1 /* $NetBSD: bozohttpd.c,v 1.28 2011/08/27 15:33:59 joerg Exp $ */ 2 3 /* $eterna: bozohttpd.c,v 1.176 2010/09/20 22:26:28 mrg Exp $ */ 4 5 /* 6 * Copyright (c) 1997-2010 Matthew R. Green 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer and 16 * dedication in the documentation and/or other materials provided 17 * with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 */ 32 33 /* this program is dedicated to the Great God of Processed Cheese */ 34 35 /* 36 * bozohttpd.c: minimal httpd; provides only these features: 37 * - HTTP/0.9 (by virtue of ..) 38 * - HTTP/1.0 39 * - HTTP/1.1 40 * - CGI/1.1 this will only be provided for "system" scripts 41 * - automatic "missing trailing slash" redirections 42 * - configurable translation of /~user/ to ~user/public_html, 43 * however, this does not include cgi-bin support 44 * - access lists via libwrap via inetd/tcpd 45 * - virtual hosting 46 * - not that we do not even pretend to understand MIME, but 47 * rely only on the HTTP specification 48 * - ipv6 support 49 * - automatic `index.html' generation 50 * - configurable server name 51 * - directory index generation 52 * - daemon mode (lacks libwrap support) 53 * - .htpasswd support 54 */ 55 56 /* 57 * requirements for minimal http/1.1 (at least, as documented in 58 * <draft-ietf-http-v11-spec-rev-06> which expired may 18, 1999): 59 * 60 * - 14.15: content-encoding handling. [1] 61 * 62 * - 14.16: content-length handling. this is only a SHOULD header 63 * thus we could just not send it ever. [1] 64 * 65 * - 14.17: content-type handling. [1] 66 * 67 * - 14.25/28: if-{,un}modified-since handling. maybe do this, but 68 * i really don't want to have to parse 3 differnet date formats 69 * 70 * [1] need to revisit to ensure proper behaviour 71 * 72 * and the following is a list of features that we do not need 73 * to have due to other limits, or are too lazy. there are more 74 * of these than are listed, but these are of particular note, 75 * and could perhaps be implemented. 76 * 77 * - 3.5/3.6: content/transfer codings. probably can ignore 78 * this? we "SHOULD"n't. but 4.4 says we should ignore a 79 * `content-length' header upon reciept of a `transfer-encoding' 80 * header. 81 * 82 * - 5.1.1: request methods. only MUST support GET and HEAD, 83 * but there are new ones besides POST that are currently 84 * supported: OPTIONS PUT DELETE TRACE and CONNECT, plus 85 * extensions not yet known? 86 * 87 * - 10.1: we can ignore informational status codes 88 * 89 * - 10.3.3/10.3.4/10.3.8: just use '302' codes always. 90 * 91 * - 14.1/14.2/14.3/14.27: we do not support Accept: headers.. 92 * just ignore them and send the request anyway. they are 93 * only SHOULD. 94 * 95 * - 14.5/14.16/14.35: we don't do ranges. from section 14.35.2 96 * `A server MAY ignore the Range header'. but it might be nice. 97 * since 20080301 we support simple range headers. 98 * 99 * - 14.9: we aren't a cache. 100 * 101 * - 14.15: content-md5 would be nice... 102 * 103 * - 14.24/14.26/14.27: be nice to support this... 104 * 105 * - 14.44: not sure about this Vary: header. ignore it for now. 106 */ 107 108 #ifndef INDEX_HTML 109 #define INDEX_HTML "index.html" 110 #endif 111 #ifndef SERVER_SOFTWARE 112 #define SERVER_SOFTWARE "bozohttpd/20100920" 113 #endif 114 #ifndef DIRECT_ACCESS_FILE 115 #define DIRECT_ACCESS_FILE ".bzdirect" 116 #endif 117 #ifndef REDIRECT_FILE 118 #define REDIRECT_FILE ".bzredirect" 119 #endif 120 #ifndef ABSREDIRECT_FILE 121 #define ABSREDIRECT_FILE ".bzabsredirect" 122 #endif 123 #ifndef PUBLIC_HTML 124 #define PUBLIC_HTML "public_html" 125 #endif 126 127 #ifndef USE_ARG 128 #define USE_ARG(x) /*LINTED*/(void)&(x) 129 #endif 130 131 /* 132 * And so it begins .. 133 */ 134 135 #include <sys/param.h> 136 #include <sys/socket.h> 137 #include <sys/time.h> 138 #include <sys/mman.h> 139 140 #include <arpa/inet.h> 141 142 #include <ctype.h> 143 #include <dirent.h> 144 #include <errno.h> 145 #include <fcntl.h> 146 #include <netdb.h> 147 #include <pwd.h> 148 #include <grp.h> 149 #include <signal.h> 150 #include <stdarg.h> 151 #include <stdlib.h> 152 #include <string.h> 153 #include <syslog.h> 154 #include <time.h> 155 #include <unistd.h> 156 157 #include "bozohttpd.h" 158 159 #ifndef MAX_WAIT_TIME 160 #define MAX_WAIT_TIME 60 /* hang around for 60 seconds max */ 161 #endif 162 163 /* variables and functions */ 164 #ifndef LOG_FTP 165 #define LOG_FTP LOG_DAEMON 166 #endif 167 168 volatile sig_atomic_t alarmhit; 169 170 /* 171 * check there's enough space in the prefs and names arrays. 172 */ 173 static int 174 size_arrays(bozoprefs_t *bozoprefs, unsigned needed) 175 { 176 char **temp; 177 178 if (bozoprefs->size == 0) { 179 /* only get here first time around */ 180 bozoprefs->size = needed; 181 if ((bozoprefs->name = calloc(sizeof(char *), needed)) == NULL) { 182 (void) fprintf(stderr, "size_arrays: bad alloc\n"); 183 return 0; 184 } 185 if ((bozoprefs->value = calloc(sizeof(char *), needed)) == NULL) { 186 free(bozoprefs->name); 187 (void) fprintf(stderr, "size_arrays: bad alloc\n"); 188 return 0; 189 } 190 } else if (bozoprefs->c == bozoprefs->size) { 191 /* only uses 'needed' when filled array */ 192 bozoprefs->size += needed; 193 temp = realloc(bozoprefs->name, sizeof(char *) * needed); 194 if (temp == NULL) { 195 (void) fprintf(stderr, "size_arrays: bad alloc\n"); 196 return 0; 197 } 198 bozoprefs->name = temp; 199 temp = realloc(bozoprefs->value, sizeof(char *) * needed); 200 if (temp == NULL) { 201 (void) fprintf(stderr, "size_arrays: bad alloc\n"); 202 return 0; 203 } 204 bozoprefs->value = temp; 205 } 206 return 1; 207 } 208 209 static int 210 findvar(bozoprefs_t *bozoprefs, const char *name) 211 { 212 unsigned i; 213 214 for (i = 0 ; i < bozoprefs->c && strcmp(bozoprefs->name[i], name) != 0; i++) 215 ; 216 return (i == bozoprefs->c) ? -1 : (int)i; 217 } 218 219 int 220 bozo_set_pref(bozoprefs_t *bozoprefs, const char *name, const char *value) 221 { 222 int i; 223 224 if ((i = findvar(bozoprefs, name)) < 0) { 225 /* add the element to the array */ 226 if (size_arrays(bozoprefs, bozoprefs->size + 15)) { 227 bozoprefs->name[i = bozoprefs->c++] = strdup(name); 228 } 229 } else { 230 /* replace the element in the array */ 231 if (bozoprefs->value[i]) { 232 free(bozoprefs->value[i]); 233 bozoprefs->value[i] = NULL; 234 } 235 } 236 /* sanity checks for range of values go here */ 237 bozoprefs->value[i] = strdup(value); 238 return 1; 239 } 240 241 /* 242 * get a variable's value, or NULL 243 */ 244 char * 245 bozo_get_pref(bozoprefs_t *bozoprefs, const char *name) 246 { 247 int i; 248 249 return ((i = findvar(bozoprefs, name)) < 0) ? NULL : 250 bozoprefs->value[i]; 251 } 252 253 char * 254 bozo_http_date(char *date, size_t datelen) 255 { 256 struct tm *tm; 257 time_t now; 258 259 /* Sun, 06 Nov 1994 08:49:37 GMT */ 260 now = time(NULL); 261 tm = gmtime(&now); /* HTTP/1.1 spec rev 06 sez GMT only */ 262 strftime(date, datelen, "%a, %d %b %Y %H:%M:%S GMT", tm); 263 return date; 264 } 265 266 /* 267 * convert "in" into the three parts of a request (first line). 268 * we allocate into file and query, but return pointers into 269 * "in" for proto and method. 