PC Online 1999 April

home *** CD-ROM | disk | FTP | other *** search

/ PC Online 1999 April / PCO0499.ISO / filesbbs / os2 / apach134.arj / APACH134.ZIP / src / modules / standard / mod_include.c < prev next >

Wrap

C/C++ Source or Header | 1999-01-01 | 74.6 KB | 2,470 lines

/* ==================================================================== * Copyright (c) 1995-1999 The Apache Group. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the Apache Group * for use in the Apache HTTP server project (http://www.apache.org/)." * * 4. The names "Apache Server" and "Apache Group" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * apache@apache.org. * * 5. Products derived from this software may not be called "Apache" * nor may "Apache" appear in their names without prior written * permission of the Apache Group. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the Apache Group * for use in the Apache HTTP server project (http://www.apache.org/)." * * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Group and was originally based * on public domain software written at the National Center for * Supercomputing Applications, University of Illinois, Urbana-Champaign. * For more information on the Apache Group and the Apache HTTP server * project, please see <http://www.apache.org/>. * */ /* * http_include.c: Handles the server-parsed HTML documents * * Original by Rob McCool; substantial fixups by David Robinson; * incorporated into the Apache module framework by rst. * */ /* * sub key may be anything a Perl*Handler can be: * subroutine name, package name (defaults to package::handler), * Class->method call or anoymous sub {} * * Child  accessed *  times. <br> * *  * * -Doug MacEachern */ #ifdef USE_PERL_SSI #include "config.h" #undef VOIDUSED #ifdef USE_SFIO #undef USE_SFIO #define USE_STDIO #endif #include "modules/perl/mod_perl.h" #else #include "httpd.h" #include "http_config.h" #include "http_request.h" #include "http_core.h" #include "http_protocol.h" #include "http_log.h" #include "http_main.h" #include "util_script.h" #endif #define STARTING_SEQUENCE "" #define DEFAULT_ERROR_MSG "[an error occurred while processing this directive]" #define DEFAULT_TIME_FORMAT "%A, %d-%b-%Y %H:%M:%S %Z" #define SIZEFMT_BYTES 0 #define SIZEFMT_KMG 1 #ifdef CHARSET_EBCDIC #define RAW_ASCII_CHAR(ch) os_toebcdic[(unsigned char)ch] #else /*CHARSET_EBCDIC*/ #define RAW_ASCII_CHAR(ch) (ch) #endif /*CHARSET_EBCDIC*/ module MODULE_VAR_EXPORT includes_module; /* just need some arbitrary non-NULL pointer which can't also be a request_rec */ #define NESTED_INCLUDE_MAGIC (&includes_module) /* ------------------------ Environment function -------------------------- */ /* XXX: could use ap_table_overlap here */ static void add_include_vars(request_rec *r, char *timefmt) { #ifndef WIN32 struct passwd *pw; #endif /* ndef WIN32 */ table *e = r->subprocess_env; char *t; time_t date = r->request_time; ap_table_setn(e, "DATE_LOCAL", ap_ht_time(r->pool, date, timefmt, 0)); ap_table_setn(e, "DATE_GMT", ap_ht_time(r->pool, date, timefmt, 1)); ap_table_setn(e, "LAST_MODIFIED", ap_ht_time(r->pool, r->finfo.st_mtime, timefmt, 0)); ap_table_setn(e, "DOCUMENT_URI", r->uri); ap_table_setn(e, "DOCUMENT_PATH_INFO", r->path_info); #ifndef WIN32 pw = getpwuid(r->finfo.st_uid); if (pw) { ap_table_setn(e, "USER_NAME", ap_pstrdup(r->pool, pw->pw_name)); } else { ap_table_setn(e, "USER_NAME", ap_psprintf(r->pool, "user#%lu", (unsigned long) r->finfo.st_uid)); } #endif /* ndef WIN32 */ if ((t = strrchr(r->filename, '/'))) { ap_table_setn(e, "DOCUMENT_NAME", ++t); } else { ap_table_setn(e, "DOCUMENT_NAME", r->uri); } if (r->args) { char *arg_copy = ap_pstrdup(r->pool, r->args); ap_unescape_url(arg_copy); ap_table_setn(e, "QUERY_STRING_UNESCAPED", ap_escape_shell_cmd(r->pool, arg_copy)); } } /* --------------------------- Parser functions --------------------------- */ #define OUTBUFSIZE 4096 /* PUT_CHAR and FLUSH_BUF currently only work within the scope of * find_string(); they are hacks to avoid calling rputc for each and * every character output. A common set of buffering calls for this * type of output SHOULD be implemented. */ #define PUT_CHAR(c,r) \ { \ outbuf[outind++] = c; \ if (outind == OUTBUFSIZE) { \ FLUSH_BUF(r) \ }; \ } /* there SHOULD be some error checking on the return value of * rwrite, however it is unclear what the API for rwrite returning * errors is and little can really be done to help the error in * any case. */ #define FLUSH_BUF(r) \ { \ ap_rwrite(outbuf, outind, r); \ outind = 0; \ } /* * f: file handle being read from * c: character to read into * ret: return value to use if input fails * r: current request_rec * * This macro is redefined after find_string() for historical reasons * to avoid too many code changes. This is one of the many things * that should be fixed. */ #define GET_CHAR(f,c,ret,r) \ { \ int i = getc(f); \ if (i == EOF) { /* either EOF or error -- needs error handling if latter */ \ if (ferror(f)) { \ fprintf(stderr, "encountered error in GET_CHAR macro, " \ "mod_include.\n"); \ } \ FLUSH_BUF(r); \ ap_pfclose(r->pool, f); \ return ret; \ } \ c = (char)i; \ } static int find_string(FILE *in, const char *str, request_rec *r, int printing) { int x, l = strlen(str), p; char outbuf[OUTBUFSIZE]; int outind = 0; char c; p = 0; while (1) { GET_CHAR(in, c, 1, r); if (c == str[p]) { if ((++p) == l) { FLUSH_BUF(r); return 0; } } else { if (printing) { for (x = 0; x < p; x++) { PUT_CHAR(str[x], r); } PUT_CHAR(c, r); } p = 0; } } } #undef FLUSH_BUF #undef PUT_CHAR #undef GET_CHAR #define GET_CHAR(f,c,r,p) \ { \ int i = getc(f); \ if (i == EOF) { /* either EOF or error -- needs error handling if latter */ \ if (ferror(f)) { \ fprintf(stderr, "encountered error in GET_CHAR macro, " \ "mod_include.