PageRenderTime 64ms CodeModel.GetById 26ms RepoModel.GetById 1ms app.codeStats 0ms

/hphp/runtime/server/transport.cpp

http://github.com/facebook/hiphop-php
C++ | 991 lines | 764 code | 133 blank | 94 comment | 225 complexity | 81f3a6dd8711af71e2a1d504b9748155 MD5 | raw file
Possible License(s): LGPL-2.1, BSD-2-Clause, BSD-3-Clause, MPL-2.0-no-copyleft-exception, MIT, LGPL-2.0, Apache-2.0 
    

  1. /*
    2. 

  2.    +----------------------------------------------------------------------+
    3. 

  3.    | HipHop for PHP                                                       |
    4. 

  4.    +----------------------------------------------------------------------+
    5. 

  5.    | Copyright (c) 2010-present Facebook, Inc. (http://www.facebook.com)  |
    6. 

  6.    +----------------------------------------------------------------------+
    7. 

  7.    | This source file is subject to version 3.01 of the PHP license,      |
    8. 

  8.    | that is bundled with this package in the file LICENSE, and is        |
    9. 

  9.    | available through the world-wide-web at the following url:           |
    10. 

  10.    | http://www.php.net/license/3_01.txt                                  |
    11. 

  11.    | If you did not receive a copy of the PHP license and are unable to   |
    12. 

  12.    | obtain it through the world-wide-web, please send a note to          |
    13. 

  13.    | license@php.net so we can mail you a copy immediately.               |
    14. 

  14.    +----------------------------------------------------------------------+
    15. 

  15. */
    16. 

  16. 

  17. #include "hphp/runtime/server/transport.h"
    18. 

  18. 

  19. #include "hphp/runtime/server/server.h"
    20. 

  20. #include "hphp/runtime/server/upload.h"
    21. 

  21. #include "hphp/runtime/server/server-stats.h"
    22. 

  22. #include "hphp/runtime/base/builtin-functions.h"
    23. 

  23. #include "hphp/runtime/base/file.h"
    24. 

  24. #include "hphp/runtime/base/string-util.h"
    25. 

  25. #include "hphp/runtime/base/datetime.h"
    26. 

  26. #include "hphp/runtime/base/runtime-option.h"
    27. 

  27. #include "hphp/runtime/base/url.h"
    28. 

  28. #include "hphp/runtime/base/zend-url.h"
    29. 

  29. #include "hphp/runtime/base/tv-type.h"
    30. 

  30. #include "hphp/runtime/server/access-log.h"
    31. 

  31. #include "hphp/runtime/server/http-protocol.h"
    32. 

  32. #include "hphp/runtime/server/compression.h"
    33. 

  33. #include "hphp/runtime/ext/openssl/ext_openssl.h"
    34. 

  34. #include "hphp/runtime/ext/string/ext_string.h"
    35. 

  35. 

  36. #include "hphp/util/compatibility.h"
    37. 

  37. #include "hphp/util/hardware-counter.h"
    38. 

  38. #include "hphp/util/logger.h"
    39. 

  39. #include "hphp/util/service-data.h"
    40. 

  40. #include "hphp/util/struct-log.h"
    41. 

  41. #include "hphp/util/text-util.h"
    42. 

  42. #include "hphp/util/timer.h"
    43. 

  43. 

  44. #include <folly/Random.h>
    45. 

  45. #include <folly/String.h>
    46. 

  46. 

  47. namespace HPHP {
    48. 

  48. ///////////////////////////////////////////////////////////////////////////////
    49. 

  49. 

  50. static const char HTTP_RESPONSE_STATS_PREFIX[] = "http_response_";
    51. 

  51. 

  52. Transport::Transport()
    53. 

  53.   : m_instructions(0), m_sleepTime(0), m_usleepTime(0),
    54. 

  54.     m_nsleepTimeS(0), m_nsleepTimeN(0), m_url(nullptr),
    55. 

  55.     m_postData(nullptr), m_postDataParsed(false),
    56. 

  56.     m_chunkedEncoding(false), m_headerSent(false),
    57. 

  57.     m_responseCode(-1), m_firstHeaderSet(false), m_firstHeaderLine(0),
    58. 

  58.     m_responseSize(0), m_responseTotalSize(0), m_responseSentSize(0),
    59. 

  59.     m_flushTimeUs(0), m_sendEnded(false), m_sendContentType(true),
    60. 

  60.     m_isSSL(false), m_threadType(ThreadType::RequestThread) {
    61. 

  61.   memset(&m_queueTime, 0, sizeof(m_queueTime));
    62. 

  62.   memset(&m_wallTime, 0, sizeof(m_wallTime));
    63. 

  63.   memset(&m_cpuTime, 0, sizeof(m_cpuTime));
    64. 

  64.   m_chunksSentSizes.clear();
    65. 

  65. }
    66. 

  66. 

  67. Transport::~Transport() {
    68. 

  68.   if (m_url) {
    69. 

  69.     free(m_url);
    70. 

  70.   }
    71. 

  71.   if (m_postData) {
    72. 

  72.     free(m_postData);
    73. 

  73.   }
    74. 

  74.   m_chunksSentSizes.clear();
    75. 

  75. }
    76. 

  76. 

  77. void Transport::onRequestStart(const timespec &queueTime) {
    78. 

  78.   m_queueTime = queueTime;
    79. 

  79.   Timer::GetMonotonicTime(m_wallTime);
    80. 

  80. #ifdef CLOCK_THREAD_CPUTIME_ID
    81. 

  81.   gettime(CLOCK_THREAD_CPUTIME_ID, &m_cpuTime);
    82. 

  82. #endif
    83. 

  83.   /*
    84. 

  84.    * The hardware counter is only 48 bits, so reset this at the beginning
    85. 

  85.    * of every request to make sure we don't overflow.
    86. 

  86.    */
    87. 

  87.   HardwareCounter::Reset();
    88. 

  88.   m_instructions = HardwareCounter::GetInstructionCount();
    89. 

  89. 

  90.   auto const rate = RuntimeOption::EvalTraceServerRequestRate;
    91. 

  91.   if (rate && folly::Random::rand32(rate) == 0) forceInitRequestTrace();
    92. 

  92. }
    93. 

  93. 

  94. const char *Transport::getMethodName() {
    95. 

  95.   switch (getMethod()) {
    96. 

