1 /* (c) 2007,2008 Andrei Nigmatulin */
2
3 #include "fpm_config.h"
4
5 #include <stdlib.h>
6 #include <string.h>
7 #include <stdio.h>
8
9 #include "php.h"
10 #include "php_main.h"
11 #include "php_ini.h"
12 #include "ext/standard/dl.h"
13
14 #include "fastcgi.h"
15
16 #include "fpm.h"
17 #include "fpm_php.h"
18 #include "fpm_cleanup.h"
19 #include "fpm_worker_pool.h"
20 #include "zlog.h"
21
22 static char **limit_extensions = NULL;
23
fpm_php_zend_ini_alter_master(char * name,int name_length,char * new_value,int new_value_length,int mode,int stage)24 static int fpm_php_zend_ini_alter_master(char *name, int name_length, char *new_value, int new_value_length, int mode, int stage) /* {{{ */
25 {
26 zend_ini_entry *ini_entry;
27 zend_string *duplicate;
28
29 if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), name, name_length)) == NULL) {
30 return FAILURE;
31 }
32
33 duplicate = zend_string_init(new_value, new_value_length, 1);
34
35 if (!ini_entry->on_modify
36 || ini_entry->on_modify(ini_entry, duplicate,
37 ini_entry->mh_arg1, ini_entry->mh_arg2, ini_entry->mh_arg3, stage) == SUCCESS) {
38 ini_entry->value = duplicate;
39 /* when mode == ZEND_INI_USER keep unchanged to allow ZEND_INI_PERDIR (.user.ini) */
40 if (mode == ZEND_INI_SYSTEM) {
41 ini_entry->modifiable = mode;
42 }
43 } else {
44 zend_string_release_ex(duplicate, 1);
45 }
46
47 return SUCCESS;
48 }
49 /* }}} */
50
fpm_php_disable(char * value,int (* zend_disable)(char *,size_t))51 static void fpm_php_disable(char *value, int (*zend_disable)(char *, size_t)) /* {{{ */
52 {
53 char *s = 0, *e = value;
54
55 while (*e) {
56 switch (*e) {
57 case ' ':
58 case ',':
59 if (s) {
60 *e = '\0';
61 zend_disable(s, e - s);
62 s = 0;
63 }
64 break;
65 default:
66 if (!s) {
67 s = e;
68 }
69 break;
70 }
71 e++;
72 }
73
74 if (s) {
75 zend_disable(s, e - s);
76 }
77 }
78 /* }}} */
79
fpm_php_apply_defines_ex(struct key_value_s * kv,int mode)80 int fpm_php_apply_defines_ex(struct key_value_s *kv, int mode) /* {{{ */
81 {
82
83 char *name = kv->key;
84 char *value = kv->value;
85 int name_len = strlen(name);
86 int value_len = strlen(value);
87
88 if (!strcmp(name, "extension") && *value) {
89 zval zv;
90 php_dl(value, MODULE_PERSISTENT, &zv, 1);
91 return Z_TYPE(zv) == IS_TRUE;
92 }
93
94 if (fpm_php_zend_ini_alter_master(name, name_len, value, value_len, mode, PHP_INI_STAGE_ACTIVATE) == FAILURE) {
95 return -1;
96 }
97
98 if (!strcmp(name, "disable_functions") && *value) {
99 char *v = strdup(value);
100 PG(disable_functions) = v;
101 fpm_php_disable(v, zend_disable_function);
102 return 1;
103 }
104
105 if (!strcmp(name, "disable_classes") && *value) {
106 char *v = strdup(value);
107 PG(disable_classes) = v;
108 fpm_php_disable(v, zend_disable_class);
109 return 1;
110 }
111
112 return 1;
113 }
114 /* }}} */
115
fpm_php_apply_defines(struct fpm_worker_pool_s * wp)116 static int fpm_php_apply_defines(struct fpm_worker_pool_s *wp) /* {{{ */
117 {
118 struct key_value_s *kv;
119
120 for (kv = wp->config->php_values; kv; kv = kv->next) {
121 if (fpm_php_apply_defines_ex(kv, ZEND_INI_USER) == -1) {
122 zlog(ZLOG_ERROR, "Unable to set php_value '%s'", kv->key);
123 }
124 }
125
126 for (kv = wp->config->php_admin_values; kv; kv = kv->next) {
127 if (fpm_php_apply_defines_ex(kv, ZEND_INI_SYSTEM) == -1) {
128 zlog(ZLOG_ERROR, "Unable to set php_admin_value '%s'", kv->key);
129 }
130 }
131
132 return 0;
133 }
134 /* }}} */
135
fpm_php_set_allowed_clients(struct fpm_worker_pool_s * wp)136 static int fpm_php_set_allowed_clients(struct fpm_worker_pool_s *wp) /* {{{ */
137 {
138 if (wp->listen_address_domain == FPM_AF_INET) {
139 fcgi_set_allowed_clients(wp->config->listen_allowed_clients);
140 }
141 return 0;
142 }
143 /* }}} */
144
145 #if 0 /* Comment out this non used function. It could be used later. */
