* mod_md: fixed passing of the server environment variables to programs

started via MDMessageCmd and MDChallengeDns01 on *nix system. See <icing/mod_md#319>. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1911721 13f79535-47bb-0310-9956-ffa450edef68
apache · Aug 16, 2023 · 201d732 · 201d732
1 parent 29f9ed1
commit 201d732
Show file tree

Hide file tree

Showing 6 changed files with 15 additions and 19 deletions.
diff --git a/changes-entries/md_v2.4.24.txt b/changes-entries/md_v2.4.24.txt
@@ -0,0 +1,4 @@
+ * mod_md: fixed passing of the server environment variables to programs
+   started via MDMessageCmd and MDChallengeDns01 on *nix system.
+   See <https://github.com/icing/mod_md/issues/319>.
+   [Stefan Eissing]
diff --git a/modules/md/md_acme_authz.c b/modules/md/md_acme_authz.c
@@ -463,7 +463,7 @@ static apr_status_t cha_dns_01_setup(md_acme_authz_cha_t *cha, md_acme_authz_t *
                   "%s: dns-01 setup command: %s", authz->domain, cmdline);
 
     apr_tokenize_to_argv(cmdline, (char***)&argv, p);
-    if (APR_SUCCESS != (rv = md_util_exec(p, argv[0], argv, NULL, &exit_code))) {
+    if (APR_SUCCESS != (rv = md_util_exec(p, argv[0], argv, &exit_code))) {
         md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, rv, p, 
                       "%s: dns-01 setup command failed to execute for %s", md->name, authz->domain);
         goto out;
@@ -531,7 +531,7 @@ static apr_status_t cha_dns_01_teardown(md_store_t *store, const char *domain, c
 
     cmdline = apr_psprintf(p, "%s teardown %s", dns01_cmd, domain); 
     apr_tokenize_to_argv(cmdline, (char***)&argv, p);
-    if (APR_SUCCESS != (rv = md_util_exec(p, argv[0], argv, NULL, &exit_code)) || exit_code) {
+    if (APR_SUCCESS != (rv = md_util_exec(p, argv[0], argv, &exit_code)) || exit_code) {
         md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, rv, p, 
                       "%s: dns-01 teardown command failed (exit code=%d) for %s",
                       md->name, exit_code, domain);

diff --git a/modules/md/md_util.c b/modules/md/md_util.c
@@ -1081,32 +1081,24 @@ apr_status_t md_util_try(md_util_try_fn *fn, void *baton, int ignore_errs,
 
 /* execute process ********************************************************************************/
 
-apr_status_t md_util_exec(apr_pool_t *p, const char *cmd, const char * const *argv,
-                          apr_array_header_t *env, int *exit_code)
+apr_status_t md_util_exec(apr_pool_t *p, const char *cmd,
+                          const char * const *argv, int *exit_code)
 {
     apr_status_t rv;
     apr_procattr_t *procattr;
     apr_proc_t *proc;
     apr_exit_why_e ewhy;
-    const char * const *envp = NULL;
     char buffer[1024];
 
     *exit_code = 0;
     if (!(proc = apr_pcalloc(p, sizeof(*proc)))) {
         return APR_ENOMEM;
     }
-    if (env && env->nelts > 0) {
-        apr_array_header_t *nenv;
-
-        nenv = apr_array_copy(p, env);
-        APR_ARRAY_PUSH(nenv, const char *) = NULL;
-        envp = (const char * const *)nenv->elts;
-    }
     if (   APR_SUCCESS == (rv = apr_procattr_create(&procattr, p))
         && APR_SUCCESS == (rv = apr_procattr_io_set(procattr, APR_NO_FILE, 
                                                     APR_NO_PIPE, APR_FULL_BLOCK))
-        && APR_SUCCESS == (rv = apr_procattr_cmdtype_set(procattr, APR_PROGRAM))
-        && APR_SUCCESS == (rv = apr_proc_create(proc, cmd, argv, envp, procattr, p))) {
+        && APR_SUCCESS == (rv = apr_procattr_cmdtype_set(procattr, APR_PROGRAM_ENV))
+        && APR_SUCCESS == (rv = apr_proc_create(proc, cmd, argv, NULL, procattr, p))) {
 
         /* read stderr and log on INFO for possible fault analysis. */
         while(APR_SUCCESS == (rv = apr_file_gets(buffer, sizeof(buffer)-1, proc->err))) {

diff --git a/modules/md/md_util.h b/modules/md/md_util.h
@@ -133,7 +133,7 @@ int md_array_str_add_missing(struct apr_array_header_t *dest,
 /* process execution */
 
 apr_status_t md_util_exec(apr_pool_t *p, const char *cmd, const char * const *argv,
-                          struct apr_array_header_t *env, int *exit_code);
+                          int *exit_code);
 
 /**************************************************************************************************/
 /* dns name check */

diff --git a/modules/md/md_version.h b/modules/md/md_version.h
@@ -27,15 +27,15 @@
  * @macro
  * Version number of the md module as c string
  */
-#define MOD_MD_VERSION "2.4.23"
+#define MOD_MD_VERSION "2.4.24"
 
 /**
  * @macro
  * Numerical representation of the version number of the md module
  * release. This is a 24 bit number with 8 bits for major number, 8 bits
  * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
  */
-#define MOD_MD_VERSION_NUM 0x020417
+#define MOD_MD_VERSION_NUM 0x020418
 
 #define MD_ACME_DEF_URL         "https://acme-v02.api.letsencrypt.org/directory"
 #define MD_TAILSCALE_DEF_URL    "file://localhost/var/run/tailscale/tailscaled.sock"

diff --git a/modules/md/mod_md.c b/modules/md/mod_md.c
@@ -183,7 +183,7 @@ static apr_status_t notify(md_job_t *job, const char *reason,
         if (mc->notify_cmd) {
             cmdline = apr_psprintf(p, "%s %s", mc->notify_cmd, job->mdomain);
             apr_tokenize_to_argv(cmdline, (char***)&argv, p);
-            rv = md_util_exec(p, argv[0], argv, NULL, &exit_code);
+            rv = md_util_exec(p, argv[0], argv, &exit_code);
 
             if (APR_SUCCESS == rv && exit_code) rv = APR_EGENERAL;
             if (APR_SUCCESS != rv) {
@@ -202,7 +202,7 @@ static apr_status_t notify(md_job_t *job, const char *reason,
     if (mc->message_cmd) {
         cmdline = apr_psprintf(p, "%s %s %s", mc->message_cmd, reason, job->mdomain);
         apr_tokenize_to_argv(cmdline, (char***)&argv, p);
-        rv = md_util_exec(p, argv[0], argv, NULL, &exit_code);
+        rv = md_util_exec(p, argv[0], argv, &exit_code);
 
         if (APR_SUCCESS == rv && exit_code) rv = APR_EGENERAL;
         if (APR_SUCCESS != rv) {