From eb82200c90bf33ae7d584c4cbbe1f799de75fb61 Mon Sep 17 00:00:00 2001 From: Aaron Bannert Date: Thu, 22 Nov 2001 07:42:13 +0000 Subject: [PATCH] Just some style changes from when I was working on the recent suexec patch. No more tabs, intended alignment remains. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92132 13f79535-47bb-0310-9956-ffa450edef68 --- support/suexec.c | 267 +++++++++++++++++++++++------------------------ 1 file changed, 133 insertions(+), 134 deletions(-) diff --git a/support/suexec.c b/support/suexec.c index 34d37346e9..7c0343d44e 100644 --- a/support/suexec.c +++ b/support/suexec.c @@ -105,7 +105,7 @@ #if defined(NEED_INITGROUPS) int initgroups(const char *name, gid_t basegid) { -/* QNX and MPE do not appear to support supplementary groups. */ + /* QNX and MPE do not appear to support supplementary groups. */ return 0; } #endif @@ -175,19 +175,19 @@ static void err_output(const char *fmt, va_list ap) struct tm *lt; if (!log) { - if ((log = fopen(AP_LOG_EXEC, "a")) == NULL) { - fprintf(stderr, "failed to open log file\n"); - perror("fopen"); - exit(1); - } + if ((log = fopen(AP_LOG_EXEC, "a")) == NULL) { + fprintf(stderr, "failed to open log file\n"); + perror("fopen"); + exit(1); + } } time(&timevar); lt = localtime(&timevar); fprintf(log, "[%d-%.2d-%.2d %.2d:%.2d:%.2d]: ", - lt->tm_year + 1900, lt->tm_mon + 1, lt->tm_mday, - lt->tm_hour, lt->tm_min, lt->tm_sec); + lt->tm_year + 1900, lt->tm_mon + 1, lt->tm_mday, + lt->tm_hour, lt->tm_min, lt->tm_sec); vfprintf(log, fmt, ap); @@ -219,7 +219,7 @@ static void clean_env(void) if ((cleanenv = (char **) calloc(AP_ENVBUF, sizeof(char *))) == NULL) { log_err("failed to malloc memory for environment\n"); - exit(120); + exit(120); } sprintf(pathbuf, "PATH=%s", AP_SAFE_PATH); @@ -227,20 +227,20 @@ static void clean_env(void) cidx++; for (ep = environ; *ep && cidx < AP_ENVBUF-1; ep++) { - if (!strncmp(*ep, "HTTP_", 5)) { - cleanenv[cidx] = *ep; - cidx++; - } - else { - for (idx = 0; safe_env_lst[idx]; idx++) { - if (!strncmp(*ep, safe_env_lst[idx], - strlen(safe_env_lst[idx]))) { - cleanenv[cidx] = *ep; - cidx++; - break; - } - } - } + if (!strncmp(*ep, "HTTP_", 5)) { + cleanenv[cidx] = *ep; + cidx++; + } + else { + for (idx = 0; safe_env_lst[idx]; idx++) { + if (!strncmp(*ep, safe_env_lst[idx], + strlen(safe_env_lst[idx]))) { + cleanenv[cidx] = *ep; + cidx++; + break; + } + } + } } cleanenv[cidx] = NULL; @@ -250,22 +250,22 @@ static void clean_env(void) int main(int argc, char *argv[]) { - int userdir = 0; /* ~userdir flag */ - uid_t uid; /* user information */ - gid_t gid; /* target group placeholder */ - char *target_uname; /* target user name */ - char *target_gname; /* target group name */ - char *target_homedir; /* target home directory */ - char *actual_uname; /* actual user name */ - char *actual_gname; /* actual group name */ - char *prog; /* name of this program */ - char *cmd; /* command to be executed */ - char cwd[AP_MAXPATH]; /* current working directory */ - char dwd[AP_MAXPATH]; /* docroot working directory */ - struct passwd *pw; /* password entry holder */ - struct group *gr; /* group entry holder */ - struct stat dir_info; /* directory info holder */ - struct stat prg_info; /* program info holder */ + int userdir = 0; /* ~userdir flag */ + uid_t uid; /* user information */ + gid_t gid; /* target group placeholder */ + char *target_uname; /* target