bozohttpd.c revision 1.12
1 /* $NetBSD: bozohttpd.c,v 1.12 2009/04/18 07:28:24 mrg Exp $ */ 2 3 /* $eterna: bozohttpd.c,v 1.152 2009/04/18 05:36:04 mrg Exp $ */ 4 5 /* 6 * Copyright (c) 1997-2009 Matthew R. Green 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer and 16 * dedication in the documentation and/or other materials provided 17 * with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 */ 32 33 /* this program is dedicated to the Great God of Processed Cheese */ 34 35 /* 36 * bozohttpd.c: minimal httpd; provides only these features: 37 * - HTTP/0.9 (by virtue of ..) 38 * - HTTP/1.0 39 * - HTTP/1.1 40 * - CGI/1.1 this will only be provided for "system" scripts 41 * - automatic "missing trailing slash" redirections 42 * - configurable translation of /~user/ to ~user/public_html, 43 * however, this does not include cgi-bin support 44 * - access lists via libwrap via inetd/tcpd 45 * - virtual hosting 46 * - not that we do not even pretend to understand MIME, but 47 * rely only on the HTTP specification 48 * - ipv6 support 49 * - automatic `index.html' generation 50 * - configurable server name 51 * - directory index generation 52 * - daemon mode (lacks libwrap support) 53 * - .htpasswd support 54 */ 55 56 /* 57 * requirements for minimal http/1.1 (at least, as documented in 58 * <draft-ietf-http-v11-spec-rev-06> which expired may 18, 1999): 59 * 60 * - 14.15: content-encoding handling. [1] 61 * 62 * - 14.16: content-length handling. this is only a SHOULD header 63 * thus we could just not send it ever. [1] 64 * 65 * - 14.17: content-type handling. [1] 66 * 67 * - 14.25/28: if-{,un}modified-since handling. maybe do this, but 68 * i really don't want to have to parse 3 differnet date formats 69 * 70 * [1] need to revisit to ensure proper behaviour 71 * 72 * and the following is a list of features that we do not need 73 * to have due to other limits, or are too lazy. there are more 74 * of these than are listed, but these are of particular note, 75 * and could perhaps be implemented. 76 * 77 * - 3.5/3.6: content/transfer codings. probably can ignore 78 * this? we "SHOULD"n't. but 4.4 says we should ignore a 79 * `content-length' header upon reciept of a `transfer-encoding' 80 * header. 81 * 82 * - 5.1.1: request methods. only MUST support GET and HEAD, 83 * but there are new ones besides POST that are currently 84 * supported: OPTIONS PUT DELETE TRACE and CONNECT, plus 85 * extensions not yet known? 86 * 87 * - 10.1: we can ignore informational status codes 88 * 89 * - 10.3.3/10.3.4/10.3.8: just use '302' codes always. 90 * 91 * - 14.1/14.2/14.3/14.27: we do not support Accept: headers.. 92 * just ignore them and send the request anyway. they are 93 * only SHOULD. 94 * 95 * - 14.5/14.16/14.35: we don't do ranges. from section 14.35.2 96 * `A server MAY ignore the Range header'. but it might be nice. 97 * since 20080301 we support simple range headers. 98 * 99 * - 14.9: we aren't a cache. 100 * 101 * - 14.15: content-md5 would be nice... 102 * 103 * - 14.24/14.26/14.27: be nice to support this... 104 * 105 * - 14.44: not sure about this Vary: header. ignore it for now. 106 */ 107 108 #ifndef INDEX_HTML 109 #define INDEX_HTML "index.html" 110 #endif 111 #ifndef SERVER_SOFTWARE 112 #define SERVER_SOFTWARE "bozohttpd/20090417" 113 #endif 114 #ifndef DIRECT_ACCESS_FILE 115 #define DIRECT_ACCESS_FILE ".bzdirect" 116 #endif 117 #ifndef REDIRECT_FILE 118 #define REDIRECT_FILE ".bzredirect" 119 #endif 120 #ifndef ABSREDIRECT_FILE 121 #define ABSREDIRECT_FILE ".bzabsredirect" 122 #endif 123 124 /* 125 * And so it begins .. 126 */ 127 128 #include <sys/param.h> 129 #include <sys/socket.h> 130 #include <sys/time.h> 131 #include <sys/mman.h> 132 133 #include <arpa/inet.h> 134 135 #include <ctype.h> 136 #include <dirent.h> 137 #include <errno.h> 138 #include <fcntl.h> 139 #include <netdb.h> 140 #include <pwd.h> 141 #include <grp.h> 142 #include <signal.h> 143 #include <stdarg.h> 144 #include <stdlib.h> 145 #include <string.h> 146 #include <syslog.h> 147 #include <time.h> 148 #include <unistd.h> 149 150 #ifndef __attribute__ 151 #define __attribute__(x) 152 #endif /* __attribute__ */ 153 154 #include "bozohttpd.h" 155 156 #ifndef MAX_WAIT_TIME 157 #define MAX_WAIT_TIME 60 /* hang around for 60 seconds max */ 158 #endif 159 160 /* variables and functions */ 161 162 int bflag; /* background; drop into daemon mode */ 163 int fflag; /* keep daemon mode in foreground */ 164 static int eflag; /* don't clean environ; -t/-U only */ 165 const char *Iflag = "http";/* bind port; default "http" */ 166 int Iflag_set; 167 int dflag = 0; /* debugging level */ 168 char *myname; /* my name */ 169 170 #ifndef LOG_FTP 171 #define LOG_FTP LOG_DAEMON 172 #endif 173 174 static char *tflag; /* root directory */ 175 static char *Uflag; /* user name to switch to */ 176 static int Vflag; /* unknown vhosts go to normal slashdir */ 177 static int nflag; /* avoid gethostby*() */ 178 static int rflag; /* make sure referrer = me unless url = / */ 179 static int sflag; /* log to stderr even if it is not a TTY */ 180 static char *vpath; /* virtual directory base */ 181 182 char *slashdir; /* www slash directory */ 183 184 const char *server_software = SERVER_SOFTWARE; 185 const char *index_html = INDEX_HTML; 186 const char http_09[] = "HTTP/0.9"; 187 const char http_10[] = "HTTP/1.0"; 188 const char http_11[] = "HTTP/1.1"; 189 const char text_plain[] = "text/plain"; 190 191 static void usage(void); 192 static void alarmer(int); 193 volatile sig_atomic_t alarmhit; 194 195 static void parse_request(char *, char **, char **, char **, char **); 196 static void clean_request(http_req *request); 197 static http_req *read_request(void); 198 static struct headers *addmerge_header(http_req *, char *, char *, ssize_t); 199 static int mmap_and_write_part(int, off_t, size_t); 200 static void process_request(http_req *); 201 static int check_direct_access(http_req *request); 202 static int transform_request(http_req *, int *); 203 static void handle_redirect(http_req *, const char *, int); 204 205 static int check_virtual(http_req *); 206 static void check_bzredirect(http_req *); 207 static void fix_url_percent(http_req *); 208 static int process_proto(http_req *, const char *); 209 static int process_method(http_req *, const char *); 210 static void escape_html(http_req *); 211 212 static const char *http_errors_short(int); 213 static const char *http_errors_long(int); 214 215 216 /* bozotic io */ 217 int (*bozoprintf)(const char *, ...) = printf; 218 ssize_t (*bozoread)(int, void *, size_t) = read; 219 ssize_t (*bozowrite)(int, const void *, size_t) = write; 220 int (*bozoflush)(FILE *) = fflush; 221 222 char *progname; 223 224 int main(int, char **); 225 226 static void 227 usage(void) 228 { 229 warning("usage: %s [options] slashdir [myname]", progname); 230 warning("options:"); 231 #ifdef DEBUG 232 warning(" -d\t\t\tenable debug support"); 233 #endif 234 warning(" -s\t\t\talways log to stderr"); 235 #ifndef NO_USER_SUPPORT 236 warning(" -u\t\t\tenable ~user/public_html support"); 237 warning(" -p dir\t\tchange `public_html' directory name]"); 238 #endif 239 #ifndef NO_DYNAMIC_CONTENT 240 warning(" -M arg t c c11\tadd this mime extenstion"); 241 #endif 242 #ifndef NO_CGIBIN_SUPPORT 243 #ifndef NO_DYNAMIC_CONTENT 244 warning(" -C arg prog\t\tadd this CGI handler"); 245 #endif 246 warning(" -c cgibin\t\tenable cgi-bin support in this directory"); 247 #endif 248 #ifndef NO_DAEMON_MODE 249 warning(" -b\t\t\tbackground and go into daemon mode"); 250 warning(" -f\t\t\tkeep daemon mode in the foreground"); 251 warning(" -i address\t\tbind on this address (daemon mode only)"); 252 warning(" -I port\t\tbind on this port (daemon mode only)"); 253 #endif 254 warning(" -S version\t\tset server version string"); 255 warning(" -t dir\t\tchroot to `dir'"); 256 warning(" -U username\t\tchange user to `user'"); 257 warning(" -e\t\t\tdon't clean the environment (-t and -U only)"); 258 warning(" -v virtualroot\tenable virtual host support in this directory"); 259 warning(" -r\t\t\tmake sure sub-pages come from this host via referrer"); 260 #ifndef NO_DIRINDEX_SUPPORT 261 warning(" -X\t\t\tenable automatic directory index support"); 262 warning(" -H\t\t\thide files starting with a period (.) in index mode"); 263 #endif 264 warning(" -x index\t\tchange default `index.html' file name"); 265 #ifndef NO_SSL_SUPPORT 266 warning(" -Z cert privkey\tspecify path to server certificate and private key file\n" 267 "\t\t\tin pem format and enable bozohttpd in SSL mode"); 268 #endif /* NO_SSL_SUPPORT */ 269 error(1, "%s failed to start", progname); 270 } 271 272 int 273 main(int argc, char **argv) 274 { 275 http_req *request; 276 extern char **environ; 277 char *cleanenv[1]; 278 uid_t uid; 279 int c; 280 281 uid = 0; /* XXX gcc */ 282 283 if ((progname = strrchr(argv[0], '/')) != NULL) 284 progname++; 285 else 286 progname = argv[0]; 287 288 openlog(progname, LOG_PID|LOG_NDELAY, LOG_FTP); 289 290 while ((c = getopt(argc, argv, 291 "C:HI:M:S:U:VXZ:bc:defhi:np:rst:uv:x:z:")) != -1) { 292 switch(c) { 293 294 case 'M': 295 #ifndef NO_DYNAMIC_CONTENT 296 /* make sure there's four arguments */ 297 if (argc - optind < 3) 298 usage(); 299 add_content_map_mime(optarg, argv[optind], 300 argv[optind+1], argv[optind+2]); 301 optind += 3; 302 break; 303 #else 304 error(1, "dynmic mime content support is not enabled"); 305 /* NOTREACHED */ 306 #endif /* NO_DYNAMIC_CONTENT */ 307 308 case 'n': 309 nflag = 1; 310 break; 311 312 case 'r': 313 rflag = 1; 314 break; 315 316 case 's': 317 sflag = 1; 318 break; 319 320 case 'S': 321 server_software = optarg; 322 break; 323 case 'Z': 324 #ifndef NO_SSL_SUPPORT 325 /* make sure there's two arguments */ 326 if (argc - optind < 1) 327 usage(); 328 ssl_set_opts(optarg, argv[optind++]); 329 break; 330 #else 331 error(1, "ssl support is not enabled"); 332 /* NOT REACHED */ 333 #endif /* NO_SSL_SUPPORT */ 334 case 'U': 335 Uflag = optarg; 336 break; 337 338 case 'V': 339 Vflag = 1; 340 break; 341 342 case 'v': 343 vpath = optarg; 344 break; 345 346 case 'x': 347 index_html = optarg; 348 break; 349 350 #ifndef NO_DAEMON_MODE 351 case 'b': 352 bflag = 1; 353 break; 354 355 case 'e': 356 eflag = 1; 357 break; 358 359 case 'f': 360 fflag = 1; 361 break; 362 363 case 'i': 364 iflag = optarg; 365 break; 366 367 case 'I': 368 Iflag_set = 1; 369 Iflag = optarg; 370 break; 371 #else /* NO_DAEMON_MODE */ 372 case 'b': 373 case 'e': 374 case 'f': 375 case 'i': 376 case 'I': 377 error(1, "Daemon mode is not enabled"); 378 /* NOTREACHED */ 379 #endif /* NO_DAEMON_MODE */ 380 381 #ifndef NO_CGIBIN_SUPPORT 382 case 'c': 383 set_cgibin(optarg); 384 break; 385 386 case 'C': 387 #ifndef NO_DYNAMIC_CONTENT 388 /* make sure there's two arguments */ 389 if (argc - optind < 1) 390 usage(); 391 add_content_map_cgi(optarg, argv[optind++]); 392 break; 393 #else 394 error(1, "dynmic CGI handler support is not enabled"); 395 /* NOTREACHED */ 396 #endif /* NO_DYNAMIC_CONTENT */ 397 398 #else 399 case 'c': 400 case 'C': 401 error(1, "CGI is not enabled"); 402 /* NOTREACHED */ 403 #endif /* NO_CGIBIN_SUPPORT */ 404 405 case 'd': 406 dflag++; 407 #ifndef DEBUG 408 if (dflag == 1) 409 warning("Debugging is not enabled"); 410 #endif /* !DEBUG */ 411 break; 412 413 #ifndef NO_USER_SUPPORT 414 case 'p': 415 public_html = optarg; 416 break; 417 418 case 't': 419 tflag = optarg; 420 break; 421 422 case 'u': 423 uflag = 1; 424 break; 425 #else 426 case 'p': 427 case 't': 428 case 'u': 429 error(1, "User support is not enabled"); 430 /* NOTREACHED */ 431 #endif /* NO_USER_SUPPORT */ 432 433 #ifndef NO_DIRINDEX_SUPPORT 434 case 'H': 435 Hflag = 1; 436 break; 437 438 case 'X': 439 Xflag = 1; 440 break; 441 442 #else 443 case 'H': 444 case 'X': 445 error(1, "directory indexing is not enabled"); 446 /* NOTREACHED */ 447 #endif /* NO_DIRINDEX_SUPPORT */ 448 449 default: 450 usage(); 451 /* NOTREACHED */ 452 } 453 } 454 argc -= optind; 455 argv += optind; 456 457 if (argc == 1) { 458 myname = bozomalloc(MAXHOSTNAMELEN+1); 459 /* XXX we do not check for FQDN here */ 460 if (gethostname(myname, MAXHOSTNAMELEN+1) < 0) 461 error(1, "gethostname"); 462 myname[MAXHOSTNAMELEN] = '\0'; 463 } else if (argc == 2) 464 myname = argv[1]; 465 else 466 usage(); 467 468 slashdir = argv[0]; 469 debug((DEBUG_OBESE, "myname is %s, slashdir is %s", myname, slashdir)); 470 471 /* 472 * initialise ssl and daemon mode if necessary. 473 */ 474 ssl_init(); 475 daemon_init(); 476 477 /* 478 * prevent info leakage between different compartments. 479 * some PATH values in the environment would be invalided 480 * by chroot. cross-user settings might result in undesirable 481 * effects. 482 */ 483 if ((tflag != NULL || Uflag != NULL) && !eflag) { 484 cleanenv[0] = NULL; 485 environ = cleanenv; 486 } 487 488 /* 489 * look up user/group information. 490 */ 491 if (Uflag != NULL) { 492 struct passwd *pw; 493 494 if ((pw = getpwnam(Uflag)) == NULL) 495 error(1, "getpwnam(%s): %s", Uflag, strerror(errno)); 496 if (initgroups(pw->pw_name, pw->pw_gid) == -1) 497 error(1, "initgroups: %s", strerror(errno)); 498 if (setgid(pw->pw_gid) == -1) 499 error(1, "setgid(%u): %s", pw->pw_gid, strerror(errno)); 500 uid = pw->pw_uid; 501 } 502 503 /* 504 * handle chroot. 505 */ 506 if (tflag != NULL) { 507 if (chdir(tflag) == -1) 508 error(1, "chdir(%s): %s", tflag, strerror(errno)); 509 if (chroot(tflag) == -1) 510 error(1, "chroot(%s): %s", tflag, strerror(errno)); 511 } 512 513 if (Uflag != NULL) 514 if (setuid(uid) == -1) 515 error(1, "setuid(%d): %s", uid, strerror(errno)); 516 517 /* 518 * be sane, don't start serving up files from a 519 * hierarchy we don't have permission to get to. 520 */ 521 if (tflag != NULL) 522 if (chdir("/") == -1) 523 error(1, "chdir /: %s", strerror(errno)); 524 525 /* 526 * read and process the HTTP request. 