|
1 /* |
|
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. |
|
3 * |
|
4 * Copyright 2016 Olaf Wintermann. All rights reserved. |
|
5 * |
|
6 * Redistribution and use in source and binary forms, with or without |
|
7 * modification, are permitted provided that the following conditions are met: |
|
8 * |
|
9 * 1. Redistributions of source code must retain the above copyright |
|
10 * notice, this list of conditions and the following disclaimer. |
|
11 * |
|
12 * 2. Redistributions in binary form must reproduce the above copyright |
|
13 * notice, this list of conditions and the following disclaimer in the |
|
14 * documentation and/or other materials provided with the distribution. |
|
15 * |
|
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
|
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
|
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
26 * POSSIBILITY OF SUCH DAMAGE. |
|
27 */ |
|
28 |
|
29 #include "cgi.h" |
|
30 |
|
31 #include <stdio.h> |
|
32 #include <stdlib.h> |
|
33 #include <unistd.h> |
|
34 |
|
35 #include "../util/util.h" |
|
36 #include "../../ucx/string.h" |
|
37 |
|
38 #include "cgiutils.h" |
|
39 |
|
40 #define CGI_VARS 32 |
|
41 |
|
42 #define CGI_RESPONSE_PARSER_BUFLEN 2048 |
|
43 #define CGI_RESPONSE_MAX_LINE_LENGTH 512 |
|
44 |
|
45 int send_cgi(pblock *pb, Session *sn, Request *rq) { |
|
46 char *path = pblock_findval("path", rq->vars); |
|
47 |
|
48 struct stat s; |
|
49 if(stat(path, &s)) { |
|
50 int statuscode = util_errno2status(errno); |
|
51 protocol_status(sn, rq, statuscode, NULL); |
|
52 return REQ_ABORTED; |
|
53 } |
|
54 if(S_ISDIR(s.st_mode)) { |
|
55 protocol_status(sn, rq, 403, NULL); |
|
56 return REQ_ABORTED; |
|
57 } |
|
58 |
|
59 param_free(pblock_remove("content-type", rq->srvhdrs)); |
|
60 |
|
61 const char *args = pblock_findval("query", rq->reqpb); |
|
62 char **argv = cgi_create_argv(path, NULL, args); |
|
63 |
|
64 char **env = http_hdrs2env(rq->headers); |
|
65 env = cgi_common_vars(sn, rq, env); |
|
66 env = cgi_specific_vars(sn, rq, args, env, 1); |
|
67 |
|
68 CGIProcess cgip; |
|
69 int ret = cgi_start(&cgip, path, argv, env); |
|
70 if(ret != REQ_PROCEED) { |
|
71 return ret; |
|
72 } |
|
73 |
|
74 // TODO: send http body |
|
75 close(cgip.in[1]); |
|
76 |
|
77 // read from child |
|
78 CGIResponseParser *parser = cgi_parser_new(sn, rq); |
|
79 WSBool cgiheader = TRUE; |
|
80 |
|
81 char buf[4096]; |
|
82 ssize_t r; |
|
83 while((r = read(cgip.out[0], buf, 4096)) > 0) { |
|
84 if(cgiheader) { |
|
85 size_t pos; |
|
86 int ret = cgi_parse_response(parser, buf, r, &pos); |
|
87 if(ret == -1) { |
|
88 protocol_status(sn, rq, 500, NULL); |
|
89 return REQ_ABORTED; |
|
90 } else if(ret == 0) { |
|
91 |
|
92 } else if(ret == 1) { |
|
93 cgiheader = FALSE; |
|
94 http_start_response(sn, rq); |
|
95 if(pos < r) { |
|
96 net_write(sn->csd, buf+pos, r-pos); |
|
97 } |
|
98 } |
|
99 } else { |
|
100 net_write(sn->csd, buf, r); |
|
101 } |
|
102 } |
|
103 |
|
104 return REQ_PROCEED; |
|
105 } |
|
106 |
|
107 int cgi_start(CGIProcess *p, char *path, char *const argv[], char *const envp[]) { |
|
108 if(pipe(p->in) || pipe(p->out)) { |
|
109 log_ereport( |
|
110 LOG_FAILURE, |
|
111 "send-cgi: cannot create pipe: %s", |
|
112 strerror(errno)); |
|
113 return REQ_ABORTED; |
|
114 } |
|
115 |
|
116 p->pid = fork(); |
|
117 if(p->pid == 0) { |
|
118 // child |
|
119 if(dup2(p->in[0], STDIN_FILENO) == -1) { |
|
120 perror("cgi_start: dup2"); |
|
121 exit(EXIT_FAILURE); |
|
122 } |
|
123 if(dup2(p->out[1], STDOUT_FILENO) == -1) { |
|
124 perror("cgi_start: dup2"); |
|
125 exit(EXIT_FAILURE); |
|
126 } |
|
127 |
|
128 // we need to close this unused pipe |
|
