2 * uhttpd - Tiny single-threaded httpd - Main component
4 * Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
19 #define _XOPEN_SOURCE 500 /* crypt() */
22 #include "uhttpd-utils.h"
23 #include "uhttpd-file.h"
26 #include "uhttpd-cgi.h"
30 #include "uhttpd-lua.h"
34 #include "uhttpd-tls.h"
40 static void uh_sigterm(int sig
)
45 static void uh_sigchld(int sig
)
47 while( waitpid(-1, NULL
, WNOHANG
) > 0 ) { }
50 static void uh_config_parse(struct config
*conf
)
58 const char *path
= conf
->file
? conf
->file
: "/etc/httpd.conf";
61 if( (c
= fopen(path
, "r")) != NULL
)
63 memset(line
, 0, sizeof(line
));
65 while( fgets(line
, sizeof(line
) - 1, c
) )
67 if( (line
[0] == '/') && (strchr(line
, ':') != NULL
) )
69 if( !(col1
= strchr(line
, ':')) || (*col1
++ = 0) ||
70 !(col2
= strchr(col1
, ':')) || (*col2
++ = 0) ||
71 !(eol
= strchr(col2
, '\n')) || (*eol
++ = 0) )
74 if( !uh_auth_add(line
, col1
, col2
) )
77 "Notice: No password set for user %s, ignoring "
78 "authentication on %s\n", col1
, line
82 else if( !strncmp(line
, "I:", 2) )
84 if( !(col1
= strchr(line
, ':')) || (*col1
++ = 0) ||
85 !(eol
= strchr(col1
, '\n')) || (*eol
++ = 0) )
88 conf
->index_file
= strdup(col1
);
90 else if( !strncmp(line
, "E404:", 5) )
92 if( !(col1
= strchr(line
, ':')) || (*col1
++ = 0) ||
93 !(eol
= strchr(col1
, '\n')) || (*eol
++ = 0) )
96 conf
->error_handler
= strdup(col1
);
99 else if( (line
[0] == '*') && (strchr(line
, ':') != NULL
) )
101 if( !(col1
= strchr(line
, '*')) || (*col1
++ = 0) ||
102 !(col2
= strchr(col1
, ':')) || (*col2
++ = 0) ||
103 !(eol
= strchr(col2
, '\n')) || (*eol
++ = 0) )
106 if( !uh_interpreter_add(col1
, col2
) )
109 "Unable to add interpreter %s for extension %s: "
110 "Out of memory\n", col2
, col1
121 static int uh_socket_bind(
122 fd_set
*serv_fds
, int *max_fd
, const char *host
, const char *port
,
123 struct addrinfo
*hints
, int do_tls
, struct config
*conf
134 struct listener
*l
= NULL
;
135 struct addrinfo
*addrs
= NULL
, *p
= NULL
;
137 if( (status
= getaddrinfo(host
, port
, hints
, &addrs
)) != 0 )
139 fprintf(stderr
, "getaddrinfo(): %s\n", gai_strerror(status
));
142 /* try to bind a new socket to each found address */
143 for( p
= addrs
; p
; p
= p
->ai_next
)
146 if( (sock
= socket(p
->ai_family
, p
->ai_socktype
, p
->ai_protocol
)) == -1 )
152 /* "address already in use" */
153 if( setsockopt(sock
, SOL_SOCKET
, SO_REUSEADDR
, &yes
, sizeof(yes
)) )
155 perror("setsockopt()");
160 if( setsockopt(sock
, SOL_SOCKET
, SO_KEEPALIVE
, &yes
, sizeof(yes
)) ||
161 setsockopt(sock
, SOL_TCP
, TCP_KEEPIDLE
, &tcp_ka_idl
, sizeof(tcp_ka_idl
)) ||
162 setsockopt(sock
, SOL_TCP
, TCP_KEEPINTVL
, &tcp_ka_int
, sizeof(tcp_ka_int
)) ||
163 setsockopt(sock
, SOL_TCP
, TCP_KEEPCNT
, &tcp_ka_cnt
, sizeof(tcp_ka_cnt
)) )
165 fprintf(stderr
, "Notice: Unable to enable TCP keep-alive: %s\n",
