Static: support for openat2() features.

Support for chrooting, rejecting symlinks, and rejecting crossing mounting points on a per-request basis during static file serving.
2021-04-29 22:04:34 +08:00
parent 113afb09ea
commit 53279af5d4
10 changed files with 313 additions and 27 deletions
--- a/auto/files
+++ b/auto/files
@@ -49,3 +49,35 @@ nxt_feature_test="#include <fcntl.h>
                      return 0;
                  }"
 . auto/feature
+
+
+nxt_feature="openat2()"
+nxt_feature_name=NXT_HAVE_OPENAT2
+nxt_feature_run=
+nxt_feature_incs=
+nxt_feature_libs=
+nxt_feature_test="#include <fcntl.h>
+                  #include <unistd.h>
+                  #include <sys/syscall.h>
+                  #include <linux/openat2.h>
+                  #include <string.h>
+
+                  int main() {
+                      struct open_how  how;
+
+                      memset(&how, 0, sizeof(how));
+
+                      how.flags = O_RDONLY;
+                      how.mode = O_NONBLOCK;
+                      how.resolve = RESOLVE_IN_ROOT
+                                    | RESOLVE_NO_SYMLINKS
+                                    | RESOLVE_NO_XDEV;
+
+                      int fd = syscall(SYS_openat2, AT_FDCWD, \".\",
+                                       &how, sizeof(how));
+                      if (fd == -1)
+                          return 1;
+
+                      return 0;
+                  }"
+. auto/feature