  96.   case Method::GET:  return "GET";
    97. 

  97.   case Method::HEAD: return "HEAD";
    98. 

  98.   case Method::POST: {
    99. 

  99.     const char *m = getExtendedMethod();
    100. 

  100.     return m ? m : "POST";
    101. 

  101.   }
    102. 

  102.   case Method::Unknown: {
    103. 

  103.     // m should really never be nullptr. "Unknown" is an actionable log line
    104. 

  104.     // since it indicates a missing HTTP method (since it is not capitalized).
    105. 

  105.     const char *m = getExtendedMethod();
    106. 

  106.     return m ? m : "Unknown";
    107. 

  107.   }
    108. 

  108.   default:
    109. 

  109.     break;
    110. 

  110.   }
    111. 

  111.   return "";
    112. 

  112. }
    113. 

  113. 

  114. ///////////////////////////////////////////////////////////////////////////////
    115. 

  115. // url
    116. 

  116. 

  117. const char *Transport::getServerObject() {
    118. 

  118.   const char *url = getUrl();
    119. 

  119.   return URL::getServerObject(url);
    120. 

  120. }
    121. 

  121. 

  122. std::string Transport::getCommand() {
    123. 

  123.   const char *url = getServerObject();
    124. 

  124.   return URL::getCommand(url);
    125. 

  125. }
    126. 

  126. 

  127. ///////////////////////////////////////////////////////////////////////////////
    128. 

  128. // parameters
    129. 

  129. 

  130. // copied and re-factored from clearsilver-0.10.5/cgi/cgi.c
    131. 

  131. void Transport::urlUnescape(char *value) {
    132. 

  132.   assertx(value && *value); // check before calling this function
    133. 

  133. 

  134.   int i = 0, o = 0;
    135. 

  135.   unsigned char *s = (unsigned char *)value;
    136. 

  136. 

  137.   while (s[i]) {
    138. 

  138.     if (s[i] == '+') {
    139. 

  139.       s[o++] = ' ';
    140. 

  140.       i++;
    141. 

  141.     } else if (s[i] == '%' && isxdigit(s[i+1]) && isxdigit(s[i+2])) {
    142. 

  142.       char num;
    143. 

  143.       num = (s[i+1] >= 'A') ? ((s[i+1] & 0xdf) - 'A') + 10 : (s[i+1] - '0');
    144. 

  144.       num *= 16;
    145. 

  145.       num += (s[i+2] >= 'A') ? ((s[i+2] & 0xdf) - 'A') + 10 : (s[i+2] - '0');
    146. 

  146.       s[o++] = num;
    147. 

  147.       i+=3;
    148. 

  148.     } else {
    149. 

  149.       s[o++] = s[i++];
    150. 

  150.     }
    151. 

  151.   }
    152. 

  152.   if (i && o) s[o] = '\0';
    153. 

  153. }
    154. 

  154. 

  155. void Transport::parseQuery(char *query, ParamMap &params) {
    156. 

  156.   if (!query || !*query) return;
    157. 

  157. 

  158.   char *l;
    159. 

  159.   char *k = strtok_r(query, "&", &l);
    160. 

  160.   while (k && *k) {
    161. 

  161.     char *v = strchr(k, '=');
    162. 

  162.     const char *fv;
    163. 

  163.     if (v == nullptr) {
    164. 

  164.       fv = "";
    165. 

  165.     } else {
    166. 

  166.       *v = '\0';
    167. 

  167.       v++;
    168. 

  168.       if (*v) urlUnescape(v);
    169. 

  169.       fv = v;
    170. 

  170.     }
    171. 

  171.     if (*k) urlUnescape(k);
    172. 

  172.     params[k].push_back(fv);
    173. 

  173.     k = strtok_r(nullptr, "&", &l);
    174. 

  174.   }
    175. 

  175. }
    176. 

  176. 

  177. void Transport::parseGetParams() {
    178. 

  178.   if (m_url == nullptr) {
    179. 

  179.     const char *url = getServerObject();
    180. 

  180.     assertx(url);
    181. 

  181. 

  182.     const char *p = strchr(url, '?');
    183. 

  183.     if (p) {
    184. 

  184.       m_url = strdup(p + 1);
    185. 

  185.     } else {
    186. 

  186.       m_url = strdup("");
    187. 

  187.     }
    188. 

  188. 

  189.     parseQuery(m_url, m_getParams);
    190. 

  190.   }
    191. 

  191. }
    192. 

  192. 

  193. void Transport::parsePostParams() {
    194. 

  194.   if (!m_postDataParsed) {
    195. 

  195.     assertx(m_postData == nullptr);
    196. 

  196.     size_t size;
    197. 

  197.     const char *data = (const char *)getPostData(size);
    198. 

  198.     if (data && *data && size) {
    199. 

  199.       // Post data may be binary, but if parsePostParams() is called, any
    200. 

  200.       // wellformed data cannot have embedded NULs. If it does, we simply
    201. 

  201.       // truncate it.
    202. 

  202.       m_postData = strndup(data, size);
    203. 

  203.       parseQuery(m_postData, m_postParams);
    204. 

  204.     }
    205. 

  205.     m_postDataParsed = true;
    206. 

  206.   }
    207. 

  207. }
    208. 

  208. 

  209. bool Transport::paramExists(const char *name,
    210. 

  210.                             Method method /* = Method::GET */) {
    211. 

  211.   assertx(name && *name);
    212. 

  212.   if (method == Method::GET || method == Method::AUTO) {
    213. 

  213.     if (m_url == nullptr) {
    214. 

  214.       parseGetParams();
    215. 

  215.     }
    216. 

  216.     if (m_getParams.find(name) != m_getParams.end()) {
    217. 

  217.       return true;
    218. 

  218.     }
    219. 

  219.   }
    220. 

  220. 

  221.   if (method == Method::POST || method == Method::AUTO) {
    222. 

  222.     if (!m_postDataParsed) {
    223. 

  223.       parsePostParams();
    224. 

  224.     }
    225. 

  225.     if (m_postParams.find(name) != m_postParams.end()) {
    226. 

  226.       return true;
    227. 

  227.     }
    228. 

  228.   }
    229. 

  229. 

  230.   return false;
    231. 

  231. }
    232. 

  232. 

  233. std::string Transport::getParam(const char *name,
    234. 

  234.                                 Method method /* = Method::GET */) {
    235. 

  235.   assertx(name && *name);
    236. 

