1 /*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | https://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Authors: Dmitry Stogov <dmitry@php.net> |
14 +----------------------------------------------------------------------+
15 */
16
17 #include "php.h"
18 #include "php_network.h"
19
20 #include <string.h>
21 #include <stdlib.h>
22 #include <stdio.h>
23 #include <stdarg.h>
24 #include <errno.h>
25
26 #ifndef MAXFQDNLEN
27 #define MAXFQDNLEN 255
28 #endif
29
30 #ifdef _WIN32
31
32 #include <windows.h>
33
34 struct sockaddr_un {
35 short sun_family;
36 char sun_path[MAXPATHLEN];
37 };
38
39 static HANDLE fcgi_accept_mutex = INVALID_HANDLE_VALUE;
40 static int is_impersonate = 0;
41
42 #define FCGI_LOCK(fd) \
43 if (fcgi_accept_mutex != INVALID_HANDLE_VALUE) { \
44 DWORD ret; \
45 while ((ret = WaitForSingleObject(fcgi_accept_mutex, 1000)) == WAIT_TIMEOUT) { \
46 if (in_shutdown) return -1; \
47 } \
48 if (ret == WAIT_FAILED) { \
49 fprintf(stderr, "WaitForSingleObject() failed\n"); \
50 return -1; \
51 } \
52 }
53
54 #define FCGI_UNLOCK(fd) \
55 if (fcgi_accept_mutex != INVALID_HANDLE_VALUE) { \
56 ReleaseMutex(fcgi_accept_mutex); \
57 }
58
59 #else
60
61 # include <sys/types.h>
62 # include <sys/stat.h>
63 # include <unistd.h>
64 # include <fcntl.h>
65 # include <sys/socket.h>
66 # include <sys/un.h>
67 # include <netinet/in.h>
68 # include <netinet/tcp.h>
69 # include <arpa/inet.h>
70 # include <netdb.h>
71 # include <signal.h>
72
73 # if defined(HAVE_POLL_H) && defined(HAVE_POLL)
74 # include <poll.h>
75 # elif defined(HAVE_SYS_POLL_H) && defined(HAVE_POLL)
76 # include <sys/poll.h>
77 # endif
78 # if defined(HAVE_SYS_SELECT_H)
79 # include <sys/select.h>
80 # endif
81
82 #ifndef INADDR_NONE
83 #define INADDR_NONE ((unsigned long) -1)
84 #endif
85
86 # ifndef HAVE_SOCKLEN_T
87 typedef unsigned int socklen_t;
88 # endif
89
90 # ifdef USE_LOCKING
91 # define FCGI_LOCK(fd) \
92 do { \
93 struct flock lock; \
94 lock.l_type = F_WRLCK; \
95 lock.l_start = 0; \
96 lock.l_whence = SEEK_SET; \
97 lock.l_len = 0; \
98 if (fcntl(fd, F_SETLKW, &lock) != -1) { \
99 break; \
100 } else if (errno != EINTR || in_shutdown) { \
101 return -1; \
102 } \
103 } while (1)
104
105 # define FCGI_UNLOCK(fd) \
106 do { \
107 int orig_errno = errno; \
108 while (1) { \
109 struct flock lock; \
110 lock.l_type = F_UNLCK; \
111 lock.l_start = 0; \
112 lock.l_whence = SEEK_SET; \
113 lock.l_len = 0; \
114 if (fcntl(fd, F_SETLK, &lock) != -1) { \
115 break; \
116 } else if (errno != EINTR) { \
117 return -1; \
118 } \
119 } \
120 errno = orig_errno; \
121 } while (0)
122 # else
123 # define FCGI_LOCK(fd)
124 # define FCGI_UNLOCK(fd)
125 # endif
126
127 #endif
128
129 #include "fastcgi.h"
130
131 typedef struct _fcgi_header {
132 unsigned char version;
133 unsigned char type;
134 unsigned char requestIdB1;
135 unsigned char requestIdB0;
136 unsigned char contentLengthB1;
137 unsigned char contentLengthB0;
138 unsigned char paddingLength;
139 unsigned char reserved;
140 } fcgi_header;
141
142 typedef struct _fcgi_begin_request {
143 unsigned char roleB1;
144 unsigned char roleB0;
145 unsigned char flags;
146 unsigned char reserved[5];
147 } fcgi_begin_request;
148
149 typedef struct _fcgi_begin_request_rec {
150 fcgi_header hdr;
151 fcgi_begin_request body;
152 } fcgi_begin_request_rec;
153
154 typedef struct _fcgi_end_request {
155 unsigned char appStatusB3;
156 unsigned char appStatusB2;
157 unsigned char appStatusB1;
158 unsigned char appStatusB0;
159 unsigned char protocolStatus;
160 unsigned char reserved[3];
161 } fcgi_end_request;
162
163 typedef struct _fcgi_end_request_rec {
164 fcgi_header hdr;
165 fcgi_end_request body;
166 } fcgi_end_request_rec;
167
168 typedef struct _fcgi_hash_bucket {
169 unsigned int hash_value;
170 unsigned int var_len;
171 char *var;
172 unsigned int val_len;
173 char *val;
174 struct _fcgi_hash_bucket *next;
175 struct _fcgi_hash_bucket *list_next;
176 } fcgi_hash_bucket;
177
178 typedef struct _fcgi_hash_buckets {
179 unsigned int idx;
180 struct _fcgi_hash_buckets *next;
181 struct _fcgi_hash_bucket data[FCGI_HASH_TABLE_SIZE];
182 } fcgi_hash_buckets;
183
184 typedef struct _fcgi_data_seg {
185 char *pos;
186 char *end;
187 struct _fcgi_data_seg *next;
188 char data[1];
189 } fcgi_data_seg;
190
191 typedef struct _fcgi_hash {
192 fcgi_hash_bucket *hash_table[FCGI_HASH_TABLE_SIZE];
193 fcgi_hash_bucket *list;
194 fcgi_hash_buckets *buckets;
195 fcgi_data_seg *data;
196 } fcgi_hash;
197
198 typedef struct _fcgi_req_hook fcgi_req_hook;
199
200 struct _fcgi_req_hook {
201 void(*on_accept)(void);
202 void(*on_read)(void);
203 void(*on_close)(void);
204 };
205
206 struct _fcgi_request {
207 int listen_socket;
208 int tcp;
209 int fd;
210 int id;
211 int keep;
212 #ifdef TCP_NODELAY
213 int nodelay;
214 #endif
215 int ended;
216 int in_len;
217 int in_pad;
218
219 fcgi_header *out_hdr;
220
221 unsigned char *out_pos;
222 unsigned char out_buf[1024*8];
223 unsigned char reserved[sizeof(fcgi_end_request_rec)];
224
225 fcgi_req_hook hook;
226
227 int has_env;
228 fcgi_hash env;
229 };
230
231 /* maybe it's better to use weak name instead */
232 #ifndef HAVE_ATTRIBUTE_WEAK
233 static fcgi_logger fcgi_log;
234 #endif
235
236 typedef union _sa_t {
237 struct sockaddr sa;
238 struct sockaddr_un sa_unix;
239 struct sockaddr_in sa_inet;
240 struct sockaddr_in6 sa_inet6;
241 } sa_t;
242
243 static HashTable fcgi_mgmt_vars;
244
245 static int is_initialized = 0;
246 static int is_fastcgi = 0;
247 static int in_shutdown = 0;
248 static sa_t *allowed_clients = NULL;
249 static sa_t client_sa;
250
251 /* hash table */
fcgi_hash_init(fcgi_hash * h)252 static void fcgi_hash_init(fcgi_hash *h)
253 {
254 memset(h->hash_table, 0, sizeof(h->hash_table));
