int buffer_append_long_hex(buffer *b, unsigned long value) { char *buf; int shift = 0; unsigned long copy = value; while (copy) { copy >>= 4; shift++; } if (shift == 0) shift++; if (shift & 0x01) shift++; buffer_prepare_append(b, shift + 1); if (b->used == 0) b->used++; buf = b->ptr + (b->used - 1); b->used += shift; shift <<= 2; while (shift > 0) { shift -= 4; *(buf++) = hex_chars[(value >> shift) & 0x0F]; } *buf = '\0'; return 0; }
/** * 将s追加到b中 * 如果s的长度小于maxlen,则在b的数据中补上空格,使得 * b追加的数据的长度等于maxlen。 * * s的长度大于maxlen??? * */ int buffer_append_string_rfill(buffer *b, const char *s, size_t maxlen) { size_t s_len; if (!s || !b) return -1; s_len = strlen(s); buffer_prepare_append(b, maxlen + 1); if (b -> used == 0) { b -> used++; } //如果s的长度大于maxlen,这就溢出了。。。 memcpy(b -> ptr + b -> used - 1, s, s_len); //追加空格 if (maxlen > s_len) { memset(b -> ptr + b -> used - 1 + s_len, ' ', maxlen - s_len); } //设置 b -> used += maxlen; b -> ptr[b -> used - 1] = '\0'; return 0; }
static int fcgi_env_add(buffer *env, const char *key, size_t key_len, const char *val, size_t val_len) { size_t len; if (!key || !val) return -1; len = key_len + val_len; len += key_len > 127 ? 4 : 1; len += val_len > 127 ? 4 : 1; if (env->used + len >= FCGI_MAX_LENGTH) { /** * we can't append more headers, ignore it */ return -1; } /** * field length can be 31bit max * * HINT: this can't happen as FCGI_MAX_LENGTH is only 16bit */ if (key_len > 0x7fffffff) key_len = 0x7fffffff; if (val_len > 0x7fffffff) val_len = 0x7fffffff; buffer_prepare_append(env, len); if (key_len > 127) { env->ptr[env->used++] = ((key_len >> 24) & 0xff) | 0x80; env->ptr[env->used++] = (key_len >> 16) & 0xff; env->ptr[env->used++] = (key_len >> 8) & 0xff; env->ptr[env->used++] = (key_len >> 0) & 0xff; } else {
static void accesslog_append_escaped(buffer *dest, buffer *str) { char *ptr, *start, *end; /* replaces non-printable chars with \xHH where HH is the hex representation of the byte */ /* exceptions: " => \", \ => \\, whitespace chars => \n \t etc. */ if (str->used == 0) return; buffer_prepare_append(dest, str->used - 1); for (ptr = start = str->ptr, end = str->ptr + str->used - 1; ptr < end; ptr++) { if (*ptr >= ' ' && *ptr <= '~') { /* nothing to change, add later as one block */ } else { /* copy previous part */ if (start < ptr) { buffer_append_string_len(dest, start, ptr - start); } start = ptr + 1; switch (*ptr) { case '"': BUFFER_APPEND_STRING_CONST(dest, "\\\""); break; case '\\': BUFFER_APPEND_STRING_CONST(dest, "\\\\"); break; case '\b': BUFFER_APPEND_STRING_CONST(dest, "\\b"); break; case '\n': BUFFER_APPEND_STRING_CONST(dest, "\\n"); break; case '\r': BUFFER_APPEND_STRING_CONST(dest, "\\r"); break; case '\t': BUFFER_APPEND_STRING_CONST(dest, "\\t"); break; case '\v': BUFFER_APPEND_STRING_CONST(dest, "\\v"); break; default: { /* non printable char => \xHH */ char hh[5] = {'\\','x',0,0,0}; char h = *ptr / 16; hh[2] = (h > 9) ? (h - 10 + 'A') : (h + '0'); h = *ptr % 16; hh[3] = (h > 9) ? (h - 10 + 'A') : (h + '0'); buffer_append_string_len(dest, &hh[0], 4); } break; } } } if (start < end) { buffer_append_string_len(dest, start, end - start); } }
int buffer_append_long(buffer *b, long val) { if (!b) return -1; buffer_prepare_append(b, 32); if (b->used == 0) b->used++; b->used += LI_ltostr(b->ptr + (b->used - 1), val); return 0; }
int buffer_append_int (buffer * buf, int n) { if (!buf) return -1; buffer_prepare_append (buf, 32); buf->used += itostr (buf->ptr + buf->used, n); return 0; }
int buffer_append_memory(buffer *b, const char *s, size_t s_len) { if (!s || !b) return -1; if (s_len == 0) return 0; buffer_prepare_append(b, s_len); memcpy(b->ptr + b->used, s, s_len); b->used += s_len; return 0; }
int buffer_append_str_len (buffer * buf, const char *str, int len) { if (!buf || !str || len <= 0) return -1; buffer_prepare_append (buf, len + 1); memcpy(buf->ptr + buf->used, str, len); buf->used += len; buf->ptr[buf->used] = '\0'; return 0; }
int buffer_append_string (buffer * buf, const char *str) { if (!buf || !str) return -1; int len = strlen (str); buffer_prepare_append (buf, len + 1); memcpy (buf->ptr + buf->used, str, len + 1); /* copy str and ending '\0' */ buf->used += len; return 0; }
