bozohttpd.c revision 1.102
1 /* $NetBSD: bozohttpd.c,v 1.102 2018/12/15 01:02:34 maya Exp $ */ 2 3 /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ 4 5 /* 6 * Copyright (c) 1997-2018 Matthew R. Green 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer and 16 * dedication in the documentation and/or other materials provided 17 * with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 */ 32 33 /* this program is dedicated to the Great God of Processed Cheese */ 34 35 /* 36 * bozohttpd.c: minimal httpd; provides only these features: 37 * - HTTP/0.9 (by virtue of ..) 38 * - HTTP/1.0 39 * - HTTP/1.1 40 * - CGI/1.1 this will only be provided for "system" scripts 41 * - automatic "missing trailing slash" redirections 42 * - configurable translation of /~user/ to ~user/public_html, 43 * however, this does not include cgi-bin support 44 * - access lists via libwrap via inetd/tcpd 45 * - virtual hosting 46 * - not that we do not even pretend to understand MIME, but 47 * rely only on the HTTP specification 48 * - ipv6 support 49 * - automatic `index.html' generation 50 * - configurable server name 51 * - directory index generation 52 * - daemon mode (lacks libwrap support) 53 * - .htpasswd support 54 */ 55 56 /* 57 * requirements for minimal http/1.1 (at least, as documented in 58 * RFC 2616 (HTTP/1.1): 59 * 60 * - 14.11: content-encoding handling. [1] 61 * 62 * - 14.13: content-length handling. this is only a SHOULD header 63 * thus we could just not send it ever. [1] 64 * 65 * - 14.17: content-type handling. [1] 66 * 67 * - 14.28: if-unmodified-since handling. if-modified-since is 68 * done since, shouldn't be too hard for this one. 69 * 70 * [1] need to revisit to ensure proper behaviour 71 * 72 * and the following is a list of features that we do not need 73 * to have due to other limits, or are too lazy. there are more 74 * of these than are listed, but these are of particular note, 75 * and could perhaps be implemented. 76 * 77 * - 3.5/3.6: content/transfer codings. probably can ignore 78 * this? we "SHOULD"n't. but 4.4 says we should ignore a 79 * `content-length' header upon reciept of a `transfer-encoding' 80 * header. 81 * 82 * - 5.1.1: request methods. only MUST support GET and HEAD, 83 * but there are new ones besides POST that are currently 84 * supported: OPTIONS PUT DELETE TRACE and CONNECT, plus 85 * extensions not yet known? 86 * 87 * - 10.1: we can ignore informational status codes 88 * 89 * - 10.3.3/10.3.4/10.3.8: just use '302' codes always. 90 * 91 * - 14.1/14.2/14.3/14.27: we do not support Accept: headers. 92 * just ignore them and send the request anyway. they are 93 * only SHOULD. 94 * 95 * - 14.5/14.16/14.35: only support simple ranges: %d- and %d-%d 96 * would be nice to support more. 97 * 98 * - 14.9: we aren't a cache. 99 * 100 * - 14.15: content-md5 would be nice. 101 * 102 * - 14.24/14.26/14.27: if-match, if-none-match, if-range. be 103 * nice to support this. 104 * 105 * - 14.44: Vary: seems unneeded. ignore it for now. 106 */ 107 108 #ifndef INDEX_HTML 109 #define INDEX_HTML "index.html" 110 #endif 111 #ifndef SERVER_SOFTWARE 112 #define SERVER_SOFTWARE "bozohttpd/20181125" 113 #endif 114 #ifndef PUBLIC_HTML 115 #define PUBLIC_HTML "public_html" 116 #endif 117 118 #ifndef USE_ARG 119 #define USE_ARG(x) /*LINTED*/(void)&(x) 120 #endif 121 122 /* 123 * And so it begins .. 124 */ 125 126 #include <sys/param.h> 127 #include <sys/socket.h> 128 #include <sys/time.h> 129 #include <sys/mman.h> 130 131 #include <arpa/inet.h> 132 133 #include <ctype.h> 134 #include <dirent.h> 135 #include <errno.h> 136 #include <fcntl.h> 137 #include <netdb.h> 138 #include <pwd.h> 139 #include <grp.h> 140 #include <signal.h> 141 #include <stdarg.h> 142 #include <stdlib.h> 143 #include <stdbool.h> 144 #include <string.h> 145 #include <syslog.h> 146 #include <time.h> 147 #include <unistd.h> 148 149 #include "bozohttpd.h" 150 151 #ifndef INITIAL_TIMEOUT 152 #define INITIAL_TIMEOUT "30" /* wait for 30 seconds initially */ 153 #endif 154 #ifndef HEADER_WAIT_TIME 155 #define HEADER_WAIT_TIME "10" /* need more headers every 10 seconds */ 156 #endif 157 #ifndef TOTAL_MAX_REQ_TIME 158 #define TOTAL_MAX_REQ_TIME "600" /* must have total request in 600 */ 159 #endif /* seconds */ 160 161 /* if monotonic time is not available try real time. */ 162 #ifndef CLOCK_MONOTONIC 163 #define CLOCK_MONOTONIC CLOCK_REALTIME 164 #endif 165 166 /* variables and functions */ 167 #ifndef LOG_FTP 168 #define LOG_FTP LOG_DAEMON 169 #endif 170 171 /* 172 * List of special file that we should never serve. 173 */ 174 struct { 175 const char *file; 176 const char *name; 177 } specials[] = { 178 { DIRECT_ACCESS_FILE, "rejected direct access request" }, 179 { REDIRECT_FILE, "rejected redirect request" }, 180 { ABSREDIRECT_FILE, "rejected absredirect request" }, 181 { REMAP_FILE, "rejected remap request" }, 182 { AUTH_FILE, "rejected authfile request" }, 183 { NULL, NULL }, 184 }; 185 186 volatile sig_atomic_t timeout_hit; 187 188 /* 189 * check there's enough space in the prefs and names arrays. 190 */ 191 static int 192 size_arrays(bozoprefs_t *bozoprefs, size_t needed) 193 { 194 char **temp; 195 196 if (bozoprefs->size == 0) { 197 /* only get here first time around */ 198 bozoprefs->name = calloc(sizeof(char *), needed); 199 if (bozoprefs->name == NULL) 200 return 0; 201 bozoprefs->value = calloc(sizeof(char *), needed); 202 if (bozoprefs->value == NULL) { 203 free(bozoprefs->name); 204 return 0; 205 } 206 bozoprefs->size = needed; 207 } else if (bozoprefs->count == bozoprefs->size) { 208 /* only uses 'needed' when filled array */ 209 temp = realloc(bozoprefs->name, sizeof(char *) * needed); 210 if (temp == NULL) 211 return 0; 212 bozoprefs->name = temp; 213 temp = realloc(bozoprefs->value, sizeof(char *) * needed); 214 if (temp == NULL) 215 return 0; 216 bozoprefs->value = temp; 217 bozoprefs->size += needed; 218 } 219 return 1; 220 } 221 222 static ssize_t 223 findvar(bozoprefs_t *bozoprefs, const char *name) 224 { 225 size_t i; 226 227 for (i = 0; i < bozoprefs->count; i++) 228 if (strcmp(bozoprefs->name[i], name) == 0) 229 return (ssize_t)i; 230 return -1; 231 } 232 233 int 234 bozo_set_pref(bozohttpd_t *httpd, bozoprefs_t *bozoprefs, 235 const char *name, const char *value) 236 { 237 ssize_t i; 238 239 if ((i = findvar(bozoprefs, name)) < 0) { 240 /* add the element to the array */ 241 if (!size_arrays(bozoprefs, bozoprefs->size + 15)) 242 return 0; 243 i = bozoprefs->count++; 244 bozoprefs->name[i] = bozostrdup(httpd, NULL, name); 245 } else { 246 /* replace the element in the array */ 247 if (bozoprefs->value[i]) { 248 free(bozoprefs->value[i]); 249 bozoprefs->value[i] = NULL; 250 } 251 } 252 bozoprefs->value[i] = bozostrdup(httpd, NULL, value); 253 return 1; 254 } 255 256 /* 257 * get a variable's value, or NULL 258 */ 259 char * 260 bozo_get_pref(bozoprefs_t *bozoprefs, const char *name) 261 { 262 ssize_t i; 263 264 i = findvar(bozoprefs, name); 265 return i < 0 ? NULL : bozoprefs->value[i]; 266 } 267 268 char * 269 bozo_http_date(char *date, size_t datelen) 270 { 271 struct tm *tm; 272 time_t now; 273 274 /* Sun, 06 Nov 1994 08:49:37 GMT */ 275 now = time(NULL); 276 tm = gmtime(&now); /* HTTP/1.1 spec rev 06 sez GMT only */ 277 strftime(date, datelen, "%a, %d %b %Y %H:%M:%S GMT", tm); 278 return date; 279 } 280 281 /* 282 * convert "in" into the three parts of a request (first line). 283 * we allocate into file and query, but return pointers into 284 * "in" for proto and method. 285 */ 286 static void 287 parse_request(bozohttpd_t *httpd, char *in, char **method, char **file, 288 char **query, char **proto) 289 { 290 ssize_t len; 291 char *val; 292 293 USE_ARG(httpd); 294 debug((httpd, DEBUG_EXPLODING, "parse in: %s", in)); 295 *method = *file = *query = *proto = NULL; 296 297 len = (ssize_t)strlen(in); 298 val = bozostrnsep(&in, " \t\n\r", &len); 299 if (len < 1 || val == NULL) 300 return; 301 *method = val; 302 303 while (*in == ' ' || *in == '\t') 304 in++; 305 val = bozostrnsep(&in, " \t\n\r", &len); 306 if (len < 1) { 307 if (len == 0) 308 *file = val; 309 else 310 *file = in; 311 } else { 312 *file = val; 313 314 *query = strchr(*file, '?'); 315 if (*query) 316 *(*query)++ = '\0'; 317 318 if (in) { 319 while (*in && (*in == ' ' || *in == '\t')) 320 in++; 321 if (*in) 322 *proto = in; 323 } 324 } 325 326 /* allocate private copies */ 327 *file = bozostrdup(httpd, NULL, *file); 328 if (*query) 329 *query = bozostrdup(httpd, NULL, *query); 330 331 debug((httpd, DEBUG_FAT, 332 "url: method: \"%s\" file: \"%s\" query: \"%s\" proto: \"%s\"", 333 *method, *file, *query, *proto)); 334 } 335 336 /* 337 * cleanup a bozo_httpreq_t after use 338 */ 339 void 340 bozo_clean_request(bozo_httpreq_t *request) 341 { 342 struct bozoheaders *hdr, *ohdr = NULL; 343 344 if (request == NULL) 345 return; 346 347 /* If SSL enabled cleanup SSL structure. */ 348 bozo_ssl_destroy(request->hr_httpd); 349 350 /* clean up request */ 351 free(request->hr_remotehost); 352 free(request->hr_remoteaddr); 353 free(request->hr_serverport); 354 free(request->hr_virthostname); 355 free(request->hr_file); 356 free(request->hr_oldfile); 357 free(request->hr_query); 358 free(request->hr_host); 359 bozo_user_free(request->hr_user); 360 bozo_auth_cleanup(request); 361 for (hdr = SIMPLEQ_FIRST(&request->hr_headers); hdr; 362 hdr = SIMPLEQ_NEXT(hdr, h_next)) { 363 free(hdr->h_value); 364 free(hdr->h_header); 365 free(ohdr); 366 ohdr = hdr; 367 } 368 free(ohdr); 369 ohdr = NULL; 370 for (hdr = SIMPLEQ_FIRST(&request->hr_replheaders); hdr; 371 hdr = SIMPLEQ_NEXT(hdr, h_next)) { 372 free(hdr->h_value); 373 free(hdr->h_header); 374 free(ohdr); 375 ohdr = hdr; 376 } 377 free(ohdr); 378 379 free(request); 380 } 381 382 /* 383 * send a HTTP/1.1 408 response if we timeout. 