mod_cgid.c revision 17bdb8862482dff763afd4d86a58de533afff4ca
8a77240a809197c92c0736c431b4b88947a7bac1Christian Maeder/* ====================================================================
8a77240a809197c92c0736c431b4b88947a7bac1Christian Maeder * The Apache Software License, Version 1.1
adea2e45fa61f1097aadc490a0aeaf4831b729ccChristian Maeder * Copyright (c) 2000-2001 The Apache Software Foundation. All rights
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * Redistribution and use in source and binary forms, with or without
98890889ffb2e8f6f722b00e265a211f13b5a861Corneliu-Claudiu Prodescu * modification, are permitted provided that the following conditions
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * 1. Redistributions of source code must retain the above copyright
f3a94a197960e548ecd6520bb768cb0d547457bbChristian Maeder * notice, this list of conditions and the following disclaimer.
0095c7efbddd0ffeed6aaf8ec015346be161d819Till Mossakowski * 2. Redistributions in binary form must reproduce the above copyright
adea2e45fa61f1097aadc490a0aeaf4831b729ccChristian Maeder * notice, this list of conditions and the following disclaimer in
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * the documentation and/or other materials provided with the
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * distribution.
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * 3. The end-user documentation included with the redistribution,
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * if any, must include the following acknowledgment:
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * "This product includes software developed by the
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * Apache Software Foundation (http://www.apache.org/)."
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * Alternately, this acknowledgment may appear in the software itself,
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * if and wherever such third-party acknowledgments normally appear.
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * 4. The names "Apache" and "Apache Software Foundation" must
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * not be used to endorse or promote products derived from this
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * software without prior written permission. For written
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * permission, please contact apache@apache.org.
cf31aaf25d0fe96b0578755e7ee18b732e337343Christian Maeder * 5. Products derived from this software may not be called "Apache",
ef9e8535c168d3f774d9e74368a2317a9eda5826Christian Maeder * nor may "Apache" appear in their name, without prior written
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * permission of the Apache Software Foundation.
d3c9318c22fcf44d9135a3b2c64f880b9a785babChristian Maeder * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
adea2e45fa61f1097aadc490a0aeaf4831b729ccChristian Maeder * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * SUCH DAMAGE.
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * ====================================================================
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * This software consists of voluntary contributions made by many
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * individuals on behalf of the Apache Software Foundation. For more
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * information on the Apache Software Foundation, please see
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * Portions of this software are based upon public domain software
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * originally written at the National Center for Supercomputing Applications,
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * University of Illinois, Urbana-Champaign.
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * http_script: keeps all script-related ramblings together.
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * Compliant to cgi/1.1 spec
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * Adapted by rst from original NCSA code by Rob McCool
adea2e45fa61f1097aadc490a0aeaf4831b729ccChristian Maeder * Apache adds some new env vars; REDIRECT_URL and REDIRECT_QUERY_STRING for
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * custom error responses, and DOCUMENT_ROOT because we found it useful.
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * It also adds SERVER_ADMIN - useful for scripts to know who to mail when
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski/* ### should be tossed in favor of APR */
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maederstatic void cgid_init(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *main_server);
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowskistatic int handle_exec(include_ctx_t *ctx, apr_bucket_brigade **bb, request_rec *r,
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski ap_filter_t *f, apr_bucket *head_ptr, apr_bucket **inserted_head);
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowskistatic APR_OPTIONAL_FN_TYPE(ap_register_include_handler) *cgid_pfn_reg_with_ssi;
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maederstatic APR_OPTIONAL_FN_TYPE(ap_ssi_get_tag_and_value) *cgid_pfn_gtv;
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowskistatic APR_OPTIONAL_FN_TYPE(ap_ssi_parse_string) *cgid_pfn_ps;
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski/* KLUDGE --- for back-combatibility, we don't have to check Execcgid
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * in ScriptAliased directories, which means we need to know if this
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * request came through ScriptAlias or not... so the Alias module
df11e5eab86d8247f58e301d8f0a2c6ecf4c9541Till Mossakowski * leaves a note for us.
