123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544 |
- /*
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
- /* Very basic HTTP server */
- #if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
- /*
- * On VMS, you need to define this to get the declaration of fileno(). The
- * value 2 is to make sure no function defined in POSIX-2 is left undefined.
- */
- # define _POSIX_C_SOURCE 2
- #endif
- #include <ctype.h>
- #include "http_server.h"
- #include "internal/sockets.h"
- #include <openssl/err.h>
- #include <openssl/trace.h>
- #include <openssl/rand.h>
- #include "s_apps.h"
- #include "log.h"
- #define HTTP_PREFIX "HTTP/"
- #define HTTP_VERSION_PATT "1." /* allow 1.x */
- #define HTTP_PREFIX_VERSION HTTP_PREFIX""HTTP_VERSION_PATT
- #define HTTP_1_0 HTTP_PREFIX_VERSION"0" /* "HTTP/1.0" */
- #define HTTP_VERSION_STR " "HTTP_PREFIX_VERSION
- #define log_HTTP(prog, level, text) \
- trace_log_message(OSSL_TRACE_CATEGORY_HTTP, prog, level, "%s", text)
- #define log_HTTP1(prog, level, fmt, arg) \
- trace_log_message(OSSL_TRACE_CATEGORY_HTTP, prog, level, fmt, arg)
- #define log_HTTP2(prog, level, fmt, arg1, arg2) \
- trace_log_message(OSSL_TRACE_CATEGORY_HTTP, prog, level, fmt, arg1, arg2)
- #define log_HTTP3(prog, level, fmt, a1, a2, a3) \
- trace_log_message(OSSL_TRACE_CATEGORY_HTTP, prog, level, fmt, a1, a2, a3)
- #ifdef HTTP_DAEMON
- int n_responders = 0; /* run multiple responder processes, set by ocsp.c */
- int acfd = (int)INVALID_SOCKET;
- void socket_timeout(int signum)
- {
- if (acfd != (int)INVALID_SOCKET)
- (void)shutdown(acfd, SHUT_RD);
- }
- static void killall(int ret, pid_t *kidpids)
- {
- int i;
- for (i = 0; i < n_responders; ++i)
- if (kidpids[i] != 0)
- (void)kill(kidpids[i], SIGTERM);
- OPENSSL_free(kidpids);
- OSSL_sleep(1000);
- exit(ret);
- }
- static int termsig = 0;
- static void noteterm(int sig)
- {
- termsig = sig;
- }
- /*
- * Loop spawning up to `multi` child processes, only child processes return
- * from this function. The parent process loops until receiving a termination
- * signal, kills extant children and exits without returning.
- */
- void spawn_loop(const char *prog)
- {
- pid_t *kidpids = NULL;
- int status;
- int procs = 0;
- int i;
- openlog(prog, LOG_PID, LOG_DAEMON);
- if (setpgid(0, 0)) {
- log_HTTP1(prog, LOG_CRIT,
- "error detaching from parent process group: %s",
- strerror(errno));
- exit(1);
- }
- kidpids = app_malloc(n_responders * sizeof(*kidpids), "child PID array");
- for (i = 0; i < n_responders; ++i)
- kidpids[i] = 0;
- signal(SIGINT, noteterm);
- signal(SIGTERM, noteterm);
- while (termsig == 0) {
- pid_t fpid;
- /*
- * Wait for a child to replace when we're at the limit.