146 static int fpm_php_set_fcgi_mgmt_vars(struct fpm_worker_pool_s *wp) /* {{{ */
147 {
148 char max_workers[10 + 1]; /* 4294967295 */
149 int len;
150
151 len = sprintf(max_workers, "%u", (unsigned int) wp->config->pm_max_children);
152
153 fcgi_set_mgmt_var("FCGI_MAX_CONNS", sizeof("FCGI_MAX_CONNS")-1, max_workers, len);
154 fcgi_set_mgmt_var("FCGI_MAX_REQS", sizeof("FCGI_MAX_REQS")-1, max_workers, len);
155 return 0;
156 }
157 /* }}} */
158 #endif
159
fpm_php_script_filename(void)160 char *fpm_php_script_filename(void) /* {{{ */
161 {
162 return SG(request_info).path_translated;
163 }
164 /* }}} */
165
fpm_php_request_uri(void)166 char *fpm_php_request_uri(void) /* {{{ */
167 {
168 return (char *) SG(request_info).request_uri;
169 }
170 /* }}} */
171
fpm_php_request_method(void)172 char *fpm_php_request_method(void) /* {{{ */
173 {
174 return (char *) SG(request_info).request_method;
175 }
176 /* }}} */
177
fpm_php_query_string(void)178 char *fpm_php_query_string(void) /* {{{ */
179 {
180 return SG(request_info).query_string;
181 }
182 /* }}} */
183
fpm_php_auth_user(void)184 char *fpm_php_auth_user(void) /* {{{ */
185 {
186 return SG(request_info).auth_user;
187 }
188 /* }}} */
189
fpm_php_content_length(void)190 size_t fpm_php_content_length(void) /* {{{ */
191 {
192 return SG(request_info).content_length;
193 }
194 /* }}} */
195
fpm_php_cleanup(int which,void * arg)196 static void fpm_php_cleanup(int which, void *arg) /* {{{ */
197 {
198 php_module_shutdown();
199 sapi_shutdown();
200 if (limit_extensions) {
201 fpm_worker_pool_free_limit_extensions(limit_extensions);
202 }
203 }
204 /* }}} */
205
fpm_php_soft_quit()206 void fpm_php_soft_quit() /* {{{ */
207 {
208 fcgi_terminate();
209 }
210 /* }}} */
211
fpm_php_init_main()212 int fpm_php_init_main() /* {{{ */
213 {
214 if (0 > fpm_cleanup_add(FPM_CLEANUP_PARENT, fpm_php_cleanup, 0)) {
215 return -1;
216 }
217 return 0;
218 }
219 /* }}} */
220
fpm_php_init_child(struct fpm_worker_pool_s * wp)221 int fpm_php_init_child(struct fpm_worker_pool_s *wp) /* {{{ */
222 {
223 if (0 > fpm_php_apply_defines(wp) ||
224 0 > fpm_php_set_allowed_clients(wp)) {
225 return -1;
226 }
227
228 if (wp->limit_extensions) {
229 /* Take ownership of limit_extensions. */
230 limit_extensions = wp->limit_extensions;
231 wp->limit_extensions = NULL;
232 }
233 return 0;
234 }
235 /* }}} */
236
fpm_php_limit_extensions(char * path)237 int fpm_php_limit_extensions(char *path) /* {{{ */
238 {
239 char **p;
240 size_t path_len;
241
242 if (!path || !limit_extensions) {
243 return 0; /* allowed by default */
244 }
245
246 p = limit_extensions;
247 path_len = strlen(path);
248 while (p && *p) {
249 size_t ext_len = strlen(*p);
250 if (path_len > ext_len) {
251 char *path_ext = path + path_len - ext_len;
252 if (strcmp(*p, path_ext) == 0) {
253 return 0; /* allow as the extension has been found */
254 }
255 }
256 p++;
257 }
258
259
260 zlog(ZLOG_NOTICE, "Access to the script '%s' has been denied (see security.limit_extensions)", path);
261 return 1; /* extension not found: not allowed */
262 }
263 /* }}} */
264
fpm_php_get_string_from_table(zend_string * table,char * key)265 char* fpm_php_get_string_from_table(zend_string *table, char *key) /* {{{ */
266 {
267 zval *data, *tmp;
268 zend_string *str;
269 if (!table || !key) {
270 return NULL;
271 }
272
273 /* inspired from ext/standard/info.c */
274
275 zend_is_auto_global(table);
276
277 /* find the table and ensure it's an array */
278 data = zend_hash_find(&EG(symbol_table), table);
279 if (!data || Z_TYPE_P(data) != IS_ARRAY) {
280 return NULL;
281 }
282
283 ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(data), str, tmp) {
284 if (str && !strncmp(ZSTR_VAL(str), key, ZSTR_LEN(str))) {
285 return Z_STRVAL_P(tmp);
286 }
287 } ZEND_HASH_FOREACH_END();
288
289 return NULL;
290 }
291 /* }}} */
292