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder const char *t = apr_table_get(r->notes, "alias-forced-type");
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder return t && (!strcasecmp(t, "cgi-script"));
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder/* Configuration stuff */
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder/* DEFAULT_CGID_LISTENBACKLOG controls the max depth on the unix socket's
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * pending connection queue. If a bunch of cgi requests arrive at about
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * the same time, connections from httpd threads/processes will back up
a98fd29a06e80e447af26d898044c23497adbc73Mihai Codescu * in the queue while the cgid process slowly forks off a child to process
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * each connection on the unix socket. If the queue is too short, the
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * httpd process will get ECONNREFUSED when trying to connect.
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maedertypedef struct {
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder/* If a request includes query info in the URL (stuff after "?"), and
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * the query info does not contain "=" (indicative of a FORM submission),
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * then this routine is called to create the argument list to be passed
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * to the CGI script. When suexec is enabled, the suexec path, user, and
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * group are the first three arguments to be passed; if not, all three
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * must be NULL. The query info is split into separate arguments, where
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * "+" is the separator between keyword arguments.
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * XXXX: note that the WIN32 code uses one of the suexec strings
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * to pass an interpreter name. Remember this if changing the way they
4d7d53fec6b551333c79da6ae3b8ca2af0a741abChristian Maeder * are handled in create_argv.
3e8b136f23ed57d40ee617f49bcac37830b58cabChristian Maederstatic char **create_argv(apr_pool_t *p, char *path, char *user, char *group,
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder /* count the number of keywords */
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder numwords = APACHE_ARG_MAX - 5; /* Truncate args to prevent overrun */
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder av = (char **) apr_pcalloc(p, (numwords + 5) * sizeof(char *));
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maederstatic void cgid_maint(int reason, void *data, apr_wait_t status)
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder /* don't do anything; server is stopping or restarting */
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder /* it would be better to restart just the cgid child
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * process but for now we'll gracefully restart the entire
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * server by sending AP_SIG_GRACEFUL to ourself, the httpd
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * parent process
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder /* we get here when pcgi is cleaned up; pcgi gets cleaned
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder * up when pconf gets cleaned up
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maederstatic void get_req(int fd, request_rec *r, char **argv0, char ***env, int *req_type)
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder unsigned char *data;
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder module *suexec_mod = ap_find_linked_module("mod_suexec.c");
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder r->server = apr_pcalloc(r->pool, sizeof(server_rec));
c911a0ec80ca4a178399c68f1e28be4e2bf42fceChristian Maeder data = apr_pcalloc(r->pool, len + 1); /* get a cleared byte for final '\0' */
