/*
* InspIRCd -- Internet Relay Chat Daemon
*
+ * Copyright (C) 2019 linuxdaemon <linuxdaemon.irc@gmail.com>
+ * Copyright (C) 2018 edef <edef@edef.eu>
+ * Copyright (C) 2013-2014, 2017-2020 Sadie Powell <sadie@witchery.services>
+ * Copyright (C) 2012-2016 Attila Molnar <attilamolnar@hush.com>
+ * Copyright (C) 2012 Robby <robby@chatbelgie.be>
+ * Copyright (C) 2009 Uli Schlachter <psychon@inspircd.org>
* Copyright (C) 2009 Daniel De Graaf <danieldg@inspircd.org>
- * Copyright (C) 2007-2008 Robin Burchell <robin+git@viroteck.net>
- * Copyright (C) 2008 Pippijn van Steenhoven <pip88nl@gmail.com>
- * Copyright (C) 2006-2008 Craig Edwards <craigedwards@brainbox.cc>
- * Copyright (C) 2007 John Brooks <john.brooks@dereferenced.net>
+ * Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
+ * Copyright (C) 2007 John Brooks <special@inspircd.org>
* Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
+ * Copyright (C) 2006, 2008, 2010 Craig Edwards <brain@inspircd.org>
*
* This file is part of InspIRCd. InspIRCd is free software: you can
* redistribute it and/or modify it under the terms of the GNU General Public
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
+/// $CompilerFlags: -Ivendor_directory("http_parser")
+
#include "inspircd.h"
#include "iohook.h"
#include "modules/httpd.h"
+#ifdef __GNUC__
+# pragma GCC diagnostic push
+#endif
+
+// Fix warnings about the use of commas at end of enumerator lists and long long
+// on C++03.
+#if defined __clang__
+# pragma clang diagnostic ignored "-Wc++11-extensions"
+# pragma clang diagnostic ignored "-Wc++11-long-long"
+#elif defined __GNUC__
+# pragma GCC diagnostic ignored "-Wlong-long"
+# if (__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 8))
+# pragma GCC diagnostic ignored "-Wpedantic"
+# else
+# pragma GCC diagnostic ignored "-pedantic"
+# endif
+#endif
+
+// Fix warnings about shadowing in http_parser.
+#ifdef __GNUC__
+# pragma GCC diagnostic ignored "-Wshadow"
+#endif
+
+#include <http_parser.c>
+
+#ifdef __GNUC__
+# pragma GCC diagnostic pop
+#endif
+
class ModuleHttpServer;
static ModuleHttpServer* HttpModule;
static insp::intrusive_list<HttpServerSocket> sockets;
static Events::ModuleEventProvider* aclevprov;
static Events::ModuleEventProvider* reqevprov;
-
-/** HTTP socket states
- */
-enum HttpState
-{
- HTTP_SERVE_WAIT_REQUEST = 0, /* Waiting for a full request */
- HTTP_SERVE_RECV_POSTDATA = 1, /* Waiting to finish recieving POST data */
- HTTP_SERVE_SEND_DATA = 2 /* Sending response */
-};
+static http_parser_settings parser_settings;
/** A socket used for HTTP transport
*/
class HttpServerSocket : public BufferedSocket, public Timer, public insp::intrusive_list_node<HttpServerSocket>
{
- HttpState InternalState;
- std::string ip;
+ private:
+ friend class ModuleHttpServer;
- HTTPHeaders headers;
- std::string reqbuffer;
- std::string postdata;
- unsigned int postsize;
- std::string request_type;
+ http_parser parser;
+ http_parser_url url;
+ std::string ip;
std::string uri;
- std::string http_version;
+ HTTPHeaders headers;
