]> git.saurik.com Git - apt.git/blame - test/interactive-helper/aptwebserver.cc
projects / apt.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
CMake: Add coverage build type
[apt.git] / test / interactive-helper / aptwebserver.cc
CommitLineData
fbd29dd6
DK		 1#include <config.h>
2
fbd29dd6
DK		 3#include <apt-pkg/cmndline.h>
4#include <apt-pkg/configuration.h>
453b82a3
DK		 5#include <apt-pkg/error.h>
6#include <apt-pkg/fileutl.h>
7#include <apt-pkg/strutl.h>
fbd29dd6 8
453b82a3
DK		 9#include <dirent.h>
10#include <errno.h>
11#include <netinet/in.h>
12#include <pthread.h>
13#include <regex.h>
14#include <signal.h>
15#include <stddef.h>
16#include <stdlib.h>
17#include <string.h>
fbd29dd6
DK		 18#include <sys/socket.h>
19#include <sys/stat.h>
fbd29dd6 20#include <time.h>
453b82a3 21#include <unistd.h>
ed793a19
DK		 22
23#include <algorithm>
453b82a3
DK		 24#include <iostream>
25#include <sstream>
26#include <list>
27#include <string>
28#include <vector>
fbd29dd6 29
905fba60 30static std::string httpcodeToStr(int const httpcode) /*{{{*/
fbd29dd6
DK		 31{
32 switch (httpcode)
33 {
34 // Informational 1xx
905fba60
DK		 35 case 100: return _config->Find("aptwebserver::httpcode::100", "100 Continue");
36 case 101: return _config->Find("aptwebserver::httpcode::101", "101 Switching Protocols");
fbd29dd6 37 // Successful 2xx
905fba60
DK		 38 case 200: return _config->Find("aptwebserver::httpcode::200", "200 OK");
39 case 201: return _config->Find("aptwebserver::httpcode::201", "201 Created");
40 case 202: return _config->Find("aptwebserver::httpcode::202", "202 Accepted");
41 case 203: return _config->Find("aptwebserver::httpcode::203", "203 Non-Authoritative Information");
42 case 204: return _config->Find("aptwebserver::httpcode::204", "204 No Content");
43 case 205: return _config->Find("aptwebserver::httpcode::205", "205 Reset Content");
44 case 206: return _config->Find("aptwebserver::httpcode::206", "206 Partial Content");
fbd29dd6 45 // Redirections 3xx
905fba60
DK		 46 case 300: return _config->Find("aptwebserver::httpcode::300", "300 Multiple Choices");
47 case 301: return _config->Find("aptwebserver::httpcode::301", "301 Moved Permanently");
48 case 302: return _config->Find("aptwebserver::httpcode::302", "302 Found");
49 case 303: return _config->Find("aptwebserver::httpcode::303", "303 See Other");
50 case 304: return _config->Find("aptwebserver::httpcode::304", "304 Not Modified");
51 case 305: return _config->Find("aptwebserver::httpcode::305", "305 Use Proxy");
52 case 307: return _config->Find("aptwebserver::httpcode::307", "307 Temporary Redirect");
fbd29dd6 53 // Client errors 4xx
905fba60
DK		 54 case 400: return _config->Find("aptwebserver::httpcode::400", "400 Bad Request");
55 case 401: return _config->Find("aptwebserver::httpcode::401", "401 Unauthorized");
56 case 402: return _config->Find("aptwebserver::httpcode::402", "402 Payment Required");
57 case 403: return _config->Find("aptwebserver::httpcode::403", "403 Forbidden");
58 case 404: return _config->Find("aptwebserver::httpcode::404", "404 Not Found");
59 case 405: return _config->Find("aptwebserver::httpcode::405", "405 Method Not Allowed");
60 case 406: return _config->Find("aptwebserver::httpcode::406", "406 Not Acceptable");
61 case 407: return _config->Find("aptwebserver::httpcode::407", "407 Proxy Authentication Required");
62 case 408: return _config->Find("aptwebserver::httpcode::408", "408 Request Time-out");
63 case 409: return _config->Find("aptwebserver::httpcode::409", "409 Conflict");
64 case 410: return _config->Find("aptwebserver::httpcode::410", "410 Gone");
65 case 411: return _config->Find("aptwebserver::httpcode::411", "411 Length Required");
66 case 412: return _config->Find("aptwebserver::httpcode::412", "412 Precondition Failed");
67 case 413: return _config->Find("aptwebserver::httpcode::413", "413 Request Entity Too Large");
68 case 414: return _config->Find("aptwebserver::httpcode::414", "414 Request-URI Too Large");
69 case 415: return _config->Find("aptwebserver::httpcode::415", "415 Unsupported Media Type");
70 case 416: return _config->Find("aptwebserver::httpcode::416", "416 Requested range not satisfiable");
71 case 417: return _config->Find("aptwebserver::httpcode::417", "417 Expectation Failed");
72 case 418: return _config->Find("aptwebserver::httpcode::418", "418 I'm a teapot");
fbd29dd6 73 // Server error 5xx
905fba60
DK		 74 case 500: return _config->Find("aptwebserver::httpcode::500", "500 Internal Server Error");
75 case 501: return _config->Find("aptwebserver::httpcode::501", "501 Not Implemented");
