void
http_url_to_buffer(const struct http_url *url, struct c_buffer *buf) {
if (url->scheme)
c_buffer_add_printf(buf, "%s:", url->scheme);
if (url->host) {
c_buffer_add_string(buf, "//");
if (url->user) {
http_url_encode(url->user, buf);
if (url->password) {
c_buffer_add_string(buf, ":");
http_url_encode(url->password, buf);
}
c_buffer_add_string(buf, "@");
}
http_url_encode(url->host, buf);
if (url->port)
c_buffer_add_printf(buf, ":%u", url->port_number);
}
if (url->path) {
http_url_path_encode(url->path, buf);
} else {
c_buffer_add_string(buf, "/");
}
if (url->query_parameters) {
c_buffer_add_string(buf, "?");
http_query_parameters_to_buffer(url->query_parameters, buf);
}
if (url->fragment) {
c_buffer_add_string(buf, "#");
http_url_fragment_encode(url->fragment, buf);
}
}
static int uwsgi_wevdav_manage_proppatch(struct wsgi_request *wsgi_req, xmlDoc * doc) {
char filename[PATH_MAX];
size_t filename_len = uwsgi_webdav_expand_path(wsgi_req, wsgi_req->path_info, wsgi_req->path_info_len, filename);
if (filename_len == 0) {
uwsgi_404(wsgi_req);
return UWSGI_OK;
}
xmlNode *element = xmlDocGetRootElement(doc);
if (!element) return -1;
if (!element || (strcmp((char *) element->name, "propertyupdate"))) return -1;
if (uwsgi_response_prepare_headers(wsgi_req, "207 Multi-Status", 16))
return -1;
if (uwsgi_response_add_content_type(wsgi_req, "application/xml; charset=\"utf-8\"", 32))
return -1;
xmlDoc *rdoc = xmlNewDoc(BAD_CAST "1.0");
xmlNode *multistatus = xmlNewNode(NULL, BAD_CAST "multistatus");
xmlDocSetRootElement(rdoc, multistatus);
xmlNsPtr dav_ns = xmlNewNs(multistatus, BAD_CAST "DAV:", BAD_CAST "D");
xmlSetNs(multistatus, dav_ns);
xmlNode *response = xmlNewChild(multistatus, dav_ns, BAD_CAST "response", NULL);
char *uri = uwsgi_concat2n(wsgi_req->path_info, wsgi_req->path_info_len, "", 0);
uint16_t uri_len = strlen(uri) ;
char *encoded_uri = uwsgi_malloc( (uri_len * 3) + 1);
http_url_encode(uri, &uri_len, encoded_uri);
encoded_uri[uri_len] = 0;
xmlNewChild(response, dav_ns, BAD_CAST "href", BAD_CAST encoded_uri);
free(encoded_uri);
// propfind can be "set" or "remove"
xmlNode *node;
for (node = element->children; node; node = node->next) {
if (node->type == XML_ELEMENT_NODE) {
if (node->ns && !strcmp((char *) node->ns->href, "DAV:")) {
if (!strcmp((char *) node->name, "set")) {
uwsgi_webdav_manage_prop_update(wsgi_req, node, response, filename, 0);
}
else if (!strcmp((char *) node->name, "remove")) {
uwsgi_webdav_manage_prop_update(wsgi_req, node, response, filename, 1);
}
}
}
}
if (!rdoc) return UWSGI_OK;
xmlChar *xmlbuf;
int xlen = 0;
