- use RESERVE_CONFIG_BUFFER. For defconfig this gives:

[oweals/busybox.git] / networking / httpd.c

diff --git a/networking/httpd.c b/networking/httpd.c
index 76c4346283087bfa056e221bd13411ea96cf29e9..6e80fd9bed9440b2556b8928f0108ed82386891c 100644 (file)
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -2,7 +2,7 @@
  * httpd implementation for busybox
  *
  * Copyright (C) 2002,2003 Glenn Engel <glenne@engel.org>
- * Copyright (C) 2003,2004 Vladimir Oleynik <dzo@simtreas.ru>
+ * Copyright (C) 2003-2006 Vladimir Oleynik <dzo@simtreas.ru>
  *
  * simplify patch stolen from libbb without using strdup
  *
@@ -54,6 +54,7 @@
  * /adm:admin:setup  # Require user admin, pwd setup on urls starting with /adm/
  * /adm:toor:PaSsWd  # or user toor, pwd PaSsWd on urls starting with /adm/
  * .au:audio/basic   # additional mime type for audio.au files
+ * *.php:/path/php   # running cgi.php scripts through an interpreter
  *
  * A/D may be as a/d or allow/deny - first char case insensitive
  * Deny IP rules take precedence over allow rules.
@@ -123,8 +124,10 @@ static const char home[] = "./";
 
 #ifdef CONFIG_LFS
 # define cont_l_fmt "%lld"
+# define cont_l_type (long long)
 #else
 # define cont_l_fmt "%ld"
+# define cont_l_type (long)
 #endif
 
 #define TIMEOUT 60
@@ -237,16 +240,12 @@ typedef struct
 {
   char buf[MAX_MEMORY_BUFF];
 
-#ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
-  const char *realm;
-  char *remoteuser;
-#endif
+  USE_FEATURE_HTTPD_BASIC_AUTH(const char *realm;)
+  USE_FEATURE_HTTPD_BASIC_AUTH(char *remoteuser;)
 
   const char *query;
 
-#ifdef CONFIG_FEATURE_HTTPD_CGI
-  char *referer;
-#endif
+  USE_FEATURE_HTTPD_CGI(char *referer;)
 
   const char *configFile;
 
@@ -283,6 +282,9 @@ typedef struct
 #endif
   volatile int alarm_signaled;
 
+#ifdef CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
+  Htaccess *script_i;           /* config script interpreters */
+#endif
 } HttpdConfig;
 
 static HttpdConfig *config;
@@ -527,7 +529,7 @@ static void parse_conf(const char *path, int flag)
 
     config->flg_deny_all = 0;
 
-#if defined(CONFIG_FEATURE_HTTPD_BASIC_AUTH) || defined(CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES)
+#if defined(CONFIG_FEATURE_HTTPD_BASIC_AUTH) || defined(CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES) || defined(CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR)
     /* retain previous auth and mime config only for subdir parse */
     if(flag != SUBDIR_PARSE) {
 #ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
@@ -535,6 +537,9 @@ static void parse_conf(const char *path, int flag)
 #endif
 #ifdef CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES
        free_config_lines(&config->mime_a);
+#endif
+#ifdef CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
+       free_config_lines(&config->script_i);
 #endif
     }
 #endif
@@ -598,6 +603,9 @@ static void parse_conf(const char *path, int flag)
 #endif
 #ifdef CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES
           && *p0 != '.'
+#endif
+#ifdef CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
+          && *p0 != '*'
 #endif
          )
               continue;
@@ -670,7 +678,7 @@ static void parse_conf(const char *path, int flag)
        }
 #endif
 
