From 4d37351eab0ea02ca065f4415aa6ac556a8c7820 Mon Sep 17 00:00:00 2001 From: Benjamin Barenblat Date: Mon, 7 Nov 2016 17:31:19 -0500 Subject: FastCGI: Track request IDs during processing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When processing a FastCGI request, save its request ID in thread-local storage and respond with the same request ID (rather than hard-coding 1). This fixes FastCGI on picky web servers (nginx). For more background, see https://github.com/urweb/urweb/issues/57 and ยง3.3 of the FastCGI specification. Tested with nginx 1.10.2 and lighttpd 1.4.39. Closes https://github.com/urweb/urweb/issues/57. --- src/c/fastcgi.c | 45 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/c/fastcgi.c b/src/c/fastcgi.c index cda3e1f6..c37debf7 100644 --- a/src/c/fastcgi.c +++ b/src/c/fastcgi.c @@ -1,5 +1,7 @@ #include "config.h" +#include +#include #include #include #include @@ -20,6 +22,8 @@ #include "fastcgi.h" +#define THREAD_LOCAL __thread + extern uw_app uw_application; typedef struct { @@ -44,6 +48,21 @@ typedef struct { int available, used, sock; } FCGI_Input; +// The FastCGI request ID corresponding to the request being handled by the +// current worker thread. (Each worker thread can only handle one request at a +// time.) +static THREAD_LOCAL int current_request_id; + +// Reads the FastCGI request ID from a FastCGI record. The result is guaranteed +// to be in the range [0, 2^16); this function returns an int to avoid C type +// promotion insanity. +static int fastcgi_request_id(const FCGI_Record* const r) { + const int requestid = r->requestIdB1 << 8 | r->requestIdB0; + assert(requestid >= 0); + assert(requestid <= UINT16_MAX); + return requestid; +} + static FCGI_Output *fastcgi_output() { FCGI_Output *o = malloc(sizeof(FCGI_Output)); @@ -70,7 +89,9 @@ static int fastcgi_send(FCGI_Output *o, unsigned char type, unsigned short contentLength) { o->r.type = type; - o->r.requestIdB1 = o->r.requestIdB0 = 0; + assert(current_request_id <= UINT16_MAX); + o->r.requestIdB1 = current_request_id >> 8; + o->r.requestIdB0 = current_request_id & 0x000000ff; o->r.contentLengthB1 = contentLength >> 8; o->r.contentLengthB0 = contentLength & 255; return uw_really_send(o->sock, &o->r, sizeof(o->r) - 65535 + contentLength); @@ -356,6 +377,10 @@ static void *worker(void *data) { goto done; } + // Save the FastCGI request ID this worker is handling so that fastcgi_send + // can include it in its response. + current_request_id = fastcgi_request_id(r); + if (r->type != FCGI_BEGIN_REQUEST) { write_stderr(out, "First message is not BEGIN_REQUEST\n"); goto done; @@ -373,6 +398,15 @@ static void *worker(void *data) { goto done; } + if (fastcgi_request_id(r) != current_request_id) { + write_stderr(out, + "Ignoring environment variables for request %d (current" + " request has id %d)\n", + fastcgi_request_id(r), + current_request_id); + continue; + } + if (r->type != FCGI_PARAMS) { write_stderr(out, "Expected FCGI_PARAMS but got %d\n", r->type); goto done; @@ -428,6 +462,15 @@ static void *worker(void *data) { goto done; } + if (fastcgi_request_id(r) != current_request_id) { + write_stderr(out, + "Ignoring STDIN for request %d (current request has