255 h->list = NULL;
256 h->buckets = (fcgi_hash_buckets*)malloc(sizeof(fcgi_hash_buckets));
257 h->buckets->idx = 0;
258 h->buckets->next = NULL;
259 h->data = (fcgi_data_seg*)malloc(sizeof(fcgi_data_seg) - 1 + FCGI_HASH_SEG_SIZE);
260 h->data->pos = h->data->data;
261 h->data->end = h->data->pos + FCGI_HASH_SEG_SIZE;
262 h->data->next = NULL;
263 }
264
fcgi_hash_destroy(fcgi_hash * h)265 static void fcgi_hash_destroy(fcgi_hash *h)
266 {
267 fcgi_hash_buckets *b;
268 fcgi_data_seg *p;
269
270 b = h->buckets;
271 while (b) {
272 fcgi_hash_buckets *q = b;
273 b = b->next;
274 free(q);
275 }
276 p = h->data;
277 while (p) {
278 fcgi_data_seg *q = p;
279 p = p->next;
280 free(q);
281 }
282 }
283
fcgi_hash_clean(fcgi_hash * h)284 static void fcgi_hash_clean(fcgi_hash *h)
285 {
286 memset(h->hash_table, 0, sizeof(h->hash_table));
287 h->list = NULL;
288 /* delete all bucket blocks except the first one */
289 while (h->buckets->next) {
290 fcgi_hash_buckets *q = h->buckets;
291
292 h->buckets = h->buckets->next;
293 free(q);
294 }
295 h->buckets->idx = 0;
296 /* delete all data segments except the first one */
297 while (h->data->next) {
298 fcgi_data_seg *q = h->data;
299
300 h->data = h->data->next;
301 free(q);
302 }
303 h->data->pos = h->data->data;
304 }
305
fcgi_hash_strndup(fcgi_hash * h,char * str,unsigned int str_len)306 static inline char* fcgi_hash_strndup(fcgi_hash *h, char *str, unsigned int str_len)
307 {
308 char *ret;
309
310 if (UNEXPECTED(h->data->pos + str_len + 1 >= h->data->end)) {
311 unsigned int seg_size = (str_len + 1 > FCGI_HASH_SEG_SIZE) ? str_len + 1 : FCGI_HASH_SEG_SIZE;
312 fcgi_data_seg *p = (fcgi_data_seg*)malloc(sizeof(fcgi_data_seg) - 1 + seg_size);
313
314 p->pos = p->data;
315 p->end = p->pos + seg_size;
316 p->next = h->data;
317 h->data = p;
318 }
319 ret = h->data->pos;
320 memcpy(ret, str, str_len);
321 ret[str_len] = 0;
322 h->data->pos += str_len + 1;
323 return ret;
324 }
325
fcgi_hash_set(fcgi_hash * h,unsigned int hash_value,char * var,unsigned int var_len,char * val,unsigned int val_len)326 static char* fcgi_hash_set(fcgi_hash *h, unsigned int hash_value, char *var, unsigned int var_len, char *val, unsigned int val_len)
327 {
328 unsigned int idx = hash_value & FCGI_HASH_TABLE_MASK;
329 fcgi_hash_bucket *p = h->hash_table[idx];
330
331 while (UNEXPECTED(p != NULL)) {
332 if (UNEXPECTED(p->hash_value == hash_value) &&
333 p->var_len == var_len &&
334 memcmp(p->var, var, var_len) == 0) {
335
336 p->val_len = val_len;
337 p->val = fcgi_hash_strndup(h, val, val_len);
338 return p->val;
339 }
340 p = p->next;
341 }
342
343 if (UNEXPECTED(h->buckets->idx >= FCGI_HASH_TABLE_SIZE)) {
344 fcgi_hash_buckets *b = (fcgi_hash_buckets*)malloc(sizeof(fcgi_hash_buckets));
345 b->idx = 0;
346 b->next = h->buckets;
347 h->buckets = b;
348 }
349 p = h->buckets->data + h->buckets->idx;
350 h->buckets->idx++;
351 p->next = h->hash_table[idx];
352 h->hash_table[idx] = p;
353 p->list_next = h->list;
354 h->list = p;
355 p->hash_value = hash_value;
356 p->var_len = var_len;
357 p->var = fcgi_hash_strndup(h, var, var_len);
358 p->val_len = val_len;
359 p->val = fcgi_hash_strndup(h, val, val_len);
360 return p->val;
361 }
362
fcgi_hash_del(fcgi_hash * h,unsigned int hash_value,char * var,unsigned int var_len)363 static void fcgi_hash_del(fcgi_hash *h, unsigned int hash_value, char *var, unsigned int var_len)
364 {
365 unsigned int idx = hash_value & FCGI_HASH_TABLE_MASK;
366 fcgi_hash_bucket **p = &h->hash_table[idx];
367
368 while (*p != NULL) {
369 if ((*p)->hash_value == hash_value &&
370 (*p)->var_len == var_len &&
371 memcmp((*p)->var, var, var_len) == 0) {
372
373 (*p)->val = NULL; /* NULL value means deleted */
374 (*p)->val_len = 0;
375 *p = (*p)->next;
376 return;
377 }
378 p = &(*p)->next;
379 }
380 }
381
fcgi_hash_get(fcgi_hash * h,unsigned int hash_value,char * var,unsigned int var_len,unsigned int * val_len)382 static char *fcgi_hash_get(fcgi_hash *h, unsigned int hash_value, char *var, unsigned int var_len, unsigned int *val_len)
383 {
384 unsigned int idx = hash_value & FCGI_HASH_TABLE_MASK;
385 fcgi_hash_bucket *p = h->hash_table[idx];
386
387 while (p != NULL) {
388 if (p->hash_value == hash_value &&
389 p->var_len == var_len &&
390 memcmp(p->var, var, var_len) == 0) {
391 *val_len = p->val_len;
392 return p->val;
393 }
394 p = p->next;
395 }
396 return NULL;
397 }
398
fcgi_hash_apply(fcgi_hash * h,fcgi_apply_func func,void * arg)399 static void fcgi_hash_apply(fcgi_hash *h, fcgi_apply_func func, void *arg)
400 {
401 fcgi_hash_bucket *p = h->list;
402
403 while (p) {
404 if (EXPECTED(p->val != NULL)) {
405 func(p->var, p->var_len, p->val, p->val_len, arg);
406 }
407 p = p->list_next;
408 }
409 }
410
411 #ifdef _WIN32
412
fcgi_shutdown_thread(LPVOID arg)413 static DWORD WINAPI fcgi_shutdown_thread(LPVOID arg)
414 {
415 HANDLE shutdown_event = (HANDLE) arg;
416 WaitForSingleObject(shutdown_event, INFINITE);
417 in_shutdown = 1;
418 return 0;
419 }
420
421 #else
422
fcgi_signal_handler(int signo)423 static void fcgi_signal_handler(int signo)
424 {
425 if (signo == SIGUSR1 || signo == SIGTERM) {
426 in_shutdown = 1;
427 }
428 }
429
fcgi_setup_signals(void)430 static void fcgi_setup_signals(void)
431 {
432 struct sigaction new_sa, old_sa;
433
434 sigemptyset(&new_sa.sa_mask);
435 new_sa.sa_flags = 0;
436 new_sa.sa_handler = fcgi_signal_handler;
437 sigaction(SIGUSR1, &new_sa, NULL);
438 sigaction(SIGTERM, &new_sa, NULL);
439 sigaction(SIGPIPE, NULL, &old_sa);
440 if (old_sa.sa_handler == SIG_DFL) {
441 sigaction(SIGPIPE, &new_sa, NULL);
442 }
443 }
444 #endif
445
fcgi_set_in_shutdown(int new_value)446 void fcgi_set_in_shutdown(int new_value)
447 {
448 in_shutdown = new_value;
449 }
450
fcgi_in_shutdown(void)451 int fcgi_in_shutdown(void)
