diff options
| author | Jim Jagielski <jim@apache.org> | 2013-10-17 15:10:11 +0000 |
|---|---|---|
| committer | Jim Jagielski <jim@apache.org> | 2013-10-17 15:10:11 +0000 |
| commit | 83f1d0dd4db126de59e7c23dcfaacfe247743b4a (patch) | |
| tree | a1e334e9d4bc5b999a88b3f65784de0e19fdfcad | |
| parent | fd2c51a0674a0a50a526e98ed651e0c477e9c86c (diff) | |
| download | apr-83f1d0dd4db126de59e7c23dcfaacfe247743b4a.tar.gz | |
Merge r1533104 from trunk:
it should really handle src==NULL
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/branches/1.5.x@1533105 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | include/apr_global_mutex.h | 5 | ||||
| -rw-r--r-- | include/apr_proc_mutex.h | 6 | ||||
| -rw-r--r-- | include/apr_shm.h | 6 | ||||
| -rw-r--r-- | include/apr_thread_proc.h | 13 | ||||
| -rw-r--r-- | include/arch/unix/apr_arch_proc_mutex.h | 1 | ||||
| -rw-r--r-- | include/arch/unix/apr_arch_shm.h | 1 | ||||
| -rw-r--r-- | include/arch/unix/apr_arch_threadproc.h | 10 | ||||
| -rw-r--r-- | locks/beos/proc_mutex.c | 2 | ||||
| -rw-r--r-- | locks/netware/proc_mutex.c | 2 | ||||
| -rw-r--r-- | locks/os2/proc_mutex.c | 2 | ||||
| -rw-r--r-- | locks/unix/global_mutex.c | 9 | ||||
| -rw-r--r-- | locks/unix/proc_mutex.c | 72 | ||||
| -rw-r--r-- | locks/win32/proc_mutex.c | 2 | ||||
| -rw-r--r-- | shmem/beos/shm.c | 2 | ||||
| -rw-r--r-- | shmem/os2/shm.c | 2 | ||||
| -rw-r--r-- | shmem/unix/shm.c | 41 | ||||
| -rw-r--r-- | shmem/win32/shm.c | 2 | ||||
| -rw-r--r-- | strings/apr_cpystrn.c | 15 | ||||
| -rw-r--r-- | threadproc/beos/proc.c | 8 | ||||
| -rw-r--r-- | threadproc/netware/proc.c | 8 | ||||
| -rw-r--r-- | threadproc/os2/proc.c | 8 | ||||
| -rw-r--r-- | threadproc/unix/proc.c | 31 | ||||
| -rw-r--r-- | threadproc/win32/proc.c | 8 |
23 files changed, 238 insertions, 18 deletions
diff --git a/include/apr_global_mutex.h b/include/apr_global_mutex.h index db1930134..d9331f80a 100644 --- a/include/apr_global_mutex.h +++ b/include/apr_global_mutex.h @@ -135,6 +135,11 @@ APR_DECLARE(const char *) apr_global_mutex_lockfile(apr_global_mutex_t *mutex); APR_DECLARE(const char *) apr_global_mutex_name(apr_global_mutex_t *mutex); /** + * Set mutex permissions. + */ +APR_PERMS_SET_IMPLEMENT(global_mutex); + +/** * Get the pool used by this global_mutex. * @return apr_pool_t the pool */ diff --git a/include/apr_proc_mutex.h b/include/apr_proc_mutex.h index ceb9c82a8..1c6d19d6b 100644 --- a/include/apr_proc_mutex.h +++ b/include/apr_proc_mutex.h @@ -25,6 +25,7 @@ #include "apr.h" #include "apr_pools.h" #include "apr_errno.h" +#include "apr_perms_set.h" #ifdef __cplusplus extern "C" { @@ -152,6 +153,11 @@ APR_DECLARE(const char *) apr_proc_mutex_name(apr_proc_mutex_t *mutex); APR_DECLARE(const char *) apr_proc_mutex_defname(void); /** + * Set mutex permissions. + */ +APR_PERMS_SET_IMPLEMENT(proc_mutex); + +/** * Get the pool used by this proc_mutex. * @return