527 */ 528 do { 529 request = read_request(); 530 if (request) { 531 process_request(request); 532 clean_request(request); 533 return (0); 534 } 535 } while (bflag); 536 537 return (0); 538 } 539 540 char * 541 http_date(void) 542 { 543 static char date[40]; 544 struct tm *tm; 545 time_t now; 546 547 /* Sun, 06 Nov 1994 08:49:37 GMT */ 548 now = time(NULL); 549 tm = gmtime(&now); /* HTTP/1.1 spec rev 06 sez GMT only */ 550 strftime(date, sizeof date, "%a, %d %b %Y %H:%M:%S GMT", tm); 551 return date; 552 } 553 554 /* 555 * convert "in" into the three parts of a request (first line). 556 * we allocate into file and query, but return pointers into 557 * "in" for proto and method. 558 */ 559 static void 560 parse_request(char *in, char **method, char **file, char **query, char **proto) 561 { 562 ssize_t len; 563 char *val; 564 565 debug((DEBUG_EXPLODING, "parse in: %s", in)); 566 *method = *file = *query = *proto = NULL; 567 568 len = (ssize_t)strlen(in); 569 val = bozostrnsep(&in, " \t\n\r", &len); 570 if (len < 1 || val == NULL) 571 return; 572 *method = val; 573 574 while (*in == ' ' || *in == '\t') 575 in++; 576 val = bozostrnsep(&in, " \t\n\r", &len); 577 if (len < 1) { 578 if (len == 0) 579 *file = val; 580 else 581 *file = in; 582 return; 583 } 584 *file = val; 585 586 *query = strchr(*file, '?'); 587 if (*query) 588 *(*query)++ = '\0'; 589 590 if (in) { 591 while (*in && (*in == ' ' || *in == '\t')) 592 in++; 593 if (*in) 594 *proto = in; 595 } 596 597 /* allocate private copies */ 598 *file = strdup(*file); 599 if (*query) 600 *query = strdup(*query); 601 602 debug((DEBUG_FAT, "url: method: \"%s\" file: \"%s\" query: \"%s\" proto: \"%s\"", 603 *method, *file, *query, *proto)); 604 } 605 606 /* 607 * send a HTTP/1.1 408 response if we timeout. 608 */ 609 /* ARGSUSED */ 610 static void 611 alarmer(int sig) 612 { 613 alarmhit = 1; 614 } 615 616 /* 617 * cleanup a http_req after use 618 */ 619 static void 620 clean_request(http_req *request) 621 { 622 struct headers *hdr, *ohdr = NULL; 623 624 if (request == NULL) 625 return; 626 627 /* clean up request */ 628 #define MF(x) if (request->x) free(request->x) 629 MF(hr_remotehost); 630 MF(hr_remoteaddr); 631 MF(hr_serverport); 632 MF(hr_file); 633 MF(hr_query); 634 #undef MF 635 auth_cleanup(request); 636 for (hdr = SIMPLEQ_FIRST(&request->hr_headers); hdr; 637 hdr = SIMPLEQ_NEXT(hdr, h_next)) { 638 free(hdr->h_value); 639 free(hdr->h_header); 640 if (ohdr) 641 free(ohdr); 642 ohdr = hdr; 643 } 644 if (ohdr) 645 free(ohdr); 646 647 free(request); 648 } 649 650 /* 651 * This function reads a http request from stdin, returning a pointer to a 652 * http_req structure, describing the request. 653 */ 654 static http_req * 655 read_request(void) 656 { 657 struct sigaction sa; 658 char *str, *val, *method, *file, *proto, *query; 659 char *host, *addr, *port; 660 char bufport[10]; 661 char hbuf[NI_MAXHOST], abuf[NI_MAXHOST]; 662 struct sockaddr_storage ss; 663 ssize_t len; 664 int line = 0; 665 socklen_t slen; 666 http_req *request; 667 668 /* 669 * if we're in daemon mode, daemon_fork() will return here once 670 * for each child, then we can setup SSL. 671 */ 672 daemon_fork(); 673 ssl_accept(); 674 675 request = bozomalloc(sizeof *request); 676 memset(request, 0, sizeof *request); 677 request->hr_allow = request->hr_host = NULL; 678 request->hr_content_type = request->hr_content_length = NULL; 679 request->hr_range = NULL; 680 request->hr_last_byte_pos = -1; 681 request->hr_if_modified_since = NULL; 682 request->hr_file = NULL; 683 684 slen = sizeof(ss); 685 if (getpeername(0, (struct sockaddr *)&ss, &slen) < 0) 686 host = addr = NULL; 687 else { 688 if (getnameinfo((struct sockaddr *)&ss, slen, 689 abuf, sizeof abuf, NULL, 0, NI_NUMERICHOST) == 0) 690 addr = abuf; 691 else 692 addr = NULL; 693 if (nflag == 0 && getnameinfo((struct sockaddr *)&ss, slen, 694 hbuf, sizeof hbuf, NULL, 0, 0) == 0) 695 host = hbuf; 696 else 697 host = NULL; 698 } 699 if (host != NULL) 700 request->hr_remotehost = bozostrdup(host); 701 if (addr != NULL) 702 request->hr_remoteaddr = bozostrdup(addr); 703 slen = sizeof(ss); 704 if (getsockname(0, (struct sockaddr *)&ss, &slen) < 0) 705 port = NULL; 706 else { 707 if (getnameinfo((struct sockaddr *)&ss, slen, NULL, 0, 708 bufport, sizeof bufport, NI_NUMERICSERV) == 0) 709 port = bufport; 710 else 711 port = NULL; 712 } 713 if (port != NULL) 714 request->hr_serverport = bozostrdup(port); 715 716 /* 717 * setup a timer to make sure the request is not hung 718 */ 719 sa.sa_handler = alarmer; 720 sigemptyset(&sa.sa_mask); 721 sigaddset(&sa.sa_mask, SIGALRM); 722 sa.sa_flags = 0; 723 sigaction(SIGALRM, &sa, NULL); /* XXX */ 724 725 alarm(MAX_WAIT_TIME); 726 while ((str = bozodgetln(STDIN_FILENO, &len, bozoread)) != NULL) { 727 alarm(0); 728 if (alarmhit) { 729 (void)http_error(408, NULL, "request timed out"); 730 goto cleanup; 731 } 732 line++; 733 734 if (line == 1) { 735 736 if (len < 1) { 737 (void)http_error(404, NULL, "null method"); 738 goto cleanup; 739 } 740 741 warning("got request ``%s'' from host %s to port %s", 742 str, 743 host ? host : addr ? addr : "<local>", 744 port ? port : "<stdin>"); 745 #if 0 746 debug((DEBUG_FAT, "read_req, getting request: ``%s''", 747 str)); 748 #endif 749 750 /* we allocate return space in file and query only */ 751 parse_request(str, &method, &file, &query, &proto); 752 request->hr_file = file; 753 request->hr_query = query; 754 if (method == NULL) { 755 (void)http_error(404, NULL, "null method"); 756 goto cleanup; 757 } 758 if (file == NULL) { 759 (void)http_error(404, NULL, "null file"); 760 goto cleanup; 761 } 762 763 /* 764 * note that we parse the proto first, so that we 765 * can more properly parse the method and the url. 766 */ 767 768 if (process_proto(request, proto) || 769 process_method(request, method)) { 770 goto cleanup; 771 } 772 773 debug((DEBUG_FAT, "got file \"%s\" query \"%s\"", 774 request->hr_file, 775 request->hr_query ? request->hr_query : "<none>")); 776 777 /* http/0.9 has no header processing */ 778 if (request->hr_proto == http_09) 779 break; 780 } else { /* incoming headers */ 781 struct headers *hdr; 782 783 if (*str == '\0') 784 break; 785 786 val = bozostrnsep(&str, ":", &len); 787 debug((DEBUG_EXPLODING, 788 "read_req2: after bozostrnsep: str ``%s'' val ``%s''", 789 str, val)); 790 if (val == NULL || len == -1) { 791 (void)http_error(404, request, "no header"); 792 goto cleanup; 793 } 794 while (*str == ' ' || *str == '\t') 795 len--, str++; 796 while (*val == ' ' || *val == '\t') 797 val++; 798 799 if (auth_check_headers(request, val, str, len)) 800 goto next_header; 801 802 hdr = addmerge_header(request, val, str, len); 803 804 if (strcasecmp(hdr->h_header, "content-type") == 0) 805 request->hr_content_type = hdr->h_value; 806 else if (strcasecmp(hdr->h_header, "content-length") == 0) 807 request->hr_content_length = hdr->h_value; 808 else if (strcasecmp(hdr->h_header, "host") == 0) 809 request->hr_host = hdr->h_value; 810 /* HTTP/1.1 rev06 draft spec: 14.20 */ 811 else if (strcasecmp(hdr->h_header, "expect") == 0) { 812 (void)http_error(417, request, "we don't support Expect:"); 813 goto cleanup; 814 } 815 else if (strcasecmp(hdr->h_header, "referrer") == 0 || 816 