bozohttpd.c revision 1.2
1 /* $eterna: bozohttpd.c,v 1.137 2006/05/17 08:37:36 mrg Exp $ */ 2 3 /* 4 * Copyright (c) 1997-2006 Matthew R. Green 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer and 14 * dedication in the documentation and/or other materials provided 15 * with the distribution. 16 * 3. The name of the author may not be used to endorse or promote products 17 * derived from this software without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 */ 32 33 /* this program is dedicated to the Great God of Processed Cheese */ 34 35 /* 36 * bozohttpd.c: minimal httpd; provides only these features: 37 * - HTTP/0.9 (by virtue of ..) 38 * - HTTP/1.0 39 * - HTTP/1.1 40 * - CGI/1.1 this will only be provided for "system" scripts 41 * - automatic "missing trailing slash" redirections 42 * - configurable translation of /~user/ to ~user/public_html, 43 * however, this does not include cgi-bin support 44 * - access lists via libwrap via inetd/tcpd 45 * - virtual hosting 46 * - not that we do not even pretend to understand MIME, but 47 * rely only on the HTTP specification 48 * - ipv6 support 49 * - automatic `index.html' generation 50 * - configurable server name 51 * - directory index generation 52 * - daemon mode (lacks libwrap support) 53 * - .htpasswd support 54 */ 55 56 /* 57 * requirements for minimal http/1.1 (at least, as documented in 58 * <draft-ietf-http-v11-spec-rev-06> which expired may 18, 1999): 59 * 60 * - 14.15: content-encoding handling. [1] 61 * 62 * - 14.16: content-length handling. this is only a SHOULD header 63 * thus we could just not send it ever. [1] 64 * 65 * - 14.17: content-type handling. [1] 66 * 67 * - 14.25/28: if-{,un}modified-since handling. maybe do this, but 68 * i really don't want to have to parse 3 differnet date formats 69 * 70 * [1] need to revisit to ensure proper behaviour 71 * 72 * and the following is a list of features that we do not need 73 * to have due to other limits, or are too lazy. there are more 74 * of these than are listed, but these are of particular note, 75 * and could perhaps be implemented. 76 * 77 * - 3.5/3.6: content/transfer codings. probably can ignore 78 * this? we "SHOULD"n't. but 4.4 says we should ignore a 79 * `content-length' header upon reciept of a `transfer-encoding' 80 * header. 81 * 82 * - 5.1.1: request methods. only MUST support GET and HEAD, 83 * but there are new ones besides POST that are currently 84 * supported: OPTIONS PUT DELETE TRACE and CONNECT, plus 85 * extensions not yet known? 86 * 87 * - 10.1: we can ignore informational status codes 88 * 89 * - 10.3.3/10.3.4/10.3.8: just use '302' codes always. 90 * 91 * - 14.1/14.2/14.3/14.27: we do not support Accept: headers.. 92 * just ignore them and send the request anyway. they are 93 * only SHOULD. 94 * 95 * - 14.5/14.16/14.35: we don't do ranges. from section 14.35.2 96 * `A server MAY ignore the Range header'. but it might be nice. 97 * 98 * - 14.9: we aren't a cache. 99 * 100 * - 14.15: content-md5 would be nice... 101 * 102 * - 14.24/14.26/14.27: be nice to support this... 103 * 104 * - 14.44: not sure about this Vary: header. ignore it for now. 105 */ 106 107 #ifndef INDEX_HTML 108 #define INDEX_HTML "index.html" 109 #endif 110 #ifndef SERVER_SOFTWARE 111 #define SERVER_SOFTWARE "bozohttpd/20060517" 112 #endif 113 #ifndef DIRECT_ACCESS_FILE 114 #define DIRECT_ACCESS_FILE ".bzdirect" 115 #endif 116 #ifndef REDIRECT_FILE 117 #define REDIRECT_FILE ".bzredirect" 118 #endif 119 #ifndef ABSREDIRECT_FILE 120 #define ABSREDIRECT_FILE ".bzabsredirect" 121 #endif 122 123 /* 124 * And so it begins .. 125 */ 126 127 #include <sys/param.h> 128 #include <sys/socket.h> 129 #include <sys/time.h> 130 #include <sys/mman.h> 131 132 #include <arpa/inet.h> 133 134 #include <ctype.h> 135 #include <dirent.h> 136 #include <errno.h> 137 #include <fcntl.h> 138 #include <netdb.h> 139 #include <pwd.h> 140 #include <grp.h> 141 #include <signal.h> 142 #include <stdarg.h> 143 #include <stdlib.h> 144 #include <string.h> 145 #include <syslog.h> 146 #include <time.h> 147 #include <unistd.h> 148 149 #ifndef __attribute__ 150 #define __attribute__(x) 151 #endif /* __attribute__ */ 152 153 #include "bozohttpd.h" 154 155 #ifndef MAX_WAIT_TIME 156 #define MAX_WAIT_TIME 60 /* hang around for 60 seconds max */ 157 #endif 158 159 /* variables and functions */ 160 161 int bflag; /* background; drop into daemon mode */ 162 int fflag; /* keep daemon mode in foreground */ 163 static int eflag; /* don't clean environ; -t/-U only */ 164 const char *Iflag = "http";/* bind port; default "http" */ 165 int Iflag_set; 166 int dflag = 0; /* debugging level */ 167 char *myname; /* my name */ 168 169 #ifndef LOG_FTP 170 #define LOG_FTP LOG_DAEMON 171 #endif 172 173 static char *tflag; /* root directory */ 174 static char *Uflag; /* user name to switch to */ 175 static int Vflag; /* unknown vhosts go to normal slashdir */ 176 static int nflag; /* avoid gethostby*() */ 177 static int rflag; /* make sure referrer = me unless url = / */ 178 static int sflag; /* log to stderr even if it is not a TTY */ 179 static char *vpath; /* virtual directory base */ 180 181 char *slashdir; /* www slash directory */ 182 183 const char *server_software = SERVER_SOFTWARE; 184 const char *index_html = INDEX_HTML; 185 const char http_09[] = "HTTP/0.9"; 186 const char http_10[] = "HTTP/1.0"; 187 const char http_11[] = "HTTP/1.1"; 188 const char text_plain[] = "text/plain"; 189 190 static void usage(void); 191 static void alarmer(int); 192 volatile sig_atomic_t alarmhit; 193 194 static void parse_request(char *, char **, char **, char **); 195 static http_req *read_request(void); 196 static struct headers *addmerge_header(http_req *request, char *val, 197 char *str, ssize_t len); 198 static void process_request(http_req *); 199 static int check_direct_access(http_req *request); 200 static char *transform_request(http_req *, int *); 201 static void handle_redirect(http_req *, const char *, int); 202 203 static void check_virtual(http_req *); 204 static void