- * Slow down if a child exited abnormally or waitpid() < 0
- */
- while (termsig == 0 && procs >= n_responders) {
- if ((fpid = waitpid(-1, &status, 0)) > 0) {
- for (i = 0; i < procs; ++i) {
- if (kidpids[i] == fpid) {
- kidpids[i] = 0;
- --procs;
- break;
- }
- }
- if (i >= n_responders) {
- log_HTTP1(prog, LOG_CRIT,
- "internal error: no matching child slot for pid: %ld",
- (long)fpid);
- killall(1, kidpids);
- }
- if (status != 0) {
- if (WIFEXITED(status)) {
- log_HTTP2(prog, LOG_WARNING,
- "child process: %ld, exit status: %d",
- (long)fpid, WEXITSTATUS(status));
- } else if (WIFSIGNALED(status)) {
- char *dumped = "";
- # ifdef WCOREDUMP
- if (WCOREDUMP(status))
- dumped = " (core dumped)";
- # endif
- log_HTTP3(prog, LOG_WARNING,
- "child process: %ld, term signal %d%s",
- (long)fpid, WTERMSIG(status), dumped);
- }
- OSSL_sleep(1000);
- }
- break;
- } else if (errno != EINTR) {
- log_HTTP1(prog, LOG_CRIT,
- "waitpid() failed: %s", strerror(errno));
- killall(1, kidpids);
- }
- }
- if (termsig)
- break;
- switch (fpid = fork()) {
- case -1: /* error */
- /* System critically low on memory, pause and try again later */
- OSSL_sleep(30000);
- break;
- case 0: /* child */
- OPENSSL_free(kidpids);
- signal(SIGINT, SIG_DFL);
- signal(SIGTERM, SIG_DFL);
- if (termsig)
- _exit(0);
- if (RAND_poll() <= 0) {
- log_HTTP(prog, LOG_CRIT, "RAND_poll() failed");
- _exit(1);
- }
- return;
- default: /* parent */
- for (i = 0; i < n_responders; ++i) {
- if (kidpids[i] == 0) {
- kidpids[i] = fpid;
- procs++;
- break;
- }
- }
- if (i >= n_responders) {
- log_HTTP(prog, LOG_CRIT,
- "internal error: no free child slots");
- killall(1, kidpids);
- }
- break;
- }
- }
- /* The loop above can only break on termsig */
- log_HTTP1(prog, LOG_INFO, "terminating on signal: %d", termsig);
- killall(0, kidpids);
- }
- #endif
- #ifndef OPENSSL_NO_SOCK
- BIO *http_server_init(const char *prog, const char *port, int verb)
- {
- BIO *acbio = NULL, *bufbio;
- int asock;
- int port_num;
- char name[40];
- BIO_snprintf(name, sizeof(name), "*:%s", port); /* port may be "0" */
- if (verb >= 0 && !log_set_verbosity(prog, verb))
- return NULL;
- bufbio = BIO_new(BIO_f_buffer());
- if (bufbio == NULL)
- goto err;
- acbio = BIO_new(BIO_s_accept());
- if (acbio == NULL
- || BIO_set_bind_mode(acbio, BIO_BIND_REUSEADDR) < 0
- || BIO_set_accept_name(acbio, name) < 0) {
- log_HTTP(prog, LOG_ERR, "error setting up accept BIO");
- goto err;
- }
- BIO_set_accept_bios(acbio, bufbio);
- bufbio = NULL;
- if (BIO_do_accept(acbio) <= 0) {
- log_HTTP1(prog, LOG_ERR, "error setting accept on port %s", port);
- goto err;
- }
- /* Report back what address and port are used */
- BIO_get_fd(acbio, &asock);
- port_num = report_server_accept(bio_out, asock, 1, 1);
- if (port_num == 0) {
- log_HTTP(prog, LOG_ERR, "error printing ACCEPT string");
- goto err;
- }
- return acbio;
- err:
- ERR_print_errors(bio_err);
- BIO_free_all(acbio);
- BIO_free(bufbio);
- return NULL;
- }
- /*
- * Decode %xx URL-decoding in-place. Ignores malformed sequences.
- */
- static int urldecode(char *p)
- {
- unsigned char *out = (unsigned char *)p;
- unsigned char *save = out;
- for (; *p; p++) {
- if (*p != '%') {
- *out++ = *p;
- } else if (isxdigit(_UC(p[1])) && isxdigit(_UC(p[2]))) {
- /* Don't check, can't fail because of ixdigit() call. */
- *out++ = (OPENSSL_hexchar2int(p[1]) << 4)
- | OPENSSL_hexchar2int(p[2]);
- p += 2;
- } else {
- return -1;
- }
- }
- *out = '\0';
- return (int)(out - save);
- }
- /* if *pcbio != NULL, continue given connected session, else accept new */
- /* if found_keep_alive != NULL, return this way connection persistence state */
- int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq,
- char **ppath, BIO **pcbio, BIO *acbio,
- int *found_keep_alive,
- const char *prog, int accept_get, int timeout)
- {
- BIO *cbio = *pcbio, *getbio = NULL, *b64 = NULL;
- int len;
- char reqbuf[2048], inbuf[2048];
- char *meth, *url, *end;
- ASN1_VALUE *req;
- int ret = 0;
- *preq = NULL;
- if (ppath != NULL)
