int write_body(request * req) { int bytes_written, bytes_to_write = req->header_end - req->header_line; if (bytes_to_write == 0) { /* nothing left in buffer to write */ req->header_line = req->header_end = req->buffer; if (req->cgi_status == CGI_CLOSE || req->filepos >= req->filesize) return init_cgi(req); /* init_cgi should change status approp. */ /* if here, we can safely assume that there is more to read */ req->status = BODY_READ; return 1; } bytes_written = write(req->post_data_fd, req->header_line, bytes_to_write); if (bytes_written == -1) if (errno == EWOULDBLOCK || errno == EAGAIN) return -1; /* request blocked at the pipe level, but keep going */ else { #if 0 boa_perror(req, "write body"); /* OK to disable if your logs get too big */ #endif return -2; /* exit and error */ } req->header_line += bytes_written; return 1; /* more to do */ }
int get_cachedir_file(request * req, struct stat *statbuf) { char pathname_with_index[MAX_PATH_LENGTH]; int data_fd; time_t real_dir_mtime; real_dir_mtime = statbuf->st_mtime; sprintf(pathname_with_index, "%s/dir.%d.%ld", cachedir, (int) statbuf->st_dev, statbuf->st_ino); data_fd = open(pathname_with_index, O_RDONLY); if (data_fd != -1) { fstat(data_fd, statbuf); if (statbuf->st_mtime > real_dir_mtime) { statbuf->st_mtime = real_dir_mtime; strcpy(req->request_uri, directory_index); return data_fd; } close(data_fd); unlink(pathname_with_index); } if (index_directory(req, pathname_with_index) == -1) return -1; data_fd = open(pathname_with_index, O_RDONLY); if (data_fd != -1) { strcpy(req->request_uri, directory_index); fstat(data_fd, statbuf); statbuf->st_mtime = real_dir_mtime; return data_fd; } boa_perror(req, "re-opening dircache"); return -1; }
int get_cachedir_file(request * req, struct stat *statbuf) { char pathname_with_index[MAX_PATH_LENGTH]; int data_fd; time_t real_dir_mtime; real_dir_mtime = statbuf->st_mtime; sprintf(pathname_with_index, "%s/dir.%d.%ld", cachedir, (int) statbuf->st_dev, statbuf->st_ino); data_fd = open(pathname_with_index, O_RDONLY); if (data_fd != -1) { /* index cache */ fstat(data_fd, statbuf); if (statbuf->st_mtime > real_dir_mtime) { statbuf->st_mtime = real_dir_mtime; /* lie */ strcpy(req->request_uri, directory_index); /* for mimetype */ return data_fd; } close(data_fd); unlink(pathname_with_index); /* cache is stale, delete it */ } if (index_directory(req, pathname_with_index) == -1) return -1; data_fd = open(pathname_with_index, O_RDONLY); /* Last chance */ if (data_fd != -1) { strcpy(req->request_uri, directory_index); /* for mimetype */ fstat(data_fd, statbuf); statbuf->st_mtime = real_dir_mtime; /* lie */ return data_fd; } boa_perror(req, "re-opening dircache"); return -1; /* Nothing worked. */ }
int init_get(request * req) { int data_fd, saved_errno; struct stat statbuf; volatile off_t bytes_free; data_fd = open(req->pathname, O_RDONLY|O_LARGEFILE); saved_errno = errno; /* might not get used */ while (use_lang_rewrite && data_fd == -1 && errno == ENOENT) { /* We cannot open that file - Check whether we can rewrite it * to a different language suffix. We only support filenames * of the format: "foo.ll.html" as an alias for "foo.html". */ unsigned int len; len = strlen(req->pathname); if (len < 6 || strcmp (req->pathname + len - 5, ".html")) break; /* does not end in ".html" */ if (len > 8 && req->pathname[len-8] == '.' && req->pathname[len-7] >= 'a' && req->pathname[len-7] <= 'z' && req->pathname[len-6] >= 'a' && req->pathname[len-6] <= 'z') { /* The request was for a language dependent file. Strip * it and try the generic form. */ char save_name[8]; strcpy (save_name, req->pathname + len - 7); strcpy (req->pathname + len - 7, "html"); data_fd = open(req->pathname, O_RDONLY); if (data_fd == -1) strcpy (req->pathname + len - 7, save_name); break; } else if ( 0 ) { /* Fixme: Other items to try from the list of accepted_languages */ data_fd = open(req->pathname, O_RDONLY); } else break; } #ifdef GUNZIP if (data_fd == -1 && errno == ENOENT) { /* cannot open */ /* it's either a gunzipped file or a directory */ char gzip_pathname[MAX_PATH_LENGTH]; unsigned int len; len = strlen(req->pathname); if (len + 4 > sizeof(gzip_pathname)) { log_error_doc(req); fprintf(stderr, "Pathname + .gz too long! (%s)\n", req->pathname); send_r_bad_request(req); return 0; } memcpy(gzip_pathname, req->pathname, len); memcpy(gzip_pathname + len, ".gz", 3); gzip_pathname[len + 3] = '\0'; data_fd = open(gzip_pathname, O_RDONLY|O_LARGEFILE); if (data_fd != -1) { close(data_fd); req->response_status = R_REQUEST_OK; if (req->pathname) free(req->pathname); req->pathname = strdup(gzip_pathname); if (!req->pathname) { boa_perror(req, "strdup req->pathname for gzipped filename " __FILE__ ":" STR(__LINE__)); return 0; } if (req->http_version != HTTP09) { req_write(req, http_ver_string(req->http_version)); req_write(req, " 200 OK-GUNZIP" CRLF); print_http_headers(req); print_content_type(req); print_last_modified(req); req_write(req, CRLF); req_flush(req); } if (req->method == M_HEAD) return 0; return init_cgi(req); } } #endif if (data_fd == -1) { log_error_doc(req); errno = saved_errno; perror("document open"); if (saved_errno == ENOENT) send_r_not_found(req); else if (saved_errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); return 0; } #ifdef ACCESS_CONTROL if (!access_allow(req->pathname)) { send_r_forbidden(req); return 0; } #endif fstat(data_fd, &statbuf); if (S_ISDIR(statbuf.st_mode)) { /* directory */ close(data_fd); /* close dir */ if (req->pathname[strlen(req->pathname) - 1] != '/') { char buffer[3 * MAX_PATH_LENGTH + 128]; unsigned int len; #ifdef ALLOW_LOCAL_REDIRECT len = strlen(req->request_uri); if (len + 2 > sizeof(buffer)) { send_r_error(req); return 0; } memcpy(buffer, req->request_uri, len); buffer[len] = '/'; buffer[len+1] = '\0'; #else char *host = server_name; unsigned int l2; char *port = NULL; const char *prefix = hsts_header? "https://" : "http://"; static unsigned int l3 = 0; static unsigned int l4 = 0; if (l4 == 0) { l4 = strlen(prefix); } len = strlen(req->request_uri); if (!port && server_port != 80 && !no_redirect_port) { port = strdup(simple_itoa(server_port)); if (port == NULL) { errno = ENOMEM; boa_perror(req, "Unable to perform simple_itoa conversion on server port!"); return 0; } l3 = strlen(port); } /* l3 and l4 are done */ if (req->host) { /* only shows up in vhost mode */ /* what about the port? (in vhost_mode?) */ /* we don't currently report ports that differ * from out "bound" (listening) port, so we don't care */ host = req->host; } l2 = strlen(host); if (server_port != 80 && !no_redirect_port) { if (l4 + l2 + 1 + l3 + len + 1 > sizeof(buffer)) { errno = ENOMEM; boa_perror(req, "buffer not large enough for directory redirect"); return 0; } memcpy(buffer, prefix, l4); memcpy(buffer + l4, host, l2); buffer[l4 + l2] = ':'; memcpy(buffer + l4 + l2 + 1, port, l3); memcpy(buffer + l4 + l2 + 1 + l3, req->request_uri, len); buffer[l4 + l2 + 1 + l3 + len] = '/'; buffer[l4 + l2 + 1 + l3 + len + 1] = '\0'; } else { if (l4 + l2 + len + 1 > sizeof(buffer)) { errno = ENOMEM; boa_perror(req, "buffer not large enough for directory redirect"); return 0; } memcpy(buffer, prefix, l4); memcpy(buffer + l4, host, l2); memcpy(buffer + l4 + l2, req->request_uri, len); buffer[l4 + l2 + len] = '/'; buffer[l4 + l2 + len + 1] = '\0'; } #endif /* ALLOW LOCAL REDIRECT */ send_r_moved_perm(req, buffer); return 0; } data_fd = get_dir(req, &statbuf); /* updates statbuf */ if (data_fd < 0) /* couldn't do it */ return 0; /* errors reported by get_dir */ else if (data_fd == 0 || data_fd == 1) return data_fd; /* else, data_fd contains the fd of the file... */ } if (!S_ISREG(statbuf.st_mode)) { /* regular file */ log_error_doc(req); fprintf(stderr, "Resulting file is not a regular file.