static ne_buffer *acl_body(ne_acl_entry *right, int count)
{
ne_buffer *body = ne_buffer_create();
int m;
ne_buffer_zappend(body,
"<?xml version=\"1.0\" encoding=\"utf-8\"?>" EOL
"<acl xmlns='DAV:'>" EOL);
for (m = 0; m < count; m++) {
const char *type;
type = (right[m].type == ne_acl_grant ? "grant" : "deny");
ne_buffer_concat(body, "<ace>" EOL "<principal>", NULL);
switch (right[m].apply) {
case ne_acl_all:
ne_buffer_zappend(body, "<all/>" EOL);
break;
case ne_acl_property:
ne_buffer_concat(body, "<property><", right[m].principal,
"/></property>" EOL, NULL);
break;
case ne_acl_href:
ne_buffer_concat(body, "<href>", right[m].principal,
"</href>" EOL, NULL);
break;
}
ne_buffer_concat(body, "</principal>" EOL "<", type, ">" EOL, NULL);
if (right[m].read == 0)
ne_buffer_concat(body,
"<privilege>" "<read/>" "</privilege>" EOL,
NULL);
if (right[m].read_acl == 0)
ne_buffer_concat(body,
"<privilege>" "<read-acl/>" "</privilege>" EOL,
NULL);
if (right[m].write == 0)
ne_buffer_concat(body,
"<privilege>" "<write/>" "</privilege>" EOL,
NULL);
if (right[m].write_acl == 0)
ne_buffer_concat(body,
"<privilege>" "<write-acl/>" "</privilege>" EOL,
NULL);
if (right[m].read_cuprivset == 0)
ne_buffer_concat(body,
"<privilege>"
"<read-current-user-privilege-set/>"
"</privilege>" EOL, NULL);
ne_buffer_concat(body, "</", type, ">" EOL, NULL);
ne_buffer_zappend(body, "</ace>" EOL);
}
ne_buffer_zappend(body, "</acl>" EOL);
return body;
}
/**
* \brief Common SET_OBJECT entries serialiser
*
* \param buff Buffer
* \param entry SET_OBJECT request entry
*
* \retval OBJECT_OK on success
* \retval OBJECT_ERROR otherwise
*/
static object_query_status_t set_object_serialise_entries(ne_buffer *buff, object_entry_t *entry) {
object_query_status_t status = OBJECT_OK;
assert(NULL != buff);
ne_buffer_zappend(buff, "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n");
ne_buffer_zappend(buff, "<SET_OBJECT>\r\n");
for (; NULL != entry; entry = entry->next) {
const char *vname = vname_nut2mge_xml(entry->payld.req.name);
/* Serialise one object */
if (NULL != vname) {
ne_buffer_zappend(buff, " <OBJECT name=\"");
ne_buffer_zappend(buff, vname);
ne_buffer_zappend(buff, "\">");
ne_buffer_zappend(buff, entry->payld.req.value);
ne_buffer_zappend(buff, "</OBJECT>\r\n");
}
/* Var. name resolution error */
else
status = OBJECT_ERROR;
}
ne_buffer_zappend(buff, "</SET_OBJECT>\r\n");
return status;
}
static void convert_dirstring(ne_buffer *buf, const char *charset,
gnutls_datum *data)
{
iconv_t id = iconv_open("UTF-8", charset);
size_t inlen = data->size, outlen = buf->length - buf->used;
char *inbuf = (char *)data->data;
char *outbuf = buf->data + buf->used - 1;
if (id == (iconv_t)-1) {
char err[128], err2[128];
ne_snprintf(err, sizeof err, "[unprintable in %s: %s]",
charset, ne_strerror(errno, err2, sizeof err2));
ne_buffer_zappend(buf, err);
return;
}
ne_buffer_grow(buf, buf->used + 64);
while (inlen && outlen
&& iconv(id, &inbuf, &inlen, &outbuf, &outlen) == 0)
;
iconv_close(id);
buf->used += buf->length - buf->used - outlen;
buf->data[buf->used - 1] = '\0';
}
static int alter(void) {
ne_buffer *s = ne_buffer_create();
char *d;
