Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / bc96c90614b5de59bd8c9d58913111157ed079e7 / . / src / fcgi-app.c
blob: 2e01cdbeb6878634846a241ff9c2fdca65374d20 [file] [log] [blame]
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]1/*
2 * Functions about FCGI applications and filters.
3 *
4 * Copyright (C) 2019 HAProxy Technologies, Christopher Faulet <cfaulet@haproxy.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13#include <common/config.h>
14#include <common/chunk.h>
15#include <common/cfgparse.h>
16#include <common/errors.h>
17#include <common/initcall.h>
18#include <common/standard.h>
19
20#include <types/global.h>
21
22#include <proto/acl.h>
23#include <proto/fcgi-app.h>
24#include <proto/filters.h>
25#include <proto/http_fetch.h>
26#include <proto/http_htx.h>
27#include <proto/log.h>
28#include <proto/proxy.h>
29#include <proto/sample.h>
30#include <proto/server.h>
31#include <proto/session.h>
32
33/* Global list of all FCGI applications */
34static struct fcgi_app *fcgi_apps = NULL;
35
36struct flt_ops fcgi_flt_ops;
37const char *fcgi_flt_id = "FCGI filter";
38
39DECLARE_STATIC_POOL(pool_head_fcgi_flt_ctx, "fcgi_flt_ctx", sizeof(struct fcgi_flt_ctx));
40DECLARE_STATIC_POOL(pool_head_fcgi_param_rule, "fcgi_param_rule", sizeof(struct fcgi_param_rule));
41DECLARE_STATIC_POOL(pool_head_fcgi_hdr_rule, "fcgi_hdr_rule", sizeof(struct fcgi_hdr_rule));
42
43/**************************************************************************/
44/***************************** Uitls **************************************/
45/**************************************************************************/
46/* Makes a fcgi parameter name (prefixed by ':fcgi-') with <name> (in
47 * lowercase). All non alphanumeric character are replaced by an underscore
48 * ('_'). The result is copied into <dst>. the corrsponding ist is returned.
49 */
50static struct ist fcgi_param_name(char *dst, const struct ist name)
51{
52 size_t ofs1, ofs2;
53
54 memcpy(dst, ":fcgi-", 6);
55 ofs1 = 6;
56 for (ofs2 = 0; ofs2 < name.len; ofs2++) {
57 if (isalnum((int)name.ptr[ofs2]))
58 dst[ofs1++] = ist_lc[(unsigned char)name.ptr[ofs2]];
59 else
60 dst[ofs1++] = '_';
61 }
62 return ist2(dst, ofs1);
63}
64
65/* Returns a pointer to the FCGi applicatrion mathing the name <name>. NULL is
66 * returned if no match found.
67 */
68struct fcgi_app *fcgi_app_find_by_name(const char *name)
69{
70 struct fcgi_app *app;
71
72 for (app = fcgi_apps; app != NULL; app = app->next) {
73 if (!strcmp(app->name, name))
74 return app;
75 }
76
77 return NULL;
78}
79
80struct fcgi_flt_conf *find_px_fcgi_conf(struct proxy *px)
81{
82 struct flt_conf *fconf;
83
84 list_for_each_entry(fconf, &px->filter_configs, list) {
85 if (fconf->id == fcgi_flt_id)
86 return fconf->conf;
87 }
88 return NULL;
89}
90
91struct fcgi_flt_ctx *find_strm_fcgi_ctx(struct stream *s)
92{
93 struct filter *filter;
94
95 if (!s)
96 return NULL;
97
98 list_for_each_entry(filter, &strm_flt(s)->filters, list) {
99 if (FLT_ID(filter) == fcgi_flt_id)
100 return FLT_CONF(filter);
101 }
102 return NULL;
103}
104
105struct fcgi_app *get_px_fcgi_app(struct proxy *px)
106{
107 struct fcgi_flt_conf *fcgi_conf = find_px_fcgi_conf(px);
108
109 if (fcgi_conf)
110 return fcgi_conf->app;
111 return NULL;
112}
113
114struct fcgi_app *get_strm_fcgi_app(struct stream *s)
115{
116 struct fcgi_flt_ctx *fcgi_ctx = find_strm_fcgi_ctx(s);
117
118 if (fcgi_ctx)
119 return fcgi_ctx->app;
120 return NULL;
121}
122
123static void fcgi_release_rule_conf(struct fcgi_rule_conf *rule)
124{
125 if (!rule)
126 return;
127 free(rule->name);
128 free(rule->value);
129 if (rule->cond) {
130 prune_acl_cond(rule->cond);
131 free(rule->cond);
132 }
133 free(rule);
134}
135
136static void fcgi_release_rule(struct fcgi_rule *rule)
137{
138 if (!rule)
139 return;
140
141 if (!LIST_ISEMPTY(&rule->value)) {
142 struct logformat_node *lf, *lfb;
143
144 list_for_each_entry_safe(lf, lfb, &rule->value, list) {
145 LIST_DEL(&lf->list);
146 release_sample_expr(lf->expr);
147 free(lf->arg);
148 free(lf);
149 }
150 }
151 /* ->cond and ->name are not owned by the rule */
152 free(rule);
153}
154
155/**************************************************************************/
156/*********************** FCGI Sample fetches ******************************/
