search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
store ibuf used by got_repo_read_gitconfig() on the stack
[got-portable.git] / gotwebd / fcgi.c
blob15d852b97d02efc7bce908d86da30b6276e96e37
1 /*
2 * Copyright (c) 2020-2022 Tracey Emery <tracey@traceyemery.net>
3 * Copyright (c) 2013 David Gwynne <dlg@openbsd.org>
4 * Copyright (c) 2013 Florian Obser <florian@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19 #include "got_compat.h"
20
21 #include <arpa/inet.h>
22 #include <sys/queue.h>
23 #include <sys/socket.h>
24 #include <sys/types.h>
25 #include <sys/uio.h>
26
27 #include <errno.h>
28 #include <event.h>
29 #include <imsg.h>
30 #include <stdarg.h>
31 #include <stdlib.h>
32 #include <stdio.h>
33 #include <string.h>
34 #include <time.h>
35 #include <unistd.h>
36
37 #include "got_error.h"
38 #include "got_reference.h"
39
40 #include "gotwebd.h"
41 #include "log.h"
42 #include "tmpl.h"
43
44 size_t fcgi_parse_record(uint8_t *, size_t, struct request *);
45 void fcgi_parse_begin_request(uint8_t *, uint16_t, struct request *,
46 uint16_t);
47 void fcgi_parse_params(uint8_t *, uint16_t, struct request *, uint16_t);
48 int fcgi_send_response(struct request *, int, const void *, size_t);
49
50 void dump_fcgi_request_body(const char *, struct fcgi_record_header *);
51 void dump_fcgi_record_header(const char *, struct fcgi_record_header *);
52 void dump_fcgi_begin_request_body(const char *,
53 struct fcgi_begin_request_body *);
54 void dump_fcgi_end_request_body(const char *,
55 struct fcgi_end_request_body *);
56
57 extern int cgi_inflight;
58 extern volatile int client_cnt;
59
60 void
61 fcgi_request(int fd, short events, void *arg)
62 {
63 struct request *c = arg;
64 ssize_t n;
65 size_t parsed = 0;
66
67 n = read(fd, c->buf + c->buf_pos + c->buf_len,
68 FCGI_RECORD_SIZE - c->buf_pos - c->buf_len);
69
70 switch (n) {
71 case -1:
72 switch (errno) {
73 case EINTR:
74 case EAGAIN:
75 return;
76 default:
77 goto fail;
78 }
79 break;
80
81 case 0:
82 log_info("closed connection");
83 goto fail;
84 default:
85 break;
86 }
87
88 c->buf_len += n;
89
90 /*
91 * Parse the records as they are received. Per the FastCGI
92 * specification, the server need only receive the FastCGI
93 * parameter records in full; it is free to begin execution
94 * at that point, which is what happens here.
95 */
96 do {
97 parsed = fcgi_parse_record(c->buf + c->buf_pos, c->buf_len, c);
98 if (parsed != 0) {
99 c->buf_pos += parsed;
100 c->buf_len -= parsed;
101 }
102
103 /* drop the parsed record */
104 if (parsed != 0 && c->buf_len > 0) {
105 memmove(c->buf, c->buf + c->buf_pos, c->buf_len);
106 c->buf_pos = 0;
107 }
108 } while (parsed > 0 && c->buf_len > 0);
109
110 return;
111 fail:
112 fcgi_cleanup_request(c);
113 }
114
115 size_t
116 fcgi_parse_record(uint8_t *buf, size_t n, struct request *c)
117 {
118 struct fcgi_record_header *h;
119
120 if (n < sizeof(struct fcgi_record_header))
121 return 0;
122
123 h = (struct fcgi_record_header*) buf;
124
125 dump_fcgi_record_header("", h);
126
127 if (n < sizeof(struct fcgi_record_header) + ntohs(h->content_len)
128 + h->padding_len)
129 return 0;
130
131 dump_fcgi_request_body("", h);
132
133 if (h->version != 1)
134 log_warn("wrong version");
135
136 switch (h->type) {
137 case FCGI_BEGIN_REQUEST:
138 fcgi_parse_begin_request(buf +
139 sizeof(struct fcgi_record_header),
140 ntohs(h->content_len), c, ntohs(h->id));
141 break;
142 case FCGI_PARAMS:
143 fcgi_parse_params(buf + sizeof(struct fcgi_record_header),
144 ntohs(h->content_len), c, ntohs(h->id));
145 break;
146 case FCGI_STDIN:
147 case FCGI_ABORT_REQUEST:
148 fcgi_create_end_record(c);
149 fcgi_cleanup_request(c);
150 return 0;
151 default:
152 log_warn("unimplemented type %d", h->type);
153 break;
154 }
155
