bozohttpd.c revision 1.3 1 1.3 tls /* $NetBSD: bozohttpd.c,v 1.3 2007/10/17 18:48:00 tls Exp $ */
2 1.3 tls
3 1.1 tls /* $eterna: bozohttpd.c,v 1.137 2006/05/17 08:37:36 mrg Exp $ */
4 1.1 tls
5 1.1 tls /*
6 1.1 tls * Copyright (c) 1997-2006 Matthew R. Green
7 1.1 tls * All rights reserved.
8 1.1 tls *
9 1.1 tls * Redistribution and use in source and binary forms, with or without
10 1.1 tls * modification, are permitted provided that the following conditions
11 1.1 tls * are met:
12 1.1 tls * 1. Redistributions of source code must retain the above copyright
13 1.1 tls * notice, this list of conditions and the following disclaimer.
14 1.1 tls * 2. Redistributions in binary form must reproduce the above copyright
15 1.1 tls * notice, this list of conditions and the following disclaimer and
16 1.1 tls * dedication in the documentation and/or other materials provided
17 1.1 tls * with the distribution.
18 1.1 tls * 3. The name of the author may not be used to endorse or promote products
19 1.1 tls * derived from this software without specific prior written permission.
20 1.1 tls *
21 1.1 tls * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
22 1.1 tls * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
23 1.1 tls * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
24 1.1 tls * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
25 1.1 tls * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
26 1.1 tls * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 1.1 tls * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
28 1.1 tls * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 1.1 tls * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 1.1 tls * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 1.1 tls * SUCH DAMAGE.
32 1.1 tls *
33 1.1 tls */
34 1.1 tls
35 1.1 tls /* this program is dedicated to the Great God of Processed Cheese */
36 1.1 tls
37 1.1 tls /*
38 1.1 tls * bozohttpd.c: minimal httpd; provides only these features:
39 1.1 tls * - HTTP/0.9 (by virtue of ..)
40 1.1 tls * - HTTP/1.0
41 1.1 tls * - HTTP/1.1
42 1.1 tls * - CGI/1.1 this will only be provided for "system" scripts
43 1.1 tls * - automatic "missing trailing slash" redirections
44 1.1 tls * - configurable translation of /~user/ to ~user/public_html,
45 1.1 tls * however, this does not include cgi-bin support
46 1.1 tls * - access lists via libwrap via inetd/tcpd
47 1.1 tls * - virtual hosting
48 1.1 tls * - not that we do not even pretend to understand MIME, but
49 1.1 tls * rely only on the HTTP specification
50 1.1 tls * - ipv6 support
51 1.1 tls * - automatic `index.html' generation
52 1.1 tls * - configurable server name
53 1.1 tls * - directory index generation
54 1.1 tls * - daemon mode (lacks libwrap support)
55 1.1 tls * - .htpasswd support
56 1.1 tls */
57 1.1 tls
58 1.1 tls /*
59 1.1 tls * requirements for minimal http/1.1 (at least, as documented in
60 1.1 tls * <draft-ietf-http-v11-spec-rev-06> which expired may 18, 1999):
61 1.1 tls *
62 1.1 tls * - 14.15: content-encoding handling. [1]
63 1.1 tls *
64 1.1 tls * - 14.16: content-length handling. this is only a SHOULD header
65 1.1 tls * thus we could just not send it ever. [1]
66 1.1 tls *
67 1.1 tls * - 14.17: content-type handling. [1]
68 1.1 tls *
69 1.1 tls * - 14.25/28: if-{,un}modified-since handling. maybe do this, but
70 1.1 tls * i really don't want to have to parse 3 differnet date formats
71 1.1 tls *
72 1.1 tls * [1] need to revisit to ensure proper behaviour
73 1.1 tls *
74 1.1 tls * and the following is a list of features that we do not need
75 1.1 tls * to have due to other limits, or are too lazy. there are more
76 1.1 tls * of these than are listed, but these are of particular note,
77 1.1 tls * and could perhaps be implemented.
78 1.1 tls *
79 1.1 tls * - 3.5/3.6: content/transfer codings. probably can ignore
80 1.1 tls * this? we "SHOULD"n't. but 4.4 says we should ignore a
81 1.1 tls * `content-length' header upon reciept of a `transfer-encoding'
82 1.1 tls * header.
83 1.1 tls *
84 1.1 tls * - 5.1.1: request methods. only MUST support GET and HEAD,
85 1.1 tls * but there are new ones besides POST that are currently
86 1.1 tls * supported: OPTIONS PUT DELETE TRACE and CONNECT, plus
87 1.1 tls * extensions not yet known?
88 1.1 tls *
89 1.1 tls * - 10.1: we can ignore informational status codes
90 1.1 tls *
91 1.1 tls * - 10.3.3/10.3.4/10.3.8: just use '302' codes always.
92 1.1 tls *
93 1.1 tls * - 14.1/14.2/14.3/14.27: we do not support Accept: headers..
94 1.1 tls * just ignore them and send the request anyway. they are
95 1.1 tls * only SHOULD.
96 1.1 tls *
97 1.1 tls * - 14.5/14.16/14.35: we don't do ranges. from section 14.35.2
98 1.1 tls * `A server MAY ignore the Range header'. but it might be nice.
99 1.1 tls *
100 1.1 tls * - 14.9: we aren't a cache.
101 1.1 tls *
102 1.1 tls * - 14.15: content-md5 would be nice...
103 1.1 tls *
104 1.1 tls * - 14.24/14.26/14.27: be nice to support this...
105 1.1 tls *
106 1.1 tls * - 14.44: not sure about this Vary: header. ignore it for now.
107 1.1 tls */
108 1.1 tls
109 1.1 tls #ifndef INDEX_HTML
110 1.1 tls #define INDEX_HTML "index.html"
111 1.1 tls #endif
112 1.1 tls #ifndef SERVER_SOFTWARE
113 1.1 tls #define SERVER_SOFTWARE "bozohttpd/20060517"
114 1.1 tls #endif
115 1.1 tls #ifndef DIRECT_ACCESS_FILE
116 1.1 tls #define DIRECT_ACCESS_FILE ".bzdirect"
117 1.1 tls #endif
118 1.1 tls #ifndef REDIRECT_FILE
119 1.1 tls #define REDIRECT_FILE ".bzredirect"
120 1.1 tls #endif
121 1.1 tls #ifndef ABSREDIRECT_FILE
122 1.1 tls #define ABSREDIRECT_FILE ".bzabsredirect"
123 1.1 tls #endif
124 1.1 tls
125 1.1 tls /*
126 1.1 tls * And so it begins ..
127 1.1 tls */
128 1.1 tls
129 1.1 tls #include <sys/param.h>
130 1.1 tls #include <sys/socket.h>
131 1.1 tls #include <sys/time.h>
132 1.1 tls #include <sys/mman.h>
133 1.1 tls
134 1.1 tls #include <arpa/inet.h>
135 1.1 tls
136 1.1 tls #include <ctype.h>
137 1.1 tls #include <dirent.h>
138 1.1 tls #include <errno.h>
139 1.1 tls #include <fcntl.h>
140 1.1 tls #include <netdb.h>
141 1.1 tls #include <pwd.h>
142 1.1 tls #include <grp.h>
143 1.1 tls #include <signal.h>
144 1.1 tls #include <stdarg.h>
145 1.1 tls #include <stdlib.h>
146 1.1 tls #include <string.h>
147 1.1 tls #include <syslog.h>
148 1.1 tls #include <time.h>
149 1.1 tls #include <unistd.h>
150 1.1 tls
151 1.1 tls #ifndef __attribute__
152 1.1 tls #define __attribute__(x)
153 1.1 tls #endif /* __attribute__ */
154 1.1 tls
155 1.1 tls #include "bozohttpd.h"
156 1.1 tls
157 1.1 tls #ifndef MAX_WAIT_TIME
158 1.1 tls #define MAX_WAIT_TIME 60 /* hang around for 60 seconds max */
159 1.1 tls #endif
160 1.1 tls
161 1.1 tls /* variables and functions */
162 1.1 tls
163 1.1 tls int bflag; /* background; drop into daemon mode */
164 1.1 tls int fflag; /* keep daemon mode in foreground */
165 1.1 tls static int eflag; /* don't clean environ; -t/-U only */
166 1.1 tls const char *Iflag = "http";/* bind port; default "http" */
167 1.1 tls int Iflag_set;
168 1.1 tls int dflag = 0; /* debugging level */
169 1.1 tls char *myname; /* my name */
170 1.1 tls
171 1.1 tls #ifndef LOG_FTP
172 1.1 tls #define LOG_FTP LOG_DAEMON
173 1.1 tls #endif
174 1.1 tls
175 1.1 tls static char *tflag; /* root directory */
176 1.1 tls static char *Uflag; /* user name to switch to */
177 1.1 tls static int Vflag; /* unknown vhosts go to normal slashdir */
178 1.1 tls static int nflag; /* avoid gethostby*() */
179 1.1 tls static int rflag; /* make sure referrer = me unless url = / */
180 1.1 tls static int sflag; /* log to stderr even if it is not a TTY */
181 1.1 tls static char *vpath; /* virtual directory base */
182 1.1 tls
183 1.1 tls char *slashdir; /* www slash directory */
184 1.1 tls
185 1.1 tls const char *server_software = SERVER_SOFTWARE;
186 1.1 tls const char *index_html = INDEX_HTML;
187 1.1 tls const char http_09[] = "HTTP/0.9";
188 1.1 tls const char http_10[] = "HTTP/1.0";
189 1.1 tls const char http_11[] = "HTTP/1.1";
190 1.1 tls const char text_plain[] = "text/plain";
191 1.1 tls
192 1.1 tls static void usage(void);
193 1.1 tls static void alarmer(int);
194 1.1 tls volatile sig_atomic_t alarmhit;
195 1.1 tls
196 1.1 tls static void parse_request(char *, char **, char **, char **);
197 1.1 tls static http_req *read_request(void);
198 1.1 tls static struct headers *addmerge_header(http_req *request, char *val,
199 1.1 tls char *str, ssize_t len);
200 1.1 tls static void process_request(http_req *);
201 1.1 tls static int check_direct_access(http_req *request);
202 1.1 tls static char *transform_request(http_req *, int *);
203 1.1 tls static void handle_redirect(http_req *, const char *, int);