157/**************************************************************************/
158
159static int smp_fetch_fcgi_docroot(const struct arg *args, struct sample *smp,
160 const char *kw, void *private)
161{
162 struct fcgi_app *app = get_strm_fcgi_app(smp->strm);
163
164 if (!app)
165 return 0;
166
167 smp->data.type = SMP_T_STR;
168 smp->data.u.str.area = app->docroot.ptr;
169 smp->data.u.str.data = app->docroot.len;
170 smp->flags = SMP_F_CONST;
171 return 1;
172}
173
174static int smp_fetch_fcgi_index(const struct arg *args, struct sample *smp,
175 const char *kw, void *private)
176{
177 struct fcgi_app *app = get_strm_fcgi_app(smp->strm);
178
179 if (!app || !istlen(app->index))
180 return 0;
181
182 smp->data.type = SMP_T_STR;
183 smp->data.u.str.area = app->index.ptr;
184 smp->data.u.str.data = app->index.len;
185 smp->flags = SMP_F_CONST;
186 return 1;
187}
188
189/**************************************************************************/
190/************************** FCGI filter ***********************************/
191/**************************************************************************/
192static int fcgi_flt_init(struct proxy *px, struct flt_conf *fconf)
193{
194 fconf->flags |= FLT_CFG_FL_HTX;
195 return 0;
196}
197
198static void fcgi_flt_deinit(struct proxy *px, struct flt_conf *fconf)
199{
200 struct fcgi_flt_conf *fcgi_conf = fconf->conf;
201 struct fcgi_rule *rule, *back;
202
203 if (!fcgi_conf)
204 return;
205
206 free(fcgi_conf->name);
207
208 list_for_each_entry_safe(rule, back, &fcgi_conf->param_rules, list) {
209 LIST_DEL(&rule->list);
210 fcgi_release_rule(rule);
211 }
212
213 list_for_each_entry_safe(rule, back, &fcgi_conf->hdr_rules, list) {
214 LIST_DEL(&rule->list);
215 fcgi_release_rule(rule);
216 }
217
218 free(fcgi_conf);
219}
220
221static int fcgi_flt_check(struct proxy *px, struct flt_conf *fconf)
222{
223 struct fcgi_flt_conf *fcgi_conf = fconf->conf;
224 struct fcgi_rule_conf *crule, *back;
225 struct fcgi_rule *rule = NULL;
226 struct flt_conf *f;
227 char *errmsg = NULL;
228
229 fcgi_conf->app = fcgi_app_find_by_name(fcgi_conf->name);
230 if (!fcgi_conf->app) {
231 ha_alert("config : proxy '%s' : fcgi-app '%s' not found.\n",
232 px->id, fcgi_conf->name);
233 goto err;
234 }
235
236 list_for_each_entry(f, &px->filter_configs, list) {
237 if (f->id == http_comp_flt_id || f->id == cache_store_flt_id)
238 continue;
239 else if ((f->id == fconf->id) && f->conf != fcgi_conf) {
240 ha_alert("config : proxy '%s' : only one fcgi-app supported per backend.\n",
241 px->id);
242 goto err;
243 }
244 else if (f->id != fconf->id) {
245 /* Implicit declaration is only allowed with the
246 * compression and cache. For other filters, an implicit
247 * declaration is required. */
248 ha_alert("config: proxy '%s': require an explicit filter declaration "
249 "to use the fcgi-app '%s'.\n", px->id, fcgi_conf->name);
250 goto err;
251 }
252 }
253
254 list_for_each_entry_safe(crule, back, &fcgi_conf->app->conf.rules, list) {
255 rule = calloc(1, sizeof(*rule));
256 if (!rule) {
257 ha_alert("config : proxy '%s' : out of memory.\n", px->id);
258 goto err;
259 }
260 rule->type = crule->type;
261 rule->name = ist(crule->name);
262 rule->cond = crule->cond;
263 LIST_INIT(&rule->value);
264
265 if (crule->value) {
266 if (!parse_logformat_string(crule->value, px, &rule->value, LOG_OPT_HTTP,
267 SMP_VAL_BE_HRQ_HDR, &errmsg)) {
268 ha_alert("config : proxy '%s' : %s.\n", px->id, errmsg);
269 goto err;
270 }
271 }
272
273 if (rule->type == FCGI_RULE_SET_PARAM || rule->type == FCGI_RULE_UNSET_PARAM)
274 LIST_ADDQ(&fcgi_conf->param_rules, &rule->list);
275 else /* FCGI_RULE_PASS_HDR/FCGI_RULE_HIDE_HDR */
276 LIST_ADDQ(&fcgi_conf->hdr_rules, &rule->list);
277 rule = NULL;
278 }
279 return 0;
280
281 err:
282 free(errmsg);
283 free(rule);
284 return 1;
285}
286
287static int fcgi_flt_start(struct stream *s, struct filter *filter)
288{
289 struct fcgi_flt_conf *fcgi_conf = FLT_CONF(filter);
290 struct fcgi_flt_ctx *fcgi_ctx;
291
292 fcgi_ctx = pool_alloc_dirty(pool_head_fcgi_flt_ctx);
293 if (fcgi_ctx == NULL) {
294 // FIXME: send a warning
295 return 0;
296 }
297 fcgi_ctx->filter = filter;
298 fcgi_ctx->app = fcgi_conf->app;
299 filter->ctx = fcgi_ctx;
