📄 mod_cgid.c
字号:
ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, "write to cgi daemon process"); } info = apr_palloc(r->pool, sizeof(struct cleanup_script_info)); info->r = r; info->conn_id = r->connection->id; info->conf = conf; apr_pool_cleanup_register(r->pool, info, cleanup_script, apr_pool_cleanup_null); /* We are putting the socket discriptor into an apr_file_t so that we can * use a pipe bucket to send the data to the client. APR will create * a cleanup for the apr_file_t which will close the socket, so we'll * get rid of the cleanup we registered when we created the socket. */ apr_os_pipe_put_ex(&tempsock, &sd, 1, r->pool); apr_pool_cleanup_kill(r->pool, (void *)((long)sd), close_unix_socket); if ((argv0 = strrchr(r->filename, '/')) != NULL) argv0++; else argv0 = r->filename; /* Transfer any put/post args, CERN style... * Note that we already ignore SIGPIPE in the core server. */ bb = apr_brigade_create(r->pool, r->connection->bucket_alloc); seen_eos = 0; child_stopped_reading = 0; if (conf->logname) { dbuf = apr_palloc(r->pool, conf->bufbytes + 1); dbpos = 0; } do { apr_bucket *bucket; rv = ap_get_brigade(r->input_filters, bb, AP_MODE_READBYTES, APR_BLOCK_READ, HUGE_STRING_LEN); if (rv != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, "Error reading request entity data"); return HTTP_INTERNAL_SERVER_ERROR; } for (bucket = APR_BRIGADE_FIRST(bb); bucket != APR_BRIGADE_SENTINEL(bb); bucket = APR_BUCKET_NEXT(bucket)) { const char *data; apr_size_t len; if (APR_BUCKET_IS_EOS(bucket)) { seen_eos = 1; break; } /* We can't do much with this. */ if (APR_BUCKET_IS_FLUSH(bucket)) { continue; } /* If the child stopped, we still must read to EOS. */ if (child_stopped_reading) { continue; } /* read */ apr_bucket_read(bucket, &data, &len, APR_BLOCK_READ); if (conf->logname && dbpos < conf->bufbytes) { int cursize; if ((dbpos + len) > conf->bufbytes) { cursize = conf->bufbytes - dbpos; } else { cursize = len; } memcpy(dbuf + dbpos, data, cursize); dbpos += cursize; } /* Keep writing data to the child until done or too much time * elapses with no progress or an error occurs. */ rv = apr_file_write_full(tempsock, data, len, NULL); if (rv != APR_SUCCESS) { /* silly script stopped reading, soak up remaining message */ child_stopped_reading = 1; } } apr_brigade_cleanup(bb); } while (!seen_eos); if (conf->logname) { dbuf[dbpos] = '\0'; } /* we're done writing, or maybe we didn't write at all; * force EOF on child's stdin so that the cgi detects end (or * absence) of data */ shutdown(sd, 1); /* Handle script return... */ if (!nph) { const char *location; char sbuf[MAX_STRING_LEN]; int ret; bb = apr_brigade_create(r->pool, c->bucket_alloc); b = apr_bucket_pipe_create(tempsock, c->bucket_alloc); APR_BRIGADE_INSERT_TAIL(bb, b); b = apr_bucket_eos_create(c->bucket_alloc); APR_BRIGADE_INSERT_TAIL(bb, b); if ((ret = ap_scan_script_header_err_brigade(r, bb, sbuf))) { ret = log_script(r, conf, ret, dbuf, sbuf, bb, NULL); /* * ret could be HTTP_NOT_MODIFIED in the case that the CGI script * does not set an explicit status and ap_meets_conditions, which * is called by ap_scan_script_header_err_brigade, detects that * the conditions of the requests are met and the response is * not modified. * In this case set r->status and return OK in order to prevent * running through the error processing stack as this would * break with mod_cache, if the conditions had been set by * mod_cache itself to validate a stale entity. * BTW: We circumvent the error processing stack anyway if the * CGI script set an explicit status code (whatever it is) and * the only possible values for ret here are: * * HTTP_NOT_MODIFIED (set by ap_meets_conditions) * HTTP_PRECONDITION_FAILED (set by ap_meets_conditions) * HTTP_INTERNAL_SERVER_ERROR (if something went wrong during the * processing of the response of the CGI script, e.g broken headers * or a crashed CGI process). */ if (ret == HTTP_NOT_MODIFIED) { r->status = ret; return OK; } return ret; } location = apr_table_get(r->headers_out, "Location"); if (location && location[0] == '/' && r->status == 200) { /* Soak up all the script output */ discard_script_output(bb); apr_brigade_destroy(bb); /* This redirect needs to be a GET no matter what the original * method was. */ r->method = apr_pstrdup(r->pool, "GET"); r->method_number = M_GET; /* We already read the message body (if any), so don't allow * the redirected request to think it has one. We can ignore * Transfer-Encoding, since we used REQUEST_CHUNKED_ERROR. */ apr_table_unset(r->headers_in, "Content-Length"); ap_internal_redirect_handler(location, r); return OK; } else if (location && r->status == 200) { /* XX Note that if a script wants to produce its own Redirect * body, it now has to explicitly *say* "Status: 302" */ discard_script_output(bb); apr_brigade_destroy(bb); return HTTP_MOVED_TEMPORARILY; } ap_pass_brigade(r->output_filters, bb); } if (nph) { struct ap_filter_t *cur; /* get rid of all filters up through protocol... since we * haven't parsed off the headers, there is no way they can * work */ cur = r->proto_output_filters; while (cur && cur->frec->ftype < AP_FTYPE_CONNECTION) { cur = cur->next; } r->output_filters = r->proto_output_filters = cur; bb = apr_brigade_create(r->pool, c->bucket_alloc); b = apr_bucket_pipe_create(tempsock, c->bucket_alloc); APR_BRIGADE_INSERT_TAIL(bb, b); b = apr_bucket_eos_create(c->bucket_alloc); APR_BRIGADE_INSERT_TAIL(bb, b); ap_pass_brigade(r->output_filters, bb); } return OK; /* NOT r->status, even if it has changed. */}/*============================================================================ *============================================================================ * This is the beginning of the cgi filter code moved from mod_include. This * is the code required to handle the "exec" SSI directive. *============================================================================ *============================================================================*/static apr_status_t include_cgi(include_ctx_t *ctx, ap_filter_t *f, apr_bucket_brigade *bb, char *s){ request_rec *r = f->r; request_rec *rr = ap_sub_req_lookup_uri(s, r, f->next); int rr_status; if (rr->status != HTTP_OK) { ap_destroy_sub_req(rr); return APR_EGENERAL; } /* No hardwired path info or query allowed */ if ((rr->path_info && rr->path_info[0]) || rr->args) { ap_destroy_sub_req(rr); return APR_EGENERAL; } if (rr->finfo.filetype != APR_REG) { ap_destroy_sub_req(rr); return APR_EGENERAL; } /* Script gets parameters of the *document*, for back compatibility */ rr->path_info = r->path_info; /* hard to get right; see mod_cgi.c */ rr->args = r->args; /* Force sub_req to be treated as a CGI request, even if ordinary * typing rules would have called it something else. */ ap_set_content_type(rr, CGI_MAGIC_TYPE); /* Run it. */ rr_status = ap_run_sub_req(rr); if (ap_is_HTTP_REDIRECT(rr_status)) { const char *location = apr_table_get(rr->headers_out, "Location"); if (location) { char *buffer; location = ap_escape_html(rr->pool, location); buffer = apr_pstrcat(ctx->pool, "<a href=\"", location, "\">", location, "</a>", NULL); APR_BRIGADE_INSERT_TAIL(bb, apr_bucket_pool_create(buffer, strlen(buffer), ctx->pool, f->c->bucket_alloc)); } } ap_destroy_sub_req(rr); return APR_SUCCESS;}/* This is the special environment used for running the "exec cmd=" * variety of SSI directives. */static void add_ssi_vars(request_rec *r){ apr_table_t *e = r->subprocess_env; if (r->path_info && r->path_info[0] != '\0') { request_rec *pa_req; apr_table_setn(e, "PATH_INFO", ap_escape_shell_cmd(r->pool, r->path_info)); pa_req = ap_sub_req_lookup_uri(ap_escape_uri(r->pool, r->path_info), r, NULL); if (pa_req->filename) { apr_table_setn(e, "PATH_TRANSLATED", apr_pstrcat(r->pool, pa_req->filename, pa_req->path_info, NULL)); } ap_destroy_sub_req(pa_req); } if (r->args) { char *arg_copy = apr_pstrdup(r->pool, r->args); apr_table_setn(e, "QUERY_STRING", r->args); ap_unescape_url(arg_copy); apr_table_setn(e, "QUERY_STRING_UNESCAPED", ap_escape_shell_cmd(r->pool, arg_copy)); }}static int include_cmd(include_ctx_t *ctx, ap_filter_t *f, apr_bucket_brigade *bb, char *command){ char **env; int sd; int retval; apr_file_t *tempsock = NULL; request_rec *r = f->r; cgid_server_conf *conf = ap_get_module_config(r->server->module_config, &cgid_module); struct cleanup_script_info *info; add_ssi_vars(r); env = ap_create_environment(r->pool, r->subprocess_env); if ((retval = connect_to_daemon(&sd, r, conf)) != OK) { return retval; } send_req(sd, r, command, env, SSI_REQ); info = apr_palloc(r->pool, sizeof(struct cleanup_script_info)); info->r = r; info->conn_id = r->connection->id; info->conf = conf; /* for this type of request, the script is invoked through an * intermediate shell process... cleanup_script is only able * to knock out the shell process, not the actual script */ apr_pool_cleanup_register(r->pool, info, cleanup_script, apr_pool_cleanup_null); /* We are putting the socket discriptor into an apr_file_t so that we can * use a pipe bucket to send the data to the client. APR will create * a cleanup for the apr_file_t which will close the socket, so we'll * get rid of the cleanup we registered when we created the socket. */ apr_os_pipe_put_ex(&tempsock, &sd, 1, r->pool); apr_pool_cleanup_kill(r->pool, (void *)((long)sd), close_unix_socket); APR_BRIGADE_INSERT_TAIL(bb, apr_bucket_pipe_create(tempsock, f->c->bucket_alloc)); ctx->flush_now = 1; return APR_SUCCESS;}static apr_status_t handle_exec(include_ctx_t *ctx, ap_filter_t *f, apr_bucket_brigade *bb){ char *tag = NULL; char *tag_val = NULL; request_rec *r = f->r; char *file = r->filename; char parsed_string[MAX_STRING_LEN]; if (!ctx->argc) { ap_log_rerror(APLOG_MARK, (ctx->flags & SSI_FLAG_PRINTING) ? APLOG_ERR : APLOG_WARNING, 0, r, "missing argument for exec element in %s", r->filename); } if (!(ctx->flags & SSI_FLAG_PRINTING)) { return APR_SUCCESS; } if (!ctx->argc) { SSI_CREATE_ERROR_BUCKET(ctx, f, bb); return APR_SUCCESS; } if (ctx->flags & SSI_FLAG_NO_EXEC) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "exec used but not allowed " "in %s", r->filename); SSI_CREATE_ERROR_BUCKET(ctx, f, bb); return APR_SUCCESS; } while (1) { cgid_pfn_gtv(ctx, &tag, &tag_val, SSI_VALUE_DECODED); if (!tag || !tag_val) { break; } if (!strcmp(tag, "cmd")) { apr_status_t rv; cgid_pfn_ps(ctx, tag_val, parsed_string, sizeof(parsed_string), SSI_EXPAND_LEAVE_NAME); rv = include_cmd(ctx, f, bb, parsed_string); if (rv != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "execution failure for parameter \"%s\" " "to tag exec in file %s", tag, r->filename); SSI_CREATE_ERROR_BUCKET(ctx, f, bb); break; } } else if (!strcmp(tag, "cgi")) { apr_status_t rv; cgid_pfn_ps(ctx, tag_val, parsed_string, sizeof(parsed_string), SSI_EXPAND_DROP_NAME); rv = include_cgi(ctx, f, bb, parsed_string); if (rv != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "invalid CGI ref " "\"%s\" in %s", tag_val, file); SSI_CREATE_ERROR_BUCKET(ctx, f, bb); break; } } else { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "unknown parameter " "\"%s\" to tag exec in %s", tag, file); SSI_CREATE_ERROR_BUCKET(ctx, f, bb); break; } } return APR_SUCCESS;}/*============================================================================ *============================================================================ * This is the end of the cgi filter code moved from mod_include. *============================================================================ *============================================================================*/static void register_hook(apr_pool_t *p){ static const char * const aszPre[] = { "mod_include.c", NULL }; ap_hook_pre_config(cgid_pre_config, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_post_config(cgid_init, aszPre, NULL, APR_HOOK_MIDDLE); ap_hook_handler(cgid_handler, NULL, NULL, APR_HOOK_MIDDLE);}module AP_MODULE_DECLARE_DATA cgid_module = { STANDARD20_MODULE_STUFF, NULL, /* dir config creater */ NULL, /* dir merger --- default is to override */ create_cgid_config, /* server config */ merge_cgid_config, /* merge server config */ cgid_cmds, /* command table */ register_hook /* register_handlers */};⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -