Mercurial > hgrepos > hgweb.cgi > s4
changeset 519:8d2a121cbc59
Add wrapper creation process
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Sat, 06 Apr 2019 17:22:34 +0900 |
parents | f330dcb80a7f |
children | 0d8785102531 |
files | pwrap.c s4-start.sh |
diffstat | 2 files changed, 78 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/pwrap.c Sat Apr 06 17:22:34 2019 +0900 @@ -0,0 +1,68 @@ +#include <stdio.h> +#include <stdlib.h> +#include <sys/types.h> +#include <unistd.h> +#include <sys/stat.h> +#include <string.h> + +#ifndef CGISCRIPT_PATH +#define CGISCRIPT_PATH "./s4.cgi" +#endif + +int main(int argc, char *argv[]) +{ + char *path=malloc(strlen(argv[0])); + char *p; + uid_t euid = geteuid(); + struct stat st; + if (0 == euid) { + fputs("Do not call this program with suid 0\n", stderr); + exit(0); + } + strcpy(path, argv[0]); + p = strrchr(path, '/'); + if (p) { + *p = '\0'; + } else { + fputs("Cannot detect the directory where this program located.\n", stderr); + exit(1); + } + + if (-1 == chdir(path)) { + fprintf(stderr, "Cannot chdir to %s\n", path); + exit(2); + } + if (0 > stat(CGISCRIPT_PATH, &st)) { + fprintf(stderr, "Cannot access %s\n", CGISCRIPT_PATH); + exit(3); + } + if (st.st_uid != euid) { + fputs("UID of cgi program mismatch\n", stderr); + fputs("Do chown so that wrapper and cgi files' uid matches.\n", stderr); + exit(4); + } + if (st.st_mode & (S_IWGRP | S_IWOTH)) { + fputs("This program is writable for group/others.\n", stderr); + fputs("Do chmod og-w for installed cgi-program.\n", stderr); + exit(5); + } + if (0 > stat(".", &st)) { + fputs("Cannot stat current directory\n", stderr); + fputs("Please ensure installed directory is readable.\n", stderr); + exit(6); + } +/* + if (st.st_uid != euid) { + fputs("UID of directory mismatch\n", stderr); + fputs("Do chown so that wrapper and directorys' uid matches.\n", stderr); + exit(7); + } +*/ + if (st.st_mode & (S_IWGRP | S_IWOTH)) { + fputs("This directory is writable for group/others.\n", stderr); + fputs("Do chmod og-w for installed directory.\n", stderr); + exit(8); + } + argv[0] = CGISCRIPT_PATH; + execv(CGISCRIPT_PATH, argv); +}
--- a/s4-start.sh Sat Apr 06 16:19:27 2019 +0900 +++ b/s4-start.sh Sat Apr 06 17:22:34 2019 +0900 @@ -89,7 +89,16 @@ -D_CASE_=$casefile s4.cgi.m4 > index.cgi && chmod +x index.cgi (echo "ADMIN=$ADMIN" [ "$guest" ] && echo "guestonlymode=1") >> s4-config.sh - rc=0 + sq $db "REPLACE INTO user VALUES('$ADMIN');" + cat > .htaccess <<-EOF + DirectoryIndex index.cgi + AddHandler cgi-script .cgi + EOF + if [ pwrap.c -nt index.cgi ]; then + ${CC:-gcc} -o index.cgi pwrap.c \ + && chmod u+s index.cgi \ + && rc=0 + fi else echo Calling s4-init.sh 'FAILED!!' fi