cvs commit: apache-1.3/src/support suexec.c
coar00/01/11 11:48:05 Modified:.STATUS Makefile.tmpl configure src CHANGES src/support suexec.c Log: Allow the builder to specify a default umask for scripts wrapped by suexec. PR: 4178 Reviewed by: Ryan Bloom, Martin Kraemer, Jim Jagielski, Greg Stein Revision ChangesPath 1.787 +1 -6 apache-1.3/STATUS Index: STATUS === RCS file: /home/cvs/apache-1.3/STATUS,v retrieving revision 1.786 retrieving revision 1.787 diff -u -r1.786 -r1.787 --- STATUS2000/01/11 19:25:24 1.786 +++ STATUS2000/01/11 19:47:35 1.787 @@ -1,5 +1,5 @@ 1.3 STATUS: - Last modified at [$Date: 2000/01/11 19:25:24 $] + Last modified at [$Date: 2000/01/11 19:47:35 $] Release: @@ -75,11 +75,6 @@ Available Patches: - -* Ken's patch to allow for umask settings for suExec. Suggested - by PR#4178. -Message-ID: <[EMAIL PROTECTED]> - Status: Ken +1, Ryan +1, Jim +1, Martin +1 * Andrew Ford's patch (1999/12/05) to add absolute times to mod_expires Message-ID: <[EMAIL PROTECTED]> 1.95 +3 -1 apache-1.3/Makefile.tmpl Index: Makefile.tmpl === RCS file: /home/cvs/apache-1.3/Makefile.tmpl,v retrieving revision 1.94 retrieving revision 1.95 diff -u -r1.94 -r1.95 --- Makefile.tmpl 1999/12/09 17:19:35 1.94 +++ Makefile.tmpl 2000/01/11 19:47:41 1.95 @@ -135,6 +135,7 @@ suexec_uidmin = @suexec_uidmin@ suexec_gidmin = @suexec_gidmin@ suexec_safepath = @suexec_safepath@ +suexec_umask= @suexec_umask@ # some substituted configuration parameters conf_user= @conf_user@ @@ -200,7 +201,8 @@ -DUSERDIR_SUFFIX=\"$(suexec_userdir)\" \ -DLOG_EXEC=\"$(suexec_logexec)\" \ -DDOC_ROOT=\"$(suexec_docroot)\" \ - -DSAFE_PATH=\"$(suexec_safepath)\" ' \ + -DSAFE_PATH=\"$(suexec_safepath)\" \ + $(suexec_umask)' \ suexec; \ fi @echo "<=== $(SRC)/support" 1.115 +15 -1 apache-1.3/configure Index: configure === RCS file: /home/cvs/apache-1.3/configure,v retrieving revision 1.114 retrieving revision 1.115 diff -u -r1.114 -r1.115 --- configure 1999/12/10 11:03:00 1.114 +++ configure 2000/01/11 19:47:42 1.115 @@ -240,6 +240,8 @@ suexec_uidmin=100 suexec_gidmin=100 suexec_safepath="/usr/local/bin:/usr/bin:/bin" +# if the umask is undefined, we don't change it +#suexec_umask=0755 # the installation flags iflags_program="-m 755 -s" @@ -449,6 +451,7 @@ echo " --suexec-uidmin=UIDset the suEXEC minimal allowed UID [$suexec_uidmin]" echo " --suexec-gidmin=GIDset the suEXEC minimal allowed GID [$suexec_gidmin]" echo " --suexec-safepath=PATH set the suEXEC safe PATH [$suexec_safepath]" +echo " --suexec-umask=UMASK set the umask for the suEXEC'd script [server's umask]" echo "" echo "Deprecated options:" echo " --layout backward compat only: use --show-layout" @@ -976,6 +979,11 @@ suexec_safepath="$apc_optarg" suexec_ok=1 ;; +--suexec-umask=*) +suexec_umask_val="$apc_optarg" +suexec_umask="-DSUEXEC_UMASK=$apc_optarg" +suexec_ok=1 +;; --server-uid=*) conf_user="$apc_optarg" # protect the '#' against interpretation as comment @@ -1085,7 +1093,7 @@ for var in prefix exec_prefix bindir sbindir libexecdir mandir \ sysconfdir datadir iconsdir htdocsdir cgidir includedir \ localstatedir runtimedir logfiledir proxycachedir \ - suexec_docroot suexec_logexec; do + suexec_docroot suexec_logexec ; do eval "val=\"\$$var\""; val=`echo $val | sed -e 's:\(.