1 /*
2    +----------------------------------------------------------------------+
3    | PHP Version 5                                                        |
4    +----------------------------------------------------------------------+
5    | Copyright (c) 1997-2014 The PHP Group                                |
6    +----------------------------------------------------------------------+
7    | This source file is subject to version 3.01 of the PHP license,      |
8    | that is bundled with this package in the file LICENSE, and is        |
9    | available through the world-wide-web at the following url:           |
10    | http://www.php.net/license/3_01.txt                                  |
11    | If you did not receive a copy of the PHP license and are unable to   |
12    | obtain it through the world-wide-web, please send a note to          |
13    | license@php.net so we can mail you a copy immediately.               |
14    +----------------------------------------------------------------------+
15    | Authors: Sascha Schumann <sascha@schumann.cx>                        |
16    |          Parts based on Apache 1.3 SAPI module by                    |
17    |          Rasmus Lerdorf and Zeev Suraski                             |
18    +----------------------------------------------------------------------+
19  */
20 
21 /* $Id$ */
22 
23 #define ZEND_INCLUDE_FULL_WINDOWS_HEADERS
24 
25 #include "php.h"
26 #include "php_main.h"
27 #include "php_ini.h"
28 #include "php_variables.h"
29 #include "SAPI.h"
30 
31 #include <fcntl.h>
32 
33 #include "ext/standard/php_smart_str.h"
34 #ifndef NETWARE
35 #include "ext/standard/php_standard.h"
36 #else
37 #include "ext/standard/basic_functions.h"
38 #endif
39 
40 #include "apr_strings.h"
41 #include "ap_config.h"
42 #include "util_filter.h"
43 #include "httpd.h"
44 #include "http_config.h"
45 #include "http_request.h"
46 #include "http_core.h"
47 #include "http_protocol.h"
48 #include "http_log.h"
49 #include "http_main.h"
50 #include "util_script.h"
51 #include "http_core.h"
52 #include "ap_mpm.h"
53 
54 #include "php_apache.h"
55 
56 #ifdef PHP_WIN32
57 # if _MSC_VER <= 1300
58 #  include "win32/php_strtoi64.h"
59 # endif
60 #endif
61 
62 /* UnixWare and Netware define shutdown to _shutdown, which causes problems later
63  * on when using a structure member named shutdown. Since this source
64  * file does not use the system call shutdown, it is safe to #undef it.K
65  */
66 #undef shutdown
67 
68 #define PHP_MAGIC_TYPE "application/x-httpd-php"
69 #define PHP_SOURCE_MAGIC_TYPE "application/x-httpd-php-source"
70 #define PHP_SCRIPT "php5-script"
71 
72 /* A way to specify the location of the php.ini dir in an apache directive */
73 char *apache2_php_ini_path_override = NULL;
74 
75 static int
php_apache_sapi_ub_write(const char * str,uint str_length TSRMLS_DC)76 php_apache_sapi_ub_write(const char *str, uint str_length TSRMLS_DC)
77 {
78 	request_rec *r;
79 	php_struct *ctx;
80 
81 	ctx = SG(server_context);
82 	r = ctx->r;
83 
84 	if (ap_rwrite(str, str_length, r) < 0) {
85 		php_handle_aborted_connection();
86 	}
87 
88 	return str_length; /* we always consume all the data passed to us. */
89 }
90 
91 static int
php_apache_sapi_header_handler(sapi_header_struct * sapi_header,sapi_header_op_enum op,sapi_headers_struct * sapi_headers TSRMLS_DC)92 php_apache_sapi_header_handler(sapi_header_struct *sapi_header, sapi_header_op_enum op, sapi_headers_struct *sapi_headers TSRMLS_DC)
