PageRenderTime 71ms CodeModel.GetById 35ms RepoModel.GetById 1ms app.codeStats 0ms

/src/main/java/org/browsermob/proxy/jetty/servlet/CGI.java

https://github.com/dereke/browsermob-proxy
Java | 378 lines | 247 code | 52 blank | 79 comment | 41 complexity | a368755caa198df08b23b9dc41d6d562 MD5 | raw file
    

  1. // ========================================================================
    2. 

  2. // A very basic CGI Servlet, for use, with Jetty
    3. 

  3. // (jetty.jetty.org). It's heading towards CGI/1.1 compliance, but
    4. 

  4. // still lacks a few features - the basic stuff is here though...
    5. 

  5. // Copyright 2000 Julian Gosnell <jules_gosnell@yahoo.com> Released
    6. 

  6. // under the terms of the Jetty Licence.
    7. 

  7. // ========================================================================
    8. 

  8. 

  9. // TODO
    10. 

  10. // - logging
    11. 

  11. // - child's stderr
    12. 

  12. // - exceptions should report to client via sendError()
    13. 

  13. // - tidy up
    14. 

  14. 

  15. package org.browsermob.proxy.jetty.servlet;
    16. 

  16. 

  17. import org.apache.commons.logging.Log;
    18. 

  18. import org.browsermob.proxy.jetty.http.HttpFields;
    19. 

  19. import org.browsermob.proxy.jetty.log.LogFactory;
    20. 

  20. import org.browsermob.proxy.jetty.util.IO;
    21. 

  21. import org.browsermob.proxy.jetty.util.LineInput;
    22. 

  22. import org.browsermob.proxy.jetty.util.LogSupport;
    23. 

  23. import org.browsermob.proxy.jetty.util.StringUtil;
    24. 

  24. 

  25. import javax.servlet.ServletException;
    26. 

  26. import javax.servlet.http.HttpServlet;
    27. 

  27. import javax.servlet.http.HttpServletRequest;
    28. 

  28. import javax.servlet.http.HttpServletResponse;
    29. 

  29. import java.io.File;
    30. 

  30. import java.io.IOException;
    31. 

  31. import java.io.InputStream;
    32. 

  32. import java.io.OutputStream;
    33. 

  33. import java.util.Enumeration;
    34. 

  34. import java.util.HashMap;
    35. 

  35. import java.util.Iterator;
    36. 

  36. import java.util.Map;
    37. 

  37. 

  38. //-----------------------------------------------------------------------------
    39. 

  39. /** CGI Servlet.
    40. 

  40.  *
    41. 

  41.  * The cgi bin directory can be set with the cgibinResourceBase init
    42. 

  42.  * parameter or it will default to the resource base of the context.
    43. 

  43.  *
    44. 

  44.  * The "commandPrefix" init parameter may be used to set a prefix to all
    45. 

  45.  * commands passed to exec. This can be used on systems that need assistance
    46. 

  46.  * to execute a particular file type. For example on windows this can be set
    47. 

  47.  * to "perl" so that perl scripts are executed.
    48. 

  48.  *
    49. 

  49.  * The "Path" init param is passed to the exec environment as PATH.
    50. 

  50.  * Note: Must be run unpacked somewhere in the filesystem.
    51. 

  51.  *
    52. 

  52.  * Any initParameter that starts with ENV_ is used to set an environment
    53. 

  53.  * variable with the name stripped of the leading ENV_ and using the init
    54. 

  54.  * parameter value.
    55. 

  55.  *
    56. 

  56.  * @version $Revision: 1.27 $
    57. 

  57.  * @author Julian Gosnell
    58. 

  58.  */
    59. 

  59. public class CGI extends HttpServlet
    60. 

  60. {
    61. 

  61.     private static Log log = LogFactory.getLog(CGI.class);
    62. 

  62. 

  63.     protected File _docRoot;
    64. 

  64.     protected String _path;
    65. 

  65.     protected String _cmdPrefix;
    66. 

  66.     protected EnvList _env;
    67. 

  67. 

  68.     /* ------------------------------------------------------------ */
    69. 