xmlDocDumpFormatMemory(rdoc, &xmlbuf, &xlen, 1);
uwsgi_response_add_content_length(wsgi_req, xlen);
uwsgi_response_write_body_do(wsgi_req, (char *) xmlbuf, xlen);
#ifdef UWSGI_DEBUG
uwsgi_log("\n%.*s\n", xlen, xmlbuf);
#endif
xmlFreeDoc(rdoc);
xmlFree(xmlbuf);
return UWSGI_OK;
}
static int uwsgi_webdav_add_props(struct wsgi_request *wsgi_req, xmlNode *req_prop, xmlNode * multistatus, xmlNsPtr dav_ns, char *uri, char *filename, int with_values) {
struct stat st;
if (stat(filename, &st)) {
uwsgi_error("uwsgi_webdav_add_props()/stat()");
return -1;
}
int is_collection = 0;
xmlNode *response = xmlNewChild(multistatus, dav_ns, BAD_CAST "response", NULL);
uint16_t uri_len = strlen(uri) ;
char *encoded_uri = uwsgi_malloc( (uri_len * 3) + 1);
http_url_encode(uri, &uri_len, encoded_uri);
encoded_uri[uri_len] = 0;
xmlNewChild(response, dav_ns, BAD_CAST "href", BAD_CAST encoded_uri);
free(encoded_uri);
xmlNode *r_propstat = xmlNewChild(response, dav_ns, BAD_CAST "propstat", NULL);
char *r_status = uwsgi_concat2n(wsgi_req->protocol, wsgi_req->protocol_len, " 200 OK", 7);
xmlNewChild(r_propstat, dav_ns, BAD_CAST "status", BAD_CAST r_status);
free(r_status);
xmlNode *r_prop = xmlNewChild(r_propstat, dav_ns, BAD_CAST "prop", NULL);
if (with_values) {
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "displayname")) {
char *base_uri = uwsgi_get_last_char(uri, '/');
if (base_uri) {
xmlNewChild(r_prop, dav_ns, BAD_CAST "displayname", BAD_CAST base_uri+1);
}
else {
xmlNewChild(r_prop, dav_ns, BAD_CAST "displayname", BAD_CAST uri);
}
}
if (S_ISDIR(st.st_mode)) is_collection = 1;
xmlNode *r_type = NULL;
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "resourcetype")) {
r_type = xmlNewChild(r_prop, dav_ns, BAD_CAST "resourcetype", NULL);
if (is_collection) {
xmlNewChild(r_type, dav_ns, BAD_CAST "collection", NULL);
is_collection = 1;
}
}
if (!is_collection) {
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "getcontentlength")) {
char *r_contentlength = uwsgi_num2str(st.st_size);
xmlNewChild(r_prop, dav_ns, BAD_CAST "getcontentlength", BAD_CAST r_contentlength);
free(r_contentlength);
}
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "getcontenttype")) {
size_t mime_type_len = 0;
char *mime_type = uwsgi_get_mime_type(filename, strlen(filename), &mime_type_len);
if (mime_type) {
char *r_ctype = uwsgi_concat2n(mime_type, mime_type_len, "", 0);
xmlNewTextChild(r_prop, dav_ns, BAD_CAST "getcontenttype", BAD_CAST r_ctype);
free(r_ctype);
}
}
}
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "creationdate")) {
// there is no creation date on UNIX/POSIX, ctime is the nearest thing...
