gemscgi.c

   1 #include <stdbool.h>
   2 #include <stdio.h>
   3 #include <stdlib.h>
   4 #include <string.h>
   5 #include <sys/socket.h>
   6 #include <sys/types.h>
   7 #include <sys/un.h>
   8 #include <unistd.h>
   9
  10 #include "gemscgi.h"
  11
  12 /* Decode percent-escapes in place */
  13 static void urldecode(char *p) {
  14     char *w = p;
  15     bool escaped = false;
  16
  17     while (*p) {
  18         if (*p == '%') {
  19             escaped = true;
  20             ++p;
  21             if (sscanf(p, "%2hhx", w) == 1) {
  22                 ++w;
  23                 p+=2;
  24             }
  25         } else {
  26             if (escaped) *w = *p;
  27             ++p;
  28             ++w;
  29         }
  30     }
  31     *w = 0;
  32 }
  33
  34 #define MAX_REQUEST_SZ 4096
  35 /* Parse SCGI request with null body from fd s and place gemini-relevant
  36  * header values in request_info.
  37  * Return false on failure. */
  38 static bool parse_SCGI(int s, Request_Info *request_info)
  39 {
  40     char buf[MAX_REQUEST_SZ];
  41     int r = 0;
  42     while (1) {
  43         int r2 = read(s, buf + r, MAX_REQUEST_SZ - r);
  44         if (r2 <= 0) {
  45             perror("read");
  46             return false;
  47         }
  48         r += r2;
  49
  50         int sz;
  51         if (sscanf(buf, "%u:", &sz) == 1) {
  52             char buf2[16];
  53             snprintf(buf2, 16, "%u:,", sz);
  54             const int full_sz = sz + strlen(buf2);
  55
  56             if (full_sz > MAX_REQUEST_SZ) {
  57                 fprintf(stderr, "Bad request: Oversized, %u\n", sz);
  58                 return false;
  59             }
  60
  61             if (r == full_sz) {
  62                 break;
  63             }
  64
  65             if (r > full_sz) {
  66                 fprintf(stderr, "Bad request: non-empty body.\n");
  67                 return false;
  68             }
  69         }
  70     }
  71
  72     const char* end = &buf[r-1];
  73
  74     if (r <= 2) {
  75         /* Null request */
  76     } else if (buf[r-1] != ',' || buf[r-2] != 0) {
  77         fprintf(stderr, "Bad request: improperly terminated header.\n");
  78         return false;
  79     } else {
  80         /* Parse headers */
  81         char *p = buf;
  82         while (*p != ':') p++;
  83         p++;
  84
  85         while (p != end) {
  86             const char* key = p;
  87             while (*p) ++p;
  88             ++p;
  89             if (p == end) {
  90                 fprintf(stderr, "Bad request: key with no value.\n");
  91                 return false;
  92             }
  93
  94             char* val = p;
  95             while (*p) ++p;
  96             ++p;
  97
  98             if (strcmp(key, "QUERY_STRING") == 0) {
  99                 urldecode(val);
 100                 request_info->query_string_decoded = val;
 101             } else if (strcmp(key, "SCRIPT_PATH") == 0) {
 102                 request_info->script_path = val;
 103             } else if (strcmp(key, "PATH_INFO") == 0) {
 104                 request_info->path_info = val;
 105             } else if (strcmp(key, "SERVER_NAME") == 0) {
 106                 request_info->server_name = val;
 107             } else if (strcmp(key, "SERVER_PORT") == 0) {
 108                 request_info->server_port = val;
 109             } else if (strcmp(key, "REMOTE_ADDR") == 0) {
 110                 request_info->remote_addr = val;
 111             } else if (strcmp(key, "TLS_CLIENT_ISSUER") == 0) {
 112                 request_info->tls_client_issuer = val;
 113             } else if (strcmp(key, "TLS_CLIENT_ISSUER_CN") == 0) {
 114                 request_info->tls_client_issuer_cn = val;
 115             } else if (strcmp(key, "TLS_CLIENT_SUBJECT") == 0) {
 116                 request_info->tls_client_subject = val;
 117             } else if (strcmp(key, "TLS_CLIENT_SUBJECT_CN") == 0) {
 118                 request_info->tls_client_subject_cn = val;
 119             } else if (strcmp(key, "TLS_CLIENT_HASH") == 0) {
 120                 if (strncmp(val, "SHA256:", 7) == 0) val += 7;
 121                 request_info->tls_client_hash = val;
 122             }
 123         }
 124     }
 125
 126     return true;
 127 }
 128
 129 void runSCGI(const char *socket_path, respond_cb respond, void *respond_object)
 130 {
 131     // Unix socket gubbins based on
 132     // https://beej.us/guide/bgipc/html/multi/unixsock.html
 133
 134     const int s = socket(AF_UNIX, SOCK_STREAM, 0);
 135     if (s == -1) {
 136         perror("socket");
 137         exit(1);
 138     }
 139
 140     struct sockaddr_un local;
 141     local.sun_family = AF_UNIX;
 142     strcpy(local.sun_path, socket_path);
 143     unlink(local.sun_path);
 144     if (bind(s, (struct sockaddr *)&local,
 145                 strlen(local.sun_path) + sizeof(local.sun_family)) == -1) {
 146         perror("bind");
 147         exit(1);
 148     }
 149
 150     if (listen(s, 20) == -1) {
 151         perror("listen");
 152         exit(1);
 153     }
 154
 155     while (1) {
 156         const int s2 = accept(s, NULL, NULL);
 157         if (s2 == -1) {
 158             perror("accept");
 159             exit(1);
 160         }
 161
 162         Request_Info request_info = { };
 163         if (parse_SCGI(s2, &request_info))
 164             respond(respond_object, &request_info, s2);
 165
 166         close(s2);
 167     }
 168 }