commands/httpd0995/cgiexec.c

   1 /* cgiexec.c by Michael Temari 02/17/96
   2  *
   3  * This file is part of httpd.
   4  *
   5  * 02/17/1996                   Michael Temari <Michael@TemWare.Com>
   6  * 07/07/1996 Initial Release   Michael Temari <Michael@TemWare.Com>
   7  * 12/29/2002                   Michael Temari <Michael@TemWare.Com>
   8  * 02/08/2005                   Michael Temari <Michael@TemWare.Com>
   9  *
  10  */
  11 #include <sys/types.h>
  12 #include <sys/stat.h>
  13 #include <sys/wait.h>
  14 #include <stdio.h>
  15 #include <stdlib.h>
  16 #include <fcntl.h>
  17 #include <errno.h>
  18 #include <unistd.h>
  19 #include <string.h>
  20 #include <time.h>
  21
  22 #include "http.h"
  23 #include "config.h"
  24 #include "net.h"
  25
  26 _PROTOTYPE(char **cgienv, (struct http_request *rq, struct http_reply *rp));
  27 _PROTOTYPE(static int addenv, (char *name, char *value, char **buf, int *len));
  28
  29 int cgiexec(rq, rp)
  30 struct http_request *rq;
  31 struct http_reply *rp;
  32 {
  33 struct stat st;
  34 char *prog;
  35 int cmdpid;
  36 int status;
  37 char *argv[5];
  38 int ifds[2];
  39 int ofds[2];
  40 static char cmd[2048];
  41 char **cmdenv;
  42 int dirflag = 0;
  43
  44     if(stat(rp->realurl, &st)) {
  45         if(errno == EACCES)
  46                 rp->status = HTTP_STATUS_FORBIDDEN;
  47         else
  48                 rp->status = HTTP_STATUS_NOT_FOUND;
  49         strcpy(rp->statusmsg, strerror(errno));
  50         return(-1);
  51     }
  52
  53     if((st.st_mode & S_IFMT) == S_IFDIR)
  54         if(direxec != NULL) {
  55                 prog = direxec; dirflag = 1;
  56         } else
  57                 return(0);
  58     else
  59         prog = rp->realurl;
  60
  61     /* check if prog is allowed to be exec'd */
  62     if(!dirflag && !(rp->urlaccess & URLA_EXEC))
  63         return(0);
  64
  65     /* if cannot exec mode then return */
  66     if( (st.st_mode & S_IXUSR) == 0 &&
  67         (st.st_mode & S_IXGRP) == 0 &&
  68         (st.st_mode & S_IXOTH) == 0 )
  69         return(0);
  70
  71    if((cmdenv = cgienv(rq, rp)) == NULL) {
  72         rp->status = HTTP_STATUS_SERVER_ERROR;
  73         strcpy(rp->statusmsg, "Could not setup cgi environment");
  74         return(-1);
  75    }
  76
  77    argv[0] = prog;
  78    argv[1] = rp->realurl;
  79    argv[2] = rq->url;
  80    argv[3] = (char *)NULL;
  81
  82    if(pipe(ifds) < 0) {
  83         rp->status = HTTP_STATUS_NOT_FOUND;
  84         strcpy(rp->statusmsg, strerror(errno));
  85         return(-1);
  86    }
  87
  88    if(pipe(ofds) < 0) {
  89         rp->status = HTTP_STATUS_NOT_FOUND;
  90         strcpy(rp->statusmsg, strerror(errno));
  91         close(ifds[0]); close(ifds[1]);
  92         return(-1);
  93    }
  94
  95    if((cmdpid = fork()) < 0) {
  96         close(ifds[0]); close(ofds[0]);
  97         close(ifds[1]); close(ofds[1]);
  98         rp->status = HTTP_STATUS_NOT_FOUND;
  99         strcpy(rp->statusmsg, strerror(errno));
 100         return(-1);
 101    }
 102
 103    /* We don't know how much data is going to be passed back */
 104    rp->size = 0;
 105
 106    if(cmdpid == 0) { /* Child */
 107 #if 0
 108         if((cmdpid = fork()) < 0) {
 109                 close(ifds[0]); close(ofds[0]);
 110                 close(ifds[1]); close(ofds[1]);
 111                 exit(-1);
 112         }
 113         if(cmdpid != 0) {
 114                 close(ifds[0]); close(ofds[0]);
 115                 close(ifds[1]); close(ofds[1]);
 116                 exit(0);
 117         }
 118 #endif
 119         setsid();
 120         close(ifds[0]); close(ofds[1]);
 121         dup2(ofds[0], 0);
 122         dup2(ifds[1], 1);
 123         dup2(ifds[1], 2);
 124         close(ifds[1]); close(ofds[0]);
 125         execve(argv[0], argv, cmdenv);
 126         exit(0);
 127    }
 128
 129 #if 0
 130    /* Get rid of Zombie child */
