Newer
Older
// Copyright (c) 2004-2013 Sergey Lyubka <valenok@gmail.com>
// Copyright (c) 2013 Cesanta Software Limited
// All rights reserved
//
// This library is dual-licensed: you can redistribute it and/or modify
// it under the terms of the GNU General Public License version 2 as
// published by the Free Software Foundation. For the terms of this
// license, see <http://www.gnu.org/licenses/>.
//
// You are free to use this library under the terms of the GNU General
// Public License, but WITHOUT ANY WARRANTY; without even the implied
// warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU General Public License for more details.
//
// Alternatively, you can license this library under a commercial
// license, as set out in <http://cesanta.com/products.html>.
#undef _UNICODE // Use multibyte encoding on Windows
#define _MBCS // Use multibyte encoding on Windows
#define _INTEGRAL_MAX_BITS 64 // Enable _stati64() on Windows
#define _CRT_SECURE_NO_WARNINGS // Disable deprecation warning in VS2005+
#undef WIN32_LEAN_AND_MEAN // Let windows.h always include winsock2.h
#define _XOPEN_SOURCE 600 // For flockfile() on Linux
#define __STDC_FORMAT_MACROS // <inttypes.h> wants this for C++
#define __STDC_LIMIT_MACROS // C++ wants that for INT64_MAX
#define _LARGEFILE_SOURCE // Enable fseeko() and ftello() functions
#define _FILE_OFFSET_BITS 64 // Enable 64-bit file offsets
#ifdef _MSC_VER
#pragma warning (disable : 4127) // FD_SET() emits warning, disable it
#pragma warning (disable : 4204) // missing c99 support
#endif
#include <sys/types.h>
#include <sys/stat.h>
#include <stddef.h>
#include <stdio.h>
#include <fcntl.h>
#include <assert.h>
#include <errno.h>
#include <time.h>
#include <process.h> // For _beginthread
#include <io.h> // For _lseeki64
#include <direct.h> // For _mkdir
typedef int socklen_t;
typedef int pid_t;
typedef SOCKET sock_t;
typedef unsigned char uint8_t;
typedef unsigned int uint32_t;
typedef unsigned short uint16_t;
typedef unsigned __int64 uint64_t;
typedef __int64 int64_t;
typedef CRITICAL_SECTION mutex_t;
typedef struct _stati64 file_stat_t;
#pragma comment(lib, "ws2_32.lib")
#define snprintf _snprintf
#define vsnprintf _vsnprintf
#define INT64_FMT "I64d"
#define mutex_init(x) InitializeCriticalSection(x)
#define mutex_destroy(x) DeleteCriticalSection(x)
#define mutex_lock(x) EnterCriticalSection(x)
#define mutex_unlock(x) LeaveCriticalSection(x)
#define S_ISDIR(x) ((x) & _S_IFDIR)
#define sleep(x) Sleep((x) * 1000)
#define stat(x, y) _stati64((x), (y))
#define lseek(x, y, z) _lseeki64((x), (y), (z))
#define mkdir(x, y) _mkdir(x)
#define to64(x) _atoi64(x)
#ifndef va_copy
#define va_copy(x,y) x = y
#endif // MINGW #defines va_copy
#ifndef __func__
#define STRX(x) #x
#define STR(x) STRX(x)
#define __func__ __FILE__ ":" STR(__LINE__)
#include <signal.h>
#include <arpa/inet.h> // For inet_pton() when USE_IPV6 is defined
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/select.h>
#define closesocket(x) close(x)
typedef int sock_t;
typedef pthread_mutex_t mutex_t;
typedef struct stat file_stat_t;
#define mutex_init(x) pthread_mutex_init(x, NULL)
#define mutex_destroy(x) pthread_mutex_destroy(x)
#define mutex_lock(x) pthread_mutex_lock(x)
#define mutex_unlock(x) pthread_mutex_unlock(x)
#define INVALID_SOCKET ((sock_t) -1)
#define to64(x) strtoll(x, NULL, 10)
#define __cdecl
#define O_BINARY 0
#endif
#ifdef USE_SSL
// Following define gets rid of openssl deprecation messages
#define MAC_OS_X_VERSION_MIN_REQUIRED MAC_OS_X_VERSION_10_6
#include <openssl/ssl.h>
#endif