300
301 s->req.analysers |= AN_REQ_HTTP_BODY;
302 return 1;
303}
304
305static void fcgi_flt_stop(struct stream *s, struct filter *filter)
306{
307 struct flt_fcgi_ctx *fcgi_ctx = filter->ctx;
308
309 if (!fcgi_ctx)
310 return;
311 pool_free(pool_head_fcgi_flt_ctx, fcgi_ctx);
312 filter->ctx = NULL;
313}
314
315static int fcgi_flt_http_headers(struct stream *s, struct filter *filter, struct http_msg *msg)
316{
317 struct session *sess = strm_sess(s);
318 struct buffer *value;
319 struct fcgi_flt_conf *fcgi_conf = FLT_CONF(filter);
320 struct fcgi_rule *rule;
321 struct fcgi_param_rule *param_rule;
322 struct fcgi_hdr_rule *hdr_rule;
323 struct ebpt_node *node, *next;
324 struct eb_root param_rules = EB_ROOT;
325 struct eb_root hdr_rules = EB_ROOT;
326 struct htx *htx;
327 struct http_hdr_ctx ctx;
328 int ret;
329
330 htx = htxbuf(&msg->chn->buf);
331
332 if (msg->chn->flags & CF_ISRESP) {
333 struct htx_sl *sl;
334
335 /* Remove the header "Status:" from the response */
336 ctx.blk = NULL;
337 while (http_find_header(htx, ist("status"), &ctx, 1))
338 http_remove_header(htx, &ctx);
339
340 /* Add the header "Date:" if not found */
341 ctx.blk = NULL;
342 if (!http_find_header(htx, ist("date"), &ctx, 1)) {
343 struct tm tm;
344
345 get_gmtime(date.tv_sec, &tm);
346 trash.data = strftime(trash.area, trash.size, "%a, %d %b %Y %T %Z", &tm);
347 if (trash.data)
348 http_add_header(htx, ist("date"), ist2(trash.area, trash.data));
349 }
350
351 /* Add the header "Content-Length:" if possible */
352 sl = http_get_stline(htx);
353 if (sl &&
354 (sl->flags & (HTX_SL_F_XFER_LEN|HTX_SL_F_CLEN|HTX_SL_F_CHNK)) == HTX_SL_F_XFER_LEN &&
355 htx_get_tail_type(htx) == HTX_BLK_EOM) {
356 struct htx_blk * blk;
357 char *end;
358 size_t len = 0;
359
360 for (blk = htx_get_first_blk(htx); blk; blk = htx_get_next_blk(htx, blk)) {
361 enum htx_blk_type type = htx_get_blk_type(blk);
362
363 if (type == HTX_BLK_EOM)
364 break;
365 if (type == HTX_BLK_DATA)
366 len += htx_get_blksz(blk);
367 }
368 end = ultoa_o(len, trash.area, trash.size);
369 if (http_add_header(htx, ist("content-length"), ist2(trash.area, end-trash.area)))
370 sl->flags |= HTX_SL_F_CLEN;
371 }
372
373 return 1;
374 }
375
376 /* Analyze the request's headers */
377
378 value = alloc_trash_chunk();
379 if (!value)
380 goto end;
381
382 list_for_each_entry(rule, &fcgi_conf->param_rules, list) {
383 if (rule->cond) {
384 ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
385 ret = acl_pass(ret);
386 if (rule->cond->pol == ACL_COND_UNLESS)
387 ret = !ret;
388
389 /* the rule does not match */
390 if (!ret)
391 continue;
392 }
393
394 param_rule = NULL;
395 node = ebis_lookup_len(&param_rules, rule->name.ptr, rule->name.len);
396 if (node) {
397 param_rule = container_of(node, struct fcgi_param_rule, node);
398 ebpt_delete(node);
399 }
400 else {
401 param_rule = pool_alloc_dirty(pool_head_fcgi_param_rule);
402 if (param_rule == NULL)
403 goto param_rule_err;
404 }
405
406 param_rule->node.key = rule->name.ptr;
407 param_rule->name = rule->name;
408 param_rule->value = &rule->value;
409 ebis_insert(&param_rules, &param_rule->node);
410 }
411
412 list_for_each_entry(rule, &fcgi_conf->hdr_rules, list) {
413 if (rule->cond) {
414 ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
415 ret = acl_pass(ret);
416 if (rule->cond->pol == ACL_COND_UNLESS)
417 ret = !ret;
418
419 /* the rule does not match */
420 if (!ret)
421 continue;
422 }
423
424 hdr_rule = NULL;
425 node = ebis_lookup_len(&hdr_rules, rule->name.ptr, rule->name.len);
426 if (node) {
427 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
428 ebpt_delete(node);
429 }
430 else {
431 hdr_rule = pool_alloc_dirty(pool_head_fcgi_hdr_rule);
432 if (hdr_rule == NULL)
433 goto hdr_rule_err;
434 }
435
436 hdr_rule->node.key = rule->name.ptr;
437 hdr_rule->name = rule->name;
438 hdr_rule->pass = (rule->type == FCGI_RULE_PASS_HDR);
439 ebis_insert(&hdr_rules, &hdr_rule->node);
440 }
441
442 node = ebpt_first(&param_rules);
443 while (node) {
444 next = ebpt_next(node);
445 ebpt_delete(node);
446 param_rule = container_of(node, struct fcgi_param_rule, node);
447 node = next;
448
449 b_reset(value);
450 value->data = build_logline(s, value->area, value->size, param_rule->value);
451 if (!value->data)