\n"); send_r_bad_request(req); close(data_fd); return 0; } /* If-UnModified-Since asks * is the file newer than date located in time_cval * yes -> return 412 * no -> return 200 * * If-Modified-Since asks * is the file date less than or same as the date located in time_cval * yes -> return 304 * no -> return 200 * * If-Unmodified-Since overrides If-Modified-Since */ /* if (req->headers[H_IF_UNMODIFIED_SINCE] && modified_since(&(statbuf.st_mtime), req->headers[H_IF_UNMODIFIED_SINCE])) { send_r_precondition_failed(req); return 0; } else */ if (req->if_modified_since && !modified_since(&(statbuf.st_mtime), req->if_modified_since)) { send_r_not_modified(req); close(data_fd); return 0; } req->filesize = statbuf.st_size; req->last_modified = statbuf.st_mtime; /* ignore if-range without range */ if (req->header_ifrange && !req->ranges) req->header_ifrange = NULL; /* we don't support it yet */ req->header_ifrange = NULL; /* parse ranges now */ /* we have to wait until req->filesize exists to fix them up */ /* fixup handles handles communicating with the client */ /* ranges_fixup logs as appropriate, and sends * send_r_invalid_range on error. */ if (req->filesize == 0) { if (req->http_version < HTTP11) { send_r_request_ok(req); close(data_fd); return 0; } send_r_no_content(req); close(data_fd); return 0; } if (req->ranges && !ranges_fixup(req)) { close(data_fd); return 0; } /* if no range has been set, use default range */ #if 0 DEBUG(DEBUG_RANGE) { log_error_time(); fprintf(stderr, "if-range: %s\time_cval: %d\tmtime: %d\n", req->header_ifrange, req->time_cval, statbuf->st_mtime); } #endif /* If the entity tag given in the If-Range header matches the current entity tag for the entity, then the server should provide the specified sub-range of the entity using a 206 (Partial content) response. If the entity tag does not match, then the server should return the entire entity using a 200 (OK) response. */ /* IF we have range data *and* no if-range or if-range matches... */ #ifdef MAX_FILE_MMAP if (req->filesize > MAX_FILE_MMAP) { req->data_fd = data_fd; req->status = IOSHUFFLE; } else #endif { /* NOTE: I (Jon Nelson) tried performing a read(2) * into the output buffer provided the file data would * fit, before mmapping, and if successful, writing that * and stopping there -- all to avoid the cost * of a mmap. Oddly, it was *slower* in benchmarks. */ req->mmap_entry_var = find_mmap(data_fd, &statbuf); if (req->mmap_entry_var == NULL) { req->data_fd = data_fd; req->status = IOSHUFFLE; } else { req->data_mem = req->mmap_entry_var->mmap; close(data_fd); /* close data file */ } } if (!req->ranges) { req->ranges = range_pool_pop(); req->ranges->start = 0; req->ranges->stop = -1; if (!ranges_fixup(req)) { return 0; } send_r_request_ok(req); } else { /* FIXME: support if-range header here, by the following logic: * if !req->header_ifrange || st_mtime > header_ifrange, * send_r_partial_content * else * reset-ranges, etc... */ if (!req->header_ifrange) { send_r_partial_content(req); } else { /* either no if-range or the if-range does not match */ ranges_reset(req); req->ranges = range_pool_pop(); req->ranges->start = 0; req->ranges->stop = -1; if (!ranges_fixup(req)) { return 0; } send_r_request_ok(req); } } if (req->method == M_HEAD) { return complete_response(req); } bytes_free = 0; if (req->data_mem) { /* things can really go tilt if req->buffer_end > BUFFER_SIZE, * but basically that can't happen */ /* We lose statbuf here, so make sure response has been sent */ bytes_free = BUFFER_SIZE - req->buffer_end; /* 256 bytes for the **trailing** headers */ /* bytes is now how much the buffer can hold * after the headers */ } if (req->data_mem && bytes_free > 256) { unsigned int want; Range *r; r = req->ranges; want = (r->stop - r->start) + 1; if (bytes_free > want) bytes_free = want; else { /* bytes_free <= want */ ; } if (setjmp(env) == 0) { handle_sigbus = 1; memcpy(req->buffer + req->buffer_end, req->data_mem + r->start, bytes_free); handle_sigbus = 0; /* OK, SIGBUS **after** this point is very bad! */ } else { /* sigbus! */ log_error_doc(req); reset_output_buffer(req); send_r_error(req); log_error("Got SIGBUS in memcpy\n"); return 0; } req->buffer_end += bytes_free; req->bytes_written += bytes_free; r->start += bytes_free; if (bytes_free == want) { /* this will fit due to the 256 extra bytes_free */ return complete_response(req); } } /* We lose statbuf here, so make sure response has been sent */ return 1; }
int process_get(request * req) { off_t bytes_written; volatile off_t bytes_to_write; if (req->method == M_HEAD) { return complete_response(req); } bytes_to_write = (req->ranges->stop - req->ranges->start) + 1; if (bytes_to_write > system_bufsize) bytes_to_write = system_bufsize; if (setjmp(env) == 0) { handle_sigbus = 1; bytes_written = write(req->fd, req->data_mem + req->ranges->start, bytes_to_write); handle_sigbus = 0; /* OK, SIGBUS **after** this point is very bad! */ } else { /* sigbus! */ req->status = DEAD; log_error_doc(req); fprintf(stderr, "%sGot SIGBUS in write(2)!\n", get_commonlog_time()); /* sending an error here is inappropriate * if we are here, the file is mmapped, and thus, * a content-length has been sent. If we send fewer bytes * the client knows there has been a problem. * We run the risk of accidentally sending the right number * of bytes (or a few too many) and the client * won't be the wiser. */ return 0; } if (bytes_written < 0) { if (errno == EWOULDBLOCK || errno == EAGAIN) return -1; /* request blocked at the pipe level, but keep going */ else { #ifdef QUIET_DISCONNECT if (errno != EPIPE) { #else if (1) { #endif log_error_doc(req); /* Can generate lots of log entries, */ perror("write"); /* OK to disable if your logs get too big */ } req->status = DEAD; return 0; } } req->bytes_written += bytes_written; req->ranges->start += bytes_written; if ((req->ranges->stop + 1 - req->ranges->start) == 0) { return complete_response(req); } return 1; /* more to do */ } /* * Name: get_dir * Description: Called from process_get if the request is a directory. * statbuf must describe directory on input, since we may need its * device, inode, and mtime. * statbuf is updated, since we may need to check mtimes of a cache. * returns: * -1 error * 0 cgi (either gunzip or auto-generated) * >0 file descriptor of file */ int get_dir(request * req, struct stat *statbuf) { char pathname_with_index[MAX_PATH_LENGTH]; int data_fd; if (directory_index) { /* look for index.html first?? */ unsigned int l1, l2; l1 = strlen(req->pathname); l2 = strlen(directory_index); #ifdef GUNZIP if (l1 + l2 + 3 + 1 > sizeof(pathname_with_index)) { /* for .gz */ #else if (l1 + l2 + 1 > sizeof(pathname_with_index)) { #endif errno = ENOMEM; boa_perror(req, "pathname_with_index not large enough for pathname + index"); return -1; } memcpy(pathname_with_index, req->pathname, l1); /* doesn't copy NUL */ memcpy(pathname_with_index + l1, directory_index, l2 + 1); /* does */ data_fd = open(pathname_with_index, O_RDONLY|O_LARGEFILE); if (data_fd != -1) { /* user's index file */ /* We have to assume that directory_index will fit, because * if it doesn't, well, that's a huge configuration problem. * this is only the 'index.html' pathname for mime type */ memcpy(req->request_uri, directory_index, l2 + 1); /* for mimetype */ fstat(data_fd, statbuf); return data_fd; } if (errno == EACCES) { send_r_forbidden(req); return -1; } else if (errno != ENOENT) { /* if there is an error *other* than EACCES or ENOENT */ send_r_not_found(req); return -1; } #ifdef GUNZIP /* if we are here, trying index.html didn't work * try index.html.gz */ strcat(pathname_with_index, ".gz"); data_fd = open(pathname_with_index, O_RDONLY|O_LARGEFILE); if (data_fd != -1) { /* user's index file */ close(data_fd); req->response_status = R_REQUEST_OK; SQUASH_KA(req); if (req->pathname) free(req->pathname); req->pathname = strdup(pathname_with_index); if (!req->pathname) { boa_perror(req, "strdup of pathname_with_index for .gz files " __FILE__ ":" STR(__LINE__)); return 0; } if (req->http_version != HTTP09) { req_write(req, http_ver_string(req->http_version)); req_write(req, " 200 OK-GUNZIP" CRLF); print_http_headers(req); print_last_modified(req); req_write(req, "Content-Type: "); req_write(req, get_mime_type(directory_index)); req_write(req, CRLF CRLF); req_flush(req); } if (req->method == M_HEAD) return 0; return init_cgi(req); } #endif } /* only here if index.html, index.html.gz don't exist */ if (dirmaker != NULL) { /* don't look for index.html... maybe automake? */ req->response_status = R_REQUEST_OK; SQUASH_KA(req); /* the indexer should take care of all headers */ if (req->http_version != HTTP09) { req_write(req, http_ver_string(req->http_version)); req_write(req, " 200 OK" CRLF); print_http_headers(req); print_last_modified(req); req_write(req, "Content-Type: text/html" CRLF CRLF); req_flush(req); } if (req->method == M_HEAD) return 0; return init_cgi(req); /* in this case, 0 means success */ } else if (cachedir) { return get_cachedir_file(req, statbuf); } else { /* neither index.html nor autogenerate are allowed */ send_r_forbidden(req); return -1; /* nothing worked */ } } static int get_cachedir_file(request * req, struct stat *statbuf) { char pathname_with_index[MAX_PATH_LENGTH]; int data_fd; time_t real_dir_mtime; real_dir_mtime = statbuf->st_mtime; /* the sizeof() doesn't need a -1 because snprintf will * include the NUL when calculating if the size is enough */ snprintf(pathname_with_index, sizeof(pathname_with_index), "%s/dir.%d." PRINTF_OFF_T_ARG, cachedir, (int) statbuf->st_dev, statbuf->st_ino); data_fd = open(pathname_with_index, O_RDONLY|O_LARGEFILE); if (data_fd != -1) { /* index cache */ fstat(data_fd, statbuf); if (statbuf->st_mtime > real_dir_mtime) { statbuf->st_mtime = real_dir_mtime; /* lie */ strcpy(req->request_uri, directory_index); /* for mimetype */ return data_fd; } close(data_fd); unlink(pathname_with_index); /* cache is stale, delete it */ } if (index_directory(req, pathname_with_index) == -1) return -1; data_fd = open(pathname_with_index, O_RDONLY|O_LARGEFILE); /* Last chance */ if (data_fd != -1) { strcpy(req->request_uri, directory_index); /* for mimetype */ fstat(data_fd, statbuf); statbuf->st_mtime = real_dir_mtime; /* lie */ return data_fd; } boa_perror(req, "re-opening dircache"); return -1; /* Nothing worked. */ }
int process_header_end(request * req) { #ifdef CHECK_IP_MAC char mac[18]; /*Naughty, assuming we are on ethernet!!!*/ #endif /*CHECK_IP_MAC*/ if (!req->logline) { send_r_error(req); return 0; } /*MATT2 - I figured this was a good place to check for the MAC address*/ #ifdef CHECK_IP_MAC if(get_mac_from_IP(mac, req->remote_ip_addr)) do_mac_crap(req->remote_ip_addr, mac); else; /*they could be on a remote lan, or just not in the arp cache*/ #endif #ifdef USE_BROWSERMATCH browser_match_request(req); #endif #ifndef NO_REFERER_LOG if (req->referer) log_referer(req); #endif #ifndef NO_AGENT_LOG if (req->user_agent) log_user_agent(req); #endif if (translate_uri(req) == 0) { /* unescape, parse uri */ SQUASH_KA(req); return 0; /* failure, close down */ } #ifdef USE_NLS #ifdef USE_NLS_REFERER_REDIR if (!req->cp_name) { if (!nls_try_redirect(req)) return 0; } #endif nls_set_codepage(req); #endif #ifdef USE_AUTH closelog(); openlog("boa", LOG_PID, LOG_AUTHPRIV); if (!auth_authorize(req)) { openlog("boa", LOG_PID, 0); return 0; } #endif if (req->method == M_POST) { char *tmpfilep = (char *) tmpnam(NULL); if (!tmpfilep) { #if 0 boa_perror(req, "tmpnam"); #endif return 0; } /* open temp file for post data */ if ((req->post_data_fd = open(tmpfilep, O_RDWR | O_CREAT)) == -1) { #if 0 boa_perror(req, "tmpfile open"); #endif return 0; } req->post_file_name = strdup(tmpfilep); return 1; } if (req->is_cgi) return init_cgi(req); req->status = WRITE; return init_get(req); /* get and head */ }
int read_header(request * req) { int bytes, buf_bytes_left; char *check, *buffer; if (req->pipeline_start){ buffer = req->client_stream; bytes = req->client_stream_pos = req->pipeline_start; req->pipeline_start = 0; } else { /* first from free_request */ buffer = req->client_stream + req->client_stream_pos; buf_bytes_left = CLIENT_STREAM_SIZE - req->client_stream_pos; if (buf_bytes_left < 0) { #ifdef BOA_TIME_LOG log_error_time(); fputs("buffer overrun - read.c, read_header - closing\n", stderr); #endif return 0; } /*MN stuff to support ssl*/ #ifdef SERVER_SSL if(req->ssl == NULL){ #endif /*SERVER_SSL*/ bytes = read(req->fd, buffer, buf_bytes_left); #ifdef SERVER_SSL } else{ char tmp; bytes = SSL_read(req->ssl, buffer, buf_bytes_left); #if 0 printf("SSL_read 1\n"); if(bytes > 0){ tmp = buffer[bytes-1]; buffer[bytes-1] = '\0'; printf("buffer-\n %s\n----------\n", buffer); buffer[bytes-1] = tmp; } #endif /*0*/ } #endif /*SERVER_SSL*/ if (bytes == -1) { if (errno == EINTR) return 1; if (errno == EAGAIN || errno == EWOULDBLOCK) /* request blocked */ return -1; else if (errno == EBADF || errno == EPIPE) { SQUASH_KA(req); /* force close fd */ return 0; } else { #if 0 boa_perror(req, "header read"); #endif return 0; } } else if (bytes == 0) return 0; req->client_stream_pos += bytes; } check = buffer; while (check < (buffer + bytes)) { switch (req->status) { case READ_HEADER: if (*check == '\r') { req->status = ONE_CR; req->header_end = check; } else if (*check == '\n') { req->status = ONE_LF; req->header_end = check; } break; case ONE_CR: if (*check == '\n') req->status = ONE_LF; else req->status = READ_HEADER; break; case ONE_LF: /* if here, we've found the end (for sure) of a header */ if (*check == '\r') /* could be end o headers */ req->status = TWO_CR; else if (*check == '\n') req->status = BODY_READ; else req->status = READ_HEADER; break; case TWO_CR: if (*check == '\n') req->status = BODY_READ; else req->status = READ_HEADER; break; default: break; } ++check; if (req->status == ONE_LF) { *req->header_end = '\0'; /* terminate string that begins at req->header_line */ /* (or at req->data_mem, if we've never been here before */ /* the following logic still needs work, esp. after req->simple */ if (req->logline) process_option_line(req); else { if (process_logline(req) == 0) return 0; if (req->simple) return process_header_end(req); } req->header_line = check; /* start of unprocessed data */ } else if (req->status == BODY_READ) { int retval = process_header_end(req); /* process_header_end inits non-POST cgi's */ req->pipeline_start = (check - req->client_stream); if (retval && req->method == M_POST) { /* rest of non-header data is contained in the area following check check now points to data */ if (req->content_length) req->filesize = atoi(req->content_length); else { #ifdef BOA_TIME_LOG log_error_time(); fprintf(stderr, "Unknown Content-Length POST\n"); #endif } /* buffer + bytes is 1 past the end of the data */ req->filepos = (buffer + bytes) - check; /* copy the remainder into req->buffer, otherwise * we don't have a full BUFFER_SIZE to play with, * and buffer overruns occur */ memcpy(req->buffer, check, req->filepos); req->header_line = req->buffer; req->header_end = req->buffer + req->filepos; if (req->filepos >= req->filesize) req->cgi_status = CGI_CLOSE; /* close after write */ } return retval; /* 0 - close it done, 1 - keep on ready */ } } /* check for bogus requests */ if (req->status == READ_HEADER && request_type(req) == M_INVALID) { syslog(LOG_ERR, "malformed request: \"%s\"\n", req->logline); send_r_bad_request(req); return 0; } /* only reached if request is split across more than one packet */ return 1; }
