[ashd.git] / src / callcgi.c

/*
    ashd - A Sane HTTP Daemon
    Copyright (C) 2008  Fredrik Tolf <fredrik@dolda2000.com>

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#include <unistd.h>
#include <errno.h>
#include <ctype.h>
#include <signal.h>
#include <sys/poll.h>
#include <sys/wait.h>

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <utils.h>
#include <log.h>
#include <req.h>

static char **environ;

static int passdata(FILE *in, FILE *out)
{
    int ret;
    char buf[65536];
    struct pollfd pfds[2];
    
    while(!feof(in)) {
	memset(pfds, 0, sizeof(struct pollfd) * 2);
	pfds[0].fd = fileno(in);
	pfds[0].events = POLLIN;
	pfds[1].fd = fileno(out);
	pfds[1].events = POLLHUP;
	ret = poll(pfds, 2, -1);
	if(ret < 0) {
	    if(errno != EINTR) {
		flog(LOG_ERR, "callcgi: error in poll: %s", strerror(errno));
		return(1);
	    }
	}
	if(ret > 0) {
	    if(pfds[0].revents & (POLLIN | POLLERR | POLLHUP)) {
		ret = fread(buf, 1, 65536, in);
		if(ferror(in)) {
		    flog(LOG_ERR, "callcgi: could not read input: %s", strerror(errno));
		    return(1);
		}
		if(fwrite(buf, 1, ret, out) != ret) {
		    flog(LOG_ERR, "callcgi: could not write output: %s", strerror(errno));
		    return(1);
		}
	    }
	    if(pfds[1].revents & POLLHUP)
		return(1);
	}
    }
    return(0);
}

static char *absolutify(char *file)
{
    char cwd[1024];
    
    if(*file != '/') {
	getcwd(cwd, sizeof(cwd));
	return(sprintf2("%s/%s", cwd, file));
    }
    return(sstrdup(file));
}

static pid_t forkchild(int inpath, char *prog, char *file, char *method, char *url, char *rest, int *infd, int *outfd)
{
    int i;
    char *qp, **env, *name;
    int inp[2], outp[2];
    pid_t pid;
    char *pi;

