aboutsummaryrefslogtreecommitdiff
path: root/threadproc/unix/proc.c
Commit message (Collapse)AuthorAge
* Remove trailing whitespaces in *.c.Ivan Zhakov2022-11-20
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1905414 13f79535-47bb-0310-9956-ffa450edef68
* apr_thread: Follow up to r1897207 and r1897471: s/AP_HAS_/APR_HAS_/gYann Ylavic2022-06-17
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1902019 13f79535-47bb-0310-9956-ffa450edef68
* apr_thread: Follow up to r1897207: Provide apr_thread_current_after_fork().Yann Ylavic2022-01-25
| | | | | | | | | | | thread_local variables are not (always?) reset on fork(), so APR (and the user) needs a way to set the current_thread to NULL. Use apr_thread_current_after_fork() in apr_proc_fork()'s child process. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1897470 13f79535-47bb-0310-9956-ffa450edef68
* apr_crypto: follow up to r1833359: better cprng_stream_bytes() semantics.Yann Ylavic2018-06-28
| | | | | | | | | | | | Make cprng_stream_ctx_bytes() rekey in any case, this is exactly what we need both when generating pooled random bytes and when handling fork() the parent and child key should not leak to each other. There is no use case for a keystream without setting the key first and burning it afterward, and there shouldn't be. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1834600 13f79535-47bb-0310-9956-ffa450edef68
* apr_crypto: follow up to r1833359: improve CPRNGs fork()ing.Yann Ylavic2018-06-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rework apr_crypto_prng_after_fork() which now handles rekeying of all the CPRNGs created within apr_crypto, by maintaining them in a global APR_RING, with the notable exception of per-thread ones (never forked). For each maintained CPRNG, apr_crypto_prng_after_fork() will now first rekey both the parent and child processes (determined by the 'in_child' argument provided by the caller), and for the parent only rekey a second time so that the initial states finally differ for both processes. Once these new keys are committed to their respective CPRNGs, thanks to and in continuity with the forward secrecy construct of apr_crypto_prng, there will be no in memory key material or stream that one process can inherit or infer from the other. The user can also rekey a CPRNG explicitely by calling the new function apr_crypto_prng_rekey(), and this is done by apr_fork() implicitely before forking any child, thus for the parent process. This safe guard ensures both the clearing of the pooled random bytes (buffered keystream) and the renewal of key material (cheap and preventive against _atfork() handlers or alike). Rekeying is done by using each CPRNG's keystream directly, there isn't anymore the use of a PID (or SHA256 thereof) for children processes nor any extra reads from the system RNG. All the apr_crypto_prng API is now self contained and can work entirely with a single stream cipher as primitive (Chacha20 or AES256-CTR, in that order of availability) and the initial entropy of 32 bytes gathered from the system. IOW, there is only one call issued to the system RNG for the global CPRNG's initial key, and if more CPRNGs are created their own initial key is produced by the global CPRNG. The KAT arrays in the tests suite needed adjustment too because the initial seed (if provided, like the zeros-input for the KAT) is no more used directly as the first key. Instead the first 32 bytes of the keystream generated from the seed are, and the seed (like any just used key) is then cleared immediatly from internal memory. Finally some private APR_CRYPTO_PRNG_* macros (in .c file only) are renamed to CPRNG_* to shorten colomns and avoid multilines in several cases. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1834551 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1833359: apr_crypto_prng_after_fork() can now use a PID.Yann Ylavic2018-06-12
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1833382 13f79535-47bb-0310-9956-ffa450edef68
