arping: change a few message strings to be closer to iputils arping
[oweals/busybox.git] / networking / httpd.c
1 /* vi: set sw=4 ts=4: */
2 /*
3  * httpd implementation for busybox
4  *
5  * Copyright (C) 2002,2003 Glenn Engel <glenne@engel.org>
6  * Copyright (C) 2003-2006 Vladimir Oleynik <dzo@simtreas.ru>
7  *
8  * Licensed under GPLv2 or later, see file LICENSE in this source tree.
9  *
10  *****************************************************************************
11  *
12  * Typical usage:
13  * For non root user:
14  *      httpd -p 8080 -h $HOME/public_html
15  * For daemon start from rc script with uid=0:
16  *      httpd -u www
17  * which is equivalent to (assuming user www has uid 80):
18  *      httpd -p 80 -u 80 -h $PWD -c /etc/httpd.conf -r "Web Server Authentication"
19  *
20  * When an url starts with "/cgi-bin/" it is assumed to be a cgi script.
21  * The server changes directory to the location of the script and executes it
22  * after setting QUERY_STRING and other environment variables.
23  *
24  * If directory URL is given, no index.html is found and CGI support is enabled,
25  * cgi-bin/index.cgi will be run. Directory to list is ../$QUERY_STRING.
26  * See httpd_indexcgi.c for an example GCI code.
27  *
28  * Doc:
29  * "CGI Environment Variables": http://hoohoo.ncsa.uiuc.edu/cgi/env.html
30  *
31  * The applet can also be invoked as an url arg decoder and html text encoder
32  * as follows:
33  *      foo=`httpd -d $foo`             # decode "Hello%20World" as "Hello World"
34  *      bar=`httpd -e "<Hello World>"`  # encode as "&#60Hello&#32World&#62"
35  * Note that url encoding for arguments is not the same as html encoding for
36  * presentation.  -d decodes an url-encoded argument while -e encodes in html
37  * for page display.
38  *
39  * httpd.conf has the following format:
40  *
41  * H:/serverroot     # define the server root. It will override -h
42  * A:172.20.         # Allow address from 172.20.0.0/16
43  * A:10.0.0.0/25     # Allow any address from 10.0.0.0-10.0.0.127
44  * A:10.0.0.0/255.255.255.128  # Allow any address that previous set
45  * A:127.0.0.1       # Allow local loopback connections
46  * D:*               # Deny from other IP connections
47  * E404:/path/e404.html # /path/e404.html is the 404 (not found) error page
48  * I:index.html      # Show index.html when a directory is requested
49  *
50  * P:/url:[http://]hostname[:port]/new/path
51  *                   # When /urlXXXXXX is requested, reverse proxy
52  *                   # it to http://hostname[:port]/new/pathXXXXXX
53  *
54  * /cgi-bin:foo:bar  # Require user foo, pwd bar on urls starting with /cgi-bin/
55  * /adm:admin:setup  # Require user admin, pwd setup on urls starting with /adm/
56  * /adm:toor:PaSsWd  # or user toor, pwd PaSsWd on urls starting with /adm/
57  * /adm:root:*       # or user root, pwd from /etc/passwd on urls starting with /adm/
58  * /wiki:*:*         # or any user from /etc/passwd with according pwd on urls starting with /wiki/
59  * .au:audio/basic   # additional mime type for audio.au files
60  * *.php:/path/php   # run xxx.php through an interpreter
61  *
62  * A/D may be as a/d or allow/deny - only first char matters.
63  * Deny/Allow IP logic:
64  *  - Default is to allow all (Allow all (A:*) is a no-op).
65  *  - Deny rules take precedence over allow rules.
66  *  - "Deny all" rule (D:*) is applied last.
67  *
68  * Example:
69  *   1. Allow only specified addresses
70  *     A:172.20          # Allow any address that begins with 172.20.
71  *     A:10.10.          # Allow any address that begins with 10.10.
72  *     A:127.0.0.1       # Allow local loopback connections
73  *     D:*               # Deny from other IP connections
74  *
75  *   2. Only deny specified addresses
76  *     D:1.2.3.        # deny from 1.2.3.0 - 1.2.3.255
77  *     D:2.3.4.        # deny from 2.3.4.0 - 2.3.4.255
78  *     A:*             # (optional line added for clarity)
79  *
80  * If a sub directory contains config file, it is parsed and merged with
81  * any existing settings as if it was appended to the original configuration.
82  *
83  * subdir paths are relative to the containing subdir and thus cannot
84  * affect the parent rules.
85  *
86  * Note that since the sub dir is parsed in the forked thread servicing the
87  * subdir http request, any merge is discarded when the process exits.  As a
88  * result, the subdir settings only have a lifetime of a single request.
89  *
90  * Custom error pages can contain an absolute path or be relative to
91  * 'home_httpd'. Error pages are to be static files (no CGI or script). Error
92  * page can only be defined in the root configuration file and are not taken
93  * into account in local (directories) config files.
94  *
95  * If -c is not set, an attempt will be made to open the default
96  * root configuration file.  If -c is set and the file is not found, the
97  * server exits with an error.
98  *
99  */
100  /* TODO: use TCP_CORK, parse_config() */
101 //config:config HTTPD
102 //config:       bool "httpd (32 kb)"
103 //config:       default y
104 //config:       help
105 //config:       HTTP server.
106 //config:
107 //config:config FEATURE_HTTPD_RANGES
108 //config:       bool "Support 'Ranges:' header"
109 //config:       default y
110 //config:       depends on HTTPD
111 //config:       help
112 //config:       Makes httpd emit "Accept-Ranges: bytes" header and understand
113 //config:       "Range: bytes=NNN-[MMM]" header. Allows for resuming interrupted
114 //config:       downloads, seeking in multimedia players etc.
115 //config:
116 //config:config FEATURE_HTTPD_SETUID
117 //config:       bool "Enable -u <user> option"
118 //config:       default y
119 //config:       depends on HTTPD
120 //config:       help
121 //config:       This option allows the server to run as a specific user
122 //config:       rather than defaulting to the user that starts the server.
123 //config:       Use of this option requires special privileges to change to a
124 //config:       different user.
125 //config:
126 //config:config FEATURE_HTTPD_BASIC_AUTH
127 //config:       bool "Enable HTTP authentication"
128 //config:       default y
129 //config:       depends on HTTPD
130 //config:       help
131 //config:       Utilizes password settings from /etc/httpd.conf for basic
132 //config:       authentication on a per url basis.
133 //config:       Example for httpd.conf file:
134 //config:       /adm:toor:PaSsWd
135 //config:
136 //config:config FEATURE_HTTPD_AUTH_MD5
137 //config:       bool "Support MD5-encrypted passwords in HTTP authentication"
138 //config:       default y
139 //config:       depends on FEATURE_HTTPD_BASIC_AUTH
140 //config:       help
141 //config:       Enables encrypted passwords, and wildcard user/passwords
142 //config:       in httpd.conf file.
143 //config:       User '*' means 'any system user name is ok',
144 //config:       password of '*' means 'use system password for this user'
145 //config:       Examples:
146 //config:       /adm:toor:$1$P/eKnWXS$aI1aPGxT.dJD5SzqAKWrF0
147 //config:       /adm:root:*
148 //config:       /wiki:*:*
149 //config:
150 //config:config FEATURE_HTTPD_CGI
151 //config:       bool "Support Common Gateway Interface (CGI)"
152 //config:       default y
153 //config:       depends on HTTPD
154 //config:       help
155 //config:       This option allows scripts and executables to be invoked
156 //config:       when specific URLs are requested.
157 //config:
158 //config:config FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
159 //config:       bool "Support running scripts through an interpreter"
160 //config:       default y
161 //config:       depends on FEATURE_HTTPD_CGI
162 //config:       help
163 //config:       This option enables support for running scripts through an
164 //config:       interpreter. Turn this on if you want PHP scripts to work
165 //config:       properly. You need to supply an additional line in your
166 //config:       httpd.conf file:
167 //config:       *.php:/path/to/your/php
168 //config:
169 //config:config FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
170 //config:       bool "Set REMOTE_PORT environment variable for CGI"
171 //config:       default y
172 //config:       depends on FEATURE_HTTPD_CGI
173 //config:       help
174 //config:       Use of this option can assist scripts in generating
175 //config:       references that contain a unique port number.
176 //config:
177 //config:config FEATURE_HTTPD_ENCODE_URL_STR
178 //config:       bool "Enable -e option (useful for CGIs written as shell scripts)"
179 //config:       default y
180 //config:       depends on HTTPD
181 //config:       help
182 //config:       This option allows html encoding of arbitrary strings for display
183 //config:       by the browser. Output goes to stdout.
184 //config:       For example, httpd -e "<Hello World>" produces
185 //config:       "&#60Hello&#32World&#62".
186 //config:
187 //config:config FEATURE_HTTPD_ERROR_PAGES
188 //config:       bool "Support custom error pages"
189 //config:       default y
190 //config:       depends on HTTPD
191 //config:       help
192 //config:       This option allows you to define custom error pages in
193 //config:       the configuration file instead of the default HTTP status
194 //config:       error pages. For instance, if you add the line:
195 //config:               E404:/path/e404.html
196 //config:       in the config file, the server will respond the specified
197 //config:       '/path/e404.html' file instead of the terse '404 NOT FOUND'
198 //config:       message.
199 //config:
200 //config:config FEATURE_HTTPD_PROXY
201 //config:       bool "Support reverse proxy"
202 //config:       default y
203 //config:       depends on HTTPD
204 //config:       help
205 //config:       This option allows you to define URLs that will be forwarded
206 //config:       to another HTTP server. To setup add the following line to the
207 //config:       configuration file
208 //config:               P:/url/:http://hostname[:port]/new/path/
209 //config:       Then a request to /url/myfile will be forwarded to
210 //config:       http://hostname[:port]/new/path/myfile.
211 //config:
212 //config:config FEATURE_HTTPD_GZIP
213 //config:       bool "Support GZIP content encoding"
214 //config:       default y
215 //config:       depends on HTTPD
216 //config:       help
217 //config:       Makes httpd send files using GZIP content encoding if the
218 //config:       client supports it and a pre-compressed <file>.gz exists.
219
220 //applet:IF_HTTPD(APPLET(httpd, BB_DIR_USR_SBIN, BB_SUID_DROP))
221
222 //kbuild:lib-$(CONFIG_HTTPD) += httpd.o
223
224 //usage:#define httpd_trivial_usage
225 //usage:       "[-ifv[v]]"
226 //usage:       " [-c CONFFILE]"
227 //usage:       " [-p [IP:]PORT]"
228 //usage:        IF_FEATURE_HTTPD_SETUID(" [-u USER[:GRP]]")
229 //usage:        IF_FEATURE_HTTPD_BASIC_AUTH(" [-r REALM]")
230 //usage:       " [-h HOME]\n"
231 //usage:       "or httpd -d/-e" IF_FEATURE_HTTPD_AUTH_MD5("/-m") " STRING"
232 //usage:#define httpd_full_usage "\n\n"
233 //usage:       "Listen for incoming HTTP requests\n"
234 //usage:     "\n        -i              Inetd mode"
235 //usage:     "\n        -f              Don't daemonize"
236 //usage:     "\n        -v[v]           Verbose"
237 //usage:     "\n        -p [IP:]PORT    Bind to IP:PORT (default *:80)"
238 //usage:        IF_FEATURE_HTTPD_SETUID(
239 //usage:     "\n        -u USER[:GRP]   Set uid/gid after binding to port")
240 //usage:        IF_FEATURE_HTTPD_BASIC_AUTH(
241 //usage:     "\n        -r REALM        Authentication Realm for Basic Authentication")
242 //usage:     "\n        -h HOME         Home directory (default .)"
243 //usage:     "\n        -c FILE         Configuration file (default {/etc,HOME}/httpd.conf)"
244 //usage:        IF_FEATURE_HTTPD_AUTH_MD5(
245 //usage:     "\n        -m STRING       MD5 crypt STRING")
246 //usage:     "\n        -e STRING       HTML encode STRING"
247 //usage:     "\n        -d STRING       URL decode STRING"
248
249 #include "libbb.h"
250 #include "common_bufsiz.h"
251 #if ENABLE_PAM
252 /* PAM may include <locale.h>. We may need to undefine bbox's stub define: */
253 # undef setlocale
254 /* For some obscure reason, PAM is not in pam/xxx, but in security/xxx.