char *cdate = uwsgi_webdav_new_date(st.st_ctime);
if (cdate) {
xmlNewTextChild(r_prop, dav_ns, BAD_CAST "creationdate", BAD_CAST cdate);
free(cdate);
}
}
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "getlastmodified")) {
char *mdate = uwsgi_webdav_new_date(st.st_mtime);
if (mdate) {
xmlNewTextChild(r_prop, dav_ns, BAD_CAST "getlastmodified", BAD_CAST mdate);
free(mdate);
}
}
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "getetag")) {
char *etag = uwsgi_num2str(st.st_mtime);
xmlNewTextChild(r_prop, dav_ns, BAD_CAST "getetag", BAD_CAST etag);
free(etag);
}
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "executable")) {
xmlNewChild(r_prop, dav_ns, BAD_CAST "executable", NULL);
}
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "owner")) {
xmlNewTextChild(r_prop, dav_ns, BAD_CAST "owner", NULL);
}
if (wsgi_req->remote_user_len > 0) {
if (udav.principal_base) {
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "current-user-principal")) {
char *current_user_principal = uwsgi_concat2n(udav.principal_base, strlen(udav.principal_base), wsgi_req->remote_user, wsgi_req->remote_user_len);
xmlNode *cup = xmlNewChild(r_prop, dav_ns, BAD_CAST "current-user-principal", NULL);
xmlNewTextChild(cup, dav_ns, BAD_CAST "href", BAD_CAST current_user_principal);
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "resourcetype")) {
if (!strcmp(current_user_principal, uri)) {
xmlNewChild(r_type, dav_ns, BAD_CAST "principal", NULL);
}
}
free(current_user_principal);
}
}
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "current-user-privilege-set")) {
xmlNode *cups = xmlNewChild(r_prop, dav_ns, BAD_CAST "current-user-privilege-set", NULL);
xmlNode *privilege = xmlNewChild(cups, dav_ns, BAD_CAST "privilege", NULL);
xmlNewChild(privilege, dav_ns, BAD_CAST "all", NULL);
xmlNewChild(privilege, dav_ns, BAD_CAST "read", NULL);
xmlNewChild(privilege, dav_ns, BAD_CAST "write", NULL);
xmlNewChild(privilege, dav_ns, BAD_CAST "write-content", NULL);
xmlNewChild(privilege, dav_ns, BAD_CAST "write-properties", NULL);
}
}
if (uwsgi_webdav_prop_requested(req_prop, "DAV:", "supported-report-set")) {
xmlNode *report_set = xmlNewChild(r_prop, dav_ns, BAD_CAST "supported-report-set", NULL);
xmlNode *supported_report = xmlNewChild(report_set, dav_ns, BAD_CAST "supported-report", NULL);
xmlNewChild(supported_report, dav_ns, BAD_CAST "report", BAD_CAST "principal-property-search");
supported_report = xmlNewChild(report_set, dav_ns, BAD_CAST "supported-report", NULL);
xmlNewChild(supported_report, dav_ns, BAD_CAST "report", BAD_CAST "sync-collection");
supported_report = xmlNewChild(report_set, dav_ns, BAD_CAST "supported-report", NULL);
xmlNewChild(supported_report, dav_ns, BAD_CAST "report", BAD_CAST "expand-property");
supported_report = xmlNewChild(report_set, dav_ns, BAD_CAST "supported-report", NULL);
xmlNewChild(supported_report, dav_ns, BAD_CAST "report", BAD_CAST "principal-search-property-set");
}
uwsgi_webdav_foreach_prop(udav.add_prop, req_prop, r_prop, 0, NULL );
uwsgi_webdav_foreach_prop(udav.add_prop_href, req_prop, r_prop, 1, NULL);
uwsgi_webdav_foreach_prop(udav.add_prop_comp,req_prop, r_prop, 2 , NULL);
uwsgi_webdav_foreach_prop(udav.add_rtype_prop,req_prop, r_type, 0, "resourcetype");
if (is_collection) {
uwsgi_webdav_foreach_prop(udav.add_rtype_collection_prop,req_prop, r_type, 0, "resourcetype");
uwsgi_webdav_foreach_prop(udav.add_collection_prop,req_prop, r_prop, 0, NULL);
uwsgi_webdav_foreach_prop(udav.add_collection_prop_href,req_prop, r_prop, 1, NULL);
uwsgi_webdav_foreach_prop(udav.add_collection_prop_comp,req_prop, r_prop, 2, NULL);
}
else {
uwsgi_webdav_foreach_prop(udav.add_rtype_object_prop,req_prop, r_type, 0, "resourcetype");
uwsgi_webdav_foreach_prop(udav.add_object_prop,req_prop, r_prop, 0, NULL);
uwsgi_webdav_foreach_prop(udav.add_object_prop_href,req_prop, r_prop, 1, NULL);
uwsgi_webdav_foreach_prop(udav.add_object_prop_comp,req_prop, r_prop, 2, NULL);
}
}
else {
xmlNewChild(r_prop, dav_ns, BAD_CAST "displayname", NULL);
xmlNewChild(r_prop, dav_ns, BAD_CAST "resourcetype", NULL);
if (!S_ISDIR(st.st_mode)) {
xmlNewChild(r_prop, dav_ns, BAD_CAST "getcontentlength", NULL);
xmlNewChild(r_prop, dav_ns, BAD_CAST "getcontenttype", NULL);
}
xmlNewChild(r_prop, dav_ns, BAD_CAST "creationdate", NULL);
xmlNewChild(r_prop, dav_ns, BAD_CAST "getlastmodified", NULL);
xmlNewChild(r_prop, dav_ns, BAD_CAST "supported-report-set", NULL);
if (wsgi_req->remote_user_len > 0) {
xmlNewChild(r_prop, dav_ns, BAD_CAST "current-user-privilege-set", NULL);
if (udav.principal_base) {
xmlNewChild(r_prop, dav_ns, BAD_CAST "current-user-principal", NULL);
}
}
}
#if defined(__linux__) || defined(__APPLE__)
// get xattr for user.uwsgi.webdav.
