Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / e6ce10be85293b4d0e54a6805d081f9e925eaf9e / . / src / fcgi-app.c
blob: 6d02e897aa02e16aa8182a0587ad87b85e25ff5e [file] [log] [blame]
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]1/*
2 * Functions about FCGI applications and filters.
3 *
4 * Copyright (C) 2019 HAProxy Technologies, Christopher Faulet <cfaulet@haproxy.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
Willy Tarreau4c7e4b72020-05-27 12:58:42 +0200[diff] [blame]13#include <haproxy/api.h>
Willy Tarreauc13ed532020-06-02 10:22:45 +0200[diff] [blame]14#include <haproxy/chunk.h>
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]15#include <common/cfgparse.h>
Willy Tarreau8d366972020-05-27 16:10:29 +0200[diff] [blame]16#include <haproxy/errors.h>
Willy Tarreau87735332020-06-04 09:08:41 +0200[diff] [blame]17#include <haproxy/http_htx.h>
Willy Tarreau7cd8b6e2020-06-02 17:32:26 +0200[diff] [blame]18#include <haproxy/regex.h>
Willy Tarreaue6ce10b2020-06-04 15:33:47 +0200[diff] [blame^]19#include <haproxy/sample.h>
Willy Tarreau48fbcae2020-06-03 18:09:46 +0200[diff] [blame]20#include <haproxy/tools.h>
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]21
22#include <types/global.h>
23
24#include <proto/acl.h>
25#include <proto/fcgi-app.h>
26#include <proto/filters.h>
27#include <proto/http_fetch.h>
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]28#include <proto/log.h>
29#include <proto/proxy.h>
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]30#include <proto/server.h>
31#include <proto/session.h>
32
33/* Global list of all FCGI applications */
34static struct fcgi_app *fcgi_apps = NULL;
35
36struct flt_ops fcgi_flt_ops;
37const char *fcgi_flt_id = "FCGI filter";
38
39DECLARE_STATIC_POOL(pool_head_fcgi_flt_ctx, "fcgi_flt_ctx", sizeof(struct fcgi_flt_ctx));
40DECLARE_STATIC_POOL(pool_head_fcgi_param_rule, "fcgi_param_rule", sizeof(struct fcgi_param_rule));
41DECLARE_STATIC_POOL(pool_head_fcgi_hdr_rule, "fcgi_hdr_rule", sizeof(struct fcgi_hdr_rule));
42
43/**************************************************************************/
44/***************************** Uitls **************************************/
45/**************************************************************************/
46/* Makes a fcgi parameter name (prefixed by ':fcgi-') with <name> (in
47 * lowercase). All non alphanumeric character are replaced by an underscore
48 * ('_'). The result is copied into <dst>. the corrsponding ist is returned.
49 */
50static struct ist fcgi_param_name(char *dst, const struct ist name)
51{
52 size_t ofs1, ofs2;
53
54 memcpy(dst, ":fcgi-", 6);
55 ofs1 = 6;
56 for (ofs2 = 0; ofs2 < name.len; ofs2++) {
Willy Tarreau90807112020-02-25 08:16:33 +0100[diff] [blame]57 if (isalnum((unsigned char)name.ptr[ofs2]))
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]58 dst[ofs1++] = ist_lc[(unsigned char)name.ptr[ofs2]];
59 else
60 dst[ofs1++] = '_';
61 }
62 return ist2(dst, ofs1);
63}
64
65/* Returns a pointer to the FCGi applicatrion mathing the name <name>. NULL is
66 * returned if no match found.
67 */
68struct fcgi_app *fcgi_app_find_by_name(const char *name)
69{
70 struct fcgi_app *app;
71
72 for (app = fcgi_apps; app != NULL; app = app->next) {
73 if (!strcmp(app->name, name))
74 return app;
75 }
76
77 return NULL;
78}
79
80struct fcgi_flt_conf *find_px_fcgi_conf(struct proxy *px)
81{
82 struct flt_conf *fconf;
83
84 list_for_each_entry(fconf, &px->filter_configs, list) {
85 if (fconf->id == fcgi_flt_id)
86 return fconf->conf;
87 }
88 return NULL;
89}
90
91struct fcgi_flt_ctx *find_strm_fcgi_ctx(struct stream *s)
92{
93 struct filter *filter;
94
95 if (!s)
96 return NULL;
97
98 list_for_each_entry(filter, &strm_flt(s)->filters, list) {
99 if (FLT_ID(filter) == fcgi_flt_id)
100 return FLT_CONF(filter);
101 }
102 return NULL;
103}
104
105struct fcgi_app *get_px_fcgi_app(struct proxy *px)
106{
107 struct fcgi_flt_conf *fcgi_conf = find_px_fcgi_conf(px);
108
109 if (fcgi_conf)
110 return fcgi_conf->app;
111 return NULL;
112}
113
114struct fcgi_app *get_strm_fcgi_app(struct stream *s)
115{
116 struct fcgi_flt_ctx *fcgi_ctx = find_strm_fcgi_ctx(s);
117
118 if (fcgi_ctx)
119 return fcgi_ctx->app;
120 return NULL;
121}
122
123static void fcgi_release_rule_conf(struct fcgi_rule_conf *rule)
124{
125 if (!rule)
126 return;
127 free(rule->name);
128 free(rule->value);
129 if (rule->cond) {
130 prune_acl_cond(rule->cond);
131 free(rule->cond);
132 }
133 free(rule);
134}
135
136static void fcgi_release_rule(struct fcgi_rule *rule)
137{
138 if (!rule)
139 return;
140
