cgi-bozo.c revision 1.9
1 1.9 tls /* $NetBSD: cgi-bozo.c,v 1.9 2009/02/04 22:55:58 tls Exp $ */ 2 1.4 tls 3 1.7 mrg /* $eterna: cgi-bozo.c,v 1.18 2008/03/03 03:36:11 mrg Exp $ */ 4 1.1 tls 5 1.1 tls /* 6 1.7 mrg * Copyright (c) 1997-2008 Matthew R. Green 7 1.1 tls * All rights reserved. 8 1.1 tls * 9 1.1 tls * Redistribution and use in source and binary forms, with or without 10 1.1 tls * modification, are permitted provided that the following conditions 11 1.1 tls * are met: 12 1.1 tls * 1. Redistributions of source code must retain the above copyright 13 1.1 tls * notice, this list of conditions and the following disclaimer. 14 1.1 tls * 2. Redistributions in binary form must reproduce the above copyright 15 1.1 tls * notice, this list of conditions and the following disclaimer and 16 1.1 tls * dedication in the documentation and/or other materials provided 17 1.1 tls * with the distribution. 18 1.1 tls * 3. The name of the author may not be used to endorse or promote products 19 1.1 tls * derived from this software without specific prior written permission. 20 1.1 tls * 21 1.1 tls * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 22 1.1 tls * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 23 1.1 tls * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 24 1.1 tls * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 25 1.1 tls * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 1.1 tls * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 27 1.1 tls * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 1.1 tls * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 1.1 tls * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 1.1 tls * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 1.1 tls * SUCH DAMAGE. 32 1.1 tls * 33 1.1 tls */ 34 1.1 tls 35 1.1 tls /* this code implements CGI/1.2 for bozohttpd */ 36 1.1 tls 37 1.1 tls #ifndef NO_CGIBIN_SUPPORT 38 1.1 tls 39 1.1 tls #include <sys/param.h> 40 1.1 tls #include <sys/socket.h> 41 1.1 tls 42 1.1 tls #include <ctype.h> 43 1.1 tls #include <errno.h> 44 1.1 tls #include <paths.h> 45 1.1 tls #include <signal.h> 46 1.1 tls #include <stdlib.h> 47 1.1 tls #include <string.h> 48 1.1 tls #include <unistd.h> 49 1.1 tls 50 1.1 tls #include <netinet/in.h> 51 1.1 tls 52 1.1 tls #include "bozohttpd.h" 53 1.1 tls 54 1.1 tls #define CGIBIN_PREFIX "cgi-bin/" 55 1.1 tls #define CGIBIN_PREFIX_LEN (sizeof(CGIBIN_PREFIX)-1) 56 1.1 tls 57 1.1 tls static char *cgibin; /* cgi-bin directory */ 58 1.1 tls static int Cflag; /* added a cgi handler, always process_cgi() */ 59 1.1 tls 60 1.6 rtr static const char * content_cgihandler(http_req *, const char *); 61 1.6 rtr static void finish_cgi_output(http_req *request, int, int); 62 1.6 rtr static int parse_header(const char *, ssize_t, char **, char **); 63 1.8 mrg static void append_index_html(char **); 64 1.1 tls 65 1.1 tls void 66 1.1 tls set_cgibin(char *path) 67 1.1 tls { 