169 /* required to get parallel v4 + v6 working */
170 if( p
->ai_family
== AF_INET6
)
172 if( setsockopt(sock
, IPPROTO_IPV6
, IPV6_V6ONLY
, &yes
, sizeof(yes
)) == -1 )
174 perror("setsockopt()");
180 if( bind(sock
, p
->ai_addr
, p
->ai_addrlen
) == -1 )
187 if( listen(sock
, UH_LIMIT_CLIENTS
) == -1 )
193 /* add listener to global list */
194 if( ! (l
= uh_listener_add(sock
, conf
)) )
196 fprintf(stderr
, "uh_listener_add(): Failed to allocate memory\n");
202 l
->tls
= do_tls
? conf
->tls
: NULL
;
205 /* add socket to server fd set */
206 FD_SET(sock
, serv_fds
);
208 *max_fd
= max(*max_fd
, sock
);
223 static struct http_request
* uh_http_header_parse(struct client
*cl
, char *buffer
, int buflen
)
225 char *method
= &buffer
[0];
227 char *version
= NULL
;
229 char *headers
= NULL
;
230 char *hdrname
= NULL
;
231 char *hdrdata
= NULL
;
236 static struct http_request req
;
238 memset(&req
, 0, sizeof(req
));
241 /* terminate initial header line */
242 if( (headers
= strfind(buffer
, buflen
, "\r\n", 2)) != NULL
)
244 buffer
[buflen
-1] = 0;
249 /* find request path */
250 if( (path
= strchr(buffer
, ' ')) != NULL
)
253 /* find http version */
254 if( (path
!= NULL
) && ((version
= strchr(path
, ' ')) != NULL
) )
259 if( strcmp(method
, "GET") && strcmp(method
, "HEAD") && strcmp(method
, "POST") )
262 uh_http_response(cl
, 405, "Method Not Allowed");
270 req
.method
= UH_HTTP_MSG_GET
;
274 req
.method
= UH_HTTP_MSG_HEAD
;
278 req
.method
= UH_HTTP_MSG_POST
;
284 if( !path
|| !strlen(path
) )
286 /* malformed request */
287 uh_http_response(cl
, 400, "Bad Request");
296 if( (version
== NULL
) || (strcmp(version
, "HTTP/0.9") &&
297 strcmp(version
, "HTTP/1.0") && strcmp(version
, "HTTP/1.1")) )
299 /* unsupported version */
300 uh_http_response(cl
, 400, "Bad Request");
305 req
.version
= strtof(&version
[5], NULL
);
309 /* process header fields */
310 for( i
= (int)(headers
- buffer
); i
< buflen
; i
++ )
312 /* found eol and have name + value, push out header tuple */
313 if( hdrname
&& hdrdata
&& (buffer
[i
] == '\r' || buffer
[i
] == '\n') )
318 if( (hdrcount
+ 1) < array_size(req
.headers
) )
320 req
.headers
[hdrcount
++] = hdrname
;
321 req
.headers
[hdrcount
++] = hdrdata
;
323 hdrname
= hdrdata
= NULL
;
329 uh_http_response(cl
, 413, "Request Entity Too Large");
334 /* have name but no value and found a colon, start of value */
335 else if( hdrname
&& !hdrdata
&& ((i
+2) < buflen
) &&
336 (buffer
[i
] == ':') && (buffer
[i
+1] == ' ')
339 hdrdata
= &buffer
[i
+2];
342 /* have no name and found [A-Z], start of name */
343 else if( !hdrname
&& isalpha(buffer
[i
]) && isupper(buffer
[i
]) )
345 hdrname
= &buffer
[i
];
350 req
.redirect_status
= 200;
354 /* Malformed request */
355 uh_http_response(cl
, 400, "Bad Request");
360 static struct http_request
* uh_http_header_recv(struct client