384 */ 385 /* ARGSUSED */ 386 static void 387 alarmer(int sig) 388 { 389 timeout_hit = 1; 390 } 391 392 393 /* 394 * set a timeout for "initial", "header", or "request". 395 */ 396 int 397 bozo_set_timeout(bozohttpd_t *httpd, bozoprefs_t *prefs, 398 const char *target, const char *val) 399 { 400 const char *cur, *timeouts[] = { 401 "initial timeout", 402 "header timeout", 403 "request timeout", 404 NULL, 405 }; 406 /* adjust minlen if more timeouts appear with conflicting names */ 407 const size_t minlen = 1; 408 size_t len = strlen(target); 409 410 for (cur = timeouts[0]; len >= minlen && *cur; cur++) { 411 if (strncmp(target, cur, len) == 0) { 412 bozo_set_pref(httpd, prefs, cur, val); 413 return 0; 414 } 415 } 416 return 1; 417 } 418 419 /* 420 * a list of header quirks: currently, a list of headers that 421 * can't be folded into a single line. 422 */ 423 const char *header_quirks[] = { "WWW-Authenticate", NULL }; 424 425 /* 426 * add or merge this header (val: str) into the requests list 427 */ 428 static bozoheaders_t * 429 addmerge_header(bozo_httpreq_t *request, struct qheaders *headers, 430 const char *val, const char *str, ssize_t len) 431 { 432 struct bozohttpd_t *httpd = request->hr_httpd; 433 struct bozoheaders *hdr = NULL; 434 const char **quirk; 435 436 USE_ARG(len); 437 for (quirk = header_quirks; *quirk; quirk++) 438 if (strcasecmp(*quirk, val) == 0) 439 break; 440 441 if (*quirk == NULL) { 442 /* do we exist already? */ 443 SIMPLEQ_FOREACH(hdr, headers, h_next) { 444 if (strcasecmp(val, hdr->h_header) == 0) 445 break; 446 } 447 } 448 449 if (hdr) { 450 /* yup, merge it in */ 451 char *nval; 452 453 bozoasprintf(httpd, &nval, "%s, %s", hdr->h_value, str); 454 free(hdr->h_value); 455 hdr->h_value = nval; 456 } else { 457 /* nope, create a new one */ 458 459 hdr = bozomalloc(httpd, sizeof *hdr); 460 hdr->h_header = bozostrdup(httpd, request, val); 461 if (str && *str) 462 hdr->h_value = bozostrdup(httpd, request, str); 463 else 464 hdr->h_value = bozostrdup(httpd, request, " "); 465 466 SIMPLEQ_INSERT_TAIL(headers, hdr, h_next); 467 request->hr_nheaders++; 468 } 469 470 return hdr; 471 } 472 473 bozoheaders_t * 474 addmerge_reqheader(bozo_httpreq_t *request, const char *val, const char *str, 475 ssize_t len) 476 { 477 478 return addmerge_header(request, &request->hr_headers, val, str, len); 479 } 480 481 bozoheaders_t * 482 addmerge_replheader(bozo_httpreq_t *request, const char *val, const char *str, 483 ssize_t len) 484 { 485 486 return addmerge_header(request, &request->hr_replheaders, 487 val, str, len); 488 } 489 490 /* 491 * as the prototype string is not constant (eg, "HTTP/1.1" is equivalent 492 * to "HTTP/001.01"), we MUST parse this. 493 */ 494 static int 495 process_proto(bozo_httpreq_t *request, const char *proto) 496 { 497 struct bozohttpd_t *httpd = request->hr_httpd; 498 char majorstr[16], *minorstr; 499 int majorint, minorint; 500 501 if (proto == NULL) { 502 got_proto_09: 503 request->hr_proto = httpd->consts.http_09; 504 debug((httpd, DEBUG_FAT, "request %s is http/0.9", 505 request->hr_file)); 506 return 0; 507 } 508 509 if (strncasecmp(proto, "HTTP/", 5) != 0) 510 goto bad; 511 strncpy(majorstr, proto + 5, sizeof majorstr); 512 majorstr[sizeof(majorstr)-1] = 0; 513 minorstr = strchr(majorstr, '.'); 514 if (minorstr == NULL) 515 goto bad; 516 *minorstr++ = 0; 517 518 majorint = atoi(majorstr); 519 minorint = atoi(minorstr); 520 521 switch (majorint) { 522 case 0: 523 if (minorint != 9) 524 break; 525 goto got_proto_09; 526 case 1: 527 if (minorint == 0) 528 request->hr_proto = httpd->consts.http_10; 529 else if (minorint == 1) 530 request->hr_proto = httpd->consts.http_11; 531 else 532 break; 533 534 debug((httpd, DEBUG_FAT, "request %s is %s", 535 request->hr_file, request->hr_proto)); 536 SIMPLEQ_INIT(&request->hr_headers); 537 request->hr_nheaders = 0; 538 return 0; 539 } 540 bad: 541 return bozo_http_error(httpd, 404, NULL, "unknown prototype"); 542 } 543 544 /* 545 * process each type of HTTP method, setting this HTTP requests 546 * method type. 547 */ 548 static struct method_map { 549 const char *name; 550 int type; 551 } method_map[] = { 552 { "GET", HTTP_GET, }, 553 { "POST", HTTP_POST, }, 554 { "HEAD", HTTP_HEAD, }, 555 #if 0 /* other non-required http/1.1 methods */ 556 { "OPTIONS", HTTP_OPTIONS, }, 557 { "PUT", HTTP_PUT, }, 558 { "DELETE", HTTP_DELETE, }, 559 { "TRACE", HTTP_TRACE, }, 560 { "CONNECT", HTTP_CONNECT, }, 561 #endif 562 { NULL, 0, }, 563 }; 564 565 static int 566 process_method(bozo_httpreq_t *request, const char *method) 567 { 568 struct bozohttpd_t *httpd = request->hr_httpd; 569 struct method_map *mmp; 570 571 if (request->hr_proto == httpd->consts.http_11) 572 request->hr_allow = "GET, HEAD, POST"; 573 574 for (mmp = method_map; mmp->name; mmp++) 575 if (strcasecmp(method, mmp->name) == 0) { 576 request->hr_method = mmp->type; 577 request->hr_methodstr = mmp->name; 578 return 0; 579 } 580 581 return bozo_http_error(httpd, 404, request, "unknown method"); 582 } 583 584 /* check header byte count */ 585 static int 586 bozo_got_header_length(bozo_httpreq_t *request, size_t len) 587 { 588 589 if (len > BOZO_HEADERS_MAX_SIZE - request->hr_header_bytes) 590 return bozo_http_error(request->hr_httpd, 413, request, 591 "too many headers"); 592 593 request->hr_header_bytes += len; 594 595 return 0; 596 } 597 598 /* 599 * This function reads a http request from stdin, returning a pointer to a 600 * bozo_httpreq_t structure, describing the request. 601 */ 602 bozo_httpreq_t * 603 bozo_read_request(bozohttpd_t *httpd) 604 { 605 struct sigaction sa; 606 char *str, *val, *method, *file, *proto, *query; 607 char *host, *addr, *port; 608 char bufport[10]; 609 char hbuf[NI_MAXHOST], abuf[NI_MAXHOST]; 610 struct sockaddr_storage ss; 611 ssize_t len; 612 int line = 0; 613 socklen_t slen; 614 bozo_httpreq_t *request; 615 struct timespec ots, ts; 616 617 /* 618 * if we're in daemon mode, bozo_daemon_fork() will return here twice 619 * for each call. once in the child, returning 0, and once in the 620 * parent, returning 1. for each child, then we can setup SSL, and 621 * the parent can signal the caller there was no request to process 622 * and it will wait for another. 623 */ 624 if (bozo_daemon_fork(httpd)) 625 return NULL; 626 if (bozo_ssl_accept(httpd)) 627 return NULL; 628 629 request = bozomalloc(httpd, sizeof(*request)); 630 memset(request, 0, sizeof(*request)); 631 request->hr_httpd = httpd; 632 request->hr_allow = request->hr_host = NULL; 633 request->hr_content_type = request->hr_content_length = NULL; 634 request->hr_range = NULL; 635 request->hr_last_byte_pos = -1; 636 request->hr_if_modified_since = NULL; 637 request->hr_virthostname = NULL; 638 request->hr_file = NULL; 639 request->hr_oldfile = NULL; 640 SIMPLEQ_INIT(&request->hr_replheaders); 641 bozo_auth_init(request); 642 643 slen = sizeof(ss); 644 if (getpeername(0, (struct sockaddr *)(void *)&ss, &slen) < 0) 645 host = addr = NULL; 646 else { 647 if (getnameinfo((struct sockaddr *)(void *)&ss, slen, 648 abuf, sizeof abuf, NULL, 0, NI_NUMERICHOST) == 0) 649 addr = abuf; 650 else 651 addr = NULL; 652 if (httpd->numeric == 0 && 653 getnameinfo((struct sockaddr *)(void *)&ss, slen, 654 hbuf, sizeof hbuf, NULL, 0, 0) == 0) 655 host = hbuf; 656 else 657 host = NULL; 658 } 659 if (host != NULL) 660 request->hr_remotehost = bozostrdup(httpd, request, host); 661 if (addr != NULL) 662 request->hr_remoteaddr = bozostrdup(httpd, request, addr); 663 slen = sizeof(ss); 664 665 /* 666 * Override the bound port from the request value, so it works even 667 * if passed through a proxy that doesn't rewrite the port. 668 */ 669 if (httpd->bindport) { 670 if (strcmp(httpd->bindport, "80") != 0) 671 port = httpd->bindport; 672 else 673 port = NULL; 674 } else { 675 if (getsockname(0, (struct sockaddr *)(void *)&ss, &slen) < 0) 676 port = NULL; 677 else { 678 if (getnameinfo((struct sockaddr *)(void *)&ss, slen, 679 NULL, 0, bufport, sizeof bufport, 680 NI_NUMERICSERV) == 0) 681 port = bufport; 682 else 683 port = NULL; 684 } 685 } 686 if (port != NULL) 687 request->hr_serverport = bozostrdup(httpd, request, port); 688 689 /* 690 * setup a timer to make sure the request is not hung 691 */ 692 sa.sa_handler = alarmer; 693 sigemptyset(&sa.sa_mask); 694 sigaddset(&sa.sa_mask, SIGALRM); 695 sa.sa_flags = 0; 696 sigaction(SIGALRM, &sa, NULL); 697 698 if (clock_gettime(CLOCK_MONOTONIC, &ots) != 0) { 699 bozo_http_error(httpd, 500, NULL, "clock_gettime failed"); 700 goto cleanup; 701 } 702 703 alarm(httpd->initial_timeout); 704 while ((str = bozodgetln(httpd, STDIN_FILENO, &len, bozo_read)) != NULL) { 705 alarm(0); 706 707 if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) { 708 bozo_http_error(httpd, 500, NULL, "clock_gettime failed"); 709 goto cleanup; 710 } 711 /* 712 * don't timeout if old tv_sec is not more than current 713 * tv_sec, or if current tv_sec is less than the request 714 * timeout (these shouldn't happen, but the first could 715 * if monotonic time is not available.) 