-/* Copyright 1999-2005 The Apache Software Foundation or its licensors, as
- * applicable.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
#include <stdlib.h>
#endif
-#define CORE_PRIVATE
#include "ap_config.h"
#include "httpd.h"
#include "http_config.h"
#define MALFORMED_MESSAGE "malformed header from script. Bad header="
#define MALFORMED_HEADER_LENGTH_TO_SHOW 30
-static char *http2env(apr_pool_t *a, const char *w)
+APLOG_USE_MODULE(core);
+
+static char *http2env(request_rec *r, const char *w)
{
- char *res = (char *)apr_palloc(a, sizeof("HTTP_") + strlen(w));
+ char *res = (char *)apr_palloc(r->pool, sizeof("HTTP_") + strlen(w));
char *cp = res;
char c;
*cp++ = '_';
while ((c = *w++) != 0) {
- if (!apr_isalnum(c)) {
+ if (apr_isalnum(c)) {
+ *cp++ = apr_toupper(c);
+ }
+ else if (c == '-') {
*cp++ = '_';
}
else {
- *cp++ = apr_toupper(c);
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
+ "Not exporting header with invalid name as envvar: %s",
+ ap_escape_logitem(r->pool, w));
+ return NULL;
}
}
*cp = 0;
-
+
return res;
}
+static void add_unless_null(apr_table_t *table, const char *name, const char *val)
+{
+ if (name && val) {
+ apr_table_addn(table, name, val);
+ }
+}
+
+static void env2env(apr_table_t *table, const char *name)
+{
+ add_unless_null(table, name, getenv(name));
+}
+
AP_DECLARE(char **) ap_create_environment(apr_pool_t *p, apr_table_t *t)
{
const apr_array_header_t *env_arr = apr_table_elts(t);
apr_table_t *e;
server_rec *s = r->server;
conn_rec *c = r->connection;
- const char *rem_logname;
- char *env_path;
-#if defined(WIN32) || defined(OS2) || defined(BEOS)
- char *env_temp;
-#endif
- const char *host;
+ const char *env_temp;
const apr_array_header_t *hdrs_arr = apr_table_elts(r->headers_in);
const apr_table_entry_t *hdrs = (const apr_table_entry_t *) hdrs_arr->elts;
int i;
* in the environment with "ps -e". But, if you must...
*/
#ifndef SECURITY_HOLE_PASS_AUTHORIZATION
- else if (!strcasecmp(hdrs[i].key, "Authorization")
+ else if (!strcasecmp(hdrs[i].key, "Authorization")
|| !strcasecmp(hdrs[i].key, "Proxy-Authorization")) {
continue;
}
#endif
- else {
- apr_table_addn(e, http2env(r->pool, hdrs[i].key), hdrs[i].val);
- }
- }
-
- if (!(env_path = getenv("PATH"))) {
- env_path = DEFAULT_PATH;
- }
- apr_table_addn(e, "PATH", apr_pstrdup(r->pool, env_path));
-
-#ifdef WIN32
- if (env_temp = getenv("SystemRoot")) {
- apr_table_addn(e, "SystemRoot", env_temp);
- }
- if (env_temp = getenv("COMSPEC")) {
- apr_table_addn(e, "COMSPEC", env_temp);
- }
- if (env_temp = getenv("PATHEXT")) {
- apr_table_addn(e, "PATHEXT", env_temp);
- }
- if (env_temp = getenv("WINDIR")) {
- apr_table_addn(e, "WINDIR", env_temp);
- }
-#endif
-
-#ifdef OS2
- if ((env_temp = getenv("COMSPEC")) != NULL) {
- apr_table_addn(e, "COMSPEC", env_temp);
- }
- if ((env_temp = getenv("ETC")) != NULL) {
- apr_table_addn(e, "ETC", env_temp);
- }
- if ((env_temp = getenv("DPATH")) != NULL) {
- apr_table_addn(e, "DPATH", env_temp);
- }
- if ((env_temp = getenv("PERLLIB_PREFIX")) != NULL) {
- apr_table_addn(e, "PERLLIB_PREFIX", env_temp);
- }
-#endif
-
-#ifdef BEOS
- if ((env_temp = getenv("LIBRARY_PATH")) != NULL) {
- apr_table_addn(e, "LIBRARY_PATH", env_temp);
- }
+ else
+ add_unless_null(e, http2env(r, hdrs[i].key), hdrs[i].val);
+ }
+
+ env_temp = apr_table_get(r->subprocess_env, "PATH");
+ if (env_temp == NULL) {
+ env_temp = getenv("PATH");
+ }
+ if (env_temp == NULL) {
+ env_temp = DEFAULT_PATH;
+ }
+ apr_table_addn(e, "PATH", apr_pstrdup(r->pool, env_temp));
+
+#if defined(WIN32)
+ env2env(e, "SystemRoot");
+ env2env(e, "COMSPEC");
+ env2env(e, "PATHEXT");
+ env2env(e, "WINDIR");
+#elif defined(OS2)
+ env2env(e, "COMSPEC");