93 {
94 	php_struct *ctx;
95 	char *val, *ptr;
96 
97 	ctx = SG(server_context);
98 
99 	switch (op) {
100 		case SAPI_HEADER_DELETE:
101 			apr_table_unset(ctx->r->headers_out, sapi_header->header);
102 			return 0;
103 
104 		case SAPI_HEADER_DELETE_ALL:
105 			apr_table_clear(ctx->r->headers_out);
106 			return 0;
107 
108 		case SAPI_HEADER_ADD:
109 		case SAPI_HEADER_REPLACE:
110 			val = strchr(sapi_header->header, ':');
111 
112 			if (!val) {
113 				return 0;
114 			}
115 			ptr = val;
116 
117 			*val = '\0';
118 
119 			do {
120 				val++;
121 			} while (*val == ' ');
122 
123 			if (!strcasecmp(sapi_header->header, "content-type")) {
124 				if (ctx->content_type) {
125 					efree(ctx->content_type);
126 				}
127 				ctx->content_type = estrdup(val);
128 			} else if (!strcasecmp(sapi_header->header, "content-length")) {
129 #ifdef PHP_WIN32
130 # ifdef APR_HAS_LARGE_FILES
131 				ap_set_content_length(ctx->r, (apr_off_t) _strtoui64(val, (char **)NULL, 10));
132 # else
133 				ap_set_content_length(ctx->r, (apr_off_t) strtol(val, (char **)NULL, 10));
134 # endif
135 #else
136 				ap_set_content_length(ctx->r, (apr_off_t) strtol(val, (char **)NULL, 10));
137 #endif
138 			} else if (op == SAPI_HEADER_REPLACE) {
139 				apr_table_set(ctx->r->headers_out, sapi_header->header, val);
140 			} else {
141 				apr_table_add(ctx->r->headers_out, sapi_header->header, val);
142 			}
143 
144 			*ptr = ':';
145 
146 			return SAPI_HEADER_ADD;
147 
148 		default:
149 			return 0;
150 	}
151 }
152 
153 static int
php_apache_sapi_send_headers(sapi_headers_struct * sapi_headers TSRMLS_DC)154 php_apache_sapi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC)
155 {
156 	php_struct *ctx = SG(server_context);
157 	const char *sline = SG(sapi_headers).http_status_line;
158 
159 	ctx->r->status = SG(sapi_headers).http_response_code;
160 
161 	/* httpd requires that r->status_line is set to the first digit of
162 	 * the status-code: */
163 	if (sline && strlen(sline) > 12 && strncmp(sline, "HTTP/1.", 7) == 0 && sline[8] == ' ') {
164 		ctx->r->status_line = apr_pstrdup(ctx->r->pool, sline + 9);
165 		ctx->r->proto_num = 1000 + (sline[7]-'0');
166 		if ((sline[7]-'0') == 0) {
167 			apr_table_set(ctx->r->subprocess_env, "force-response-1.0", "true");
168 		}
169 	}
170 
171 	/*	call ap_set_content_type only once, else each time we call it,
172 		configured output filters for that content type will be added */
173 	if (!ctx->content_type) {
174 		ctx->content_type = sapi_get_default_content_type(TSRMLS_C);
175 	}
176 	ap_set_content_type(ctx->r, apr_pstrdup(ctx->r->pool, ctx->content_type));
177 	efree(ctx->content_type);
178 	ctx->content_type = NULL;
179 
180 	return SAPI_HEADER_SENT_SUCCESSFULLY;
181 }
182 
183 static int
php_apache_sapi_read_post(char * buf,uint count_bytes TSRMLS_DC)184 php_apache_sapi_read_post(char *buf, uint count_bytes TSRMLS_DC)
185 {
186 	apr_size_t len, tlen=0;
187 	php_struct *ctx = SG(server_context);
188 	request_rec *r;
189 	apr_bucket_brigade *brigade;
190 
191 	r = ctx->r;
192 	brigade = ctx->brigade;
193 	len = count_bytes;
194 
195 	/*
196 	 * This loop is needed because ap_get_brigade() can return us partial data
197 	 * which would cause premature termination of request read. Therefor we
198 	 * need to make sure that if data is available we fill the buffer completely.
199 	 */
200 
201 	while (ap_get_brigade(r->input_filters, brigade, AP_MODE_READBYTES, APR_BLOCK_READ, len) == APR_SUCCESS) {
202 		apr_brigade_flatten(brigade, buf, &len);
203 		apr_brigade_cleanup(brigade);
204 		tlen += len;
205 		if (tlen == count_bytes || !len) {
206 			break;
207 		}
208 		buf += len;
209 		len = count_bytes - tlen;
210 	}
211 
212 	return tlen;
213 }
214 
215 static struct stat*
php_apache_sapi_get_stat(TSRMLS_D)216 php_apache_sapi_get_stat(TSRMLS_D)
217 {
218 	php_struct *ctx = SG(server_context);
219 
220 	ctx->finfo.st_uid = ctx->r->finfo.user;
221 	ctx->finfo.st_gid = ctx->r->finfo.group;
222 	ctx->finfo.st_dev = ctx->r->finfo.device;
223 	ctx->finfo.st_ino = ctx->r->finfo.inode;
224 #if defined(NETWARE) && defined(CLIB_STAT_PATCH)
225 	ctx->finfo.st_atime.tv_sec = apr_time_sec(ctx->r->finfo.atime);
226 	ctx->finfo.st_mtime.tv_sec = apr_time_sec(ctx->r->finfo.mtime);
227 	ctx->finfo.st_ctime.tv_sec = apr_time_sec(ctx->r->finfo.ctime);
228 #else
229 	ctx->finfo.st_atime = apr_time_sec(ctx->r->finfo.atime);
230 	ctx->finfo.st_mtime = apr_time_sec(ctx->r->finfo.mtime);
231 	ctx->finfo.st_ctime = apr_time_sec(ctx->r->finfo.ctime);
232 #endif
233 
234 	ctx->finfo.st_size = ctx->r->finfo.size;
235 	ctx->finfo.st_nlink = ctx->r->finfo.nlink;
236 
237 	return &ctx->finfo;
238 }
239 
240 static char *
php_apache_sapi_read_cookies(TSRMLS_D)241 php_apache_sapi_read_cookies(TSRMLS_D)
242 {
243 	php_struct *ctx = SG(server_context);
244 	const char *http_cookie;
245 
246 	http_cookie = apr_table_get(ctx->r->headers_in, "cookie");
247 
248 	/* The SAPI interface should use 'const char *' */
249 	return (char *) http_cookie;
250 }
251 
252 static char *
php_apache_sapi_getenv(char * name,size_t name_len TSRMLS_DC)253 php_apache_sapi_getenv(char *name, size_t name_len TSRMLS_DC)
254 {
255 	php_struct *ctx = SG(server_context);
256 	const char *env_var;
257 
258 	if (ctx == NULL) {
259 		return NULL;
260 	}
261 
262 	env_var = apr_table_get(ctx->r->subprocess_env, name);
263 
264 	return (char *) env_var;
265 }
266 
267 static void
php_apache_sapi_register_variables(zval * track_vars_array TSRMLS_DC)268 php_apache_sapi_register_variables(zval *track_vars_array TSRMLS_DC)
269 {
270 	php_struct *ctx = SG(server_context);
271 	const apr_array_header_t *arr = apr_table_elts(ctx->r->subprocess_env);
272 	char *key, *val;
273 	int new_val_len;
274 
275 	APR_ARRAY_FOREACH_OPEN(arr, key, val)
276 		if (!val) {
277 			val = "";
278 		}
279 		if (sapi_module.input_filter(PARSE_SERVER, key, &val, strlen(val), &new_val_len TSRMLS_CC)) {
280 			php_register_variable_safe(key, val, new_val_len, track_vars_array TSRMLS_CC);
281 		}
282 	APR_ARRAY_FOREACH_CLOSE()
283 
284 	if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &ctx->r->uri, strlen(ctx->r->uri), &new_val_len TSRMLS_CC)) {
285 		php_register_variable_safe("PHP_SELF", ctx->r->uri, new_val_len, track_vars_array TSRMLS_CC);
286 	}
287 }
288 
289 static void
php_apache_sapi_flush(void * server_context)290 php_apache_sapi_flush(void *server_context)
291 {
292 	php_struct *ctx;
293 	request_rec *r;
294 	TSRMLS_FETCH();
