sys/netinet/accf_http.c

1.9  christos /*	$NetBSD: accf_http.c,v 1.9 2015/08/20 14:40:19 christos Exp $	*/
1.2        ad
1.1       tls /*-
1.1       tls  * Copyright (c) 2000 Paycounter, Inc.
1.1       tls  * Author: Alfred Perlstein <alfred (at) paycounter.com>, <alfred (at) FreeBSD.org>
1.1       tls  * All rights reserved.
1.1       tls  *
1.1       tls  * Redistribution and use in source and binary forms, with or without
1.1       tls  * modification, are permitted provided that the following conditions
1.1       tls  * are met:
1.1       tls  * 1. Redistributions of source code must retain the above copyright
1.1       tls  *    notice, this list of conditions and the following disclaimer.
1.1       tls  * 2. Redistributions in binary form must reproduce the above copyright
1.1       tls  *    notice, this list of conditions and the following disclaimer in the
1.1       tls  *    documentation and/or other materials provided with the distribution.
1.1       tls  *
1.1       tls  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
1.1       tls  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1.1       tls  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1.1       tls  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1.1       tls  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1.1       tls  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1.1       tls  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.1       tls  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1.1       tls  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1.1       tls  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.1       tls  * SUCH DAMAGE.
1.1       tls  */
1.1       tls
1.1       tls #include <sys/cdefs.h>
1.9  christos __KERNEL_RCSID(0, "$NetBSD: accf_http.c,v 1.9 2015/08/20 14:40:19 christos Exp $");
1.1       tls
1.1       tls #define ACCEPT_FILTER_MOD
1.1       tls
1.1       tls #include <sys/param.h>
1.1       tls #include <sys/kernel.h>
1.1       tls #include <sys/mbuf.h>
1.3        ad #include <sys/module.h>
1.1       tls #include <sys/signalvar.h>
1.1       tls #include <sys/sysctl.h>
1.1       tls #include <sys/socket.h>
1.1       tls #include <sys/socketvar.h>
1.2        ad
1.1       tls #include <netinet/accept_filter.h>
1.1       tls
1.9  christos #include "ioconf.h"
1.9  christos
1.4        ad MODULE(MODULE_CLASS_MISC, accf_httpready, NULL);
1.3        ad
1.1       tls /* check for GET/HEAD */
1.7       tls static void sohashttpget(struct socket *so, void *arg, int events, int waitflag);
1.1       tls /* check for HTTP/1.0 or HTTP/1.1 */
1.7       tls static void soparsehttpvers(struct socket *so, void *arg, int events, int waitflag);
1.1       tls /* check for end of HTTP/1.x request */
1.7       tls static void soishttpconnected(struct socket *so, void *arg, int events, int waitflag);
1.1       tls /* strcmp on an mbuf chain */
1.1       tls static int mbufstrcmp(struct mbuf *m, struct mbuf *npkt, int offset, const char *cmp);
1.1       tls /* strncmp on an mbuf chain */
