summaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
authorJan Kaluža <jkaluza@apache.org>2015-03-06 10:14:07 +0100
committerJan Kaluža <jkaluza@apache.org>2015-03-06 10:14:07 +0100
commitc31475601ad2a72ac20567b3540be20b35e215ec (patch)
tree0fb10e69d4cb9f93dc20cdbab231774d86d9e80d /modules
parentSome fluff (diff)
downloadapache2-c31475601ad2a72ac20567b3540be20b35e215ec.tar.xz
apache2-c31475601ad2a72ac20567b3540be20b35e215ec.zip
*) mod_rewrite: Add support for starting External Rewriting Programs
as non-root user on UNIX systems by specifying username and group name as third argument of RewriteMap directive. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1664565 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules')
-rw-r--r--modules/mappers/mod_rewrite.c17
1 files changed, 14 insertions, 3 deletions
diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
index cc60b5edd4..e22a280ad5 100644
--- a/modules/mappers/mod_rewrite.c
+++ b/modules/mappers/mod_rewrite.c
@@ -267,6 +267,8 @@ typedef struct {
const char *dbdq; /* SQL SELECT statement for rewritemap */
const char *checkfile2; /* filename to check for map existence
NULL if only one file */
+ const char *user; /* run RewriteMap program as this user */
+ const char *group; /* run RewriteMap program as this group */
} rewritemap_entry;
/* special pattern types for RewriteCond */
@@ -1171,6 +1173,7 @@ static void rewrite_child_errfn(apr_pool_t *p, apr_status_t err,
static apr_status_t rewritemap_program_child(apr_pool_t *p,
const char *progname, char **argv,
+ const char *user, const char *group,
apr_file_t **fpout,
apr_file_t **fpin)
{
@@ -1183,6 +1186,8 @@ static apr_status_t rewritemap_program_child(apr_pool_t *p,
APR_FULL_BLOCK, APR_NO_PIPE))
&& APR_SUCCESS == (rc=apr_procattr_dir_set(procattr,
ap_make_dirstr_parent(p, argv[0])))
+ && (!user || APR_SUCCESS == (rc=apr_procattr_user_set(procattr, user, "")))
+ && (!group || APR_SUCCESS == (rc=apr_procattr_group_set(procattr, group)))
&& APR_SUCCESS == (rc=apr_procattr_cmdtype_set(procattr, APR_PROGRAM))
&& APR_SUCCESS == (rc=apr_procattr_child_errfn_set(procattr,
rewrite_child_errfn))
@@ -1240,6 +1245,7 @@ static apr_status_t run_rewritemap_programs(server_rec *s, apr_pool_t *p)
}
rc = rewritemap_program_child(p, map->argv[0], map->argv,
+ map->user, map->group,
&fpout, &fpin);
if (rc != APR_SUCCESS || fpin == NULL || fpout == NULL) {
ap_log_error(APLOG_MARK, APLOG_ERR, rc, s, APLOGNO(00654)
@@ -3018,7 +3024,7 @@ static const char *cmd_rewriteoptions(cmd_parms *cmd,
}
static const char *cmd_rewritemap(cmd_parms *cmd, void *dconf, const char *a1,
- const char *a2)
+ const char *a2, const char *a3)
{
rewrite_server_conf *sconf;
rewritemap_entry *newmap;
@@ -3124,6 +3130,11 @@ static const char *cmd_rewritemap(cmd_parms *cmd, void *dconf, const char *a1,
newmap->type = MAPTYPE_PRG;
newmap->checkfile = newmap->argv[0];
+ if (a3) {
+ char *tok_cntx;
+ newmap->user = apr_strtok(apr_pstrdup(cmd->pool, a3), ":", &tok_cntx);
+ newmap->group = apr_strtok(NULL, ":", &tok_cntx);
+ }
}
else if (strncasecmp(a2, "int:", 4) == 0) {
newmap->type = MAPTYPE_INT;
@@ -5205,8 +5216,8 @@ static const command_rec command_table[] = {
"an input string and a to be applied regexp-pattern"),
AP_INIT_RAW_ARGS("RewriteRule", cmd_rewriterule, NULL, OR_FILEINFO,
"an URL-applied regexp-pattern and a substitution URL"),
- AP_INIT_TAKE2( "RewriteMap", cmd_rewritemap, NULL, RSRC_CONF,
- "a mapname and a filename"),
+ AP_INIT_TAKE23( "RewriteMap", cmd_rewritemap, NULL, RSRC_CONF,
+ "a mapname and a filename and options"),
{ NULL }
};