int otype_imgswitch(pblock *pb, Session *sn, Request *rq)
{
char *ct, *ua, *pa, *npath, *t;
struct stat fi;
pb_param *pp;
/* This routine might be cacheable. Lets check the objtype so
* far to see if we are talking about an image file. If this path
* is not an image, we can go ahead and cache.
*/
rq->directive_is_cacheable = 1;
if(!(ct = pblock_findval("content-type", rq->srvhdrs)))
return REQ_NOACTION;
if(strncasecmp(ct, "image/", 6))
return REQ_NOACTION;
/* This routine is still running, so it must be an image we are
* dealing with. This is not cacheable since we need the user-agent
* info to determine which file we return.
*/
rq->directive_is_cacheable=0;
/* In the absence of a capabilities header, use user-agent */
if(request_header("user-agent", &ua, sn, rq) == REQ_ABORTED)
return REQ_ABORTED;
/* We want to be nice to proxies */
if(request_header("proxy-agent", &pa, sn, rq) == REQ_ABORTED)
return REQ_ABORTED;
if((!ua) || pa || strstr(ua, "roxy"))
return REQ_NOACTION;
/* Look for jpeg if we're talking to mozilla and image is .gif */
if((!strncasecmp(ua, "mozilla", 7)) && (!strcasecmp(ct, "image/gif"))) {
npath = STRDUP(pblock_findval("path", rq->vars));
if(!(t = strstr(npath, ".gif")))
return REQ_NOACTION;
t[1] = 'j'; t[2] = 'p'; t[3] = 'g';
if(stat(npath, &fi) == -1) {
FREE(npath);
return REQ_NOACTION;
}
pp = pblock_find("path", rq->vars);
FREE(pp->value);
pp->value = npath;
/* don't check return; it should work. */
request_stat_path(npath, rq);
pp = pblock_find("content-type", rq->srvhdrs);
FREE(pp->value);
pp->value = STRDUP("image/jpeg");
return REQ_PROCEED;
}
return REQ_NOACTION;
}
/* Sigh. Another stupid pet trick that will get dropped on the floor */
int otype_htmlswitch(pblock *pb, Session *sn, Request *rq)
{
char *ct, *ua, *pa, *npath, *t;
struct stat fi;
pb_param *pp;
/* This routine might be cacheable. Lets check the objtype so
* far to see if we are talking about a text file. If this path
* is not a text, we can go ahead and cache.
*/
rq->directive_is_cacheable = 1;
if(!(ct = pblock_findval("content-type", rq->srvhdrs)))
return REQ_NOACTION;
if(strncasecmp(ct, "text/", 5))
return REQ_NOACTION;
/* This is still running, so it must be a text file we are
* dealing with. This is not cacheable since we need the user-agent
* info to determine which file we return.
*/
rq->directive_is_cacheable = 0;
/* In the absence of a capabilities header, use user-agent */
if(request_header("user-agent", &ua, sn, rq) == REQ_ABORTED)
return REQ_ABORTED;
/* We want to be nice to proxies */
if(request_header("proxy-agent", &pa, sn, rq) == REQ_ABORTED)
return REQ_ABORTED;
if((!ua) || pa || strstr(ua, "roxy"))
return REQ_NOACTION;
/* Look for html3 if we're talking to mozilla and find HTML */
if(util_is_mozilla(ua, "1", "1") && (!strcasecmp(ct, "text/html"))) {
t = pblock_findval("path", rq->vars);
npath = (char *) MALLOC(strlen(t) + 1 + 1);
util_sprintf(npath, "%s3", t);
if(stat(npath, &fi) == -1) {
FREE(npath);
return REQ_NOACTION;
}
pp = pblock_find("path", rq->vars);
FREE(pp->value);
pp->value = npath;
/* don't check return; it should work. */
request_stat_path(npath, rq);
return REQ_PROCEED;
}
return REQ_NOACTION;
}
void request_context::finalise_header(http_parser* parser)
{
_current_hdr_value = nullptr;
_current_hdr_name = nullptr;
_current_header_object = nullptr;
http_parser_url url_parser;
http_parser_url_init(std::addressof(url_parser));
auto result = http_parser_parse_url(mutable_request_header().uri().data(),