452 {
453 return in_shutdown;
454 }
455
fcgi_terminate(void)456 void fcgi_terminate(void)
457 {
458 in_shutdown = 1;
459 }
460
fcgi_request_set_keep(fcgi_request * req,int new_value)461 void fcgi_request_set_keep(fcgi_request *req, int new_value)
462 {
463 req->keep = new_value;
464 }
465
466 #ifndef HAVE_ATTRIBUTE_WEAK
fcgi_set_logger(fcgi_logger lg)467 void fcgi_set_logger(fcgi_logger lg) {
468 fcgi_log = lg;
469 }
470 #else
fcgi_log(int type,const char * format,...)471 void __attribute__((weak)) fcgi_log(int type, const char *format, ...) {
472 va_list ap;
473
474 va_start(ap, format);
475 vfprintf(stderr, format, ap);
476 va_end(ap);
477 }
478 #endif
479
fcgi_init(void)480 int fcgi_init(void)
481 {
482 if (!is_initialized) {
483 #ifndef _WIN32
484 sa_t sa;
485 socklen_t len = sizeof(sa);
486 #endif
487 zend_hash_init(&fcgi_mgmt_vars, 8, NULL, fcgi_free_mgmt_var_cb, 1);
488 fcgi_set_mgmt_var("FCGI_MPXS_CONNS", sizeof("FCGI_MPXS_CONNS")-1, "0", sizeof("0")-1);
489
490 is_initialized = 1;
491 #ifdef _WIN32
492 # if 0
493 /* TODO: Support for TCP sockets */
494 WSADATA wsaData;
495
496 if (WSAStartup(MAKEWORD(2,0), &wsaData)) {
497 fprintf(stderr, "Error starting Windows Sockets. Error: %d", WSAGetLastError());
498 return 0;
499 }
500 # endif
501 if ((GetStdHandle(STD_OUTPUT_HANDLE) == INVALID_HANDLE_VALUE) &&
502 (GetStdHandle(STD_ERROR_HANDLE) == INVALID_HANDLE_VALUE) &&
503 (GetStdHandle(STD_INPUT_HANDLE) != INVALID_HANDLE_VALUE)) {
504 char *str;
505 DWORD pipe_mode = PIPE_READMODE_BYTE | PIPE_WAIT;
506 HANDLE pipe = GetStdHandle(STD_INPUT_HANDLE);
507
508 SetNamedPipeHandleState(pipe, &pipe_mode, NULL, NULL);
509
510 str = getenv("_FCGI_SHUTDOWN_EVENT_");
511 if (str != NULL) {
512 zend_long ev = ZEND_ATOL(str);
513 HANDLE shutdown_event = (HANDLE) ev;
514 if (!CreateThread(NULL, 0, fcgi_shutdown_thread,
515 shutdown_event, 0, NULL)) {
516 return -1;
517 }
518 }
519 str = getenv("_FCGI_MUTEX_");
520 if (str != NULL) {
521 fcgi_accept_mutex = (HANDLE) ZEND_ATOL(str);
522 }
523 return is_fastcgi = 1;
524 } else {
525 return is_fastcgi = 0;
526 }
527 #else
528 errno = 0;
529 if (getpeername(0, (struct sockaddr *)&sa, &len) != 0 && errno == ENOTCONN) {
530 fcgi_setup_signals();
531 return is_fastcgi = 1;
532 } else {
533 return is_fastcgi = 0;
534 }
535 #endif
536 }
537 return is_fastcgi;
538 }
539
540
fcgi_is_fastcgi(void)541 int fcgi_is_fastcgi(void)
542 {
543 if (!is_initialized) {
544 return fcgi_init();
545 } else {
546 return is_fastcgi;
547 }
548 }
549
fcgi_shutdown(void)550 void fcgi_shutdown(void)
551 {
552 if (is_initialized) {
553 zend_hash_destroy(&fcgi_mgmt_vars);
554 }
555 is_fastcgi = 0;
556 if (allowed_clients) {
557 free(allowed_clients);
558 }
559 }
560
561 #ifdef _WIN32
562 /* Do some black magic with the NT security API.
563 * We prepare a DACL (Discretionary Access Control List) so that
564 * we, the creator, are allowed all access, while "Everyone Else"
565 * is only allowed to read and write to the pipe.
566 * This avoids security issues on shared hosts where a luser messes
567 * with the lower-level pipe settings and screws up the FastCGI service.
568 */
prepare_named_pipe_acl(PSECURITY_DESCRIPTOR sd,LPSECURITY_ATTRIBUTES sa)569 static PACL prepare_named_pipe_acl(PSECURITY_DESCRIPTOR sd, LPSECURITY_ATTRIBUTES sa)
570 {
571 DWORD req_acl_size;
572 char everyone_buf[32], owner_buf[32];
573 PSID sid_everyone, sid_owner;
574 SID_IDENTIFIER_AUTHORITY
575 siaWorld = SECURITY_WORLD_SID_AUTHORITY,
576 siaCreator = SECURITY_CREATOR_SID_AUTHORITY;
577 PACL acl;
578
579 sid_everyone = (PSID)&everyone_buf;
580 sid_owner = (PSID)&owner_buf;
581
582 req_acl_size = sizeof(ACL) +
583 (2 * ((sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD)) + GetSidLengthRequired(1)));
584
585 acl = malloc(req_acl_size);
586
587 if (acl == NULL) {
588 return NULL;
589 }
590
591 if (!InitializeSid(sid_everyone, &siaWorld, 1)) {
592 goto out_fail;
593 }
594 *GetSidSubAuthority(sid_everyone, 0) = SECURITY_WORLD_RID;
595
596 if (!InitializeSid(sid_owner, &siaCreator, 1)) {
597 goto out_fail;
598 }
599 *GetSidSubAuthority(sid_owner, 0) = SECURITY_CREATOR_OWNER_RID;
600
601 if (!InitializeAcl(acl, req_acl_size, ACL_REVISION)) {
602 goto out_fail;
603 }
604
605 if (!AddAccessAllowedAce(acl, ACL_REVISION, FILE_GENERIC_READ | FILE_GENERIC_WRITE, sid_everyone)) {
606 goto out_fail;
607 }
608
609 if (!AddAccessAllowedAce(acl, ACL_REVISION, FILE_ALL_ACCESS, sid_owner)) {
610 goto out_fail;
611 }
612
613 if (!InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION)) {
614 goto out_fail;
615 }
616
617 if (!SetSecurityDescriptorDacl(sd, TRUE, acl, FALSE)) {
618 goto out_fail;
619 }
620
621 sa->lpSecurityDescriptor = sd;
622
623 return acl;
624
625 out_fail:
626 free(acl);
627 return NULL;
628 }
629 #endif
630
is_port_number(const char * bindpath)631 static int is_port_number(const char *bindpath)
632 {
633 while (*bindpath) {
634 if (*bindpath < '0' || *bindpath > '9') {
635 return 0;
636 }
637 bindpath++;
638 }
639 return 1;
640 }
641
fcgi_listen(const char * path,int backlog)642 int fcgi_listen(const char *path, int backlog)
643 {
644 char *s;
645 int tcp = 0;
646 char host[MAXPATHLEN];
647 short port = 0;
648 int listen_socket;
649 sa_t sa;
650 socklen_t sock_len;
651 #ifdef SO_REUSEADDR
652 # ifdef _WIN32
653 BOOL reuse = 1;
654 # else
655 int reuse = 1;
656 # endif
657 #endif
658
659 if ((s = strchr(path, ':'))) {
660 port = atoi(s+1);
661 if (port != 0 && (s-path) < MAXPATHLEN) {
662 strncpy(host, path, s-path);
663 host[s-path] = '\0';
664 tcp = 1;
665 }
666 } else if (is_port_number(path)) {
667 port = atoi(path);
668 if (port != 0) {
669 host[0] = '\0';
670 tcp = 1;
671 }
672 }
673
674 /* Prepare socket address */
675 if (tcp) {