*cl
)
362 static char buffer
[UH_LIMIT_MSGHEAD
];
363 char *bufptr
= &buffer
[0];
366 struct timeval timeout
;
370 ssize_t blen
= sizeof(buffer
)-1;
373 memset(buffer
, 0, sizeof(buffer
));
378 FD_SET(cl
->socket
, &reader
);
380 /* fail after 0.1s */
382 timeout
.tv_usec
= 100000;
384 /* check whether fd is readable */
385 if( select(cl
->socket
+ 1, &reader
, NULL
, NULL
, &timeout
) > 0 )
388 ensure_out(rlen
= uh_tcp_peek(cl
, bufptr
, blen
));
390 if( (idxptr
= strfind(buffer
, sizeof(buffer
), "\r\n\r\n", 4)) )
392 ensure_out(rlen
= uh_tcp_recv(cl
, bufptr
,
393 (int)(idxptr
- bufptr
) + 4));
395 /* header read complete ... */
397 return uh_http_header_parse(cl
, buffer
,
398 sizeof(buffer
) - blen
- 1);
402 ensure_out(rlen
= uh_tcp_recv(cl
, bufptr
, rlen
));
404 /* unexpected eof - #7904 */
414 /* invalid request (unexpected eof/timeout) */
419 /* request entity too large */
420 uh_http_response(cl
, 413, "Request Entity Too Large");
426 #if defined(HAVE_LUA) || defined(HAVE_CGI)
427 static int uh_path_match(const char *prefix
, const char *url
)
429 if( (strstr(url
, prefix
) == url
) &&
430 ((prefix
[strlen(prefix
)-1] == '/') ||
431 (strlen(url
) == strlen(prefix
)) ||
432 (url
[strlen(prefix
)] == '/'))
441 static void uh_dispatch_request(
442 struct client
*cl
, struct http_request
*req
, struct path_info
*pin
445 struct interpreter
*ipr
= NULL
;
447 if( uh_path_match(cl
->server
->conf
->cgi_prefix
, pin
->name
) ||
448 (ipr
= uh_interpreter_lookup(pin
->phys
)) )
450 uh_cgi_request(cl
, req
, pin
, ipr
);
455 uh_file_request(cl
, req
, pin
);
459 static void uh_mainloop(struct config
*conf
, fd_set serv_fds
, int max_fd
)
461 /* master file descriptor list */
462 fd_set used_fds
, read_fds
;
464 /* working structs */
465 struct http_request
*req
;
466 struct path_info
*pin
;
469 /* maximum file descriptor number */
470 int new_fd
, cur_fd
= 0;
472 /* clear the master and temp sets */
476 /* backup server descriptor set */
482 /* create a working copy of the used fd set */
485 /* sleep until socket activity */
486 if( select(max_fd
+ 1, &read_fds
, NULL
, NULL
, NULL
) == -1 )
492 /* run through the existing connections looking for data to be read */
493 for( cur_fd
= 0; cur_fd
<= max_fd
; cur_fd
++ )
495 /* is a socket managed by us */
496 if( FD_ISSET(cur_fd
, &read_fds
) )
498 /* is one of our listen sockets */
499 if( FD_ISSET(cur_fd
, &serv_fds
) )
501 /* handle new connections */
502 if( (new_fd
= accept(cur_fd
, NULL
, 0)) != -1 )
504 /* add to global client list */
505 if( (cl
= uh_client_add(new_fd
, uh_listener_lookup(cur_fd
))) != NULL
)
508 /* setup client tls context */
510 conf
->tls_accept(cl
);
513 /* add client socket to global fdset */
514 FD_SET(new_fd
, &used_fds
);
516 max_fd
= max(max_fd
, new_fd
);
519 /* insufficient resources */