\)/*$:\1:'` eval "$var=\"$val\"" @@ -1240,6 +1248,11 @@ echo "caller ID: $suexec_caller" echo " minimum user ID: $suexec_uidmin" echo " minimum group ID: $suexec_gidmin" +if [ "x$suexec_umask" != "x" ]; then +echo "umask: $suexec_umask_val" + else +echo "umask: running server's" +fi echo "" fi exit 0 @@ -1290,6 +1303,7 @@ -e "[EMAIL PROTECTED]@%$suexec_uidmin%g" \ -e "[EMAIL PROTECTED]@%$suexec_gidmin%g" \ -e "[EMAIL PROTECTED]@%$suexec_safepath%g" \ +-e "[EMAIL PROTECTED]@%$
cvs commit: apache-1.3/src/support suexec.c
jim 99/06/21 17:51:44
Modified:.STATUS
htdocs/manual/mod core.html index.html mod_log_config.html
mod_rewrite.html
htdocs/manual/vhosts mass.html
src CHANGES Configuration.tmpl
src/include http_core.h httpd.h
src/main http_core.c http_main.c util_script.c
src/modules/standard mod_log_config.c mod_rewrite.c
src/support suexec.c
Added: htdocs/manual/mod mod_vhost_alias.html
src/modules/standard mod_vhost_alias.c
Log:
Submitted by: Tony Finch <[EMAIL PROTECTED]>
Reviewed by:Dean, Randy, Jim, Lars, Martin
Add the new mod_vhost_alias.c modules for better mass-hosting. This
has been used at Demon Internet with excellent results and basically
replaces the "old" method of using mod_rewrite. Big advantage is
that adding new vhosts can be done without restarting the server.
Revision ChangesPath
1.719 +1 -9 apache-1.3/STATUS
Index: STATUS
===
RCS file: /export/home/cvs/apache-1.3/STATUS,v
retrieving revision 1.718
retrieving revision 1.719
diff -u -r1.718 -r1.719
--- STATUS1999/06/21 21:41:37 1.718
+++ STATUS1999/06/22 00:51:21 1.719
@@ -1,5 +1,5 @@
1.3 STATUS:
- Last modified at [$Date: 1999/06/21 21:41:37 $]
+ Last modified at [$Date: 1999/06/22 00:51:21 $]
Release:
@@ -109,14 +109,6 @@
Ken -1 for pre-2.0 if it will: a) force a new release of
mod_perl or mod_php in order to maintain compatibility OR
b) require a version bump to 1.4.0 and a beta cycle
-
-* Tony Finch's patch to support mass virtual hosting
- Message-ID: <[EMAIL PROTECTED]>
- Message-ID: <[EMAIL PROTECTED]>
- Message-ID: <[EMAIL PROTECTED]>
- Status: Dean +1, Randy +1, Jim +1, Lars +1, Martin +1 (untested)
- Previous Status: Dean +1, Randy +1, Jim +1,
- Lars +1 (if someone writes the docs)
* Brian Havard's patch to remove dependency of mod_auth_dbm on mod_auth.
(PR#2598)
1.151 +7 -2 apache-1.3/htdocs/manual/mod/core.html
Index: core.html
===
RCS file: /export/home/cvs/apache-1.3/htdocs/manual/mod/core.html,v
retrieving revision 1.150
retrieving revision 1.151
diff -u -r1.150 -r1.151
--- core.html 1999/06/17 11:49:26 1.150
+++ core.html 1999/06/22 00:51:23 1.151
@@ -3109,8 +3109,7 @@
Default: UseCanonicalName on
-Context: server config, virtual host, directory,
.htaccess
-
+Context: server config, virtual host
Override: Options
@@ -3144,6 +3143,12 @@
for www and once again for www.domain.com).
But if UseCanonicalName is set off, then Apache will redirect
to http://www/splat/.
+
+There is a third option, UseCanonicalName DNS, which
+is intended for use with mass IP-based virtual hosting to support
+ancient clients that do not provide a Host: header. With
+this option Apache does a reverse DNS lookup on the server IP address
+that the client connected to in order to work out self-referential URLs.