strcasecmp(hdr->h_header, "referer") == 0) 817 request->hr_referrer = hdr->h_value; 818 else if (strcasecmp(hdr->h_header, "range") == 0) 819 request->hr_range = hdr->h_value; 820 else if (strcasecmp(hdr->h_header, "if-modified-since") == 0) 821 request->hr_if_modified_since = hdr->h_value; 822 823 debug((DEBUG_FAT, "adding header %s: %s", 824 hdr->h_header, hdr->h_value)); 825 } 826 next_header: 827 alarm(MAX_WAIT_TIME); 828 } 829 830 /* now, clear it all out */ 831 alarm(0); 832 signal(SIGALRM, SIG_DFL); 833 834 /* RFC1945, 8.3 */ 835 if (request->hr_method == HTTP_POST && request->hr_content_length == NULL) { 836 (void)http_error(400, request, "missing content length"); 837 goto cleanup; 838 } 839 840 /* HTTP/1.1 draft rev-06, 14.23 & 19.6.1.1 */ 841 if (request->hr_proto == http_11 && request->hr_host == NULL) { 842 (void)http_error(400, request, "missing Host header"); 843 goto cleanup; 844 } 845 846 if (request->hr_range != NULL) { 847 debug((DEBUG_FAT, "hr_range: %s", request->hr_range)); 848 /* support only simple ranges %d- and %d-%d */ 849 if (strchr(request->hr_range, ',') == NULL) { 850 const char *rstart, *dash; 851 852 rstart = strchr(request->hr_range, '='); 853 if (rstart != NULL) { 854 rstart++; 855 dash = strchr(rstart, '-'); 856 if (dash != NULL && dash != rstart) { 857 dash++; 858 request->hr_have_range = 1; 859 request->hr_first_byte_pos = 860 strtoll(rstart, NULL, 10); 861 if (request->hr_first_byte_pos < 0) 862 request->hr_first_byte_pos = 0; 863 if (*dash != '\0') { 864 request->hr_last_byte_pos = 865 strtoll(dash, NULL, 10); 866 if (request->hr_last_byte_pos < 0) 867 request->hr_last_byte_pos = -1; 868 } 869 } 870 } 871 } 872 } 873 874 if (request->hr_range != NULL) { 875 debug((DEBUG_FAT, "hr_range: %s", request->hr_range)); 876 /* support only simple ranges %d- and %d-%d */ 877 if (strchr(request->hr_range, ',') == NULL) { 878 const char *rstart, *dash; 879 880 rstart = strchr(request->hr_range, '='); 881 if (rstart != NULL) { 882 rstart++; 883 dash = strchr(rstart, '-'); 884 if (dash != NULL && dash != rstart) { 885 dash++; 886 request->hr_have_range = 1; 887 request->hr_first_byte_pos = 888 strtoll(rstart, NULL, 10); 889 if (request->hr_first_byte_pos < 0) 890 request->hr_first_byte_pos = 0; 891 if (*dash != '\0') { 892 request->hr_last_byte_pos = 893 strtoll(dash, NULL, 10); 894 if (request->hr_last_byte_pos < 0) 895 request->hr_last_byte_pos = -1; 896 } 897 } 898 } 899 } 900 } 901 902 debug((DEBUG_FAT, "read_request returns url %s in request", 903 request->hr_file)); 904 return (request); 905 906 cleanup: 907 clean_request(request); 908 909 /* If SSL enabled cleanup SSL structure. */ 910 ssl_destroy(); 911 912 return NULL; 913 } 914 915 /* 916 * add or merge this header (val: str) into the requests list 917 */ 918 static struct headers * 919 addmerge_header(http_req *request, char *val, char *str, ssize_t len) 920 { 921 struct headers *hdr; 922 923 /* do we exist already? */ 924 SIMPLEQ_FOREACH(hdr, &request->hr_headers, h_next) { 925 if (strcasecmp(val, hdr->h_header) == 0) 926 break; 927 } 928 929 if (hdr) { 930 /* yup, merge it in */ 931 char *nval; 932 933 if (asprintf(&nval, "%s, %s", hdr->h_value, str) == -1) { 934 (void)http_error(500, NULL, 935 "memory allocation failure"); 936 return NULL; 937 } 938 free(hdr->h_value); 939 hdr->h_value = nval; 940 } else { 941 /* nope, create a new one */ 942 943 hdr = bozomalloc(sizeof *hdr); 944 hdr->h_header = bozostrdup(val); 945 if (str && *str) 946 hdr->h_value = bozostrdup(str); 947 else 948 hdr->h_value = bozostrdup(" "); 949 950 SIMPLEQ_INSERT_TAIL(&request->hr_headers, hdr, h_next); 951 request->hr_nheaders++; 952 } 953 954 return hdr; 955 } 956 957 static int 958 mmap_and_write_part(int fd, off_t first_byte_pos, size_t sz) 959 { 960 size_t mappedsz; 961 char *addr; 962 void *oaddr; 963 964 addr = mmap(0, sz, PROT_READ, MAP_SHARED, fd, first_byte_pos); 965 if (addr == (char *)-1) { 966 warning("mmap failed: %s", strerror(errno)); 967 return -1; 968 } 969 oaddr = addr; 970 mappedsz = sz; 971 972 #ifdef MADV_SEQUENTIAL 973 (void)madvise(addr, sz, MADV_SEQUENTIAL); 974 #endif 975 while (sz > WRSZ) { 976 if (bozowrite(STDOUT_FILENO, addr, WRSZ) != WRSZ) { 977 warning("write failed: %s", strerror(errno)); 978 goto out; 979 } 980 debug((DEBUG_OBESE, "wrote %d bytes", WRSZ)); 981 sz -= WRSZ; 982 addr += WRSZ; 983 } 984 if (sz && (size_t)bozowrite(STDOUT_FILENO, addr, sz) != sz) { 985 warning("final write failed: %s", strerror(errno)); 986 goto out; 987 } 988 debug((DEBUG_OBESE, "wrote %d bytes", (int)sz)); 989 out: 990 if (munmap(oaddr, mappedsz) < 0) { 991 warning("munmap failed"); 992 return -1; 993 } 994 995 return 0; 996 } 997 998 static int 999 parse_http_date(const char *val, time_t *timestamp) 1000 { 1001 char *remainder; 1002 struct tm tm; 1003 1004 if ((remainder = strptime(val, "%a, %d %b %Y %T GMT", &tm)) == NULL && 1005 (remainder = strptime(val, "%a, %d-%b-%y %T GMT", &tm)) == NULL && 1006 (remainder = strptime(val, "%a %b %d %T %Y", &tm)) == NULL) 1007 return 0; /* Invalid HTTP date format */ 1008 1009 if (*remainder) 1010 return 0; /* No trailing garbage */ 1011 1012 *timestamp = timegm(&tm); 1013 return 1; 1014 } 1015 1016 /* 1017 * process_request does the following: 1018 * - check the request is valid 1019 * - process cgi-bin if necessary 1020 * - transform a filename if necesarry 1021 * - return the HTTP request 1022 */ 1023 static void 1024 process_request(http_req *request) 1025 { 1026 struct stat sb; 1027 time_t timestamp; 1028 char *file; 1029 const char *type, *encoding; 1030 int fd, isindex; 1031 1032 /* 1033 * note that transform_request chdir()'s if required. also note 1034 * that cgi is handed here. if transform_request() returns 0 1035 * then the request has been handled already. 1036 */ 1037 if (transform_request(request, &isindex) == 0) 1038 return; 1039 1040 file = request->hr_file; 1041 1042 fd = open(file, O_RDONLY); 1043 if (fd < 0) { 1044 debug((DEBUG_FAT, "open failed: %s", strerror(errno))); 1045 if (errno == EPERM) 1046 (void)http_error(403, request, "no permission to open file"); 1047 else if (errno == ENOENT) { 1048 if (directory_index(request, file, isindex)) 1049 ; 1050 else 1051 (void)http_error(404, request, "no file"); 1052 } else 1053 (void)http_error(500, request, "open file"); 1054 return; 1055 } 1056 if (fstat(fd, &sb) < 0) { 1057 (void)http_error(500, request, "can't fstat"); 1058 goto cleanup; 1059 } 1060 if (S_ISDIR(sb.st_mode)) { 1061 handle_redirect(request, NULL, 0); 1062 goto cleanup; 1063 } 1064 1065 if (request->hr_if_modified_since && 1066 parse_http_date(request->hr_if_modified_since, ×tamp) && 1067 timestamp >= sb.st_mtime) { 1068 /* XXX ignore subsecond of timestamp */ 1069 bozoprintf("%s 304 Not Modified\r\n", request->hr_proto); 1070 bozoprintf("\r\n"); 1071 bozoflush(stdout); 1072 goto cleanup; 1073 } 1074 1075 /* validate requested range */ 1076 if (request->hr_last_byte_pos == -1 || 1077 request->hr_last_byte_pos >= sb.st_size) 1078 request->hr_last_byte_pos = sb.st_size - 1; 1079 if (request->hr_have_range && 1080 request->hr_first_byte_pos > request->hr_last_byte_pos) { 1081 request->hr_have_range = 0; /* punt */ 1082 request->hr_first_byte_pos = 0; 1083 request->hr_last_byte_pos = sb.st_size - 1; 1084 } 1085 debug((DEBUG_FAT, "have_range %d first_pos %qd last_pos %qd", 1086 request->hr_have_range, 1087 request->hr_first_byte_pos, request->hr_last_byte_pos)); 1088 if (request->hr_have_range) 1089 bozoprintf("%s 206 Partial Content\r\n", request->hr_proto); 1090 else 1091 bozoprintf("%s 200 OK\r\n", request->hr_proto); 1092 1093 if (request->hr_proto != http_09) { 1094 type = content_type(request, file); 1095 encoding = content_encoding(request, file); 1096 1097 print_header(request, &sb, type, encoding); 1098 bozoprintf("\r\n"); 1099 } 1100 bozoflush(stdout); 1101 1102 if (request->hr_method != HTTP_HEAD) { 1103 off_t szleft, cur_byte_pos; 1104 1105 szleft = 1106 request->hr_last_byte_pos - request->hr_first_byte_pos + 1; 1107 cur_byte_pos = request->hr_first_byte_pos; 1108 1109 while (szleft) { 1110 size_t sz; 1111 1112 if (MMAPSZ < szleft) 1113 sz = MMAPSZ; 1114 else 1115 sz = szleft; 1116 if (mmap_and_write_part(fd, cur_byte_pos, sz)) 1117 goto cleanup; 1118 cur_byte_pos += sz; 1119 szleft -= sz; 1120 } 1121 } 1122 cleanup: 1123 close(fd); 1124 } 1125 1126 /* 1127 * deal with virtual host names; we do this: 1128 * if we have a virtual path root (vpath), and we are given a 1129 * virtual host spec (Host: ho.st or http://ho.st/), see if this 1130 * directory exists under vpath. if it does, use this as the 1131 # new slashdir. 1132 */ 1133 static int 1134 check_virtual(http_req *request) 1135 { 1136 char *file = request->hr_file, *s; 1137 struct dirent **list; 1138 size_t len; 1139 int i; 1140 1141 if (!vpath) 1142 goto use_slashdir; 1143 1144 /* 1145 * convert http://virtual.host/ to request->hr_host 1146 */ 1147 debug((DEBUG_OBESE, "checking for http:// virtual host in ``%s''", file)); 1148 if (strncasecmp(file, "http://", 7) == 0) { 1149 /* we would do virtual hosting here? */ 1150 file += 7; 1151 s = strchr(file, '/'); 1152 /* HTTP/1.1 draft rev-06, 5.2: URI takes precedence over Host: */ 1153 request->hr_host = file; 1154 request->hr_file = bozostrdup(s ? s : "/"); 1155 debug((DEBUG_OBESE, "got host ``%s'' file is now ``%s''", 1156 request->hr_host, request->hr_file)); 1157 } else if (!request->hr_host) 1158 goto use_slashdir; 1159 1160 1161 /* 1162 * ok, we have a virtual host, use scandir(3) to find a case 1163 * insensitive match for the virtual host we are asked for. 1164 * note that if the virtual host is the same as the master, 1165 * we don't need to do anything special. 1166 */ 1167 len = strlen(request->hr_host); 1168 debug((DEBUG_OBESE, 1169 "check_virtual: checking host `%s' under vpath `%s' for file `%s'", 1170 request->hr_host, vpath, request->hr_file)); 1171 if (strncasecmp(myname, request->hr_host, len) != 0) { 1172 s = 0; 1173 for (i = scandir(vpath, &list, 0, 0); i--; list++) { 1174 debug((DEBUG_OBESE, "looking at dir``%s''", 1175 (*list)->d_name)); 1176 if (strncasecmp((*list)->d_name, request->hr_host, 1177 len) == 0) { 1178 /* found it, punch it */ 1179 myname = (*list)->d_name; 1180 if (asprintf(&s, "%s/%s", vpath, myname) < 0) 1181 error(1, "asprintf"); 1182 break; 1183 } 1184 } 1185 if (s == 0) { 1186 if (Vflag) 1187 goto use_slashdir; 1188 return http_error(404, request, "unknown URL"); 1189 } 1190 } else 1191 use_slashdir: 1192 s = slashdir; 1193 1194 /* 1195 * ok, nailed the correct slashdir, chdir to it 1196 */ 1197 if (chdir(s) < 0) 1198 return http_error(404, request, "can't chdir to slashdir"); 1199 return 0; 1200 } 1201 1202 /* make sure we're not trying to access special files */ 1203 int 1204 check_special_files(http_req *request, const char *name) 1205 { 1206 /* ensure basename(name) != special files */ 1207 if (strcmp(name, DIRECT_ACCESS_FILE) == 0) 1208 return http_error(403, request, 1209 "no permission to open direct access file"); 1210 if (strcmp(name, REDIRECT_FILE) == 0) 1211 return http_error(403, request, 1212 "no permission to open redirect file"); 1213 if (strcmp(name, ABSREDIRECT_FILE) == 0) 1214 return http_error(403, request, 1215 "no permission to open redirect file"); 1216 return auth_check_special_files(request, name); 1217 } 1218 1219 /* 1220 * checks to see if this request has a valid .bzredirect file. returns 1221 * 0 on failure and 1 on success. 1222 */ 1223 static void 1224 check_bzredirect(http_req *request) 1225 { 1226 struct stat sb; 1227 char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1]; 1228 char *basename, *finalredir; 1229 int rv, absolute; 1230 1231 /* 1232 * if this pathname is really a directory, but doesn't end in /, 1233 * use it as the directory to look for the redir file. 1234 */ 1235 snprintf(dir, sizeof(dir), "%s", request->hr_file + 1); 1236 debug((DEBUG_FAT, "check_bzredirect: dir %s", dir)); 1237 basename = strrchr(dir, '/'); 1238 1239 if ((!basename || basename[1] != '\0') && 1240 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) 1241 /* nothing */; 1242 else if (basename == NULL) 1243 strcpy(dir, "."); 1244 else { 1245 *basename++ = '\0'; 1246 check_special_files(request, basename); 1247 } 1248 1249 snprintf(redir, sizeof(redir), "%s/%s", dir, REDIRECT_FILE); 1250 if (lstat(redir, &sb) == 0) { 1251 if (S_ISLNK(sb.st_mode) == 0) 1252 return; 1253 absolute = 0; 1254 } else { 1255 snprintf(redir, sizeof(redir), "%s/%s", dir, ABSREDIRECT_FILE); 1256 if (lstat(redir, &sb) < 0 || S_ISLNK(sb.st_mode) == 0) 1257 return; 1258 absolute = 1; 1259 } 1260 debug((DEBUG_FAT, "check_bzredirect: calling readlink")); 1261 rv = readlink(redir, redirpath, sizeof redirpath - 1); 1262 if (rv == -1 || rv == 0) { 1263 debug((DEBUG_FAT, "readlink failed")); 1264 return; 1265 } 1266 redirpath[rv] = '\0'; 1267 debug((DEBUG_FAT, "readlink returned \"%s\"", redirpath)); 1268 1269 /* now we have the link pointer, redirect to the real place */ 1270 if (absolute) 1271 finalredir = redirpath; 1272 else 1273 snprintf(finalredir = redir, sizeof(redir), "/%s/%s", dir, 1274 redirpath); 1275 1276 debug((DEBUG_FAT, "check_bzredirect: new redir %s", finalredir)); 1277 handle_redirect(request, finalredir, absolute); 1278 } 1279 1280 /* 1281 * checks to see if this request has a valid .bzdirect file. returns 1282 * 0 on failure and 1 on success. 