Newer
Older
/* websrvr.c */
/* Synchronet Web Server */
/* $Id$ */
/****************************************************************************
* @format.tab-size 4 (Plain Text/Source Code File Header) *
* @format.use-tabs true (see http://www.synchro.net/ptsc_hdr.html) *
* *
* Copyright 2011 Rob Swindell - http://www.synchro.net/copyright.html *
* *
* This program is free software; you can redistribute it and/or *
* modify it under the terms of the GNU General Public License *
* as published by the Free Software Foundation; either version 2 *
* of the License, or (at your option) any later version. *
* See the GNU General Public License for more details: gpl.txt or *
* http://www.fsf.org/copyleft/gpl.html *
* *
* Anonymous FTP access to the most recent released source is available at *
* ftp://vert.synchro.net, ftp://cvs.synchro.net and ftp://ftp.synchro.net *
* *
* Anonymous CVS access to the development source and modification history *
* is available at cvs.synchro.net:/cvsroot/sbbs, example: *
* cvs -d :pserver:anonymous@cvs.synchro.net:/cvsroot/sbbs login *
* (just hit return, no password is necessary) *
* cvs -d :pserver:anonymous@cvs.synchro.net:/cvsroot/sbbs checkout src *
* *
* For Synchronet coding style and modification guidelines, see *
* http://www.synchro.net/source.html *
* *
* You are encouraged to submit any modifications (preferably in Unix diff *
* format) via e-mail to mods@synchro.net *
* *
* Note: If this box doesn't appear square, then you need to fix your tabs. *
****************************************************************************/
/*
* General notes: (ToDo stuff)
*
* Support the ident protocol... the standard log format supports it.
* Add in support to pass connections through to a different webserver...
* probobly in access.ars... with like a simplified mod_rewrite.
* This would allow people to run apache and Synchronet as the same site.
//#define ONE_JS_RUNTIME
#if defined(__unix__)
#include <sys/wait.h> /* waitpid() */
#include <sys/types.h>
#include <signal.h> /* kill() */
#define JAVASCRIPT
#undef SBBS /* this shouldn't be defined unless building sbbs.dll/libsbbs.so */
#include "sockwrap.h" /* sendfilesocket() */
#include "threadwrap.h"
#include "semwrap.h"
#include "websrvr.h"
#include "js_rtpool.h"
#include "js_request.h"
static const char* server_name="Synchronet Web Server";
static const char* newline="\r\n";
static const char* http_scheme="http://";
static const size_t http_scheme_len=7;
static const char* error_301="301 Moved Permanently";
static const char* error_302="302 Moved Temporarily";
static const char* error_404="404 Not Found";
static const char* error_416="416 Requested Range Not Satisfiable";
static const char* error_500="500 Internal Server Error";
static const char* unknown="<unknown>";
#define MAX_REQUEST_LINE 1024 /* NOT including terminator */
#define MAX_HEADERS_SIZE 16384 /* Maximum total size of all headers
(Including terminator )*/
#define MAX_REDIR_LOOPS 20 /* Max. times to follow internal redirects for a single request */
#define MAX_POST_LEN 1048576 /* Max size of body for POSTS */
#define OUTBUF_LEN 20480 /* Size of output thread ring buffer */
enum {
CLEANUP_SSJS_TMP_FILE
,CLEANUP_POST_DATA
,MAX_CLEANUPS
static scfg_t scfg;
static volatile BOOL http_logging_thread_running=FALSE;
static volatile ulong active_clients=0;
static volatile ulong sockets=0;
static volatile BOOL terminate_server=FALSE;
static volatile BOOL terminate_http_logging_thread=FALSE;
static volatile ulong thread_count=0;
static volatile SOCKET server_socket=INVALID_SOCKET;
static volatile SOCKET server_socket6=INVALID_SOCKET;
static char revision[16];
static char root_dir[MAX_PATH+1];
static char error_dir[MAX_PATH+1];
static char temp_dir[MAX_PATH+1];
static char cgi_env_ini[MAX_PATH+1];
static char default_auth_list[MAX_PATH+1];
static volatile time_t uptime=0;
static volatile ulong served=0;
static web_startup_t* startup=NULL;
static js_server_props_t js_server_props;
static str_list_t recycle_semfiles;
static str_list_t shutdown_semfiles;
static str_list_t cgi_env;
static volatile ulong session_threads=0;
static named_string_t** mime_types;
static named_string_t** cgi_handlers;
static named_string_t** xjs_handlers;
/* Logging stuff */
link_list_t log_list;
struct log_data {
char *hostname;
char *ident;
char *user;
char *request;
char *referrer;
char *agent;
char *vhost;
int status;
unsigned int size;
struct tm completed;
};
enum auth_type {
AUTHENTICATION_UNKNOWN
,AUTHENTICATION_BASIC
,AUTHENTICATION_DIGEST
};
char *auth_type_names[4] = {
"Unknown"
,"Basic"
,"Digest"
,NULL
};
enum algorithm {
ALGORITHM_UNKNOWN
,ALGORITHM_MD5
,ALGORITHM_MD5_SESS
};
enum qop_option {
QOP_NONE
,QOP_AUTH
,QOP_AUTH_INT
,QOP_UNKNOWN
};
typedef struct {
enum auth_type type;
char username[(LEN_ALIAS > LEN_NAME ? LEN_ALIAS : LEN_NAME)+1];
char password[LEN_PASS+1];
char *digest_uri;
char *realm;
char *nonce;
enum algorithm algorithm;
enum qop_option qop_value;
char *cnonce;
char *nonce_count;
unsigned char digest[16]; /* MD5 digest */
BOOL stale;
typedef struct {
char virtual_path[MAX_PATH+1];
char physical_path[MAX_PATH+1];
BOOL expect_go_ahead;
time_t if_modified_since;
BOOL keep_alive;
char ars[256];
char host[128]; /* The requested host. (as used for self-referencing URLs) */
char vhost[128]; /* The requested host. (virtual host) */
int send_location;
const char* mime_type;
str_list_t headers;
char status[MAX_REQUEST_LINE+1];
char * post_data;
size_t post_len;
int dynamic;
char xjs_handler[MAX_PATH+1];
struct log_data *ld;
char request_line[MAX_REQUEST_LINE+1];
BOOL finished; /* Done processing request. */
BOOL read_chunked;
BOOL write_chunked;
long range_start;
long range_end;
BOOL path_info_index;
/* CGI parameters */
char query_str[MAX_REQUEST_LINE+1];
char extra_path_info[MAX_REQUEST_LINE+1];
str_list_t cgi_env;
str_list_t dynamic_heads;
/* Dynamically (sever-side JS) generated HTML parameters */
FILE* fp;
BOOL sent_headers;
BOOL prev_write;
/* webctrl.ini overrides */
char *error_dir;
char *cgi_dir;
char *realm;
} http_request_t;
typedef struct {
SOCKET socket;
SOCKADDR_IN addr;
SOCKET socket6;
SOCKADDR_IN addr6;
http_request_t req;
char host_ip[64];
char host_name[128]; /* Resolved remote host */
int http_ver; /* HTTP version. 0 = HTTP/0.9, 1=HTTP/1.0, 2=HTTP/1.1 */
BOOL finished; /* Do not accept any more imput from client */
user_t user;
int last_user_num;
time_t logon_time;
int last_js_user_num;
/* JavaScript parameters */
JSRuntime* js_runtime;
JSContext* js_cx;
JSObject* js_glob;
JSObject* js_query;
JSObject* js_header;
JSObject* js_cookie;
JSObject* js_request;
js_branch_t js_branch;
/* Ring Buffer Stuff */
RingBuf outbuf;
sem_t output_thread_terminated;
int outbuf_write_initialized;
pthread_mutex_t outbuf_write;
/* Client info */
client_t client;
/* Synchronization stuff */
pthread_mutex_t struct_filled;
} http_session_t;
enum {
HTTP_0_9
,HTTP_1_0
,HTTP_1_1
};
static char* http_vers[] = {
""
,"HTTP/1.0"
,"HTTP/1.1"
};
enum {
HTTP_HEAD
,HTTP_GET
,HTTP_POST
,HTTP_OPTIONS
IS_STATIC
,IS_CGI
,IS_JS
,IS_SSJS
};
HEAD_DATE
,HEAD_HOST
,HEAD_IFMODIFIED
,HEAD_LENGTH
,HEAD_TYPE
,HEAD_AUTH
,HEAD_CONNECTION
,HEAD_WWWAUTH
