mod_isapi.c revision b31025f6f2c0392dc76eecca7f27faad0b902be0
176N/A/* ==================================================================== 176N/A * The Apache Software License, Version 1.1 176N/A * Copyright (c) 2000 The Apache Software Foundation. All rights 176N/A * Redistribution and use in source and binary forms, with or without 176N/A * modification, are permitted provided that the following conditions 176N/A * 1. Redistributions of source code must retain the above copyright 176N/A * notice, this list of conditions and the following disclaimer. 176N/A * 2. Redistributions in binary form must reproduce the above copyright 176N/A * notice, this list of conditions and the following disclaimer in 176N/A * the documentation and/or other materials provided with the 176N/A * 3. The end-user documentation included with the redistribution, 176N/A * if any, must include the following acknowledgment: 3813N/A * "This product includes software developed by the 176N/A * Alternately, this acknowledgment may appear in the software itself, 176N/A * if and wherever such third-party acknowledgments normally appear. 176N/A * 4. The names "Apache" and "Apache Software Foundation" must 176N/A * not be used to endorse or promote products derived from this 176N/A * software without prior written permission. For written 176N/A * permission, please contact apache@apache.org. 176N/A * 5. Products derived from this software may not be called "Apache", 176N/A * nor may "Apache" appear in their name, without prior written 176N/A * permission of the Apache Software Foundation. 176N/A * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 176N/A * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 176N/A * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 176N/A * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR 3813N/A * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 3813N/A * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 3813N/A * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 3813N/A * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 3813N/A * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 3813N/A * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 3813N/A * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2239N/A * ==================================================================== 2239N/A * This software consists of voluntary contributions made by many 2239N/A * individuals on behalf of the Apache Software Foundation. For more 1505N/A * information on the Apache Software Foundation, please see 1505N/A * Portions of this software are based upon public domain software 1505N/A * originally written at the National Center for Supercomputing Applications, 1505N/A * University of Illinois, Urbana-Champaign. 2239N/A * by Alexei Kosut <akosut@apache.org> 2239N/A * This module implements Microsoft's ISAPI, allowing Apache (when running 2239N/A * under Windows) to load Internet Server Applications (ISAPI extensions). 2239N/A * It implements all of the ISAPI 2.0 specification, except for the 2239N/A * "Microsoft-only" extensions dealing with asynchronous I/O. All ISAPI 2239N/A * extensions that use only synchronous I/O and are compatible with the 2239N/A * ISAPI 2.0 specification should work (most ISAPI 1.0 extensions should 2239N/A * To load, simply place the ISA in a location in the document tree. 2239N/A * Then add an "AddHandler isapi-isa dll" into your config file. 3856N/A * You should now be able to load ISAPI DLLs just be reffering to their 3856N/A * URLs. Make sure the ExecCGI option is active in the directory 2239N/A/* We use the exact same header file as the original */ 2239N/A#
pragma message(
"WARNING: This build of Apache is missing the recent changes")
2239N/A#
pragma message(
"in the Microsoft Win32 Platform SDK; some mod_isapi features")
2239N/A#
pragma message(
"will be disabled. To obtain the latest Platform SDK files,")