255  * Apparently they like to confuse people. */
256 # include <security/pam_appl.h>
257 # include <security/pam_misc.h>
258 #endif
259 #if ENABLE_FEATURE_USE_SENDFILE
260 # include <sys/sendfile.h>
261 #endif
262 /* amount of buffering in a pipe */
263 #ifndef PIPE_BUF
264 # define PIPE_BUF 4096
265 #endif
266
267 #define DEBUG 0
268
269 #define IOBUF_SIZE 8192
270 #if PIPE_BUF >= IOBUF_SIZE
271 # error "PIPE_BUF >= IOBUF_SIZE"
272 #endif
273
274 #define HEADER_READ_TIMEOUT 60
275
276 static const char DEFAULT_PATH_HTTPD_CONF[] ALIGN1 = "/etc";
277 static const char HTTPD_CONF[] ALIGN1 = "httpd.conf";
278 static const char HTTP_200[] ALIGN1 = "HTTP/1.0 200 OK\r\n";
279 static const char index_html[] ALIGN1 = "index.html";
280
281 typedef struct has_next_ptr {
282         struct has_next_ptr *next;
283 } has_next_ptr;
284
285 /* Must have "next" as a first member */
286 typedef struct Htaccess {
287         struct Htaccess *next;
288         char *after_colon;
289         char before_colon[1];  /* really bigger, must be last */
290 } Htaccess;
291
292 /* Must have "next" as a first member */
293 typedef struct Htaccess_IP {
294         struct Htaccess_IP *next;
295         unsigned ip;
296         unsigned mask;
297         int allow_deny;
298 } Htaccess_IP;
299
300 /* Must have "next" as a first member */
301 typedef struct Htaccess_Proxy {
302         struct Htaccess_Proxy *next;
303         char *url_from;
304         char *host_port;
305         char *url_to;
306 } Htaccess_Proxy;
307
308 enum {
309         HTTP_OK = 200,
310         HTTP_PARTIAL_CONTENT = 206,
311         HTTP_MOVED_TEMPORARILY = 302,
312         HTTP_BAD_REQUEST = 400,       /* malformed syntax */
313         HTTP_UNAUTHORIZED = 401, /* authentication needed, respond with auth hdr */
314         HTTP_NOT_FOUND = 404,
315         HTTP_FORBIDDEN = 403,
316         HTTP_REQUEST_TIMEOUT = 408,
317         HTTP_NOT_IMPLEMENTED = 501,   /* used for unrecognized requests */
318         HTTP_INTERNAL_SERVER_ERROR = 500,
319         HTTP_CONTINUE = 100,
320 #if 0   /* future use */
321         HTTP_SWITCHING_PROTOCOLS = 101,
322         HTTP_CREATED = 201,
323         HTTP_ACCEPTED = 202,
324         HTTP_NON_AUTHORITATIVE_INFO = 203,
325         HTTP_NO_CONTENT = 204,
326         HTTP_MULTIPLE_CHOICES = 300,
327         HTTP_MOVED_PERMANENTLY = 301,
328         HTTP_NOT_MODIFIED = 304,
329         HTTP_PAYMENT_REQUIRED = 402,
330         HTTP_BAD_GATEWAY = 502,
331         HTTP_SERVICE_UNAVAILABLE = 503, /* overload, maintenance */
332 #endif
333 };
334
335 static const uint16_t http_response_type[] ALIGN2 = {
336         HTTP_OK,
337 #if ENABLE_FEATURE_HTTPD_RANGES
338         HTTP_PARTIAL_CONTENT,
339 #endif
340         HTTP_MOVED_TEMPORARILY,
341         HTTP_REQUEST_TIMEOUT,
342         HTTP_NOT_IMPLEMENTED,
343 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
344         HTTP_UNAUTHORIZED,
345 #endif
346         HTTP_NOT_FOUND,
347         HTTP_BAD_REQUEST,
348         HTTP_FORBIDDEN,
349         HTTP_INTERNAL_SERVER_ERROR,
350 #if 0   /* not implemented */
351         HTTP_CREATED,
352         HTTP_ACCEPTED,
353         HTTP_NO_CONTENT,
354         HTTP_MULTIPLE_CHOICES,
355         HTTP_MOVED_PERMANENTLY,
356         HTTP_NOT_MODIFIED,
357         HTTP_BAD_GATEWAY,
358         HTTP_SERVICE_UNAVAILABLE,
359 #endif
360 };
361
362 static const struct {
363         const char *name;
364         const char *info;
365 } http_response[ARRAY_SIZE(http_response_type)] = {
366         { "OK", NULL },
367 #if ENABLE_FEATURE_HTTPD_RANGES
368         { "Partial Content", NULL },
369 #endif
370         { "Found", NULL },
371         { "Request Timeout", "No request appeared within 60 seconds" },
372         { "Not Implemented", "The requested method is not recognized" },
373 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
374         { "Unauthorized", "" },
375 #endif
376         { "Not Found", "The requested URL was not found" },
377         { "Bad Request", "Unsupported method" },
378         { "Forbidden", ""  },
379         { "Internal Server Error", "Internal Server Error" },
380 #if 0   /* not implemented */
381         { "Created" },
382         { "Accepted" },
383         { "No Content" },
384         { "Multiple Choices" },
385         { "Moved Permanently" },
386         { "Not Modified" },
387         { "Bad Gateway", "" },
388         { "Service Unavailable", "" },
389 #endif
390 };
391
392 struct globals {
393         int verbose;            /* must be int (used by getopt32) */
394         smallint flg_deny_all;
395
396         unsigned rmt_ip;        /* used for IP-based allow/deny rules */
397         time_t last_mod;
398         char *rmt_ip_str;       /* for $REMOTE_ADDR and $REMOTE_PORT */
399         const char *bind_addr_or_port;
400
401         const char *g_query;
402         const char *opt_c_configFile;
403         const char *home_httpd;
404         const char *index_page;
405
406         const char *found_mime_type;
407         const char *found_moved_temporarily;
408         Htaccess_IP *ip_a_d;    /* config allow/deny lines */
409
410         IF_FEATURE_HTTPD_BASIC_AUTH(const char *g_realm;)
411         IF_FEATURE_HTTPD_BASIC_AUTH(char *remoteuser;)
412         IF_FEATURE_HTTPD_CGI(char *referer;)
413         IF_FEATURE_HTTPD_CGI(char *user_agent;)
414         IF_FEATURE_HTTPD_CGI(char *host;)
415         IF_FEATURE_HTTPD_CGI(char *http_accept;)
416         IF_FEATURE_HTTPD_CGI(char *http_accept_language;)
417
418         off_t file_size;        /* -1 - unknown */
419 #if ENABLE_FEATURE_HTTPD_RANGES
420         off_t range_start;
421         off_t range_end;
422         off_t range_len;
423 #endif
424
425 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
426         Htaccess *g_auth;       /* config user:password lines */
427 #endif
428         Htaccess *mime_a;       /* config mime types */
429 #if ENABLE_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
430         Htaccess *script_i;     /* config script interpreters */
431 #endif
432         char *iobuf;            /* [IOBUF_SIZE] */
433 #define        hdr_buf bb_common_bufsiz1
434 #define sizeof_hdr_buf COMMON_BUFSIZE
435         char *hdr_ptr;
436         int hdr_cnt;
437 #if ENABLE_FEATURE_HTTPD_ERROR_PAGES
438         const char *http_error_page[ARRAY_SIZE(http_response_type)];
439 #endif
440 #if ENABLE_FEATURE_HTTPD_PROXY
441         Htaccess_Proxy *proxy;
442 #endif
443 #if ENABLE_FEATURE_HTTPD_GZIP
444         /* client can handle gzip / we are going to send gzip */
445         smallint content_gzip;
446 #endif
447 };
448 #define G (*ptr_to_globals)
449 #define verbose           (G.verbose          )
450 #define flg_deny_all      (G.flg_deny_all     )
451 #define rmt_ip            (G.rmt_ip           )
452 #define bind_addr_or_port (G.bind_addr_or_port)
453 #define g_query           (G.g_query          )
454 #define opt_c_configFile  (G.opt_c_configFile )
455 #define home_httpd        (G.home_httpd       )
456 #define index_page        (G.index_page       )
457 #define found_mime_type   (G.found_mime_type  )
458 #define found_moved_temporarily (G.found_moved_temporarily)
459 #define last_mod          (G.last_mod         )
460 #define ip_a_d            (G.ip_a_d           )
461 #define g_realm           (G.g_realm          )
462 #define remoteuser        (G.remoteuser       )
463 #define file_size         (G.file_size        )
464 #if ENABLE_FEATURE_HTTPD_RANGES
465 #define range_start       (G.range_start      )
466 #define range_end         (G.range_end        )
467 #define range_len         (G.range_len        )
468 #else
469 enum {
470         range_start = -1,
471         range_end = MAXINT(off_t) - 1,
472         range_len = MAXINT(off_t),
473 };
474 #endif
475 #define rmt_ip_str        (G.rmt_ip_str       )
476 #define g_auth            (G.g_auth           )
477 #define mime_a            (G.mime_a           )
478 #define script_i          (G.script_i         )
479 #define iobuf             (G.iobuf            )
480 #define hdr_ptr           (G.hdr_ptr          )
481 #define hdr_cnt           (G.hdr_cnt          )
482 #define http_error_page   (G.http_error_page  )
483 #define proxy             (G.proxy            )
484 #if ENABLE_FEATURE_HTTPD_GZIP
485 # define content_gzip     (G.content_gzip     )
486 #else
487 # define content_gzip     0
488 #endif
489 #define INIT_G() do { \
490         setup_common_bufsiz(); \
491         SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \
492         IF_FEATURE_HTTPD_BASIC_AUTH(g_realm = "Web Server Authentication";) \
493         IF_FEATURE_HTTPD_RANGES(range_start = -1;) \
494         bind_addr_or_port = "80"; \
495         index_page = index_html; \
496         file_size = -1; \
497 } while (0)
498
499
500 #define STRNCASECMP(a, str) strncasecmp((a), (str), sizeof(str)-1)
501
502 /* Prototypes */
503 enum {
504         SEND_HEADERS     = (1 << 0),
505         SEND_BODY        = (1 << 1),
506         SEND_HEADERS_AND_BODY = SEND_HEADERS + SEND_BODY,
507 };
508 static void send_file_and_exit(const char *url, int what) NORETURN;
509
510 static void free_llist(has_next_ptr **pptr)
511 {
512         has_next_ptr *cur = *pptr;
513         while (cur) {
514                 has_next_ptr *t = cur;
515                 cur = cur->next;
516                 free(t);
517         }
518         *pptr = NULL;
519 }
520
521 static ALWAYS_INLINE void free_Htaccess_list(Htaccess **pptr)
522 {
523         free_llist((has_next_ptr**)pptr);
524 }
525
526 static ALWAYS_INLINE void free_Htaccess_IP_list(Htaccess_IP **pptr)
527 {
528         free_llist((has_next_ptr**)pptr);
529 }
530
531 /* Returns presumed mask width in bits or < 0 on error.
532  * Updates strp, stores IP at provided pointer */
533 static int scan_ip(const char **strp, unsigned *ipp, unsigned char endc)
534 {
535         const char *p = *strp;
536         int auto_mask = 8;
537         unsigned ip = 0;
538         int j;
539
540         if (*p == '/')
541                 return -auto_mask;
542
543         for (j = 0; j < 4; j++) {
544                 unsigned octet;
545
546                 if ((*p < '0' || *p > '9') && *p != '/' && *p)
547                         return -auto_mask;
548                 octet = 0;
549                 while (*p >= '0' && *p <= '9') {
550                         octet *= 10;
551                         octet += *p - '0';
552                         if (octet > 255)
553                                 return -auto_mask;
554                         p++;
555                 }
556                 if (*p == '.')
557                         p++;
558                 if (*p != '/' && *p)
559                         auto_mask += 8;
560                 ip = (ip << 8) | octet;
561         }
562         if (*p) {
563                 if (*p != endc)
564                         return -auto_mask;
565                 p++;
566                 if (*p == '\0')
567                         return -auto_mask;
568         }
569         *ipp = ip;
570         *strp = p;
571         return auto_mask;
572 }
573
574 /* Returns 0 on success. Stores IP and mask at provided pointers */
575 static int scan_ip_mask(const char *str, unsigned *ipp, unsigned *maskp)
576 {
577         int i;
578         unsigned mask;
579         char *p;
580
581         i = scan_ip(&str, ipp, '/');
582         if (i < 0)
583                 return i;
584
585         if (*str) {
586                 /* there is /xxx after dotted-IP address */
587                 i = bb_strtou(str, &p, 10);
588                 if (*p == '.') {
589                         /* 'xxx' itself is dotted-IP mask, parse it */
590                         /* (return 0 (success) only if it has N.N.N.N form) */
591                         return scan_ip(&str, maskp, '\0') - 32;
592                 }
593                 if (*p)
594                         return -1;
595         }
596
597         if (i > 32)
598                 return -1;
599
600         if (sizeof(unsigned) == 4 && i == 32) {
601                 /* mask >>= 32 below may not work */
602                 mask = 0;
603         } else {
604                 mask = 0xffffffff;
605                 mask >>= i;
606         }
607         /* i == 0 -> *maskp = 0x00000000
608          * i == 1 -> *maskp = 0x80000000
609          * i == 4 -> *maskp = 0xf0000000
610          * i == 31 -> *maskp = 0xfffffffe
611          * i == 32 -> *maskp = 0xffffffff */
612         *maskp = (uint32_t)(~mask);
613         return 0;
614 }
615
616 /*
617  * Parse configuration file into in-memory linked list.
618  *
619  * Any previous IP rules are discarded.
620  * If the flag argument is not SUBDIR_PARSE then all /path and mime rules
621  * are also discarded.  That is, previous settings are retained if flag is
622  * SUBDIR_PARSE.
623  * Error pages are only parsed on the main config file.
624  *
625  * path   Path where to look for httpd.conf (without filename).
626  * flag   Type of the parse request.
627  */
628 /* flag param: */
629 enum {
630         FIRST_PARSE    = 0, /* path will be "/etc" */
631         SIGNALED_PARSE = 1, /* path will be "/etc" */
632         SUBDIR_PARSE   = 2, /* path will be derived from URL */
633 };
634 static void parse_conf(const char *path, int flag)
635 {
636         /* internally used extra flag state */
637         enum { TRY_CURDIR_PARSE = 3 };
638
639         FILE *f;
640         const char *filename;
641         char buf[160];
642
643         /* discard old rules */
644         free_Htaccess_IP_list(&ip_a_d);
645         flg_deny_all = 0;
646         /* retain previous auth and mime config only for subdir parse */
647         if (flag != SUBDIR_PARSE) {
648                 free_Htaccess_list(&mime_a);
649 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
650                 free_Htaccess_list(&g_auth);
651 #endif
652 #if ENABLE_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
653                 free_Htaccess_list(&script_i);
654 #endif
655         }
656
657         filename = opt_c_configFile;
658         if (flag == SUBDIR_PARSE || filename == NULL) {
659                 filename = alloca(strlen(path) + sizeof(HTTPD_CONF) + 2);
660                 sprintf((char *)filename, "%s/%s", path, HTTPD_CONF);
661         }
662
663         while ((f = fopen_for_read(filename)) == NULL) {
664                 if (flag >= SUBDIR_PARSE) { /* SUBDIR or TRY_CURDIR */
665                         /* config file not found, no changes to config */
666                         return;
667                 }
668                 if (flag == FIRST_PARSE) {
669                         /* -c CONFFILE given, but CONFFILE doesn't exist? */
670                         if (opt_c_configFile)
671                                 bb_simple_perror_msg_and_die(opt_c_configFile);
672                         /* else: no -c, thus we looked at /etc/httpd.conf,
673                          * and it's not there. try ./httpd.conf: */
674                 }
675                 flag = TRY_CURDIR_PARSE;
676                 filename = HTTPD_CONF;
677         }
678
679 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
680         /* in "/file:user:pass" lines, we prepend path in subdirs */
681         if (flag != SUBDIR_PARSE)
682                 path = "";
683 #endif
684         /* The lines can be:
685          *
686          * I:default_index_file
687          * H:http_home
688          * [AD]:IP[/mask]   # allow/deny, * for wildcard
689          * Ennn:error.html  # error page for status nnn
690          * P:/url:[http://]hostname[:port]/new/path # reverse proxy
691          * .ext:mime/type   # mime type
692          * *.php:/path/php  # run xxx.php through an interpreter
693          * /file:user:pass  # username and password
694          */
695         while (fgets(buf, sizeof(buf), f) != NULL) {
696                 unsigned strlen_buf;
697                 unsigned char ch;
698                 char *after_colon;
699
700                 { /* remove all whitespace, and # comments */
701                         char *p, *p0;
702
703                         p0 = buf;
704                         /* skip non-whitespace beginning. Often the whole line
705                          * is non-whitespace. We want this case to work fast,
706                          * without needless copying, therefore we don't merge
707                          * this operation into next while loop. */
708                         while ((ch = *p0) != '\0' && ch != '\n' && ch != '#'
709                          && ch != ' ' && ch != '\t'
710                         ) {
711                                 p0++;
712                         }
713                         p = p0;
714                         /* if we enter this loop, we have some whitespace.