mutable_request_header().uri().size(),
parser->method == HTTP_CONNECT,
std::addressof(url_parser));
if (result) {
BOOST_LOG_TRIVIAL(info) << "request_context::finalise_header - invalid url\n" << api::as_json(request_header());
throw invalid_url(request_header().uri());
}
check_url_field(url_parser, mutable_request_header(), &HttpRequestHeader::QueryParts::mutable_schema, UF_SCHEMA);
check_url_field(url_parser, mutable_request_header(), &HttpRequestHeader::QueryParts::mutable_host, UF_HOST);
check_url_field(url_parser, mutable_request_header(), &HttpRequestHeader::QueryParts::mutable_port, UF_PORT);
check_url_field(url_parser, mutable_request_header(), &HttpRequestHeader::QueryParts::mutable_path, UF_PATH);
check_url_field(url_parser, mutable_request_header(), &HttpRequestHeader::QueryParts::mutable_query, UF_QUERY);
check_url_field(url_parser, mutable_request_header(), &HttpRequestHeader::QueryParts::mutable_fragment, UF_FRAGMENT);
check_url_field(url_parser, mutable_request_header(), &HttpRequestHeader::QueryParts::mutable_user_info, UF_USERINFO);
mutable_request_header().set_method(http_method_str(static_cast<http_method>(parser->method)));
mutable_request_header().set_version_major(parser->http_major);
mutable_request_header().set_version_minor(parser->http_minor);
_response_header->set_version_major(parser->http_major);
_response_header->set_version_minor(parser->http_minor);
BOOST_LOG_TRIVIAL(info) << "request_context::finalise_header - header complete:\n" << api::as_json(request_header());
}
void
on_request(struct service *service, struct conn *conn)
{
struct request *request = conn_request(conn);
printf("REQEST!\n");
printf(" > %s on %s\n", request->method, request->path);
printf(" > HOST: %s\n", request_header(request, "Host"));
printf(" > USER_AGENT: %s\n", request_header(request, "User-Agent"));
if (strcmp("/", request->path) == 0) {
respond_with_file(conn, "index.html");
} else {
respond_with_file(conn, request->path + 1);
}
conn_close(conn);
}
NSAPI_PUBLIC int
add_agent_header(pblock *param, Session *sn, Request *rq)
{
const char *thisfunc = "add_agent_header()";
int requestResult = REQ_ABORTED;
char *host = NULL ;
char *host_name = NULL;
void *args[] = { (void *)rq };
am_status_t ret = AM_FAILURE;
char *header_str = NULL;
// NSAPI function pblock_pblock2str expects "full-headers"
// to be non-null value. Therefore, add a logic to check whether
// "full-headers" is null and if it is, return error to the client.
// - Forward port of fix in CRT (657).
pb_param *hdr_pp = pblock_find("full-headers", rq->reqpb);
if (hdr_pp != NULL && hdr_pp->value == NULL) {
am_web_log_error ("add_agent_header():Header not found.");
return REQ_ABORTED;
}
header_str = pblock_pblock2str(rq->reqpb, NULL);
am_web_log_max_debug("%s: Headers: %s", thisfunc, header_str);
system_free(header_str);
requestResult = request_header ("host",&host,sn,rq );
if (REQ_PROCEED == requestResult && host != NULL) {
host_name = strdup (host);
if (host_name == NULL){
am_web_log_debug("%s: Unable to allocate memory for host_name",
thisfunc);
am_web_free_memory(host);
return REQ_ABORTED;
}
am_web_log_max_debug("%s: Host = %s ", thisfunc, host_name);
ret = set_header("ampxy_host",host_name,args);
if (ret == AM_SUCCESS) {
header_str = pblock_pblock2str(rq->reqpb, NULL);
am_web_log_max_debug("%s: headers = %s", thisfunc, header_str);
system_free(header_str);
requestResult = REQ_NOACTION;
