Home | History | Annotate | Line # | Download | only in netinet
accf_http.c revision 1.8.6.1 
      1  1.8.6.1  skrll /*	$NetBSD: accf_http.c,v 1.8.6.1 2015/09/22 12:06:11 skrll Exp $	*/
      2      1.2     ad 
      3      1.1    tls /*-
      4      1.1    tls  * Copyright (c) 2000 Paycounter, Inc.
      5      1.1    tls  * Author: Alfred Perlstein <alfred (at) paycounter.com>, <alfred (at) FreeBSD.org>
      6      1.1    tls  * All rights reserved.
      7      1.1    tls  *
      8      1.1    tls  * Redistribution and use in source and binary forms, with or without
      9      1.1    tls  * modification, are permitted provided that the following conditions
     10      1.1    tls  * are met:
     11      1.1    tls  * 1. Redistributions of source code must retain the above copyright
     12      1.1    tls  *    notice, this list of conditions and the following disclaimer.
     13      1.1    tls  * 2. Redistributions in binary form must reproduce the above copyright
     14      1.1    tls  *    notice, this list of conditions and the following disclaimer in the
     15      1.1    tls  *    documentation and/or other materials provided with the distribution.
     16      1.1    tls  *
     17      1.1    tls  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
     18      1.1    tls  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     19      1.1    tls  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     20      1.1    tls  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
     21      1.1    tls  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     22      1.1    tls  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     23      1.1    tls  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     24      1.1    tls  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     25      1.1    tls  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     26      1.1    tls  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     27      1.1    tls  * SUCH DAMAGE.
     28      1.1    tls  */
     29      1.1    tls 
     30      1.1    tls #include <sys/cdefs.h>
     31  1.8.6.1  skrll __KERNEL_RCSID(0, "$NetBSD: accf_http.c,v 1.8.6.1 2015/09/22 12:06:11 skrll Exp $");
     32      1.1    tls 
     33      1.1    tls #define ACCEPT_FILTER_MOD
     34      1.1    tls 
     35      1.1    tls #include <sys/param.h>
     36      1.1    tls #include <sys/kernel.h>
     37      1.1    tls #include <sys/mbuf.h>
     38      1.3     ad #include <sys/module.h>
     39      1.1    tls #include <sys/signalvar.h>
     40      1.1    tls #include <sys/sysctl.h>
     41      1.1    tls #include <sys/socket.h>
     42      1.1    tls #include <sys/socketvar.h>
     43      1.2     ad 
     44      1.1    tls #include <netinet/accept_filter.h>
     45      1.1    tls 
     46  1.8.6.1  skrll #include "ioconf.h"
     47  1.8.6.1  skrll 
     48      1.4     ad MODULE(MODULE_CLASS_MISC, accf_httpready, NULL);
     49      1.3     ad 
     50      1.1    tls /* check for GET/HEAD */
     51      1.7    tls static void sohashttpget(struct socket *so, void *arg, int events, int waitflag);
     52      1.1    tls /* check for HTTP/1.0 or HTTP/1.1 */
     53      1.7    tls static void soparsehttpvers(struct socket *so, void *arg, int events, int waitflag);
     54      1.1    tls /* check for end of HTTP/1.x request */
     55      1.7    tls static void soishttpconnected(struct socket *so, void *arg, int events, int waitflag);
     56      1.1    tls /* strcmp on an mbuf chain */
     57      1.1    tls static int mbufstrcmp(struct mbuf *m, struct mbuf *npkt, int offset, const char *cmp);
     58      1.1    tls /* strncmp on an mbuf chain */
     59      1.1    tls static int mbufstrncmp(struct mbuf *m, struct mbuf *npkt, int offset,
     60      1.1    tls 	int len, const char *cmp);
