passenger 3.9.2.beta → 4.0.0.rc4

data/ext/common/Utils/Curl.h

@@ -0,0 +1,184 @@
+/*
+ *  Phusion Passenger - https://www.phusionpassenger.com/
+ *  Copyright (c) 2013 Phusion
+ *
+ *  "Phusion Passenger" is a trademark of Hongli Lai & Ninh Bui.
+ *
+ *  Permission is hereby granted, free of charge, to any person obtaining a copy
+ *  of this software and associated documentation files (the "Software"), to deal
+ *  in the Software without restriction, including without limitation the rights
+ *  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *  copies of the Software, and to permit persons to whom the Software is
+ *  furnished to do so, subject to the following conditions:
+ *
+ *  The above copyright notice and this permission notice shall be included in
+ *  all copies or substantial portions of the Software.
+ *
+ *  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ *  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ *  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ *  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ *  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ *  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *  THE SOFTWARE.
+ */
+#ifndef _PASSENGER_UTILS_CURL_H_
+#define _PASSENGER_UTILS_CURL_H_
+
+/**
+ * Utilities for setting libcurl proxy information. Proxy information is contained
+ * in a user-supplied string in the form of:
+ *
+ *     protocol://[username:password@]host[:port][?option1,option2]
+ *
+ * The address may also be `none`, which indicates that proxy usage should be
+ * explicitly disabled even when environment variables such as "http_proxy" etc
+ * are set.
+ *
+ * You are supposed to prepare a CurlProxyInfo object with prepareCurlProxy().
+ * Keep this object alive as long as you're using the CURL handle.
+ * Then, call setCurlProxy() to set the proxy information on the CURL handle.
+ *
+ * prepareCurlProxy() throws ArgumentException upon encountering an invalid
+ * proxy address.
+ *
+ * If the address is an empty string, prepareCurlProxy() and setCurlProxy()
+ * don't do anything.
+ */
+
+#include <string>
+#include <cstring>
+#include <curl/curl.h>
+#include <boost/foreach.hpp>
+#include <Exceptions.h>
+#include <Utils.h>
+#include <Utils/StrIntUtils.h>
+
+namespace Passenger {
+
+using namespace std;
+using namespace boost;
+
+struct CurlProxyInfo {
+	string hostAndPort;
+	string credentials;
+	long type;
+	bool none;
+	bool httpTunnel;
+
+	CurlProxyInfo()
+		: type(0),
+		  none(false),
+		  httpTunnel(false)
+		{ }
+};
+
+inline const CurlProxyInfo
+prepareCurlProxy(const string &address) {
+	if (address.empty()) {
+		return CurlProxyInfo();
+	} else if (address == "none") {
+		CurlProxyInfo result;
+		result.none = true;
+		return result;
+	} else {
+		CurlProxyInfo result;
+		size_t protocolLen;
+		vector<string> options;
+		string::size_type pos;
+
+		if (startsWith(address, "http://")) {
+			protocolLen = strlen("http://");
+			result.type = CURLPROXY_HTTP;
+		} else if (startsWith(address, "socks5://")) {
