lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
lighttpd 1.4.x https://www.lighttpd.net/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1078 Commits
8 Branches
80 Tags
48 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 6528732c79
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6528732c79'
${ noResults }
lighttpd1.4/src/mod_fastcgi.c

3878 lines
100 KiB
Raw Blame History

#include <sys/types.h>
#include <unistd.h>
#include <errno.h>
#include <fcntl.h>
#include <string.h>
#include <stdlib.h>
#include <ctype.h>
#include <assert.h>
#include <signal.h>
#include "buffer.h"
#include "server.h"
#include "keyvalue.h"
#include "log.h"
#include "http_chunk.h"
#include "fdevent.h"
#include "connections.h"
#include "response.h"
#include "joblist.h"
#include "plugin.h"
#include "inet_ntop_cache.h"
#include "stat_cache.h"
#include "status_counter.h"
#ifdef HAVE_FASTCGI_FASTCGI_H
#include <fastcgi/fastcgi.h>
#else
#ifdef HAVE_FASTCGI_H
#include <fastcgi.h>
#else
#include "fastcgi.h"
#endif
#endif /* HAVE_FASTCGI_FASTCGI_H */
#include <stdio.h>
#ifdef HAVE_SYS_FILIO_H
# include <sys/filio.h>
#endif
#include "sys-socket.h"
#ifdef HAVE_SYS_UIO_H
#include <sys/uio.h>
#endif
#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
#define FCGI_ENV_ADD_CHECK(ret, con) \
if (ret == -1) { \
con->http_status = 400; \
con->file_finished = 1; \
return -1; \
};
/*
*
* TODO:
*
* - add timeout for a connect to a non-fastcgi process
* (use state_timestamp + state)
*
*/
typedef struct fcgi_proc {
size_t id; /* id will be between 1 and max_procs */
buffer *unixsocket; /* config.socket + "-" + id */
unsigned port; /* config.port + pno */
buffer *connection_name; /* either tcp:<host>:<port> or unix:<socket> for debugging purposes */
pid_t pid; /* PID of the spawned process (0 if not spawned locally) */
size_t load; /* number of requests waiting on this process */
time_t last_used; /* see idle_timeout */
size_t requests; /* see max_requests */
struct fcgi_proc *prev, *next; /* see first */
time_t disabled_until; /* this proc is disabled until, use something else until then */
int is_local;
enum {
PROC_STATE_UNSET, /* init-phase */
PROC_STATE_RUNNING, /* alive */
PROC_STATE_OVERLOADED, /* listen-queue is full,
don't send anything to this proc for the next 2 seconds */
PROC_STATE_DIED_WAIT_FOR_PID, /* */
PROC_STATE_DIED, /* marked as dead, should be restarted */
PROC_STATE_KILLED /* was killed as we don't have the load anymore */
} state;
} fcgi_proc;
typedef struct {
/* the key that is used to reference this value */
buffer *id;
/* list of processes handling this extension
* sorted by lowest load
*
* whenever a job is done move it up in the list
* until it is sorted, move it down as soon as the
* job is started
*/
fcgi_proc *first;
fcgi_proc *unused_procs;
/*
* spawn at least min_procs, at max_procs.
*
* as soon as the load of the first entry
* is max_load_per_proc we spawn a new one
* and add it to the first entry and give it
* the load
*
*/
unsigned short min_procs;
unsigned short max_procs;
size_t num_procs; /* how many procs are started */
size_t active_procs; /* how many of them are really running */
unsigned short max_load_per_proc;
/*
* kick the process from the list if it was not
* used for idle_timeout until min_procs is
* reached. this helps to get the processlist
* small again we had a small peak load.
*
*/
unsigned short idle_timeout;
/*
* time after a disabled remote connection is tried to be re-enabled
*
*
*/
unsigned short disable_time;
/*
* some fastcgi processes get a little bit larger
* than wanted. max_requests_per_proc kills a
* process after a number of handled requests.
*
*/
size_t max_requests_per_proc;
/* config */
/*
* host:port
*
* if host is one of the local IP adresses the
* whole connection is local
*
* if port is not 0, and host is not specified,
* "localhost" (INADDR_LOOPBACK) is assumed.
*
*/
buffer *host;
unsigned short port;
/*
* Unix Domain Socket
*
* instead of TCP/IP we can use Unix Domain Sockets
* - more secure (you have fileperms to play with)
* - more control (on locally)
* - more speed (no extra overhead)
*/
buffer *unixsocket;
/* if socket is local we can start the fastcgi
* process ourself
*
* bin-path is the path to the binary
*
* check min_procs and max_procs for the number
* of process to start up
*/
buffer *bin_path;
/* bin-path is set bin-environment is taken to
* create the environement before starting the
* FastCGI process
*
*/
array *bin_env;
array *bin_env_copy;
/*
* docroot-translation between URL->phys and the
* remote host
*
* reasons:
* - different dir-layout if remote
* - chroot if local
*
*/
buffer *docroot;
/*
* fastcgi-mode:
* - responser
* - authorizer
*
*/
unsigned short mode;
/*
* check_local tells you if the phys file is stat()ed
* or not. FastCGI doesn't care if the service is
* remote. If the web-server side doesn't contain
* the fastcgi-files we should not stat() for them
* and say '404 not found'.
*/
unsigned short check_local;
/*
* append PATH_INFO to SCRIPT_FILENAME
*
* php needs this if cgi.fix_pathinfo is provided
*
*/
unsigned short break_scriptfilename_for_php;
/*
* If the backend includes X-LIGHTTPD-send-file in the response
* we use the value as filename and ignore the content.
*
*/
unsigned short allow_xsendfile;
ssize_t load; /* replace by host->load */
size_t max_id; /* corresponds most of the time to
num_procs.
only if a process is killed max_id waits for the process itself
to die and decrements it afterwards */
buffer *strip_request_uri;
unsigned short kill_signal; /* we need a setting for this as libfcgi
applications prefer SIGUSR1 while the
rest of the world would use SIGTERM
*sigh* */
} fcgi_extension_host;
/*
* one extension can have multiple hosts assigned
* one host can spawn additional processes on the same
* socket (if we control it)
*
* ext -> host -> procs
* 1:n 1:n
*
* if the fastcgi process is remote that whole goes down
* to
*
* ext -> host -> procs
* 1:n 1:1
*
* in case of PHP and FCGI_CHILDREN we have again a procs
* but we don't control it directly.