ON(s == NULL);
ne_buffer_zappend(s, "abcdefg");
d = s->data;
ON(d == NULL);
d[2] = '\0';
ne_buffer_altered(s);
ONCMP(s->data, "ab");
ON(ne_buffer_size(s) != 2);
ne_buffer_zappend(s, "hijkl");
ONCMP(s->data, "abhijkl");
ne_buffer_destroy(s);
return OK;
}
static void lk_pre_send(ne_request *r, void *userdata, ne_buffer *req)
{
struct lh_req_cookie *lrc = ne_get_request_private(r, HOOK_ID);
if (lrc->submit != NULL) {
struct lock_list *item;
/* Add in the If header */
ne_buffer_zappend(req, "If:");
for (item = lrc->submit; item != NULL; item = item->next) {
char *uri = ne_uri_unparse(&item->lock->uri);
ne_buffer_concat(req, " <", uri, "> (<",
item->lock->token, ">)", NULL);
ne_free(uri);
}
ne_buffer_zappend(req, EOL);
}
}
static int simple(void) {
ne_buffer *s = ne_buffer_create();
ON(s == NULL);
ne_buffer_zappend(s, "abcde");
ONCMP(s->data, "abcde");
ON(ne_buffer_size(s) != 5);
ne_buffer_destroy(s);
return OK;
}
static ne_buffer *set_object_serialise_form(object_query_t *handle) {
const char *vname = NULL;
assert(NULL != handle);
/* Sanity checks */
assert(SET_OBJECT_REQUEST == handle->type);
/* Create buffer */
ne_buffer *buff = ne_buffer_create();
/* neon API ref. states that the function always succeeds */
assert(NULL != buff);
/* Simple request */
if (1 == object_query_size(handle)) {
assert(NULL != handle->head);
/* TODO: Simple req. doesn't seem to work
vname = vname_nut2mge_xml(handle->head->payld.req.name);
*/
}
if (NULL != vname) {
assert(NULL != handle->head);
ne_buffer_zappend(buff, "objectName=");
ne_buffer_zappend(buff, vname);
ne_buffer_zappend(buff, "&objectValue=");
ne_buffer_zappend(buff, handle->head->payld.req.value);
}
/* Multi set request (or empty request) */
else {
/* Add request prologue */
ne_buffer_zappend(buff, "--" FORM_POST_BOUNDARY "\r\n");
ne_buffer_zappend(buff, "Content-Disposition: form-data; name=\"file\"; "
"filename=\"Configuration.xml\"\r\n");
ne_buffer_zappend(buff, "Content-Type: application/octet-stream\r\n");
ne_buffer_zappend(buff, "\r\n");
/* Serialise all entries */
set_object_serialise_entries(buff, handle->head);
/* Add request epilogue */
ne_buffer_zappend(buff, "--" FORM_POST_BOUNDARY "--\r\n");
}
return buff;
}
static void i_pre_send(ne_request *req, void *userdata, ne_buffer *hdr)
{
char buf[BUFSIZ];
const char *name = userdata;
ne_snprintf(buf, BUFSIZ, "%s: %s: %d (%s)\r\n",
name, test_suite, test_num, tests[test_num].name);
ne_buffer_zappend(hdr, buf);
}
static int buf_concat3(void)
{
ne_buffer *s = ne_buffer_create();
ON(s == NULL);
ne_buffer_zappend(s, "foobar");
ne_buffer_concat(s, "norman", NULL);
ONCMP(s->data, "foobarnorman");
ON(ne_buffer_size(s) != 12);
ne_buffer_destroy(s);
return OK;
}
/* Just before sending the request: let them add headers if they want */
static void pre_send(ne_request *req, void *session, ne_buffer *request)
{
ne_cookie_cache *cache = session;
ne_cookie *cook;
if (cache->cookies == NULL) {
return;
}
ne_buffer_zappend(request, "Cookie: ");
for (cook = cache->cookies; cook != NULL; cook=cook->next) {
ne_buffer_concat(request, cook->name, "=", cook->value, NULL);
if (cook->next != NULL) {
ne_buffer_zappend(request, "; ");
