- *script = '\0';
- if(is_directory(purl + 1, 1, &sb) == 0) {
- /* not directory, found script.cgi/PATH_INFO */
- *script = '/';
- break;
- }
- *script = '/'; /* is directory, find next '/' */
- }
- addEnv("PATH", "INFO", script); /* set /PATH_INFO or NULL */
- addEnv("PATH", "", getenv("PATH"));
- addEnv("REQUEST", "METHOD", request);
- if(config->query) {
- char *uri = alloca(strlen(purl) + 2 + strlen(config->query));
- if(uri)
- sprintf(uri, "%s?%s", purl, config->query);
- addEnv("REQUEST", "URI", uri);
- } else {
- addEnv("REQUEST", "URI", purl);
- }
- if(script != NULL)
- *script = '\0'; /* reduce /PATH_INFO */
- /* set SCRIPT_NAME as full path: /cgi-bin/dirs/script.cgi */
- addEnv("SCRIPT_NAME", "", purl);
- addEnv("QUERY_STRING", "", config->query);
- addEnv("SERVER", "SOFTWARE", httpdVersion);
- addEnv("SERVER", "PROTOCOL", "HTTP/1.0");
- addEnv("GATEWAY_INTERFACE", "", "CGI/1.1");
- addEnv("REMOTE", "ADDR", config->rmt_ip_str);
-#ifdef CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
- addEnvPort("REMOTE");
-#endif
- if(bodyLen) {
- char sbl[32];
-
- sprintf(sbl, "%d", bodyLen);
- addEnv("CONTENT", "LENGTH", sbl);
- }
- if(cookie)
- addEnv("HTTP", "COOKIE", cookie);
- if(content_type)
- addEnv("CONTENT", "TYPE", content_type);
-#ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
- if(config->remoteuser) {
- addEnv("REMOTE", "USER", config->remoteuser);
- addEnv("AUTH_TYPE", "", "Basic");
- }
+/*
+ * Note: We can use vfork() here in the no-mmu case, although
+ * the child modifies the parent's variables, due to:
+ * 1) The parent does not use the child-modified variables.
+ * 2) The allocated memory (in the child) is freed when the process
+ * exits. This happens instantly after the child finishes,
+ * since httpd is run from inetd (and it can't run standalone
+ * in uClinux).
+ */
+#ifdef BB_NOMMU
+ pid = vfork();
+#else
+ pid = fork();
+#endif
+ if (pid < 0)
+ return 0;
+
+ if (!pid) {
+ /* child process */
+ char *script;
+ char *purl;
+ char realpath_buff[MAXPATHLEN];
+
+ if (config->accepted_socket > 1)
+ close(config->accepted_socket);
+ if (config->server_socket > 1)
+ close(config->server_socket);
+
+ dup2(toCgi[0], 0); // replace stdin with the pipe
+ dup2(fromCgi[1], 1); // replace stdout with the pipe
+ /* Huh? User seeing stderr can be a security problem...
+ * and if CGI really wants that, it can always dup2(1,2)...
+ if (!DEBUG)
+ dup2(fromCgi[1], 2); // replace stderr with the pipe
+ */
+ /* I think we cannot inadvertently close 0, 1 here... */
+ close(toCgi[0]);
+ close(toCgi[1]);
+ close(fromCgi[0]);
+ close(fromCgi[1]);
+
+ /*
+ * Find PATH_INFO.
+ */
+ xfunc_error_retval = 242;
+ purl = xstrdup(url);
+ script = purl;
+ while ((script = strchr(script + 1, '/')) != NULL) {
+ /* have script.cgi/PATH_INFO or dirs/script.cgi[/PATH_INFO] */
+ struct stat sb;
+
+ *script = '\0';
+ if (is_directory(purl + 1, 1, &sb) == 0) {
+ /* not directory, found script.cgi/PATH_INFO */
+ *script = '/';
+ break;
+ }
+ *script = '/'; /* is directory, find next '/' */
+ }
+ setenv1("PATH_INFO", script); /* set /PATH_INFO or "" */
+ /* setenv1("PATH", getenv("PATH")); redundant */
+ setenv1("REQUEST_METHOD", request);
+ if (config->query) {
+ char *uri = alloca(strlen(purl) + 2 + strlen(config->query));
+ if (uri)
+ sprintf(uri, "%s?%s", purl, config->query);
+ setenv1("REQUEST_URI", uri);
+ } else {
+ setenv1("REQUEST_URI", purl);
+ }
+ if (script != NULL)
+ *script = '\0'; /* cut off /PATH_INFO */
+ /* SCRIPT_FILENAME required by PHP in CGI mode */
+ if (!realpath(purl + 1, realpath_buff))
+ goto error_execing_cgi;
+ setenv1("SCRIPT_FILENAME", realpath_buff);
+ /* set SCRIPT_NAME as full path: /cgi-bin/dirs/script.cgi */
+ setenv1("SCRIPT_NAME", purl);
+ /* http://hoohoo.ncsa.uiuc.edu/cgi/env.html:
+ * QUERY_STRING: The information which follows the ? in the URL
+ * which referenced this script. This is the query information.
+ * It should not be decoded in any fashion. This variable
+ * should always be set when there is query information,
+ * regardless of command line decoding. */
+ /* (Older versions of bbox seem to do some decoding) */
+ setenv1("QUERY_STRING", config->query);
+ setenv1("SERVER_SOFTWARE", httpdVersion);
+ putenv((char*)"SERVER_PROTOCOL=HTTP/1.0");
+ putenv((char*)"GATEWAY_INTERFACE=CGI/1.1");
+ /* Having _separate_ variables for IP and port defeats
+ * the purpose of having socket abstraction. Which "port"
+ * are you using on Unix domain socket?
+ * IOW - REMOTE_PEER="1.2.3.4:56" makes much more sense.
+ * Oh well... */
+ {
+ char *p = config->rmt_ip_str ? : (char*)"";
+ char *cp = strrchr(p, ':');
+ if (ENABLE_FEATURE_IPV6 && cp && strchr(cp, ']'))
+ cp = NULL;
+ if (cp) *cp = '\0'; /* delete :PORT */
+ setenv1("REMOTE_ADDR", p);
+ }
+#if ENABLE_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
+ setenv_long("REMOTE_PORT", config->port);
+#endif
+ if (bodyLen)
+ setenv_long("CONTENT_LENGTH", bodyLen);
+ if (cookie)
+ setenv1("HTTP_COOKIE", cookie);
+ if (content_type)
+ setenv1("CONTENT_TYPE", content_type);
+#if ENABLE_FEATURE_HTTPD_BASIC_AUTH
+ if (config->remoteuser) {
+ setenv1("REMOTE_USER", config->remoteuser);
+ putenv((char*)"AUTH_TYPE=Basic");
+ }