char_t *websMD5(char_t *string) { char_t *strReturn; a_assert(string && *string); if (string && *string) { char *strTemp, *strHash; int nLen; /* * Convert input char_t string to char string */ nLen = gstrlen(string); strTemp = ballocUniToAsc(string, nLen + 1); /* * Execute the digest calculation */ strHash = websMD5binary((unsigned char *)strTemp, nLen); /* * Convert the returned char string digest to a char_t string */ nLen = strlen(strHash); strReturn = ballocAscToUni(strHash, nLen); /* * Free up the temporary allocated resources */ bfree(B_L, strTemp); bfree(B_L, strHash); } else { strReturn = NULL; } return strReturn; }
int socketGets(int sid, char_t **buf) { socket_t *sp; ringq_t *lq; char c; int rc, len; a_assert(buf); *buf = NULL; if ((sp = socketPtr(sid)) == NULL) { return -1; } lq = &sp->lineBuf; while (1) { if ((rc = socketRead(sid, &c, 1)) < 0) { return rc; } if (rc == 0) { /* * If there is a partial line and we are at EOF, pretend we saw a '\n' */ if (ringqLen(lq) > 0 && (sp->flags & SOCKET_EOF)) { c = '\n'; } else { return -1; } } /* * Validate length of request. Ignore long strings without newlines to * safeguard against long URL attacks. */ if (ringqLen(lq) > E_MAX_REQUEST) { c = '\n'; } /* * If a newline is seen, return the data excluding the new line to the * caller. If carriage return is seen, just eat it. */ if (c == '\n') { len = ringqLen(lq); if (len > 0) { *buf = ballocAscToUni((char *)lq->servp, len); } else { *buf = NULL; } ringqFlush(lq); return len; } else if (c == '\r') { continue; } ringqPutcA(lq, c); } return 0; }
char_t *ejEvalFile(int eid, char_t *path, char_t **emsg) { gstat_t sbuf; ej_t *ep; char_t *script, *rs; char *fileBuf; int fd; a_assert(path && *path); if (emsg) { *emsg = NULL; } if ((ep = ejPtr(eid)) == NULL) { return NULL; } if ((fd = gopen(path, O_RDONLY | O_BINARY, 0666)) < 0) { ejError(ep, T("Bad handle %d"), eid); return NULL; } if (gstat(path, &sbuf) < 0) { gclose(fd); ejError(ep, T("Cant stat %s"), path); return NULL; } if ((fileBuf = balloc(B_L, sbuf.st_size + 1)) == NULL) { gclose(fd); ejError(ep, T("Cant malloc %d"), sbuf.st_size); return NULL; } if (gread(fd, fileBuf, sbuf.st_size) != (int)sbuf.st_size) { gclose(fd); bfree(B_L, fileBuf); ejError(ep, T("Error reading %s"), path); return NULL; } fileBuf[sbuf.st_size] = '\0'; gclose(fd); if ((script = ballocAscToUni(fileBuf, sbuf.st_size)) == NULL) { bfree(B_L, fileBuf); ejError(ep, T("Cant malloc %d"), sbuf.st_size + 1); return NULL; } bfree(B_L, fileBuf); rs = ejEvalBlock(eid, script, emsg); bfree(B_L, script); return rs; }
int websAspRequest(webs_t wp, char_t *lpath) { websStatType sbuf; char *rbuf; char_t *token, *lang, *result, *path, *ep, *cp, *buf, *nextp; char_t *last; int rc, engine, len, ejid; a_assert(websValid(wp)); a_assert(lpath && *lpath); rc = -1; buf = NULL; rbuf = NULL; engine = EMF_SCRIPT_EJSCRIPT; wp->flags |= WEBS_HEADER_DONE; path = websGetRequestPath(wp); /* * Create Ejscript instance in case it is needed */ ejid = ejOpenEngine(wp->cgiVars, websAspFunctions); if (ejid < 0) { websError(wp, 200, T("Can't create Ejscript engine")); goto done; } ejSetUserHandle(ejid, (int) wp); if (websPageStat(wp, lpath, path, &sbuf) < 0) { websError(wp, 200, T("Can't stat %s"), lpath); goto done; } /* * Create a buffer to hold the ASP file in-memory */ len = sbuf.size * sizeof(char); if ((rbuf = balloc(B_L, len + 1)) == NULL) { websError(wp, 200, T("Can't get memory")); goto done; } rbuf[len] = '\0'; if (websPageReadData(wp, rbuf, len) != len) { websError(wp, 200, T("Cant read %s"), lpath); goto done; } websPageClose(wp); /* * Convert to UNICODE if necessary. */ if ((buf = ballocAscToUni(rbuf, len)) == NULL) { websError(wp, 200, T("Can't get memory")); goto done; } /* * Scan for the next "<%" */ last = buf; rc = 0; while (rc == 0 && *last && ((nextp = gstrstr(last, T("<%"))) != NULL)) { websWriteBlock(wp, last, (nextp - last)); nextp = skipWhite(nextp + 2); /* * Decode the language */ token = T("language"); if ((lang = strtokcmp(nextp, token)) != NULL) { if ((cp = strtokcmp(lang, T("=javascript"))) != NULL) { engine = EMF_SCRIPT_EJSCRIPT; } else { cp = nextp; } nextp = cp; } /* * Find tailing bracket and then evaluate the script */ if ((ep = gstrstr(nextp, T("%>"))) != NULL) { *ep = '\0'; last = ep + 2; nextp = skipWhite(nextp); /* * Handle backquoted newlines */ for (cp = nextp; *cp; ) { if (*cp == '\\' && (cp[1] == '\r' || cp[1] == '\n')) { *cp++ = ' '; while (*cp == '\r' || *cp == '\n') { *cp++ = ' '; } } else { cp++; } } /* * Now call the relevant script engine. Output is done directly * by the ASP script procedure by calling websWrite() */ if (*nextp) { result = NULL; if (engine == EMF_SCRIPT_EJSCRIPT) { rc = scriptEval(engine, nextp, &result, ejid); } else { rc = scriptEval(engine, nextp, &result, (int) wp); } if (rc < 0) { /* * On an error, discard all output accumulated so far * and store the error in the result buffer. Be careful if the * user has called websError() already. */ if (websValid(wp)) { if (result) { websWrite(wp, T("<h2><b>ASP Error: %s</b></h2>\n"), result); websWrite(wp, T("<pre>%s</pre>"), nextp); bfree(B_L, result); } else { websWrite(wp, T("<h2><b>ASP Error</b></h2>\n%s\n"), nextp); } websWrite(wp, T("</body></html>\n")); rc = 0; } goto done; } } } else { websError(wp, 200, T("Unterminated script in %s: \n"), lpath); rc = -1; goto done; } } /* * Output any trailing HTML page text */ if (last && *last && rc == 0) { websWriteBlock(wp, last, gstrlen(last)); } rc = 0; /* * Common exit and cleanup */ done: if (websValid(wp)) { websPageClose(wp); if (ejid >= 0) { ejCloseEngine(ejid); } } bfreeSafe(B_L, buf); bfreeSafe(B_L, rbuf); return rc; }