static ngx_int_t
ngx_http_dav_copy_tree_file(ngx_tree_ctx_t *ctx, ngx_str_t *path)
{
u_char *p, *file;
size_t len;
ngx_copy_file_t cf;
ngx_http_dav_copy_ctx_t *copy;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
"http copy file: \"%s\"", path->data);
copy = ctx->data;
len = copy->path.len + path->len;
file = ngx_alloc(len + 1, ctx->log);
if (file == NULL) {
return NGX_ABORT;
}
p = ngx_cpymem(file, copy->path.data, copy->path.len);
(void) ngx_cpystrn(p, path->data + copy->len, path->len - copy->len + 1);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
"http copy file to: \"%s\"", file);
cf.size = ctx->size;
cf.buf_size = 0;
cf.access = ctx->access;
cf.time = ctx->mtime;
cf.log = ctx->log;
(void) ngx_copy_file(path->data, file, &cf);
ngx_free(file);
return NGX_OK;
}
ngx_int_t
ngx_ext_rename_file(ngx_str_t *src, ngx_str_t *to, ngx_ext_rename_file_t *ext)
{
u_char *name;
ngx_err_t err;
ngx_copy_file_t cf;
#if !(NGX_WIN32)
if (ext->access) {
if (ngx_change_file_access(src->data, ext->access) == NGX_FILE_ERROR) {
ngx_log_error(NGX_LOG_CRIT, ext->log, ngx_errno,
ngx_change_file_access_n " \"%s\" failed", src->data);
err = 0;
goto failed;
}
}
#endif
if (ext->time != -1) {
if (ngx_set_file_time(src->data, ext->fd, ext->time) != NGX_OK) {
ngx_log_error(NGX_LOG_CRIT, ext->log, ngx_errno,
ngx_set_file_time_n " \"%s\" failed", src->data);
err = 0;
goto failed;
}
}
if (ngx_rename_file(src->data, to->data) != NGX_FILE_ERROR) {
return NGX_OK;
}
err = ngx_errno;
if (err == NGX_ENOPATH) {
if (!ext->create_path) {
goto failed;
}
err = ngx_create_full_path(to->data, ngx_dir_access(ext->path_access));
if (err) {
ngx_log_error(NGX_LOG_CRIT, ext->log, err,
ngx_create_dir_n " \"%s\" failed", to->data);
err = 0;
goto failed;
}
if (ngx_rename_file(src->data, to->data) != NGX_FILE_ERROR) {
return NGX_OK;
}
err = ngx_errno;
}
#if (NGX_WIN32)
//deleted by fangpeng
#endif
if (err == NGX_EXDEV) {
cf.size = -1;
cf.buf_size = 0;
cf.access = ext->access;
cf.time = ext->time;
cf.log = ext->log;
name = ngx_alloc(to->len + 1 + 10 + 1, ext->log);
if (name == NULL) {
return NGX_ERROR;
}
(void) ngx_sprintf(name, "%*s.%010uD%Z", to->len, to->data,
(uint32_t) ngx_next_temp_number(0));
if (ngx_copy_file(src->data, name, &cf) == NGX_OK) {
if (ngx_rename_file(name, to->data) != NGX_FILE_ERROR) {
ngx_free(name);
if (ngx_delete_file(src->data) == NGX_FILE_ERROR) {
ngx_log_error(NGX_LOG_CRIT, ext->log, ngx_errno,
ngx_delete_file_n " \"%s\" failed",
src->data);
return NGX_ERROR;
}
return NGX_OK;
}
ngx_log_error(NGX_LOG_CRIT, ext->log, ngx_errno,
ngx_rename_file_n " \"%s\" to \"%s\" failed",
name, to->data);
if (ngx_delete_file(name) == NGX_FILE_ERROR) {
ngx_log_error(NGX_LOG_CRIT, ext->log, ngx_errno,
ngx_delete_file_n " \"%s\" failed", name);
}
}
ngx_free(name);
err = 0;
}
failed:
if (ext->delete_file) {
if (ngx_delete_file(src->data) == NGX_FILE_ERROR) {
ngx_log_error(NGX_LOG_CRIT, ext->log, ngx_errno,
ngx_delete_file_n " \"%s\" failed", src->data);
}
}
if (err) {
ngx_log_error(NGX_LOG_CRIT, ext->log, err,
ngx_rename_file_n " \"%s\" to \"%s\" failed",
src->data, to->data);
}
return NGX_ERROR;
}
static ngx_int_t
ngx_http_dav_copy_move_handler(ngx_http_request_t *r)
{
u_char *p, *host, *last, ch;
size_t len, root;
