int ServeClientInternal(struct AmmServer_Instance * instance , struct HTTPTransaction * transaction)
{
if (instance==0) { errorID(ASV_ERROR_INSTANCE_NOT_ALLOCATED); return 0; } else
{ /*fprintf(stderr,"ServeClient instance pointing @ %p \n",instance);*/ }
if (!setSocketTimeouts(transaction->clientSock))
{
errorID(ASV_ERROR_COULD_NOT_SET_SOCKET_TIMEOUT);
fprintf(stderr,"This means something weird is going on , skipping everything");
return 0;
}
transaction->clientListID = findOutClientIDOfPeer(instance ,transaction->clientSock);
//----------------------------- ---------------------------- ----------------------------
// Check if client is banned
//----------------------------- ---------------------------- ----------------------------
int clientIsBanned = clientList_isClientBanned(instance->clientList,transaction->clientListID);
//----------------------------- ---------------------------- ----------------------------
if (!clientIsBanned)
{
//If client is ok go ahead to serve him..
unsigned int keepAliveShots = 1;
while ( ( ServeClientKeepAliveLoop(instance,transaction) ) && (instance->server_running) )
{
//fprintf(stderr,"Another KeepAlive Loop Served ( %u ) \n",keepAliveShots);
++keepAliveShots;
clientIsBanned = clientList_isClientBanned(instance->clientList,transaction->clientListID);
if (clientIsBanned)
{
warningID(ASV_WARNING_CLIENT_DENIED_ACCESS);
SendErrorCodeHeader(instance,transaction,403 /*Forbidden*/,"403.html",instance->templates_root);
break;
}
}
}
//----------------------------- ---------------------------- ----------------------------
//fprintf(stderr,"Done with client / Closing Socket ( %u ) ..\n",transaction->clientSock);
close(transaction->clientSock);
// shutdown(transaction->clientSock,SHUT_RDWR);
if (transaction->incomingHeader.headerRAW!=0)
{
//fprintf(stderr,"Done with client / Freeing incoming memory..\n");
safeFree(transaction->incomingHeader.headerRAW,transaction->incomingHeader.headerRAWSize);
transaction->incomingHeader.headerRAW=0;
}
//fprintf(stderr,"closed\n");
if (!transaction->prespawnedThreadFlag)
{ //If we are running in a prespawned thread it is wrong to count this thread as a *dynamic* one that just stopped !
//Clear thread id handler and we can gracefully exit..! ( LOCKLESS OPERATION)
if (instance->threads_pool[transaction->threadID]==0) { fprintf(stderr,"While exiting thread , thread_pool id[%u] is already zero.. This could be a bug ..\n",transaction->threadID); }
instance->threads_pool[transaction->threadID]=0;
++instance->CLIENT_THREADS_STOPPED;
//We also only want to stop the thread if itsnot prespawned !
//fprintf(stderr,"Exiting Thread\n");
//pthread_join(instance->threads_pool[transaction->threadID],0);
//pthread_exit(0);
//This should make the thread release all of its resources (?)
pthread_detach(pthread_self());
}
return 0;
}
unsigned long SendFile
(
struct AmmServer_Instance * instance,
struct HTTPTransaction * transaction,
char * verified_filename_pending_copy, // The filename to be served on the socket above
unsigned int force_error_code
)
{
int clientsock = transaction->clientSock;
unsigned int resourceCacheID=transaction->resourceCacheID;
unsigned long start_at_byte = transaction->incomingHeader.range_start;
unsigned long end_at_byte = transaction->incomingHeader.range_end;
unsigned char keepalive = transaction->incomingHeader.keepalive;
unsigned char compression_supported = transaction->incomingHeader.supports_compression ;
struct HTTPHeader * request = &transaction->incomingHeader;
char verified_filename[MAX_FILE_PATH+1]={0};
char reply_header[MAX_HTTP_REQUEST_HEADER_REPLY+1]={0};
if (verified_filename_pending_copy != 0)
{
strncpy(verified_filename,verified_filename_pending_copy,MAX_FILE_PATH);
}
/*! Start sending the header first..!