204 1.1 tls
205 1.1 tls static void check_virtual(http_req *);
206 1.1 tls static void check_bzredirect(http_req *);
207 1.1 tls static void fix_url_percent(http_req *);
208 1.1 tls static void process_method(http_req *, const char *);
209 1.1 tls static void process_proto(http_req *, const char *);
210 1.1 tls static void escape_html(http_req *);
211 1.1 tls
212 1.1 tls static const char *http_errors_short(int);
213 1.1 tls static const char *http_errors_long(int);
214 1.1 tls
215 1.1 tls
216 1.1 tls void *bozomalloc(size_t);
217 1.1 tls void *bozorealloc(void *, size_t);
218 1.1 tls char *bozostrdup(const char *);
219 1.1 tls
220 1.1 tls /* bozotic io */
221 1.1 tls int (*bozoprintf)(const char *, ...) = printf;
222 1.1 tls ssize_t (*bozoread)(int, void *, size_t) = read;
223 1.1 tls ssize_t (*bozowrite)(int, const void *, size_t) = write;
224 1.1 tls int (*bozoflush)(FILE *) = fflush;
225 1.1 tls
226 1.1 tls char *progname;
227 1.1 tls
228 1.1 tls int main(int, char **);
229 1.1 tls
230 1.1 tls static void
231 1.1 tls usage(void)
232 1.1 tls {
233 1.1 tls warning("usage: %s [options] slashdir [myname]", progname);
234 1.1 tls warning("options:");
235 1.1 tls #ifdef DEBUG
236 1.1 tls warning(" -d\t\t\tenable debug support");
237 1.1 tls #endif
238 1.1 tls warning(" -s\t\t\talways log to stderr");
239 1.1 tls #ifndef NO_USER_SUPPORT
240 1.1 tls warning(" -u\t\t\tenable ~user/public_html support");
241 1.1 tls warning(" -p dir\t\tchange `public_html' directory name]");
242 1.1 tls #endif
243 1.1 tls #ifndef NO_DYNAMIC_CONTENT
244 1.1 tls warning(" -M arg t c c11\tadd this mime extenstion");
245 1.1 tls #endif
246 1.1 tls #ifndef NO_CGIBIN_SUPPORT
247 1.1 tls #ifndef NO_DYNAMIC_CONTENT
248 1.1 tls warning(" -C arg prog\t\tadd this CGI handler");
249 1.1 tls #endif
250 1.1 tls warning(" -c cgibin\t\tenable cgi-bin support in this directory");
251 1.1 tls #endif
252 1.1 tls #ifndef NO_DAEMON_MODE
253 1.1 tls warning(" -b\t\t\tbackground and go into daemon mode");
254 1.1 tls warning(" -f\t\t\tkeep daemon mode in the foreground");
255 1.1 tls warning(" -i address\t\tbind on this address (daemon mode only)");
256 1.1 tls warning(" -I port\t\tbind on this port (daemon mode only)");
257 1.1 tls #endif
258 1.1 tls warning(" -S version\t\tset server version string");
259 1.1 tls warning(" -t dir\t\tchroot to `dir'");
260 1.1 tls warning(" -U username\t\tchange user to `user'");
261 1.1 tls warning(" -e\t\t\tdon't clean the environment (-t and -U only)");
262 1.1 tls warning(" -v virtualroot\tenable virtual host support in this directory");
263 1.1 tls warning(" -r\t\t\tmake sure sub-pages come from this host via referrer");
264 1.1 tls #ifndef NO_DIRINDEX_SUPPORT
265 1.1 tls warning(" -X\t\t\tenable automatic directory index support");
266 1.1 tls warning(" -H\t\t\thide files starting with a period (.) in index mode");
267 1.1 tls #endif
268 1.1 tls warning(" -x index\t\tchange default `index.html' file name");
269 1.1 tls #ifndef NO_SSL_SUPPORT
270 1.1 tls warning(" -Z cert privkey\tspecify path to server certificate and private key file\n"
271 1.1 tls "\t\t\tin pem format and enable bozohttpd in SSL mode");
272 1.1 tls #endif /* NO_SSL_SUPPORT */
273 1.1 tls error(1, "%s failed to start", progname);
274 1.1 tls }
275 1.1 tls
276 1.1 tls int
277 1.1 tls main(int argc, char **argv)
278 1.1 tls {
279 1.1 tls http_req *http_request;
280 1.1 tls extern char **environ;
281 1.1 tls char *cleanenv[1];
282 1.1 tls uid_t uid;
283 1.1 tls int c;
284 1.1 tls
285 1.1 tls uid = 0; /* XXX gcc */
286 1.1 tls
287 1.1 tls if ((progname = strrchr(argv[0], '/')) != NULL)
288 1.1 tls progname++;
289 1.1 tls else
290 1.1 tls progname = argv[0];
291 1.1 tls
292 1.1 tls openlog(progname, LOG_PID|LOG_NDELAY, LOG_FTP);
293 1.1 tls
294 1.1 tls while ((c = getopt(argc, argv,
295 1.1 tls "C:HI:M:S:U:VXZ:bc:defhi:np:rst:uv:x:z:")) != -1) {
296 1.1 tls switch(c) {
297 1.1 tls
298 1.1 tls case 'M':
299 1.1 tls #ifndef NO_DYNAMIC_CONTENT
300 1.1 tls /* make sure there's four arguments */
301 1.1 tls if (argc - optind < 3)
302 1.1 tls usage();
303 1.1 tls add_content_map_mime(optarg, argv[optind],
304 1.1 tls argv[optind+1], argv[optind+2]);
305 1.1 tls optind += 3;
306 1.1 tls break;
307 1.1 tls #else
308 1.1 tls error(1, "dynmic mime content support is not enabled");
309 1.1 tls /* NOTREACHED */
310 1.1 tls #endif /* NO_DYNAMIC_CONTENT */
311 1.1 tls
312 1.1 tls case 'n':
313 1.1 tls nflag = 1;
314 1.1 tls break;
315 1.1 tls
316 1.1 tls case 'r':
317 1.1 tls rflag = 1;
318 1.1 tls break;
319 1.1 tls
320 1.1 tls case 's':
321 1.1 tls sflag = 1;
322 1.1 tls break;
323 1.1 tls
324 1.1 tls case 'S':
325 1.1 tls server_software = optarg;
326 1.1 tls break;
327 1.1 tls case 'Z':
328 1.1 tls #ifndef NO_SSL_SUPPORT
329 1.1 tls /* make sure there's two arguments */
330 1.1 tls if (argc - optind < 1)
331 1.1 tls usage();
332 1.1 tls ssl_set_opts(optarg, argv[optind++]);
333 1.1 tls break;
334 1.1 tls #else
335 1.1 tls error(1, "ssl support is not enabled");
336 1.1 tls /* NOT REACHED */
337 1.1 tls #endif /* NO_SSL_SUPPORT */
338 1.1 tls case 'U':
339 1.1 tls Uflag = optarg;
340 1.1 tls break;
341 1.1 tls
342 1.1 tls case 'V':
343 1.1 tls Vflag = 1;
344 1.1 tls break;
345 1.1 tls
346 1.1 tls case 'v':
347 1.1 tls vpath = optarg;
348 1.1 tls break;
349 1.1 tls
350 1.1 tls case 'x':
351 1.1 tls index_html = optarg;
352 1.1 tls break;
353 1.1 tls
354 1.1 tls #ifndef NO_DAEMON_MODE
355 1.1 tls case 'b':
356 1.1 tls bflag = 1;
357 1.1 tls break;
358 1.1 tls
359 1.1 tls case 'e':
360 1.1 tls eflag = 1;
361 1.1 tls break;
362 1.1 tls
363 1.1 tls case 'f':
364 1.1 tls fflag = 1;
365 1.1 tls break;
366 1.1 tls
367 1.1 tls case 'i':
368 1.1 tls iflag = optarg;
369 1.1 tls break;
370 1.1 tls
371 1.1 tls case 'I':
372 1.1 tls Iflag_set = 1;
373 1.1 tls Iflag = optarg;
374 1.1 tls break;
375 1.1 tls #else /* NO_DAEMON_MODE */
376 1.1 tls case 'b':
377 1.1 tls case 'i':
378 1.1 tls case 'I':
379 1.1 tls error(1, "Daemon mode is not enabled");
380 1.1 tls /* NOTREACHED */
381 1.1 tls #endif /* NO_DAEMON_MODE */
382 1.1 tls
383 1.1 tls #ifndef NO_CGIBIN_SUPPORT
384 1.1 tls case 'c':
385 1.1 tls set_cgibin(optarg);
386 1.1 tls break;
387 1.1 tls
388 1.1 tls case 'C':
389 1.1 tls #ifndef NO_DYNAMIC_CONTENT
390 1.1 tls /* make sure there's two arguments */
391 1.1 tls if (argc - optind < 1)
392 1.1 tls usage();
393 1.1 tls add_content_map_cgi(optarg, argv[optind++]);
394 1.1 tls break;
395 1.1 tls #else
396 1.1 tls error(1, "dynmic CGI handler support is not enabled");
397 1.1 tls /* NOTREACHED */
398 1.1 tls #endif /* NO_DYNAMIC_CONTENT */
399 1.1 tls
400 1.1 tls #else
401 1.1 tls case 'c':
402 1.1 tls case 'C':
403 1.1 tls error(1, "CGI is not enabled");
404 1.1 tls /* NOTREACHED */
405 1.1 tls #endif /* NO_CGIBIN_SUPPORT */
406 1.1 tls
407 1.1 tls case 'd':
408 1.1 tls dflag++;
409 1.1 tls #ifndef DEBUG
410 1.1 tls if (dflag == 1)
411 1.1 tls warning("Debugging is not enabled");
412 1.1 tls #endif /* !DEBUG */
413 1.1 tls break;
414 1.1 tls
415 1.1 tls #ifndef NO_USER_SUPPORT
416 1.1 tls case 'p':
417 1.1 tls public_html = optarg;
418 1.1 tls break;
419 1.1 tls
420 1.1 tls case 't':
421 1.1 tls tflag = optarg;
422 1.1 tls break;
423 1.1 tls
424 1.1 tls case 'u':
425 1.1 tls uflag = 1;
426 1.1 tls break;
427 1.1 tls #else
428 1.1 tls case 'u':
429 1.1 tls case 'p':
430 1.1 tls error(1, "User support is not enabled");
431 1.1 tls /* NOTREACHED */
432 1.1 tls #endif /* NO_USER_SUPPORT */
433 1.1 tls
434 1.1 tls #ifndef NO_DIRINDEX_SUPPORT
435 1.1 tls case 'H':
436 1.1 tls Hflag = 1;
437 1.1 tls break;
438 1.1 tls
439 1.1 tls case 'X':
440 1.1 tls Xflag = 1;
441 1.1 tls break;
442 1.1 tls
443 1.1 tls #else
444 1.1 tls case 'H':
445 1.1 tls case 'X':
446 1.1 tls error(1, "directory indexing is not enabled");
447 1.1 tls /* NOTREACHED */
448 1.1 tls #endif /* NO_DIRINDEX_SUPPORT */
449 1.1 tls
450 1.1 tls default:
451 1.1 tls usage();
452 1.1 tls /* NOTREACHED */
453 1.1 tls }
454 1.1 tls }
455 1.1 tls argc -= optind;
456 1.1 tls argv += optind;
457 1.1 tls
458 1.1 tls if (argc == 1) {
459 1.1 tls myname = bozomalloc(MAXHOSTNAMELEN+1);
460 1.1 tls /* XXX we do not check for FQDN here */
461 1.1 tls if (gethostname(myname, MAXHOSTNAMELEN+1) < 0)
462 1.1 tls error(1, "gethostname");
463 1.1 tls myname[MAXHOSTNAMELEN] = '\0';
464 1.1 tls } else if (argc == 2)
465 1.1 tls myname = argv[1];
466 1.1 tls else
467 1.1 tls usage();
468 1.1 tls
469 1.1 tls slashdir = argv[0];
470 1.1 tls debug((DEBUG_OBESE, "myname is %s, slashdir is %s", myname, slashdir));
471 1.1 tls
472 1.1 tls /*
473 1.1 tls * initialise ssl and daemon mode if necessary.
