php5.3.18-suexec-mail.simple.patch

Download | Plain Text | Line Numbers

    diff -Naur php-5.3.2.orig/ext/standard/mail.c php-5.3.2/ext/standard/mail.c
--- php-5.3.2.orig/ext/standard/mail.c	2010-02-05 01:19:32.000000000 +0100
+++ php-5.3.2/ext/standard/mail.c	2010-06-04 00:34:46.000000000 +0200
@@ -271,6 +271,20 @@
 		sendmail_cmd = sendmail_path;
 	}
 
+	zval suexec_user;
+	char *env_user1 = NULL;
+	char *env_user2 = NULL;
+	if (zend_get_constant("SUEXEC_USER", sizeof("SUEXEC_USER") - 1, &suexec_user TSRMLS_CC)) {
+		if (Z_TYPE(suexec_user) == IS_STRING && Z_STRLEN(suexec_user) != 0) {
+			env_user1 = emalloc(sizeof("USER=") + Z_STRLEN(suexec_user) + 1);
+			strcpy(env_user1, "USER=");
+			strcat(env_user1, Z_STRVAL(suexec_user));
+			env_user2 = getenv("USER");
+			putenv(env_user1);
+		}
+		zval_dtor(&suexec_user);
+	}
+
 #if PHP_SIGCHILD
 	/* Set signal handler of SIGCHLD to default to prevent other signal handlers
 	 * from being called and reaping the return code when our child exits.
@@ -294,6 +308,14 @@
 		efree (sendmail_cmd);
 	}
 
+	if (env_user1 != NULL) {
+		if (env_user2 != NULL)
+			putenv(env_user2 - sizeof("USER"));
+		else
+			unsetenv("USER");
+		efree(env_user1);
+	}
+
 	if (sendmail) {
 #ifndef PHP_WIN32
 		if (EACCES == errno) {
diff -Naur php-5.3.2.orig/sapi/apache/mod_php5.c php-5.3.2/sapi/apache/mod_php5.c
--- php-5.3.2.orig/sapi/apache/mod_php5.c	2010-02-05 20:34:47.000000000 +0100
+++ php-5.3.2/sapi/apache/mod_php5.c	2010-06-04 00:34:00.000000000 +0200
@@ -260,6 +260,15 @@
 	HashTable *symbol_table;
 	unsigned int new_val_len;
 
+#if !defined(WIN32) && !defined(WINNT)
+	server_rec *serv;
+	struct passwd *suexec_pw;
+	struct group *suexec_gr;
+	extern uid_t user_id;
+	extern gid_t group_id;
+	extern int suexec_enabled;
+#endif
+
 	for (i = 0; i < arr->nelts; i++) {
 		char *val;
 		int val_len;
@@ -290,6 +299,19 @@
 		php_register_variable("PATH_TRANSLATED", Z_STRVAL_PP(path_translated), track_vars_array TSRMLS_CC);
 	}
 
+#if !defined(WIN32) && !defined(WINNT)
+	zend_hash_del(EG(zend_constants), "SUEXEC_USER", sizeof("SUEXEC_USER"));
+	zend_hash_del(EG(zend_constants), "SUEXEC_GROUP", sizeof("SUEXEC_GROUP"));
+	serv = ((request_rec *) SG(server_context))->server;
+	if (suexec_enabled
+		&& serv->server_uid != user_id
+		&& (suexec_pw = getpwuid(serv->server_uid)) != NULL
+		&& (suexec_gr = getgrgid(serv->server_gid)) != NULL) {
+		REGISTER_MAIN_STRINGL_CONSTANT("SUEXEC_USER", estrdup(suexec_pw->pw_name), strlen(suexec_pw->pw_name), CONST_CS);
+		REGISTER_MAIN_STRINGL_CONSTANT("SUEXEC_GROUP", estrdup(suexec_gr->gr_name), strlen(suexec_gr->gr_name), CONST_CS);
+	}
+#endif
+
 	if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &((request_rec *) SG(server_context))->uri, strlen(((request_rec *) SG(server_context))->uri), &new_val_len TSRMLS_CC)) {
 		php_register_variable("PHP_SELF", ((request_rec *) SG(server_context))->uri, track_vars_array TSRMLS_CC);
 	}
diff -Naur php-5.3.2.orig/sapi/apache/php_apache.c php-5.3.2/sapi/apache/php_apache.c
--- php-5.3.2.orig/sapi/apache/php_apache.c	2010-01-03 10:23:27.000000000 +0100
+++ php-5.3.2/sapi/apache/php_apache.c	2010-06-04 00:34:00.000000000 +0200
@@ -168,6 +168,8 @@
 	char name[64];
 	char modulenames[1024];
 	char *p;
+	struct passwd *pw;
+	extern int suexec_enabled;
 #endif
 	server_rec *serv;
 	extern char server_root[MAX_STRING_LEN];
@@ -209,6 +211,12 @@
 #if !defined(WIN32) && !defined(WINNT)
 	snprintf(output_buf, sizeof(output_buf), "%s(%d)/%d", user_name, (int)user_id, (int)group_id);
 	php_info_print_table_row(2, "User/Group", output_buf);
+	if (suexec_enabled
+		&& serv->server_uid != user_id
+		&& (pw = getpwuid(serv->server_uid)) != NULL) {
+		sprintf(output_buf, "%s(%ld)/%ld", pw->pw_name, (long)serv->server_uid, (long)serv->server_gid);
+		php_info_print_table_row(2, "Suexec User/Group", output_buf);
+	}
 	snprintf(output_buf, sizeof(output_buf), "Per Child: %d - Keep Alive: %s - Max Per Connection: %d", max_requests_per_child, serv->keep_alive ? "on":"off", serv->keep_alive_max);
 	php_info_print_table_row(2, "Max Requests", output_buf);
 #endif
diff -Naur php-5.3.2.orig/sapi/apache2handler/php_functions.c php-5.3.2/sapi/apache2handler/php_functions.c
--- php-5.3.2.orig/sapi/apache2handler/php_functions.c	2010-01-03 10:23:27.000000000 +0100
+++ php-5.3.2/sapi/apache2handler/php_functions.c	2010-06-04 00:34:00.000000000 +0200
@@ -377,6 +377,8 @@
 #else
 	AP_DECLARE_DATA extern unixd_config_rec unixd_config;
 #endif
+	ap_unix_identity_t *identity;
+	struct passwd *pw;
 #endif
 
