ap_runtime_dir_relative() will return NULL on failure. However cgid_init()
does not check the return value of ap_runtime_dir_relative() and use it
directly.
Fix this bug by adding a NULL check.
Submitted by: Zhou Qingyang <zhou1615@umn.edu>
Github: closes#304
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908972 13f79535-47bb-0310-9956-ffa450edef68
default, rather than as an opt-in configure flag. (This has been
tested in Fedora for >12 months without seeing any new problems)
* configure.in: Check for CMSG_DATA here, and define HAVE_FDPASSING
and $ap_has_fdpassing if fd passing is supported.
* modules/generator/config5.m4,
modules/generator/mod_cgid.c: Drop configure flag for mod_cgid
fdpassing support, instead enable where possible by default.
* modules/proxy/config.m4: Rely on configure test for CMSG_DATA.
* .travis.yml: Switch test for cgid fdpassing for testing w/o
CMSG_DATA.
Github: closes#172
PR: 54221
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1886912 13f79535-47bb-0310-9956-ffa450edef68
cgi_common.h. Functional changes:
- brings the PR 61980 fix to mod_cgid as well, and
- some mod_cgid-specific APLOGNOs are dropped in favour of the
code used in the equivalent error path in mod_cgi
... otherwise no user-visible changes (intended).
* modules/generators/cgi_common.h (log_scripterror, log_script_err): Move
here from mod_cgi.
(cgi_handle_exec): Move here, renamed from mod_cgi's handle_exec.
(cgi_optfns_retrieve): New function, split out from mod_cgi's cgi_post_config.
* modules/generators/mod_cgid.c: Adjust accordingly, update to pass
logno separately.
(register_hooks): Register cgi_optfns_retrieve.
* modules/generators/mod_cgi.c: Adjust accordingly.
(register_hooks): Register cgi_optfns_retrieve.
Github: closes#141
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1881559 13f79535-47bb-0310-9956-ffa450edef68
near-identical common code from mod_cgid, mod_cgi.
* modules/generators/mod_cgid.c (cgid_handler),
modules/generators/mod_cgi.c (cgi_handler):
Adjust to use cgi_handle_request.
Github: closes#97
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1874491 13f79535-47bb-0310-9956-ffa450edef68
* modules/generators/cgi_common.h: Only define CGI bucket type
if WANT_CGI_BUCKET is defined.
* modules/generators/mod_cgi.c: Always include cgi_common.h, defining
WANT_CGI_BUCKET iff APR_FILES_AS_SOCKETS is defined
* modules/generators/mod_cgid.c: Always include cgi_common.h, defining
WANT_CGI_BUCKET iff HAVE_CGID_FDPASSING (--enable-cgid-fdpassing).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1867971 13f79535-47bb-0310-9956-ffa450edef68
to cgi_common.h; the diff between the modules for this code was as
follows:
https://people.apache.org/~jorton/mod_cgi-to-cgid-handler.diff
Change from previous: mod_cgi will now explicitly discard output when
returning HTTP_MOVED_TEMPORARILY for relative redirects (should not be
functionally different), TRACE1 logging of ap_pass_brigade failures
for mod_cgid is dropped.
* modules/generators/cgi_common.h (cgi_handle_response): New function,
factored out from mod_cgid.
(discard_script_output): Copied function from mod_cgi/d unchanged.
* modules/generator/mod_cgid.c (cgid_handler),
modules/generator/mod_cgi.c (cgi_handler): Use cgi_handle_response.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1867968 13f79535-47bb-0310-9956-ffa450edef68
Split out CGI bucket implementation from mod_cgi and use in both
mod_cgi and mod_cgid, bringing stderr handling in mod_cgid up to par
with mod_cgi. (There is a lot of code which has been copied between
mod_cgi{,d} so there's scope for further reduction of source
duplication between the modules using this header)
* modules/generators/cgi_common.h: Copied from mod_cgi.c, removed
everything but the CGI bucket implementation with only one change:
(struct cgi_bucket_data, cgi_bucket_create, cgi_bucket_read): Take a
timeout on bucket creation, store and use on reads.
* modules/generators/mod_cgi.c [APR_FILES_AS_SOCKETS]: Include
cgi_common.h.