Warning: if CGIs make assumptions about the values of
SERVER_NAME they may be broken by this option. The client
1.27 +2 -0 apache-1.3/htdocs/manual/mod/index.html
Index: index.html
===
RCS file: /export/home/cvs/apache-1.3/htdocs/manual/mod/index.html,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- index.html1998/04/03 16:07:14 1.26
+++ index.html1999/06/22 00:51:23 1.27
@@ -113,6 +113,8 @@
Generate unique request identifier for every request
mod_usertrack Apache 1.2 and up
User tracking using Cookies (replacement for mod_cookies.c)
+mod_vhost_alias Apache 1.3.7 and up
+Support for dynamically configured mass virtual hosting
1.34 +1 -0 apache-1.3/htdocs/manual/mod/mod_log_config.html
Index: mod_log_config.html
===
RCS file: /export/home/cvs/apache-1.3/htdocs/manual/mod/mod_log_config.html,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- mod_log_config.html 1999/05/16 23:39:42 1.33
+++ mod_log_config.html 1999/06/22 00:51:23 1.34
@@ -126,6 +126,7 @@
%...{FOOBAR}e: The contents of the environment variable FOOBAR
%...h: Remote host
%...a: Remote IP-address
+%...A: Local IP-address
%...{Foobar}i: The contents of Foobar: header line(s) in the request
sent to the server.
%...l: Remote logname (from identd, if supplied)
cvs commit: apache-1.3/src/support suexec.c
martin 99/02/21 12:36:45
Modified:src/support suexec.c
Log:
Use ap_execve() on platforms where exec() doesn support "#!"
Revision ChangesPath
1.50 +9 -0 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- suexec.c 1999/02/16 13:41:00 1.49
+++ suexec.c 1999/02/21 20:36:44 1.50
@@ -541,7 +541,16 @@
/*
* Execute the command, replacing our image with its own.
*/
+#ifdef NEED_HASHBANG_EMUL
+/* We need the #! emulation when we want to execute scripts */
+{
+ extern char **environ;
+
+ ap_execve(cmd, &argv[3], environ);
+}
+#else /*NEED_HASHBANG_EMUL*/
execv(cmd, &argv[3]);
+#endif /*NEED_HASHBANG_EMUL*/
/*
* (I can't help myself...sorry.)
cvs commit: apache-1.3/src/support suexec.c
martin 99/02/16 05:41:01
Modified:src/support suexec.c
Log:
Initialize Job Environment on BS2000
(not relevant for any other platform)
Revision ChangesPath
1.49 +27 -0 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- suexec.c 1999/01/01 19:05:35 1.48
+++ suexec.c 1999/02/16 13:41:00 1.49
@@ -341,6 +341,33 @@
actual_gname = strdup(target_gname);
}
+#ifdef _OSD_POSIX
+/*
+ * Initialize BS2000 user environment
+ */
+{
+ pid_t pid;
+ int status;
+
+ switch (pid = ufork(target_uname))
+ {
+ case -1:/* Error */
+ log_err("failed to setup bs2000 environment for user %s: %s\n",
+ target_uname, strerror(errno));
+ exit(150);
+ case 0: /* Child */
+ break;
+ default:/* Father */
+ while (pid != waitpid(pid, &status, 0))
+ ;
+ /* @@@ FIXME: should we deal with STOP signals as well? */
+ if (WIFSIGNALED(status))
+ kill (getpid(), WTERMSIG(status));
+ exit(WEXITSTATUS(status));
+ }
+}
+#endif /*_OSD_POSIX*/
+
/*
* Save these for later since initgroups will hose the struct
*/
cvs commit: apache-1.3/src/support suexec.c
coar98/12/17 06:58:57
Modified:src CHANGES
src/support suexec.c
Log:
fclose(NULL) isn't always a good idea.
