2 a596b957 2022-07-14 tracey * Copyright (c) 2020-2022 Tracey Emery <tracey@traceyemery.net>
3 a596b957 2022-07-14 tracey * Copyright (c) 2013 David Gwynne <dlg@openbsd.org>
4 a596b957 2022-07-14 tracey * Copyright (c) 2013 Florian Obser <florian@openbsd.org>
6 a596b957 2022-07-14 tracey * Permission to use, copy, modify, and distribute this software for any
7 a596b957 2022-07-14 tracey * purpose with or without fee is hereby granted, provided that the above
8 a596b957 2022-07-14 tracey * copyright notice and this permission notice appear in all copies.
10 a596b957 2022-07-14 tracey * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 a596b957 2022-07-14 tracey * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 a596b957 2022-07-14 tracey * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 a596b957 2022-07-14 tracey * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 a596b957 2022-07-14 tracey * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 a596b957 2022-07-14 tracey * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 a596b957 2022-07-14 tracey * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 a596b957 2022-07-14 tracey #include <arpa/inet.h>
20 a596b957 2022-07-14 tracey #include <sys/queue.h>
21 a596b957 2022-07-14 tracey #include <sys/socket.h>
22 a596b957 2022-07-14 tracey #include <sys/types.h>
23 311b7e33 2022-08-01 op #include <sys/uio.h>
25 a596b957 2022-07-14 tracey #include <errno.h>
26 a596b957 2022-07-14 tracey #include <event.h>
27 a596b957 2022-07-14 tracey #include <imsg.h>
28 01498c42 2022-08-19 op #include <stdarg.h>
29 a596b957 2022-07-14 tracey #include <stdlib.h>
30 a596b957 2022-07-14 tracey #include <stdio.h>
31 a596b957 2022-07-14 tracey #include <string.h>
32 a596b957 2022-07-14 tracey #include <time.h>
33 a596b957 2022-07-14 tracey #include <unistd.h>
35 a596b957 2022-07-14 tracey #include "got_error.h"
36 df2d3cd2 2023-03-11 op #include "got_reference.h"
38 a596b957 2022-07-14 tracey #include "proc.h"
39 a596b957 2022-07-14 tracey #include "gotwebd.h"
40 ed619ca0 2022-12-14 op #include "tmpl.h"
42 a596b957 2022-07-14 tracey size_t fcgi_parse_record(uint8_t *, size_t, struct request *);
43 a596b957 2022-07-14 tracey void fcgi_parse_begin_request(uint8_t *, uint16_t, struct request *,
44 a596b957 2022-07-14 tracey uint16_t);
45 a596b957 2022-07-14 tracey void fcgi_parse_params(uint8_t *, uint16_t, struct request *, uint16_t);
46 3ff00ead 2022-08-09 op int fcgi_send_response(struct request *, int, const void *, size_t);
48 a596b957 2022-07-14 tracey void dump_fcgi_record_header(const char *, struct fcgi_record_header *);
49 a596b957 2022-07-14 tracey void dump_fcgi_begin_request_body(const char *,
50 a596b957 2022-07-14 tracey struct fcgi_begin_request_body *);
51 a596b957 2022-07-14 tracey void dump_fcgi_end_request_body(const char *,
52 a596b957 2022-07-14 tracey struct fcgi_end_request_body *);
54 a596b957 2022-07-14 tracey extern int cgi_inflight;
55 a596b957 2022-07-14 tracey extern volatile int client_cnt;
58 a596b957 2022-07-14 tracey fcgi_request(int fd, short events, void *arg)
60 a596b957 2022-07-14 tracey struct request *c = arg;
61 a596b957 2022-07-14 tracey ssize_t n;
62 a596b957 2022-07-14 tracey size_t parsed = 0;
64 a596b957 2022-07-14 tracey n = read(fd, c->buf + c->buf_pos + c->buf_len,
65 a596b957 2022-07-14 tracey FCGI_RECORD_SIZE - c->buf_pos-c->buf_len);
67 a596b957 2022-07-14 tracey switch (n) {
69 a596b957 2022-07-14 tracey switch (errno) {
70 a596b957 2022-07-14 tracey case EINTR:
71 a596b957 2022-07-14 tracey case EAGAIN:
74 a596b957 2022-07-14 tracey goto fail;
79 a596b957 2022-07-14 tracey log_debug("closed connection");
80 a596b957 2022-07-14 tracey goto fail;
85 a596b957 2022-07-14 tracey c->buf_len += n;
88 a596b957 2022-07-14 tracey * Parse the records as they are received. Per the FastCGI
89 a596b957 2022-07-14 tracey * specification, the server need only receive the FastCGI
90 a596b957 2022-07-14 tracey * parameter records in full; it is free to begin execution
91 a596b957 2022-07-14 tracey * at that point, which is what happens here.
