branch Attitude Adjustment

git-svn-id: svn://svn.openwrt.org/openwrt/branches/attitude_adjustment@33625 3c298f89-4303-0410-b956-a3cf2f4a3e73

1 files changed, 556 insertions, 0 deletions

diff --git a/package/uhttpd/src/uhttpd-cgi.c b/package/uhttpd/src/uhttpd-cgi.c
new file mode 100644
index 000000000..69af90db4
--- /dev/null
+++ b/package/uhttpd/src/uhttpd-cgi.c
@@ -0,0 +1,556 @@
+/*
+ * uhttpd - Tiny single-threaded httpd - CGI handler
+ *
+ *   Copyright (C) 2010-2012 Jo-Philipp Wich <xm@subsignal.org>
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#include "uhttpd.h"
+#include "uhttpd-utils.h"
+#include "uhttpd-cgi.h"
+
+
+static bool
+uh_cgi_header_parse(struct http_response *res, char *buf, int len, int *off)
+{
+	char *bufptr = NULL;
+	char *hdrname = NULL;
+	int hdrcount = 0;
+	int pos = 0;
+
+	if (((bufptr = strfind(buf, len, "\r\n\r\n", 4)) != NULL) ||
+	    ((bufptr = strfind(buf, len, "\n\n", 2)) != NULL))
+	{
+		*off = (int)(bufptr - buf) + ((bufptr[0] == '\r') ? 4 : 2);
+
+		memset(res, 0, sizeof(*res));
+
+		res->statuscode = 200;
+		res->statusmsg  = "OK";
+
+		bufptr = &buf[0];
+
+		for (pos = 0; pos < *off; pos++)
+		{
+			if (!hdrname && (buf[pos] == ':'))
+			{
+				buf[pos++] = 0;
+
+				if ((pos < len) && (buf[pos] == ' '))
+					pos++;
+
+				if (pos < len)
+				{
+					hdrname = bufptr;
+					bufptr = &buf[pos];
+				}
+			}
+
+			else if ((buf[pos] == '\r') || (buf[pos] == '\n'))
+			{
+				if (! hdrname)
+					break;
+
+				buf[pos++] = 0;
+
+				if ((pos < len) && (buf[pos] == '\n'))
+					pos++;
+
+				if (pos <= len)
+				{
+					if ((hdrcount+1) < array_size(res->headers))
+					{
+						if (!strcasecmp(hdrname, "Status"))
+						{
+							res->statuscode = atoi(bufptr);
+
+							if (res->statuscode < 100)
+								res->statuscode = 200;
+
+							if (((bufptr = strchr(bufptr, ' ')) != NULL) &&
+								(&bufptr[1] != 0))
+							{
+								res->statusmsg = &bufptr[1];
+							}
+
+							D("CGI: HTTP/1.x %03d %s\n",
+							  res->statuscode, res->statusmsg);
+						}
+						else
+						{
+							D("CGI: HTTP: %s: %s\n", hdrname, bufptr);
+
+							res->headers[hdrcount++] = hdrname;
+							res->headers[hdrcount++] = bufptr;
+						}
+
+						bufptr = &buf[pos];
+						hdrname = NULL;
+					}
+					else
+					{
+						return false;
+					}
+				}
+			}
+		}
+
+		return true;
+	}
+
+	return false;
+}
+
+static char * uh_cgi_header_lookup(struct http_response *res,
+								   const char *hdrname)
+{
+	int i;
+
+	foreach_header(i, res->headers)
+	{
+		if (!strcasecmp(res->headers[i], hdrname))
+			return res->headers[i+1];
+	}
+
+	return NULL;
+}
+
+static void uh_cgi_shutdown(struct uh_cgi_state *state)
+{
+	free(state);
+}
+
+static bool uh_cgi_socket_cb(struct client *cl)
+{
+	int i, len, blen, hdroff;
+	char buf[UH_LIMIT_MSGHEAD];
+
+	struct uh_cgi_state *state = (struct uh_cgi_state *)cl->priv;
+	struct http_response *res = &cl->response;
+	struct http_request *req = &cl->request;
+
+	/* there is unread post data waiting */
+	while (state->content_length > 0)
+	{
+		/* remaining data in http head buffer ... */
+		if (cl->httpbuf.len > 0)
+		{
+			len = min(state->content_length, cl->httpbuf.len);