     61      1.1    tls /* socketbuffer is full */
     62      1.1    tls static int sbfull(struct sockbuf *sb);
     63      1.1    tls 
     64      1.1    tls static struct accept_filter accf_http_filter = {
     65      1.2     ad 	.accf_name = "httpready",
     66      1.2     ad 	.accf_callback = sohashttpget,
     67      1.1    tls };
     68      1.1    tls 
     69      1.1    tls /*
     70      1.1    tls  * Names of HTTP Accept filter sysctl objects
     71      1.1    tls  */
     72      1.1    tls 
     73      1.1    tls #define ACCFCTL_PARSEVER	1	/* Parse HTTP version */
     74      1.1    tls 
     75      1.1    tls static int parse_http_version = 1;
     76      1.1    tls 
     77      1.3     ad void
     78      1.3     ad accf_httpattach(int junk)
     79      1.3     ad {
     80      1.3     ad 
     81      1.3     ad }
     82      1.3     ad 
     83      1.3     ad static int
     84      1.5     ad accf_httpready_modcmd(modcmd_t cmd, void *arg)
     85      1.1    tls {
     86      1.3     ad 	static struct sysctllog *clog;
     87      1.3     ad 	int error;
     88      1.3     ad 
     89      1.3     ad 	switch (cmd) {
     90      1.3     ad 	case MODULE_CMD_INIT:
     91      1.3     ad 		error = accept_filt_add(&accf_http_filter);
     92      1.3     ad 		if (error != 0) {
     93      1.3     ad 			return error;
     94      1.3     ad 		}
     95      1.3     ad 		sysctl_createv(&clog, 0, NULL, NULL,
     96      1.1    tls 		       CTLFLAG_PERMANENT,
     97      1.1    tls 		       CTLTYPE_NODE, "inet", NULL,
     98      1.1    tls 		       NULL, 0, NULL, 0,
     99      1.1    tls 		       CTL_NET, PF_INET, CTL_EOL);
    100      1.3     ad 		sysctl_createv(&clog, 0, NULL, NULL,
    101      1.1    tls 		       CTLFLAG_PERMANENT,
    102      1.1    tls 		       CTLTYPE_NODE, "accf", NULL,
    103      1.1    tls 		       NULL, 0, NULL, 0,
    104      1.1    tls 		       CTL_NET, PF_INET, SO_ACCEPTFILTER, CTL_EOL);
    105      1.3     ad 		sysctl_createv(&clog, 0, NULL, NULL,
    106      1.1    tls 		       CTLFLAG_PERMANENT,
    107      1.1    tls 		       CTLTYPE_NODE, "http",
    108      1.1    tls 		       SYSCTL_DESCR("HTTP accept filter"),
    109      1.1    tls 		       NULL, 0, NULL, 0,
    110      1.1    tls 		       CTL_NET, PF_INET, SO_ACCEPTFILTER, ACCF_HTTP, CTL_EOL);
    111      1.3     ad 		sysctl_createv(&clog, 0, NULL, NULL,
    112      1.1    tls 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
    113      1.1    tls 		       CTLTYPE_INT, "parsehttpversion",
    114      1.1    tls 		       SYSCTL_DESCR("Parse http version so that non "
    115      1.1    tls 				    "1.x requests work"),
    116      1.1    tls 		       NULL, 0, &parse_http_version, 0,
    117      1.1    tls 		       CTL_NET, PF_INET, SO_ACCEPTFILTER, ACCF_HTTP,
    118      1.1    tls 		       ACCFCTL_PARSEVER, CTL_EOL);
    119      1.3     ad 		return 0;
    120      1.1    tls 
    121      1.3     ad 	case MODULE_CMD_FINI:
    122      1.3     ad 		error = accept_filt_del(&accf_http_filter);
    123      1.3     ad 		if (error != 0) {
    124      1.3     ad 			return error;
    125      1.3     ad 		}
    126      1.3     ad 		sysctl_teardown(&clog);
    127      1.3     ad 		return 0;
    128      1.1    tls 
    129      1.3     ad 	default:
    130      1.3     ad 		return ENOTTY;
    131      1.3     ad 	}
    132      1.1    tls }
    133      1.1    tls 
    134      1.1    tls #ifdef ACCF_HTTP_DEBUG
    135      1.1    tls #define DPRINT(fmt, args...)						\
    136      1.1    tls 	do {								\
    137      1.1    tls 		printf("%s:%d: " fmt "\n", __func__, __LINE__, ##args);	\
    138      1.1    tls 	} while (0)
    139      1.1    tls #else
    140      1.1    tls #define DPRINT(fmt, args...)
