#include "http_server.h" #include "lib/h2.h" //define all basic mime here static mime_t _mimes[] = { {"image/bmp","bmp"}, {"image/jpeg","jpg,jpeg"}, {"text/css","css"}, {"text/markdown","md"}, {"text/csv","csv"}, {"application/pdf","pdf"}, {"image/gif","gif"}, {"text/html","html"}, {"application/json","json"}, {"application/javascript","js"}, {"image/png","png"}, {"text/plain","txt"}, {"application/xhtml+xml","xhtml"}, {"application/xml","xml"}, {"image/svg+xml","svg"}, {NULL,NULL} }; static pthread_mutex_t server_mux = PTHREAD_MUTEX_INITIALIZER; config_t server_config; config_t *config() { return &server_config; } void error_log(const char* fmt, ...) { if(server_config.errorfp) { va_list arguments; char * data; va_start( arguments, fmt); int dlen = vsnprintf(0,0,fmt,arguments) + 1; va_end(arguments); if ((data = (char*)malloc(dlen*sizeof(char))) != 0) { char buf[64]; server_time(buf,64); fwrite(buf,strlen(buf),1,server_config.errorfp); va_start(arguments, fmt); vsnprintf(data, dlen, fmt, arguments); va_end(arguments); fwrite(data,dlen,1,server_config.errorfp); fflush(server_config.errorfp); free(data); } } } #ifdef DEBUG void server_log(const char* fmt, ...) { if(server_config.logfp) { va_list arguments; char * data; va_start( arguments, fmt); int dlen = vsnprintf(0,0,fmt,arguments) + 1; va_end(arguments); if ((data = (char*)malloc(dlen*sizeof(char))) != 0) { char buf[64]; server_time(buf,64); fwrite(buf,strlen(buf),1,server_config.logfp); va_start(arguments, fmt); vsnprintf(data, dlen, fmt, arguments); va_end(arguments); fwrite(data,dlen,1,server_config.logfp); fflush(server_config.logfp); free(data); } } } #endif void destroy_config() { freedict(server_config.handlers); if (server_config.plugins_dir) free(server_config.plugins_dir); if (server_config.plugins_ext) free(server_config.plugins_ext); if (server_config.db_path) free(server_config.db_path); if (server_config.tmpdir) free(server_config.tmpdir); if(server_config.ssl_cipher) free(server_config.ssl_cipher); if(server_config.gzip_types) list_free(&server_config.gzip_types); if(server_config.errorfp) { fclose(server_config.errorfp); } #ifdef DEBUG if(server_config.logfp) { fclose(server_config.logfp); } #endif if(server_config.mimes) freedict(server_config.mimes); if(server_config.ports) { chain_t it; port_config_t* cnf; for_each_assoc(it, server_config.ports) { cnf = (port_config_t*)it->value; if(cnf && cnf->htdocs) free(cnf->htdocs); if(cnf->sock > 0) { close(cnf->sock); } freedict(cnf->rules); } freedict(server_config.ports); } LOG("Unclosed connection: %d", server_config.connection); } static int config_handler(void *conf, const char *section, const char *name, const char *value) { config_t *pconfig = (config_t *)conf; regmatch_t port_matches[2]; //trim(section, ' '); //trim(value,' '); //trim(name,' '); //char * ppath = NULL; if (MATCH("SERVER", "plugins")) { pconfig->plugins_dir = strdup(value); } else if (MATCH("SERVER", "plugins_ext")) { pconfig->plugins_ext = strdup(value); } else if (MATCH("SERVER", "database")) { pconfig->db_path = strdup(value); } else if (MATCH("SERVER", "tmpdir")) { pconfig->tmpdir = strdup(value); } else if (MATCH("SERVER", "max_upload_size")) { pconfig->max_upload_size = atoi(value); } else if (MATCH("SERVER", "maxcon")) { pconfig->maxcon = atoi(value); } else if (MATCH("SERVER", "backlog")) { pconfig->backlog = atoi(value); } else if (MATCH("SERVER", "workers")) { pconfig->n_workers = atoi(value); } else if (MATCH("SERVER", "error_log")) { pconfig->errorfp = fopen(value, "w"); } #ifdef USE_ZLIB else if (MATCH("SERVER", "gzip_enable")) { pconfig->gzip_enable = atoi(value); } else if (MATCH("SERVER", "gzip_types")) { pconfig->gzip_types = split(value,","); } #endif #ifdef DEBUG else if (MATCH("SERVER", "server_log")) { pconfig->logfp = fopen(value, "w"); } #endif #ifdef USE_OPENSSL else if (MATCH("SERVER", "ssl.cert")) { pconfig->sslcert = strdup(value); } else if (MATCH("SERVER", "ssl.key")) { pconfig->sslkey = strdup(value); } else if(MATCH("SERVER","ssl.cipher")) { pconfig->ssl_cipher = strdup(value); } #endif else if (strcmp(section, "FILEHANDLER") == 0) { dput(pconfig->handlers, name, strdup(value)); } else if (strcmp(section, "AUTOSTART") == 0 || strcmp(section, "AUTOLOAD") == 0) { // The server section must be added before the autostart section // auto start plugin plugin_load((char *)value); } else if(strcmp(section, "MIMES") == 0) { dput(pconfig->mimes,name,strdup(value)); } else if( regex_match("PORT:\\s*([0-9]+)", section, 2, port_matches) ) { char buf[20]; memset(buf, '\0', sizeof(buf)); memcpy(buf, section + port_matches[1].rm_so, port_matches[1].rm_eo - port_matches[1].rm_so); port_config_t* p = dvalue(pconfig->ports,buf); if(!p) { p = (port_config_t*) malloc( sizeof(port_config_t)); p->htdocs = NULL; p->sock = -1; p->rules = dict(); dput(pconfig->ports,buf, p); p->port = atoi(buf); } if(strcmp(name, "htdocs") == 0) { p->htdocs = strdup(value); } else if(strcmp(name, "ssl.enable") == 0) { p->usessl = atoi(value); if(p->usessl) pconfig->enable_ssl = 1; } else { // other thing should be rules dput(p->rules, name, strdup(value)); } } else { return 0; /* unknown section/name, error */ } return 1; } void init_file_system() { struct stat st; port_config_t* pcnf; chain_t it; if (stat(server_config.plugins_dir, &st) == -1) mkdirp(server_config.plugins_dir, 0755); if (stat(server_config.db_path, &st) == -1) mkdirp(server_config.db_path, 0755); for_each_assoc(it, server_config.ports) { pcnf = (port_config_t*) it->value; if (stat(pcnf->htdocs, &st) == -1) { mkdirp(pcnf->htdocs, 0755); } } if (stat(server_config.tmpdir, &st) == -1) mkdirp(server_config.tmpdir, 0755); else { removeAll(server_config.tmpdir, 0); } } void load_config(const char *file) { server_config.ports = dict(); server_config.plugins_dir = "plugins/"; server_config.plugins_ext = ".dylib"; server_config.db_path = "databases/"; //server_config.htdocs = "htdocs/"; server_config.tmpdir = "tmp/"; server_config.n_workers = 4; server_config.backlog = 1000; server_config.handlers = dict(); server_config.maxcon = 100; server_config.max_upload_size = 10000000; //10Mb server_config.connection = 0; server_config.errorfp = NULL; server_config.logfp = NULL; server_config.mimes = dict(); server_config.enable_ssl = 0; server_config.sslcert = "cert.pem"; server_config.sslkey = "key.pem"; server_config.ssl_cipher = NULL; server_config.gzip_enable = 0; server_config.gzip_types = NULL; // put it default mimes for(int i = 0; _mimes[i].type != NULL; i++) { dput_static(server_config.mimes,_mimes[i].type, (void*)_mimes[i].ext); } if (ini_parse(file, config_handler, &server_config) < 0) { ERROR("Can't load '%s'. Used defaut configuration", file); } else { LOG("Using configuration : %s", file); #ifdef USE_OPENSSL LOG("SSL enable %d", server_config.enable_ssl); LOG("SSL cert %s", server_config.sslcert); LOG("SSL key %s", server_config.sslkey); /*if(!server_config.ssl_cipher) LOG("SSL Cipher suite: %s", "HIGH"); else LOG("SSL Cipher suite: %s", server_config.ssl_cipher);*/ #endif } LOG("%d mimes entries found", server_config.mimes->size); init_file_system(); } void *accept_request(void *data) { antd_task_t *task; antd_request_t *rq = (antd_request_t *)data; task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; fd_set read_flags, write_flags; // first verify if the socket is ready antd_client_t *client = (antd_client_t *)rq->client; FD_ZERO(&read_flags); FD_SET(rq->client->sock, &read_flags); FD_ZERO(&write_flags); FD_SET(rq->client->sock, &write_flags); struct timeval timeout; timeout.tv_sec = 0; timeout.tv_usec = 500; // select int sel = select(client->sock + 1, &read_flags, &write_flags, (fd_set *)0, &timeout); if (sel == -1) { antd_error(rq->client, 400, "Bad request"); return task; } if (sel == 0 || (!FD_ISSET(client->sock, &read_flags) && !FD_ISSET(client->sock, &write_flags))) { task->handle = accept_request; return task; } // perform the ssl handshake if enabled #ifdef USE_OPENSSL int ret = -1, stat; if (client->ssl && !