diff -urNX apache-excludes mod_dav-1.0.3-1.3.6.orig/dav_fs_lock.c mod_dav-1.0.3-1.3.6/dav_fs_lock.c --- mod_dav-1.0.3-1.3.6.orig/dav_fs_lock.c 2000-12-02 07:32:23.000000000 +0800 +++ mod_dav-1.0.3-1.3.6/dav_fs_lock.c 2006-05-15 13:54:02.000000000 +0800 @@ -27,6 +27,7 @@ #include "mod_dav.h" #include "dav_opaquelock.h" #include "dav_fs_repos.h" +#include "privsep.h" /* @@ -413,12 +414,13 @@ static dav_datum dav_fs_build_key(pool *p, const dav_resource *resource) { const char *file = dav_fs_pathname(resource); + const request_rec *r = dav_fs_request(resource); #ifndef WIN32 dav_datum key; struct stat finfo; /* ### use lstat() ?? */ - if (stat(file, &finfo) == 0) { + if (priv_stat(r, file, &finfo) == 0) { /* ### can we use a buffer for this? */ key.dsize = 1 + sizeof(finfo.st_ino) + sizeof(finfo.st_dev); diff -urNX apache-excludes mod_dav-1.0.3-1.3.6.orig/dav_fs_repos.c mod_dav-1.0.3-1.3.6/dav_fs_repos.c --- mod_dav-1.0.3-1.3.6.orig/dav_fs_repos.c 2001-11-05 13:20:32.000000000 +0800 +++ mod_dav-1.0.3-1.3.6/dav_fs_repos.c 2006-05-18 16:44:45.000000000 +0800 @@ -27,6 +27,7 @@ #include "mod_dav.h" #include "dav_fs_repos.h" +#include "privsep.h" /* to assist in debugging mod_dav's GET handling */ @@ -47,6 +48,7 @@ pool *pool; /* memory storage pool associated with request */ const char *pathname; /* full pathname to resource */ struct stat finfo; /* filesystem info */ + request_rec *r; }; /* private context for doing a filesystem walk */ @@ -145,6 +147,7 @@ int fd; const char *pathname; /* we may need to remove it at close time */ const char *alt_path; /* path to temp copy in .DAV/ */ + request_rec *r; }; /* forward declaration for internal treewalkers */ @@ -164,6 +167,11 @@ return resource->info->pathname; } +const request_rec *dav_fs_request(const dav_resource *resource) +{ + return resource->info->r; +} + void dav_fs_dir_file_name( const dav_resource *resource, const char **dirpath_p, @@ -243,7 +251,8 @@ const char *dst, const struct stat *src_finfo, const struct stat *dst_finfo, - dav_buffer *pbuf) + dav_buffer *pbuf, + request_rec *r) { dav_buffer work_buf = { 0 }; int fdi; @@ -259,7 +268,7 @@ * destination already exists. */ if ((mode & DAV_FS_MODE_XUSR) && (dst_finfo != NULL) && (dst_finfo->st_mode != 0)) { - if (chmod(dst, mode) == -1) { + if (priv_chmod(r, dst, mode) == -1) { return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, "Could not set permissions on destination"); } @@ -267,14 +276,14 @@ dav_set_bufsize(p, pbuf, DAV_FS_COPY_BLOCKSIZE); - if ((fdi = open(src, O_RDONLY | O_BINARY)) == -1) { + if ((fdi = priv_open(r, src, O_RDONLY | O_BINARY)) == -1) { /* ### use something besides 500? */ return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, "Could not open file for reading"); } /* ### do we need to deal with the umask? */ - if ((fdo = open(dst, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, + if ((fdo = priv_open(r, dst, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, mode )) == -1) { close(fdi); @@ -290,7 +299,7 @@ close(fdi); close(fdo); - if (remove(dst) != 0) { + if (priv_remove(r, dst) != 0) { /* ### ACK! Inconsistent state... */ /* ### use something besides 500? */ @@ -313,7 +322,7 @@ close(fdi); close(fdo); - if (remove(dst) != 0) { + if (priv_remove(r, dst) != 0) { /* ### ACK! Inconsistent state... */ /* ### use something besides 500? */ @@ -338,11 +347,11 @@ close(fdi); close(fdo); - if (is_move && remove(src) != 