676 memset(&sa.sa_inet, 0, sizeof(sa.sa_inet));
677 sa.sa_inet.sin_family = AF_INET;
678 sa.sa_inet.sin_port = htons(port);
679 sock_len = sizeof(sa.sa_inet);
680
681 if (!*host || !strncmp(host, "*", sizeof("*")-1)) {
682 sa.sa_inet.sin_addr.s_addr = htonl(INADDR_ANY);
683 } else {
684 #ifdef HAVE_INET_PTON
685 if (!inet_pton(AF_INET, host, &sa.sa_inet.sin_addr)) {
686 #else
687 sa.sa_inet.sin_addr.s_addr = inet_addr(host);
688 if (sa.sa_inet.sin_addr.s_addr == INADDR_NONE) {
689 #endif
690 struct hostent *hep;
691
692 if(strlen(host) > MAXFQDNLEN) {
693 hep = NULL;
694 } else {
695 hep = php_network_gethostbyname(host);
696 }
697 if (!hep || hep->h_addrtype != AF_INET || !hep->h_addr_list[0]) {
698 fcgi_log(FCGI_ERROR, "Cannot resolve host name '%s'!\n", host);
699 return -1;
700 } else if (hep->h_addr_list[1]) {
701 fcgi_log(FCGI_ERROR, "Host '%s' has multiple addresses. You must choose one explicitly!\n", host);
702 return -1;
703 }
704 sa.sa_inet.sin_addr.s_addr = ((struct in_addr*)hep->h_addr_list[0])->s_addr;
705 }
706 }
707 } else {
708 #ifdef _WIN32
709 SECURITY_DESCRIPTOR sd;
710 SECURITY_ATTRIBUTES saw;
711 PACL acl;
712 HANDLE namedPipe;
713
714 memset(&sa, 0, sizeof(saw));
715 saw.nLength = sizeof(saw);
716 saw.bInheritHandle = FALSE;
717 acl = prepare_named_pipe_acl(&sd, &saw);
718
719 namedPipe = CreateNamedPipe(path,
720 PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED,
721 PIPE_TYPE_BYTE | PIPE_WAIT | PIPE_READMODE_BYTE,
722 PIPE_UNLIMITED_INSTANCES,
723 8192, 8192, 0, &saw);
724 if (namedPipe == INVALID_HANDLE_VALUE) {
725 return -1;
726 }
727 listen_socket = _open_osfhandle((intptr_t)namedPipe, 0);
728 if (!is_initialized) {
729 fcgi_init();
730 }
731 is_fastcgi = 1;
732 return listen_socket;
733
734 #else
735 size_t path_len = strlen(path);
736
737 if (path_len >= sizeof(sa.sa_unix.sun_path)) {
738 fcgi_log(FCGI_ERROR, "Listening socket's path name is too long.\n");
739 return -1;
740 }
741
742 memset(&sa.sa_unix, 0, sizeof(sa.sa_unix));
743 sa.sa_unix.sun_family = AF_UNIX;
744 memcpy(sa.sa_unix.sun_path, path, path_len + 1);
745 sock_len = (size_t)(((struct sockaddr_un *)0)->sun_path) + path_len;
746 #ifdef HAVE_STRUCT_SOCKADDR_UN_SUN_LEN
747 sa.sa_unix.sun_len = sock_len;
748 #endif
749 unlink(path);
750 #endif
751 }
752
753 /* Create, bind socket and start listen on it */
754 if ((listen_socket = socket(sa.sa.sa_family, SOCK_STREAM, 0)) < 0 ||
755 #ifdef SO_REUSEADDR
756 setsockopt(listen_socket, SOL_SOCKET, SO_REUSEADDR, (char*)&reuse, sizeof(reuse)) < 0 ||
757 #endif
758 bind(listen_socket, (struct sockaddr *) &sa, sock_len) < 0 ||
759 listen(listen_socket, backlog) < 0) {
760 close(listen_socket);
761 fcgi_log(FCGI_ERROR, "Cannot bind/listen socket - [%d] %s.\n",errno, strerror(errno));
762 return -1;
763 }
764
765 if (!tcp) {
766 chmod(path, 0777);
767 } else {
768 char *ip = getenv("FCGI_WEB_SERVER_ADDRS");
769 char *cur, *end;
770 int n;
771
772 if (ip) {
773 ip = strdup(ip);
774 cur = ip;
775 n = 0;
776 while (*cur) {
777 if (*cur == ',') n++;
778 cur++;
779 }
780 allowed_clients = malloc(sizeof(sa_t) * (n+2));
781 n = 0;
782 cur = ip;
783 while (cur) {
784 end = strchr(cur, ',');
785 if (end) {
786 *end = 0;
787 end++;
788 }
789 if (inet_pton(AF_INET, cur, &allowed_clients[n].sa_inet.sin_addr)>0) {
790 allowed_clients[n].sa.sa_family = AF_INET;
791 n++;
792 #ifdef HAVE_IPV6
793 } else if (inet_pton(AF_INET6, cur, &allowed_clients[n].sa_inet6.sin6_addr)>0) {
794 allowed_clients[n].sa.sa_family = AF_INET6;
795 n++;
796 #endif
797 } else {
798 fcgi_log(FCGI_ERROR, "Wrong IP address '%s' in listen.allowed_clients", cur);
799 }
800 cur = end;
801 }
802 allowed_clients[n].sa.sa_family = 0;
803 free(ip);
804 if (!n) {
805 fcgi_log(FCGI_ERROR, "There are no allowed addresses");
806 /* don't clear allowed_clients as it will create an "open for all" security issue */
807 }
808 }
809 }
810
811 if (!is_initialized) {
812 fcgi_init();
813 }
814 is_fastcgi = 1;
815
816 #ifdef _WIN32
817 if (tcp) {
818 listen_socket = _open_osfhandle((intptr_t)listen_socket, 0);
819 }
820 #else
821 fcgi_setup_signals();
822 #endif
823 return listen_socket;
824 }
825
826 void fcgi_set_allowed_clients(char *ip)
827 {
828 char *cur, *end;
829 int n;
830
831 if (ip) {
832 ip = strdup(ip);
833 cur = ip;
834 n = 0;
835 while (*cur) {
836 if (*cur == ',') n++;
837 cur++;
838 }
839 if (allowed_clients) free(allowed_clients);
840 allowed_clients = malloc(sizeof(sa_t) * (n+2));
841 n = 0;
842 cur = ip;
843 while (cur) {
844 end = strchr(cur, ',');
845 if (end) {
846 *end = 0;
847 end++;
848 }
849 if (inet_pton(AF_INET, cur, &allowed_clients[n].sa_inet.sin_addr)>0) {
850 allowed_clients[n].sa.sa_family = AF_INET;
851 n++;
852 #ifdef HAVE_IPV6
853 } else if (inet_pton(AF_INET6, cur, &allowed_clients[n].sa_inet6.sin6_addr)>0) {
854 allowed_clients[n].sa.sa_family = AF_INET6;
855 n++;
856 #endif
857 } else {
858 fcgi_log(FCGI_ERROR, "Wrong IP address '%s' in listen.allowed_clients", cur);
859 }
860 cur = end;
861 }
862 allowed_clients[n].sa.sa_family = 0;
863 free(ip);
864 if (!n) {
865 fcgi_log(FCGI_ERROR, "There are no allowed addresses");
866 /* don't clear allowed_clients as it will create an "open for all" security issue */
867 }
868 }
869 }
870
871 static void fcgi_hook_dummy(void) {
872 return;
873 }
874
875 fcgi_request *fcgi_init_request(int listen_socket, void(*on_accept)(void), void(*on_read)(void), void(*on_close)(void))
876 {
877 fcgi_request *req = calloc(1, sizeof(fcgi_request));
878 req->listen_socket = listen_socket;
879 req->fd = -1;
880 req->id = -1;
881
882 /*
883 req->in_len = 0;
884 req->in_pad = 0;
885
886 req->out_hdr = NULL;
887
888 #ifdef TCP_NODELAY
889 req->nodelay = 0;
890 #endif
891
892 req->env = NULL;
893 req->has_env = 0;