94 a596b957 2022-07-14 tracey parsed = fcgi_parse_record(c->buf + c->buf_pos, c->buf_len, c);
95 a596b957 2022-07-14 tracey if (parsed != 0) {
96 a596b957 2022-07-14 tracey c->buf_pos += parsed;
97 a596b957 2022-07-14 tracey c->buf_len -= parsed;
100 5add7f42 2023-03-10 op /* drop the parsed record */
101 5add7f42 2023-03-10 op if (parsed != 0 && c->buf_len > 0) {
102 a596b957 2022-07-14 tracey bcopy(c->buf + c->buf_pos, c->buf, c->buf_len);
103 a596b957 2022-07-14 tracey c->buf_pos = 0;
105 5add7f42 2023-03-10 op } while (parsed > 0 && c->buf_len > 0);
109 a596b957 2022-07-14 tracey fcgi_cleanup_request(c);
113 a596b957 2022-07-14 tracey fcgi_parse_record(uint8_t *buf, size_t n, struct request *c)
115 a596b957 2022-07-14 tracey struct fcgi_record_header *h;
117 a596b957 2022-07-14 tracey if (n < sizeof(struct fcgi_record_header))
118 a596b957 2022-07-14 tracey return 0;
120 a596b957 2022-07-14 tracey h = (struct fcgi_record_header*) buf;
122 a596b957 2022-07-14 tracey dump_fcgi_record("", h);
124 a596b957 2022-07-14 tracey if (n < sizeof(struct fcgi_record_header) + ntohs(h->content_len)
125 a596b957 2022-07-14 tracey + h->padding_len)
126 a596b957 2022-07-14 tracey return 0;
128 a596b957 2022-07-14 tracey if (h->version != 1)
129 a596b957 2022-07-14 tracey log_warn("wrong version");
131 a596b957 2022-07-14 tracey switch (h->type) {
132 a596b957 2022-07-14 tracey case FCGI_BEGIN_REQUEST:
133 a596b957 2022-07-14 tracey fcgi_parse_begin_request(buf +
134 a596b957 2022-07-14 tracey sizeof(struct fcgi_record_header),
135 a596b957 2022-07-14 tracey ntohs(h->content_len), c, ntohs(h->id));
137 a596b957 2022-07-14 tracey case FCGI_PARAMS:
138 a596b957 2022-07-14 tracey fcgi_parse_params(buf + sizeof(struct fcgi_record_header),
139 a596b957 2022-07-14 tracey ntohs(h->content_len), c, ntohs(h->id));
141 a596b957 2022-07-14 tracey case FCGI_STDIN:
142 a596b957 2022-07-14 tracey case FCGI_ABORT_REQUEST:
143 3ff00ead 2022-08-09 op if (c->sock->client_status != CLIENT_DISCONNECT &&
144 3ff00ead 2022-08-09 op c->outbuf_len != 0) {
145 3ff00ead 2022-08-09 op fcgi_send_response(c, FCGI_STDOUT, c->outbuf,
146 3ff00ead 2022-08-09 op c->outbuf_len);
149 a596b957 2022-07-14 tracey fcgi_create_end_record(c);
150 a596b957 2022-07-14 tracey fcgi_cleanup_request(c);
151 a596b957 2022-07-14 tracey return 0;
153 a596b957 2022-07-14 tracey log_warn("unimplemented type %d", h->type);
157 a596b957 2022-07-14 tracey return (sizeof(struct fcgi_record_header) + ntohs(h->content_len)
158 a596b957 2022-07-14 tracey + h->padding_len);
162 a596b957 2022-07-14 tracey fcgi_parse_begin_request(uint8_t *buf, uint16_t n,
163 a596b957 2022-07-14 tracey struct request *c, uint16_t id)
165 a596b957 2022-07-14 tracey /* XXX -- FCGI_CANT_MPX_CONN */
166 a596b957 2022-07-14 tracey if (c->request_started) {
