1 /* Copyright (c) 2013-2018 Dovecot authors, see the included COPYING file */
2
3 #include "lib.h"
4 #include "llist.h"
5 #include "array.h"
6 #include "str.h"
7 #include "hostpid.h"
8 #include "ioloop.h"
9 #include "istream.h"
10 #include "istream-timeout.h"
11 #include "ostream.h"
12 #include "connection.h"
13 #include "iostream-rawlog.h"
14 #include "iostream-ssl.h"
15 #include "master-service.h"
16 #include "master-service-ssl.h"
17 #include "http-date.h"
18 #include "http-url.h"
19 #include "http-request-parser.h"
20
21 #include "http-server-private.h"
22
23 static void
24 http_server_connection_disconnect(struct http_server_connection *conn,
25 const char *reason);
26
27 static bool
28 http_server_connection_unref_is_closed(struct http_server_connection *conn);
29
30 /*
31 * Logging
32 */
33
34 static inline void
35 http_server_connection_client_error(struct http_server_connection *conn,
36 const char *format, ...) ATTR_FORMAT(2, 3);
37
38 static inline void
http_server_connection_client_error(struct http_server_connection * conn,const char * format,...)39 http_server_connection_client_error(struct http_server_connection *conn,
40 const char *format, ...)
41 {
42 va_list args;
43
44 va_start(args, format);
45 e_info(conn->event, "%s", t_strdup_vprintf(format, args));
46 va_end(args);
47 }
48
49 /*
50 * Connection
51 */
52
53 static void http_server_connection_input(struct connection *_conn);
54
55 static void
http_server_connection_update_stats(struct http_server_connection * conn)56 http_server_connection_update_stats(struct http_server_connection *conn)
57 {
58 if (conn->conn.input != NULL)
59 conn->stats.input = conn->conn.input->v_offset;
60 if (conn->conn.output != NULL)
61 conn->stats.output = conn->conn.output->offset;
62 }
63
64 const struct http_server_stats *
http_server_connection_get_stats(struct http_server_connection * conn)65 http_server_connection_get_stats(struct http_server_connection *conn)
66 {
67 http_server_connection_update_stats(conn);
68 return &conn->stats;
69 }
70
http_server_connection_input_set_pending(struct http_server_connection * conn)71 void http_server_connection_input_set_pending(
72 struct http_server_connection *conn)
73 {
74 i_stream_set_input_pending(conn->conn.input, TRUE);
75 }
76
http_server_connection_input_halt(struct http_server_connection * conn)77 void http_server_connection_input_halt(struct http_server_connection *conn)
78 {
79 connection_input_halt(&conn->conn);
80 }
81
http_server_connection_input_resume(struct http_server_connection * conn)82 void http_server_connection_input_resume(struct http_server_connection *conn)
83 {
84 if (conn->closed || conn->input_broken || conn->close_indicated ||
85 conn->incoming_payload != NULL) {
86 /* Connection not usable */
87 return;
88 }
89
90 if (conn->in_req_callback) {
91 struct http_server_request *req = conn->request_queue_tail;
92
93 /* Currently running request callback for this connection. Only
94 handle discarded request payload. */
95 if (req == NULL ||
96 req->state != HTTP_SERVER_REQUEST_STATE_SUBMITTED_RESPONSE)
97 return;
98 if (!http_server_connection_pending_payload(conn))
99 return;
100 }
101
102 connection_input_resume(&conn->conn);
103 }
104
105 static void
http_server_connection_idle_timeout(struct http_server_connection * conn)106 http_server_connection_idle_timeout(struct http_server_connection *conn)
107 {
108 http_server_connection_client_error(
109 conn, "Disconnected for inactivity");
110 http_server_connection_close(&conn, "Disconnected for inactivity");
111 }
112
http_server_connection_start_idle_timeout(struct http_server_connection * conn)113 void http_server_connection_start_idle_timeout(
114 struct http_server_connection *conn)
115 {
116 unsigned int timeout_msecs =
117 conn->server->set.max_client_idle_time_msecs;
118
119 if (conn->to_idle == NULL && timeout_msecs > 0) {
120 conn->to_idle = timeout_add(timeout_msecs,
121 http_server_connection_idle_timeout,
122 conn);
123 }
124 }
125
http_server_connection_reset_idle_timeout(struct http_server_connection * conn)126 void http_server_connection_reset_idle_timeout(
127 struct http_server_connection *conn)
128 {
129 if (conn->to_idle != NULL)
130 timeout_reset(conn->to_idle);
131 }
132
http_server_connection_stop_idle_timeout(struct http_server_connection * conn)133 void http_server_connection_stop_idle_timeout(
134 struct http_server_connection *conn)
135 {
136 timeout_remove(&conn->to_idle);
137 }
138
http_server_connection_shut_down(struct http_server_connection * conn)139 bool http_server_connection_shut_down(struct http_server_connection *conn)
140 {
141 if (conn->request_queue_head == NULL ||
142 conn->request_queue_head->state == HTTP_SERVER_REQUEST_STATE_NEW) {
143 http_server_connection_close(&conn, "Server shutting down");
