static int serve_response(ne_socket *s, const char *response)
{
CALL(discard_request(s));
CALL(discard_body(s));
ONN("failed to send response", SEND_STRING(s, response));
return OK;
}
int double_serve_sstring(ne_socket *s, void *userdata)
{
struct double_serve_args *args = userdata;
struct string *str;
CALL(discard_request(s));
CALL(discard_body(s));
str = &args->first;
NE_DEBUG(NE_DBG_SOCKET, "Serving string: [[[%.*s]]]\n",
(int)str->len, str->data);
ONN("write failed", ne_sock_fullwrite(s, str->data, str->len));
CALL(discard_request(s));
CALL(discard_body(s));
str = &args->second;
NE_DEBUG(NE_DBG_SOCKET, "Serving string: [[[%.*s]]]\n",
(int)str->len, str->data);
ONN("write failed", ne_sock_fullwrite(s, str->data, str->len));
return OK;
}
/* server function which checks that the request body sent was the
* same as the 'data' array. */
static int serve_check_body(ne_socket *sock, void *userdata)
{
CALL(discard_request(sock));
if (clength != (ssize_t)strlen(data)) {
CALL(discard_body(sock));
SEND_STRING(sock, "HTTP/1.0 400 Bad Request Body Length\r\n"
"\r\n");
} else {
char buf[20];
if (ne_sock_fullread(sock, buf, clength) == 0) {
SEND_STRING(sock, "HTTP/1.0 200 OK Then!\r\n\r\n");
}
}
return 0;
}
static int tora_handler( request_rec *r ) {
mcontext ctx, *c = &ctx;
if( strcmp(r->handler,"tora-handler") != 0)
return DECLINED;
// init context
c->need_discard = false;
c->is_multipart = false;
c->headers_sent = false;
c->is_form_post = false;
c->r = r;
c->post_data = NULL;
c->xff = NULL;
c->client_ip = NULL;
c->p = NULL;
c->r->content_type = "text/html";
config.hits++;
// read post data
{
const char *ctype = ap_table_get(r->headers_in,"Content-Type");
ap_setup_client_block(r,REQUEST_CHUNKED_ERROR);
if( ctype && strstr(ctype,"multipart/form-data") )
c->is_multipart = true;
else if( ap_should_client_block(r) ) {
int tlen = 0;
c->post_data = (char*)malloc(config.max_post_size);
while( true ) {
int len = ap_get_client_block(r,c->post_data + tlen,config.max_post_size - tlen);
if( len <= 0 )
break;
tlen += len;
}
if( tlen >= config.max_post_size ) {
discard_body(c);
free(c->post_data);
log_error(c,"Maximum POST data exceeded. Try using multipart encoding");
return OK;
}
c->post_data[tlen] = 0;
c->post_data_size = tlen;
c->is_form_post = ctype == NULL || (strstr(ctype,"urlencoded") != NULL);
}
}
// init protocol
{
protocol_infos infos;
request_rec *first = r;
while( first->prev != NULL )
first = first->prev;
infos.custom = c;
infos.script = r->filename;
infos.uri = first->uri;
infos.hostname = r->hostname ? r->hostname : "";
if( config.proxy_mode ) {
const char *xff = ap_table_get(r->headers_in,"X-Forwarded-For");
if( xff == NULL )
infos.client_ip = r->connection->remote_ip;
else {
char tmp;
char *xend = (char*)xff + strlen(xff) - 1;
while( xend > xff && *xend != ' ' && *xend != ',' )
xend--;
c->client_ip = strdup(xend);
infos.client_ip = c->client_ip;
if( xend > xff && *xend == ' ' && xend[-1] == ',' )
xend--;
tmp = *xend;
*xend = 0;
c->xff = strdup(xff);
*xend = tmp;
}
} else
infos.client_ip = inet_ntoa(REMOTE_ADDR(r->connection));
infos.http_method = r->method;
infos.get_data = r->args;
infos.post_data = c->post_data;
infos.post_data_size = c->post_data_size;
infos.content_type = ap_table_get(r->headers_in,"Content-Type");
infos.do_get_headers = do_get_headers;
infos.do_get_params = do_get_params;
infos.do_set_header = do_set_header;
infos.do_set_return_code = do_set_return_code;
infos.do_print = do_print;
infos.do_flush = do_flush;
infos.do_log = do_log;
infos.do_stream_data = c->is_multipart ? do_stream_data : NULL;
c->p = protocol_init(&infos);
}
// run protocol
{
int port = config.port_min + (config.hits % (1 + config.port_max - config.port_min));
if( !protocol_connect(c->p,config.host,port) ||
!protocol_send_request(c->p) ||
!protocol_read_answer(c->p) )
log_error(c,protocol_get_error(c->p));
}
// cleanup
protocol_free(c->p);
free(c->xff);
free(c->client_ip);
free(c->post_data);
send_headers(c); // in case...