76 case 502: return _config->Find("aptwebserver::httpcode::502", "502 Bad Gateway");
77 case 503: return _config->Find("aptwebserver::httpcode::503", "503 Service Unavailable");
78 case 504: return _config->Find("aptwebserver::httpcode::504", "504 Gateway Time-out");
79 case 505: return _config->Find("aptwebserver::httpcode::505", "505 HTTP Version not supported");
fbd29dd6 80 }
905fba60 81 return "";
fbd29dd6
DK		 82}
83 /*}}}*/
ed793a19
DK		 84static bool chunkedTransferEncoding(std::list<std::string> const &headers) {
85 if (std::find(headers.begin(), headers.end(), "Transfer-Encoding: chunked") != headers.end())
86 return true;
87 if (_config->FindB("aptwebserver::chunked-transfer-encoding", false) == true)
88 return true;
89 return false;
90}
c3ccac92 91static void addFileHeaders(std::list<std::string> &headers, FileFd &data)/*{{{*/
fbd29dd6 92{
ed793a19
DK		 93 if (chunkedTransferEncoding(headers) == false)
94 {
95 std::ostringstream contentlength;
96 contentlength << "Content-Length: " << data.FileSize();
97 headers.push_back(contentlength.str());
98 }
ba6b79bd
DK		 99 if (_config->FindB("aptwebserver::support::last-modified", true) == true)
100 {
101 std::string lastmodified("Last-Modified: ");
0b45b6e5 102 lastmodified.append(TimeRFC1123(data.ModificationTime(), false));
ba6b79bd
DK		 103 headers.push_back(lastmodified);
104 }
fbd29dd6
DK		 105}
106 /*}}}*/
c3ccac92 107static void addDataHeaders(std::list<std::string> &headers, std::string &data)/*{{{*/
fbd29dd6 108{
ed793a19
DK		 109 if (chunkedTransferEncoding(headers) == false)
110 {
111 std::ostringstream contentlength;
112 contentlength << "Content-Length: " << data.size();
113 headers.push_back(contentlength.str());
114 }
fbd29dd6
DK		 115}
116 /*}}}*/
c3ccac92 117static bool sendHead(int const client, int const httpcode, std::list<std::string> &headers)/*{{{*/
fbd29dd6
DK		 118{
119 std::string response("HTTP/1.1 ");
120 response.append(httpcodeToStr(httpcode));
121 headers.push_front(response);
14c84d02 122 _config->Set("APTWebserver::Last-Status-Code", httpcode);
fbd29dd6 123
14c84d02 124 std::stringstream buffer;
148c0491
DK		 125 auto const empties = _config->FindVector("aptwebserver::empty-response-header");
126 for (auto && e: empties)
127 buffer << e << ":" << std::endl;
14c84d02
DK		 128 _config->Dump(buffer, "aptwebserver::response-header", "%t: %v%n", false);
129 std::vector<std::string> addheaders = VectorizeString(buffer.str(), '\n');
130 for (std::vector<std::string>::const_iterator h = addheaders.begin(); h != addheaders.end(); ++h)
131 headers.push_back(*h);
fbd29dd6
DK		 132
133 std::string date("Date: ");
0b45b6e5 134 date.append(TimeRFC1123(time(NULL), false));
fbd29dd6
DK		 135 headers.push_back(date);
136
ed793a19
DK		 137 if (chunkedTransferEncoding(headers) == true)
138 headers.push_back("Transfer-Encoding: chunked");
139
575fe03e 140 std::clog << ">>> RESPONSE to " << client << " >>>" << std::endl;
fbd29dd6
DK		 141 bool Success = true;
142 for (std::list<std::string>::const_iterator h = headers.begin();
143 Success == true && h != headers.end(); ++h)
144 {
145 Success &= FileFd::Write(client, h->c_str(), h->size());
146 if (Success == true)
147 Success &= FileFd::Write(client, "\r\n", 2);
148 std::clog << *h << std::endl;
149 }
150 if (Success == true)
151 Success &= FileFd::Write(client, "\r\n", 2);
152 std::clog << "<<<<<<<<<<<<<<<<" << std::endl;
153 return Success;
154}
155 /*}}}*/
ed793a19 156static bool sendFile(int const client, std::list<std::string> const &headers, FileFd &data)/*{{{*/
fbd29dd6
DK		 157{
158 bool Success = true;
ed793a19 159 bool const chunked = chunkedTransferEncoding(headers);
fbd29dd6
DK		 160 char buffer[500];
161 unsigned long long actual = 0;
162 while ((Success &= data.Read(buffer, sizeof(buffer), &actual)) == true)
163 {
164 if (actual == 0)
165 break;
ed793a19
DK		 166
167 if (chunked == true)
168 {
169 std::string size;
170 strprintf(size, "%llX\r\n", actual);
171 Success &= FileFd::Write(client, size.c_str(), size.size());
172 Success &= FileFd::Write(client, buffer, actual);
173 Success &= FileFd::Write(client, "\r\n", strlen("\r\n"));
174 }
175 else
176 Success &= FileFd::Write(client, buffer, actual);
177 }
178 if (chunked == true)
179 {
180 char const * const finish = "0\r\n\r\n";
181 Success &= FileFd::Write(client, finish, strlen(finish));
fbd29dd6 182 }
93a99dac 183 if (Success == false)
ed793a19 184 std::cerr << "SENDFILE:" << (chunked ? " CHUNKED" : "") << " READ/WRITE ERROR to " << client << std::endl;
fbd29dd6
DK		 185 return Success;