check_bzredirect(http_req *); 205 static void fix_url_percent(http_req *); 206 static void process_method(http_req *, const char *); 207 static void process_proto(http_req *, const char *); 208 static void escape_html(http_req *); 209 210 static const char *http_errors_short(int); 211 static const char *http_errors_long(int); 212 213 214 void *bozomalloc(size_t); 215 void *bozorealloc(void *, size_t); 216 char *bozostrdup(const char *); 217 218 /* bozotic io */ 219 int (*bozoprintf)(const char *, ...) = printf; 220 ssize_t (*bozoread)(int, void *, size_t) = read; 221 ssize_t (*bozowrite)(int, const void *, size_t) = write; 222 int (*bozoflush)(FILE *) = fflush; 223 224 char *progname; 225 226 int main(int, char **); 227 228 static void 229 usage(void) 230 { 231 warning("usage: %s [options] slashdir [myname]", progname); 232 warning("options:"); 233 #ifdef DEBUG 234 warning(" -d\t\t\tenable debug support"); 235 #endif 236 warning(" -s\t\t\talways log to stderr"); 237 #ifndef NO_USER_SUPPORT 238 warning(" -u\t\t\tenable ~user/public_html support"); 239 warning(" -p dir\t\tchange `public_html' directory name]"); 240 #endif 241 #ifndef NO_DYNAMIC_CONTENT 242 warning(" -M arg t c c11\tadd this mime extenstion"); 243 #endif 244 #ifndef NO_CGIBIN_SUPPORT 245 #ifndef NO_DYNAMIC_CONTENT 246 warning(" -C arg prog\t\tadd this CGI handler"); 247 #endif 248 warning(" -c cgibin\t\tenable cgi-bin support in this directory"); 249 #endif 250 #ifndef NO_DAEMON_MODE 251 warning(" -b\t\t\tbackground and go into daemon mode"); 252 warning(" -f\t\t\tkeep daemon mode in the foreground"); 253 warning(" -i address\t\tbind on this address (daemon mode only)"); 254 warning(" -I port\t\tbind on this port (daemon mode only)"); 255 #endif 256 warning(" -S version\t\tset server version string"); 257 warning(" -t dir\t\tchroot to `dir'"); 258 warning(" -U username\t\tchange user to `user'"); 259 warning(" -e\t\t\tdon't clean the environment (-t and -U only)"); 260 warning(" -v virtualroot\tenable virtual host support in this directory"); 261 warning(" -r\t\t\tmake sure sub-pages come from this host via referrer"); 262 #ifndef NO_DIRINDEX_SUPPORT 263 warning(" -X\t\t\tenable automatic directory index support"); 264 warning(" -H\t\t\thide files starting with a period (.) in index mode"); 265 #endif 266 warning(" -x index\t\tchange default `index.html' file name"); 267 #ifndef NO_SSL_SUPPORT 268 warning(" -Z cert privkey\tspecify path to server certificate and private key file\n" 269 "\t\t\tin pem format and enable bozohttpd in SSL mode"); 270 #endif /* NO_SSL_SUPPORT */ 271 error(1, "%s failed to start", progname); 272 } 273 274 int 275 main(int argc, char **argv) 276 { 277 http_req *http_request; 278 extern char **environ; 279 char *cleanenv[1]; 280 uid_t uid; 281 int c; 282 283 uid = 0; /* XXX gcc */ 284 285 if ((progname = strrchr(argv[0], '/')) != NULL) 286 progname++; 287 else 288 progname = argv[0]; 289 290 openlog(progname, LOG_PID|LOG_NDELAY, LOG_FTP); 291 292 while ((c = getopt(argc, argv, 293 "C:HI:M:S:U:VXZ:bc:defhi:np:rst:uv:x:z:")) != -1) { 294 switch(c) { 295 296 case 'M': 297 #ifndef NO_DYNAMIC_CONTENT 298 /* make sure there's four arguments */ 299 if (argc - optind < 3) 300 usage(); 301 add_content_map_mime(optarg, argv[optind], 302 argv[optind+1], argv[optind+2]); 303 optind += 3; 304 break; 305 #else 306 error(1, "dynmic mime content support is not enabled"); 307 /* NOTREACHED */ 308 #endif /* NO_DYNAMIC_CONTENT */ 309 310 case 'n': 311 nflag = 1; 312 break; 313 314 case 'r': 315 rflag = 1; 316 break; 317 318 case 's': 319 sflag = 1; 320 break; 321 322 case 'S': 323 server_software = optarg; 324 break; 325 case 'Z': 326 #ifndef NO_SSL_SUPPORT 327 /* make sure there's two arguments */ 328 if (argc - optind < 1) 329 usage(); 330 ssl_set_opts(optarg, argv[optind++]); 331 break; 332 #else 333 error(1, "ssl support is not enabled"); 334 /* NOT REACHED */ 335 #endif /* NO_SSL_SUPPORT */ 336 case 'U': 337 Uflag = optarg; 338 break; 339 340 case 'V': 341 Vflag = 1; 342 break; 343 344 case 'v': 345 vpath = optarg; 346 break; 347 348 case 'x': 349 index_html = optarg; 350 break; 351 352 #ifndef NO_DAEMON_MODE 353 case 'b': 354 bflag = 1; 355 break; 356 357 case 'e': 358 eflag = 1; 359 break; 360 361 case 'f': 362 fflag = 1; 363 break; 364 365 case 'i': 366 iflag = optarg; 367 break; 368 369 case 'I': 370 Iflag_set = 1; 371 Iflag = optarg; 372 break; 373 #else /* NO_DAEMON_MODE */ 374 case 'b': 375 case 'i': 376 case 'I': 377 error(1, "Daemon mode is not enabled"); 378 /* NOTREACHED */ 379 #endif /* NO_DAEMON_MODE */ 380 381 #ifndef NO_CGIBIN_SUPPORT 382 case 'c': 383 set_cgibin(optarg); 384 break; 385 386 case 'C': 387 #ifndef NO_DYNAMIC_CONTENT 388 /* make sure there's two arguments */ 389 if (argc - optind < 1) 390 usage(); 391 add_content_map_cgi(optarg, argv[optind++]); 392 break; 393 #else 394 error(1, "dynmic CGI handler support is not enabled"); 395 /* NOTREACHED */ 396 #endif /* NO_DYNAMIC_CONTENT */ 397 398 #else 399 case 'c': 400 case 'C': 401 error(1, "CGI is not enabled"); 402 /* NOTREACHED */ 403 #endif /* NO_CGIBIN_SUPPORT */ 404 405 case 'd': 406 dflag++; 407 #ifndef DEBUG 408 if (dflag == 1) 409 warning("Debugging is not enabled"); 410 #endif /* !DEBUG */ 411 break; 412 413 #ifndef NO_USER_SUPPORT 414 case 'p': 415 public_html = optarg; 416 break; 417 418 case 't': 419 tflag = optarg; 420 break; 421 422 case 'u': 423 uflag = 1; 424 break; 425 #else 426 case 'u': 427 case 'p': 428 error(1, "User support is not enabled"); 429 /* NOTREACHED */ 430 #endif /* NO_USER_SUPPORT */ 431 432 #ifndef NO_DIRINDEX_SUPPORT 433 case 'H': 434 Hflag = 1; 435 break; 436 437 case 'X': 438 Xflag = 1; 439 break; 440 441 #else 442 case 'H': 443 case 'X': 444 error(1, "directory indexing is not enabled"); 445 /* NOTREACHED */ 446 #endif /* NO_DIRINDEX_SUPPORT */ 447 448 default: 449 usage(); 450 /* NOTREACHED */ 451 } 452 } 453 argc -= optind; 454 argv += optind; 455 456 if (argc == 1) { 457 myname = bozomalloc(MAXHOSTNAMELEN+1); 458 /* XXX we do not check for FQDN here */ 459 if (gethostname(myname, MAXHOSTNAMELEN+1) < 0) 460 error(1, "gethostname"); 461 myname[MAXHOSTNAMELEN] = '\0'; 462 } else if (argc == 2) 463 myname = argv[1]; 464 else 465 usage(); 466 467 slashdir = argv[0]; 468 debug((DEBUG_OBESE, "myname is %s, slashdir is %s", myname, slashdir)); 469 470 /* 471 * initialise ssl and daemon mode if necessary. 