c911a0ec80ca4a178399c68f1e28be4e2bf42fceChristian Maeder r->filename = ap_getword(r->pool, (const char **)&data, '\n');
c911a0ec80ca4a178399c68f1e28be4e2bf42fceChristian Maeder *argv0 = ap_getword(r->pool, (const char **)&data, '\n');
c911a0ec80ca4a178399c68f1e28be4e2bf42fceChristian Maeder r->uri = ap_getword(r->pool, (const char **)&data, '\n');
c911a0ec80ca4a178399c68f1e28be4e2bf42fceChristian Maeder environ = apr_pcalloc(r->pool, (j + 2) *sizeof(char *));
c911a0ec80ca4a178399c68f1e28be4e2bf42fceChristian Maeder for (i = 0; i < j; i++) {
c911a0ec80ca4a178399c68f1e28be4e2bf42fceChristian Maeder environ[i] = ap_getword(r->pool, (const char **)&data, '\n');
c911a0ec80ca4a178399c68f1e28be4e2bf42fceChristian Maeder r->args = ap_getword(r->pool, (const char **)&data, '\n');
4ef5e33657aae95850b7e6941f67ac1fb73cd13fChristian Maeder /* add 1, so that if i == 0, we still malloc something. */
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder dconf = (void **) apr_pcalloc(r->pool, sizeof(void *) * (total_modules + DYNAMIC_MODULE_LIMIT));
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder temp_core = (core_dir_config *)apr_palloc(r->pool, sizeof(core_module));
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder suexec_config_t *suexec_cfg = apr_pcalloc(r->pool, sizeof(*suexec_cfg));
e8eb2b9d68adc3024eb1aa9899b902ed5a3fb460Christian Maeder read(fd, &suexec_cfg->ugid.uid, sizeof(uid_t));
e8eb2b9d68adc3024eb1aa9899b902ed5a3fb460Christian Maeder read(fd, &suexec_cfg->ugid.gid, sizeof(gid_t));
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder read(fd, &suexec_cfg->active, sizeof(int));
09b431a868c79a92ae7c9bd141565f43f9034144Christian Maeder r->per_dir_config = (ap_conf_vector_t *)dconf;
c40a1fdc8ec6978bd27240d6780d0e0a7b6b0056Dominik Luecke temp_core->limit_cpu = (struct rlimit *)apr_palloc (sizeof(struct rlimit));
cd6e5706893519bfcf24539afa252fcbed5097ddKlaus Luettich read(fd, temp_core->limit_cpu, sizeof(struct rlimit));
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder#if defined (RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined(RLIMIT_AS)
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder temp_core->limit_mem = (struct rlimit *)apr_palloc(r->pool, sizeof(struct rlimit));
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder read(fd, temp_core->limit_mem, sizeof(struct rlimit));
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder temp_core->limit_nproc = (struct rlimit *)apr_palloc(r->pool, sizeof(struct rlimit));
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder read(fd, temp_core->limit_nproc, sizeof(struct rlimit));
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder /* For right now, just make the notes table. At some point we will need
556f473448dfcceee22afaa89ed7a364489cdbbbChristian Maeder * to actually fill this out, but for now we just don't want suexec to
char *data;
NULL);
for (i =0; env[i]; i++) {
for (i = 0; env[i]; i++) {
if (suexec_mod) {
#ifdef RLIMIT_CPU
len = 0;
len = 0;
#ifdef RLIMIT_NPROC
len = 0;
&cgid_module);
return errno;
if (rc < 0) {
return errno;
return errno;
if (!geteuid()) {
return errno;
char *argv0;
char **env;
const char * const *argv;
request_rec *r;
if (sd2 < 0) {
(const char * const *)env,
void *data;
int first_time = 0;
module **m;
if (!data) {
if (!first_time) {
total_modules = 0;
else if (pid == 0) {
cgid_server_conf *c =
&cgid_module);
return NULL;
&cgid_module);
return NULL;
&cgid_module);
return NULL;
&cgid_module);
return NULL;
{NULL}
return ret;
apr_file_close(f);
return ret;
if (script_err) {
return ret;
&& *dbuf) {
if (script_err) {
if (script_err) {
apr_file_close(f);
return ret;
apr_bucket *b;
int is_included;
int sd;
char **env;
return DECLINED;
return DECLINED;
argv0++;
argv0++;
ap_add_cgi_vars(r);
return retval;
argv0++;
if (ap_should_client_block(r)) {
dbpos = 0;
while ((len_read =
if (!nph) {
const char *location;
int ret;
return OK;
return HTTP_MOVED_TEMPORARILY;
if (!r->header_only) {
b = apr_bucket_eos_create();
if (nph) {
b = apr_bucket_eos_create();
int rr_status;
if (r->args) {
char **env;
const char *location;
int sd;
int retval;
apr_bucket *b;
&cgid_module);
return rc;
return retval;
return OK;
return HTTP_MOVED_TEMPORARILY;
if (!r->header_only) {
return retval;