void dump_ptr(char *prefix, PVOID p)
{
char buf[200];
__try
{
_snprintf(buf, 100, "%08X: %s: %s", p, prefix, p);
TraceA(buf);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
_snprintf(buf, 100, "%08X: %s", p, prefix);
TraceA(buf);
}
}
void TraceErr(DWORD err)
{
LPVOID lpMsgBuf;
FormatMessageA(
FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_FROM_SYSTEM |
FORMAT_MESSAGE_IGNORE_INSERTS,
NULL,
err,
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
(LPSTR) &lpMsgBuf,
0,
NULL
);
TraceA( "[%x] %s\n", err, (lpMsgBuf ? lpMsgBuf : "unknown"));
LocalFree( lpMsgBuf );
}
/*
* processRPCCall() is called after some validations. The assumption is that
* the request is an HTTP post of content-type text/xml with a content-length
* that is less than the maximum the library can handle.
*
* The caller should check the error status, and if the error was other than
* a network type, respond back to the client to let them know the call failed.
*/
void
processRPCCall(
xmlrpc_env * const envP,
IN HANDLE hReqQueue,
IN PHTTP_REQUEST pRequest
)
{
HTTP_RESPONSE response;
DWORD result;
DWORD bytesSent;
PUCHAR pEntityBuffer;
ULONG EntityBufferLength;
ULONG BytesRead;
#define MAX_ULONG_STR ((ULONG) sizeof("4294967295"))
CHAR szContentLength[MAX_ULONG_STR];
CHAR szServerHeader[20];
HTTP_DATA_CHUNK dataChunk;
ULONG TotalBytesRead = 0;
xmlrpc_mem_block * body;
xmlrpc_mem_block * output;
BytesRead = 0;
body = NULL;
output = NULL;
// Allocate some space for an entity buffer.
EntityBufferLength = 2048;
pEntityBuffer = (PUCHAR) ALLOC_MEM( EntityBufferLength );
if (pEntityBuffer == NULL)
{
xmlrpc_faultf(envP, "Out of Memory");
goto Done;
}
// NOTE: If we had passed the HTTP_RECEIVE_REQUEST_FLAG_COPY_BODY
// flag with HttpReceiveHttpRequest(), the entity would have
// been a part of HTTP_REQUEST (using the pEntityChunks field).
// Since we have not passed that flag, we can be assured that
// there are no entity bodies in HTTP_REQUEST.
if(pRequest->Flags & HTTP_REQUEST_FLAG_MORE_ENTITY_BODY_EXISTS)
{
//Allocate some space for an XMLRPC memory block.
body = xmlrpc_mem_block_new(envP, 0);
if (envP->fault_occurred)
goto Done;
// The entity body can be sent over multiple calls. Let's collect all
// of these in a buffer and send the buffer to the xmlrpc-c library
do
{
// Read the entity chunk from the request.
BytesRead = 0;
result = HttpReceiveRequestEntityBody(
hReqQueue,
pRequest->RequestId,
0,
pEntityBuffer,
EntityBufferLength,
&BytesRead,
NULL
);
switch(result)
{
case NO_ERROR:
if(BytesRead != 0)
{
XMLRPC_MEMBLOCK_APPEND(char, envP, body,
pEntityBuffer, BytesRead);
if(envP->fault_occurred)
goto Done;
}
break;
case ERROR_HANDLE_EOF:
// We have read the last request entity body. We can now
// process the suppossed XMLRPC data.
if(BytesRead != 0)
{
XMLRPC_MEMBLOCK_APPEND(char, envP, body,
pEntityBuffer, BytesRead);
if(envP->fault_occurred)
goto Done;
}
// We will send the response over multiple calls.
// This is achieved by passing the
// HTTP_SEND_RESPONSE_FLAG_MORE_DATA flag.
// NOTE: Since we are accumulating the TotalBytesRead in
// a ULONG, this will not work for entity bodies that
// are larger than 4 GB. To work with large entity
// bodies, we would have to use a ULONGLONG.
