server_fcgi.c revision 1.15
1/* $OpenBSD: server_fcgi.c,v 1.15 2014/08/03 12:26:19 reyk Exp $ */ 2 3/* 4 * Copyright (c) 2014 Florian Obser <florian@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#include <sys/types.h> 20#include <sys/queue.h> 21#include <sys/time.h> 22#include <sys/stat.h> 23#include <sys/socket.h> 24#include <sys/un.h> 25#include <sys/tree.h> 26#include <sys/hash.h> 27 28#include <net/if.h> 29#include <netinet/in_systm.h> 30#include <netinet/in.h> 31#include <netinet/ip.h> 32#include <netinet/tcp.h> 33#include <arpa/inet.h> 34 35#include <errno.h> 36#include <fcntl.h> 37#include <stdlib.h> 38#include <string.h> 39#include <unistd.h> 40#include <stdio.h> 41#include <err.h> 42#include <event.h> 43 44#include <openssl/ssl.h> 45 46#include "httpd.h" 47#include "http.h" 48 49#define FCGI_CONTENT_SIZE 65535 50#define FCGI_PADDING_SIZE 255 51#define FCGI_RECORD_SIZE \ 52 (sizeof(struct fcgi_record_header) + FCGI_CONTENT_SIZE + FCGI_PADDING_SIZE) 53 54#define FCGI_BEGIN_REQUEST 1 55#define FCGI_ABORT_REQUEST 2 56#define FCGI_END_REQUEST 3 57#define FCGI_PARAMS 4 58#define FCGI_STDIN 5 59#define FCGI_STDOUT 6 60#define FCGI_STDERR 7 61#define FCGI_DATA 8 62#define FCGI_GET_VALUES 9 63#define FCGI_GET_VALUES_RESULT 10 64#define FCGI_UNKNOWN_TYPE 11 65#define FCGI_MAXTYPE (FCGI_UNKNOWN_TYPE) 66 67#define FCGI_RESPONDER 1 68 69struct fcgi_record_header { 70 uint8_t version; 71 uint8_t type; 72 uint16_t id; 73 uint16_t content_len; 74 uint8_t padding_len; 75 uint8_t reserved; 76} __packed; 77 78struct fcgi_begin_request_body { 79 uint16_t role; 80 uint8_t flags; 81 uint8_t reserved[5]; 82} __packed; 83 84int server_fcgi_header(struct client *, u_int); 85void server_fcgi_read(struct bufferevent *, void *); 86int fcgi_add_param(uint8_t *, const char *, const char *, int *, 87 struct client *); 88 89int 90server_fcgi(struct httpd *env, struct client *clt) 91{ 92 uint8_t buf[FCGI_RECORD_SIZE]; 93 char hbuf[MAXHOSTNAMELEN]; 94 struct server_config *srv_conf = clt->clt_srv_conf; 95 struct http_descriptor *desc = clt->clt_desc; 96 struct sockaddr_un sun; 97 struct fcgi_record_header *h; 98 struct fcgi_begin_request_body *begin; 99 struct kv *kv, key; 100 size_t len; 101 int fd = -1, total_len, ret; 102 const char *errstr = NULL; 103 char *str, *p; 104 in_port_t port; 105 struct sockaddr_storage ss; 106 107 if (srv_conf->socket[0] == ':') { 108 p = srv_conf->socket + 1; 109 110 port = strtonum(p, 0, 0xffff, &errstr); 111 if (errstr != NULL) { 112 log_warn("%s: strtonum %s, %s", __func__, p, errstr); 113 goto fail; 114 } 115 memset(&ss, 0, sizeof(ss)); 116 ss.ss_family = AF_INET; 117 ((struct sockaddr_in *) 118 &ss)->sin_addr.s_addr = htonl(INADDR_LOOPBACK); 119 port = htons(port); 120 121 if ((fd = server_socket_connect(&ss, port, srv_conf)) == -1) 122 goto fail; 123 } else { 124 if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) 125 goto fail; 126 127 memset(&sun, 0, sizeof(sun)); 128 sun.sun_family = AF_UNIX; 129 len = strlcpy(sun.sun_path, 130 srv_conf->socket, sizeof(sun.sun_path)); 