am_web_log_max_debug("%s: Host replace success %d ", thisfunc,
requestResult);
} else {
am_web_log_max_debug("%s: Host replace failed", thisfunc);
}
if(host_name != NULL) {
free(host_name);
}
} else {
am_web_log_error ("%s: Header not found.", thisfunc);
}
return requestResult;
}
char * get_post_assertion_data(Session *sn, Request *rq, char *url)
{
int i = 0;
char *body = NULL;
int cl = 0;
char *cl_str = NULL;
/**
* content length and body
*
* note: memory allocated in here should be released by
* other function such as: "policy_unregister_post"
*/
request_header("content-length", &cl_str, sn, rq);
if(cl_str == NULL)
cl_str = pblock_findval("content-length", rq->headers);
if(cl_str == NULL)
return body;
if(PR_sscanf(cl_str, "%ld", &cl) == 1) {
body = (char *)malloc(cl + 1);
if(body != NULL){
for (i = 0; i < cl; i++) {
int ch = netbuf_getc(sn->inbuf);
if (ch==IO_ERROR || ch == IO_EOF) {
break;
}
body[i] = ch;
}
body[i] = '\0';
}
} else {
am_web_log_error("Error reading POST content body");
}
am_web_log_max_debug("Read POST content body : %s", body);
/**
* need to reset content length before redirect,
* otherwise, web server will wait for serveral minutes
* for non existant data
*/
param_free(pblock_remove("content-length", rq->headers));
pblock_nvinsert("content-length", "0", rq->headers);
return body;
}
static int handle_notification(Session *sn,
Request *rq,
void* agent_config)
{
int result;
char *content_length_header;
size_t content_length;
/* fixme GETPOST use new getRequestBody() routine here.... */
result = request_header(CONTENT_LENGTH_HDR, &content_length_header, sn,rq);
if (REQ_PROCEED == result && NULL != content_length_header &&
sscanf(content_length_header, "%u", &content_length) == 1) {
char ch;
size_t data_length = 0;
char *buf = NULL;
buf = system_malloc(content_length);
if (buf != NULL) {
for (data_length = 0; data_length < content_length; data_length++){
ch = netbuf_getc(sn->inbuf);
if (ch == IO_ERROR || ch == IO_EOF) {
break;
}
buf[data_length] = (char) ch;
}
am_web_handle_notification(buf, data_length, agent_config);
system_free(buf);
} else {
am_web_log_error("handle_notification() unable to allocate memory "
"for notification data, size = %u", content_length);
}
result = REQ_PROCEED;
} else {
am_web_log_error("handle_notification() %s content-length header",
(REQ_PROCEED == result &&
NULL != content_length_header) ?
"unparsable" : "missing");
}
return result;
}
bool handle(int csock) {
NOTICE("################# REQUEST");
PGconn *cnxn = NULL;
char buf[BUF_LEN + 2];
buf[0] = 0;
DEFINE_VAR_ALL(str_response, str_request, str_uri, str_temp, str_form_data);
DEFINE_VAR_MORE(str_correct_referer_start1, str_correct_referer_start2);
DEFINE_VAR_MORE(str_referer, str_host, str_request_len, str_boundary);
DEFINE_VAR_MORE(str_cookie_envelope, str_complete_response, str_buffer);
DEBUG("### get the str_request\n");
//##########################################
//### get the str_request
//DEBUG(">%d|%d<", SSIZE_MAX, BUF_LEN);
int int_request_len = BUF_LEN;
memset(buf, 0, BUF_LEN + 1);
int_request_len = read(csock, buf, BUF_LEN);
FINISH_SALLOC(str_request, int_request_len + 1);
memcpy(str_request, buf, int_request_len);
str_request[int_request_len] = '\0';
//HERE BE DRAGONS
//Maintainer: joseph
//This code reads from the socket only for as long as is necessary.
//If we have just one extra read command, it will hang until the browser
//sends more data. Which it won't. So read until end of request.