144 return TRUE;
145 }
146 return FALSE;
147 }
148
http_server_connection_ready(struct http_server_connection * conn)149 static void http_server_connection_ready(struct http_server_connection *conn)
150 {
151 const struct http_server_settings *set = &conn->server->set;
152 struct http_url base_url;
153 struct stat st;
154
155 if (conn->server->set.rawlog_dir != NULL &&
156 stat(conn->server->set.rawlog_dir, &st) == 0) {
157 iostream_rawlog_create(conn->server->set.rawlog_dir,
158 &conn->conn.input, &conn->conn.output);
159 }
160
161 i_zero(&base_url);
162 if (set->default_host != NULL)
163 base_url.host.name = set->default_host;
164 else
165 base_url.host.name = my_hostname;
166 base_url.have_ssl = conn->ssl;
167
168 conn->http_parser = http_request_parser_init(
169 conn->conn.input, &base_url, &conn->server->set.request_limits,
170 HTTP_REQUEST_PARSE_FLAG_STRICT);
171 o_stream_set_finish_via_child(conn->conn.output, FALSE);
172 o_stream_set_flush_callback(conn->conn.output,
173 http_server_connection_output, conn);
174 }
175
http_server_connection_destroy(struct connection * _conn)176 static void http_server_connection_destroy(struct connection *_conn)
177 {
178 struct http_server_connection *conn =
179 (struct http_server_connection *)_conn;
180
181 http_server_connection_disconnect(conn, NULL);
182 http_server_connection_unref(&conn);
183 }
184
http_server_payload_destroyed(struct http_server_request * req)185 static void http_server_payload_destroyed(struct http_server_request *req)
186 {
187 struct http_server_connection *conn = req->conn;
188 int stream_errno;
189
190 i_assert(conn != NULL);
191 i_assert(conn->request_queue_tail == req ||
192 req->state >= HTTP_SERVER_REQUEST_STATE_FINISHED);
193 i_assert(conn->conn.io == NULL);
194
195 e_debug(conn->event, "Request payload stream destroyed");
196
197 /* Caller is allowed to change the socket fd to blocking while reading
198 the payload. make sure here that it's switched back. */
199 net_set_nonblock(conn->conn.fd_in, TRUE);
200
201 stream_errno = conn->incoming_payload->stream_errno;
202 conn->incoming_payload = NULL;
203
204 if (conn->payload_handler != NULL)
205 http_server_payload_handler_destroy(&conn->payload_handler);
206
207 /* Handle errors in transfer stream */
208 if (req->response == NULL && stream_errno != 0 &&
209 conn->conn.input->stream_errno == 0) {
210 switch (stream_errno) {
211 case EMSGSIZE:
212 conn->input_broken = TRUE;
213 http_server_connection_client_error(
214 conn, "Client sent excessively large request");
215 http_server_request_fail_close(req, 413,
216 "Payload Too Large");
217 return;
218 case EIO:
219 conn->input_broken = TRUE;
220 http_server_connection_client_error(
221 conn, "Client sent invalid request payload");
222 http_server_request_fail_close(req, 400,
223 "Bad Request");
224 return;
225 default:
226 break;
227 }
228 }
229
230 /* Resource stopped reading payload; update state */
231 switch (req->state) {
232 case HTTP_SERVER_REQUEST_STATE_QUEUED:
233 case HTTP_SERVER_REQUEST_STATE_PAYLOAD_IN:
234 /* Finished reading request */
235 req->state = HTTP_SERVER_REQUEST_STATE_PROCESSING;
236 http_server_connection_stop_idle_timeout(conn);
237 if (req->response != NULL && req->response->submitted)
238 http_server_request_submit_response(req);
239 break;
240 case HTTP_SERVER_REQUEST_STATE_PROCESSING:
241 /* No response submitted yet */
242 break;
243 case HTTP_SERVER_REQUEST_STATE_SUBMITTED_RESPONSE:
244 /* Response submitted, but not all payload is necessarily read
245 */
246 if (http_server_request_is_complete(req))
247 http_server_request_ready_to_respond(req);
248 break;
249 case HTTP_SERVER_REQUEST_STATE_READY_TO_RESPOND:
250 case HTTP_SERVER_REQUEST_STATE_FINISHED:
251 case HTTP_SERVER_REQUEST_STATE_ABORTED:
252 /* Nothing to do */
253 break;
254 default:
255 i_unreached();
256 }
257
258 /* Input stream may have pending input. */
259 http_server_connection_input_resume(conn);
260 http_server_connection_input_set_pending(conn);
261 }
262
263 static bool
http_server_connection_handle_request(struct http_server_connection * conn,struct http_server_request * req)264 http_server_connection_handle_request(struct http_server_connection *conn,
265 struct http_server_request *req)
266 {
267 const struct http_server_settings *set = &conn->server->set;
268 unsigned int old_refcount;
269 struct istream *payload;
270
271 i_assert(!conn->in_req_callback);
272 i_assert(conn->incoming_payload == NULL);
273
274 if (req->req.version_major != 1) {
275 http_server_request_fail(req, 505,
276 "HTTP Version Not Supported");
277 return TRUE;
278 }
279
280 req->state = HTTP_SERVER_REQUEST_STATE_QUEUED;
281
282 if (req->req.payload != NULL) {
283 /* Wrap the stream to capture the destroy event without
