cwd or the program.
        */
       if ((uid != dir_info.st_uid) ||
  -	(gid != dir_info.st_gid) ||
  -	(uid != prg_info.st_uid) ||
  -	(gid != prg_info.st_gid)) {
  -	log_err("target uid/gid (%ld/%ld) mismatch "
  -		"with directory (%ld/%ld) or program (%ld/%ld)\n",
  -		uid, gid,
  -		dir_info.st_uid, dir_info.st_gid,
  -		prg_info.st_uid, prg_info.st_gid);
  -	exit(120);
  +        (gid != dir_info.st_gid) ||
  +        (uid != prg_info.st_uid) ||
  +        (gid != prg_info.st_gid)) {
  +        log_err("target uid/gid (%ld/%ld) mismatch "
  +                "with directory (%ld/%ld) or program (%ld/%ld)\n",
  +                uid, gid,
  +                dir_info.st_uid, dir_info.st_gid,
  +                prg_info.st_uid, prg_info.st_gid);
  +        exit(120);
       }
       /*
        * Error out if the program is not executable for the user.
  @@ -578,8 +578,8 @@
        * "[error] Premature end of script headers: ..."
        */
       if (!(prg_info.st_mode & S_IXUSR)) {
  -	log_err("file has no execute permission: (%s/%s)\n", cwd, cmd);
  -	exit(121);
  +        log_err("file has no execute permission: (%s/%s)\n", cwd, cmd);
  +        exit(121);
       }
   
   #ifdef AP_SUEXEC_UMASK
  @@ -604,8 +604,8 @@
        * outside an ifdef'd AP_LOG_EXEC block.
        */
       if (log != NULL) {
  -	fclose(log);
  -	log = NULL;
  +        fclose(log);
  +        log = NULL;
       }
   
       /*
  @@ -614,9 +614,9 @@
   #ifdef NEED_HASHBANG_EMUL
       /* We need the #! emulation when we want to execute scripts */
       {
  -	extern char **environ;
  +        extern char **environ;
   
  -	ap_execve(cmd, &argv[3], environ);
  +        ap_execve(cmd, &argv[3], environ);
       }
   #else /*NEED_HASHBANG_EMUL*/
       execv(cmd, &argv[3]);
  @@ -630,7 +630,6 @@
        *
        * Oh well, log the failure and error out.
        */
  -    log_err("(%d)%s: exec failed (%s)\n", errno, 
  -            strerror(errno), cmd);
  +    log_err("(%d)%s: exec failed (%s)\n", errno, strerror(errno), cmd);
       exit(255);
   }
  
  
  

Mime
View raw message