452 continue;
453 if (!http_add_header(htx, param_rule->name, ist2(value->area, value->data)))
454 goto rewrite_err;
455 pool_free(pool_head_fcgi_param_rule, param_rule);
456 }
457
458 node = ebpt_first(&hdr_rules);
459 while (node) {
460 next = ebpt_next(node);
461 ebpt_delete(node);
462 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
463 node = next;
464
465 if (!hdr_rule->pass) {
466 ctx.blk = NULL;
467 while (http_find_header(htx, hdr_rule->name, &ctx, 1))
468 http_remove_header(htx, &ctx);
469 }
470 pool_free(pool_head_fcgi_hdr_rule, hdr_rule);
471 }
472
473 goto end;
474
475 rewrite_err:
476 _HA_ATOMIC_ADD(&sess->fe->fe_counters.failed_rewrites, 1);
477 if (sess->fe != s->be)
478 _HA_ATOMIC_ADD(&s->be->be_counters.failed_rewrites, 1);
479 if (sess->listener->counters)
480 _HA_ATOMIC_ADD(&sess->listener->counters->failed_rewrites, 1);
481 hdr_rule_err:
482 node = ebpt_first(&hdr_rules);
483 while (node) {
484 next = ebpt_next(node);
485 ebpt_delete(node);
486 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
487 node = next;
488 pool_free(pool_head_fcgi_hdr_rule, hdr_rule);
489 }
490 param_rule_err:
491 node = ebpt_first(&param_rules);
492 while (node) {
493 next = ebpt_next(node);
494 ebpt_delete(node);
495 param_rule = container_of(node, struct fcgi_param_rule, node);
496 node = next;
497 pool_free(pool_head_fcgi_param_rule, param_rule);
498 }
499 end:
500 free_trash_chunk(value);
501 return 1;
502}
503
504struct flt_ops fcgi_flt_ops = {
505 .init = fcgi_flt_init,
506 .check = fcgi_flt_check,
507 .deinit = fcgi_flt_deinit,
508
509 .attach = fcgi_flt_start,
510 .detach = fcgi_flt_stop,
511
512 .http_headers = fcgi_flt_http_headers,
513};
514
515/**************************************************************************/
516/*********************** FCGI Config parsing ******************************/
517/**************************************************************************/
518static int
519parse_fcgi_flt(char **args, int *cur_arg, struct proxy *px,
520 struct flt_conf *fconf, char **err, void *private)
521{
522 struct flt_conf *f, *back;
523 struct fcgi_flt_conf *fcgi_conf = NULL;
524 char *name = NULL;
525 int pos = *cur_arg;
526
527 /* Get the fcgi-app name*/
Christopher Faulet0ce57b02019-09-18 11:18:33 +0200[diff] [blame]528 if (!*args[pos + 1]) {
529 memprintf(err, "%s : expects a <name> argument", args[pos]);
530 goto err;
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]531 }
Christopher Faulet0ce57b02019-09-18 11:18:33 +0200[diff] [blame]532 name = strdup(args[pos + 1]);
533 if (!name) {
534 memprintf(err, "%s '%s' : out of memory", args[pos], args[pos + 1]);
535 goto err;
536 }
537 pos += 2;
538
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]539 /* Check if an fcgi-app filter with the same name already exists */
540 list_for_each_entry_safe(f, back, &px->filter_configs, list) {
541 if (f->id != fcgi_flt_id)
542 continue;
543 fcgi_conf = f->conf;
544 if (strcmp(name, fcgi_conf->name)) {
545 fcgi_conf = NULL;
546 continue;
547 }
548
549 /* Place the filter at its right position */
550 LIST_DEL(&f->list);
551 free(f);
552 free(name);
553 name = NULL;
554 break;
555 }
556
557 /* No other fcgi-app filter found, create configuration for the explicit one */
558 if (!fcgi_conf) {
559 fcgi_conf = calloc(1, sizeof(*fcgi_conf));
560 if (!fcgi_conf) {
561 memprintf(err, "%s: out of memory", args[*cur_arg]);
562 goto err;
563 }
564 fcgi_conf->name = name;
565 LIST_INIT(&fcgi_conf->param_rules);
566 LIST_INIT(&fcgi_conf->hdr_rules);
567 }
568
569 fconf->id = fcgi_flt_id;
570 fconf->conf = fcgi_conf;
571 fconf->ops = &fcgi_flt_ops;
572
573 *cur_arg = pos;
574 return 0;
575 err:
576 free(name);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]577 return -1;
578}
579
580/* Parses the "use-fcgi-app" proxy keyword */
581static int proxy_parse_use_fcgi_app(char **args, int section, struct proxy *curpx,
582 struct proxy *defpx, const char *file, int line,
583 char **err)
584{
585 struct flt_conf *fconf = NULL;
586 struct fcgi_flt_conf *fcgi_conf = NULL;
587 int retval = 0;
588
589 if (!(curpx->cap & PR_CAP_BE)) {
590 memprintf(err, "'%s' only available in backend or listen section", args[0]);
591 retval = -1;
592 goto end;
593 }
594
595 if (!*(args[1])) {
