server_fcgi.c revision 1.7
1/* $OpenBSD: server_fcgi.c,v 1.7 2014/08/01 18:26:32 florian Exp $ */ 2 3/* 4 * Copyright (c) 2014 Florian Obser <florian@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#include <sys/types.h> 20#include <sys/queue.h> 21#include <sys/time.h> 22#include <sys/stat.h> 23#include <sys/socket.h> 24#include <sys/un.h> 25#include <sys/tree.h> 26#include <sys/hash.h> 27 28#include <net/if.h> 29#include <netinet/in_systm.h> 30#include <netinet/in.h> 31#include <netinet/ip.h> 32#include <netinet/tcp.h> 33#include <arpa/inet.h> 34 35#include <errno.h> 36#include <fcntl.h> 37#include <stdlib.h> 38#include <string.h> 39#include <unistd.h> 40#include <stdio.h> 41#include <err.h> 42#include <event.h> 43 44#include <openssl/ssl.h> 45 46#include "httpd.h" 47#include "http.h" 48 49#define FCGI_CONTENT_SIZE 65535 50#define FCGI_PADDING_SIZE 255 51#define FCGI_RECORD_SIZE \ 52 (sizeof(struct fcgi_record_header) + FCGI_CONTENT_SIZE + FCGI_PADDING_SIZE) 53 54#define FCGI_BEGIN_REQUEST 1 55#define FCGI_ABORT_REQUEST 2 56#define FCGI_END_REQUEST 3 57#define FCGI_PARAMS 4 58#define FCGI_STDIN 5 59#define FCGI_STDOUT 6 60#define FCGI_STDERR 7 61#define FCGI_DATA 8 62#define FCGI_GET_VALUES 9 63#define FCGI_GET_VALUES_RESULT 10 64#define FCGI_UNKNOWN_TYPE 11 65#define FCGI_MAXTYPE (FCGI_UNKNOWN_TYPE) 66 67#define FCGI_RESPONDER 1 68 69struct fcgi_record_header { 70 uint8_t version; 71 uint8_t type; 72 uint16_t id; 73 uint16_t content_len; 74 uint8_t padding_len; 75 uint8_t reserved; 76} __packed; 77 78struct fcgi_begin_request_body { 79 uint16_t role; 80 uint8_t flags; 81 uint8_t reserved[5]; 82} __packed; 83 84int server_fcgi_header(struct client *, u_int); 85void server_fcgi_read(struct bufferevent *, void *); 86int fcgi_add_param(uint8_t *, const char *, const char *, int *, 87 struct client *); 88 89int 90server_fcgi(struct httpd *env, struct client *clt) 91{ 92 struct server_config *srv_conf = clt->clt_srv_conf; 93 struct http_descriptor *desc = clt->clt_desc; 94 struct sockaddr_un sun; 95 struct fcgi_record_header *h; 96 struct fcgi_begin_request_body *begin; 97 struct kv *kv, key; 98 size_t len; 99 int fd, total_len; 100 const char *errstr = NULL; 101 uint8_t buf[FCGI_RECORD_SIZE]; 102 char hbuf[MAXHOSTNAMELEN]; 103 char *request_uri; 104 105 if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) 106 goto fail; 107 108 bzero(&sun, sizeof(sun)); 109 bzero(&hbuf, sizeof(hbuf)); 110 sun.sun_family = AF_UNIX; 111 len = strlcpy(sun.sun_path, srv_conf->path, sizeof(sun.sun_path)); 112 if (len >= sizeof(sun.sun_path)) { 113 errstr = "socket path to long"; 114 goto fail; 115 } 116 sun.sun_len = len; 117 118 if (connect(fd, (struct sockaddr *)&sun, sizeof(sun)) == -1) 119 goto fail; 120 121 clt->clt_fcgi_state = FCGI_READ_HEADER; 122 clt->clt_fcgi_toread = sizeof(struct fcgi_record_header); 123 124 if (clt->clt_srvevb != NULL) 125 evbuffer_free(clt->clt_srvevb); 126 127 clt->clt_srvevb = evbuffer_new(); 128 if (clt->clt_srvevb == NULL) { 129 errstr = "failed to allocate evbuffer"; 130 goto fail; 131 } 132 133 if (clt->clt_srvbev != NULL) 134 bufferevent_free(clt->clt_srvbev); 135 136 clt->clt_srvbev = bufferevent_new(fd, server_fcgi_read, 137 NULL, server_file_error, clt); 138 if (clt->clt_srvbev == NULL) { 139 errstr = "failed to allocate fcgi buffer event"; 140 goto fail; 141 } 142 143 bzero(&buf, sizeof(buf)); 144 145 h = (struct fcgi_record_header *) &buf; 