search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
set dynamic's request complete time just once (from close_connection())
[mod_fastcgi.git] / mod_fastcgi.c
blob670f1483f51689dd98483306ae367cca4c11a68b
1 /*
2 * mod_fastcgi.c --
3 *
4 * Apache server module for FastCGI.
5 *
6 * $Id: mod_fastcgi.c,v 1.130 2002/03/13 18:32:34 robs Exp $
7 *
8 * Copyright (c) 1995-1996 Open Market, Inc.
9 *
10 * See the file "LICENSE.TERMS" for information on usage and redistribution
11 * of this file, and for a DISCLAIMER OF ALL WARRANTIES.
12 *
13 *
14 * Patches for Apache-1.1 provided by
15 * Ralf S. Engelschall
16 * <rse@en.muc.de>
17 *
18 * Patches for Linux provided by
19 * Scott Langley
20 * <langles@vote-smart.org>
21 *
22 * Patches for suexec handling by
23 * Brian Grossman <brian@SoftHome.net> and
24 * Rob Saccoccio <robs@ipass.net>
25 */
26
27 /*
28 * Module design notes.
29 *
30 * 1. Restart cleanup.
31 *
32 * mod_fastcgi spawns several processes: one process manager process
33 * and several application processes. None of these processes
34 * handle SIGHUP, so they just go away when the Web server performs
35 * a restart (as Apache does every time it starts.)
36 *
37 * In order to allow the process manager to properly cleanup the
38 * running fastcgi processes (without being disturbed by Apache),
39 * an intermediate process was introduced. The diagram is as follows;
40 *
41 * ApacheWS --> MiddleProc --> ProcMgr --> FCGI processes
42 *
43 * On a restart, ApacheWS sends a SIGKILL to MiddleProc and then
44 * collects it via waitpid(). The ProcMgr periodically checks for
45 * its parent (via getppid()) and if it does not have one, as in
46 * case when MiddleProc has terminated, ProcMgr issues a SIGTERM
47 * to all FCGI processes, waitpid()s on them and then exits, so it
48 * can be collected by init(1). Doing it any other way (short of
49 * changing Apache API), results either in inconsistent results or
50 * in generation of zombie processes.
51 *
52 * XXX: How does Apache 1.2 implement "gentle" restart
53 * that does not disrupt current connections? How does
54 * gentle restart interact with restart cleanup?
55 *
56 * 2. Request timeouts.
57 *
58 * Earlier versions of this module used ap_soft_timeout() rather than
59 * ap_hard_timeout() and ate FastCGI server output until it completed.
60 * This precluded the FastCGI server from having to implement a
61 * SIGPIPE handler, but meant hanging the application longer than
62 * necessary. SIGPIPE handler now must be installed in ALL FastCGI
63 * applications. The handler should abort further processing and go
64 * back into the accept() loop.
65 *
66 * Although using ap_soft_timeout() is better than ap_hard_timeout()
67 * we have to be more careful about SIGINT handling and subsequent
68 * processing, so, for now, make it hard.
69 */
70
71
72 #include "fcgi.h"
73
74 #ifndef timersub
75 #define timersub(a, b, result) \
76 do { \
77 (result)->tv_sec = (a)->tv_sec - (b)->tv_sec; \
78 (result)->tv_usec = (a)->tv_usec - (b)->tv_usec; \
79 if ((result)->tv_usec < 0) { \
80 --(result)->tv_sec; \
81 (result)->tv_usec += 1000000; \
82 } \
83 } while (0)
84 #endif
85
86 /*
87 * Global variables
88 */
89
90 pool *fcgi_config_pool; /* the config pool */
91 server_rec *fcgi_apache_main_server;
92
93 const char *fcgi_wrapper = NULL; /* wrapper path */
94 uid_t fcgi_user_id; /* the run uid of Apache & PM */
95 gid_t fcgi_group_id; /* the run gid of Apache & PM */
96
97 fcgi_server *fcgi_servers = NULL; /* AppClasses */
98
99 char *fcgi_socket_dir = DEFAULT_SOCK_DIR; /* default FastCgiIpcDir */
100
101 char *fcgi_dynamic_dir = NULL; /* directory for the dynamic
102 * fastcgi apps' sockets */
103
104 #ifdef WIN32
105
106 #pragma warning( disable : 4706 4100 4127)
107 fcgi_pm_job *fcgi_dynamic_mbox = NULL;
108 HANDLE *fcgi_dynamic_mbox_mutex = NULL;
109 HANDLE fcgi_pm_thread = INVALID_HANDLE_VALUE;
110
111 #else
112
113 int fcgi_pm_pipe[2] = { -1, -1 };
114 pid_t fcgi_pm_pid = -1;
115
116 #endif
117
118 char *fcgi_empty_env = NULL;
119
120 u_int dynamicMaxProcs = FCGI_DEFAULT_MAX_PROCS;
121 int dynamicMinProcs = FCGI_DEFAULT_MIN_PROCS;
122 int dynamicMaxClassProcs = FCGI_DEFAULT_MAX_CLASS_PROCS;
123 u_int dynamicKillInterval = FCGI_DEFAULT_KILL_INTERVAL;
124 u_int dynamicUpdateInterval = FCGI_DEFAULT_UPDATE_INTERVAL;
125 float dynamicGain = FCGI_DEFAULT_GAIN;
126 int dynamicThreshold1 = FCGI_DEFAULT_THRESHOLD_1;
127 int dynamicThresholdN = FCGI_DEFAULT_THRESHOLD_N;
128 u_int dynamicPleaseStartDelay = FCGI_DEFAULT_START_PROCESS_DELAY;
129 u_int dynamicAppConnectTimeout = FCGI_DEFAULT_APP_CONN_TIMEOUT;
130 char **dynamicEnvp = &fcgi_empty_env;
131 u_int dynamicProcessSlack = FCGI_DEFAULT_PROCESS_SLACK;
132 int dynamicAutoRestart = FCGI_DEFAULT_RESTART_DYNAMIC;
133 int dynamicAutoUpdate = FCGI_DEFAULT_AUTOUPDATE;
134 int dynamicFlush = FCGI_FLUSH;
135 u_int dynamicListenQueueDepth = FCGI_DEFAULT_LISTEN_Q;
136 u_int dynamicInitStartDelay = DEFAULT_INIT_START_DELAY;
137 u_int dynamicRestartDelay = FCGI_DEFAULT_RESTART_DELAY;
138 array_header *dynamic_pass_headers = NULL;
139 u_int dynamic_idle_timeout = FCGI_DEFAULT_IDLE_TIMEOUT;
140
141 /*******************************************************************************
142 * Construct a message and write it to the pm_pipe.
143 */
144 static void send_to_pm(const char id, const char * const fs_path,
145 const char *user, const char * const group, const unsigned long q_usec,
146 const unsigned long req_usec)
147 {
148 #ifdef WIN32
149 fcgi_pm_job *job = NULL;
150
151 if (!(job = (fcgi_pm_job *) malloc(sizeof(fcgi_pm_job))))
152 return;
153 #else
154 static int failed_count = 0;
155 int buflen = 0;
156 char buf[FCGI_MAX_MSG_LEN];
157 #endif
158
159 if (strlen(fs_path) > FCGI_MAXPATH) {
160 ap_log_error(FCGI_LOG_ERR_NOERRNO, fcgi_apache_main_server,
161 "FastCGI: the path \"%s\" is too long (>%d) for a dynamic server", fs_path, FCGI_MAXPATH);
162 return;
163 }
164
165 switch(id) {
166
167 case FCGI_SERVER_START_JOB:
168 case FCGI_SERVER_RESTART_JOB:
169 #ifdef WIN32
170 job->id = id;
171 job->fs_path = strdup(fs_path);
172 job->user = strdup(user);
173 job->group = strdup(group);
174 job->qsec = 0L;
175 job->start_time = 0L;
176 #else
177 buflen = sprintf(buf, "%c %s %s %s*", id, fs_path, user, group);
178 #endif
179 break;
180
181 case FCGI_REQUEST_TIMEOUT_JOB:
182 #ifdef WIN32
183 job->id = id;
184 job->fs_path = strdup(fs_path);
185 job->user = strdup(user);
186 job->group = strdup(group);
187 job->qsec = 0L;
188 job->start_time = 0L;
189 #else
190 buflen = sprintf(buf, "%c %s %s %s*", id, fs_path, user, group);
191 #endif
192 break;
193
194 case FCGI_REQUEST_COMPLETE_JOB:
195 #ifdef WIN32
196 job->id = id;
197 job->fs_path = strdup(fs_path);
198 job->qsec = q_usec;
199 job->start_time = req_usec;
200 job->user = strdup(user);
201 job->group = strdup(group);
202 #else
203 buflen = sprintf(buf, "%c %s %s %s %lu %lu*", id, fs_path, user, group, q_usec, req_usec);
204 #endif
205 break;
206 }
207
208 #ifdef WIN32
209 if (fcgi_pm_add_job(job)) return;
210
211 SetEvent(fcgi_event_handles[MBOX_EVENT]);
212 #else
213 ap_assert(buflen <= FCGI_MAX_MSG_LEN);
214
215 /* There is no apache flag or function that can be used to id
216 * restart/shutdown pending so ignore the first few failures as
217 * once it breaks it will stay broke */
218 if (write(fcgi_pm_pipe[1], (const void *)buf, buflen) != buflen
219 && failed_count++ > 10)
220 {
221 ap_log_error(FCGI_LOG_WARN, fcgi_apache_main_server,
222 "FastCGI: write() to PM failed (ignore if a restart or shutdown is pending)");
223 }
224 #endif
225 }
226
227 /*
228 *----------------------------------------------------------------------
229 *
230 * init_module
231 *
232 * An Apache module initializer, called by the Apache core
233 * after reading the server config.
234 *
235 * Start the process manager no matter what, since there may be a
236 * request for dynamic FastCGI applications without any being
237 * configured as static applications. Also, check for the existence
238 * and create if necessary a subdirectory into which all dynamic
239 * sockets will go.
240 *
241 *----------------------------------------------------------------------
242 */
243 static void init_module(server_rec *s, pool *p)
244 {
245 const char *err;
246
247 /* Register to reset to default values when the config pool is cleaned */
248 ap_block_alarms();
249 ap_register_cleanup(p, NULL, fcgi_config_reset_globals, ap_null_cleanup);
250 ap_unblock_alarms();
251
252 ap_add_version_component("mod_fastcgi/" MOD_FASTCGI_VERSION);
253
254 fcgi_config_set_fcgi_uid_n_gid(1);
255
256 /* keep these handy */
257 fcgi_config_pool = p;
258 fcgi_apache_main_server = s;
259
260 #ifndef WIN32
261 /* Create Unix/Domain socket directory */
262 if ((err = fcgi_config_make_dir(p, fcgi_socket_dir)))
263 ap_log_error(FCGI_LOG_ERR, s, "FastCGI: %s", err);
264 #endif
265
266 /* Create Dynamic directory */
267 if ((err = fcgi_config_make_dynamic_dir(p, 1)))
268 ap_log_error(FCGI_LOG_ERR, s, "FastCGI: %s", err);
269
270 #ifndef WIN32
271 /* Spawn the PM only once. Under Unix, Apache calls init() routines
272 * twice, once before detach() and once after. Win32 doesn't detach.
273 * Under DSO, DSO modules are unloaded between the two init() calls.