\n"); \ } \ ap_pfclose(p, f); \ return r; \ } \ c = (char)i; \ } /* * decodes a string containing html entities or numeric character references. * 's' is overwritten with the decoded string. * If 's' is syntatically incorrect, then the followed fixups will be made: * unknown entities will be left undecoded; * references to unused numeric characters will be deleted. * In particular, � will not be decoded, but will be deleted. * * drtr */ /* maximum length of any ISO-LATIN-1 HTML entity name. */ #define MAXENTLEN (6) /* The following is a shrinking transformation, therefore safe. */ static void decodehtml(char *s) { int val, i, j; char *p = s; const char *ents; static const char * const entlist[MAXENTLEN + 1] = { NULL, /* 0 */ NULL, /* 1 */ "lt\074gt\076", /* 2 */ "amp\046ETH\320eth\360", /* 3 */ "quot\042Auml\304Euml\313Iuml\317Ouml\326Uuml\334auml\344euml\353\ iuml\357ouml\366uuml\374yuml\377", /* 4 */ "Acirc\302Aring\305AElig\306Ecirc\312Icirc\316Ocirc\324Ucirc\333\ THORN\336szlig\337acirc\342aring\345aelig\346ecirc\352icirc\356ocirc\364\ ucirc\373thorn\376", /* 5 */ "Agrave\300Aacute\301Atilde\303Ccedil\307Egrave\310Eacute\311\ Igrave\314Iacute\315Ntilde\321Ograve\322Oacute\323Otilde\325Oslash\330\ Ugrave\331Uacute\332Yacute\335agrave\340aacute\341atilde\343ccedil\347\ egrave\350eacute\351igrave\354iacute\355ntilde\361ograve\362oacute\363\ otilde\365oslash\370ugrave\371uacute\372yacute\375" /* 6 */ }; for (; *s != '\0'; s++, p++) { if (*s != '&') { *p = *s; continue; } /* find end of entity */ for (i = 1; s[i] != ';' && s[i] != '\0'; i++) { continue; } if (s[i] == '\0') { /* treat as normal data */ *p = *s; continue; } /* is it numeric ? */ if (s[1] == '#') { for (j = 2, val = 0; j < i && ap_isdigit(s[j]); j++) { val = val * 10 + s[j] - '0'; } s += i; if (j < i || val <= 8 || (val >= 11 && val <= 31) || (val >= 127 && val <= 160) || val >= 256) { p--; /* no data to output */ } else { *p = RAW_ASCII_CHAR(val); } } else { j = i - 1; if (j > MAXENTLEN || entlist[j] == NULL) { /* wrong length */ *p = '&'; continue; /* skip it */ } for (ents = entlist[j]; *ents != '\0'; ents += i) { if (strncmp(s + 1, ents, j) == 0) { break; } } if (*ents == '\0') { *p = '&'; /* unknown */ } else { *p = RAW_ASCII_CHAR(((const unsigned char *) ents)[j]); s += i; } } } *p = '\0'; } /* * extract the next tag name and value. * if there are no more tags, set the tag name to 'done' * the tag value is html decoded if dodecode is non-zero */ static char *get_tag(pool *p, FILE *in, char *tag, int tagbuf_len, int dodecode) { char *t = tag, *tag_val, c, term; /* makes code below a little less cluttered */ --tagbuf_len; do { /* skip whitespace */ GET_CHAR(in, c, NULL, p); } while (ap_isspace(c)); /* tags can't start with - */ if (c == '-') { GET_CHAR(in, c, NULL, p); if (c == '-') { do { GET_CHAR(in, c, NULL, p); } while (ap_isspace(c)); if (c == '>') { ap_cpystrn(tag, "done", tagbuf_len); return tag; } } return NULL; /* failed */ } /* find end of tag name */ while (1) { if (t - tag == tagbuf_len) { *t = '\0'; return NULL; } if (c == '=' || ap_isspace(c)) { break; } *(t++) = ap_tolower(c); GET_CHAR(in, c, NULL, p); } *t++ = '\0'; tag_val = t; while (ap_isspace(c)) { GET_CHAR(in, c, NULL, p); /* space before = */ } if (c != '=') { ungetc(c, in); return NULL; } do { GET_CHAR(in, c, NULL, p); /* space after = */ } while (ap_isspace(c)); /* we should allow a 'name' as a value */ if (c != '"' && c != '\'') { return NULL; } term = c; while (1) { GET_CHAR(in, c, NULL, p); if (t - tag == tagbuf_len) { *t = '\0'; return NULL; } /* Want to accept \" as a valid character within a string. */ if (c == '\\') { *(t++) = c; /* Add backslash */ GET_CHAR(in, c, NULL, p); if (c == term) { /* Only if */ *(--t) = c; /* Replace backslash ONLY for terminator */ } } else if (c == term) { break; } *(t++) = c; } *t = '\0'; if (dodecode) { decodehtml(tag_val); } return ap_pstrdup(p, tag_val); } static int get_directive(FILE *in, char *dest, size_t len, pool *p) { char *d = dest; char c; /* make room for nul terminator */ --len; /* skip initial whitespace */ while (1) { GET_CHAR(in, c, 1, p); if (!ap_isspace(c)) { break; } } /* now get directive */ while (1) { if (d - dest == len) { return 1; } *d++ = ap_tolower(c); GET_CHAR(in, c, 1, p); if (ap_isspace(c)) { break; } } *d = '\0'; return 0; } /* * Do variable substitution on strings */ static void parse_string(request_rec *r, const char *in, char *out, size_t length, int leave_name) { char ch; char *next = out; char *end_out; /* leave room for nul terminator */ end_out = out + length - 1; while ((ch = *in++) != '\0') { switch (ch) { case '\\': if (next == end_out) { /* truncated */ *next = '\0'; return; } if (*in == '$') { *next++ = *in++; } else { *next++ = ch; } break; case '$': { char var[MAX_STRING_LEN]; const char *start_of_var_name; const char *end_of_var_name; /* end of var name + 1 */ const char *expansion; const char *val; size_t l; /* guess that the expansion won't happen */ expansion = in - 1; if (*in == '{') { ++in; start_of_var_name = in; in = strchr(in, '}'); if (in == NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Missing '}' on variable \"%s\"", expansion); *next = '\0'; return; } end_of_var_name = in; ++in; } else { start_of_var_name = in; while (ap_isalnum(*in) || *in == '_') { ++in; } end_of_var_name = in; } /* what a pain, too bad there's no table_getn where you can * pass a non-nul terminated string */ l = end_of_var_name - start_of_var_name; if (l != 0) { l = (l > sizeof(var) - 1) ? (sizeof(var) - 1) : l; memcpy(var, start_of_var_name, l); var[l] = '\0'; val = ap_table_get(r->subprocess_env, var); if (val) { expansion = val; l = strlen(expansion); } else if (leave_name) { l = in - expansion; } else { break; /* no expansion to be done */ } } else { /* zero-length variable name causes just the $ to be copied */ l = 1; } l = (l > end_out - next) ? (end_out - next) : l; memcpy(next, expansion, l); next += l; break; } default: if (next == end_out) { /* truncated */ *next = '\0'; return; } *next++ = ch; break; } } *next = '\0'; return; } /* --------------------------- Action handlers ---------------------------- */ static int include_cgi(char *s, request_rec *r) { request_rec *rr = ap_sub_req_lookup_uri(s, r); int rr_status; if (rr->status != HTTP_OK) { return -1; } /* No hardwired path info or query allowed */ if ((rr->path_info && rr->path_info[0]) || rr->args) { return -1; } if (rr->finfo.st_mode == 0) { return -1; } /* Script gets parameters of the *document*, for back compatibility */ rr->path_info = r->path_info; /* hard to get right; see mod_cgi.c */ rr->args = r->args; /* Force sub_req to be treated as a CGI request, even if ordinary * typing rules would have called it something else. */ rr->content_type = CGI_MAGIC_TYPE; /* Run it. */ rr_status = ap_run_sub_req(rr); if (ap_is_HTTP_REDIRECT(rr_status)) { const char *location = ap_table_get(rr->headers_out, "Location"); location = ap_escape_html(rr->pool, location); ap_rvputs(r, "<A HREF=\"", location, "\">", location, "</A>", NULL); } ap_destroy_sub_req(rr); #ifndef WIN32 ap_chdir_file(r->filename); #endif return 0; } /* ensure that path is relative, and does not contain ".." elements * ensentially ensure that it does not match the regex: * (^/|(^|/)\.\.(/|$)) * XXX: this needs os abstraction... consider c:..