295 
296 	ctx = server_context;
297 
298 	/* If we haven't registered a server_context yet,
299 	 * then don't bother flushing. */
300 	if (!server_context) {
301 		return;
302 	}
303 
304 	r = ctx->r;
305 
306 	sapi_send_headers(TSRMLS_C);
307 
308 	r->status = SG(sapi_headers).http_response_code;
309 	SG(headers_sent) = 1;
310 
311 	if (ap_rflush(r) < 0 || r->connection->aborted) {
312 		php_handle_aborted_connection();
313 	}
314 }
315 
php_apache_sapi_log_message(char * msg TSRMLS_DC)316 static void php_apache_sapi_log_message(char *msg TSRMLS_DC)
317 {
318 	php_struct *ctx;
319 
320 	ctx = SG(server_context);
321 
322 	if (ctx == NULL) { /* we haven't initialized our ctx yet, oh well */
323 		ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, 0, NULL, "%s", msg);
324 	} else {
325 		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, ctx->r, "%s", msg);
326 	}
327 }
328 
php_apache_sapi_log_message_ex(char * msg,request_rec * r TSRMLS_DC)329 static void php_apache_sapi_log_message_ex(char *msg, request_rec *r TSRMLS_DC)
330 {
331 	if (r) {
332 		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, msg, r->filename);
333 	} else {
334 		php_apache_sapi_log_message(msg TSRMLS_CC);
335 	}
336 }
337 
php_apache_sapi_get_request_time(TSRMLS_D)338 static double php_apache_sapi_get_request_time(TSRMLS_D)
339 {
340 	php_struct *ctx = SG(server_context);
341 	return ((double) apr_time_as_msec(ctx->r->request_time)) / 1000.0;
342 }
343 
344 extern zend_module_entry php_apache_module;
345 
php_apache2_startup(sapi_module_struct * sapi_module)346 static int php_apache2_startup(sapi_module_struct *sapi_module)
347 {
348 	if (php_module_startup(sapi_module, &php_apache_module, 1)==FAILURE) {
349 		return FAILURE;
350 	}
351 	return SUCCESS;
352 }
353 
354 static sapi_module_struct apache2_sapi_module = {
355 	"apache2handler",
356 	"Apache 2.0 Handler",
357 
358 	php_apache2_startup,				/* startup */
359 	php_module_shutdown_wrapper,			/* shutdown */
360 
361 	NULL,						/* activate */
362 	NULL,						/* deactivate */
363 
364 	php_apache_sapi_ub_write,			/* unbuffered write */
365 	php_apache_sapi_flush,				/* flush */
366 	php_apache_sapi_get_stat,			/* get uid */
367 	php_apache_sapi_getenv,				/* getenv */
368 
369 	php_error,					/* error handler */
370 
371 	php_apache_sapi_header_handler,			/* header handler */
372 	php_apache_sapi_send_headers,			/* send headers handler */
373 	NULL,						/* send header handler */
374 
375 	php_apache_sapi_read_post,			/* read POST data */
376 	php_apache_sapi_read_cookies,			/* read Cookies */
377 
378 	php_apache_sapi_register_variables,
379 	php_apache_sapi_log_message,			/* Log message */
380 	php_apache_sapi_get_request_time,		/* Request Time */
381 	NULL,						/* Child Terminate */
382 
383 	STANDARD_SAPI_MODULE_PROPERTIES
384 };
385 
php_apache_server_shutdown(void * tmp)386 static apr_status_t php_apache_server_shutdown(void *tmp)
387 {
388 	apache2_sapi_module.shutdown(&apache2_sapi_module);
389 	sapi_shutdown();
390 #ifdef ZTS
391 	tsrm_shutdown();
392 #endif
393 	return APR_SUCCESS;
394 }
395 