894
895 */
896 req->out_pos = req->out_buf;
897 req->hook.on_accept = on_accept ? on_accept : fcgi_hook_dummy;
898 req->hook.on_read = on_read ? on_read : fcgi_hook_dummy;
899 req->hook.on_close = on_close ? on_close : fcgi_hook_dummy;
900
901 #ifdef _WIN32
902 req->tcp = !GetNamedPipeInfo((HANDLE)_get_osfhandle(req->listen_socket), NULL, NULL, NULL, NULL);
903 #endif
904
905 fcgi_hash_init(&req->env);
906
907 return req;
908 }
909
910 void fcgi_destroy_request(fcgi_request *req) {
911 fcgi_hash_destroy(&req->env);
912 free(req);
913 }
914
915 static inline ssize_t safe_write(fcgi_request *req, const void *buf, size_t count)
916 {
917 int ret;
918 size_t n = 0;
919
920 do {
921 #ifdef _WIN32
922 size_t tmp;
923 #endif
924 errno = 0;
925 #ifdef _WIN32
926 tmp = count - n;
927
928 if (!req->tcp) {
929 unsigned int out_len = tmp > UINT_MAX ? UINT_MAX : (unsigned int)tmp;
930
931 ret = write(req->fd, ((char*)buf)+n, out_len);
932 } else {
933 int out_len = tmp > INT_MAX ? INT_MAX : (int)tmp;
934
935 ret = send(req->fd, ((char*)buf)+n, out_len, 0);
936 if (ret <= 0) {
937 errno = WSAGetLastError();
938 }
939 }
940 #else
941 ret = write(req->fd, ((char*)buf)+n, count-n);
942 #endif
943 if (ret > 0) {
944 n += ret;
945 } else if (ret <= 0 && errno != 0 && errno != EINTR) {
946 return ret;
947 }
948 } while (n != count);
949 return n;
950 }
951
952 static inline ssize_t safe_read(fcgi_request *req, const void *buf, size_t count)
953 {
954 int ret;
955 size_t n = 0;
956
957 do {
958 #ifdef _WIN32
959 size_t tmp;
960 #endif
961 errno = 0;
962 #ifdef _WIN32
963 tmp = count - n;
964
965 if (!req->tcp) {
966 unsigned int in_len = tmp > UINT_MAX ? UINT_MAX : (unsigned int)tmp;
967
968 ret = read(req->fd, ((char*)buf)+n, in_len);
969 } else {
970 int in_len = tmp > INT_MAX ? INT_MAX : (int)tmp;
971
972 ret = recv(req->fd, ((char*)buf)+n, in_len, 0);
973 if (ret <= 0) {
974 errno = WSAGetLastError();
975 }
976 }
977 #else
978 ret = read(req->fd, ((char*)buf)+n, count-n);
979 #endif
980 if (ret > 0) {
981 n += ret;
982 } else if (ret == 0 && errno == 0) {
983 return n;
984 } else if (ret <= 0 && errno != 0 && errno != EINTR) {
985 return ret;
986 }
987 } while (n != count);
988 return n;
989 }
990
991 static inline int fcgi_make_header(fcgi_header *hdr, fcgi_request_type type, int req_id, int len)
992 {
993 int pad = ((len + 7) & ~7) - len;
994
995 hdr->contentLengthB0 = (unsigned char)(len & 0xff);
996 hdr->contentLengthB1 = (unsigned char)((len >> 8) & 0xff);
997 hdr->paddingLength = (unsigned char)pad;
998 hdr->requestIdB0 = (unsigned char)(req_id & 0xff);
999 hdr->requestIdB1 = (unsigned char)((req_id >> 8) & 0xff);
1000 hdr->reserved = 0;
1001 hdr->type = type;
1002 hdr->version = FCGI_VERSION_1;
1003 if (pad) {
1004 memset(((unsigned char*)hdr) + sizeof(fcgi_header) + len, 0, pad);
1005 }
1006 return pad;
1007 }
1008
1009 static int fcgi_get_params(fcgi_request *req, unsigned char *p, unsigned char *end)
1010 {
1011 unsigned int name_len, val_len;
1012
1013 while (p < end) {
1014 name_len = *p++;
1015 if (UNEXPECTED(name_len >= 128)) {
1016 if (UNEXPECTED(p + 3 >= end)) return 0;
1017 name_len = ((name_len & 0x7f) << 24);
1018 name_len |= (*p++ << 16);
1019 name_len |= (*p++ << 8);
1020 name_len |= *p++;
1021 }
1022 if (UNEXPECTED(p >= end)) return 0;
1023 val_len = *p++;
1024 if (UNEXPECTED(val_len >= 128)) {
1025 if (UNEXPECTED(p + 3 >= end)) return 0;
1026 val_len = ((val_len & 0x7f) << 24);
1027 val_len |= (*p++ << 16);
1028 val_len |= (*p++ << 8);
1029 val_len |= *p++;
1030 }
1031 if (UNEXPECTED(name_len + val_len > (unsigned int) (end - p))) {
1032 /* Malformed request */
1033 return 0;
1034 }
1035 fcgi_hash_set(&req->env, FCGI_HASH_FUNC(p, name_len), (char*)p, name_len, (char*)p + name_len, val_len);
1036 p += name_len + val_len;
1037 }
1038 return 1;
1039 }
1040
1041 static int fcgi_read_request(fcgi_request *req)
1042 {
1043 fcgi_header hdr;
1044 int len, padding;
1045 unsigned char buf[FCGI_MAX_LENGTH+8];
1046
1047 req->keep = 0;
1048 req->ended = 0;
1049 req->in_len = 0;
1050 req->out_hdr = NULL;
1051 req->out_pos = req->out_buf;
1052
1053 if (req->has_env) {
1054 fcgi_hash_clean(&req->env);
1055 } else {
1056 req->has_env = 1;
1057 }
1058
1059 if (safe_read(req, &hdr, sizeof(fcgi_header)) != sizeof(fcgi_header) ||
1060 hdr.version < FCGI_VERSION_1) {
1061 return 0;
1062 }
1063
1064 len = (hdr.contentLengthB1 << 8) | hdr.contentLengthB0;
1065 padding = hdr.paddingLength;
1066
1067 while (hdr.type == FCGI_STDIN && len == 0) {
1068 if (safe_read(req, &hdr, sizeof(fcgi_header)) != sizeof(fcgi_header) ||
1069 hdr.version < FCGI_VERSION_1) {
1070 return 0;
1071 }
1072
1073 len = (hdr.contentLengthB1 << 8) | hdr.contentLengthB0;
1074 padding = hdr.paddingLength;
1075 }
1076
1077 if (len + padding > FCGI_MAX_LENGTH) {
1078 return 0;
1079 }
1080
1081 req->id = (hdr.requestIdB1 << 8) + hdr.requestIdB0;
1082
1083 if (hdr.type == FCGI_BEGIN_REQUEST && len == sizeof(fcgi_begin_request)) {
1084 fcgi_begin_request *b;
1085
1086 if (safe_read(req, buf, len+padding) != len+padding) {
1087 return 0;
1088 }
1089
1090 b = (fcgi_begin_request*)buf;
1091 req->keep = (b->flags & FCGI_KEEP_CONN);
1092 #ifdef TCP_NODELAY
1093 if (req->keep && req->tcp && !req->nodelay) {
1094 # ifdef _WIN32
1095 BOOL on = 1;
1096 # else
1097 int on = 1;
1098 # endif
1099
1100 setsockopt(req->fd, IPPROTO_TCP, TCP_NODELAY, (char*)&on, sizeof(on));
1101 req->nodelay = 1;
1102 }
1103 #endif
1104 switch ((b->roleB1 << 8) + b->roleB0) {
1105 case FCGI_RESPONDER:
1106 fcgi_hash_set(&req->env, FCGI_HASH_FUNC("FCGI_ROLE", sizeof("FCGI_ROLE")-1), "FCGI_ROLE", sizeof("FCGI_ROLE")-1, "RESPONDER", sizeof("RESPONDER")-1);
1107 break;
1108 case FCGI_AUTHORIZER:
1109 fcgi_hash_set(&req->env, FCGI_HASH_FUNC("FCGI_ROLE", sizeof("FCGI_ROLE")-1), "FCGI_ROLE", sizeof("FCGI_ROLE")-1, "AUTHORIZER", sizeof("AUTHORIZER")-1);
1110 break;
1111 case FCGI_FILTER:
1112 fcgi_hash_set(&req->env, FCGI_HASH_FUNC("FCGI_ROLE", sizeof("FCGI_ROLE")-1), "FCGI_ROLE", sizeof("FCGI_ROLE")-1, "FILTER", sizeof("FILTER")-1);
1113 break;
1114 default:
1115 return 0;
1116 }
1117
1118 if (safe_read(req, &hdr, sizeof(fcgi_header)) != sizeof(fcgi_header) ||
1119 hdr.version < FCGI_VERSION_1) {
1120 return 0;
1121 }
1122
1123 len = (hdr.contentLengthB1 << 8) | hdr.contentLengthB0;
1124 padding = hdr.paddingLength;
1125
1126 while (hdr.type == FCGI_PARAMS && len > 0) {
1127 if (len + padding > FCGI_MAX_LENGTH) {
1128 return 0;
1129 }
1130
1131 if (safe_read(req, buf, len+padding) != len+padding) {
1132 req->keep = 0;
1133 return 0;
1134 }
1135
1136 if (!fcgi_get_params(req, buf, buf+len)) {
1137 req->keep = 0;
1138 return 0;
1139 }
1140
1141 if (safe_read(req, &hdr, sizeof(fcgi_header)) != sizeof(fcgi_header) ||
1142 hdr.version < FCGI_VERSION_1) {
1143 req->keep = 0;
1144 return 0;
1145 }
1146 len = (hdr.contentLengthB1 << 8) | hdr.contentLengthB0;
1147 padding = hdr.paddingLength;
1148 }
1149 } else if (hdr.type == FCGI_GET_VALUES) {
1150 unsigned char *p = buf + sizeof(fcgi_header);
1151 zval *value;
1152 unsigned int zlen;
1153 fcgi_hash_bucket *q;
1154
1155 if (safe_read(req, buf, len+padding) != len+padding) {
1156 req->keep = 0;
1157 return 0;
1158 }
1159
1160 if (!fcgi_get_params(req, buf, buf+len)) {
1161 req->keep = 0;
1162 return 0;
1163 }
1164
1165 q = req->env.list;
1166 while (q != NULL) {
1167 if ((value = zend_hash_str_find(&fcgi_mgmt_vars, q->var, q->var_len)) == NULL) {
1168 q = q->list_next;
1169 continue;
1170 }
1171 zlen = (unsigned int)Z_STRLEN_P(value);
1172 if ((p + 4 + 4 + q->var_len + zlen) >= (buf + sizeof(buf))) {
1173 break;
1174 }
1175 if (q->var_len < 0x80) {
1176 *p++ = q->var_len;
1177 } else {
1178 *p++ = ((q->var_len >> 24) & 0xff) | 0x80;
1179 *p++ = (q->var_len >> 16) & 0xff;
1180 *p++ = (q->var_len >> 8) & 0xff;
1181 *p++ = q->var_len & 0xff;
1182 }
1183 if (zlen < 0x80) {
1184 *p++ = zlen;
1185 } else {
1186 *p++ = ((zlen >> 24) & 0xff) | 0x80;
1187 *p++ = (zlen >> 16) & 0xff;
1188 *p++ = (zlen >> 8) & 0xff;
1189 *p++ = zlen & 0xff;
1190 }
1191 p = zend_mempcpy(p, q->var, q->var_len);
1192 p = zend_mempcpy(p, Z_STRVAL_P(value), zlen);
1193 q = q->list_next;
1194 }
1195 len = (int)(p - buf - sizeof(fcgi_header));
1196 len += fcgi_make_header((fcgi_header*)buf, FCGI_GET_VALUES_RESULT, 0, len);
1197 if (safe_write(req, buf, sizeof(fcgi_header) + len) != (ssize_t)sizeof(fcgi_header)+len) {
1198 req->keep = 0;
1199 return 0;
1200 }
1201 return 2;
1202 } else {
1203 return 0;
1204 }
1205
1206 return 1;
1207 }
1208
1209 int fcgi_read(fcgi_request *req, char *str, int len)
1210 {
1211 int ret, n, rest;
1212 fcgi_header hdr;
1213 unsigned char buf[255];
1214
1215 n = 0;
1216 rest = len;
1217 while (rest > 0) {
1218 if (req->in_len == 0) {
1219 if (safe_read(req, &hdr, sizeof(fcgi_header)) != sizeof(fcgi_header) ||
1220 hdr.version < FCGI_VERSION_1 ||
1221 hdr.type != FCGI_STDIN) {
1222 req->keep = 0;
1223 return 0;
1224 }
1225 req->in_len = (hdr.contentLengthB1 << 8) | hdr.contentLengthB0;
1226 req->in_pad = hdr.paddingLength;
1227 if (req->in_len == 0) {
1228 return n;
1229 }
1230 }
1231
1232 if (req->in_len >= rest) {
1233 ret = (int)safe_read(req, str, rest);
1234 } else {
1235 ret = (int)safe_read(req, str, req->in_len);
1236 }
1237 if (ret < 0) {
1238 req->keep = 0;
1239 return ret;
1240 } else if (ret > 0) {
1241 req->in_len -= ret;
1242 rest -= ret;
1243 n += ret;
1244 str += ret;
1245 if (req->in_len == 0) {
1246 if (req->in_pad) {
1247 if (safe_read(req, buf, req->in_pad) != req->in_pad) {
1248 req->keep = 0;
1249 return ret;
1250 }
1251 }
1252 } else {
1253 return n;
1254 }
1255 } else {
1256 return n;
1257 }
1258 }
1259 return n;
1260 }
1261
1262 void fcgi_close(fcgi_request *req, int force, int destroy)
1263 {
1264 if (destroy && req->has_env) {
1265 fcgi_hash_clean(&req->env);
1266 req->has_env = 0;
1267 }
1268
1269 #ifdef _WIN32
1270 if (is_impersonate && !req->tcp) {
1271 RevertToSelf();
1272 }
1273 #endif
1274
1275 if ((force || !req->keep) && req->fd >= 0) {
1276 #ifdef _WIN32
1277 if (!req->tcp) {
1278 HANDLE pipe = (HANDLE)_get_osfhandle(req->fd);
1279
1280 if (!force) {
1281 FlushFileBuffers(pipe);
1282 }
1283 DisconnectNamedPipe(pipe);
1284 } else {
1285 if (!force) {
1286 char buf[8];
1287
1288 shutdown(req->fd, 1);
1289 /* read any remaining data, it may be omitted */
1290 while (recv(req->fd, buf, sizeof(buf), 0) > 0) {}
1291 }
1292 closesocket(req->fd);
1293 }
1294 #else
1295 if (!force) {
1296 char buf[8];
1297
1298 shutdown(req->fd, 1);
1299 /* read any remaining data, it may be omitted */
1300 while (recv(req->fd, buf, sizeof(buf), 0) > 0) {}
1301 }
1302 close(req->fd);
1303 #endif
1304 #ifdef TCP_NODELAY
1305 req->nodelay = 0;
1306 #endif
1307 req->fd = -1;
1308
1309 req->hook.on_close();
1310 }
1311 }
1312
1313 int fcgi_is_closed(fcgi_request *req)
1314 {
1315 return (req->fd < 0);
1316 }
1317
1318 static int fcgi_is_allowed(void) {
1319 int i;
1320
1321 if (client_sa.sa.sa_family == AF_UNIX) {
1322 return 1;
1323 }
1324 if (!allowed_clients) {
1325 return 1;
1326 }
1327 if (client_sa.sa.sa_family == AF_INET) {
1328 for (i = 0; allowed_clients[i].sa.sa_family ; i++) {
1329 if (allowed_clients[i].sa.sa_family == AF_INET
1330 && !memcmp(&client_sa.sa_inet.sin_addr, &allowed_clients[i].sa_inet.sin_addr, 4)) {
1331 return 1;
1332 }
1333 }
1334 }
1335 #ifdef HAVE_IPV6
1336 if (client_sa.sa.sa_family == AF_INET6) {
1337 for (i = 0; allowed_clients[i].sa.sa_family ; i++) {
1338 if (allowed_clients[i].sa.sa_family == AF_INET6