user name */ + char *target_gname; /* target group name */ + char *target_homedir; /* target home directory */ + char *actual_uname; /* actual user name */ + char *actual_gname; /* actual group name */ + char *prog; /* name of this program */ + char *cmd; /* command to be executed */ + char cwd[AP_MAXPATH]; /* current working directory */ + char dwd[AP_MAXPATH]; /* docroot working directory */ + struct passwd *pw; /* password entry holder */ + struct group *gr; /* group entry holder */ + struct stat dir_info; /* directory info holder */ + struct stat prg_info; /* program info holder */ prog = argv[0]; /* @@ -274,8 +274,8 @@ int main(int argc, char *argv[]) */ uid = getuid(); if ((pw = getpwuid(uid)) == NULL) { - log_err("crit: invalid uid: (%ld)\n", uid); - exit(102); + log_err("crit: invalid uid: (%ld)\n", uid); + exit(102); } /* * See if this is a 'how were you compiled' request, and @@ -322,8 +322,8 @@ int main(int argc, char *argv[]) * all of them to variables. Otherwise, error out. */ if (argc < 4) { - log_err("too few arguments\n"); - exit(101); + log_err("too few arguments\n"); + exit(101); } target_uname = argv[1]; target_gname = argv[2]; @@ -338,12 +338,12 @@ int main(int argc, char *argv[]) /* User name comparisons are case insensitive on BS2000/OSD */ if (strcasecmp(AP_HTTPD_USER, pw->pw_name)) { log_err("user mismatch (%s instead of %s)\n", pw->pw_name, AP_HTTPD_USER); - exit(103); + exit(103); } #else /*_OSD_POSIX*/ if (strcmp(AP_HTTPD_USER, pw->pw_name)) { log_err("user mismatch (%s instead of %s)\n", pw->pw_name, AP_HTTPD_USER); - exit(103); + exit(103); } #endif /*_OSD_POSIX*/ @@ -354,9 +354,9 @@ int main(int argc, char *argv[]) * found, error out. Naughty naughty crackers. */ if ((cmd[0] == '/') || (!strncmp(cmd, "../", 3)) - || (strstr(cmd, "/../") != NULL)) { + || (strstr(cmd, "/../") != NULL)) { log_err("invalid command (%s)\n", cmd); - exit(104); + exit(104); } /* @@ -365,8 +365,8 @@ int main(int argc, char *argv[]) * target username. */ if (!strncmp("~", target_uname, 1)) { - target_uname++; - userdir = 1; + target_uname++; + userdir = 1; } /* @@ -374,8 +374,8 @@ int main(int argc, char *argv[]) */ if (strspn(target_uname, "1234567890") != strlen(target_uname)) { if ((pw = getpwnam(target_uname)) == NULL) { - log_err("invalid target user name: (%s)\n", target_uname); - exit(105); + log_err("invalid target user name: (%s)\n", target_uname); + exit(105); } } else { @@ -389,16 +389,16 @@ int main(int argc, char *argv[]) * Error out if the target group name is invalid. */ if (strspn(target_gname, "1234567890") != strlen(target_gname)) { - if ((gr = getgrnam(target_gname)) == NULL) { - log_err("invalid target group name: (%s)\n", target_gname); - exit(106); - } - gid = gr->gr_gid; - actual_gname = strdup(gr->gr_name); + if ((gr = getgrnam(target_gname)) == NULL) { + log_err("invalid target group name: (%s)\n", target_gname); + exit(106); + } + gid = gr->gr_gid; + actual_gname = strdup(gr->gr_name); } else { - gid = atoi(target_gname); - actual_gname = strdup(target_gname); + gid = atoi(target_gname); + actual_gname = strdup(target_gname); } #ifdef _OSD_POSIX @@ -406,28 +406,28 @@ int main(int argc, char *argv[]) * Initialize BS2000 user environment */ { - pid_t pid; - int status; - - switch (pid = ufork(target_uname)) - { - case -1: /* Error */ - log_err("failed to setup bs2000 environment for