+ std::string body;
+ size_t total_buffers;
+ int status_code;
/** True if this object is in the cull list
*/
bool waitingcull;
+ bool messagecomplete;
bool Tick(time_t currtime) CXX11_OVERRIDE
{
- AddToCull();
- return false;
+ if (!messagecomplete)
+ {
+ ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "HTTP socket %d timed out", GetFd());
+ Close();
+ return false;
+ }
+
+ return true;
+ }
+
+ template<int (HttpServerSocket::*f)()>
+ static int Callback(http_parser* p)
+ {
+ HttpServerSocket* sock = static_cast<HttpServerSocket*>(p->data);
+ return (sock->*f)();
+ }
+
+ template<int (HttpServerSocket::*f)(const char*, size_t)>
+ static int DataCallback(http_parser* p, const char* buf, size_t len)
+ {
+ HttpServerSocket* sock = static_cast<HttpServerSocket*>(p->data);
+ return (sock->*f)(buf, len);
+ }
+
+ static void ConfigureParser()
+ {
+ http_parser_settings_init(&parser_settings);
+ parser_settings.on_message_begin = Callback<&HttpServerSocket::OnMessageBegin>;
+ parser_settings.on_url = DataCallback<&HttpServerSocket::OnUrl>;
+ parser_settings.on_header_field = DataCallback<&HttpServerSocket::OnHeaderField>;
+ parser_settings.on_body = DataCallback<&HttpServerSocket::OnBody>;
+ parser_settings.on_message_complete = Callback<&HttpServerSocket::OnMessageComplete>;
+ }
+
+ int OnMessageBegin()
+ {
+ uri.clear();
+ header_state = HEADER_NONE;
+ body.clear();
+ total_buffers = 0;
+ return 0;
+ }
+
+ bool AcceptData(size_t len)
+ {
+ total_buffers += len;
+ return total_buffers < 8192;
+ }
+
+ int OnUrl(const char* buf, size_t len)
+ {
+ if (!AcceptData(len))
+ {
+ status_code = HTTP_STATUS_URI_TOO_LONG;
+ return -1;
+ }
+ uri.append(buf, len);
+ return 0;
+ }
+
+ enum { HEADER_NONE, HEADER_FIELD, HEADER_VALUE } header_state;
+ std::string header_field;
+ std::string header_value;
+
+ void OnHeaderComplete()
+ {
+ headers.SetHeader(header_field, header_value);
+ header_field.clear();
+ header_value.clear();
+ }
+
+ int OnHeaderField(const char* buf, size_t len)
+ {
+ if (header_state == HEADER_VALUE)
+ OnHeaderComplete();
+ header_state = HEADER_FIELD;
+ if (!AcceptData(len))
+ {
+ status_code = HTTP_STATUS_REQUEST_HEADER_FIELDS_TOO_LARGE;
+ return -1;
+ }
+ header_field.append(buf, len);
+ return 0;
+ }
+
+ int OnHeaderValue(const char* buf, size_t len)
+ {
+ header_state = HEADER_VALUE;
+ if (!AcceptData(len))
+ {
+ status_code = HTTP_STATUS_REQUEST_HEADER_FIELDS_TOO_LARGE;
+ return -1;
+ }
+ header_value.append(buf, len);
+ return 0;
+ }
+
+ int OnHeadersComplete()
+ {
+ if (header_state != HEADER_NONE)
+ OnHeaderComplete();
+ return 0;
+ }
+
+ int OnBody(const char* buf, size_t len)
+ {
+ if (!AcceptData(len))
+ {
+ status_code = HTTP_STATUS_PAYLOAD_TOO_LARGE;
+ return -1;
+ }
+ body.append(buf, len);
+ return 0;
+ }
+
+ int OnMessageComplete()
+ {
+ messagecomplete = true;
+ ServeData();
+ return 0;
}
public:
HttpServerSocket(int newfd, const std::string& IP, ListenSocket* via, irc::sockets::sockaddrs* client, irc::sockets::sockaddrs* server, unsigned int timeoutsec)
: BufferedSocket(newfd)