  236. 

  237.   if (method == Method::GET || method == Method::AUTO) {
    238. 

  238.     if (m_url == nullptr) {
    239. 

  239.       parseGetParams();
    240. 

  240.     }
    241. 

  241.     ParamMap::const_iterator iter = m_getParams.find(name);
    242. 

  242.     if (iter != m_getParams.end()) {
    243. 

  243.       return iter->second[0];
    244. 

  244.     }
    245. 

  245.   }
    246. 

  246. 

  247.   if (method == Method::POST || method == Method::AUTO) {
    248. 

  248.     if (!m_postDataParsed) {
    249. 

  249.       parsePostParams();
    250. 

  250.     }
    251. 

  251.     ParamMap::const_iterator iter = m_postParams.find(name);
    252. 

  252.     if (iter != m_postParams.end()) {
    253. 

  253.       return iter->second[0];
    254. 

  254.     }
    255. 

  255.   }
    256. 

  256. 

  257.   return "";
    258. 

  258. }
    259. 

  259. 

  260. int Transport::getIntParam(const char *name,
    261. 

  261.                            Method method /* = Method::GET */) {
    262. 

  262.   std::string param = getParam(name, method);
    263. 

  263.   if (param.empty()) {
    264. 

  264.     return 0;
    265. 

  265.   }
    266. 

  266.   return atoi(param.c_str());
    267. 

  267. }
    268. 

  268. 

  269. long long Transport::getInt64Param(const char *name,
    270. 

  270.                                    Method method /* = Method::GET */) {
    271. 

  271.   std::string param = getParam(name, method);
    272. 

  272.   if (param.empty()) {
    273. 

  273.     return 0;
    274. 

  274.   }
    275. 

  275.   return atoll(param.c_str());
    276. 

  276. }
    277. 

  277. 

  278. void Transport::getArrayParam(const char *name,
    279. 

  279.                               std::vector<std::string> &values,
    280. 

  280.                               Method method /* = GET */) {
    281. 

  281.   if (method == Method::GET || method == Method::AUTO) {
    282. 

  282.     if (m_url == nullptr) {
    283. 

  283.       parseGetParams();
    284. 

  284.     }
    285. 

  285.     ParamMap::const_iterator iter = m_getParams.find(name);
    286. 

  286.     if (iter != m_getParams.end()) {
    287. 

  287.       const std::vector<const char *> &params = iter->second;
    288. 

  288.       values.insert(values.end(), params.begin(), params.end());
    289. 

  289.     }
    290. 

  290.   }
    291. 

  291. 

  292.   if (method == Method::POST || method == Method::AUTO) {
    293. 

  293.     if (!m_postDataParsed) {
    294. 

  294.       parsePostParams();
    295. 

  295.     }
    296. 

  296.     ParamMap::const_iterator iter = m_postParams.find(name);
    297. 

  297.     if (iter != m_postParams.end()) {
    298. 

  298.       const std::vector<const char *> &params = iter->second;
    299. 

  299.       values.insert(values.end(), params.begin(), params.end());
    300. 

  300.     }
    301. 

  301.   }
    302. 

  302. }
    303. 

  303. 

  304. void Transport::getSplitParam(const char *name,
    305. 

  305.                               std::vector<std::string> &values,
    306. 

  306.                               char delimiter,
    307. 

  307.                               Method method /* = Method::GET */) {
    308. 

  308.   std::string param = getParam(name, method);
    309. 

  309.   if (!param.empty()) {
    310. 

  310.     folly::split(delimiter, param, values);
    311. 

  311.   }
    312. 

  312. }
    313. 

  313. 

  314. ///////////////////////////////////////////////////////////////////////////////
    315. 

  315. // headers
    316. 

  316. 

  317. bool Transport::splitHeader(const String& header, String &name, const char *&value) {
    318. 

  318.   int pos = header.find(':');
    319. 

  319. 

  320.   if (pos != String::npos) {
    321. 

  321.     name = header.substr(0, pos);
    322. 

  322.     value = header.data() + pos;
    323. 

  323. 

  324.     do {
    325. 

  325.       value++;
    326. 

  326.     } while (*value == ' ');
    327. 

  327. 

  328.     return true;
    329. 

  329.   }
    330. 

  330. 

  331.   // header("HTTP/1.0 404 Not Found");
    332. 

  332.   // header("HTTP/1.0 404");
    333. 

  333.   if (strncasecmp(header.data(), "http/", 5) == 0) {
    334. 

  334.     int pos1 = header.find(' ');
    335. 

  335.     if (pos1 != String::npos) {
    336. 

  336.       int pos2 = header.find(' ', pos1 + 1);
    337. 

  337.       if (pos2 == String::npos) pos2 = header.size();
    338. 

  338.       if (pos2 - pos1 > 1) {
    339. 

  339.         setResponse(atoi(header.data() + pos1),
    340. 

  340.                     header.size() - pos2 > 1 ? header.data() + pos2 : nullptr);
    341. 

  341.         return false;
    342. 

  342.       }
    343. 

  343.     }
    344. 

  344.   }
    345. 

  345. 

  346.   throw ExtendedException(
    347. 

  347.     "Invalid argument \"header\": [%s]", header.c_str());
    348. 

  348. }
    349. 

  349. 

  350. void Transport::addHeaderNoLock(const char *name, const char *value) {
    351. 

  351.   assertx(name && *name);
    352. 

  352.   assertx(value);
    353. 

  353. 

  354.   if (!m_firstHeaderSet) {
    355. 

  355.     m_firstHeaderSet = true;
    356. 

  356.     m_firstHeaderFile = g_context->getContainingFileName()->data();
    357. 

  357.     m_firstHeaderLine = g_context->getLine();
    358. 

  358.   }
    359. 

  359. 

  360.   std::string svalue = value;
    361. 

  361.   replaceAll(svalue, "\n", "");
    362. 

  362.   m_responseHeaders[name].push_back(svalue);
    363. 

  363. 

  364.   if (strcasecmp(name, "Location") == 0 && m_responseCode != 201 &&
    365. 

  365.       !(m_responseCode >= 300 && m_responseCode <=307)) {
    366. 

  366.     /* Zend seems to set 303 on a post with HTTP version > 1.0 in the code but
    367. 

  367.      * in our testing we can only get it to give 302.
    368. 