146 h->version = 1; 147 h->type = FCGI_BEGIN_REQUEST; 148 h->id = htons(1); 149 h->content_len = htons(sizeof(struct fcgi_begin_request_body)); 150 h->padding_len = 0; 151 152 begin = (struct fcgi_begin_request_body *) &buf[sizeof(struct 153 fcgi_record_header)]; 154 begin->role = htons(FCGI_RESPONDER); 155 156 bufferevent_write(clt->clt_srvbev, &buf, 157 sizeof(struct fcgi_record_header) + 158 sizeof(struct fcgi_begin_request_body)); 159 160 h->type = FCGI_PARAMS; 161 h->content_len = total_len = 0; 162 163 if (fcgi_add_param(buf, "SCRIPT_NAME", desc->http_path, &total_len, 164 clt) == -1) { 165 errstr = "failed to encode param"; 166 goto fail; 167 } 168 169 if (desc->http_query) 170 if (fcgi_add_param(buf, "QUERY_STRING", desc->http_query, 171 &total_len, clt) == -1) { 172 errstr = "failed to encode param"; 173 goto fail; 174 } 175 176 if (fcgi_add_param(buf, "DOCUMENT_URI", desc->http_path, &total_len, 177 clt) == -1) { 178 errstr = "failed to encode param"; 179 goto fail; 180 } 181 if (fcgi_add_param(buf, "GATEWAY_INTERFACE", "CGI/1.1", &total_len, 182 clt) == -1) { 183 errstr = "failed to encode param"; 184 goto fail; 185 } 186 187 key.kv_key = "Accept"; 188 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 189 kv->kv_value != NULL) 190 if (fcgi_add_param(buf, "HTTP_ACCEPT", kv->kv_value, 191 &total_len, clt) == -1) { 192 errstr = "failed to encode param"; 193 goto fail; 194 } 195 196 key.kv_key = "Accept-Encoding"; 197 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 198 kv->kv_value != NULL) 199 if (fcgi_add_param(buf, "HTTP_ACCEPT_ENCODING", kv->kv_value, 200 &total_len, clt) == -1) { 201 errstr = "failed to encode param"; 202 goto fail; 203 } 204 205 key.kv_key = "Accept-Language"; 206 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 207 kv->kv_value != NULL) 208 if (fcgi_add_param(buf, "HTTP_ACCEPT_LANGUAGE", kv->kv_value, 209 &total_len, clt) == -1) { 210 errstr = "failed to encode param"; 211 goto fail; 212 } 213 214 key.kv_key = "Connection"; 215 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 216 kv->kv_value != NULL) 217 if (fcgi_add_param(buf, "HTTP_CONNECTION", kv->kv_value, 218 &total_len, clt) == -1) { 219 errstr = "failed to encode param"; 220 goto fail; 221 } 222 223 key.kv_key = "Cookie"; 224 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 225 kv->kv_value != NULL) 226 if (fcgi_add_param(buf, "HTTP_COOKIE", kv->kv_value, 227 &total_len, clt) == -1) { 228 errstr = "failed to encode param"; 229 goto fail; 230 } 231 232 key.kv_key = "Host"; 233 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 234 kv->kv_value != NULL) 235 if (fcgi_add_param(buf, "HTTP_HOST", kv->kv_value, 236 &total_len, clt) == -1) { 237 errstr = "failed to encode param"; 238 goto fail; 239 } 240 241 key.kv_key = "User-Agent"; 242 if ((kv = kv_find(&desc->http_headers, &key)) != NULL && 243 kv->kv_value != NULL) 244 if (fcgi_add_param(buf, "HTTP_USER_AGENT", kv->kv_value, 245 &total_len, clt) == -1) { 246 errstr = "failed to encode param"; 247 goto fail; 248 } 249 250 (void)print_host(&clt->clt_ss, hbuf, sizeof(hbuf)); 251 if (fcgi_add_param(buf, "REMOTE_ADDR", hbuf, &total_len, clt) == -1) { 252 errstr = "failed to encode param"; 253 goto fail; 254 } 255 256 (void)snprintf(hbuf, sizeof(hbuf), "%d", ntohs(clt->clt_port)); 257 if (fcgi_add_param(buf, "REMOTE_PORT", hbuf, &total_len, clt) == -1) { 258 errstr = "failed to encode param"; 259 goto fail; 260 } 261 262 if (fcgi_add_param(buf, "REQUEST_METHOD", 263 server_httpmethod_byid(desc->http_method), &total_len, clt) == -1) { 264 errstr = "failed to encode param"; 265 goto fail; 266 } 267 268 if (!desc->http_query) { 269 if (fcgi_add_param(buf, "REQUEST_URI", desc->http_path, 270 &total_len, clt) == -1) { 271 errstr = "failed to encode param"; 272 goto fail; 273 } 274 } else if (asprintf(&request_uri, "%s?