Exemple #1
0
static void*
handle_import(enum mg_event event,
              struct mg_connection *conn,
              const struct mg_request_info *request_info) {
    std::string file = get_qs(request_info, "file");
    int sorted = atoi(get_qs(request_info, "sorted").c_str());
    uint_t limit  = atoi(get_qs(request_info, "limit").c_str());
    int nadded, nlines;
    const time_t start_time = time(NULL);

    if (!limit) {
        limit = minus_one;
    }

    int ret = do_import(file, sorted, limit, nadded, nlines);
    if (ret < 0) {
        switch (-ret) {
        case IMPORT_FILE_NOT_FOUND:
            print_HTTP_response(conn, 404, "Not Found");
            break;

        default:
            cerr<<"ERROR::Unknown error: "<<ret<<endl;
        }
    }
    else {
        print_HTTP_response(conn, 200, "OK");
        mg_printf(conn, "Successfully added %d/%d records from \"%s\" in %d second(s)\n", 
                  nadded, nlines, file.c_str(), time(NULL) - start_time);
    }

    return (void*)"";
}
Exemple #2
0
static void*
handle_suggest(enum mg_event event,
               struct mg_connection *conn,
               const struct mg_request_info *request_info) {

    ++nreq;
    if (building) {
        print_HTTP_response(conn, 412, "Busy");
        return (void*)"";
    }

    std::string q    = get_qs(request_info, "q");
    std::string sn   = get_qs(request_info, "n");
    std::string cb   = get_qs(request_info, "callback");
    std::string type = get_qs(request_info, "type");

    DCERR("handle_suggest::q:"<<q<<", sn:"<<sn<<", callback: "<<cb<<endl);

    unsigned int n = sn.empty() ? NMAX : atoi(sn.c_str());
    if (n > NMAX) {
        n = NMAX;
    }

    const bool has_cb = !cb.empty();
    if (has_cb && !is_valid_cb(cb)) {
        print_HTTP_response(conn, 400, "Invalid Request");
        return (void*)"";
    }

    print_HTTP_response(conn, 200, "OK");

    str_lowercase(q);
    vp_t results = suggest(pm, st, q, n);

    /*
      for (size_t i = 0; i < results.size(); ++i) {
      mg_printf(conn, "%s:%d\n", results[i].first.c_str(), results[i].second);
      }
    */
    if (has_cb) {
        mg_printf(conn, "%s(%s);\n", cb.c_str(), results_json(q, results, type).c_str());
    }
    else {
        mg_printf(conn, "%s\n", results_json(q, results, type).c_str());
    }

    return (void*)"";
}
Exemple #3
0
int main(){
	char curDir[512], *cd=curDir, newDir[512], *curtok, *newtok, RealDir[1024], buf[2048], *ptr;
	printf("Content-type: text/html\n\n<html><meta http-equiv=\"Content-Type\" content=\"text/html; charset=koi8-r\"><body>\n");
	if(!(ptr = get_qs(buf, 2048)))
		printerr("no query string", 1);
	if(!get_qs_param(ptr, "DIR", curDir, 512))
		printerr("no directory selected", 2);
	if(!get_qs_param(ptr, "NEWDIR", newDir, 512))
		printerr("no name of new directory", 3);
	unhexdump(newDir);
	if(!strstr(curDir, "/Inc"))
		unhexdump(curDir);
	ptr = strstr(curDir, "/Inc");
	if(ptr) cd = ptr + 4;
	ptr = strstr(curDir, "..");
	if(ptr) printerr("bad directory name", 4);
	curtok = strtok(cd, "/");
	newtok = strtok(newDir, "/");
	if(!newtok) printerr("no directory name", 5);
	if(!curtok) sprintf(RealDir, "/var/www/tmp/Incoming/%s", newtok);
	else sprintf(RealDir, "/var/www/tmp/Incoming/%s/%s", curtok, newtok);
	if(mkdir(RealDir, 0777) < 0) printerr("can't create directory", 7);
	chmod(RealDir, 0777);
	printerr("directory created", 0);
}
Exemple #4
0
static void*
handle_export(enum mg_event event,
              struct mg_connection *conn,
              const struct mg_request_info *request_info) {
    std::string file = get_qs(request_info, "file");
    if (building) {
        print_HTTP_response(conn, 412, "Busy");
        mg_printf(conn, "Busy\n");
        return (void*)"";
    }