* Cryptographic Pseudo Random Number Generator (CPRNG).Yann Ylavic2018-06-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | New apr_crypto_prng API and apr_crypto[_thread]_random_bytes() functions. Allows to generate cryptographically secure random bytes indefinitely given an initial seed of APR_CRYPTO_PRNG_SEED_SIZE bytes (32), which is either provided by the caller or automatically gathered from the system. The CPRNG can also be re-seeded at any time, or after a process is fork()ed. The internal key is renewed every APR_CRYPTO_PRNG_SEED_SIZE random bytes produced and those data once returned to the caller are cleared from the internal state, which ensures forward secrecy. This CPRNG is fast, based on a stream cipher, and will never block besides the initial seed or any reseed if it depends on the system entropy. Finally, it can be used either globally (locked in multithread environment), per-thread (a lock free instance is automatically created for each thread on first use), or created as standalone instance (manageable independently). For now it's only implemented with the OpenSSL library as underlying crypto, that is --with-crypto --with-openssl needs to be configured, and the latter links libcrypto with APR. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1833359 13f79535-47bb-0310-9956-ffa450edef68
* Clarify what happens to the proc structure used by apr_fork(). Sander Temme2011-11-07
| | | | | | | | | Set the proc->pid field to the pid of the newly created child. Note that a mere pid value provides little entropy to mix into the child random pool. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1198860 13f79535-47bb-0310-9956-ffa450edef68
* Don't close any of the new stdin/stdout/stderr FDs in the child if itStefan Fritsch2011-10-15
| | | | | | | | | | already has the correct FD. PR: 51995 Submitted by: Dan Ports <drkp csail mit edu>] git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1183685 13f79535-47bb-0310-9956-ffa450edef68
* Fixed compilation when APR_HAVE_STRUCT_RLIMIT=0.Guenter Knauf2011-03-07
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1078655 13f79535-47bb-0310-9956-ffa450edef68
* Fix various issues found by cppcheckStefan Fritsch2010-07-27
| | | | | | | | | | | | - error handling issues - use of uninitialized data - null pointer dereference - unused variables - memory/fd leaks - broken code in threadproc/beos/proc.c git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@979891 13f79535-47bb-0310-9956-ffa450edef68
* * We need to disable inheritance in the case of success like in theRuediger Pluem2009-06-10
| | | | | | | cases for stdout and stdin. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@783398 13f79535-47bb-0310-9956-ffa450edef68
* Remove simple ipc because of -1Mladen Turk2009-02-24
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@747357 13f79535-47bb-0310-9956-ffa450edef68
* Remove ipc init from apr_initialize.Mladen Turk2009-02-23
| | | | | | | On posix make unique tmp name and add that to child environment. The env var name made of child making it almost unique for that process instance git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@747042 13f79535-47bb-0310-9956-ffa450edef68
* Add simple parent/child data exchange for APR processesMladen Turk2009-02-21
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@746589 13f79535-47bb-0310-9956-ffa450edef68
* Fix typoMladen Turk2009-02-07
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@741867 13f79535-47bb-0310-9956-ffa450edef68
* Add object perms set macros and implement them for shm and mutexMladen Turk2009-02-07
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@741862 13f79535-47bb-0310-9956-ffa450edef68
* Here's my recommendation; upon opening the pipes, always set the parent-endWilliam A. Rowe Jr2007-10-14
| | | | | | | | | | | | of the pipe to uninherited. Let it be closed upon cleanup_for_exec. The later dup2() for the parent pipe does not automagically become inherited again, and later dup()'s are never inherited by default. There's no longer an explicit need to close the parent-end in proc_create git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@584570 13f79535-47bb-0310-9956-ffa450edef68
* apr_file_dup() varies from dup2 by not setting the child handle asWilliam A. Rowe Jr2007-10-14
