static int cache_call_lua(server *srv, connection *con, plugin_data *p, buffer *cml_file) {
buffer *b;
char *c;
/* cleanup basedir */
b = p->baseurl;
buffer_copy_buffer(b, con->uri.path);
for (c = b->ptr + buffer_string_length(b); c > b->ptr && *c != '/'; c--);
if (*c == '/') {
buffer_string_set_length(b, c - b->ptr + 1);
}
b = p->basedir;
buffer_copy_buffer(b, con->physical.path);
for (c = b->ptr + buffer_string_length(b); c > b->ptr && *c != '/'; c--);
if (*c == '/') {
buffer_string_set_length(b, c - b->ptr + 1);
}
/* prepare variables
* - cookie-based
* - get-param-based
*/
return cache_parse_lua(srv, con, p, cml_file);
}
void buffer_copy_string_hex(buffer *b, const char *in, size_t in_len) {
/* overflow protection */
force_assert(in_len * 2 > in_len);
buffer_string_set_length(b, 2 * in_len);
li_tohex(b->ptr, in, in_len);
}
static int http_chunk_append_to_tempfile(server *srv, connection *con, const char * mem, size_t len) {
chunkqueue * const cq = con->write_queue;
if (con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) {
/*http_chunk_append_len(srv, con, len);*/
buffer *b = srv->tmp_chunk_len;
buffer_string_set_length(b, 0);
buffer_append_uint_hex(b, len);
buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
if (0 != chunkqueue_append_mem_to_tempfile(srv, cq, CONST_BUF_LEN(b))) {
return -1;
}
}
if (0 != chunkqueue_append_mem_to_tempfile(srv, cq, mem, len)) {
return -1;
}
if (con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) {
if (0 != chunkqueue_append_mem_to_tempfile(srv, cq, CONST_STR_LEN("\r\n"))) {
return -1;
}
}
return 0;
}
static void http_chunk_append_len(server *srv, connection *con, uintmax_t len) {
buffer *b;
force_assert(NULL != srv);
b = srv->tmp_chunk_len;
buffer_string_set_length(b, 0);
buffer_append_uint_hex(b, len);
buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
chunkqueue_append_buffer(con->write_queue, b);
}
int log_error_write_multiline_buffer(server *srv, const char *filename, unsigned int line, buffer *multiline, const char *fmt, ...) {
va_list ap;
size_t prefix_len;
buffer *b = srv->errorlog_buf;
char *pos, *end, *current_line;
if (buffer_string_is_empty(multiline)) return 0;
if (-1 == log_buffer_prepare(b, srv, filename, line)) return 0;
va_start(ap, fmt);
log_buffer_append_printf(b, fmt, ap);
va_end(ap);
prefix_len = buffer_string_length(b);
current_line = pos = multiline->ptr;
end = multiline->ptr + buffer_string_length(multiline);
for ( ; pos <= end ; ++pos) {
switch (*pos) {
case '\n':
case '\r':
case '\0': /* handles end of string */
if (current_line < pos) {
/* truncate to prefix */
buffer_string_set_length(b, prefix_len);
buffer_append_string_len(b, current_line, pos - current_line);
log_write(srv, b);
}
current_line = pos + 1;
break;
default:
break;
}
}
return 0;
}
static int cgi_demux_response(server *srv, handler_ctx *hctx) {
plugin_data *p = hctx->plugin_data;
connection *con = hctx->remote_conn;
while(1) {
int n;
int toread;
#if defined(__WIN32)
buffer_string_prepare_copy(hctx->response, 4 * 1024);
#else
if (ioctl(con->fd, FIONREAD, &toread) || toread <= 4*1024) {
buffer_string_prepare_copy(hctx->response, 4 * 1024);
} else {
if (toread > MAX_READ_LIMIT) toread = MAX_READ_LIMIT;
buffer_string_prepare_copy(hctx->response, toread);
}
#endif
if (-1 == (n = read(hctx->fd, hctx->response->ptr, hctx->response->size - 1))) {
if (errno == EAGAIN || errno == EINTR) {
/* would block, wait for signal */
fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
return FDEVENT_HANDLED_NOT_FINISHED;
}
/* error */
log_error_write(srv, __FILE__, __LINE__, "sdd", strerror(errno), con->fd, hctx->fd);
return FDEVENT_HANDLED_ERROR;
}
if (n == 0) {
/* read finished */
return FDEVENT_HANDLED_FINISHED;
}
buffer_commit(hctx->response, n);
/* split header from body */
if (con->file_started == 0) {
int is_header = 0;
int is_header_end = 0;
size_t last_eol = 0;
size_t i, header_len;
buffer_append_string_buffer(hctx->response_header, hctx->response);
/**
* we have to handle a few cases:
*
* nph:
*
* HTTP/1.0 200 Ok\n
* Header: Value\n
* \n
*
* CGI:
* Header: Value\n
* Status: 200\n
* \n
*
* and different mixes of \n and \r\n combinations
*
* Some users also forget about CGI and just send a response and hope
* we handle it. No headers, no header-content seperator
*
*/
/* nph (non-parsed headers) */
if (0 == strncmp(hctx->response_header->ptr, "HTTP/1.", 7)) is_header = 1;
header_len = buffer_string_length(hctx->response_header);
for (i = 0; !is_header_end && i < header_len; i++) {
char c = hctx->response_header->ptr[i];
switch (c) {
case ':':
/* we found a colon
*
* looks like we have a normal header
*/
is_header = 1;
break;
case '\n':
/* EOL */
if (is_header == 0) {
/* we got a EOL but we don't seem to got a HTTP header */
is_header_end = 1;
break;
}
/**
* check if we saw a \n(\r)?\n sequence
*/
if (last_eol > 0 &&
((i - last_eol == 1) ||
(i - last_eol == 2 && hctx->response_header->ptr[i - 1] == '\r'))) {
is_header_end = 1;
break;
}
last_eol = i;
break;
}
}
if (is_header_end) {
if (!is_header) {
/* no header, but a body */
if (0 != http_chunk_append_buffer(srv, con, hctx->response_header)) {
return FDEVENT_HANDLED_ERROR;
}
} else {
const char *bstart;
size_t blen;
/* the body starts after the EOL */
bstart = hctx->response_header->ptr + i;
blen = header_len - i;
/**
* i still points to the char after the terminating EOL EOL
*
* put it on the last \n again
*/
i--;