284 destroying the actual payload stream. */
285 conn->incoming_payload = req->req.payload =
286 i_stream_create_timeout(
287 req->req.payload,
288 set->max_client_idle_time_msecs);
289 /* We've received the request itself, and we can't reset the
290 timeout during the payload reading. */
291 http_server_connection_stop_idle_timeout(conn);
292 } else {
293 conn->incoming_payload = req->req.payload =
294 i_stream_create_from_data("", 0);
295 }
296 i_stream_add_destroy_callback(req->req.payload,
297 http_server_payload_destroyed, req);
298 /* The callback may add its own I/O, so we need to remove our one before
299 calling it. */
300 http_server_connection_input_halt(conn);
301
302 old_refcount = req->refcount;
303 conn->in_req_callback = TRUE;
304 T_BEGIN {
305 http_server_request_callback(req);
306 } T_END;
307 if (conn->closed) {
308 /* The callback managed to get this connection destroyed/closed
309 */
310 return FALSE;
311 }
312 conn->in_req_callback = FALSE;
313 req->callback_refcount = req->refcount - old_refcount;
314
315 if (req->req.payload != NULL) {
316 /* Send 100 Continue when appropriate */
317 if (req->req.expect_100_continue && !req->payload_halted &&
318 req->response == NULL) {
319 http_server_connection_output_trigger(conn);
320 }
321
322 /* Delegate payload handling to request handler */
323 if (req->state < HTTP_SERVER_REQUEST_STATE_PAYLOAD_IN)
324 req->state = HTTP_SERVER_REQUEST_STATE_PAYLOAD_IN;
325 payload = req->req.payload;
326 req->req.payload = NULL;
327 i_stream_unref(&payload);
328 }
329
330 if (req->state < HTTP_SERVER_REQUEST_STATE_PROCESSING &&
331 (conn->incoming_payload == NULL ||
332 !i_stream_have_bytes_left(conn->incoming_payload))) {
333 /* Finished reading request */
334 req->state = HTTP_SERVER_REQUEST_STATE_PROCESSING;
335 if (req->response != NULL && req->response->submitted)
336 http_server_request_submit_response(req);
337 }
338
339 i_assert(conn->incoming_payload != NULL || req->callback_refcount > 0 ||
340 (req->response != NULL && req->response->submitted));
341
342 if (conn->incoming_payload == NULL) {
343 http_server_connection_input_resume(conn);
344 http_server_connection_input_set_pending(conn);
345 return TRUE;
346 }
347
348 /* Request payload is still being uploaded by the client */
349 return FALSE;
350 }
351
352 static int
http_server_connection_ssl_init(struct http_server_connection * conn)353 http_server_connection_ssl_init(struct http_server_connection *conn)
354 {
355 struct http_server *server = conn->server;
356 const char *error;
357 int ret;
358
359 if (http_server_init_ssl_ctx(server, &error) < 0) {
360 e_error(conn->event, "Couldn't initialize SSL: %s", error);
361 return -1;
362 }
363
364 e_debug(conn->event, "Starting SSL handshake");
365
366 http_server_connection_input_halt(conn);
367 if (server->ssl_ctx == NULL) {
368 ret = master_service_ssl_init(master_service,
369 &conn->conn.input,
370 &conn->conn.output,
371 &conn->ssl_iostream, &error);
372 } else {
373 ret = io_stream_create_ssl_server(server->ssl_ctx,
374 server->set.ssl,
375 &conn->conn.input,
376 &conn->conn.output,
377 &conn->ssl_iostream, &error);
378 }
379 if (ret < 0) {
380 e_error(conn->event,
381 "Couldn't initialize SSL server for %s: %s",
382 conn->conn.name, error);
383 return -1;
384 }
385 http_server_connection_input_resume(conn);
386
387 if (ssl_iostream_handshake(conn->ssl_iostream) < 0) {
388 e_error(conn->event, "SSL handshake failed: %s",
389 ssl_iostream_get_last_error(conn->ssl_iostream));
390 return -1;
391 }
392
393 http_server_connection_ready(conn);
394 return 0;
395 }
396
397 static bool
http_server_connection_pipeline_is_full(struct http_server_connection * conn)398 http_server_connection_pipeline_is_full(struct http_server_connection *conn)
399 {
400 return ((conn->request_queue_count >=
401 conn->server->set.max_pipelined_requests) ||
402 conn->server->shutting_down);
403 }
404
405 static void
http_server_connection_pipeline_handle_full(struct http_server_connection * conn)406 http_server_connection_pipeline_handle_full(struct http_server_connection *conn)
407 {
408 if (conn->server->shutting_down) {
409 e_debug(conn->event, "Pipeline full "
410 "(%u requests pending; server shutting down)",
411 conn->request_queue_count);
412 } else {
413 e_debug(conn->event, "Pipeline full "
414 "(%u requests pending; %u maximum)",
415 conn->request_queue_count,
416 conn->server->set.max_pipelined_requests);
417 }
418 http_server_connection_input_halt(conn);
419 }
420
421 static bool
http_server_connection_check_input(struct http_server_connection * conn)422 http_server_connection_check_input(struct http_server_connection *conn)
423 {
424 struct istream *input = conn->conn.input;
425 int stream_errno;
426
427 if (input == NULL)
428 return FALSE;
