Fix starvation issue on listening sockets where a short-lived
connection on a rarely-accessed listening socket will cause a
child to hold the accept mutex and block out new connections until
another connection arrives on that rarely-accessed listening socket.
With Apache 2.x there is no performance concern about enabling the
logic for platforms which don't need it, so it is enabled everywhere
except for Win32. [Jeff Trawick]
(already in 2.0.49, propagating to mirrors now)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103029 13f79535-47bb-0310-9956-ffa450edef68
is at least FD_SETSIZE.
That isn't a problem for most users (since poll() is widespread).
On old boxes where select() must be used by APR, APR needs to fail
operations that don't work with such fds.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102419 13f79535-47bb-0310-9956-ffa450edef68
because of the changes to the argument lists of apr_mmap_dup and apr_socket_create,
2.1-dev won't build with apr and apr-util's 0.9 branch anymore
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101154 13f79535-47bb-0310-9956-ffa450edef68
unixd_set_global|proc_mutex_perms(). Allow the functions to be
called for any type of mutex.
This resolves a fatal problem with mod_rewrite on systems where
APR uses flock-based mutex.
It simplifies mod_ssl as well, which had special logic to perform
the chown(). It fixed an init error with mod_ssl on systems where
flock is used when the user had no SSLMutex directive.
The Unix MPMs continue to call unixd_set_global|proc_mutex_perms()
only for SysV sems. There is no permission problem with flock-based
accept mutexes since the child init logic for the MPMs is done
prior to switching identity.
PR: 20312
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100189 13f79535-47bb-0310-9956-ffa450edef68
attempt to lose const on progname
strrchr was not the real library function that takes a
const parameter; instead, strrchr was the Apache macro which
makes it clear that const will be lost
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95900 13f79535-47bb-0310-9956-ffa450edef68
with relative paths instead of absolute paths. Apache 1.3 used
absolute paths for everything except for SuExec, this brings back
that standard.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95899 13f79535-47bb-0310-9956-ffa450edef68
(including security patch to ensure that <!--#include file="name.cgi"-->
is run as the suexec user rather than the httpd user)
PR: 7791, 8291
Submitted by: Colm MacCarthaigh <colmmacc@redbrick.dcu.ie>
Reviewed by: Brian Pane
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95290 13f79535-47bb-0310-9956-ffa450edef68
uid per our convention. Therefore, bad things would happen (like we
wouldn't cd to the right directory).
Add a flag to the ap_unix_identity_t structure to indicate if we are in
a userdir - if so, prefix the ~.
(Modified by Justin, but Colm's patch pointed me in the right direction.)
PR: 7810
Submitted by: Colm <colmmacc@redbrick.dcu.ie>
Reviewed by: Justin Erenkrantz
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94791 13f79535-47bb-0310-9956-ffa450edef68
error occures because the accept() cannot complete.
You will not see ENOBUFS at 10.20 because the kernel
hides any occurrence from being returned from user space.
ENOBUFS at 11.0 TCP/IP is quite possible, and could
occur intermittently. As a work-around, we are going to
ingnore ENOBUFS.
Submitted by: madhusudan_mathihalli@hp.com
Reviewed by: Bill Stoddard
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92894 13f79535-47bb-0310-9956-ffa450edef68
we don't supply a bogus socket to the caller if the accept fails.
(This was causing problems in the worker MPM, which tried to process
the returned socket if it was non-NULL, even if unixd_accept()
returned an error.)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92837 13f79535-47bb-0310-9956-ffa450edef68
the newargs array to allow for a null terminator. This allows suexec and
mod_cgid to work together reliably.
Apparently, rounding up the size to a multiple of 8 bytes in apr_palloc
hid the problem sometimes. At other times, suexec would complain
about a null command name.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92627 13f79535-47bb-0310-9956-ffa450edef68
define the function that should be used to accept on that
socket. Each MPM can define their own function to use for
the accept function with the MPM_ACCEPT_FUNC macro. This
also abstracts out all of the Unix accept error handling
logic, which has become out of synch across Unix MPMs.