    // Prevent modifications to 'pm' while we export
    building = true;
    ofstream fout(file.c_str());
    const time_t start_time = time(NULL);

    for (size_t i = 0; i < pm.repr.size(); ++i) {
        fout<<pm.repr[i].weight<<'\t'<<pm.repr[i].phrase<<'\t'<<std::string(pm.repr[i].snippet)<<'\n';
    }

    building = false;
    mg_printf(conn, "Successfully wrote %u records to output file '%s' in %d second(s)\n", 
              pm.repr.size(), file.c_str(), time(NULL) - start_time);
    return (void*)"";
}
Exemple #5
0
// получение смещения на начало данных в multipart-строке запроса (в очередном куске)
// QS модифицируется соответствующим образом (curpos - начало файла, qlen - его длина)
off_t get_data_beginning(){
	DBG("fd=%d, curpos=%lld, qlen=%zd", QS->fd, QS->curpos, QS->qlen);
	if((!qs && !get_qs()) || (QS->fd && !QS->curpos)) return -1;
	off_t offs = 0;
	char *ctpos = strstr(QS->str, "\r\n\r\n");
	if(!ctpos) return -1;
	offs = ctpos - QS->str + 4;
	if(offs > 0 && offs < QS->qlen){
		QS->str = ctpos + 4;
		DBG("Found data");
		if(QS->fd) QS->curpos += offs;
		QS->size -= offs;
		QS->qlen -= offs;
	}else return -1;
/*	char *ctpos = strcasestr(QS->str, "Content-Type");
	if(ctpos) ctpos = strchr(ctpos, '\r');
	if(ctpos) offs = ctpos - QS->str + 4;
	if(offs > 0 && offs < QS->qlen){
		QS->str = ctpos + 4;
		DBG("Found file data");
		if(QS->fd) QS->curpos += offs;
		QS->size -= offs;
		QS->qlen -= offs;
	}else return -1;
*/
	DBG("offs: %lld, curpos: %lld", offs, QS->curpos);
	return QS->curpos;
}
Exemple #6
0
int digest_authorization(struct openconnect_info *vpninfo, int proxy,
			 struct http_auth_state *auth_state,
			 struct oc_text_buf *hdrbuf)
{
	char *chall;
	int ret = -EINVAL;
	int algo = ALGO_MD5;
	int qop_auth = 0;
	int nc = 1;
	struct oc_text_buf *realm = NULL, *nonce = NULL, *opaque = NULL;
	struct oc_text_buf *a1 = NULL, *a2 = NULL, *kd = NULL;
	struct oc_text_buf *cnonce = NULL;
	unsigned char cnonce_random[32];
	const char *user, *pass;

	if (proxy) {
		user = vpninfo->proxy_user;
		pass = vpninfo->proxy_pass;
	} else {
		/* Need to parse this out of the URL */
		return -EINVAL;
	}

	if (!user || !pass)
		return -EINVAL;

	if (auth_state->state < AUTH_AVAILABLE)
		return -EINVAL;

	if (auth_state->state == AUTH_IN_PROGRESS) {
		auth_state->state = AUTH_FAILED;
		return -EAGAIN;
	}

	chall = auth_state->challenge;
	if (!chall)
		return -EINVAL;