2239N/A/* TODO: Unknown errors that must be researched for correct codes */ 2239N/A/* Seems IIS does not enforce the requirement for \r\n termination on HSE_REQ_SEND_RESPONSE_HEADER, 2239N/A/* Declare the ISAPI functions */ 2239N/A The optimiser blows it totally here. What happens is that autos are addressed relative to the 2239N/A stack pointer, which, of course, moves around. The optimiser seems to lose track of it somewhere 2239N/A between setting HttpExtensionProc's address and calling through it. We work around the problem by 2239N/A forcing it to use frame pointers. 2239N/A The revisions below may eliminate this artifact. 1505N/A/* Our isapi server config structure */ 176N/A/* Our loaded isapi module description structure */ 176N/A/* Our "Connection ID" structure */ /* sort the elements of the main_server, by filename */ /* and make the virtualhosts share the same thing */ /* Otherwise we fall through and have to reload the resource * into this existing mod_isapi cache bucket. /* TODO: These need to become overrideable, so that we * assure a given isapi can be fooled into behaving well. "ISAPI %s failed to load",
fpath);
"ISAPI %s is missing GetExtensionVersion()",
"ISAPI %s is missing HttpExtensionProc()",
/* TerminateExtension() is an optional interface */ /* Run GetExtensionVersion() */ "ISAPI %s call GetExtensionVersion() failed",
/* All done with the DLL... get rid of it... * If optionally cached, pass HSE_TERM_ADVISORY_UNLOAD, * and if it returns TRUE, unload, otherwise, cache it. /* Use similar restrictions as CGIs * If this fails, it's pointless to load the isapi dll. /* Load the isapi extention without caching (sconf == NULL) * but note that we will recover an existing cached module. /* Set up connection structure and ecb */ // TODO: are copies really needed here? /* Set up the callbacks */ /* Set up client input */ /* Time to start reading the appropriate amount of data, * and allow the administrator to tweak the number * TODO: add the httpd.conf option for ReadAheadBuffer. /* Although its not to spec, IIS seems to null-terminate * its lpdData string. So we will too. /* All right... try and run the sucker */ /* Check for a log message - and log it */ /* Ignore the keepalive stuff; Apache handles it just fine without * Per Microsoft: "In IIS versions 4.0 and later, the return * values HSE_STATUS_SUCCESS and HSE_STATUS_SUCCESS_AND_KEEP_CONN * are functionally identical: Keep-Alive connections are * maintained, if supported by the client." * ... so we were pat all this time /* emulating async behavior... * Create a cid->completed event and wait on it for some timeout * so that the app thinks is it running async. * All async ServerSupportFunction calls will be handled through * the registered IO_COMPLETION hook. "ISAPI %s asynch I/O request refused",
/* TODO: Now what... if this hung, then do we kill our own * thread to force it's death? For now leave timeout = -1 /* end response if we have yet to do so. /* TODO: log unrecognized retval for debugging /* Set the status (for logging) */ /* All done with the DLL... get rid of it... */ return OK;
/* NOT r->status, even if it has changed. */ /* lf delimited, colon split, comma seperated and * null terminated list of HTTP_ vars for (i = 0; i <
nelts; i +=
2)
/* lf delimited, colon split, comma seperated and * null terminated list of the raw request header for (i = 0; i <
nelts; i +=
2) {
/* Whoops... not NULL terminated */ /* Parse them out, or die trying */ /* All the headers should be set now */ /* Any data left is sent directly by the caller, all we * give back is the size of the headers we consumed /* XXX: Is there is still an O(n^2) attack possible here? Please detail. */ case 1:
/* HSE_REQ_SEND_URL_REDIRECT_RESP */ /* Set the status to be returned when the HttpExtensionProc() * WARNING: Microsoft now advertises HSE_REQ_SEND_URL_REDIRECT_RESP * and HSE_REQ_SEND_URL as equivalant per the Jan 2000 SDK. * They most definately are not, even in their own samples. case 2:
/* HSE_REQ_SEND_URL */ /* Soak up remaining input */ /* Reset the method to GET */ /* Don't let anyone think there's still data */ /* AV fault per PR3598 - redirected path is lost! */ case 3:
/* HSE_REQ_SEND_RESPONSE_HEADER */ /* Parse them out, or die trying */ case 4:
/* HSE_REQ_DONE_WITH_SESSION */ /* Signal to resume the thread completing this request case 1001:
/* HSE_REQ_MAP_URL_TO_PATH */ /* Map a URL to a filename */ /* IIS puts a trailing slash on directories, Apache doesn't */ case 1002:
/* HSE_REQ_GET_SSPI_INFO */ "ISAPI ServerSupportFunction HSE_REQ_GET_SSPI_INFO " case 1003:
/* HSE_APPEND_LOG_PARAMETER */ /* Log lpvBuffer, of lpdwSize bytes, in the URI Query (cs-uri-query) field case 1005:
/* HSE_REQ_IO_COMPLETION */ /* Emulates a completion port... Record callback address and * user defined arg, we will call this after any async request * (e.g. transmitfile) as if the request executed async. * Per MS docs... HSE_REQ_IO_COMPLETION replaces any prior call * to HSE_REQ_IO_COMPLETION, and lpvBuffer may be set to NULL. "ISAPI ServerSupportFunction HSE_REQ_IO_COMPLETION " case 1006:
/* HSE_REQ_TRANSMIT_FILE */ "ISAPI ServerSupportFunction HSE_REQ_TRANSMIT_FILE " "as HSE_IO_ASYNC is not supported: %s", r->
filename);
/* apr_dupfile_oshandle (&fd, tf->hFile, r->pool); */ /* According to MS: if calling HSE_REQ_TRANSMIT_FILE with the * HSE_IO_SEND_HEADERS flag, then you can't otherwise call any * HSE_SEND_RESPONSE_HEADERS* fn, but if you don't use the flag, * you must have done so. They document that the pHead headers * option is valid only for HSE_IO_SEND_HEADERS - we are a bit * more flexible and assume with the flag, pHead are the * response headers, and without, pHead simply contains text * (handled after this case). /* we do nothing with (tf->dwFlags & HSE_DISCONNECT_AFTER_SEND) /* XXX: Fake async response, * use tf->pfnHseIO, or if NULL, then use cid->fnIOComplete * pass pContect to the HseIO callback. case 1007:
/* HSE_REQ_REFRESH_ISAPI_ACL */ "ISAPI ServerSupportFunction " "HSE_REQ_REFRESH_ISAPI_ACL " case 1008:
/* HSE_REQ_IS_KEEP_CONN */ case 1010:
/* XXX: Fake it : HSE_REQ_ASYNC_READ_CLIENT */ "ISAPI asynchronous I/O not supported: %s",
case 1011:
/* HSE_REQ_GET_IMPERSONATION_TOKEN Added in ISAPI 4.0 */ "ISAPI ServerSupportFunction " "HSE_REQ_GET_IMPERSONATION_TOKEN " case 1012:
/* HSE_REQ_MAP_URL_TO_PATH_EX */ /* Map a URL to a filename */ /* Mapping started with assuming both strings matched. * Now roll on the path_info as a mismatch and handle * terminating slashes for directory matches. /* roll forward over path_info's first slash */ /* Add a trailing slash for directory */ /* If the matched isn't a file, roll match back to the prior slash */ /* Paths returned with back slashes */ * HSE_URL_FLAGS_READ 0x001 Allow read * HSE_URL_FLAGS_WRITE 0x002 Allow write * HSE_URL_FLAGS_EXECUTE 0x004 Allow execute * HSE_URL_FLAGS_SSL 0x008 Require SSL * HSE_URL_FLAGS_DONT_CACHE 0x010 Don't cache (VRoot only) * HSE_URL_FLAGS_NEGO_CERT 0x020 Allow client SSL cert * HSE_URL_FLAGS_REQUIRE_CERT 0x040 Require client SSL cert * HSE_URL_FLAGS_MAP_CERT 0x080 Map client SSL cert to account * HSE_URL_FLAGS_SSL128 0x100 Require 128-bit SSL cert * HSE_URL_FLAGS_SCRIPT 0x200 Allow script execution * XxX: As everywhere, EXEC flags could use some work... * and this could go further with more flags, as desired. case 1014:
/* HSE_REQ_ABORTIVE_CLOSE */ "ISAPI ServerSupportFunction HSE_REQ_ABORTIVE_CLOSE" case 1015:
/* HSE_REQ_GET_CERT_INFO_EX Added in ISAPI 4.0 */ "ISAPI ServerSupportFunction " "HSE_REQ_GET_CERT_INFO_EX " case 1016:
/* HSE_REQ_SEND_RESPONSE_HEADER_EX Added in ISAPI 4.0 */ /* XXX: ignore shi->fKeepConn? We shouldn't need the advise */ /* r->connection->keepalive = shi->fKeepConn; */ case 1017:
/* HSE_REQ_CLOSE_CONNECTION Added after ISAPI 4.0 */ "ISAPI ServerSupportFunction " "HSE_REQ_CLOSE_CONNECTION " case 1018:
/* HSE_REQ_IS_CONNECTED Added after ISAPI 4.0 */ /* Returns True if client is connected c.f. MSKB Q188346 * assuming the identical return mechanism as HSE_REQ_IS_KEEP_CONN case 1020:
/* HSE_REQ_EXTENSION_TRIGGER Added after ISAPI 4.0 */ /* Undocumented - defined by the Microsoft Jan '00 Platform SDK "ISAPI ServerSupportFunction " "HSE_REQ_EXTENSION_TRIGGER " "ISAPI ServerSupportFunction (%d) not supported: " * Command handler for the ISAPIReadAheadBuffer directive, which is TAKE1 return "ISAPIReadAheadBuffer must be a legitimate value.";
* Command handler for the ISAPIReadAheadBuffer directive, which is TAKE1 return "ISAPILogNotSupported must be on or off";
return "ISAPIAppendLogToErrors must be on or off";
return "ISAPIAppendLogToQuery must be on or off";
"ISAPI: unable to stat(%s), skipping",
filename);
"ISAPI: %s isn't a regular file, skipping",
filename);
/* Load the extention as cached (passing sconf) */ "ISAPI: unable to cache %s, skipping",
filename);
/* Add to cached list of loaded modules */ "Maximum bytes to initially pass to the ISAPI handler"),
"Log requests not supported by the ISAPI server"),
"Send all Append Log requests to the error log"),
"Append Log requests are concatinated to the query args"),
"Cache the specified ISAPI extension in-process"),
NULL,
/* create per-dir config */ NULL,
/* merge per-dir config */ NULL,
/* merge server config */