474 1.1 tls */
475 1.1 tls ssl_init();
476 1.1 tls daemon_init();
477 1.1 tls
478 1.1 tls /*
479 1.1 tls * prevent info leakage between different compartments.
480 1.1 tls * some PATH values in the environment would be invalided
481 1.1 tls * by chroot. cross-user settings might result in undesirable
482 1.1 tls * effects.
483 1.1 tls */
484 1.1 tls if ((tflag != NULL || Uflag != NULL) && !eflag) {
485 1.1 tls cleanenv[0] = NULL;
486 1.1 tls environ = cleanenv;
487 1.1 tls }
488 1.1 tls
489 1.1 tls /*
490 1.1 tls * look up user/group information.
491 1.1 tls */
492 1.1 tls if (Uflag != NULL) {
493 1.1 tls struct passwd *pw;
494 1.1 tls
495 1.1 tls if ((pw = getpwnam(Uflag)) == NULL)
496 1.1 tls error(1, "getpwnam(%s): %s", Uflag, strerror(errno));
497 1.1 tls if (initgroups(pw->pw_name, pw->pw_gid) == -1)
498 1.1 tls error(1, "initgroups: %s", strerror(errno));
499 1.1 tls if (setgid(pw->pw_gid) == -1)
500 1.1 tls error(1, "setgid(%u): %s", pw->pw_gid, strerror(errno));
501 1.1 tls uid = pw->pw_uid;
502 1.1 tls }
503 1.1 tls
504 1.1 tls /*
505 1.1 tls * handle chroot.
506 1.1 tls */
507 1.1 tls if (tflag != NULL) {
508 1.1 tls if (chdir(tflag) == -1)
509 1.1 tls error(1, "chdir(%s): %s", tflag, strerror(errno));
510 1.1 tls if (chroot(tflag) == -1)
511 1.1 tls error(1, "chroot(%s): %s", tflag, strerror(errno));
512 1.1 tls }
513 1.1 tls
514 1.1 tls if (Uflag != NULL)
515 1.1 tls if (setuid(uid) == -1)
516 1.1 tls error(1, "setuid(%d): %s", uid, strerror(errno));
517 1.1 tls
518 1.1 tls /*
519 1.1 tls * be sane, don't start serving up files from a
520 1.1 tls * hierarchy we don't have permission to get to.
521 1.1 tls */
522 1.1 tls if (tflag != NULL)
523 1.1 tls if (chdir("/") == -1)
524 1.1 tls error(1, "chdir /: %s", strerror(errno));
525 1.1 tls
526 1.1 tls /*
527 1.1 tls * read and process the HTTP request.
528 1.1 tls */
529 1.1 tls do {
530 1.1 tls http_request = read_request();
531 1.1 tls if (http_request) {
532 1.1 tls process_request(http_request);
533 1.1 tls return (0);
534 1.1 tls }
535 1.1 tls } while (bflag);
536 1.1 tls
537 1.1 tls return (0);
538 1.1 tls }
539 1.1 tls
540 1.1 tls char *
541 1.1 tls http_date(void)
542 1.1 tls {
543 1.1 tls static char date[40];
544 1.1 tls struct tm *tm;
545 1.1 tls time_t now;
546 1.1 tls
547 1.1 tls /* Sun, 06 Nov 1994 08:49:37 GMT */
548 1.1 tls now = time(NULL);
549 1.1 tls tm = gmtime(&now); /* HTTP/1.1 spec rev 06 sez GMT only */
550 1.1 tls strftime(date, sizeof date, "%a, %d %b %Y %H:%M:%S GMT", tm);
551 1.1 tls return date;
552 1.1 tls }
553 1.1 tls
554 1.1 tls /*
555 1.1 tls * convert "in" into the three parts of a request (first line)
556 1.1 tls */
557 1.1 tls static void
558 1.1 tls parse_request(char *in, char **method, char **url, char **proto)
559 1.1 tls {
560 1.1 tls ssize_t len;
561 1.1 tls char *val;
562 1.1 tls
563 1.1 tls *method = *url = *proto = NULL; /* set them up */
564 1.1 tls
565 1.1 tls len = (ssize_t)strlen(in);
566 1.1 tls val = strnsep(&in, " \t\n\r", &len);
567 1.1 tls if (len < 1 || val == NULL)
568 1.1 tls return;
569 1.1 tls *method = val;
570 1.1 tls while (*in == ' ' || *in == '\t')
571 1.1 tls in++;
572 1.1 tls val = strnsep(&in, " \t\n\r", &len);
573 1.1 tls if (len < 1) {
574 1.1 tls if (len == 0)
575 1.1 tls *url = val;
576 1.1 tls else
577 1.1 tls *url = in;
578 1.1 tls return;
579 1.1 tls }
580 1.1 tls *url = val;
581 1.1 tls if (in) {
582 1.1 tls while (*in && (*in == ' ' || *in == '\t'))
583 1.1 tls in++;
584 1.1 tls if (*in)
585 1.1 tls *proto = in;
586 1.1 tls }
587 1.1 tls }
588 1.1 tls
589 1.1 tls /*
590 1.1 tls * send a HTTP/1.1 408 response if we timeout.
591 1.1 tls */
592 1.1 tls /* ARGSUSED */
593 1.1 tls static void
594 1.1 tls alarmer(int sig)
595 1.1 tls {
596 1.1 tls alarmhit = 1;
597 1.1 tls }
598 1.1 tls
599 1.1 tls /*
600 1.1 tls * This function reads a http request from stdin, returning a pointer to a
601 1.1 tls * http_req structure, describing the request.
602 1.1 tls */
603 1.1 tls static http_req *
604 1.1 tls read_request(void)
605 1.1 tls {
606 1.1 tls struct sigaction sa;
607 1.1 tls char *str, *val, *method, *url, *proto;
608 1.1 tls char *host, *addr, *port;
609 1.1 tls char bufport[10];
610 1.1 tls char hbuf[NI_MAXHOST], abuf[NI_MAXHOST];
611 1.1 tls struct sockaddr_storage ss;
612 1.1 tls ssize_t len;
613 1.1 tls int line = 0;
614 1.1 tls socklen_t slen;
615 1.1 tls http_req *request;
616 1.1 tls
617 1.1 tls /*
618 1.1 tls * if we're in daemon mode, daemon_fork() will return here once
619 1.1 tls * for each child, then we can setup SSL.
620 1.1 tls */
621 1.1 tls daemon_fork();
622 1.1 tls ssl_accept();
623 1.1 tls
624 1.1 tls request = bozomalloc(sizeof *request);
625 1.1 tls memset(request, 0, sizeof *request);
626 1.1 tls request->hr_allow = request->hr_host = NULL;
627 1.1 tls request->hr_content_type = request->hr_content_length = NULL;
628 1.1 tls
629 1.1 tls slen = sizeof(ss);
630 1.1 tls if (getpeername(0, (struct sockaddr *)&ss, &slen) < 0)
631 1.1 tls host = addr = NULL;
632 1.1 tls else {
633 1.1 tls if (getnameinfo((struct sockaddr *)&ss, slen,
634 1.1 tls abuf, sizeof abuf, NULL, 0, NI_NUMERICHOST) == 0)
635 1.1 tls addr = abuf;
636 1.1 tls else
637 1.1 tls addr = NULL;
638 1.1 tls if (nflag == 0 && getnameinfo((struct sockaddr *)&ss, slen,
639 1.1 tls hbuf, sizeof hbuf, NULL, 0, 0) == 0)
640 1.1 tls host = hbuf;
641 1.1 tls else
642 1.1 tls host = NULL;
643 1.1 tls }
644 1.1 tls if (host != NULL)
645 1.1 tls request->hr_remotehost = bozostrdup(host);
646 1.1 tls if (addr != NULL)
647 1.1 tls request->hr_remoteaddr = bozostrdup(addr);
648 1.1 tls slen = sizeof(ss);
649 1.1 tls if (getsockname(0, (struct sockaddr *)&ss, &slen) < 0)
650 1.1 tls port = NULL;
651 1.1 tls else {
652 1.1 tls if (getnameinfo((struct sockaddr *)&ss, slen, NULL, 0,
653 1.1 tls bufport, sizeof bufport, NI_NUMERICSERV) == 0)
654 1.1 tls port = bufport;
655 1.1 tls else
656 1.1 tls port = NULL;
657 1.1 tls }
658 1.1 tls if (port != NULL)
659 1.1 tls request->hr_serverport = bozostrdup(port);
660 1.1 tls
661 1.1 tls /*
662 1.1 tls * setup a timer to make sure the request is not hung
663 1.1 tls */
664 1.1 tls sa.sa_handler = alarmer;
665 1.1 tls sigemptyset(&sa.sa_mask);
666 1.1 tls sigaddset(&sa.sa_mask, SIGALRM);
667 1.1 tls sa.sa_flags = 0;
668 1.1 tls sigaction(SIGALRM, &sa, NULL); /* XXX */
669 1.1 tls
670 1.1 tls alarm(MAX_WAIT_TIME);
671 1.1 tls while ((str = dgetln(STDIN_FILENO, &len, bozoread)) != NULL) {
672 1.1 tls alarm(0);
673 1.1 tls if (alarmhit)
674 1.1 tls http_error(408, NULL, "request timed out");
675 1.1 tls line++;
676 1.1 tls
677 1.1 tls if (line == 1) {
678 1.1 tls str = bozostrdup(str); /* we use this copy */
679 1.1 tls
680 1.1 tls if (len < 1)
681 1.1 tls http_error(404, NULL, "null method");
682 1.1 tls warning("got request ``%s'' from host %s to port %s",
683 1.1 tls str,
684 1.1 tls host ? host : addr ? addr : "<local>",
685 1.1 tls port ? port : "<stdin>");
686 1.1 tls debug((DEBUG_FAT, "read_req, getting request: ``%s''",
687 1.1 tls str));
688 1.1 tls
689 1.1 tls parse_request(str, &method, &url, &proto);
690 1.1 tls if (method == NULL)
691 1.1 tls http_error(404, NULL, "null method");
692 1.1 tls if (url == NULL)
693 1.1 tls http_error(404, NULL, "null url");
694 1.1 tls
695 1.1 tls /*
696 1.1 tls * note that we parse the proto first, so that we
697 1.1 tls * can more properly parse the method and the url.
