mirror of
https://github.com/php/php-src.git
synced 2024-11-25 02:44:58 +08:00
Merge branch 'PHP-5.6'
* PHP-5.6: NEWS adapt test for error message introduce in fix for #68463 Fix bug #68463 listen.allowed_clients can silently result in no allowed access
This commit is contained in:
commit
8904fbc692
@ -280,6 +280,10 @@ void fcgi_set_allowed_clients(char *ip)
|
||||
}
|
||||
allowed_clients[n].sa.sa_family = 0;
|
||||
free(ip);
|
||||
if (!n) {
|
||||
zlog(ZLOG_ERROR, "There are no allowed addresses for this pool");
|
||||
/* don't clear allowed_clients as it will create an "open for all" security issue */
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -8,19 +8,28 @@ FPM: Test various messages on start, from master and childs
|
||||
include "include.inc";
|
||||
|
||||
$logfile = dirname(__FILE__).'/php-fpm.log.tmp';
|
||||
$port = 9000+PHP_INT_SIZE;
|
||||
$port1 = 9000+PHP_INT_SIZE;
|
||||
$port2 = 9001+PHP_INT_SIZE;
|
||||
|
||||
$cfg = <<<EOT
|
||||
[global]
|
||||
error_log = $logfile
|
||||
log_level = notice
|
||||
[unconfined]
|
||||
listen = 127.0.0.1:$port
|
||||
listen.allowed_clients=127.0.0.1,xxx
|
||||
[pool1]
|
||||
listen = 127.0.0.1:$port1
|
||||
listen.allowed_clients=127.0.0.1
|
||||
user = foo
|
||||
pm = dynamic
|
||||
pm.max_children = 5
|
||||
;pm.start_servers = 2
|
||||
pm.min_spare_servers = 1
|
||||
pm.max_spare_servers = 3
|
||||
catch_workers_output = yes
|
||||
[pool2]
|
||||
listen = 127.0.0.1:$port2
|
||||
listen.allowed_clients=xxx
|
||||
pm = dynamic
|
||||
pm.max_children = 5
|
||||
pm.start_servers = 1
|
||||
pm.min_spare_servers = 1
|
||||
pm.max_spare_servers = 3
|
||||
catch_workers_output = yes
|
||||
@ -29,7 +38,7 @@ EOT;
|
||||
$fpm = run_fpm($cfg, $tail);
|
||||
if (is_resource($fpm)) {
|
||||
$i = 0;
|
||||
while (($i++ < 30) && !($fp = @fsockopen('127.0.0.1', $port))) {
|
||||
while (($i++ < 30) && !($fp = @fsockopen('127.0.0.1', $port1))) {
|
||||
usleep(10000);
|
||||
}
|
||||
if ($fp) {
|
||||
@ -38,11 +47,16 @@ if (is_resource($fpm)) {
|
||||
}
|
||||
for ($i=0 ; $i<10 ; $i++) {
|
||||
try {
|
||||
run_request('127.0.0.1', $port);
|
||||
run_request('127.0.0.1', $port1);
|
||||
} catch (Exception $e) {
|
||||
echo "Error\n";
|
||||
echo "Error 1\n";
|
||||
}
|
||||
}
|
||||
try {
|
||||
run_request('127.0.0.1', $port2);
|
||||
} catch (Exception $e) {
|
||||
echo "Error 2\n";
|
||||
}
|
||||
proc_terminate($fpm);
|
||||
if (!feof($tail)) {
|
||||
echo stream_get_contents($tail);
|
||||
@ -55,12 +69,14 @@ if (is_resource($fpm)) {
|
||||
Done
|
||||
--EXPECTF--
|
||||
Started
|
||||
[%s] NOTICE: [pool unconfined] pm.start_servers is not set. It's been set to 2.
|
||||
[%s] NOTICE: [pool unconfined] 'user' directive is ignored when FPM is not running as root
|
||||
Error 2
|
||||
[%s] NOTICE: [pool pool1] pm.start_servers is not set. It's been set to 2.
|
||||
[%s] NOTICE: [pool pool1] 'user' directive is ignored when FPM is not running as root
|
||||
[%s] NOTICE: fpm is running, pid %d
|
||||
[%s] NOTICE: ready to handle connections
|
||||
[%s] WARNING: [pool unconfined] child %d said into stderr: "ERROR: Wrong IP address 'xxx' in listen.allowed_clients"
|
||||
[%s] WARNING: [pool unconfined] child %d said into stderr: "ERROR: Wrong IP address 'xxx' in listen.allowed_clients"
|
||||
[%s] WARNING: [pool pool2] child %d said into stderr: "ERROR: Wrong IP address 'xxx' in listen.allowed_clients"
|
||||
[%s] WARNING: [pool pool2] child %d said into stderr: "ERROR: There are no allowed addresses for this pool"
|
||||
[%s] WARNING: [pool pool2] child %d said into stderr: "ERROR: Connection disallowed: IP address '127.0.0.1' has been dropped."
|
||||
[%s] NOTICE: Terminating ...
|
||||
[%s] NOTICE: exiting, bye-bye!
|
||||
Done
|
||||
|
Loading…
Reference in New Issue
Block a user