    pipe(inp);
    pipe(outp);
    if((pid = fork()) < 0) {
	flog(LOG_ERR, "callcgi: could not fork");
	exit(1);
    }
    if(pid == 0) {
	close(inp[1]);
	close(outp[0]);
	dup2(inp[0], 0);
	dup2(outp[1], 1);
	for(i = 3; i < FD_SETSIZE; i++)
	    close(i);
	if((qp = strchr(url, '?')) != NULL)
	    *(qp++) = 0;
	putenv(sprintf2("SERVER_SOFTWARE=ashd/%s", VERSION));
	putenv("GATEWAY_INTERFACE=CGI/1.1");
	if(getenv("HTTP_VERSION"))
	    putenv(sprintf2("SERVER_PROTOCOL=%s", getenv("HTTP_VERSION")));
	putenv(sprintf2("REQUEST_METHOD=%s", method));
	name = url;
	/* XXX: This is an ugly hack (I think), but though I can think
	 * of several alternatives, none seem to be better. */
	if(*rest && (strlen(url) >= strlen(rest)) &&
	   !strcmp(rest, url + strlen(url) - strlen(rest))) {
	    name = sprintf2("%.*s", (int)(strlen(url) - strlen(rest)), url);
	}
	if((pi = unquoteurl(rest)) == NULL)
	    pi = rest;
	if(!strcmp(name, "/")) {
	    /*
	     * Normal CGI behavior appears to be to always let
	     * PATH_INFO begin with a slash and never let SCRIPT_NAME
	     * end with one. That conflicts, however, with some
	     * behaviors, such as "mounting" CGI applications on a
	     * directory element of the URI space -- a handler
	     * responding to "/foo/" would not be able to tell that it
	     * is not called "/foo", which makes a large difference,
	     * not least in relation to URI reconstruction and
	     * redirections. A common practical case is CGI-handled
	     * index files in directories. Therefore, this only
	     * handles the nonconditional case of the root directory
	     * and leaves other decisions to the previous handler
	     * handing over the request to callcgi. It is unclear if
	     * there is a better way to handle the problem.
	     */
	    name[0] = 0;
	    pi = sprintf2("/%s", pi);
	}
	putenv(sprintf2("PATH_INFO=%s", pi));
	putenv(sprintf2("SCRIPT_NAME=%s", name));
	putenv(sprintf2("QUERY_STRING=%s", qp?qp:""));
	if(getenv("REQ_HOST"))
	    putenv(sprintf2("SERVER_NAME=%s", getenv("REQ_HOST")));
	if(getenv("REQ_X_ASH_SERVER_PORT"))
	    putenv(sprintf2("SERVER_PORT=%s", getenv("REQ_X_ASH_SERVER_PORT")));
	if(getenv("REQ_X_ASH_PROTOCOL") && !strcmp(getenv("REQ_X_ASH_PROTOCOL"), "https"))
	    putenv("HTTPS=on");
	if(getenv("REQ_X_ASH_ADDRESS"))
	    putenv(sprintf2("REMOTE_ADDR=%s", getenv("REQ_X_ASH_ADDRESS")));
	if(getenv("REQ_X_ASH_REMOTE_USER"))
	    putenv(sprintf2("REMOTE_USER=%s", getenv("REQ_X_ASH_REMOTE_USER")));
	if(getenv("REQ_CONTENT_TYPE"))
	    putenv(sprintf2("CONTENT_TYPE=%s", getenv("REQ_CONTENT_TYPE")));
	if(getenv("REQ_CONTENT_LENGTH"))
	    putenv(sprintf2("CONTENT_LENGTH=%s", getenv("REQ_CONTENT_LENGTH")));
	for(env = environ; *env; env++) {
	    if(!strncmp(*env, "REQ_", 4))
		putenv(sprintf2("HTTP_%s", (*env) + 4));
	}
	/*
	 * This is (understandably) missing from the CGI
	 * specification, but PHP seems to require it.
	 */
	putenv(sprintf2("SCRIPT_FILENAME=%s", absolutify(file)));
	if(inpath)
	    execlp(prog, prog, file, NULL);
	else
	    execl(prog, prog, file, NULL);
	exit(127);
    }
    close(inp[0]);
    close(outp[1]);
    *infd = inp[1];
    *outfd = outp[0];
    return(pid);
}

static void trim(struct charbuf *buf)
{
    char *p;
    
    for(p = buf->b; (p - buf->b < buf->d) && isspace(*p); p++);
    memmove(buf->b, p, buf->d -= (p - buf->b));
    for(p = buf->b + buf->d - 1; (p > buf->b) && isspace(*p); p--, buf->d--);
}

static char **parsecgiheaders(FILE *s)
{
    int c, state;
    struct charvbuf hbuf;
    struct charbuf buf;
    
    bufinit(hbuf);
    bufinit(buf);
    state = 0;
    while(1) {
	c = fgetc(s);
    again:
	if(state == 0) {
	    if(c == '\r') {
	    } else if(c == '\n') {
		break;
	    } else if(c == EOF) {
		goto fail;
	    } else {
		state = 1;
		goto again;
	    }
	} else if(state == 1) {
	    if(c == ':') {
		trim(&buf);
		bufadd(buf, 0);
		bufadd(hbuf, buf.b);
		bufinit(buf);
		state = 2;
	    } else if(c == '\r') {
	    } else if(c == '\n') {
		goto fail;
	    } else if(c == EOF) {
		goto fail;
	    } else {
		bufadd(buf, c);
	    }
	} else if(state == 2) {
	    if(c == '\r') {
	    } else if(c == '\n') {
		trim(&buf);
		bufadd(buf, 0);
		bufadd(hbuf, buf.b);
		bufinit(buf);
		state = 0;
	    } else if(c == EOF) {
		goto fail;
	    } else {
		bufadd(buf, c);
	    }
	}
    }
    bufadd(hbuf, NULL);
    return(hbuf.b);
    