struct linked_list_link { struct linked_list_link *prev, *next; };
#define LINKED_LIST_INIT(N) ((N)->next = (N)->prev = (N))
#define LINKED_LIST_DECLARE_AND_INIT(H) struct linked_list_link H = { &H, &H }
#define LINKED_LIST_ENTRY(P,T,N) ((T *)((char *)(P) - offsetof(T, N)))
#define LINKED_LIST_IS_EMPTY(N) ((N)->next == (N))
#define LINKED_LIST_FOREACH(H,N,T) \
for (N = (H)->next, T = (N)->next; N != (H); N = (T), T = (N)->next)
#define LINKED_LIST_ADD_TO_FRONT(H,N) do { ((H)->next)->prev = (N); \
(N)->next = ((H)->next); (N)->prev = (H); (H)->next = (N); } while (0)
#define LINKED_LIST_ADD_TO_TAIL(H,N) do { ((H)->prev)->next = (N); \
(N)->prev = ((H)->prev); (N)->next = (H); (H)->prev = (N); } while (0)
#define LINKED_LIST_REMOVE(N) do { ((N)->next)->prev = ((N)->prev); \
((N)->prev)->next = ((N)->next); LINKED_LIST_INIT(N); } while (0)
#define ARRAY_SIZE(array) (sizeof(array) / sizeof(array[0]))
#define MAX_REQUEST_SIZE 16384
#define IOBUF_SIZE 8192
#define MAX_PATH_SIZE 8192
#define CGI_ENVIRONMENT_SIZE 4096
#define MAX_CGI_ENVIR_VARS 64
#define ENV_EXPORT_TO_CGI "MONGOOSE_CGI"
#define PASSWORDS_FILE_NAME ".htpasswd"
#ifndef WEBSOCKET_PING_INTERVAL_SECONDS
#define WEBSOCKET_PING_INTERVAL_SECONDS 5
#endif
// Extra HTTP headers to send in every static file reply
#if !defined(EXTRA_HTTP_HEADERS)
#define EXTRA_HTTP_HEADERS ""
#endif
#ifdef ENABLE_DBG
#define DBG(x) do { printf("%-20s ", __func__); printf x; putchar('\n'); \
fflush(stdout); } while(0)
struct sockaddr sa;
struct sockaddr_in sin;
struct sockaddr_in6 sin6;
#endif
};
struct vec {
const char *ptr;
struct uri_handler {
struct linked_list_link link;
char *uri;
mg_handler_t handler;
// For directory listing and WevDAV support
struct dir_entry {
struct connection *conn;
char *file_name;
file_stat_t st;
};
// NOTE(lsm): this enum shoulds be in sync with the config_options.
enum {
ACCESS_CONTROL_LIST, ACCESS_LOG_FILE, AUTH_DOMAIN, CGI_INTERPRETER,
CGI_PATTERN, DOCUMENT_ROOT, ENABLE_DIRECTORY_LISTING, ERROR_LOG_FILE,
EXTRA_MIME_TYPES, GLOBAL_AUTH_FILE, HIDE_FILES_PATTERN, IDLE_TIMEOUT_MS,
INDEX_FILES, LISTENING_PORT, DAV_AUTH_FILE,
RUN_AS_USER, SSL_CERTIFICATE, URL_REWRITES, NUM_OPTIONS
struct mg_server {
sock_t listening_sock;
union socket_address lsa; // Listening socket address
struct linked_list_link active_connections;
struct linked_list_link uri_handlers;
char *config_options[NUM_OPTIONS];
void *server_data;
void *ssl_ctx; // SSL context
sock_t ctl[2]; // Control socketpair. Used to wake up from select() call
// Expandable IO buffer
struct iobuf {
char *buf; // Buffer that holds the data
int size; // Buffer size
int len; // Number of bytes currently in a buffer
// Local endpoint representation
union endpoint {
int fd; // Opened regular local file
sock_t cgi_sock; // CGI socket
void *ssl; // SSL descriptor
struct uri_handler *uh; // URI handler user function
enum endpoint_type { EP_NONE, EP_FILE, EP_CGI, EP_USER, EP_PUT };
enum connection_flags {
CONN_CLOSE = 1, CONN_SPOOL_DONE = 2, CONN_SSL_HANDS_SHAKEN = 4
};
struct connection {
struct mg_connection mg_conn; // XXX: Must be first
struct linked_list_link link; // Linkage to server->active_connections
struct mg_server *server;
sock_t client_sock; // Connected client
struct iobuf local_iobuf;
struct iobuf remote_iobuf;
union endpoint endpoint;
enum endpoint_type endpoint_type;
time_t birth_time;
time_t last_activity_time;
char *path_info;
char *request;
int64_t num_bytes_sent; // Total number of bytes sent
int64_t cl; // Reply content length, for Range support
int request_len; // Request length, including last \r\n after last header