141 if (!LIST_ISEMPTY(&rule->value)) {
142 struct logformat_node *lf, *lfb;
143
144 list_for_each_entry_safe(lf, lfb, &rule->value, list) {
145 LIST_DEL(&lf->list);
146 release_sample_expr(lf->expr);
147 free(lf->arg);
148 free(lf);
149 }
150 }
151 /* ->cond and ->name are not owned by the rule */
152 free(rule);
153}
154
155/**************************************************************************/
156/*********************** FCGI Sample fetches ******************************/
157/**************************************************************************/
158
159static int smp_fetch_fcgi_docroot(const struct arg *args, struct sample *smp,
160 const char *kw, void *private)
161{
162 struct fcgi_app *app = get_strm_fcgi_app(smp->strm);
163
164 if (!app)
165 return 0;
166
167 smp->data.type = SMP_T_STR;
168 smp->data.u.str.area = app->docroot.ptr;
169 smp->data.u.str.data = app->docroot.len;
170 smp->flags = SMP_F_CONST;
171 return 1;
172}
173
174static int smp_fetch_fcgi_index(const struct arg *args, struct sample *smp,
175 const char *kw, void *private)
176{
177 struct fcgi_app *app = get_strm_fcgi_app(smp->strm);
178
179 if (!app || !istlen(app->index))
180 return 0;
181
182 smp->data.type = SMP_T_STR;
183 smp->data.u.str.area = app->index.ptr;
184 smp->data.u.str.data = app->index.len;
185 smp->flags = SMP_F_CONST;
186 return 1;
187}
188
189/**************************************************************************/
190/************************** FCGI filter ***********************************/
191/**************************************************************************/
192static int fcgi_flt_init(struct proxy *px, struct flt_conf *fconf)
193{
194 fconf->flags |= FLT_CFG_FL_HTX;
195 return 0;
196}
197
198static void fcgi_flt_deinit(struct proxy *px, struct flt_conf *fconf)
199{
200 struct fcgi_flt_conf *fcgi_conf = fconf->conf;
201 struct fcgi_rule *rule, *back;
202
203 if (!fcgi_conf)
204 return;
205
206 free(fcgi_conf->name);
207
208 list_for_each_entry_safe(rule, back, &fcgi_conf->param_rules, list) {
209 LIST_DEL(&rule->list);
210 fcgi_release_rule(rule);
211 }
212
213 list_for_each_entry_safe(rule, back, &fcgi_conf->hdr_rules, list) {
214 LIST_DEL(&rule->list);
215 fcgi_release_rule(rule);
216 }
217
218 free(fcgi_conf);
219}
220
221static int fcgi_flt_check(struct proxy *px, struct flt_conf *fconf)
222{
223 struct fcgi_flt_conf *fcgi_conf = fconf->conf;
224 struct fcgi_rule_conf *crule, *back;
225 struct fcgi_rule *rule = NULL;
226 struct flt_conf *f;
227 char *errmsg = NULL;
228
229 fcgi_conf->app = fcgi_app_find_by_name(fcgi_conf->name);
230 if (!fcgi_conf->app) {
231 ha_alert("config : proxy '%s' : fcgi-app '%s' not found.\n",
232 px->id, fcgi_conf->name);
233 goto err;
234 }
235
236 list_for_each_entry(f, &px->filter_configs, list) {
237 if (f->id == http_comp_flt_id || f->id == cache_store_flt_id)
238 continue;
239 else if ((f->id == fconf->id) && f->conf != fcgi_conf) {
240 ha_alert("config : proxy '%s' : only one fcgi-app supported per backend.\n",
241 px->id);
242 goto err;
243 }
244 else if (f->id != fconf->id) {
245 /* Implicit declaration is only allowed with the
246 * compression and cache. For other filters, an implicit
247 * declaration is required. */
248 ha_alert("config: proxy '%s': require an explicit filter declaration "
249 "to use the fcgi-app '%s'.\n", px->id, fcgi_conf->name);
250 goto err;
251 }
252 }
253
254 list_for_each_entry_safe(crule, back, &fcgi_conf->app->conf.rules, list) {
255 rule = calloc(1, sizeof(*rule));
256 if (!rule) {
257 ha_alert("config : proxy '%s' : out of memory.\n", px->id);
258 goto err;
259 }
260 rule->type = crule->type;
261 rule->name = ist(crule->name);
262 rule->cond = crule->cond;
263 LIST_INIT(&rule->value);
264
265 if (crule->value) {
266 if (!parse_logformat_string(crule->value, px, &rule->value, LOG_OPT_HTTP,
267 SMP_VAL_BE_HRQ_HDR, &errmsg)) {
268 ha_alert("config : proxy '%s' : %s.\n", px->id, errmsg);
269 goto err;
270 }
271 }
272
273 if (rule->type == FCGI_RULE_SET_PARAM || rule->type == FCGI_RULE_UNSET_PARAM)
274 LIST_ADDQ(&fcgi_conf->param_rules, &rule->list);
275 else /* FCGI_RULE_PASS_HDR/FCGI_RULE_HIDE_HDR */
276 LIST_ADDQ(&fcgi_conf->hdr_rules, &rule->list);
277 rule = NULL;
278 }
279 return 0;
280
281 err:
282 free(errmsg);
283 free(rule);
284 return 1;
285}
286
287static int fcgi_flt_start(struct stream *s, struct filter *filter)
288{
289 struct fcgi_flt_conf *fcgi_conf = FLT_CONF(filter);
290 struct fcgi_flt_ctx *fcgi_ctx;
291
292 fcgi_ctx = pool_alloc_dirty(pool_head_fcgi_flt_ctx);
293 if (fcgi_ctx == NULL) {