716 * 717 * the other timeout and header size checks should ensure 718 * that even if time it set backwards or forwards a very 719 * long way, timeout will eventually happen, even if this 720 * one fails. 721 */ 722 if (ts.tv_sec > ots.tv_sec && 723 ts.tv_sec > httpd->request_timeout && 724 ts.tv_sec - httpd->request_timeout > ots.tv_sec) 725 timeout_hit = 1; 726 727 if (timeout_hit) { 728 bozo_http_error(httpd, 408, NULL, "request timed out"); 729 goto cleanup; 730 } 731 line++; 732 733 if (line == 1) { 734 if (len < 1) { 735 bozo_http_error(httpd, 404, NULL, "null method"); 736 goto cleanup; 737 } 738 bozowarn(httpd, 739 "got request ``%s'' from host %s to port %s", 740 str, 741 host ? host : addr ? addr : "<local>", 742 port ? port : "<stdin>"); 743 744 /* we allocate return space in file and query only */ 745 parse_request(httpd, str, &method, &file, &query, &proto); 746 request->hr_file = file; 747 request->hr_query = query; 748 if (method == NULL) { 749 bozo_http_error(httpd, 404, NULL, "null method"); 750 goto cleanup; 751 } 752 if (file == NULL) { 753 bozo_http_error(httpd, 404, NULL, "null file"); 754 goto cleanup; 755 } 756 757 /* 758 * note that we parse the proto first, so that we 759 * can more properly parse the method and the url. 760 */ 761 762 if (process_proto(request, proto) || 763 process_method(request, method)) { 764 goto cleanup; 765 } 766 767 debug((httpd, DEBUG_FAT, "got file \"%s\" query \"%s\"", 768 request->hr_file, 769 request->hr_query ? request->hr_query : "<none>")); 770 771 /* http/0.9 has no header processing */ 772 if (request->hr_proto == httpd->consts.http_09) 773 break; 774 } else { /* incoming headers */ 775 bozoheaders_t *hdr; 776 777 if (*str == '\0') 778 break; 779 780 val = bozostrnsep(&str, ":", &len); 781 debug((httpd, DEBUG_EXPLODING, "read_req2: after " 782 "bozostrnsep: str `%s' val `%s'", str, val)); 783 if (val == NULL || len == -1) { 784 bozo_http_error(httpd, 404, request, "no header"); 785 goto cleanup; 786 } 787 while (*str == ' ' || *str == '\t') 788 len--, str++; 789 while (*val == ' ' || *val == '\t') 790 val++; 791 792 if (bozo_got_header_length(request, len)) 793 goto cleanup; 794 795 if (bozo_auth_check_headers(request, val, str, len)) 796 goto next_header; 797 798 hdr = addmerge_reqheader(request, val, str, len); 799 800 if (strcasecmp(hdr->h_header, "content-type") == 0) 801 request->hr_content_type = hdr->h_value; 802 else if (strcasecmp(hdr->h_header, "content-length") == 0) 803 request->hr_content_length = hdr->h_value; 804 else if (strcasecmp(hdr->h_header, "host") == 0) { 805 if (request->hr_host) { 806 /* RFC 7230 (HTTP/1.1): 5.4 */ 807 bozo_http_error(httpd, 400, request, 808 "Only allow one Host: header"); 809 goto cleanup; 810 } 811 request->hr_host = bozostrdup(httpd, request, 812 hdr->h_value); 813 } 814 /* RFC 2616 (HTTP/1.1): 14.20 */ 815 else if (strcasecmp(hdr->h_header, "expect") == 0) { 816 bozo_http_error(httpd, 417, request, 817 "we don't support Expect:"); 818 goto cleanup; 819 } 820 else if (strcasecmp(hdr->h_header, "referrer") == 0 || 821 strcasecmp(hdr->h_header, "referer") == 0) 822 request->hr_referrer = hdr->h_value; 823 else if (strcasecmp(hdr->h_header, "range") == 0) 824 request->hr_range = hdr->h_value; 825 else if (strcasecmp(hdr->h_header, 826 "if-modified-since") == 0) 827 request->hr_if_modified_since = hdr->h_value; 828 else if (strcasecmp(hdr->h_header, 829 "accept-encoding") == 0) 830 request->hr_accept_encoding = hdr->h_value; 831 832 debug((httpd, DEBUG_FAT, "adding header %s: %s", 833 hdr->h_header, hdr->h_value)); 834 } 835 next_header: 836 alarm(httpd->header_timeout); 837 } 838 839 /* now, clear it all out */ 840 alarm(0); 841 signal(SIGALRM, SIG_DFL); 842 843 /* RFC1945, 8.3 */ 844 if (request->hr_method == HTTP_POST && 845 request->hr_content_length == NULL) { 846 bozo_http_error(httpd, 400, request, "missing content length"); 847 goto cleanup; 848 } 849 850 /* RFC 2616 (HTTP/1.1), 14.23 & 19.6.1.1 */ 851 if (request->hr_proto == httpd->consts.http_11 && 852 /*(strncasecmp(request->hr_file, "http://", 7) != 0) &&*/ 853 request->hr_host == NULL) { 854 bozo_http_error(httpd, 400, request, "missing Host header"); 855 goto cleanup; 856 } 857 858 if (request->hr_range != NULL) { 859 debug((httpd, DEBUG_FAT, "hr_range: %s", request->hr_range)); 860 /* support only simple ranges %d- and %d-%d */ 861 if (strchr(request->hr_range, ',') == NULL) { 862 const char *rstart, *dash; 863 864 rstart = strchr(request->hr_range, '='); 865 if (rstart != NULL) { 866 rstart++; 867 dash = strchr(rstart, '-'); 868 if (dash != NULL && dash != rstart) { 869 dash++; 870 request->hr_have_range = 1; 871 request->hr_first_byte_pos = 872 strtoll(rstart, NULL, 10); 873 if (request->hr_first_byte_pos < 0) 874 request->hr_first_byte_pos = 0; 875 if (*dash != '\0') { 876 request->hr_last_byte_pos = 877 strtoll(dash, NULL, 10); 878 if (request->hr_last_byte_pos < 0) 879 request->hr_last_byte_pos = -1; 880 } 881 } 882 } 883 } 884 } 885 886 debug((httpd, DEBUG_FAT, "bozo_read_request returns url %s in request", 887 request->hr_file)); 888 return request; 889 890 cleanup: 891 bozo_clean_request(request); 892 893 return NULL; 894 } 895 896 static int 897 mmap_and_write_part(bozohttpd_t *httpd, int fd, off_t first_byte_pos, size_t sz) 898 { 899 size_t mappedsz, wroffset; 900 off_t mappedoffset; 901 char *addr; 902 void *mappedaddr; 903 904 /* 905 * we need to ensure that both the size *and* offset arguments to 906 * mmap() are page-aligned. our formala for this is: 907 * 908 * input offset: first_byte_pos 909 * input size: sz 910 * 911 * mapped offset = page align truncate (input offset) 912 * mapped size = 913 * page align extend (input offset - mapped offset + input size) 914 * write offset = input offset - mapped offset 915 * 916 * we use the write offset in all writes 917 */ 918 mappedoffset = first_byte_pos & ~(httpd->page_size - 1); 919 mappedsz = (size_t) 920 (first_byte_pos - mappedoffset + sz + httpd->page_size - 1) & 921 ~(httpd->page_size - 1); 922 wroffset = (size_t)(first_byte_pos - mappedoffset); 923 924 addr = mmap(0, mappedsz, PROT_READ, MAP_SHARED, fd, mappedoffset); 925 if (addr == (char *)-1) { 926 bozowarn(httpd, "mmap failed: %s", strerror(errno)); 927 return -1; 928 } 929 mappedaddr = addr; 930 931 #ifdef MADV_SEQUENTIAL 932 (void)madvise(addr, sz, MADV_SEQUENTIAL); 933 #endif 934 while (sz > BOZO_WRSZ) { 935 if (bozo_write(httpd, STDOUT_FILENO, addr + wroffset, 936 BOZO_WRSZ) != BOZO_WRSZ) { 937 bozowarn(httpd, "write failed: %s", strerror(errno)); 938 goto out; 939 } 940 debug((httpd, DEBUG_OBESE, "wrote %d bytes", BOZO_WRSZ)); 941 sz -= BOZO_WRSZ; 942 addr += BOZO_WRSZ; 943 } 944 if (sz && (size_t)bozo_write(httpd, STDOUT_FILENO, addr + wroffset, 945 sz) != sz) { 946 bozowarn(httpd, "final write failed: %s", strerror(errno)); 947 goto out; 948 } 949 debug((httpd, DEBUG_OBESE, "wrote %d bytes", (int)sz)); 950 out: 951 if (munmap(mappedaddr, mappedsz) < 0) { 952 bozowarn(httpd, "munmap failed"); 953 return -1; 954 } 955 956 return 0; 957 } 958 959 static int 960 parse_http_date(const char *val, time_t *timestamp) 961 { 962 char *remainder; 963 struct tm tm; 964 965 if ((remainder = strptime(val, "%a, %d %b %Y %T GMT", &tm)) == NULL && 966 (remainder = strptime(val, "%a, %d-%b-%y %T GMT", &tm)) == NULL && 967 (remainder = strptime(val, "%a %b %d %T %Y", &tm)) == NULL) 968 return 0; /* Invalid HTTP date format */ 969 970 if (*remainder) 971 return 0; /* No trailing garbage */ 972 973 *timestamp = timegm(&tm); 974 return 1; 975 } 976 977 /* 978 * given an url, encode it ala rfc 3986. ie, escape ? and friends. 