,HEAD_STATUS
,HEAD_ALLOW
,HEAD_EXPIRES
,HEAD_LASTMODIFIED
,HEAD_LOCATION
,HEAD_PRAGMA
,HEAD_SERVER
,HEAD_REFERER
,HEAD_AGENT
,HEAD_TRANSFER_ENCODING
,HEAD_ACCEPT_RANGES
,HEAD_CONTENT_RANGE
,HEAD_RANGE
,HEAD_COOKIE
};
static struct {
int id;
char* text;
} headers[] = {
{ HEAD_DATE, "Date" },
{ HEAD_HOST, "Host" },
{ HEAD_IFMODIFIED, "If-Modified-Since" },
{ HEAD_LENGTH, "Content-Length" },
{ HEAD_TYPE, "Content-Type" },
{ HEAD_AUTH, "Authorization" },
{ HEAD_CONNECTION, "Connection" },
{ HEAD_WWWAUTH, "WWW-Authenticate" },
{ HEAD_STATUS, "Status" },
{ HEAD_ALLOW, "Allow" },
{ HEAD_EXPIRES, "Expires" },
{ HEAD_LASTMODIFIED, "Last-Modified" },
{ HEAD_LOCATION, "Location" },
{ HEAD_PRAGMA, "Pragma" },
{ HEAD_SERVER, "Server" },
{ HEAD_REFERER, "Referer" },
{ HEAD_AGENT, "User-Agent" },
{ HEAD_TRANSFER_ENCODING, "Transfer-Encoding" },
{ HEAD_ACCEPT_RANGES, "Accept-Ranges" },
{ HEAD_CONTENT_RANGE, "Content-Range" },
{ HEAD_RANGE, "Range" },
{ HEAD_COOKIE, "Cookie" },
/* Everything MOVED_TEMP and everything after is a magical internal redirect */
,MOVED_STAT
static char *days[]={"Sun","Mon","Tue","Wed","Thu","Fri","Sat"};
static char *months[]={"Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"};
static void respond(http_session_t * session);
static BOOL js_setup(http_session_t* session);
static char *find_last_slash(char *str);
static BOOL check_extra_path(http_session_t * session);
static BOOL exec_ssjs(http_session_t* session, char* script);
static BOOL ssjs_send_headers(http_session_t* session, int chunked);
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
static time_t
sub_mkgmt(struct tm *tm)
{
int y, nleapdays;
time_t t;
/* days before the month */
static const unsigned short moff[12] = {
0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
};
/*
* XXX: This code assumes the given time to be normalized.
* Normalizing here is impossible in case the given time is a leap
* second but the local time library is ignorant of leap seconds.
*/
/* minimal sanity checking not to access outside of the array */
if ((unsigned) tm->tm_mon >= 12)
return (time_t) -1;
if (tm->tm_year < 1970 - 1900)
return (time_t) -1;
y = tm->tm_year + 1900 - (tm->tm_mon < 2);
nleapdays = y / 4 - y / 100 + y / 400 -
((1970-1) / 4 - (1970-1) / 100 + (1970-1) / 400);
t = ((((time_t) (tm->tm_year - (1970 - 1900)) * 365 +
moff[tm->tm_mon] + tm->tm_mday - 1 + nleapdays) * 24 +
tm->tm_hour) * 60 + tm->tm_min) * 60 + tm->tm_sec;
return (t < 0 ? (time_t) -1 : t);
}
time_t
time_gm(struct tm *tm)
{
time_t t, t2;
struct tm *tm2;
int sec;
/* Do the first guess. */
if ((t = sub_mkgmt(tm)) == (time_t) -1)
return (time_t) -1;
/* save value in case *tm is overwritten by gmtime() */
sec = tm->tm_sec;
tm2 = gmtime(&t);
if ((t2 = sub_mkgmt(tm2)) == (time_t) -1)
return (time_t) -1;
if (t2 < t || tm2->tm_sec != sec) {
/*
* Adjust for leap seconds.
*
* real time_t time
* |
* tm
* / ... (a) first sub_mkgmt() conversion
* t
* |
* tm2
* / ... (b) second sub_mkgmt() conversion
* t2
* --->time
*/
/*
* Do the second guess, assuming (a) and (b) are almost equal.
*/
t += t - t2;
tm2 = gmtime(&t);
/*
* Either (a) or (b), may include one or two extra
* leap seconds. Try t, t + 2, t - 2, t + 1, and t - 1.
*/
if (tm2->tm_sec == sec
|| (t += 2, tm2 = gmtime(&t), tm2->tm_sec == sec)
|| (t -= 4, tm2 = gmtime(&t), tm2->tm_sec == sec)
|| (t += 3, tm2 = gmtime(&t), tm2->tm_sec == sec)
|| (t -= 2, tm2 = gmtime(&t), tm2->tm_sec == sec))
; /* found */
else {
/*
* Not found.
*/
if (sec >= 60)
/*
* The given time is a leap second
* (sec 60 or 61), but the time library
* is ignorant of the leap second.
*/
; /* treat sec 60 as 59,
sec 61 as 0 of the next minute */
else
/* The given time may not be normalized. */
t++; /* restore t */
}
}
return (t < 0 ? (time_t) -1 : t);
}
static int lprintf(int level, const char *fmt, ...)
{
va_list argptr;
char sbuf[1024];
va_start(argptr,fmt);
vsnprintf(sbuf,sizeof(sbuf),fmt,argptr);
sbuf[sizeof(sbuf)-1]=0;
va_end(argptr);
if(level <= LOG_ERR) {
errorlog(&scfg,startup==NULL ? NULL:startup->host_name, sbuf);
if(startup!=NULL && startup->errormsg!=NULL)
startup->errormsg(startup->cbdata,level,sbuf);
}
if(startup==NULL || startup->lputs==NULL || level > startup->log_level)
return(0);
#if defined(_WIN32)
if(IsBadCodePtr((FARPROC)startup->lputs))
return(0);
#endif
return(startup->lputs(startup->cbdata,level,sbuf));
static int writebuf(http_session_t *session, const char *buf, size_t len)
{
size_t sent=0;
size_t avail;
while(sent < len) {
avail=RingBufFree(&session->outbuf);
SLEEP(1);
if(avail > len-sent)
avail=len-sent;
sent+=RingBufWrite(&(session->outbuf), ((char *)buf)+sent, avail);
}
return(sent);
}
static int sock_sendbuf(SOCKET *sock, const char *buf, size_t len, BOOL *failed)
{
size_t sent=0;
int result;
fd_set wr_set;
struct timeval tv;
while(sent<len && *sock!=INVALID_SOCKET) {
FD_ZERO(&wr_set);
FD_SET(*sock,&wr_set);
/* Convert timeout from ms to sec/usec */
tv.tv_sec=startup->max_inactivity;
tv.tv_usec=0;
sel=select(*sock+1,NULL,&wr_set,NULL,&tv);
switch(sel) {
case 1:
result=sendsocket(*sock,buf+sent,len-sent);
if(result==SOCKET_ERROR) {
if(ERROR_VALUE==ECONNRESET)
lprintf(LOG_NOTICE,"%04d Connection reset by peer on send",*sock);
else if(ERROR_VALUE==ECONNABORTED)
lprintf(LOG_NOTICE,"%04d Connection aborted by peer on send",*sock);
#ifdef EPIPE
else if(ERROR_VALUE==EPIPE)
lprintf(LOG_NOTICE,"%04d Unable to send to peer",*sock);
#endif
else
lprintf(LOG_WARNING,"%04d !ERROR %d sending on socket",*sock,ERROR_VALUE);
if(failed)
*failed=TRUE;
return(sent);
}
break;
case 0:
lprintf(LOG_WARNING,"%04d Timeout selecting socket for write",*sock);
if(failed)
*failed=TRUE;
return(sent);
case -1:
lprintf(LOG_WARNING,"%04d !ERROR %d selecting socket for write",*sock,ERROR_VALUE);
if(failed)
*failed=TRUE;
return(sent);
}
sent+=result;
}
if(failed && sent<len)
*failed=TRUE;
return(sent);
}
#ifdef _WINSOCKAPI_
static WSADATA WSAData;
#define SOCKLIB_DESC WSAData.szDescription
static BOOL WSAInitialized=FALSE;
static BOOL winsock_startup(void)
{
int status; /* Status Code */
if((status = WSAStartup(MAKEWORD(1,1), &WSAData))==0) {
lprintf(LOG_DEBUG,"%s %s",WSAData.szDescription, WSAData.szSystemStatus);
WSAInitialized=TRUE;
return (TRUE);
}
lprintf(LOG_CRIT,"!WinSock startup ERROR %d", status);
return (FALSE);
}
#else /* No WINSOCK */
#define winsock_startup() (TRUE)
#define SOCKLIB_DESC NULL
#endif
static void status(char* str)
{
if(startup!=NULL && startup->status!=NULL)
startup->status(startup->cbdata,str);
}
static void update_clients(void)
{
if(startup!=NULL && startup->clients!=NULL)
startup->clients(startup->cbdata,active_clients);
}
static void client_on(SOCKET sock, client_t* client, BOOL update)
{
if(startup!=NULL && startup->client_on!=NULL)
startup->client_on(startup->cbdata,TRUE,sock,client,update);
}
static void client_off(SOCKET sock)
{
if(startup!=NULL && startup->client_on!=NULL)
startup->client_on(startup->cbdata,FALSE,sock,NULL,FALSE);
}
static void thread_up(BOOL setuid)
{
thread_count++;
if(startup!=NULL && startup->thread_up!=NULL)
startup->thread_up(startup->cbdata,TRUE, setuid);
}
static void thread_down(void)
{
if(thread_count>0)
thread_count--;
