2 * uhttpd - Tiny single-threaded httpd - Utility functions
4 * Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
19 #define _XOPEN_SOURCE 500 /* crypt() */
20 #define _BSD_SOURCE /* strcasecmp(), strncasecmp() */
23 #include "uhttpd-utils.h"
26 #include "uhttpd-tls.h"
30 static char *uh_index_files[] = {
38 const char * sa_straddr(void *sa)
40 static char str[INET6_ADDRSTRLEN];
41 struct sockaddr_in *v4 = (struct sockaddr_in *)sa;
42 struct sockaddr_in6 *v6 = (struct sockaddr_in6 *)sa;
44 if( v4->sin_family == AF_INET )
45 return inet_ntop(AF_INET, &(v4->sin_addr), str, sizeof(str));
47 return inet_ntop(AF_INET6, &(v6->sin6_addr), str, sizeof(str));
50 const char * sa_strport(void *sa)
53 snprintf(str, sizeof(str), "%i", sa_port(sa));
59 return ntohs(((struct sockaddr_in6 *)sa)->sin6_port);
62 int sa_rfc1918(void *sa)
64 struct sockaddr_in *v4 = (struct sockaddr_in *)sa;
65 unsigned long a = htonl(v4->sin_addr.s_addr);
67 if( v4->sin_family == AF_INET )
69 return ((a >= 0x0A000000) && (a <= 0x0AFFFFFF)) ||
70 ((a >= 0xAC100000) && (a <= 0xAC1FFFFF)) ||
71 ((a >= 0xC0A80000) && (a <= 0xC0A8FFFF));
77 /* Simple strstr() like function that takes len arguments for both haystack and needle. */
78 char *strfind(char *haystack, int hslen, const char *needle, int ndlen)
83 for( i = 0; i < hslen; i++ )
85 if( haystack[i] == needle[0] )
87 match = ((ndlen == 1) || ((i + ndlen) <= hslen));
89 for( j = 1; (j < ndlen) && ((i + j) < hslen); j++ )
91 if( haystack[i+j] != needle[j] )
106 /* interruptable select() */
107 int select_intr(int n, fd_set *r, fd_set *w, fd_set *e, struct timeval *t)
112 /* unblock SIGCHLD */
114 sigaddset(&ssn, SIGCHLD);
115 sigaddset(&ssn, SIGPIPE);
116 sigprocmask(SIG_UNBLOCK, &ssn, &sso);
118 rv = select(n, r, w, e, t);
120 /* restore signal mask */
121 sigprocmask(SIG_SETMASK, &sso, NULL);
127 int uh_tcp_send_lowlevel(struct client *cl, const char *buf, int len)
130 struct timeval timeout;
133 FD_SET(cl->socket, &writer);
135 timeout.tv_sec = cl->server->conf->network_timeout;
138 if (select(cl->socket + 1, NULL, &writer, NULL, &timeout) > 0)
139 return send(cl->socket, buf, len, 0);
144 int uh_tcp_send(struct client *cl, const char *buf, int len)
148 return cl->server->conf->tls_send(cl, (void *)buf, len);
151 return uh_tcp_send_lowlevel(cl, buf, len);
154 int uh_tcp_peek(struct client *cl, char *buf, int len)
156 /* sanity check, prevent overflowing peek buffer */
157 if (len > sizeof(cl->peekbuf))
160 int sz = uh_tcp_recv(cl, buf, len);
162 /* store received data in peek buffer */
166 memcpy(cl->peekbuf, buf, sz);
172 int uh_tcp_recv_lowlevel(struct client *cl, char *buf, int len)
175 struct timeval timeout;
178 FD_SET(cl->socket, &reader);
180 timeout.tv_sec = cl->server->conf->network_timeout;
183 if (select(cl->socket + 1, &reader, NULL, NULL, &timeout) > 0)
184 return recv(cl->socket, buf, len, 0);
189 int uh_tcp_recv(struct client *cl, char *buf, int len)
194 /* first serve data from peek buffer */
197 sz = min(cl->peeklen, len);
198 len -= sz; cl->peeklen -= sz;
199 memcpy(buf, cl->peekbuf, sz);
200 memmove(cl->peekbuf, &cl->peekbuf[sz], cl->peeklen);
203 /* caller wants more */
208 rsz = cl->server->conf->tls_recv(cl, (void *)&buf[sz], len);
211 rsz = uh_tcp_recv_lowlevel(cl, (void *)&buf[sz], len);
223 int uh_http_sendhf(struct client *cl, int code, const char *summary, const char *fmt, ...)