php_apache_child_shutdown(void * tmp)396 static apr_status_t php_apache_child_shutdown(void *tmp)
397 {
398 	apache2_sapi_module.shutdown(&apache2_sapi_module);
399 #if defined(ZTS) && !defined(PHP_WIN32)
400 	tsrm_shutdown();
401 #endif
402 	return APR_SUCCESS;
403 }
404 
php_apache_add_version(apr_pool_t * p)405 static void php_apache_add_version(apr_pool_t *p)
406 {
407 	TSRMLS_FETCH();
408 	if (PG(expose_php)) {
409 		ap_add_version_component(p, "PHP/" PHP_VERSION);
410 	}
411 }
412 
php_pre_config(apr_pool_t * pconf,apr_pool_t * plog,apr_pool_t * ptemp)413 static int php_pre_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp)
414 {
415 #ifndef ZTS
416 	int threaded_mpm;
417 
418 	ap_mpm_query(AP_MPMQ_IS_THREADED, &threaded_mpm);
419 	if(threaded_mpm) {
420 		ap_log_error(APLOG_MARK, APLOG_CRIT, 0, 0, "Apache is running a threaded MPM, but your PHP Module is not compiled to be threadsafe.  You need to recompile PHP.");
421 		return DONE;
422 	}
423 #endif
424 	/* When this is NULL, apache won't override the hard-coded default
425 	 * php.ini path setting. */
426 	apache2_php_ini_path_override = NULL;
427 	return OK;
428 }
429 
430 static int
php_apache_server_startup(apr_pool_t * pconf,apr_pool_t * plog,apr_pool_t * ptemp,server_rec * s)431 php_apache_server_startup(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
432 {
433 	void *data = NULL;
434 	const char *userdata_key = "apache2hook_post_config";
435 
436 	/* Apache will load, unload and then reload a DSO module. This
437 	 * prevents us from starting PHP until the second load. */
438 	apr_pool_userdata_get(&data, userdata_key, s->process->pool);
439 	if (data == NULL) {
440 		/* We must use set() here and *not* setn(), otherwise the
441 		 * static string pointed to by userdata_key will be mapped
442 		 * to a different location when the DSO is reloaded and the
443 		 * pointers won't match, causing get() to return NULL when
444 		 * we expected it to return non-NULL. */
445 		apr_pool_userdata_set((const void *)1, userdata_key, apr_pool_cleanup_null, s->process->pool);
446 		return OK;
447 	}
448 
449 	/* Set up our overridden path. */
450 	if (apache2_php_ini_path_override) {
451 		apache2_sapi_module.php_ini_path_override = apache2_php_ini_path_override;
452 	}
453 #ifdef ZTS
454 	tsrm_startup(1, 1, 0, NULL);
455 #endif
456 	sapi_startup(&apache2_sapi_module);
457 	apache2_sapi_module.startup(&apache2_sapi_module);
458 	apr_pool_cleanup_register(pconf, NULL, php_apache_server_shutdown, apr_pool_cleanup_null);
459 	php_apache_add_version(pconf);
460 
461 	return OK;
462 }
463 
php_server_context_cleanup(void * data_)464 static apr_status_t php_server_context_cleanup(void *data_)
465 {
466 	void **data = data_;
467 	*data = NULL;
468 	return APR_SUCCESS;
469 }
470 
php_apache_request_ctor(request_rec * r,php_struct * ctx TSRMLS_DC)471 static int php_apache_request_ctor(request_rec *r, php_struct *ctx TSRMLS_DC)
472 {
473 	char *content_length;
474 	const char *auth;
475 
476 	SG(sapi_headers).http_response_code = !r->status ? HTTP_OK : r->status;
477 	SG(request_info).content_type = apr_table_get(r->headers_in, "Content-Type");