+
+			D("CGI: Child(%d) feed %d HTTP buffer bytes\n", cl->proc.pid, len);
+
+			memcpy(buf, cl->httpbuf.ptr, len);
+
+			cl->httpbuf.len -= len;
+			cl->httpbuf.ptr +=len;
+		}
+
+		/* read it from socket ... */
+		else
+		{
+			len = uh_tcp_recv(cl, buf,
+							  min(state->content_length, sizeof(buf)));
+
+			if ((len < 0) && ((errno == EAGAIN) || (errno == EWOULDBLOCK)))
+				break;
+
+			D("CGI: Child(%d) feed %d/%d TCP socket bytes\n",
+			  cl->proc.pid, len, min(state->content_length, sizeof(buf)));
+		}
+
+		if (len)
+			state->content_length -= len;
+		else
+			state->content_length = 0;
+
+		/* ... write to CGI process */
+		len = uh_raw_send(cl->wpipe.fd, buf, len,
+						  cl->server->conf->script_timeout);
+
+		/* explicit EOF notification for the child */
+		if (state->content_length <= 0)
+			uh_ufd_remove(&cl->wpipe);
+	}
+
+	/* try to read data from child */
+	while ((len = uh_raw_recv(cl->rpipe.fd, buf, state->header_sent
+	                          ? sizeof(buf) : state->httpbuf.len, -1)) > 0)
+	{
+		/* we have not pushed out headers yet, parse input */
+		if (!state->header_sent)
+		{
+			/* try to parse header ... */
+			memcpy(state->httpbuf.ptr, buf, len);
+			state->httpbuf.len -= len;
+			state->httpbuf.ptr += len;
+
+			blen = state->httpbuf.ptr - state->httpbuf.buf;
+
+			if (uh_cgi_header_parse(res, state->httpbuf.buf, blen, &hdroff))
+			{
+				/* write status */
+				ensure_out(uh_http_sendf(cl, NULL,
+					"%s %03d %s\r\n"
+					"Connection: close\r\n",
+					http_versions[req->version],
+					res->statuscode, res->statusmsg));
+
+				/* add Content-Type if no Location or Content-Type */
+				if (!uh_cgi_header_lookup(res, "Location") &&
+					!uh_cgi_header_lookup(res, "Content-Type"))
+				{
+					ensure_out(uh_http_send(cl, NULL,
+						"Content-Type: text/plain\r\n", -1));
+				}
+
+				/* if request was HTTP 1.1 we'll respond chunked */
+				if ((req->version > UH_HTTP_VER_1_0) &&
+					!uh_cgi_header_lookup(res, "Transfer-Encoding"))
+				{
+					ensure_out(uh_http_send(cl, NULL,
+						"Transfer-Encoding: chunked\r\n", -1));
+				}
+
+				/* write headers from CGI program */
+				foreach_header(i, res->headers)
+				{
+					ensure_out(uh_http_sendf(cl, NULL, "%s: %s\r\n",
+						res->headers[i], res->headers[i+1]));
+				}
+
+				/* terminate header */
+				ensure_out(uh_http_send(cl, NULL, "\r\n", -1));
+
+				state->header_sent = true;
+
+				/* push out remaining head buffer */
+				if (hdroff < blen)
+				{
+					D("CGI: Child(%d) relaying %d rest bytes\n",
+					  cl->proc.pid, blen - hdroff);
+
+					ensure_out(uh_http_send(cl, req,
+					                        state->httpbuf.buf + hdroff,
+					                        blen - hdroff));
+				}
+			}
+
+			/* ... failed and head buffer exceeded */
+			else if (!state->httpbuf.len)
+			{
+				/* I would do this ...
+				 *
+				 *    uh_cgi_error_500(cl, req,
+				 *        "The CGI program generated an "
+				 *        "invalid response:\n\n");
+				 *
+				 * ... but in order to stay as compatible as possible,
+				 * treat whatever we got as text/plain response and
+				 * build the required headers here.