294 // FIXME: send a warning
295 return 0;
296 }
297 fcgi_ctx->filter = filter;
298 fcgi_ctx->app = fcgi_conf->app;
299 filter->ctx = fcgi_ctx;
300
301 s->req.analysers |= AN_REQ_HTTP_BODY;
302 return 1;
303}
304
305static void fcgi_flt_stop(struct stream *s, struct filter *filter)
306{
307 struct flt_fcgi_ctx *fcgi_ctx = filter->ctx;
308
309 if (!fcgi_ctx)
310 return;
311 pool_free(pool_head_fcgi_flt_ctx, fcgi_ctx);
312 filter->ctx = NULL;
313}
314
315static int fcgi_flt_http_headers(struct stream *s, struct filter *filter, struct http_msg *msg)
316{
317 struct session *sess = strm_sess(s);
318 struct buffer *value;
319 struct fcgi_flt_conf *fcgi_conf = FLT_CONF(filter);
320 struct fcgi_rule *rule;
321 struct fcgi_param_rule *param_rule;
322 struct fcgi_hdr_rule *hdr_rule;
323 struct ebpt_node *node, *next;
324 struct eb_root param_rules = EB_ROOT;
325 struct eb_root hdr_rules = EB_ROOT;
326 struct htx *htx;
327 struct http_hdr_ctx ctx;
328 int ret;
329
330 htx = htxbuf(&msg->chn->buf);
331
332 if (msg->chn->flags & CF_ISRESP) {
333 struct htx_sl *sl;
334
335 /* Remove the header "Status:" from the response */
336 ctx.blk = NULL;
337 while (http_find_header(htx, ist("status"), &ctx, 1))
338 http_remove_header(htx, &ctx);
339
340 /* Add the header "Date:" if not found */
341 ctx.blk = NULL;
342 if (!http_find_header(htx, ist("date"), &ctx, 1)) {
343 struct tm tm;
344
345 get_gmtime(date.tv_sec, &tm);
346 trash.data = strftime(trash.area, trash.size, "%a, %d %b %Y %T %Z", &tm);
347 if (trash.data)
348 http_add_header(htx, ist("date"), ist2(trash.area, trash.data));
349 }
350
351 /* Add the header "Content-Length:" if possible */
352 sl = http_get_stline(htx);
353 if (sl &&
354 (sl->flags & (HTX_SL_F_XFER_LEN|HTX_SL_F_CLEN|HTX_SL_F_CHNK)) == HTX_SL_F_XFER_LEN &&
355 htx_get_tail_type(htx) == HTX_BLK_EOM) {
356 struct htx_blk * blk;
357 char *end;
358 size_t len = 0;
359
360 for (blk = htx_get_first_blk(htx); blk; blk = htx_get_next_blk(htx, blk)) {
361 enum htx_blk_type type = htx_get_blk_type(blk);
362
363 if (type == HTX_BLK_EOM)
364 break;
365 if (type == HTX_BLK_DATA)
366 len += htx_get_blksz(blk);
367 }
368 end = ultoa_o(len, trash.area, trash.size);
369 if (http_add_header(htx, ist("content-length"), ist2(trash.area, end-trash.area)))
370 sl->flags |= HTX_SL_F_CLEN;
371 }
372
373 return 1;
374 }
375
376 /* Analyze the request's headers */
377
378 value = alloc_trash_chunk();
379 if (!value)
380 goto end;
381
382 list_for_each_entry(rule, &fcgi_conf->param_rules, list) {
383 if (rule->cond) {
384 ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
385 ret = acl_pass(ret);
386 if (rule->cond->pol == ACL_COND_UNLESS)
387 ret = !ret;
388
389 /* the rule does not match */
390 if (!ret)
391 continue;
392 }
393
394 param_rule = NULL;
395 node = ebis_lookup_len(&param_rules, rule->name.ptr, rule->name.len);
396 if (node) {
397 param_rule = container_of(node, struct fcgi_param_rule, node);
398 ebpt_delete(node);
399 }
400 else {
401 param_rule = pool_alloc_dirty(pool_head_fcgi_param_rule);
402 if (param_rule == NULL)
403 goto param_rule_err;
404 }
405
406 param_rule->node.key = rule->name.ptr;
407 param_rule->name = rule->name;
408 param_rule->value = &rule->value;
409 ebis_insert(&param_rules, &param_rule->node);
410 }
411
412 list_for_each_entry(rule, &fcgi_conf->hdr_rules, list) {
413 if (rule->cond) {
414 ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
415 ret = acl_pass(ret);
416 if (rule->cond->pol == ACL_COND_UNLESS)
417 ret = !ret;
418
419 /* the rule does not match */
420 if (!ret)
421 continue;
422 }
423
424 hdr_rule = NULL;
425 node = ebis_lookup_len(&hdr_rules, rule->name.ptr, rule->name.len);
426 if (node) {
427 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
428 ebpt_delete(node);
429 }
430 else {
431 hdr_rule = pool_alloc_dirty(pool_head_fcgi_hdr_rule);
432 if (hdr_rule == NULL)
433 goto hdr_rule_err;
434 }
435
436 hdr_rule->node.key = rule->name.ptr;
437 hdr_rule->name = rule->name;
438 hdr_rule->pass = (rule->type == FCGI_RULE_PASS_HDR);
439 ebis_insert(&hdr_rules, &hdr_rule->node);
440 }
441
442 node = ebpt_first(&param_rules);
443 while (node) {
444 next = ebpt_next(node);
445 ebpt_delete(node);
446 param_rule = container_of(node, struct fcgi_param_rule, node);
447 node = next;
448
449 b_reset(value);
450 value->data = build_logline(s, value->area, value->size, param_rule->value);
451 if (!value->data)
452 continue;
453 if (!http_add_header(htx, param_rule->name, ist2(value->area, value->data)))
454 goto rewrite_err;
455 pool_free(pool_head_fcgi_param_rule, param_rule);