Submitted by: Rick Franchuk <[EMAIL PROTECTED]>
Reviewed by: Ken Coar
Revision ChangesPath
1.1172+3 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1171
retrieving revision 1.1172
diff -u -r1.1171 -r1.1172
--- CHANGES 1998/12/16 15:57:26 1.1171
+++ CHANGES 1998/12/17 14:58:55 1.1172
@@ -1,5 +1,8 @@
Changes with Apache 1.3.4
+ *) Fixed problem of fclose() on an unopened file in suexec if LOG_EXEC
+ wasn't defined. [Rick Franchuk <[EMAIL PROTECTED]>]
+
*) Removed recently introduced bugs and disfigurements in APACI:
o fixed argument line processing: using $args was broken: It was not
initialized and using args="$args $apc_option" and even args="$args
1.47 +11 -5 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- suexec.c 1998/09/16 20:51:08 1.46
+++ suexec.c 1998/12/17 14:58:57 1.47
@@ -109,7 +109,7 @@
#define AP_ENVBUF 256
extern char **environ;
-static FILE *log;
+static FILE *log = NULL;
char *safe_env_lst[] =
{
@@ -500,10 +500,16 @@
/*
* Be sure to close the log file so the CGI can't
* mess with it. If the exec fails, it will be reopened
- * automatically when log_err is called.
- */
-fclose(log);
-log = NULL;
+ * automatically when log_err is called. Note that the log
+ * might not actually be open if LOG_EXEC isn't defined.
+ * However, the "log" cell isn't ifdef'd so let's be defensive
+ * and assume someone might have done something with it
+ * outside an ifdef'd LOG_EXEC block.
+ */
+if (log != NULL) {
+ fclose(log);
+ log = NULL;
+}
/*
* Execute the command, replacing our image with its own.
cvs commit: apache-1.3/src/support suexec.c
manoj 98/09/16 13:51:09
Modified:src/support suexec.c
Log:
Fix a missing semicolon
Revision ChangesPath
1.46 +1 -1 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- suexec.c 1998/09/10 09:23:59 1.45
+++ suexec.c 1998/09/16 20:51:08 1.46
@@ -211,7 +211,7 @@
sprintf(pathbuf, "PATH=%s", SAFE_PATH);
cleanenv[cidx] = strdup(pathbuf);
-cidx++
+cidx++;
for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
if (!strncmp(*ep, "HTTP_", 5)) {
cvs commit: apache-1.3/src/support suexec.c
rse 98/09/10 02:23:59
Modified:src CHANGES
src/support suexec.c
Log:
Fix possible buffer overflow situation in suexec.c.
PS: The PR#2790 provides a few more fixes for problematic
things in suexec.c. Because we have to be very carefully here, other
should review them, too. That's why I commit only some of the fixes from
this patch.
The other problem we _really_ have to fix is the docroot-check at line
428. But here the patch from the PR submitter seems to introduce a new
problem: It accesses cwd[dlen] which can be out of memory bounds. Here
memory bounds have to checked first.
So, I would appreciate when someothers look at PR#2790, please. At least
the docroot-check _has_ to be fixed by us! But correctly, i.e. without
introducing new problems, of course ;_)
Submitted by: Jeff Stewart <[EMAIL PROTECTED]>
Reviewed by: Ralf S. Engelschall
PR: 2790
Revision ChangesPath
1.1054+3 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1053
retrieving revision 1.1054
diff -u -r1.1053 -r1.1054
--- CHANGES 1998/09/10 08:58:40 1.1053
+++ CHANGES 1998/09/10 09:23:57 1.1054
@@ -1,5 +1,8 @@
Changes with Apache 1.3.2
+ *) Fix possible buffer overflow situation in suexec.c.
+ [Jeff Stewart <[EMAIL PROTECTED]>] PR#2790
+
*) Add some more LIBS for the SCO5 platform which are needed for the
already
used -lprot. It's actually a bug in SCO5, of course.
