Fixed a couple of callscgi bugs.
[ashd.git] / src / callcgi.c
CommitLineData
8cc51634
FT
1/*
2 ashd - A Sane HTTP Daemon
3 Copyright (C) 2008 Fredrik Tolf <fredrik@dolda2000.com>
4
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17*/
18
19#include <stdlib.h>
20#include <string.h>
21#include <stdio.h>
22#include <unistd.h>
23#include <errno.h>
24#include <ctype.h>
25#include <signal.h>
26
27#ifdef HAVE_CONFIG_H
28#include <config.h>
29#endif
30#include <utils.h>
31#include <log.h>
32
33static char **environ;
34
35static void passdata(FILE *in, FILE *out)
36{
37 int ret;
38 char *buf;
39
40 buf = smalloc(65536);
41 while(!feof(in)) {
42 ret = fread(buf, 1, 65536, in);
43 if(ferror(in)) {
44 flog(LOG_ERR, "sendfile: could not read input: %s", strerror(errno));
45 break;
46 }
47 if(fwrite(buf, 1, ret, out) != ret) {
48 flog(LOG_ERR, "sendfile: could not write output: %s", strerror(errno));
49 break;
50 }
51 }
52 free(buf);
53}
54
bac8c1f9
FT
55static char *absolutify(char *file)
56{
57 char cwd[1024];
58
59 if(*file != '/') {
60 getcwd(cwd, sizeof(cwd));
61 return(sprintf2("%s/%s", cwd, file));
62 }
63 return(sstrdup(file));
64}
65
341b3f0b 66static void forkchild(int inpath, char *prog, char *file, char *method, char *url, char *rest, int *infd, int *outfd)
8cc51634
FT
67{
68 int i;
85059e82 69 char *qp, **env, *name;
8cc51634
FT
70 int inp[2], outp[2];
71 pid_t pid;
72
73 pipe(inp);
74 pipe(outp);
75 if((pid = fork()) < 0) {
76 flog(LOG_ERR, "callcgi: could not fork");
77 exit(1);
78 }
79 if(pid == 0) {
80 close(inp[1]);
81 close(outp[0]);
82 dup2(inp[0], 0);
83 dup2(outp[1], 1);
84 for(i = 3; i < FD_SETSIZE; i++)
85 close(i);
86 if((qp = strchr(url, '?')) != NULL)
87 *(qp++) = 0;
8cc51634
FT
88 putenv(sprintf2("SERVER_SOFTWARE=ashd/%s", VERSION));
89 putenv("GATEWAY_INTERFACE=CGI/1.1");
90 if(getenv("HTTP_VERSION"))
147c2b51 91 putenv(sprintf2("SERVER_PROTOCOL=%s", getenv("HTTP_VERSION")));
8cc51634 92 putenv(sprintf2("REQUEST_METHOD=%s", method));
33f29d67
FT
93 if(*rest)
94 putenv(sprintf2("PATH_INFO=/%s", rest));
95 else
96 putenv("PATH_INFO=");
85059e82
FT
97 name = url;
98 /* XXX: This is an ugly hack (I think), but though I can think
99 * of several alternatives, none seem to be better. */
100 if(*rest && (strlen(url) > strlen(rest)) &&
101 !strcmp(rest, url + strlen(url) - strlen(rest)) &&
102 (url[strlen(url) - strlen(rest) - 1] == '/')) {
103 name = sprintf2("%.*s", (int)(strlen(url) - strlen(rest) - 1), url);
104 }
105 putenv(sprintf2("SCRIPT_NAME=%s", name));
8cc51634
FT
106 putenv(sprintf2("QUERY_STRING=%s", qp?qp:""));
107 if(getenv("REQ_HOST"))
108 putenv(sprintf2("SERVER_NAME=%s", getenv("REQ_HOST")));
8626e489
FT
109 if(getenv("REQ_X_ASH_SERVER_PORT"))
110 putenv(sprintf2("SERVER_PORT=%s", getenv("REQ_X_ASH_SERVER_PORT")));
111 if(getenv("REQ_X_ASH_PROTOCOL") && !strcmp(getenv("REQ_X_ASH_PROTOCOL"), "https"))
f0a758cc 112 putenv("HTTPS=on");
8cc51634
FT
113 if(getenv("REQ_X_ASH_ADDRESS"))
114 putenv(sprintf2("REMOTE_ADDR=%s", getenv("REQ_X_ASH_ADDRESS")));
115 if(getenv("REQ_CONTENT_TYPE"))
116 putenv(sprintf2("CONTENT_TYPE=%s", getenv("REQ_CONTENT_TYPE")));
117 if(getenv("REQ_CONTENT_LENGTH"))
118 putenv(sprintf2("CONTENT_LENGTH=%s", getenv("REQ_CONTENT_LENGTH")));
119 for(env = environ; *env; env++) {
120 if(!strncmp(*env, "REQ_", 4))
121 putenv(sprintf2("HTTP_%s", (*env) + 4));
122 }
123 /*
124 * This is (understandably) missing from the CGI
125 * specification, but PHP seems to require it.
