server_fcgi.c revision 1.32
1/* $OpenBSD: server_fcgi.c,v 1.32 2014/08/13 16:04:28 reyk Exp $ */ 2 3/* 4 * Copyright (c) 2014 Florian Obser <florian@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#include <sys/types.h> 20#include <sys/queue.h> 21#include <sys/time.h> 22#include <sys/stat.h> 23#include <sys/socket.h> 24#include <sys/un.h> 25#include <sys/tree.h> 26#include <sys/hash.h> 27 28#include <net/if.h> 29#include <netinet/in_systm.h> 30#include <netinet/in.h> 31#include <netinet/ip.h> 32#include <netinet/tcp.h> 33#include <arpa/inet.h> 34 35#include <errno.h> 36#include <fcntl.h> 37#include <stdlib.h> 38#include <string.h> 39#include <unistd.h> 40#include <stdio.h> 41#include <ctype.h> 42#include <err.h> 43#include <event.h> 44 45#include "httpd.h" 46#include "http.h" 47 48#define FCGI_PADDING_SIZE 255 49#define FCGI_RECORD_SIZE \ 50 (sizeof(struct fcgi_record_header) + FCGI_CONTENT_SIZE + FCGI_PADDING_SIZE) 51 52#define FCGI_BEGIN_REQUEST 1 53#define FCGI_ABORT_REQUEST 2 54#define FCGI_END_REQUEST 3 55#define FCGI_PARAMS 4 56#define FCGI_STDIN 5 57#define FCGI_STDOUT 6 58#define FCGI_STDERR 7 59#define FCGI_DATA 8 60#define FCGI_GET_VALUES 9 61#define FCGI_GET_VALUES_RESULT 10 62#define FCGI_UNKNOWN_TYPE 11 63#define FCGI_MAXTYPE (FCGI_UNKNOWN_TYPE) 64 65#define FCGI_RESPONDER 1 66 67struct fcgi_record_header { 68 uint8_t version; 69 uint8_t type; 70 uint16_t id; 71 uint16_t content_len; 72 uint8_t padding_len; 73 uint8_t reserved; 74} __packed; 75 76struct fcgi_begin_request_body { 77 uint16_t role; 78 uint8_t flags; 79 uint8_t reserved[5]; 80} __packed; 81 82struct server_fcgi_param { 83 int total_len; 84 uint8_t buf[FCGI_RECORD_SIZE]; 85}; 86 87int server_fcgi_header(struct client *, u_int); 88void server_fcgi_read(struct bufferevent *, void *); 89int server_fcgi_writeheader(struct client *, struct kv *, void *); 90int fcgi_add_param(struct server_fcgi_param *, const char *, const char *, 91 struct client *); 92int get_status(struct evbuffer *); 93 94int 95server_fcgi(struct httpd *env, struct client *clt) 96{ 97 struct server_fcgi_param param; 98 struct server_config *srv_conf = clt->clt_srv_conf; 99 struct http_descriptor *desc = clt->clt_desc; 100 struct fcgi_record_header *h; 101 struct fcgi_begin_request_body *begin; 102 char hbuf[MAXHOSTNAMELEN]; 103 ssize_t scriptlen, pathlen; 104 int fd = -1, ret; 105 const char *errstr = NULL; 106 char *str, *p, *script = NULL; 107 108 if (srv_conf->socket[0] == ':') { 109 struct sockaddr_storage ss; 110 in_port_t port; 111 112 p = srv_conf->socket + 1; 113 114 port = strtonum(p, 0, 0xffff, &errstr); 115 if (errstr != NULL) { 116 log_warn("%s: strtonum %s, %s", __func__, p, errstr); 117 goto fail; 118 } 119 memset(&ss, 0, sizeof(ss)); 120 ss.ss_family = AF_INET; 121 ((struct sockaddr_in *) 122 &ss)->sin_addr.s_addr = htonl(INADDR_LOOPBACK); 123 port = htons(port); 124 125 if ((fd = server_socket_connect(&ss, port, srv_conf)) == -1) 126 goto fail; 127 } else { 128 struct sockaddr_un sun; 129 size_t len; 130 131 if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) 132 goto fail; 133 134 memset(&sun, 0, sizeof(sun)); 135 sun.sun_family = AF_UNIX; 136 len = strlcpy(sun.sun_path, 137 srv_conf->socket, sizeof(sun.sun_path)); 138 if (len >= sizeof(sun.sun_path)) { 139 errstr = "socket path to long"; 140 goto fail; 141 } 142 sun.sun_len = len; 143 144 if (connect(fd, (struct