, Timer(timeoutsec)
- , InternalState(HTTP_SERVE_WAIT_REQUEST)
, ip(IP)
- , postsize(0)
+ , status_code(0)
, waitingcull(false)
+ , messagecomplete(false)
{
- ServerInstance->Timers.AddTimer(this);
-
if ((!via->iohookprovs.empty()) && (via->iohookprovs.back()))
+ {
via->iohookprovs.back()->OnAccept(this, client, server);
+ // IOHook may have errored
+ if (!getError().empty())
+ {
+ ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "HTTP socket %d encountered a hook error: %s",
+ GetFd(), getError().c_str());
+ Close();
+ return;
+ }
+ }
+
+ parser.data = this;
+ http_parser_init(&parser, HTTP_REQUEST);
+ ServerInstance->Timers.AddTimer(this);
}
~HttpServerSocket()
sockets.erase(this);
}
- void OnError(BufferedSocketError) CXX11_OVERRIDE
+ void Close() CXX11_OVERRIDE
{
- AddToCull();
+ if (waitingcull || !HasFd())
+ return;
+
+ waitingcull = true;
+ BufferedSocket::Close();
+ ServerInstance->GlobalCulls.AddItem(this);
}
- std::string Response(int response)
+ void OnError(BufferedSocketError err) CXX11_OVERRIDE
{
- switch (response)
- {
- case 100:
- return "CONTINUE";
- case 101:
- return "SWITCHING PROTOCOLS";
- case 200:
- return "OK";
- case 201:
- return "CREATED";
- case 202:
- return "ACCEPTED";
- case 203:
- return "NON-AUTHORITATIVE INFORMATION";
- case 204:
- return "NO CONTENT";
- case 205:
- return "RESET CONTENT";
- case 206:
- return "PARTIAL CONTENT";
- case 300:
- return "MULTIPLE CHOICES";
- case 301:
- return "MOVED PERMANENTLY";
- case 302:
- return "FOUND";
- case 303:
- return "SEE OTHER";
- case 304:
- return "NOT MODIFIED";
- case 305:
- return "USE PROXY";
- case 307:
- return "TEMPORARY REDIRECT";
- case 400:
- return "BAD REQUEST";
- case 401:
- return "UNAUTHORIZED";
- case 402:
- return "PAYMENT REQUIRED";
- case 403:
- return "FORBIDDEN";
- case 404:
- return "NOT FOUND";
- case 405:
- return "METHOD NOT ALLOWED";
- case 406:
- return "NOT ACCEPTABLE";
- case 407:
- return "PROXY AUTHENTICATION REQUIRED";
- case 408:
- return "REQUEST TIMEOUT";
- case 409:
- return "CONFLICT";
- case 410:
- return "GONE";
- case 411:
- return "LENGTH REQUIRED";
- case 412:
- return "PRECONDITION FAILED";
- case 413:
- return "REQUEST ENTITY TOO LARGE";
- case 414:
- return "REQUEST-URI TOO LONG";
- case 415:
- return "UNSUPPORTED MEDIA TYPE";
- case 416:
- return "REQUESTED RANGE NOT SATISFIABLE";
- case 417:
- return "EXPECTATION FAILED";
- case 500:
- return "INTERNAL SERVER ERROR";
- case 501:
- return "NOT IMPLEMENTED";
- case 502:
- return "BAD GATEWAY";
- case 503:
- return "SERVICE UNAVAILABLE";
- case 504:
- return "GATEWAY TIMEOUT";
- case 505:
- return "HTTP VERSION NOT SUPPORTED";
- default:
- return "WTF";
- break;
-
- }
+ ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "HTTP socket %d encountered an error: %d - %s",
+ GetFd(), err, getError().c_str());
+ Close();
}
- void SendHTTPError(int response)
+ void SendHTTPError(unsigned int response, const char* errstr = NULL)
{
- HTTPHeaders empty;
- std::string data = "<html><head></head><body>Server error "+ConvToStr(response)+": "+Response(response)+"<br>"+
