1 /* $NetBSD: bozohttpd.c,v 1.87 2018/01/28 13:37:39 maya Exp $ */ 2 3 /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ 4 5 /* 6 * Copyright (c) 1997-2017 Matthew R. Green 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer and 16 * dedication in the documentation and/or other materials provided 17 * with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 */ 32 33 /* this program is dedicated to the Great God of Processed Cheese */ 34 35 /* 36 * bozohttpd.c: minimal httpd; provides only these features: 37 * - HTTP/0.9 (by virtue of ..) 38 * - HTTP/1.0 39 * - HTTP/1.1 40 * - CGI/1.1 this will only be provided for "system" scripts 41 * - automatic "missing trailing slash" redirections 42 * - configurable translation of /~user/ to ~user/public_html, 43 * however, this does not include cgi-bin support 44 * - access lists via libwrap via inetd/tcpd 45 * - virtual hosting 46 * - not that we do not even pretend to understand MIME, but 47 * rely only on the HTTP specification 48 * - ipv6 support 49 * - automatic `index.html' generation 50 * - configurable server name 51 * - directory index generation 52 * - daemon mode (lacks libwrap support) 53 * - .htpasswd support 54 */ 55 56 /* 57 * requirements for minimal http/1.1 (at least, as documented in 58 * RFC 2616 (HTTP/1.1): 59 * 60 * - 14.11: content-encoding handling. [1] 61 * 62 * - 14.13: content-length handling. this is only a SHOULD header 63 * thus we could just not send it ever. [1] 64 * 65 * - 14.17: content-type handling. [1] 66 * 67 * - 14.28: if-unmodified-since handling. if-modified-since is 68 * done since, shouldn't be too hard for this one. 69 * 70 * [1] need to revisit to ensure proper behaviour 71 * 72 * and the following is a list of features that we do not need 73 * to have due to other limits, or are too lazy. there are more 74 * of these than are listed, but these are of particular note, 75 * and could perhaps be implemented. 76 * 77 * - 3.5/3.6: content/transfer codings. probably can ignore 78 * this? we "SHOULD"n't. but 4.4 says we should ignore a 79 * `content-length' header upon reciept of a `transfer-encoding' 80 * header. 81 * 82 * - 5.1.1: request methods. only MUST support GET and HEAD, 83 * but there are new ones besides POST that are currently 84 * supported: OPTIONS PUT DELETE TRACE and CONNECT, plus 85 * extensions not yet known? 86 * 87 * - 10.1: we can ignore informational status codes 88 * 89 * - 10.3.3/10.3.4/10.3.8: just use '302' codes always. 90 * 91 * - 14.1/14.2/14.3/14.27: we do not support Accept: headers. 92 * just ignore them and send the request anyway. they are 93 * only SHOULD. 94 * 95 * - 14.5/14.16/14.35: only support simple ranges: %d- and %d-%d 96 * would be nice to support more. 97 * 98 * - 14.9: we aren't a cache. 99 * 100 * - 14.15: content-md5 would be nice. 101 * 102 * - 14.24/14.26/14.27: if-match, if-none-match, if-range. be 103 * nice to support this. 104 * 105 * - 14.44: Vary: seems unneeded. ignore it for now. 106 */ 107 108 #ifndef INDEX_HTML 109 #define INDEX_HTML "index.html" 110 #endif 111 #ifndef SERVER_SOFTWARE 112 #define SERVER_SOFTWARE "bozohttpd/20170201" 113 #endif 114 #ifndef DIRECT_ACCESS_FILE 115 #define DIRECT_ACCESS_FILE ".bzdirect" 116 #endif 117 #ifndef REDIRECT_FILE 118 #define REDIRECT_FILE ".bzredirect" 119 #endif 120 #ifndef ABSREDIRECT_FILE 121 #define ABSREDIRECT_FILE ".bzabsredirect" 122 #endif 123 #ifndef PUBLIC_HTML 124 #define PUBLIC_HTML "public_html" 125 #endif 126 127 #ifndef USE_ARG 128 #define USE_ARG(x) /*LINTED*/(void)&(x) 129 #endif 130 131 /* 132 * And so it begins .. 133 */ 134 135 #include <sys/param.h> 136 #include <sys/socket.h> 137 #include <sys/time.h> 138 #include <sys/mman.h> 139 140 #include <arpa/inet.h> 141 142 #include <ctype.h> 143 #include <dirent.h> 144 #include <errno.h> 145 #include <fcntl.h> 146 #include <netdb.h> 147 #include <pwd.h> 148 #include <grp.h> 149 #include <signal.h> 150 #include <stdarg.h> 151 #include <stdlib.h> 152 #include <string.h> 153 #include <syslog.h> 154 #include <time.h> 155 #include <unistd.h> 156 157 #include "bozohttpd.h" 158 159 #ifndef MAX_WAIT_TIME 160 #define MAX_WAIT_TIME 60 /* hang around for 60 seconds max */ 161 #endif 162 163 /* variables and functions */ 164 #ifndef LOG_FTP 165 #define LOG_FTP LOG_DAEMON 166 #endif 167 168 volatile sig_atomic_t alarmhit; 169 170 /* 171 * check there's enough space in the prefs and names arrays. 172 */ 173 static int 174 size_arrays(bozoprefs_t *bozoprefs, size_t needed) 175 { 176 char **temp; 177 178 if (bozoprefs->size == 0) { 179 /* only get here first time around */ 180 bozoprefs->name = calloc(sizeof(char *), needed); 181 if (bozoprefs->name == NULL) 182 return 0; 183 bozoprefs->value = calloc(sizeof(char *), needed); 184 if (bozoprefs->value == NULL) { 185 free(bozoprefs->name); 186 return 0; 187 } 188 bozoprefs->size = needed; 189 } else if (bozoprefs->count == bozoprefs->size) { 190 /* only uses 'needed' when filled array */ 191 temp = realloc(bozoprefs->name, sizeof(char *) * needed); 192 if (temp == NULL) 193 return 0; 194 bozoprefs->name = temp; 195 temp = realloc(bozoprefs->value, sizeof(char *) * needed); 196 if (temp == NULL) 197 return 0; 198 bozoprefs->value = temp; 199 bozoprefs->size += needed; 200 } 201 return 1; 202 } 203 204 static ssize_t 205 findvar(bozoprefs_t *bozoprefs, const char *name) 206 { 207 size_t i; 208 209 for (i = 0; i < bozoprefs->count; i++) 210 if (strcmp(bozoprefs->name[i], name) == 0) 211 return (ssize_t)i; 212 return -1; 213 } 214 215 int 216 bozo_set_pref(bozohttpd_t *httpd, bozoprefs_t *bozoprefs, 217 const char *name, const char *value) 218 { 219 ssize_t i; 220 221 if ((i = findvar(bozoprefs, name)) < 0) { 222 /* add the element to the array */ 223 if (!size_arrays(bozoprefs, bozoprefs->size + 15)) 224 return 0; 225 i = bozoprefs->count++; 226 bozoprefs->name[i] = bozostrdup(httpd, NULL, name); 227 } else { 228 /* replace the element in the array */ 229 if (bozoprefs->value[i]) { 230 free(bozoprefs->value[i]); 231 bozoprefs->value[i] = NULL; 232 } 233 } 234 bozoprefs->value[i] = bozostrdup(httpd, NULL, value); 235 return 1; 236 } 237 238 /* 239 * get a variable's value, or NULL 240 */ 241 char * 242 bozo_get_pref(bozoprefs_t *bozoprefs, const char *name) 243 { 244 ssize_t i; 245 246 i = findvar(bozoprefs, name); 247 return i < 0 ? NULL : bozoprefs->value[i]; 248 } 249 250 char * 251 bozo_http_date(char *date, size_t datelen) 252 { 253 struct tm *tm; 254 time_t now; 255 256 /* Sun, 06 Nov 1994 08:49:37 GMT */ 257 now = time(NULL); 258 tm = gmtime(&now); /* HTTP/1.1 spec rev 06 sez GMT only */ 259 strftime(date, datelen, "%a, %d %b %Y %H:%M:%S GMT", tm); 260 return date; 261 } 262 263 /* 264 * convert "in" into the three parts of a request (first line). 265 * we allocate into file and query, but return pointers into 266 * "in" for proto and method. 267 */ 268 static void 269 parse_request(bozohttpd_t *httpd, char *in, char **method, char **file, 270 char **query, char **proto) 271 { 272 ssize_t len; 273 char *val; 274 275 USE_ARG(httpd); 276 debug((httpd, DEBUG_EXPLODING, "parse in: %s", in)); 277 *method = *file = *query = *proto = NULL; 278 279 len = (ssize_t)strlen(in); 280 val = bozostrnsep(&in, " \t\n\r", &len); 281 if (len < 1 || val == NULL) 282 return; 283 *method = val; 284 285 while (*in == ' ' || *in == '\t') 286 in++; 287 val = bozostrnsep(&in, " \t\n\r", &len); 288 if (len < 1) { 289 if (len == 0) 290 *file = val; 291 else 292 *file = in; 293 } else { 294 *file = val; 295 296 *query = strchr(*file, '?'); 297 if (*query) 298 *(*query)++ = '\0'; 299 300 if (in) { 301 while (*in && (*in == ' ' || *in == '\t')) 302 in++; 303 if (*in) 304 *proto = in; 305 } 306 } 307 308 /* allocate private copies */ 309 *file = bozostrdup(httpd, NULL, *file); 310 if (*query) 311 *query = bozostrdup(httpd, NULL, *query); 312 313 debug((httpd, DEBUG_FAT, 314 "url: method: \"%s\" file: \"%s\" query: \"%s\" proto: \"%s\"", 315 *method, *file, *query, *proto)); 316 } 317 318 /* 319 * cleanup a bozo_httpreq_t after use 320 */ 321 void 322 bozo_clean_request(bozo_httpreq_t *request) 323 { 324 struct bozoheaders *hdr, *ohdr = NULL; 325 326 if (request == NULL) 327 return; 328 329 /* If SSL enabled cleanup SSL structure. */ 330 bozo_ssl_destroy(request->hr_httpd); 331 332 /* clean up request */ 333 free(request->hr_remotehost); 334 free(request->hr_remoteaddr); 335 free(request->hr_serverport); 336 free(request->hr_virthostname); 337 free(request->hr_file); 338 free(request->hr_oldfile); 339 free(request->hr_query); 340 free(request->hr_host); 341 bozo_user_free(request->hr_user); 342 bozo_auth_cleanup(request); 343 for (hdr = SIMPLEQ_FIRST(&request->hr_headers); hdr; 344 hdr = SIMPLEQ_NEXT(hdr, h_next)) { 345 free(hdr->h_value); 346 free(hdr->h_header); 347 free(ohdr); 348 ohdr = hdr; 349 } 350 free(ohdr); 351 ohdr = NULL; 352 for (hdr = SIMPLEQ_FIRST(&request->hr_replheaders); hdr; 353 hdr = SIMPLEQ_NEXT(hdr, h_next)) { 354 free(hdr->h_value); 355 free(hdr->h_header); 356 free(ohdr); 357 ohdr = hdr; 358 } 359 free(ohdr); 360 361 free(request); 362 } 363 364 /* 365 * send a HTTP/1.1 408 response if we timeout. 