596 memprintf(err, "'%s' expects <name> as argument", args[0]);
597 retval = -1;
598 goto end;
599 }
600
601 /* check if a fcgi filter was already registered with this name,
602 * if that's the case, must use it. */
603 list_for_each_entry(fconf, &curpx->filter_configs, list) {
604 if (fconf->id == fcgi_flt_id) {
605 fcgi_conf = fconf->conf;
606 if (fcgi_conf && !strcmp((char *)fcgi_conf->name, args[1]))
607 goto end;
608 memprintf(err, "'%s' : only one fcgi-app supported per backend", args[0]);
609 retval = -1;
610 goto end;
611 }
612 }
613
614 /* Create the FCGI filter config */
615 fcgi_conf = calloc(1, sizeof(*fcgi_conf));
616 if (!fcgi_conf)
617 goto err;
618 fcgi_conf->name = strdup(args[1]);
619 LIST_INIT(&fcgi_conf->param_rules);
620 LIST_INIT(&fcgi_conf->hdr_rules);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]621
622 /* Register the filter */
623 fconf = calloc(1, sizeof(*fconf));
624 if (!fconf)
625 goto err;
626 fconf->id = fcgi_flt_id;
627 fconf->conf = fcgi_conf;
628 fconf->ops = &fcgi_flt_ops;
629 LIST_ADDQ(&curpx->filter_configs, &fconf->list);
630
631 end:
632 return retval;
633 err:
634 if (fcgi_conf) {
635 free(fcgi_conf->name);
636 free(fcgi_conf);
637 }
638 memprintf(err, "out of memory");
639 retval = -1;
640 goto end;
641}
642
643/* Finishes the parsing of FCGI application of proxies and servers */
644static int cfg_fcgi_apps_postparser()
645{
646 struct fcgi_app *curapp;
647 struct proxy *px;
648 struct server *srv;
649 int err_code = 0;
650
651 for (px = proxies_list; px; px = px->next) {
652 struct fcgi_flt_conf *fcgi_conf = find_px_fcgi_conf(px);
653 int nb_fcgi_srv = 0;
654
655 if (px->mode == PR_MODE_TCP && fcgi_conf) {
656 ha_alert("config : proxy '%s': FCGI application cannot be used in non-HTTP mode.\n",
657 px->id);
658 err_code |= ERR_ALERT | ERR_FATAL;
659 goto end;
660 }
661
662 for (srv = px->srv; srv; srv = srv->next) {
663 if (srv->mux_proto && isteq(srv->mux_proto->token, ist("fcgi"))) {
664 nb_fcgi_srv++;
665 if (fcgi_conf)
666 continue;
667 ha_alert("config : proxy '%s': FCGI server '%s' has no FCGI app configured.\n",
668 px->id, srv->id);
669 err_code |= ERR_ALERT | ERR_FATAL;
670 goto end;
671 }
672 }
673 if (fcgi_conf && !nb_fcgi_srv) {
674 ha_alert("config : proxy '%s': FCGI app configured but no FCGI server found.\n",
675 px->id);
676 err_code |= ERR_ALERT | ERR_FATAL;
677 goto end;
678 }
679 }
680
681 for (curapp = fcgi_apps; curapp != NULL; curapp = curapp->next) {
682 if (!istlen(curapp->docroot)) {
683 ha_alert("config : fcgi-app '%s': no docroot configured.\n",
684 curapp->name);
685 err_code |= ERR_ALERT | ERR_FATAL;
686 goto end;
687 }
688 if (!(curapp->flags & (FCGI_APP_FL_MPXS_CONNS|FCGI_APP_FL_GET_VALUES))) {
689 if (curapp->maxreqs > 1) {
690 ha_warning("config : fcgi-app '%s': multiplexing not supported, "
691 "ignore the option 'max-reqs'.\n",
692 curapp->name);
693 err_code |= ERR_WARN;
694 }
695 curapp->maxreqs = 1;
696 }
697 }
698
699 end:
700 return err_code;
701}
702
703static int fcgi_app_add_rule(struct fcgi_app *curapp, enum fcgi_rule_type type, char *name, char *value,
704 struct acl_cond *cond, char **err)
705{
706 struct fcgi_rule_conf *rule;
707
708 /* Param not found, add a new one */
709 rule = calloc(1, sizeof(*rule));
710 if (!rule)
711 goto err;
712 LIST_INIT(&rule->list);
713 rule->type = type;
714 if (type == FCGI_RULE_SET_PARAM || type == FCGI_RULE_UNSET_PARAM) {
715 struct ist fname = fcgi_param_name(trash.area, ist(name));
716 rule->name = my_strndup(fname.ptr, fname.len);
717 }
Christopher Fauletbc96c902019-12-02 10:33:31 +0100[diff] [blame^]718 else { /* FCGI_RULE_PASS_HDR/FCGI_RULE_HIDE_HDR */
719 struct ist fname = ist2bin_lc(trash.area, ist(name));
720 rule->name = my_strndup(fname.ptr, fname.len);
721 }
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]722 if (!rule->name)
723 goto err;
724
725 if (value) {
726 rule->value = strdup(value);
727 if (!rule->value)
728 goto err;
729 }
730 rule->cond = cond;
731 LIST_ADDQ(&curapp->conf.rules, &rule->list);
732 return 1;
733
734 err:
735 if (rule) {
736 free(rule->name);
737 free(rule->value);
738 free(rule);
739 }
740 if (cond) {
741 prune_acl_cond(cond);
742 free(cond);
743 }
744 memprintf(err, "out of memory");
745 return 0;
746}
747
748/* Parses "fcgi-app" section */