- "<small>Powered by <a href='http://www.inspircd.org'>InspIRCd</a></small></body></html>";
-
- SendHeaders(data.length(), response, empty);
- WriteData(data);
+ if (!errstr)
+ errstr = http_status_str((http_status)response);
+
+ ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Sending HTTP error %u: %s", response, errstr);
+ static HTTPHeaders empty;
+ std::string data = InspIRCd::Format(
+ "<html><head></head><body style='font-family: sans-serif; text-align: center'>"
+ "<h1 style='font-size: 48pt'>Error %u</h1><h2 style='font-size: 24pt'>%s</h2><hr>"
+ "<small>Powered by <a href='https://www.inspircd.org'>InspIRCd</a></small></body></html>",
+ response, errstr);
+
+ Page(data, response, &empty);
}
- void SendHeaders(unsigned long size, int response, HTTPHeaders &rheaders)
+ void SendHeaders(unsigned long size, unsigned int response, HTTPHeaders &rheaders)
{
-
- WriteData(http_version + " "+ConvToStr(response)+" "+Response(response)+"\r\n");
+ WriteData(InspIRCd::Format("HTTP/%u.%u %u %s\r\n", parser.http_major ? parser.http_major : 1, parser.http_major ? parser.http_minor : 1, response, http_status_str((http_status)response)));
rheaders.CreateHeader("Date", InspIRCd::TimeString(ServerInstance->Time(), "%a, %d %b %Y %H:%M:%S GMT", true));
rheaders.CreateHeader("Server", INSPIRCD_BRANCH);
else
rheaders.RemoveHeader("Content-Type");
- /* Supporting Connection: keep-alive causes a whole world of hurt syncronizing timeouts,
+ /* Supporting Connection: keep-alive causes a whole world of hurt synchronizing timeouts,
* so remove it, its not essential for what we need.
*/
rheaders.SetHeader("Connection", "Close");
WriteData("\r\n");
}
- void OnDataReady()
+ void OnDataReady() CXX11_OVERRIDE
{
- if (InternalState == HTTP_SERVE_RECV_POSTDATA)
- {
- postdata.append(recvq);
- if (postdata.length() >= postsize)
- ServeData();
- }
- else
- {
- reqbuffer.append(recvq);
+ if (parser.upgrade || HTTP_PARSER_ERRNO(&parser))
+ return;
+ http_parser_execute(&parser, &parser_settings, recvq.data(), recvq.size());
+ if (parser.upgrade)
+ SendHTTPError(status_code ? status_code : 400);
+ else if (HTTP_PARSER_ERRNO(&parser))
+ SendHTTPError(status_code ? status_code : 400, http_errno_description((http_errno)parser.http_errno));
+ }
- if (reqbuffer.length() >= 8192)
+ void ServeData()
+ {
+ ModResult MOD_RESULT;
+ std::string method = http_method_str(static_cast<http_method>(parser.method));
+ HTTPRequestURI parsed;
+ ParseURI(uri, parsed);
+ HTTPRequest acl(method, parsed, &headers, this, ip, body);
+ FIRST_MOD_RESULT_CUSTOM(*aclevprov, HTTPACLEventListener, OnHTTPACLCheck, MOD_RESULT, (acl));
+ if (MOD_RESULT != MOD_RES_DENY)
+ {
+ HTTPRequest request(method, parsed, &headers, this, ip, body);
+ FIRST_MOD_RESULT_CUSTOM(*reqevprov, HTTPRequestEventListener, OnHTTPRequest, MOD_RESULT, (request));
+ if (MOD_RESULT == MOD_RES_PASSTHRU)
{
- ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "m_httpd dropped connection due to an oversized request buffer");
- reqbuffer.clear();