429 stream_errno = input->stream_errno;
430
431 if (input->eof || stream_errno != 0) {
432 /* Connection input broken; output may still be intact */
433 if (stream_errno != 0 && stream_errno != EPIPE &&
434 stream_errno != ECONNRESET) {
435 http_server_connection_client_error(
436 conn, "Connection lost: read(%s) failed: %s",
437 i_stream_get_name(input),
438 i_stream_get_error(input));
439 http_server_connection_close(&conn, "Read failure");
440 } else {
441 e_debug(conn->event, "Connection lost: "
442 "Remote disconnected");
443
444 if (conn->request_queue_head == NULL) {
445 /* No pending requests; close */
446 http_server_connection_close(
447 &conn, "Remote closed connection");
448 } else if (conn->request_queue_head->state <
449 HTTP_SERVER_REQUEST_STATE_SUBMITTED_RESPONSE) {
450 /* Unfinished request; close */
451 http_server_connection_close(&conn,
452 "Remote closed connection unexpectedly");
453 } else {
454 /* A request is still processing; only drop
455 input io for now. The other end may only have
456 shutdown one direction */
457 conn->input_broken = TRUE;
458 http_server_connection_input_halt(conn);
459 }
460 }
461 return FALSE;
462 }
463 return TRUE;
464 }
465
466 static bool
http_server_connection_finish_request(struct http_server_connection * conn)467 http_server_connection_finish_request(struct http_server_connection *conn)
468 {
469 struct http_server_request *req;
470 enum http_request_parse_error error_code;
471 const char *error;
472 int ret;
473
474 req = conn->request_queue_tail;
475 if (req != NULL &&
476 req->state == HTTP_SERVER_REQUEST_STATE_SUBMITTED_RESPONSE) {
477
478 e_debug(conn->event, "Finish receiving request");
479
480 ret = http_request_parse_finish_payload(conn->http_parser,
481 &error_code, &error);
482 if (ret <= 0 && !http_server_connection_check_input(conn))
483 return FALSE;
484 if (ret < 0) {
485 http_server_connection_ref(conn);
486
487 http_server_connection_client_error(
488 conn, "Client sent invalid request: %s", error);
489
490 switch (error_code) {
491 case HTTP_REQUEST_PARSE_ERROR_PAYLOAD_TOO_LARGE:
492 conn->input_broken = TRUE;
493 http_server_request_fail_close(
494 req, 413, "Payload Too Large");
495 break;
496 case HTTP_REQUEST_PARSE_ERROR_BROKEN_REQUEST:
497 conn->input_broken = TRUE;
498 http_server_request_fail_close(
499 req, 400, "Bad request");
500 break;
501 default:
502 i_unreached();
503 }
504
505 if (http_server_connection_unref_is_closed(conn)) {
506 /* Connection got closed */
507 return FALSE;
508 }
509
510 if (conn->input_broken || conn->close_indicated)
511 http_server_connection_input_halt(conn);
512 return FALSE;
513 }
514 if (ret == 0)
515 return FALSE;
516 http_server_request_ready_to_respond(req);
517 }
518
519 return TRUE;
520 }
521
http_server_connection_input(struct connection * _conn)522 static void http_server_connection_input(struct connection *_conn)
523 {
524 struct http_server_connection *conn =
525 (struct http_server_connection *)_conn;
526 struct http_server_request *req;
527 enum http_request_parse_error error_code;
528 const char *error;
529 bool cont;
530 int ret;
531
532 if (conn->server->shutting_down) {
533 if (!http_server_connection_shut_down(conn))
534 http_server_connection_pipeline_handle_full(conn);
535 return;
536 }
537
538 i_assert(!conn->input_broken && conn->incoming_payload == NULL);
539 i_assert(!conn->close_indicated);
540
541 http_server_connection_reset_idle_timeout(conn);
542
543 if (conn->ssl && conn->ssl_iostream == NULL) {
544 if (http_server_connection_ssl_init(conn) < 0) {
545 /* SSL failed */
546 http_server_connection_close(
547 &conn, "SSL Initialization failed");
548 return;
549 }
550 }
551
552 /* Finish up pending request */
553 if (!http_server_connection_finish_request(conn))
554 return;
555
556 /* Stop handling input here when running ioloop from within request
557 callback; we cannot read the next request, since that could mean
558 recursing request callbacks. */
559 if (conn->in_req_callback) {
560 http_server_connection_input_halt(conn);
561 return;
562 }
563
564 /* Create request object if none was created already */
565 if (conn->request_queue_tail != NULL &&
566 conn->request_queue_tail->state == HTTP_SERVER_REQUEST_STATE_NEW) {
567 if (conn->request_queue_count >
568 conn->server->set.max_pipelined_requests) {
569 /* Pipeline full */
570 http_server_connection_pipeline_handle_full(conn);
571 return;
572 }
573 /* Continue last unfinished request */
574 req = conn->request_queue_tail;
575 } else {
576 if (conn->request_queue_count >=
577 conn->server->set.max_pipelined_requests) {
578 /* Pipeline full */
579 http_server_connection_pipeline_handle_full(conn);
580 return;
581 }
582 /* Start new request */
583 req = http_server_request_new(conn);
584 }
585