[Ronald Record <[EMAIL PROTECTED]>] PR#2533
1.45 +6 -4 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- suexec.c 1998/07/13 11:32:59 1.44
+++ suexec.c 1998/09/10 09:23:59 1.45
@@ -209,7 +209,11 @@
exit(120);
}
-for (ep = environ; *ep && cidx < AP_ENVBUF; ep++) {
+sprintf(pathbuf, "PATH=%s", SAFE_PATH);
+cleanenv[cidx] = strdup(pathbuf);
+cidx++
+
+for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) {
if (!strncmp(*ep, "HTTP_", 5)) {
cleanenv[cidx] = *ep;
cidx++;
@@ -226,9 +230,7 @@
}
}
-sprintf(pathbuf, "PATH=%s", SAFE_PATH);
-cleanenv[cidx] = strdup(pathbuf);
-cleanenv[++cidx] = NULL;
+cleanenv[cidx] = NULL;
environ = cleanenv;
}
cvs commit: apache-1.3/src/support suexec.c
coar98/07/07 16:19:24
Modified:src CHANGES
src/support suexec.c
Log:
Put back the bits that aren't controversial. :-)
Revision ChangesPath
1.950 +2 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.949
retrieving revision 1.950
diff -u -r1.949 -r1.950
--- CHANGES 1998/07/07 17:23:19 1.949
+++ CHANGES 1998/07/07 23:19:22 1.950
@@ -1,5 +1,7 @@
Changes with Apache 1.3.1
+ *) suexec's error messages have been clarified a little bit. [Ken Coar]
+
*) PORT: Apache is not 8-bit clean in many settings, a problem we're
aware of and intend to fix properly. But a temporary workaround
which should work for many folks is to tell the C compiler to use
1.43 +4 -4 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- suexec.c 1998/07/07 17:04:19 1.42
+++ suexec.c 1998/07/07 23:19:24 1.43
@@ -205,7 +205,7 @@
if ((cleanenv = (char **) calloc(AP_ENVBUF, sizeof(char *))) == NULL) {
- log_err("failed to malloc env mem\n");
+log_err("failed to malloc memory for environment\n");
exit(120);
}
@@ -283,12 +283,12 @@
#ifdef _OSD_POSIX
/* User name comparisons are case insensitive on BS2000/OSD */
if (strcasecmp(HTTPD_USER, pw->pw_name)) {
- log_err("user mismatch (%s)\n", pw->pw_name);
+log_err("user mismatch (%s instead of %s)\n", pw->pw_name,
HTTPD_USER);
exit(103);
}
#else /*_OSD_POSIX*/
if (strcmp(HTTPD_USER, pw->pw_name)) {
- log_err("user mismatch (%s)\n", pw->pw_name);
+log_err("user mismatch (%s instead of %s)\n", pw->pw_name,
HTTPD_USER);
exit(103);
}
#endif /*_OSD_POSIX*/
@@ -350,7 +350,7 @@
* Log the transaction here to be sure we have an open log
* before we setuid().
*/
-log_err("uid: (%s/%s) gid: (%s/%s) %s\n",
+log_err("uid: (%s/%s) gid: (%s/%s) cmd: %s\n",
target_uname, actual_uname,
target_gname, actual_gname,
cmd);
Re: cvs commit: apache-1.3/src/support suexec.c
Yes, there was a PR on this, #2250. It has been closed, but the message was excessively cryptic and didn't help, so I was making it a little more meaningful. I was going to address Marc's concerns to-night. Please restore 1.40, and stop reverting other people's work without checking with them first - particularly when, as you indicated in your commit message, you're not familiar with the issues. #kenP-|}
cvs commit: apache-1.3/src/support suexec.c
dgaudet 98/07/07 10:04:20
Modified:src/support suexec.c
Log:
How can suexec have too few arguments? Apache invokes it. If that
error ever occurs then it's a bug in Apache, and we can put debugging
code in then. I can't see how Apache would ever make this mistake by
inspecting the code in util_script.c. Is there a PR or something that
reported this as a bug??
Reverting to 1.39.