if(startup!=NULL && startup->thread_up!=NULL)
startup->thread_up(startup->cbdata,FALSE, FALSE);
/*********************************************************************/
/* Adds an environment variable to the sessions cgi_env linked list */
/*********************************************************************/
static void add_env(http_session_t *session, const char *name,const char *value) {
char newname[129];
lprintf(LOG_WARNING,"%04d Attempt to set NULL env variable", session->socket);
return;
}
SAFECOPY(newname,name);
for(p=newname;*p;p++) {
*p=toupper(*p);
if(*p=='-')
*p='_';
}
p=(char *)alloca(strlen(name)+strlen(value)+2);
if(p==NULL) {
lprintf(LOG_WARNING,"%04d Cannot allocate memory for string", session->socket);
return;
}
#if 0 /* this is way too verbose for every request */
lprintf(LOG_DEBUG,"%04d Adding CGI environment variable %s=%s",session->socket,newname,value);
sprintf(p,"%s=%s",newname,value);
strListPush(&session->req.cgi_env,p);
/***************************************/
/* Initializes default CGI envirnoment */
/***************************************/
static void init_enviro(http_session_t *session) {
char str[128];
add_env(session,"SERVER_SOFTWARE",VERSION_NOTICE);
sprintf(str,"%d",startup->port);
add_env(session,"SERVER_PORT",str);
add_env(session,"GATEWAY_INTERFACE","CGI/1.1");
if(!strcmp(session->host_name,session->host_ip))
add_env(session,"REMOTE_HOST",session->host_name);
add_env(session,"REMOTE_ADDR",session->host_ip);
add_env(session,"REQUEST_URI",session->req.request_line);
* Sends string str to socket sock... returns number of bytes written, or 0 on an error
* Can not close the socket since it can not set it to INVALID_SOCKET
*/
static int bufprint(http_session_t *session, const char *str)
return(writebuf(session,str,len));
/**********************************************************/
/* Converts a month name/abbr to the 0-based month number */
/* ToDo: This probobly exists somewhere else already */
/**********************************************************/
static int getmonth(char *mon)
{
int i;
for(i=0;i<12;i++)
if(!stricmp(mon,months[i]))
return(i);
return 0;
}
/*******************************************************************/
/* Converts a date string in any of the common formats to a time_t */
/*******************************************************************/
static time_t decode_date(char *date)
{
struct tm ti;
ti.tm_sec=0; /* seconds (0 - 60) */
ti.tm_min=0; /* minutes (0 - 59) */
ti.tm_hour=0; /* hours (0 - 23) */
ti.tm_mday=1; /* day of month (1 - 31) */
ti.tm_mon=0; /* month of year (0 - 11) */
ti.tm_year=0; /* year - 1900 */
ti.tm_isdst=0; /* is summer time in effect? */
token=strtok_r(date,",",&last);
if(token==NULL)
return(0);
/* This probobly only needs to be 9, but the extra one is for luck. */
if(strlen(date)>15) {
token=strtok_r(date," ",&last);
if(token==NULL)
return(0);
token=strtok_r(NULL," ",&last);
if(token==NULL)
return(0);
ti.tm_mon=getmonth(token);
token=strtok_r(NULL," ",&last);
if(token==NULL)
return(0);
ti.tm_mday=atoi(token);
token=strtok_r(NULL,":",&last);
if(token==NULL)
return(0);
ti.tm_hour=atoi(token);
token=strtok_r(NULL,":",&last);
if(token==NULL)
return(0);
ti.tm_min=atoi(token);
token=strtok_r(NULL," ",&last);
if(token==NULL)
return(0);
ti.tm_sec=atoi(token);
token=strtok_r(NULL,"",&last);
if(token==NULL)
return(0);
ti.tm_year=atoi(token)-1900;
}
else {
/* RFC 1123 or RFC 850 */
token=strtok_r(NULL," -",&last);
if(token==NULL)
return(0);
ti.tm_mday=atoi(token);
token=strtok_r(NULL," -",&last);
if(token==NULL)
return(0);
ti.tm_mon=getmonth(token);
token=strtok_r(NULL," ",&last);
if(token==NULL)
return(0);
ti.tm_year=atoi(token);
token=strtok_r(NULL,":",&last);
if(token==NULL)
return(0);
ti.tm_hour=atoi(token);
token=strtok_r(NULL,":",&last);
if(token==NULL)
return(0);
ti.tm_min=atoi(token);
token=strtok_r(NULL," ",&last);
if(token==NULL)
return(0);
ti.tm_sec=atoi(token);
if(ti.tm_year>1900)
ti.tm_year -= 1900;
}
t=time_gm(&ti);
}
static SOCKET open_socket(int type)
{
char error[256];
SOCKET sock;
sock=socket(AF_INET, type, IPPROTO_IP);
if(sock!=INVALID_SOCKET && startup!=NULL && startup->socket_open!=NULL)
startup->socket_open(startup->cbdata,TRUE);
if(sock!=INVALID_SOCKET) {
if(set_socket_options(&scfg, sock, "web|http", error, sizeof(error)))
lprintf(LOG_ERR,"%04d !ERROR %s",sock,error);
sockets++;
}
return(sock);
}
static int close_socket(SOCKET *sock)
{
int result;
if(sock==NULL || *sock==INVALID_SOCKET)
/* required to ensure all data is send when SO_LINGER is off (Not functional on Win32) */
shutdown(*sock,SHUT_RDWR);
result=closesocket(*sock);
*sock=INVALID_SOCKET;
if(startup!=NULL && startup->socket_open!=NULL) {
startup->socket_open(startup->cbdata,FALSE);
}
sockets--;
if(result!=0) {
if(ERROR_VALUE!=ENOTSOCK)
lprintf(LOG_WARNING,"%04d !ERROR %d closing socket",*sock, ERROR_VALUE);
}
return(result);
}
/* Waits for the outbuf to drain */
static void drain_outbuf(http_session_t * session)
{
if(session->socket==INVALID_SOCKET)
return;
/* Force the output thread to go NOW */
sem_post(&(session->outbuf.highwater_sem));
/* ToDo: This should probobly timeout eventually... */
while(RingBufFull(&session->outbuf) && session->socket!=INVALID_SOCKET)
SLEEP(1);
/* Lock the mutex to ensure data has been sent */
while(session->socket!=INVALID_SOCKET && !session->outbuf_write_initialized)
SLEEP(1);
if(session->socket==INVALID_SOCKET)
pthread_mutex_lock(&session->outbuf_write); /* Win32 Access violation here on Jan-11-2006 - shutting down webserver while in use */
pthread_mutex_unlock(&session->outbuf_write);
}
/**************************************************/
/* End of a single request... */
/* This is called at the end of EVERY request */
/* Log the request */
/* Free request-specific data ie: dynamic stuff */
/* Close socket unless it's being kept alive */
/* If the socket is closed, the session is done */
/**************************************************/
static void close_request(http_session_t * session)
{
if(session->req.write_chunked) {
drain_outbuf(session);
session->req.write_chunked=0;
writebuf(session,"0\r\n",3);
if(session->req.dynamic==IS_SSJS)
ssjs_send_headers(session,FALSE);
else
/* Non-ssjs isn't capable of generating headers during execution */
writebuf(session, newline, 2);
}
/* Force the output thread to go NOW */
sem_post(&(session->outbuf.highwater_sem));
if(session->req.ld!=NULL) {
now=time(NULL);
localtime_r(&now,&session->req.ld->completed);
listPushNode(&log_list,session->req.ld);
session->req.ld=NULL;
}
strListFree(&session->req.headers);
strListFree(&session->req.dynamic_heads);
strListFree(&session->req.cgi_env);
FREE_AND_NULL(session->req.post_data);
FREE_AND_NULL(session->req.error_dir);
FREE_AND_NULL(session->req.cgi_dir);
FREE_AND_NULL(session->req.auth_list);
FREE_AND_NULL(session->req.realm);
FREE_AND_NULL(session->req.digest_realm);
FREE_AND_NULL(session->req.auth_list);
FREE_AND_NULL(session->req.auth.digest_uri);
FREE_AND_NULL(session->req.auth.cnonce);
FREE_AND_NULL(session->req.auth.realm);
FREE_AND_NULL(session->req.auth.nonce);
FREE_AND_NULL(session->req.auth.nonce_count);
/*
* This causes all active http_session_threads to terminate.
