X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/649d3c5b7df830a67ad946921233da349c13a826..bd4a8f51649ee37291c6e07310104a94f4f5fbed:/test/interactive-helper/aptwebserver.cc?ds=sidebyside diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc index 4dae342dd..849323cc0 100644 --- a/test/interactive-helper/aptwebserver.cc +++ b/test/interactive-helper/aptwebserver.cc @@ -1,101 +1,120 @@ #include -#include -#include -#include #include #include -#include - -#include -#include -#include -#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include #include -#include #include -#include -#include -#include #include -#include -#include -#include +#include -char const * const httpcodeToStr(int const httpcode) /*{{{*/ +#include +#include +#include +#include +#include +#include + +static std::string httpcodeToStr(int const httpcode) /*{{{*/ { switch (httpcode) { // Informational 1xx - case 100: return "100 Continue"; - case 101: return "101 Switching Protocols"; + case 100: return _config->Find("aptwebserver::httpcode::100", "100 Continue"); + case 101: return _config->Find("aptwebserver::httpcode::101", "101 Switching Protocols"); // Successful 2xx - case 200: return "200 OK"; - case 201: return "201 Created"; - case 202: return "202 Accepted"; - case 203: return "203 Non-Authoritative Information"; - case 204: return "204 No Content"; - case 205: return "205 Reset Content"; - case 206: return "206 Partial Content"; + case 200: return _config->Find("aptwebserver::httpcode::200", "200 OK"); + case 201: return _config->Find("aptwebserver::httpcode::201", "201 Created"); + case 202: return _config->Find("aptwebserver::httpcode::202", "202 Accepted"); + case 203: return _config->Find("aptwebserver::httpcode::203", "203 Non-Authoritative Information"); + case 204: return _config->Find("aptwebserver::httpcode::204", "204 No Content"); + case 205: return _config->Find("aptwebserver::httpcode::205", "205 Reset Content"); + case 206: return _config->Find("aptwebserver::httpcode::206", "206 Partial Content"); // Redirections 3xx - case 300: return "300 Multiple Choices"; - case 301: return "301 Moved Permanently"; - case 302: return "302 Found"; - case 303: return "303 See Other"; - case 304: return "304 Not Modified"; - case 305: return "304 Use Proxy"; - case 307: return "307 Temporary Redirect"; + case 300: return _config->Find("aptwebserver::httpcode::300", "300 Multiple Choices"); + case 301: return _config->Find("aptwebserver::httpcode::301", "301 Moved Permanently"); + case 302: return _config->Find("aptwebserver::httpcode::302", "302 Found"); + case 303: return _config->Find("aptwebserver::httpcode::303", "303 See Other"); + case 304: return _config->Find("aptwebserver::httpcode::304", "304 Not Modified"); + case 305: return _config->Find("aptwebserver::httpcode::305", "305 Use Proxy"); + case 307: return _config->Find("aptwebserver::httpcode::307", "307 Temporary Redirect"); // Client errors 4xx - case 400: return "400 Bad Request"; - case 401: return "401 Unauthorized"; - case 402: return "402 Payment Required"; - case 403: return "403 Forbidden"; - case 404: return "404 Not Found"; - case 405: return "405 Method Not Allowed"; - case 406: return "406 Not Acceptable"; - case 407: return "407 Proxy Authentication Required"; - case 408: return "408 Request Time-out"; - case 409: return "409 Conflict"; - case 410: return "410 Gone"; - case 411: return "411 Length Required"; - case 412: return "412 Precondition Failed"; - case 413: return "413 Request Entity Too Large"; - case 414: return "414 Request-URI Too Large"; - case 415: return "415 Unsupported Media Type"; - case 416: return "416 Requested range not satisfiable"; - case 417: return "417 Expectation Failed"; - case 418: return "418 I'm a teapot"; + case 400: return _config->Find("aptwebserver::httpcode::400", "400 Bad Request"); + case 401: return _config->Find("aptwebserver::httpcode::401", "401 Unauthorized"); + case 402: return _config->Find("aptwebserver::httpcode::402", "402 Payment Required"); + case 403: return _config->Find("aptwebserver::httpcode::403", "403 Forbidden"); + case 404: return _config->Find("aptwebserver::httpcode::404", "404 Not Found"); + case 405: return _config->Find("aptwebserver::httpcode::405", "405 Method Not Allowed"); + case 406: return _config->Find("aptwebserver::httpcode::406", "406 Not Acceptable"); + case 407: return _config->Find("aptwebserver::httpcode::407", "407 Proxy Authentication Required"); + case 408: return _config->Find("aptwebserver::httpcode::408", "408 Request Time-out"); + case 409: return _config->Find("aptwebserver::httpcode::409", "409 Conflict"); + case 410: return _config->Find("aptwebserver::httpcode::410", "410 Gone"); + case 411: return _config->Find("aptwebserver::httpcode::411", "411 Length Required"); + case 412: return _config->Find("aptwebserver::httpcode::412", "412 Precondition Failed"); + case 413: return _config->Find("aptwebserver::httpcode::413", "413 Request Entity Too Large"); + case 