/* string the last \r?\n */
if (i > 0 && (hctx->response_header->ptr[i - 1] == '\r')) {
i--;
}
buffer_string_set_length(hctx->response_header, i);
/* parse the response header */
cgi_response_parse(srv, con, p, hctx->response_header);
if (con->http_status >= 300 && con->http_status < 400) {
/*(con->parsed_response & HTTP_LOCATION)*/
data_string *ds;
if (NULL != (ds = (data_string *) array_get_element(con->response.headers, "Location"))
&& ds->value->ptr[0] == '/') {
if (++con->loops_per_request > 5) {
log_error_write(srv, __FILE__, __LINE__, "sb", "too many internal loops while processing request:", con->request.orig_uri);
con->http_status = 500; /* Internal Server Error */
con->mode = DIRECT;
return FDEVENT_HANDLED_FINISHED;
}
buffer_copy_buffer(con->request.uri, ds->value);
if (con->request.content_length) {
if (con->request.content_length != con->request_content_queue->bytes_in) {
con->keep_alive = 0;
}
con->request.content_length = 0;
chunkqueue_reset(con->request_content_queue);
}
if (con->http_status != 307 && con->http_status != 308) {
/* Note: request body (if any) sent to initial dynamic handler
* and is not available to the internal redirect */
con->request.http_method = HTTP_METHOD_GET;
}
connection_response_reset(srv, con); /*(includes con->http_status = 0)*/
con->mode = DIRECT;
return FDEVENT_HANDLED_COMEBACK;
}
}
if (hctx->conf.xsendfile_allow) {
data_string *ds;
if (NULL != (ds = (data_string *) array_get_element(con->response.headers, "X-Sendfile"))) {
http_response_xsendfile(srv, con, ds->value, hctx->conf.xsendfile_docroot);
return FDEVENT_HANDLED_FINISHED;
}
}
if (blen > 0) {
if (0 != http_chunk_append_mem(srv, con, bstart, blen)) {
return FDEVENT_HANDLED_ERROR;
}
}
}
con->file_started = 1;
} else {
/*(reuse MAX_HTTP_REQUEST_HEADER as max size for response headers from backends)*/
if (header_len > MAX_HTTP_REQUEST_HEADER) {
log_error_write(srv, __FILE__, __LINE__, "sb", "response headers too large for", con->uri.path);
con->http_status = 502; /* Bad Gateway */
con->mode = DIRECT;
return FDEVENT_HANDLED_FINISHED;
}
}
} else {
if (0 != http_chunk_append_buffer(srv, con, hctx->response)) {
return FDEVENT_HANDLED_ERROR;
}
if ((con->conf.stream_response_body & FDEVENT_STREAM_RESPONSE_BUFMIN)
&& chunkqueue_length(con->write_queue) > 65536 - 4096) {
if (!con->is_writable) {
/*(defer removal of FDEVENT_IN interest since
* connection_state_machine() might be able to send data
* immediately, unless !con->is_writable, where
* connection_state_machine() might not loop back to call
* mod_cgi_handle_subrequest())*/
fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
}
break;
}
}
#if 0
log_error_write(srv, __FILE__, __LINE__, "ddss", con->fd, hctx->fd, connection_get_state(con->state), b->ptr);
#endif
}
return FDEVENT_HANDLED_NOT_FINISHED;
}
handler_t stat_cache_get_entry(server *srv, connection *con, buffer *name, stat_cache_entry **ret_sce) {
#ifdef HAVE_FAM_H
fam_dir_entry *fam_dir = NULL;
int dir_ndx = -1;
splay_tree *dir_node = NULL;
#endif
stat_cache_entry *sce = NULL;
stat_cache *sc;
struct stat st;
size_t k;
int fd;
struct stat lst;
#ifdef DEBUG_STAT_CACHE
size_t i;
#endif
int file_ndx;
splay_tree *file_node = NULL;
*ret_sce = NULL;
/*
* check if the directory for this file has changed
*/
sc = srv->stat_cache;
buffer_copy_buffer(sc->hash_key, name);
buffer_append_int(sc->hash_key, con->conf.follow_symlink);
file_ndx = hashme(sc->hash_key);
sc->files = splaytree_splay(sc->files, file_ndx);
#ifdef DEBUG_STAT_CACHE
for (i = 0; i < ctrl.used; i++) {
if (ctrl.ptr[i] == file_ndx) break;
}
#endif
if (sc->files && (sc->files->key == file_ndx)) {
#ifdef DEBUG_STAT_CACHE
/* it was in the cache */
force_assert(i < ctrl.used);
#endif
/* we have seen this file already and
* don't stat() it again in the same second */
file_node = sc->files;
sce = file_node->data;
/* check if the name is the same, we might have a collision */
if (buffer_is_equal(name, sce->name)) {
if (srv->srvconf.stat_cache_engine == STAT_CACHE_ENGINE_SIMPLE) {
if (sce->stat_ts == srv->cur_ts) {
*ret_sce = sce;
return HANDLER_GO_ON;
}
}
} else {
/* oops, a collision,
*
* file_node is used by the FAM check below to see if we know this file
* and if we can save a stat().
*
* BUT, the sce is not reset here as the entry into the cache is ok, we
* it is just not pointing to our requested file.
*
* */
file_node = NULL;
}
} else {
#ifdef DEBUG_STAT_CACHE
if (i != ctrl.used) {
log_error_write(srv, __FILE__, __LINE__, "xSB",
file_ndx, "was already inserted but not found in cache, ", name);
}
force_assert(i == ctrl.used);
#endif
}
#ifdef HAVE_FAM_H
/* dir-check */
if (srv->srvconf.stat_cache_engine == STAT_CACHE_ENGINE_FAM) {
if (0 != buffer_copy_dirname(sc->dir_name, name)) {
log_error_write(srv, __FILE__, __LINE__, "sb",
"no '/' found in filename:", name);
return HANDLER_ERROR;
}
buffer_copy_buffer(sc->hash_key, sc->dir_name);
buffer_append_int(sc->hash_key, con->conf.follow_symlink);
dir_ndx = hashme(sc->hash_key);
sc->dirs = splaytree_splay(sc->dirs, dir_ndx);
if (sc->dirs && (sc->dirs->key == dir_ndx)) {
dir_node = sc->dirs;
}
if (dir_node && file_node) {
/* we found a file */
sce = file_node->data;
fam_dir = dir_node->data;
if (fam_dir->version == sce->dir_version) {
/* the stat()-cache entry is still ok */
*ret_sce = sce;
return HANDLER_GO_ON;
}
}
}
#endif
/*
* *lol*
* - open() + fstat() on a named-pipe results in a (intended) hang.
