cgi-bozo.c revision 1.5
1 1.5 rtr /* $NetBSD: cgi-bozo.c,v 1.5 2007/11/04 06:07:52 rtr Exp $ */ 2 1.4 tls 3 1.1 tls /* $eterna: cgi-bozo.c,v 1.13 2006/05/17 08:19:10 mrg Exp $ */ 4 1.1 tls 5 1.1 tls /* 6 1.1 tls * Copyright (c) 1997-2006 Matthew R. Green 7 1.1 tls * All rights reserved. 8 1.1 tls * 9 1.1 tls * Redistribution and use in source and binary forms, with or without 10 1.1 tls * modification, are permitted provided that the following conditions 11 1.1 tls * are met: 12 1.1 tls * 1. Redistributions of source code must retain the above copyright 13 1.1 tls * notice, this list of conditions and the following disclaimer. 14 1.1 tls * 2. Redistributions in binary form must reproduce the above copyright 15 1.1 tls * notice, this list of conditions and the following disclaimer and 16 1.1 tls * dedication in the documentation and/or other materials provided 17 1.1 tls * with the distribution. 18 1.1 tls * 3. The name of the author may not be used to endorse or promote products 19 1.1 tls * derived from this software without specific prior written permission. 20 1.1 tls * 21 1.1 tls * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 22 1.1 tls * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 23 1.1 tls * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 24 1.1 tls * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 25 1.1 tls * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 1.1 tls * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 27 1.1 tls * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 1.1 tls * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 1.1 tls * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 1.1 tls * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 1.1 tls * SUCH DAMAGE. 32 1.1 tls * 33 1.1 tls */ 34 1.1 tls 35 1.1 tls /* this code implements CGI/1.2 for bozohttpd */ 36 1.1 tls 37 1.1 tls #ifndef NO_CGIBIN_SUPPORT 38 1.1 tls 39 1.1 tls #include <sys/param.h> 40 1.1 tls #include <sys/socket.h> 41 1.1 tls 42 1.1 tls #include <ctype.h> 43 1.1 tls #include <errno.h> 44 1.1 tls #include <paths.h> 45 1.1 tls #include <signal.h> 46 1.1 tls #include <stdlib.h> 47 1.1 tls #include <string.h> 48 1.1 tls #include <unistd.h> 49 1.1 tls 50 1.1 tls #include <netinet/in.h> 51 1.1 tls 52 1.1 tls #include "bozohttpd.h" 53 1.1 tls 54 1.1 tls #define CGIBIN_PREFIX "cgi-bin/" 55 1.1 tls #define CGIBIN_PREFIX_LEN (sizeof(CGIBIN_PREFIX)-1) 56 1.1 tls 57 1.1 tls static char *cgibin; /* cgi-bin directory */ 58 1.1 tls static int Cflag; /* added a cgi handler, always process_cgi() */ 59 1.1 tls 60 1.1 tls static const char *content_cgihandler(http_req *, const char *); 61 1.1 tls static void finish_cgi_output(http_req *request, int, int); 62 1.1 tls 63 1.1 tls void 64 1.1 tls set_cgibin(char *path) 