1 /* $NetBSD: bozohttpd.c,v 1.113 2019/02/28 09:16:42 mrg Exp $ */ 2 3 /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ 4 5 /* 6 * Copyright (c) 1997-2019 Matthew R. Green 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer and 16 * dedication in the documentation and/or other materials provided 17 * with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 */ 32 33 /* this program is dedicated to the Great God of Processed Cheese */ 34 35 /* 36 * bozohttpd.c: minimal httpd; provides only these features: 37 * - HTTP/0.9 (by virtue of ..) 38 * - HTTP/1.0 39 * - HTTP/1.1 40 * - CGI/1.1 this will only be provided for "system" scripts 41 * - automatic "missing trailing slash" redirections 42 * - configurable translation of /~user/ to ~user/public_html, 43 * however, this does not include cgi-bin support 44 * - access lists via libwrap via inetd/tcpd 45 * - virtual hosting 46 * - not that we do not even pretend to understand MIME, but 47 * rely only on the HTTP specification 48 * - ipv6 support 49 * - automatic `index.html' generation 50 * - configurable server name 51 * - directory index generation 52 * - daemon mode (lacks libwrap support) 53 * - .htpasswd support 54 */ 55 56 /* 57 * requirements for minimal http/1.1 (at least, as documented in 58 * RFC 2616 (HTTP/1.1): 59 * 60 * - 14.11: content-encoding handling. [1] 61 * 62 * - 14.13: content-length handling. this is only a SHOULD header 63 * thus we could just not send it ever. [1] 64 * 65 * - 14.17: content-type handling. [1] 66 * 67 * - 14.28: if-unmodified-since handling. if-modified-since is 68 * done since, shouldn't be too hard for this one. 69 * 70 * [1] need to revisit to ensure proper behaviour 71 * 72 * and the following is a list of features that we do not need 73 * to have due to other limits, or are too lazy. there are more 74 * of these than are listed, but these are of particular note, 75 * and could perhaps be implemented. 76 * 77 * - 3.5/3.6: content/transfer codings. probably can ignore 78 * this? we "SHOULD"n't. but 4.4 says we should ignore a 79 * `content-length' header upon reciept of a `transfer-encoding' 80 * header. 81 * 82 * - 5.1.1: request methods. only MUST support GET and HEAD, 83 * but there are new ones besides POST that are currently 84 * supported: OPTIONS PUT DELETE TRACE and CONNECT, plus 85 * extensions not yet known? 86 * 87 * - 10.1: we can ignore informational status codes 88 * 89 * - 10.3.3/10.3.4/10.3.8: just use '302' codes always. 90 * 91 * - 14.1/14.2/14.3/14.27: we do not support Accept: headers. 92 * just ignore them and send the request anyway. they are 93 * only SHOULD. 94 * 95 * - 14.5/14.16/14.35: only support simple ranges: %d- and %d-%d 96 * would be nice to support more. 97 * 98 * - 14.9: we aren't a cache. 99 * 100 * - 14.15: content-md5 would be nice. 101 * 102 * - 14.24/14.26/14.27: if-match, if-none-match, if-range. be 103 * nice to support this. 104 * 105 * - 14.44: Vary: seems unneeded. ignore it for now. 106 */ 107 108 #ifndef INDEX_HTML 109 #define INDEX_HTML "index.html" 110 #endif 111 #ifndef SERVER_SOFTWARE 112 #define SERVER_SOFTWARE "bozohttpd/20190228" 113 #endif 114 #ifndef PUBLIC_HTML 115 #define PUBLIC_HTML "public_html" 116 #endif 117 118 #ifndef USE_ARG 119 #define USE_ARG(x) /*LINTED*/(void)&(x) 120 #endif 121 122 /* 123 * And so it begins .. 124 */ 125 126 #include <sys/param.h> 127 #include <sys/socket.h> 128 #include <sys/time.h> 129 #include <sys/mman.h> 130 131 #include <arpa/inet.h> 132 133 #include <ctype.h> 134 #include <dirent.h> 135 #include <errno.h> 136 #include <fcntl.h> 137 #include <netdb.h> 138 #include <pwd.h> 139 #include <grp.h> 140 #include <stdarg.h> 141 #include <stdlib.h> 142 #include <strings.h> 143 #include <string.h> 144 #include <syslog.h> 145 #include <time.h> 146 #include <unistd.h> 147 148 #include "bozohttpd.h" 149 150 #ifndef SSL_TIMEOUT 151 #define SSL_TIMEOUT "30" /* wait for 30 seconds for ssl handshake */ 152 #endif 153 #ifndef INITIAL_TIMEOUT 154 #define INITIAL_TIMEOUT "30" /* wait for 30 seconds initially */ 155 #endif 156 #ifndef HEADER_WAIT_TIME 157 #define HEADER_WAIT_TIME "10" /* need more headers every 10 seconds */ 158 #endif 159 #ifndef TOTAL_MAX_REQ_TIME 160 #define TOTAL_MAX_REQ_TIME "600" /* must have total request in 600 */ 161 #endif /* seconds */ 162 163 /* if monotonic time is not available try real time. */ 164 #ifndef CLOCK_MONOTONIC 165 #define CLOCK_MONOTONIC CLOCK_REALTIME 166 #endif 167 168 /* variables and functions */ 169 #ifndef LOG_FTP 170 #define LOG_FTP LOG_DAEMON 171 #endif 172 173 /* 174 * List of special file that we should never serve. 175 */ 176 struct { 177 const char *file; 178 const char *name; 179 } specials[] = { 180 { DIRECT_ACCESS_FILE, "rejected direct access request" }, 181 { REDIRECT_FILE, "rejected redirect request" }, 182 { ABSREDIRECT_FILE, "rejected absredirect request" }, 183 { REMAP_FILE, "rejected remap request" }, 184 { AUTH_FILE, "rejected authfile request" }, 185 { NULL, NULL }, 186 }; 187 188 volatile sig_atomic_t bozo_timeout_hit; 189 190 /* 191 * check there's enough space in the prefs and names arrays. 192 */ 193 static int 194 size_arrays(bozohttpd_t *httpd, bozoprefs_t *bozoprefs, size_t needed) 195 { 196 size_t len = sizeof(char *) * needed; 197 198 if (bozoprefs->size == 0) { 199 /* only get here first time around */ 200 bozoprefs->name = bozomalloc(httpd, len); 201 bozoprefs->value = bozomalloc(httpd, len); 202 } else if (bozoprefs->count == bozoprefs->size) { 203 /* only uses 'needed' when filled array */ 204 bozoprefs->name = bozorealloc(httpd, bozoprefs->name, len); 205 bozoprefs->value = bozorealloc(httpd, bozoprefs->value, len); 206 } 207 208 bozoprefs->size = needed; 209 return 1; 210 } 211 212 static ssize_t 213 findvar(bozoprefs_t *bozoprefs, const char *name) 214 { 215 size_t i; 216 217 for (i = 0; i < bozoprefs->count; i++) 218 if (strcmp(bozoprefs->name[i], name) == 0) 219 return (ssize_t)i; 220 return -1; 221 } 222 223 int 224 bozo_set_pref(bozohttpd_t *httpd, bozoprefs_t *bozoprefs, 225 const char *name, const char *value) 226 { 227 ssize_t i; 228 229 if ((i = findvar(bozoprefs, name)) < 0) { 230 /* add the element to the array */ 231 if (!size_arrays(httpd, bozoprefs, bozoprefs->size + 15)) 232 return 0; 233 i = bozoprefs->count++; 234 bozoprefs->name[i] = bozostrdup(httpd, NULL, name); 235 } else { 236 /* replace the element in the array */ 237 free(bozoprefs->value[i]); 238 } 239 bozoprefs->value[i] = bozostrdup(httpd, NULL, value); 240 return 1; 241 } 242 243 /* 244 * get a variable's value, or NULL 245 */ 246 char * 247 bozo_get_pref(bozoprefs_t *bozoprefs, const char *name) 248 { 249 ssize_t i; 250 251 i = findvar(bozoprefs, name); 252 return i < 0 ? NULL : bozoprefs->value[i]; 253 } 254 255 char * 256 bozo_http_date(char *date, size_t datelen) 257 { 258 struct tm *tm; 259 time_t now; 260 261 /* Sun, 06 Nov 1994 08:49:37 GMT */ 262 now = time(NULL); 263 tm = gmtime(&now); /* HTTP/1.1 spec rev 06 sez GMT only */ 264 strftime(date, datelen, "%a, %d %b %Y %H:%M:%S GMT", tm); 265 return date; 266 } 267 268 /* 269 * convert "in" into the three parts of a request (first line). 270 * we allocate into file and query, but return pointers into 271 * "in" for proto and method. 272 */ 273 static void 274 parse_request(bozohttpd_t *httpd, char *in, char **method, char **file, 275 char **query, char **proto) 276 { 277 ssize_t len; 278 char *val; 279 280 USE_ARG(httpd); 281 debug((httpd, DEBUG_EXPLODING, "parse in: %s", in)); 282 *method = *file = *query = *proto = NULL; 283 284 len = (ssize_t)strlen(in); 285 val = bozostrnsep(&in, " \t\n\r", &len); 286 if (len < 1 || val == NULL || in == NULL) 287 return; 288 *method = val; 289 290 while (*in == ' ' || *in == '\t') 291 in++; 292 val = bozostrnsep(&in, " \t\n\r", &len); 293 if (len < 1) { 294 if (len == 0) 295 *file = val; 296 else 297 *file = in; 298 } else { 299 *file = val; 300 301 *query = strchr(*file, '?'); 302 if (*query) 303 *(*query)++ = '\0'; 304 305 if (in) { 306 while (*in && (*in == ' ' || *in == '\t')) 307 in++; 308 if (*in) 309 *proto = in; 310 } 311 } 312 313 /* allocate private copies */ 314 *file = bozostrdup(httpd, NULL, *file); 315 if (*query) 316 *query = bozostrdup(httpd, NULL, *query); 317 318 debug((httpd, DEBUG_FAT, 319 "url: method: \"%s\" file: \"%s\" query: \"%s\" proto: \"%s\"", 320 *method, *file, *query, *proto)); 321 } 322 323 /* 324 * cleanup a bozo_httpreq_t after use 325 */ 326 void 327 bozo_clean_request(bozo_httpreq_t *request) 328 { 329 struct bozoheaders *hdr, *ohdr = NULL; 330 331 if (request == NULL) 332 return; 333 334 /* If SSL enabled cleanup SSL structure. */ 335 bozo_ssl_destroy(request->hr_httpd); 336 337 /* clean up request */ 338 free(request->hr_remotehost); 339 free(request->hr_remoteaddr); 340 free(request->hr_serverport); 341 free(request->hr_virthostname); 342 free(request->hr_file); 343 free(request->hr_oldfile); 344 free(request->hr_query); 345 free(request->hr_host); 346 bozo_user_free(request->hr_user); 347 bozo_auth_cleanup(request); 348 for (hdr = SIMPLEQ_FIRST(&request->hr_headers); hdr; 349 hdr = SIMPLEQ_NEXT(hdr, h_next)) { 350 free(hdr->h_value); 351 free(hdr->h_header); 352 free(ohdr); 353 ohdr = hdr; 354 } 355 free(ohdr); 356 ohdr = NULL; 357 for (hdr = SIMPLEQ_FIRST(&request->hr_replheaders); hdr; 358 hdr = SIMPLEQ_NEXT(hdr, h_next)) { 359 free(hdr->h_value); 360 free(hdr->h_header); 361 free(ohdr); 362 ohdr = hdr; 363 } 364 free(ohdr); 365 366 free(request); 367 } 368 369 /* 370 * send a HTTP/1.1 408 response if we timeout. 