+				 */
+
+				ensure_out(uh_http_sendf(cl, NULL,
+										 "%s 200 OK\r\n"
+										 "Content-Type: text/plain\r\n"
+										 "%s\r\n",
+										 http_versions[req->version],
+										 (req->version > UH_HTTP_VER_1_0)
+										 ? "Transfer-Encoding: chunked\r\n" : ""
+				));
+
+				state->header_sent = true;
+
+				D("CGI: Child(%d) relaying %d invalid bytes\n",
+				  cl->proc.pid, len);
+
+				ensure_out(uh_http_send(cl, req, buf, len));
+			}
+		}
+		else
+		{
+			/* headers complete, pass through buffer to socket */
+			D("CGI: Child(%d) relaying %d normal bytes\n", cl->proc.pid, len);
+			ensure_out(uh_http_send(cl, req, buf, len));
+		}
+	}
+
+	/* got EOF or read error from child */
+	if ((len == 0) ||
+		((errno != EAGAIN) && (errno != EWOULDBLOCK) && (len == -1)))
+	{
+		D("CGI: Child(%d) presumed dead [%s]\n", cl->proc.pid, strerror(errno));
+
+		goto out;
+	}
+
+	return true;
+
+out:
+	if (!state->header_sent)
+	{
+		if (cl->timeout.pending)
+			uh_http_sendhf(cl, 502, "Bad Gateway",
+						   "The CGI process did not produce any response\n");
+		else
+			uh_http_sendhf(cl, 504, "Gateway Timeout",
+						   "The CGI process took too long to produce a "
+						   "response\n");
+	}
+	else
+	{
+		uh_http_send(cl, req, "", 0);
+	}
+
+	uh_cgi_shutdown(state);
+	return false;
+}
+
+bool uh_cgi_request(struct client *cl, struct path_info *pi,
+					struct interpreter *ip)
+{
+	int i;
+
+	int rfd[2] = { 0, 0 };
+	int wfd[2] = { 0, 0 };
+
+	pid_t child;
+
+	struct uh_cgi_state *state;
+	struct http_request *req = &cl->request;
+
+	/* allocate state */
+	if (!(state = malloc(sizeof(*state))))
+	{
+		uh_http_sendhf(cl, 500, "Internal Server Error", "Out of memory");
+		return false;
+	}
+
+	/* spawn pipes for me->child, child->me */
+	if ((pipe(rfd) < 0) || (pipe(wfd) < 0))
+	{
+		if (rfd[0] > 0) close(rfd[0]);
+		if (rfd[1] > 0) close(rfd[1]);
+		if (wfd[0] > 0) close(wfd[0]);
+		if (wfd[1] > 0) close(wfd[1]);
+
+		uh_http_sendhf(cl, 500, "Internal Server Error",
+						"Failed to create pipe: %s\n", strerror(errno));
+
+		return false;
+	}
+
+	/* fork off child process */
+	switch ((child = fork()))
+	{
+	/* oops */
+	case -1:
+		uh_http_sendhf(cl, 500, "Internal Server Error",
+						"Failed to fork child: %s\n", strerror(errno));
+
+		return false;
+
+	/* exec child */
+	case 0:
+#ifdef DEBUG
+		sleep(atoi(getenv("UHTTPD_SLEEP_ON_FORK") ?: "0"));
+#endif
+
+		/* do not leak parent epoll descriptor */
+		uloop_done();
+
+		/* close loose pipe ends */
+		close(rfd[0]);
+		close(wfd[1]);
+
+		/* patch stdout and stdin to pipes */
+		dup2(rfd[1], 1);
+		dup2(wfd[0], 0);
+
+		/* avoid leaking our pipe into child-child processes */
+		fd_cloexec(rfd[1]);
+		fd_cloexec(wfd[0]);
+
+		/* check for regular, world-executable file _or_ interpreter */
+		if (((pi->stat.st_mode & S_IFREG) &&
+			 (pi->stat.st_mode & S_IXOTH)) || (ip != NULL))
+		{
+			/* build environment */
+			clearenv();
+
+			/* common information */
+			setenv("GATEWAY_INTERFACE", "CGI/1.1", 1);
+			setenv("SERVER_SOFTWARE", "uHTTPd", 1);
+			setenv("PATH", "/sbin:/usr/sbin:/bin:/usr/bin", 1);
+
+#ifdef HAVE_TLS
+			/* https? */
+			if (cl->tls)
+				setenv("HTTPS", "on", 1);
+#endif
+
+			/* addresses */
+			setenv("SERVER_NAME", sa_straddr(&cl->servaddr), 1);
+			setenv("SERVER_ADDR", sa_straddr(&cl->servaddr), 1);
+			setenv("SERVER_PORT", sa_strport(&cl->servaddr), 1);
+			setenv("REMOTE_HOST", sa_straddr(&cl->peeraddr), 1);
+			setenv("REMOTE_ADDR", sa_straddr(&cl->peeraddr), 1);
+			setenv("REMOTE_PORT", sa_strport(&cl->peeraddr), 1);
+
+			/* path information */