472 */ 473 ssl_init(); 474 daemon_init(); 475 476 /* 477 * prevent info leakage between different compartments. 478 * some PATH values in the environment would be invalided 479 * by chroot. cross-user settings might result in undesirable 480 * effects. 481 */ 482 if ((tflag != NULL || Uflag != NULL) && !eflag) { 483 cleanenv[0] = NULL; 484 environ = cleanenv; 485 } 486 487 /* 488 * look up user/group information. 489 */ 490 if (Uflag != NULL) { 491 struct passwd *pw; 492 493 if ((pw = getpwnam(Uflag)) == NULL) 494 error(1, "getpwnam(%s): %s", Uflag, strerror(errno)); 495 if (initgroups(pw->pw_name, pw->pw_gid) == -1) 496 error(1, "initgroups: %s", strerror(errno)); 497 if (setgid(pw->pw_gid) == -1) 498 error(1, "setgid(%u): %s", pw->pw_gid, strerror(errno)); 499 uid = pw->pw_uid; 500 } 501 502 /* 503 * handle chroot. 504 */ 505 if (tflag != NULL) { 506 if (chdir(tflag) == -1) 507 error(1, "chdir(%s): %s", tflag, strerror(errno)); 508 if (chroot(tflag) == -1) 509 error(1, "chroot(%s): %s", tflag, strerror(errno)); 510 } 511 512 if (Uflag != NULL) 513 if (setuid(uid) == -1) 514 error(1, "setuid(%d): %s", uid, strerror(errno)); 515 516 /* 517 * be sane, don't start serving up files from a 518 * hierarchy we don't have permission to get to. 519 */ 520 if (tflag != NULL) 521 if (chdir("/") == -1) 522 error(1, "chdir /: %s", strerror(errno)); 523 524 /* 525 * read and process the HTTP request. 526 */ 527 do { 528 http_request = read_request(); 529 if (http_request) { 530 process_request(http_request); 531 return (0); 532 } 533 } while (bflag); 534 535 return (0); 536 } 537 538 char * 539 http_date(void) 540 { 541 static char date[40]; 542 struct tm *tm; 543 time_t now; 544 545 /* Sun, 06 Nov 1994 08:49:37 GMT */ 546 now = time(NULL); 547 tm = gmtime(&now); /* HTTP/1.1 spec rev 06 sez GMT only */ 548 strftime(date, sizeof date, "%a, %d %b %Y %H:%M:%S GMT", tm); 549 return date; 550 } 551 552 /* 553 * convert "in" into the three parts of a request (first line) 554 */ 555 static void 556 parse_request(char *in, char **method, char **url, char **proto) 557 { 558 ssize_t len; 559 char *val; 560 561 *method = *url = *proto = NULL; /* set them up */ 562 563 len = (ssize_t)strlen(in); 564 val = strnsep(&in, " \t\n\r", &len); 565 if (len < 1 || val == NULL) 566 return; 567 *method = val; 568 while (*in == ' ' || *in == '\t') 569 in++; 570 val = strnsep(&in, " \t\n\r", &len); 571 if (len < 1) { 572 if (len == 0) 573 *url = val; 574 else 575 *url = in; 576 return; 577 } 578 *url = val; 579 if (in) { 580 while (*in && (*in == ' ' || *in == '\t')) 581 in++; 582 if (*in) 583 *proto = in; 584 } 585 } 586 587 /* 588 * send a HTTP/1.1 408 response if we timeout. 589 */ 590 /* ARGSUSED */ 591 static void 592 alarmer(int sig) 593 { 594 alarmhit = 1; 595 } 596 597 /* 598 * This function reads a http request from stdin, returning a pointer to a 599 * http_req structure, describing the request. 600 */ 601 static http_req * 602 read_request(void) 603 { 604 struct sigaction sa; 605 char *str, *val, *method, *url, *proto; 606 char *host, *addr, *port; 607 char bufport[10]; 608 char hbuf[NI_MAXHOST], abuf[NI_MAXHOST]; 609 struct sockaddr_storage ss; 610 ssize_t len; 611 int line = 0; 612 socklen_t slen; 613 http_req *request; 614 615 /* 616 * if we're in daemon mode, daemon_fork() will return here once 617 * for each child, then we can setup SSL. 618 */ 619 daemon_fork(); 620 ssl_accept(); 621 622 request = bozomalloc(sizeof *request); 623 memset(request, 0, sizeof *request); 624 request->hr_allow = request->hr_host = NULL; 625 request->hr_content_type = request->hr_content_length = NULL; 626 627 slen = sizeof(ss); 628 if (getpeername(0, (struct sockaddr *)&ss, &slen) < 0) 629 host = addr = NULL; 630 else { 631 if (getnameinfo((struct sockaddr *)&ss, slen, 632 abuf, sizeof abuf, NULL, 0, NI_NUMERICHOST) == 0) 633 addr = abuf; 634 else 635 addr = NULL; 636 if (nflag == 0 && getnameinfo((struct sockaddr *)&ss, slen, 637 hbuf, sizeof hbuf, NULL, 0, 0) == 0) 638 host = hbuf; 639 else 640 host = NULL; 641 } 642 if (host != NULL) 643 request->hr_remotehost = bozostrdup(host); 644 if (addr != NULL) 645 request->hr_remoteaddr = bozostrdup(addr); 646 slen = sizeof(ss); 647 if (getsockname(0, (struct sockaddr *)&ss, &slen) < 0) 648 port = NULL; 649 else { 650 if (getnameinfo((struct sockaddr *)&ss, slen, NULL, 0, 651 bufport, sizeof bufport, NI_NUMERICSERV) == 0) 652 port = bufport; 653 else 654 port = NULL; 655 } 656 if (port != NULL) 657 request->hr_serverport = bozostrdup(port); 658 659 /* 660 * setup a timer to make sure the request is not hung 661 */ 662 sa.sa_handler = alarmer; 663 sigemptyset(&sa.sa_mask); 664 sigaddset(&sa.sa_mask, SIGALRM); 665 sa.sa_flags = 0; 666 sigaction(SIGALRM, &sa, NULL); /* XXX */ 667 668 alarm(MAX_WAIT_TIME); 669 while ((str = dgetln(STDIN_FILENO, &len, bozoread)) != NULL) { 670 alarm(0); 671 if (alarmhit) 672 http_error(408, NULL, "request timed out"); 673 line++; 674 675 if (line == 1) { 676 str = bozostrdup(str); /* we use this copy */ 677 678 if (len < 1) 679 http_error(404, NULL, "null method"); 680 warning("got request ``%s'' from host %s to port %s", 681 str, 682 host ? host : addr ? addr : "<local>", 683 port ? port : "<stdin>"); 684 debug((DEBUG_FAT, "read_req, getting request: ``%s''", 685 str)); 686 687 parse_request(str, &method, &url, &proto); 688 if (method == NULL) 689 http_error(404, NULL, "null method"); 690 if (url == NULL) 691 http_error(404, NULL, "null url"); 692 693 /* 694 * note that we parse the proto first, so that we 695 * can more properly parse the method and the url. 696 */ 697 request->hr_url = url; 698 process_proto(request, proto); 699 