270 */ 271 static void 272 parse_request(bozohttpd_t *httpd, char *in, char **method, char **file, 273 char **query, char **proto) 274 { 275 ssize_t len; 276 char *val; 277 278 USE_ARG(httpd); 279 debug((httpd, DEBUG_EXPLODING, "parse in: %s", in)); 280 *method = *file = *query = *proto = NULL; 281 282 len = (ssize_t)strlen(in); 283 val = bozostrnsep(&in, " \t\n\r", &len); 284 if (len < 1 || val == NULL) 285 return; 286 *method = val; 287 288 while (*in == ' ' || *in == '\t') 289 in++; 290 val = bozostrnsep(&in, " \t\n\r", &len); 291 if (len < 1) { 292 if (len == 0) 293 *file = val; 294 else 295 *file = in; 296 } else { 297 *file = val; 298 299 *query = strchr(*file, '?'); 300 if (*query) 301 *(*query)++ = '\0'; 302 303 if (in) { 304 while (*in && (*in == ' ' || *in == '\t')) 305 in++; 306 if (*in) 307 *proto = in; 308 } 309 } 310 311 /* allocate private copies */ 312 *file = bozostrdup(httpd, *file); 313 if (*query) 314 *query = bozostrdup(httpd, *query); 315 316 debug((httpd, DEBUG_FAT, 317 "url: method: \"%s\" file: \"%s\" query: \"%s\" proto: \"%s\"", 318 *method, *file, *query, *proto)); 319 } 320 321 /* 322 * cleanup a bozo_httpreq_t after use 323 */ 324 void 325 bozo_clean_request(bozo_httpreq_t *request) 326 { 327 struct bozoheaders *hdr, *ohdr = NULL; 328 329 if (request == NULL) 330 return; 331 332 /* If SSL enabled cleanup SSL structure. */ 333 bozo_ssl_destroy(request->hr_httpd); 334 335 /* clean up request */ 336 #define MF(x) if (request->x) free(request->x) 337 MF(hr_remotehost); 338 MF(hr_remoteaddr); 339 MF(hr_serverport); 340 MF(hr_file); 341 MF(hr_oldfile); 342 MF(hr_query); 343 #undef MF 344 bozo_auth_cleanup(request); 345 for (hdr = SIMPLEQ_FIRST(&request->hr_headers); hdr; 346 hdr = SIMPLEQ_NEXT(hdr, h_next)) { 347 free(hdr->h_value); 348 free(hdr->h_header); 349 if (ohdr) 350 free(ohdr); 351 ohdr = hdr; 352 } 353 if (ohdr) 354 free(ohdr); 355 356 free(request); 357 } 358 359 /* 360 * send a HTTP/1.1 408 response if we timeout. 361 */ 362 /* ARGSUSED */ 363 static void 364 alarmer(int sig) 365 { 366 alarmhit = 1; 367 } 368 369 /* 370 * add or merge this header (val: str) into the requests list 371 */ 372 static bozoheaders_t * 373 addmerge_header(bozo_httpreq_t *request, char *val, 374 char *str, ssize_t len) 375 { 376 struct bozoheaders *hdr; 377 378 USE_ARG(len); 379 /* do we exist already? */ 380 SIMPLEQ_FOREACH(hdr, &request->hr_headers, h_next) { 381 if (strcasecmp(val, hdr->h_header) == 0) 382 break; 383 } 384 385 if (hdr) { 386 /* yup, merge it in */ 387 char *nval; 388 389 if (asprintf(&nval, "%s, %s", hdr->h_value, str) == -1) { 390 (void)bozo_http_error(request->hr_httpd, 500, NULL, 391 "memory allocation failure"); 392 return NULL; 393 } 394 free(hdr->h_value); 395 hdr->h_value = nval; 396 } else { 397 /* nope, create a new one */ 398 399 hdr = bozomalloc(request->hr_httpd, sizeof *hdr); 400 hdr->h_header = bozostrdup(request->hr_httpd, val); 401 if (str && *str) 402 hdr->h_value = bozostrdup(request->hr_httpd, str); 403 else 404 hdr->h_value = bozostrdup(request->hr_httpd, " "); 405 406 SIMPLEQ_INSERT_TAIL(&request->hr_headers, hdr, h_next); 407 request->hr_nheaders++; 408 } 409 410 return hdr; 411 } 412 413 /* 414 * as the prototype string is not constant (eg, "HTTP/1.1" is equivalent 415 * to "HTTP/001.01"), we MUST parse this. 416 */ 417 static int 418 process_proto(bozo_httpreq_t *request, const char *proto) 419 { 420 char majorstr[16], *minorstr; 421 int majorint, minorint; 422 423 if (proto == NULL) { 424 got_proto_09: 425 request->hr_proto = request->hr_httpd->consts.http_09; 426 debug((request->hr_httpd, DEBUG_FAT, "request %s is http/0.9", 427 request->hr_file)); 428 return 0; 429 } 430 431 if (strncasecmp(proto, "HTTP/", 5) != 0) 432 goto bad; 433 strncpy(majorstr, proto + 5, sizeof majorstr); 434 majorstr[sizeof(majorstr)-1] = 0; 435 minorstr = strchr(majorstr, '.'); 436 if (minorstr == NULL) 437 goto bad; 438 *minorstr++ = 0; 439 440 majorint = atoi(majorstr); 441 minorint = atoi(minorstr); 442 443 switch (majorint) { 444 case 0: 445 if (minorint != 9) 446 break; 447 goto got_proto_09; 448 case 1: 449 if (minorint == 0) 450 request->hr_proto = request->hr_httpd->consts.http_10; 451 else if (minorint == 1) 452 request->hr_proto = request->hr_httpd->consts.http_11; 453 else 454 break; 455 456 debug((request->hr_httpd, DEBUG_FAT, "request %s is %s", 457 request->hr_file, request->hr_proto)); 458 SIMPLEQ_INIT(&request->hr_headers); 459 request->hr_nheaders = 0; 460 return 0; 461 } 462 bad: 463 return bozo_http_error(request->hr_httpd, 404, NULL, "unknown prototype"); 464 } 465 466 /* 467 * process each type of HTTP method, setting this HTTP requests 468 # method type. 469 */ 470 static struct method_map { 471 const char *name; 472 int type; 473 } method_map[] = { 474 { "GET", HTTP_GET, }, 475 { "POST", HTTP_POST, }, 476 { "HEAD", HTTP_HEAD, }, 477 #if 0 /* other non-required http/1.1 methods */ 478 { "OPTIONS", HTTP_OPTIONS, }, 479 { "PUT", HTTP_PUT, }, 480 { "DELETE", HTTP_DELETE, }, 481 { "TRACE", HTTP_TRACE, }, 482 { "CONNECT", HTTP_CONNECT, }, 483 #endif 484 { NULL, 0, }, 485 }; 486 487 static int 488 process_method(bozo_httpreq_t *request, const char *method) 489 { 490 struct method_map *mmp; 491 492 if (request->hr_proto == request->hr_httpd->consts.http_11) 493 request->hr_allow = "GET, HEAD, POST"; 494 495 for (mmp = method_map; mmp->name; mmp++) 496 if (strcasecmp(method, mmp->name) == 0) { 497 request->hr_method = mmp->type; 498 request->hr_methodstr = mmp->name; 499 return 0; 500 } 501 502 return bozo_http_error(request->hr_httpd, 404, request, "unknown method"); 503 } 504 505 /* 506 * This function reads a http request from stdin, returning a pointer to a 507 * bozo_httpreq_t structure, describing the request. 508 */ 509 bozo_httpreq_t * 510 bozo_read_request(bozohttpd_t *httpd) 511 { 512 struct sigaction sa; 513 char *str, *val, *method, *file, *proto, *query; 514 char *host, *addr, *port; 515 char bufport[10]; 516 char hbuf[NI_MAXHOST], abuf[NI_MAXHOST]; 517 struct sockaddr_storage ss; 518 ssize_t len; 519 int line = 0; 520 socklen_t slen; 521 bozo_httpreq_t *request; 522 523 /* 524 * if we're in daemon mode, bozo_daemon_fork() will return here twice 525 * for each call. once in the child, returning 0, and once in the 526 * parent, returning 1. for each child, then we can setup SSL, and 527 * the parent can signal the caller there was no request to process 528 * and it will wait for another. 529 */ 530 if (bozo_daemon_fork(httpd)) 531 return NULL; 532 bozo_ssl_accept(httpd); 533 534 request = bozomalloc(httpd, sizeof(*request)); 535 memset(request, 0, sizeof(*request)); 536 request->hr_httpd = httpd; 537 request->hr_allow = request->hr_host = NULL; 538 request->hr_content_type = request->hr_content_length = NULL; 539 request->hr_range = NULL; 540 request->hr_last_byte_pos = -1; 541 request->hr_if_modified_since = NULL; 542 request->hr_file = NULL; 543 request->hr_oldfile = NULL; 544 545 slen = sizeof(ss); 546 if (getpeername(0, (struct sockaddr *)(void *)&ss, &slen) < 0) 547 host = addr = NULL; 548 else { 549 if (getnameinfo((struct sockaddr *)(void *)&ss, slen, 550 abuf, sizeof abuf, NULL, 0, NI_NUMERICHOST) == 0) 551 addr = abuf; 552 else 553 addr = NULL; 554 if (httpd->numeric == 0 && 555 getnameinfo((struct sockaddr *)(void *)&ss, slen, 556 hbuf, sizeof hbuf, NULL, 0, 0) == 0) 557 host = hbuf; 558 else 559 host = NULL; 560 } 561 if (host != NULL) 562 request->hr_remotehost = bozostrdup(request->hr_httpd, host); 563 if (addr != NULL) 564 request->hr_remoteaddr = bozostrdup(request->hr_httpd, addr); 565 slen = sizeof(ss); 566 if (getsockname(0, (struct sockaddr *)(void *)&ss, &slen) < 0) 567 port = NULL; 568 else { 569 if (getnameinfo((struct sockaddr *)(void *)&ss, slen, NULL, 0, 570 bufport, sizeof bufport, NI_NUMERICSERV) == 0) 571 port = bufport; 572 else 573 port = NULL; 574 } 575 if (port != NULL) 576 request->hr_serverport = bozostrdup(request->hr_httpd, port); 577 578 /* 579 * setup a timer to make sure the request is not hung 580 */ 581 sa.sa_handler = alarmer; 582 sigemptyset(&sa.sa_mask); 583 sigaddset(&sa.sa_mask, SIGALRM); 584 sa.sa_flags = 0; 585 sigaction(SIGALRM, &sa, NULL); /* XXX */ 586 587 alarm(MAX_WAIT_TIME); 588 while ((str = bozodgetln(httpd, STDIN_FILENO, &len, bozo_read)) != NULL) { 589 alarm(0); 590 if (alarmhit) { 591 (void)bozo_http_error(httpd, 408, NULL, 592 "request timed out"); 593 goto cleanup; 594 } 595 line++; 596 597 if (line == 1) { 598 599 if (len < 1) { 600 (void)bozo_http_error(httpd, 404, NULL, 601 "null method"); 602 goto cleanup; 603 } 604 605 bozo_warn(httpd, "got request ``%s'' from host %s to port %s", 606 str, 607 host ? host : addr ? addr : "<local>", 608 port ? port : "<stdin>"); 609 610 /* we allocate return space in file and query only */ 611 parse_request(httpd, str, &method, &file, &query, &proto); 612 request->hr_file = file; 613 request->hr_query = query; 614 if (method == NULL) { 615 (void)bozo_http_error(httpd, 404, NULL, 616 "null method"); 617 goto cleanup; 618 } 619 if (file == NULL) { 620 (void)bozo_http_error(httpd, 404, NULL, 621 "null file"); 622 goto cleanup; 623 } 624 625 /* 626 * note that we parse the proto first, so that we 627 * can more properly parse the method and the url. 628 */ 629 630 if (process_proto(request, proto) || 631 process_method(request, method)) { 632 goto cleanup; 633 } 634 635 debug((httpd, DEBUG_FAT, "got file \"%s\" query \"%s\"", 636 request->hr_file, 637 request->hr_query ? request->hr_query : "<none>")); 638 639 /* http/0.9 has no header processing */ 640 if (request->hr_proto == httpd->consts.http_09) 641 break; 642 } else { /* incoming headers */ 643 bozoheaders_t *hdr; 644 645 if (*str == '\0') 646 break; 647 648 val = bozostrnsep(&str, ":", &len); 649 debug((httpd, DEBUG_EXPLODING, 650 "read_req2: after bozostrnsep: str ``%s'' val ``%s''", 651 str, val)); 652 if (val == NULL || len == -1) { 653 (void)bozo_http_error(httpd, 404, request, 654 "no header"); 655 goto cleanup; 656 } 657 while (*str == ' ' || *str == '\t') 658 len--, str++; 659 while (*val == ' ' || *val == '\t') 660 val++; 661 662 if (bozo_auth_check_headers(request, val, str, len)) 663 goto next_header; 664 665 hdr = addmerge_header(request, val, str, len); 666 667 if (strcasecmp(hdr->h_header, "content-type") == 0) 668 request->hr_content_type = hdr->h_value; 669 else if (strcasecmp(hdr->h_header, "content-length") == 0) 670 request->hr_content_length = hdr->h_value; 671 else if (strcasecmp(hdr->h_header, "host") == 0) 672 request->hr_host = hdr->h_value; 673 /* HTTP/1.1 rev06 draft spec: 14.20 */ 674 else if (strcasecmp(hdr->h_header, "expect") == 0) { 675 (void)bozo_http_error(httpd, 417, request, 676 "we don't support Expect:"); 677 goto cleanup; 678 } 679 else if (strcasecmp(hdr->h_header, "referrer") == 0 || 680 strcasecmp(hdr->h_header, "referer") == 0) 681 request->hr_referrer = hdr->h_value; 682 else if (strcasecmp(hdr->h_header, "range") == 0) 683 request->hr_range = hdr->h_value; 684 else if (strcasecmp(hdr->h_header, 685 "if-modified-since") == 0) 686 request->hr_if_modified_since = hdr->h_value; 687 688 debug((httpd, DEBUG_FAT, "adding header %s: %s", 689 hdr->h_header, hdr->h_value)); 690 } 691 next_header: 692 alarm(MAX_WAIT_TIME); 693 } 694 695 /* now, clear it all out */ 696 alarm(0); 697 signal(SIGALRM, SIG_DFL); 698 699 /* RFC1945, 8.3 */ 700 if (request->hr_method == HTTP_POST && 701 request->hr_content_length == NULL) { 702 (void)bozo_http_error(httpd, 400, request, 703 "missing content length"); 704 goto cleanup; 705 } 706 707 /* HTTP/1.1 draft rev-06, 14.23 & 19.6.1.1 */ 708 if (request->hr_proto == httpd->consts.http_11 && 709 request->hr_host == NULL) { 710 (void)bozo_http_error(httpd, 400, request, 711 "missing Host header"); 712 goto cleanup; 713 } 714 715 if (request->hr_range != NULL) { 716 debug((httpd, DEBUG_FAT, "hr_range: %s", request->hr_range)); 717 /* support only simple ranges %d- and %d-%d */ 718 if (strchr(request->hr_range, ',') == NULL) { 719 const char *rstart, *dash; 720 721 rstart = strchr(request->hr_range, '='); 722 if (rstart != NULL) { 723 rstart++; 724 dash = strchr(rstart, '-'); 725 if (dash != NULL && dash != rstart) { 726 dash++; 727 request->hr_have_range = 1; 728 request->hr_first_byte_pos = 729 strtoll(rstart, NULL, 10); 730 if (request->hr_first_byte_pos < 0) 731 request->hr_first_byte_pos = 0; 732 if (*dash != '\0') { 733 request->hr_last_byte_pos = 734 strtoll(dash, NULL, 10); 735 if (request->hr_last_byte_pos < 0) 736 request->hr_last_byte_pos = -1; 737 } 738 } 739 } 740 } 741 } 742 743 debug((httpd, DEBUG_FAT, "bozo_read_request returns url %s in request", 744 request->hr_file)); 745 return request; 746 747 cleanup: 748 bozo_clean_request(request); 749 750 return NULL; 751 } 752 753 static int 754 mmap_and_write_part(bozohttpd_t *httpd, int fd, off_t first_byte_pos, size_t sz) 755 { 756 size_t mappedsz, wroffset; 757 off_t mappedoffset; 758 char *addr; 759 void *mappedaddr; 760 761 /* 762 * we need to ensure that both the size *and* offset arguments to 763 * mmap() are page-aligned. our formala for this is: 764 * 765 * input offset: first_byte_pos 766 * input size: sz 767 * 768 * mapped offset = page align truncate (input offset) 769 * mapped size = 770 * page align extend (input offset - mapped offset + input size) 771 * write offset = input offset - mapped offset 772 * 773 * we use the write offset in all writes 774 */ 775 mappedoffset = first_byte_pos & ~(httpd->page_size - 1); 776 mappedsz = (size_t) 777 (first_byte_pos - mappedoffset + sz + httpd->page_size - 1) & 778 ~(httpd->page_size - 1); 779 wroffset = (size_t)(first_byte_pos - mappedoffset); 780 781 addr = mmap(0, mappedsz, PROT_READ, MAP_SHARED, fd, mappedoffset); 782 if (addr == (char *)-1) { 783 bozo_warn(httpd, "mmap failed: %s", strerror(errno)); 784 return -1; 785 } 786 mappedaddr = addr; 787 788 #ifdef MADV_SEQUENTIAL 789 (void)madvise(addr, sz, MADV_SEQUENTIAL); 790 #endif 791 while (sz > BOZO_WRSZ) { 792 if (bozo_write(httpd, STDOUT_FILENO, addr + wroffset, 793 BOZO_WRSZ) != BOZO_WRSZ) { 794 bozo_warn(httpd, "write failed: %s", strerror(errno)); 795 goto out; 796 } 797 debug((httpd, DEBUG_OBESE, "wrote %d bytes", BOZO_WRSZ)); 798 sz -= BOZO_WRSZ; 799 addr += BOZO_WRSZ; 800 } 801 if (sz && (size_t)bozo_write(httpd, STDOUT_FILENO, addr + wroffset, 802 sz) != sz) { 803 bozo_warn(httpd, "final write failed: %s", strerror(errno)); 804 goto out; 805 } 806 debug((httpd, DEBUG_OBESE, "wrote %d bytes", (int)sz)); 807 out: 808 if (munmap(mappedaddr, mappedsz) < 0) { 809 bozo_warn(httpd, "munmap failed"); 810 return -1; 811 } 812 813 return 0; 814 } 815 816 static int 817 parse_http_date(const char *val, time_t *timestamp) 818 { 819 char *remainder; 820 struct tm tm; 821 822 if ((remainder = strptime(val, "%a, %d %b %Y %T GMT", &tm)) == NULL && 823 (remainder = strptime(val, "%a, %d-%b-%y %T GMT", &tm)) == NULL && 824 (remainder = strptime(val, "%a %b %d %T %Y", &tm)) == NULL) 825 return 0; /* Invalid HTTP date format */ 826 827 if (*remainder) 828 return 0; /* No trailing garbage */ 829 830 *timestamp = timegm(&tm); 831 return 1; 832 } 833 834 /* 835 * checks to see if this request has a valid .bzdirect file. returns 836 * 0 on failure and 1 on success. 