ngx_err_t err;
ngx_int_t rc, depth;
ngx_uint_t overwrite, slash, dir, flags;
ngx_str_t path, uri, duri, args;
ngx_tree_ctx_t tree;
ngx_copy_file_t cf;
ngx_file_info_t fi;
ngx_table_elt_t *dest, *over;
ngx_ext_rename_file_t ext;
ngx_http_dav_copy_ctx_t copy;
ngx_http_dav_loc_conf_t *dlcf;
if (r->headers_in.content_length_n > 0) {
return NGX_HTTP_UNSUPPORTED_MEDIA_TYPE;
}
dest = r->headers_in.destination;
if (dest == NULL) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client sent no \"Destination\" header");
return NGX_HTTP_BAD_REQUEST;
}
p = dest->value.data;
/* there is always '\0' even after empty header value */
if (p[0] == '/') {
last = p + dest->value.len;
goto destination_done;
}
len = r->headers_in.server.len;
if (len == 0) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client sent no \"Host\" header");
return NGX_HTTP_BAD_REQUEST;
}
#if (NGX_HTTP_SSL)
if (r->connection->ssl) {
if (ngx_strncmp(dest->value.data, "https://", sizeof("https://") - 1)
!= 0)
{
goto invalid_destination;
}
host = dest->value.data + sizeof("https://") - 1;
} else
#endif
{
if (ngx_strncmp(dest->value.data, "http://", sizeof("http://") - 1)
!= 0)
{
goto invalid_destination;
}
host = dest->value.data + sizeof("http://") - 1;
}
if (ngx_strncmp(host, r->headers_in.server.data, len) != 0) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"\"Destination\" URI \"%V\" is handled by "
"different repository than the source URI",
&dest->value);
return NGX_HTTP_BAD_REQUEST;
}
last = dest->value.data + dest->value.len;
for (p = host + len; p < last; p++) {
if (*p == '/') {
goto destination_done;
}
}
invalid_destination:
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client sent invalid \"Destination\" header: \"%V\"",
&dest->value);
return NGX_HTTP_BAD_REQUEST;
destination_done:
duri.len = last - p;
duri.data = p;
flags = NGX_HTTP_LOG_UNSAFE;
if (ngx_http_parse_unsafe_uri(r, &duri, &args, &flags) != NGX_OK) {
goto invalid_destination;
}
if ((r->uri.data[r->uri.len - 1] == '/' && *(last - 1) != '/')
|| (r->uri.data[r->uri.len - 1] != '/' && *(last - 1) == '/'))
{
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"both URI \"%V\" and \"Destination\" URI \"%V\" "
"should be either collections or non-collections",
&r->uri, &dest->value);
return NGX_HTTP_CONFLICT;
}
depth = ngx_http_dav_depth(r, NGX_HTTP_DAV_INFINITY_DEPTH);
if (depth != NGX_HTTP_DAV_INFINITY_DEPTH) {
if (r->method == NGX_HTTP_COPY) {
if (depth != 0) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"\"Depth\" header must be 0 or infinity");
return NGX_HTTP_BAD_REQUEST;
}
} else {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"\"Depth\" header must be infinity");
return NGX_HTTP_BAD_REQUEST;
}
}
over = r->headers_in.overwrite;
if (over) {
if (over->value.len == 1) {
ch = over->value.data[0];
if (ch == 'T' || ch == 't') {
overwrite = 1;
goto overwrite_done;
}
if (ch == 'F' || ch == 'f') {
overwrite = 0;
goto overwrite_done;
}
}
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client sent invalid \"Overwrite\" header: \"%V\"",
&over->value);
return NGX_HTTP_BAD_REQUEST;
}
overwrite = 1;
overwrite_done:
ngx_http_map_uri_to_path(r, &path, &root, 0);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http copy from: \"%s\"", path.data);