456 }
457
458 node = ebpt_first(&hdr_rules);
459 while (node) {
460 next = ebpt_next(node);
461 ebpt_delete(node);
462 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
463 node = next;
464
465 if (!hdr_rule->pass) {
466 ctx.blk = NULL;
467 while (http_find_header(htx, hdr_rule->name, &ctx, 1))
468 http_remove_header(htx, &ctx);
469 }
470 pool_free(pool_head_fcgi_hdr_rule, hdr_rule);
471 }
472
473 goto end;
474
475 rewrite_err:
476 _HA_ATOMIC_ADD(&sess->fe->fe_counters.failed_rewrites, 1);
Christopher Fauletcff0f732019-12-16 16:13:44 +0100[diff] [blame]477 _HA_ATOMIC_ADD(&s->be->be_counters.failed_rewrites, 1);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]478 if (sess->listener->counters)
479 _HA_ATOMIC_ADD(&sess->listener->counters->failed_rewrites, 1);
Christopher Fauletcff0f732019-12-16 16:13:44 +0100[diff] [blame]480 if (objt_server(s->target))
481 _HA_ATOMIC_ADD(&__objt_server(s->target)->counters.failed_rewrites, 1);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]482 hdr_rule_err:
483 node = ebpt_first(&hdr_rules);
484 while (node) {
485 next = ebpt_next(node);
486 ebpt_delete(node);
487 hdr_rule = container_of(node, struct fcgi_hdr_rule, node);
488 node = next;
489 pool_free(pool_head_fcgi_hdr_rule, hdr_rule);
490 }
491 param_rule_err:
492 node = ebpt_first(&param_rules);
493 while (node) {
494 next = ebpt_next(node);
495 ebpt_delete(node);
496 param_rule = container_of(node, struct fcgi_param_rule, node);
497 node = next;
498 pool_free(pool_head_fcgi_param_rule, param_rule);
499 }
500 end:
501 free_trash_chunk(value);
502 return 1;
503}
504
505struct flt_ops fcgi_flt_ops = {
506 .init = fcgi_flt_init,
507 .check = fcgi_flt_check,
508 .deinit = fcgi_flt_deinit,
509
510 .attach = fcgi_flt_start,
511 .detach = fcgi_flt_stop,
512
513 .http_headers = fcgi_flt_http_headers,
514};
515
516/**************************************************************************/
517/*********************** FCGI Config parsing ******************************/
518/**************************************************************************/
519static int
520parse_fcgi_flt(char **args, int *cur_arg, struct proxy *px,
521 struct flt_conf *fconf, char **err, void *private)
522{
523 struct flt_conf *f, *back;
524 struct fcgi_flt_conf *fcgi_conf = NULL;
525 char *name = NULL;
526 int pos = *cur_arg;
527
528 /* Get the fcgi-app name*/
Christopher Faulet0ce57b02019-09-18 11:18:33 +0200[diff] [blame]529 if (!*args[pos + 1]) {
530 memprintf(err, "%s : expects a <name> argument", args[pos]);
531 goto err;
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]532 }
Christopher Faulet0ce57b02019-09-18 11:18:33 +0200[diff] [blame]533 name = strdup(args[pos + 1]);
534 if (!name) {
535 memprintf(err, "%s '%s' : out of memory", args[pos], args[pos + 1]);
536 goto err;
537 }
538 pos += 2;
539
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]540 /* Check if an fcgi-app filter with the same name already exists */
541 list_for_each_entry_safe(f, back, &px->filter_configs, list) {
542 if (f->id != fcgi_flt_id)
543 continue;
544 fcgi_conf = f->conf;
545 if (strcmp(name, fcgi_conf->name)) {
546 fcgi_conf = NULL;
547 continue;
548 }
549
550 /* Place the filter at its right position */
551 LIST_DEL(&f->list);
552 free(f);
553 free(name);
554 name = NULL;
555 break;
556 }
557
558 /* No other fcgi-app filter found, create configuration for the explicit one */
559 if (!fcgi_conf) {
560 fcgi_conf = calloc(1, sizeof(*fcgi_conf));
561 if (!fcgi_conf) {
562 memprintf(err, "%s: out of memory", args[*cur_arg]);
563 goto err;
564 }
565 fcgi_conf->name = name;
566 LIST_INIT(&fcgi_conf->param_rules);
567 LIST_INIT(&fcgi_conf->hdr_rules);
568 }
569
570 fconf->id = fcgi_flt_id;
571 fconf->conf = fcgi_conf;
572 fconf->ops = &fcgi_flt_ops;
573
574 *cur_arg = pos;
575 return 0;
576 err:
577 free(name);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]578 return -1;
579}
580
581/* Parses the "use-fcgi-app" proxy keyword */
582static int proxy_parse_use_fcgi_app(char **args, int section, struct proxy *curpx,
583 struct proxy *defpx, const char *file, int line,
584 char **err)
585{
586 struct flt_conf *fconf = NULL;
587 struct fcgi_flt_conf *fcgi_conf = NULL;
588 int retval = 0;
589
590 if (!(curpx->cap & PR_CAP_BE)) {
591 memprintf(err, "'%s' only available in backend or listen section", args[0]);
592 retval = -1;
593 goto end;
594 }
595
596 if (!*(args[1])) {
597 memprintf(err, "'%s' expects <name> as argument", args[0]);
598 retval = -1;
599 goto end;
600 }
601
602 /* check if a fcgi filter was already registered with this name,