	while (*chall) {
		if (!realm && !strncmp(chall, "realm=", 6)) {
			chall += 6;
			realm = get_qs(&chall);
			if (!realm)
				goto err;
		} else if (!nonce && !strncmp(chall, "nonce=", 6)) {
			chall += 6;
			nonce = get_qs(&chall);
			if (!nonce)
				goto err;
		} else if (!strncmp(chall, "qop=", 4)) {
			chall += 4;
			if (strncmp(chall, "\"auth\"", 6)) {
				/* We don't support "auth-int" */
				goto err;
			}
			qop_auth = 1;
			chall += 6;
		} else if (!opaque && !strncmp(chall, "opaque=", 7)) {
			chall += 7;
			opaque = get_qs(&chall);
			if (!opaque)
				goto err;
		} else if (!strncmp(chall, "algorithm=", 10)) {
			chall += 10;
			if (!strncmp(chall, "MD5-sess", 8)) {
				algo = ALGO_MD5_SESS;
				chall += 8;
			} else if (!strncmp(chall, "MD5", 3)) {
				algo = ALGO_MD5;
				chall += 3;
			}
		} else {
			char *p = strchr(chall, '=');
			if (!p)
				goto err;
			p++;
			if (*p == '\"') {
				/* Eat and discard a quoted-string */
				int escaped = 0;
				p++;
				do  {
					if (escaped)
						escaped = 0;
					else if (*p == '\\')
						escaped = 1;
					if (!*p)
						goto err;
				} while (escaped || *p != '\"');
				chall = p+1;
			} else {
				/* Not quoted. Just find the next comma (or EOL) */
				p = strchr(p, ',');
				if (!p)
					break;
				chall = p;
			}
		}
		while (isspace((int)(unsigned char)*chall))
			chall++;
		if (!*chall)
			break;
		if (*chall != ',')
			goto err;
		chall++;
		while (isspace((int)(unsigned char)*chall))
			chall++;
		if (!*chall)
			break;
	}
	if (!nonce || !realm)
		goto err;

	if (openconnect_random(&cnonce_random, sizeof(cnonce_random)))
		goto err;
	cnonce = buf_alloc();
	buf_append_base64(cnonce, cnonce_random, sizeof(cnonce_random));
	if (buf_error(cnonce))
		goto err;

	/*
	 * According to RFC2617 §3.2.2.2:
	 *  A1       = unq(username-value) ":" unq(realm-value) ":" passwd
	 * So the username is escaped, while the password isn't.
	 */
	a1 = buf_alloc();
	buf_append_unq(a1, user);
	buf_append(a1, ":%s:%s", realm->data, pass);
	if (buf_error(a1))
		goto err;
	if (algo == ALGO_MD5_SESS) {
		struct oc_text_buf *old_a1 = a1;

		a1 = buf_alloc();
		buf_append_md5(a1, old_a1->data, old_a1->pos);
		buf_free(old_a1);
		buf_append(a1, ":%s:%s\n", nonce->data, cnonce->data);
		if (buf_error(a1))
			goto err;
	}

	a2 = buf_alloc();
	buf_append(a2, "CONNECT:%s:%d", vpninfo->hostname, vpninfo->port);
	if (buf_error(a2))
		goto err;

	kd = buf_alloc();
	buf_append_md5(kd, a1->data, a1->pos);
	buf_append(kd, ":%s:", nonce->data);
	if (qop_auth) {
		buf_append(kd, "%08x:%s:auth:", nc, cnonce->data);
	}
	buf_append_md5(kd, a2->data, a2->pos);
	if (buf_error(kd))
		goto err;

	buf_append(hdrbuf, "%sAuthorization: Digest username=\"", proxy ? "Proxy-" : "");
	buf_append_unq(hdrbuf, user);
	buf_append(hdrbuf, "\", realm=\"%s\", nonce=\"%s\", uri=\"%s:%d\", ",
		   realm->data, nonce->data, vpninfo->hostname, vpninfo->port);
	if (qop_auth)
		buf_append(hdrbuf, "cnonce=\"%s\", nc=%08x, qop=auth, ",
			   cnonce->data, nc);
	if (opaque)
		buf_append(hdrbuf, "opaque=\"%s\", ", opaque->data);
	buf_append(hdrbuf, "response=\"");
	buf_append_md5(hdrbuf, kd->data, kd->pos);
	buf_append(hdrbuf, "\"\r\n");

	ret = 0;

	auth_state->state = AUTH_IN_PROGRESS;
	if (proxy)
		vpn_progress(vpninfo, PRG_INFO,
			     _("Attempting Digest authentication to proxy\n"));
	else
		vpn_progress(vpninfo, PRG_INFO,
			     _("Attempting Digest authentication to server '%s'\n"),
			     vpninfo->hostname);
 err:
	if (a1 && a1->data)
		memset(a1->data, 0, a1->pos);
	buf_free(a1);
	buf_free(a2);
	buf_free(kd);
	buf_free(realm);
	buf_free(nonce);
	buf_free(cnonce);
	buf_free(opaque);
	return ret;
}