*
*/
typedef struct {
buffer *key; /* like .php */
int note_is_sent;
int last_used_ndx;
fcgi_extension_host **hosts;
size_t used;
size_t size;
} fcgi_extension;
typedef struct {
fcgi_extension **exts;
size_t used;
size_t size;
} fcgi_exts;
typedef struct {
fcgi_exts *exts;
array *ext_mapping;
int debug;
} plugin_config;
typedef struct {
size_t *ptr;
size_t used;
size_t size;
} buffer_uint;
typedef struct {
char **ptr;
size_t size;
size_t used;
} char_array;
/* generic plugin data, shared between all connections */
typedef struct {
PLUGIN_DATA;
buffer_uint fcgi_request_id;
buffer *fcgi_env;
buffer *path;
buffer *parse_response;
buffer *statuskey;
plugin_config **config_storage;
plugin_config conf; /* this is only used as long as no handler_ctx is setup */
} plugin_data;
/* connection specific data */
typedef enum {
FCGI_STATE_UNSET,
FCGI_STATE_INIT,
FCGI_STATE_CONNECT_DELAYED,
FCGI_STATE_PREPARE_WRITE,
FCGI_STATE_WRITE,
FCGI_STATE_READ
} fcgi_connection_state_t;
typedef struct {
fcgi_proc *proc;
fcgi_extension_host *host;
fcgi_extension *ext;
fcgi_connection_state_t state;
time_t state_timestamp;
int reconnects; /* number of reconnect attempts */
chunkqueue *rb; /* read queue */
chunkqueue *wb; /* write queue */
buffer *response_header;
size_t request_id;
int fd; /* fd to the fastcgi process */
int fde_ndx; /* index into the fd-event buffer */
pid_t pid;
int got_proc;
int send_content_body;
plugin_config conf;
connection *remote_conn; /* dumb pointer */
plugin_data *plugin_data; /* dumb pointer */
} handler_ctx;
/* ok, we need a prototype */
static handler_t fcgi_handle_fdevent(void *s, void *ctx, int revents);
int fastcgi_status_copy_procname(buffer *b, fcgi_extension_host *host, fcgi_proc *proc) {
buffer_copy_string(b, "fastcgi.backend.");
buffer_append_string_buffer(b, host->id);
if (proc) {
buffer_append_string(b, ".");
buffer_append_long(b, proc->id);
}
return 0;
}
int fastcgi_status_init(server *srv, buffer *b, fcgi_extension_host *host, fcgi_proc *proc) {
#define CLEAN(x) \
fastcgi_status_copy_procname(b, host, proc); \
buffer_append_string(b, x); \
status_counter_set(srv, CONST_BUF_LEN(b), 0);
CLEAN(".disabled");
CLEAN(".died");
CLEAN(".overloaded");
CLEAN(".connected");
CLEAN(".load");
#undef CLEAN
#define CLEAN(x) \
fastcgi_status_copy_procname(b, host, NULL); \
buffer_append_string(b, x); \
status_counter_set(srv, CONST_BUF_LEN(b), 0);
CLEAN(".load");
#undef CLEAN
return 0;
}
static handler_ctx * handler_ctx_init() {
handler_ctx * hctx;
hctx = calloc(1, sizeof(*hctx));
assert(hctx);
hctx->fde_ndx = -1;
hctx->response_header = buffer_init();
hctx->request_id = 0;
hctx->state = FCGI_STATE_INIT;
hctx->proc = NULL;
hctx->fd = -1;
hctx->reconnects = 0;
hctx->send_content_body = 1;
hctx->rb = chunkqueue_init();
hctx->wb = chunkqueue_init();
return hctx;
}
static void handler_ctx_free(handler_ctx *hctx) {
if (hctx->host) {
hctx->host->load--;
hctx->host = NULL;
}
buffer_free(hctx->response_header);
chunkqueue_free(hctx->rb);
chunkqueue_free(hctx->wb);
free(hctx);
}
fcgi_proc *fastcgi_process_init() {
fcgi_proc *f;
f = calloc(1, sizeof(*f));
f->unixsocket = buffer_init();
f->connection_name = buffer_init();
f->prev = NULL;
f->next = NULL;
return f;
}
void fastcgi_process_free(fcgi_proc *f) {
if (!f) return;
fastcgi_process_free(f->next);
buffer_free(f->unixsocket);
buffer_free(f->connection_name);
free(f);
}
fcgi_extension_host *fastcgi_host_init() {
fcgi_extension_host *f;
f = calloc(1, sizeof(*f));
f->id = buffer_init();
f->host = buffer_init();
f->unixsocket = buffer_init();
f->docroot = buffer_init();
f->bin_path = buffer_init();
f->bin_env = array_init();
f->bin_env_copy = array_init();
f->strip_request_uri = buffer_init();
return f;
}
void fastcgi_host_free(fcgi_extension_host *h) {
if (!h) return;
buffer_free(h->id);
buffer_free(h->host);
buffer_free(h->unixsocket);
buffer_free(h->docroot);
buffer_free(h->bin_path);
buffer_free(h->strip_request_uri);
array_free(h->bin_env);
array_free(h->bin_env_copy);
fastcgi_process_free(h->first);
fastcgi_process_free(h->unused_procs);
free(h);
}
fcgi_exts *fastcgi_extensions_init() {
fcgi_exts *f;
f = calloc(1, sizeof(*f));
return f;
}
void fastcgi_extensions_free(fcgi_exts *f) {
size_t i;
if (!f) return;
for (i = 0; i < f->used; i++) {
fcgi_extension *fe;
size_t j;
fe = f->exts[i];
for (j = 0; j < fe->used; j++) {
fcgi_extension_host *h;
h = fe->hosts[j];
fastcgi_host_free(h);
}
buffer_free(fe->key);
free(fe->hosts);
free(fe);
}
free(f->exts);
free(f);
}
int fastcgi_extension_insert(fcgi_exts *ext, buffer *key, fcgi_extension_host *fh) {
fcgi_extension *fe;
size_t i;
/* there is something */
for (i = 0; i < ext->used; i++) {
if (buffer_is_equal(key, ext->exts[i]->key)) {
break;
}
}
if (i == ext->used) {
/* filextension is new */
fe = calloc(1, sizeof(*fe));
assert(fe);
fe->key = buffer_init();
fe->last_used_ndx = -1;
buffer_copy_string_buffer(fe->key, key);
/* */
if (ext->size == 0) {
ext->size = 8;
ext->exts = malloc(ext->size * sizeof(*(ext->exts)));
assert(ext->exts);
} else if (ext->used == ext->size) {
ext->size += 8;
ext->exts = realloc(ext->exts, ext->size * sizeof(*(ext->exts)));
assert(ext->exts);
}
ext->exts[ext->used++] = fe;
} else {
fe = ext->exts[i];
}
if (fe->size == 0) {
fe->size = 4;
fe->hosts = malloc(fe->size * sizeof(*(fe->hosts)));
assert(fe->hosts);
} else if (fe->size == fe->used) {
fe->size += 4;
fe->hosts = realloc(fe->hosts, fe->size * sizeof(*(fe->hosts)));
assert(fe->hosts);
}
fe->hosts[fe->used++] = fh;
return 0;
}
INIT_FUNC(mod_fastcgi_init) {
plugin_data *p;
p = calloc(1, sizeof(*p));
p->fcgi_env = buffer_init();
p->path = buffer_init();
p->parse_response = buffer_init();
p->statuskey = buffer_init();
return p;
}
FREE_FUNC(mod_fastcgi_free) {
plugin_data *p = p_d;
buffer_uint *r = &(p->fcgi_request_id);
UNUSED(srv);
if (r->ptr) free(r->ptr);
buffer_free(p->fcgi_env);
buffer_free(p->path);
buffer_free(p->parse_response);
buffer_free(p->statuskey);
if (p->config_storage) {
size_t i, j, n;
for (i = 0; i < srv->config_context->used; i++) {
plugin_config *s = p->config_storage[i];
fcgi_exts *exts;
if (!s) continue;
exts = s->exts;
for (j = 0; j < exts->used; j++) {
fcgi_extension *ex;
ex = exts->exts[j];
for (n = 0; n < ex->used; n++) {
fcgi_proc *proc;
fcgi_extension_host *host;
host = ex->hosts[n];
for (proc = host->first; proc; proc = proc->next) {
if (proc->pid != 0) {
kill(proc->pid, host->kill_signal);
}
if (proc->is_local &&
!buffer_is_empty(proc->unixsocket)) {
unlink(proc->unixsocket->ptr);
}
}
for (proc = host->unused_procs; proc; proc = proc->next) {
if (proc->pid != 0) {
kill(proc->pid, host->kill_signal);
}
if (proc->is_local &&
!buffer_is_empty(proc->unixsocket)) {
unlink(proc->unixsocket->ptr);
}
}
}
}
fastcgi_extensions_free(s->exts);
array_free(s->ext_mapping);
free(s);
}
free(p->config_storage);
}
free(p);
return HANDLER_GO_ON;
}
static int env_add(char_array *env, const char *key, size_t key_len, const char *val, size_t val_len) {
char *dst;
if (!key || !val) return -1;
dst = malloc(key_len + val_len + 3);
memcpy(dst, key, key_len);
dst[key_len] = '=';
/* add the \0 from the value */