int buffer_append_string_len(buffer *b, const char *s, size_t s_len) { if (!s || !b) return -1; if (s_len == 0) return 0; buffer_prepare_append(b, s_len + 1); if (b->used == 0) b->used++; memcpy(b->ptr + b->used - 1, s, s_len); b->used += s_len; b->ptr[b->used - 1] = '\0'; return 0; }
int buffer_append_string(buffer *b, const char *s) { size_t s_len; if (!s || !b) return -1; s_len = strlen(s); buffer_prepare_append(b, s_len + 1); if (b->used == 0) b->used++; memcpy(b->ptr + b->used - 1, s, s_len + 1); b->used += s_len; return 0; }
int get_chunk_buf(SceUID fd, buffer ** pbuf, char **pchunk, size_t stwant) { buffer *p; size_t stremain; if (fd < 0 || !pbuf || !(*pbuf) || !(*pbuf)->ptr || !pchunk || !(*pchunk) || buf_offset < 0 || umdfile_remain < 0) return -1; p = *pbuf; stremain = p->size - buf_offset; if (stremain < 0) return -2; if (stremain < stwant) { if (stwant - stremain > umdfile_remain) return -3; memmove(p->ptr, p->ptr + buf_offset, stremain); //size_t stbuf_want = (p->size - stremain > file_remain) ? file_remain : (p->size - stremain); if (stwant > p->size) { (*pbuf)->used = stremain; if (0 > buffer_prepare_append(*pbuf, stwant - stremain)) { //dbg_printf(d, "%s resize to new size:%d error!",__func__,stwant + (*pbuf)->size - stremain); return -4; } p = *pbuf; //dbg_printf(d, "%s new ptr:%p,%x%x%x!",__func__,p->ptr,*p->ptr,*(p->ptr+1),*(p->ptr+2)); } if (sceIoRead(fd, p->ptr + stremain, p->size - stremain) < 0) { //dbg_printf(d, "%s read umd file chunk error,ret:%d!",__func__,p->used); buffer_free(*pbuf); return -1; } //p->ptr[p->used] = 0; p->used = p->size; *pchunk = p->ptr; buf_offset = stwant; umdfile_remain -= (p->size - stremain); } else { *pchunk = p->ptr + buf_offset; buf_offset += stwant; } umdfile_offset += stwant; return stwant; }
/** * 将s指向的内存区域中的数据追加到b中。 * 由于追加的是数据而不是字符串,因此,在追加后不需要加上'\0'! * s_len为内存区大小 */ int buffer_append_memory(buffer *b, const char *s, size_t s_len) { if (!s || !b) { return -1; } if (s_len == 0) { return 0; } buffer_prepare_append(b, s_len); memcpy(b -> ptr + b -> used, s, s_len); b -> used += s_len; /* 不需要追加一个'\0' */ return 0; }
/** * 将无符号长整型value以16进制的形式追加到b中。 * 其中需要将value转化成对应的16进制字符串。 */ int buffer_append_long_hex(buffer *b, unsigned long value) { char *buf; int shift = 0; unsigned long copy = value; //计算十六进制表示的value的长度 while (copy) { copy >>= 4; shift++; } if (shift == 0) shift++; /* * 保证追加的字符串为偶数位。 * 如若不是偶数位,则在最前面加一个'0'. */ if (shift & 0x01) shift++; buffer_prepare_append(b, shift + 1);//最后一个'\0' if (b -> used == 0) b -> used++; //buf指向开始存放的位置 buf = b -> ptr + (b -> used - 1); b -> used += shift; /* * 每四位一组,转化value为十六进制形式的字符串 */ shift <<= 2; while (shift > 0) { shift -= 4; *(buf++) = hex_chars[(value >> shift) & 0x0F]; } *buf = '\0'; return 0; }
/* will NOT add trailing '\0' */ int buffer_append_printf(buffer_t * b, char *fmt, ...) { va_list ap; int len; if (!b) return -1; va_start(ap, fmt); len = vsnprintf(NULL, 0, fmt, ap); va_end(ap); va_start(ap, fmt); buffer_prepare_append(b, len); vsprintf(b->ptr + b->used, fmt, ap); va_end(ap); b->used += len; return 0; }
static int ssi_env_add_request_headers(server *srv, connection *con, plugin_data *p) { size_t i; for (i = 0; i < con->request.headers->used; i++) { data_string *ds; ds = (data_string *)con->request.headers->data[i]; if (ds->value->used && ds->key->used) { size_t j; buffer_reset(srv->tmp_buf); /* don't forward the Authorization: Header */ if (0 == strcasecmp(ds->key->ptr, "AUTHORIZATION")) { continue; } if (0 != strcasecmp(ds->key->ptr, "CONTENT-TYPE")) { buffer_copy_string(srv->tmp_buf, "HTTP_"); srv->tmp_buf->used--; } buffer_prepare_append(srv->tmp_buf, ds->key->used + 2); for (j = 0; j < ds->key->used - 1; j++) { char c = '_'; if (light_isalpha(ds->key->ptr[j])) { /* upper-case */ c = ds->key->ptr[j] & ~32; } else if (light_isdigit(ds->key->ptr[j])) { /* copy */ c = ds->key->ptr[j]; } srv->tmp_buf->ptr[srv->tmp_buf->used++] = c; } srv->tmp_buf->ptr[srv->tmp_buf->used] = '\0'; ssi_env_add(p->ssi_cgi_env, srv->tmp_buf->ptr, ds->value->ptr); } } return 0; }
int buffer_append_string_rfill(buffer *b, const char *s, size_t maxlen) { size_t s_len; if (!s || !b) return -1; s_len = strlen(s); if (s_len > maxlen) s_len = maxlen; buffer_prepare_append(b, maxlen + 1); if (b->used == 0) b->used++; memcpy(b->ptr + b->used - 1, s, s_len); if (maxlen > s_len) { memset(b->ptr + b->used - 1 + s_len, ' ', maxlen - s_len); } b->used += maxlen; b->ptr[b->used - 1] = '\0'; return 0; }
