Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 8d36697deea8e4c87202a94505b238174334ea40 / . / src / fcgi-app.c
blob: 5b116803d5deaf5c7b0e300cbf7de7af8317e68b [file] [log] [blame]
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]1/*
2 * Functions about FCGI applications and filters.
3 *
4 * Copyright (C) 2019 HAProxy Technologies, Christopher Faulet <cfaulet@haproxy.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
Willy Tarreau4c7e4b72020-05-27 12:58:42 +0200[diff] [blame]13#include <haproxy/api.h>
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]14#include <common/chunk.h>
15#include <common/cfgparse.h>
Willy Tarreau8d366972020-05-27 16:10:29 +0200[diff] [blame^]16#include <haproxy/errors.h>
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]17#include <common/standard.h>
18
19#include <types/global.h>
20
21#include <proto/acl.h>
22#include <proto/fcgi-app.h>
23#include <proto/filters.h>
24#include <proto/http_fetch.h>
25#include <proto/http_htx.h>
26#include <proto/log.h>
27#include <proto/proxy.h>
28#include <proto/sample.h>
29#include <proto/server.h>
30#include <proto/session.h>
31
32/* Global list of all FCGI applications */
33static struct fcgi_app *fcgi_apps = NULL;
34
35struct flt_ops fcgi_flt_ops;
36const char *fcgi_flt_id = "FCGI filter";
37
38DECLARE_STATIC_POOL(pool_head_fcgi_flt_ctx, "fcgi_flt_ctx", sizeof(struct fcgi_flt_ctx));
39DECLARE_STATIC_POOL(pool_head_fcgi_param_rule, "fcgi_param_rule", sizeof(struct fcgi_param_rule));
40DECLARE_STATIC_POOL(pool_head_fcgi_hdr_rule, "fcgi_hdr_rule", sizeof(struct fcgi_hdr_rule));
41
42/**************************************************************************/
43/***************************** Uitls **************************************/
44/**************************************************************************/
45/* Makes a fcgi parameter name (prefixed by ':fcgi-') with <name> (in
46 * lowercase). All non alphanumeric character are replaced by an underscore
47 * ('_'). The result is copied into <dst>. the corrsponding ist is returned.
48 */
49static struct ist fcgi_param_name(char *dst, const struct ist name)
50{
51 size_t ofs1, ofs2;
52
53 memcpy(dst, ":fcgi-", 6);
54 ofs1 = 6;
55 for (ofs2 = 0; ofs2 < name.len; ofs2++) {
Willy Tarreau90807112020-02-25 08:16:33 +0100[diff] [blame]56 if (isalnum((unsigned char)name.ptr[ofs2]))
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]57 dst[ofs1++] = ist_lc[(unsigned char)name.ptr[ofs2]];
58 else
59 dst[ofs1++] = '_';
60 }
61 return ist2(dst, ofs1);
62}
63
64/* Returns a pointer to the FCGi applicatrion mathing the name <name>. NULL is
65 * returned if no match found.
66 */
67struct fcgi_app *fcgi_app_find_by_name(const char *name)
68{
69 struct fcgi_app *app;
70
71 for (app = fcgi_apps; app != NULL; app = app->next) {
72 if (!strcmp(app->name, name))
73 return app;
74 }
75
76 return NULL;
77}
78
79struct fcgi_flt_conf *find_px_fcgi_conf(struct proxy *px)
80{
81 struct flt_conf *fconf;
82
83 list_for_each_entry(fconf, &px->filter_configs, list) {
84 if (fconf->id == fcgi_flt_id)
85 return fconf->conf;
86 }
87 return NULL;
88}
89
90struct fcgi_flt_ctx *find_strm_fcgi_ctx(struct stream *s)
91{
92 struct filter *filter;
93
94 if (!s)
95 return NULL;
96
97 list_for_each_entry(filter, &strm_flt(s)->filters, list) {
98 if (FLT_ID(filter) == fcgi_flt_id)
99 return FLT_CONF(filter);
100 }
101 return NULL;
102}
103
104struct fcgi_app *get_px_fcgi_app(struct proxy *px)
105{
106 struct fcgi_flt_conf *fcgi_conf = find_px_fcgi_conf(px);
107
108 if (fcgi_conf)
109 return fcgi_conf->app;
110 return NULL;
111}
112
113struct fcgi_app *get_strm_fcgi_app(struct stream *s)
114{
115 struct fcgi_flt_ctx *fcgi_ctx = find_strm_fcgi_ctx(s);
116
117 if (fcgi_ctx)
118 return fcgi_ctx->app;
119 return NULL;
120}
121
122static void fcgi_release_rule_conf(struct fcgi_rule_conf *rule)
123{
124 if (!rule)
125 return;
126 free(rule->name);
127 free(rule->value);
128 if (rule->cond) {
129 prune_acl_cond(rule->cond);
130 free(rule->cond);
131 }
132 free(rule);
133}
134
135static void fcgi_release_rule(struct fcgi_rule *rule)
136{
137 if (!rule)
138 return;
139
140 if (!LIST_ISEMPTY(&rule->value)) {
141 struct logformat_node *lf, *lfb;
142
143 list_for_each_entry_safe(lf, lfb, &rule->value, list) {
144 LIST_DEL(&lf->list);
145 release_sample_expr(lf->expr);
146 free(lf->arg);
147 free(lf);
148 }
149 }
150 /* ->cond and ->name are not owned by the rule */
151 free(rule);
152}
153
154/**************************************************************************/