0) { + if (is_move && priv_remove(r, src) != 0) { dav_error *err; int save_errno = errno; /* save the errno that got us here */ - if (remove(dst) != 0) { + if (priv_remove(r, dst) != 0) { /* ### ACK. this creates an inconsistency. do more!? */ /* ### use something besides 500? */ @@ -371,7 +380,8 @@ pool * p, const char *src_dir, const char *src_file, const char *dst_dir, const char *dst_file, - dav_buffer *pbuf) + dav_buffer *pbuf, + request_rec *r) { struct stat src_finfo; /* finfo for source file */ struct stat dst_state_finfo; /* finfo for STATE directory */ @@ -382,7 +392,7 @@ src = ap_pstrcat(p, src_dir, "/" DAV_FS_STATE_DIR "/", src_file, NULL); /* the source file doesn't exist */ - if (stat(src, &src_finfo) != 0) { + if (priv_stat(r, src, &src_finfo) != 0) { return NULL; } @@ -392,7 +402,7 @@ /* ### do we need to deal with the umask? */ /* ensure that it exists */ - if (mkdir(dst, DAV_FS_MODE_DIR) != 0) { + if (priv_mkdir(r, dst, DAV_FS_MODE_DIR) != 0) { if (errno != EEXIST) { /* ### use something besides 500? */ return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, @@ -401,7 +411,7 @@ } /* get info about the state directory */ - if (stat(dst, &dst_state_finfo) != 0) { + if (priv_stat(r, dst, &dst_state_finfo) != 0) { /* Ack! Where'd it go? */ /* ### use something besides 500? */ return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, @@ -422,7 +432,7 @@ /* copy/move the file now */ if (is_move && src_finfo.st_dev == dst_state_finfo.st_dev) { /* simple rename is possible since it is on the same device */ - if (rename(src, dst) != 0) { + if (priv_rename(r, src, dst) != 0) { /* ### use something besides 500? */ return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, "Could not move state file."); @@ -433,7 +443,7 @@ * We don't have the finfo of the destination *file*, * only the destination *directory*, so pass NULL. */ return dav_fs_copymove_file(is_move, p, src, dst, - &src_finfo, NULL, pbuf); + &src_finfo, NULL, pbuf, r); } return NULL; @@ -473,13 +483,15 @@ err = dav_fs_copymove_state(is_move, p, src_dir, src_state1, dst_dir, dst_state1, - pbuf); + pbuf, + dst->info->r); if (err == NULL && src_state2 != NULL) { err = dav_fs_copymove_state(is_move, p, src_dir, src_state2, dst_dir, dst_state2, - pbuf); + pbuf, + dst->info->r); if (err != NULL) { /* ### CRAP. inconsistency. */ @@ -517,7 +529,7 @@ NULL); /* note: we may get ENOENT if the state dir is not present */ - if (remove(pathname) != 0 && errno != ENOENT) { + if (priv_remove(resource->info->r, pathname) != 0 && errno != ENOENT) { return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, "Could not remove properties."); } @@ -530,7 +542,7 @@ state2, NULL); - if (remove(pathname) != 0 && errno != ENOENT) { + if (priv_remove(resource->info->r, pathname) != 0 && errno != ENOENT) { /* ### CRAP. only removed half. */ return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, "Could not fully remove properties. " @@ -564,6 +576,7 @@ ctx = ap_pcalloc(r->pool, sizeof(*ctx)); ctx->pool = r->pool; ctx->finfo = r->finfo; + ctx->r = r; (void) ap_update_mtime(r, r->finfo.st_mtime); @@ -667,6 +680,7 @@ /* Create private resource context descriptor */ parent_ctx = ap_pcalloc(ctx->pool, sizeof(*parent_ctx)); parent_ctx->pool = ctx->pool; + parent_ctx->r = ctx->r; dirpath = ap_make_dirstr_parent(ctx->pool, ctx->pathname); if (strlen(dirpath) > 1 && dirpath[strlen(dirpath) - 1] == '/') @@ -685,7 +699,7 @@ parent_resource->uri = uri; } - if (stat(parent_ctx->pathname, &parent_ctx->finfo) == 0) { + if (priv_stat(resource->info->r, parent_ctx->pathname, &parent_ctx->finfo) == 0) { parent_resource->exists = 1; } @@ -743,6 +757,7 @@ ds->p = p; ds->pathname = path; + ds->r = resource->info->r; ds->alt_path = NULL; switch (mode) { @@ -805,7 +820,7 @@ break; } - ds->fd = open(path, flags, DAV_FS_MODE_FILE); + ds->fd = priv_open(resource->info->r, path, flags, DAV_FS_MODE_FILE); if (ds->fd == -1) { /* ### use something besides 500? */ return dav_new_error(p, HTTP_INTERNAL_SERVER_ERROR, 0, @@ -828,7 +843,7 @@ /* remove the temp file or the normal file, depending on where we were writing. */ path = stream->alt_path ? stream->alt_path : stream->pathname; - if (remove(path) != 0) { + if (priv_remove(stream->r, path) != 0) { /* ### use a better description? */ return dav_new_error(stream->p, HTTP_INTERNAL_SERVER_ERROR, 0, "There was a problem removing (rolling " @@ -839,12 +854,12 @@ else if (stream->alt_path != NULL) { /* we were storing to an alternative area. move it to the real area (blowing away anything that might be there) */ - if (rename(stream->alt_path, stream->pathname) != 0) { + if (priv_rename(stream->r, stream->alt_path, stream->pathname) != 0) { int save_errno = errno; dav_error *err; /* whoops. get rid of the temp file before returning an error. */ - (void) remove(stream->alt_path); + (void) priv_remove(stream->r, stream->alt_path); /* ### should have a better error than this. */ err = dav_new_error(stream->p, HTTP_INTERNAL_SERVER_ERROR, 0, @@ -949,7 +964,7 @@ { dav_resource_private *ctx = resource->info; - if (mkdir(ctx->pathname, DAV_FS_MODE_DIR) != 0) { + if (priv_mkdir(ctx->r, ctx->pathname, DAV_FS_MODE_DIR) != 0) { if (OUT_OF_SPACE(errno)) return dav_new_error(p, HTTP_INSUFFICIENT_STORAGE, 0, "There is not enough storage to create " @@ -983,7 +998,7 @@ } else { /* copy/move of a collection. Create the new, target collection */ - if (mkdir(dstinfo->pathname, DAV_FS_MODE_DIR) != 0) { + if (priv_mkdir(dstinfo->r, dstinfo->pathname, DAV_FS_MODE_DIR) != 0) { /* ### assume it was a permissions problem */ /* ### need a description here */ err = dav_new_error(ctx->pool, HTTP_FORBIDDEN, 0, NULL); @@ -994,7 +1009,7 @@ err = dav_fs_copymove_file(ctx->is_move, ctx->pool, srcinfo->pathname, dstinfo->pathname, &srcinfo->finfo, &dstinfo->finfo, - &ctx->work_buf); + &ctx->work_buf, ctx->r); /* ### push a higher-level description? */ } @@ -1049,6 +1064,7 @@ ctx.res2 = dst; ctx.is_move = is_move; ctx.postfix = is_move; /* needed for MOVE to delete source dirs */ + ctx.r = src->info->r; /* copy over the source URI */ dav_buffer_init(ctx.pool, &ctx.uri, src->uri); @@ -1072,7 +1088,7 @@ if ((err = dav_fs_copymove_file(is_move, src->info->pool, src->info->pathname, dst->info->pathname, &src->info->finfo, &dst->info->finfo, - &work_buf)) != NULL) { + &work_buf, src->info->r)) != NULL) { /* ### push a higher-level description? */ return err; } @@ -1151,7 +1167,7 @@ * so try it */ dirpath = ap_make_dirstr_parent(dstinfo->pool, dstinfo->pathname); - if (stat(dirpath, &finfo) == 0 + if (priv_stat(dstinfo->r, dirpath, &finfo) == 0 && finfo.st_dev == srcinfo->finfo.st_dev) { can_rename = 1; } @@ -1175,7 +1191,7 @@ /* no multistatus response */ *response = NULL; - if (rename(srcinfo->pathname, dstinfo->pathname) != 0) { + if (priv_rename(srcinfo->r, srcinfo->pathname, dstinfo->pathname) != 