186}
187 /*}}}*/
ed793a19 188static bool sendData(int const client, std::list<std::string> const &headers, std::string const &data)/*{{{*/
fbd29dd6 189{
ed793a19
DK		 190 if (chunkedTransferEncoding(headers) == true)
191 {
192 unsigned long long const ullsize = data.length();
193 std::string size;
194 strprintf(size, "%llX\r\n", ullsize);
195 char const * const finish = "\r\n0\r\n\r\n";
196 if (FileFd::Write(client, size.c_str(), size.length()) == false ||
197 FileFd::Write(client, data.c_str(), ullsize) == false ||
198 FileFd::Write(client, finish, strlen(finish)) == false)
199 {
200 std::cerr << "SENDDATA: CHUNK WRITE ERROR to " << client << std::endl;
201 return false;
202 }
203 }
204 else if (FileFd::Write(client, data.c_str(), data.size()) == false)
93a99dac
DK		 205 {
206 std::cerr << "SENDDATA: WRITE ERROR to " << client << std::endl;
207 return false;
208 }
209 return true;
fbd29dd6
DK		 210}
211 /*}}}*/
c3ccac92 212static void sendError(int const client, int const httpcode, std::string const &request,/*{{{*/
ed793a19 213 bool const content, std::string const &error, std::list<std::string> &headers)
fbd29dd6 214{
12f40394
DK		 215 std::string response("<!doctype html><html><head><title>");
216 response.append(httpcodeToStr(httpcode)).append("</title><meta charset=\"utf-8\" /></head>");
fbd29dd6 217 response.append("<body><h1>").append(httpcodeToStr(httpcode)).append("</h1>");
6beca0eb 218 if (httpcode != 200)
ed793a19
DK		 219 response.append("<p><em>Error</em>: ");
220 else
221 response.append("<p><em>Success</em>: ");
222 if (error.empty() == false)
223 response.append(error);
224 else
225 response.append(httpcodeToStr(httpcode));
226 if (httpcode != 200)
227 response.append("</p>This error is a result of the request: <pre>");
6beca0eb 228 else
6beca0eb 229 response.append("The successfully executed operation was requested by: <pre>");
fbd29dd6 230 response.append(request).append("</pre></body></html>");
ed793a19
DK		 231 if (httpcode != 200)
232 {
233 if (_config->FindB("aptwebserver::closeOnError", false) == true)
234 headers.push_back("Connection: close");
235 }
fbd29dd6
DK		 236 addDataHeaders(headers, response);
237 sendHead(client, httpcode, headers);
238 if (content == true)
ed793a19 239 sendData(client, headers, response);
6beca0eb 240}
c3ccac92 241static void sendSuccess(int const client, std::string const &request,
ed793a19 242 bool const content, std::string const &error, std::list<std::string> &headers)
6beca0eb 243{
ed793a19 244 sendError(client, 200, request, content, error, headers);
fbd29dd6
DK		 245}
246 /*}}}*/
c3ccac92 247static void sendRedirect(int const client, int const httpcode, std::string const &uri,/*{{{*/
bf3daa15
DK		 248 std::string const &request, bool content)
249{
250 std::list<std::string> headers;
12f40394
DK		 251 std::string response("<!doctype html><html><head><title>");
252 response.append(httpcodeToStr(httpcode)).append("</title><meta charset=\"utf-8\" /></head>");
bf3daa15
DK		 253 response.append("<body><h1>").append(httpcodeToStr(httpcode)).append("</h1");
254 response.append("<p>You should be redirected to <em>").append(uri).append("</em></p>");
255 response.append("This page is a result of the request: <pre>");
256 response.append(request).append("</pre></body></html>");
257 addDataHeaders(headers, response);
258 std::string location("Location: ");
f9b4f12d 259 if (strncmp(uri.c_str(), "http://", 7) != 0 && strncmp(uri.c_str(), "https://", 8) != 0)
eab3a9b2 260 {
f9b4f12d 261 std::string const host = LookupTag(request, "Host");
6c0765c0
DK		 262 unsigned int const httpsport = _config->FindI("aptwebserver::port::https", 4433);
263 std::string hosthttpsport;
264 strprintf(hosthttpsport, ":%u", httpsport);
265 if (host.find(hosthttpsport) != std::string::npos)
f9b4f12d
DK		 266 location.append("https://");
267 else
268 location.append("http://");
269 location.append(host).append("/");
eab3a9b2
DK		 270 if (strncmp("/home/", uri.c_str(), strlen("/home/")) == 0 && uri.find("/public_html/") != std::string::npos)
271 {
272 std::string homeuri = SubstVar(uri, "/home/", "~");
273 homeuri = SubstVar(homeuri, "/public_html/", "/");
274 location.append(homeuri);
275 }
276 else
277 location.append(uri);
278 }
bf3daa15
DK		 279 else
280 location.append(uri);
281 headers.push_back(location);
282 sendHead(client, httpcode, headers);
283 if (content == true)
ed793a19 284 sendData(client, headers, response);
bf3daa15
DK		 285}
286 /*}}}*/
c3ccac92 287static int filter_hidden_files(const struct dirent *a) /*{{{*/
bf3daa15
DK		 288{
289 if (a->d_name[0] == '.')