837 */ 838 static int 839 check_direct_access(bozo_httpreq_t *request) 840 { 841 FILE *fp; 842 struct stat sb; 843 char dir[MAXPATHLEN], dirfile[MAXPATHLEN], *basename; 844 845 snprintf(dir, sizeof(dir), "%s", request->hr_file + 1); 846 debug((request->hr_httpd, DEBUG_FAT, "check_bzredirect: dir %s", dir)); 847 basename = strrchr(dir, '/'); 848 849 if ((!basename || basename[1] != '\0') && 850 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) 851 /* nothing */; 852 else if (basename == NULL) 853 strcpy(dir, "."); 854 else { 855 *basename++ = '\0'; 856 bozo_check_special_files(request, basename); 857 } 858 859 snprintf(dirfile, sizeof(dirfile), "%s/%s", dir, DIRECT_ACCESS_FILE); 860 if (stat(dirfile, &sb) < 0 || 861 (fp = fopen(dirfile, "r")) == NULL) 862 return 0; 863 fclose(fp); 864 return 1; 865 } 866 867 /* 868 * do automatic redirection -- if there are query parameters for the URL 869 * we will tack these on to the new (redirected) URL. 870 */ 871 static void 872 handle_redirect(bozo_httpreq_t *request, 873 const char *url, int absolute) 874 { 875 bozohttpd_t *httpd = request->hr_httpd; 876 char *urlbuf; 877 char portbuf[20]; 878 int query = 0; 879 880 if (url == NULL) { 881 if (asprintf(&urlbuf, "/%s/", request->hr_file) < 0) 882 bozo_err(httpd, 1, "asprintf"); 883 url = urlbuf; 884 } else 885 urlbuf = NULL; 886 887 if (request->hr_query && strlen(request->hr_query)) { 888 query = 1; 889 } 890 891 if (request->hr_serverport && strcmp(request->hr_serverport, "80") != 0) 892 snprintf(portbuf, sizeof(portbuf), ":%s", 893 request->hr_serverport); 894 else 895 portbuf[0] = '\0'; 896 bozo_warn(httpd, "redirecting %s%s%s", httpd->virthostname, portbuf, url); 897 debug((httpd, DEBUG_FAT, "redirecting %s", url)); 898 bozo_printf(httpd, "%s 301 Document Moved\r\n", request->hr_proto); 899 if (request->hr_proto != httpd->consts.http_09) 900 bozo_print_header(request, NULL, "text/html", NULL); 901 if (request->hr_proto != httpd->consts.http_09) { 902 bozo_printf(httpd, "Location: http://"); 903 if (absolute == 0) 904 bozo_printf(httpd, "%s%s", httpd->virthostname, portbuf); 905 if (query) { 906 bozo_printf(httpd, "%s?%s\r\n", url, request->hr_query); 907 } else { 908 bozo_printf(httpd, "%s\r\n", url); 909 } 910 } 911 bozo_printf(httpd, "\r\n"); 912 if (request->hr_method == HTTP_HEAD) 913 goto head; 914 bozo_printf(httpd, "<html><head><title>Document Moved</title></head>\n"); 915 bozo_printf(httpd, "<body><h1>Document Moved</h1>\n"); 916 bozo_printf(httpd, "This document had moved <a href=\"http://"); 917 if (query) { 918 if (absolute) 919 bozo_printf(httpd, "%s?%s", url, request->hr_query); 920 else 921 bozo_printf(httpd, "%s%s%s?%s", httpd->virthostname, portbuf, url, 922 request->hr_query); 923 } else { 924 if (absolute) 925 bozo_printf(httpd, "%s", url); 926 else 927 bozo_printf(httpd, "%s%s%s", httpd->virthostname, portbuf, url); 928 } 929 bozo_printf(httpd, "\">here</a>\n"); 930 bozo_printf(httpd, "</body></html>\n"); 931 head: 932 bozo_flush(httpd, stdout); 933 if (urlbuf) 934 free(urlbuf); 935 } 936 937 /* 938 * deal with virtual host names; we do this: 939 * if we have a virtual path root (httpd->virtbase), and we are given a 940 * virtual host spec (Host: ho.st or http://ho.st/), see if this 941 * directory exists under httpd->virtbase. if it does, use this as the 942 # new slashdir. 943 */ 944 static int 945 check_virtual(bozo_httpreq_t *request) 946 { 947 bozohttpd_t *httpd = request->hr_httpd; 948 char *file = request->hr_file, *s; 949 size_t len; 950 951 if (!httpd->virtbase) 952 goto use_slashdir; 953 954 /* 955 * convert http://virtual.host/ to request->hr_host 956 */ 957 debug((httpd, DEBUG_OBESE, "checking for http:// virtual host in ``%s''", 958 file)); 959 if (strncasecmp(file, "http://", 7) == 0) { 960 /* we would do virtual hosting here? */ 961 file += 7; 962 s = strchr(file, '/'); 963 /* HTTP/1.1 draft rev-06, 5.2: URI takes precedence over Host: */ 964 request->hr_host = file; 965 request->hr_file = bozostrdup(request->hr_httpd, s ? s : "/"); 966 debug((httpd, DEBUG_OBESE, "got host ``%s'' file is now ``%s''", 967 request->hr_host, request->hr_file)); 968 } else if (!request->hr_host) 969 goto use_slashdir; 970 971 /* 972 * ok, we have a virtual host, use scandir(3) to find a case 973 * insensitive match for the virtual host we are asked for. 974 * note that if the virtual host is the same as the master, 975 * we don't need to do anything special. 976 */ 977 len = strlen(request->hr_host); 978 debug((httpd, DEBUG_OBESE, 979 "check_virtual: checking host `%s' under httpd->virtbase `%s' " 980 "for file `%s'", 981 request->hr_host, httpd->virtbase, request->hr_file)); 982 if (strncasecmp(httpd->virthostname, request->hr_host, len) != 0) { 983 s = 0; 984 DIR *dirp; 985 struct dirent *d; 986 987 if ((dirp = opendir(httpd->virtbase)) != NULL) { 988 while ((d = readdir(dirp)) != NULL) { 989 if (strcmp(d->d_name, ".") == 0 || 990 strcmp(d->d_name, "..") == 0) { 991 continue; 992 } 993 debug((httpd, DEBUG_OBESE, "looking at dir``%s''", 994 d->d_name)); 995 if (strncasecmp(d->d_name, request->hr_host, 996 len) == 0) { 997 /* found it, punch it */ 998 debug((httpd, DEBUG_OBESE, "found it punch it")); 999 httpd->virthostname = d->d_name; 1000 if (asprintf(&s, "%s/%s", httpd->virtbase, 1001 httpd->virthostname) < 0) 1002 bozo_err(httpd, 1, "asprintf"); 1003 break; 1004 } 1005 } 1006 closedir(dirp); 1007 } 1008 else { 1009 debug((httpd, DEBUG_FAT, "opendir %s failed: %s", 1010 httpd->virtbase, strerror(errno))); 1011 } 1012 if (s == 0) { 1013 if (httpd->unknown_slash) 1014 goto use_slashdir; 1015 return bozo_http_error(httpd, 404, request, 1016 "unknown URL"); 1017 } 1018 } else 1019 use_slashdir: 1020 s = httpd->slashdir; 1021 1022 /* 1023 * ok, nailed the correct slashdir, chdir to it 1024 */ 1025 if (chdir(s) < 0) 1026 return bozo_http_error(httpd, 404, request, 1027 "can't chdir to slashdir"); 1028 return 0; 1029 } 1030 1031 /* 1032 * checks to see if this request has a valid .bzredirect file. returns 1033 * 0 on failure and 1 on success. 1034 */ 1035 static void 1036 check_bzredirect(bozo_httpreq_t *request) 1037 { 1038 struct stat sb; 1039 char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1]; 1040 char *basename, *finalredir; 1041 int rv, absolute; 1042 1043 /* 1044 * if this pathname is really a directory, but doesn't end in /, 1045 * use it as the directory to look for the redir file. 1046 */ 1047 snprintf(dir, sizeof(dir), "%s", request->hr_file + 1); 1048 debug((request->hr_httpd, DEBUG_FAT, "check_bzredirect: dir %s", dir)); 1049 basename = strrchr(dir, '/'); 1050 1051 if ((!basename || basename[1] != '\0') && 1052 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) 1053 /* nothing */; 1054 else if (basename == NULL) 1055 strcpy(dir, "."); 1056 else { 1057 *basename++ = '\0'; 1058 bozo_check_special_files(request, basename); 1059 } 1060 1061 snprintf(redir, sizeof(redir), "%s/%s", dir, REDIRECT_FILE); 1062 if (lstat(redir, &sb) == 0) { 1063 if (!S_ISLNK(sb.st_mode)) 1064 return; 1065 absolute = 0; 1066 } else { 1067 snprintf(redir, sizeof(redir), "%s/%s", dir, ABSREDIRECT_FILE); 1068 if (lstat(redir, &sb) < 0 || !S_ISLNK(sb.st_mode)) 1069 return; 