CVSTrac Legacy Code

Check-in [27a4d13d4f]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Add the "directory:" and "project:" lines to the CGI invocation file to allow operation from a chroot CGI without access to a shell.
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 27a4d13d4f96d57f6dd5c18fc755afd25a4ff617
User & Date: drh 2011-09-13 21:48:51
Context
2011-09-13
21:59
Add the www/index.html document. check-in: 2845a5cc32 user: drh tags: trunk
21:48
Add the "directory:" and "project:" lines to the CGI invocation file to allow operation from a chroot CGI without access to a shell. check-in: 27a4d13d4f user: drh tags: trunk
2011-02-18
13:43
(#823) MAX() isn't a good function to use on numeric values stored as text. "Force" fields to numbers first. check-in: d199007454 user: cpb tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to main.c.

273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
...
336
337
338
339
340
341
342
343





















344
345
346
347
348
349
350
    argv[1] = "http";
    argc--;
  }

  /*
  ** Make sure we have the right number of arguments left.
  */
  if( argc<2 || argc>4 ){
    usage(argv[0]);
  }

  /*
  ** For security, do not allow this program to be run as root.
  */
  if( getuid()==0 || getgid()==0 ){
................................................................................
  setmode( fileno(stdin), O_BINARY );  /* This lines needed on    */
  setmode( fileno(stdout), O_BINARY ); /* Windows/DOS boxes       */
#endif

  /* Figure out our behavior based on command line parameters and
  ** the environment.  
  */
  if( strcmp(argv[1],"cgi")==0 /* || getenv("GATEWAY_INTERFACE")!=0 */ ){





















    cgi_init();
  }else if( strcmp(argv[1],"http")==0 ){
    cgi_handle_http_request();
  }else if( strcmp(argv[1],"init")==0 ){
    if( getuid()!=geteuid() ){
      fprintf(stderr,"Permission denied\n");
      exit(1);







|







 







|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
...
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
    argv[1] = "http";
    argc--;
  }

  /*
  ** Make sure we have the right number of arguments left.
  */
  if( argc>4 ){
    usage(argv[0]);
  }

  /*
  ** For security, do not allow this program to be run as root.
  */
  if( getuid()==0 || getgid()==0 ){
................................................................................
  setmode( fileno(stdin), O_BINARY );  /* This lines needed on    */
  setmode( fileno(stdout), O_BINARY ); /* Windows/DOS boxes       */
#endif

  /* Figure out our behavior based on command line parameters and
  ** the environment.  
  */
  if( getenv("GATEWAY_INTERFACE")!=0 ){
    FILE *in;
    int j;
    char zLine[200];
    in = fopen(argv[1], "rb");
    if( in ){
      while( fgets(zLine, sizeof(zLine), in) ){
        if( zLine[0]=='#' ) continue;
        for(j=0; zLine[j] && zLine[j]!='\n' && zLine[j]!='\r'; j++){}
        zLine[j] = 0;
        if( memcmp(zLine, "directory: ", 11)==0 ){
          chdir(&zLine[11]);
        }
        if( memcmp(zLine, "project: ", 9)==0 ){
          g.zName = mprintf("%s", &zLine[9]);
          cmdlineProj = 1;
        }
      }
      fclose(in);
    }
    cgi_init();
  }else if( strcmp(argv[1],"cgi")==0 ){
    cgi_init();
  }else if( strcmp(argv[1],"http")==0 ){
    cgi_handle_http_request();
  }else if( strcmp(argv[1],"init")==0 ){
    if( getuid()!=geteuid() ){
      fprintf(stderr,"Permission denied\n");
      exit(1);