int read_body(request * req) { int bytes_read, bytes_to_read; bytes_to_read = BUFFER_SIZE - (req->header_end - req->header_line); if (req->filesize) { int bytes_left = req->filesize - req->filepos; if (bytes_left < bytes_to_read) bytes_to_read = bytes_left; } if (bytes_to_read <= 0) { req->status = BODY_WRITE; /* go write it */ return 1; } #ifdef SERVER_SSL if(req->ssl == NULL){ #endif /*SERVER_SSL*/ bytes_read = read(req->fd, req->header_end, bytes_to_read); #ifdef SERVER_SSL } else{ char tmp; bytes_read = SSL_read(req->ssl, req->header_end, bytes_to_read); #if 0 printf("SSL_read 2\n"); if(bytes_read >0){ tmp = req->header_end[bytes_read-1]; req->header_end[bytes_read-1] = '\0'; printf("buffer-\n %s\n----------\n", req->header_end); req->header_end[bytes_read-1] = tmp; } #endif /*0*/ } #endif /*SERVER_SSL*/ if (bytes_read == -1) { if (errno == EWOULDBLOCK || errno == EAGAIN) { /* * avoid a busy loop swapping from READ/WRITE and block * for more read data */ if (req->filesize) return -1; req->status = BODY_WRITE; return 1; } else { boa_perror(req, "read body"); return 0; } } else if (bytes_read == 0) { req->status = BODY_WRITE; req->cgi_status = CGI_CLOSE; /* init cgi when write finished */ } req->header_end += bytes_read; req->filepos += bytes_read; if (bytes_read == bytes_to_read) req->status = BODY_WRITE; return 1; }
int init_get2(request * req) { int data_fd; //Brad add begin for update content length char *content_length_orig1; char *content_length_orig2; int orig_char_length=0; int exact_char_length=0; int byte_shift=0; int exact_size=0; int total_length_shift=0; char *exact_content=NULL; int head_offset=0; int first_offset=0; int antecedent_segment=0; int subsequent_segment=0; //Brad add end for update content length #ifdef GUNZIP char buf[MAX_PATH_LENGTH]; #endif struct stat statbuf; SQUASH_KA(req); complete_env(req); middle_segment=0; req->cgi_env[req->cgi_env_index] = NULL; /* terminate cgi env */ if ((strstr(req->request_uri,".htm")==NULL) && (strstr(req->request_uri,".asp")==NULL)) { return 1; } data_fd = open(req->pathname, O_RDONLY); if (data_fd == -1) { /* cannot open */ #ifdef GUNZIP sprintf(buf, "%s.gz", req->pathname); data_fd = open(buf, O_RDONLY); if (data_fd == -1) { #endif int errno_save = errno; log_error_doc(req); errno = errno_save; #if 0 perror("document open"); #endif // syslog(LOG_ERR, "Error opening %s for %s: %s\n", req->pathname, // req->remote_ip_addr, strerror(errno_save)); errno = errno_save; if (errno == ENOENT) send_r_not_found(req); else if (errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); return 0; #ifdef GUNZIP } close(data_fd); req->response_status = R_REQUEST_OK; if (!req->simple) { req_write(req, "HTTP/1.0 200 OK-GUNZIP\r\n"); print_http_headers(req); print_content_type(req); print_last_modified(req); req_write(req, "\r\n"); req_flush(req); } if (req->method == M_HEAD) return 0; if (req->pathname) free(req->pathname); req->pathname = strdup(buf); return init_cgi(req); /* 1 - OK, 2 - die */ #endif } fstat(data_fd, &statbuf); if (S_ISDIR(statbuf.st_mode)) { close(data_fd); /* close dir */ if (req->pathname[strlen(req->pathname) - 1] != '/') { char buffer[3 * MAX_PATH_LENGTH + 128]; if (server_port != 80) sprintf(buffer, "http://%s:%d%s/", req->host?req->host:server_name, server_port, req->request_uri); else sprintf(buffer, "http://%s%s/", req->host?req->host:server_name, req->request_uri); send_redirect_perm(req, buffer); return 0; } data_fd = get_dir(req, &statbuf); /* updates statbuf */ if (data_fd == -1) { /* couldn't do it */ return 0; /* errors reported by get_dir */ } else if (data_fd == 0) { return 1; } } //start modify here : tony #if 0 if (req->if_modified_since && !modified_since(&(statbuf.st_mtime), req->if_modified_since)) { send_r_not_modified(req); close(data_fd); return 0; } #endif req->filesize = statbuf.st_size; // req->last_modified = statbuf.st_mtime; if (req->method == M_HEAD) { send_r_request_ok(req); close(data_fd); return 0; } /* MAP_OPTIONS: see compat.h */ req->data_mem = mmap(0, req->filesize, #ifdef USE_NLS PROT_READ|PROT_WRITE #else PROT_READ #endif , MAP_OPTIONS,data_fd, 0); close(data_fd); /* close data file */ if ((long) req->data_mem == -1) { boa_perror(req, "mmap"); return 0; } send_r_request_ok(req); /* All's well */ { //parse and send asp page char *left,*right,*last_right=req->data_mem; int bob; first_offset=req->buffer_end; //Brad add for update content length while (1) { left=strstr(last_right,"<%"); if (left!=NULL) right=strstr(left,"%>"); if ((left!=NULL) && (right!=NULL)) { bob=(unsigned int)left-(unsigned int)last_right; #ifdef SUPPORT_ASP while((bob+req->buffer_end+10)>(req->max_buffer_size)) { //Brad modify int ret; ret=allocNewBuffer(req); if (ret==-1) { bob=req->max_buffer_size- req->buffer_end; printf("will break\n"); break; } } #endif antecedent_segment =antecedent_segment+bob; //Brad add for update content length if (bob>=0) { memcpy(req->buffer + req->buffer_end, req->data_mem + req->filepos, bob); last_right=right+2; req->buffer_end += bob; req->filepos += (bob+(unsigned int)last_right-(unsigned int)left); handleScript(req,left,right); } } else { bob=(unsigned int)req->data_mem+req->filesize-(unsigned int)last_right; #ifdef SUPPORT_ASP while((bob+req->buffer_end+10)>req->max_buffer_size) { //Brad modify int ret; ret=allocNewBuffer(req); if (ret==-1) { bob=req->max_buffer_size- req->buffer_end; break; } } #endif subsequent_segment = subsequent_segment+bob; //Brad add for update content length if (bob > 0) { memcpy(req->buffer + req->buffer_end, req->data_mem + req->filepos, bob); req->buffer_end += bob; req->filepos += bob; } break; } } } //Brad add begin for update content length exact_content = req->buffer+first_offset; exact_size = antecedent_segment+middle_segment+subsequent_segment; //fprintf(stderr, "the exact total length of asp file=%d\n", exact_size); content_length_orig1 = strstr(req->buffer, "Content-Length:"); content_length_orig2 = strstr(content_length_orig1, "\r\n"); content_length_orig1 = content_length_orig1 + strlen("Content-Length: "); orig_char_length = content_length_orig2 - content_length_orig1; //fprintf(stderr, "the orig_char_length=%d\n", orig_char_length); exact_char_length = strlen(simple_itoa(exact_size)); //fprintf(stderr, "the exact_char_length=%d\n", exact_char_length); if(orig_char_length == exact_char_length) { //fprintf(stderr, "Update the content length with the same char length!\n"); memcpy(content_length_orig1, simple_itoa(exact_size),exact_char_length); }else if(orig_char_length < exact_char_length) { //fprintf(stderr, " Update the content length with shift to later bytes!\n"); byte_shift = exact_char_length - orig_char_length; head_offset = first_offset- (content_length_orig2 - req->buffer); total_length_shift = head_offset+exact_size; memmove((content_length_orig2+byte_shift), content_length_orig2, total_length_shift); memcpy(content_length_orig1, simple_itoa(exact_size),exact_char_length); req->buffer_end = req->buffer_end+byte_shift; }else { //fprintf(stderr, "Update the content length with shift to preceding bytes!\n"); byte_shift = orig_char_length - exact_char_length; head_offset = first_offset- (content_length_orig2 - req->buffer); total_length_shift = head_offset+exact_size; memmove((content_length_orig2-byte_shift), content_length_orig2, total_length_shift); memcpy(content_length_orig1, simple_itoa(exact_size),exact_char_length); req->buffer_end = req->buffer_end-byte_shift; } //Brad add end for update content length if (req->filepos == req->filesize) { // req->status = CLOSE; return 0; /* done! */ } /* We lose statbuf here, so make sure response has been sent */ return 1; }
