uhttpd: properly initialize sigaction, restore SIGTERM for childs
[project/luci.git] / contrib / package / uhttpd / src / uhttpd.c
1 /*
2  * uhttpd - Tiny single-threaded httpd - Main component
3  *
4  *   Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
5  *
6  *  Licensed under the Apache License, Version 2.0 (the "License");
7  *  you may not use this file except in compliance with the License.
8  *  You may obtain a copy of the License at
9  *
10  *      http://www.apache.org/licenses/LICENSE-2.0
11  *
12  *  Unless required by applicable law or agreed to in writing, software
13  *  distributed under the License is distributed on an "AS IS" BASIS,
14  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  *  See the License for the specific language governing permissions and
16  *  limitations under the License.
17  */
18
19 #define _XOPEN_SOURCE 500       /* crypt() */
20
21 #include "uhttpd.h"
22 #include "uhttpd-utils.h"
23 #include "uhttpd-file.h"
24
25 #ifdef HAVE_CGI
26 #include "uhttpd-cgi.h"
27 #endif
28
29 #ifdef HAVE_LUA
30 #include "uhttpd-lua.h"
31 #endif
32
33 #ifdef HAVE_TLS
34 #include "uhttpd-tls.h"
35 #endif
36
37
38 static int run = 1;
39
40 static void uh_sigterm(int sig)
41 {
42         run = 0;
43 }
44
45 static void uh_config_parse(const char *path)
46 {
47         FILE *c;
48         char line[512];
49         char *user = NULL;
50         char *pass = NULL;
51         char *eol  = NULL;
52
53         if( (c = fopen(path ? path : "/etc/httpd.conf", "r")) != NULL )
54         {
55                 memset(line, 0, sizeof(line));
56
57                 while( fgets(line, sizeof(line) - 1, c) )
58                 {
59                         if( (line[0] == '/') && (strchr(line, ':') != NULL) )
60                         {
61                                 if( !(user = strchr(line, ':')) || (*user++ = 0) ||
62                                     !(pass = strchr(user, ':')) || (*pass++ = 0) ||
63                                         !(eol = strchr(pass, '\n')) || (*eol++  = 0) )
64                                                 continue;
65
66                                 if( !uh_auth_add(line, user, pass) )
67                                 {
68                                         fprintf(stderr,
69                                                 "Can not manage more than %i basic auth realms, "
70                                                 "will skip the rest\n", UH_LIMIT_AUTHREALMS
71                                         );
72
73                                         break;
74                                 } 
75                         }
76                 }
77
78                 fclose(c);
79         }
80 }
81
82 static int uh_socket_bind(
83         fd_set *serv_fds, int *max_fd, const char *host, const char *port,
84         struct addrinfo *hints, int do_tls, struct config *conf
85 ) {
86         int sock = -1;
87         int yes = 1;
88         int status;
89         int bound = 0;
90
91         struct listener *l = NULL;
92         struct addrinfo *addrs = NULL, *p = NULL;
93
94         if( (status = getaddrinfo(host, port, hints, &addrs)) != 0 )
95         {
96                 fprintf(stderr, "getaddrinfo(): %s\n", gai_strerror(status));
97         }
98
99         /* try to bind a new socket to each found address */
100         for( p = addrs; p; p = p->ai_next )
101         {
102                 /* get the socket */
103                 if( (sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1 )
104                 {
105                         perror("socket()");
106                         goto error;
107                 }
108
109                 /* "address already in use" */
110                 if( setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes)) == -1 )
111                 {
112                         perror("setsockopt()");
113                         goto error;
114                 }
115
116                 /* required to get parallel v4 + v6 working */
117                 if( p->ai_family == AF_INET6 )
118                 {
119                         if( setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &yes, sizeof(yes)) == -1 )
120                         {
121                                 perror("setsockopt()");
122                                 goto error;
123                         }
124                 }
125
126                 /* bind */
127                 if( bind(sock, p->ai_addr, p->ai_addrlen) == -1 )
128                 {
129                         perror("bind()");
130                         goto error;
131                 }
132
133                 /* listen */
134                 if( listen(sock, UH_LIMIT_CLIENTS) == -1 )
135                 {
136                         perror("listen()");
137                         goto error;
138                 }
139
140                 /* add listener to global list */
141                 if( ! (l = uh_listener_add(sock, conf)) )
142                 {
143                         fprintf(stderr,
144                                 "uh_listener_add(): Can not create more than "
145                                 "%i listen sockets\n", UH_LIMIT_LISTENERS
146                         );
147
148                         goto error;
149                 }
150
151 #ifdef HAVE_TLS
152                 /* init TLS */
153                 l->tls = do_tls ? conf->tls : NULL;
154 #endif
155
156                 /* add socket to server fd set */
