blob: 1c1573c2525e08e3260cc1104b3fad9429d754db [file] [log] [blame]
Christopher Faulet78fbb9f2019-08-11 23:11:03 +02001/*
2 * Functions about FCGI applications and filters.
3 *
4 * Copyright (C) 2019 HAProxy Technologies, Christopher Faulet <cfaulet@haproxy.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13#include <common/config.h>
14#include <common/chunk.h>
15#include <common/cfgparse.h>
16#include <common/errors.h>
17#include <common/initcall.h>
18#include <common/standard.h>
19
20#include <types/global.h>
21
22#include <proto/acl.h>
23#include <proto/fcgi-app.h>
24#include <proto/filters.h>
25#include <proto/http_fetch.h>
26#include <proto/http_htx.h>
27#include <proto/log.h>
28#include <proto/proxy.h>
29#include <proto/sample.h>
30#include <proto/server.h>
31#include <proto/session.h>
32
33/* Global list of all FCGI applications */
34static struct fcgi_app *fcgi_apps = NULL;
35
36struct flt_ops fcgi_flt_ops;
37const char *fcgi_flt_id = "FCGI filter";
38
39DECLARE_STATIC_POOL(pool_head_fcgi_flt_ctx, "fcgi_flt_ctx", sizeof(struct fcgi_flt_ctx));
40DECLARE_STATIC_POOL(pool_head_fcgi_param_rule, "fcgi_param_rule", sizeof(struct fcgi_param_rule));
41DECLARE_STATIC_POOL(pool_head_fcgi_hdr_rule, "fcgi_hdr_rule", sizeof(struct fcgi_hdr_rule));
42
43/**************************************************************************/
44/***************************** Uitls **************************************/
45/**************************************************************************/
46/* Makes a fcgi parameter name (prefixed by ':fcgi-') with <name> (in
47 * lowercase). All non alphanumeric character are replaced by an underscore
48 * ('_'). The result is copied into <dst>. the corrsponding ist is returned.
49 */
50static struct ist fcgi_param_name(char *dst, const struct ist name)
51{
52 size_t ofs1, ofs2;
53
54 memcpy(dst, ":fcgi-", 6);
55 ofs1 = 6;
56 for (ofs2 = 0; ofs2 < name.len; ofs2++) {
57 if (isalnum((int)name.ptr[ofs2]))
58 dst[ofs1++] = ist_lc[(unsigned char)name.ptr[ofs2]];
59 else
60 dst[ofs1++] = '_';
61 }
62 return ist2(dst, ofs1);
63}
64
65/* Returns a pointer to the FCGi applicatrion mathing the name <name>. NULL is
66 * returned if no match found.
67 */
68struct fcgi_app *fcgi_app_find_by_name(const char *name)
69{
70 struct fcgi_app *app;
71
72 for (app = fcgi_apps; app != NULL; app = app->next) {
73 if (!strcmp(app->name, name))
74 return app;
75 }
76
77 return NULL;
78}
79
80struct fcgi_flt_conf *find_px_fcgi_conf(struct proxy *px)
81{
82 struct flt_conf *fconf;
83
84 list_for_each_entry(fconf, &px->filter_configs, list) {
85 if (fconf->id == fcgi_flt_id)
86 return fconf->conf;
87 }
88 return NULL;
89}
90
91struct fcgi_flt_ctx *find_strm_fcgi_ctx(struct stream *s)
92{
93 struct filter *filter;
94
95 if (!s)
96 return NULL;
97
98 list_for_each_entry(filter, &strm_flt(s)->filters, list) {
99 if (FLT_ID(filter) == fcgi_flt_id)
100 return FLT_CONF(filter);
101 }
102 return NULL;
103}
104
105struct fcgi_app *get_px_fcgi_app(struct proxy *px)
106{
107 struct fcgi_flt_conf *fcgi_conf = find_px_fcgi_conf(px);
108
109 if (fcgi_conf)
110 return fcgi_conf->app;
111 return NULL;
112}
113
114struct fcgi_app *get_strm_fcgi_app(struct stream *s)
115{
116 struct fcgi_flt_ctx *fcgi_ctx = find_strm_fcgi_ctx(s);
117
118 if (fcgi_ctx)
119 return fcgi_ctx->app;
120 return NULL;
121}
122
123static void fcgi_release_rule_conf(struct fcgi_rule_conf *rule)
124{
125 if (!rule)
126 return;
127 free(rule->name);
128 free(rule->value);
129 if (rule->cond) {
130 prune_acl_cond(rule->cond);
131 free(rule->cond);
132 }
133 free(rule);
134}
135
136static void fcgi_release_rule(struct fcgi_rule *rule)
137{
138 if (!rule)
139 return;
140
141 if (!LIST_ISEMPTY(&rule->value)) {
142 struct logformat_node *lf, *lfb;
143
144 list_for_each_entry_safe(lf, lfb, &rule->value, list) {
145 LIST_DEL(&lf->list);
146 release_sample_expr(lf->expr);
147 free(lf->arg);
148 free(lf);
149 }
150 }
151 /* ->cond and ->name are not owned by the rule */
152 free(rule);
153}
154
155/**************************************************************************/
156/*********************** FCGI Sample fetches ******************************/
