diff --git a/README.md b/README.md index 384d570..12bf7d0 100644 --- a/README.md +++ b/README.md @@ -56,5 +56,4 @@ make distcheck ### To do -- max upload file size should be configurable - remove static strings, replace it by configurations diff --git a/antd-config.ini b/antd-config.ini index 8307a5e..575894b 100644 --- a/antd-config.ini +++ b/antd-config.ini @@ -101,9 +101,9 @@ audio/mpeg=mp3,mpeg ; specify a plugin for handling ; a file type ; lua page script -ls = lua-api +ls = lua ; pure lua script -lua = lua-api +lua = lua ; php and o ther scripting languages can be ; handled by the cgi plugin ; php = cgi \ No newline at end of file diff --git a/dist/antd-1.0.4b.tar.gz b/dist/antd-1.0.4b.tar.gz index a093714..f4b86d4 100644 Binary files a/dist/antd-1.0.4b.tar.gz and b/dist/antd-1.0.4b.tar.gz differ diff --git a/http_server.c b/http_server.c index 5f0228b..d2e44b8 100644 --- a/http_server.c +++ b/http_server.c @@ -494,7 +494,7 @@ void *resolve_request(void *data) } else { - i = HASHSIZE; + i = server_config.handlers->cap; break; } } @@ -536,6 +536,8 @@ void *resolve_request(void *data) else { task->type = HEAVY; + //TODO empty the buff + while (read_buf(rq->client, path, sizeof(path)) > 0);; task->handle = serve_file; } return task; @@ -638,6 +640,7 @@ void *serve_file(void *data) else*/ struct stat st; int s = stat(path, &st); + if(s == -1) { antd_error(rq->client, 404, "File not found"); @@ -758,7 +761,6 @@ void *decode_request_header(void *data) // ip address dput(xheader, "REMOTE_ADDR", (void *)strdup(((antd_client_t *)rq->client)->ip)); dput(xheader, "SERVER_PORT", (void *)__s("%d", ((antd_client_t *)rq->client)->port_config->port)); - //while((line = read_line(client)) && strcmp("\r\n",line)) while ((read_buf(rq->client, buf, sizeof(buf))) && strcmp("\r\n", buf)) { line = buf; @@ -779,6 +781,20 @@ void *decode_request_header(void *data) host = strdup(line); } } + // check for content length size + line = (char *)dvalue(xheader, "Content-Length"); + if (line) + { + int clen = atoi(line); + if(clen > server_config.max_upload_size) + { + antd_error(rq->client, 413, "Request body data is too large"); + // dirty fix, wait for message to be sent + // 100 ms sleep + usleep(100000); + return antd_create_task(NULL, (void *)rq, NULL,rq->client->last_io);; + } + } //if(line) free(line); memset(buf, 0, sizeof(buf)); strcat(buf, url); @@ -879,7 +895,6 @@ void *decode_post_request(void *data) } else if (strstr(ctype, FORM_MULTI_PART)) { - //printf("Multi part form : %s\n", ctype); free(task); return decode_multi_part_request(rq, ctype); } @@ -975,9 +990,9 @@ dictionary_t decode_cookie(const char *line) void *decode_multi_part_request(void *data, const char *ctype) { char *boundary; - char *line; - char *str_copy = strdup(ctype); - char *orgcpy = str_copy; + char line[BUFFLEN]; + char *str_copy = (char*)ctype; + int len; antd_request_t *rq = (antd_request_t *)data; antd_task_t *task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; @@ -990,18 +1005,12 @@ void *decode_multi_part_request(void *data, const char *ctype) trim(boundary, ' '); dput(rq->request, "MULTI_PART_BOUNDARY", strdup(boundary)); //find first boundary - while ((line = read_line(rq->client)) && !strstr(line, boundary)) - { - if (line) - free(line); - } - if (line) + while (( (len = read_buf(rq->client, line, sizeof(line))) > 0 ) && !strstr(line, boundary)); + if (len > 0) { task->handle = decode_multi_part_request_data; - free(line); } } - free(orgcpy); task->type = HEAVY; return task; } @@ -1009,12 +1018,12 @@ void *decode_multi_part_request_data(void *data) { // loop through each part separated by the boundary char *line; - char *orgline; char *part_name = NULL; char *part_file = NULL; char *file_path; char buf[BUFFLEN]; char *field; + int len; //dictionary dic = NULL; FILE *fp = NULL; char *token, *keytoken, *valtoken; @@ -1023,22 +1032,15 @@ void *decode_multi_part_request_data(void *data) task->priority++; char *boundary = (char *)dvalue(rq->request, "MULTI_PART_BOUNDARY"); dictionary_t dic = (dictionary_t)dvalue(rq->request, "REQUEST_DATA"); - char *boundend = __s("%s--", boundary); // search for content disposition: - while ((line = read_line(rq->client)) && - !strstr(line, "Content-Disposition:")) + while ( ( (len = read_buf(rq->client, buf, sizeof(buf))) > 0 ) && !strstr(buf, "Content-Disposition:"));; + + if (len <= 0 || !strstr(buf, "Content-Disposition:")) { - free(line); - line = NULL; - } - if (!line || !strstr(line, "Content-Disposition:")) - { - if (line) - free(line); - free(boundend); return task; } - orgline = line; + char *boundend = __s("%s--", boundary); + line = buf; // extract parameters from header while ((token = strsep(&line, ";"))) { @@ -1064,40 +1066,36 @@ void *decode_multi_part_request_data(void *data) } } } - free(orgline); line = NULL; // get the binary data if (part_name != NULL) { // go to the beginning of data bock - while ((line = read_line(rq->client)) && strcmp(line, "\r\n") != 0) - { - free(line); - line = NULL; - } - if (line) - { - free(line); - line = NULL; - } + while ((len = read_buf(rq->client, buf, sizeof(buf))) > 0 && strcmp(buf, "\r\n") != 0);; + if (part_file == NULL) { /** + * WARNING: * This allow only 1024 bytes of data (max), * out of this range, the data is cut out. * Need an efficient way to handle this */ - line = read_line(rq->client); - trim(line, '\n'); - trim(line, '\r'); - trim(line, ' '); - dput(dic, part_name, line); - // find the next boundary - while ((line = read_line(rq->client)) && !strstr(line, boundary)) + len = read_buf(rq->client, buf, sizeof(buf)); + if(len > 0) { - free(line); - line = NULL; + line = buf; + trim(line, '\n'); + trim(line, '\r'); + trim(line, ' '); + dput(dic, part_name, strdup(line)); } + // find the next boundary + while ((len = read_buf(rq->client, buf, sizeof(buf))) > 0 && !strstr(buf, boundary)) + { + line = buf; + } + } else { @@ -1121,7 +1119,7 @@ void *decode_multi_part_request_data(void *data) int stat = ftruncate(fileno(fp), totalsize); UNUSED(stat); fclose(fp); - line = strdup(buf); + line = buf; field = __s("%s.file", part_name); dput(dic, field, strdup(part_file)); @@ -1150,7 +1148,6 @@ void *decode_multi_part_request_data(void *data) if (line && strstr(line, boundend)) { //LOG("End request %s", boundend); - free(line); free(boundend); return task; } @@ -1160,7 +1157,6 @@ void *decode_multi_part_request_data(void *data) task->type = HEAVY; task->handle = decode_multi_part_request_data; } - free(line); free(boundend); return task; } diff --git a/lib/handle.c b/lib/handle.c index c880baf..11d25c7 100644 --- a/lib/handle.c +++ b/lib/handle.c @@ -670,17 +670,7 @@ int ws_enable(dictionary_t dic) if(!v) return 0; return atoi(v) == 1; } -/** - * read the request as a string line format - * @param sock socket - * @return a request string - */ -char* read_line(void* sock) -{ - char buf[BUFFLEN]; - read_buf(sock,buf,sizeof(buf)); - return strdup(buf); -} + /** * Read the socket request in to a buffer or size * The data is read until the buffer is full or diff --git a/lib/handle.h b/lib/handle.h index 379a565..6ec30bd 100644 --- a/lib/handle.h +++ b/lib/handle.h @@ -116,7 +116,6 @@ int upload(const char*, const char*); void antd_error(void* client, int status, const char* msg); int ws_enable(dictionary_t); -char* read_line(void* sock); int read_buf(void* sock,char* buf,int i); int antd_send( void *source, const void* data, int len); int antd_recv( void *source, void* data, int len); diff --git a/lib/scheduler.c b/lib/scheduler.c index 85e45a7..27eff45 100644 --- a/lib/scheduler.c +++ b/lib/scheduler.c @@ -53,7 +53,7 @@ static antd_task_item_t dequeue(antd_task_queue_t* q) } -static antd_callback_t* callback_of( void* (*callback)(void*) ) +antd_callback_t* callback_of( void* (*callback)(void*) ) { antd_callback_t* cb = NULL; if(callback) diff --git a/lib/scheduler.h b/lib/scheduler.h index 687a6b3..df2612d 100644 --- a/lib/scheduler.h +++ b/lib/scheduler.h @@ -135,4 +135,5 @@ wait for event */ void antd_wait(antd_scheduler_t *); +antd_callback_t* callback_of( void* (*callback)(void*) ); #endif \ No newline at end of file