167 a596b957 2022-07-14 tracey log_warn("unexpected FCGI_BEGIN_REQUEST, ignoring");
171 a596b957 2022-07-14 tracey if (n != sizeof(struct fcgi_begin_request_body)) {
172 a596b957 2022-07-14 tracey log_warn("wrong size %d != %lu", n,
173 a596b957 2022-07-14 tracey sizeof(struct fcgi_begin_request_body));
177 a596b957 2022-07-14 tracey c->request_started = 1;
178 a596b957 2022-07-14 tracey c->id = id;
182 a596b957 2022-07-14 tracey fcgi_parse_params(uint8_t *buf, uint16_t n, struct request *c, uint16_t id)
184 a596b957 2022-07-14 tracey uint32_t name_len, val_len;
185 c8af7691 2023-06-22 op uint8_t *val;
187 a596b957 2022-07-14 tracey if (!c->request_started) {
188 a596b957 2022-07-14 tracey log_warn("FCGI_PARAMS without FCGI_BEGIN_REQUEST, ignoring");
192 a596b957 2022-07-14 tracey if (c->id != id) {
193 a596b957 2022-07-14 tracey log_warn("unexpected id, ignoring");
197 a596b957 2022-07-14 tracey if (n == 0) {
198 a596b957 2022-07-14 tracey gotweb_process_request(c);
202 a596b957 2022-07-14 tracey while (n > 0) {
203 a596b957 2022-07-14 tracey if (buf[0] >> 7 == 0) {
204 a596b957 2022-07-14 tracey name_len = buf[0];
208 a596b957 2022-07-14 tracey if (n > 3) {
209 a596b957 2022-07-14 tracey name_len = ((buf[0] & 0x7f) << 24) +
210 a596b957 2022-07-14 tracey (buf[1] << 16) + (buf[2] << 8) + buf[3];
212 a596b957 2022-07-14 tracey buf += 4;
220 40a95f4f 2022-09-01 op if (buf[0] >> 7 == 0) {
221 40a95f4f 2022-09-01 op val_len = buf[0];
226 40a95f4f 2022-09-01 op val_len = ((buf[0] & 0x7f) << 24) +
227 40a95f4f 2022-09-01 op (buf[1] << 16) + (buf[2] << 8) +
235 40a95f4f 2022-09-01 op if (n < name_len + val_len)
238 40a95f4f 2022-09-01 op val = buf + name_len;
240 40a95f4f 2022-09-01 op if (c->querystring[0] == '\0' &&
241 40a95f4f 2022-09-01 op val_len < MAX_QUERYSTRING &&
242 40a95f4f 2022-09-01 op name_len == 12 &&
243 40a95f4f 2022-09-01 op strncmp(buf, "QUERY_STRING", 12) == 0) {
244 40a95f4f 2022-09-01 op memcpy(c->querystring, val, val_len);
245 a596b957 2022-07-14 tracey c->querystring[val_len] = '\0';
248 d19d9fce 2022-12-20 op if (c->document_uri[0] == '\0' &&
249 d19d9fce 2022-12-20 op val_len < MAX_DOCUMENT_URI &&
250 d19d9fce 2022-12-20 op name_len == 12 &&
251 d19d9fce 2022-12-20 op strncmp(buf, "DOCUMENT_URI", 12) == 0) {
252 d19d9fce 2022-12-20 op memcpy(c->document_uri, val, val_len);
253 d19d9fce 2022-12-20 op c->document_uri[val_len] = '\0';
256 40a95f4f 2022-09-01 op if (c->server_name[0] == '\0' &&
257 40a95f4f 2022-09-01 op val_len < MAX_SERVER_NAME &&
258 40a95f4f 2022-09-01 op name_len == 11 &&
259 40a95f4f 2022-09-01 op strncmp(buf, "SERVER_NAME", 11) == 0) {
260 40a95f4f 2022-09-01 op memcpy(c->server_name, val, val_len);
261 a596b957 2022-07-14 tracey c->server_name[val_len] = '\0';
264 1abb18e1 2022-12-20 op if (name_len == 5 &&
265 1abb18e1 2022-12-20 op strncmp(buf, "HTTPS", 5) == 0)
266 1abb18e1 2022-12-20 op c->https = 1;