- *ppath = NULL;
- if (cbio == NULL) {
- char *port;
- get_sock_info_address(BIO_get_fd(acbio, NULL), NULL, &port);
- if (port == NULL) {
- log_HTTP(prog, LOG_ERR, "cannot get port listening on");
- goto fatal;
- }
- log_HTTP1(prog, LOG_DEBUG,
- "awaiting new connection on port %s ...", port);
- OPENSSL_free(port);
- if (BIO_do_accept(acbio) <= 0)
- /* Connection loss before accept() is routine, ignore silently */
- return ret;
- *pcbio = cbio = BIO_pop(acbio);
- } else {
- log_HTTP(prog, LOG_DEBUG, "awaiting next request ...");
- }
- if (cbio == NULL) {
- /* Cannot call http_server_send_status(..., cbio, ...) */
- ret = -1;
- goto out;
- }
- # ifdef HTTP_DAEMON
- if (timeout > 0) {
- (void)BIO_get_fd(cbio, &acfd);
- alarm(timeout);
- }
- # endif
- /* Read the request line. */
- len = BIO_gets(cbio, reqbuf, sizeof(reqbuf));
- if (len == 0)
- return ret;
- ret = 1;
- if (len < 0) {
- log_HTTP(prog, LOG_WARNING, "request line read error");
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- if (((end = strchr(reqbuf, '\r')) != NULL && end[1] == '\n')
- || (end = strchr(reqbuf, '\n')) != NULL)
- *end = '\0';
- if (log_get_verbosity() < LOG_TRACE)
- trace_log_message(-1, prog, LOG_INFO,
- "received request, 1st line: %s", reqbuf);
- log_HTTP(prog, LOG_TRACE, "received request header:");
- log_HTTP1(prog, LOG_TRACE, "%s", reqbuf);
- if (end == NULL) {
- log_HTTP(prog, LOG_WARNING,
- "cannot parse HTTP header: missing end of line");
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- url = meth = reqbuf;
- if ((accept_get && CHECK_AND_SKIP_PREFIX(url, "GET "))
- || CHECK_AND_SKIP_PREFIX(url, "POST ")) {
- /* Expecting (GET|POST) {sp} /URL {sp} HTTP/1.x */
- url[-1] = '\0';
- while (*url == ' ')
- url++;
- if (*url != '/') {
- log_HTTP2(prog, LOG_WARNING,
- "invalid %s -- URL does not begin with '/': %s",
- meth, url);
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- url++;
- /* Splice off the HTTP version identifier. */
- for (end = url; *end != '\0'; end++)
- if (*end == ' ')
- break;
- if (!HAS_PREFIX(end, HTTP_VERSION_STR)) {
- log_HTTP2(prog, LOG_WARNING,
- "invalid %s -- bad HTTP/version string: %s",
- meth, end + 1);
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- *end = '\0';
- /* above HTTP 1.0, connection persistence is the default */
- if (found_keep_alive != NULL)
- *found_keep_alive = end[sizeof(HTTP_VERSION_STR) - 1] > '0';
- /*-
- * Skip "GET / HTTP..." requests often used by load-balancers.
- * 'url' was incremented above to point to the first byte *after*
- * the leading slash, so in case 'GET / ' it is now an empty string.
- */
- if (strlen(meth) == 3 && url[0] == '\0') {
- (void)http_server_send_status(prog, cbio, 200, "OK");
- goto out;
- }
- len = urldecode(url);
- if (len < 0) {
- log_HTTP2(prog, LOG_WARNING,
- "invalid %s request -- bad URL encoding: %s", meth, url);
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- if (strlen(meth) == 3) { /* GET */
- if ((getbio = BIO_new_mem_buf(url, len)) == NULL
- || (b64 = BIO_new(BIO_f_base64())) == NULL) {
- log_HTTP1(prog, LOG_ERR,
- "could not allocate base64 bio with size = %d", len);
- goto fatal;
- }
- BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
- getbio = BIO_push(b64, getbio);
- }
- } else {
- log_HTTP2(prog, LOG_WARNING,
- "HTTP request does not begin with %sPOST: %s",
- accept_get ? "GET or " : "", reqbuf);
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- /* chop any further/duplicate leading or trailing '/' */
- while (*url == '/')
- url++;
- while (end >= url + 2 && end[-2] == '/' && end[-1] == '/')
- end--;
- *end = '\0';
- /* Read and skip past the headers. */
- for (;;) {
- char *key, *value;
- len = BIO_gets(cbio, inbuf, sizeof(inbuf));
- if (len <= 0) {
- log_HTTP(prog, LOG_WARNING, "error reading HTTP header");
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- if (((end = strchr(inbuf, '\r')) != NULL && end[1] == '\n')
- || (end = strchr(inbuf, '\n')) != NULL)
- *end = '\0';
- log_HTTP1(prog, LOG_TRACE, "%s", *inbuf == '\0' ?