+			setenv("SCRIPT_NAME", pi->name, 1);
+			setenv("SCRIPT_FILENAME", pi->phys, 1);
+			setenv("DOCUMENT_ROOT", pi->root, 1);
+			setenv("QUERY_STRING", pi->query ? pi->query : "", 1);
+
+			if (pi->info)
+				setenv("PATH_INFO", pi->info, 1);
+
+			/* REDIRECT_STATUS, php-cgi wants it */
+			switch (req->redirect_status)
+			{
+				case 404:
+					setenv("REDIRECT_STATUS", "404", 1);
+					break;
+
+				default:
+					setenv("REDIRECT_STATUS", "200", 1);
+					break;
+			}
+
+			/* http version */
+			setenv("SERVER_PROTOCOL", http_versions[req->version], 1);
+
+			/* request method */
+			setenv("REQUEST_METHOD", http_methods[req->method], 1);
+
+			/* request url */
+			setenv("REQUEST_URI", req->url, 1);
+
+			/* remote user */
+			if (req->realm)
+				setenv("REMOTE_USER", req->realm->user, 1);
+
+			/* request message headers */
+			foreach_header(i, req->headers)
+			{
+				if (!strcasecmp(req->headers[i], "Accept"))
+					setenv("HTTP_ACCEPT", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Accept-Charset"))
+					setenv("HTTP_ACCEPT_CHARSET", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Accept-Encoding"))
+					setenv("HTTP_ACCEPT_ENCODING", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Accept-Language"))
+					setenv("HTTP_ACCEPT_LANGUAGE", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Authorization"))
+					setenv("HTTP_AUTHORIZATION", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Connection"))
+					setenv("HTTP_CONNECTION", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Cookie"))
+					setenv("HTTP_COOKIE", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Host"))
+					setenv("HTTP_HOST", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Referer"))
+					setenv("HTTP_REFERER", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "User-Agent"))
+					setenv("HTTP_USER_AGENT", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Content-Type"))
+					setenv("CONTENT_TYPE", req->headers[i+1], 1);
+
+				else if (!strcasecmp(req->headers[i], "Content-Length"))
+					setenv("CONTENT_LENGTH", req->headers[i+1], 1);
+			}
+
+
+			/* execute child code ... */
+			if (chdir(pi->root))
+				perror("chdir()");
+
+			if (ip != NULL)
+				execl(ip->path, ip->path, pi->phys, NULL);
+			else
+				execl(pi->phys, pi->phys, NULL);
+
+			/* in case it fails ... */
+			printf("Status: 500 Internal Server Error\r\n\r\n"
+				   "Unable to launch the requested CGI program:\n"
+				   "  %s: %s\n", ip ? ip->path : pi->phys, strerror(errno));
+		}
+
+		/* 403 */
+		else
+		{
+			printf("Status: 403 Forbidden\r\n\r\n"
+				   "Access to this resource is forbidden\n");
+		}
+
+		close(wfd[0]);
+		close(rfd[1]);
+		exit(0);
+
+		break;
+
+	/* parent; handle I/O relaying */
+	default:
+		memset(state, 0, sizeof(*state));
+
+		cl->rpipe.fd = rfd[0];
+		cl->wpipe.fd = wfd[1];
+		cl->proc.pid = child;
+
+		/* make pipe non-blocking */
+		fd_nonblock(cl->rpipe.fd);
+		fd_nonblock(cl->wpipe.fd);
+
+		/* close unneeded pipe ends */
+		close(rfd[1]);
+		close(wfd[0]);
+
+		D("CGI: Child(%d) created: rfd(%d) wfd(%d)\n", child, rfd[0], wfd[1]);
+
+		state->httpbuf.ptr = state->httpbuf.buf;
+		state->httpbuf.len = sizeof(state->httpbuf.buf);
+
+		state->content_length = cl->httpbuf.len;
+
+		/* find content length */
+		if (req->method == UH_HTTP_MSG_POST)
+		{
+			foreach_header(i, req->headers)
+			{
+				if (!strcasecmp(req->headers[i], "Content-Length"))
+				{
+					state->content_length = atoi(req->headers[i+1]);
+					break;
+				}
+			}
+		}
+
+		cl->cb = uh_cgi_socket_cb;
+		cl->priv = state;
+
+		break;
+	}
+
+	return true;
+}