}
}
ne_buffer_zappend(request, "\r\n");
}
char *ne_uri_unparse(const ne_uri *uri)
{
ne_buffer *buf = ne_buffer_create();
if (uri->scheme) {
ne_buffer_concat(buf, uri->scheme, ":", NULL);
}
if (uri->host) {
ne_buffer_czappend(buf, "//");
if (uri->userinfo) {
ne_buffer_concat(buf, uri->userinfo, "@", NULL);
}
ne_buffer_zappend(buf, uri->host);
if (uri->port > 0
&& (!uri->scheme
|| ne_uri_defaultport(uri->scheme) != uri->port)) {
char str[20];
ne_snprintf(str, 20, ":%d", uri->port);
ne_buffer_zappend(buf, str);
}
}
ne_buffer_zappend(buf, uri->path);
if (uri->query) {
ne_buffer_concat(buf, "?", uri->query, NULL);
}
if (uri->fragment) {
ne_buffer_concat(buf, "#", uri->fragment, NULL);
}
return ne_buffer_finish(buf);
}
/* Return a malloc-allocated human-readable error string describing
* GnuTLS verification error bitmask 'status'; return value must be
* freed by the caller. */
static char *verify_error_string(unsigned int status)
{
ne_buffer *buf = ne_buffer_create();
/* sorry, i18n-ers */
if (status & GNUTLS_CERT_INSECURE_ALGORITHM) {
ne_buffer_zappend(buf, _("signed using insecure algorithm"));
}
else {
ne_buffer_snprintf(buf, 64, _("unrecognized errors (%u)"),
status);
}
return ne_buffer_finish(buf);
}
static int append(void)
{
ne_buffer *s = ne_buffer_create();
ON(s == NULL);
ne_buffer_append(s, "a", 1);
ne_buffer_append(s, "b", 1);
ne_buffer_append(s, "c", 1);
ONCMP(s->data, "abc");
ON(ne_buffer_size(s) != 3);
ne_buffer_zappend(s, "hello");
ONCMP(s->data, "abchello");
ne_buffer_czappend(s, "world");
ONCMP(s->data, "abchelloworld");
ON(ne_buffer_size(s) != 13);
ne_buffer_destroy(s);
return OK;
}
static void append_dirstring(ne_buffer *buf, gnutls_datum *data, unsigned long tag)
{
switch (tag) {
case TAG_UTF8:
case TAG_IA5:
case TAG_PRINTABLE:
case TAG_VISIBLE:
ne_buffer_append(buf, (char *)data->data, data->size);
break;
#ifdef HAVE_ICONV
case TAG_T61:
convert_dirstring(buf, "ISO-8859-1", data);
break;
case TAG_BMP:
convert_dirstring(buf, "UCS-2BE", data);
break;
#endif
default: {
char tmp[128];
ne_snprintf(tmp, sizeof tmp, _("[unprintable:#%lu]"), tag);
ne_buffer_zappend(buf, tmp);
} break;
}
}
/* Return Digest authentication credentials header value for the given
* session. */
static char *request_digest(auth_session *sess, struct auth_request *req)
{
struct ne_md5_ctx a2, rdig;
unsigned char a2_md5[16], rdig_md5[16];
char a2_md5_ascii[33], rdig_md5_ascii[33];
char nc_value[9] = {0};
const char *qop_value = "auth"; /* qop-value */
ne_buffer *ret;
/* Increase the nonce-count */
if (sess->qop != auth_qop_none) {
sess->nonce_count++;
ne_snprintf(nc_value, 9, "%08x", sess->nonce_count);
NE_DEBUG(NE_DBG_HTTPAUTH, "Nonce count is %u, nc is [%s]\n",
sess->nonce_count, nc_value);
}
/* Calculate H(A2). */
ne_md5_init_ctx(&a2);
ne_md5_process_bytes(req->method, strlen(req->method), &a2);
ne_md5_process_bytes(":", 1, &a2);
ne_md5_process_bytes(req->uri, strlen(req->uri), &a2);
ne_md5_finish_ctx(&a2, a2_md5);
ne_md5_to_ascii(a2_md5, a2_md5_ascii);
NE_DEBUG(NE_DBG_HTTPAUTH, "H(A2): %s\n", a2_md5_ascii);
NE_DEBUG(NE_DBG_HTTPAUTH, "Calculating Request-Digest.\n");
/* Now, calculation of the Request-Digest.