process_method(request, method); 700 701 /* http/0.9 has no header processing */ 702 if (request->hr_proto == http_09) 703 break; 704 } else { /* incoming headers */ 705 struct headers *hdr; 706 707 if (*str == '\0') 708 break; 709 710 val = strnsep(&str, ":", &len); 711 debug((DEBUG_EXPLODING, 712 "read_req2: after strnsep: str ``%s'' val ``%s''", 713 str, val)); 714 if (val == NULL || len == -1) 715 http_error(404, request, "no header"); 716 while (*str == ' ' || *str == '\t') 717 len--, str++; 718 719 if (auth_check_headers(request, val, str, len)) 720 goto next_header; 721 722 hdr = addmerge_header(request, val, str, len); 723 724 if (strcasecmp(hdr->h_header, "content-type") == 0) 725 request->hr_content_type = hdr->h_value; 726 else if (strcasecmp(hdr->h_header, "content-length") == 0) 727 request->hr_content_length = hdr->h_value; 728 else if (strcasecmp(hdr->h_header, "host") == 0) 729 request->hr_host = hdr->h_value; 730 /* HTTP/1.1 rev06 draft spec: 14.20 */ 731 else if (strcasecmp(hdr->h_header, "expect") == 0) 732 http_error(417, request, "we don't support Expect:"); 733 else if (strcasecmp(hdr->h_header, "referrer") == 0 || 734 strcasecmp(hdr->h_header, "referer") == 0) 735 request->hr_referrer = hdr->h_value; 736 737 debug((DEBUG_FAT, "adding header %s: %s", 738 hdr->h_header, hdr->h_value)); 739 } 740 next_header: 741 alarm(MAX_WAIT_TIME); 742 } 743 744 /* now, clear it all out */ 745 alarm(0); 746 signal(SIGALRM, SIG_DFL); 747 748 /* RFC1945, 8.3 */ 749 if (request->hr_method == HTTP_POST && request->hr_content_length == NULL) 750 http_error(400, request, "missing content length"); 751 752 /* HTTP/1.1 draft rev-06, 14.23 & 19.6.1.1 */ 753 if (request->hr_proto == http_11 && request->hr_host == NULL) 754 http_error(400, request, "missing Host header"); 755 756 debug((DEBUG_FAT, "read_request returns url %s in request", request->hr_url)); 757 return (request); 758 } 759 760 /* 761 * add or merge this header (val: str) into the requests list 762 */ 763 static struct headers * 764 addmerge_header(http_req *request, char *val, char *str, ssize_t len) 765 { 766 struct headers *hdr; 767 static char space[2] = { ' ', 0 }; 768 769 /* do we exist already? */ 770 SIMPLEQ_FOREACH(hdr, &request->hr_headers, h_next) { 771 if (strcasecmp(val, hdr->h_header) == 0) 772 break; 773 } 774 775 if (hdr) { 776 /* yup, merge it in */ 777 if (hdr->h_value == space) 778 hdr->h_value = bozostrdup(str); 779 else { 780 char *nval; 781 782 if (asprintf(&nval, "%s, %s", hdr->h_value, str) == -1) 783 http_error(500, NULL, 784 "memory allocation failure"); 785 free(hdr->h_value); 786 hdr->h_value = nval; 787 } 788 } else { 789 /* nope, create a new one */ 790 791 hdr = bozomalloc(sizeof *hdr); 792 hdr->h_header = bozostrdup(val); 793 if (str && *str) 794 hdr->h_value = bozostrdup(str); 795 else 796 hdr->h_value = space; 797 798 SIMPLEQ_INSERT_TAIL(&request->hr_headers, hdr, h_next); 799 request->hr_nheaders++; 800 } 801 802 return hdr; 803 } 804 805 /* 806 * process_request does the following: 807 * - check the request is valid 808 * - process cgi-bin if necessary 809 * - transform a filename if necesarry 810 * - return the HTTP request 811 */ 812 static void 813 process_request(http_req *request) 814 { 815 struct stat sb; 816 char *file; 817 const char *type, *encoding; 818 int fd, isindex; 819 820 /* 821 * note that transform_request chdir()'s if required. also note 822 * that cgi is handed here, and a cgi request will never return 823 * back here. 824 */ 825 file = transform_request(request, &isindex); 826 if (file == NULL) 827 http_error(404, request, "empty file after transform"); 828 829 fd = open(file, O_RDONLY); 830 if (fd < 0) { 831 debug((DEBUG_FAT, "open failed: %s", strerror(errno))); 832 if (errno == EPERM) 833 http_error(403, request, "no permission to open file"); 834 else if (errno == ENOENT) { 835 if (directory_index(request, file, isindex)) 836 return; 837 http_error(404, request, "no file"); 838 } else 839 http_error(500, request, "open file"); 840 } 841 if (fstat(fd, &sb) < 0) 842 http_error(500, request, "can't fstat"); 843 if (S_ISDIR(sb.st_mode)) 844 handle_redirect(request, NULL, 0); 845 /* NOTREACHED */ 846 /* XXX RFC1945 10.9 If-Modified-Since (http code 304) */ 847 848 bozoprintf("%s 200 OK\r\n", request->hr_proto); 849 850 if (request->hr_proto != http_09) { 851 type = content_type(request, file); 852 encoding = content_encoding(request, file); 853 854 print_header(request, &sb, type, encoding); 855 bozoprintf("\r\n"); 856 } 857 bozoflush(stdout); 858 859 if (request->hr_method != HTTP_HEAD) { 860 char *addr; 861 void *oaddr; 862 off_t sz = sb.st_size; 863 864 oaddr = addr = mmap(0, (size_t)sz, PROT_READ, 865 MAP_SHARED, fd, 0); 866 if (addr == (char *)-1) 867 error(1, "mmap failed: %s", strerror(errno)); 868 869 #ifdef MADV_SEQUENTIAL 870 madvise(addr, sz, MADV_SEQUENTIAL); 871 #endif 872 while (sz > WRSZ) { 873 if (bozowrite(STDOUT_FILENO, addr, WRSZ) != WRSZ) 874 error(1, "write failed: %s", strerror(errno)); 875 sz -= WRSZ; 876 addr += WRSZ; 877 } 878 if (sz && bozowrite(STDOUT_FILENO, addr, sz) != sz) 879 error(1, "final write failed: %s", strerror(errno)); 880 if (munmap(oaddr, (size_t)sb.st_size) < 0) 881 warning("munmap failed"); 882 } 883 /* If SSL enabled cleanup SSL structure. */ 884 ssl_destroy(); 885 close(fd); 886 free(file); 887 } 888 889 /* 890 * deal with virtual host names; we do this: 891 * if we have a virtual path root (vpath), and we are given a 892 * virtual host spec (Host: ho.st or http://ho.st/), see if this 893 * directory exists under vpath. if it does, use this as the 894 # new slashdir. 