apr_pool_t the pool */ diff --git a/include/apr_shm.h b/include/apr_shm.h index 2b1d50f6d..e830b96e1 100644 --- a/include/apr_shm.h +++ b/include/apr_shm.h @@ -25,6 +25,7 @@ #include "apr.h" #include "apr_pools.h" #include "apr_errno.h" +#include "apr_perms_set.h" #ifdef __cplusplus extern "C" { @@ -133,6 +134,11 @@ APR_DECLARE(void *) apr_shm_baseaddr_get(const apr_shm_t *m); APR_DECLARE(apr_size_t) apr_shm_size_get(const apr_shm_t *m); /** + * Set shared memory permissions. + */ +APR_PERMS_SET_IMPLEMENT(shm); + +/** * Get the pool used by this shared memory segment. */ APR_POOL_DECLARE_ACCESSOR(shm); diff --git a/include/apr_thread_proc.h b/include/apr_thread_proc.h index 29f91ea44..d485d8022 100644 --- a/include/apr_thread_proc.h +++ b/include/apr_thread_proc.h @@ -26,6 +26,7 @@ #include "apr_file_io.h" #include "apr_pools.h" #include "apr_errno.h" +#include "apr_perms_set.h" #if APR_HAVE_STRUCT_RLIMIT #include <sys/time.h> @@ -577,6 +578,18 @@ APR_DECLARE(apr_status_t) apr_procattr_group_set(apr_procattr_t *attr, const char *groupname); +/** + * Register permission set function + * @param attr The procattr we care about. + * @param perms_set_fn Permission set callback + * @param data Data to pass to permission callback function + * @param perms Permissions to set + */ +APR_DECLARE(apr_status_t) apr_procattr_perms_set_register(apr_procattr_t *attr, + apr_perms_setfn_t *perms_set_fn, + void *data, + apr_fileperms_t perms); + #if APR_HAS_FORK /** * This is currently the only non-portable call in APR. This executes diff --git a/include/arch/unix/apr_arch_proc_mutex.h b/include/arch/unix/apr_arch_proc_mutex.h index ec9796bc9..c582eeb21 100644 --- a/include/arch/unix/apr_arch_proc_mutex.h +++ b/include/arch/unix/apr_arch_proc_mutex.h @@ -75,6 +75,7 @@ struct apr_proc_mutex_unix_lock_methods_t { apr_status_t (*release)(apr_proc_mutex_t *); apr_status_t (*cleanup)(void *); apr_status_t (*child_init)(apr_proc_mutex_t **, apr_pool_t *, const char *); + apr_status_t (*perms_set)(apr_proc_mutex_t *, apr_fileperms_t, apr_uid_t, apr_gid_t); const char *name; }; typedef struct apr_proc_mutex_unix_lock_methods_t apr_proc_mutex_unix_lock_methods_t; diff --git a/include/arch/unix/apr_arch_shm.h b/include/arch/unix/apr_arch_shm.h index bbd373e36..e9d25cadb 100644 --- a/include/arch/unix/apr_arch_shm.h +++ b/include/arch/unix/apr_arch_shm.h @@ -67,6 +67,7 @@ struct apr_shm_t { const char *filename; /* NULL if anonymous */ #if APR_USE_SHMEM_SHMGET || APR_USE_SHMEM_SHMGET_ANON int shmid; /* shmem ID returned from shmget() */ + key_t shmkey; /* shmem key IPC_ANON or returned from ftok() */ #endif }; diff --git a/include/arch/unix/apr_arch_threadproc.h b/include/arch/unix/apr_arch_threadproc.h index a61830f6e..7a3b3c092 100644 --- a/include/arch/unix/apr_arch_threadproc.h +++ b/include/arch/unix/apr_arch_threadproc.h @@ -19,6 +19,7 @@ #include "apr_thread_proc.h" #include "apr_file_io.h" #include "apr_arch_file_io.h" +#include "apr_perms_set.h" /* System headers required for thread/process library */ #if APR_HAVE_PTHREAD_H @@ -76,6 +77,14 @@ struct apr_thread_once_t { #endif +typedef struct apr_procattr_pscb_t apr_procattr_pscb_t; +struct apr_procattr_pscb_t { + struct apr_procattr_pscb_t *next; + apr_perms_setfn_t *perms_set_fn; + apr_fileperms_t perms; + const void *data; +}; + struct apr_procattr_t { apr_pool_t *pool; apr_file_t *parent_in; @@ -103,6 +112,7 @@ struct apr_procattr_t { apr_int32_t errchk; apr_uid_t uid; apr_gid_t gid; + apr_procattr_pscb_t *perms_set_callbacks; }; #endif /* ! THREAD_PROC_H */ diff --git a/locks/beos/proc_mutex.c b/locks/beos/proc_mutex.c index ce2a580ba..a02668add 100644 --- a/locks/beos/proc_mutex.c +++ b/locks/beos/proc_mutex.c @@ -140,6 +140,8 @@ APR_DECLARE(const char *) apr_proc_mutex_defname(void) return "beossem"; } +APR_PERMS_SET_ENOTIMPL(proc_mutex) + APR_POOL_IMPLEMENT_ACCESSOR(proc_mutex) /* Implement OS-specific accessors defined in apr_portable.h */ diff --git a/locks/netware/proc_mutex.c b/locks/netware/proc_mutex.c index 77411d0bf..097914645 100644 --- a/locks/netware/proc_mutex.c +++ b/locks/netware/proc_mutex.c @@ -97,6 +97,8 @@ APR_DECLARE(const char *) apr_proc_mutex_defname(void) return "netwarethread"; } +APR_PERMS_SET_ENOTIMPL(proc_mutex) + APR_POOL_IMPLEMENT_ACCESSOR(proc_mutex) /* Implement OS-specific accessors defined in apr_portable.h */ diff --git a/locks/os2/proc_mutex.c b/locks/os2/proc_mutex.c index 0f3a564ef..9b53c0bef 100644 --- a/locks/os2/proc_mutex.c +++ b/locks/os2/proc_mutex.c @@ -199,7 +199,7 @@ APR_DECLARE(apr_status_t) apr_proc_mutex_destroy(apr_proc_mutex_t *mutex) return APR_FROM_OS_ERROR(rc); } - +APR_PERMS_SET_ENOTIMPL(proc_mutex) APR_POOL_IMPLEMENT_ACCESSOR(proc_mutex) diff --git a/locks/unix/global_mutex.c b/locks/unix/global_mutex.c index 18de7e450..c86be917f 100644 --- a/locks/unix/global_mutex.c +++ b/locks/unix/global_mutex.c @@ -185,4 +185,13 @@ APR_DECLARE(const char *) apr_global_mutex_name(apr_global_mutex_t *mutex) return apr_proc_mutex_name(mutex->proc_mutex); } +APR_PERMS_SET_IMPLEMENT(global_mutex) +{ + apr_status_t rv; + apr_global_mutex_t *mutex = (apr_global_mutex_t *)theglobal_mutex; + + rv = apr_proc_mutex_set_perms(mutex->proc_mutex, perms, uid, gid); + return rv; +} + APR_POOL_IMPLEMENT_ACCESSOR(global_mutex) diff --git a/locks/unix/proc_mutex.c b/locks/unix/proc_mutex.c index f9637e03f..22053dfd2 100644 --- a/locks/unix/proc_mutex.c +++ b/locks/unix/proc_mutex.c @@ -35,6 +35,17 @@ static apr_status_t proc_mutex_no_child_init(apr_proc_mutex_t **mutex, } #endif +#if APR_HAS_POSIXSEM_SERIALIZE || APR_HAS_PROC_PTHREAD_SERIALIZE +static apr_status_t proc_mutex_no_perms_set(apr_proc_mutex_t *mutex, + apr_fileperms_t perms, + apr_uid_t uid, + apr_gid_t gid) +{ + return APR_ENOTIMPL; +} +#endif + + #if APR_HAS_POSIXSEM_SERIALIZE #ifndef SEM_FAILED @@ -183,6 +194,7 @@ static const apr_proc_mutex_unix_lock_methods_t mutex_posixsem_methods = proc_mutex_posix_release, proc_mutex_posix_cleanup, proc_mutex_no_child_init, + proc_mutex_no_perms_set, "posixsem" }; @@ -291,6 +303,24 @@ static apr_status_t proc_mutex_sysv_release(apr_proc_mutex_t *mutex) return APR_SUCCESS; } +static apr_status_t proc_mutex_sysv_perms_set(apr_proc_mutex_t *mutex, + apr_fileperms_t perms, + apr_uid_t uid, + apr_gid_t gid) +{ + + union semun ick; + struct semid_ds buf; + buf.sem_perm.uid = uid; + buf.sem_perm.gid = gid; + buf.sem_perm.mode = apr_unix_perms2mode(perms); + ick.buf = &buf; + if (semctl(mutex->interproc->filedes, 0, IPC_SET, ick) < 0) { + return errno; + } + return APR_SUCCESS; +} + static const apr_proc_mutex_unix_lock_methods_t mutex_sysv_methods = { #if APR_PROCESS_LOCK_IS_GLOBAL || !APR_HAS_THREADS || defined(SYSVSEM_IS_GLOBAL) @@ -304,6 +334,7 @@ static const apr_proc_mutex_unix_lock_methods_t mutex_sysv_methods = proc_mutex_sysv_release, proc_mutex_sysv_cleanup, proc_mutex_no_child_init, + proc_mutex_sysv_perms_set, "sysvsem" }; @@ -499,6 +530,7 @@ static const apr_proc_mutex_unix_lock_methods_t mutex_proc_pthread_methods = proc_mutex_proc_pthread_release, proc_mutex_proc_pthread_cleanup, proc_mutex_no_child_init, + proc_mutex_no_perms_set, "pthread" }; @@ -620,6 +652,22 @@ static apr_status_t proc_mutex_fcntl_release(apr_proc_mutex_t *mutex) return APR_SUCCESS; } +static apr_status_t proc_mutex_fcntl_perms_set(apr_proc_mutex_t *mutex, + apr_fileperms_t perms, + apr_uid_t uid, + apr_gid_t gid) +{ + + if (mutex->fname) { + if (!(perms & APR_FPROT_GSETID)) + gid = -1; + if (fchown(mutex->interproc->filedes, uid, gid) < 0) { + return errno; + } + } + return APR_SUCCESS; +} + static const apr_proc_mutex_unix_lock_methods_t mutex_fcntl_methods = { #if APR_PROCESS_LOCK_IS_GLOBAL || !APR_HAS_THREADS || defined(FCNTL_IS_GLOBAL) @@ -633,6 +681,7 @@ static const apr_proc_mutex_unix_lock_methods_t mutex_fcntl_methods = proc_mutex_fcntl_release, proc_mutex_fcntl_cleanup, proc_mutex_no_child_init, + proc_mutex_fcntl_perms_set, "fcntl" }; @@ -758,6 +807,22 @@ static apr_status_t proc_mutex_flock_child_init(apr_proc_mutex_t **mutex, return APR_SUCCESS; } +static apr_status_t proc_mutex_flock_perms_set(apr_proc_mutex_t *mutex, + apr_fileperms_t perms, + apr_uid_t uid, + apr_gid_t gid) +{ + + if (mutex->fname) { + if (!(perms & APR_FPROT_GSETID)) + gid = -1; + if (fchown(mutex->interproc->filedes, uid, gid) < 0) { + return errno; + } + } + return APR_SUCCESS; +} + static const apr_proc_mutex_unix_lock_methods_t mutex_flock_methods = { #if APR_PROCESS_LOCK_IS_GLOBAL || !APR_HAS_THREADS || defined(FLOCK_IS_GLOBAL) @@ -771,6 +836,7 @@ static const apr_proc_mutex_unix_lock_methods_t mutex_flock_methods = proc_mutex_flock_release, proc_mutex_flock_cleanup, proc_mutex_flock_child_init, + proc_mutex_flock_perms_set, "flock" }; @@ -943,6 +1009,12 @@ APR_DECLARE(const char *) apr_proc_mutex_lockfile(apr_proc_mutex_t *mutex) return NULL; } +APR_PERMS_SET_IMPLEMENT(proc_mutex) +{ + apr_proc_mutex_t *mutex = (apr_proc_mutex_t *)theproc_mutex; + return mutex->meth->perms_set(mutex, perms, uid, gid); +} + APR_POOL_IMPLEMENT_ACCESSOR(proc_mutex) /* Implement OS-specific accessors defined in apr_portable.h */ diff --git a/locks/win32/proc_mutex.c b/locks/win32/proc_mutex.c index 3bd25efaf..38366f185 100644 --- a/locks/win32/proc_mutex.c +++ b/locks/win32/proc_mutex.c @@ -199,6 +199,8 @@ APR_DECLARE(const char *) apr_proc_mutex_defname(void) return "win32mutex"; } +APR_PERMS_SET_ENOTIMPL(proc_mutex) + APR_POOL_IMPLEMENT_ACCESSOR(proc_mutex) /* Implement OS-specific accessors defined in apr_portable.h */ diff --git a/shmem/beos/shm.c b/shmem/beos/shm.c index 1f06f78ac..d6b888b08 100644 --- a/shmem/beos/shm.c +++ b/shmem/beos/shm.c @@ -149,6 +149,8 @@ APR_DECLARE(apr_size_t) apr_shm_size_get(const apr_shm_t *m) return m->reqsize; } +APR_PERMS_SET_ENOTIMPL(shm) + APR_POOL_IMPLEMENT_ACCESSOR(shm) APR_DECLARE(apr_status_t) apr_os_shm_get(apr_os_shm_t *osshm, diff --git a/shmem/os2/shm.c b/shmem/os2/shm.c index 340cae407..dcdb41587 100644 --- a/shmem/os2/shm.c +++ b/shmem/os2/shm.c @@ -113,6 +113,8 @@ APR_DECLARE(apr_size_t) apr_shm_size_get(const apr_shm_t *m) return size; } +APR_PERMS_SET_ENOTIMPL(shm) + APR_POOL_IMPLEMENT_ACCESSOR(shm) APR_DECLARE(apr_status_t) apr_os_shm_get(apr_os_shm_t *osshm, diff --git a/shmem/unix/shm.c b/shmem/unix/shm.c index 73a729df9..f1259e232 100644 --- a/shmem/unix/shm.c +++ b/shmem/unix/shm.c @@ -15,6 +15,7 @@ */ #include "apr_arch_shm.h" +#include "apr_arch_file_io.h" #include "apr_general.h" #include "apr_errno.h" @@ -102,7 +103,6 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m, #endif #if APR_USE_SHMEM_SHMGET apr_size_t nbytes; - key_t shmkey; #endif #if APR_USE_SHMEM_MMAP_ZERO || APR_USE_SHMEM_SHMGET || \ APR_USE_SHMEM_MMAP_TMP || APR_USE_SHMEM_MMAP_SHM @@ -175,8 +175,8 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m, new_m->reqsize = reqsize; new_m->realsize = reqsize; new_m->filename = NULL; - - if ((new_m->shmid = shmget(IPC_PRIVATE, new_m->realsize, + new_m->shmkey = IPC_PRIVATE; + if ((new_m->shmid = shmget(new_m->shmkey, new_m->realsize, SHM_R | SHM_W | IPC_CREAT)) < 0) { return errno; } @@ -312,13 +312,13 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m, /* ftok() (on solaris at least) requires that the file actually * exist before calling ftok(). */ - shmkey = ftok(filename, 1); - if (shmkey == (key_t)-1) { + new_m->shmkey = ftok(filename, 1); + if (new_m->shmkey == (key_t)-1) { apr_file_close(file); return errno; } - if ((new_m->shmid = shmget(shmkey, new_m->realsize, + if ((new_m->shmid = shmget(new_m->shmkey, new_m->realsize, SHM_R | SHM_W | IPC_CREAT | IPC_EXCL)) < 0) { apr_file_close(file); return