603 * if that's the case, must use it. */
604 list_for_each_entry(fconf, &curpx->filter_configs, list) {
605 if (fconf->id == fcgi_flt_id) {
606 fcgi_conf = fconf->conf;
607 if (fcgi_conf && !strcmp((char *)fcgi_conf->name, args[1]))
608 goto end;
609 memprintf(err, "'%s' : only one fcgi-app supported per backend", args[0]);
610 retval = -1;
611 goto end;
612 }
613 }
614
615 /* Create the FCGI filter config */
616 fcgi_conf = calloc(1, sizeof(*fcgi_conf));
617 if (!fcgi_conf)
618 goto err;
619 fcgi_conf->name = strdup(args[1]);
620 LIST_INIT(&fcgi_conf->param_rules);
621 LIST_INIT(&fcgi_conf->hdr_rules);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]622
623 /* Register the filter */
624 fconf = calloc(1, sizeof(*fconf));
625 if (!fconf)
626 goto err;
627 fconf->id = fcgi_flt_id;
628 fconf->conf = fcgi_conf;
629 fconf->ops = &fcgi_flt_ops;
630 LIST_ADDQ(&curpx->filter_configs, &fconf->list);
631
632 end:
633 return retval;
634 err:
635 if (fcgi_conf) {
636 free(fcgi_conf->name);
637 free(fcgi_conf);
638 }
639 memprintf(err, "out of memory");
640 retval = -1;
641 goto end;
642}
643
644/* Finishes the parsing of FCGI application of proxies and servers */
645static int cfg_fcgi_apps_postparser()
646{
647 struct fcgi_app *curapp;
648 struct proxy *px;
649 struct server *srv;
650 int err_code = 0;
651
652 for (px = proxies_list; px; px = px->next) {
653 struct fcgi_flt_conf *fcgi_conf = find_px_fcgi_conf(px);
654 int nb_fcgi_srv = 0;
655
656 if (px->mode == PR_MODE_TCP && fcgi_conf) {
657 ha_alert("config : proxy '%s': FCGI application cannot be used in non-HTTP mode.\n",
658 px->id);
659 err_code |= ERR_ALERT | ERR_FATAL;
660 goto end;
661 }
662
663 for (srv = px->srv; srv; srv = srv->next) {
664 if (srv->mux_proto && isteq(srv->mux_proto->token, ist("fcgi"))) {
665 nb_fcgi_srv++;
666 if (fcgi_conf)
667 continue;
668 ha_alert("config : proxy '%s': FCGI server '%s' has no FCGI app configured.\n",
669 px->id, srv->id);
670 err_code |= ERR_ALERT | ERR_FATAL;
671 goto end;
672 }
673 }
674 if (fcgi_conf && !nb_fcgi_srv) {
675 ha_alert("config : proxy '%s': FCGI app configured but no FCGI server found.\n",
676 px->id);
677 err_code |= ERR_ALERT | ERR_FATAL;
678 goto end;
679 }
680 }
681
682 for (curapp = fcgi_apps; curapp != NULL; curapp = curapp->next) {
683 if (!istlen(curapp->docroot)) {
684 ha_alert("config : fcgi-app '%s': no docroot configured.\n",
685 curapp->name);
686 err_code |= ERR_ALERT | ERR_FATAL;
687 goto end;
688 }
689 if (!(curapp->flags & (FCGI_APP_FL_MPXS_CONNS|FCGI_APP_FL_GET_VALUES))) {
690 if (curapp->maxreqs > 1) {
691 ha_warning("config : fcgi-app '%s': multiplexing not supported, "
692 "ignore the option 'max-reqs'.\n",
693 curapp->name);
694 err_code |= ERR_WARN;
695 }
696 curapp->maxreqs = 1;
697 }
698 }
699
700 end:
701 return err_code;
702}
703
704static int fcgi_app_add_rule(struct fcgi_app *curapp, enum fcgi_rule_type type, char *name, char *value,
705 struct acl_cond *cond, char **err)
706{
707 struct fcgi_rule_conf *rule;
708
709 /* Param not found, add a new one */
710 rule = calloc(1, sizeof(*rule));
711 if (!rule)
712 goto err;
713 LIST_INIT(&rule->list);
714 rule->type = type;
715 if (type == FCGI_RULE_SET_PARAM || type == FCGI_RULE_UNSET_PARAM) {
716 struct ist fname = fcgi_param_name(trash.area, ist(name));
717 rule->name = my_strndup(fname.ptr, fname.len);
718 }
Christopher Fauletbc96c902019-12-02 10:33:31 +0100[diff] [blame]719 else { /* FCGI_RULE_PASS_HDR/FCGI_RULE_HIDE_HDR */
720 struct ist fname = ist2bin_lc(trash.area, ist(name));
721 rule->name = my_strndup(fname.ptr, fname.len);
722 }
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]723 if (!rule->name)
724 goto err;
725
726 if (value) {
727 rule->value = strdup(value);
728 if (!rule->value)
729 goto err;
730 }
731 rule->cond = cond;
732 LIST_ADDQ(&curapp->conf.rules, &rule->list);
733 return 1;
734
735 err:
736 if (rule) {
737 free(rule->name);
738 free(rule->value);
739 free(rule);
740 }
741 if (cond) {
742 prune_acl_cond(cond);
743 free(cond);
744 }
745 memprintf(err, "out of memory");
746 return 0;
747}
748
749/* Parses "fcgi-app" section */
750static int cfg_parse_fcgi_app(const char *file, int linenum, char **args, int kwm)
751{
752 static struct fcgi_app *curapp = NULL;
753 struct acl_cond *cond = NULL;
754 char *name, *value = NULL;
755 enum fcgi_rule_type type;
756 int err_code = 0;
757 const char *err;
758 char *errmsg = NULL;
759
760 if (!strcmp(args[0], "fcgi-app")) { /* new fcgi-app */
761 if (!*(args[1])) {
762 ha_alert("parsing [%s:%d]: '%s' expects <name> as argument.\n",