fail:
    buffree(hbuf);
    buffree(buf);
    return(NULL);
}

static char *defstatus(int code)
{
    if(code == 200)
	return("OK");
    else if(code == 201)
	return("Created");
    else if(code == 202)
	return("Accepted");
    else if(code == 204)
	return("No Content");
    else if(code == 300)
	return("Multiple Choices");
    else if(code == 301)
	return("Moved Permanently");
    else if(code == 302)
	return("Found");
    else if(code == 303)
	return("See Other");
    else if(code == 304)
	return("Not Modified");
    else if(code == 307)
	return("Moved Temporarily");
    else if(code == 400)
	return("Bad Request");
    else if(code == 401)
	return("Unauthorized");
    else if(code == 403)
	return("Forbidden");
    else if(code == 404)
	return("Not Found");
    else if(code == 500)
	return("Internal Server Error");
    else if(code == 501)
	return("Not Implemented");
    else if(code == 503)
	return("Service Unavailable");
    else
	return("Unknown status");
}

static void sendstatus(char **headers, FILE *out)
{
    char **hp;
    char *status, *location;
    
    hp = headers;
    status = location = NULL;
    while(*hp) {
	if(!strcasecmp(hp[0], "status")) {
	    status = hp[1];
	    /* Clear this header, so that it is not transmitted by sendheaders. */
	    **hp = 0;
	} else if(!strcasecmp(hp[0], "location")) {
	    location = hp[1];
	    hp += 2;
	} else {
	    hp += 2;
	}
    }
    if(status) {
	if(strchr(status, ' '))
	    fprintf(out, "HTTP/1.1 %s\n", status);
	else
	    fprintf(out, "HTTP/1.1 %i %s\n", atoi(status), defstatus(atoi(status)));
    } else if(location) {
	fprintf(out, "HTTP/1.1 303 See Other\n");
    } else {
	fprintf(out, "HTTP/1.1 200 OK\n");
    }
}

static void sendheaders(char **headers, FILE *out)
{
    while(*headers) {
	if(**headers)
	    fprintf(out, "%s: %s\n", headers[0], headers[1]);
	headers += 2;
    }
}

static void usage(void)
{
    flog(LOG_ERR, "usage: callcgi [-c] [-p PROGRAM] METHOD URL REST");
}

int main(int argc, char **argv, char **envp)
{
    int c;
    char *file, *prog, *sp;
    int inpath, cd;
    int infd, outfd;
    FILE *in, *out;
    char **headers;
    pid_t child;
    int estat;
    
    environ = envp;
    signal(SIGPIPE, SIG_IGN);
    
    prog = NULL;
    inpath = 0;
    cd = 0;
    while((c = getopt(argc, argv, "cp:")) >= 0) {
	switch(c) {
	case 'c':
	    cd = 1;
	    break;
	case 'p':
	    prog = optarg;
	    inpath = 1;
	    break;
	default:
	    usage();
	    exit(1);
	}
    }
    
    if(argc - optind < 3) {
	usage();
	exit(1);
    }
    if((file = getenv("REQ_X_ASH_FILE")) == NULL) {
	flog(LOG_ERR, "callcgi: needs to be called with the X-Ash-File header");
	exit(1);
    }
    
    if(cd) {
	/* This behavior is encouraged by the CGI specification (RFC 3875, 7.2),
	 * but not strictly required, and I get the feeling it might break some
	 * relative paths here or there, so it's not the default for now. */
	if((sp = strrchr(file, '/')) != NULL) {
	    *sp = 0;
	    if(chdir(file)) {
		*sp = '/';
	    } else {
		file = sp + 1;
	    }
	}
    }
    