    141      1.1    tls #endif
    142      1.1    tls 
    143      1.1    tls static int
    144      1.1    tls sbfull(struct sockbuf *sb)
    145      1.1    tls {
    146      1.1    tls 
    147      1.1    tls 	DPRINT("sbfull, cc(%ld) >= hiwat(%ld): %d, "
    148      1.1    tls 	    "mbcnt(%ld) >= mbmax(%ld): %d",
    149      1.1    tls 	    sb->sb_cc, sb->sb_hiwat, sb->sb_cc >= sb->sb_hiwat,
    150      1.1    tls 	    sb->sb_mbcnt, sb->sb_mbmax, sb->sb_mbcnt >= sb->sb_mbmax);
    151      1.1    tls 	return (sb->sb_cc >= sb->sb_hiwat || sb->sb_mbcnt >= sb->sb_mbmax);
    152      1.1    tls }
    153      1.1    tls 
    154      1.1    tls /*
    155      1.1    tls  * start at mbuf m, (must provide npkt if exists)
    156      1.1    tls  * starting at offset in m compare characters in mbuf chain for 'cmp'
    157      1.1    tls  */
    158      1.1    tls static int
    159      1.1    tls mbufstrcmp(struct mbuf *m, struct mbuf *npkt, int offset, const char *cmp)
    160      1.1    tls {
    161      1.1    tls 	struct mbuf *n;
    162      1.1    tls 
    163      1.1    tls 	for (; m != NULL; m = n) {
    164      1.1    tls 		n = npkt;
    165      1.1    tls 		if (npkt)
    166      1.1    tls 			npkt = npkt->m_nextpkt;
    167      1.1    tls 		for (; m; m = m->m_next) {
    168      1.1    tls 			for (; offset < m->m_len; offset++, cmp++) {
    169      1.1    tls 				if (*cmp == '\0')
    170      1.1    tls 					return (1);
    171      1.1    tls 				else if (*cmp != *(mtod(m, char *) + offset))
    172      1.1    tls 					return (0);
    173      1.1    tls 			}
    174      1.1    tls 			if (*cmp == '\0')
    175      1.1    tls 				return (1);
    176      1.1    tls 			offset = 0;
    177      1.1    tls 		}
    178      1.1    tls 	}
    179      1.1    tls 	return (0);
    180      1.1    tls }
    181      1.1    tls 
    182      1.1    tls /*
    183      1.1    tls  * start at mbuf m, (must provide npkt if exists)
    184      1.1    tls  * starting at offset in m compare characters in mbuf chain for 'cmp'
    185      1.1    tls  * stop at 'max' characters
    186      1.1    tls  */
    187      1.1    tls static int
    188      1.1    tls mbufstrncmp(struct mbuf *m, struct mbuf *npkt, int offset, int len, const char *cmp)
    189      1.1    tls {
    190      1.1    tls 	struct mbuf *n;
    191      1.1    tls 
    192      1.1    tls 	for (; m != NULL; m = n) {
    193      1.1    tls 		n = npkt;
    194      1.1    tls 		if (npkt)
    195      1.1    tls 			npkt = npkt->m_nextpkt;
    196      1.1    tls 		for (; m; m = m->m_next) {
    197      1.1    tls 			for (; offset < m->m_len; offset++, cmp++, len--) {
    198      1.1    tls 				if (len == 0 || *cmp == '\0')
    199      1.1    tls 					return (1);
    200      1.1    tls 				else if (*cmp != *(mtod(m, char *) + offset))
    201      1.1    tls 					return (0);
    202      1.1    tls 			}
    203      1.1    tls 			if (len == 0 || *cmp == '\0')
    204      1.1    tls 				return (1);
    205      1.1    tls 			offset = 0;
    206      1.1    tls 		}
    207      1.1    tls 	}
