cvs commit: apache-1.3/src/os/bs2000 bs2login.c ebcdic.c
martin 99/12/09 04:10:12
Modified:src/os/bs2000 bs2login.c ebcdic.c
Log:
First cut at using the CRLF macro changes of Gil's patch.
Next step is replacement of all xxx_strictly stuff by xxx
(and renaming the os_toascii_strictly[] table to os_toascii[])
Revision ChangesPath
1.13 +0 -1 apache-1.3/src/os/bs2000/bs2login.c
Index: bs2login.c
===
RCS file: /export/home/cvs/apache-1.3/src/os/bs2000/bs2login.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- bs2login.c1999/07/26 07:46:55 1.12
+++ bs2login.c1999/12/09 12:10:11 1.13
@@ -192,7 +192,6 @@
{
_rini_structinittask;
charusername[USER_LEN+1];
-int save_errno;
bs2_ForkTypetype = os_forktype();
/* We can be sure that no change to uid==0 is possible because of
1.12 +1 -1 apache-1.3/src/os/bs2000/ebcdic.c
Index: ebcdic.c
===
RCS file: /export/home/cvs/apache-1.3/src/os/bs2000/ebcdic.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- ebcdic.c 1999/11/24 17:12:19 1.11
+++ ebcdic.c 1999/12/09 12:10:12 1.12
@@ -235,7 +235,7 @@
const unsigned char *usrce = srce;
while (count-- != 0) {
-*udest++ = os_toascii[*usrce++];
+*udest++ = os_toascii_strictly[*usrce++];
}
}
void
cvs commit: apache-1.3/src/os/bs2000 bs2login.c
martin 99/07/26 00:21:37
Modified:src/os/bs2000 bs2login.c
Log:
When BS2000 ufork() fails because of EPERM, there's no use in retrying.
Bail out.
Revision ChangesPath
1.10 +12 -0 apache-1.3/src/os/bs2000/bs2login.c
Index: bs2login.c
===
RCS file: /export/home/cvs/apache-1.3/src/os/bs2000/bs2login.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- bs2login.c1999/01/28 18:27:21 1.9
+++ bs2login.c1999/07/26 07:21:36 1.10
@@ -255,6 +255,7 @@
pid_t os_fork(const char *user)
{
pid_t pid;
+char username[USER_LEN+1];
switch (os_forktype()) {
case bs2_FORK:
@@ -267,7 +268,18 @@
break;
case bs2_UFORK:
+ ap_cpystrn(username, user, sizeof username);
+
+ /* Make user name all upper case - for some versions of ufork() */
+ ap_str_toupper(username);
+
pid = ufork(user);
+ if (pid == -1 errno == EPERM) {
+ ap_log_error(APLOG_MARK, APLOG_EMERG,
+ NULL, ufork: Possible mis-configuration
+ for user %s - Aborting., user);
+ clean_parent_exit(1);
+ }
break;
default:
cvs commit: apache-1.3/src/os/bs2000 bs2login.c
martin 99/07/26 00:23:52
Modified:src/os/bs2000 bs2login.c
Log:
Oops - an oversight.
Revision ChangesPath
1.11 +1 -1 apache-1.3/src/os/bs2000/bs2login.c
Index: bs2login.c
===
RCS file: /export/home/cvs/apache-1.3/src/os/bs2000/bs2login.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- bs2login.c1999/07/26 07:21:36 1.10
+++ bs2login.c1999/07/26 07:23:49 1.11
@@ -273,7 +273,7 @@
/* Make user name all upper case - for some versions of ufork() */
ap_str_toupper(username);
- pid = ufork(user);
+ pid = ufork(username);
if (pid == -1 errno == EPERM) {
ap_log_error(APLOG_MARK, APLOG_EMERG,
NULL, ufork: Possible mis-configuration
cvs commit: apache-1.3/src/os/bs2000 bs2login.c
martin 99/07/26 00:46:56 Modified:src/os/bs2000 bs2login.c Log: Another oops - of course clean_parent_exit is only available in http_main.c Revision ChangesPath 1.12 +1 -1 apache-1.3/src/os/bs2000/bs2login.c Index: bs2login.c === RCS file: /export/home/cvs/apache-1.3/src/os/bs2000/bs2login.c,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- bs2login.c1999/07/26 07:23:49 1.11 +++ bs2login.c1999/07/26 07:46:55 1.12 @@ -278,7 +278,7 @@ ap_log_error(APLOG_MARK, APLOG_EMERG, NULL, ufork: Possible mis-configuration for user %s - Aborting., user); - clean_parent_exit(1); + exit(1); } break;
cvs commit: apache-1.3/src/os/bs2000 bs2login.c
martin 99/01/28 10:27:21
Modified:src CHANGES
src/main http_main.c
src/os/bs2000 bs2login.c
Log:
BS2000 only: Adapt to the new ufork() system call interface which will
make subtasking easier on the OSD/POSIX mainframe environment.