274 * Under Unix, the -X switch causes two calls to init() but no detach
275 * (but all subprocesses are wacked so the PM is toasted anyway)! */
276
277 if (ap_standalone && ap_restart_time == 0)
278 return;
279
280 /* Create the pipe for comm with the PM */
281 if (pipe(fcgi_pm_pipe) < 0) {
282 ap_log_error(FCGI_LOG_ERR, s, "FastCGI: pipe() failed");
283 }
284
285 /* Start the Process Manager */
286 fcgi_pm_pid = ap_spawn_child(p, fcgi_pm_main, NULL, kill_only_once, NULL, NULL, NULL);
287 if (fcgi_pm_pid <= 0) {
288 ap_log_error(FCGI_LOG_ALERT, s,
289 "FastCGI: can't start the process manager, spawn_child() failed");
290 }
291
292 close(fcgi_pm_pipe[0]);
293 #endif
294 }
295
296 static void fcgi_child_init(server_rec *dc0, pool *dc1)
297 {
298 #ifdef WIN32
299 /* Create the MBOX, TERM, and WAKE event handlers */
300 fcgi_event_handles[0] = CreateEvent(NULL, FALSE, FALSE, NULL);
301 if (fcgi_event_handles[0] == NULL) {
302 ap_log_error(FCGI_LOG_ALERT, fcgi_apache_main_server,
303 "FastCGI: CreateEvent() failed");
304 }
305 fcgi_event_handles[1] = CreateEvent(NULL, FALSE, FALSE, NULL);
306 if (fcgi_event_handles[1] == NULL) {
307 ap_log_error(FCGI_LOG_ALERT, fcgi_apache_main_server,
308 "FastCGI: CreateEvent() failed");
309 }
310 fcgi_event_handles[2] = CreateEvent(NULL, FALSE, FALSE, NULL);
311 if (fcgi_event_handles[2] == NULL) {
312 ap_log_error(FCGI_LOG_ALERT, fcgi_apache_main_server,
313 "FastCGI: CreateEvent() failed");
314 }
315
316 /* Create the mbox mutex (PM - request threads) */
317 fcgi_dynamic_mbox_mutex = CreateMutex(NULL, FALSE, NULL);
318 if (fcgi_dynamic_mbox_mutex == NULL) {
319 ap_log_error(FCGI_LOG_ALERT, fcgi_apache_main_server,
320 "FastCGI: CreateMutex() failed");
321 }
322
323 /* Spawn of the process manager thread */
324 fcgi_pm_thread = (HANDLE) _beginthread(fcgi_pm_main, 0, NULL);
325 if (fcgi_pm_thread == (HANDLE) -1) {
326 ap_log_error(FCGI_LOG_ALERT, fcgi_apache_main_server,
327 "_beginthread() failed to spawn the process manager");
328 }
329 #endif
330
331 return;
332 }
333
334 static void fcgi_child_exit(server_rec *dc0, pool *dc1)
335 {
336 #ifdef WIN32
337 /* Signal the PM thread to exit*/
338 SetEvent(fcgi_event_handles[TERM_EVENT]);
339
340 /* Waiting on pm thread to exit */
341 WaitForSingleObject(fcgi_pm_thread, INFINITE);
342 #endif
343
344 return;
345 }
346
347 /*
348 *----------------------------------------------------------------------
349 *
350 * get_header_line --
351 *
352 * Terminate a line: scan to the next newline, scan back to the
353 * first non-space character and store a terminating zero. Return
354 * the next character past the end of the newline.
355 *
356 * If the end of the string is reached, ASSERT!
357 *
358 * If the FIRST character(s) in the line are '\n' or "\r\n", the
359 * first character is replaced with a NULL and next character
360 * past the newline is returned. NOTE: this condition supercedes
361 * the processing of RFC-822 continuation lines.
362 *
363 * If continuation is set to 'TRUE', then it parses a (possible)
364 * sequence of RFC-822 continuation lines.
365 *
366 * Results:
367 * As above.
368 *
369 * Side effects:
370 * Termination byte stored in string.
371 *
372 *----------------------------------------------------------------------
373 */
374 static char *get_header_line(char *start, int continuation)
375 {
376 char *p = start;
377 char *end = start;
378
379 if(p[0] == '\r' && p[1] == '\n') { /* If EOL in 1st 2 chars */
380 p++; /* point to \n and stop */
381 } else if(*p != '\n') {
382 if(continuation) {
383 while(*p != '\0') {
384 if(*p == '\n' && p[1] != ' ' && p[1] != '\t')
385 break;
386 p++;
387 }
388 } else {
389 while(*p != '\0' && *p != '\n') {
390 p++;
391 }
392 }
393 }
394
395 ap_assert(*p != '\0');
396 end = p;
397 end++;
398
399 /*
400 * Trim any trailing whitespace.
401 */
402 while(isspace((unsigned char)p[-1]) && p > start) {
403 p--;
404 }
405
406 *p = '\0';
407 return end;
408 }
409
410 /*
411 *----------------------------------------------------------------------
412 *
413 * process_headers --
414 *
415 * Call with r->parseHeader == SCAN_CGI_READING_HEADERS
416 * and initial script output in fr->header.
417 *
418 * If the initial script output does not include the header
419 * terminator ("\r\n\r\n") process_headers returns with no side
420 * effects, to be called again when more script output
421 * has been appended to fr->header.
422 *
423 * If the initial script output includes the header terminator,
424 * process_headers parses the headers and determines whether or
425 * not the remaining script output will be sent to the client.
426 * If so, process_headers sends the HTTP response headers to the
427 * client and copies any non-header script output to the output
428 * buffer reqOutbuf.
429 *
430 * Results:
431 * none.
432 *
433 * Side effects:
434 * May set r->parseHeader to:
435 * SCAN_CGI_FINISHED -- headers parsed, returning script response
436 * SCAN_CGI_BAD_HEADER -- malformed header from script
437 * SCAN_CGI_INT_REDIRECT -- handler should perform internal redirect
438 * SCAN_CGI_SRV_REDIRECT -- handler should return REDIRECT
439 *
440 *----------------------------------------------------------------------
441 */
442
443 static const char *process_headers(request_rec *r, fcgi_request *fr)
444 {
445 char *p, *next, *name, *value;
446 int len, flag;
447 int hasContentType, hasStatus, hasLocation;
448
449 ap_assert(fr->parseHeader == SCAN_CGI_READING_HEADERS);
450
451 if (fr->header == NULL)
452 return NULL;
453
454 /*
455 * Do we have the entire header? Scan for the blank line that
456 * terminates the header.
457 */
458 p = (char *)fr->header->elts;
459 len = fr->header->nelts;
460 flag = 0;
461 while(len-- && flag < 2) {
462 switch(*p) {
463 case '\r':
464 break;
465 case '\n':
466 flag++;
467 break;
468 case '\0':
469 case '\v':
470 case '\f':
471 name = "Invalid Character";
472 goto BadHeader;
473 break;
474 default:
475 flag = 0;
476 break;
477 }
478 p++;
479 }
480
481 /* Return (to be called later when we have more data)
482 * if we don't have an entire header. */
483 if (flag < 2)
484 return NULL;
485
486 /*
487 * Parse all the headers.
488 */
489 fr->parseHeader = SCAN_CGI_FINISHED;
490 hasContentType = hasStatus = hasLocation = FALSE;
491 next = (char *)fr->header->elts;
492 for(;;) {
493 next = get_header_line(name = next, TRUE);
494 if (*name == '\0') {
495 break;
496 }
497 if ((p = strchr(name, ':')) == NULL) {
498 goto BadHeader;
499 }
500 value = p + 1;
501 while (p != name && isspace((unsigned char)*(p - 1))) {
502 p--;
503 }
504 if (p == name) {
505 goto BadHeader;
506 }
507 *p = '\0';
508 if (strpbrk(name, " \t") != NULL) {
509 *p = ' ';
510 goto BadHeader;
511 }
512 while (isspace((unsigned char)*value)) {
513 value++;
514 }
515
516 if (strcasecmp(name, "Status") == 0) {
517 int statusValue = strtol(value, NULL, 10);
518
519 if (hasStatus) {
520 goto DuplicateNotAllowed;
521 }
522 if (statusValue < 0) {
523 fr->parseHeader = SCAN_CGI_BAD_HEADER;
524 return ap_psprintf(r->pool, "invalid Status '%s'", value);
525 }
526 hasStatus = TRUE;
527 r->status = statusValue;
528 r->status_line = ap_pstrdup(r->pool, value);
529 continue;
530 }
531
532 if (fr->role == FCGI_RESPONDER) {
533 if (strcasecmp(name, "Content-type") == 0) {
534 if (hasContentType) {
535 goto DuplicateNotAllowed;
536 }
537 hasContentType = TRUE;
538 r->content_type = ap_pstrdup(r->pool, value);
539 continue;
540 }
541
542 if (strcasecmp(name, "Location") == 0) {
543 if (hasLocation) {
544 goto DuplicateNotAllowed;
545 }
546 hasLocation = TRUE;
547 ap_table_set(r->headers_out, "Location", value);
548 continue;
549 }
550
551 /* If the script wants them merged, it can do it */
552 ap_table_add(r->err_headers_out, name, value);
553 continue;
554 }
555 else {
556 ap_table_add(fr->authHeaders, name, value);
557 }
558 }
559
560 if (fr->role != FCGI_RESPONDER)
561 return NULL;
562
563 /*
564 * Who responds, this handler or Apache?
565 */
566 if (hasLocation) {
567 const char *location = ap_table_get(r->headers_out, "Location");
568 /*
569 * Based on internal redirect handling in mod_cgi.c...
570 *
571 * If a script wants to produce its own Redirect
572 * body, it now has to explicitly *say* "Status: 302"
573 */
574 if (r->status == 200) {
575 if(location[0] == '/') {
576 /*
577 * Location is an relative path. This handler will
578 * consume all script output, then have Apache perform an
579 * internal redirect.
580 */
581 fr->parseHeader = SCAN_CGI_INT_REDIRECT;
582 return NULL;
583 } else {
584 /*
585 * Location is an absolute URL. If the script didn't
586 * produce a Content-type header, this handler will
587 * consume all script output and then have Apache generate
588 * its standard redirect response. Otherwise this handler
589 * will transmit the script's response.
590 */
591 fr->parseHeader = SCAN_CGI_SRV_REDIRECT;
592 return NULL;
593 }
594 }
595 }
596 /*
597 * We're responding. Send headers, buffer excess script output.
598 */
599 ap_send_http_header(r);
600
601 /* We need to reinstate our timeout, send_http_header() kill()s it */
602 ap_hard_timeout("FastCGI request processing", r);
603
604 if (r->header_only)
605 return NULL;
606
607 len = fr->header->nelts - (next - fr->header->elts);
608 ap_assert(len >= 0);
609 ap_assert(BufferLength(fr->clientOutputBuffer) == 0);
610 if (BufferFree(fr->clientOutputBuffer) < len) {
611 fr->clientOutputBuffer = fcgi_buf_new(r->pool, len);
612 }
613 ap_assert(BufferFree(fr->clientOutputBuffer) >= len);
614 if (len > 0) {
615 int sent = fcgi_buf_add_block(fr->clientOutputBuffer, next, len);
616 ap_assert(sent == len);
617 }
618 return NULL;
619
620 BadHeader:
621 /* Log first line of a multi-line header */
622 if ((p = strpbrk(name, "\r\n")) != NULL)
623 *p = '\0';
624 fr->parseHeader = SCAN_CGI_BAD_HEADER;
625 return ap_psprintf(r->pool, "malformed header '%s'", name);
626
627 DuplicateNotAllowed:
628 fr->parseHeader = SCAN_CGI_BAD_HEADER;
629 return ap_psprintf(r->pool, "duplicate header '%s'", name);
630 }
631
632 /*
633 * Read from the client filling both the FastCGI server buffer and the
634 * client buffer with the hopes of buffering the client data before
635 * making the connect() to the FastCGI server. This prevents slow
636 * clients from keeping the FastCGI server in processing longer than is
637 * necessary.