memcpy(dst + key_len + 1, val, val_len + 1);
if (env->size == 0) {
env->size = 16;
env->ptr = malloc(env->size * sizeof(*env->ptr));
} else if (env->size == env->used + 1) {
env->size += 16;
env->ptr = realloc(env->ptr, env->size * sizeof(*env->ptr));
}
env->ptr[env->used++] = dst;
return 0;
}
static int parse_binpath(char_array *env, buffer *b) {
char *start;
size_t i;
/* search for spaces */
start = b->ptr;
for (i = 0; i < b->used - 1; i++) {
switch(b->ptr[i]) {
case ' ':
case '\t':
/* a WS, stop here and copy the argument */
if (env->size == 0) {
env->size = 16;
env->ptr = malloc(env->size * sizeof(*env->ptr));
} else if (env->size == env->used) {
env->size += 16;
env->ptr = realloc(env->ptr, env->size * sizeof(*env->ptr));
}
b->ptr[i] = '\0';
env->ptr[env->used++] = start;
start = b->ptr + i + 1;
break;
default:
break;
}
}
if (env->size == 0) {
env->size = 16;
env->ptr = malloc(env->size * sizeof(*env->ptr));
} else if (env->size == env->used) { /* we need one extra for the terminating NULL */
env->size += 16;
env->ptr = realloc(env->ptr, env->size * sizeof(*env->ptr));
}
/* the rest */
env->ptr[env->used++] = start;
if (env->size == 0) {
env->size = 16;
env->ptr = malloc(env->size * sizeof(*env->ptr));
} else if (env->size == env->used) { /* we need one extra for the terminating NULL */
env->size += 16;
env->ptr = realloc(env->ptr, env->size * sizeof(*env->ptr));
}
/* terminate */
env->ptr[env->used++] = NULL;
return 0;
}
static int fcgi_spawn_connection(server *srv,
plugin_data *p,
fcgi_extension_host *host,
fcgi_proc *proc) {
int fcgi_fd;
int socket_type, status;
struct timeval tv = { 0, 100 * 1000 };
#ifdef HAVE_SYS_UN_H
struct sockaddr_un fcgi_addr_un;
#endif
struct sockaddr_in fcgi_addr_in;
struct sockaddr *fcgi_addr;
socklen_t servlen;
#ifndef HAVE_FORK
return -1;
#endif
if (p->conf.debug) {
log_error_write(srv, __FILE__, __LINE__, "sdb",
"new proc, socket:", proc->port, proc->unixsocket);
}
if (!buffer_is_empty(proc->unixsocket)) {
memset(&fcgi_addr, 0, sizeof(fcgi_addr));
#ifdef HAVE_SYS_UN_H
fcgi_addr_un.sun_family = AF_UNIX;
strcpy(fcgi_addr_un.sun_path, proc->unixsocket->ptr);
#ifdef SUN_LEN
servlen = SUN_LEN(&fcgi_addr_un);
#else
/* stevens says: */
servlen = proc->unixsocket->used + sizeof(fcgi_addr_un.sun_family);
#endif
socket_type = AF_UNIX;
fcgi_addr = (struct sockaddr *) &fcgi_addr_un;
buffer_copy_string(proc->connection_name, "unix:");
buffer_append_string_buffer(proc->connection_name, proc->unixsocket);
#else
log_error_write(srv, __FILE__, __LINE__, "s",
"ERROR: Unix Domain sockets are not supported.");
return -1;
#endif
} else {
fcgi_addr_in.sin_family = AF_INET;
if (buffer_is_empty(host->host)) {
fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
} else {
struct hostent *he;
/* set a useful default */
fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
if (NULL == (he = gethostbyname(host->host->ptr))) {
log_error_write(srv, __FILE__, __LINE__,
"sdb", "gethostbyname failed: ",
h_errno, host->host);
return -1;
}
if (he->h_addrtype != AF_INET) {
log_error_write(srv, __FILE__, __LINE__, "sd", "addr-type != AF_INET: ", he->h_addrtype);
return -1;
}
if (he->h_length != sizeof(struct in_addr)) {
log_error_write(srv, __FILE__, __LINE__, "sd", "addr-length != sizeof(in_addr): ", he->h_length);
return -1;
}
memcpy(&(fcgi_addr_in.sin_addr.s_addr), he->h_addr_list[0], he->h_length);
}
fcgi_addr_in.sin_port = htons(proc->port);
servlen = sizeof(fcgi_addr_in);
socket_type = AF_INET;
fcgi_addr = (struct sockaddr *) &fcgi_addr_in;
buffer_copy_string(proc->connection_name, "tcp:");
if (!buffer_is_empty(host->host)) {
buffer_append_string_buffer(proc->connection_name, host->host);
} else {
buffer_append_string(proc->connection_name, "localhost");
}
buffer_append_string(proc->connection_name, ":");
buffer_append_long(proc->connection_name, proc->port);
}
if (-1 == (fcgi_fd = socket(socket_type, SOCK_STREAM, 0))) {
log_error_write(srv, __FILE__, __LINE__, "ss",
"failed:", strerror(errno));
return -1;
}
if (-1 == connect(fcgi_fd, fcgi_addr, servlen)) {
/* server is not up, spawn it */
pid_t child;
int val;
if (errno != ENOENT &&
!buffer_is_empty(proc->unixsocket)) {
unlink(proc->unixsocket->ptr);
}
close(fcgi_fd);
/* reopen socket */
if (-1 == (fcgi_fd = socket(socket_type, SOCK_STREAM, 0))) {
log_error_write(srv, __FILE__, __LINE__, "ss",
"socket failed:", strerror(errno));
return -1;
}
val = 1;
if (setsockopt(fcgi_fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)) < 0) {
log_error_write(srv, __FILE__, __LINE__, "ss",
"socketsockopt failed:", strerror(errno));
return -1;
}
/* create socket */
if (-1 == bind(fcgi_fd, fcgi_addr, servlen)) {
log_error_write(srv, __FILE__, __LINE__, "sbs",
"bind failed for:",
proc->connection_name,
strerror(errno));
return -1;
}
if (-1 == listen(fcgi_fd, 1024)) {
log_error_write(srv, __FILE__, __LINE__, "ss",
"listen failed:", strerror(errno));
return -1;
}
#ifdef HAVE_FORK
switch ((child = fork())) {
case 0: {
size_t i = 0;
char *c;
char_array env;
char_array arg;
/* create environment */
env.ptr = NULL;
env.size = 0;
env.used = 0;
arg.ptr = NULL;
arg.size = 0;
arg.used = 0;
if(fcgi_fd != FCGI_LISTENSOCK_FILENO) {
close(FCGI_LISTENSOCK_FILENO);
dup2(fcgi_fd, FCGI_LISTENSOCK_FILENO);
close(fcgi_fd);
}
/* we don't need the client socket */
for (i = 3; i < 256; i++) {
close(i);
}
/* build clean environment */
if (host->bin_env_copy->used) {
for (i = 0; i < host->bin_env_copy->used; i++) {
data_string *ds = (data_string *)host->bin_env_copy->data[i];
char *ge;
if (NULL != (ge = getenv(ds->value->ptr))) {
env_add(&env, CONST_BUF_LEN(ds->value), ge, strlen(ge));
}
}
} else {
for (i = 0; environ[i]; i++) {
char *eq;
if (NULL != (eq = strchr(environ[i], '='))) {
env_add(&env, environ[i], eq - environ[i], eq+1, strlen(eq+1));
}
}
}
/* create environment */
for (i = 0; i < host->bin_env->used; i++) {
data_string *ds = (data_string *)host->bin_env->data[i];
env_add(&env, CONST_BUF_LEN(ds->key), CONST_BUF_LEN(ds->value));
}
for (i = 0; i < env.used; i++) {
/* search for PHP_FCGI_CHILDREN */
if (0 == strncmp(env.ptr[i], "PHP_FCGI_CHILDREN=", sizeof("PHP_FCGI_CHILDREN=") - 1)) break;
}
/* not found, add a default */
if (i == env.used) {
env_add(&env, CONST_STR_LEN("PHP_FCGI_CHILDREN"), CONST_STR_LEN("1"));
}
env.ptr[env.used] = NULL;
parse_binpath(&arg, host->bin_path);
/* chdir into the base of the bin-path,
* search for the last / */
if (NULL != (c = strrchr(arg.ptr[0], '/'))) {
*c = '\0';
/* change to the physical directory */
if (-1 == chdir(arg.ptr[0])) {
*c = '/';
log_error_write(srv, __FILE__, __LINE__, "sss", "chdir failed:", strerror(errno), arg.ptr[0]);
}
*c = '/';
}
/* exec the cgi */
execve(arg.ptr[0], arg.ptr, env.ptr);
log_error_write(srv, __FILE__, __LINE__, "sbs",
"execve failed for:", host->bin_path, strerror(errno));
exit(errno);
break;
}
case -1:
/* error */
break;
default:
/* father */
/* wait */
select(0, NULL, NULL, NULL, &tv);
switch (waitpid(child, &status, WNOHANG)) {
case 0:
/* child still running after timeout, good */
break;
case -1:
/* no PID found ? should never happen */