int flags; // CONN_* flags: CONN_CLOSE, CONN_SPOOL_DONE, etc
mutex_t mutex; // Guards concurrent mg_write() calls
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
};
static void close_local_endpoint(struct connection *conn);
static const struct {
const char *extension;
size_t ext_len;
const char *mime_type;
} static_builtin_mime_types[] = {
{".html", 5, "text/html"},
{".htm", 4, "text/html"},
{".shtm", 5, "text/html"},
{".shtml", 6, "text/html"},
{".css", 4, "text/css"},
{".js", 3, "application/x-javascript"},
{".ico", 4, "image/x-icon"},
{".gif", 4, "image/gif"},
{".jpg", 4, "image/jpeg"},
{".jpeg", 5, "image/jpeg"},
{".png", 4, "image/png"},
{".svg", 4, "image/svg+xml"},
{".txt", 4, "text/plain"},
{".torrent", 8, "application/x-bittorrent"},
{".wav", 4, "audio/x-wav"},
{".mp3", 4, "audio/x-mp3"},
{".mid", 4, "audio/mid"},
{".m3u", 4, "audio/x-mpegurl"},
{".ogg", 4, "application/ogg"},
{".ram", 4, "audio/x-pn-realaudio"},
{".xml", 4, "text/xml"},
{".json", 5, "text/json"},
{".xslt", 5, "application/xml"},
{".xsl", 4, "application/xml"},
{".ra", 3, "audio/x-pn-realaudio"},
{".doc", 4, "application/msword"},
{".exe", 4, "application/octet-stream"},
{".zip", 4, "application/x-zip-compressed"},
{".xls", 4, "application/excel"},
{".tgz", 4, "application/x-tar-gz"},
{".tar", 4, "application/x-tar"},
{".gz", 3, "application/x-gunzip"},
{".arj", 4, "application/x-arj-compressed"},
{".rar", 4, "application/x-arj-compressed"},
{".rtf", 4, "application/rtf"},
{".pdf", 4, "application/pdf"},
{".swf", 4, "application/x-shockwave-flash"},
{".mpg", 4, "video/mpeg"},
{".webm", 5, "video/webm"},
{".mpeg", 5, "video/mpeg"},
{".mov", 4, "video/quicktime"},
{".mp4", 4, "video/mp4"},
{".m4v", 4, "video/x-m4v"},
{".asf", 4, "video/x-ms-asf"},
{".avi", 4, "video/x-msvideo"},
{".bmp", 4, "image/bmp"},
{".ttf", 4, "application/x-font-ttf"},
{NULL, 0, NULL}
};
static const char *static_config_options[] = {
"access_control_list", NULL,
"access_log_file", NULL,
"auth_domain", "mydomain.com",
"cgi_interpreter", NULL,
"cgi_pattern", "**.cgi$|**.pl$|**.php$",
"document_root", NULL,
"enable_directory_listing", "yes",
"error_log_file", NULL,
"extra_mime_types", NULL,
"global_auth_file", NULL,
"hide_files_patterns", NULL,
"idle_timeout_ms", "30000",
"index_files","index.html,index.htm,index.cgi,index.shtml,index.php,index.lp",
"listening_port", NULL,
"dav_auth_file", NULL,
"run_as_user", NULL,
"ssl_certificate", NULL,
"url_rewrites", NULL,
NULL
};
static const char *static_month_names[] = {
"Jan", "Feb", "Mar", "Apr", "May", "Jun",
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
void *mg_start_thread(void *(*f)(void *), void *p) {
#ifdef _WIN32
return (void *) _beginthread((void (__cdecl *)(void *)) f, 0, p);
#else
Sergey Lyubka
committed
pthread_t thread_id = (pthread_t) 0;
pthread_attr_t attr;
(void) pthread_attr_init(&attr);
(void) pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
#if USE_STACK_SIZE > 1
// Compile-time option to control stack size, e.g. -DUSE_STACK_SIZE=16384
(void) pthread_attr_setstacksize(&attr, USE_STACK_SIZE);
Sergey Lyubka
committed
pthread_create(&thread_id, &attr, f, p);
pthread_attr_destroy(&attr);
return (void *) thread_id;
#endif
static void set_close_on_exec(int fd) {
#ifdef _WIN32
(void) SetHandleInformation((HANDLE) fd, HANDLE_FLAG_INHERIT, 0);
static void set_non_blocking_mode(sock_t sock) {
#ifdef _WIN32
unsigned long on = 1;
ioctlsocket(sock, FIONBIO, &on);
#else
int flags = fcntl(sock, F_GETFL, 0);
fcntl(sock, F_SETFL, flags | O_NONBLOCK);
#endif
}
static int should_keep_alive(const struct mg_connection *conn) {