uri = r->uri;
r->uri = duri;
ngx_http_map_uri_to_path(r, ©.path, &root, 0);
r->uri = uri;
copy.path.len--; /* omit "\0" */
if (copy.path.data[copy.path.len - 1] == '/') {
slash = 1;
copy.path.len--;
copy.path.data[copy.path.len] = '\0';
} else {
slash = 0;
}
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http copy to: \"%s\"", copy.path.data);
if (ngx_link_info(copy.path.data, &fi) == NGX_FILE_ERROR) {
err = ngx_errno;
if (err != NGX_ENOENT) {
return ngx_http_dav_error(r->connection->log, err,
NGX_HTTP_NOT_FOUND, ngx_link_info_n,
copy.path.data);
}
/* destination does not exist */
overwrite = 0;
dir = 0;
} else {
/* destination exists */
if (ngx_is_dir(&fi) && !slash) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"\"%V\" could not be %Ved to collection \"%V\"",
&r->uri, &r->method_name, &dest->value);
return NGX_HTTP_CONFLICT;
}
if (!overwrite) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, NGX_EEXIST,
"\"%s\" could not be created", copy.path.data);
return NGX_HTTP_PRECONDITION_FAILED;
}
dir = ngx_is_dir(&fi);
}
if (ngx_link_info(path.data, &fi) == NGX_FILE_ERROR) {
return ngx_http_dav_error(r->connection->log, ngx_errno,
NGX_HTTP_NOT_FOUND, ngx_link_info_n,
path.data);
}
if (ngx_is_dir(&fi)) {
if (r->uri.data[r->uri.len - 1] != '/') {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"\"%V\" is collection", &r->uri);
return NGX_HTTP_BAD_REQUEST;
}
if (overwrite) {
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http delete: \"%s\"", copy.path.data);
rc = ngx_http_dav_delete_path(r, ©.path, dir);
if (rc != NGX_OK) {
return rc;
}
}
}
if (ngx_is_dir(&fi)) {
path.len -= 2; /* omit "/\0" */
if (r->method == NGX_HTTP_MOVE) {
if (ngx_rename_file(path.data, copy.path.data) != NGX_FILE_ERROR) {
return NGX_HTTP_CREATED;
}
}
if (ngx_create_dir(copy.path.data, ngx_file_access(&fi))
== NGX_FILE_ERROR)
{
return ngx_http_dav_error(r->connection->log, ngx_errno,
NGX_HTTP_NOT_FOUND,
ngx_create_dir_n, copy.path.data);
}
copy.len = path.len;
tree.init_handler = NULL;
tree.file_handler = ngx_http_dav_copy_tree_file;
tree.pre_tree_handler = ngx_http_dav_copy_dir;
tree.post_tree_handler = ngx_http_dav_copy_dir_time;
tree.spec_handler = ngx_http_dav_noop;
tree.data = ©
tree.alloc = 0;
tree.log = r->connection->log;
if (ngx_walk_tree(&tree, &path) == NGX_OK) {
if (r->method == NGX_HTTP_MOVE) {
rc = ngx_http_dav_delete_path(r, &path, 1);
if (rc != NGX_OK) {
return rc;
}
}
return NGX_HTTP_CREATED;
}
} else {
if (r->method == NGX_HTTP_MOVE) {
dlcf = ngx_http_get_module_loc_conf(r, ngx_http_dav_module);
ext.access = 0;
ext.path_access = dlcf->access;
ext.time = -1;
ext.create_path = 1;
ext.delete_file = 0;
ext.log = r->connection->log;
if (ngx_ext_rename_file(&path, ©.path, &ext) == NGX_OK) {
return NGX_HTTP_NO_CONTENT;
}
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
dlcf = ngx_http_get_module_loc_conf(r, ngx_http_dav_module);
cf.size = ngx_file_size(&fi);
cf.buf_size = 0;
cf.access = dlcf->access;
cf.time = ngx_file_mtime(&fi);
cf.log = r->connection->log;
if (ngx_copy_file(path.data, copy.path.data, &cf) == NGX_OK) {
return NGX_HTTP_NO_CONTENT;
}
}
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
/**
* Configuration setup function that installs the content handler.
