Fix clearing password in memory

[hcoop/debian/libapache-mod-waklog.git] / mod_waklog.c

diff --git a/mod_waklog.c b/mod_waklog.c
index 8a9b0db..07f1339 100644 (file)
--- a/mod_waklog.c
+++ b/mod_waklog.c
@@ -54,11 +54,6 @@ module waklog_module;
 #define MK_POOL apr_pool_t
 #define MK_TABLE_GET apr_table_get
 #define MK_TABLE_SET apr_table_set
-#include "unixd.h"
-extern unixd_config_rec unixd_config;
-#define ap_user_id        unixd_config.user_id
-#define ap_group_id       unixd_config.group_id
-#define ap_user_name      unixd_config.user_name
 #define command(name, func, var, type, usage)           \
   AP_INIT_ ## type (name, (void*) func,                 \
         NULL,     \
@@ -67,6 +62,11 @@ module AP_MODULE_DECLARE_DATA waklog_module;
 typedef struct { int dummy; } child_info;
 const char *userdata_key = "waklog_init"; 
 
+/* Apache 2.4 */
+#ifdef APLOG_USE_MODULE
+APLOG_USE_MODULE(waklog);
+#endif
+
 #endif /* APACHE2 */
 /**************************************************************************************************/
 
@@ -165,9 +165,15 @@ int renewcount = 0;
 #define getModConfig(P, X) P = (waklog_config *) ap_get_module_config( (X)->module_config, &waklog_module );
 
 
+#ifdef APLOG_USE_MODULE
+static void
+log_error (const char *file, int line, int module_index, int level, int status,
+           const server_rec * s, const char *fmt, ...)
+#else
 static void
 log_error (const char *file, int line, int level, int status,
            const server_rec * s, const char *fmt, ...)
+#endif
 {
   char errstr[4096];
   va_list ap;
@@ -177,7 +183,12 @@ log_error (const char *file, int line, int level, int status,
   va_end (ap);
 
 #ifdef APACHE2
+ #ifdef APLOG_USE_MODULE
+  /* Apache 2.4 */
+  ap_log_error (file, line, module_index, level | APLOG_NOERRNO, status, s, "%s", errstr);
+ #else
   ap_log_error (file, line, level | APLOG_NOERRNO, status, s, "(%d) %s", getpid(), errstr);
+ #endif
 #else
   ap_log_error (file, line, level | APLOG_NOERRNO, s, "(%d) %s", getpid(), errstr);
 #endif
@@ -453,11 +464,11 @@ set_auth ( server_rec *s, request_rec *r, int self, char *principal, char *keyta
                 log_error(APLOG_MARK, APLOG_ERR, 0, s, "mod_waklog: krb5_get_init_creds_password %s",
                   error_message(kerror) );
                   /* nuke the password so it doesn't end up in core files */
-                  memset(k5secret, 0, sizeof(k5secret));               
+                  memset(k5secret, 0, strlen(k5secret));
                 goto cleanup;
         }
       
-        memset(k5secret, 0, sizeof(k5secret));      
+        memset(k5secret, 0, strlen(k5secret));
       }
 
       /* initialize the credentials cache and store the stuff we just got */
@@ -1170,7 +1181,15 @@ token_cleanup (void *data)
   return 0;
 }
 
+/* This function doesn't return anything but is passed to ap_bspawn_child on
+ * Apache 1 which expects it to return a pid as an int. For want of better
+ * understanding, err on the side of not changing Apache 1 code while fixing
+ * the compile warning on Apache 2. */
+#ifdef APACHE2
+static void
+#else
 static int
+#endif
 waklog_child_routine (void *data, child_info * pinfo)
 {
   int i;
@@ -1311,7 +1330,10 @@ waklog_init_handler (apr_pool_t * p, apr_pool_t * plog,
           struct sharedspace_s bob;
           log_error(APLOG_MARK, APLOG_ERR, 0, s, "mod_waklog: sizing our cache file %d to %d", fd, sizeof(struct sharedspace_s) );
           memset( &bob, 0, sizeof(struct sharedspace_s));
-          write(fd, &bob, sizeof(struct sharedspace_s));
+          if ( write(fd, &bob, sizeof(struct sharedspace_s)) != sizeof(struct sharedspace_s) ) {
+            log_error(APLOG_MARK, APLOG_ERR, 0, s, "mod_waklog: failed to write to our cache file %s (%d)", cache_file, errno );
+            exit(errno);
+          }
           log_error(APLOG_MARK, APLOG_ERR, 0, s, "mod_waklog: done sizing our cache file to %d", sizeof(struct sharedspace_s) );
         }