68 1.1 tls cgibin = path; 69 1.1 tls debug((DEBUG_OBESE, "cgibin (cgi-bin directory) is %s", cgibin)); 70 1.1 tls } 71 1.1 tls 72 1.1 tls /* help build up the environ pointer */ 73 1.1 tls void 74 1.1 tls spsetenv(const char *env, const char *val, char **envp) 75 1.1 tls { 76 1.1 tls char *s1 = bozomalloc(strlen(env) + strlen(val) + 2); 77 1.1 tls 78 1.1 tls strcpy(s1, env); 79 1.1 tls strcat(s1, "="); 80 1.1 tls strcat(s1, val); 81 1.1 tls debug((DEBUG_OBESE, "spsetenv: %s", s1)); 82 1.1 tls *envp = s1; 83 1.1 tls } 84 1.1 tls 85 1.1 tls /* 86 1.1 tls * Checks if the request has asked for a cgi-bin. Should only be called if 87 1.1 tls * cgibin is set. If it starts CGIBIN_PREFIX or has a ncontent handler, 88 1.1 tls * process the cgi, otherwise just return. 89 1.1 tls */ 90 1.1 tls void 91 1.1 tls process_cgi(http_req *request) 92 1.1 tls { 93 1.1 tls char buf[WRSZ]; 94 1.1 tls struct headers *headp; 95 1.1 tls const char *type, *clen, *info, *cgihandler; 96 1.9 tls char *query, *s, *t, *path, *env, *command, *file, *url; 97 1.1 tls char **envp, **curenvp, *argv[4]; 98 1.1 tls size_t len; 99 1.1 tls ssize_t rbytes; 100 1.1 tls pid_t pid; 101 1.1 tls int envpsize, ix, nph; 102 1.1 tls int sv[2]; 103 1.1 tls 104 1.1 tls if (!cgibin && !Cflag) 105 1.1 tls return; 106 1.1 tls 107 1.9 tls file = bozostrdup(request->hr_file); 108 1.9 tls if (request->hr_query && strlen(request->hr_query)) { 109 1.9 tls query = bozostrdup(request->hr_query); 110 1.9 tls } else { 111 1.9 tls query = NULL; 112 1.9 tls } 113 1.9 tls 114 1.9 tls asprintf(&url, "%s%c%s", file, query?'?':0, query); 115 1.9 tls debug((DEBUG_NORMAL, "process_cgi: url `%s'", url)); 116 1.1 tls 117 1.1 tls path = NULL; 118 1.1 tls envp = NULL; 119 1.1 tls cgihandler = NULL; 120 1.1 tls command = NULL; 121 1.1 tls info = NULL; 122 1.1 tls len = strlen(url); 123 1.1 tls 124 1.1 tls auth_check(request, url + 1); 125 1.1 tls if (!cgibin || strncmp(url + 1, CGIBIN_PREFIX, CGIBIN_PREFIX_LEN) != 0) { 126 1.9 tls cgihandler = content_cgihandler(request, file + 1); 127 1.1 tls if (cgihandler == NULL) { 128 1.9 tls debug((DEBUG_FAT, "process_cgi: no handler, returning")); 129 1.1 tls free(url); 130 1.1 tls return; 131 1.1 tls } 132 1.9 tls if (len == 0 || file[len - 1] == '/') 133 1.9 tls append_index_html(&file); 134 1.1 tls debug((DEBUG_NORMAL, "process_cgi: cgihandler `%s'", 135 1.1 tls cgihandler)); 136 1.8 mrg } else if (len - 1 == CGIBIN_PREFIX_LEN) /* url is "/cgi-bin/" */ 137 1.9 tls append_index_html(&file); 138 1.1 tls ix = 0; 139 1.1 tls if (cgihandler) { 140 1.9 tls command = file + 1; 141 1.1 tls path = bozostrdup(cgihandler); 142 1.1 tls argv[ix++] = path; 143 1.1 tls /* argv[] = [ path, command, query, NULL ] */ 144 1.1 tls } else { 145 1.9 tls command = file + CGIBIN_PREFIX_LEN + 1; 146 1.1 tls if ((s = strchr(command, '/')) != NULL) { 147 1.1 tls info = bozostrdup(s); 148 1.1 tls *s = '\0'; 149 1.1 tls } 150 1.1 tls