www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity

Unix: Handle permissions settings for flock-based mutexes in

Browse Source 
unixd_set_global|proc_mutex_perms().  Allow the functions to be
called for any type of mutex.

This resolves a fatal problem with mod_rewrite on systems where
APR uses flock-based mutex.

It simplifies mod_ssl as well, which had special logic to perform
the chown().  It fixed an init error with mod_ssl on systems where
flock is used when the user had no SSLMutex directive.

The Unix MPMs continue to call unixd_set_global|proc_mutex_perms()
only for SysV sems.  There is no permission problem with flock-based
accept mutexes since the child init logic for the MPMs is done
prior to switching identity.

PR:              20312


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100189 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jeff Trawick
2003-06-07 19:50:01 +00:00
parent d7d7c6a73e
commit 8f0cd048e0
7 changed files with 84 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -2,6 +2,10 @@ Changes with Apache 2.1.0-dev
[Remove entries to the current 2.0 section below, when backported]
*) Unix: Handle permissions settings for flock-based mutexes in
unixd_set_global|proc_mutex_perms(). Allow the functions to be
called for any type of mutex. PR 20312 [Jeff Trawick]
*) mod_rewrite: Perform child initialization on the rewrite log lock.
This fixes a log corruption issue when flock-based serialization
is used (e.g., FreeBSD). [Jeff Trawick]

5
modules/mappers/mod_rewrite.c
View File

@@ -118,6 +118,7 @@
#if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
#include "unixd.h"
#define MOD_REWRITE_SET_MUTEX_PERMS /* XXX Apache should define something */
#endif
/*
@@ -1017,7 +1018,7 @@ static int post_config(apr_pool_t *p,
return HTTP_INTERNAL_SERVER_ERROR;
}
#if APR_USE_SYSVSEM_SERIALIZE
#ifdef MOD_REWRITE_SET_MUTEX_PERMS
rv = unixd_set_global_mutex_perms(rewrite_log_lock);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
@@ -3585,7 +3586,7 @@ static apr_status_t rewritelock_create(server_rec *s, apr_pool_t *p)
return rc;
}
#if APR_USE_SYSVSEM_SERIALIZE
#ifdef MOD_REWRITE_SET_MUTEX_PERMS
rc = unixd_set_global_mutex_perms(rewrite_mapr_lock_acquire);
if (rc != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rc, s,

1
modules/ssl/mod_ssl.h
View File

@@ -394,7 +394,6 @@ typedef struct {
ssl_mutexmode_t nMutexMode;
apr_lockmech_e nMutexMech;
const char *szMutexFile;
BOOL ChownMutexFile;
apr_global_mutex_t *pMutex;
apr_array_header_t *aRandSeed;
apr_hash_t *tVHostKeys;

3
modules/ssl/ssl_engine_config.c
View File

@@ -101,7 +101,6 @@ SSLModConfigRec *ssl_config_global_create(server_rec *s)
mc->nMutexMode = SSL_MUTEXMODE_UNSET;
mc->nMutexMech = APR_LOCK_DEFAULT;
mc->szMutexFile = NULL;
mc->ChownMutexFile = FALSE;
mc->pMutex = NULL;
mc->aRandSeed = apr_array_make(pool, 4,
sizeof(ssl_randseed_t));
@@ -401,7 +400,6 @@ const char *ssl_cmd_SSLMutex(cmd_parms *cmd,
*/
mc->nMutexMode = SSL_MUTEXMODE_USED;
mc->szMutexFile = NULL;
mc->ChownMutexFile = FALSE;
/* NOTE: previously, 'yes' implied 'sem' */
if (!strcasecmp(meth, "default") || !strcasecmp(meth, "yes")) {
@@ -415,7 +413,6 @@ const char *ssl_cmd_SSLMutex(cmd_parms *cmd,
#if APR_HAS_FLOCK_SERIALIZE
else if ((!strcasecmp(meth, "flock") || !strcasecmp(meth, "file")) && file) {
mc->nMutexMech = APR_LOCK_FLOCK;
mc->ChownMutexFile = TRUE;
}
#endif
#if APR_HAS_POSIXSEM_SERIALIZE