%s", desc->http_path, 275 desc->http_query) != -1) { 276 if (fcgi_add_param(buf, "REQUEST_URI", request_uri, &total_len, 277 clt) == -1) { 278 errstr = "failed to encode param"; 279 goto fail; 280 } 281 free(request_uri); 282 } 283 284 (void)print_host(&clt->clt_srv_ss, hbuf, sizeof(hbuf)); 285 if (fcgi_add_param(buf, "SERVER_ADDR", hbuf, &total_len, clt) == -1) { 286 errstr = "failed to encode param"; 287 goto fail; 288 } 289 290 (void)snprintf(hbuf, sizeof(hbuf), "%d", 291 ntohs(server_socket_getport(&clt->clt_srv_ss))); 292 if (fcgi_add_param(buf, "SERVER_PORT", hbuf, &total_len, clt) == -1) { 293 errstr = "failed to encode param"; 294 goto fail; 295 } 296 297 if (fcgi_add_param(buf, "SERVER_NAME", srv_conf->name, &total_len, 298 clt) == -1) { 299 errstr = "failed to encode param"; 300 goto fail; 301 } 302 303 if (fcgi_add_param(buf, "SERVER_PROTOCOL", desc->http_version, 304 &total_len, clt) == -1) { 305 errstr = "failed to encode param"; 306 goto fail; 307 } 308 309 if (fcgi_add_param(buf, "SERVER_SOFTWARE", HTTPD_SERVERNAME, &total_len, 310 clt) == -1) { 311 errstr = "failed to encode param"; 312 goto fail; 313 } 314 315 if (total_len != 0) { /* send last params record */ 316 bufferevent_write(clt->clt_srvbev, &buf, 317 sizeof(struct fcgi_record_header) + 318 ntohs(h->content_len)); 319 } 320 321 /* send "no more params" message */ 322 h->content_len = 0; 323 bufferevent_write(clt->clt_srvbev, &buf, 324 sizeof(struct fcgi_record_header)); 325 326 h->type = FCGI_STDIN; 327 328 bufferevent_write(clt->clt_srvbev, &buf, 329 sizeof(struct fcgi_record_header)); 330 331 bufferevent_settimeout(clt->clt_srvbev, 332 srv_conf->timeout.tv_sec, srv_conf->timeout.tv_sec); 333 bufferevent_enable(clt->clt_srvbev, EV_READ|EV_WRITE); 334 bufferevent_disable(clt->clt_bev, EV_READ); 335 336 /* 337 * persist is not supported yet because we don't get the 338 * Content-Length from slowcgi and don't support chunked encoding. 339 */ 340 clt->clt_persist = 0; 341 clt->clt_done = 0; 342 343 return (0); 344 fail: 345 if (errstr == NULL) 346 errstr = strerror(errno); 347 server_abort_http(clt, 500, errstr); 348 return (-1); 349} 350 351int 352fcgi_add_param(uint8_t *buf, const char *key, const char *val, int *total_len, 353 struct client *clt) 354{ 355 struct fcgi_record_header *h; 356 int len = 0; 357 int key_len = strlen(key); 358 int val_len = strlen(val); 359 uint8_t *param; 360 361 len += key_len + val_len; 362 len += key_len > 127 ? 4 : 1; 363 len += val_len > 127 ? 