763 file, linenum, args[0]);
764 err_code |= ERR_ALERT | ERR_FATAL;
765 goto out;
766 }
767 if (alertif_too_many_args(1, file, linenum, args, &err_code))
768 goto out;
769
770 err = invalid_char(args[1]);
771 if (err) {
772 ha_alert("parsing [%s:%d]: character '%c' is not permitted in '%s' name '%s'.\n",
773 file, linenum, *err, args[0], args[1]);
774 err_code |= ERR_ALERT | ERR_FATAL;
775 goto out;
776 }
777
778 for (curapp = fcgi_apps; curapp != NULL; curapp = curapp->next) {
779 if (!strcmp(curapp->name, args[1])) {
780 ha_alert("Parsing [%s:%d]: fcgi-app section '%s' has the same name as another one declared at %s:%d.\n",
781 file, linenum, args[1], curapp->conf.file, curapp->conf.line);
782 err_code |= ERR_ALERT | ERR_FATAL;
783 }
784 }
785
786 curapp = calloc(1, sizeof(*curapp));
787 if (!curapp) {
788 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
789 err_code |= ERR_ALERT | ERR_ABORT;
790 goto out;
791 }
792
793 curapp->next = fcgi_apps;
794 fcgi_apps = curapp;
795 curapp->flags = FCGI_APP_FL_KEEP_CONN;
796 curapp->docroot = ist(NULL);
797 curapp->index = ist(NULL);
798 curapp->pathinfo_re = NULL;
799 curapp->name = strdup(args[1]);
800 curapp->maxreqs = 1;
801 curapp->conf.file = strdup(file);
802 curapp->conf.line = linenum;
803 LIST_INIT(&curapp->acls);
804 LIST_INIT(&curapp->logsrvs);
805 LIST_INIT(&curapp->conf.args.list);
806 LIST_INIT(&curapp->conf.rules);
807
808 /* Set info about authentication */
809 if (!fcgi_app_add_rule(curapp, FCGI_RULE_SET_PARAM, "REMOTE_USER", "%[http_auth_user]", NULL, &errmsg) ||
810 !fcgi_app_add_rule(curapp, FCGI_RULE_SET_PARAM, "AUTH_TYPE", "%[http_auth_type]", NULL, &errmsg)) {
811 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
812 args[1], errmsg);
813 err_code |= ERR_ALERT | ERR_FATAL;
814 }
815
816 /* Hide hop-by-hop headers by default */
817 if (!fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "connection", NULL, NULL, &errmsg) ||
818 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "keep-alive", NULL, NULL, &errmsg) ||
819 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "authorization", NULL, NULL, &errmsg) ||
820 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy", NULL, NULL, &errmsg) ||
821 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy-authorization", NULL, NULL, &errmsg) ||
822 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "proxy-authenticate", NULL, NULL, &errmsg) ||
823 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "te", NULL, NULL, &errmsg) ||
824 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "trailers", NULL, NULL, &errmsg) ||
825 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "transfer-encoding", NULL, NULL, &errmsg) ||
826 !fcgi_app_add_rule(curapp, FCGI_RULE_HIDE_HDR, "upgrade", NULL, NULL, &errmsg)) {
827 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
828 args[1], errmsg);
829 err_code |= ERR_ALERT | ERR_FATAL;
830 }
831 }
832 else if (!strcmp(args[0], "docroot")) {
833 if (!*(args[1])) {
834 ha_alert("parsing [%s:%d] : '%s' expects <path> as argument.\n",
835 file, linenum, args[0]);
836 err_code |= ERR_ALERT | ERR_FATAL;
837 goto out;
838 }
839 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
840 goto out;
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]841 istfree(&curapp->docroot);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]842 curapp->docroot = ist2(strdup(args[1]), strlen(args[1]));
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]843 if (!isttest(curapp->docroot)) {
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]844 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
845 err_code |= ERR_ALERT | ERR_ABORT;
846 }
847 }
848 else if (!strcmp(args[0], "path-info")) {
849 if (!*(args[1])) {
850 ha_alert("parsing [%s:%d] : '%s' expects <regex> as argument.\n",
851 file, linenum, args[0]);
852 err_code |= ERR_ALERT | ERR_FATAL;
853 goto out;
854 }
855 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
856 goto out;
857 regex_free(curapp->pathinfo_re);
858 curapp->pathinfo_re = regex_comp(args[1], 1, 1, &errmsg);
859 if (!curapp->pathinfo_re) {
860 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
861 args[1], errmsg);
862 err_code |= ERR_ALERT | ERR_FATAL;
863 }
864 }
865 else if (!strcmp(args[0], "index")) {
866 if (!*(args[1])) {
867 ha_alert("parsing [%s:%d] : '%s' expects <filename> as argument.\n",
868 file, linenum, args[0]);
869 err_code |= ERR_ALERT | ERR_FATAL;
870 goto out;
871 }
872 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
873 goto out;