1339 && !memcmp(&client_sa.sa_inet6.sin6_addr, &allowed_clients[i].sa_inet6.sin6_addr, 12)) {
1340 return 1;
1341 }
1342 #ifdef IN6_IS_ADDR_V4MAPPED
1343 if (allowed_clients[i].sa.sa_family == AF_INET
1344 && IN6_IS_ADDR_V4MAPPED(&client_sa.sa_inet6.sin6_addr)
1345 && !memcmp(((char *)&client_sa.sa_inet6.sin6_addr)+12, &allowed_clients[i].sa_inet.sin_addr, 4)) {
1346 return 1;
1347 }
1348 #endif
1349 }
1350 }
1351 #endif
1352
1353 return 0;
1354 }
1355
1356 int fcgi_accept_request(fcgi_request *req)
1357 {
1358 #ifdef _WIN32
1359 HANDLE pipe;
1360 OVERLAPPED ov;
1361 #endif
1362
1363 while (1) {
1364 if (req->fd < 0) {
1365 while (1) {
1366 if (in_shutdown) {
1367 return -1;
1368 }
1369
1370 req->hook.on_accept();
1371 #ifdef _WIN32
1372 if (!req->tcp) {
1373 pipe = (HANDLE)_get_osfhandle(req->listen_socket);
1374 FCGI_LOCK(req->listen_socket);
1375 ov.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
1376 if (!ConnectNamedPipe(pipe, &ov)) {
1377 errno = GetLastError();
1378 if (errno == ERROR_IO_PENDING) {
1379 while (WaitForSingleObject(ov.hEvent, 1000) == WAIT_TIMEOUT) {
1380 if (in_shutdown) {
1381 CloseHandle(ov.hEvent);
1382 FCGI_UNLOCK(req->listen_socket);
1383 return -1;
1384 }
1385 }
1386 } else if (errno != ERROR_PIPE_CONNECTED) {
1387 }
1388 }
1389 CloseHandle(ov.hEvent);
1390 req->fd = req->listen_socket;
1391 FCGI_UNLOCK(req->listen_socket);
1392 } else {
1393 SOCKET listen_socket = (SOCKET)_get_osfhandle(req->listen_socket);
1394 #else
1395 {
1396 int listen_socket = req->listen_socket;
1397 #endif
1398 sa_t sa;
1399 socklen_t len = sizeof(sa);
1400
1401 FCGI_LOCK(req->listen_socket);
1402 req->fd = accept(listen_socket, (struct sockaddr *)&sa, &len);
1403 FCGI_UNLOCK(req->listen_socket);
1404
1405 client_sa = sa;
1406 if (req->fd >= 0 && !fcgi_is_allowed()) {
1407 fcgi_log(FCGI_ERROR, "Connection disallowed: IP address '%s' has been dropped.", fcgi_get_last_client_ip());
1408 closesocket(req->fd);
1409 req->fd = -1;
1410 continue;
1411 }
1412 }
1413
1414 #ifdef _WIN32
1415 if (req->fd < 0 && (in_shutdown || errno != EINTR)) {
1416 #else
1417 if (req->fd < 0 && (in_shutdown || (errno != EINTR && errno != ECONNABORTED))) {
1418 #endif
1419 return -1;
1420 }
1421
1422 #if defined(F_SETFD) && defined(FD_CLOEXEC)
1423 int fd_attrs = fcntl(req->fd, F_GETFD);
1424 if (0 > fd_attrs) {
1425 fcgi_log(FCGI_WARNING, "failed to get attributes of the connection socket");
1426 }
1427 if (0 > fcntl(req->fd, F_SETFD, fd_attrs | FD_CLOEXEC)) {
1428 fcgi_log(FCGI_WARNING, "failed to change attribute of the connection socket");
1429 }
1430 #endif
1431
1432 #ifdef _WIN32
1433 break;
1434 #else
1435 if (req->fd >= 0) {
1436 #if defined(HAVE_POLL)
1437 struct pollfd fds;
1438 int ret;
1439
1440 fds.fd = req->fd;
1441 fds.events = POLLIN;
1442 fds.revents = 0;
1443 do {
1444 errno = 0;
1445 ret = poll(&fds, 1, 5000);
1446 } while (ret < 0 && errno == EINTR);
1447 if (ret > 0 && (fds.revents & POLLIN)) {
1448 break;
1449 }
1450 fcgi_close(req, 1, 0);
1451 #else
1452 if (req->fd < FD_SETSIZE) {
1453 struct timeval tv = {5,0};
1454 fd_set set;
1455 int ret;
1456
1457 FD_ZERO(&set);
1458 FD_SET(req->fd, &set);
1459 do {
1460 errno = 0;
1461 ret = select(req->fd + 1, &set, NULL, NULL, &tv) >= 0;
1462 } while (ret < 0 && errno == EINTR);
1463 if (ret > 0 && FD_ISSET(req->fd, &set)) {
1464 break;
1465 }
1466 fcgi_close(req, 1, 0);
1467 } else {
1468 fcgi_log(FCGI_ERROR, "Too many open file descriptors. FD_SETSIZE limit exceeded.");
1469 fcgi_close(req, 1, 0);
1470 }
1471 #endif
1472 }
1473 #endif
1474 }
1475 } else if (in_shutdown) {
1476 return -1;
1477 }
1478 req->hook.on_read();
1479 int read_result = fcgi_read_request(req);
1480 if (read_result == 1) {
1481 #ifdef _WIN32
1482 if (is_impersonate && !req->tcp) {
1483 pipe = (HANDLE)_get_osfhandle(req->fd);
1484 if (!ImpersonateNamedPipeClient(pipe)) {
1485 fcgi_close(req, 1, 1);
1486 continue;
1487 }
1488 }
1489 #endif
1490 return req->fd;
1491 } else if (read_result == 0) {
1492 fcgi_close(req, 1, 1);
1493 }
1494 }
1495 }
1496
1497 static inline fcgi_header* open_packet(fcgi_request *req, fcgi_request_type type)
1498 {
1499 req->out_hdr = (fcgi_header*) req->out_pos;
1500 req->out_hdr->type = type;
1501 req->out_pos += sizeof(fcgi_header);
1502 return req->out_hdr;
1503 }
1504
1505 static inline void close_packet(fcgi_request *req)
1506 {
1507 if (req->out_hdr) {
1508 int len = (int)(req->out_pos - ((unsigned char*)req->out_hdr + sizeof(fcgi_header)));
1509
1510 req->out_pos += fcgi_make_header(req->out_hdr, (fcgi_request_type)req->out_hdr->type, req->id, len);
1511 req->out_hdr = NULL;
1512 }
1513 }
1514
1515 int fcgi_flush(fcgi_request *req, int end)
1516 {
1517 int len;
1518
1519 close_packet(req);
1520
1521 len = (int)(req->out_pos - req->out_buf);
1522
1523 if (end) {
1524 fcgi_end_request_rec *rec = (fcgi_end_request_rec*)(req->out_pos);
1525
1526 fcgi_make_header(&rec->hdr, FCGI_END_REQUEST, req->id, sizeof(fcgi_end_request));
1527 rec->body.appStatusB3 = 0;
1528 rec->body.appStatusB2 = 0;
1529 rec->body.appStatusB1 = 0;
1530 rec->body.appStatusB0 = 0;
1531 rec->body.protocolStatus = FCGI_REQUEST_COMPLETE;
1532 len += sizeof(fcgi_end_request_rec);
1533 }
1534
1535 if (safe_write(req, req->out_buf, len) != len) {
1536 req->keep = 0;
1537 req->out_pos = req->out_buf;
1538 return 0;
1539 }
1540
1541 req->out_pos = req->out_buf;
1542 return 1;
1543 }
1544
1545 int fcgi_write(fcgi_request *req, fcgi_request_type type, const char *str, int len)
1546 {
1547 int limit, rest;
1548
1549 if (len <= 0) {
1550 return 0;
1551 }
1552
1553 if (req->out_hdr && req->out_hdr->type != type) {
1554 close_packet(req);
1555 }
1556 #if 0
1557 /* Unoptimized, but clear version */
1558 rest = len;
1559 while (rest > 0) {