895 */ 896 static void 897 check_virtual(http_req *request) 898 { 899 char *url = request->hr_url, *s; 900 struct dirent **list; 901 size_t len; 902 int i; 903 904 if (!vpath) 905 goto use_slashdir; 906 907 /* 908 * convert http://virtual.host/ to request->hr_host 909 */ 910 debug((DEBUG_OBESE, "checking for http:// virtual host in ``%s''", url)); 911 if (strncasecmp(url, "http://", 7) == 0) { 912 /* we would do virtual hosting here? */ 913 url += 7; 914 s = strchr(url, '/'); 915 /* HTTP/1.1 draft rev-06, 5.2: URI takes precedence over Host: */ 916 request->hr_host = url; 917 request->hr_url = bozostrdup(s ? s : "/"); 918 debug((DEBUG_OBESE, "got host ``%s'' url is now ``%s''", 919 request->hr_host, request->hr_url)); 920 } else if (!request->hr_host) 921 goto use_slashdir; 922 923 924 /* 925 * ok, we have a virtual host, use scandir(3) to find a case 926 * insensitive match for the virtual host we are asked for. 927 * note that if the virtual host is the same as the master, 928 * we don't need to do anything special. 929 */ 930 len = strlen(request->hr_host); 931 debug((DEBUG_OBESE, 932 "check_virtual: checking host `%s' under vpath `%s' for url `%s'", 933 request->hr_host, vpath, request->hr_url)); 934 if (strncasecmp(myname, request->hr_host, len) != 0) { 935 s = 0; 936 for (i = scandir(vpath, &list, 0, 0); i--; list++) { 937 debug((DEBUG_OBESE, "looking at dir``%s''", 938 (*list)->d_name)); 939 if (strncasecmp((*list)->d_name, request->hr_host, 940 len) == 0) { 941 /* found it, punch it */ 942 myname = (*list)->d_name; 943 if (asprintf(&s, "%s/%s", vpath, myname) < 0) 944 error(1, "asprintf"); 945 break; 946 } 947 } 948 if (s == 0) { 949 if (Vflag) 950 goto use_slashdir; 951 http_error(404, request, "unknown URL"); 952 } 953 } else 954 use_slashdir: 955 s = slashdir; 956 957 /* 958 * ok, nailed the correct slashdir, chdir to it 959 */ 960 if (chdir(s) < 0) 961 error(1, "can't chdir %s: %s", s, strerror(errno)); 962 } 963 964 /* make sure we're not trying to access special files */ 965 void 966 check_special_files(http_req *request, const char *name) 967 { 968 /* ensure basename(name) != special files */ 969 if (strcmp(name, DIRECT_ACCESS_FILE) == 0) 970 http_error(403, request, 971 "no permission to open direct access file"); 972 if (strcmp(name, REDIRECT_FILE) == 0) 973 http_error(403, request, 974 "no permission to open redirect file"); 975 if (strcmp(name, ABSREDIRECT_FILE) == 0) 976 http_error(403, request, 977 "no permission to open redirect file"); 978 auth_check_special_files(request, name); 979 } 980 981 /* 982 * checks to see if this request has a valid .bzredirect file. returns 983 * 0 on failure and 1 on success. 984 */ 985 static void 986 check_bzredirect(http_req *request) 987 { 988 struct stat sb; 989 char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1]; 990 char *basename, *finalredir; 991 int rv, absolute; 992 993 /* 994 * if this pathname is really a directory, but doesn't end in /, 995 * use it as the directory to look for the redir file. 996 */ 997 snprintf(dir, sizeof(dir), "%s", request->hr_url + 1); 998 debug((DEBUG_FAT, "check_bzredirect: dir %s", dir)); 999 basename = strrchr(dir, '/'); 1000 1001 if ((!basename || basename[1] != '\0') && 1002 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) 1003 /* nothing */; 1004 else if (basename == NULL) 1005 strcpy(dir, "."); 1006 else { 1007 *basename++ = '\0'; 1008 check_special_files(request, basename); 1009 } 1010 1011 snprintf(redir, sizeof(redir), "%s/%s", dir, REDIRECT_FILE); 1012 if (lstat(redir, &sb) == 0) { 1013 if (S_ISLNK(sb.st_mode) == 0) 1014 return; 1015 absolute = 0; 1016 } else { 1017 snprintf(redir, sizeof(redir), "%s/%s", dir, ABSREDIRECT_FILE); 1018 if (lstat(redir, &sb) < 0 || S_ISLNK(sb.st_mode) == 0) 1019 return; 1020 absolute = 1; 1021 } 1022 debug((DEBUG_FAT, "check_bzredirect: calling readlink")); 1023 rv = readlink(redir, redirpath, sizeof redirpath - 1); 1024 if (rv == -1 || rv == 0) { 1025 debug((DEBUG_FAT, "readlink failed")); 1026 return; 1027 } 1028 redirpath[rv] = '\0'; 1029 debug((DEBUG_FAT, "readlink returned \"%s\"", redirpath)); 1030 1031 /* now we have the link pointer, redirect to the real place */ 1032 if (absolute) 1033 finalredir = redirpath; 1034 else 1035 snprintf(finalredir = redir, sizeof(redir), "/%s/%s", dir, 1036 redirpath); 1037 1038 debug((DEBUG_FAT, "check_bzredirect: new redir %s", finalredir)); 1039 handle_redirect(request, finalredir, absolute); 1040 } 1041 1042 /* 1043 * checks to see if this request has a valid .bzdirect file. returns 1044 * 0 on failure and 1 on success. 1045 */ 1046 static int 1047 check_direct_access(http_req *request) 1048 { 1049 FILE *fp; 1050 struct stat sb; 1051 char dir[MAXPATHLEN], dirfile[MAXPATHLEN], *basename; 1052 1053 snprintf(dir, sizeof(dir), "%s", request->hr_url + 1); 1054 debug((DEBUG_FAT, "check_bzredirect: dir %s", dir)); 1055 basename = strrchr(dir, '/'); 1056 1057 if ((!basename || basename[1] != '\0') && 1058 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) 1059 /* nothing */; 1060 else if (basename == NULL) 1061 strcpy(dir, "."); 1062 else { 1063 *basename++ = '\0'; 1064 check_special_files(request, basename); 1065 } 1066 1067 snprintf(dirfile, sizeof(dirfile), "%s/%s", dir, DIRECT_ACCESS_FILE); 1068 if (stat(dirfile, &sb) < 0 || 1069 (fp = fopen(dirfile, "r")) == NULL) 1070 return 0; 1071 fclose(fp); 1072 return 1; 1073 } 1074 1075 /* 1076 * transform_request does this: 1077 * - ``expand'' %20 crapola 1078 * - punt if it doesn't start with / 1079 * - check rflag / referrer 1080 * - look for "http://myname/" and deal with it. 1081 * - maybe call process_cgi() 1082 * - check for ~user and call user_transform() if so 1083 * - if the length > 1, check for trailing slash. if so, 1084 * add the index.html file 1085 * - if the length is 1, return the index.html file 1086 * - disallow anything ending up with a file starting 1087 * at "/" or having ".." in it. 1088 * - anything else is a really weird internal error 1089 */ 1090 static char * 1091 transform_request(http_req *request, int *isindex) 1092 { 1093 char *file; 1094 char *url; 1095 size_t len; 1096 1097 file = NULL; 1098 *isindex = 0; 1099 debug((DEBUG_FAT, "tf_req: url %s", request->hr_url)); 1100 fix_url_percent(request); 1101 check_virtual(request); 1102 url = request->hr_url; 1103 1104 if (url[0] != '/') 1105 http_error(404, request, "unknown URL"); 1106 1107 check_bzredirect(request); 1108 1109 if (rflag) { 