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]874 istfree(&curapp->index);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]875 curapp->index = ist2(strdup(args[1]), strlen(args[1]));
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]876 if (!isttest(curapp->index)) {
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]877 ha_alert("parsing [%s:%d] : out of memory.\n", file, linenum);
878 err_code |= ERR_ALERT | ERR_ABORT;
879 }
880 }
881 else if (!strcmp(args[0], "acl")) {
882 const char *err;
883 err = invalid_char(args[1]);
884 if (err) {
885 ha_alert("parsing [%s:%d] : character '%c' is not permitted in acl name '%s'.\n",
886 file, linenum, *err, args[1]);
887 err_code |= ERR_ALERT | ERR_FATAL;
Tim Duesterhus0cf811a2020-02-05 21:00:50 +0100[diff] [blame]888 goto out;
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]889 }
Tim Duesterhus0cf811a2020-02-05 21:00:50 +0100[diff] [blame]890 if (strcasecmp(args[1], "or") == 0) {
Tim Duesterhusf1bc24c2020-02-06 22:04:03 +0100[diff] [blame]891 ha_alert("parsing [%s:%d] : acl name '%s' will never match. 'or' is used to express a "
Tim Duesterhus0cf811a2020-02-05 21:00:50 +0100[diff] [blame]892 "logical disjunction within a condition.\n",
893 file, linenum, args[1]);
894 err_code |= ERR_ALERT | ERR_FATAL;
895 goto out;
896 }
897 if (parse_acl((const char **)args+1, &curapp->acls, &errmsg, &curapp->conf.args, file, linenum) == NULL) {
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]898 ha_alert("parsing [%s:%d] : error detected while parsing ACL '%s' : %s.\n",
899 file, linenum, args[1], errmsg);
900 err_code |= ERR_ALERT | ERR_FATAL;
Tim Duesterhus0cf811a2020-02-05 21:00:50 +0100[diff] [blame]901 goto out;
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]902 }
903 }
904 else if (!strcmp(args[0], "set-param")) {
905 if (!*(args[1]) || !*(args[2])) {
906 ha_alert("parsing [%s:%d] : '%s' expects <name> and <value> as arguments.\n",
907 file, linenum, args[0]);
908 err_code |= ERR_ALERT | ERR_FATAL;
909 goto out;
910 }
911 type = FCGI_RULE_SET_PARAM;
912 name = args[1];
913 value = args[2];
914 cond = NULL;
915 args += 3;
916
917 parse_cond_rule:
918 if (!*(args[0])) /* No condition */
919 goto add_rule;
920
921 if (strcmp(args[0], "if") == 0)
922 cond = parse_acl_cond((const char **)args+1, &curapp->acls, ACL_COND_IF, &errmsg, &curapp->conf.args,
923 file, linenum);
924 else if (strcmp(args[0], "unless") == 0)
925 cond = parse_acl_cond((const char **)args+1, &curapp->acls, ACL_COND_UNLESS, &errmsg, &curapp->conf.args,
926 file, linenum);
927 if (!cond) {
928 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
929 name, errmsg);
930 err_code |= ERR_ALERT | ERR_FATAL;
931 }
932 add_rule:
933 if (!fcgi_app_add_rule(curapp, type, name, value, cond, &errmsg)) {
934 ha_alert("parsing [%s:%d] : '%s' : %s.\n", file, linenum,
935 name, errmsg);
936 err_code |= ERR_ALERT | ERR_FATAL;
937 }
938 }
939#if 0 /* Disabled for now */
940 else if (!strcmp(args[0], "unset-param")) {
941 if (!*(args[1])) {
942 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
943 file, linenum, args[0]);
944 err_code |= ERR_ALERT | ERR_FATAL;
945 goto out;
946 }
947 type = FCGI_RULE_UNSET_PARAM;
948 name = args[1];
949 value = NULL;
950 cond = NULL;
951 args += 2;
952 goto parse_cond_rule;
953 }
954#endif
955 else if (!strcmp(args[0], "pass-header")) {
956 if (!*(args[1])) {
957 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
958 file, linenum, args[0]);
959 err_code |= ERR_ALERT | ERR_FATAL;
960 goto out;
961 }
962 type = FCGI_RULE_PASS_HDR;
963 name = args[1];
964 value = NULL;
965 cond = NULL;
966 args += 2;
967 goto parse_cond_rule;
968 }
969#if 0 /* Disabled for now */
970 else if (!strcmp(args[0], "hide-header")) {
971 if (!*(args[1])) {
972 ha_alert("parsing [%s:%d] : '%s' expects <name> as arguments.\n",
973 file, linenum, args[0]);
974 err_code |= ERR_ALERT | ERR_FATAL;
975 goto out;
976 }
977 type = FCGI_RULE_HIDE_HDR;
978 name = args[1];
979 value = NULL;
980 cond = NULL;
981 args += 2;
982 goto parse_cond_rule;
983 }
984#endif
985 else if (!strcmp(args[0], "option")) {
986 if (!*(args[1])) {
987 ha_alert("parsing [%s:%d]: '%s' expects an option name.\n",
988 file, linenum, args[0]);
989 err_code |= ERR_ALERT | ERR_FATAL;
990 }
991 else if (!strcmp(args[1], "keep-conn")) {
992 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
993 goto out;
994 if (kwm == KWM_STD)
995 curapp->flags |= FCGI_APP_FL_KEEP_CONN;
996 else if (kwm == KWM_NO)
997 curapp->flags &= ~FCGI_APP_FL_KEEP_CONN;
998 }
999 else if (!strcmp(args[1], "get-values")) {
1000 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