Revision ChangesPath
1.1227+4 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1226
retrieving revision 1.1227
diff -u -r1.1226 -r1.1227
--- CHANGES 1999/01/28 09:24:56 1.1226
+++ CHANGES 1999/01/28 18:27:17 1.1227
@@ -1,5 +1,9 @@
Changes with Apache 1.3.5
+ *) BS2000: Adapt to the new ufork() system call interface which will
+ make subtasking easier on the OSD/POSIX mainframe environment.
+ [Martin Kraemer]
+
*) Add a compatibility define for escape_uri() - ap_escape_uri() to
ap_compat.h. [David White [EMAIL PROTECTED]] PR#3725
1.420 +1 -1 apache-1.3/src/main/http_main.c
Index: http_main.c
===
RCS file: /export/home/cvs/apache-1.3/src/main/http_main.c,v
retrieving revision 1.419
retrieving revision 1.420
diff -u -r1.419 -r1.420
--- http_main.c 1999/01/08 08:48:46 1.419
+++ http_main.c 1999/01/28 18:27:19 1.420
@@ -3935,7 +3935,7 @@
if ((pid = fork()) == -1) {
#else /*_OSD_POSIX*/
/* BS2000 requires a special version of fork() before a setuid() call
*/
-if ((pid = os_fork()) == -1) {
+if ((pid = os_fork(ap_user_name)) == -1) {
#endif /*_OSD_POSIX*/
ap_log_error(APLOG_MARK, APLOG_ERR, s, fork: Unable to fork new
process);
1.9 +115 -72 apache-1.3/src/os/bs2000/bs2login.c
Index: bs2login.c
===
RCS file: /export/home/cvs/apache-1.3/src/os/bs2000/bs2login.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- bs2login.c1999/01/01 19:05:27 1.8
+++ bs2login.c1999/01/28 18:27:21 1.9
@@ -66,6 +66,17 @@
#define USER_LEN 8
static const char *bs2000_account = NULL;
+typedef enum
+{
+bs2_unknown, /* not initialized yet. */
+bs2_noFORK, /* no fork() because -X flag was specified */
+bs2_FORK,/* only fork() because uid != 0 */
+bs2_FORK_RINI, /* prior to A17, regular fork() and _rini() was used. */
+bs2_RFORK_RINI, /* for A17, use of _rfork() and _rini() was required */
+bs2_UFORK/* As of A18, the new ufork() is used. */
+} bs2_ForkType;
+
+static bs2_ForkType forktype = bs2_unknown;
static void ap_pad(char *dest, size_t size, char ch)
@@ -86,6 +97,75 @@
}
}
+/* Determine the method for forking off a child in such a way as to
+ * set both the POSIX and BS2000 user id's to the unprivileged user.
+ */
+static bs2_ForkType os_forktype(void)
+{
+struct utsname os_version;
+
+/* have we checked the OS version before? If yes return the previous
+ * result - the OS release isn't going to change suddenly!