Due to error messages also having body payloads they are also handled here , creating
clutter in the code but this way there is no need to write the same thing twice..! !*/
/*! PRELIMINARY HEADER SENDING START ----------------------------------------------*/
unsigned int WeWantA200OK=0;
if (force_error_code!=0)
{
//We want to force a specific error_code!
if (! SendErrorCodeHeader(instance,clientsock,force_error_code,verified_filename,instance->templates_root) ) { fprintf(stderr,"Failed sending error code %u\n",force_error_code); return 0; }
} else
if (!FilenameStripperOk(verified_filename))
{
//Unsafe filename , bad request :P
if (! SendErrorCodeHeader(instance,clientsock,400,verified_filename,instance->templates_root) ) { fprintf(stderr,"Failed sending error code 400\n"); return 0; }
//verified_filename should now point to the template file for 400 messages
} else
{
//We have a legitimate file to send , if we want to send it all , we must emmit a 200 OK header
//if we are serving it with an offset , we must emmit a 206 OK header!
if ( (start_at_byte!=0) || (end_at_byte!=0) )
{
error("No checking on Range Provided is done , the underlying mechanisms are safe , but the header could potentially display wrong things ..");
error("We dont know the filesize yet so can't fix it here..");
//Range Accepted 206 OK header
if (! SendSuccessCodeHeader(instance,clientsock,206,verified_filename)) { fprintf(stderr,"Failed sending Range Acknowledged success code \n"); return 0; }
} else
{
//Normal 200 OK header
/*! TODO Reorganize this : THIS SHOULD NOT BE SENT YET , SINCE WE MAY WANT TO EMMIT A 304 Not Modified Header if content is unmodified..!*/
WeWantA200OK=1;
}
}
/*! PRELIMINARY HEADER SEND END ----------------------------------------------*/
struct cache_item * cache = (struct cache_item *) instance->cache;
int opres=0;
unsigned int index=0;
unsigned long cached_lSize=0;
unsigned char cached_buffer_is_compressed = compression_supported;
unsigned char free_cached_buffer_after_use=0;
unsigned char serveAsRegularFile=0;
char * cached_buffer = cache_GetResource(instance,request,resourceCacheID,verified_filename,MAX_FILE_PATH,&index,&cached_lSize,0,&cached_buffer_is_compressed,&free_cached_buffer_after_use,&serveAsRegularFile);
if (cached_buffer!=0) //If we have already a cached version of the file there is a change we might send a 304 Not Modified response
{
unsigned char ok_to_serve_not_modified = 1;
/*OK We have a cached buffer on this page BUT a good question to ask is the following..
Is it a regular file we are talking about , or a dynamic page ? */
if (cache[index].dynamicRequestCallbackFunction!=0)
{
/*It seems we have ourselves a dynamic page..! Are we on a callback cooldown ? */
/*The only built in way to serve a not modified response is if the request is too soon ( callback_every_x_msec callback cooldown ) ! */
struct AmmServer_RH_Context * shared_context = cache[index].dynamicRequest;
if ( shared_context->callback_cooldown ) { ok_to_serve_not_modified=1; } else // <- the dynamic page is still fresh.. so lets serve not modified..!
{ ok_to_serve_not_modified=0; } // <- the dynamic page has expired is dynamic so it can't be cached
} else
{
//It seems we have ourselves a regular page
//ok_to_serve_not_modified already should equal 1 so leave this here as documentation.. :P
}
//The application might want the file to always be served as a fresh one..
if ( cache[index].doNOTCacheRule ) { ok_to_serve_not_modified = 0; } /*We have written orders that we want this file to NEVER get cached.. EVER :P */
if (force_error_code!=0) { ok_to_serve_not_modified = 0; } /*We want 404 etc messages to remain 404 :P , no point in serving 404 and then 304 ( that the 404 didn't change )*/
if (ok_to_serve_not_modified)
{
//Check E-Tag here..!