129 // otherwise stdin cannot reach EOF |
|
130 close(p->in[1]); |
|
131 |
|
132 // execute program |
|
133 exit(execve(path, argv, envp)); |
|
134 } else { |
|
135 // parent |
|
136 close(p->out[1]); |
|
137 } |
|
138 |
|
139 return REQ_PROCEED; |
|
140 } |
|
141 |
|
142 CGIResponseParser* cgi_parser_new(Session *sn, Request *rq) { |
|
143 CGIResponseParser* parser = pool_malloc(sn->pool, sizeof(CGIResponseParser)); |
|
144 parser->sn = sn; |
|
145 parser->rq = rq; |
|
146 parser->tmp = ucx_buffer_new(NULL, 64, UCX_BUFFER_AUTOEXTEND); |
|
147 return parser; |
|
148 } |
|
149 |
|
150 /* |
|
151 * parses a cgi response line and adds the response header to rq->srvhdrs |
|
152 * returns 0: incomplete line |
|
153 * 1: successfully parsed lines |
|
154 * 2: cgi response header complete (empty line) |
|
155 * -1: error |
|
156 */ |
|
157 static int parse_lines(CGIResponseParser *parser, char *buf, size_t len, int *pos) { |
|
158 sstr_t name; |
|
159 sstr_t value; |
|
160 WSBool space = TRUE; |
|
161 int i; |
|
162 |
|
163 int line_begin = 0; |
|
164 int value_begin = 0; |
|
165 for(i=0;i<len;i++) { |
|
166 char c = buf[i]; |
|
167 if(value_begin == line_begin && c == ':') { |
|
168 name = sstrn(buf + line_begin, i - line_begin); |
|
169 value_begin = i + 1; |
|
170 } else if(c == '\n') { |
|
171 if(value_begin == line_begin) { |
|
172 if(space) { |
|
173 *pos = i + 1; |
|
174 return 2; |
|
175 } else { |
|
176 // line ends with content but without ':' -> error |
|
177 return -1; |
|
178 } |
|
179 } |
|
180 value = sstrn(buf + value_begin, i - value_begin); |
|
181 |
|
182 name = sstrtrim(name); |
|
183 value = sstrtrim(value); |
|
184 |
|
185 if(name.length == 0 || value.length == 0) { |
|
186 return -1; |
|
187 } |
|
188 pblock_nvlinsert( |
|
189 name.ptr, |
|
190 name.length, |
|
191 value.ptr, |
|
192 value.length, |
|
193 parser->rq->srvhdrs); |
|
194 |
|
195 line_begin = i+1; |
|
196 value_begin = line_begin; |
|
197 space = TRUE; |
|
198 } else if(c != ' ') { |
|
199 space = FALSE; |
|
200 } |
|
201 } |
|
202 |
|
203 if(i < len) { |
|
204 *pos = i; |
|
205 return 0; |
|
206 } |
|
207 return 1; |
|
208 } |
|
209 |
|
210 /* |
|
211 * returns -1: error |
|
212 * 0: response header incomplete |
|
213 * 1: complete |
|
214 */ |
|
215 int cgi_parse_response(CGIResponseParser *parser, char *buf, size_t len, size_t *bpos) { |
|
216 *bpos = 0; |
|
217 int pos = 0; |
|
218 if(parser->tmp->pos > 0) { |
|
219 // the tmp buffer contains an unfinished line |
|
220 // fill up the buffer until the line is complete |
|
221 WSBool nb = FALSE; |
|
222 for(pos=0;pos<len;pos++) { |
|
223 if(buf[pos] == '\n') { |
|
224 nb = TRUE; |
|
225 break; |
|
226 } |
|
227 } |
|
228 ucx_buffer_write(buf, 1, pos, parser->tmp); |
|
229 |
|
230 if(nb) { |
|
231 // line complete |
|
232 int npos; |
|
233 int r = parse_lines(parser, parser->tmp->space, parser->tmp->pos, &npos); |
|
234 switch(r) { |
|
235 case -1: return -1; |
|
236 case 0: return -1; |
|
237 case 1: break; |
|
238 case 2: { |
|
239 *bpos = pos + 1; |
|
240 return 1; |
|
241 } |
|
242 } |
|
243 // reset tmp buffer |
|
244 parser->tmp->pos = 0; |
|
245 } else { |
|
246 if(parser->tmp->pos > CGI_RESPONSE_MAX_LINE_LENGTH) { |
|
247 return -1; |
|
248 } |
|
249 } |
|
250 } |
|
251 |
|
252 int npos = 0; |
|
253 int r = parse_lines(parser, buf + pos, len - pos, &npos); |
|
254 switch(r) { |
|
255 default: return -1; |
|
256 case 0: |
|
257 case 1: { |
|
258 int newlen = len - npos; |
|
259 if(npos > 0) { |
|
260 ucx_buffer_write(buf + npos, 1, newlen, parser->tmp); |
|
261 } |
|
262 return 0; |
|
263 } |
|
264 case 2: { |
|
265 *bpos = pos + npos; |
|
266 return 1; |
|
267 } |
|
268 } |
|
269 } |
|
270 |