1 # Copyright (C) all contributors <meta@public-inbox.org>
2 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
4 # Generic PSGI server for convenience. It aims to provide
5 # a consistent experience for public-inbox admins so they don't have
6 # to learn different ways to admin both NNTP and HTTP components.
7 # There's nothing which depends on public-inbox, here.
8 # Each instance of this class represents a HTTP client socket
11 # httpd: PublicInbox::HTTPD ref
12 # env: PSGI env hashref
13 # input_left: bytes left to read in request body (e.g. POST/PUT)
14 # remote_addr: remote IP address as a string (e.g. "127.0.0.1")
15 # remote_port: peer port
16 # forward: response body object, response to ->getline + ->close
17 # alive: HTTP keepalive state:
18 # 0: drop connection when done
19 # 1: keep connection when done
20 # 2: keep connection, chunk responses
21 package PublicInbox::HTTP;
23 use parent qw(PublicInbox::DS);
25 use Plack::HTTPParser qw(parse_http_request); # XS or pure Perl
27 use HTTP::Status qw(status_message);
28 use HTTP::Date qw(time2str);
29 use PublicInbox::DS qw(msg_more);
30 use PublicInbox::Syscall qw(EPOLLIN EPOLLONESHOT);
31 use PublicInbox::Tmpfile;
33 CHUNK_START => -1, # [a-f0-9]+\r\n
34 CHUNK_END => -2, # \r\n
35 CHUNK_ZEND => -3, # \r\n
40 # Use the same configuration parameter as git since this is primarily
41 # a slow-client sponge for git-http-backend
42 # TODO: support per-respository http.maxRequestBuffer somehow...
43 our $MAX_REQUEST_BUFFER = $ENV{GIT_HTTP_MAX_REQUEST_BUFFER} ||
46 open(my $null_io, '<', '/dev/null') or die "open /dev/null: $!";
48 my @n = stat($null_io) or die "stat(/dev/null): $!";
49 my @i = stat(STDIN) or die "stat(STDIN): $!";
50 $null_io = *STDIN{IO} if "@n[0, 1]" eq "@i[0, 1]";
57 $now == $prev ? $http_date : ($http_date = time2str($prev = $now));
61 my ($class, $sock, $addr, $srv_env) = @_;
62 my $self = bless { srv_env => $srv_env }, $class;
65 if ($sock->can('accept_SSL') && !$sock->accept_SSL) {
66 return CORE::close($sock) if $! != EAGAIN;
67 $ev = PublicInbox::TLS::epollbit() or return CORE::close($sock);
68 $wbuf = [ \&PublicInbox::DS::accept_tls_step ];
70 $self->{wbuf} = $wbuf if $wbuf;
71 ($self->{remote_addr}, $self->{remote_port}) =
72 PublicInbox::Daemon::host_with_port($addr);
73 $self->SUPER::new($sock, $ev | EPOLLONESHOT);
76 sub event_step { # called by PublicInbox::DS
78 local $SIG{__WARN__} = $self->{srv_env}->{'pi-httpd.warn_cb'};
79 return unless $self->flush_write && $self->{sock};
81 # only read more requests if we've drained the write buffer,
82 # otherwise we can be buffering infinitely w/o backpressure
84 return read_input($self) if ref($self->{env});
86 my $rbuf = $self->{rbuf} // (\(my $x = ''));
87 my %env = %{$self->{srv_env}}; # full hash copy
89 while (($r = parse_http_request($$rbuf, \%env)) < 0) {
90 # We do not support Trailers in chunked requests, for
91 # now (they are rarely-used and git (as of 2.7.2) does
93 # this length-check is necessary for PURE_PERL=1:
94 if ($r == -1 || $env{HTTP_TRAILER} ||
95 ($r == -2 && length($$rbuf) > 0x4000)) {
96 return quit($self, 400);
98 $self->do_read($rbuf, 8192, length($$rbuf)) or return;
100 return quit($self, 400) if grep(/\s/, keys %env); # stop smugglers
101 $$rbuf = substr($$rbuf, $r);
102 my $len = input_prepare($self, \%env) //
103 return write_err($self, undef); # EMFILE/ENFILE
105 $len ? read_input($self, $rbuf) : app_dispatch($self, undef, $rbuf);
108 sub read_input ($;$) {
109 my ($self, $rbuf) = @_;
110 $rbuf //= $self->{rbuf} // (\(my $x = ''));
111 my $env = $self->{env};
112 return read_input_chunked($self, $rbuf) if env_chunked($env);
114 # env->{CONTENT_LENGTH} (identity)
115 my $len = delete $self->{input_left};
116 my $input = $env->{'psgi.input'};
120 my $w = syswrite($input, $$rbuf, $len);
121 return write_err($self, $len) unless $w;
123 die "BUG: $len < 0 (w=$w)" if $len < 0;
124 if ($len == 0) { # next request may be pipelined