131 if (len >= sizeof(sun.sun_path)) { 132 errstr = "socket path to long"; 133 goto fail; 134 } 135 sun.sun_len = len; 136 137 if (connect(fd, (struct sockaddr *)&sun, sizeof(sun)) == -1) 138 goto fail; 139 } 140 141 socket_set_blockmode(fd, BM_NONBLOCK); 142 143 memset(&hbuf, 0, sizeof(hbuf)); 144 clt->clt_fcgi_state = FCGI_READ_HEADER; 145 clt->clt_fcgi_toread = sizeof(struct fcgi_record_header); 146 147 if (clt->clt_srvevb != NULL) 148 evbuffer_free(clt->clt_srvevb); 149 150 clt->clt_srvevb = evbuffer_new(); 151 if (clt->clt_srvevb == NULL) { 152 errstr = "failed to allocate evbuffer"; 153 goto fail; 154 } 155 156 clt->clt_fd = fd; 157 if (clt->clt_srvbev != NULL) 158 bufferevent_free(clt->clt_srvbev); 159 160 clt->clt_srvbev = bufferevent_new(fd, server_fcgi_read, 161 NULL, server_file_error, clt); 162 if (clt->clt_srvbev == NULL) { 163 errstr = "failed to allocate fcgi buffer event"; 164 goto fail; 165 } 166 167 memset(&buf, 0, sizeof(buf)); 168 169 h = (struct fcgi_record_header *) &buf; 170 h->version = 1; 171 h->type = FCGI_BEGIN_REQUEST; 172 h->id = htons(1); 173 h->content_len = htons(sizeof(struct fcgi_begin_request_body)); 174 h->padding_len = 0; 175 176 begin = (struct fcgi_begin_request_body *) &buf[sizeof(struct 177 fcgi_record_header)]; 178 begin->role = htons(FCGI_RESPONDER); 179 180 bufferevent_write(clt->clt_srvbev, &buf, 181 sizeof(struct fcgi_record_header) + 182 sizeof(struct fcgi_begin_request_body)); 183 184 h->type = FCGI_PARAMS; 185 h->content_len = total_len = 0; 186 187 if (fcgi_add_param(buf, "SCRIPT_NAME", desc->http_path, &total_len, 188 clt) == -1) { 189 errstr = "failed to encode param"; 190 goto fail; 191 } 192 193 if (asprintf(&str, "%s%s", srv_conf->root, desc->http_path) != -1) { 194 ret = fcgi_add_param(buf, "SCRIPT_FILENAME", str, 195 &total_len, clt); 196 free(str); 197 if (ret == -1) { 198 errstr = "failed to encode param"; 199 goto fail; 200 } 201 } 202 203 if (desc->http_query) 204 if (fcgi_add_param(buf, "QUERY_STRING", desc->http_query, 205 &total_len, clt) == -1) { 206 errstr = "failed to encode param"; 207 goto fail; 208 } 209 210 if (fcgi_add_param(buf, "DOCUMENT_URI", desc->http_path, &total_len, 211 clt) == -1) { 212 errstr = "failed to encode param"; 213 goto fail; 214 } 215 if (fcgi_add_param(buf, "GATEWAY_INTERFACE", "CGI/1.1", &total_len, 216 clt) == -1) { 217 errstr = "failed to encode param"; 218 goto fail; 219 } 220 221 key.kv_key = "Accept"; 222 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 223 kv->kv_value != NULL) 224 if (fcgi_add_param(buf, "HTTP_ACCEPT", kv->kv_value, 225 &total_len, clt) == -1) { 226 errstr = "failed to encode param"; 227 goto fail; 228 } 229 230 key.kv_key = "Accept-Encoding"; 231 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 232 kv->kv_value != NULL) 233 if (fcgi_add_param(buf, "HTTP_ACCEPT_ENCODING", kv->kv_value, 234 &total_len, clt) == -1) { 235 errstr = "failed to encode param"; 236 goto fail; 237 } 238 239 key.kv_key = "Accept-Language"; 240 