157                 FD_SET(sock, serv_fds);
158                 *max_fd = max(*max_fd, sock);
159
160                 bound++;
161                 continue;
162
163                 error:
164                 if( sock > 0 )
165                         close(sock);
166         }
167
168         freeaddrinfo(addrs);
169
170         return bound;
171 }
172
173 static struct http_request * uh_http_header_parse(struct client *cl, char *buffer, int buflen)
174 {
175         char *method  = &buffer[0];
176         char *path    = NULL;
177         char *version = NULL;
178
179         char *headers = NULL;
180         char *hdrname = NULL;
181         char *hdrdata = NULL;
182
183         int i;
184         int hdrcount = 0;
185
186         static struct http_request req;
187
188         memset(&req, 0, sizeof(req));
189
190
191         /* terminate initial header line */
192         if( (headers = strfind(buffer, buflen, "\r\n", 2)) != NULL )
193         {
194                 buffer[buflen-1] = 0;
195
196                 *headers++ = 0;
197                 *headers++ = 0;
198
199                 /* find request path */
200                 if( (path = strchr(buffer, ' ')) != NULL )
201                         *path++ = 0;
202
203                 /* find http version */
204                 if( (path != NULL) && ((version = strchr(path, ' ')) != NULL) )
205                         *version++ = 0;
206
207
208                 /* check method */
209                 if( strcmp(method, "GET") && strcmp(method, "HEAD") && strcmp(method, "POST") )
210                 {
211                         /* invalid method */
212                         uh_http_response(cl, 405, "Method Not Allowed");
213                         return NULL;
214                 }
215                 else
216                 {
217                         switch(method[0])
218                         {
219                                 case 'G':
220                                         req.method = UH_HTTP_MSG_GET;
221                                         break;
222
223                                 case 'H':
224                                         req.method = UH_HTTP_MSG_HEAD;
225                                         break;
226
227                                 case 'P':
228                                         req.method = UH_HTTP_MSG_POST;
229                                         break;
230                         }
231                 }
232
233                 /* check path */
234                 if( !path || !strlen(path) )
235                 {
236                         /* malformed request */
237                         uh_http_response(cl, 400, "Bad Request");
238                         return NULL;
239                 }
240                 else
241                 {
242                         req.url = path;
243                 }
244
245                 /* check version */
246                 if( strcmp(version, "HTTP/0.9") && strcmp(version, "HTTP/1.0") && strcmp(version, "HTTP/1.1") )
247                 {
248                         /* unsupported version */
249                         uh_http_response(cl, 400, "Bad Request");
250                         return NULL;
251                 }
252                 else
253                 {
254                         req.version = strtof(&version[5], NULL);
255                 }
256
257
258                 /* process header fields */
259                 for( i = (int)(headers - buffer); i < buflen; i++ )
260                 {
261                         /* found eol and have name + value, push out header tuple */
262                         if( hdrname && hdrdata && (buffer[i] == '\r' || buffer[i] == '\n') )
263                         {
264                                 buffer[i] = 0;
265
266                                 /* store */
267                                 if( (hdrcount + 1) < array_size(req.headers) )
268                                 {
269                                         req.headers[hdrcount++] = hdrname;
270                                         req.headers[hdrcount++] = hdrdata;
271
272                                         hdrname = hdrdata = NULL;
273                                 }
274
275                                 /* too large */
276                                 else
277                                 {
278                                         uh_http_response(cl, 413, "Request Entity Too Large");
279                                         return NULL;
280                                 }
281                         }
282
283                         /* have name but no value and found a colon, start of value */
284                         else if( hdrname && !hdrdata && ((i+2) < buflen) &&
285                                 (buffer[i] == ':') && (buffer[i+1] == ' ')
286                         ) {
287                                 buffer[i] = 0;
288                                 hdrdata = &buffer[i+2];
289                         }
290
291                         /* have no name and found [A-Z], start of name */
292                         else if( !hdrname && isalpha(buffer[i]) && isupper(buffer[i]) )
293                         {
294                                 hdrname = &buffer[i];
295                         }
296                 }
297
298                 /* valid enough */
299                 return &req;
300         }
301
302         /* Malformed request */
