1 #include "first.h" 2 3 #include <sys/types.h> 4 #include <stdlib.h> 5 #include <string.h> 6 7 #include "gw_backend.h" 8 typedef gw_plugin_config plugin_config; 9 typedef gw_plugin_data plugin_data; 10 typedef gw_handler_ctx handler_ctx; 11 12 #include "base.h" 13 #include "buffer.h" 14 #include "fdevent.h" 15 #include "http_chunk.h" 16 #include "log.h" 17 #include "status_counter.h" 18 19 #ifdef HAVE_FASTCGI_FASTCGI_H 20 # include <fastcgi/fastcgi.h> 21 #else 22 # ifdef HAVE_FASTCGI_H 23 # include <fastcgi.h> 24 # else 25 # include "fastcgi.h" 26 # endif 27 #endif /* HAVE_FASTCGI_FASTCGI_H */ 28 29 #if GW_RESPONDER != FCGI_RESPONDER 30 #error "mismatched defines: (GW_RESPONDER != FCGI_RESPONDER)" 31 #endif 32 #if GW_AUTHORIZER != FCGI_AUTHORIZER 33 #error "mismatched defines: (GW_AUTHORIZER != FCGI_AUTHORIZER)" 34 #endif 35 #if GW_FILTER != FCGI_FILTER 36 #error "mismatched defines: (GW_FILTER != FCGI_FILTER)" 37 #endif 38 39 static void mod_fastcgi_merge_config_cpv(plugin_config * const pconf, const config_plugin_value_t * const cpv) { 40 switch (cpv->k_id) { /* index into static config_plugin_keys_t cpk[] */ 41 case 0: /* fastcgi.server */ 42 if (cpv->vtype == T_CONFIG_LOCAL) { 43 gw_plugin_config * const gw = cpv->v.v; 44 pconf->exts = gw->exts; 45 pconf->exts_auth = gw->exts_auth; 46 pconf->exts_resp = gw->exts_resp; 47 } 48 break; 49 case 1: /* fastcgi.balance */ 50 /*if (cpv->vtype == T_CONFIG_LOCAL)*//*always true here for this param*/ 51 pconf->balance = (int)cpv->v.u; 52 break; 53 case 2: /* fastcgi.debug */ 54 pconf->debug = (int)cpv->v.u; 55 break; 56 case 3: /* fastcgi.map-extensions */ 57 pconf->ext_mapping = cpv->v.a; 58 break; 59 default:/* should not happen */ 60 return; 61 } 62 } 63 64 static void mod_fastcgi_merge_config(plugin_config * const pconf, const config_plugin_value_t *cpv) { 65 do { 66 mod_fastcgi_merge_config_cpv(pconf, cpv); 67 } while ((++cpv)->k_id != -1); 68 } 69 70 static void mod_fastcgi_patch_config(request_st * const r, plugin_data * const p) { 71 memcpy(&p->conf, &p->defaults, sizeof(plugin_config)); 72 for (int i = 1, used = p->nconfig; i < used; ++i) { 73 if (config_check_cond(r, (uint32_t)p->cvlist[i].k_id)) 74 mod_fastcgi_merge_config(&p->conf,p->cvlist + p->cvlist[i].v.u2[0]); 75 } 76 } 77 78 SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) { 79 static const config_plugin_keys_t cpk[] = { 80 { CONST_STR_LEN("fastcgi.server"), 81 T_CONFIG_ARRAY_KVARRAY, 82 T_CONFIG_SCOPE_CONNECTION } 83 ,{ CONST_STR_LEN("fastcgi.balance"), 84 T_CONFIG_STRING, 85 T_CONFIG_SCOPE_CONNECTION } 86 ,{ CONST_STR_LEN("fastcgi.debug"), 87 T_CONFIG_INT, 88 T_CONFIG_SCOPE_CONNECTION } 89 ,{ CONST_STR_LEN("fastcgi.map-extensions"), 90 T_CONFIG_ARRAY_KVSTRING, 91 T_CONFIG_SCOPE_CONNECTION } 92 ,{ NULL, 0, 93 T_CONFIG_UNSET, 94 T_CONFIG_SCOPE_UNSET } 95 }; 96 97 plugin_data * const p = p_d; 98 if (!config_plugin_values_init(srv, p, cpk, "mod_fastcgi")) 99 return HANDLER_ERROR; 100 101 /* process and validate config directives 102 * (init i to 0 if global context; to 1 to skip empty global context) */ 103 for (int i = !p->cvlist[0].v.u2[1]; i < p->nconfig; ++i) { 104 