366 */ 367 /* ARGSUSED */ 368 static void 369 alarmer(int sig) 370 { 371 alarmhit = 1; 372 } 373 374 /* 375 * a list of header quirks: currently, a list of headers that 376 * can't be folded into a single line. 377 */ 378 const char *header_quirks[] = { "WWW-Authenticate", NULL }; 379 380 /* 381 * add or merge this header (val: str) into the requests list 382 */ 383 static bozoheaders_t * 384 addmerge_header(bozo_httpreq_t *request, struct qheaders *headers, 385 const char *val, const char *str, ssize_t len) 386 { 387 struct bozohttpd_t *httpd = request->hr_httpd; 388 struct bozoheaders *hdr = NULL; 389 const char **quirk; 390 391 USE_ARG(len); 392 for (quirk = header_quirks; *quirk; quirk++) 393 if (strcasecmp(*quirk, val) == 0) 394 break; 395 396 if (*quirk == NULL) { 397 /* do we exist already? */ 398 SIMPLEQ_FOREACH(hdr, headers, h_next) { 399 if (strcasecmp(val, hdr->h_header) == 0) 400 break; 401 } 402 } 403 404 if (hdr) { 405 /* yup, merge it in */ 406 char *nval; 407 408 bozoasprintf(httpd, &nval, "%s, %s", hdr->h_value, str); 409 free(hdr->h_value); 410 hdr->h_value = nval; 411 } else { 412 /* nope, create a new one */ 413 414 hdr = bozomalloc(httpd, sizeof *hdr); 415 hdr->h_header = bozostrdup(httpd, request, val); 416 if (str && *str) 417 hdr->h_value = bozostrdup(httpd, request, str); 418 else 419 hdr->h_value = bozostrdup(httpd, request, " "); 420 421 SIMPLEQ_INSERT_TAIL(headers, hdr, h_next); 422 request->hr_nheaders++; 423 } 424 425 return hdr; 426 } 427 428 bozoheaders_t * 429 addmerge_reqheader(bozo_httpreq_t *request, const char *val, const char *str, 430 ssize_t len) 431 { 432 433 return addmerge_header(request, &request->hr_headers, val, str, len); 434 } 435 436 bozoheaders_t * 437 addmerge_replheader(bozo_httpreq_t *request, const char *val, const char *str, 438 ssize_t len) 439 { 440 441 return addmerge_header(request, &request->hr_replheaders, 442 val, str, len); 443 } 444 445 /* 446 * as the prototype string is not constant (eg, "HTTP/1.1" is equivalent 447 * to "HTTP/001.01"), we MUST parse this. 448 */ 449 static int 450 process_proto(bozo_httpreq_t *request, const char *proto) 451 { 452 struct bozohttpd_t *httpd = request->hr_httpd; 453 char majorstr[16], *minorstr; 454 int majorint, minorint; 455 456 if (proto == NULL) { 457 got_proto_09: 458 request->hr_proto = httpd->consts.http_09; 459 debug((httpd, DEBUG_FAT, "request %s is http/0.9", 460 request->hr_file)); 461 return 0; 462 } 463 464 if (strncasecmp(proto, "HTTP/", 5) != 0) 465 goto bad; 466 strncpy(majorstr, proto + 5, sizeof majorstr); 467 majorstr[sizeof(majorstr)-1] = 0; 468 minorstr = strchr(majorstr, '.'); 469 if (minorstr == NULL) 470 goto bad; 471 *minorstr++ = 0; 472 473 majorint = atoi(majorstr); 474 minorint = atoi(minorstr); 475 476 switch (majorint) { 477 case 0: 478 if (minorint != 9) 479 break; 480 goto got_proto_09; 481 case 1: 482 if (minorint == 0) 483 request->hr_proto = httpd->consts.http_10; 484 else if (minorint == 1) 485 request->hr_proto = httpd->consts.http_11; 486 else 487 break; 488 489 debug((httpd, DEBUG_FAT, "request %s is %s", 490 request->hr_file, request->hr_proto)); 491 SIMPLEQ_INIT(&request->hr_headers); 492 request->hr_nheaders = 0; 493 return 0; 494 } 495 bad: 496 return bozo_http_error(httpd, 404, NULL, "unknown prototype"); 497 } 498 499 /* 500 * process each type of HTTP method, setting this HTTP requests 501 * method type. 502 */ 503 static struct method_map { 504 const char *name; 505 int type; 506 } method_map[] = { 507 { "GET", HTTP_GET, }, 508 { "POST", HTTP_POST, }, 509 { "HEAD", HTTP_HEAD, }, 510 #if 0 /* other non-required http/1.1 methods */ 511 { "OPTIONS", HTTP_OPTIONS, }, 512 { "PUT", HTTP_PUT, }, 513 { "DELETE", HTTP_DELETE, }, 514 { "TRACE", HTTP_TRACE, }, 515 { "CONNECT", HTTP_CONNECT, }, 516 #endif 517 { NULL, 0, }, 518 }; 519 520 static int 521 process_method(bozo_httpreq_t *request, const char *method) 522 { 523 struct bozohttpd_t *httpd = request->hr_httpd; 524 struct method_map *mmp; 525 526 if (request->hr_proto == httpd->consts.http_11) 527 request->hr_allow = "GET, HEAD, POST"; 528 529 for (mmp = method_map; mmp->name; mmp++) 530 if (strcasecmp(method, mmp->name) == 0) { 531 request->hr_method = mmp->type; 532 request->hr_methodstr = mmp->name; 533 return 0; 534 } 535 536 return bozo_http_error(httpd, 404, request, "unknown method"); 537 } 538 539 /* 540 * This function reads a http request from stdin, returning a pointer to a 541 * bozo_httpreq_t structure, describing the request. 542 */ 543 bozo_httpreq_t * 544 bozo_read_request(bozohttpd_t *httpd) 545 { 546 struct sigaction sa; 547 char *str, *val, *method, *file, *proto, *query; 548 char *host, *addr, *port; 549 char bufport[10]; 550 char hbuf[NI_MAXHOST], abuf[NI_MAXHOST]; 551 struct sockaddr_storage ss; 552 ssize_t len; 553 int line = 0; 554 socklen_t slen; 555 bozo_httpreq_t *request; 556 557 /* 558 * if we're in daemon mode, bozo_daemon_fork() will return here twice 559 * for each call. once in the child, returning 0, and once in the 560 * parent, returning 1. for each child, then we can setup SSL, and 561 * the parent can signal the caller there was no request to process 562 * and it will wait for another. 563 */ 564 if (bozo_daemon_fork(httpd)) 565 return NULL; 566 if (bozo_ssl_accept(httpd)) 567 return NULL; 568 569 request = bozomalloc(httpd, sizeof(*request)); 570 memset(request, 0, sizeof(*request)); 571 request->hr_httpd = httpd; 572 request->hr_allow = request->hr_host = NULL; 573 request->hr_content_type = request->hr_content_length = NULL; 574 request->hr_range = NULL; 575 request->hr_last_byte_pos = -1; 576 request->hr_if_modified_since = NULL; 577 request->hr_virthostname = NULL; 578 request->hr_file = NULL; 579 request->hr_oldfile = NULL; 580 SIMPLEQ_INIT(&request->hr_replheaders); 581 bozo_auth_init(request); 582 583 slen = sizeof(ss); 584 if (getpeername(0, (struct sockaddr *)(void *)&ss, &slen) < 0) 585 host = addr = NULL; 586 else { 587 if (getnameinfo((struct sockaddr *)(void *)&ss, slen, 588 abuf, sizeof abuf, NULL, 0, NI_NUMERICHOST) == 0) 589 addr = abuf; 590 else 591 addr = NULL; 592 if (httpd->numeric == 0 && 593 getnameinfo((struct sockaddr *)(void *)&ss, slen, 594 hbuf, sizeof hbuf, NULL, 0, 0) == 0) 595 host = hbuf; 596 else 597 host = NULL; 598 } 599 if (host != NULL) 600 request->hr_remotehost = bozostrdup(httpd, request, host); 601 if (addr != NULL) 602 request->hr_remoteaddr = bozostrdup(httpd, request, addr); 603 slen = sizeof(ss); 604 605 /* 606 * Override the bound port from the request value, so it works even 607 * if passed through a proxy that doesn't rewrite the port. 608 */ 609 if (httpd->bindport) { 610 if (strcmp(httpd->bindport, "80") != 0) 611 port = httpd->bindport; 612 else 613 port = NULL; 614 } else { 615 if (getsockname(0, (struct sockaddr *)(void *)&ss, &slen) < 0) 616 port = NULL; 617 else { 618 if (getnameinfo((struct sockaddr *)(void *)&ss, slen, 619 NULL, 0, bufport, sizeof bufport, 620 NI_NUMERICSERV) == 0) 621 port = bufport; 622 else 623 port = NULL; 624 } 625 } 626 if (port != NULL) 627 request->hr_serverport = bozostrdup(httpd, request, port); 628 629 /* 630 * setup a timer to make sure the request is not hung 631 */ 632 sa.sa_handler = alarmer; 633 sigemptyset(&sa.sa_mask); 634 sigaddset(&sa.sa_mask, SIGALRM); 635 sa.sa_flags = 0; 636 sigaction(SIGALRM, &sa, NULL); 637 638 