  69.     public void init()
    70. 

  70.         throws ServletException
    71. 

  71.     {
    72. 

  72.         _env= new EnvList();
    73. 

  73.         _cmdPrefix=getInitParameter("commandPrefix");
    74. 

  74. 

  75.         String tmp = getInitParameter("cgibinResourceBase");
    76. 

  76.         if (tmp==null)
    77. 

  77.             tmp = getServletContext().getRealPath("/");
    78. 

  78. 

  79.         if(log.isDebugEnabled())log.debug("CGI: CGI bin "+tmp);
    80. 

  80. 

  81.         if (tmp==null)
    82. 

  82.         {
    83. 

  83.             log.warn("CGI: no CGI bin !");
    84. 

  84.             throw new ServletException();
    85. 

  85.         }
    86. 

  86. 

  87.         File dir = new File(tmp);
    88. 

  88.         if (!dir.exists())
    89. 

  89.         {
    90. 

  90.             log.warn("CGI: CGI bin does not exist - "+dir);
    91. 

  91.             throw new ServletException();
    92. 

  92.         }
    93. 

  93. 

  94.         if (!dir.canRead())
    95. 

  95.         {
    96. 

  96.             log.warn("CGI: CGI bin is not readable - "+dir);
    97. 

  97.             throw new ServletException();
    98. 

  98.         }
    99. 

  99. 

  100.         if (!dir.isDirectory())
    101. 

  101.         {
    102. 

  102.             log.warn("CGI: CGI bin is not a directory - "+dir);
    103. 

  103.             throw new ServletException();
    104. 

  104.         }
    105. 

  105. 

  106.         try
    107. 

  107.         {
    108. 

  108.             _docRoot=dir.getCanonicalFile();
    109. 

  109.             if(log.isDebugEnabled())log.debug("CGI: CGI bin accepted - "+_docRoot);
    110. 

  110.         }
    111. 

  111.         catch (IOException e)
    112. 

  112.         {
    113. 

  113.             log.warn("CGI: CGI bin failed - "+dir);
    114. 

  114.             e.printStackTrace();
    115. 

  115.             throw new ServletException();
    116. 

  116.         }
    117. 

  117. 

  118.         _path=getInitParameter("Path");
    119. 

  119.         if(log.isDebugEnabled())log.debug("CGI: PATH accepted - "+_path);
    120. 

  120.         if (_path != null)
    121. 

  121.             _env.set("PATH", _path);
    122. 

  122. 

  123.         Enumeration e= getInitParameterNames();
    124. 

  124.         while (e.hasMoreElements())
    125. 

  125.         {
    126. 

  126.             String n= (String)e.nextElement();
    127. 

  127.             if (n != null && n.startsWith("ENV_"))
    128. 

  128.                 _env.set(n.substring(4),getInitParameter(n));
    129. 

  129.         }
    130. 

  130.     }
    131. 

  131. 

  132.     /* ------------------------------------------------------------ */
    133. 

  133.     public void service(HttpServletRequest req, HttpServletResponse res)
    134. 

  134.         throws ServletException, IOException
    135. 

  135.     {
    136. 

  136. 	String pathInContext =
    137. 

  137. 	    StringUtil.nonNull(req.getServletPath()) +
    138. 

  138. 	    StringUtil.nonNull(req.getPathInfo());
    139. 

  139. 

  140. 	if(log.isDebugEnabled())log.debug("CGI: req.getContextPath() : "+req.getContextPath());
    141. 

  141.         if(log.isDebugEnabled())log.debug("CGI: req.getServletPath() : "+req.getServletPath());
    142. 

  142.         if(log.isDebugEnabled())log.debug("CGI: req.getPathInfo()    : "+req.getPathInfo());
    143. 

  143.         if(log.isDebugEnabled())log.debug("CGI: _docRoot             : "+_docRoot);
    144. 

  144. 

  145. 

  146.         // pathInContext may actually comprises scriptName/pathInfo...We will
    147. 

  147.         // walk backwards up it until we find the script - the rest must
    148. 