sockaddr *)&sun, sizeof(sun)) == -1) 145 goto fail; 146 } 147 148 socket_set_blockmode(fd, BM_NONBLOCK); 149 150 memset(hbuf, 0, sizeof(hbuf)); 151 clt->clt_fcgi_state = FCGI_READ_HEADER; 152 clt->clt_fcgi_toread = sizeof(struct fcgi_record_header); 153 154 if (clt->clt_srvevb != NULL) 155 evbuffer_free(clt->clt_srvevb); 156 157 clt->clt_srvevb = evbuffer_new(); 158 if (clt->clt_srvevb == NULL) { 159 errstr = "failed to allocate evbuffer"; 160 goto fail; 161 } 162 163 clt->clt_fd = fd; 164 if (clt->clt_srvbev != NULL) 165 bufferevent_free(clt->clt_srvbev); 166 167 clt->clt_srvbev = bufferevent_new(fd, server_fcgi_read, 168 NULL, server_file_error, clt); 169 if (clt->clt_srvbev == NULL) { 170 errstr = "failed to allocate fcgi buffer event"; 171 goto fail; 172 } 173 174 memset(¶m, 0, sizeof(param)); 175 176 h = (struct fcgi_record_header *)¶m.buf; 177 h->version = 1; 178 h->type = FCGI_BEGIN_REQUEST; 179 h->id = htons(1); 180 h->content_len = htons(sizeof(struct fcgi_begin_request_body)); 181 h->padding_len = 0; 182 183 begin = (struct fcgi_begin_request_body *)¶m.buf[sizeof(struct 184 fcgi_record_header)]; 185 begin->role = htons(FCGI_RESPONDER); 186 187 bufferevent_write(clt->clt_srvbev, ¶m.buf, 188 sizeof(struct fcgi_record_header) + 189 sizeof(struct fcgi_begin_request_body)); 190 191 h->type = FCGI_PARAMS; 192 h->content_len = param.total_len = 0; 193 194 if ((pathlen = (ssize_t)asprintf(&script, "%s%s", srv_conf->root, 195 desc->http_path_alias != NULL ? 196 desc->http_path_alias : desc->http_path)) == -1) { 197 errstr = "failed to get script name"; 198 goto fail; 199 } 200 201 if ((scriptlen = path_info(script)) < pathlen) { 202 if (fcgi_add_param(¶m, "PATH_INFO", 203 script + scriptlen, clt) == -1) { 204 errstr = "failed to encode param"; 205 goto fail; 206 } 207 script[scriptlen] = '\0'; 208 } 209 210 if (fcgi_add_param(¶m, "SCRIPT_NAME", 211 script + strlen(srv_conf->root), clt) == -1) { 212 errstr = "failed to encode param"; 213 goto fail; 214 } 215 if (fcgi_add_param(¶m, "SCRIPT_FILENAME", script, clt) == -1) { 216 errstr = "failed to encode param"; 217 goto fail; 218 } 219 220 if (desc->http_query) 221 if (fcgi_add_param(¶m, "QUERY_STRING", desc->http_query, 222 clt) == -1) { 223 errstr = "failed to encode param"; 224 goto fail; 225 } 226 227 if (fcgi_add_param(¶m, "DOCUMENT_ROOT", srv_conf->root, 228 clt) == -1) { 229 errstr = "failed to encode param"; 230 goto fail; 231 } 232 if (fcgi_add_param(¶m, "DOCUMENT_URI", desc->http_path, 233 clt) == -1) { 234 errstr = "failed to encode param"; 235 goto fail; 236 } 237 if (fcgi_add_param(¶m, "GATEWAY_INTERFACE", "CGI/1.1", 238 clt) == -1) { 239 errstr = "failed to encode param"; 240 goto fail; 241 } 242 243 /* Add HTTP_* headers */ 244 if (server_headers(clt, server_fcgi_writeheader, ¶m) == -1) { 245 errstr = "failed to encode param"; 246 goto fail; 247 } 248 249 if (srv_conf->flags & SRVFLAG_SSL) 250 if (fcgi_add_param(¶m, "HTTPS", "on", clt) == -1) { 251 errstr = "failed to encode param"; 252 goto fail; 253 } 254 255 (void)print_host(&clt->clt_ss, hbuf, sizeof(hbuf)); 256 if (fcgi_add_param(¶m, "REMOTE_ADDR", hbuf, clt) == -1) { 257 errstr = "failed to encode param"; 258 goto fail; 259 } 260 261 (void)snprintf(hbuf, sizeof(hbuf), "%d", ntohs(clt->clt_port)); 262 if (fcgi_add_param(¶m, "REMOTE_PORT", hbuf, clt) == -1) { 263 errstr = "failed to encode param"; 264 goto fail; 265 } 266 267 if (fcgi_add_param(¶m, "REQUEST_METHOD", 268 server_httpmethod_byid(desc->http_method), clt) == -1) { 269 errstr = "failed to encode param"; 270 goto fail; 271 } 272 273 if (!desc->http_query) { 274 if (fcgi_add_param(¶m, "REQUEST_URI", desc->http_path, 275 clt) == -1) { 276 errstr = "failed to encode param"; 277 goto fail; 278 } 279 } else if (asprintf(&str, "%s?