2 ashd - A Sane HTTP Daemon
3 Copyright (C) 2008 Fredrik Tolf <fredrik@dolda2000.com>
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
36 static char **environ;
38 static int passdata(FILE *in, FILE *out)
42 struct pollfd pfds[2];
45 memset(pfds, 0, sizeof(struct pollfd) * 2);
46 pfds[0].fd = fileno(in);
47 pfds[0].events = POLLIN;
48 pfds[1].fd = fileno(out);
49 pfds[1].events = POLLHUP;
50 ret = poll(pfds, 2, -1);
53 flog(LOG_ERR, "callcgi: error in poll: %s", strerror(errno));
58 if(pfds[0].revents & (POLLIN | POLLERR | POLLHUP)) {
59 ret = fread(buf, 1, 65536, in);
61 flog(LOG_ERR, "callcgi: could not read input: %s", strerror(errno));
64 if(fwrite(buf, 1, ret, out) != ret) {
66 flog(LOG_ERR, "callcgi: could not write output: %s", strerror(errno));
70 if(pfds[1].revents & POLLHUP)
77 static char *absolutify(char *file)
82 getcwd(cwd, sizeof(cwd));
83 return(sprintf2("%s/%s", cwd, file));
85 return(sstrdup(file));
88 static pid_t forkchild(int inpath, char **prog, char *file, char *method, char *url, char *rest, int *infd, int *outfd)
90 char *qp, **env, *name;
94 int (*execfun)(const char *, char *const []);
98 if((pid = fork()) < 0) {
99 flog(LOG_ERR, "callcgi: could not fork");
109 if((qp = strchr(url, '?')) != NULL)
111 putenv(sprintf2("SERVER_SOFTWARE=ashd/%s", VERSION));
112 putenv("GATEWAY_INTERFACE=CGI/1.1");
113 if(getenv("HTTP_VERSION"))
114 putenv(sprintf2("SERVER_PROTOCOL=%s", getenv("HTTP_VERSION")));
115 putenv(sprintf2("REQUEST_METHOD=%s", method));
117 /* XXX: This is an ugly hack (I think), but though I can think
118 * of several alternatives, none seem to be better. */
119 if(*rest && (strlen(url) >= strlen(rest)) &&
120 !strcmp(rest, url + strlen(url) - strlen(rest))) {
121 name = sprintf2("%.*s", (int)(strlen(url) - strlen(rest)), url);
123 if((pi = unquoteurl(rest)) == NULL)
125 if(!strcmp(name, "/")) {
127 * Normal CGI behavior appears to be to always let
128 * PATH_INFO begin with a slash and never let SCRIPT_NAME
129 * end with one. That conflicts, however, with some
130 * behaviors, such as "mounting" CGI applications on a
131 * directory element of the URI space -- a handler
132 * responding to "/foo/" would not be able to tell that it
133 * is not called "/foo", which makes a large difference,
134 * not least in relation to URI reconstruction and
135 * redirections. A common practical case is CGI-handled
136 * index files in directories. Therefore, this only
137 * handles the nonconditional case of the root directory
138 * and leaves other decisions to the previous handler
139 * handing over the request to callcgi. It is unclear if
140 * there is a better way to handle the problem.
143 pi = sprintf2("/%s", pi);
145 putenv(sprintf2("PATH_INFO=%s", pi));
146 putenv(sprintf2("SCRIPT_NAME=%s", name));
147 putenv(sprintf2("QUERY_STRING=%s", qp?qp:""));
148 if(getenv("REQ_HOST"))
149 putenv(sprintf2("SERVER_NAME=%s", getenv("REQ_HOST")));
150 if(getenv("REQ_X_ASH_SERVER_ADDRESS"))
151 putenv(sprintf2("SERVER_ADDR=%s", getenv("REQ_X_ASH_SERVER_ADDRESS")));
152 if(getenv("REQ_X_ASH_SERVER_PORT"))
153 putenv(sprintf2("SERVER_PORT=%s", getenv("REQ_X_ASH_SERVER_PORT")));
154 if(getenv("REQ_X_ASH_PROTOCOL") && !strcmp(getenv("REQ_X_ASH_PROTOCOL"), "https"))
156 if(getenv("REQ_X_ASH_ADDRESS"))
157 putenv(sprintf2("REMOTE_ADDR=%s", getenv("REQ_X_ASH_ADDRESS")));
158 if(getenv("REQ_X_ASH_PORT"))
159 putenv(sprintf2("REMOTE_PORT=%s", getenv("REQ_X_ASH_PORT")));
160 if(getenv("REQ_X_ASH_REMOTE_USER"))
161 putenv(sprintf2("REMOTE_USER=%s", getenv("REQ_X_ASH_REMOTE_USER")));
162 if(getenv("REQ_CONTENT_TYPE"))
163 putenv(sprintf2("CONTENT_TYPE=%s", getenv("REQ_CONTENT_TYPE")));
164 if(getenv("REQ_CONTENT_LENGTH"))
165 putenv(sprintf2("CONTENT_LENGTH=%s", getenv("REQ_CONTENT_LENGTH")));
166 for(env = environ; *env; env++) {
167 if(!strncmp(*env, "REQ_", 4))
168 putenv(sprintf2("HTTP_%s", (*env) + 4));
171 * This is (understandably) missing from the CGI
172 * specification, but PHP seems to require it.