303         uh_http_response(cl, 400, "Bad Request");
304         return NULL;
305 }
306
307
308 static struct http_request * uh_http_header_recv(struct client *cl)
309 {
310         static char buffer[UH_LIMIT_MSGHEAD];
311         char *bufptr = &buffer[0];
312         char *idxptr = NULL;
313
314         struct timeval timeout;
315
316         fd_set reader;
317
318         ssize_t blen = sizeof(buffer)-1;
319         ssize_t rlen = 0;
320
321
322         memset(buffer, 0, sizeof(buffer));
323
324         while( blen > 0 )
325         {
326                 FD_ZERO(&reader);
327                 FD_SET(cl->socket, &reader);
328
329                 /* fail after 0.1s */
330                 timeout.tv_sec  = 0;
331                 timeout.tv_usec = 100000;
332
333                 /* check whether fd is readable */
334                 if( select(cl->socket + 1, &reader, NULL, NULL, &timeout) > 0 )
335                 {
336                         /* receive data */
337                         rlen = uh_tcp_peek(cl, bufptr, blen);
338
339                         if( rlen > 0 )
340                         {
341                                 if( (idxptr = strfind(buffer, sizeof(buffer), "\r\n\r\n", 4)) )
342                                 {
343                                         blen -= uh_tcp_recv(cl, bufptr, (int)(idxptr - bufptr) + 4);
344
345                                         /* header read complete ... */
346                                         return uh_http_header_parse(cl, buffer, sizeof(buffer) - blen - 1);
347                                 }
348                                 else
349                                 {
350                                         rlen = uh_tcp_recv(cl, bufptr, rlen);
351                                         blen -= rlen;
352                                         bufptr += rlen;
353                                 }
354                         }
355                         else
356                         {
357                                 /* invalid request (unexpected eof/timeout) */
358                                 uh_http_response(cl, 408, "Request Timeout");
359                                 return NULL;
360                         }
361                 }
362                 else
363                 {
364                         /* invalid request (unexpected eof/timeout) */
365                         uh_http_response(cl, 408, "Request Timeout");
366                         return NULL;
367                 }
368         }
369
370         /* request entity too large */
371         uh_http_response(cl, 413, "Request Entity Too Large");
372         return NULL;
373 }
374
375 static int uh_path_match(const char *prefix, const char *url)
376 {
377         if( (strstr(url, prefix) == url) &&
378             ((prefix[strlen(prefix)-1] == '/') ||
379                  (strlen(url) == strlen(prefix))   ||
380                  (url[strlen(prefix)] == '/'))
381         ) {
382                 return 1;
383         }
384
385         return 0;
386 }
387
388
389 int main (int argc, char **argv)
390 {
391 #ifdef HAVE_LUA
392         /* Lua runtime */
393         lua_State *L = NULL;
394 #endif
395
396         /* master file descriptor list */
397         fd_set used_fds, serv_fds, read_fds;
398
399         /* working structs */
400         struct addrinfo hints;
401         struct http_request *req;
402         struct path_info *pin;
403         struct client *cl;
404         struct sigaction sa;
405         struct config conf;
406
407         /* maximum file descriptor number */
408         int new_fd, cur_fd, max_fd = 0;
409
410         int tls = 0;
411         int keys = 0;
412         int bound = 0;
413         int nofork = 0;
414
415         /* args */
416         char opt;
417         char bind[128];
418         char *port = NULL;
419
420         /* clear the master and temp sets */
421         FD_ZERO(&used_fds);
422         FD_ZERO(&serv_fds);
423         FD_ZERO(&read_fds);
424
425         /* handle SIGPIPE, SIGCHILD */
426         sa.sa_flags = 0;
427         sigemptyset(&sa.sa_mask);
428
429         sa.sa_handler = SIG_IGN;
430         sigaction(SIGPIPE, &sa, NULL);
431         sigaction(SIGCHLD, &sa, NULL);
432
433         sa.sa_handler = uh_sigterm;
434         sigaction(SIGINT,  &sa, NULL);
435         sigaction(SIGTERM, &sa, NULL);
436
437         /* prepare addrinfo hints */
438         memset(&hints, 0, sizeof(hints));
439         hints.ai_family   = AF_UNSPEC;
440         hints.ai_socktype = SOCK_STREAM;
441         hints.ai_flags    = AI_PASSIVE;
442
443         /* parse args */
444         memset(&conf, 0, sizeof(conf));
445         memset(bind, 0, sizeof(bind));
446
447 #ifdef HAVE_TLS
448         /* init SSL context */
449         if( ! (conf.tls = uh_tls_ctx_init()) )
450         {
451                 fprintf(stderr, "Failed to initalize SSL context\n");
452                 exit(1);
453         }
454 #endif
455
456         while( (opt = getopt(argc, argv, "fC:K:p:s:h:c:l:L:d:r:m:x:")) > 0 )
457         {
458                 switch(opt)
459                 {
460                         /* [addr:]port */
461                         case 'p':
462                         case 's':
463                                 if( (port = strrchr(optarg, ':')) != NULL )
464                                 {
465                                         if( (optarg[0] == '[') && (port > optarg) && (port[-1] == ']') )