log_error_write(srv, __FILE__, __LINE__, "ss",
"pid not found:", strerror(errno));
return -1;
default:
log_error_write(srv, __FILE__, __LINE__, "sbs",
"the fastcgi-backend", host->bin_path, "failed to start:");
/* the child should not terminate at all */
if (WIFEXITED(status)) {
log_error_write(srv, __FILE__, __LINE__, "sdb",
"child exited with status",
WEXITSTATUS(status), host->bin_path);
log_error_write(srv, __FILE__, __LINE__, "s",
"If you're trying to run PHP as a FastCGI backend, make sure you're using the FastCGI-enabled version.\n"
"You can find out if it is the right one by executing 'php -v' and it should display '(cgi-fcgi)' "
"in the output, NOT '(cgi)' NOR '(cli)'.\n"
"For more information, check http://trac.lighttpd.net/trac/wiki/Docs%3AModFastCGI#preparing-php-as-a-fastcgi-program"
"If this is PHP on Gentoo, add 'fastcgi' to the USE flags.");
} else if (WIFSIGNALED(status)) {
log_error_write(srv, __FILE__, __LINE__, "sd",
"terminated by signal:",
WTERMSIG(status));
if (WTERMSIG(status) == 11) {
log_error_write(srv, __FILE__, __LINE__, "s",
"to be exact: it segfaulted, crashed, died, ... you get the idea." );
log_error_write(srv, __FILE__, __LINE__, "s",
"If this is PHP, try removing the bytecode caches for now and try again.");
}
} else {
log_error_write(srv, __FILE__, __LINE__, "sd",
"child died somehow:",
status);
}
return -1;
}
/* register process */
proc->pid = child;
proc->last_used = srv->cur_ts;
proc->is_local = 1;
break;
}
#endif
} else {
proc->is_local = 0;
proc->pid = 0;
if (p->conf.debug) {
log_error_write(srv, __FILE__, __LINE__, "sb",
"(debug) socket is already used; won't spawn:",
proc->connection_name);
}
}
proc->state = PROC_STATE_RUNNING;
host->active_procs++;
close(fcgi_fd);
return 0;
}
SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) {
plugin_data *p = p_d;
data_unset *du;
size_t i = 0;
buffer *fcgi_mode = buffer_init();
config_values_t cv[] = {
{ "fastcgi.server", NULL, T_CONFIG_LOCAL, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
{ "fastcgi.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
{ "fastcgi.map-extensions", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
{ NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
};
p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
for (i = 0; i < srv->config_context->used; i++) {
plugin_config *s;
array *ca;
s = malloc(sizeof(plugin_config));
s->exts = fastcgi_extensions_init();
s->debug = 0;
s->ext_mapping = array_init();
cv[0].destination = s->exts;
cv[1].destination = &(s->debug);
cv[2].destination = s->ext_mapping;
p->config_storage[i] = s;
ca = ((data_config *)srv->config_context->data[i])->value;
if (0 != config_insert_values_global(srv, ca, cv)) {
return HANDLER_ERROR;
}
/*
* <key> = ( ... )
*/
if (NULL != (du = array_get_element(ca, "fastcgi.server"))) {
size_t j;
data_array *da = (data_array *)du;
if (du->type != TYPE_ARRAY) {
log_error_write(srv, __FILE__, __LINE__, "sss",
"unexpected type for key: ", "fastcgi.server", "array of strings");
return HANDLER_ERROR;
}
/*
* fastcgi.server = ( "<ext>" => ( ... ),
* "<ext>" => ( ... ) )
*/
for (j = 0; j < da->value->used; j++) {
size_t n;
data_array *da_ext = (data_array *)da->value->data[j];
if (da->value->data[j]->type != TYPE_ARRAY) {
log_error_write(srv, __FILE__, __LINE__, "sssbs",
"unexpected type for key: ", "fastcgi.server",
"[", da->value->data[j]->key, "](string)");
return HANDLER_ERROR;
}
/*
* da_ext->key == name of the extension
*/
/*
* fastcgi.server = ( "<ext>" =>
* ( "<host>" => ( ... ),
* "<host>" => ( ... )
* ),
* "<ext>" => ... )
*/
for (n = 0; n < da_ext->value->used; n++) {
data_array *da_host = (data_array *)da_ext->value->data[n];
fcgi_extension_host *host;
config_values_t fcv[] = {
{ "host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
{ "docroot", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
{ "mode", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
{ "socket", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
{ "bin-path", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 4 */
{ "check-local", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 5 */
{ "port", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 6 */
{ "min-procs-not-working", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 7 this is broken for now */
{ "max-procs", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
{ "max-load-per-proc", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 9 */
{ "idle-timeout", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
{ "disable-time", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
{ "bin-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
{ "bin-copy-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
{ "broken-scriptfilename", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
{ "allow-x-send-file", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
{ "strip-request-uri", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 16 */
{ "kill-signal", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
{ NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
};
if (da_host->type != TYPE_ARRAY) {
log_error_write(srv, __FILE__, __LINE__, "ssSBS",
"unexpected type for key:",
"fastcgi.server",
"[", da_host->key, "](string)");
return HANDLER_ERROR;
}
host = fastcgi_host_init();
buffer_copy_string_buffer(host->id, da_host->key);
host->check_local = 1;
host->min_procs = 4;
host->max_procs = 4;
host->max_load_per_proc = 1;
host->idle_timeout = 60;
host->mode = FCGI_RESPONDER;
host->disable_time = 60;
host->break_scriptfilename_for_php = 0;
host->allow_xsendfile = 0; /* handle X-LIGHTTPD-send-file */
host->kill_signal = SIGTERM;
fcv[0].destination = host->host;
fcv[1].destination = host->docroot;
fcv[2].destination = fcgi_mode;
fcv[3].destination = host->unixsocket;
fcv[4].destination = host->bin_path;
fcv[5].destination = &(host->check_local);
fcv[6].destination = &(host->port);
fcv[7].destination = &(host->min_procs);
fcv[8].destination = &(host->max_procs);
fcv[9].destination = &(host->max_load_per_proc);
fcv[10].destination = &(host->idle_timeout);
fcv[11].destination = &(host->disable_time);
fcv[12].destination = host->bin_env;
fcv[13].destination = host->bin_env_copy;
fcv[14].destination = &(host->break_scriptfilename_for_php);
fcv[15].destination = &(host->allow_xsendfile);
fcv[16].destination = host->strip_request_uri;
fcv[17].destination = &(host->kill_signal);
if (0 != config_insert_values_internal(srv, da_host->value, fcv)) {
return HANDLER_ERROR;
}
if ((!buffer_is_empty(host->host) || host->port) &&
!buffer_is_empty(host->unixsocket)) {
log_error_write(srv, __FILE__, __LINE__, "sbsbsbs",
"either host/port or socket have to be set in:",
da->key, "= (",
da_ext->key, " => (",
da_host->key, " ( ...");
return HANDLER_ERROR;
}
if (!buffer_is_empty(host->unixsocket)) {
/* unix domain socket */
struct sockaddr_un un;
if (host->unixsocket->used > sizeof(un.sun_path) - 2) {
log_error_write(srv, __FILE__, __LINE__, "sbsbsbs",
"unixsocket is too long in:",
da->key, "= (",
da_ext->key, " => (",
da_host->key, " ( ...");
return HANDLER_ERROR;
}
} else {