* The first section is the regardless of qop value
* H(A1) ":" unq(nonce-value) ":" */
ne_md5_init_ctx(&rdig);
/* Use the calculated H(A1) */
ne_md5_process_bytes(sess->h_a1, 32, &rdig);
ne_md5_process_bytes(":", 1, &rdig);
ne_md5_process_bytes(sess->nonce, strlen(sess->nonce), &rdig);
ne_md5_process_bytes(":", 1, &rdig);
if (sess->qop != auth_qop_none) {
/* Add on:
* nc-value ":" unq(cnonce-value) ":" unq(qop-value) ":"
*/
NE_DEBUG(NE_DBG_HTTPAUTH, "Have qop directive, digesting: [%s:%s:%s]\n",
nc_value, sess->cnonce, qop_value);
ne_md5_process_bytes(nc_value, 8, &rdig);
ne_md5_process_bytes(":", 1, &rdig);
ne_md5_process_bytes(sess->cnonce, strlen(sess->cnonce), &rdig);
ne_md5_process_bytes(":", 1, &rdig);
/* Store a copy of this structure (see note below) */
sess->stored_rdig = rdig;
ne_md5_process_bytes(qop_value, strlen(qop_value), &rdig);
ne_md5_process_bytes(":", 1, &rdig);
} else {
/* Store a copy of this structure... we do this because the
* calculation of the rspauth= field in the Auth-Info header
* is the same as this digest, up to this point. */
sess->stored_rdig = rdig;
}
/* And finally, H(A2) */
ne_md5_process_bytes(a2_md5_ascii, 32, &rdig);
ne_md5_finish_ctx(&rdig, rdig_md5);
ne_md5_to_ascii(rdig_md5, rdig_md5_ascii);
ret = ne_buffer_create();
ne_buffer_concat(ret,
"Digest username=\"", sess->username, "\", "
"realm=\"", sess->realm, "\", "
"nonce=\"", sess->nonce, "\", "
"uri=\"", req->uri, "\", "
"response=\"", rdig_md5_ascii, "\", "
"algorithm=\"", sess->alg == auth_alg_md5 ? "MD5" : "MD5-sess", "\"",
NULL);
if (sess->opaque != NULL) {
ne_buffer_concat(ret, ", opaque=\"", sess->opaque, "\"", NULL);
}
if (sess->qop != auth_qop_none) {
/* Add in cnonce and nc-value fields */
ne_buffer_concat(ret, ", cnonce=\"", sess->cnonce, "\", "
"nc=", nc_value, ", "
"qop=\"", qop_value, "\"", NULL);
}
ne_buffer_zappend(ret, "\r\n");
NE_DEBUG(NE_DBG_HTTPAUTH, "Digest request header is %s\n", ret->data);
return ne_buffer_finish(ret);
}
static ne_request *s3_new_request(const S3 *s3,const char *method,const char *bucket,const char *key,const char *params,const char *content_type)
{
ne_buffer *date, *signing_string, *request_str;
ne_request *req;
char *sig, *p;
time_t t;
if(!s3) return NULL;
if(!method) return NULL;
if(!bucket) return NULL;
if(!s3->session) return NULL;
// create some string buffers
date = ne_buffer_create();
signing_string = ne_buffer_create();
request_str = ne_buffer_create();
// get the time
