doc: Added manpage for htextauth.
[ashd.git] / src / callcgi.c
... / ...
CommitLineData
1/*
2 ashd - A Sane HTTP Daemon
3 Copyright (C) 2008 Fredrik Tolf <fredrik@dolda2000.com>
4
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17*/
18
19#include <stdlib.h>
20#include <string.h>
21#include <stdio.h>
22#include <unistd.h>
23#include <errno.h>
24#include <ctype.h>
25#include <signal.h>
26#include <sys/poll.h>
27
28#ifdef HAVE_CONFIG_H
29#include <config.h>
30#endif
31#include <utils.h>
32#include <log.h>
33
34static char **environ;
35
36static int passdata(FILE *in, FILE *out)
37{
38 int ret;
39 char buf[65536];
40 struct pollfd pfds[2];
41
42 while(!feof(in)) {
43 memset(pfds, 0, sizeof(struct pollfd) * 2);
44 pfds[0].fd = fileno(in);
45 pfds[0].events = POLLIN;
46 pfds[1].fd = fileno(out);
47 pfds[1].events = POLLHUP;
48 ret = poll(pfds, 2, -1);
49 if(ret < 0) {
50 if(errno != EINTR) {
51 flog(LOG_ERR, "callcgi: error in poll: %s", strerror(errno));
52 return(1);
53 }
54 }
55 if(ret > 0) {
56 if(pfds[0].revents & (POLLIN | POLLERR | POLLHUP)) {
57 ret = fread(buf, 1, 65536, in);
58 if(ferror(in)) {
59 flog(LOG_ERR, "callcgi: could not read input: %s", strerror(errno));
60 return(1);
61 }
62 if(fwrite(buf, 1, ret, out) != ret) {
63 flog(LOG_ERR, "callcgi: could not write output: %s", strerror(errno));
64 return(1);
65 }
66 }
67 if(pfds[1].revents & POLLHUP)
68 return(1);
69 }
70 }
71 return(0);
72}
73
74static char *absolutify(char *file)
75{
76 char cwd[1024];
77
78 if(*file != '/') {
79 getcwd(cwd, sizeof(cwd));
80 return(sprintf2("%s/%s", cwd, file));
81 }
82 return(sstrdup(file));
83}
84
85static pid_t forkchild(int inpath, char *prog, char *file, char *method, char *url, char *rest, int *infd, int *outfd)
86{
87 int i;
88 char *qp, **env, *name;
89 int inp[2], outp[2];
90 pid_t pid;
91
92 pipe(inp);
93 pipe(outp);
94 if((pid = fork()) < 0) {
95 flog(LOG_ERR, "callcgi: could not fork");
96 exit(1);
97 }
98 if(pid == 0) {
99 close(inp[1]);
100 close(outp[0]);
101 dup2(inp[0], 0);
102 dup2(outp[1], 1);
103 for(i = 3; i < FD_SETSIZE; i++)
104 close(i);
105 if((qp = strchr(url, '?')) != NULL)
106 *(qp++) = 0;
107 putenv(sprintf2("SERVER_SOFTWARE=ashd/%s", VERSION));
108 putenv("GATEWAY_INTERFACE=CGI/1.1");
109 if(getenv("HTTP_VERSION"))
110 putenv(sprintf2("SERVER_PROTOCOL=%s", getenv("HTTP_VERSION")));
111 putenv(sprintf2("REQUEST_METHOD=%s", method));
112 putenv(sprintf2("PATH_INFO=%s", rest));
113 name = url;
114 /* XXX: This is an ugly hack (I think), but though I can think
115 * of several alternatives, none seem to be better. */
116 if(*rest && (strlen(url) >= strlen(rest)) &&
117 !strcmp(rest, url + strlen(url) - strlen(rest))) {
118 name = sprintf2("%.*s", (int)(strlen(url) - strlen(rest)), url);
119 }
120 putenv(sprintf2("SCRIPT_NAME=%s", name));
121 putenv(sprintf2("QUERY_STRING=%s", qp?qp:""));
122 if(getenv("REQ_HOST"))
123 putenv(sprintf2("SERVER_NAME=%s", getenv("REQ_HOST")));
124 if(getenv("REQ_X_ASH_SERVER_PORT"))
