drop privs support

2021-01-11 13:59:25 -05:00 · 2021-01-11 13:59:25 -05:00 · ff3bce215b
parent 6bad235a59
commit ff3bce215b
1 changed files with 79 additions and 35 deletions
--- a/cgi.d
+++ b/cgi.d
@ -357,6 +357,8 @@ version(Posix) {
 	} else {
 		version(GNU) {
 			// GDC doesn't support static foreach so I had to cheat on it :(
 		} else version(FreeBSD) {
 			// I never implemented the fancy stuff there either
 		} else {
 			version=with_breaking_cgi_features;
 			version=with_sendfd;
@ -3375,6 +3377,8 @@ struct RequestServer {
 	void configureFromCommandLine(string[] args) {
 		bool foundPort = false;
 		bool foundHost = false;
 		bool foundUid = false;
 		bool foundGid = false;
 		foreach(arg; args) {
 			if(foundPort) {
 				listeningPort = to!ushort(arg);
@ -3384,13 +3388,27 @@ struct RequestServer {
 				listeningHost = arg;
 				foundHost = false;
 			}
 			if(foundUid) {
 				privDropUserId = to!int(arg);
 				foundUid = false;
 			}
 			if(foundGid) {
 				privDropGroupId = to!int(arg);
 				foundGid = false;
 			}
 			if(arg == "--listening-host" || arg == "-h" || arg == "/listening-host")
 				foundHost = true;
 			else if(arg == "--port" || arg == "-p" || arg == "/port" || arg == "--listening-port")
 				foundPort = true;
 			else if(arg == "--uid")
 				foundUid = true;
 			else if(arg == "--gid")
 				foundGid = true;
 		}
 	}
 	// FIXME: the privDropUserId/group id need to be set in here instead of global
 	/++
 		Serves a single HTTP request on this thread, with an embedded server, then stops. Designed for cases like embedded oauth responders
@ -3470,6 +3488,27 @@ struct RequestServer {
 	}
 }
 private int privDropUserId;
 private int privDropGroupId;
 private void dropPrivs() {
 	version(Posix) {
 		import core.sys.posix.unistd;
 		auto userId = privDropUserId;
 		auto groupId = privDropGroupId;
 		if((userId != 0 || groupId != 0) && getuid() == 0) {
 			if(groupId)
 				setgid(groupId);
 			if(userId)
 				setuid(userId);
 		}
 	}
 	// FIXME: Windows?
 }
 version(embedded_httpd_processes)
 void serveEmbeddedHttpdProcesses(alias fun, CustomCgi = Cgi)(RequestServer params) {
 	import core.sys.posix.unistd;
@ -3513,6 +3552,7 @@ void serveEmbeddedHttpdProcesses(alias fun, CustomCgi = Cgi)(RequestServer param
 			close(sock);
 			throw new Exception("listen");
 		}
 		dropPrivs();
 	}
 	version(embedded_httpd_processes_accept_after_fork) {} else {
@ -4777,6 +4817,9 @@ Socket startListening(string host, ushort port, ref bool tcp, ref void delegate(
 	}
 	listener.listen(backQueue);
 	dropPrivs();
 	return listener;
 }
@ -9905,41 +9948,6 @@ auto serveStaticFileDirectory(string urlPrefix, string directory = null) {
 	return DispatcherDefinition!(internalHandler, DispatcherDetails)(urlPrefix, false, DispatcherDetails(directory));
 }
 // duplicated in http2.d
 private static string getHttpCodeText(int code) pure nothrow @nogc {
 	switch(code) {
 		case 200: return "200 OK";
 		case 201: return "201 Created";
 		case 202: return "202 Accepted";
 		case 203: return "203 Non-Authoritative Information";
 		case 204: return "204 No Content";
 		case 205: return "205 Reset Content";
 		//
 		case 300: return "300 Multiple Choices";
 		case 301: return "301 Moved Permanently";
 		case 302: return "302 Found";
 		case 303: return "303 See Other";
 		case 307: return "307 Temporary Redirect";
 		case 308: return "308 Permanent Redirect";
 		//
 		// FIXME: add more common 400 ones cgi.d might return too
 		case 400: return "400 Bad Request";
 		case 403: return "403 Forbidden";
 		case 404: return "404 Not Found";
 		case 405: return "405 Method Not Allowed";
 		case 406: return "406 Not Acceptable";
 		case 409: return "409 Conflict";
 		case 410: return "410 Gone";
 		//
 		case 500: return "500 Internal Server Error";
 		case 501: return "501 Not Implemented";
 		case 502: return "502 Bad Gateway";
 		case 503: return "503 Service Unavailable";
 		//
 		default: assert(0, "Unsupported http code");
 	}
 }
 /++
 	Redirects one url to another
@ -10135,6 +10143,42 @@ private struct StackBuffer {
 	}
 }
 // duplicated in http2.d
 private static string getHttpCodeText(int code) pure nothrow @nogc {
 	switch(code) {
 		case 200: return "200 OK";
 		case 201: return "201 Created";
 		case 202: return "202 Accepted";
 		case 203: return "203 Non-Authoritative Information";
 		case 204: return "204 No Content";
 		case 205: return "205 Reset Content";
 		//
 		case 300: return "300 Multiple Choices";
 		case 301: return "301 Moved Permanently";
 		case 302: return "302 Found";
 		case 303: return "303 See Other";
 		case 307: return "307 Temporary Redirect";
 		case 308: return "308 Permanent Redirect";
 		//
 		// FIXME: add more common 400 ones cgi.d might return too
 		case 400: return "400 Bad Request";
 		case 403: return "403 Forbidden";
 		case 404: return "404 Not Found";
 		case 405: return "405 Method Not Allowed";
 		case 406: return "406 Not Acceptable";
 		case 409: return "409 Conflict";
 		case 410: return "410 Gone";
 		//
 		case 500: return "500 Internal Server Error";
 		case 501: return "501 Not Implemented";
 		case 502: return "502 Bad Gateway";
 		case 503: return "503 Service Unavailable";
 		//
 		default: assert(0, "Unsupported http code");
 	}
 }
 /+
 /++
 	This is the beginnings of my web.d 2.0 - it dispatches web requests to a class object.