1070 absolute = 1; 1071 } 1072 debug((request->hr_httpd, DEBUG_FAT, 1073 "check_bzredirect: calling readlink")); 1074 rv = readlink(redir, redirpath, sizeof redirpath - 1); 1075 if (rv == -1 || rv == 0) { 1076 debug((request->hr_httpd, DEBUG_FAT, "readlink failed")); 1077 return; 1078 } 1079 redirpath[rv] = '\0'; 1080 debug((request->hr_httpd, DEBUG_FAT, 1081 "readlink returned \"%s\"", redirpath)); 1082 1083 /* now we have the link pointer, redirect to the real place */ 1084 if (absolute) 1085 finalredir = redirpath; 1086 else 1087 snprintf(finalredir = redir, sizeof(redir), "/%s/%s", dir, 1088 redirpath); 1089 1090 debug((request->hr_httpd, DEBUG_FAT, 1091 "check_bzredirect: new redir %s", finalredir)); 1092 handle_redirect(request, finalredir, absolute); 1093 } 1094 1095 /* this fixes the %HH hack that RFC2396 requires. */ 1096 static void 1097 fix_url_percent(bozo_httpreq_t *request) 1098 { 1099 bozohttpd_t *httpd = request->hr_httpd; 1100 char *s, *t, buf[3], *url; 1101 char *end; /* if end is not-zero, we don't translate beyond that */ 1102 1103 url = request->hr_file; 1104 1105 end = url + strlen(url); 1106 1107 /* fast forward to the first % */ 1108 if ((s = strchr(url, '%')) == NULL) 1109 return; 1110 1111 t = s; 1112 do { 1113 if (end && s >= end) { 1114 debug((httpd, DEBUG_EXPLODING, 1115 "fu_%%: past end, filling out..")); 1116 while (*s) 1117 *t++ = *s++; 1118 break; 1119 } 1120 debug((httpd, DEBUG_EXPLODING, 1121 "fu_%%: got s == %%, s[1]s[2] == %c%c", 1122 s[1], s[2])); 1123 if (s[1] == '\0' || s[2] == '\0') { 1124 (void)bozo_http_error(httpd, 400, request, 1125 "percent hack missing two chars afterwards"); 1126 goto copy_rest; 1127 } 1128 if (s[1] == '0' && s[2] == '0') { 1129 (void)bozo_http_error(httpd, 404, request, 1130 "percent hack was %00"); 1131 goto copy_rest; 1132 } 1133 if (s[1] == '2' && s[2] == 'f') { 1134 (void)bozo_http_error(httpd, 404, request, 1135 "percent hack was %2f (/)"); 1136 goto copy_rest; 1137 } 1138 1139 buf[0] = *++s; 1140 buf[1] = *++s; 1141 buf[2] = '\0'; 1142 s++; 1143 *t = (char)strtol(buf, NULL, 16); 1144 debug((httpd, DEBUG_EXPLODING, 1145 "fu_%%: strtol put '%02x' into *t", *t)); 1146 if (*t++ == '\0') { 1147 (void)bozo_http_error(httpd, 400, request, 1148 "percent hack got a 0 back"); 1149 goto copy_rest; 1150 } 1151 1152 while (*s && *s != '%') { 1153 if (end && s >= end) 1154 break; 1155 *t++ = *s++; 1156 } 1157 } while (*s); 1158 copy_rest: 1159 while (*s) { 1160 if (s >= end) 1161 break; 1162 *t++ = *s++; 1163 } 1164 *t = '\0'; 1165 debug((httpd, DEBUG_FAT, "fix_url_percent returns %s in url", 1166 request->hr_file)); 1167 } 1168 1169 /* 1170 * transform_request does this: 1171 * - ``expand'' %20 crapola 1172 * - punt if it doesn't start with / 1173 * - check httpd->untrustedref / referrer 1174 * - look for "http://myname/" and deal with it. 1175 * - maybe call bozo_process_cgi() 1176 * - check for ~user and call bozo_user_transform() if so 1177 * - if the length > 1, check for trailing slash. if so, 1178 * add the index.html file 1179 * - if the length is 1, return the index.html file 1180 * - disallow anything ending up with a file starting 1181 * at "/" or having ".." in it. 1182 * - anything else is a really weird internal error 1183 * - returns malloced file to serve, if unhandled 1184 */ 1185 static int 1186 transform_request(bozo_httpreq_t *request, int *isindex) 1187 { 1188 bozohttpd_t *httpd = request->hr_httpd; 1189 char *file, *newfile = NULL; 1190 size_t len; 1191 1192 file = NULL; 1193 *isindex = 0; 1194 debug((httpd, DEBUG_FAT, "tf_req: file %s", request->hr_file)); 1195 fix_url_percent(request); 1196 if (check_virtual(request)) { 1197 goto bad_done; 1198 } 1199 file = request->hr_file; 1200 1201 if (file[0] != '/') { 1202 (void)bozo_http_error(httpd, 404, request, "unknown URL"); 1203 goto bad_done; 1204 } 1205 1206 check_bzredirect(request); 1207 1208 if (httpd->untrustedref) { 1209 int to_indexhtml = 0; 1210 1211 #define TOP_PAGE(x) (strcmp((x), "/") == 0 || \ 1212 strcmp((x) + 1, httpd->index_html) == 0 || \ 1213 strcmp((x) + 1, "favicon.ico") == 0) 1214 1215 debug((httpd, DEBUG_EXPLODING, "checking httpd->untrustedref")); 1216 /* 1217 * first check that this path isn't allowed via .bzdirect file, 1218 * and then check referrer; make sure that people come via the 1219 * real name... otherwise if we aren't looking at / or 1220 * /index.html, redirect... we also special case favicon.ico. 1221 */ 1222 if (check_direct_access(request)) 1223 /* nothing */; 1224 else if (request->hr_referrer) { 1225 const char *r = request->hr_referrer; 1226 1227 debug((httpd, DEBUG_FAT, 1228 "checking referrer \"%s\" vs virthostname %s", 1229 r, httpd->virthostname)); 1230 if (strncmp(r, "http://", 7) != 0 || 1231 (strncasecmp(r + 7, httpd->virthostname, 1232 strlen(httpd->virthostname)) != 0 && 1233 !TOP_PAGE(file))) 1234 to_indexhtml = 1; 1235 } else { 1236 const char *h = request->hr_host; 1237 1238 debug((httpd, DEBUG_FAT, "url has no referrer at all")); 1239 /* if there's no referrer, let / or /index.html past */ 1240 if (!TOP_PAGE(file) || 1241 (h && strncasecmp(h, httpd->virthostname, 1242 strlen(httpd->virthostname)) != 0)) 1243 to_indexhtml = 1; 1244 } 1245 1246 if (to_indexhtml) { 1247 char *slashindexhtml; 1248 1249 if (asprintf(&slashindexhtml, "/%s", 1250 httpd->index_html) < 0) 1251 bozo_err(httpd, 1, "asprintf"); 1252 debug((httpd, DEBUG_FAT, 1253 "httpd->untrustedref: redirecting %s to %s", 1254 file, slashindexhtml)); 1255 handle_redirect(request, slashindexhtml, 0); 1256 free(slashindexhtml); 1257 return 0; 1258 } 1259 } 1260 1261 len = strlen(file); 1262 if (/*CONSTCOND*/0) { 1263 #ifndef NO_USER_SUPPORT 1264 } else if (len > 1 && httpd->enable_users && file[1] == '~') { 1265 if (file[2] == '\0') { 1266 (void)bozo_http_error(httpd, 404, request, 1267 "missing username"); 1268 goto bad_done; 1269 } 1270 if (strchr(file + 2, '/') == NULL) { 1271 handle_redirect(request, NULL, 0); 1272 return 0; 1273 } 1274 debug((httpd, DEBUG_FAT, "calling bozo_user_transform")); 1275 1276 return bozo_user_transform(request, isindex); 1277 #endif /* NO_USER_SUPPORT */ 1278 } else if (len > 1) { 1279 debug((httpd, DEBUG_FAT, "file[len-1] == %c", file[len-1])); 1280 if (file[len-1] == '/') { /* append index.html */ 1281 *isindex = 1; 1282 debug((httpd, DEBUG_FAT, "appending index.html")); 1283 newfile = bozomalloc(httpd, 1284 len + strlen(httpd->index_html) + 1); 1285 strcpy(newfile, file + 1); 1286 strcat(newfile, httpd->index_html); 1287 } else 1288 newfile = bozostrdup(request->hr_httpd, file + 1); 1289 } else if (len == 1) { 1290 debug((httpd, DEBUG_EXPLODING, "tf_req: len == 1")); 1291 newfile = bozostrdup(request->hr_httpd, httpd->index_html); 1292 *isindex = 1; 1293 } else { /* len == 0 ? */ 1294 (void)bozo_http_error(httpd, 500, request, 1295 "request->hr_file is nul?"); 1296 goto bad_done; 1297 } 1298 1299 if (newfile == NULL) { 1300 (void)bozo_http_error(httpd, 500, request, "internal failure"); 1301 goto bad_done; 1302 } 1303 1304 /* 1305 * look for "http://myname/" and deal with it as necessary. 1306 */ 1307 1308 /* 1309 * stop traversing outside our domain 1310 * 1311 * XXX true security only comes from our parent using chroot(2) 1312 * before execve(2)'ing us. or our own built in chroot(2) support. 