path = bozomalloc(strlen(cgibin) + 1 + strlen(command) + 1); 151 1.1 tls strcpy(path, cgibin); 152 1.1 tls strcat(path, "/"); 153 1.1 tls strcat(path, command); 154 1.1 tls /* argv[] = [ command, query, NULL ] */ 155 1.1 tls } 156 1.1 tls argv[ix++] = command; 157 1.1 tls argv[ix++] = query; 158 1.1 tls argv[ix++] = NULL; 159 1.1 tls 160 1.1 tls nph = strncmp(command, "nph-", 4) == 0; 161 1.1 tls 162 1.1 tls debug((DEBUG_FAT, 163 1.1 tls "process_cgi: path `%s' cmd `%s' info `%s' query `%s' nph `%d'", 164 1.1 tls path, command, strornull(info), strornull(query), nph)); 165 1.1 tls 166 1.1 tls type = request->hr_content_type; 167 1.1 tls clen = request->hr_content_length; 168 1.1 tls 169 1.1 tls envpsize = 13 + request->hr_nheaders + 170 1.1 tls (info && *info ? 1 : 0) + 171 1.1 tls (query && *query ? 1 : 0) + 172 1.1 tls (type && *type ? 1 : 0) + 173 1.1 tls (clen && *clen ? 1 : 0) + 174 1.1 tls (request->hr_remotehost && *request->hr_remotehost ? 1 : 0) + 175 1.1 tls (request->hr_remoteaddr && *request->hr_remoteaddr ? 1 : 0) + 176 1.1 tls auth_cgi_count(request) + 177 1.1 tls (request->hr_serverport && *request->hr_serverport ? 1 : 0); 178 1.1 tls 179 1.1 tls envp = bozomalloc(sizeof(*envp) * envpsize); 180 1.1 tls for (ix = 0; ix < envpsize; ix++) 181 1.1 tls envp[ix] = NULL; 182 1.1 tls curenvp = envp; 183 1.3 tls 184 1.3 tls SIMPLEQ_FOREACH(headp, &request->hr_headers, h_next) { 185 1.1 tls const char *s2; 186 1.1 tls env = bozomalloc(6 + strlen(headp->h_header) + 1 + 187 1.1 tls strlen(headp->h_value)); 188 1.1 tls 189 1.1 tls t = env; 190 1.1 tls strcpy(t, "HTTP_"); 191 1.1 tls t += strlen(t); 192 1.1 tls for (s2 = headp->h_header; *s2; t++, s2++) 193 1.1 tls if (islower((u_int)*s2)) 194 1.1 tls *t = toupper((u_int)*s2); 195 1.1 tls else if (*s2 == '-') 196 1.1 tls *t = '_'; 197 1.1 tls else 198 1.1 tls *t = *s2; 199 1.1 tls *t = '\0'; 200 1.1 tls debug((DEBUG_OBESE, "setting header %s as %s = %s", 201 1.1 tls headp->h_header, env, headp->h_value)); 202 1.1 tls spsetenv(env, headp->h_value, curenvp++); 203 1.1 tls free(env); 204 1.1 tls } 205 1.9 tls 206 1.1 tls #ifndef _PATH_DEFPATH 207 1.1 tls #define _PATH_DEFPATH "/usr/bin:/bin" 208 1.1 tls #endif 209 1.1 tls 210 1.1 tls spsetenv("PATH", _PATH_DEFPATH, curenvp++); 211 1.1 tls spsetenv("IFS", " \t\n", curenvp++); 212 1.1 tls spsetenv("SERVER_NAME", myname, curenvp++); 213 1.1 tls spsetenv("GATEWAY_INTERFACE", "CGI/1.1", curenvp++); 214 1.1 tls spsetenv("SERVER_PROTOCOL", request->hr_proto, curenvp++); 215 1.1 tls spsetenv("REQUEST_METHOD", request->hr_methodstr, curenvp++); 216 1.1 tls spsetenv("SCRIPT_NAME", url, curenvp++); 217 1.1 tls spsetenv("SCRIPT_FILENAME", url + 1, curenvp++); 218 1.1 tls spsetenv("SERVER_SOFTWARE", server_software, curenvp++); 219 1.9 tls spsetenv("REQUEST_URI", url, curenvp++); 220 1.1 tls spsetenv("DATE_GMT", http_date(), curenvp++); 221 1.1 tls if (query && *query) 222 1.1 tls