search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
portable: include utf8d.h in dist tarball
[got-portable.git] / gotwebd / fcgi.c
blob1c77a0a03233522ae1e8b7a23dcb1a64ded98fae
1 /*
2 * Copyright (c) 2020-2022 Tracey Emery <tracey@traceyemery.net>
3 * Copyright (c) 2013 David Gwynne <dlg@openbsd.org>
4 * Copyright (c) 2013 Florian Obser <florian@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19 #include "got_compat.h"
20
21 #include <arpa/inet.h>
22 #include <sys/queue.h>
23 #include <sys/socket.h>
24 #include <sys/types.h>
25 #include <sys/uio.h>
26
27 #include <errno.h>
28 #include <event.h>
29 #include <imsg.h>
30 #include <stdarg.h>
31 #include <stdlib.h>
32 #include <stdio.h>
33 #include <string.h>
34 #include <time.h>
35 #include <unistd.h>
36
37 #include "got_error.h"
38 #include "got_reference.h"
39
40 #include "gotwebd.h"
41 #include "tmpl.h"
42
43 size_t fcgi_parse_record(uint8_t *, size_t, struct request *);
44 void fcgi_parse_begin_request(uint8_t *, uint16_t, struct request *,
45 uint16_t);
46 void fcgi_parse_params(uint8_t *, uint16_t, struct request *, uint16_t);
47 int fcgi_send_response(struct request *, int, const void *, size_t);
48
49 void dump_fcgi_record_header(const char *, struct fcgi_record_header *);
50 void dump_fcgi_begin_request_body(const char *,
51 struct fcgi_begin_request_body *);
52 void dump_fcgi_end_request_body(const char *,
53 struct fcgi_end_request_body *);
54
55 extern int cgi_inflight;
56 extern volatile int client_cnt;
57
58 void
59 fcgi_request(int fd, short events, void *arg)
60 {
61 struct request *c = arg;
62 ssize_t n;
63 size_t parsed = 0;
64
65 n = read(fd, c->buf + c->buf_pos + c->buf_len,
66 FCGI_RECORD_SIZE - c->buf_pos-c->buf_len);
67
68 switch (n) {
69 case -1:
70 switch (errno) {
71 case EINTR:
72 case EAGAIN:
73 return;
74 default:
75 goto fail;
76 }
77 break;
78
79 case 0:
80 log_debug("closed connection");
81 goto fail;
82 default:
83 break;
84 }
85
86 c->buf_len += n;
87
88 /*
89 * Parse the records as they are received. Per the FastCGI
90 * specification, the server need only receive the FastCGI
91 * parameter records in full; it is free to begin execution
92 * at that point, which is what happens here.
93 */
94 do {
95 parsed = fcgi_parse_record(c->buf + c->buf_pos, c->buf_len, c);
96 if (parsed != 0) {
97 c->buf_pos += parsed;
98 c->buf_len -= parsed;
99 }
100
101 /* drop the parsed record */
102 if (parsed != 0 && c->buf_len > 0) {
103 bcopy(c->buf + c->buf_pos, c->buf, c->buf_len);
104 c->buf_pos = 0;
105 }
106 } while (parsed > 0 && c->buf_len > 0);
107
108 return;
109 fail:
110 fcgi_cleanup_request(c);
111 }
112
113 size_t
114 fcgi_parse_record(uint8_t *buf, size_t n, struct request *c)
115 {
116 struct fcgi_record_header *h;
117
118 if (n < sizeof(struct fcgi_record_header))
119 return 0;
120
121 h = (struct fcgi_record_header*) buf;
122
123 dump_fcgi_record("", h);
124
125 if (n < sizeof(struct fcgi_record_header) + ntohs(h->content_len)
126 + h->padding_len)
127 return 0;
128
129 if (h->version != 1)
130 log_warn("wrong version");
131
132 switch (h->type) {
133 case FCGI_BEGIN_REQUEST:
134 fcgi_parse_begin_request(buf +
135 sizeof(struct fcgi_record_header),
136 ntohs(h->content_len), c, ntohs(h->id));
137 break;
138 case FCGI_PARAMS:
139 fcgi_parse_params(buf + sizeof(struct fcgi_record_header),
140 ntohs(h->content_len), c, ntohs(h->id));
141 break;
142 case FCGI_STDIN:
143 case FCGI_ABORT_REQUEST:
144 fcgi_create_end_record(c);
145 fcgi_cleanup_request(c);
146 return 0;
147 default:
148 log_warn("unimplemented type %d", h->type);
149 break;
150 }
151
152 return (sizeof(struct fcgi_record_header) + ntohs(h->content_len)
153 + h->padding_len);
154 }
155
156 void