466                                                 memcpy(bind, optarg + 1,
467                                                         min(sizeof(bind), (int)(port - optarg) - 2));
468                                         else
469                                                 memcpy(bind, optarg,
470                                                         min(sizeof(bind), (int)(port - optarg)));
471
472                                         port++;
473                                 }
474                                 else
475                                 {
476                                         port = optarg;
477                                 }
478
479                                 if( opt == 's' )
480                                         tls = 1;
481
482                                 /* bind sockets */
483                                 bound += uh_socket_bind(
484                                         &serv_fds, &max_fd, bind[0] ? bind : NULL, port,
485                                         &hints, tls, &conf
486                                 );
487
488                                 break;
489
490 #ifdef HAVE_TLS
491                         /* certificate */
492                         case 'C':
493                                 if( SSL_CTX_use_certificate_file(conf.tls, optarg, SSL_FILETYPE_ASN1) < 1 )
494                                 {
495                                         fprintf(stderr, "Invalid certificate file given\n");
496                                         exit(1);
497                                 }
498
499                                 keys++;
500                                 break;
501
502                         /* key */
503                         case 'K':
504                                 if( SSL_CTX_use_PrivateKey_file(conf.tls, optarg, SSL_FILETYPE_ASN1) < 1 )
505                                 {
506                                         fprintf(stderr, "Invalid private key file given\n");
507                                         exit(1);
508                                 }
509
510                                 keys++;
511                                 break;
512 #endif
513
514                         /* docroot */
515                         case 'h':
516                                 if( ! realpath(optarg, conf.docroot) )
517                                 {
518                                         fprintf(stderr, "Invalid directory %s: %s\n", optarg, strerror(errno));
519                                         exit(1);
520                                 }
521                                 break;
522
523 #ifdef HAVE_CGI
524                         /* cgi prefix */
525                         case 'x':
526                                 conf.cgi_prefix = optarg;
527                                 break;
528 #endif
529
530 #ifdef HAVE_LUA
531                         /* lua prefix */
532                         case 'l':
533                                 conf.lua_prefix = optarg;
534                                 break;
535
536                         /* lua handler */
537                         case 'L':
538                                 conf.lua_handler = optarg;
539                                 break;
540 #endif
541
542                         /* no fork */
543                         case 'f':
544                                 nofork = 1;
545                                 break;
546
547                         /* urldecode */
548                         case 'd':
549                                 if( (port = malloc(strlen(optarg)+1)) != NULL )
550                                 {
551                                         memset(port, 0, strlen(optarg)+1);
552                                         uh_urldecode(port, strlen(optarg), optarg, strlen(optarg));
553                                         printf("%s", port);
554                                         free(port);
555                                         exit(0);
556                                 }
557                                 break;
558
559                         /* basic auth realm */
560                         case 'r':
561                                 conf.realm = optarg;
562                                 break;
563
564                         /* md5 crypt */
565                         case 'm':
566                                 printf("%s\n", crypt(optarg, "$1$"));
567                                 exit(0);
568                                 break;
569
570                         /* config file */
571                         case 'c':
572                                 conf.file = optarg;
573                                 break;
574
575                         default:
576                                 fprintf(stderr,
577                                         "Usage: %s -p [addr:]port [-h docroot]\n"
578                                         "       -f              Do not fork to background\n"
579                                         "       -c file         Configuration file, default is '/etc/httpd.conf'\n"
580                                         "       -p [addr:]port  Bind to specified address and port, multiple allowed\n"
581 #ifdef HAVE_TLS
582                                         "       -s [addr:]port  Like -p but provide HTTPS on this port\n"
583                                         "       -C file         ASN.1 server certificate file\n"