157/**************************************************************************/
158
159static int smp_fetch_fcgi_docroot(const struct arg *args, struct sample *smp,
160 const char *kw, void *private)
161{
162 struct fcgi_app *app = get_strm_fcgi_app(smp->strm);
163
164 if (!app)
165 return 0;
166
167 smp->data.type = SMP_T_STR;
168 smp->data.u.str.area = app->docroot.ptr;
169 smp->data.u.str.data = app->docroot.len;
170 smp->flags = SMP_F_CONST;
171 return 1;
172}
173
174static int smp_fetch_fcgi_index(const struct arg *args, struct sample *smp,
175 const char *kw, void *private)
176{
177 struct fcgi_app *app = get_strm_fcgi_app(smp->strm);
178
179 if (!app || !istlen(app->index))
180 return 0;
181
182 smp->data.type = SMP_T_STR;
183 smp->data.u.str.area = app->index.ptr;
184 smp->data.u.str.data = app->index.len;
185 smp->flags = SMP_F_CONST;
186 return 1;
187}
188
189/**************************************************************************/
190/************************** FCGI filter ***********************************/
191/**************************************************************************/
192static int fcgi_flt_init(struct proxy *px, struct flt_conf *fconf)
193{
194 fconf->flags |= FLT_CFG_FL_HTX;
195 return 0;
196}
197
198static void fcgi_flt_deinit(struct proxy *px, struct flt_conf *fconf)
199{
200 struct fcgi_flt_conf *fcgi_conf = fconf->conf;
201 struct fcgi_rule *rule, *back;
202
203 if (!fcgi_conf)
204 return;
205
206 free(fcgi_conf->name);
207
208 list_for_each_entry_safe(rule, back, &fcgi_conf->param_rules, list) {
209 LIST_DEL(&rule->list);
210 fcgi_release_rule(rule);
211 }
212
213 list_for_each_entry_safe(rule, back, &fcgi_conf->hdr_rules, list) {
214 LIST_DEL(&rule->list);
215 fcgi_release_rule(rule);
216 }
217
218 free(fcgi_conf);
219}
220
221static int fcgi_flt_check(struct proxy *px, struct flt_conf *fconf)
222{
223 struct fcgi_flt_conf *fcgi_conf = fconf->conf;
224 struct fcgi_rule_conf *crule, *back;
225 struct fcgi_rule *rule = NULL;
226 struct flt_conf *f;
227 char *errmsg = NULL;
228
229 fcgi_conf->app = fcgi_app_find_by_name(fcgi_conf->name);
230 if (!fcgi_conf->app) {
231 ha_alert("config : proxy '%s' : fcgi-app '%s' not found.\n",
232 px->id, fcgi_conf->name);
233 goto err;
234 }
235
236 list_for_each_entry(f, &px->filter_configs, list) {
237 if (f->id == http_comp_flt_id || f->id == cache_store_flt_id)
238 continue;
239 else if ((f->id == fconf->id) && f->conf != fcgi_conf) {
240 ha_alert("config : proxy '%s' : only one fcgi-app supported per backend.\n",
241 px->id);
242 goto err;
243 }
244 else if (f->id != fconf->id) {
245 /* Implicit declaration is only allowed with the
246 * compression and cache. For other filters, an implicit
247 * declaration is required. */
248 ha_alert("config: proxy '%s': require an explicit filter declaration "
249 "to use the fcgi-app '%s'.\n", px->id, fcgi_conf->name);
250 goto err;
251 }
252 }
253
254 list_for_each_entry_safe(crule, back, &fcgi_conf->app->conf.rules, list) {
255 rule = calloc(1, sizeof(*rule));
256 if (!rule) {
257 ha_alert("config : proxy '%s' : out of memory.\n", px->id);
258 goto err;
259 }
260 rule->type = crule->type;
261 rule->name = ist(crule->name);
262 rule->cond = crule->cond;
263 LIST_INIT(&rule->value);
264
265 if (crule->value) {
266 if (!parse_logformat_string(crule->value, px, &rule->value, LOG_OPT_HTTP,
267 SMP_VAL_BE_HRQ_HDR, &errmsg)) {
268 ha_alert("config : proxy '%s' : %s.\n", px->id, errmsg);
269 goto err;
270 }
271 }
272
273 if (rule->type == FCGI_RULE_SET_PARAM || rule->type == FCGI_RULE_UNSET_PARAM)
274 LIST_ADDQ(&fcgi_conf->param_rules, &rule->list);
275 else /* FCGI_RULE_PASS_HDR/FCGI_RULE_HIDE_HDR */
276 LIST_ADDQ(&fcgi_conf->hdr_rules, &rule->list);
277 rule = NULL;
278 }
279 return 0;
280
281 err:
282 free(errmsg);
283 free(rule);
284 return 1;
285}
286
287static int fcgi_flt_start(struct stream *s, struct filter *filter)
288{
289 struct fcgi_flt_conf *fcgi_conf = FLT_CONF(filter);
290 struct fcgi_flt_ctx *fcgi_ctx;
291
292 fcgi_ctx = pool_alloc_dirty(pool_head_fcgi_flt_ctx);
293 if (fcgi_ctx == NULL) {
294 // FIXME: send a warning
295 return 0;
296 }
297 fcgi_ctx->filter = filter;
298 fcgi_ctx->app = fcgi_conf->app;
299 filter->ctx = fcgi_ctx;