if( c->need_discard )
discard_body(c);
return OK;
}
/**
parse_multipart_data : onpart:function:2 -> ondata:function:3 -> void
<doc>
Incrementally parse the multipart data. call [onpart(name,filename)] for each part
found and [ondata(buf,pos,len)] when some data is available
</doc>
**/
static value parse_multipart_data( value onpart, value ondata ) {
value buf;
int len = 0;
mcontext *c = CONTEXT();
const char *ctype = ap_table_get(c->r->headers_in,"Content-Type");
value boundstr;
val_check_function(onpart,2);
val_check_function(ondata,3);
buf = alloc_empty_string(BUFSIZE);
if( !ctype || strstr(ctype,"multipart/form-data") == NULL )
return val_null;
// extract boundary value
{
const char *boundary, *bend;
if( (boundary = strstr(ctype,"boundary=")) == NULL )
neko_error();
boundary += 9;
PARSE_HEADER(boundary,bend);
len = (int)(bend - boundary);
boundstr = alloc_empty_string(len+2);
if( val_strlen(boundstr) > BUFSIZE / 2 )
neko_error();
val_string(boundstr)[0] = '-';
val_string(boundstr)[1] = '-';
memcpy(val_string(boundstr)+2,boundary,len);
}
len = 0;
if( !ap_should_client_block(c->r) )
neko_error();
while( true ) {
char *name, *end_name, *filename, *end_file_name, *data;
int pos;
// refill buffer
// we assume here that the the whole multipart header can fit in the buffer
fill_buffer(c,buf,&len);
// is boundary at the beginning of buffer ?
if( len < val_strlen(boundstr) || memcmp(val_string(buf),val_string(boundstr),val_strlen(boundstr)) != 0 )
return discard_body(c);
name = memfind(val_string(buf),len,"Content-Disposition:");
if( name == NULL )
break;
name = memfind(name,len - (int)(name - val_string(buf)),"name=");
if( name == NULL )
return discard_body(c);
name += 5;
PARSE_HEADER(name,end_name);
data = memfind(end_name,len - (int)(end_name - val_string(buf)),"\r\n\r\n");
if( data == NULL )
return discard_body(c);
filename = memfind(name,(int)(data - name),"filename=");
if( filename != NULL ) {
filename += 9;
PARSE_HEADER(filename,end_file_name);
}
data += 4;
pos = (int)(data - val_string(buf));
// send part name
val_call2(onpart,copy_string(name,(int)(end_name - name)),filename?copy_string(filename,(int)(end_file_name - filename)):val_null);
// read data
while( true ) {
const char *boundary;
// recall buffer
memmove(val_string(buf),val_string(buf)+pos,len - pos);
len -= pos;
pos = 0;
fill_buffer(c,buf,&len);
// lookup bounds
boundary = memfind(val_string(buf),len,val_string(boundstr));
if( boundary == NULL ) {
if( len == 0 )
return discard_body(c);
// send as much buffer as possible to client
if( len < BUFSIZE )
pos = len;
else
pos = len - val_strlen(boundstr) + 1;
val_call3(ondata,buf,alloc_int(0),alloc_int(pos));
} else {
// send remaining data
pos = (int)(boundary - val_string(buf));
val_call3(ondata,buf,alloc_int(0),alloc_int(pos-2));
// recall
memmove(val_string(buf),val_string(buf)+pos,len - pos);
len -= pos;
break;
}
}
}
return val_null;
}
/* Read the headers of the response and try the available
handlers if authentication or validation is needed. */
apr_status_t serf__handle_auth_response(int *consumed_response,
serf_request_t *request,
serf_bucket_t *response,
void *baton,
apr_pool_t *pool)
{
apr_status_t status;
serf_status_line sl;
*consumed_response = 0;
/* TODO: the response bucket was created by the application, not at all
guaranteed that this is of type response_bucket!! */
status = serf_bucket_response_status(response, &sl);
if (SERF_BUCKET_READ_ERROR(status)) {
return status;
}
if (!sl.version && (APR_STATUS_IS_EOF(status) ||
APR_STATUS_IS_EAGAIN(status))) {
return status;
}
status = serf_bucket_response_wait_for_headers(response);
if (status) {
if (!APR_STATUS_IS_EOF(status)) {
return status;
}
/* If status is APR_EOF, there were no headers to read.
