doc: Made an actual INSTALL file.
[ashd.git] / src / callcgi.c
... / ...
CommitLineData
1/*
2 ashd - A Sane HTTP Daemon
3 Copyright (C) 2008 Fredrik Tolf <fredrik@dolda2000.com>
4
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17*/
18
19#include <stdlib.h>
20#include <string.h>
21#include <stdio.h>
22#include <unistd.h>
23#include <errno.h>
24#include <ctype.h>
25#include <signal.h>
26#include <sys/poll.h>
27
28#ifdef HAVE_CONFIG_H
29#include <config.h>
30#endif
31#include <utils.h>
32#include <log.h>
33#include <req.h>
34
35static char **environ;
36
37static int passdata(FILE *in, FILE *out)
38{
39 int ret;
40 char buf[65536];
41 struct pollfd pfds[2];
42
43 while(!feof(in)) {
44 memset(pfds, 0, sizeof(struct pollfd) * 2);
45 pfds[0].fd = fileno(in);
46 pfds[0].events = POLLIN;
47 pfds[1].fd = fileno(out);
48 pfds[1].events = POLLHUP;
49 ret = poll(pfds, 2, -1);
50 if(ret < 0) {
51 if(errno != EINTR) {
52 flog(LOG_ERR, "callcgi: error in poll: %s", strerror(errno));
53 return(1);
54 }
55 }
56 if(ret > 0) {
57 if(pfds[0].revents & (POLLIN | POLLERR | POLLHUP)) {
58 ret = fread(buf, 1, 65536, in);
59 if(ferror(in)) {
60 flog(LOG_ERR, "callcgi: could not read input: %s", strerror(errno));
61 return(1);
62 }
63 if(fwrite(buf, 1, ret, out) != ret) {
64 flog(LOG_ERR, "callcgi: could not write output: %s", strerror(errno));
65 return(1);
66 }
67 }
68 if(pfds[1].revents & POLLHUP)
69 return(1);
70 }
71 }
72 return(0);
73}
74
75static char *absolutify(char *file)
76{
77 char cwd[1024];
78
79 if(*file != '/') {
80 getcwd(cwd, sizeof(cwd));
81 return(sprintf2("%s/%s", cwd, file));
82 }
83 return(sstrdup(file));
84}
85
86static pid_t forkchild(int inpath, char *prog, char *file, char *method, char *url, char *rest, int *infd, int *outfd)
87{
88 int i;
89 char *qp, **env, *name;
90 int inp[2], outp[2];
91 pid_t pid;
92 char *pi;
93
94 pipe(inp);
95 pipe(outp);
96 if((pid = fork()) < 0) {
97 flog(LOG_ERR, "callcgi: could not fork");
98 exit(1);
99 }
100 if(pid == 0) {
101 close(inp[1]);
102 close(outp[0]);
103 dup2(inp[0], 0);
104 dup2(outp[1], 1);
105 for(i = 3; i < FD_SETSIZE; i++)
106 close(i);
107 if((qp = strchr(url, '?')) != NULL)
108 *(qp++) = 0;
109 putenv(sprintf2("SERVER_SOFTWARE=ashd/%s", VERSION));
110 putenv("GATEWAY_INTERFACE=CGI/1.1");
111 if(getenv("HTTP_VERSION"))
112 putenv(sprintf2("SERVER_PROTOCOL=%s", getenv("HTTP_VERSION")));
113 putenv(sprintf2("REQUEST_METHOD=%s", method));
114 name = url;
115 /* XXX: This is an ugly hack (I think), but though I can think
116 * of several alternatives, none seem to be better. */
117 if(*rest && (strlen(url) >= strlen(rest)) &&
118 !strcmp(rest, url + strlen(url) - strlen(rest))) {
119 name = sprintf2("%.*s", (int)(strlen(url) - strlen(rest)), url);
120 }
121 if((pi = unquoteurl(rest)) == NULL)
122 pi = rest;
123 if(!strcmp(name, "/")) {
124 /*
125 * Normal CGI behavior appears to be to always let
126 * PATH_INFO begin with a slash and never let SCRIPT_NAME
127 * end with one. That conflicts, however, with some
128 * behaviors, such as "mounting" CGI applications on a
129 * directory element of the URI space -- a handler
130 * responding to "/foo/" would not be able to tell that it
131 * is not called "/foo", which makes a large difference,
132 * not least in relation to URI reconstruction and
133 * redirections. A common practical case is CGI-handled
134 * index files in directories. Therefore, this only
135 * handles the nonconditional case of the root directory
136 * and leaves other decisions to the previous handler
137 * handing over the request to callcgi. It is unclear if
138 * there is a better way to handle the problem.