586 /* Parse requests */
587 ret = 1;
588 while (!conn->close_indicated && ret != 0) {
589 http_server_connection_ref(conn);
590 while ((ret = http_request_parse_next(
591 conn->http_parser, req->pool, &req->req,
592 &error_code, &error)) > 0) {
593 conn->stats.request_count++;
594 http_server_request_update_event(req);
595 e_debug(conn->event, "Received new request %s "
596 "(%u requests pending; %u maximum)",
597 http_server_request_label(req),
598 conn->request_queue_count,
599 conn->server->set.max_pipelined_requests);
600
601 http_server_request_immune_ref(req);
602 T_BEGIN {
603 cont = http_server_connection_handle_request(conn, req);
604 } T_END;
605 if (!cont) {
606 /* Connection closed or request body not read
607 yet. The request may be destroyed now. */
608 http_server_request_immune_unref(&req);
609 http_server_connection_unref(&conn);
610 return;
611 }
612 if (req->req.connection_close)
613 conn->close_indicated = TRUE;
614 http_server_request_immune_unref(&req);
615
616 if (conn->closed) {
617 /* Connection got closed in destroy callback */
618 break;
619 }
620
621 if (conn->close_indicated) {
622 /* Client indicated it will close after this
623 request; stop trying to read more. */
624 break;
625 }
626
627 /* Finish up pending request if possible */
628 if (!http_server_connection_finish_request(conn)) {
629 http_server_connection_unref(&conn);
630 return;
631 }
632
633 if (http_server_connection_pipeline_is_full(conn)) {
634 /* Pipeline full */
635 http_server_connection_pipeline_handle_full(conn);
636 http_server_connection_unref(&conn);
637 return;
638 }
639
640 /* Start new request */
641 req = http_server_request_new(conn);
642 }
643
644 if (http_server_connection_unref_is_closed(conn)) {
645 /* Connection got closed */
646 return;
647 }
648
649 if (ret <= 0 && !http_server_connection_check_input(conn))
650 return;
651
652 if (ret < 0) {
653 http_server_connection_ref(conn);
654
655 http_server_connection_client_error(
656 conn, "Client sent invalid request: %s", error);
657
658 switch (error_code) {
659 case HTTP_REQUEST_PARSE_ERROR_BROKEN_REQUEST:
660 conn->input_broken = TRUE;
661 /* fall through */
662 case HTTP_REQUEST_PARSE_ERROR_BAD_REQUEST:
663 http_server_request_fail(
664 req, 400, "Bad Request");
665 break;
666 case HTTP_REQUEST_PARSE_ERROR_METHOD_TOO_LONG:
667 conn->input_broken = TRUE;
668 /* fall through */
669 case HTTP_REQUEST_PARSE_ERROR_NOT_IMPLEMENTED:
670 http_server_request_fail(
671 req, 501, "Not Implemented");
672 break;
673 case HTTP_REQUEST_PARSE_ERROR_TARGET_TOO_LONG:
674 conn->input_broken = TRUE;
675 http_server_request_fail_close(
676 req, 414, "URI Too Long");
677 break;
678 case HTTP_REQUEST_PARSE_ERROR_EXPECTATION_FAILED:
679 http_server_request_fail(
680 req, 417, "Expectation Failed");
681 break;
682 case HTTP_REQUEST_PARSE_ERROR_PAYLOAD_TOO_LARGE:
683 conn->input_broken = TRUE;
684 http_server_request_fail_close(
685 req, 413, "Payload Too Large");
686 break;
687 default:
688 i_unreached();
689 }
690
691 if (http_server_connection_unref_is_closed(conn)) {
692 /* Connection got closed */
693 return;
694 }
695 }
696
697 if (conn->input_broken || conn->close_indicated) {
698 http_server_connection_input_halt(conn);
699 return;
700 }
701 }
702 }
703
http_server_connection_handle_output_error(struct http_server_connection * conn)704 void http_server_connection_handle_output_error(
705 struct http_server_connection *conn)
706 {
707 struct ostream *output = conn->conn.output;
708
709 if (conn->closed)
710 return;
711
712 if (output->stream_errno != EPIPE &&
713 output->stream_errno != ECONNRESET) {
714 e_error(conn->event, "Connection lost: write(%s) failed: %s",
715 o_stream_get_name(output),
716 o_stream_get_error(output));
717 http_server_connection_close(
718 &conn, "Write failure");
719 } else {
720 e_debug(conn->event, "Connection lost: Remote disconnected");
721 http_server_connection_close(
722 &conn, "Remote closed connection unexpectedly");
723 }
724 }
725
726 enum _output_result {
727 /* Error */
728 _OUTPUT_ERROR = -1,
729 /* Output blocked */
730 _OUTPUT_BLOCKED = 0,
731 /* Successful, but no more responses are ready to be sent */
732 _OUTPUT_FINISHED = 1,
733 /* Successful and more responses can be sent */
734 _OUTPUT_AVAILABLE = 2,
735 };
736
737 static enum _output_result
http_server_connection_next_response(struct http_server_connection * conn)738 http_server_connection_next_response(struct http_server_connection *conn)
739 {
740 struct http_server_request *req;
741 int ret;
742
743 if (conn->output_locked)
744 return _OUTPUT_FINISHED;
745
746 req = conn->request_queue_head;
747 if (req == NULL || req->state == HTTP_SERVER_REQUEST_STATE_NEW) {
748 /* No requests pending */
749 e_debug(conn->event, "No more requests pending");