t = time(NULL);
ne_buffer_zappend(date,asctime(gmtime(&t)));
if(date->data[date->used - 2] == '\n')
date->data[date->used - 2] = 0;
ne_buffer_altered(date);
// create request
if(key) ne_buffer_concat(request_str,"/",bucket,"/",key,NULL);
else ne_buffer_concat(request_str,"/",bucket,NULL);
if(params && params[0] != 0) {
ne_buffer_zappend(request_str,"?");
ne_buffer_zappend(request_str,params);
}
req = ne_request_create(s3->session,method,request_str->data);
// Add date header
ne_add_request_header(req,"Date",date->data);
// Add content-type header
if(content_type) ne_add_request_header(req,"Content-Type",content_type);
else content_type = "";
// construct signing string
p = strrchr(request_str->data,'?');
if(p) {
*p = 0;
ne_buffer_altered(request_str);
}
ne_buffer_concat(signing_string,method,"\n\n",content_type,"\n",date->data,"\n",request_str->data,NULL);
// sign the string
sig = s3_sign_string(s3,signing_string->data);
// construct signed header
ne_print_request_header(req,"Authorization","AWS %s:%s",s3->access_id,sig);
ne_buffer_destroy(date);
ne_buffer_destroy(signing_string);
ne_buffer_destroy(request_str);
free(sig);
return req;
}
int ne_lock(ne_session *sess, struct ne_lock *lock)
{
ne_request *req = ne_request_create(sess, "LOCK", lock->uri.path);
ne_buffer *body = ne_buffer_create();
ne_xml_parser *parser = ne_xml_create();
int ret, parse_failed;
struct lock_ctx ctx;
memset(&ctx, 0, sizeof ctx);
ctx.cdata = ne_buffer_create();
ctx.req = req;
ne_xml_push_handler(parser, lk_startelm, lk_cdata, lk_endelm, &ctx);
/* Create the body */
ne_buffer_concat(body, "<?xml version=\"1.0\" encoding=\"utf-8\"?>" EOL
"<lockinfo xmlns='DAV:'>" EOL " <lockscope>",
lock->scope==ne_lockscope_exclusive?
"<exclusive/>":"<shared/>",
"</lockscope>" EOL
"<locktype><write/></locktype>", NULL);
if (lock->owner) {
ne_buffer_concat(body, "<owner>", lock->owner, "</owner>" EOL, NULL);
}
ne_buffer_zappend(body, "</lockinfo>" EOL);
ne_set_request_body_buffer(req, body->data, ne_buffer_size(body));
/* ne_add_request_header(req, "Content-Type", NE_XML_MEDIA_TYPE); */
/* Just to test whether sever accepts both text/xml and application/xml */
ne_add_request_header(req, "Content-Type", "text/xml");
ne_add_depth_header(req, lock->depth);
add_timeout_header(req, lock->timeout);
/* TODO:
* By 2518, we need this only if we are creating a lock-null resource.
* Since we don't KNOW whether the lock we're given is a lock-null
* or not, we cover our bases.