227 char buffer[UH_LIMIT_MSGHEAD];
230 len = snprintf(buffer, sizeof(buffer),
231 "HTTP/1.1 %03i %s\r\n"
232 "Connection: close\r\n"
233 "Content-Type: text/plain\r\n"
234 "Transfer-Encoding: chunked\r\n\r\n",
238 ensure_ret(uh_tcp_send(cl, buffer, len));
241 len = vsnprintf(buffer, sizeof(buffer), fmt, ap);
244 ensure_ret(uh_http_sendc(cl, buffer, len));
245 ensure_ret(uh_http_sendc(cl, NULL, 0));
251 int uh_http_sendc(struct client *cl, const char *data, int len)
261 clen = snprintf(chunk, sizeof(chunk), "%X\r\n", len);
262 ensure_ret(uh_tcp_send(cl, chunk, clen));
263 ensure_ret(uh_tcp_send(cl, data, len));
264 ensure_ret(uh_tcp_send(cl, "\r\n", 2));
268 ensure_ret(uh_tcp_send(cl, "0\r\n\r\n", 5));
275 struct client *cl, struct http_request *req, const char *fmt, ...
278 char buffer[UH_LIMIT_MSGHEAD];
282 len = vsnprintf(buffer, sizeof(buffer), fmt, ap);
285 if( (req != NULL) && (req->version > 1.0) )
286 ensure_ret(uh_http_sendc(cl, buffer, len));
288 ensure_ret(uh_tcp_send(cl, buffer, len));
294 struct client *cl, struct http_request *req, const char *buf, int len
299 if( (req != NULL) && (req->version > 1.0) )
300 ensure_ret(uh_http_sendc(cl, buf, len));
302 ensure_ret(uh_tcp_send(cl, buf, len));
308 /* blen is the size of buf; slen is the length of src. The input-string need
309 ** not be, and the output string will not be, null-terminated. Returns the
310 ** length of the decoded string, -1 on buffer overflow, -2 on malformed string. */
311 int uh_urldecode(char *buf, int blen, const char *src, int slen)
317 (((x) <= '9') ? ((x) - '0') : \
318 (((x) <= 'F') ? ((x) - 'A' + 10) : \
321 for( i = 0; (i < slen) && (len < blen); i++ )
325 if( ((i+2) < slen) && isxdigit(src[i+1]) && isxdigit(src[i+2]) )
327 buf[len++] = (char)(16 * hex(src[i+1]) + hex(src[i+2]));
332 /* Encoding error: it's hard to think of a
333 ** scenario in which returning an incorrect
334 ** 'decoding' of the malformed string is
335 ** preferable to signaling an error condition. */
336 #if 0 /* WORSE_IS_BETTER */
349 return (i == slen) ? len : -1;
352 /* blen is the size of buf; slen is the length of src. The input-string need
353 ** not be, and the output string will not be, null-terminated. Returns the
354 ** length of the encoded string, or -1 on error (buffer overflow) */
355 int uh_urlencode(char *buf, int blen, const char *src, int slen)
359 const char hex[] = "0123456789abcdef";
361 for( i = 0; (i < slen) && (len < blen); i++ )
363 if( isalnum(src[i]) || (src[i] == '-') || (src[i] == '_') ||
364 (src[i] == '.') || (src[i] == '~') )
368 else if( (len+3) <= blen )
371 buf[len++] = hex[(src[i] >> 4) & 15];
372 buf[len++] = hex[ src[i] & 15];
381 return (i == slen) ? len : -1;
384 int uh_b64decode(char *buf, int blen, const unsigned char *src, int slen)
389 unsigned int cin = 0;
390 unsigned int cout = 0;
393 for( i = 0; (i <= slen) && (src[i] != 0); i++ )
397 if( (cin >= '0') && (cin <= '9') )
398 cin = cin - '0' + 52;
399 else if( (cin >= 'A') && (cin <= 'Z') )
401 else if( (cin >= 'a') && (cin <= 'z') )
402 cin = cin - 'a' + 26;
403 else if( cin == '+' )
405 else if( cin == '/' )
407 else if( cin == '=' )
412 cout = (cout << 6) | cin;
416 if( (len + 3) < blen )
418 buf[len++] = (char)(cout >> 16);