id" + " %d)\n", + fastcgi_request_id(r), + current_request_id); + continue; + } + if (r->type != FCGI_STDIN) { write_stderr(out, "Expected FCGI_STDIN but got %d\n", r->type); goto done; -- cgit v1.2.3 From 730b627fb1cad24b454bc8c3b652ae5bbd21a839 Mon Sep 17 00:00:00 2001 From: Marvin Sielenkemper Date: Wed, 30 Nov 2016 22:13:57 +0100 Subject: use the ip4 socket address for ipv4 again --- src/c/http.c | 49 ++++++++++++++++++++++++++----------------------- 1 file changed, 26 insertions(+), 23 deletions(-) (limited to 'src') diff --git a/src/c/http.c b/src/c/http.c index d186e209..afa5de66 100644 --- a/src/c/http.c +++ b/src/c/http.c @@ -322,19 +322,27 @@ static void sigint(int signum) { exit(0); } +union uw_sockaddr { + struct sockaddr sa; + struct sockaddr_in ipv4; + struct sockaddr_in6 ipv6; +}; + int main(int argc, char *argv[]) { // The skeleton for this function comes from Beej's sockets tutorial. int sockfd; // listen on sock_fd - struct sockaddr_in6 my_addr; - struct sockaddr_in6 their_addr; // connector's address information + union uw_sockaddr my_addr; + union uw_sockaddr their_addr; // connector's address information socklen_t sin_size; - int yes = 1, no = 0, uw_port = 8080, nthreads = 1, i, *names, opt; + int yes = 1, uw_port = 8080, nthreads = 1, i, *names, opt; int recv_timeout_sec = 5; signal(SIGINT, sigint); signal(SIGPIPE, SIG_IGN); - my_addr.sin6_addr = in6addr_any; // auto-fill with my IP + // default if not specified: IPv4 with my IP + my_addr.sa.sa_family = AF_INET; + my_addr.ipv4.sin_addr.s_addr = INADDR_ANY; // auto-fill with my IP while ((opt = getopt(argc, argv, "hp:a:A:t:kqT:")) != -1) { switch (opt) { @@ -357,20 +365,17 @@ int main(int argc, char *argv[]) { break; case 'a': - { - char *buf = alloca(strlen(optarg) + 8); - strcpy(buf, "::FFFF:"); - strcpy(buf + 7, optarg); - if (!inet_pton(AF_INET6, buf, &my_addr.sin6_addr)) { - fprintf(stderr, "Invalid IPv4 address\n"); - help(argv[0]); - return 1; - } + my_addr.sa.sa_family = AF_INET; + if (!inet_pton(AF_INET, optarg, &my_addr.ipv4.sin_addr)) { + fprintf(stderr, "Invalid IPv4 address\n"); + help(argv[0]); + return 1; } break; case 'A': - if (!inet_pton(AF_INET6, optarg, &my_addr.sin6_addr)) { + my_addr.sa.sa_family = AF_INET6; + if (!inet_pton(AF_INET6, optarg, &my_addr.ipv6.sin6_addr)) { fprintf(stderr, "Invalid IPv6 address\n"); help(argv[0]); return 1; @@ -413,7 +418,7 @@ int main(int argc, char *argv[]) { names = calloc(nthreads, sizeof(int)); - sockfd = socket(AF_INET6, SOCK_STREAM, 0); // do some error checking! + sockfd = socket(my_addr.sa.sa_family, SOCK_STREAM, 0); // do some error checking! if (sockfd < 0) { fprintf(stderr, "Listener socket creation failed\n"); @@ -425,15 +430,13 @@ int main(int argc, char *argv[]) { return 1; } - if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, &no, sizeof(int)) < 0) { - fprintf(stderr, "Listener IPV6_V6ONLY option resetting failed\n"); - return 1; + switch (my_addr.sa.sa_family) + { + case AF_INET: my_addr.ipv4.sin_port = htons(uw_port); break; + case AF_INET6: my_addr.ipv6.sin6_port = htons(uw_port); break; } - my_addr.sin6_family = AF_INET6; // host byte order - my_addr.sin6_port = htons(uw_port); // short, network byte