371 */ 372 /* ARGSUSED */ 373 static void 374 alarmer(int sig) 375 { 376 bozo_timeout_hit = 1; 377 } 378 379 380 /* 381 * set a timeout for "ssl", "initial", "header", or "request". 382 */ 383 int 384 bozo_set_timeout(bozohttpd_t *httpd, bozoprefs_t *prefs, 385 const char *target, const char *val) 386 { 387 const char **cur, *timeouts[] = { 388 "ssl timeout", 389 "initial timeout", 390 "header timeout", 391 "request timeout", 392 NULL, 393 }; 394 /* adjust minlen if more timeouts appear with conflicting names */ 395 const size_t minlen = 1; 396 size_t len = strlen(target); 397 398 for (cur = timeouts; len >= minlen && *cur; cur++) { 399 if (strncmp(target, *cur, len) == 0) { 400 bozo_set_pref(httpd, prefs, *cur, val); 401 return 0; 402 } 403 } 404 return 1; 405 } 406 407 /* 408 * a list of header quirks: currently, a list of headers that 409 * can't be folded into a single line. 410 */ 411 const char *header_quirks[] = { "WWW-Authenticate", NULL }; 412 413 /* 414 * add or merge this header (val: str) into the requests list 415 */ 416 static bozoheaders_t * 417 addmerge_header(bozo_httpreq_t *request, struct qheaders *headers, 418 const char *val, const char *str, ssize_t len) 419 { 420 struct bozohttpd_t *httpd = request->hr_httpd; 421 struct bozoheaders *hdr = NULL; 422 const char **quirk; 423 424 USE_ARG(len); 425 for (quirk = header_quirks; *quirk; quirk++) 426 if (strcasecmp(*quirk, val) == 0) 427 break; 428 429 if (*quirk == NULL) { 430 /* do we exist already? */ 431 SIMPLEQ_FOREACH(hdr, headers, h_next) { 432 if (strcasecmp(val, hdr->h_header) == 0) 433 break; 434 } 435 } 436 437 if (hdr) { 438 /* yup, merge it in */ 439 char *nval; 440 441 bozoasprintf(httpd, &nval, "%s, %s", hdr->h_value, str); 442 free(hdr->h_value); 443 hdr->h_value = nval; 444 } else { 445 /* nope, create a new one */ 446 447 hdr = bozomalloc(httpd, sizeof *hdr); 448 hdr->h_header = bozostrdup(httpd, request, val); 449 if (str && *str) 450 hdr->h_value = bozostrdup(httpd, request, str); 451 else 452 hdr->h_value = bozostrdup(httpd, request, " "); 453 454 SIMPLEQ_INSERT_TAIL(headers, hdr, h_next); 455 request->hr_nheaders++; 456 } 457 458 return hdr; 459 } 460 461 bozoheaders_t * 462 addmerge_reqheader(bozo_httpreq_t *request, const char *val, const char *str, 463 ssize_t len) 464 { 465 466 return addmerge_header(request, &request->hr_headers, val, str, len); 467 } 468 469 bozoheaders_t * 470 addmerge_replheader(bozo_httpreq_t *request, const char *val, const char *str, 471 ssize_t len) 472 { 473 474 return addmerge_header(request, &request->hr_replheaders, 475 val, str, len); 476 } 477 478 /* 479 * as the prototype string is not constant (eg, "HTTP/1.1" is equivalent 480 * to "HTTP/001.01"), we MUST parse this. 481 */ 482 static int 483 process_proto(bozo_httpreq_t *request, const char *proto) 484 { 485 struct bozohttpd_t *httpd = request->hr_httpd; 486 char majorstr[16], *minorstr; 487 int majorint, minorint; 488 489 if (proto == NULL) { 490 got_proto_09: 491 request->hr_proto = httpd->consts.http_09; 492 debug((httpd, DEBUG_FAT, "request %s is http/0.9", 493 request->hr_file)); 494 return 0; 495 } 496 497 if (strncasecmp(proto, "HTTP/", 5) != 0) 498 goto bad; 499 strncpy(majorstr, proto + 5, sizeof majorstr); 500 majorstr[sizeof(majorstr)-1] = 0; 501 minorstr = strchr(majorstr, '.'); 502 if (minorstr == NULL) 503 goto bad; 504 *minorstr++ = 0; 505 506 majorint = atoi(majorstr); 507 minorint = atoi(minorstr); 508 509 switch (majorint) { 510 case 0: 511 if (minorint != 9) 512 break; 513 goto got_proto_09; 514 case 1: 515 if (minorint == 0) 516 request->hr_proto = httpd->consts.http_10; 517 else if (minorint == 1) 518 request->hr_proto = httpd->consts.http_11; 519 else 520 break; 521 522 debug((httpd, DEBUG_FAT, "request %s is %s", 523 request->hr_file, request->hr_proto)); 524 SIMPLEQ_INIT(&request->hr_headers); 525 request->hr_nheaders = 0; 526 return 0; 527 } 528 bad: 529 return bozo_http_error(httpd, 404, NULL, "unknown prototype"); 530 } 531 532 /* 533 * process each type of HTTP method, setting this HTTP requests 534 * method type. 535 */ 536 static struct method_map { 537 const char *name; 538 int type; 539 } method_map[] = { 540 { "GET", HTTP_GET, }, 541 { "POST", HTTP_POST, }, 542 { "HEAD", HTTP_HEAD, }, 543 #if 0 /* other non-required http/1.1 methods */ 544 { "OPTIONS", HTTP_OPTIONS, }, 545 { "PUT", HTTP_PUT, }, 546 { "DELETE", HTTP_DELETE, }, 547 { "TRACE", HTTP_TRACE, }, 548 { "CONNECT", HTTP_CONNECT, }, 549 #endif 550 { NULL, 0, }, 551 }; 552 553 static int 554 process_method(bozo_httpreq_t *request, const char *method) 555 { 556 struct bozohttpd_t *httpd = request->hr_httpd; 557 struct method_map *mmp; 558 559 if (request->hr_proto == httpd->consts.http_11) 560 request->hr_allow = "GET, HEAD, POST"; 561 562 for (mmp = method_map; mmp->name; mmp++) 563 if (strcasecmp(method, mmp->name) == 0) { 564 request->hr_method = mmp->type; 565 request->hr_methodstr = mmp->name; 566 return 0; 567 } 568 569 return bozo_http_error(httpd, 404, request, "unknown method"); 570 } 571 572 /* check header byte count */ 573 static int 574 bozo_got_header_length(bozo_httpreq_t *request, size_t len) 575 { 576 577 if (len > BOZO_HEADERS_MAX_SIZE - request->hr_header_bytes) 578 return bozo_http_error(request->hr_httpd, 413, request, 579 "too many headers"); 580 581 request->hr_header_bytes += len; 582 583 return 0; 584 } 585 586 /* 587 * This function reads a http request from stdin, returning a pointer to a 588 * bozo_httpreq_t structure, describing the request. 589 */ 590 bozo_httpreq_t * 591 bozo_read_request(bozohttpd_t *httpd) 592 { 593 struct sigaction sa; 594 char *str, *val, *method, *file, *proto, *query; 595 char *host, *addr, *port; 596 char bufport[10]; 597 char hbuf[NI_MAXHOST], abuf[NI_MAXHOST]; 598 struct sockaddr_storage ss; 599 ssize_t len; 600 int line = 0; 601 socklen_t slen; 602 bozo_httpreq_t *request; 603 struct timespec ots, ts; 604 605 /* 606 * if we're in daemon mode, bozo_daemon_fork() will return here twice 607 * for each call. once in the child, returning 0, and once in the 608 * parent, returning 1 for each child. 609 */ 610 if (bozo_daemon_fork(httpd)) 611 return NULL; 612 613 request = bozomalloc(httpd, sizeof(*request)); 614 memset(request, 0, sizeof(*request)); 615 request->hr_httpd = httpd; 616 request->hr_allow = request->hr_host = NULL; 617 request->hr_content_type = request->hr_content_length = NULL; 618 request->hr_range = NULL; 619 request->hr_last_byte_pos = -1; 620 request->hr_if_modified_since = NULL; 621 request->hr_virthostname = NULL; 622 request->hr_file = NULL; 623 request->hr_oldfile = NULL; 624 SIMPLEQ_INIT(&request->hr_replheaders); 625 bozo_auth_init(request); 626 627 slen = sizeof(ss); 628 if (getpeername(0, (struct sockaddr *)(void *)&ss, &slen) < 0) 629 host = addr = NULL; 630 else { 631 if (getnameinfo((struct sockaddr *)(void *)&ss, slen, 632 abuf, sizeof abuf, NULL, 0, NI_NUMERICHOST) == 0) 633 addr = abuf; 634 else 635 addr = NULL; 636 if (httpd->numeric == 0 && 637 getnameinfo((struct sockaddr *)(void *)&ss, slen, 638 hbuf, sizeof hbuf, NULL, 0, 0) == 0) 639 host = hbuf; 640 else 641 host = NULL; 642 } 643 if (host != NULL) 644 request->hr_remotehost = bozostrdup(httpd, request, host); 645 if (addr != NULL) 646 request->hr_remoteaddr = bozostrdup(httpd, request, addr); 647 slen = sizeof(ss); 648 649 /* 650 * Override the bound port from the request value, so it works even 651 * if passed through a proxy that doesn't rewrite the port. 652 */ 653 if (httpd->bindport) { 654 if (strcmp(httpd->bindport, "80") != 0) 655 port = httpd->bindport; 656 else 657 port = NULL; 658 } else { 659 if (getsockname(0, (struct sockaddr *)(void *)&ss, &slen) < 0) 660 port = NULL; 661 else { 662 if (getnameinfo((struct sockaddr *)(void *)&ss, slen, 663 NULL, 0, bufport, sizeof bufport, 664 NI_NUMERICSERV) == 0) 665 port = bufport; 666 else 667 port = NULL; 668 } 669 } 670 if (port != NULL) 671 request->hr_serverport = bozostrdup(httpd, request, port); 672 673 /* 674 * setup a timer to make sure the request is not hung 675 */ 676 sa.sa_handler = alarmer; 677 sigemptyset(&sa.sa_mask); 678 sigaddset(&sa.sa_mask, SIGALRM); 679 sa.sa_flags = 0; 680 sigaction(SIGALRM, &sa, NULL); 681 682 if (clock_gettime(CLOCK_MONOTONIC, &ots) != 0) { 683 bozo_http_error(httpd, 500, NULL, "clock_gettime failed"); 684 goto cleanup; 685 } 686 687 /* 688 * now to try to setup SSL, and upon failure parent can signal the 689 * caller there was no request to process and it will wait for 690 * another. 691 */ 692 if (bozo_ssl_accept(httpd)) 693 return NULL; 694 695 alarm(httpd->initial_timeout); 696 while ((str = bozodgetln(httpd, STDIN_FILENO, &len, bozo_read)) != NULL) { 697 alarm(0); 698 699 if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) { 700 bozo_http_error(httpd, 500, NULL, "clock_gettime failed"); 701 goto cleanup; 702 } 703 /* 704 * don't timeout if old tv_sec is not more than current 705 * tv_sec, or if current tv_sec is less than the request 706 * timeout (these shouldn't happen, but the first could 707 * if monotonic time is not available.) 