//@@@@@@@@@@@@@@@@@@@@@**^^""~~~"^@@^*@*@@**@@@@@@@@@
//@@@@@@@@@@@@@*^^'"~ , - ' '; ,@@b. ' -e@@@@@@@@@
//@@@@@@@@*^"~ . ' . ' ,@@@@( e@*@@@@@@@@@@
//@@@@@^~ . . ' @@@@@@, ~^@@@@@@@@@@@
//@@@~ ,e**@@*e, ,e**e, . ' '@@@@@@e, "*@@@@@'^@
//@',e@@@@@@@@@@ e@@@@@@ ' '*@@@@@@ @@@' 0
//@@@@@@@@@@@@@@@@@@@@@',e, ; ~^*^' ;^~ ' 0
//@@@@@@@@@@@@@@@^""^@@e@@@ .' ,' .' @
//@@@@@@@@@@@@@@' '@@@@@ ' , ,e' . ;@
//@@@@@@@@@@@@@' ,&&, ^@*' , . i^"@e, ,e@e @@
//@@@@@@@@@@@@' ,@@@@, ; ,& !,,@@@e@@@@ e@@
//@@@@@,~*@@*' ,@@@@@@e, ', e^~^@, ~'@@@@@@,@@@
//@@@@@@, ~" ,e@@@@@@@@@*e*@* ,@e @@""@e,,@@@@@@@@@
//@@@@@@@@ee@@@@@@@@@@@@@@@" ,e@' ,e@' e@@@@@@@@@@@@@
//@@@@@@@@@@@@@@@@@@@@@@@@" ,@" ,e@@e,,@@@@@@@@@@@@@@
//@@@@@@@@@@@@@@@@@@@@@@@~ ,@@@,,0@@@@@@@@@@@@@@@@@@@
//@@@@@@@@@@@@@@@@@@@@@@@@,,@@@@@@@@@@@@@@@@@@@@@@@@@
//"""""""""""""""""""""""""""""""""""""""""""""""""""
char *ptr_boundary_start = strstr(str_request, "Content-Type: multipart/form-data; boundary=");
if (ptr_boundary_start != NULL &&
strchr(ptr_boundary_start, 13) == NULL) {
memset(buf, 0, BUF_LEN + 1);
int int_current_length = read(csock, buf, BUF_LEN);
FINISH_SREALLOC(str_request, int_current_length + int_request_len + 1);
memcpy(str_request + int_request_len, buf, int_current_length);
str_request[int_current_length + int_request_len] = '\0';
int_request_len = int_request_len + int_current_length;
}
//DEBUG("test0>%s|%i<", str_request, int_request_len);
char *request_ptr;
//// ****if upload then special case
if (strstr(str_request, "Content-Type: multipart/form-data; boundary=") != 0) {
//get boundary
char *boundary_ptr = strstr(str_request, "Content-Type: multipart/form-data; boundary=") + 44;
char *boundary_end_ptr = strchr(boundary_ptr, 13) != 0 ? strchr(boundary_ptr, 13) : strchr(boundary_ptr, 10);
DEBUG("str_boundary: %d %d", boundary_end_ptr, boundary_ptr);
int int_boundary_length = boundary_end_ptr - boundary_ptr;
DEBUG("str_boundary: %d", int_boundary_length);
FINISH_SALLOC(str_boundary, int_boundary_length + 3); //extra and null byte
DEBUG("TESTING1");
memcpy(str_boundary, boundary_ptr, int_boundary_length);
DEBUG("TESTING2");
str_boundary[int_boundary_length + 0] = '-';
DEBUG("TESTING3");
str_boundary[int_boundary_length + 1] = '-';
DEBUG("TESTING4");
str_boundary[int_boundary_length + 2] = '\0';
DEBUG("TESTING5");
int int_current_length = BUF_LEN;
DEBUG("TESTING6");
//DEBUG("str_boundary: %s", str_boundary);
//DEBUG("str_request: %s", str_request);
DEBUG("bstrstr(\"%-10s\", %d, \"%s\", %d", str_request, int_request_len, str_boundary, int_boundary_length + 2);
/*
DEBUG("test0>%s<", bstrstr(
str_request, int_request_len,
str_boundary, int_boundary_length + 2) == NULL ? "NULL" : "NOT NULL");
while (bstrstr(
str_request, int_request_len,
str_boundary, int_boundary_length + 2) == NULL) {//while null
DEBUG("test1");
memset(buf, 0, BUF_LEN + 1);
//FINISH_SALLOC(str_buffer, BUF_LEN + 2);
DEBUG("test2");
int_current_length = read(csock, buf, BUF_LEN);
DEBUG("test3");
FINISH_SREALLOC(str_request, int_request_len + int_current_length + 1);
DEBUG("test4>%s<", str_request);
memcpy(str_request + int_request_len, buf, int_current_length);
int_request_len = int_request_len + int_current_length;
str_request[int_request_len] = '\0';
//SFREE(str_buffer);
DEBUG("test5>%i<", int_request_len);
}
*/
DEBUG(">%s<", bstrstr(
str_request + int_request_len - int_current_length - int_boundary_length,
int_current_length + int_boundary_length,