unsigned int cache_etag = cache_GetHashOfResource(instance,index);
if ((request->eTag!=0)&&(cache_etag!=0))
{
char LocalETag[MAX_ETAG_SIZE]={0};
snprintf(LocalETag,MAX_ETAG_SIZE,"%u%u%lu%lu",instance->cacheVersionETag,cache_etag,start_at_byte,end_at_byte);
//fprintf(stderr,"E-Tag is `%s` , local hash is `%s` \n",request->eTag,LocalETag);
if ( strncmp(request->eTag,LocalETag,request->eTagLength)==0 )
{
fprintf(stderr,"The content matches our ETag , we will reply with 304 NOT MODIFIED! :) \n");
SendNotModifiedHeader(instance,clientsock);
//The Etag is mandatory on 304 messages..!
char ETagSendChunk[MAX_ETAG_SIZE+64]={0};
snprintf(ETagSendChunk,MAX_ETAG_SIZE+64,"ETag: \"%s\" \n",LocalETag);
if (!SendPart(instance,clientsock,ETagSendChunk,strlen(ETagSendChunk))) { fprintf(stderr,"Failed sending content length @ SendMemoryBlockAsFile ..!\n"); }
WeWantA200OK=0;
request->requestType=HEAD;
}
else
{
warning("eTag Mismatch\n"); // <- for now mismatches are probably bugs
}
}
}
}
unsigned int have_last_modified=0;
struct stat last_modified;
if ( WeWantA200OK )
{
if (! SendSuccessCodeHeader(instance,clientsock,200,verified_filename)) { fprintf(stderr,"Failed sending success code \n"); freeMallocIfNeeded(cached_buffer,free_cached_buffer_after_use); return 0; }
/* TODO : TEMPORARILY DISABLED LAST-MODIFIED :P
if (stat(verified_filename, &last_modified)) { fprintf(stderr,"Could not stat modification time for file %s\n",verified_filename); } else
{ have_last_modified=1; }*/
//TODO -> Check with last modified -> char * cached_buffer = CheckForCachedVersionOfThePage(request,verified_filename,&index,&cached_lSize,0,gzip_supported);
}
if (have_last_modified)
{
struct tm * ptm = gmtime ( &last_modified.st_mtime ); //This is not a particularly thread safe call , must add a mutex or something here..!
//Last-Modified: Sat, 29 May 2010 12:31:35 GMT
GetDateString(reply_header,MAX_HTTP_REQUEST_HEADER_REPLY,"Last-Modified",0,ptm->tm_wday,ptm->tm_mday,ptm->tm_mon,EPOCH_YEAR_IN_TM_YEAR+ptm->tm_year,ptm->tm_hour,ptm->tm_min,ptm->tm_sec);
opres=send(clientsock,reply_header,strlen(reply_header),MSG_WAITALL|MSG_NOSIGNAL); //Send filesize as soon as we've got it
if (opres<=0) { fprintf(stderr,"Error sending Last-Modified header \n"); freeMallocIfNeeded(cached_buffer,free_cached_buffer_after_use); return 0; }
}
//This used to also emmit --> Keep-Alive: timeout=5, max=100\n <--
/* RedBot says ( http://redbot.org/?uri=http%3A%2F%2Fammar.gr%3A8080%2F ) ..!
The Keep-Alive header is completely optional; it is defined primarily because the keep-alive connection token implies that such a header exists, not because anyone actually uses it.
Some implementations (e.g., Apache) do generate a Keep-Alive header to convey how many requests they're willing to serve on a single connection, what the connection timeout is and other information. However, this isn't usually used by clients.