1283 */ 1284 static int 1285 check_direct_access(http_req *request) 1286 { 1287 FILE *fp; 1288 struct stat sb; 1289 char dir[MAXPATHLEN], dirfile[MAXPATHLEN], *basename; 1290 1291 snprintf(dir, sizeof(dir), "%s", request->hr_file + 1); 1292 debug((DEBUG_FAT, "check_bzredirect: dir %s", dir)); 1293 basename = strrchr(dir, '/'); 1294 1295 if ((!basename || basename[1] != '\0') && 1296 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) 1297 /* nothing */; 1298 else if (basename == NULL) 1299 strcpy(dir, "."); 1300 else { 1301 *basename++ = '\0'; 1302 check_special_files(request, basename); 1303 } 1304 1305 snprintf(dirfile, sizeof(dirfile), "%s/%s", dir, DIRECT_ACCESS_FILE); 1306 if (stat(dirfile, &sb) < 0 || 1307 (fp = fopen(dirfile, "r")) == NULL) 1308 return 0; 1309 fclose(fp); 1310 return 1; 1311 } 1312 1313 /* 1314 * transform_request does this: 1315 * - ``expand'' %20 crapola 1316 * - punt if it doesn't start with / 1317 * - check rflag / referrer 1318 * - look for "http://myname/" and deal with it. 1319 * - maybe call process_cgi() 1320 * - check for ~user and call user_transform() if so 1321 * - if the length > 1, check for trailing slash. if so, 1322 * add the index.html file 1323 * - if the length is 1, return the index.html file 1324 * - disallow anything ending up with a file starting 1325 * at "/" or having ".." in it. 1326 * - anything else is a really weird internal error 1327 * - returns malloced file to serve, if unhandled 1328 */ 1329 int 1330 transform_request(http_req *request, int *isindex) 1331 { 1332 char *file, *newfile = NULL; 1333 size_t len; 1334 1335 file = NULL; 1336 *isindex = 0; 1337 debug((DEBUG_FAT, "tf_req: file %s", request->hr_file)); 1338 fix_url_percent(request); 1339 if (check_virtual(request)) { 1340 goto bad_done; 1341 } 1342 file = request->hr_file; 1343 1344 if (file[0] != '/') { 1345 (void)http_error(404, request, "unknown URL"); 1346 goto bad_done; 1347 } 1348 1349 check_bzredirect(request); 1350 1351 if (rflag) { 1352 int to_indexhtml = 0; 1353 1354 #define TOP_PAGE(x) (strcmp((x), "/") == 0 || \ 1355 strcmp((x) + 1, index_html) == 0 || \ 1356 strcmp((x) + 1, "favicon.ico") == 0) 1357 1358 debug((DEBUG_EXPLODING, "checking rflag")); 1359 /* 1360 * first check that this path isn't allowed via .bzdirect file, 1361 * and then check referrer; make sure that people come via the 1362 * real name... otherwise if we aren't looking at / or 1363 * /index.html, redirect... we also special case favicon.ico. 1364 */ 1365 if (check_direct_access(request)) 1366 /* nothing */; 1367 else if (request->hr_referrer) { 1368 const char *r = request->hr_referrer; 1369 1370 debug((DEBUG_FAT, 1371 "checking referrer \"%s\" vs myname %s", r, myname)); 1372 if (strncmp(r, "http://", 7) != 0 || 1373 (strncasecmp(r + 7, myname, strlen(myname)) != 0 && 1374 !TOP_PAGE(file))) 1375 to_indexhtml = 1; 1376 } else { 1377 const char *h = request->hr_host; 1378 1379 debug((DEBUG_FAT, "url has no referrer at all")); 1380 /* if there's no referrer, let / or /index.html past */ 1381 if (!TOP_PAGE(file) || 1382 (h && strncasecmp(h, myname, strlen(myname)) != 0)) 1383 to_indexhtml = 1; 1384 } 1385 1386 if (to_indexhtml) { 1387 char *slashindexhtml; 1388 1389 if (asprintf(&slashindexhtml, "/%s", index_html) < 0) 1390 error(1, "asprintf"); 1391 debug((DEBUG_FAT, "rflag: redirecting %s to %s", file, slashindexhtml)); 1392 handle_redirect(request, slashindexhtml, 0); 1393 free(slashindexhtml); 1394 return 0; 1395 } 1396 } 1397 1398 len = strlen(file); 1399 if (0) { 1400 #ifndef NO_USER_SUPPORT 1401 } else if (len > 1 && uflag && file[1] == '~') { 1402 if (file[2] == '\0') { 1403 (void)http_error(404, request, "missing username"); 1404 goto bad_done; 1405 } 1406 if (strchr(file + 2, '/') == NULL) { 1407 handle_redirect(request, NULL, 0); 1408 return 0; 1409 } 1410 debug((DEBUG_FAT, "calling user_transform")); 1411 1412 return (user_transform(request, isindex)); 1413 #endif /* NO_USER_SUPPORT */ 1414 } else if (len > 1) { 1415 debug((DEBUG_FAT, "file[len-1] == %c", file[len-1])); 1416 if (file[len-1] == '/') { /* append index.html */ 1417 *isindex = 1; 1418 debug((DEBUG_FAT, "appending index.html")); 1419 newfile = bozomalloc(len + strlen(index_html) + 1); 1420 strcpy(newfile, file + 1); 1421 strcat(newfile, index_html); 1422 } else 1423 newfile = bozostrdup(file + 1); 1424 } else if (len == 1) { 1425 debug((DEBUG_EXPLODING, "tf_req: len == 1")); 1426 newfile = bozostrdup(index_html); 1427 *isindex = 1; 1428 } else { /* len == 0 ? */ 1429 (void)http_error(500, request, "request->hr_file is nul?"); 1430 goto bad_done; 1431 } 1432 1433 if (newfile == NULL) { 1434 (void)http_error(500, request, "internal failure"); 1435 goto bad_done; 1436 } 1437 1438 /* 1439 * look for "http://myname/" and deal with it as necessary. 1440 */ 1441 1442 /* 1443 * stop traversing outside our domain 1444 * 1445 * XXX true security only comes from our parent using chroot(2) 1446 * before execve(2)'ing us. or our own built in chroot(2) support. 1447 */ 1448 if (*newfile == '/' || strcmp(newfile, "..") == 0 || 1449 strstr(newfile, "/..") || strstr(newfile, "../")) { 1450 (void)http_error(403, request, "illegal request"); 1451 goto bad_done; 1452 } 1453 1454 if (auth_check(request, newfile)) 1455 goto bad_done; 1456 1457 if (strlen(newfile)) 1458 request->hr_file = newfile; 1459 1460 if (process_cgi(request)) 1461 return 0; 1462 1463 debug((DEBUG_FAT, "transform_request set: %s", newfile)); 1464 return 1; 1465 bad_done: 1466 debug((DEBUG_FAT, "transform_request returning: 0")); 1467 if (newfile) 1468 free(newfile); 1469 return 0; 1470 } 1471 1472 /* 1473 * do automatic redirection -- if there are query parameters for the URL 1474 * we will tack these on to the new (redirected) URL. 1475 */ 1476 static void 1477 handle_redirect(http_req *request, const char *url, int absolute) 1478 { 1479 char *urlbuf; 1480 char portbuf[20]; 1481 int query = 0; 1482 1483 if (url == NULL) { 1484 if (asprintf(&urlbuf, "/%s/", request->hr_file) < 0) 1485 error(1, "asprintf"); 1486 url = urlbuf; 1487 } else 1488 urlbuf = NULL; 1489 1490 if (request->hr_query && strlen(request->hr_query)) { 1491 query = 1; 1492 } 1493 1494 if (request->hr_serverport && strcmp(request->hr_serverport, "80") != 0) 1495 snprintf(portbuf, sizeof(portbuf), ":%s", 1496 request->hr_serverport); 1497 else 1498 portbuf[0] = '\0'; 1499 warning("redirecting %s%s%s", myname, portbuf, url); 1500 debug((DEBUG_FAT, "redirecting %s", url)); 1501 bozoprintf("%s 301 Document Moved\r\n", request->hr_proto); 1502 if (request->hr_proto != http_09) 1503 print_header(request, NULL, "text/html", NULL); 1504 if (request->hr_proto != http_09) { 1505 bozoprintf("Location: http://"); 1506 if (absolute == 0) 1507 bozoprintf("%s%s", myname, portbuf); 1508 if (query) { 1509 bozoprintf("%s?%s\r\n", url, request->hr_query); 1510 } else { 1511 bozoprintf("%s\r\n", url); 1512 } 1513 } 1514 bozoprintf("\r\n"); 1515 if (request->hr_method == HTTP_HEAD) 1516 goto head; 1517 bozoprintf("<html><head><title>Document Moved</title></head>\n"); 1518 bozoprintf("<body><h1>Document Moved</h1>\n"); 1519 bozoprintf("This document had moved <a href=\"http://"); 1520 if (query) { 1521 if (absolute) 1522 bozoprintf("%s?%s", url, request->hr_query); 1523 else 1524 bozoprintf("%s%s%s?