1 /* Internal "cgi" protocol implementation */
10 #include <sys/types.h>
11 #include <sys/stat.h> /* OS/2 needs this after sys/types.h */
13 #include <fcntl.h> /* OS/2 needs this after sys/types.h */
21 #include "config/options.h"
22 #include "cookies/cookies.h"
23 #include "intl/gettext/libintl.h"
24 #include "mime/backend/common.h"
25 #include "network/connection.h"
26 #include "network/socket.h"
27 #include "osdep/osdep.h"
28 #include "osdep/sysname.h"
29 #include "protocol/common.h"
30 #include "protocol/file/cgi.h"
31 #include "protocol/http/http.h"
32 #include "protocol/uri.h"
33 #include "terminal/terminal.h"
34 #include "util/conv.h"
36 #include "util/string.h"
38 static struct option_info cgi_options
[] = {
39 INIT_OPT_TREE("protocol.file", N_("Local CGI"),
41 N_("Local CGI specific options.")),
43 INIT_OPT_STRING("protocol.file.cgi", N_("Path"),
45 N_("Colon separated list of directories, where CGI scripts are stored.")),
47 INIT_OPT_BOOL("protocol.file.cgi", N_("Allow local CGI"),
49 N_("Whether to execute local CGI scripts.")),
53 struct module cgi_protocol_module
= struct_module(
54 /* name: */ N_("CGI"),
55 /* options: */ cgi_options
,
57 /* submodules: */ NULL
,
64 close_pipe_and_read(struct socket
*data_socket
)
66 struct connection
*conn
= data_socket
->conn
;
67 struct read_buffer
*rb
= alloc_read_buffer(conn
->socket
);
71 memcpy(rb
->data
, "HTTP/1.0 200 OK\r\n", 17);
75 conn
->unrestartable
= 1;
76 close(data_socket
->fd
);
79 conn
->socket
->state
= SOCKET_END_ONCLOSE
;
80 read_from_socket(conn
->socket
, rb
, S_SENT
, http_got_header
);
84 #define POST_BUFFER_SIZE 4096
87 send_more_post_data(struct socket
*socket
)
89 struct connection
*conn
= socket
->conn
;
90 struct http_connection_info
*http
= conn
->info
;
91 unsigned char buffer
[POST_BUFFER_SIZE
];
93 enum connection_state error
;
95 got
= read_http_post(&http
->post
, buffer
, POST_BUFFER_SIZE
, &error
);
97 abort_connection(conn
, error
);
99 write_to_socket(socket
, buffer
, got
, S_TRANS
,
100 send_more_post_data
);
101 http
->post
.uploaded
+= got
;
102 } else { /* got == 0, meaning end of data */
103 close_pipe_and_read(socket
);
107 #undef POST_BUFFER_SIZE
110 send_post_data(struct connection
*conn
)
112 struct http_connection_info
*http
= conn
->info
;
113 unsigned char *post
= conn
->uri
->post
;
114 unsigned char *postend
;
115 enum connection_state error
;
117 postend
= strchr(post
, '\n');
118 if (postend
) post
= postend
+ 1;
120 if (!open_http_post(&http
->post
, post
, &error
))
121 abort_connection(conn
, error
);
123 send_more_post_data(conn
->data_socket
);
127 send_request(struct connection
*conn
)
129 if (conn
->uri
->post
) send_post_data(conn
);
130 else close_pipe_and_read(conn
->data_socket
);
133 /* This function sets CGI environment variables. */
135 set_vars(struct connection
*conn
, unsigned char *script
)
137 unsigned char *post
= conn
->uri
->post
;
138 unsigned char *query
= get_uri_string(conn
->uri
, URI_QUERY
);
140 int res
= env_set("QUERY_STRING", empty_string_or_(query
), -1);
146 unsigned char *postend
= strchr(post
, '\n');
147 unsigned char buf
[16];
150 res
= env_set("CONTENT_TYPE", post
, postend
- post
);
154 snprintf(buf
, 16, "%d", (int) strlen(post
) / 2);
155 if (env_set("CONTENT_LENGTH", buf
, -1)) return -1;
158 if (env_set("REQUEST_METHOD", post
? "POST" : "GET", -1)) return -1;
159 if (env_set("SERVER_SOFTWARE", "ELinks/" VERSION
, -1)) return -1;
160 if (env_set("SERVER_PROTOCOL", "HTTP/1.0", -1)) return -1;
161 /* XXX: Maybe it is better to set this to an empty string? --pasky */
162 if (env_set("SERVER_NAME", "localhost", -1)) return -1;
163 /* XXX: Maybe it is better to set this to an empty string? --pasky */
164 if (env_set("REMOTE_ADDR", "127.0.0.1", -1)) return -1;
165 if (env_set("GATEWAY_INTERFACE", "CGI/1.1", -1)) return -1;
166 /* This is the path name extracted from the URI and decoded, per
167 * http://cgi-spec.golux.com/draft-coar-cgi-v11-03-clean.html#8.1 */
168 if (env_set("SCRIPT_NAME", script
, -1)) return -1;
169 if (env_set("SCRIPT_FILENAME", script
, -1)) return -1;
170 if (env_set("PATH_TRANSLATED", script
, -1)) return -1;
171 if (env_set("REDIRECT_STATUS", "1", -1)) return -1;
173 /* From now on, just HTTP-like headers are being set. Missing variables
174 * due to full environment are not a problem according to the CGI/1.1