*/
if((!session->req.keep_alive) || terminate_server) {
drain_outbuf(session);
close_socket(&session->socket);
if(session->socket==INVALID_SOCKET)
session->finished=TRUE;
if(session->js_cx!=NULL && (session->req.dynamic==IS_SSJS || session->req.dynamic==IS_JS)) {
JS_BEGINREQUEST(session->js_cx);
JS_ENDREQUEST(session->js_cx);
if(session->subscan!=NULL)
putmsgptrs(&scfg, session->user.number, session->subscan);
if(session->req.fp!=NULL)
fclose(session->req.fp);
for(i=0;i<MAX_CLEANUPS;i++) {
if(session->req.cleanup_file[i]!=NULL) {
if(!(startup->options&WEB_OPT_DEBUG_SSJS))
remove(session->req.cleanup_file[i]);
free(session->req.cleanup_file[i]);
}
memset(&session->req,0,sizeof(session->req));
}
static int get_header_type(char *header)
{
for(i=0; headers[i].text!=NULL; i++) {
if(!stricmp(header,headers[i].text)) {
return(headers[i].id);
}
}
return(-1);
}
static char *get_header(int id)
{
if(headers[id].id==id)
return(headers[id].text);
for(i=0;headers[i].text!=NULL;i++) {
if(headers[i].id==id) {
return(headers[i].text);
}
}
return(NULL);
}
static const char* unknown_mime_type="application/octet-stream";
static const char* get_mime_type(char *ext)
if(ext==NULL || mime_types==NULL)
return(unknown_mime_type);
for(i=0;mime_types[i]!=NULL;i++)
if(stricmp(ext+1,mime_types[i]->name)==0)
return(mime_types[i]->value);
return(unknown_mime_type);
static char* get_cgi_handler(const char* fname)
{
char* ext;
size_t i;
if(cgi_handlers==NULL || (ext=getfext(fname))==NULL)
return(NULL);
for(i=0;cgi_handlers[i]!=NULL;i++) {
if(stricmp(cgi_handlers[i]->name, ext+1)==0)
return(cgi_handlers[i]->value);
}
return(NULL);
}
static BOOL get_xjs_handler(char* ext, http_session_t* session)
{
size_t i;
if(ext==NULL || xjs_handlers==NULL || ext[0]==0)
return(FALSE);
for(i=0;xjs_handlers[i]!=NULL;i++) {
if(stricmp(xjs_handlers[i]->name, ext+1)==0) {
if(getfname(xjs_handlers[i]->value)==xjs_handlers[i]->value) /* no path specified */
SAFEPRINTF2(session->req.xjs_handler,"%s%s",scfg.exec_dir,xjs_handlers[i]->value);
else
SAFECOPY(session->req.xjs_handler,xjs_handlers[i]->value);
return(TRUE);
}
}
return(FALSE);
}
/* This function appends append plus a newline IF the final dst string would have a length less than maxlen */
static void safecat(char *dst, const char *append, size_t maxlen) {
size_t dstlen,appendlen;
dstlen=strlen(dst);
appendlen=strlen(append);
if(dstlen+appendlen+2 < maxlen) {
strcat(dst,append);
strcat(dst,newline);
}
}
/*************************************************/
/* Sends headers for the reply. */
/* HTTP/0.9 doesn't use headers, so just returns */
/*************************************************/
static BOOL send_headers(http_session_t *session, const char *status, int chunked)
int ret;
int stat_code;
size_t idx;
const char *status_line;
struct stat stats;
struct tm tm;
char *headers;
if(session->socket==INVALID_SOCKET) {
session->req.sent_headers=TRUE;
return(FALSE);
lprintf(LOG_DEBUG,"%04d Request resolved to: %s"
,session->socket,session->req.physical_path);
if(session->http_ver <= HTTP_0_9) {
if(session->req.ld != NULL)
session->req.ld->status=atoi(status);
headers=alloca(MAX_HEADERS_SIZE);
if(headers==NULL) {
lprintf(LOG_CRIT,"Could not allocate memory for response headers.");
return(FALSE);
}
*headers=0;
if(!session->req.sent_headers) {
status_line=status;
ret=stat(session->req.physical_path,&stats);
if(session->req.method==HTTP_OPTIONS)
ret=-1;
if(!ret && session->req.if_modified_since && (stats.st_mtime <= session->req.if_modified_since) && !session->req.dynamic) {
status_line="304 Not Modified";
ret=-1;
send_file=FALSE;
}
if(!ret && session->req.if_range && (stats.st_mtime > session->req.if_range || session->req.dynamic)) {
status_line="200 OK";
session->req.range_start=0;
session->req.range_end=0;
}
if(session->req.send_location==MOVED_PERM) {
status_line=error_301;
ret=-1;
send_file=FALSE;
}
if(session->req.send_location==MOVED_TEMP) {
status_line=error_302;
ret=-1;
send_file=FALSE;
}
stat_code=atoi(status_line);
if(session->req.ld!=NULL)
session->req.ld->status=stat_code;
if(stat_code==304 || stat_code==204 || (stat_code >= 100 && stat_code<=199)) {
send_file=FALSE;
chunked=FALSE;
}
/* Status-Line */
safe_snprintf(header,sizeof(header),"%s %s",http_vers[session->http_ver],status_line);
lprintf(LOG_DEBUG,"%04d Result: %s",session->socket,header);
safecat(headers,header,MAX_HEADERS_SIZE);
/* General Headers */
ti=time(NULL);
if(gmtime_r(&ti,&tm)==NULL)
memset(&tm,0,sizeof(tm));
safe_snprintf(header,sizeof(header),"%s: %s, %02d %s %04d %02d:%02d:%02d GMT"
,get_header(HEAD_DATE)
,days[tm.tm_wday],tm.tm_mday,months[tm.tm_mon]
,tm.tm_year+1900,tm.tm_hour,tm.tm_min,tm.tm_sec);
safecat(headers,header,MAX_HEADERS_SIZE);
if(session->req.keep_alive) {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_CONNECTION),"Keep-Alive");
safecat(headers,header,MAX_HEADERS_SIZE);
}
else {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_CONNECTION),"Close");
safecat(headers,header,MAX_HEADERS_SIZE);
}
/* Response Headers */
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_SERVER),VERSION_NOTICE);
safecat(headers,header,MAX_HEADERS_SIZE);
/* Entity Headers */
if(session->req.dynamic) {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_ALLOW),"GET, HEAD, POST, OPTIONS");
safecat(headers,header,MAX_HEADERS_SIZE);
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_ACCEPT_RANGES),"none");
safecat(headers,header,MAX_HEADERS_SIZE);
else {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_ALLOW),"GET, HEAD, OPTIONS");
safecat(headers,header,MAX_HEADERS_SIZE);
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_ACCEPT_RANGES),"bytes");
safecat(headers,header,MAX_HEADERS_SIZE);
if(session->req.send_location) {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_LOCATION),(session->req.virtual_path));
safecat(headers,header,MAX_HEADERS_SIZE);
}
if(chunked) {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_TRANSFER_ENCODING),"Chunked");
safecat(headers,header,MAX_HEADERS_SIZE);
}
/* DO NOT send a content-length for chunked */
if(session->req.keep_alive && session->req.dynamic!=IS_CGI && (!chunked)) {
if(ret) {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_LENGTH),"0");
safecat(headers,header,MAX_HEADERS_SIZE);