638 */
639 static int read_from_client_n_queue(fcgi_request *fr)
640 {
641 char *end;
642 int count;
643 long int countRead;
644
645 while (BufferFree(fr->clientInputBuffer) > 0 || BufferFree(fr->serverOutputBuffer) > 0) {
646 fcgi_protocol_queue_client_buffer(fr);
647
648 if (fr->expectingClientContent <= 0)
649 return OK;
650
651 fcgi_buf_get_free_block_info(fr->clientInputBuffer, &end, &count);
652 if (count == 0)
653 return OK;
654
655 if ((countRead = ap_get_client_block(fr->r, end, count)) < 0)
656 return -1;
657
658 if (countRead == 0) {
659 fr->expectingClientContent = 0;
660 }
661 else {
662 fcgi_buf_add_update(fr->clientInputBuffer, countRead);
663 ap_reset_timeout(fr->r);
664 }
665 }
666 return OK;
667 }
668
669 static int write_to_client(fcgi_request *fr)
670 {
671 char *begin;
672 int count;
673
674 fcgi_buf_get_block_info(fr->clientOutputBuffer, &begin, &count);
675 if (count == 0)
676 return OK;
677
678 /* If fewer than count bytes are written, an error occured.
679 * ap_bwrite() typically forces a flushed write to the client, this
680 * effectively results in a block (and short packets) - it should
681 * be fixed, but I didn't win much support for the idea on new-httpd.
682 * So, without patching Apache, the best way to deal with this is
683 * to size the fcgi_bufs to hold all of the script output (within
684 * reason) so the script can be released from having to wait around
685 * for the transmission to the client to complete. */
686 #ifdef RUSSIAN_APACHE
687 if (ap_rwrite(begin, count, fr->r) != count) {
688 ap_log_rerror(FCGI_LOG_INFO_NOERRNO, fr->r,
689 "FastCGI: client stopped connection before send body completed");
690 return -1;
691 }
692 #else
693 if (ap_bwrite(fr->r->connection->client, begin, count) != count) {
694 ap_log_rerror(FCGI_LOG_INFO_NOERRNO, fr->r,
695 "FastCGI: client stopped connection before send body completed");
696 return -1;
697 }
698 #endif
699
700 ap_reset_timeout(fr->r);
701
702 /* Don't bother with a wrapped buffer, limiting exposure to slow
703 * clients. The BUFF routines don't allow a writev from above,
704 * and don't always memcpy to minimize small write()s, this should
705 * be fixed, but I didn't win much support for the idea on
706 * new-httpd - I'll have to _prove_ its a problem first.. */
707
708 /* The default behaviour used to be to flush with every write, but this
709 * can tie up the FastCGI server longer than is necessary so its an option now */
710 if (fr->fs ? fr->fs->flush : dynamicFlush) {
711 #ifdef RUSSIAN_APACHE
712 if (ap_rflush(fr->r)) {
713 ap_log_rerror(FCGI_LOG_INFO_NOERRNO, fr->r,
714 "FastCGI: client stopped connection before send body completed");
715 return -1;
716 }
717 #else
718 if (ap_bflush(fr->r->connection->client)) {
719 ap_log_rerror(FCGI_LOG_INFO_NOERRNO, fr->r,
720 "FastCGI: client stopped connection before send body completed");
721 return -1;
722 }
723 #endif
724 ap_reset_timeout(fr->r);
725 }
726
727 fcgi_buf_toss(fr->clientOutputBuffer, count);
728 return OK;
729 }
730
731 /*******************************************************************************
732 * Determine the user and group the wrapper should be called with.
733 * Based on code in Apache's create_argv_cmd() (util_script.c).
734 */
735 static void set_uid_n_gid(request_rec *r, const char **user, const char **group)
736 {
737 if (fcgi_wrapper == NULL) {
738 *user = "-";
739 *group = "-";
740 return;
741 }
742
743 if (strncmp("/~", r->uri, 2) == 0) {
744 /* its a user dir uri, just send the ~user, and leave it to the PM */
745 char *end = strchr(r->uri + 2, '/');
746
747 if (end)
748 *user = memcpy(ap_pcalloc(r->pool, end - r->uri), r->uri + 1, end - r->uri - 1);
749 else
750 *user = ap_pstrdup(r->pool, r->uri + 1);
751 *group = "-";
752 }
753 else {
754 *user = ap_psprintf(r->pool, "%ld", (long)r->server->server_uid);
755 *group = ap_psprintf(r->pool, "%ld", (long)r->server->server_gid);
756 }
757 }
758
759 static void send_request_complete(fcgi_request *fr)
760 {
761 if (fr->completeTime.tv_sec)
762 {
763 struct timeval qtime, rtime;
764
765 timersub(&fr->queueTime, &fr->startTime, &qtime);
766 timersub(&fr->completeTime, &fr->queueTime, &rtime);
767
768 send_to_pm(FCGI_REQUEST_COMPLETE_JOB, fr->fs_path,
769 fr->user, fr->group,
770 qtime.tv_sec * 1000000 + qtime.tv_usec,
771 rtime.tv_sec * 1000000 + rtime.tv_usec);
772 }
773 }
774
775 #ifdef WIN32
776
777 static int set_nonblocking(const fcgi_request * fr, int nonblocking)
778 {
779 if (fr->using_npipe_io)
780 {
781 if (nonblocking)
782 {
783 DWORD mode = PIPE_NOWAIT | PIPE_READMODE_BYTE;
784 if (SetNamedPipeHandleState((HANDLE) fr->fd, &mode, NULL, NULL) == 0)
785 {
786 ap_log_rerror(FCGI_LOG_ERR, fr->r,
787 "FastCGI: SetNamedPipeHandleState() failed");
788 return -1;
789 }
790 }
791 }
792 else
793 {
794 unsigned long ioctl_arg = (nonblocking) ? 1 : 0;
795 if (ioctlsocket(fr->fd, FIONBIO, &ioctl_arg) != 0)
796 {
797 errno = WSAGetLastError();
798 ap_log_rerror(FCGI_LOG_ERR_ERRNO, fr->r,
799 "FastCGI: ioctlsocket() failed");
800 return -1;
801 }
802 }
803
804 return 0;
805 }
806
807 #else
808
809 static int set_nonblocking(const fcgi_request * fr, int nonblocking)
810 {
811 int nb_flag = 0;
812 int fd_flags = fcntl(fr->fd, F_GETFL, 0);
813
814 if (fd_flags < 0) return -1;
815
816 #if defined(O_NONBLOCK)
817 nb_flag = O_NONBLOCK;
818 #elif defined(O_NDELAY)
819 nb_flag = O_NDELAY;
820 #elif defined(FNDELAY)
821 nb_flag = FNDELAY;
822 #else
823 #error "TODO - don't read from app until all data from client is posted."
824 #endif
825
826 fd_flags = (nonblocking) ? (fd_flags | nb_flag) : (fd_flags & ~nb_flag);
827
828 return fcntl(fr->fd, F_SETFL, fd_flags);
829 }
830
831 #endif
832
833 /*******************************************************************************
834 * Close the connection to the FastCGI server. This is normally called by
835 * do_work(), but may also be called as in request pool cleanup.
836 */
837 static void close_connection_to_fs(fcgi_request *fr)
838 {
839 #ifdef WIN32
840
841 if (fr->fd != INVALID_SOCKET)
842 {
843 set_nonblocking(fr, FALSE);
844
845 if (fr->using_npipe_io)
846 {
847 CloseHandle((HANDLE) fr->fd);
848 }
849 else
850 {
851 /* abort the connection entirely */
852 struct linger linger = {0, 0};
853 setsockopt(fr->fd, SOL_SOCKET, SO_LINGER, (void *) &linger, sizeof(linger));
854 closesocket(fr->fd);
855 }
856
857 fr->fd = INVALID_SOCKET;
858
859 #else /* ! WIN32 */
860
861 if (fr->fd >= 0)
862 {
863 struct linger linger = {0, 0};
864 set_nonblocking(fr, FALSE);
865 /* abort the connection entirely */
866 setsockopt(fr->fd, SOL_SOCKET, SO_LINGER, &linger, sizeof(linger));
867 closesocket(fr->fd);
868 fr->fd = -1;
869
870 #endif /* ! WIN32 */
871
872 if (fr->dynamic && fr->keepReadingFromFcgiApp == FALSE)
873 {
874 /* XXX FCGI_REQUEST_COMPLETE_JOB is only sent for requests which complete
875 * normally WRT the fcgi app. There is no data sent for
876 * connect() timeouts or requests which complete abnormally.
877 * KillDynamicProcs() and RemoveRecords() need to be looked at
878 * to be sure they can reasonably handle these cases before
879 * sending these sort of stats - theres some funk in there.
880 */
881 if (fcgi_util_ticks(&fr->completeTime) < 0)
882 {
883 /* there's no point to aborting the request, just log it */
884 ap_log_error(FCGI_LOG_ERR, fr->r->server, "FastCGI: can't get time of day");
885 }
886 }
887 }
888 }
889
890 /*******************************************************************************
891 * Connect to the FastCGI server.
892 */
893 static int open_connection_to_fs(fcgi_request *fr)
894 {
895 struct timeval tval;
896 fd_set write_fds, read_fds;
897 int status;
898 request_rec * const r = fr->r;
899 pool * const rp = r->pool;
900 const char *socket_path = NULL;
901 struct sockaddr *socket_addr = NULL;
902 int socket_addr_len = 0;
903 #ifndef WIN32
904 const char *err = NULL;
905 #endif
906
907 /* Create the connection point */
908 if (fr->dynamic)
909 {
910 socket_path = fcgi_util_socket_hash_filename(rp, fr->fs_path, fr->user, fr->group);
911 socket_path = fcgi_util_socket_make_path_absolute(rp, socket_path, 1);
912
913 #ifndef WIN32
914 err = fcgi_util_socket_make_domain_addr(rp, (struct sockaddr_un **)&socket_addr,
915 &socket_addr_len, socket_path);
916 if (err) {
917 ap_log_rerror(FCGI_LOG_ERR, r,
918 "FastCGI: failed to connect to server \"%s\": "
919 "%s", fr->fs_path, err);
920 return FCGI_FAILED;
921 }
922 #endif
923 }
924 else
925 {
926 #ifdef WIN32
927 if (fr->fs->dest_addr != NULL) {
928 socket_addr = fr->fs->dest_addr;
929 }
930 else if (fr->fs->socket_addr) {
931 socket_addr = fr->fs->socket_addr;
932 }
933 else {
934 socket_path = fr->fs->socket_path;
935 }
936 #else
937 socket_addr = fr->fs->socket_addr;
938 #endif
939 socket_addr_len = fr->fs->socket_addr_len;
940 }
941
942 if (fr->dynamic)
943 {
944 #ifdef WIN32
945 if (fr->fs && fr->fs->restartTime)
946 #else
947 struct stat sock_stat;
948
949 if (stat(socket_path, &sock_stat) == 0)
950 #endif
951 {
952 // It exists
953 if (dynamicAutoUpdate)
954 {
955 struct stat app_stat;
956
957 /* TODO: follow sym links */
958
959 if (stat(fr->fs_path, &app_stat) == 0)
960 {
961 #ifdef WIN32
962 if (fr->fs->restartTime < app_stat.st_mtime)
963 #else
964 if (sock_stat.st_mtime < app_stat.st_mtime)
965 #endif
966 {
967 #ifndef WIN32
968 struct timeval tv = {1, 0};
969 #endif
970 /*
971 * There's a newer one, request a restart.