+			protocolLen = strlen("socks5://");
+			result.type = CURLPROXY_SOCKS5;
+		} else if (startsWith(address, "socks4://")) {
+			protocolLen = strlen("socks4://");
+			#if LIBCURL_VERSION_NUM >= 0x070A00
+				result.type = CURLPROXY_SOCKS4;
+			#else
+				throw ArgumentException("Socks4 proxies are not supported because "
+					"libcurl doesn't support it. Please upgrade libcurl to version "
+					"7.10 or higher.");
+			#endif
+		} else if (startsWith(address, "socks4a://")) {
+			protocolLen = strlen("socks4a://");
+			#if LIBCURL_VERSION_NUM >= 0x071200
+				result.type = CURLPROXY_SOCKS4A;
+			#else
+				throw ArgumentException("Socks4A proxies are not supported because "
+					"libcurl doesn't support it. Please upgrade libcurl to version "
+					"7.18.0 or higher.");
+			#endif
+		} else if (startsWith(address, "socks5h://")) {
+			protocolLen = strlen("socks5h://");
+			#if LIBCURL_VERSION_NUM >= 0x071200
+				result.type = CURLPROXY_SOCKS5_HOSTNAME;
+			#else
+				throw ArgumentException("Socks5 proxies (with proxy DNS resolving) are "
+					"not supported because libcurl doesn't support it. Please upgrade "
+					"libcurl to version 7.18.0 or higher.");
+			#endif
+		} else if (address.find("://") == string::npos) {
+			throw ArgumentException("Invalid proxy address: no protocol specified.");
+		} else {
+			throw ArgumentException("Only 'http' and 'socks5' proxies are supported.");
+		}
+
+		result.hostAndPort = address.substr(protocolLen);
+
+		// Extract options.
+		pos = result.hostAndPort.find("?");
+		if (pos != string::npos) {
+			string optionsString = result.hostAndPort.substr(pos + 1);
+			result.hostAndPort.erase(pos);
+			split(optionsString, ',', options);
+		}
+
+		// Extract authentication credentials.
+		pos = result.hostAndPort.find("@");
+		if (pos != string::npos) {
+			result.credentials = result.hostAndPort.substr(0, pos);
+			result.hostAndPort.erase(0, pos + 1);
+		}
+
+		if (result.hostAndPort.empty()) {
+			throw ArgumentException("No proxy host name given.");
+		}
+
+		foreach (const string option, options) {
+			if (option == "tunnel") {
+				if (result.type == CURLPROXY_HTTP) {
+					result.httpTunnel = true;
+				} else {
+					throw ArgumentException("The 'tunnel' option is only supported for HTTP proxies.");
+				}
+			} else {
+				throw ArgumentException("Invalid proxy address option '" + option + "'.");
+			}
+		}
+
+		return result;
+	}
+}
+
+inline void
+setCurlProxy(CURL *curl, const CurlProxyInfo &proxyInfo) {
+	if (proxyInfo.hostAndPort.empty()) {
+		return;
+	} else if (proxyInfo.none) {
+		curl_easy_setopt(curl, CURLOPT_PROXY, "");
+	} else {
+		curl_easy_setopt(curl, CURLOPT_PROXY, proxyInfo.hostAndPort.c_str());
+		curl_easy_setopt(curl, CURLOPT_PROXYTYPE, proxyInfo.type);
+		curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD, proxyInfo.credentials.c_str());
+		if (proxyInfo.httpTunnel) {
+			curl_easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1);
+		}
+	}
+}
+
+} // namespace Passenger
+
+#endif /* _PASSENGER_UTILS_CURL_H_ */