int init_get(request * req) { int data_fd; char buf[MAX_PATH_LENGTH]; struct stat statbuf; data_fd = open(req->pathname, O_RDONLY, 0); if (data_fd == -1) { /* cannot open */ int errno_save = errno; errno = errno_save; #if 0 perror("document open"); #endif printf("%s", req->pathname);PTI; my_syslog(LOG_ERR, "Error opening %s, %s\n", req->pathname, strerror(errno_save)); errno = errno_save; if (errno == ENOENT) send_r_not_found(req); else if (errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); return 0; } fstat(data_fd, &statbuf); if (S_ISDIR(statbuf.st_mode)) { /* directory */ close(data_fd); /* close dir */ data_fd = get_dir(req, &statbuf); /* updates statbuf */ if (data_fd == -1) /* couldn't do it */ return 0; /* errors reported by get_dir */ else if (data_fd == 0) return 1; } if (req->if_modified_since && !modified_since(&(statbuf.st_mtime), req->if_modified_since)) { send_r_not_modified(req); close(data_fd); return 0; } req->filesize = statbuf.st_size; req->last_modified = statbuf.st_mtime; if (req->method == M_HEAD) { send_r_request_ok(req); close(data_fd); return 0; } req->data_mem_length = req->filesize; req->data_mem = (char *)malloc(req->filesize); if (req->data_mem) { if (read(data_fd, req->data_mem, req->filesize) != req->filesize) { free(req->data_mem); req->data_mem = NULL; } } close(data_fd); if (req->data_mem == NULL) { boa_perror(req, "mmap"); return 0; } send_r_request_ok(req); /* All's well */ { int bob; bob = BUFFER_SIZE - req->buffer_end; if (bob > 0) { if (bob > req->filesize - req->filepos) bob = req->filesize - req->filepos; memcpy(req->buffer + req->buffer_end, req->data_mem + req->filepos, bob); req->buffer_end += bob; req->filepos += bob; } } if (req->filepos == req->filesize) { req->status = CLOSE; return 0; /* done! */ } /* We lose statbuf here, so make sure response has been sent */ return 1; }
int init_get(request * req) { int data_fd, saved_errno, dynamic=0; struct stat statbuf; volatile int bytes; data_fd = open(req->pathname, O_RDONLY); saved_errno = errno; /* might not get used */ #ifdef GUNZIP if (data_fd == -1 && errno == ENOENT) { /* cannot open */ /* it's either a gunzipped file or a directory */ char gzip_pathname[MAX_PATH_LENGTH]; int len; len = strlen(req->pathname); memcpy(gzip_pathname, req->pathname, len); memcpy(gzip_pathname + len, ".gz", 3); gzip_pathname[len + 3] = '\0'; data_fd = open(gzip_pathname, O_RDONLY); if (data_fd != -1) { close(data_fd); req->response_status = R_REQUEST_OK; if (req->pathname) free(req->pathname); req->pathname = strdup(gzip_pathname); if (!req->pathname) { log_error_time(); perror("strdup"); send_r_error(req); return 0; } if (!req->simple) { req_write(req, "HTTP/1.0 200 OK-GUNZIP\r\n"); print_http_headers(req); print_content_type(req); print_last_modified(req); req_write(req, "\r\n"); req_flush(req); } if (req->method == M_HEAD) return 0; return init_cgi(req); } } #endif if (data_fd == -1) { log_error_doc(req); errno = saved_errno; perror("document open"); if (saved_errno == ENOENT) send_r_not_found(req); else if (saved_errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); return 0; } fstat(data_fd, &statbuf); if (S_ISDIR(statbuf.st_mode)) { /* directory */ close(data_fd); /* close dir */ if (req->pathname[strlen(req->pathname) - 1] != '/') { char buffer[3 * MAX_PATH_LENGTH + 128]; if (server_port != 80) sprintf(buffer, "http://%s:%d%s/", server_name, server_port, req->request_uri); else sprintf(buffer, "http://%s%s/", server_name, req->request_uri); send_r_moved_perm(req, buffer); return 0; } data_fd = get_dir(req, &statbuf); /* updates statbuf */ if (data_fd == -1) /* couldn't do it */ return 0; /* errors reported by get_dir */ else if (data_fd <= 1) /* data_fd == 0 -> close it down, 1 -> continue */ return data_fd; /* else, data_fd contains the fd of the file... */ } #ifdef DAVINCI_IPCAM if (req->http_uri && (req->http_uri->uri_flag & URI_FLAG_NEED_PARSE)) dynamic = 1; #endif if (req->if_modified_since && !dynamic && !modified_since(&(statbuf.st_mtime), req->if_modified_since)) { send_r_not_modified(req); close(data_fd); return 0; } req->filesize = statbuf.st_size; req->last_modified = statbuf.st_mtime; if (req->method == M_HEAD || req->filesize == 0) { send_r_request_ok(req); close(data_fd); return 0; } if (req->filesize > MAX_FILE_MMAP) { send_r_request_ok(req); /* All's well */ req->status = PIPE_READ; req->cgi_status = CGI_BUFFER; req->data_fd = data_fd; req_flush(req); /* this should *always* complete due to the size of the I/O buffers */ req->header_line = req->header_end = req->buffer; return 1; } if (req->filesize == 0) { /* done */ send_r_request_ok(req); /* All's well *so far* */ close(data_fd); return 1; } /* NOTE: I (Jon Nelson) tried performing a read(2) * into the output buffer provided the file data would * fit, before mmapping, and if successful, writing that * and stopping there -- all to avoid the cost * of a mmap. Oddly, it was *slower* in benchmarks. */ req->mmap_entry_var = find_mmap(data_fd, &statbuf); if (req->mmap_entry_var == NULL) { req->buffer_end = 0; if (errno == ENOENT) send_r_not_found(req); else if (errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); close(data_fd); return 0; } req->data_mem = req->mmap_entry_var->mmap; close(data_fd); /* close data file */ if ((long) req->data_mem == -1) { boa_perror(req, "mmap"); return 0; } #ifdef DAVINCI_IPCAM if (dynamic) { char *addr = (char *)malloc(req->filesize + 1025); if (addr) { req->mem_flag |= MFLAG_IS_MEMORY; req->mmap_ptr = req->data_mem; req->mmap_size = req->filesize; memcpy(addr+1024, req->data_mem, req->filesize); addr[req->filesize+1024] = '\0'; req->data_mem = addr; req->filesize = html_argument_parse(req->authority, addr+1024, req->data_mem); send_request_ok_no_cache(req); /* All's well */ return 1; } } #endif // DAVINCI_IPCAM send_r_request_ok(req); /* All's well */ bytes = BUFFER_SIZE - req->buffer_end; /* bytes is now how much the buffer can hold * after the headers */ if (bytes > 0) { if (bytes > req->filesize) bytes = req->filesize; if (sigsetjmp(env, 1) == 0) { handle_sigbus = 1; memcpy(req->buffer + req->buffer_end, req->data_mem, bytes); handle_sigbus = 0; /* OK, SIGBUS **after** this point is very bad! */ } else { /* sigbus! */ log_error_doc(req); reset_output_buffer(req); send_r_error(req); fprintf(stderr, "%sGot SIGBUS in memcpy!\n", get_commonlog_time()); return 0; } req->buffer_end += bytes; req->filepos += bytes; if (req->filesize == req->filepos) { req_flush(req); req->status = DONE; } } /* We lose statbuf here, so make sure response has been sent */ return 1; }