523 "uh_client_add(): Cannot allocate memory\n");
530 /* is a client socket */
533 if( ! (cl
= uh_client_lookup(cur_fd
)) )
535 /* this should not happen! */
537 "uh_client_lookup(): No entry for fd %i!\n",
543 /* parse message header */
544 if( (req
= uh_http_header_recv(cl
)) != NULL
)
546 /* RFC1918 filtering required? */
547 if( conf
->rfc1918_filter
&&
548 sa_rfc1918(&cl
->peeraddr
) &&
549 !sa_rfc1918(&cl
->servaddr
) )
551 uh_http_sendhf(cl
, 403, "Forbidden",
552 "Rejected request from RFC1918 IP "
553 "to public server address");
558 if( conf
->lua_state
&&
559 uh_path_match(conf
->lua_prefix
, req
->url
) )
561 conf
->lua_request(cl
, req
, conf
->lua_state
);
565 /* dispatch request */
566 if( (pin
= uh_path_lookup(cl
, req
->url
)) != NULL
)
569 if( uh_auth_check(cl
, req
, pin
) )
570 uh_dispatch_request(cl
, req
, pin
);
576 /* Try to invoke an error handler */
577 pin
= uh_path_lookup(cl
, conf
->error_handler
);
579 if( pin
&& uh_auth_check(cl
, req
, pin
) )
581 req
->redirect_status
= 404;
582 uh_dispatch_request(cl
, req
, pin
);
586 uh_http_sendhf(cl
, 404, "Not Found",
587 "No such file or directory");
593 /* free client tls context */
600 /* close client socket */
602 FD_CLR(cur_fd
, &used_fds
);
604 /* remove from global client list */
605 uh_client_remove(cur_fd
);
612 /* destroy the Lua state */
613 if( conf
->lua_state
!= NULL
)
614 conf
->lua_close(conf
->lua_state
);
619 int main (int argc
, char **argv
)
621 /* master file descriptor list */
622 fd_set used_fds
, serv_fds
, read_fds
;
624 /* working structs */
625 struct addrinfo hints
;
632 /* maximum file descriptor number */
633 int cur_fd
, max_fd
= 0;
648 #if defined(HAVE_TLS) || defined(HAVE_LUA)
653 /* clear the master and temp sets */
658 /* handle SIGPIPE, SIGINT, SIGTERM, SIGCHLD */
660 sigemptyset(&sa
.sa_mask
);
662 sa
.sa_handler
= SIG_IGN
;
663 sigaction(SIGPIPE
, &sa
, NULL
);
665 sa
.sa_handler
= uh_sigchld
;
666 sigaction(SIGCHLD
, &sa
, NULL
);
668 sa
.sa_handler
= uh_sigterm
;
669 sigaction(SIGINT
, &sa
, NULL
);
670 sigaction(SIGTERM
, &sa
, NULL
);
674 sigaddset(&ss
, SIGCHLD
);
675 sigprocmask(SIG_BLOCK
, &ss
, NULL
);
677 /* prepare addrinfo hints */
678 memset(&hints
, 0, sizeof(hints
));
679 hints
.ai_family
= AF_UNSPEC
;
680 hints
.ai_socktype
= SOCK_STREAM
;
681 hints
.ai_flags
= AI_PASSIVE
;
684 memset(&conf
, 0, sizeof(conf
));
685 memset(bind
, 0, sizeof(bind
));
688 /* load TLS plugin */
689 if( ! (lib
= dlopen("uhttpd_tls.so", RTLD_LAZY
| RTLD_GLOBAL
)) )
692 "Notice: Unable to load TLS plugin - disabling SSL support! "
693 "(Reason: %s)\n", dlerror()
698 /* resolve functions */
699 if( !(conf
.tls_init
= dlsym(lib
, "uh_tls_ctx_init")) ||
700 !(conf
.tls_cert
= dlsym(lib
, "uh_tls_ctx_cert")) ||
701 !(conf
.tls_key
= dlsym(lib
, "uh_tls_ctx_key")) ||
702 !(conf
.tls_free
= dlsym(lib
, "uh_tls_ctx_free")) ||
703 !(conf