    if(prog == NULL)
	prog = file;
    child = forkchild(inpath, prog, file, argv[optind], argv[optind + 1], argv[optind + 2], &infd, &outfd);
    in = fdopen(infd, "w");
    passdata(stdin, in);	/* Ignore errors, perhaps? */
    fclose(in);
    out = fdopen(outfd, "r");
    if((headers = parsecgiheaders(out)) == NULL) {
	flog(LOG_WARNING, "CGI handler returned invalid headers");
	exit(1);
    }
    sendstatus(headers, stdout);
    sendheaders(headers, stdout);
    printf("\n");
    if(passdata(out, stdout))
	kill(child, SIGINT);
    if(waitpid(child, &estat, 0) == child) {
	if(WCOREDUMP(estat))
	    flog(LOG_WARNING, "CGI handler `%s' dumped core", prog);
	if(WIFEXITED(estat) && !WEXITSTATUS(estat))
	    return(0);
	else
	    return(1);
    }
    flog(LOG_WARNING, "could not wait for CGI handler: %s", strerror(errno));
    return(1);
}
Commit	Line	Data
8cc51634 FT	1	/*
	2	ashd - A Sane HTTP Daemon
	3	Copyright (C) 2008 Fredrik Tolf <fredrik@dolda2000.com>
	4
	5	This program is free software: you can redistribute it and/or modify
	6	it under the terms of the GNU General Public License as published by
	7	the Free Software Foundation, either version 3 of the License, or
	8	(at your option) any later version.
	9
	10	This program is distributed in the hope that it will be useful,
	11	but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	GNU General Public License for more details.
	14
	15	You should have received a copy of the GNU General Public License
	16	along with this program. If not, see <http://www.gnu.org/licenses/>.
	17	*/
	18
	19	#include <stdlib.h>
	20	#include <string.h>
	21	#include <stdio.h>
	22	#include <unistd.h>
	23	#include <errno.h>
	24	#include <ctype.h>
	25	#include <signal.h>
df96b222	26	#include <sys/poll.h>
3349651f	27	#include <sys/wait.h>
8cc51634 FT	28
	29	#ifdef HAVE_CONFIG_H
	30	#include <config.h>
	31	#endif
	32	#include <utils.h>
	33	#include <log.h>
09c82f9c	34	#include <req.h>
8cc51634 FT	35
	36	static char **environ;
	37
df96b222	38	static int passdata(FILE in, FILE out)
8cc51634 FT	39	{
8cc51634 FT	40	int ret;
df96b222 FT	41	char buf[65536];
df96b222 FT	42	struct pollfd pfds[2];
8cc51634	43
8cc51634	44	while(!feof(in)) {
df96b222 FT	45	memset(pfds, 0, sizeof(struct pollfd) * 2);
	46	pfds[0].fd = fileno(in);
	47	pfds[0].events = POLLIN;
	48	pfds[1].fd = fileno(out);
	49	pfds[1].events = POLLHUP;
	50	ret = poll(pfds, 2, -1);
	51	if(ret < 0) {
	52	if(errno != EINTR) {
	53	flog(LOG_ERR, "callcgi: error in poll: %s", strerror(errno));
	54	return(1);
	55	}
8cc51634	56	}
df96b222	57	if(ret > 0) {
19409e87	58	if(pfds[0].revents & (POLLIN \| POLLERR \| POLLHUP)) {
df96b222 FT	59	ret = fread(buf, 1, 65536, in);
	60	if(ferror(in)) {
	61	flog(LOG_ERR, "callcgi: could not read input: %s", strerror(errno));
	62	return(1);
	63	}
	64	if(fwrite(buf, 1, ret, out) != ret) {
	65	flog(LOG_ERR, "callcgi: could not write output: %s", strerror(errno));
	66	return(1);
	67	}
	68	}
	69	if(pfds[1].revents & POLLHUP)
	70	return(1);
8cc51634 FT	71	}
8cc51634 FT	72	}
df96b222	73	return(0);
8cc51634 FT	74	}
8cc51634 FT	75
bac8c1f9 FT	76	static char absolutify(char file)
	77	{
	78	char cwd[1024];
	79
	80	if(*file != '/') {
	81	getcwd(cwd, sizeof(cwd));
	82	return(sprintf2("%s/%s", cwd, file));
	83	}
	84	return(sstrdup(file));
	85	}
	86