Revision ChangesPath
1.42 +5 -39 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- suexec.c 1998/07/01 10:34:20 1.41
+++ suexec.c 1998/07/07 17:04:19 1.42
@@ -72,7 +72,6 @@
*/
#include "conf.h"
-#include "ap.h"
#include
#include
#include
@@ -206,7 +205,7 @@
if ((cleanenv = (char **) calloc(AP_ENVBUF, sizeof(char *))) == NULL) {
- log_err("failed to malloc memory for environment\n");
+ log_err("failed to malloc env mem\n");
exit(120);
}
@@ -259,40 +258,7 @@
*/
prog = argv[0];
if (argc < 4) {
-char msgbuf[2048];
- int i;
- int clen;
- static char *omsg = " {buffer overflow}";
- int olen = strlen(omsg);
-
- ap_snprintf(msgbuf, sizeof(msgbuf), "too few (%d) arguments:", argc);
- clen = strlen(msgbuf);
- for (i = 0; i < argc; i++) {
- int alen = strlen(argv[i]) + 4;
- int rlen = sizeof(msgbuf) - clen - 1;
- int oflow = (alen > rlen);
-
- alen = oflow ? rlen : alen;
- if (rlen > 1) {
- msgbuf[clen++] = ' ';
- alen--;
- }
- if (rlen > 2) {
- msgbuf[clen++] = '[';
- alen--;
- }
- ap_cpystrn(&msgbuf[clen], argv[i], alen);
- if (oflow) {
- ap_cpystrn(&msgbuf[sizeof(msgbuf) - olen - 1], omsg, olen + 1);
- break;
- }
- else {
- clen += alen - 2;
- msgbuf[clen++] = ']';
- msgbuf[clen] = '\0';
- }
- }
- log_err("%s\n", msgbuf);
+ log_err("too few arguments\n");
exit(101);
}
target_uname = argv[1];
@@ -317,12 +283,12 @@
#ifdef _OSD_POSIX
/* User name comparisons are case insensitive on BS2000/OSD */
if (strcasecmp(HTTPD_USER, pw->pw_name)) {
- log_err("user mismatch (%s instead of %s)\n", pw->pw_name, HTTPD_USER);
+ log_err("user mismatch (%s)\n", pw->pw_name);
exit(103);
}
#else /*_OSD_POSIX*/
if (strcmp(HTTPD_USER, pw->pw_name)) {
- log_err("user mismatch (%s instead of %s)\n", pw->pw_name, HTTPD_USER);
+ log_err("user mismatch (%s)\n", pw->pw_name);
exit(103);
}
#endif /*_OSD_POSIX*/
@@ -384,7 +350,7 @@
* Log the transaction here to be sure we have an open log
* before we setuid().
*/
-log_err("uid: (%s/%s) gid: (%s/%s) cmd: %s\n",
+log_err("uid: (%s/%s) gid: (%s/%s) %s\n",
target_uname, actual_uname,
target_gname, actual_gname,
cmd);
cvs commit: apache-1.3/src/support suexec.c
coar98/07/01 03:34:21
Modified:src/support suexec.c
Log:
Redo the 'too few arguments' error reporting in a way that doesn't
do excessive unsafe string copying (which Marc pointed out was a
flaw in the last edit).
Revision ChangesPath
1.41 +27 -1 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- suexec.c 1998/06/20 11:07:38 1.40
+++ suexec.c 1998/07/01 10:34:20 1.41
@@ -261,10 +261,36 @@
if (argc < 4) {
char msgbuf[2048];
int i;
+ int clen;
+ static char *omsg = " {buffer overflow}";
+ int olen = strlen(omsg);
ap_snprintf(msgbuf, sizeof(msgbuf), "too few (%d) arguments:", argc);
+ clen = strlen(msgbuf);
for (i = 0; i < argc; i++) {
- ap_snprintf(msgbuf, sizeof(msgbuf), "%s [%s]", msgbuf, argv[i]);
+ int alen = strlen(argv[i]) + 4;
+ int rlen = sizeof(msgbuf) - clen - 1;
+ int oflow = (alen > rlen);
+
+ alen = oflow ? rlen : alen;
+ if (rlen > 1) {
+ msgbuf[clen++] = ' ';
+ alen--;
+ }
+ if (rlen > 2) {
+ msgbuf[clen++] = '[';
+ alen--;
+ }
+ ap_cpystrn(&msgbuf[clen], argv[i], alen);
+ if (oflow) {
+ ap_cpystrn(&msgbuf[sizeof(msgbuf) - olen - 1], omsg, olen + 1);
+ break;
+ }
+ else {
+ clen += alen - 2;
+ msgbuf[clen++] = ']';
+ msgbuf[clen] = '\0';
+ }
}
log_err("%s\n", msgbuf);
exit(101);
cvs commit: apache-1.3/src/support suexec.c
coar98/06/18 12:06:57
Modified:src/support suexec.c
Log:
A wee bit of cleanup (cosmetic only).