414: return _config->Find("aptwebserver::httpcode::414", "414 Request-URI Too Large"); + case 415: return _config->Find("aptwebserver::httpcode::415", "415 Unsupported Media Type"); + case 416: return _config->Find("aptwebserver::httpcode::416", "416 Requested range not satisfiable"); + case 417: return _config->Find("aptwebserver::httpcode::417", "417 Expectation Failed"); + case 418: return _config->Find("aptwebserver::httpcode::418", "418 I'm a teapot"); // Server error 5xx - case 500: return "500 Internal Server Error"; - case 501: return "501 Not Implemented"; - case 502: return "502 Bad Gateway"; - case 503: return "503 Service Unavailable"; - case 504: return "504 Gateway Time-out"; - case 505: return "505 HTTP Version not supported"; + case 500: return _config->Find("aptwebserver::httpcode::500", "500 Internal Server Error"); + case 501: return _config->Find("aptwebserver::httpcode::501", "501 Not Implemented"); + case 502: return _config->Find("aptwebserver::httpcode::502", "502 Bad Gateway"); + case 503: return _config->Find("aptwebserver::httpcode::503", "503 Service Unavailable"); + case 504: return _config->Find("aptwebserver::httpcode::504", "504 Gateway Time-out"); + case 505: return _config->Find("aptwebserver::httpcode::505", "505 HTTP Version not supported"); } - return NULL; + return ""; } /*}}}*/ -void addFileHeaders(std::list &headers, FileFd &data) /*{{{*/ +static bool chunkedTransferEncoding(std::list const &headers) { + if (std::find(headers.begin(), headers.end(), "Transfer-Encoding: chunked") != headers.end()) + return true; + if (_config->FindB("aptwebserver::chunked-transfer-encoding", false) == true) + return true; + return false; +} +static void addFileHeaders(std::list &headers, FileFd &data)/*{{{*/ { - std::ostringstream contentlength; - contentlength << "Content-Length: " << data.FileSize(); - headers.push_back(contentlength.str()); - - std::string lastmodified("Last-Modified: "); - lastmodified.append(TimeRFC1123(data.ModificationTime())); - headers.push_back(lastmodified); + if (chunkedTransferEncoding(headers) == false) + { + std::ostringstream contentlength; + contentlength << "Content-Length: " << data.FileSize(); + headers.push_back(contentlength.str()); + } + if (_config->FindB("aptwebserver::support::last-modified", true) == true) + { + std::string lastmodified("Last-Modified: "); + lastmodified.append(TimeRFC1123(data.ModificationTime())); + headers.push_back(lastmodified); + } } /*}}}*/ -void addDataHeaders(std::list &headers, std::string &data) /*{{{*/ +static void addDataHeaders(std::list &headers, std::string &data)/*{{{*/ { - std::ostringstream contentlength; - contentlength << "Content-Length: " << data.size(); - headers.push_back(contentlength.str()); + if (chunkedTransferEncoding(headers) == false) + { + std::ostringstream contentlength; + contentlength << "Content-Length: " << data.size(); + headers.push_back(contentlength.str()); + } } /*}}}*/ -bool sendHead(int const client, int const httpcode, std::list &headers)/*{{{*/ +static bool sendHead(int const client, int const httpcode, std::list &headers)/*{{{*/ { std::string response("HTTP/1.1 "); response.append(httpcodeToStr(httpcode)); @@ -112,7 +131,10 @@ bool sendHead(int const client, int const httpcode, std::list &head date.append(TimeRFC1123(time(NULL))); headers.push_back(date); - std::clog << ">>> RESPONSE >>>" << std::endl; + if (chunkedTransferEncoding(headers) == true) + headers.push_back("Transfer-Encoding: chunked"); + + std::clog << ">>> RESPONSE to " << client << " >>>" << std::endl; bool Success = true; for (std::list::const_iterator h = headers.begin(); Success == true && h != headers.end(); ++h) @@ -128,64 +150,98 @@ bool sendHead(int const client, int const httpcode, std::list &head return Success; } /*}}}*/ -bool sendFile(int const client, FileFd &data) /*{{{*/ +static bool sendFile(int const client, std::list const &headers, FileFd &data)/*{{{*/ { bool Success = true; + bool const chunked = chunkedTransferEncoding(headers); char buffer[500]; unsigned long long actual = 0; while ((Success &= data.Read(buffer, sizeof(buffer), &actual)) == true) { if (actual == 0) break; - if (Success == true) + + if (chunked == true) + { + std::string size; + strprintf(size, "%llX\r\n", actual); + Success &= FileFd::Write(client, size.c_str(), size.size()); + Success &= FileFd::Write(client, buffer, actual); + Success &= FileFd::Write(client, "\r\n", strlen("\r\n")); + } + else Success &= FileFd::Write(client, buffer, actual); } - if (Success == true) - Success &= FileFd::Write(client, "\r\n", 2); + if (chunked == true) + { + char const * const finish = "0\r\n\r\n"; + Success &= FileFd::Write(client, finish, strlen(finish)); + } + if (Success == false) + std::cerr << "SENDFILE:" << (chunked ? " CHUNKED" : "") << " READ/WRITE ERROR to " << client << std::endl; return Success; } /*}}}*/ -bool sendData(int const client, std::string const &data) /*{{{*/ +static bool sendData(int const client, std::list