X-Git-Url: http://git.archive.openwrt.org/?a=blobdiff_plain;f=file.c;h=e801a9ecc29286405944641169bed1ec78fb77ff;hb=242401f544df790b1df7d12b3be5f5b429da091c;hp=372696ca8727dbea673c20fde729ff5b216a4f2a;hpb=cf9c6c30f1328f8804f55896b3fcfcd1f5ae0212;p=project%2Fuhttpd.git diff --git a/file.c b/file.c index 372696c..e801a9e 100644 --- a/file.c +++ b/file.c @@ -1,20 +1,20 @@ /* * uhttpd - Tiny single-threaded httpd * - * Copyright (C) 2010-2012 Jo-Philipp Wich - * Copyright (C) 2012 Felix Fietkau + * Copyright (C) 2010-2013 Jo-Philipp Wich + * Copyright (C) 2013 Felix Fietkau * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #define _BSD_SOURCE @@ -26,14 +26,27 @@ #include #include #include +#include #include #include "uhttpd.h" #include "mimetypes.h" +#define MAX(a, b) (((a) > (b)) ? (a) : (b)) + static LIST_HEAD(index_files); static LIST_HEAD(dispatch_handlers); +static LIST_HEAD(pending_requests); +static int n_requests; + +struct deferred_request { + struct list_head list; + struct dispatch_handler *d; + struct client *cl; + struct path_info pi; + bool called, path; +}; struct index_file { struct list_head list; @@ -114,7 +127,7 @@ next: /* Returns NULL on error. ** NB: improperly encoded URL should give client 400 [Bad Syntax]; returning ** NULL here causes 404 [Not Found], but that's not too unreasonable. */ -static struct path_info * +struct path_info * uh_path_lookup(struct client *cl, const char *url) { static char path_phys[PATH_MAX]; @@ -176,6 +189,13 @@ uh_path_lookup(struct client *cl, const char *url) exists = !!canonpath(uh_buf, path_phys); uh_buf[i] = ch; + if (!exists) + continue; + + /* test current path */ + if (stat(path_phys, &p.stat)) + continue; + snprintf(path_info, sizeof(path_info), "%s", uh_buf + i); break; } @@ -186,10 +206,6 @@ uh_path_lookup(struct client *cl, const char *url) path_phys[docroot_len] != '/')) return NULL; - /* test current path */ - if (stat(path_phys, &p.stat)) - return NULL; - /* is a regular file */ if (p.stat.st_mode & S_IFREG) { p.root = docroot; @@ -219,6 +235,8 @@ uh_path_lookup(struct client *cl, const char *url) url with trailing slash appended */ if (!slash) { uh_http_header(cl, 302, "Found"); + if (!uh_use_chunked(cl)) + ustream_printf(cl->us, "Content-Length: 0\r\n"); ustream_printf(cl->us, "Location: %s%s%s\r\n\r\n", &path_phys[docroot_len], p.query ? "?" : "", @@ -271,12 +289,10 @@ static const char * uh_file_mime_lookup(const char *path) return "application/octet-stream"; } -static const char * uh_file_mktag(struct stat *s, char *buf) +static const char * uh_file_mktag(struct stat *s, char *buf, int len) { - snprintf(buf, sizeof(buf), "\"%x-%x-%x\"", - (unsigned int) s->st_ino, - (unsigned int) s->st_size, - (unsigned int) s->st_mtime); + snprintf(buf, len, "\"%" PRIx64 "-%" PRIx64 "-%" PRIx64 "\"", + s->st_ino, s->st_size, (uint64_t)s->st_mtime); return buf; } @@ -315,7 +331,7 @@ static void uh_file_response_ok_hdrs(struct client *cl, struct stat *s) char buf[128]; if (s) { - ustream_printf(cl->us, "ETag: %s\r\n", uh_file_mktag(s, buf)); + ustream_printf(cl->us, "ETag: %s\r\n", uh_file_mktag(s, buf, sizeof(buf))); ustream_printf(cl->us, "Last-Modified: %s\r\n", uh_file_unix2date(s->st_mtime, buf, sizeof(buf))); } @@ -344,7 +360,7 @@ static void uh_file_response_412(struct client *cl) static bool uh_file_if_match(struct client *cl, struct stat *s) { char buf[128]; - const char *tag = uh_file_mktag(s, buf); + const char *tag = uh_file_mktag(s, buf, sizeof(buf)); char *hdr = uh_file_header(cl, HDR_IF_MATCH); char *p; int i; @@ -385,7 +401,7 @@ static int uh_file_if_modified_since(struct client *cl, struct stat *s) static int uh_file_if_none_match(struct client *cl, struct stat *s) { char buf[128]; - const char *tag = uh_file_mktag(s, buf); + const char *tag = uh_file_mktag(s, buf, sizeof(buf)); char *hdr = uh_file_header(cl, HDR_IF_NONE_MATCH); char *p; int i; @@ -465,11 +481,11 @@ static void list_entries(struct client *cl, struct dirent **files, int count, bool dir = !!