0) { /* ### should have a better error than this. */ return dav_new_error(srcinfo->pool, HTTP_INTERNAL_SERVER_ERROR, 0, "Could not rename resource."); @@ -1194,7 +1210,7 @@ } /* error occurred during properties move; try to put resource back */ - if (rename(dstinfo->pathname, srcinfo->pathname) != 0) { + if (priv_rename(srcinfo->r, dstinfo->pathname, srcinfo->pathname) != 0) { /* couldn't put it back! */ return dav_push_error(srcinfo->pool, HTTP_INTERNAL_SERVER_ERROR, 0, @@ -1236,9 +1252,7 @@ /* try to remove the resource */ int result; - result = ctx->resource->collection - ? rmdir(info->pathname) - : remove(info->pathname); + result = priv_remove(info->r, info->pathname); /* ** If an error occurred, then add it to multistatus response. @@ -1277,6 +1291,7 @@ ctx.func = dav_fs_delete_walker; ctx.pool = info->pool; ctx.resource = resource; + ctx.r = resource->info->r; dav_buffer_init(info->pool, &ctx.uri, resource->uri); @@ -1300,7 +1315,7 @@ } /* not a collection; remove the file and its properties */ - if (remove(info->pathname) != 0) { + if (priv_remove(info->r, info->pathname) != 0) { /* ### put a description in here */ return dav_new_error(info->pool, HTTP_FORBIDDEN, 0, NULL); } @@ -1360,7 +1375,7 @@ fsctx->res2.collection = 0; /* open and scan the directory */ - if ((dirp = opendir(fsctx->path1.buf)) == NULL) { + if ((dirp = priv_opendir(fsctx->res1.info->r, fsctx->path1.buf)) == NULL) { /* ### need a better error */ return dav_new_error(wctx->pool, HTTP_NOT_FOUND, 0, NULL); } @@ -1397,7 +1412,7 @@ dav_buffer_place_mem(wctx->pool, &fsctx->path1, ep->d_name, len + 1, 0); - if (lstat(fsctx->path1.buf, &fsctx->info1.finfo) != 0) { + if (priv_stat(wctx->r, fsctx->path1.buf, &fsctx->info1.finfo) != 0) { /* woah! where'd it go? */ /* ### should have a better error here */ err = dav_new_error(wctx->pool, HTTP_NOT_FOUND, 0, NULL); @@ -2002,7 +2017,7 @@ if (value) mode |= DAV_FS_MODE_XUSR; - if (chmod(resource->info->pathname, mode) == -1) { + if (priv_chmod(resource->info->r, resource->info->pathname, mode) == -1) { return dav_new_error(resource->info->pool, HTTP_INTERNAL_SERVER_ERROR, 0, "Could not set the executable flag of the " @@ -2038,7 +2053,7 @@ if (value) mode |= DAV_FS_MODE_XUSR; - if (chmod(resource->info->pathname, mode) == -1) { + if (priv_chmod(resource->info->r, resource->info->pathname, mode) == -1) { return dav_new_error(resource->info->pool, HTTP_INTERNAL_SERVER_ERROR, 0, "After a failure occurred, the resource's " diff -urNX apache-excludes mod_dav-1.0.3-1.3.6.orig/dav_fs_repos.h mod_dav-1.0.3-1.3.6/dav_fs_repos.h --- mod_dav-1.0.3-1.3.6.orig/dav_fs_repos.h 2000-05-20 00:30:33.000000000 +0800 +++ mod_dav-1.0.3-1.3.6/dav_fs_repos.h 2006-05-15 13:54:03.000000000 +0800 @@ -26,8 +26,8 @@ #ifndef WIN32 -#define DAV_FS_MODE_DIR (S_IRWXU | S_IRWXG) -#define DAV_FS_MODE_FILE (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP) +#define DAV_FS_MODE_DIR (S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH) +#define DAV_FS_MODE_FILE (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH) #define DAV_FS_MODE_XUSR (S_IXUSR) #else /* WIN32 */ @@ -52,6 +52,7 @@ /* return the full pathname for a resource */ const char *dav_fs_pathname(const dav_resource *resource); +const request_rec *dav_fs_request(const dav_resource *resource); /* return the directory and filename for a resource */ void dav_fs_dir_file_name(const dav_resource *resource,