%s", desc->http_path, 280 desc->http_query) != -1) { 281 ret = fcgi_add_param(¶m, "REQUEST_URI", str, clt); 282 free(str); 283 if (ret == -1) { 284 errstr = "failed to encode param"; 285 goto fail; 286 } 287 } 288 289 (void)print_host(&clt->clt_srv_ss, hbuf, sizeof(hbuf)); 290 if (fcgi_add_param(¶m, "SERVER_ADDR", hbuf, clt) == -1) { 291 errstr = "failed to encode param"; 292 goto fail; 293 } 294 295 (void)snprintf(hbuf, sizeof(hbuf), "%d", 296 ntohs(server_socket_getport(&clt->clt_srv_ss))); 297 if (fcgi_add_param(¶m, "SERVER_PORT", hbuf, clt) == -1) { 298 errstr = "failed to encode param"; 299 goto fail; 300 } 301 302 if (fcgi_add_param(¶m, "SERVER_NAME", srv_conf->name, 303 clt) == -1) { 304 errstr = "failed to encode param"; 305 goto fail; 306 } 307 308 if (fcgi_add_param(¶m, "SERVER_PROTOCOL", desc->http_version, 309 clt) == -1) { 310 errstr = "failed to encode param"; 311 goto fail; 312 } 313 314 if (fcgi_add_param(¶m, "SERVER_SOFTWARE", HTTPD_SERVERNAME, 315 clt) == -1) { 316 errstr = "failed to encode param"; 317 goto fail; 318 } 319 320 if (param.total_len != 0) { /* send last params record */ 321 bufferevent_write(clt->clt_srvbev, ¶m.buf, 322 sizeof(struct fcgi_record_header) + 323 ntohs(h->content_len)); 324 } 325 326 /* send "no more params" message */ 327 h->content_len = 0; 328 bufferevent_write(clt->clt_srvbev, ¶m.buf, 329 sizeof(struct fcgi_record_header)); 330 331 bufferevent_settimeout(clt->clt_srvbev, 332 srv_conf->timeout.tv_sec, srv_conf->timeout.tv_sec); 333 bufferevent_enable(clt->clt_srvbev, EV_READ|EV_WRITE); 334 if (clt->clt_toread != 0) { 335 server_read_httpcontent(clt->clt_bev, clt); 336 bufferevent_enable(clt->clt_bev, EV_READ); 337 } else { 338 bufferevent_disable(clt->clt_bev, EV_READ); 339 fcgi_add_stdin(clt, NULL); 340 } 341 342 /* 343 * persist is not supported yet because we don't get the 344 * Content-Length from slowcgi and don't support chunked encoding. 345 */ 346 clt->clt_persist = 0; 347 clt->clt_done = 0; 348 349 free(script); 350 return (0); 351 fail: 352 free(script); 353 if (errstr == NULL) 354 errstr = strerror(errno); 355 server_abort_http(clt, 500, errstr); 356 return (-1); 357} 358 359int 360fcgi_add_stdin(struct client *clt, struct evbuffer *evbuf) 361{ 362 struct fcgi_record_header h; 363 364 memset(&h, 0, sizeof(h)); 365 h.version = 1; 366 h.type = FCGI_STDIN; 367 h.id = htons(1); 368 h.padding_len = 0; 369 370 if (evbuf == NULL) { 371 h.content_len = 0; 372 return bufferevent_write(clt->clt_srvbev, &h, 373 sizeof(struct fcgi_record_header)); 374 } else { 375 h.content_len = htons(EVBUFFER_LENGTH(evbuf)); 376 if (bufferevent_write(clt->clt_srvbev, &h, 377 sizeof(struct fcgi_record_header)) == -1) 378 return -1; 379 return bufferevent_write_buffer(clt->clt_srvbev, evbuf); 380 } 381 return (0); 382} 383 384int 385fcgi_add_param(struct server_fcgi_param *p, const char *key, 386 const char *val, struct client *clt) 387{ 388 struct fcgi_record_header *h; 389 int len = 0; 390 int key_len = strlen(key); 391 int val_len = strlen(val); 392 uint8_t *param; 393 394 len += key_len + val_len; 395 len += key_len > 127 ? 