290 return 0;
291#ifdef _DIRENT_HAVE_D_TYPE
292 // if we have the d_type check that only files and dirs will be included
293 if (a->d_type != DT_UNKNOWN &&
294 a->d_type != DT_REG &&
295 a->d_type != DT_LNK && // this includes links to regular files
296 a->d_type != DT_DIR)
297 return 0;
298#endif
299 return 1;
300}
c3ccac92 301static int grouped_alpha_case_sort(const struct dirent **a, const struct dirent **b) {
bf3daa15
DK		 302#ifdef _DIRENT_HAVE_D_TYPE
303 if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_DIR);
304 else if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_REG)
305 return -1;
306 else if ((*b)->d_type == DT_DIR && (*a)->d_type == DT_REG)
307 return 1;
308 else
309#endif
310 {
311 struct stat f_prop; //File's property
312 stat((*a)->d_name, &f_prop);
313 int const amode = f_prop.st_mode;
314 stat((*b)->d_name, &f_prop);
315 int const bmode = f_prop.st_mode;
316 if (S_ISDIR(amode) && S_ISDIR(bmode));
317 else if (S_ISDIR(amode))
318 return -1;
319 else if (S_ISDIR(bmode))
320 return 1;
321 }
322 return strcasecmp((*a)->d_name, (*b)->d_name);
323}
324 /*}}}*/
c3ccac92 325static void sendDirectoryListing(int const client, std::string const &dir,/*{{{*/
ed793a19 326 std::string const &request, bool content, std::list<std::string> &headers)
bf3daa15 327{
bf3daa15
DK		 328 std::ostringstream listing;
329
330 struct dirent **namelist;
331 int const counter = scandir(dir.c_str(), &namelist, filter_hidden_files, grouped_alpha_case_sort);
332 if (counter == -1)
333 {
ed793a19 334 sendError(client, 500, request, content, "scandir failed", headers);
bf3daa15
DK		 335 return;
336 }
337
12f40394 338 listing << "<!doctype html><html><head><title>Index of " << dir << "</title><meta charset=\"utf-8\" />"
bf3daa15
DK		 339 << "<style type=\"text/css\"><!-- td {padding: 0.02em 0.5em 0.02em 0.5em;}"
340 << "tr:nth-child(even){background-color:#dfdfdf;}"
341 << "h1, td:nth-child(3){text-align:center;}"
342 << "table {margin-left:auto;margin-right:auto;} --></style>"
343 << "</head>" << std::endl
344 << "<body><h1>Index of " << dir << "</h1>" << std::endl
345 << "<table><tr><th>#</th><th>Name</th><th>Size</th><th>Last-Modified</th></tr>" << std::endl;
3c16b5fe 346 if (dir != "./")
bf3daa15
DK		 347 listing << "<tr><td>d</td><td><a href=\"..\">Parent Directory</a></td><td>-</td><td>-</td></tr>";
348 for (int i = 0; i < counter; ++i) {
349 struct stat fs;
350 std::string filename(dir);
351 filename.append("/").append(namelist[i]->d_name);
352 stat(filename.c_str(), &fs);
353 if (S_ISDIR(fs.st_mode))
354 {
355 listing << "<tr><td>d</td>"
356 << "<td><a href=\"" << namelist[i]->d_name << "/\">" << namelist[i]->d_name << "</a></td>"
357 << "<td>-</td>";
358 }
359 else
360 {
361 listing << "<tr><td>f</td>"
362 << "<td><a href=\"" << namelist[i]->d_name << "\">" << namelist[i]->d_name << "</a></td>"
363 << "<td>" << SizeToStr(fs.st_size) << "B</td>";
364 }
0b45b6e5 365 listing << "<td>" << TimeRFC1123(fs.st_mtime, true) << "</td></tr>" << std::endl;
bf3daa15
DK		 366 }
367 listing << "</table></body></html>" << std::endl;
368
369 std::string response(listing.str());
370 addDataHeaders(headers, response);
371 sendHead(client, 200, headers);
372 if (content == true)
ed793a19 373 sendData(client, headers, response);
bf3daa15
DK		 374}
375 /*}}}*/
c3ccac92 376static bool parseFirstLine(int const client, std::string const &request,/*{{{*/
d23bda42 377 std::string &filename, std::string &params, bool &sendContent,
ed793a19 378 bool &closeConnection, std::list<std::string> &headers)
fbd29dd6
DK		 379{
380 if (strncmp(request.c_str(), "HEAD ", 5) == 0)
381 sendContent = false;
382 if (strncmp(request.c_str(), "GET ", 4) != 0)
383 {
ed793a19 384 sendError(client, 501, request, true, "", headers);
fbd29dd6
DK		 385 return false;
386 }
387
388 size_t const lineend = request.find('\n');
389 size_t filestart = request.find(' ');
390 for (; request[filestart] == ' '; ++filestart);
391 size_t fileend = request.rfind(' ', lineend);
392 if (lineend == std::string::npos || filestart == std::string::npos ||
393 fileend == std::string::npos || filestart == fileend)
394 {
ed793a19 395 sendError(client, 500, request, sendContent, "Filename can't be extracted", headers);
fbd29dd6
DK		 396 return false;
397 }
398
399 size_t httpstart = fileend;
400 for (; request[httpstart] == ' '; ++httpstart);
401 if (strncmp(request.c_str() + httpstart, "HTTP/1.1\r", 9) == 0)
402 closeConnection = strcasecmp(LookupTag(request, "Connection", "Keep-Alive").c_str(), "Keep-Alive") != 0;
403 else if (strncmp(request.c_str() + httpstart, "HTTP/1.0\r", 9) == 0)
404 closeConnection = strcasecmp(LookupTag(request, "Connection", "Keep-Alive").c_str(), "close") == 0;
405 else
406 {
ed793a19 407 sendError(client, 500, request, sendContent, "Not a HTTP/1.{0,1} request", headers);
fbd29dd6
DK		 408 return false;
409 }
410
411 filename = request.substr(filestart, fileend - filestart);
412 if (filename.find(' ') != std::string::npos)
413 {
ed793a19 414 sendError(client, 500, request, sendContent, "Filename contains an unencoded space", headers);
fbd29dd6
DK		 415 return false;
416 }
f2380a78
DK		 417
418 std::string host = LookupTag(request, "Host", "");