749static int cfg_parse_fcgi_app(const char *file, int linenum, char **args, int kwm)
750{
751 static struct fcgi_app *curapp = NULL;
752 struct acl_cond *cond = NULL;
753 char *name, *value = NULL;
754 enum fcgi_rule_type type;
755 int err_code = 0;
756 const char *err;
757 char *errmsg = NULL;
758
759 if (!strcmp(args[0], "fcgi-app")) { /* new fcgi-app */
760 if (!*(args[1])) {
761 ha_alert("parsing [%s:%d]: '%s' expects <name> as argument.\n",
762 file, linenum, args[0]);
763 err_code |= ERR_ALERT | ERR_FATAL;
764 goto out;
765 }
766 if (alertif_too_many_args(1, file, linenum, args, &err_code))
767 goto out;
768
769 err = invalid_char(args[1]);
770 if (err) {
771 ha_alert("parsing [%s:%d]: character '%c' is not permitted in '%s' name '%s'.\n",
772 file, linenum, *err, args[0], args[1]);
773 err_code |= ERR_ALERT | ERR_FATAL;
774 goto out;
775 }
776
777 for (curapp = fcgi_apps; curapp != NULL; curapp = curapp->next) {
778 if (!strcmp(curapp->name, args[1])) {
779 ha_alert("Parsing [%s:%d]: fcgi-app section '%s' has the same name as another one declared at %s:%d.\n",
780 file, linenum, args[1], curapp->conf.file, curapp->conf.line);
781 err_code |= ERR_ALERT | ERR_FATAL;
782 }
783 }
784
785 curapp = calloc(1, sizeof(*curapp));
786 if (!curapp) {
787 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
788 err_code |= ERR_ALERT | ERR_ABORT;
789 goto out;
790 }
791
792 curapp->next = fcgi_apps;
793 fcgi_apps = curapp;
794 curapp->flags = FCGI_APP_FL_KEEP_CONN;
795 curapp->docroot = ist(NULL);
796 curapp->index = ist(NULL);
797 curapp->pathinfo_re = NULL;
798 curapp->name = strdup(args[1]);
799 curapp->maxreqs = 1;
800 curapp->conf.file = strdup(file);
801 curapp->conf.line = linenum;
802 LIST_INIT(&curapp->acls);
803 LIST_INIT(&curapp->logsrvs);
804 LIST_INIT(&curapp->conf.args.list);
805 LIST_INIT(&curapp->conf.rules);
806
807 /* Set info about authentication */
808 if (!fcgi_app_add_rule(curapp, FCGI_RULE_SET_PARAM, "REMOTE_USER", "%[http_auth_user]", NULL, &errmsg) ||
809 !fcgi_app_add_rule(curapp, FCGI_RULE_SET_PARAM, "AUTH_TYPE", "%[http_auth_type]", NULL, &errmsg)) {
810 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
811 args[1], errmsg);
812 err_code |= ERR_ALERT | ERR_FATAL;
813 }
814
815 /* Hide hop-by-hop headers by default */
816 if (!fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "connection", NULL, NULL, &errmsg) ||
817 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "keep-alive", NULL, NULL, &errmsg) ||
818 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "authorization", NULL, NULL, &errmsg) ||
819 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy", NULL, NULL, &errmsg) ||
820 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy-authorization", NULL, NULL, &errmsg) ||
821 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy-authenticate", NULL, NULL, &errmsg) ||
822 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "te", NULL, NULL, &errmsg) ||
823 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "trailers", NULL, NULL, &errmsg) ||
824 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "transfer-encoding", NULL, NULL, &errmsg) ||
825 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "upgrade", NULL, NULL, &errmsg)) {
826 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
827 args[1], errmsg);
828 err_code |= ERR_ALERT | ERR_FATAL;
829 }
830 }
831 else if (!strcmp(args[0], "docroot")) {
832 if (!*(args[1])) {
833 ha_alert("parsing [%s:%d] : '%s' expects <path> as argument.\n",
834 file, linenum, args[0]);
835 err_code |= ERR_ALERT | ERR_FATAL;
836 goto out;
837 }
838 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
839 goto out;
840 free(curapp->docroot.ptr);
841 curapp->docroot = ist2(strdup(args[1]), strlen(args[1]));
842 if (!curapp->docroot.ptr) {
843 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
844 err_code |= ERR_ALERT | ERR_ABORT;
845 }
846 }
847 else if (!strcmp(args[0], "path-info")) {
848 if (!*(args[1])) {
849 ha_alert("parsing [%s:%d] : '%s' expects <regex> as argument.\n",
850 file, linenum, args[0]);
851 err_code |= ERR_ALERT | ERR_FATAL;
852 goto out;
853 }
854 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
855 goto out;
856 regex_free(curapp->pathinfo_re);