1001 goto out;
1002 if (kwm == KWM_STD)
1003 curapp->flags |= FCGI_APP_FL_GET_VALUES;
1004 else if (kwm == KWM_NO)
1005 curapp->flags &= ~FCGI_APP_FL_GET_VALUES;
1006 }
1007 else if (!strcmp(args[1], "mpxs-conns")) {
1008 if (alertif_too_many_args_idx(0, 1, file, linenum, args, &err_code))
1009 goto out;
1010 if (kwm == KWM_STD)
1011 curapp->flags |= FCGI_APP_FL_MPXS_CONNS;
1012 else if (kwm == KWM_NO)
1013 curapp->flags &= ~FCGI_APP_FL_MPXS_CONNS;
1014 }
1015 else if (!strcmp(args[1], "max-reqs")) {
1016 if (kwm != KWM_STD) {
1017 ha_alert("parsing [%s:%d]: negation/default is not supported for option '%s'.\n",
1018 file, linenum, args[1]);
1019 err_code |= ERR_ALERT | ERR_FATAL;
1020 goto out;
1021 }
1022 if (!*(args[2])) {
1023 ha_alert("parsing [%s:%d]: option '%s' expects an integer argument.\n",
1024 file, linenum, args[1]);
1025 err_code |= ERR_ALERT | ERR_FATAL;
1026 goto out;
1027 }
1028 if (alertif_too_many_args_idx(1, 1, file, linenum, args, &err_code))
1029 goto out;
1030
1031 curapp->maxreqs = atol(args[2]);
1032 if (!curapp->maxreqs) {
1033 ha_alert("parsing [%s:%d]: option '%s' expects a strictly positive integer argument.\n",
1034 file, linenum, args[1]);
1035 err_code |= ERR_ALERT | ERR_FATAL;
1036 goto out;
1037 }
1038 }
1039 else {
1040 ha_alert("parsing [%s:%d] : unknown option '%s'.\n", file, linenum, args[1]);
1041 err_code |= ERR_ALERT | ERR_FATAL;
1042 }
1043 }
1044 else if (!strcmp(args[0], "log-stderr")) {
1045 if (!parse_logsrv(args, &curapp->logsrvs, (kwm == KWM_NO), &errmsg)) {
1046 ha_alert("parsing [%s:%d] : %s : %s\n", file, linenum, args[0], errmsg);
1047 err_code |= ERR_ALERT | ERR_FATAL;
1048 }
1049 }
1050 else {
1051 ha_alert("parsing [%s:%d]: unknown keyword '%s' in '%s' section\n", file, linenum, args[0], "fcgi-app");
1052 err_code |= ERR_ALERT | ERR_FATAL;
1053 }
1054
1055out:
1056 free(errmsg);
1057 return err_code;
1058}
1059
1060
1061/**************************************************************************/
1062/*********************** FCGI Deinit functions ****************************/
1063/**************************************************************************/
1064void fcgi_apps_deinit()
1065{
1066 struct fcgi_app *curapp, *nextapp;
1067 struct logsrv *log, *logb;
1068
1069 for (curapp = fcgi_apps; curapp != NULL; curapp = nextapp) {
1070 struct fcgi_rule_conf *rule, *back;
1071
1072 free(curapp->name);
Tim Duesterhused526372020-03-05 17:56:33 +0100[diff] [blame]1073 istfree(&curapp->docroot);
1074 istfree(&curapp->index);
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]1075 regex_free(curapp->pathinfo_re);
1076 free(curapp->conf.file);
1077
1078 list_for_each_entry_safe(log, logb, &curapp->logsrvs, list) {
1079 LIST_DEL(&log->list);
1080 free(log);
1081 }
1082
1083 list_for_each_entry_safe(rule, back, &curapp->conf.rules, list) {
1084 LIST_DEL(&rule->list);
1085 fcgi_release_rule_conf(rule);
1086 }
1087
1088 nextapp = curapp->next;
1089 free(curapp);
1090 }
1091}
1092
1093
1094/**************************************************************************/
1095/*************** Keywords definition and registration *********************/
1096/**************************************************************************/
1097static struct cfg_kw_list cfg_kws = {ILH, {
1098 { CFG_LISTEN, "use-fcgi-app", proxy_parse_use_fcgi_app },
1099 { 0, NULL, NULL },
1100}};
1101
1102// FIXME: Add rep.fcgi smp_fetch
1103static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
1104 { "fcgi.docroot", smp_fetch_fcgi_docroot, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
Willy Tarreaufc41e252019-09-27 22:45:17 +0200[diff] [blame]1105 { "fcgi.index", smp_fetch_fcgi_index, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
1106 { /* END */ }
Christopher Faulet78fbb9f2019-08-11 23:11:03 +0200[diff] [blame]1107}};
1108
1109/* Declare the filter parser for "fcgi-app" keyword */
1110static struct flt_kw_list filter_kws = { "FCGI", { }, {
1111 { "fcgi-app", parse_fcgi_flt, NULL },
1112 { NULL, NULL, NULL },
1113 }
1114};
1115
1116INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
1117INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
1118INITCALL1(STG_REGISTER, flt_register_keywords, &filter_kws);
1119
1120INITCALL1(STG_REGISTER, hap_register_post_deinit, fcgi_apps_deinit);
1121
1122REGISTER_CONFIG_SECTION("fcgi-app", cfg_parse_fcgi_app, NULL);
1123REGISTER_CONFIG_POSTPARSER("fcgi-apps", cfg_fcgi_apps_postparser);
1124
1125/*
1126 * Local variables:
1127 * c-indent-level: 8
1128 * c-basic-offset: 8
1129 * End:
1130 */