const char *method = conn->request_method;
const char *http_version = conn->http_version;
const char *header = mg_get_header(conn, "Connection");
return method != NULL && !strcmp(method, "GET") &&
((header != NULL && !strcmp(header, "keep-alive")) ||
(header == NULL && http_version && !strcmp(http_version, "1.1")));
}
static const char *suggest_connection_header(const struct mg_connection *conn) {
return should_keep_alive(conn) ? "keep-alive" : "close";
static void mg_strlcpy(register char *dst, register const char *src, size_t n) {
for (; *src != '\0' && n > 1; n--) {
*dst++ = *src++;
}
*dst = '\0';
}
static int spool(struct iobuf *io, const void *buf, int len) {
static const double mult = 1.2;
char *p = NULL;
int new_len = 0;
assert(io->len >= 0);
assert(io->len <= io->size);
//DBG(("1. %d %d %d", len, io->len, io->size));
if (len <= 0) {
} else if ((new_len = io->len + len) < io->size) {
memcpy(io->buf + io->len, buf, len);
io->len = new_len;
} else if ((p = (char *) realloc(io->buf, (int) (new_len * mult))) != NULL) {
io->buf = p;
memcpy(io->buf + io->len, buf, len);
io->len = new_len;
io->size = (int) (new_len * mult);
} else {
len = 0;
}
//DBG(("%d %d %d", len, io->len, io->size));
}
// Like snprintf(), but never returns negative value, or a value
// that is larger than a supplied buffer.
static int mg_vsnprintf(char *buf, size_t buflen, const char *fmt, va_list ap) {
int n;
n = vsnprintf(buf, buflen, fmt, ap);
if (n < 0) {
n = 0;
} else if (n >= (int) buflen) {
n = (int) buflen - 1;
}
buf[n] = '\0';
return n;
}
static int mg_snprintf(char *buf, size_t buflen, const char *fmt, ...) {
va_list ap;
int n;
va_start(ap, fmt);
n = mg_vsnprintf(buf, buflen, fmt, ap);
va_end(ap);
return n;
}
static void send_http_error(struct connection *conn, int code) {
const char *message;
char headers[200], body[200];
int body_len, headers_len;
switch (code) {
case 201: message = "Created"; break;
case 204: message = "No Content"; break;
case 304: message = "Not Modified"; break;
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
case 400: message = "Bad Request"; break;
case 403: message = "Forbidden"; break;
case 404: message = "Not Found"; break;
case 405: message = "Method Not Allowed"; break;
case 409: message = "Conflict"; break;
case 411: message = "Length Required"; break;
case 413: message = "Request Entity Too Large"; break;
case 415: message = "Unsupported Media Type"; break;
case 423: message = "Locked"; break;
case 501: message = "Not Implemented"; break;
default: message = "Server Error"; break;
}
conn->mg_conn.status_code = code;
body_len = mg_snprintf(body, sizeof(body), "%d %s\n", code, message);
if (code >= 300 && code <= 399) {
// 3xx errors do not have body
body_len = 0;
}
headers_len = mg_snprintf(headers, sizeof(headers),
"HTTP/1.1 %d %s\r\nContent-Length: %d\r\n"
"Content-Type: text/plain\r\n\r\n",
code, message, body_len);
spool(&conn->remote_iobuf, headers, headers_len);
spool(&conn->remote_iobuf, body, body_len);
close_local_endpoint(conn); // This will write to the log file
}
static void mg_printf(struct connection *conn, const char *fmt, ...) {
char buf[IOBUF_SIZE];
va_list ap;
int len;
va_start(ap, fmt);
len = vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
spool(&conn->remote_iobuf, buf, len);
close_local_endpoint(conn); // Log the request
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
}
// A helper function for traversing a comma separated list of values.
// It returns a list pointer shifted to the next value, or NULL if the end
// of the list found.
