From 3aad7838ad1c36569a478206f7793ba610663d19 Mon Sep 17 00:00:00 2001 From: Ryan Bloom Date: Mon, 1 Apr 2002 03:37:21 +0000 Subject: [PATCH] Make perchild work with the new bucket_allocation API. Also, allow the Perchild directives to take both numerical UID/GID and the logical user name/group name. PR: 9784 Submitted by: named UID/GID logic: Scott Lamb git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94352 13f79535-47bb-0310-9956-ffa450edef68 --- server/mpm/experimental/perchild/perchild.c | 35 +++++++++++++++------ server/mpm/perchild/perchild.c | 35 +++++++++++++++------ 2 files changed, 52 insertions(+), 18 deletions(-) diff --git a/server/mpm/experimental/perchild/perchild.c b/server/mpm/experimental/perchild/perchild.c index 2c94c05726..7b976804c0 100644 --- a/server/mpm/experimental/perchild/perchild.c +++ b/server/mpm/experimental/perchild/perchild.c @@ -537,7 +537,8 @@ int ap_graceful_stop_signalled(void) * Child process main loop. */ -static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id) +static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id, + apr_bucket_alloc_t *bucket_alloc) { conn_rec *current_conn; int csd; @@ -564,7 +565,8 @@ static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id) } ap_create_sb_handle(&sbh, p, conn_id / thread_limit, thread_num); - current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, sbh); + current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, + sbh, bucket_alloc); if (current_conn) { ap_process_connection(current_conn, sock); ap_lingering_close(current_conn); @@ -658,6 +660,7 @@ static void *worker_thread(apr_thread_t *thd, void *arg) ap_listen_rec *lr; int n; apr_socket_t *childsock = NULL; + apr_bucket_alloc_t *bucket_alloc; apr_lock_acquire(thread_pool_parent_mutex); apr_pool_create(&tpool, thread_pool_parent); @@ -668,6 +671,8 @@ static void *worker_thread(apr_thread_t *thd, void *arg) SERVER_STARTING, (request_rec *) NULL); + bucket_alloc = apr_bucket_alloc_create(apr_thread_pool_get(thd)); + apr_poll_setup(&pollset, num_listensocks + 1, tpool); for(lr = ap_listeners; lr != NULL; lr = lr->next) { apr_poll_socket_add(pollset, lr->sd, APR_POLLIN); @@ -730,14 +735,14 @@ static void *worker_thread(apr_thread_t *thd, void *arg) /* apr_poll_revents_get(&event, listenfds[0], pollset); if (event & APR_POLLIN) { - /* A process got a signal on the shutdown pipe. Check if we're + * A process got a signal on the shutdown pipe. Check if we're * the lucky process to die. check_pipe_of_death(); continue; } apr_poll_revents_get(&event, listenfds[1], pollset); if (event & APR_POLLIN || event & APR_POLLOUT) { - /* This request is from another child in our current process. + * This request is from another child in our current process. * We should set a flag here, and then below we will read * two bytes (the socket number and the NULL byte. thread_socket_table[thread_num] = AP_PERCHILD_OTHERCHILD; @@ -822,7 +827,7 @@ static void *worker_thread(apr_thread_t *thd, void *arg) apr_os_sock_put(&csd, &child_info_table[child_num].sd, ptrans); } if (setjmp(jmpbuffer) != 1) { - process_socket(ptrans, csd, conn_id); + process_socket(ptrans, csd, conn_id, bucket_alloc); } else { thread_socket_table[thread_num] = AP_PERCHILD_THISCHILD; @@ -861,6 +866,8 @@ static void *worker_thread(apr_thread_t *thd, void *arg) } apr_lock_release(worker_thread_count_mutex); + apr_bucket_alloc_destroy(bucket_alloc); + return NULL; } @@ -1867,8 +1874,13 @@ static const char *set_child_per_uid(cmd_parms *cmd, void *dummy, const char *u, "NumServers in your config file."; } - ug->uid = atoi(u); - ug->gid = atoi(g); + ug->uid = ap_uname2id(u); + ug->gid = ap_uname2id(g); +#ifndef BIG_SECURITY_HOLE + if (ug->uid == 0 || ug->gid == 0) { + return "Assigning root user/group to a child."; + } +#endif } return NULL; } @@ -1877,8 +1889,9 @@ static const char *assign_childuid(cmd_parms *cmd, void *dummy, const char *uid, const char *gid) { int i; - int u = atoi(uid); - int g = atoi(gid); + int matching = 0; + int u = ap_uname2id(uid); + int g = ap_uname2id(gid); const char *errstr; int socks[2]; perchild_server_conf *sconf = (perchild_server_conf *) @@ -1898,9 +1911,13 @@ static const char *assign_childuid(cmd_parms *cmd, void *dummy, const char *uid, for (i = 0; i < num_daemons; i++) { if (u == child_info_table[i].uid && g == child_info_table[i].gid) { child_info_table[i].sd = sconf->sd; + matching++; } } + if (!matching) { + return "Unable to find process with matching uid/gid."; + } return NULL; } diff --git a/server/mpm/perchild/perchild.c b/server/mpm/perchild/perchild.c index 2c94c05726..7b976804c0 100644 --- a/server/mpm/perchild/perchild.c +++ b/server/mpm/perchild/perchild.c @@ -537,7 +537,8 @@ int ap_graceful_stop_signalled(void) * Child process main loop. */ -static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id) +static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id, + apr_bucket_alloc_t *bucket_alloc) { conn_rec *current_conn; int csd; @@ -564,7 +565,8 @@ static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id) } ap_create_sb_handle(&sbh, p, conn_id / thread_limit, thread_num); - current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, sbh); + current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, + sbh, bucket_alloc); if (current_conn) { ap_process_connection(current_conn, sock); ap_lingering_close(current_conn); @@ -658,6 +660,7 @@ static void *worker_thread(apr_thread_t *thd, void *arg) ap_listen_rec *lr; int n; apr_socket_t *childsock = NULL; + apr_bucket_alloc_t *bucket_alloc; apr_lock_acquire(thread_pool_parent_mutex); apr_pool_create(&tpool, thread_pool_parent); @@ -668,6 +671,8 @@ static void *worker_thread(apr_thread_t *thd, void *arg) SERVER_STARTING, (request_rec *) NULL); + bucket_alloc = apr_bucket_alloc_create(apr_thread_pool_get(thd)); + apr_poll_setup(&pollset, num_listensocks + 1, tpool); for(lr = ap_listeners; lr != NULL; lr = lr->next) { apr_poll_socket_add(pollset, lr->sd, APR_POLLIN); @@ -730,14 +735,14 @@ static void *worker_thread(apr_thread_t *thd, void *arg) /* apr_poll_revents_get(&event, listenfds[0], pollset); if (event & APR_POLLIN) { - /* A process got a signal on the shutdown pipe. Check if we're + * A process got a signal on the shutdown pipe. Check if we're * the lucky process to die. check_pipe_of_death(); continue; } apr_poll_revents_get(&event, listenfds[1], pollset); if (event & APR_POLLIN || event & APR_POLLOUT) { - /* This request is from another child in our current process. + * This request is from another child in our current process. * We should set a flag here, and then below we will read * two bytes (the socket number and the NULL byte. thread_socket_table[thread_num] = AP_PERCHILD_OTHERCHILD; @@ -822,7 +827,7 @@ static void *worker_thread(apr_thread_t *thd, void *arg) apr_os_sock_put(&csd, &child_info_table[child_num].sd, ptrans); } if (setjmp(jmpbuffer) != 1) { - process_socket(ptrans, csd, conn_id); + process_socket(ptrans, csd, conn_id, bucket_alloc); } else { thread_socket_table[thread_num] = AP_PERCHILD_THISCHILD; @@ -861,6 +866,8 @@ static void *worker_thread(apr_thread_t *thd, void *arg) } apr_lock_release(worker_thread_count_mutex); + apr_bucket_alloc_destroy(bucket_alloc); + return NULL; } @@ -1867,8 +1874,13 @@ static const char *set_child_per_uid(cmd_parms *cmd, void *dummy, const char *u, "NumServers in your config file."; } - ug->uid = atoi(u); - ug->gid = atoi(g); + ug->uid = ap_uname2id(u); + ug->gid = ap_uname2id(g); +#ifndef BIG_SECURITY_HOLE + if (ug->uid == 0 || ug->gid == 0) { + return "Assigning root user/group to a child."; + } +#endif } return NULL; } @@ -1877,8 +1889,9 @@ static const char *assign_childuid(cmd_parms *cmd, void *dummy, const char *uid, const char *gid) { int i; - int u = atoi(uid); - int g = atoi(gid); + int matching = 0; + int u = ap_uname2id(uid); + int g = ap_uname2id(gid); const char *errstr; int socks[2]; perchild_server_conf *sconf = (perchild_server_conf *) @@ -1898,9 +1911,13 @@ static const char *assign_childuid(cmd_parms *cmd, void *dummy, const char *uid, for (i = 0; i < num_daemons; i++) { if (u == child_info_table[i].uid && g == child_info_table[i].gid) { child_info_table[i].sd = sconf->sd; + matching++; } } + if (!matching) { + return "Unable to find process with matching uid/gid."; + } return NULL; } -- 2.40.0