It's safe to remove this header if you wish to save a few bytes in the response.*/
if (keepalive) { if (!SendPart(instance,clientsock,"Connection: keep-alive\n",strlen("Connection: keep-alive\n")) ) { /*TODO : HANDLE failure to send Connection: Keep-Alive */} } else
{ if (!SendPart(instance,clientsock,"Connection: close\n",strlen("Connection: close\n"))) { /*TODO : HANDLE failure to send Connection: Close */} }
if (request->requestType!=HEAD)
{
if ( (cached_buffer!=0) && //If we haven't got a buffer cached.. AND
( (!cache[index].doNOTCacheRule) /*If we dont forbid caching */ || ( (cache[index].doNOTCacheRule)&&(cache[index].dynamicRequestCallbackFunction!=0) ) /*Or we forbid caching but we are talking about a dynamic page*/)
) // its ok to serve a cached file..
{ /*!Serve cached file !*/
//if (gzip_supported) { strcat(reply_header,"Content-encoding: gzip\n"); } // Cache can serve gzipped files
//Last-Modified: Sat, 29 May 2010 12:31:35 GMT
//GetDateString(reply_header,"Date",1,0,0,0,0,0,0,0);
unsigned int cache_etag = cache_GetHashOfResource(instance,index);
if (cache_etag!=0)
{
snprintf(reply_header,MAX_HTTP_REQUEST_HEADER_REPLY,"ETag: \"%u%u%lu%lu\"\n", instance->cacheVersionETag,cache_etag,start_at_byte,end_at_byte);
opres=ASRV_Send(instance,clientsock,reply_header,strlen(reply_header),MSG_WAITALL|MSG_NOSIGNAL); //Send E-Tag as soon as we've got it
if (opres<=0) { fprintf(stderr,"Error sending ETag header \n"); freeMallocIfNeeded(cached_buffer,free_cached_buffer_after_use); return 0; }
}
if (cached_lSize==0) { warning("Bug(?) detected , zero cache payload\n"); }
if ( cached_buffer_is_compressed )
{
strncpy(reply_header,"Content-Encoding: deflate\n",MAX_HTTP_REQUEST_HEADER_REPLY);
opres=ASRV_Send(instance,clientsock,reply_header,strlen(reply_header),MSG_WAITALL|MSG_NOSIGNAL); //Send E-Tag as soon as we've got it
if (opres<=0) { fprintf(stderr,"Error sending Compression header \n"); freeMallocIfNeeded(cached_buffer,free_cached_buffer_after_use); return 0; }
}
//THIS ALSO EXISTS IN THE TransmitFileToSocket CODE
//Send Content Length , as a range , or as the whole file!
if ( (start_at_byte!=0) || (end_at_byte!=0) )
{
//error("Resource Content-Range response");
//Content-Range: bytes 1000-3979/3980
int endAtBytePrinted = end_at_byte;
if (endAtBytePrinted == 0 ) { endAtBytePrinted = cached_lSize; }
snprintf(reply_header,MAX_HTTP_REQUEST_HEADER_REPLY,"Content-Range: bytes %lu-%u/%lu\nContent-length: %lu\n\n",start_at_byte,endAtBytePrinted,cached_lSize,cached_lSize-start_at_byte);
} else
{
//error("Resource Plain Content-Length ");
//This is the last header part , so we are appending an extra \n to mark the end of the header
snprintf(reply_header,MAX_HTTP_REQUEST_HEADER_REPLY,"Content-length: %u\n\n",(unsigned int) cached_lSize);
}
opres=ASRV_Send(instance,clientsock,reply_header,strlen(reply_header),MSG_WAITALL|MSG_NOSIGNAL); //Send filesize as soon as we've got it
if (opres<=0) { fprintf(stderr,"Error sending cached header \n"); freeMallocIfNeeded(cached_buffer,free_cached_buffer_after_use); return 0; }
opres=ASRV_Send(instance,clientsock,cached_buffer,cached_lSize,MSG_WAITALL|MSG_NOSIGNAL); //Send file as soon as we've got it
freeMallocIfNeeded(cached_buffer,free_cached_buffer_after_use);
if (opres<=0) { fprintf(stderr,"Error sending cached body\n"); return 0; }
return 1;
}
else
{
/*!Serve file by reading it from disk !*/
if ((cached_buffer==0)&&(cached_lSize==1)) { /*TODO : Cache indicates that file doesn't exist */ } else
if ((cached_buffer==0)&&(cached_lSize==0)) { /*TODO : Cache indicates that file is not in cache :P */ }
if ( !TransmitFileToSocket(instance,clientsock,verified_filename,start_at_byte,end_at_byte) )
{
fprintf(stderr,"Could not transmit file %s \n",verified_filename);
return 0;
}
return 1;
}
//
} //we also want a body with that header END
else
{
//We only served a header so lets append the last new line char..!