698 1.1 tls */
699 1.1 tls request->hr_url = url;
700 1.1 tls process_proto(request, proto);
701 1.1 tls process_method(request, method);
702 1.1 tls
703 1.1 tls /* http/0.9 has no header processing */
704 1.1 tls if (request->hr_proto == http_09)
705 1.1 tls break;
706 1.1 tls } else { /* incoming headers */
707 1.1 tls struct headers *hdr;
708 1.1 tls
709 1.1 tls if (*str == '\0')
710 1.1 tls break;
711 1.1 tls
712 1.1 tls val = strnsep(&str, ":", &len);
713 1.1 tls debug((DEBUG_EXPLODING,
714 1.1 tls "read_req2: after strnsep: str ``%s'' val ``%s''",
715 1.1 tls str, val));
716 1.1 tls if (val == NULL || len == -1)
717 1.1 tls http_error(404, request, "no header");
718 1.1 tls while (*str == ' ' || *str == '\t')
719 1.1 tls len--, str++;
720 1.1 tls
721 1.1 tls if (auth_check_headers(request, val, str, len))
722 1.1 tls goto next_header;
723 1.1 tls
724 1.1 tls hdr = addmerge_header(request, val, str, len);
725 1.1 tls
726 1.1 tls if (strcasecmp(hdr->h_header, "content-type") == 0)
727 1.1 tls request->hr_content_type = hdr->h_value;
728 1.1 tls else if (strcasecmp(hdr->h_header, "content-length") == 0)
729 1.1 tls request->hr_content_length = hdr->h_value;
730 1.1 tls else if (strcasecmp(hdr->h_header, "host") == 0)
731 1.1 tls request->hr_host = hdr->h_value;
732 1.1 tls /* HTTP/1.1 rev06 draft spec: 14.20 */
733 1.1 tls else if (strcasecmp(hdr->h_header, "expect") == 0)
734 1.1 tls http_error(417, request, "we don't support Expect:");
735 1.1 tls else if (strcasecmp(hdr->h_header, "referrer") == 0 ||
736 1.1 tls strcasecmp(hdr->h_header, "referer") == 0)
737 1.1 tls request->hr_referrer = hdr->h_value;
738 1.1 tls
739 1.1 tls debug((DEBUG_FAT, "adding header %s: %s",
740 1.1 tls hdr->h_header, hdr->h_value));
741 1.1 tls }
742 1.1 tls next_header:
743 1.1 tls alarm(MAX_WAIT_TIME);
744 1.1 tls }
745 1.1 tls
746 1.1 tls /* now, clear it all out */
747 1.1 tls alarm(0);
748 1.1 tls signal(SIGALRM, SIG_DFL);
749 1.1 tls
750 1.1 tls /* RFC1945, 8.3 */
751 1.1 tls if (request->hr_method == HTTP_POST && request->hr_content_length == NULL)
752 1.1 tls http_error(400, request, "missing content length");
753 1.1 tls
754 1.1 tls /* HTTP/1.1 draft rev-06, 14.23 & 19.6.1.1 */
755 1.1 tls if (request->hr_proto == http_11 && request->hr_host == NULL)
756 1.1 tls http_error(400, request, "missing Host header");
757 1.1 tls
758 1.1 tls debug((DEBUG_FAT, "read_request returns url %s in request", request->hr_url));
759 1.1 tls return (request);
760 1.1 tls }
761 1.1 tls
762 1.1 tls /*
763 1.1 tls * add or merge this header (val: str) into the requests list
764 1.1 tls */
765 1.1 tls static struct headers *
766 1.1 tls addmerge_header(http_req *request, char *val, char *str, ssize_t len)
767 1.1 tls {
768 1.1 tls struct headers *hdr;
769 1.1 tls static char space[2] = { ' ', 0 };
770 1.1 tls
771 1.1 tls /* do we exist already? */
772 1.2 tls SIMPLEQ_FOREACH(hdr, &request->hr_headers, h_next) {
773 1.1 tls if (strcasecmp(val, hdr->h_header) == 0)
774 1.1 tls break;
775 1.2 tls }
776 1.1 tls
777 1.1 tls if (hdr) {
778 1.1 tls /* yup, merge it in */
779 1.1 tls if (hdr->h_value == space)
780 1.1 tls hdr->h_value = bozostrdup(str);
781 1.1 tls else {
782 1.1 tls char *nval;
783 1.1 tls
784 1.1 tls if (asprintf(&nval, "%s, %s", hdr->h_value, str) == -1)
785 1.1 tls http_error(500, NULL,
786 1.1 tls "memory allocation failure");
787 1.1 tls free(hdr->h_value);
788 1.1 tls hdr->h_value = nval;
789 1.1 tls }
790 1.1 tls } else {
791 1.1 tls /* nope, create a new one */
792 1.1 tls
793 1.1 tls hdr = bozomalloc(sizeof *hdr);
794 1.1 tls hdr->h_header = bozostrdup(val);
795 1.1 tls if (str && *str)
796 1.1 tls hdr->h_value = bozostrdup(str);
797 1.1 tls else
798 1.1 tls hdr->h_value = space;
799 1.1 tls
800 1.1 tls SIMPLEQ_INSERT_TAIL(&request->hr_headers, hdr, h_next);
801 1.1 tls request->hr_nheaders++;
802 1.1 tls }
803 1.1 tls
804 1.1 tls return hdr;
805 1.1 tls }
806 1.1 tls
807 1.1 tls /*
808 1.1 tls * process_request does the following:
809 1.1 tls * - check the request is valid
810 1.1 tls * - process cgi-bin if necessary
811 1.1 tls * - transform a filename if necesarry
812 1.1 tls * - return the HTTP request
813 1.1 tls */
814 1.1 tls static void
815 1.1 tls process_request(http_req *request)
816 1.1 tls {
817 1.1 tls struct stat sb;
818 1.1 tls char *file;
819 1.1 tls const char *type, *encoding;
820 1.1 tls int fd, isindex;
821 1.1 tls
822 1.1 tls /*
823 1.1 tls * note that transform_request chdir()'s if required. also note
824 1.1 tls * that cgi is handed here, and a cgi request will never return
825 1.1 tls * back here.
826 1.1 tls */
827 1.1 tls file = transform_request(request, &isindex);
828 1.1 tls if (file == NULL)
829 1.1 tls http_error(404, request, "empty file after transform");
830 1.1 tls
831 1.1 tls fd = open(file, O_RDONLY);
832 1.1 tls if (fd < 0) {
833 1.1 tls debug((DEBUG_FAT, "open failed: %s", strerror(errno)));
834 1.1 tls if (errno == EPERM)
835 1.1 tls http_error(403, request, "no permission to open file");
836 1.1 tls else if (errno == ENOENT) {
837 1.1 tls if (directory_index(request, file, isindex))
838 1.1 tls return;
839 1.1 tls http_error(404, request, "no file");
840 1.1 tls } else
841 1.1 tls http_error(500, request, "open file");
842 1.1 tls }
843 1.1 tls if (fstat(fd, &sb) < 0)
844 1.1 tls http_error(500, request, "can't fstat");
845 1.1 tls if (S_ISDIR(sb.st_mode))
846 1.1 tls handle_redirect(request, NULL, 0);
847 1.1 tls /* NOTREACHED */
848 1.1 tls /* XXX RFC1945 10.9 If-Modified-Since (http code 304) */
849 1.1 tls
850 1.1 tls bozoprintf("%s 200 OK\r\n", request->hr_proto);
851 1.1 tls
852 1.1 tls if (request->hr_proto != http_09) {
853 1.1 tls type = content_type(request, file);
854 1.1 tls encoding = content_encoding(request, file);
855 1.1 tls
856 1.1 tls print_header(request, &sb, type, encoding);
857 1.1 tls bozoprintf("\r\n");
858 1.1 tls }
859 1.1 tls bozoflush(stdout);
860 1.1 tls
861 1.1 tls if (request->hr_method != HTTP_HEAD) {
862 1.1 tls char *addr;
863 1.1 tls void *oaddr;
864 1.1 tls off_t sz = sb.st_size;
865 1.1 tls
866 1.1 tls oaddr = addr = mmap(0, (size_t)sz, PROT_READ,
867 1.1 tls MAP_SHARED, fd, 0);
868 1.1 tls if (addr == (char *)-1)
869 1.1 tls error(1, "mmap failed: %s", strerror(errno));
870 1.1 tls
871 1.1 tls #ifdef MADV_SEQUENTIAL
872 1.1 tls madvise(addr, sz, MADV_SEQUENTIAL);
873 1.1 tls #endif
874 1.1 tls while (sz > WRSZ) {
875 1.1 tls if (bozowrite(STDOUT_FILENO, addr, WRSZ) != WRSZ)
876 1.1 tls error(1, "write failed: %s", strerror(errno));
877 1.1 tls sz -= WRSZ;
878 1.1 tls addr += WRSZ;
879 1.1 tls }
880 1.1 tls if (sz && bozowrite(STDOUT_FILENO, addr, sz) != sz)
881 1.1 tls error(1, "final write failed: %s", strerror(errno));
882 1.1 tls if (munmap(oaddr, (size_t)sb.st_size) < 0)
883 1.1 tls warning("munmap failed");
884 1.1 tls }
885 1.1 tls /* If SSL enabled cleanup SSL structure. */
886 1.1 tls ssl_destroy();
887 1.1 tls close(fd);
888 1.2 tls free(file);
889 1.1 tls }
890 1.1 tls
891 1.1 tls /*
892 1.1 tls * deal with virtual host names; we do this:
893 1.1 tls * if we have a virtual path root (vpath), and we are given a
894 1.1 tls * virtual host spec (Host: ho.st or http://ho.st/), see if this
895 1.1 tls * directory exists under vpath. if it does, use this as the
896 1.1 tls # new slashdir.