300
301 s->req.analysers |= AN_REQ_HTTP_BODY;
302 return 1;
303}
304
305static void fcgi_flt_stop(struct stream *s, struct filter *filter)
306{
307 struct flt_fcgi_ctx *fcgi_ctx = filter->ctx;
308
309 if (!fcgi_ctx)
310 return;
311 pool_free(pool_head_fcgi_flt_ctx, fcgi_ctx);
312 filter->ctx = NULL;
313}
314
315static int fcgi_flt_http_headers(struct stream *s, struct filter *filter, struct http_msg *msg)
316{
317 struct session *sess = strm_sess(s);
318 struct buffer *value;
319 struct fcgi_flt_conf *fcgi_conf = FLT_CONF(filter);
320 struct fcgi_rule *rule;
321 struct fcgi_param_rule *param_rule;
322 struct fcgi_hdr_rule *hdr_rule;
323 struct ebpt_node *node, *next;
324 struct eb_root param_rules = EB_ROOT;
325 struct eb_root hdr_rules = EB_ROOT;
326 struct htx *htx;
327 struct http_hdr_ctx ctx;
328 int ret;
329
330 htx = htxbuf(&msg->chn->buf);
331
332 if (msg->chn->flags & CF_ISRESP) {
333 struct htx_sl *sl;
334
335 /* Remove the header "Status:" from the response */
336 ctx.blk = NULL;
337 while (http_find_header(htx, ist("status"), &ctx, 1))
338 http_remove_header(htx, &ctx);
339
340 /* Add the header "Date:" if not found */
341 ctx.blk = NULL;
342 if (!http_find_header(htx, ist("date"), &ctx, 1)) {
343 struct tm tm;
344
345 get_gmtime(date.tv_sec, &tm);
346 trash.data = strftime(trash.area, trash.size, "%a, %d %b %Y %T %Z", &tm);
347 if (trash.data)
348 http_add_header(htx, ist("date"), ist2(trash.area, trash.data));
349 }
350
351 /* Add the header "Content-Length:" if possible */
352 sl = http_get_stline(htx);
353 if (sl &&
354 (sl->flags & (HTX_SL_F_XFER_LEN|HTX_SL_F_CLEN|HTX_SL_F_CHNK)) == HTX_SL_F_XFER_LEN &&
355 htx_get_tail_type(htx) == HTX_BLK_EOM) {
356 struct htx_blk * blk;
357 char *end;
358 size_t len = 0;
359
360 for (blk = htx_get_first_blk(htx); blk; blk = htx_get_next_blk(htx, blk)) {
361 enum htx_blk_type type = htx_get_blk_type(blk);
362
363 if (type == HTX_BLK_EOM)
364 break;
365 if (type == HTX_BLK_DATA)
366 len += htx_get_blksz(blk);
367 }
368 end = ultoa_o(len, trash.area, trash.size);
369 if (http_add_header(htx, ist("content-length"), ist2(trash.area, end-trash.area)))
370 sl->flags |= HTX_SL_F_CLEN;
371 }
372
373 return 1;
374 }
375
376 /* Analyze the request's headers */
377
378 value = alloc_trash_chunk();
379 if (!value)
380 goto end;
381
382 list_for_each_entry(rule, &fcgi_conf->param_rules, list) {
383 if (rule->cond) {
384 ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
385 ret = acl_pass(ret);
386 if (rule->cond->pol == ACL_COND_UNLESS)
387 ret = !ret;
388
389 /* the rule does not match */
390 if (!ret)
391 continue;
392 }
393
394 param_rule = NULL;
395 node = ebis_lookup_len(&param_rules, rule->name.ptr, rule->name.len);
396 if (node) {
397 param_rule = container_of(node, struct fcgi_param_rule, node);
398 ebpt_delete(node);
399 }
400 else {
401 param_rule = pool_alloc_dirty(pool_head_fcgi_param_rule);
402 if (param_rule == NULL)
403 goto param_rule_err;
404 }
405
406 param_rule->node.key = rule->name.ptr;
407 param_rule->name = rule->name;
408 param_rule->value = &rule->value;
409 ebis_insert(&param_rules, &param_rule->node);
410 }
411
412 list_for_each_entry(rule, &fcgi_conf->hdr_rules, list) {
413 if (rule->cond) {
414 ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
415 ret = acl_pass(ret);
416 if (rule->cond->pol == ACL_COND_UNLESS)
417 ret = !ret;
418
419 /* the rule does not match */
420 if (!ret)
421 continue;
422 }
423
424 hdr_rule = NULL;
425 node = ebis_lookup_len(&hdr_rules, rule->name.ptr, rule->name.len);
426 if (node) {
427 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
428 ebpt_delete(node);
429 }
430 else {
431 hdr_rule = pool_alloc_dirty(pool_head_fcgi_hdr_rule);
432 if (hdr_rule == NULL)
433 goto hdr_rule_err;
434 }
435
436 hdr_rule->node.key = rule->name.ptr;
437 hdr_rule->name = rule->name;
438 hdr_rule->pass = (rule->type == FCGI_RULE_PASS_HDR);
439 ebis_insert(&hdr_rules, &hdr_rule->node);
440 }
441
442 node = ebpt_first(&param_rules);
443 while (node) {
444 next = ebpt_next(node);
445 ebpt_delete(node);
446 param_rule = container_of(node, struct fcgi_param_rule, node);
447 node = next;
448
449 b_reset(value);