979 * note that this function returns a static buffer, and thus needs 980 * to be updated for any sort of parallel processing. escape only 981 * chosen characters for absolute redirects 982 */ 983 char * 984 bozo_escape_rfc3986(bozohttpd_t *httpd, const char *url, int absolute) 985 { 986 static char *buf; 987 static size_t buflen = 0; 988 size_t len; 989 const char *s; 990 char *d; 991 992 len = strlen(url); 993 if (buflen < len * 3 + 1) { 994 buflen = len * 3 + 1; 995 buf = bozorealloc(httpd, buf, buflen); 996 } 997 998 for (len = 0, s = url, d = buf; *s;) { 999 if (*s & 0x80) 1000 goto encode_it; 1001 switch (*s) { 1002 case ':': 1003 case '?': 1004 case '#': 1005 case '[': 1006 case ']': 1007 case '@': 1008 case '!': 1009 case '$': 1010 case '&': 1011 case '\'': 1012 case '(': 1013 case ')': 1014 case '*': 1015 case '+': 1016 case ',': 1017 case ';': 1018 case '=': 1019 case '%': 1020 case '"': 1021 if (absolute) 1022 goto leave_it; 1023 /*FALLTHROUGH*/ 1024 case '\n': 1025 case '\r': 1026 case ' ': 1027 encode_it: 1028 snprintf(d, 4, "%%%02X", (unsigned char)*s++); 1029 d += 3; 1030 len += 3; 1031 break; 1032 default: 1033 leave_it: 1034 *d++ = *s++; 1035 len++; 1036 break; 1037 } 1038 } 1039 buf[len] = 0; 1040 1041 return buf; 1042 } 1043 1044 /* 1045 * do automatic redirection -- if there are query parameters or userdir for 1046 * the URL we will tack these on to the new (redirected) URL. 1047 */ 1048 static void 1049 handle_redirect(bozo_httpreq_t *request, const char *url, int absolute) 1050 { 1051 bozohttpd_t *httpd = request->hr_httpd; 1052 char *finalurl, *urlbuf; 1053 #ifndef NO_USER_SUPPORT 1054 char *userbuf; 1055 #endif /* !NO_USER_SUPPORT */ 1056 char portbuf[20]; 1057 const char *scheme, *query, *quest; 1058 const char *hostname = BOZOHOST(httpd, request); 1059 int absproto = 0; /* absolute redirect provides own schema */ 1060 1061 if (url == NULL) { 1062 bozoasprintf(httpd, &urlbuf, "/%s/", request->hr_file); 1063 url = urlbuf; 1064 } else 1065 urlbuf = NULL; 1066 1067 #ifndef NO_USER_SUPPORT 1068 if (request->hr_user && !absolute) { 1069 bozoasprintf(httpd, &userbuf, "/~%s%s", request->hr_user, url); 1070 url = userbuf; 1071 } else 1072 userbuf = NULL; 1073 #endif /* !NO_USER_SUPPORT */ 1074 1075 if (absolute) { 1076 char *sep = NULL; 1077 const char *s; 1078 1079 /* 1080 * absolute redirect may specify own protocol i.e. to redirect 1081 * to another schema like https:// or ftp://. 1082 * Details: RFC 3986, section 3. 1083 */ 1084 1085 /* 1. check if url contains :// */ 1086 sep = strstr(url, "://"); 1087 1088 /* 1089 * RFC 3986, section 3.1: 1090 * scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) 1091 */ 1092 if (sep) { 1093 for (s = url; s != sep;) { 1094 if (!isalnum((int)*s) && 1095 *s != '+' && *s != '-' && *s != '.') 1096 break; 1097 if (++s == sep) { 1098 absproto = 1; 1099 } 1100 } 1101 } 1102 } 1103 1104 /* construct final redirection url */ 1105 1106 scheme = absproto ? "" : httpd->sslinfo ? "https://" : "http://"; 1107 1108 if (absolute) { 1109 hostname = ""; 1110 portbuf[0] = '\0'; 1111 } else { 1112 const char *defport = httpd->sslinfo ? "443" : "80"; 1113 1114 if (request->hr_serverport && 1115 strcmp(request->hr_serverport, defport) != 0) 1116 snprintf(portbuf, sizeof(portbuf), ":%s", 1117 request->hr_serverport); 1118 else 1119 portbuf[0] = '\0'; 1120 } 1121 1122 url = bozo_escape_rfc3986(httpd, url, absolute); 1123 1124 if (request->hr_query && strlen(request->hr_query)) { 1125 query = request->hr_query; 1126 quest = "?"; 1127 } else { 1128 query = quest = ""; 1129 } 1130 1131 bozoasprintf(httpd, &finalurl, "%s%s%s%s%s%s", 1132 scheme, hostname, portbuf, url, quest, query); 1133 1134 bozowarn(httpd, "redirecting %s", finalurl); 1135 debug((httpd, DEBUG_FAT, "redirecting %s", finalurl)); 1136 1137 bozo_printf(httpd, "%s 301 Document Moved\r\n", request->hr_proto); 1138 if (request->hr_proto != httpd->consts.http_09) 1139 bozo_print_header(request, NULL, "text/html", NULL); 1140 if (request->hr_proto != httpd->consts.http_09) 1141 bozo_printf(httpd, "Location: %s\r\n", finalurl); 1142 bozo_printf(httpd, "\r\n"); 1143 if (request->hr_method == HTTP_HEAD) 1144 goto head; 1145 bozo_printf(httpd, "<html><head><title>Document Moved</title></head>\n"); 1146 bozo_printf(httpd, "<body><h1>Document Moved</h1>\n"); 1147 bozo_printf(httpd, "This document had moved <a href=\"%s\">here</a>\n", 1148 finalurl); 1149 bozo_printf(httpd, "</body></html>\n"); 1150 head: 1151 bozo_flush(httpd, stdout); 1152 free(urlbuf); 1153 free(finalurl); 1154 #ifndef NO_USER_SUPPORT 1155 free(userbuf); 1156 #endif /* !NO_USER_SUPPORT */ 1157 } 1158 1159 /* 1160 * Like strncmp(), but s_esc may contain characters escaped by \. 1161 * The len argument does not include the backslashes used for escaping, 1162 * that is: it gives the raw len, after unescaping the string. 1163 */ 1164 static int 1165 esccmp(const char *s_plain, const char *s_esc, size_t len) 1166 { 1167 bool esc = false; 1168 1169 while (len) { 1170 if (!esc && *s_esc == '\\') { 1171 esc = true; 1172 s_esc++; 1173 continue; 1174 } 1175 esc = false; 1176 if (*s_plain == 0 || *s_esc == 0 || *s_plain != *s_esc) 1177 return *s_esc - *s_plain; 1178 s_esc++; 1179 s_plain++; 1180 len--; 1181 } 1182 return 0; 1183 } 1184 1185 /* 1186 * Check if the request refers to a uri that is mapped via a .bzremap. 1187 * We have /requested/path:/re/mapped/to/this.html lines in there, 1188 * and the : separator may be use in the left hand side escaped with 1189 * \ to encode a path containig a : character. 1190 */ 1191 static void 1192 check_remap(bozo_httpreq_t *request) 1193 { 1194 bozohttpd_t *httpd = request->hr_httpd; 1195 char *file = request->hr_file, *newfile; 1196 void *fmap; 1197 const char *replace, *map_to, *p; 1198 struct stat st; 1199 int mapfile; 1200 size_t avail, len, rlen, reqlen, num_esc = 0; 1201 bool escaped = false; 1202 1203 mapfile = open(REMAP_FILE, O_RDONLY, 0); 1204 if (mapfile == -1) 1205 return; 1206 debug((httpd, DEBUG_FAT, "remap file found")); 1207 if (fstat(mapfile, &st) == -1) { 1208 bozowarn(httpd, "could not stat " REMAP_FILE ", errno: %d", 1209 errno); 1210 goto out; 1211 } 1212 1213 fmap = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, mapfile, 0); 1214 if (fmap == NULL) { 1215 bozowarn(httpd, "could not mmap " REMAP_FILE ", error %d", 1216 errno); 1217 goto out; 1218 } 1219 reqlen = strlen(file); 1220 for (p = fmap, avail = st.st_size; avail; ) { 1221 /* 1222 * We have lines like: 1223 * /this/url:/replacement/that/url 1224 * If we find a matching left hand side, replace will point 1225 * to it and len will be its length. map_to will point to 1226 * the right hand side and rlen wil be its length. 1227 * If we have no match, both pointers will be NULL. 1228 */ 1229 1230 /* skip empty lines */ 1231 while ((*p == '\r' || *p == '\n') && avail) { 1232 p++; 1233 avail--; 1234 } 1235 replace = p; 1236 escaped = false; 1237 while (avail) { 1238 if (*p == '\r' || *p == '\n') 1239 break; 1240 if (!escaped && *p == ':') 1241 break; 1242 if (escaped) { 1243 escaped = false; 1244 num_esc++; 1245 } else if (*p == '\\') { 1246 escaped = true; 1247 } 1248 p++; 1249 avail--; 1250 } 1251 if (!avail || *p != ':') { 1252 replace = NULL; 1253 map_to = NULL; 1254 break; 1255 } 1256 len = p - replace - num_esc; 1257 /* 1258 * reqlen < len: the left hand side is too long, can't be a 1259 * match 1260 * reqlen == len: full string has to match 1261 * reqlen > len: make sure there is a path separator at 'len' 1262 * avail < 2: we are at eof, missing right hand side 1263 */ 1264 if (avail < 2 || reqlen < len || 1265 (reqlen == len && esccmp(file, replace, len) != 0) || 1266 (reqlen > len && (file[len] != '/' || 1267 esccmp(file, replace, len) != 0))) { 1268 1269 /* non-match, skip to end of line and continue */ 1270 while (*p != '\r' && *p != '\n' && avail) { 1271 p++; 1272 avail--; 1273 } 1274 replace = NULL; 1275 map_to = NULL; 1276 continue; 1277 } 1278 p++; 1279 avail--; 1280 1281 /* found a match, parse the target */ 1282 map_to = p; 1283 while (*p != '\r' && *p != '\n' && avail) { 1284 p++; 1285 avail--; 1286 } 1287 rlen = p - map_to; 1288 break; 1289 } 1290 1291 if (replace && map_to) { 1292 newfile = bozomalloc(httpd, strlen(file) + rlen - len + 1); 1293 memcpy(newfile, map_to, rlen); 1294 strcpy(newfile+rlen, file + len); 1295 debug((httpd, DEBUG_NORMAL, "remapping found '%s'", 1296 newfile)); 1297 free(request->hr_file); 1298 request->hr_file = newfile; 1299 } 1300 1301 munmap(fmap, st.st_size); 1302 out: 1303 close(mapfile); 1304 } 1305 1306 /* 1307 * deal with virtual host names; we do this: 1308 * if we have a virtual path root (httpd->virtbase), and we are given a 1309 * virtual host spec (Host: ho.st or http://ho.st/), see if this 1310 * directory exists under httpd->virtbase. if it does, use this as the 1311 # new slashdir. 1312 */ 1313 static int 1314 check_virtual(bozo_httpreq_t *request) 1315 { 1316 bozohttpd_t *httpd = request->hr_httpd; 1317 char *file = request->hr_file, *s; 1318 size_t len; 1319 1320 /* 1321 * convert http://virtual.host/ to request->hr_host 1322 */ 1323 debug((httpd, DEBUG_OBESE, 1324 "checking for http:// virtual host in '%s'", file)); 1325 if (strncasecmp(file, "http://", 7) == 0) { 1326 /* we would do virtual hosting here? */ 1327 file += 7; 1328 /* RFC 2616 (HTTP/1.1), 5.2: URI takes precedence over Host: */ 1329 free(request->hr_host); 1330 request->hr_host = bozostrdup(httpd, request, file); 1331 if ((s = strchr(request->hr_host, '/')) != NULL) 1332 *s = '\0'; 1333 s = strchr(file, '/'); 1334 free(request->hr_file); 1335 request->hr_file = bozostrdup(httpd, request, s ? s : "/"); 1336 debug((httpd, DEBUG_OBESE, "got host '%s' file is now '%s'", 1337 request->hr_host, request->hr_file)); 1338 } else if (!request->hr_host) 1339 goto use_slashdir; 1340 1341 /* 1342 * canonicalise hr_host - that is, remove any :80. 