125 $$rbuf = substr($$rbuf, $w);
130 $self->do_read($rbuf, 8192) or return recv_err($self, $len);
131 # continue looping if $r > 0;
133 app_dispatch($self, $input, $rbuf);
137 my ($self, $input, $rbuf) = @_;
138 $self->rbuf_idle($rbuf);
139 my $env = $self->{env};
140 $self->{env} = undef; # for exists() check in ->busy
141 $env->{REMOTE_ADDR} = $self->{remote_addr};
142 $env->{REMOTE_PORT} = $self->{remote_port};
143 if (defined(my $host = $env->{HTTP_HOST})) {
144 $host =~ s/:([0-9]+)\z// and $env->{SERVER_PORT} = $1 + 0;
145 $env->{SERVER_NAME} = $host;
147 if (defined $input) {
148 sysseek($input, 0, SEEK_SET) or
149 die "BUG: psgi.input seek failed: $!";
151 # note: NOT $self->{sock}, we want our close (+ PublicInbox::DS::close),
152 # to do proper cleanup:
153 $env->{'psgix.io'} = $self; # for ->close or async_pass
154 my $res = Plack::Util::run_app($env->{'pi-httpd.app'}, $env);
156 if (ref($res) eq 'CODE') {
157 $res->(sub { response_write($self, $env, $_[0]) });
159 response_write($self, $env, $res);
163 warn "response_write error: $@";
168 sub response_header_write {
169 my ($self, $env, $res) = @_;
170 my $proto = $env->{SERVER_PROTOCOL} or return; # HTTP/0.9 :P
171 my $status = $res->[0];
172 my $h = "$proto $status " . status_message($status) . "\r\n";
174 my $headers = $res->[1];
176 for (my $i = 0; $i < @$headers; $i += 2) {
177 my $k = $headers->[$i];
178 my $v = $headers->[$i + 1];
179 next if $k =~ /\A(?:Connection|Date)\z/i;
181 $len = $v if $k =~ /\AContent-Length\z/i;
182 if ($k =~ /\ATransfer-Encoding\z/i && $v =~ /\bchunked\b/i) {
188 my $conn = $env->{HTTP_CONNECTION} || '';
189 my $term = defined($len) || $chunked;
190 my $prot_persist = ($proto eq 'HTTP/1.1') && ($conn !~ /\bclose\b/i);
192 if (!$term && $prot_persist) { # auto-chunk
193 $chunked = $alive = 2;
194 $alive = 3 if $env->{REQUEST_METHOD} eq 'HEAD';
195 $h .= "Transfer-Encoding: chunked\r\n";
196 # no need for "Connection: keep-alive" with HTTP/1.1
197 } elsif ($term && ($prot_persist || ($conn =~ /\bkeep-alive\b/i))) {
199 $h .= "Connection: keep-alive\r\n";
202 $h .= "Connection: close\r\n";
204 $h .= 'Date: ' . http_date() . "\r\n\r\n";
206 if (($len || $chunked) && $env->{REQUEST_METHOD} ne 'HEAD') {
214 # middlewares such as Deflater may write empty strings
215 sub chunked_write ($$) {
217 return if $_[1] eq '';
218 msg_more($self, sprintf("%x\r\n", length($_[1])));
219 msg_more($self, $_[1]);
221 # use $self->write(\"\n\n") if you care about real-time
222 # streaming responses, public-inbox WWW does not.
223 msg_more($self, "\r\n");
226 sub identity_write ($$) {
228 $self->write(\($_[1])) if $_[1] ne '';
232 my ($self, $alive) = @_;
233 delete $self->{env}; # we're no longer busy
234 # HEAD requests set $alive = 3 so we don't send "0\r\n\r\n";
235 $self->write(\"0\r\n\r\n") if $alive == 2;
236 $self->write($alive ? $self->can('requeue') : \&close);
241 my $forward = $self->{forward};
243 # limit our own running time for fairness with other
244 # clients and to avoid buffering too much:
251 # may close in PublicInbox::DS::write
252 if ($self->{alive} == 2) {
253 chunked_write($self, $buf);
255 identity_write($self, $buf);
260 my $new_size = push(@{$self->{wbuf}}, \&getline_pull);
262 # wbuf may be populated by {chunked,identity}_write()
263 # above, no need to rearm if so:
264 $self->requeue if $new_size == 1;
268 warn "response ->getline error: $@";
272 if (delete $self->{forward}) {
273 eval { $forward->close };
275 warn "response ->close error: $@";
276 $self->close; # idempotent
279 response_done($self, delete $self->{alive});
283 my ($self, $env, $res) = @_;
284 my $alive = response_header_write($self, $env, $res);
285 if (defined(my $body = $res->[2])) {
286 if (ref $body eq 'ARRAY') {
288 chunked_write($self, $_) for @$body;
290 identity_write($self, $_) for @$body;
292 response_done($self, $alive);
294 $self->{forward} = $body;
295 $self->{alive} = $alive;
296 getline_pull($self); # kick-off!