spsetenv("QUERY_STRING", query, curenvp++); 223 1.1 tls if (info && *info) 224 1.1 tls spsetenv("PATH_INFO", info, curenvp++); 225 1.1 tls if (type && *type) 226 1.1 tls spsetenv("CONTENT_TYPE", type, curenvp++); 227 1.1 tls if (clen && *clen) 228 1.1 tls spsetenv("CONTENT_LENGTH", clen, curenvp++); 229 1.1 tls if (request->hr_serverport && *request->hr_serverport) 230 1.1 tls spsetenv("SERVER_PORT", request->hr_serverport, curenvp++); 231 1.1 tls if (request->hr_remotehost && *request->hr_remotehost) 232 1.1 tls spsetenv("REMOTE_HOST", request->hr_remotehost, curenvp++); 233 1.1 tls if (request->hr_remoteaddr && *request->hr_remoteaddr) 234 1.1 tls spsetenv("REMOTE_ADDR", request->hr_remoteaddr, curenvp++); 235 1.1 tls auth_cgi_setenv(request, &curenvp); 236 1.1 tls 237 1.1 tls debug((DEBUG_FAT, "process_cgi: going exec %s, %s %s %s", 238 1.1 tls path, argv[0], strornull(argv[1]), strornull(argv[2]))); 239 1.1 tls 240 1.1 tls if (-1 == socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, sv)) 241 1.1 tls error(1, "child socketpair failed: %s", strerror(errno)); 242 1.1 tls 243 1.1 tls /* 244 1.1 tls * We create 2 procs: one to become the CGI, one read from 245 1.1 tls * the CGI and output to the network, and this parent will 246 1.1 tls * continue reading from the network and writing to the 247 1.1 tls * CGI procsss. 248 1.1 tls */ 249 1.1 tls switch (fork()) { 250 1.1 tls case -1: /* eep, failure */ 251 1.1 tls error(1, "child fork failed: %s", strerror(errno)); 252 1.1 tls case 0: 253 1.1 tls close(sv[0]); 254 1.1 tls dup2(sv[1], STDIN_FILENO); 255 1.1 tls dup2(sv[1], STDOUT_FILENO); 256 1.1 tls 257 1.1 tls if (-1 == execve(path, argv, envp)) 258 1.1 tls error(1, "child exec failed: %s", path); 259 1.1 tls /* NOT REACHED */ 260 1.1 tls error(1, "child execve returned?!"); 261 1.1 tls } 262 1.1 tls 263 1.1 tls close(sv[1]); 264 1.1 tls 265 1.1 tls /* parent: read from stdin (bozoread()) write to sv[0] */ 266 1.1 tls /* child: read from sv[0] (bozowrite()) write to stdout */ 267 1.1 tls pid = fork(); 268 1.1 tls if (pid == -1) 269 1.1 tls error(1, "io child fork failed: %s", strerror(errno)); 270 1.1 tls else if (pid == 0) { 271 1.1 tls /* child reader/writer */ 272 1.1 tls close(STDIN_FILENO); 273 1.1 tls finish_cgi_output(request, sv[0], nph); 274 1.1 tls /* if we're done output, our parent is useless... */ 275 1.1 tls kill(getppid(), SIGKILL); 276 1.1 tls debug((DEBUG_FAT, "done processing cgi output")); 277 1.1 tls _exit(0); 278 1.1 tls } 279 1.1 tls close(STDOUT_FILENO); 280 1.1 tls 281 1.1 tls /* XXX we should have some goo that times us out 282 1.1 tls */ 283 1.1 tls while ((rbytes = bozoread(STDIN_FILENO, buf, sizeof buf)) > 0) { 284 1.1 tls ssize_t wbytes; 285 1.1 tls char *bp = buf; 286 1.1 tls 287 1.1 tls while (rbytes) { 288 1.1 tls wbytes = write(sv[0], buf , rbytes); 289 1.1 tls if (wbytes > 0) { 290 1.1 tls rbytes -= wbytes; 291 1.1 tls bp += wbytes; 292 1.1 tls } else 293 1.1 tls error(1, "write failed: %s", strerror(errno)); 294 1.1 tls } 295 1.1 tls } 296 1.1 tls debug((DEBUG_FAT, "done processing cgi input")); 297 1.1 tls exit(0); 298 1.1 tls } 299 1.1 tls 300 1.1 tls /* 301 1.1 tls * handle parsing a CGI header output, transposing a Status: header 302 1.1 tls * into the HTTP reply (ie, instead of "200 OK"). 