65 1.1 tls { 66 1.1 tls cgibin = path; 67 1.1 tls debug((DEBUG_OBESE, "cgibin (cgi-bin directory) is %s", cgibin)); 68 1.1 tls } 69 1.1 tls 70 1.1 tls /* help build up the environ pointer */ 71 1.1 tls void 72 1.1 tls spsetenv(const char *env, const char *val, char **envp) 73 1.1 tls { 74 1.1 tls char *s1 = bozomalloc(strlen(env) + strlen(val) + 2); 75 1.1 tls 76 1.1 tls strcpy(s1, env); 77 1.1 tls strcat(s1, "="); 78 1.1 tls strcat(s1, val); 79 1.1 tls debug((DEBUG_OBESE, "spsetenv: %s", s1)); 80 1.1 tls *envp = s1; 81 1.1 tls } 82 1.1 tls 83 1.1 tls /* 84 1.1 tls * Checks if the request has asked for a cgi-bin. Should only be called if 85 1.1 tls * cgibin is set. If it starts CGIBIN_PREFIX or has a ncontent handler, 86 1.1 tls * process the cgi, otherwise just return. 87 1.1 tls */ 88 1.1 tls void 89 1.1 tls process_cgi(http_req *request) 90 1.1 tls { 91 1.1 tls char buf[WRSZ]; 92 1.1 tls struct headers *headp; 93 1.1 tls const char *type, *clen, *info, *cgihandler; 94 1.1 tls char *query, *s, *t, *path, *env, *command, *url; 95 1.1 tls char **envp, **curenvp, *argv[4]; 96 1.1 tls size_t len; 97 1.1 tls ssize_t rbytes; 98 1.1 tls pid_t pid; 99 1.1 tls int envpsize, ix, nph; 100 1.1 tls int sv[2]; 101 1.1 tls 102 1.1 tls if (!cgibin && !Cflag) 103 1.1 tls return; 104 1.1 tls 105 1.1 tls debug((DEBUG_NORMAL, "process_cgi: url `%s'", request->hr_url)); 106 1.1 tls 107 1.1 tls url = bozostrdup(request->hr_url); 108 1.1 tls if ((s = strchr(url, '?')) != NULL) { 109 1.1 tls *s++ = '\0'; 110 1.1 tls query = s; 111 1.1 tls } else 112 1.1 tls query = NULL; 113 1.1 tls path = NULL; 114 1.1 tls envp = NULL; 115 1.1 tls cgihandler = NULL; 116 1.1 tls command = NULL; 117 1.1 tls info = NULL; 118 1.1 tls 119 1.1 tls len = strlen(url); 120 1.1 tls if (len == 0 || url[len - 1] == '/') { /* append index.html */ 121 1.1 tls debug((DEBUG_FAT, "appending index.html")); 122 1.1 tls url = bozorealloc(url, len + strlen(index_html) + 1); 123 1.1 tls strcat(url, index_html); 124 1.1 tls debug((DEBUG_NORMAL, "process_cgi: url adjusted to `%s'", url)); 125 1.1 tls } 126 1.1 tls 127 1.1 tls auth_check(request, url + 1); 128 1.1 tls 129 1.1 tls if (!cgibin || strncmp(url + 1, CGIBIN_PREFIX, CGIBIN_PREFIX_LEN) != 0) { 130 1.1 tls cgihandler = content_cgihandler(request, url + 1); 131 1.1 tls if (cgihandler == NULL) { 132 1.1 tls free(url); 133 1.1 tls return; 134 1.1 tls } 135 1.1 tls debug((DEBUG_NORMAL, "process_cgi: cgihandler `%s'", 136 1.1 tls cgihandler)); 137 1.1 tls } 138 1.1 tls 139 1.1 tls ix = 0; 140 1.1 tls if (cgihandler) { 141 1.1 tls command = url + 1; 142 1.1 tls path = bozostrdup(cgihandler); 143 1.1 tls argv[ix++] = path; 144 1.1 tls /* argv[] = [ path, command, query, NULL ] */ 145 1.1 tls } else { 146 1.1 tls command = url + CGIBIN_PREFIX_LEN + 1; 147 1.1 tls if ((s = strchr(command, '/')) != NULL) { 148 1.1 tls info = bozostrdup(s); 149 1.1 tls *s = '\0'; 150 1.1 tls } 151 1.1 tls path = bozomalloc(strlen(cgibin) + 1 + strlen(command) + 1); 152 1.1 tls strcpy(path, cgibin); 153 1.1 tls strcat(path, "/"); 154 1.1 tls strcat(path, command); 155 1.1 tls /* argv[] = [ command, query, NULL ] */ 156 1.1 tls } 157 1.1 tls argv[ix++] = command; 158 1.1 tls argv[ix++] = query; 159 1.1 tls argv[ix++] = NULL; 160 1.1 tls 161 1.1 tls nph = strncmp(command, "nph-", 4) == 0; 162 1.1 tls 163 1.1 tls debug((DEBUG_FAT, 164 1.1 tls "process_cgi: path `%s' cmd `%s' info `%s' query `%s' nph `%d'", 165 1.1 tls path, command, strornull(info), strornull(query), nph)); 166 1.1 tls 167 1.1 tls type = request->hr_content_type; 168 1.1 tls clen = request->hr_content_length; 169 1.1 tls 170 1.1 tls envpsize = 13 + request->hr_nheaders + 171 1.1 tls (info && *info ? 1 : 0) + 172 1.1 tls (query && *query ? 1 : 0) + 173 1.1 tls (type && *type ? 1 : 0) + 174 1.1 tls (clen && *clen ? 1 : 0) + 175 1.1 tls (request->hr_remotehost && *request->hr_remotehost ? 1 : 0) + 176 1.1 tls (request->hr_remoteaddr && *request->hr_remoteaddr ? 1 : 0) + 177 1.1 tls auth_cgi_count(request) + 178 1.1 tls (request->hr_serverport && *request->hr_serverport ? 1 : 0); 179 1.1 tls 180 1.1 tls envp = bozomalloc(sizeof(*envp) * envpsize); 181 1.1 tls for (ix = 0; ix < envpsize; ix++) 182 1.1 tls envp[ix] = NULL; 183 1.1 tls curenvp = envp; 184 1.3 tls 185 1.3 tls SIMPLEQ_FOREACH(headp, &request->hr_headers, h_next) { 186 1.1 tls const char *s2; 187 1.1 tls env = bozomalloc(6 + strlen(headp->h_header) + 1 + 188 1.1 tls strlen(headp->h_value)); 189 1.1 tls 190 1.1 tls t = env; 191 1.1 tls strcpy(t, "HTTP_"); 192 1.1 tls t += strlen(t); 193 1.1 tls for (s2 = headp->h_header; *s2; t++, s2++) 194 1.1 tls if (islower((u_int)*s2)) 195 1.1 tls *t = toupper((u_int)*s2); 196 1.1 tls else if (*s2 == '-') 197 1.1 tls *t = '_'; 198 1.1 tls else 199 1.1 tls *t = *s2; 200 1.1 tls *t = '\0'; 201 1.1 tls debug((DEBUG_OBESE, "setting header %s as %s = %s", 202 1.1 tls headp->h_header, env, headp->h_value)); 203 1.1 tls spsetenv(env, headp->h_value, curenvp++); 204 1.1 tls free(env); 205 1.1 tls } 206 1.1 tls 207 1.1 tls #ifndef _PATH_DEFPATH 208 1.1 tls #define _PATH_DEFPATH "/usr/bin:/bin" 209 1.1 tls #endif 210 1.1 tls 211 1.1 tls spsetenv("PATH", _PATH_DEFPATH, curenvp++); 212 1.1 tls spsetenv("IFS", " \t\n", curenvp++); 213 1.1 tls spsetenv("SERVER_NAME", myname, curenvp++); 214 1.1 tls spsetenv("GATEWAY_INTERFACE", "CGI/1.1", curenvp++); 215 1.1 tls spsetenv("SERVER_PROTOCOL", request->hr_proto, curenvp++); 216 1.1 tls spsetenv("REQUEST_METHOD", request->hr_methodstr, curenvp++); 217 1.1 tls spsetenv("SCRIPT_NAME", url, curenvp++); 218 1.1 