// Value is stored in val vector. If value has form "x=y", then eq_val
// vector is initialized to point to the "y" part, and val vector length
// is adjusted to point only to "x".
static const char *next_option(const char *list, struct vec *val,
struct vec *eq_val) {
if (list == NULL || *list == '\0') {
// End of the list
list = NULL;
} else {
val->ptr = list;
if ((list = strchr(val->ptr, ',')) != NULL) {
// Comma found. Store length and shift the list ptr
val->len = list - val->ptr;
list++;
} else {
// This value is the last one
list = val->ptr + strlen(val->ptr);
val->len = list - val->ptr;
}
if (eq_val != NULL) {
// Value has form "x=y", adjust pointers and lengths
// so that val points to "x", and eq_val points to "y".
eq_val->len = 0;
eq_val->ptr = (const char *) memchr(val->ptr, '=', val->len);
if (eq_val->ptr != NULL) {
eq_val->ptr++; // Skip over '=' character
eq_val->len = val->ptr + val->len - eq_val->ptr;
val->len = (eq_val->ptr - val->ptr) - 1;
}
}
}
return list;
}
static int mg_socketpair(sock_t sp[2]) {
struct sockaddr_in sa;
sock_t sock, ret = -1;
socklen_t len = sizeof(sa);
(void) memset(&sa, 0, sizeof(sa));
sa.sin_family = AF_INET;
sa.sin_port = htons(0);
sa.sin_addr.s_addr = htonl(0x7f000001);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) != INVALID_SOCKET &&
!bind(sock, (struct sockaddr *) &sa, len) &&
!listen(sock, 1) &&
!getsockname(sock, (struct sockaddr *) &sa, &len) &&
(sp[0] = socket(AF_INET, SOCK_STREAM, 6)) != -1 &&
!connect(sp[0], (struct sockaddr *) &sa, len) &&
(sp[1] = accept(sock,(struct sockaddr *) &sa, &len)) != INVALID_SOCKET) {
set_close_on_exec(sp[0]);
set_close_on_exec(sp[1]);
ret = 0;
} else {
if (sp[0] != INVALID_SOCKET) closesocket(sp[0]);
if (sp[1] != INVALID_SOCKET) closesocket(sp[1]);
sp[0] = sp[1] = INVALID_SOCKET;
closesocket(sock);
return ret;
#ifndef NO_CGI
#ifdef _WIN32
static pid_t start_process(char *interp, const char *cmd, const char *env,
const char *envp[], const char *dir, sock_t sock) {
STARTUPINFOA si = {0};
PROCESS_INFORMATION pi = {0};
HANDLE hs = (HANDLE) sock, me = GetCurrentProcess();
char cmdline[MAX_PATH_SIZE], full_dir[MAX_PATH_SIZE], buf[MAX_PATH_SIZE], *p;
FILE *fp;
si.cb = sizeof(si);
si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
si.wShowWindow = SW_HIDE;
DuplicateHandle(me, hs, me, &si.hStdInput, 0, TRUE, DUPLICATE_SAME_ACCESS);
DuplicateHandle(me, hs, me, &si.hStdOutput, 0, TRUE, DUPLICATE_SAME_ACCESS);
si.hStdError = GetStdHandle(STD_ERROR_HANDLE);
closesocket(sock);
if (interp == NULL && (fp = fopen(cmd, "r")) != NULL) {
buf[0] = buf[1] = '\0';
fgets(buf, sizeof(buf), fp);
buf[sizeof(buf) - 1] = '\0';
if (buf[0] == '#' && buf[1] == '!') {
interp = buf + 2;
for (p = interp + strlen(interp);
isspace(* (uint8_t *) p) && p > interp; p--) *p = '\0';
if (interp != NULL) {
GetFullPathNameA(interp, sizeof(buf), buf, NULL);
interp = buf;
}
GetFullPathNameA(dir, sizeof(full_dir), full_dir, NULL);
mg_snprintf(cmdline, sizeof(cmdline), "%s%s\"%s\"",
interp ? interp : "", interp ? " " : "", cmd);
DBG(("Starting commad: [%s]", cmdline));
CreateProcess(NULL, cmdline, NULL, NULL, TRUE,
CREATE_NEW_PROCESS_GROUP, (void *) env, full_dir, &si, &pi);
CloseHandle(si.hStdOutput);
CloseHandle(si.hStdInput);
CloseHandle(pi.hThread);
return (pid_t) pi.hProcess;
#else
static pid_t start_process(const char *interp, const char *cmd, const char *env,
const char *envp[], const char *dir, sock_t sock) {
pid_t pid = fork();
(void) env;
if (pid == 0) {
chdir(dir);
dup2(sock, 0);
dup2(sock, 1);
closesocket(sock);
// After exec, all signal handlers are restored to their default values,
// with one exception of SIGCHLD. According to POSIX.1-2001 and Linux's
// implementation, SIGCHLD's handler will leave unchanged after exec
// if it was set to be ignored. Restore it to default action.
signal(SIGCHLD, SIG_DFL);
if (interp == NULL) {
execle(cmd, cmd, NULL, envp);
execle(interp, interp, cmd, NULL, envp);
exit(EXIT_FAILURE); // exec call failed
// This structure helps to create an environment for the spawned CGI program.