%s", myname, portbuf, url, request->hr_query); 1525 } else { 1526 if (absolute) 1527 bozoprintf("%s", url); 1528 else 1529 bozoprintf("%s%s%s", myname, portbuf, url); 1530 } 1531 bozoprintf("\">here</a>\n"); 1532 bozoprintf("</body></html>\n"); 1533 head: 1534 bozoflush(stdout); 1535 if (urlbuf) 1536 free(urlbuf); 1537 } 1538 1539 /* generic header printing routine */ 1540 void 1541 print_header(http_req *request, struct stat *sbp, const char *type, 1542 const char *encoding) 1543 { 1544 off_t len; 1545 1546 bozoprintf("Date: %s\r\n", http_date()); 1547 bozoprintf("Server: %s\r\n", server_software); 1548 bozoprintf("Accept-Ranges: bytes\r\n"); 1549 if (sbp) { 1550 char filedate[40]; 1551 struct tm *tm; 1552 1553 tm = gmtime(&sbp->st_mtime); 1554 strftime(filedate, sizeof filedate, 1555 "%a, %d %b %Y %H:%M:%S GMT", tm); 1556 bozoprintf("Last-Modified: %s\r\n", filedate); 1557 } 1558 if (type && *type) 1559 bozoprintf("Content-Type: %s\r\n", type); 1560 if (encoding && *encoding) 1561 bozoprintf("Content-Encoding: %s\r\n", encoding); 1562 if (sbp) { 1563 if (request->hr_have_range) { 1564 len = request->hr_last_byte_pos - request->hr_first_byte_pos +1; 1565 bozoprintf("Content-Range: bytes %qd-%qd/%qd\r\n", 1566 (long long) request->hr_first_byte_pos, 1567 (long long) request->hr_last_byte_pos, 1568 (long long) sbp->st_size); 1569 } 1570 else 1571 len = sbp->st_size; 1572 bozoprintf("Content-Length: %qd\r\n", (long long)len); 1573 } 1574 if (request && request->hr_proto == http_11) 1575 bozoprintf("Connection: close\r\n"); 1576 bozoflush(stdout); 1577 } 1578 1579 /* this escape HTML tags */ 1580 static void 1581 escape_html(http_req *request) 1582 { 1583 int i, j; 1584 char *url = request->hr_file, *tmp; 1585 1586 for (i = 0, j = 0; url[i]; i++) { 1587 switch (url[i]) { 1588 case '<': 1589 case '>': 1590 j += 4; 1591 break; 1592 case '&': 1593 j += 5; 1594 break; 1595 } 1596 } 1597 1598 if (j == 0) 1599 return; 1600 1601 if ((tmp = (char *) malloc(strlen(url) + j)) == 0) 1602 /* 1603 * ouch, but we are only called from an error context, and 1604 * most paths here come from malloc(3) failures anyway... 1605 * we could completely punt and just exit, but isn't returning 1606 * an not-quite-correct error better than nothing at all? 1607 */ 1608 return; 1609 1610 for (i = 0, j = 0; url[i]; i++) { 1611 switch (url[i]) { 1612 case '<': 1613 memcpy(tmp + j, "<", 4); 1614 j += 4; 1615 break; 1616 case '>': 1617 memcpy(tmp + j, ">", 4); 1618 j += 4; 1619 break; 1620 case '&': 1621 memcpy(tmp + j, "&", 5); 1622 j += 5; 1623 break; 1624 default: 1625 tmp[j++] = url[i]; 1626 } 1627 } 1628 tmp[j] = 0; 1629 1630 free(request->hr_file); 1631 request->hr_file = tmp; 1632 } 1633 1634 /* this fixes the %HH hack that RFC2396 requires. */ 1635 static void 1636 fix_url_percent(http_req *request) 1637 { 1638 char *s, *t, buf[3], *url; 1639 char *end; /* if end is not-zero, we don't translate beyond that */ 1640 1641 url = request->hr_file; 1642 1643 end = url + strlen(url); 1644 1645 /* fast forward to the first % */ 1646 if ((s = strchr(url, '%')) == NULL) 1647 return; 1648 1649 t = s; 1650 do { 1651 if (end && s >= end) { 1652 debug((DEBUG_EXPLODING, "fu_%%: past end, filling out..")); 1653 while (*s) 1654 *t++ = *s++; 1655 break; 1656 } 1657 debug((DEBUG_EXPLODING, "fu_%%: got s == %%, s[1]s[2] == %c%c", 1658 s[1], s[2])); 1659 if (s[1] == '\0' || s[2] == '\0') { 1660 (void)http_error(400, request, 1661 "percent hack missing two chars afterwards"); 1662 goto copy_rest; 1663 } 1664 if (s[1] == '0' && s[2] == '0') { 1665 (void)http_error(404, request, "percent hack was %00"); 1666 goto copy_rest; 1667 } 1668 if (s[1] == '2' && s[2] == 'f') { 1669 (void)http_error(404, request, "percent hack was %2f (/)"); 1670 goto copy_rest; 1671 } 1672 1673 buf[0] = *++s; 1674 buf[1] = *++s; 1675 buf[2] = '\0'; 1676 s++; 1677 *t = (char)strtol(buf, NULL, 16); 1678 debug((DEBUG_EXPLODING, "fu_%%: strtol put '%02x' into *t", *t)); 1679 if (*t++ == '\0') { 1680 (void)http_error(400, request, "percent hack got a 0 back"); 1681 goto copy_rest; 1682 } 1683 1684 while (*s && *s != '%') { 1685 if (end && s >= end) 1686 break; 1687 *t++ = *s++; 1688 } 1689 } while (*s); 1690 copy_rest: 1691 while (*s) { 1692 if (s >= end) 1693 break; 1694 *t++ = *s++; 1695 } 1696 *t = '\0'; 1697 debug((DEBUG_FAT, "fix_url_percent returns %s in url", request->hr_file)); 1698 } 1699 1700 /* 1701 * process each type of HTTP method, setting this HTTP requests 1702 # method type. 1703 */ 1704 static struct method_map { 1705 const char *name; 1706 int type; 1707 } method_map[] = { 1708 { "GET", HTTP_GET, }, 1709 { "POST", HTTP_POST, }, 1710 { "HEAD", HTTP_HEAD, }, 1711 #if 0 /* other non-required http/1.1 methods */ 1712 { "OPTIONS", HTTP_OPTIONS, }, 1713 { "PUT", HTTP_PUT, }, 1714 { "DELETE", HTTP_DELETE, }, 1715 { "TRACE", HTTP_TRACE, }, 1716 { "CONNECT", HTTP_CONNECT, }, 1717 #endif 1718 { NULL, 0, }, 1719 }; 1720 1721 static int 1722 process_method(http_req *request, const char *method) 1723 { 1724 struct method_map *mmp; 1725 1726 if (request->hr_proto == http_11) 1727 request->hr_allow = "GET, HEAD, POST"; 1728 1729 for (mmp = method_map; mmp->name; mmp++) 1730 if (strcasecmp(method, mmp->name) == 0) { 1731 request->hr_method = mmp->type; 1732 request->hr_methodstr = mmp->name; 1733 return 0; 1734 } 1735 1736 return http_error(404, request, "unknown method"); 1737 } 1738 1739 /* 1740 * as the prototype string is not constant (eg, "HTTP/1.1" is equivalent 1741 * to "HTTP/001.01"), we MUST parse this. 1742 */ 1743 static int 1744 process_proto(http_req *request, const char *proto) 1745 { 1746 char majorstr[16], *minorstr; 1747 int majorint, minorint; 1748 1749 if (proto == NULL) { 1750 got_proto_09: 1751 request->hr_proto = http_09; 1752 debug((DEBUG_FAT, "request %s is http/0.9", request->hr_file)); 1753 return 0; 1754 } 1755 1756 if (strncasecmp(proto, "HTTP/", 5) != 0) 1757 goto bad; 1758 strncpy(majorstr, proto + 5, sizeof majorstr); 1759 majorstr[sizeof(majorstr)-1] = 0; 1760 minorstr = strchr(majorstr, '.'); 1761 if (minorstr == NULL) 1762 goto bad; 1763 *minorstr++ = 0; 1764 1765 majorint = atoi(majorstr); 1766 minorint = atoi(minorstr); 1767 1768 switch (majorint) { 1769 case 0: 1770 if (minorint != 9) 1771 break; 1772 goto got_proto_09; 1773 case 1: 1774 if (minorint == 0) 1775 request->hr_proto = http_10; 1776 else if (minorint == 1) 1777 request->hr_proto = http_11; 1778 else 1779 break; 1780 1781 debug((DEBUG_FAT, "request %s is %s", request->hr_file, 1782 request->hr_proto)); 1783 SIMPLEQ_INIT(&request->hr_headers); 1784 request->hr_nheaders = 0; 1785 return 0; 1786 } 1787 bad: 1788 return http_error(404, NULL, "unknown prototype"); 1789 } 1790 1791 #ifdef DEBUG 1792 void 1793 debug__(int level, const char *fmt, ...) 1794 { 1795 va_list ap; 1796 int savederrno; 1797 1798 /* only log if the level is low enough */ 1799 if (dflag < level) 1800 return; 1801 1802 savederrno = errno; 1803 va_start(ap, fmt); 1804 if (sflag) { 1805 vfprintf(stderr, fmt, ap); 1806 fputs("\n", stderr); 1807 } else 1808 vsyslog(LOG_DEBUG, fmt, ap); 1809 va_end(ap); 1810 errno = savederrno; 1811 } 1812 #endif /* DEBUG */ 1813 1814 /* these are like warn() and err(), except for syslog not stderr */ 1815 void 1816 warning(const char *fmt, ...) 1817 { 1818 va_list ap; 1819 1820 va_start(ap, fmt); 1821 if (sflag || isatty(STDERR_FILENO)) { 1822 vfprintf(stderr, fmt, ap); 1823 fputs("\n", stderr); 1824 } else 1825 vsyslog(LOG_INFO, fmt, ap); 1826 va_end(ap); 1827 } 1828 1829 void 1830 error(int code, const char *fmt, ...) 