708 * 709 * the other timeout and header size checks should ensure 710 * that even if time it set backwards or forwards a very 711 * long way, timeout will eventually happen, even if this 712 * one fails. 713 */ 714 if (ts.tv_sec > ots.tv_sec && 715 ts.tv_sec > httpd->request_timeout && 716 ts.tv_sec - httpd->request_timeout > ots.tv_sec) 717 bozo_timeout_hit = 1; 718 719 if (bozo_timeout_hit) { 720 bozo_http_error(httpd, 408, NULL, "request timed out"); 721 goto cleanup; 722 } 723 line++; 724 725 if (line == 1) { 726 if (len < 1) { 727 bozo_http_error(httpd, 404, NULL, "null method"); 728 goto cleanup; 729 } 730 bozowarn(httpd, 731 "got request ``%s'' from host %s to port %s", 732 str, 733 host ? host : addr ? addr : "<local>", 734 port ? port : "<stdin>"); 735 736 /* we allocate return space in file and query only */ 737 parse_request(httpd, str, &method, &file, &query, &proto); 738 request->hr_file = file; 739 request->hr_query = query; 740 if (method == NULL) { 741 bozo_http_error(httpd, 404, NULL, "null method"); 742 goto cleanup; 743 } 744 if (file == NULL) { 745 bozo_http_error(httpd, 404, NULL, "null file"); 746 goto cleanup; 747 } 748 749 /* 750 * note that we parse the proto first, so that we 751 * can more properly parse the method and the url. 752 */ 753 754 if (process_proto(request, proto) || 755 process_method(request, method)) { 756 goto cleanup; 757 } 758 759 debug((httpd, DEBUG_FAT, "got file \"%s\" query \"%s\"", 760 request->hr_file, 761 request->hr_query ? request->hr_query : "<none>")); 762 763 /* http/0.9 has no header processing */ 764 if (request->hr_proto == httpd->consts.http_09) 765 break; 766 } else { /* incoming headers */ 767 bozoheaders_t *hdr; 768 769 if (*str == '\0') 770 break; 771 772 val = bozostrnsep(&str, ":", &len); 773 debug((httpd, DEBUG_EXPLODING, "read_req2: after " 774 "bozostrnsep: str `%s' val `%s'", str, val)); 775 if (val == NULL || len == -1) { 776 bozo_http_error(httpd, 404, request, "no header"); 777 goto cleanup; 778 } 779 while (*str == ' ' || *str == '\t') 780 len--, str++; 781 while (*val == ' ' || *val == '\t') 782 val++; 783 784 if (bozo_got_header_length(request, len)) 785 goto cleanup; 786 787 if (bozo_auth_check_headers(request, val, str, len)) 788 goto next_header; 789 790 hdr = addmerge_reqheader(request, val, str, len); 791 792 if (strcasecmp(hdr->h_header, "content-type") == 0) 793 request->hr_content_type = hdr->h_value; 794 else if (strcasecmp(hdr->h_header, "content-length") == 0) 795 request->hr_content_length = hdr->h_value; 796 else if (strcasecmp(hdr->h_header, "host") == 0) { 797 if (request->hr_host) { 798 /* RFC 7230 (HTTP/1.1): 5.4 */ 799 bozo_http_error(httpd, 400, request, 800 "Only allow one Host: header"); 801 goto cleanup; 802 } 803 request->hr_host = bozostrdup(httpd, request, 804 hdr->h_value); 805 } 806 /* RFC 2616 (HTTP/1.1): 14.20 */ 807 else if (strcasecmp(hdr->h_header, "expect") == 0) { 808 bozo_http_error(httpd, 417, request, 809 "we don't support Expect:"); 810 goto cleanup; 811 } 812 else if (strcasecmp(hdr->h_header, "referrer") == 0 || 813 strcasecmp(hdr->h_header, "referer") == 0) 814 request->hr_referrer = hdr->h_value; 815 else if (strcasecmp(hdr->h_header, "range") == 0) 816 request->hr_range = hdr->h_value; 817 else if (strcasecmp(hdr->h_header, 818 "if-modified-since") == 0) 819 request->hr_if_modified_since = hdr->h_value; 820 else if (strcasecmp(hdr->h_header, 821 "accept-encoding") == 0) 822 request->hr_accept_encoding = hdr->h_value; 823 824 debug((httpd, DEBUG_FAT, "adding header %s: %s", 825 hdr->h_header, hdr->h_value)); 826 } 827 next_header: 828 alarm(httpd->header_timeout); 829 } 830 831 /* now, clear it all out */ 832 alarm(0); 833 signal(SIGALRM, SIG_DFL); 834 835 /* RFC1945, 8.3 */ 836 if (request->hr_method == HTTP_POST && 837 request->hr_content_length == NULL) { 838 bozo_http_error(httpd, 400, request, "missing content length"); 839 goto cleanup; 840 } 841 842 /* RFC 2616 (HTTP/1.1), 14.23 & 19.6.1.1 */ 843 if (request->hr_proto == httpd->consts.http_11 && 844 /*(strncasecmp(request->hr_file, "http://", 7) != 0) &&*/ 845 request->hr_host == NULL) { 846 bozo_http_error(httpd, 400, request, "missing Host header"); 847 goto cleanup; 848 } 849 850 if (request->hr_range != NULL) { 851 debug((httpd, DEBUG_FAT, "hr_range: %s", request->hr_range)); 852 /* support only simple ranges %d- and %d-%d */ 853 if (strchr(request->hr_range, ',') == NULL) { 854 const char *rstart, *dash; 855 856 rstart = strchr(request->hr_range, '='); 857 if (rstart != NULL) { 858 rstart++; 859 dash = strchr(rstart, '-'); 860 if (dash != NULL && dash != rstart) { 861 dash++; 862 request->hr_have_range = 1; 863 request->hr_first_byte_pos = 864 strtoll(rstart, NULL, 10); 865 if (request->hr_first_byte_pos < 0) 866 request->hr_first_byte_pos = 0; 867 if (*dash != '\0') { 868 request->hr_last_byte_pos = 869 strtoll(dash, NULL, 10); 870 if (request->hr_last_byte_pos < 0) 871 request->hr_last_byte_pos = -1; 872 } 873 } 874 } 875 } 876 } 877 878 debug((httpd, DEBUG_FAT, "bozo_read_request returns url %s in request", 879 request->hr_file)); 880 return request; 881 882 cleanup: 883 bozo_clean_request(request); 884 885 return NULL; 886 } 887 888 static int 889 mmap_and_write_part(bozohttpd_t *httpd, int fd, off_t first_byte_pos, size_t sz) 890 { 891 size_t mappedsz, wroffset; 892 off_t mappedoffset; 893 char *addr; 894 void *mappedaddr; 895 896 /* 897 * we need to ensure that both the size *and* offset arguments to 898 * mmap() are page-aligned. our formala for this is: 899 * 900 * input offset: first_byte_pos 901 * input size: sz 902 * 903 * mapped offset = page align truncate (input offset) 904 * mapped size = 905 * page align extend (input offset - mapped offset + input size) 906 * write offset = input offset - mapped offset 907 * 908 * we use the write offset in all writes 909 */ 910 mappedoffset = first_byte_pos & ~(httpd->page_size - 1); 911 mappedsz = (size_t) 912 (first_byte_pos - mappedoffset + sz + httpd->page_size - 1) & 913 ~(httpd->page_size - 1); 914 wroffset = (size_t)(first_byte_pos - mappedoffset); 915 916 addr = mmap(0, mappedsz, PROT_READ, MAP_SHARED, fd, mappedoffset); 917 if (addr == (char *)-1) { 918 bozowarn(httpd, "mmap failed: %s", strerror(errno)); 919 return -1; 920 } 921 mappedaddr = addr; 922 923 #ifdef MADV_SEQUENTIAL 924 (void)madvise(addr, sz, MADV_SEQUENTIAL); 925 #endif 926 while (sz > BOZO_WRSZ) { 927 if (bozo_write(httpd, STDOUT_FILENO, addr + wroffset, 928 BOZO_WRSZ) != BOZO_WRSZ) { 929 bozowarn(httpd, "write failed: %s", strerror(errno)); 930 goto out; 931 } 932 debug((httpd, DEBUG_OBESE, "wrote %d bytes", BOZO_WRSZ)); 933 sz -= BOZO_WRSZ; 934 addr += BOZO_WRSZ; 935 } 936 if (sz && (size_t)bozo_write(httpd, STDOUT_FILENO, addr + wroffset, 937 sz) != sz) { 938 bozowarn(httpd, "final write failed: %s", strerror(errno)); 939 goto out; 940 } 941 debug((httpd, DEBUG_OBESE, "wrote %d bytes", (int)sz)); 942 out: 943 if (munmap(mappedaddr, mappedsz) < 0) { 944 bozowarn(httpd, "munmap failed"); 945 return -1; 946 } 947 948 return 0; 949 } 950 951 static int 952 parse_http_date(const char *val, time_t *timestamp) 953 { 954 char *remainder; 955 struct tm tm; 956 957 if ((remainder = strptime(val, "%a, %d %b %Y %T GMT", &tm)) == NULL && 958 (remainder = strptime(val, "%a, %d-%b-%y %T GMT", &tm)) == NULL && 959 (remainder = strptime(val, "%a %b %d %T %Y", &tm)) == NULL) 960 return 0; /* Invalid HTTP date format */ 961 962 if (*remainder) 963 return 0; /* No trailing garbage */ 964 965 *timestamp = timegm(&tm); 966 return 1; 967 } 968 969 /* 970 * given an url, encode it ala rfc 3986. ie, escape ? and friends. 971 * note that this function returns a static buffer, and thus needs 972 * to be updated for any sort of parallel processing. escape only 973 * chosen characters for absolute redirects 974 */ 975 char * 976 bozo_escape_rfc3986(bozohttpd_t *httpd, const char *url, int absolute) 977 { 978 static char *buf; 979 static size_t buflen = 0; 980 size_t len; 981 const char *s; 982 char *d; 983 984 len = strlen(url); 985 if (buflen < len * 3 + 1) { 986 buflen = len * 3 + 1; 987 buf = bozorealloc(httpd, buf, buflen); 988 } 989 990 for (s = url, d = buf; *s;) { 991 if (*s & 0x80) 992 goto encode_it; 993 switch (*s) { 994 case ':': 995 case '?': 996 case '#': 997 case '[': 998 case ']': 999 case '@': 1000 case '!': 1001 case '$': 1002 case '&': 1003 case '\'': 1004 case '(': 1005 case ')': 1006 case '*': 1007 case '+': 1008 case ',': 1009 case ';': 1010 case '=': 1011 case '%': 1012 case '"': 1013 if (absolute) 1014 goto leave_it; 1015 /*FALLTHROUGH*/ 1016 case '\n': 1017 case '\r': 1018 case ' ': 1019 encode_it: 1020 snprintf(d, 4, "%%%02X", (unsigned char)*s++); 1021 d += 3; 1022 break; 1023 default: 1024 leave_it: 1025 *d++ = *s++; 1026 break; 1027 } 1028 } 1029 *d = 0; 1030 1031 return buf; 1032 } 1033 1034 /* 1035 * do automatic redirection -- if there are query parameters or userdir for 1036 * the URL we will tack these on to the new (redirected) URL. 1037 */ 1038 static void 1039 handle_redirect(bozo_httpreq_t *request, const char *url, int absolute) 1040 { 1041 bozohttpd_t *httpd = request->hr_httpd; 1042 char *finalurl, *urlbuf; 1043 #ifndef NO_USER_SUPPORT 1044 char *userbuf; 1045 #endif /* !NO_USER_SUPPORT */ 1046 char portbuf[20]; 1047 const char *scheme, *query, *quest; 1048 const char *hostname = BOZOHOST(httpd, request); 1049 int absproto = 0; /* absolute redirect provides own schema */ 1050 1051 if (url == NULL) { 1052 bozoasprintf(httpd, &urlbuf, "/%s/", request->hr_file); 1053 url = urlbuf; 1054 } else 1055 urlbuf = NULL; 1056 1057 #ifndef NO_USER_SUPPORT 1058 if (request->hr_user && !absolute) { 1059 bozoasprintf(httpd, &userbuf, "/~%s%s", request->hr_user, url); 1060 url = userbuf; 1061 } else 1062 userbuf = NULL; 1063 #endif /* !NO_USER_SUPPORT */ 1064 1065 if (absolute) { 1066 char *sep = NULL; 1067 const char *s; 1068 1069 /* 1070 * absolute redirect may specify own protocol i.e. to redirect 1071 * to another schema like https:// or ftp://. 