data/ext/common/{HttpConstants.h → Utils/HttpConstants.h}

@@ -131,6 +131,9 @@ getStatusCodeAndReasonPhrase(int statusCode) {
 		return "429 Too Many Requests";
 	case 431:
 		return "431 Request Header Fields Too Large";
+	case 444:
+		// Nginx specific, used for timeouts.
+		return "444 No Response";
 	case 449:
 		return "449 Retry With";
 	case 450:

data/ext/common/Utils/IOUtils.cpp

@@ -1148,8 +1148,12 @@ readAll(int fd) {
 		if (ret == 0) {
 			break;
 		} else if (ret == -1) {
-			int e = errno;
-			throw SystemException("Cannot read from file descriptor", e);
+			if (errno == ECONNRESET) {
+				break;
+			} else {
+				int e = errno;
+				throw SystemException("Cannot read from file descriptor", e);
+			}
 		} else {
 			result.append(buf, ret);
 		}

data/ext/common/Utils/LargeFiles.cpp

@@ -0,0 +1,30 @@
+#define _FILE_OFFSET_BITS 64
+#define _LARGE_FILES 1
+#define _LARGEFILE_SOURCE
+#define _LARGEFILE64_SOURCE
+
+#include <Utils/LargeFiles.h>
+#include <stdlib.h>
+
+namespace Passenger {
+
+FILE *
+lfs_fopen(const char *filename, const char *mode) {
+	return fopen(filename, mode);
+}
+
+FILE *
+lfs_fdopen(int filedes, const char *mode) {
+	return fdopen(filedes, mode);
+}
+
+int
+lfs_mkstemp(char *templ) {
+	#ifdef __linux__
+		return mkstemp64(templ);
+	#else
+		return mkstemp(templ);
+	#endif
+}
+
+} // namespace Passenger

data/ext/common/Utils/LargeFiles.h

@@ -0,0 +1,40 @@
+/*
+ *  Phusion Passenger - https://www.phusionpassenger.com/
+ *  Copyright (c) 2013 Phusion
+ *
+ *  "Phusion Passenger" is a trademark of Hongli Lai & Ninh Bui.
+ *
+ *  Permission is hereby granted, free of charge, to any person obtaining a copy
+ *  of this software and associated documentation files (the "Software"), to deal
+ *  in the Software without restriction, including without limitation the rights
+ *  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *  copies of the Software, and to permit persons to whom the Software is
+ *  furnished to do so, subject to the following conditions:
+ *
+ *  The above copyright notice and this permission notice shall be included in
+ *  all copies or substantial portions of the Software.
+ *
+ *  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ *  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ *  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ *  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ *  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ *  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *  THE SOFTWARE.
+ */
+#ifndef _PASSENGER_UTILS_LARGE_FILES_H_
+#define _PASSENGER_UTILS_LARGE_FILES_H_
+
+#include <stdio.h>
+
+/* Allows access to Large File Support APIs, if the OS supports them. */
+
+namespace Passenger {
+
+FILE *lfs_fopen(const char *filename, const char *mode);
+FILE *lfs_fdopen(int filedes, const char *mode);
+int lfs_mkstemp(char *templ);
+
+} // namespace Passenger
+
+#endif /* _PASSENGER_UTILS_LARGE_FILES_H_ */

data/ext/common/Utils/StrIntUtils.cpp

@@ -1,6 +1,6 @@
 /*
  *  Phusion Passenger - https://www.phusionpassenger.com/
- *  Copyright (c) 2010, 2011, 2012 Phusion
+ *  Copyright (c) 2010-2013 Phusion
  *
  *  "Phusion Passenger" is a trademark of Hongli Lai & Ninh Bui.
  *
@@ -59,16 +59,18 @@ startsWith(const StaticString &str, const StaticString &substr) {
 }
 
 template<typename OutputString>
-void
+static void
 _split(const StaticString &str, char sep, vector<OutputString> &output) {
-	string::size_type start, pos;
-	start = 0;
 	output.clear();
-	while ((pos = str.find(sep, start)) != string::npos) {
-		output.push_back(str.substr(start, pos - start));
-		start = pos + 1;
+	if (!str.empty()) {
+		string::size_type start, pos;
+		start = 0;
+		while ((pos = str.find(sep, start)) != string::npos) {
+			output.push_back(str.substr(start, pos - start));
+			start = pos + 1;
+		}
+		output.push_back(str.substr(start));
 	}
-	output.push_back(str.substr(start));
 }
 
 void
@@ -81,6 +83,33 @@ split(const StaticString &str, char sep, vector<StaticString> &output) {
 	_split(str, sep, output);
 }
 
+template<typename OutputString>
+static void
+_splitIncludeSep(const StaticString &str, char sep, vector<OutputString> &output) {
+	output.clear();
+	if (!str.empty()) {
+		string::size_type start, pos;
+		start = 0;
+		while ((pos = str.find(sep, start)) != string::npos) {
+			output.push_back(str.substr(start, pos - start + 1));
+			start = pos + 1;
+		}
+		if (start != str.size()) {
+			output.push_back(str.substr(start));
+		}
+	}
+}
+
+void
+splitIncludeSep(const StaticString &str, char sep, vector<string> &output) {
+	_splitIncludeSep(str, sep, output);
+}
+
+void
+splitIncludeSep(const StaticString &str, char sep, vector<StaticString> &output) {
+	_splitIncludeSep(str, sep, output);
+}
+
 string
 replaceString(const string &str, const string &toFind, const string &replaceWith) {
 	string::size_type pos = str.find(toFind);
@@ -92,6 +121,19 @@ replaceString(const string &str, const string &toFind, const string &replaceWith
 	}
 }
 
