]> git.saurik.com Git - apt.git/blobdiff - test/interactive-helper/aptwebserver.cc
projects / apt.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
use getline() instead of rolling our own
[apt.git] / test / interactive-helper / aptwebserver.cc
diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc
index b7663a76aa421b34c48f2745890548b79c7dce4e..00004a524ffbe2b2ec4a9a6e1ef2ba1b81828ff5 100644 (file)
--- a/test/interactive-helper/aptwebserver.cc
+++ b/test/interactive-helper/aptwebserver.cc
@@ -1,29 +1,31 @@
 #include <config.h>
 
 #include <config.h>
 
-#include <apt-pkg/strutl.h>
-#include <apt-pkg/fileutl.h>
-#include <apt-pkg/error.h>
 #include <apt-pkg/cmndline.h>
 #include <apt-pkg/configuration.h>
 #include <apt-pkg/cmndline.h>
 #include <apt-pkg/configuration.h>
-#include <apt-pkg/init.h>
-
-#include <vector>
-#include <string>
-#include <list>
-#include <sstream>
+#include <apt-pkg/error.h>
+#include <apt-pkg/fileutl.h>
+#include <apt-pkg/strutl.h>
 
 
+#include <dirent.h>
+#include <errno.h>
+#include <netinet/in.h>
+#include <pthread.h>
+#include <regex.h>
+#include <signal.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
 #include <sys/socket.h>
 #include <sys/socket.h>
-#include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/stat.h>
-#include <netinet/in.h>
-#include <unistd.h>
-#include <errno.h>
 #include <time.h>
 #include <time.h>
-#include <stdlib.h>
-#include <dirent.h>
-#include <signal.h>
+#include <unistd.h>
+#include <iostream>
+#include <sstream>
+#include <list>
+#include <string>
+#include <vector>
 