* - stat() if regular file + open() to see if we can read from it is better
*
* */
if (-1 == stat(name->ptr, &st)) {
return HANDLER_ERROR;
}
if (S_ISREG(st.st_mode)) {
/* fix broken stat/open for symlinks to reg files with appended slash on freebsd,osx */
if (name->ptr[buffer_string_length(name) - 1] == '/') {
errno = ENOTDIR;
return HANDLER_ERROR;
}
/* try to open the file to check if we can read it */
if (-1 == (fd = open(name->ptr, O_RDONLY))) {
return HANDLER_ERROR;
}
close(fd);
}
if (NULL == sce) {
#ifdef DEBUG_STAT_CACHE
int osize = splaytree_size(sc->files);
#endif
sce = stat_cache_entry_init();
buffer_copy_buffer(sce->name, name);
sc->files = splaytree_insert(sc->files, file_ndx, sce);
#ifdef DEBUG_STAT_CACHE
if (ctrl.size == 0) {
ctrl.size = 16;
ctrl.used = 0;
ctrl.ptr = malloc(ctrl.size * sizeof(*ctrl.ptr));
} else if (ctrl.size == ctrl.used) {
ctrl.size += 16;
ctrl.ptr = realloc(ctrl.ptr, ctrl.size * sizeof(*ctrl.ptr));
}
ctrl.ptr[ctrl.used++] = file_ndx;
force_assert(sc->files);
force_assert(sc->files->data == sce);
force_assert(osize + 1 == splaytree_size(sc->files));
#endif
}
sce->st = st;
sce->stat_ts = srv->cur_ts;
/* catch the obvious symlinks
*
* this is not a secure check as we still have a race-condition between
* the stat() and the open. We can only solve this by
* 1. open() the file
* 2. fstat() the fd
*
* and keeping the file open for the rest of the time. But this can
* only be done at network level.
*
* per default it is not a symlink
* */
#ifdef HAVE_LSTAT
sce->is_symlink = 0;
/* we want to only check for symlinks if we should block symlinks.
*/
if (!con->conf.follow_symlink) {
if (stat_cache_lstat(srv, name, &lst) == 0) {
#ifdef DEBUG_STAT_CACHE
log_error_write(srv, __FILE__, __LINE__, "sb",
"found symlink", name);
#endif
sce->is_symlink = 1;
}
/*
* we assume "/" can not be symlink, so
* skip the symlink stuff if our path is /
**/
else if (buffer_string_length(name) > 1) {
buffer *dname;
char *s_cur;
dname = buffer_init();
buffer_copy_buffer(dname, name);
while ((s_cur = strrchr(dname->ptr, '/'))) {
buffer_string_set_length(dname, s_cur - dname->ptr);
if (dname->ptr == s_cur) {
#ifdef DEBUG_STAT_CACHE
log_error_write(srv, __FILE__, __LINE__, "s", "reached /");
#endif
break;
}
#ifdef DEBUG_STAT_CACHE
log_error_write(srv, __FILE__, __LINE__, "sbs",
"checking if", dname, "is a symlink");
#endif
if (stat_cache_lstat(srv, dname, &lst) == 0) {
sce->is_symlink = 1;
#ifdef DEBUG_STAT_CACHE
log_error_write(srv, __FILE__, __LINE__, "sb",
"found symlink", dname);
#endif
break;
};
};
buffer_free(dname);
};
};
#endif
if (S_ISREG(st.st_mode)) {
/* determine mimetype */
buffer_reset(sce->content_type);
#if defined(HAVE_XATTR) || defined(HAVE_EXTATTR)
if (con->conf.use_xattr) {
stat_cache_attr_get(sce->content_type, name->ptr);
}
#endif
/* xattr did not set a content-type. ask the config */
if (buffer_string_is_empty(sce->content_type)) {
size_t namelen = buffer_string_length(name);
for (k = 0; k < con->conf.mimetypes->used; k++) {
data_string *ds = (data_string *)con->conf.mimetypes->data[k];
buffer *type = ds->key;
size_t typelen = buffer_string_length(type);
if (buffer_is_empty(type)) continue;
/* check if the right side is the same */
if (typelen > namelen) continue;
if (0 == strncasecmp(name->ptr + namelen - typelen, type->ptr, typelen)) {
buffer_copy_buffer(sce->content_type, ds->value);
break;
}
}
}
etag_create(sce->etag, &(sce->st), con->etag_flags);
} else if (S_ISDIR(st.st_mode)) {
etag_create(sce->etag, &(sce->st), con->etag_flags);
}
#ifdef HAVE_FAM_H
if (srv->srvconf.stat_cache_engine == STAT_CACHE_ENGINE_FAM) {
/* is this directory already registered ? */
if (!dir_node) {
fam_dir = fam_dir_entry_init();
buffer_copy_buffer(fam_dir->name, sc->dir_name);
fam_dir->version = 1;
fam_dir->req = calloc(1, sizeof(FAMRequest));
if (0 != FAMMonitorDirectory(&sc->fam, fam_dir->name->ptr,
fam_dir->req, fam_dir)) {
log_error_write(srv, __FILE__, __LINE__, "sbsbs",
"monitoring dir failed:",
fam_dir->name,
"file:", name,
FamErrlist[FAMErrno]);
fam_dir_entry_free(&sc->fam, fam_dir);
fam_dir = NULL;
} else {
int osize = 0;
if (sc->dirs) {
osize = sc->dirs->size;
}
sc->dirs = splaytree_insert(sc->dirs, dir_ndx, fam_dir);
force_assert(sc->dirs);
force_assert(sc->dirs->data == fam_dir);
force_assert(osize == (sc->dirs->size - 1));
}
} else {
fam_dir = dir_node->data;
}
/* bind the fam_fc to the stat() cache entry */
if (fam_dir) {
sce->dir_version = fam_dir->version;
}
}
#endif
*ret_sce = sce;
return HANDLER_GO_ON;
}
static int connection_handle_write_prepare(server *srv, connection *con) {
if (con->mode == DIRECT) {
/* static files */
switch(con->request.http_method) {
case HTTP_METHOD_GET:
case HTTP_METHOD_POST:
case HTTP_METHOD_HEAD:
break;
case HTTP_METHOD_OPTIONS:
/*
* 400 is coming from the request-parser BEFORE uri.path is set
* 403 is from the response handler when noone else catched it
*
* */
if ((!con->http_status || con->http_status == 200) && !buffer_string_is_empty(con->uri.path) &&
con->uri.path->ptr[0] != '*') {
response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("OPTIONS, GET, HEAD, POST"));