user %s: %s\n", - target_uname, strerror(errno)); - exit(150); - case 0: /* Child */ - break; - default: /* Father */ - while (pid != waitpid(pid, &status, 0)) - ; - /* @@@ FIXME: should we deal with STOP signals as well? */ - if (WIFSIGNALED(status)) - kill (getpid(), WTERMSIG(status)); - exit(WEXITSTATUS(status)); - } + pid_t pid; + int status; + + switch (pid = ufork(target_uname)) { + case -1: /* Error */ + log_err("failed to setup bs2000 environment for user %s: %s\n", + target_uname, strerror(errno)); + exit(150); + case 0: /* Child */ + break; + default: /* Father */ + while (pid != waitpid(pid, &status, 0)) + ; + /* @@@ FIXME: should we deal with STOP signals as well? */ + if (WIFSIGNALED(status)) { + kill (getpid(), WTERMSIG(status)); + } + exit(WEXITSTATUS(status)); + } } #endif /*_OSD_POSIX*/ - + /* * Save these for later since initgroups will hose the struct */ @@ -440,17 +440,17 @@ int main(int argc, char *argv[]) * before we setuid(). */ log_err("uid: (%s/%s) gid: (%s/%s) cmd: %s\n", - target_uname, actual_uname, - target_gname, actual_gname, - cmd); + target_uname, actual_uname, + target_gname, actual_gname, + cmd); /* * Error out if attempt is made to execute as root or as * a UID less than AP_UID_MIN. Tsk tsk. */ if ((uid == 0) || (uid < AP_UID_MIN)) { - log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd); - exit(107); + log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd); + exit(107); } /* @@ -458,8 +458,8 @@ int main(int argc, char *argv[]) * or as a GID less than AP_GID_MIN. Tsk tsk. */ if ((gid == 0) || (gid < AP_GID_MIN)) { - log_err("cannot run as forbidden gid (%d/%s)\n", gid, cmd); - exit(108); + log_err("cannot run as forbidden gid (%d/%s)\n", gid, cmd); + exit(108); } /* @@ -469,16 +469,16 @@ int main(int argc, char *argv[]) * and setgid() to the target group. If unsuccessful, error out. */ if (((setgid(gid)) != 0) || (initgroups(actual_uname, gid) != 0)) { - log_err("failed to setgid (%ld: %s)\n", gid, cmd); - exit(109); + log_err("failed to setgid (%ld: %s)\n", gid, cmd); + exit(109); } /* * setuid() to the target user. Error out on fail. */ if ((setuid(uid)) != 0) { - log_err("failed to setuid (%ld: %s)\n", uid, cmd); - exit(110); + log_err("failed to setuid (%ld: %s)\n", uid, cmd); + exit(110); } /* @@ -490,71 +490,71 @@ int main(int argc, char *argv[]) * directories. Yuck. */ if (getcwd(cwd, AP_MAXPATH) == NULL) { - log_err("cannot get current working directory\n"); - exit(111); + log_err("cannot get current working directory\n"); + exit(111); } if (userdir) { - if (((chdir(target_homedir)) != 0) || - ((chdir(AP_USERDIR_SUFFIX)) != 0) || - ((getcwd(dwd, AP_MAXPATH)) == NULL) || - ((chdir(cwd)) != 0)) { - log_err("cannot get docroot information (%s)\n", target_homedir); - exit(112); - } + if (((chdir(target_homedir)) != 0) || + ((chdir(AP_USERDIR_SUFFIX)) != 0) || + ((getcwd(dwd, AP_MAXPATH)) == NULL) || + ((chdir(cwd)) != 0)) { + log_err("cannot get docroot information (%s)\n", target_homedir); + exit(112); + } } else { - if (((chdir(AP_DOC_ROOT)) != 0) || - ((getcwd(dwd, AP_MAXPATH)) == NULL) || - ((chdir(cwd)) != 0)) { - log_err("cannot get docroot information (%s)\n", AP_DOC_ROOT); - exit(113); - } + if (((chdir(AP_DOC_ROOT)) != 0) || + ((getcwd(dwd, AP_MAXPATH)) == NULL) || + ((chdir(cwd)) != 0)) { + log_err("cannot get docroot information (%s)\n", AP_DOC_ROOT); + exit(113); + } } if ((strncmp(cwd, dwd, strlen(dwd))) != 0) { - log_err("command not in docroot (%s/%s)\n", cwd, cmd); - exit(114); + log_err("command not in docroot (%s/%s)\n", cwd, cmd); + exit(114); } /* * Stat the cwd and verify it is a directory, or error out. */ if (((lstat(cwd, &dir_info)) != 0) || !