478 	SG(request_info).query_string = apr_pstrdup(r->pool, r->args);
479 	SG(request_info).request_method = r->method;
480 	SG(request_info).proto_num = r->proto_num;
481 	SG(request_info).request_uri = apr_pstrdup(r->pool, r->uri);
482 	SG(request_info).path_translated = apr_pstrdup(r->pool, r->filename);
483 	r->no_local_copy = 1;
484 
485 	content_length = (char *) apr_table_get(r->headers_in, "Content-Length");
486 	SG(request_info).content_length = (content_length ? atol(content_length) : 0);
487 
488 	apr_table_unset(r->headers_out, "Content-Length");
489 	apr_table_unset(r->headers_out, "Last-Modified");
490 	apr_table_unset(r->headers_out, "Expires");
491 	apr_table_unset(r->headers_out, "ETag");
492 
493 	auth = apr_table_get(r->headers_in, "Authorization");
494 	php_handle_auth_data(auth TSRMLS_CC);
495 
496 	if (SG(request_info).auth_user == NULL && r->user) {
497 		SG(request_info).auth_user = estrdup(r->user);
498 	}
499 
500 	ctx->r->user = apr_pstrdup(ctx->r->pool, SG(request_info).auth_user);
501 
502 	return php_request_startup(TSRMLS_C);
503 }
504 
php_apache_request_dtor(request_rec * r TSRMLS_DC)505 static void php_apache_request_dtor(request_rec *r TSRMLS_DC)
506 {
507 	php_request_shutdown(NULL);
508 }
509 
php_apache_ini_dtor(request_rec * r,request_rec * p TSRMLS_DC)510 static void php_apache_ini_dtor(request_rec *r, request_rec *p TSRMLS_DC)
511 {
512 	if (strcmp(r->protocol, "INCLUDED")) {
513 		zend_try { zend_ini_deactivate(TSRMLS_C); } zend_end_try();
514 	} else {
515 typedef struct {
516 	HashTable config;
517 } php_conf_rec;
518 		char *str;
519 		uint str_len;
520 		php_conf_rec *c = ap_get_module_config(r->per_dir_config, &php5_module);
521 
522 		for (zend_hash_internal_pointer_reset(&c->config);
523 			zend_hash_get_current_key_ex(&c->config, &str, &str_len, NULL, 0,  NULL) == HASH_KEY_IS_STRING;
524 			zend_hash_move_forward(&c->config)
525 		) {
526 			zend_restore_ini_entry(str, str_len, ZEND_INI_STAGE_SHUTDOWN);
527 		}
528 	}
529 	if (p) {
530 		((php_struct *)SG(server_context))->r = p;
531 	} else {
532 		apr_pool_cleanup_run(r->pool, (void *)&SG(server_context), php_server_context_cleanup);
533 	}
534 }
535 
php_handler(request_rec * r)536 static int php_handler(request_rec *r)
537 {
538 	php_struct * volatile ctx;
539 	void *conf;
540 	apr_bucket_brigade * volatile brigade;
541 	apr_bucket *bucket;
542 	apr_status_t rv;
543 	request_rec * volatile parent_req = NULL;
544 	TSRMLS_FETCH();
545 
546 #define PHPAP_INI_OFF php_apache_ini_dtor(r, parent_req TSRMLS_CC);
547 
548 	conf = ap_get_module_config(r->per_dir_config, &php5_module);
549 
550 	/* apply_config() needs r in some cases, so allocate server_context early */
551 	ctx = SG(server_context);
552 	if (ctx == NULL || (ctx && ctx->request_processed && !strcmp(r->protocol, "INCLUDED"))) {
553 normal:
554 		ctx = SG(server_context) = apr_pcalloc(r->pool, sizeof(*ctx));
555 		/* register a cleanup so we clear out the SG(server_context)
556 		 * after each request. Note: We pass in the pointer to the
557 		 * server_context in case this is handled by a different thread.