config_plugin_value_t *cpv = p->cvlist + p->cvlist[i].v.u2[0]; 105 for (; -1 != cpv->k_id; ++cpv) { 106 switch (cpv->k_id) { 107 case 0:{/* fastcgi.server */ 108 gw_plugin_config *gw = calloc(1, sizeof(gw_plugin_config)); 109 force_assert(gw); 110 if (!gw_set_defaults_backend(srv, p, cpv->v.a, gw, 0, 111 cpk[cpv->k_id].k)) { 112 gw_plugin_config_free(gw); 113 return HANDLER_ERROR; 114 } 115 cpv->v.v = gw; 116 cpv->vtype = T_CONFIG_LOCAL; 117 break; 118 } 119 case 1: /* fastcgi.balance */ 120 cpv->v.u = (unsigned int)gw_get_defaults_balance(srv, cpv->v.b); 121 break; 122 case 2: /* fastcgi.debug */ 123 case 3: /* fastcgi.map-extensions */ 124 break; 125 default:/* should not happen */ 126 break; 127 } 128 } 129 } 130 131 /* default is 0 */ 132 /*p->defaults.balance = (unsigned int)gw_get_defaults_balance(srv, NULL);*/ 133 134 /* initialize p->defaults from global config context */ 135 if (p->nconfig > 0 && p->cvlist->v.u2[1]) { 136 const config_plugin_value_t *cpv = p->cvlist + p->cvlist->v.u2[0]; 137 if (-1 != cpv->k_id) 138 mod_fastcgi_merge_config(&p->defaults, cpv); 139 } 140 141 return HANDLER_GO_ON; 142 } 143 144 145 static int fcgi_env_add(void *venv, const char *key, size_t key_len, const char *val, size_t val_len) { 146 buffer *env = venv; 147 size_t len; 148 char len_enc[8]; 149 size_t len_enc_len = 0; 150 char *dst; 151 152 if (!key || (!val && val_len)) return -1; 153 154 len = key_len + val_len; 155 156 len += key_len > 127 ? 4 : 1; 157 len += val_len > 127 ? 4 : 1; 158 159 if (buffer_string_length(env) + len >= FCGI_MAX_LENGTH + sizeof(FCGI_BeginRequestRecord) + sizeof(FCGI_Header)) { 160 /** 161 * we can't append more headers, ignore it 162 */ 163 return -1; 164 } 165 166 /** 167 * field length can be 31bit max 168 * 169 * HINT: this can't happen as FCGI_MAX_LENGTH is only 16bit 170 */ 171 force_assert(key_len < 0x7fffffffu); 172 force_assert(val_len < 0x7fffffffu); 173 174 if (buffer_string_space(env) < len) { 175 size_t extend = env->size * 2 - buffer_string_length(env); 176 extend = extend > len ? extend : len + 4095; 177 buffer_string_prepare_append(env, extend); 178 } 179 180 if (key_len > 127) { 181 len_enc[len_enc_len++] = ((key_len >> 24) & 0xff) | 0x80; 182 len_enc[len_enc_len++] = (key_len >> 16) & 0xff; 183 len_enc[len_enc_len++] = (key_len >> 8) & 0xff; 184 len_enc[len_enc_len++] = (key_len >> 0) & 0xff; 185 } else { 186 len_enc[len_enc_len++] = (key_len >> 0) & 0xff; 187 } 188 189 if (val_len > 127) { 190 len_enc[len_enc_len++] = ((val_len >> 24) & 0xff) | 0x80; 191 len_enc[len_enc_len++] = (val_len >> 16) & 0xff; 192 len_enc[len_enc_len++] = (val_len >> 8) & 0xff; 193 len_enc[len_enc_len++] = (val_len >> 0) & 0xff; 194 } else { 195 len_enc[len_enc_len++] = (val_len >> 0) & 0xff; 196 } 197 198 dst = buffer_string_prepare_append(env, len); 199 memcpy(dst, len_enc, len_enc_len); 200 memcpy(dst + len_enc_len, key, key_len); 201 memcpy(dst + len_enc_len + key_len, val, val_len); 202 buffer_commit(env, len); 203 204 return 0; 205 } 206 207 static void fcgi_header(FCGI_Header * header, unsigned char type, int request_id, int contentLength, unsigned char paddingLength) { 208 