 131    (void) wait(&status);
 132 #endif
 133
 134    close(ifds[1]); close(ofds[0]);
 135
 136    rp->fd = ifds[0];
 137    rp->ofd = ofds[1];
 138    rp->pid = cmdpid;
 139
 140    if(rp->urlaccess & URLA_HEADERS)
 141         rp->headers = -1;
 142
 143    return(-1);
 144 }
 145
 146 char **cgienv(rq, rp)
 147 struct http_request *rq;
 148 struct http_reply *rp;
 149 {
 150 static char buffer[4096];
 151 char *p, *p2;
 152 char **e;
 153 int len;
 154 char temp[20];
 155
 156    p = buffer;
 157    len = sizeof(buffer);
 158
 159    if(addenv("PATH", "/usr/local/bin:/bin:/usr/bin", &p, &len)) return(NULL);
 160    if(getenv("TZ") != (char *)NULL)
 161         if(addenv("TZ", getenv("TZ"), &p, &len)) return(NULL);
 162
 163    /* HACK - some of these are hardcoded and should not be MAT 3/17/96 */
 164
 165    /* HTTP_ */
 166
 167    if(addenv("SERVER_SOFTWARE", "Temari httpd/1.0", &p, &len)) return(NULL);
 168    if(addenv("SERVER_NAME", myhostname, &p, &len)) return(NULL);
 169    if(addenv("GATEWAY_INTERFACE", "CGI/1.1", &p, &len)) return(NULL);
 170    if(addenv("SERVER_PROTOCOL", "HTTP/1.0", &p, &len)) return(NULL);
 171    if(rq->port)
 172         sprintf(temp, "%u", rq->port);
 173    else
 174         strcpy(temp, "80");
 175    if(addenv("SERVER_PORT", temp, &p, &len)) return(NULL);
 176    switch(rq->method) {
 177         case HTTP_METHOD_GET:
 178                 if(addenv("REQUEST_METHOD", "GET", &p, &len)) return(NULL);
 179                 break;
 180         case HTTP_METHOD_POST:
 181                 if(addenv("REQUEST_METHOD", "POST", &p, &len)) return(NULL);
 182                 break;
 183         case HTTP_METHOD_HEAD:
 184                 if(addenv("REQUEST_METHOD", "HEAD", &p, &len)) return(NULL);
 185                 break;
 186         case HTTP_METHOD_PUT:
 187                 if(addenv("REQUEST_METHOD", "PUT", &p, &len)) return(NULL);
 188                 break;
 189         default:
 190                 if(addenv("REQUEST_METHOD", "UNKNOWN", &p, &len)) return(NULL);
 191    }
 192    if(addenv("PATH_INFO", "?", &p, &len)) return(NULL);
 193    if(addenv("PATH_TRANSLATED", "?", &p, &len)) return(NULL);
 194    if(addenv("SCRIPT_NAME", rq->url, &p, &len)) return(NULL);
 195    if(addenv("QUERY_STRING", rq->query, &p, &len)) return(NULL);
 196    if(addenv("REMOTE_HOST", rmthostname, &p, &len)) return(NULL);
 197    if(addenv("REMOTE_ADDR", rmthostaddr, &p, &len)) return(NULL);
 198    if(rq->authuser != (char *)NULL)
 199         if(addenv("AUTH_USER", rq->authuser, &p, &len)) return(NULL);
 200    /* AUTH_TYPE */
 201    /* REMOTE_USER */
 202    /* REMOTE_IDENT */
 203    if(rq->method == HTTP_METHOD_POST) {
 204         if(addenv("CONTENT_TYPE", "application/x-www-form-urlencoded", &p, &len)) return(NULL);
 205         sprintf(temp, "%lu", rq->size);
 206         if(addenv("CONTENT_LENGTH", temp, &p, &len)) return(NULL);
 207    }
 208    /* COOKIE */
 209    if(rq->cookie[0] != '\0')
 210         if(addenv("COOKIE", rq->cookie, &p, &len)) return(NULL);
 211    /* HOST */
 212    if(addenv("HOST", rq->host, &p, &len)) return(NULL);
 213
 214    if(len < 1) return(NULL);
 215    *p++ = '\0';
 216
 217    p2 = buffer;
 218    e = (char **)p;
 219    while(*p2) {
 220         if(len < sizeof(e)) return(NULL);
 221         len -= sizeof(e);
 222         *e++ = p2;
 223         while(*p2) p2++;
 224         p2++;
 225    }
 226    if(len < sizeof(e)) return(NULL);
 227    *e++ = NULL;
 228
 229    return((char **)p);
 230 }
 231
 232 static int addenv(name, value, buf, len)
 233 char *name;
 234 char *value;
 235 char **buf;
 236 int *len;
 237 {
 238 char *p;
 239 int size;
 240
 241    p = *buf;
 242
 243    size = strlen(name)+1+strlen(value)+1;
 244
 245    if(size > *len)
 246         return(-1);
 247
 248    sprintf(p, "%s=%s", name, value);
 249
 250    p += size;
 251    *buf = p;
 252    *len -= size;
 253
 254    return(0);
 255 }