157 fcgi_parse_begin_request(uint8_t *buf, uint16_t n,
158 struct request *c, uint16_t id)
159 {
160 /* XXX -- FCGI_CANT_MPX_CONN */
161 if (c->request_started) {
162 log_warn("unexpected FCGI_BEGIN_REQUEST, ignoring");
163 return;
164 }
165
166 if (n != sizeof(struct fcgi_begin_request_body)) {
167 log_warn("wrong size %d != %lu", n,
168 sizeof(struct fcgi_begin_request_body));
169 return;
170 }
171
172 c->request_started = 1;
173 c->id = id;
174 }
175
176 void
177 fcgi_parse_params(uint8_t *buf, uint16_t n, struct request *c, uint16_t id)
178 {
179 uint32_t name_len, val_len;
180 uint8_t *val;
181
182 if (!c->request_started) {
183 log_warn("FCGI_PARAMS without FCGI_BEGIN_REQUEST, ignoring");
184 return;
185 }
186
187 if (c->id != id) {
188 log_warn("unexpected id, ignoring");
189 return;
190 }
191
192 if (n == 0) {
193 gotweb_process_request(c);
194 template_flush(c->tp);
195 return;
196 }
197
198 while (n > 0) {
199 if (buf[0] >> 7 == 0) {
200 name_len = buf[0];
201 n--;
202 buf++;
203 } else {
204 if (n > 3) {
205 name_len = ((buf[0] & 0x7f) << 24) +
206 (buf[1] << 16) + (buf[2] << 8) + buf[3];
207 n -= 4;
208 buf += 4;
209 } else
210 return;
211 }
212
213 if (n == 0)
214 return;
215
216 if (buf[0] >> 7 == 0) {
217 val_len = buf[0];
218 n--;
219 buf++;
220 } else {
221 if (n > 3) {
222 val_len = ((buf[0] & 0x7f) << 24) +
223 (buf[1] << 16) + (buf[2] << 8) +
224 buf[3];
225 n -= 4;
226 buf += 4;
227 } else
228 return;
229 }
230
231 if (n < name_len + val_len)
232 return;
233
234 val = buf + name_len;
235
236 if (c->querystring[0] == '\0' &&
237 val_len < MAX_QUERYSTRING &&
238 name_len == 12 &&
239 strncmp(buf, "QUERY_STRING", 12) == 0) {
240 memcpy(c->querystring, val, val_len);
241 c->querystring[val_len] = '\0';
242 }
243
244 if (c->document_uri[0] == '\0' &&
245 val_len < MAX_DOCUMENT_URI &&
246 name_len == 12 &&
247 strncmp(buf, "DOCUMENT_URI", 12) == 0) {
248 memcpy(c->document_uri, val, val_len);
249 c->document_uri[val_len] = '\0';
250 }
251
252 if (c->server_name[0] == '\0' &&
253 val_len < MAX_SERVER_NAME &&
254 name_len == 11 &&
255 strncmp(buf, "SERVER_NAME", 11) == 0) {
256 memcpy(c->server_name, val, val_len);
257 c->server_name[val_len] = '\0';
258 }
259
260 if (name_len == 5 &&
261 strncmp(buf, "HTTPS", 5) == 0)
262 c->https = 1;
263
264 buf += name_len + val_len;
265 n -= name_len - val_len;
266 }
267 }
268
269 void
270 fcgi_timeout(int fd, short events, void *arg)
271 {
272 fcgi_cleanup_request((struct request*) arg);
273 }
274
275 static int
276 send_response(struct request *c, int type, const uint8_t *data,
277 size_t len)
278 {
279 static const uint8_t padding[FCGI_PADDING_SIZE];
280 struct fcgi_record_header header;
281 struct iovec iov[3];
282 struct timespec ts;
283 ssize_t nw;
284 size_t padded_len, tot;
285 int i, err = 0, th = 2000;
286
287 ts.tv_sec = 0;
288 ts.tv_nsec = 50;
289
290 memset(&header, 0, sizeof(header));
291 header.version = 1;
292 header.type = type;
293 header.id = htons(c->id);
294 header.content_len = htons(len);
295
296 /* The FastCGI spec suggests to align the output buffer */
297 tot = sizeof(header) + len;
298 padded_len = FCGI_ALIGN(tot);
299 if (padded_len > tot) {
300 header.padding_len = padded_len - tot;
301 tot += header.padding_len;
302 }
303
304 iov[0].iov_base = &header;
305 iov[0].iov_len = sizeof(header);
306
307 iov[1].iov_base = (void *)data;
308 iov[1].iov_len = len;
309
310 iov[2].iov_base = (void *)padding;
311 iov[2].iov_len = header.padding_len;
312
313 dump_fcgi_record("resp ", &header);
314
315 /*
316 * XXX: add some simple write heuristics here
317 * On slower VMs, spotty connections, etc., we don't want to go right to
318 * disconnect. Let's at least try to write the data a few times before
319 * giving up.