1072 * Details: RFC 3986, section 3. 1073 */ 1074 1075 /* 1. check if url contains :// */ 1076 sep = strstr(url, "://"); 1077 1078 /* 1079 * RFC 3986, section 3.1: 1080 * scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) 1081 */ 1082 if (sep) { 1083 for (s = url; s != sep;) { 1084 if (!isalnum((int)*s) && 1085 *s != '+' && *s != '-' && *s != '.') 1086 break; 1087 if (++s == sep) { 1088 absproto = 1; 1089 } 1090 } 1091 } 1092 } 1093 1094 /* construct final redirection url */ 1095 1096 scheme = absproto ? "" : httpd->sslinfo ? "https://" : "http://"; 1097 1098 if (absolute) { 1099 hostname = ""; 1100 portbuf[0] = '\0'; 1101 } else { 1102 const char *defport = httpd->sslinfo ? "443" : "80"; 1103 1104 if (request->hr_serverport && 1105 strcmp(request->hr_serverport, defport) != 0) 1106 snprintf(portbuf, sizeof(portbuf), ":%s", 1107 request->hr_serverport); 1108 else 1109 portbuf[0] = '\0'; 1110 } 1111 1112 url = bozo_escape_rfc3986(httpd, url, absolute); 1113 1114 if (request->hr_query && strlen(request->hr_query)) { 1115 query = request->hr_query; 1116 quest = "?"; 1117 } else { 1118 query = quest = ""; 1119 } 1120 1121 bozoasprintf(httpd, &finalurl, "%s%s%s%s%s%s", 1122 scheme, hostname, portbuf, url, quest, query); 1123 1124 bozowarn(httpd, "redirecting %s", finalurl); 1125 debug((httpd, DEBUG_FAT, "redirecting %s", finalurl)); 1126 1127 bozo_printf(httpd, "%s 301 Document Moved\r\n", request->hr_proto); 1128 if (request->hr_proto != httpd->consts.http_09) 1129 bozo_print_header(request, NULL, "text/html", NULL); 1130 if (request->hr_proto != httpd->consts.http_09) 1131 bozo_printf(httpd, "Location: %s\r\n", finalurl); 1132 bozo_printf(httpd, "\r\n"); 1133 if (request->hr_method == HTTP_HEAD) 1134 goto head; 1135 bozo_printf(httpd, "<html><head><title>Document Moved</title></head>\n"); 1136 bozo_printf(httpd, "<body><h1>Document Moved</h1>\n"); 1137 bozo_printf(httpd, "This document had moved <a href=\"%s\">here</a>\n", 1138 finalurl); 1139 bozo_printf(httpd, "</body></html>\n"); 1140 head: 1141 bozo_flush(httpd, stdout); 1142 free(urlbuf); 1143 free(finalurl); 1144 #ifndef NO_USER_SUPPORT 1145 free(userbuf); 1146 #endif /* !NO_USER_SUPPORT */ 1147 } 1148 1149 /* 1150 * Like strncmp(), but s_esc may contain characters escaped by \. 1151 * The len argument does not include the backslashes used for escaping, 1152 * that is: it gives the raw len, after unescaping the string. 1153 */ 1154 static int 1155 esccmp(const char *s_plain, const char *s_esc, size_t len) 1156 { 1157 bool esc = false; 1158 1159 while (len) { 1160 if (!esc && *s_esc == '\\') { 1161 esc = true; 1162 s_esc++; 1163 continue; 1164 } 1165 esc = false; 1166 if (*s_plain == 0 || *s_esc == 0 || *s_plain != *s_esc) 1167 return *s_esc - *s_plain; 1168 s_esc++; 1169 s_plain++; 1170 len--; 1171 } 1172 return 0; 1173 } 1174 1175 /* 1176 * Check if the request refers to a uri that is mapped via a .bzremap. 1177 * We have /requested/path:/re/mapped/to/this.html lines in there, 1178 * and the : separator may be use in the left hand side escaped with 1179 * \ to encode a path containig a : character. 1180 */ 1181 static void 1182 check_remap(bozo_httpreq_t *request) 1183 { 1184 bozohttpd_t *httpd = request->hr_httpd; 1185 char *file = request->hr_file, *newfile; 1186 void *fmap; 1187 const char *replace = NULL, *map_to = NULL, *p; 1188 struct stat st; 1189 int mapfile; 1190 size_t avail, len, rlen, reqlen, num_esc = 0; 1191 bool escaped = false; 1192 1193 mapfile = open(REMAP_FILE, O_RDONLY, 0); 1194 if (mapfile == -1) 1195 return; 1196 debug((httpd, DEBUG_FAT, "remap file found")); 1197 if (fstat(mapfile, &st) == -1) { 1198 bozowarn(httpd, "could not stat " REMAP_FILE ", errno: %d", 1199 errno); 1200 goto out; 1201 } 1202 1203 fmap = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, mapfile, 0); 1204 if (fmap == NULL) { 1205 bozowarn(httpd, "could not mmap " REMAP_FILE ", error %d", 1206 errno); 1207 goto out; 1208 } 1209 reqlen = strlen(file); 1210 for (p = fmap, avail = st.st_size; avail; ) { 1211 /* 1212 * We have lines like: 1213 * /this/url:/replacement/that/url 1214 * If we find a matching left hand side, replace will point 1215 * to it and len will be its length. map_to will point to 1216 * the right hand side and rlen wil be its length. 1217 * If we have no match, both pointers will be NULL. 1218 */ 1219 1220 /* skip empty lines */ 1221 while ((*p == '\r' || *p == '\n') && avail) { 1222 p++; 1223 avail--; 1224 } 1225 replace = p; 1226 escaped = false; 1227 while (avail) { 1228 if (*p == '\r' || *p == '\n') 1229 break; 1230 if (!escaped && *p == ':') 1231 break; 1232 if (escaped) { 1233 escaped = false; 1234 num_esc++; 1235 } else if (*p == '\\') { 1236 escaped = true; 1237 } 1238 p++; 1239 avail--; 1240 } 1241 if (!avail || *p != ':') { 1242 replace = NULL; 1243 map_to = NULL; 1244 break; 1245 } 1246 len = p - replace - num_esc; 1247 /* 1248 * reqlen < len: the left hand side is too long, can't be a 1249 * match 1250 * reqlen == len: full string has to match 1251 * reqlen > len: make sure there is a path separator at 'len' 1252 * avail < 2: we are at eof, missing right hand side 1253 */ 1254 if (avail < 2 || reqlen < len || 1255 (reqlen == len && esccmp(file, replace, len) != 0) || 1256 (reqlen > len && (file[len] != '/' || 1257 esccmp(file, replace, len) != 0))) { 1258 1259 /* non-match, skip to end of line and continue */ 1260 while (*p != '\r' && *p != '\n' && avail) { 1261 p++; 1262 avail--; 1263 } 1264 replace = NULL; 1265 map_to = NULL; 1266 continue; 1267 } 1268 p++; 1269 avail--; 1270 1271 /* found a match, parse the target */ 1272 map_to = p; 1273 while (*p != '\r' && *p != '\n' && avail) { 1274 p++; 1275 avail--; 1276 } 1277 rlen = p - map_to; 1278 break; 1279 } 1280 1281 if (replace && map_to) { 1282 newfile = bozomalloc(httpd, strlen(file) + rlen - len + 1); 1283 memcpy(newfile, map_to, rlen); 1284 strcpy(newfile+rlen, file + len); 1285 debug((httpd, DEBUG_NORMAL, "remapping found '%s'", 1286 newfile)); 1287 free(request->hr_file); 1288 request->hr_file = newfile; 1289 } 1290 1291 munmap(fmap, st.st_size); 1292 out: 1293 close(mapfile); 1294 } 1295 1296 /* 1297 * deal with virtual host names; we do this: 1298 * if we have a virtual path root (httpd->virtbase), and we are given a 1299 * virtual host spec (Host: ho.st or http://ho.st/), see if this 1300 * directory exists under httpd->virtbase. if it does, use this as the 1301 # new slashdir. 1302 */ 1303 static int 1304 check_virtual(bozo_httpreq_t *request) 1305 { 1306 bozohttpd_t *httpd = request->hr_httpd; 1307 char *file = request->hr_file, *s; 1308 size_t len; 1309 1310 /* 1311 * convert http://virtual.host/ to request->hr_host 1312 */ 1313 debug((httpd, DEBUG_OBESE, 1314 "checking for http:// virtual host in '%s'", file)); 1315 if (strncasecmp(file, "http://", 7) == 0) { 1316 /* bozostrdup() might access it. */ 1317 char *old_file = request->hr_file; 1318 1319 /* we would do virtual hosting here? */ 1320 file += 7; 1321 /* RFC 2616 (HTTP/1.1), 5.2: URI takes precedence over Host: */ 1322 free(request->hr_host); 1323 request->hr_host = bozostrdup(httpd, request, file); 1324 if ((s = strchr(request->hr_host, '/')) != NULL) 1325 *s = '\0'; 1326 s = strchr(file, '/'); 1327 request->hr_file = bozostrdup(httpd, request, s ? s : "/"); 1328 free(old_file); 1329 debug((httpd, DEBUG_OBESE, "got host '%s' file is now '%s'", 1330 request->hr_host, request->hr_file)); 1331 } else if (!request->hr_host) 1332 goto use_slashdir; 1333 1334 /* 1335 * canonicalise hr_host - that is, remove any :80. 1336 */ 1337 len = strlen(request->hr_host); 1338 if (len > 3 && strcmp(request->hr_host + len - 3, ":80") == 0) { 1339 request->hr_host[len - 3] = '\0'; 1340 len = strlen(request->hr_host); 1341 } 1342 1343 if (!httpd->virtbase) { 1344 /* 1345 * if we don't use vhost support, then set virthostname if 1346 * user supplied Host header. It will be used for possible 1347 * redirections 1348 */ 1349 if (request->hr_host) { 1350 s = strrchr(request->hr_host, ':'); 1351 if (s != NULL) 1352 /* 1353 * truncate Host: as we want to copy it 1354 * without port part 1355 */ 1356 *s = '\0'; 1357 request->hr_virthostname = bozostrdup(httpd, request, 1358 request->hr_host); 1359 if (s != NULL) 1360 /* fix Host: again, if we truncated it */ 1361 *s = ':'; 1362 } 1363 goto use_slashdir; 1364 } 1365 1366 /* 1367 * ok, we have a virtual host, use opendir(3) to find a case 1368 * insensitive match for the virtual host we are asked for. 1369 * note that if the virtual host is the same as the master, 1370 * we don't need to do anything special. 