  148.         // be the pathInfo;
    149. 

  149. 

  150.         String both=pathInContext;
    151. 

  151.         String first=both;
    152. 

  152.         String last="";
    153. 

  153. 

  154.         File exe=new File(_docRoot, first);
    155. 

  155. 

  156.         while ((first.endsWith("/") || !exe.exists()) && first.length()>=0)
    157. 

  157.         {
    158. 

  158.             int index=first.lastIndexOf('/');
    159. 

  159. 

  160.             first=first.substring(0, index);
    161. 

  161.             last=both.substring(index, both.length());
    162. 

  162.             exe=new File(_docRoot, first);
    163. 

  163.         }
    164. 

  164. 

  165.         if (first.length()==0 ||
    166. 

  166.             !exe.exists() ||
    167. 

  167.             !exe.getCanonicalPath().equals(exe.getAbsolutePath()) ||
    168. 

  168.             exe.isDirectory())
    169. 

  169.             res.sendError(404);
    170. 

  170.         else
    171. 

  171.         {
    172. 

  172.             if(log.isDebugEnabled())log.debug("CGI: script is "+exe);
    173. 

  173.             if(log.isDebugEnabled())log.debug("CGI: pathInfo is "+last);
    174. 

  174. 

  175.             exec(exe, last, req, res);
    176. 

  176.         }
    177. 

  177.     }
    178. 

  178. 

  179.     /* ------------------------------------------------------------ */
    180. 

  180.     /*
    181. 

  181.      * @param root
    182. 

  182.      * @param path
    183. 

  183.      * @param req
    184. 

  184.      * @param res
    185. 

  185.      * @exception IOException
    186. 

  186.      */
    187. 

  187.     private void exec(File command,
    188. 

  188.                       String pathInfo,
    189. 

  189.                       HttpServletRequest req,
    190. 

  190.                       HttpServletResponse res)
    191. 

  191.         throws IOException
    192. 

  192.     {
    193. 

  193.         String path=command.toString();
    194. 

  194.         File dir=command.getParentFile();
    195. 

  195.         if(log.isDebugEnabled())log.debug("CGI: execing: "+path);
    196. 

  196. 

  197. 	EnvList env = new EnvList(_env);
    198. 

  198. 

  199. 	// these ones are from "The WWW Common Gateway Interface Version 1.1"
    200. 

  200. 	// look at : http://Web.Golux.Com/coar/cgi/draft-coar-cgi-v11-03-clean.html#6.1.1
    201. 

  201. 	env.set("AUTH_TYPE", req.getAuthType());
    202. 

  202. 	env.set("CONTENT_LENGTH", Integer.toString(req.getContentLength()));
    203. 

  203. 	env.set("CONTENT_TYPE", req.getContentType());
    204. 

  204. 	env.set("GATEWAY_INTERFACE", "CGI/1.1");
    205. 

  205. 	env.set("PATH_INFO", pathInfo);
    206. 

  206. 	env.set("PATH_TRANSLATED", req.getPathTranslated());
    207. 

  207. 	env.set("QUERY_STRING", req.getQueryString());
    208. 

  208. 	env.set("REMOTE_ADDR", req.getRemoteAddr());
    209. 

  209. 	env.set("REMOTE_HOST", req.getRemoteHost());
    210. 

  210. 	// The identity information reported about the connection by a
    211. 

  211. 	// RFC 1413 [11] request to the remote agent, if
    212. 

  212. 	// available. Servers MAY choose not to support this feature, or
    213. 

  213. 	// not to request the data for efficiency reasons.
    214. 

  214. 	// "REMOTE_IDENT" => "NYI"
    215. 

  215. 	env.set("REMOTE_USER", req.getRemoteUser());
    216. 

  216. 	env.set("REQUEST_METHOD", req.getMethod());
    217. 

  217.     String scriptName = req.getRequestURI().substring(0,req.getRequestURI().length() - pathInfo.length());
    218. 

  218. 	env.set("SCRIPT_NAME",scriptName);
    219. 

  219.     env.set("SCRIPT_FILENAME",getServletContext().getRealPath(scriptName));
    220. 