+ env2env(e, "ETC");
+ env2env(e, "DPATH");
+ env2env(e, "PERLLIB_PREFIX");
+#elif defined(BEOS)
+ env2env(e, "LIBRARY_PATH");
+#elif defined(DARWIN)
+ env2env(e, "DYLD_LIBRARY_PATH");
+#elif defined(_AIX)
+ env2env(e, "LIBPATH");
+#elif defined(__HPUX__)
+ /* HPUX PARISC 2.0W knows both, otherwise redundancy is harmless */
+ env2env(e, "SHLIB_PATH");
+ env2env(e, "LD_LIBRARY_PATH");
+#else /* Some Unix */
+ env2env(e, "LD_LIBRARY_PATH");
#endif
apr_table_addn(e, "SERVER_SIGNATURE", ap_psignature("", r));
- apr_table_addn(e, "SERVER_SOFTWARE", ap_get_server_version());
+ apr_table_addn(e, "SERVER_SOFTWARE", ap_get_server_banner());
apr_table_addn(e, "SERVER_NAME",
ap_escape_html(r->pool, ap_get_server_name(r)));
apr_table_addn(e, "SERVER_ADDR", r->connection->local_ip); /* Apache */
apr_table_addn(e, "SERVER_PORT",
apr_psprintf(r->pool, "%u", ap_get_server_port(r)));
- host = ap_get_remote_host(c, r->per_dir_config, REMOTE_HOST, NULL);
- if (host) {
- apr_table_addn(e, "REMOTE_HOST", host);
- }
+ add_unless_null(e, "REMOTE_HOST",
+ ap_get_remote_host(c, r->per_dir_config, REMOTE_HOST, NULL));
apr_table_addn(e, "REMOTE_ADDR", c->remote_ip);
apr_table_addn(e, "DOCUMENT_ROOT", ap_document_root(r)); /* Apache */
apr_table_addn(e, "SERVER_ADMIN", s->server_admin); /* Apache */
back = back->prev;
}
}
- if (r->ap_auth_type) {
- apr_table_addn(e, "AUTH_TYPE", r->ap_auth_type);
- }
- rem_logname = ap_get_remote_logname(r);
- if (rem_logname) {
- apr_table_addn(e, "REMOTE_IDENT", apr_pstrdup(r->pool, rem_logname));
+ add_unless_null(e, "AUTH_TYPE", r->ap_auth_type);
+ env_temp = ap_get_remote_logname(r);
+ if (env_temp) {
+ apr_table_addn(e, "REMOTE_IDENT", apr_pstrdup(r->pool, env_temp));
}
/* Apache custom error responses. If we have redirected set two new vars */
if (r->prev) {
- if (r->prev->args) {
- apr_table_addn(e, "REDIRECT_QUERY_STRING", r->prev->args);
- }
- if (r->prev->uri) {
- apr_table_addn(e, "REDIRECT_URL", r->prev->uri);
- }
+ add_unless_null(e, "REDIRECT_QUERY_STRING", r->prev->args);
+ add_unless_null(e, "REDIRECT_URL", r->prev->uri);
}
if (e != r->subprocess_env) {
apr_table_setn(e, "GATEWAY_INTERFACE", "CGI/1.1");
apr_table_setn(e, "SERVER_PROTOCOL", r->protocol);
apr_table_setn(e, "REQUEST_METHOD", r->method);
+ apr_table_setn(e, "REQUEST_SCHEME", ap_http_scheme(r));
apr_table_setn(e, "QUERY_STRING", r->args ? r->args : "");
- apr_table_setn(e, "REQUEST_URI", original_uri(r));
+ apr_table_setn(e, "REQUEST_URI", original_uri(r));
/* Note that the code below special-cases scripts run from includes,
* because it "knows" that the sub_request has been hacked to have the
return 1;
}
+#define HTTP_UNSET (-HTTP_OK)
+
AP_DECLARE(int) ap_scan_script_header_err_core(request_rec *r, char *buffer,
int (*getsfunc) (char *, int, void *),
void *getsfunc_data)
char x[MAX_STRING_LEN];
char *w, *l;
int p;
- int cgi_status = HTTP_OK;
+ int cgi_status = HTTP_UNSET;
apr_table_t *merge;
apr_table_t *cookie_table;
while (1) {
- if ((*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data) == 0) {
+ int rv = (*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data);
+ if (rv == 0) {
ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,
- "Premature end of script headers: %s",
+ "Premature end of script headers: %s",
apr_filepath_name_get(r->filename));
return HTTP_INTERNAL_SERVER_ERROR;
}
+ else if (rv == -1) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,
+ "Script timed out before returning headers: %s",
+ apr_filepath_name_get(r->filename));
+ return HTTP_GATEWAY_TIME_OUT;
+ }
/* Delete terminal (CR?)LF */
/* Indeed, the host's '\n':
'\012' for UNIX; '\015' for MacOS; '\025' for OS/390
-- whatever the script generates.