1371 */ 1372 debug((httpd, DEBUG_OBESE, 1373 "check_virtual: checking host `%s' under httpd->virtbase `%s' " 1374 "for file `%s'", 1375 request->hr_host, httpd->virtbase, request->hr_file)); 1376 if (strncasecmp(httpd->virthostname, request->hr_host, len) != 0) { 1377 s = NULL; 1378 DIR *dirp; 1379 struct dirent *d; 1380 1381 if ((dirp = opendir(httpd->virtbase)) != NULL) { 1382 while ((d = readdir(dirp)) != NULL) { 1383 if (strcmp(d->d_name, ".") == 0 || 1384 strcmp(d->d_name, "..") == 0) { 1385 continue; 1386 } 1387 debug((httpd, DEBUG_OBESE, "looking at dir '%s'", 1388 d->d_name)); 1389 if (strcmp(d->d_name, request->hr_host) == 0) { 1390 /* found it, punch it */ 1391 debug((httpd, DEBUG_OBESE, "found it punch it")); 1392 request->hr_virthostname = 1393 bozostrdup(httpd, request, d->d_name); 1394 bozoasprintf(httpd, &s, "%s/%s", 1395 httpd->virtbase, 1396 request->hr_virthostname); 1397 break; 1398 } 1399 } 1400 closedir(dirp); 1401 } 1402 else { 1403 debug((httpd, DEBUG_FAT, "opendir %s failed: %s", 1404 httpd->virtbase, strerror(errno))); 1405 } 1406 if (s == 0) { 1407 if (httpd->unknown_slash) 1408 goto use_slashdir; 1409 return bozo_http_error(httpd, 404, request, 1410 "unknown URL"); 1411 } 1412 } else 1413 use_slashdir: 1414 s = httpd->slashdir; 1415 1416 /* 1417 * ok, nailed the correct slashdir, chdir to it 1418 */ 1419 if (chdir(s) < 0) 1420 return bozo_http_error(httpd, 404, request, 1421 "can't chdir to slashdir"); 1422 1423 /* 1424 * is there a mapping for this request? 1425 */ 1426 check_remap(request); 1427 1428 return 0; 1429 } 1430 1431 /* 1432 * checks to see if this request has a valid .bzredirect file. returns 1433 * 0 when no redirection happend, or 1 when handle_redirect() has been 1434 * called, -1 on error. 1435 */ 1436 static int 1437 check_bzredirect(bozo_httpreq_t *request) 1438 { 1439 bozohttpd_t *httpd = request->hr_httpd; 1440 struct stat sb; 1441 char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1], 1442 path[MAXPATHLEN + 1]; 1443 char *basename, *finalredir; 1444 int rv, absolute; 1445 1446 /* 1447 * if this pathname is really a directory, but doesn't end in /, 1448 * use it as the directory to look for the redir file. 1449 */ 1450 if ((size_t)snprintf(dir, sizeof(dir), "%s", request->hr_file + 1) >= 1451 sizeof(dir)) { 1452 bozo_http_error(httpd, 404, request, "file path too long"); 1453 return -1; 1454 } 1455 debug((httpd, DEBUG_FAT, "check_bzredirect: dir %s", dir)); 1456 basename = strrchr(dir, '/'); 1457 1458 if ((!basename || basename[1] != '\0') && 1459 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) { 1460 strcpy(path, dir); 1461 basename = dir; 1462 } else if (basename == NULL) { 1463 strcpy(path, "."); 1464 strcpy(dir, ""); 1465 basename = request->hr_file + 1; 1466 } else { 1467 *basename++ = '\0'; 1468 strcpy(path, dir); 1469 } 1470 if (bozo_check_special_files(request, basename, true)) 1471 return -1; 1472 1473 debug((httpd, DEBUG_FAT, "check_bzredirect: path %s", path)); 1474 1475 if ((size_t)snprintf(redir, sizeof(redir), "%s/%s", path, 1476 REDIRECT_FILE) >= sizeof(redir)) { 1477 return bozo_http_error(httpd, 404, request, 1478 "redirectfile path too long"); 1479 } 1480 if (lstat(redir, &sb) == 0) { 1481 if (!S_ISLNK(sb.st_mode)) 1482 return 0; 1483 absolute = 0; 1484 } else { 1485 if ((size_t)snprintf(redir, sizeof(redir), "%s/%s", path, 1486 ABSREDIRECT_FILE) >= sizeof(redir)) { 1487 bozo_http_error(httpd, 404, request, 1488 "redirectfile path too long"); 1489 return -1; 1490 } 1491 if (lstat(redir, &sb) < 0 || !S_ISLNK(sb.st_mode)) 1492 return 0; 1493 absolute = 1; 1494 } 1495 debug((httpd, DEBUG_FAT, "check_bzredirect: calling readlink")); 1496 rv = readlink(redir, redirpath, sizeof redirpath - 1); 1497 if (rv == -1 || rv == 0) { 1498 debug((httpd, DEBUG_FAT, "readlink failed")); 1499 return 0; 1500 } 1501 redirpath[rv] = '\0'; 1502 debug((httpd, DEBUG_FAT, "readlink returned \"%s\"", redirpath)); 1503 1504 /* check if we need authentication */ 1505 snprintf(path, sizeof(path), "%s/", dir); 1506 if (bozo_auth_check(request, path)) 1507 return 1; 1508 1509 /* now we have the link pointer, redirect to the real place */ 1510 if (!absolute && redirpath[0] != '/') { 1511 if ((size_t)snprintf(finalredir = redir, sizeof(redir), "%s%s/%s", 1512 (strlen(dir) > 0 ? "/" : ""), dir, redirpath) >= sizeof(redir)) { 1513 bozo_http_error(httpd, 404, request, 1514 "redirect path too long"); 1515 return -1; 1516 } 1517 } else 1518 finalredir = redirpath; 1519 1520 debug((httpd, DEBUG_FAT, "check_bzredirect: new redir %s", finalredir)); 1521 handle_redirect(request, finalredir, absolute); 1522 return 1; 1523 } 1524 1525 /* this fixes the %HH hack that RFC2396 requires. */ 1526 int 1527 bozo_decode_url_percent(bozo_httpreq_t *request, char *str) 1528 { 1529 bozohttpd_t *httpd = request->hr_httpd; 1530 char *s, *t, buf[3]; 1531 char *end; /* if end is not-zero, we don't translate beyond that */ 1532 1533 end = str + strlen(str); 1534 1535 /* fast forward to the first % */ 1536 if ((s = strchr(str, '%')) == NULL) 1537 return 0; 1538 1539 t = s; 1540 do { 1541 if (end && s >= end) { 1542 debug((httpd, DEBUG_EXPLODING, 1543 "fu_%%: past end, filling out..")); 1544 while (*s) 1545 *t++ = *s++; 1546 break; 1547 } 1548 debug((httpd, DEBUG_EXPLODING, 1549 "fu_%%: got s == %%, s[1]s[2] == %c%c", 1550 s[1], s[2])); 1551 if (s[1] == '\0' || s[2] == '\0') 1552 return bozo_http_error(httpd, 400, request, 1553 "percent hack missing two chars afterwards"); 1554 if (s[1] == '0' && s[2] == '0') 1555 return bozo_http_error(httpd, 404, request, 1556 "percent hack was %00"); 1557 if (s[1] == '2' && s[2] == 'f') 1558 return bozo_http_error(httpd, 404, request, 1559 "percent hack was %2f (/)"); 1560 1561 buf[0] = *++s; 1562 buf[1] = *++s; 1563 buf[2] = '\0'; 1564 s++; 1565 *t = (char)strtol(buf, NULL, 16); 1566 debug((httpd, DEBUG_EXPLODING, 1567 "fu_%%: strtol put '%02x' into *t", *t)); 1568 if (*t++ == '\0') 1569 return bozo_http_error(httpd, 400, request, 1570 "percent hack got a 0 back"); 1571 1572 while (*s && *s != '%') { 1573 if (end && s >= end) 1574 break; 1575 *t++ = *s++; 1576 } 1577 } while (*s); 1578 *t = '\0'; 1579 1580 debug((httpd, DEBUG_FAT, "bozo_decode_url_percent returns `%s'", 1581 request->hr_file)); 1582 1583 return 0; 1584 } 1585 1586 /* 1587 * transform_request does this: 1588 * - ``expand'' %20 crapola 1589 * - punt if it doesn't start with / 1590 * - look for "http://myname/" and deal with it. 1591 * - maybe call bozo_process_cgi() 1592 * - check for ~user and call bozo_user_transform() if so 1593 * - if the length > 1, check for trailing slash. if so, 1594 * add the index.html file 1595 * - if the length is 1, return the index.html file 1596 * - disallow anything ending up with a file starting 1597 * at "/" or having ".." in it. 1598 * - anything else is a really weird internal error 1599 * - returns malloced file to serve, if unhandled 1600 */ 1601 static int 1602 transform_request(bozo_httpreq_t *request, int *isindex) 1603 { 1604 bozohttpd_t *httpd = request->hr_httpd; 1605 char *file, *newfile = NULL; 1606 size_t len; 1607 1608 file = NULL; 1609 *isindex = 0; 1610 debug((httpd, DEBUG_FAT, "tf_req: file %s", request->hr_file)); 1611 1612 if (bozo_decode_url_percent(request, request->hr_file) || 1613 check_virtual(request)) 1614 goto bad_done; 1615 1616 file = request->hr_file; 1617 1618 if (file[0] != '/') { 1619 bozo_http_error(httpd, 404, request, "unknown URL"); 1620 goto bad_done; 1621 } 1622 1623 /* omit additional slashes at the beginning */ 1624 while (file[1] == '/') 1625 file++; 1626 1627 /* fix file provided by user as it's used in other handlers */ 1628 request->hr_file = file; 1629 1630 len = strlen(file); 1631 1632 #ifndef NO_USER_SUPPORT 1633 /* first of all expand user path */ 1634 if (len > 1 && httpd->enable_users && file[1] == '~') { 1635 if (file[2] == '\0') { 1636 bozo_http_error(httpd, 404, request, 1637 "missing username"); 1638 goto bad_done; 1639 } 1640 if (strchr(file + 2, '/') == NULL) { 1641 char *userredirecturl; 1642 1643 bozoasprintf(httpd, &userredirecturl, "%s/", file); 1644 handle_redirect(request, userredirecturl, 0); 1645 free(userredirecturl); 1646 return 0; 1647 } 1648 debug((httpd, DEBUG_FAT, "calling bozo_user_transform")); 1649 1650 if (!bozo_user_transform(request)) 1651 return 0; 1652 1653 file = request->hr_file; 1654 len = strlen(file); 1655 } 1656 #endif /* NO_USER_SUPPORT */ 1657 1658 1659 switch (check_bzredirect(request)) { 1660 case -1: 1661 goto bad_done; 1662 case 0: 1663 break; 1664 default: 1665 return 0; 1666 } 1667 1668 if (len > 1) { 1669 debug((httpd, DEBUG_FAT, "file[len-1] == %c", file[len-1])); 1670 if (file[len-1] == '/') { /* append index.html */ 1671 *isindex = 1; 1672 debug((httpd, DEBUG_FAT, "appending index.html")); 1673 newfile = bozomalloc(httpd, 1674 len + strlen(httpd->index_html) + 1); 1675 strcpy(newfile, file + 1); 1676 strcat(newfile, httpd->index_html); 1677 } else 1678 newfile = bozostrdup(httpd, request, file + 1); 1679 } else if (len == 1) { 1680 debug((httpd, DEBUG_EXPLODING, "tf_req: len == 1")); 1681 newfile = bozostrdup(httpd, request, httpd->index_html); 1682 *isindex = 1; 1683 } else { /* len == 0 ? */ 1684 bozo_http_error(httpd, 500, request, "request->hr_file is nul"); 1685 goto bad_done; 1686 } 1687 1688 if (newfile == NULL) { 1689 bozo_http_error(httpd, 500, request, "internal failure"); 1690 goto bad_done; 1691 } 1692 1693 /* 1694 * stop traversing outside our domain 1695 * 1696 * XXX true security only comes from our parent using chroot(2) 1697 * before execve(2)'ing us. or our own built in chroot(2) support. 1698 */ 1699 1700 debug((httpd, DEBUG_FAT, "newfile: %s", newfile)); 1701 1702 if (*newfile == '/' || strcmp(newfile, "..") == 0 || 1703 strstr(newfile, "/..") || strstr(newfile, "../")) { 1704 bozo_http_error(httpd, 403, request, "illegal request"); 1705 goto bad_done; 1706 } 1707 1708 if (bozo_auth_check(request, newfile)) 1709 goto bad_done; 1710 1711 if (strlen(newfile)) { 1712 request->hr_oldfile = request->hr_file; 1713 request->hr_file = newfile; 1714 } 1715 1716 if (bozo_process_cgi(request) || 1717 bozo_process_lua(request)) 1718 return 0; 1719 1720 debug((httpd, DEBUG_FAT, "transform_request set: %s", newfile)); 1721 return 1; 1722 1723 bad_done: 1724 debug((httpd, DEBUG_FAT, "transform_request returning: 0")); 1725 free(newfile); 1726 return 0; 1727 } 1728 1729 /* 1730 * can_gzip checks if the request supports and prefers gzip encoding. 1731 * 1732 * XXX: we do not consider the associated q with gzip in making our 1733 * decision which is broken. 1734 */ 1735 1736 static int 1737 can_gzip(bozo_httpreq_t *request) 1738 { 1739 const char *pos; 1740 const char *tmp; 1741 size_t len; 1742 1743 /* First we decide if the request can be gzipped at all. */ 1744 1745 /* not if we already are encoded... */ 1746 tmp = bozo_content_encoding(request, request->hr_file); 1747 if (tmp && *tmp) 1748 return 0; 1749 1750 /* not if we are not asking for the whole file... */ 1751 if (request->hr_last_byte_pos != -1 || request->hr_have_range) 1752 return 0; 1753 1754 /* Then we determine if gzip is on the cards. */ 1755 1756 for (pos = request->hr_accept_encoding; pos && *pos; pos += len) { 1757 while (*pos == ' ') 1758 pos++; 1759 1760 len = strcspn(pos, ";,"); 1761 1762 if ((len == 4 && strncasecmp("gzip", pos, 4) == 0) || 1763 (len == 6 && strncasecmp("x-gzip", pos, 6) == 0)) 1764 return 1; 1765 1766 if (pos[len] == ';') 1767 len += strcspn(&pos[len], ","); 1768 1769 if (pos[len]) 1770 len++; 1771 } 1772 1773 return 0; 1774 } 1775 1776 /* 1777 * bozo_process_request does the following: 1778 * - check the request is valid 1779 * - process cgi-bin if necessary 1780 * - transform a filename if necesarry 1781 * - return the HTTP request 1782 */ 1783 void 1784 bozo_process_request(bozo_httpreq_t *request) 1785 { 1786 bozohttpd_t *httpd = request->hr_httpd; 1787 struct stat sb; 1788 time_t timestamp; 1789 char *file; 1790 const char *type, *encoding; 1791 int fd, isindex; 1792 1793 /* 1794 * note that transform_request chdir()'s if required. also note 1795 * that cgi is handed here. if transform_request() returns 0 1796 * then the request has been handled already. 1797 */ 1798 if (transform_request(request, &isindex) == 0) 1799 return; 1800 1801 fd = -1; 1802 encoding = NULL; 1803 if (can_gzip(request)) { 1804 bozoasprintf(httpd, &file, "%s.gz", request->hr_file); 1805 fd = open(file, O_RDONLY); 1806 if (fd >= 0) 1807 encoding = "gzip"; 1808 free(file); 1809 } 1810 1811 file = request->hr_file; 1812 1813 if (fd < 0) 1814 fd = open(file, O_RDONLY); 1815 1816 if (fd < 0) { 1817 debug((httpd, DEBUG_FAT, "open failed: %s", strerror(errno))); 1818 switch (errno) { 1819 case EPERM: 1820 case EACCES: 1821 bozo_http_error(httpd, 403, request, 1822 "no permission to open file"); 1823 break; 1824 case ENAMETOOLONG: 1825 /*FALLTHROUGH*/ 1826 case ENOENT: 1827 if (!bozo_dir_index(request, file, isindex)) 1828 bozo_http_error(httpd, 404, request, "no file"); 1829 break; 1830 default: 1831 bozo_http_error(httpd, 500, request, "open file"); 1832 } 1833 goto cleanup_nofd; 1834 } 1835 if (fstat(fd, &sb) < 0) { 1836 bozo_http_error(httpd, 500, request, "can't fstat"); 1837 goto cleanup; 1838 } 1839 if (S_ISDIR(sb.st_mode)) { 1840 handle_redirect(request, NULL, 0); 1841 goto cleanup; 1842 } 1843 1844 if (request->hr_if_modified_since && 1845 parse_http_date(request->hr_if_modified_since, ×tamp) && 1846 timestamp >= sb.st_mtime) { 1847 /* XXX ignore subsecond of timestamp */ 1848 bozo_printf(httpd, "%s 304 Not Modified\r\n", 1849 request->hr_proto); 1850 bozo_printf(httpd, "\r\n"); 1851 bozo_flush(httpd, stdout); 1852 goto cleanup; 1853 } 1854 1855 /* validate requested range */ 1856 if (request->hr_last_byte_pos == -1 || 1857 request->hr_last_byte_pos >= sb.st_size) 1858 request->hr_last_byte_pos = sb.st_size - 1; 1859 if (request->hr_have_range && 1860 request->hr_first_byte_pos > request->hr_last_byte_pos) { 1861 request->hr_have_range = 0; /* punt */ 1862 request->hr_first_byte_pos = 0; 1863 request->hr_last_byte_pos = sb.st_size - 1; 1864 } 1865 debug((httpd, DEBUG_FAT, "have_range %d first_pos %lld last_pos %lld", 1866 request->hr_have_range, 1867 (long long)request->hr_first_byte_pos, 1868 (long long)request->hr_last_byte_pos)); 1869 if (request->hr_have_range) 1870 bozo_printf(httpd, "%s 206 Partial Content\r\n", 1871 request->hr_proto); 1872 else 1873 bozo_printf(httpd, "%s 200 OK\r\n", request->hr_proto); 1874 1875 if (request->hr_proto != httpd->consts.http_09) { 1876 type = bozo_content_type(request, file); 1877 if (!encoding) 1878 encoding = bozo_content_encoding(request, file); 1879 1880 bozo_print_header(request, &sb, type, encoding); 1881 bozo_printf(httpd, "\r\n"); 1882 } 1883 bozo_flush(httpd, stdout); 1884 1885 if (request->hr_method != HTTP_HEAD) { 1886 off_t szleft, cur_byte_pos; 1887 1888 szleft = 1889 request->hr_last_byte_pos - request->hr_first_byte_pos + 1; 1890 cur_byte_pos = request->hr_first_byte_pos; 1891 1892 retry: 1893 while (szleft) { 1894 size_t sz; 1895 1896 if ((off_t)httpd->mmapsz < szleft) 1897 sz = httpd->mmapsz; 1898 else 1899 sz = (size_t)szleft; 1900 if (mmap_and_write_part(httpd, fd, cur_byte_pos, sz)) { 1901 if (errno == ENOMEM) { 1902 httpd->mmapsz /= 2; 1903 if (httpd->mmapsz >= httpd->page_size) 1904 goto retry; 1905 } 1906 goto cleanup; 1907 } 1908 cur_byte_pos += sz; 1909 szleft -= sz; 1910 } 1911 } 1912 cleanup: 1913 close(fd); 1914 cleanup_nofd: 1915 close(STDIN_FILENO); 1916 close(STDOUT_FILENO); 1917 /*close(STDERR_FILENO);*/ 1918 } 1919 1920 /* make sure we're not trying to access special files */ 1921 int 1922 bozo_check_special_files(bozo_httpreq_t *request, const char *name, bool doerror) 1923 { 1924 bozohttpd_t *httpd = request->hr_httpd; 1925 size_t i; 1926 int error = 0; 1927 1928 for (i = 0; specials[i].file; i++) { 1929 if (strcmp(name, specials[i].file) == 0) { 1930 if (doerror) { 1931 error = bozo_http_error(httpd, 403, request, 1932 specials[i].name); 1933 } else { 1934 error = -1; 1935 } 1936 } 1937 } 1938 1939 return error; 1940 } 1941 1942 /* generic header printing routine */ 1943 void 1944 bozo_print_header(bozo_httpreq_t *request, 1945 struct stat *sbp, const char *type, const char *encoding) 1946 { 1947 bozohttpd_t *httpd = request->hr_httpd; 1948 off_t len; 1949 char date[40]; 1950 bozoheaders_t *hdr; 1951 1952 SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { 1953 bozo_printf(httpd, "%s: %s\r\n", hdr->h_header, 1954 hdr->h_value); 1955 } 1956 1957 bozo_printf(httpd, "Date: %s\r\n", bozo_http_date(date, sizeof(date))); 1958 bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); 1959 bozo_printf(httpd, "Accept-Ranges: bytes\r\n"); 1960 if (sbp) { 1961 char filedate[40]; 1962 struct tm *tm; 1963 1964 tm = gmtime(&sbp->st_mtime); 1965 strftime(filedate, sizeof filedate, 1966 "%a, %d %b %Y %H:%M:%S GMT", tm); 1967 bozo_printf(httpd, "Last-Modified: %s\r\n", filedate); 1968 } 1969 if (type && *type) 1970 bozo_printf(httpd, "Content-Type: %s\r\n", type); 1971 if (encoding && *encoding) 1972 bozo_printf(httpd, "Content-Encoding: %s\r\n", encoding); 1973 if (sbp) { 1974 if (request->hr_have_range) { 1975 len = request->hr_last_byte_pos - 1976 request->hr_first_byte_pos +1; 1977 bozo_printf(httpd, 1978 "Content-Range: bytes %qd-%qd/%qd\r\n", 1979 (long long) request->hr_first_byte_pos, 1980 (long long) request->hr_last_byte_pos, 1981 (long long) sbp->st_size); 1982 } else 1983 len = sbp->st_size; 1984 bozo_printf(httpd, "Content-Length: %qd\r\n", (long long)len); 1985 } 1986 if (request->hr_proto == httpd->consts.http_11) 1987 bozo_printf(httpd, "Connection: close\r\n"); 1988 bozo_flush(httpd, stdout); 1989 } 1990 1991 #ifndef NO_DEBUG 1992 void 1993 debug__(bozohttpd_t *httpd, int level, const char *fmt, ...) 