155/*********************** FCGI Sample fetches ******************************/
156/**************************************************************************/
157
158static int smp_fetch_fcgi_docroot(const struct arg *args, struct sample *smp,
159 const char *kw, void *private)
160{
161 struct fcgi_app *app = get_strm_fcgi_app(smp->strm);
162
163 if (!app)
164 return 0;
165
166 smp->data.type = SMP_T_STR;
167 smp->data.u.str.area = app->docroot.ptr;
168 smp->data.u.str.data = app->docroot.len;
169 smp->flags = SMP_F_CONST;
170 return 1;
171}
172
173static int smp_fetch_fcgi_index(const struct arg *args, struct sample *smp,
174 const char *kw, void *private)
175{
176 struct fcgi_app *app = get_strm_fcgi_app(smp->strm);
177
178 if (!app || !istlen(app->index))
179 return 0;
180
181 smp->data.type = SMP_T_STR;
182 smp->data.u.str.area = app->index.ptr;
183 smp->data.u.str.data = app->index.len;
184 smp->flags = SMP_F_CONST;
185 return 1;
186}
187
188/**************************************************************************/
189/************************** FCGI filter ***********************************/
190/**************************************************************************/
191static int fcgi_flt_init(struct proxy *px, struct flt_conf *fconf)
192{
193 fconf->flags |= FLT_CFG_FL_HTX;
194 return 0;
195}
196
197static void fcgi_flt_deinit(struct proxy *px, struct flt_conf *fconf)
198{
199 struct fcgi_flt_conf *fcgi_conf = fconf->conf;
200 struct fcgi_rule *rule, *back;
201
202 if (!fcgi_conf)
203 return;
204
205 free(fcgi_conf->name);
206
207 list_for_each_entry_safe(rule, back, &fcgi_conf->param_rules, list) {
208 LIST_DEL(&rule->list);
209 fcgi_release_rule(rule);
210 }
211
212 list_for_each_entry_safe(rule, back, &fcgi_conf->hdr_rules, list) {
213 LIST_DEL(&rule->list);
214 fcgi_release_rule(rule);
215 }
216
217 free(fcgi_conf);
218}
219
220static int fcgi_flt_check(struct proxy *px, struct flt_conf *fconf)
221{
222 struct fcgi_flt_conf *fcgi_conf = fconf->conf;
223 struct fcgi_rule_conf *crule, *back;
224 struct fcgi_rule *rule = NULL;
225 struct flt_conf *f;
226 char *errmsg = NULL;
227
228 fcgi_conf->app = fcgi_app_find_by_name(fcgi_conf->name);
229 if (!fcgi_conf->app) {
230 ha_alert("config : proxy '%s' : fcgi-app '%s' not found.\n",
231 px->id, fcgi_conf->name);
232 goto err;
233 }
234
235 list_for_each_entry(f, &px->filter_configs, list) {
236 if (f->id == http_comp_flt_id || f->id == cache_store_flt_id)
237 continue;
238 else if ((f->id == fconf->id) && f->conf != fcgi_conf) {
239 ha_alert("config : proxy '%s' : only one fcgi-app supported per backend.\n",
240 px->id);
241 goto err;
242 }
243 else if (f->id != fconf->id) {
244 /* Implicit declaration is only allowed with the
245 * compression and cache. For other filters, an implicit
246 * declaration is required. */
247 ha_alert("config: proxy '%s': require an explicit filter declaration "
248 "to use the fcgi-app '%s'.\n", px->id, fcgi_conf->name);
249 goto err;
250 }
251 }
252
253 list_for_each_entry_safe(crule, back, &fcgi_conf->app->conf.rules, list) {
254 rule = calloc(1, sizeof(*rule));
255 if (!rule) {
256 ha_alert("config : proxy '%s' : out of memory.\n", px->id);
257 goto err;
258 }
259 rule->type = crule->type;
260 rule->name = ist(crule->name);
261 rule->cond = crule->cond;
262 LIST_INIT(&rule->value);
263
264 if (crule->value) {
265 if (!parse_logformat_string(crule->value, px, &rule->value, LOG_OPT_HTTP,
266 SMP_VAL_BE_HRQ_HDR, &errmsg)) {
267 ha_alert("config : proxy '%s' : %s.\n", px->id, errmsg);
268 goto err;
269 }
270 }
271
272 if (rule->type == FCGI_RULE_SET_PARAM || rule->type == FCGI_RULE_UNSET_PARAM)
273 LIST_ADDQ(&fcgi_conf->param_rules, &rule->list);
274 else /* FCGI_RULE_PASS_HDR/FCGI_RULE_HIDE_HDR */
275 LIST_ADDQ(&fcgi_conf->hdr_rules, &rule->list);
276 rule = NULL;
277 }
278 return 0;
279
280 err:
281 free(errmsg);
282 free(rule);
283 return 1;
284}
285
286static int fcgi_flt_start(struct stream *s, struct filter *filter)
287{
288 struct fcgi_flt_conf *fcgi_conf = FLT_CONF(filter);
289 struct fcgi_flt_ctx *fcgi_ctx;
290
291 fcgi_ctx = pool_alloc_dirty(pool_head_fcgi_flt_ctx);
292 if (fcgi_ctx == NULL) {
293 // FIXME: send a warning
294 return 0;
295 }
296 fcgi_ctx->filter = filter;
297 fcgi_ctx->app = fcgi_conf->app;
298 filter->ctx = fcgi_ctx;
299
300 s->req.analysers |= AN_REQ_HTTP_BODY;
301 return 1;
302}
303
304static void fcgi_flt_stop(struct stream *s, struct filter *filter)
305{