715                          * discard it */
716                         while (ch != '\0' && ch != '\n' && ch != '#') {
717                                 if (ch != ' ' && ch != '\t') {
718                                         *p++ = ch;
719                                 }
720                                 ch = *++p0;
721                         }
722                         *p = '\0';
723                         strlen_buf = p - buf;
724                         if (strlen_buf == 0)
725                                 continue; /* empty line */
726                 }
727
728                 after_colon = strchr(buf, ':');
729                 /* strange line? */
730                 if (after_colon == NULL || *++after_colon == '\0')
731                         goto config_error;
732
733                 ch = (buf[0] & ~0x20); /* toupper if it's a letter */
734
735                 if (ch == 'I') {
736                         if (index_page != index_html)
737                                 free((char*)index_page);
738                         index_page = xstrdup(after_colon);
739                         continue;
740                 }
741
742                 /* do not allow jumping around using H in subdir's configs */
743                 if (flag == FIRST_PARSE && ch == 'H') {
744                         home_httpd = xstrdup(after_colon);
745                         xchdir(home_httpd);
746                         continue;
747                 }
748
749                 if (ch == 'A' || ch == 'D') {
750                         Htaccess_IP *pip;
751
752                         if (*after_colon == '*') {
753                                 if (ch == 'D') {
754                                         /* memorize "deny all" */
755                                         flg_deny_all = 1;
756                                 }
757                                 /* skip assumed "A:*", it is a default anyway */
758                                 continue;
759                         }
760                         /* store "allow/deny IP/mask" line */
761                         pip = xzalloc(sizeof(*pip));
762                         if (scan_ip_mask(after_colon, &pip->ip, &pip->mask)) {
763                                 /* IP{/mask} syntax error detected, protect all */
764                                 ch = 'D';
765                                 pip->mask = 0;
766                         }
767                         pip->allow_deny = ch;
768                         if (ch == 'D') {
769                                 /* Deny:from_IP - prepend */
770                                 pip->next = ip_a_d;
771                                 ip_a_d = pip;
772                         } else {
773                                 /* A:from_IP - append (thus all D's precedes A's) */
774                                 Htaccess_IP *prev_IP = ip_a_d;
775                                 if (prev_IP == NULL) {
776                                         ip_a_d = pip;
777                                 } else {
778                                         while (prev_IP->next)
779                                                 prev_IP = prev_IP->next;
780                                         prev_IP->next = pip;
781                                 }
782                         }
783                         continue;
784                 }
785
786 #if ENABLE_FEATURE_HTTPD_ERROR_PAGES
787                 if (flag == FIRST_PARSE && ch == 'E') {
788                         unsigned i;
789                         int status = atoi(buf + 1); /* error status code */
790
791                         if (status < HTTP_CONTINUE) {
792                                 goto config_error;
793                         }
794                         /* then error page; find matching status */
795                         for (i = 0; i < ARRAY_SIZE(http_response_type); i++) {
796                                 if (http_response_type[i] == status) {
797                                         /* We chdir to home_httpd, thus no need to
798                                          * concat_path_file(home_httpd, after_colon)
799                                          * here */
800                                         http_error_page[i] = xstrdup(after_colon);
801                                         break;
802                                 }
803                         }
804                         continue;
805                 }
806 #endif
807
808 #if ENABLE_FEATURE_HTTPD_PROXY
809                 if (flag == FIRST_PARSE && ch == 'P') {
810                         /* P:/url:[http://]hostname[:port]/new/path */
811                         char *url_from, *host_port, *url_to;
812                         Htaccess_Proxy *proxy_entry;
813
814                         url_from = after_colon;
815                         host_port = strchr(after_colon, ':');
816                         if (host_port == NULL) {
817                                 goto config_error;
818                         }
819                         *host_port++ = '\0';
820                         if (is_prefixed_with(host_port, "http://"))
821                                 host_port += 7;
822                         if (*host_port == '\0') {
823                                 goto config_error;
824                         }
825                         url_to = strchr(host_port, '/');
826                         if (url_to == NULL) {
827                                 goto config_error;
828                         }
829                         *url_to = '\0';
830                         proxy_entry = xzalloc(sizeof(*proxy_entry));
831                         proxy_entry->url_from = xstrdup(url_from);
832                         proxy_entry->host_port = xstrdup(host_port);
833                         *url_to = '/';
834                         proxy_entry->url_to = xstrdup(url_to);
835                         proxy_entry->next = proxy;
836                         proxy = proxy_entry;
837                         continue;
838                 }
839 #endif
840                 /* the rest of directives are non-alphabetic,
841                  * must avoid using "toupper'ed" ch */
842                 ch = buf[0];
843
844                 if (ch == '.' /* ".ext:mime/type" */
845 #if ENABLE_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
846                  || (ch == '*' && buf[1] == '.') /* "*.php:/path/php" */
847 #endif
848                 ) {
849                         char *p;
850                         Htaccess *cur;
851
852                         cur = xzalloc(sizeof(*cur) /* includes space for NUL */ + strlen_buf);
853                         strcpy(cur->before_colon, buf);
854                         p = cur->before_colon + (after_colon - buf);
855                         p[-1] = '\0';
856                         cur->after_colon = p;
857                         if (ch == '.') {
858                                 /* .mime line: prepend to mime_a list */
859                                 cur->next = mime_a;
860                                 mime_a = cur;
861                         }
862 #if ENABLE_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
863                         else {
864                                 /* script interpreter line: prepend to script_i list */
865                                 cur->next = script_i;
866                                 script_i = cur;
867                         }
868 #endif
869                         continue;
870                 }
871
872 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
873                 if (ch == '/') { /* "/file:user:pass" */
874                         char *p;
875                         Htaccess *cur;
876                         unsigned file_len;
877
878                         /* note: path is "" unless we are in SUBDIR parse,
879                          * otherwise it does NOT start with "/" */
880                         cur = xzalloc(sizeof(*cur) /* includes space for NUL */
881                                 + 1 + strlen(path)
882                                 + strlen_buf
883                                 );
884                         /* form "/path/file" */
885                         sprintf(cur->before_colon, "/%s%.*s",
886                                 path,
887                                 (int) (after_colon - buf - 1), /* includes "/", but not ":" */
888                                 buf);
889                         /* canonicalize it */
890                         p = bb_simplify_abs_path_inplace(cur->before_colon);
891                         file_len = p - cur->before_colon;
892                         /* add "user:pass" after NUL */
893                         strcpy(++p, after_colon);
894                         cur->after_colon = p;
895
896                         /* insert cur into g_auth */
897                         /* g_auth is sorted by decreased filename length */
898                         {
899                                 Htaccess *auth, **authp;
900
901                                 authp = &g_auth;
902                                 while ((auth = *authp) != NULL) {
903                                         if (file_len >= strlen(auth->before_colon)) {
904                                                 /* insert cur before auth */
905                                                 cur->next = auth;
906                                                 break;
907                                         }
908                                         authp = &auth->next;
909                                 }
910                                 *authp = cur;
911                         }
912                         continue;
913                 }
914 #endif /* BASIC_AUTH */
915
916                 /* the line is not recognized */
917  config_error:
918                 bb_error_msg("config error '%s' in '%s'", buf, filename);
919         } /* while (fgets) */
920
921         fclose(f);
922 }
923
924 #if ENABLE_FEATURE_HTTPD_ENCODE_URL_STR
925 /*
926  * Given a string, html-encode special characters.
927  * This is used for the -e command line option to provide an easy way
928  * for scripts to encode result data without confusing browsers.  The
929  * returned string pointer is memory allocated by malloc().
930  *
931  * Returns a pointer to the encoded string (malloced).
932  */
933 static char *encodeString(const char *string)
934 {
935         /* take the simple route and encode everything */
936         /* could possibly scan once to get length.     */
937         int len = strlen(string);
938         char *out = xmalloc(len * 6 + 1);
939         char *p = out;
940         char ch;
941
942         while ((ch = *string++) != '\0') {
943                 /* very simple check for what to encode */
944                 if (isalnum(ch))
945                         *p++ = ch;
946                 else
947                         p += sprintf(p, "&#%d;", (unsigned char) ch);
948         }
949         *p = '\0';
950         return out;
951 }
952 #endif
953
954 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
955 /*
956  * Decode a base64 data stream as per rfc1521.
957  * Note that the rfc states that non base64 chars are to be ignored.
958  * Since the decode always results in a shorter size than the input,
959  * it is OK to pass the input arg as an output arg.
960  * Parameter: a pointer to a base64 encoded string.
961  * Decoded data is stored in-place.
962  */
963 static void decodeBase64(char *Data)
964 {
965         const unsigned char *in = (const unsigned char *)Data;
966         /* The decoded size will be at most 3/4 the size of the encoded */
967         unsigned ch = 0;
968         int i = 0;
969
970         while (*in) {
971                 int t = *in++;
972
973                 if (t >= '0' && t <= '9')
974                         t = t - '0' + 52;
975                 else if (t >= 'A' && t <= 'Z')
976                         t = t - 'A';
977                 else if (t >= 'a' && t <= 'z')
978                         t = t - 'a' + 26;
979                 else if (t == '+')
980                         t = 62;
981                 else if (t == '/')
982                         t = 63;
983                 else if (t == '=')
984                         t = 0;
985                 else
986                         continue;
987
988                 ch = (ch << 6) | t;
989                 i++;
990                 if (i == 4) {
991                         *Data++ = (char) (ch >> 16);
992                         *Data++ = (char) (ch >> 8);
993                         *Data++ = (char) ch;
994                         i = 0;
995                 }
996         }
997         *Data = '\0';
998 }
999 #endif
1000
1001 /*
1002  * Create a listen server socket on the designated port.
1003  */
1004 static int openServer(void)
1005 {
1006         unsigned n = bb_strtou(bind_addr_or_port, NULL, 10);
1007         if (!errno && n && n <= 0xffff)
1008                 n = create_and_bind_stream_or_die(NULL, n);
1009         else
1010                 n = create_and_bind_stream_or_die(bind_addr_or_port, 80);
1011         xlisten(n, 9);
1012         return n;
1013 }
1014
1015 /*
1016  * Log the connection closure and exit.
1017  */
1018 static void log_and_exit(void) NORETURN;
1019 static void log_and_exit(void)
1020 {
1021         /* Paranoia. IE said to be buggy. It may send some extra data
1022          * or be confused by us just exiting without SHUT_WR. Oh well. */
1023         shutdown(1, SHUT_WR);
1024         /* Why??
1025         (this also messes up stdin when user runs httpd -i from terminal)
1026         ndelay_on(0);
1027         while (read(STDIN_FILENO, iobuf, IOBUF_SIZE) > 0)
1028                 continue;
1029         */
1030
1031         if (verbose > 2)
1032                 bb_error_msg("closed");
1033         _exit(xfunc_error_retval);
1034 }
1035
1036 /*
1037  * Create and send HTTP response headers.
1038  * The arguments are combined and sent as one write operation.  Note that
1039  * IE will puke big-time if the headers are not sent in one packet and the
1040  * second packet is delayed for any reason.
1041  * responseNum - the result code to send.
1042  */
1043 static void send_headers(int responseNum)
1044 {
1045         static const char RFC1123FMT[] ALIGN1 = "%a, %d %b %Y %H:%M:%S GMT";
1046         /* Fixed size 29-byte string. Example: Sun, 06 Nov 1994 08:49:37 GMT */
1047         char date_str[40]; /* using a bit larger buffer to paranoia reasons */
1048
1049         const char *responseString = "";
1050         const char *infoString = NULL;
1051 #if ENABLE_FEATURE_HTTPD_ERROR_PAGES
1052         const char *error_page = NULL;
1053 #endif
1054         unsigned i;
1055         time_t timer = time(NULL);
1056         int len;
1057
1058         for (i = 0; i < ARRAY_SIZE(http_response_type); i++) {
1059                 if (http_response_type[i] == responseNum) {
1060                         responseString = http_response[i].name;
1061                         infoString = http_response[i].info;
1062 #if ENABLE_FEATURE_HTTPD_ERROR_PAGES
1063                         error_page = http_error_page[i];
1064 #endif
1065                         break;
1066                 }
1067         }
1068
1069         if (verbose)
1070                 bb_error_msg("response:%u", responseNum);
1071
1072         /* We use sprintf, not snprintf (it's less code).
1073          * iobuf[] is several kbytes long and all headers we generate
1074          * always fit into those kbytes.
1075          */
1076
1077         strftime(date_str, sizeof(date_str), RFC1123FMT, gmtime(&timer));
1078         len = sprintf(iobuf,
1079                         "HTTP/1.0 %d %s\r\n"
1080                         "Content-type: %s\r\n"
1081                         "Date: %s\r\n"
1082                         "Connection: close\r\n",
1083                         responseNum, responseString,
1084                         /* if it's error message, then it's HTML */
1085                         (responseNum == HTTP_OK ? found_mime_type : "text/html"),
1086                         date_str
1087         );
1088
1089 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
1090         if (responseNum == HTTP_UNAUTHORIZED) {
1091                 len += sprintf(iobuf + len,
1092                                 "WWW-Authenticate: Basic realm=\"%.999s\"\r\n",
1093                                 g_realm /* %.999s protects from overflowing iobuf[] */
1094                 );
1095         }
1096 #endif
1097         if (responseNum == HTTP_MOVED_TEMPORARILY) {
1098                 /* Responding to "GET /dir" with
1099                  * "HTTP/1.0 302 Found" "Location: /dir/"
1100                  * - IOW, asking them to repeat with a slash.