}
else {
if((session->req.range_start || session->req.range_end) && atoi(status_line)==206) {
safe_snprintf(header,sizeof(header),"%s: %d",get_header(HEAD_LENGTH),session->req.range_end-session->req.range_start+1);
safecat(headers,header,MAX_HEADERS_SIZE);
}
else {
safe_snprintf(header,sizeof(header),"%s: %d",get_header(HEAD_LENGTH),(int)stats.st_size);
safecat(headers,header,MAX_HEADERS_SIZE);
}
}
}
if(!ret && !session->req.dynamic) {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_TYPE),session->req.mime_type);
safecat(headers,header,MAX_HEADERS_SIZE);
gmtime_r(&stats.st_mtime,&tm);
safe_snprintf(header,sizeof(header),"%s: %s, %02d %s %04d %02d:%02d:%02d GMT"
,get_header(HEAD_LASTMODIFIED)
,days[tm.tm_wday],tm.tm_mday,months[tm.tm_mon]
,tm.tm_year+1900,tm.tm_hour,tm.tm_min,tm.tm_sec);
safecat(headers,header,MAX_HEADERS_SIZE);
}
if(session->req.range_start || session->req.range_end) {
switch(atoi(status_line)) {
case 206: /* Partial reply */
safe_snprintf(header,sizeof(header),"%s: bytes %d-%d/%d",get_header(HEAD_CONTENT_RANGE),session->req.range_start,session->req.range_end,stats.st_size);
safecat(headers,header,MAX_HEADERS_SIZE);
break;
default:
safe_snprintf(header,sizeof(header),"%s: *",get_header(HEAD_CONTENT_RANGE));
safecat(headers,header,MAX_HEADERS_SIZE);
break;
}
}
if(session->req.dynamic) {
/* Dynamic headers */
/* Set up environment */
for(idx=0;session->req.dynamic_heads[idx]!=NULL;idx++)
safecat(headers,session->req.dynamic_heads[idx],MAX_HEADERS_SIZE);
/* free() the headers so they don't get sent again if more are sent at the end of the request (chunked) */
strListFreeStrings(session->req.dynamic_heads);
safecat(headers,"",MAX_HEADERS_SIZE);
send_file = (bufprint(session,headers) && send_file);
drain_outbuf(session);
session->req.write_chunked=chunked;
static int sock_sendfile(http_session_t *session,char *path,unsigned long start, unsigned long end)
int ret=0;
int i;
char buf[2048]; /* Input buffer */
if(startup->options&WEB_OPT_DEBUG_TX)
lprintf(LOG_DEBUG,"%04d Sending %s",session->socket,path);
if((file=open(path,O_RDONLY|O_BINARY))==-1)
lprintf(LOG_WARNING,"%04d !ERROR %d opening %s",session->socket,errno,path);
if(lseek(file, start, SEEK_SET)==-1) {
lprintf(LOG_WARNING,"%04d !ERROR %d seeking to position %lu in %s",session->socket,ERROR_VALUE,start,path);
}
else {
remain=-1L;
}
while((i=read(file, buf, remain>sizeof(buf)?sizeof(buf):remain))>0) {
if(writebuf(session,buf,i)!=i) {
lprintf(LOG_WARNING,"%04d !ERROR sending %s",session->socket,path);
return(0);
}
ret+=i;
}
close(file);
}
return(ret);
/********************************************************/
/* Sends a specified error message, closes the request, */
/* and marks the session to be closed */
/********************************************************/
static void send_error(http_session_t * session, const char* message)
{
char error_code[4];
char sbuf[MAX_PATH+1];
char sbuf2[MAX_PATH+1];
BOOL sent_ssjs=FALSE;
if(session->socket==INVALID_SOCKET)
return;
session->req.if_modified_since=0;
lprintf(LOG_INFO,"%04d !ERROR: %s",session->socket,message);
session->req.keep_alive=FALSE;
session->req.send_location=NO_LOCATION;
SAFECOPY(error_code,message);
SAFECOPY(session->req.status,message);
if(atoi(error_code)<500) {
/*
* Attempt to run SSJS error pages
* If this fails, do the standard error page instead,
* ie: Don't "upgrade" to a 500 error
*/
if(session->req.error_dir) {
/* We have a custom error directory from webctrl.ini look there first */
sprintf(sbuf,"%s%s%s",session->req.error_dir,error_code,startup->ssjs_ext);
if(stat(sbuf,&sb)) {
/* No custom .ssjs error message... check for custom .html */
sprintf(sbuf2,"%s%s.html",session->req.error_dir,error_code);
if(stat(sbuf2,&sb)) {
/* Nope, no custom .html error either, check for global ssjs one */
sprintf(sbuf,"%s%s%s",error_dir,error_code,startup->ssjs_ext);
}
}
}
else
sprintf(sbuf,"%s%s%s",error_dir,error_code,startup->ssjs_ext);
if(!stat(sbuf,&sb)) {
lprintf(LOG_INFO,"%04d Using SSJS error page",session->socket);
if(js_setup(session)) {
sent_ssjs=exec_ssjs(session,sbuf);
if(sent_ssjs) {
int snt=0;
lprintf(LOG_INFO,"%04d Sending generated error page",session->socket);
snt=sock_sendfile(session,session->req.physical_path,0,0);
if(snt<0)
snt=0;
if(session->req.ld!=NULL)
session->req.ld->size=snt;
}
else
session->req.dynamic=IS_STATIC;
}
else
session->req.dynamic=IS_STATIC;
}
}
if(!sent_ssjs) {
if(session->req.error_dir) {
sprintf(session->req.physical_path,"%s%s.html",session->req.error_dir,error_code);
if(stat(session->req.physical_path,&sb))
sprintf(session->req.physical_path,"%s%s.html",error_dir,error_code);
}
else
sprintf(session->req.physical_path,"%s%s.html",error_dir,error_code,startup->ssjs_ext);
session->req.mime_type=get_mime_type(strrchr(session->req.physical_path,'.'));
send_headers(session,message,FALSE);
if(!stat(session->req.physical_path,&sb)) {
int snt=0;
snt=sock_sendfile(session,session->req.physical_path,0,0);
if(snt<0)
snt=0;
if(session->req.ld!=NULL)
session->req.ld->size=snt;
}
else {
lprintf(LOG_NOTICE,"%04d Error message file %s doesn't exist"
,session->socket,session->req.physical_path);
safe_snprintf(sbuf,sizeof(sbuf)
,"<HTML><HEAD><TITLE>%s Error</TITLE></HEAD>"
"<BODY><H1>%s Error</H1><BR><H3>In addition, "
"I can't seem to find the %s error file</H3><br>"
"please notify <a href=\"mailto:sysop@%s\">"
"%s</a></BODY></HTML>"
,error_code,error_code,error_code,scfg.sys_inetaddr,scfg.sys_op);
bufprint(session,sbuf);
if(session->req.ld!=NULL)
session->req.ld->size=strlen(sbuf);
}
}
drain_outbuf(session);
session->req.finished=TRUE;
void http_logon(http_session_t * session, user_t *usr)
{
char str[128];
if(usr==NULL)
getuserdat(&scfg, &session->user);
else
session->user=*usr;
if(session->user.number==session->last_user_num)
return;
lprintf(LOG_DEBUG,"%04d HTTP Logon (user #%d)",session->socket,session->user.number);
if(session->subscan!=NULL)
getmsgptrs(&scfg,session->user.number,session->subscan);
if(session->user.number==0)
SAFECOPY(session->username,unknown);
SAFECOPY(session->username,session->user.alias);
/* Adjust Connect and host */
putuserrec(&scfg,session->user.number,U_MODEM,LEN_MODEM,"HTTP");
putuserrec(&scfg,session->user.number,U_COMP,LEN_COMP,session->host_name);