str_boundary, int_boundary_length + 2) == NULL ? "NULL" : "NOT NULL");
while (bstrstr(
str_request + int_request_len - int_current_length - int_boundary_length,
int_current_length + int_boundary_length,
str_boundary, int_boundary_length + 2) == NULL) {//while null
memset(buf, 0, BUF_LEN + 1);
//DEBUG("test1");
int_current_length = read(csock, buf, BUF_LEN);
//DEBUG("test2");
FINISH_SREALLOC(str_request, int_request_len + int_current_length + 1);
//DEBUG("test3>%s<", str_request);
memcpy(str_request + int_request_len, buf, int_current_length);
int_request_len = int_request_len + int_current_length;
str_request[int_request_len] = '\0';
//DEBUG("test4>%i<", int_request_len);
}
DEBUG("test5>%s<", bstrstr(
str_request,
int_request_len,
str_boundary, int_boundary_length + 2) - 25);
SFREE(str_boundary);
//// ****
// if post or put, then get content length and receive that amount after two newlines, then break
} else if (strncmp(str_request, "P", 1) == 0) {
//we need Content-Length: before we can continue
while (! strstr(str_request, "Content-Length:")) {
memset(buf, 0, BUF_LEN + 1);
//DEBUG("test1");
int_request_len = read(csock, buf, BUF_LEN);
//DEBUG("test2>%i<", int_request_len);
//buf[request_len] = 0;
FINISH_CAT_APPEND(str_request, buf);
//DEBUG("#request_len:%d", int_request_len);
}
request_ptr = strstr(str_request, "Content-Length:");
// if we didn't find anything we need to stop, len("Content-Length")==15
if (strlen(request_ptr) < 16) {
// error bad str_request
FINISH("Bad str_request");
}
// move pointer to start of content length value
request_ptr = request_ptr + 15;
//DEBUG("request_ptr>%s<", request_ptr);
// step through the buffer and see if we can get the length
int req_len = 0;
while (request_ptr != 0 && *request_ptr != '\r' && *request_ptr != '\n') {
if (request_ptr == 0 && req_len == 0) {
// error bad str_request
}
//do not comment next line!!!!!!!! give inconsistent output without this line!!!!!! idk why!!!!!!!
//DEBUG("test1>%c<", *request_ptr);
///////////////
if (*request_ptr != '\r' && *request_ptr != '\n') {
request_ptr = request_ptr + 1;
req_len = req_len + 1;
}
}
FINISH_SALLOC(str_request_len, req_len + 1);
request_ptr = request_ptr - req_len;
memcpy(str_request_len, request_ptr, req_len);
str_request_len[req_len] = '\0';
//DEBUG("test2>%s|%s<", str_request_len, request_ptr, req_len);
req_len = atoi(str_request_len);
SFREE(str_request_len);
while (strstr(str_request,"\r\n\r\n") == 0 && strstr(str_request, "\n\n") == 0 && strstr(str_request, "\r\r") == 0) {
memset(buf,0,BUF_LEN + 1);
int_request_len = read(csock, buf, BUF_LEN);
FINISH_CAT_APPEND(str_request, buf);
}
request_ptr = strstr(str_request,"\r\n\r\n") != 0 ? strstr(str_request,"\r\n\r\n") + 4 :
strstr(str_request,"\n\n") != 0 ? strstr(str_request,"\n\n") + 2 :
strstr(str_request,"\r\r") != 0 ? strstr(str_request,"\r\r") + 2 : 0;
unsigned int int_length_we_want = ((request_ptr - str_request) + req_len);
//DEBUG("test3>%s|%s<", str_request, request_ptr);
//DEBUG("test4>%i|%i|%i|%i<\n", int_length_we_want, strlen( str_request ), (request_ptr - str_request), req_len);
while (int_length_we_want > strlen(str_request)) {
memset(buf,0,BUF_LEN + 1);
int_request_len = read(csock, buf, BUF_LEN);
FINISH_CAT_APPEND(str_request, buf);
//DEBUG("test4.1>%i|%i<\n", int_length_we_want, strlen( str_request ));
}
//DEBUG("test5\n");
int_request_len = strlen(str_request);
// if not POST, then break at two newlines.