  368.     Method m = getMethod();
    369. 

  369.     if (m != Method::GET && m != Method::HEAD) {
    370. 

  370.       setResponse(303);
    371. 

  371.     } else {
    372. 

  372.       setResponse(302);
    373. 

  373.     }
    374. 

  374.     */
    375. 

  375.     setResponse(302);
    376. 

  376.   }
    377. 

  377. }
    378. 

  378. 

  379. void Transport::addHeader(const char *name, const char *value) {
    380. 

  380.   assertx(name && *name);
    381. 

  381.   assertx(value);
    382. 

  382.   addHeaderNoLock(name, value);
    383. 

  383. }
    384. 

  384. 

  385. void Transport::addHeader(const String& header) {
    386. 

  386.   String name;
    387. 

  387.   const char *value;
    388. 

  388.   if (splitHeader(header, name, value)) {
    389. 

  389.     addHeader(name.data(), value);
    390. 

  390.   }
    391. 

  391. }
    392. 

  392. 

  393. void Transport::replaceHeader(const char *name, const char *value) {
    394. 

  394.   assertx(name && *name);
    395. 

  395.   assertx(value);
    396. 

  396.   m_responseHeaders[name].clear();
    397. 

  397.   addHeaderNoLock(name, value);
    398. 

  398. }
    399. 

  399. 

  400. void Transport::replaceHeader(const String& header) {
    401. 

  401.   String name;
    402. 

  402.   const char *value;
    403. 

  403.   if (splitHeader(header, name, value)) {
    404. 

  404.     replaceHeader(name.data(), value);
    405. 

  405.   }
    406. 

  406. }
    407. 

  407. 

  408. void Transport::removeHeader(const char *name) {
    409. 

  409.   if (name && *name) {
    410. 

  410.     m_responseHeaders.erase(name);
    411. 

  411.     if (strcasecmp(name, "Set-Cookie") == 0) {
    412. 

  412.       m_responseCookiesList.clear();
    413. 

  413.     }
    414. 

  414.   }
    415. 

  415. }
    416. 

  416. 

  417. void Transport::removeAllHeaders() {
    418. 

  418.   m_responseHeaders.clear();
    419. 

  419.   m_responseCookiesList.clear();
    420. 

  420. }
    421. 

  421. 

  422. void Transport::getResponseHeaders(HeaderMap &headers) {
    423. 

  423.   headers = m_responseHeaders;
    424. 

  424. 

  425.   std::vector<std::string> &cookies = headers["Set-Cookie"];
    426. 

  426.   std::list<std::string> cookies_existing = getCookieLines();
    427. 

  427.   cookies.insert(cookies.end(), cookies_existing.begin(),
    428. 

  428.      cookies_existing.end());
    429. 

  429. }
    430. 

  430. 

  431. void Transport::addToCommaSeparatedHeader(const char* name, const char* value) {
    432. 

  432.   assertx(name && *name);
    433. 

  433.   assertx(value);
    434. 

  434.   const auto it = m_responseHeaders.find(name);
    435. 

  435.   if (it != m_responseHeaders.end() && !it->second.empty()) {
    436. 

  436.     it->second[0] = it->second[0] + std::string(", ") + value;
    437. 

  437.   } else {
    438. 

  438.     addHeader(name, value);
    439. 

  439.   }
    440. 

  440. }
    441. 

  441. 

  442. bool Transport::cookieExists(const char *name) {
    443. 

  443.   assertx(name && *name);
    444. 

  444.   std::string header = getHeader("Cookie");
    445. 

  445.   int len = strlen(name);
    446. 

  446.   bool hasValue = (strchr(name, '=') != nullptr);
    447. 

  447.   for (size_t pos = header.find(name); pos != std::string::npos;
    448. 

  448.        pos = header.find(name, pos + 1)) {
    449. 

  449.     if (pos == 0 || isspace(header[pos-1]) || header[pos-1] == ';') {
    450. 

  450.       pos += len;
    451. 

  451.       if (hasValue) {
    452. 

  452.         if (pos == header.size() || header[pos] == ';') return true;
    453. 

  453.       } else {
    454. 

  454.         if (pos < header.size() && header[pos] == '=') return true;
    455. 

  455.       }
    456. 

  456.     }
    457. 

  457.   }
    458. 

  458.   return false;
    459. 

  459. }
    460. 

  460. 

  461. std::string Transport::getCookie(const std::string &name) {
    462. 

  462.   assertx(!name.empty());
    463. 

  463.   std::string header = getHeader("Cookie");
    464. 

  464.   for (size_t pos = header.find(name); pos != std::string::npos;
    465. 

  465.        pos = header.find(name, pos + 1)) {
    466. 

  466.     if (pos == 0 || isspace(header[pos-1]) || header[pos-1] == ';') {
    467. 

  467.       pos += name.size();
    468. 

  468.       if (pos < header.size() && header[pos] == '=') {
    469. 

  469.         size_t end = header.find(';', pos + 1);
    470. 

  470.         if (end != std::string::npos) end -= pos + 1;
    471. 

  471.         return header.substr(pos + 1, end);
    472. 

  472.       }
    473. 

  473.     }
    474. 

  474.   }
    475. 

  475.   return "";
    476. 

  476. }
    477. 

  477. 

  478. bool Transport::acceptEncoding(const char *encoding) {
    479. 

  479.   return acceptsEncoding(this, encoding);
    480. 

  480. }
    481. 

  481. 

  482. void Transport::setResponse(int code, const char *info) {
    483. 

  483.   m_responseCode = code;
    484. 

  484.   m_responseCodeInfo = info ? info : HttpProtocol::GetReasonString(code);
    485. 

  485. }
    486. 

  486. 

  487. std::string Transport::getHTTPVersion() const {
    488. 

  488.   return "1.1";
    489. 

  489. }
    490. 

  490. 

  491. size_t Transport::getRequestSize() const {
    492. 

  492.   return 0;
    493. 

  493. }
    494. 

  494. 

  495. void Transport::setMimeType(const String& mimeType) {
    496. 

  496.   m_mimeType = mimeType.data();
    497. 

  497. }
    498. 

  498. 

  499. String Transport::getMimeType() {
    500. 

  500.   return String(m_mimeType);
    501. 

  501. }
    502. 

  502. 

  503. ///////////////////////////////////////////////////////////////////////////////
    504. 

  504. // cookies
    505. 

  505. 

