static ret_t local_file_exists (cherokee_rule_extensions_t *rule, cherokee_connection_t *conn, cherokee_config_entry_t *ret_conf) { ret_t ret; struct stat *info; struct stat nocache_info; cherokee_boolean_t is_file; cherokee_iocache_entry_t *io_entry = NULL; cherokee_server_t *srv = CONN_SRV(conn); cherokee_buffer_t *tmp = THREAD_TMP_BUF1(CONN_THREAD(conn)); UNUSED(rule); /* Build the full path */ cherokee_buffer_clean (tmp); if (ret_conf->document_root != NULL) { /* A previous non-final rule set a custom document root */ cherokee_buffer_add_buffer (tmp, ret_conf->document_root); } else { cherokee_buffer_add_buffer (tmp, &conn->local_directory); } cherokee_buffer_add_str (tmp, "/"); cherokee_buffer_add_buffer (tmp, &conn->request); /* Check the local file */ ret = cherokee_io_stat (srv->iocache, tmp, rule->use_iocache, &nocache_info, &io_entry, &info); is_file = S_ISREG(info->st_mode); if (io_entry) { cherokee_iocache_entry_unref (&io_entry); } /* Report and return */ if (ret != ret_ok) { TRACE(ENTRIES, "Rule extensions: almost matched '%s', but file does not exist\n", tmp->buf); return ret_not_found; } if (! is_file) { TRACE(ENTRIES, "Rule extensions: almost matched '%s', but it is not a file\n", tmp->buf); return ret_not_found; } return ret_ok; }
static ret_t fork_and_execute_cgi_via_spawner(cherokee_handler_cgi_t *cgi) { int re; int pid = -1; cherokee_connection_t *conn = HANDLER_CONN(cgi); cherokee_handler_cgi_base_t *cgi_base = HDL_CGI_BASE(cgi); ret_t ret; uid_t uid; gid_t gid; cherokee_buffer_t empty = CHEROKEE_BUF_INIT; cherokee_buffer_t username = CHEROKEE_BUF_INIT; cherokee_services_fdmap_t fd_map; cherokee_buffer_t *chdir = NULL; cherokee_buffer_t chdir_backing = CHEROKEE_BUF_INIT; struct passwd ent; char ent_tmp[1024]; struct { int cgi[2]; int server[2]; } pipes; TRACE (ENTRIES, "Trying to create CGI via spawner\n"); if (! cherokee_buffer_is_empty (&conn->effective_directory)) { chdir = &conn->effective_directory; } else { int ofs = cgi_base->executable.len - 1; while (ofs >= 0 && cgi_base->executable.buf[ofs] != '/') { ofs--; } TRACE (ENTRIES, "While building chdir, ofs=%d\n", ofs); if (ofs < 0 || cherokee_buffer_add (&chdir_backing, cgi_base->executable.buf, ofs + 1) != ret_ok) { conn->error_code = http_internal_error; TRACE (ENTRIES, "Failed, cannot build chdir entry\n"); cherokee_buffer_mrproper(&chdir_backing); return ret_error; } chdir = &chdir_backing; } /* Creates the pipes ... */ re = cherokee_pipe (pipes.cgi); re |= cherokee_pipe (pipes.server); if (re != 0) { conn->error_code = http_internal_error; cherokee_buffer_mrproper(&chdir_backing); TRACE (ENTRIES, "Failed, cannot build pipes\n"); return ret_error; } if (HANDLER_CGI_PROPS(cgi_base)->change_user) { struct stat nocache_info; struct stat *info; cherokee_iocache_entry_t *io_entry = NULL; cherokee_server_t *srv = CONN_SRV(conn); cherokee_handler_cgi_base_props_t *props = HANDLER_CGI_BASE_PROPS(cgi); ret = cherokee_io_stat (srv->iocache, &cgi_base->executable, props->use_cache, &nocache_info, &io_entry, &info); if (ret != ret_ok) { info = &nocache_info; nocache_info.st_uid = getuid(); nocache_info.st_gid = getgid(); } uid = info->st_uid; gid = info->st_gid; cherokee_iocache_entry_unref(&io_entry); } else { /* Not changing, so launch as the same uid/gid as the worker */ uid = getuid(); gid = getgid(); } /* Determine the username of the owner of the file */ ret = cherokee_getpwuid(uid, &ent, ent_tmp, sizeof (ent_tmp)); if (ret != ret_ok || cherokee_buffer_add(&username, ent.pw_name, strlen(ent.pw_name) != ret_ok)) { cherokee_fd_close(pipes.cgi[0]); cherokee_fd_close(pipes.cgi[1]); cherokee_fd_close(pipes.server[0]); cherokee_fd_close(pipes.server[1]); conn->error_code = http_internal_error; cherokee_buffer_mrproper(&chdir_backing); cherokee_buffer_mrproper(&username); TRACE (ENTRIES, "Failed, Unable to retrieve username for uid %d\n", uid); return ret_error; } /* Update the environment ready to run */ add_environment (cgi, conn); /* Set up the FD map */ fd_map.fd_in = pipes.server[0]; fd_map.fd_out = pipes.cgi[1]; if ((CONN_VSRV(conn)->error_writer != NULL) && (CONN_VSRV(conn)->error_writer->fd != -1)) { fd_map.fd_err = CONN_VSRV(conn)->error_writer->fd; } else { fd_map.fd_err = fd_map.fd_out; } TRACE (ENTRIES, "Doing Spawn\n"); ret = cherokee_services_client_spawn (&cgi_base->executable, &username, uid, gid, &empty, chdir, false, cgi->envp, CONN_VSRV(conn)->error_writer, &pid, &fd_map); cherokee_buffer_mrproper(&chdir_backing); cherokee_buffer_mrproper(&username); /* Close the client FDs */ cherokee_fd_close (pipes.server[0]); cherokee_fd_close (pipes.cgi[1]); /* Did we fail to try to spawn? */ if (ret != ret_ok) { /* Close the server FDs too */ cherokee_fd_close (pipes.server[1]); cherokee_fd_close (pipes.cgi[0]); TRACE (ENTRIES, "Failed to spawn\n"); return ret; } /* Did we try, but fail, to spawn? */ if (pid == -1) { /* Close the server FDs too */ cherokee_fd_close (pipes.server[1]); cherokee_fd_close (pipes.cgi[0]); TRACE (ENTRIES, "Spawned, but failed server side\n"); return ret_error; } /* Successfully launched */ cgi->pid = pid; cgi->pipeInput = pipes.cgi[0]; cgi->pipeOutput = pipes.server[1]; /* Set to Input to NON-BLOCKING */ _fd_set_properties (cgi->pipeInput, O_NDELAY|O_NONBLOCK, 0); TRACE (ENTRIES, "CGI running, PID=%d\n", pid); return ret_ok; }
static NORETURN void manage_child_cgi_process (cherokee_handler_cgi_t *cgi, int pipe_cgi[2], int pipe_server[2]) { /* Child process */ int re; cherokee_connection_t *conn = HANDLER_CONN(cgi); cherokee_handler_cgi_base_t *cgi_base = HDL_CGI_BASE(cgi); char *absolute_path = cgi_base->executable.buf; char *argv[2] = { NULL, NULL }; #ifdef TRACE_ENABLED TRACE(ENTRIES, "About to execute: '%s'\n", absolute_path); if (! cherokee_buffer_is_empty (&conn->effective_directory)) TRACE(ENTRIES, "Effective directory: '%s'\n", conn->effective_directory.buf); else TRACE(ENTRIES, "No Effective directory %s", "\n"); #endif /* Close useless sides */ cherokee_fd_close (pipe_cgi[0]); cherokee_fd_close (pipe_server[1]); /* Change stdin and out */ cherokee_fd_close (STDIN_FILENO); re = dup2 (pipe_server[0], STDIN_FILENO); cherokee_fd_close (pipe_server[0]); if (unlikely (re != 0)) { printf ("Status: 500" CRLF_CRLF); printf ("X-Debug: file=%s line=%d" CRLF_CRLF, __FILE__, __LINE__); exit(1); } cherokee_fd_close (STDOUT_FILENO); re |= dup2 (pipe_cgi[1], STDOUT_FILENO); cherokee_fd_close (pipe_cgi[1]); /* Redirect the stderr */ if ((CONN_VSRV(conn)->error_writer != NULL) && (CONN_VSRV(conn)->error_writer->fd != -1)) { cherokee_fd_close (STDERR_FILENO); dup2 (CONN_VSRV(conn)->error_writer->fd, STDERR_FILENO); } # if 0 /* Set unbuffered */ setvbuf (stdin, NULL, _IONBF, 0); setvbuf (stdout, NULL, _IONBF, 0); # endif /* Enable blocking mode */ _fd_set_properties (STDIN_FILENO, 0, O_NONBLOCK); _fd_set_properties (STDOUT_FILENO, 0, O_NONBLOCK); _fd_set_properties (STDERR_FILENO, 0, O_NONBLOCK); /* Sets the new environ. */ add_environment (cgi, conn); /* Change the directory */ if (! cherokee_buffer_is_empty (&conn->effective_directory)) { re = chdir (conn->effective_directory.buf); } else { char *file = strrchr (absolute_path, '/'); if (file != NULL) { *file = '\0'; re = chdir (absolute_path); *file = '/'; } else { re = -1; } } if (re < 0) { printf ("Status: 500" CRLF_CRLF); printf ("X-Debug: file=%s line=%d" CRLF_CRLF, __FILE__, __LINE__); exit(1); } /* Build de argv array */ argv[0] = absolute_path; /* Change the execution user? */ if (HANDLER_CGI_PROPS(cgi_base)->change_user) { struct stat nocache_info; struct stat *info; cherokee_iocache_entry_t *io_entry = NULL; cherokee_server_t *srv = CONN_SRV(conn); cherokee_handler_cgi_base_props_t *props = HANDLER_CGI_BASE_PROPS(cgi); ret_t ret = cherokee_io_stat (srv->iocache, &cgi_base->executable, props->use_cache, &nocache_info, &io_entry, &info); if (ret != ret_ok) { info = &nocache_info; } re = setuid (info->st_uid); if (re != 0) { LOG_ERROR (CHEROKEE_ERROR_HANDLER_CGI_SETID, absolute_path, info->st_uid); } cherokee_iocache_entry_unref(&io_entry); } /* Reset the server-wide signal handlers */ cherokee_reset_signals(); /* Lets go.. execute it! */ do { re = execve (absolute_path, argv, cgi->envp); } while ((re == -1) && (errno == EINTR)); if (re < 0) { int err = errno; char buferr[ERROR_MAX_BUFSIZE]; switch (err) { case ENODEV: case ENOTDIR: case ENOENT: printf ("Status: 404" CRLF_CRLF); exit(0); case EPERM: case EACCES: case ENOEXEC: printf ("Status: 403" CRLF_CRLF); exit(0); default: printf ("Status: 500" CRLF_CRLF); printf ("X-Debug: file=%s line=%d cmd=%s errno=%d: %s" CRLF_CRLF, __FILE__, __LINE__, absolute_path, err, strerror(err)); } /* Don't use the logging system (concurrency issues) */ LOG_ERROR (CHEROKEE_ERROR_HANDLER_CGI_EXECUTE, absolute_path, cherokee_strerror_r(err, buferr, sizeof(buferr))); exit(1); } /* There is no way, it could reach this point. */ SHOULDNT_HAPPEN; exit(2); }