projects / project / uhttpd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
uhttpd: Fix multiple format string problems
[project/uhttpd.git] / proc.c
1 /*
2 * uhttpd - Tiny single-threaded httpd
3 *
4 * Copyright (C) 2010-2013 Jo-Philipp Wich <xm@subsignal.org>
5 * Copyright (C) 2013 Felix Fietkau <nbd@openwrt.org>
6 *
7 * Permission to use, copy, modify, and/or distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 #include <arpa/inet.h>
21 #include <libubox/blobmsg.h>
22 #include "uhttpd.h"
23
24 #define __headers \
25 __header(accept, accept) \
26 __header(accept_charset, accept-charset) \
27 __header(accept_encoding, accept-encoding) \
28 __header(accept_language, accept-language) \
29 __header(authorization, authorization) \
30 __header(connection, connection) \
31 __header(cookie, cookie) \
32 __header(host, host) \
33 __header(origin, origin) \
34 __header(referer, referer) \
35 __header(user_agent, user-agent) \
36 __header(content_type, content-type) \
37 __header(content_length, content-length) \
38 __header(x_http_method_override, x-http-method-override) \
39 __header(http_auth_user, http-auth-user) \
40 __header(http_auth_pass, http-auth-pass)
41
42 #undef __header
43 #define __header __enum_header
44 enum client_hdr {
45 __headers
46 __HDR_MAX,
47 };
48
49 #undef __header
50 #define __header __blobmsg_header
51 static const struct blobmsg_policy hdr_policy[__HDR_MAX] = {
52 __headers
53 };
54
55 static const struct {
56 const char *name;
57 int idx;
58 } proc_header_env[] = {
59 { "HTTP_ACCEPT", HDR_accept },
60 { "HTTP_ACCEPT_CHARSET", HDR_accept_charset },
61 { "HTTP_ACCEPT_ENCODING", HDR_accept_encoding },
62 { "HTTP_ACCEPT_LANGUAGE", HDR_accept_language },
63 { "HTTP_AUTHORIZATION", HDR_authorization },
64 { "HTTP_CONNECTION", HDR_connection },
65 { "HTTP_COOKIE", HDR_cookie },
66 { "HTTP_HOST", HDR_host },
67 { "HTTP_ORIGIN", HDR_origin },
68 { "HTTP_REFERER", HDR_referer },
69 { "HTTP_USER_AGENT", HDR_user_agent },
70 { "HTTP_X_HTTP_METHOD_OVERRIDE", HDR_x_http_method_override },
71 { "HTTP_AUTH_USER", HDR_http_auth_user },
72 { "HTTP_AUTH_PASS", HDR_http_auth_pass },
73 { "CONTENT_TYPE", HDR_content_type },
74 { "CONTENT_LENGTH", HDR_content_length },
75 };
76
77 enum extra_vars {
78 /* no update needed */
79 _VAR_GW,
80 _VAR_SOFTWARE,
81
82 /* updated by uh_get_process_vars */
83 VAR_SCRIPT_NAME,
84 VAR_SCRIPT_FILE,
85 VAR_DOCROOT,
86 VAR_QUERY,
87 VAR_REQUEST,
88 VAR_PROTO,
89 VAR_METHOD,
90 VAR_PATH_INFO,
91 VAR_USER,
92 VAR_HTTPS,
93 VAR_REDIRECT,
94 VAR_SERVER_NAME,
95 VAR_SERVER_ADDR,
96 VAR_SERVER_PORT,
97 VAR_REMOTE_NAME,
98 VAR_REMOTE_ADDR,
99 VAR_REMOTE_PORT,
100
101 __VAR_MAX,
102 };
103
104 static char local_addr[INET6_ADDRSTRLEN], remote_addr[INET6_ADDRSTRLEN];
105 static char local_port[6], remote_port[6];
106 static char redirect_status[4];
107
108 static struct env_var extra_vars[] = {
109 [_VAR_GW] = { "GATEWAY_INTERFACE", "CGI/1.1" },
110 [_VAR_SOFTWARE] = { "SERVER_SOFTWARE", "uhttpd" },
111 [VAR_SCRIPT_NAME] = { "SCRIPT_NAME" },
112 [VAR_SCRIPT_FILE] = { "SCRIPT_FILENAME" },
113 [VAR_DOCROOT] = { "DOCUMENT_ROOT" },
114 [VAR_QUERY] = { "QUERY_STRING" },
115 [VAR_REQUEST] = { "REQUEST_URI" },
116 [VAR_PROTO] = { "SERVER_PROTOCOL" },
117 [VAR_METHOD] = { "REQUEST_METHOD" },
118 [VAR_PATH_INFO] = { "PATH_INFO" },
119 [VAR_USER] = { "REMOTE_USER" },
120 [VAR_HTTPS] = { "HTTPS" },
121 [VAR_REDIRECT] = { "REDIRECT_STATUS", redirect_status },
122 [VAR_SERVER_NAME] = { "SERVER_NAME", local_addr },
123 [VAR_SERVER_ADDR] = { "SERVER_ADDR", local_addr },
124 [VAR_SERVER_PORT] = { "SERVER_PORT", local_port },