-#if defined(CONFIG_FEATURE_HTTPD_BASIC_AUTH) || defined(CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES)
+#if defined(CONFIG_FEATURE_HTTPD_BASIC_AUTH) || defined(CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES) || defined(CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR)
        /* storing current config line */
        cur = calloc(1, sizeof(Htaccess) + strlen(p0));
        if(cur) {
@@ -686,6 +694,14 @@ static void parse_conf(const char *path, int flag)
                continue;
            }
 #endif
+#ifdef CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
+           if(*cf == '*' && cf[1] == '.') {
+               /* config script interpreter line move top for overwrite previous */
+               cur->next = config->script_i;
+               config->script_i = cur;
+               continue;
+           }
+#endif
 #ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
            free(p0);
            if(prev == NULL) {
@@ -747,7 +763,7 @@ static char *encodeString(const char *string)
   /* take the simple route and encode everything */
   /* could possibly scan once to get length.     */
   int len = strlen(string);
-  char *out = malloc(len*5 +1);
+  char *out = malloc(len * 6 + 1);
   char *p=out;
   char ch;
 
@@ -792,10 +808,21 @@ static char *decodeString(char *orig, int flag_plus_to_space)
     if (*ptr == '+' && flag_plus_to_space)    { *string++ = ' '; ptr++; }
     else if (*ptr != '%') *string++ = *ptr++;
     else  {
-      unsigned int value;
-      sscanf(ptr+1, "%2X", &value);
-      *string++ = value;
-      ptr += 3;
+      unsigned int value1, value2;
+
+      ptr++;
+      if(sscanf(ptr, "%1X", &value1) != 1 ||
+                               sscanf(ptr+1, "%1X", &value2) != 1) {
+       if(!flag_plus_to_space)
+               return NULL;
+       *string++ = '%';
+      } else {
+       value1 = value1 * 16 + value2;
+       if(value1 == '/' || value1 == 0)
+               return orig+1;
+       *string++ = value1;
+       ptr += 2;
+      }
     }
   }
   *string = '\0';
@@ -997,7 +1024,7 @@ static int sendHeaders(HttpResponseNum responseNum)
   /* emit the current date */
   strftime(timeStr, sizeof(timeStr), RFC1123FMT, gmtime(&timer));
   len = sprintf(buf,
-       "HTTP/1.0 %d %s\nContent-type: %s\r\n"
+       "HTTP/1.0 %d %s\r\nContent-type: %s\r\n"
        "Date: %s\r\nConnection: close\r\n",
          responseNum, responseString, mime_type, timeStr);
 
@@ -1017,7 +1044,7 @@ static int sendHeaders(HttpResponseNum responseNum)
   if (config->ContentLength != -1) {    /* file */
     strftime(timeStr, sizeof(timeStr), RFC1123FMT, gmtime(&config->last_mod));
     len += sprintf(buf+len, "Last-Modified: %s\r\n%s " cont_l_fmt "\r\n",
-                             timeStr, Content_length, config->ContentLength);
+                             timeStr, Content_length, cont_l_type config->ContentLength);
   }
   strcat(buf, "\r\n");
   len += 2;
@@ -1206,11 +1233,29 @@ static int sendCgi(const char *url,
            if(script) {
                *script = '\0';
                if(chdir(realpath_buff) == 0) {
-                 *script = '/';
                  // now run the program.  If it fails,
                  // use _exit() so no destructors
                  // get called and make a mess.
-                 execv(realpath_buff, argp);
+#ifdef CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
+                 char *interpr = NULL;
+                 char *suffix = strrchr(purl, '.');
+
+                 if(suffix) {
+                       Htaccess * cur;
+                       for (cur = config->script_i; cur; cur = cur->next)
+                               if(strcmp(cur->before_colon + 1, suffix) == 0) {
+                                       interpr = cur->after_colon;
+                                       break;
+                               }
+                 }
+#endif
+                 *script = '/';
+#ifdef CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
+                 if (interpr)
+                       execv(interpr, argp);
+                 else
+#endif
+                       execv(realpath_buff, argp);
                }
            }
       }
@@ -1314,11 +1359,11 @@ static int sendCgi(const char *url,
          if (firstLine) {
            rbuf[count] = 0;
            /* check to see if the user script added headers */
-           if(strncmp(rbuf, "HTTP/1.0 200 OK\n", 4) != 0) {
-             bb_full_write(s, "HTTP/1.0 200 OK\n", 16);
+           if(strncmp(rbuf, "HTTP/1.0 200 OK\r\n", 4) != 0) {
+             bb_full_write(s, "HTTP/1.0 200 OK\r\n", 17);
            }
            if (strstr(rbuf, "ontent-") == 0) {
-             bb_full_write(s, "Content-type: text/plain\n\n", 26);
+             bb_full_write(s, "Content-type: text/plain\r\n\r\n", 28);
            }
            firstLine = 0;
          }
@@ -1522,9 +1567,9 @@ set_remoteuser_var:
 