*/
ne_lock_using_parent(req, lock->uri.path);
/* This one is clearer from 2518 sec 8.10.4. */
ne_lock_using_resource(req, lock->uri.path, lock->depth);
ret = ne_xml_dispatch_request(req, parser);
ne_buffer_destroy(body);
ne_buffer_destroy(ctx.cdata);
parse_failed = ne_xml_failed(parser);
if (ret == NE_OK && ne_get_status(req)->klass == 2) {
if (ctx.token == NULL) {
ret = NE_ERROR;
ne_set_error(sess, _("No Lock-Token header given"));
}
else if (parse_failed) {
ret = NE_ERROR;
ne_set_error(sess, "%s", ne_xml_get_error(parser));
}
else if (ne_get_status(req)->code == 207) {
ret = NE_ERROR;
/* TODO: set the error string appropriately */
}
else if (ctx.found) {
/* it worked: copy over real lock details if given. */
if (lock->token) ne_free(lock->token);
lock->token = ctx.token;
ctx.token = NULL;
if (ctx.active.timeout != NE_TIMEOUT_INVALID)
lock->timeout = ctx.active.timeout;
lock->scope = ctx.active.scope;
lock->type = ctx.active.type;
if (ctx.active.depth >= 0)
lock->depth = ctx.active.depth;
if (ctx.active.owner) {
if (lock->owner) ne_free(lock->owner);
lock->owner = ctx.active.owner;
ctx.active.owner = NULL;
}
} else {
ret = NE_ERROR;
ne_set_error(sess, _("Response missing activelock for %s"),
ctx.token);
}
} else if (ret == NE_OK /* && status != 2xx */) {
ret = NE_ERROR;
}
ne_lock_free(&ctx.active);
if (ctx.token) ne_free(ctx.token);
ne_request_destroy(req);
ne_xml_destroy(parser);
return ret;
}
static ne_buffer *acl_body(const ne_acl_entry *right, int count)
{
ne_buffer *body = ne_buffer_create();
int m;
ne_buffer_zappend(body,
"<?xml version=\"1.0\" encoding=\"utf-8\"?>" EOL
"<acl xmlns='DAV:'>" EOL);
for (m = 0; m < count; m++) {
const char *type;
type = (right[m].type == ne_acl_grant ? "grant" : "deny");
ne_buffer_concat(body, "<ace>" EOL "<principal>", NULL);
switch (right[m].target) {
case ne_acl_all:
ne_buffer_czappend(body, "<all/>" EOL);
break;
case ne_acl_authenticated:
ne_buffer_czappend(body, "<authenticated/>" EOL);
break;
case ne_acl_unauthenticated:
ne_buffer_czappend(body, "<unauthenticated/>" EOL);
break;
case ne_acl_self:
ne_buffer_czappend(body, "<self/>" EOL);
break;
case ne_acl_property:
ne_buffer_concat(body, "<property><", right[m].tname,
"/></property>" EOL, NULL);
break;
case ne_acl_href:
ne_buffer_concat(body, "<href>", right[m].tname,
"</href>" EOL, NULL);
break;
}
ne_buffer_concat(body, "</principal>" EOL
"<", type, ">" EOL, NULL);
if ((right[m].privileges & NE_ACL_READ) == NE_ACL_READ)
ne_buffer_concat(body,
"<privilege>" "<read/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_WRITE) == NE_ACL_WRITE)
ne_buffer_concat(body,
"<privilege>" "<write/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_WRITE_PROPERTIES) == NE_ACL_WRITE_PROPERTIES)
ne_buffer_concat(body,
"<privilege>" "<write-properties/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_WRITE_CONTENT) == NE_ACL_WRITE_CONTENT)
ne_buffer_concat(body,
"<privilege>" "<write-content/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_UNLOCK) == NE_ACL_UNLOCK)
ne_buffer_concat(body,
"<privilege>" "<unlock/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_READ_ACL) == NE_ACL_READ_ACL)
ne_buffer_concat(body,
"<privilege>" "<read-acl/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_READ_CUPRIVSET) == NE_ACL_READ_CUPRIVSET)
ne_buffer_concat(body,
"<privilege>" "<read-current-user-privileges-set/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_WRITE_ACL) == NE_ACL_WRITE_ACL)
ne_buffer_concat(body,
"<privilege>" "<write-acl/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_BIND) == NE_ACL_BIND)
ne_buffer_concat(body,
"<privilege>" "<bind/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_UNBIND) == NE_ACL_UNBIND)
ne_buffer_concat(body,
"<privilege>" "<unbind/>" "</privilege>" EOL,
NULL);
if ((right[m].privileges & NE_ACL_ALL) == NE_ACL_ALL)
ne_buffer_concat(body,
"<privilege>" "<all/>" "</privilege>" EOL,
NULL);
ne_buffer_concat(body, "</", type, ">" EOL, NULL);
ne_buffer_czappend(body, "</ace>" EOL);
}
ne_buffer_czappend(body, "</acl>" EOL);
return body;
}
