search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
1008: error parameter in read_http_post
[elinks/kon.git] / src / protocol / file / cgi.c
bloba3b92f53b60caf64905db90fa8b72f02d6549b2b
1 /* Internal "cgi" protocol implementation */
2
3 #ifdef HAVE_CONFIG_H
4 #include "config.h"
5 #endif
6
7 #include <errno.h>
8 #include <stdio.h>
9 #include <stdlib.h>
10 #include <sys/types.h>
11 #include <sys/stat.h> /* OS/2 needs this after sys/types.h */
12 #ifdef HAVE_FCNTL_H
13 #include <fcntl.h> /* OS/2 needs this after sys/types.h */
14 #endif
15 #ifdef HAVE_UNISTD_H
16 #include <unistd.h>
17 #endif
18
19 #include "elinks.h"
20
21 #include "config/options.h"
22 #include "cookies/cookies.h"
23 #include "intl/gettext/libintl.h"
24 #include "mime/backend/common.h"
25 #include "network/connection.h"
26 #include "network/socket.h"
27 #include "osdep/osdep.h"
28 #include "osdep/sysname.h"
29 #include "protocol/common.h"
30 #include "protocol/file/cgi.h"
31 #include "protocol/http/http.h"
32 #include "protocol/uri.h"
33 #include "terminal/terminal.h"
34 #include "util/conv.h"
35 #include "util/env.h"
36 #include "util/string.h"
37
38 static struct option_info cgi_options[] = {
39 INIT_OPT_TREE("protocol.file", N_("Local CGI"),
40 "cgi", 0,
41 N_("Local CGI specific options.")),
42
43 INIT_OPT_STRING("protocol.file.cgi", N_("Path"),
44 "path", 0, "",
45 N_("Colon separated list of directories, where CGI scripts are stored.")),
46
47 INIT_OPT_BOOL("protocol.file.cgi", N_("Allow local CGI"),
48 "policy", 0, 0,
49 N_("Whether to execute local CGI scripts.")),
50 NULL_OPTION_INFO,
51 };
52
53 struct module cgi_protocol_module = struct_module(
54 /* name: */ N_("CGI"),
55 /* options: */ cgi_options,
56 /* hooks: */ NULL,
57 /* submodules: */ NULL,
58 /* data: */ NULL,
59 /* init: */ NULL,
60 /* done: */ NULL
61 );
62
63 static void
64 close_pipe_and_read(struct socket *data_socket)
65 {
66 struct connection *conn = data_socket->conn;
67 struct read_buffer *rb = alloc_read_buffer(conn->socket);
68
69 if (!rb) return;
70
71 memcpy(rb->data, "HTTP/1.0 200 OK\r\n", 17);
72 rb->length = 17;
73 rb->freespace -= 17;
74
75 conn->unrestartable = 1;
76 close(data_socket->fd);
77 data_socket->fd = -1;
78
79 conn->socket->state = SOCKET_END_ONCLOSE;
80 read_from_socket(conn->socket, rb, S_SENT, http_got_header);
81 }
82
83
84 #define POST_BUFFER_SIZE 4096
85
86 static void
87 send_more_post_data(struct socket *socket)
88 {
89 struct connection *conn = socket->conn;
90 struct http_connection_info *http = conn->info;
91 unsigned char buffer[POST_BUFFER_SIZE];
92 int got;
93 enum connection_state error;
94
95 got = read_http_post(&http->post, buffer, POST_BUFFER_SIZE, &error);
96 if (got < 0) {
97 abort_connection(conn, error);
98 } else if (got > 0) {
99 write_to_socket(socket, buffer, got, S_TRANS,
100 send_more_post_data);
101 http->post.uploaded += got;
102 } else { /* got == 0, meaning end of data */
103 close_pipe_and_read(socket);
104 }
105 }
106
107 #undef POST_BUFFER_SIZE
108
109 static void
110 send_post_data(struct connection *conn)
111 {
112 struct http_connection_info *http = conn->info;
113 unsigned char *post = conn->uri->post;
114 unsigned char *postend;
115 enum connection_state error;
116
117 postend = strchr(post, '\n');
118 if (postend) post = postend + 1;
119
120 if (!open_http_post(&http->post, post, &error))
121 abort_connection(conn, error);
122 else
123 send_more_post_data(conn->data_socket);
124 }
125
126 static void
127 send_request(struct connection *conn)
128 {
129 if (conn->uri->post) send_post_data(conn);
130 else close_pipe_and_read(conn->data_socket);
131 }
132
133 /* This function sets CGI environment variables. */
134 static int