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 241 kv->kv_value != NULL) 242 if (fcgi_add_param(buf, "HTTP_ACCEPT_LANGUAGE", kv->kv_value, 243 &total_len, clt) == -1) { 244 errstr = "failed to encode param"; 245 goto fail; 246 } 247 248 key.kv_key = "Connection"; 249 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 250 kv->kv_value != NULL) 251 if (fcgi_add_param(buf, "HTTP_CONNECTION", kv->kv_value, 252 &total_len, clt) == -1) { 253 errstr = "failed to encode param"; 254 goto fail; 255 } 256 257 key.kv_key = "Cookie"; 258 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 259 kv->kv_value != NULL) 260 if (fcgi_add_param(buf, "HTTP_COOKIE", kv->kv_value, 261 &total_len, clt) == -1) { 262 errstr = "failed to encode param"; 263 goto fail; 264 } 265 266 key.kv_key = "Host"; 267 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 268 kv->kv_value != NULL) 269 if (fcgi_add_param(buf, "HTTP_HOST", kv->kv_value, 270 &total_len, clt) == -1) { 271 errstr = "failed to encode param"; 272 goto fail; 273 } 274 275 key.kv_key = "User-Agent"; 276 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 277 kv->kv_value != NULL) 278 if (fcgi_add_param(buf, "HTTP_USER_AGENT", kv->kv_value, 279 &total_len, clt) == -1) { 280 errstr = "failed to encode param"; 281 goto fail; 282 } 283 284 (void)print_host(&clt->clt_ss, hbuf, sizeof(hbuf)); 285 if (fcgi_add_param(buf, "REMOTE_ADDR", hbuf, &total_len, clt) == -1) { 286 errstr = "failed to encode param"; 287 goto fail; 288 } 289 290 (void)snprintf(hbuf, sizeof(hbuf), "%d", ntohs(clt->clt_port)); 291 if (fcgi_add_param(buf, "REMOTE_PORT", hbuf, &total_len, clt) == -1) { 292 errstr = "failed to encode param"; 293 goto fail; 294 } 295 296 if (fcgi_add_param(buf, "REQUEST_METHOD", 297 server_httpmethod_byid(desc->http_method), &total_len, clt) == -1) { 298 errstr = "failed to encode param"; 299 goto fail; 300 } 301 302 if (!desc->http_query) { 303 if (fcgi_add_param(buf, "REQUEST_URI", desc->http_path, 304 &total_len, clt) == -1) { 305 errstr = "failed to encode param"; 306 goto fail; 307 } 308 } else if (asprintf(&str, "%s?%s", desc->http_path, 309 desc->http_query) != -1) { 310 ret = fcgi_add_param(buf, "REQUEST_URI", str, 311 &total_len, clt); 312 free(str); 313 if (ret == -1) { 314 errstr = "failed to encode param"; 315 goto fail; 316 } 317 } 318 319 (void)print_host(&clt->clt_srv_ss, hbuf, sizeof(hbuf)); 320 if (fcgi_add_param(buf, "SERVER_ADDR", hbuf, &total_len, clt) == -1) { 321 errstr = "failed to encode param"; 322 goto fail; 323 } 324 325 (void)snprintf(hbuf, sizeof(hbuf), "%d", 326 ntohs(server_socket_getport(&clt->clt_srv_ss))); 327 if (fcgi_add_param(buf, "SERVER_PORT", hbuf, &total_len, clt) == -1) { 328 errstr = "failed to encode param"; 329 goto fail; 330 } 331 332 if (fcgi_add_param(buf, "SERVER_NAME", srv_conf->name, &total_len, 333 clt) == -1) { 334 errstr = "failed to encode param"; 335 goto fail; 336 } 337 338 if (fcgi_add_param(buf, "SERVER_PROTOCOL", desc->http_version, 339 &total_len, clt) == -1) { 340 errstr = "failed to encode