306 struct flt_fcgi_ctx *fcgi_ctx = filter->ctx;
307
308 if (!fcgi_ctx)
309 return;
310 pool_free(pool_head_fcgi_flt_ctx, fcgi_ctx);
311 filter->ctx = NULL;
312}
313
314static int fcgi_flt_http_headers(struct stream *s, struct filter *filter, struct http_msg *msg)
315{
316 struct session *sess = strm_sess(s);
317 struct buffer *value;
318 struct fcgi_flt_conf *fcgi_conf = FLT_CONF(filter);
319 struct fcgi_rule *rule;
320 struct fcgi_param_rule *param_rule;
321 struct fcgi_hdr_rule *hdr_rule;
322 struct ebpt_node *node, *next;
323 struct eb_root param_rules = EB_ROOT;
324 struct eb_root hdr_rules = EB_ROOT;
325 struct htx *htx;
326 struct http_hdr_ctx ctx;
327 int ret;
328
329 htx = htxbuf(&msg->chn->buf);
330
331 if (msg->chn->flags & CF_ISRESP) {
332 struct htx_sl *sl;
333
334 /* Remove the header "Status:" from the response */
335 ctx.blk = NULL;
336 while (http_find_header(htx, ist("status"), &ctx, 1))
337 http_remove_header(htx, &ctx);
338
339 /* Add the header "Date:" if not found */
340 ctx.blk = NULL;
341 if (!http_find_header(htx, ist("date"), &ctx, 1)) {
342 struct tm tm;
343
344 get_gmtime(date.tv_sec, &tm);
345 trash.data = strftime(trash.area, trash.size, "%a, %d %b %Y %T %Z", &tm);
346 if (trash.data)
347 http_add_header(htx, ist("date"), ist2(trash.area, trash.data));
348 }
349
350 /* Add the header "Content-Length:" if possible */
351 sl = http_get_stline(htx);
352 if (sl &&
353 (sl->flags & (HTX_SL_F_XFER_LEN|HTX_SL_F_CLEN|HTX_SL_F_CHNK)) == HTX_SL_F_XFER_LEN &&
354 htx_get_tail_type(htx) == HTX_BLK_EOM) {
355 struct htx_blk * blk;
356 char *end;
357 size_t len = 0;
358
359 for (blk = htx_get_first_blk(htx); blk; blk = htx_get_next_blk(htx, blk)) {
360 enum htx_blk_type type = htx_get_blk_type(blk);
361
362 if (type == HTX_BLK_EOM)
363 break;
364 if (type == HTX_BLK_DATA)
365 len += htx_get_blksz(blk);
366 }
367 end = ultoa_o(len, trash.area, trash.size);
368 if (http_add_header(htx, ist("content-length"), ist2(trash.area, end-trash.area)))
369 sl->flags |= HTX_SL_F_CLEN;
370 }
371
372 return 1;
373 }
374
375 /* Analyze the request's headers */
376
377 value = alloc_trash_chunk();
378 if (!value)
379 goto end;
380
381 list_for_each_entry(rule, &fcgi_conf->param_rules, list) {
382 if (rule->cond) {
383 ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
384 ret = acl_pass(ret);
385 if (rule->cond->pol == ACL_COND_UNLESS)
386 ret = !ret;
387
388 /* the rule does not match */
389 if (!ret)
390 continue;
391 }
392
393 param_rule = NULL;
394 node = ebis_lookup_len(&param_rules, rule->name.ptr, rule->name.len);
395 if (node) {
396 param_rule = container_of(node, struct fcgi_param_rule, node);
397 ebpt_delete(node);
398 }
399 else {
400 param_rule = pool_alloc_dirty(pool_head_fcgi_param_rule);
401 if (param_rule == NULL)
402 goto param_rule_err;
403 }
404
405 param_rule->node.key = rule->name.ptr;
406 param_rule->name = rule->name;
407 param_rule->value = &rule->value;
408 ebis_insert(&param_rules, &param_rule->node);
409 }
410
411 list_for_each_entry(rule, &fcgi_conf->hdr_rules, list) {
412 if (rule->cond) {
413 ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
414 ret = acl_pass(ret);
415 if (rule->cond->pol == ACL_COND_UNLESS)
416 ret = !ret;
417
418 /* the rule does not match */
419 if (!ret)
420 continue;
421 }
422
423 hdr_rule = NULL;
424 node = ebis_lookup_len(&hdr_rules, rule->name.ptr, rule->name.len);
425 if (node) {
426 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
427 ebpt_delete(node);
428 }
429 else {
430 hdr_rule = pool_alloc_dirty(pool_head_fcgi_hdr_rule);
431 if (hdr_rule == NULL)
432 goto hdr_rule_err;
433 }
434
435 hdr_rule->node.key = rule->name.ptr;
436 hdr_rule->name = rule->name;
437 hdr_rule->pass = (rule->type == FCGI_RULE_PASS_HDR);
438 ebis_insert(&hdr_rules, &hdr_rule->node);
439 }
440
441 node = ebpt_first(&param_rules);
442 while (node) {
443 next = ebpt_next(node);
444 ebpt_delete(node);
445 param_rule = container_of(node, struct fcgi_param_rule, node);
446 node = next;
447
448 b_reset(value);
449 value->data = build_logline(s, value->area, value->size, param_rule->value);
450 if (!value->data)
451 continue;
452 if (!http_add_header(htx, param_rule->name, ist2(value->area, value->data)))
453 goto rewrite_err;
454 pool_free(pool_head_fcgi_param_rule, param_rule);
455 }
456
457 node = ebpt_first(&hdr_rules);
458 while (node) {
459 next = ebpt_next(node);
460 ebpt_delete(node);
461 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
462 node = next;
463
464 if (!hdr_rule->pass) {
465 ctx.blk = NULL;
