2 * Copyright (c) 2021 Omar Polo <op@omarpolo.com>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
30 send_string(int fd, const char *str)
39 if (write(fd, &len, sizeof(len)) != sizeof(len))
43 if (write(fd, str, len) != len)
50 recv_string(int fd, char **ret)
54 if (read(fd, &len, sizeof(len)) != sizeof(len))
62 if ((*ret = calloc(1, len+1)) == NULL)
65 if (read(fd, *ret, len) != len)
71 send_iri(int fd, struct iri *i)
73 return send_string(fd, i->schema)
74 && send_string(fd, i->host)
75 && send_string(fd, i->port)
76 && send_string(fd, i->path)
77 && send_string(fd, i->query);
81 recv_iri(int fd, struct iri *i)
83 memset(i, 0, sizeof(*i));
85 if (!recv_string(fd, &i->schema)
86 || !recv_string(fd, &i->host)
87 || !recv_string(fd, &i->port)
88 || !recv_string(fd, &i->path)
89 || !recv_string(fd, &i->query))
96 free_recvd_iri(struct iri *i)
106 send_vhost(int fd, struct vhost *vhost)
110 if (vhost < hosts || vhost > hosts + HOSTSLEN)
114 return write(fd, &n, sizeof(n)) == sizeof(n);
118 recv_vhost(int fd, struct vhost **vhost)
122 if (read(fd, &n, sizeof(n)) != sizeof(n))
125 if (n < 0 || n > HOSTSLEN)
129 if ((*vhost)->domain == NULL)
134 /* send d though fd. see /usr/src/usr.sbin/syslogd/privsep_fdpass.c
137 send_fd(int fd, int d)
142 unsigned char buf[CMSG_SPACE(sizeof(int))];
144 struct cmsghdr *cmsg;
149 memset(&msg, 0, sizeof(msg));
152 msg.msg_control = &cmsgbuf.buf;
153 msg.msg_controllen = sizeof(cmsgbuf.buf);
154 cmsg = CMSG_FIRSTHDR(&msg);
155 cmsg->cmsg_len = CMSG_LEN(sizeof(int));
156 cmsg->cmsg_level = SOL_SOCKET;
157 cmsg->cmsg_type = SCM_RIGHTS;
158 *(int*)CMSG_DATA(cmsg) = d;
162 vec.iov_base = &result;
163 vec.iov_len = sizeof(int);
167 if ((n = sendmsg(fd, &msg, 0)) == -1 || n != sizeof(int)) {
168 log_err(NULL, "sendmsg: got %zu but wanted %zu: (errno) %s",
169 n, sizeof(int), strerror(errno));
175 /* receive a descriptor via fd */
182 char buf[CMSG_SPACE(sizeof(int))];
184 struct cmsghdr *cmsg;
189 memset(&msg, 0, sizeof(msg));
190 vec.iov_base = &result;
191 vec.iov_len = sizeof(int);
194 msg.msg_control = &cmsgbuf.buf;
195 msg.msg_controllen = sizeof(cmsgbuf.buf);
197 if ((n = recvmsg(fd, &msg, 0)) != sizeof(int)) {
198 log_err(NULL, "read %zu bytes bu wanted %zu\n", n, sizeof(int));
203 cmsg = CMSG_FIRSTHDR(&msg);
204 if (cmsg == NULL || cmsg->cmsg_type != SCM_RIGHTS)
206 return (*(int *)CMSG_DATA(cmsg));
212 safe_setenv(const char *name, const char *val)
216 setenv(name, val, 1);
220 xasprintf(const char *fmt, ...)