errno; @@ -523,7 +523,6 @@ APR_DECLARE(apr_status_t) apr_shm_attach(apr_shm_t **m, apr_status_t status; apr_file_t *file; /* file where metadata is stored */ apr_size_t nbytes; - key_t shmkey; new_m = apr_palloc(pool, sizeof(apr_shm_t)); @@ -546,11 +545,11 @@ APR_DECLARE(apr_status_t) apr_shm_attach(apr_shm_t **m, new_m->filename = apr_pstrdup(pool, filename); new_m->pool = pool; - shmkey = ftok(filename, 1); - if (shmkey == (key_t)-1) { + new_m->shmkey = ftok(filename, 1); + if (new_m->shmkey == (key_t)-1) { return errno; } - if ((new_m->shmid = shmget(shmkey, 0, SHM_R | SHM_W)) == -1) { + if ((new_m->shmid = shmget(new_m->shmkey, 0, SHM_R | SHM_W)) == -1) { return errno; } if ((new_m->base = shmat(new_m->shmid, NULL, 0)) == (void *)-1) { @@ -587,6 +586,28 @@ APR_DECLARE(apr_size_t) apr_shm_size_get(const apr_shm_t *m) return m->reqsize; } +APR_PERMS_SET_IMPLEMENT(shm) +{ +#if APR_USE_SHMEM_SHMGET || APR_USE_SHMEM_SHMGET_ANON + struct shmid_ds shmbuf; + int shmid; + apr_shm_t *m = (apr_shm_t *)theshm; + + if ((shmid = shmget(m->shmkey, 0, SHM_R | SHM_W)) == -1) { + return errno; + } + shmbuf.shm_perm.uid = uid; + shmbuf.shm_perm.gid = gid; + shmbuf.shm_perm.mode = apr_unix_perms2mode(perms); + if (shmctl(shmid, IPC_SET, &shmbuf) == -1) { + return errno; + } + return APR_SUCCESS; +#else + return APR_ENOTIMPL; +#endif +} + APR_POOL_IMPLEMENT_ACCESSOR(shm) APR_DECLARE(apr_status_t) apr_os_shm_get(apr_os_shm_t *osshm, diff --git a/shmem/win32/shm.c b/shmem/win32/shm.c index 85926ab7e..117e4c81f 100644 --- a/shmem/win32/shm.c +++ b/shmem/win32/shm.c @@ -281,6 +281,8 @@ APR_DECLARE(apr_size_t) apr_shm_size_get(const apr_shm_t *m) return m->length; } +APR_PERMS_SET_ENOTIMPL(shm) + APR_POOL_IMPLEMENT_ACCESSOR(shm) APR_DECLARE(apr_status_t) apr_os_shm_get(apr_os_shm_t *osshm, diff --git a/strings/apr_cpystrn.c b/strings/apr_cpystrn.c index 6311c29f3..d6c98f7e9 100644 --- a/strings/apr_cpystrn.c +++ b/strings/apr_cpystrn.c @@ -38,6 +38,7 @@ * (3) Instead of returning the pointer to the beginning of * the destination string, we return a pointer to the * terminating '\0' to allow us to "check" for truncation + * (4) If src is NULL, null terminate dst (empty string copy) * * apr_cpystrn() follows the same call structure as strncpy(). */ @@ -51,13 +52,15 @@ APR_DECLARE(char *) apr_cpystrn(char *dst, const char *src, apr_size_t dst_size) return (dst); } - d = dst; - end = dst + dst_size - 1; + if (src) { + d = dst; + end = dst + dst_size - 1; - for (; d < end; ++d, ++src) { - if (!(*d = *src)) { - return (d); - } + for (; d < end; ++d, ++src) { + if (!