df96b222	87	static pid_t forkchild(int inpath, char prog, char file, char method, char url, char rest, int infd, int *outfd)
8cc51634 FT	88	{
8cc51634 FT	89	int i;
85059e82	90	char qp, env, name;
8cc51634 FT	91	int inp[2], outp[2];
8cc51634 FT	92	pid_t pid;
53d666ca	93	char *pi;
8cc51634 FT	94
	95	pipe(inp);
	96	pipe(outp);
	97	if((pid = fork()) < 0) {
	98	flog(LOG_ERR, "callcgi: could not fork");
	99	exit(1);
	100	}
	101	if(pid == 0) {
	102	close(inp[1]);
	103	close(outp[0]);
	104	dup2(inp[0], 0);
	105	dup2(outp[1], 1);
	106	for(i = 3; i < FD_SETSIZE; i++)
	107	close(i);
	108	if((qp = strchr(url, '?')) != NULL)
	109	*(qp++) = 0;
8cc51634 FT	110	putenv(sprintf2("SERVER_SOFTWARE=ashd/%s", VERSION));
	111	putenv("GATEWAY_INTERFACE=CGI/1.1");
	112	if(getenv("HTTP_VERSION"))
147c2b51	113	putenv(sprintf2("SERVER_PROTOCOL=%s", getenv("HTTP_VERSION")));
8cc51634	114	putenv(sprintf2("REQUEST_METHOD=%s", method));
85059e82 FT	115	name = url;
	116	/* XXX: This is an ugly hack (I think), but though I can think
	117	* of several alternatives, none seem to be better. */
2d65add0 FT	118	if(*rest && (strlen(url) >= strlen(rest)) &&
	119	!strcmp(rest, url + strlen(url) - strlen(rest))) {
	120	name = sprintf2("%.*s", (int)(strlen(url) - strlen(rest)), url);
85059e82	121	}
53d666ca FT	122	if((pi = unquoteurl(rest)) == NULL)
	123	pi = rest;
	124	if(!strcmp(name, "/")) {
	125	/*
	126	* Normal CGI behavior appears to be to always let
	127	* PATH_INFO begin with a slash and never let SCRIPT_NAME
	128	* end with one. That conflicts, however, with some
	129	* behaviors, such as "mounting" CGI applications on a
	130	* directory element of the URI space -- a handler
	131	* responding to "/foo/" would not be able to tell that it
	132	* is not called "/foo", which makes a large difference,
	133	* not least in relation to URI reconstruction and
	134	* redirections. A common practical case is CGI-handled
	135	* index files in directories. Therefore, this only
	136	* handles the nonconditional case of the root directory
	137	* and leaves other decisions to the previous handler
	138	* handing over the request to callcgi. It is unclear if
	139	* there is a better way to handle the problem.
	140	*/
	141	name[0] = 0;
	142	pi = sprintf2("/%s", pi);
	143	}
	144	putenv(sprintf2("PATH_INFO=%s", pi));
85059e82	145	putenv(sprintf2("SCRIPT_NAME=%s", name));
8cc51634 FT	146	putenv(sprintf2("QUERY_STRING=%s", qp?qp:""));
	147	if(getenv("REQ_HOST"))
	148	putenv(sprintf2("SERVER_NAME=%s", getenv("REQ_HOST")));
8626e489 FT	149	if(getenv("REQ_X_ASH_SERVER_PORT"))
	150	putenv(sprintf2("SERVER_PORT=%s", getenv("REQ_X_ASH_SERVER_PORT")));
	151	if(getenv("REQ_X_ASH_PROTOCOL") && !strcmp(getenv("REQ_X_ASH_PROTOCOL"), "https"))
f0a758cc	152	putenv("HTTPS=on");
8cc51634 FT	153	if(getenv("REQ_X_ASH_ADDRESS"))
8cc51634 FT	154	putenv(sprintf2("REMOTE_ADDR=%s", getenv("REQ_X_ASH_ADDRESS")));
381f9919 FT	155	if(getenv("REQ_X_ASH_REMOTE_USER"))
381f9919 FT	156	putenv(sprintf2("REMOTE_USER=%s", getenv("REQ_X_ASH_REMOTE_USER")));
8cc51634 FT	157	if(getenv("REQ_CONTENT_TYPE"))
	158	putenv(sprintf2("CONTENT_TYPE=%s", getenv("REQ_CONTENT_TYPE")));
	159	if(getenv("REQ_CONTENT_LENGTH"))
	160	putenv(sprintf2("CONTENT_LENGTH=%s", getenv("REQ_CONTENT_LENGTH")));
	161	for(env = environ; *env; env++) {
	162	if(!strncmp(*env, "REQ_", 4))