298 # these are returned to the calling application:
299 } elsif ($alive >= 2) {
300 bless [ $self, $alive ], 'PublicInbox::HTTP::Chunked';
302 bless [ $self, $alive ], 'PublicInbox::HTTP::Identity';
307 my ($self, $env) = @_;
310 # rfc 7230 3.3.2, 3.3.3,: favor Transfer-Encoding over Content-Length
311 my $hte = $env->{HTTP_TRANSFER_ENCODING};
313 # rfc7230 3.3.3, point 3 says only chunked is accepted
314 # as the final encoding. Since neither public-inbox-httpd,
315 # git-http-backend, or our WWW-related code uses "gzip",
316 # "deflate" or "compress" as the Transfer-Encoding, we'll
318 return quit($self, 400) if $hte !~ /\Achunked\z/i;
321 $input = tmpfile('http.input', $self->{sock});
323 $len = $env->{CONTENT_LENGTH};
326 return quit($self, 400) if $len !~ /\A[0-9]+\z/;
327 return quit($self, 413) if $len > $MAX_REQUEST_BUFFER;
328 $input = $len ? tmpfile('http.input', $self->{sock})
335 # TODO: expire idle clients on ENFILE / EMFILE
336 $env->{'psgi.input'} = $input // return;
338 $self->{input_left} = $len || 0;
341 sub env_chunked { ($_[0]->{HTTP_TRANSFER_ENCODING} // '') =~ /\Achunked\z/i }
344 my ($self, $len) = @_;
345 my $msg = $! || '(zero write)';
346 $msg .= " ($len bytes remaining)" if defined $len;
347 warn "error buffering to input: $msg";
352 my ($self, $len) = @_;
353 if ($! == EAGAIN) { # epoll/kevent watch already set by do_read
354 $self->{input_left} = $len;
356 warn "error reading input: $! ($len bytes remaining)";
360 sub read_input_chunked { # unlikely...
361 my ($self, $rbuf) = @_;
362 $rbuf //= $self->{rbuf} // (\(my $x = ''));
363 my $input = $self->{env}->{'psgi.input'};
364 my $len = delete $self->{input_left};
366 while (1) { # chunk start
367 if ($len == CHUNK_ZEND) {
368 $$rbuf =~ s/\A\r\n//s and
369 return app_dispatch($self, $input, $rbuf);
371 return quit($self, 400) if length($$rbuf) > 2;
373 if ($len == CHUNK_END) {
374 if ($$rbuf =~ s/\A\r\n//s) {
376 } elsif (length($$rbuf) > 2) {
377 return quit($self, 400);
380 if ($len == CHUNK_START) {
381 if ($$rbuf =~ s/\A([a-f0-9]+).*?\r\n//i) {
383 if (($len + -s $input) > $MAX_REQUEST_BUFFER) {
384 return quit($self, 413);
386 } elsif (length($$rbuf) > CHUNK_MAX_HDR) {
387 return quit($self, 400);
389 # will break from loop since $len >= 0
392 if ($len < 0) { # chunk header is trickled, read more
393 $self->do_read($rbuf, 8192, length($$rbuf)) or
394 return recv_err($self, $len);
395 # (implicit) goto chunk_start if $r > 0;
397 $len = CHUNK_ZEND if $len == 0;
399 # drain the current chunk
402 my $w = syswrite($input, $$rbuf, $len);
403 return write_err($self, "$len chunk") if !$w;
406 # we may have leftover data to parse
408 $$rbuf = substr($$rbuf, $w);
411 die "BUG: len < 0: $len";
417 # read more of current chunk
418 $self->do_read($rbuf, 8192) or
419 return recv_err($self, $len);
426 my ($self, $status) = @_;
427 my $h = "HTTP/1.1 $status " . status_message($status) . "\r\n\r\n";
430 undef; # input_prepare expects this
435 if (my $forward = delete $self->{forward}) {
436 eval { $forward->close };
437 warn "forward ->close error: $@" if $@;
439 $self->SUPER::close; # PublicInbox::DS::close
442 sub busy { # for graceful shutdown in PublicInbox::Daemon:
444 defined($self->{rbuf}) || exists($self->{env}) || defined($self->{wbuf})
447 # runs $cb on the next iteration of the event loop at earliest
449 my ($self, $cb) = @_;
450 return unless exists $self->{sock};
451 $self->requeue if 1 == push(@{$self->{wbuf}}, $cb);
454 # Chunked and Identity packages are used for writing responses.
455 # They may be exposed to the PSGI application when the PSGI app
456 # returns a CODE ref for "push"-based responses
457 package PublicInbox::HTTP::Chunked;
461 # ([$http], $buf) = @_;
462 PublicInbox::HTTP::chunked_write($_[0]->[0], $_[1])
466 # $_[0] = [$http, $alive]
467 PublicInbox::HTTP::response_done(@{$_[0]});
470 package PublicInbox::HTTP::Identity;
472 our @ISA = qw(PublicInbox::HTTP::Chunked);
475 # ([$http], $buf) = @_;
476 PublicInbox::HTTP::identity_write($_[0]->[0], $_[1]);