con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
con->parsed_response &= ~HTTP_CONTENT_LENGTH;
con->http_status = 200;
con->file_finished = 1;
chunkqueue_reset(con->write_queue);
}
break;
default:
if (0 == con->http_status) {
con->http_status = 501;
}
break;
}
}
if (con->http_status == 0) {
con->http_status = 403;
}
switch(con->http_status) {
case 204: /* class: header only */
case 205:
case 304:
/* disable chunked encoding again as we have no body */
con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
con->parsed_response &= ~HTTP_CONTENT_LENGTH;
chunkqueue_reset(con->write_queue);
con->file_finished = 1;
break;
default: /* class: header + body */
if (con->mode != DIRECT) break;
/* only custom body for 4xx and 5xx */
if (con->http_status < 400 || con->http_status >= 600) break;
con->file_finished = 0;
connection_handle_errdoc_init(srv, con);
/* try to send static errorfile */
if (!buffer_string_is_empty(con->conf.errorfile_prefix)) {
stat_cache_entry *sce = NULL;
buffer_copy_buffer(con->physical.path, con->conf.errorfile_prefix);
buffer_append_int(con->physical.path, con->http_status);
buffer_append_string_len(con->physical.path, CONST_STR_LEN(".html"));
if (0 == http_chunk_append_file(srv, con, con->physical.path)) {
con->file_finished = 1;
if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type));
}
}
}
if (!con->file_finished) {
buffer *b;
buffer_reset(con->physical.path);
con->file_finished = 1;
b = buffer_init();
/* build default error-page */
buffer_copy_string_len(b, CONST_STR_LEN(
"<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n"
"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n"
" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"
"<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n"
" <head>\n"
" <title>"));
buffer_append_int(b, con->http_status);
buffer_append_string_len(b, CONST_STR_LEN(" - "));
buffer_append_string(b, get_http_status_name(con->http_status));
buffer_append_string_len(b, CONST_STR_LEN(
"</title>\n"
" </head>\n"
" <body>\n"
" <h1>"));
buffer_append_int(b, con->http_status);
buffer_append_string_len(b, CONST_STR_LEN(" - "));
buffer_append_string(b, get_http_status_name(con->http_status));
buffer_append_string_len(b, CONST_STR_LEN("</h1>\n"
" </body>\n"
"</html>\n"
));
(void)http_chunk_append_buffer(srv, con, b);
buffer_free(b);
response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
}
break;
}
/* Allow filter plugins to change response headers before they are written. */
switch(plugins_call_handle_response_start(srv, con)) {
case HANDLER_GO_ON:
case HANDLER_FINISHED:
break;
default:
log_error_write(srv, __FILE__, __LINE__, "s", "response_start plugin failed");
return -1;
}
if (con->file_finished) {
/* we have all the content and chunked encoding is not used, set a content-length */
if ((!(con->parsed_response & HTTP_CONTENT_LENGTH)) &&
(con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) == 0) {
off_t qlen = chunkqueue_length(con->write_queue);
/**
* The Content-Length header only can be sent if we have content:
* - HEAD doesn't have a content-body (but have a content-length)
* - 1xx, 204 and 304 don't have a content-body (RFC 2616 Section 4.3)
*
* Otherwise generate a Content-Length header as chunked encoding is not
* available
*/
if ((con->http_status >= 100 && con->http_status < 200) ||
con->http_status == 204 ||
con->http_status == 304) {
data_string *ds;
/* no Content-Body, no Content-Length */
if (NULL != (ds = (data_string*) array_get_element(con->response.headers, "Content-Length"))) {
buffer_reset(ds->value); /* Headers with empty values are ignored for output */
}
} else if (qlen > 0 || con->request.http_method != HTTP_METHOD_HEAD) {
/* qlen = 0 is important for Redirects (301, ...) as they MAY have
* a content. Browsers are waiting for a Content otherwise
*/
buffer_copy_int(srv->tmp_buf, qlen);
response_header_overwrite(srv, con, CONST_STR_LEN("Content-Length"), CONST_BUF_LEN(srv->tmp_buf));
}
}
} else {
/**
* the file isn't finished yet, but we have all headers
*
* to get keep-alive we either need:
* - Content-Length: ... (HTTP/1.0 and HTTP/1.0) or
* - Transfer-Encoding: chunked (HTTP/1.1)
*/
if (((con->parsed_response & HTTP_CONTENT_LENGTH) == 0) &&
((con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) == 0)) {
if (con->request.http_version == HTTP_VERSION_1_1) {
off_t qlen = chunkqueue_length(con->write_queue);
con->response.transfer_encoding = HTTP_TRANSFER_ENCODING_CHUNKED;
if (qlen) {
/* create initial Transfer-Encoding: chunked segment */
buffer *b = srv->tmp_chunk_len;
buffer_string_set_length(b, 0);
buffer_append_uint_hex(b, (uintmax_t)qlen);
buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
chunkqueue_prepend_buffer(con->write_queue, b);
chunkqueue_append_mem(con->write_queue, CONST_STR_LEN("\r\n"));
}
} else {
con->keep_alive = 0;
}
}
/**
* if the backend sent a Connection: close, follow the wish
*
* NOTE: if the backend sent Connection: Keep-Alive, but no Content-Length, we
* will close the connection. That's fine. We can always decide the close
* the connection
*
* FIXME: to be nice we should remove the Connection: ...