268 40a95f4f 2022-09-01 op buf += name_len + val_len;
269 40a95f4f 2022-09-01 op n -= name_len - val_len;
274 a596b957 2022-07-14 tracey fcgi_timeout(int fd, short events, void *arg)
276 a596b957 2022-07-14 tracey fcgi_cleanup_request((struct request*) arg);
280 ed619ca0 2022-12-14 op fcgi_puts(struct template *tp, const char *str)
282 ed619ca0 2022-12-14 op if (str == NULL)
284 ed619ca0 2022-12-14 op return fcgi_gen_binary_response(tp->tp_arg, str, strlen(str));
288 ed619ca0 2022-12-14 op fcgi_putc(struct template *tp, int ch)
290 ed619ca0 2022-12-14 op uint8_t c = ch;
291 ed619ca0 2022-12-14 op return fcgi_gen_binary_response(tp->tp_arg, &c, 1);
295 8d02314f 2022-09-07 op fcgi_vprintf(struct request *c, const char *fmt, va_list ap)
300 01498c42 2022-08-19 op r = vasprintf(&str, fmt, ap);
301 01498c42 2022-08-19 op if (r == -1) {
302 01498c42 2022-08-19 op log_warn("%s: asprintf", __func__);
306 01498c42 2022-08-19 op r = fcgi_gen_binary_response(c, str, r);
312 8d02314f 2022-09-07 op fcgi_printf(struct request *c, const char *fmt, ...)
317 8d02314f 2022-09-07 op va_start(ap, fmt);
318 8d02314f 2022-09-07 op r = fcgi_vprintf(c, fmt, ap);
325 a596b957 2022-07-14 tracey fcgi_gen_binary_response(struct request *c, const uint8_t *data, int len)
329 a596b957 2022-07-14 tracey if (c->sock->client_status == CLIENT_DISCONNECT)
330 a596b957 2022-07-14 tracey return -1;
332 9dd0e5e9 2022-07-28 op if (data == NULL || len == 0)
333 a596b957 2022-07-14 tracey return 0;
336 3ff00ead 2022-08-09 op * special case: send big replies -like blobs- directly
337 3ff00ead 2022-08-09 op * without copying.
339 3ff00ead 2022-08-09 op if (len > sizeof(c->outbuf)) {
340 3ff00ead 2022-08-09 op if (c->outbuf_len > 0) {
341 3ff00ead 2022-08-09 op fcgi_send_response(c, FCGI_STDOUT,
342 3ff00ead 2022-08-09 op c->outbuf, c->outbuf_len);
343 3ff00ead 2022-08-09 op c->outbuf_len = 0;
345 3ff00ead 2022-08-09 op return fcgi_send_response(c, FCGI_STDOUT, data, len);
348 3ff00ead 2022-08-09 op if (len < sizeof(c->outbuf) - c->outbuf_len) {
349 3ff00ead 2022-08-09 op memcpy(c->outbuf + c->outbuf_len, data, len);
350 3ff00ead 2022-08-09 op c->outbuf_len += len;
354 3ff00ead 2022-08-09 op r = fcgi_send_response(c, FCGI_STDOUT, c->outbuf, c->outbuf_len);
358 3ff00ead 2022-08-09 op memcpy(c->outbuf, data, len);
359 3ff00ead 2022-08-09 op c->outbuf_len = len;
360 a596b957 2022-07-14 tracey return 0;
364 311b7e33 2022-08-01 op send_response(struct request *c, int type, const uint8_t *data,
367 311b7e33 2022-08-01 op static const uint8_t padding[FCGI_PADDING_SIZE];
368 311b7e33 2022-08-01 op struct fcgi_record_header header;
369 311b7e33 2022-08-01 op struct iovec iov[3];
370 a596b957 2022-07-14 tracey struct timespec ts;
372 311b7e33 2022-08-01 op size_t padded_len, tot;
373 311b7e33 2022-08-01 op int i, err = 0, th = 2000;