897 1.1 tls */
898 1.1 tls static void
899 1.1 tls check_virtual(http_req *request)
900 1.1 tls {
901 1.1 tls char *url = request->hr_url, *s;
902 1.1 tls struct dirent **list;
903 1.1 tls size_t len;
904 1.1 tls int i;
905 1.1 tls
906 1.1 tls if (!vpath)
907 1.1 tls goto use_slashdir;
908 1.1 tls
909 1.1 tls /*
910 1.1 tls * convert http://virtual.host/ to request->hr_host
911 1.1 tls */
912 1.1 tls debug((DEBUG_OBESE, "checking for http:// virtual host in ``%s''", url));
913 1.1 tls if (strncasecmp(url, "http://", 7) == 0) {
914 1.1 tls /* we would do virtual hosting here? */
915 1.1 tls url += 7;
916 1.1 tls s = strchr(url, '/');
917 1.1 tls /* HTTP/1.1 draft rev-06, 5.2: URI takes precedence over Host: */
918 1.1 tls request->hr_host = url;
919 1.1 tls request->hr_url = bozostrdup(s ? s : "/");
920 1.1 tls debug((DEBUG_OBESE, "got host ``%s'' url is now ``%s''",
921 1.1 tls request->hr_host, request->hr_url));
922 1.1 tls } else if (!request->hr_host)
923 1.1 tls goto use_slashdir;
924 1.1 tls
925 1.1 tls
926 1.1 tls /*
927 1.1 tls * ok, we have a virtual host, use scandir(3) to find a case
928 1.1 tls * insensitive match for the virtual host we are asked for.
929 1.1 tls * note that if the virtual host is the same as the master,
930 1.1 tls * we don't need to do anything special.
931 1.1 tls */
932 1.1 tls len = strlen(request->hr_host);
933 1.1 tls debug((DEBUG_OBESE,
934 1.1 tls "check_virtual: checking host `%s' under vpath `%s' for url `%s'",
935 1.1 tls request->hr_host, vpath, request->hr_url));
936 1.1 tls if (strncasecmp(myname, request->hr_host, len) != 0) {
937 1.1 tls s = 0;
938 1.1 tls for (i = scandir(vpath, &list, 0, 0); i--; list++) {
939 1.1 tls debug((DEBUG_OBESE, "looking at dir``%s''",
940 1.1 tls (*list)->d_name));
941 1.1 tls if (strncasecmp((*list)->d_name, request->hr_host,
942 1.1 tls len) == 0) {
943 1.1 tls /* found it, punch it */
944 1.1 tls myname = (*list)->d_name;
945 1.1 tls if (asprintf(&s, "%s/%s", vpath, myname) < 0)
946 1.1 tls error(1, "asprintf");
947 1.1 tls break;
948 1.1 tls }
949 1.1 tls }
950 1.1 tls if (s == 0) {
951 1.1 tls if (Vflag)
952 1.1 tls goto use_slashdir;
953 1.1 tls http_error(404, request, "unknown URL");
954 1.1 tls }
955 1.1 tls } else
956 1.1 tls use_slashdir:
957 1.1 tls s = slashdir;
958 1.1 tls
959 1.1 tls /*
960 1.1 tls * ok, nailed the correct slashdir, chdir to it
961 1.1 tls */
962 1.1 tls if (chdir(s) < 0)
963 1.1 tls error(1, "can't chdir %s: %s", s, strerror(errno));
964 1.1 tls }
965 1.1 tls
966 1.1 tls /* make sure we're not trying to access special files */
967 1.1 tls void
968 1.1 tls check_special_files(http_req *request, const char *name)
969 1.1 tls {
970 1.1 tls /* ensure basename(name) != special files */
971 1.1 tls if (strcmp(name, DIRECT_ACCESS_FILE) == 0)
972 1.1 tls http_error(403, request,
973 1.1 tls "no permission to open direct access file");
974 1.1 tls if (strcmp(name, REDIRECT_FILE) == 0)
975 1.1 tls http_error(403, request,
976 1.1 tls "no permission to open redirect file");
977 1.1 tls if (strcmp(name, ABSREDIRECT_FILE) == 0)
978 1.1 tls http_error(403, request,
979 1.1 tls "no permission to open redirect file");
980 1.1 tls auth_check_special_files(request, name);
981 1.1 tls }
982 1.1 tls
983 1.1 tls /*
984 1.1 tls * checks to see if this request has a valid .bzredirect file. returns
985 1.1 tls * 0 on failure and 1 on success.
986 1.1 tls */
987 1.1 tls static void
988 1.1 tls check_bzredirect(http_req *request)
989 1.1 tls {
990 1.1 tls struct stat sb;
991 1.1 tls char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1];
992 1.1 tls char *basename, *finalredir;
993 1.1 tls int rv, absolute;
994 1.1 tls
995 1.1 tls /*
996 1.1 tls * if this pathname is really a directory, but doesn't end in /,
997 1.1 tls * use it as the directory to look for the redir file.
998 1.1 tls */
999 1.1 tls snprintf(dir, sizeof(dir), "%s", request->hr_url + 1);
1000 1.1 tls debug((DEBUG_FAT, "check_bzredirect: dir %s", dir));
1001 1.1 tls basename = strrchr(dir, '/');
1002 1.1 tls
1003 1.1 tls if ((!basename || basename[1] != '\0') &&
1004 1.1 tls lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode))
1005 1.1 tls /* nothing */;
1006 1.1 tls else if (basename == NULL)
1007 1.1 tls strcpy(dir, ".");
1008 1.1 tls else {
1009 1.1 tls *basename++ = '\0';
1010 1.1 tls check_special_files(request, basename);
1011 1.1 tls }
1012 1.1 tls
1013 1.1 tls snprintf(redir, sizeof(redir), "%s/%s", dir, REDIRECT_FILE);
1014 1.1 tls if (lstat(redir, &sb) == 0) {
1015 1.1 tls if (S_ISLNK(sb.st_mode) == 0)
1016 1.1 tls return;
1017 1.1 tls absolute = 0;
1018 1.1 tls } else {
1019 1.1 tls snprintf(redir, sizeof(redir), "%s/%s", dir, ABSREDIRECT_FILE);
1020 1.1 tls if (lstat(redir, &sb) < 0 || S_ISLNK(sb.st_mode) == 0)
1021 1.1 tls return;
1022 1.1 tls absolute = 1;
1023 1.1 tls }
1024 1.1 tls debug((DEBUG_FAT, "check_bzredirect: calling readlink"));
1025 1.1 tls rv = readlink(redir, redirpath, sizeof redirpath - 1);
1026 1.1 tls if (rv == -1 || rv == 0) {
1027 1.1 tls debug((DEBUG_FAT, "readlink failed"));
1028 1.1 tls return;
1029 1.1 tls }
1030 1.1 tls redirpath[rv] = '\0';
1031 1.1 tls debug((DEBUG_FAT, "readlink returned \"%s\"", redirpath));
1032 1.1 tls
1033 1.1 tls /* now we have the link pointer, redirect to the real place */
1034 1.1 tls if (absolute)
1035 1.1 tls finalredir = redirpath;
1036 1.1 tls else
1037 1.1 tls snprintf(finalredir = redir, sizeof(redir), "/%s/%s", dir,
1038 1.1 tls redirpath);
1039 1.1 tls
1040 1.1 tls debug((DEBUG_FAT, "check_bzredirect: new redir %s", finalredir));
1041 1.1 tls handle_redirect(request, finalredir, absolute);
1042 1.1 tls }
1043 1.1 tls
1044 1.1 tls /*
1045 1.1 tls * checks to see if this request has a valid .bzdirect file. returns
1046 1.1 tls * 0 on failure and 1 on success.
1047 1.1 tls */
1048 1.1 tls static int
1049 1.1 tls check_direct_access(http_req *request)
1050 1.1 tls {
1051 1.1 tls FILE *fp;
1052 1.1 tls struct stat sb;
1053 1.1 tls char dir[MAXPATHLEN], dirfile[MAXPATHLEN], *basename;
1054 1.1 tls
1055 1.1 tls snprintf(dir, sizeof(dir), "%s", request->hr_url + 1);
1056 1.1 tls debug((DEBUG_FAT, "check_bzredirect: dir %s", dir));
1057 1.1 tls basename = strrchr(dir, '/');
1058 1.1 tls
1059 1.1 tls if ((!basename || basename[1] != '\0') &&
1060 1.1 tls lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode))
1061 1.1 tls /* nothing */;
1062 1.1 tls else if (basename == NULL)
1063 1.1 tls strcpy(dir, ".");
1064 1.1 tls else {
1065 1.1 tls *basename++ = '\0';
1066 1.1 tls check_special_files(request, basename);
1067 1.1 tls }
1068 1.1 tls
1069 1.1 tls snprintf(dirfile, sizeof(dirfile), "%s/%s", dir, DIRECT_ACCESS_FILE);
1070 1.1 tls if (stat(dirfile, &sb) < 0 ||
1071 1.1 tls (fp = fopen(dirfile, "r")) == NULL)
1072 1.1 tls return 0;
1073 1.1 tls fclose(fp);
1074 1.1 tls return 1;
1075 1.1 tls }
1076 1.1 tls
1077 1.1 tls /*
1078 1.1 tls * transform_request does this:
1079 1.1 tls * - ``expand'' %20 crapola
1080 1.1 tls * - punt if it doesn't start with /
1081 1.1 tls * - check rflag / referrer
1082 1.1 tls * - look for "http://myname/" and deal with it.
1083 1.1 tls * - maybe call process_cgi()
1084 1.1 tls * - check for ~user and call user_transform() if so
1085 1.1 tls * - if the length > 1, check for trailing slash. if so,
1086 1.1 tls * add the index.html file
1087 1.1 tls * - if the length is 1, return the index.html file
1088 1.1 tls * - disallow anything ending up with a file starting
1089 1.1 tls * at "/" or having ".." in it.
1090 1.1 tls * - anything else is a really weird internal error
1091 1.1 tls */
1092 1.1 tls static char *
1093 1.1 tls transform_request(http_req *request, int *isindex)
1094 1.1 tls {
1095 1.1 tls char *file;
1096 1.1 tls char *url;
1097 1.1 tls size_t len;
1098 1.1 tls
1099 1.1 tls file = NULL;
1100 1.1 tls *isindex = 0;
1101 1.1 tls debug((DEBUG_FAT, "tf_req: url %s", request->hr_url));
1102 1.1 tls fix_url_percent(request);
1103 1.1 tls check_virtual(request);
1104 1.1 tls url = request->hr_url;
1105 1.1 tls
1106 1.1 tls if (url[0] != '/')
1107 1.1 tls http_error(404, request, "unknown URL");
1108 1.1 tls
1109 1.1 tls check_bzredirect(request);
1110 1.1 tls
1111 1.1 tls if (rflag) {
1112 1.1 tls int to_indexhtml = 0;
1113 1.1 tls
1114 1.1 tls #define TOP_PAGE(x) (strcmp((x), "/") == 0 || \
1115 1.1 tls strcmp((x) + 1, index_html) == 0 || \
1116 1.1 tls strcmp((x) + 1, "favicon.ico") == 0)
1117 1.1 tls
1118 1.1 tls debug((DEBUG_EXPLODING, "checking rflag"));
1119 1.1 tls /*
1120 1.1 tls * first check that this path isn't allowed via .bzdirect file,
1121 1.1 tls * and then check referrer; make sure that people come via the
1122 1.1 tls * real name... otherwise if we aren't looking at / or
1123 1.1 tls * /index.html, redirect... we also special case favicon.ico.