param"; 341 goto fail; 342 } 343 344 if (fcgi_add_param(buf, "SERVER_SOFTWARE", HTTPD_SERVERNAME, &total_len, 345 clt) == -1) { 346 errstr = "failed to encode param"; 347 goto fail; 348 } 349 350 if (total_len != 0) { /* send last params record */ 351 bufferevent_write(clt->clt_srvbev, &buf, 352 sizeof(struct fcgi_record_header) + 353 ntohs(h->content_len)); 354 } 355 356 /* send "no more params" message */ 357 h->content_len = 0; 358 bufferevent_write(clt->clt_srvbev, &buf, 359 sizeof(struct fcgi_record_header)); 360 361 h->type = FCGI_STDIN; 362 363 bufferevent_write(clt->clt_srvbev, &buf, 364 sizeof(struct fcgi_record_header)); 365 366 bufferevent_settimeout(clt->clt_srvbev, 367 srv_conf->timeout.tv_sec, srv_conf->timeout.tv_sec); 368 bufferevent_enable(clt->clt_srvbev, EV_READ|EV_WRITE); 369 bufferevent_disable(clt->clt_bev, EV_READ); 370 371 /* 372 * persist is not supported yet because we don't get the 373 * Content-Length from slowcgi and don't support chunked encoding. 374 */ 375 clt->clt_persist = 0; 376 clt->clt_done = 0; 377 378 return (0); 379 fail: 380 if (errstr == NULL) 381 errstr = strerror(errno); 382 server_abort_http(clt, 500, errstr); 383 return (-1); 384} 385 386int 387fcgi_add_param(uint8_t *buf, const char *key, const char *val, int *total_len, 388 struct client *clt) 389{ 390 struct fcgi_record_header *h; 391 int len = 0; 392 int key_len = strlen(key); 393 int val_len = strlen(val); 394 uint8_t *param; 395 396 len += key_len + val_len; 397 len += key_len > 127 ? 4 : 1; 398 len += val_len > 127 ? 4 : 1; 399 400 DPRINTF("%s: %s[%d] => %s[%d], total_len: %d", __func__, key, key_len, 401 val, val_len, *total_len); 402 403 if (len > FCGI_CONTENT_SIZE) 404 return (-1); 405 406 if (*total_len + len > FCGI_CONTENT_SIZE) { 407 bufferevent_write(clt->clt_srvbev, buf, 408 sizeof(struct fcgi_record_header) + *total_len); 409 *total_len = 0; 410 } 411 412 h = (struct fcgi_record_header *) buf; 413 param = buf + sizeof(struct fcgi_record_header) + *total_len; 414 415 if (key_len > 127) { 416 *param++ = ((key_len >> 24) & 0xff) | 0x80; 417 *param++ = ((key_len >> 16) & 0xff); 418 *param++ = ((key_len >> 8) & 0xff); 419 *param++ = (key_len & 0xff); 420 } else 421 *param++ = key_len; 422 423 if (val_len > 127) { 424 *param++ = ((val_len >> 24) & 0xff) | 0x80; 425 *param++ = ((val_len >> 16) & 0xff); 426 *param++ = ((val_len >> 8) & 0xff); 427 *param++ = (val_len & 0xff); 428 } else 429 *param++ = val_len; 430 431 memcpy(param, key, key_len); 432 param += key_len; 433 memcpy(param, val, val_len); 434 435 *total_len += len; 436 437 h->content_len = htons(*total_len); 438 return (0); 439} 440 441void 442server_fcgi_read(struct bufferevent *bev, void *arg) 443{ 444 uint8_t buf[FCGI_RECORD_SIZE]; 445 struct client *clt = (struct client *) arg; 446 struct fcgi_record_header *h; 447 size_t len; 448 449 do { 450 len = bufferevent_read(bev, &buf, clt->clt_fcgi_toread); 451 /* XXX error handling */ 452 evbuffer_add(clt->clt_srvevb, &buf, len); 453 clt->clt_fcgi_toread -= len; 454 