// (only other request we accept is GET, we don't use any other methods of request)
} else {
while (strstr(str_request,"\r\n\r\n") == 0 && strstr(str_request,"\n\n") == 0 && strstr(str_request,"\r\r") == 0) {
memset(buf, 0, BUF_LEN + 1);
int_request_len = read(csock, buf, BUF_LEN);
FINISH_CAT_APPEND(str_request, buf);
}
int_request_len = strlen(str_request);
}
DEBUG("request_len>%i<", strlen(str_request));
/*
//for testing actions
GS.ajaxJSON('URI', 'PARAMS', function (data, error) {
if (!error) {
console.log(data);
} else {
GS.ajaxErrorDialog(data);
}
});
*/
str_uri = str_uri_path(str_request);
FINISH_CHECK(str_uri != NULL,
"str_uri_path failed");
INFO("### str_uri: %s", str_uri);
str_host = request_header(str_request, "host");
INFO("### str_host: %s", str_host);
//DEBUG("### REQUEST: %s", str_request);
//check referer
str_referer = request_header(str_request, "Referer");
INFO("### str_referer: %s", str_referer);
//when we have a referer, we should make sure it matches our website, but we have a few exceptions.
if (str_referer != NULL) {
FINISH_CAT_CSTR(str_correct_referer_start1, "https://", str_host);
FINISH_CAT_CSTR(str_correct_referer_start2, "http://" , str_host);
FINISH_CHECK(
strncmp(str_correct_referer_start1, str_referer, strlen(str_correct_referer_start1)) == 0 ||
strncmp(str_correct_referer_start2, str_referer, strlen(str_correct_referer_start2)) == 0 ||
strlen(str_referer) <= 0 ||
strncmp(str_uri, "/v1/" , 4 ) != 0 ||
//strncmp(str_uri, "/v1/env/auth", 12) == 0 ||
strncmp(str_uri, "/v1/cluster" , 11) == 0 ||
strncmp(str_uri, "/v1/app" , 7 ) == 0 ||
strncmp(str_uri, "/v1/dev" , 7 ) == 0,
"Referer does not match host.");
SFREE(str_correct_referer_start1);
SFREE(str_correct_referer_start2);
}
//####################################################################################################
//######################################### MANAGE COOKIES ###########################################
// set up database connection
// FEAR NOT GCC! This will not be used uninitialized.
//PQinitOpenSSL(0, 0); //prevent Libpq from initializing ssl
bool bol_valid_subdomain = false;
//if subdomain database configuration is active, then change int_global_current_conn_port
//we use int_global_current_conn_port to connect to the postgres instance
//if the subdomain is the default subdomain, we should connect to production
//if the subdomain is not the default subdomain, we should connect to the correct developer area
//if the subdomain is not recognized, we should connect to production
if (strlen(str_global_developers) > 0) {
char *temp = strchr(str_host, '.');
int int_length = temp - str_host;
FINISH_SALLOC(str_current_subdomain, int_length + 1);
DEBUG("### str_host: %s, temp: %s, char: %c, int_length: %d\n", str_host, temp, '.', int_length);
memcpy(str_current_subdomain, str_host, int_length);
str_current_subdomain[int_length] = '\0';
str_temp = getport(str_global_developers, str_current_subdomain);
FINISH_CHECK(str_temp != NULL, "getport failed");
if (strlen(str_temp) > 0) {
DEBUG("VALID SUBDOMAIN DETECTED >%s|%s<", str_global_developers, str_temp);
int_global_current_conn_port = atoi(str_temp);
bol_valid_subdomain = true;
}
SFREE(str_temp);
} else {
FINISH_CAT_CSTR(str_current_subdomain, "");
}
DEBUG(">%s|%s|%i|%i<", str_uri, "/auth_envelope/accept_auth", strlen(str_uri), strncmp(str_uri, "/auth_envelope/accept_auth", 26) == 0);
DEBUG("test0>str_request: %s", str_request);
str_cookie_envelope = str_cookie(str_request, "envelope");