/* tcp/ip */
if (buffer_is_empty(host->host) &&
buffer_is_empty(host->bin_path)) {
log_error_write(srv, __FILE__, __LINE__, "sbsbsbs",
"host or binpath have to be set in:",
da->key, "= (",
da_ext->key, " => (",
da_host->key, " ( ...");
return HANDLER_ERROR;
} else if (host->port == 0) {
log_error_write(srv, __FILE__, __LINE__, "sbsbsbs",
"port has to be set in:",
da->key, "= (",
da_ext->key, " => (",
da_host->key, " ( ...");
return HANDLER_ERROR;
}
}
if (!buffer_is_empty(host->bin_path)) {
/* a local socket + self spawning */
size_t pno;
/* HACK: just to make sure the adaptive spawing is disabled */
host->min_procs = host->max_procs;
if (host->min_procs > host->max_procs) host->max_procs = host->min_procs;
if (host->max_load_per_proc < 1) host->max_load_per_proc = 0;
if (s->debug) {
log_error_write(srv, __FILE__, __LINE__, "ssbsdsbsdsd",
"--- fastcgi spawning local",
"\n\tproc:", host->bin_path,
"\n\tport:", host->port,
"\n\tsocket", host->unixsocket,
"\n\tmin-procs:", host->min_procs,
"\n\tmax-procs:", host->max_procs);
}
for (pno = 0; pno < host->min_procs; pno++) {
fcgi_proc *proc;
proc = fastcgi_process_init();
proc->id = host->num_procs++;
host->max_id++;
if (buffer_is_empty(host->unixsocket)) {
proc->port = host->port + pno;
} else {
buffer_copy_string_buffer(proc->unixsocket, host->unixsocket);
buffer_append_string(proc->unixsocket, "-");
buffer_append_long(proc->unixsocket, pno);
}
if (s->debug) {
log_error_write(srv, __FILE__, __LINE__, "ssdsbsdsd",
"--- fastcgi spawning",
"\n\tport:", host->port,
"\n\tsocket", host->unixsocket,
"\n\tcurrent:", pno, "/", host->min_procs);
}
if (fcgi_spawn_connection(srv, p, host, proc)) {
log_error_write(srv, __FILE__, __LINE__, "s",
"[ERROR]: spawning fcgi failed.");
return HANDLER_ERROR;
}
fastcgi_status_init(srv, p->statuskey, host, proc);
proc->next = host->first;
if (host->first) host->first->prev = proc;
host->first = proc;
}
} else {
fcgi_proc *proc;
proc = fastcgi_process_init();
proc->id = host->num_procs++;
host->max_id++;
host->active_procs++;
proc->state = PROC_STATE_RUNNING;
if (buffer_is_empty(host->unixsocket)) {
proc->port = host->port;
} else {
buffer_copy_string_buffer(proc->unixsocket, host->unixsocket);
}
fastcgi_status_init(srv, p->statuskey, host, proc);
host->first = proc;
host->min_procs = 1;
host->max_procs = 1;
}
if (!buffer_is_empty(fcgi_mode)) {
if (strcmp(fcgi_mode->ptr, "responder") == 0) {
host->mode = FCGI_RESPONDER;
} else if (strcmp(fcgi_mode->ptr, "authorizer") == 0) {
host->mode = FCGI_AUTHORIZER;
if (buffer_is_empty(host->docroot)) {
log_error_write(srv, __FILE__, __LINE__, "s",
"ERROR: docroot is required for authorizer mode.");
return HANDLER_ERROR;
}
} else {
log_error_write(srv, __FILE__, __LINE__, "sbs",
"WARNING: unknown fastcgi mode:",
fcgi_mode, "(ignored, mode set to responder)");
}
}
/* if extension already exists, take it */
fastcgi_extension_insert(s->exts, da_ext->key, host);
}
}
}
}
buffer_free(fcgi_mode);
return HANDLER_GO_ON;
}
static int fcgi_set_state(server *srv, handler_ctx *hctx, fcgi_connection_state_t state) {
hctx->state = state;
hctx->state_timestamp = srv->cur_ts;
return 0;
}
static size_t fcgi_requestid_new(server *srv, plugin_data *p) {
size_t m = 0;
size_t i;
buffer_uint *r = &(p->fcgi_request_id);
UNUSED(srv);
for (i = 0; i < r->used; i++) {
if (r->ptr[i] > m) m = r->ptr[i];
}
if (r->size == 0) {
r->size = 16;
r->ptr = malloc(sizeof(*r->ptr) * r->size);
} else if (r->used == r->size) {
r->size += 16;
r->ptr = realloc(r->ptr, sizeof(*r->ptr) * r->size);
}
r->ptr[r->used++] = ++m;
return m;
}
static int fcgi_requestid_del(server *srv, plugin_data *p, size_t request_id) {
size_t i;
buffer_uint *r = &(p->fcgi_request_id);
UNUSED(srv);
for (i = 0; i < r->used; i++) {
if (r->ptr[i] == request_id) break;
}
if (i != r->used) {
/* found */
if (i != r->used - 1) {
r->ptr[i] = r->ptr[r->used - 1];
}
r->used--;
}
return 0;
}
void fcgi_connection_close(server *srv, handler_ctx *hctx) {
plugin_data *p;
connection *con;
if (NULL == hctx) return;
p = hctx->plugin_data;
con = hctx->remote_conn;
if (hctx->fd != -1) {
fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
fdevent_unregister(srv->ev, hctx->fd);
close(hctx->fd);
srv->cur_fds--;
}
if (hctx->request_id != 0) {
fcgi_requestid_del(srv, p, hctx->request_id);
}
if (hctx->host && hctx->proc) {
if (hctx->got_proc) {
/* after the connect the process gets a load */
hctx->proc->load--;
status_counter_dec(srv, CONST_STR_LEN("fastcgi.active-requests"));
fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
buffer_append_string(p->statuskey, ".load");
status_counter_set(srv, CONST_BUF_LEN(p->statuskey), hctx->proc->load);
if (p->conf.debug) {
log_error_write(srv, __FILE__, __LINE__, "ssdsbsd",
"released proc:",
"pid:", hctx->proc->pid,
"socket:", hctx->proc->connection_name,
"load:", hctx->proc->load);
}
}
}
handler_ctx_free(hctx);
con->plugin_ctx[p->id] = NULL;
}
static int fcgi_reconnect(server *srv, handler_ctx *hctx) {
plugin_data *p = hctx->plugin_data;
/* child died
*
* 1.
*
* connect was ok, connection was accepted
* but the php accept loop checks after the accept if it should die or not.
*
* if yes we can only detect it at a write()
*
* next step is resetting this attemp and setup a connection again
*
* if we have more than 5 reconnects for the same request, die
*
* 2.
*
* we have a connection but the child died by some other reason
*
*/
if (hctx->fd != -1) {
fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
fdevent_unregister(srv->ev, hctx->fd);
close(hctx->fd);
srv->cur_fds--;
hctx->fd = -1;
}
fcgi_requestid_del(srv, p, hctx->request_id);
fcgi_set_state(srv, hctx, FCGI_STATE_INIT);
hctx->request_id = 0;
hctx->reconnects++;
if (p->conf.debug > 2) {
if (hctx->proc) {
log_error_write(srv, __FILE__, __LINE__, "sdb",
"release proc for reconnect:",
hctx->proc->pid, hctx->proc->connection_name);
} else {
log_error_write(srv, __FILE__, __LINE__, "sb",
"release proc for reconnect:",
hctx->host->unixsocket);
}
}
if (hctx->proc && hctx->got_proc) {
hctx->proc->load--;
}
/* perhaps another host gives us more luck */
hctx->host->load--;
hctx->host = NULL;
return 0;
}
static handler_t fcgi_connection_reset(server *srv, connection *con, void *p_d) {
plugin_data *p = p_d;
fcgi_connection_close(srv, con->plugin_ctx[p->id]);
return HANDLER_GO_ON;
}
static int fcgi_env_add(buffer *env, const char *key, size_t key_len, const char *val, size_t val_len) {
size_t len;
if (!key || !val) return -1;
len = key_len + val_len;
len += key_len > 127 ? 4 : 1;
len += val_len > 127 ? 4 : 1;
if (env->used + len >= FCGI_MAX_LENGTH) {
/**
* we can't append more headers, ignore it
*/
return -1;
}
/**
* field length can be 31bit max
*
* HINT: this can't happen as FCGI_MAX_LENGTH is only 16bit
*/
if (key_len > 0x7fffffff) key_len = 0x7fffffff;
if (val_len > 0x7fffffff) val_len = 0x7fffffff;
buffer_prepare_append(env, len);
if (key_len > 127) {
env->ptr[env->used++] = ((key_len >> 24) & 0xff) | 0x80;
env->ptr[env->used++] = (key_len >> 16) & 0xff;
env->ptr[env->used++] = (key_len >> 8) & 0xff;
env->ptr[env->used++] = (key_len >> 0) & 0xff;
} else {