- SetError("Buffer");
+ SendHTTPError(404);
}
-
- if (InternalState == HTTP_SERVE_WAIT_REQUEST)
- CheckRequestBuffer();
}
}
- void CheckRequestBuffer()
+ void Page(const std::string& s, unsigned int response, HTTPHeaders* hheaders)
{
- std::string::size_type reqend = reqbuffer.find("\r\n\r\n");
- if (reqend == std::string::npos)
- return;
+ SendHeaders(s.length(), response, *hheaders);
+ WriteData(s);
+ BufferedSocket::Close(true);
+ }
- // We have the headers; parse them all
- std::string::size_type hbegin = 0, hend;
- while ((hend = reqbuffer.find("\r\n", hbegin)) != std::string::npos)
- {
- if (hbegin == hend)
- break;
+ void Page(std::stringstream* n, unsigned int response, HTTPHeaders* hheaders)
+ {
+ Page(n->str(), response, hheaders);
+ }
- if (request_type.empty())
- {
- std::istringstream cheader(std::string(reqbuffer, hbegin, hend - hbegin));
- cheader >> request_type;
- cheader >> uri;
- cheader >> http_version;
+ bool ParseURI(const std::string& uristr, HTTPRequestURI& out)
+ {
+ http_parser_url_init(&url);
+ if (http_parser_parse_url(uristr.c_str(), uristr.size(), 0, &url) != 0)
+ return false;
- if (request_type.empty() || uri.empty() || http_version.empty())
+ if (url.field_set & (1 << UF_PATH))
+ {
+ // Normalise the path.
+ std::vector<std::string> pathsegments;
+ irc::sepstream pathstream(uri.substr(url.field_data[UF_PATH].off, url.field_data[UF_PATH].len), '/');
+ for (std::string pathsegment; pathstream.GetToken(pathsegment); )
+ {
+ if (pathsegment == ".")
{
- SendHTTPError(400);
- return;
+ // Stay at the current level.
+ continue;
}
- hbegin = hend + 2;
- continue;
- }
-
- std::string cheader(reqbuffer, hbegin, hend - hbegin);
+ if (pathsegment == "..")
+ {
+ // Traverse up to the previous level.
+ if (!pathsegments.empty())
+ pathsegments.pop_back();
+ continue;
+ }
- std::string::size_type fieldsep = cheader.find(':');
- if ((fieldsep == std::string::npos) || (fieldsep == 0) || (fieldsep == cheader.length() - 1))
- {
- SendHTTPError(400);
- return;
+ pathsegments.push_back(pathsegment);
}
- headers.SetHeader(cheader.substr(0, fieldsep), cheader.substr(fieldsep + 2));
-
- hbegin = hend + 2;
+ out.path.reserve(url.field_data[UF_PATH].len);
+ out.path.append("/").append(stdalgo::string::join(pathsegments, '/'));
}
- reqbuffer.erase(0, reqend + 4);
+ if (url.field_set & (1 << UF_FRAGMENT))
+ out.fragment = uri.substr(url.field_data[UF_FRAGMENT].off, url.field_data[UF_FRAGMENT].len);
- std::transform(request_type.begin(), request_type.end(), request_type.begin(), ::toupper);
- std::transform(http_version.begin(), http_version.end(), http_version.begin(), ::toupper);
+ std::string param_str;
+ if (url.field_set & (1 << UF_QUERY))
+ param_str = uri.substr(url.field_data[UF_QUERY].off, url.field_data[UF_QUERY].len);
- if ((http_version != "HTTP/1.1") && (http_version != "HTTP/1.0"))
+ irc::sepstream param_stream(param_str, '&');
+ std::string token;
+ std::string::size_type eq_pos;
+ while (param_stream.GetToken(token))
{
- SendHTTPError(505);
- return;
- }
-