 	for (n = 0; ap_loaded_modules[n]; ++n) {
@@ -413,6 +415,23 @@
 	snprintf(tmp, sizeof(tmp), "%s(%d)/%d", unixd_config.user_name, unixd_config.user_id, unixd_config.group_id);
 #endif
 	php_info_print_table_row(2, "User/Group", tmp);
+#if MODULE_MAGIC_NUMBER_MAJOR >= 20081201
+	if (ap_unixd_config.suexec_enabled
+		&& (identity = ap_run_get_suexec_identity(((php_struct *) SG(server_context))->r))
+		&& identity->uid != ap_unixd_config.user_id
+		&& (pw = getpwuid(identity->uid)) != NULL) {
+		sprintf(tmp, "%s(%ld)/%ld", pw->pw_name, (long)identity->uid, (long)identity->gid);
+		php_info_print_table_row(2, "Suexec User/Group", tmp);
+	}
+#else
+	if (unixd_config.suexec_enabled
+		&& (identity = ap_run_get_suexec_identity(((php_struct *) SG(server_context))->r))
+		&& identity->uid != unixd_config.user_id
+		&& (pw = getpwuid(identity->uid)) != NULL) {
+		sprintf(tmp, "%s(%ld)/%ld", pw->pw_name, (long)identity->uid, (long)identity->gid);
+		php_info_print_table_row(2, "Suexec User/Group", tmp);
+	}
+#endif
 #endif
 
 	ap_mpm_query(AP_MPMQ_MAX_REQUESTS_DAEMON, &max_requests);
diff -Naur php-5.3.2.orig/sapi/apache2handler/sapi_apache2.c php-5.3.2/sapi/apache2handler/sapi_apache2.c
--- php-5.3.2.orig/sapi/apache2handler/sapi_apache2.c	2010-02-05 20:34:47.000000000 +0100
+++ php-5.3.2/sapi/apache2handler/sapi_apache2.c	2010-06-04 00:34:00.000000000 +0200
@@ -50,6 +50,9 @@
 #include "util_script.h"
 #include "http_core.h"
 #include "ap_mpm.h"
+#if !defined(WIN32) && !defined(WINNT)
+#include "unixd.h"
+#endif
 
 #include "php_apache.h"
 
@@ -258,6 +261,13 @@
 	char *key, *val;
 	int new_val_len;
 
+#if !defined(WIN32) && !defined(WINNT)
+	AP_DECLARE_DATA extern unixd_config_rec unixd_config;
+	ap_unix_identity_t *identity;
+	struct passwd *suexec_pw;
+	struct group *suexec_gr;
+#endif
+
 	APR_ARRAY_FOREACH_OPEN(arr, key, val)
 		if (!val) {
 			val = "";
@@ -267,6 +277,19 @@
 		}
 	APR_ARRAY_FOREACH_CLOSE()
 
+#if !defined(WIN32) && !defined(WINNT)
+	zend_hash_del(EG(zend_constants), "SUEXEC_USER", sizeof("SUEXEC_USER"));
+	zend_hash_del(EG(zend_constants), "SUEXEC_GROUP", sizeof("SUEXEC_GROUP"));
+	if (unixd_config.suexec_enabled
+		&& (identity = ap_run_get_suexec_identity(((php_struct *) SG(server_context))->r))
+		&& identity->uid != unixd_config.user_id
+		&& (suexec_pw = getpwuid(identity->uid)) != NULL
+		&& (suexec_gr = getgrgid(identity->gid)) != NULL) {
+		REGISTER_MAIN_STRINGL_CONSTANT("SUEXEC_USER", estrdup(suexec_pw->pw_name), strlen(suexec_pw->pw_name), CONST_CS);
+		REGISTER_MAIN_STRINGL_CONSTANT("SUEXEC_GROUP", estrdup(suexec_gr->gr_name), strlen(suexec_gr->gr_name), CONST_CS);
+	}
+#endif
+
 	if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &ctx->r->uri, strlen(ctx->r->uri), &new_val_len TSRMLS_CC)) {
 		php_register_variable_safe("PHP_SELF", ctx->r->uri, new_val_len, track_vars_array TSRMLS_CC);
 	}