- " " /* workaround for "" getting ignored */ : inbuf);
- if (end == NULL) {
- log_HTTP(prog, LOG_WARNING,
- "error parsing HTTP header: missing end of line");
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- if (inbuf[0] == '\0')
- break;
- key = inbuf;
- value = strchr(key, ':');
- if (value == NULL) {
- log_HTTP(prog, LOG_WARNING,
- "error parsing HTTP header: missing ':'");
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- goto out;
- }
- *(value++) = '\0';
- while (*value == ' ')
- value++;
- /* https://tools.ietf.org/html/rfc7230#section-6.3 Persistence */
- if (found_keep_alive != NULL
- && OPENSSL_strcasecmp(key, "Connection") == 0) {
- if (OPENSSL_strcasecmp(value, "keep-alive") == 0)
- *found_keep_alive = 1;
- else if (OPENSSL_strcasecmp(value, "close") == 0)
- *found_keep_alive = 0;
- }
- }
- # ifdef HTTP_DAEMON
- /* Clear alarm before we close the client socket */
- alarm(0);
- timeout = 0;
- # endif
- /* Try to read and parse request */
- req = ASN1_item_d2i_bio(it, getbio != NULL ? getbio : cbio, NULL);
- if (req == NULL) {
- log_HTTP(prog, LOG_WARNING,
- "error parsing DER-encoded request content");
- (void)http_server_send_status(prog, cbio, 400, "Bad Request");
- } else if (ppath != NULL && (*ppath = OPENSSL_strdup(url)) == NULL) {
- log_HTTP1(prog, LOG_ERR,
- "out of memory allocating %zu bytes", strlen(url) + 1);
- ASN1_item_free(req, it);
- goto fatal;
- }
- *preq = req;
- out:
- BIO_free_all(getbio);
- # ifdef HTTP_DAEMON
- if (timeout > 0)
- alarm(0);
- acfd = (int)INVALID_SOCKET;
- # endif
- return ret;
- fatal:
- (void)http_server_send_status(prog, cbio, 500, "Internal Server Error");
- if (ppath != NULL) {
- OPENSSL_free(*ppath);
- *ppath = NULL;
- }
- BIO_free_all(cbio);
- *pcbio = NULL;
- ret = -1;
- goto out;
- }
- /* assumes that cbio does not do an encoding that changes the output length */
- int http_server_send_asn1_resp(const char *prog, BIO *cbio, int keep_alive,
- const char *content_type,
- const ASN1_ITEM *it, const ASN1_VALUE *resp)
- {
- char buf[200], *p;
- int ret = BIO_snprintf(buf, sizeof(buf), HTTP_1_0" 200 OK\r\n%s"
- "Content-type: %s\r\n"
- "Content-Length: %d\r\n",
- keep_alive ? "Connection: keep-alive\r\n" : "",
- content_type,
- ASN1_item_i2d(resp, NULL, it));
- if (ret < 0 || (size_t)ret >= sizeof(buf))
- return 0;
- if (log_get_verbosity() < LOG_TRACE && (p = strchr(buf, '\r')) != NULL)
- trace_log_message(-1, prog, LOG_INFO,
- "sending response, 1st line: %.*s", (int)(p - buf),
- buf);
- log_HTTP1(prog, LOG_TRACE, "sending response header:\n%s", buf);
- ret = BIO_printf(cbio, "%s\r\n", buf) > 0
- && ASN1_item_i2d_bio(it, cbio, resp) > 0;
- (void)BIO_flush(cbio);
- return ret;
- }
- int http_server_send_status(const char *prog, BIO *cbio,
- int status, const char *reason)
- {
- char buf[200];
- int ret = BIO_snprintf(buf, sizeof(buf), HTTP_1_0" %d %s\r\n\r\n",
- /* This implicitly cancels keep-alive */
- status, reason);
- if (ret < 0 || (size_t)ret >= sizeof(buf))
- return 0;
- log_HTTP1(prog, LOG_TRACE, "sending response header:\n%s", buf);
- ret = BIO_printf(cbio, "%s\r\n", buf) > 0;
- (void)BIO_flush(cbio);
- return ret;
- }
- #endif
|