1101                  * Here, overflow IS possible, can't use sprintf:
1102                  * mkdir test
1103                  * python -c 'print("get /test?" + ("x" * 8192))' | busybox httpd -i -h .
1104                  */
1105                 len += snprintf(iobuf + len, IOBUF_SIZE-3 - len,
1106                                 "Location: %s/%s%s\r\n",
1107                                 found_moved_temporarily,
1108                                 (g_query ? "?" : ""),
1109                                 (g_query ? g_query : "")
1110                 );
1111                 if (len > IOBUF_SIZE-3)
1112                         len = IOBUF_SIZE-3;
1113         }
1114
1115 #if ENABLE_FEATURE_HTTPD_ERROR_PAGES
1116         if (error_page && access(error_page, R_OK) == 0) {
1117                 iobuf[len++] = '\r';
1118                 iobuf[len++] = '\n';
1119                 if (DEBUG) {
1120                         iobuf[len] = '\0';
1121                         fprintf(stderr, "headers: '%s'\n", iobuf);
1122                 }
1123                 full_write(STDOUT_FILENO, iobuf, len);
1124                 if (DEBUG)
1125                         fprintf(stderr, "writing error page: '%s'\n", error_page);
1126                 return send_file_and_exit(error_page, SEND_BODY);
1127         }
1128 #endif
1129
1130         if (file_size != -1) {    /* file */
1131                 strftime(date_str, sizeof(date_str), RFC1123FMT, gmtime(&last_mod));
1132 #if ENABLE_FEATURE_HTTPD_RANGES
1133                 if (responseNum == HTTP_PARTIAL_CONTENT) {
1134                         len += sprintf(iobuf + len,
1135                                 "Content-Range: bytes %"OFF_FMT"u-%"OFF_FMT"u/%"OFF_FMT"u\r\n",
1136                                         range_start,
1137                                         range_end,
1138                                         file_size
1139                         );
1140                         file_size = range_end - range_start + 1;
1141                 }
1142 #endif
1143                 len += sprintf(iobuf + len,
1144 #if ENABLE_FEATURE_HTTPD_RANGES
1145                         "Accept-Ranges: bytes\r\n"
1146 #endif
1147                         "Last-Modified: %s\r\n"
1148                         "%s %"OFF_FMT"u\r\n",
1149                                 date_str,
1150                                 content_gzip ? "Transfer-Length:" : "Content-Length:",
1151                                 file_size
1152                 );
1153         }
1154
1155         if (content_gzip)
1156                 len += sprintf(iobuf + len, "Content-Encoding: gzip\r\n");
1157
1158         iobuf[len++] = '\r';
1159         iobuf[len++] = '\n';
1160         if (infoString) {
1161                 len += sprintf(iobuf + len,
1162                                 "<HTML><HEAD><TITLE>%d %s</TITLE></HEAD>\n"
1163                                 "<BODY><H1>%d %s</H1>\n"
1164                                 "%s\n"
1165                                 "</BODY></HTML>\n",
1166                                 responseNum, responseString,
1167                                 responseNum, responseString,
1168                                 infoString
1169                 );
1170         }
1171         if (DEBUG) {
1172                 iobuf[len] = '\0';
1173                 fprintf(stderr, "headers: '%s'\n", iobuf);
1174         }
1175         if (full_write(STDOUT_FILENO, iobuf, len) != len) {
1176                 if (verbose > 1)
1177                         bb_perror_msg("error");
1178                 log_and_exit();
1179         }
1180 }
1181
1182 static void send_headers_and_exit(int responseNum) NORETURN;
1183 static void send_headers_and_exit(int responseNum)
1184 {
1185         IF_FEATURE_HTTPD_GZIP(content_gzip = 0;)
1186         send_headers(responseNum);
1187         log_and_exit();
1188 }
1189
1190 /*
1191  * Read from the socket until '\n' or EOF. '\r' chars are removed.
1192  * '\n' is replaced with NUL.
1193  * Return number of characters read or 0 if nothing is read
1194  * ('\r' and '\n' are not counted).
1195  * Data is returned in iobuf.
1196  */
1197 static int get_line(void)
1198 {
1199         int count = 0;
1200         char c;
1201
1202         alarm(HEADER_READ_TIMEOUT);
1203         while (1) {
1204                 if (hdr_cnt <= 0) {
1205                         hdr_cnt = safe_read(STDIN_FILENO, hdr_buf, sizeof_hdr_buf);
1206                         if (hdr_cnt <= 0)
1207                                 break;
1208                         hdr_ptr = hdr_buf;
1209                 }
1210                 iobuf[count] = c = *hdr_ptr++;
1211                 hdr_cnt--;
1212
1213                 if (c == '\r')
1214                         continue;
1215                 if (c == '\n') {
1216                         iobuf[count] = '\0';
1217                         break;
1218                 }
1219                 if (count < (IOBUF_SIZE - 1))      /* check overflow */
1220                         count++;
1221         }
1222         return count;
1223 }
1224
1225 #if ENABLE_FEATURE_HTTPD_CGI || ENABLE_FEATURE_HTTPD_PROXY
1226
1227 /* gcc 4.2.1 fares better with NOINLINE */
1228 static NOINLINE void cgi_io_loop_and_exit(int fromCgi_rd, int toCgi_wr, int post_len) NORETURN;
1229 static NOINLINE void cgi_io_loop_and_exit(int fromCgi_rd, int toCgi_wr, int post_len)
1230 {
1231         enum { FROM_CGI = 1, TO_CGI = 2 }; /* indexes in pfd[] */
1232         struct pollfd pfd[3];
1233         int out_cnt; /* we buffer a bit of initial CGI output */
1234         int count;
1235
1236         /* iobuf is used for CGI -> network data,
1237          * hdr_buf is for network -> CGI data (POSTDATA) */
1238
1239         /* If CGI dies, we still want to correctly finish reading its output
1240          * and send it to the peer. So please no SIGPIPEs! */
1241         signal(SIGPIPE, SIG_IGN);
1242
1243         // We inconsistently handle a case when more POSTDATA from network
1244         // is coming than we expected. We may give *some part* of that
1245         // extra data to CGI.
1246
1247         //if (hdr_cnt > post_len) {
1248         //      /* We got more POSTDATA from network than we expected */
1249         //      hdr_cnt = post_len;
1250         //}
1251         post_len -= hdr_cnt;
1252         /* post_len - number of POST bytes not yet read from network */
1253
1254         /* NB: breaking out of this loop jumps to log_and_exit() */
1255         out_cnt = 0;
1256         pfd[FROM_CGI].fd = fromCgi_rd;
1257         pfd[FROM_CGI].events = POLLIN;
1258         pfd[TO_CGI].fd = toCgi_wr;
1259         while (1) {
1260                 /* Note: even pfd[0].events == 0 won't prevent
1261                  * revents == POLLHUP|POLLERR reports from closed stdin.
1262                  * Setting fd to -1 works: */
1263                 pfd[0].fd = -1;
1264                 pfd[0].events = POLLIN;
1265                 pfd[0].revents = 0; /* probably not needed, paranoia */
1266
1267                 /* We always poll this fd, thus kernel always sets revents: */
1268                 /*pfd[FROM_CGI].events = POLLIN; - moved out of loop */
1269                 /*pfd[FROM_CGI].revents = 0; - not needed */
1270
1271                 /* gcc-4.8.0 still doesnt fill two shorts with one insn :( */
1272                 /* http://gcc.gnu.org/bugzilla/show_bug.cgi?id=47059 */
1273                 /* hopefully one day it will... */
1274                 pfd[TO_CGI].events = POLLOUT;
1275                 pfd[TO_CGI].revents = 0; /* needed! */
1276
1277                 if (toCgi_wr && hdr_cnt <= 0) {
1278                         if (post_len > 0) {
1279                                 /* Expect more POST data from network */
1280                                 pfd[0].fd = 0;
1281                         } else {
1282                                 /* post_len <= 0 && hdr_cnt <= 0:
1283                                  * no more POST data to CGI,
1284                                  * let CGI see EOF on CGI's stdin */
1285                                 if (toCgi_wr != fromCgi_rd)
1286                                         close(toCgi_wr);
1287                                 toCgi_wr = 0;
1288                         }
1289                 }
1290
1291                 /* Now wait on the set of sockets */
1292                 count = safe_poll(pfd, hdr_cnt > 0 ? TO_CGI+1 : FROM_CGI+1, -1);
1293                 if (count <= 0) {
1294 #if 0
1295                         if (safe_waitpid(pid, &status, WNOHANG) <= 0) {
1296                                 /* Weird. CGI didn't exit and no fd's
1297                                  * are ready, yet poll returned?! */
1298                                 continue;
1299                         }
1300                         if (DEBUG && WIFEXITED(status))
1301                                 bb_error_msg("CGI exited, status=%d", WEXITSTATUS(status));
1302                         if (DEBUG && WIFSIGNALED(status))
1303                                 bb_error_msg("CGI killed, signal=%d", WTERMSIG(status));
1304 #endif
1305                         break;
1306                 }
1307
1308                 if (pfd[TO_CGI].revents) {
1309                         /* hdr_cnt > 0 here due to the way poll() called */
1310                         /* Have data from peer and can write to CGI */
1311                         count = safe_write(toCgi_wr, hdr_ptr, hdr_cnt);
1312                         /* Doesn't happen, we dont use nonblocking IO here
1313                          *if (count < 0 && errno == EAGAIN) {
1314                          *      ...
1315                          *} else */
1316                         if (count > 0) {
1317                                 hdr_ptr += count;
1318                                 hdr_cnt -= count;
1319                         } else {
1320                                 /* EOF/broken pipe to CGI, stop piping POST data */
1321                                 hdr_cnt = post_len = 0;
1322                         }
1323                 }
1324
1325                 if (pfd[0].revents) {
1326                         /* post_len > 0 && hdr_cnt == 0 here */
1327                         /* We expect data, prev data portion is eaten by CGI
1328                          * and there *is* data to read from the peer
1329                          * (POSTDATA) */
1330                         //count = post_len > (int)sizeof_hdr_buf ? (int)sizeof_hdr_buf : post_len;
1331                         //count = safe_read(STDIN_FILENO, hdr_buf, count);
1332                         count = safe_read(STDIN_FILENO, hdr_buf, sizeof_hdr_buf);
1333                         if (count > 0) {
1334                                 hdr_cnt = count;
1335                                 hdr_ptr = hdr_buf;
1336                                 post_len -= count;
1337                         } else {
1338                                 /* no more POST data can be read */
1339                                 post_len = 0;
1340                         }
1341                 }
1342
1343                 if (pfd[FROM_CGI].revents) {
1344                         /* There is something to read from CGI */
1345                         char *rbuf = iobuf;
1346
1347                         /* Are we still buffering CGI output? */
1348                         if (out_cnt >= 0) {
1349                                 /* HTTP_200[] has single "\r\n" at the end.
1350                                  * According to http://hoohoo.ncsa.uiuc.edu/cgi/out.html,
1351                                  * CGI scripts MUST send their own header terminated by
1352                                  * empty line, then data. That's why we have only one
1353                                  * <cr><lf> pair here. We will output "200 OK" line
1354                                  * if needed, but CGI still has to provide blank line
1355                                  * between header and body */
1356
1357                                 /* Must use safe_read, not full_read, because
1358                                  * CGI may output a few first bytes and then wait
1359                                  * for POSTDATA without closing stdout.
1360                                  * With full_read we may wait here forever. */
1361                                 count = safe_read(fromCgi_rd, rbuf + out_cnt, PIPE_BUF - 8);
1362                                 if (count <= 0) {
1363                                         /* eof (or error) and there was no "HTTP",
1364                                          * so write it, then write received data */
1365                                         if (out_cnt) {
1366                                                 full_write(STDOUT_FILENO, HTTP_200, sizeof(HTTP_200)-1);
1367                                                 full_write(STDOUT_FILENO, rbuf, out_cnt);
1368                                         }
1369                                         break; /* CGI stdout is closed, exiting */
1370                                 }
1371                                 out_cnt += count;
1372                                 count = 0;
1373                                 /* "Status" header format is: "Status: 302 Redirected\r\n" */
1374                                 if (out_cnt >= 8 && memcmp(rbuf, "Status: ", 8) == 0) {
1375                                         /* send "HTTP/1.0 " */
1376                                         if (full_write(STDOUT_FILENO, HTTP_200, 9) != 9)
1377                                                 break;
1378                                         /* skip "Status: " (including space, sending "HTTP/1.0  NNN" is wrong) */
1379                                         rbuf += 8;
1380                                         count = out_cnt - 8;
1381                                         out_cnt = -1; /* buffering off */
1382                                 } else if (out_cnt >= 4) {
1383                                         /* Did CGI add "HTTP"? */
1384                                         if (memcmp(rbuf, HTTP_200, 4) != 0) {
1385                                                 /* there is no "HTTP", do it ourself */
1386                                                 if (full_write(STDOUT_FILENO, HTTP_200, sizeof(HTTP_200)-1) != sizeof(HTTP_200)-1)
1387                                                         break;
1388                                         }
1389                                         /* Commented out:
1390                                         if (!strstr(rbuf, "ontent-")) {
1391                                                 full_write(s, "Content-type: text/plain\r\n\r\n", 28);
1392                                         }
1393                                          * Counter-example of valid CGI without Content-type:
1394                                          * echo -en "HTTP/1.0 302 Found\r\n"
1395                                          * echo -en "Location: http://www.busybox.net\r\n"
1396                                          * echo -en "\r\n"
1397                                          */
1398                                         count = out_cnt;
1399                                         out_cnt = -1; /* buffering off */
1400                                 }
1401                         } else {
1402                                 count = safe_read(fromCgi_rd, rbuf, PIPE_BUF);
1403                                 if (count <= 0)
1404                                         break;  /* eof (or error) */
1405                         }
1406                         if (full_write(STDOUT_FILENO, rbuf, count) != count)
1407                                 break;
1408                         if (DEBUG)
1409                                 fprintf(stderr, "cgi read %d bytes: '%.*s'\n", count, count, rbuf);
1410                 } /* if (pfd[FROM_CGI].revents) */
1411         } /* while (1) */
1412         log_and_exit();
1413 }
1414 #endif
1415
1416 #if ENABLE_FEATURE_HTTPD_CGI
1417
1418 static void setenv1(const char *name, const char *value)
1419 {
1420         setenv(name, value ? value : "", 1);
1421 }
1422
1423 /*
1424  * Spawn CGI script, forward CGI's stdin/out <=> network
1425  *
1426  * Environment variables are set up and the script is invoked with pipes
1427  * for stdin/stdout.  If a POST is being done the script is fed the POST
1428  * data in addition to setting the QUERY_STRING variable (for GETs or POSTs).