139 */
140 name[0] = 0;
141 pi = sprintf2("/%s", pi);
142 }
143 putenv(sprintf2("PATH_INFO=%s", pi));
144 putenv(sprintf2("SCRIPT_NAME=%s", name));
145 putenv(sprintf2("QUERY_STRING=%s", qp?qp:""));
146 if(getenv("REQ_HOST"))
147 putenv(sprintf2("SERVER_NAME=%s", getenv("REQ_HOST")));
148 if(getenv("REQ_X_ASH_SERVER_PORT"))
149 putenv(sprintf2("SERVER_PORT=%s", getenv("REQ_X_ASH_SERVER_PORT")));
150 if(getenv("REQ_X_ASH_PROTOCOL") && !strcmp(getenv("REQ_X_ASH_PROTOCOL"), "https"))
151 putenv("HTTPS=on");
152 if(getenv("REQ_X_ASH_ADDRESS"))
153 putenv(sprintf2("REMOTE_ADDR=%s", getenv("REQ_X_ASH_ADDRESS")));
154 if(getenv("REQ_X_ASH_REMOTE_USER"))
155 putenv(sprintf2("REMOTE_USER=%s", getenv("REQ_X_ASH_REMOTE_USER")));
156 if(getenv("REQ_CONTENT_TYPE"))
157 putenv(sprintf2("CONTENT_TYPE=%s", getenv("REQ_CONTENT_TYPE")));
158 if(getenv("REQ_CONTENT_LENGTH"))
159 putenv(sprintf2("CONTENT_LENGTH=%s", getenv("REQ_CONTENT_LENGTH")));
160 for(env = environ; *env; env++) {
161 if(!strncmp(*env, "REQ_", 4))
162 putenv(sprintf2("HTTP_%s", (*env) + 4));
163 }
164 /*
165 * This is (understandably) missing from the CGI
166 * specification, but PHP seems to require it.
167 */
168 putenv(sprintf2("SCRIPT_FILENAME=%s", absolutify(file)));
169 if(inpath)
170 execlp(prog, prog, file, NULL);
171 else
172 execl(prog, prog, file, NULL);
173 exit(127);
174 }
175 close(inp[0]);
176 close(outp[1]);
177 *infd = inp[1];
178 *outfd = outp[0];
179 return(pid);
180}
181
182static void trim(struct charbuf *buf)
183{
184 char *p;
185
186 for(p = buf->b; (p - buf->b < buf->d) && isspace(*p); p++);
187 memmove(buf->b, p, buf->d -= (p - buf->b));
188 for(p = buf->b + buf->d - 1; (p > buf->b) && isspace(*p); p--, buf->d--);
189}
190
191static char **parsecgiheaders(FILE *s)
192{
193 int c, state;
194 struct charvbuf hbuf;
195 struct charbuf buf;
196
197 bufinit(hbuf);
198 bufinit(buf);
199 state = 0;
200 while(1) {
201 c = fgetc(s);
202 again:
203 if(state == 0) {
204 if(c == '\r') {
205 } else if(c == '\n') {
206 break;
207 } else if(c == EOF) {
208 goto fail;
209 } else {
210 state = 1;
211 goto again;
212 }
213 } else if(state == 1) {
214 if(c == ':') {
215 trim(&buf);
216 bufadd(buf, 0);
217 bufadd(hbuf, buf.b);
218 bufinit(buf);
219 state = 2;
220 } else if(c == '\r') {
221 } else if(c == '\n') {
222 goto fail;
223 } else if(c == EOF) {
224 goto fail;
225 } else {
226 bufadd(buf, c);
227 }
228 } else if(state == 2) {
229 if(c == '\r') {
230 } else if(c == '\n') {
231 trim(&buf);
232 bufadd(buf, 0);
233 bufadd(hbuf, buf.b);
234 bufinit(buf);
235 state = 0;
236 } else if(c == EOF) {
237 goto fail;
238 } else {
239 bufadd(buf, c);
240 }
241 }
242 }
243 bufadd(hbuf, NULL);
244 return(hbuf.b);
245
246fail:
247 buffree(hbuf);
248 buffree(buf);
249 return(NULL);
250}
251
252static char *defstatus(int code)
253{
254 if(code == 200)
255 return("OK");
256 else if(code == 201)
257 return("Created");
258 else if(code == 202)
259 return("Accepted");
260 else if(code == 204)
261 return("No Content");
262 else if(code == 300)
263 return("Multiple Choices");
264 else if(code == 301)
265 return("Moved Permanently");
266 else if(code == 302)
267 return("Found");
268 else if(code == 303)
269 return("See Other");
270 else if(code == 304)