alarm(MAX_WAIT_TIME); 639 while ((str = bozodgetln(httpd, STDIN_FILENO, &len, bozo_read)) != NULL) { 640 alarm(0); 641 if (alarmhit) { 642 (void)bozo_http_error(httpd, 408, NULL, 643 "request timed out"); 644 goto cleanup; 645 } 646 line++; 647 648 if (line == 1) { 649 650 if (len < 1) { 651 (void)bozo_http_error(httpd, 404, NULL, 652 "null method"); 653 goto cleanup; 654 } 655 bozowarn(httpd, 656 "got request ``%s'' from host %s to port %s", 657 str, 658 host ? host : addr ? addr : "<local>", 659 port ? port : "<stdin>"); 660 661 /* we allocate return space in file and query only */ 662 parse_request(httpd, str, &method, &file, &query, &proto); 663 request->hr_file = file; 664 request->hr_query = query; 665 if (method == NULL) { 666 (void)bozo_http_error(httpd, 404, NULL, 667 "null method"); 668 goto cleanup; 669 } 670 if (file == NULL) { 671 (void)bozo_http_error(httpd, 404, NULL, 672 "null file"); 673 goto cleanup; 674 } 675 676 /* 677 * note that we parse the proto first, so that we 678 * can more properly parse the method and the url. 679 */ 680 681 if (process_proto(request, proto) || 682 process_method(request, method)) { 683 goto cleanup; 684 } 685 686 debug((httpd, DEBUG_FAT, "got file \"%s\" query \"%s\"", 687 request->hr_file, 688 request->hr_query ? request->hr_query : "<none>")); 689 690 /* http/0.9 has no header processing */ 691 if (request->hr_proto == httpd->consts.http_09) 692 break; 693 } else { /* incoming headers */ 694 bozoheaders_t *hdr; 695 696 if (*str == '\0') 697 break; 698 699 val = bozostrnsep(&str, ":", &len); 700 debug((httpd, DEBUG_EXPLODING, 701 "read_req2: after bozostrnsep: str ``%s'' val ``%s''", 702 str, val)); 703 if (val == NULL || len == -1) { 704 (void)bozo_http_error(httpd, 404, request, 705 "no header"); 706 goto cleanup; 707 } 708 while (*str == ' ' || *str == '\t') 709 len--, str++; 710 while (*val == ' ' || *val == '\t') 711 val++; 712 713 if (bozo_auth_check_headers(request, val, str, len)) 714 goto next_header; 715 716 hdr = addmerge_reqheader(request, val, str, len); 717 718 if (strcasecmp(hdr->h_header, "content-type") == 0) 719 request->hr_content_type = hdr->h_value; 720 else if (strcasecmp(hdr->h_header, "content-length") == 0) 721 request->hr_content_length = hdr->h_value; 722 else if (strcasecmp(hdr->h_header, "host") == 0) 723 request->hr_host = bozostrdup(httpd, request, 724 hdr->h_value); 725 /* RFC 2616 (HTTP/1.1): 14.20 */ 726 else if (strcasecmp(hdr->h_header, "expect") == 0) { 727 (void)bozo_http_error(httpd, 417, request, 728 "we don't support Expect:"); 729 goto cleanup; 730 } 731 else if (strcasecmp(hdr->h_header, "referrer") == 0 || 732 strcasecmp(hdr->h_header, "referer") == 0) 733 request->hr_referrer = hdr->h_value; 734 else if (strcasecmp(hdr->h_header, "range") == 0) 735 request->hr_range = hdr->h_value; 736 else if (strcasecmp(hdr->h_header, 737 "if-modified-since") == 0) 738 request->hr_if_modified_since = hdr->h_value; 739 else if (strcasecmp(hdr->h_header, 740 "accept-encoding") == 0) 741 request->hr_accept_encoding = hdr->h_value; 742 743 debug((httpd, DEBUG_FAT, "adding header %s: %s", 744 hdr->h_header, hdr->h_value)); 745 } 746 next_header: 747 alarm(MAX_WAIT_TIME); 748 } 749 750 /* now, clear it all out */ 751 alarm(0); 752 signal(SIGALRM, SIG_DFL); 753 754 /* RFC1945, 8.3 */ 755 if (request->hr_method == HTTP_POST && 756 request->hr_content_length == NULL) { 757 (void)bozo_http_error(httpd, 400, request, 758 "missing content length"); 759 goto cleanup; 760 } 761 762 /* RFC 2616 (HTTP/1.1), 14.23 & 19.6.1.1 */ 763 if (request->hr_proto == httpd->consts.http_11 && 764 /*(strncasecmp(request->hr_file, "http://", 7) != 0) &&*/ 765 request->hr_host == NULL) { 766 (void)bozo_http_error(httpd, 400, request, 767 "missing Host header"); 768 goto cleanup; 769 } 770 771 if (request->hr_range != NULL) { 772 debug((httpd, DEBUG_FAT, "hr_range: %s", request->hr_range)); 773 /* support only simple ranges %d- and %d-%d */ 774 if (strchr(request->hr_range, ',') == NULL) { 775 const char *rstart, *dash; 776 777 rstart = strchr(request->hr_range, '='); 778 if (rstart != NULL) { 779 rstart++; 780 dash = strchr(rstart, '-'); 781 if (dash != NULL && dash != rstart) { 782 dash++; 783 request->hr_have_range = 1; 784 request->hr_first_byte_pos = 785 strtoll(rstart, NULL, 10); 786 if (request->hr_first_byte_pos < 0) 787 request->hr_first_byte_pos = 0; 788 if (*dash != '\0') { 789 request->hr_last_byte_pos = 790 strtoll(dash, NULL, 10); 791 if (request->hr_last_byte_pos < 0) 792 request->hr_last_byte_pos = -1; 793 } 794 } 795 } 796 } 797 } 798 799 debug((httpd, DEBUG_FAT, "bozo_read_request returns url %s in request", 800 request->hr_file)); 801 return request; 802 803 cleanup: 804 bozo_clean_request(request); 805 806 return NULL; 807 } 808 809 static int 810 mmap_and_write_part(bozohttpd_t *httpd, int fd, off_t first_byte_pos, size_t sz) 811 { 812 size_t mappedsz, wroffset; 813 off_t mappedoffset; 814 char *addr; 815 void *mappedaddr; 816 817 /* 818 * we need to ensure that both the size *and* offset arguments to 819 * mmap() are page-aligned. our formala for this is: 820 * 821 * input offset: first_byte_pos 822 * input size: sz 823 * 824 * mapped offset = page align truncate (input offset) 825 * mapped size = 826 * page align extend (input offset - mapped offset + input size) 827 * write offset = input offset - mapped offset 828 * 829 * we use the write offset in all writes 830 */ 831 mappedoffset = first_byte_pos & ~(httpd->page_size - 1); 832 mappedsz = (size_t) 833 (first_byte_pos - mappedoffset + sz + httpd->page_size - 1) & 834 ~(httpd->page_size - 1); 835 wroffset = (size_t)(first_byte_pos - mappedoffset); 836 837 addr = mmap(0, mappedsz, PROT_READ, MAP_SHARED, fd, mappedoffset); 838 if (addr == (char *)-1) { 839 bozowarn(httpd, "mmap failed: %s", strerror(errno)); 840 return -1; 841 } 842 mappedaddr = addr; 843 844 #ifdef MADV_SEQUENTIAL 845 (void)madvise(addr, sz, MADV_SEQUENTIAL); 846 #endif 847 while (sz > BOZO_WRSZ) { 848 if (bozo_write(httpd, STDOUT_FILENO, addr + wroffset, 849 BOZO_WRSZ) != BOZO_WRSZ) { 850 bozowarn(httpd, "write failed: %s", strerror(errno)); 851 goto out; 852 } 853 debug((httpd, DEBUG_OBESE, "wrote %d bytes", BOZO_WRSZ)); 854 sz -= BOZO_WRSZ; 855 addr += BOZO_WRSZ; 856 } 857 if (sz && (size_t)bozo_write(httpd, STDOUT_FILENO, addr + wroffset, 858 sz) != sz) { 859 bozowarn(httpd, "final write failed: %s", strerror(errno)); 860 goto out; 861 } 862 debug((httpd, DEBUG_OBESE, "wrote %d bytes", (int)sz)); 863 out: 864 if (munmap(mappedaddr, mappedsz) < 0) { 865 bozowarn(httpd, "munmap failed"); 866 return -1; 867 } 868 869 return 0; 870 } 871 872 static int 873 parse_http_date(const char *val, time_t *timestamp) 874 { 875 char *remainder; 876 struct tm tm; 877 878 if ((remainder = strptime(val, "%a, %d %b %Y %T GMT", &tm)) == NULL && 879 (remainder = strptime(val, "%a, %d-%b-%y %T GMT", &tm)) == NULL && 880 (remainder = strptime(val, "%a %b %d %T %Y", &tm)) == NULL) 881 return 0; /* Invalid HTTP date format */ 882 883 if (*remainder) 884 return 0; /* No trailing garbage */ 885 886 *timestamp = timegm(&tm); 887 return 1; 888 } 889 890 /* 891 * given an url, encode it ala rfc 3986. ie, escape ? and friends. 