force_assert(contentLength <= FCGI_MAX_LENGTH); 209 210 header->version = FCGI_VERSION_1; 211 header->type = type; 212 header->requestIdB0 = request_id & 0xff; 213 header->requestIdB1 = (request_id >> 8) & 0xff; 214 header->contentLengthB0 = contentLength & 0xff; 215 header->contentLengthB1 = (contentLength >> 8) & 0xff; 216 header->paddingLength = paddingLength; 217 header->reserved = 0; 218 } 219 220 static handler_t fcgi_stdin_append(handler_ctx *hctx) { 221 FCGI_Header header; 222 chunkqueue * const req_cq = &hctx->r->reqbody_queue; 223 off_t offset, weWant; 224 off_t req_cqlen = chunkqueue_length(req_cq); 225 int request_id = hctx->request_id; 226 if (req_cqlen > MAX_WRITE_LIMIT) req_cqlen = MAX_WRITE_LIMIT; 227 228 /* something to send ? */ 229 for (offset = 0; offset != req_cqlen; offset += weWant) { 230 weWant = req_cqlen - offset > FCGI_MAX_LENGTH ? FCGI_MAX_LENGTH : req_cqlen - offset; 231 232 if (-1 != hctx->wb_reqlen) { 233 if (hctx->wb_reqlen >= 0) { 234 hctx->wb_reqlen += sizeof(header); 235 } else { 236 hctx->wb_reqlen -= sizeof(header); 237 } 238 } 239 240 fcgi_header(&(header), FCGI_STDIN, request_id, weWant, 0); 241 (chunkqueue_is_empty(&hctx->wb) || hctx->wb.first->type == MEM_CHUNK) /* else FILE_CHUNK for temp file */ 242 ? chunkqueue_append_mem(&hctx->wb, (const char *)&header, sizeof(header)) 243 : chunkqueue_append_mem_min(&hctx->wb, (const char *)&header, sizeof(header)); 244 chunkqueue_steal(&hctx->wb, req_cq, weWant); 245 /*(hctx->wb_reqlen already includes reqbody_length)*/ 246 } 247 248 if (hctx->wb.bytes_in == hctx->wb_reqlen) { 249 /* terminate STDIN */ 250 /* (future: must defer ending FCGI_STDIN 251 * if might later upgrade protocols 252 * and then have more data to send) */ 253 fcgi_header(&(header), FCGI_STDIN, request_id, 0, 0); 254 chunkqueue_append_mem(&hctx->wb, (const char *)&header, sizeof(header)); 255 hctx->wb_reqlen += (int)sizeof(header); 256 } 257 258 return HANDLER_GO_ON; 259 } 260 261 static handler_t fcgi_create_env(handler_ctx *hctx) { 262 FCGI_BeginRequestRecord beginRecord; 263 FCGI_Header header; 264 int request_id; 265 266 gw_host *host = hctx->host; 267 request_st * const r = hctx->r; 268 269 http_cgi_opts opts = { 270 (hctx->gw_mode == FCGI_AUTHORIZER), 271 host->break_scriptfilename_for_php, 272 host->docroot, 273 host->strip_request_uri 274 }; 275 276 size_t rsz = (size_t)(r->read_queue.bytes_out - hctx->wb.bytes_in); 277 if (rsz >= 65536) rsz = r->rqst_header_len; 278 buffer * const b = chunkqueue_prepend_buffer_open_sz(&hctx->wb, rsz); 279 280 /* send FCGI_BEGIN_REQUEST */ 281 282 if (hctx->request_id == 0) { 283 hctx->request_id = 1; /* always use id 1 as we don't use multiplexing */ 284 } else { 285 log_error(r->conf.errh, __FILE__, __LINE__, 286 "fcgi-request is already in use: %d", hctx->request_id); 287 } 288 request_id = hctx->request_id; 289 290 fcgi_header(&(beginRecord.header), FCGI_BEGIN_REQUEST, request_id, sizeof(beginRecord.body), 0); 291 beginRecord.body.roleB0 = hctx->gw_mode; 292 beginRecord.body.roleB1 = 0; 293 beginRecord.body.flags = 0; 294 memset(beginRecord.body.reserved, 0, sizeof(beginRecord.body.reserved)); 295 296 