From: Jeff Trawick <trawick@apache.org>
Date: Fri, 9 May 2008 10:57:46 +0000 (+0000)
Subject: backport from trunk:
X-Git-Tag: 2.2.9~199
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7a1a9bca46108dfaa76a634c0c9c80581c795c08;p=thirdparty%2Fapache%2Fhttpd.git

backport from trunk:

  *) mod_cgid: Explicitly set permissions of the socket (ScriptSock) shared by
     mod_cgid and request processing threads, for OS'es such as HPUX and AIX
     that do not use umask for AF_UNIX socket permissions.
     [Eric Covener, Jeff Trawick]

  *) mod_cgid: Don't try to restart the daemon if it fails to initialize
     the socket.  [Jeff Trawick]

Reviewed by: wrowe, covener, trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@654752 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 82cfd018fe9..101734028b6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,14 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.9
 
+  *) mod_cgid: Explicitly set permissions of the socket (ScriptSock) shared by
+     mod_cgid and request processing threads, for OS'es such as HPUX and AIX
+     that do not use umask for AF_UNIX socket permissions.
+     [Eric Covener, Jeff Trawick]
+
+  *) mod_cgid: Don't try to restart the daemon if it fails to initialize
+     the socket.  [Jeff Trawick]
+
   *) mod_log_config: Add format options for %p so that the actual local
      or remote port can be logged.  PR 43415.  [Adam Hasselbalch Hansen
      <ahh@one.com>, Ruediger Pluem, Jeff Trawick]
diff --git a/STATUS b/STATUS
index e6259cbb709..63bc92fdcab 100644
--- a/STATUS
+++ b/STATUS
@@ -230,21 +230,6 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
      http://people.apache.org/~trawick/rotatelogs_sync.txt
    +1: trawick, covener, wrowe
 
- * mod_cgid: Don't try to restart the daemon if it fails to initialize the socket.
-   Trunk version of patch:
-       http://svn.apache.org/viewvc?rev=654232&view=rev
-   Backport version for 2.2.x:
-       Trunk version works
-   +1: covener, trawick, wrowe
-         
- * mod_cgid: Explicitly set permissions of the socket (ScriptSock) for
-     OS'es like HPUX and AIX that don't use umask for AF_UNIX sockets
-   Trunk version of patch:
-       http://svn.apache.org/viewvc?rev=654332&view=rev
-   Backport version for 2.2.x:
-       Trunk version works 
-   +1: covener, trawick, wrowe
-
 PATCHES/ISSUES THAT ARE STALLED
 
    * beos MPM: Create pmain pool and run modules' child_init hooks when
diff --git a/modules/generators/mod_cgid.c b/modules/generators/mod_cgid.c
index db5c504809d..edbdf7b7b15 100644
--- a/modules/generators/mod_cgid.c
+++ b/modules/generators/mod_cgid.c
@@ -93,6 +93,15 @@ static const char *sockname;
 static pid_t parent_pid;
 static ap_unix_identity_t empty_ugid = { (uid_t)-1, (gid_t)-1, -1 };
 
+/* The APR other-child API doesn't tell us how the daemon exited
+ * (SIGSEGV vs. exit(1)).  The other-child maintenance function
+ * needs to decide whether to restart the daemon after a failure
+ * based on whether or not it exited due to a fatal startup error
+ * or something that happened at steady-state.  This exit status
+ * is unlikely to collide with exit signals.
+ */
+#define DAEMON_STARTUP_ERROR 254
+
 /* Read and discard the data in the brigade produced by a CGI script */
 static void discard_script_output(apr_bucket_brigade *bb);
 
@@ -256,9 +265,15 @@ static void cgid_maint(int reason, void *data, apr_wait_t status)
                 stopping = 0;
             }
             if (!stopping) {
-                ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
-                             "cgid daemon process died, restarting");
-                cgid_start(root_pool, root_server, proc);
+                if (status == DAEMON_STARTUP_ERROR) {
+                    ap_log_error(APLOG_MARK, APLOG_CRIT, 0, NULL,
+                                 "cgid daemon failed to initialize");
+                }
+                else {
+                    ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
+                                 "cgid daemon process died, restarting");
+                    cgid_start(root_pool, root_server, proc);
+                }
             }
             break;
         case APR_OC_REASON_RESTART:
@@ -560,6 +575,7 @@ static int cgid_server(void *data)
     apr_pool_t *ptrans;
     server_rec *main_server = data;
     apr_hash_t *script_hash = apr_hash_make(pcgi);
+    apr_status_t rv;
 
     apr_pool_create(&ptrans, pcgi);
 
@@ -594,6 +610,15 @@ static int cgid_server(void *data)
         return errno;
     }
 
+    /* Not all flavors of unix use the current umask for AF_UNIX perms */
+    rv = apr_file_perms_set(sockname, APR_FPROT_UREAD|APR_FPROT_UWRITE|APR_FPROT_UEXECUTE);
+    if (rv != APR_SUCCESS) {
+        ap_log_error(APLOG_MARK, APLOG_CRIT, rv, main_server,
+                     "Couldn't set permissions on unix domain socket %s",
+                     sockname);
+        return rv;
+    }
+
     if (listen(sd, DEFAULT_CGID_LISTENBACKLOG) < 0) {
         ap_log_error(APLOG_MARK, APLOG_ERR, errno, main_server,
                      "Couldn't listen on unix domain socket");
@@ -780,7 +805,7 @@ static int cgid_server(void *data)
             }
         }
     }
-    return -1;
+    return -1; /* should be <= 0 to distinguish from startup errors */
 }
 
 static int cgid_start(apr_pool_t *p, server_rec *main_server,
@@ -797,8 +822,7 @@ static int cgid_start(apr_pool_t *p, server_rec *main_server,
         if (pcgi == NULL) {
             apr_pool_create(&pcgi, p);
         }
-        cgid_server(main_server);
-        exit(-1);
+        exit(cgid_server(main_server) > 0 ? DAEMON_STARTUP_ERROR : -1);
     }
     procnew->pid = daemon_pid;
     procnew->err = procnew->in = procnew->out = NULL;