 
-char const * const httpcodeToStr(int const httpcode)                   /*{{{*/
+static char const * httpcodeToStr(int const httpcode)          /*{{{*/
 {
    switch (httpcode)
    {
 {
    switch (httpcode)
    {
@@ -77,7 +79,7 @@ char const * const httpcodeToStr(int const httpcode)                  /*{{{*/
    return NULL;
 }
                                                                        /*}}}*/
    return NULL;
 }
                                                                        /*}}}*/
-void addFileHeaders(std::list<std::string> &headers, FileFd &data)     /*{{{*/
+static void addFileHeaders(std::list<std::string> &headers, FileFd &data)/*{{{*/
 {
    std::ostringstream contentlength;
    contentlength << "Content-Length: " << data.FileSize();
 {
    std::ostringstream contentlength;
    contentlength << "Content-Length: " << data.FileSize();
@@ -88,14 +90,14 @@ void addFileHeaders(std::list<std::string> &headers, FileFd &data)  /*{{{*/
    headers.push_back(lastmodified);
 }
                                                                        /*}}}*/
    headers.push_back(lastmodified);
 }
                                                                        /*}}}*/
-void addDataHeaders(std::list<std::string> &headers, std::string &data)        /*{{{*/
+static void addDataHeaders(std::list<std::string> &headers, std::string &data)/*{{{*/
 {
    std::ostringstream contentlength;
    contentlength << "Content-Length: " << data.size();
    headers.push_back(contentlength.str());
 }
                                                                        /*}}}*/
 {
    std::ostringstream contentlength;
    contentlength << "Content-Length: " << data.size();
    headers.push_back(contentlength.str());
 }
                                                                        /*}}}*/
-bool sendHead(int const client, int const httpcode, std::list<std::string> &headers)/*{{{*/
+static bool sendHead(int const client, int const httpcode, std::list<std::string> &headers)/*{{{*/
 {
    std::string response("HTTP/1.1 ");
    response.append(httpcodeToStr(httpcode));
 {
    std::string response("HTTP/1.1 ");
    response.append(httpcodeToStr(httpcode));
@@ -128,7 +130,7 @@ bool sendHead(int const client, int const httpcode, std::list<std::string> &head
    return Success;
 }
                                                                        /*}}}*/
    return Success;
 }
                                                                        /*}}}*/
-bool sendFile(int const client, FileFd &data)                          /*{{{*/
+static bool sendFile(int const client, FileFd &data)                   /*{{{*/
 {
    bool Success = true;
    char buffer[500];
 {
    bool Success = true;
    char buffer[500];
@@ -144,7 +146,7 @@ bool sendFile(int const client, FileFd &data)                               /*{{{*/
    return Success;
 }
                                                                        /*}}}*/
    return Success;
 }
                                                                        /*}}}*/
-bool sendData(int const client, std::string const &data)               /*{{{*/
+static bool sendData(int const client, std::string const &data)                /*{{{*/
 {
    if (FileFd::Write(client, data.c_str(), data.size()) == false)
    {
 {
    if (FileFd::Write(client, data.c_str(), data.size()) == false)
    {
@@ -154,10 +156,9 @@ bool sendData(int const client, std::string const &data)           /*{{{*/
    return true;
 }
                                                                        /*}}}*/
    return true;
 }
                                                                        /*}}}*/
-void sendError(int const client, int const httpcode, std::string const &request,/*{{{*/
-              bool content, std::string const &error = "")
+static void sendError(int const client, int const httpcode, std::string const &request,/*{{{*/
+              bool content, std::string const &error = "", std::list<std::string> headers = std::list<std::string>())
 {
 {
-   std::list<std::string> headers;
    std::string response("<html><head><title>");
    response.append(httpcodeToStr(httpcode)).append("</title></head>");
    response.append("<body><h1>").append(httpcodeToStr(httpcode)).append("</h1>");
    std::string response("<html><head><title>");
    response.append(httpcodeToStr(httpcode)).append("</title></head>");
    response.append("<body><h1>").append(httpcodeToStr(httpcode)).append("</h1>");
@@ -179,13 +180,13 @@ void sendError(int const client, int const httpcode, std::string const &request,
    if (content == true)
       sendData(client, response);
 }
    if (content == true)
       sendData(client, response);
 }
-void sendSuccess(int const client, std::string const &request,
+static void sendSuccess(int const client, std::string const &request,
               bool content, std::string const &error = "")
 {
    sendError(client, 200, request, content, error);
 }
                                                                        /*}}}*/
               bool content, std::string const &error = "")
 {
    sendError(client, 200, request, content, error);
 }
                                                                        /*}}}*/
-void sendRedirect(int const client, int const httpcode, std::string const &uri,/*{{{*/
+static void sendRedirect(int const client, int const httpcode, std::string const &uri,/*{{{*/
                  std::string const &request, bool content)
 {
    std::list<std::string> headers;
                  std::string const &request, bool content)
 {
    std::list<std::string> headers;
@@ -197,9 +198,14 @@ void sendRedirect(int const client, int const httpcode, std::string const &uri,/
    response.append(request).append("</pre></body></html>");
    addDataHeaders(headers, response);
    std::string location("Location: ");
    response.append(request).append("</pre></body></html>");
    addDataHeaders(headers, response);
    std::string location("Location: ");
-   if (strncmp(uri.c_str(), "http://", 7) != 0)
+   if (strncmp(uri.c_str(), "http://", 7) != 0 && strncmp(uri.c_str(), "https://", 8) != 0)
    {
    {
-      location.append("http://").append(LookupTag(request, "Host")).append("/");
+      std::string const host = LookupTag(request, "Host");
+      if (host.find(":4433") != std::string::npos)
+        location.append("https://");
+      else
+        location.append("http://");
+      location.append(host).append("/");
       if (strncmp("/home/", uri.c_str(), strlen("/home/")) == 0 && uri.find("/public_html/") != std::string::npos)
       {
         std::string homeuri = SubstVar(uri, "/home/", "~");
       if (strncmp("/home/", uri.c_str(), strlen("/home/")) == 0 && uri.find("/public_html/") != std::string::npos)
       {
         std::string homeuri = SubstVar(uri, "/home/", "~");
@@ -217,7 +223,7 @@ void sendRedirect(int const client, int const httpcode, std::string const &uri,/
       sendData(client, response);
 }
                                                                        /*}}}*/
       sendData(client, response);
 }
                                                                        /*}}}*/
-int filter_hidden_files(const struct dirent *a)                                /*{{{*/
+static int filter_hidden_files(const struct dirent *a)                 /*{{{*/
 {
    if (a->d_name[0] == '.')
       return 0;
 {
    if (a->d_name[0] == '.')
       return 0;
@@ -231,7 +237,7 @@ int filter_hidden_files(const struct dirent *a)                             /*{{{*/
 #endif
    return 1;
 }
 #endif
    return 1;
 }
-int grouped_alpha_case_sort(const struct dirent **a, const struct dirent **b) {
+static int grouped_alpha_case_sort(const struct dirent **a, const struct dirent **b) {
 #ifdef _DIRENT_HAVE_D_TYPE
    if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_DIR);
    else if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_REG)
 #ifdef _DIRENT_HAVE_D_TYPE
    if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_DIR);
    else if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_REG)
@@ -255,7 +261,7 @@ int grouped_alpha_case_sort(const struct dirent **a, const struct dirent **b) {
    return strcasecmp((*a)->d_name, (*b)->d_name);
 }
                                                                        /*}}}*/
    return strcasecmp((*a)->d_name, (*b)->d_name);
 }
                                                                        /*}}}*/
-void sendDirectoryListing(int const client, std::string const &dir,    /*{{{*/
+static void sendDirectoryListing(int const client, std::string const &dir,/*{{{*/
                          std::string const &request, bool content)
 {
    std::list<std::string> headers;
                          std::string const &request, bool content)
 {
    std::list<std::string> headers;
@@ -307,7 +313,7 @@ void sendDirectoryListing(int const client, std::string const &dir, /*{{{*/
       sendData(client, response);
 }
                                                                        /*}}}*/
       sendData(client, response);
 }
                                                                        /*}}}*/
-bool parseFirstLine(int const client, std::string const &request,      /*{{{*/
+static bool parseFirstLine(int const client, std::string const &request,/*{{{*/
                    std::string &filename, std::string &params, bool &sendContent,
                    bool &closeConnection)
 {
                    std::string &filename, std::string &params, bool &sendContent,
                    bool &closeConnection)
 {
@@ -360,22 +366,88 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/
 
