From 5f3232bdf5ca5608de0dbec04afc283ab1f9aa9a Mon Sep 17 00:00:00 2001 From: robs Date: Tue, 4 Feb 2003 00:54:11 +0000 Subject: [PATCH] Prevent the use of all but the "auth" directives from being used anywhere but in global scope. Prevent more than one instance of the FastCgiWrapper directive. --- CHANGES | 4 ++++ fcgi_config.c | 46 +++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 45 insertions(+), 5 deletions(-) diff --git a/CHANGES b/CHANGES index ea3aa27..550fdad 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,9 @@ 2.4.1 + *) Prevent the use of all but the "auth" directives from being used + anywhere but in global scope. Prevent more than one instance + of the FastCgiWrapper directive. + *) Return NOT_FOUND (404) or FORBIDDEN (403) instead of INTERNAL_SERVER_ERROR (500) when there are configuration issues or the script does't exist. Suggested by Jeff Lawson [bovine@ud.com]. diff --git a/fcgi_config.c b/fcgi_config.c index 210e9c5..3fd198a 100644 --- a/fcgi_config.c +++ b/fcgi_config.c @@ -1,5 +1,5 @@ /* - * $Id: fcgi_config.c,v 1.46 2002/12/23 03:13:15 robs Exp $ + * $Id: fcgi_config.c,v 1.47 2003/02/04 00:54:11 robs Exp $ */ #define CORE_PRIVATE @@ -373,7 +373,7 @@ const char *fcgi_config_make_dir(pool *tp, char *path) * Create a "dynamic" subdirectory. If the directory * already exists we don't mess with it unless 'wax' is set. */ -#ifndef WIN32 +#ifndef WIN32 const char *fcgi_config_make_dynamic_dir(pool *p, const int wax) { const char *err; @@ -441,7 +441,7 @@ const char *fcgi_config_make_dynamic_dir(pool *p, const int wax) return NULL; } -#endif +#endif /******************************************************************************* * Change the directory used for the Unix/Domain sockets from the default. @@ -454,6 +454,12 @@ const char *fcgi_config_set_socket_dir(cmd_parms *cmd, void *dummy, const char * const char *err; char * arg_nc; + err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + if (err) + { + return err; + } + if (fcgi_socket_dir) { return ap_psprintf(tp, "%s %s: already defined as \"%s\"", name, arg, fcgi_socket_dir); @@ -491,8 +497,8 @@ const char *fcgi_config_set_socket_dir(cmd_parms *cmd, void *dummy, const char * fcgi_socket_dir = arg_nc; -#ifdef WIN32 - fcgi_dynamic_dir = ap_pstrcat(cmd->pool, fcgi_socket_dir, "dynamic", NULL); +#ifdef WIN32 + fcgi_dynamic_dir = ap_pstrcat(cmd->pool, fcgi_socket_dir, "dynamic", NULL); #else err = fcgi_config_make_dir(tp, fcgi_socket_dir); if (err != NULL) @@ -522,6 +528,18 @@ const char *fcgi_config_set_wrapper(cmd_parms *cmd, void *dummy, const char *arg pool * const tp = cmd->temp_pool; char * wrapper = NULL; + err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + if (err) + { + return err; + } + + if (fcgi_wrapper) + { + return ap_psprintf(tp, "%s was already set to \"%s\"", + name, fcgi_wrapper); + } + err = fcgi_config_set_fcgi_uid_n_gid(1); if (err != NULL) return ap_psprintf(tp, "%s %s: %s", name, arg, err); @@ -585,6 +603,12 @@ const char *fcgi_config_new_static_server(cmd_parms *cmd, void *dummy, const cha HANDLE mutex; #endif + err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + if (err) + { + return err; + } + if (*fs_path == '\0') return "AppClass requires a pathname!?"; @@ -822,6 +846,12 @@ const char *fcgi_config_new_external_server(cmd_parms *cmd, void *dummy, const c char *fs_path = ap_getword_conf(p, &arg); const char *option, *err; + err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + if (err) + { + return err; + } + if (!*fs_path) { return ap_pstrcat(tp, name, " requires a path and either a -socket or -host option", NULL); } @@ -1009,6 +1039,12 @@ const char *fcgi_config_set_config(cmd_parms *cmd, void *dummy, const char *arg) unsigned int envc = 0; char **envp = (char **)ap_pcalloc(tp, sizeof(char *) * (MAX_INIT_ENV_VARS + 3)); + err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + if (err) + { + return err; + } + /* Parse the directive arguments */ while (*arg) { option = ap_getword_conf(tp, &arg); -- 2.11.4.GIT