tls spsetenv("SCRIPT_FILENAME", url + 1, curenvp++); 219 1.1 tls spsetenv("SERVER_SOFTWARE", server_software, curenvp++); 220 1.1 tls spsetenv("REQUEST_URI", request->hr_url, curenvp++); 221 1.1 tls spsetenv("DATE_GMT", http_date(), curenvp++); 222 1.1 tls if (query && *query) 223 1.1 tls spsetenv("QUERY_STRING", query, curenvp++); 224 1.1 tls if (info && *info) 225 1.1 tls spsetenv("PATH_INFO", info, curenvp++); 226 1.1 tls if (type && *type) 227 1.1 tls spsetenv("CONTENT_TYPE", type, curenvp++); 228 1.1 tls if (clen && *clen) 229 1.1 tls spsetenv("CONTENT_LENGTH", clen, curenvp++); 230 1.1 tls if (request->hr_serverport && *request->hr_serverport) 231 1.1 tls spsetenv("SERVER_PORT", request->hr_serverport, curenvp++); 232 1.1 tls if (request->hr_remotehost && *request->hr_remotehost) 233 1.1 tls spsetenv("REMOTE_HOST", request->hr_remotehost, curenvp++); 234 1.1 tls if (request->hr_remoteaddr && *request->hr_remoteaddr) 235 1.1 tls spsetenv("REMOTE_ADDR", request->hr_remoteaddr, curenvp++); 236 1.1 tls auth_cgi_setenv(request, &curenvp); 237 1.1 tls 238 1.1 tls debug((DEBUG_FAT, "process_cgi: going exec %s, %s %s %s", 239 1.1 tls path, argv[0], strornull(argv[1]), strornull(argv[2]))); 240 1.1 tls 241 1.1 tls if (-1 == socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, sv)) 242 1.1 tls error(1, "child socketpair failed: %s", strerror(errno)); 243 1.1 tls 244 1.1 tls /* 245 1.1 tls * We create 2 procs: one to become the CGI, one read from 246 1.1 tls * the CGI and output to the network, and this parent will 247 1.1 tls * continue reading from the network and writing to the 248 1.1 tls * CGI procsss. 249 1.1 tls */ 250 1.1 tls switch (fork()) { 251 1.1 tls case -1: /* eep, failure */ 252 1.1 tls error(1, "child fork failed: %s", strerror(errno)); 253 1.1 tls case 0: 254 1.1 tls close(sv[0]); 255 1.1 tls dup2(sv[1], STDIN_FILENO); 256 1.1 tls dup2(sv[1], STDOUT_FILENO); 257 1.1 tls 258 1.1 tls if (-1 == execve(path, argv, envp)) 259 1.1 tls error(1, "child exec failed: %s", path); 260 1.1 tls /* NOT REACHED */ 261 1.1 tls error(1, "child execve returned?!"); 262 1.1 tls } 263 1.1 tls 264 1.1 tls close(sv[1]); 265 1.1 tls 266 1.1 tls /* parent: read from stdin (bozoread()) write to sv[0] */ 267 1.1 tls /* child: read from sv[0] (bozowrite()) write to stdout */ 268 1.1 tls pid = fork(); 269 1.1 tls if (pid == -1) 270 1.1 tls error(1, "io child fork failed: %s", strerror(errno)); 271 1.1 tls else if (pid == 0) { 272 1.1 tls /* child reader/writer */ 273 1.1 tls close(STDIN_FILENO); 274 1.1 tls finish_cgi_output(request, sv[0], nph); 275 1.1 tls /* if we're done output, our parent is useless... */ 276 1.1 tls kill(getppid(), SIGKILL); 277 1.1 tls debug((DEBUG_FAT, "done processing cgi output")); 278 1.1 tls _exit(0); 279 1.1 tls } 280 