450 value->data = build_logline(s, value->area, value->size, param_rule->value);
451 if (!value->data)
452 continue;
453 if (!http_add_header(htx, param_rule->name, ist2(value->area, value->data)))
454 goto rewrite_err;
455 pool_free(pool_head_fcgi_param_rule, param_rule);
456 }
457
458 node = ebpt_first(&hdr_rules);
459 while (node) {
460 next = ebpt_next(node);
461 ebpt_delete(node);
462 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
463 node = next;
464
465 if (!hdr_rule->pass) {
466 ctx.blk = NULL;
467 while (http_find_header(htx, hdr_rule->name, &ctx, 1))
468 http_remove_header(htx, &ctx);
469 }
470 pool_free(pool_head_fcgi_hdr_rule, hdr_rule);
471 }
472
473 goto end;
474
475 rewrite_err:
476 _HA_ATOMIC_ADD(&sess->fe->fe_counters.failed_rewrites, 1);
477 if (sess->fe != s->be)
478 _HA_ATOMIC_ADD(&s->be->be_counters.failed_rewrites, 1);
479 if (sess->listener->counters)
480 _HA_ATOMIC_ADD(&sess->listener->counters->failed_rewrites, 1);
481 hdr_rule_err:
482 node = ebpt_first(&hdr_rules);
483 while (node) {
484 next = ebpt_next(node);
485 ebpt_delete(node);
486 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
487 node = next;
488 pool_free(pool_head_fcgi_hdr_rule, hdr_rule);
489 }
490 param_rule_err:
491 node = ebpt_first(&param_rules);
492 while (node) {
493 next = ebpt_next(node);
494 ebpt_delete(node);
495 param_rule = container_of(node, struct fcgi_param_rule, node);
496 node = next;
497 pool_free(pool_head_fcgi_param_rule, param_rule);
498 }
499 end:
500 free_trash_chunk(value);
501 return 1;
502}
503
504struct flt_ops fcgi_flt_ops = {
505 .init = fcgi_flt_init,
506 .check = fcgi_flt_check,
507 .deinit = fcgi_flt_deinit,
508
509 .attach = fcgi_flt_start,
510 .detach = fcgi_flt_stop,
511
512 .http_headers = fcgi_flt_http_headers,
513};
514
515/**************************************************************************/
516/*********************** FCGI Config parsing ******************************/
517/**************************************************************************/
518static int
519parse_fcgi_flt(char **args, int *cur_arg, struct proxy *px,
520 struct flt_conf *fconf, char **err, void *private)
521{
522 struct flt_conf *f, *back;
523 struct fcgi_flt_conf *fcgi_conf = NULL;
524 char *name = NULL;
525 int pos = *cur_arg;
526
527 /* Get the fcgi-app name*/
Christopher Faulet0ce57b02019-09-18 11:18:33 +0200528 if (!*args[pos + 1]) {
529 memprintf(err, "%s : expects a <name> argument", args[pos]);
530 goto err;
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200531 }
Christopher Faulet0ce57b02019-09-18 11:18:33 +0200532 name = strdup(args[pos + 1]);
533 if (!name) {
534 memprintf(err, "%s '%s' : out of memory", args[pos], args[pos + 1]);
535 goto err;
536 }
537 pos += 2;
538
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200539 /* Check if an fcgi-app filter with the same name already exists */
540 list_for_each_entry_safe(f, back, &px->filter_configs, list) {
541 if (f->id != fcgi_flt_id)
542 continue;
543 fcgi_conf = f->conf;
544 if (strcmp(name, fcgi_conf->name)) {
545 fcgi_conf = NULL;
546 continue;
547 }
548
549 /* Place the filter at its right position */
550 LIST_DEL(&f->list);
551 free(f);
552 free(name);
553 name = NULL;
554 break;
555 }
556
557 /* No other fcgi-app filter found, create configuration for the explicit one */
558 if (!fcgi_conf) {
559 fcgi_conf = calloc(1, sizeof(*fcgi_conf));
560 if (!fcgi_conf) {
561 memprintf(err, "%s: out of memory", args[*cur_arg]);
562 goto err;
563 }
564 fcgi_conf->name = name;
565 LIST_INIT(&fcgi_conf->param_rules);
566 LIST_INIT(&fcgi_conf->hdr_rules);
567 }
568
569 fconf->id = fcgi_flt_id;
570 fconf->conf = fcgi_conf;
571 fconf->ops = &fcgi_flt_ops;
572
573 *cur_arg = pos;
574 return 0;
575 err:
576 free(name);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200577 return -1;
578}
579
580/* Parses the "use-fcgi-app" proxy keyword */
581static int proxy_parse_use_fcgi_app(char **args, int section, struct proxy *curpx,
582 struct proxy *defpx, const char *file, int line,
583 char **err)
584{
585 struct flt_conf *fconf = NULL;
586 struct fcgi_flt_conf *fcgi_conf = NULL;
587 int retval = 0;
588
589 if (!(curpx->cap & PR_CAP_BE)) {
590 memprintf(err, "'%s' only available in backend or listen section", args[0]);