135 set_vars(struct connection *conn, unsigned char *script)
136 {
137 unsigned char *post = conn->uri->post;
138 unsigned char *query = get_uri_string(conn->uri, URI_QUERY);
139 unsigned char *str;
140 int res = env_set("QUERY_STRING", empty_string_or_(query), -1);
141
142 mem_free_if(query);
143 if (res) return -1;
144
145 if (post) {
146 unsigned char *postend = strchr(post, '\n');
147 unsigned char buf[16];
148
149 if (postend) {
150 res = env_set("CONTENT_TYPE", post, postend - post);
151 if (res) return -1;
152 post = postend + 1;
153 }
154 snprintf(buf, 16, "%d", (int) strlen(post) / 2);
155 if (env_set("CONTENT_LENGTH", buf, -1)) return -1;
156 }
157
158 if (env_set("REQUEST_METHOD", post ? "POST" : "GET", -1)) return -1;
159 if (env_set("SERVER_SOFTWARE", "ELinks/" VERSION, -1)) return -1;
160 if (env_set("SERVER_PROTOCOL", "HTTP/1.0", -1)) return -1;
161 /* XXX: Maybe it is better to set this to an empty string? --pasky */
162 if (env_set("SERVER_NAME", "localhost", -1)) return -1;
163 /* XXX: Maybe it is better to set this to an empty string? --pasky */
164 if (env_set("REMOTE_ADDR", "127.0.0.1", -1)) return -1;
165 if (env_set("GATEWAY_INTERFACE", "CGI/1.1", -1)) return -1;
166 /* This is the path name extracted from the URI and decoded, per
167 * http://cgi-spec.golux.com/draft-coar-cgi-v11-03-clean.html#8.1 */
168 if (env_set("SCRIPT_NAME", script, -1)) return -1;
169 if (env_set("SCRIPT_FILENAME", script, -1)) return -1;
170 if (env_set("PATH_TRANSLATED", script, -1)) return -1;
171 if (env_set("REDIRECT_STATUS", "1", -1)) return -1;
172
173 /* From now on, just HTTP-like headers are being set. Missing variables
174 * due to full environment are not a problem according to the CGI/1.1
175 * standard, so we already filled our environment with we have to have
176 * there and we won't fail anymore if it won't work out. */
177
178 str = get_opt_str("protocol.http.user_agent", NULL);
179 if (*str && strcmp(str, " ")) {
180 unsigned char *ustr, ts[64] = "";
181
182 if (!list_empty(terminals)) {
183 unsigned int tslen = 0;
184 struct terminal *term = terminals.prev;
185
186 ulongcat(ts, &tslen, term->width, 3, 0);
187 ts[tslen++] = 'x';
188 ulongcat(ts, &tslen, term->height, 3, 0);
189 }
190 ustr = subst_user_agent(str, VERSION_STRING, system_name, ts);
191
192 if (ustr) {
193 env_set("HTTP_USER_AGENT", ustr, -1);
194 mem_free(ustr);
195 }
196 }
197
198 switch (get_opt_int("protocol.http.referer.policy", NULL)) {
199 case REFERER_NONE:
200 /* oh well */
201 break;
202
203 case REFERER_FAKE:
204 str = get_opt_str("protocol.http.referer.fake", NULL);
205 env_set("HTTP_REFERER", str, -1);
206 break;
207
208 case REFERER_TRUE:
209 /* XXX: Encode as in add_url_to_http_string() ? --pasky */
210 if (conn->referrer)
211 env_set("HTTP_REFERER", struri(conn->referrer), -1);
212 break;
213
214 case REFERER_SAME_URL:
215 str = get_uri_string(conn->uri, URI_HTTP_REFERRER);
216 if (str) {
217 env_set("HTTP_REFERER", str, -1);
218 mem_free(str);
219 }
220 break;
221 }
222
223 /* Protection against vim cindent bugs ;-). */
224 env_set("HTTP_ACCEPT", "*/" "*", -1);
225
226 /* We do not set HTTP_ACCEPT_ENCODING. Yeah, let's let the CGI script
227 * gzip the stuff so that the CPU doesn't at least sit idle. */
228
229 str = get_opt_str("protocol.http.accept_language", NULL);
230 if (*str) {
231 env_set("HTTP_ACCEPT_LANGUAGE", str, -1);
232 }
233 #ifdef CONFIG_NLS
234 else if (get_opt_bool("protocol.http.accept_ui_language", NULL)) {
235 env_set("HTTP_ACCEPT_LANGUAGE",
236 language_to_iso639(current_language), -1);
237 }
238 #endif
239
240 if (conn->cached && !conn->cached->incomplete && conn->cached->head
241 && conn->cached->last_modified
242 && conn->cache_mode <= CACHE_MODE_CHECK_IF_MODIFIED) {