1.1       tls static int mbufstrncmp(struct mbuf *m, struct mbuf *npkt, int offset,
1.1       tls 	int len, const char *cmp);
1.1       tls /* socketbuffer is full */
1.1       tls static int sbfull(struct sockbuf *sb);
1.1       tls
1.1       tls static struct accept_filter accf_http_filter = {
1.2        ad 	.accf_name = "httpready",
1.2        ad 	.accf_callback = sohashttpget,
1.1       tls };
1.1       tls
1.1       tls /*
1.1       tls  * Names of HTTP Accept filter sysctl objects
1.1       tls  */
1.1       tls
1.1       tls #define ACCFCTL_PARSEVER	1	/* Parse HTTP version */
1.1       tls
1.1       tls static int parse_http_version = 1;
1.1       tls
1.3        ad void
1.3        ad accf_httpattach(int junk)
1.3        ad {
1.3        ad
1.3        ad }
1.3        ad
1.3        ad static int
1.5        ad accf_httpready_modcmd(modcmd_t cmd, void *arg)
1.1       tls {
1.3        ad 	static struct sysctllog *clog;
1.3        ad 	int error;
1.3        ad
1.3        ad 	switch (cmd) {
1.3        ad 	case MODULE_CMD_INIT:
1.3        ad 		error = accept_filt_add(&accf_http_filter);
1.3        ad 		if (error != 0) {
1.3        ad 			return error;
1.3        ad 		}
1.3        ad 		sysctl_createv(&clog, 0, NULL, NULL,
1.1       tls 		       CTLFLAG_PERMANENT,
1.1       tls 		       CTLTYPE_NODE, "inet", NULL,
1.1       tls 		       NULL, 0, NULL, 0,
1.1       tls 		       CTL_NET, PF_INET, CTL_EOL);
1.3        ad 		sysctl_createv(&clog, 0, NULL, NULL,
1.1       tls 		       CTLFLAG_PERMANENT,
1.1       tls 		       CTLTYPE_NODE, "accf", NULL,
1.1       tls 		       NULL, 0, NULL, 0,
1.1       tls 		       CTL_NET, PF_INET, SO_ACCEPTFILTER, CTL_EOL);
1.3        ad 		sysctl_createv(&clog, 0, NULL, NULL,
1.1       tls 		       CTLFLAG_PERMANENT,
1.1       tls 		       CTLTYPE_NODE, "http",
1.1       tls 		       SYSCTL_DESCR("HTTP accept filter"),
1.1       tls 		       NULL, 0, NULL, 0,
1.1       tls 		       CTL_NET, PF_INET, SO_ACCEPTFILTER, ACCF_HTTP, CTL_EOL);
1.3        ad 		sysctl_createv(&clog, 0, NULL, NULL,
1.1       tls 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1.1       tls 		       CTLTYPE_INT, "parsehttpversion",
1.1       tls 		       SYSCTL_DESCR("Parse http version so that non "
1.1       tls 				    "1.x requests work"),
1.1       tls 		       NULL, 0, &parse_http_version, 0,
1.1       tls 		       CTL_NET, PF_INET, SO_ACCEPTFILTER, ACCF_HTTP,
1.1       tls 		       ACCFCTL_PARSEVER, CTL_EOL);
1.3        ad 		return 0;
1.1       tls
1.3        ad 	case MODULE_CMD_FINI:
1.3        ad 		error = accept_filt_del(&accf_http_filter);
1.3        ad 		if (error != 0) {
1.3        ad 			return error;
1.3        ad 		}
1.3        ad 		sysctl_teardown(&clog);
1.3        ad 		return 0;
1.1       tls
1.3        ad 	default:
1.3        ad 		return ENOTTY;
1.3        ad 	}
1.1       tls }
1.1       tls
1.1       tls #ifdef ACCF_HTTP_DEBUG
1.1       tls #define DPRINT(fmt, args...)						\
1.1       tls 	do {								\
1.1       tls 		printf("%s:%d: " fmt "\n", __func__, __LINE__, ##args);	\
1.1       tls 	} while (0)
1.1       tls #else
1.1       tls #define DPRINT(fmt, args...)