#if defined(__linux__)
ssize_t rlen = listxattr(filename, NULL, 0);
#elif defined(__APPLE__)
ssize_t rlen = listxattr(filename, NULL, 0, 0);
#endif
// do not return -1 as the previous xml is valid !!!
if (rlen <= 0) return 0;
// use calloc to avoid races
char *xattrs = uwsgi_calloc(rlen);
#if defined(__linux__)
if (listxattr(filename, xattrs, rlen) <= 0) {
#elif defined(__APPLE__)
if (listxattr(filename, xattrs, rlen, 0) <= 0) {
#endif
free(xattrs);
return 0;
}
// parse the name list
ssize_t i;
char *key = NULL;
for(i=0;i<rlen;i++) {
// check for wrong condition
if (xattrs[i] == 0 && key == NULL) break;
if (key && xattrs[i] == 0) {
if (!uwsgi_starts_with(key, strlen(key), "user.uwsgi.webdav.", 18)) {
if (uwsgi_string_list_has_item(udav.skip_prop, key + 18, strlen(key + 18))) continue;
xmlNsPtr xattr_ns = NULL;
// does it has a namespace ?
char *separator = strchr(key + 18, '|');
char *xattr_key = key + 18;
if (separator) {
xattr_key = separator + 1;
*separator = 0;
if (!uwsgi_webdav_prop_requested(req_prop, key + 18, xattr_key)) continue;
}
else {
if (!uwsgi_webdav_prop_requested(req_prop, NULL, xattr_key)) continue;
}
xmlNode *xattr_item = NULL;
if (with_values) {
#if defined(__linux__)
ssize_t rlen2 = getxattr(filename, key, NULL, 0);
#elif defined(__APPLE__)
ssize_t rlen2 = getxattr(filename, key, NULL, 0, 0, 0);
#endif
if (rlen > 0) {
// leave space for final 0
char *xvalue = uwsgi_calloc(rlen2 + 1);
#if defined(__linux__)
if (getxattr(filename, key, xvalue, rlen2) > 0) {
#elif defined(__APPLE__)
if (getxattr(filename, key, xvalue, rlen2, 0 ,0) > 0) {
#endif
xattr_item = xmlNewTextChild(r_prop, NULL, BAD_CAST xattr_key, BAD_CAST xvalue);
}
free(xvalue);
}
else if (rlen == 0) {
xattr_item = xmlNewTextChild(r_prop, NULL, BAD_CAST xattr_key, NULL);
}
}
else {
xattr_item = xmlNewTextChild(r_prop, NULL, BAD_CAST xattr_key, NULL);
}
if (separator && xattr_item) {
xattr_ns = xmlNewNs(xattr_item, BAD_CAST (key + 18), NULL);
*separator = '|';
xmlSetNs(xattr_item, xattr_ns);
}
}
key = NULL;
}
else if (key == NULL) {
key = &xattrs[i];
}
}
free(xattrs);
#endif
return 0;
}
static size_t uwsgi_webdav_expand_path(struct wsgi_request *wsgi_req, char *item, uint16_t item_len, char *filename) {
struct uwsgi_app *ua = &uwsgi_apps[wsgi_req->app_id];
char *docroot = ua->interpreter;
size_t docroot_len = strlen(docroot);
// merge docroot with path_info
char *tmp_filename = uwsgi_concat3n(docroot, docroot_len, "/", 1, item, item_len);
// try expanding the path
if (!realpath(tmp_filename, filename)) {
free(tmp_filename);
return 0;
}
free(tmp_filename);