	163	putenv(sprintf2("HTTP_%s", (*env) + 4));
	164	}
	165	/*
	166	* This is (understandably) missing from the CGI
	167	* specification, but PHP seems to require it.
	168	*/
bac8c1f9	169	putenv(sprintf2("SCRIPT_FILENAME=%s", absolutify(file)));
341b3f0b FT	170	if(inpath)
	171	execlp(prog, prog, file, NULL);
	172	else
	173	execl(prog, prog, file, NULL);
8cc51634 FT	174	exit(127);
	175	}
	176	close(inp[0]);
	177	close(outp[1]);
	178	*infd = inp[1];
	179	*outfd = outp[0];
df96b222	180	return(pid);
8cc51634 FT	181	}
	182
	183	static void trim(struct charbuf *buf)
	184	{
	185	char *p;
	186
	187	for(p = buf->b; (p - buf->b < buf->d) && isspace(*p); p++);
	188	memmove(buf->b, p, buf->d -= (p - buf->b));
	189	for(p = buf->b + buf->d - 1; (p > buf->b) && isspace(*p); p--, buf->d--);
	190	}
	191
09c82f9c	192	static char *parsecgiheaders(FILE s)
8cc51634 FT	193	{
	194	int c, state;
	195	struct charvbuf hbuf;
	196	struct charbuf buf;
	197
	198	bufinit(hbuf);
	199	bufinit(buf);
	200	state = 0;
	201	while(1) {
	202	c = fgetc(s);
	203	again:
	204	if(state == 0) {
	205	if(c == '\r') {
	206	} else if(c == '\n') {
	207	break;
	208	} else if(c == EOF) {
	209	goto fail;
	210	} else {
	211	state = 1;
	212	goto again;
	213	}
	214	} else if(state == 1) {
	215	if(c == ':') {
	216	trim(&buf);
	217	bufadd(buf, 0);
	218	bufadd(hbuf, buf.b);
	219	bufinit(buf);
	220	state = 2;
	221	} else if(c == '\r') {
	222	} else if(c == '\n') {
	223	goto fail;
	224	} else if(c == EOF) {
	225	goto fail;
	226	} else {
	227	bufadd(buf, c);
	228	}
	229	} else if(state == 2) {
	230	if(c == '\r') {
	231	} else if(c == '\n') {
	232	trim(&buf);
	233	bufadd(buf, 0);
	234	bufadd(hbuf, buf.b);
	235	bufinit(buf);
	236	state = 0;
	237	} else if(c == EOF) {
	238	goto fail;
	239	} else {
	240	bufadd(buf, c);
	241	}
	242	}
	243	}
	244	bufadd(hbuf, NULL);
	245	return(hbuf.b);
	246
	247	fail:
	248	buffree(hbuf);
	249	buffree(buf);
	250	return(NULL);
	251	}
	252
2e535ab0 FT	253	static char *defstatus(int code)
	254	{
	255	if(code == 200)
	256	return("OK");
	257	else if(code == 201)
	258	return("Created");
	259	else if(code == 202)
	260	return("Accepted");
	261	else if(code == 204)
	262	return("No Content");
	263	else if(code == 300)
	264	return("Multiple Choices");
	265	else if(code == 301)
	266	return("Moved Permanently");
	267	else if(code == 302)
	268	return("Found");
	269	else if(code == 303)
	270	return("See Other");
	271	else if(code == 304)
	272	return("Not Modified");
	273	else if(code == 307)
	274	return("Moved Temporarily");
	275	else if(code == 400)
	276	return("Bad Request");
	277	else if(code == 401)
	278	return("Unauthorized");
	279	else if(code == 403)
	280	return("Forbidden");
	281	else if(code == 404)
	282	return("Not Found");
	283	else if(code == 500)
	284	return("Internal Server Error");
	285	else if(code == 501)
	286	return("Not Implemented");
	287	else if(code == 503)
	288	return("Service Unavailable");
	289	else
	290	return("Unknown status");
	291	}
	292
8cc51634 FT	293	static void sendstatus(char *headers, FILE out)
	294	{
	295	char **hp;
	296	char status, location;
	297
	298	hp = headers;
	299	status = location = NULL;
	300	while(*hp) {
	301	if(!strcasecmp(hp[0], "status")) {
	302	status = hp[1];
	303	/* Clear this header, so that it is not transmitted by sendheaders. */
	304	**hp = 0;