TraceA("xmlrpc_server RPC2 handler processing "
"RPC request.");
// Process the RPC.
xmlrpc_registry_process_call2(
envP, global_registryP,
XMLRPC_MEMBLOCK_CONTENTS(char, body),
XMLRPC_MEMBLOCK_SIZE(char, body),
NULL,
&output);
if (envP->fault_occurred)
goto Done;
// Initialize the HTTP response structure.
INITIALIZE_HTTP_RESPONSE(&response, 200, "OK");
//Add the content-length
StringCchPrintfA(szContentLength,MAX_ULONG_STR, "%lu",
XMLRPC_MEMBLOCK_SIZE(char, output));
ADD_KNOWN_HEADER(
response,
HttpHeaderContentLength,
szContentLength );
//Add the content-type
ADD_KNOWN_HEADER(response, HttpHeaderContentType,
"text/xml");
StringCchPrintfA(szServerHeader,20,
"xmlrpc-c %s",XMLRPC_C_VERSION);
ADD_KNOWN_HEADER(response, HttpHeaderServer,
szServerHeader);
//send the response
result = HttpSendHttpResponse(
hReqQueue, // ReqQueueHandle
pRequest->RequestId, // Request ID
HTTP_SEND_RESPONSE_FLAG_MORE_DATA,
&response, // HTTP response
NULL, // pReserved1
&bytesSent, // bytes sent (optional)
NULL, // pReserved2
0, // Reserved3
NULL, // LPOVERLAPPED
NULL // pReserved4
);
if(result != NO_ERROR)
{
TraceW(L"HttpSendHttpResponse failed with %lu",
result);
xmlrpc_env_set_fault_formatted(
envP, XMLRPC_NETWORK_ERROR,
"HttpSendHttpResponse failed with %lu", result);
goto Done;
}
// Send entity body from a memory chunk.
dataChunk.DataChunkType = HttpDataChunkFromMemory;
dataChunk.FromMemory.BufferLength =
(ULONG)XMLRPC_MEMBLOCK_SIZE(char, output);
dataChunk.FromMemory.pBuffer =
XMLRPC_MEMBLOCK_CONTENTS(char, output);
result = HttpSendResponseEntityBody(
hReqQueue,
pRequest->RequestId,
0, // This is the last send.
1, // Entity Chunk Count.
&dataChunk,
NULL,
NULL,
0,
NULL,
NULL
);
if(result != NO_ERROR)
{
TraceW(L"HttpSendResponseEntityBody failed "
L"with %lu", result);
xmlrpc_env_set_fault_formatted(
envP, XMLRPC_NETWORK_ERROR,
"HttpSendResponseEntityBody failed with %lu",
result);
goto Done;
}
goto Done;
break;
default:
TraceW(L"HttpReceiveRequestEntityBody failed with %lu",
result);
xmlrpc_env_set_fault_formatted(
envP, XMLRPC_NETWORK_ERROR,
"HttpReceiveRequestEntityBody failed "
"with %lu", result);
goto Done;
}
} while(TRUE);
}
/*
* This is a blocking function that merely sits on the request queue
* for our URI and processes them one at a time. Once a request comes
* in, we check it for content-type, content-length, and verb. As long
* as the initial validations are done, we pass the request to the
* processRPCCall() function, which collects the body of the request
* and processes it. If we get an error back other than network type,
* we are responsible for notifing the client.
*/
DWORD
DoReceiveRequests(
IN HANDLE hReqQueue,
const xmlrpc_server_httpsys_parms * const parmsP
)
{
ULONG result;
HTTP_REQUEST_ID requestId;
DWORD bytesRead;
PHTTP_REQUEST pRequest;
PCHAR pRequestBuffer;
ULONG RequestBufferLength;
xmlrpc_env env;
char szHeaderBuf[255];
long lContentLength;
// Allocate a 2K buffer. Should be good for most requests, we'll grow
// this if required. We also need space for a HTTP_REQUEST structure.