    208      1.1    tls 	return (0);
    209      1.1    tls }
    210      1.1    tls 
    211      1.1    tls #define STRSETUP(sptr, slen, str)					\
    212      1.1    tls 	do {								\
    213      1.1    tls 		sptr = str;						\
    214      1.1    tls 		slen = sizeof(str) - 1;					\
    215      1.1    tls 	} while(0)
    216      1.1    tls 
    217      1.1    tls static void
    218      1.7    tls sohashttpget(struct socket *so, void *arg, int events, int waitflag)
    219      1.1    tls {
    220      1.1    tls 
    221      1.1    tls 	if ((so->so_state & SS_CANTRCVMORE) == 0 && !sbfull(&so->so_rcv)) {
    222      1.1    tls 		struct mbuf *m;
    223      1.1    tls 		const char *cmp;
    224      1.1    tls 		int	cmplen, cc;
    225      1.1    tls 
    226      1.1    tls 		m = so->so_rcv.sb_mb;
    227      1.1    tls 		cc = so->so_rcv.sb_cc - 1;
    228      1.1    tls 		if (cc < 1)
    229      1.1    tls 			return;
    230      1.1    tls 		switch (*mtod(m, char *)) {
    231      1.1    tls 		case 'G':
    232      1.1    tls 			STRSETUP(cmp, cmplen, "ET ");
    233      1.1    tls 			break;
    234      1.1    tls 		case 'H':
    235      1.1    tls 			STRSETUP(cmp, cmplen, "EAD ");
    236      1.1    tls 			break;
    237      1.1    tls 		default:
    238      1.1    tls 			goto fallout;
    239      1.1    tls 		}
    240      1.1    tls 		if (cc < cmplen) {
    241      1.1    tls 			if (mbufstrncmp(m, m->m_nextpkt, 1, cc, cmp) == 1) {
    242      1.1    tls 				DPRINT("short cc (%d) but mbufstrncmp ok", cc);
    243      1.1    tls 				return;
    244      1.1    tls 			} else {
    245      1.1    tls 				DPRINT("short cc (%d) mbufstrncmp failed", cc);
    246      1.1    tls 				goto fallout;
    247      1.1    tls 			}
    248      1.1    tls 		}
    249      1.1    tls 		if (mbufstrcmp(m, m->m_nextpkt, 1, cmp) == 1) {
    250      1.1    tls 			DPRINT("mbufstrcmp ok");
    251      1.1    tls 			if (parse_http_version == 0)
    252      1.7    tls 				soishttpconnected(so, arg, events, waitflag);
    253      1.1    tls 			else
    254      1.7    tls 				soparsehttpvers(so, arg, events, waitflag);
    255      1.1    tls 			return;
    256      1.1    tls 		}
    257      1.1    tls 		DPRINT("mbufstrcmp bad");
    258      1.1    tls 	}
    259      1.1    tls 
    260      1.1    tls fallout:
    261      1.1    tls 	DPRINT("fallout");
    262      1.1    tls 	so->so_upcall = NULL;
    263      1.1    tls 	so->so_rcv.sb_flags &= ~SB_UPCALL;
    264      1.1    tls 	soisconnected(so);
    265      1.1    tls 	return;
    266      1.1    tls }
    267      1.1    tls 
    268      1.1    tls static void
    269      1.7    tls soparsehttpvers(struct socket *so, void *arg, int events, int waitflag)
    270      1.1    tls {
    271      1.1    tls 	struct mbuf *m, *n;
    272      1.1    tls 	int	i, cc, spaces, inspaces;
    273      1.1    tls 
    274      1.1    tls 	if ((so->so_state & SS_CANTRCVMORE) != 0 || sbfull(&so->so_rcv))
    275      1.1    tls 		goto fallout;
    276      1.1    tls 
    277      1.1    tls 	m = so->so_rcv.sb_mb;
