Commit 2640364d authored by Jeff Trawick's avatar Jeff Trawick
Browse files

mod_cgid: Catch configuration problem where two web server instances 

share same ServerRoot but admin forgot to use ScriptSock.

reviewed by: nd, stoddard


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@106408 13f79535-47bb-0310-9956-ffa450edef68
parent 81d8254b

CHANGES

+4 −0
Original line number Diff line number Diff line
@@ -2,6 +2,10 @@ Changes with Apache 2.1.2-dev 














  [Remove entries to the current 2.0 section below, when backported]



























  *) mod_cgid: Catch configuration problem where two web server instances













     share same ServerRoot but admin forgot to use ScriptSock.













     [Jeff Trawick]



























  *) mod_cgi: Ensure that all stderr is logged for a script which returns















     a Location header to generate a non-local redirect.  PR 20111.















     [Joe Orton]

































modules/generators/mod_cgid.c



+15
−0






























Original line number
Diff line number
Diff line








@@ -89,6 +89,7 @@ static int daemon_should_exit = 0;













static server_rec *root_server = NULL;















static apr_pool_t *root_pool = NULL;















static const char *sockname;













static pid_t parent_pid;































/* Read and discard the data in the brigade produced by a CGI script */















static void discard_script_output(apr_bucket_brigade *bb);










@@ -153,6 +154,9 @@ typedef struct {













                            * to find the script pid when it is time for that















                            * process to be cleaned up















                            */













    pid_t ppid;            /* sanity check for config problems leading to













                            * wrong cgid socket use













                            */















    int core_module_index;















    int have_suexec;















    int suexec_module_index;










@@ -439,6 +443,7 @@ static apr_status_t send_req(int fd, request_rec *r, char *argv0, char **env,













    apr_status_t stat;































    req.req_type = req_type;













    req.ppid = parent_pid;















    req.conn_id = r->connection->id;















    req.core_module_index = core_module.module_index;















    if (suexec_mod) {










@@ -667,6 +672,14 @@ static int cgid_server(void *data)













            continue;















        }





























        if (cgid_req.ppid != parent_pid) {













            ap_log_error(APLOG_MARK, APLOG_CRIT, 0, main_server,













                         "CGI request received from wrong server instance; "













                         "see ScriptSock directive");













            close(sd2);













            continue;













        }





























        if (cgid_req.req_type == GETPID_REQ) {















            pid_t pid;


























@@ -839,6 +852,7 @@ static int cgid_init(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp,













        for (m = ap_preloaded_modules; *m != NULL; m++)















            total_modules++;





























        parent_pid = getpid();















        sockname = ap_server_root_relative(p, sockname);















        ret = cgid_start(p, main_server, procnew);















        if (ret != OK ) {










@@ -1237,6 +1251,7 @@ static apr_status_t cleanup_script(void *vptr)













    /* we got a socket, and there is already a cleanup registered for it */































    req.req_type = GETPID_REQ;













    req.ppid = parent_pid;















    req.conn_id = info->r->connection->id;































    stat = sock_write(sd, &req, sizeof(req));