- */
+ */
if (p > 0 && w[p - 1] == '\n') {
if (p > 1 && w[p - 2] == CR) {
w[p - 2] = '\0';
if (w[0] == '\0') {
int cond_status = OK;
- if ((cgi_status == HTTP_OK) && (r->method_number == M_GET)) {
+ /* PR#38070: This fails because it gets confused when a
+ * CGI Status header overrides ap_meets_conditions.
+ *
+ * We can fix that by dropping ap_meets_conditions when
+ * Status has been set. Since this is the only place
+ * cgi_status gets used, let's test it explicitly.
+ *
+ * The alternative would be to ignore CGI Status when
+ * ap_meets_conditions returns anything interesting.
+ * That would be safer wrt HTTP, but would break CGI.
+ */
+ if ((cgi_status == HTTP_UNSET) && (r->method_number == M_GET)) {
cond_status = ap_meets_conditions(r);
}
apr_table_overlap(r->err_headers_out, merge,
}
ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,
- "%s: %s", malformed,
+ "%s: %s", malformed,
apr_filepath_name_get(r->filename));
return HTTP_INTERNAL_SERVER_ERROR;
}
else if (!strcasecmp(w, "Transfer-Encoding")) {
apr_table_set(r->headers_out, w, l);
}
+ else if (!strcasecmp(w, "ETag")) {
+ apr_table_set(r->headers_out, w, l);
+ }
/*
* If the script gave us a Last-Modified header, we can't just
* pass it on blindly because of restrictions on future values.
apr_table_add(merge, w, l);
}
}
-
+ /* never reached - we leave this function within the while loop above */
return OK;
}
rv = apr_bucket_read(e, &bucket_data, &bucket_data_len,
APR_BLOCK_READ);
if (rv != APR_SUCCESS || (bucket_data_len == 0)) {
- return 0;
+ return APR_STATUS_IS_TIMEUP(rv) ? -1 : 0;
}
src = bucket_data;
src_end = bucket_data + bucket_data_len;
struct vastrs *strs = (struct vastrs*) pvastrs;
const char *p;
int t;
-
- if (!strs->curpos || !*strs->curpos)
+
+ if (!strs->curpos || !*strs->curpos)
return 0;
p = ap_strchr_c(strs->curpos, '\n');
if (p)
}
else
strs->curpos += t;
- return t;
+ return t;
}
/* ap_scan_script_header_err_strs() accepts additional const char* args...
* character is returned to **arg, **data. (The first optional arg is
* counted as 0.)
*/
-AP_DECLARE_NONSTD(int) ap_scan_script_header_err_strs(request_rec *r,
- char *buffer,
+AP_DECLARE_NONSTD(int) ap_scan_script_header_err_strs(request_rec *r,
+ char *buffer,
const char **termch,
int *termarg, ...)
{
va_end(strs.args);
return res;
}
+
+
+static void
+argstr_to_table(char *str, apr_table_t *parms)
+{
+ char *key;
+ char *value;
+ char *strtok_state;
+
+ if (str == NULL) {
+ return;
+ }
+
+ key = apr_strtok(str, "&", &strtok_state);
+ while (key) {
+ value = strchr(key, '=');
+ if (value) {
+ *value = '\0'; /* Split the string in two */
+ value++; /* Skip passed the = */
+ }
+ else {
+ value = "1";
+ }
+ ap_unescape_url(key);
+ ap_unescape_url(value);
+ apr_table_set(parms, key, value);
+ key = apr_strtok(NULL, "&", &strtok_state);
+ }
+}
+
+AP_DECLARE(void) ap_args_to_table(request_rec *r, apr_table_t **table)
+{
+ apr_table_t *t = apr_table_make(r->pool, 10);
+ argstr_to_table(apr_pstrdup(r->pool, r->args), t);
+ *table = t;
+}