591 retval = -1;
592 goto end;
593 }
594
595 if (!*(args[1])) {
596 memprintf(err, "'%s' expects <name> as argument", args[0]);
597 retval = -1;
598 goto end;
599 }
600
601 /* check if a fcgi filter was already registered with this name,
602 * if that's the case, must use it. */
603 list_for_each_entry(fconf, &curpx->filter_configs, list) {
604 if (fconf->id == fcgi_flt_id) {
605 fcgi_conf = fconf->conf;
606 if (fcgi_conf && !strcmp((char *)fcgi_conf->name, args[1]))
607 goto end;
608 memprintf(err, "'%s' : only one fcgi-app supported per backend", args[0]);
609 retval = -1;
610 goto end;
611 }
612 }
613
614 /* Create the FCGI filter config */
615 fcgi_conf = calloc(1, sizeof(*fcgi_conf));
616 if (!fcgi_conf)
617 goto err;
618 fcgi_conf->name = strdup(args[1]);
619 LIST_INIT(&fcgi_conf->param_rules);
620 LIST_INIT(&fcgi_conf->hdr_rules);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200621
622 /* Register the filter */
623 fconf = calloc(1, sizeof(*fconf));
624 if (!fconf)
625 goto err;
626 fconf->id = fcgi_flt_id;
627 fconf->conf = fcgi_conf;
628 fconf->ops = &fcgi_flt_ops;
629 LIST_ADDQ(&curpx->filter_configs, &fconf->list);
630
631 end:
632 return retval;
633 err:
634 if (fcgi_conf) {
635 free(fcgi_conf->name);
636 free(fcgi_conf);
637 }
638 memprintf(err, "out of memory");
639 retval = -1;
640 goto end;
641}
642
643/* Finishes the parsing of FCGI application of proxies and servers */
644static int cfg_fcgi_apps_postparser()
645{
646 struct fcgi_app *curapp;
647 struct proxy *px;
648 struct server *srv;
649 int err_code = 0;
650
651 for (px = proxies_list; px; px = px->next) {
652 struct fcgi_flt_conf *fcgi_conf = find_px_fcgi_conf(px);
653 int nb_fcgi_srv = 0;
654
655 if (px->mode == PR_MODE_TCP && fcgi_conf) {
656 ha_alert("config : proxy '%s': FCGI application cannot be used in non-HTTP mode.\n",
657 px->id);
658 err_code |= ERR_ALERT | ERR_FATAL;
659 goto end;
660 }
661
662 for (srv = px->srv; srv; srv = srv->next) {
663 if (srv->mux_proto && isteq(srv->mux_proto->token, ist("fcgi"))) {
664 nb_fcgi_srv++;
665 if (fcgi_conf)
666 continue;
667 ha_alert("config : proxy '%s': FCGI server '%s' has no FCGI app configured.\n",
668 px->id, srv->id);
669 err_code |= ERR_ALERT | ERR_FATAL;
670 goto end;
671 }
672 }
673 if (fcgi_conf && !nb_fcgi_srv) {
674 ha_alert("config : proxy '%s': FCGI app configured but no FCGI server found.\n",
675 px->id);
676 err_code |= ERR_ALERT | ERR_FATAL;
677 goto end;
678 }
679 }
680
681 for (curapp = fcgi_apps; curapp != NULL; curapp = curapp->next) {
682 if (!istlen(curapp->docroot)) {
683 ha_alert("config : fcgi-app '%s': no docroot configured.\n",
684 curapp->name);
685 err_code |= ERR_ALERT | ERR_FATAL;
686 goto end;
687 }
688 if (!(curapp->flags & (FCGI_APP_FL_MPXS_CONNS|FCGI_APP_FL_GET_VALUES))) {
689 if (curapp->maxreqs > 1) {
690 ha_warning("config : fcgi-app '%s': multiplexing not supported, "
691 "ignore the option 'max-reqs'.\n",
692 curapp->name);
693 err_code |= ERR_WARN;
694 }
695 curapp->maxreqs = 1;
696 }
697 }
698
699 end:
700 return err_code;
701}
702
703static int fcgi_app_add_rule(struct fcgi_app *curapp, enum fcgi_rule_type type, char *name, char *value,
704 struct acl_cond *cond, char **err)
705{
706 struct fcgi_rule_conf *rule;
707
708 /* Param not found, add a new one */
709 rule = calloc(1, sizeof(*rule));
710 if (!rule)
711 goto err;
712 LIST_INIT(&rule->list);
713 rule->type = type;
714 if (type == FCGI_RULE_SET_PARAM || type == FCGI_RULE_UNSET_PARAM) {
715 struct ist fname = fcgi_param_name(trash.area, ist(name));
716 rule->name = my_strndup(fname.ptr, fname.len);
717 }
718 else /* FCGI_RULE_PASS_HDR/FCGI_RULE_HIDE_HDR */
719 rule->name = strdup(name);
720 if (!rule->name)
721 goto err;
722
723 if (value) {
724 rule->value = strdup(value);
725 if (!rule->value)
726 goto err;
727 }
728 rule->cond = cond;
729 LIST_ADDQ(&curapp->conf.rules, &rule->list);
730 return 1;
731
732 err:
733 if (rule) {
734 free(rule->name);
735 free(rule->value);
736 free(rule);
737 }
738 if (cond) {
739 prune_acl_cond(cond);
740 free(cond);
741 }
742 memprintf(err, "out of memory");
743 return 0;
744}
745
746/* Parses "fcgi-app" section */