125 putenv(sprintf2("SERVER_PORT=%s", getenv("REQ_X_ASH_SERVER_PORT")));
126 if(getenv("REQ_X_ASH_PROTOCOL") && !strcmp(getenv("REQ_X_ASH_PROTOCOL"), "https"))
127 putenv("HTTPS=on");
128 if(getenv("REQ_X_ASH_ADDRESS"))
129 putenv(sprintf2("REMOTE_ADDR=%s", getenv("REQ_X_ASH_ADDRESS")));
130 if(getenv("REQ_CONTENT_TYPE"))
131 putenv(sprintf2("CONTENT_TYPE=%s", getenv("REQ_CONTENT_TYPE")));
132 if(getenv("REQ_CONTENT_LENGTH"))
133 putenv(sprintf2("CONTENT_LENGTH=%s", getenv("REQ_CONTENT_LENGTH")));
134 for(env = environ; *env; env++) {
135 if(!strncmp(*env, "REQ_", 4))
136 putenv(sprintf2("HTTP_%s", (*env) + 4));
137 }
138 /*
139 * This is (understandably) missing from the CGI
140 * specification, but PHP seems to require it.
141 */
142 putenv(sprintf2("SCRIPT_FILENAME=%s", absolutify(file)));
143 if(inpath)
144 execlp(prog, prog, file, NULL);
145 else
146 execl(prog, prog, file, NULL);
147 exit(127);
148 }
149 close(inp[0]);
150 close(outp[1]);
151 *infd = inp[1];
152 *outfd = outp[0];
153 return(pid);
154}
155
156static void trim(struct charbuf *buf)
157{
158 char *p;
159
160 for(p = buf->b; (p - buf->b < buf->d) && isspace(*p); p++);
161 memmove(buf->b, p, buf->d -= (p - buf->b));
162 for(p = buf->b + buf->d - 1; (p > buf->b) && isspace(*p); p--, buf->d--);
163}
164
165static char **parseheaders(FILE *s)
166{
167 int c, state;
168 struct charvbuf hbuf;
169 struct charbuf buf;
170
171 bufinit(hbuf);
172 bufinit(buf);
173 state = 0;
174 while(1) {
175 c = fgetc(s);
176 again:
177 if(state == 0) {
178 if(c == '\r') {
179 } else if(c == '\n') {
180 break;
181 } else if(c == EOF) {
182 goto fail;
183 } else {
184 state = 1;
185 goto again;
186 }
187 } else if(state == 1) {
188 if(c == ':') {
189 trim(&buf);
190 bufadd(buf, 0);
191 bufadd(hbuf, buf.b);
192 bufinit(buf);
193 state = 2;
194 } else if(c == '\r') {
195 } else if(c == '\n') {
196 goto fail;
197 } else if(c == EOF) {
198 goto fail;
199 } else {
200 bufadd(buf, c);
201 }
202 } else if(state == 2) {
203 if(c == '\r') {
204 } else if(c == '\n') {
205 trim(&buf);
206 bufadd(buf, 0);
207 bufadd(hbuf, buf.b);
208 bufinit(buf);
209 state = 0;
210 } else if(c == EOF) {
211 goto fail;
212 } else {
213 bufadd(buf, c);
214 }
215 }
216 }
217 bufadd(hbuf, NULL);
218 return(hbuf.b);
219
220fail:
221 buffree(hbuf);
222 buffree(buf);
223 return(NULL);
224}
225
226static char *defstatus(int code)
227{
228 if(code == 200)
229 return("OK");
230 else if(code == 201)
231 return("Created");
232 else if(code == 202)
233 return("Accepted");
234 else if(code == 204)
235 return("No Content");
236 else if(code == 300)
237 return("Multiple Choices");
238 else if(code == 301)
239 return("Moved Permanently");
240 else if(code == 302)
241 return("Found");
242 else if(code == 303)
243 return("See Other");
244 else if(code == 304)
245 return("Not Modified");
246 else if(code == 307)
247 return("Moved Temporarily");
248 else if(code == 400)
249 return("Bad Request");
250 else if(code == 401)
251 return("Unauthorized");
252 else if(code == 403)
253 return("Forbidden");