750 http_server_connection_start_idle_timeout(conn);
751 return _OUTPUT_FINISHED;
752 }
753 if (req->state < HTTP_SERVER_REQUEST_STATE_READY_TO_RESPOND) {
754 if (req->state == HTTP_SERVER_REQUEST_STATE_PROCESSING) {
755 /* Server is causing idle time */
756 e_debug(conn->event, "Not ready to respond: "
757 "Server is processing");
758 http_server_connection_stop_idle_timeout(conn);
759 } else {
760 /* Client is causing idle time */
761 e_debug(conn->event, "Not ready to respond: "
762 "Waiting for client");
763 http_server_connection_start_idle_timeout(conn);
764 }
765
766 /* send 100 Continue if appropriate */
767 if (req->state >= HTTP_SERVER_REQUEST_STATE_QUEUED &&
768 conn->incoming_payload != NULL &&
769 req->response == NULL && req->req.version_minor >= 1 &&
770 req->req.expect_100_continue && !req->payload_halted &&
771 !req->sent_100_continue) {
772 static const char *response =
773 "HTTP/1.1 100 Continue\r\n\r\n";
774 struct ostream *output = conn->conn.output;
775
776 if (o_stream_send(output, response,
777 strlen(response)) < 0) {
778 http_server_connection_handle_output_error(conn);
779 return _OUTPUT_ERROR;
780 }
781
782 e_debug(conn->event, "Sent 100 Continue");
783 req->sent_100_continue = TRUE;
784 }
785 return _OUTPUT_FINISHED;
786 }
787
788 i_assert(req->state == HTTP_SERVER_REQUEST_STATE_READY_TO_RESPOND &&
789 req->response != NULL);
790
791 e_debug(conn->event, "Sending response");
792 http_server_connection_start_idle_timeout(conn);
793
794 http_server_request_immune_ref(req);
795 ret = http_server_response_send(req->response);
796 http_server_request_immune_unref(&req);
797
798 if (ret < 0)
799 return _OUTPUT_ERROR;
800
801 http_server_connection_reset_idle_timeout(conn);
802 if (ret == 0)
803 return _OUTPUT_BLOCKED;
804 if (conn->output_locked)
805 return _OUTPUT_FINISHED;
806 return _OUTPUT_AVAILABLE;
807 }
808
809 static int
http_server_connection_send_responses(struct http_server_connection * conn)810 http_server_connection_send_responses(struct http_server_connection *conn)
811 {
812 enum _output_result ores = _OUTPUT_AVAILABLE;
813
814 http_server_connection_ref(conn);
815
816 /* Send more responses until no more responses remain, the output
817 blocks again, or the connection is closed */
818 while (!conn->closed && ores == _OUTPUT_AVAILABLE)
819 ores = http_server_connection_next_response(conn);
820
821 if (http_server_connection_unref_is_closed(conn) ||
822 ores == _OUTPUT_ERROR)
823 return -1;
824
825 /* Accept more requests if possible */
826 if (conn->incoming_payload == NULL &&
827 (conn->request_queue_count <
828 conn->server->set.max_pipelined_requests) &&
829 !conn->server->shutting_down)
830 http_server_connection_input_resume(conn);
831
832 switch (ores) {
833 case _OUTPUT_ERROR:
834 case _OUTPUT_AVAILABLE:
835 break;
836 case _OUTPUT_BLOCKED:
837 return 0;
838 case _OUTPUT_FINISHED:
839 return 1;
840 }
841 i_unreached();
842 }
843
http_server_connection_flush(struct http_server_connection * conn)844 int http_server_connection_flush(struct http_server_connection *conn)
845 {
846 struct ostream *output = conn->conn.output;
847 int ret;
848
849 if ((ret = o_stream_flush(output)) <= 0) {
850 if (ret < 0)
851 http_server_connection_handle_output_error(conn);
852 return ret;
853 }
854
855 http_server_connection_reset_idle_timeout(conn);
856 return 0;
857 }
858
http_server_connection_output(struct http_server_connection * conn)859 int http_server_connection_output(struct http_server_connection *conn)
860 {
861 bool pipeline_was_full =
862 http_server_connection_pipeline_is_full(conn);
863 int ret = 1;
864
865 if (http_server_connection_flush(conn) < 0)
866 return -1;
867
868 if (!conn->output_locked) {
869 ret = http_server_connection_send_responses(conn);
870 if (ret < 0)
871 return -1;
872 } else if (conn->request_queue_head != NULL) {
873 struct http_server_request *req = conn->request_queue_head;
874 struct http_server_response *resp = req->response;
875
876 i_assert(resp != NULL);
877
878 http_server_connection_ref(conn);
879
880 http_server_request_immune_ref(req);
881 ret = http_server_response_send_more(resp);
882 http_server_request_immune_unref(&req);
883
884 if (http_server_connection_unref_is_closed(conn) || ret < 0)
885 return -1;
886
887 if (!conn->output_locked) {
888 /* Room for more responses */
889 ret = http_server_connection_send_responses(conn);
890 if (ret < 0)
891 return -1;
892 } else if (conn->io_resp_payload != NULL) {
893 /* Server is causing idle time */
894 e_debug(conn->event, "Not ready to continue response: "
895 "Server is producing response");
896 http_server_connection_stop_idle_timeout(conn);
897 } else {
898 /* Client is causing idle time */
899 e_debug(conn->event, "Not ready to continue response: "
900 "Waiting for client");