857 curapp->pathinfo_re = regex_comp(args[1], 1, 1, &errmsg);
858 if (!curapp->pathinfo_re) {
859 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
860 args[1], errmsg);
861 err_code |= ERR_ALERT | ERR_FATAL;
862 }
863 }
864 else if (!strcmp(args[0], "index")) {
865 if (!*(args[1])) {
866 ha_alert("parsing [%s:%d] : '%s' expects <filename> as argument.\n",
867 file, linenum, args[0]);
868 err_code |= ERR_ALERT | ERR_FATAL;
869 goto out;
870 }
871 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
872 goto out;
873 free(curapp->index.ptr);
874 curapp->index = ist2(strdup(args[1]), strlen(args[1]));
875 if (!curapp->index.ptr) {
876 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
877 err_code |= ERR_ALERT | ERR_ABORT;
878 }
879 }
880 else if (!strcmp(args[0], "acl")) {
881 const char *err;
882 err = invalid_char(args[1]);
883 if (err) {
884 ha_alert("parsing [%s:%d] : character '%c' is not permitted in acl name '%s'.\n",
885 file, linenum, *err, args[1]);
886 err_code |= ERR_ALERT | ERR_FATAL;
887 }
888 else if (parse_acl((const char **)args+1, &curapp->acls, &errmsg, &curapp->conf.args, file, linenum) == NULL) {
889 ha_alert("parsing [%s:%d] : error detected while parsing ACL '%s' : %s.\n",
890 file, linenum, args[1], errmsg);
891 err_code |= ERR_ALERT | ERR_FATAL;
892 }
893 }
894 else if (!strcmp(args[0], "set-param")) {
895 if (!*(args[1]) || !*(args[2])) {
896 ha_alert("parsing [%s:%d] : '%s' expects <name> and <value> as arguments.\n",
897 file, linenum, args[0]);
898 err_code |= ERR_ALERT | ERR_FATAL;
899 goto out;
900 }
901 type = FCGI_RULE_SET_PARAM;
902 name = args[1];
903 value = args[2];
904 cond = NULL;
905 args += 3;
906
907 parse_cond_rule:
908 if (!*(args[0])) /* No condition */
909 goto add_rule;
910
911 if (strcmp(args[0], "if") == 0)
912 cond = parse_acl_cond((const char **)args+1, &curapp->acls, ACL_COND_IF, &errmsg, &curapp->conf.args,
913 file, linenum);
914 else if (strcmp(args[0], "unless") == 0)
915 cond = parse_acl_cond((const char **)args+1, &curapp->acls, ACL_COND_UNLESS, &errmsg, &curapp->conf.args,
916 file, linenum);
917 if (!cond) {
918 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
919 name, errmsg);
920 err_code |= ERR_ALERT | ERR_FATAL;
921 }
922 add_rule:
923 if (!fcgi_app_add_rule(curapp, type, name, value, cond, &errmsg)) {
924 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
925 name, errmsg);
926 err_code |= ERR_ALERT | ERR_FATAL;
927 }
928 }
929#if 0 /* Disabled for now */
930 else if (!strcmp(args[0], "unset-param")) {
931 if (!*(args[1])) {
932 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
933 file, linenum, args[0]);
934 err_code |= ERR_ALERT | ERR_FATAL;
935 goto out;
936 }
937 type = FCGI_RULE_UNSET_PARAM;
938 name = args[1];
939 value = NULL;
940 cond = NULL;
941 args += 2;
942 goto parse_cond_rule;
943 }
944#endif
945 else if (!strcmp(args[0], "pass-header")) {
946 if (!*(args[1])) {
947 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
948 file, linenum, args[0]);
949 err_code |= ERR_ALERT | ERR_FATAL;
950 goto out;
951 }
952 type = FCGI_RULE_PASS_HDR;
953 name = args[1];
954 value = NULL;
955 cond = NULL;
956 args += 2;
957 goto parse_cond_rule;
958 }
959#if 0 /* Disabled for now */
960 else if (!strcmp(args[0], "hide-header")) {
961 if (!*(args[1])) {
962 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
963 file, linenum, args[0]);
964 err_code |= ERR_ALERT | ERR_FATAL;
965 goto out;
966 }
967 type = FCGI_RULE_HIDE_HDR;
968 name = args[1];
969 value = NULL;
970 cond = NULL;
971 args += 2;
972 goto parse_cond_rule;
973 }
974#endif
975 else if (!strcmp(args[0], "option")) {
976 if (!*(args[1])) {
977 ha_alert("parsing [%s:%d]: '%s' expects an option name.\n",
978 file, linenum, args[0]);
979 err_code |= ERR_ALERT | ERR_FATAL;
980 }
981 else if (!strcmp(args[1], "keep-conn")) {
982 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
983 goto out;
984 if (kwm == KWM_STD)
985 curapp->flags |= FCGI_APP_FL_KEEP_CONN;
986 else if (kwm == KWM_NO)
987 curapp->flags &= ~FCGI_APP_FL_KEEP_CONN;
988 }
989 else if (!strcmp(args[1], "get-values")) {
990 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
991 goto out;
992 if (kwm == KWM_STD)
993 curapp->flags |= FCGI_APP_FL_GET_VALUES;
994 else if (kwm == KWM_NO)