    // Proxies require absolute uris, so this is a simple proxy-fake option
    std::string const absolute = _config->Find("aptwebserver::request::absolute", "uri,path");
 
    // Proxies require absolute uris, so this is a simple proxy-fake option
    std::string const absolute = _config->Find("aptwebserver::request::absolute", "uri,path");
-   if (strncmp(host.c_str(), filename.c_str(), host.length()) == 0)
+   if (strncmp(host.c_str(), filename.c_str(), host.length()) == 0 && APT::String::Startswith(filename, "/_config/") == false)
    {
       if (absolute.find("uri") == std::string::npos)
       {
         sendError(client, 400, request, sendContent, "Request is absoluteURI, but configured to not accept that");
         return false;
       }
    {
       if (absolute.find("uri") == std::string::npos)
       {
         sendError(client, 400, request, sendContent, "Request is absoluteURI, but configured to not accept that");
         return false;
       }
+
       // strip the host from the request to make it an absolute path
       filename.erase(0, host.length());
       // strip the host from the request to make it an absolute path
       filename.erase(0, host.length());
+
+      std::string const authConf = _config->Find("aptwebserver::proxy-authorization", "");
+      std::string auth = LookupTag(request, "Proxy-Authorization", "");
+      if (authConf.empty() != auth.empty())
+      {
+        if (auth.empty())
+           sendError(client, 407, request, sendContent, "Proxy requires authentication");
+        else
+           sendError(client, 407, request, sendContent, "Client wants to authenticate to proxy, but proxy doesn't need it");
+       return false;
+      }
+      if (authConf.empty() == false)
+      {
+        char const * const basic = "Basic ";
+        if (strncmp(auth.c_str(), basic, strlen(basic)) == 0)
+        {
+           auth.erase(0, strlen(basic));
+           if (auth != authConf)
+           {
+              sendError(client, 407, request, sendContent, "Proxy-Authentication doesn't match");
+              return false;
+           }
+        }
+        else
+        {
+           std::list<std::string> headers;
+           headers.push_back("Proxy-Authenticate: Basic");
+           sendError(client, 407, request, sendContent, "Unsupported Proxy-Authentication Scheme", headers);
+           return false;
+        }
+      }
    }
    }
-   else if (absolute.find("path") == std::string::npos)
+   else if (absolute.find("path") == std::string::npos && APT::String::Startswith(filename, "/_config/") == false)
    {
       sendError(client, 400, request, sendContent, "Request is absolutePath, but configured to not accept that");
       return false;
    }
 
    {
       sendError(client, 400, request, sendContent, "Request is absolutePath, but configured to not accept that");
       return false;
    }
 