1.1 tls close(STDOUT_FILENO); 281 1.1 tls 282 1.1 tls /* XXX we should have some goo that times us out 283 1.1 tls */ 284 1.1 tls while ((rbytes = bozoread(STDIN_FILENO, buf, sizeof buf)) > 0) { 285 1.1 tls ssize_t wbytes; 286 1.1 tls char *bp = buf; 287 1.1 tls 288 1.1 tls while (rbytes) { 289 1.1 tls wbytes = write(sv[0], buf , rbytes); 290 1.1 tls if (wbytes > 0) { 291 1.1 tls rbytes -= wbytes; 292 1.1 tls bp += wbytes; 293 1.1 tls } else 294 1.1 tls error(1, "write failed: %s", strerror(errno)); 295 1.1 tls } 296 1.1 tls } 297 1.1 tls debug((DEBUG_FAT, "done processing cgi input")); 298 1.1 tls exit(0); 299 1.1 tls } 300 1.1 tls 301 1.1 tls /* 302 1.1 tls * handle parsing a CGI header output, transposing a Status: header 303 1.1 tls * into the HTTP reply (ie, instead of "200 OK"). 304 1.1 tls */ 305 1.1 tls static void 306 1.1 tls finish_cgi_output(http_req *request, int in, int nph) 307 1.1 tls { 308 1.1 tls char buf[WRSZ]; 309 1.1 tls char *str, *val; 310 1.1 tls size_t len; 311 1.1 tls ssize_t rbytes; 312 1.1 tls SIMPLEQ_HEAD(, headers) headers; 313 1.1 tls struct headers *hdr; 314 1.1 tls int write_header, nheaders = 0, write_str = 0; 315 1.1 tls 316 1.1 tls /* much of this code is like read_request()'s header loop. hmmm... */ 317 1.1 tls SIMPLEQ_INIT(&headers); 318 1.1 tls write_header = nph == 0; 319 1.2 tls while (nph == 0 && (str = dgetln(in, (ssize_t *)&len, read)) != NULL) { 320 1.5 rtr char * tstr; 321 1.1 tls 322 1.5 rtr /* zero-length nothing to parse */ 323 1.1 tls if (*str == '\0') { 324 1.1 tls write_str = 1; 325 1.1 tls break; 326 1.1 tls } 327 1.1 tls 328 1.5 rtr /* skip leading space/tab */ 329 1.5 rtr while (*str == ' ' || *str == '\t') 330 1.5 rtr len--, str++; 331 1.5 rtr 332 1.5 rtr tstr = str = bozostrdup(str); /* we use this copy */ 333 1.5 rtr 334 1.5 rtr val = strnsep(&tstr, ":", (ssize_t *)&len); 335 1.1 tls debug((DEBUG_EXPLODING, 336 1.5 rtr "read_req2: after strnsep: tstr ``%s'' val ``%s''", 337 1.5 rtr tstr, val)); 338 1.1 tls if (val == NULL || len == -1) { 339 1.1 tls write_str = 1; 340 1.5 rtr free(str); 341 1.1 tls break; 342 1.1 tls } 343 1.1 tls 344 1.1 tls /* 345 1.1 tls * The CGI 1.{1,2} spec both say that if the cgi program 346 1.1 tls * returns a `Status:' header field then the server MUST 347 1.1 tls * return it in the response. If the cgi program does 348 1.1 tls * not return any `Status:' header then the server should 349 1.1 tls * respond with 200 OK. 350 1.1 tls * XXX The CGI 1.1 and 1.2 specification differ slightly on 351 1.1 tls * this in that v1.2 says that the script MUST NOT return a 352 1.1 tls * `Status:' header if it is returning a `Location:' header. 353 1.1 tls * For compatibility we are going with the CGI 1.1 behavior. 