1.1       tls #endif
1.1       tls
1.1       tls static int
1.1       tls sbfull(struct sockbuf *sb)
1.1       tls {
1.1       tls
1.1       tls 	DPRINT("sbfull, cc(%ld) >= hiwat(%ld): %d, "
1.1       tls 	    "mbcnt(%ld) >= mbmax(%ld): %d",
1.1       tls 	    sb->sb_cc, sb->sb_hiwat, sb->sb_cc >= sb->sb_hiwat,
1.1       tls 	    sb->sb_mbcnt, sb->sb_mbmax, sb->sb_mbcnt >= sb->sb_mbmax);
1.1       tls 	return (sb->sb_cc >= sb->sb_hiwat || sb->sb_mbcnt >= sb->sb_mbmax);
1.1       tls }
1.1       tls
1.1       tls /*
1.1       tls  * start at mbuf m, (must provide npkt if exists)
1.1       tls  * starting at offset in m compare characters in mbuf chain for 'cmp'
1.1       tls  */
1.1       tls static int
1.1       tls mbufstrcmp(struct mbuf *m, struct mbuf *npkt, int offset, const char *cmp)
1.1       tls {
1.1       tls 	struct mbuf *n;
1.1       tls
1.1       tls 	for (; m != NULL; m = n) {
1.1       tls 		n = npkt;
1.1       tls 		if (npkt)
1.1       tls 			npkt = npkt->m_nextpkt;
1.1       tls 		for (; m; m = m->m_next) {
1.1       tls 			for (; offset < m->m_len; offset++, cmp++) {
1.1       tls 				if (*cmp == '\0')
1.1       tls 					return (1);
1.1       tls 				else if (*cmp != *(mtod(m, char *) + offset))
1.1       tls 					return (0);
1.1       tls 			}
1.1       tls 			if (*cmp == '\0')
1.1       tls 				return (1);
1.1       tls 			offset = 0;
1.1       tls 		}
1.1       tls 	}
1.1       tls 	return (0);
1.1       tls }
1.1       tls
1.1       tls /*
1.1       tls  * start at mbuf m, (must provide npkt if exists)
1.1       tls  * starting at offset in m compare characters in mbuf chain for 'cmp'
1.1       tls  * stop at 'max' characters
1.1       tls  */
1.1       tls static int
1.1       tls mbufstrncmp(struct mbuf *m, struct mbuf *npkt, int offset, int len, const char *cmp)
1.1       tls {
1.1       tls 	struct mbuf *n;
1.1       tls
1.1       tls 	for (; m != NULL; m = n) {
1.1       tls 		n = npkt;
1.1       tls 		if (npkt)
1.1       tls 			npkt = npkt->m_nextpkt;
1.1       tls 		for (; m; m = m->m_next) {
1.1       tls 			for (; offset < m->m_len; offset++, cmp++, len--) {
1.1       tls 				if (len == 0 || *cmp == '\0')
1.1       tls 					return (1);
1.1       tls 				else if (*cmp != *(mtod(m, char *) + offset))
1.1       tls 					return (0);
1.1       tls 			}
1.1       tls 			if (len == 0 || *cmp == '\0')
1.1       tls 				return (1);
1.1       tls 			offset = 0;
1.1       tls 		}
1.1       tls 	}
1.1       tls 	return (0);
1.1       tls }
1.1       tls
1.1       tls #define STRSETUP(sptr, slen, str)					\
1.1       tls 	do {								\
1.1       tls 		sptr = str;						\
1.1       tls 		slen = sizeof(str) - 1;					\
1.1       tls 	} while(0)
1.1       tls
1.1       tls static void
1.7       tls sohashttpget(struct socket *so, void *arg, int events, int waitflag)
1.1       tls {
1.1       tls
1.1       tls 	if ((so->so_state & SS_CANTRCVMORE) == 0 && !sbfull(&so->so_rcv)) {
1.1       tls 		struct mbuf *m;