\foo in win32 */ static int is_only_below(const char *path) { #if WIN32 if (path[1] == ':') return 0; #endif if (path[0] == '/') { return 0; } if (path[0] == '.' && path[1] == '.' && (path[2] == '\0' || path[2] == '/')) { return 0; } while (*path) { if (*path == '/' && path[1] == '.' && path[2] == '.' && (path[3] == '\0' || path[3] == '/')) { return 0; } ++path; } return 1; } static int handle_include(FILE *in, request_rec *r, const char *error, int noexec) { char tag[MAX_STRING_LEN]; char parsed_string[MAX_STRING_LEN]; char *tag_val; while (1) { if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) { return 1; } if (!strcmp(tag, "file") || !strcmp(tag, "virtual")) { request_rec *rr = NULL; char *error_fmt = NULL; parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 0); if (tag[0] == 'f') { /* be safe; only files in this directory or below allowed */ if (!is_only_below(parsed_string)) { error_fmt = "unable to include file \"%s\" " "in parsed file %s"; } else { rr = ap_sub_req_lookup_file(parsed_string, r); } } else { rr = ap_sub_req_lookup_uri(parsed_string, r); } if (!error_fmt && rr->status != HTTP_OK) { error_fmt = "unable to include \"%s\" in parsed file %s"; } if (!error_fmt && noexec && rr->content_type && (strncmp(rr->content_type, "text/", 5))) { error_fmt = "unable to include potential exec \"%s\" " "in parsed file %s"; } if (error_fmt == NULL) { /* try to avoid recursive includes. We do this by walking * up the r->main list of subrequests, and at each level * walking back through any internal redirects. At each * step, we compare the filenames and the URIs. * * The filename comparison catches a recursive include * with an ever-changing URL, eg. *  * which, although they would eventually be caught because * we have a limit on the length of files, etc., can * recurse for a while. * * The URI comparison catches the case where the filename * is changed while processing the request, so the * current name is never the same as any previous one. * This can happen with "DocumentRoot /foo" when you * request "/" on the server and it includes "/". * This only applies to modules such as mod_dir that * (somewhat improperly) mess with r->filename outside * of a filename translation phase. */ int founddupe = 0; request_rec *p; for (p = r; p != NULL && !founddupe; p = p->main) { request_rec *q; for (q = p; q != NULL; q = q->prev) { if ( (strcmp(q->filename, rr->filename) == 0) || (strcmp(q->uri, rr->uri) == 0) ){ founddupe = 1; break; } } } if (p != NULL) { error_fmt = "Recursive include of \"%s\" " "in parsed file %s"; } } /* see the Kludge in send_parsed_file for why */ if (rr) ap_set_module_config(rr->request_config, &includes_module, r); if (!error_fmt && ap_run_sub_req(rr)) { error_fmt = "unable to include \"%s\" in parsed file %s"; } #ifndef WIN32 ap_chdir_file(r->filename); #endif if (error_fmt) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, error_fmt, tag_val, r->filename); ap_rputs(error, r); } /* destroy the sub request if it's not a nested include */ if (rr != NULL && ap_get_module_config(rr->request_config, &includes_module) != NESTED_INCLUDE_MAGIC) { ap_destroy_sub_req(rr); } } else if (!strcmp(tag, "done")) { return 0; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown parameter \"%s\" to tag include in %s", tag, r->filename); ap_rputs(error, r); } } } typedef struct { request_rec *r; char *s; } include_cmd_arg; static int include_cmd_child(void *arg, child_info *pinfo) { request_rec *r = ((include_cmd_arg *) arg)->r; char *s = ((include_cmd_arg *) arg)->s; table *env = r->subprocess_env; int child_pid = 0; #ifdef DEBUG_INCLUDE_CMD #ifdef OS2 /* under OS/2 /dev/tty is referenced as con */ FILE *dbg = fopen("con", "w"); #else FILE *dbg = fopen("/dev/tty", "w"); #endif #endif #ifndef WIN32 char err_string[MAX_STRING_LEN]; #endif #ifdef DEBUG_INCLUDE_CMD fprintf(dbg, "Attempting to include command '%s'\n", s); #endif if (r->path_info && r->path_info[0] != '\0') { request_rec *pa_req; ap_table_setn(env, "PATH_INFO", ap_escape_shell_cmd(r->pool, r->path_info)); pa_req = ap_sub_req_lookup_uri(ap_escape_uri(r->pool, r->path_info), r); if (pa_req->filename) { ap_table_setn(env, "PATH_TRANSLATED", ap_pstrcat(r->pool, pa_req->filename, pa_req->path_info, NULL)); } } if (r->args) { char *arg_copy = ap_pstrdup(r->pool, r->args); ap_table_setn(env, "QUERY_STRING", r->args); ap_unescape_url(arg_copy); ap_table_setn(env, "QUERY_STRING_UNESCAPED", ap_escape_shell_cmd(r->pool, arg_copy)); } ap_error_log2stderr(r->server); #ifdef DEBUG_INCLUDE_CMD fprintf(dbg, "Attempting to exec '%s'\n", s); #endif ap_cleanup_for_exec(); /* set shellcmd flag to pass arg to SHELL_PATH */ child_pid = ap_call_exec(r, pinfo, s, ap_create_environment(r->pool, env), 1); #ifdef WIN32 return (child_pid); #else /* Oh, drat. We're still here. The log file descriptors are closed, * so we have to whimper a complaint onto stderr... */ #ifdef DEBUG_INCLUDE_CMD fprintf(dbg, "Exec failed\n"); #endif ap_snprintf(err_string, sizeof(err_string), "exec of %s failed, reason: %s (errno = %d)\n", SHELL_PATH, strerror(errno), errno); write(STDERR_FILENO, err_string, strlen(err_string)); exit(0); /* NOT REACHED */ return (child_pid); #endif /* WIN32 */ } static int include_cmd(char *s, request_rec *r) { include_cmd_arg arg; BUFF *script_in; arg.r = r; arg.s = s; if (!ap_bspawn_child(r->pool, include_cmd_child, &arg, kill_after_timeout, NULL, &script_in, NULL)) { ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "couldn't spawn include command"); return -1; } ap_send_fb(script_in, r); ap_bclose(script_in); return 0; } static int handle_exec(FILE *in, request_rec *r, const char *error) { char tag[MAX_STRING_LEN]; char *tag_val; char *file = r->filename; char parsed_string[MAX_STRING_LEN]; while (1) { if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) { return 1; } if (!strcmp(tag, "cmd")) { parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 1); if (include_cmd(parsed_string, r) == -1) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "execution failure for parameter \"%s\" " "to tag exec in file %s", tag, r->filename); ap_rputs(error, r); } /* just in case some stooge changed directories */ #ifndef WIN32 ap_chdir_file(r->filename); #endif } else if (!strcmp(tag, "cgi")) { parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 0); if (include_cgi(parsed_string, r) == -1) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "invalid CGI ref \"%s\" in %s", tag_val, file); ap_rputs(error, r); } /* grumble groan */ #ifndef WIN32 ap_chdir_file(r->filename); #endif } else if (!strcmp(tag, "done")) { return 0; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown parameter \"%s\" to tag exec in %s", tag, file); ap_rputs(error, r); } } } static int handle_echo(FILE *in, request_rec *r, const char *error) { char tag[MAX_STRING_LEN]; char *tag_val; while (1) { if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) { return 1; } if (!strcmp(tag, "var")) { const char *val = ap_table_get(r->subprocess_env, tag_val); if (val) { ap_rputs(val, r); } else { ap_rputs("(none)", r); } } else if (!strcmp(tag, "done")) { return 0; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown parameter \"%s\" to tag echo in %s", tag, r->filename); ap_rputs(error, r); } } } #ifdef USE_PERL_SSI static int handle_perl(FILE *in, request_rec *r, const char *error) { char tag[MAX_STRING_LEN]; char parsed_string[MAX_STRING_LEN]; char *tag_val; SV *sub = Nullsv; AV *av = newAV(); if (ap_allow_options(r) & OPT_INCNOEXEC) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "#perl SSI disallowed by IncludesNoExec in %s", r->filename); return DECLINED; } while (1) { if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) { break; } if (strnEQ(tag, "sub", 3)) { sub = newSVpv(tag_val, 0); } else if (strnEQ(tag, "arg", 3)) { parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 0); av_push(av, newSVpv(parsed_string, 0)); } else if (strnEQ(tag, "done", 4)) { break; } } perl_stdout2client(r); perl_setup_env(r); perl_call_handler(sub, r, av); return OK; } #endif /* error and tf must point to a string with room for at * least MAX_STRING_LEN characters */ static int handle_config(FILE *in, request_rec *r, char *error, char *tf, int *sizefmt) { char tag[MAX_STRING_LEN]; char *tag_val; char parsed_string[MAX_STRING_LEN]; table *env = r->subprocess_env; while (1) { if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 0))) { return 1; } if (!strcmp(tag, "errmsg")) { parse_string(r, tag_val, error, MAX_STRING_LEN, 0); } else if (!strcmp(tag, "timefmt")) { time_t date = r->request_time; parse_string(r, tag_val, tf, MAX_STRING_LEN, 0); ap_table_setn(env, "DATE_LOCAL", ap_ht_time(r->pool, date, tf, 0)); ap_table_setn(env, "DATE_GMT", ap_ht_time(r->pool, date, tf, 1)); ap_table_setn(env, "LAST_MODIFIED", ap_ht_time(r->pool, r->finfo.st_mtime, tf, 0)); } else if (!strcmp(tag, "sizefmt")) { parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 0); decodehtml(parsed_string); if (!strcmp(parsed_string, "bytes")) { *sizefmt = SIZEFMT_BYTES; } else if (!strcmp(parsed_string, "abbrev")) { *sizefmt = SIZEFMT_KMG; } } else if (!strcmp(tag, "done")) { return 0; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown parameter \"%s\" to tag config in %s", tag, r->filename); ap_rputs(error, r); } } } static int find_file(request_rec *r, const char *directive, const char *tag, char *tag_val, struct stat *finfo, const char *error) { char *to_send; request_rec *rr; int ret=0; if (!strcmp(tag, "file")) { ap_getparents(tag_val); /* get rid of any nasties */ rr = ap_sub_req_lookup_file(tag_val, r); if (rr->status == HTTP_OK && rr->finfo.st_mode != 0) { to_send = rr->filename; if ((ret = stat(to_send, finfo)) == -1) { ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "unable to get information about \"%s\" " "in parsed file %s", to_send, r->filename); ap_rputs(error, r); } } else { ret = -1; ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "unable to lookup information about \"%s\" " "in parsed file %s", tag_val, r->filename); ap_rputs(error, r); } ap_destroy_sub_req(rr); return ret; } else if (!strcmp(tag, "virtual")) { rr = ap_sub_req_lookup_uri(tag_val, r); if (rr->status == HTTP_OK && rr->finfo.st_mode != 0) { memcpy((char *) finfo, (const char *) &rr->finfo, sizeof(struct stat)); ap_destroy_sub_req(rr); return 0; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unable to get information about \"%s\" " "in parsed file %s", tag_val, r->filename); ap_rputs(error, r); ap_destroy_sub_req(rr); return -1; } } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown parameter \"%s\" to tag %s in %s", tag, directive, r->filename); ap_rputs(error, r); return -1; } } static int handle_fsize(FILE *in, request_rec *r, const char *error, int sizefmt) { char tag[MAX_STRING_LEN]; char *tag_val; struct stat finfo; char parsed_string[MAX_STRING_LEN]; while (1) { if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) { return 1; } else if (!strcmp(tag, "done")) { return 0; } else { parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 0); if (!find_file(r, "fsize", tag, parsed_string, &finfo, error)) { if (sizefmt == SIZEFMT_KMG) { ap_send_size(finfo.st_size, r); } else { int l, x; #if defined(BSD) && BSD > 199305 /* ap_snprintf can't handle %qd */ sprintf(tag, "%qd", finfo.st_size); #else ap_snprintf(tag, sizeof(tag), "%ld", finfo.st_size); #endif l = strlen(tag); /* grrr */ for (x = 0; x < l; x++) { if (x && (!((l - x) % 3))) { ap_rputc(',', r); } ap_rputc(tag[x], r); } } } } } } static int handle_flastmod(FILE *in, request_rec *r, const char *error, const char *tf) { char tag[MAX_STRING_LEN]; char *tag_val; struct stat finfo; char parsed_string[MAX_STRING_LEN]; while (1) { if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) { return 1; } else if (!strcmp(tag, "done")) { return 0; } else { parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 0); if (!find_file(r, "flastmod", tag, parsed_string, &finfo, error)) { ap_rputs(ap_ht_time(r->pool, finfo.st_mtime, tf, 0), r); } } } } static int re_check(request_rec *r, char *string, char *rexp) { regex_t *compiled; int regex_error; compiled = ap_pregcomp(r->pool, rexp, REG_EXTENDED | REG_NOSUB); if (compiled == NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unable to compile pattern \"%s\"", rexp); return -1; } regex_error = regexec(compiled, string, 0, (regmatch_t *) NULL, 0); ap_pregfree(r->pool, compiled); return (!regex_error); } enum token_type { token_string, token_and, token_or, token_not, token_eq, token_ne, token_rbrace, token_lbrace, token_group, token_ge, token_le, token_gt, token_lt }; struct token { enum token_type type; char value[MAX_STRING_LEN]; }; /* there is an implicit assumption here that string is at most MAX_STRING_LEN-1 * characters long... */ static const char *get_ptoken(request_rec *r, const char *string, struct token *token) { char ch; int next = 0; int qs = 0; /* Skip leading white space */ if (string == (char *) NULL) { return (char *) NULL; } while ((ch = *string++)) { if (!ap_isspace(ch)) { break; } } if (ch == '\0') { return (char *) NULL; } token->type = token_string; /* the default type */ switch (ch) { case '(': token->type = token_lbrace; return (string); case ')': token->type = token_rbrace; return (string); case '=': token->type = token_eq; return (string); case '!': if (*string == '=') { token->type = token_ne; return (string + 1); } else { token->type = token_not; return (string); } case '\'': token->type = token_string; qs = 1; break; case '|': if (*string == '|') { token->type = token_or; return (string + 1); } break; case '&': if (*string == '&') { token->type = token_and; return (string + 1); } break; case '>': if (*string == '=') { token->type = token_ge; return (string + 1); } else { token->type = token_gt; return (string); } case '<': if (*string == '=') { token->type = token_le; return (string + 1); } else { token->type = token_lt; return (string); } default: token->type = token_string; break; } /* We should only be here if we are in a string */ if (!qs) { token->value[next++] = ch; } /* * Yes I know that goto's are BAD. But, c doesn't allow me to * exit a loop from a switch statement. Yes, I could use a flag, * but that is (IMHO) even less readable/maintainable than the goto. */ /* * I used the ++string throughout this section so that string * ends up pointing to the next token and I can just return it */ for (ch = *string; ch != '\0'; ch = *++string) { if (ch == '\\') { if ((ch = *++string) == '\0') { goto TOKEN_DONE; } token->value[next++] = ch; continue; } if (!qs) { if (ap_isspace(ch)) { goto TOKEN_DONE; } switch (ch) { case '(': goto TOKEN_DONE; case ')': goto TOKEN_DONE; case '=': goto TOKEN_DONE; case '!': goto TOKEN_DONE; case '|': if (*(string + 1) == '|') { goto TOKEN_DONE; } break; case '&': if (*(string + 1) == '&') { goto TOKEN_DONE; } break; case '<': goto TOKEN_DONE; case '>': goto TOKEN_DONE; } token->value[next++] = ch; } else { if (ch == '\'') { qs = 0; ++string; goto TOKEN_DONE; } token->value[next++] = ch; } } TOKEN_DONE: /* If qs is still set, I have an unmatched ' */ if (qs) { ap_rputs("\nUnmatched '\n", r); next = 0; } token->value[next] = '\0'; return (string); } /* * Hey I still know that goto's are BAD. I don't think that I've ever * used two in the same project, let alone the same file before. But, * I absolutely want to make sure that I clean up the memory in all * cases. And, without rewriting this completely, the easiest way * is to just branch to the return code which cleans it up. */ /* there is an implicit assumption here that expr is at most MAX_STRING_LEN-1 * characters long... */ static int parse_expr(request_rec *r, const char *expr, const char *error) { struct parse_node { struct parse_node *left, *right, *parent; struct token token; int value, done; } *root, *current, *new; const char *parse; char buffer[MAX_STRING_LEN]; pool *expr_pool; int retval = 0; if ((parse = expr) == (char *) NULL) { return (0); } root = current = (struct parse_node *) NULL; expr_pool = ap_make_sub_pool(r->pool); /* Create Parse Tree */ while (1) { new = (struct parse_node *) ap_palloc(expr_pool, sizeof(struct parse_node)); new->parent = new->left = new->right = (struct parse_node *) NULL; new->done = 0; if ((parse = get_ptoken(r, parse, &new->token)) == (char *) NULL) { break; } switch (new->token.type) { case token_string: #ifdef DEBUG_INCLUDE ap_rvputs(r, " Token: string (", new->token.value, ")\n", NULL); #endif if (current == (struct parse_node *) NULL) { root = current = new; break; } switch (current->token.type) { case token_string: if (current->token.value[0] != '\0') { strncat(current->token.value, " ", sizeof(current->token.value) - strlen(current->token.value) - 1); } strncat(current->token.value, new->token.value, sizeof(current->token.value) - strlen(current->token.value) - 1); current->token.value[sizeof(current->token.value) - 1] = '\0'; break; case token_eq: case token_ne: case token_and: case token_or: case token_lbrace: case token_not: case token_ge: case token_gt: case token_le: case token_lt: new->parent = current; current = current->right = new; break; default: ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } break; case token_and: case token_or: #ifdef DEBUG_INCLUDE ap_rputs(" Token: and/or\n", r); #endif if (current == (struct parse_node *) NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } /* Percolate upwards */ while (current != (struct parse_node *) NULL) { switch (current->token.type) { case token_string: case token_group: case token_not: case token_eq: case token_ne: case token_and: case token_or: case token_ge: case token_gt: case token_le: case token_lt: current = current->parent; continue; case token_lbrace: break; default: ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } break; } if (current == (struct parse_node *) NULL) { new->left = root; new->left->parent = new; new->parent = (struct parse_node *) NULL; root = new; } else { new->left = current->right; current->right = new; new->parent = current; } current = new; break; case token_not: #ifdef DEBUG_INCLUDE ap_rputs(" Token: not\n", r); #endif if (current == (struct parse_node *) NULL) { root = current = new; break; } /* Percolate upwards */ while (current != (struct parse_node *) NULL) { switch (current->token.type) { case token_not: case token_eq: case token_ne: case token_and: case token_or: case token_lbrace: case token_ge: case token_gt: case token_le: case token_lt: break; default: ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } break; } if (current == (struct parse_node *) NULL) { new->left = root; new->left->parent = new; new->parent = (struct parse_node *) NULL; root = new; } else { new->left = current->right; current->right = new; new->parent = current; } current = new; break; case token_eq: case token_ne: case token_ge: case token_gt: case token_le: case token_lt: #ifdef DEBUG_INCLUDE ap_rputs(" Token: eq/ne/ge/gt/le/lt\n", r); #endif if (current == (struct parse_node *) NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } /* Percolate upwards */ while (current != (struct parse_node *) NULL) { switch (current->token.type) { case token_string: case token_group: current = current->parent; continue; case token_lbrace: case token_and: case token_or: break; case token_not: case token_eq: case token_ne: case token_ge: case token_gt: case token_le: case token_lt: default: ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } break; } if (current == (struct parse_node *) NULL) { new->left = root; new->left->parent = new; new->parent = (struct parse_node *) NULL; root = new; } else { new->left = current->right; current->right = new; new->parent = current; } current = new; break; case token_rbrace: #ifdef DEBUG_INCLUDE ap_rputs(" Token: rbrace\n", r); #endif while (current != (struct parse_node *) NULL) { if (current->token.type == token_lbrace) { current->token.type = token_group; break; } current = current->parent; } if (current == (struct parse_node *) NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Unmatched ')' in \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } break; case