  506. namespace {
    507. 

  507. 

  508. // Make sure cookie names do not contain any illegal characters.
    509. 

  509. // Throw a fatal exception if one does.
    510. 

  510. void validateCookieNameString(const String& str) {
    511. 

  511.   if (!str.empty() && strpbrk(str.data(), "=,; \t\r\n\013\014")) {
    512. 

  512.     raise_error("Cookie names can not contain any of the following "
    513. 

  513.                 "'=,; \\t\\r\\n\\013\\014'");
    514. 

  514.   }
    515. 

  515. }
    516. 

  516. 

  517. // Make sure a component (path, value, domain) of a cookie does not
    518. 

  518. // contain any illegal characters.  Throw a fatal exception if it
    519. 

  519. // does.
    520. 

  520. void validateCookieString(const String& str, const char* component) {
    521. 

  521.   if (!str.empty() && strpbrk(str.data(), ",; \t\r\n\013\014")) {
    522. 

  522.     raise_error("Cookie %s can not contain any of the following "
    523. 

  523.                 "',; \\t\\r\\n\\013\\014'", component);
    524. 

  524.   }
    525. 

  525. }
    526. 

  526. 

  527. }
    528. 

  528. 

  529. bool Transport::setCookie(const String& name, const String& value, int64_t expire /* = 0 */,
    530. 

  530.                           const String& path /* = "" */, const String& domain /* = "" */,
    531. 

  531.                           bool secure /* = false */,
    532. 

  532.                           bool httponly /* = false */,
    533. 

  533.                           bool encode_url /* = true */) {
    534. 

  534.   validateCookieNameString(name);
    535. 

  535. 

  536.   if (!encode_url) {
    537. 

  537.     validateCookieString(value, "values");
    538. 

  538.   }
    539. 

  539. 

  540.   validateCookieString(path, "paths");
    541. 

  541. 

  542.   validateCookieString(domain, "domains");
    543. 

  543. 

  544.   String encoded_value;
    545. 

  545.   int len = 0;
    546. 

  546.   if (!value.empty()) {
    547. 

  547.     encoded_value = encode_url ? url_encode(value.data(), value.size())
    548. 

  548.                                : value;
    549. 

  549.     len += encoded_value.size();
    550. 

  550.   }
    551. 

  551.   len += path.size();
    552. 

  552.   len += domain.size();
    553. 

  553. 

  554.   std::string cookie;
    555. 

  555.   cookie.reserve(len + 100);
    556. 

  556.   if (value.empty()) {
    557. 

  557.     /*
    558. 

  558.      * MSIE doesn't delete a cookie when you set it to a null value
    559. 

  559.      * so in order to force cookies to be deleted, even on MSIE, we
    560. 

  560.      * pick an expiry date in the past
    561. 

  561.      */
    562. 

  562.     String sdt = req::make<DateTime>(1, true)->
    563. 

  563.       toString(DateTime::DateFormat::Cookie);
    564. 

  564.     cookie += name.data();
    565. 

  565.     cookie += "=deleted; expires=";
    566. 

  566.     cookie += sdt.data();
    567. 

  567.     cookie += "; Max-Age=0";
    568. 

  568.   } else {
    569. 

  569.     cookie += name.data();
    570. 

  570.     cookie += "=";
    571. 

  571.     cookie += encoded_value.isNull() ? "" : encoded_value.data();
    572. 

  572.     if (expire > 0) {
    573. 

  573.       if (expire > 253402300799LL) {
    574. 

  574.         raise_warning("Expiry date cannot have a year greater than 9999");
    575. 

  575.         return false;
    576. 

  576.       }
    577. 

  577.       cookie += "; expires=";
    578. 

  578.       String sdt = req::make<DateTime>(expire, true)->
    579. 

  579.         toString(DateTime::DateFormat::Cookie);
    580. 

  580.       cookie += sdt.data();
    581. 

  581.       cookie += "; Max-Age=";
    582. 

  582.       String sdelta = String(expire - time(0));
    583. 

  583.       cookie += sdelta.data();
    584. 

  584.     }
    585. 

  585.   }
    586. 

  586. 

  587.   if (!path.empty()) {
    588. 

  588.     cookie += "; path=";
    589. 

  589.     cookie += path.data();
    590. 

  590.   }
    591. 

  591.   if (!domain.empty()) {
    592. 

  592.     cookie += "; domain=";
    593. 

  593.     cookie += domain.data();
    594. 

  594.   }
    595. 

  595.   if (secure) {
    596. 

  596.     cookie += "; secure";
    597. 

  597.   }
    598. 

  598.   if (httponly) {
    599. 

  599.     cookie += "; httponly";
    600. 

  600.   }
    601. 

  601. 

  602.   // PHP5 does not deduplicate cookies. That behavior is preserved when
    603. 

  603.   // CookieDeduplicate is not enabled. Otherwise, we will only keep the
    604. 

  604.   // last cookie for a given name-domain-path triplet.
    605. 

  605.   String dedup_key = name + "\n" + domain + "\n" + path;
    606. 

  606. 

  607.   m_responseCookiesList.emplace(m_responseCookiesList.end(),
    608. 

  608.     dedup_key.data(), cookie);
    609. 

  609. 

  610.   return true;
    611. 

  611. }
    612. 

  612. 

  613. std::list<std::string> Transport::getCookieLines() {
    614. 

  614.   std::list<std::string> ret;
    615. 

  615.   if (RuntimeOption::AllowDuplicateCookies) {
    616. 

  616.     for(CookieList::const_iterator iter = m_responseCookiesList.begin();
    617. 

  617.         iter != m_responseCookiesList.end(); ++iter) {
    618. 

  618.       ret.push_back(iter->second);
    619. 

  619.     }
    620. 

  620.   } else {
    621. 

  621.     // We will dedupe with last-one-wins semantics by walking backwards and
    622. 

  622.     // including only those whose dedupe key we have not seen yet, then
    623. 

  623.     // reversing the list
    624. 

  624.     std::unordered_set<std::string> already_seen;
    625. 

  625.     for(auto iter = m_responseCookiesList.crbegin();
    626. 

  626.         iter != m_responseCookiesList.crend(); ++iter) {
    627. 

  627.       if (already_seen.find(iter->first) == already_seen.end()) {
    628. 

  628.         ret.push_front(iter->second);
    629. 

  629.         already_seen.insert(iter->first);
    630. 