DEBUG("test1");
bol_global_public = false;
DEBUG("str_uri: >%s< str_uri + 13 + strcspn(str_uri + 13, \"./\"): >%s<", str_uri, str_uri + 13 + strcspn(str_uri + 13, "./"));
// if the URL does not start with /v1
// then serve from the web_root
if (strncmp(str_uri, "/v1/", 4) != 0) {
str_response = link_web_root(csock, str_uri, bol_valid_subdomain ? str_current_subdomain : "");
FINISH_CHECK(str_response != NULL, "link_web_root failed");
goto finish;
// postgres functions that start with actionnc_ or acceptnc_
// these CAN have a COOKIE, but it WON'T BE USED
// set up a public connection
} else if (//str_cookie_envelope == NULL &&
strlen(str_uri) >= 13 && strncmp(str_uri, "/v1/cluster/", 12) == 0 &&
(strncmp(str_uri + 13 + strcspn(str_uri + 13, "./"), ".acceptnc_", 10) == 0 ||
strncmp(str_uri + 13 + strcspn(str_uri + 13, "./"), ".actionnc_", 10) == 0)) {
cnxn = set_cnxn_public(csock, str_request);
// built in envelope functions
// these links CAN have a COOKIE, but if we don't then set up a public connection
} else if (str_cookie_envelope == NULL &&
((strlen(str_uri) >= 18 && strncmp(str_uri, "/v1/env/action_info" , 18) == 0) ||
(strlen(str_uri) >= 20 && strncmp(str_uri, "/v1/env/action_upload" , 20) == 0) ||
(strlen(str_uri) >= 22 && strncmp(str_uri, "/v1/env/accept_download" , 22) == 0) ||
(strlen(str_uri) >= 23 && strncmp(str_uri, "/v1/envelope/action_info" , 23) == 0) ||
(strlen(str_uri) >= 25 && strncmp(str_uri, "/v1/envelope/action_upload" , 25) == 0) ||
(strlen(str_uri) >= 27 && strncmp(str_uri, "/v1/envelope/accept_download", 27) == 0) ||
(strlen(str_uri) >= 21 && strncmp(str_uri, "/v1/env/action_select", 21) == 0) ||
(strlen(str_uri) >= 21 && strncmp(str_uri, "/v1/env/action_update", 21) == 0) ||
(strlen(str_uri) >= 21 && strncmp(str_uri, "/v1/env/action_insert", 21) == 0) ||
(strlen(str_uri) >= 21 && strncmp(str_uri, "/v1/env/action_delete", 21) == 0) ||
(strlen(str_uri) >= 20 && strncmp(str_uri, "/v1/env/action_order" , 20) == 0))) {
cnxn = set_cnxn_public(csock, str_request);
// authentication links for normal user, these CAN have a COOKIE
} else if ((strlen(str_uri) >= 26 && strncmp(str_uri, "/auth_envelope/accept_auth", 26) == 0) ||
(strlen(str_uri) >= 12 && strncmp(str_uri, "/v1/env/auth", 12) == 0)) {
/*
FINISH_CHECK(strncmp(str_current_subdomain, str_global_subdomain, strlen(str_global_subdomain)) == 0,
"Must be in \"%s\" subdomain.", str_global_subdomain);
*/
str_response = link_auth(cnxn, str_request);
FINISH_CHECK(str_response != NULL, "link_auth failed");
goto finish;
// authentication links for superuser, these REQUIRE a COOKIE
} else if ((strlen(str_uri) >= 16 && strncmp(str_uri, "/v1/postage/auth", 16) == 0)) {
str_response = link_auth_postage(str_request);
FINISH_CHECK(str_response != NULL, "link_auth_postage failed");
goto finish;
// superuser links, these REQUIRE a COOKIE
} else if (strncmp(str_uri, "/v1/dev" , 7 ) == 0 ||
strncmp(str_uri, "/v1/postage", 11) == 0 ||
strncmp(str_uri, "/v1/sql" , 7 ) == 0) {
cnxn = set_cnxn_postage(csock, str_uri, str_request);
// subdomain links, these REQUIRE a COOKIE
} else if (bol_valid_subdomain) {
cnxn = set_cnxn_test(csock, str_uri, str_request);
// production links, these REQUIRE a COOKIE
} else {
cnxn = set_cnxn(csock, str_uri, str_request);
}
//IF NULL THEN EXIT, CSOCK IS ALREADY WRITTEN TO BY set_cnxn AND set_cnxn_test
if (cnxn == NULL) {
//if we use FINISH_CHECK, there will be a sunlogf