putuserrec(&scfg,session->user.number,U_NOTE,LEN_NOTE,session->host_ip);
putuserrec(&scfg,session->user.number,U_LOGONTIME,0,ultoa(session->logon_time,str,16));
session->client.user=session->username;
client_on(session->socket, &session->client, /* update existing client record? */TRUE);
session->last_user_num=session->user.number;
}
void http_logoff(http_session_t* session, SOCKET socket, int line)
{
if(session->last_user_num<=0)
return;
lprintf(LOG_DEBUG,"%04d HTTP Logoff (user #%d) from line %d"
,socket,session->user.number, line);
SAFECOPY(session->username,unknown);
if(!logoutuserdat(&scfg, &session->user, time(NULL), session->logon_time))
lprintf(LOG_ERR,"%04d !ERROR in logoutuserdat", socket);
memset(&session->user,0,sizeof(session->user));
session->last_user_num=session->user.number;
}
BOOL http_checkuser(http_session_t * session)
{
if(session->req.dynamic==IS_SSJS || session->req.dynamic==IS_JS) {
if(session->last_js_user_num==session->user.number)
return(TRUE);
lprintf(LOG_DEBUG,"%04d JavaScript: Initializing User Objects",session->socket);
JS_BEGINREQUEST(session->js_cx);
if(session->user.number>0) {
if(!js_CreateUserObjects(session->js_cx, session->js_glob, &scfg, &session->user, &session->client
,NULL /* ftp index file */, session->subscan /* subscan */)) {
JS_ENDREQUEST(session->js_cx);
lprintf(LOG_ERR,"%04d !JavaScript ERROR creating user objects",session->socket);
send_error(session,"500 Error initializing JavaScript User Objects");
return(FALSE);
}
}
else {
if(!js_CreateUserObjects(session->js_cx, session->js_glob, &scfg, /* user: */NULL, &session->client
,NULL /* ftp index file */, session->subscan /* subscan */)) {
JS_ENDREQUEST(session->js_cx);
lprintf(LOG_ERR,"%04d !ERROR initializing JavaScript User Objects",session->socket);
send_error(session,"500 Error initializing JavaScript User Objects");
return(FALSE);
}
}
JS_ENDREQUEST(session->js_cx);
session->last_js_user_num=session->user.number;
}
return(TRUE);
}
static void calculate_digest(http_session_t * session, char *ha1, char *ha2, unsigned char digest[MD5_DIGEST_SIZE])
{
MD5 ctx;
MD5_open(&ctx);
MD5_digest(&ctx, ha1, strlen(ha1));
MD5_digest(&ctx, ":", 1);
/* exception on next line (session->req.auth.nonce==NULL) */
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
MD5_digest(&ctx, session->req.auth.nonce, strlen(session->req.auth.nonce));
MD5_digest(&ctx, ":", 1);
if(session->req.auth.qop_value != QOP_NONE) {
MD5_digest(&ctx, session->req.auth.nonce_count, strlen(session->req.auth.nonce_count));
MD5_digest(&ctx, ":", 1);
MD5_digest(&ctx, session->req.auth.cnonce, strlen(session->req.auth.cnonce));
MD5_digest(&ctx, ":", 1);
switch(session->req.auth.qop_value) {
case QOP_AUTH:
MD5_digest(&ctx, "auth", 4);
break;
case QOP_AUTH_INT:
MD5_digest(&ctx, "auth-int", 7);
break;
}
MD5_digest(&ctx, ":", 1);
}
MD5_digest(&ctx, ha2, strlen(ha2));
MD5_close(&ctx, digest);
}
static BOOL check_ars(http_session_t * session)
{
uchar *ar;
BOOL authorized;
int i;
user_t thisuser;
int auth_allowed=0;
unsigned *auth_list;
unsigned auth_list_len;
auth_list=parseEnumList(session->req.auth_list?session->req.auth_list:default_auth_list, ",", auth_type_names, &auth_list_len);
auth_allowed |= 1<<auth_list[i];
if(auth_list)
free(auth_list);
/* No authentication provided */
if(session->req.auth.type==AUTHENTICATION_UNKNOWN) {
/* No authentication information... */
if(session->last_user_num!=0) {
if(session->last_user_num>0)
http_logoff(session,session->socket,__LINE__);
session->user.number=0;
http_logon(session,NULL);
}
if(!http_checkuser(session))
return(FALSE);
if(session->req.ars[0]) {
/* There *IS* an ARS string ie: Auth is required */
if(startup->options&WEB_OPT_DEBUG_RX)
lprintf(LOG_NOTICE,"%04d !No authentication information",session->socket);
return(FALSE);
}
/* No auth required, allow */
return(TRUE);
}
/* Require a password */
i=matchuser(&scfg, session->req.auth.username, FALSE);
if(i==0) {
if(session->last_user_num!=0) {
if(session->last_user_num>0)
http_logoff(session,session->socket,__LINE__);
session->user.number=0;
http_logon(session,NULL);
}
if(!http_checkuser(session))
return(FALSE);
if(scfg.sys_misc&SM_ECHO_PW && session->req.auth.type==AUTHENTICATION_BASIC)
lprintf(LOG_NOTICE,"%04d !UNKNOWN USER: %s, Password: %s"
,session->socket,session->req.auth.username,session->req.auth.password);
else
lprintf(LOG_NOTICE,"%04d !UNKNOWN USER: %s"
,session->socket,session->req.auth.username);
return(FALSE);
}
deuce
committed
thisuser.number=i;
getuserdat(&scfg, &thisuser);
switch(session->req.auth.type) {
case AUTHENTICATION_BASIC:
if((auth_allowed & (1<<AUTHENTICATION_BASIC))==0)
return(FALSE);
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
if(thisuser.pass[0] && stricmp(thisuser.pass,session->req.auth.password)) {
if(session->last_user_num!=0) {
if(session->last_user_num>0)
http_logoff(session,session->socket,__LINE__);
session->user.number=0;
http_logon(session,NULL);
}
if(!http_checkuser(session))
return(FALSE);
/* Should go to the hack log? */
if(scfg.sys_misc&SM_ECHO_PW)
lprintf(LOG_WARNING,"%04d !PASSWORD FAILURE for user %s: '%s' expected '%s'"
,session->socket,session->req.auth.username,session->req.auth.password,thisuser.pass);
else
lprintf(LOG_WARNING,"%04d !PASSWORD FAILURE for user %s"
,session->socket,session->req.auth.username);
#ifdef _WIN32
if(startup->hack_sound[0] && !(startup->options&BBS_OPT_MUTE))
PlaySound(startup->hack_sound, NULL, SND_ASYNC|SND_FILENAME);
#endif
return(FALSE);
}
break;
case AUTHENTICATION_DIGEST:
{
unsigned char digest[MD5_DIGEST_SIZE];
char ha1[MD5_DIGEST_SIZE*2+1];
char ha1l[MD5_DIGEST_SIZE*2+1];
char ha1u[MD5_DIGEST_SIZE*2+1];
char *pass;
char *p;
time32_t nonce_time;
time32_t now;
MD5 ctx;
if((auth_allowed & (1<<AUTHENTICATION_DIGEST))==0)
return(FALSE);
if(session->req.auth.qop_value==QOP_UNKNOWN)
return(FALSE);
if(session->req.auth.algorithm==ALGORITHM_UNKNOWN)
return(FALSE);
/* Validate rules from RFC-2617 */
if(session->req.auth.qop_value==QOP_AUTH
|| session->req.auth.qop_value==QOP_AUTH_INT) {
if(session->req.auth.cnonce==NULL)
return(FALSE);
if(session->req.auth.nonce_count==NULL)
return(FALSE);
}
else {
if(session->req.auth.cnonce!=NULL)
return(FALSE);