(S_ISDIR(dir_info.st_mode))) { - log_err("cannot stat directory: (%s)\n", cwd); - exit(115); + log_err("cannot stat directory: (%s)\n", cwd); + exit(115); } /* * Error out if cwd is writable by others. */ if ((dir_info.st_mode & S_IWOTH) || (dir_info.st_mode & S_IWGRP)) { - log_err("directory is writable by others: (%s)\n", cwd); - exit(116); + log_err("directory is writable by others: (%s)\n", cwd); + exit(116); } /* * Error out if we cannot stat the program. */ if (((lstat(cmd, &prg_info)) != 0) || (S_ISLNK(prg_info.st_mode))) { - log_err("cannot stat program: (%s)\n", cmd); - exit(117); + log_err("cannot stat program: (%s)\n", cmd); + exit(117); } /* * Error out if the program is writable by others. */ if ((prg_info.st_mode & S_IWOTH) || (prg_info.st_mode & S_IWGRP)) { - log_err("file is writable by others: (%s/%s)\n", cwd, cmd); - exit(118); + log_err("file is writable by others: (%s/%s)\n", cwd, cmd); + exit(118); } /* * Error out if the file is setuid or setgid. */ if ((prg_info.st_mode & S_ISUID) || (prg_info.st_mode & S_ISGID)) { - log_err("file is either setuid or setgid: (%s/%s)\n", cwd, cmd); - exit(119); + log_err("file is either setuid or setgid: (%s/%s)\n", cwd, cmd); + exit(119); } /* @@ -562,15 +562,15 @@ int main(int argc, char *argv[]) * the name/group of the cwd or the program. */ if ((uid != dir_info.st_uid) || - (gid != dir_info.st_gid) || - (uid != prg_info.st_uid) || - (gid != prg_info.st_gid)) { - log_err("target uid/gid (%ld/%ld) mismatch " - "with directory (%ld/%ld) or program (%ld/%ld)\n", - uid, gid, - dir_info.st_uid, dir_info.st_gid, - prg_info.st_uid, prg_info.st_gid); - exit(120); + (gid != dir_info.st_gid) || + (uid != prg_info.st_uid) || + (gid != prg_info.st_gid)) { + log_err("target uid/gid (%ld/%ld) mismatch " + "with directory (%ld/%ld) or program (%ld/%ld)\n", + uid, gid, + dir_info.st_uid, dir_info.st_gid, + prg_info.st_uid, prg_info.st_gid); + exit(120); } /* * Error out if the program is not executable for the user. @@ -578,8 +578,8 @@ int main(int argc, char *argv[]) * "[error] Premature end of script headers: ..." */ if (!(prg_info.st_mode & S_IXUSR)) { - log_err("file has no execute permission: (%s/%s)\n", cwd, cmd); - exit(121); + log_err("file has no execute permission: (%s/%s)\n", cwd, cmd); + exit(121); } #ifdef AP_SUEXEC_UMASK @@ -604,8 +604,8 @@ int main(int argc, char *argv[]) * outside an ifdef'd AP_LOG_EXEC block. */ if (log != NULL) { - fclose(log); - log = NULL; + fclose(log); + log = NULL; } /* @@ -614,9 +614,9 @@ int main(int argc, char *argv[]) #ifdef NEED_HASHBANG_EMUL /* We need the #! emulation when we want to execute scripts */ { - extern char **environ; + extern char **environ; - ap_execve(cmd, &argv[3], environ); + ap_execve(cmd, &argv[3], environ); } #else /*NEED_HASHBANG_EMUL*/ execv(cmd, &argv[3]); @@ -630,7 +630,6 @@ int main(int argc, char *argv[]) * * Oh well, log the failure and error out. */ - log_err("(%d)%s: exec failed (%s)\n", errno, - strerror(errno), cmd); + log_err("(%d)%s: exec failed (%s)\n", errno, strerror(errno), cmd); exit(255); } -- 2.50.1