.tls_accept
= dlsym(lib
, "uh_tls_client_accept")) ||
704 !(conf
.tls_close
= dlsym(lib
, "uh_tls_client_close")) ||
705 !(conf
.tls_recv
= dlsym(lib
, "uh_tls_client_recv")) ||
706 !(conf
.tls_send
= dlsym(lib
, "uh_tls_client_send"))
709 "Error: Failed to lookup required symbols "
710 "in TLS plugin: %s\n", dlerror()
715 /* init SSL context */
716 if( ! (conf
.tls
= conf
.tls_init()) )
718 fprintf(stderr
, "Error: Failed to initalize SSL context\n");
724 while( (opt
= getopt(argc
, argv
,
725 "fSDRC:K:E:I:p:s:h:c:l:L:d:r:m:x:i:t:T:")) > 0
732 if( (port
= strrchr(optarg
, ':')) != NULL
)
734 if( (optarg
[0] == '[') && (port
> optarg
) && (port
[-1] == ']') )
735 memcpy(bind
, optarg
+ 1,
736 min(sizeof(bind
), (int)(port
- optarg
) - 2));
739 min(sizeof(bind
), (int)(port
- optarg
)));
754 "Notice: TLS support is disabled, "
755 "ignoring '-s %s'\n", optarg
765 bound
+= uh_socket_bind(
766 &serv_fds
, &max_fd
, bind
[0] ? bind
: NULL
, port
,
767 &hints
, (opt
== 's'), &conf
770 memset(bind
, 0, sizeof(bind
));
778 if( conf
.tls_cert(conf
.tls
, optarg
) < 1 )
781 "Error: Invalid certificate file given\n");
794 if( conf
.tls_key(conf
.tls
, optarg
) < 1 )
797 "Error: Invalid private key file given\n");
809 if( ! realpath(optarg
, conf
.docroot
) )
811 fprintf(stderr
, "Error: Invalid directory %s: %s\n",
812 optarg
, strerror(errno
));
819 if( (strlen(optarg
) == 0) || (optarg
[0] != '/') )
821 fprintf(stderr
, "Error: Invalid error handler: %s\n",
825 conf
.error_handler
= optarg
;
830 if( (strlen(optarg
) == 0) || (optarg
[0] == '/') )
832 fprintf(stderr
, "Error: Invalid index page: %s\n",
836 conf
.index_file
= optarg
;
839 /* don't follow symlinks */
841 conf
.no_symlinks
= 1;
844 /* don't list directories */
846 conf
.no_dirlists
= 1;
850 conf
.rfc1918_filter
= 1;
856 conf
.cgi_prefix
= optarg
;
861 if( (optarg
[0] == '.') && (port
= strchr(optarg
, '=')) )
864 uh_interpreter_add(optarg
, port
);
868 fprintf(stderr
, "Error: Invalid interpreter: %s\n",
878 conf
.lua_prefix
= optarg
;
883 conf
.lua_handler
= optarg
;
887 #if defined(HAVE_CGI) || defined(HAVE_LUA)
890 conf
.script_timeout
= atoi(optarg
);
894 /* network timeout */
896 conf
.network_timeout
= atoi(optarg
);
906 if( (port
= malloc(strlen(optarg
)+1)) != NULL
)
908 memset(port
, 0, strlen(optarg
)+1);
909 uh_urldecode(port
, strlen(optarg
), optarg
, strlen(optarg
));
916 /* basic auth realm */
923 printf("%s\n", crypt(optarg
, "$1$"));
934 "Usage: %s -p [addr:]port [-h docroot]\n"
935 " -f Do not fork to background\n"
936 " -c file Configuration file, default is '/etc/httpd.conf'\n"
937 " -p [addr:]port Bind to specified address and port, multiple allowed\n"
939 " -s [addr:]port Like -p but provide HTTPS on this port\n"
940 " -C file ASN.1 server certificate file\n"
941 " -K file ASN.1 server private key file\n"