  630.       }
    631. 

  631.     }
    632. 

  632.   }
    633. 

  633.   return ret;
    634. 

  634. }
    635. 

  635. 

  636. 

  637. ///////////////////////////////////////////////////////////////////////////////
    638. 

  638. 

  639. void Transport::prepareHeaders(bool precompressed, bool chunked,
    640. 

  640.     const StringHolder &response, const StringHolder& orig_response) {
    641. 

  641.   for (HeaderMap::const_iterator iter = m_responseHeaders.begin();
    642. 

  642.        iter != m_responseHeaders.end(); ++iter) {
    643. 

  643.     const std::vector<std::string> &values = iter->second;
    644. 

  644.     for (unsigned int i = 0; i < values.size(); i++) {
    645. 

  645.       addHeaderImpl(iter->first.c_str(), values[i].c_str());
    646. 

  646.     }
    647. 

  647.   }
    648. 

  648. 

  649.   const std::list<std::string> cookies = getCookieLines();
    650. 

  650.   for (std::list<std::string>::const_iterator iter = cookies.begin();
    651. 

  651.        iter != cookies.end(); ++iter) {
    652. 

  652.     addHeaderImpl("Set-Cookie", iter->c_str());
    653. 

  653.   }
    654. 

  654. 

  655.   auto& compressor = getCompressor();
    656. 

  656. 

  657.   // should never double-compress
    658. 

  658.   assertx(!precompressed || !compressor.isCompressed());
    659. 

  659. 

  660.   if (precompressed) {
    661. 

  661.     // pre-compressed content is currently always gzip compressed.
    662. 

  662.     addHeaderImpl("Content-Encoding", "gzip");
    663. 

  663.     if (RuntimeOption::ServerAddVaryEncoding) {
    664. 

  664.       addHeaderImpl("Vary", "Accept-Encoding");
    665. 

  665.     }
    666. 

  666.   }
    667. 

  667. 

  668.   if (precompressed || compressor.isCompressed()) {
    669. 

  669.     removeHeaderImpl("Content-Length");
    670. 

  670.     // Remove the Content-MD5 header coming from PHP if we compressed the data,
    671. 

  671.     // as the checksum is going to be invalid.
    672. 

  672.     auto it = m_responseHeaders.find("Content-MD5");
    673. 

  673.     if (it != m_responseHeaders.end()) {
    674. 

  674.       removeHeaderImpl("Content-MD5");
    675. 

  675.       // Re-add it back unless this is a chunked response. We'd have to buffer
    676. 

  676.       // the response completely to compute the MD5, which defeats the purpose
    677. 

  677.       // of chunking.
    678. 

  678.       if (chunked) {
    679. 

  679.         raise_warning("Cannot use chunked HTTP response and Content-MD5 header "
    680. 

  680.           "at the same time. Dropping Content-MD5.");
    681. 

  681.       } else {
    682. 

  682.         std::string cur_md5 = it->second[0];
    683. 

  683.         String expected_md5 = StringUtil::Base64Encode(StringUtil::MD5(
    684. 

  684.           orig_response.data(), orig_response.size(), true));
    685. 

  685.         // Can never trust these PHP people...
    686. 

  686.         if (expected_md5.c_str() != cur_md5) {
    687. 

  687.           raise_warning("Content-MD5 mismatch. Expected: %s, Got: %s",
    688. 

  688.             expected_md5.c_str(), cur_md5.c_str());
    689. 

  689.         }
    690. 

  690.         addHeaderImpl("Content-MD5", StringUtil::Base64Encode(StringUtil::MD5(
    691. 

  691.           response.data(), response.size(), true)).c_str());
    692. 

  692.       }
    693. 

  693.     }
    694. 

  694.   }
    695. 

  695. 

  696.   if (m_responseHeaders.find("Content-Type") == m_responseHeaders.end() &&
    697. 

  697.       m_responseCode != 304) {
    698. 

  698.     std::string contentType = "text/html";
    699. 

  699.     if (IniSetting::Get("default_charset") != "") {
    700. 

  700.       contentType += "; charset=" + IniSetting::Get("default_charset");
    701. 

  701.     }
    702. 

  702.     addHeaderImpl("Content-Type", contentType.c_str());
    703. 

  703.   }
    704. 

  704. 

  705.   if (RuntimeOption::ExposeHPHP) {
    706. 

  706.     addHeaderImpl("X-Powered-By", (String("HHVM/") + HHVM_VERSION).c_str());
    707. 

  707.   }
    708. 

  708. 

  709.   if ((RuntimeOption::ExposeXFBServer || RuntimeOption::ExposeXFBDebug) &&
    710. 

  710.       !RuntimeOption::XFBDebugSSLKey.empty() &&
    711. 

  711.       m_responseHeaders.find("X-FB-Debug") == m_responseHeaders.end()) {
    712. 

  712.     String ip = this->getServerAddr();
    713. 

  713.     String key = RuntimeOption::XFBDebugSSLKey;
    714. 

  714.     String cipher("AES-256-CBC");
    715. 

  715.     bool crypto_strong = false;
    716. 

  716.     auto const iv_len = HHVM_FN(openssl_cipher_iv_length)(cipher).toInt32();
    717. 

  717.     auto const iv = HHVM_FN(openssl_random_pseudo_bytes)(
    718. 

  718.       iv_len, crypto_strong
    719. 

  719.     ).toString();
    720. 

  720.     auto const encrypted = HHVM_FN(openssl_encrypt)(
    721. 

  721.       ip, cipher, key, k_OPENSSL_RAW_DATA, iv
    722. 

  722.     ).toString();
    723. 

  723.     auto const output = StringUtil::Base64Encode(iv + encrypted);
    724. 

  724.     if (debug) {
    725. 

  725.       auto const decrypted = HHVM_FN(openssl_decrypt)(
    726. 

  726.         encrypted, cipher, key, k_OPENSSL_RAW_DATA, iv
    727. 

  727.       ).toString();
    728. 

  728.       assertx(decrypted.get()->same(ip.get()));
    729. 

  729.     }
    730. 

  730.     addHeaderImpl("X-FB-Debug", output.c_str());
    731. 

  731.   }
    732. 

  732. 

  733.   // shutting down servers, so need to terminate all Keep-Alive connections
    734. 

  734.   if (!RuntimeOption::EnableKeepAlive || isServerStopping()) {
    735. 