972 */
973 send_to_pm(FCGI_SERVER_RESTART_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
974
975 #ifdef WIN32
976 Sleep(1000);
977 #else
978 /* Avoid sleep/alarm interactions */
979 ap_select(0, NULL, NULL, NULL, &tv);
980 #endif
981 }
982 }
983 }
984 }
985 else
986 {
987 send_to_pm(FCGI_SERVER_START_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
988
989 /* Wait until it looks like its running */
990
991 for (;;)
992 {
993 #ifdef WIN32
994 Sleep(1000);
995
996 fr->fs = fcgi_util_fs_get_by_id(fr->fs_path, 0, 0);
997
998 if (fr->fs && fr->fs->restartTime)
999 #else
1000 struct timeval tv = {1, 0};
1001
1002 /* Avoid sleep/alarm interactions */
1003 ap_select(0, NULL, NULL, NULL, &tv);
1004
1005 if (stat(socket_path, &sock_stat) == 0)
1006 #endif
1007 {
1008 break;
1009 }
1010 }
1011 }
1012 }
1013
1014 #ifdef WIN32
1015 if (socket_path)
1016 {
1017 BOOL ready;
1018 DWORD connect_time;
1019 int rv;
1020 HANDLE wait_npipe_mutex;
1021 DWORD interval;
1022 DWORD max_connect_time = FCGI_NAMED_PIPE_CONNECT_TIMEOUT;
1023
1024 fr->using_npipe_io = TRUE;
1025
1026 if (fr->dynamic)
1027 {
1028 interval = dynamicPleaseStartDelay * 1000;
1029
1030 if (dynamicAppConnectTimeout) {
1031 max_connect_time = dynamicAppConnectTimeout;
1032 }
1033 }
1034 else
1035 {
1036 interval = FCGI_NAMED_PIPE_CONNECT_TIMEOUT * 1000;
1037
1038 if (fr->fs->appConnectTimeout) {
1039 max_connect_time = fr->fs->appConnectTimeout;
1040 }
1041 }
1042
1043 fcgi_util_ticks(&fr->startTime);
1044
1045 {
1046 // xxx this handle should live somewhere (see CloseHandle()s below too)
1047 char * wait_npipe_mutex_name, * cp;
1048 wait_npipe_mutex_name = cp = ap_pstrdup(rp, socket_path);
1049 while ((cp = strchr(cp, '\\'))) *cp = '/';
1050
1051 wait_npipe_mutex = CreateMutex(NULL, FALSE, wait_npipe_mutex_name);
1052 }
1053
1054 if (wait_npipe_mutex == NULL)
1055 {
1056 ap_log_rerror(FCGI_LOG_ERR, r,
1057 "FastCGI: failed to connect to server \"%s\": "
1058 "can't create the WaitNamedPipe mutex", fr->fs_path);
1059 return FCGI_FAILED;
1060 }
1061
1062 SetLastError(ERROR_SUCCESS);
1063
1064 rv = WaitForSingleObject(wait_npipe_mutex, max_connect_time * 1000);
1065
1066 if (rv == WAIT_TIMEOUT || rv == WAIT_FAILED)
1067 {
1068 if (fr->dynamic)
1069 {
1070 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1071 }
1072 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
1073 "FastCGI: failed to connect to server \"%s\": "
1074 "wait for a npipe instance failed", fr->fs_path);
1075 FCGIDBG3("interval=%d, max_connect_time=%d", interval, max_connect_time);
1076 CloseHandle(wait_npipe_mutex);
1077 return FCGI_FAILED;
1078 }
1079
1080 fcgi_util_ticks(&fr->queueTime);
1081
1082 connect_time = fr->queueTime.tv_sec - fr->startTime.tv_sec;
1083
1084 if (fr->dynamic)
1085 {
1086 if (connect_time >= interval)
1087 {
1088 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1089 FCGIDBG4("connect_time=%d, interval=%d, max_connect_time=%d", connect_time, interval, max_connect_time);
1090 }
1091 if (max_connect_time - connect_time < interval)
1092 {
1093 interval = max_connect_time - connect_time;
1094 }
1095 }
1096 else
1097 {
1098 interval -= connect_time * 1000;
1099 }
1100
1101 for (;;)
1102 {
1103 ready = WaitNamedPipe(socket_path, interval);
1104
1105 if (ready)
1106 {
1107 fr->fd = (SOCKET) CreateFile(socket_path,
1108 GENERIC_READ | GENERIC_WRITE,
1109 FILE_SHARE_READ | FILE_SHARE_WRITE,
1110 NULL, // no security attributes
1111 OPEN_EXISTING, // opens existing pipe
1112 FILE_FLAG_OVERLAPPED,
1113 NULL); // no template file
1114
1115 if (fr->fd != (SOCKET) INVALID_HANDLE_VALUE)
1116 {
1117 ReleaseMutex(wait_npipe_mutex);
1118 CloseHandle(wait_npipe_mutex);
1119 fcgi_util_ticks(&fr->queueTime);
1120 FCGIDBG2("got npipe connect: %s", fr->fs_path);
1121 return FCGI_OK;
1122 }
1123
1124 if (GetLastError() != ERROR_PIPE_BUSY
1125 && GetLastError() != ERROR_FILE_NOT_FOUND)
1126 {
1127 ap_log_rerror(FCGI_LOG_ERR, r,
1128 "FastCGI: failed to connect to server \"%s\": "
1129 "CreateFile() failed", fr->fs_path);
1130 break;
1131 }
1132
1133 FCGIDBG2("missed npipe connect: %s", fr->fs_path);
1134 }
1135
1136 if (fr->dynamic)
1137 {
1138 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1139 }
1140
1141 fcgi_util_ticks(&fr->queueTime);
1142
1143 connect_time = fr->queueTime.tv_sec - fr->startTime.tv_sec;
1144
1145 FCGIDBG5("interval=%d, max_connect_time=%d, connect_time=%d, ready=%d", interval, max_connect_time, connect_time, ready);
1146
1147 if (connect_time >= max_connect_time)
1148 {
1149 ap_log_rerror(FCGI_LOG_ERR, r,
1150 "FastCGI: failed to connect to server \"%s\": "
1151 "CreateFile()/WaitNamedPipe() timed out", fr->fs_path);
1152 break;
1153 }
1154 }
1155
1156 ReleaseMutex(wait_npipe_mutex);
1157 CloseHandle(wait_npipe_mutex);
1158 fr->fd = INVALID_SOCKET;
1159 return FCGI_FAILED;
1160 }
1161
1162 #endif
1163
1164 /* Create the socket */
1165 fr->fd = socket(socket_addr->sa_family, SOCK_STREAM, 0);
1166
1167 #ifdef WIN32
1168 if (fr->fd == INVALID_SOCKET) {
1169 errno = WSAGetLastError(); // Not sure this is going to work as expected
1170 #else
1171 if (fr->fd < 0) {
1172 #endif
1173 ap_log_rerror(FCGI_LOG_ERR_ERRNO, r,
1174 "FastCGI: failed to connect to server \"%s\": "
1175 "socket() failed", fr->fs_path);
1176 return FCGI_FAILED;
1177 }
1178
1179 #ifndef WIN32
1180 if (fr->fd >= FD_SETSIZE) {
1181 ap_log_rerror(FCGI_LOG_ERR, r,
1182 "FastCGI: failed to connect to server \"%s\": "
1183 "socket file descriptor (%u) is larger than "
1184 "FD_SETSIZE (%u), you probably need to rebuild Apache with a "
1185 "larger FD_SETSIZE", fr->fs_path, fr->fd, FD_SETSIZE);
1186 return FCGI_FAILED;
1187 }
1188 #endif
1189
1190 /* If appConnectTimeout is non-zero, setup do a non-blocking connect */
1191 if ((fr->dynamic && dynamicAppConnectTimeout) || (!fr->dynamic && fr->fs->appConnectTimeout)) {
1192 set_nonblocking(fr, TRUE);
1193 }
1194
1195 if (fr->dynamic) {
1196 fcgi_util_ticks(&fr->startTime);
1197 }
1198
1199 /* Connect */
1200 if (connect(fr->fd, (struct sockaddr *)socket_addr, socket_addr_len) == 0)
1201 goto ConnectionComplete;
1202
1203 #ifdef WIN32
1204
1205 errno = WSAGetLastError();
1206 if (errno != WSAEWOULDBLOCK) {
1207 ap_log_rerror(FCGI_LOG_ERR_ERRNO, r,
1208 "FastCGI: failed to connect to server \"%s\": "
1209 "connect() failed", fr->fs_path);
1210 return FCGI_FAILED;
1211 }
1212
1213 #else
1214
1215 /* ECONNREFUSED means the listen queue is full (or there isn't one).