order - - if (bind(sockfd, (struct sockaddr *)&my_addr, sizeof my_addr) < 0) { + if (bind(sockfd, &my_addr.sa, sizeof my_addr) < 0) { fprintf(stderr, "Listener socket bind failed\n"); return 1; } @@ -470,7 +473,7 @@ int main(int argc, char *argv[]) { } while (1) { - int new_fd = accept(sockfd, (struct sockaddr *)&their_addr, &sin_size); + int new_fd = accept(sockfd, &their_addr.sa, &sin_size); if (new_fd < 0) { qfprintf(stderr, "Socket accept failed\n"); -- cgit v1.2.3 From 18876ba1e372323b3ed0361bf1d33bd7a22b097e Mon Sep 17 00:00:00 2001 From: Marvin Sielenkemper Date: Thu, 1 Dec 2016 08:29:51 +0100 Subject: zero initialize the socket address structure --- src/c/http.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src') diff --git a/src/c/http.c b/src/c/http.c index afa5de66..f7fdc122 100644 --- a/src/c/http.c +++ b/src/c/http.c @@ -341,6 +341,7 @@ int main(int argc, char *argv[]) { signal(SIGPIPE, SIG_IGN); // default if not specified: IPv4 with my IP + memset(&my_addr, 0, sizeof my_addr); my_addr.sa.sa_family = AF_INET; my_addr.ipv4.sin_addr.s_addr = INADDR_ANY; // auto-fill with my IP -- cgit v1.2.3 From 40191906aa4b640838496174af7c594039bd6fd5 Mon Sep 17 00:00:00 2001 From: Marvin Sielenkemper Date: Thu, 1 Dec 2016 12:52:53 +0100 Subject: pass the proper size to the bind call --- src/c/http.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/c/http.c b/src/c/http.c index f7fdc122..f2d3a4c5 100644 --- a/src/c/http.c +++ b/src/c/http.c @@ -333,7 +333,7 @@ int main(int argc, char *argv[]) { int sockfd; // listen on sock_fd union uw_sockaddr my_addr; union uw_sockaddr their_addr; // connector's address information - socklen_t sin_size; + socklen_t my_size = 0, sin_size; int yes = 1, uw_port = 8080, nthreads = 1, i, *names, opt; int recv_timeout_sec = 5; @@ -433,11 +433,18 @@ int main(int argc, char *argv[]) { switch (my_addr.sa.sa_family) { - case AF_INET: my_addr.ipv4.sin_port = htons(uw_port); break; - case AF_INET6: my_addr.ipv6.sin6_port = htons(uw_port); break; + case AF_INET: + /*my_addr.ipv4.sin_len =*/ my_size = sizeof(my_addr.ipv4); + my_addr.ipv4.sin_port = htons(uw_port); + break; + + case AF_INET6: + /*my_addr.ipv6.sin6_len =*/ my_size = sizeof(my_addr.ipv6); + my_addr.ipv6.sin6_port = htons(uw_port); + break; } - if (bind(sockfd, &my_addr.sa, sizeof my_addr) < 0) { + if (bind(sockfd, &my_addr.sa, my_size) < 0) { fprintf(stderr, "Listener socket bind failed\n"); return 1; } -- cgit v1.2.3 From b3a56ca200a9657aceb32886e9108b732d609892 Mon Sep 17 00:00:00 2001 From: Marvin Sielenkemper Date: Thu, 1 Dec 2016 17:34:18 +0100 Subject: remove unnecessary code --- src/c/http.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/c/http.c b/src/c/http.c index f2d3a4c5..1bc58677 100644 --- a/src/c/http.c +++ b/src/c/http.c @@ -434,12 +434,12 @@ int main(int argc, char *argv[]) { switch (my_addr.sa.sa_family) { case AF_INET: - /*my_addr.ipv4.sin_len =*/ my_size = sizeof(my_addr.ipv4); + my_size = sizeof(my_addr.ipv4); my_addr.ipv4.sin_port = htons(uw_port); break; case AF_INET6: - /*my_addr.ipv6.sin6_len =*/ my_size = sizeof(my_addr.ipv6); + my_size = sizeof(my_addr.ipv6); my_addr.ipv6.sin6_port = htons(uw_port); break; } -- cgit v1.2.3