1343 */ 1344 len = strlen(request->hr_host); 1345 if (len > 3 && strcmp(request->hr_host + len - 3, ":80") == 0) { 1346 request->hr_host[len - 3] = '\0'; 1347 len = strlen(request->hr_host); 1348 } 1349 1350 if (!httpd->virtbase) { 1351 /* 1352 * if we don't use vhost support, then set virthostname if 1353 * user supplied Host header. It will be used for possible 1354 * redirections 1355 */ 1356 if (request->hr_host) { 1357 s = strrchr(request->hr_host, ':'); 1358 if (s != NULL) 1359 /* truncate Host: as we want to copy it without port part */ 1360 *s = '\0'; 1361 request->hr_virthostname = bozostrdup(httpd, request, 1362 request->hr_host); 1363 if (s != NULL) 1364 /* fix Host: again, if we truncated it */ 1365 *s = ':'; 1366 } 1367 goto use_slashdir; 1368 } 1369 1370 /* 1371 * ok, we have a virtual host, use opendir(3) to find a case 1372 * insensitive match for the virtual host we are asked for. 1373 * note that if the virtual host is the same as the master, 1374 * we don't need to do anything special. 1375 */ 1376 debug((httpd, DEBUG_OBESE, 1377 "check_virtual: checking host `%s' under httpd->virtbase `%s' " 1378 "for file `%s'", 1379 request->hr_host, httpd->virtbase, request->hr_file)); 1380 if (strncasecmp(httpd->virthostname, request->hr_host, len) != 0) { 1381 s = NULL; 1382 DIR *dirp; 1383 struct dirent *d; 1384 1385 if ((dirp = opendir(httpd->virtbase)) != NULL) { 1386 while ((d = readdir(dirp)) != NULL) { 1387 if (strcmp(d->d_name, ".") == 0 || 1388 strcmp(d->d_name, "..") == 0) { 1389 continue; 1390 } 1391 debug((httpd, DEBUG_OBESE, "looking at dir '%s'", 1392 d->d_name)); 1393 if (strcmp(d->d_name, request->hr_host) == 0) { 1394 /* found it, punch it */ 1395 debug((httpd, DEBUG_OBESE, "found it punch it")); 1396 request->hr_virthostname = 1397 bozostrdup(httpd, request, d->d_name); 1398 bozoasprintf(httpd, &s, "%s/%s", 1399 httpd->virtbase, 1400 request->hr_virthostname); 1401 break; 1402 } 1403 } 1404 closedir(dirp); 1405 } 1406 else { 1407 debug((httpd, DEBUG_FAT, "opendir %s failed: %s", 1408 httpd->virtbase, strerror(errno))); 1409 } 1410 if (s == 0) { 1411 if (httpd->unknown_slash) 1412 goto use_slashdir; 1413 return bozo_http_error(httpd, 404, request, 1414 "unknown URL"); 1415 } 1416 } else 1417 use_slashdir: 1418 s = httpd->slashdir; 1419 1420 /* 1421 * ok, nailed the correct slashdir, chdir to it 1422 */ 1423 if (chdir(s) < 0) 1424 return bozo_http_error(httpd, 404, request, 1425 "can't chdir to slashdir"); 1426 1427 /* 1428 * is there a mapping for this request? 1429 */ 1430 check_remap(request); 1431 1432 return 0; 1433 } 1434 1435 /* 1436 * checks to see if this request has a valid .bzredirect file. returns 1437 * 0 when no redirection happend, or 1 when handle_redirect() has been 1438 * called, -1 on error. 1439 */ 1440 static int 1441 check_bzredirect(bozo_httpreq_t *request) 1442 { 1443 bozohttpd_t *httpd = request->hr_httpd; 1444 struct stat sb; 1445 char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1], 1446 path[MAXPATHLEN + 1]; 1447 char *basename, *finalredir; 1448 int rv, absolute; 1449 1450 /* 1451 * if this pathname is really a directory, but doesn't end in /, 1452 * use it as the directory to look for the redir file. 1453 */ 1454 if ((size_t)snprintf(dir, sizeof(dir), "%s", request->hr_file + 1) >= 1455 sizeof(dir)) { 1456 bozo_http_error(httpd, 404, request, "file path too long"); 1457 return -1; 1458 } 1459 debug((httpd, DEBUG_FAT, "check_bzredirect: dir %s", dir)); 1460 basename = strrchr(dir, '/'); 1461 1462 if ((!basename || basename[1] != '\0') && 1463 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) { 1464 strcpy(path, dir); 1465 basename = dir; 1466 } else if (basename == NULL) { 1467 strcpy(path, "."); 1468 strcpy(dir, ""); 1469 basename = dir; 1470 } else { 1471 *basename++ = '\0'; 1472 strcpy(path, dir); 1473 } 1474 if (bozo_check_special_files(request, basename)) 1475 return -1; 1476 1477 debug((httpd, DEBUG_FAT, "check_bzredirect: path %s", path)); 1478 1479 if ((size_t)snprintf(redir, sizeof(redir), "%s/%s", path, 1480 REDIRECT_FILE) >= sizeof(redir)) { 1481 return bozo_http_error(httpd, 404, request, 1482 "redirectfile path too long"); 1483 } 1484 if (lstat(redir, &sb) == 0) { 1485 if (!S_ISLNK(sb.st_mode)) 1486 return 0; 1487 absolute = 0; 1488 } else { 1489 if ((size_t)snprintf(redir, sizeof(redir), "%s/%s", path, 1490 ABSREDIRECT_FILE) >= sizeof(redir)) { 1491 bozo_http_error(httpd, 404, request, 1492 "redirectfile path too long"); 1493 return -1; 1494 } 1495 if (lstat(redir, &sb) < 0 || !S_ISLNK(sb.st_mode)) 1496 return 0; 1497 absolute = 1; 1498 } 1499 debug((httpd, DEBUG_FAT, "check_bzredirect: calling readlink")); 1500 rv = readlink(redir, redirpath, sizeof redirpath - 1); 1501 if (rv == -1 || rv == 0) { 1502 debug((httpd, DEBUG_FAT, "readlink failed")); 1503 return 0; 1504 } 1505 redirpath[rv] = '\0'; 1506 debug((httpd, DEBUG_FAT, "readlink returned \"%s\"", redirpath)); 1507 1508 /* check if we need authentication */ 1509 snprintf(path, sizeof(path), "%s/", dir); 1510 if (bozo_auth_check(request, path)) 1511 return 1; 1512 1513 /* now we have the link pointer, redirect to the real place */ 1514 if (!absolute && redirpath[0] != '/') { 1515 if ((size_t)snprintf(finalredir = redir, sizeof(redir), "%s%s/%s", 1516 (strlen(dir) > 0 ? "/" : ""), dir, redirpath) >= sizeof(redir)) { 1517 bozo_http_error(httpd, 404, request, 1518 "redirect path too long"); 1519 return -1; 1520 } 1521 } else 1522 finalredir = redirpath; 1523 1524 debug((httpd, DEBUG_FAT, "check_bzredirect: new redir %s", finalredir)); 1525 handle_redirect(request, finalredir, absolute); 1526 return 1; 1527 } 1528 1529 /* this fixes the %HH hack that RFC2396 requires. */ 1530 int 1531 bozo_decode_url_percent(bozo_httpreq_t *request, char *str) 1532 { 1533 bozohttpd_t *httpd = request->hr_httpd; 1534 char *s, *t, buf[3]; 1535 char *end; /* if end is not-zero, we don't translate beyond that */ 1536 1537 end = str + strlen(str); 1538 1539 /* fast forward to the first % */ 1540 if ((s = strchr(str, '%')) == NULL) 1541 return 0; 1542 1543 t = s; 1544 do { 1545 if (end && s >= end) { 1546 debug((httpd, DEBUG_EXPLODING, 1547 "fu_%%: past end, filling out..")); 1548 while (*s) 1549 *t++ = *s++; 1550 break; 1551 } 1552 debug((httpd, DEBUG_EXPLODING, 1553 "fu_%%: got s == %%, s[1]s[2] == %c%c", 1554 s[1], s[2])); 1555 if (s[1] == '\0' || s[2] == '\0') 1556 return bozo_http_error(httpd, 400, request, 1557 "percent hack missing two chars afterwards"); 1558 if (s[1] == '0' && s[2] == '0') 1559 return bozo_http_error(httpd, 404, request, 1560 "percent hack was %00"); 1561 if (s[1] == '2' && s[2] == 'f') 1562 return bozo_http_error(httpd, 404, request, 1563 "percent hack was %2f (/)"); 1564 1565 buf[0] = *++s; 1566 buf[1] = *++s; 1567 buf[2] = '\0'; 1568 s++; 1569 *t = (char)strtol(buf, NULL, 16); 1570 debug((httpd, DEBUG_EXPLODING, 1571 "fu_%%: strtol put '%02x' into *t", *t)); 1572 if (*t++ == '\0') 1573 return bozo_http_error(httpd, 400, request, 1574 "percent hack got a 0 back"); 1575 1576 while (*s && *s != '%') { 1577 if (end && s >= end) 1578 break; 1579 *t++ = *s++; 1580 } 1581 } while (*s); 1582 *t = '\0'; 1583 1584 debug((httpd, DEBUG_FAT, "bozo_decode_url_percent returns `%s'", 1585 request->hr_file)); 1586 1587 return 0; 1588 } 1589 1590 /* 1591 * transform_request does this: 1592 * - ``expand'' %20 crapola 1593 * - punt if it doesn't start with / 1594 * - look for "http://myname/" and deal with it. 1595 * - maybe call bozo_process_cgi() 1596 * - check for ~user and call bozo_user_transform() if so 1597 * - if the length > 1, check for trailing slash. if so, 1598 * add the index.html file 1599 * - if the length is 1, return the index.html file 1600 * - disallow anything ending up with a file starting 1601 * at "/" or having ".." in it. 1602 * - anything else is a really weird internal error 1603 * - returns malloced file to serve, if unhandled 1604 */ 1605 static int 1606 transform_request(bozo_httpreq_t *request, int *isindex) 1607 { 1608 bozohttpd_t *httpd = request->hr_httpd; 1609 char *file, *newfile = NULL; 1610 size_t len; 1611 1612 file = NULL; 1613 *isindex = 0; 1614 debug((httpd, DEBUG_FAT, "tf_req: file %s", request->hr_file)); 1615 1616 if (bozo_decode_url_percent(request, request->hr_file) || 1617 check_virtual(request)) 1618 goto bad_done; 1619 1620 file = request->hr_file; 1621 1622 if (file[0] != '/') { 1623 bozo_http_error(httpd, 404, request, "unknown URL"); 1624 goto bad_done; 1625 } 1626 1627 /* omit additional slashes at the beginning */ 1628 while (file[1] == '/') 1629 file++; 1630 1631 /* fix file provided by user as it's used in other handlers */ 1632 request->hr_file = file; 1633 1634 len = strlen(file); 1635 1636 #ifndef NO_USER_SUPPORT 1637 /* first of all expand user path */ 1638 if (len > 1 && httpd->enable_users && file[1] == '~') { 1639 if (file[2] == '\0') { 1640 bozo_http_error(httpd, 404, request, 1641 "missing username"); 1642 goto bad_done; 1643 } 1644 if (strchr(file + 2, '/') == NULL) { 1645 char *userredirecturl; 1646 1647 bozoasprintf(httpd, &userredirecturl, "%s/", file); 1648 handle_redirect(request, userredirecturl, 0); 1649 free(userredirecturl); 1650 return 0; 1651 } 1652 debug((httpd, DEBUG_FAT, "calling bozo_user_transform")); 1653 1654 if (!bozo_user_transform(request)) 1655 return 0; 1656 1657 file = request->hr_file; 1658 len = strlen(file); 1659 } 1660 #endif /* NO_USER_SUPPORT */ 1661 1662 1663 switch (check_bzredirect(request)) { 1664 case -1: 1665 goto bad_done; 1666 case 0: 1667 break; 1668 default: 1669 return 0; 1670 } 1671 1672 if (len > 1) { 1673 debug((httpd, DEBUG_FAT, "file[len-1] == %c", file[len-1])); 1674 if (file[len-1] == '/') { /* append index.html */ 1675 *isindex = 1; 1676 debug((httpd, DEBUG_FAT, "appending index.html")); 1677 newfile = bozomalloc(httpd, 1678 len + strlen(httpd->index_html) + 1); 1679 strcpy(newfile, file + 1); 1680 strcat(newfile, httpd->index_html); 1681 } else 1682 newfile = bozostrdup(httpd, request, file + 1); 1683 } else if (len == 1) { 1684 debug((httpd, DEBUG_EXPLODING, "tf_req: len == 1")); 1685 newfile = bozostrdup(httpd, request, httpd->index_html); 1686 *isindex = 1; 1687 } else { /* len == 0 ? */ 1688 bozo_http_error(httpd, 500, request, "request->hr_file is nul"); 1689 goto bad_done; 1690 } 1691 1692 if (newfile == NULL) { 1693 bozo_http_error(httpd, 500, request, "internal failure"); 1694 goto bad_done; 1695 } 1696 1697 /* 1698 * stop traversing outside our domain 1699 * 1700 * XXX true security only comes from our parent using chroot(2) 1701 * before execve(2)'ing us. or our own built in chroot(2) support. 