 /****************************************************************************
  *
- > $Function: handleIncoming()
+ > $Function: handle_sigalrm()
  *
- * $Description: Handle an incoming http request.
+ * $Description: Handle timeouts
  *
  ****************************************************************************/
 
@@ -1604,7 +1649,6 @@ BAD_REQUEST:
     *purl = ' ';
     count = sscanf(purl, " %[^ ] HTTP/%d.%*d", buf, &blank);
 
-    decodeString(buf, 0);
     if (count < 1 || buf[0] != '/') {
       /* Garbled request/URL */
       goto BAD_REQUEST;
@@ -1622,6 +1666,13 @@ BAD_REQUEST:
       config->query = test;
     }
 
+    test = decodeString(url, 0);
+    if(test == NULL)
+       goto BAD_REQUEST;
+    if(test == (buf+1)) {
+       sendHeaders(HTTP_NOT_FOUND);
+       break;
+    }
     /* algorithm stolen from libbb bb_simplify_path(),
        but don`t strdup and reducing trailing slash and protect out root */
     purl = test = url;
@@ -1936,39 +1987,42 @@ static void sighup_handler(int sig)
 }
 #endif
 
+enum httpd_opts_nums {
+       c_opt_config_file = 0,
+       d_opt_decode_url,
+       h_opt_home_httpd,
+       USE_FEATURE_HTTPD_ENCODE_URL_STR(e_opt_encode_url,)
+       USE_FEATURE_HTTPD_BASIC_AUTH(r_opt_realm,)
+       USE_FEATURE_HTTPD_AUTH_MD5(m_opt_md5,)
+       USE_FEATURE_HTTPD_SETUID(u_opt_setuid,)
+       SKIP_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY(p_opt_port,)
+};
 
 static const char httpd_opts[]="c:d:h:"
-#ifdef CONFIG_FEATURE_HTTPD_ENCODE_URL_STR
-                               "e:"
-#endif
-#define OPT_INC_1 ENABLE_FEATURE_HTTPD_ENCODE_URL_STR
+       USE_FEATURE_HTTPD_ENCODE_URL_STR("e:")
+       USE_FEATURE_HTTPD_BASIC_AUTH("r:")
+       USE_FEATURE_HTTPD_AUTH_MD5("m:")
+       USE_FEATURE_HTTPD_SETUID("u:")
+       SKIP_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY("p:");
 
-#ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
-                               "r:"
-#endif
-#define OPT_INC_2 ENABLE_FEATURE_HTTPD_BASIC_AUTH
+#define OPT_CONFIG_FILE (1<<c_opt_config_file)
+#define OPT_DECODE_URL  (1<<d_opt_decode_url)
+#define OPT_HOME_HTTPD  (1<<h_opt_home_httpd)
 
-#ifdef CONFIG_FEATURE_HTTPD_AUTH_MD5
-                               "m:"
-#endif
-#define OPT_INC_3 ENABLE_FEATURE_HTTPD_AUTH_MD5
+#define OPT_ENCODE_URL  USE_FEATURE_HTTPD_ENCODE_URL_STR((1<<e_opt_encode_url)) \
+                       SKIP_FEATURE_HTTPD_ENCODE_URL_STR(0)
 