466 while (http_find_header(htx, hdr_rule->name, &ctx, 1))
467 http_remove_header(htx, &ctx);
468 }
469 pool_free(pool_head_fcgi_hdr_rule, hdr_rule);
470 }
471
472 goto end;
473
474 rewrite_err:
475 _HA_ATOMIC_ADD(&sess->fe->fe_counters.failed_rewrites, 1);
Christopher Fauletcff0f732019-12-16 16:13:44 +0100[diff] [blame]476 _HA_ATOMIC_ADD(&s->be->be_counters.failed_rewrites, 1);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]477 if (sess->listener->counters)
478 _HA_ATOMIC_ADD(&sess->listener->counters->failed_rewrites, 1);
Christopher Fauletcff0f732019-12-16 16:13:44 +0100[diff] [blame]479 if (objt_server(s->target))
480 _HA_ATOMIC_ADD(&__objt_server(s->target)->counters.failed_rewrites, 1);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]481 hdr_rule_err:
482 node = ebpt_first(&hdr_rules);
483 while (node) {
484 next = ebpt_next(node);
485 ebpt_delete(node);
486 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
487 node = next;
488 pool_free(pool_head_fcgi_hdr_rule, hdr_rule);
489 }
490 param_rule_err:
491 node = ebpt_first(&param_rules);
492 while (node) {
493 next = ebpt_next(node);
494 ebpt_delete(node);
495 param_rule = container_of(node, struct fcgi_param_rule, node);
496 node = next;
497 pool_free(pool_head_fcgi_param_rule, param_rule);
498 }
499 end:
500 free_trash_chunk(value);
501 return 1;
502}
503
504struct flt_ops fcgi_flt_ops = {
505 .init = fcgi_flt_init,
506 .check = fcgi_flt_check,
507 .deinit = fcgi_flt_deinit,
508
509 .attach = fcgi_flt_start,
510 .detach = fcgi_flt_stop,
511
512 .http_headers = fcgi_flt_http_headers,
513};
514
515/**************************************************************************/
516/*********************** FCGI Config parsing ******************************/
517/**************************************************************************/
518static int
519parse_fcgi_flt(char **args, int *cur_arg, struct proxy *px,
520 struct flt_conf *fconf, char **err, void *private)
521{
522 struct flt_conf *f, *back;
523 struct fcgi_flt_conf *fcgi_conf = NULL;
524 char *name = NULL;
525 int pos = *cur_arg;
526
527 /* Get the fcgi-app name*/
Christopher Faulet0ce57b02019-09-18 11:18:33 +0200[diff] [blame]528 if (!*args[pos + 1]) {
529 memprintf(err, "%s : expects a <name> argument", args[pos]);
530 goto err;
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]531 }
Christopher Faulet0ce57b02019-09-18 11:18:33 +0200[diff] [blame]532 name = strdup(args[pos + 1]);
533 if (!name) {
534 memprintf(err, "%s '%s' : out of memory", args[pos], args[pos + 1]);
535 goto err;
536 }
537 pos += 2;
538
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]539 /* Check if an fcgi-app filter with the same name already exists */
540 list_for_each_entry_safe(f, back, &px->filter_configs, list) {
541 if (f->id != fcgi_flt_id)
542 continue;
543 fcgi_conf = f->conf;
544 if (strcmp(name, fcgi_conf->name)) {
545 fcgi_conf = NULL;
546 continue;
547 }
548
549 /* Place the filter at its right position */
550 LIST_DEL(&f->list);
551 free(f);
552 free(name);
553 name = NULL;
554 break;
555 }
556
557 /* No other fcgi-app filter found, create configuration for the explicit one */
558 if (!fcgi_conf) {
559 fcgi_conf = calloc(1, sizeof(*fcgi_conf));
560 if (!fcgi_conf) {
561 memprintf(err, "%s: out of memory", args[*cur_arg]);
562 goto err;
563 }
564 fcgi_conf->name = name;
565 LIST_INIT(&fcgi_conf->param_rules);
566 LIST_INIT(&fcgi_conf->hdr_rules);
567 }
568
569 fconf->id = fcgi_flt_id;
570 fconf->conf = fcgi_conf;
571 fconf->ops = &fcgi_flt_ops;
572
573 *cur_arg = pos;
574 return 0;
575 err:
576 free(name);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]577 return -1;
578}
579
580/* Parses the "use-fcgi-app" proxy keyword */
581static int proxy_parse_use_fcgi_app(char **args, int section, struct proxy *curpx,
582 struct proxy *defpx, const char *file, int line,
583 char **err)
584{
585 struct flt_conf *fconf = NULL;
586 struct fcgi_flt_conf *fcgi_conf = NULL;
587 int retval = 0;
588
589 if (!(curpx->cap & PR_CAP_BE)) {
590 memprintf(err, "'%s' only available in backend or listen section", args[0]);
591 retval = -1;
592 goto end;
593 }
594
595 if (!*(args[1])) {
596 memprintf(err, "'%s' expects <name> as argument", args[0]);
597 retval = -1;
598 goto end;
599 }
600
601 /* check if a fcgi filter was already registered with this name,
602 * if that's the case, must use it. */
603 list_for_each_entry(fconf, &curpx->filter_configs, list) {
604 if (fconf->id == fcgi_flt_id) {
605 fcgi_conf = fconf->conf;