1831 { 1832 va_list ap; 1833 1834 va_start(ap, fmt); 1835 if (sflag || isatty(STDERR_FILENO)) { 1836 vfprintf(stderr, fmt, ap); 1837 fputs("\n", stderr); 1838 } else 1839 vsyslog(LOG_ERR, fmt, ap); 1840 va_end(ap); 1841 exit(code); 1842 } 1843 1844 /* the follow functions and variables are used in handling HTTP errors */ 1845 /* ARGSUSED */ 1846 int 1847 http_error(int code, http_req *request, const char *msg) 1848 { 1849 static char buf[BUFSIZ]; 1850 char portbuf[20]; 1851 const char *header = http_errors_short(code); 1852 const char *reason = http_errors_long(code); 1853 const char *proto = (request && request->hr_proto) ? request->hr_proto : http_11; 1854 int size; 1855 1856 debug((DEBUG_FAT, "http_error %d: %s", code, msg)); 1857 if (header == NULL || reason == NULL) { 1858 error(1, "http_error() failed (short = %p, long = %p)", 1859 header, reason); 1860 return code; 1861 } 1862 1863 if (request && request->hr_serverport && 1864 strcmp(request->hr_serverport, "80") != 0) 1865 snprintf(portbuf, sizeof(portbuf), ":%s", request->hr_serverport); 1866 else 1867 portbuf[0] = '\0'; 1868 1869 if (request && request->hr_file) { 1870 escape_html(request); 1871 size = snprintf(buf, sizeof buf, 1872 "<html><head><title>%s</title></head>\n" 1873 "<body><h1>%s</h1>\n" 1874 "%s: <pre>%s</pre>\n" 1875 "<hr><address><a href=\"http://%s%s/\">%s%s</a></address>\n" 1876 "</body></html>\n", 1877 header, header, request->hr_file, reason, 1878 myname, portbuf, myname, portbuf); 1879 if (size >= (int)sizeof buf) { 1880 warning("http_error buffer too small, truncated"); 1881 size = (int)sizeof buf; 1882 } 1883 } else 1884 size = 0; 1885 1886 bozoprintf("%s %s\r\n", proto, header); 1887 auth_check_401(request, code); 1888 1889 bozoprintf("Content-Type: text/html\r\n"); 1890 bozoprintf("Content-Length: %d\r\n", size); 1891 bozoprintf("Server: %s\r\n", server_software); 1892 if (request && request->hr_allow) 1893 bozoprintf("Allow: %s\r\n", request->hr_allow); 1894 bozoprintf("\r\n"); 1895 if (size) 1896 bozoprintf("%s", buf); 1897 bozoflush(stdout); 1898 1899 return code; 1900 } 1901 1902 /* short map between error code, and short/long messages */ 1903 static struct errors_map { 1904 int code; /* HTTP return code */ 1905 const char *shortmsg; /* short version of message */ 1906 const char *longmsg; /* long version of message */ 1907 } errors_map[] = { 1908 { 400, "400 Bad Request", "The request was not valid", }, 1909 { 401, "401 Unauthorized", "No authorization", }, 1910 { 403, "403 Forbidden", "Access to this item has been denied",}, 1911 { 404, "404 Not Found", "This item has not been found", }, 1912 { 408, "408 Request Timeout", "This request took too long", }, 1913 { 417, "417 Expectation Failed","Expectations not available", }, 1914 { 500, "500 Internal Error", "An error occured on the server", }, 1915 { 501, "501 Not Implemented", "This request is not available", }, 1916 { 0, NULL, NULL, }, 1917 }; 1918 1919 static const char *help = "DANGER! WILL ROBINSON! DANGER!"; 1920 1921 static const char * 1922 http_errors_short(int code) 1923 { 1924 struct errors_map *ep; 1925 1926 for (ep = errors_map; ep->code; ep++) 1927 if (ep->code == code) 1928 return (ep->shortmsg); 1929 return (help); 1930 } 1931 1932 static const char * 1933 http_errors_long(int code) 1934 { 1935 struct errors_map *ep; 1936 1937 for (ep = errors_map; ep->code; ep++) 1938 if (ep->code == code) 1939 return (ep->longmsg); 1940 return (help); 1941 } 1942 1943 /* Below are various modified libc functions */ 1944 1945 /* 1946 * returns -1 in lenp if the string ran out before finding a delimiter, 1947 * but is otherwise the same as strsep. Note that the length must be 1948 * correctly passed in. 1949 */ 1950 char * 1951 bozostrnsep(char **strp, const char *delim, ssize_t *lenp) 1952 { 1953 char *s; 1954 const char *spanp; 1955 int c, sc; 1956 char *tok; 1957 1958 if ((s = *strp) == NULL) 1959 return (NULL); 1960 for (tok = s;;) { 1961 if (lenp && --(*lenp) == -1) 1962 return (NULL); 1963 c = *s++; 1964 spanp = delim; 1965 do { 1966 if ((sc = *spanp++) == c) { 1967 if (c == 0) 1968 s = NULL; 1969 else 1970 s[-1] = '\0'; 1971 *strp = s; 1972 return (tok); 1973 } 1974 } while (sc != 0); 1975 } 1976 /* NOTREACHED */ 1977 } 1978 1979 /* 1980 * inspired by fgetln(3), but works for fd's. should work identically 1981 * except it, however, does *not* return the newline, and it does nul 1982 * terminate the string. 1983 */ 1984 char * 1985 bozodgetln(int fd, ssize_t *lenp, ssize_t (*readfn)(int, void *, size_t)) 1986 { 1987 static char *buffer; 1988 static ssize_t buflen = 0; 1989 ssize_t len; 1990 int got_cr = 0; 1991 char c, *nbuffer; 1992 1993 /* initialise */ 1994 if (buflen == 0) { 1995 buflen = 128; /* should be plenty for most requests */ 1996 buffer = malloc(buflen); 1997 if (buffer == NULL) { 1998 buflen = 0; 1999 return NULL; 2000 } 2001 } 2002 len = 0; 2003 2004 /* 2005 * we *have* to read one byte at a time, to not break cgi 2006 * programs (for we pass stdin off to them). could fix this 2007 * by becoming a fd-passing program instead of just exec'ing 2008 * the program 2009 */ 2010 for (; readfn(fd, &c, 1) == 1; ) { 2011 debug((DEBUG_EXPLODING, "bozodgetln read %c", c)); 2012 2013 if (len >= buflen - 1) { 2014 buflen *= 2; 2015 debug((DEBUG_EXPLODING, "bozodgetln: " 2016 "reallocating buffer to buflen %zu", buflen)); 2017 nbuffer = realloc(buffer, buflen); 2018 if (nbuffer == NULL) { 2019 free(buffer); 2020 buflen = 0; 2021 buffer = NULL; 2022 return NULL; 2023 } 2024 buffer = nbuffer; 2025 } 2026 2027 buffer[len++] = c; 2028 if (c == '\r') { 2029 got_cr = 1; 2030 continue; 2031 } else if (c == '\n') { 2032 /* 2033 * HTTP/1.1 spec says to ignore CR and treat 2034 * LF as the real line terminator. even though 2035 * the same spec defines CRLF as the line 2036 * terminator, it is recommended in section 19.3 2037 * to do the LF trick for tolerance. 2038 */ 2039 if (got_cr) 2040 len -= 2; 2041 else 2042 len -= 1; 2043 break; 2044 } 2045 2046 } 2047 buffer[len] = '\0'; 2048 debug((DEBUG_OBESE, "bozodgetln returns: ``%s'' with len %d", 2049 buffer, len)); 2050 *lenp = len; 2051 return (buffer); 2052 } 2053 2054 void * 2055 bozorealloc(void *ptr, size_t size) 2056 { 2057 void *p; 2058 2059 p = realloc(ptr, size); 2060 if (p == NULL) { 2061 (void)http_error(500, NULL, "memory allocation failure"); 2062 exit(1); 2063 } 2064 return (p); 2065 } 2066 2067 void * 2068 bozomalloc(size_t size) 2069 { 2070 void *p; 2071 2072 p = malloc(size); 2073 if (p == NULL) { 2074 (void)http_error(500, NULL, "memory allocation failure"); 2075 exit(1); 2076 } 2077 return (p); 2078 } 2079 2080 char * 2081 bozostrdup(const char *str) 2082 { 2083 char *p; 2084 2085 p = strdup(str); 2086 if (p == NULL) { 2087 (void)http_error(500, NULL, "memory allocation failure"); 2088 exit(1); 2089 } 2090 return (p); 2091 } 2092
Indexes created Sat Sep 27 22:09:54 GMT 2025