if(session->req.auth.nonce_count!=NULL)
return(FALSE);
}
/* H(A1) */
MD5_open(&ctx);
MD5_digest(&ctx, session->req.auth.username, strlen(session->req.auth.username));
MD5_digest(&ctx, ":", 1);
MD5_digest(&ctx, session->req.digest_realm?session->req.digest_realm:(session->req.realm?session->req.realm:scfg.sys_name), strlen(session->req.digest_realm?session->req.digest_realm:(session->req.realm?session->req.realm:scfg.sys_name)));
MD5_digest(&ctx, ":", 1);
MD5_digest(&ctx, thisuser.pass, strlen(thisuser.pass));
MD5_close(&ctx, digest);
MD5_hex(ha1, digest);
/* H(A1)l */
pass=strdup(thisuser.pass);
strlwr(pass);
MD5_open(&ctx);
MD5_digest(&ctx, session->req.auth.username, strlen(session->req.auth.username));
MD5_digest(&ctx, ":", 1);
MD5_digest(&ctx, session->req.digest_realm?session->req.digest_realm:(session->req.realm?session->req.realm:scfg.sys_name), strlen(session->req.digest_realm?session->req.digest_realm:(session->req.realm?session->req.realm:scfg.sys_name)));
MD5_digest(&ctx, ":", 1);
MD5_digest(&ctx, pass, strlen(pass));
MD5_close(&ctx, digest);
MD5_hex(ha1l, digest);
/* H(A1)u */
strupr(pass);
MD5_open(&ctx);
MD5_digest(&ctx, session->req.auth.username, strlen(session->req.auth.username));
MD5_digest(&ctx, ":", 1);
MD5_digest(&ctx, session->req.digest_realm?session->req.digest_realm:(session->req.realm?session->req.realm:scfg.sys_name), strlen(session->req.digest_realm?session->req.digest_realm:(session->req.realm?session->req.realm:scfg.sys_name)));
MD5_digest(&ctx, ":", 1);
MD5_digest(&ctx, thisuser.pass, strlen(thisuser.pass));
MD5_close(&ctx, digest);
MD5_hex(ha1u, digest);
free(pass);
/* H(A2) */
MD5_open(&ctx);
MD5_digest(&ctx, methods[session->req.method], strlen(methods[session->req.method]));
MD5_digest(&ctx, ":", 1);
/* exception here, session->req.auth.digest_uri==NULL */
MD5_digest(&ctx, session->req.auth.digest_uri, strlen(session->req.auth.digest_uri));
/* TODO QOP==AUTH_INT */
if(session->req.auth.qop_value == QOP_AUTH_INT)
return(FALSE);
MD5_close(&ctx, digest);
MD5_hex(ha2, digest);
/* Check password as in user.dat */
calculate_digest(session, ha1, ha2, digest);
if(thisuser.pass[0]) { // Zero-length password is "special" (any password will work)
if(memcmp(digest, session->req.auth.digest, sizeof(digest))) {
/* Check against lower-case password */
calculate_digest(session, ha1l, ha2, digest);
if(memcmp(digest, session->req.auth.digest, sizeof(digest))) {
/* Check against upper-case password */
calculate_digest(session, ha1u, ha2, digest);
if(memcmp(digest, session->req.auth.digest, sizeof(digest)))
return(FALSE);
}
/* Validate nonce */
p=strchr(session->req.auth.nonce, '@');
if(p==NULL) {
session->req.auth.stale=TRUE;
return(FALSE);
}
*p=0;
if(strcmp(session->req.auth.nonce, session->client.addr)) {
session->req.auth.stale=TRUE;
return(FALSE);
}
*p='@';
p++;
nonce_time=strtoul(p, &p, 10);
if(*p) {
session->req.auth.stale=TRUE;
return(FALSE);
}
now=(time32_t)time(NULL);
if(nonce_time > now) {
session->req.auth.stale=TRUE;
return(FALSE);
}
if(nonce_time < now-1800) {
session->req.auth.stale=TRUE;
return(FALSE);
}
if(i != session->last_user_num) {
http_logoff(session,session->socket,__LINE__);
session->user.number=i;
http_logon(session,&thisuser);
}
if(!http_checkuser(session))
return(FALSE);
if(session->req.ld!=NULL) {
FREE_AND_NULL(session->req.ld->user);
/* FREE()d in http_logging_thread */
session->req.ld->user=strdup(session->req.auth.username);
ar = arstr(NULL,session->req.ars,&scfg);
authorized=chk_ar(&scfg,ar,&session->user,&session->client);
if(ar!=NULL && ar!=nular)
switch(session->req.auth.type) {
case AUTHENTICATION_BASIC:
add_env(session,"AUTH_TYPE","Basic");
break;
case AUTHENTICATION_DIGEST:
add_env(session,"AUTH_TYPE","Digest");
break;
}
/* Should use real name if set to do so somewhere ToDo */
add_env(session,"REMOTE_USER",session->user.alias);
return(TRUE);
/* Should go to the hack log? */
lprintf(LOG_WARNING,"%04d !AUTHORIZATION FAILURE for user %s, ARS: %s"
,session->socket,session->req.auth.username,session->req.ars);
#ifdef _WIN32
if(startup->hack_sound[0] && !(startup->options&BBS_OPT_MUTE))
PlaySound(startup->hack_sound, NULL, SND_ASYNC|SND_FILENAME);
#endif
return(FALSE);
}
static named_string_t** read_ini_list(char* path, char* section, char* desc
,named_string_t** list)
size_t i;
list=iniFreeNamedStringList(list);
if((fp=iniOpenFile(path, /* create? */FALSE))!=NULL) {
list=iniReadNamedStringList(fp,section);
iniCloseFile(fp);
COUNT_LIST_ITEMS(list,i);
if(i)
lprintf(LOG_DEBUG,"Read %u %s from %s section of %s"
,i,desc,section==NULL ? "root":section,path);
return(list);
static int sockreadline(http_session_t * session, char *buf, size_t length)
fd_set rd_set;
struct timeval tv;
if(session->socket==INVALID_SOCKET)
return(-1);
FD_ZERO(&rd_set);
FD_SET(session->socket,&rd_set);
/* Convert timeout from ms to sec/usec */
tv.tv_sec=startup->max_inactivity;
tv.tv_usec=0;
sel=select(session->socket+1,&rd_set,NULL,NULL,&tv);
switch(sel) {
case -1:
close_socket(&session->socket);
lprintf(LOG_DEBUG,"%04d !ERROR %d selecting socket for read",session->socket,ERROR_VALUE);
lprintf(LOG_NOTICE,"%04d Session timeout due to inactivity (%d seconds)",session->socket,startup->max_inactivity);
switch(recv(session->socket, &ch, 1, 0)) {
case -1:
if(ERROR_VALUE!=EAGAIN) {
if(startup->options&WEB_OPT_DEBUG_RX)
lprintf(LOG_DEBUG,"%04d !ERROR %d receiving on socket",session->socket,ERROR_VALUE);
close_socket(&session->socket);
return(-1);
}
break;
case 0:
close_socket(&session->socket);
return(-1);
}
if(ch=='\n')
break;
if(i<length)
buf[i++]=ch;
else
chucked++;
/* Terminate at length if longer */
if(i>length)
i=length;
while(i>0 && buf[i-1]=='\r')
i--;
buf[i]=0;
if(startup->options&WEB_OPT_DEBUG_RX) {
lprintf(LOG_DEBUG,"%04d RX: %s",session->socket,buf);
lprintf(LOG_DEBUG,"%04d Long header, chucked %d bytes",session->socket,chucked);
}
#if defined(_WIN32)
static int pipereadline(HANDLE pipe, char *buf, size_t length, char *fullbuf, size_t fullbuf_len)
#else
static int pipereadline(int pipe, char *buf, size_t length, char *fullbuf, size_t fullbuf_len)
#endif
{
char ch;
DWORD i;
#ifndef _WIN32
struct timeval tv={0,0};
fd_set read_set;
#endif
/* Terminate buffers */
if(buf != NULL)
buf[0]=0;