const &headers, std::string const &data)/*{{{*/ { - bool Success = true; - Success &= FileFd::Write(client, data.c_str(), data.size()); - if (Success == true) - Success &= FileFd::Write(client, "\r\n", 2); - return Success; + if (chunkedTransferEncoding(headers) == true) + { + unsigned long long const ullsize = data.length(); + std::string size; + strprintf(size, "%llX\r\n", ullsize); + char const * const finish = "\r\n0\r\n\r\n"; + if (FileFd::Write(client, size.c_str(), size.length()) == false || + FileFd::Write(client, data.c_str(), ullsize) == false || + FileFd::Write(client, finish, strlen(finish)) == false) + { + std::cerr << "SENDDATA: CHUNK WRITE ERROR to " << client << std::endl; + return false; + } + } + else if (FileFd::Write(client, data.c_str(), data.size()) == false) + { + std::cerr << "SENDDATA: WRITE ERROR to " << client << std::endl; + return false; + } + return true; } /*}}}*/ -void sendError(int const client, int const httpcode, std::string const &request,/*{{{*/ - bool content, std::string const &error = "") +static void sendError(int const client, int const httpcode, std::string const &request,/*{{{*/ + bool const content, std::string const &error, std::list &headers) { - std::list headers; std::string response(""); response.append(httpcodeToStr(httpcode)).append(""); response.append("

").append(httpcodeToStr(httpcode)).append("

"); if (httpcode != 200) - { - if (error.empty() == false) - response.append("

Error: ").append(error).append("

"); - response.append("This error is a result of the request:
");
-   }
+      response.append("

Error: "); + else + response.append("

Success: "); + if (error.empty() == false) + response.append(error); + else + response.append(httpcodeToStr(httpcode)); + if (httpcode != 200) + response.append("

This error is a result of the request:
");
    else
-   {
-      if (error.empty() == false)
-	 response.append("

Success: ").append(error).append("

"); response.append("The successfully executed operation was requested by:
");
-   }
    response.append(request).append("
"); + if (httpcode != 200) + { + if (_config->FindB("aptwebserver::closeOnError", false) == true) + headers.push_back("Connection: close"); + } addDataHeaders(headers, response); sendHead(client, httpcode, headers); if (content == true) - sendData(client, response); + sendData(client, headers, response); } -void sendSuccess(int const client, std::string const &request, - bool content, std::string const &error = "") +static void sendSuccess(int const client, std::string const &request, + bool const content, std::string const &error, std::list &headers) { - sendError(client, 200, request, content, error); + sendError(client, 200, request, content, error, headers); } /*}}}*/ -void sendRedirect(int const client, int const httpcode, std::string const &uri,/*{{{*/ +static void sendRedirect(int const client, int const httpcode, std::string const &uri,/*{{{*/ std::string const &request, bool content) { std::list headers; @@ -197,17 +253,35 @@ void sendRedirect(int const client, int const httpcode, std::string const &uri,/ response.append(request).append("
"); addDataHeaders(headers, response); std::string location("Location: "); - if (strncmp(uri.c_str(), "http://", 7) != 0) - location.append("http://").append(LookupTag(request, "Host")).append("/").append(uri); + if (strncmp(uri.c_str(), "http://", 7) != 0 && strncmp(uri.c_str(), "https://", 8) != 0) + { + std::string const host = LookupTag(request, "Host"); + unsigned int const httpsport = _config->FindI("aptwebserver::port::https", 4433); + std::string hosthttpsport; + strprintf(hosthttpsport, ":%u", httpsport); + if (host.find(hosthttpsport) != std::string::npos) + location.append("https://"); + else + location.append("http://"); + location.append(host).append("/"); + if (strncmp("/home/", uri.c_str(), strlen("/home/")) == 0 && uri.find("/public_html/") != std::string::npos) + { + std::string homeuri = SubstVar(uri, "/home/", "~"); + homeuri = SubstVar(homeuri, "/public_html/", "/"); + location.append(homeuri); + } + else + location.append(uri); + } else location.append(uri); headers.push_back(location); sendHead(client, httpcode, headers); if (content == true) - sendData(client, response); + sendData(client, headers, response); } /*}}}*/ -int filter_hidden_files(const struct dirent *a) /*{{{*/ +static int filter_hidden_files(const struct dirent *a) /*{{{*/ { if (a->d_name[0] == '.') return 0; @@ -221,7 +295,7 @@ int filter_hidden_files(const struct dirent *a) /*{{{*/ #endif return 1; } -int grouped_alpha_case_sort(const struct dirent **a, const struct dirent **b) { +static int grouped_alpha_case_sort(const struct dirent **a, const struct dirent **b) { #ifdef _DIRENT_HAVE_D_TYPE if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_DIR); else if ((*a)->d_type == DT_DIR && (*b)->d_type == DT_REG) @@ -245,17 +319,16 @@ int grouped_alpha_case_sort(const struct dirent **a, const struct dirent **b) { return strcasecmp((*a)->d_name, (*b)->d_name); } /*}}}*/ -void sendDirectoryListing(int const client, std::string const &dir, /*{{{*/ - std::string const &request, bool content) +static void sendDirectoryListing(int const client, std::string const &dir,/*{{{*/ + std::string const &request, bool content, std::list &headers) { - std::list headers; std::ostringstream listing; struct dirent **namelist; int const counter = scandir(dir.c_str(), &namelist, filter_hidden_files, grouped_alpha_case_sort); if (counter == -1) { - sendError(client, 500, request, content); + sendError(client, 500, request, content, "scandir failed", headers); return; } @@ -267,7 +340,7 @@ void sendDirectoryListing(int const client, std::string const &dir, /*{{{*/ << "" << std::endl << "