// Environment is an array of "VARIABLE=VALUE\0" ASCIIZ strings,
// last element must be NULL.
// However, on Windows there is a requirement that all these VARIABLE=VALUE\0
// strings must reside in a contiguous buffer. The end of the buffer is
// marked by two '\0' characters.
// We satisfy both worlds: we create an envp array (which is vars), all
// entries are actually pointers inside buf.
struct cgi_env_block {
struct mg_connection *conn;
char buf[CGI_ENVIRONMENT_SIZE]; // Environment buffer
const char *vars[MAX_CGI_ENVIR_VARS]; // char *envp[]
int len; // Space taken
int nvars; // Number of variables in envp[]
};
// Append VARIABLE=VALUE\0 string to the buffer, and add a respective
// pointer into the vars array.
static char *addenv(struct cgi_env_block *block, const char *fmt, ...) {
int n, space;
char *added;
va_list ap;
// Calculate how much space is left in the buffer
space = sizeof(block->buf) - block->len - 2;
assert(space >= 0);
// Make a pointer to the free space int the buffer
added = block->buf + block->len;
// Copy VARIABLE=VALUE\0 string into the free space
va_start(ap, fmt);
n = mg_vsnprintf(added, (size_t) space, fmt, ap);
va_end(ap);
// Make sure we do not overflow buffer and the envp array
if (n > 0 && n + 1 < space &&
block->nvars < (int) ARRAY_SIZE(block->vars) - 2) {
// Append a pointer to the added string into the envp array
block->vars[block->nvars++] = added;
// Bump up used length counter. Include \0 terminator
block->len += n + 1;
static void addenv2(struct cgi_env_block *blk, const char *name) {
const char *s;
if ((s = getenv(name)) != NULL) addenv(blk, "%s=%s", name, s);
static void prepare_cgi_environment(struct connection *conn,
const char *prog,
struct cgi_env_block *blk) {
struct mg_connection *ri = &conn->mg_conn;
const char *s, *slash;
char *p, **opts = conn->server->config_options;
int i;
blk->len = blk->nvars = 0;
blk->conn = ri;
addenv(blk, "SERVER_NAME=%s", opts[AUTH_DOMAIN]);
addenv(blk, "SERVER_ROOT=%s", opts[DOCUMENT_ROOT]);
addenv(blk, "DOCUMENT_ROOT=%s", opts[DOCUMENT_ROOT]);
addenv(blk, "SERVER_SOFTWARE=%s/%s", "Mongoose", MONGOOSE_VERSION);
// Prepare the environment block
addenv(blk, "%s", "GATEWAY_INTERFACE=CGI/1.1");
addenv(blk, "%s", "SERVER_PROTOCOL=HTTP/1.1");
addenv(blk, "%s", "REDIRECT_STATUS=200"); // For PHP
// TODO(lsm): fix this for IPv6 case
addenv(blk, "SERVER_PORT=%d", ri->remote_port);
addenv(blk, "REQUEST_METHOD=%s", ri->request_method);
addenv(blk, "REMOTE_ADDR=%s", ri->remote_ip);
addenv(blk, "REMOTE_PORT=%d", ri->remote_port);
addenv(blk, "REQUEST_URI=%s%s%s", ri->uri,
ri->query_string == NULL ? "" : "?",
ri->query_string == NULL ? "" : ri->query_string);
// SCRIPT_NAME
if (conn->path_info != NULL) {
addenv(blk, "SCRIPT_NAME=%.*s",
(int) (strlen(ri->uri) - strlen(conn->path_info)), ri->uri);
addenv(blk, "PATH_INFO=%s", conn->path_info);
s = strrchr(prog, '/');
slash = strrchr(ri->uri, '/');
addenv(blk, "SCRIPT_NAME=%.*s%s",
slash == NULL ? 0 : (int) (slash - ri->uri), ri->uri,
s == NULL ? prog : s);
addenv(blk, "SCRIPT_FILENAME=%s", prog);
addenv(blk, "PATH_TRANSLATED=%s", prog);
addenv(blk, "HTTPS=%s", conn->ssl != NULL ? "on" : "off");
if ((s = mg_get_header(ri, "Content-Type")) != NULL)