*/
if (con->parsed_response & HTTP_CONNECTION) {
/* a subrequest disable keep-alive although the client wanted it */
if (con->keep_alive && !con->response.keep_alive) {
con->keep_alive = 0;
}
}
}
if (con->request.http_method == HTTP_METHOD_HEAD) {
/**
* a HEAD request has the same as a GET
* without the content
*/
con->file_finished = 1;
chunkqueue_reset(con->write_queue);
con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
}
http_response_write_header(srv, con);
return 0;
}
handler_t http_response_prepare(server *srv, connection *con) {
handler_t r;
/* looks like someone has already done a decision */
if (con->mode == DIRECT &&
(con->http_status != 0 && con->http_status != 200)) {
/* remove a packets in the queue */
if (con->file_finished == 0) {
chunkqueue_reset(con->write_queue);
}
return HANDLER_FINISHED;
}
/* no decision yet, build conf->filename */
if (con->mode == DIRECT && buffer_is_empty(con->physical.path)) {
char *qstr;
/* we only come here when we have the parse the full request again
*
* a HANDLER_COMEBACK from mod_rewrite and mod_fastcgi might be a
* problem here as mod_setenv might get called multiple times
*
* fastcgi-auth might lead to a COMEBACK too
* fastcgi again dead server too
*
* mod_compress might add headers twice too
*
* */
config_cond_cache_reset(srv, con);
config_setup_connection(srv, con); /* Perhaps this could be removed at other places. */
if (con->conf.log_condition_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "run condition");
}
config_patch_connection(srv, con, COMP_SERVER_SOCKET); /* SERVERsocket */
/**
* prepare strings
*
* - uri.path_raw
* - uri.path (secure)
* - uri.query
*
*/
/**
* Name according to RFC 2396
*
* - scheme
* - authority
* - path
* - query
*
* (scheme)://(authority)(path)?(query)#fragment
*
*
*/
/* initial scheme value. can be overwritten for example by mod_extforward later */
if (con->srv_socket->is_ssl) {
buffer_copy_string_len(con->uri.scheme, CONST_STR_LEN("https"));
} else {
buffer_copy_string_len(con->uri.scheme, CONST_STR_LEN("http"));
}
buffer_copy_buffer(con->uri.authority, con->request.http_host);
buffer_to_lower(con->uri.authority);
config_patch_connection(srv, con, COMP_HTTP_SCHEME); /* Scheme: */
config_patch_connection(srv, con, COMP_HTTP_HOST); /* Host: */
config_patch_connection(srv, con, COMP_HTTP_REMOTE_IP); /* Client-IP */
config_patch_connection(srv, con, COMP_HTTP_REFERER); /* Referer: */
config_patch_connection(srv, con, COMP_HTTP_USER_AGENT);/* User-Agent: */
config_patch_connection(srv, con, COMP_HTTP_LANGUAGE); /* Accept-Language: */
config_patch_connection(srv, con, COMP_HTTP_COOKIE); /* Cookie: */
config_patch_connection(srv, con, COMP_HTTP_REQUEST_METHOD); /* REQUEST_METHOD */
/** their might be a fragment which has to be cut away */
if (NULL != (qstr = strchr(con->request.uri->ptr, '#'))) {
buffer_string_set_length(con->request.uri, qstr - con->request.uri->ptr);
}
/** extract query string from request.uri */
if (NULL != (qstr = strchr(con->request.uri->ptr, '?'))) {
buffer_copy_string (con->uri.query, qstr + 1);
buffer_copy_string_len(con->uri.path_raw, con->request.uri->ptr, qstr - con->request.uri->ptr);
} else {
buffer_reset (con->uri.query);
buffer_copy_buffer(con->uri.path_raw, con->request.uri);
}
/* decode url to path
*
* - decode url-encodings (e.g. %20 -> ' ')
* - remove path-modifiers (e.g. /../)
*/
if (con->request.http_method == HTTP_METHOD_OPTIONS &&
con->uri.path_raw->ptr[0] == '*' && con->uri.path_raw->ptr[1] == '\0') {
/* OPTIONS * ... */
buffer_copy_buffer(con->uri.path, con->uri.path_raw);
} else {
buffer_copy_buffer(srv->tmp_buf, con->uri.path_raw);
buffer_urldecode_path(srv->tmp_buf);
buffer_path_simplify(con->uri.path, srv->tmp_buf);
}
config_patch_connection(srv, con, COMP_HTTP_URL); /* HTTPurl */
config_patch_connection(srv, con, COMP_HTTP_QUERY_STRING); /* HTTPqs */
#ifdef USE_OPENSSL
if (con->srv_socket->is_ssl && con->conf.ssl_verifyclient) {
https_add_ssl_entries(con);
}
#endif
/* do we have to downgrade to 1.0 ? */
if (!con->conf.allow_http11) {
con->request.http_version = HTTP_VERSION_1_0;
}
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- splitting Request-URI");
log_error_write(srv, __FILE__, __LINE__, "sb", "Request-URI : ", con->request.uri);
log_error_write(srv, __FILE__, __LINE__, "sb", "URI-scheme : ", con->uri.scheme);
log_error_write(srv, __FILE__, __LINE__, "sb", "URI-authority : ", con->uri.authority);
log_error_write(srv, __FILE__, __LINE__, "sb", "URI-path (raw) : ", con->uri.path_raw);
log_error_write(srv, __FILE__, __LINE__, "sb", "URI-path (clean): ", con->uri.path);
log_error_write(srv, __FILE__, __LINE__, "sb", "URI-query : ", con->uri.query);
}
/**
*
* call plugins
*
* - based on the raw URL
*
*/
switch(r = plugins_call_handle_uri_raw(srv, con)) {
case HANDLER_GO_ON:
break;
case HANDLER_FINISHED:
case HANDLER_COMEBACK:
case HANDLER_WAIT_FOR_EVENT:
case HANDLER_ERROR:
return r;
default:
log_error_write(srv, __FILE__, __LINE__, "sd", "handle_uri_raw: unknown return value", r);
break;
}
/**
*
* call plugins
*
* - based on the clean URL
*
*/