943 " -h directory Specify the document root, default is '.'\n"
944 " -E string Use given virtual URL as 404 error handler\n"
945 " -I string Use given filename as index page for directories\n"
946 " -S Do not follow symbolic links outside of the docroot\n"
947 " -D Do not allow directory listings, send 403 instead\n"
948 " -R Enable RFC1918 filter\n"
950 " -l string URL prefix for Lua handler, default is '/lua'\n"
951 " -L file Lua handler script, omit to disable Lua\n"
954 " -x string URL prefix for CGI handler, default is '/cgi-bin'\n"
955 " -i .ext=path Use interpreter at path for files with the given extension\n"
957 #if defined(HAVE_CGI) || defined(HAVE_LUA)
958 " -t seconds CGI and Lua script timeout in seconds, default is 60\n"
960 " -T seconds Network timeout in seconds, default is 30\n"
961 " -d string URL decode given string\n"
962 " -r string Specify basic auth realm\n"
963 " -m string MD5 crypt given string\n"
972 if( (tls
== 1) && (keys
< 2) )
974 fprintf(stderr
, "Error: Missing private key or certificate file\n");
981 fprintf(stderr
, "Error: No sockets bound, unable to continue\n");
985 /* default docroot */
986 if( !conf
.docroot
[0] && !realpath(".", conf
.docroot
) )
988 fprintf(stderr
, "Error: Can not determine default document root: %s\n",
995 conf
.realm
= "Protected Area";
998 uh_config_parse(&conf
);
1000 /* default network timeout */
1001 if( conf
.network_timeout
<= 0 )
1002 conf
.network_timeout
= 30;
1004 #if defined(HAVE_CGI) || defined(HAVE_LUA)
1005 /* default script timeout */
1006 if( conf
.script_timeout
<= 0 )
1007 conf
.script_timeout
= 60;
1011 /* default cgi prefix */
1012 if( ! conf
.cgi_prefix
)
1013 conf
.cgi_prefix
= "/cgi-bin";
1017 /* load Lua plugin */
1018 if( ! (lib
= dlopen("uhttpd_lua.so", RTLD_LAZY
| RTLD_GLOBAL
)) )
1021 "Notice: Unable to load Lua plugin - disabling Lua support! "
1022 "(Reason: %s)\n", dlerror()
1027 /* resolve functions */
1028 if( !(conf
.lua_init
= dlsym(lib
, "uh_lua_init")) ||
1029 !(conf
.lua_close
= dlsym(lib
, "uh_lua_close")) ||
1030 !(conf
.lua_request
= dlsym(lib
, "uh_lua_request"))
1033 "Error: Failed to lookup required symbols "
1034 "in Lua plugin: %s\n", dlerror()
1039 /* init Lua runtime if handler is specified */
1040 if( conf
.lua_handler
)
1042 /* default lua prefix */
1043 if( ! conf
.lua_prefix
)
1044 conf
.lua_prefix
= "/lua";
1046 conf
.lua_state
= conf
.lua_init(conf
.lua_handler
);
1051 /* fork (if not disabled) */
1065 if( (cur_fd
= open("/dev/null", O_WRONLY
)) > -1 )
1068 if( (cur_fd
= open("/dev/null", O_RDONLY
)) > -1 )
1071 if( (cur_fd
= open("/dev/null", O_RDONLY
)) > -1 )
1081 /* server main loop */
1082 uh_mainloop(&conf
, serv_fds
, max_fd
);
1085 /* destroy the Lua state */
1086 if( conf
.lua_state
!= NULL
)
1087 conf
.lua_close(conf
.lua_state
);
This page took 0.089904 seconds and 5 git commands to generate.