892 * note that this function returns a static buffer, and thus needs 893 * to be updated for any sort of parallel processing. escape only 894 * chosen characters for absolute redirects 895 */ 896 char * 897 bozo_escape_rfc3986(bozohttpd_t *httpd, const char *url, int absolute) 898 { 899 static char *buf; 900 static size_t buflen = 0; 901 size_t len; 902 const char *s; 903 char *d; 904 905 len = strlen(url); 906 if (buflen < len * 3 + 1) { 907 buflen = len * 3 + 1; 908 buf = bozorealloc(httpd, buf, buflen); 909 } 910 911 for (len = 0, s = url, d = buf; *s;) { 912 if (*s & 0x80) 913 goto encode_it; 914 switch (*s) { 915 case ':': 916 case '?': 917 case '#': 918 case '[': 919 case ']': 920 case '@': 921 case '!': 922 case '$': 923 case '&': 924 case '\'': 925 case '(': 926 case ')': 927 case '*': 928 case '+': 929 case ',': 930 case ';': 931 case '=': 932 case '%': 933 case '"': 934 if (absolute) 935 goto leave_it; 936 case '\n': 937 case '\r': 938 case ' ': 939 encode_it: 940 snprintf(d, 4, "%%%02X", *s++); 941 d += 3; 942 len += 3; 943 break; 944 leave_it: 945 default: 946 *d++ = *s++; 947 len++; 948 break; 949 } 950 } 951 buf[len] = 0; 952 953 return buf; 954 } 955 956 /* 957 * do automatic redirection -- if there are query parameters or userdir for 958 * the URL we will tack these on to the new (redirected) URL. 959 */ 960 static void 961 handle_redirect(bozo_httpreq_t *request, const char *url, int absolute) 962 { 963 bozohttpd_t *httpd = request->hr_httpd; 964 char *finalurl, *urlbuf; 965 #ifndef NO_USER_SUPPORT 966 char *userbuf; 967 #endif /* !NO_USER_SUPPORT */ 968 char portbuf[20]; 969 const char *scheme, *query, *quest; 970 const char *hostname = BOZOHOST(httpd, request); 971 int absproto = 0; /* absolute redirect provides own schema */ 972 973 if (url == NULL) { 974 bozoasprintf(httpd, &urlbuf, "/%s/", request->hr_file); 975 url = urlbuf; 976 } else 977 urlbuf = NULL; 978 979 #ifndef NO_USER_SUPPORT 980 if (request->hr_user && !absolute) { 981 bozoasprintf(httpd, &userbuf, "/~%s%s", request->hr_user, url); 982 url = userbuf; 983 } else 984 userbuf = NULL; 985 #endif /* !NO_USER_SUPPORT */ 986 987 if (absolute) { 988 char *sep = NULL; 989 const char *s; 990 991 /* 992 * absolute redirect may specify own protocol i.e. to redirect 993 * to another schema like https:// or ftp://. 994 * Details: RFC 3986, section 3. 995 */ 996 997 /* 1. check if url contains :// */ 998 sep = strstr(url, "://"); 999 1000 /* 1001 * RFC 3986, section 3.1: 1002 * scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) 1003 */ 1004 if (sep) { 1005 for (s = url; s != sep;) { 1006 if (!isalnum((int)*s) && 1007 *s != '+' && *s != '-' && *s != '.') 1008 break; 1009 if (++s == sep) { 1010 absproto = 1; 1011 } 1012 } 1013 } 1014 } 1015 1016 /* construct final redirection url */ 1017 1018 scheme = absproto ? "" : httpd->sslinfo ? "https://" : "http://"; 1019 1020 if (absolute) { 1021 hostname = ""; 1022 portbuf[0] = '\0'; 1023 } else { 1024 const char *defport = httpd->sslinfo ? "443" : "80"; 1025 1026 if (request->hr_serverport && 1027 strcmp(request->hr_serverport, defport) != 0) 1028 snprintf(portbuf, sizeof(portbuf), ":%s", 1029 request->hr_serverport); 1030 else 1031 portbuf[0] = '\0'; 1032 } 1033 1034 url = bozo_escape_rfc3986(httpd, url, absolute); 1035 1036 if (request->hr_query && strlen(request->hr_query)) { 1037 query = request->hr_query; 1038 quest = "?"; 1039 } else { 1040 query = quest = ""; 1041 } 1042 1043 bozoasprintf(httpd, &finalurl, "%s%s%s%s%s%s", 1044 scheme, hostname, portbuf, url, quest, query); 1045 1046 bozowarn(httpd, "redirecting %s", finalurl); 1047 debug((httpd, DEBUG_FAT, "redirecting %s", finalurl)); 1048 1049 bozo_printf(httpd, "%s 301 Document Moved\r\n", request->hr_proto); 1050 if (request->hr_proto != httpd->consts.http_09) 1051 bozo_print_header(request, NULL, "text/html", NULL); 1052 if (request->hr_proto != httpd->consts.http_09) 1053 bozo_printf(httpd, "Location: %s\r\n", finalurl); 1054 bozo_printf(httpd, "\r\n"); 1055 if (request->hr_method == HTTP_HEAD) 1056 goto head; 1057 bozo_printf(httpd, "<html><head><title>Document Moved</title></head>\n"); 1058 bozo_printf(httpd, "<body><h1>Document Moved</h1>\n"); 1059 bozo_printf(httpd, "This document had moved <a href=\"%s\">here</a>\n", 1060 finalurl); 1061 bozo_printf(httpd, "</body></html>\n"); 1062 head: 1063 bozo_flush(httpd, stdout); 1064 free(urlbuf); 1065 free(finalurl); 1066 #ifndef NO_USER_SUPPORT 1067 free(userbuf); 1068 #endif /* !NO_USER_SUPPORT */ 1069 } 1070 1071 /* 1072 * deal with virtual host names; we do this: 1073 * if we have a virtual path root (httpd->virtbase), and we are given a 1074 * virtual host spec (Host: ho.st or http://ho.st/), see if this 1075 * directory exists under httpd->virtbase. if it does, use this as the 1076 # new slashdir. 1077 */ 1078 static int 1079 check_virtual(bozo_httpreq_t *request) 1080 { 1081 bozohttpd_t *httpd = request->hr_httpd; 1082 char *file = request->hr_file, *s; 1083 size_t len; 1084 1085 /* 1086 * convert http://virtual.host/ to request->hr_host 1087 */ 1088 debug((httpd, DEBUG_OBESE, "checking for http:// virtual host in ``%s''", 1089 file)); 1090 if (strncasecmp(file, "http://", 7) == 0) { 1091 /* we would do virtual hosting here? */ 1092 file += 7; 1093 /* RFC 2616 (HTTP/1.1), 5.2: URI takes precedence over Host: */ 1094 free(request->hr_host); 1095 request->hr_host = bozostrdup(httpd, request, file); 1096 if ((s = strchr(request->hr_host, '/')) != NULL) 1097 *s = '\0'; 1098 s = strchr(file, '/'); 1099 free(request->hr_file); 1100 request->hr_file = bozostrdup(httpd, request, s ? s : "/"); 1101 debug((httpd, DEBUG_OBESE, "got host ``%s'' file is now ``%s''", 1102 request->hr_host, request->hr_file)); 1103 } else if (!request->hr_host) 1104 goto use_slashdir; 1105 1106 /* 1107 * canonicalise hr_host - that is, remove any :80. 1108 */ 1109 len = strlen(request->hr_host); 1110 if (len > 3 && strcmp(request->hr_host + len - 3, ":80") == 0) { 1111 request->hr_host[len - 3] = '\0'; 1112 len = strlen(request->hr_host); 1113 } 1114 1115 if (!httpd->virtbase) { 1116 1117 /* 1118 * if we don't use vhost support, then set virthostname if 1119 * user supplied Host header. It will be used for possible 1120 * redirections 1121 */ 1122 1123 if (request->hr_host) { 1124 s = strrchr(request->hr_host, ':'); 1125 if (s != NULL) 1126 /* truncate Host: as we want to copy it without port part */ 1127 *s = '\0'; 1128 request->hr_virthostname = bozostrdup(httpd, request, 1129 request->hr_host); 1130 if (s != NULL) 1131 /* fix Host: again, if we truncated it */ 1132 *s = ':'; 1133 } 1134 1135 goto use_slashdir; 1136 } 1137 1138 /* 1139 * ok, we have a virtual host, use opendir(3) to find a case 1140 * insensitive match for the virtual host we are asked for. 1141 * note that if the virtual host is the same as the master, 1142 * we don't need to do anything special. 1143 */ 1144 debug((httpd, DEBUG_OBESE, 1145 "check_virtual: checking host `%s' under httpd->virtbase `%s' " 1146 "for file `%s'", 1147 request->hr_host, httpd->virtbase, request->hr_file)); 1148 if (strncasecmp(httpd->virthostname, request->hr_host, len) != 0) { 1149 s = 0; 1150 DIR *dirp; 1151 struct dirent *d; 1152 1153 if ((dirp = opendir(httpd->virtbase)) != NULL) { 1154 while ((d = readdir(dirp)) != NULL) { 1155 if (strcmp(d->d_name, ".") == 0 || 1156 strcmp(d->d_name, "..") == 0) { 1157 continue; 1158 } 1159 debug((httpd, DEBUG_OBESE, "looking at dir``%s''", 1160 d->d_name)); 1161 if (strcmp(d->d_name, request->hr_host) == 0) { 1162 /* found it, punch it */ 1163 debug((httpd, DEBUG_OBESE, "found it punch it")); 1164 request->hr_virthostname = 1165 bozostrdup(httpd, request, d->d_name); 1166 bozoasprintf(httpd, &s, "%s/%s", 1167 httpd->virtbase, 1168 request->hr_virthostname); 1169 break; 1170 } 1171 } 1172 closedir(dirp); 1173 } 1174 else { 1175 debug((httpd, DEBUG_FAT, "opendir %s failed: %s", 1176 httpd->virtbase, strerror(errno))); 1177 } 1178 if (s == 0) { 1179 if (httpd->unknown_slash) 1180 goto use_slashdir; 1181 return bozo_http_error(httpd, 404, request, 1182 "unknown URL"); 1183 } 1184 } else 1185 use_slashdir: 1186 s = httpd->slashdir; 1187 1188 /* 1189 * ok, nailed the correct slashdir, chdir to it 1190 */ 1191 if (chdir(s) < 0) 1192 return bozo_http_error(httpd, 404, request, 1193 "can't chdir to slashdir"); 1194 return 0; 1195 } 1196 1197 /* 1198 * checks to see if this request has a valid .bzredirect file. returns 1199 * 0 when no redirection happend, or 1 when handle_redirect() has been 1200 * called, -1 on error. 1201 */ 1202 static int 1203 check_bzredirect(bozo_httpreq_t *request) 1204 { 1205 bozohttpd_t *httpd = request->hr_httpd; 1206 struct stat sb; 1207 char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1], 1208 path[MAXPATHLEN]; 1209 char *basename, *finalredir; 1210 int rv, absolute; 1211 1212 /* 1213 * if this pathname is really a directory, but doesn't end in /, 1214 * use it as the directory to look for the redir file. 1215 */ 1216 if((size_t)snprintf(dir, sizeof(dir), "%s", request->hr_file + 1) >= 1217 sizeof(dir)) { 1218 bozo_http_error(httpd, 404, request, 1219 "file path too long"); 1220 return -1; 1221 } 1222 debug((httpd, DEBUG_FAT, "check_bzredirect: dir %s", dir)); 1223 basename = strrchr(dir, '/'); 1224 1225 if ((!basename || basename[1] != '\0') && 1226 lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) { 1227 strcpy(path, dir); 1228 } else if (basename == NULL) { 1229 strcpy(path, "."); 1230 strcpy(dir, ""); 1231 } else { 1232 *basename++ = '\0'; 1233 bozo_check_special_files(request, basename); 1234 strcpy(path, dir); 1235 } 1236 1237 debug((httpd, DEBUG_FAT, "check_bzredirect: path %s", path)); 1238 1239 if ((size_t)snprintf(redir, sizeof(redir), "%s/%s", path, 1240 REDIRECT_FILE) >= sizeof(redir)) { 1241 bozo_http_error(httpd, 404, request, 1242 "redirectfile path too long"); 1243 return -1; 1244 } 1245 if (lstat(redir, &sb) == 0) { 1246 if (!S_ISLNK(sb.st_mode)) 1247 return 0; 1248 absolute = 0; 1249 } else { 1250 if((size_t)snprintf(redir, sizeof(redir), "%s/%s", path, 1251 ABSREDIRECT_FILE) >= sizeof(redir)) { 1252 bozo_http_error(httpd, 404, request, 1253 "redirectfile path too long"); 1254 return -1; 1255 } 1256 if (lstat(redir, &sb) < 0 || !S_ISLNK(sb.st_mode)) 1257 return 0; 1258 absolute = 1; 1259 } 1260 debug((httpd, DEBUG_FAT, "check_bzredirect: calling readlink")); 1261 rv = readlink(redir, redirpath, sizeof redirpath - 1); 1262 if (rv == -1 || rv == 0) { 1263 debug((httpd, DEBUG_FAT, "readlink failed")); 1264 return 0; 1265 } 1266 redirpath[rv] = '\0'; 1267 debug((httpd, DEBUG_FAT, "readlink returned \"%s\"", redirpath)); 1268 1269 /* check if we need authentication */ 1270 snprintf(path, sizeof(path), "%s/", dir); 1271 if (bozo_auth_check(request, path)) 1272 return 1; 1273 1274 /* now we have the link pointer, redirect to the real place */ 1275 if (!absolute && redirpath[0] != '/') { 1276 if ((size_t)snprintf(finalredir = redir, sizeof(redir), "%s%s/%s", 1277 (strlen(dir) > 0 ? "/" : ""), dir, redirpath) >= sizeof(redir)) { 1278 bozo_http_error(httpd, 404, request, 1279 "redirect path too long"); 1280 return -1; 1281 } 1282 } else 1283 finalredir = redirpath; 1284 1285 debug((httpd, DEBUG_FAT, "check_bzredirect: new redir %s", finalredir)); 1286 handle_redirect(request, finalredir, absolute); 1287 return 1; 1288 } 1289 1290 /* this fixes the %HH hack that RFC2396 requires. */ 1291 int 1292 bozo_decode_url_percent(bozo_httpreq_t *request, char *str) 1293 { 1294 bozohttpd_t *httpd = request->hr_httpd; 1295 char *s, *t, buf[3]; 1296 char *end; /* if end is not-zero, we don't translate beyond that */ 1297 1298 end = str + strlen(str); 1299 1300 /* fast forward to the first % */ 1301 if ((s = strchr(str, '%')) == NULL) 1302 return 0; 1303 1304 t = s; 1305 do { 1306 if (end && s >= end) { 1307 debug((httpd, DEBUG_EXPLODING, 1308 "fu_%%: past end, filling out..")); 1309 while (*s) 1310 *t++ = *s++; 1311 break; 1312 } 1313 debug((httpd, DEBUG_EXPLODING, 1314 "fu_%%: got s == %%, s[1]s[2] == %c%c", 1315 s[1], s[2])); 1316 if (s[1] == '\0' || s[2] == '\0') { 1317 (void)bozo_http_error(httpd, 400, request, 1318 "percent hack missing two chars afterwards"); 1319 return 1; 1320 } 1321 if (s[1] == '0' && s[2] == '0') { 1322 (void)bozo_http_error(httpd, 404, request, 1323 "percent hack was %00"); 1324 return 1; 1325 } 1326 if (s[1] == '2' && s[2] == 'f') { 1327 (void)bozo_http_error(httpd, 404, request, 1328 "percent hack was %2f (/)"); 1329 return 1; 1330 } 1331 1332 buf[0] = *++s; 1333 buf[1] = *++s; 1334 buf[2] = '\0'; 1335 s++; 1336 *t = (char)strtol(buf, NULL, 16); 1337 debug((httpd, DEBUG_EXPLODING, 1338 "fu_%%: strtol put '%02x' into *t", *t)); 1339 if (*t++ == '\0') { 1340 (void)bozo_http_error(httpd, 400, request, 1341 "percent hack got a 0 back"); 1342 return 1; 1343 } 1344 1345 while (*s && *s != '%') { 1346 if (end && s >= end) 1347 break; 1348 *t++ = *s++; 1349 } 1350 } while (*s); 1351 *t = '\0'; 1352 1353 debug((httpd, DEBUG_FAT, "bozo_decode_url_percent returns `%s'", 1354 request->hr_file)); 1355 1356 return 0; 1357 } 1358 1359 /* 1360 * transform_request does this: 1361 * - ``expand'' %20 crapola 1362 * - punt if it doesn't start with / 1363 * - look for "http://myname/" and deal with it. 1364 * - maybe call bozo_process_cgi() 1365 * - check for ~user and call bozo_user_transform() if so 1366 * - if the length > 1, check for trailing slash. if so, 1367 * add the index.html file 1368 * - if the length is 1, return the index.html file 1369 * - disallow anything ending up with a file starting 1370 * at "/" or having ".." in it. 1371 * - anything else is a really weird internal error 1372 * - returns malloced file to serve, if unhandled 1373 */ 1374 static int 1375 transform_request(bozo_httpreq_t *request, int *isindex) 1376 { 1377 bozohttpd_t *httpd = request->hr_httpd; 1378 char *file, *newfile = NULL; 1379 size_t len; 1380 1381 file = NULL; 1382 *isindex = 0; 1383 debug((httpd, DEBUG_FAT, "tf_req: file %s", request->hr_file)); 1384 if (bozo_decode_url_percent(request, request->hr_file)) { 1385 goto bad_done; 1386 } 1387 if (check_virtual(request)) { 1388 goto bad_done; 1389 } 1390 file = request->hr_file; 1391 1392 if (file[0] != '/') { 1393 (void)bozo_http_error(httpd, 404, request, "unknown URL"); 1394 goto bad_done; 1395 } 1396 1397 /* omit additional slashes at the beginning */ 1398 while (file[1] == '/') 1399 file++; 1400 1401 /* fix file provided by user as it's used in other handlers */ 1402 request->hr_file = file; 1403 1404 len = strlen(file); 1405 1406 #ifndef NO_USER_SUPPORT 1407 /* first of all expand user path */ 1408 if (len > 1 && httpd->enable_users && file[1] == '~') { 1409 if (file[2] == '\0') { 1410 (void)bozo_http_error(httpd, 404, request, 1411 "missing username"); 1412 goto bad_done; 1413 } 1414 if (strchr(file + 2, '/') == NULL) { 1415 char *userredirecturl; 1416 bozoasprintf(httpd, &userredirecturl, "%s/", file); 1417 handle_redirect(request, userredirecturl, 0); 1418 free(userredirecturl); 1419 return 0; 1420 } 1421 debug((httpd, DEBUG_FAT, "calling bozo_user_transform")); 1422 1423 if (!bozo_user_transform(request)) 1424 return 0; 1425 1426 file = request->hr_file; 1427 len = strlen(file); 1428 } 1429 #endif /* NO_USER_SUPPORT */ 1430 1431 1432 switch (check_bzredirect(request)) { 1433 case -1: 1434 goto bad_done; 1435 case 1: 1436 return 0; 1437 } 1438 1439 if (len > 1) { 1440 debug((httpd, DEBUG_FAT, "file[len-1] == %c", file[len-1])); 1441 if (file[len-1] == '/') { /* append index.html */ 1442 *isindex = 1; 1443 debug((httpd, DEBUG_FAT, "appending index.html")); 1444 newfile = bozomalloc(httpd, 1445 len + strlen(httpd->index_html) + 1); 1446 strcpy(newfile, file + 1); 1447 strcat(newfile, httpd->index_html); 1448 } else 1449 newfile = bozostrdup(httpd, request, file + 1); 1450 } else if (len == 1) { 1451 debug((httpd, DEBUG_EXPLODING, "tf_req: len == 1")); 1452 newfile = bozostrdup(httpd, request, httpd->index_html); 1453 *isindex = 1; 1454 } else { /* len == 0 ? */ 1455 (void)bozo_http_error(httpd, 500, request, 1456 "request->hr_file is nul?"); 1457 goto bad_done; 1458 } 1459 1460 if (newfile == NULL) { 1461 (void)bozo_http_error(httpd, 500, request, "internal failure"); 1462 goto bad_done; 1463 } 1464 1465 /* 1466 * stop traversing outside our domain 1467 * 1468 * XXX true security only comes from our parent using chroot(2) 1469 * before execve(2)'ing us. or our own built in chroot(2) support. 1470 */ 1471 1472 debug((httpd, DEBUG_FAT, "newfile: %s", newfile)); 1473 1474 if (*newfile == '/' || strcmp(newfile, "..") == 0 || 1475 strstr(newfile, "/..") || strstr(newfile, "../")) { 1476 (void)bozo_http_error(httpd, 403, request, "illegal request"); 1477 goto bad_done; 1478 } 1479 1480 if (bozo_auth_check(request, newfile)) 1481 goto bad_done; 1482 1483 if (strlen(newfile)) { 1484 request->hr_oldfile = request->hr_file; 1485 request->hr_file = newfile; 1486 } 1487 1488 if (bozo_process_cgi(request)) 1489 return 0; 1490 1491 if (bozo_process_lua(request)) 1492 return 0; 1493 1494 debug((httpd, DEBUG_FAT, "transform_request set: %s", newfile)); 1495 return 1; 1496 bad_done: 1497 debug((httpd, DEBUG_FAT, "transform_request returning: 0")); 1498 free(newfile); 1499 return 0; 1500 } 1501 1502 /* 1503 * can_gzip checks if the request supports and prefers gzip encoding. 1504 * 1505 * XXX: we do not consider the associated q with gzip in making our 1506 * decision which is broken. 