558 		 */
559 		apr_pool_cleanup_register(r->pool, (void *)&SG(server_context), php_server_context_cleanup, apr_pool_cleanup_null);
560 		ctx->r = r;
561 		ctx = NULL; /* May look weird to null it here, but it is to catch the right case in the first_try later on */
562 	} else {
563 		parent_req = ctx->r;
564 		ctx->r = r;
565 	}
566 	apply_config(conf);
567 
568 	if (strcmp(r->handler, PHP_MAGIC_TYPE) && strcmp(r->handler, PHP_SOURCE_MAGIC_TYPE) && strcmp(r->handler, PHP_SCRIPT)) {
569 		/* Check for xbithack in this case. */
570 		if (!AP2(xbithack) || strcmp(r->handler, "text/html") || !(r->finfo.protection & APR_UEXECUTE)) {
571 			PHPAP_INI_OFF;
572 			return DECLINED;
573 		}
574 	}
575 
576 	/* Give a 404 if PATH_INFO is used but is explicitly disabled in
577 	 * the configuration; default behaviour is to accept. */
578 	if (r->used_path_info == AP_REQ_REJECT_PATH_INFO
579 		&& r->path_info && r->path_info[0]) {
580 		PHPAP_INI_OFF;
581 		return HTTP_NOT_FOUND;
582 	}
583 
584 	/* handle situations where user turns the engine off */
585 	if (!AP2(engine)) {
586 		PHPAP_INI_OFF;
587 		return DECLINED;
588 	}
589 
590 	if (r->finfo.filetype == 0) {
591 		php_apache_sapi_log_message_ex("script '%s' not found or unable to stat", r TSRMLS_CC);
592 		PHPAP_INI_OFF;
593 		return HTTP_NOT_FOUND;
594 	}
595 	if (r->finfo.filetype == APR_DIR) {
596 		php_apache_sapi_log_message_ex("attempt to invoke directory '%s' as script", r TSRMLS_CC);
597 		PHPAP_INI_OFF;
598 		return HTTP_FORBIDDEN;
599 	}
600 
601 	/* Setup the CGI variables if this is the main request */
602 	if (r->main == NULL ||
603 		/* .. or if the sub-request environment differs from the main-request. */
604 		r->subprocess_env != r->main->subprocess_env
605 	) {
606 		/* setup standard CGI variables */
607 		ap_add_common_vars(r);
608 		ap_add_cgi_vars(r);
609 	}
610 
611 zend_first_try {
612 
613 	if (ctx == NULL) {
614 		brigade = apr_brigade_create(r->pool, r->connection->bucket_alloc);
615 		ctx = SG(server_context);
616 		ctx->brigade = brigade;
617 
618 		if (php_apache_request_ctor(r, ctx TSRMLS_CC)!=SUCCESS) {
619 			zend_bailout();
620 		}
621 	} else {
622 		if (!parent_req) {
623 			parent_req = ctx->r;
624 		}
625 		if (parent_req && parent_req->handler &&
626 				strcmp(parent_req->handler, PHP_MAGIC_TYPE) &&
627 				strcmp(parent_req->handler, PHP_SOURCE_MAGIC_TYPE) &&
628 				strcmp(parent_req->handler, PHP_SCRIPT)) {
629 			if (php_apache_request_ctor(r, ctx TSRMLS_CC)!=SUCCESS) {
630 				zend_bailout();
631 			}
632 		}
633 
634 		/*
635 		 * check if coming due to ErrorDocument
636 		 * We make a special exception of 413 (Invalid POST request) as the invalidity of the request occurs
637 		 * during processing of the request by PHP during POST processing. Therefor we need to re-use the exiting
638 		 * PHP instance to handle the request rather then creating a new one.