320 */
321 while (tot > 0) {
322 nw = writev(c->fd, iov, nitems(iov));
323 if (nw == 0) {
324 c->sock->client_status = CLIENT_DISCONNECT;
325 break;
326 }
327 if (nw == -1) {
328 err++;
329 if (errno == EAGAIN && err < th) {
330 nanosleep(&ts, NULL);
331 continue;
332 }
333 log_debug("%s: write failure: %s", __func__,
334 strerror(errno));
335 c->sock->client_status = CLIENT_DISCONNECT;
336 return -1;
337 }
338
339 if (nw != tot)
340 log_debug("%s: partial write: %zu vs %zu", __func__,
341 nw, tot);
342
343 tot -= nw;
344 for (i = 0; i < nitems(iov); ++i) {
345 if (nw < iov[i].iov_len) {
346 iov[i].iov_base += nw;
347 iov[i].iov_len -= nw;
348 break;
349 }
350 nw -= iov[i].iov_len;
351 iov[i].iov_len = 0;
352 }
353 }
354
355 return 0;
356 }
357
358 int
359 fcgi_send_response(struct request *c, int type, const void *data,
360 size_t len)
361 {
362 if (c->sock->client_status == CLIENT_DISCONNECT)
363 return -1;
364
365 while (len > FCGI_CONTENT_SIZE) {
366 if (send_response(c, type, data, len) == -1)
367 return -1;
368
369 data += FCGI_CONTENT_SIZE;
370 len -= FCGI_CONTENT_SIZE;
371 }
372
373 if (len == 0)
374 return 0;
375
376 return send_response(c, type, data, len);
377 }
378
379 int
380 fcgi_write(void *arg, const void *buf, size_t len)
381 {
382 struct request *c = arg;
383
384 return fcgi_send_response(c, FCGI_STDOUT, buf, len);
385 }
386
387 void
388 fcgi_create_end_record(struct request *c)
389 {
390 struct fcgi_end_request_body end_request;
391
392 memset(&end_request, 0, sizeof(end_request));
393 end_request.app_status = htonl(0); /* script status */
394 end_request.protocol_status = FCGI_REQUEST_COMPLETE;
395
396 fcgi_send_response(c, FCGI_END_REQUEST, &end_request,
397 sizeof(end_request));
398 }
399
400 void
401 fcgi_cleanup_request(struct request *c)
402 {
403 cgi_inflight--;
404 client_cnt--;
405
406 evtimer_del(&c->tmo);
407 if (event_initialized(&c->ev))
408 event_del(&c->ev);
409
410 close(c->fd);
411 template_free(c->tp);
412 if (c->t != NULL)
413 gotweb_free_transport(c->t);
414 free(c);
415 }
416
417 void
418 dump_fcgi_record(const char *p, struct fcgi_record_header *h)
419 {
420 dump_fcgi_record_header(p, h);
421
422 if (h->type == FCGI_BEGIN_REQUEST)
423 dump_fcgi_begin_request_body(p,
424 (struct fcgi_begin_request_body *)(h + 1));
425 else if (h->type == FCGI_END_REQUEST)
426 dump_fcgi_end_request_body(p,
427 (struct fcgi_end_request_body *)(h + 1));
428 }
429
430 void
431 dump_fcgi_record_header(const char* p, struct fcgi_record_header *h)
432 {
433 log_debug("%sversion: %d", p, h->version);
434 log_debug("%stype: %d", p, h->type);
435 log_debug("%srequestId: %d", p, ntohs(h->id));
436 log_debug("%scontentLength: %d", p, ntohs(h->content_len));
437 log_debug("%spaddingLength: %d", p, h->padding_len);
438 log_debug("%sreserved: %d", p, h->reserved);
439 }
440
441 void
442 dump_fcgi_begin_request_body(const char *p, struct fcgi_begin_request_body *b)
443 {
444 log_debug("%srole %d", p, ntohs(b->role));
445 log_debug("%sflags %d", p, b->flags);
446 }
447
448 void
449 dump_fcgi_end_request_body(const char *p, struct fcgi_end_request_body *b)
450 {
451 log_debug("%sappStatus: %d", p, ntohl(b->app_status));
452 log_debug("%sprotocolStatus: %d", p, b->protocol_status);
453 }
portable version of Game of Trees