| | | | | | | | | | | | | | | inherited. Solve this by setting the duplicated handle to inherit. once finished with the fork(), now that we don't waste pipe creation resources on a single handle, watch out for closing the parent handle inside the child. in fact I believe that toggling parent_* handles apr_file_inherit_unset way back in apr_procattr_io_set / apr_procattr_child_*_set would be more efficient; comments? git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@584569 13f79535-47bb-0310-9956-ffa450edef68
* Solve two potential problems with one shot.William A. Rowe Jr2007-10-14
| | | | | | | | | | | | | | | | | | First; we absolutely do NOT want to waste our time creating a pipe, when the caller has their own file descriptors all set up to give to the child process (and use itself). We can also presume a single ended pipe is about as interesting as the sound of one hand clapping. Create the pipe only when we don't already have any child/parent pipes set up, and when the caller passes no files for us to use. Otherwise, we simply dup for our own use rather than dup2. Second; we absolutely cannot dup2 into the static 'no_file' special fd, so we'll guard against this and also dup, instead, for this case. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@584500 13f79535-47bb-0310-9956-ffa450edef68
* Close the standard handle in the child, *when* we tagged it with fd -1William A. Rowe Jr2007-10-01
| | | | | | | | | | (we aren't trying to close our child_fd's here). Submitted by: David Glasser <glasser@davidglasser.net> git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@581089 13f79535-47bb-0310-9956-ffa450edef68
* Had inverted the logic for closing the handles in the parent, thanks to glasserWilliam A. Rowe Jr2007-10-01
| | | | | | | for pointing this out to me on #irc. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@581042 13f79535-47bb-0310-9956-ffa450edef68
* Thanks for catching the unbalanced parens, jerenkrantz.William A. Rowe Jr2007-09-29
| | | | | | These can be reduced further and still remain legible. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@580632 13f79535-47bb-0310-9956-ffa450edef68
* Fix compile errors introduced in r580486 due to missing ()s.Justin Erenkrantz2007-09-29
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@580591 13f79535-47bb-0310-9956-ffa450edef68
* Undo the 'fix' to the unix flaw. Yes, there still are flaws;William A. Rowe Jr2007-09-28
| | | | | | | | | | if we use apr_procattr_stderr_set() it will not close out the previous handle parked there by _io_set(). But it also does not attempt to touch the _io_set() no_file STATIC apr_file_t's so there is nothing to otherwise fix here immediately. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@580515 13f79535-47bb-0310-9956-ffa450edef68
* Introduce APR_NO_FILE as an option for any of the three stdio streamsWilliam A. Rowe Jr2007-09-28
| | | | | | | | | | | | to cause the specified streams to be closed to the child process, when the caller has chosen that flag via apr_procattr_io_set(). ALSO; solve a serious flaw where we attempted to dup2 to a non existant file if the user had not already called apr_procattr_io_set()! The Unix implementation. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@580486 13f79535-47bb-0310-9956-ffa450edef68
* * threadprox/unix/proc.c (apr_proc_create): Relax the tests to allowJoe Orton2006-10-10
| | | | | | | | | | executable-but-unreadable programs to be executed even if the errchk mode is active. PR: 32498 git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@454787 13f79535-47bb-0310-9956-ffa450edef68
* Fix the typo.Joe Orton2006-08-03
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@428317 13f79535-47bb-0310-9956-ffa450edef68
* Update license header.Joe Orton2006-08-03
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@428313 13f79535-47bb-0310-9956-ffa450edef68
* Don't pass NULL to execve() for the environment array,Jeff Trawick2005-10-10
| | | | | | | | | | resolving a theoretical problem with standards compliance and an actual problem with Purify. Reviewed by: Joe Orton git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@312607 13f79535-47bb-0310-9956-ffa450edef68