639 		*/
640 		if (parent_req && parent_req->status != HTTP_OK && parent_req->status != 413 && strcmp(r->protocol, "INCLUDED")) {
641 			parent_req = NULL;
642 			goto normal;
643 		}
644 		ctx->r = r;
645 		brigade = ctx->brigade;
646 	}
647 
648 	if (AP2(last_modified)) {
649 		ap_update_mtime(r, r->finfo.mtime);
650 		ap_set_last_modified(r);
651 	}
652 
653 	/* Determine if we need to parse the file or show the source */
654 	if (strncmp(r->handler, PHP_SOURCE_MAGIC_TYPE, sizeof(PHP_SOURCE_MAGIC_TYPE) - 1) == 0) {
655 		zend_syntax_highlighter_ini syntax_highlighter_ini;
656 		php_get_highlight_struct(&syntax_highlighter_ini);
657 		highlight_file((char *)r->filename, &syntax_highlighter_ini TSRMLS_CC);
658 	} else {
659 		zend_file_handle zfd;
660 
661 		zfd.type = ZEND_HANDLE_FILENAME;
662 		zfd.filename = (char *) r->filename;
663 		zfd.free_filename = 0;
664 		zfd.opened_path = NULL;
665 
666 		if (!parent_req) {
667 			php_execute_script(&zfd TSRMLS_CC);
668 		} else {
669 			zend_execute_scripts(ZEND_INCLUDE TSRMLS_CC, NULL, 1, &zfd);
670 		}
671 
672 		apr_table_set(r->notes, "mod_php_memory_usage",
673 			apr_psprintf(ctx->r->pool, "%" APR_SIZE_T_FMT, zend_memory_peak_usage(1 TSRMLS_CC)));
674 	}
675 
676 } zend_end_try();
677 
678 	if (!parent_req) {
679 		php_apache_request_dtor(r TSRMLS_CC);
680 		ctx->request_processed = 1;
681 		bucket = apr_bucket_eos_create(r->connection->bucket_alloc);
682 		APR_BRIGADE_INSERT_TAIL(brigade, bucket);
683 
684 		rv = ap_pass_brigade(r->output_filters, brigade);
685 		if (rv != APR_SUCCESS || r->connection->aborted) {
686 zend_first_try {
687 			php_handle_aborted_connection();
688 } zend_end_try();
689 		}
690 		apr_brigade_cleanup(brigade);
691 		apr_pool_cleanup_run(r->pool, (void *)&SG(server_context), php_server_context_cleanup);
692 	} else {
693 		ctx->r = parent_req;
694 	}
695 
696 	return OK;
697 }
698 
php_apache_child_init(apr_pool_t * pchild,server_rec * s)699 static void php_apache_child_init(apr_pool_t *pchild, server_rec *s)
700 {
701 	apr_pool_cleanup_register(pchild, NULL, php_apache_child_shutdown, apr_pool_cleanup_null);
702 }
703 
php_ap2_register_hook(apr_pool_t * p)704 void php_ap2_register_hook(apr_pool_t *p)
705 {
706 	ap_hook_pre_config(php_pre_config, NULL, NULL, APR_HOOK_MIDDLE);
707 	ap_hook_post_config(php_apache_server_startup, NULL, NULL, APR_HOOK_MIDDLE);
708 	ap_hook_handler(php_handler, NULL, NULL, APR_HOOK_MIDDLE);
709 	ap_hook_child_init(php_apache_child_init, NULL, NULL, APR_HOOK_MIDDLE);
710 }
711 
712 /*
713  * Local variables:
714  * tab-width: 4
715  * c-basic-offset: 4
716  * End:
717  * vim600: sw=4 ts=4 fdm=marker
718  * vim<600: sw=4 ts=4
719  */
720