1216 * With dynamic I can at least make sure the PM knows this is occuring */
1217 if (fr->dynamic && errno == ECONNREFUSED) {
1218 /* @@@ This might be better as some other "kind" of message */
1219 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1220
1221 errno = ECONNREFUSED;
1222 }
1223
1224 if (errno != EINPROGRESS) {
1225 ap_log_rerror(FCGI_LOG_ERR, r,
1226 "FastCGI: failed to connect to server \"%s\": "
1227 "connect() failed", fr->fs_path);
1228 return FCGI_FAILED;
1229 }
1230
1231 #endif
1232
1233 /* The connect() is non-blocking */
1234
1235 errno = 0;
1236
1237 if (fr->dynamic) {
1238 do {
1239 FD_ZERO(&write_fds);
1240 FD_SET(fr->fd, &write_fds);
1241 read_fds = write_fds;
1242 tval.tv_sec = dynamicPleaseStartDelay;
1243 tval.tv_usec = 0;
1244
1245 status = ap_select((fr->fd+1), &read_fds, &write_fds, NULL, &tval);
1246 if (status < 0)
1247 break;
1248
1249 fcgi_util_ticks(&fr->queueTime);
1250
1251 if (status > 0)
1252 break;
1253
1254 /* select() timed out */
1255 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1256 } while ((fr->queueTime.tv_sec - fr->startTime.tv_sec) < (int)dynamicAppConnectTimeout);
1257
1258 /* XXX These can be moved down when dynamic vars live is a struct */
1259 if (status == 0) {
1260 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
1261 "FastCGI: failed to connect to server \"%s\": "
1262 "connect() timed out (appConnTimeout=%dsec)",
1263 fr->fs_path, dynamicAppConnectTimeout);
1264 return FCGI_FAILED;
1265 }
1266 } /* dynamic */
1267 else {
1268 tval.tv_sec = fr->fs->appConnectTimeout;
1269 tval.tv_usec = 0;
1270 FD_ZERO(&write_fds);
1271 FD_SET(fr->fd, &write_fds);
1272 read_fds = write_fds;
1273
1274 status = ap_select((fr->fd+1), &read_fds, &write_fds, NULL, &tval);
1275
1276 if (status == 0) {
1277 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
1278 "FastCGI: failed to connect to server \"%s\": "
1279 "connect() timed out (appConnTimeout=%dsec)",
1280 fr->fs_path, dynamicAppConnectTimeout);
1281 return FCGI_FAILED;
1282 }
1283 } /* !dynamic */
1284
1285 if (status < 0) {
1286 #ifdef WIN32
1287 errno = WSAGetLastError();
1288 #endif
1289 ap_log_rerror(FCGI_LOG_ERR_ERRNO, r,
1290 "FastCGI: failed to connect to server \"%s\": "
1291 "select() failed", fr->fs_path);
1292 return FCGI_FAILED;
1293 }
1294
1295 if (FD_ISSET(fr->fd, &write_fds) || FD_ISSET(fr->fd, &read_fds)) {
1296 int error = 0;
1297 NET_SIZE_T len = sizeof(error);
1298
1299 if (getsockopt(fr->fd, SOL_SOCKET, SO_ERROR, (char *)&error, &len) < 0) {
1300 /* Solaris pending error */
1301 #ifdef WIN32
1302 errno = WSAGetLastError();
1303 #endif
1304 ap_log_rerror(FCGI_LOG_ERR_ERRNO, r,
1305 "FastCGI: failed to connect to server \"%s\": "
1306 "select() failed (Solaris pending error)", fr->fs_path);
1307 return FCGI_FAILED;
1308 }
1309
1310 if (error != 0) {
1311 /* Berkeley-derived pending error */
1312 errno = error;
1313 ap_log_rerror(FCGI_LOG_ERR_ERRNO, r,
1314 "FastCGI: failed to connect to server \"%s\": "
1315 "select() failed (pending error)", fr->fs_path);
1316 return FCGI_FAILED;
1317 }
1318 }
1319 else {
1320 #ifdef WIN32
1321 errno = WSAGetLastError();
1322 #endif
1323 ap_log_rerror(FCGI_LOG_ERR_ERRNO, r,
1324 "FastCGI: failed to connect to server \"%s\": "
1325 "select() error - THIS CAN'T HAPPEN!", fr->fs_path);
1326 return FCGI_FAILED;
1327 }
1328
1329 ConnectionComplete:
1330 /* Return to blocking mode if it was set up */
1331 if ((fr->dynamic && dynamicAppConnectTimeout) || (!fr->dynamic && fr->fs->appConnectTimeout)) {
1332 set_nonblocking(fr, FALSE);
1333 }
1334
1335 #ifdef TCP_NODELAY
1336 if (socket_addr->sa_family == AF_INET) {
1337 /* We shouldn't be sending small packets and there's no application
1338 * level ack of the data we send, so disable Nagle */
1339 int set = 1;
1340 setsockopt(fr->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&set, sizeof(set));
1341 }
1342 #endif
1343
1344 return FCGI_OK;
1345 }
1346
1347 static void sink_client_data(fcgi_request *fr)
1348 {
1349 char *base;
1350 int size;
1351
1352 fcgi_buf_reset(fr->clientInputBuffer);
1353 fcgi_buf_get_free_block_info(fr->clientInputBuffer, &base, &size);
1354 while (ap_get_client_block(fr->r, base, size) > 0);
1355 }
1356
1357 static void cleanup(void *data)
1358 {
1359 fcgi_request * const fr = (fcgi_request *) data;
1360
1361 if (fr == NULL) return;
1362
1363 /* its more than likely already run, but... */
1364 close_connection_to_fs(fr);
1365
1366 send_request_complete(fr);
1367
1368 if (fr->fs_stderr_len) {
1369 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, fr->r,
1370 "FastCGI: server \"%s\" stderr: %s", fr->fs_path, fr->fs_stderr);
1371 }
1372 }
1373
1374 static int npipe_io(fcgi_request * const fr)
1375 {
1376 request_rec * const r = fr->r;
1377 enum
1378 {
1379 STATE_ENV_SEND,
1380 STATE_CLIENT_RECV,
1381 STATE_SERVER_SEND,
1382 STATE_SERVER_RECV,
1383 STATE_CLIENT_SEND,
1384 STATE_CLIENT_ERROR,
1385 STATE_ERROR
1386 }
1387 state = STATE_ENV_SEND;
1388 env_status env_status;
1389 int client_recv;
1390 int dynamic_first_recv = fr->dynamic;
1391 int idle_timeout = fr->dynamic ? dynamic_idle_timeout : fr->fs->idle_timeout;
1392 int send_pending = 0;
1393 int recv_pending = 0;
1394 int client_send = 0;
1395 int rv;
1396 OVERLAPPED rov;
1397 OVERLAPPED sov;
1398 HANDLE events[2];
1399 struct timeval timeout;
1400 struct timeval dynamic_last_io_time = {0, 0};
1401 int did_io = 1;
1402 pool * const rp = r->pool;
1403
1404 DWORD recv_count = 0;
1405
1406 if (fr->role == FCGI_RESPONDER)
1407 {
1408 client_recv = (fr->expectingClientContent != 0);
1409 }
1410
1411 idle_timeout = fr->dynamic ? dynamic_idle_timeout : fr->fs->idle_timeout;
1412
1413 env_status.envp = NULL;
1414
1415 events[0] = CreateEvent(NULL, TRUE, FALSE, NULL);
1416 events[1] = CreateEvent(NULL, TRUE, FALSE, NULL);
1417 sov.hEvent = events[0];
1418 rov.hEvent = events[1];
1419
1420 if (fr->dynamic)
1421 {
1422 dynamic_last_io_time = fr->startTime;
1423
1424 if (dynamicAppConnectTimeout)
1425 {
1426 struct timeval qwait;
1427 timersub(&fr->queueTime, &fr->startTime, &qwait);
1428 dynamic_first_recv = qwait.tv_sec / dynamicPleaseStartDelay + 1;
1429 }
1430 }
1431
1432 ap_hard_timeout("FastCGI request processing", r);
1433
1434 while (state != STATE_CLIENT_SEND)
1435 {
1436 DWORD msec_timeout;
1437
1438 switch (state)
1439 {
1440 case STATE_ENV_SEND:
1441
1442 if (fcgi_protocol_queue_env(r, fr, &env_status) == 0)
1443 {
1444 goto SERVER_SEND;
1445 }
1446
1447 state = STATE_CLIENT_RECV;
1448
1449 /* fall through */
1450
1451 case STATE_CLIENT_RECV:
1452
1453 if (read_from_client_n_queue(fr) != OK)
1454 {
1455 state = STATE_CLIENT_ERROR;
1456 break;
1457 }
1458
1459 if (fr->eofSent)
1460 {
1461 state = STATE_SERVER_SEND;
1462 }
1463
1464 /* fall through */
1465
1466 SERVER_SEND:
1467
1468 case STATE_SERVER_SEND:
1469
1470 if (! send_pending && BufferLength(fr->serverOutputBuffer))
1471 {
1472 Buffer * b = fr->serverOutputBuffer;
1473 DWORD sent, len;
1474
1475 len = min(b->length, b->data + b->size - b->begin);
1476
1477 if (WriteFile((HANDLE) fr->fd, b->begin, len, &sent, &sov))
1478 {
1479 fcgi_buf_removed(b, sent);
1480 ResetEvent(sov.hEvent);
1481 }
1482 else if (GetLastError() == ERROR_IO_PENDING)
1483 {
1484 send_pending = 1;
1485 }
1486 else
1487 {
1488 ap_log_rerror(FCGI_LOG_ERR, r, "FastCGI: comm with server "
1489 "\"%s\" aborted: WriteFile() failed", fr->fs_path);
1490 state = STATE_ERROR;
1491 break;
1492 }
1493 }
1494
1495 /* fall through */
1496
1497 case STATE_SERVER_RECV:
1498
1499 if (! recv_pending && BufferFree(fr->serverInputBuffer))
1500 {
1501 Buffer * b = fr->serverInputBuffer;
1502 DWORD rcvd, len;
1503
1504 len = min(b->size - b->length, b->data + b->size - b->end);
1505
1506 if (ReadFile((HANDLE) fr->fd, b->end, len, &rcvd, &rov))
1507 {
1508 fcgi_buf_added(b, rcvd);
1509 recv_count += rcvd;
1510 ResetEvent(rov.hEvent);
1511 if (dynamic_first_recv)
1512 {
1513 dynamic_first_recv = 0;
1514 }
1515 }
1516 else if (GetLastError() == ERROR_IO_PENDING)
1517 {
1518 recv_pending = 1;
1519 }
1520 else if (GetLastError() == ERROR_HANDLE_EOF)
1521 {
1522 fr->keepReadingFromFcgiApp = FALSE;
1523 state = STATE_CLIENT_SEND;
1524 ResetEvent(rov.hEvent);
1525 break;
1526 }
1527 else if (GetLastError() == ERROR_NO_DATA)
1528 {
1529 break;
1530 }
1531 else
1532 {
1533 ap_log_rerror(FCGI_LOG_ERR, r, "FastCGI: comm with server "
1534 "\"%s\" aborted: ReadFile() failed", fr->fs_path);
1535 state = STATE_ERROR;
1536 break;
1537 }
1538 }
1539
1540 /* fall through */
1541
1542 case STATE_CLIENT_SEND:
1543
1544 if (client_send || ! BufferFree(fr->clientOutputBuffer))
1545 {
1546 if (write_to_client(fr))
1547 {
1548 state = STATE_CLIENT_ERROR;
1549 break;
1550 }
1551
1552 client_send = 0;
1553 }
1554
1555 break;
1556
1557 default:
1558
1559 ap_assert(0);
1560 }
1561
1562 if (state == STATE_CLIENT_ERROR || state == STATE_ERROR)
1563 {
1564 break;
1565 }
1566
1567 /* setup the io timeout */
1568
1569 if (BufferLength(fr->clientOutputBuffer))
1570 {
1571 /* don't let client data sit too long, it might be a push */
1572 timeout.tv_sec = 0;
1573 timeout.tv_usec = 100000;
1574 }
1575 else if (dynamic_first_recv)
1576 {
1577 int delay;
1578 struct timeval qwait;
1579
1580 fcgi_util_ticks(&fr->queueTime);
1581
1582 if (did_io)
1583 {
1584 /* a send() succeeded last pass */
1585 dynamic_last_io_time = fr->queueTime;
1586 }
1587 else
1588 {
1589 /* timed out last pass */
1590 struct timeval idle_time;
1591
1592 timersub(&fr->queueTime, &dynamic_last_io_time, &idle_time);
1593
1594 if (idle_time.tv_sec > idle_timeout)
1595 {
1596 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1597 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r, "FastCGI: comm "
1598 "with (dynamic) server \"%s\" aborted: (first read) "
1599 "idle timeout (%d sec)", fr->fs_path, idle_timeout);
1600 state = STATE_ERROR;
1601 break;
1602 }
1603 }
1604
1605 timersub(&fr->queueTime, &fr->startTime, &qwait);
1606
1607 delay = dynamic_first_recv * dynamicPleaseStartDelay;
1608
1609 if (qwait.tv_sec < delay)
1610 {
1611 timeout.tv_sec = delay;
1612 timeout.tv_usec = 100000; /* fudge for select() slop */
1613 timersub(&timeout, &qwait, &timeout);
1614 }
1615 else
1616 {
1617 /* Killed time somewhere.. client read? */
1618 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1619 dynamic_first_recv = qwait.tv_sec / dynamicPleaseStartDelay + 1;