606 if (fcgi_conf && !strcmp((char *)fcgi_conf->name, args[1]))
607 goto end;
608 memprintf(err, "'%s' : only one fcgi-app supported per backend", args[0]);
609 retval = -1;
610 goto end;
611 }
612 }
613
614 /* Create the FCGI filter config */
615 fcgi_conf = calloc(1, sizeof(*fcgi_conf));
616 if (!fcgi_conf)
617 goto err;
618 fcgi_conf->name = strdup(args[1]);
619 LIST_INIT(&fcgi_conf->param_rules);
620 LIST_INIT(&fcgi_conf->hdr_rules);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]621
622 /* Register the filter */
623 fconf = calloc(1, sizeof(*fconf));
624 if (!fconf)
625 goto err;
626 fconf->id = fcgi_flt_id;
627 fconf->conf = fcgi_conf;
628 fconf->ops = &fcgi_flt_ops;
629 LIST_ADDQ(&curpx->filter_configs, &fconf->list);
630
631 end:
632 return retval;
633 err:
634 if (fcgi_conf) {
635 free(fcgi_conf->name);
636 free(fcgi_conf);
637 }
638 memprintf(err, "out of memory");
639 retval = -1;
640 goto end;
641}
642
643/* Finishes the parsing of FCGI application of proxies and servers */
644static int cfg_fcgi_apps_postparser()
645{
646 struct fcgi_app *curapp;
647 struct proxy *px;
648 struct server *srv;
649 int err_code = 0;
650
651 for (px = proxies_list; px; px = px->next) {
652 struct fcgi_flt_conf *fcgi_conf = find_px_fcgi_conf(px);
653 int nb_fcgi_srv = 0;
654
655 if (px->mode == PR_MODE_TCP && fcgi_conf) {
656 ha_alert("config : proxy '%s': FCGI application cannot be used in non-HTTP mode.\n",
657 px->id);
658 err_code |= ERR_ALERT | ERR_FATAL;
659 goto end;
660 }
661
662 for (srv = px->srv; srv; srv = srv->next) {
663 if (srv->mux_proto && isteq(srv->mux_proto->token, ist("fcgi"))) {
664 nb_fcgi_srv++;
665 if (fcgi_conf)
666 continue;
667 ha_alert("config : proxy '%s': FCGI server '%s' has no FCGI app configured.\n",
668 px->id, srv->id);
669 err_code |= ERR_ALERT | ERR_FATAL;
670 goto end;
671 }
672 }
673 if (fcgi_conf && !nb_fcgi_srv) {
674 ha_alert("config : proxy '%s': FCGI app configured but no FCGI server found.\n",
675 px->id);
676 err_code |= ERR_ALERT | ERR_FATAL;
677 goto end;
678 }
679 }
680
681 for (curapp = fcgi_apps; curapp != NULL; curapp = curapp->next) {
682 if (!istlen(curapp->docroot)) {
683 ha_alert("config : fcgi-app '%s': no docroot configured.\n",
684 curapp->name);
685 err_code |= ERR_ALERT | ERR_FATAL;
686 goto end;
687 }
688 if (!(curapp->flags & (FCGI_APP_FL_MPXS_CONNS|FCGI_APP_FL_GET_VALUES))) {
689 if (curapp->maxreqs > 1) {
690 ha_warning("config : fcgi-app '%s': multiplexing not supported, "
691 "ignore the option 'max-reqs'.\n",
692 curapp->name);
693 err_code |= ERR_WARN;
694 }
695 curapp->maxreqs = 1;
696 }
697 }
698
699 end:
700 return err_code;
701}
702
703static int fcgi_app_add_rule(struct fcgi_app *curapp, enum fcgi_rule_type type, char *name, char *value,
704 struct acl_cond *cond, char **err)
705{
706 struct fcgi_rule_conf *rule;
707
708 /* Param not found, add a new one */
709 rule = calloc(1, sizeof(*rule));
710 if (!rule)
711 goto err;
712 LIST_INIT(&rule->list);
713 rule->type = type;
714 if (type == FCGI_RULE_SET_PARAM || type == FCGI_RULE_UNSET_PARAM) {
715 struct ist fname = fcgi_param_name(trash.area, ist(name));
716 rule->name = my_strndup(fname.ptr, fname.len);
717 }
Christopher Fauletbc96c902019-12-02 10:33:31 +0100[diff] [blame]718 else { /* FCGI_RULE_PASS_HDR/FCGI_RULE_HIDE_HDR */
719 struct ist fname = ist2bin_lc(trash.area, ist(name));
720 rule->name = my_strndup(fname.ptr, fname.len);
721 }
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]722 if (!rule->name)
723 goto err;
724
725 if (value) {
726 rule->value = strdup(value);
727 if (!rule->value)
728 goto err;
729 }
730 rule->cond = cond;
731 LIST_ADDQ(&curapp->conf.rules, &rule->list);
732 return 1;
733
734 err:
735 if (rule) {
736 free(rule->name);
737 free(rule->value);
738 free(rule);
739 }
740 if (cond) {
741 prune_acl_cond(cond);
742 free(cond);
743 }
744 memprintf(err, "out of memory");
745 return 0;
746}
747
748/* Parses "fcgi-app" section */
749static int cfg_parse_fcgi_app(const char *file, int linenum, char **args, int kwm)
750{
751 static struct fcgi_app *curapp = NULL;
752 struct acl_cond *cond = NULL;
753 char *name, *value = NULL;
754 enum fcgi_rule_type type;
755 int err_code = 0;
756 const char *err;
757 char *errmsg = NULL;
758
759 if (!strcmp(args[0], "fcgi-app")) { /* new fcgi-app */
760 if (!*(args[1])) {
761 ha_alert("parsing [%s:%d]: '%s' expects <name> as argument.\n",
762 file, linenum, args[0]);
763 err_code |= ERR_ALERT | ERR_FATAL;
764 goto out;
765 }