375 a596b957 2022-07-14 tracey ts.tv_sec = 0;
376 a596b957 2022-07-14 tracey ts.tv_nsec = 50;
378 311b7e33 2022-08-01 op memset(&header, 0, sizeof(header));
379 311b7e33 2022-08-01 op header.version = 1;
380 311b7e33 2022-08-01 op header.type = type;
381 311b7e33 2022-08-01 op header.id = htons(c->id);
382 311b7e33 2022-08-01 op header.content_len = htons(len);
384 a596b957 2022-07-14 tracey /* The FastCGI spec suggests to align the output buffer */
385 311b7e33 2022-08-01 op tot = sizeof(header) + len;
386 311b7e33 2022-08-01 op padded_len = FCGI_ALIGN(tot);
387 311b7e33 2022-08-01 op if (padded_len > tot) {
388 311b7e33 2022-08-01 op header.padding_len = padded_len - tot;
389 311b7e33 2022-08-01 op tot += header.padding_len;
392 311b7e33 2022-08-01 op iov[0].iov_base = &header;
393 311b7e33 2022-08-01 op iov[0].iov_len = sizeof(header);
395 311b7e33 2022-08-01 op iov[1].iov_base = (void *)data;
396 311b7e33 2022-08-01 op iov[1].iov_len = len;
398 311b7e33 2022-08-01 op iov[2].iov_base = (void *)padding;
399 311b7e33 2022-08-01 op iov[2].iov_len = header.padding_len;
401 311b7e33 2022-08-01 op dump_fcgi_record("resp ", &header);
404 a596b957 2022-07-14 tracey * XXX: add some simple write heuristics here
405 a596b957 2022-07-14 tracey * On slower VMs, spotty connections, etc., we don't want to go right to
406 a596b957 2022-07-14 tracey * disconnect. Let's at least try to write the data a few times before
407 a596b957 2022-07-14 tracey * giving up.
409 311b7e33 2022-08-01 op while (tot > 0) {
410 311b7e33 2022-08-01 op nw = writev(c->fd, iov, nitems(iov));
411 cb8b8986 2022-07-28 op if (nw == 0) {
412 cb8b8986 2022-07-28 op c->sock->client_status = CLIENT_DISCONNECT;
415 cb8b8986 2022-07-28 op if (nw == -1) {
417 cb8b8986 2022-07-28 op if (errno == EAGAIN && err < th) {
418 cb8b8986 2022-07-28 op nanosleep(&ts, NULL);
421 8a078d7f 2023-05-17 op log_debug("%s: write failure: %s", __func__,
422 8a078d7f 2023-05-17 op strerror(errno));
423 a596b957 2022-07-14 tracey c->sock->client_status = CLIENT_DISCONNECT;
427 311b7e33 2022-08-01 op if (nw != tot)
428 311b7e33 2022-08-01 op log_debug("%s: partial write: %zu vs %zu", __func__,
432 311b7e33 2022-08-01 op for (i = 0; i < nitems(iov); ++i) {
433 311b7e33 2022-08-01 op if (nw < iov[i].iov_len) {
434 311b7e33 2022-08-01 op iov[i].iov_base += nw;
435 311b7e33 2022-08-01 op iov[i].iov_len -= nw;
438 311b7e33 2022-08-01 op nw -= iov[i].iov_len;
439 311b7e33 2022-08-01 op iov[i].iov_len = 0;
447 311b7e33 2022-08-01 op fcgi_send_response(struct request *c, int type, const void *data,
450 3ff00ead 2022-08-09 op if (c->sock->client_status == CLIENT_DISCONNECT)
453 311b7e33 2022-08-01 op while (len > FCGI_CONTENT_SIZE) {
454 3ff00ead 2022-08-09 op if (send_response(c, type, data, len) == -1)
457 311b7e33 2022-08-01 op data += FCGI_CONTENT_SIZE;