1.1       tls 		const char *cmp;
1.1       tls 		int	cmplen, cc;
1.1       tls
1.1       tls 		m = so->so_rcv.sb_mb;
1.1       tls 		cc = so->so_rcv.sb_cc - 1;
1.1       tls 		if (cc < 1)
1.1       tls 			return;
1.1       tls 		switch (*mtod(m, char *)) {
1.1       tls 		case 'G':
1.1       tls 			STRSETUP(cmp, cmplen, "ET ");
1.1       tls 			break;
1.1       tls 		case 'H':
1.1       tls 			STRSETUP(cmp, cmplen, "EAD ");
1.1       tls 			break;
1.1       tls 		default:
1.1       tls 			goto fallout;
1.1       tls 		}
1.1       tls 		if (cc < cmplen) {
1.1       tls 			if (mbufstrncmp(m, m->m_nextpkt, 1, cc, cmp) == 1) {
1.1       tls 				DPRINT("short cc (%d) but mbufstrncmp ok", cc);
1.1       tls 				return;
1.1       tls 			} else {
1.1       tls 				DPRINT("short cc (%d) mbufstrncmp failed", cc);
1.1       tls 				goto fallout;
1.1       tls 			}
1.1       tls 		}
1.1       tls 		if (mbufstrcmp(m, m->m_nextpkt, 1, cmp) == 1) {
1.1       tls 			DPRINT("mbufstrcmp ok");
1.1       tls 			if (parse_http_version == 0)
1.7       tls 				soishttpconnected(so, arg, events, waitflag);
1.1       tls 			else
1.7       tls 				soparsehttpvers(so, arg, events, waitflag);
1.1       tls 			return;
1.1       tls 		}
1.1       tls 		DPRINT("mbufstrcmp bad");
1.1       tls 	}
1.1       tls
1.1       tls fallout:
1.1       tls 	DPRINT("fallout");
1.1       tls 	so->so_upcall = NULL;
1.1       tls 	so->so_rcv.sb_flags &= ~SB_UPCALL;
1.1       tls 	soisconnected(so);
1.1       tls 	return;
1.1       tls }
1.1       tls
1.1       tls static void
1.7       tls soparsehttpvers(struct socket *so, void *arg, int events, int waitflag)
1.1       tls {
1.1       tls 	struct mbuf *m, *n;
1.1       tls 	int	i, cc, spaces, inspaces;
1.1       tls
1.1       tls 	if ((so->so_state & SS_CANTRCVMORE) != 0 || sbfull(&so->so_rcv))
1.1       tls 		goto fallout;
1.1       tls
1.1       tls 	m = so->so_rcv.sb_mb;
1.1       tls 	cc = so->so_rcv.sb_cc;
1.1       tls 	inspaces = spaces = 0;
1.1       tls 	for (m = so->so_rcv.sb_mb; m; m = n) {
1.1       tls 		n = m->m_nextpkt;
1.1       tls 		for (; m; m = m->m_next) {
1.1       tls 			for (i = 0; i < m->m_len; i++, cc--) {
1.1       tls 				switch (*(mtod(m, char *) + i)) {
1.1       tls 				case ' ':
1.1       tls 					/* tabs? '\t' */
1.1       tls 					if (!inspaces) {
1.1       tls 						spaces++;
1.1       tls 						inspaces = 1;
1.1       tls 					}
1.1       tls 					break;
1.1       tls 				case '\r':
1.1       tls 				case '\n':
1.1       tls 					DPRINT("newline");
1.1       tls 					goto fallout;
1.1       tls 				default:
1.1       tls 					if (spaces != 2) {
1.1       tls 						inspaces = 0;
1.1       tls 						break;
1.1       tls 					}
1.1       tls
1.1       tls 					/*
1.1       tls 					 * if we don't have enough characters
1.1       tls 					 * left (cc < sizeof("HTTP/1.0") - 1)
1.1       tls 					 * then see if the remaining ones
1.1       tls 					 * are a request we can parse.