(client->flags & CLIENT_FL_ACCEPTED) ) { //LOG("Atttempt %d\n", client->attempt); if (SSL_accept((SSL *)client->ssl) == -1) { stat = SSL_get_error((SSL *)client->ssl, ret); switch (stat) { case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_WRITE: case SSL_ERROR_NONE: task->handle = accept_request; return task; default: ERROR("Error performing SSL handshake %d %d %s", stat, ret, ERR_error_string(ERR_get_error(), NULL)); antd_error(rq->client, 400, "Invalid SSL request"); ERR_print_errors_fp(stderr); return task; } } client->flags |= CLIENT_FL_ACCEPTED; task->handle = accept_request; //LOG("Handshake finish for %d\n", client->sock); return task; } else { if (!FD_ISSET(client->sock, &read_flags)) { client->flags |= CLIENT_FL_ACCEPTED; task->handle = accept_request; return task; } } #endif //printf("Flag: %d\n", client->flags); // now return the task base on the http version if(client->flags & CLIENT_FL_HTTP_1_1) { task->handle = decode_request_header; } else { task->handle = antd_h2_preface_ck; } return task; } void *resolve_request(void *data) { struct stat st; char path[2 * BUFFLEN]; antd_request_t *rq = (antd_request_t *)data; antd_task_t *task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; char *url = (char *)dvalue(rq->request, "RESOURCE_PATH"); char *newurl = NULL; char *rqp = NULL; char *oldrqp = NULL; htdocs(rq, path); strcat(path, url); //LOG("Path is : %s", path); //if (path[strlen(path) - 1] == '/') // strcat(path, "index.html"); if (stat(path, &st) == -1) { free(task); rqp = strdup((char *)dvalue(rq->request, "REQUEST_PATH")); oldrqp = rqp; trim(rqp, '/'); newurl = strsep(&rqp, "/"); if (!rqp) rqp = strdup("/"); else rqp = strdup(rqp); dput(rq->request, "RESOURCE_PATH", rqp); task = execute_plugin(rq, newurl); free(oldrqp); return task; } else { if (S_ISDIR(st.st_mode)) { strcat(path, "/index.html"); if (stat(path, &st) == -1) { chain_t it; for_each_assoc(it, server_config.handlers) { newurl = __s("%s/index.%s", url, it->key); memset(path, 0, sizeof(path)); htdocs(rq,path); strcat(path, newurl); if (stat(path, &st) != 0) { free(newurl); newurl = NULL; } else { i = server_config.handlers->cap; break; } } if (!newurl) { antd_error(rq->client, 404, "Resource Not Found"); return task; } //if(url) free(url); this is freed in the dput function url = newurl; dput(rq->request, "RESOURCE_PATH", url); } } dput(rq->request, "ABS_RESOURCE_PATH", strdup(path)); // check if the mime is supported // if the mime is not supported // find an handler plugin to process it // if the plugin is not found, forbidden access to the file should be sent char *mime_type = mime(path); dput_static(rq->request, "RESOURCE_MIME", mime_type); if (strcmp(mime_type, "application/octet-stream") == 0) { char *ex = ext(path); //printf("Path: %s\n", path); char *h = NULL; if (ex) { h = dvalue(server_config.handlers, ex); free(ex); } if (h) { //sprintf(path,"/%s%s",h,url); //LOG("WARNING::::Access octetstream via handle %s", h); //if(execute_plugin(client,buf,method,rq) < 0) // cannot_execute(client); free(task); return execute_plugin(rq, h); } else antd_error(rq->client, 403, "Access forbidden"); } else { task->type = HEAVY; // discard all request data dictionary_t headers = (dictionary_t) dvalue(rq->request, "REQUEST_HEADER"); if(headers) { char * sclen = (char *)dvalue(headers, "Content-Length"); unsigned clen = 0; unsigned read = 0; int count; if(sclen) { clen = atoi(sclen); while (read < clen) { count = antd_recv(rq->client, path, sizeof(path) < clen ? sizeof(path): clen ); if(count <= 0) break; read += count; } } } task->handle = serve_file; } return task; } } void *finish_request(void *data) { destroy_request(data); server_config.connection--; LOG("Remaining connection %d", server_config.connection); return NULL; } int rule_check(const char *k, const char *v, const char *host, const char *_url, const char *_query, char *buf) { // first perfom rule check on host, if not success, perform on url regmatch_t key_matches[10]; regmatch_t val_matches[2]; char *query = strdup(_query); char *url = strdup(_url); int ret; char *target; char *tmp, rep[10]; int idx = 0; memset(rep, 0, 10); // 1 group if (!host || !