1702 */ 1703 1704 debug((httpd, DEBUG_FAT, "newfile: %s", newfile)); 1705 1706 if (*newfile == '/' || strcmp(newfile, "..") == 0 || 1707 strstr(newfile, "/..") || strstr(newfile, "../")) { 1708 bozo_http_error(httpd, 403, request, "illegal request"); 1709 goto bad_done; 1710 } 1711 1712 if (bozo_auth_check(request, newfile)) 1713 goto bad_done; 1714 1715 if (strlen(newfile)) { 1716 request->hr_oldfile = request->hr_file; 1717 request->hr_file = newfile; 1718 } 1719 1720 if (bozo_process_cgi(request) || 1721 bozo_process_lua(request)) 1722 return 0; 1723 1724 debug((httpd, DEBUG_FAT, "transform_request set: %s", newfile)); 1725 return 1; 1726 1727 bad_done: 1728 debug((httpd, DEBUG_FAT, "transform_request returning: 0")); 1729 free(newfile); 1730 return 0; 1731 } 1732 1733 /* 1734 * can_gzip checks if the request supports and prefers gzip encoding. 1735 * 1736 * XXX: we do not consider the associated q with gzip in making our 1737 * decision which is broken. 1738 */ 1739 1740 static int 1741 can_gzip(bozo_httpreq_t *request) 1742 { 1743 const char *pos; 1744 const char *tmp; 1745 size_t len; 1746 1747 /* First we decide if the request can be gzipped at all. */ 1748 1749 /* not if we already are encoded... */ 1750 tmp = bozo_content_encoding(request, request->hr_file); 1751 if (tmp && *tmp) 1752 return 0; 1753 1754 /* not if we are not asking for the whole file... */ 1755 if (request->hr_last_byte_pos != -1 || request->hr_have_range) 1756 return 0; 1757 1758 /* Then we determine if gzip is on the cards. */ 1759 1760 for (pos = request->hr_accept_encoding; pos && *pos; pos += len) { 1761 while (*pos == ' ') 1762 pos++; 1763 1764 len = strcspn(pos, ";,"); 1765 1766 if ((len == 4 && strncasecmp("gzip", pos, 4) == 0) || 1767 (len == 6 && strncasecmp("x-gzip", pos, 6) == 0)) 1768 return 1; 1769 1770 if (pos[len] == ';') 1771 len += strcspn(&pos[len], ","); 1772 1773 if (pos[len]) 1774 len++; 1775 } 1776 1777 return 0; 1778 } 1779 1780 /* 1781 * bozo_process_request does the following: 1782 * - check the request is valid 1783 * - process cgi-bin if necessary 1784 * - transform a filename if necesarry 1785 * - return the HTTP request 1786 */ 1787 void 1788 bozo_process_request(bozo_httpreq_t *request) 1789 { 1790 bozohttpd_t *httpd = request->hr_httpd; 1791 struct stat sb; 1792 time_t timestamp; 1793 char *file; 1794 const char *type, *encoding; 1795 int fd, isindex; 1796 1797 /* 1798 * note that transform_request chdir()'s if required. also note 1799 * that cgi is handed here. if transform_request() returns 0 1800 * then the request has been handled already. 1801 */ 1802 if (transform_request(request, &isindex) == 0) 1803 return; 1804 1805 fd = -1; 1806 encoding = NULL; 1807 if (can_gzip(request)) { 1808 bozoasprintf(httpd, &file, "%s.gz", request->hr_file); 1809 fd = open(file, O_RDONLY); 1810 if (fd >= 0) 1811 encoding = "gzip"; 1812 free(file); 1813 } 1814 1815 file = request->hr_file; 1816 1817 if (fd < 0) 1818 fd = open(file, O_RDONLY); 1819 1820 if (fd < 0) { 1821 debug((httpd, DEBUG_FAT, "open failed: %s", strerror(errno))); 1822 switch (errno) { 1823 case EPERM: 1824 case EACCES: 1825 bozo_http_error(httpd, 403, request, 1826 "no permission to open file"); 1827 break; 1828 case ENAMETOOLONG: 1829 /*FALLTHROUGH*/ 1830 case ENOENT: 1831 if (!bozo_dir_index(request, file, isindex)) 1832 bozo_http_error(httpd, 404, request, "no file"); 1833 break; 1834 default: 1835 bozo_http_error(httpd, 500, request, "open file"); 1836 } 1837 goto cleanup_nofd; 1838 } 1839 if (fstat(fd, &sb) < 0) { 1840 bozo_http_error(httpd, 500, request, "can't fstat"); 1841 goto cleanup; 1842 } 1843 if (S_ISDIR(sb.st_mode)) { 1844 handle_redirect(request, NULL, 0); 1845 goto cleanup; 1846 } 1847 1848 if (request->hr_if_modified_since && 1849 parse_http_date(request->hr_if_modified_since, ×tamp) && 1850 timestamp >= sb.st_mtime) { 1851 /* XXX ignore subsecond of timestamp */ 1852 bozo_printf(httpd, "%s 304 Not Modified\r\n", 1853 request->hr_proto); 1854 bozo_printf(httpd, "\r\n"); 1855 bozo_flush(httpd, stdout); 1856 goto cleanup; 1857 } 1858 1859 /* validate requested range */ 1860 if (request->hr_last_byte_pos == -1 || 1861 request->hr_last_byte_pos >= sb.st_size) 1862 request->hr_last_byte_pos = sb.st_size - 1; 1863 if (request->hr_have_range && 1864 request->hr_first_byte_pos > request->hr_last_byte_pos) { 1865 request->hr_have_range = 0; /* punt */ 1866 request->hr_first_byte_pos = 0; 1867 request->hr_last_byte_pos = sb.st_size - 1; 1868 } 1869 debug((httpd, DEBUG_FAT, "have_range %d first_pos %lld last_pos %lld", 1870 request->hr_have_range, 1871 (long long)request->hr_first_byte_pos, 1872 (long long)request->hr_last_byte_pos)); 1873 if (request->hr_have_range) 1874 bozo_printf(httpd, "%s 206 Partial Content\r\n", 1875 request->hr_proto); 1876 else 1877 bozo_printf(httpd, "%s 200 OK\r\n", request->hr_proto); 1878 1879 if (request->hr_proto != httpd->consts.http_09) { 1880 type = bozo_content_type(request, file); 1881 if (!encoding) 1882 encoding = bozo_content_encoding(request, file); 1883 1884 bozo_print_header(request, &sb, type, encoding); 1885 bozo_printf(httpd, "\r\n"); 1886 } 1887 bozo_flush(httpd, stdout); 1888 1889 if (request->hr_method != HTTP_HEAD) { 1890 off_t szleft, cur_byte_pos; 1891 1892 szleft = 1893 request->hr_last_byte_pos - request->hr_first_byte_pos + 1; 1894 cur_byte_pos = request->hr_first_byte_pos; 1895 1896 retry: 1897 while (szleft) { 1898 size_t sz; 1899 1900 if ((off_t)httpd->mmapsz < szleft) 1901 sz = httpd->mmapsz; 1902 else 1903 sz = (size_t)szleft; 1904 if (mmap_and_write_part(httpd, fd, cur_byte_pos, sz)) { 1905 if (errno == ENOMEM) { 1906 httpd->mmapsz /= 2; 1907 if (httpd->mmapsz >= httpd->page_size) 1908 goto retry; 1909 } 1910 goto cleanup; 1911 } 1912 cur_byte_pos += sz; 1913 szleft -= sz; 1914 } 1915 } 1916 cleanup: 1917 close(fd); 1918 cleanup_nofd: 1919 close(STDIN_FILENO); 1920 close(STDOUT_FILENO); 1921 /*close(STDERR_FILENO);*/ 1922 } 1923 1924 /* make sure we're not trying to access special files */ 1925 int 1926 bozo_check_special_files(bozo_httpreq_t *request, const char *name) 1927 { 1928 bozohttpd_t *httpd = request->hr_httpd; 1929 size_t i; 1930 1931 for (i = 0; specials[i].file; i++) 1932 if (strcmp(name, specials[i].file) == 0) 1933 return bozo_http_error(httpd, 403, request, 1934 specials[i].name); 1935 1936 return 0; 1937 } 1938 1939 /* generic header printing routine */ 1940 void 1941 bozo_print_header(bozo_httpreq_t *request, 1942 struct stat *sbp, const char *type, const char *encoding) 1943 { 1944 bozohttpd_t *httpd = request->hr_httpd; 1945 off_t len; 1946 char date[40]; 1947 bozoheaders_t *hdr; 1948 1949 SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { 1950 bozo_printf(httpd, "%s: %s\r\n", hdr->h_header, 1951 hdr->h_value); 1952 } 1953 1954 bozo_printf(httpd, "Date: %s\r\n", bozo_http_date(date, sizeof(date))); 1955 bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); 1956 bozo_printf(httpd, "Accept-Ranges: bytes\r\n"); 1957 if (sbp) { 1958 char filedate[40]; 1959 struct tm *tm; 1960 1961 tm = gmtime(&sbp->st_mtime); 1962 strftime(filedate, sizeof filedate, 1963 "%a, %d %b %Y %H:%M:%S GMT", tm); 1964 bozo_printf(httpd, "Last-Modified: %s\r\n", filedate); 1965 } 1966 if (type && *type) 1967 bozo_printf(httpd, "Content-Type: %s\r\n", type); 1968 if (encoding && *encoding) 1969 bozo_printf(httpd, "Content-Encoding: %s\r\n", encoding); 1970 if (sbp) { 1971 if (request->hr_have_range) { 1972 len = request->hr_last_byte_pos - 1973 request->hr_first_byte_pos +1; 1974 bozo_printf(httpd, 1975 "Content-Range: bytes %qd-%qd/%qd\r\n", 1976 (long long) request->hr_first_byte_pos, 1977 (long long) request->hr_last_byte_pos, 1978 (long long) sbp->st_size); 1979 } else 1980 len = sbp->st_size; 1981 bozo_printf(httpd, "Content-Length: %qd\r\n", (long long)len); 1982 } 1983 if (request->hr_proto == httpd->consts.http_11) 1984 bozo_printf(httpd, "Connection: close\r\n"); 1985 bozo_flush(httpd, stdout); 1986 } 1987 1988 #ifndef NO_DEBUG 1989 void 1990 debug__(bozohttpd_t *httpd, int level, const char *fmt, ...) 