419 if (host.empty() == true)
420 {
421 // RFC 2616 §14.23 requires Host
ed793a19 422 sendError(client, 400, request, sendContent, "Host header is required", headers);
f2380a78
DK		 423 return false;
424 }
425 host = "http://" + host;
426
427 // Proxies require absolute uris, so this is a simple proxy-fake option
428 std::string const absolute = _config->Find("aptwebserver::request::absolute", "uri,path");
b0314abb 429 if (strncmp(host.c_str(), filename.c_str(), host.length()) == 0 && APT::String::Startswith(filename, "/_config/") == false)
f2380a78
DK		 430 {
431 if (absolute.find("uri") == std::string::npos)
432 {
ed793a19 433 sendError(client, 400, request, sendContent, "Request is absoluteURI, but configured to not accept that", headers);
f2380a78
DK		 434 return false;
435 }
b0314abb 436
f2380a78
DK		 437 // strip the host from the request to make it an absolute path
438 filename.erase(0, host.length());
b0314abb
DK		 439
440 std::string const authConf = _config->Find("aptwebserver::proxy-authorization", "");
441 std::string auth = LookupTag(request, "Proxy-Authorization", "");
442 if (authConf.empty() != auth.empty())
443 {
444 if (auth.empty())
ed793a19 445 sendError(client, 407, request, sendContent, "Proxy requires authentication", headers);
b0314abb 446 else
ed793a19 447 sendError(client, 407, request, sendContent, "Client wants to authenticate to proxy, but proxy doesn't need it", headers);
b0314abb
DK		 448 return false;
449 }
450 if (authConf.empty() == false)
451 {
452 char const * const basic = "Basic ";
453 if (strncmp(auth.c_str(), basic, strlen(basic)) == 0)
454 {
455 auth.erase(0, strlen(basic));
456 if (auth != authConf)
457 {
ed793a19 458 sendError(client, 407, request, sendContent, "Proxy-Authentication doesn't match", headers);
b0314abb
DK		 459 return false;
460 }
461 }
462 else
463 {
464 std::list<std::string> headers;
465 headers.push_back("Proxy-Authenticate: Basic");
466 sendError(client, 407, request, sendContent, "Unsupported Proxy-Authentication Scheme", headers);
467 return false;
468 }
469 }
f2380a78 470 }
b0314abb 471 else if (absolute.find("path") == std::string::npos && APT::String::Startswith(filename, "/_config/") == false)
f2380a78 472 {
ed793a19 473 sendError(client, 400, request, sendContent, "Request is absolutePath, but configured to not accept that", headers);
f2380a78
DK		 474 return false;
475 }
d23bda42 476
b0314abb
DK		 477 if (APT::String::Startswith(filename, "/_config/") == false)
478 {
479 std::string const authConf = _config->Find("aptwebserver::authorization", "");
480 std::string auth = LookupTag(request, "Authorization", "");
481 if (authConf.empty() != auth.empty())
482 {
483 if (auth.empty())
ed793a19 484 sendError(client, 401, request, sendContent, "Server requires authentication", headers);
b0314abb 485 else
ed793a19 486 sendError(client, 401, request, sendContent, "Client wants to authenticate to server, but server doesn't need it", headers);
b0314abb
DK		 487 return false;
488 }
489 if (authConf.empty() == false)
490 {
491 char const * const basic = "Basic ";
492 if (strncmp(auth.c_str(), basic, strlen(basic)) == 0)
493 {
494 auth.erase(0, strlen(basic));
495 if (auth != authConf)
496 {
ed793a19 497 sendError(client, 401, request, sendContent, "Authentication doesn't match", headers);
b0314abb
DK		 498 return false;
499 }
500 }
501 else
502 {
b0314abb
DK		 503 headers.push_back("WWW-Authenticate: Basic");
504 sendError(client, 401, request, sendContent, "Unsupported Authentication Scheme", headers);
505 return false;
506 }
507 }
508 }
509
d23bda42
DK		 510 size_t paramspos = filename.find('?');
511 if (paramspos != std::string::npos)
512 {
513 params = filename.substr(paramspos + 1);
514 filename.erase(paramspos);
515 }
516
fbd29dd6
DK		 517 filename = DeQuoteString(filename);
518
519 // this is not a secure server, but at least prevent the obvious …
520 if (filename.empty() == true || filename[0] != '/' ||
521 strncmp(filename.c_str(), "//", 2) == 0 ||
522 filename.find_first_of("\r\n\t\f\v") != std::string::npos ||
523 filename.find("/../") != std::string::npos)
524 {
ed793a19
DK		 525 std::list<std::string> headers;
526 sendError(client, 400, request, sendContent, "Filename contains illegal character (sequence)", headers);
fbd29dd6
DK		 527 return false;
528 }
529
530 // nuke the first character which is a / as we assured above
531 filename.erase(0, 1);
532 if (filename.empty() == true)
3c16b5fe 533 filename = "./";
eab3a9b2
DK		 534 // support ~user/ uris to refer to /home/user/public_html/ as a kind-of special directory
535 else if (filename[0] == '~')
536 {
537 // /home/user is actually not entirely correct, but good enough for now
538 size_t dashpos = filename.find('/');
539 if (dashpos != std::string::npos)
540 {
541 std::string home = filename.substr(1, filename.find('/') - 1);
542 std::string pubhtml = filename.substr(filename.find('/') + 1);
543 filename = "/home/" + home + "/public_html/" + pubhtml;
544 }
545 else
546 filename = "/home/" + filename.substr(1) + "/public_html/";
547 }
3c16b5fe
DK		 548
549 // if no filename is given, but a valid directory see if we can use an index or
550 // have to resort to a autogenerated directory listing later on