1507 */ 1508 1509 static int 1510 can_gzip(bozo_httpreq_t *request) 1511 { 1512 const char *pos; 1513 const char *tmp; 1514 size_t len; 1515 1516 /* First we decide if the request can be gzipped at all. */ 1517 1518 /* not if we already are encoded... */ 1519 tmp = bozo_content_encoding(request, request->hr_file); 1520 if (tmp && *tmp) 1521 return 0; 1522 1523 /* not if we are not asking for the whole file... */ 1524 if (request->hr_last_byte_pos != -1 || request->hr_have_range) 1525 return 0; 1526 1527 /* Then we determine if gzip is on the cards. */ 1528 1529 for (pos = request->hr_accept_encoding; pos && *pos; pos += len) { 1530 while (*pos == ' ') 1531 pos++; 1532 1533 len = strcspn(pos, ";,"); 1534 1535 if ((len == 4 && strncasecmp("gzip", pos, 4) == 0) || 1536 (len == 6 && strncasecmp("x-gzip", pos, 6) == 0)) 1537 return 1; 1538 1539 if (pos[len] == ';') 1540 len += strcspn(&pos[len], ","); 1541 1542 if (pos[len]) 1543 len++; 1544 } 1545 1546 return 0; 1547 } 1548 1549 /* 1550 * bozo_process_request does the following: 1551 * - check the request is valid 1552 * - process cgi-bin if necessary 1553 * - transform a filename if necesarry 1554 * - return the HTTP request 1555 */ 1556 void 1557 bozo_process_request(bozo_httpreq_t *request) 1558 { 1559 bozohttpd_t *httpd = request->hr_httpd; 1560 struct stat sb; 1561 time_t timestamp; 1562 char *file; 1563 const char *type, *encoding; 1564 int fd, isindex; 1565 1566 /* 1567 * note that transform_request chdir()'s if required. also note 1568 * that cgi is handed here. if transform_request() returns 0 1569 * then the request has been handled already. 1570 */ 1571 if (transform_request(request, &isindex) == 0) 1572 return; 1573 1574 fd = -1; 1575 encoding = NULL; 1576 if (can_gzip(request)) { 1577 bozoasprintf(httpd, &file, "%s.gz", request->hr_file); 1578 fd = open(file, O_RDONLY); 1579 if (fd >= 0) 1580 encoding = "gzip"; 1581 free(file); 1582 } 1583 1584 file = request->hr_file; 1585 1586 if (fd < 0) 1587 fd = open(file, O_RDONLY); 1588 1589 if (fd < 0) { 1590 debug((httpd, DEBUG_FAT, "open failed: %s", strerror(errno))); 1591 switch (errno) { 1592 case EPERM: 1593 case EACCES: 1594 (void)bozo_http_error(httpd, 403, request, 1595 "no permission to open file"); 1596 break; 1597 case ENAMETOOLONG: 1598 /*FALLTHROUGH*/ 1599 case ENOENT: 1600 if (!bozo_dir_index(request, file, isindex)) 1601 (void)bozo_http_error(httpd, 404, request, 1602 "no file"); 1603 break; 1604 default: 1605 (void)bozo_http_error(httpd, 500, request, "open file"); 1606 } 1607 goto cleanup_nofd; 1608 } 1609 if (fstat(fd, &sb) < 0) { 1610 (void)bozo_http_error(httpd, 500, request, "can't fstat"); 1611 goto cleanup; 1612 } 1613 if (S_ISDIR(sb.st_mode)) { 1614 handle_redirect(request, NULL, 0); 1615 goto cleanup; 1616 } 1617 1618 if (request->hr_if_modified_since && 1619 parse_http_date(request->hr_if_modified_since, ×tamp) && 1620 timestamp >= sb.st_mtime) { 1621 /* XXX ignore subsecond of timestamp */ 1622 bozo_printf(httpd, "%s 304 Not Modified\r\n", 1623 request->hr_proto); 1624 bozo_printf(httpd, "\r\n"); 1625 bozo_flush(httpd, stdout); 1626 goto cleanup; 1627 } 1628 1629 /* validate requested range */ 1630 if (request->hr_last_byte_pos == -1 || 1631 request->hr_last_byte_pos >= sb.st_size) 1632 request->hr_last_byte_pos = sb.st_size - 1; 1633 if (request->hr_have_range && 1634 request->hr_first_byte_pos > request->hr_last_byte_pos) { 1635 request->hr_have_range = 0; /* punt */ 1636 request->hr_first_byte_pos = 0; 1637 request->hr_last_byte_pos = sb.st_size - 1; 1638 } 1639 debug((httpd, DEBUG_FAT, "have_range %d first_pos %lld last_pos %lld", 1640 request->hr_have_range, 1641 (long long)request->hr_first_byte_pos, 1642 (long long)request->hr_last_byte_pos)); 1643 if (request->hr_have_range) 1644 bozo_printf(httpd, "%s 206 Partial Content\r\n", 1645 request->hr_proto); 1646 else 1647 bozo_printf(httpd, "%s 200 OK\r\n", request->hr_proto); 1648 1649 if (request->hr_proto != httpd->consts.http_09) { 1650 type = bozo_content_type(request, file); 1651 if (!encoding) 1652 encoding = bozo_content_encoding(request, file); 1653 1654 bozo_print_header(request, &sb, type, encoding); 1655 bozo_printf(httpd, "\r\n"); 1656 } 1657 bozo_flush(httpd, stdout); 1658 1659 if (request->hr_method != HTTP_HEAD) { 1660 off_t szleft, cur_byte_pos; 1661 1662 szleft = 1663 request->hr_last_byte_pos - request->hr_first_byte_pos + 1; 1664 cur_byte_pos = request->hr_first_byte_pos; 1665 1666 retry: 1667 while (szleft) { 1668 size_t sz; 1669 1670 if ((off_t)httpd->mmapsz < szleft) 1671 sz = httpd->mmapsz; 1672 else 1673 sz = (size_t)szleft; 1674 if (mmap_and_write_part(httpd, fd, cur_byte_pos, sz)) { 1675 if (errno == ENOMEM) { 1676 httpd->mmapsz /= 2; 1677 if (httpd->mmapsz >= httpd->page_size) 1678 goto retry; 1679 } 1680 goto cleanup; 1681 } 1682 cur_byte_pos += sz; 1683 szleft -= sz; 1684 } 1685 } 1686 cleanup: 1687 close(fd); 1688 cleanup_nofd: 1689 close(STDIN_FILENO); 1690 close(STDOUT_FILENO); 1691 /*close(STDERR_FILENO);*/ 1692 } 1693 1694 /* make sure we're not trying to access special files */ 1695 int 1696 bozo_check_special_files(bozo_httpreq_t *request, const char *name) 1697 { 1698 bozohttpd_t *httpd = request->hr_httpd; 1699 1700 /* ensure basename(name) != special files */ 1701 if (strcmp(name, DIRECT_ACCESS_FILE) == 0) 1702 return bozo_http_error(httpd, 403, request, 1703 "no permission to open direct access file"); 1704 if (strcmp(name, REDIRECT_FILE) == 0) 1705 return bozo_http_error(httpd, 403, request, 1706 "no permission to open redirect file"); 1707 if (strcmp(name, ABSREDIRECT_FILE) == 0) 1708 return bozo_http_error(httpd, 403, request, 1709 "no permission to open redirect file"); 1710 return bozo_auth_check_special_files(request, name); 1711 } 1712 1713 /* generic header printing routine */ 1714 void 1715 bozo_print_header(bozo_httpreq_t *request, 1716 struct stat *sbp, const char *type, const char *encoding) 1717 { 1718 bozohttpd_t *httpd = request->hr_httpd; 1719 off_t len; 1720 char date[40]; 1721 bozoheaders_t *hdr; 1722 1723 SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { 1724 bozo_printf(httpd, "%s: %s\r\n", hdr->h_header, 1725 hdr->h_value); 1726 } 1727 1728 bozo_printf(httpd, "Date: %s\r\n", bozo_http_date(date, sizeof(date))); 1729 bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); 1730 bozo_printf(httpd, "Accept-Ranges: bytes\r\n"); 1731 if (sbp) { 1732 char filedate[40]; 1733 struct tm *tm; 1734 1735 tm = gmtime(&sbp->st_mtime); 1736 strftime(filedate, sizeof filedate, 1737 "%a, %d %b %Y %H:%M:%S GMT", tm); 1738 bozo_printf(httpd, "Last-Modified: %s\r\n", filedate); 1739 } 1740 if (type && *type) 1741 bozo_printf(httpd, "Content-Type: %s\r\n", type); 1742 if (encoding && *encoding) 1743 bozo_printf(httpd, "Content-Encoding: %s\r\n", encoding); 1744 if (sbp) { 1745 if (request->hr_have_range) { 1746 len = request->hr_last_byte_pos - 1747 request->hr_first_byte_pos +1; 1748 bozo_printf(httpd, 1749 "Content-Range: bytes %qd-%qd/%qd\r\n", 1750 (long long) request->hr_first_byte_pos, 1751 (long long) request->hr_last_byte_pos, 1752 (long long) sbp->st_size); 1753 } else 1754 len = sbp->st_size; 1755 bozo_printf(httpd, "Content-Length: %qd\r\n", (long long)len); 1756 } 1757 if (request->hr_proto == httpd->consts.http_11) 1758 bozo_printf(httpd, "Connection: close\r\n"); 1759 bozo_flush(httpd, stdout); 1760 } 1761 1762 #ifndef NO_DEBUG 1763 void 1764 debug__(bozohttpd_t *httpd, int level, const char *fmt, ...) 1765 { 1766 va_list ap; 1767 int savederrno; 1768 1769 /* only log if the level is low enough */ 1770 if (httpd->debug < level) 1771 return; 1772 1773 savederrno = errno; 1774 va_start(ap, fmt); 1775 if (httpd->logstderr) { 1776 vfprintf(stderr, fmt, ap); 1777 fputs("\n", stderr); 1778 } else 1779 vsyslog(LOG_DEBUG, fmt, ap); 1780 va_end(ap); 1781 errno = savederrno; 1782 } 1783 #endif /* NO_DEBUG */ 1784 1785 /* these are like warn() and err(), except for syslog not stderr */ 1786 void 1787 bozowarn(bozohttpd_t *httpd, const char *fmt, ...) 1788 { 1789 va_list ap; 1790 1791 va_start(ap, fmt); 1792 if (httpd->logstderr || isatty(STDERR_FILENO)) { 1793 //fputs("warning: ", stderr); 1794 vfprintf(stderr, fmt, ap); 1795 fputs("\n", stderr); 1796 } else 1797 vsyslog(LOG_INFO, fmt, ap); 1798 va_end(ap); 1799 } 1800 1801 void 1802 bozoerr(bozohttpd_t *httpd, int code, const char *fmt, ...) 