174 execfun = inpath?execvp:execv;
176 putenv(sprintf2("SCRIPT_FILENAME=%s", absolutify(file)));
177 execfun(prog[0], prog);
187 static void trim(struct charbuf *buf)
191 for(p = buf->b; (p - buf->b < buf->d) && isspace(*p); p++);
192 memmove(buf->b, p, buf->d -= (p - buf->b));
193 for(p = buf->b + buf->d - 1; (p > buf->b) && isspace(*p); p--, buf->d--);
196 static char **parsecgiheaders(FILE *s)
199 struct charvbuf hbuf;
210 } else if(c == '\n') {
212 } else if(c == EOF) {
218 } else if(state == 1) {
225 } else if(c == '\r') {
226 } else if(c == '\n') {
228 } else if(c == EOF) {
233 } else if(state == 2) {
235 } else if(c == '\n') {
241 } else if(c == EOF) {
257 static char *defstatus(int code)
266 return("No Content");
268 return("Multiple Choices");
270 return("Moved Permanently");
276 return("Not Modified");
278 return("Moved Temporarily");
280 return("Bad Request");
282 return("Unauthorized");
288 return("Internal Server Error");
290 return("Not Implemented");
292 return("Service Unavailable");
294 return("Unknown status");
297 static void sendstatus(char **headers, FILE *out)
300 char *status, *location;
303 status = location = NULL;
305 if(!strcasecmp(hp[0], "status")) {
307 /* Clear this header, so that it is not transmitted by sendheaders. */
309 } else if(!strcasecmp(hp[0], "location")) {
317 if(strchr(status, ' '))
318 fprintf(out, "HTTP/1.1 %s\n", status);
320 fprintf(out, "HTTP/1.1 %i %s\n", atoi(status), defstatus(atoi(status)));
321 } else if(location) {
322 fprintf(out, "HTTP/1.1 303 See Other\n");
324 fprintf(out, "HTTP/1.1 200 OK\n");
328 static void sendheaders(char **headers, FILE *out)
332 fprintf(out, "%s: %s\n", headers[0], headers[1]);
337 static void usage(void)
339 flog(LOG_ERR, "usage: callcgi [-c] [-p PROGRAM] [-P PROGRAM ARGS... ;] METHOD URL REST");
342 int main(int argc, char **argv, char **envp)
346 struct charvbuf prog;
347 int inpath, addfile, cd;
355 signal(SIGPIPE, SIG_IGN);
361 while((c = getopt(argc, argv, "cp:P:")) >= 0) {
367 bufadd(prog, optarg);
372 bufadd(prog, optarg);
375 flog(LOG_ERR, "callcgi: unterminated argument list for -P");
378 if(!strcmp(argv[optind], ";")) {
382 bufadd(prog, argv[optind++]);
385 flog(LOG_ERR, "callcgi: -P option needs at least a program name");
397 if(argc - optind < 3) {
401 if(((file = getenv("REQ_X_ASH_FILE")) == NULL) && (prog.d == 0)) {
402 flog(LOG_ERR, "callcgi: needs to be called with the X-Ash-File header");
407 /* This behavior is encouraged by the CGI specification (RFC 3875, 7.2),
408 * but not strictly required, and I get the feeling it might break some
409 * relative paths here or there, so it's not the default for now. */
410 if((sp = strrchr(file, '/')) != NULL) {
422 if(addfile && (file != NULL))
425 child = forkchild(inpath, prog.b, file, argv[optind], argv[optind + 1], argv[optind + 2], &infd, &outfd);
426 in = fdopen(infd, "w");
427 passdata(stdin, in); /* Ignore errors, perhaps? */
429 out = fdopen(outfd, "r");
430 if((headers = parsecgiheaders(out)) == NULL) {
431 flog(LOG_WARNING, "CGI handler returned invalid headers");
434 sendstatus(headers, stdout);
435 sendheaders(headers, stdout);
437 if(passdata(out, stdout))
439 if(waitpid(child, &estat, 0) == child) {
441 flog(LOG_WARNING, "CGI handler `%s' dumped core", prog.b[0]);
442 if(WIFEXITED(estat) && !WEXITSTATUS(estat))
447 flog(LOG_WARNING, "could not wait for CGI handler: %s", strerror(errno));