Changeset 1146 for branches/fc11-dev/server/common/patches/httpd-suexec-scripts.patch

Timestamp:

Jun 3, 2009, 6:46:03 AM (16 years ago)

Author:

mitchb

Message:

Version, context, etc. fixups to build Apache on Fedora 11

File:

• branches/fc11-dev/server/common/patches/httpd-suexec-scripts.patch (modified) (14 diffs)

branches/fc11-dev/server/common/patches/httpd-suexec-scripts.patch

@@ -45 +45 @@
  APACHE_HELP_STRING(--with-suexec-docroot,SuExec root directory),[
    AC_DEFINE_UNQUOTED(AP_DOC_ROOT, "$withval", [SuExec root directory] ) ] )
---- httpd-2.2.2/support/suexec.c.old    2006-04-21 21:53:06.000000000 -0400
-+++ httpd-2.2.2/support/suexec.c        2007-05-22 10:32:04.000000000 -0400
+--- httpd-2.2.11/support/suexec.c.old   2008-11-30 10:47:31.000000000 -0500
++++ httpd-2.2.11/support/suexec.c       2009-06-03 05:16:45.000000000 -0400
 @@ -30,6 +30,9 @@
   *
@@ -57 +57 @@
  #include "ap_config.h"
  #include "suexec.h"
-@@ -46,6 +48,7 @@
+@@ -46,6 +49,7 @@
  #include <stdio.h>
  #include <stdarg.h>
@@ -65 +65 @@
  #ifdef HAVE_PWD_H
  #include <pwd.h>
-@@ -95,6 +98,7 @@
+@@ -95,6 +99,7 @@
  {
      /* variable name starts with */
@@ -141 +141 @@
      gid_t gid;              /* target group placeholder  */
      char *target_uname;     /* target user name          */
-@@ -350,6 +406,20 @@
+@@ -350,6 +413,20 @@
  #endif /*_OSD_POSIX*/
  
@@ -162 +162 @@
       * or attempts to back up out of the current directory,
       * to protect against attacks.  If any are
-@@ -371,6 +441,7 @@
+@@ -371,6 +448,7 @@
          userdir = 1;
      }
@@ -170 +170 @@
       * Error out if the target username is invalid.
       */
-@@ -450,7 +521,7 @@
+@@ -452,7 +530,7 @@
       * Error out if attempt is made to execute as root or as
       * a UID less than AP_UID_MIN.  Tsk tsk.
@@ -179 +179 @@
          exit(107);
      }
-@@ -482,6 +553,21 @@
+@@ -484,6 +562,21 @@
          log_err("failed to setuid (%ld: %s)\n", uid, cmd);
          exit(110);
@@ -201 +201 @@
      /*
       * Get the current working directory, as well as the proper
-@@ -504,6 +588,21 @@
+@@ -506,6 +599,21 @@
              log_err("cannot get docroot information (%s)\n", target_homedir);
              exit(112);
@@ -223 +223 @@
      else {
          if (((chdir(AP_DOC_ROOT)) != 0) ||
-@@ -530,15 +629,17 @@
+@@ -532,15 +640,17 @@
      /*
       * Error out if cwd is writable by others.
@@ -242 +242 @@
          exit(117);
      }
-@@ -546,10 +647,12 @@
+@@ -548,10 +658,12 @@
      /*
       * Error out if the program is writable by others.
@@ -255 +255 @@
      /*
       * Error out if the file is setuid or setgid.
-@@ -563,6 +666,7 @@
+@@ -565,6 +677,7 @@
       * Error out if the target name/group is different from
       * the name/group of the cwd or the program.
@@ -263 +263 @@
          (gid != dir_info.st_gid) ||
          (uid != prg_info.st_uid) ||
-@@ -574,12 +678,14 @@
+@@ -576,16 +689,33 @@
                  prg_info.st_uid, prg_info.st_gid);
          exit(120);
@@ -279 +279 @@
          exit(121);
      }
-@@ -606,6 +711,21 @@
-       exit(122);
-     }
  
 +    if (is_static_extension(cmd)) {
 +        argv[2] = STATIC_CAT_PATH;
 +        execv(STATIC_CAT_PATH, &argv[2]);
-+       log_err("(%d)%s: static_cat exec failed (%s)\n", errno, strerror(errno), argv[2]);
-+       exit(255);
++        log_err("(%d)%s: static_cat exec failed (%s)\n", errno, strerror(errno), argv[2]);
++        exit(255);
 +    }
 +    if (is_php_extension(cmd)) {
@@ -294 +291 @@
 +        argv[2] = "-f";
 +        execv(PHP_PATH, &argv[1]);
-+       log_err("(%d)%s: php exec failed (%s)\n", errno, strerror(errno), argv[2]);
-+       exit(255);
-+    }
-+
-     /*
-      * Execute the command, replacing our image with its own.
-      */
++        log_err("(%d)%s: php exec failed (%s)\n", errno, strerror(errno), argv[2]);
++        exit(255);
++    }
++
+ #ifdef AP_SUEXEC_UMASK
+     /*
+      * umask() uses inverse logic; bits are CLEAR for allowed access.