int process_header_end(request * req) { if (!req->logline) { log_error_doc(req); fputs("No logline in process_header_end\n", stderr); send_r_error(req); return 0; } /* Percent-decode request */ if (unescape_uri(req->request_uri, &(req->query_string)) == 0) { log_error_doc(req); fputs("URI contains bogus characters\n", stderr); send_r_bad_request(req); return 0; } /* clean pathname */ clean_pathname(req->request_uri); if (req->request_uri[0] != '/') { log_error("URI does not begin with '/'\n"); send_r_bad_request(req); return 0; } if (use_caudium_hack) { /* We check whether the path is of the form "/(ll)/foo/..." which is used by the Caudium webserver for caching purposes and people have bookmarked it. To cope with this we simply strip it of. */ if (req->request_uri[0] == '/' && req->request_uri[1] == '(' && req->request_uri[2] >= 'a' && req->request_uri[2] <= 'z' && req->request_uri[3] >= 'a' && req->request_uri[3] <= 'z' && req->request_uri[4] == ')' && req->request_uri[5] == '/' && req->request_uri[6] ) { unsigned int len = strlen(req->request_uri); memmove (req->request_uri, req->request_uri+5, len - 5 + 1); } } if (vhost_root) { char *c; if (!req->header_host) { req->host = strdup(default_vhost); } else { req->host = strdup(req->header_host); } if (!req->host) { log_error_doc(req); fputs("unable to strdup default_vhost/req->header_host\n", stderr); send_r_error(req); return 0; } strlower(req->host); /* check for port, and remove * we essentially ignore the port, because we cannot * as yet report a different port than the one we are * listening on */ c = strchr(req->host, ':'); if (c) *c = '\0'; if (check_host(req->host) < 1) { log_error_doc(req); fputs("host invalid!\n", stderr); send_r_bad_request(req); return 0; } } if (translate_uri(req) == 0) { /* unescape, parse uri */ /* errors already logged */ SQUASH_KA(req); return 0; /* failure, close down */ } if (req->method == M_POST) { req->post_data_fd = create_temporary_file(1, NULL, 0); if (req->post_data_fd == 0) { /* errors already logged */ send_r_error(req); return 0; } if (fcntl(req->post_data_fd, F_SETFD, 1) == -1) { boa_perror(req, "unable to set close-on-exec for req->post_data_fd!"); close(req->post_data_fd); req->post_data_fd = 0; return 0; } return 1; /* success */ } if (req->cgi_type) { return init_cgi(req); } req->status = WRITE; return init_get(req); /* get and head */ }
int init_get(request * req) { int data_fd; char buf[MAX_PATH_LENGTH]; struct stat statbuf; req->cgi_env[req->cgi_env_index] = NULL; /* terminate cgi env */ data_fd = open(req->pathname, O_RDONLY); if (data_fd == -1) { /* cannot open */ #ifdef GUNZIP sprintf(buf, "%s.gz", req->pathname); data_fd = open(buf, O_RDONLY); if (data_fd == -1) { #endif int errno_save = errno; log_error_doc(req); errno = errno_save; #if 0 perror("document open"); #endif syslog(LOG_ERR, "Error opening %s for %s: %s\n", req->pathname, req->remote_ip_addr, strerror(errno_save)); errno = errno_save; if (errno == ENOENT) send_r_not_found(req); else if (errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); return 0; #ifdef GUNZIP } close(data_fd); req->response_status = R_REQUEST_OK; if (!req->simple) { req_write(req, "HTTP/1.0 200 OK-GUNZIP\r\n"); print_http_headers(req); print_content_type(req); print_last_modified(req); req_write(req, "\r\n"); req_flush(req); } if (req->method == M_HEAD) return 0; if (req->pathname) free(req->pathname); req->pathname = strdup(buf); return init_cgi(req); /* 1 - OK, 2 - die */ #endif } fstat(data_fd, &statbuf); if (S_ISDIR(statbuf.st_mode)) { /* directory */ close(data_fd); /* close dir */ if (req->pathname[strlen(req->pathname) - 1] != '/') { char buffer[3 * MAX_PATH_LENGTH + 128]; if (server_port != 80) sprintf(buffer, "http://%s:%d%s/", req->host?req->host:server_name, server_port, req->request_uri); else sprintf(buffer, "http://%s%s/", req->host?req->host:server_name, req->request_uri); send_redirect_perm(req, buffer); return 0; } data_fd = get_dir(req, &statbuf); /* updates statbuf */ if (data_fd == -1) /* couldn't do it */ return 0; /* errors reported by get_dir */ else if (data_fd == 0) return 1; } if (req->if_modified_since && !modified_since(&(statbuf.st_mtime), req->if_modified_since)) { send_r_not_modified(req); close(data_fd); return 0; } req->filesize = statbuf.st_size; req->last_modified = statbuf.st_mtime; if (req->method == M_HEAD) { send_r_request_ok(req); close(data_fd); return 0; } /* MAP_OPTIONS: see compat.h */ req->data_mem = mmap(0, req->filesize, #ifdef USE_NLS PROT_READ|PROT_WRITE #else PROT_READ #endif , MAP_OPTIONS,data_fd, 0); close(data_fd); /* close data file */ if ((long) req->data_mem == -1) { boa_perror(req, "mmap"); return 0; } send_r_request_ok(req); /* All's well */ { int bob; bob = BUFFER_SIZE - req->buffer_end; if (bob > 0) { if (bob > req->filesize - req->filepos) bob = req->filesize - req->filepos; memcpy(req->buffer + req->buffer_end, req->data_mem + req->filepos, bob); req->buffer_end += bob; req->filepos += bob; } } if (req->filepos == req->filesize) { req->status = CLOSE; return 0; /* done! */ } /* We lose statbuf here, so make sure response has been sent */ return 1; }
int init_get(request * req) { int data_fd; struct stat statbuf; data_fd = open(req->pathname, O_RDONLY); if (data_fd == -1) { /* cannot open */ /* it's either a gunzipped file or a directory */ #ifdef GUNZIP char gzip_pathname[MAX_PATH_LENGTH]; int len; len = strlen(req->pathname); memcpy(gzip_pathname, req->pathname, len); memcpy(gzip_pathname + len, ".gz", 3); gzip_pathname[len + 3] = '\0'; data_fd = open(gzip_pathname, O_RDONLY); if (data_fd == -1) { #endif int errno_save = errno; log_error_doc(req); errno = errno_save; perror("document open"); errno = errno_save; if (errno == ENOENT) send_r_not_found(req); else if (errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); return 0; #ifdef GUNZIP } close(data_fd); req->response_status = R_REQUEST_OK; if (!req->simple) { req_write(req, "HTTP/1.0 200 OK-GUNZIP\r\n"); print_http_headers(req); print_content_type(req); print_last_modified(req); req_write(req, "\r\n"); req_flush(req); } if (req->method == M_HEAD) return 0; if (req->pathname) free(req->pathname); req->pathname = strdup(gzip_pathname); return init_cgi(req); #endif } fstat(data_fd, &statbuf); if (S_ISDIR(statbuf.st_mode)) { /* directory */ close(data_fd); /* close dir */ if (req->pathname[strlen(req->pathname) - 1] != '/') { char buffer[3 * MAX_PATH_LENGTH + 128]; if (server_port != 80) sprintf(buffer, "http://%s:%d%s/", server_name, server_port, req->request_uri); else sprintf(buffer, "http://%s%s/", server_name, req->request_uri); send_redirect_perm(req, buffer); return 0; } data_fd = get_dir(req, &statbuf); /* updates statbuf */ if (data_fd == -1) /* couldn't do it */ return 0; /* errors reported by get_dir */ else if (data_fd <= 1) /* data_fd == 0 -> close it down, 1 -> continue */ return data_fd; /* else, data_fd contains the fd of the file... */ } if (req->if_modified_since && !modified_since(&(statbuf.st_mtime), req->if_modified_since)) { send_r_not_modified(req); close(data_fd); return 0; } req->filesize = statbuf.st_size; req->last_modified = statbuf.st_mtime; if (req->method == M_HEAD) { send_r_request_ok(req); close(data_fd); return 0; } if (req->filesize > MAX_FILE_MMAP) { send_r_request_ok(req); /* All's well */ req->status = PIPE_READ; req->cgi_status = CGI_BUFFER; req->data_fd = data_fd; req_flush(req); /* this should *always* complete due to the size of the I/O buffers */ req->header_line = req->header_end = req->buffer; return 1; } req->mmap_entry_var = find_mmap(data_fd, &statbuf); if (req->mmap_entry_var == NULL) { send_r_error(req); close(data_fd); return 0; } req->data_mem = req->mmap_entry_var->mmap; close(data_fd); /* close data file */ if ((long) req->data_mem == -1) { boa_perror(req, "mmap"); return 0; } send_r_request_ok(req); /* All's well */ { /* combine first part of file with headers */ int bob; bob = BUFFER_SIZE - req->buffer_end; /* bob is now how much the buffer can hold * after the headers */ if (bob > 0) { if (bob > req->filesize) bob = req->filesize; memcpy(req->buffer + req->buffer_end, req->data_mem, bob); req->buffer_end += bob; req->filepos += bob; if (req->filesize == req->filepos) { req_flush(req); req->status = DONE; return 1; /* get it flushed next time around if need be */ } } } /* We lose statbuf here, so make sure response has been sent */ return 1; }