1620 timeout.tv_sec = dynamic_first_recv * dynamicPleaseStartDelay;
1621 timeout.tv_usec = 100000; /* fudge for select() slop */
1622 timersub(&timeout, &qwait, &timeout);
1623 }
1624 }
1625 else
1626 {
1627 timeout.tv_sec = idle_timeout;
1628 timeout.tv_usec = 0;
1629 }
1630
1631 /* require a pended recv otherwise the app can deadlock */
1632 if (recv_pending)
1633 {
1634 msec_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000;
1635
1636 rv = WaitForMultipleObjects(2, events, FALSE, msec_timeout);
1637
1638 if (rv == WAIT_TIMEOUT)
1639 {
1640 did_io = 0;
1641
1642 if (BufferLength(fr->clientOutputBuffer))
1643 {
1644 client_send = 1;
1645 }
1646 else if (dynamic_first_recv)
1647 {
1648 struct timeval qwait;
1649
1650 fcgi_util_ticks(&fr->queueTime);
1651 timersub(&fr->queueTime, &fr->startTime, &qwait);
1652
1653 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1654
1655 dynamic_first_recv = qwait.tv_sec / dynamicPleaseStartDelay + 1;
1656 }
1657 else
1658 {
1659 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r, "FastCGI: comm with "
1660 "server \"%s\" aborted: idle timeout (%d sec)",
1661 fr->fs_path, idle_timeout);
1662 state = STATE_ERROR;
1663 break;
1664 }
1665 }
1666 else
1667 {
1668 int i = rv - WAIT_OBJECT_0;
1669
1670 did_io = 1;
1671
1672 if (i == 0)
1673 {
1674 DWORD sent;
1675
1676 if (GetOverlappedResult((HANDLE) fr->fd, &sov, &sent, FALSE))
1677 {
1678 send_pending = 0;
1679 ResetEvent(sov.hEvent);
1680 fcgi_buf_removed(fr->serverOutputBuffer, sent);
1681 }
1682 else
1683 {
1684 ap_log_rerror(FCGI_LOG_ERR, r, "FastCGI: comm with server "
1685 "\"%s\" aborted: GetOverlappedResult() failed", fr->fs_path);
1686 state = STATE_ERROR;
1687 break;
1688 }
1689 }
1690 else
1691 {
1692 DWORD rcvd;
1693
1694 ap_assert(i == 1);
1695
1696 recv_pending = 0;
1697 ResetEvent(rov.hEvent);
1698
1699 if (GetOverlappedResult((HANDLE) fr->fd, &rov, &rcvd, FALSE))
1700 {
1701 fcgi_buf_added(fr->serverInputBuffer, rcvd);
1702 if (dynamic_first_recv)
1703 {
1704 dynamic_first_recv = 0;
1705 }
1706 }
1707 else
1708 {
1709 ap_log_rerror(FCGI_LOG_ERR, r, "FastCGI: comm with server "
1710 "\"%s\" aborted: GetOverlappedResult() failed", fr->fs_path);
1711 state = STATE_ERROR;
1712 break;
1713 }
1714 }
1715 }
1716 }
1717
1718 if (fcgi_protocol_dequeue(rp, fr))
1719 {
1720 state = STATE_ERROR;
1721 break;
1722 }
1723
1724 if (fr->parseHeader == SCAN_CGI_READING_HEADERS)
1725 {
1726 const char * err = process_headers(r, fr);
1727 if (err)
1728 {
1729 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
1730 "FastCGI: comm with server \"%s\" aborted: "
1731 "error parsing headers: %s", fr->fs_path, err);
1732 state = STATE_ERROR;
1733 break;
1734 }
1735 }
1736
1737 if (fr->exitStatusSet)
1738 {
1739 fr->keepReadingFromFcgiApp = FALSE;
1740 state = STATE_CLIENT_SEND;
1741 break;
1742 }
1743 }
1744
1745 if (! fr->exitStatusSet || ! fr->eofSent)
1746 {
1747 CancelIo((HANDLE) fr->fd);
1748 }
1749
1750 CloseHandle(rov.hEvent);
1751 CloseHandle(sov.hEvent);
1752
1753 return (state == STATE_ERROR);
1754 }
1755
1756 static int socket_io(fcgi_request * const fr)
1757 {
1758 enum
1759 {
1760 STATE_ENV_SEND,
1761 STATE_CLIENT_RECV,
1762 STATE_SERVER_SEND,
1763 STATE_SERVER_RECV,
1764 STATE_CLIENT_SEND,
1765 STATE_ERROR,
1766 STATE_SERVER_SEND_ERROR,
1767 STATE_CLIENT_ERROR
1768 }
1769 state = STATE_ENV_SEND;
1770
1771 request_rec * const r = fr->r;
1772
1773 struct timeval timeout;
1774 struct timeval dynamic_last_io_time = {0, 0};
1775 fd_set read_set;
1776 fd_set write_set;
1777 int nfds = fr->fd + 1;
1778 int select_status = 1;
1779 int idle_timeout;
1780 int rv;
1781 int dynamic_first_recv = fr->dynamic ? 1 : 0;
1782 int client_send = FALSE;
1783 int client_recv = FALSE;
1784 env_status env;
1785 pool *rp = r->pool;
1786
1787 if (fr->role == FCGI_RESPONDER)
1788 {
1789 client_recv = (fr->expectingClientContent != 0);
1790 }
1791
1792 idle_timeout = fr->dynamic ? dynamic_idle_timeout : fr->fs->idle_timeout;
1793
1794 env.envp = NULL;
1795
1796 if (fr->dynamic)
1797 {
1798 dynamic_last_io_time = fr->startTime;
1799
1800 if (dynamicAppConnectTimeout)
1801 {
1802 struct timeval qwait;
1803 timersub(&fr->queueTime, &fr->startTime, &qwait);
1804 dynamic_first_recv = qwait.tv_sec / dynamicPleaseStartDelay + 1;
1805 }
1806 }
1807
1808 ap_hard_timeout("FastCGI request processing", r);
1809
1810 set_nonblocking(fr, TRUE);
1811
1812 for (;;)
1813 {
1814 FD_ZERO(&read_set);
1815 FD_ZERO(&write_set);
1816
1817 switch (state)
1818 {
1819 case STATE_ENV_SEND:
1820
1821 if (fcgi_protocol_queue_env(r, fr, &env) == 0)
1822 {
1823 goto SERVER_SEND;
1824 }
1825
1826 state = STATE_CLIENT_RECV;
1827
1828 /* fall through */
1829
1830 case STATE_CLIENT_RECV:
1831
1832 if (read_from_client_n_queue(fr))
1833 {
1834 state = STATE_CLIENT_ERROR;
1835 break;
1836 }
1837
1838 if (fr->eofSent)
1839 {
1840 state = STATE_SERVER_SEND;
1841 }
1842
1843 /* fall through */
1844
1845 SERVER_SEND:
1846
1847 case STATE_SERVER_SEND:
1848
1849 if (BufferLength(fr->serverOutputBuffer))
1850 {
1851 FD_SET(fr->fd, &write_set);
1852 }
1853 else
1854 {
1855 ap_assert(fr->eofSent);
1856 state = STATE_SERVER_RECV;
1857 }
1858
1859 /* fall through */
1860
1861 case STATE_SERVER_RECV:
1862 case STATE_SERVER_SEND_ERROR:
1863
1864 FD_SET(fr->fd, &read_set);
1865
1866 /* fall through */
1867
1868 case STATE_CLIENT_SEND:
1869
1870 if (client_send || ! BufferFree(fr->clientOutputBuffer))
1871 {
1872 if (write_to_client(fr))
1873 {
1874 state = STATE_CLIENT_ERROR;
1875 break;
1876 }
1877
1878 client_send = 0;
1879 }
1880
1881 break;
1882
1883 default:
1884
1885 ap_assert(0);
1886 }
1887
1888 if (state == STATE_CLIENT_ERROR)
1889 {
1890 break;
1891 }
1892
1893 /* setup the io timeout */
1894
1895 if (BufferLength(fr->clientOutputBuffer))
1896 {
1897 /* don't let client data sit too long, it might be a push */
1898 timeout.tv_sec = 0;
1899 timeout.tv_usec = 100000;
1900 }
1901 else if (dynamic_first_recv)
1902 {
1903 int delay;
1904 struct timeval qwait;
1905
1906 fcgi_util_ticks(&fr->queueTime);
1907
1908 if (select_status)
1909 {
1910 /* a send() succeeded last pass */
1911 dynamic_last_io_time = fr->queueTime;
1912 }
1913 else
1914 {
1915 /* timed out last pass */
1916 struct timeval idle_time;
1917
1918 timersub(&fr->queueTime, &dynamic_last_io_time, &idle_time);
1919
1920 if (idle_time.tv_sec > idle_timeout)
1921 {
1922 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1923 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r, "FastCGI: comm "
1924 "with (dynamic) server \"%s\" aborted: (first read) "
1925 "idle timeout (%d sec)", fr->fs_path, idle_timeout);
1926 state = STATE_ERROR;
1927 break;
1928 }
1929 }
1930
1931 timersub(&fr->queueTime, &fr->startTime, &qwait);
1932
1933 delay = dynamic_first_recv * dynamicPleaseStartDelay;
1934
1935 if (qwait.tv_sec < delay)
1936 {
1937 timeout.tv_sec = delay;
1938 timeout.tv_usec = 100000; /* fudge for select() slop */
1939 timersub(&timeout, &qwait, &timeout);
1940 }
1941 else
1942 {
1943 /* Killed time somewhere.. client read? */
1944 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1945 dynamic_first_recv = qwait.tv_sec / dynamicPleaseStartDelay + 1;
1946 timeout.tv_sec = dynamic_first_recv * dynamicPleaseStartDelay;
1947 timeout.tv_usec = 100000; /* fudge for select() slop */
1948 timersub(&timeout, &qwait, &timeout);
1949 }
1950 }
1951 else
1952 {
1953 timeout.tv_sec = idle_timeout;
1954 timeout.tv_usec = 0;
1955 }
1956
1957 /* wait on the socket */
1958 select_status = ap_select(nfds, &read_set, &write_set, NULL, &timeout);
1959
1960 if (select_status < 0)
1961 {
1962 ap_log_rerror(FCGI_LOG_ERR_ERRNO, r, "FastCGI: comm with server "
1963 "\"%s\" aborted: select() failed", fr->fs_path);
1964 state = STATE_ERROR;
1965 break;
1966 }
1967
1968 if (select_status == 0)
1969 {
1970 /* select() timeout */
1971
1972 if (BufferLength(fr->clientOutputBuffer))
1973 {
1974 if (fr->role == FCGI_RESPONDER)
1975 {
1976 client_send = TRUE;
1977 }
1978 }
1979 else if (dynamic_first_recv)
1980 {
1981 struct timeval qwait;
1982
1983 fcgi_util_ticks(&fr->queueTime);
1984 timersub(&fr->queueTime, &fr->startTime, &qwait);
1985
1986 send_to_pm(FCGI_REQUEST_TIMEOUT_JOB, fr->fs_path, fr->user, fr->group, 0, 0);
1987
1988 dynamic_first_recv = qwait.tv_sec / dynamicPleaseStartDelay + 1;
1989 continue;
1990 }
1991 else
1992 {
1993 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r, "FastCGI: comm with "
1994 "server \"%s\" aborted: idle timeout (%d sec)",
1995 fr->fs_path, idle_timeout);
1996 state = STATE_SERVER_SEND_ERROR;
1997 }
1998 }
1999
2000 if (FD_ISSET(fr->fd, &write_set))
2001 {
2002 /* send to the server */
2003
2004 rv = fcgi_buf_socket_send(fr->serverOutputBuffer, fr->fd);
2005
2006 if (rv < 0)
2007 {
2008 ap_log_rerror(FCGI_LOG_ERR, r, "FastCGI: comm with server "
2009 "\"%s\" aborted: write failed", fr->fs_path);
2010 state = STATE_ERROR;
2011 break;
2012 }
2013 }
2014
2015 if (FD_ISSET(fr->fd, &read_set))
2016 {
2017 /* recv from the server */
2018
2019 if (dynamic_first_recv)
2020 {
2021 dynamic_first_recv = 0;
2022 fcgi_util_ticks(&fr->queueTime);
2023 }
2024
2025 rv = fcgi_buf_socket_recv(fr->serverInputBuffer, fr->fd);
2026
2027 if (rv < 0)
2028 {
2029 ap_log_rerror(FCGI_LOG_ERR, r, "FastCGI: comm with server "
2030 "\"%s\" aborted: read failed", fr->fs_path);
2031 state = STATE_ERROR;
2032 break;
2033 }
2034
2035 if (rv == 0)
2036 {
2037 fr->keepReadingFromFcgiApp = FALSE;
2038 state = STATE_CLIENT_SEND;
2039 break;
2040 }
2041 }
2042
2043 if (fcgi_protocol_dequeue(rp, fr))
2044 {
2045 state = STATE_ERROR;
2046 break;
2047 }
2048
2049 if (fr->parseHeader == SCAN_CGI_READING_HEADERS)
2050 {
2051 const char * err = process_headers(r, fr);
2052 if (err)
2053 {
2054 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
2055 "FastCGI: comm with server \"%s\" aborted: "
2056 "error parsing headers: %s", fr->fs_path, err);
2057 state = STATE_ERROR;
2058 break;
2059 }
2060 }
2061
2062 if (fr->exitStatusSet)
2063 {
2064 fr->keepReadingFromFcgiApp = FALSE;
2065 state = STATE_CLIENT_SEND;
2066 break;
2067 }
2068 }
2069
2070 return (state == STATE_ERROR);
2071 }
2072
2073
2074 /*----------------------------------------------------------------------
2075 * This is the core routine for moving data between the FastCGI
2076 * application and the Web server's client.