419 buf[len++] = (char)(cout >> 8);
420 buf[len++] = (char)(cout);
433 static char * canonpath(const char *path, char *path_resolved)
435 char path_copy[PATH_MAX];
436 char *path_cpy = path_copy;
437 char *path_res = path_resolved;
442 /* relative -> absolute */
445 getcwd(path_copy, PATH_MAX);
446 strncat(path_copy, "/", PATH_MAX - strlen(path_copy));
447 strncat(path_copy, path, PATH_MAX - strlen(path_copy));
451 strncpy(path_copy, path, PATH_MAX);
455 while( (*path_cpy != '\0') && (path_cpy < (path_copy + PATH_MAX - 2)) )
457 if( *path_cpy == '/' )
459 /* skip repeating / */
460 if( path_cpy[1] == '/' )
467 else if( path_cpy[1] == '.' )
470 if( (path_cpy[2] == '/') || (path_cpy[2] == '\0') )
476 /* collapse /x/../ */
477 else if( (path_cpy[2] == '.') &&
478 ((path_cpy[3] == '/') || (path_cpy[3] == '\0'))
480 while( (path_res > path_resolved) && (*--path_res != '/') )
489 *path_res++ = *path_cpy++;
492 /* remove trailing slash if not root / */
493 if( (path_res > (path_resolved+1)) && (path_res[-1] == '/') )
495 else if( path_res == path_resolved )
501 if( !stat(path_resolved, &s) && (s.st_mode & S_IROTH) )
502 return path_resolved;
507 /* Returns NULL on error.
508 ** NB: improperly encoded URL should give client 400 [Bad Syntax]; returning
509 ** NULL here causes 404 [Not Found], but that's not too unreasonable. */
510 struct path_info * uh_path_lookup(struct client *cl, const char *url)
512 static char path_phys[PATH_MAX];
513 static char path_info[PATH_MAX];
514 static struct path_info p;
516 char buffer[UH_LIMIT_MSGHEAD];
517 char *docroot = cl->server->conf->docroot;
518 char *pathptr = NULL;
521 int no_sym = cl->server->conf->no_symlinks;
525 /* back out early if url is undefined */
529 memset(path_phys, 0, sizeof(path_phys));
530 memset(path_info, 0, sizeof(path_info));
531 memset(buffer, 0, sizeof(buffer));
532 memset(&p, 0, sizeof(p));
535 memcpy(buffer, docroot,
536 min(strlen(docroot), sizeof(buffer) - 1));
538 /* separate query string from url */
539 if( (pathptr = strchr(url, '?')) != NULL )
541 p.query = pathptr[1] ? pathptr + 1 : NULL;
543 /* urldecode component w/o query */
546 &buffer[strlen(docroot)],
547 sizeof(buffer) - strlen(docroot) - 1,
548 url, pathptr - url ) < 0 )
549 return NULL; /* bad URL */
552 /* no query string, decode all of url */
556 &buffer[strlen(docroot)],
557 sizeof(buffer) - strlen(docroot) - 1,
558 url, strlen(url) ) < 0 )
559 return NULL; /* bad URL */
562 /* create canon path */
563 for( i = strlen(buffer), slash = (buffer[max(0, i-1)] == '/'); i >= 0; i-- )
565 if( (buffer[i] == 0) || (buffer[i] == '/') )
567 memset(path_info, 0, sizeof(path_info));
568 memcpy(path_info, buffer, min(i + 1, sizeof(path_info) - 1));
570 if( no_sym ? realpath(path_info, path_phys)
571 : canonpath(path_info, path_phys)
573 memset(path_info, 0, sizeof(path_info));
574 memcpy(path_info, &buffer[i],
575 min(strlen(buffer) - i, sizeof(path_info) - 1));
582 /* check whether found path is within docroot */
583 if( strncmp(path_phys, docroot, strlen(docroot)) ||
584 ((path_phys[strlen(docroot)] != 0) &&
585 (path_phys[strlen(docroot)] != '/'))
590 /* test current path */
591 if( ! stat(path_phys, &p.stat) )
593 /* is a regular file */
594 if( p.stat.st_mode & S_IFREG )