1994 { 1995 va_list ap; 1996 int savederrno; 1997 1998 /* only log if the level is low enough */ 1999 if (httpd->debug < level) 2000 return; 2001 2002 savederrno = errno; 2003 va_start(ap, fmt); 2004 if (httpd->logstderr) { 2005 vfprintf(stderr, fmt, ap); 2006 fputs("\n", stderr); 2007 } else 2008 vsyslog(LOG_DEBUG, fmt, ap); 2009 va_end(ap); 2010 errno = savederrno; 2011 } 2012 #endif /* NO_DEBUG */ 2013 2014 /* these are like warn() and err(), except for syslog not stderr */ 2015 void 2016 bozowarn(bozohttpd_t *httpd, const char *fmt, ...) 2017 { 2018 va_list ap; 2019 2020 va_start(ap, fmt); 2021 if (httpd->logstderr || isatty(STDERR_FILENO)) { 2022 //fputs("warning: ", stderr); 2023 vfprintf(stderr, fmt, ap); 2024 fputs("\n", stderr); 2025 } else 2026 vsyslog(LOG_INFO, fmt, ap); 2027 va_end(ap); 2028 } 2029 2030 void 2031 bozoerr(bozohttpd_t *httpd, int code, const char *fmt, ...) 2032 { 2033 va_list ap; 2034 2035 va_start(ap, fmt); 2036 if (httpd->logstderr || isatty(STDERR_FILENO)) { 2037 //fputs("error: ", stderr); 2038 vfprintf(stderr, fmt, ap); 2039 fputs("\n", stderr); 2040 } else 2041 vsyslog(LOG_ERR, fmt, ap); 2042 va_end(ap); 2043 exit(code); 2044 } 2045 2046 void 2047 bozoasprintf(bozohttpd_t *httpd, char **str, const char *fmt, ...) 2048 { 2049 va_list ap; 2050 int e; 2051 2052 va_start(ap, fmt); 2053 e = vasprintf(str, fmt, ap); 2054 va_end(ap); 2055 2056 if (e < 0) 2057 bozoerr(httpd, EXIT_FAILURE, "asprintf"); 2058 } 2059 2060 /* 2061 * this escapes HTML tags. returns allocated escaped 2062 * string if needed, or NULL on allocation failure or 2063 * lack of escape need. 2064 * call with NULL httpd in error paths, to avoid recursive 2065 * malloc failure. call with valid httpd in normal paths 2066 * to get automatic allocation failure handling. 2067 */ 2068 char * 2069 bozo_escape_html(bozohttpd_t *httpd, const char *url) 2070 { 2071 int i, j; 2072 char *tmp; 2073 size_t len; 2074 2075 for (i = 0, j = 0; url[i]; i++) { 2076 switch (url[i]) { 2077 case '<': 2078 case '>': 2079 j += 4; 2080 break; 2081 case '&': 2082 j += 5; 2083 break; 2084 case '"': 2085 j += 6; 2086 break; 2087 } 2088 } 2089 2090 if (j == 0) 2091 return NULL; 2092 2093 /* 2094 * we need to handle being called from different 2095 * pathnames. 2096 */ 2097 len = strlen(url) + j; 2098 if (httpd) 2099 tmp = bozomalloc(httpd, len); 2100 else if ((tmp = malloc(len)) == 0) 2101 return NULL; 2102 2103 for (i = 0, j = 0; url[i]; i++) { 2104 switch (url[i]) { 2105 case '<': 2106 memcpy(tmp + j, "<", 4); 2107 j += 4; 2108 break; 2109 case '>': 2110 memcpy(tmp + j, ">", 4); 2111 j += 4; 2112 break; 2113 case '&': 2114 memcpy(tmp + j, "&", 5); 2115 j += 5; 2116 break; 2117 case '"': 2118 memcpy(tmp + j, """, 6); 2119 j += 6; 2120 break; 2121 default: 2122 tmp[j++] = url[i]; 2123 } 2124 } 2125 tmp[j] = 0; 2126 2127 return tmp; 2128 } 2129 2130 /* short map between error code, and short/long messages */ 2131 static struct errors_map { 2132 int code; /* HTTP return code */ 2133 const char *shortmsg; /* short version of message */ 2134 const char *longmsg; /* long version of message */ 2135 } errors_map[] = { 2136 { 400, "400 Bad Request", "The request was not valid", }, 2137 { 401, "401 Unauthorized", "No authorization", }, 2138 { 403, "403 Forbidden", "Access to this item has been denied",}, 2139 { 404, "404 Not Found", "This item has not been found", }, 2140 { 408, "408 Request Timeout", "This request took too long", }, 2141 { 413, "413 Payload Too Large", "Use smaller requests", }, 2142 { 417, "417 Expectation Failed","Expectations not available", }, 2143 { 420, "420 Enhance Your Calm","Chill, Winston", }, 2144 { 500, "500 Internal Error", "An error occured on the server", }, 2145 { 501, "501 Not Implemented", "This request is not available", }, 2146 { 0, NULL, NULL, }, 2147 }; 2148 2149 static const char *help = "DANGER! WILL ROBINSON! DANGER!"; 2150 2151 static const char * 2152 http_errors_short(int code) 2153 { 2154 struct errors_map *ep; 2155 2156 for (ep = errors_map; ep->code; ep++) 2157 if (ep->code == code) 2158 return (ep->shortmsg); 2159 return (help); 2160 } 2161 2162 static const char * 2163 http_errors_long(int code) 2164 { 2165 struct errors_map *ep; 2166 2167 for (ep = errors_map; ep->code; ep++) 2168 if (ep->code == code) 2169 return (ep->longmsg); 2170 return (help); 2171 } 2172 2173 /* the follow functions and variables are used in handling HTTP errors */ 2174 /* ARGSUSED */ 2175 int 2176 bozo_http_error(bozohttpd_t *httpd, int code, bozo_httpreq_t *request, 2177 const char *msg) 2178 { 2179 char portbuf[20]; 2180 const char *header = http_errors_short(code); 2181 const char *reason = http_errors_long(code); 2182 const char *proto = (request && request->hr_proto) ? 2183 request->hr_proto : httpd->consts.http_11; 2184 int size; 2185 bozoheaders_t *hdr; 2186 2187 debug((httpd, DEBUG_FAT, "bozo_http_error %d: %s", code, msg)); 2188 if (header == NULL || reason == NULL) { 2189 bozoerr(httpd, 1, 2190 "bozo_http_error() failed (short = %p, long = %p)", 2191 header, reason); 2192 return code; 2193 } 2194 2195 if (request && request->hr_serverport && 2196 strcmp(request->hr_serverport, "80") != 0) 2197 snprintf(portbuf, sizeof(portbuf), ":%s", 2198 request->hr_serverport); 2199 else 2200 portbuf[0] = '\0'; 2201 2202 if (request && request->hr_file) { 2203 char *file = NULL, *user = NULL; 2204 int file_alloc = 0; 2205 const char *hostname = BOZOHOST(httpd, request); 2206 2207 /* bozo_escape_html() failure here is just too bad. */ 2208 file = bozo_escape_html(NULL, request->hr_file); 2209 if (file == NULL) 2210 file = request->hr_file; 2211 else 2212 file_alloc = 1; 2213 2214 #ifndef NO_USER_SUPPORT 2215 if (request->hr_user != NULL) { 2216 char *user_escaped; 2217 2218 user_escaped = bozo_escape_html(NULL, request->hr_user); 2219 if (user_escaped == NULL) 2220 user_escaped = request->hr_user; 2221 /* expand username to ~user/ */ 2222 bozoasprintf(httpd, &user, "~%s/", user_escaped); 2223 if (user_escaped != request->hr_user) 2224 free(user_escaped); 2225 } 2226 #endif /* !NO_USER_SUPPORT */ 2227 2228 size = snprintf(httpd->errorbuf, BUFSIZ, 2229 "<html><head><title>%s</title></head>\n" 2230 "<body><h1>%s</h1>\n" 2231 "%s%s: <pre>%s</pre>\n" 2232 "<hr><address><a href=\"//%s%s/\">%s%s</a></address>\n" 2233 "</body></html>\n", 2234 header, header, 2235 user ? user : "", file, 2236 reason, hostname, portbuf, hostname, portbuf); 2237 free(user); 2238 if (size >= (int)BUFSIZ) { 2239 bozowarn(httpd, 2240 "bozo_http_error buffer too small, truncated"); 2241 size = (int)BUFSIZ; 2242 } 2243 2244 if (file_alloc) 2245 free(file); 2246 } else 2247 size = 0; 2248 2249 bozo_printf(httpd, "%s %s\r\n", proto, header); 2250 2251 if (request) { 2252 bozo_auth_check_401(request, code); 2253 SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { 2254 bozo_printf(httpd, "%s: %s\r\n", hdr->h_header, 2255 hdr->h_value); 2256 } 2257 } 2258 2259 bozo_printf(httpd, "Content-Type: text/html\r\n"); 2260 bozo_printf(httpd, "Content-Length: %d\r\n", size); 2261 bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); 2262 if (request && request->hr_allow) 2263 bozo_printf(httpd, "Allow: %s\r\n", request->hr_allow); 2264 /* RFC 7231 (HTTP/1.1) 6.5.7 */ 2265 if (code == 408 && request && 2266 request->hr_proto == httpd->consts.http_11) 2267 bozo_printf(httpd, "Connection: close\r\n"); 2268 bozo_printf(httpd, "\r\n"); 2269 /* According to the RFC 2616 sec. 9.4 HEAD method MUST NOT return a 2270 * message-body in the response */ 2271 if (size && request && request->hr_method != HTTP_HEAD) 2272 bozo_printf(httpd, "%s", httpd->errorbuf); 2273 bozo_flush(httpd, stdout); 2274 2275 return code; 2276 } 2277 2278 /* Below are various modified libc functions */ 2279 2280 /* 2281 * returns -1 in lenp if the string ran out before finding a delimiter, 2282 * but is otherwise the same as strsep. Note that the length must be 2283 * correctly passed in. 2284 */ 2285 char * 2286 bozostrnsep(char **strp, const char *delim, ssize_t *lenp) 2287 { 2288 char *s; 2289 const char *spanp; 2290 int c, sc; 2291 char *tok; 2292 2293 if ((s = *strp) == NULL) 2294 return (NULL); 2295 for (tok = s;;) { 2296 if (lenp && --(*lenp) == -1) 2297 return (NULL); 2298 c = *s++; 2299 spanp = delim; 2300 do { 2301 if ((sc = *spanp++) == c) { 2302 if (c == 0) 2303 s = NULL; 2304 else 2305 s[-1] = '\0'; 2306 *strp = s; 2307 return (tok); 2308 } 2309 } while (sc != 0); 2310 } 2311 /* NOTREACHED */ 2312 } 2313 2314 /* 2315 * inspired by fgetln(3), but works for fd's. should work identically 2316 * except it, however, does *not* return the newline, and it does nul 2317 * terminate the string. 2318 */ 2319 char * 2320 bozodgetln(bozohttpd_t *httpd, int fd, ssize_t *lenp, 2321 ssize_t (*readfn)(bozohttpd_t *, int, void *, size_t)) 2322 { 2323 ssize_t len; 2324 int got_cr = 0; 2325 char c, *nbuffer; 2326 2327 /* initialise */ 2328 if (httpd->getln_buflen == 0) { 2329 /* should be plenty for most requests */ 2330 httpd->getln_buflen = 128; 2331 httpd->getln_buffer = malloc((size_t)httpd->getln_buflen); 2332 if (httpd->getln_buffer == NULL) { 2333 httpd->getln_buflen = 0; 2334 return NULL; 2335 } 2336 } 2337 len = 0; 2338 2339 /* 2340 * we *have* to read one byte at a time, to not break cgi 2341 * programs (for we pass stdin off to them). could fix this 2342 * by becoming a fd-passing program instead of just exec'ing 2343 * the program 2344 * 2345 * the above is no longer true, we are the fd-passing 2346 * program already. 