175 * standard, so we already filled our environment with we have to have
176 * there and we won't fail anymore if it won't work out. */
178 str
= get_opt_str("protocol.http.user_agent", NULL
);
179 if (*str
&& strcmp(str
, " ")) {
180 unsigned char *ustr
, ts
[64] = "";
182 if (!list_empty(terminals
)) {
183 unsigned int tslen
= 0;
184 struct terminal
*term
= terminals
.prev
;
186 ulongcat(ts
, &tslen
, term
->width
, 3, 0);
188 ulongcat(ts
, &tslen
, term
->height
, 3, 0);
190 ustr
= subst_user_agent(str
, VERSION_STRING
, system_name
, ts
);
193 env_set("HTTP_USER_AGENT", ustr
, -1);
198 switch (get_opt_int("protocol.http.referer.policy", NULL
)) {
204 str
= get_opt_str("protocol.http.referer.fake", NULL
);
205 env_set("HTTP_REFERER", str
, -1);
209 /* XXX: Encode as in add_url_to_http_string() ? --pasky */
211 env_set("HTTP_REFERER", struri(conn
->referrer
), -1);
214 case REFERER_SAME_URL
:
215 str
= get_uri_string(conn
->uri
, URI_HTTP_REFERRER
);
217 env_set("HTTP_REFERER", str
, -1);
223 /* Protection against vim cindent bugs ;-). */
224 env_set("HTTP_ACCEPT", "*/" "*", -1);
226 /* We do not set HTTP_ACCEPT_ENCODING. Yeah, let's let the CGI script
227 * gzip the stuff so that the CPU doesn't at least sit idle. */
229 str
= get_opt_str("protocol.http.accept_language", NULL
);
231 env_set("HTTP_ACCEPT_LANGUAGE", str
, -1);
234 else if (get_opt_bool("protocol.http.accept_ui_language", NULL
)) {
235 env_set("HTTP_ACCEPT_LANGUAGE",
236 language_to_iso639(current_language
), -1);
240 if (conn
->cached
&& !conn
->cached
->incomplete
&& conn
->cached
->head
241 && conn
->cached
->last_modified
242 && conn
->cache_mode
<= CACHE_MODE_CHECK_IF_MODIFIED
) {
243 env_set("HTTP_IF_MODIFIED_SINCE", conn
->cached
->last_modified
, -1);
246 if (conn
->cache_mode
>= CACHE_MODE_FORCE_RELOAD
) {
247 env_set("HTTP_PRAGMA", "no-cache", -1);
248 env_set("HTTP_CACHE_CONTROL", "no-cache", -1);
251 /* TODO: HTTP auth support. On the other side, it was weird over CGI
254 #ifdef CONFIG_COOKIES
256 struct string
*cookies
= send_cookies(conn
->uri
);
259 env_set("HTTP_COOKIE", cookies
->source
, -1);
261 done_string(cookies
);
270 test_path(unsigned char *path
)
272 unsigned char *cgi_path
= get_opt_str("protocol.file.cgi.path", NULL
);
273 unsigned char **path_ptr
;
274 unsigned char *filename
;
276 for (path_ptr
= &cgi_path
;
277 (filename
= get_next_path_filename(path_ptr
, ':'));
279 int filelen
= strlen(filename
);
282 if (filename
[filelen
- 1] != '/') {
283 add_to_strn(&filename
, "/");
287 res
= strncmp(path
, filename
, filelen
);
295 execute_cgi(struct connection
*conn
)
297 unsigned char *last_slash
;
298 unsigned char *script
;
302 enum connection_state state
= S_OK
;
303 int pipe_read
[2], pipe_write
[2];
305 if (!get_opt_bool("protocol.file.cgi.policy", NULL
)) return 1;
307 /* Not file referrer */
308 if (conn
->referrer
&& conn
->referrer
->protocol
!= PROTOCOL_FILE
) {
312 script
= get_uri_string(conn
->uri
, URI_PATH
);
314 state
= S_OUT_OF_MEM
;
318 scriptlen
= strlen(script
);
320 if (stat(script
, &buf
) || !(S_ISREG(buf
.st_mode
))
321 || !(buf
.st_mode
& S_IXUSR
)) {
326 last_slash
= strrchr(script
, '/');
328 unsigned char storage
;
331 /* We want to compare against path with the trailing slash. */
332 storage
= *last_slash
;
334 res
= test_path(script
);
335 *last_slash
= storage
;
345 if (c_pipe(pipe_read
) || c_pipe(pipe_write
)) {
355 if (!pid
) { /* CGI script */
356 if (set_vars(conn
, script
)) {
359 if ((dup2(pipe_write
[0], STDIN_FILENO
) < 0)
360 || (dup2(pipe_read
[1], STDOUT_FILENO
) < 0)) {
363 /* We implicitly chain stderr to ELinks' stderr. */
364 close_all_non_term_fd();
366 last_slash
[-1] = 0; set_cwd(script
); last_slash
[-1] = '/';
367 if (execl(script
, script
, (char *) NULL
)) {
371 } else { /* ELinks */
374 if (!init_http_connection_info(conn
, 1, 0, 1)) {
375 close(pipe_read
[0]); close(pipe_read
[1]);
376 close(pipe_write
[0]); close(pipe_write
[1]);
380 close(pipe_read
[1]); close(pipe_write
[0]);
381 conn
->socket
->fd
= pipe_read
[0];
383 /* Use data socket for passing the pipe. It will be cleaned up in
384 * close_pipe_and_read(). */
385 conn
->data_socket
->fd
= pipe_write
[1];
387 set_nonblocking_fd(conn
->socket
->fd
);
388 set_nonblocking_fd(conn
->data_socket
->fd
);
395 close(pipe_read
[0]); close(pipe_read
[1]);
396 close(pipe_write
[0]); close(pipe_write
[1]);
400 abort_connection(conn
, state
);