4 : 1; 396 len += val_len > 127 ? 4 : 1; 397 398 DPRINTF("%s: %s[%d] => %s[%d], total_len: %d", __func__, key, key_len, 399 val, val_len, p->total_len); 400 401 if (len > FCGI_CONTENT_SIZE) 402 return (-1); 403 404 if (p->total_len + len > FCGI_CONTENT_SIZE) { 405 bufferevent_write(clt->clt_srvbev, p->buf, 406 sizeof(struct fcgi_record_header) + p->total_len); 407 p->total_len = 0; 408 } 409 410 h = (struct fcgi_record_header *)p->buf; 411 param = p->buf + sizeof(*h) + p->total_len; 412 413 if (key_len > 127) { 414 *param++ = ((key_len >> 24) & 0xff) | 0x80; 415 *param++ = ((key_len >> 16) & 0xff); 416 *param++ = ((key_len >> 8) & 0xff); 417 *param++ = (key_len & 0xff); 418 } else 419 *param++ = key_len; 420 421 if (val_len > 127) { 422 *param++ = ((val_len >> 24) & 0xff) | 0x80; 423 *param++ = ((val_len >> 16) & 0xff); 424 *param++ = ((val_len >> 8) & 0xff); 425 *param++ = (val_len & 0xff); 426 } else 427 *param++ = val_len; 428 429 memcpy(param, key, key_len); 430 param += key_len; 431 memcpy(param, val, val_len); 432 433 p->total_len += len; 434 435 h->content_len = htons(p->total_len); 436 return (0); 437} 438 439void 440server_fcgi_read(struct bufferevent *bev, void *arg) 441{ 442 uint8_t buf[FCGI_RECORD_SIZE]; 443 struct client *clt = (struct client *) arg; 444 struct fcgi_record_header *h; 445 size_t len; 446 char *ptr; 447 448 do { 449 len = bufferevent_read(bev, &buf, clt->clt_fcgi_toread); 450 /* XXX error handling */ 451 evbuffer_add(clt->clt_srvevb, &buf, len); 452 clt->clt_fcgi_toread -= len; 453 DPRINTF("%s: len: %lu toread: %d state: %d", __func__, len, 454 clt->clt_fcgi_toread, clt->clt_fcgi_state); 455 456 if (clt->clt_fcgi_toread != 0) 457 return; 458 459 switch (clt->clt_fcgi_state) { 460 case FCGI_READ_HEADER: 461 clt->clt_fcgi_state = FCGI_READ_CONTENT; 462 h = (struct fcgi_record_header *) 463 EVBUFFER_DATA(clt->clt_srvevb); 464 DPRINTF("%s: record header: version %d type %d id %d " 465 "content len %d padding %d", __func__, 466 h->version, h->type, ntohs(h->id), 467 ntohs(h->content_len), h->padding_len); 468 clt->clt_fcgi_type = h->type; 469 clt->clt_fcgi_toread = ntohs(h->content_len); 470 clt->clt_fcgi_padding_len = h->padding_len; 471 evbuffer_drain(clt->clt_srvevb, 472 EVBUFFER_LENGTH(clt->clt_srvevb)); 473 if (clt->clt_fcgi_toread != 0) 474 break; 475 else if (clt->clt_fcgi_type == FCGI_STDOUT && 476 !clt->clt_chunk) { 477 server_abort_http(clt, 500, "empty stdout"); 478 return; 479 } 480 481 /* fallthrough if content_len == 0 */ 482 case FCGI_READ_CONTENT: 483 if (clt->clt_fcgi_type == FCGI_STDERR && 484 EVBUFFER_LENGTH(clt->clt_srvevb) > 0) { 485 if ((ptr = get_string( 486 EVBUFFER_DATA(clt->clt_srvevb), 487 EVBUFFER_LENGTH(clt->clt_srvevb))) 488 != NULL) { 489 server_sendlog(clt->clt_srv_conf, 490 IMSG_LOG_ERROR, "%s", ptr); 491 free(ptr); 492 } 493 } 494 if (clt->clt_fcgi_type == FCGI_STDOUT && 495 EVBUFFER_LENGTH(clt->clt_srvevb) > 0) { 496 if (++clt->clt_chunk == 1) 497 server_fcgi_header(clt, 498 get_status(clt->clt_srvevb)); 499 server_bufferevent_write_buffer(clt, 500 clt->clt_srvevb); 501 } 502 evbuffer_drain(clt->clt_srvevb, 503 EVBUFFER_LENGTH(clt->clt_srvevb)); 504 if (!clt->clt_fcgi_padding_len) { 505 clt->clt_fcgi_state = FCGI_READ_HEADER; 506 clt->clt_fcgi_toread = 507 sizeof(struct fcgi_record_header); 508 } else { 509 clt->clt_fcgi_state = FCGI_READ_PADDING; 510 clt->clt_fcgi_toread = 511 clt->clt_fcgi_padding_len; 512 } 513 break; 514 case FCGI_READ_PADDING: 515 evbuffer_drain(clt->clt_srvevb, 516 EVBUFFER_LENGTH(clt->clt_srvevb)); 517 clt->clt_fcgi_state = FCGI_READ_HEADER; 518 clt->clt_fcgi_toread = 519 sizeof(struct fcgi_record_header); 520 break; 521 } 522 } while (len > 0); 523} 524 525int 526server_fcgi_header(struct client *clt, u_int code) 527{ 528 struct http_descriptor *desc = clt->clt_desc; 529 const char *error; 530 char tmbuf[32]; 531 532 if (desc == NULL || (error = server_httperror_byid(code)) == NULL) 533 return (-1); 534 535 if (server_log_http(clt, code, 0) == -1) 536 return (-1); 537 538 kv_purge(&desc->http_headers); 539 540 /* Add error codes */ 541 if (kv_setkey(&desc->http_pathquery, "%lu", code) == -1 || 542 kv_set(&desc->http_pathquery, "%s", error) == -1) 543 return (-1); 544 545 /* Add headers */ 546 if (kv_add(&desc->http_headers, "Server", HTTPD_SERVERNAME) == NULL) 547 return (-1); 548 549 /* Is it a persistent connection? */ 550 if (clt->clt_persist) { 551 if (kv_add(&desc->http_headers, 552 "Connection", "keep-alive") == NULL) 553 return (-1); 554 } else if (kv_add(&desc->http_headers, "Connection", "close") == NULL) 555 return (-1); 556 557 /* Date header is mandatory and should be added last */ 558 server_http_date(tmbuf, sizeof(tmbuf)); 559 if (kv_add(&desc->http_headers, "Date", tmbuf) == NULL) 560 return (-1); 561 562 /* Write initial header (fcgi might append more) */ 563 if (server_writeresponse_http(clt) == -1 || 564 server_bufferevent_print(clt, "\r\n") == -1 || 565 server_headers(clt, server_writeheader_http, NULL) == -1) 566 return (-1); 567 568 return (0); 569} 570 571int 572server_fcgi_writeheader(struct client *clt, struct kv *hdr, void *arg) 573{ 574 struct server_fcgi_param *param = arg; 575 char *val, *name, *p; 576 const char *key; 577 int ret; 578 579 if (hdr->kv_flags & KV_FLAG_INVALID) 580 return (0); 581 582 /* The key might have been updated in the parent */ 583 if (hdr->kv_parent != NULL && hdr->kv_parent->kv_key != NULL) 584 key = hdr->kv_parent->kv_key; 585 else 586 key = hdr->kv_key; 587 588 val = hdr->kv_value; 589 590 if (strcasecmp(key, "Content-Length") == 0 || 591 strcasecmp(key, "Content-Type") == 0) { 592 if ((name = strdup(key)) == NULL) 593 return (-1); 594 } else { 595 if (asprintf(&name, "HTTP_%s", key) == -1) 596 return (-1); 597 } 598 599 for (p = name; *p != '\0'; p++) { 600 if (isalpha((unsigned char)*p)) 601 *p = toupper((unsigned char)*p); 602 else 603 *p = '_'; 604 } 605 606 ret = fcgi_add_param(param, name, val, clt); 607 free(name); 608 609 return (ret); 610} 611 612int 613get_status(struct evbuffer *bev) 614{ 615 int code; 616 char *statusline, *tok; 617 const char *errstr; 618 619 /* XXX This is a hack. We need to parse the response header. */ 620 code = 200; 621 if (strncmp(EVBUFFER_DATA(bev), "Status: ", strlen("Status: ")) == 0) { 622 statusline = get_string(EVBUFFER_DATA(bev), 623 EVBUFFER_LENGTH(bev)); 624 if (strtok(statusline, " ") != NULL) { 625 if ((tok = strtok(NULL, " ")) != NULL) { 626 code = (int) strtonum(tok, 100, 600, &errstr); 627 if (errstr != NULL || server_httperror_byid( 628 code) == NULL) 629 code = 200; 630 } 631 } 632 free(statusline); 633 } 634 return code; 635} 636