[gentoo-commits] gentoo-x86 commit in www-servers/lighttpd/files/1.4.20: 03_all

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] gentoo-x86 commit in www-servers/lighttpd/files/1.4.20: 03_all_lighttpd-1.4.11-errorlog-pipe.diff
@ 2008-09-30 14:58 Christian Hoffmann (hoffie)
  0 siblings, 0 replies; 2+ messages in thread
From: Christian Hoffmann (hoffie) @ 2008-09-30 14:58 UTC (permalink / raw
  To: gentoo-commits

hoffie      08/09/30 14:58:09

  Added:                03_all_lighttpd-1.4.11-errorlog-pipe.diff
  Log:
  version bump to 1.4.20, including fixes for the security issues outlined in bug 238180; removing old
  (Portage version: 2.2_rc11/cvs/Linux 2.6.26-gentoo x86_64)
   (Signed Manifest commit)

Revision  Changes    Path
1.1                  www-servers/lighttpd/files/1.4.20/03_all_lighttpd-1.4.11-errorlog-pipe.diff

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-servers/lighttpd/files/1.4.20/03_all_lighttpd-1.4.11-errorlog-pipe.diff?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-servers/lighttpd/files/1.4.20/03_all_lighttpd-1.4.11-errorlog-pipe.diff?rev=1.1&content-type=text/plain

Index: 03_all_lighttpd-1.4.11-errorlog-pipe.diff
===================================================================
Initial patch from http://trac.lighttpd.net/trac/ticket/296
Updated to apply against 1.4.20 by hoffie
Upstream will only accept it once it has been changed to make the pipe logging more generic

diff -r 447bac6969ef src/base.h
--- a/src/base.h	Tue Aug 19 18:04:17 2008 +0200
+++ b/src/base.h	Tue Aug 19 19:45:00 2008 +0200
@@ -530,7 +530,7 @@
 
 	/* the errorlog */
 	int errorlog_fd;
-	enum { ERRORLOG_STDERR, ERRORLOG_FILE, ERRORLOG_SYSLOG } errorlog_mode;
+	enum { ERRORLOG_STDERR, ERRORLOG_FILE, ERRORLOG_SYSLOG, ERRORLOG_PIPE } errorlog_mode;
 	buffer *errorlog_buf;
 
 	fdevents *ev, *ev_ins;
diff -r 447bac6969ef src/log.c
--- a/src/log.c	Tue Aug 19 18:04:17 2008 +0200
+++ b/src/log.c	Tue Aug 19 19:45:00 2008 +0200
@@ -57,10 +57,11 @@
 /**
  * open the errorlog
  *
- * we have 3 possibilities:
+ * we have 4 possibilities:
  * - stderr (default)
  * - syslog
  * - logfile
+ * - pipe
  *
  * if the open failed, report to the user and die
  *
@@ -79,21 +80,80 @@
 		srv->errorlog_mode = ERRORLOG_SYSLOG;
 	} else if (!buffer_is_empty(srv->srvconf.errorlog_file)) {
 		const char *logfile = srv->srvconf.errorlog_file->ptr;
+		if (logfile[0] == '|') {
+#ifdef HAVE_FORK
+			/* create write pipe and spawn process */
 
-		if (-1 == (srv->errorlog_fd = open(logfile, O_APPEND | O_WRONLY | O_CREAT | O_LARGEFILE, 0644))) {
-			log_error_write(srv, __FILE__, __LINE__, "SSSS",
+			int to_log_fds[2];
+			int fd;
+			pid_t pid;
+
+			if (pipe(to_log_fds)) {
+				log_error_write(srv, __FILE__, __LINE__, "ss",
+				"pipe failed: ", strerror(errno));
+				return -1;
+			}
+
+			/* fork, execve */
+			switch (pid = fork()) {
+			case 0:
+				/* child */
+
+				close(STDIN_FILENO);
+				dup2(to_log_fds[0], STDIN_FILENO);
+				close(to_log_fds[0]);
+				/* not needed */
+				close(to_log_fds[1]);
+
+				/* we don't need the client socket */
+				for (fd = 3; fd < 256; fd++) {
+					close(fd);
+				}
+
+				/* exec the log-process (skip the | )
+				 *
+				 */
+
+				execl("/bin/sh", "sh", "-c", logfile + 1, NULL);
+
+				log_error_write(srv, __FILE__, __LINE__, "sss",
+					"spawning log-process failed: ",
+					strerror(errno), logfile + 1);
+
+				exit(-1);
+				break;
+			case -1:
+				/* error */
+				log_error_write(srv, __FILE__, __LINE__, "ss", "fork failed:", strerror(errno));
+				break;
+			default:
+				close(to_log_fds[0]);
+
+				srv->errorlog_fd = to_log_fds[1];
+
+				break;
+			}
+			srv->errorlog_mode = ERRORLOG_PIPE;
+#else
+			log_error_write(srv, __FILE__, __LINE__, "SSS",
+				"opening errorlog '", logfile,"' impossible");
+			return -1;
+#endif
+		} else {
+			if (-1 == (srv->errorlog_fd = open(logfile, O_APPEND | O_WRONLY | O_CREAT | O_LARGEFILE, 0644))) {
+				log_error_write(srv, __FILE__, __LINE__, "SSSS",
 					"opening errorlog '", logfile,
 					"' failed: ", strerror(errno));
 