458 311b7e33 2022-08-01 op len -= FCGI_CONTENT_SIZE;
461 311b7e33 2022-08-01 op if (len == 0)
464 3ff00ead 2022-08-09 op return send_response(c, type, data, len);
468 a596b957 2022-07-14 tracey fcgi_create_end_record(struct request *c)
470 311b7e33 2022-08-01 op struct fcgi_end_request_body end_request;
472 311b7e33 2022-08-01 op memset(&end_request, 0, sizeof(end_request));
473 311b7e33 2022-08-01 op end_request.app_status = htonl(0); /* script status */
474 311b7e33 2022-08-01 op end_request.protocol_status = FCGI_REQUEST_COMPLETE;
476 311b7e33 2022-08-01 op fcgi_send_response(c, FCGI_END_REQUEST, &end_request,
477 311b7e33 2022-08-01 op sizeof(end_request));
481 a596b957 2022-07-14 tracey fcgi_cleanup_request(struct request *c)
483 a596b957 2022-07-14 tracey cgi_inflight--;
484 a596b957 2022-07-14 tracey client_cnt--;
486 a596b957 2022-07-14 tracey evtimer_del(&c->tmo);
487 a596b957 2022-07-14 tracey if (event_initialized(&c->ev))
488 a596b957 2022-07-14 tracey event_del(&c->ev);
490 a596b957 2022-07-14 tracey close(c->fd);
491 ed619ca0 2022-12-14 op template_free(c->tp);
492 5add7f42 2023-03-10 op if (c->t != NULL)
493 5add7f42 2023-03-10 op gotweb_free_transport(c->t);
498 a596b957 2022-07-14 tracey dump_fcgi_record(const char *p, struct fcgi_record_header *h)
500 a596b957 2022-07-14 tracey dump_fcgi_record_header(p, h);
502 a596b957 2022-07-14 tracey if (h->type == FCGI_BEGIN_REQUEST)
503 a596b957 2022-07-14 tracey dump_fcgi_begin_request_body(p,
504 a596b957 2022-07-14 tracey (struct fcgi_begin_request_body *)(h + 1));
505 a596b957 2022-07-14 tracey else if (h->type == FCGI_END_REQUEST)
506 a596b957 2022-07-14 tracey dump_fcgi_end_request_body(p,
507 a596b957 2022-07-14 tracey (struct fcgi_end_request_body *)(h + 1));
511 a596b957 2022-07-14 tracey dump_fcgi_record_header(const char* p, struct fcgi_record_header *h)
513 a596b957 2022-07-14 tracey log_debug("%sversion: %d", p, h->version);
514 a596b957 2022-07-14 tracey log_debug("%stype: %d", p, h->type);
515 a596b957 2022-07-14 tracey log_debug("%srequestId: %d", p, ntohs(h->id));
516 a596b957 2022-07-14 tracey log_debug("%scontentLength: %d", p, ntohs(h->content_len));
517 a596b957 2022-07-14 tracey log_debug("%spaddingLength: %d", p, h->padding_len);
518 a596b957 2022-07-14 tracey log_debug("%sreserved: %d", p, h->reserved);
522 a596b957 2022-07-14 tracey dump_fcgi_begin_request_body(const char *p, struct fcgi_begin_request_body *b)
524 a596b957 2022-07-14 tracey log_debug("%srole %d", p, ntohs(b->role));
525 a596b957 2022-07-14 tracey log_debug("%sflags %d", p, b->flags);
529 a596b957 2022-07-14 tracey dump_fcgi_end_request_body(const char *p, struct fcgi_end_request_body *b)
531 a596b957 2022-07-14 tracey log_debug("%sappStatus: %d", p, ntohl(b->app_status));
532 a596b957 2022-07-14 tracey log_debug("%sprotocolStatus: %d", p, b->protocol_status);