* * threadproc/unix/proc.c (apr_proc_create): Use _exit() not exit() toJoe Orton2005-08-24
| | | | | | | | | | prevent atexit-registered functions from being run in a failing child, and e.g. flushing stdio buffers. PR: 30913 git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@239687 13f79535-47bb-0310-9956-ffa450edef68
* * threadproc/unix/proc.c (apr_procattr_child_in_set,Joe Orton2005-05-16
| | | | | | | | | apr_procattr_child_out_set, apr_procattr_child_err_set): Add error checking: fixes segfaults in applications when pipe() or dup2() fail (e.g. due to ulimit settings). git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@170395 13f79535-47bb-0310-9956-ffa450edef68
* Update copyright year to 2005 and standardize on current copyright owner line.Justin Erenkrantz2005-02-04
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@151412 13f79535-47bb-0310-9956-ffa450edef68
* Remove unused variable declarations.Mladen Turk2005-01-17
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@125405 13f79535-47bb-0310-9956-ffa450edef68
* Added apr_procattr_user_set and apr_procattr_group_set to allow setting ↵Mladen Turk2005-01-16
| | | | | | uid/gid for newly created processes using apr_proc_create. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@125349 13f79535-47bb-0310-9956-ffa450edef68
* apr_proc_create() on Unix: Remove unnecessary check for readJeff Trawick2004-07-20
| | | | | | | | | | | access to the working directory of the child process. PR: 30137 Submitted by: Jeremy Chadwick <apache jdc.parodius.com> Reviewed by: jorton, trawick git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@65285 13f79535-47bb-0310-9956-ffa450edef68
* Add command type APR_SHELLCMD_ENV for creating a processJeff Trawick2004-06-23
| | | | | | | | | | | | | | | which is started by the shell and which inherits the parent's environment variables. The immediate use for this is with Apache httpd's piped loggers, correcting a regression since 1.3. In general, applications starting child processes often want the child to run with the same environment variables, so this plugs a hole in the API. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@65213 13f79535-47bb-0310-9956-ffa450edef68
* Added new APR API to load child process in current or new address space ↵Jean-Jacques Clar2004-06-14
| | | | | | | | | | (NetWare ONLY). Replaced changes that added APR_PROGRAM_ADDRSPACE committed 6/11/04. Reviewed by Brad Nicholes git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@65196 13f79535-47bb-0310-9956-ffa450edef68
* Relicense APR under Apache License, Version 2.0Justin Erenkrantz2004-02-13
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64904 13f79535-47bb-0310-9956-ffa450edef68
* Get rid of tabs.Ben Laurie2003-11-06
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64733 13f79535-47bb-0310-9956-ffa450edef68
* Endianness and APR types for random.Ben Laurie2003-11-05
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64728 13f79535-47bb-0310-9956-ffa450edef68
* Really fix the build again.Joe Orton2003-11-05
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64722 13f79535-47bb-0310-9956-ffa450edef68
* Make sure randomness is different after a fork.Ben Laurie2003-11-03
| | | | git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64716 13f79535-47bb-0310-9956-ffa450edef68
* (apr_proc_wait): Handle interrupted waitpid(2) calls by callingThom May2003-05-08
| | | | | | | | | | | it repeatedly until it succeeds or fails with errno other than EINTR. This hides this UNIX-specific behavior from APR clients. Submitted by: Eric Gillespie <epg@pretzelnet.org> Reviewed by: Thom May git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64501 13f79535-47bb-0310-9956-ffa450edef68
* apr_proc_create() on Unix: Make the APR_SHELLCMD mode workJeff Trawick2003-04-21
| | | | | | | | | | | | | | when there is more than one program argument passed in. It worked before (and still does) if the app somehow knows to pass in a single arg which is a string containing the program name and all args, such as when calling system(). Now it works if the app passes the program arguments normally, such as when using other modes of apr_proc_create(). git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64490 13f79535-47bb-0310-9956-ffa450edef68
