summaryrefslogtreecommitdiffstats
path: root/mod_suphp-0.6.3-userdir.patch
diff options
context:
space:
mode:
Diffstat (limited to 'mod_suphp-0.6.3-userdir.patch')
-rw-r--r--mod_suphp-0.6.3-userdir.patch217
1 files changed, 217 insertions, 0 deletions
diff --git a/mod_suphp-0.6.3-userdir.patch b/mod_suphp-0.6.3-userdir.patch
new file mode 100644
index 0000000..1791b41
--- /dev/null
+++ b/mod_suphp-0.6.3-userdir.patch
@@ -0,0 +1,217 @@
+--- suphp-0.6.3/doc/suphp.conf-example.userdir 2005-11-26 20:29:02.000000000 +0100
++++ suphp-0.6.3/doc/suphp.conf-example 2008-03-31 02:08:13.000000000 +0200
+@@ -38,6 +38,8 @@
+ ; Minimum GID
+ min_gid=100
+
++; Use correct permissions for mod_userdir sites
++handle_userdir=true
+
+ [handlers]
+ ;Handler for php-scripts
+--- suphp-0.6.3/doc/CONFIG.userdir 2005-11-26 20:29:02.000000000 +0100
++++ suphp-0.6.3/doc/CONFIG 2008-03-31 02:08:13.000000000 +0200
+@@ -95,6 +95,11 @@
+ Minimum GID allowed to execute scripts.
+ Defaults to compile-time value.
+
++handle_userdir:
++ Handle sites created by mod_userdir.
++ Scripts on userdir sites will be executed with the permissions
++ of the owner of the site. This option only affects force and paranoid mode.
++ This option is enabled by default.
+
+ 3. Handlers
+
+--- suphp-0.6.3/src/Configuration.cpp.userdir 2006-03-15 21:21:52.000000000 +0100
++++ suphp-0.6.3/src/Configuration.cpp 2008-03-31 02:08:13.000000000 +0200
+@@ -112,6 +112,7 @@
+ #endif
+ this->umask = 0077;
+ this->chroot_path = "";
++ this->handle_userdir = true;
+ }
+
+ void suPHP::Configuration::readFromFile(File& file)
+@@ -157,6 +158,8 @@
+ this->umask = Util::octalStrToInt(value);
+ else if (key == "chroot")
+ this->chroot_path = value;
++ else if (key == "handle_userdir")
++ this->handle_userdir = this->strToBool(value);
+ else
+ throw ParsingException("Unknown option \"" + key +
+ "\" in section [global]",
+@@ -250,3 +253,7 @@
+ std::string suPHP::Configuration::getChrootPath() const {
+ return this->chroot_path;
+ }
++
++bool suPHP::Configuration::getHandleUserdir() const {
++ return this->handle_userdir;
++}
+--- suphp-0.6.3/src/apache2/mod_suphp.c.userdir 2006-11-06 01:57:12.000000000 +0100
++++ suphp-0.6.3/src/apache2/mod_suphp.c 2008-03-31 02:08:13.000000000 +0200
+@@ -656,6 +656,10 @@
+ }
+ }
+
++ /* for mod_userdir checking */
++ apr_table_setn(r->subprocess_env, "SUPHP_URI",
++ apr_pstrdup(r->pool, r->uri));
++
+ if (auth_user && auth_pass)
+ {
+ apr_table_setn(r->subprocess_env, "SUPHP_AUTH_USER", auth_user);
+--- suphp-0.6.3/src/Configuration.hpp.userdir 2005-11-26 20:29:02.000000000 +0100
++++ suphp-0.6.3/src/Configuration.hpp 2008-03-31 02:08:13.000000000 +0200
+@@ -57,7 +57,8 @@
+ int min_gid;
+ int umask;
+ std::string chroot_path;
+-
++ bool handle_userdir;
++
+ /**
+ * Converts string to bool
+ */
+@@ -165,6 +166,12 @@
+ * Return chroot path
+ */
+ std::string getChrootPath() const;
++
++ /**
++ * Return whether to correctly handle mod_userdir sites
++ */
++ bool getHandleUserdir() const;
++
+ };
+ };
+
+--- suphp-0.6.3/src/Application.hpp.userdir 2008-03-29 23:58:58.000000000 +0100
++++ suphp-0.6.3/src/Application.hpp 2008-03-31 02:09:27.000000000 +0200
+@@ -39,6 +39,7 @@
+ #include "SystemException.hpp"
+ #include "SoftException.hpp"
+ #include "SecurityException.hpp"
++#include "UserInfo.hpp"
+
+ namespace suPHP {
+ /**
+@@ -116,6 +117,13 @@
+ const Configuration& config) const