env->ptr[env->used++] = (key_len >> 0) & 0xff;
}
if (val_len > 127) {
env->ptr[env->used++] = ((val_len >> 24) & 0xff) | 0x80;
env->ptr[env->used++] = (val_len >> 16) & 0xff;
env->ptr[env->used++] = (val_len >> 8) & 0xff;
env->ptr[env->used++] = (val_len >> 0) & 0xff;
} else {
env->ptr[env->used++] = (val_len >> 0) & 0xff;
}
memcpy(env->ptr + env->used, key, key_len);
env->used += key_len;
memcpy(env->ptr + env->used, val, val_len);
env->used += val_len;
return 0;
}
static int fcgi_header(FCGI_Header * header, unsigned char type, size_t request_id, int contentLength, unsigned char paddingLength) {
assert(contentLength <= FCGI_MAX_LENGTH);
header->version = FCGI_VERSION_1;
header->type = type;
header->requestIdB0 = request_id & 0xff;
header->requestIdB1 = (request_id >> 8) & 0xff;
header->contentLengthB0 = contentLength & 0xff;
header->contentLengthB1 = (contentLength >> 8) & 0xff;
header->paddingLength = paddingLength;
header->reserved = 0;
return 0;
}
/**
*
* returns
* -1 error
* 0 connected
* 1 not connected yet
*/
typedef enum {
CONNECTION_UNSET,
CONNECTION_OK,
CONNECTION_DELAYED, /* retry after event, take same host */
CONNECTION_OVERLOADED, /* disable for 1 second, take another backend */
CONNECTION_DEAD /* disable for 60 seconds, take another backend */
} connection_result_t;
static connection_result_t fcgi_establish_connection(server *srv, handler_ctx *hctx) {
struct sockaddr *fcgi_addr;
struct sockaddr_in fcgi_addr_in;
#ifdef HAVE_SYS_UN_H
struct sockaddr_un fcgi_addr_un;
#endif
socklen_t servlen;
fcgi_extension_host *host = hctx->host;
fcgi_proc *proc = hctx->proc;
int fcgi_fd = hctx->fd;
memset(&fcgi_addr, 0, sizeof(fcgi_addr));
if (!buffer_is_empty(proc->unixsocket)) {
#ifdef HAVE_SYS_UN_H
/* use the unix domain socket */
fcgi_addr_un.sun_family = AF_UNIX;
strcpy(fcgi_addr_un.sun_path, proc->unixsocket->ptr);
#ifdef SUN_LEN
servlen = SUN_LEN(&fcgi_addr_un);
#else
/* stevens says: */
servlen = proc->unixsocket->used + sizeof(fcgi_addr_un.sun_family);
#endif
fcgi_addr = (struct sockaddr *) &fcgi_addr_un;
if (buffer_is_empty(proc->connection_name)) {
/* on remote spawing we have to set the connection-name now */
buffer_copy_string(proc->connection_name, "unix:");
buffer_append_string_buffer(proc->connection_name, proc->unixsocket);
}
#else
return -1;
#endif
} else {
fcgi_addr_in.sin_family = AF_INET;
if (!buffer_is_empty(host->host)) {
if (0 == inet_aton(host->host->ptr, &(fcgi_addr_in.sin_addr))) {
log_error_write(srv, __FILE__, __LINE__, "sbs",
"converting IP address failed for", host->host,
"\nBe sure to specify an IP address here");
return -1;
}
} else {
fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
}
fcgi_addr_in.sin_port = htons(proc->port);
servlen = sizeof(fcgi_addr_in);
fcgi_addr = (struct sockaddr *) &fcgi_addr_in;
if (buffer_is_empty(proc->connection_name)) {
/* on remote spawing we have to set the connection-name now */
buffer_copy_string(proc->connection_name, "tcp:");
if (!buffer_is_empty(host->host)) {
buffer_append_string_buffer(proc->connection_name, host->host);
} else {
buffer_append_string(proc->connection_name, "localhost");
}
buffer_append_string(proc->connection_name, ":");
buffer_append_long(proc->connection_name, proc->port);
}
}
if (-1 == connect(fcgi_fd, fcgi_addr, servlen)) {
if (errno == EINPROGRESS ||
errno == EALREADY ||
errno == EINTR) {
if (hctx->conf.debug > 2) {
log_error_write(srv, __FILE__, __LINE__, "sb",
"connect delayed; will continue later:", proc->connection_name);
}
return CONNECTION_DELAYED;
} else if (errno == EAGAIN) {
if (hctx->conf.debug) {
log_error_write(srv, __FILE__, __LINE__, "sbsd",
"This means that you have more incoming requests than your FastCGI backend can handle in parallel."
"It might help to spawn more FastCGI backends or PHP children; if not, decrease server.max-connections."
"The load for this FastCGI backend", proc->connection_name, "is", proc->load);
}
return CONNECTION_OVERLOADED;
} else {
log_error_write(srv, __FILE__, __LINE__, "sssb",
"connect failed:",
strerror(errno), "on",
proc->connection_name);
return CONNECTION_DEAD;
}
}
hctx->reconnects = 0;
if (hctx->conf.debug > 1) {
log_error_write(srv, __FILE__, __LINE__, "sd",
"connect succeeded: ", fcgi_fd);
}
return CONNECTION_OK;
}
static int fcgi_env_add_request_headers(server *srv, connection *con, plugin_data *p) {
size_t i;
for (i = 0; i < con->request.headers->used; i++) {
data_string *ds;
ds = (data_string *)con->request.headers->data[i];
if (ds->value->used && ds->key->used) {
size_t j;
buffer_reset(srv->tmp_buf);
if (0 != strcasecmp(ds->key->ptr, "CONTENT-TYPE")) {
BUFFER_COPY_STRING_CONST(srv->tmp_buf, "HTTP_");
srv->tmp_buf->used--;
}
buffer_prepare_append(srv->tmp_buf, ds->key->used + 2);
for (j = 0; j < ds->key->used - 1; j++) {
char c = '_';
if (light_isalpha(ds->key->ptr[j])) {
/* upper-case */
c = ds->key->ptr[j] & ~32;
} else if (light_isdigit(ds->key->ptr[j])) {
/* copy */
c = ds->key->ptr[j];
}
srv->tmp_buf->ptr[srv->tmp_buf->used++] = c;
}
srv->tmp_buf->ptr[srv->tmp_buf->used++] = '\0';
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_BUF_LEN(srv->tmp_buf), CONST_BUF_LEN(ds->value)),con);
}
}
for (i = 0; i < con->environment->used; i++) {
data_string *ds;
ds = (data_string *)con->environment->data[i];
if (ds->value->used && ds->key->used) {
size_t j;
buffer_reset(srv->tmp_buf);
buffer_prepare_append(srv->tmp_buf, ds->key->used + 2);
for (j = 0; j < ds->key->used - 1; j++) {
char c = '_';
if (light_isalpha(ds->key->ptr[j])) {
/* upper-case */
c = ds->key->ptr[j] & ~32;
} else if (light_isdigit(ds->key->ptr[j])) {
/* copy */
c = ds->key->ptr[j];
}
srv->tmp_buf->ptr[srv->tmp_buf->used++] = c;
}
srv->tmp_buf->ptr[srv->tmp_buf->used++] = '\0';
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_BUF_LEN(srv->tmp_buf), CONST_BUF_LEN(ds->value)), con);
}
}
return 0;
}
static int fcgi_create_env(server *srv, handler_ctx *hctx, size_t request_id) {
FCGI_BeginRequestRecord beginRecord;
FCGI_Header header;
buffer *b;
char buf[32];
const char *s;
#ifdef HAVE_IPV6
char b2[INET6_ADDRSTRLEN + 1];
#endif
plugin_data *p = hctx->plugin_data;
fcgi_extension_host *host= hctx->host;
connection *con = hctx->remote_conn;
server_socket *srv_sock = con->srv_socket;
sock_addr our_addr;
socklen_t our_addr_len;
/* send FCGI_BEGIN_REQUEST */
fcgi_header(&(beginRecord.header), FCGI_BEGIN_REQUEST, request_id, sizeof(beginRecord.body), 0);
beginRecord.body.roleB0 = host->mode;
beginRecord.body.roleB1 = 0;
beginRecord.body.flags = 0;
memset(beginRecord.body.reserved, 0, sizeof(beginRecord.body.reserved));
b = chunkqueue_get_append_buffer(hctx->wb);
buffer_copy_memory(b, (const char *)&beginRecord, sizeof(beginRecord));
/* send FCGI_PARAMS */
buffer_prepare_copy(p->fcgi_env, 1024);
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SERVER_SOFTWARE"), CONST_STR_LEN(PACKAGE_NAME"/"PACKAGE_VERSION)),con)
if (con->server_name->used) {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SERVER_NAME"), CONST_BUF_LEN(con->server_name)),con)
} else {
#ifdef HAVE_IPV6
s = inet_ntop(srv_sock->addr.plain.sa_family,
srv_sock->addr.plain.sa_family == AF_INET6 ?