1124 1.1 tls */
1125 1.1 tls if (check_direct_access(request))
1126 1.1 tls /* nothing */;
1127 1.1 tls else if (request->hr_referrer) {
1128 1.1 tls const char *r = request->hr_referrer;
1129 1.1 tls
1130 1.1 tls debug((DEBUG_FAT,
1131 1.1 tls "checking referrer \"%s\" vs myname %s", r, myname));
1132 1.1 tls if (strncmp(r, "http://", 7) != 0 ||
1133 1.1 tls (strncasecmp(r + 7, myname, strlen(myname)) != 0 &&
1134 1.1 tls !TOP_PAGE(url)))
1135 1.1 tls to_indexhtml = 1;
1136 1.1 tls } else {
1137 1.1 tls const char *h = request->hr_host;
1138 1.1 tls
1139 1.1 tls debug((DEBUG_FAT, "url has no referrer at all"));
1140 1.1 tls /* if there's no referrer, let / or /index.html past */
1141 1.1 tls if (!TOP_PAGE(url) ||
1142 1.1 tls (h && strncasecmp(h, myname, strlen(myname)) != 0))
1143 1.1 tls to_indexhtml = 1;
1144 1.1 tls }
1145 1.1 tls
1146 1.1 tls if (to_indexhtml) {
1147 1.1 tls char *slashindexhtml;
1148 1.1 tls
1149 1.1 tls if (asprintf(&slashindexhtml, "/%s", index_html) < 0)
1150 1.1 tls error(1, "asprintf");
1151 1.1 tls debug((DEBUG_FAT, "rflag: redirecting %s to %s", url, slashindexhtml));
1152 1.1 tls handle_redirect(request, slashindexhtml, 0);
1153 1.1 tls /* NOTREACHED */
1154 1.1 tls }
1155 1.1 tls }
1156 1.1 tls
1157 1.1 tls process_cgi(request);
1158 1.1 tls
1159 1.1 tls len = strlen(url);
1160 1.1 tls if (0) {
1161 1.1 tls #ifndef NO_USER_SUPPORT
1162 1.1 tls } else if (len > 1 && uflag && url[1] == '~') {
1163 1.1 tls if (url[2] == '\0')
1164 1.1 tls http_error(404, request, "missing username");
1165 1.1 tls if (strchr(url + 2, '/') == NULL)
1166 1.1 tls handle_redirect(request, NULL, 0);
1167 1.1 tls /* NOTREACHED */
1168 1.1 tls debug((DEBUG_FAT, "calling user_transform"));
1169 1.1 tls return (user_transform(request, isindex));
1170 1.1 tls #endif /* NO_USER_SUPPORT */
1171 1.1 tls } else if (len > 1) {
1172 1.1 tls debug((DEBUG_FAT, "url[len-1] == %c", url[len-1]));
1173 1.1 tls if (url[len-1] == '/') { /* append index.html */
1174 1.1 tls *isindex = 1;
1175 1.1 tls debug((DEBUG_FAT, "appending index.html"));
1176 1.1 tls file = bozomalloc(len + strlen(index_html) + 1);
1177 1.1 tls strcpy(file, url + 1);
1178 1.1 tls strcat(file, index_html);
1179 1.1 tls } else
1180 1.1 tls file = bozostrdup(url + 1);
1181 1.1 tls } else if (len == 1) {
1182 1.1 tls debug((DEBUG_EXPLODING, "tf_req: len == 1"));
1183 1.1 tls file = bozostrdup(index_html);
1184 1.1 tls *isindex = 1;
1185 1.1 tls } else /* len == 0 ? */
1186 1.1 tls http_error(500, request, "request->hr_url is nul?");
1187 1.1 tls
1188 1.1 tls if (file == NULL)
1189 1.1 tls http_error(500, request, "internal failure");
1190 1.1 tls
1191 1.1 tls /*
1192 1.1 tls * look for "http://myname/" and deal with it as necessary.
1193 1.1 tls */
1194 1.1 tls
1195 1.1 tls /*
1196 1.1 tls * stop traversing outside our domain
1197 1.1 tls *
1198 1.1 tls * XXX true security only comes from our parent using chroot(2)
1199 1.1 tls * before execve(2)'ing us. or our own built in chroot(2) support.
1200 1.1 tls */
1201 1.1 tls if (*file == '/' || strcmp(file, "..") == 0 ||
1202 1.1 tls strstr(file, "/..") || strstr(file, "../"))
1203 1.1 tls http_error(403, request, "illegal request");
1204 1.1 tls
1205 1.1 tls auth_check(request, file);
1206 1.1 tls
1207 1.1 tls debug((DEBUG_FAT, "transform_request returned: %s", file));
1208 1.1 tls return (file);
1209 1.1 tls }
1210 1.1 tls
1211 1.1 tls /*
1212 1.1 tls * do automatic redirection
1213 1.1 tls */
1214 1.1 tls static void
1215 1.1 tls handle_redirect(http_req *request, const char *url, int absolute)
1216 1.1 tls {
1217 1.1 tls char *urlbuf;
1218 1.1 tls char portbuf[20];
1219 1.1 tls
1220 1.1 tls if (url == NULL) {
1221 1.1 tls if (asprintf(&urlbuf, "%s/", request->hr_url) < 0)
1222 1.1 tls error(1, "asprintf");
1223 1.1 tls url = urlbuf;
1224 1.1 tls }
1225 1.1 tls if (request->hr_serverport && strcmp(request->hr_serverport, "80") != 0)
1226 1.1 tls snprintf(portbuf, sizeof(portbuf), ":%s",
1227 1.1 tls request->hr_serverport);
1228 1.1 tls else
1229 1.1 tls portbuf[0] = '\0';
1230 1.1 tls warning("redirecting %s%s%s", myname, portbuf, url);
1231 1.1 tls debug((DEBUG_FAT, "redirecting %s", url));
1232 1.1 tls bozoprintf("%s 301 Document Moved\r\n", request->hr_proto);
1233 1.1 tls if (request->hr_proto != http_09)
1234 1.1 tls print_header(request, NULL, "text/html", NULL);
1235 1.1 tls if (request->hr_proto != http_09) {
1236 1.1 tls bozoprintf("Location: http://");
1237 1.1 tls if (absolute == 0)
1238 1.1 tls bozoprintf("%s%s", myname, portbuf);
1239 1.1 tls bozoprintf("%s\r\n", url);
1240 1.1 tls }
1241 1.1 tls bozoprintf("\r\n");
1242 1.1 tls if (request->hr_method == HTTP_HEAD)
1243 1.1 tls goto head;
1244 1.1 tls bozoprintf("<html><head><title>Document Moved</title></head>\n");
1245 1.1 tls bozoprintf("<body><h1>Document Moved</h1>\n");
1246 1.1 tls bozoprintf("This document had moved <a href=\"http://");
1247 1.1 tls if (absolute)
1248 1.1 tls bozoprintf("%s", url);
1249 1.1 tls else
1250 1.1 tls bozoprintf("%s%s%s", myname, portbuf, url);
1251 1.1 tls bozoprintf("\">here</a>\n");
1252 1.1 tls bozoprintf("</body></html>\n");
1253 1.1 tls head:
1254 1.1 tls bozoflush(stdout);
1255 1.1 tls exit(0);
1256 1.1 tls }
1257 1.1 tls
1258 1.1 tls /* generic header printing routine */
1259 1.1 tls void
1260 1.1 tls print_header(http_req *request, struct stat *sbp, const char *type,
1261 1.1 tls const char *encoding)
1262 1.1 tls {
1263 1.1 tls bozoprintf("Date: %s\r\n", http_date());
1264 1.1 tls bozoprintf("Server: %s\r\n", server_software);
1265 1.1 tls if (sbp) {
1266 1.1 tls char filedate[40];
1267 1.1 tls struct tm *tm;
1268 1.1 tls
1269 1.1 tls tm = gmtime(&sbp->st_mtime);
1270 1.1 tls strftime(filedate, sizeof filedate,
1271 1.1 tls "%a, %d %b %Y %H:%M:%S GMT", tm);
1272 1.1 tls bozoprintf("Last-Modified: %s\r\n", filedate);
1273 1.1 tls }
1274 1.1 tls if (type && *type)
1275 1.1 tls bozoprintf("Content-Type: %s\r\n", type);
1276 1.1 tls if (encoding && *encoding)
1277 1.1 tls bozoprintf("Content-Encoding: %s\r\n", encoding);
1278 1.1 tls if (sbp)
1279 1.1 tls bozoprintf("Content-Length: %qd\r\n", (long long)sbp->st_size);
1280 1.1 tls if (request && request->hr_proto == http_11)
1281 1.1 tls bozoprintf("Connection: close\r\n");
1282 1.1 tls bozoflush(stdout);
1283 1.1 tls }
1284 1.1 tls
1285 1.1 tls /* this escape HTML tags */
1286 1.1 tls static void
1287 1.1 tls escape_html(http_req *request)
1288 1.1 tls {
1289 1.1 tls int i, j;
1290 1.1 tls char *url = request->hr_url, *tmp;
1291 1.1 tls
1292 1.1 tls for (i = 0, j = 0; url[i]; i++) {
1293 1.1 tls switch (url[i]) {
1294 1.1 tls case '<':
1295 1.1 tls case '>':
1296 1.1 tls j += 4;
1297 1.1 tls break;
1298 1.1 tls case '&':
1299 1.1 tls j += 5;
1300 1.1 tls break;
1301 1.1 tls }
1302 1.1 tls }
1303 1.1 tls
1304 1.1 tls if (j == 0)
1305 1.1 tls return;
1306 1.1 tls
1307 1.1 tls if ((tmp = (char *) malloc(strlen(url) + j)) == 0)
1308 1.1 tls /*
1309 1.1 tls * ouch, but we are only called from an error context, and
1310 1.1 tls * most paths here come from malloc(3) failures anyway...
1311 1.1 tls * we could completely punt and just exit, but isn't returning
1312 1.1 tls * an not-quite-correct error better than nothing at all?