(files[i]->d_type & DT_DIR); if (name[0] == '.' && name[1] == 0) - continue; + goto next; sprintf(file, "%s", name); if (stat(local_path, &s)) - continue; + goto next; if (!dir) { suffix = ""; @@ -478,7 +494,7 @@ static void list_entries(struct client *cl, struct dirent **files, int count, } if (!(s.st_mode & mode)) - continue; + goto next; uh_chunk_printf(cl, "
  • %s%s" @@ -491,6 +507,7 @@ static void list_entries(struct client *cl, struct dirent **files, int count, type, s.st_size / 1024.0); *file = 0; +next: free(files[i]); } } @@ -553,6 +570,7 @@ static void uh_file_data(struct client *cl, struct path_info *pi, int fd) !uh_file_if_range(cl, &pi->stat) || !uh_file_if_unmodified_since(cl, &pi->stat) || !uh_file_if_none_match(cl, &pi->stat)) { + ustream_printf(cl->us, "\r\n"); uh_request_done(cl); close(fd); return; @@ -564,7 +582,7 @@ static void uh_file_data(struct client *cl, struct path_info *pi, int fd) ustream_printf(cl->us, "Content-Type: %s\r\n", uh_file_mime_lookup(pi->name)); - ustream_printf(cl->us, "Content-Length: %i\r\n\r\n", + ustream_printf(cl->us, "Content-Length: %" PRIu64 "\r\n\r\n", pi->stat.st_size); @@ -582,10 +600,14 @@ static void uh_file_data(struct client *cl, struct path_info *pi, int fd) file_write_cb(cl); } +static bool __handle_file_request(struct client *cl, char *url); + static void uh_file_request(struct client *cl, const char *url, struct path_info *pi, struct blob_attr **tb) { int fd; + struct http_request *req = &cl->request; + char *error_handler; if (!(pi->stat.st_mode & S_IROTH)) goto error; @@ -595,6 +617,7 @@ static void uh_file_request(struct client *cl, const char *url, if (fd < 0) goto error; + req->disable_chunked = true; cl->dispatch.file.hdr = tb; uh_file_data(cl, pi, fd); cl->dispatch.file.hdr = NULL; @@ -610,6 +633,16 @@ static void uh_file_request(struct client *cl, const char *url, } error: + /* check for a previously set 403 redirect status to prevent infinite + recursion when the error page itself lacks sufficient permissions */ + if (conf.error_handler && req->redirect_status != 403) { + req->redirect_status = 403; + error_handler = alloca(strlen(conf.error_handler) + 1); + strcpy(error_handler, conf.error_handler); + if (__handle_file_request(cl, error_handler)) + return; + } + uh_client_error(cl, 403, "Forbidden", "You don't have permission to access %s on this server.", url); @@ -644,7 +677,111 @@ dispatch_find(const char *url, struct path_info *pi) return NULL; } -static bool __handle_file_request(struct client *cl, const char *url) +static void +uh_invoke_script(struct client *cl, struct dispatch_handler *d, struct path_info *pi) +{ + char *url = blobmsg_data(blob_data(cl->hdr.head)); + + n_requests++; + d->handle_request(cl, url, pi); +} + +static void uh_complete_request(struct client *cl) +{ + struct deferred_request *dr; + + n_requests--; + + while (!list_empty(&pending_requests)) { + if (n_requests >= conf.max_script_requests) + return; + + dr = list_first_entry(&pending_requests, struct deferred_request, list); + list_del(&dr->list); + + cl = dr->cl; + dr->called = true; + cl->dispatch.data_blocked = false; + uh_invoke_script(cl, dr->d, dr->path ? &dr->pi : NULL); + client_poll_post_data(cl); + } +} + + +static void +uh_free_pending_request(struct client *cl) +{ + struct deferred_request *dr = cl->dispatch.req_data; + + if (dr->called) + uh_complete_request(cl); + else + list_del(&dr->list); + free(dr); +} + +static int