598 p.name = &path_phys[strlen(docroot)];
599 p.info = path_info[0] ? path_info : NULL;
603 else if( (p.stat.st_mode & S_IFDIR) && !strlen(path_info) )
605 /* ensure trailing slash */
606 if( path_phys[strlen(path_phys)-1] != '/' )
607 path_phys[strlen(path_phys)] = '/';
609 /* try to locate index file */
610 memset(buffer, 0, sizeof(buffer));
611 memcpy(buffer, path_phys, sizeof(buffer));
612 pathptr = &buffer[strlen(buffer)];
614 /* if requested url resolves to a directory and a trailing slash
615 is missing in the request url, redirect the client to the same
616 url with trailing slash appended */
619 uh_http_sendf(cl, NULL,
620 "HTTP/1.1 302 Found\r\n"
621 "Location: %s%s%s\r\n"
622 "Connection: close\r\n\r\n",
623 &path_phys[strlen(docroot)],
625 p.query ? p.query : ""
630 else if( cl->server->conf->index_file )
632 strncat(buffer, cl->server->conf->index_file, sizeof(buffer));
634 if( !stat(buffer, &s) && (s.st_mode & S_IFREG) )
636 memcpy(path_phys, buffer, sizeof(path_phys));
637 memcpy(&p.stat, &s, sizeof(p.stat));
642 for( i = 0; i < array_size(uh_index_files); i++ )
644 strncat(buffer, uh_index_files[i], sizeof(buffer));
646 if( !stat(buffer, &s) && (s.st_mode & S_IFREG) )
648 memcpy(path_phys, buffer, sizeof(path_phys));
649 memcpy(&p.stat, &s, sizeof(p.stat));
659 p.name = &path_phys[strlen(docroot)];
663 return p.phys ? &p : NULL;
667 static struct auth_realm *uh_realms = NULL;
669 struct auth_realm * uh_auth_add(char *path, char *user, char *pass)
671 struct auth_realm *new = NULL;
678 if((new = (struct auth_realm *)malloc(sizeof(struct auth_realm))) != NULL)
680 memset(new, 0, sizeof(struct auth_realm));
682 memcpy(new->path, path,
683 min(strlen(path), sizeof(new->path) - 1));
685 memcpy(new->user, user,
686 min(strlen(user), sizeof(new->user) - 1));
688 /* given password refers to a passwd entry */
689 if( (strlen(pass) > 3) && !strncmp(pass, "$p$", 3) )
692 /* try to resolve shadow entry */
693 if( ((spwd = getspnam(&pass[3])) != NULL) && spwd->sp_pwdp )
695 memcpy(new->pass, spwd->sp_pwdp,
696 min(strlen(spwd->sp_pwdp), sizeof(new->pass) - 1));
702 /* try to resolve passwd entry */
703 if( ((pwd = getpwnam(&pass[3])) != NULL) && pwd->pw_passwd &&
704 (pwd->pw_passwd[0] != '!') && (pwd->pw_passwd[0] != 0)
706 memcpy(new->pass, pwd->pw_passwd,
707 min(strlen(pwd->pw_passwd), sizeof(new->pass) - 1));
714 memcpy(new->pass, pass,
715 min(strlen(pass), sizeof(new->pass) - 1));
720 new->next = uh_realms;
733 struct client *cl, struct http_request *req, struct path_info *pi
735 int i, plen, rlen, protected;
736 char buffer[UH_LIMIT_MSGHEAD];
740 struct auth_realm *realm = NULL;
742 plen = strlen(pi->name);
745 /* check whether at least one realm covers the requested url */
746 for( realm = uh_realms; realm; realm = realm->next )
748 rlen = strlen(realm->path);
750 if( (plen >= rlen) && !strncasecmp(pi->name, realm->path, rlen) )
758 /* requested resource is covered by a realm */
761 /* try to get client auth info */
762 foreach_header(i, req->headers)
764 if( !strcasecmp(req->headers[i], "Authorization") &&
765 (strlen(req->headers[i+1]) > 6) &&
766 !strncasecmp(req->headers[i+1], "Basic ", 6)
768 memset(buffer, 0, sizeof(buffer));
769 uh_b64decode(buffer, sizeof(buffer) - 1,