1313 */ 1314 if (*newfile == '/' || strcmp(newfile, "..") == 0 || 1315 strstr(newfile, "/..") || strstr(newfile, "../")) { 1316 (void)bozo_http_error(httpd, 403, request, "illegal request"); 1317 goto bad_done; 1318 } 1319 1320 if (bozo_auth_check(request, newfile)) 1321 goto bad_done; 1322 1323 if (strlen(newfile)) { 1324 request->hr_oldfile = request->hr_file; 1325 request->hr_file = newfile; 1326 } 1327 1328 if (bozo_process_cgi(request)) 1329 return 0; 1330 1331 debug((httpd, DEBUG_FAT, "transform_request set: %s", newfile)); 1332 return 1; 1333 bad_done: 1334 debug((httpd, DEBUG_FAT, "transform_request returning: 0")); 1335 if (newfile) 1336 free(newfile); 1337 return 0; 1338 } 1339 1340 /* 1341 * bozo_process_request does the following: 1342 * - check the request is valid 1343 * - process cgi-bin if necessary 1344 * - transform a filename if necesarry 1345 * - return the HTTP request 1346 */ 1347 void 1348 bozo_process_request(bozo_httpreq_t *request) 1349 { 1350 bozohttpd_t *httpd = request->hr_httpd; 1351 struct stat sb; 1352 time_t timestamp; 1353 char *file; 1354 const char *type, *encoding; 1355 int fd, isindex; 1356 1357 /* 1358 * note that transform_request chdir()'s if required. also note 1359 * that cgi is handed here. if transform_request() returns 0 1360 * then the request has been handled already. 1361 */ 1362 if (transform_request(request, &isindex) == 0) 1363 return; 1364 1365 file = request->hr_file; 1366 1367 fd = open(file, O_RDONLY); 1368 if (fd < 0) { 1369 debug((httpd, DEBUG_FAT, "open failed: %s", strerror(errno))); 1370 if (errno == EPERM) 1371 (void)bozo_http_error(httpd, 403, request, 1372 "no permission to open file"); 1373 else if (errno == ENOENT) { 1374 if (!bozo_dir_index(request, file, isindex)) 1375 (void)bozo_http_error(httpd, 404, request, 1376 "no file"); 1377 } else 1378 (void)bozo_http_error(httpd, 500, request, "open file"); 1379 goto cleanup_nofd; 1380 } 1381 if (fstat(fd, &sb) < 0) { 1382 (void)bozo_http_error(httpd, 500, request, "can't fstat"); 1383 goto cleanup; 1384 } 1385 if (S_ISDIR(sb.st_mode)) { 1386 handle_redirect(request, NULL, 0); 1387 goto cleanup; 1388 } 1389 1390 if (request->hr_if_modified_since && 1391 parse_http_date(request->hr_if_modified_since, ×tamp) && 1392 timestamp >= sb.st_mtime) { 1393 /* XXX ignore subsecond of timestamp */ 1394 bozo_printf(httpd, "%s 304 Not Modified\r\n", 1395 request->hr_proto); 1396 bozo_printf(httpd, "\r\n"); 1397 bozo_flush(httpd, stdout); 1398 goto cleanup; 1399 } 1400 1401 /* validate requested range */ 1402 if (request->hr_last_byte_pos == -1 || 1403 request->hr_last_byte_pos >= sb.st_size) 1404 request->hr_last_byte_pos = sb.st_size - 1; 1405 if (request->hr_have_range && 1406 request->hr_first_byte_pos > request->hr_last_byte_pos) { 1407 request->hr_have_range = 0; /* punt */ 1408 request->hr_first_byte_pos = 0; 1409 request->hr_last_byte_pos = sb.st_size - 1; 1410 } 1411 debug((httpd, DEBUG_FAT, "have_range %d first_pos %lld last_pos %lld", 1412 request->hr_have_range, 1413 (long long)request->hr_first_byte_pos, 1414 (long long)request->hr_last_byte_pos)); 1415 if (request->hr_have_range) 1416 bozo_printf(httpd, "%s 206 Partial Content\r\n", 1417 request->hr_proto); 1418 else 1419 bozo_printf(httpd, "%s 200 OK\r\n", request->hr_proto); 1420 1421 if (request->hr_proto != httpd->consts.http_09) { 1422 type = bozo_content_type(request, file); 1423 encoding = bozo_content_encoding(request, file); 1424 1425 bozo_print_header(request, &sb, type, encoding); 1426 bozo_printf(httpd, "\r\n"); 1427 } 1428 bozo_flush(httpd, stdout); 1429 1430 if (request->hr_method != HTTP_HEAD) { 1431 off_t szleft, cur_byte_pos; 1432 1433 szleft = 1434 request->hr_last_byte_pos - request->hr_first_byte_pos + 1; 1435 cur_byte_pos = request->hr_first_byte_pos; 1436 1437 retry: 1438 while (szleft) { 1439 size_t sz; 1440 1441 /* This should take care of the first unaligned chunk */ 1442 if ((cur_byte_pos & (httpd->page_size - 1)) != 0) 1443 sz = (size_t)(cur_byte_pos & ~httpd->page_size); 1444 if ((off_t)httpd->mmapsz < szleft) 1445 sz = httpd->mmapsz; 1446 else 1447 sz = (size_t)szleft; 1448 if (mmap_and_write_part(httpd, fd, cur_byte_pos, sz)) { 1449 if (errno == ENOMEM) { 1450 httpd->mmapsz /= 2; 1451 if (httpd->mmapsz >= httpd->page_size) 1452 goto retry; 1453 } 1454 goto cleanup; 1455 } 1456 cur_byte_pos += sz; 1457 szleft -= sz; 1458 } 1459 } 1460 cleanup: 1461 close(fd); 1462 cleanup_nofd: 1463 close(STDIN_FILENO); 1464 close(STDOUT_FILENO); 1465 /*close(STDERR_FILENO);*/ 1466 } 1467 1468 /* make sure we're not trying to access special files */ 1469 int 1470 bozo_check_special_files(bozo_httpreq_t *request, const char *name) 1471 { 1472 bozohttpd_t *httpd = request->hr_httpd; 1473 1474 /* ensure basename(name) != special files */ 1475 if (strcmp(name, DIRECT_ACCESS_FILE) == 0) 1476 return bozo_http_error(httpd, 403, request, 1477 "no permission to open direct access file"); 1478 if (strcmp(name, REDIRECT_FILE) == 0) 1479 return bozo_http_error(httpd, 403, request, 1480 "no permission to open redirect file"); 1481 if (strcmp(name, ABSREDIRECT_FILE) == 0) 1482 return bozo_http_error(httpd, 403, request, 1483 "no permission to open redirect file"); 1484 return bozo_auth_check_special_files(request, name); 1485 } 1486 1487 /* generic header printing routine */ 1488 void 1489 bozo_print_header(bozo_httpreq_t *request, 1490 struct stat *sbp, const char *type, const char *encoding) 1491 { 1492 bozohttpd_t *httpd = request->hr_httpd; 1493 off_t len; 1494 char date[40]; 1495 1496 bozo_printf(httpd, "Date: %s\r\n", bozo_http_date(date, sizeof(date))); 1497 bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); 1498 bozo_printf(httpd, "Accept-Ranges: bytes\r\n"); 1499 if (sbp) { 1500 char filedate[40]; 1501 struct tm *tm; 1502 1503 tm = gmtime(&sbp->st_mtime); 1504 strftime(filedate, sizeof filedate, 1505 "%a, %d %b %Y %H:%M:%S GMT", tm); 1506 bozo_printf(httpd, "Last-Modified: %s\r\n", filedate); 1507 } 1508 if (type && *type) 1509 bozo_printf(httpd, "Content-Type: %s\r\n", type); 1510 if (encoding && *encoding) 1511 bozo_printf(httpd, "Content-Encoding: %s\r\n", encoding); 1512 if (sbp) { 1513 if (request->hr_have_range) { 1514 len = request->hr_last_byte_pos - 1515 request->hr_first_byte_pos +1; 1516 bozo_printf(httpd, 1517 "Content-Range: bytes %qd-%qd/%qd\r\n", 1518 (long long) request->hr_first_byte_pos, 1519 (long long) request->hr_last_byte_pos, 1520 (long long) sbp->st_size); 1521 } else 1522 len = sbp->st_size; 1523 bozo_printf(httpd, "Content-Length: %qd\r\n", (long long)len); 1524 } 1525 if (request && request->hr_proto == httpd->consts.http_11) 1526 bozo_printf(httpd, "Connection: close\r\n"); 1527 bozo_flush(httpd, stdout); 1528 } 1529 1530 #ifndef NO_DEBUG 1531 void 1532 debug__(bozohttpd_t *httpd, int level, const char *fmt, ...) 1533 { 1534 va_list ap; 1535 int savederrno; 1536 1537 /* only log if the level is low enough */ 1538 if (httpd->debug < level) 1539 return; 1540 1541 savederrno = errno; 1542 va_start(ap, fmt); 1543 if (httpd->logstderr) { 1544 vfprintf(stderr, fmt, ap); 1545 fputs("\n", stderr); 1546 } else 1547 vsyslog(LOG_DEBUG, fmt, ap); 1548 va_end(ap); 1549 errno = savederrno; 1550 } 1551 #endif /* NO_DEBUG */ 1552 1553 /* these are like warn() and err(), except for syslog not stderr */ 1554 void 1555 bozo_warn(bozohttpd_t *httpd, const char *fmt, ...) 