1429  *
1430  * Parameters:
1431  * const char *url              The requested URL (with leading /).
1432  * const char *orig_uri         The original URI before rewriting (if any)
1433  * int post_len                 Length of the POST body.
1434  * const char *cookie           For set HTTP_COOKIE.
1435  * const char *content_type     For set CONTENT_TYPE.
1436  */
1437 static void send_cgi_and_exit(
1438                 const char *url,
1439                 const char *orig_uri,
1440                 const char *request,
1441                 int post_len,
1442                 const char *cookie,
1443                 const char *content_type) NORETURN;
1444 static void send_cgi_and_exit(
1445                 const char *url,
1446                 const char *orig_uri,
1447                 const char *request,
1448                 int post_len,
1449                 const char *cookie,
1450                 const char *content_type)
1451 {
1452         struct fd_pair fromCgi;  /* CGI -> httpd pipe */
1453         struct fd_pair toCgi;    /* httpd -> CGI pipe */
1454         char *script, *last_slash;
1455         int pid;
1456
1457         /* Make a copy. NB: caller guarantees:
1458          * url[0] == '/', url[1] != '/' */
1459         url = xstrdup(url);
1460
1461         /*
1462          * We are mucking with environment _first_ and then vfork/exec,
1463          * this allows us to use vfork safely. Parent doesn't care about
1464          * these environment changes anyway.
1465          */
1466
1467         /* Check for [dirs/]script.cgi/PATH_INFO */
1468         last_slash = script = (char*)url;
1469         while ((script = strchr(script + 1, '/')) != NULL) {
1470                 int dir;
1471                 *script = '\0';
1472                 dir = is_directory(url + 1, /*followlinks:*/ 1);
1473                 *script = '/';
1474                 if (!dir) {
1475                         /* not directory, found script.cgi/PATH_INFO */
1476                         break;
1477                 }
1478                 /* is directory, find next '/' */
1479                 last_slash = script;
1480         }
1481         setenv1("PATH_INFO", script);   /* set to /PATH_INFO or "" */
1482         setenv1("REQUEST_METHOD", request);
1483         if (g_query) {
1484                 putenv(xasprintf("%s=%s?%s", "REQUEST_URI", orig_uri, g_query));
1485         } else {
1486                 setenv1("REQUEST_URI", orig_uri);
1487         }
1488         if (script != NULL)
1489                 *script = '\0';         /* cut off /PATH_INFO */
1490
1491         /* SCRIPT_FILENAME is required by PHP in CGI mode */
1492         if (home_httpd[0] == '/') {
1493                 char *fullpath = concat_path_file(home_httpd, url);
1494                 setenv1("SCRIPT_FILENAME", fullpath);
1495         }
1496         /* set SCRIPT_NAME as full path: /cgi-bin/dirs/script.cgi */
1497         setenv1("SCRIPT_NAME", url);
1498         /* http://hoohoo.ncsa.uiuc.edu/cgi/env.html:
1499          * QUERY_STRING: The information which follows the ? in the URL
1500          * which referenced this script. This is the query information.
1501          * It should not be decoded in any fashion. This variable
1502          * should always be set when there is query information,
1503          * regardless of command line decoding. */
1504         /* (Older versions of bbox seem to do some decoding) */
1505         setenv1("QUERY_STRING", g_query);
1506         putenv((char*)"SERVER_SOFTWARE=busybox httpd/"BB_VER);
1507         putenv((char*)"SERVER_PROTOCOL=HTTP/1.0");
1508         putenv((char*)"GATEWAY_INTERFACE=CGI/1.1");
1509         /* Having _separate_ variables for IP and port defeats
1510          * the purpose of having socket abstraction. Which "port"
1511          * are you using on Unix domain socket?
1512          * IOW - REMOTE_PEER="1.2.3.4:56" makes much more sense.
1513          * Oh well... */
1514         {
1515                 char *p = rmt_ip_str ? rmt_ip_str : (char*)"";
1516                 char *cp = strrchr(p, ':');
1517                 if (ENABLE_FEATURE_IPV6 && cp && strchr(cp, ']'))
1518                         cp = NULL;
1519                 if (cp) *cp = '\0'; /* delete :PORT */
1520                 setenv1("REMOTE_ADDR", p);
1521                 if (cp) {
1522                         *cp = ':';
1523 #if ENABLE_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
1524                         setenv1("REMOTE_PORT", cp + 1);
1525 #endif
1526                 }
1527         }
1528         setenv1("HTTP_USER_AGENT", G.user_agent);
1529         if (G.http_accept)
1530                 setenv1("HTTP_ACCEPT", G.http_accept);
1531         if (G.http_accept_language)
1532                 setenv1("HTTP_ACCEPT_LANGUAGE", G.http_accept_language);
1533         if (post_len)
1534                 putenv(xasprintf("CONTENT_LENGTH=%d", post_len));
1535         if (cookie)
1536                 setenv1("HTTP_COOKIE", cookie);
1537         if (content_type)
1538                 setenv1("CONTENT_TYPE", content_type);
1539 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
1540         if (remoteuser) {
1541                 setenv1("REMOTE_USER", remoteuser);
1542                 putenv((char*)"AUTH_TYPE=Basic");
1543         }
1544 #endif
1545         if (G.referer)
1546                 setenv1("HTTP_REFERER", G.referer);
1547         setenv1("HTTP_HOST", G.host); /* set to "" if NULL */
1548         /* setenv1("SERVER_NAME", safe_gethostname()); - don't do this,
1549          * just run "env SERVER_NAME=xyz httpd ..." instead */
1550
1551         xpiped_pair(fromCgi);
1552         xpiped_pair(toCgi);
1553
1554         pid = vfork();
1555         if (pid < 0) {
1556                 /* TODO: log perror? */
1557                 log_and_exit();
1558         }
1559
1560         if (pid == 0) {
1561                 /* Child process */
1562                 char *argv[3];
1563
1564                 xfunc_error_retval = 242;
1565
1566                 /* NB: close _first_, then move fds! */
1567                 close(toCgi.wr);
1568                 close(fromCgi.rd);
1569                 xmove_fd(toCgi.rd, 0);  /* replace stdin with the pipe */
1570                 xmove_fd(fromCgi.wr, 1);  /* replace stdout with the pipe */
1571                 /* User seeing stderr output can be a security problem.
1572                  * If CGI really wants that, it can always do dup itself. */
1573                 /* dup2(1, 2); */
1574
1575                 /* Chdiring to script's dir */
1576                 script = last_slash;
1577                 if (script != url) { /* paranoia */
1578                         *script = '\0';
1579                         if (chdir(url + 1) != 0) {
1580                                 bb_perror_msg("can't change directory to '%s'", url + 1);
1581                                 goto error_execing_cgi;
1582                         }
1583                         // not needed: *script = '/';
1584                 }
1585                 script++;
1586
1587                 /* set argv[0] to name without path */
1588                 argv[0] = script;
1589                 argv[1] = NULL;
1590
1591 #if ENABLE_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
1592                 {
1593                         char *suffix = strrchr(script, '.');
1594
1595                         if (suffix) {
1596                                 Htaccess *cur;
1597                                 for (cur = script_i; cur; cur = cur->next) {
1598                                         if (strcmp(cur->before_colon + 1, suffix) == 0) {
1599                                                 /* found interpreter name */
1600                                                 argv[0] = cur->after_colon;
1601                                                 argv[1] = script;
1602                                                 argv[2] = NULL;
1603                                                 break;
1604                                         }
1605                                 }
1606                         }
1607                 }
1608 #endif
1609                 /* restore default signal dispositions for CGI process */
1610                 bb_signals(0
1611                         | (1 << SIGCHLD)
1612                         | (1 << SIGPIPE)
1613                         | (1 << SIGHUP)
1614                         , SIG_DFL);
1615
1616                 /* _NOT_ execvp. We do not search PATH. argv[0] is a filename
1617                  * without any dir components and will only match a file
1618                  * in the current directory */
1619                 execv(argv[0], argv);
1620                 if (verbose)
1621                         bb_perror_msg("can't execute '%s'", argv[0]);
1622  error_execing_cgi:
1623                 /* send to stdout
1624                  * (we are CGI here, our stdout is pumped to the net) */
1625                 send_headers_and_exit(HTTP_NOT_FOUND);
1626         } /* end child */
1627
1628         /* Parent process */
1629
1630         /* Restore variables possibly changed by child */
1631         xfunc_error_retval = 0;
1632
1633         /* Pump data */
1634         close(fromCgi.wr);
1635         close(toCgi.rd);
1636         cgi_io_loop_and_exit(fromCgi.rd, toCgi.wr, post_len);
1637 }
1638
1639 #endif          /* FEATURE_HTTPD_CGI */
1640
1641 /*
1642  * Send a file response to a HTTP request, and exit
1643  *
1644  * Parameters:
1645  * const char *url  The requested URL (with leading /).
1646  * what             What to send (headers/body/both).
1647  */
1648 static NOINLINE void send_file_and_exit(const char *url, int what)
1649 {
1650         char *suffix;
1651         int fd;
1652         ssize_t count;
1653
1654         if (content_gzip) {
1655                 /* does <url>.gz exist? Then use it instead */
1656                 char *gzurl = xasprintf("%s.gz", url);
1657                 fd = open(gzurl, O_RDONLY);
1658                 free(gzurl);
1659                 if (fd != -1) {
1660                         struct stat sb;
1661                         fstat(fd, &sb);
1662                         file_size = sb.st_size;
1663                         last_mod = sb.st_mtime;
1664                 } else {
1665                         IF_FEATURE_HTTPD_GZIP(content_gzip = 0;)
1666                         fd = open(url, O_RDONLY);
1667                 }
1668         } else {
1669                 fd = open(url, O_RDONLY);
1670         }
1671         if (fd < 0) {
1672                 if (DEBUG)
1673                         bb_perror_msg("can't open '%s'", url);
1674                 /* Error pages are sent by using send_file_and_exit(SEND_BODY).
1675                  * IOW: it is unsafe to call send_headers_and_exit
1676                  * if what is SEND_BODY! Can recurse! */
1677                 if (what != SEND_BODY)
1678                         send_headers_and_exit(HTTP_NOT_FOUND);
1679                 log_and_exit();
1680         }
1681         /* If you want to know about EPIPE below
1682          * (happens if you abort downloads from local httpd): */
1683         signal(SIGPIPE, SIG_IGN);
1684
1685         /* If not found, default is "application/octet-stream" */
1686         found_mime_type = "application/octet-stream";
1687         suffix = strrchr(url, '.');
1688         if (suffix) {
1689                 static const char suffixTable[] ALIGN1 =
1690                         /* Shorter suffix must be first:
1691                          * ".html.htm" will fail for ".htm"
1692                          */
1693                         ".txt.h.c.cc.cpp\0" "text/plain\0"
1694                         /* .htm line must be after .h line */
1695                         ".htm.html\0" "text/html\0"
1696                         ".jpg.jpeg\0" "image/jpeg\0"
1697                         ".gif\0"      "image/gif\0"
1698                         ".png\0"      "image/png\0"
1699                         /* .css line must be after .c line */
1700                         ".css\0"      "text/css\0"
1701                         ".wav\0"      "audio/wav\0"
1702                         ".avi\0"      "video/x-msvideo\0"
1703                         ".qt.mov\0"   "video/quicktime\0"
1704                         ".mpe.mpeg\0" "video/mpeg\0"
1705                         ".mid.midi\0" "audio/midi\0"
1706                         ".mp3\0"      "audio/mpeg\0"
1707 #if 0  /* unpopular */
1708                         ".au\0"       "audio/basic\0"
1709                         ".pac\0"      "application/x-ns-proxy-autoconfig\0"
1710                         ".vrml.wrl\0" "model/vrml\0"
1711 #endif
1712                         /* compiler adds another "\0" here */
1713                 ;
1714                 Htaccess *cur;
1715
1716                 /* Examine built-in table */
1717                 const char *table = suffixTable;
1718                 const char *table_next;
1719                 for (; *table; table = table_next) {
1720                         const char *try_suffix;
1721                         const char *mime_type;
1722                         mime_type  = table + strlen(table) + 1;
1723                         table_next = mime_type + strlen(mime_type) + 1;
1724                         try_suffix = strstr(table, suffix);
1725                         if (!try_suffix)
1726                                 continue;
1727                         try_suffix += strlen(suffix);
1728                         if (*try_suffix == '\0' || *try_suffix == '.') {
1729                                 found_mime_type = mime_type;
1730                                 break;
1731                         }
1732                         /* Example: strstr(table, ".av") != NULL, but it
1733                          * does not match ".avi" after all and we end up here.
1734                          * The table is arranged so that in this case we know
1735                          * that it can't match anything in the following lines,
1736                          * and we stop the search: */
1737                         break;
1738                 }
1739                 /* ...then user's table */
1740                 for (cur = mime_a; cur; cur = cur->next) {
1741                         if (strcmp(cur->before_colon, suffix) == 0) {
1742                                 found_mime_type = cur->after_colon;
1743                                 break;
1744                         }
1745                 }
1746         }
1747
1748         if (DEBUG)
1749                 bb_error_msg("sending file '%s' content-type: %s",
1750                         url, found_mime_type);
1751
1752 #if ENABLE_FEATURE_HTTPD_RANGES
1753         if (what == SEND_BODY /* err pages and ranges don't mix */
1754          || content_gzip /* we are sending compressed page: can't do ranges */  ///why?
