Commit 542a8ecb authored by Joe Orton's avatar Joe Orton
Browse files

Merge r1664565 from trunk: 

*) mod_rewrite: Add support for starting External Rewriting Programs
   as non-root user on UNIX systems by specifying username and group name
   as third argument of RewriteMap directive.

Submitted by: jkaluza
Reviewed by: jorton, wrowe, ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1811748 13f79535-47bb-0310-9956-ffa450edef68
parent 85189e49

CHANGES

+4 −0
Original line number Diff line number Diff line 
                                                         -*- coding: utf-8 -*-

Changes with Apache 2.4.29



  *) mod_rewrite: Add support for starting External Rewriting Programs

     as non-root user on UNIX systems by specifying username and group

     name as third argument of RewriteMap directive.  [Jan Kaluza]



  *) core: Rewrite the Content-Length filter to avoid excessive memory

     consumption. Chunked responses will be generated in more cases

     than in previous releases.  PR 61222.  [Joe Orton, Ruediger Pluem]

docs/manual/rewrite/rewritemap.xml

+6 −1
Original line number Diff line number Diff line
@@ -366,6 +366,11 @@ by many requests. 
    module="mod_rewrite">RewriteEngine</directive> set to

    <code>on</code>.</p>



    <p>By default, external rewriting programs are started as root.

    This can be changed on UNIX systems by passing user name and

    group name as third argument to <directive module="mod_rewrite">

    RewriteMap</directive> in the <code>username:groupname</code> format.</p>



    <p>This feature utilizes the <code>rewrite-map</code> mutex,

    which is required for reliable communication with the program.

    The mutex mechanism and lock file can be configured with the
@@ -376,7 +381,7 @@ by many requests. 


    <p><strong>Rewrite configuration</strong></p>

    <highlight language="config">

RewriteMap d2u "prg:/www/bin/dash2under.pl"

RewriteMap d2u "prg:/www/bin/dash2under.pl" apache:apache

RewriteRule "-" "${d2u:%{REQUEST_URI}}"

    </highlight>

modules/mappers/mod_rewrite.c

+14 −3
Original line number Diff line number Diff line
@@ -265,6 +265,8 @@ typedef struct { 
    const char *dbdq;              /* SQL SELECT statement for rewritemap */

    const char *checkfile2;        /* filename to check for map existence

                                      NULL if only one file               */

    const char *user;              /* run RewriteMap program as this user */

    const char *group;             /* run RewriteMap program as this group */

} rewritemap_entry;



/* special pattern types for RewriteCond */
@@ -1191,6 +1193,7 @@ static void rewrite_child_errfn(apr_pool_t *p, apr_status_t err, 


static apr_status_t rewritemap_program_child(apr_pool_t *p,

                                             const char *progname, char **argv,

                                             const char *user, const char *group,

                                             apr_file_t **fpout,

                                             apr_file_t **fpin)

{
@@ -1203,6 +1206,8 @@ static apr_status_t rewritemap_program_child(apr_pool_t *p, 
                                                  APR_FULL_BLOCK, APR_NO_PIPE))

        && APR_SUCCESS == (rc=apr_procattr_dir_set(procattr,

                                             ap_make_dirstr_parent(p, argv[0])))

        && (!user || APR_SUCCESS == (rc=apr_procattr_user_set(procattr, user, "")))

        && (!group || APR_SUCCESS == (rc=apr_procattr_group_set(procattr, group)))

        && APR_SUCCESS == (rc=apr_procattr_cmdtype_set(procattr, APR_PROGRAM))

        && APR_SUCCESS == (rc=apr_procattr_child_errfn_set(procattr,

                                                           rewrite_child_errfn))
@@ -1260,6 +1265,7 @@ static apr_status_t run_rewritemap_programs(server_rec *s, apr_pool_t *p) 
        }



        rc = rewritemap_program_child(p, map->argv[0], map->argv,

                                      map->user, map->group,

                                      &fpout, &fpin);

        if (rc != APR_SUCCESS || fpin == NULL || fpout == NULL) {

            ap_log_error(APLOG_MARK, APLOG_ERR, rc, s, APLOGNO(00654)
@@ -3048,7 +3054,7 @@ static const char *cmd_rewriteoptions(cmd_parms *cmd, 
}



static const char *cmd_rewritemap(cmd_parms *cmd, void *dconf, const char *a1,

                                  const char *a2)

                                  const char *a2, const char *a3)

{

    rewrite_server_conf *sconf;

    rewritemap_entry *newmap;
@@ -3154,6 +3160,11 @@ static const char *cmd_rewritemap(cmd_parms *cmd, void *dconf, const char *a1, 


        newmap->type      = MAPTYPE_PRG;

        newmap->checkfile = newmap->argv[0];

        if (a3) {

            char *tok_cntx;

            newmap->user = apr_strtok(apr_pstrdup(cmd->pool, a3), ":", &tok_cntx);

            newmap->group = apr_strtok(NULL, ":", &tok_cntx);

        }

    }

    else if (strncasecmp(a2, "int:", 4) == 0) {

        newmap->type      = MAPTYPE_INT;
@@ -5265,8 +5276,8 @@ static const command_rec command_table[] = { 
                     "an input string and a to be applied regexp-pattern"),

    AP_INIT_RAW_ARGS("RewriteRule",     cmd_rewriterule,     NULL, OR_FILEINFO,

                     "an URL-applied regexp-pattern and a substitution URL"),

    AP_INIT_TAKE2(   "RewriteMap",      cmd_rewritemap,      NULL, RSRC_CONF,

                     "a mapname and a filename"),

    AP_INIT_TAKE23(   "RewriteMap",      cmd_rewritemap,      NULL, RSRC_CONF,

                     "a mapname and a filename and options"),

    { NULL }

};