Improvements to handling of return codes from apr_proc_wait.

diff --git a/mod_authnz_external/CHANGES b/mod_authnz_external/CHANGES
index ca2b2c50a9a1ae5f4dc265da6f175f747106df0a..eb30cc21f09c4fcd6ee1476c22802c2358614744 100644 (file)
--- a/mod_authnz_external/CHANGES
+++ b/mod_authnz_external/CHANGES
@@ -1,10 +1,13 @@
 v3.2.4   (Jan Wolter - May 15, 2009)
 -----------------------------------------------
+ * Dropped the radius code from the distribution, because of possible problems
+   with it's license.
  * Modified AuthExternal directive to be able to take more than one
    authenticator name.  If more than one is defined, then each authenticator
    is run in turn, until one succeeds or all have failed.  Probably a similar
    change should be made to GroupExternal, but it hasn't been done yet because
    it's a more complex change and nobody has asked for it.
+ * Clean-up of handling of return codes from apr_proc_wait().
 
 v3.2.3   (Jan Wolter - Feb 26, 2009)
 -----------------------------------------------

diff --git a/mod_authnz_external/mod_authnz_external.c b/mod_authnz_external/mod_authnz_external.c
index 867ee4f3ee5f02afa484cdf924be3de4cfa1d658..9ed273840c661ee1ba4cf80284e1b68df3601873 100644 (file)
--- a/mod_authnz_external/mod_authnz_external.c
+++ b/mod_authnz_external/mod_authnz_external.c
@@ -413,13 +413,15 @@ static void extchilderr(apr_pool_t *p, apr_status_t err, const char *desc)
  * a detached daemon, run this with extmethod=NULL.
  *
  * If the authenticator was run, we return the numeric code from the
- * authenticator, normally 0 for if the log was valid, some small positive
+ * authenticator, normally 0 if the login was valid, some small positive
  * number if not.  If we were not able to run the authenticator, we log
  * an error message and return a numeric error code:
  *
  *   -1   Could not execute authenticator, usually a path or permission problem
  *   -2   The external authenticator crashed or was killed.
  *   -3   Could not create process attribute structure
+ *   -4   apr_proc_wait() did not return a status code.  Should never happen.
+ *   -5   apr_proc_wait() returned before child finished.  Should never happen.
  */
 
 static int exec_external(const char *extpath, const char *extmethod,
@@ -434,8 +436,8 @@ static int exec_external(const char *extpath, const char *extmethod,
     char *child_env[12];
     char *child_arg[MAX_ARG+2];
     const char *t;
-    int i, status;
-    apr_exit_why_e why;
+    int i, status= -4;
+    apr_exit_why_e why= APR_PROC_EXIT;
 
     /* Set various flags based on the execution method */
 
@@ -564,8 +566,14 @@ static int exec_external(const char *extpath, const char *extmethod,
        apr_file_close(proc.in);
     }
 
-    apr_proc_wait(&proc, &status, &why, APR_WAIT);
-    if (why != APR_PROC_EXIT)
+    if (!APR_STATUS_IS_CHILD_DONE(apr_proc_wait(&proc,&status,&why,APR_WAIT)))
+    {
+       /* Should never happen */
+       ap_log_rerror(APLOG_MARK, APLOG_ERR, rc, r,
+               "Error waiting for external authenticator");
+       return -5;
+    }
+    if (!APR_PROC_CHECK_EXIT(why))
     {
        ap_log_rerror(APLOG_MARK, APLOG_ERR, rc, r,
                "External authenticator died on signal %d",status);