1991 { 1992 va_list ap; 1993 int savederrno; 1994 1995 /* only log if the level is low enough */ 1996 if (httpd->debug < level) 1997 return; 1998 1999 savederrno = errno; 2000 va_start(ap, fmt); 2001 if (httpd->logstderr) { 2002 vfprintf(stderr, fmt, ap); 2003 fputs("\n", stderr); 2004 } else 2005 vsyslog(LOG_DEBUG, fmt, ap); 2006 va_end(ap); 2007 errno = savederrno; 2008 } 2009 #endif /* NO_DEBUG */ 2010 2011 /* these are like warn() and err(), except for syslog not stderr */ 2012 void 2013 bozowarn(bozohttpd_t *httpd, const char *fmt, ...) 2014 { 2015 va_list ap; 2016 2017 va_start(ap, fmt); 2018 if (httpd->logstderr || isatty(STDERR_FILENO)) { 2019 //fputs("warning: ", stderr); 2020 vfprintf(stderr, fmt, ap); 2021 fputs("\n", stderr); 2022 } else 2023 vsyslog(LOG_INFO, fmt, ap); 2024 va_end(ap); 2025 } 2026 2027 void 2028 bozoerr(bozohttpd_t *httpd, int code, const char *fmt, ...) 2029 { 2030 va_list ap; 2031 2032 va_start(ap, fmt); 2033 if (httpd->logstderr || isatty(STDERR_FILENO)) { 2034 //fputs("error: ", stderr); 2035 vfprintf(stderr, fmt, ap); 2036 fputs("\n", stderr); 2037 } else 2038 vsyslog(LOG_ERR, fmt, ap); 2039 va_end(ap); 2040 exit(code); 2041 } 2042 2043 void 2044 bozoasprintf(bozohttpd_t *httpd, char **str, const char *fmt, ...) 2045 { 2046 va_list ap; 2047 int e; 2048 2049 va_start(ap, fmt); 2050 e = vasprintf(str, fmt, ap); 2051 va_end(ap); 2052 2053 if (e < 0) 2054 bozoerr(httpd, EXIT_FAILURE, "asprintf"); 2055 } 2056 2057 /* 2058 * this escapes HTML tags. returns allocated escaped 2059 * string if needed, or NULL on allocation failure or 2060 * lack of escape need. 2061 * call with NULL httpd in error paths, to avoid recursive 2062 * malloc failure. call with valid httpd in normal paths 2063 * to get automatic allocation failure handling. 2064 */ 2065 char * 2066 bozo_escape_html(bozohttpd_t *httpd, const char *url) 2067 { 2068 int i, j; 2069 char *tmp; 2070 size_t len; 2071 2072 for (i = 0, j = 0; url[i]; i++) { 2073 switch (url[i]) { 2074 case '<': 2075 case '>': 2076 j += 4; 2077 break; 2078 case '&': 2079 j += 5; 2080 break; 2081 case '"': 2082 j += 6; 2083 break; 2084 } 2085 } 2086 2087 if (j == 0) 2088 return NULL; 2089 2090 /* 2091 * we need to handle being called from different 2092 * pathnames. 2093 */ 2094 len = strlen(url) + j; 2095 if (httpd) 2096 tmp = bozomalloc(httpd, len); 2097 else if ((tmp = malloc(len)) == 0) 2098 return NULL; 2099 2100 for (i = 0, j = 0; url[i]; i++) { 2101 switch (url[i]) { 2102 case '<': 2103 memcpy(tmp + j, "<", 4); 2104 j += 4; 2105 break; 2106 case '>': 2107 memcpy(tmp + j, ">", 4); 2108 j += 4; 2109 break; 2110 case '&': 2111 memcpy(tmp + j, "&", 5); 2112 j += 5; 2113 break; 2114 case '"': 2115 memcpy(tmp + j, """, 6); 2116 j += 6; 2117 break; 2118 default: 2119 tmp[j++] = url[i]; 2120 } 2121 } 2122 tmp[j] = 0; 2123 2124 return tmp; 2125 } 2126 2127 /* short map between error code, and short/long messages */ 2128 static struct errors_map { 2129 int code; /* HTTP return code */ 2130 const char *shortmsg; /* short version of message */ 2131 const char *longmsg; /* long version of message */ 2132 } errors_map[] = { 2133 { 400, "400 Bad Request", "The request was not valid", }, 2134 { 401, "401 Unauthorized", "No authorization", }, 2135 { 403, "403 Forbidden", "Access to this item has been denied",}, 2136 { 404, "404 Not Found", "This item has not been found", }, 2137 { 408, "408 Request Timeout", "This request took too long", }, 2138 { 413, "413 Payload Too Large", "Use smaller requests", }, 2139 { 417, "417 Expectation Failed","Expectations not available", }, 2140 { 420, "420 Enhance Your Calm","Chill, Winston", }, 2141 { 500, "500 Internal Error", "An error occured on the server", }, 2142 { 501, "501 Not Implemented", "This request is not available", }, 2143 { 0, NULL, NULL, }, 2144 }; 2145 2146 static const char *help = "DANGER! WILL ROBINSON! DANGER!"; 2147 2148 static const char * 2149 http_errors_short(int code) 2150 { 2151 struct errors_map *ep; 2152 2153 for (ep = errors_map; ep->code; ep++) 2154 if (ep->code == code) 2155 return (ep->shortmsg); 2156 return (help); 2157 } 2158 2159 static const char * 2160 http_errors_long(int code) 2161 { 2162 struct errors_map *ep; 2163 2164 for (ep = errors_map; ep->code; ep++) 2165 if (ep->code == code) 2166 return (ep->longmsg); 2167 return (help); 2168 } 2169 2170 /* the follow functions and variables are used in handling HTTP errors */ 2171 /* ARGSUSED */ 2172 int 2173 bozo_http_error(bozohttpd_t *httpd, int code, bozo_httpreq_t *request, 2174 const char *msg) 2175 { 2176 char portbuf[20]; 2177 const char *header = http_errors_short(code); 2178 const char *reason = http_errors_long(code); 2179 const char *proto = (request && request->hr_proto) ? 2180 request->hr_proto : httpd->consts.http_11; 2181 int size; 2182 bozoheaders_t *hdr; 2183 2184 debug((httpd, DEBUG_FAT, "bozo_http_error %d: %s", code, msg)); 2185 if (header == NULL || reason == NULL) { 2186 bozoerr(httpd, 1, 2187 "bozo_http_error() failed (short = %p, long = %p)", 2188 header, reason); 2189 return code; 2190 } 2191 2192 if (request && request->hr_serverport && 2193 strcmp(request->hr_serverport, "80") != 0) 2194 snprintf(portbuf, sizeof(portbuf), ":%s", 2195 request->hr_serverport); 2196 else 2197 portbuf[0] = '\0'; 2198 2199 if (request && request->hr_file) { 2200 char *file = NULL, *user = NULL; 2201 int file_alloc = 0; 2202 const char *hostname = BOZOHOST(httpd, request); 2203 2204 /* bozo_escape_html() failure here is just too bad. */ 2205 file = bozo_escape_html(NULL, request->hr_file); 2206 if (file == NULL) 2207 file = request->hr_file; 2208 else 2209 file_alloc = 1; 2210 2211 #ifndef NO_USER_SUPPORT 2212 if (request->hr_user != NULL) { 2213 char *user_escaped; 2214 2215 user_escaped = bozo_escape_html(NULL, request->hr_user); 2216 if (user_escaped == NULL) 2217 user_escaped = request->hr_user; 2218 /* expand username to ~user/ */ 2219 bozoasprintf(httpd, &user, "~%s/", user_escaped); 2220 if (user_escaped != request->hr_user) 2221 free(user_escaped); 2222 } 2223 #endif /* !NO_USER_SUPPORT */ 2224 2225 size = snprintf(httpd->errorbuf, BUFSIZ, 2226 "<html><head><title>%s</title></head>\n" 2227 "<body><h1>%s</h1>\n" 2228 "%s%s: <pre>%s</pre>\n" 2229 "<hr><address><a href=\"//%s%s/\">%s%s</a></address>\n" 2230 "</body></html>\n", 2231 header, header, 2232 user ? user : "", file, 2233 reason, hostname, portbuf, hostname, portbuf); 2234 free(user); 2235 if (size >= (int)BUFSIZ) { 2236 bozowarn(httpd, 2237 "bozo_http_error buffer too small, truncated"); 2238 size = (int)BUFSIZ; 2239 } 2240 2241 if (file_alloc) 2242 free(file); 2243 } else 2244 size = 0; 2245 2246 bozo_printf(httpd, "%s %s\r\n", proto, header); 2247 2248 if (request) { 2249 bozo_auth_check_401(request, code); 2250 SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { 2251 bozo_printf(httpd, "%s: %s\r\n", hdr->h_header, 2252 hdr->h_value); 2253 } 2254 } 2255 2256 bozo_printf(httpd, "Content-Type: text/html\r\n"); 2257 bozo_printf(httpd, "Content-Length: %d\r\n", size); 2258 bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); 2259 if (request && request->hr_allow) 2260 bozo_printf(httpd, "Allow: %s\r\n", request->hr_allow); 2261 /* RFC 7231 (HTTP/1.1) 6.5.7 */ 2262 if (code == 408 && request->hr_proto == httpd->consts.http_11) 2263 bozo_printf(httpd, "Connection: close\r\n"); 2264 bozo_printf(httpd, "\r\n"); 2265 /* According to the RFC 2616 sec. 9.4 HEAD method MUST NOT return a 2266 * message-body in the response */ 2267 if (size && request && request->hr_method != HTTP_HEAD) 2268 bozo_printf(httpd, "%s", httpd->errorbuf); 2269 bozo_flush(httpd, stdout); 2270 2271 return code; 2272 } 2273 2274 /* Below are various modified libc functions */ 2275 2276 /* 2277 * returns -1 in lenp if the string ran out before finding a delimiter, 2278 * but is otherwise the same as strsep. Note that the length must be 2279 * correctly passed in. 2280 */ 2281 char * 2282 bozostrnsep(char **strp, const char *delim, ssize_t *lenp) 2283 { 2284 char *s; 2285 const char *spanp; 2286 int c, sc; 2287 char *tok; 2288 2289 if ((s = *strp) == NULL) 2290 return (NULL); 2291 for (tok = s;;) { 2292 if (lenp && --(*lenp) == -1) 2293 return (NULL); 2294 c = *s++; 2295 spanp = delim; 2296 do { 2297 if ((sc = *spanp++) == c) { 2298 if (c == 0) 2299 s = NULL; 2300 else 2301 s[-1] = '\0'; 2302 *strp = s; 2303 return (tok); 2304 } 2305 } while (sc != 0); 2306 } 2307 /* NOTREACHED */ 2308 } 2309 2310 /* 2311 * inspired by fgetln(3), but works for fd's. should work identically 2312 * except it, however, does *not* return the newline, and it does nul 2313 * terminate the string. 2314 */ 2315 char * 2316 bozodgetln(bozohttpd_t *httpd, int fd, ssize_t *lenp, 2317 ssize_t (*readfn)(bozohttpd_t *, int, void *, size_t)) 2318 { 2319 ssize_t len; 2320 int got_cr = 0; 2321 char c, *nbuffer; 2322 2323 /* initialise */ 2324 if (httpd->getln_buflen == 0) { 2325 /* should be plenty for most requests */ 2326 httpd->getln_buflen = 128; 2327 httpd->getln_buffer = malloc((size_t)httpd->getln_buflen); 2328 if (httpd->getln_buffer == NULL) { 2329 httpd->getln_buflen = 0; 2330 return NULL; 2331 } 2332 } 2333 len = 0; 2334 2335 /* 2336 * we *have* to read one byte at a time, to not break cgi 2337 * programs (for we pass stdin off to them). could fix this 2338 * by becoming a fd-passing program instead of just exec'ing 2339 * the program 2340 * 2341 * the above is no longer true, we are the fd-passing 2342 * program already. 