(ret = regex_match(k, host, 10, key_matches))) { target = url; ret = regex_match(k, url, 10, key_matches); } else target = (char *)host; if (!ret) { free(url); free(query); return 0; } tmp = (char *)v; char *search = "<([a-zA-Z0-9]+)>"; //printf("match again %s\n",tmp); while ((ret = regex_match(search, tmp, 2, val_matches))) { memcpy(buf + idx, tmp, val_matches[1].rm_so - 1); idx += val_matches[1].rm_so - 1; memcpy(rep, tmp + val_matches[1].rm_so, val_matches[1].rm_eo - val_matches[1].rm_so); if (strcasecmp(rep, "url") == 0) { memcpy(buf + idx, url, strlen(url)); idx += strlen(url); } else if (strcasecmp(rep, "query") == 0) { memcpy(buf + idx, query, strlen(query)); idx += strlen(query); } else if (match_int(rep)) { int i = atoi(rep); memcpy(buf + idx, target + key_matches[i].rm_so, key_matches[i].rm_eo - key_matches[i].rm_so); idx += key_matches[i].rm_eo - key_matches[i].rm_so; } else { // just keep it memcpy(buf + idx, tmp + val_matches[1].rm_so - 1, val_matches[1].rm_eo + 2 - val_matches[1].rm_so); idx += val_matches[1].rm_eo + 2 - val_matches[1].rm_so; } tmp += val_matches[1].rm_eo + 1; //break; } // now modify the match 2 group if (idx > 0) { if (tmp) { // copy the remainning of tmp memcpy(buf + idx, tmp, strlen(tmp)); idx += strlen(tmp); } buf[idx] = '\0'; } free(url); free(query); return 1; } void *serve_file(void *data) { antd_request_t *rq = (antd_request_t *)data; antd_task_t *task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; char *path = (char *)dvalue(rq->request, "ABS_RESOURCE_PATH"); char *mime_type = (char *)dvalue(rq->request, "RESOURCE_MIME"); struct stat st; int s = stat(path, &st); if(s == -1) { antd_error(rq->client, 404, "File not found"); } else { // check if it is modified dictionary_t header = (dictionary_t)dvalue(rq->request, "REQUEST_HEADER"); char * last_modif_since = (char*)dvalue(header, "If-Modified-Since"); time_t t = st.st_ctime; struct tm tm; if(last_modif_since) { strptime(last_modif_since, "%a, %d %b %Y %H:%M:%S GMT", &tm); t = timegm(&tm); //t = mktime(localtime(&t)); } if(last_modif_since && st.st_ctime == t) { // return the not changed antd_error(rq->client,304, ""); } else { int size = (int)st.st_size; char ibuf[64]; snprintf (ibuf, sizeof(ibuf), "%d",size); antd_response_header_t rhd; rhd.cookie = NULL; rhd.status = 200; rhd.header = dict(); dput_static(rhd.header, "Content-Type", mime_type); #ifdef USE_ZLIB if(!compressable(mime_type) || rq->client->z_level == ANTD_CNONE) #endif dput(rhd.header, "Content-Length", strdup(ibuf)); gmtime_r(&st.st_ctime, &tm); strftime(ibuf, 255, "%a, %d %b %Y %H:%M:%S GMT", &tm); dput(rhd.header, "Last-Modified", strdup(ibuf)); dput_static(rhd.header, "Cache-Control", "no-cache"); antd_send_header(rq->client, &rhd); __f(rq->client, path); } } return task; } int startup(unsigned *port) { int httpd = 0; struct sockaddr_in name; httpd = socket(PF_INET, SOCK_STREAM, 0); if (httpd == -1) { ERROR("Port %d - socket: %s", *port, strerror(errno)); return -1; } memset(&name, 0, sizeof(name)); name.sin_family = AF_INET; name.sin_port = htons(*port); name.sin_addr.s_addr = htonl(INADDR_ANY); if (bind(httpd, (struct sockaddr *)&name, sizeof(name)) < 0) { ERROR("Port %d -bind: %s", *port, strerror(errno)); return -1; } if (*port == 0) /* if dynamically allocating a port */ { socklen_t namelen = sizeof(name); if (getsockname(httpd, (struct sockaddr *)&name, &namelen) == -1) { ERROR("Port %d - getsockname: %s", *port, strerror(errno)); return -1; } *port = ntohs(name.sin_port); } LOG("back log is %d", server_config.backlog); if (listen(httpd, server_config.backlog) < 0) { ERROR("Port %d - listen: %s", *port, strerror(errno)); return -1; } return (httpd); } char *apply_rules(dictionary_t rules, const char *host, char *url) { // rule check char *query_string = url; while ((*query_string != '?') && (*query_string != '\0')) query_string++; if (*query_string == '?') { *query_string = '\0'; query_string++; } //char* oldurl = strdup(url); chain_t it; char* k; char* v; for_each_assoc(it, rules) { k = it->key; v = (char*)it->value; // 1 group if (rule_check(k, v, host, url, query_string, url)) { query_string = url; while ((*query_string != '?') && (*query_string != '\0')) query_string++; if (*query_string == '?') { *query_string = '\0'; query_string++; } } } return strdup(query_string); } /** * Decode the HTTP request header */ void *decode_request_header(void *data) { antd_request_t *rq = (antd_request_t *)data; dictionary_t cookie = NULL; char *line; char *token; char *query = NULL; char *host = NULL; char buf[2 * BUFFLEN]; // read the first line //server_config.connection++; read_buf(rq->client, buf, sizeof(buf)); line = buf; trim(line, '\n'); trim(line, '\r'); // get the method string token = strsep(&line, " "); if (!line) { //LOG("No method found"); antd_error(rq->client, 405, "No method found"); return antd_create_task(NULL, (void *)rq, NULL,rq->client->last_io); } trim(token, ' '); trim(line, ' '); dput(rq->request, "METHOD", strdup(token)); // get the request token = strsep(&line, " "); if (!line) { //LOG("No request found"); antd_error(rq->client, 400, "Bad request"); return antd_create_task(NULL, (void *)rq, NULL,rq->client->last_io); } trim(token, ' '); trim(line, ' '); trim(line, '\n'); trim(line, '\r'); dput(rq->request, "PROTOCOL", strdup(line)); dput(rq->request, "REQUEST_QUERY", strdup(token)); line = token; token = strsep(&line, "?"); dput(rq->request, "REQUEST_PATH", url_decode(token)); char *url = (char *)dvalue(rq->request, "REQUEST_QUERY"); dictionary_t xheader = dvalue(rq->request, "REQUEST_HEADER"); dictionary_t request = dvalue(rq->request, "REQUEST_DATA"); char* port_s = (char*) dvalue(xheader, "SERVER_PORT"); port_config_t* pcnf = (port_config_t*)dvalue(server_config.ports, port_s); // this for check if web socket is enabled while ((read_buf(rq->client, buf, sizeof(buf))) && strcmp("\r\n", buf)) { line = buf; trim(line, '\n'); trim(line, '\r'); token = strsep(&line, ":"); trim(token, ' '); trim(line, ' '); if (token && line && strlen(line) > 0) { verify_header(token); dput(xheader, token, strdup(line)); } if (token != NULL && strcasecmp(token, "Cookie") == 0) { if(!cookie) { cookie = dict(); } decode_cookie(line, cookie); } else if (token != NULL && strcasecmp(token, "Host") == 0) { host = strdup(line); } } // check for content length size line = (char *)dvalue(xheader, "Content-Length"); if (line) { int clen = atoi(line); if(clen > server_config.max_upload_size) { antd_error(rq->client, 413, "Request body data is too large"); // dirty fix, wait for message to be sent // 100 ms sleep usleep(100000); return antd_create_task(NULL, (void *)rq, NULL,rq->client->last_io);; } } #ifdef USE_ZLIB // check for gzip line = (char *)dvalue(xheader, "Accept-Encoding"); if(line) { if(regex_match("gzip",line,0, NULL)) { rq->client->z_level = ANTD_CGZ; } else if(regex_match("deflate", line, 0, NULL)) { rq->client->z_level = ANTD_CDEFL; } else { rq->client->z_level = ANTD_CNONE; } } else { rq->client->z_level = ANTD_CNONE; } #endif //if(line) free(line); memset(buf, 0, sizeof(buf)); strcat(buf, url); LOG("Original query: %s", url); query = apply_rules(pcnf->rules, host, buf); LOG("Processed query: %s", query); dput(rq->request, "RESOURCE_PATH", url_decode(buf)); if (query) { decode_url_request(query, request); free(query); } if (cookie) dput(rq->request, "COOKIE", cookie); if (host) free(host); // header ok, now checkmethod antd_task_t *task = antd_create_task(decode_request, (void *)rq, NULL,rq->client->last_io); task->priority++; return task; } void *decode_request(void *data) { antd_request_t *rq = (antd_request_t *)data; dictionary_t headers = dvalue(rq->request, "REQUEST_HEADER"); int ws = 0; char *ws_key = NULL; char *method = NULL; char *tmp; antd_task_t *task = NULL; ws_key = (char *)dvalue(headers, "Sec-WebSocket-Key"); tmp = (char *)dvalue(headers, "Upgrade"); if (tmp && strcasecmp(tmp, "websocket") == 0) ws = 1; method = (char *)dvalue(rq->request, "METHOD"); task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; if (strcmp(method, "GET") == 0 || strcmp(method, "HEAD") == 0) { //if(ctype) free(ctype); if (ws && ws_key != NULL) { ws_confirm_request(rq->client, ws_key); // insert wsocket flag to request // plugin should handle this ugraded connection // not the server dput_static(rq->request, "__web_socket__", "1"); } // resolve task task->handle = resolve_request; return task; } else if (strcmp(method, "POST") == 0) { task->handle = resolve_request; //task->type = HEAVY; return task; } else { antd_error(rq->client,501, "Request Method Not Implemented"); return task; } } void *decode_post_request(void *data) { antd_request_t *rq = (antd_request_t *)data; dictionary_t request = dvalue(rq->request, "REQUEST_DATA"); dictionary_t headers = dvalue(rq->request, "REQUEST_HEADER"); char *ctype = NULL; int clen = -1; char *tmp; antd_task_t *task = NULL; ctype = (char *)dvalue(headers, "Content-Type"); tmp = (char *)dvalue(headers, "Content-Length"); if (tmp) clen = atoi(tmp); char *method = (char *)dvalue(rq->request, "METHOD"); task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; task->type = HEAVY; if (!method || strcmp(method, "POST") != 0) return task; if (ctype == NULL || clen == -1) { antd_error(rq->client, 400, "Bad Request, missing content description"); return task; } // decide what to do with the data if (strstr(ctype, FORM_URL_ENCODE)) { char *pquery = post_data_decode(rq->client, clen); decode_url_request(pquery, request); free(pquery); } else if (strstr(ctype, FORM_MULTI_PART)) { free(task); return decode_multi_part_request(rq, ctype); } else { char *pquery = post_data_decode(rq->client, clen); char *key = strstr(ctype, "/"); if (key) key++; else key = ctype; if(pquery) { dput(request, key, pquery); //free(pquery); } } return task; } /** * Send header to the client to confirm * that the websocket is accepted by * our server */ void ws_confirm_request(void *client, const char *key) { char buf[256]; char rkey[128]; char sha_d[20]; char base64[64]; strcpy(rkey, key); strcat(rkey, WS_MAGIC_STRING); //printf("RESPONDKEY '%s'\n", rkey); #ifdef USE_OPENSSL SHA_CTX context; #else SHA1_CTX context; #endif SHA1_Init(&context); SHA1_Update(&context, rkey, strlen(rkey)); SHA1_Final((uint8_t *)sha_d, &context); Base64encode(base64, sha_d, 20); //printf("Base 64 '%s'\n", base64); // send accept to client sprintf(buf, "HTTP/1.1 101 Switching Protocols\r\n"); antd_send(client, buf, strlen(buf)); sprintf(buf, "Upgrade: websocket\r\n"); antd_send(client, buf, strlen(buf)); sprintf(buf, "Connection: Upgrade\r\n"); antd_send(client, buf, strlen(buf)); sprintf(buf, "Sec-WebSocket-Accept: %s\r\n", base64); antd_send(client, buf, strlen(buf)); sprintf(buf, "\r\n"); antd_send(client, buf, strlen(buf)); LOG("%s", "Websocket is now enabled for plugin"); } /** * Decode the cookie header to a dictionary * @param client The client socket * @return The Dictionary socket or NULL */ void decode_cookie(const char *line, dictionary_t dic) { char *token, *token1; char *cpstr = strdup(line); char *orgcpy = cpstr; trim(cpstr, ' '); trim(cpstr, '\n'); trim(cpstr, '\r'); while ((token = strsep(&cpstr, ";"))) { trim(token, ' '); token1 = strsep(&token, "="); if (token1 && token && strlen(token) > 0) { dput(dic, token1, strdup(token)); } } free(orgcpy); } /** * Decode the multi-part form data from the POST request * If it is a file upload, copy the file to tmp dir */ void *decode_multi_part_request(void *data, const char *ctype) { char *boundary; char line[BUFFLEN]; char *str_copy = (char*)ctype; int len; antd_request_t *rq = (antd_request_t *)data; antd_task_t *task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; //dictionary dic = NULL; boundary = strsep(&str_copy, "="); //discard first part boundary = str_copy; if (boundary && strlen(boundary) > 0) { //dic = dict(); trim(boundary, ' '); dput(rq->request, "MULTI_PART_BOUNDARY", strdup(boundary)); //find first boundary while (( (len = read_buf(rq->client, line, sizeof(line))) > 0 ) && !strstr(line, boundary)); if (len > 0) { task->handle = decode_multi_part_request_data; } } task->type = HEAVY; return task; } void *decode_multi_part_request_data(void *data) { // loop through each part separated by the boundary char *line; char *part_name = NULL; char *part_file = NULL; char *file_path; char buf[BUFFLEN]; char *field; int len; //dictionary dic = NULL; FILE *fp = NULL; char *token, *keytoken, *valtoken; antd_request_t *rq = (antd_request_t *)data; antd_task_t *task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; char *boundary = (char *)dvalue(rq->request, "MULTI_PART_BOUNDARY"); dictionary_t dic = (dictionary_t)dvalue(rq->request, "REQUEST_DATA"); // search for content disposition: while ( ( (len = read_buf(rq->client, buf, sizeof(buf))) > 0 ) && !strstr(buf, "Content-Disposition:"));; if (len <= 0 || !strstr(buf, "Content-Disposition:")) { return task; } char *boundend = __s("%s--", boundary); line = buf; // extract parameters from header while ((token = strsep(&line, ";"))) { keytoken = strsep(&token, "="); if (keytoken && strlen(keytoken) > 0) { trim(keytoken, ' '); valtoken = strsep(&token, "="); if (valtoken) { trim(valtoken, ' '); trim(valtoken, '\n'); trim(valtoken, '\r'); trim(valtoken, '\"'); if (strcmp(keytoken, "name") == 0) { part_name = strdup(valtoken); } else if (strcmp(keytoken, "filename") == 0) { part_file = strdup(valtoken); } } } } line = NULL; // get the binary data if (part_name != NULL) { // go to the beginning of data bock while ((len = read_buf(rq->client, buf, sizeof(buf))) > 0 && strcmp(buf, "\r\n") != 0);; if (part_file == NULL) { /** * WARNING: * This allow only 1024 bytes of data (max), * out of this range, the data is cut out. * Need an efficient way to handle this */ len = read_buf(rq->client, buf, sizeof(buf)); if(len > 0) { line = buf; trim(line, '\n'); trim(line, '\r'); trim(line, ' '); dput(dic, part_name, strdup(line)); } // find the next boundary while ((len = read_buf(rq->client, buf, sizeof(buf))) > 0 && !strstr(buf, boundary)) { line = buf; } } else { file_path = __s("%s%s.%u", server_config.tmpdir, part_file, (unsigned)time(NULL)); fp = fopen(file_path, "wb"); if (fp) { int totalsize = 0, len = 0; //read until the next boundary // TODO: this is not efficient for big file // need a solution while ((len = read_buf(rq->client, buf, sizeof(buf))) > 0 && !strstr(buf, boundary)) { fwrite(buf, len, 1, fp); totalsize += len; } //remove \r\n at the end fseek(fp, 0, SEEK_SET); //fseek(fp,-2, SEEK_CUR); totalsize -= 2; int stat = ftruncate(fileno(fp), totalsize); UNUSED(stat); fclose(fp); line = buf; field = __s("%s.file", part_name); dput(dic, field, strdup(part_file)); free(field); field = __s("%s.tmp", part_name); dput(dic, field, strdup(file_path)); free(field); field = __s("%s.size", part_name); dput(dic, field, __s("%d", totalsize)); free(field); field = __s("%s.ext", part_name); dput(dic, field, ext(part_file)); free(field); } else { ERROR("Cannot write file to :%s", file_path); } free(file_path); free(part_file); } free(part_name); } //printf("[Lines]:%s\n",line); // check if end of request if (line && strstr(line, boundend)) { //LOG("End request %s", boundend); free(boundend); return task; } if (line && strstr(line, boundary)) { // continue upload task->type = HEAVY; task->handle = decode_multi_part_request_data; } free(boundend); return task; } /** * Decode a query string (GET request or POST URL encoded) to * a dictionary of key-value * @param query : the query string * @return a dictionary of key-value */ void decode_url_request(const char *query, dictionary_t dic) { if (query == NULL) return; //str_copy = ; char *token; if (strlen(query) == 0) return; char *str_copy = strdup(query); char *org_copy = str_copy; //dictionary dic = dict(); while ((token = strsep(&str_copy, "&"))) { char *key; char *val = NULL; if (strlen(token) > 0) { key = strsep(&token, "="); if (key && strlen(key) > 0) { val = strsep(&token, "="); if (!val) val = ""; dput(dic, key, url_decode(val)); } } } free(org_copy); //return dic; } /** * Decode post query string to string */ char *post_data_decode(void *client, int len) { char *query = (char *)malloc((len + 1) * sizeof(char)); char *ptr = query; int readlen = len > BUFFLEN ? BUFFLEN : len; int read = 0, stat = 1; while (readlen > 0 && stat > 0) { stat = antd_recv(client, ptr + read, readlen); if (stat > 0) { read += stat; readlen = (len - read) > BUFFLEN ? BUFFLEN : (len - read); } } if (read > 0) query[read] = '\0'; else { free(query); query = NULL; } return query; } /** * Execute a plugin based on the http requeset * First decode the http request header to find the correct plugin * and the correct function on the plugin * Second, decode all parameters necessary of the request and pass it * to the callback function. * Execute the callback function if sucess * @param client soket client * @param path request path * @param method request method * @param query_string GET query string * @return -1 if failure * 1 if sucess */ void *execute_plugin(void *data, const char *pname) { void *(*fn)(void *); plugin_header_t *(*metafn)(); plugin_header_t *meta = NULL; struct plugin_entry *plugin; char *error; antd_request_t *rq = (antd_request_t *)data; antd_task_t *task = antd_create_task(NULL, (void *)rq, NULL, rq->client->last_io); task->priority++; //LOG("Plugin name '%s'", pname); //load the plugin if ((plugin = plugin_lookup((char *)pname)) == NULL) { pthread_mutex_lock(&server_mux); plugin = plugin_load((char *)pname); pthread_mutex_unlock(&server_mux); if (plugin == NULL) { antd_error(rq->client, 503, "Requested service not found"); return task; } } // check if the plugin want rawbody or decoded body metafn = (plugin_header_t * (*)()) dlsym(plugin->handle, "meta"); if ((error = dlerror()) == NULL) { meta = metafn(); } // load the function fn = (void *(*)(void *))dlsym(plugin->handle, PLUGIN_HANDLER); if ((error = dlerror()) != NULL) { ERROR("Problem when finding %s method from %s : %s", PLUGIN_HANDLER, pname, error); antd_error(rq->client, 503, "Requested service not found"); return task; } // check if we need the raw data or not if (meta && meta->raw_body == 1) { task->handle = fn; task->type = HEAVY; } else { free(task); task = antd_create_task(decode_post_request, (void *)rq, fn, rq->client->last_io); task->priority++; } return task; } dictionary_t mimes_list() { return server_config.mimes; } void dbdir(char* dest) { strcpy(dest,server_config.db_path); } void tmpdir(char* dest) { strcpy(dest, server_config.tmpdir); } void plugindir(char* dest) { strcpy(dest, server_config.plugins_dir); } #ifdef USE_ZLIB int compressable(char* ctype) { if(!server_config.gzip_enable || server_config.gzip_types == NULL) return 0; item_t it; list_for_each(it, server_config.gzip_types) { if(it->type == LIST_TYPE_POINTER && it->value.ptr && regex_match((const char*)it->value.ptr, ctype, 0, NULL)) { return 1; } } return 0; } #endif