2077 */
2078 static int do_work(request_rec * const r, fcgi_request * const fr)
2079 {
2080 int rv;
2081 pool *rp = r->pool;
2082
2083 fcgi_protocol_queue_begin_request(fr);
2084
2085 if (fr->role == FCGI_RESPONDER)
2086 {
2087 rv = ap_setup_client_block(r, REQUEST_CHUNKED_ERROR);
2088 if (rv != OK)
2089 {
2090 ap_kill_timeout(r);
2091 return rv;
2092 }
2093
2094 fr->expectingClientContent = ap_should_client_block(r);
2095 }
2096
2097 ap_block_alarms();
2098 ap_register_cleanup(rp, (void *)fr, cleanup, ap_null_cleanup);
2099 ap_unblock_alarms();
2100
2101 /* Connect to the FastCGI Application */
2102 ap_hard_timeout("connect() to FastCGI server", r);
2103 if (open_connection_to_fs(fr) != FCGI_OK)
2104 {
2105 ap_kill_timeout(r);
2106 return SERVER_ERROR;
2107 }
2108
2109 #ifdef WIN32
2110 if (fr->using_npipe_io)
2111 {
2112 rv = npipe_io(fr);
2113 }
2114 else
2115 #endif
2116 {
2117 rv = socket_io(fr);
2118 }
2119
2120 /* comm with the server is done */
2121 close_connection_to_fs(fr);
2122
2123 if (fr->role == FCGI_RESPONDER)
2124 {
2125 sink_client_data(fr);
2126 }
2127
2128 while (rv == 0 && BufferLength(fr->serverInputBuffer) || BufferLength(fr->clientOutputBuffer))
2129 {
2130 if (fcgi_protocol_dequeue(rp, fr))
2131 {
2132 rv = SERVER_ERROR;
2133 }
2134
2135 if (fr->parseHeader == SCAN_CGI_READING_HEADERS)
2136 {
2137 const char * err = process_headers(r, fr);
2138 if (err)
2139 {
2140 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
2141 "FastCGI: comm with server \"%s\" aborted: "
2142 "error parsing headers: %s", fr->fs_path, err);
2143 rv = SERVER_ERROR;
2144 }
2145 }
2146
2147 if (fr->role == FCGI_RESPONDER)
2148 {
2149 if (write_to_client(fr))
2150 {
2151 break;
2152 }
2153 }
2154 else
2155 {
2156 fcgi_buf_reset(fr->clientOutputBuffer);
2157 }
2158 }
2159
2160 switch (fr->parseHeader)
2161 {
2162 case SCAN_CGI_FINISHED:
2163
2164 if (fr->role == FCGI_RESPONDER)
2165 {
2166 /* RUSSIAN_APACHE requires rflush() over bflush() */
2167 ap_rflush(r);
2168 ap_bgetopt(r->connection->client, BO_BYTECT, &r->bytes_sent);
2169 }
2170
2171 /* fall through */
2172
2173 case SCAN_CGI_INT_REDIRECT:
2174 case SCAN_CGI_SRV_REDIRECT:
2175
2176 break;
2177
2178 case SCAN_CGI_READING_HEADERS:
2179
2180 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r, "FastCGI: incomplete headers "
2181 "(%d bytes) received from server \"%s\"", fr->header->nelts, fr->fs_path);
2182
2183 /* fall through */
2184
2185 case SCAN_CGI_BAD_HEADER:
2186
2187 rv = SERVER_ERROR;
2188 break;
2189
2190 default:
2191
2192 ap_assert(0);
2193 rv = SERVER_ERROR;
2194 }
2195
2196 ap_kill_timeout(r);
2197 return rv;
2198 }
2199
2200 static fcgi_request *create_fcgi_request(request_rec * const r, const char *fs_path)
2201 {
2202 struct stat *my_finfo;
2203 pool * const p = r->pool;
2204 fcgi_server *fs;
2205 fcgi_request * const fr = (fcgi_request *)ap_pcalloc(p, sizeof(fcgi_request));
2206
2207 if (fs_path) {
2208 my_finfo = (struct stat *)ap_palloc(p, sizeof(struct stat));
2209 if (stat(fs_path, my_finfo) < 0) {
2210 ap_log_rerror(FCGI_LOG_ERR_ERRNO, r,
2211 "FastCGI: stat() of \"%s\" failed", fs_path);
2212 return NULL;
2213 }
2214 }
2215 else {
2216 my_finfo = &r->finfo;
2217 fs_path = r->filename;
2218 }
2219
2220 fs = fcgi_util_fs_get_by_id(fs_path, r->server->server_uid, r->server->server_gid);
2221 if (fs == NULL) {
2222 /* Its a request for a dynamic FastCGI application */
2223 const char * const err =
2224 fcgi_util_fs_is_path_ok(p, fs_path, my_finfo);
2225
2226 if (err) {
2227 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r, "FastCGI: invalid (dynamic) server \"%s\": %s", fs_path, err);
2228 return NULL;
2229 }
2230 }
2231
2232 fr->serverInputBuffer = fcgi_buf_new(p, SERVER_BUFSIZE);
2233 fr->serverOutputBuffer = fcgi_buf_new(p, SERVER_BUFSIZE);
2234 fr->clientInputBuffer = fcgi_buf_new(p, SERVER_BUFSIZE);
2235 fr->clientOutputBuffer = fcgi_buf_new(p, SERVER_BUFSIZE);
2236 fr->erBufPtr = fcgi_buf_new(p, sizeof(FCGI_EndRequestBody) + 1);
2237 fr->gotHeader = FALSE;
2238 fr->parseHeader = SCAN_CGI_READING_HEADERS;
2239 fr->header = ap_make_array(p, 1, 1);
2240 fr->fs_stderr = NULL;
2241 fr->r = r;
2242 fr->readingEndRequestBody = FALSE;
2243 fr->exitStatus = 0;
2244 fr->exitStatusSet = FALSE;
2245 fr->requestId = 1; /* anything but zero is OK here */
2246 fr->eofSent = FALSE;
2247 fr->role = FCGI_RESPONDER;
2248 fr->expectingClientContent = FALSE;
2249 fr->keepReadingFromFcgiApp = TRUE;
2250 fr->fs = fs;
2251 fr->fs_path = fs_path;
2252 fr->authHeaders = ap_make_table(p, 10);
2253 #ifdef WIN32
2254 fr->fd = INVALID_SOCKET;
2255 fr->dynamic = ((fs == NULL) || (fs->directive == APP_CLASS_DYNAMIC)) ? TRUE : FALSE;
2256 fr->using_npipe_io = FALSE;
2257 #else
2258 fr->dynamic = (fs == NULL) ? TRUE : FALSE;
2259 fr->fd = -1;
2260 #endif
2261
2262 set_uid_n_gid(r, &fr->user, &fr->group);
2263
2264 return fr;
2265 }
2266
2267 /*
2268 *----------------------------------------------------------------------
2269 *
2270 * handler --
2271 *
2272 * This routine gets called for a request that corresponds to
2273 * a FastCGI connection. It performs the request synchronously.
2274 *
2275 * Results:
2276 * Final status of request: OK or NOT_FOUND or SERVER_ERROR.
2277 *
2278 * Side effects:
2279 * Request performed.
2280 *
2281 *----------------------------------------------------------------------
2282 */
2283
2284 /* Stolen from mod_cgi.c..
2285 * KLUDGE --- for back-combatibility, we don't have to check ExecCGI
2286 * in ScriptAliased directories, which means we need to know if this
2287 * request came through ScriptAlias or not... so the Alias module
2288 * leaves a note for us.
2289 */
2290 static int apache_is_scriptaliased(request_rec *r)
2291 {
2292 const char *t = ap_table_get(r->notes, "alias-forced-type");
2293 return t && (!strcasecmp(t, "cgi-script"));
2294 }
2295
2296 /* If a script wants to produce its own Redirect body, it now
2297 * has to explicitly *say* "Status: 302". If it wants to use
2298 * Apache redirects say "Status: 200". See process_headers().
2299 */
2300 static int post_process_for_redirects(request_rec * const r,
2301 const fcgi_request * const fr)
2302 {
2303 switch(fr->parseHeader) {
2304 case SCAN_CGI_INT_REDIRECT:
2305
2306 /* @@@ There are still differences between the handling in
2307 * mod_cgi and mod_fastcgi. This needs to be revisited.
2308 */
2309 /* We already read the message body (if any), so don't allow
2310 * the redirected request to think it has one. We can ignore
2311 * Transfer-Encoding, since we used REQUEST_CHUNKED_ERROR.
2312 */
2313 r->method = "GET";
2314 r->method_number = M_GET;
2315 ap_table_unset(r->headers_in, "Content-length");
2316
2317 ap_internal_redirect_handler(ap_table_get(r->headers_out, "Location"), r);
2318 return OK;
2319
2320 case SCAN_CGI_SRV_REDIRECT:
2321 return REDIRECT;
2322
2323 default:
2324 return OK;
2325 }
2326 }
2327
2328 /******************************************************************************
2329 * Process fastcgi-script requests. Based on mod_cgi::cgi_handler().