770 (unsigned char *) &req->headers[i+1][6],
771 strlen(req->headers[i+1]) - 6);
773 if( (pass = strchr(buffer, ':')) != NULL )
783 /* have client auth */
786 /* find matching realm */
787 for( realm = uh_realms; realm; realm = realm->next )
789 rlen = strlen(realm->path);
791 if( (plen >= rlen) &&
792 !strncasecmp(pi->name, realm->path, rlen) &&
793 !strcmp(user, realm->user)
800 /* found a realm matching the username */
803 /* check user pass */
804 if (!strcmp(pass, realm->pass) ||
805 !strcmp(crypt(pass, realm->pass), realm->pass))
811 uh_http_sendf(cl, NULL,
812 "HTTP/%.1f 401 Authorization Required\r\n"
813 "WWW-Authenticate: Basic realm=\"%s\"\r\n"
814 "Content-Type: text/plain\r\n"
815 "Content-Length: 23\r\n\r\n"
816 "Authorization Required\n",
817 req->version, cl->server->conf->realm
827 static struct listener *uh_listeners = NULL;
828 static struct client *uh_clients = NULL;
830 struct listener * uh_listener_add(int sock, struct config *conf)
832 struct listener *new = NULL;
835 if( (new = (struct listener *)malloc(sizeof(struct listener))) != NULL )
837 memset(new, 0, sizeof(struct listener));
842 /* get local endpoint addr */
843 sl = sizeof(struct sockaddr_in6);
844 memset(&(new->addr), 0, sl);
845 getsockname(sock, (struct sockaddr *) &(new->addr), &sl);
847 new->next = uh_listeners;
856 struct listener * uh_listener_lookup(int sock)
858 struct listener *cur = NULL;
860 for( cur = uh_listeners; cur; cur = cur->next )
861 if( cur->socket == sock )
868 struct client * uh_client_add(int sock, struct listener *serv)
870 struct client *new = NULL;
873 if( (new = (struct client *)malloc(sizeof(struct client))) != NULL )
875 memset(new, 0, sizeof(struct client));
880 /* get remote endpoint addr */
881 sl = sizeof(struct sockaddr_in6);
882 memset(&(new->peeraddr), 0, sl);
883 getpeername(sock, (struct sockaddr *) &(new->peeraddr), &sl);
885 /* get local endpoint addr */
886 sl = sizeof(struct sockaddr_in6);
887 memset(&(new->servaddr), 0, sl);
888 getsockname(sock, (struct sockaddr *) &(new->servaddr), &sl);
890 new->next = uh_clients;
897 struct client * uh_client_lookup(int sock)
899 struct client *cur = NULL;
901 for( cur = uh_clients; cur; cur = cur->next )
902 if( cur->socket == sock )
908 void uh_client_remove(int sock)
910 struct client *cur = NULL;
911 struct client *prv = NULL;
913 for( cur = uh_clients; cur; prv = cur, cur = cur->next )
915 if( cur->socket == sock )
918 prv->next = cur->next;
920 uh_clients = cur->next;
930 static struct interpreter *uh_interpreters = NULL;
932 struct interpreter * uh_interpreter_add(const char *extn, const char *path)
934 struct interpreter *new = NULL;
936 if( (new = (struct interpreter *)
937 malloc(sizeof(struct interpreter))) != NULL )
939 memset(new, 0, sizeof(struct interpreter));
941 memcpy(new->extn, extn, min(strlen(extn), sizeof(new->extn)-1));
942 memcpy(new->path, path, min(strlen(path), sizeof(new->path)-1));
944 new->next = uh_interpreters;
945 uh_interpreters = new;
953 struct interpreter * uh_interpreter_lookup(const char *path)
955 struct interpreter *cur = NULL;
958 for( cur = uh_interpreters; cur; cur = cur->next )
960 e = &path[max(strlen(path) - strlen(cur->extn), 0)];
962 if( !strcmp(e, cur->extn) )