+string
+strip(const StaticString &str) {
+	const char *data = str.data();
+	const char *end = str.data() + str.size();
+	while (data < end && (*data == ' ' || *data == '\n' || *data == '\t')) {
+		data++;
+	}
+	while (end > data && (end[-1] == ' ' || end[-1] == '\n' || end[-1] == '\t')) {
+		end--;
+	}
+	return string(data, end - data);
+}
+
 string
 toString(const vector<string> &vec) {
 	vector<StaticString> vec2;
@@ -333,6 +375,28 @@ atol(const string &s) {
 	return ::atol(s.c_str());
 }
 
+bool
+constantTimeCompare(const StaticString &a, const StaticString &b) {
+	// http://blog.jasonmooberry.com/2010/10/constant-time-string-comparison/
+	// See also ActiveSupport::MessageVerifier#secure_compare.
+	if (a.size() != b.size()) {
+		return false;
+	} else {
+		const char *x = a.data();
+		const char *y = b.data();
+		const char *end = a.data() + a.size();
+		int result = 0;
+
+		while (x < end) {
+			result |= *x ^ *y;
+			x++;
+			y++;
+		}
+
+		return result == 0;
+	}
+}
+
 string
 distanceOfTimeInWords(time_t fromTime, time_t toTime) {
 	time_t seconds;

data/ext/common/Utils/StrIntUtils.h

@@ -1,6 +1,6 @@
 /*
  *  Phusion Passenger - https://www.phusionpassenger.com/
- *  Copyright (c) 2010, 2011, 2012 Phusion
+ *  Copyright (c) 2010-2013 Phusion
  *
  *  "Phusion Passenger" is a trademark of Hongli Lai & Ninh Bui.
  *
@@ -67,7 +67,8 @@ string fillInMiddle(unsigned int max, const string &prefix, const string &middle
 bool startsWith(const StaticString &str, const StaticString &substr);
 
 /**
- * Split the given string using the given separator.
+ * Split the given string using the given separator. Excludes the
+ * separator from the output.
  *
  * @param str The string to split.
  * @param sep The separator to use.
@@ -76,12 +77,28 @@ bool startsWith(const StaticString &str, const StaticString &substr);
 void split(const StaticString &str, char sep, vector<string> &output);
 void split(const StaticString &str, char sep, vector<StaticString> &output);
 
+/**
+ * Split the given string using the given separator. Includes the
+ * separator in the output, at the end of an item.
+ *
+ * @param str The string to split.
+ * @param sep The separator to use.
+ * @param output The vector to write the output to.
+ */
+void splitIncludeSep(const StaticString &str, char sep, vector<string> &output);
+void splitIncludeSep(const StaticString &str, char sep, vector<StaticString> &output);
+
 /**
  * Look for 'toFind' inside 'str', replace it with 'replaceWith' and return the result.
  * Only the first occurence of 'toFind' is replaced.
  */
 string replaceString(const string &str, const string &toFind, const string &replaceWith);
 
+/**
+ * Strips leading and trailing whitespaces.
+ */
+string strip(const StaticString &str);
+
 /**
  * Convert anything to a string.
  */
@@ -225,6 +242,11 @@ roundUp(IntegerType number, IntegerType multiple) {
 	return (number + multiple - 1) / multiple * multiple;
 }
 
+/**
+ * Compare two strings using a constant time algorithm to avoid timing attacks.
+ */
+bool constantTimeCompare(const StaticString &a, const StaticString &b);
+
 string distanceOfTimeInWords(time_t fromTime, time_t toTime = 0);
 
 /**