switch(r = plugins_call_handle_uri_clean(srv, con)) {
case HANDLER_GO_ON:
break;
case HANDLER_FINISHED:
case HANDLER_COMEBACK:
case HANDLER_WAIT_FOR_EVENT:
case HANDLER_ERROR:
return r;
default:
log_error_write(srv, __FILE__, __LINE__, "");
break;
}
if (con->request.http_method == HTTP_METHOD_OPTIONS &&
con->uri.path->ptr[0] == '*' && con->uri.path_raw->ptr[1] == '\0') {
/* option requests are handled directly without checking of the path */
response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("OPTIONS, GET, HEAD, POST"));
con->http_status = 200;
con->file_finished = 1;
return HANDLER_FINISHED;
}
/***
*
* border
*
* logical filename (URI) becomes a physical filename here
*
*
*
*/
/* 1. stat()
* ... ISREG() -> ok, go on
* ... ISDIR() -> index-file -> redirect
*
* 2. pathinfo()
* ... ISREG()
*
* 3. -> 404
*
*/
/*
* SEARCH DOCUMENT ROOT
*/
/* set a default */
buffer_copy_buffer(con->physical.doc_root, con->conf.document_root);
buffer_copy_buffer(con->physical.rel_path, con->uri.path);
#if defined(__WIN32) || defined(__CYGWIN__)
/* strip dots from the end and spaces
*
* windows/dos handle those filenames as the same file
*
* foo == foo. == foo..... == "foo... " == "foo.. ./"
*
* This will affect in some cases PATHINFO
*
* on native windows we could prepend the filename with \\?\ to circumvent
* this behaviour. I have no idea how to push this through cygwin
*
* */
if (con->physical.rel_path->used > 1) {
buffer *b = con->physical.rel_path;
size_t len = buffer_string_length(b);
size_t i;
/* strip trailing " /" or "./" once */
if (len > 1 &&
b->ptr[len - 1] == '/' &&
(b->ptr[len - 2] == ' ' || b->ptr[len - 2] == '.')) {
len -= 2;
}
/* strip all trailing " " and "." */
while (len > 0 && ( ' ' == b->ptr[len-1] || '.' == b->ptr[len-1] ) ) --len;
buffer_string_set_length(b, len);
}
#endif
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- before doc_root");
log_error_write(srv, __FILE__, __LINE__, "sb", "Doc-Root :", con->physical.doc_root);
log_error_write(srv, __FILE__, __LINE__, "sb", "Rel-Path :", con->physical.rel_path);
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
/* the docroot plugin should set the doc_root and might also set the physical.path
* for us (all vhost-plugins are supposed to set the doc_root)
* */
switch(r = plugins_call_handle_docroot(srv, con)) {
case HANDLER_GO_ON:
break;
case HANDLER_FINISHED:
case HANDLER_COMEBACK:
case HANDLER_WAIT_FOR_EVENT:
case HANDLER_ERROR:
return r;
default:
log_error_write(srv, __FILE__, __LINE__, "");
break;
}
/* MacOS X and Windows can't distiguish between upper and lower-case
*
* convert to lower-case
*/
if (con->conf.force_lowercase_filenames) {
buffer_to_lower(con->physical.rel_path);
}
/* the docroot plugins might set the servername, if they don't we take http-host */
if (buffer_string_is_empty(con->server_name)) {
buffer_copy_buffer(con->server_name, con->uri.authority);
}
/**
* create physical filename
* -> physical.path = docroot + rel_path
*
*/
buffer_copy_buffer(con->physical.basedir, con->physical.doc_root);
buffer_copy_buffer(con->physical.path, con->physical.doc_root);
buffer_append_slash(con->physical.path);
if (!buffer_string_is_empty(con->physical.rel_path) &&
con->physical.rel_path->ptr[0] == '/') {
buffer_append_string_len(con->physical.path, con->physical.rel_path->ptr + 1, buffer_string_length(con->physical.rel_path) - 1);
} else {
buffer_append_string_buffer(con->physical.path, con->physical.rel_path);
}
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- after doc_root");
log_error_write(srv, __FILE__, __LINE__, "sb", "Doc-Root :", con->physical.doc_root);
log_error_write(srv, __FILE__, __LINE__, "sb", "Rel-Path :", con->physical.rel_path);
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
switch(r = plugins_call_handle_physical(srv, con)) {
case HANDLER_GO_ON:
break;
case HANDLER_FINISHED:
case HANDLER_COMEBACK:
case HANDLER_WAIT_FOR_EVENT:
case HANDLER_ERROR:
return r;
default:
log_error_write(srv, __FILE__, __LINE__, "");
break;
}
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- logical -> physical");
log_error_write(srv, __FILE__, __LINE__, "sb", "Doc-Root :", con->physical.doc_root);
log_error_write(srv, __FILE__, __LINE__, "sb", "Basedir :", con->physical.basedir);
log_error_write(srv, __FILE__, __LINE__, "sb", "Rel-Path :", con->physical.rel_path);
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
}
/*
* Noone catched away the file from normal path of execution yet (like mod_access)
*
* Go on and check of the file exists at all
*/
if (con->mode == DIRECT) {
char *slash = NULL;
char *pathinfo = NULL;
int found = 0;
stat_cache_entry *sce = NULL;
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- handling physical path");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
/* file exists */
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- file found");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
#ifdef HAVE_LSTAT
if ((sce->is_symlink != 0) && !con->conf.follow_symlink) {
con->http_status = 403;
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied due symlink restriction");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