* add apr_procattr_error_check_set() for telling apr_proc_create() toJeff Trawick2003-02-07
| | | | | | | | try to anticipate any errors that might occur after fork() (no-op everywhere but Unix) git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64341 13f79535-47bb-0310-9956-ffa450edef68
* Allow apr_proc_create() to call an app-provided error reportingJeff Trawick2003-02-06
| | | | | | | | | | function when apr_proc_create() fails in the new child process after fork(). The app-provided error reporting function will only be called on platforms where apr_proc_create() first calls fork() to create the new process. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64330 13f79535-47bb-0310-9956-ffa450edef68
* Fix a bug in apr_proc_create() that could cause a new child processJeff Trawick2003-02-04
| | | | | | | to run the parent's code if setrlimit() fails. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64328 13f79535-47bb-0310-9956-ffa450edef68
* Namespace protection for include/arch/ header filesThom May2003-01-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | aix/dso.h -> -> aix/apr_arch_dso.h beos/dso.h -> beos/apr_arch_dso.h beos/proc_mutex.h -> beos/apr_arch_proc_mutex.h beos/thread_cond.h -> beos/apr_arch_thread_cond.h beos/thread_mutex.h -> beos/apr_arch_thread_mutex.h beos/threadproc.h -> beos/apr_arch_threadproc.h beos/thread_rwlock.h -> beos/apr_arch_thread_rwlock.h netware/dso.h -> -> netware/apr_arch_dso.h netware/fileio.h -> -> netware/apr_arch_fileio.h netware/global_mutex.h -> netware/apr_arch_global_mutex.h netware/internal_time.h -> netware/apr_arch_internal_time.h netware/networkio.h -> netware/apr_arch_networkio.h netware/pre_nw.h -> netware/apr_arch_pre_nw.h netware/proc_mutex.h -> netware/apr_arch_proc_mutex.h netware/thread_cond.h -> netware/apr_arch_thread_cond.h netware/thread_mutex.h -> netware/apr_arch_thread_mutex.h netware/threadproc.h -> netware/apr_arch_threadproc.h netware/thread_rwlock.h -> netware/apr_arch_thread_rwlock.h os2/dso.h -> os2/apr_arch_dso.h os2/fileio.h -> os2/apr_arch_fileio.h os2/networkio.h -> os2/apr_arch_networkio.h os2/os2calls.h -> os2/apr_arch_os2calls.h os2/proc_mutex.h -> os2/apr_arch_proc_mutex.h os2/thread_cond.h -> os2/apr_arch_thread_cond.h os2/thread_mutex.h -> os2/apr_arch_thread_mutex.h os2/threadproc.h -> os2/apr_arch_threadproc.h os2/thread_rwlock.h -> os2/apr_arch_thread_rwlock.h os390/dso.h -> os390/apr_arch_dso.h unix/dso.h -> unix/apr_arch_dso.h unix/fileio.h -> unix/apr_arch_fileio.h unix/global_mutex.h -> unix/apr_arch_global_mutex.h unix/inherit.h -> unix/apr_arch_inherit.h unix/internal_time.h -> unix/apr_arch_internal_time.h unix/misc.h -> unix/apr_arch_misc.h unix/networkio.h -> unix/apr_arch_networkio.h unix/proc_mutex.h -> unix/apr_arch_proc_mutex.h unix/shm.h -> unix/apr_arch_shm.h unix/thread_cond.h -> unix/apr_arch_thread_cond.h unix/thread_mutex.h -> unix/apr_arch_thread_mutex.h unix/threadproc.h -> unix/apr_arch_threadproc.h unix/thread_rwlock.h -> unix/apr_arch_thread_rwlock.h win32/atime.h -> win32/apr_arch_atime.h win32/dso.h -> win32/apr_arch_dso.h win32/fileio.h -> win32/apr_arch_fileio.h win32/inherit.h -> win32/apr_arch_inherit.h win32/misc.h -> win32/apr_arch_misc.h win32/networkio.h -> win32/apr_arch_networkio.h win32/proc_mutex.h -> win32/apr_arch_proc_mutex.h win32/thread_cond.h -> win32/apr_arch_thread_cond.h win32/thread_mutex.h -> win32/apr_arch_thread_mutex.h win32/threadproc.h -> win32/apr_arch_threadproc.h win32/thread_rwlock.h -> win32/apr_arch_thread_rwlock.h win32/utf8.h -> win32/apr_arch_utf8.h git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64271 13f79535-47bb-0310-9956-ffa450edef68
* Update copyright notices to 2003.Thom May2003-01-01
| | | | | | | No functional changes git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@64251 13f79535-47bb-0310-9956-ffa450edef68
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-24 01:35:28 +0000