//追加off_t类型的val到b中。 //如果off_t的长度和long相同,则不需要下面的函数定义。 int buffer_append_off_t(buffer *b, off_t val) { char swap; char *end; char *start; int len = 1; if (!b) return -1; buffer_prepare_append(b, 32); if (b -> used == 0) b -> used++; start = b -> ptr + (b -> used - 1); if (val < 0) { len++; *(start++) = '-'; val = -val; } end = start; while (val > 9) { *(end++) = '0' + (val % 10); val = val / 10; } *(end) = '0' + val; *(end + 1) = '\0'; len += end - start; while (start < end) { swap = *end; *end = *start; *start = swap; start++; end--; } b -> used += len; return 0; }
//将s追加到b中 int buffer_append_string(buffer *b, const char *s) { size_t s_len; if (!s || !b) return -1; s_len = strlen(s); buffer_prepare_append(b, s_len + 1); /* * 如果buffer中原来有数据(字符串),那么最后一个字符是NULL, * 在复制的时候,要覆盖这个字符。 * 但当buffer为空时,就不需要覆盖NULL字符,因此,需要加一, * 以便和有数据的情况下处理相同。 */ if (b -> used == 0) b -> used++; //覆盖原来数据最后一个字符NULL,同时,也将s中的NULL复制到b中。 memcpy(b -> ptr + b -> used - 1, s, s_len + 1); b -> used += s_len; return 0; }
/** * 将字符串s以指定的编码方式存入b中。 * encoding指定编码的方式。 */ int buffer_append_string_encoded(buffer *b, const char *s, size_t s_len, buffer_encoding_t encoding) { unsigned char *ds, *d; size_t d_len, ndx; const char *map = NULL; if (!s || !b) return -1; //b中存放的不是亦'\0'结尾的字符串。报错。 if (b -> ptr[b -> used - 1] != '\0') { abort(); } if (s_len == 0) return 0; //根据编码方式,选择对应的编码数组,就是上面的那六个数组。 switch(encoding) { case ENCODING_REL_URI: map = encoded_chars_rel_uri; break; case ENCODING_REL_URI_PART: map = encoded_chars_rel_uri_part; break; case ENCODING_HTML: map = encoded_chars_html; break; case ENCODING_MINIMAL_XML: map = encoded_chars_minimal_xml; break; case ENCODING_HEX: map = encoded_chars_hex; break; case ENCODING_HTTP_HEADER: map = encoded_chars_http_header; break; case ENCODING_UNSET: break; } assert(map != NULL); /* * count to-be-encoded-characters * 计算经过编码转换后的字符串s的长度。 * 不同的编码方式,对与不同的字符,其转换后的字符长度不同。 */ for (ds = (unsigned char *)s, d_len = 0, ndx = 0; ndx < s_len; ds++, ndx++) { if (map[*ds]) { switch(encoding) { case ENCODING_REL_URI: case ENCODING_REL_URI_PART: d_len += 3; break; case ENCODING_HTML: case ENCODING_MINIMAL_XML: d_len += 6; break; case ENCODING_HTTP_HEADER: case ENCODING_HEX: d_len += 2; break; case ENCODING_UNSET: break; } } else //字符不需要转换 { d_len ++; } } buffer_prepare_append(b, d_len); //下面这个循环就是开始做实际的编码转换工作。 //ds指向字符串s中的字符。d指向b的数据去存放字符的位置。 for (ds = (unsigned char *)s, d = (unsigned char *)b -> ptr + b -> used - 1, d_len = 0, ndx = 0; ndx < s_len; ds++, ndx++) { if (map[*ds]) { switch(encoding) { case ENCODING_REL_URI: //此编码不需要转换 case ENCODING_REL_URI_PART: //将字符ASCII码转化成其对应的十六进制的形式,并在前面加上'%' d[d_len++] = '%'; d[d_len++] = hex_chars[((*ds) >> 4) & 0x0F]; d[d_len++] = hex_chars[(*ds) & 0x0F]; break; case ENCODING_HTML: //不需要转换 case ENCODING_MINIMAL_XML: //也是转换成ASCII编码的十六进制形式,前面要加上"&#x",尾随一个';' d[d_len++] = '&'; d[d_len++] = '#'; d[d_len++] = 'x'; d[d_len++] = hex_chars[((*ds) >> 4) & 0x0F]; d[d_len++] = hex_chars[(*ds) & 0x0F]; d[d_len++] = ';'; break; case ENCODING_HEX: //直接转换成ASCII码对应的十六进制。 d[d_len++] = hex_chars[((*ds) >> 4) & 0x0F]; d[d_len++] = hex_chars[(*ds) & 0x0F]; break; case ENCODING_HTTP_HEADER: //这个处理HTTP头中的换行,统一转换成'\n\t' d[d_len++] = *ds; d[d_len++] = '\t'; break; case ENCODING_UNSET: break; } } else { d[d_len++] = *ds; } }
static int cgi_create_env(server *srv, connection *con, plugin_data *p, buffer *cgi_handler) { pid_t pid; #ifdef HAVE_IPV6 char b2[INET6_ADDRSTRLEN + 1]; #endif int to_cgi_fds[2]; int from_cgi_fds[2]; struct stat st; #ifndef __WIN32 if (cgi_handler->used > 1) { /* stat the exec file */ if (-1 == (stat(cgi_handler->ptr, &st))) { log_error_write(srv, __FILE__, __LINE__, "sbss", "stat for cgi-handler", cgi_handler, "failed:", strerror(errno)); return -1; } } if (pipe(to_cgi_fds)) { log_error_write(srv, __FILE__, __LINE__, "ss", "pipe failed:", strerror(errno)); return -1; } if (pipe(from_cgi_fds)) { log_error_write(srv, __FILE__, __LINE__, "ss", "pipe failed:", strerror(errno)); return -1; } /* fork, execve */ switch (pid = fork()) { case 0: { /* child */ char **args; int argc; int i = 0; char buf[32]; size_t n; char_array env; char *c; const char *s; server_socket *srv_sock = con->srv_socket; /* move stdout to from_cgi_fd[1] */ close(STDOUT_FILENO); dup2(from_cgi_fds[1], STDOUT_FILENO); close(from_cgi_fds[1]); /* not needed */ close(from_cgi_fds[0]); /* move the stdin to to_cgi_fd[0] */ close(STDIN_FILENO); dup2(to_cgi_fds[0], STDIN_FILENO); close(to_cgi_fds[0]); /* not needed */ close(to_cgi_fds[1]); /* HACK: * this is not nice, but it works * * we feed the stderr of the CGI to our errorlog, if possible */ if (srv->errorlog_mode == ERRORLOG_FILE) { close(STDERR_FILENO); dup2(srv->errorlog_fd, STDERR_FILENO); } /* create environment */ env.ptr = NULL; env.size = 0; env.used = 0; cgi_env_add(&env, CONST_STR_LEN("SERVER_SOFTWARE"), CONST_STR_LEN(PACKAGE_NAME"/"PACKAGE_VERSION)); if (!buffer_is_empty(con->server_name)) { cgi_env_add(&env, CONST_STR_LEN("SERVER_NAME"), CONST_BUF_LEN(con->server_name)); } else { #ifdef HAVE_IPV6 s = inet_ntop(srv_sock->addr.plain.sa_family, srv_sock->addr.plain.sa_family == AF_INET6 ? (const void *) &(srv_sock->addr.ipv6.sin6_addr) : (const void *) &(srv_sock->addr.ipv4.sin_addr), b2, sizeof(b2)-1); #else s = inet_ntoa(srv_sock->addr.ipv4.sin_addr); #endif cgi_env_add(&env, CONST_STR_LEN("SERVER_NAME"), s, strlen(s)); } cgi_env_add(&env, CONST_STR_LEN("GATEWAY_INTERFACE"), CONST_STR_LEN("CGI/1.1")); s = get_http_version_name(con->request.http_version); cgi_env_add(&env, CONST_STR_LEN("SERVER_PROTOCOL"), s, strlen(s)); ltostr(buf, #ifdef HAVE_IPV6 ntohs(srv_sock->addr.plain.sa_family == AF_INET6 ? srv_sock->addr.ipv6.sin6_port : srv_sock->addr.ipv4.sin_port) #else ntohs(srv_sock->addr.ipv4.sin_port) #endif ); cgi_env_add(&env, CONST_STR_LEN("SERVER_PORT"), buf, strlen(buf)); #ifdef HAVE_IPV6 s = inet_ntop(srv_sock->addr.plain.sa_family, srv_sock->addr.plain.sa_family == AF_INET6 ? (const void *) &(srv_sock->addr.ipv6.sin6_addr) : (const void *) &(srv_sock->addr.ipv4.sin_addr), b2, sizeof(b2)-1); #else s = inet_ntoa(srv_sock->addr.ipv4.sin_addr); #endif cgi_env_add(&env, CONST_STR_LEN("SERVER_ADDR"), s, strlen(s)); s = get_http_method_name(con->request.http_method); cgi_env_add(&env, CONST_STR_LEN("REQUEST_METHOD"), s, strlen(s)); if (!buffer_is_empty(con->request.pathinfo)) { cgi_env_add(&env, CONST_STR_LEN("PATH_INFO"), CONST_BUF_LEN(con->request.pathinfo)); } cgi_env_add(&env, CONST_STR_LEN("REDIRECT_STATUS"), CONST_STR_LEN("200")); if (!buffer_is_empty(con->uri.query)) { cgi_env_add(&env, CONST_STR_LEN("QUERY_STRING"), CONST_BUF_LEN(con->uri.query)); } if (!buffer_is_empty(con->request.orig_uri)) { cgi_env_add(&env, CONST_STR_LEN("REQUEST_URI"), CONST_BUF_LEN(con->request.orig_uri)); } #ifdef HAVE_IPV6 s = inet_ntop(con->dst_addr.plain.sa_family, con->dst_addr.plain.sa_family == AF_INET6 ? (const void *) &(con->dst_addr.ipv6.sin6_addr) : (const void *) &(con->dst_addr.ipv4.sin_addr), b2, sizeof(b2)-1); #else s = inet_ntoa(con->dst_addr.ipv4.sin_addr); #endif cgi_env_add(&env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s)); ltostr(buf, #ifdef HAVE_IPV6 ntohs(con->dst_addr.plain.sa_family == AF_INET6 ? con->dst_addr.ipv6.sin6_port : con->dst_addr.ipv4.sin_port) #else ntohs(con->dst_addr.ipv4.sin_port) #endif ); cgi_env_add(&env, CONST_STR_LEN("REMOTE_PORT"), buf, strlen(buf)); if (!buffer_is_empty(con->authed_user)) { cgi_env_add(&env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user)); } /* request.content_length < SSIZE_MAX, see request.c */ ltostr(buf, con->request.content_length); cgi_env_add(&env, CONST_STR_LEN("CONTENT_LENGTH"), buf, strlen(buf)); cgi_env_add(&env, CONST_STR_LEN("SCRIPT_FILENAME"), CONST_BUF_LEN(con->physical.path)); cgi_env_add(&env, CONST_STR_LEN("SCRIPT_NAME"), CONST_BUF_LEN(con->uri.path)); cgi_env_add(&env, CONST_STR_LEN("DOCUMENT_ROOT"), CONST_BUF_LEN(con->physical.doc_root)); /* for valgrind */ if (NULL != (s = getenv("LD_PRELOAD"))) { cgi_env_add(&env, CONST_STR_LEN("LD_PRELOAD"), s, strlen(s)); } if (NULL != (s = getenv("LD_LIBRARY_PATH"))) { cgi_env_add(&env, CONST_STR_LEN("LD_LIBRARY_PATH"), s, strlen(s)); } #ifdef __CYGWIN__ /* CYGWIN needs SYSTEMROOT */ if (NULL != (s = getenv("SYSTEMROOT"))) { cgi_env_add(&env, CONST_STR_LEN("SYSTEMROOT"), s, strlen(s)); } #endif for (n = 0; n < con->request.headers->used; n++) { data_string *ds; ds = (data_string *)con->request.headers->data[n]; if (ds->value->used && ds->key->used) { size_t j; buffer_reset(p->tmp_buf); if (0 != strcasecmp(ds->key->ptr, "CONTENT-TYPE")) { buffer_copy_string(p->tmp_buf, "HTTP_"); p->tmp_buf->used--; /* strip \0 after HTTP_ */ } buffer_prepare_append(p->tmp_buf, ds->key->used + 2); for (j = 0; j < ds->key->used - 1; j++) { char cr = '_'; if (light_isalpha(ds->key->ptr[j])) { /* upper-case */ cr = ds->key->ptr[j] & ~32; } else if (light_isdigit(ds->key->ptr[j])) { /* copy */ cr = ds->key->ptr[j]; } p->tmp_buf->ptr[p->tmp_buf->used++] = cr; } p->tmp_buf->ptr[p->tmp_buf->used++] = '\0'; cgi_env_add(&env, CONST_BUF_LEN(p->tmp_buf), CONST_BUF_LEN(ds->value)); } } for (n = 0; n < con->environment->used; n++) { data_string *ds; ds = (data_string *)con->environment->data[n]; if (ds->value->used && ds->key->used) { size_t j; buffer_reset(p->tmp_buf); buffer_prepare_append(p->tmp_buf, ds->key->used + 2); for (j = 0; j < ds->key->used - 1; j++) { p->tmp_buf->ptr[p->tmp_buf->used++] = isalpha((unsigned char)ds->key->ptr[j]) ? toupper((unsigned char)ds->key->ptr[j]) : '_'; } p->tmp_buf->ptr[p->tmp_buf->used++] = '\0'; cgi_env_add(&env, CONST_BUF_LEN(p->tmp_buf), CONST_BUF_LEN(ds->value)); } } if (env.size == env.used) { env.size += 16; env.ptr = realloc(env.ptr, env.size * sizeof(*env.ptr)); } env.ptr[env.used] = NULL; /* set up args */ argc = 3; args = malloc(sizeof(*args) * argc); i = 0; if (cgi_handler->used > 1) { args[i++] = cgi_handler->ptr; } args[i++] = con->physical.path->ptr; args[i++] = NULL; /* search for the last / */ if (NULL != (c = strrchr(con->physical.path->ptr, '/'))) { *c = '\0'; /* change to the physical directory */ if (-1 == chdir(con->physical.path->ptr)) { log_error_write(srv, __FILE__, __LINE__, "ssb", "chdir failed:", strerror(errno), con->physical.path); } *c = '/'; } /* we don't need the client socket */ for (i = 3; i < 256; i++) { if (i != srv->errorlog_fd) close(i); } /* exec the cgi */ execve(args[0], args, env.ptr); log_error_write(srv, __FILE__, __LINE__, "sss", "CGI failed:", strerror(errno), args[0]); /* */ SEGFAULT(); break; } case -1: /* error */ log_error_write(srv, __FILE__, __LINE__, "ss", "fork failed:", strerror(errno)); break; default: { handler_ctx *hctx; /* father */ close(from_cgi_fds[1]); close(to_cgi_fds[0]); if (con->request.content_length) { chunkqueue *cq = con->request_content_queue; chunk *c; assert(chunkqueue_length(cq) == (off_t)con->request.content_length); /* there is content to send */ for (c = cq->first; c; c = cq->first) { int r = 0; /* copy all chunks */ switch(c->type) { case FILE_CHUNK: if (c->file.mmap.start == MAP_FAILED) { if (-1 == c->file.fd && /* open the file if not already open */ -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) { log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno)); close(from_cgi_fds[0]); close(to_cgi_fds[1]); return -1; } c->file.mmap.length = c->file.length; if (MAP_FAILED == (c->file.mmap.start = mmap(0, c->file.mmap.length, PROT_READ, MAP_SHARED, c->file.fd, 0))) { log_error_write(srv, __FILE__, __LINE__, "ssbd", "mmap failed: ", strerror(errno), c->file.name, c->file.fd); close(from_cgi_fds[0]); close(to_cgi_fds[1]); return -1; } close(c->file.fd); c->file.fd = -1; /* chunk_reset() or chunk_free() will cleanup for us */ } if ((r = write(to_cgi_fds[1], c->file.mmap.start + c->offset, c->file.length - c->offset)) < 0) { switch(errno) { case ENOSPC: con->http_status = 507; break; default: con->http_status = 403; break; } } break; case MEM_CHUNK: if ((r = write(to_cgi_fds[1], c->mem->ptr + c->offset, c->mem->used - c->offset - 1)) < 0) { switch(errno) { case ENOSPC: con->http_status = 507; break; default: con->http_status = 403; break; } } break; case UNUSED_CHUNK: break; } if (r > 0) { c->offset += r; cq->bytes_out += r; } else { break; } chunkqueue_remove_finished_chunks(cq); } } close(to_cgi_fds[1]); /* register PID and wait for them asyncronously */ con->mode = p->id; buffer_reset(con->physical.path); hctx = cgi_handler_ctx_init(); hctx->remote_conn = con; hctx->plugin_data = p; hctx->pid = pid; hctx->fd = from_cgi_fds[0]; hctx->fde_ndx = -1; con->plugin_ctx[p->id] = hctx; fdevent_register(srv->ev, hctx->fd, cgi_handle_fdevent, hctx); fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN); if (-1 == fdevent_fcntl_set(srv->ev, hctx->fd)) { log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl failed: ", strerror(errno)); fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd); fdevent_unregister(srv->ev, hctx->fd); log_error_write(srv, __FILE__, __LINE__, "sd", "cgi close:", hctx->fd); close(hctx->fd); cgi_handler_ctx_free(hctx); con->plugin_ctx[p->id] = NULL; return -1; } break; } } return 0; #else return -1; #endif }
