Unix: Handle permissions settings for flock-based mutexes in

unixd_set_global|proc_mutex_perms(). Allow the functions to be called for any type of mutex. This resolves a fatal problem with mod_rewrite on systems where APR uses flock-based mutex. It simplifies mod_ssl as well, which had special logic to perform the chown(). It fixed an init error with mod_ssl on systems where flock is used when the user had no SSLMutex directive. The Unix MPMs continue to call unixd_set_global|proc_mutex_perms() only for SysV sems. There is no permission problem with flock-based accept mutexes since the child init logic for the MPMs is done prior to switching identity. PR: 20312 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100189 13f79535-47bb-0310-9956-ffa450edef68
2025-08-07 04:02:58 +03:00 · 2003-06-07 19:50:01 +00:00
parent d7d7c6a73e
commit 8f0cd048e0
7 changed files with 84 additions and 48 deletions
--- a/modules/ssl/ssl_engine_mutex.c
+++ b/modules/ssl/ssl_engine_mutex.c
@@ -63,6 +63,7 @@
 #include "mod_ssl.h"
 #if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
 #include "unixd.h"
+#define MOD_SSL_SET_MUTEX_PERMS /* XXX Apache should define something */
 #endif

 int ssl_mutex_init(server_rec *s, apr_pool_t *p)
@@ -88,25 +89,14 @@ int ssl_mutex_init(server_rec *s, apr_pool_t *p)
                         "Cannot create SSLMutex");
        return FALSE;
    }
-#if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
-    if (mc->szMutexFile && mc->ChownMutexFile == TRUE)
-        chown(mc->szMutexFile, unixd_config.user_id, -1);
-#endif

-#if APR_HAS_SYSVSEM_SERIALIZE
-#if APR_USE_SYSVSEM_SERIALIZE
-    if (mc->nMutexMech == APR_LOCK_DEFAULT || 
-        mc->nMutexMech == APR_LOCK_SYSVSEM) {
-#else
-    if (mc->nMutexMech == APR_LOCK_SYSVSEM) {
-#endif
-        rv = unixd_set_global_mutex_perms(mc->pMutex);
-        if (rv != APR_SUCCESS) {
-            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
-                         "Could not set permissions on ssl_mutex; check User "
-                         "and Group directives");
-            return FALSE;
-        }
+#ifdef MOD_SSL_SET_MUTEX_PERMS
+    rv = unixd_set_global_mutex_perms(mc->pMutex);
+    if (rv != APR_SUCCESS) {
+        ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
+                     "Could not set permissions on ssl_mutex; check User "
+                     "and Group directives");
+        return FALSE;
    }
 #endif
    return TRUE;