return strlen(filename);
}
static size_t uwsgi_webdav_expand_fake_path(struct wsgi_request *wsgi_req, char *item, uint16_t item_len, char *filename) {
char *last_slash = uwsgi_get_last_charn(item, item_len, '/');
if (!last_slash) return 0;
size_t filename_len = uwsgi_webdav_expand_path(wsgi_req, item, last_slash - item, filename);
if (!filename_len) return 0;
// check for overflow
if (filename_len + (item_len - (last_slash - item)) >= PATH_MAX) return 0;
memcpy(filename + filename_len, last_slash, (item_len - (last_slash - item)));
filename_len += (item_len - (last_slash - item));
filename[(int)filename_len] = 0;
return filename_len;
}
static xmlDoc *uwsgi_webdav_manage_prop(struct wsgi_request *wsgi_req, xmlNode *req_prop, char *filename, size_t filename_len, int with_values) {
// default 1 depth
int depth = 1;
uint16_t http_depth_len = 0;
char *http_depth = uwsgi_get_var(wsgi_req, "HTTP_DEPTH", 10, &http_depth_len);
if (http_depth) {
depth = uwsgi_str_num(http_depth, http_depth_len);
}
xmlDoc *rdoc = xmlNewDoc(BAD_CAST "1.0");
xmlNode *multistatus = xmlNewNode(NULL, BAD_CAST "multistatus");
xmlDocSetRootElement(rdoc, multistatus);
xmlNsPtr dav_ns = xmlNewNs(multistatus, BAD_CAST "DAV:", BAD_CAST "D");
xmlSetNs(multistatus, dav_ns);
if (depth == 0) {
char *uri = uwsgi_concat2n(wsgi_req->path_info, wsgi_req->path_info_len, "", 0);
uwsgi_webdav_add_props(wsgi_req, req_prop, multistatus, dav_ns, uri, filename, with_values);
free(uri);
}
else {
DIR *collection = opendir(filename);
struct dirent de;
for (;;) {
struct dirent *de_r = NULL;
if (readdir_r(collection, &de, &de_r)) {
uwsgi_error("uwsgi_wevdav_manage_propfind()/readdir_r()");
break;
}
if (de_r == NULL) {
break;
}
char *uri = NULL;
char *direntry = NULL;
if (!strcmp(de.d_name, "..")) {
// skip ..
continue;
}
else if (!strcmp(de.d_name, ".")) {
uri = uwsgi_concat2n(wsgi_req->path_info, wsgi_req->path_info_len, "", 0);
direntry = uwsgi_concat2n(filename, filename_len, "", 0);
}
else if (wsgi_req->path_info[wsgi_req->path_info_len - 1] == '/') {
uri = uwsgi_concat2n(wsgi_req->path_info, wsgi_req->path_info_len, de.d_name, strlen(de.d_name));
direntry = uwsgi_concat3n(filename, filename_len, "/", 1, de.d_name, strlen(de.d_name));
}
else {
uri = uwsgi_concat3n(wsgi_req->path_info, wsgi_req->path_info_len, "/", 1, de.d_name, strlen(de.d_name));
direntry = uwsgi_concat3n(filename, filename_len, "/", 1, de.d_name, strlen(de.d_name));
}
uwsgi_webdav_add_props(wsgi_req, req_prop, multistatus, dav_ns, uri, direntry, with_values);
free(uri);
free(direntry);
}
closedir(collection);
}
return rdoc;
}