1110 int to_indexhtml = 0; 1111 1112 #define TOP_PAGE(x) (strcmp((x), "/") == 0 || \ 1113 strcmp((x) + 1, index_html) == 0 || \ 1114 strcmp((x) + 1, "favicon.ico") == 0) 1115 1116 debug((DEBUG_EXPLODING, "checking rflag")); 1117 /* 1118 * first check that this path isn't allowed via .bzdirect file, 1119 * and then check referrer; make sure that people come via the 1120 * real name... otherwise if we aren't looking at / or 1121 * /index.html, redirect... we also special case favicon.ico. 1122 */ 1123 if (check_direct_access(request)) 1124 /* nothing */; 1125 else if (request->hr_referrer) { 1126 const char *r = request->hr_referrer; 1127 1128 debug((DEBUG_FAT, 1129 "checking referrer \"%s\" vs myname %s", r, myname)); 1130 if (strncmp(r, "http://", 7) != 0 || 1131 (strncasecmp(r + 7, myname, strlen(myname)) != 0 && 1132 !TOP_PAGE(url))) 1133 to_indexhtml = 1; 1134 } else { 1135 const char *h = request->hr_host; 1136 1137 debug((DEBUG_FAT, "url has no referrer at all")); 1138 /* if there's no referrer, let / or /index.html past */ 1139 if (!TOP_PAGE(url) || 1140 (h && strncasecmp(h, myname, strlen(myname)) != 0)) 1141 to_indexhtml = 1; 1142 } 1143 1144 if (to_indexhtml) { 1145 char *slashindexhtml; 1146 1147 if (asprintf(&slashindexhtml, "/%s", index_html) < 0) 1148 error(1, "asprintf"); 1149 debug((DEBUG_FAT, "rflag: redirecting %s to %s", url, slashindexhtml)); 1150 handle_redirect(request, slashindexhtml, 0); 1151 /* NOTREACHED */ 1152 } 1153 } 1154 1155 process_cgi(request); 1156 1157 len = strlen(url); 1158 if (0) { 1159 #ifndef NO_USER_SUPPORT 1160 } else if (len > 1 && uflag && url[1] == '~') { 1161 if (url[2] == '\0') 1162 http_error(404, request, "missing username"); 1163 if (strchr(url + 2, '/') == NULL) 1164 handle_redirect(request, NULL, 0); 1165 /* NOTREACHED */ 1166 debug((DEBUG_FAT, "calling user_transform")); 1167 return (user_transform(request, isindex)); 1168 #endif /* NO_USER_SUPPORT */ 1169 } else if (len > 1) { 1170 debug((DEBUG_FAT, "url[len-1] == %c", url[len-1])); 1171 if (url[len-1] == '/') { /* append index.html */ 1172 *isindex = 1; 1173 debug((DEBUG_FAT, "appending index.html")); 1174 file = bozomalloc(len + strlen(index_html) + 1); 1175 strcpy(file, url + 1); 1176 strcat(file, index_html); 1177 } else 1178 file = bozostrdup(url + 1); 1179 } else if (len == 1) { 1180 debug((DEBUG_EXPLODING, "tf_req: len == 1")); 1181 file = bozostrdup(index_html); 1182 *isindex = 1; 1183 } else /* len == 0 ? */ 1184 http_error(500, request, "request->hr_url is nul?"); 1185 1186 if (file == NULL) 1187 http_error(500, request, "internal failure"); 1188 1189 /* 1190 * look for "http://myname/" and deal with it as necessary. 1191 */ 1192 1193 /* 1194 * stop traversing outside our domain 1195 * 1196 * XXX true security only comes from our parent using chroot(2) 1197 * before execve(2)'ing us. or our own built in chroot(2) support. 1198 */ 1199 if (*file == '/' || strcmp(file, "..") == 0 || 1200 strstr(file, "/..") || strstr(file, "../")) 1201 http_error(403, request, "illegal request"); 1202 1203 auth_check(request, file); 1204 1205 debug((DEBUG_FAT, "transform_request returned: %s", file)); 1206 return (file); 1207 } 1208 1209 /* 1210 * do automatic redirection 1211 */ 1212 static void 1213 handle_redirect(http_req *request, const char *url, int absolute) 1214 { 1215 char *urlbuf; 1216 char portbuf[20]; 1217 1218 if (url == NULL) { 1219 if (asprintf(&urlbuf, "%s/", request->hr_url) < 0) 1220 error(1, "asprintf"); 1221 url = urlbuf; 1222 } 1223 if (request->hr_serverport && strcmp(request->hr_serverport, "80") != 0) 1224 snprintf(portbuf, sizeof(portbuf), ":%s", 1225 request->hr_serverport); 1226 else 1227 portbuf[0] = '\0'; 1228 warning("redirecting %s%s%s", myname, portbuf, url); 1229 debug((DEBUG_FAT, "redirecting %s", url)); 1230 bozoprintf("%s 301 Document Moved\r\n", request->hr_proto); 1231 if (request->hr_proto != http_09) 1232 print_header(request, NULL, "text/html", NULL); 1233 if (request->hr_proto != http_09) { 1234 bozoprintf("Location: http://"); 1235 if (absolute == 0) 1236 bozoprintf("%s%s", myname, portbuf); 1237 bozoprintf("%s\r\n", url); 1238 } 1239 bozoprintf("\r\n"); 1240 if (request->hr_method == HTTP_HEAD) 1241 goto head; 1242 bozoprintf("<html><head><title>Document Moved</title></head>\n"); 1243 bozoprintf("<body><h1>Document Moved</h1>\n"); 1244 bozoprintf("This document had moved <a href=\"http://"); 1245 if (absolute) 1246 bozoprintf("%s", url); 1247 else 1248 bozoprintf("%s%s%s", myname, portbuf, url); 1249 bozoprintf("\">here</a>\n"); 1250 bozoprintf("</body></html>\n"); 1251 head: 1252 bozoflush(stdout); 1253 exit(0); 1254 } 1255 1256 /* generic header printing routine */ 1257 void 1258 print_header(http_req *request, struct stat *sbp, const char *type, 1259 const char *encoding) 1260 { 1261 bozoprintf("Date: %s\r\n", http_date()); 1262 bozoprintf("Server: %s\r\n", server_software); 1263 if (sbp) { 1264 char filedate[40]; 1265 struct tm *tm; 1266 1267 tm = gmtime(&sbp->st_mtime); 1268 strftime(filedate, sizeof filedate, 1269 "%a, %d %b %Y %H:%M:%S GMT", tm); 1270 bozoprintf("Last-Modified: %s\r\n", filedate); 1271 } 1272 if (type && *type) 1273 bozoprintf("Content-Type: %s\r\n", type); 1274 if (encoding && *encoding) 1275 bozoprintf("Content-Encoding: %s\r\n", encoding); 1276 if (sbp) 1277 bozoprintf("Content-Length: %qd\r\n", (long long)sbp->st_size); 1278 if (request && request->hr_proto == http_11) 1279 bozoprintf("Connection: close\r\n"); 1280 bozoflush(stdout); 1281 } 1282 1283 /* this escape HTML tags */ 1284 static void 1285 escape_html(http_req *request) 1286 { 1287 int i, j; 1288 char *url = request->hr_url, *tmp; 1289 1290 for (i = 0, j = 0; url[i]; i++) { 1291 switch (url[i]) { 1292 case '<': 1293 case '>': 1294 j += 4; 1295 break; 1296 case '&': 1297 j += 5; 1298 break; 1299 } 1300 } 1301 1302 if (j == 0) 1303 return; 1304 1305 if ((tmp = (char *) malloc(strlen(url) + j)) == 0) 1306 /* 1307 * ouch, but we are only called from an error context, and 1308 * most paths here come from malloc(3) failures anyway... 