summaryrefslogtreecommitdiffstats
path: root/debian/patches/suexec-custom.patch
blob: 9c7a7322f73662960ea4e0c85932b9dc4398588c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
Description: the actual patch to make suexec-custom read a config file
Forwarded: not-needed
Author: Stefan Fritsch <sf@debian.org>
Last-Update: 2018-07-17
diff --git a/support/suexec-custom.c b/support/suexec-custom.c
index f3811a97..30bb644b 100644
--- a/support/suexec-custom.c
+++ b/support/suexec-custom.c
@@ -29,6 +29,7 @@
  *
  *
  */
+#define SUEXEC_CONFIG_DIR "/etc/apache2/suexec/"
 
 #include "apr.h"
 #include "ap_config.h"
@@ -39,6 +40,7 @@
 #include <sys/types.h>
 #include <string.h>
 #include <time.h>
+#include <ctype.h>
 #if APR_HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@@ -222,6 +224,26 @@ static void log_no_err(const char *fmt,...)
     return;
 }
 
+static int read_line(char *buf, FILE *file) {
+    char *p;
+    p = fgets(buf, AP_MAXPATH+1, file);
+    if (!p) return 0;
+    if (*p == '\0') return 1;
+
+    p = buf;
+    while (*p)
+        p++;
+    p--;
+
+    /* remove trailing space and slash */
+    while ( isspace(*p) && p >= buf )
+        *p-- = '\0';
+    while ( *p == '/' && p >= buf )
+        *p-- = '\0';
+
+    return 1;
+}
+
 static void clean_env(void)
 {
     char pathbuf[512];
@@ -288,6 +310,11 @@ int main(int argc, char *argv[])
     struct stat dir_info;   /* directory info holder     */
     struct stat prg_info;   /* program info holder       */
     int cwdh;               /* handle to cwd             */
+    char *suexec_docroot        = NULL;
+    char *suexec_userdir_suffix = NULL;
+    char *filename              = NULL;
+    FILE *configfile;
+
 
     /*
      * Start with a "clean" environment
@@ -317,15 +344,10 @@ int main(int argc, char *argv[])
             || (! strcmp(AP_HTTPD_USER, pw->pw_name)))
 #endif /* _OSD_POSIX */
         ) {
-#ifdef AP_DOC_ROOT
-        fprintf(stderr, " -D AP_DOC_ROOT=\"%s\"\n", AP_DOC_ROOT);
-#endif
+        fprintf(stderr, " -D SUEXEC_CONFIG_DIR=%s\n", SUEXEC_CONFIG_DIR);
 #ifdef AP_GID_MIN
         fprintf(stderr, " -D AP_GID_MIN=%d\n", AP_GID_MIN);
 #endif
-#ifdef AP_HTTPD_USER
-        fprintf(stderr, " -D AP_HTTPD_USER=\"%s\"\n", AP_HTTPD_USER);
-#endif
 #if defined(AP_LOG_SYSLOG)
         fprintf(stderr, " -D AP_LOG_SYSLOG\n");
 #elif defined(AP_LOG_EXEC)
@@ -339,9 +361,6 @@ int main(int argc, char *argv[])
 #endif
 #ifdef AP_UID_MIN
         fprintf(stderr, " -D AP_UID_MIN=%d\n", AP_UID_MIN);
-#endif
-#ifdef AP_USERDIR_SUFFIX
-        fprintf(stderr, " -D AP_USERDIR_SUFFIX=\"%s\"\n", AP_USERDIR_SUFFIX);
 #endif
         exit(0);
     }
@@ -357,23 +376,6 @@ int main(int argc, char *argv[])
     target_gname = argv[2];
     cmd = argv[3];
 
-    /*
-     * Check to see if the user running this program
-     * is the user allowed to do so as defined in
-     * suexec.h.  If not the allowed user, error out.
-     */
-#ifdef _OSD_POSIX
-    /* User name comparisons are case insensitive on BS2000/OSD */
-    if (strcasecmp(AP_HTTPD_USER, pw->pw_name)) {
-        log_err("user mismatch (%s instead of %s)\n", pw->pw_name, AP_HTTPD_USER);
-        exit(103);
-    }
-#else  /*_OSD_POSIX*/
-    if (strcmp(AP_HTTPD_USER, pw->pw_name)) {
-        log_err("user mismatch (%s instead of %s)\n", pw->pw_name, AP_HTTPD_USER);
-        exit(103);
-    }
-#endif /*_OSD_POSIX*/
 
     /*
      * Check for a leading '/' (absolute path) in the command to be executed,
@@ -397,6 +399,59 @@ int main(int argc, char *argv[])
         userdir = 1;
     }
 
+    /*
+     * Check to see if the user running this program
+     * is the user allowed to do so as defined in
+     * SUEXEC_CONFIG_DIR/username
+     * If not, error out.
+     */
+    suexec_docroot = malloc(AP_MAXPATH+1);
+    suexec_userdir_suffix = malloc(AP_MAXPATH+1);
+    if (!suexec_docroot || !suexec_userdir_suffix ||
+        asprintf(&filename, SUEXEC_CONFIG_DIR "%s", pw->pw_name) == -1) {
+        log_err("malloc failed\n");
+        exit(120);
+    }
+
+    configfile = fopen(filename, "r");
+    if (!configfile) {
+        log_err("User %s not allowed: Could not open config file %s\n", pw->pw_name, filename);
+        exit(123);
+    }
+
+    if (!read_line(suexec_docroot, configfile)) {
+        log_err("Could not read docroot from %s\n", filename);
+        exit(124);
+    }
+
+    if (!read_line(suexec_userdir_suffix, configfile)) {
+        log_err("Could not read userdir suffix from %s\n", filename);
+        exit(125);
+    }
+
+    fclose(configfile);
+
+    if (userdir) {
+        if ( !isalnum(*suexec_userdir_suffix) && suexec_userdir_suffix[0] != '.') {
+            log_err("userdir suffix disabled in %s\n", filename);
+            exit(126);
+        }
+    }
+    else {
+            if (suexec_docroot[0] != '/') {
+                log_err("docroot disabled in %s\n", filename);
+                exit(127);
+            }
+
+            if (suexec_docroot[1] == '/' ||
+            suexec_docroot[1] == '.' ||
+            suexec_docroot[1] == '\0' )
+            {
+                log_err("invalid docroot %s in %s\n", suexec_docroot, filename);
+                exit(128);
+            }
+    }
+
     /*
      * Error out if the target username is invalid.
      */
@@ -538,7 +593,7 @@ int main(int argc, char *argv[])
 
     if (userdir) {
         if (((chdir(target_homedir)) != 0) ||
-            ((chdir(AP_USERDIR_SUFFIX)) != 0) ||
+            ((chdir(suexec_userdir_suffix)) != 0) ||
             ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
             ((fchdir(cwdh)) != 0)) {
             log_err("cannot get docroot information (%s)\n", target_homedir);
@@ -546,7 +601,7 @@ int main(int argc, char *argv[])
         }
     }
     else {
-        if (((chdir(AP_DOC_ROOT)) != 0) ||
+        if (((chdir(suexec_docroot)) != 0) ||
             ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
             ((fchdir(cwdh)) != 0)) {
             log_err("cannot get docroot information (%s)\n", AP_DOC_ROOT);