Index of " << dir << "

" << std::endl << "" << std::endl; - if (dir != ".") + if (dir != "./") listing << ""; for (int i = 0; i < counter; ++i) { struct stat fs; @@ -294,18 +367,18 @@ void sendDirectoryListing(int const client, std::string const &dir, /*{{{*/ addDataHeaders(headers, response); sendHead(client, 200, headers); if (content == true) - sendData(client, response); + sendData(client, headers, response); } /*}}}*/ -bool parseFirstLine(int const client, std::string const &request, /*{{{*/ - std::string &filename, bool &sendContent, - bool &closeConnection) +static bool parseFirstLine(int const client, std::string const &request,/*{{{*/ + std::string &filename, std::string ¶ms, bool &sendContent, + bool &closeConnection, std::list &headers) { if (strncmp(request.c_str(), "HEAD ", 5) == 0) sendContent = false; if (strncmp(request.c_str(), "GET ", 4) != 0) { - sendError(client, 501, request, true); + sendError(client, 501, request, true, "", headers); return false; } @@ -316,7 +389,7 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/ if (lineend == std::string::npos || filestart == std::string::npos || fileend == std::string::npos || filestart == fileend) { - sendError(client, 500, request, sendContent, "Filename can't be extracted"); + sendError(client, 500, request, sendContent, "Filename can't be extracted", headers); return false; } @@ -328,14 +401,14 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/ closeConnection = strcasecmp(LookupTag(request, "Connection", "Keep-Alive").c_str(), "close") == 0; else { - sendError(client, 500, request, sendContent, "Not a HTTP/1.{0,1} request"); + sendError(client, 500, request, sendContent, "Not a HTTP/1.{0,1} request", headers); return false; } filename = request.substr(filestart, fileend - filestart); if (filename.find(' ') != std::string::npos) { - sendError(client, 500, request, sendContent, "Filename contains an unencoded space"); + sendError(client, 500, request, sendContent, "Filename contains an unencoded space", headers); return false; } @@ -343,28 +416,101 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/ if (host.empty() == true) { // RFC 2616 §14.23 requires Host - sendError(client, 400, request, sendContent, "Host header is required"); + sendError(client, 400, request, sendContent, "Host header is required", headers); return false; } host = "http://" + host; // Proxies require absolute uris, so this is a simple proxy-fake option std::string const absolute = _config->Find("aptwebserver::request::absolute", "uri,path"); - if (strncmp(host.c_str(), filename.c_str(), host.length()) == 0) + if (strncmp(host.c_str(), filename.c_str(), host.length()) == 0 && APT::String::Startswith(filename, "/_config/") == false) { if (absolute.find("uri") == std::string::npos) { - sendError(client, 400, request, sendContent, "Request is absoluteURI, but configured to not accept that"); + sendError(client, 400, request, sendContent, "Request is absoluteURI, but configured to not accept that", headers); return false; } + // strip the host from the request to make it an absolute path filename.erase(0, host.length()); + + std::string const authConf = _config->Find("aptwebserver::proxy-authorization", ""); + std::string auth = LookupTag(request, "Proxy-Authorization", ""); + if (authConf.empty() != auth.empty()) + { + if (auth.empty()) + sendError(client, 407, request, sendContent, "Proxy requires authentication", headers); + else + sendError(client, 407, request, sendContent, "Client wants to authenticate to proxy, but proxy doesn't need it", headers); + return false; + } + if (authConf.empty() == false) + { + char const * const basic = "Basic "; + if (strncmp(auth.c_str(), basic, strlen(basic)) == 0) + { + auth.erase(0, strlen(basic)); + if (auth != authConf) + { + sendError(client, 407, request, sendContent, "Proxy-Authentication doesn't match", headers); + return false; + } + } + else + { + std::list headers; + headers.push_back("Proxy-Authenticate: Basic"); + sendError(client, 407, request, sendContent, "Unsupported Proxy-Authentication Scheme", headers); + return false; + } + } } - else if (absolute.find("path") == std::string::npos) + else if (absolute.find("path") == std::string::npos && APT::String::Startswith(filename, "/_config/") == false) { - sendError(client, 400, request, sendContent, "Request is absolutePath, but configured to not accept that"); + sendError(client, 400, request, sendContent, "Request is absolutePath, but configured to not accept that", headers); return false; } + + if (APT::String::Startswith(filename, "/_config/") == false) + { + std::string const authConf = _config->Find("aptwebserver::authorization", ""); + std::string auth = LookupTag(request, "Authorization", ""); + if (authConf.empty() != auth.empty()) + { + if (auth.empty()) + sendError(client, 401, request, sendContent, "Server requires authentication", headers); + else + sendError(client, 401, request, sendContent, "Client wants to authenticate to server, but server doesn't need it", headers); + return false; + } + if (authConf.empty() == false) + { + char const * const basic = "Basic "; + if (strncmp(auth.c_str(), basic, strlen(basic)) == 0) + { + auth.erase(0, strlen(basic)); + if (auth != authConf) + { + sendError(client, 401, request, sendContent, "Authentication doesn't match", headers); + return false; + } + } + else + { + headers.push_back("WWW-Authenticate: Basic"); + sendError(client, 401, request, sendContent, "Unsupported Authentication Scheme", headers); + return false; + } + } + } + + size_t paramspos = filename.find('?'); + if (paramspos != std::string::npos) + { + params = filename.substr(paramspos + 1); + filename.erase(paramspos); + } + filename = DeQuoteString(filename); // this is not a secure server, but at least prevent the obvious … @@ -373,65 +519,291 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/ filename.find_first_of("\r\n\t\f\v") != std::string::npos || filename.find("/../") != std::string::npos) { - sendError(client, 400, request, sendContent, "Filename contains illegal character (sequence)"); + std::list headers; + sendError(client, 400, request, sendContent, "Filename contains illegal character (sequence)", headers); return false; } // nuke the first character which is a / as we assured above filename.erase(0, 1); if (filename.empty() == true) - filename = "."; + filename = "./"; + // support ~user/ uris to refer to /home/user/public_html/ as a kind-of special directory + else if (filename[0] == '~') + { + // /home/user is actually not entirely correct, but good enough for now + size_t dashpos = filename.find('/'); + if (dashpos != std::string::npos) + { + std::string home = filename.substr(1, filename.find('/') - 1); + std::string pubhtml = filename.substr(filename.find('/') + 1); + filename = "/home/" + home + "/public_html/" + pubhtml; + } + else + filename = "/home/" + filename.substr(1) + "/public_html/"; + } + + // if no filename is given, but a valid directory see if we can use an index or + // have to resort to a autogenerated directory listing later on + if (DirectoryExists(filename) == true) + { + std::string const directoryIndex = _config->Find("aptwebserver::directoryindex"); + if (directoryIndex.empty() == false && directoryIndex == flNotDir(directoryIndex) && + RealFileExists(filename + directoryIndex) == true) + filename += directoryIndex; + } + return true; } /*}}}*/ -bool handleOnTheFlyReconfiguration(int const client, std::string const &request, std::vector const &parts)/*{{{*/ +static bool handleOnTheFlyReconfiguration(int const client, std::string const &request,/*{{{*/ + std::vector parts, std::list &headers) { size_t const pcount = parts.size(); + for (size_t i = 0; i < pcount; ++i) + parts[i] = DeQuoteString(parts[i]); if (pcount == 4 && parts[1] == "set") { _config->Set(parts[2], parts[3]); - sendSuccess(client, request, true, "Option '" + parts[2] + "' was set to '" + parts[3] + "'!"); + sendSuccess(client, request, true, "Option '" + parts[2] + "' was set to '" + parts[3] + "'!", headers); return true; } else if (pcount == 4 && parts[1] == "find") { - std::list headers; std::string response = _config->Find(parts[2], parts[3]); addDataHeaders(headers, response); sendHead(client, 200, headers); - sendData(client, response); + sendData(client, headers, response); return true; } else if (pcount == 3 && parts[1] == "find") { - std::list headers; if (_config->Exists(parts[2]) == true) { std::string response = _config->Find(parts[2]); addDataHeaders(headers, response); sendHead(client, 200, headers); - sendData(client, response); + sendData(client, headers, response); return true; } - sendError(client, 404, request, "Requested Configuration option doesn't exist."); + sendError(client, 404, request, true, "Requested Configuration option doesn't exist", headers); return false; } else if (pcount == 3 && parts[1] == "clear") { _config->Clear(parts[2]); - sendSuccess(client, request, true, "Option '" + parts[2] + "' was cleared."); + sendSuccess(client, request, true, "Option '" + parts[2] + "' was cleared.", headers); return true; } - sendError(client, 400, request, true, "Unknown on-the-fly configuration request"); + sendError(client, 400, request, true, "Unknown on-the-fly configuration