1313 1.1 tls */
1314 1.1 tls return;
1315 1.1 tls
1316 1.1 tls for (i = 0, j = 0; url[i]; i++) {
1317 1.1 tls switch (url[i]) {
1318 1.1 tls case '<':
1319 1.1 tls memcpy(tmp + j, "<", 4);
1320 1.1 tls j += 4;
1321 1.1 tls break;
1322 1.1 tls case '>':
1323 1.1 tls memcpy(tmp + j, ">", 4);
1324 1.1 tls j += 4;
1325 1.1 tls break;
1326 1.1 tls case '&':
1327 1.1 tls memcpy(tmp + j, "&", 5);
1328 1.1 tls j += 5;
1329 1.1 tls break;
1330 1.1 tls default:
1331 1.1 tls tmp[j++] = url[i];
1332 1.1 tls }
1333 1.1 tls }
1334 1.1 tls tmp[j] = 0;
1335 1.1 tls
1336 1.1 tls /*
1337 1.1 tls * XXX original "url" is a substring of an allocation, so we
1338 1.1 tls * can't touch it. so, ignore it and replace the request.
1339 1.1 tls */
1340 1.1 tls request->hr_url = tmp;
1341 1.1 tls }
1342 1.1 tls
1343 1.1 tls /* this fixes the %HH hack that RFC2396 requires. */
1344 1.1 tls static void
1345 1.1 tls fix_url_percent(http_req *request)
1346 1.1 tls {
1347 1.1 tls char *s, *t, buf[3], *url;
1348 1.1 tls char *end; /* if end is not-zero, we don't translate beyond that */
1349 1.1 tls
1350 1.1 tls url = request->hr_url;
1351 1.1 tls
1352 1.1 tls /* make sure we don't translate *too* much */
1353 1.1 tls end = strchr(request->hr_url, '?');
1354 1.1 tls
1355 1.1 tls /* fast forward to the first % */
1356 1.1 tls if ((s = strchr(url, '%')) == NULL)
1357 1.1 tls return;
1358 1.1 tls
1359 1.1 tls t = s;
1360 1.1 tls do {
1361 1.1 tls if (end && s >= end) {
1362 1.1 tls debug((DEBUG_EXPLODING, "fu_%%: past end, filling out.."));
1363 1.1 tls while (*s)
1364 1.1 tls *t++ = *s++;
1365 1.1 tls break;
1366 1.1 tls }
1367 1.1 tls debug((DEBUG_EXPLODING, "fu_%%: got s == %%, s[1]s[2] == %c%c",
1368 1.1 tls s[1], s[2]));
1369 1.1 tls if (s[1] == '\0' || s[2] == '\0')
1370 1.1 tls http_error(400, request,
1371 1.1 tls "percent hack missing two chars afterwards");
1372 1.1 tls if (s[1] == '0' && s[2] == '0')
1373 1.1 tls http_error(404, request, "percent hack was %00");
1374 1.1 tls if (s[1] == '2' && s[2] == 'f')
1375 1.1 tls http_error(404, request, "percent hack was %2f (/)");
1376 1.1 tls
1377 1.1 tls buf[0] = *++s;
1378 1.1 tls buf[1] = *++s;
1379 1.1 tls buf[2] = '\0';
1380 1.1 tls s++;
1381 1.1 tls *t = (char)strtol(buf, NULL, 16);
1382 1.1 tls debug((DEBUG_EXPLODING, "fu_%%: strtol put %c into *t", *t));
1383 1.1 tls if (*t++ == '\0')
1384 1.1 tls http_error(400, request, "percent hack got a 0 back");
1385 1.1 tls
1386 1.1 tls while (*s && *s != '%') {
1387 1.1 tls if (s >= end)
1388 1.1 tls break;
1389 1.1 tls *t++ = *s++;
1390 1.1 tls }
1391 1.1 tls } while (*s);
1392 1.1 tls *t = '\0';
1393 1.1 tls debug((DEBUG_FAT, "fix_url_percent returns %s in url", request->hr_url));
1394 1.1 tls }
1395 1.1 tls
1396 1.1 tls /*
1397 1.1 tls * process each type of HTTP method, setting this HTTP requests
1398 1.1 tls # method type.
1399 1.1 tls */
1400 1.1 tls static struct method_map {
1401 1.1 tls const char *name;
1402 1.1 tls int type;
1403 1.1 tls } method_map[] = {
1404 1.1 tls { "GET", HTTP_GET, },
1405 1.1 tls { "POST", HTTP_POST, },
1406 1.1 tls { "HEAD", HTTP_HEAD, },
1407 1.1 tls #if 0 /* other non-required http/1.1 methods */
1408 1.1 tls { "OPTIONS", HTTP_OPTIONS, },
1409 1.1 tls { "PUT", HTTP_PUT, },
1410 1.1 tls { "DELETE", HTTP_DELETE, },
1411 1.1 tls { "TRACE", HTTP_TRACE, },
1412 1.1 tls { "CONNECT", HTTP_CONNECT, },
1413 1.1 tls #endif
1414 1.1 tls { NULL, 0, },
1415 1.1 tls };
1416 1.1 tls
1417 1.1 tls static void
1418 1.1 tls process_method(http_req *request, const char *method)
1419 1.1 tls {
1420 1.1 tls struct method_map *mmp;
1421 1.1 tls
1422 1.1 tls for (mmp = method_map; mmp->name; mmp++)
1423 1.1 tls if (strcasecmp(method, mmp->name) == 0) {
1424 1.1 tls request->hr_method = mmp->type;
1425 1.1 tls request->hr_methodstr = mmp->name;
1426 1.1 tls return;
1427 1.1 tls }
1428 1.1 tls
1429 1.1 tls if (request->hr_proto == http_11)
1430 1.1 tls request->hr_allow = "GET, HEAD, POST";
1431 1.1 tls http_error(404, request, "unknown method");
1432 1.1 tls }
1433 1.1 tls
1434 1.1 tls /*
1435 1.1 tls * as the prototype string is not constant (eg, "HTTP/1.1" is equivalent
1436 1.1 tls * to "HTTP/001.01"), we MUST parse this.
1437 1.1 tls */
1438 1.1 tls static void
1439 1.1 tls process_proto(http_req *request, const char *proto)
1440 1.1 tls {
1441 1.1 tls char majorstr[16], *minorstr;
1442 1.1 tls int majorint, minorint;
1443 1.1 tls
1444 1.1 tls if (proto == NULL) {
1445 1.1 tls got_proto_09:
1446 1.1 tls request->hr_proto = http_09;
1447 1.1 tls debug((DEBUG_FAT, "request %s is http/0.9", request->hr_url));
1448 1.1 tls return;
1449 1.1 tls }
1450 1.1 tls
1451 1.1 tls if (strncasecmp(proto, "HTTP/", 5) != 0)
1452 1.1 tls goto bad;
1453 1.1 tls strncpy(majorstr, proto + 5, sizeof majorstr);
1454 1.1 tls majorstr[sizeof(majorstr)-1] = 0;
1455 1.1 tls minorstr = strchr(majorstr, '.');
1456 1.1 tls if (minorstr == NULL)
1457 1.1 tls goto bad;
1458 1.1 tls *minorstr++ = 0;
1459 1.1 tls
1460 1.1 tls majorint = atoi(majorstr);
1461 1.1 tls minorint = atoi(minorstr);
1462 1.1 tls
1463 1.1 tls switch (majorint) {
1464 1.1 tls case 0:
1465 1.1 tls if (minorint != 9)
1466 1.1 tls break;
1467 1.1 tls goto got_proto_09;
1468 1.1 tls case 1:
1469 1.1 tls if (minorint == 0)
1470 1.1 tls request->hr_proto = http_10;
1471 1.1 tls else if (minorint == 1)
1472 1.1 tls request->hr_proto = http_11;
1473 1.1 tls else
1474 1.1 tls break;
1475 1.1 tls
1476 1.1 tls debug((DEBUG_FAT, "request %s is %s", request->hr_url,
1477 1.1 tls request->hr_proto));
1478 1.1 tls SIMPLEQ_INIT(&request->hr_headers);
1479 1.1 tls request->hr_nheaders = 0;
1480 1.1 tls return;
1481 1.1 tls }
1482 1.1 tls bad:
1483 1.1 tls http_error(404, NULL, "unknown prototype");
1484 1.1 tls }
1485 1.1 tls
1486 1.1 tls #ifdef DEBUG
1487 1.1 tls void
1488 1.1 tls debug__(int level, const char *fmt, ...)
1489 1.1 tls {
1490 1.1 tls va_list ap;
1491 1.1 tls int savederrno;
1492 1.1 tls
1493 1.1 tls /* only log if the level is low enough */
1494 1.1 tls if (dflag < level)
1495 1.1 tls return;
1496 1.1 tls
1497 1.1 tls savederrno = errno;
1498 1.1 tls va_start(ap, fmt);
1499 1.1 tls if (sflag) {
1500 1.1 tls vfprintf(stderr, fmt, ap);
1501 1.1 tls fputs("\n", stderr);
1502 1.1 tls } else
1503 1.1 tls vsyslog(LOG_DEBUG, fmt, ap);
1504 1.1 tls va_end(ap);
1505 1.1 tls errno = savederrno;
1506 1.1 tls }
1507 1.1 tls #endif /* DEBUG */
1508 1.1 tls
1509 1.1 tls /* these are like warn() and err(), except for syslog not stderr */
1510 1.1 tls void
1511 1.1 tls warning(const char *fmt, ...)
1512 1.1 tls {
1513 1.1 tls va_list ap;
1514 1.1 tls
1515 1.1 tls va_start(ap, fmt);
1516 1.1 tls if (sflag || isatty(STDERR_FILENO)) {
1517 1.1 tls vfprintf(stderr, fmt, ap);
1518 1.1 tls fputs("\n", stderr);
1519 1.1 tls } else
1520 1.1 tls vsyslog(LOG_INFO, fmt, ap);
1521 1.1 tls va_end(ap);
1522 1.1 tls }
1523 1.1 tls
1524 1.1 tls void
1525 1.1 tls error(int code, const char *fmt, ...)