- if (headers.IsSet("Content-Length") && (postsize = ConvToInt(headers.GetHeader("Content-Length"))) > 0)
- {
- InternalState = HTTP_SERVE_RECV_POSTDATA;
-
- if (reqbuffer.length() >= postsize)
+ eq_pos = token.find('=');
+ if (eq_pos == std::string::npos)
{
- postdata.assign(reqbuffer, 0, postsize);
- reqbuffer.erase(0, postsize);
+ out.query_params.insert(std::make_pair(token, ""));
}
- else if (!reqbuffer.empty())
- {
- postdata = reqbuffer;
- reqbuffer.clear();
- }
-
- if (postdata.length() >= postsize)
- ServeData();
-
- return;
- }
-
- ServeData();
- }
-
- void ServeData()
- {
- InternalState = HTTP_SERVE_SEND_DATA;
-
- ModResult MOD_RESULT;
- HTTPRequest acl(request_type, uri, &headers, this, ip, postdata);
- FIRST_MOD_RESULT_CUSTOM(*aclevprov, HTTPACLEventListener, OnHTTPACLCheck, MOD_RESULT, (acl));
- if (MOD_RESULT != MOD_RES_DENY)
- {
- HTTPRequest url(request_type, uri, &headers, this, ip, postdata);
- FIRST_MOD_RESULT_CUSTOM(*reqevprov, HTTPRequestEventListener, OnHTTPRequest, MOD_RESULT, (url));
- if (MOD_RESULT == MOD_RES_PASSTHRU)
+ else
{
- SendHTTPError(404);
+ out.query_params.insert(std::make_pair(token.substr(0, eq_pos), token.substr(eq_pos + 1)));
}
}
- }
-
- void Page(std::stringstream* n, int response, HTTPHeaders *hheaders)
- {
- SendHeaders(n->str().length(), response, *hheaders);
- WriteData(n->str());
- }
-
- void AddToCull()
- {
- if (waitingcull)
- return;
-
- waitingcull = true;
- Close();
- ServerInstance->GlobalCulls.AddItem(this);
+ return true;
}
};
{
aclevprov = &acleventprov;
reqevprov = &reqeventprov;
+ HttpServerSocket::ConfigureParser();
}
void init() CXX11_OVERRIDE
void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE
{
ConfigTag* tag = ServerInstance->Config->ConfValue("httpd");
- timeoutsec = tag->getInt("timeout", 10, 1);
+ timeoutsec = tag->getDuration("timeout", 10, 1);
}
ModResult OnAcceptConnection(int nfd, ListenSocket* from, irc::sockets::sockaddrs* client, irc::sockets::sockaddrs* server) CXX11_OVERRIDE
{
- if (from->bind_tag->getString("type") != "httpd")
+ if (!stdalgo::string::equalsci(from->bind_tag->getString("type"), "httpd"))
return MOD_RES_PASSTHRU;
- int port;
- std::string incomingip;
- irc::sockets::satoap(*client, incomingip, port);
- sockets.push_front(new HttpServerSocket(nfd, incomingip, from, client, server, timeoutsec));
+
+ sockets.push_front(new HttpServerSocket(nfd, client->addr(), from, client, server, timeoutsec));
return MOD_RES_ALLOW;
}
- void OnUnloadModule(Module* mod)
+ void OnUnloadModule(Module* mod) CXX11_OVERRIDE
{
for (insp::intrusive_list<HttpServerSocket>::const_iterator i = sockets.begin(); i != sockets.end(); )
{
for (insp::intrusive_list<HttpServerSocket>::const_iterator i = sockets.begin(); i != sockets.end(); ++i)
{
HttpServerSocket* sock = *i;
- sock->AddToCull();
+ sock->Close();
}
return Module::cull();
}
Version GetVersion() CXX11_OVERRIDE
{
- return Version("Provides HTTP serving facilities to modules", VF_VENDOR);
+ return Version("Allows the server administrator to serve various useful resources over HTTP.", VF_VENDOR);
}
};