766 if (alertif_too_many_args(1, file, linenum, args, &err_code))
767 goto out;
768
769 err = invalid_char(args[1]);
770 if (err) {
771 ha_alert("parsing [%s:%d]: character '%c' is not permitted in '%s' name '%s'.\n",
772 file, linenum, *err, args[0], args[1]);
773 err_code |= ERR_ALERT | ERR_FATAL;
774 goto out;
775 }
776
777 for (curapp = fcgi_apps; curapp != NULL; curapp = curapp->next) {
778 if (!strcmp(curapp->name, args[1])) {
779 ha_alert("Parsing [%s:%d]: fcgi-app section '%s' has the same name as another one declared at %s:%d.\n",
780 file, linenum, args[1], curapp->conf.file, curapp->conf.line);
781 err_code |= ERR_ALERT | ERR_FATAL;
782 }
783 }
784
785 curapp = calloc(1, sizeof(*curapp));
786 if (!curapp) {
787 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
788 err_code |= ERR_ALERT | ERR_ABORT;
789 goto out;
790 }
791
792 curapp->next = fcgi_apps;
793 fcgi_apps = curapp;
794 curapp->flags = FCGI_APP_FL_KEEP_CONN;
795 curapp->docroot = ist(NULL);
796 curapp->index = ist(NULL);
797 curapp->pathinfo_re = NULL;
798 curapp->name = strdup(args[1]);
799 curapp->maxreqs = 1;
800 curapp->conf.file = strdup(file);
801 curapp->conf.line = linenum;
802 LIST_INIT(&curapp->acls);
803 LIST_INIT(&curapp->logsrvs);
804 LIST_INIT(&curapp->conf.args.list);
805 LIST_INIT(&curapp->conf.rules);
806
807 /* Set info about authentication */
808 if (!fcgi_app_add_rule(curapp, FCGI_RULE_SET_PARAM, "REMOTE_USER", "%[http_auth_user]", NULL, &errmsg) ||
809 !fcgi_app_add_rule(curapp, FCGI_RULE_SET_PARAM, "AUTH_TYPE", "%[http_auth_type]", NULL, &errmsg)) {
810 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
811 args[1], errmsg);
812 err_code |= ERR_ALERT | ERR_FATAL;
813 }
814
815 /* Hide hop-by-hop headers by default */
816 if (!fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "connection", NULL, NULL, &errmsg) ||
817 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "keep-alive", NULL, NULL, &errmsg) ||
818 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "authorization", NULL, NULL, &errmsg) ||
819 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy", NULL, NULL, &errmsg) ||
820 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy-authorization", NULL, NULL, &errmsg) ||
821 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy-authenticate", NULL, NULL, &errmsg) ||
822 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "te", NULL, NULL, &errmsg) ||
823 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "trailers", NULL, NULL, &errmsg) ||
824 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "transfer-encoding", NULL, NULL, &errmsg) ||
825 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "upgrade", NULL, NULL, &errmsg)) {
826 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
827 args[1], errmsg);
828 err_code |= ERR_ALERT | ERR_FATAL;
829 }
830 }
831 else if (!strcmp(args[0], "docroot")) {
832 if (!*(args[1])) {
833 ha_alert("parsing [%s:%d] : '%s' expects <path> as argument.\n",
834 file, linenum, args[0]);
835 err_code |= ERR_ALERT | ERR_FATAL;
836 goto out;
837 }
838 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
839 goto out;
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]840 istfree(&curapp->docroot);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]841 curapp->docroot = ist2(strdup(args[1]), strlen(args[1]));
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]842 if (!isttest(curapp->docroot)) {
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]843 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
844 err_code |= ERR_ALERT | ERR_ABORT;
845 }
846 }
847 else if (!strcmp(args[0], "path-info")) {
848 if (!*(args[1])) {
849 ha_alert("parsing [%s:%d] : '%s' expects <regex> as argument.\n",
850 file, linenum, args[0]);
851 err_code |= ERR_ALERT | ERR_FATAL;
852 goto out;
853 }
854 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
855 goto out;
856 regex_free(curapp->pathinfo_re);
857 curapp->pathinfo_re = regex_comp(args[1], 1, 1, &errmsg);
858 if (!curapp->pathinfo_re) {
859 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
860 args[1], errmsg);
861 err_code |= ERR_ALERT | ERR_FATAL;
862 }
863 }
864 else if (!strcmp(args[0], "index")) {
865 if (!*(args[1])) {
866 ha_alert("parsing [%s:%d] : '%s' expects <filename> as argument.\n",
867 file, linenum, args[0]);
868 err_code |= ERR_ALERT | ERR_FATAL;
869 goto out;
870 }
871 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
872 goto out;
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]873 istfree(&curapp->index);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]874 curapp->index = ist2(strdup(args[1]), strlen(args[1]));