    278      1.1    tls 	cc = so->so_rcv.sb_cc;
    279      1.1    tls 	inspaces = spaces = 0;
    280      1.1    tls 	for (m = so->so_rcv.sb_mb; m; m = n) {
    281      1.1    tls 		n = m->m_nextpkt;
    282      1.1    tls 		for (; m; m = m->m_next) {
    283      1.1    tls 			for (i = 0; i < m->m_len; i++, cc--) {
    284      1.1    tls 				switch (*(mtod(m, char *) + i)) {
    285      1.1    tls 				case ' ':
    286      1.1    tls 					/* tabs? '\t' */
    287      1.1    tls 					if (!inspaces) {
    288      1.1    tls 						spaces++;
    289      1.1    tls 						inspaces = 1;
    290      1.1    tls 					}
    291      1.1    tls 					break;
    292      1.1    tls 				case '\r':
    293      1.1    tls 				case '\n':
    294      1.1    tls 					DPRINT("newline");
    295      1.1    tls 					goto fallout;
    296      1.1    tls 				default:
    297      1.1    tls 					if (spaces != 2) {
    298      1.1    tls 						inspaces = 0;
    299      1.1    tls 						break;
    300      1.1    tls 					}
    301      1.1    tls 
    302      1.1    tls 					/*
    303      1.1    tls 					 * if we don't have enough characters
    304      1.1    tls 					 * left (cc < sizeof("HTTP/1.0") - 1)
    305      1.1    tls 					 * then see if the remaining ones
    306      1.1    tls 					 * are a request we can parse.
    307      1.1    tls 					 */
    308      1.1    tls 					if (cc < sizeof("HTTP/1.0") - 1) {
    309      1.1    tls 						if (mbufstrncmp(m, n, i, cc,
    310      1.1    tls 							"HTTP/1.") == 1) {
    311      1.1    tls 							DPRINT("ok");
    312      1.1    tls 							goto readmore;
    313      1.1    tls 						} else {
    314      1.1    tls 							DPRINT("bad");
    315      1.1    tls 							goto fallout;
    316      1.1    tls 						}
    317      1.1    tls 					} else if (
    318      1.1    tls 					    mbufstrcmp(m, n, i, "HTTP/1.0") ||
    319      1.1    tls 					    mbufstrcmp(m, n, i, "HTTP/1.1")) {
    320      1.6  joerg 						DPRINT("ok");
    321      1.6  joerg 						soishttpconnected(so,
    322      1.7    tls 						    arg, events, waitflag);
    323      1.6  joerg 						return;
    324      1.1    tls 					} else {
    325      1.1    tls 						DPRINT("bad");
    326      1.1    tls 						goto fallout;
    327      1.1    tls 					}
    328      1.1    tls 				}
    329      1.1    tls 			}
    330      1.1    tls 		}
    331      1.1    tls 	}
    332      1.1    tls readmore:
    333      1.1    tls 	DPRINT("readmore");
    334      1.1    tls 	/*
    335      1.1    tls 	 * if we hit here we haven't hit something
    336      1.1    tls 	 * we don't understand or a newline, so try again
    337      1.1    tls 	 */
    338      1.1    tls 	so->so_upcall = soparsehttpvers;
    339      1.1    tls 	so->so_rcv.sb_flags |= SB_UPCALL;
    340      1.1    tls 	return;
    341      1.1    tls 
    342      1.1    tls fallout:
    343      1.1    tls 	DPRINT("fallout");
    344      1.1    tls 	so->so_upcall = NULL;
    345      1.1    tls 	so->so_rcv.sb_flags &= ~SB_UPCALL;
    346      1.1    tls 	soisconnected(so);