747static int cfg_parse_fcgi_app(const char *file, int linenum, char **args, int kwm)
748{
749 static struct fcgi_app *curapp = NULL;
750 struct acl_cond *cond = NULL;
751 char *name, *value = NULL;
752 enum fcgi_rule_type type;
753 int err_code = 0;
754 const char *err;
755 char *errmsg = NULL;
756
757 if (!strcmp(args[0], "fcgi-app")) { /* new fcgi-app */
758 if (!*(args[1])) {
759 ha_alert("parsing [%s:%d]: '%s' expects <name> as argument.\n",
760 file, linenum, args[0]);
761 err_code |= ERR_ALERT | ERR_FATAL;
762 goto out;
763 }
764 if (alertif_too_many_args(1, file, linenum, args, &err_code))
765 goto out;
766
767 err = invalid_char(args[1]);
768 if (err) {
769 ha_alert("parsing [%s:%d]: character '%c' is not permitted in '%s' name '%s'.\n",
770 file, linenum, *err, args[0], args[1]);
771 err_code |= ERR_ALERT | ERR_FATAL;
772 goto out;
773 }
774
775 for (curapp = fcgi_apps; curapp != NULL; curapp = curapp->next) {
776 if (!strcmp(curapp->name, args[1])) {
777 ha_alert("Parsing [%s:%d]: fcgi-app section '%s' has the same name as another one declared at %s:%d.\n",
778 file, linenum, args[1], curapp->conf.file, curapp->conf.line);
779 err_code |= ERR_ALERT | ERR_FATAL;
780 }
781 }
782
783 curapp = calloc(1, sizeof(*curapp));
784 if (!curapp) {
785 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
786 err_code |= ERR_ALERT | ERR_ABORT;
787 goto out;
788 }
789
790 curapp->next = fcgi_apps;
791 fcgi_apps = curapp;
792 curapp->flags = FCGI_APP_FL_KEEP_CONN;
793 curapp->docroot = ist(NULL);
794 curapp->index = ist(NULL);
795 curapp->pathinfo_re = NULL;
796 curapp->name = strdup(args[1]);
797 curapp->maxreqs = 1;
798 curapp->conf.file = strdup(file);
799 curapp->conf.line = linenum;
800 LIST_INIT(&curapp->acls);
801 LIST_INIT(&curapp->logsrvs);
802 LIST_INIT(&curapp->conf.args.list);
803 LIST_INIT(&curapp->conf.rules);
804
805 /* Set info about authentication */
806 if (!fcgi_app_add_rule(curapp, FCGI_RULE_SET_PARAM, "REMOTE_USER", "%[http_auth_user]", NULL, &errmsg) ||
807 !fcgi_app_add_rule(curapp, FCGI_RULE_SET_PARAM, "AUTH_TYPE", "%[http_auth_type]", NULL, &errmsg)) {
808 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
809 args[1], errmsg);
810 err_code |= ERR_ALERT | ERR_FATAL;
811 }
812
813 /* Hide hop-by-hop headers by default */
814 if (!fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "connection", NULL, NULL, &errmsg) ||
815 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "keep-alive", NULL, NULL, &errmsg) ||
816 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "authorization", NULL, NULL, &errmsg) ||
817 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy", NULL, NULL, &errmsg) ||
818 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy-authorization", NULL, NULL, &errmsg) ||
819 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy-authenticate", NULL, NULL, &errmsg) ||
820 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "te", NULL, NULL, &errmsg) ||
821 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "trailers", NULL, NULL, &errmsg) ||
822 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "transfer-encoding", NULL, NULL, &errmsg) ||
823 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "upgrade", NULL, NULL, &errmsg)) {
824 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
825 args[1], errmsg);
826 err_code |= ERR_ALERT | ERR_FATAL;
827 }
828 }
829 else if (!strcmp(args[0], "docroot")) {
830 if (!*(args[1])) {
831 ha_alert("parsing [%s:%d] : '%s' expects <path> as argument.\n",
832 file, linenum, args[0]);
833 err_code |= ERR_ALERT | ERR_FATAL;
834 goto out;
835 }
836 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
837 goto out;
838 free(curapp->docroot.ptr);
839 curapp->docroot = ist2(strdup(args[1]), strlen(args[1]));
840 if (!curapp->docroot.ptr) {
841 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
842 err_code |= ERR_ALERT | ERR_ABORT;
843 }
844 }
845 else if (!strcmp(args[0], "path-info")) {
846 if (!*(args[1])) {
847 ha_alert("parsing [%s:%d] : '%s' expects <regex> as argument.\n",
848 file, linenum, args[0]);
849 err_code |= ERR_ALERT | ERR_FATAL;
850 goto out;
851 }
852 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
853 goto out;
854 regex_free(curapp->pathinfo_re);