303 1.1 tls */ 304 1.1 tls static void 305 1.1 tls finish_cgi_output(http_req *request, int in, int nph) 306 1.1 tls { 307 1.1 tls char buf[WRSZ]; 308 1.6 rtr char *str; 309 1.7 mrg ssize_t len; 310 1.1 tls ssize_t rbytes; 311 1.1 tls SIMPLEQ_HEAD(, headers) headers; 312 1.1 tls struct headers *hdr; 313 1.6 rtr int write_header, nheaders = 0; 314 1.1 tls 315 1.1 tls /* much of this code is like read_request()'s header loop. hmmm... */ 316 1.1 tls SIMPLEQ_INIT(&headers); 317 1.1 tls write_header = nph == 0; 318 1.7 mrg while (nph == 0 && (str = bozodgetln(in, &len, read)) != NULL) { 319 1.6 rtr char * hdr_name, * hdr_value; 320 1.1 tls 321 1.7 mrg if (parse_header(str, len, &hdr_name, &hdr_value)) 322 1.1 tls break; 323 1.1 tls 324 1.1 tls /* 325 1.1 tls * The CGI 1.{1,2} spec both say that if the cgi program 326 1.1 tls * returns a `Status:' header field then the server MUST 327 1.1 tls * return it in the response. If the cgi program does 328 1.1 tls * not return any `Status:' header then the server should 329 1.1 tls * respond with 200 OK. 330 1.1 tls * XXX The CGI 1.1 and 1.2 specification differ slightly on 331 1.1 tls * this in that v1.2 says that the script MUST NOT return a 332 1.1 tls * `Status:' header if it is returning a `Location:' header. 333 1.1 tls * For compatibility we are going with the CGI 1.1 behavior. 334 1.1 tls */ 335 1.6 rtr if (strcasecmp(hdr_name, "status") == 0) { 336 1.1 tls debug((DEBUG_OBESE, "process_cgi: writing HTTP header " 337 1.6 rtr "from status %s ..", hdr_value)); 338 1.6 rtr bozoprintf("%s %s\r\n", request->hr_proto, hdr_value); 339 1.1 tls bozoflush(stdout); 340 1.1 tls write_header = 0; 341 1.6 rtr free(hdr_name); 342 1.1 tls break; 343 1.1 tls } 344 1.1 tls 345 1.1 tls hdr = bozomalloc(sizeof *hdr); 346 1.6 rtr hdr->h_header = hdr_name; 347 1.6 rtr hdr->h_value = hdr_value; 348 1.1 tls SIMPLEQ_INSERT_TAIL(&headers, hdr, h_next); 349 1.1 tls nheaders++; 350 1.1 tls } 351 1.1 tls 352 1.1 tls if (write_header) { 353 1.1 tls debug((DEBUG_OBESE, "process_cgi: writing HTTP header ..")); 354 1.1 tls bozoprintf("%s 200 OK\r\n", request->hr_proto); 355 1.1 tls bozoflush(stdout); 356 1.1 tls } 357 1.1 tls 358 1.1 tls if (nheaders) { 359 1.1 tls debug((DEBUG_OBESE, "process_cgi: writing delayed HTTP " 360 1.1 tls "headers ..")); 361 1.3 tls SIMPLEQ_FOREACH(hdr, &headers, h_next) { 362 1.3 tls bozoprintf("%s: %s\r\n", hdr->h_header, hdr->h_value); 363 1.6 rtr free(hdr->h_header); 364 1.5 rtr free(hdr); 365 1.1 tls } 366 1.7 mrg bozoprintf("\r\n"); 367 1.1 tls bozoflush(stdout); 368 1.1 tls } 369 1.1 tls 370 1.1 tls /* XXX we should have some goo that times us out 371 1.1 tls */ 372 1.1 tls while ((rbytes = read(in, buf, sizeof buf)) > 0) { 373 1.1 tls ssize_t wbytes; 374 1.1 tls char *bp = buf; 375 1.1 tls 376 1.1 tls while (rbytes) { 377 1.1 tls wbytes = bozowrite(STDOUT_FILENO, buf, rbytes); 378 1.1 tls if (wbytes > 0) { 379 1.1 tls rbytes -= wbytes; 380 1.1 tls bp += wbytes; 381 1.1 tls } else 382 1.1 tls error(1, "cgi output write failed: %s", 383 1.1 tls strerror(errno)); 384 1.1 tls } 385 1.1 tls } 386 1.1 tls } 387 1.1 tls 388 1.6 rtr static int 389 1.6 rtr parse_header(const char * str, ssize_t len, char ** hdr_str, char ** hdr_val) 390 1.6 rtr { 391 1.6 rtr char * name, * value; 392 1.6 rtr 393 1.6 rtr /* if the string passed is zero-length bail out */ 394 1.6 rtr if (*str == '\0') 395 1.6 rtr return -1; 396 1.6 rtr 397 1.6 rtr name = value = bozostrdup(str); 398 1.6 rtr 399 1.6 rtr /* locate the ':' separator in the header/value */ 400 1.7 mrg name = bozostrnsep(&value, ":", &len); 401 1.6 rtr 402 1.6 rtr if (NULL == name || -1 == len) { 403 1.6 rtr free(name); 404 1.6 rtr return -1; 405 1.6 rtr } 406 1.6 rtr 407 1.6 rtr /* skip leading space/tab */ 408 1.6 rtr while (*value == ' ' || *value == '\t') 409 1.6 rtr len--, value++; 410 1.6 rtr 411 1.6 rtr *hdr_str = name; 412 1.6 rtr *hdr_val = value; 413 1.6 rtr 414 1.6 rtr return 0; 415 1.6 rtr } 416 1.6 rtr 417 1.1 tls /* 418 1.1 tls * given the file name, return a CGI interpreter 419 1.1 tls */ 420 1.1 tls static const char * 421 1.1 tls content_cgihandler(http_req *request, const char *file) 422 1.1 tls { 423 1.1 tls struct content_map *map; 424 1.1 tls 425 1.9 tls debug((DEBUG_FAT, "content_cgihandler: trying file %s", file)); 426 1.9 tls 427 1.1 tls map = match_content_map(file, 0); 428 1.1 tls if (map) 429 1.1 tls return (map->cgihandler); 430 1.1 tls return (NULL); 431 1.1 tls } 432 1.1 tls 433 1.8 mrg static void 434 1.8 mrg append_index_html(char **url) 435 1.8 mrg { 436 1.8 mrg *url = bozorealloc(*url, strlen(*url) + strlen(index_html) + 1); 437 1.8 mrg strcat(*url, index_html); 438 1.8 mrg debug((DEBUG_NORMAL, "append_index_html: url adjusted to `%s'", *url)); 439 1.8 mrg } 440 1.8 mrg 441 1.1 tls #ifndef NO_DYNAMIC_CONTENT 442 1.1 tls /* cgi maps are simple ".postfix /path/to/prog" */ 443 1.1 tls void 444 1.1 tls add_content_map_cgi(char *arg, char *cgihandler) 445 1.1 tls { 446 1.1 tls struct content_map *map; 447 1.1 tls 448 1.1 tls debug((DEBUG_NORMAL, "add_content_map_cgi: name %s cgi %s", arg, cgihandler)); 449 1.1 tls 450 1.1 tls Cflag = 1; 451 1.1 tls 452 1.1 tls map = get_content_map(arg); 453 1.1 tls map->name = arg; 454 1.1 tls map->type = map->encoding = map->encoding11 = NULL; 455 1.1 tls map->cgihandler = cgihandler; 456 1.1 tls } 457 1.1 tls #endif /* NO_DYNAMIC_CONTENT */ 458 1.1 tls 459 1.1 tls #endif /* NO_CGIBIN_SUPPORT */ 460
Indexes created Wed Oct 15 07:09:58 GMT 2025