The code flow is much easier now for different transports:
1) During pre-config, post-config or while parsing the config
file, add a socket to the ap_listeners list, making sure to
define an accept function at the same time.
2) MPMs find the correct listener, and call the accept function
that was defined in step 1.
3) That accept function returns a void pointer, which is passed
to the create_connection hook.
4) create_connection adds the correct low-level filters.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91916 13f79535-47bb-0310-9956-ffa450edef68
here to set permissions on SysV Semaphores. MPMs will be modified to
call this new function as they are ported to the new APR lock API.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91579 13f79535-47bb-0310-9956-ffa450edef68
processes to use the accept mutex when starting as root and
using SysV sems for the accept mutex. Previously, this
combination would lead to fatal errors in the child server
processes. perchild can't use SysV sems because of security
issues.
translation: steal apache 1.3 code to call semop(IPC_SET) on
the semaphore to set permissions and uid/gid
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90213 13f79535-47bb-0310-9956-ffa450edef68
MPMs use the same functions for all common MPM directives. This
should make it easier to catch all bugs in these directives once.
Everybody should check their favorite MPM to ensure that it still
compiles, and that these directives work. This is a big patch, and
although it looks good, and things compiled for me, that is no
garauntee that it will work on all platforms. :-)
Submitted by: Cody Sherr <csherr@covalent.net>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90132 13f79535-47bb-0310-9956-ffa450edef68
AP[RU]_DECLARE macros. This commit gets mod_cgid working again as a DSO on
AIX.
However, this brings up the need to look for any functions that are
available as part of the API, and AP[RU]_DECLAREing them, so things don't
blow up in DSOs.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@89790 13f79535-47bb-0310-9956-ffa450edef68
apr_stat/lstat/getfileinfo. These are -NOT- optimal, they
are simply the required changes to get the server working.
The size of the patch is a warning about how we need to
really look at what we are trying to accomplish with all
of these stat/lstat calls.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87760 13f79535-47bb-0310-9956-ffa450edef68
mpm_common.c. These functions are only valid on some platforms,
so they should not be in the main-line code.
These functions are also not portable to non-unix platforms, so they don't
really belong in APR. Since they are only used in MPMs, for right now,
I am moving them to mpm_common.c
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87755 13f79535-47bb-0310-9956-ffa450edef68
files need to specifically include stdio.h, or a particular apr_*.h
header.
*) Adjust callers of apr_create_process() to deal with the extra "const"
*) Add "const" to args of ap_os_create_privileged_process()
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87080 13f79535-47bb-0310-9956-ffa450edef68
accomplished by moving suexec out of it's own file and into unixd.[ch].
The problem was that suexec.c wasn't being linked into the server unless
a module was actually using ap_os_create_process. This is still not clean,
but it works now.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86772 13f79535-47bb-0310-9956-ffa450edef68
for CORE_EXPORT to AP_CORE_DECLARE (namespace protecting the wrapper)
and retitled API_EXPORT as AP_DECLARE and APR_EXPORT as APR_DECLARE.
All _VAR_ flavors changes to _DATA to be absolutely clear.
Thank you Greg, for the most obvious suggestion.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86609 13f79535-47bb-0310-9956-ffa450edef68
just the structure or the RLIMIT_* defines. Also, we should make
the API function unixd_set_rlimit() ``available'' even if it
doesn't do anything.
PR:
Obtained from:
Submitted by:
Reviewed by:
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86143 13f79535-47bb-0310-9956-ffa450edef68
Include time.h for time().
This removes a bunch of compiler warnings with gcc -Wall on AIX.
Submitted by: Jeff Trawick, Victor Orlikowski
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@85723 13f79535-47bb-0310-9956-ffa450edef68
This also modifies the ap_detach function to look like unixd_detach.
Finally all calls to unixd_detach are changed to ap_detach.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@85635 13f79535-47bb-0310-9956-ffa450edef68