354 1.1 tls */ 355 1.1 tls if (strcasecmp(val, "status") == 0) { 356 1.1 tls debug((DEBUG_OBESE, "process_cgi: writing HTTP header " 357 1.5 rtr "from status %s ..", tstr)); 358 1.5 rtr bozoprintf("%s %s\r\n", request->hr_proto, tstr); 359 1.1 tls bozoflush(stdout); 360 1.1 tls write_header = 0; 361 1.5 rtr free(str); 362 1.1 tls break; 363 1.1 tls } 364 1.1 tls 365 1.1 tls hdr = bozomalloc(sizeof *hdr); 366 1.1 tls hdr->h_header = val; 367 1.1 tls hdr->h_value = str; 368 1.1 tls SIMPLEQ_INSERT_TAIL(&headers, hdr, h_next); 369 1.1 tls nheaders++; 370 1.1 tls } 371 1.1 tls 372 1.1 tls if (write_header) { 373 1.1 tls debug((DEBUG_OBESE, "process_cgi: writing HTTP header ..")); 374 1.1 tls bozoprintf("%s 200 OK\r\n", request->hr_proto); 375 1.1 tls bozoflush(stdout); 376 1.1 tls } 377 1.1 tls 378 1.1 tls if (nheaders) { 379 1.1 tls debug((DEBUG_OBESE, "process_cgi: writing delayed HTTP " 380 1.1 tls "headers ..")); 381 1.3 tls SIMPLEQ_FOREACH(hdr, &headers, h_next) { 382 1.3 tls bozoprintf("%s: %s\r\n", hdr->h_header, hdr->h_value); 383 1.3 tls free(hdr->h_value); 384 1.5 rtr free(hdr); 385 1.1 tls } 386 1.1 tls bozoflush(stdout); 387 1.1 tls } 388 1.1 tls 389 1.1 tls /* XXX we should have some goo that times us out 390 1.1 tls */ 391 1.1 tls while ((rbytes = read(in, buf, sizeof buf)) > 0) { 392 1.1 tls ssize_t wbytes; 393 1.1 tls char *bp = buf; 394 1.1 tls 395 1.1 tls while (rbytes) { 396 1.1 tls wbytes = bozowrite(STDOUT_FILENO, buf, rbytes); 397 1.1 tls if (wbytes > 0) { 398 1.1 tls rbytes -= wbytes; 399 1.1 tls bp += wbytes; 400 1.1 tls } else 401 1.1 tls error(1, "cgi output write failed: %s", 402 1.1 tls strerror(errno)); 403 1.1 tls } 404 1.1 tls } 405 1.1 tls } 406 1.1 tls 407 1.1 tls /* 408 1.1 tls * given the file name, return a CGI interpreter 409 1.1 tls */ 410 1.1 tls static const char * 411 1.1 tls content_cgihandler(http_req *request, const char *file) 412 1.1 tls { 413 1.1 tls struct content_map *map; 414 1.1 tls 415 1.1 tls map = match_content_map(file, 0); 416 1.1 tls if (map) 417 1.1 tls return (map->cgihandler); 418 1.1 tls return (NULL); 419 1.1 tls } 420 1.1 tls 421 1.1 tls #ifndef NO_DYNAMIC_CONTENT 422 1.1 tls /* cgi maps are simple ".postfix /path/to/prog" */ 423 1.1 tls void 424 1.1 tls add_content_map_cgi(char *arg, char *cgihandler) 425 1.1 tls { 426 1.1 tls struct content_map *map; 427 1.1 tls 428 1.1 tls debug((DEBUG_NORMAL, "add_content_map_cgi: name %s cgi %s", arg, cgihandler)); 429 1.1 tls 430 1.1 tls Cflag = 1; 431 1.1 tls 432 1.1 tls map = get_content_map(arg); 433 1.1 tls map->name = arg; 434 1.1 tls map->type = map->encoding = map->encoding11 = NULL; 435 1.1 tls map->cgihandler = cgihandler; 436 1.1 tls } 437 1.1 tls #endif /* NO_DYNAMIC_CONTENT */ 438 1.1 tls 439 1.1 tls #endif /* NO_CGIBIN_SUPPORT */ 440
Indexes created Fri Oct 17 03:10:13 GMT 2025