226 if (vasprintf(&s, fmt, ap) == -1)
234 do_exec(const char *ex, const char *spath, char *query)
236 char **argv, buf[PATH_MAX], *sname, *t;
239 strlcpy(buf, spath, sizeof(buf));
240 sname = basename(buf);
242 if (query == NULL || strchr(query, '=') != NULL) {
243 if ((argv = calloc(2, sizeof(char*))) == NULL)
247 warn("execvp: %s", argv[0]);
252 for (t = query ;; t++, n++) {
253 if ((t = strchr(t, '+')) == NULL)
257 if ((argv = calloc(n+2, sizeof(char*))) == NULL)
261 for (i = 0; i < n; ++i) {
262 t = strchr(query, '+');
265 argv[i+1] = pct_decode_str(query);
270 warn("execvp: %s", argv[0]);
273 /* fd or -1 on error */
275 launch_cgi(struct iri *iri, const char *spath, char *relpath,
276 const char *addr, const char *ruser, const char *cissuer,
277 const char *chash, struct vhost *vhost)
279 int p[2]; /* read end, write end */
288 case 0: { /* child */
290 char iribuf[GEMINI_URL_LEN];
294 if (dup2(p[1], 1) == -1)
297 ex = xasprintf("%s/%s", vhost->dir, spath);
299 serialize_iri(iri, iribuf, sizeof(iribuf));
301 safe_setenv("GATEWAY_INTERFACE", "CGI/1.1");
302 safe_setenv("GEMINI_DOCUMENT_ROOT", vhost->dir);
303 safe_setenv("GEMINI_SCRIPT_FILENAME",
304 xasprintf("%s/%s", vhost->dir, spath));
305 safe_setenv("GEMINI_URL", iribuf);
307 strlcpy(path, "/", sizeof(path));
308 strlcat(path, spath, sizeof(path));
309 safe_setenv("GEMINI_URL_PATH", path);
311 if (relpath != NULL) {
312 strlcpy(path, "/", sizeof(path));
313 strlcat(path, relpath, sizeof(path));
314 safe_setenv("PATH_INFO", path);
316 strlcpy(path, vhost->dir, sizeof(path));
317 strlcat(path, "/", sizeof(path));
318 strlcat(path, relpath, sizeof(path));
319 safe_setenv("PATH_TRANSLATED", path);
322 safe_setenv("QUERY_STRING", iri->query);
323 safe_setenv("REMOTE_ADDR", addr);
324 safe_setenv("REMOTE_HOST", addr);
325 safe_setenv("REQUEST_METHOD", "");
327 strlcpy(path, "/", sizeof(path));
328 strlcat(path, spath, sizeof(path));
329 safe_setenv("SCRIPT_NAME", path);
331 safe_setenv("SERVER_NAME", iri->host);
333 snprintf(path, sizeof(path), "%d", conf.port);
334 safe_setenv("SERVER_PORT", path);
336 safe_setenv("SERVER_PROTOCOL", "GEMINI");
337 safe_setenv("SERVER_SOFTWARE", "gmid/1.5");
340 safe_setenv("AUTH_TYPE", "Certificate");
342 safe_setenv("AUTH_TYPE", "");
344 safe_setenv("REMOTE_USER", ruser);
345 safe_setenv("TLS_CLIENT_ISSUER", cissuer);
346 safe_setenv("TLS_CLIENT_HASH", chash);
348 strlcpy(path, ex, sizeof(path));
356 do_exec(ex, spath, iri->query);
367 dprintf(p[1], "%d internal server error\r\n", TEMP_FAILURE);
374 char *spath, *relpath, *addr, *ruser, *cissuer, *chash;
380 for (vhost = hosts; vhost->domain != NULL; ++vhost) {
381 /* r so we can chdir into the correct directory */
382 if (unveil(vhost->dir, "rx") == -1)
383 err(1, "unveil %s for domain %s",
384 vhost->dir, vhost->domain);
387 /* rpath to chdir into the correct directory */
388 if (pledge("stdio rpath sendfd proc exec", NULL))
393 if (!recv_iri(exfd, &iri)
394 || !recv_string(exfd, &spath)
395 || !recv_string(exfd, &relpath)
396 || !recv_string(exfd, &addr)
397 || !recv_string(exfd, &ruser)
398 || !recv_string(exfd, &cissuer)
399 || !recv_string(exfd, &chash)
400 || !recv_vhost(exfd, &vhost))
403 d = launch_cgi(&iri, spath, relpath, addr, ruser, cissuer, chash,
405 if (!send_fd(exfd, d))
409 free_recvd_iri(&iri);
421 /* kill all process in my group. This means the listener and
422 * every pending CGI script. */