-			return -1;
+				return -1;
+			}
+			srv->errorlog_mode = ERRORLOG_FILE;
 		}
 #ifdef FD_CLOEXEC
 		/* close fd on exec (cgi) */
 		fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC);
 #endif
-		srv->errorlog_mode = ERRORLOG_FILE;
 	}
-
 	log_error_write(srv, __FILE__, __LINE__, "s", "server started");
 
 #ifdef HAVE_VALGRIND_VALGRIND_H
@@ -122,7 +182,7 @@
  */
 
 int log_error_cycle(server *srv) {
-	/* only cycle if we are not in syslog-mode */
+	/* only cycle if the error log is a file */
 
 	if (srv->errorlog_mode == ERRORLOG_FILE) {
 		const char *logfile = srv->srvconf.errorlog_file->ptr;
@@ -154,6 +214,7 @@
 
 int log_error_close(server *srv) {
 	switch(srv->errorlog_mode) {
+	case ERRORLOG_PIPE: /* fall through */
 	case ERRORLOG_FILE:
 		close(srv->errorlog_fd);
 		break;
@@ -173,6 +234,7 @@
 	va_list ap;
 
 	switch(srv->errorlog_mode) {
+	case ERRORLOG_PIPE:
 	case ERRORLOG_FILE:
 	case ERRORLOG_STDERR:
 		/* cache the generated timestamp */
@@ -257,6 +319,7 @@
 	va_end(ap);
 
 	switch(srv->errorlog_mode) {
+	case ERRORLOG_PIPE: /* fall through */
 	case ERRORLOG_FILE:
 		buffer_append_string_len(srv->errorlog_buf, CONST_STR_LEN("\n"));
 		write(srv->errorlog_fd, srv->errorlog_buf->ptr, srv->errorlog_buf->used - 1);
diff -r 447bac6969ef src/mod_cgi.c
--- a/src/mod_cgi.c	Tue Aug 19 18:04:17 2008 +0200
+++ b/src/mod_cgi.c	Tue Aug 19 19:45:00 2008 +0200
@@ -781,7 +781,7 @@
 		 *
 		 * we feed the stderr of the CGI to our errorlog, if possible
 		 */
-		if (srv->errorlog_mode == ERRORLOG_FILE) {
+		if ((srv->errorlog_mode == ERRORLOG_FILE) || (srv->errorlog_mode == ERRORLOG_PIPE)) {
 			close(STDERR_FILENO);
 			dup2(srv->errorlog_fd, STDERR_FILENO);
 		}
diff -r 447bac6969ef src/mod_rrdtool.c
--- a/src/mod_rrdtool.c	Tue Aug 19 18:04:17 2008 +0200
+++ b/src/mod_rrdtool.c	Tue Aug 19 19:45:00 2008 +0200
@@ -134,7 +134,7 @@
 
 		close(STDERR_FILENO);
 
-		if (srv->errorlog_mode == ERRORLOG_FILE) {
+		if ((srv->errorlog_mode == ERRORLOG_FILE) || (srv->errorlog_mode == ERRORLOG_PIPE)) {
 			dup2(srv->errorlog_fd, STDERR_FILENO);
 			close(srv->errorlog_fd);
 		}






^ permalink raw reply	[flat|nested] 2+ messages in thread

* [gentoo-commits] gentoo-x86 commit in www-servers/lighttpd/files/1.4.20: 03_all_lighttpd-1.4.11-errorlog-pipe.diff
@ 2009-11-25  9:59 Thilo Bangert (bangert)
  0 siblings, 0 replies; 2+ messages in thread
From: Thilo Bangert (bangert) @ 2009-11-25  9:59 UTC (permalink / raw
  To: gentoo-commits

bangert     09/11/25 09:59:17

  Removed:              03_all_lighttpd-1.4.11-errorlog-pipe.diff
  Log:
  version bump - remove old versions
  (Portage version: 2.2_rc51/cvs/Linux i686)



^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2009-11-25  9:59 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-09-30 14:58 [gentoo-commits] gentoo-x86 commit in www-servers/lighttpd/files/1.4.20: 03_all_lighttpd-1.4.11-errorlog-pipe.diff Christian Hoffmann (hoffie)
  -- strict thread matches above, loose matches on Subject: below --
2009-11-25  9:59 Thilo Bangert (bangert)

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox