int websUrlHandlerRequest(webs_t wp)
{
websUrlHandlerType *sp;
int i, first;
a_assert(websValid(wp));
trace(8, T("%s %d %s\n"),__FILE__,__LINE__,__FUNCTION__);
/*
* Delete the socket handler as we don't want to start reading any
* data on the connection as it may be for the next pipelined HTTP/1.1
* request if using Keep Alive
*/
socketDeleteHandler(wp->sid);
wp->state = WEBS_PROCESSING;
websStats.handlerHits++;
websSetRequestPath(wp, websGetDefaultDir(), NULL);
/*
* Eliminate security hole
*/
websCondenseMultipleChars(wp->path, '/');
websCondenseMultipleChars(wp->url, '/');
/*
* We loop over each handler in order till one accepts the request.
* The security handler will handle the request if access is NOT allowed.
*/
first = 1;
for (i = 0; i < websUrlHandlerMax; i++) {
sp = &websUrlHandler[i];
if (sp->handler && gstrncmp(sp->urlPrefix, wp->path, sp->len) == 0) {
if (first) {
websSetEnv(wp);
first = 0;
}
if ((*sp->handler)(wp, sp->urlPrefix, sp->webDir, sp->arg,
wp->url, wp->path, wp->query)) {
return 1;
}
if (!websValid(wp)) {
trace(0,
T("webs: handler %s called websDone, but didn't return 1\n"),
sp->urlPrefix);
return 1;
}
}
}
/*
* If no handler processed the request, then return an error. Note: It is
* the handlers responsibility to call websDone
*/
if (i >= websUrlHandlerMax) {
websError(wp, 200, T("No handler for this URL %s"), wp->url);
}
return 0;
}
int websFormHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg,
char_t *url, char_t *path, char_t *query)
{
sym_t *sp;
char_t formBuf[FNAMESIZE];
char_t *cp, *formName;
int (*fn)(void *sock, char_t *path, char_t *args);
a_assert(websValid(wp));
a_assert(url && *url);
a_assert(path && *path == '/');
websStats.formHits++;
/*
* Extract the form name
*/
gstrncpy(formBuf, path, TSZ(formBuf));
if ((formName = gstrchr(&formBuf[1], '/')) == NULL) {
websError(wp, 200, T("Missing form name"));
return 1;
}
formName++;
if ((cp = gstrchr(formName, '/')) != NULL) {
*cp = '\0';
}
/*
* Lookup the C form function first and then try tcl (no javascript support
* yet).
*/
sp = symLookup(formSymtab, formName);
if (sp == NULL) {
websError(wp, 200, T("Form %s is not defined"), formName);
} else {
fn = (int (*)(void *, char_t *, char_t *)) sp->content.value.integer;
a_assert(fn);
if (fn) {
/*
* For good practice, forms must call websDone()
*/
(*fn)((void*) wp, formName, query);
/*
* Remove the test to force websDone, since this prevents
* the server "push" from a form>
*/
#if 0 /* push */
if (websValid(wp)) {
websError(wp, 200, T("Form didn't call websDone"));
}
#endif /* push */
}
}
return 1;
}
int websPageReadData(webs_t wp, char *buf, int nBytes)
{
#ifdef WEBS_PAGE_ROM
a_assert(websValid(wp));
return websRomPageReadData(wp, buf, nBytes);
#else
a_assert(websValid(wp));
return gread(wp->docfd, buf, nBytes);
#endif
}
/*
Do output back to the browser in the background. This is a socket write handler.
This bypasses the output buffer and writes directly to the socket.
*/
static void fileWriteEvent(Webs *wp)
{
char *buf;
ssize len, wrote;
assert(wp);
assert(websValid(wp));
/*
Note: websWriteSocket may return less than we wanted. It will return -1 on a socket error.
*/
if ((buf = walloc(ME_GOAHEAD_LIMIT_BUFFER)) == NULL) {
websError(wp, HTTP_CODE_INTERNAL_SERVER_ERROR, "Cannot get memory");
return;
}
/*
OPT - we could potentially save this buffer so that on short-writes, it does not need to be re-read.
*/
while ((len = websPageReadData(wp, buf, ME_GOAHEAD_LIMIT_BUFFER)) > 0) {
if ((wrote = websWriteSocket(wp, buf, len)) < 0) {
break;
}
if (wrote != len) {
websPageSeek(wp, - (len - wrote), SEEK_CUR);
break;
}
}
wfree(buf);
if (len <= 0) {
websDone(wp);
}
}
/*
Don't use these routes. Use websWriteHeaders, websEndHeaders instead.
Write a webs header. This is a convenience routine to write a common header for a form back to the browser.
*/
PUBLIC void websHeader(Webs *wp)
{
assure(websValid(wp));
websWriteHeaders(wp, -1, 0);
websWriteEndHeaders(wp);
websWrite(wp, "<html>\n");
}
static int websTidyUrl(webs_t wp)
{
char_t *parts[64]; /* Array of ptr's to URL parts */
char_t *token, *url, *tidyurl;
int i, len, npart;
a_assert(websValid(wp));
/*
* Copy the string so we don't destroy the original (yet)
*/
url = bstrdup(B_L, wp->url);
websDecodeUrl(url, url, gstrlen(url));
len = npart = 0;
parts[0] = NULL;
token = gstrtok(url, T("/"));
/*
* Look at each directory segment and process "." and ".." segments
* Don't allow the browser to pop outside the root web.
*/
while (token != NULL) {
if (gstrcmp(token, T("..")) == 0) {
if (npart > 0) {
npart--;
}
} else if (gstrcmp(token, T(".")) != 0) {
parts[npart] = token;
len += gstrlen(token) + 1;
npart++;
}
token = gstrtok(NULL, T("/"));
}
/*
* Re-construct URL. Need extra space all "/" and null.
*/
if (npart || (gstrcmp(url, T("/")) == 0) || (url[0] == '\0')) {
tidyurl = balloc(B_L, (len + 2) * sizeof(char_t));
*tidyurl = '\0';
for (i = 0; i < npart; i++) {
gstrcat(tidyurl, T("/"));
gstrcat(tidyurl, parts[i]);
}
bfree(B_L, url);
bfree(B_L, wp->url);
wp->url = tidyurl;
return 0;
} else {
bfree(B_L, url);
return -1;
}
}
/*
The upload handler functions as a filter. It never actually handles a request
*/
static bool uploadHandler(Webs *wp)
{
assert(websValid(wp));
if (!(wp->flags & WEBS_UPLOAD)) {
return 0;
}
return initUpload(wp);
}
void websPageSeek(webs_t wp, long offset)
{
a_assert(websValid(wp));
#ifdef WEBS_PAGE_ROM
websRomPageSeek(wp, offset, SEEK_CUR);
#else
glseek(wp->docfd, offset, SEEK_CUR);
#endif
}
int websPageOpen(webs_t wp, char_t *lpath, char_t *path, int mode, int perm)
{
a_assert(websValid(wp));
#ifdef WEBS_PAGE_ROM
return websRomPageOpen(wp, path, mode, perm);
#else
return (wp->docfd = gopen(lpath, mode, perm));
#endif /* WEBS_PAGE_ROM */
}
static void websDefaultWriteEvent(webs_t wp)
{
int len, wrote, flags, bytes, written;
char *buf;
a_assert(websValid(wp));
flags = websGetRequestFlags(wp);
websSetTimeMark(wp);
wrote = bytes = 0;
written = websGetRequestWritten(wp);
/*
* We only do this for non-ASP documents
*/
if ( !(flags & WEBS_ASP)) {
bytes = websGetRequestBytes(wp);
/*
* Note: websWriteDataNonBlock may return less than we wanted. It will
* return -1 on a socket error
*/
if ((buf = balloc(B_L, PAGE_READ_BUFSIZE)) == NULL) {
websError(wp, 200, T("Can't get memory"));
} else {
while ((len = websPageReadData(wp, buf, PAGE_READ_BUFSIZE)) > 0) {
if ((wrote = websWriteDataNonBlock(wp, buf, len)) < 0) {
break;
}
written += wrote;
if (wrote != len) {
websPageSeek(wp, - (len - wrote));
break;
}
}
/*
* Safety. If we are at EOF, we must be done
*/
if (len == 0) {
a_assert(written >= bytes);
written = bytes;
}
bfree(B_L, buf);
}
}
/*
* We're done if an error, or all bytes output
*/
websSetRequestWritten(wp, written);
if (wrote < 0 || written >= bytes) {
websDone(wp, 200);
}
}
void websPageClose(webs_t wp)
{
a_assert(websValid(wp));
#ifdef WEBS_PAGE_ROM
websRomPageClose(wp->docfd);
#else
if (wp->docfd >= 0) {
gclose(wp->docfd);
wp->docfd = -1;
}
#endif
}
int websPageOpen(webs_t wp, char_t *lpath, char_t *path, int mode, int perm)
{
#if defined(WIN32)
errno_t error;
#endif
a_assert(websValid(wp));
#ifdef WEBS_PAGE_ROM
return websRomPageOpen(wp, path, mode, perm);
#elif defined(WIN32)
error = _sopen_s(&(wp->docfd), lpath, mode, _SH_DENYNO, _S_IREAD);
return (wp->docfd = gopen(lpath, mode, _S_IREAD));
#else
return (wp->docfd = gopen(lpath, mode, perm));
#endif /* WEBS_PAGE_ROM */
}
int websRomPageOpen(webs_t wp, char_t *path, int mode, int perm)
{
websRomPageIndexType *wip;
sym_t *sp;
a_assert(websValid(wp));
a_assert(path && *path);
if ((sp = symLookup(romTab, path)) == NULL) {
return -1;
}
wip = (websRomPageIndexType*) sp->content.value.integer;
wip->pos = 0;
return (wp->docfd = wip - websRomPageIndex);
}
int websRomPageReadData(webs_t wp, char *buf, int nBytes)
{
websRomPageIndexType *wip;
int len;
a_assert(websValid(wp));
a_assert(buf);
a_assert(wp->docfd >= 0);
wip = &websRomPageIndex[wp->docfd];
len = min(wip->size - wip->pos, nBytes);
memcpy(buf, &wip->page[wip->pos], len);
wip->pos += len;
return len;
}
static int websPublishHandler(webs_t wp, char_t *urlPrefix, char_t *webDir,
int sid, char_t *url, char_t *path, char_t *query)
{
int len;
a_assert(websValid(wp));
a_assert(path);
/*
* Trim the urlPrefix off the path and set the webdirectory. Add one to step
* over the trailing '/'
*/
len = gstrlen(urlPrefix) + 1;
websSetRequestPath(wp, webDir, &path[len]);
return 0;
}
void websHeader(webs_t wp)
{
a_assert(websValid(wp));
websWrite(wp, T("HTTP/1.0 200 OK\n"));
/*
* By license terms the following line of code must not be modified
*/
websWrite(wp, T("Server: %s\r\n"), WEBS_NAME);
websWrite(wp, T("Pragma: no-cache\n"));
websWrite(wp, T("Cache-control: no-cache\n"));
websWrite(wp, T("Content-Type: text/html\n"));
websWrite(wp, T("\n"));
websWrite(wp, T("<html>\n"));
}
/*
Javascript write command. This implemements <% write("text"); %> command
*/
PUBLIC int websJstWrite(int jid, Webs *wp, int argc, char **argv)
{
int i;
assert(websValid(wp));
for (i = 0; i < argc; ) {
assert(argv);
if (websWriteBlock(wp, argv[i], strlen(argv[i])) < 0) {
return -1;
}
if (++i < argc) {
if (websWriteBlock(wp, " ", 1) < 0) {
return -1;
}
}
}
return 0;
}
int websAspWrite(int ejid, webs_t wp, int argc, char_t **argv)
{
int i;
a_assert(websValid(wp));
for (i = 0; i < argc; ) {
a_assert(argv);
if (websWriteBlock(wp, argv[i], gstrlen(argv[i])) < 0) {
return -1;
}
if (++i < argc) {
if (websWriteBlock(wp, T(" "), 2) < 0) {
return -1;
}
}
}
return 0;
}
/*
Process an action request. Returns 1 always to indicate it handled the URL
*/
static bool actionHandler(Webs *wp)
{
WebsKey *sp;
char actionBuf[BIT_GOAHEAD_LIMIT_URI + 1];
char *cp, *actionName;
WebsAction fn;
assert(websValid(wp));
assert(actionTable >= 0);
/*
Extract the action name
*/
scopy(actionBuf, sizeof(actionBuf), wp->path);
if ((actionName = strchr(&actionBuf[1], '/')) == NULL) {
websError(wp, HTTP_CODE_NOT_FOUND, "Missing action name");
return 1;
}
actionName++;
if ((cp = strchr(actionName, '/')) != NULL) {
*cp = '\0';
}
/*
Lookup the C action function first and then try tcl (no javascript support yet).
*/
sp = hashLookup(actionTable, actionName);
if (sp == NULL) {
websError(wp, HTTP_CODE_NOT_FOUND, "Action %s is not defined", actionName);
} else {
fn = (WebsAction) sp->content.value.symbol;
assert(fn);
if (fn) {
#if BIT_GOAHEAD_LEGACY
(*((WebsProc) fn))((void*) wp, actionName, wp->query);
#else
(*fn)((void*) wp);
#endif
}
}
return 1;
}
/*
Process an action request. Returns 1 always to indicate it handled the URL
*/
static bool actionHandler(Webs *wp)
{
WebsKey *sp;
char formBuf[BIT_LIMIT_FILENAME];
char *cp, *formName;
WebsAction fn;
assure(websValid(wp));
assure(formSymtab >= 0);
/*
Extract the form name
*/
scopy(formBuf, sizeof(formBuf), wp->path);
if ((formName = strchr(&formBuf[1], '/')) == NULL) {
websError(wp, HTTP_CODE_NOT_FOUND, "Missing form name");
return 1;
}
formName++;
if ((cp = strchr(formName, '/')) != NULL) {
*cp = '\0';
}
/*
Lookup the C form function first and then try tcl (no javascript support yet).
*/
sp = hashLookup(formSymtab, formName);
if (sp == NULL) {
websError(wp, HTTP_CODE_NOT_FOUND, "Action %s is not defined", formName);
} else {
fn = (WebsAction) sp->content.value.symbol;
assure(fn);
if (fn) {
#if BIT_LEGACY
(*fn)((void*) wp, formName, wp->query);
#else
(*fn)((void*) wp);
#endif
}
}
return 1;
}
long websRomPageSeek(webs_t wp, long offset, int origin)
{
websRomPageIndexType *wip;
long pos;
a_assert(websValid(wp));
a_assert(origin == SEEK_SET || origin == SEEK_CUR || origin == SEEK_END);
a_assert(wp->docfd >= 0);
wip = &websRomPageIndex[wp->docfd];
if (origin != SEEK_SET && origin != SEEK_CUR && origin != SEEK_END) {
errno = EINVAL;
return -1;
}
if (wp->docfd < 0) {
errno = EBADF;
return -1;
}
pos = offset;
switch (origin) {
case SEEK_CUR:
pos = wip->pos + offset;
break;
case SEEK_END:
pos = wip->size + offset;
break;
default:
break;
}
if (pos < 0) {
errno = EBADF;
return -1;
}
return (wip->pos = pos);
}
void websHeader(webs_t wp)
{
a_assert(websValid(wp));
websWrite(wp, T("HTTP/1.0 200 OK\n"));
/*
* By license terms the following line of code must not be modified
*/
websWrite(wp, T("Server: %s\r\n"), WEBS_NAME);
websWrite(wp, T("Pragma: no-cache\n"));
websWrite(wp, T("Cache-control: no-cache\n"));
websWrite(wp, T("Content-Type: text/html\n"));
websWrite(wp, T("\n"));
websWrite(wp, T("<html>\n<head>\n"));
websWrite(wp, T("<title>My Title</title>"));
websWrite(wp, T("<link rel=\"stylesheet\" href=\"/style/normal_ws.css\"\
type=\"text/css\">"));
websWrite(wp, T("<meta http-equiv=\"content-type\" content=\"text/html;\
charset=utf-8\">"));
websWrite(wp, T("</head>\n<body>\n"));
}
void websFooter(webs_t wp)
{
a_assert(websValid(wp));
websWrite(wp, T("</body>\n</html>\n"));
}
/*
* Process a form request. Returns 1 always to indicate it handled the URL
*/
int websCgiHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg,
char_t *url, char_t *path, char_t* query)
{
cgiRec *cgip;
sym_t *s;
char_t cgiBuf[FNAMESIZE], *stdIn, *stdOut, cwd[FNAMESIZE];
char_t *cp, *cgiName, *cgiPath, **argp, **envp, **ep;
int n, envpsize, argpsize, pHandle, cid;
a_assert(websValid(wp));
a_assert(url && *url);
a_assert(path && *path == '/');
websStats.cgiHits++;
/*
* Extract the form name and then build the full path name. The form
* name will follow the first '/' in path.
*/
gstrncpy(cgiBuf, path, TSZ(cgiBuf));
if ((cgiName = gstrchr(&cgiBuf[1], '/')) == NULL) {
websError(wp, 200, T("Missing CGI name"));
return 1;
}
cgiName++;
if ((cp = gstrchr(cgiName, '/')) != NULL) {
*cp = '\0';
}
fmtAlloc(&cgiPath, FNAMESIZE, T("%s/%s/%s"), websGetDefaultDir(),
CGI_BIN, cgiName);
#ifndef VXWORKS
/*
* See if the file exists and is executable. If not error out.
* Don't do this step for VxWorks, since the module may already
* be part of the OS image, rather than in the file system.
*/
{
gstat_t sbuf;
if (gstat(cgiPath, &sbuf) != 0 || (sbuf.st_mode & S_IFREG) == 0) {
websError(wp, 200, T("CGI process file does not exist"));
bfree(B_L, cgiPath);
return 1;
}
#if (defined (WIN) || defined (CE))
if (gstrstr(cgiPath, T(".exe")) == NULL &&
gstrstr(cgiPath, T(".bat")) == NULL) {
#elif (defined (NW))
if (gstrstr(cgiPath, T(".nlm")) == NULL) {
#else
if (gaccess(cgiPath, X_OK) != 0) {
#endif /* WIN || CE */
websError(wp, 200, T("CGI process file is not executable"));
bfree(B_L, cgiPath);
return 1;
}
}
#endif /* ! VXWORKS */
/*
* Get the CWD for resetting after launching the child process CGI
*/
ggetcwd(cwd, FNAMESIZE);
/*
* Retrieve the directory of the child process CGI
*/
if ((cp = gstrrchr(cgiPath, '/')) != NULL) {
*cp = '\0';
gchdir(cgiPath);
*cp = '/';
}
/*
* Build command line arguments. Only used if there is no non-encoded
* = character. This is indicative of a ISINDEX query. POST separators
* are & and others are +. argp will point to a balloc'd array of
* pointers. Each pointer will point to substring within the
* query string. This array of string pointers is how the spawn or
* exec routines expect command line arguments to be passed. Since
* we don't know ahead of time how many individual items there are in
* the query string, the for loop includes logic to grow the array
* size via brealloc.
*/
argpsize = 10;
argp = balloc(B_L, argpsize * sizeof(char_t *));
*argp = cgiPath;
n = 1;
if (gstrchr(query, '=') == NULL) {
websDecodeUrl(query, query, gstrlen(query));
for (cp = gstrtok(query, T(" ")); cp != NULL; ) {
*(argp+n) = cp;
n++;
if (n >= argpsize) {
argpsize *= 2;
argp = brealloc(B_L, argp, argpsize * sizeof(char_t *));
}
cp = gstrtok(NULL, T(" "));
}
}
*(argp+n) = NULL;
/*
* Add all CGI variables to the environment strings to be passed
* to the spawned CGI process. This includes a few we don't
* already have in the symbol table, plus all those that are in
* the cgiVars symbol table. envp will point to a balloc'd array of
* pointers. Each pointer will point to a balloc'd string containing
* the keyword value pair in the form keyword=value. Since we don't
* know ahead of time how many environment strings there will be the
* for loop includes logic to grow the array size via brealloc.
*/
envpsize = WEBS_SYM_INIT;
envp = balloc(B_L, envpsize * sizeof(char_t *));
n = 0;
fmtAlloc(envp+n, FNAMESIZE, T("%s=%s"),T("PATH_TRANSLATED"), cgiPath);
n++;
fmtAlloc(envp+n, FNAMESIZE, T("%s=%s/%s"),T("SCRIPT_NAME"),
CGI_BIN, cgiName);
n++;
fmtAlloc(envp+n, FNAMESIZE, T("%s=%s"),T("REMOTE_USER"), wp->userName);
n++;
fmtAlloc(envp+n, FNAMESIZE, T("%s=%s"),T("AUTH_TYPE"), wp->authType);
n++;
for (s = symFirst(wp->cgiVars); s != NULL; s = symNext(wp->cgiVars)) {
if (s->content.valid && s->content.type == string &&
gstrcmp(s->name.value.string, T("REMOTE_HOST")) != 0 &&
gstrcmp(s->name.value.string, T("HTTP_AUTHORIZATION")) != 0) {
fmtAlloc(envp+n, FNAMESIZE, T("%s=%s"), s->name.value.string,
s->content.value.string);
n++;
if (n >= envpsize) {
envpsize *= 2;
envp = brealloc(B_L, envp, envpsize * sizeof(char_t *));
}
}
}
if (wp->flags & WEBS_CGI_UPLOAD){
// set filename into enviornment variables
fmtAlloc(envp+n, FNAMESIZE, T("%s=%s"), T("UPLOAD_FILENAME"), wp->cgiStdin);
n++;
}
*(envp+n) = NULL;
/*
* Create temporary file name(s) for the child's stdin and stdout.
* For POST data the stdin temp file (and name) should already exist.
*/
if (wp->cgiStdin == NULL) {
wp->cgiStdin = websGetCgiCommName(wp);
}
stdIn = wp->cgiStdin;
stdOut = websGetCgiCommName(wp);
/*
* Now launch the process. If not successful, do the cleanup of resources.
* If successful, the cleanup will be done after the process completes.
*/
if ((pHandle = websLaunchCgiProc(cgiPath, argp, envp, stdIn, stdOut))
== -1) {
websError(wp, 200, T("failed to spawn CGI task"));
for (ep = envp; *ep != NULL; ep++) {
bfreeSafe(B_L, *ep);
}
bfreeSafe(B_L, cgiPath);
bfreeSafe(B_L, argp);
bfreeSafe(B_L, envp);
bfreeSafe(B_L, stdOut);
} else {
/*
* If the spawn was successful, put this wp on a queue to be
* checked for completion.
*/
cid = hAllocEntry((void***) &cgiList, &cgiMax, sizeof(cgiRec));
cgip = cgiList[cid];
cgip->handle = pHandle;
cgip->stdIn = stdIn;
cgip->stdOut = stdOut;
cgip->cgiPath = cgiPath;
cgip->argp = argp;
cgip->envp = envp;
cgip->wp = wp;
cgip->fplacemark = 0;
websTimeoutCancel(wp);
}
/*
* Restore the current working directory after spawning child CGI
*/
gchdir(cwd);
return 1;
}
/******************************************************************************/
/*
* Any entry in the cgiList need to be checked to see if it has
*/
void websCgiGatherOutput (cgiRec *cgip)
{
gstat_t sbuf;
char_t cgiBuf[FNAMESIZE];
if ((gstat(cgip->stdOut, &sbuf) == 0) &&
(sbuf.st_size > cgip->fplacemark)) {
int fdout;
fdout = gopen(cgip->stdOut, O_RDONLY | O_BINARY, 0444 );
/*
* Check to see if any data is available in the
* output file and send its contents to the socket.
*/
if (fdout >= 0) {
webs_t wp = cgip->wp;
int nRead;
/*
* Write the HTTP header on our first pass
*/
if (cgip->fplacemark == 0) {
websWrite(wp, T("HTTP/1.0 200 OK\r\n"));
}
glseek(fdout, cgip->fplacemark, SEEK_SET);
while ((nRead = gread(fdout, cgiBuf, FNAMESIZE)) > 0) {
websWriteBlock(wp, cgiBuf, nRead);
cgip->fplacemark += nRead;
}
gclose(fdout);
}
}
}
/******************************************************************************/
/*
* Any entry in the cgiList need to be checked to see if it has
* completed, and if so, process its output and clean up.
*/
void websCgiCleanup()
{
cgiRec *cgip;
webs_t wp;
char_t **ep;
int cid, nTries;
for (cid = 0; cid < cgiMax; cid++) {
if ((cgip = cgiList[cid]) != NULL) {
int exit_status;
wp = cgip->wp;
websCgiGatherOutput (cgip);
if ( websCheckCgiProc(cgip->handle, &exit_status) == 0) {
/*
* We get here if the CGI process has terminated. Clean up.
*/
nTries = 0;
/*
* Make sure we didn't miss something during a task switch.
* Maximum wait is 100 times 10 msecs (1 second).
*/
while ((cgip->fplacemark == 0) && (nTries < 100)) {
websCgiGatherOutput(cgip);
/*
* There are some cases when we detect app exit
* before the file is ready.
*/
if (cgip->fplacemark == 0) {
#ifdef WIN
Sleep(10);
#endif /* WIN*/
}
nTries++;
}
if (cgip->fplacemark == 0) {
websError(wp, 200, T("CGI generated no output"));
} else {
websDone(wp, 200);
}
/*
* Remove the temporary re-direction files
*/
gunlink(cgip->stdIn);
gunlink(cgip->stdOut);
/*
* Free all the memory buffers pointed to by cgip.
* The stdin file name (wp->cgiStdin) gets freed as
* part of websFree().
*/
cgiMax = hFree((void***) &cgiList, cid);
for (ep = cgip->envp; ep != NULL && *ep != NULL; ep++) {
bfreeSafe(B_L, *ep);
}
bfreeSafe(B_L, cgip->cgiPath);
bfreeSafe(B_L, cgip->argp);
bfreeSafe(B_L, cgip->envp);
bfreeSafe(B_L, cgip->stdOut);
bfreeSafe(B_L, cgip);
#if 0 //DAVIDM - we do not want this, netflash does it for us
if(wp->has_firmware_upload_clean){
if (WIFEXITED(exit_status) && WEXITSTATUS(exit_status) != 0)
return;
sync();
doSystem("sleep 3 && reboot &");
}
#endif
}
}
}
}
PUBLIC int websProcessUploadData(Webs *wp)
{
char *line, *nextTok;
ssize len, nbytes;
int done, rc;
for (done = 0, line = 0; !done; ) {
if (wp->uploadState == UPLOAD_BOUNDARY || wp->uploadState == UPLOAD_CONTENT_HEADER) {
/*
Parse the next input line
*/
line = wp->input.servp;
if ((nextTok = memchr(line, '\n', bufLen(&wp->input))) == 0) {
/* Incomplete line */
break;
}
*nextTok++ = '\0';
nbytes = nextTok - line;
websConsumeInput(wp, nbytes);
strim(line, "\r", WEBS_TRIM_END);
len = strlen(line);
if (line[len - 1] == '\r') {
line[len - 1] = '\0';
}
}
switch (wp->uploadState) {
case 0:
if (initUpload(wp) < 0) {
done++;
}
break;
case UPLOAD_BOUNDARY:
if (processContentBoundary(wp, line) < 0) {
done++;
}
break;
case UPLOAD_CONTENT_HEADER:
if (processUploadHeader(wp, line) < 0) {
done++;
}
break;
case UPLOAD_CONTENT_DATA:
if ((rc = processContentData(wp)) < 0) {
done++;
}
if (bufLen(&wp->input) < wp->boundaryLen) {
/* Incomplete boundary - return to get more data */
done++;
}
break;
case UPLOAD_CONTENT_END:
done++;
break;
}
}
if (!websValid(wp)) {
return -1;
}
bufCompact(&wp->input);
return 0;
}
int websValidateUrl(webs_t wp, char_t *path)
{
/*
Thanks to Dhanwa T ([email protected]) for this fix -- previously,
if an URL was requested having more than (the hardcoded) 64 parts,
the webServer would experience a hard crash as it attempted to
write past the end of the array 'parts'.
Also fixes: http://www.securiteam.com/securitynews/5MP0C1580W.html
*/
char_t *parts[MAX_URL_DEPTH]; /* Array of ptr's to URL parts */
char_t *token, *dir, *lpath;
int i, len, npart;
a_assert(websValid(wp));
a_assert(path);
dir = websGetRequestDir(wp);
if (dir == NULL || *dir == '\0') {
return -1;
}
/*
* Copy the string so we don't destroy the original
*/
path = bstrdup(B_L, path);
websDecodeUrl(path, path, gstrlen(path));
len = npart = 0;
parts[0] = NULL;
/*
* Fixed by Matt Moore, 22 Jul 02
* http://www.securiteam.com/securitynews/5RP0I007PG.html
* http://www.securiteam.com/securitynews/5QP010U3FS.html
*
* There were reports that a directory traversal exploit was
* possible in the WebServer running under Windows if directory paths
* outside the server's specified root web were given by URL-encoding the
* backslash character, like:
*
* GoAhead is vulnerable to a directory traversal bug. A request such as
*
* GoAhead-server/../../../../../../../ results in an error message
* 'Cannot open URL'.
* However, by encoding the '/' character, it is possible to break out of
* the web root and read arbitrary files from the server.
* Hence a request like:
*
* GoAhead-server/..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini returns the
* contents of the win.ini file.
* (Note that the description uses forward slashes (0x2F), but the example
* uses backslashes (0x5C). In my tests, forward slashes are correctly
* trapped, but backslashes are not. The code below substitutes forward
* slashes for backslashes before attempting to validate that there are no
* unauthorized paths being accessed.
*/
token = gstrchr(path, '\\');
while (token != NULL) {
*token = '/';
token = gstrchr(token, '\\');
}
token = gstrtok(path, T("/"));
/*
* Look at each directory segment and process "." and ".." segments
* Don't allow the browser to pop outside the root web.
*/
while (token != NULL)
{
if (npart >= MAX_URL_DEPTH)
{
/*
* malformed URL -- too many parts for us to process.
*/
bfree(B_L, path);
return -1;
}
if (gstrcmp(token, T("..")) == 0)
{
if (npart > 0)
{
npart--;
}
} else if (gstrcmp(token, T(".")) != 0) {
parts[npart] = token;
len += gstrlen(token) + 1;
npart++;
}
token = gstrtok(NULL, T("/"));
}
#ifdef WIN32
if (isBadWindowsPath(parts, npart))
{
bfree(B_L, path);
return -1;
}
#endif
/*
* Create local path for document. Need extra space all "/" and null.
*/
if (npart || (gstrcmp(path, T("/")) == 0) || (path[0] == '\0')) {
lpath = balloc(B_L, (gstrlen(dir) + 1 + len + 1) * sizeof(char_t));
gstrcpy(lpath, dir);
for (i = 0; i < npart; i++) {
gstrcat(lpath, T("/"));
gstrcat(lpath, parts[i]);
}
websSetRequestLpath(wp, lpath);
bfree(B_L, path);
bfree(B_L, lpath);
} else {
bfree(B_L, path);
return -1;
}
return 0;
}
int websDefaultHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg,
char_t *url, char_t *path, char_t *query)
{
websStatType sbuf;
char_t *lpath, *tmp, *date;
int bytes, flags, nchars, rc;
a_assert(websValid(wp));
a_assert(url && *url);
a_assert(path);
a_assert(query);
flags = websGetRequestFlags(wp);
/*
* We do whitelist validation in addition to standard URL validation.
* The whitelist should really catch anything invalid first.
* If the whitelist check fails, rebuild the list and try again.
* Also validate if we are not on a secure connection, but the whitelist
* entry has the SSL flag set, do not serve the page.
*/
#ifdef WEBS_WHITELIST_SUPPORT
printf ("wp->url: (%s)\n", wp->url);
if ((rc = websWhitelistCheck(wp->url)) < 0) {
websBuildWhitelist();
if ((rc = websWhitelistCheck(wp->url)) < 0) {
websError(wp, 404, T("Cannot open URL: type 1"));
return 1;
}
}
if (!(flags & WEBS_SECURE) && (rc & WHITELIST_SSL)) {
websError(wp, 500, T("HTTPS access required"));
return 1;
}
#endif /* WEBS_WHITELIST_SUPPORT */
/*
* Validate the URL and ensure that ".."s don't give access to unwanted files
*/
if (websValidateUrl(wp, path) < 0) {
/*
* preventing a cross-site scripting exploit -- you may restore the
* following line of code to revert to the original behavior...
websError(wp, 500, T("Invalid URL %s"), url);
*/
websError(wp, 500, T("Invalid URL"));
websBuildWhitelist();
return 1;
}
lpath = websGetRequestLpath(wp);
nchars = gstrlen(lpath) - 1;
if (lpath[nchars] == '/' || lpath[nchars] == '\\') {
lpath[nchars] = '\0';
}
/*
* If the file is a directory, redirect using the nominated default page
*/
if (websPageIsDirectory(lpath)) {
nchars = gstrlen(path);
if (path[nchars-1] == '/' || path[nchars-1] == '\\') {
path[--nchars] = '\0';
}
nchars += gstrlen(websDefaultPage) + 2;
fmtAlloc(&tmp, nchars, T("%s/%s"), path, websDefaultPage);
printf ("websDefaultHandler: tmp(%s)\n", tmp);
websRedirect(wp, tmp);
bfreeSafe(B_L, tmp);
return 1;
}
printf ("we now open the web pages\n");
printf ("lpath(%s), path(%s)\n", lpath, path);
/*
* Open the document. Stat for later use.
