mod_cgi.c revision 2fc50921b88defeb7127985dfe4b4130175e069e
957N/A/* ==================================================================== 957N/A * The Apache Software License, Version 1.1 957N/A * Copyright (c) 2000-2002 The Apache Software Foundation. All rights 957N/A * Redistribution and use in source and binary forms, with or without 957N/A * modification, are permitted provided that the following conditions * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * 4. The names "Apache" and "Apache Software Foundation" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact apache@apache.org. * 5. Products derived from this software may not be called "Apache", * nor may "Apache" appear in their name, without prior written * permission of the Apache Software Foundation. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * ==================================================================== * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * Portions of this software are based upon public domain software * originally written at the National Center for Supercomputing Applications, * University of Illinois, Urbana-Champaign. * http_script: keeps all script-related ramblings together. * Compliant to CGI/1.1 spec * Adapted by rst from original NCSA code by Rob McCool * Apache adds some new env vars; REDIRECT_URL and REDIRECT_QUERY_STRING for * custom error responses, and DOCUMENT_ROOT because we found it useful. * It also adds SERVER_ADMIN - useful for scripts to know who to mail when /* KLUDGE --- for back-combatibility, we don't have to check ExecCGI * in ScriptAliased directories, which means we need to know if this * request came through ScriptAlias or not... so the Alias module /* Configuration stuff */ "the name of a log for script debugging info"),
"the maximum length (in bytes) of the script debug log"),
"the maximum size (in bytes) to record of a POST request"),
/* XXX Very expensive mainline case! Open, then getfileinfo! */ /* Soak up stderr from a script and redirect it to the error log. /* XXX Very expensive mainline case! Open, then getfileinfo! */ /* Soak up script output */ /* This is the special environment used for running the "exec cmd=" * variety of SSI directives. const char *
const argv[],
/* Under OS/2 need to use device con. */ fprintf(
dbg,
"Attempting to exec %s as CGI child (argv0 = %s)\n",
else /* SSIs want a controlled environment and a special path. */ /* Transmute ourselves into the script. * NB only ISINDEX scripts get decoded arguments. /* Something bad happened, tell the world. */ "couldn't set child process attributes: %s", r->
filename);
/* Bad things happened. Everyone should have cleaned up. */ "couldn't create child process: %d: %s",
rc, r->
filename);
/* Allow suexec's "/" check to succeed */ /* count the number of keywords */ /* Everything is - 1 to account for the first parameter * which is the program name. /* 99 out of 100 CGI scripts, this is all they support */ "Options ExecCGI is off in this directory");
"attempt to include NPH CGI script");
"script not found or unable to stat");
"attempt to invoke directory as script");
"AcceptPathInfo off disallows user's path");
if (!ap_suexec_enabled) { if (!ap_can_exec(&r->finfo)) return log_scripterror(r, conf, HTTP_FORBIDDEN, 0, "file permissions deny server execution"); /* build the command line */ "don't know how to spawn child process: %s",
/* run the script in its own process */ "couldn't spawn child process: %s", r->
filename);
/* Transfer any put/post args, CERN style... * Note that we already ignore SIGPIPE in the core server. /* Keep writing data to the child until done or too much time * elapses with no progress or an error occurs. /* silly script stopped reading, soak up remaining message */ /* Handle script return... */ /* This redirect needs to be a GET no matter what the original /* We already read the message body (if any), so don't allow * the redirected request to think it has one. We can ignore * Transfer-Encoding, since we used REQUEST_CHUNKED_ERROR. /* XX Note that if a script wants to produce its own Redirect * body, it now has to explicitly *say* "Status: 302" /* get rid of all filters up through protocol... since we * haven't parsed off the headers, there is no way they can return OK;
/* NOT r->status, even if it has changed. */ /*============================================================================ *============================================================================ * This is the beginning of the cgi filter code moved from mod_include. This * is the code required to handle the "exec" SSI directive. *============================================================================ *============================================================================*/ /* No hardwired path info or query allowed */ /* Script gets parameters of the *document*, for back compatibility */ /* Force sub_req to be treated as a CGI request, even if ordinary * typing rules would have called it something else. /* XXX: if most of this stuff is going to get copied anyway, * it'd be more efficient to pstrcat it into a single pool buffer * and a single pool bucket */ sizeof(
"<A HREF=\"") -
1,
"don't know how to spawn cmd child process: %s",
/* run the script in its own process */ "couldn't spawn child process: %s", r->
filename);
/* We can't close the pipe here, because we may return before the * full CGI has been sent to the network. That's okay though, * because we can rely on the pool to close the pipe for us. "exec used but not allowed in %s", r->
filename);
"execution failure for parameter \"%s\" " "unknown parameter \"%s\" to tag exec in %s",
tag,
file);
/*============================================================================ *============================================================================ * This is the end of the cgi filter code moved from mod_include. *============================================================================ *============================================================================*/ /* Required by mod_include filter. This is how mod_cgi registers * with mod_include to provide processing of the exec directive. /* This is the means by which unusual (non-unix) os's may find alternate NULL,
/* dir config creater */ NULL,
/* dir merger --- default is to override */