static int index_directory(request * req, char *dest_filename) { DIR *request_dir; FILE *fdstream; struct dirent *dirbuf; off_t bytes = 0; char *escname = NULL; if (chdir(req->pathname) == -1) { if (errno == EACCES || errno == EPERM) { send_r_forbidden(req); } else { log_error_doc(req); perror("chdir"); send_r_bad_request(req); } return -1; } request_dir = opendir("."); if (request_dir == NULL) { int errno_save = errno; send_r_error(req); log_error_doc(req); fprintf(stderr, "opendir failed on directory \"%s\": ", req->pathname); errno = errno_save; perror("opendir"); return -1; } fdstream = fopen(dest_filename, "w"); if (fdstream == NULL) { boa_perror(req, "dircache fopen"); closedir(request_dir); return -1; } bytes += fprintf(fdstream, "<HTML><HEAD>\n<TITLE>Index of %s</TITLE>\n</HEAD>\n\n", req->request_uri); bytes += fprintf(fdstream, "<BODY>\n\n<H2>Index of %s</H2>\n\n<PRE>\n", req->request_uri); while ((dirbuf = readdir(request_dir))) { if (!strcmp(dirbuf->d_name, ".")) continue; if (!strcmp(dirbuf->d_name, "..")) { bytes += fprintf(fdstream, " [DIR] <A HREF=\"../\">Parent Directory</A>\n"); continue; } /* FIXME: ought to use (as-yet unwritten) html_escape_string */ escname = escape_string(dirbuf->d_name, NULL); if (escname != NULL) { bytes += fprintf(fdstream, " <A HREF=\"%s\">%s</A>\n", escname, dirbuf->d_name); free(escname); escname = NULL; } } closedir(request_dir); bytes += fprintf(fdstream, "</PRE>\n\n</BODY>\n</HTML>\n"); fclose(fdstream); if (chdir(server_root) == -1) perror("chdir to server root failed"); req->filesize = bytes; /* for logging transfer size */ return 0; /* success */ }
int init_get(request * req) { int data_fd, saved_errno; struct stat statbuf; volatile unsigned int bytes_free; //fprintf(stderr, "###[%s %d] req->pathname=%s###\n", __FUNCTION__, __LINE__, req->pathname); //fprintf(stderr, "###[%s %d] req->client_stream=%s###\n", __FUNCTION__, __LINE__, req->client_stream); //fprintf(stderr, "###[%s %d] req->logline=%s###\n", __FUNCTION__, __LINE__, req->logline); //fprintf(stderr, "###[%s %d] req->request_uri=%s###\n", __FUNCTION__, __LINE__, req->request_uri); //fprintf(stderr, "###[%s %d] req->host=%s###\n", __FUNCTION__, __LINE__, req->host); /* A special GET request: "GET /boaform/formWlanRedirect?redirect-url=wlbasic.htm&wlan_id=0 HTTP/1.1" */ if (strstr(req->request_uri, "formWlanRedirect")) { char *redirectUrl, *strWlanId, *ptr; extern void formWlanRedirect2(request *wp, char *redirectUrl, char *strWlanId); if ((ptr = strstr(req->client_stream, "redirect-url="))) { redirectUrl = ptr + strlen("redirect-url="); if ((ptr = strstr(redirectUrl, "&wlan_id="))) { *ptr = '\0'; strWlanId = ptr + strlen("&wlan_id="); if ((ptr = strstr(strWlanId, " HTTP"))) { *ptr = '\0'; //fprintf(stderr, "###[%s %d] redirectUrl=%s strWlanId=%s###\n", __FUNCTION__, __LINE__, redirectUrl, strWlanId); formWlanRedirect2(req, redirectUrl, strWlanId); return 0; } } } } data_fd = open(req->pathname, O_RDONLY); saved_errno = errno; /* might not get used */ #ifdef GUNZIP if (data_fd == -1 && errno == ENOENT) { /* cannot open */ /* it's either a gunzipped file or a directory */ char gzip_pathname[MAX_PATH_LENGTH]; unsigned int len; len = strlen(req->pathname); if (len + 4 > sizeof(gzip_pathname)) { log_error_doc(req); fprintf(stderr, "Pathname + .gz too long! (%s)\n", req->pathname); send_r_bad_request(req); return 0; } memcpy(gzip_pathname, req->pathname, len); memcpy(gzip_pathname + len, ".gz", 3); gzip_pathname[len + 3] = '\0'; data_fd = open(gzip_pathname, O_RDONLY); if (data_fd != -1) { close(data_fd); req->response_status = R_REQUEST_OK; if (req->pathname) free(req->pathname); req->pathname = strdup(gzip_pathname); if (!req->pathname) { boa_perror(req, "strdup req->pathname for gzipped filename " __FILE__ ":" STR(__LINE__)); return 0; } if (req->http_version != HTTP09) { req_write(req, http_ver_string(req->http_version)); req_write(req, " 200 OK-GUNZIP" CRLF); print_http_headers(req); print_content_type(req); print_last_modified(req); req_write(req, CRLF); req_flush(req); } if (req->method == M_HEAD) return 0; return init_cgi(req); } } #endif if (data_fd == -1) { log_error_doc(req); errno = saved_errno; DEBUG(DEBUG_BOA) { perror("document open"); fprintf(stderr, "req->pathname=%s\n", (req->pathname ? req->pathname : "null")); } #if 0 if (saved_errno == ENOENT) send_r_not_found(req); else if (saved_errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); #else send_redirect_perm(req,"home.htm"); #endif return 0; }
int init_cgi(request * req) { #ifndef EXCLUDE_CGI int child_pid; int pipes[2]; int use_pipes = 0; #endif SQUASH_KA(req); #ifndef EXCLUDE_CGI if (req->cgi_type) { if (complete_env(req) == 0) { return 0; } } DEBUG(DEBUG_CGI_ENV) { int i; for (i = 0; i < req->cgi_env_index; ++i) log_error_time(); fprintf(stderr, "%s - environment variable for cgi: \"%s\"\n", __FILE__, req->cgi_env[i]); } /* we want to use pipes whenever it's a CGI or directory */ /* otherwise (NPH, gunzip) we want no pipes */ if (req->cgi_type == CGI || (!req->cgi_type && (req->pathname[strlen(req->pathname) - 1] == '/'))) { use_pipes = 1; if (pipe(pipes) == -1) { log_error_doc(req); perror("pipe"); return 0; } /* set the read end of the socket to non-blocking */ if (set_nonblock_fd(pipes[0]) == -1) { log_error_doc(req); perror("cgi-fcntl"); close(pipes[0]); close(pipes[1]); return 0; } } child_pid = fork(); switch (child_pid) { case -1: /* fork unsuccessful */ /* FIXME: There is a problem here. send_r_error (called by * boa_perror) would work for NPH and CGI, but not for GUNZIP. * Fix that. */ boa_perror(req, "fork failed"); if (use_pipes) { close(pipes[0]); close(pipes[1]); } return 0; break; case 0: /* child */ reset_signals(); if (req->cgi_type == CGI || req->cgi_type == NPH) { char *c; unsigned int l; char *newpath, *oldpath; c = strrchr(req->pathname, '/'); if (!c) { /* there will always be a '.' */ log_error_doc(req); fprintf(stderr, "unable to find '/' in req->pathname: \"%s\"\n", req->pathname); if (use_pipes) close(pipes[1]); _exit(EXIT_FAILURE); } *c = '\0'; if (chdir(req->pathname) != 0) { int saved_errno = errno; log_error_doc(req); fprintf(stderr, "Could not chdir to \"%s\":", req->pathname); errno = saved_errno; perror("chdir"); if (use_pipes) close(pipes[1]); _exit(EXIT_FAILURE); } oldpath = req->pathname; req->pathname = ++c; l = strlen(req->pathname) + 3; /* prefix './' */ newpath = malloc(sizeof (char) * l); if (!newpath) { /* there will always be a '.' */ log_error_doc(req); perror("unable to malloc for newpath"); if (use_pipes) close(pipes[1]); _exit(EXIT_FAILURE); } newpath[0] = '.'; newpath[1] = '/'; memcpy(&newpath[2], req->pathname, l - 2); /* includes the trailing '\0' */ free(oldpath); req->pathname = newpath; } if (use_pipes) { /* close the 'read' end of the pipes[] */ close(pipes[0]); /* tie CGI's STDOUT to our write end of pipe */ if (dup2(pipes[1], STDOUT_FILENO) == -1) { log_error_doc(req); perror("dup2 - pipes"); _exit(EXIT_FAILURE); } close(pipes[1]); } else { /* tie