  735.     addHeaderImpl("Connection", "close");
    736. 

  736.     removeHeaderImpl("Keep-Alive");
    737. 

  737. 

  738.     // so lower level transports can ignore incoming "Connection: keep-alive"
    739. 

  739.     removeRequestHeaderImpl("Connection");
    740. 

  740.   }
    741. 

  741. }
    742. 

  742. 

  743. namespace {
    744. 

  744. 

  745. void LogException(const char* msg) {
    746. 

  746.   try {
    747. 

  747.     throw;
    748. 

  748.   } catch (Exception& e) {
    749. 

  749.     Logger::Error("%s: %s", msg, e.getMessage().c_str());
    750. 

  750.   } catch (std::exception& e) {
    751. 

  751.     Logger::Error("%s: %s", msg, e.what());
    752. 

  752.   } catch (Object& e) {
    753. 

  753.     try {
    754. 

  754.       Logger::Error("%s: %s", msg, throwable_to_string(e.get()).c_str());
    755. 

  755.     } catch (...) {
    756. 

  756.       Logger::Error("%s: (e.toString() failed)", msg);
    757. 

  757.     }
    758. 

  758.   } catch (...) {
    759. 

  759.     Logger::Error("%s: (unknown exception)", msg);
    760. 

  760.   }
    761. 

  761. }
    762. 

  762. } // anonymous namespace
    763. 

  763. 

  764. StringHolder Transport::compressResponse(
    765. 

  765.     const char* data, int size, bool last) {
    766. 

  766.   StringHolder response(data, size, FreeType::NoFree);
    767. 

  767.   auto compressedResponse = getCompressor().compressResponse(data, size, last);
    768. 

  768.   if (compressedResponse.data() != nullptr) {
    769. 

  769.     response = std::move(compressedResponse);
    770. 

  770.   }
    771. 

  771. 

  772.   return response;
    773. 

  773. }
    774. 

  774. 

  775. ResponseCompressorManager& Transport::getCompressor() {
    776. 

  776.   if (!m_compressor) {
    777. 

  777.     m_compressor = std::make_unique<ResponseCompressorManager>(this);
    778. 

  778.   }
    779. 

  779.   return *m_compressor;
    780. 

  780. }
    781. 

  781. 

  782. void Transport::enableCompression() {
    783. 

  783.   getCompressor().enable();
    784. 

  784. }
    785. 

  785. 

  786. void Transport::disableCompression() {
    787. 

  787.   getCompressor().disable();
    788. 

  788. }
    789. 

  789. 

  790. bool Transport::isCompressionEnabled() {
    791. 

  791.   return getCompressor().isEnabled();
    792. 

  792. }
    793. 

  793. 

  794. void Transport::sendRaw(const char *data, int size, int code /* = 200 */,
    795. 

  795.                         bool precompressed /* = false */,
    796. 

  796.                         bool chunked /* = false */,
    797. 

  797.                         const char *codeInfo /* = nullptr */
    798. 

  798.                        ) {
    799. 

  799.   // There are post-send functions that can run. Any output from them should
    800. 

  800.   // be ignored as it doesn't make sense to try and send data after the
    801. 

  801.   // request has ended.
    802. 

  802.   if (m_sendEnded) {
    803. 

  803.     return;
    804. 

  804.   }
    805. 

  805. 

  806.   if (!precompressed && RuntimeOption::ForceChunkedEncoding) {
    807. 

  807.     chunked = true;
    808. 

  808.   }
    809. 

  809. 

  810.   // I don't think there is any need to send an empty chunk, other than sending
    811. 

  811.   // out headers earlier, which seems to be a useless feature.
    812. 

  812.   if (size == 0 && (chunked || m_chunkedEncoding)) {
    813. 

  813.     return;
    814. 

  814.   }
    815. 

  815. 

  816.   if (chunked) {
    817. 

  817.     m_chunkedEncoding = true;
    818. 

  818.   }
    819. 

  819.   if (m_chunkedEncoding) {
    820. 

  820.     assertx(!precompressed);
    821. 

  821.   }
    822. 

  822. 

  823.   sendRawInternal(data, size, code, precompressed, codeInfo);
    824. 

  824. }
    825. 

  825. 

  826. void Transport::sendRawInternal(const char *data, int size,
    827. 

  827.                                 int code /* = 200 */,
    828. 

  828.                                 bool precompressed /* = false */,
    829. 

  829.                                 const char *codeInfo /* = nullptr */
    830. 

  830.                                ) {
    831. 

  831. 

  832.   bool chunked = m_chunkedEncoding;
    833. 

  833. 

  834.   if (!g_context->m_headerCallbackDone &&
    835. 

  835.       !tvIsNull(&g_context->m_headerCallback)) {
    836. 

  836.     // We could use m_headerSent here, however it seems we can still
    837. 

  837.     // end up in an infinite loop when:
    838. 

  838.     // m_headerCallback calls flush()
    839. 

  839.     // flush() triggers php's recursion guard
    840. 

  840.     // the recursion guard calls back into m_headerCallback
    841. 

  841.     g_context->m_headerCallbackDone = true;
    842. 

  842.     try {
    843. 

  843.       vm_call_user_func(tvAsVariant(g_context->m_headerCallback),
    844. 

  844.                         init_null_variant);
    845. 

  845.     } catch (...) {
    846. 

  846.       LogException("HeaderCallback");
    847. 

  847.     }
    848. 

  848.   }
    849. 

  849. 

  850.   // compression handling
    851. 

  851.   ServerStatsHelper ssh("send");
    852. 

  852. 

  853.   if (precompressed) {
    854. 

  854.     disableCompression();
    855. 

  855.   }
    856. 

  856.   StringHolder response = compressResponse(data, size, !chunked);
    857. 

  857. 

  858.   if (m_responseCode < 0) {
    859. 

  859.     setResponse(code, codeInfo);
    860. 

  860.   }
    861. 

  861. 

  862.   // HTTP header handling
    863. 

  863.   if (!m_headerSent) {
    864. 

  864.     prepareHeaders(precompressed, chunked, response,
    865. 

  865.                    StringHolder(data, size, FreeType::NoFree));
    866. 

  866.     m_headerSent = true;
    867. 

  867.   }
    868. 

  868. 

  869.   m_responseSize += response.size();
    870. 