126 */
bac8c1f9 127 putenv(sprintf2("SCRIPT_FILENAME=%s", absolutify(file)));
341b3f0b
FT
128 if(inpath)
129 execlp(prog, prog, file, NULL);
130 else
131 execl(prog, prog, file, NULL);
8cc51634
FT
132 exit(127);
133 }
134 close(inp[0]);
135 close(outp[1]);
136 *infd = inp[1];
137 *outfd = outp[0];
138}
139
140static void trim(struct charbuf *buf)
141{
142 char *p;
143
144 for(p = buf->b; (p - buf->b < buf->d) && isspace(*p); p++);
145 memmove(buf->b, p, buf->d -= (p - buf->b));
146 for(p = buf->b + buf->d - 1; (p > buf->b) && isspace(*p); p--, buf->d--);
147}
148
149static char **parseheaders(FILE *s)
150{
151 int c, state;
152 struct charvbuf hbuf;
153 struct charbuf buf;
154
155 bufinit(hbuf);
156 bufinit(buf);
157 state = 0;
158 while(1) {
159 c = fgetc(s);
160 again:
161 if(state == 0) {
162 if(c == '\r') {
163 } else if(c == '\n') {
164 break;
165 } else if(c == EOF) {
166 goto fail;
167 } else {
168 state = 1;
169 goto again;
170 }
171 } else if(state == 1) {
172 if(c == ':') {
173 trim(&buf);
174 bufadd(buf, 0);
175 bufadd(hbuf, buf.b);
176 bufinit(buf);
177 state = 2;
178 } else if(c == '\r') {
179 } else if(c == '\n') {
180 goto fail;
181 } else if(c == EOF) {
182 goto fail;
183 } else {
184 bufadd(buf, c);
185 }
186 } else if(state == 2) {
187 if(c == '\r') {
188 } else if(c == '\n') {
189 trim(&buf);
190 bufadd(buf, 0);
191 bufadd(hbuf, buf.b);
192 bufinit(buf);
193 state = 0;
194 } else if(c == EOF) {
195 goto fail;
196 } else {
197 bufadd(buf, c);
198 }
199 }
200 }
201 bufadd(hbuf, NULL);
202 return(hbuf.b);
203
204fail:
205 buffree(hbuf);
206 buffree(buf);
207 return(NULL);
208}
209
2e535ab0
FT
210static char *defstatus(int code)
211{
212 if(code == 200)
213 return("OK");
214 else if(code == 201)
215 return("Created");
216 else if(code == 202)
217 return("Accepted");
218 else if(code == 204)
219 return("No Content");
220 else if(code == 300)
221 return("Multiple Choices");
222 else if(code == 301)
223 return("Moved Permanently");
224 else if(code == 302)
225 return("Found");
226 else if(code == 303)
227 return("See Other");
228 else if(code == 304)
229 return("Not Modified");
230 else if(code == 307)
231 return("Moved Temporarily");
232 else if(code == 400)
233 return("Bad Request");
234 else if(code == 401)
235 return("Unauthorized");
236 else if(code == 403)
237 return("Forbidden");
238 else if(code == 404)
239 return("Not Found");
240 else if(code == 500)
241 return("Internal Server Error");
242 else if(code == 501)
243 return("Not Implemented");
244 else if(code == 503)
245 return("Service Unavailable");
246 else
247 return("Unknown status");
248}
249
8cc51634
FT
250static void sendstatus(char **headers, FILE *out)
251{
252 char **hp;
253 char *status, *location;
254
255 hp = headers;
256 status = location = NULL;
257 while(*hp) {