1.1       tls 					 */
1.1       tls 					if (cc < sizeof("HTTP/1.0") - 1) {
1.1       tls 						if (mbufstrncmp(m, n, i, cc,
1.1       tls 							"HTTP/1.") == 1) {
1.1       tls 							DPRINT("ok");
1.1       tls 							goto readmore;
1.1       tls 						} else {
1.1       tls 							DPRINT("bad");
1.1       tls 							goto fallout;
1.1       tls 						}
1.1       tls 					} else if (
1.1       tls 					    mbufstrcmp(m, n, i, "HTTP/1.0") ||
1.1       tls 					    mbufstrcmp(m, n, i, "HTTP/1.1")) {
1.6     joerg 						DPRINT("ok");
1.6     joerg 						soishttpconnected(so,
1.7       tls 						    arg, events, waitflag);
1.6     joerg 						return;
1.1       tls 					} else {
1.1       tls 						DPRINT("bad");
1.1       tls 						goto fallout;
1.1       tls 					}
1.1       tls 				}
1.1       tls 			}
1.1       tls 		}
1.1       tls 	}
1.1       tls readmore:
1.1       tls 	DPRINT("readmore");
1.1       tls 	/*
1.1       tls 	 * if we hit here we haven't hit something
1.1       tls 	 * we don't understand or a newline, so try again
1.1       tls 	 */
1.1       tls 	so->so_upcall = soparsehttpvers;
1.1       tls 	so->so_rcv.sb_flags |= SB_UPCALL;
1.1       tls 	return;
1.1       tls
1.1       tls fallout:
1.1       tls 	DPRINT("fallout");
1.1       tls 	so->so_upcall = NULL;
1.1       tls 	so->so_rcv.sb_flags &= ~SB_UPCALL;
1.1       tls 	soisconnected(so);
1.1       tls 	return;
1.1       tls }
1.1       tls
1.1       tls
1.1       tls #define NCHRS 3
1.1       tls
1.1       tls static void
1.7       tls soishttpconnected(struct socket *so, void *arg, int events, int waitflag)
1.1       tls {
1.1       tls 	char a, b, c;
1.1       tls 	struct mbuf *m, *n;
1.1       tls 	int ccleft, copied;
1.1       tls
1.1       tls 	DPRINT("start");
1.1       tls 	if ((so->so_state & SS_CANTRCVMORE) != 0 || sbfull(&so->so_rcv))
1.1       tls 		goto gotit;
1.1       tls
1.1       tls 	/*
1.1       tls 	 * Walk the socketbuffer and copy the last NCHRS (3) into a, b, and c
1.1       tls 	 * copied - how much we've copied so far
1.1       tls 	 * ccleft - how many bytes remaining in the socketbuffer
1.1       tls 	 * just loop over the mbufs subtracting from 'ccleft' until we only
1.1       tls 	 * have NCHRS left
1.1       tls 	 */
1.1       tls 	copied = 0;
1.1       tls 	ccleft = so->so_rcv.sb_cc;
1.1       tls 	if (ccleft < NCHRS)
1.1       tls 		goto readmore;
1.1       tls 	a = b = c = '\0';
1.1       tls 	for (m = so->so_rcv.sb_mb; m; m = n) {
1.1       tls 		n = m->m_nextpkt;
1.1       tls 		for (; m; m = m->m_next) {
1.1       tls 			ccleft -= m->m_len;
1.1       tls 			if (ccleft <= NCHRS) {
1.1       tls 				char *src;
1.1       tls 				int tocopy;
1.1       tls
1.1       tls 				tocopy = (NCHRS - ccleft) - copied;
1.1       tls 				src = mtod(m, char *) + (m->m_len - tocopy);
1.1       tls
1.1       tls 				while (tocopy--) {
1.1       tls 					switch (copied++) {
1.1       tls 					case 0:
1.1       tls 						a = *src++;
1.1       tls 						break;
1.1       tls 					case 1:
1.1       tls 						b = *src++;
1.1       tls 						break;
1.1       tls 					case 2:
1.1       tls 						c = *src++;
1.1       tls 						break;
1.1       tls 					}
1.1       tls 				}
1.1       tls 			}
1.1       tls 		}
1.1       tls 	}
1.1       tls 	if (c == '\n' && (b == '\n' || (b == '\r' && a == '\n'))) {
1.1       tls 		/* we have all request headers */
1.1       tls 		goto gotit;
1.1       tls 	}
1.1       tls
1.1       tls readmore:
1.1       tls 	so->so_upcall = soishttpconnected;
1.1       tls 	so->so_rcv.sb_flags |= SB_UPCALL;
1.1       tls 	return;
1.1       tls
1.1       tls gotit:
1.1       tls 	so->so_upcall = NULL;
1.1       tls 	so->so_rcv.sb_flags &= ~SB_UPCALL;
1.1       tls 	soisconnected(so);
1.1       tls 	return;
1.1       tls }