156 return (sizeof(struct fcgi_record_header) + ntohs(h->content_len)
157 + h->padding_len);
158 }
159
160 void
161 fcgi_parse_begin_request(uint8_t *buf, uint16_t n,
162 struct request *c, uint16_t id)
163 {
164 /* XXX -- FCGI_CANT_MPX_CONN */
165 if (c->request_started) {
166 log_warn("unexpected FCGI_BEGIN_REQUEST, ignoring");
167 return;
168 }
169
170 if (n != sizeof(struct fcgi_begin_request_body)) {
171 log_warn("wrong size %d != %lu", n,
172 sizeof(struct fcgi_begin_request_body));
173 return;
174 }
175
176 c->request_started = 1;
177 c->id = id;
178 }
179
180 void
181 fcgi_parse_params(uint8_t *buf, uint16_t n, struct request *c, uint16_t id)
182 {
183 uint32_t name_len, val_len;
184 uint8_t *val;
185
186 if (!c->request_started) {
187 log_warn("FCGI_PARAMS without FCGI_BEGIN_REQUEST, ignoring");
188 return;
189 }
190
191 if (c->id != id) {
192 log_warn("unexpected id, ignoring");
193 return;
194 }
195
196 if (n == 0) {
197 gotweb_process_request(c);
198 template_flush(c->tp);
199 return;
200 }
201
202 while (n > 0) {
203 if (buf[0] >> 7 == 0) {
204 name_len = buf[0];
205 n--;
206 buf++;
207 } else {
208 if (n > 3) {
209 name_len = ((buf[0] & 0x7f) << 24) +
210 (buf[1] << 16) + (buf[2] << 8) + buf[3];
211 n -= 4;
212 buf += 4;
213 } else
214 return;
215 }
216
217 if (n == 0)
218 return;
219
220 if (buf[0] >> 7 == 0) {
221 val_len = buf[0];
222 n--;
223 buf++;
224 } else {
225 if (n > 3) {
226 val_len = ((buf[0] & 0x7f) << 24) +
227 (buf[1] << 16) + (buf[2] << 8) +
228 buf[3];
229 n -= 4;
230 buf += 4;
231 } else
232 return;
233 }
234
235 if (n < name_len + val_len)
236 return;
237
238 val = buf + name_len;
239
240 if (val_len < MAX_QUERYSTRING &&
241 name_len == 12 &&
242 strncmp(buf, "QUERY_STRING", 12) == 0) {
243 memcpy(c->querystring, val, val_len);
244 c->querystring[val_len] = '\0';
245 }
246
247 if (val_len < MAX_DOCUMENT_URI &&
248 name_len == 12 &&
249 strncmp(buf, "DOCUMENT_URI", 12) == 0) {
250 memcpy(c->document_uri, val, val_len);
251 c->document_uri[val_len] = '\0';
252 }
253
254 if (val_len < MAX_SERVER_NAME &&
255 name_len == 11 &&
256 strncmp(buf, "SERVER_NAME", 11) == 0) {
257 memcpy(c->server_name, val, val_len);
258 c->server_name[val_len] = '\0';
259 }
260
261 if (name_len == 5 &&
262 strncmp(buf, "HTTPS", 5) == 0)
263 c->https = 1;
264
265 buf += name_len + val_len;
266 n -= name_len - val_len;
267 }
268 }
269
270 void
271 fcgi_timeout(int fd, short events, void *arg)
272 {
273 fcgi_cleanup_request((struct request*) arg);
274 }
275
276 static int
277 send_response(struct request *c, int type, const uint8_t *data,
278 size_t len)
279 {
280 static const uint8_t padding[FCGI_PADDING_SIZE];
281 struct fcgi_record_header header;
282 struct iovec iov[3];
283 struct timespec ts;
284 ssize_t nw;
285 size_t padded_len, tot;
286 int i, err = 0, th = 2000;
287
288 ts.tv_sec = 0;
289 ts.tv_nsec = 50;
290
291 memset(&header, 0, sizeof(header));
292 header.version = 1;
293 header.type = type;
294 header.id = htons(c->id);
295 header.content_len = htons(len);
296
297 /* The FastCGI spec suggests to align the output buffer */
298 tot = sizeof(header) + len;
299 padded_len = FCGI_ALIGN(tot);
300 if (padded_len > tot) {
301 header.padding_len = padded_len - tot;
302 tot += header.padding_len;
303 }
304
305 iov[0].iov_base = &header;
306 iov[0].iov_len = sizeof(header);
307
308 iov[1].iov_base = (void *)data;
309 iov[1].iov_len = len;
310
311 iov[2].iov_base = (void *)padding;
312 iov[2].iov_len = header.padding_len;
313
314 dump_fcgi_record_header("resp ", &header);
315
316 /*
317 * XXX: add some simple write heuristics here
318 * On slower VMs, spotty connections, etc., we don't want to go right to
319 * disconnect. Let's at least try to write the data a few times before
320 * giving up.