855 curapp->pathinfo_re = regex_comp(args[1], 1, 1, &errmsg);
856 if (!curapp->pathinfo_re) {
857 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
858 args[1], errmsg);
859 err_code |= ERR_ALERT | ERR_FATAL;
860 }
861 }
862 else if (!strcmp(args[0], "index")) {
863 if (!*(args[1])) {
864 ha_alert("parsing [%s:%d] : '%s' expects <filename> as argument.\n",
865 file, linenum, args[0]);
866 err_code |= ERR_ALERT | ERR_FATAL;
867 goto out;
868 }
869 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
870 goto out;
871 free(curapp->index.ptr);
872 curapp->index = ist2(strdup(args[1]), strlen(args[1]));
873 if (!curapp->index.ptr) {
874 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
875 err_code |= ERR_ALERT | ERR_ABORT;
876 }
877 }
878 else if (!strcmp(args[0], "acl")) {
879 const char *err;
880 err = invalid_char(args[1]);
881 if (err) {
882 ha_alert("parsing [%s:%d] : character '%c' is not permitted in acl name '%s'.\n",
883 file, linenum, *err, args[1]);
884 err_code |= ERR_ALERT | ERR_FATAL;
885 }
886 else if (parse_acl((const char **)args+1, &curapp->acls, &errmsg, &curapp->conf.args, file, linenum) == NULL) {
887 ha_alert("parsing [%s:%d] : error detected while parsing ACL '%s' : %s.\n",
888 file, linenum, args[1], errmsg);
889 err_code |= ERR_ALERT | ERR_FATAL;
890 }
891 }
892 else if (!strcmp(args[0], "set-param")) {
893 if (!*(args[1]) || !*(args[2])) {
894 ha_alert("parsing [%s:%d] : '%s' expects <name> and <value> as arguments.\n",
895 file, linenum, args[0]);
896 err_code |= ERR_ALERT | ERR_FATAL;
897 goto out;
898 }
899 type = FCGI_RULE_SET_PARAM;
900 name = args[1];
901 value = args[2];
902 cond = NULL;
903 args += 3;
904
905 parse_cond_rule:
906 if (!*(args[0])) /* No condition */
907 goto add_rule;
908
909 if (strcmp(args[0], "if") == 0)
910 cond = parse_acl_cond((const char **)args+1, &curapp->acls, ACL_COND_IF, &errmsg, &curapp->conf.args,
911 file, linenum);
912 else if (strcmp(args[0], "unless") == 0)
913 cond = parse_acl_cond((const char **)args+1, &curapp->acls, ACL_COND_UNLESS, &errmsg, &curapp->conf.args,
914 file, linenum);
915 if (!cond) {
916 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
917 name, errmsg);
918 err_code |= ERR_ALERT | ERR_FATAL;
919 }
920 add_rule:
921 if (!fcgi_app_add_rule(curapp, type, name, value, cond, &errmsg)) {
922 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
923 name, errmsg);
924 err_code |= ERR_ALERT | ERR_FATAL;
925 }
926 }
927#if 0 /* Disabled for now */
928 else if (!strcmp(args[0], "unset-param")) {
929 if (!*(args[1])) {
930 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
931 file, linenum, args[0]);
932 err_code |= ERR_ALERT | ERR_FATAL;
933 goto out;
934 }
935 type = FCGI_RULE_UNSET_PARAM;
936 name = args[1];
937 value = NULL;
938 cond = NULL;
939 args += 2;
940 goto parse_cond_rule;
941 }
942#endif
943 else if (!strcmp(args[0], "pass-header")) {
944 if (!*(args[1])) {
945 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
946 file, linenum, args[0]);
947 err_code |= ERR_ALERT | ERR_FATAL;
948 goto out;
949 }
950 type = FCGI_RULE_PASS_HDR;
951 name = args[1];
952 value = NULL;
953 cond = NULL;
954 args += 2;
955 goto parse_cond_rule;
956 }
957#if 0 /* Disabled for now */
958 else if (!strcmp(args[0], "hide-header")) {
959 if (!*(args[1])) {
960 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
961 file, linenum, args[0]);
962 err_code |= ERR_ALERT | ERR_FATAL;
963 goto out;
964 }
965 type = FCGI_RULE_HIDE_HDR;
966 name = args[1];
967 value = NULL;
968 cond = NULL;
969 args += 2;
970 goto parse_cond_rule;
971 }
972#endif
973 else if (!strcmp(args[0], "option")) {
974 if (!*(args[1])) {
975 ha_alert("parsing [%s:%d]: '%s' expects an option name.\n",
976 file, linenum, args[0]);
977 err_code |= ERR_ALERT | ERR_FATAL;
978 }
979 else if (!strcmp(args[1], "keep-conn")) {
980 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
981 goto out;
982 if (kwm == KWM_STD)
983 curapp->flags |= FCGI_APP_FL_KEEP_CONN;
984 else if (kwm == KWM_NO)
985 curapp->flags &= ~FCGI_APP_FL_KEEP_CONN;
986 }
987 else if (!strcmp(args[1], "get-values")) {
988 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
989 goto out;
990 if (kwm == KWM_STD)