  220.     env.set("SERVER_NAME", req.getServerName());
    221. 

  221. 	env.set("SERVER_PORT", Integer.toString(req.getServerPort()));
    222. 

  222. 	env.set("SERVER_PROTOCOL", req.getProtocol());
    223. 

  223.         env.set("SERVER_SOFTWARE", getServletContext().getServerInfo());
    224. 

  224. 	Enumeration enm = req.getHeaderNames();
    225. 

  225. 	while (enm.hasMoreElements())
    226. 

  226. 	{
    227. 

  227. 	    String name = (String) enm.nextElement();
    228. 

  228. 	    String value = req.getHeader(name);
    229. 

  229. 	    env.set("HTTP_" + name.toUpperCase().replace( '-', '_' ), value);
    230. 

  230. 	}
    231. 

  231. 

  232. 	// these extra ones were from printenv on www.dev.nomura.co.uk
    233. 

  233. 	env.set("HTTPS", (req.isSecure()?"ON":"OFF"));
    234. 

  234. 	// "DOCUMENT_ROOT" => root + "/docs",
    235. 

  235. 	// "SERVER_URL" => "NYI - http://us0245",
    236. 

  236. 	// "TZ" => System.getProperty("user.timezone"),
    237. 

  237. 

  238.         // are we meant to decode args here ? or does the script get them
    239. 

  239.         // via PATH_INFO ?  if we are, they should be decoded and passed
    240. 

  240.         // into exec here...
    241. 

  241. 

  242.         String execCmd=path;
    243. 

  243.         if (execCmd.indexOf(" ")>=0)
    244. 

  244.             execCmd="\""+execCmd+"\"";
    245. 

  245.         if (_cmdPrefix!=null)
    246. 

  246.             execCmd=_cmdPrefix+" "+execCmd;
    247. 

  247. 

  248.         Process p=dir==null
    249. 

  249.             ?Runtime.getRuntime().exec(execCmd, env.getEnvArray())
    250. 

  250.             :Runtime.getRuntime().exec(execCmd, env.getEnvArray(),dir);
    251. 

  251. 

  252.         // hook processes input to browser's output (async)
    253. 

  253.         final InputStream inFromReq=req.getInputStream();
    254. 

  254.         final OutputStream outToCgi=p.getOutputStream();
    255. 

  255.         final int inputLength = req.getContentLength();
    256. 

  256. 

  257.         new Thread(new Runnable()
    258. 

  258.             {
    259. 

  259.                 public void run()
    260. 

  260.                 {
    261. 

  261.                     try{
    262. 

  262.                         if (inputLength>0)
    263. 

  263.                             IO.copy(inFromReq,outToCgi,inputLength);
    264. 

  264.                         outToCgi.close();
    265. 

  265.                     }
    266. 

  266.                     catch(IOException e){LogSupport.ignore(log,e);}
    267. 

  267.                 }
    268. 

  268.             }).start();
    269. 

  269. 

  270. 

  271.         // hook processes output to browser's input (sync)
    272. 

  272.         // if browser closes stream, we should detect it and kill process...
    273. 

  273.         try
    274. 

  274.         {
    275. 

  275.             // read any headers off the top of our input stream
    276. 

  276.             LineInput li = new LineInput(p.getInputStream());
    277. 

  277.             HttpFields fields=new HttpFields();
    278. 

  278.             fields.read(li);
    279. 

  279. 

  280.             String ContentStatus = "Status";
    281. 

  281.             String redirect = fields.get(HttpFields.__Location);
    282. 

  282.             String status   = fields.get(ContentStatus);
    283. 

  283. 

  284.             if (status!=null)
    285. 

  285.             {
    286. 

  286.                 log.debug("Found a Status header - setting status on response");
    287. 

  287.                 fields.remove(ContentStatus);
    288. 

  288. 

  289.                 // NOTE: we ignore any reason phrase, otherwise we
    290. 

  290.                 // would need to use res.sendError() selectively.
    291. 

  291.                 int i = status.indexOf(' ');
    292. 