4 : 1; 364 365 DPRINTF("%s: %s[%d] => %s[%d], total_len: %d", __func__, key, key_len, 366 val, val_len, *total_len); 367 368 if (len > FCGI_CONTENT_SIZE) 369 return (-1); 370 371 if (*total_len + len > FCGI_CONTENT_SIZE) { 372 bufferevent_write(clt->clt_srvbev, buf, 373 sizeof(struct fcgi_record_header) + *total_len); 374 *total_len = 0; 375 } 376 377 h = (struct fcgi_record_header *) buf; 378 param = buf + sizeof(struct fcgi_record_header) + *total_len; 379 380 if (key_len > 127) { 381 *param++ = ((key_len >> 24) & 0xff) | 0x80; 382 *param++ = ((key_len >> 16) & 0xff); 383 *param++ = ((key_len >> 8) & 0xff); 384 *param++ = (key_len & 0xff); 385 } else 386 *param++ = key_len; 387 388 if (val_len > 127) { 389 *param++ = ((val_len >> 24) & 0xff) | 0x80; 390 *param++ = ((val_len >> 16) & 0xff); 391 *param++ = ((val_len >> 8) & 0xff); 392 *param++ = (val_len & 0xff); 393 } else 394 *param++ = val_len; 395 396 memcpy(param, key, key_len); 397 param += key_len; 398 memcpy(param, val, val_len); 399 400 *total_len += len; 401 402 h->content_len = htons(*total_len); 403 return (0); 404} 405 406void 407server_fcgi_read(struct bufferevent *bev, void *arg) 408{ 409 struct client *clt = (struct client *) arg; 410 struct fcgi_record_header *h; 411 uint8_t buf[FCGI_RECORD_SIZE]; 412 size_t len; 413 414 len = bufferevent_read(bev, &buf, clt->clt_fcgi_toread); 415 /* XXX error handling */ 416 evbuffer_add(clt->clt_srvevb, &buf, len); 417 clt->clt_fcgi_toread -= len; 418 DPRINTF("%s: len: %lu toread: %d state: %d", __func__, len, 419 clt->clt_fcgi_toread, clt->clt_fcgi_state); 420 421 if (clt->clt_fcgi_toread != 0) 422 return; 423 424 switch (clt->clt_fcgi_state) { 425 case FCGI_READ_HEADER: 426 clt->clt_fcgi_state = FCGI_READ_CONTENT; 427 h = (struct fcgi_record_header *) 428 EVBUFFER_DATA(clt->clt_srvevb); 429 DPRINTF("%s: record header: version %d type %d id %d " 430 "content len %d", __func__, h->version, h->type, 431 ntohs(h->id), ntohs(h->content_len)); 432 clt->clt_fcgi_type = h->type; 433 clt->clt_fcgi_toread = ntohs(h->content_len); 434 evbuffer_drain(clt->clt_srvevb, 435 EVBUFFER_LENGTH(clt->clt_srvevb)); 436 if (clt->clt_fcgi_toread != 0) 437 break; 438 439 /* fallthrough if content_len == 0 */ 440 case FCGI_READ_CONTENT: 441 if (clt->clt_fcgi_type == FCGI_STDOUT && 442 EVBUFFER_LENGTH(clt->clt_srvevb) > 0) { 443 if (++clt->clt_chunk == 1) 444 server_fcgi_header(clt, 200); 445 server_bufferevent_write_buffer(clt, 446 clt->clt_srvevb); 447 } 448 evbuffer_drain(clt->clt_srvevb, 449 EVBUFFER_LENGTH(clt->clt_srvevb)); 450 clt->clt_fcgi_state = FCGI_READ_HEADER; 451 clt->clt_fcgi_toread = 452 sizeof(struct fcgi_record_header); 453 } 454} 455 456int 457server_fcgi_header(struct client *clt, u_int code) 458{ 459 struct http_descriptor *desc = clt->clt_desc; 460 const char *error; 461 char tmbuf[32]; 462 463 if (desc == NULL || (error = server_httperror_byid(code)) == NULL) 464 return (-1); 465 466 kv_purge(&desc->http_headers); 467 468 /* Add error codes */ 469 if (kv_setkey(&desc->http_pathquery, "%lu", code) == -1 || 470 kv_set(&desc->http_pathquery, "%s", error) == -1) 471 return (-1); 472 473 /* Add headers */ 474 if (kv_add(&desc->http_headers, "Server", HTTPD_SERVERNAME) == NULL) 475 return (-1); 476 477 /* Is it a persistent connection? */ 478 if (clt->clt_persist) { 479 if (kv_add(&desc->http_headers, 480 "Connection", "keep-alive") == NULL) 481 return (-1); 482 } else if (kv_add(&desc->http_headers, "Connection", "close") == NULL) 483 return (-1); 484 485 /* Date header is mandatory and should be added last */ 486 server_http_date(tmbuf, sizeof(tmbuf)); 487 if (kv_add(&desc->http_headers, "Date", tmbuf) == NULL) 488 return (-1); 489 490 /* Write initial header (fcgi might append more) */ 491 if (server_writeresponse_http(clt) == -1 || 492 server_bufferevent_print(clt, "\r\n") == -1 || 493 server_writeheader_http(clt) == -1) 494 return (-1); 495 496 return (0); 497} 498