    347      1.1    tls 	return;
    348      1.1    tls }
    349      1.1    tls 
    350      1.1    tls 
    351      1.1    tls #define NCHRS 3
    352      1.1    tls 
    353      1.1    tls static void
    354      1.7    tls soishttpconnected(struct socket *so, void *arg, int events, int waitflag)
    355      1.1    tls {
    356      1.1    tls 	char a, b, c;
    357      1.1    tls 	struct mbuf *m, *n;
    358      1.1    tls 	int ccleft, copied;
    359      1.1    tls 
    360      1.1    tls 	DPRINT("start");
    361      1.1    tls 	if ((so->so_state & SS_CANTRCVMORE) != 0 || sbfull(&so->so_rcv))
    362      1.1    tls 		goto gotit;
    363      1.1    tls 
    364      1.1    tls 	/*
    365      1.1    tls 	 * Walk the socketbuffer and copy the last NCHRS (3) into a, b, and c
    366      1.1    tls 	 * copied - how much we've copied so far
    367      1.1    tls 	 * ccleft - how many bytes remaining in the socketbuffer
    368      1.1    tls 	 * just loop over the mbufs subtracting from 'ccleft' until we only
    369      1.1    tls 	 * have NCHRS left
    370      1.1    tls 	 */
    371      1.1    tls 	copied = 0;
    372      1.1    tls 	ccleft = so->so_rcv.sb_cc;
    373      1.1    tls 	if (ccleft < NCHRS)
    374      1.1    tls 		goto readmore;
    375      1.1    tls 	a = b = c = '\0';
    376      1.1    tls 	for (m = so->so_rcv.sb_mb; m; m = n) {
    377      1.1    tls 		n = m->m_nextpkt;
    378      1.1    tls 		for (; m; m = m->m_next) {
    379      1.1    tls 			ccleft -= m->m_len;
    380      1.1    tls 			if (ccleft <= NCHRS) {
    381      1.1    tls 				char *src;
    382      1.1    tls 				int tocopy;
    383      1.1    tls 
    384      1.1    tls 				tocopy = (NCHRS - ccleft) - copied;
    385      1.1    tls 				src = mtod(m, char *) + (m->m_len - tocopy);
    386      1.1    tls 
    387      1.1    tls 				while (tocopy--) {
    388      1.1    tls 					switch (copied++) {
    389      1.1    tls 					case 0:
    390      1.1    tls 						a = *src++;
    391      1.1    tls 						break;
    392      1.1    tls 					case 1:
    393      1.1    tls 						b = *src++;
    394      1.1    tls 						break;
    395      1.1    tls 					case 2:
    396      1.1    tls 						c = *src++;
    397      1.1    tls 						break;
    398      1.1    tls 					}
    399      1.1    tls 				}
    400      1.1    tls 			}
    401      1.1    tls 		}
    402      1.1    tls 	}
    403      1.1    tls 	if (c == '\n' && (b == '\n' || (b == '\r' && a == '\n'))) {
    404      1.1    tls 		/* we have all request headers */
    405      1.1    tls 		goto gotit;
    406      1.1    tls 	}
    407      1.1    tls 
    408      1.1    tls readmore:
    409      1.1    tls 	so->so_upcall = soishttpconnected;
    410      1.1    tls 	so->so_rcv.sb_flags |= SB_UPCALL;
    411      1.1    tls 	return;
    412      1.1    tls 
    413      1.1    tls gotit:
    414      1.1    tls 	so->so_upcall = NULL;
    415      1.1    tls 	so->so_rcv.sb_flags &= ~SB_UPCALL;
    416      1.1    tls 	soisconnected(so);
    417      1.1    tls 	return;
    418      1.1    tls }
    419