551 if (DirectoryExists(filename) == true)
552 {
553 std::string const directoryIndex = _config->Find("aptwebserver::directoryindex");
554 if (directoryIndex.empty() == false && directoryIndex == flNotDir(directoryIndex) &&
555 RealFileExists(filename + directoryIndex) == true)
556 filename += directoryIndex;
557 }
558
fbd29dd6
DK		 559 return true;
560}
561 /*}}}*/
ed793a19
DK		 562static bool handleOnTheFlyReconfiguration(int const client, std::string const &request,/*{{{*/
563 std::vector<std::string> parts, std::list<std::string> &headers)
6beca0eb
DK		 564{
565 size_t const pcount = parts.size();
23397c9d
DK		 566 for (size_t i = 0; i < pcount; ++i)
567 parts[i] = DeQuoteString(parts[i]);
6beca0eb
DK		 568 if (pcount == 4 && parts[1] == "set")
569 {
570 _config->Set(parts[2], parts[3]);
ed793a19 571 sendSuccess(client, request, true, "Option '" + parts[2] + "' was set to '" + parts[3] + "'!", headers);
6beca0eb
DK		 572 return true;
573 }
574 else if (pcount == 4 && parts[1] == "find")
575 {
6beca0eb
DK		 576 std::string response = _config->Find(parts[2], parts[3]);
577 addDataHeaders(headers, response);
578 sendHead(client, 200, headers);
ed793a19 579 sendData(client, headers, response);
6beca0eb
DK		 580 return true;
581 }
582 else if (pcount == 3 && parts[1] == "find")
583 {
6beca0eb
DK		 584 if (_config->Exists(parts[2]) == true)
585 {
586 std::string response = _config->Find(parts[2]);
587 addDataHeaders(headers, response);
588 sendHead(client, 200, headers);
ed793a19 589 sendData(client, headers, response);
6beca0eb
DK		 590 return true;
591 }
ed793a19 592 sendError(client, 404, request, true, "Requested Configuration option doesn't exist", headers);
6beca0eb
DK		 593 return false;
594 }
595 else if (pcount == 3 && parts[1] == "clear")
596 {
597 _config->Clear(parts[2]);
ed793a19 598 sendSuccess(client, request, true, "Option '" + parts[2] + "' was cleared.", headers);
6beca0eb
DK		 599 return true;
600 }
601
ed793a19 602 sendError(client, 400, request, true, "Unknown on-the-fly configuration request", headers);
6beca0eb
DK		 603 return false;
604}
605 /*}}}*/
c3ccac92 606static void * handleClient(void * voidclient) /*{{{*/
575fe03e
DK		 607{
608 int client = *((int*)(voidclient));
609 std::clog << "ACCEPT client " << client << std::endl;
ed793a19 610 bool closeConnection = false;
117038ba 611 while (closeConnection == false)
575fe03e 612 {
117038ba
DK		 613 std::vector<std::string> messages;
614 if (ReadMessages(client, messages) == false)
ed793a19 615 break;
117038ba
DK		 616
617 std::list<std::string> headers;
575fe03e
DK		 618 for (std::vector<std::string>::const_iterator m = messages.begin();
619 m != messages.end() && closeConnection == false; ++m) {
117038ba
DK		 620 // if we announced a closing in previous response, do the close now
621 if (std::find(headers.begin(), headers.end(), std::string("Connection: close")) != headers.end())
622 {
623 closeConnection = true;
624 break;
625 }
626 headers.clear();
627
575fe03e
DK		 628 std::clog << ">>> REQUEST from " << client << " >>>" << std::endl << *m
629 << std::endl << "<<<<<<<<<<<<<<<<" << std::endl;
575fe03e
DK		 630 std::string filename;
631 std::string params;
632 bool sendContent = true;
ed793a19 633 if (parseFirstLine(client, *m, filename, params, sendContent, closeConnection, headers) == false)
575fe03e
DK		 634 continue;
635
636 // special webserver command request
637 if (filename.length() > 1 && filename[0] == '_')
638 {
639 std::vector<std::string> parts = VectorizeString(filename, '/');
640 if (parts[0] == "_config")
641 {
ed793a19 642 handleOnTheFlyReconfiguration(client, *m, parts, headers);
575fe03e
DK		 643 continue;
644 }
645 }
646
647 // string replacements in the requested filename
648 ::Configuration::Item const *Replaces = _config->Tree("aptwebserver::redirect::replace");
649 if (Replaces != NULL)
650 {
651 std::string redirect = "/" + filename;
652 for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next)
653 redirect = SubstVar(redirect, I->Tag, I->Value);
f9b4f12d
DK		 654 if (redirect.empty() == false && redirect[0] == '/')
655 redirect.erase(0,1);
575fe03e
DK		 656 if (redirect != filename)
657 {
aa3e7b32 658 sendRedirect(client, _config->FindI("aptwebserver::redirect::httpcode", 301), redirect, *m, sendContent);
575fe03e
DK		 659 continue;
660 }
661 }
662
663 ::Configuration::Item const *Overwrite = _config->Tree("aptwebserver::overwrite");
664 if (Overwrite != NULL)
665 {
666 for (::Configuration::Item *I = Overwrite->Child; I != NULL; I = I->Next)
667 {
668 regex_t *pattern = new regex_t;
669 int const res = regcomp(pattern, I->Tag.c_str(), REG_EXTENDED | REG_ICASE | REG_NOSUB);
670 if (res != 0)
671 {
672 char error[300];
673 regerror(res, pattern, error, sizeof(error));
ed793a19 674 sendError(client, 500, *m, sendContent, error, headers);
575fe03e
DK		 675 continue;
676 }
677 if (regexec(pattern, filename.c_str(), 0, 0, 0) == 0)
678 {
679 filename = _config->Find("aptwebserver::overwrite::" + I->Tag + "::filename", filename);
680 if (filename[0] == '/')
681 filename.erase(0,1);
682 regfree(pattern);
683 break;
684 }
685 regfree(pattern);
686 }
687 }
688
689 // deal with the request
6c0765c0