DPRINTF("%s: len: %lu toread: %d state: %d", __func__, len, 455 clt->clt_fcgi_toread, clt->clt_fcgi_state); 456 457 if (clt->clt_fcgi_toread != 0) 458 return; 459 460 switch (clt->clt_fcgi_state) { 461 case FCGI_READ_HEADER: 462 clt->clt_fcgi_state = FCGI_READ_CONTENT; 463 h = (struct fcgi_record_header *) 464 EVBUFFER_DATA(clt->clt_srvevb); 465 DPRINTF("%s: record header: version %d type %d id %d " 466 "content len %d padding %d", __func__, 467 h->version, h->type, ntohs(h->id), 468 ntohs(h->content_len), h->padding_len); 469 clt->clt_fcgi_type = h->type; 470 clt->clt_fcgi_toread = ntohs(h->content_len); 471 clt->clt_fcgi_padding_len = h->padding_len; 472 evbuffer_drain(clt->clt_srvevb, 473 EVBUFFER_LENGTH(clt->clt_srvevb)); 474 if (clt->clt_fcgi_toread != 0) 475 break; 476 477 /* fallthrough if content_len == 0 */ 478 case FCGI_READ_CONTENT: 479 if (clt->clt_fcgi_type == FCGI_STDOUT && 480 EVBUFFER_LENGTH(clt->clt_srvevb) > 0) { 481 if (++clt->clt_chunk == 1) 482 server_fcgi_header(clt, 200); 483 server_bufferevent_write_buffer(clt, 484 clt->clt_srvevb); 485 } 486 evbuffer_drain(clt->clt_srvevb, 487 EVBUFFER_LENGTH(clt->clt_srvevb)); 488 if (!clt->clt_fcgi_padding_len) { 489 clt->clt_fcgi_state = FCGI_READ_HEADER; 490 clt->clt_fcgi_toread = 491 sizeof(struct fcgi_record_header); 492 } else { 493 clt->clt_fcgi_state = FCGI_READ_PADDING; 494 clt->clt_fcgi_toread = 495 clt->clt_fcgi_padding_len; 496 } 497 break; 498 case FCGI_READ_PADDING: 499 evbuffer_drain(clt->clt_srvevb, 500 EVBUFFER_LENGTH(clt->clt_srvevb)); 501 clt->clt_fcgi_state = FCGI_READ_HEADER; 502 clt->clt_fcgi_toread = 503 sizeof(struct fcgi_record_header); 504 break; 505 } 506 } while (len > 0); 507} 508 509int 510server_fcgi_header(struct client *clt, u_int code) 511{ 512 struct http_descriptor *desc = clt->clt_desc; 513 const char *error; 514 char tmbuf[32]; 515 516 if (desc == NULL || (error = server_httperror_byid(code)) == NULL) 517 return (-1); 518 519 if (server_log_http(clt, code, 0) == -1) 520 return (-1); 521 522 kv_purge(&desc->http_headers); 523 524 /* Add error codes */ 525 if (kv_setkey(&desc->http_pathquery, "%lu", code) == -1 || 526 kv_set(&desc->http_pathquery, "%s", error) == -1) 527 return (-1); 528 529 /* Add headers */ 530 if (kv_add(&desc->http_headers, "Server", HTTPD_SERVERNAME) == NULL) 531 return (-1); 532 533 /* Is it a persistent connection? */ 534 if (clt->clt_persist) { 535 if (kv_add(&desc->http_headers, 536 "Connection", "keep-alive") == NULL) 537 return (-1); 538 } else if (kv_add(&desc->http_headers, "Connection", "close") == NULL) 539 return (-1); 540 541 /* Date header is mandatory and should be added last */ 542 server_http_date(tmbuf, sizeof(tmbuf)); 543 if (kv_add(&desc->http_headers, "Date", tmbuf) == NULL) 544 return (-1); 545 546 /* Write initial header (fcgi might append more) */ 547 if (server_writeresponse_http(clt) == -1 || 548 server_bufferevent_print(clt, "\r\n") == -1 || 549 server_headers(clt, server_writeheader_http) == -1) 550 return (-1); 551 552 return (0); 553} 554