buffer_copy_string_len(b, (const char *)&beginRecord, sizeof(beginRecord)); 297 fcgi_header(&header, FCGI_PARAMS, request_id, 0, 0); /*(set aside space to fill in later)*/ 298 buffer_append_string_len(b, (const char *)&header, sizeof(header)); 299 300 /* send FCGI_PARAMS */ 301 302 if (0 != http_cgi_headers(r, &opts, fcgi_env_add, b)) { 303 r->http_status = 400; 304 r->handler_module = NULL; 305 buffer_clear(b); 306 chunkqueue_remove_finished_chunks(&hctx->wb); 307 return HANDLER_FINISHED; 308 } else { 309 fcgi_header(&(header), FCGI_PARAMS, request_id, 310 buffer_string_length(b) - sizeof(FCGI_BeginRequestRecord) - sizeof(FCGI_Header), 0); 311 memcpy(b->ptr+sizeof(FCGI_BeginRequestRecord), (const char *)&header, sizeof(header)); 312 313 fcgi_header(&(header), FCGI_PARAMS, request_id, 0, 0); 314 buffer_append_string_len(b, (const char *)&header, sizeof(header)); 315 316 hctx->wb_reqlen = buffer_string_length(b); 317 chunkqueue_prepend_buffer_commit(&hctx->wb); 318 } 319 320 if (r->reqbody_length) { 321 /*chunkqueue_append_chunkqueue(&hctx->wb, &r->reqbody_queue);*/ 322 if (r->reqbody_length > 0) 323 hctx->wb_reqlen += r->reqbody_length;/* (eventual) (minimal) total request size, not necessarily including all fcgi_headers around content length yet */ 324 else /* as-yet-unknown total request size (Transfer-Encoding: chunked)*/ 325 hctx->wb_reqlen = -hctx->wb_reqlen; 326 } 327 fcgi_stdin_append(hctx); 328 329 status_counter_inc(CONST_STR_LEN("fastcgi.requests")); 330 return HANDLER_GO_ON; 331 } 332 333 typedef struct { 334 unsigned int len; 335 int type; 336 int padding; 337 int request_id; 338 } fastcgi_response_packet; 339 340 static int fastcgi_get_packet(handler_ctx *hctx, fastcgi_response_packet *packet) { 341 FCGI_Header header; 342 off_t rblen = chunkqueue_length(hctx->rb); 343 if (rblen < (off_t)sizeof(FCGI_Header)) { 344 /* no header */ 345 if (hctx->conf.debug && 0 != rblen) { 346 log_error(hctx->r->conf.errh, __FILE__, __LINE__, 347 "FastCGI: header too small: %lld bytes < %zu bytes, " 348 "waiting for more data", (long long)rblen, sizeof(FCGI_Header)); 349 } 350 return -1; 351 } 352 char *ptr = (char *)&header; 353 uint32_t rd = sizeof(FCGI_Header); 354 if (chunkqueue_peek_data(hctx->rb, &ptr, &rd, hctx->r->conf.errh) < 0) 355 return -1; 356 if (rd != sizeof(FCGI_Header)) 357 return -1; 358 if (ptr != (char *)&header) /* copy into aligned struct */ 359 memcpy(&header, ptr, sizeof(FCGI_Header)); 360 361 /* we have at least a header, now check how much we have to fetch */ 362 packet->len = (header.contentLengthB0 | (header.contentLengthB1 << 8)) + header.paddingLength; 363 packet->request_id = (header.requestIdB0 | (header.requestIdB1 << 8)); 364 packet->type = header.type; 365 packet->padding = header.paddingLength; 366 367 if (packet->len > (unsigned int)rblen-sizeof(FCGI_Header)) { 368 return -1; /* we didn't get the full packet */ 369 } 370 371 chunkqueue_mark_written(hctx->rb, sizeof(FCGI_Header)); 372 return 0; 373 } 374 375 static void fastcgi_get_packet_body(buffer * const b, handler_ctx * const hctx, const fastcgi_response_packet * const packet) { 376 /* copy content; hctx->rb must