584                                         "       -K file         ASN.1 server private key file\n"
585 #endif
586                                         "       -h directory    Specify the document root, default is '.'\n"
587 #ifdef HAVE_LUA
588                                         "       -l string       URL prefix for Lua handler, default is '/lua'\n"
589                                         "       -L file         Lua handler script, omit to disable Lua\n"
590 #endif
591 #ifdef HAVE_CGI
592                                         "       -x string       URL prefix for CGI handler, default is '/cgi-bin'\n"
593 #endif
594                                         "       -d string       URL decode given string\n"
595                                         "       -r string       Specify basic auth realm\n"
596                                         "       -m string       MD5 crypt given string\n"
597                                         "\n", argv[0]
598                                 );
599
600                                 exit(1);
601                 }
602         }
603
604 #ifdef HAVE_TLS
605         if( (tls == 1) && (keys < 2) )
606         {
607                 fprintf(stderr, "Missing private key or certificate file\n");
608                 exit(1);
609         }
610 #endif
611
612         if( bound < 1 )
613         {
614                 fprintf(stderr, "No sockets bound, unable to continue\n");
615                 exit(1);
616         }
617
618         /* default docroot */
619         if( !conf.docroot[0] && !realpath(".", conf.docroot) )
620         {
621                 fprintf(stderr, "Can not determine default document root: %s\n",
622                         strerror(errno));
623                 exit(1);
624         }
625
626         /* default realm */
627         if( ! conf.realm )
628                 conf.realm = "Protected Area";
629
630         /* config file */
631         uh_config_parse(conf.file);
632
633 #ifdef HAVE_CGI
634         /* default cgi prefix */
635         if( ! conf.cgi_prefix )
636                 conf.cgi_prefix = "/cgi-bin";
637 #endif
638
639 #ifdef HAVE_LUA
640         /* init Lua runtime if handler is specified */
641         if( conf.lua_handler )
642         {
643                 /* default lua prefix */
644                 if( ! conf.lua_prefix )
645                         conf.lua_prefix = "/lua";
646
647                 L = uh_lua_init(conf.lua_handler);
648         }
649 #endif
650
651         /* fork (if not disabled) */
652         if( ! nofork )
653         {
654                 switch( fork() )
655                 {
656                         case -1:
657                                 perror("fork()");
658                                 exit(1);
659
660                         case 0:
661                                 /* daemon setup */
662                                 if( chdir("/") )
663                                         perror("chdir()");
664
665                                 if( (cur_fd = open("/dev/null", O_WRONLY)) > -1 )
666                                         dup2(cur_fd, 0);
667
668                                 if( (cur_fd = open("/dev/null", O_RDONLY)) > -1 )
669                                         dup2(cur_fd, 1);
670
671                                 if( (cur_fd = open("/dev/null", O_RDONLY)) > -1 )
672                                         dup2(cur_fd, 2);
673
674                                 break;
675
676                         default:
677                                 exit(0);
678                 }
679         }
680
681         /* backup server descriptor set */
682         used_fds = serv_fds;
683
684         /* loop */
685         while(run)
686         {
687                 /* create a working copy of the used fd set */
688                 read_fds = used_fds;
689
690                 /* sleep until socket activity */
691                 if( select(max_fd + 1, &read_fds, NULL, NULL, NULL) == -1 )
692                 {
693                         perror("select()");
694                         exit(1);
695                 }
696
697                 /* run through the existing connections looking for data to be read */
698                 for( cur_fd = 0; cur_fd <= max_fd; cur_fd++ )
699                 {
700                         /* is a socket managed by us */
701                         if( FD_ISSET(cur_fd, &read_fds) )
702                         {
703                                 /* is one of our listen sockets */
704                                 if( FD_ISSET(cur_fd, &serv_fds) )
705                                 {
706                                         /* handle new connections */
707                                         if( (new_fd = accept(cur_fd, NULL, 0)) != -1 )
708                                         {
709                                                 /* add to global client list */
710                                                 if( (cl = uh_client_add(new_fd, uh_listener_lookup(cur_fd))) != NULL )
711                                                 {
712 #ifdef HAVE_TLS
713                                                         /* setup client tls context */
714                                                         uh_tls_client_accept(cl);
715 #endif
716
717                                                         /* add client socket to global fdset */