addenv(blk, "CONTENT_TYPE=%s", s);
if (ri->query_string != NULL)
addenv(blk, "QUERY_STRING=%s", ri->query_string);
if ((s = mg_get_header(ri, "Content-Length")) != NULL)
addenv(blk, "CONTENT_LENGTH=%s", s);
addenv2(blk, "PATH");
addenv2(blk, "PERLLIB");
addenv2(blk, ENV_EXPORT_TO_CGI);
#if defined(_WIN32)
addenv2(blk, "COMSPEC");
addenv2(blk, "SYSTEMROOT");
addenv2(blk, "SystemDrive");
addenv2(blk, "ProgramFiles");
addenv2(blk, "ProgramFiles(x86)");
addenv2(blk, "CommonProgramFiles(x86)");
#else
addenv2(blk, "LD_LIBRARY_PATH");
#endif // _WIN32
// Add all headers as HTTP_* variables
for (i = 0; i < ri->num_headers; i++) {
p = addenv(blk, "HTTP_%s=%s",
ri->http_headers[i].name, ri->http_headers[i].value);
// Convert variable name into uppercase, and change - to _
for (; *p != '=' && *p != '\0'; p++) {
if (*p == '-')
*p = '_';
*p = (char) toupper(* (unsigned char *) p);
blk->vars[blk->nvars++] = NULL;
blk->buf[blk->len++] = '\0';
assert(blk->nvars < (int) ARRAY_SIZE(blk->vars));
assert(blk->len > 0);
assert(blk->len < (int) sizeof(blk->buf));
static void open_cgi_endpoint(struct connection *conn, const char *prog) {
struct cgi_env_block blk;
char dir[MAX_PATH_SIZE], *p = NULL;
sock_t fds[2];
prepare_cgi_environment(conn, prog, &blk);
// CGI must be executed in its own directory. 'dir' must point to the
// directory containing executable program, 'p' must point to the
// executable program name relative to 'dir'.
mg_snprintf(dir, sizeof(dir), "%s", prog);
if ((p = strrchr(dir, '/')) != NULL) {
*p++ = '\0';
} else {
dir[0] = '.', dir[1] = '\0';
p = (char *) prog;
}
Sergey Lyubka
committed
// Try to create socketpair in a loop until success. mg_socketpair()
// can be interrupted by a signal and fail.
// TODO(lsm): use sigaction to restart interrupted syscall
do {
mg_socketpair(fds);
} while (fds[0] < 0);
if (start_process(conn->server->config_options[CGI_INTERPRETER],
prog, blk.buf, blk.vars, dir, fds[1]) > 0) {
conn->endpoint_type = EP_CGI;
conn->endpoint.cgi_sock = fds[0];
} else {
closesocket(fds[0]);
send_http_error(conn, 500);
// 'sa' must be an initialized address to bind to
static sock_t open_listening_socket(union socket_address *sa) {
sock_t on = 1, sock = INVALID_SOCKET;
if ((sock = socket(sa->sa.sa_family, SOCK_STREAM, 6)) == INVALID_SOCKET ||
setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &on, sizeof(on)) ||
bind(sock, &sa->sa, sa->sa.sa_family == AF_INET ?
sizeof(sa->sin) : sizeof(sa->sa)) != 0 ||
listen(sock, SOMAXCONN) != 0) {
closesocket(sock);
sock = INVALID_SOCKET;
static char *mg_strdup(const char *str) {
char *copy = (char *) malloc(strlen(str) + 1);
if (copy != NULL) {
strcpy(copy, str);
static int isbyte(int n) {
return n >= 0 && n <= 255;
}
static int parse_net(const char *spec, uint32_t *net, uint32_t *mask) {
int n, a, b, c, d, slash = 32, len = 0;
if ((sscanf(spec, "%d.%d.%d.%d/%d%n", &a, &b, &c, &d, &slash, &n) == 5 ||
sscanf(spec, "%d.%d.%d.%d%n", &a, &b, &c, &d, &n) == 4) &&
isbyte(a) && isbyte(b) && isbyte(c) && isbyte(d) &&
slash >= 0 && slash < 33) {
len = n;
*net = ((uint32_t)a << 24) | ((uint32_t)b << 16) | ((uint32_t)c << 8) | d;
*mask = slash ? 0xffffffffU << (32 - slash) : 0;
}
// Verify given socket address against the ACL.