1556 { 1557 va_list ap; 1558 1559 va_start(ap, fmt); 1560 if (httpd->logstderr || isatty(STDERR_FILENO)) { 1561 //fputs("warning: ", stderr); 1562 vfprintf(stderr, fmt, ap); 1563 fputs("\n", stderr); 1564 } else 1565 vsyslog(LOG_INFO, fmt, ap); 1566 va_end(ap); 1567 } 1568 1569 void 1570 bozo_err(bozohttpd_t *httpd, int code, const char *fmt, ...) 1571 { 1572 va_list ap; 1573 1574 va_start(ap, fmt); 1575 if (httpd->logstderr || isatty(STDERR_FILENO)) { 1576 //fputs("error: ", stderr); 1577 vfprintf(stderr, fmt, ap); 1578 fputs("\n", stderr); 1579 } else 1580 vsyslog(LOG_ERR, fmt, ap); 1581 va_end(ap); 1582 exit(code); 1583 } 1584 1585 /* this escape HTML tags */ 1586 static void 1587 escape_html(bozo_httpreq_t *request) 1588 { 1589 int i, j; 1590 char *url = request->hr_file, *tmp; 1591 1592 for (i = 0, j = 0; url[i]; i++) { 1593 switch (url[i]) { 1594 case '<': 1595 case '>': 1596 j += 4; 1597 break; 1598 case '&': 1599 j += 5; 1600 break; 1601 } 1602 } 1603 1604 if (j == 0) 1605 return; 1606 1607 if ((tmp = (char *) malloc(strlen(url) + j)) == 0) 1608 /* 1609 * ouch, but we are only called from an error context, and 1610 * most paths here come from malloc(3) failures anyway... 1611 * we could completely punt and just exit, but isn't returning 1612 * an not-quite-correct error better than nothing at all? 1613 */ 1614 return; 1615 1616 for (i = 0, j = 0; url[i]; i++) { 1617 switch (url[i]) { 1618 case '<': 1619 memcpy(tmp + j, "<", 4); 1620 j += 4; 1621 break; 1622 case '>': 1623 memcpy(tmp + j, ">", 4); 1624 j += 4; 1625 break; 1626 case '&': 1627 memcpy(tmp + j, "&", 5); 1628 j += 5; 1629 break; 1630 default: 1631 tmp[j++] = url[i]; 1632 } 1633 } 1634 tmp[j] = 0; 1635 1636 free(request->hr_file); 1637 request->hr_file = tmp; 1638 } 1639 1640 /* short map between error code, and short/long messages */ 1641 static struct errors_map { 1642 int code; /* HTTP return code */ 1643 const char *shortmsg; /* short version of message */ 1644 const char *longmsg; /* long version of message */ 1645 } errors_map[] = { 1646 { 400, "400 Bad Request", "The request was not valid", }, 1647 { 401, "401 Unauthorized", "No authorization", }, 1648 { 403, "403 Forbidden", "Access to this item has been denied",}, 1649 { 404, "404 Not Found", "This item has not been found", }, 1650 { 408, "408 Request Timeout", "This request took too long", }, 1651 { 417, "417 Expectation Failed","Expectations not available", }, 1652 { 500, "500 Internal Error", "An error occured on the server", }, 1653 { 501, "501 Not Implemented", "This request is not available", }, 1654 { 0, NULL, NULL, }, 1655 }; 1656 1657 static const char *help = "DANGER! WILL ROBINSON! DANGER!"; 1658 1659 static const char * 1660 http_errors_short(int code) 1661 { 1662 struct errors_map *ep; 1663 1664 for (ep = errors_map; ep->code; ep++) 1665 if (ep->code == code) 1666 return (ep->shortmsg); 1667 return (help); 1668 } 1669 1670 static const char * 1671 http_errors_long(int code) 1672 { 1673 struct errors_map *ep; 1674 1675 for (ep = errors_map; ep->code; ep++) 1676 if (ep->code == code) 1677 return (ep->longmsg); 1678 return (help); 1679 } 1680 1681 /* the follow functions and variables are used in handling HTTP errors */ 1682 /* ARGSUSED */ 1683 int 1684 bozo_http_error(bozohttpd_t *httpd, int code, bozo_httpreq_t *request, 1685 const char *msg) 1686 { 1687 char portbuf[20]; 1688 const char *header = http_errors_short(code); 1689 const char *reason = http_errors_long(code); 1690 const char *proto = (request && request->hr_proto) ? 1691 request->hr_proto : httpd->consts.http_11; 1692 int size; 1693 1694 debug((httpd, DEBUG_FAT, "bozo_http_error %d: %s", code, msg)); 1695 if (header == NULL || reason == NULL) { 1696 bozo_err(httpd, 1, 1697 "bozo_http_error() failed (short = %p, long = %p)", 1698 header, reason); 1699 return code; 1700 } 1701 1702 if (request && request->hr_serverport && 1703 strcmp(request->hr_serverport, "80") != 0) 1704 snprintf(portbuf, sizeof(portbuf), ":%s", 1705 request->hr_serverport); 1706 else 1707 portbuf[0] = '\0'; 1708 1709 if (request && request->hr_file) { 1710 escape_html(request); 1711 size = snprintf(httpd->errorbuf, BUFSIZ, 1712 "<html><head><title>%s</title></head>\n" 1713 "<body><h1>%s</h1>\n" 1714 "%s: <pre>%s</pre>\n" 1715 "<hr><address><a href=\"http://%s%s/\">%s%s</a></address>\n" 1716 "</body></html>\n", 1717 header, header, request->hr_file, reason, 1718 httpd->virthostname, portbuf, httpd->virthostname, portbuf); 1719 if (size >= (int)BUFSIZ) { 1720 bozo_warn(httpd, 1721 "bozo_http_error buffer too small, truncated"); 1722 size = (int)BUFSIZ; 1723 } 1724 } else 1725 size = 0; 1726 1727 bozo_printf(httpd, "%s %s\r\n", proto, header); 1728 if (request) 1729 bozo_auth_check_401(request, code); 1730 1731 bozo_printf(httpd, "Content-Type: text/html\r\n"); 1732 bozo_printf(httpd, "Content-Length: %d\r\n", size); 1733 bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); 1734 if (request && request->hr_allow) 1735 bozo_printf(httpd, "Allow: %s\r\n", request->hr_allow); 1736 bozo_printf(httpd, "\r\n"); 1737 if (size) 1738 bozo_printf(httpd, "%s", httpd->errorbuf); 1739 bozo_flush(httpd, stdout); 1740 1741 return code; 1742 } 1743 1744 /* Below are various modified libc functions */ 1745 1746 /* 1747 * returns -1 in lenp if the string ran out before finding a delimiter, 1748 * but is otherwise the same as strsep. Note that the length must be 1749 * correctly passed in. 1750 */ 1751 char * 1752 bozostrnsep(char **strp, const char *delim, ssize_t *lenp) 1753 { 1754 char *s; 1755 const char *spanp; 1756 int c, sc; 1757 char *tok; 1758 1759 if ((s = *strp) == NULL) 1760 return (NULL); 1761 for (tok = s;;) { 1762 if (lenp && --(*lenp) == -1) 1763 return (NULL); 1764 c = *s++; 1765 spanp = delim; 1766 do { 1767 if ((sc = *spanp++) == c) { 1768 if (c == 0) 1769 s = NULL; 1770 else 1771 s[-1] = '\0'; 1772 *strp = s; 1773 return (tok); 1774 } 1775 } while (sc != 0); 1776 } 1777 /* NOTREACHED */ 1778 } 1779 1780 /* 1781 * inspired by fgetln(3), but works for fd's. should work identically 1782 * except it, however, does *not* return the newline, and it does nul 1783 * terminate the string. 1784 */ 1785 char * 1786 bozodgetln(bozohttpd_t *httpd, int fd, ssize_t *lenp, 1787 ssize_t (*readfn)(bozohttpd_t *, int, void *, size_t)) 1788 { 1789 ssize_t len; 1790 int got_cr = 0; 1791 char c, *nbuffer; 1792 1793 /* initialise */ 1794 if (httpd->getln_buflen == 0) { 1795 /* should be plenty for most requests */ 1796 httpd->getln_buflen = 128; 1797 httpd->getln_buffer = malloc((size_t)httpd->getln_buflen); 1798 if (httpd->getln_buffer == NULL) { 1799 httpd->getln_buflen = 0; 1800 return NULL; 1801 } 1802 } 1803 len = 0; 1804 1805 /* 1806 * we *have* to read one byte at a time, to not break cgi 1807 * programs (for we pass stdin off to them). could fix this 1808 * by becoming a fd-passing program instead of just exec'ing 1809 * the program 1810 * 1811 * the above is no longer true, we are the fd-passing 1812 * program already. 1813 */ 1814 for (; readfn(httpd, fd, &c, 1) == 1; ) { 1815 debug((httpd, DEBUG_EXPLODING, "bozodgetln read %c", c)); 1816 1817 if (len >= httpd->getln_buflen - 1) { 1818 httpd->getln_buflen *= 2; 1819 debug((httpd, DEBUG_EXPLODING, "bozodgetln: " 1820 "reallocating buffer to buflen %zu", 1821 httpd->getln_buflen)); 1822 nbuffer = bozorealloc(httpd, httpd->getln_buffer, 1823 (size_t)httpd->getln_buflen); 1824 httpd->getln_buffer = nbuffer; 1825 } 1826 1827 httpd->getln_buffer[len++] = c; 1828 if (c == '\r') { 1829 got_cr = 1; 1830 continue; 1831 } else if (c == '\n') { 1832 /* 1833 * HTTP/1.1 spec says to ignore CR and treat 1834 * LF as the real line terminator. even though 1835 * the same spec defines CRLF as the line 1836 * terminator, it is recommended in section 19.3 1837 * to do the LF trick for tolerance. 