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]875 if (!isttest(curapp->index)) {
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]876 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
877 err_code |= ERR_ALERT | ERR_ABORT;
878 }
879 }
880 else if (!strcmp(args[0], "acl")) {
881 const char *err;
882 err = invalid_char(args[1]);
883 if (err) {
884 ha_alert("parsing [%s:%d] : character '%c' is not permitted in acl name '%s'.\n",
885 file, linenum, *err, args[1]);
886 err_code |= ERR_ALERT | ERR_FATAL;
Tim Duesterhus0cf811a2020-02-05 21:00:50 +0100[diff] [blame]887 goto out;
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]888 }
Tim Duesterhus0cf811a2020-02-05 21:00:50 +0100[diff] [blame]889 if (strcasecmp(args[1], "or") == 0) {
Tim Duesterhusf1bc24c2020-02-06 22:04:03 +0100[diff] [blame]890 ha_alert("parsing [%s:%d] : acl name '%s' will never match. 'or' is used to express a "
Tim Duesterhus0cf811a2020-02-05 21:00:50 +0100[diff] [blame]891 "logical disjunction within a condition.\n",
892 file, linenum, args[1]);
893 err_code |= ERR_ALERT | ERR_FATAL;
894 goto out;
895 }
896 if (parse_acl((const char **)args+1, &curapp->acls, &errmsg, &curapp->conf.args, file, linenum) == NULL) {
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]897 ha_alert("parsing [%s:%d] : error detected while parsing ACL '%s' : %s.\n",
898 file, linenum, args[1], errmsg);
899 err_code |= ERR_ALERT | ERR_FATAL;
Tim Duesterhus0cf811a2020-02-05 21:00:50 +0100[diff] [blame]900 goto out;
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]901 }
902 }
903 else if (!strcmp(args[0], "set-param")) {
904 if (!*(args[1]) || !*(args[2])) {
905 ha_alert("parsing [%s:%d] : '%s' expects <name> and <value> as arguments.\n",
906 file, linenum, args[0]);
907 err_code |= ERR_ALERT | ERR_FATAL;
908 goto out;
909 }
910 type = FCGI_RULE_SET_PARAM;
911 name = args[1];
912 value = args[2];
913 cond = NULL;
914 args += 3;
915
916 parse_cond_rule:
917 if (!*(args[0])) /* No condition */
918 goto add_rule;
919
920 if (strcmp(args[0], "if") == 0)
921 cond = parse_acl_cond((const char **)args+1, &curapp->acls, ACL_COND_IF, &errmsg, &curapp->conf.args,
922 file, linenum);
923 else if (strcmp(args[0], "unless") == 0)
924 cond = parse_acl_cond((const char **)args+1, &curapp->acls, ACL_COND_UNLESS, &errmsg, &curapp->conf.args,
925 file, linenum);
926 if (!cond) {
927 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
928 name, errmsg);
929 err_code |= ERR_ALERT | ERR_FATAL;
930 }
931 add_rule:
932 if (!fcgi_app_add_rule(curapp, type, name, value, cond, &errmsg)) {
933 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
934 name, errmsg);
935 err_code |= ERR_ALERT | ERR_FATAL;
936 }
937 }
938#if 0 /* Disabled for now */
939 else if (!strcmp(args[0], "unset-param")) {
940 if (!*(args[1])) {
941 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
942 file, linenum, args[0]);
943 err_code |= ERR_ALERT | ERR_FATAL;
944 goto out;
945 }
946 type = FCGI_RULE_UNSET_PARAM;
947 name = args[1];
948 value = NULL;
949 cond = NULL;
950 args += 2;
951 goto parse_cond_rule;
952 }
953#endif
954 else if (!strcmp(args[0], "pass-header")) {
955 if (!*(args[1])) {
956 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
957 file, linenum, args[0]);
958 err_code |= ERR_ALERT | ERR_FATAL;
959 goto out;
960 }
961 type = FCGI_RULE_PASS_HDR;
962 name = args[1];
963 value = NULL;
964 cond = NULL;
965 args += 2;
966 goto parse_cond_rule;
967 }
968#if 0 /* Disabled for now */
969 else if (!strcmp(args[0], "hide-header")) {
970 if (!*(args[1])) {
971 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
972 file, linenum, args[0]);
973 err_code |= ERR_ALERT | ERR_FATAL;
974 goto out;
975 }
976 type = FCGI_RULE_HIDE_HDR;
977 name = args[1];
978 value = NULL;
979 cond = NULL;
980 args += 2;
981 goto parse_cond_rule;
982 }
983#endif
984 else if (!strcmp(args[0], "option")) {
985 if (!*(args[1])) {
986 ha_alert("parsing [%s:%d]: '%s' expects an option name.\n",
987 file, linenum, args[0]);
988 err_code |= ERR_ALERT | ERR_FATAL;
989 }
990 else if (!strcmp(args[1], "keep-conn")) {
991 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
992 goto out;
993 if (kwm == KWM_STD)
994 curapp->flags |= FCGI_APP_FL_KEEP_CONN;
995 else if (kwm == KWM_NO)
996 curapp->flags &= ~FCGI_APP_FL_KEEP_CONN;
997 }
998 else if (!strcmp(args[1], "get-values")) {
999 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