254 else if(code == 404)
255 return("Not Found");
256 else if(code == 500)
257 return("Internal Server Error");
258 else if(code == 501)
259 return("Not Implemented");
260 else if(code == 503)
261 return("Service Unavailable");
262 else
263 return("Unknown status");
264}
265
266static void sendstatus(char **headers, FILE *out)
267{
268 char **hp;
269 char *status, *location;
270
271 hp = headers;
272 status = location = NULL;
273 while(*hp) {
274 if(!strcasecmp(hp[0], "status")) {
275 status = hp[1];
276 /* Clear this header, so that it is not transmitted by sendheaders. */
277 **hp = 0;
278 } else if(!strcasecmp(hp[0], "location")) {
279 location = hp[1];
280 hp += 2;
281 } else {
282 hp += 2;
283 }
284 }
285 if(status) {
286 if(strchr(status, ' '))
287 fprintf(out, "HTTP/1.1 %s\n", status);
288 else
289 fprintf(out, "HTTP/1.1 %i %s\n", atoi(status), defstatus(atoi(status)));
290 } else if(location) {
291 fprintf(out, "HTTP/1.1 303 See Other\n");
292 } else {
293 fprintf(out, "HTTP/1.1 200 OK\n");
294 }
295}
296
297static void sendheaders(char **headers, FILE *out)
298{
299 while(*headers) {
300 if(**headers)
301 fprintf(out, "%s: %s\n", headers[0], headers[1]);
302 headers += 2;
303 }
304}
305
306static void usage(void)
307{
308 flog(LOG_ERR, "usage: callcgi [-c] [-p PROGRAM] METHOD URL REST");
309}
310
311int main(int argc, char **argv, char **envp)
312{
313 int c;
314 char *file, *prog, *sp;
315 int inpath, cd;
316 int infd, outfd;
317 FILE *in, *out;
318 char **headers;
319 pid_t child;
320
321 environ = envp;
322 signal(SIGPIPE, SIG_IGN);
323
324 prog = NULL;
325 inpath = 0;
326 cd = 0;
327 while((c = getopt(argc, argv, "cp:")) >= 0) {
328 switch(c) {
329 case 'c':
330 cd = 1;
331 break;
332 case 'p':
333 prog = optarg;
334 inpath = 1;
335 break;
336 default:
337 usage();
338 exit(1);
339 }
340 }
341
342 if(argc - optind < 3) {
343 usage();
344 exit(1);
345 }
346 if((file = getenv("REQ_X_ASH_FILE")) == NULL) {
347 flog(LOG_ERR, "callcgi: needs to be called with the X-Ash-File header");
348 exit(1);
349 }
350
351 if(cd) {
352 /* This behavior is encouraged by the CGI specification (RFC 3875, 7.2),
353 * but not strictly required, and I get the feeling it might break some
354 * relative paths here or there, so it's not the default for now. */
355 if((sp = strrchr(file, '/')) != NULL) {
356 *sp = 0;
357 if(chdir(file)) {
358 *sp = '/';
359 } else {
360 file = sp + 1;
361 }
362 }
363 }
364
365 if(prog == NULL)
366 prog = file;
367 child = forkchild(inpath, prog, file, argv[optind], argv[optind + 1], argv[optind + 2], &infd, &outfd);
368 in = fdopen(infd, "w");
369 passdata(stdin, in); /* Ignore errors, perhaps? */
370 fclose(in);
371 out = fdopen(outfd, "r");
372 if((headers = parseheaders(out)) == NULL) {
373 flog(LOG_WARNING, "CGI handler returned invalid headers");
374 exit(1);
375 }
376 sendstatus(headers, stdout);
377 sendheaders(headers, stdout);
378 printf("\n");
379 if(passdata(out, stdout))
380 kill(child, SIGINT);
381 return(0);
382}