+ */
+if (forktype != bs2_unknown) {
+ return forktype;
+}
+
+/* If the user is unprivileged, use the normal fork() only. */
+if (getuid() != 0) {
+ return forktype = bs2_FORK;
+}
+
+if (uname(os_version) 0)
+{
+ ap_log_error(APLOG_MARK, APLOG_ALERT, NULL,
+ uname() failed - aborting.);
+ exit(APEXIT_CHILDFATAL);
+}
+
+/*
+ * Old BS2000/OSD versions (before XPG4 SPEC1170) don't work with Apache.
+ * Anyway, simply return a fork().
+ */
+if (strcmp(os_version.release, 01.0A) == 0 ||
+ strcmp(os_version.release, 02.0A) == 0 ||
+ strcmp(os_version.release, 02.1A) == 0)
+{
+ ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, NULL,
+ Error: unsupported OS version.
+ You may encounter problems.);
+ forktype = bs2_FORK;
+}
+
+/* The following versions are special:
+ * OS versions before A17 needs regular fork() and _rini().
+ * A17 requires _rfork() and _rini(),
+ * and later versions need ufork().
+ */
+else if (strcmp(os_version.release, 01.1A) == 0 ||
+ strcmp(os_version.release, 03.0A) == 0 ||
+ strcmp(os_version.release, 03.1A) == 0 ||
+ strcmp(os_version.release, 04.0A) == 0)
+{
+if (strcmp (os_version.version, A18) = 0)
+forktype = bs2_UFORK;
+
+ else if (strcmp (os_version.version, A17) 0)
+forktype = bs2_FORK_RINI;
+
+ else
+ forktype = bs2_RFORK_RINI;
+}
+
+/* All later OS versions will hopefully use ufork()
cvs commit: apache-1.3/src/os/bs2000 bs2login.c
martin 98/12/23 03:17:21
Modified:src/os/bs2000 bs2login.c
Log:
Use regular fork() when calling user is not root.
Revision ChangesPath
1.7 +10 -1 apache-1.3/src/os/bs2000/bs2login.c
Index: bs2login.c
===
RCS file: /export/home/cvs/apache-1.3/src/os/bs2000/bs2login.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- bs2login.c1998/10/28 19:26:25 1.6
+++ bs2login.c1998/12/23 11:17:21 1.7
@@ -194,9 +194,18 @@
{
struct utsname os_version;
+/*
+ * When we run as a normal user (and bypass setuid() and _rini()),
+ * we use the regular fork().
+ */
+if (getuid() != 0) {
+ return fork();
+}
+
if (uname(os_version) = 0)
{
- /* Old versions (before XPG4 SPEC1170) don't work with Apache
+ /*
+ * Old versions (before XPG4 SPEC1170) don't work with Apache
* and they require a fork(), not a _rfork()
*/
if (strcmp(os_version.release, 01.0A) == 0 ||
cvs commit: apache-1.3/src/os/bs2000 bs2login.c
martin 98/05/04 09:22:12
Added: src/os/bs2000 bs2login.c
Log:
BS2000 needs an extra authentication phase (beside setuid()) for changing the
permissions to the un-privileged user account
Revision ChangesPath
1.1 apache-1.3/src/os/bs2000/bs2login.c
Index: bs2login.c
===
/*
* Copyright (c) 1995-1998 The Apache Group. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
*notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
*notice, this list of conditions and the following disclaimer in
*the documentation and/or other materials provided with the
*distribution.
*
* 3. All advertising materials mentioning features or use of this
*software must display the following acknowledgment:
*This product includes software developed by the Apache Group
*for use in the Apache HTTP server project (http://www.apache.org/).
*
* 4. The names Apache Server and Apache Group must not be used to
*endorse or promote products derived from this software without
*prior written permission. For written permission, please contact
*[EMAIL PROTECTED]
*
* 5. Products derived from this software may not be called Apache
*nor may Apache appear in their names without prior written
*permission of the Apache Group.
*
* 6. Redistributions of any form whatsoever must retain the following
*acknowledgment:
*This product includes software developed by the Apache Group
*for use in the Apache HTTP server project (http://www.apache.org/).
*
* THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Group and was originally based
* on public domain software written at the National Center for
* Supercomputing Applications, University of Illinois, Urbana-Champaign.