RequestBufferLength = sizeof(HTTP_REQUEST) + 2048;
pRequestBuffer = (PCHAR) ALLOC_MEM( RequestBufferLength );
if (pRequestBuffer == NULL)
{
return ERROR_NOT_ENOUGH_MEMORY;
}
pRequest = (PHTTP_REQUEST)pRequestBuffer;
// Wait for a new request -- This is indicated by a NULL request ID.
HTTP_SET_NULL_ID( &requestId );
for(;;)
{
RtlZeroMemory(pRequest, RequestBufferLength);
result = HttpReceiveHttpRequest(
hReqQueue, // Req Queue
requestId, // Req ID
0, // Flags
pRequest, // HTTP request buffer
RequestBufferLength,// req buffer length
&bytesRead, // bytes received
NULL // LPOVERLAPPED
);
if(NO_ERROR == result)
{
// Got a request with a filled buffer.
switch(pRequest->Verb)
{
case HttpVerbPOST:
TraceW(L"Got a POST request for %ws",
pRequest->CookedUrl.pFullUrl);
//Check if we need use authorization.
if(parmsP->authfn)
{
xmlrpc_env_init(&env);
if(pRequest->Headers.KnownHeaders[
HttpHeaderAuthorization].RawValueLength
< 6)
{
xmlrpc_env_set_fault(
&env, XMLRPC_REQUEST_REFUSED_ERROR,
"Authorization header too short.");
}
else
{
//unencode the headers
if(_strnicmp(
"basic",
pRequest->Headers.KnownHeaders[
HttpHeaderAuthorization].pRawValue,5)
!=0)
{
#ifndef NDEBUG
PCHAR pTmp = (PCHAR)
ALLOC_MEM(pRequest->Headers.KnownHeaders[
HttpHeaderAuthorization
].RawValueLength + 1 );
if( pTmp ) {
strncpy(pTmp,
pRequest->Headers.KnownHeaders[
HttpHeaderAuthorization
].pRawValue,
pRequest->Headers.KnownHeaders[
HttpHeaderAuthorization
].RawValueLength );
pTmp[pRequest->Headers.KnownHeaders[
HttpHeaderAuthorization
].RawValueLength] = 0;
TraceA("Got HEADER [%s]",pTmp);
FREE_MEM(pTmp);
}
#endif /* #ifndef NDEBUG */
xmlrpc_env_set_fault(
&env, XMLRPC_REQUEST_REFUSED_ERROR,
"Authorization header does not start "
"with type 'basic'!");
}
else
{
xmlrpc_mem_block * decoded;
decoded =
xmlrpc_base64_decode(
&env,
pRequest->Headers.KnownHeaders[
HttpHeaderAuthorization
].pRawValue+6,
pRequest->Headers.KnownHeaders[
HttpHeaderAuthorization
].RawValueLength-6);
if(!env.fault_occurred)
{
char *pDecodedStr;
char *pUser;
char *pPass;
char *pColon;
pDecodedStr = (char*)
malloc(decoded->_size+1);
memcpy(pDecodedStr,
decoded->_block,
decoded->_size);
pDecodedStr[decoded->_size]='\0';
pUser = pPass = pDecodedStr;
pColon=strchr(pDecodedStr,':');
if(pColon)
{
*pColon='\0';
pPass=pColon+1;
//The authfn should set env to
//fail if auth is denied.
parmsP->authfn(&env,pUser,pPass);
}
else
{
xmlrpc_env_set_fault(
&env,
XMLRPC_REQUEST_REFUSED_ERROR,
"Decoded auth not of the correct "
"format.");
}
free(pDecodedStr);
}
if(decoded)
XMLRPC_MEMBLOCK_FREE(char, decoded);
}
}
if(env.fault_occurred)
{
//request basic authorization, as the user
//did not provide it.
xmlrpc_env_clean(&env);
TraceW(L"POST request did not provide valid "
L"authorization header.");
result =
SendHttpResponseAuthRequired( hReqQueue,
pRequest);
break;
}
xmlrpc_env_clean(&env);
}
//Check content type to make sure it is text/xml.
memcpy(szHeaderBuf,
pRequest->Headers.KnownHeaders[
HttpHeaderContentType
].pRawValue,
pRequest->Headers.KnownHeaders[
HttpHeaderContentType
].RawValueLength);
szHeaderBuf[pRequest->Headers.KnownHeaders[
HttpHeaderContentType
].RawValueLength] = '\0';
if (_stricmp(szHeaderBuf,"text/xml")!=0)
{
//We handle only text/xml data. Anything else
//is not valid.