request", headers); return false; } /*}}}*/ +static void * handleClient(void * voidclient) /*{{{*/ +{ + int client = *((int*)(voidclient)); + std::clog << "ACCEPT client " << client << std::endl; + bool closeConnection = false; + while (closeConnection == false) + { + std::vector messages; + if (ReadMessages(client, messages) == false) + break; + + std::list headers; + for (std::vector::const_iterator m = messages.begin(); + m != messages.end() && closeConnection == false; ++m) { + // if we announced a closing in previous response, do the close now + if (std::find(headers.begin(), headers.end(), std::string("Connection: close")) != headers.end()) + { + closeConnection = true; + break; + } + headers.clear(); + + std::clog << ">>> REQUEST from " << client << " >>>" << std::endl << *m + << std::endl << "<<<<<<<<<<<<<<<<" << std::endl; + std::string filename; + std::string params; + bool sendContent = true; + if (parseFirstLine(client, *m, filename, params, sendContent, closeConnection, headers) == false) + continue; + + // special webserver command request + if (filename.length() > 1 && filename[0] == '_') + { + std::vector parts = VectorizeString(filename, '/'); + if (parts[0] == "_config") + { + handleOnTheFlyReconfiguration(client, *m, parts, headers); + continue; + } + } + + // string replacements in the requested filename + ::Configuration::Item const *Replaces = _config->Tree("aptwebserver::redirect::replace"); + if (Replaces != NULL) + { + std::string redirect = "/" + filename; + for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next) + redirect = SubstVar(redirect, I->Tag, I->Value); + if (redirect.empty() == false && redirect[0] == '/') + redirect.erase(0,1); + if (redirect != filename) + { + sendRedirect(client, 301, redirect, *m, sendContent); + continue; + } + } + + ::Configuration::Item const *Overwrite = _config->Tree("aptwebserver::overwrite"); + if (Overwrite != NULL) + { + for (::Configuration::Item *I = Overwrite->Child; I != NULL; I = I->Next) + { + regex_t *pattern = new regex_t; + int const res = regcomp(pattern, I->Tag.c_str(), REG_EXTENDED | REG_ICASE | REG_NOSUB); + if (res != 0) + { + char error[300]; + regerror(res, pattern, error, sizeof(error)); + sendError(client, 500, *m, sendContent, error, headers); + continue; + } + if (regexec(pattern, filename.c_str(), 0, 0, 0) == 0) + { + filename = _config->Find("aptwebserver::overwrite::" + I->Tag + "::filename", filename); + if (filename[0] == '/') + filename.erase(0,1); + regfree(pattern); + break; + } + regfree(pattern); + } + } + + // deal with the request + unsigned int const httpsport = _config->FindI("aptwebserver::port::https", 4433); + std::string hosthttpsport; + strprintf(hosthttpsport, ":%u", httpsport); + if (_config->FindB("aptwebserver::support::http", true) == false && + LookupTag(*m, "Host").find(hosthttpsport) == std::string::npos) + { + sendError(client, 400, *m, sendContent, "HTTP disabled, all requests must be HTTPS", headers); + continue; + } + else if (RealFileExists(filename) == true) + { + FileFd data(filename, FileFd::ReadOnly); + std::string condition = LookupTag(*m, "If-Modified-Since", ""); + if (_config->FindB("aptwebserver::support::modified-since", true) == true && condition.empty() == false) + { + time_t cache; + if (RFC1123StrToTime(condition.c_str(), cache) == true && + cache >= data.ModificationTime()) + { + sendHead(client, 304, headers); + continue; + } + } + + if (_config->FindB("aptwebserver::support::range", true) == true) + condition = LookupTag(*m, "Range", ""); + else + condition.clear(); + if (condition.empty() == false && strncmp(condition.c_str(), "bytes=", 6) == 0) + { + time_t cache; + std::string ifrange; + if (_config->FindB("aptwebserver::support::if-range", true) == true) + ifrange = LookupTag(*m, "If-Range", ""); + bool validrange = (ifrange.empty() == true || + (RFC1123StrToTime(ifrange.c_str(), cache) == true && + cache <= data.ModificationTime())); + + // FIXME: support multiple byte-ranges (APT clients do not do this) + if (condition.find(',') == std::string::npos) + { + size_t start = 6; + unsigned long long filestart = strtoull(condition.c_str() + start, NULL, 10); + // FIXME: no support for last-byte-pos being not the end of the file (APT clients do not do this) + size_t dash = condition.find('-') + 1; + unsigned long long fileend = strtoull(condition.c_str() + dash, NULL, 10); + unsigned long long filesize = data.FileSize(); + if ((fileend == 0 || (fileend == filesize && fileend >= filestart)) && + validrange == true) + { + if (filesize > filestart) + { + data.Skip(filestart); + // make sure to send content-range before conent-length + // as regression test for LP: #1445239 + std::ostringstream contentrange; + contentrange << "Content-Range: bytes " << filestart << "-" + << filesize - 1 << "/" << filesize; + headers.push_back(contentrange.str()); + std::ostringstream contentlength; + contentlength << "Content-Length: " << (filesize - filestart); + headers.push_back(contentlength.str()); + sendHead(client, 206, headers); + if (sendContent == true) + sendFile(client, headers, data); + continue; + } + else + { + if (_config->FindB("aptwebserver::support::content-range", true) == true) + { + std::ostringstream contentrange; + contentrange << "Content-Range: bytes */" << filesize; + headers.push_back(contentrange.str()); + } + sendError(client, 416, *m, sendContent, "", headers); + break; + } + } + } + } + + addFileHeaders(headers, data); + sendHead(client, 200, headers); + if (sendContent == true) + sendFile(client, headers, data); + } + else if (DirectoryExists(filename) == true) + { + if (filename[filename.length()-1] == '/') + sendDirectoryListing(client, filename, *m, sendContent, headers); + else + sendRedirect(client, 301, filename.append("/"), *m, sendContent); + } + else + sendError(client, 404, *m, sendContent, "", headers); + } + + // if we announced a closing in the last response, do the close now + if (std::find(headers.begin(), headers.end(), std::string("Connection: close")) != headers.end()) + closeConnection = true; + + if (_error->PendingError() == true) + break; + _error->DumpErrors(std::cerr); + } + _error->DumpErrors(std::cerr); + close(client); + std::clog << "CLOSE client " << client << std::endl; + return NULL; +} + /*}}}*/ + int main(int const argc, const char * argv[]) { CommandLine::Args Args[] = { {0, "port", "aptwebserver::port", CommandLine::HasArg}, {0, "request-absolute", "aptwebserver::request::absolute", CommandLine::HasArg}, + {0, "authorization", "aptwebserver::authorization", CommandLine::HasArg}, + {0, "proxy-authorization", "aptwebserver::proxy-authorization", CommandLine::HasArg}, {'c',"config-file",0,CommandLine::ConfigFile}, {'o',"option",0,CommandLine::ArbItem}, {0,0,0,0} @@ -447,6 +819,9 @@ int main(int const argc, const char * argv[]) // create socket, bind and listen to it {{{ // ignore SIGPIPE, this can happen on write() if the socket closes connection signal(SIGPIPE, SIG_IGN); + // we don't care for our slaves, so ignore their death + signal(SIGCHLD, SIG_IGN); + int sock = socket(AF_INET6, SOCK_STREAM, 0); if(sock < 0) { @@ -455,7 +830,7 @@ int main(int const argc, const char * argv[]) return 1; } - int const port = _config->FindI("aptwebserver::port", 8080); + int port = _config->FindI("aptwebserver::port", 8080); // ensure that we accept all connections: v4 or v6 int const iponly = 0; @@ -477,6 +852,26 @@ int main(int const argc, const char * argv[]) return 2; } + if (port == 0) + { + struct sockaddr_in6 addr; + socklen_t addrlen = sizeof(sockaddr_in6); + if (getsockname(sock, (struct sockaddr*) &addr, &addrlen) != 0) + _error->Errno("getsockname", "Could not get chosen port number"); + else + port = ntohs(addr.sin6_port); + } + std::string const portfilename = _config->Find("aptwebserver::portfile", ""); + if (portfilename.empty() == false) + { + FileFd portfile(portfilename, FileFd::WriteOnly | FileFd::Create | FileFd::Empty); + std::string portcontent; + strprintf(portcontent, "%d", port); + portfile.Write(portcontent.c_str(), portcontent.size()); + portfile.Sync(); + } + _config->Set("aptwebserver::port::http", port); + FileFd pidfile; if (_config->FindB("aptwebserver::fork", false) == true) { @@ -502,6 +897,7 @@ int main(int const argc, const char * argv[]) std::string pidcontent; strprintf(pidcontent, "%d", child); pidfile.Write(pidcontent.c_str(), pidcontent.size()); + pidfile.Sync(); if (_error->PendingError() == true) { _error->DumpErrors(std::cerr); @@ -514,178 +910,48 @@ int main(int const argc, const char * argv[]) std::clog << "Serving ANY file on port: " << port << std::endl; - listen(sock, 1); + int const slaves = _config->FindI("aptwebserver::slaves", SOMAXCONN); + std::cerr << "SLAVES: " << slaves << std::endl; + listen(sock, slaves); /*}}}*/ _config->CndSet("aptwebserver::response-header::Server", "APT webserver"); _config->CndSet("aptwebserver::response-header::Accept-Ranges", "bytes"); + _config->CndSet("aptwebserver::directoryindex", "index.html"); - std::vector messages; - int client; - while ((client = accept(sock, NULL, NULL)) != -1) - { - std::clog << "ACCEPT client " << client - << " on socket " << sock << std::endl; + std::list accepted_clients; - while (ReadMessages(client, messages)) + while (true) + { + int client = accept(sock, NULL, NULL); + if (client == -1) { - bool closeConnection = false; - for (std::vector::const_iterator m = messages.begin(); - m != messages.end() && closeConnection == false; ++m) { - std::clog << ">>> REQUEST >>>>" << std::endl << *m - << std::endl << "<<<<<<<<<<<<<<<<" << std::endl; - std::list headers; - std::string filename; - bool sendContent = true; - if (parseFirstLine(client, *m, filename, sendContent, closeConnection) == false) - continue; - - // special webserver command request - if (filename.length() > 1 && filename[0] == '_') - { - std::vector parts = VectorizeString(filename, '/'); - if (parts[0] == "_config") - { - handleOnTheFlyReconfiguration(client, *m, parts); - continue; - } - } - - // string