* For more information on the Apache Group and the Apache HTTP server
* project, please see http://www.apache.org/.
*
*/
#ifdef _OSD_POSIX
#include httpd.h
#include http_config.h
#include http_log.h
static const char *bs2000_authfile = NULL;
/* This routine is called by http_core for the BS2000AuthFile directive */
/* It stores the file name (after a quick check for validity) for later use */
const char *os_set_authfile(pool *p, const char *name)
{
struct stat stbuf;
char *filename;
filename = ap_server_root_relative(p, name);
/* auth file must exist */
if (stat(filename, stbuf) != 0) {
return ap_pstrcat(p, Unable to access bs2000 auth file ,
filename, NULL);
exit(1);
}
/* auth file must be owned by root, and not readable/writable by everyone
else */
if (stbuf.st_uid != 0) {
return ap_pstrcat(p, BS2000 auth file , filename,
is not owned by SYSROOT -
change owner!, NULL);
}
if (stbuf.st_mode (S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH)) {
return ap_pstrcat(p, BS2000 auth file , filename,
is readable/writable by others -
check permissions!, NULL);
}
bs2000_authfile = filename;
return NULL;
}
int os_init_job_environment(server_rec *server, const char *user_name)
{
_checkuser_struct chk_usr;
_rini_structinittask;
struct {
char username[8+1]; /* Length of a user name including \0 */
char password[8+1]; /* Length of a password including \0 */
char account [8+1]; /* Length of a account number including \0 */
cvs commit: apache-1.3/src/os/bs2000 bs2login.c
martin 98/05/04 15:18:24
Modified:src/os/bs2000 bs2login.c
Log:
Use new error-propagating APEXIT_CHILDFATAL exit code
Revision ChangesPath
1.2 +6 -6 apache-1.3/src/os/bs2000/bs2login.c
Index: bs2login.c
===
RCS file: /home/cvs/apache-1.3/src/os/bs2000/bs2login.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -u -r1.1 -r1.2
--- bs2login.c1998/05/04 16:22:12 1.1
+++ bs2login.c1998/05/04 22:18:24 1.2
@@ -76,7 +76,7 @@
if (stat(filename, stbuf) != 0) {
return ap_pstrcat(p, Unable to access bs2000 auth file ,
filename, NULL);
- exit(1);
+ exit(APEXIT_CHILDFATAL);
}
/* auth file must be owned by root, and not readable/writable by
everyone else */
@@ -126,14 +126,14 @@
Use the 'BS2000AuthFile passwdfile' directive to
specify
an authorization file for User %s,
user_name);
- exit(1);
+ exit(APEXIT_CHILDFATAL);
}
if ((pwfile = fopen(bs2000_authfile, r)) == NULL) {
ap_log_error(APLOG_MARK, APLOG_ALERT, server,
Unable to open bs2000 auth file %s for User %s,
bs2000_authfile, user_name);
- exit(1);
+ exit(APEXIT_CHILDFATAL);
}
if (fgets(lcl_data.password, sizeof lcl_data.password, pwfile) == NULL
@@ -141,7 +141,7 @@
ap_log_error(APLOG_MARK, APLOG_ALERT|APLOG_NOERRNO, server,
Unable ro read BS2000 auth file %s,
bs2000_authfile);
- exit(1);
+ exit(APEXIT_CHILDFATAL);
}
fclose(pwfile);
@@ -156,7 +156,7 @@
if(_checkuser(chk_usr) != 0) {
ap_log_error(APLOG_MARK, APLOG_ALERT, server,
_checkuser: BS2000 auth failed for user %s,
chk_usr.username);
- exit(1);
+ exit(APEXIT_CHILDFATAL);
}
inittask.username = chk_usr.username;
@@ -170,7 +170,7 @@
ap_log_error(APLOG_MARK, APLOG_ALERT, server,
_rini: BS2000 auth failed for user %s,
inittask.username);
- exit(1);
+ exit(APEXIT_CHILDFATAL);
}
/*ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, server,