1838 */ 1839 if (got_cr) 1840 len -= 2; 1841 else 1842 len -= 1; 1843 break; 1844 } 1845 1846 } 1847 httpd->getln_buffer[len] = '\0'; 1848 debug((httpd, DEBUG_OBESE, "bozodgetln returns: ``%s'' with len %zd", 1849 httpd->getln_buffer, len)); 1850 *lenp = len; 1851 return httpd->getln_buffer; 1852 } 1853 1854 void * 1855 bozorealloc(bozohttpd_t *httpd, void *ptr, size_t size) 1856 { 1857 void *p; 1858 1859 p = realloc(ptr, size); 1860 if (p == NULL) { 1861 (void)bozo_http_error(httpd, 500, NULL, 1862 "memory allocation failure"); 1863 exit(1); 1864 } 1865 return (p); 1866 } 1867 1868 void * 1869 bozomalloc(bozohttpd_t *httpd, size_t size) 1870 { 1871 void *p; 1872 1873 p = malloc(size); 1874 if (p == NULL) { 1875 (void)bozo_http_error(httpd, 500, NULL, 1876 "memory allocation failure"); 1877 exit(1); 1878 } 1879 return (p); 1880 } 1881 1882 char * 1883 bozostrdup(bozohttpd_t *httpd, const char *str) 1884 { 1885 char *p; 1886 1887 p = strdup(str); 1888 if (p == NULL) { 1889 (void)bozo_http_error(httpd, 500, NULL, 1890 "memory allocation failure"); 1891 exit(1); 1892 } 1893 return (p); 1894 } 1895 1896 /* set default values in bozohttpd_t struct */ 1897 int 1898 bozo_init_httpd(bozohttpd_t *httpd) 1899 { 1900 /* make sure everything is clean */ 1901 (void) memset(httpd, 0x0, sizeof(*httpd)); 1902 1903 /* constants */ 1904 httpd->consts.http_09 = "HTTP/0.9"; 1905 httpd->consts.http_10 = "HTTP/1.0"; 1906 httpd->consts.http_11 = "HTTP/1.1"; 1907 httpd->consts.text_plain = "text/plain"; 1908 1909 /* mmap region size */ 1910 httpd->mmapsz = BOZO_MMAPSZ; 1911 1912 /* error buffer for bozo_http_error() */ 1913 if ((httpd->errorbuf = malloc(BUFSIZ)) == NULL) { 1914 (void) fprintf(stderr, 1915 "bozohttpd: memory_allocation failure\n"); 1916 return 0; 1917 } 1918 return 1; 1919 } 1920 1921 /* set default values in bozoprefs_t struct */ 1922 int 1923 bozo_init_prefs(bozoprefs_t *prefs) 1924 { 1925 /* make sure everything is clean */ 1926 (void) memset(prefs, 0x0, sizeof(*prefs)); 1927 1928 /* set up default values */ 1929 bozo_set_pref(prefs, "server software", SERVER_SOFTWARE); 1930 bozo_set_pref(prefs, "index.html", INDEX_HTML); 1931 bozo_set_pref(prefs, "public_html", PUBLIC_HTML); 1932 1933 return 1; 1934 } 1935 1936 /* set default values */ 1937 int 1938 bozo_set_defaults(bozohttpd_t *httpd, bozoprefs_t *prefs) 1939 { 1940 return bozo_init_httpd(httpd) && bozo_init_prefs(prefs); 1941 } 1942 1943 /* set the virtual host name, port and root */ 1944 int 1945 bozo_setup(bozohttpd_t *httpd, bozoprefs_t *prefs, const char *vhost, 1946 const char *root) 1947 { 1948 struct passwd *pw; 1949 extern char **environ; 1950 static char *cleanenv[1] = { NULL }; 1951 uid_t uid; 1952 char *chrootdir; 1953 char *username; 1954 char *portnum; 1955 char *cp; 1956 int dirtyenv; 1957 1958 dirtyenv = 0; 1959 1960 if (vhost == NULL) { 1961 httpd->virthostname = bozomalloc(httpd, MAXHOSTNAMELEN+1); 1962 /* XXX we do not check for FQDN here */ 1963 if (gethostname(httpd->virthostname, MAXHOSTNAMELEN+1) < 0) 1964 bozo_err(httpd, 1, "gethostname"); 1965 httpd->virthostname[MAXHOSTNAMELEN] = '\0'; 1966 } else { 1967 httpd->virthostname = strdup(vhost); 1968 } 1969 httpd->slashdir = strdup(root); 1970 if ((portnum = bozo_get_pref(prefs, "port number")) != NULL) { 1971 httpd->bindport = strdup(portnum); 1972 } 1973 1974 /* go over preferences now */ 1975 if ((cp = bozo_get_pref(prefs, "numeric")) != NULL && 1976 strcmp(cp, "true") == 0) { 1977 httpd->numeric = 1; 1978 } 1979 if ((cp = bozo_get_pref(prefs, "trusted referal")) != NULL && 1980 strcmp(cp, "true") == 0) { 1981 httpd->untrustedref = 1; 1982 } 1983 if ((cp = bozo_get_pref(prefs, "log to stderr")) != NULL && 1984 strcmp(cp, "true") == 0) { 1985 httpd->logstderr = 1; 1986 } 1987 if ((cp = bozo_get_pref(prefs, "bind address")) != NULL) { 1988 httpd->bindaddress = strdup(cp); 1989 } 1990 if ((cp = bozo_get_pref(prefs, "background")) != NULL) { 1991 httpd->background = atoi(cp); 1992 } 1993 if ((cp = bozo_get_pref(prefs, "foreground")) != NULL && 1994 strcmp(cp, "true") == 0) { 1995 httpd->foreground = 1; 1996 } 1997 if ((cp = bozo_get_pref(prefs, "pid file")) != NULL) { 1998 httpd->pidfile = strdup(cp); 1999 } 2000 if ((cp = bozo_get_pref(prefs, "unknown slash")) != NULL && 2001 strcmp(cp, "true") == 0) { 2002 httpd->unknown_slash = 1; 2003 } 2004 if ((cp = bozo_get_pref(prefs, "virtual base")) != NULL) { 2005 httpd->virtbase = strdup(cp); 2006 } 2007 if ((cp = bozo_get_pref(prefs, "enable users")) != NULL && 2008 strcmp(cp, "true") == 0) { 2009 httpd->enable_users = 1; 2010 } 2011 if ((cp = bozo_get_pref(prefs, "dirty environment")) != NULL && 2012 strcmp(cp, "true") == 0) { 2013 dirtyenv = 1; 2014 } 2015 if ((cp = bozo_get_pref(prefs, "hide dots")) != NULL && 2016 strcmp(cp, "true") == 0) { 2017 httpd->hide_dots = 1; 2018 } 2019 if ((cp = bozo_get_pref(prefs, "directory indexing")) != NULL && 2020 strcmp(cp, "true") == 0) { 2021 httpd->dir_indexing = 1; 2022 } 2023 if ((cp = bozo_get_pref(prefs, "public_html")) != NULL) { 2024 httpd->public_html = strdup(cp); 2025 } 2026 httpd->server_software = 2027 strdup(bozo_get_pref(prefs, "server software")); 2028 httpd->index_html = strdup(bozo_get_pref(prefs, "index.html")); 2029 2030 /* 2031 * initialise ssl and daemon mode if necessary. 2032 */ 2033 bozo_ssl_init(httpd); 2034 bozo_daemon_init(httpd); 2035 2036 if ((username = bozo_get_pref(prefs, "username")) == NULL) { 2037 if ((pw = getpwuid(uid = 0)) == NULL) 2038 bozo_err(httpd, 1, "getpwuid(0): %s", strerror(errno)); 2039 httpd->username = strdup(pw->pw_name); 2040 } else { 2041 httpd->username = strdup(username); 2042 if ((pw = getpwnam(httpd->username)) == NULL) 2043 bozo_err(httpd, 1, "getpwnam(%s): %s", httpd->username, 2044 strerror(errno)); 2045 if (initgroups(pw->pw_name, pw->pw_gid) == -1) 2046 bozo_err(httpd, 1, "initgroups: %s", strerror(errno)); 2047 if (setgid(pw->pw_gid) == -1) 2048 bozo_err(httpd, 1, "setgid(%u): %s", pw->pw_gid, 2049 strerror(errno)); 2050 uid = pw->pw_uid; 2051 } 2052 /* 2053 * handle chroot. 2054 */ 2055 if ((chrootdir = bozo_get_pref(prefs, "chroot dir")) != NULL) { 2056 httpd->rootdir = strdup(chrootdir); 2057 if (chdir(httpd->rootdir) == -1) 2058 bozo_err(httpd, 1, "chdir(%s): %s", httpd->rootdir, 2059 strerror(errno)); 2060 if (chroot(httpd->rootdir) == -1) 2061 bozo_err(httpd, 1, "chroot(%s): %s", httpd->rootdir, 2062 strerror(errno)); 2063 } 2064 2065 if (username != NULL) 2066 if (setuid(uid) == -1) 2067 bozo_err(httpd, 1, "setuid(%d): %s", uid, 2068 strerror(errno)); 2069 2070 /* 2071 * prevent info leakage between different compartments. 2072 * some PATH values in the environment would be invalided 2073 * by chroot. cross-user settings might result in undesirable 2074 * effects. 2075 */ 2076 if ((chrootdir != NULL || username != NULL) && !dirtyenv) 2077 environ = cleanenv; 2078 2079 #ifdef _SC_PAGESIZE 2080 httpd->page_size = (long)sysconf(_SC_PAGESIZE); 2081 #else 2082 httpd->page_size = 4096; 2083 #endif 2084 debug((httpd, DEBUG_OBESE, "myname is %s, slashdir is %s", 2085 httpd->virthostname, httpd->slashdir)); 2086 2087 return 1; 2088 } 2089