125 [VAR_REMOTE_NAME] = { "REMOTE_HOST", remote_addr },
126 [VAR_REMOTE_ADDR] = { "REMOTE_ADDR", remote_addr },
127 [VAR_REMOTE_PORT] = { "REMOTE_PORT", remote_port },
128 };
129
130 struct env_var *uh_get_process_vars(struct client *cl, struct path_info *pi)
131 {
132 struct http_request *req = &cl->request;
133 struct blob_attr *data = cl->hdr.head;
134 struct env_var *vars = (void *) uh_buf;
135 struct blob_attr *tb[__HDR_MAX];
136 const char *url;
137 int len;
138 int i;
139
140 url = blobmsg_data(blob_data(cl->hdr.head));
141 len = ARRAY_SIZE(proc_header_env);
142 len += ARRAY_SIZE(extra_vars);
143 len *= sizeof(struct env_var);
144
145 BUILD_BUG_ON(sizeof(uh_buf) < len);
146
147 extra_vars[VAR_SCRIPT_NAME].value = pi->name;
148 extra_vars[VAR_SCRIPT_FILE].value = pi->phys;
149 extra_vars[VAR_DOCROOT].value = pi->root;
150 extra_vars[VAR_QUERY].value = pi->query ? pi->query : "";
151 extra_vars[VAR_REQUEST].value = url;
152 extra_vars[VAR_PROTO].value = http_versions[req->version];
153 extra_vars[VAR_METHOD].value = http_methods[req->method];
154 extra_vars[VAR_PATH_INFO].value = pi->info;
155 extra_vars[VAR_USER].value = req->realm ? req->realm->user : NULL;
156 extra_vars[VAR_HTTPS].value = cl->tls ? "on" : NULL;
157
158 snprintf(redirect_status, sizeof(redirect_status),
159 "%d", req->redirect_status);
160 inet_ntop(cl->srv_addr.family, &cl->srv_addr.in, local_addr, sizeof(local_addr));
161 snprintf(local_port, sizeof(local_port), "%d", cl->srv_addr.port);
162 inet_ntop(cl->peer_addr.family, &cl->peer_addr.in, remote_addr, sizeof(remote_addr));
163 snprintf(remote_port, sizeof(remote_port), "%d", cl->peer_addr.port);
164
165 blobmsg_parse(hdr_policy, __HDR_MAX, tb, blob_data(data), blob_len(data));
166 for (i = 0; i < ARRAY_SIZE(proc_header_env); i++) {
167 struct blob_attr *cur;
168
169 cur = tb[proc_header_env[i].idx];
170 vars[i].name = proc_header_env[i].name;
171 vars[i].value = cur ? blobmsg_data(cur) : NULL;
172 }
173
174 memcpy(&vars[i], extra_vars, sizeof(extra_vars));
175 i += ARRAY_SIZE(extra_vars);
176 vars[i].name = NULL;
177 vars[i].value = NULL;
178
179 return vars;
180 }
181
182 static void proc_close_fds(struct client *cl)
183 {
184 struct dispatch_proc *p = &cl->dispatch.proc;
185
186 close(p->r.sfd.fd.fd);
187 if (p->wrfd.fd >= 0)
188 close(p->wrfd.fd);
189 }
190
191 static void proc_handle_close(struct relay *r, int ret)
192 {
193 if (r->header_cb) {
194 uh_client_error(r->cl, 502, "Bad Gateway",
195 "The process did not produce any response");
196 return;
197 }
198
199 uh_request_done(r->cl);
200 }
201
202 static void proc_handle_header(struct relay *r, const char *name, const char *val)
203 {
204 static char status_buf[64];
205 struct client *cl = r->cl;
206 char *sep;
207 char buf[4];
208
209 if (!strcmp(name, "Status")) {
210 sep = strchr(val, ' ');
211 if (sep != val + 3)
212 return;
213
214 memcpy(buf, val, 3);
215 buf[3] = 0;
216 snprintf(status_buf, sizeof(status_buf), "%s", sep + 1);
217 cl->dispatch.proc.status_msg = status_buf;
218 cl->dispatch.proc.status_code = atoi(buf);
219 return;
220 }
221
222 blobmsg_add_string(&cl->dispatch.proc.hdr, name, val);
223 }
224
225 static void proc_handle_header_end(struct relay *r)
226 {
227 struct client *cl = r->cl;
228 struct dispatch_proc *p = &cl->dispatch.proc;
229 struct blob_attr *cur;
230 int rem;
231
232 uloop_timeout_cancel(&p->timeout);
233 uh_http_header(cl, cl->dispatch.proc.status_code, cl->dispatch.proc.status_msg);
234 blob_for_each_attr(cur, cl->dispatch.proc.hdr.head, rem)
