add clear_env option to FPM config

This makes it possible to leave the envoronment as is on startup and
pass all the variables to the workers.
The default value of clear_env is "yes", preserving previous behaviour.
Patch by Paul Annesley.

diff --git a/sapi/fpm/fpm/fpm_conf.c b/sapi/fpm/fpm/fpm_conf.c
index cd5fc34d0f2d0e7b80e11fb32e4314033c297d7a..688c6402505e5b2986f865edfb68500357b1d393 100644 (file)
--- a/sapi/fpm/fpm/fpm_conf.c
+++ b/sapi/fpm/fpm/fpm_conf.c
@@ -148,6 +148,7 @@ static struct ini_value_parser_s ini_fpm_pool_options[] = {
        { "chroot",                    &fpm_conf_set_string,      WPO(chroot) },
        { "chdir",                     &fpm_conf_set_string,      WPO(chdir) },
        { "catch_workers_output",      &fpm_conf_set_boolean,     WPO(catch_workers_output) },
+       { "clear_env",                 &fpm_conf_set_boolean,     WPO(clear_env) },
        { "security.limit_extensions", &fpm_conf_set_string,      WPO(security_limit_extensions) },
        { 0, 0, 0 }
 };
@@ -603,6 +604,7 @@ static void *fpm_worker_pool_config_alloc() /* {{{ */
        wp->config->listen_backlog = FPM_BACKLOG_DEFAULT;
        wp->config->pm_process_idle_timeout = 10; /* 10s by default */
        wp->config->process_priority = 64; /* 64 means unset */
+       wp->config->clear_env = 1;
 
        if (!fpm_worker_all_pools) {
                fpm_worker_all_pools = wp;
@@ -1600,6 +1602,7 @@ static void fpm_conf_dump() /* {{{ */
                zlog(ZLOG_NOTICE, "\tchroot = %s",                     STR2STR(wp->config->chroot));
                zlog(ZLOG_NOTICE, "\tchdir = %s",                      STR2STR(wp->config->chdir));
                zlog(ZLOG_NOTICE, "\tcatch_workers_output = %s",       BOOL2STR(wp->config->catch_workers_output));
+               zlog(ZLOG_NOTICE, "\tclear_env = %s",                  BOOL2STR(wp->config->clear_env));
                zlog(ZLOG_NOTICE, "\tsecurity.limit_extensions = %s",  wp->config->security_limit_extensions);
 
                for (kv = wp->config->env; kv; kv = kv->next) {

diff --git a/sapi/fpm/fpm/fpm_conf.h b/sapi/fpm/fpm/fpm_conf.h
index efd65dc6d9d70f83ce469db6a5b14de35b1694a7..19bd7ff1f8066ad782be28a9a527dfccd82771b4 100644 (file)
--- a/sapi/fpm/fpm/fpm_conf.h
+++ b/sapi/fpm/fpm/fpm_conf.h
@@ -83,6 +83,7 @@ struct fpm_worker_pool_config_s {
        char *chroot;
        char *chdir;
        int catch_workers_output;
+       int clear_env;
        char *security_limit_extensions;
        struct key_value_s *env;
        struct key_value_s *php_admin_values;

diff --git a/sapi/fpm/fpm/fpm_env.c b/sapi/fpm/fpm/fpm_env.c
index 6b64fedfec47c9537440d9e9df9a7082a68fff54..2ff0bdc0e4bcfad1994a9f507bc68c0759e26f6e 100644 (file)
--- a/sapi/fpm/fpm/fpm_env.c
+++ b/sapi/fpm/fpm/fpm_env.c
@@ -143,7 +143,9 @@ int fpm_env_init_child(struct fpm_worker_pool_s *wp) /* {{{ */
        fpm_env_setproctitle(title);
        efree(title);
 
-       clearenv();
+       if (wp->config->clear_env) {
+               clearenv();
+       }
 
        for (kv = wp->config->env; kv; kv = kv->next) {
                setenv(kv->key, kv->value, 1);

diff --git a/sapi/fpm/php-fpm.conf.in b/sapi/fpm/php-fpm.conf.in
index 9002a2933bb26a300443f11ff6ea02d91893f7c2..ab03736bebba2f05e07d5df03be05cfe0b39f754 100644 (file)
--- a/sapi/fpm/php-fpm.conf.in
+++ b/sapi/fpm/php-fpm.conf.in
@@ -475,6 +475,15 @@ pm.max_spare_servers = 3
 ; Default Value: no
 ;catch_workers_output = yes
 
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
 ; Limits the extensions of the main script FPM will allow to parse. This can
 ; prevent configuration mistakes on the web server side. You should only limit
 ; FPM to .php extensions to prevent malicious users to use other extensions to