-#ifndef CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY
-                               "p:"
-#endif
-#ifdef CONFIG_FEATURE_HTTPD_SETUID
-                               "u:"
-#endif
-                                       ;
+#define OPT_REALM       USE_FEATURE_HTTPD_BASIC_AUTH((1<<r_opt_realm)) \
+                       SKIP_FEATURE_HTTPD_BASIC_AUTH(0)
+
+#define OPT_MD5         USE_FEATURE_HTTPD_AUTH_MD5((1<<m_opt_md5)) \
+                       SKIP_FEATURE_HTTPD_AUTH_MD5(0)
 
-#define OPT_CONFIG_FILE (1<<0)                                    /* c */
-#define OPT_DECODE_URL  (1<<1)                                    /* d */
-#define OPT_HOME_HTTPD  (1<<2)                                    /* h */
-#define OPT_ENCODE_URL  (1<<(2+OPT_INC_1))                        /* e */
-#define OPT_REALM       (1<<(2+OPT_INC_1+OPT_INC_2))              /* r */
-#define OPT_MD5         (1<<(2+OPT_INC_1+OPT_INC_2+OPT_INC_3))    /* m */
-#define OPT_PORT        (1<<(3+OPT_INC_1+OPT_INC_2+OPT_INC_3))    /* p */
-#define OPT_SETUID      (1<<(4+OPT_INC_1+OPT_INC_2+OPT_INC_3))    /* u */
+#define OPT_SETUID      USE_FEATURE_HTTPD_SETUID((1<<u_opt_setuid)) \
+                       SKIP_FEATURE_HTTPD_SETUID(0)
+
+#define OPT_PORT        SKIP_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY((1<<p_opt_port)) \
+                       USE_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY(0)
 
 
 #ifdef HTTPD_STANDALONE
@@ -1980,22 +2034,14 @@ int httpd_main(int argc, char *argv[])
   unsigned long opt;
   const char *home_httpd = home;
   char *url_for_decode;
-#ifdef CONFIG_FEATURE_HTTPD_ENCODE_URL_STR
-  const char *url_for_encode;
-#endif
-#ifndef CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY
-  const char *s_port;
-  int server;
-#endif
+  USE_FEATURE_HTTPD_ENCODE_URL_STR(const char *url_for_encode;)
+  SKIP_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY(const char *s_port;)
+  SKIP_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY(int server;)
 
-#ifdef CONFIG_FEATURE_HTTPD_SETUID
-  const char *s_uid;
-  long uid = -1;
-#endif
+  USE_FEATURE_HTTPD_SETUID(const char *s_uid;)
+  USE_FEATURE_HTTPD_SETUID(long uid = -1;)
 
-#ifdef CONFIG_FEATURE_HTTPD_AUTH_MD5
-  const char *pass;
-#endif
+  USE_FEATURE_HTTPD_AUTH_MD5(const char *pass;)
 
   config = xcalloc(1, sizeof(*config));
 #ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
@@ -2010,22 +2056,12 @@ int httpd_main(int argc, char *argv[])
 
   opt = bb_getopt_ulflags(argc, argv, httpd_opts,
                        &(config->configFile), &url_for_decode, &home_httpd
-#ifdef CONFIG_FEATURE_HTTPD_ENCODE_URL_STR
-                       , &url_for_encode
-#endif
-#ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
-                       , &(config->realm)
-# ifdef CONFIG_FEATURE_HTTPD_AUTH_MD5
-                       , &pass
-# endif
-#endif
-#ifndef CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY
-                       , &s_port
-#endif
-#ifdef CONFIG_FEATURE_HTTPD_SETUID
-                       , &s_uid
-#endif
-    );
+                       USE_FEATURE_HTTPD_ENCODE_URL_STR(, &url_for_encode)
+                       USE_FEATURE_HTTPD_BASIC_AUTH(, &(config->realm))
+                       USE_FEATURE_HTTPD_AUTH_MD5(, &pass)
+                       USE_FEATURE_HTTPD_SETUID(, &s_uid)
+                       SKIP_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY(, &s_port)
+       );
 
   if(opt & OPT_DECODE_URL) {
       printf("%s", decodeString(url_for_decode, 1));