TraceW(L"POST request had an unrecognized "
L"content-type: %s", szHeaderBuf);
result = SendHttpResponse(
hReqQueue,
pRequest,
400,
"Bad Request",
NULL
);
break;
}
//Check content length to make sure it exists and
//is not too big.
memcpy(szHeaderBuf,
pRequest->Headers.KnownHeaders[
HttpHeaderContentLength
].pRawValue,
pRequest->Headers.KnownHeaders[
HttpHeaderContentLength
].RawValueLength);
szHeaderBuf[pRequest->Headers.KnownHeaders[
HttpHeaderContentLength
].RawValueLength]='\0';
lContentLength = atol(szHeaderBuf);
if (lContentLength<=0)
{
//Make sure a content length was supplied.
TraceW(L"POST request did not include a "
L"content-length", szHeaderBuf);
result = SendHttpResponse(
hReqQueue,
pRequest,
411,
"Length Required",
NULL
);
break;
}
if((size_t) lContentLength >
xmlrpc_limit_get(XMLRPC_XML_SIZE_LIMIT_ID))
{
//Content-length is too big for us to handle
TraceW(L"POST request content-length is too big "
L"for us to handle: %d bytes",
lContentLength);
result = SendHttpResponse(
hReqQueue,
pRequest,
500,
"content-length too large",
NULL
);
break;
}
//our initial validations of POST, content-type,
//and content-length all check out. Collect and
//pass the complete buffer to the XMLRPC-C library
xmlrpc_env_init(&env);
processRPCCall(&env,hReqQueue, pRequest);
if (env.fault_occurred)
{
//if we fail and it is anything other than a
//network error, we should return a failure
//response to the client.
if (env.fault_code != XMLRPC_NETWORK_ERROR)
{
if (env.fault_string)
result = SendHttpResponse(
hReqQueue,
pRequest,
500,
env.fault_string,
NULL
);
else
result = SendHttpResponse(
hReqQueue,
pRequest,
500,
"Unknown Error",
NULL
);
}
}
xmlrpc_env_clean(&env);
break;
default:
//We handle only POST data. Anything else is not valid.
TraceW(L"Got an unrecognized Verb request for URI %ws",
pRequest->CookedUrl.pFullUrl);
result = SendHttpResponse(
hReqQueue,
pRequest,
405,
"Method Not Allowed",
NULL
);
break;
}
if(result != NO_ERROR)
{
break;
}
// Reset the Request ID so that we pick up the next request.
HTTP_SET_NULL_ID( &requestId );
}
else if(result == ERROR_MORE_DATA)
{
// The input buffer was too small to hold the request headers
// We have to allocate more buffer & call the API again.
//
// When we call the API again, we want to pick up the request
// that just failed. This is done by passing a RequestID.
// This RequestID is picked from the old buffer.
requestId = pRequest->RequestId;
// Free the old buffer and allocate a new one.
RequestBufferLength = bytesRead;
FREE_MEM( pRequestBuffer );
pRequestBuffer = (PCHAR) ALLOC_MEM( RequestBufferLength );
if (pRequestBuffer == NULL)
{
result = ERROR_NOT_ENOUGH_MEMORY;
break;
}
pRequest = (PHTTP_REQUEST)pRequestBuffer;
}
else if(ERROR_CONNECTION_INVALID == result &&
!HTTP_IS_NULL_ID(&requestId))
{
// The TCP connection got torn down by the peer when we were
// trying to pick up a request with more buffer. We'll just move
// onto the next request.
HTTP_SET_NULL_ID( &requestId );
}
else
{
break;
}
} // for(;;)
if(pRequestBuffer)
{
FREE_MEM( pRequestBuffer );
}
return result;
}