991 curapp->flags |= FCGI_APP_FL_GET_VALUES;
992 else if (kwm == KWM_NO)
993 curapp->flags &= ~FCGI_APP_FL_GET_VALUES;
994 }
995 else if (!strcmp(args[1], "mpxs-conns")) {
996 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
997 goto out;
998 if (kwm == KWM_STD)
999 curapp->flags |= FCGI_APP_FL_MPXS_CONNS;
1000 else if (kwm == KWM_NO)
1001 curapp->flags &= ~FCGI_APP_FL_MPXS_CONNS;
1002 }
1003 else if (!strcmp(args[1], "max-reqs")) {
1004 if (kwm != KWM_STD) {
1005 ha_alert("parsing [%s:%d]: negation/default is not supported for option '%s'.\n",
1006 file, linenum, args[1]);
1007 err_code |= ERR_ALERT | ERR_FATAL;
1008 goto out;
1009 }
1010 if (!*(args[2])) {
1011 ha_alert("parsing [%s:%d]: option '%s' expects an integer argument.\n",
1012 file, linenum, args[1]);
1013 err_code |= ERR_ALERT | ERR_FATAL;
1014 goto out;
1015 }
1016 if (alertif_too_many_args_idx(1, 1, file, linenum, args, &err_code))
1017 goto out;
1018
1019 curapp->maxreqs = atol(args[2]);
1020 if (!curapp->maxreqs) {
1021 ha_alert("parsing [%s:%d]: option '%s' expects a strictly positive integer argument.\n",
1022 file, linenum, args[1]);
1023 err_code |= ERR_ALERT | ERR_FATAL;
1024 goto out;
1025 }
1026 }
1027 else {
1028 ha_alert("parsing [%s:%d] : unknown option '%s'.\n", file, linenum, args[1]);
1029 err_code |= ERR_ALERT | ERR_FATAL;
1030 }
1031 }
1032 else if (!strcmp(args[0], "log-stderr")) {
1033 if (!parse_logsrv(args, &curapp->logsrvs, (kwm == KWM_NO), &errmsg)) {
1034 ha_alert("parsing [%s:%d] : %s : %s\n", file, linenum, args[0], errmsg);
1035 err_code |= ERR_ALERT | ERR_FATAL;
1036 }
1037 }
1038 else {
1039 ha_alert("parsing [%s:%d]: unknown keyword '%s' in '%s' section\n", file, linenum, args[0], "fcgi-app");
1040 err_code |= ERR_ALERT | ERR_FATAL;
1041 }
1042
1043out:
1044 free(errmsg);
1045 return err_code;
1046}
1047
1048
1049/**************************************************************************/
1050/*********************** FCGI Deinit functions ****************************/
1051/**************************************************************************/
1052void fcgi_apps_deinit()
1053{
1054 struct fcgi_app *curapp, *nextapp;
1055 struct logsrv *log, *logb;
1056
1057 for (curapp = fcgi_apps; curapp != NULL; curapp = nextapp) {
1058 struct fcgi_rule_conf *rule, *back;
1059
1060 free(curapp->name);
1061 free(curapp->docroot.ptr);
1062 free(curapp->index.ptr);
1063 regex_free(curapp->pathinfo_re);
1064 free(curapp->conf.file);
1065
1066 list_for_each_entry_safe(log, logb, &curapp->logsrvs, list) {
1067 LIST_DEL(&log->list);
1068 free(log);
1069 }
1070
1071 list_for_each_entry_safe(rule, back, &curapp->conf.rules, list) {
1072 LIST_DEL(&rule->list);
1073 fcgi_release_rule_conf(rule);
1074 }
1075
1076 nextapp = curapp->next;
1077 free(curapp);
1078 }
1079}
1080
1081
1082/**************************************************************************/
1083/*************** Keywords definition and registration *********************/
1084/**************************************************************************/
1085static struct cfg_kw_list cfg_kws = {ILH, {
1086 { CFG_LISTEN, "use-fcgi-app", proxy_parse_use_fcgi_app },
1087 { 0, NULL, NULL },
1088}};
1089
1090// FIXME: Add rep.fcgi smp_fetch
1091static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
1092 { "fcgi.docroot", smp_fetch_fcgi_docroot, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
1093 { "fcgi.index", smp_fetch_fcgi_index, 0, NULL, SMP_T_STR, SMP_USE_HRQHV }
1094}};
1095
1096/* Declare the filter parser for "fcgi-app" keyword */
1097static struct flt_kw_list filter_kws = { "FCGI", { }, {
1098 { "fcgi-app", parse_fcgi_flt, NULL },
1099 { NULL, NULL, NULL },
1100 }
1101};
1102
1103INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
1104INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
1105INITCALL1(STG_REGISTER, flt_register_keywords, &filter_kws);
1106
1107INITCALL1(STG_REGISTER, hap_register_post_deinit, fcgi_apps_deinit);
1108
1109REGISTER_CONFIG_SECTION("fcgi-app", cfg_parse_fcgi_app, NULL);
1110REGISTER_CONFIG_POSTPARSER("fcgi-apps", cfg_fcgi_apps_postparser);
1111
1112/*
1113 * Local variables:
1114 * c-indent-level: 8
1115 * c-basic-offset: 8
1116 * End:
1117 */