1309 * we could completely punt and just exit, but isn't returning 1310 * an not-quite-correct error better than nothing at all? 1311 */ 1312 return; 1313 1314 for (i = 0, j = 0; url[i]; i++) { 1315 switch (url[i]) { 1316 case '<': 1317 memcpy(tmp + j, "<", 4); 1318 j += 4; 1319 break; 1320 case '>': 1321 memcpy(tmp + j, ">", 4); 1322 j += 4; 1323 break; 1324 case '&': 1325 memcpy(tmp + j, "&", 5); 1326 j += 5; 1327 break; 1328 default: 1329 tmp[j++] = url[i]; 1330 } 1331 } 1332 tmp[j] = 0; 1333 1334 /* 1335 * XXX original "url" is a substring of an allocation, so we 1336 * can't touch it. so, ignore it and replace the request. 1337 */ 1338 request->hr_url = tmp; 1339 } 1340 1341 /* this fixes the %HH hack that RFC2396 requires. */ 1342 static void 1343 fix_url_percent(http_req *request) 1344 { 1345 char *s, *t, buf[3], *url; 1346 char *end; /* if end is not-zero, we don't translate beyond that */ 1347 1348 url = request->hr_url; 1349 1350 /* make sure we don't translate *too* much */ 1351 end = strchr(request->hr_url, '?'); 1352 1353 /* fast forward to the first % */ 1354 if ((s = strchr(url, '%')) == NULL) 1355 return; 1356 1357 t = s; 1358 do { 1359 if (end && s >= end) { 1360 debug((DEBUG_EXPLODING, "fu_%%: past end, filling out..")); 1361 while (*s) 1362 *t++ = *s++; 1363 break; 1364 } 1365 debug((DEBUG_EXPLODING, "fu_%%: got s == %%, s[1]s[2] == %c%c", 1366 s[1], s[2])); 1367 if (s[1] == '\0' || s[2] == '\0') 1368 http_error(400, request, 1369 "percent hack missing two chars afterwards"); 1370 if (s[1] == '0' && s[2] == '0') 1371 http_error(404, request, "percent hack was %00"); 1372 if (s[1] == '2' && s[2] == 'f') 1373 http_error(404, request, "percent hack was %2f (/)"); 1374 1375 buf[0] = *++s; 1376 buf[1] = *++s; 1377 buf[2] = '\0'; 1378 s++; 1379 *t = (char)strtol(buf, NULL, 16); 1380 debug((DEBUG_EXPLODING, "fu_%%: strtol put %c into *t", *t)); 1381 if (*t++ == '\0') 1382 http_error(400, request, "percent hack got a 0 back"); 1383 1384 while (*s && *s != '%') { 1385 if (s >= end) 1386 break; 1387 *t++ = *s++; 1388 } 1389 } while (*s); 1390 *t = '\0'; 1391 debug((DEBUG_FAT, "fix_url_percent returns %s in url", request->hr_url)); 1392 } 1393 1394 /* 1395 * process each type of HTTP method, setting this HTTP requests 1396 # method type. 1397 */ 1398 static struct method_map { 1399 const char *name; 1400 int type; 1401 } method_map[] = { 1402 { "GET", HTTP_GET, }, 1403 { "POST", HTTP_POST, }, 1404 { "HEAD", HTTP_HEAD, }, 1405 #if 0 /* other non-required http/1.1 methods */ 1406 { "OPTIONS", HTTP_OPTIONS, }, 1407 { "PUT", HTTP_PUT, }, 1408 { "DELETE", HTTP_DELETE, }, 1409 { "TRACE", HTTP_TRACE, }, 1410 { "CONNECT", HTTP_CONNECT, }, 1411 #endif 1412 { NULL, 0, }, 1413 }; 1414 1415 static void 1416 process_method(http_req *request, const char *method) 1417 { 1418 struct method_map *mmp; 1419 1420 for (mmp = method_map; mmp->name; mmp++) 1421 if (strcasecmp(method, mmp->name) == 0) { 1422 request->hr_method = mmp->type; 1423 request->hr_methodstr = mmp->name; 1424 return; 1425 } 1426 1427 if (request->hr_proto == http_11) 1428 request->hr_allow = "GET, HEAD, POST"; 1429 http_error(404, request, "unknown method"); 1430 } 1431 1432 /* 1433 * as the prototype string is not constant (eg, "HTTP/1.1" is equivalent 1434 * to "HTTP/001.01"), we MUST parse this. 1435 */ 1436 static void 1437 process_proto(http_req *request, const char *proto) 1438 { 1439 char majorstr[16], *minorstr; 1440 int majorint, minorint; 1441 1442 if (proto == NULL) { 1443 got_proto_09: 1444 request->hr_proto = http_09; 1445 debug((DEBUG_FAT, "request %s is http/0.9", request->hr_url)); 1446 return; 1447 } 1448 1449 if (strncasecmp(proto, "HTTP/", 5) != 0) 1450 goto bad; 1451 strncpy(majorstr, proto + 5, sizeof majorstr); 1452 majorstr[sizeof(majorstr)-1] = 0; 1453 minorstr = strchr(majorstr, '.'); 1454 if (minorstr == NULL) 1455 goto bad; 1456 *minorstr++ = 0; 1457 1458 majorint = atoi(majorstr); 1459 minorint = atoi(minorstr); 1460 1461 switch (majorint) { 1462 case 0: 1463 if (minorint != 9) 1464 break; 1465 goto got_proto_09; 1466 case 1: 1467 if (minorint == 0) 1468 request->hr_proto = http_10; 1469 else if (minorint == 1) 1470 request->hr_proto = http_11; 1471 else 1472 break; 1473 1474 debug((DEBUG_FAT, "request %s is %s", request->hr_url, 1475 request->hr_proto)); 1476 SIMPLEQ_INIT(&request->hr_headers); 1477 request->hr_nheaders = 0; 1478 return; 1479 } 1480 bad: 1481 http_error(404, NULL, "unknown prototype"); 1482 } 1483 1484 #ifdef DEBUG 1485 void 1486 debug__(int level, const char *fmt, ...) 1487 { 1488 va_list ap; 1489 int savederrno; 1490 1491 /* only log if the level is low enough */ 1492 if (dflag < level) 1493 return; 1494 1495 savederrno = errno; 1496 va_start(ap, fmt); 1497 if (sflag) { 1498 vfprintf(stderr, fmt, ap); 1499 fputs("\n", stderr); 1500 } else 1501 vsyslog(LOG_DEBUG, fmt, ap); 1502 va_end(ap); 1503 errno = savederrno; 1504 } 1505 #endif /* DEBUG */ 1506 1507 /* these are like warn() and err(), except for syslog not stderr */ 1508 void 1509 warning(const char *fmt, ...) 1510 { 1511 va_list ap; 1512 1513 va_start(ap, fmt); 1514 if (sflag || isatty(STDERR_FILENO)) { 1515 vfprintf(stderr, fmt, ap); 1516 fputs("\n", stderr); 1517 } else 1518 vsyslog(LOG_INFO, fmt, ap); 1519 va_end(ap); 1520 } 1521 1522 void 1523 error(int code, const char *fmt, ...) 