(const void *) &(srv_sock->addr.ipv6.sin6_addr) :
(const void *) &(srv_sock->addr.ipv4.sin_addr),
b2, sizeof(b2)-1);
#else
s = inet_ntoa(srv_sock->addr.ipv4.sin_addr);
#endif
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SERVER_NAME"), s, strlen(s)),con)
}
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("GATEWAY_INTERFACE"), CONST_STR_LEN("CGI/1.1")),con)
LI_ltostr(buf,
#ifdef HAVE_IPV6
ntohs(srv_sock->addr.plain.sa_family ? srv_sock->addr.ipv6.sin6_port : srv_sock->addr.ipv4.sin_port)
#else
ntohs(srv_sock->addr.ipv4.sin_port)
#endif
);
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SERVER_PORT"), buf, strlen(buf)),con)
/* get the server-side of the connection to the client */
our_addr_len = sizeof(our_addr);
if (-1 == getsockname(con->fd, &(our_addr.plain), &our_addr_len)) {
s = inet_ntop_cache_get_ip(srv, &(srv_sock->addr));
} else {
s = inet_ntop_cache_get_ip(srv, &(our_addr));
}
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SERVER_ADDR"), s, strlen(s)),con)
LI_ltostr(buf,
#ifdef HAVE_IPV6
ntohs(con->dst_addr.plain.sa_family ? con->dst_addr.ipv6.sin6_port : con->dst_addr.ipv4.sin_port)
#else
ntohs(con->dst_addr.ipv4.sin_port)
#endif
);
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_PORT"), buf, strlen(buf)),con)
s = inet_ntop_cache_get_ip(srv, &(con->dst_addr));
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s)),con)
if (!buffer_is_empty(con->authed_user)) {
/* AUTH_TYPE fix by Troy Kruthoff (tkruthoff@gmail.com)
* section 4.1.1 of RFC 3875 (cgi spec) requires the server to set a AUTH_TYPE env
* declaring the type of authentication used. (see http://tools.ietf.org/html/rfc3875#page-11)
*
* I copied this code from mod_auth.c where it extracts auth info from the "Authorization"
* header to authenticate the user before allowing the request to proceed. I'm guessing it makes
* sense to re-parse the header here, as mod_auth is unaware if the request is headed for cgi/fcgi.
* Someone more familiar with the lighty internals should be able to quickly determine if we are
* better storing AUTH_TYPE on the initial parse in mod_auth.
*/
char *http_authorization = NULL;
data_string *ds;
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user)),con)
if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Authorization"))) {
http_authorization = ds->value->ptr;
}
if (ds && ds->value && ds->value->used) {
char *auth_realm;
if (NULL != (auth_realm = strchr(http_authorization, ' '))) {
int auth_type_len = auth_realm - http_authorization;
if ((auth_type_len == 5) && (0 == strncmp(http_authorization, "Basic", auth_type_len))) {
fcgi_env_add(p->fcgi_env, CONST_STR_LEN("AUTH_TYPE"), CONST_STR_LEN("Basic"));
} else if ((auth_type_len == 6) && (0 == strncmp(http_authorization, "Digest", auth_type_len))) {
fcgi_env_add(p->fcgi_env, CONST_STR_LEN("AUTH_TYPE"), CONST_STR_LEN("Digest"));
}
}
}
}
if (con->request.content_length > 0 && host->mode != FCGI_AUTHORIZER) {
/* CGI-SPEC 6.1.2 and FastCGI spec 6.3 */
/* request.content_length < SSIZE_MAX, see request.c */
LI_ltostr(buf, con->request.content_length);
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("CONTENT_LENGTH"), buf, strlen(buf)),con)
}
if (host->mode != FCGI_AUTHORIZER) {
/*
* SCRIPT_NAME, PATH_INFO and PATH_TRANSLATED according to
* http://cgi-spec.golux.com/draft-coar-cgi-v11-03-clean.html
* (6.1.14, 6.1.6, 6.1.7)
* For AUTHORIZER mode these headers should be omitted.
*/
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SCRIPT_NAME"), CONST_BUF_LEN(con->uri.path)),con)
if (!buffer_is_empty(con->request.pathinfo)) {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("PATH_INFO"), CONST_BUF_LEN(con->request.pathinfo)),con)
/* PATH_TRANSLATED is only defined if PATH_INFO is set */
if (!buffer_is_empty(host->docroot)) {
buffer_copy_string_buffer(p->path, host->docroot);
} else {
buffer_copy_string_buffer(p->path, con->physical.doc_root);
}
buffer_append_string_buffer(p->path, con->request.pathinfo);
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("PATH_TRANSLATED"), CONST_BUF_LEN(p->path)),con)
} else {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("PATH_INFO"), CONST_STR_LEN("")),con)
}
}
/*
* SCRIPT_FILENAME and DOCUMENT_ROOT for php. The PHP manual
* http://www.php.net/manual/en/reserved.variables.php
* treatment of PATH_TRANSLATED is different from the one of CGI specs.
* TODO: this code should be checked against cgi.fix_pathinfo php
* parameter.
*/
if (!buffer_is_empty(host->docroot)) {
/*
* rewrite SCRIPT_FILENAME
*
*/
buffer_copy_string_buffer(p->path, host->docroot);
buffer_append_string_buffer(p->path, con->uri.path);
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SCRIPT_FILENAME"), CONST_BUF_LEN(p->path)),con)
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("DOCUMENT_ROOT"), CONST_BUF_LEN(host->docroot)),con)
} else {
buffer_copy_string_buffer(p->path, con->physical.path);
/* cgi.fix_pathinfo need a broken SCRIPT_FILENAME to find out what PATH_INFO is itself
*
* see src/sapi/cgi_main.c, init_request_info()
*/
if (host->break_scriptfilename_for_php) {
buffer_append_string_buffer(p->path, con->request.pathinfo);
}
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SCRIPT_FILENAME"), CONST_BUF_LEN(p->path)),con)
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("DOCUMENT_ROOT"), CONST_BUF_LEN(con->physical.doc_root)),con)
}
if (host->strip_request_uri->used > 1) {
/* we need at least one char to strip off */
/**
* /app1/index/list
*
* stripping /app1 or /app1/ should lead to
*
* /index/list
*
*/
if ('/' != host->strip_request_uri->ptr[host->strip_request_uri->used - 2]) {
/* fix the user-input to have / as last char */
buffer_append_string(host->strip_request_uri, "/");
}
if (con->request.orig_uri->used >= host->strip_request_uri->used &&
0 == strncmp(con->request.orig_uri->ptr, host->strip_request_uri->ptr, host->strip_request_uri->used - 1)) {
/* the left is the same */
fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REQUEST_URI"),
con->request.orig_uri->ptr + (host->strip_request_uri->used - 2),
con->request.orig_uri->used - (host->strip_request_uri->used - 2));
} else {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REQUEST_URI"), CONST_BUF_LEN(con->request.orig_uri)),con)
}
} else {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REQUEST_URI"), CONST_BUF_LEN(con->request.orig_uri)),con)
}
if (!buffer_is_equal(con->request.uri, con->request.orig_uri)) {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REDIRECT_URI"), CONST_BUF_LEN(con->request.uri)),con)
}
if (!buffer_is_empty(con->uri.query)) {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("QUERY_STRING"), CONST_BUF_LEN(con->uri.query)),con)
} else {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("QUERY_STRING"), CONST_STR_LEN("")),con)
}
s = get_http_method_name(con->request.http_method);
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REQUEST_METHOD"), s, strlen(s)),con)
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REDIRECT_STATUS"), CONST_STR_LEN("200")),con) /* if php is compiled with --force-redirect */