1755         ) {
1756                 range_start = -1;
1757         }
1758         range_len = MAXINT(off_t);
1759         if (range_start >= 0) {
1760                 if (!range_end || range_end > file_size - 1) {
1761                         range_end = file_size - 1;
1762                 }
1763                 if (range_end < range_start
1764                  || lseek(fd, range_start, SEEK_SET) != range_start
1765                 ) {
1766                         lseek(fd, 0, SEEK_SET);
1767                         range_start = -1;
1768                 } else {
1769                         range_len = range_end - range_start + 1;
1770                         send_headers(HTTP_PARTIAL_CONTENT);
1771                         what = SEND_BODY;
1772                 }
1773         }
1774 #endif
1775         if (what & SEND_HEADERS)
1776                 send_headers(HTTP_OK);
1777 #if ENABLE_FEATURE_USE_SENDFILE
1778         {
1779                 off_t offset = range_start;
1780                 while (1) {
1781                         /* sz is rounded down to 64k */
1782                         ssize_t sz = MAXINT(ssize_t) - 0xffff;
1783                         IF_FEATURE_HTTPD_RANGES(if (sz > range_len) sz = range_len;)
1784                         count = sendfile(STDOUT_FILENO, fd, &offset, sz);
1785                         if (count < 0) {
1786                                 if (offset == range_start)
1787                                         break; /* fall back to read/write loop */
1788                                 goto fin;
1789                         }
1790                         IF_FEATURE_HTTPD_RANGES(range_len -= count;)
1791                         if (count == 0 || range_len == 0)
1792                                 log_and_exit();
1793                 }
1794         }
1795 #endif
1796         while ((count = safe_read(fd, iobuf, IOBUF_SIZE)) > 0) {
1797                 ssize_t n;
1798                 IF_FEATURE_HTTPD_RANGES(if (count > range_len) count = range_len;)
1799                 n = full_write(STDOUT_FILENO, iobuf, count);
1800                 if (count != n)
1801                         break;
1802                 IF_FEATURE_HTTPD_RANGES(range_len -= count;)
1803                 if (range_len == 0)
1804                         break;
1805         }
1806         if (count < 0) {
1807  IF_FEATURE_USE_SENDFILE(fin:)
1808                 if (verbose > 1)
1809                         bb_perror_msg("error");
1810         }
1811         log_and_exit();
1812 }
1813
1814 static int checkPermIP(void)
1815 {
1816         Htaccess_IP *cur;
1817
1818         for (cur = ip_a_d; cur; cur = cur->next) {
1819 #if DEBUG
1820                 fprintf(stderr,
1821                         "checkPermIP: '%s' ? '%u.%u.%u.%u/%u.%u.%u.%u'\n",
1822                         rmt_ip_str,
1823                         (unsigned char)(cur->ip >> 24),
1824                         (unsigned char)(cur->ip >> 16),
1825                         (unsigned char)(cur->ip >> 8),
1826                         (unsigned char)(cur->ip),
1827                         (unsigned char)(cur->mask >> 24),
1828                         (unsigned char)(cur->mask >> 16),
1829                         (unsigned char)(cur->mask >> 8),
1830                         (unsigned char)(cur->mask)
1831                 );
1832 #endif
1833                 if ((rmt_ip & cur->mask) == cur->ip)
1834                         return (cur->allow_deny == 'A'); /* A -> 1 */
1835         }
1836
1837         return !flg_deny_all; /* depends on whether we saw "D:*" */
1838 }
1839
1840 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
1841
1842 # if ENABLE_PAM
1843 struct pam_userinfo {
1844         const char *name;
1845         const char *pw;
1846 };
1847
1848 static int pam_talker(int num_msg,
1849                 const struct pam_message **msg,
1850                 struct pam_response **resp,
1851                 void *appdata_ptr)
1852 {
1853         int i;
1854         struct pam_userinfo *userinfo = (struct pam_userinfo *) appdata_ptr;
1855         struct pam_response *response;
1856
1857         if (!resp || !msg || !userinfo)
1858                 return PAM_CONV_ERR;
1859
1860         /* allocate memory to store response */
1861         response = xzalloc(num_msg * sizeof(*response));
1862
1863         /* copy values */
1864         for (i = 0; i < num_msg; i++) {
1865                 const char *s;
1866
1867                 switch (msg[i]->msg_style) {
1868                 case PAM_PROMPT_ECHO_ON:
1869                         s = userinfo->name;
1870                         break;
1871                 case PAM_PROMPT_ECHO_OFF:
1872                         s = userinfo->pw;
1873                         break;
1874                 case PAM_ERROR_MSG:
1875                 case PAM_TEXT_INFO:
1876                         s = "";
1877                         break;
1878                 default:
1879                         free(response);
1880                         return PAM_CONV_ERR;
1881                 }
1882                 response[i].resp = xstrdup(s);
1883                 if (PAM_SUCCESS != 0)
1884                         response[i].resp_retcode = PAM_SUCCESS;
1885         }
1886         *resp = response;
1887         return PAM_SUCCESS;
1888 }
1889 # endif
1890
1891 /*
1892  * Config file entries are of the form "/<path>:<user>:<passwd>".
1893  * If config file has no prefix match for path, access is allowed.
1894  *
1895  * path                 The file path
1896  * user_and_passwd      "user:passwd" to validate
1897  *
1898  * Returns 1 if user_and_passwd is OK.
1899  */
1900 static int check_user_passwd(const char *path, char *user_and_passwd)
1901 {
1902         Htaccess *cur;
1903         const char *prev = NULL;
1904
1905         for (cur = g_auth; cur; cur = cur->next) {
1906                 const char *dir_prefix;
1907                 size_t len;
1908                 int r;
1909
1910                 dir_prefix = cur->before_colon;
1911
1912                 /* WHY? */
1913                 /* If already saw a match, don't accept other different matches */
1914                 if (prev && strcmp(prev, dir_prefix) != 0)
1915                         continue;
1916
1917                 if (DEBUG)
1918                         fprintf(stderr, "checkPerm: '%s' ? '%s'\n", dir_prefix, user_and_passwd);
1919
1920                 /* If it's not a prefix match, continue searching */
1921                 len = strlen(dir_prefix);
1922                 if (len != 1 /* dir_prefix "/" matches all, don't need to check */
1923                  && (strncmp(dir_prefix, path, len) != 0
1924                     || (path[len] != '/' && path[len] != '\0')
1925                     )
1926                 ) {
1927                         continue;
1928                 }
1929
1930                 /* Path match found */
1931                 prev = dir_prefix;
1932
1933                 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
1934                         char *colon_after_user;
1935                         const char *passwd;
1936 # if ENABLE_FEATURE_SHADOWPASSWDS && !ENABLE_PAM
1937                         char sp_buf[256];
1938 # endif
1939
1940                         colon_after_user = strchr(user_and_passwd, ':');
1941                         if (!colon_after_user)
1942                                 goto bad_input;
1943
1944                         /* compare "user:" */
1945                         if (cur->after_colon[0] != '*'
1946                          && strncmp(cur->after_colon, user_and_passwd,
1947                                         colon_after_user - user_and_passwd + 1) != 0
1948                         ) {
1949                                 continue;
1950                         }
1951                         /* this cfg entry is '*' or matches username from peer */
1952
1953                         passwd = strchr(cur->after_colon, ':');
1954                         if (!passwd)
1955                                 goto bad_input;
1956                         passwd++;
1957                         if (passwd[0] == '*') {
1958 # if ENABLE_PAM
1959                                 struct pam_userinfo userinfo;
1960                                 struct pam_conv conv_info = { &pam_talker, (void *) &userinfo };
1961                                 pam_handle_t *pamh;
1962
1963                                 *colon_after_user = '\0';
1964                                 userinfo.name = user_and_passwd;
1965                                 userinfo.pw = colon_after_user + 1;
1966                                 r = pam_start("httpd", user_and_passwd, &conv_info, &pamh) != PAM_SUCCESS;
1967                                 if (r == 0) {
1968                                         r = pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS
1969                                          || pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK)    != PAM_SUCCESS
1970                                         ;
1971                                         pam_end(pamh, PAM_SUCCESS);
1972                                 }
1973                                 *colon_after_user = ':';
1974                                 goto end_check_passwd;
1975 # else
1976 #  if ENABLE_FEATURE_SHADOWPASSWDS
1977                                 /* Using _r function to avoid pulling in static buffers */
1978                                 struct spwd spw;
1979 #  endif
1980                                 struct passwd *pw;
1981
1982                                 *colon_after_user = '\0';
1983                                 pw = getpwnam(user_and_passwd);
1984                                 *colon_after_user = ':';
1985                                 if (!pw || !pw->pw_passwd)
1986                                         continue;
1987                                 passwd = pw->pw_passwd;
1988 #  if ENABLE_FEATURE_SHADOWPASSWDS
1989                                 if ((passwd[0] == 'x' || passwd[0] == '*') && !passwd[1]) {
1990                                         /* getspnam_r may return 0 yet set result to NULL.
1991                                          * At least glibc 2.4 does this. Be extra paranoid here. */
1992                                         struct spwd *result = NULL;
1993                                         r = getspnam_r(pw->pw_name, &spw, sp_buf, sizeof(sp_buf), &result);
1994                                         if (r == 0 && result)
1995                                                 passwd = result->sp_pwdp;
1996                                 }
1997 #  endif
1998                                 /* In this case, passwd is ALWAYS encrypted:
1999                                  * it came from /etc/passwd or /etc/shadow!
2000                                  */
2001                                 goto check_encrypted;
2002 # endif /* ENABLE_PAM */
2003                         }
2004                         /* Else: passwd is from httpd.conf, it is either plaintext or encrypted */
2005
2006                         if (passwd[0] == '$' && isdigit(passwd[1])) {
2007                                 char *encrypted;
2008 # if !ENABLE_PAM
2009  check_encrypted:
2010 # endif
2011                                 /* encrypt pwd from peer and check match with local one */
2012                                 encrypted = pw_encrypt(
2013                                         /* pwd (from peer): */  colon_after_user + 1,
2014                                         /* salt: */ passwd,
2015                                         /* cleanup: */ 0
2016                                 );
2017                                 r = strcmp(encrypted, passwd);
2018                                 free(encrypted);
2019                         } else {
2020                                 /* local passwd is from httpd.conf and it's plaintext */
2021                                 r = strcmp(colon_after_user + 1, passwd);
2022                         }
2023                         goto end_check_passwd;
2024                 }
2025  bad_input:
2026                 /* Comparing plaintext "user:pass" in one go */
2027                 r = strcmp(cur->after_colon, user_and_passwd);
2028  end_check_passwd:
2029                 if (r == 0) {
2030                         remoteuser = xstrndup(user_and_passwd,
2031                                 strchrnul(user_and_passwd, ':') - user_and_passwd
2032                         );
2033                         return 1; /* Ok */
2034                 }
2035         } /* for */
2036
2037         /* 0(bad) if prev is set: matches were found but passwd was wrong */
2038         return (prev == NULL);
2039 }
2040 #endif  /* FEATURE_HTTPD_BASIC_AUTH */
2041
2042 #if ENABLE_FEATURE_HTTPD_PROXY
2043 static Htaccess_Proxy *find_proxy_entry(const char *url)
2044 {
2045         Htaccess_Proxy *p;
2046         for (p = proxy; p; p = p->next) {
2047                 if (is_prefixed_with(url, p->url_from))
2048                         return p;
2049         }
2050         return NULL;
2051 }
2052 #endif
2053
2054 /*
2055  * Handle timeouts
2056  */
2057 static void send_REQUEST_TIMEOUT_and_exit(int sig) NORETURN;
2058 static void send_REQUEST_TIMEOUT_and_exit(int sig UNUSED_PARAM)
2059 {
2060         send_headers_and_exit(HTTP_REQUEST_TIMEOUT);
2061 }
2062
2063 /*
2064  * Handle an incoming http request and exit.