	305	} else if(!strcasecmp(hp[0], "location")) {
	306	location = hp[1];
f9255ddd	307	hp += 2;
8cc51634 FT	308	} else {
	309	hp += 2;
	310	}
	311	}
	312	if(status) {
2e535ab0	313	if(strchr(status, ' '))
81cfca6c	314	fprintf(out, "HTTP/1.1 %s\n", status);
2e535ab0	315	else
81cfca6c	316	fprintf(out, "HTTP/1.1 %i %s\n", atoi(status), defstatus(atoi(status)));
8cc51634	317	} else if(location) {
81cfca6c	318	fprintf(out, "HTTP/1.1 303 See Other\n");
8cc51634	319	} else {
81cfca6c	320	fprintf(out, "HTTP/1.1 200 OK\n");
8cc51634 FT	321	}
	322	}
	323
	324	static void sendheaders(char *headers, FILE out)
	325	{
	326	while(*headers) {
	327	if(**headers)
81cfca6c	328	fprintf(out, "%s: %s\n", headers[0], headers[1]);
8cc51634 FT	329	headers += 2;
	330	}
	331	}
	332
341b3f0b FT	333	static void usage(void)
341b3f0b FT	334	{
5e74f3f1	335	flog(LOG_ERR, "usage: callcgi [-c] [-p PROGRAM] METHOD URL REST");
341b3f0b FT	336	}
341b3f0b FT	337
8cc51634 FT	338	int main(int argc, char argv, char envp)
8cc51634 FT	339	{
341b3f0b	340	int c;
5e74f3f1 FT	341	char file, prog, *sp;
5e74f3f1 FT	342	int inpath, cd;
341b3f0b FT	343	int infd, outfd;
341b3f0b FT	344	FILE in, out;
8cc51634	345	char **headers;
df96b222	346	pid_t child;
3349651f	347	int estat;
8cc51634 FT	348
	349	environ = envp;
	350	signal(SIGPIPE, SIG_IGN);
341b3f0b FT	351
	352	prog = NULL;
	353	inpath = 0;
5e74f3f1 FT	354	cd = 0;
5e74f3f1 FT	355	while((c = getopt(argc, argv, "cp:")) >= 0) {
341b3f0b	356	switch(c) {
5e74f3f1 FT	357	case 'c':
	358	cd = 1;
	359	break;
341b3f0b FT	360	case 'p':
	361	prog = optarg;
	362	inpath = 1;
	363	break;
	364	default:
	365	usage();
	366	exit(1);
	367	}
	368	}
	369
	370	if(argc - optind < 3) {
	371	usage();
8cc51634 FT	372	exit(1);
	373	}
	374	if((file = getenv("REQ_X_ASH_FILE")) == NULL) {
	375	flog(LOG_ERR, "callcgi: needs to be called with the X-Ash-File header");
	376	exit(1);
	377	}
5e74f3f1 FT	378
	379	if(cd) {
	380	/* This behavior is encouraged by the CGI specification (RFC 3875, 7.2),
	381	* but not strictly required, and I get the feeling it might break some
	382	* relative paths here or there, so it's not the default for now. */
	383	if((sp = strrchr(file, '/')) != NULL) {
	384	*sp = 0;
	385	if(chdir(file)) {
	386	*sp = '/';
	387	} else {
	388	file = sp + 1;
	389	}
	390	}
	391	}
	392
341b3f0b FT	393	if(prog == NULL)
341b3f0b FT	394	prog = file;
df96b222	395	child = forkchild(inpath, prog, file, argv[optind], argv[optind + 1], argv[optind + 2], &infd, &outfd);
341b3f0b	396	in = fdopen(infd, "w");
df96b222	397	passdata(stdin, in); /* Ignore errors, perhaps? */
341b3f0b FT	398	fclose(in);
341b3f0b FT	399	out = fdopen(outfd, "r");
09c82f9c	400	if((headers = parsecgiheaders(out)) == NULL) {
8cc51634 FT	401	flog(LOG_WARNING, "CGI handler returned invalid headers");
	402	exit(1);
	403	}
	404	sendstatus(headers, stdout);
	405	sendheaders(headers, stdout);
81cfca6c	406	printf("\n");
df96b222 FT	407	if(passdata(out, stdout))
df96b222 FT	408	kill(child, SIGINT);
3349651f FT	409	if(waitpid(child, &estat, 0) == child) {
	410	if(WCOREDUMP(estat))
	411	flog(LOG_WARNING, "CGI handler `%s' dumped core", prog);
	412	if(WIFEXITED(estat) && !WEXITSTATUS(estat))
	413	return(0);
	414	else
	415	return(1);
	416	}
	417	flog(LOG_WARNING, "could not wait for CGI handler: %s", strerror(errno));
	418	return(1);
8cc51634	419	}