contain at least packet->len content */ 377 /* (read entire packet and then truncate padding, if present) */ 378 const uint32_t blen = buffer_string_length(b); 379 if (chunkqueue_read_data(hctx->rb, 380 buffer_string_prepare_append(b, packet->len), 381 packet->len, hctx->r->conf.errh) < 0) 382 return; /*(should not happen; should all be in memory)*/ 383 buffer_string_set_length(b, blen + packet->len - packet->padding); 384 } 385 386 __attribute_cold__ 387 __attribute_noinline__ 388 static int 389 mod_fastcgi_chunk_decode_transfer_cqlen (request_st * const r, chunkqueue * const src, const unsigned int len) 390 { 391 if (0 == len) return 0; 392 393 /* specialized for mod_fastcgi to decode chunked encoding; 394 * FastCGI packet data is all type MEM_CHUNK 395 * entire src cq is processed, minus packet.padding at end 396 * (This extra work can be avoided if FastCGI backend does not send 397 * Transfer-Encoding: chunked, which FastCGI is not supposed to do) */ 398 uint32_t remain = len, wr; 399 for (const chunk *c = src->first; c && remain; c = c->next, remain -= wr) { 400 /*assert(c->type == MEM_CHUNK);*/ 401 wr = buffer_string_length(c->mem) - c->offset; 402 if (wr > remain) wr = remain; 403 if (0 != http_chunk_decode_append_mem(r, c->mem->ptr+c->offset, wr)) 404 return -1; 405 } 406 chunkqueue_mark_written(src, len); 407 return 0; 408 } 409 410 static int 411 mod_fastcgi_transfer_cqlen (request_st * const r, chunkqueue * const src, const unsigned int len) 412 { 413 return (!r->resp_decode_chunked) 414 ? http_chunk_transfer_cqlen(r, src, len) 415 : mod_fastcgi_chunk_decode_transfer_cqlen(r, src, len); 416 } 417 418 static handler_t fcgi_recv_parse(request_st * const r, struct http_response_opts_t *opts, buffer *b, size_t n) { 419 handler_ctx *hctx = (handler_ctx *)opts->pdata; 420 int fin = 0; 421 422 if (0 == n) { 423 if (-1 == hctx->request_id) return HANDLER_FINISHED; /*(flag request ended)*/ 424 if (!(fdevent_fdnode_interest(hctx->fdn) & FDEVENT_IN) 425 && !(r->conf.stream_response_body & FDEVENT_STREAM_RESPONSE_POLLRDHUP)) 426 return HANDLER_GO_ON; 427 log_error(r->conf.errh, __FILE__, __LINE__, 428 "unexpected end-of-file (perhaps the fastcgi process died):" 429 "pid: %d socket: %s", 430 hctx->proc->pid, hctx->proc->connection_name->ptr); 431 432 return HANDLER_ERROR; 433 } 434 435 chunkqueue_append_buffer(hctx->rb, b); 436 437 /* 438 * parse the fastcgi packets and forward the content to the write-queue 439 * 440 */ 441 while (fin == 0) { 442 fastcgi_response_packet packet; 443 444 /* check if we have at least one packet */ 445 if (0 != fastcgi_get_packet(hctx, &packet)) { 446 /* no full packet */ 447 break; 448 } 449 450 switch(packet.type) { 451 case FCGI_STDOUT: 452 if (packet.len == 0) break; 453 454 /* is the header already finished */ 455 if (0 == r->resp_body_started) { 456 /* split header from body */ 457 buffer *hdrs = hctx->response; 458 if (NULL == hdrs) { 459 hdrs = r->tmp_buf; 460 buffer_clear(hdrs); 461 } 462 fastcgi_get_packet_body(hdrs, hctx, &packet); 463 if (HANDLER_GO_ON != http_response_parse_headers(r, &hctx->opts, hdrs)) { 464 hctx->send_content_body = 0; 465 fin = 1; 466 