1526 1.1 tls {
1527 1.1 tls va_list ap;
1528 1.1 tls
1529 1.1 tls va_start(ap, fmt);
1530 1.1 tls if (sflag || isatty(STDERR_FILENO)) {
1531 1.1 tls vfprintf(stderr, fmt, ap);
1532 1.1 tls fputs("\n", stderr);
1533 1.1 tls } else
1534 1.1 tls vsyslog(LOG_ERR, fmt, ap);
1535 1.1 tls va_end(ap);
1536 1.1 tls exit(code);
1537 1.1 tls }
1538 1.1 tls
1539 1.1 tls /* the follow functions and variables are used in handling HTTP errors */
1540 1.1 tls /* ARGSUSED */
1541 1.1 tls void
1542 1.1 tls http_error(int code, http_req *request, const char *msg)
1543 1.1 tls {
1544 1.1 tls static char buf[BUFSIZ];
1545 1.1 tls char portbuf[20];
1546 1.1 tls const char *header = http_errors_short(code);
1547 1.1 tls const char *reason = http_errors_long(code);
1548 1.1 tls const char *proto = (request && request->hr_proto) ? request->hr_proto : http_11;
1549 1.1 tls int size;
1550 1.1 tls
1551 1.1 tls debug((DEBUG_FAT, "http_error %d: %s", code, msg));
1552 1.1 tls if (header == NULL || reason == NULL)
1553 1.1 tls error(1, "http_error() failed (short = %p, long = %p)",
1554 1.1 tls header, reason);
1555 1.1 tls
1556 1.1 tls if (request && request->hr_serverport && strcmp(request->hr_serverport, "80") != 0)
1557 1.1 tls snprintf(portbuf, sizeof(portbuf), ":%s", request->hr_serverport);
1558 1.1 tls else
1559 1.1 tls portbuf[0] = '\0';
1560 1.1 tls
1561 1.1 tls if (request && request->hr_url) {
1562 1.1 tls escape_html(request);
1563 1.1 tls size = snprintf(buf, sizeof buf,
1564 1.1 tls "<html><head><title>%s</title></head>\n"
1565 1.1 tls "<body><h1>%s</h1>\n"
1566 1.1 tls "%s: <pre>%s</pre>\n"
1567 1.1 tls "<hr><address><a href=\"http://%s%s/\">%s%s</a></address>\n"
1568 1.1 tls "</body></html>\n",
1569 1.1 tls header, header, request->hr_url, reason,
1570 1.1 tls myname, portbuf, myname, portbuf);
1571 1.1 tls if (size >= sizeof buf)
1572 1.1 tls warning("http_error buffer too small, truncated");
1573 1.1 tls } else
1574 1.1 tls size = 0;
1575 1.1 tls
1576 1.1 tls bozoprintf("%s %s\r\n", proto, header);
1577 1.1 tls auth_check_401(request, code);
1578 1.1 tls
1579 1.1 tls bozoprintf("Content-Type: text/html\r\n");
1580 1.1 tls bozoprintf("Content-Length: %d\r\n", size);
1581 1.1 tls bozoprintf("Server: %s\r\n", server_software);
1582 1.1 tls if (request && request->hr_allow)
1583 1.1 tls bozoprintf("Allow: %s\r\n", request->hr_allow);
1584 1.1 tls bozoprintf("\r\n");
1585 1.1 tls if (size)
1586 1.1 tls bozoprintf("%s", buf);
1587 1.1 tls bozoflush(stdout);
1588 1.1 tls
1589 1.1 tls exit(1);
1590 1.1 tls }
1591 1.1 tls
1592 1.1 tls /* short map between error code, and short/long messages */
1593 1.1 tls static struct errors_map {
1594 1.1 tls int code; /* HTTP return code */
1595 1.1 tls const char *shortmsg; /* short version of message */
1596 1.1 tls const char *longmsg; /* long version of message */
1597 1.1 tls } errors_map[] = {
1598 1.1 tls { 400, "400 Bad Request", "The request was not valid", },
1599 1.1 tls { 401, "401 Unauthorized", "No authorization", },
1600 1.1 tls { 403, "403 Forbidden", "Access to this item has been denied", },
1601 1.1 tls { 404, "404 Not Found", "This item has not been found", },
1602 1.1 tls { 408, "408 Request Timeout", "This request took too long", },
1603 1.1 tls { 417, "417 Expectation Failed","Expectations not available", },
1604 1.1 tls { 500, "500 Internal Error", "An error occured on the server", },
1605 1.1 tls { 501, "501 Not Implemented", "This request is not available", },
1606 1.1 tls { 0, NULL, NULL, },
1607 1.1 tls };
1608 1.1 tls
1609 1.1 tls static const char *help = "DANGER! WILL ROBINSON! DANGER!";
1610 1.1 tls
1611 1.1 tls static const char *
1612 1.1 tls http_errors_short(int code)
1613 1.1 tls {
1614 1.1 tls struct errors_map *ep;
1615 1.1 tls
1616 1.1 tls for (ep = errors_map; ep->code; ep++)
1617 1.1 tls if (ep->code == code)
1618 1.1 tls return (ep->shortmsg);
1619 1.1 tls return (help);
1620 1.1 tls }
1621 1.1 tls
1622 1.1 tls static const char *
1623 1.1 tls http_errors_long(int code)
1624 1.1 tls {
1625 1.1 tls struct errors_map *ep;
1626 1.1 tls
1627 1.1 tls for (ep = errors_map; ep->code; ep++)
1628 1.1 tls if (ep->code == code)
1629 1.1 tls return (ep->longmsg);
1630 1.1 tls return (help);
1631 1.1 tls }
1632 1.1 tls
1633 1.1 tls /* Below are various modified libc functions */
1634 1.1 tls
1635 1.1 tls /*
1636 1.1 tls * returns -1 in lenp if the string ran out before finding a delimiter,
1637 1.1 tls * but is otherwise the same as strsep. Note that the length must be
1638 1.1 tls * correctly passed in.
1639 1.1 tls */
1640 1.1 tls char *
1641 1.1 tls strnsep(char **strp, const char *delim, ssize_t *lenp)
1642 1.1 tls {
1643 1.1 tls char *s;
1644 1.1 tls const char *spanp;
1645 1.1 tls int c, sc;
1646 1.1 tls char *tok;
1647 1.1 tls
1648 1.1 tls if ((s = *strp) == NULL)
1649 1.1 tls return (NULL);
1650 1.1 tls for (tok = s;;) {
1651 1.1 tls if (lenp && --(*lenp) == -1)
1652 1.1 tls return (NULL);
1653 1.1 tls c = *s++;
1654 1.1 tls spanp = delim;
1655 1.1 tls do {
1656 1.1 tls if ((sc = *spanp++) == c) {
1657 1.1 tls if (c == 0)
1658 1.1 tls s = NULL;
1659 1.1 tls else
1660 1.1 tls s[-1] = '\0';
1661 1.1 tls *strp = s;
1662 1.1 tls return (tok);
1663 1.1 tls }
1664 1.1 tls } while (sc != 0);
1665 1.1 tls }
1666 1.1 tls /* NOTREACHED */
1667 1.1 tls }
1668 1.1 tls
1669 1.1 tls /*
1670 1.1 tls * inspired by fgetln(3), but works for fd's. should work identically
1671 1.1 tls * except it, however, does *not* return the newline, and it does nul
1672 1.1 tls * terminate the string.
1673 1.1 tls */
1674 1.1 tls char *
1675 1.1 tls dgetln(int fd, ssize_t *lenp, ssize_t (*readfn)(int, void *, size_t))
1676 1.1 tls {
1677 1.1 tls static char *buffer;
1678 1.1 tls static ssize_t buflen = 0;
1679 1.1 tls ssize_t len;
1680 1.1 tls int got_cr = 0;
1681 1.1 tls char c, *nbuffer;
1682 1.1 tls
1683 1.1 tls /* initialise */
1684 1.1 tls if (buflen == 0) {
1685 1.1 tls buflen = 128; /* should be plenty for most requests */
1686 1.1 tls buffer = malloc(buflen);
1687 1.1 tls if (buffer == NULL) {
1688 1.1 tls buflen = 0;
1689 1.1 tls return NULL;
1690 1.1 tls }
1691 1.1 tls }
1692 1.1 tls len = 0;
1693 1.1 tls
1694 1.1 tls /*
1695 1.1 tls * we *have* to read one byte at a time, to not break cgi
1696 1.1 tls * programs (for we pass stdin off to them). could fix this
1697 1.1 tls * by becoming a fd-passing program instead of just exec'ing
1698 1.1 tls * the program
1699 1.1 tls */
1700 1.1 tls for (; readfn(fd, &c, 1) == 1; ) {
1701 1.1 tls debug((DEBUG_EXPLODING, "dgetln read %c", c));
1702 1.1 tls
1703 1.1 tls if (len >= buflen - 1) {
1704 1.1 tls buflen *= 2;
1705 1.1 tls debug((DEBUG_EXPLODING,
1706 1.1 tls "dgetln: reallocating buffer to buflen %d", buflen));
1707 1.1 tls nbuffer = realloc(buffer, buflen);
1708 1.1 tls if (nbuffer == NULL) {
1709 1.1 tls free(buffer);
1710 1.1 tls buflen = 0;
1711 1.1 tls buffer = NULL;
1712 1.1 tls return NULL;
1713 1.1 tls }
1714 1.1 tls buffer = nbuffer;
1715 1.1 tls }
1716 1.1 tls
1717 1.1 tls buffer[len++] = c;
1718 1.1 tls if (c == '\r') {
1719 1.1 tls got_cr = 1;
1720 1.1 tls continue;
1721 1.1 tls } else if (c == '\n') {
1722 1.1 tls /*
1723 1.1 tls * HTTP/1.1 spec says to ignore CR and treat
1724 1.1 tls * LF as the real line terminator. even though
1725 1.1 tls * the same spec defines CRLF as the line
1726 1.1 tls * terminator, it is recommended in section 19.3
1727 1.1 tls * to do the LF trick for tolerance.
1728 1.1 tls */
1729 1.1 tls if (got_cr)
1730 1.1 tls len -= 2;
1731 1.1 tls else
1732 1.1 tls len -= 1;
1733 1.1 tls break;
1734 1.1 tls }
1735 1.1 tls
1736 1.1 tls }
1737 1.1 tls buffer[len] = '\0';
1738 1.1 tls debug((DEBUG_OBESE, "dgetln returns: ``%s'' with len %d", buffer, len));
1739 1.1 tls *lenp = len;
1740 1.1 tls return (buffer);
1741 1.1 tls }
1742 1.1 tls
1743 1.1 tls void *
1744 1.1 tls bozorealloc(void *ptr, size_t size)
1745 1.1 tls {
1746 1.1 tls void *p;
1747 1.1 tls
1748 1.1 tls p = realloc(ptr, size);
1749 1.1 tls if (p == NULL)
1750 1.1 tls http_error(500, NULL, "memory allocation failure");
1751 1.1 tls return (p);
1752 1.1 tls }
1753 1.1 tls
1754 1.1 tls void *
1755 1.1 tls bozomalloc(size_t size)
1756 1.1 tls {
1757 1.1 tls void *p;
1758 1.1 tls
1759 1.1 tls p = malloc(size);
1760 1.1 tls if (p == NULL)
1761 1.1 tls http_error(500, NULL, "memory allocation failure");
1762 1.1 tls return (p);
1763 1.1 tls }
1764 1.1 tls
1765 1.1 tls char *
1766 1.1 tls bozostrdup(const char *str)
1767 1.1 tls {
1768 1.1 tls char *p;
1769 1.1 tls
1770 1.1 tls p = strdup(str);
1771 1.1 tls if (p == NULL)
1772 1.1 tls http_error(500, NULL, "memory allocation failure");
1773 1.1 tls return (p);
1774 1.1 tls }
1775