1803 { 1804 va_list ap; 1805 1806 va_start(ap, fmt); 1807 if (httpd->logstderr || isatty(STDERR_FILENO)) { 1808 //fputs("error: ", stderr); 1809 vfprintf(stderr, fmt, ap); 1810 fputs("\n", stderr); 1811 } else 1812 vsyslog(LOG_ERR, fmt, ap); 1813 va_end(ap); 1814 exit(code); 1815 } 1816 1817 void 1818 bozoasprintf(bozohttpd_t *httpd, char **str, const char *fmt, ...) 1819 { 1820 va_list ap; 1821 int e; 1822 1823 va_start(ap, fmt); 1824 e = vasprintf(str, fmt, ap); 1825 va_end(ap); 1826 1827 if (e < 0) 1828 bozoerr(httpd, EXIT_FAILURE, "asprintf"); 1829 } 1830 1831 /* 1832 * this escapes HTML tags. returns allocated escaped 1833 * string if needed, or NULL on allocation failure or 1834 * lack of escape need. 1835 * call with NULL httpd in error paths, to avoid recursive 1836 * malloc failure. call with valid httpd in normal paths 1837 * to get automatic allocation failure handling. 1838 */ 1839 char * 1840 bozo_escape_html(bozohttpd_t *httpd, const char *url) 1841 { 1842 int i, j; 1843 char *tmp; 1844 size_t len; 1845 1846 for (i = 0, j = 0; url[i]; i++) { 1847 switch (url[i]) { 1848 case '<': 1849 case '>': 1850 j += 4; 1851 break; 1852 case '&': 1853 j += 5; 1854 break; 1855 } 1856 } 1857 1858 if (j == 0) 1859 return NULL; 1860 1861 /* 1862 * we need to handle being called from different 1863 * pathnames. 1864 */ 1865 len = strlen(url) + j; 1866 if (httpd) 1867 tmp = bozomalloc(httpd, len); 1868 else if ((tmp = malloc(len)) == 0) 1869 return NULL; 1870 1871 for (i = 0, j = 0; url[i]; i++) { 1872 switch (url[i]) { 1873 case '<': 1874 memcpy(tmp + j, "<", 4); 1875 j += 4; 1876 break; 1877 case '>': 1878 memcpy(tmp + j, ">", 4); 1879 j += 4; 1880 break; 1881 case '&': 1882 memcpy(tmp + j, "&", 5); 1883 j += 5; 1884 break; 1885 default: 1886 tmp[j++] = url[i]; 1887 } 1888 } 1889 tmp[j] = 0; 1890 1891 return tmp; 1892 } 1893 1894 /* short map between error code, and short/long messages */ 1895 static struct errors_map { 1896 int code; /* HTTP return code */ 1897 const char *shortmsg; /* short version of message */ 1898 const char *longmsg; /* long version of message */ 1899 } errors_map[] = { 1900 { 400, "400 Bad Request", "The request was not valid", }, 1901 { 401, "401 Unauthorized", "No authorization", }, 1902 { 403, "403 Forbidden", "Access to this item has been denied",}, 1903 { 404, "404 Not Found", "This item has not been found", }, 1904 { 408, "408 Request Timeout", "This request took too long", }, 1905 { 417, "417 Expectation Failed","Expectations not available", }, 1906 { 420, "420 Enhance Your Calm","Chill, Winston", }, 1907 { 500, "500 Internal Error", "An error occured on the server", }, 1908 { 501, "501 Not Implemented", "This request is not available", }, 1909 { 0, NULL, NULL, }, 1910 }; 1911 1912 static const char *help = "DANGER! WILL ROBINSON! DANGER!"; 1913 1914 static const char * 1915 http_errors_short(int code) 1916 { 1917 struct errors_map *ep; 1918 1919 for (ep = errors_map; ep->code; ep++) 1920 if (ep->code == code) 1921 return (ep->shortmsg); 1922 return (help); 1923 } 1924 1925 static const char * 1926 http_errors_long(int code) 1927 { 1928 struct errors_map *ep; 1929 1930 for (ep = errors_map; ep->code; ep++) 1931 if (ep->code == code) 1932 return (ep->longmsg); 1933 return (help); 1934 } 1935 1936 /* the follow functions and variables are used in handling HTTP errors */ 1937 /* ARGSUSED */ 1938 int 1939 bozo_http_error(bozohttpd_t *httpd, int code, bozo_httpreq_t *request, 1940 const char *msg) 1941 { 1942 char portbuf[20]; 1943 const char *header = http_errors_short(code); 1944 const char *reason = http_errors_long(code); 1945 const char *proto = (request && request->hr_proto) ? 1946 request->hr_proto : httpd->consts.http_11; 1947 int size; 1948 bozoheaders_t *hdr; 1949 1950 debug((httpd, DEBUG_FAT, "bozo_http_error %d: %s", code, msg)); 1951 if (header == NULL || reason == NULL) { 1952 bozoerr(httpd, 1, 1953 "bozo_http_error() failed (short = %p, long = %p)", 1954 header, reason); 1955 return code; 1956 } 1957 1958 if (request && request->hr_serverport && 1959 strcmp(request->hr_serverport, "80") != 0) 1960 snprintf(portbuf, sizeof(portbuf), ":%s", 1961 request->hr_serverport); 1962 else 1963 portbuf[0] = '\0'; 1964 1965 if (request && request->hr_file) { 1966 char *file = NULL, *user = NULL, *user_escaped = NULL; 1967 int file_alloc = 0; 1968 const char *hostname = BOZOHOST(httpd, request); 1969 1970 /* bozo_escape_html() failure here is just too bad. */ 1971 file = bozo_escape_html(NULL, request->hr_file); 1972 if (file == NULL) 1973 file = request->hr_file; 1974 else 1975 file_alloc = 1; 1976 1977 #ifndef NO_USER_SUPPORT 1978 if (request->hr_user != NULL) { 1979 user_escaped = bozo_escape_html(NULL, request->hr_user); 1980 if (user_escaped == NULL) 1981 user_escaped = request->hr_user; 1982 /* expand username to ~user/ */ 1983 bozoasprintf(httpd, &user, "~%s/", user_escaped); 1984 if (user_escaped != request->hr_user) 1985 free(user_escaped); 1986 } 1987 #endif /* !NO_USER_SUPPORT */ 1988 1989 size = snprintf(httpd->errorbuf, BUFSIZ, 1990 "<html><head><title>%s</title></head>\n" 1991 "<body><h1>%s</h1>\n" 1992 "%s%s: <pre>%s</pre>\n" 1993 "<hr><address><a href=\"//%s%s/\">%s%s</a></address>\n" 1994 "</body></html>\n", 1995 header, header, 1996 user ? user : "", file, 1997 reason, hostname, portbuf, hostname, portbuf); 1998 free(user); 1999 if (size >= (int)BUFSIZ) { 2000 bozowarn(httpd, 2001 "bozo_http_error buffer too small, truncated"); 2002 size = (int)BUFSIZ; 2003 } 2004 2005 if (file_alloc) 2006 free(file); 2007 } else 2008 size = 0; 2009 2010 bozo_printf(httpd, "%s %s\r\n", proto, header); 2011 2012 if (request) { 2013 bozo_auth_check_401(request, code); 2014 SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { 2015 bozo_printf(httpd, "%s: %s\r\n", hdr->h_header, 2016 hdr->h_value); 2017 } 2018 } 2019 2020 bozo_printf(httpd, "Content-Type: text/html\r\n"); 2021 bozo_printf(httpd, "Content-Length: %d\r\n", size); 2022 bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); 2023 if (request && request->hr_allow) 2024 bozo_printf(httpd, "Allow: %s\r\n", request->hr_allow); 2025 bozo_printf(httpd, "\r\n"); 2026 /* According to the RFC 2616 sec. 9.4 HEAD method MUST NOT return a 2027 * message-body in the response */ 2028 if (size && request && request->hr_method != HTTP_HEAD) 2029 bozo_printf(httpd, "%s", httpd->errorbuf); 2030 bozo_flush(httpd, stdout); 2031 2032 return code; 2033 } 2034 2035 /* Below are various modified libc functions */ 2036 2037 /* 2038 * returns -1 in lenp if the string ran out before finding a delimiter, 2039 * but is otherwise the same as strsep. Note that the length must be 2040 * correctly passed in. 2041 */ 2042 char * 2043 bozostrnsep(char **strp, const char *delim, ssize_t *lenp) 2044 { 2045 char *s; 2046 const char *spanp; 2047 int c, sc; 2048 char *tok; 2049 2050 if ((s = *strp) == NULL) 2051 return (NULL); 2052 for (tok = s;;) { 2053 if (lenp && --(*lenp) == -1) 2054 return (NULL); 2055 c = *s++; 2056 spanp = delim; 2057 do { 2058 if ((sc = *spanp++) == c) { 2059 if (c == 0) 2060 s = NULL; 2061 else 2062 s[-1] = '\0'; 2063 *strp = s; 2064 return (tok); 2065 } 2066 } while (sc != 0); 2067 } 2068 /* NOTREACHED */ 2069 } 2070 2071 /* 2072 * inspired by fgetln(3), but works for fd's. should work identically 2073 * except it, however, does *not* return the newline, and it does nul 2074 * terminate the string. 2075 */ 2076 char * 2077 bozodgetln(bozohttpd_t *httpd, int fd, ssize_t *lenp, 2078 ssize_t (*readfn)(bozohttpd_t *, int, void *, size_t)) 2079 { 2080 ssize_t len; 2081 int got_cr = 0; 2082 char c, *nbuffer; 2083 2084 /* initialise */ 2085 if (httpd->getln_buflen == 0) { 2086 /* should be plenty for most requests */ 2087 httpd->getln_buflen = 128; 2088 httpd->getln_buffer = malloc((size_t)httpd->getln_buflen); 2089 if (httpd->getln_buffer == NULL) { 2090 httpd->getln_buflen = 0; 2091 return NULL; 2092 } 2093 } 2094 len = 0; 2095 2096 /* 2097 * we *have* to read one byte at a time, to not break cgi 2098 * programs (for we pass stdin off to them). could fix this 2099 * by becoming a fd-passing program instead of just exec'ing 2100 * the program 2101 * 2102 * the above is no longer true, we are the fd-passing 2103 * program already. 