replacements in the requested filename - ::Configuration::Item const *Replaces = _config->Tree("aptwebserver::redirect::replace"); - if (Replaces != NULL) - { - std::string redirect = "/" + filename; - for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next) - redirect = SubstVar(redirect, I->Tag, I->Value); - redirect.erase(0,1); - if (redirect != filename) - { - sendRedirect(client, 301, redirect, *m, sendContent); - continue; - } - } - - ::Configuration::Item const *Overwrite = _config->Tree("aptwebserver::overwrite"); - if (Overwrite != NULL) - { - for (::Configuration::Item *I = Overwrite->Child; I != NULL; I = I->Next) - { - regex_t *pattern = new regex_t; - int const res = regcomp(pattern, I->Tag.c_str(), REG_EXTENDED | REG_ICASE | REG_NOSUB); - if (res != 0) - { - char error[300]; - regerror(res, pattern, error, sizeof(error)); - sendError(client, 500, *m, sendContent, error); - continue; - } - if (regexec(pattern, filename.c_str(), 0, 0, 0) == 0) - { - filename = _config->Find("aptwebserver::overwrite::" + I->Tag + "::filename", filename); - if (filename[0] == '/') - filename.erase(0,1); - regfree(pattern); - break; - } - regfree(pattern); - } - } - - // deal with the request - if (RealFileExists(filename) == true) - { - FileFd data(filename, FileFd::ReadOnly); - std::string condition = LookupTag(*m, "If-Modified-Since", ""); - if (condition.empty() == false) - { - time_t cache; - if (RFC1123StrToTime(condition.c_str(), cache) == true && - cache >= data.ModificationTime()) - { - sendHead(client, 304, headers); - continue; - } - } - - if (_config->FindB("aptwebserver::support::range", true) == true) - condition = LookupTag(*m, "Range", ""); - else - condition.clear(); - if (condition.empty() == false && strncmp(condition.c_str(), "bytes=", 6) == 0) - { - time_t cache; - std::string ifrange; - if (_config->FindB("aptwebserver::support::if-range", true) == true) - ifrange = LookupTag(*m, "If-Range", ""); - bool validrange = (ifrange.empty() == true || - (RFC1123StrToTime(ifrange.c_str(), cache) == true && - cache <= data.ModificationTime())); - - // FIXME: support multiple byte-ranges (APT clients do not do this) - if (condition.find(',') == std::string::npos) - { - size_t start = 6; - unsigned long long filestart = strtoull(condition.c_str() + start, NULL, 10); - // FIXME: no support for last-byte-pos being not the end of the file (APT clients do not do this) - size_t dash = condition.find('-') + 1; - unsigned long long fileend = strtoull(condition.c_str() + dash, NULL, 10); - unsigned long long filesize = data.FileSize(); - if ((fileend == 0 || (fileend == filesize && fileend >= filestart)) && - validrange == true) - { - if (filesize > filestart) - { - data.Skip(filestart); - std::ostringstream contentlength; - contentlength << "Content-Length: " << (filesize - filestart); - headers.push_back(contentlength.str()); - std::ostringstream contentrange; - contentrange << "Content-Range: bytes " << filestart << "-" - << filesize - 1 << "/" << filesize; - headers.push_back(contentrange.str()); - sendHead(client, 206, headers); - if (sendContent == true) - sendFile(client, data); - continue; - } - else - { - headers.push_back("Content-Length: 0"); - std::ostringstream contentrange; - contentrange << "Content-Range: bytes */" << filesize; - headers.push_back(contentrange.str()); - sendHead(client, 416, headers); - continue; - } - } - } - } + if (errno == EINTR) + continue; + _error->Errno("accept", "Couldn't accept client on socket %d", sock); + _error->DumpErrors(std::cerr); + return 6; + } - addFileHeaders(headers, data); - sendHead(client, 200, headers); - if (sendContent == true) - sendFile(client, data); - } - else if (DirectoryExists(filename) == true) - { - if (filename == "." || filename[filename.length()-1] == '/') - sendDirectoryListing(client, filename, *m, sendContent); - else - sendRedirect(client, 301, filename.append("/"), *m, sendContent); - } - else - sendError(client, 404, *m, sendContent); - } + pthread_attr_t attr; + if (pthread_attr_init(&attr) != 0 || pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED) != 0) + { + _error->Errno("pthread_attr", "Couldn't set detach attribute for a fresh thread to handle client %d on socket %d", client, sock); _error->DumpErrors(std::cerr); - messages.clear(); - if (closeConnection == true) - break; + close(client); + continue; } - std::clog << "CLOSE client " << client - << " on socket " << sock << std::endl; - close(client); + pthread_t tid; + // thats rather dirty, but we need to store the client socket somewhere safe + accepted_clients.push_front(client); + if (pthread_create(&tid, &attr, &handleClient, &(*accepted_clients.begin())) != 0) + { + _error->Errno("pthread_create", "Couldn't create a fresh thread to handle client %d on socket %d", client, sock); + _error->DumpErrors(std::cerr); + close(client); + continue; + } } pidfile.Close();
#NameSizeLast-Modified
dParent Directory--