(cgi_handler): Pass configured timeout to CGI bucket.
* modules/generators/mod_cgid.c: Include cgi_common.h.
(log_script_err): Copy from mod_cgi.c.
(log_script): Use log_script_err.
(send_req): Take fd for stderr.
(cgid_child_errfn): Handle fd-passing case by writing error
to stderr for client to pass through ap_log_rerror.
(cgid_handler): Create pipe for stderr, pass write-end to
server via send_req, use read-end to create CGI bucket. Handle
stderr output in failure paths.
PR: 54221
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1863191 13f79535-47bb-0310-9956-ffa450edef68
script stderr to the error log specific to the vhost, by passing the
appropriate fd over the AF_UNIX socket from the request handling
thread to the cgid server process.
* modules/generators/config5.m4: Add --enable-cgid-fdpassing.
* modules/generators/mod_cgid.c (sock_readhdr): New function, also
returns auxiliary control data (the stderr fd) if available.
(sock_write): Take optional aux fd argument, send it as control
data. (send_req, get_req): Adjust accordingly to pass/receive the
stderr fd.
(cgid_server): Use passed fd if available, limit the lifetime.
PR: 60692
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1862968 13f79535-47bb-0310-9956-ffa450edef68
In some cases, a 2nd CGI using the same c->id can get into
the mod_cgid handler before cleanups have been run, causing
the new CGI pid to be used by the first CGI's cleanup function.
Instead of stashing c->id in the request processing thread,
just use it before leaving the handler to get the pid.
May indirectly fix PR57771, but it must have a slightly different
cause because stashing the conn_id slightly differently was
supposed to be sufficient there.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758083 13f79535-47bb-0310-9956-ffa450edef68
More uses of ap_map_http_request_error() and AP_FILTER_ERROR so that we never
return an HTTP error status from a handler if some filter generated a response
already.
That is, from a handler, either ap_get_brigade() (an input filter) returned
AP_FILTER_ERROR and we must forward it to ap_die(), or ap_pass_brigade() (an
output filter) failed with any status and we must return AP_FILTER_ERROR in
any case for ap_die() to determine whether a response is needed or not.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1665625 13f79535-47bb-0310-9956-ffa450edef68
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server.
[Rainer Jung, Eric Covener, Yann Ylavic]
Submitted By: rjung, covener, ylavic
Reviewed By: trawick, jorton, covener, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610509 13f79535-47bb-0310-9956-ffa450edef68
Patch one of two.
Permit a read timeout to be used in mod_cgid to give up on a slow CGI script.
In trunk, it defaults to the servers Timeout. PR43494
Submitted By: Eric Covener, Toshikuni Fukaya
Reviewed By: Eric Covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1535125 13f79535-47bb-0310-9956-ffa450edef68
to the output filters, which is bogus in the proxy case. Create a
clean mapping from APR codes to HTTP status codes, and use it where
needed.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1482522 13f79535-47bb-0310-9956-ffa450edef68
incomplete writes.
Add comments in some places where error handling/logging is missing.
PR: 53131.
Submitted by: Nicolas Viennot <apache viennot biz>, Stefan Fritsch
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1331110 13f79535-47bb-0310-9956-ffa450edef68
Add ap_scan_script_header*_ex() functions that take a module index for
logging.
Make mod_cgi, mod_cgid, mod_proxy_fcgi, mod_proxy_scgi, mod_isapi use the
new functions.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1147493 13f79535-47bb-0310-9956-ffa450edef68
everywhere.
We know that the core module has module_index 0. Therefore we can save
some pointer operations in ap_get_module_config(cv, &core_module) and
ap_set_module_config(cv, &core_module, val). As these are called rather often,
this may actually have some (small) measurable effect.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1132781 13f79535-47bb-0310-9956-ffa450edef68
necessary if a module (like mod_perl) registers additional modules later than the
EXEC_ON_READ phase.
Tested by: Torsten Foertsch <torsten foertsch gmx net>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1096569 13f79535-47bb-0310-9956-ffa450edef68
if they were not active during server startup but got enabled later during a
graceful restart (in which case they need to do all work during a single
config run).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1070153 13f79535-47bb-0310-9956-ffa450edef68