*
* @param cf
* Module configuration structure pointer.
* @param cmd
* Module directives structure pointer.
* @param conf
* Module configuration structure pointer.
* @return string
* Status of the configuration setup.
*/
static char *ngx_http_acme(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
ngx_http_ssl_srv_conf_t *sscf; /* pointer to core location configuration */
int ret;
// TODO (KK) Pull the different parts out as own methods for readability
/*
* TODO (KK) Get the config directory path (e.g. /etc/nginx)
*/
/*
* TODO (KK) Init acme dir (mkdirs)
*/
/*
* ACME communication - getting a certificate
*/
if(ngx_http_acme_main(cf, conf) != NGX_CONF_OK) {
ngx_log_error(NGX_LOG_ERR, cf->log, 0, "Error while gathering certificate from ACME server");
return NGX_CONF_ERROR;
}
/*
* TODO (KK) Install certificate (right now it just copies an example cert)
*/
{
ngx_copy_file_t cpyf;
ngx_log_error(NGX_LOG_NOTICE, cf->log, 0, "Installing certificate and key");
cpyf.size = -1;
cpyf.buf_size = 0;
cpyf.access = NGX_FILE_DEFAULT_ACCESS;
cpyf.time = -1;
cpyf.log = cf->log;
/* Copy certificate */
ret = ngx_copy_file((u_char *)ACME_DEV_FROM_CERT_PATH, (u_char *)ACME_DEV_CERT_PATH, &cpyf);
/* Copy private key */
if(ret == NGX_OK) {
/* Only 0600 access for private key */
cpyf.access = NGX_FILE_OWNER_ACCESS;
ret = ngx_copy_file((u_char *)ACME_DEV_FROM_KEY_PATH, (u_char *)ACME_DEV_KEY_PATH, &cpyf);
}
if(ret != NGX_OK) {
ngx_log_error(NGX_LOG_ERR, cf->log, 0, "Installing the certificate or private key failed");
return NGX_CONF_ERROR;
}
}
/*
* Fool the SSL module into using the ACME certificates
*/
/* Get SSL module configuration */
sscf = ngx_http_conf_get_module_srv_conf(cf, ngx_http_ssl_module);
// TODO (KK) Report warning when ssl configs are not set (acme w/o ssl activated in the same server context is an error)
// --> Maybe ignore acme config then and issue a warning
if(sscf) {
// ngx_log_error(NGX_LOG_NOTICE, cf->log, 0, "Found SSL certificate path: %s", sscf->certificate.data);
/* Spoof SSL cert */
sscf->certificates = ngx_array_create(cf->pool, 4, sizeof(ngx_str_t));
if (sscf->certificates == NULL) {
return NGX_CONF_ERROR;
}
((ngx_str_t *) sscf->certificates->elts)[0] = (ngx_str_t) ngx_string(ACME_DIR "/" ACME_LIVE_DIR "/" ACME_DEV_SERVER_NAME "/" ACME_CERT);
/* Spoof SSL cert key */
sscf->certificate_keys = ngx_array_create(cf->pool, 4, sizeof(ngx_str_t));
if (sscf->certificate_keys == NULL) {
return NGX_CONF_ERROR;
}
((ngx_str_t *) sscf->certificate_keys->elts)[0] = (ngx_str_t) ngx_string(ACME_DIR "/" ACME_LIVE_DIR "/" ACME_DEV_SERVER_NAME "/" ACME_CERT);
}
return NGX_CONF_OK;
} /* ngx_http_acme */