26
modules/ssl/ssl_engine_mutex.c
View File

@@ -63,6 +63,7 @@
#include "mod_ssl.h"
#if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
#include "unixd.h"
#define MOD_SSL_SET_MUTEX_PERMS /* XXX Apache should define something */
#endif
int ssl_mutex_init(server_rec *s, apr_pool_t *p)
@@ -88,25 +89,14 @@ int ssl_mutex_init(server_rec *s, apr_pool_t *p)
"Cannot create SSLMutex");
return FALSE;
}
#if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
if (mc->szMutexFile && mc->ChownMutexFile == TRUE)
chown(mc->szMutexFile, unixd_config.user_id, -1);
#endif
#if APR_HAS_SYSVSEM_SERIALIZE
#if APR_USE_SYSVSEM_SERIALIZE
if (mc->nMutexMech == APR_LOCK_DEFAULT ||
mc->nMutexMech == APR_LOCK_SYSVSEM) {
#else
if (mc->nMutexMech == APR_LOCK_SYSVSEM) {
#endif
rv = unixd_set_global_mutex_perms(mc->pMutex);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Could not set permissions on ssl_mutex; check User "
"and Group directives");
return FALSE;
}
#ifdef MOD_SSL_SET_MUTEX_PERMS
rv = unixd_set_global_mutex_perms(mc->pMutex);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, s,
"Could not set permissions on ssl_mutex; check User "
"and Group directives");
return FALSE;
}
#endif
return TRUE;

83
os/unix/unixd.c
View File

@@ -417,35 +417,70 @@ AP_DECLARE(apr_status_t) ap_os_create_privileged_process(
attr, ugid, p);
}
/* XXX move to APR and externalize (but implement differently :) ) */
static apr_lockmech_e proc_mutex_mech(apr_proc_mutex_t *pmutex)
{
const char *mechname = apr_proc_mutex_name(pmutex);
if (!strcmp(mechname, "sysvsem")) {
return APR_LOCK_SYSVSEM;
}
else if (!strcmp(mechname, "flock")) {
return APR_LOCK_FLOCK;
}
return APR_LOCK_DEFAULT;
}
AP_DECLARE(apr_status_t) unixd_set_proc_mutex_perms(apr_proc_mutex_t *pmutex)
{
/* MPM shouldn't call us unless we're actually using a SysV sem;
* this is just to avoid compile issues on systems without that
* feature
*/
#if APR_HAS_SYSVSEM_SERIALIZE
apr_os_proc_mutex_t ospmutex;
#if !APR_HAVE_UNION_SEMUN
union semun {
long val;
struct semid_ds *buf;
ushort *array;
};
#endif
union semun ick;
struct semid_ds buf;
if (!geteuid()) {
apr_os_proc_mutex_get(&ospmutex, pmutex);
buf.sem_perm.uid = unixd_config.user_id;
buf.sem_perm.gid = unixd_config.group_id;
buf.sem_perm.mode = 0600;
ick.buf = &buf;
if (semctl(ospmutex.crossproc, 0, IPC_SET, ick) < 0) {
return errno;
apr_lockmech_e mech = proc_mutex_mech(pmutex);
switch(mech) {
#if APR_HAS_SYSVSEM_SERIALIZE
case APR_LOCK_SYSVSEM:
{
apr_os_proc_mutex_t ospmutex;
#if !APR_HAVE_UNION_SEMUN
union semun {
long val;
struct semid_ds *buf;
ushort *array;
};
#endif
union semun ick;
struct semid_ds buf;
apr_os_proc_mutex_get(&ospmutex, pmutex);
buf.sem_perm.uid = unixd_config.user_id;
buf.sem_perm.gid = unixd_config.group_id;
buf.sem_perm.mode = 0600;
ick.buf = &buf;
if (semctl(ospmutex.crossproc, 0, IPC_SET, ick) < 0) {
return errno;
}
}
break;
#endif
#if APR_HAS_FLOCK_SERIALIZE
case APR_LOCK_FLOCK:
{
const char *lockfile = apr_proc_mutex_lockfile(pmutex);
if (lockfile) {
if (chown(lockfile, unixd_config.user_id,
-1 /* no gid change */) < 0) {
return errno;
}
}
}
break;
#endif
default:
/* do nothing */
break;
}
}
#endif
return APR_SUCCESS;
}

10
os/unix/unixd.h
View File

@@ -120,6 +120,16 @@ AP_DECLARE(const char *) unixd_set_group(cmd_parms *cmd, void *dummy,
AP_DECLARE(void) unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit,
const char *arg, const char * arg2, int type);
#endif
/**
* One of the functions to set mutex permissions should be called in
* the parent process on platforms that switch identity when the
* server is started as root.
* If the child init logic is performed before switching identity
* (e.g., MPM setup for an accept mutex), it should only be called
* for SysV semaphores. Otherwise, it is safe to call it for all
* mutex types.
*/
AP_DECLARE(apr_status_t) unixd_set_proc_mutex_perms(apr_proc_mutex_t *pmutex);
AP_DECLARE(apr_status_t) unixd_set_global_mutex_perms(apr_global_mutex_t *gmutex);
AP_DECLARE(apr_status_t) unixd_accept(void **accepted, ap_listen_rec *lr, apr_pool_t *ptrans);