token_lbrace: #ifdef DEBUG_INCLUDE ap_rputs(" Token: lbrace\n", r); #endif if (current == (struct parse_node *) NULL) { root = current = new; break; } /* Percolate upwards */ while (current != (struct parse_node *) NULL) { switch (current->token.type) { case token_not: case token_eq: case token_ne: case token_and: case token_or: case token_lbrace: case token_ge: case token_gt: case token_le: case token_lt: break; case token_string: case token_group: default: ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } break; } if (current == (struct parse_node *) NULL) { new->left = root; new->left->parent = new; new->parent = (struct parse_node *) NULL; root = new; } else { new->left = current->right; current->right = new; new->parent = current; } current = new; break; default: break; } } /* Evaluate Parse Tree */ current = root; while (current != (struct parse_node *) NULL) { switch (current->token.type) { case token_string: #ifdef DEBUG_INCLUDE ap_rputs(" Evaluate string\n", r); #endif parse_string(r, current->token.value, buffer, sizeof(buffer), 0); ap_cpystrn(current->token.value, buffer, sizeof(current->token.value)); current->value = (current->token.value[0] != '\0'); current->done = 1; current = current->parent; break; case token_and: case token_or: #ifdef DEBUG_INCLUDE ap_rputs(" Evaluate and/or\n", r); #endif if (current->left == (struct parse_node *) NULL || current->right == (struct parse_node *) NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } if (!current->left->done) { switch (current->left->token.type) { case token_string: parse_string(r, current->left->token.value, buffer, sizeof(buffer), 0); ap_cpystrn(current->left->token.value, buffer, sizeof(current->left->token.value)); current->left->value = (current->left->token.value[0] != '\0'); current->left->done = 1; break; default: current = current->left; continue; } } if (!current->right->done) { switch (current->right->token.type) { case token_string: parse_string(r, current->right->token.value, buffer, sizeof(buffer), 0); ap_cpystrn(current->right->token.value, buffer, sizeof(current->right->token.value)); current->right->value = (current->right->token.value[0] != '\0'); current->right->done = 1; break; default: current = current->right; continue; } } #ifdef DEBUG_INCLUDE ap_rvputs(r, " Left: ", current->left->value ? "1" : "0", "\n", NULL); ap_rvputs(r, " Right: ", current->right->value ? "1" : "0", "\n", NULL); #endif if (current->token.type == token_and) { current->value = current->left->value && current->right->value; } else { current->value = current->left->value || current->right->value; } #ifdef DEBUG_INCLUDE ap_rvputs(r, " Returning ", current->value ? "1" : "0", "\n", NULL); #endif current->done = 1; current = current->parent; break; case token_eq: case token_ne: #ifdef DEBUG_INCLUDE ap_rputs(" Evaluate eq/ne\n", r); #endif if ((current->left == (struct parse_node *) NULL) || (current->right == (struct parse_node *) NULL) || (current->left->token.type != token_string) || (current->right->token.type != token_string)) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } parse_string(r, current->left->token.value, buffer, sizeof(buffer), 0); ap_cpystrn(current->left->token.value, buffer, sizeof(current->left->token.value)); parse_string(r, current->right->token.value, buffer, sizeof(buffer), 0); ap_cpystrn(current->right->token.value, buffer, sizeof(current->right->token.value)); if (current->right->token.value[0] == '/') { int len; len = strlen(current->right->token.value); if (current->right->token.value[len - 1] == '/') { current->right->token.value[len - 1] = '\0'; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid rexp \"%s\" in file %s", current->right->token.value, r->filename); ap_rputs(error, r); goto RETURN; } #ifdef DEBUG_INCLUDE ap_rvputs(r, " Re Compare (", current->left->token.value, ") with /", ¤t->right->token.value[1], "/\n", NULL); #endif current->value = re_check(r, current->left->token.value, ¤t->right->token.value[1]); } else { #ifdef DEBUG_INCLUDE ap_rvputs(r, " Compare (", current->left->token.value, ") with (", current->right->token.value, ")\n", NULL); #endif current->value = (strcmp(current->left->token.value, current->right->token.value) == 0); } if (current->token.type == token_ne) { current->value = !current->value; } #ifdef DEBUG_INCLUDE ap_rvputs(r, " Returning ", current->value ? "1" : "0", "\n", NULL); #endif current->done = 1; current = current->parent; break; case token_ge: case token_gt: case token_le: case token_lt: #ifdef DEBUG_INCLUDE ap_rputs(" Evaluate ge/gt/le/lt\n", r); #endif if ((current->left == (struct parse_node *) NULL) || (current->right == (struct parse_node *) NULL) || (current->left->token.type != token_string) || (current->right->token.type != token_string)) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid expression \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; } parse_string(r, current->left->token.value, buffer, sizeof(buffer), 0); ap_cpystrn(current->left->token.value, buffer, sizeof(current->left->token.value)); parse_string(r, current->right->token.value, buffer, sizeof(buffer), 0); ap_cpystrn(current->right->token.value, buffer, sizeof(current->right->token.value)); #ifdef DEBUG_INCLUDE ap_rvputs(r, " Compare (", current->left->token.value, ") with (", current->right->token.value, ")\n", NULL); #endif current->value = strcmp(current->left->token.value, current->right->token.value); if (current->token.type == token_ge) { current->value = current->value >= 0; } else if (current->token.type == token_gt) { current->value = current->value > 0; } else if (current->token.type == token_le) { current->value = current->value <= 0; } else if (current->token.type == token_lt) { current->value = current->value < 0; } else { current->value = 0; /* Don't return -1 if unknown token */ } #ifdef DEBUG_INCLUDE ap_rvputs(r, " Returning ", current->value ? "1" : "0", "\n", NULL); #endif current->done = 1; current = current->parent; break; case token_not: if (current->right != (struct parse_node *) NULL) { if (!current->right->done) { current = current->right; continue; } current->value = !current->right->value; } else { current->value = 0; } #ifdef DEBUG_INCLUDE ap_rvputs(r, " Evaluate !: ", current->value ? "1" : "0", "\n", NULL); #endif current->done = 1; current = current->parent; break; case token_group: if (current->right != (struct parse_node *) NULL) { if (!current->right->done) { current = current->right; continue; } current->value = current->right->value; } else { current->value = 1; } #ifdef DEBUG_INCLUDE ap_rvputs(r, " Evaluate (): ", current->value ? "1" : "0", "\n", NULL); #endif current->done = 1; current = current->parent; break; case token_lbrace: ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Unmatched '(' in \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; case token_rbrace: ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Unmatched ')' in \"%s\" in file %s", expr, r->filename); ap_rputs(error, r); goto RETURN; default: ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "bad token type"); ap_rputs(error, r); goto RETURN; } } retval = (root == (struct parse_node *) NULL) ? 