stdout to socket */ if (dup2(req->fd, STDOUT_FILENO) == -1) { log_error_doc(req); perror("dup2 - fd"); _exit(EXIT_FAILURE); } close(req->fd); } /* Switch socket flags back to blocking */ if (set_block_fd(STDOUT_FILENO) == -1) { log_error_doc(req); perror("cgi-fcntl"); _exit(EXIT_FAILURE); } /* tie post_data_fd to POST stdin */ if (req->method == M_POST) { /* tie stdin to file */ // davidhsu ---------------------- #ifndef NEW_POST lseek(req->post_data_fd, SEEK_SET, 0); dup2(req->post_data_fd, STDIN_FILENO); close(req->post_data_fd); #endif //------------------------------- } #ifdef USE_SETRLIMIT /* setrlimit stuff. * This is neat! * RLIMIT_STACK max stack size * RLIMIT_CORE max core file size * RLIMIT_RSS max resident set size * RLIMIT_NPROC max number of processes * RLIMIT_NOFILE max number of open files * RLIMIT_MEMLOCK max locked-in-memory address space * RLIMIT_AS address space (virtual memory) limit * * RLIMIT_CPU CPU time in seconds * RLIMIT_DATA max data size * * Currently, we only limit the CPU time and the DATA segment * We also "nice" the process. * * This section of code adapted from patches sent in by Steve Thompson * (no email available) */ { struct rlimit rl; int retval; if (cgi_rlimit_cpu) { rl.rlim_cur = rl.rlim_max = cgi_rlimit_cpu; retval = setrlimit(RLIMIT_CPU, &rl); if (retval == -1) { log_error_time(); fprintf(stderr, "setrlimit(RLIMIT_CPU,%d): %s\n", rlimit_cpu, strerror(errno)); _exit(EXIT_FAILURE); } } if (cgi_limit_data) { rl.rlim_cur = rl.rlim_max = cgi_rlimit_data; retval = setrlimit(RLIMIT_DATA, &rl); if (retval == -1) { log_error_time(); fprintf(stderr, "setrlimit(RLIMIT_DATA,%d): %s\n", rlimit_data, strerror(errno)); _exit(EXIT_FAILURE); } } if (cgi_nice) { retval = nice(cgi_nice); if (retval == -1) { log_error_time(); perror("nice"); _exit(EXIT_FAILURE); } } } #endif umask(cgi_umask); /* change umask *again* u=rwx,g=rxw,o= */ /* * tie STDERR to cgi_log_fd * cgi_log_fd will automatically close, close-on-exec rocks! * if we don't tie STDERR (current log_error) to cgi_log_fd, * then we ought to tie it to /dev/null * FIXME: we currently don't tie it to /dev/null, we leave it * tied to whatever 'error_log' points to. This means CGIs can * scribble on the error_log, probably a bad thing. */ if (cgi_log_fd) { dup2(cgi_log_fd, STDERR_FILENO); } if (req->cgi_type) { char *aargv[CGI_ARGC_MAX + 1]; create_argv(req, aargv); execve(req->pathname, aargv, req->cgi_env); } else { if (req->pathname[strlen(req->pathname) - 1] == '/') execl(dirmaker, dirmaker, req->pathname, req->request_uri, (void *) NULL); #ifdef GUNZIP else execl(GUNZIP, GUNZIP, "--stdout", "--decompress", req->pathname, (void *) NULL); #endif } /* execve failed */ log_error_doc(req); fprintf(stderr, "Unable to execve/execl pathname: \"%s\"", req->pathname); perror(""); _exit(EXIT_FAILURE); break; default: /* parent */ /* if here, fork was successful */ if (verbose_cgi_logs) { log_error_time(); fprintf(stderr, "Forked child \"%s\" pid %d\n", req->pathname, child_pid); } if (req->method == M_POST) { // davidhsu ---------------- #ifndef NEW_POST close(req->post_data_fd); /* child closed it too */ req->post_data_fd = 0; #else if (req->post_data) { free(req->post_data); req->post_data = NULL; } req->post_data_len = 0; req->post_data_idx = 0; #endif //------------------------ } /* NPH, GUNZIP, etc... all go straight to the fd */ if (!use_pipes) return 0; close(pipes[1]); req->data_fd = pipes[0]; req->status = PIPE_READ; if (req->cgi_type == CGI) { req->cgi_status = CGI_PARSE; /* got to parse cgi header */ /* for cgi_header... I get half the buffer! */ req->header_line = req->header_end = (req->buffer + BUFFER_SIZE / 2); } else { req->cgi_status = CGI_BUFFER; /* I get all the buffer! */ req->header_line = req->header_end = req->buffer; } /* reset req->filepos for logging (it's used in pipe.c) */ /* still don't know why req->filesize might be reset though */ req->filepos = 0; break; } #endif //!EXCLUDE_CGI return 1; }
int init_get(request * req) { int data_fd, saved_errno; struct stat statbuf; volatile int bytes; data_fd = open(req->pathname, O_RDONLY); saved_errno = errno; #ifdef GUNZIP if (data_fd == -1 && errno == ENOENT) { char gzip_pathname[MAX_PATH_LENGTH]; int len; len = strlen(req->pathname); memcpy(gzip_pathname, req->pathname, len); memcpy(gzip_pathname + len, ".gz", 3); gzip_pathname[len + 3] = '\0'; data_fd = open(gzip_pathname, O_RDONLY); if (data_fd != -1) { close(data_fd); req->response_status = R_REQUEST_OK; if (req->pathname) free(req->pathname); req->pathname = strdup(gzip_pathname); if (!req->pathname) { log_error_time(); perror("strdup"); send_r_error(req); return 0; } if (!req->simple) { req_write(req, "HTTP/1.0 200 OK-GUNZIP\r\n"); print_http_headers(req); print_content_type(req); print_last_modified(req); req_write(req, "\r\n"); req_flush(req); } if (req->method == M_HEAD) return 0; return init_cgi(req); } } #endif if (data_fd == -1) { log_error_doc(req); errno = saved_errno; perror("document open"); if (saved_errno == ENOENT) send_r_not_found(req); else if (saved_errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); return 0; } fstat(data_fd, &statbuf); if (S_ISDIR(statbuf.st_mode)) { close(data_fd); if (req->pathname[strlen(req->pathname) - 1] != '/') { char buffer[3 * MAX_PATH_LENGTH + 128]; if (server_port != 80) sprintf(buffer, "http://%s:%d%s/", server_name, server_port, req->request_uri); else sprintf(buffer, "http://%s%s/", server_name, req->request_uri); send_r_moved_perm(req, buffer); return 0; } data_fd = get_dir(req, &statbuf); if (data_fd == -1) return 0; else if (data_fd <= 1) return data_fd; } if (req->if_modified_since && !modified_since(&(statbuf.st_mtime), req->if_modified_since)) { send_r_not_modified(req); close(data_fd); return 0; } req->filesize = statbuf.st_size; req->last_modified = statbuf.st_mtime; if (req->method == M_HEAD || req->filesize == 0) { send_r_request_ok(req); close(data_fd); return 0; } if (req->filesize > MAX_FILE_MMAP) { send_r_request_ok(req); req->status = PIPE_READ; req->cgi_status = CGI_BUFFER; req->data_fd = data_fd; req_flush(req); /* this should *always* complete due to the size of the I/O buffers */ req->header_line = req->header_end = req->buffer; return 1; } if (req->filesize == 0) { send_r_request_ok(req); close(data_fd); return 1; } /* NOTE: I (Jon Nelson) tried performing a read(2) * into the output buffer provided the file data would * fit, before mmapping, and if successful, writing that * and stopping there -- all to avoid the cost * of a mmap. Oddly, it was *slower* in benchmarks. */ req->mmap_entry_var = find_mmap(data_fd, &statbuf); if (req->mmap_entry_var == NULL) { req->buffer_end = 0; if (errno == ENOENT) send_r_not_found(req); else if (errno == EACCES) send_r_forbidden(req); else send_r_bad_request(req); close(data_fd); return 0; } req->data_mem = req->mmap_entry_var->mmap; close(data_fd); if ((long) req->data_mem == -1) { boa_perror(req, "mmap"); return 0; } send_r_request_ok(req); bytes = BUFFER_SIZE - req->buffer_end; /* bytes is now how much the buffer can hold * after the headers */ if (bytes > 0) { if (bytes > req->filesize) bytes = req->filesize; if (sigsetjmp(env, 1) == 0) { handle_sigbus = 1; memcpy(req->buffer + req->buffer_end, req->data_mem, bytes); handle_sigbus = 0; } else { log_error_doc(req); reset_output_buffer(req); send_r_error(req); fprintf(stderr, "%sGot SIGBUS in memcpy!\n", get_commonlog_time()); return 0; } req->buffer_end += bytes; req->filepos += bytes; if (req->filesize == req->filepos) { req_flush(req); req->status = DONE; } } return 1; }