(*d = *src)) { + return (d); + } + } } *d = '\0'; /* always null terminate */ diff --git a/threadproc/beos/proc.c b/threadproc/beos/proc.c index 97c05a70a..e3698082f 100644 --- a/threadproc/beos/proc.c +++ b/threadproc/beos/proc.c @@ -444,3 +444,11 @@ APR_DECLARE(apr_status_t) apr_procattr_group_set(apr_procattr_t *attr, { return APR_ENOTIMPL; } + +APR_DECLARE(apr_status_t) apr_procattr_perms_set_register(apr_procattr_t *attr, + apr_perms_setfn_t *perms_set_fn, + void *data, + apr_fileperms_t perms) +{ + return APR_ENOTIMPL; +} diff --git a/threadproc/netware/proc.c b/threadproc/netware/proc.c index d2404a821..e5306f9d8 100644 --- a/threadproc/netware/proc.c +++ b/threadproc/netware/proc.c @@ -505,3 +505,11 @@ APR_DECLARE(apr_status_t) apr_procattr_group_set(apr_procattr_t *attr, /* Always return SUCCESS because NetWare threads don't run within a group */ return APR_SUCCESS; } + +APR_DECLARE(apr_status_t) apr_procattr_perms_set_register(apr_procattr_t *attr, + apr_perms_setfn_t *perms_set_fn, + void *data, + apr_fileperms_t perms) +{ + return APR_ENOTIMPL; +} diff --git a/threadproc/os2/proc.c b/threadproc/os2/proc.c index bae2785f0..96f76d699 100644 --- a/threadproc/os2/proc.c +++ b/threadproc/os2/proc.c @@ -662,3 +662,11 @@ APR_DECLARE(apr_status_t) apr_procattr_group_set(apr_procattr_t *attr, { return APR_ENOTIMPL; } + +APR_DECLARE(apr_status_t) apr_procattr_perms_set_register(apr_procattr_t *attr, + apr_perms_setfn_t *perms_set_fn, + void *data, + apr_fileperms_t perms) +{ + return APR_ENOTIMPL; +} diff --git a/threadproc/unix/proc.c b/threadproc/unix/proc.c index 3588a86b0..990307a8f 100644 --- a/threadproc/unix/proc.c +++ b/threadproc/unix/proc.c @@ -461,7 +461,19 @@ APR_DECLARE(apr_status_t) apr_proc_create(apr_proc_t *new, _exit(-1); /* We have big problems, the child should exit. */ } } - + if (!geteuid()) { + apr_procattr_pscb_t *c = attr->perms_set_callbacks; + + while (c) { + apr_status_t r; + r = (*c->perms_set_fn)((void *)c->data, c->perms, + attr->uid, attr->gid); + if (r != APR_SUCCESS || r != APR_ENOTIMPL) { + _exit(-1); + } + c = c->next; + } + } /* Only try to switch if we are running as root */ if (attr->gid != -1 && !geteuid()) { if (setgid(attr->gid)) { @@ -709,3 +721,20 @@ APR_DECLARE(apr_status_t) apr_procattr_limit_set(apr_procattr_t *attr, } #endif /* APR_HAVE_STRUCT_RLIMIT */ +APR_DECLARE(apr_status_t) apr_procattr_perms_set_register(apr_procattr_t *attr, + apr_perms_setfn_t *perms_set_fn, + void *data, + apr_fileperms_t perms) +{ + apr_procattr_pscb_t *c; + + c = apr_palloc(attr->pool, sizeof(apr_procattr_pscb_t)); + c->data = data; + c->perms = perms; + c->perms_set_fn = perms_set_fn; + c->next = attr->perms_set_callbacks; + attr->perms_set_callbacks = c; + + return APR_SUCCESS; +} + diff --git a/threadproc/win32/proc.c b/threadproc/win32/proc.c index 79a2fd167..08ea918a0 100644 --- a/threadproc/win32/proc.c +++ b/threadproc/win32/proc.c @@ -1147,3 +1147,11 @@ APR_DECLARE(apr_status_t) apr_proc_detach(int daemonize) { return APR_ENOTIMPL; } + +APR_DECLARE(apr_status_t) apr_procattr_perms_set_register(apr_procattr_t *attr, + apr_perms_setfn_t *perms_set_fn, + void *data, + apr_fileperms_t perms) +{ + return APR_ENOTIMPL; +} |