DK		 690 unsigned int const httpsport = _config->FindI("aptwebserver::port::https", 4433);
691 std::string hosthttpsport;
692 strprintf(hosthttpsport, ":%u", httpsport);
f9b4f12d 693 if (_config->FindB("aptwebserver::support::http", true) == false &&
6c0765c0 694 LookupTag(*m, "Host").find(hosthttpsport) == std::string::npos)
f9b4f12d 695 {
ed793a19 696 sendError(client, 400, *m, sendContent, "HTTP disabled, all requests must be HTTPS", headers);
f9b4f12d
DK		 697 continue;
698 }
699 else if (RealFileExists(filename) == true)
575fe03e
DK		 700 {
701 FileFd data(filename, FileFd::ReadOnly);
702 std::string condition = LookupTag(*m, "If-Modified-Since", "");
f2c0ec8b 703 if (_config->FindB("aptwebserver::support::modified-since", true) == true && condition.empty() == false)
575fe03e
DK		 704 {
705 time_t cache;
706 if (RFC1123StrToTime(condition.c_str(), cache) == true &&
707 cache >= data.ModificationTime())
708 {
709 sendHead(client, 304, headers);
710 continue;
711 }
712 }
713
714 if (_config->FindB("aptwebserver::support::range", true) == true)
715 condition = LookupTag(*m, "Range", "");
716 else
717 condition.clear();
718 if (condition.empty() == false && strncmp(condition.c_str(), "bytes=", 6) == 0)
719 {
d94b1d80
DK		 720 std::string ranges = ',' + _config->Find("aptwebserver::response-header::Accept-Ranges") + ',';
721 ranges.erase(std::remove(ranges.begin(), ranges.end(), ' '), ranges.end());
722 if (ranges.find(",bytes,") == std::string::npos)
723 {
724 // we handle it as an error here because we are a test server - a real one should just ignore it
725 sendError(client, 400, *m, sendContent, "Client does range requests we don't support", headers);
726 continue;
727 }
728
575fe03e
DK		 729 time_t cache;
730 std::string ifrange;
731 if (_config->FindB("aptwebserver::support::if-range", true) == true)
732 ifrange = LookupTag(*m, "If-Range", "");
733 bool validrange = (ifrange.empty() == true ||
734 (RFC1123StrToTime(ifrange.c_str(), cache) == true &&
735 cache <= data.ModificationTime()));
736
737 // FIXME: support multiple byte-ranges (APT clients do not do this)
738 if (condition.find(',') == std::string::npos)
739 {
740 size_t start = 6;
741 unsigned long long filestart = strtoull(condition.c_str() + start, NULL, 10);
742 // FIXME: no support for last-byte-pos being not the end of the file (APT clients do not do this)
743 size_t dash = condition.find('-') + 1;
744 unsigned long long fileend = strtoull(condition.c_str() + dash, NULL, 10);
745 unsigned long long filesize = data.FileSize();
746 if ((fileend == 0 || (fileend == filesize && fileend >= filestart)) &&
747 validrange == true)
748 {
749 if (filesize > filestart)
750 {
751 data.Skip(filestart);
f4a91278
MV		 752 // make sure to send content-range before conent-length
753 // as regression test for LP: #1445239
575fe03e
DK		 754 std::ostringstream contentrange;
755 contentrange << "Content-Range: bytes " << filestart << "-"
756 << filesize - 1 << "/" << filesize;
757 headers.push_back(contentrange.str());
ceafe8a6
MV		 758 std::ostringstream contentlength;
759 contentlength << "Content-Length: " << (filesize - filestart);
760 headers.push_back(contentlength.str());
575fe03e
DK		 761 sendHead(client, 206, headers);
762 if (sendContent == true)
ed793a19 763 sendFile(client, headers, data);
575fe03e
DK		 764 continue;
765 }
766 else
767 {
dcbb364f
DK		 768 if (_config->FindB("aptwebserver::support::content-range", true) == true)
769 {
770 std::ostringstream contentrange;
771 contentrange << "Content-Range: bytes */" << filesize;
772 headers.push_back(contentrange.str());
773 }
ed793a19 774 sendError(client, 416, *m, sendContent, "", headers);
c1e7b364 775 continue;
575fe03e
DK		 776 }
777 }
778 }
779 }
780
781 addFileHeaders(headers, data);
782 sendHead(client, 200, headers);
783 if (sendContent == true)
ed793a19 784 sendFile(client, headers, data);
575fe03e
DK		 785 }
786 else if (DirectoryExists(filename) == true)
787 {
788 if (filename[filename.length()-1] == '/')
ed793a19 789 sendDirectoryListing(client, filename, *m, sendContent, headers);
575fe03e
DK		 790 else
791 sendRedirect(client, 301, filename.append("/"), *m, sendContent);
792 }
793 else
ed793a19 794 sendError(client, 404, *m, sendContent, "", headers);
575fe03e 795 }
117038ba
DK		 796
797 // if we announced a closing in the last response, do the close now
798 if (std::find(headers.begin(), headers.end(), std::string("Connection: close")) != headers.end())
799 closeConnection = true;
800
801 if (_error->PendingError() == true)
802 break;
575fe03e 803 _error->DumpErrors(std::cerr);
575fe03e 804 }
117038ba 805 _error->DumpErrors(std::cerr);
575fe03e
DK		 806 close(client);
807 std::clog << "CLOSE client " << client << std::endl;
808 return NULL;
809}
810 /*}}}*/
811
fbd29dd6
DK		 812int main(int const argc, const char * argv[])
813{
814 CommandLine::Args Args[] = {
815 {0, "port", "aptwebserver::port", CommandLine::HasArg},
f2380a78 816 {0, "request-absolute", "aptwebserver::request::absolute", CommandLine::HasArg},
b0314abb
DK		 817 {0, "authorization", "aptwebserver::authorization", CommandLine::HasArg},
818 {0, "proxy-authorization", "aptwebserver::proxy-authorization", CommandLine::HasArg},