995 curapp->flags &= ~FCGI_APP_FL_GET_VALUES;
996 }
997 else if (!strcmp(args[1], "mpxs-conns")) {
998 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
999 goto out;
1000 if (kwm == KWM_STD)
1001 curapp->flags |= FCGI_APP_FL_MPXS_CONNS;
1002 else if (kwm == KWM_NO)
1003 curapp->flags &= ~FCGI_APP_FL_MPXS_CONNS;
1004 }
1005 else if (!strcmp(args[1], "max-reqs")) {
1006 if (kwm != KWM_STD) {
1007 ha_alert("parsing [%s:%d]: negation/default is not supported for option '%s'.\n",
1008 file, linenum, args[1]);
1009 err_code |= ERR_ALERT | ERR_FATAL;
1010 goto out;
1011 }
1012 if (!*(args[2])) {
1013 ha_alert("parsing [%s:%d]: option '%s' expects an integer argument.\n",
1014 file, linenum, args[1]);
1015 err_code |= ERR_ALERT | ERR_FATAL;
1016 goto out;
1017 }
1018 if (alertif_too_many_args_idx(1, 1, file, linenum, args, &err_code))
1019 goto out;
1020
1021 curapp->maxreqs = atol(args[2]);
1022 if (!curapp->maxreqs) {
1023 ha_alert("parsing [%s:%d]: option '%s' expects a strictly positive integer argument.\n",
1024 file, linenum, args[1]);
1025 err_code |= ERR_ALERT | ERR_FATAL;
1026 goto out;
1027 }
1028 }
1029 else {
1030 ha_alert("parsing [%s:%d] : unknown option '%s'.\n", file, linenum, args[1]);
1031 err_code |= ERR_ALERT | ERR_FATAL;
1032 }
1033 }
1034 else if (!strcmp(args[0], "log-stderr")) {
1035 if (!parse_logsrv(args, &curapp->logsrvs, (kwm == KWM_NO), &errmsg)) {
1036 ha_alert("parsing [%s:%d] : %s : %s\n", file, linenum, args[0], errmsg);
1037 err_code |= ERR_ALERT | ERR_FATAL;
1038 }
1039 }
1040 else {
1041 ha_alert("parsing [%s:%d]: unknown keyword '%s' in '%s' section\n", file, linenum, args[0], "fcgi-app");
1042 err_code |= ERR_ALERT | ERR_FATAL;
1043 }
1044
1045out:
1046 free(errmsg);
1047 return err_code;
1048}
1049
1050
1051/**************************************************************************/
1052/*********************** FCGI Deinit functions ****************************/
1053/**************************************************************************/
1054void fcgi_apps_deinit()
1055{
1056 struct fcgi_app *curapp, *nextapp;
1057 struct logsrv *log, *logb;
1058
1059 for (curapp = fcgi_apps; curapp != NULL; curapp = nextapp) {
1060 struct fcgi_rule_conf *rule, *back;
1061
1062 free(curapp->name);
1063 free(curapp->docroot.ptr);
1064 free(curapp->index.ptr);
1065 regex_free(curapp->pathinfo_re);
1066 free(curapp->conf.file);
1067
1068 list_for_each_entry_safe(log, logb, &curapp->logsrvs, list) {
1069 LIST_DEL(&log->list);
1070 free(log);
1071 }
1072
1073 list_for_each_entry_safe(rule, back, &curapp->conf.rules, list) {
1074 LIST_DEL(&rule->list);
1075 fcgi_release_rule_conf(rule);
1076 }
1077
1078 nextapp = curapp->next;
1079 free(curapp);
1080 }
1081}
1082
1083
1084/**************************************************************************/
1085/*************** Keywords definition and registration *********************/
1086/**************************************************************************/
1087static struct cfg_kw_list cfg_kws = {ILH, {
1088 { CFG_LISTEN, "use-fcgi-app", proxy_parse_use_fcgi_app },
1089 { 0, NULL, NULL },
1090}};
1091
1092// FIXME: Add rep.fcgi smp_fetch
1093static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
1094 { "fcgi.docroot", smp_fetch_fcgi_docroot, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
Willy Tarreaufc41e252019-09-27 22:45:17 +0200[diff] [blame]1095 { "fcgi.index", smp_fetch_fcgi_index, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
1096 { /* END */ }
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]1097}};
1098
1099/* Declare the filter parser for "fcgi-app" keyword */
1100static struct flt_kw_list filter_kws = { "FCGI", { }, {
1101 { "fcgi-app", parse_fcgi_flt, NULL },
1102 { NULL, NULL, NULL },
1103 }
1104};
1105
1106INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
1107INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
1108INITCALL1(STG_REGISTER, flt_register_keywords, &filter_kws);
1109
1110INITCALL1(STG_REGISTER, hap_register_post_deinit, fcgi_apps_deinit);
1111
1112REGISTER_CONFIG_SECTION("fcgi-app", cfg_parse_fcgi_app, NULL);
1113REGISTER_CONFIG_POSTPARSER("fcgi-apps", cfg_fcgi_apps_postparser);
1114
1115/*
1116 * Local variables:
1117 * c-indent-level: 8
1118 * c-basic-offset: 8
1119 * End:
1120 */