2347 */ 2348 for (; readfn(httpd, fd, &c, 1) == 1; ) { 2349 debug((httpd, DEBUG_EXPLODING, "bozodgetln read %c", c)); 2350 2351 if (len >= httpd->getln_buflen - 1) { 2352 httpd->getln_buflen *= 2; 2353 debug((httpd, DEBUG_EXPLODING, "bozodgetln: " 2354 "reallocating buffer to buflen %zu", 2355 httpd->getln_buflen)); 2356 nbuffer = bozorealloc(httpd, httpd->getln_buffer, 2357 (size_t)httpd->getln_buflen); 2358 httpd->getln_buffer = nbuffer; 2359 } 2360 2361 httpd->getln_buffer[len++] = c; 2362 if (c == '\r') { 2363 got_cr = 1; 2364 continue; 2365 } else if (c == '\n') { 2366 /* 2367 * HTTP/1.1 spec says to ignore CR and treat 2368 * LF as the real line terminator. even though 2369 * the same spec defines CRLF as the line 2370 * terminator, it is recommended in section 19.3 2371 * to do the LF trick for tolerance. 2372 */ 2373 if (got_cr) 2374 len -= 2; 2375 else 2376 len -= 1; 2377 break; 2378 } 2379 2380 } 2381 httpd->getln_buffer[len] = '\0'; 2382 debug((httpd, DEBUG_OBESE, "bozodgetln returns: '%s' with len %zd", 2383 httpd->getln_buffer, len)); 2384 *lenp = len; 2385 return httpd->getln_buffer; 2386 } 2387 2388 void * 2389 bozorealloc(bozohttpd_t *httpd, void *ptr, size_t size) 2390 { 2391 void *p; 2392 2393 p = realloc(ptr, size); 2394 if (p) 2395 return p; 2396 2397 bozo_http_error(httpd, 500, NULL, "memory allocation failure"); 2398 exit(EXIT_FAILURE); 2399 } 2400 2401 void * 2402 bozomalloc(bozohttpd_t *httpd, size_t size) 2403 { 2404 void *p; 2405 2406 p = malloc(size); 2407 if (p) 2408 return p; 2409 2410 bozo_http_error(httpd, 500, NULL, "memory allocation failure"); 2411 exit(EXIT_FAILURE); 2412 } 2413 2414 char * 2415 bozostrdup(bozohttpd_t *httpd, bozo_httpreq_t *request, const char *str) 2416 { 2417 char *p; 2418 2419 p = strdup(str); 2420 if (p) 2421 return p; 2422 2423 if (!request) 2424 bozoerr(httpd, EXIT_FAILURE, "strdup"); 2425 2426 bozo_http_error(httpd, 500, request, "memory allocation failure"); 2427 exit(EXIT_FAILURE); 2428 } 2429 2430 /* set default values in bozohttpd_t struct */ 2431 int 2432 bozo_init_httpd(bozohttpd_t *httpd) 2433 { 2434 /* make sure everything is clean */ 2435 (void) memset(httpd, 0x0, sizeof(*httpd)); 2436 2437 /* constants */ 2438 httpd->consts.http_09 = "HTTP/0.9"; 2439 httpd->consts.http_10 = "HTTP/1.0"; 2440 httpd->consts.http_11 = "HTTP/1.1"; 2441 httpd->consts.text_plain = "text/plain"; 2442 2443 /* mmap region size */ 2444 httpd->mmapsz = BOZO_MMAPSZ; 2445 2446 /* error buffer for bozo_http_error() */ 2447 if ((httpd->errorbuf = malloc(BUFSIZ)) == NULL) { 2448 fprintf(stderr, 2449 "bozohttpd: memory_allocation failure\n"); 2450 return 0; 2451 } 2452 #ifndef NO_LUA_SUPPORT 2453 SIMPLEQ_INIT(&httpd->lua_states); 2454 #endif 2455 return 1; 2456 } 2457 2458 /* set default values in bozoprefs_t struct */ 2459 int 2460 bozo_init_prefs(bozohttpd_t *httpd, bozoprefs_t *prefs) 2461 { 2462 int rv = 0; 2463 2464 /* make sure everything is clean */ 2465 (void) memset(prefs, 0x0, sizeof(*prefs)); 2466 2467 /* set up default values */ 2468 if (!bozo_set_pref(httpd, prefs, "server software", SERVER_SOFTWARE)) 2469 rv = 1; 2470 if (!bozo_set_pref(httpd, prefs, "index.html", INDEX_HTML)) 2471 rv = 1; 2472 if (!bozo_set_pref(httpd, prefs, "public_html", PUBLIC_HTML)) 2473 rv = 1; 2474 if (!bozo_set_pref(httpd, prefs, "ssl timeout", SSL_TIMEOUT)) 2475 rv = 1; 2476 if (!bozo_set_pref(httpd, prefs, "initial timeout", INITIAL_TIMEOUT)) 2477 rv = 1; 2478 if (!bozo_set_pref(httpd, prefs, "header timeout", HEADER_WAIT_TIME)) 2479 rv = 1; 2480 if (!bozo_set_pref(httpd, prefs, "request timeout", TOTAL_MAX_REQ_TIME)) 2481 rv = 1; 2482 2483 return rv; 2484 } 2485 2486 /* set default values */ 2487 int 2488 bozo_set_defaults(bozohttpd_t *httpd, bozoprefs_t *prefs) 2489 { 2490 return bozo_init_httpd(httpd) && bozo_init_prefs(httpd, prefs); 2491 } 2492 2493 /* set the virtual host name, port and root */ 2494 int 2495 bozo_setup(bozohttpd_t *httpd, bozoprefs_t *prefs, const char *vhost, 2496 const char *root) 2497 { 2498 struct passwd *pw; 2499 extern char **environ; 2500 static char *cleanenv[1] = { NULL }; 2501 uid_t uid; 2502 int uidset = 0; 2503 char *chrootdir; 2504 char *username; 2505 char *portnum; 2506 char *cp; 2507 int dirtyenv; 2508 2509 dirtyenv = 0; 2510 2511 if (vhost == NULL) { 2512 httpd->virthostname = bozomalloc(httpd, MAXHOSTNAMELEN+1); 2513 if (gethostname(httpd->virthostname, MAXHOSTNAMELEN+1) < 0) 2514 bozoerr(httpd, 1, "gethostname"); 2515 httpd->virthostname[MAXHOSTNAMELEN] = '\0'; 2516 } else { 2517 httpd->virthostname = bozostrdup(httpd, NULL, vhost); 2518 } 2519 httpd->slashdir = bozostrdup(httpd, NULL, root); 2520 if ((portnum = bozo_get_pref(prefs, "port number")) != NULL) { 2521 httpd->bindport = bozostrdup(httpd, NULL, portnum); 2522 } 2523 2524 /* go over preferences now */ 2525 if ((cp = bozo_get_pref(prefs, "numeric")) != NULL && 2526 strcmp(cp, "true") == 0) { 2527 httpd->numeric = 1; 2528 } 2529 if ((cp = bozo_get_pref(prefs, "log to stderr")) != NULL && 2530 strcmp(cp, "true") == 0) { 2531 httpd->logstderr = 1; 2532 } 2533 if ((cp = bozo_get_pref(prefs, "bind address")) != NULL) { 2534 httpd->bindaddress = bozostrdup(httpd, NULL, cp); 2535 } 2536 if ((cp = bozo_get_pref(prefs, "background")) != NULL) { 2537 httpd->background = atoi(cp); 2538 } 2539 if ((cp = bozo_get_pref(prefs, "foreground")) != NULL && 2540 strcmp(cp, "true") == 0) { 2541 httpd->foreground = 1; 2542 } 2543 if ((cp = bozo_get_pref(prefs, "pid file")) != NULL) { 2544 httpd->pidfile = bozostrdup(httpd, NULL, cp); 2545 } 2546 if ((cp = bozo_get_pref(prefs, "unknown slash")) != NULL && 2547 strcmp(cp, "true") == 0) { 2548 httpd->unknown_slash = 1; 2549 } 2550 if ((cp = bozo_get_pref(prefs, "virtual base")) != NULL) { 2551 httpd->virtbase = bozostrdup(httpd, NULL, cp); 2552 } 2553 if ((cp = bozo_get_pref(prefs, "enable users")) != NULL && 2554 strcmp(cp, "true") == 0) { 2555 httpd->enable_users = 1; 2556 } 2557 if ((cp = bozo_get_pref(prefs, "enable user cgibin")) != NULL && 2558 strcmp(cp, "true") == 0) { 2559 httpd->enable_cgi_users = 1; 2560 } 2561 if ((cp = bozo_get_pref(prefs, "dirty environment")) != NULL && 2562 strcmp(cp, "true") == 0) { 2563 dirtyenv = 1; 2564 } 2565 if ((cp = bozo_get_pref(prefs, "hide dots")) != NULL && 2566 strcmp(cp, "true") == 0) { 2567 httpd->hide_dots = 1; 2568 } 2569 if ((cp = bozo_get_pref(prefs, "directory indexing")) != NULL && 2570 strcmp(cp, "true") == 0) { 2571 httpd->dir_indexing = 1; 2572 } 2573 if ((cp = bozo_get_pref(prefs, "public_html")) != NULL) { 2574 httpd->public_html = bozostrdup(httpd, NULL, cp); 2575 } 2576 if ((cp = bozo_get_pref(prefs, "ssl timeout")) != NULL) { 2577 httpd->ssl_timeout = atoi(cp); 2578 } 2579 if ((cp = bozo_get_pref(prefs, "initial timeout")) != NULL) { 2580 httpd->initial_timeout = atoi(cp); 2581 } 2582 if ((cp = bozo_get_pref(prefs, "header timeout")) != NULL) { 2583 httpd->header_timeout = atoi(cp); 2584 } 2585 if ((cp = bozo_get_pref(prefs, "request timeout")) != NULL) { 2586 httpd->request_timeout = atoi(cp); 2587 } 2588 httpd->server_software = 2589 bozostrdup(httpd, NULL, bozo_get_pref(prefs, "server software")); 2590 httpd->index_html = 2591 bozostrdup(httpd, NULL, bozo_get_pref(prefs, "index.html")); 2592 2593 /* 2594 * initialise ssl and daemon mode if necessary. 2595 */ 2596 bozo_ssl_init(httpd); 2597 bozo_daemon_init(httpd); 2598 2599 username = bozo_get_pref(prefs, "username"); 2600 if (username != NULL) { 2601 if ((pw = getpwnam(username)) == NULL) 2602 bozoerr(httpd, 1, "getpwnam(%s): %s", username, 2603 strerror(errno)); 2604 if (initgroups(pw->pw_name, pw->pw_gid) == -1) 2605 bozoerr(httpd, 1, "initgroups: %s", strerror(errno)); 2606 if (setgid(pw->pw_gid) == -1) 2607 bozoerr(httpd, 1, "setgid(%u): %s", pw->pw_gid, 2608 strerror(errno)); 2609 uid = pw->pw_uid; 2610 uidset = 1; 2611 } 2612 /* 2613 * handle chroot. 2614 */ 2615 if ((chrootdir = bozo_get_pref(prefs, "chroot dir")) != NULL) { 2616 httpd->rootdir = bozostrdup(httpd, NULL, chrootdir); 2617 if (chdir(httpd->rootdir) == -1) 2618 bozoerr(httpd, 1, "chdir(%s): %s", httpd->rootdir, 2619 strerror(errno)); 2620 if (chroot(httpd->rootdir) == -1) 2621 bozoerr(httpd, 1, "chroot(%s): %s", httpd->rootdir, 2622 strerror(errno)); 2623 } 2624 2625 if (uidset && setuid(uid) == -1) 2626 bozoerr(httpd, 1, "setuid(%d): %s", uid, strerror(errno)); 2627 2628 /* 2629 * prevent info leakage between different compartments. 2630 * some PATH values in the environment would be invalided 2631 * by chroot. cross-user settings might result in undesirable 2632 * effects. 2633 */ 2634 if ((chrootdir != NULL || username != NULL) && !dirtyenv) 2635 environ = cleanenv; 2636 2637 #ifdef _SC_PAGESIZE 2638 httpd->page_size = (long)sysconf(_SC_PAGESIZE); 2639 #else 2640 httpd->page_size = 4096; 2641 #endif 2642 debug((httpd, DEBUG_OBESE, "myname is %s, slashdir is %s", 2643 httpd->virthostname, httpd->slashdir)); 2644 2645 return 1; 2646 } 2647 2648 int 2649 bozo_get_version(char *buf, size_t size) 2650 { 2651 return snprintf(buf, size, "%s", SERVER_SOFTWARE); 2652 } 2653