fbd29dd6
DK		 819 {'c',"config-file",0,CommandLine::ConfigFile},
820 {'o',"option",0,CommandLine::ArbItem},
821 {0,0,0,0}
822 };
823
824 CommandLine CmdL(Args, _config);
825 if(CmdL.Parse(argc,argv) == false)
826 {
827 _error->DumpErrors();
828 exit(1);
829 }
830
831 // create socket, bind and listen to it {{{
832 // ignore SIGPIPE, this can happen on write() if the socket closes connection
833 signal(SIGPIPE, SIG_IGN);
575fe03e
DK		 834 // we don't care for our slaves, so ignore their death
835 signal(SIGCHLD, SIG_IGN);
836
fbd29dd6
DK		 837 int sock = socket(AF_INET6, SOCK_STREAM, 0);
838 if(sock < 0)
839 {
840 _error->Errno("aptwerbserver", "Couldn't create socket");
841 _error->DumpErrors(std::cerr);
842 return 1;
843 }
844
6c0765c0 845 int port = _config->FindI("aptwebserver::port", 8080);
fbd29dd6
DK		 846
847 // ensure that we accept all connections: v4 or v6
848 int const iponly = 0;
849 setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &iponly, sizeof(iponly));
850 // to not linger on an address
851 int const enable = 1;
852 setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &enable, sizeof(enable));
853
854 struct sockaddr_in6 locAddr;
855 memset(&locAddr, 0, sizeof(locAddr));
856 locAddr.sin6_family = AF_INET6;
857 locAddr.sin6_port = htons(port);
858 locAddr.sin6_addr = in6addr_any;
859
860 if (bind(sock, (struct sockaddr*) &locAddr, sizeof(locAddr)) < 0)
861 {
862 _error->Errno("aptwerbserver", "Couldn't bind");
863 _error->DumpErrors(std::cerr);
864 return 2;
865 }
866
6c0765c0
DK		 867 if (port == 0)
868 {
869 struct sockaddr_in6 addr;
870 socklen_t addrlen = sizeof(sockaddr_in6);
871 if (getsockname(sock, (struct sockaddr*) &addr, &addrlen) != 0)
872 _error->Errno("getsockname", "Could not get chosen port number");
873 else
874 port = ntohs(addr.sin6_port);
875 }
876 std::string const portfilename = _config->Find("aptwebserver::portfile", "");
877 if (portfilename.empty() == false)
878 {
879 FileFd portfile(portfilename, FileFd::WriteOnly | FileFd::Create | FileFd::Empty);
880 std::string portcontent;
881 strprintf(portcontent, "%d", port);
882 portfile.Write(portcontent.c_str(), portcontent.size());
883 portfile.Sync();
884 }
885 _config->Set("aptwebserver::port::http", port);
886
e3c62328
DK		 887 FileFd pidfile;
888 if (_config->FindB("aptwebserver::fork", false) == true)
889 {
890 std::string const pidfilename = _config->Find("aptwebserver::pidfile", "aptwebserver.pid");
891 int const pidfilefd = GetLock(pidfilename);
892 if (pidfilefd < 0 || pidfile.OpenDescriptor(pidfilefd, FileFd::WriteOnly) == false)
893 {
894 _error->Errno("aptwebserver", "Couldn't acquire lock on pidfile '%s'", pidfilename.c_str());
895 _error->DumpErrors(std::cerr);
896 return 3;
897 }
898
899 pid_t child = fork();
900 if (child < 0)
901 {
902 _error->Errno("aptwebserver", "Forking failed");
903 _error->DumpErrors(std::cerr);
904 return 4;
905 }
906 else if (child != 0)
907 {
908 // successfully forked: ready to serve!
909 std::string pidcontent;
910 strprintf(pidcontent, "%d", child);
911 pidfile.Write(pidcontent.c_str(), pidcontent.size());
6c0765c0 912 pidfile.Sync();
e3c62328
DK		 913 if (_error->PendingError() == true)
914 {
915 _error->DumpErrors(std::cerr);
916 return 5;
917 }
918 std::cout << "Successfully forked as " << child << std::endl;
919 return 0;
920 }
921 }
922
fbd29dd6
DK		 923 std::clog << "Serving ANY file on port: " << port << std::endl;
924
d61960d9
DK		 925 int const slaves = _config->FindI("aptwebserver::slaves", SOMAXCONN);
926 std::cerr << "SLAVES: " << slaves << std::endl;
575fe03e 927 listen(sock, slaves);
fbd29dd6
DK		 928 /*}}}*/
929
14c84d02
DK		 930 _config->CndSet("aptwebserver::response-header::Server", "APT webserver");
931 _config->CndSet("aptwebserver::response-header::Accept-Ranges", "bytes");
3c16b5fe 932 _config->CndSet("aptwebserver::directoryindex", "index.html");
14c84d02 933
575fe03e 934 std::list<int> accepted_clients;
fbd29dd6 935
575fe03e
DK		 936 while (true)
937 {
938 int client = accept(sock, NULL, NULL);
939 if (client == -1)
fbd29dd6 940 {
575fe03e
DK		 941 if (errno == EINTR)
942 continue;
943 _error->Errno("accept", "Couldn't accept client on socket %d", sock);
944 _error->DumpErrors(std::cerr);
945 return 6;
946 }
14c84d02 947
575fe03e
DK		 948 pthread_attr_t attr;
949 if (pthread_attr_init(&attr) != 0 || pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED) != 0)
950 {
951 _error->Errno("pthread_attr", "Couldn't set detach attribute for a fresh thread to handle client %d on socket %d", client, sock);
fbd29dd6 952 _error->DumpErrors(std::cerr);
575fe03e
DK		 953 close(client);
954 continue;
fbd29dd6
DK		 955 }
956
575fe03e
DK		 957 pthread_t tid;
958 // thats rather dirty, but we need to store the client socket somewhere safe
959 accepted_clients.push_front(client);
960 if (pthread_create(&tid, &attr, &handleClient, &(*accepted_clients.begin())) != 0)
961 {
962 _error->Errno("pthread_create", "Couldn't create a fresh thread to handle client %d on socket %d", client, sock);
963 _error->DumpErrors(std::cerr);
964 close(client);
965 continue;
966 }
fbd29dd6 967 }
e3c62328
DK		 968 pidfile.Close();
969
fbd29dd6
DK		 970 return 0;
971}
APT (for Cydia)