  870.   ServerStats::SetThreadMode(ServerStats::ThreadMode::Writing);
    871. 

  871.   sendImpl(response.data(), response.size(), m_responseCode, chunked, false);
    872. 

  872.   ServerStats::SetThreadMode(ServerStats::ThreadMode::Processing);
    873. 

  873. 

  874.   ServerStats::LogBytes(size);
    875. 

  875.   if (RuntimeOption::EnableStats && RuntimeOption::EnableWebStats) {
    876. 

  876.     ServerStats::Log("network.uncompressed", size);
    877. 

  877.     ServerStats::Log("network.compressed", response.size());
    878. 

  878.   }
    879. 

  879. }
    880. 

  880. 

  881. void Transport::onSendEnd() {
    882. 

  882.   bool eomSent = false;
    883. 

  883.   if (m_chunkedEncoding) {
    884. 

  884.     assertx(m_headerSent);
    885. 

  885.     StringHolder response = compressResponse("", 0, true);
    886. 

  886.     sendImpl(response.data(), response.size(), m_responseCode, true, true);
    887. 

  887.     eomSent = true;
    888. 

  888.   } else if (!m_headerSent) {
    889. 

  889.     sendRawInternal("", 0);
    890. 

  890.   }
    891. 

  891.   auto httpResponseStats = ServiceData::createTimeSeries(
    892. 

  892.     folly::to<std::string>(HTTP_RESPONSE_STATS_PREFIX, getResponseCode()),
    893. 

  893.     {ServiceData::StatsType::SUM});
    894. 

  894.   httpResponseStats->addValue(1);
    895. 

  895.   if (!eomSent) {
    896. 

  896.     onSendEndImpl();
    897. 

  897.   }
    898. 

  898.   // Record that we have ended the request so any further output is discarded.
    899. 

  899.   m_sendEnded = true;
    900. 

  900. }
    901. 

  901. 

  902. void Transport::redirect(const char *location, int code /* = 302 */,
    903. 

  903.                          const char *info /* = nullptr */) {
    904. 

  904.   addHeaderImpl("Location", location);
    905. 

  905.   setResponse(code, info);
    906. 

  906.   sendString("Moved", code);
    907. 

  907. }
    908. 

  908. 

  909. void Transport::onFlushProgress(int writtenSize, int64_t delayUs) {
    910. 

  910.   m_responseSentSize += writtenSize;
    911. 

  911.   m_flushTimeUs += delayUs;
    912. 

  912.   m_chunksSentSizes.push_back(writtenSize);
    913. 

  913. }
    914. 

  914. 

  915. void Transport::onChunkedProgress(int writtenSize) {
    916. 

  916.   m_responseSentSize += writtenSize;
    917. 

  917.   m_chunksSentSizes.push_back(writtenSize);
    918. 

  918. }
    919. 

  919. 

  920. void Transport::getChunkSentSizes(Array &ret) {
    921. 

  921.   for (unsigned int i = 0; i < m_chunksSentSizes.size(); i++) {
    922. 

  922.     ret.append(m_chunksSentSizes[i]);
    923. 

  923.   }
    924. 

  924. }
    925. 

  925. 

  926. int Transport::getLastChunkSentSize() {
    927. 

  927.   size_t size = m_chunksSentSizes.size();
    928. 

  928.   return size == 0 ? 0 : m_chunksSentSizes.back();
    929. 

  929. }
    930. 

  930. 

  931. ///////////////////////////////////////////////////////////////////////////////
    932. 

  932. // support rfc1867
    933. 

  933. 

  934. bool Transport::isUploadedFile(const String& filename) {
    935. 

  935.   return is_uploaded_file(filename.c_str());
    936. 

  936. }
    937. 

  937. 

  938. ///////////////////////////////////////////////////////////////////////////////
    939. 

  939. // IDebuggable
    940. 

  940. 

  941. const char *Transport::getThreadTypeName() const {
    942. 

  942.   switch (m_threadType) {
    943. 

  943.     case ThreadType::RequestThread: return "Web Request";
    944. 

  944.     case ThreadType::PageletThread: return "Pagelet Thread";
    945. 

  945.     case ThreadType::XboxThread:    return "Xbox Thread";
    946. 

  946.     case ThreadType::RpcThread:     return "RPC Thread";
    947. 

  947.   }
    948. 

  948.   return "(unknown)";
    949. 

  949. }
    950. 

  950. 

  951. void Transport::debuggerInfo(InfoVec &info) {
    952. 

  952.   Add(info, "Thread Type", getThreadTypeName());
    953. 

  953.   Add(info, "URL",         getCommand());
    954. 

  954.   Add(info, "HTTP",        getHTTPVersion());
    955. 

  955.   Add(info, "Method",      getMethodName());
    956. 

  956.   if (getMethod() == Method::POST) {
    957. 

  957.     size_t size; getPostData(size);
    958. 

  958.     Add(info, "Post Data", FormatSize(size));
    959. 

  959.   }
    960. 

  960. }
    961. 

  961. 

  962. ///////////////////////////////////////////////////////////////////////////////
    963. 

  963. // StructuredLog
    964. 

  964. 

  965. StructuredLogEntry* Transport::createStructuredLogEntry() {
    966. 

  966.   assertx(!m_structLogEntry);
    967. 

  967.   m_structLogEntry = std::make_unique<StructuredLogEntry>();
    968. 

  968.   return m_structLogEntry.get();
    969. 

  969. }
    970. 

  970. 

  971. StructuredLogEntry* Transport::getStructuredLogEntry() {
    972. 

  972.   return m_structLogEntry.get();
    973. 

  973. }
    974. 

  974. 

  975. void Transport::resetStructuredLogEntry() {
    976. 

  976.   m_structLogEntry.reset();
    977. 

  977. }
    978. 

  978. 

  979. ///////////////////////////////////////////////////////////////////////////////
    980. 

  980. // Request tracing
    981. 

  981. 

  982. void Transport::forceInitRequestTrace() {
    983. 

  983.   if (m_requestTrace) return;
    984. 

  984.   m_requestTrace.emplace();
    985. 

  985.   rqtrace::ScopeGuard(
    986. 

  986.     getRequestTrace(), "REQUEST_QUEUE", getQueueTime()
    987. 

  987.   ).finish(getWallTime());
    988. 

  988. }
    989. 

  989. 

  990. ///////////////////////////////////////////////////////////////////////////////
    991. 

  991. }
    992. 

  992.