*/
if (websPageOpen(wp, lpath, path, O_RDONLY | O_BINARY,
0666) < 0)
{
/* 10 Dec 02 BgP -- according to
* <http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html>,
* the proper code to return here is NOT 400 (old code), which is used
* to indicate a malformed request. Here, the request is good, but the
* error we need to tell the client about is 404 (Not Found).
*/
/*
* 17 Mar 03 BgP -- prevent a cross-site scripting exploit
websError(wp, 404, T("Cannot open URL %s"), url);
*/
websError(wp, 404, T("Cannot open URL, type 2"));
websBuildWhitelist();
return 1;
}
printf ("lpath(%s), path(%s)\n", lpath, path);
if (websPageStat(wp, lpath, path, &sbuf) < 0) {
/*
* 17 Mar 03 BgP
* prevent a cross-site scripting exploit
websError(wp, 400, T("Cannot stat page for URL %s"), url);
*/
websError(wp, 400, T("Cannot stat page for URL"));
websBuildWhitelist();
return 1;
}
/*
* If the page has not been modified since the user last received it and it
* is not dynamically generated each time (ASP), then optimize request by
* sending a 304 Use local copy response
*/
websStats.localHits++;
#ifdef WEBS_IF_MODIFIED_SUPPORT
if (flags & WEBS_IF_MODIFIED && !(flags & WEBS_ASP)) {
if (sbuf.mtime <= wp->since) {
websWrite(wp, T("HTTP/1.0 304 Use local copy\r\n"));
/*
* by license terms the following line of code must
* not be modified.
*/
websWrite(wp, T("Server: %s\r\n"), WEBS_NAME);
if (flags & WEBS_KEEP_ALIVE) {
websWrite(wp, T("Connection: keep-alive\r\n"));
}
websWrite(wp, T("\r\n"));
websSetRequestFlags(wp, flags |= WEBS_HEADER_DONE);
websDone(wp, 304);
return 1;
}
}
#endif
/*
* Output the normal HTTP response header
*/
if ((date = websGetDateString(NULL)) != NULL) {
websWrite(wp, T("HTTP/1.0 200 OK\r\nDate: %s\r\n"), date);
/*
* The Server HTTP header below must not be modified unless
* explicitly allowed by licensing terms.
*/
#ifdef WEBS_SSL_SUPPORT
websWrite(wp, T("Server: %s/%s %s/%s\r\n"),
WEBS_NAME, WEBS_VERSION, SSL_NAME, SSL_VERSION);
#else
websWrite(wp, T("Server: %s/%s\r\n"), WEBS_NAME, WEBS_VERSION);
#endif
bfree(B_L, date);
}
flags |= WEBS_HEADER_DONE;
/*
* If this is an ASP request, ensure the remote browser doesn't cache it.
* Send back both HTTP/1.0 and HTTP/1.1 cache control directives
*/
if (flags & WEBS_ASP) {
bytes = 0;
websWrite(wp, T("Pragma: no-cache\r\nCache-Control: no-cache\r\n"));
} else {
if ((date = websGetDateString(&sbuf)) != NULL) {
websWrite(wp, T("Last-modified: %s\r\n"), date);
bfree(B_L, date);
}
bytes = sbuf.size;
}
if (bytes) {
websWrite(wp, T("Content-length: %d\r\n"), bytes);
websSetRequestBytes(wp, bytes);
}
websWrite(wp, T("Content-type: %s\r\n"), websGetRequestType(wp));
if ((flags & WEBS_KEEP_ALIVE) && !(flags & WEBS_ASP)) {
websWrite(wp, T("Connection: keep-alive\r\n"));
}
websWrite(wp, T("\r\n"));
/*
* All done if the browser did a HEAD request
*/
if (flags & WEBS_HEAD_REQUEST) {
websDone(wp, 200);
return 1;
}
/*
* Evaluate ASP requests
*/
if (flags & WEBS_ASP) {
if (websAspRequest(wp, lpath) < 0) {
return 1;
}
websDone(wp, 200);
return 1;
}
/*
* Return the data via background write
*/
websSetRequestSocketHandler(wp, SOCKET_WRITABLE, websDefaultWriteEvent);
return 1;
}
int websDefaultHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg,
char_t *url, char_t *path, char_t *query)
{
websStatType sbuf;
char_t *lpath, *tmp, *date;
int bytes, flags, nchars;
a_assert(websValid(wp));
a_assert(url && *url);
a_assert(path);
a_assert(query);
/*
* Validate the URL and ensure that ".."s don't give access to unwanted files
*/
flags = websGetRequestFlags(wp);
if (websValidateUrl(wp, path) < 0) {
websError(wp, 500, T("Invalid URL %s"), url);
return 1;
}
lpath = websGetRequestLpath(wp);
nchars = gstrlen(lpath) - 1;
if (lpath[nchars] == '/' || lpath[nchars] == '\\') {
lpath[nchars] = '\0';
}
/*
* If the file is a directory, redirect using the nominated default page
*/
if (websPageIsDirectory(lpath)) {
nchars = gstrlen(path);
if (path[nchars-1] == '/' || path[nchars-1] == '\\') {
path[--nchars] = '\0';
}
nchars += gstrlen(websDefaultPage) + 2;
fmtAlloc(&tmp, nchars, T("%s/%s"), path, websDefaultPage);
websRedirect(wp, tmp);
bfreeSafe(B_L, tmp);
return 1;
}
/*
* Open the document. Stat for later use.
*/
if (websPageOpen(wp, lpath, path, SOCKET_RDONLY | SOCKET_BINARY,
0666) < 0) {
websError(wp, 400, T("Cannot open URL <b>%s</b>"), url);
return 1;
}
if (websPageStat(wp, lpath, path, &sbuf) < 0) {
websError(wp, 400, T("Cannot stat page for URL <b>%s</b>"), url);
return 1;
}
/*
* If the page has not been modified since the user last received it and it
* is not dynamically generated each time (ASP), then optimize request by
* sending a 304 Use local copy response
*/
websStats.localHits++;
#ifdef WEBS_IF_MODIFIED_SUPPORT
if (flags & WEBS_IF_MODIFIED && !(flags & WEBS_ASP)) {
if (sbuf.mtime <= wp->since) {
websWrite(wp, T("HTTP/1.0 304 Use local copy\r\n"));
/*
* by license terms the following line of code must
* not be modified.