+   if (APT::String::Startswith(filename, "/_config/") == false)
+   {
+      std::string const authConf = _config->Find("aptwebserver::authorization", "");
+      std::string auth = LookupTag(request, "Authorization", "");
+      if (authConf.empty() != auth.empty())
+      {
+        if (auth.empty())
+           sendError(client, 401, request, sendContent, "Server requires authentication");
+        else
+           sendError(client, 401, request, sendContent, "Client wants to authenticate to server, but server doesn't need it");
+        return false;
+      }
+      if (authConf.empty() == false)
+      {
+        char const * const basic = "Basic ";
+        if (strncmp(auth.c_str(), basic, strlen(basic)) == 0)
+        {
+           auth.erase(0, strlen(basic));
+           if (auth != authConf)
+           {
+              sendError(client, 401, request, sendContent, "Authentication doesn't match");
+              return false;
+           }
+        }
+        else
+        {
+           std::list<std::string> headers;
+           headers.push_back("WWW-Authenticate: Basic");
+           sendError(client, 401, request, sendContent, "Unsupported Authentication Scheme", headers);
+           return false;
+        }
+      }
+   }
+
    size_t paramspos = filename.find('?');
    if (paramspos != std::string::npos)
    {
    size_t paramspos = filename.find('?');
    if (paramspos != std::string::npos)
    {
@@ -427,9 +499,11 @@ bool parseFirstLine(int const client, std::string const &request,  /*{{{*/
    return true;
 }
                                                                        /*}}}*/
    return true;
 }
                                                                        /*}}}*/
-bool handleOnTheFlyReconfiguration(int const client, std::string const &request, std::vector<std::string> const &parts)/*{{{*/
+static bool handleOnTheFlyReconfiguration(int const client, std::string const &request, std::vector<std::string> parts)/*{{{*/
 {
    size_t const pcount = parts.size();
 {
    size_t const pcount = parts.size();
+   for (size_t i = 0; i < pcount; ++i)
+      parts[i] = DeQuoteString(parts[i]);
    if (pcount == 4 && parts[1] == "set")
    {
       _config->Set(parts[2], parts[3]);
    if (pcount == 4 && parts[1] == "set")
    {
       _config->Set(parts[2], parts[3]);
@@ -470,7 +544,7 @@ bool handleOnTheFlyReconfiguration(int const client, std::string const &request,
    return false;
 }
                                                                        /*}}}*/
    return false;
 }
                                                                        /*}}}*/
-void * handleClient(void * voidclient)                                 /*{{{*/
+static void * handleClient(void * voidclient)                          /*{{{*/
 {
    int client = *((int*)(voidclient));
    std::clog << "ACCEPT client " << client << std::endl;
 {
    int client = *((int*)(voidclient));
    std::clog << "ACCEPT client " << client << std::endl;
@@ -507,7 +581,8 @@ void * handleClient(void * voidclient)                                      /*{{{*/
            std::string redirect = "/" + filename;
            for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next)
               redirect = SubstVar(redirect, I->Tag, I->Value);
            std::string redirect = "/" + filename;
            for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next)
               redirect = SubstVar(redirect, I->Tag, I->Value);
-           redirect.erase(0,1);
+           if (redirect.empty() == false && redirect[0] == '/')
+              redirect.erase(0,1);
            if (redirect != filename)
            {
               sendRedirect(client, 301, redirect, *m, sendContent);
            if (redirect != filename)
            {
               sendRedirect(client, 301, redirect, *m, sendContent);
@@ -542,7 +617,13 @@ void * handleClient(void * voidclient)                                     /*{{{*/
         }
 
         // deal with the request
         }
 
         // deal with the request
-        if (RealFileExists(filename) == true)
+        if (_config->FindB("aptwebserver::support::http", true) == false &&
+              LookupTag(*m, "Host").find(":4433") == std::string::npos)
+        {
+           sendError(client, 400, *m, sendContent, "HTTP disabled, all requests must be HTTPS");
+           continue;
+        }
+        else if (RealFileExists(filename) == true)
         {
            FileFd data(filename, FileFd::ReadOnly);
            std::string condition = LookupTag(*m, "If-Modified-Since", "");
         {
            FileFd data(filename, FileFd::ReadOnly);
            std::string condition = LookupTag(*m, "If-Modified-Since", "");
@@ -642,6 +723,8 @@ int main(int const argc, const char * argv[])
    CommandLine::Args Args[] = {
       {0, "port", "aptwebserver::port", CommandLine::HasArg},
       {0, "request-absolute", "aptwebserver::request::absolute", CommandLine::HasArg},
    CommandLine::Args Args[] = {
       {0, "port", "aptwebserver::port", CommandLine::HasArg},
       {0, "request-absolute", "aptwebserver::request::absolute", CommandLine::HasArg},
+      {0, "authorization", "aptwebserver::authorization", CommandLine::HasArg},
+      {0, "proxy-authorization", "aptwebserver::proxy-authorization", CommandLine::HasArg},
       {'c',"config-file",0,CommandLine::ConfigFile},
       {'o',"option",0,CommandLine::ArbItem},
       {0,0,0,0}
       {'c',"config-file",0,CommandLine::ConfigFile},
       {'o',"option",0,CommandLine::ArbItem},
       {0,0,0,0}
APT (for Cydia)