send(clientsock,"\n",strlen("\n"),MSG_WAITALL|MSG_NOSIGNAL);
return 1; //This does not mean we failed..! 2016-04-03
}
return 0;
}
int ServeClientKeepAliveLoop(struct AmmServer_Instance * instance,struct HTTPTransaction * transaction)
{
//Remember the IP of this client..
getSocketIPAddress(instance,transaction->clientSock,transaction->ipStr,MAX_IP_STRING_SIZE,&transaction->port);
//We have our connection / instancing /etc covered if we are here
//In order to serve our client we must first receive the request header , so we do it now..!
int httpHeaderReceivedWithNoProblems = receiveAndHandleHTTPHeaderSentByClient(instance,transaction);
if (!httpHeaderReceivedWithNoProblems)
{
if (transaction->clientDisconnected)
{
warningID(ASV_WARNING_CONNECTION_CLOSED_WHILE_KEEPALIVE);
} else
{
/*We got a bad http request so we will rig it to make server emmit the 400 message*/
errorID(ASV_ERROR_FAILED_TO_RECEIVE_HEADER);
SendErrorFile(instance,transaction,400);
logError(instance,transaction,400,"400.html");
}
return 0;
}
else
if (!clientList_isClientAllowedToUseResource(instance->clientList,transaction->clientListID,transaction->incomingHeader.resource))
{
//Client is forbidden but he is not IP banned to use resource ( already opened too many connections or w/e other reason )
//Doesnt have access to the specific file , etc..!
warningID(ASV_WARNING_CLIENT_DENIED_ACCESS);
SendErrorCodeHeader(instance,transaction,403 ,"403.html",instance->templates_root);
logError(instance,transaction,403,"403.html");
return 0;
} else
if ((instance->settings.PASSWORD_PROTECTION)&&(!transaction->incomingHeader.authorized))
{
errorID(ASV_ERROR_UNAUTHORIZED_REQUEST);
respondToClientRequestingAuthorization(instance,transaction);
return 0;
}
else
{ // Not a Bad request Start
//This is a hack and should be probably be changed..!
if ( ( transaction->incomingHeader.requestType==POST ) && (instance->settings.ENABLE_POST) && (MASTER_ENABLE_POST) )
{
fprintf(stderr,GREEN "POST HEADER : %lu length \n %s \n" NORMAL,transaction->incomingHeader.ContentLength,transaction->incomingHeader.headerRAW);
//TODO ADD Here a possibly rfc1867 , HTTP POST FILE compatible (multipart/form-data) recv handler..
//TODO TODO TODO
fprintf(stderr,"Found a POST query %lu bytes long , %s \n",transaction->incomingHeader.POSTrequestSize, transaction->incomingHeader.POSTrequest);
warningID(ASV_WARNING_PRETENDING_IT_IS_A_GET_REQUEST);
//Will now pretend that we are a GET request for the rest of the page to be served nicely
transaction->incomingHeader.requestType=GET;
}
if (
(transaction->incomingHeader.requestType==GET) ||
(transaction->incomingHeader.requestType==HEAD) ||
(transaction->incomingHeader.requestType==POST)
)
{
char servefile[(MAX_FILE_PATH*2)+1]={0}; // Since we are strcat-ing the file on top of the webserver_root it is only logical to
// reserve space for two MAX_FILE_PATHS they are a software security limitation ( system max_path is much larger ) so its not a problem anywhere..!
int resource_is_a_directory=0,resource_is_a_file=0,resource_is_a_template=0,generate_directory_list=0;
/*!