*/
websWrite(wp, T("Server: %s\r\n"), WEBS_NAME);
if (flags & WEBS_KEEP_ALIVE) {
websWrite(wp, T("Connection: keep-alive\r\n"));
}
websWrite(wp, T("\r\n"));
websSetRequestFlags(wp, flags |= WEBS_HEADER_DONE);
websDone(wp, 304);
return 1;
}
}
#endif
/*
* Output the normal HTTP response header
*/
if ((date = websGetDateString(NULL)) != NULL) {
websWrite(wp, T("HTTP/1.0 200 OK\r\nDate: %s\r\n"), date);
/*
* By license terms the following line of code must not be modified.
*/
websWrite(wp, T("Server: %s\r\n"), WEBS_NAME);
bfree(B_L, date);
}
flags |= WEBS_HEADER_DONE;
/*
* If this is an ASP request, ensure the remote browser doesn't cache it.
* Send back both HTTP/1.0 and HTTP/1.1 cache control directives
*/
if (flags & WEBS_ASP) {
bytes = 0;
websWrite(wp, T("Pragma: no-cache\r\nCache-Control: no-cache\r\n"));
} else {
if ((date = websGetDateString(&sbuf)) != NULL) {
websWrite(wp, T("Last-modified: %s\r\n"), date);
bfree(B_L, date);
}
bytes = sbuf.size;
}
if (bytes) {
websWrite(wp, T("Content-length: %d\r\n"), bytes);
websSetRequestBytes(wp, bytes);
}
websWrite(wp, T("Content-type: %s\r\n"), websGetRequestType(wp));
if ((flags & WEBS_KEEP_ALIVE) && !(flags & WEBS_ASP)) {
websWrite(wp, T("Connection: keep-alive\r\n"));
}
websWrite(wp, T("\r\n"));
/*
* All done if the browser did a HEAD request
*/
if (flags & WEBS_HEAD_REQUEST) {
websDone(wp, 200);
return 1;
}
/*
* Evaluate ASP requests
*/
if (flags & WEBS_ASP) {
if (websAspRequest(wp, lpath) < 0) {
return 1;
}
websDone(wp, 200);
return 1;
}
#ifdef WEBS_SSL_SUPPORT
if (wp->flags & WEBS_SECURE) {
websDefaultWriteEvent(wp);
} else {
websSetRequestSocketHandler(wp, SOCKET_WRITABLE, websDefaultWriteEvent);
}
#else
/*
* For normal web documents, return the data via background write
*/
websSetRequestSocketHandler(wp, SOCKET_WRITABLE, websDefaultWriteEvent);
#endif
return 1;
}
PUBLIC void websFooter(Webs *wp)
{
assure(websValid(wp));
websWrite(wp, "</html>\n");
}
int websValidateUrl(webs_t wp, char_t *path)
{
char_t *parts[64]; /* Array of ptr's to URL parts */
char_t *token, *dir, *lpath;
int i, len, npart;
a_assert(websValid(wp));
a_assert(path);
dir = websGetRequestDir(wp);
if (dir == NULL || *dir == '\0') {
return -1;
}
/*
* Copy the string so we don't destroy the original
*/
path = bstrdup(B_L, path);
websDecodeUrl(path, path, gstrlen(path));
len = npart = 0;
parts[0] = NULL;
/*
* 22 Jul 02 -- there were reports that a directory traversal exploit was
* possible in the WebServer running under Windows if directory paths
* outside the server's specified root web were given by URL-encoding the
* backslash character, like:
*
* GoAhead is vulnerable to a directory traversal bug. A request such as
*
* GoAhead-server/../../../../../../../ results in an error message
* 'Cannot open URL'.
* However, by encoding the '/' character, it is possible to break out of
* the
* web root and read arbitrary files from the server.
* Hence a request like:
*
* GoAhead-server/..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini returns the
* contents of the win.ini file.
* (Note that the description uses forward slashes (0x2F), but the example
* uses backslashes (0x5C). In my tests, forward slashes are correctly
* trapped, but backslashes are not. The code below substitutes forward
* slashes for backslashes before attempting to validate that there are no
* unauthorized paths being accessed.
*/
token = gstrchr(path, '\\');
while (token != NULL)
{
*token = '/';
token = gstrchr(token, '\\');
}
token = gstrtok(path, T("/"));
/*
* Look at each directory segment and process "." and ".." segments
* Don't allow the browser to pop outside the root web.
*/
while (token != NULL) {
if (gstrcmp(token, T("..")) == 0) {
if (npart > 0) {
npart--;
}
} else if (gstrcmp(token, T(".")) != 0) {
parts[npart] = token;
len += gstrlen(token) + 1;
npart++;
}
token = gstrtok(NULL, T("/"));
}
/*
* Create local path for document. Need extra space all "/" and null.
*/
if (npart || (gstrcmp(path, T("/")) == 0) || (path[0] == '\0')) {
lpath = balloc(B_L, (gstrlen(dir) + 1 + len + 1) * sizeof(char_t));
gstrcpy(lpath, dir);
for (i = 0; i < npart; i++) {
gstrcat(lpath, T("/"));
gstrcat(lpath, parts[i]);
}
websSetRequestLpath(wp, lpath);
bfree(B_L, path);
bfree(B_L, lpath);
} else {
bfree(B_L, path);
return -1;
}
return 0;
}