258 if(!strcasecmp(hp[0], "status")) {
259 status = hp[1];
260 /* Clear this header, so that it is not transmitted by sendheaders. */
261 **hp = 0;
262 } else if(!strcasecmp(hp[0], "location")) {
263 location = hp[1];
f9255ddd 264 hp += 2;
8cc51634
FT
265 } else {
266 hp += 2;
267 }
268 }
269 if(status) {
2e535ab0 270 if(strchr(status, ' '))
81cfca6c 271 fprintf(out, "HTTP/1.1 %s\n", status);
2e535ab0 272 else
81cfca6c 273 fprintf(out, "HTTP/1.1 %i %s\n", atoi(status), defstatus(atoi(status)));
8cc51634 274 } else if(location) {
81cfca6c 275 fprintf(out, "HTTP/1.1 303 See Other\n");
8cc51634 276 } else {
81cfca6c 277 fprintf(out, "HTTP/1.1 200 OK\n");
8cc51634
FT
278 }
279}
280
281static void sendheaders(char **headers, FILE *out)
282{
283 while(*headers) {
284 if(**headers)
81cfca6c 285 fprintf(out, "%s: %s\n", headers[0], headers[1]);
8cc51634
FT
286 headers += 2;
287 }
288}
289
341b3f0b
FT
290static void usage(void)
291{
5e74f3f1 292 flog(LOG_ERR, "usage: callcgi [-c] [-p PROGRAM] METHOD URL REST");
341b3f0b
FT
293}
294
8cc51634
FT
295int main(int argc, char **argv, char **envp)
296{
341b3f0b 297 int c;
5e74f3f1
FT
298 char *file, *prog, *sp;
299 int inpath, cd;
341b3f0b
FT
300 int infd, outfd;
301 FILE *in, *out;
8cc51634
FT
302 char **headers;
303
304 environ = envp;
305 signal(SIGPIPE, SIG_IGN);
341b3f0b
FT
306
307 prog = NULL;
308 inpath = 0;
5e74f3f1
FT
309 cd = 0;
310 while((c = getopt(argc, argv, "cp:")) >= 0) {
341b3f0b 311 switch(c) {
5e74f3f1
FT
312 case 'c':
313 cd = 1;
314 break;
341b3f0b
FT
315 case 'p':
316 prog = optarg;
317 inpath = 1;
318 break;
319 default:
320 usage();
321 exit(1);
322 }
323 }
324
325 if(argc - optind < 3) {
326 usage();
8cc51634
FT
327 exit(1);
328 }
329 if((file = getenv("REQ_X_ASH_FILE")) == NULL) {
330 flog(LOG_ERR, "callcgi: needs to be called with the X-Ash-File header");
331 exit(1);
332 }
5e74f3f1
FT
333
334 if(cd) {
335 /* This behavior is encouraged by the CGI specification (RFC 3875, 7.2),
336 * but not strictly required, and I get the feeling it might break some
337 * relative paths here or there, so it's not the default for now. */
338 if((sp = strrchr(file, '/')) != NULL) {
339 *sp = 0;
340 if(chdir(file)) {
341 *sp = '/';
342 } else {
343 file = sp + 1;
344 }
345 }
346 }
347
341b3f0b
FT
348 if(prog == NULL)
349 prog = file;
350 forkchild(inpath, prog, file, argv[optind], argv[optind + 1], argv[optind + 2], &infd, &outfd);
351 in = fdopen(infd, "w");
352 passdata(stdin, in);
353 fclose(in);
354 out = fdopen(outfd, "r");
355 if((headers = parseheaders(out)) == NULL) {
8cc51634
FT
356 flog(LOG_WARNING, "CGI handler returned invalid headers");
357 exit(1);
358 }
359 sendstatus(headers, stdout);
360 sendheaders(headers, stdout);
81cfca6c 361 printf("\n");
341b3f0b 362 passdata(out, stdout);
8cc51634
FT
363 return(0);
364}