// Return -1 if ACL is malformed, 0 if address is disallowed, 1 if allowed.
static int check_acl(const char *acl, uint32_t remote_ip) {
int allowed, flag;
uint32_t net, mask;
struct vec vec;
// If any ACL is set, deny by default
allowed = acl == NULL ? '+' : '-';
while ((acl = next_option(acl, &vec, NULL)) != NULL) {
flag = vec.ptr[0];
if ((flag != '+' && flag != '-') ||
parse_net(&vec.ptr[1], &net, &mask) == 0) {
return -1;
if (net == (remote_ip & mask)) {
allowed = flag;
static struct connection *accept_new_connection(struct mg_server *server) {
union socket_address sa;
socklen_t len = sizeof(sa);
sock_t sock = INVALID_SOCKET;
struct connection *conn = NULL;
// NOTE(lsm): on Windows, sock is always > FD_SETSIZE
if ((sock = accept(server->listening_sock, &sa.sa, &len)) == INVALID_SOCKET) {
} else if (!check_acl(server->config_options[ACCESS_CONTROL_LIST],
ntohl(* (uint32_t *) &sa.sin.sin_addr))) {
// NOTE(lsm): check_acl doesn't work for IPv6
closesocket(sock);
} else if ((conn = (struct connection *) calloc(1, sizeof(*conn))) == NULL) {
closesocket(sock);
#ifdef USE_SSL
} else if (server->ssl_ctx != NULL &&
((conn->ssl = SSL_new(server->ssl_ctx)) == NULL ||
SSL_set_fd(conn->ssl, sock) != 1)) {
DBG(("SSL error"));
closesocket(sock);
free(conn);
conn = NULL;
#endif
set_close_on_exec(sock);
set_non_blocking_mode(sock);
conn->server = server;
conn->client_sock = sock;
mutex_init(&conn->mutex);
LINKED_LIST_ADD_TO_FRONT(&server->active_connections, &conn->link);
DBG(("added conn %p", conn));
static void close_conn(struct connection *conn) {
DBG(("closing %p %d %d", conn, conn->flags, conn->endpoint_type));
LINKED_LIST_REMOVE(&conn->link);
closesocket(conn->client_sock);
free(conn->request); // It's OK to free(NULL), ditto below
free(conn->path_info);
free(conn->remote_iobuf.buf);
free(conn->local_iobuf.buf);
#ifdef USE_SSL
if (conn->ssl != NULL) SSL_free(conn->ssl);
#endif
mutex_destroy(&conn->mutex);
free(conn);
}
// Check whether full request is buffered. Return:
// -1 if request is malformed
// 0 if request is not yet fully buffered
// >0 actual request length, including last \r\n\r\n
static int get_request_len(const char *s, int buf_len) {
const unsigned char *buf = (unsigned char *) s;
int i;
for (i = 0; i < buf_len; i++) {
// Control characters are not allowed but >=128 are.
// Abort scan as soon as one malformed character is found.
if (!isprint(buf[i]) && buf[i] != '\r' && buf[i] != '\n' && buf[i] < 128) {
return -1;
} else if (buf[i] == '\n' && i + 1 < buf_len && buf[i + 1] == '\n') {
return i + 2;
} else if (buf[i] == '\n' && i + 2 < buf_len && buf[i + 1] == '\r' &&
buf[i + 2] == '\n') {
return i + 3;
}
// Skip the characters until one of the delimiters characters found.
// 0-terminate resulting word. Skip the rest of the delimiters if any.
// Advance pointer to buffer to the next word. Return found 0-terminated word.
static char *skip(char **buf, const char *delimiters) {
char *p, *begin_word, *end_word, *end_delimiters;
begin_word = *buf;
end_word = begin_word + strcspn(begin_word, delimiters);
end_delimiters = end_word + strspn(end_word, delimiters);
for (p = end_word; p < end_delimiters; p++) {
*p = '\0';
// Protect against directory disclosure attack by removing '..',
// excessive '/' and '\' characters
static void remove_double_dots_and_double_slashes(char *s) {
char *p = s;
while (*s != '\0') {
*p++ = *s++;
if (s[-1] == '/' || s[-1] == '\\') {
// Skip all following slashes, backslashes and double-dots
while (s[0] != '\0') {
if (s[0] == '/' || s[0] == '\\') { s++; }
else if (s[0] == '.' && s[1] == '.') { s += 2; }
else { break; }
}