1000 goto out;
1001 if (kwm == KWM_STD)
1002 curapp->flags |= FCGI_APP_FL_GET_VALUES;
1003 else if (kwm == KWM_NO)
1004 curapp->flags &= ~FCGI_APP_FL_GET_VALUES;
1005 }
1006 else if (!strcmp(args[1], "mpxs-conns")) {
1007 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
1008 goto out;
1009 if (kwm == KWM_STD)
1010 curapp->flags |= FCGI_APP_FL_MPXS_CONNS;
1011 else if (kwm == KWM_NO)
1012 curapp->flags &= ~FCGI_APP_FL_MPXS_CONNS;
1013 }
1014 else if (!strcmp(args[1], "max-reqs")) {
1015 if (kwm != KWM_STD) {
1016 ha_alert("parsing [%s:%d]: negation/default is not supported for option '%s'.\n",
1017 file, linenum, args[1]);
1018 err_code |= ERR_ALERT | ERR_FATAL;
1019 goto out;
1020 }
1021 if (!*(args[2])) {
1022 ha_alert("parsing [%s:%d]: option '%s' expects an integer argument.\n",
1023 file, linenum, args[1]);
1024 err_code |= ERR_ALERT | ERR_FATAL;
1025 goto out;
1026 }
1027 if (alertif_too_many_args_idx(1, 1, file, linenum, args, &err_code))
1028 goto out;
1029
1030 curapp->maxreqs = atol(args[2]);
1031 if (!curapp->maxreqs) {
1032 ha_alert("parsing [%s:%d]: option '%s' expects a strictly positive integer argument.\n",
1033 file, linenum, args[1]);
1034 err_code |= ERR_ALERT | ERR_FATAL;
1035 goto out;
1036 }
1037 }
1038 else {
1039 ha_alert("parsing [%s:%d] : unknown option '%s'.\n", file, linenum, args[1]);
1040 err_code |= ERR_ALERT | ERR_FATAL;
1041 }
1042 }
1043 else if (!strcmp(args[0], "log-stderr")) {
1044 if (!parse_logsrv(args, &curapp->logsrvs, (kwm == KWM_NO), &errmsg)) {
1045 ha_alert("parsing [%s:%d] : %s : %s\n", file, linenum, args[0], errmsg);
1046 err_code |= ERR_ALERT | ERR_FATAL;
1047 }
1048 }
1049 else {
1050 ha_alert("parsing [%s:%d]: unknown keyword '%s' in '%s' section\n", file, linenum, args[0], "fcgi-app");
1051 err_code |= ERR_ALERT | ERR_FATAL;
1052 }
1053
1054out:
1055 free(errmsg);
1056 return err_code;
1057}
1058
1059
1060/**************************************************************************/
1061/*********************** FCGI Deinit functions ****************************/
1062/**************************************************************************/
1063void fcgi_apps_deinit()
1064{
1065 struct fcgi_app *curapp, *nextapp;
1066 struct logsrv *log, *logb;
1067
1068 for (curapp = fcgi_apps; curapp != NULL; curapp = nextapp) {
1069 struct fcgi_rule_conf *rule, *back;
1070
1071 free(curapp->name);
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]1072 istfree(&curapp->docroot);
1073 istfree(&curapp->index);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]1074 regex_free(curapp->pathinfo_re);
1075 free(curapp->conf.file);
1076
1077 list_for_each_entry_safe(log, logb, &curapp->logsrvs, list) {
1078 LIST_DEL(&log->list);
1079 free(log);
1080 }
1081
1082 list_for_each_entry_safe(rule, back, &curapp->conf.rules, list) {
1083 LIST_DEL(&rule->list);
1084 fcgi_release_rule_conf(rule);
1085 }
1086
1087 nextapp = curapp->next;
1088 free(curapp);
1089 }
1090}
1091
1092
1093/**************************************************************************/
1094/*************** Keywords definition and registration *********************/
1095/**************************************************************************/
1096static struct cfg_kw_list cfg_kws = {ILH, {
1097 { CFG_LISTEN, "use-fcgi-app", proxy_parse_use_fcgi_app },
1098 { 0, NULL, NULL },
1099}};
1100
1101// FIXME: Add rep.fcgi smp_fetch
1102static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
1103 { "fcgi.docroot", smp_fetch_fcgi_docroot, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
Willy Tarreaufc41e252019-09-27 22:45:17 +0200[diff] [blame]1104 { "fcgi.index", smp_fetch_fcgi_index, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
1105 { /* END */ }
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]1106}};
1107
1108/* Declare the filter parser for "fcgi-app" keyword */
1109static struct flt_kw_list filter_kws = { "FCGI", { }, {
1110 { "fcgi-app", parse_fcgi_flt, NULL },
1111 { NULL, NULL, NULL },
1112 }
1113};
1114
1115INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
1116INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
1117INITCALL1(STG_REGISTER, flt_register_keywords, &filter_kws);
1118
1119INITCALL1(STG_REGISTER, hap_register_post_deinit, fcgi_apps_deinit);
1120
1121REGISTER_CONFIG_SECTION("fcgi-app", cfg_parse_fcgi_app, NULL);
1122REGISTER_CONFIG_POSTPARSER("fcgi-apps", cfg_fcgi_apps_postparser);
1123
1124/*
1125 * Local variables:
1126 * c-indent-level: 8
1127 * c-basic-offset: 8
1128 * End:
1129 */