901 http_server_connection_start_idle_timeout(conn);
902 }
903 }
904
905 if (conn->server->shutting_down &&
906 http_server_connection_shut_down(conn))
907 return 1;
908
909 if (!http_server_connection_pipeline_is_full(conn)) {
910 http_server_connection_input_resume(conn);
911 if (pipeline_was_full && conn->conn.io != NULL)
912 http_server_connection_input_set_pending(conn);
913 }
914
915 return ret;
916 }
917
http_server_connection_output_trigger(struct http_server_connection * conn)918 void http_server_connection_output_trigger(struct http_server_connection *conn)
919 {
920 if (conn->conn.output == NULL)
921 return;
922 o_stream_set_flush_pending(conn->conn.output, TRUE);
923 }
924
http_server_connection_output_halt(struct http_server_connection * conn)925 void http_server_connection_output_halt(struct http_server_connection *conn)
926 {
927 conn->output_halted = TRUE;
928
929 if (conn->conn.output == NULL)
930 return;
931
932 o_stream_unset_flush_callback(conn->conn.output);
933 }
934
http_server_connection_output_resume(struct http_server_connection * conn)935 void http_server_connection_output_resume(struct http_server_connection *conn)
936 {
937 if (conn->output_halted) {
938 conn->output_halted = FALSE;
939 o_stream_set_flush_callback(conn->conn.output,
940 http_server_connection_output, conn);
941 }
942 }
943
http_server_connection_pending_payload(struct http_server_connection * conn)944 bool http_server_connection_pending_payload(
945 struct http_server_connection *conn)
946 {
947 return http_request_parser_pending_payload(conn->http_parser);
948 }
949
950 static struct connection_settings http_server_connection_set = {
951 .input_max_size = SIZE_MAX,
952 .output_max_size = SIZE_MAX,
953 .client = FALSE,
954 .log_connection_id = TRUE,
955 };
956
957 static const struct connection_vfuncs http_server_connection_vfuncs = {
958 .destroy = http_server_connection_destroy,
959 .input = http_server_connection_input
960 };
961
http_server_connection_list_init(void)962 struct connection_list *http_server_connection_list_init(void)
963 {
964 return connection_list_init(&http_server_connection_set,
965 &http_server_connection_vfuncs);
966 }
967
968 struct http_server_connection *
http_server_connection_create(struct http_server * server,int fd_in,int fd_out,bool ssl,const struct http_server_callbacks * callbacks,void * context)969 http_server_connection_create(struct http_server *server,
970 int fd_in, int fd_out, bool ssl,
971 const struct http_server_callbacks *callbacks,
972 void *context)
973 {
974 const struct http_server_settings *set = &server->set;
975 struct http_server_connection *conn;
976 struct event *conn_event;
977
978 i_assert(!server->shutting_down);
979
980 conn = i_new(struct http_server_connection, 1);
981 conn->refcount = 1;
982 conn->server = server;
983 conn->ioloop = current_ioloop;
984 conn->ssl = ssl;
985 conn->callbacks = callbacks;
986 conn->context = context;
987
988 net_set_nonblock(fd_in, TRUE);
989 if (fd_in != fd_out)
990 net_set_nonblock(fd_out, TRUE);
991 (void)net_set_tcp_nodelay(fd_out, TRUE);
992
993 if (set->socket_send_buffer_size > 0 &&
994 net_set_send_buffer_size(fd_out,
995 set->socket_send_buffer_size) < 0) {
996 e_error(conn->event,
997 "net_set_send_buffer_size(%zu) failed: %m",
998 set->socket_send_buffer_size);
999 }
1000 if (set->socket_recv_buffer_size > 0 &&
1001 net_set_recv_buffer_size(fd_in,
1002 set->socket_recv_buffer_size) < 0) {
1003 e_error(conn->event,
1004 "net_set_recv_buffer_size(%zu) failed: %m",
1005 set->socket_recv_buffer_size);
1006 }
1007
1008 conn_event = event_create(server->event);
1009 conn->conn.event_parent = conn_event;
1010 connection_init_server(server->conn_list, &conn->conn, NULL,
1011 fd_in, fd_out);
1012 conn->event = conn->conn.event;
1013 event_unref(&conn_event);
1014
1015 if (!ssl)
1016 http_server_connection_ready(conn);
1017 http_server_connection_start_idle_timeout(conn);
1018
1019 e_debug(conn->event, "Connection created");
1020 return conn;
1021 }
1022
http_server_connection_ref(struct http_server_connection * conn)1023 void http_server_connection_ref(struct http_server_connection *conn)
1024 {
1025 i_assert(conn->refcount > 0);
1026 conn->refcount++;
1027 }
1028
1029 static void
http_server_connection_disconnect(struct http_server_connection * conn,const char * reason)1030 http_server_connection_disconnect(struct http_server_connection *conn,
1031 const char *reason)
1032 {
1033 struct http_server_request *req, *req_next;
1034
1035 if (conn->closed)
1036 return;
1037
1038 if (reason == NULL)
1039 reason = "Connection closed";
1040 e_debug(conn->event, "Disconnected: %s", reason);
1041 conn->disconnect_reason = i_strdup(reason);
1042 conn->closed = TRUE;
1043
1044 /* Preserve statistics */