static int proxy_demux_response(server *srv, handler_ctx *hctx) { int fin = 0; int b; ssize_t r; plugin_data *p = hctx->plugin_data; connection *con = hctx->remote_conn; int proxy_fd = hctx->fd; /* check how much we have to read */ if (ioctl(hctx->fd, FIONREAD, &b)) { log_error_write(srv, __FILE__, __LINE__, "sd", "ioctl failed: ", proxy_fd); return -1; } if (p->conf.debug) { log_error_write(srv, __FILE__, __LINE__, "sd", "proxy - have to read:", b); } if (b > 0) { if (hctx->response->used == 0) { /* avoid too small buffer */ buffer_prepare_append(hctx->response, b + 1); hctx->response->used = 1; } else { buffer_prepare_append(hctx->response, b); } if (-1 == (r = read(hctx->fd, hctx->response->ptr + hctx->response->used - 1, b))) { if (errno == EAGAIN) return 0; log_error_write(srv, __FILE__, __LINE__, "sds", "unexpected end-of-file (perhaps the proxy process died):", proxy_fd, strerror(errno)); return -1; } /* this should be catched by the b > 0 above */ assert(r); hctx->response->used += r; hctx->response->ptr[hctx->response->used - 1] = '\0'; #if 0 log_error_write(srv, __FILE__, __LINE__, "sdsbs", "demux: Response buffer len", hctx->response->used, ":", hctx->response, ":"); #endif if (0 == con->got_response) { con->got_response = 1; buffer_prepare_copy(hctx->response_header, 128); } if (0 == con->file_started) { char *c; /* search for the \r\n\r\n in the string */ if (NULL != (c = buffer_search_string_len(hctx->response, "\r\n\r\n", 4))) { size_t hlen = c - hctx->response->ptr + 4; size_t blen = hctx->response->used - hlen - 1; /* found */ buffer_append_string_len(hctx->response_header, hctx->response->ptr, c - hctx->response->ptr + 4); #if 0 log_error_write(srv, __FILE__, __LINE__, "sb", "Header:", hctx->response_header); #endif /* parse the response header */ proxy_response_parse(srv, con, p, hctx->response_header); /* enable chunked-transfer-encoding */ if (con->request.http_version == HTTP_VERSION_1_1 && !(con->parsed_response & HTTP_CONTENT_LENGTH)) { con->response.transfer_encoding = HTTP_TRANSFER_ENCODING_CHUNKED; } con->file_started = 1; if (blen) { http_chunk_append_mem(srv, con, c + 4, blen + 1); } hctx->response->used = 0; joblist_append(srv, con); } } else { http_chunk_append_mem(srv, con, hctx->response->ptr, hctx->response->used); joblist_append(srv, con); hctx->response->used = 0; } } else { /* reading from upstream done */ con->file_finished = 1; http_chunk_append_mem(srv, con, NULL, 0); joblist_append(srv, con); fin = 1; } return fin; }
static int cgi_create_env(server *srv, connection *con, plugin_data *p, buffer *cgi_handler) { pid_t pid; int to_cgi_fds[2]; int from_cgi_fds[2]; int from_cgi_err_fds[2]; struct stat st; #ifndef _WIN32 if (cgi_handler && cgi_handler->used > 1) { /* stat the exec file */ if (-1 == (stat(cgi_handler->ptr, &st))) { log_error_write(srv, __FILE__, __LINE__, "sbss", "stat for cgi-handler", cgi_handler, "failed:", strerror(errno)); return -1; } } if (pipe(to_cgi_fds)) { log_error_write(srv, __FILE__, __LINE__, "ss", "pipe failed:", strerror(errno)); return -1; } if (pipe(from_cgi_fds)) { close(to_cgi_fds[0]); close(to_cgi_fds[1]); log_error_write(srv, __FILE__, __LINE__, "ss", "pipe failed:", strerror(errno)); return -1; } if (pipe(from_cgi_err_fds)) { close(to_cgi_fds[0]); close(to_cgi_fds[1]); close(from_cgi_fds[0]); close(from_cgi_fds[1]); log_error_write(srv, __FILE__, __LINE__, "ss", "pipe failed:", strerror(errno)); return -1; } /* fork, execve */ switch (pid = fork()) { case 0: { /* child */ char **args; int argc; int i = 0; char buf[32]; size_t n; char_array env; char *c; const char *s; server_socket *srv_sock = con->srv_socket; /* move stdout to from_cgi_fd[1] */ close(STDOUT_FILENO); dup2(from_cgi_fds[1], STDOUT_FILENO); close(from_cgi_fds[1]); /* not needed */ close(from_cgi_fds[0]); /* move stderr to from_cgi_err_fd[1] */ close(STDERR_FILENO); dup2(from_cgi_err_fds[1], STDERR_FILENO); close(from_cgi_err_fds[1]); /* not needed */ close(from_cgi_err_fds[0]); /* move the stdin to to_cgi_fd[0] */ close(STDIN_FILENO); dup2(to_cgi_fds[0], STDIN_FILENO); close(to_cgi_fds[0]); /* not needed */ close(to_cgi_fds[1]); /* create environment */ env.ptr = NULL; env.size = 0; env.used = 0; cgi_env_add(&env, CONST_STR_LEN("SERVER_SOFTWARE"), CONST_STR_LEN(PACKAGE_NAME"/"PACKAGE_VERSION)); s = sock_addr_to_p(srv, &srv_sock->addr); cgi_env_add(&env, CONST_STR_LEN("SERVER_ADDR"), s, strlen(s)); /* !!! careful: s maybe reused for SERVER_NAME !!! */ if (!buffer_is_empty(con->server_name)) { size_t len = con->server_name->used - 1; char *colon = strchr(con->server_name->ptr, ':'); if (colon) len = colon - con->server_name->ptr; cgi_env_add(&env, CONST_STR_LEN("SERVER_NAME"), con->server_name->ptr, len); } else { /* use SERVER_ADDR */ cgi_env_add(&env, CONST_STR_LEN("SERVER_NAME"), s, strlen(s)); } cgi_env_add(&env, CONST_STR_LEN("GATEWAY_INTERFACE"), CONST_STR_LEN("CGI/1.1")); s = get_http_version_name(con->request.http_version); cgi_env_add(&env, CONST_STR_LEN("SERVER_PROTOCOL"), s, strlen(s)); LI_ltostr(buf, sock_addr_get_port(&srv_sock->addr)); cgi_env_add(&env, CONST_STR_LEN("SERVER_PORT"), buf, strlen(buf)); s = get_http_method_name(con->request.http_method); cgi_env_add(&env, CONST_STR_LEN("REQUEST_METHOD"), s, strlen(s)); if (!buffer_is_empty(con->request.pathinfo)) { cgi_env_add(&env, CONST_STR_LEN("PATH_INFO"), CONST_BUF_LEN(con->request.pathinfo)); } cgi_env_add(&env, CONST_STR_LEN("REDIRECT_STATUS"), CONST_STR_LEN("200")); if (!buffer_is_empty(con->uri.query)) { cgi_env_add(&env, CONST_STR_LEN("QUERY_STRING"), CONST_BUF_LEN(con->uri.query)); } else { /* set a empty QUERY_STRING */ cgi_env_add(&env, CONST_STR_LEN("QUERY_STRING"), CONST_STR_LEN("")); } if (!buffer_is_empty(con->request.orig_uri)) { cgi_env_add(&env, CONST_STR_LEN("REQUEST_URI"), CONST_BUF_LEN(con->request.orig_uri)); } s = sock_addr_to_p(srv, &con->dst_addr); cgi_env_add(&env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s)); LI_ltostr(buf, sock_addr_get_port(&con->dst_addr)); cgi_env_add(&env, CONST_STR_LEN("REMOTE_PORT"), buf, strlen(buf)); if (!buffer_is_empty(con->authed_user)) { cgi_env_add(&env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user)); } #ifdef USE_OPENSSL if (srv_sock->is_ssl) { cgi_env_add(&env, CONST_STR_LEN("HTTPS"), CONST_STR_LEN("on")); } #endif /* request.content_length < SSIZE_MAX, see request.c */ if (con->request.content_length > 0) { LI_ltostr(buf, con->request.content_length); cgi_env_add(&env, CONST_STR_LEN("CONTENT_LENGTH"), buf, strlen(buf)); } cgi_env_add(&env, CONST_STR_LEN("SCRIPT_FILENAME"), CONST_BUF_LEN(con->physical.path)); cgi_env_add(&env, CONST_STR_LEN("SCRIPT_NAME"), CONST_BUF_LEN(con->uri.path)); cgi_env_add(&env, CONST_STR_LEN("DOCUMENT_ROOT"), CONST_BUF_LEN(con->physical.doc_root)); /* for valgrind */ if (NULL != (s = getenv("LD_PRELOAD"))) { cgi_env_add(&env, CONST_STR_LEN("LD_PRELOAD"), s, strlen(s)); } if (NULL != (s = getenv("LD_LIBRARY_PATH"))) { cgi_env_add(&env, CONST_STR_LEN("LD_LIBRARY_PATH"), s, strlen(s)); } #ifdef __CYGWIN__ /* CYGWIN needs SYSTEMROOT */ if (NULL != (s = getenv("SYSTEMROOT"))) { cgi_env_add(&env, CONST_STR_LEN("SYSTEMROOT"), s, strlen(s)); } #endif for (n = 0; n < con->request.headers->used; n++) { data_string *ds; ds = (data_string *)con->request.headers->data[n]; if (ds->value->used && ds->key->used) { size_t j; buffer_reset(p->tmp_buf); if (0 != strcasecmp(ds->key->ptr, "CONTENT-TYPE")) { buffer_copy_string_len(p->tmp_buf, CONST_STR_LEN("HTTP_")); p->tmp_buf->used--; /* strip \0 after HTTP_ */ } buffer_prepare_append(p->tmp_buf, ds->key->used + 2); for (j = 0; j < ds->key->used - 1; j++) { char cr = '_'; if (light_isalpha(ds->key->ptr[j])) { /* upper-case */ cr = ds->key->ptr[j] & ~32; } else if (light_isdigit(ds->key->ptr[j])) { /* copy */ cr = ds->key->ptr[j]; } p->tmp_buf->ptr[p->tmp_buf->used++] = cr; } p->tmp_buf->ptr[p->tmp_buf->used++] = '\0'; cgi_env_add(&env, CONST_BUF_LEN(p->tmp_buf), CONST_BUF_LEN(ds->value)); } } for (n = 0; n < con->environment->used; n++) { data_string *ds; ds = (data_string *)con->environment->data[n]; if (ds->value->used && ds->key->used) { size_t j; buffer_reset(p->tmp_buf); buffer_prepare_append(p->tmp_buf, ds->key->used + 2); for (j = 0; j < ds->key->used - 1; j++) { char cr = '_'; if (light_isalpha(ds->key->ptr[j])) { /* upper-case */ cr = ds->key->ptr[j] & ~32; } else if (light_isdigit(ds->key->ptr[j])) { /* copy */ cr = ds->key->ptr[j]; } p->tmp_buf->ptr[p->tmp_buf->used++] = cr; } p->tmp_buf->ptr[p->tmp_buf->used++] = '\0'; cgi_env_add(&env, CONST_BUF_LEN(p->tmp_buf), CONST_BUF_LEN(ds->value)); } } if (env.size == env.used) { env.size += 16; env.ptr = realloc(env.ptr, env.size * sizeof(*env.ptr)); } env.ptr[env.used] = NULL; /* set up args */ argc = 3; args = malloc(sizeof(*args) * argc); i = 0; if (cgi_handler && cgi_handler->used > 1) { args[i++] = cgi_handler->ptr; } args[i++] = con->physical.path->ptr; args[i++] = NULL; /* search for the last / */ if (NULL != (c = strrchr(con->physical.path->ptr, '/'))) { *c = '\0'; /* change to the physical directory */ if (-1 == chdir(con->physical.path->ptr)) { log_error_write(srv, __FILE__, __LINE__, "ssb", "chdir failed:", strerror(errno), con->physical.path); } *c = '/'; } /* we don't need the client socket */ for (i = 3; i < 256; i++) { close(i); } /* exec the cgi */ execve(args[0], args, env.ptr); /* */ SEGFAULT("execve(%s) failed: %s", args[0], strerror(errno)); break; } case -1: /* error */ ERROR("fork() failed: %s", strerror(errno)); close(to_cgi_fds[0]); close(to_cgi_fds[1]); close(from_cgi_fds[0]); close(from_cgi_fds[1]); close(from_cgi_err_fds[0]); close(from_cgi_err_fds[1]); return -1; break; default: { cgi_session *sess; /* father */ close(from_cgi_fds[1]); close(from_cgi_err_fds[1]); close(to_cgi_fds[0]); /* register PID and wait for them asyncronously */ con->mode = p->id; buffer_reset(con->physical.path); sess = cgi_session_init(); sess->remote_con = con; sess->pid = pid; assert(sess->sock); sess->sock->fd = from_cgi_fds[0]; sess->sock->type = IOSOCKET_TYPE_PIPE; sess->sock_err->fd = from_cgi_err_fds[0]; sess->sock_err->type = IOSOCKET_TYPE_PIPE; sess->wb_sock->fd = to_cgi_fds[1]; sess->wb_sock->type = IOSOCKET_TYPE_PIPE; if (-1 == fdevent_fcntl_set(srv->ev, sess->sock)) { log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl failed: ", strerror(errno)); cgi_session_free(sess); return -1; } if (-1 == fdevent_fcntl_set(srv->ev, sess->sock_err)) { log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl failed: ", strerror(errno)); cgi_session_free(sess); return -1; } con->plugin_ctx[p->id] = sess; fdevent_register(srv->ev, sess->sock, cgi_handle_fdevent, sess); fdevent_event_add(srv->ev, sess->sock, FDEVENT_IN); fdevent_register(srv->ev, sess->sock_err, cgi_handle_err_fdevent, sess); fdevent_event_add(srv->ev, sess->sock_err, FDEVENT_IN); sess->state = CGI_STATE_READ_RESPONSE_HEADER; break; } } return 0; #else return -1; #endif }
int buffer_append_string_encoded(buffer *b, const char *s, size_t s_len, buffer_encoding_t encoding) { unsigned char *ds, *d; size_t d_len, ndx; const char *map = NULL; if (!s || !b) return -1; if (b->ptr[b->used - 1] != '\0') { SEGFAULT(); } if (s_len == 0) return 0; switch(encoding) { case ENCODING_REL_URI: map = encoded_chars_rel_uri; break; case ENCODING_REL_URI_PART: map = encoded_chars_rel_uri_part; break; case ENCODING_HTML: map = encoded_chars_html; break; case ENCODING_MINIMAL_XML: map = encoded_chars_minimal_xml; break; case ENCODING_HEX: map = encoded_chars_hex; break; case ENCODING_HTTP_HEADER: map = encoded_chars_http_header; break; case ENCODING_UNSET: break; } assert(map != NULL); /* count to-be-encoded-characters */ for (ds = (unsigned char *)s, d_len = 0, ndx = 0; ndx < s_len; ds++, ndx++) { if (map[*ds]) { switch(encoding) { case ENCODING_REL_URI: case ENCODING_REL_URI_PART: d_len += 3; break; case ENCODING_HTML: case ENCODING_MINIMAL_XML: d_len += 6; break; case ENCODING_HTTP_HEADER: case ENCODING_HEX: d_len += 2; break; case ENCODING_UNSET: break; } } else { d_len ++; } } buffer_prepare_append(b, d_len); for (ds = (unsigned char *)s, d = (unsigned char *)b->ptr + b->used - 1, d_len = 0, ndx = 0; ndx < s_len; ds++, ndx++) { if (map[*ds]) { switch(encoding) { case ENCODING_REL_URI: case ENCODING_REL_URI_PART: d[d_len++] = '%'; d[d_len++] = hex_chars[((*ds) >> 4) & 0x0F]; d[d_len++] = hex_chars[(*ds) & 0x0F]; break; case ENCODING_HTML: case ENCODING_MINIMAL_XML: d[d_len++] = '&'; d[d_len++] = '#'; d[d_len++] = 'x'; d[d_len++] = hex_chars[((*ds) >> 4) & 0x0F]; d[d_len++] = hex_chars[(*ds) & 0x0F]; d[d_len++] = ';'; break; case ENCODING_HEX: d[d_len++] = hex_chars[((*ds) >> 4) & 0x0F]; d[d_len++] = hex_chars[(*ds) & 0x0F]; break; case ENCODING_HTTP_HEADER: d[d_len++] = *ds; d[d_len++] = '\t'; break; case ENCODING_UNSET: break; } } else { d[d_len++] = *ds; } }