break; 467 } 468 if (0 == r->resp_body_started) { 469 if (!hctx->response) { 470 hctx->response = chunk_buffer_acquire(); 471 buffer_copy_buffer(hctx->response, hdrs); 472 } 473 } 474 else if (hctx->gw_mode == GW_AUTHORIZER && 475 (r->http_status == 0 || r->http_status == 200)) { 476 /* authorizer approved request; ignore the content here */ 477 hctx->send_content_body = 0; 478 } 479 } else if (hctx->send_content_body) { 480 if (0 != mod_fastcgi_transfer_cqlen(r, hctx->rb, packet.len - packet.padding)) { 481 /* error writing to tempfile; 482 * truncate response or send 500 if nothing sent yet */ 483 fin = 1; 484 } 485 if (packet.padding) chunkqueue_mark_written(hctx->rb, packet.padding); 486 } else { 487 chunkqueue_mark_written(hctx->rb, packet.len); 488 } 489 break; 490 case FCGI_STDERR: 491 if (packet.len) { 492 buffer * const tb = r->tmp_buf; 493 buffer_clear(tb); 494 fastcgi_get_packet_body(tb, hctx, &packet); 495 log_error_multiline_buffer(r->conf.errh, __FILE__, __LINE__, tb, 496 "FastCGI-stderr:"); 497 } 498 break; 499 case FCGI_END_REQUEST: 500 hctx->request_id = -1; /*(flag request ended)*/ 501 fin = 1; 502 break; 503 default: 504 log_error(r->conf.errh, __FILE__, __LINE__, 505 "FastCGI: header.type not handled: %d", packet.type); 506 chunkqueue_mark_written(hctx->rb, packet.len); 507 break; 508 } 509 } 510 511 return 0 == fin ? HANDLER_GO_ON : HANDLER_FINISHED; 512 } 513 514 static handler_t fcgi_check_extension(request_st * const r, void *p_d, int uri_path_handler) { 515 plugin_data *p = p_d; 516 handler_t rc; 517 518 if (NULL != r->handler_module) return HANDLER_GO_ON; 519 520 mod_fastcgi_patch_config(r, p); 521 if (NULL == p->conf.exts) return HANDLER_GO_ON; 522 523 rc = gw_check_extension(r, p, uri_path_handler, 0); 524 if (HANDLER_GO_ON != rc) return rc; 525 526 if (r->handler_module == p->self) { 527 handler_ctx *hctx = r->plugin_ctx[p->id]; 528 hctx->opts.backend = BACKEND_FASTCGI; 529 hctx->opts.parse = fcgi_recv_parse; 530 hctx->opts.pdata = hctx; 531 hctx->stdin_append = fcgi_stdin_append; 532 hctx->create_env = fcgi_create_env; 533 if (!hctx->rb) { 534 hctx->rb = chunkqueue_init(NULL); 535 } 536 else { 537 chunkqueue_reset(hctx->rb); 538 } 539 } 540 541 return HANDLER_GO_ON; 542 } 543 544 /* uri-path handler */ 545 static handler_t fcgi_check_extension_1(request_st * const r, void *p_d) { 546 return fcgi_check_extension(r, p_d, 1); 547 } 548 549 /* start request handler */ 550 static handler_t fcgi_check_extension_2(request_st * const r, void *p_d) { 551 return fcgi_check_extension(r, p_d, 0); 552 } 553 554 555 int mod_fastcgi_plugin_init(plugin *p); 556 int mod_fastcgi_plugin_init(plugin *p) { 557 p->version = LIGHTTPD_VERSION_ID; 558 p->name = "fastcgi"; 559 560 p->init = gw_init; 561 p->cleanup = gw_free; 562 p->set_defaults = mod_fastcgi_set_defaults; 563 p->handle_request_reset = gw_handle_request_reset; 564 p->handle_uri_clean = fcgi_check_extension_1; 565 p->handle_subrequest_start = fcgi_check_extension_2; 566 p->handle_subrequest = gw_handle_subrequest; 567 p->handle_trigger = gw_handle_trigger; 568 p->handle_waitpid = gw_handle_waitpid_cb; 569 570 return 0; 571 } 572