Revision ChangesPath
1.39 +8 -7 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /export/home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- suexec.c 1998/04/21 20:14:06 1.38
+++ suexec.c 1998/06/18 19:06:56 1.39
@@ -161,12 +161,13 @@
time_t timevar;
struct tm *lt;
-if (!log)
+if (!log) {
if ((log = fopen(LOG_EXEC, "a")) == NULL) {
fprintf(stderr, "failed to open log file\n");
perror("fopen");
exit(1);
}
+}
time(&timevar);
lt = localtime(&timevar);
@@ -215,7 +216,8 @@
}
else {
for (idx = 0; safe_env_lst[idx]; idx++) {
- if (!strncmp(*ep, safe_env_lst[idx],
strlen(safe_env_lst[idx]))) {
+ if (!strncmp(*ep, safe_env_lst[idx],
+ strlen(safe_env_lst[idx]))) {
cleanenv[cidx] = *ep;
cidx++;
break;
@@ -239,8 +241,8 @@
char *target_uname; /* target user name */
char *target_gname; /* target group name */
char *target_homedir;/* target home directory */
-char *actual_uname; /* actual user name*/
-char *actual_gname; /* actual group name */
+char *actual_uname; /* actual user name */
+char *actual_gname; /* actual group name */
char *prog; /* name of this program */
char *cmd; /* command to be executed*/
char cwd[AP_MAXPATH];/* current working directory */
@@ -250,8 +252,6 @@
struct stat dir_info;/* directory info holder */
struct stat prg_info;/* program info holder */
-
-
/*
* If there are a proper number of arguments, set
* all of them to variables. Otherwise, error out.
@@ -476,7 +476,8 @@
(gid != dir_info.st_gid) ||
(uid != prg_info.st_uid) ||
(gid != prg_info.st_gid)) {
- log_err("target uid/gid (%ld/%ld) mismatch with directory (%ld/%ld) or
program (%ld/%ld)\n",
+ log_err("target uid/gid (%ld/%ld) mismatch "
+ "with directory (%ld/%ld) or program (%ld/%ld)\n",
uid, gid,
dir_info.st_uid, dir_info.st_gid,
prg_info.st_uid, prg_info.st_gid);
cvs commit: apache-1.3/src/support suexec.c
martin 98/03/20 03:33:02
Modified:src/support suexec.c
Log:
Add the same conditions for initgroups() existance as we use in apache's
conf.h;
Add case insensitivity for BS2000's user name comparison (yes, that's how it
is);
Add an error message if the executable isn't executable.
Revision ChangesPath
1.36 +18 -1 apache-1.3/src/support/suexec.c
Index: suexec.c
===
RCS file: /home/cvs/apache-1.3/src/support/suexec.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -u -r1.35 -r1.36
--- suexec.c 1998/03/19 09:56:43 1.35
+++ suexec.c 1998/03/20 11:33:00 1.36
@@ -94,7 +94,7 @@
***
*/
-#if defined(QNX)
+#if defined(QNX) || defined(_OSD_POSIX) || defined(MPE) || defined(SCO) ||
defined(BEOS)
int initgroups(const char *name, gid_t basegid)
{
/* QNX and MPE do not appear to support supplementary groups. */
@@ -284,10 +284,18 @@
* is the user allowed to do so as defined in
* suexec.h. If not the allowed user, error out.
*/
+#ifdef _OSD_POSIX
+/* User name comparisons are case insensitive on BS2000/OSD */
+if (strcasecmp(HTTPD_USER, pw->pw_name)) {
+ log_err("user mismatch (%s)\n", pw->pw_name);
+ exit(103);
+}
+#else /*_OSD_POSIX*/
if (strcmp(HTTPD_USER, pw->pw_name)) {
log_err("user mismatch (%s)\n", pw->pw_name);
exit(103);
}
+#endif /*_OSD_POSIX*/
/*
* Check for a leading '/' (absolute path) in the command to be executed,
@@ -477,6 +485,15 @@
dir_info.st_uid, dir_info.st_gid,
prg_info.st_uid, prg_info.st_gid);
exit(120);
+}
+/*
+ * Error out if the program is not executable for the user.
+ * Otherwise, she won't find any error in the logs except for
+ * "[error] Premature end of script headers: ..."
+ */
+if (!(prg_info.st_mode & S_IXUSR)) {
+ log_err("file has no execute permission: (%s/%s)\n", cwd, cmd);
+ exit(121);
}
clean_env();