2065  */
2066 static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr) NORETURN;
2067 static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
2068 {
2069         static const char request_GET[] ALIGN1 = "GET";
2070         struct stat sb;
2071         char *urlcopy;
2072         char *urlp;
2073         char *tptr;
2074 #if ENABLE_FEATURE_HTTPD_CGI
2075         static const char request_HEAD[] ALIGN1 = "HEAD";
2076         const char *prequest;
2077         char *cookie = NULL;
2078         char *content_type = NULL;
2079         unsigned long length = 0;
2080 #elif ENABLE_FEATURE_HTTPD_PROXY
2081 #define prequest request_GET
2082         unsigned long length = 0;
2083 #endif
2084 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
2085         smallint authorized = -1;
2086 #endif
2087         smallint ip_allowed;
2088         char http_major_version;
2089 #if ENABLE_FEATURE_HTTPD_PROXY
2090         char http_minor_version;
2091         char *header_buf = header_buf; /* for gcc */
2092         char *header_ptr = header_ptr;
2093         Htaccess_Proxy *proxy_entry;
2094 #endif
2095
2096         /* Allocation of iobuf is postponed until now
2097          * (IOW, server process doesn't need to waste 8k) */
2098         iobuf = xmalloc(IOBUF_SIZE);
2099
2100         rmt_ip = 0;
2101         if (fromAddr->u.sa.sa_family == AF_INET) {
2102                 rmt_ip = ntohl(fromAddr->u.sin.sin_addr.s_addr);
2103         }
2104 #if ENABLE_FEATURE_IPV6
2105         if (fromAddr->u.sa.sa_family == AF_INET6
2106          && fromAddr->u.sin6.sin6_addr.s6_addr32[0] == 0
2107          && fromAddr->u.sin6.sin6_addr.s6_addr32[1] == 0
2108          && ntohl(fromAddr->u.sin6.sin6_addr.s6_addr32[2]) == 0xffff)
2109                 rmt_ip = ntohl(fromAddr->u.sin6.sin6_addr.s6_addr32[3]);
2110 #endif
2111         if (ENABLE_FEATURE_HTTPD_CGI || DEBUG || verbose) {
2112                 /* NB: can be NULL (user runs httpd -i by hand?) */
2113                 rmt_ip_str = xmalloc_sockaddr2dotted(&fromAddr->u.sa);
2114         }
2115         if (verbose) {
2116                 /* this trick makes -v logging much simpler */
2117                 if (rmt_ip_str)
2118                         applet_name = rmt_ip_str;
2119                 if (verbose > 2)
2120                         bb_error_msg("connected");
2121         }
2122
2123         /* Install timeout handler. get_line() needs it. */
2124         signal(SIGALRM, send_REQUEST_TIMEOUT_and_exit);
2125
2126         if (!get_line()) /* EOF or error or empty line */
2127                 send_headers_and_exit(HTTP_BAD_REQUEST);
2128
2129         /* Determine type of request (GET/POST) */
2130         // rfc2616: method and URI is separated by exactly one space
2131         //urlp = strpbrk(iobuf, " \t"); - no, tab isn't allowed
2132         urlp = strchr(iobuf, ' ');
2133         if (urlp == NULL)
2134                 send_headers_and_exit(HTTP_BAD_REQUEST);
2135         *urlp++ = '\0';
2136 #if ENABLE_FEATURE_HTTPD_CGI
2137         prequest = request_GET;
2138         if (strcasecmp(iobuf, prequest) != 0) {
2139                 prequest = request_HEAD;
2140                 if (strcasecmp(iobuf, prequest) != 0) {
2141                         prequest = "POST";
2142                         if (strcasecmp(iobuf, prequest) != 0)
2143                                 send_headers_and_exit(HTTP_NOT_IMPLEMENTED);
2144                 }
2145         }
2146 #else
2147         if (strcasecmp(iobuf, request_GET) != 0)
2148                 send_headers_and_exit(HTTP_NOT_IMPLEMENTED);
2149 #endif
2150         // rfc2616: method and URI is separated by exactly one space
2151         //urlp = skip_whitespace(urlp); - should not be necessary
2152         if (urlp[0] != '/')
2153                 send_headers_and_exit(HTTP_BAD_REQUEST);
2154
2155         /* Find end of URL and parse HTTP version, if any */
2156         http_major_version = '0';
2157         IF_FEATURE_HTTPD_PROXY(http_minor_version = '0';)
2158         tptr = strchrnul(urlp, ' ');
2159         /* Is it " HTTP/"? */
2160         if (tptr[0] && strncmp(tptr + 1, HTTP_200, 5) == 0) {
2161                 http_major_version = tptr[6];
2162                 IF_FEATURE_HTTPD_PROXY(http_minor_version = tptr[8];)
2163         }
2164         *tptr = '\0';
2165
2166         /* Copy URL from after "GET "/"POST " to stack-allocated char[] */
2167         urlcopy = alloca((tptr - urlp) + 2 + strlen(index_page));
2168         /*if (urlcopy == NULL)
2169          *      send_headers_and_exit(HTTP_INTERNAL_SERVER_ERROR);*/
2170         strcpy(urlcopy, urlp);
2171         /* NB: urlcopy ptr is never changed after this */
2172
2173         /* Extract url args if present */
2174         /* g_query = NULL; - already is */
2175         tptr = strchr(urlcopy, '?');
2176         if (tptr) {
2177                 *tptr++ = '\0';
2178                 g_query = tptr;
2179         }
2180
2181         /* Decode URL escape sequences */
2182         tptr = percent_decode_in_place(urlcopy, /*strict:*/ 1);
2183         if (tptr == NULL)
2184                 send_headers_and_exit(HTTP_BAD_REQUEST);
2185         if (tptr == urlcopy + 1) {
2186                 /* '/' or NUL is encoded */
2187                 send_headers_and_exit(HTTP_NOT_FOUND);
2188         }
2189
2190         /* Canonicalize path */
2191         /* Algorithm stolen from libbb bb_simplify_path(),
2192          * but don't strdup, retain trailing slash, protect root */
2193         urlp = tptr = urlcopy;
2194         for (;;) {
2195                 if (*urlp == '/') {
2196                         /* skip duplicate (or initial) slash */
2197                         if (*tptr == '/') {
2198                                 goto next_char;
2199                         }
2200                         if (*tptr == '.') {
2201                                 if (tptr[1] == '.' && (tptr[2] == '/' || tptr[2] == '\0')) {
2202                                         /* "..": be careful */
2203                                         /* protect root */
2204                                         if (urlp == urlcopy)
2205                                                 send_headers_and_exit(HTTP_BAD_REQUEST);
2206                                         /* omit previous dir */
2207                                         while (*--urlp != '/')
2208                                                 continue;
2209                                         /* skip to "./" or ".<NUL>" */
2210                                         tptr++;
2211                                 }
2212                                 if (tptr[1] == '/' || tptr[1] == '\0') {
2213                                         /* skip extra "/./" */
2214                                         goto next_char;
2215                                 }
2216                         }
2217                 }
2218                 *++urlp = *tptr;
2219                 if (*urlp == '\0')
2220                         break;
2221  next_char:
2222                 tptr++;
2223         }
2224
2225         /* If URL is a directory, add '/' */
2226         if (urlp[-1] != '/') {
2227                 if (is_directory(urlcopy + 1, /*followlinks:*/ 1)) {
2228                         found_moved_temporarily = urlcopy;
2229                 }
2230         }
2231
2232         /* Log it */
2233         if (verbose > 1)
2234                 bb_error_msg("url:%s", urlcopy);
2235
2236         tptr = urlcopy;
2237         ip_allowed = checkPermIP();
2238         while (ip_allowed && (tptr = strchr(tptr + 1, '/')) != NULL) {
2239                 /* have path1/path2 */
2240                 *tptr = '\0';
2241                 if (is_directory(urlcopy + 1, /*followlinks:*/ 1)) {
2242                         /* may have subdir config */
2243                         parse_conf(urlcopy + 1, SUBDIR_PARSE);
2244                         ip_allowed = checkPermIP();
2245                 }
2246                 *tptr = '/';
2247         }
2248
2249 #if ENABLE_FEATURE_HTTPD_PROXY
2250         proxy_entry = find_proxy_entry(urlcopy);
2251         if (proxy_entry)
2252                 header_buf = header_ptr = xmalloc(IOBUF_SIZE);
2253 #endif
2254
2255         if (http_major_version >= '0') {
2256                 /* Request was with "... HTTP/nXXX", and n >= 0 */
2257
2258                 /* Read until blank line */
2259                 while (1) {
2260                         if (!get_line())
2261                                 break; /* EOF or error or empty line */
2262                         if (DEBUG)
2263                                 bb_error_msg("header: '%s'", iobuf);
2264
2265 #if ENABLE_FEATURE_HTTPD_PROXY
2266                         /* We need 2 more bytes for yet another "\r\n" -
2267                          * see near fdprintf(proxy_fd...) further below */
2268                         if (proxy_entry && (header_ptr - header_buf) < IOBUF_SIZE - 4) {
2269                                 int len = strnlen(iobuf, IOBUF_SIZE - (header_ptr - header_buf) - 4);
2270                                 memcpy(header_ptr, iobuf, len);
2271                                 header_ptr += len;
2272                                 header_ptr[0] = '\r';
2273                                 header_ptr[1] = '\n';
2274                                 header_ptr += 2;
2275                         }
2276 #endif
2277
2278 #if ENABLE_FEATURE_HTTPD_CGI || ENABLE_FEATURE_HTTPD_PROXY
2279                         /* Try and do our best to parse more lines */
2280                         if ((STRNCASECMP(iobuf, "Content-Length:") == 0)) {
2281                                 /* extra read only for POST */
2282                                 if (prequest != request_GET
2283 # if ENABLE_FEATURE_HTTPD_CGI
2284                                  && prequest != request_HEAD
2285 # endif
2286                                 ) {
2287                                         tptr = skip_whitespace(iobuf + sizeof("Content-Length:") - 1);
2288                                         if (!tptr[0])
2289                                                 send_headers_and_exit(HTTP_BAD_REQUEST);
2290                                         /* not using strtoul: it ignores leading minus! */
2291                                         length = bb_strtou(tptr, NULL, 10);
2292                                         /* length is "ulong", but we need to pass it to int later */
2293                                         if (errno || length > INT_MAX)
2294                                                 send_headers_and_exit(HTTP_BAD_REQUEST);
2295                                 }
2296                         }
2297 #endif
2298 #if ENABLE_FEATURE_HTTPD_CGI
2299                         else if (STRNCASECMP(iobuf, "Cookie:") == 0) {
2300                                 if (!cookie) /* in case they send millions of these, do not OOM */
2301                                         cookie = xstrdup(skip_whitespace(iobuf + sizeof("Cookie:")-1));
2302                         } else if (STRNCASECMP(iobuf, "Content-Type:") == 0) {
2303                                 if (!content_type)
2304                                         content_type = xstrdup(skip_whitespace(iobuf + sizeof("Content-Type:")-1));
2305                         } else if (STRNCASECMP(iobuf, "Referer:") == 0) {
2306                                 if (!G.referer)
2307                                         G.referer = xstrdup(skip_whitespace(iobuf + sizeof("Referer:")-1));
2308                         } else if (STRNCASECMP(iobuf, "User-Agent:") == 0) {
2309                                 if (!G.user_agent)
2310                                         G.user_agent = xstrdup(skip_whitespace(iobuf + sizeof("User-Agent:")-1));
2311                         } else if (STRNCASECMP(iobuf, "Host:") == 0) {
2312                                 if (!G.host)
2313                                         G.host = xstrdup(skip_whitespace(iobuf + sizeof("Host:")-1));
2314                         } else if (STRNCASECMP(iobuf, "Accept:") == 0) {
2315                                 if (!G.http_accept)
2316                                         G.http_accept = xstrdup(skip_whitespace(iobuf + sizeof("Accept:")-1));
2317                         } else if (STRNCASECMP(iobuf, "Accept-Language:") == 0) {
2318                                 if (!G.http_accept_language)
2319                                         G.http_accept_language = xstrdup(skip_whitespace(iobuf + sizeof("Accept-Language:")-1));
2320                         }
2321 #endif
2322 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
2323                         if (STRNCASECMP(iobuf, "Authorization:") == 0) {
2324                                 /* We only allow Basic credentials.
2325                                  * It shows up as "Authorization: Basic <user>:<passwd>" where
2326                                  * "<user>:<passwd>" is base64 encoded.
2327                                  */
2328                                 tptr = skip_whitespace(iobuf + sizeof("Authorization:")-1);
2329                                 if (STRNCASECMP(tptr, "Basic") != 0)
2330                                         continue;
2331                                 tptr += sizeof("Basic")-1;
2332                                 /* decodeBase64() skips whitespace itself */
2333                                 decodeBase64(tptr);
2334                                 authorized = check_user_passwd(urlcopy, tptr);
2335                         }
2336 #endif
2337 #if ENABLE_FEATURE_HTTPD_RANGES
2338                         if (STRNCASECMP(iobuf, "Range:") == 0) {
2339                                 /* We know only bytes=NNN-[MMM] */
2340                                 char *s = skip_whitespace(iobuf + sizeof("Range:")-1);
2341                                 if (is_prefixed_with(s, "bytes=")) {
2342                                         s += sizeof("bytes=")-1;
2343                                         range_start = BB_STRTOOFF(s, &s, 10);
2344                                         if (s[0] != '-' || range_start < 0) {
2345                                                 range_start = -1;
2346                                         } else if (s[1]) {
2347                                                 range_end = BB_STRTOOFF(s+1, NULL, 10);
2348                                                 if (errno || range_end < range_start)
2349                                                         range_start = -1;
2350                                         }
2351                                 }
2352                         }
2353 #endif
2354 #if ENABLE_FEATURE_HTTPD_GZIP
2355                         if (STRNCASECMP(iobuf, "Accept-Encoding:") == 0) {
2356                                 /* Note: we do not support "gzip;q=0"
2357                                  * method of _disabling_ gzip
2358                                  * delivery. No one uses that, though */
2359                                 const char *s = strstr(iobuf, "gzip");
2360                                 if (s) {
2361                                         // want more thorough checks?
2362                                         //if (s[-1] == ' '
2363                                         // || s[-1] == ','
2364                                         // || s[-1] == ':'
2365                                         //) {
2366                                                 content_gzip = 1;
2367                                         //}
2368                                 }
2369                         }
2370 #endif
2371                 } /* while extra header reading */
2372         }
2373
2374         /* We are done reading headers, disable peer timeout */
2375         alarm(0);
2376
2377         if (strcmp(bb_basename(urlcopy), HTTPD_CONF) == 0 || !ip_allowed) {
2378                 /* protect listing [/path]/httpd.conf or IP deny */
2379                 send_headers_and_exit(HTTP_FORBIDDEN);
2380         }
2381
2382 #if ENABLE_FEATURE_HTTPD_BASIC_AUTH
2383         /* Case: no "Authorization:" was seen, but page might require passwd.
2384          * Check that with dummy user:pass */
2385         if (authorized < 0)
2386                 authorized = check_user_passwd(urlcopy, (char *) "");
2387         if (!authorized)
2388                 send_headers_and_exit(HTTP_UNAUTHORIZED);
2389 #endif
2390
2391         if (found_moved_temporarily) {
2392                 send_headers_and_exit(HTTP_MOVED_TEMPORARILY);
2393         }
2394
2395 #if ENABLE_FEATURE_HTTPD_PROXY
2396         if (proxy_entry != NULL) {
2397                 int proxy_fd;
2398                 len_and_sockaddr *lsa;
2399
2400                 lsa = host2sockaddr(proxy_entry->host_port, 80);
2401                 if (lsa == NULL)
2402                         send_headers_and_exit(HTTP_INTERNAL_SERVER_ERROR);
2403                 proxy_fd = socket(lsa->u.sa.sa_family, SOCK_STREAM, 0);
2404                 if (proxy_fd < 0)
2405                         send_headers_and_exit(HTTP_INTERNAL_SERVER_ERROR);
2406                 if (connect(proxy_fd, &lsa->u.sa, lsa->len) < 0)
2407                         send_headers_and_exit(HTTP_INTERNAL_SERVER_ERROR);
2408                 fdprintf(proxy_fd, "%s %s%s%s%s HTTP/%c.%c\r\n",
2409                                 prequest, /* GET or POST */
2410                                 proxy_entry->url_to, /* url part 1 */
2411                                 urlcopy + strlen(proxy_entry->url_from), /* url part 2 */
2412                                 (g_query ? "?" : ""), /* "?" (maybe) */
2413                                 (g_query ? g_query : ""), /* query string (maybe) */
2414                                 http_major_version, http_minor_version);
2415                 header_ptr[0] = '\r';
2416                 header_ptr[1] = '\n';
2417                 header_ptr += 2;
2418                 write(proxy_fd, header_buf, header_ptr - header_buf);
2419                 free(header_buf); /* on the order of 8k, free it */
2420                 cgi_io_loop_and_exit(proxy_fd, proxy_fd, length);
2421         }
2422 #endif
2423
2424         tptr = urlcopy + 1;      /* skip first '/' */
2425
2426 #if ENABLE_FEATURE_HTTPD_CGI
2427         if (is_prefixed_with(tptr, "cgi-bin/")) {
2428                 if (tptr[8] == '\0') {
2429                         /* protect listing "cgi-bin/" */
2430                         send_headers_and_exit(HTTP_FORBIDDEN);
2431                 }
2432                 send_cgi_and_exit(urlcopy, urlcopy, prequest, length, cookie, content_type);
2433         }
2434 #endif
2435
2436         if (urlp[-1] == '/') {
2437                 /* When index_page string is appended to <dir>/ URL, it overwrites
2438                  * the query string. If we fall back to call /cgi-bin/index.cgi,
2439                  * query string would be lost and not available to the CGI.