243 env_set("HTTP_IF_MODIFIED_SINCE", conn->cached->last_modified, -1);
244 }
245
246 if (conn->cache_mode >= CACHE_MODE_FORCE_RELOAD) {
247 env_set("HTTP_PRAGMA", "no-cache", -1);
248 env_set("HTTP_CACHE_CONTROL", "no-cache", -1);
249 }
250
251 /* TODO: HTTP auth support. On the other side, it was weird over CGI
252 * IIRC. --pasky */
253
254 #ifdef CONFIG_COOKIES
255 {
256 struct string *cookies = send_cookies(conn->uri);
257
258 if (cookies) {
259 env_set("HTTP_COOKIE", cookies->source, -1);
260
261 done_string(cookies);
262 }
263 }
264 #endif
265
266 return 0;
267 }
268
269 static int
270 test_path(unsigned char *path)
271 {
272 unsigned char *cgi_path = get_opt_str("protocol.file.cgi.path", NULL);
273 unsigned char **path_ptr;
274 unsigned char *filename;
275
276 for (path_ptr = &cgi_path;
277 (filename = get_next_path_filename(path_ptr, ':'));
278 ) {
279 int filelen = strlen(filename);
280 int res;
281
282 if (filename[filelen - 1] != '/') {
283 add_to_strn(&filename, "/");
284 filelen++;
285 }
286
287 res = strncmp(path, filename, filelen);
288 mem_free(filename);
289 if (!res) return 0;
290 }
291 return 1;
292 }
293
294 int
295 execute_cgi(struct connection *conn)
296 {
297 unsigned char *last_slash;
298 unsigned char *script;
299 int scriptlen;
300 struct stat buf;
301 pid_t pid;
302 enum connection_state state = S_OK;
303 int pipe_read[2], pipe_write[2];
304
305 if (!get_opt_bool("protocol.file.cgi.policy", NULL)) return 1;
306
307 /* Not file referrer */
308 if (conn->referrer && conn->referrer->protocol != PROTOCOL_FILE) {
309 return 1;
310 }
311
312 script = get_uri_string(conn->uri, URI_PATH);
313 if (!script) {
314 state = S_OUT_OF_MEM;
315 goto end2;
316 }
317 decode_uri(script);
318 scriptlen = strlen(script);
319
320 if (stat(script, &buf) || !(S_ISREG(buf.st_mode))
321 || !(buf.st_mode & S_IXUSR)) {
322 mem_free(script);
323 return 1;
324 }
325
326 last_slash = strrchr(script, '/');
327 if (last_slash++) {
328 unsigned char storage;
329 int res;
330
331 /* We want to compare against path with the trailing slash. */
332 storage = *last_slash;
333 *last_slash = 0;
334 res = test_path(script);
335 *last_slash = storage;
336 if (res) {
337 mem_free(script);
338 return 1;
339 }
340 } else {
341 mem_free(script);
342 return 1;
343 }
344
345 if (c_pipe(pipe_read) || c_pipe(pipe_write)) {
346 state = -errno;
347 goto end1;
348 }
349
350 pid = fork();
351 if (pid < 0) {
352 state = -errno;
353 goto end0;
354 }
355 if (!pid) { /* CGI script */
356 if (set_vars(conn, script)) {
357 _exit(1);
358 }
359 if ((dup2(pipe_write[0], STDIN_FILENO) < 0)
360 || (dup2(pipe_read[1], STDOUT_FILENO) < 0)) {
361 _exit(2);
362 }
363 /* We implicitly chain stderr to ELinks' stderr. */
364 close_all_non_term_fd();
365
366 last_slash[-1] = 0; set_cwd(script); last_slash[-1] = '/';
367 if (execl(script, script, (char *) NULL)) {
368 _exit(3);
369 }
370
371 } else { /* ELinks */
372 mem_free(script);
373
374 if (!init_http_connection_info(conn, 1, 0, 1)) {
375 close(pipe_read[0]); close(pipe_read[1]);
376 close(pipe_write[0]); close(pipe_write[1]);
377 return 0;
378 }
379
380 close(pipe_read[1]); close(pipe_write[0]);
381 conn->socket->fd = pipe_read[0];
382
383 /* Use data socket for passing the pipe. It will be cleaned up in
384 * close_pipe_and_read(). */
385 conn->data_socket->fd = pipe_write[1];
386 conn->cgi = 1;
387 set_nonblocking_fd(conn->socket->fd);
388 set_nonblocking_fd(conn->data_socket->fd);
389
390 send_request(conn);
391 return 0;
392 }
393
394 end0:
395 close(pipe_read[0]); close(pipe_read[1]);
396 close(pipe_write[0]); close(pipe_write[1]);
397 end1:
398 mem_free(script);
399 end2:
400 abort_connection(conn, state);
401 return 0;
402 }
Kalle's patches for review