2104 */ 2105 for (; readfn(httpd, fd, &c, 1) == 1; ) { 2106 debug((httpd, DEBUG_EXPLODING, "bozodgetln read %c", c)); 2107 2108 if (len >= httpd->getln_buflen - 1) { 2109 httpd->getln_buflen *= 2; 2110 debug((httpd, DEBUG_EXPLODING, "bozodgetln: " 2111 "reallocating buffer to buflen %zu", 2112 httpd->getln_buflen)); 2113 nbuffer = bozorealloc(httpd, httpd->getln_buffer, 2114 (size_t)httpd->getln_buflen); 2115 httpd->getln_buffer = nbuffer; 2116 } 2117 2118 httpd->getln_buffer[len++] = c; 2119 if (c == '\r') { 2120 got_cr = 1; 2121 continue; 2122 } else if (c == '\n') { 2123 /* 2124 * HTTP/1.1 spec says to ignore CR and treat 2125 * LF as the real line terminator. even though 2126 * the same spec defines CRLF as the line 2127 * terminator, it is recommended in section 19.3 2128 * to do the LF trick for tolerance. 2129 */ 2130 if (got_cr) 2131 len -= 2; 2132 else 2133 len -= 1; 2134 break; 2135 } 2136 2137 } 2138 httpd->getln_buffer[len] = '\0'; 2139 debug((httpd, DEBUG_OBESE, "bozodgetln returns: ``%s'' with len %zd", 2140 httpd->getln_buffer, len)); 2141 *lenp = len; 2142 return httpd->getln_buffer; 2143 } 2144 2145 void * 2146 bozorealloc(bozohttpd_t *httpd, void *ptr, size_t size) 2147 { 2148 void *p; 2149 2150 p = realloc(ptr, size); 2151 if (p) 2152 return p; 2153 2154 (void)bozo_http_error(httpd, 500, NULL, "memory allocation failure"); 2155 exit(EXIT_FAILURE); 2156 } 2157 2158 void * 2159 bozomalloc(bozohttpd_t *httpd, size_t size) 2160 { 2161 void *p; 2162 2163 p = malloc(size); 2164 if (p) 2165 return p; 2166 2167 (void)bozo_http_error(httpd, 500, NULL, "memory allocation failure"); 2168 exit(EXIT_FAILURE); 2169 } 2170 2171 char * 2172 bozostrdup(bozohttpd_t *httpd, bozo_httpreq_t *request, const char *str) 2173 { 2174 char *p; 2175 2176 p = strdup(str); 2177 if (p) 2178 return p; 2179 2180 if (!request) 2181 bozoerr(httpd, EXIT_FAILURE, "strdup"); 2182 2183 (void)bozo_http_error(httpd, 500, request, "memory allocation failure"); 2184 exit(EXIT_FAILURE); 2185 } 2186 2187 /* set default values in bozohttpd_t struct */ 2188 int 2189 bozo_init_httpd(bozohttpd_t *httpd) 2190 { 2191 /* make sure everything is clean */ 2192 (void) memset(httpd, 0x0, sizeof(*httpd)); 2193 2194 /* constants */ 2195 httpd->consts.http_09 = "HTTP/0.9"; 2196 httpd->consts.http_10 = "HTTP/1.0"; 2197 httpd->consts.http_11 = "HTTP/1.1"; 2198 httpd->consts.text_plain = "text/plain"; 2199 2200 /* mmap region size */ 2201 httpd->mmapsz = BOZO_MMAPSZ; 2202 2203 /* error buffer for bozo_http_error() */ 2204 if ((httpd->errorbuf = malloc(BUFSIZ)) == NULL) { 2205 (void) fprintf(stderr, 2206 "bozohttpd: memory_allocation failure\n"); 2207 return 0; 2208 } 2209 #ifndef NO_LUA_SUPPORT 2210 SIMPLEQ_INIT(&httpd->lua_states); 2211 #endif 2212 return 1; 2213 } 2214 2215 /* set default values in bozoprefs_t struct */ 2216 int 2217 bozo_init_prefs(bozohttpd_t *httpd, bozoprefs_t *prefs) 2218 { 2219 /* make sure everything is clean */ 2220 (void) memset(prefs, 0x0, sizeof(*prefs)); 2221 2222 /* set up default values */ 2223 if (!bozo_set_pref(httpd, prefs, "server software", SERVER_SOFTWARE) || 2224 !bozo_set_pref(httpd, prefs, "index.html", INDEX_HTML) || 2225 !bozo_set_pref(httpd, prefs, "public_html", PUBLIC_HTML)) 2226 return 0; 2227 2228 return 1; 2229 } 2230 2231 /* set default values */ 2232 int 2233 bozo_set_defaults(bozohttpd_t *httpd, bozoprefs_t *prefs) 2234 { 2235 return bozo_init_httpd(httpd) && bozo_init_prefs(httpd, prefs); 2236 } 2237 2238 /* set the virtual host name, port and root */ 2239 int 2240 bozo_setup(bozohttpd_t *httpd, bozoprefs_t *prefs, const char *vhost, 2241 const char *root) 2242 { 2243 struct passwd *pw; 2244 extern char **environ; 2245 static char *cleanenv[1] = { NULL }; 2246 uid_t uid; 2247 int uidset = 0; 2248 char *chrootdir; 2249 char *username; 2250 char *portnum; 2251 char *cp; 2252 int dirtyenv; 2253 2254 dirtyenv = 0; 2255 2256 if (vhost == NULL) { 2257 httpd->virthostname = bozomalloc(httpd, MAXHOSTNAMELEN+1); 2258 if (gethostname(httpd->virthostname, MAXHOSTNAMELEN+1) < 0) 2259 bozoerr(httpd, 1, "gethostname"); 2260 httpd->virthostname[MAXHOSTNAMELEN] = '\0'; 2261 } else { 2262 httpd->virthostname = bozostrdup(httpd, NULL, vhost); 2263 } 2264 httpd->slashdir = bozostrdup(httpd, NULL, root); 2265 if ((portnum = bozo_get_pref(prefs, "port number")) != NULL) { 2266 httpd->bindport = bozostrdup(httpd, NULL, portnum); 2267 } 2268 2269 /* go over preferences now */ 2270 if ((cp = bozo_get_pref(prefs, "numeric")) != NULL && 2271 strcmp(cp, "true") == 0) { 2272 httpd->numeric = 1; 2273 } 2274 if ((cp = bozo_get_pref(prefs, "log to stderr")) != NULL && 2275 strcmp(cp, "true") == 0) { 2276 httpd->logstderr = 1; 2277 } 2278 if ((cp = bozo_get_pref(prefs, "bind address")) != NULL) { 2279 httpd->bindaddress = bozostrdup(httpd, NULL, cp); 2280 } 2281 if ((cp = bozo_get_pref(prefs, "background")) != NULL) { 2282 httpd->background = atoi(cp); 2283 } 2284 if ((cp = bozo_get_pref(prefs, "foreground")) != NULL && 2285 strcmp(cp, "true") == 0) { 2286 httpd->foreground = 1; 2287 } 2288 if ((cp = bozo_get_pref(prefs, "pid file")) != NULL) { 2289 httpd->pidfile = bozostrdup(httpd, NULL, cp); 2290 } 2291 if ((cp = bozo_get_pref(prefs, "unknown slash")) != NULL && 2292 strcmp(cp, "true") == 0) { 2293 httpd->unknown_slash = 1; 2294 } 2295 if ((cp = bozo_get_pref(prefs, "virtual base")) != NULL) { 2296 httpd->virtbase = bozostrdup(httpd, NULL, cp); 2297 } 2298 if ((cp = bozo_get_pref(prefs, "enable users")) != NULL && 2299 strcmp(cp, "true") == 0) { 2300 httpd->enable_users = 1; 2301 } 2302 if ((cp = bozo_get_pref(prefs, "enable user cgibin")) != NULL && 2303 strcmp(cp, "true") == 0) { 2304 httpd->enable_cgi_users = 1; 2305 } 2306 if ((cp = bozo_get_pref(prefs, "dirty environment")) != NULL && 2307 strcmp(cp, "true") == 0) { 2308 dirtyenv = 1; 2309 } 2310 if ((cp = bozo_get_pref(prefs, "hide dots")) != NULL && 2311 strcmp(cp, "true") == 0) { 2312 httpd->hide_dots = 1; 2313 } 2314 if ((cp = bozo_get_pref(prefs, "directory indexing")) != NULL && 2315 strcmp(cp, "true") == 0) { 2316 httpd->dir_indexing = 1; 2317 } 2318 if ((cp = bozo_get_pref(prefs, "public_html")) != NULL) { 2319 httpd->public_html = bozostrdup(httpd, NULL, cp); 2320 } 2321 httpd->server_software = 2322 bozostrdup(httpd, NULL, bozo_get_pref(prefs, "server software")); 2323 httpd->index_html = 2324 bozostrdup(httpd, NULL, bozo_get_pref(prefs, "index.html")); 2325 2326 /* 2327 * initialise ssl and daemon mode if necessary. 2328 */ 2329 bozo_ssl_init(httpd); 2330 bozo_daemon_init(httpd); 2331 2332 username = bozo_get_pref(prefs, "username"); 2333 if (username != NULL) { 2334 if ((pw = getpwnam(username)) == NULL) 2335 bozoerr(httpd, 1, "getpwnam(%s): %s", username, 2336 strerror(errno)); 2337 if (initgroups(pw->pw_name, pw->pw_gid) == -1) 2338 bozoerr(httpd, 1, "initgroups: %s", strerror(errno)); 2339 if (setgid(pw->pw_gid) == -1) 2340 bozoerr(httpd, 1, "setgid(%u): %s", pw->pw_gid, 2341 strerror(errno)); 2342 uid = pw->pw_uid; 2343 uidset = 1; 2344 } 2345 /* 2346 * handle chroot. 2347 */ 2348 if ((chrootdir = bozo_get_pref(prefs, "chroot dir")) != NULL) { 2349 httpd->rootdir = bozostrdup(httpd, NULL, chrootdir); 2350 if (chdir(httpd->rootdir) == -1) 2351 bozoerr(httpd, 1, "chdir(%s): %s", httpd->rootdir, 2352 strerror(errno)); 2353 if (chroot(httpd->rootdir) == -1) 2354 bozoerr(httpd, 1, "chroot(%s): %s", httpd->rootdir, 2355 strerror(errno)); 2356 } 2357 2358 if (uidset && setuid(uid) == -1) 2359 bozoerr(httpd, 1, "setuid(%d): %s", uid, strerror(errno)); 2360 2361 /* 2362 * prevent info leakage between different compartments. 2363 * some PATH values in the environment would be invalided 2364 * by chroot. cross-user settings might result in undesirable 2365 * effects. 2366 */ 2367 if ((chrootdir != NULL || username != NULL) && !dirtyenv) 2368 environ = cleanenv; 2369 2370 #ifdef _SC_PAGESIZE 2371 httpd->page_size = (long)sysconf(_SC_PAGESIZE); 2372 #else 2373 httpd->page_size = 4096; 2374 #endif 2375 debug((httpd, DEBUG_OBESE, "myname is %s, slashdir is %s", 2376 httpd->virthostname, httpd->slashdir)); 2377 2378 return 1; 2379 } 2380 2381 int 2382 bozo_get_version(char *buf, size_t size) 2383 { 2384 return snprintf(buf, size, "%s", SERVER_SOFTWARE); 2385 } 2386