buffer_reset(con->physical.path);
return HANDLER_FINISHED;
};
#endif
if (S_ISDIR(sce->st.st_mode)) {
if (con->uri.path->ptr[buffer_string_length(con->uri.path) - 1] != '/') {
/* redirect to .../ */
http_response_redirect_to_directory(srv, con);
return HANDLER_FINISHED;
}
#ifdef HAVE_LSTAT
} else if (!S_ISREG(sce->st.st_mode) && !sce->is_symlink) {
#else
} else if (!S_ISREG(sce->st.st_mode)) {
#endif
/* any special handling of non-reg files ?*/
}
} else {
switch (errno) {
case EACCES:
con->http_status = 403;
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
buffer_reset(con->physical.path);
return HANDLER_FINISHED;
case ENAMETOOLONG:
/* file name to be read was too long. return 404 */
case ENOENT:
con->http_status = 404;
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- file not found");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
buffer_reset(con->physical.path);
return HANDLER_FINISHED;
case ENOTDIR:
/* PATH_INFO ! :) */
break;
default:
/* we have no idea what happend. let's tell the user so. */
con->http_status = 500;
buffer_reset(con->physical.path);
log_error_write(srv, __FILE__, __LINE__, "ssbsb",
"file not found ... or so: ", strerror(errno),
con->uri.path,
"->", con->physical.path);
return HANDLER_FINISHED;
}
/* not found, perhaps PATHINFO */
buffer_copy_buffer(srv->tmp_buf, con->physical.path);
do {
if (slash) {
buffer_copy_string_len(con->physical.path, srv->tmp_buf->ptr, slash - srv->tmp_buf->ptr);
} else {
buffer_copy_buffer(con->physical.path, srv->tmp_buf);
}
if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
found = S_ISREG(sce->st.st_mode);
break;
}
if (pathinfo != NULL) {
*pathinfo = '\0';
}
slash = strrchr(srv->tmp_buf->ptr, '/');
if (pathinfo != NULL) {
/* restore '/' */
*pathinfo = '/';
}
if (slash) pathinfo = slash;
} while ((found == 0) && (slash != NULL) && ((size_t)(slash - srv->tmp_buf->ptr) > (buffer_string_length(con->physical.basedir) - 1)));
if (found == 0) {
/* no it really doesn't exists */
con->http_status = 404;
if (con->conf.log_file_not_found) {
log_error_write(srv, __FILE__, __LINE__, "sbsb",
"file not found:", con->uri.path,
"->", con->physical.path);
}
buffer_reset(con->physical.path);
return HANDLER_FINISHED;
}
#ifdef HAVE_LSTAT
if ((sce->is_symlink != 0) && !con->conf.follow_symlink) {
con->http_status = 403;
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied due symlink restriction");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
buffer_reset(con->physical.path);
return HANDLER_FINISHED;
};
#endif
/* we have a PATHINFO */
if (pathinfo) {
buffer_copy_string(con->request.pathinfo, pathinfo);
/*
* shorten uri.path
*/
buffer_string_set_length(con->uri.path, buffer_string_length(con->uri.path) - strlen(pathinfo));
}
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- after pathinfo check");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
log_error_write(srv, __FILE__, __LINE__, "sb", "URI :", con->uri.path);
log_error_write(srv, __FILE__, __LINE__, "sb", "Pathinfo :", con->request.pathinfo);
}
}
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- handling subrequest");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
/* call the handlers */
switch(r = plugins_call_handle_subrequest_start(srv, con)) {
case HANDLER_GO_ON:
/* request was not handled */
break;
case HANDLER_FINISHED:
default:
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- subrequest finished");
}
/* something strange happend */
return r;
}
/* if we are still here, no one wanted the file, status 403 is ok I think */
if (con->mode == DIRECT && con->http_status == 0) {
switch (con->request.http_method) {
case HTTP_METHOD_OPTIONS:
con->http_status = 200;
break;
default:
con->http_status = 403;
}
return HANDLER_FINISHED;
}
}
switch(r = plugins_call_handle_subrequest(srv, con)) {
case HANDLER_GO_ON:
/* request was not handled, looks like we are done */
return HANDLER_FINISHED;
case HANDLER_FINISHED:
/* request is finished */
default:
/* something strange happend */
return r;
}
/* can't happen */
return HANDLER_COMEBACK;
}
int http_request_host_normalize(buffer *b) {
/*
* check for and canonicalize numeric IP address and portnum (optional)
* (IP address may be followed by ":portnum" (optional))
* - IPv6: "[...]"
* - IPv4: "x.x.x.x"
* - IPv4: 12345678 (32-bit decimal number)
* - IPv4: 012345678 (32-bit octal number)
* - IPv4: 0x12345678 (32-bit hex number)
*
* allow any chars (except ':' and '\0' and stray '[' or ']')
* (other code may check chars more strictly or more pedantically)
* ':' delimits (optional) port at end of string
* "[]" wraps IPv6 address literal
* '\0' should have been rejected earlier were it present
*
* any chars includes, but is not limited to:
* - allow '-' any where, even at beginning of word
* (security caution: might be confused for cmd flag if passed to shell)
* - allow all-digit TLDs
* (might be mistaken for IPv4 addr by inet_aton()
* unless non-digits appear in subdomain)
*/
/* Note: not using getaddrinfo() since it does not support "[]" around IPv6
* and is not as lenient as inet_aton() and inet_addr() for IPv4 strings.