This can be ok in some situations, and it definitely
means there's no authentication requested now. */
return APR_SUCCESS;
}
if (sl.code == 401 || sl.code == 407) {
/* Authentication requested. */
/* Don't bother handling the authentication request if the response
wasn't received completely yet. Serf will call serf__handle_auth_response
again when more data is received. */
status = discard_body(response);
*consumed_response = 1;
/* Discard all response body before processing authentication. */
if (!APR_STATUS_IS_EOF(status)) {
return status;
}
status = dispatch_auth(sl.code, request, response, baton, pool);
if (status != APR_SUCCESS) {
return status;
}
/* Requeue the request with the necessary auth headers. */
/* ### Application doesn't know about this request! */
if (request->ssltunnel) {
serf__ssltunnel_request_create(request->conn,
request->setup,
request->setup_baton);
} else {
serf_connection_priority_request_create(request->conn,
request->setup,
request->setup_baton);
}
return APR_EOF;
} else {
serf__validate_response_func_t validate_resp;
serf_connection_t *conn = request->conn;
serf_context_t *ctx = conn->ctx;
serf__authn_info_t *authn_info;
apr_status_t resp_status = APR_SUCCESS;
/* Validate the response server authn headers. */
authn_info = serf__get_authn_info_for_server(conn);
if (authn_info->scheme) {
validate_resp = authn_info->scheme->validate_response_func;
resp_status = validate_resp(authn_info->scheme, HOST, sl.code,
conn, request, response, pool);
}
/* Validate the response proxy authn headers. */
authn_info = &ctx->proxy_authn_info;
if (!resp_status && authn_info->scheme) {
validate_resp = authn_info->scheme->validate_response_func;
resp_status = validate_resp(authn_info->scheme, PROXY, sl.code,
conn, request, response, pool);
}
if (resp_status) {
/* If there was an error in the final step of the authentication,
consider the reponse body as invalid and discard it. */
status = discard_body(response);
*consumed_response = 1;
if (!APR_STATUS_IS_EOF(status)) {
return status;
}
/* The whole body was discarded, now return our error. */
return resp_status;
}
}
return APR_SUCCESS;
}
/* Read the headers of the response and try the available
handlers if authentication or validation is needed. */
apr_status_t serf__handle_auth_response(int *consumed_response,
serf_request_t *request,
serf_bucket_t *response,
void *baton,
apr_pool_t *pool)
{
apr_status_t status;
serf_status_line sl;
*consumed_response = 0;
status = serf_bucket_response_status(response, &sl);
if (SERF_BUCKET_READ_ERROR(status)) {
return status;
}
if (!sl.version && (APR_STATUS_IS_EOF(status) ||
APR_STATUS_IS_EAGAIN(status))) {
return status;
}
status = serf_bucket_response_wait_for_headers(response);
if (status) {
if (!APR_STATUS_IS_EOF(status)) {
return status;
}
/* If status is APR_EOF, there were no headers to read.
This can be ok in some situations, and it definitely
means there's no authentication requested now. */
return APR_SUCCESS;
}
if (sl.code == 401 || sl.code == 407) {
/* Authentication requested. */
/* Don't bother handling the authentication request if the response
wasn't received completely yet. Serf will call serf__handle_auth_response
again when more data is received. */
status = discard_body(response);
*consumed_response = 1;
/* Discard all response body before processing authentication. */
if (!APR_STATUS_IS_EOF(status)) {
return status;
}
status = dispatch_auth(sl.code, request, response, baton, pool);
if (status != APR_SUCCESS) {
return status;
}
/* Requeue the request with the necessary auth headers. */
/* ### Application doesn't know about this request! */
serf_connection_priority_request_create(request->conn,
request->setup,
request->setup_baton);
return APR_EOF;
}
return APR_SUCCESS;
}