271 return("Not Modified");
272 else if(code == 307)
273 return("Moved Temporarily");
274 else if(code == 400)
275 return("Bad Request");
276 else if(code == 401)
277 return("Unauthorized");
278 else if(code == 403)
279 return("Forbidden");
280 else if(code == 404)
281 return("Not Found");
282 else if(code == 500)
283 return("Internal Server Error");
284 else if(code == 501)
285 return("Not Implemented");
286 else if(code == 503)
287 return("Service Unavailable");
288 else
289 return("Unknown status");
290}
291
292static void sendstatus(char **headers, FILE *out)
293{
294 char **hp;
295 char *status, *location;
296
297 hp = headers;
298 status = location = NULL;
299 while(*hp) {
300 if(!strcasecmp(hp[0], "status")) {
301 status = hp[1];
302 /* Clear this header, so that it is not transmitted by sendheaders. */
303 **hp = 0;
304 } else if(!strcasecmp(hp[0], "location")) {
305 location = hp[1];
306 hp += 2;
307 } else {
308 hp += 2;
309 }
310 }
311 if(status) {
312 if(strchr(status, ' '))
313 fprintf(out, "HTTP/1.1 %s\n", status);
314 else
315 fprintf(out, "HTTP/1.1 %i %s\n", atoi(status), defstatus(atoi(status)));
316 } else if(location) {
317 fprintf(out, "HTTP/1.1 303 See Other\n");
318 } else {
319 fprintf(out, "HTTP/1.1 200 OK\n");
320 }
321}
322
323static void sendheaders(char **headers, FILE *out)
324{
325 while(*headers) {
326 if(**headers)
327 fprintf(out, "%s: %s\n", headers[0], headers[1]);
328 headers += 2;
329 }
330}
331
332static void usage(void)
333{
334 flog(LOG_ERR, "usage: callcgi [-c] [-p PROGRAM] METHOD URL REST");
335}
336
337int main(int argc, char **argv, char **envp)
338{
339 int c;
340 char *file, *prog, *sp;
341 int inpath, cd;
342 int infd, outfd;
343 FILE *in, *out;
344 char **headers;
345 pid_t child;
346
347 environ = envp;
348 signal(SIGPIPE, SIG_IGN);
349
350 prog = NULL;
351 inpath = 0;
352 cd = 0;
353 while((c = getopt(argc, argv, "cp:")) >= 0) {
354 switch(c) {
355 case 'c':
356 cd = 1;
357 break;
358 case 'p':
359 prog = optarg;
360 inpath = 1;
361 break;
362 default:
363 usage();
364 exit(1);
365 }
366 }
367
368 if(argc - optind < 3) {
369 usage();
370 exit(1);
371 }
372 if((file = getenv("REQ_X_ASH_FILE")) == NULL) {
373 flog(LOG_ERR, "callcgi: needs to be called with the X-Ash-File header");
374 exit(1);
375 }
376
377 if(cd) {
378 /* This behavior is encouraged by the CGI specification (RFC 3875, 7.2),
379 * but not strictly required, and I get the feeling it might break some
380 * relative paths here or there, so it's not the default for now. */
381 if((sp = strrchr(file, '/')) != NULL) {
382 *sp = 0;
383 if(chdir(file)) {
384 *sp = '/';
385 } else {
386 file = sp + 1;
387 }
388 }
389 }
390
391 if(prog == NULL)
392 prog = file;
393 child = forkchild(inpath, prog, file, argv[optind], argv[optind + 1], argv[optind + 2], &infd, &outfd);
394 in = fdopen(infd, "w");
395 passdata(stdin, in); /* Ignore errors, perhaps? */
396 fclose(in);
397 out = fdopen(outfd, "r");
398 if((headers = parsecgiheaders(out)) == NULL) {
399 flog(LOG_WARNING, "CGI handler returned invalid headers");
400 exit(1);
401 }
402 sendstatus(headers, stdout);
403 sendheaders(headers, stdout);
404 printf("\n");
405 if(passdata(out, stdout))
406 kill(child, SIGINT);
407 return(0);
408}