2440                  * Work around it by making a deep copy.
2441                  */
2442                 if (ENABLE_FEATURE_HTTPD_CGI)
2443                         g_query = xstrdup(g_query); /* ok for NULL too */
2444                 strcpy(urlp, index_page);
2445         }
2446         if (stat(tptr, &sb) == 0) {
2447 #if ENABLE_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
2448                 char *suffix = strrchr(tptr, '.');
2449                 if (suffix) {
2450                         Htaccess *cur;
2451                         for (cur = script_i; cur; cur = cur->next) {
2452                                 if (strcmp(cur->before_colon + 1, suffix) == 0) {
2453                                         send_cgi_and_exit(urlcopy, urlcopy, prequest, length, cookie, content_type);
2454                                 }
2455                         }
2456                 }
2457 #endif
2458                 file_size = sb.st_size;
2459                 last_mod = sb.st_mtime;
2460         }
2461 #if ENABLE_FEATURE_HTTPD_CGI
2462         else if (urlp[-1] == '/') {
2463                 /* It's a dir URL and there is no index.html
2464                  * Try cgi-bin/index.cgi */
2465                 if (access("/cgi-bin/index.cgi"+1, X_OK) == 0) {
2466                         urlp[0] = '\0'; /* remove index_page */
2467                         send_cgi_and_exit("/cgi-bin/index.cgi", urlcopy, prequest, length, cookie, content_type);
2468                 }
2469         }
2470         /* else fall through to send_file, it errors out if open fails: */
2471
2472         if (prequest != request_GET && prequest != request_HEAD) {
2473                 /* POST for files does not make sense */
2474                 send_headers_and_exit(HTTP_NOT_IMPLEMENTED);
2475         }
2476         send_file_and_exit(tptr,
2477                 (prequest != request_HEAD ? SEND_HEADERS_AND_BODY : SEND_HEADERS)
2478         );
2479 #else
2480         send_file_and_exit(tptr, SEND_HEADERS_AND_BODY);
2481 #endif
2482 }
2483
2484 /*
2485  * The main http server function.
2486  * Given a socket, listen for new connections and farm out
2487  * the processing as a [v]forked process.
2488  * Never returns.
2489  */
2490 #if BB_MMU
2491 static void mini_httpd(int server_socket) NORETURN;
2492 static void mini_httpd(int server_socket)
2493 {
2494         /* NB: it's best to not use xfuncs in this loop before fork().
2495          * Otherwise server may die on transient errors (temporary
2496          * out-of-memory condition, etc), which is Bad(tm).
2497          * Try to do any dangerous calls after fork.
2498          */
2499         while (1) {
2500                 int n;
2501                 len_and_sockaddr fromAddr;
2502
2503                 /* Wait for connections... */
2504                 fromAddr.len = LSA_SIZEOF_SA;
2505                 n = accept(server_socket, &fromAddr.u.sa, &fromAddr.len);
2506                 if (n < 0)
2507                         continue;
2508
2509                 /* set the KEEPALIVE option to cull dead connections */
2510                 setsockopt_keepalive(n);
2511
2512                 if (fork() == 0) {
2513                         /* child */
2514                         /* Do not reload config on HUP */
2515                         signal(SIGHUP, SIG_IGN);
2516                         close(server_socket);
2517                         xmove_fd(n, 0);
2518                         xdup2(0, 1);
2519
2520                         handle_incoming_and_exit(&fromAddr);
2521                 }
2522                 /* parent, or fork failed */
2523                 close(n);
2524         } /* while (1) */
2525         /* never reached */
2526 }
2527 #else
2528 static void mini_httpd_nommu(int server_socket, int argc, char **argv) NORETURN;
2529 static void mini_httpd_nommu(int server_socket, int argc, char **argv)
2530 {
2531         char *argv_copy[argc + 2];
2532
2533         argv_copy[0] = argv[0];
2534         argv_copy[1] = (char*)"-i";
2535         memcpy(&argv_copy[2], &argv[1], argc * sizeof(argv[0]));
2536
2537         /* NB: it's best to not use xfuncs in this loop before vfork().
2538          * Otherwise server may die on transient errors (temporary
2539          * out-of-memory condition, etc), which is Bad(tm).
2540          * Try to do any dangerous calls after fork.
2541          */
2542         while (1) {
2543                 int n;
2544                 len_and_sockaddr fromAddr;
2545
2546                 /* Wait for connections... */
2547                 fromAddr.len = LSA_SIZEOF_SA;
2548                 n = accept(server_socket, &fromAddr.u.sa, &fromAddr.len);
2549                 if (n < 0)
2550                         continue;
2551
2552                 /* set the KEEPALIVE option to cull dead connections */
2553                 setsockopt_keepalive(n);
2554
2555                 if (vfork() == 0) {
2556                         /* child */
2557                         /* Do not reload config on HUP */
2558                         signal(SIGHUP, SIG_IGN);
2559                         close(server_socket);
2560                         xmove_fd(n, 0);
2561                         xdup2(0, 1);
2562
2563                         /* Run a copy of ourself in inetd mode */
2564                         re_exec(argv_copy);
2565                 }
2566                 argv_copy[0][0] &= 0x7f;
2567                 /* parent, or vfork failed */
2568                 close(n);
2569         } /* while (1) */
2570         /* never reached */
2571 }
2572 #endif
2573
2574 /*
2575  * Process a HTTP connection on stdin/out.
2576  * Never returns.
2577  */
2578 static void mini_httpd_inetd(void) NORETURN;
2579 static void mini_httpd_inetd(void)
2580 {
2581         len_and_sockaddr fromAddr;
2582
2583         memset(&fromAddr, 0, sizeof(fromAddr));
2584         fromAddr.len = LSA_SIZEOF_SA;
2585         /* NB: can fail if user runs it by hand and types in http cmds */
2586         getpeername(0, &fromAddr.u.sa, &fromAddr.len);
2587         handle_incoming_and_exit(&fromAddr);
2588 }
2589
2590 static void sighup_handler(int sig UNUSED_PARAM)
2591 {
2592         parse_conf(DEFAULT_PATH_HTTPD_CONF, SIGNALED_PARSE);
2593 }
2594
2595 enum {
2596         c_opt_config_file = 0,
2597         d_opt_decode_url,
2598         h_opt_home_httpd,
2599         IF_FEATURE_HTTPD_ENCODE_URL_STR(e_opt_encode_url,)
2600         IF_FEATURE_HTTPD_BASIC_AUTH(    r_opt_realm     ,)
2601         IF_FEATURE_HTTPD_AUTH_MD5(      m_opt_md5       ,)
2602         IF_FEATURE_HTTPD_SETUID(        u_opt_setuid    ,)
2603         p_opt_port      ,
2604         p_opt_inetd     ,
2605         p_opt_foreground,
2606         p_opt_verbose   ,
2607         OPT_CONFIG_FILE = 1 << c_opt_config_file,
2608         OPT_DECODE_URL  = 1 << d_opt_decode_url,
2609         OPT_HOME_HTTPD  = 1 << h_opt_home_httpd,
2610         OPT_ENCODE_URL  = IF_FEATURE_HTTPD_ENCODE_URL_STR((1 << e_opt_encode_url)) + 0,
2611         OPT_REALM       = IF_FEATURE_HTTPD_BASIC_AUTH(    (1 << r_opt_realm     )) + 0,
2612         OPT_MD5         = IF_FEATURE_HTTPD_AUTH_MD5(      (1 << m_opt_md5       )) + 0,
2613         OPT_SETUID      = IF_FEATURE_HTTPD_SETUID(        (1 << u_opt_setuid    )) + 0,
2614         OPT_PORT        = 1 << p_opt_port,
2615         OPT_INETD       = 1 << p_opt_inetd,
2616         OPT_FOREGROUND  = 1 << p_opt_foreground,
2617         OPT_VERBOSE     = 1 << p_opt_verbose,
2618 };
2619
2620
2621 int httpd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
2622 int httpd_main(int argc UNUSED_PARAM, char **argv)
2623 {
2624         int server_socket = server_socket; /* for gcc */
2625         unsigned opt;
2626         char *url_for_decode;
2627         IF_FEATURE_HTTPD_ENCODE_URL_STR(const char *url_for_encode;)
2628         IF_FEATURE_HTTPD_SETUID(const char *s_ugid = NULL;)
2629         IF_FEATURE_HTTPD_SETUID(struct bb_uidgid_t ugid;)
2630         IF_FEATURE_HTTPD_AUTH_MD5(const char *pass;)
2631
2632         INIT_G();
2633
2634 #if ENABLE_LOCALE_SUPPORT
2635         /* Undo busybox.c: we want to speak English in http (dates etc) */
2636         setlocale(LC_TIME, "C");
2637 #endif
2638
2639         home_httpd = xrealloc_getcwd_or_warn(NULL);
2640         /* We do not "absolutize" path given by -h (home) opt.
2641          * If user gives relative path in -h,
2642          * $SCRIPT_FILENAME will not be set. */
2643         opt = getopt32(argv, "^"
2644                         "c:d:h:"
2645                         IF_FEATURE_HTTPD_ENCODE_URL_STR("e:")
2646                         IF_FEATURE_HTTPD_BASIC_AUTH("r:")
2647                         IF_FEATURE_HTTPD_AUTH_MD5("m:")
2648                         IF_FEATURE_HTTPD_SETUID("u:")
2649                         "p:ifv"
2650                         "\0"
2651                         /* -v counts, -i implies -f */
2652                         "vv:if",
2653                         &opt_c_configFile, &url_for_decode, &home_httpd
2654                         IF_FEATURE_HTTPD_ENCODE_URL_STR(, &url_for_encode)
2655                         IF_FEATURE_HTTPD_BASIC_AUTH(, &g_realm)
2656                         IF_FEATURE_HTTPD_AUTH_MD5(, &pass)
2657                         IF_FEATURE_HTTPD_SETUID(, &s_ugid)
2658                         , &bind_addr_or_port
2659                         , &verbose
2660                 );
2661         if (opt & OPT_DECODE_URL) {
2662                 fputs(percent_decode_in_place(url_for_decode, /*strict:*/ 0), stdout);
2663                 return 0;
2664         }
2665 #if ENABLE_FEATURE_HTTPD_ENCODE_URL_STR
2666         if (opt & OPT_ENCODE_URL) {
2667                 fputs(encodeString(url_for_encode), stdout);
2668                 return 0;
2669         }
2670 #endif
2671 #if ENABLE_FEATURE_HTTPD_AUTH_MD5
2672         if (opt & OPT_MD5) {
2673                 char salt[sizeof("$1$XXXXXXXX")];
2674                 salt[0] = '$';
2675                 salt[1] = '1';
2676                 salt[2] = '$';
2677                 crypt_make_salt(salt + 3, 4);
2678                 puts(pw_encrypt(pass, salt, /*cleanup:*/ 0));
2679                 return 0;
2680         }
2681 #endif
2682 #if ENABLE_FEATURE_HTTPD_SETUID
2683         if (opt & OPT_SETUID) {
2684                 xget_uidgid(&ugid, s_ugid);
2685         }
2686 #endif
2687
2688 #if !BB_MMU
2689         if (!(opt & OPT_FOREGROUND)) {
2690                 bb_daemonize_or_rexec(0, argv); /* don't change current directory */
2691         }
2692 #endif
2693
2694         xchdir(home_httpd);
2695         if (!(opt & OPT_INETD)) {
2696                 signal(SIGCHLD, SIG_IGN);
2697                 server_socket = openServer();
2698 #if ENABLE_FEATURE_HTTPD_SETUID
2699                 /* drop privileges */
2700                 if (opt & OPT_SETUID) {
2701                         if (ugid.gid != (gid_t)-1) {
2702                                 if (setgroups(1, &ugid.gid) == -1)
2703                                         bb_perror_msg_and_die("setgroups");
2704                                 xsetgid(ugid.gid);
2705                         }
2706                         xsetuid(ugid.uid);
2707                 }
2708 #endif
2709         }
2710
2711 #if 0
2712         /* User can do it himself: 'env - PATH="$PATH" httpd'
2713          * We don't do it because we don't want to screw users
2714          * which want to do
2715          * 'env - VAR1=val1 VAR2=val2 httpd'
2716          * and have VAR1 and VAR2 values visible in their CGIs.
2717          * Besides, it is also smaller. */
2718         {
2719                 char *p = getenv("PATH");
2720                 /* env strings themself are not freed, no need to xstrdup(p): */
2721                 clearenv();
2722                 if (p)
2723                         putenv(p - 5);
2724 //              if (!(opt & OPT_INETD))
2725 //                      setenv_long("SERVER_PORT", ???);
2726         }
2727 #endif
2728
2729         parse_conf(DEFAULT_PATH_HTTPD_CONF, FIRST_PARSE);
2730         if (!(opt & OPT_INETD))
2731                 signal(SIGHUP, sighup_handler);
2732
2733         xfunc_error_retval = 0;
2734         if (opt & OPT_INETD)
2735                 mini_httpd_inetd();
2736 #if BB_MMU
2737         if (!(opt & OPT_FOREGROUND))
2738                 bb_daemonize(0); /* don't change current directory */
2739         mini_httpd(server_socket); /* never returns */
2740 #else
2741         mini_httpd_nommu(server_socket, argc, argv); /* never returns */
2742 #endif
2743         /* return 0; */
2744 }