* Not using inet_pton() (when available) on IPv4 for similar reasons. */
const char * const p = b->ptr;
const size_t blen = buffer_string_length(b);
long port = 0;
if (*p != '[') {
char * const colon = (char *)memchr(p, ':', blen);
if (colon) {
if (*p == ':') return -1; /*(empty host then port, or naked IPv6)*/
if (colon[1] != '\0') {
char *e;
port = strtol(colon+1, &e, 0); /*(allow decimal, octal, hex)*/
if (0 < port && port <= USHRT_MAX && *e == '\0') {
/* valid port */
} else {
return -1;
}
} /*(else ignore stray colon at string end)*/
buffer_string_set_length(b, (size_t)(colon - p)); /*(remove port str)*/
}
if (light_isdigit(*p)) {
/* (IPv4 address literal or domain starting w/ digit (e.g. 3com))*/
struct in_addr addr;
#if defined(HAVE_INET_ATON) /*(Windows does not provide inet_aton())*/
if (0 != inet_aton(p, &addr))
#else
if ((addr.s_addr = inet_addr(p)) != INADDR_NONE)
#endif
{
#if defined(HAVE_INET_PTON)/*(expect inet_ntop() if inet_pton())*/
#ifndef INET_ADDRSTRLEN
#define INET_ADDRSTRLEN 16
#endif
char buf[INET_ADDRSTRLEN];
inet_ntop(AF_INET, (const void *)&addr, buf, sizeof(buf));
buffer_copy_string(b, buf);
#else
buffer_copy_string(b, inet_ntoa(addr)); /*(not thread-safe)*/
#endif
}
}
} else { /* IPv6 addr */
#if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
struct in6_addr addr;
char *bracket = b->ptr+blen-1;
char *percent = strchr(b->ptr+1, '%');
size_t len;
int rc;
char buf[INET6_ADDRSTRLEN+16]; /*(+16 for potential %interface name)*/
if (blen <= 2) return -1; /*(invalid "[]")*/
if (*bracket != ']') {
bracket = (char *)memchr(b->ptr+1, ']', blen-1);
if (NULL == bracket || bracket[1] != ':' || bracket - b->ptr == 1){
return -1;
}
if (bracket[2] != '\0') { /*(ignore stray colon at string end)*/
char *e;
port = strtol(bracket+2, &e, 0); /*(allow decimal, octal, hex)*/
if (0 < port && port <= USHRT_MAX && *e == '\0') {
/* valid port */
} else {
return -1;
}
}
}
*bracket = '\0';/*(terminate IPv6 string)*/
if (percent) *percent = '\0'; /*(remove %interface from address)*/
rc = inet_pton(AF_INET6, b->ptr+1, &addr);
if (percent) *percent = '%'; /*(restore %interface)*/
*bracket = ']'; /*(restore bracket)*/
if (1 != rc) return -1;
inet_ntop(AF_INET6,(const void *)&addr, buf, sizeof(buf));
len = strlen(buf);
if (percent) {
if (percent > bracket) return -1;
if (len + (size_t)(bracket - percent) >= sizeof(buf)) return -1;
memcpy(buf+len, percent, (size_t)(bracket - percent));
len += (size_t)(bracket - percent);
}
buffer_string_set_length(b, 1); /* truncate after '[' */
buffer_append_string_len(b, buf, len);
buffer_append_string_len(b, CONST_STR_LEN("]"));
#else
return -1;
#endif
}
if (port) {
buffer_append_string_len(b, CONST_STR_LEN(":"));
buffer_append_int(b, (int)port);
}
return 0;
}
static int request_check_hostname(buffer *host) {
enum { DOMAINLABEL, TOPLABEL } stage = TOPLABEL;
size_t i;
int label_len = 0;
size_t host_len, hostport_len;
char *colon;
int is_ip = -1; /* -1 don't know yet, 0 no, 1 yes */
int level = 0;
/*
* hostport = host [ ":" port ]
* host = hostname | IPv4address | IPv6address
* hostname = *( domainlabel "." ) toplabel [ "." ]
* domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
* toplabel = alpha | alpha *( alphanum | "-" ) alphanum
* IPv4address = 1*digit "." 1*digit "." 1*digit "." 1*digit
* IPv6address = "[" ... "]"
* port = *digit
*/
/* IPv6 adress */
if (host->ptr[0] == '[') {
char *c = host->ptr + 1;
int colon_cnt = 0;
/* check the address inside [...] */
for (; *c && *c != ']'; c++) {
if (*c == ':') {
if (++colon_cnt > 7) {
return -1;
}
} else if (!light_isxdigit(*c) && '.' != *c) {
return -1;
}
}
/* missing ] */
if (!*c) {
return -1;
}
/* check port */
if (*(c+1) == ':') {
for (c += 2; *c; c++) {
if (!light_isdigit(*c)) {
return -1;
}
}
}
else if ('\0' != *(c+1)) {
/* only a port is allowed to follow [...] */
return -1;
}
return 0;
}
hostport_len = host_len = buffer_string_length(host);
if (NULL != (colon = memchr(host->ptr, ':', host_len))) {
char *c = colon + 1;
/* check portnumber */
for (; *c; c++) {
if (!light_isdigit(*c)) return -1;
}
/* remove the port from the host-len */
host_len = colon - host->ptr;
}
/* Host is empty */
if (host_len == 0) return -1;
/* if the hostname ends in a "." strip it */
if (host->ptr[host_len-1] == '.') {
/* shift port info one left */
if (NULL != colon) memmove(colon-1, colon, hostport_len - host_len);
buffer_string_set_length(host, --hostport_len);
if (--host_len == 0) return -1;
}
/* scan from the right and skip the \0 */
for (i = host_len; i-- > 0; ) {
const char c = host->ptr[i];
switch (stage) {
case TOPLABEL:
if (c == '.') {
/* only switch stage, if this is not the last character */
if (i != host_len - 1) {
if (label_len == 0) {
return -1;
}
/* check the first character at right of the dot */
if (is_ip == 0) {
if (!light_isalnum(host->ptr[i+1])) {
return -1;
}
} else if (!light_isdigit(host->ptr[i+1])) {
is_ip = 0;
} else if ('-' == host->ptr[i+1]) {
return -1;
} else {
/* just digits */
is_ip = 1;
}
stage = DOMAINLABEL;
label_len = 0;
level++;
} else if (i == 0) {
/* just a dot and nothing else is evil */
return -1;
}
} else if (i == 0) {
/* the first character of the hostname */
if (!light_isalnum(c)) {
return -1;
}
label_len++;
} else {
if (c != '-' && !light_isalnum(c)) {
return -1;
}
if (is_ip == -1) {
if (!light_isdigit(c)) is_ip = 0;
}
label_len++;
}
break;
case DOMAINLABEL:
if (is_ip == 1) {
if (c == '.') {
if (label_len == 0) {
return -1;
}
label_len = 0;
level++;
} else if (!light_isdigit(c)) {
return -1;
} else {
label_len++;
}
} else {
if (c == '.') {
if (label_len == 0) {
return -1;
}
/* c is either - or alphanum here */
if ('-' == host->ptr[i+1]) {
return -1;
}
label_len = 0;
level++;
} else if (i == 0) {
if (!light_isalnum(c)) {
return -1;
}
label_len++;
} else {
if (c != '-' && !light_isalnum(c)) {
return -1;
}
label_len++;
}
}
break;
}
}
/* a IP has to consist of 4 parts */
if (is_ip == 1 && level != 3) {
return -1;
}
if (label_len == 0) {
return -1;
}
return 0;
}