718                                                         FD_SET(new_fd, &used_fds);
719                                                         max_fd = max(max_fd, new_fd);
720                                                 }
721
722                                                 /* insufficient resources */
723                                                 else
724                                                 {
725                                                         fprintf(stderr,
726                                                                 "uh_client_add(): Can not manage more than "
727                                                                 "%i client sockets, connection dropped\n",
728                                                                 UH_LIMIT_CLIENTS
729                                                         );
730
731                                                         close(new_fd);
732                                                 }
733                                         }
734                                 }
735
736                                 /* is a client socket */
737                                 else
738                                 {
739                                         if( ! (cl = uh_client_lookup(cur_fd)) )
740                                         {
741                                                 /* this should not happen! */
742                                                 fprintf(stderr,
743                                                         "uh_client_lookup(): No entry for fd %i!\n",
744                                                         cur_fd);
745
746                                                 goto cleanup;
747                                         }
748
749                                         /* parse message header */
750                                         if( (req = uh_http_header_recv(cl)) != NULL )
751                                         {
752 #ifdef HAVE_LUA
753                                                 /* Lua request? */
754                                                 if( L && uh_path_match(conf.lua_prefix, req->url) )
755                                                 {
756                                                         uh_lua_request(cl, req, L);
757                                                 }
758                                                 else
759 #endif
760                                                 /* dispatch request */
761                                                 if( (pin = uh_path_lookup(cl, req->url)) != NULL )
762                                                 {
763                                                         /* auth ok? */
764                                                         if( uh_auth_check(cl, req, pin) )
765                                                         {
766 #ifdef HAVE_CGI
767                                                                 if( uh_path_match(conf.cgi_prefix, pin->name) )
768                                                                 {
769                                                                         uh_cgi_request(cl, req, pin);
770                                                                 }
771                                                                 else
772 #endif
773                                                                 {
774                                                                         uh_file_request(cl, req, pin);
775                                                                 }
776                                                         }
777                                                 }
778
779                                                 /* 404 */
780                                                 else
781                                                 {
782                                                         uh_http_sendhf(cl, 404, "Not Found",
783                                                                 "No such file or directory");
784                                                 }
785                                         }
786
787                                         /* 400 */
788                                         else
789                                         {
790                                                 uh_http_sendhf(cl, 400, "Bad Request",
791                                                         "Malformed request received");
792                                         }
793
794 #ifdef HAVE_TLS
795                                         /* free client tls context */
796                                         uh_tls_client_close(cl);
797 #endif
798
799                                         cleanup:
800
801                                         /* close client socket */
802                                         close(cur_fd);
803                                         FD_CLR(cur_fd, &used_fds);
804
805                                         /* remove from global client list */
806                                         uh_client_remove(cur_fd);
807                                 }
808                         }
809                 }
810         }
811
812 #ifdef HAVE_LUA
813         /* destroy the Lua state */
814         if( L != NULL )
815                 lua_close(L);
816 #endif
817
818         return 0;
819 }
820