1524 { 1525 va_list ap; 1526 1527 va_start(ap, fmt); 1528 if (sflag || isatty(STDERR_FILENO)) { 1529 vfprintf(stderr, fmt, ap); 1530 fputs("\n", stderr); 1531 } else 1532 vsyslog(LOG_ERR, fmt, ap); 1533 va_end(ap); 1534 exit(code); 1535 } 1536 1537 /* the follow functions and variables are used in handling HTTP errors */ 1538 /* ARGSUSED */ 1539 void 1540 http_error(int code, http_req *request, const char *msg) 1541 { 1542 static char buf[BUFSIZ]; 1543 char portbuf[20]; 1544 const char *header = http_errors_short(code); 1545 const char *reason = http_errors_long(code); 1546 const char *proto = (request && request->hr_proto) ? request->hr_proto : http_11; 1547 int size; 1548 1549 debug((DEBUG_FAT, "http_error %d: %s", code, msg)); 1550 if (header == NULL || reason == NULL) 1551 error(1, "http_error() failed (short = %p, long = %p)", 1552 header, reason); 1553 1554 if (request && request->hr_serverport && strcmp(request->hr_serverport, "80") != 0) 1555 snprintf(portbuf, sizeof(portbuf), ":%s", request->hr_serverport); 1556 else 1557 portbuf[0] = '\0'; 1558 1559 if (request && request->hr_url) { 1560 escape_html(request); 1561 size = snprintf(buf, sizeof buf, 1562 "<html><head><title>%s</title></head>\n" 1563 "<body><h1>%s</h1>\n" 1564 "%s: <pre>%s</pre>\n" 1565 "<hr><address><a href=\"http://%s%s/\">%s%s</a></address>\n" 1566 "</body></html>\n", 1567 header, header, request->hr_url, reason, 1568 myname, portbuf, myname, portbuf); 1569 if (size >= sizeof buf) 1570 warning("http_error buffer too small, truncated"); 1571 } else 1572 size = 0; 1573 1574 bozoprintf("%s %s\r\n", proto, header); 1575 auth_check_401(request, code); 1576 1577 bozoprintf("Content-Type: text/html\r\n"); 1578 bozoprintf("Content-Length: %d\r\n", size); 1579 bozoprintf("Server: %s\r\n", server_software); 1580 if (request && request->hr_allow) 1581 bozoprintf("Allow: %s\r\n", request->hr_allow); 1582 bozoprintf("\r\n"); 1583 if (size) 1584 bozoprintf("%s", buf); 1585 bozoflush(stdout); 1586 1587 exit(1); 1588 } 1589 1590 /* short map between error code, and short/long messages */ 1591 static struct errors_map { 1592 int code; /* HTTP return code */ 1593 const char *shortmsg; /* short version of message */ 1594 const char *longmsg; /* long version of message */ 1595 } errors_map[] = { 1596 { 400, "400 Bad Request", "The request was not valid", }, 1597 { 401, "401 Unauthorized", "No authorization", }, 1598 { 403, "403 Forbidden", "Access to this item has been denied", }, 1599 { 404, "404 Not Found", "This item has not been found", }, 1600 { 408, "408 Request Timeout", "This request took too long", }, 1601 { 417, "417 Expectation Failed","Expectations not available", }, 1602 { 500, "500 Internal Error", "An error occured on the server", }, 1603 { 501, "501 Not Implemented", "This request is not available", }, 1604 { 0, NULL, NULL, }, 1605 }; 1606 1607 static const char *help = "DANGER! WILL ROBINSON! DANGER!"; 1608 1609 static const char * 1610 http_errors_short(int code) 1611 { 1612 struct errors_map *ep; 1613 1614 for (ep = errors_map; ep->code; ep++) 1615 if (ep->code == code) 1616 return (ep->shortmsg); 1617 return (help); 1618 } 1619 1620 static const char * 1621 http_errors_long(int code) 1622 { 1623 struct errors_map *ep; 1624 1625 for (ep = errors_map; ep->code; ep++) 1626 if (ep->code == code) 1627 return (ep->longmsg); 1628 return (help); 1629 } 1630 1631 /* Below are various modified libc functions */ 1632 1633 /* 1634 * returns -1 in lenp if the string ran out before finding a delimiter, 1635 * but is otherwise the same as strsep. Note that the length must be 1636 * correctly passed in. 1637 */ 1638 char * 1639 strnsep(char **strp, const char *delim, ssize_t *lenp) 1640 { 1641 char *s; 1642 const char *spanp; 1643 int c, sc; 1644 char *tok; 1645 1646 if ((s = *strp) == NULL) 1647 return (NULL); 1648 for (tok = s;;) { 1649 if (lenp && --(*lenp) == -1) 1650 return (NULL); 1651 c = *s++; 1652 spanp = delim; 1653 do { 1654 if ((sc = *spanp++) == c) { 1655 if (c == 0) 1656 s = NULL; 1657 else 1658 s[-1] = '\0'; 1659 *strp = s; 1660 return (tok); 1661 } 1662 } while (sc != 0); 1663 } 1664 /* NOTREACHED */ 1665 } 1666 1667 /* 1668 * inspired by fgetln(3), but works for fd's. should work identically 1669 * except it, however, does *not* return the newline, and it does nul 1670 * terminate the string. 1671 */ 1672 char * 1673 dgetln(int fd, ssize_t *lenp, ssize_t (*readfn)(int, void *, size_t)) 1674 { 1675 static char *buffer; 1676 static ssize_t buflen = 0; 1677 ssize_t len; 1678 int got_cr = 0; 1679 char c, *nbuffer; 1680 1681 /* initialise */ 1682 if (buflen == 0) { 1683 buflen = 128; /* should be plenty for most requests */ 1684 buffer = malloc(buflen); 1685 if (buffer == NULL) { 1686 buflen = 0; 1687 return NULL; 1688 } 1689 } 1690 len = 0; 1691 1692 /* 1693 * we *have* to read one byte at a time, to not break cgi 1694 * programs (for we pass stdin off to them). could fix this 1695 * by becoming a fd-passing program instead of just exec'ing 1696 * the program 1697 */ 1698 for (; readfn(fd, &c, 1) == 1; ) { 1699 debug((DEBUG_EXPLODING, "dgetln read %c", c)); 1700 1701 if (len >= buflen - 1) { 1702 buflen *= 2; 1703 debug((DEBUG_EXPLODING, 1704 "dgetln: reallocating buffer to buflen %d", buflen)); 1705 nbuffer = realloc(buffer, buflen); 1706 if (nbuffer == NULL) { 1707 free(buffer); 1708 buflen = 0; 1709 buffer = NULL; 1710 return NULL; 1711 } 1712 buffer = nbuffer; 1713 } 1714 1715 buffer[len++] = c; 1716 if (c == '\r') { 1717 got_cr = 1; 1718 continue; 1719 } else if (c == '\n') { 1720 /* 1721 * HTTP/1.1 spec says to ignore CR and treat 1722 * LF as the real line terminator. even though 1723 * the same spec defines CRLF as the line 1724 * terminator, it is recommended in section 19.3 1725 * to do the LF trick for tolerance. 1726 */ 1727 if (got_cr) 1728 len -= 2; 1729 else 1730 len -= 1; 1731 break; 1732 } 1733 1734 } 1735 buffer[len] = '\0'; 1736 debug((DEBUG_OBESE, "dgetln returns: ``%s'' with len %d", buffer, len)); 1737 *lenp = len; 1738 return (buffer); 1739 } 1740 1741 void * 1742 bozorealloc(void *ptr, size_t size) 1743 { 1744 void *p; 1745 1746 p = realloc(ptr, size); 1747 if (p == NULL) 1748 http_error(500, NULL, "memory allocation failure"); 1749 return (p); 1750 } 1751 1752 void * 1753 bozomalloc(size_t size) 1754 { 1755 void *p; 1756 1757 p = malloc(size); 1758 if (p == NULL) 1759 http_error(500, NULL, "memory allocation failure"); 1760 return (p); 1761 } 1762 1763 char * 1764 bozostrdup(const char *str) 1765 { 1766 char *p; 1767 1768 p = strdup(str); 1769 if (p == NULL) 1770 http_error(500, NULL, "memory allocation failure"); 1771 return (p); 1772 } 1773
Indexes created Fri Sep 26 20:09:58 GMT 2025