1560 limit = sizeof(req->out_buf) - (req->out_pos - req->out_buf);
1561
1562 if (!req->out_hdr) {
1563 if (limit < sizeof(fcgi_header)) {
1564 if (!fcgi_flush(req, 0)) {
1565 return -1;
1566 }
1567 }
1568 open_packet(req, type);
1569 }
1570 limit = sizeof(req->out_buf) - (req->out_pos - req->out_buf);
1571 if (rest < limit) {
1572 memcpy(req->out_pos, str, rest);
1573 req->out_pos += rest;
1574 return len;
1575 } else {
1576 memcpy(req->out_pos, str, limit);
1577 req->out_pos += limit;
1578 rest -= limit;
1579 str += limit;
1580 if (!fcgi_flush(req, 0)) {
1581 return -1;
1582 }
1583 }
1584 }
1585 #else
1586 /* Optimized version */
1587 limit = (int)(sizeof(req->out_buf) - (req->out_pos - req->out_buf));
1588 if (!req->out_hdr) {
1589 limit -= sizeof(fcgi_header);
1590 if (limit < 0) limit = 0;
1591 }
1592
1593 if (len < limit) {
1594 if (!req->out_hdr) {
1595 open_packet(req, type);
1596 }
1597 req->out_pos = zend_mempcpy(req->out_pos, str, len);
1598 } else if (len - limit < (int)(sizeof(req->out_buf) - sizeof(fcgi_header))) {
1599 if (limit > 0) {
1600 if (!req->out_hdr) {
1601 open_packet(req, type);
1602 }
1603 req->out_pos = zend_mempcpy(req->out_pos, str, limit);
1604 }
1605 if (!fcgi_flush(req, 0)) {
1606 return -1;
1607 }
1608 if (len > limit) {
1609 open_packet(req, type);
1610 req->out_pos = zend_mempcpy(req->out_pos, str + limit, len - limit);
1611 }
1612 } else {
1613 int pos = 0;
1614 int pad;
1615
1616 close_packet(req);
1617 while ((len - pos) > 0xffff) {
1618 open_packet(req, type);
1619 fcgi_make_header(req->out_hdr, type, req->id, 0xfff8);
1620 req->out_hdr = NULL;
1621 if (!fcgi_flush(req, 0)) {
1622 return -1;
1623 }
1624 if (safe_write(req, str + pos, 0xfff8) != 0xfff8) {
1625 req->keep = 0;
1626 return -1;
1627 }
1628 pos += 0xfff8;
1629 }
1630
1631 pad = (((len - pos) + 7) & ~7) - (len - pos);
1632 rest = pad ? 8 - pad : 0;
1633
1634 open_packet(req, type);
1635 fcgi_make_header(req->out_hdr, type, req->id, (len - pos) - rest);
1636 req->out_hdr = NULL;
1637 if (!fcgi_flush(req, 0)) {
1638 return -1;
1639 }
1640 if (safe_write(req, str + pos, (len - pos) - rest) != (len - pos) - rest) {
1641 req->keep = 0;
1642 return -1;
1643 }
1644 if (pad) {
1645 open_packet(req, type);
1646 req->out_pos = zend_mempcpy(req->out_pos, str + len - rest, rest);
1647 }
1648 }
1649 #endif
1650 return len;
1651 }
1652
1653 int fcgi_end(fcgi_request *req) {
1654 int ret = 1;
1655 if (!req->ended) {
1656 ret = fcgi_flush(req, 1);
1657 req->ended = 1;
1658 }
1659 return ret;
1660 }
1661
1662 int fcgi_finish_request(fcgi_request *req, int force_close)
1663 {
1664 int ret = 1;
1665
1666 if (req->fd >= 0) {
1667 ret = fcgi_end(req);
1668 fcgi_close(req, force_close, 1);
1669 }
1670 return ret;
1671 }
1672
1673 int fcgi_has_env(fcgi_request *req)
1674 {
1675 return req && req->has_env;
1676 }
1677
1678 char* fcgi_getenv(fcgi_request *req, const char* var, int var_len)
1679 {
1680 unsigned int val_len;
1681
1682 if (!req) return NULL;
1683
1684 return fcgi_hash_get(&req->env, FCGI_HASH_FUNC(var, var_len), (char*)var, var_len, &val_len);
1685 }
1686
1687 char* fcgi_quick_getenv(fcgi_request *req, const char* var, int var_len, unsigned int hash_value)
1688 {
1689 unsigned int val_len;
1690
1691 return fcgi_hash_get(&req->env, hash_value, (char*)var, var_len, &val_len);
1692 }
1693
1694 char* fcgi_putenv(fcgi_request *req, char* var, int var_len, char* val)
1695 {
1696 if (!req) return NULL;
1697 if (val == NULL) {
1698 fcgi_hash_del(&req->env, FCGI_HASH_FUNC(var, var_len), var, var_len);
1699 return NULL;
1700 } else {
1701 return fcgi_hash_set(&req->env, FCGI_HASH_FUNC(var, var_len), var, var_len, val, (unsigned int)strlen(val));
1702 }
1703 }
1704
1705 char* fcgi_quick_putenv(fcgi_request *req, char* var, int var_len, unsigned int hash_value, char* val)
1706 {
1707 if (val == NULL) {
1708 fcgi_hash_del(&req->env, hash_value, var, var_len);
1709 return NULL;
1710 } else {
1711 return fcgi_hash_set(&req->env, hash_value, var, var_len, val, (unsigned int)strlen(val));
1712 }
1713 }
1714
1715 void fcgi_loadenv(fcgi_request *req, fcgi_apply_func func, zval *array)
1716 {
1717 fcgi_hash_apply(&req->env, func, array);
1718 }
1719
1720 #ifdef _WIN32
1721 void fcgi_impersonate(void)
1722 {
1723 char *os_name;
1724
1725 os_name = getenv("OS");
1726 if (os_name && stricmp(os_name, "Windows_NT") == 0) {
1727 is_impersonate = 1;
1728 }
1729 }
1730 #endif
1731
1732 void fcgi_set_mgmt_var(const char * name, size_t name_len, const char * value, size_t value_len)
1733 {
1734 zval zvalue;
1735 zend_string *key = zend_string_init(name, name_len, 1);
1736 ZVAL_NEW_STR(&zvalue, zend_string_init(value, value_len, 1));
1737 GC_MAKE_PERSISTENT_LOCAL(key);
1738 GC_MAKE_PERSISTENT_LOCAL(Z_STR(zvalue));
1739 zend_hash_add(&fcgi_mgmt_vars, key, &zvalue);
1740 zend_string_release_ex(key, 1);
1741 }
1742
1743 void fcgi_free_mgmt_var_cb(zval *zv)
1744 {
1745 pefree(Z_STR_P(zv), 1);
1746 }
1747
1748 const char *fcgi_get_last_client_ip(void)
1749 {
1750 static char str[INET6_ADDRSTRLEN];
1751
1752 /* Ipv4 */
1753 if (client_sa.sa.sa_family == AF_INET) {
1754 return inet_ntop(client_sa.sa.sa_family, &client_sa.sa_inet.sin_addr, str, INET6_ADDRSTRLEN);
1755 }
1756 #ifdef HAVE_IPV6
1757 #ifdef IN6_IS_ADDR_V4MAPPED
1758 /* Ipv4-Mapped-Ipv6 */
1759 if (client_sa.sa.sa_family == AF_INET6
1760 && IN6_IS_ADDR_V4MAPPED(&client_sa.sa_inet6.sin6_addr)) {
1761 return inet_ntop(AF_INET, ((char *)&client_sa.sa_inet6.sin6_addr)+12, str, INET6_ADDRSTRLEN);
1762 }
1763 #endif
1764 /* Ipv6 */
1765 if (client_sa.sa.sa_family == AF_INET6) {
1766 return inet_ntop(client_sa.sa.sa_family, &client_sa.sa_inet6.sin6_addr, str, INET6_ADDRSTRLEN);
1767 }
1768 #endif
1769 /* Unix socket */
1770 return NULL;
1771 }
1772