diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:01:30 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:01:30 +0000 |
commit | 6beeb1b708550be0d4a53b272283e17e5e35fe17 (patch) | |
tree | 1ce8673d4aaa948e5554000101f46536a1e4cc29 /modules/md/mod_md_os.c | |
parent | Initial commit. (diff) | |
download | apache2-upstream.tar.xz apache2-upstream.zip |
Adding upstream version 2.4.57.upstream/2.4.57upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'modules/md/mod_md_os.c')
-rw-r--r-- | modules/md/mod_md_os.c | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/modules/md/mod_md_os.c b/modules/md/mod_md_os.c new file mode 100644 index 0000000..06a5bee --- /dev/null +++ b/modules/md/mod_md_os.c @@ -0,0 +1,88 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <assert.h> +#include <apr_strings.h> + +#include <mpm_common.h> +#include <httpd.h> +#include <http_log.h> +#include <ap_mpm.h> + +#if APR_HAVE_UNISTD_H +#include <unistd.h> +#endif +#if AP_NEED_SET_MUTEX_PERMS +#include "unixd.h" +#endif + +#include "md_util.h" +#include "mod_md_os.h" + +apr_status_t md_try_chown(const char *fname, unsigned int uid, int gid, apr_pool_t *p) +{ +#if AP_NEED_SET_MUTEX_PERMS && HAVE_UNISTD_H + /* Since we only switch user when running as root, we only need to chown directories + * in that case. Otherwise, the server will ignore any "user/group" directives and + * child processes have the same privileges as the parent. + */ + if (!geteuid()) { + if (-1 == chown(fname, (uid_t)uid, (gid_t)gid)) { + apr_status_t rv = APR_FROM_OS_ERROR(errno); + if (!APR_STATUS_IS_ENOENT(rv)) { + ap_log_perror(APLOG_MARK, APLOG_ERR, rv, p, APLOGNO(10082) + "Can't change owner of %s", fname); + } + return rv; + } + } + return APR_SUCCESS; +#else + return APR_ENOTIMPL; +#endif +} + +apr_status_t md_make_worker_accessible(const char *fname, apr_pool_t *p) +{ +#ifdef WIN32 + return APR_ENOTIMPL; +#else + return md_try_chown(fname, ap_unixd_config.user_id, -1, p); +#endif +} + +#ifdef WIN32 + +apr_status_t md_server_graceful(apr_pool_t *p, server_rec *s) +{ + return APR_ENOTIMPL; +} + +#else + +apr_status_t md_server_graceful(apr_pool_t *p, server_rec *s) +{ + apr_status_t rv; + + (void)p; + (void)s; + rv = (kill(getppid(), AP_SIG_GRACEFUL) < 0)? APR_ENOTIMPL : APR_SUCCESS; + ap_log_error(APLOG_MARK, APLOG_TRACE1, errno, NULL, "sent signal to parent"); + return rv; +} + +#endif + |