2330 */
2331 static int content_handler(request_rec *r)
2332 {
2333 fcgi_request *fr = NULL;
2334 int ret;
2335
2336 /* Setup a new FastCGI request */
2337 if ((fr = create_fcgi_request(r, NULL)) == NULL)
2338 return SERVER_ERROR;
2339
2340 /* If its a dynamic invocation, make sure scripts are OK here */
2341 if (fr->dynamic && !(ap_allow_options(r) & OPT_EXECCGI) && !apache_is_scriptaliased(r)) {
2342 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
2343 "FastCGI: \"ExecCGI Option\" is off in this directory: %s", r->uri);
2344 return SERVER_ERROR;
2345 }
2346
2347 /* Process the fastcgi-script request */
2348 if ((ret = do_work(r, fr)) != OK)
2349 return ret;
2350
2351 /* Special case redirects */
2352 ret = post_process_for_redirects(r, fr);
2353
2354 return ret;
2355 }
2356
2357
2358 static int post_process_auth_passed_header(table *t, const char *key, const char * const val)
2359 {
2360 if (strncasecmp(key, "Variable-", 9) == 0)
2361 key += 9;
2362
2363 ap_table_setn(t, key, val);
2364 return 1;
2365 }
2366
2367 static int post_process_auth_passed_compat_header(table *t, const char *key, const char * const val)
2368 {
2369 if (strncasecmp(key, "Variable-", 9) == 0)
2370 ap_table_setn(t, key + 9, val);
2371
2372 return 1;
2373 }
2374
2375 static int post_process_auth_failed_header(table * const t, const char * const key, const char * const val)
2376 {
2377 ap_table_setn(t, key, val);
2378 return 1;
2379 }
2380
2381 static void post_process_auth(fcgi_request * const fr, const int passed)
2382 {
2383 request_rec * const r = fr->r;
2384
2385 /* Restore the saved subprocess_env because we muddied ours up */
2386 r->subprocess_env = fr->saved_subprocess_env;
2387
2388 if (passed) {
2389 if (fr->auth_compat) {
2390 ap_table_do((int (*)(void *, const char *, const char *))post_process_auth_passed_compat_header,
2391 (void *)r->subprocess_env, fr->authHeaders, NULL);
2392 }
2393 else {
2394 ap_table_do((int (*)(void *, const char *, const char *))post_process_auth_passed_header,
2395 (void *)r->subprocess_env, fr->authHeaders, NULL);
2396 }
2397 }
2398 else {
2399 ap_table_do((int (*)(void *, const char *, const char *))post_process_auth_failed_header,
2400 (void *)r->err_headers_out, fr->authHeaders, NULL);
2401 }
2402
2403 /* @@@ Restore these.. its a hack until I rewrite the header handling */
2404 r->status = HTTP_OK;
2405 r->status_line = NULL;
2406 }
2407
2408 static int check_user_authentication(request_rec *r)
2409 {
2410 int res, authenticated = 0;
2411 const char *password;
2412 fcgi_request *fr;
2413 const fcgi_dir_config * const dir_config =
2414 (const fcgi_dir_config *)ap_get_module_config(r->per_dir_config, &fastcgi_module);
2415
2416 if (dir_config->authenticator == NULL)
2417 return DECLINED;
2418
2419 /* Get the user password */
2420 if ((res = ap_get_basic_auth_pw(r, &password)) != OK)
2421 return res;
2422
2423 if ((fr = create_fcgi_request(r, dir_config->authenticator)) == NULL)
2424 return SERVER_ERROR;
2425
2426 /* Save the existing subprocess_env, because we're gonna muddy it up */
2427 fr->saved_subprocess_env = ap_copy_table(r->pool, r->subprocess_env);
2428
2429 ap_table_setn(r->subprocess_env, "REMOTE_PASSWD", password);
2430 ap_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "AUTHENTICATOR");
2431
2432 /* The FastCGI Protocol doesn't differentiate authentication */
2433 fr->role = FCGI_AUTHORIZER;
2434
2435 /* Do we need compatibility mode? */
2436 fr->auth_compat = (dir_config->authenticator_options & FCGI_COMPAT);
2437
2438 if ((res = do_work(r, fr)) != OK)
2439 goto AuthenticationFailed;
2440
2441 authenticated = (r->status == 200);
2442 post_process_auth(fr, authenticated);
2443
2444 /* A redirect shouldn't be allowed during the authentication phase */
2445 if (ap_table_get(r->headers_out, "Location") != NULL) {
2446 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
2447 "FastCGI: FastCgiAuthenticator \"%s\" redirected (not allowed)",
2448 dir_config->authenticator);
2449 goto AuthenticationFailed;
2450 }
2451
2452 if (authenticated)
2453 return OK;
2454
2455 AuthenticationFailed:
2456 if (!(dir_config->authenticator_options & FCGI_AUTHORITATIVE))
2457 return DECLINED;
2458
2459 /* @@@ Probably should support custom_responses */
2460 ap_note_basic_auth_failure(r);
2461 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
2462 "FastCGI: authentication failed for user \"%s\": %s", r->connection->user, r->uri);
2463 return (res == OK) ? AUTH_REQUIRED : res;
2464 }
2465
2466 static int check_user_authorization(request_rec *r)
2467 {
2468 int res, authorized = 0;
2469 fcgi_request *fr;
2470 const fcgi_dir_config * const dir_config =
2471 (const fcgi_dir_config *)ap_get_module_config(r->per_dir_config, &fastcgi_module);
2472
2473 if (dir_config->authorizer == NULL)
2474 return DECLINED;
2475
2476 /* @@@ We should probably honor the existing parameters to the require directive
2477 * as well as allow the definition of new ones (or use the basename of the
2478 * FastCGI server and pass the rest of the directive line), but for now keep
2479 * it simple. */
2480
2481 if ((fr = create_fcgi_request(r, dir_config->authorizer)) == NULL)
2482 return SERVER_ERROR;
2483
2484 /* Save the existing subprocess_env, because we're gonna muddy it up */
2485 fr->saved_subprocess_env = ap_copy_table(r->pool, r->subprocess_env);
2486
2487 ap_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "AUTHORIZER");
2488
2489 fr->role = FCGI_AUTHORIZER;
2490
2491 /* Do we need compatibility mode? */
2492 fr->auth_compat = (dir_config->authenticator_options & FCGI_COMPAT);
2493
2494 if ((res = do_work(r, fr)) != OK)
2495 goto AuthorizationFailed;
2496
2497 authorized = (r->status == 200);
2498 post_process_auth(fr, authorized);
2499
2500 /* A redirect shouldn't be allowed during the authorization phase */
2501 if (ap_table_get(r->headers_out, "Location") != NULL) {
2502 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
2503 "FastCGI: FastCgiAuthorizer \"%s\" redirected (not allowed)",
2504 dir_config->authorizer);
2505 goto AuthorizationFailed;
2506 }
2507
2508 if (authorized)
2509 return OK;
2510
2511 AuthorizationFailed:
2512 if (!(dir_config->authorizer_options & FCGI_AUTHORITATIVE))
2513 return DECLINED;
2514
2515 /* @@@ Probably should support custom_responses */
2516 ap_note_basic_auth_failure(r);
2517 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
2518 "FastCGI: authorization failed for user \"%s\": %s", r->connection->user, r->uri);
2519 return (res == OK) ? AUTH_REQUIRED : res;
2520 }
2521
2522 static int check_access(request_rec *r)
2523 {
2524 int res, access_allowed = 0;
2525 fcgi_request *fr;
2526 const fcgi_dir_config * const dir_config =
2527 (fcgi_dir_config *)ap_get_module_config(r->per_dir_config, &fastcgi_module);
2528
2529 if (dir_config == NULL || dir_config->access_checker == NULL)
2530 return DECLINED;
2531
2532 if ((fr = create_fcgi_request(r, dir_config->access_checker)) == NULL)
2533 return SERVER_ERROR;
2534
2535 /* Save the existing subprocess_env, because we're gonna muddy it up */
2536 fr->saved_subprocess_env = ap_copy_table(r->pool, r->subprocess_env);
2537
2538 ap_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "ACCESS_CHECKER");
2539
2540 /* The FastCGI Protocol doesn't differentiate access control */
2541 fr->role = FCGI_AUTHORIZER;
2542
2543 /* Do we need compatibility mode? */
2544 fr->auth_compat = (dir_config->authenticator_options & FCGI_COMPAT);
2545
2546 if ((res = do_work(r, fr)) != OK)
2547 goto AccessFailed;
2548
2549 access_allowed = (r->status == 200);
2550 post_process_auth(fr, access_allowed);
2551
2552 /* A redirect shouldn't be allowed during the access check phase */
2553 if (ap_table_get(r->headers_out, "Location") != NULL) {
2554 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
2555 "FastCGI: FastCgiAccessChecker \"%s\" redirected (not allowed)",
2556 dir_config->access_checker);
2557 goto AccessFailed;
2558 }
2559
2560 if (access_allowed)
2561 return OK;
2562
2563 AccessFailed:
2564 if (!(dir_config->access_checker_options & FCGI_AUTHORITATIVE))
2565 return DECLINED;
2566
2567 /* @@@ Probably should support custom_responses */
2568 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r, "FastCGI: access denied: %s", r->uri);
2569 return (res == OK) ? FORBIDDEN : res;
2570 }
2571
2572 command_rec fastcgi_cmds[] = {
2573 { "AppClass", fcgi_config_new_static_server, NULL, RSRC_CONF, RAW_ARGS, NULL },
2574 { "FastCgiServer", fcgi_config_new_static_server, NULL, RSRC_CONF, RAW_ARGS, NULL },
2575
2576 { "ExternalAppClass", fcgi_config_new_external_server, NULL, RSRC_CONF, RAW_ARGS, NULL },
2577 { "FastCgiExternalServer", fcgi_config_new_external_server, NULL, RSRC_CONF, RAW_ARGS, NULL },
2578
2579 { "FastCgiIpcDir", fcgi_config_set_socket_dir, NULL, RSRC_CONF, TAKE1, NULL },
2580
2581 { "FastCgiSuexec", fcgi_config_set_wrapper, NULL, RSRC_CONF, TAKE1, NULL },
2582 { "FastCgiWrapper", fcgi_config_set_wrapper, NULL, RSRC_CONF, TAKE1, NULL },
2583
2584 { "FCGIConfig", fcgi_config_set_config, NULL, RSRC_CONF, RAW_ARGS, NULL },
2585 { "FastCgiConfig", fcgi_config_set_config, NULL, RSRC_CONF, RAW_ARGS, NULL },
2586
2587 { "FastCgiAuthenticator", fcgi_config_new_auth_server,
2588 (void *)FCGI_AUTH_TYPE_AUTHENTICATOR, ACCESS_CONF, TAKE12,
2589 "a fastcgi-script path (absolute or relative to ServerRoot) followed by an optional -compat" },
2590 { "FastCgiAuthenticatorAuthoritative", fcgi_config_set_authoritative_slot,
2591 (void *)XtOffsetOf(fcgi_dir_config, authenticator_options), ACCESS_CONF, FLAG,
2592 "Set to 'off' to allow authentication to be passed along to lower modules upon failure" },
2593
2594 { "FastCgiAuthorizer", fcgi_config_new_auth_server,
2595 (void *)FCGI_AUTH_TYPE_AUTHORIZER, ACCESS_CONF, TAKE12,
2596 "a fastcgi-script path (absolute or relative to ServerRoot) followed by an optional -compat" },
2597 { "FastCgiAuthorizerAuthoritative", fcgi_config_set_authoritative_slot,
2598 (void *)XtOffsetOf(fcgi_dir_config, authorizer_options), ACCESS_CONF, FLAG,
2599 "Set to 'off' to allow authorization to be passed along to lower modules upon failure" },
2600
2601 { "FastCgiAccessChecker", fcgi_config_new_auth_server,
2602 (void *)FCGI_AUTH_TYPE_ACCESS_CHECKER, ACCESS_CONF, TAKE12,
2603 "a fastcgi-script path (absolute or relative to ServerRoot) followed by an optional -compat" },
2604 { "FastCgiAccessCheckerAuthoritative", fcgi_config_set_authoritative_slot,
2605 (void *)XtOffsetOf(fcgi_dir_config, access_checker_options), ACCESS_CONF, FLAG,
2606 "Set to 'off' to allow access control to be passed along to lower modules upon failure" },
2607 { NULL }
2608 };
2609
2610
2611 handler_rec fastcgi_handlers[] = {
2612 { FCGI_MAGIC_TYPE, content_handler },
2613 { "fastcgi-script", content_handler },
2614 { NULL }
2615 };
2616
2617
2618 module MODULE_VAR_EXPORT fastcgi_module = {
2619 STANDARD_MODULE_STUFF,
2620 init_module, /* initializer */
2621 fcgi_config_create_dir_config, /* per-dir config creator */
2622 NULL, /* per-dir config merger (default: override) */
2623 NULL, /* per-server config creator */
2624 NULL, /* per-server config merger (default: override) */
2625 fastcgi_cmds, /* command table */
2626 fastcgi_handlers, /* [9] content handlers */
2627 NULL, /* [2] URI-to-filename translation */
2628 check_user_authentication, /* [5] authenticate user_id */
2629 check_user_authorization, /* [6] authorize user_id */
2630 check_access, /* [4] check access (based on src & http headers) */
2631 NULL, /* [7] check/set MIME type */
2632 NULL, /* [8] fixups */
2633 NULL, /* [10] logger */
2634 NULL, /* [3] header-parser */
2635 fcgi_child_init, /* process initialization */
2636 fcgi_child_exit, /* process exit/cleanup */
2637 NULL /* [1] post read-request handling */
2638 };
FastCGI Apache module