PART 1 : Sense what we want to serve , and set the flags
resource_is_a_directory , resource_is_a_file , generate_directory_list
accordingly..!
*/
decideAboutHowToHandleRequestedResource
(
instance,
transaction,
servefile,
&resource_is_a_directory,
&resource_is_a_file ,
&resource_is_a_template ,
&generate_directory_list
);
/*!
PART 2 : The flags
resource_is_a_directory , resource_is_a_file , generate_directory_list
have been set to the correct ( :P ) value so all we have to do now is serve the correct repsonse..!
*/
if (resource_is_a_template)
{
//We have a specific request for a file ( transaction->incomingHeader.resource )
fprintf(stderr,"It is a template request for %s ..!\n",servefile);
// ------------------------------------------------------
// ------------------------------------------------------
// ------------------------------------------------------
if (
SendEmbeddedFile
(
instance,
transaction,
servefile // -- Log What was asked to be served
)
)
{
logSuccess(instance,transaction,200,servefile);
}
else
{
//We where unable to serve request , closing connections..\n
errorID(ASV_ERROR_UNABLE_TO_SERVE_TEMPLATE);
return 0;
}
// ------------------------------------------------------
// ------------------------------------------------------
// ------------------------------------------------------
}
else
if (generate_directory_list)
{
respondToClientBySendingAGeneratedDirectoryList(instance,transaction,servefile);
return 0;
}
else
if (resource_is_a_file)
{
//We have a specific request for a file ( transaction->incomingHeader.resource )
//fprintf(stderr,"It is a file request for %s ..!\n",servefile);
// ------------------------------------------------------
// ------------------------------------------------------
// ------------------------------------------------------
if (
SendFile
(
instance,
transaction,
servefile, // -- Log What was asked to be served
0 // <- We dont want to force an error code!
)
)
{
logSuccess(instance,transaction,200,servefile);
}
else
{
//We where unable to serve request , closing connections..\n
errorID(ASV_ERROR_UNABLE_TO_SERVE_REQUEST);
return 0;
}
// ------------------------------------------------------
// ------------------------------------------------------
// ------------------------------------------------------
}
else
{
fprintf(stderr,"404 not found..!!\n");
SendErrorFile(instance,transaction,404);
logError(instance,transaction,404,servefile);
return 0;
}
} else
if (transaction->incomingHeader.requestType==BAD)
{ //In case some of the security features of the server sensed a BAD! request we should log it..
warningID(ASV_WARNING_PREDATORY_REQUST);
//TODO : call -> int ErrorLogAppend(char * IP,char * DateStr,char * Request,unsigned int ResponseCode,unsigned long ResponseLength,char * Location,char * Useragent)
SendErrorFile(instance,transaction,400);
logError(instance,transaction,400,"400.html");
return 0;
} else
if (transaction->incomingHeader.requestType==NONE)
{ //We couldnt find a request type so it is a weird input that doesn't seem to be HTTP based
warningID(ASV_WARNING_UNRECOGNIZED_REQUEST);
SendErrorFile(instance,transaction,400);
logError(instance,transaction,400,"400.html");
return 0;
} else
{ //The request we got requires not implemented functionality , so we will admit not implementing it..! :P
warningID(ASV_WARNING_NOTIMPLEMENTED_REQUEST);
SendErrorFile(instance,transaction,501);
logError(instance,transaction,501,"501.html");
return 0;
}
} // Not a Bad request END
clientList_signalClientStoppedUsingResource(instance->clientList,transaction->clientListID,transaction->incomingHeader.resource); // This in order for client_list to correctly track client behaviour..!
if ( transaction->incomingHeader.headerRAW!=0 )
{
safeFree(transaction->incomingHeader.headerRAW,transaction->incomingHeader.headerRAWSize);
transaction->incomingHeader.headerRAW=0;
}
//We are done with request!
if (!transaction->incomingHeader.keepalive) { return 0; } // Close_connection controls the receive "keep-alive" loop
//If we are on a keepalive streak , then go on !
return 1;
}