  292.                 if (i>0)
    293. 

  293.                     status = status.substring(0,i);
    294. 

  294. 

  295.                 res.setStatus(Integer.parseInt(status));
    296. 

  296.             }
    297. 

  297. 

  298.             // copy remaining headers into response...
    299. 

  299. 	    for (Iterator i=fields.iterator(); i.hasNext();)
    300. 

  300.             {
    301. 

  301.                 HttpFields.Entry e=(HttpFields.Entry)i.next();
    302. 

  302.                 res.addHeader(e.getKey(),e.getValue());
    303. 

  303.             }
    304. 

  304. 

  305.             if (status==null && redirect != null)
    306. 

  306.             {
    307. 

  307.                 // The CGI has set Location and is counting on us to do the redirect.
    308. 

  308.                 // See http://CGI-Spec.Golux.Com/draft-coar-cgi-v11-03-clean.html#7.2.1.2
    309. 

  309.                 if (!redirect.startsWith("http:/")&&!redirect.startsWith("https:/"))
    310. 

  310.                     res.sendRedirect(redirect);
    311. 

  311.                 else
    312. 

  312.                     res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
    313. 

  313.             }
    314. 

  314. 

  315.             // copy remains of input onto output...
    316. 

  316.             IO.copy(li, res.getOutputStream());
    317. 

  317. 

  318. 	    p.waitFor();
    319. 

  319. 	    int exitValue = p.exitValue();
    320. 

  320. 	    if(log.isDebugEnabled())log.debug("CGI: p.exitValue(): " + exitValue);
    321. 

  321. 	    if (0 != exitValue)
    322. 

  322. 	    {
    323. 

  323. 		log.warn("Non-zero exit status ("+exitValue+
    324. 

  324. 			     ") from CGI program: "+path);
    325. 

  325. 		if (!res.isCommitted())
    326. 

  326. 		    res.sendError(500, "Failed to exec CGI");
    327. 

  327. 	    }
    328. 

  328.         }
    329. 

  329.         catch (IOException e)
    330. 

  330.         {
    331. 

  331.             // browser has probably closed its input stream - we
    332. 

  332.             // terminate and clean up...
    333. 

  333.             log.debug("CGI: Client closed connection!");
    334. 

  334.         }
    335. 

  335. 	catch (InterruptedException ie)
    336. 

  336.         {
    337. 

  337.             log.debug("CGI: interrupted!");
    338. 

  338.         }
    339. 

  339. 	finally
    340. 

  340. 	{
    341. 

  341.             p.destroy();
    342. 

  342. 	}
    343. 

  343. 

  344. 	if(log.isDebugEnabled())log.debug("CGI: Finished exec: " + p);
    345. 

  345.     }
    346. 

  346. 

  347. 

  348.     /* ------------------------------------------------------------ */
    349. 

  349.     /** private utility class that manages the Environment passed
    350. 

  350.      * to exec.
    351. 

  351.      */
    352. 

  352.     private static class EnvList
    353. 

  353.     {
    354. 

  354.         private Map envMap;
    355. 

  355. 

  356.         EnvList()
    357. 

  357.         {
    358. 

  358.             envMap= new HashMap();
    359. 

  359.         }
    360. 

  360. 

  361.         EnvList(EnvList l)
    362. 

  362.         {
    363. 

  363.             envMap= new HashMap(l.envMap);
    364. 

  364.         }
    365. 

  365. 

  366. 	/** Set a name/value pair, null values will be treated as
    367. 

  367. 	 * an empty String */
    368. 

  368. 	public void set(String name, String value) {
    369. 

  369.             envMap.put(name, name + "=" + StringUtil.nonNull(value));
    370. 

  370. 	}
    371. 

  371. 

  372. 	/** Get representation suitable for passing to exec. */
    373. 

  373. 	public String[] getEnvArray()
    374. 

  374. 	{
    375. 

  375.             return (String[])envMap.values().toArray(new String[envMap.size()]);
    376. 

  376. 	}
    377. 

  377.     }
    378. 

  378. }
    379. 

  379.