Commit Diff
Diff:
36e6e793a159a4241b87c62345e4bad2485728c6
760009951357d4c36991c4c6a62db973289b32d9
Commit:
760009951357d4c36991c4c6a62db973289b32d9
Tree:
817c6c32aa2e4da5d4a65d699f79f9c86ec779f4
Author:
Omar Polo <op@omarpolo.com>
Date:
Tue Sep 6 16:40:38 2022 UTC
Message:
optionally disable the sandbox on some systems

The FreeBSD and Linux' sandbox can't deal with `fastcgi' and `proxy'
configuration rules: new sockets needs to be opened and it's either
impossible (the former) or a huge pain in the arse (the latter).

The sandbox is still always used in case only static files are served.
commit - 36e6e793a159a4241b87c62345e4bad2485728c6
commit + 760009951357d4c36991c4c6a62db973289b32d9
blob - a9e855207766eed4b0f02130fb6a37a621e6b4db
blob + 38b99ad306905dfa7d5831ed26d91fc0102d364c
--- gmid.h
+++ gmid.h
@@ -196,6 +196,7 @@ struct conf {
/* from command line */
int foreground;
int verbose;
+ int can_open_sockets;
/* in the config */
int port;
@@ -366,7 +367,7 @@ void sandbox_server_process(void);
void fcgi_req(struct client *);
/* sandbox.c */
-void sandbox_server_process(void);
+void sandbox_server_process(int);
void sandbox_logger_process(void);
/* utf8.c */
blob - 1eaf0c716b73bfcdc8e33fc6f8fc17a27d875d8c
blob + 96ab053d9087b7965cba97623de12cd5f68f3d4d
--- parse.y
+++ parse.y
@@ -1049,6 +1049,8 @@ new_proxy(void)
new_proxy(void)
{
struct proxy *p;
+
+ conf.can_open_sockets = 1;
p = xcalloc(1, sizeof(*p));
p->protocols = TLS_PROTOCOLS_DEFAULT;
@@ -1173,6 +1175,8 @@ fastcgi_conf(char *path, char *port, char *prog)
struct fcgi *f;
int i;
+ conf.can_open_sockets = 1;
+
for (i = 0; i < FCGI_MAX; ++i) {
f = &fcgi[i];
blob - 78fc079906d679e45ce03e8477bd58614288e2f3
blob + 52a161ddc90a8a4446fda741dca4c8fbc1729d7f
--- sandbox.c
+++ sandbox.c
@@ -21,7 +21,7 @@ sandbox_server_process(void)
#warning "Sandbox disabled! Please report issues upstream instead of disabling the sandbox."
void
-sandbox_server_process(void)
+sandbox_server_process(int can_open_sockets)
{
return;
}
@@ -37,8 +37,12 @@ sandbox_server_process(void)
#include <sys/capsicum.h>
void
-sandbox_server_process(void)
+sandbox_server_process(int can_open_sockets)
{
+ /* can't capsicum if fastcgi or proxying are used. */
+ if (can_open_sockets)
+ return;
+
if (cap_enter() == -1)
fatal("cap_enter");
}
@@ -537,13 +541,18 @@ sandbox_server_process(void)
#endif
void
-sandbox_server_process(void)
+sandbox_server_process(int can_open_sockets)
{
const struct sock_fprog prog = {
.len = (unsigned short) (sizeof(filter) / sizeof(filter[0])),
.filter = filter,
};
+ /* can't seccomp/landlock if fastcgi or proxying are used. */
+ if (can_open_sockets)
+ return;
+
+
#ifdef SC_DEBUG
sandbox_seccomp_catch_sigsys();
#endif
@@ -592,7 +601,7 @@ sandbox_server_process(void)
#include <unistd.h>
void
-sandbox_server_process(void)
+sandbox_server_process(int can_open_sockets)
{
struct vhost *h;
struct location *l;
@@ -625,7 +634,7 @@ sandbox_server_process(void)
#warning "No sandbox method known for this OS"
void
-sandbox_server_process(void)
+sandbox_server_process(int can_open_sockets)
{
return;
}
blob - 4e62ad3604d68309f967a4b07a403ed959e1535e
blob + b87974e60ac299ac783f598b851fa97599ada8b4
--- server.c
+++ server.c
@@ -1378,7 +1378,7 @@ loop(struct tls *ctx_, int sock4, int sock6, struct im
signal_set(&sigusr2, SIGUSR2, &handle_siginfo, NULL);
signal_add(&sigusr2, NULL);
- sandbox_server_process();
+ sandbox_server_process(conf.can_open_sockets);
event_dispatch();
_exit(0);
}
Omar Polo