s = get_http_version_name(con->request.http_version);
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SERVER_PROTOCOL"), s, strlen(s)),con)
if (srv_sock->is_ssl || srv_sock->is_proxy_ssl) {
FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("HTTPS"), CONST_STR_LEN("on")),con)
}
FCGI_ENV_ADD_CHECK(fcgi_env_add_request_headers(srv, con, p), con);
fcgi_header(&(header), FCGI_PARAMS, request_id, p->fcgi_env->used, 0);
buffer_append_memory(b, (const char *)&header, sizeof(header));
buffer_append_memory(b, (const char *)p->fcgi_env->ptr, p->fcgi_env->used);
fcgi_header(&(header), FCGI_PARAMS, request_id, 0, 0);
buffer_append_memory(b, (const char *)&header, sizeof(header));
b->used++; /* add virtual \0 */
hctx->wb->bytes_in += b->used - 1;
if (con->request.content_length) {
chunkqueue *req_cq = con->request_content_queue;
chunk *req_c;
off_t offset;
/* something to send ? */
for (offset = 0, req_c = req_cq->first; offset != req_cq->bytes_in; ) {
off_t weWant = req_cq->bytes_in - offset > FCGI_MAX_LENGTH ? FCGI_MAX_LENGTH : req_cq->bytes_in - offset;
off_t written = 0;
off_t weHave = 0;
/* we announce toWrite octets
* now take all the request_content chunks that we need to fill this request
* */
b = chunkqueue_get_append_buffer(hctx->wb);
fcgi_header(&(header), FCGI_STDIN, request_id, weWant, 0);
buffer_copy_memory(b, (const char *)&header, sizeof(header));
hctx->wb->bytes_in += sizeof(header);
if (p->conf.debug > 10) {
fprintf(stderr, "%s.%d: tosend: %lld / %lld\n", __FILE__, __LINE__, offset, req_cq->bytes_in);
}
for (written = 0; written != weWant; ) {
if (p->conf.debug > 10) {
fprintf(stderr, "%s.%d: chunk: %lld / %lld\n", __FILE__, __LINE__, written, weWant);
}
switch (req_c->type) {
case FILE_CHUNK:
weHave = req_c->file.length - req_c->offset;
if (weHave > weWant - written) weHave = weWant - written;
if (p->conf.debug > 10) {
fprintf(stderr, "%s.%d: sending %lld bytes from (%lld / %lld) %s\n",
__FILE__, __LINE__,
weHave,
req_c->offset,
req_c->file.length,
req_c->file.name->ptr);
}
assert(weHave != 0);
chunkqueue_append_file(hctx->wb, req_c->file.name, req_c->offset, weHave);
req_c->offset += weHave;
req_cq->bytes_out += weHave;
written += weHave;
hctx->wb->bytes_in += weHave;
/* steal the tempfile
*
* This is tricky:
* - we reference the tempfile from the request-content-queue several times
* if the req_c is larger than FCGI_MAX_LENGTH
* - we can't simply cleanup the request-content-queue as soon as possible
* as it would remove the tempfiles
* - the idea is to 'steal' the tempfiles and attach the is_temp flag to the last
* referencing chunk of the fastcgi-write-queue
*
* */
if (req_c->offset == req_c->file.length) {
chunk *c;
if (p->conf.debug > 10) {
fprintf(stderr, "%s.%d: next chunk\n", __FILE__, __LINE__);
}
c = hctx->wb->last;
assert(c->type == FILE_CHUNK);
assert(req_c->file.is_temp == 1);
c->file.is_temp = 1;
req_c->file.is_temp = 0;
chunkqueue_remove_finished_chunks(req_cq);
req_c = req_cq->first;
}
break;
case MEM_CHUNK:
/* append to the buffer */
weHave = req_c->mem->used - 1 - req_c->offset;
if (weHave > weWant - written) weHave = weWant - written;
buffer_append_memory(b, req_c->mem->ptr + req_c->offset, weHave);
req_c->offset += weHave;
req_cq->bytes_out += weHave;
written += weHave;
hctx->wb->bytes_in += weHave;
if (req_c->offset == req_c->mem->used - 1) {
chunkqueue_remove_finished_chunks(req_cq);
req_c = req_cq->first;
}
break;
default:
break;
}
}
b->used++; /* add virtual \0 */
offset += weWant;
}
}
b = chunkqueue_get_append_buffer(hctx->wb);
/* terminate STDIN */
fcgi_header(&(header), FCGI_STDIN, request_id, 0, 0);
buffer_copy_memory(b, (const char *)&header, sizeof(header));
b->used++; /* add virtual \0 */
hctx->wb->bytes_in += sizeof(header);
#if 0
for (i = 0; i < hctx->write_buffer->used; i++) {
fprintf(stderr, "%02x ", hctx->write_buffer->ptr[i]);
if ((i+1) % 16 == 0) {
size_t j;
for (j = i-15; j <= i; j++) {
fprintf(stderr, "%c",
isprint((unsigned char)hctx->write_buffer->ptr[j]) ? hctx->write_buffer->ptr[j] : '.');
}
fprintf(stderr, "\n");
}
}
#endif
return 0;
}
static int fcgi_response_parse(server *srv, connection *con, plugin_data *p, buffer *in) {
char *s, *ns;
handler_ctx *hctx = con->plugin_ctx[p->id];
fcgi_extension_host *host= hctx->host;
UNUSED(srv);
buffer_copy_string_buffer(p->parse_response, in);
/* search for \n */
for (s = p->parse_response->ptr; NULL != (ns = strchr(s, '\n')); s = ns + 1) {
char *key, *value;
int key_len;
data_string *ds;
/* a good day. Someone has read the specs and is sending a \r\n to us */
if (ns > p->parse_response->ptr &&
*(ns-1) == '\r') {
*(ns-1) = '\0';
}
ns[0] = '\0';
key = s;
if (NULL == (value = strchr(s, ':'))) {
/* we expect: "<key>: <value>\n" */
continue;
}
key_len = value - key;
value++;
/* strip WS */
while (*value == ' ' || *value == '\t') value++;
if (host->mode != FCGI_AUTHORIZER ||
!(con->http_status == 0 ||
con->http_status == 200)) {
/* authorizers shouldn't affect the response headers sent back to the client */
/* don't forward Status: */
if (0 != strncasecmp(key, "Status", key_len)) {
if (NULL == (ds = (data_string *)array_get_unused_element(con->response.headers, TYPE_STRING))) {
ds = data_response_init();
}
buffer_copy_string_len(ds->key, key, key_len);
buffer_copy_string(ds->value, value);
array_insert_unique(con->response.headers, (data_unset *)ds);
}
}
switch(key_len) {
case 4:
if (0 == strncasecmp(key, "Date", key_len)) {
con->parsed_response |= HTTP_DATE;
}
break;
case 6:
if (0 == strncasecmp(key, "Status", key_len)) {
con->http_status = strtol(value, NULL, 10);
con->parsed_response |= HTTP_STATUS;
}
break;
case 8:
if (0 == strncasecmp(key, "Location", key_len)) {
con->parsed_response |= HTTP_LOCATION;
}
break;
case 10:
if (0 == strncasecmp(key, "Connection", key_len)) {
con->response.keep_alive = (0 == strcasecmp(value, "Keep-Alive")) ? 1 : 0;
con->parsed_response |= HTTP_CONNECTION;
}
break;
case 14:
if (0 == strncasecmp(key, "Content-Length", key_len)) {
con->response.content_length = strtol(value, NULL, 10);
con->parsed_response |= HTTP_CONTENT_LENGTH;
if (con->response.content_length < 0) con->response.content_length = 0;
}
break;
default:
break;
}
}
/* CGI/1.1 rev 03 - 7.2.1.2 */
if ((con->parsed_response & HTTP_LOCATION) &&
!(con->parsed_response & HTTP_STATUS)) {
con->http_status = 302;
}
return 0;
}
typedef struct {
buffer *b;
size_t len;
int type;
int padding;
size_t request_id;
} fastcgi_response_packet;
static int fastcgi_get_packet(server *srv, handler_ctx *hctx, fastcgi_response_packet *packet) {
chunk * c;
size_t offset = 0;
size_t toread = 0;
FCGI_Header *header;
if (!hctx->rb->first) return -1;
packet->b = buffer_init();
packet->len = 0;
packet->type = 0;
packet->padding = 0;
packet->request_id = 0;
/* get at least the FastCGI header */
for (c = hctx->rb->first; c; c = c->next) {
if (packet->b->used == 0) {
buffer_copy_string_len(packet->b, c->mem->ptr + c->offset, c->mem->used - c->