1045 http_server_connection_update_stats(conn);
1046
1047 if (conn->incoming_payload != NULL) {
1048 /* The stream is still accessed by lib-http caller. */
1049 i_stream_remove_destroy_callback(conn->incoming_payload,
1050 http_server_payload_destroyed);
1051 conn->incoming_payload = NULL;
1052 }
1053 if (conn->payload_handler != NULL)
1054 http_server_payload_handler_destroy(&conn->payload_handler);
1055
1056 /* Drop all requests before connection is closed */
1057 req = conn->request_queue_head;
1058 while (req != NULL) {
1059 req_next = req->next;
1060 http_server_request_abort(&req, reason);
1061 req = req_next;
1062 }
1063
1064 timeout_remove(&conn->to_input);
1065 timeout_remove(&conn->to_idle);
1066 io_remove(&conn->io_resp_payload);
1067 if (conn->conn.output != NULL)
1068 o_stream_uncork(conn->conn.output);
1069
1070 if (conn->http_parser != NULL)
1071 http_request_parser_deinit(&conn->http_parser);
1072 connection_disconnect(&conn->conn);
1073 }
1074
http_server_connection_unref(struct http_server_connection ** _conn)1075 bool http_server_connection_unref(struct http_server_connection **_conn)
1076 {
1077 struct http_server_connection *conn = *_conn;
1078
1079 i_assert(conn->refcount > 0);
1080
1081 *_conn = NULL;
1082 if (--conn->refcount > 0)
1083 return TRUE;
1084
1085 http_server_connection_disconnect(conn, NULL);
1086
1087 e_debug(conn->event, "Connection destroy");
1088
1089 ssl_iostream_destroy(&conn->ssl_iostream);
1090 connection_deinit(&conn->conn);
1091
1092 if (conn->callbacks != NULL &&
1093 conn->callbacks->connection_destroy != NULL) T_BEGIN {
1094 conn->callbacks->connection_destroy(conn->context,
1095 conn->disconnect_reason);
1096 } T_END;
1097
1098 i_free(conn->disconnect_reason);
1099 i_free(conn);
1100 return FALSE;
1101 }
1102
1103 static bool
http_server_connection_unref_is_closed(struct http_server_connection * conn)1104 http_server_connection_unref_is_closed(struct http_server_connection *conn)
1105 {
1106 bool closed = conn->closed;
1107
1108 if (!http_server_connection_unref(&conn))
1109 closed = TRUE;
1110 return closed;
1111 }
1112
http_server_connection_close(struct http_server_connection ** _conn,const char * reason)1113 void http_server_connection_close(struct http_server_connection **_conn,
1114 const char *reason)
1115 {
1116 struct http_server_connection *conn = *_conn;
1117
1118 http_server_connection_disconnect(conn, reason);
1119 http_server_connection_unref(_conn);
1120 }
1121
http_server_connection_tunnel(struct http_server_connection ** _conn,http_server_tunnel_callback_t callback,void * context)1122 void http_server_connection_tunnel(struct http_server_connection **_conn,
1123 http_server_tunnel_callback_t callback,
1124 void *context)
1125 {
1126 struct http_server_connection *conn = *_conn;
1127 struct http_server_tunnel tunnel;
1128
1129 /* Preserve statistics */
1130 http_server_connection_update_stats(conn);
1131
1132 i_zero(&tunnel);
1133 tunnel.input = conn->conn.input;
1134 tunnel.output = conn->conn.output;
1135 tunnel.fd_in = conn->conn.fd_in;
1136 tunnel.fd_out = conn->conn.fd_out;
1137
1138 conn->conn.input = NULL;
1139 conn->conn.output = NULL;
1140 conn->conn.fd_in = conn->conn.fd_out = -1;
1141 http_server_connection_close(_conn, "Tunnel initiated");
1142
1143 callback(context, &tunnel);
1144 }
1145
1146 struct ioloop *
http_server_connection_switch_ioloop_to(struct http_server_connection * conn,struct ioloop * ioloop)1147 http_server_connection_switch_ioloop_to(struct http_server_connection *conn,
1148 struct ioloop *ioloop)
1149 {
1150 struct ioloop *prev_ioloop = conn->ioloop;
1151
1152 if (conn->ioloop_switching != NULL)
1153 return conn->ioloop_switching;
1154
1155 conn->ioloop = ioloop;
1156 conn->ioloop_switching = prev_ioloop;
1157 connection_switch_ioloop_to(&conn->conn, ioloop);
1158 if (conn->to_input != NULL) {
1159 conn->to_input =
1160 io_loop_move_timeout_to(ioloop, &conn->to_input);
1161 }
1162 if (conn->to_idle != NULL) {
1163 conn->to_idle =
1164 io_loop_move_timeout_to(ioloop, &conn->to_idle);
1165 }
1166 if (conn->io_resp_payload != NULL) {
1167 conn->io_resp_payload =
1168 io_loop_move_io_to(ioloop, &conn->io_resp_payload);
1169 }
1170 if (conn->payload_handler != NULL) {
1171 http_server_payload_handler_switch_ioloop(
1172 conn->payload_handler, ioloop);
1173 }
1174 if (conn->incoming_payload != NULL)
1175 i_stream_switch_ioloop_to(conn->incoming_payload, ioloop);
1176 conn->ioloop_switching = NULL;
1177
1178 return prev_ioloop;
1179 }
1180
1181 struct ioloop *
http_server_connection_switch_ioloop(struct http_server_connection * conn)1182 http_server_connection_switch_ioloop(struct http_server_connection *conn)
1183 {
1184 return http_server_connection_switch_ioloop_to(conn, current_ioloop);
1185 }
1186