0 : root->value; RETURN: ap_destroy_pool(expr_pool); return (retval); } static int handle_if(FILE *in, request_rec *r, const char *error, int *conditional_status, int *printing) { char tag[MAX_STRING_LEN]; char *tag_val; char *expr; expr = NULL; while (1) { tag_val = get_tag(r->pool, in, tag, sizeof(tag), 0); if (*tag == '\0') { return 1; } else if (!strcmp(tag, "done")) { if (expr == NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "missing expr in if statement: %s", r->filename); ap_rputs(error, r); return 1; } *printing = *conditional_status = parse_expr(r, expr, error); #ifdef DEBUG_INCLUDE ap_rvputs(r, "**** if conditional_status=\"", *conditional_status ? "1" : "0", "\"\n", NULL); #endif return 0; } else if (!strcmp(tag, "expr")) { expr = tag_val; #ifdef DEBUG_INCLUDE ap_rvputs(r, "**** if expr=\"", expr, "\"\n", NULL); #endif } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown parameter \"%s\" to tag if in %s", tag, r->filename); ap_rputs(error, r); } } } static int handle_elif(FILE *in, request_rec *r, const char *error, int *conditional_status, int *printing) { char tag[MAX_STRING_LEN]; char *tag_val; char *expr; expr = NULL; while (1) { tag_val = get_tag(r->pool, in, tag, sizeof(tag), 0); if (*tag == '\0') { return 1; } else if (!strcmp(tag, "done")) { #ifdef DEBUG_INCLUDE ap_rvputs(r, "**** elif conditional_status=\"", *conditional_status ? "1" : "0", "\"\n", NULL); #endif if (*conditional_status) { *printing = 0; return (0); } if (expr == NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "missing expr in elif statement: %s", r->filename); ap_rputs(error, r); return 1; } *printing = *conditional_status = parse_expr(r, expr, error); #ifdef DEBUG_INCLUDE ap_rvputs(r, "**** elif conditional_status=\"", *conditional_status ? "1" : "0", "\"\n", NULL); #endif return 0; } else if (!strcmp(tag, "expr")) { expr = tag_val; #ifdef DEBUG_INCLUDE ap_rvputs(r, "**** if expr=\"", expr, "\"\n", NULL); #endif } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown parameter \"%s\" to tag if in %s", tag, r->filename); ap_rputs(error, r); } } } static int handle_else(FILE *in, request_rec *r, const char *error, int *conditional_status, int *printing) { char tag[MAX_STRING_LEN]; if (!get_tag(r->pool, in, tag, sizeof(tag), 1)) { return 1; } else if (!strcmp(tag, "done")) { #ifdef DEBUG_INCLUDE ap_rvputs(r, "**** else conditional_status=\"", *conditional_status ? "1" : "0", "\"\n", NULL); #endif *printing = !(*conditional_status); *conditional_status = 1; return 0; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "else directive does not take tags in %s", r->filename); if (*printing) { ap_rputs(error, r); } return -1; } } static int handle_endif(FILE *in, request_rec *r, const char *error, int *conditional_status, int *printing) { char tag[MAX_STRING_LEN]; if (!get_tag(r->pool, in, tag, sizeof(tag), 1)) { return 1; } else if (!strcmp(tag, "done")) { #ifdef DEBUG_INCLUDE ap_rvputs(r, "**** endif conditional_status=\"", *conditional_status ? "1" : "0", "\"\n", NULL); #endif *printing = 1; *conditional_status = 1; return 0; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "endif directive does not take tags in %s", r->filename); ap_rputs(error, r); return -1; } } static int handle_set(FILE *in, request_rec *r, const char *error) { char tag[MAX_STRING_LEN]; char parsed_string[MAX_STRING_LEN]; char *tag_val; char *var; var = (char *) NULL; while (1) { if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) { return 1; } else if (!strcmp(tag, "done")) { return 0; } else if (!strcmp(tag, "var")) { var = tag_val; } else if (!strcmp(tag, "value")) { if (var == (char *) NULL) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "variable must precede value in set directive in %s", r->filename); ap_rputs(error, r); return -1; } parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 0); ap_table_setn(r->subprocess_env, var, ap_pstrdup(r->pool, parsed_string)); } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "Invalid tag for set directive in %s", r->filename); ap_rputs(error, r); return -1; } } } static int handle_printenv(FILE *in, request_rec *r, const char *error) { char tag[MAX_STRING_LEN]; char *tag_val; array_header *arr = ap_table_elts(r->subprocess_env); table_entry *elts = (table_entry *) arr->elts; int i; if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) { return 1; } else if (!strcmp(tag, "done")) { for (i = 0; i < arr->nelts; ++i) { ap_rvputs(r, elts[i].key, "=", elts[i].val, "\n", NULL); } return 0; } else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "printenv directive does not take tags in %s", r->filename); ap_rputs(error, r); return -1; } } /* -------------------------- The main function --------------------------- */ /* This is a stub which parses a file descriptor. */ static void send_parsed_content(FILE *f, request_rec *r) { char directive[MAX_STRING_LEN], error[MAX_STRING_LEN]; char timefmt[MAX_STRING_LEN]; int noexec = ap_allow_options(r) & OPT_INCNOEXEC; int ret, sizefmt; int if_nesting; int printing; int conditional_status; ap_cpystrn(error, DEFAULT_ERROR_MSG, sizeof(error)); ap_cpystrn(timefmt, DEFAULT_TIME_FORMAT, sizeof(timefmt)); sizefmt = SIZEFMT_KMG; /* Turn printing on */ printing = conditional_status = 1; if_nesting = 0; #ifndef WIN32 ap_chdir_file(r->filename); #endif if (r->args) { /* add QUERY stuff to env cause it ain't yet */ char *arg_copy = ap_pstrdup(r->pool, r->args); ap_table_setn(r->subprocess_env, "QUERY_STRING", r->args); ap_unescape_url(arg_copy); ap_table_setn(r->subprocess_env, "QUERY_STRING_UNESCAPED", ap_escape_shell_cmd(r->pool, arg_copy)); } while (1) { if (!find_string(f, STARTING_SEQUENCE, r, printing)) { if (get_directive(f, directive, sizeof(directive), r->pool)) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "mod_include: error reading directive in %s", r->filename); ap_rputs(error, r); return; } if (!strcmp(directive, "if")) { if (!printing) { if_nesting++; } else { ret = handle_if(f, r, error, &conditional_status, &printing); if_nesting = 0; } continue; } else if (!strcmp(directive, "else")) { if (!if_nesting) { ret = handle_else(f, r, error, &conditional_status, &printing); } continue; } else if (!strcmp(directive, "elif")) { if (!if_nesting) { ret = handle_elif(f, r, error, &conditional_status, &printing); } continue; } else if (!strcmp(directive, "endif")) { if (!if_nesting) { ret = handle_endif(f, r, error, &conditional_status, &printing); } else { if_nesting--; } continue; } if (!printing) { continue; } if (!strcmp(directive, "exec")) { if (noexec) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "exec used but not allowed in %s", r->filename); if (printing) { ap_rputs(error, r); } ret = find_string(f, ENDING_SEQUENCE, r, 0); } else { ret = handle_exec(f, r, error); } } else if (!strcmp(directive, "config")) { ret = handle_config(f, r, error, timefmt, &sizefmt); } else if (!strcmp(directive, "set")) { ret = handle_set(f, r, error); } else if (!strcmp(directive, "include")) { ret = handle_include(f, r, error, noexec); } else if (!strcmp(directive, "echo")) { ret = handle_echo(f, r, error); } else if (!strcmp(directive, "fsize")) { ret = handle_fsize(f, r, error, sizefmt); } else if (!strcmp(directive, "flastmod")) { ret = handle_flastmod(f, r, error, timefmt); } else if (!strcmp(directive, "printenv")) { ret = handle_printenv(f, r, error); } #ifdef USE_PERL_SSI else if (!strcmp(directive, "perl")) { ret = handle_perl(f, r, error); } #endif else { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown directive \"%s\" " "in parsed doc %s", directive, r->filename); if (printing) { ap_rputs(error, r); } ret = find_string(f, ENDING_SEQUENCE, r, 0); } if (ret) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "premature EOF in parsed file %s", r->filename); return; } } else { return; } } } /***************************************************************** * * XBITHACK. Sigh... NB it's configurable per-directory; the compile-time * option only changes the default. */ module includes_module; enum xbithack { xbithack_off, xbithack_on, xbithack_full }; #ifdef XBITHACK #define DEFAULT_XBITHACK xbithack_full #else #define DEFAULT_XBITHACK xbithack_off #endif static void *create_includes_dir_config(pool *p, char *dummy) { enum xbithack *result = (enum xbithack *) ap_palloc(p, sizeof(enum xbithack)); *result = DEFAULT_XBITHACK; return result; } static const char *set_xbithack(cmd_parms *cmd, void *xbp, char *arg) { enum xbithack *state = (enum xbithack *) xbp; if (!strcasecmp(arg, "off")) { *state = xbithack_off; } else if (!strcasecmp(arg, "on")) { *state = xbithack_on; } else if (!strcasecmp(arg, "full")) { *state = xbithack_full; } else { return "XBitHack must be set to Off, On, or Full"; } return NULL; } static int send_parsed_file(request_rec *r) { FILE *f; enum xbithack *state = (enum xbithack *) ap_get_module_config(r->per_dir_config, &includes_module); int errstatus; request_rec *parent; if (!(ap_allow_options(r) & OPT_INCLUDES)) { return DECLINED; } r->allowed |= (1 << M_GET); if (r->method_number != M_GET) { return DECLINED; } if (r->finfo.st_mode == 0) { ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "File does not exist: %s", (r->path_info ? ap_pstrcat(r->pool, r->filename, r->path_info, NULL) : r->filename)); return HTTP_NOT_FOUND; } if (!(f = ap_pfopen(r->pool, r->filename, "r"))) { ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "file permissions deny server access: %s", r->filename); return HTTP_FORBIDDEN; } if ((*state == xbithack_full) #if !defined(OS2) && !defined(WIN32) /* OS/2 dosen't support Groups. */ && (r->finfo.st_mode & S_IXGRP) #endif ) { ap_update_mtime(r, r->finfo.st_mtime); ap_set_last_modified(r); } if ((errstatus = ap_meets_conditions(r)) != OK) { return errstatus; } ap_send_http_header(r); if (r->header_only) { ap_pfclose(r->pool, f); return OK; } if ((parent = ap_get_module_config(r->request_config, &includes_module))) { /* Kludge --- for nested includes, we want to keep the subprocess * environment of the base document (for compatibility); that means * torquing our own last_modified date as well so that the * LAST_MODIFIED variable gets reset to the proper value if the * nested document resets . * We also insist that the memory for this subrequest not be * destroyed, that's dealt with in handle_include(). */ r->subprocess_env = parent->subprocess_env; ap_pool_join(parent->pool, r->pool); r->finfo.st_mtime = parent->finfo.st_mtime; } else { /* we're not a nested include, so we create an initial * environment */ ap_add_common_vars(r); ap_add_cgi_vars(r); add_include_vars(r, DEFAULT_TIME_FORMAT); } /* XXX: this is bogus, at some point we're going to do a subrequest, * and when we do it we're going to be subjecting code that doesn't * expect to be signal-ready to SIGALRM. There is no clean way to * fix this, except to put alarm support into BUFF. -djg */ ap_hard_timeout("send SSI", r); #ifdef CHARSET_EBCDIC /* XXX:@@@ Is the generated/included output ALWAYS in text/ebcdic format? */ ap_bsetflag(r->connection->client, B_EBCDIC2ASCII, 1); #endif send_parsed_content(f, r); if (parent) { /* signify that the sub request should not be killed */ ap_set_module_config(r->request_config, &includes_module, NESTED_INCLUDE_MAGIC); } ap_kill_timeout(r); return OK; } static int send_shtml_file(request_rec *r) { r->content_type = "text/html"; return send_parsed_file(r); } static int xbithack_handler(request_rec *r) { #if defined(OS2) || defined(WIN32) /* OS/2 dosen't currently support the xbithack. This is being worked on. */ return DECLINED; #else enum xbithack *state; if (!(r->finfo.st_mode & S_IXUSR)) { return DECLINED; } state = (enum xbithack *) ap_get_module_config(r->per_dir_config, &includes_module); if (*state == xbithack_off) { return DECLINED; } return send_parsed_file(r); #endif } static const command_rec includes_cmds[] = { {"XBitHack", set_xbithack, NULL, OR_OPTIONS, TAKE1, "Off, On, or Full"}, {NULL} }; static const handler_rec includes_handlers[] = { {INCLUDES_MAGIC_TYPE, send_shtml_file}, {INCLUDES_MAGIC_TYPE3, send_shtml_file}, {"server-parsed", send_parsed_file}, {"text/html", xbithack_handler}, {NULL} }; module MODULE_VAR_EXPORT includes_module = { STANDARD_MODULE_STUFF, NULL, /* initializer */ create_includes_dir_config, /* dir config creater */ NULL, /* dir merger --- default is to override */ NULL, /* server config */ NULL, /* merge server config */ includes_cmds, /* command table */ includes_handlers, /* handlers */ NULL, /* filename translation */ NULL, /* check_user_id */ NULL, /* check auth */ NULL, /* check access */ NULL, /* type_checker */ NULL, /* fixups */ NULL, /* logger */ NULL, /* header parser */ NULL, /* child_init */ NULL, /* child_exit */ NULL /* post read-request */ };