+ throw (SoftException);
+
++ /**
++ * Checks if a given URL is a userdir
++ * associated user is assigned to the user parameter
++ */
++ bool checkUserDir(const std::string& url,
++ UserInfo& user) const;
++
+ public:
+ /**
+ * Constructer
+--- suphp-0.6.3/src/apache/mod_suphp.c.userdir 2006-09-23 19:04:36.000000000 +0200
++++ suphp-0.6.3/src/apache/mod_suphp.c 2008-03-31 02:08:13.000000000 +0200
+@@ -491,7 +491,10 @@
+ }
+ }
+ }
+-
++
++ /* for mod_userdir checking */
++ apr_table_setn(r->subprocess_env, "SUPHP_URI", apr_pstrdup(p, r->uri));
++
+ if (auth_user && auth_pass) {
+ ap_table_setn(r->subprocess_env, "SUPHP_AUTH_USER", auth_user);
+ ap_table_setn(r->subprocess_env, "SUPHP_AUTH_PW", auth_pass);
+--- suphp-0.6.3/src/Application.cpp.userdir 2008-03-30 13:43:38.000000000 +0200
++++ suphp-0.6.3/src/Application.cpp 2008-03-31 02:08:13.000000000 +0200
+@@ -19,6 +19,7 @@
+ */
+
+ #include <iostream>
++#include <sstream>
+
+ #include "config.h"
+
+@@ -305,29 +306,33 @@
+ // Paranoid and force mode
+
+ #if (defined(OPT_USERGROUP_PARANOID) || defined(OPT_USERGROUP_FORCE))
+- std::string targetUsername, targetGroupname;
+- try {
+- targetUsername = environment.getVar("SUPHP_USER");
+- targetGroupname = environment.getVar("SUPHP_GROUP");
+- } catch (KeyNotFoundException& e) {
+- throw SecurityException(
++ if (config.getHandleUserdir() && checkUserDir(environment.getVar("SUPHP_URI"),targetUser)) {
++ targetGroup = targetUser.getGroupInfo();
++ } else {
++ std::string targetUsername, targetGroupname;
++ try {
++ targetUsername = environment.getVar("SUPHP_USER");
++ targetGroupname = environment.getVar("SUPHP_GROUP");
++ } catch (KeyNotFoundException& e) {
++ throw SecurityException(
+ "Environment variable SUPHP_USER or SUPHP_GROUP not set",
+ __FILE__, __LINE__);
+- }
++ }
+
+- if (targetUsername[0] == '#' && targetUsername.find_first_not_of(
++ if (targetUsername[0] == '#' && targetUsername.find_first_not_of(
+ "0123456789", 1) == std::string::npos) {
+- targetUser = api.getUserInfo(Util::strToInt(targetUsername.substr(1)));
+- } else {
+- targetUser = api.getUserInfo(targetUsername);
+- }
++ targetUser = api.getUserInfo(Util::strToInt(targetUsername.substr(1)));
++ } else {
++ targetUser = api.getUserInfo(targetUsername);
++ }
+
+- if (targetGroupname[0] == '#' && targetGroupname.find_first_not_of(
++ if (targetGroupname[0] == '#' && targetGroupname.find_first_not_of(
+ "0123456789", 1) == std::string::npos) {
+- targetGroup = api.getGroupInfo(
++ targetGroup = api.getGroupInfo(
+ Util::strToInt(targetGroupname.substr(1)));
+- } else {
+- targetGroup = api.getGroupInfo(targetGroupname);
++ } else {
++ targetGroup = api.getGroupInfo(targetGroupname);
++ }
+ }
+ #endif // OPT_USERGROUP_PARANOID || OPT_USERGROUP_FORCE
+
+@@ -519,6 +524,28 @@
+ } while (directory.getPath() != "/");
+ }
+
++bool suPHP::Application::checkUserDir(const std::string& url, UserInfo& user) const {
++
++ if (url.length() <= 2 || url[1] != '~')
++ return false;
++
++ API& api = API_Helper::getSystemAPI();
++ std::string topDir;
++ std::istringstream strm(url);
++
++ for (int i = 0; i < 2; i++)
++ if (!std::getline(strm, topDir, '/'))
++ return false;
++
++ std::string userName = topDir.substr(1,topDir.length());
++
++ try {
++ user = api.getUserInfo(userName);
++ return true;
++ } catch (LookupException& e) {
++ return false;
++ }
++}
+
+ int main(int argc, char **argv) {
+ try {