field_len(const char *ptr) +{ + if (!ptr) + return 0; + + return strlen(ptr) + 1; +} + +#define path_info_fields \ + _field(root) \ + _field(phys) \ + _field(name) \ + _field(info) \ + _field(query) \ + _field(auth) + +static void +uh_defer_script(struct client *cl, struct dispatch_handler *d, struct path_info *pi) +{ + struct deferred_request *dr; + char *_root, *_phys, *_name, *_info, *_query, *_auth; + + cl->dispatch.req_free = uh_free_pending_request; + + if (pi) { + /* allocate enough memory to duplicate all path_info strings in one block */ +#undef _field +#define _field(_name) &_##_name, field_len(pi->_name), + dr = calloc_a(sizeof(*dr), path_info_fields NULL); + + memcpy(&dr->pi, pi, sizeof(*pi)); + dr->path = true; + + /* copy all path_info strings */ +#undef _field +#define _field(_name) if (pi->_name) dr->pi._name = strcpy(_##_name, pi->_name); + path_info_fields + } else { + dr = calloc(1, sizeof(*dr)); + } + + cl->dispatch.req_data = dr; + cl->dispatch.data_blocked = true; + dr->cl = cl; + dr->d = d; + list_add(&dr->list, &pending_requests); +} + +static void +uh_invoke_handler(struct client *cl, struct dispatch_handler *d, char *url, struct path_info *pi) +{ + if (!d->script) + return d->handle_request(cl, url, pi); + + if (n_requests >= conf.max_script_requests) + return uh_defer_script(cl, d, pi); + + cl->dispatch.req_free = uh_complete_request; + uh_invoke_script(cl, d, pi); +} + +static bool __handle_file_request(struct client *cl, char *url) { static const struct blobmsg_policy hdr_policy[__HDR_MAX] = { [HDR_AUTHORIZATION] = { "authorization", BLOBMSG_TYPE_STRING }, @@ -674,27 +811,84 @@ static bool __handle_file_request(struct client *cl, const char *url) d = dispatch_find(url, pi); if (d) - d->handle_request(cl, url, pi); + uh_invoke_handler(cl, d, url, pi); else uh_file_request(cl, url, pi, tb); return true; } +static char *uh_handle_alias(char *old_url) +{ + struct alias *alias; + static char *new_url; + static int url_len; + + if (!list_empty(&conf.cgi_alias)) list_for_each_entry(alias, &conf.cgi_alias, list) { + int old_len; + int new_len; + int path_len = 0; + + if (!uh_path_match(alias->alias, old_url)) + continue; + + if (alias->path) + path_len = strlen(alias->path); + + old_len = strlen(old_url) + 1; + new_len = old_len + MAX(conf.cgi_prefix_len, path_len); + + if (new_len > url_len) { + new_url = realloc(new_url, new_len); + url_len = new_len; + } + + *new_url = '\0'; + + if (alias->path) + strcpy(new_url, alias->path); + else if (conf.cgi_prefix) + strcpy(new_url, conf.cgi_prefix); + strcat(new_url, old_url); + + return new_url; + } + return old_url; +} + void uh_handle_request(struct client *cl) { + struct http_request *req = &cl->request; struct dispatch_handler *d; - const char *url = blobmsg_data(blob_data(cl->hdr.head));; + char *url = blobmsg_data(blob_data(cl->hdr.head)); + char *error_handler; + + blob_buf_init(&cl->hdr_response, 0); + url = uh_handle_alias(url); + uh_handler_run(cl, &url, false); + if (!url) + return; + + req->redirect_status = 200; d = dispatch_find(url, NULL); - if (d) { - d->handle_request(cl, url, NULL); + if (d) + return uh_invoke_handler(cl, d, url, NULL); + + if (__handle_file_request(cl, url)) return; - } - if (__handle_file_request(cl, url) || - __handle_file_request(cl, conf.error_handler)) + if (uh_handler_run(cl, &url, true) && + (!url || __handle_file_request(cl, url))) return; + req->redirect_status = 404; + if (conf.error_handler) { + error_handler = alloca(strlen(conf.error_handler) + 1); + strcpy(error_handler, conf.error_handler); + if (__handle_file_request(cl, error_handler)) + return; + } + uh_client_error(cl, 404, "Not Found", "The requested URL %s was not found on this server.", url); }