/[Apache-SVN]/httpd/httpd/trunk/modules/arch/unix/mod_privileges.c
ViewVC logotype

Diff of /httpd/httpd/trunk/modules/arch/unix/mod_privileges.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 771145, Sun May 3 23:04:02 2009 UTC revision 773968, Tue May 12 16:30:55 2009 UTC
# Line 29  Line 29 
29  /* TODO - get rid of unixd dependency */  /* TODO - get rid of unixd dependency */
30  #include "unixd.h"  #include "unixd.h"
31    
32  #define CFG_CHECK(x) if (x == -1) return strerror(errno);  #define CFG_CHECK(x) if ((x) == -1) { \
33        char msgbuf[128]; \
34        apr_strerror(errno, msgbuf, sizeof(msgbuf)); \
35        return apr_pstrdup(cmd->pool, msgbuf); \
36    }
37  #define CR_CHECK(x) if (x == -1) \  #define CR_CHECK(x) if (x == -1) \
38      ap_log_error(APLOG_MARK, APLOG_CRIT,0,0, \      ap_log_error(APLOG_MARK, APLOG_CRIT, errno, 0, \
39                   "Failed to initialise privileges: %s", strerror(errno))                   "Failed to initialise privileges")
40    
41  module AP_MODULE_DECLARE_DATA privileges_module;  module AP_MODULE_DECLARE_DATA privileges_module;
42    
# Line 161  static apr_status_t privileges_end_req(v Line 165  static apr_status_t privileges_end_req(v
165    
166      /* restore default privileges */      /* restore default privileges */
167      if (setppriv(PRIV_SET, PRIV_EFFECTIVE, priv_default) == -1) {      if (setppriv(PRIV_SET, PRIV_EFFECTIVE, priv_default) == -1) {
168          ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,          ap_log_rerror(APLOG_MARK, APLOG_ERR, errno, r,
169                        "Error restoring default privileges: %s", strerror(errno));                        "Error restoring default privileges");
170      }      }
171      return APR_SUCCESS;      return APR_SUCCESS;
172  }  }
# Line 271  static int privileges_req(request_rec *r Line 275  static int privileges_req(request_rec *r
275      }      }
276      /* set vhost's privileges */      /* set vhost's privileges */
277      if (setppriv(PRIV_SET, PRIV_EFFECTIVE, cfg->priv) == -1) {      if (setppriv(PRIV_SET, PRIV_EFFECTIVE, cfg->priv) == -1) {
278          ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,          ap_log_rerror(APLOG_MARK, APLOG_ERR, errno, r,
279                        "Error setting effective privileges: %s", strerror(errno));                        "Error setting effective privileges");
280          return HTTP_INTERNAL_SERVER_ERROR;          return HTTP_INTERNAL_SERVER_ERROR;
281      }      }
282    
283      /* ... including those of any subprocesses */      /* ... including those of any subprocesses */
284      if (setppriv(PRIV_SET, PRIV_INHERITABLE, cfg->child_priv) == -1) {      if (setppriv(PRIV_SET, PRIV_INHERITABLE, cfg->child_priv) == -1) {
285          ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,          ap_log_rerror(APLOG_MARK, APLOG_ERR, errno, r,
286                        "Error setting inheritable privileges: %s", strerror(errno));                        "Error setting inheritable privileges");
287          return HTTP_INTERNAL_SERVER_ERROR;          return HTTP_INTERNAL_SERVER_ERROR;
288      }      }
289      if (setppriv(PRIV_SET, PRIV_LIMIT, cfg->child_priv) == -1) {      if (setppriv(PRIV_SET, PRIV_LIMIT, cfg->child_priv) == -1) {
290          ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,          ap_log_rerror(APLOG_MARK, APLOG_ERR, errno, r,
291                        "Error setting limit privileges: %s", strerror(errno));                        "Error setting limit privileges");
292          return HTTP_INTERNAL_SERVER_ERROR;          return HTTP_INTERNAL_SERVER_ERROR;
293      }      }
294    
295      /* If we're in a child process, drop down PPERM too */      /* If we're in a child process, drop down PPERM too */
296      if (fork_req) {      if (fork_req) {
297          if (setppriv(PRIV_SET, PRIV_PERMITTED, cfg->priv) == -1) {          if (setppriv(PRIV_SET, PRIV_PERMITTED, cfg->priv) == -1) {
298              ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,              ap_log_rerror(APLOG_MARK, APLOG_ERR, errno, r,
299                            "Error setting permitted privileges: %s",                            "Error setting permitted privileges");
                           strerror(errno));  
300              return HTTP_INTERNAL_SERVER_ERROR;              return HTTP_INTERNAL_SERVER_ERROR;
301          }          }
302      }      }
# Line 301  static int privileges_req(request_rec *r Line 304  static int privileges_req(request_rec *r
304      return OK;      return OK;
305  }  }
306  #define PDROP_CHECK(x) if (x == -1) { \  #define PDROP_CHECK(x) if (x == -1) { \
307          ap_log_error(APLOG_MARK, APLOG_CRIT, 0, s, \          ap_log_error(APLOG_MARK, APLOG_CRIT, errno, s, \
308                       "Error dropping privileges: %s", strerror(errno)); \                       "Error dropping privileges"); \
309          return !OK; \          return !OK; \
310      }      }
311    
# Line 377  static int privileges_postconf(apr_pool_ Line 380  static int privileges_postconf(apr_pool_
380                                apr_pool_cleanup_null);                                apr_pool_cleanup_null);
381      priv_emptyset(priv_setid);      priv_emptyset(priv_setid);
382      if (priv_addset(priv_setid, PRIV_PROC_SETID) == -1) {      if (priv_addset(priv_setid, PRIV_PROC_SETID) == -1) {
383          ap_log_perror(APLOG_MARK, APLOG_CRIT, 0, ptemp,          ap_log_perror(APLOG_MARK, APLOG_CRIT, errno, ptemp,
384                        "priv_addset: %s", strerror(errno));                        "priv_addset");
385          return !OK;          return !OK;
386      }      }
387      return OK;      return OK;
Legend:
Removed from v.771145  
changed lines
  Added in v.773968
apache@apache.org
 ViewVC Help
Powered by ViewVC 1.1.2