if(fullbuf != NULL)
fullbuf[0]=0;
for(i=0;TRUE;) {
#if defined(_WIN32)
ret=0;
ReadFile(pipe, &ch, 1, (DWORD*)&ret, NULL);
#else
tv.tv_sec=startup->max_cgi_inactivity;
tv.tv_usec=0;
FD_ZERO(&read_set);
FD_SET(pipe, &read_set);
if(select(pipe+1, &read_set, NULL, NULL, &tv)<1)
return(-1);
#endif
if(fullbuf != NULL && i < (fullbuf_len-1)) {
fullbuf[i]=ch;
fullbuf[i+1]=0;
}
if(ch=='\n')
break;
}
}
/* Terminate at length if longer */
if(i>length)
i=length;
int recvbufsocket(SOCKET *sock, char *buf, long count)
{
int rd=0;
if(count<1) {
errno=ERANGE;
return(0);
}
while(rd<count && socket_check(*sock,NULL,NULL,startup->max_inactivity*1000)) {
i=recv(*sock,buf+rd,count-rd,0);
switch(i) {
case -1:
if(ERROR_VALUE!=EAGAIN)
close_socket(sock);
case 0:
close_socket(sock);
*buf=0;
return(0);
}
rd+=i;
start=time(NULL);
}
if(rd==count) {
return(rd);
}
*buf=0;
}
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
static void unescape(char *p)
{
char * dst;
char code[3];
dst=p;
for(;*p;p++) {
if(*p=='%' && isxdigit(*(p+1)) && isxdigit(*(p+2))) {
sprintf(code,"%.2s",p+1);
*(dst++)=(char)strtol(code,NULL,16);
p+=2;
}
else {
if(*p=='+') {
*(dst++)=' ';
}
else {
*(dst++)=*p;
}
}
}
*(dst)=0;
}
static void js_add_queryval(http_session_t * session, char *key, char *value)
JSObject* keyarray;
jsval val;
int alen;
/* Return existing object if it's already been created */
if(JS_GetProperty(session->js_cx,session->js_query,key,&val) && val!=JSVAL_VOID) {
keyarray = JSVAL_TO_OBJECT(val);
alen=-1;
}
else {
keyarray = JS_NewArrayObject(session->js_cx, 0, NULL);
if(!JS_DefineProperty(session->js_cx, session->js_query, key, OBJECT_TO_JSVAL(keyarray)
, NULL, NULL, JSPROP_ENUMERATE))
return;
alen=0;
}
if(alen==-1) {
if(JS_GetArrayLength(session->js_cx, keyarray, &len)==JS_FALSE)
return;
}
lprintf(LOG_DEBUG,"%04d Adding query value %s=%s at pos %d",session->socket,key,value,alen);
val=STRING_TO_JSVAL(JS_NewStringCopyZ(session->js_cx,value));
JS_SetElement(session->js_cx, keyarray, alen, &val);
}
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
static void js_add_cookieval(http_session_t * session, char *key, char *value)
{
JSObject* keyarray;
jsval val;
jsuint len;
int alen;
/* Return existing object if it's already been created */
if(JS_GetProperty(session->js_cx,session->js_cookie,key,&val) && val!=JSVAL_VOID) {
keyarray = JSVAL_TO_OBJECT(val);
alen=-1;
}
else {
keyarray = JS_NewArrayObject(session->js_cx, 0, NULL);
if(!JS_DefineProperty(session->js_cx, session->js_cookie, key, OBJECT_TO_JSVAL(keyarray)
, NULL, NULL, JSPROP_ENUMERATE))
return;
alen=0;
}
if(alen==-1) {
if(JS_GetArrayLength(session->js_cx, keyarray, &len)==JS_FALSE)
return;
alen=len;
}
lprintf(LOG_DEBUG,"%04d Adding cookie value %s=%s at pos %d",session->socket,key,value,alen);
val=STRING_TO_JSVAL(JS_NewStringCopyZ(session->js_cx,value));
JS_SetElement(session->js_cx, keyarray, alen, &val);
}
static void js_add_request_prop(http_session_t * session, char *key, char *value)
{
JSString* js_str;
if(session->js_cx==NULL || session->js_request==NULL)
return;
if(key==NULL || value==NULL)
return;
if((js_str=JS_NewStringCopyZ(session->js_cx, value))==NULL)
return;
JS_DefineProperty(session->js_cx, session->js_request, key, STRING_TO_JSVAL(js_str)
,NULL,NULL,JSPROP_ENUMERATE|JSPROP_READONLY);
}
static void js_add_header(http_session_t * session, char *key, char *value)
{
JSString* js_str;
char *lckey;
if((lckey=(char *)alloca(strlen(key)+1))==NULL)
return;
strcpy(lckey,key);
strlwr(lckey);
if((js_str=JS_NewStringCopyZ(session->js_cx, value))==NULL) {
return;
}
JS_DefineProperty(session->js_cx, session->js_header, lckey, STRING_TO_JSVAL(js_str)
,NULL,NULL,JSPROP_ENUMERATE|JSPROP_READONLY);
}
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
#if 0
static void js_parse_multipart(http_session_t * session, char *p) {
size_t key_len;
size_t value_len;
char *lp;
char *key;
char *value;
if(p == NULL)
return;
lp=p;
while((key_len=strcspn(lp,"="))!=0) {
key=lp;
lp+=key_len;
if(*lp) {
*lp=0;
lp++;
}
value_len=strcspn(lp,"&");
value=lp;
lp+=value_len;
if(*lp) {
*lp=0;
lp++;
}
unescape(value);
unescape(key);
js_add_queryval(session, key, value);
}
}
#endif
static void js_parse_query(http_session_t * session, char *p) {
size_t key_len;
size_t value_len;
char *lp;
char *key;
char *value;
if(p == NULL)
return;
lp=p;
key=lp;
lp+=key_len;
value_len=strcspn(lp,"&");
value=lp;
unescape(value);
unescape(key);
js_add_queryval(session, key, value);
}
}
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
static char *get_token_value(char **p)
{
char *pos=*p;
char *start;
char *out;
BOOL escaped=FALSE;
start=pos;
out=start;
if(*pos=='"') {
for(pos++; *pos; pos++) {
if(escaped && *pos)
*(out++)=*pos;
else if(*pos=='"') {
pos++;
break;
}
else if(*pos=='\\')
escaped=TRUE;
else
*(out++)=*pos;
}
}
else {
for(; *pos; pos++) {
if(iscntrl(*pos))
break;
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
switch(*pos) {
case 0:
case '(':
case ')':
case '<':
case '>':
case '@':
case ',':
case ';':
case ':':
case '\\':
case '"':
case '/':
case '[':
case ']':
case '?':
case '=':
case '{':
case '}':
case ' ':
case '\t':
goto end_of_text;
}
*(out++)=*pos;
}
}
end_of_text:
while(*pos==',' || isspace(*pos))
pos++;
*out=0;
*p=pos;
return(start);
}
static int hexval(unsigned char ch)
{
ch-='0';
if(ch<10)
return(ch);
ch-=7;
if(ch<16 && ch>9)
return(ch);
if(ch>41) {
ch-=32;
if(ch<16 && ch>9)
return(ch);
}
return(0);
}
static BOOL parse_headers(http_session_t * session)
{
char *p;
int i;
size_t idx;
size_t content_len=0;
for(idx=0;session->req.headers[idx]!=NULL;idx++) {
/* TODO: strdup() is possibly too slow here... */
head_line=strdup(session->req.headers[idx]);
if((strtok_r(head_line,":",&last))!=NULL && (value=strtok_r(NULL,"",&last))!=NULL) {
i=get_header_type(head_line);
while(*value && *value<=' ') value++;
switch(i) {
case HEAD_AUTH:
if((p=strtok_r(value," ",&last))!=NULL) {
if(stricmp(p, "Basic")==0) {
p=strtok_r(NULL," ",&last);
if(p==NULL)
break;
while(*p && *p<' ') p++;
b64_decode(p,strlen(p),p,strlen(p));
p=strtok_r(p,":",&last);
if(p) {
if(strlen(p) >= sizeof(session->req.auth.username))
break;
SAFECOPY(session->req.auth.username, p);
p=strtok_r(NULL,":",&last);
if(p) {
Loading
Loading full blame...