235 ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur),
236 blobmsg_get_string(cur));
237
238 ustream_printf(cl->us, "\r\n");
239
240 if (cl->request.method == UH_HTTP_MSG_HEAD)
241 r->skip_data = true;
242 }
243
244 static void proc_write_close(struct client *cl)
245 {
246 struct dispatch_proc *p = &cl->dispatch.proc;
247
248 if (p->wrfd.fd < 0)
249 return;
250
251 uloop_fd_delete(&p->wrfd);
252 close(p->wrfd.fd);
253 p->wrfd.fd = -1;
254 }
255
256 static void proc_free(struct client *cl)
257 {
258 struct dispatch_proc *p = &cl->dispatch.proc;
259
260 uloop_timeout_cancel(&p->timeout);
261 blob_buf_free(&p->hdr);
262 proc_write_close(cl);
263 uh_relay_free(&p->r);
264 }
265
266 static void proc_write_cb(struct uloop_fd *fd, unsigned int events)
267 {
268 struct client *cl = container_of(fd, struct client, dispatch.proc.wrfd);
269
270 client_poll_post_data(cl);
271 }
272
273 static void proc_relay_write_cb(struct client *cl)
274 {
275 struct dispatch_proc *p = &cl->dispatch.proc;
276
277 if (ustream_pending_data(cl->us, true))
278 return;
279
280 ustream_set_read_blocked(&p->r.sfd.stream, false);
281 p->r.sfd.stream.notify_read(&p->r.sfd.stream, 0);
282 }
283
284 static int proc_data_send(struct client *cl, const char *data, int len)
285 {
286 struct dispatch_proc *p = &cl->dispatch.proc;
287 int retlen = 0;
288 int ret;
289
290 while (len) {
291 ret = write(p->wrfd.fd, data, len);
292
293 if (ret < 0) {
294 if (errno == EINTR)
295 continue;
296
297 if (errno == EAGAIN || errno == EWOULDBLOCK)
298 break;
299
300 /* consume all data */
301 ret = len;
302 }
303
304 if (!ret)
305 break;
306
307 retlen += ret;
308 len -= ret;
309 data += ret;
310 }
311
312 if (len)
313 uloop_fd_add(&p->wrfd, ULOOP_WRITE);
314 else
315 uloop_fd_delete(&p->wrfd);
316
317 return retlen;
318 }
319
320 static void proc_timeout_cb(struct uloop_timeout *timeout)
321 {
322 struct dispatch_proc *proc = container_of(timeout, struct dispatch_proc, timeout);
323 struct client *cl = container_of(proc, struct client, dispatch.proc);
324
325 uh_relay_kill(cl, &proc->r);
326 }
327
328 bool uh_create_process(struct client *cl, struct path_info *pi, char *url,
329 void (*cb)(struct client *cl, struct path_info *pi, char *url))
330 {
331 struct dispatch *d = &cl->dispatch;
332 struct dispatch_proc *proc = &d->proc;
333 int rfd[2], wfd[2];
334 int pid;
335
336 blob_buf_init(&proc->hdr, 0);
337 proc->status_code = 200;
338 proc->status_msg = "OK";
339
340 if (pipe(rfd))
341 return false;
342
343 if (pipe(wfd))
344 goto close_rfd;
345
346 pid = fork();
347 if (pid < 0)
348 goto close_wfd;
349
350 if (!pid) {
351 close(0);
352 close(1);
353
354 dup2(rfd[1], 1);
355 dup2(wfd[0], 0);
356
357 close(rfd[0]);
358 close(rfd[1]);
359 close(wfd[0]);
360 close(wfd[1]);
361
362 uh_close_fds();
363 cb(cl, pi, url);
364 exit(0);
365 }
366
367 close(rfd[1]);
368 close(wfd[0]);
369
370 proc->wrfd.fd = wfd[1];
371 uh_relay_open(cl, &proc->r, rfd[0], pid);
372
373 d->free = proc_free;
374 d->close_fds = proc_close_fds;
375 d->data_send = proc_data_send;
376 d->data_done = proc_write_close;
377 d->write_cb = proc_relay_write_cb;
378 proc->r.header_cb = proc_handle_header;
379 proc->r.header_end = proc_handle_header_end;
380 proc->r.close = proc_handle_close;
381 proc->wrfd.cb = proc_write_cb;
382 proc->timeout.cb = proc_timeout_cb;
383 if (conf.script_timeout > 0)
384 uloop_timeout_set(&proc->timeout, conf.script_timeout * 1000);
385
386 return true;
387
388 close_wfd:
389 close(wfd[0]);
390 close(wfd[1]);
391 close_rfd:
392 close(rfd[0]);
393 close(rfd[1]);
394
395 return false;
396 }
Tiny HTTP server