321 */
322 while (tot > 0) {
323 nw = writev(c->fd, iov, nitems(iov));
324 if (nw == 0) {
325 c->sock->client_status = CLIENT_DISCONNECT;
326 break;
327 }
328 if (nw == -1) {
329 err++;
330 if (errno == EAGAIN && err < th) {
331 nanosleep(&ts, NULL);
332 continue;
333 }
334 log_warn("%s: write failure", __func__);
335 c->sock->client_status = CLIENT_DISCONNECT;
336 return -1;
337 }
338
339 if (nw != tot)
340 log_warnx("%s: partial write: %zu vs %zu", __func__,
341 nw, tot);
342
343 tot -= nw;
344 for (i = 0; i < nitems(iov); ++i) {
345 if (nw < iov[i].iov_len) {
346 iov[i].iov_base += nw;
347 iov[i].iov_len -= nw;
348 break;
349 }
350 nw -= iov[i].iov_len;
351 iov[i].iov_len = 0;
352 }
353 }
354
355 return 0;
356 }
357
358 int
359 fcgi_send_response(struct request *c, int type, const void *data,
360 size_t len)
361 {
362 if (c->sock->client_status == CLIENT_DISCONNECT)
363 return -1;
364
365 while (len > FCGI_CONTENT_SIZE) {
366 if (send_response(c, type, data, len) == -1)
367 return -1;
368
369 data += FCGI_CONTENT_SIZE;
370 len -= FCGI_CONTENT_SIZE;
371 }
372
373 if (len == 0)
374 return 0;
375
376 return send_response(c, type, data, len);
377 }
378
379 int
380 fcgi_write(void *arg, const void *buf, size_t len)
381 {
382 struct request *c = arg;
383
384 return fcgi_send_response(c, FCGI_STDOUT, buf, len);
385 }
386
387 void
388 fcgi_create_end_record(struct request *c)
389 {
390 struct fcgi_end_request_body end_request;
391
392 memset(&end_request, 0, sizeof(end_request));
393 end_request.app_status = htonl(0); /* script status */
394 end_request.protocol_status = FCGI_REQUEST_COMPLETE;
395
396 fcgi_send_response(c, FCGI_END_REQUEST, &end_request,
397 sizeof(end_request));
398 }
399
400 void
401 fcgi_cleanup_request(struct request *c)
402 {
403 cgi_inflight--;
404 client_cnt--;
405
406 evtimer_del(&c->tmo);
407 if (event_initialized(&c->ev))
408 event_del(&c->ev);
409
410 close(c->fd);
411 template_free(c->tp);
412 if (c->t != NULL)
413 gotweb_free_transport(c->t);
414 free(c);
415 }
416
417 void
418 dump_fcgi_request_body(const char *p, struct fcgi_record_header *h)
419 {
420 if (h->type == FCGI_BEGIN_REQUEST)
421 dump_fcgi_begin_request_body(p,
422 (struct fcgi_begin_request_body *)(h + 1));
423 else if (h->type == FCGI_END_REQUEST)
424 dump_fcgi_end_request_body(p,
425 (struct fcgi_end_request_body *)(h + 1));
426 }
427
428 void
429 dump_fcgi_record_header(const char* p, struct fcgi_record_header *h)
430 {
431 log_debug("%sversion: %d", p, h->version);
432 log_debug("%stype: %d", p, h->type);
433 log_debug("%srequestId: %d", p, ntohs(h->id));
434 log_debug("%scontentLength: %d", p, ntohs(h->content_len));
435 log_debug("%spaddingLength: %d", p, h->padding_len);
436 log_debug("%sreserved: %d", p, h->reserved);
437 }
438
439 void
440 dump_fcgi_begin_request_body(const char *p, struct fcgi_begin_request_body *b)
441 {
442 log_debug("%srole %d", p, ntohs(b->role));
443 log_debug("%sflags %d", p, b->flags);
444 }
445
446 void
447 dump_fcgi_end_request_body(const char *p, struct fcgi_end_request_body *b)
448 {
449 log_debug("%sappStatus: %d", p, ntohl(b->app_status));
450 log_debug("%sprotocolStatus: %d", p, b->protocol_status);
451 }
portable version of Game of Trees