2343 */ 2344 for (; readfn(httpd, fd, &c, 1) == 1; ) { 2345 debug((httpd, DEBUG_EXPLODING, "bozodgetln read %c", c)); 2346 2347 if (len >= httpd->getln_buflen - 1) { 2348 httpd->getln_buflen *= 2; 2349 debug((httpd, DEBUG_EXPLODING, "bozodgetln: " 2350 "reallocating buffer to buflen %zu", 2351 httpd->getln_buflen)); 2352 nbuffer = bozorealloc(httpd, httpd->getln_buffer, 2353 (size_t)httpd->getln_buflen); 2354 httpd->getln_buffer = nbuffer; 2355 } 2356 2357 httpd->getln_buffer[len++] = c; 2358 if (c == '\r') { 2359 got_cr = 1; 2360 continue; 2361 } else if (c == '\n') { 2362 /* 2363 * HTTP/1.1 spec says to ignore CR and treat 2364 * LF as the real line terminator. even though 2365 * the same spec defines CRLF as the line 2366 * terminator, it is recommended in section 19.3 2367 * to do the LF trick for tolerance. 2368 */ 2369 if (got_cr) 2370 len -= 2; 2371 else 2372 len -= 1; 2373 break; 2374 } 2375 2376 } 2377 httpd->getln_buffer[len] = '\0'; 2378 debug((httpd, DEBUG_OBESE, "bozodgetln returns: '%s' with len %zd", 2379 httpd->getln_buffer, len)); 2380 *lenp = len; 2381 return httpd->getln_buffer; 2382 } 2383 2384 void * 2385 bozorealloc(bozohttpd_t *httpd, void *ptr, size_t size) 2386 { 2387 void *p; 2388 2389 p = realloc(ptr, size); 2390 if (p) 2391 return p; 2392 2393 bozo_http_error(httpd, 500, NULL, "memory allocation failure"); 2394 exit(EXIT_FAILURE); 2395 } 2396 2397 void * 2398 bozomalloc(bozohttpd_t *httpd, size_t size) 2399 { 2400 void *p; 2401 2402 p = malloc(size); 2403 if (p) 2404 return p; 2405 2406 bozo_http_error(httpd, 500, NULL, "memory allocation failure"); 2407 exit(EXIT_FAILURE); 2408 } 2409 2410 char * 2411 bozostrdup(bozohttpd_t *httpd, bozo_httpreq_t *request, const char *str) 2412 { 2413 char *p; 2414 2415 p = strdup(str); 2416 if (p) 2417 return p; 2418 2419 if (!request) 2420 bozoerr(httpd, EXIT_FAILURE, "strdup"); 2421 2422 bozo_http_error(httpd, 500, request, "memory allocation failure"); 2423 exit(EXIT_FAILURE); 2424 } 2425 2426 /* set default values in bozohttpd_t struct */ 2427 int 2428 bozo_init_httpd(bozohttpd_t *httpd) 2429 { 2430 /* make sure everything is clean */ 2431 (void) memset(httpd, 0x0, sizeof(*httpd)); 2432 2433 /* constants */ 2434 httpd->consts.http_09 = "HTTP/0.9"; 2435 httpd->consts.http_10 = "HTTP/1.0"; 2436 httpd->consts.http_11 = "HTTP/1.1"; 2437 httpd->consts.text_plain = "text/plain"; 2438 2439 /* mmap region size */ 2440 httpd->mmapsz = BOZO_MMAPSZ; 2441 2442 /* error buffer for bozo_http_error() */ 2443 if ((httpd->errorbuf = malloc(BUFSIZ)) == NULL) { 2444 fprintf(stderr, 2445 "bozohttpd: memory_allocation failure\n"); 2446 return 0; 2447 } 2448 #ifndef NO_LUA_SUPPORT 2449 SIMPLEQ_INIT(&httpd->lua_states); 2450 #endif 2451 return 1; 2452 } 2453 2454 /* set default values in bozoprefs_t struct */ 2455 int 2456 bozo_init_prefs(bozohttpd_t *httpd, bozoprefs_t *prefs) 2457 { 2458 int rv = 0; 2459 2460 /* make sure everything is clean */ 2461 (void) memset(prefs, 0x0, sizeof(*prefs)); 2462 2463 /* set up default values */ 2464 if (!bozo_set_pref(httpd, prefs, "server software", SERVER_SOFTWARE)) 2465 rv = 1; 2466 if (!bozo_set_pref(httpd, prefs, "index.html", INDEX_HTML)) 2467 rv = 1; 2468 if (!bozo_set_pref(httpd, prefs, "public_html", PUBLIC_HTML)) 2469 rv = 1; 2470 if (!bozo_set_pref(httpd, prefs, "initial timeout", INITIAL_TIMEOUT)) 2471 rv = 1; 2472 if (!bozo_set_pref(httpd, prefs, "header timeout", HEADER_WAIT_TIME)) 2473 rv = 1; 2474 if (!bozo_set_pref(httpd, prefs, "request timeout", TOTAL_MAX_REQ_TIME)) 2475 rv = 1; 2476 2477 return rv; 2478 } 2479 2480 /* set default values */ 2481 int 2482 bozo_set_defaults(bozohttpd_t *httpd, bozoprefs_t *prefs) 2483 { 2484 return bozo_init_httpd(httpd) && bozo_init_prefs(httpd, prefs); 2485 } 2486 2487 /* set the virtual host name, port and root */ 2488 int 2489 bozo_setup(bozohttpd_t *httpd, bozoprefs_t *prefs, const char *vhost, 2490 const char *root) 2491 { 2492 struct passwd *pw; 2493 extern char **environ; 2494 static char *cleanenv[1] = { NULL }; 2495 uid_t uid; 2496 int uidset = 0; 2497 char *chrootdir; 2498 char *username; 2499 char *portnum; 2500 char *cp; 2501 int dirtyenv; 2502 2503 dirtyenv = 0; 2504 2505 if (vhost == NULL) { 2506 httpd->virthostname = bozomalloc(httpd, MAXHOSTNAMELEN+1); 2507 if (gethostname(httpd->virthostname, MAXHOSTNAMELEN+1) < 0) 2508 bozoerr(httpd, 1, "gethostname"); 2509 httpd->virthostname[MAXHOSTNAMELEN] = '\0'; 2510 } else { 2511 httpd->virthostname = bozostrdup(httpd, NULL, vhost); 2512 } 2513 httpd->slashdir = bozostrdup(httpd, NULL, root); 2514 if ((portnum = bozo_get_pref(prefs, "port number")) != NULL) { 2515 httpd->bindport = bozostrdup(httpd, NULL, portnum); 2516 } 2517 2518 /* go over preferences now */ 2519 if ((cp = bozo_get_pref(prefs, "numeric")) != NULL && 2520 strcmp(cp, "true") == 0) { 2521 httpd->numeric = 1; 2522 } 2523 if ((cp = bozo_get_pref(prefs, "log to stderr")) != NULL && 2524 strcmp(cp, "true") == 0) { 2525 httpd->logstderr = 1; 2526 } 2527 if ((cp = bozo_get_pref(prefs, "bind address")) != NULL) { 2528 httpd->bindaddress = bozostrdup(httpd, NULL, cp); 2529 } 2530 if ((cp = bozo_get_pref(prefs, "background")) != NULL) { 2531 httpd->background = atoi(cp); 2532 } 2533 if ((cp = bozo_get_pref(prefs, "foreground")) != NULL && 2534 strcmp(cp, "true") == 0) { 2535 httpd->foreground = 1; 2536 } 2537 if ((cp = bozo_get_pref(prefs, "pid file")) != NULL) { 2538 httpd->pidfile = bozostrdup(httpd, NULL, cp); 2539 } 2540 if ((cp = bozo_get_pref(prefs, "unknown slash")) != NULL && 2541 strcmp(cp, "true") == 0) { 2542 httpd->unknown_slash = 1; 2543 } 2544 if ((cp = bozo_get_pref(prefs, "virtual base")) != NULL) { 2545 httpd->virtbase = bozostrdup(httpd, NULL, cp); 2546 } 2547 if ((cp = bozo_get_pref(prefs, "enable users")) != NULL && 2548 strcmp(cp, "true") == 0) { 2549 httpd->enable_users = 1; 2550 } 2551 if ((cp = bozo_get_pref(prefs, "enable user cgibin")) != NULL && 2552 strcmp(cp, "true") == 0) { 2553 httpd->enable_cgi_users = 1; 2554 } 2555 if ((cp = bozo_get_pref(prefs, "dirty environment")) != NULL && 2556 strcmp(cp, "true") == 0) { 2557 dirtyenv = 1; 2558 } 2559 if ((cp = bozo_get_pref(prefs, "hide dots")) != NULL && 2560 strcmp(cp, "true") == 0) { 2561 httpd->hide_dots = 1; 2562 } 2563 if ((cp = bozo_get_pref(prefs, "directory indexing")) != NULL && 2564 strcmp(cp, "true") == 0) { 2565 httpd->dir_indexing = 1; 2566 } 2567 if ((cp = bozo_get_pref(prefs, "public_html")) != NULL) { 2568 httpd->public_html = bozostrdup(httpd, NULL, cp); 2569 } 2570 if ((cp = bozo_get_pref(prefs, "initial timeout")) != NULL) { 2571 httpd->initial_timeout = atoi(cp); 2572 } 2573 if ((cp = bozo_get_pref(prefs, "header timeout")) != NULL) { 2574 httpd->header_timeout = atoi(cp); 2575 } 2576 if ((cp = bozo_get_pref(prefs, "request timeout")) != NULL) { 2577 httpd->request_timeout = atoi(cp); 2578 } 2579 httpd->server_software = 2580 bozostrdup(httpd, NULL, bozo_get_pref(prefs, "server software")); 2581 httpd->index_html = 2582 bozostrdup(httpd, NULL, bozo_get_pref(prefs, "index.html")); 2583 2584 /* 2585 * initialise ssl and daemon mode if necessary. 2586 */ 2587 bozo_ssl_init(httpd); 2588 bozo_daemon_init(httpd); 2589 2590 username = bozo_get_pref(prefs, "username"); 2591 if (username != NULL) { 2592 if ((pw = getpwnam(username)) == NULL) 2593 bozoerr(httpd, 1, "getpwnam(%s): %s", username, 2594 strerror(errno)); 2595 if (initgroups(pw->pw_name, pw->pw_gid) == -1) 2596 bozoerr(httpd, 1, "initgroups: %s", strerror(errno)); 2597 if (setgid(pw->pw_gid) == -1) 2598 bozoerr(httpd, 1, "setgid(%u): %s", pw->pw_gid, 2599 strerror(errno)); 2600 uid = pw->pw_uid; 2601 uidset = 1; 2602 } 2603 /* 2604 * handle chroot. 2605 */ 2606 if ((chrootdir = bozo_get_pref(prefs, "chroot dir")) != NULL) { 2607 httpd->rootdir = bozostrdup(httpd, NULL, chrootdir); 2608 if (chdir(httpd->rootdir) == -1) 2609 bozoerr(httpd, 1, "chdir(%s): %s", httpd->rootdir, 2610 strerror(errno)); 2611 if (chroot(httpd->rootdir) == -1) 2612 bozoerr(httpd, 1, "chroot(%s): %s", httpd->rootdir, 2613 strerror(errno)); 2614 } 2615 2616 if (uidset && setuid(uid) == -1) 2617 bozoerr(httpd, 1, "setuid(%d): %s", uid, strerror(errno)); 2618 2619 /* 2620 * prevent info leakage between different compartments. 2621 * some PATH values in the environment would be invalided 2622 * by chroot. cross-user settings might result in undesirable 2623 * effects. 2624 */ 2625 if ((chrootdir != NULL || username != NULL) && !dirtyenv) 2626 environ = cleanenv; 2627 2628 #ifdef _SC_PAGESIZE 2629 httpd->page_size = (long)sysconf(_SC_PAGESIZE); 2630 #else 2631 httpd->page_size = 4096; 2632 #endif 2633 debug((httpd, DEBUG_OBESE, "myname is %s, slashdir is %s", 2634 httpd->virthostname, httpd->slashdir)); 2635 2636 return 1; 2637 } 2638 2639 int 2640 bozo_get_version(char *buf, size_t size) 2641 { 2642 return snprintf(buf, size, "%s", SERVER_SOFTWARE); 2643 } 2644
Indexes created Sat Sep 27 22:09:54 GMT 2025