//we don't want a sunlogf cause there is no error. we just want to return
goto finish;
}
// cnxn GARANTEED TO BE VALID HERE
//if public cookie (or nocookie always) then public action
if (bol_global_public) {
str_response = main_public_action(cnxn, csock, str_uri, str_request, int_request_len,
bol_valid_subdomain ? str_current_subdomain : "");
FINISH_CHECK(str_response != NULL, "link_auth failed");
goto finish;
}
//################################################################################################
//########################## HAVE COOKIE, HAVE CNXN, PARSE REQUESTS ##############################
DEBUG("COOKIE IS VALID");
//not a webroot request
if (strncmp(str_uri, "/v1/", 4) == 0) {
char *ptr_uri = str_uri + 3;
//this link is for accessing the database
if (strlen(ptr_uri) >= 9 && strncmp(ptr_uri, "/cluster/", 9) == 0) {
str_response = link_cluster(cnxn, ptr_uri, str_request, csock);
FINISH_CHECK(str_response != NULL, "link_cluster failed");
//this link is for uploading a file to role
} else if (strlen(ptr_uri) >= 16 && strncmp(ptr_uri, "/upload_envelope", 16) == 0) {
str_response = link_upload(cnxn, str_request, int_request_len, bol_valid_subdomain ? str_current_subdomain : "");
FINISH_CHECK(str_response != NULL, "link_upload failed");
//this link is for builtin c actions like action_select (read from view)
} else if (strlen(ptr_uri) >= 10 && strncmp(ptr_uri, "/envelope/", 10) == 0) {
// link system is in envelope_handle_c.c
str_response = link_system(cnxn, csock, ptr_uri + 5, str_request, int_request_len, bol_valid_subdomain ? str_current_subdomain : "");
FINISH_CHECK(str_response != NULL, "link_system failed");
//shorter version of the above link
} else if (strlen(ptr_uri) >= 5 && strncmp(ptr_uri, "/env/", 5) == 0) {
// link system is in envelope_handle_c.c
str_response = link_system(cnxn, csock, ptr_uri, str_request, int_request_len, bol_valid_subdomain ? str_current_subdomain : "");
FINISH_CHECK(str_response != NULL, "link_system failed");
//read file from role
} else if (strlen(ptr_uri) >= 6 && strncmp(ptr_uri, "/role/", 6) == 0) {
str_response = link_role(csock, cnxn, ptr_uri, bol_valid_subdomain ? str_current_subdomain : "");
FINISH_CHECK(str_response != NULL, "link_role failed");
//read app file
} else if (strncmp(ptr_uri, "/app/", 5) == 0) {
str_response = link_apps(csock, cnxn, ptr_uri, bol_valid_subdomain ? str_current_subdomain : "");
FINISH_CHECK(str_response != NULL, "link_apps failed");
//read app file, but require superuser
} else if (strncmp(ptr_uri, "/dev/", 5) == 0) {
str_response = link_apps(csock, cnxn, ptr_uri, bol_valid_subdomain ? str_current_subdomain : "");
FINISH_CHECK(str_response != NULL, "link_apps failed");
//more builtin c actions, but require superuser
} else if (strlen(ptr_uri) >= 9 && strncmp(ptr_uri, "/postage/", 9) == 0) {
// link system is in postage_handle_c2.c
str_response = link_system_postage(cnxn, csock, ptr_uri, str_request, int_request_len);
FINISH_CHECK(str_response != NULL, "link_system_postage failed");
//run arbitrary sql, must be superuser
} else if (strlen(ptr_uri) >= 4 && strncmp(ptr_uri, "/sql", 4) == 0) {
str_response = link_sql(csock, cnxn, str_request);
FINISH_CHECK(str_response != NULL, "link_sql failed");
//if none of these, error
} else {
NOTICE("REQUEST TYPE: UNHANDLED str_uri:%s", str_uri);
FINISH_CAT_CSTR(str_response, "HTTP/1.1 303 See Other\r\nLocation: /index.html\r\n");
}
//web_root request should already have been handled, error
} else {
NOTICE("REQUEST TYPE: UNHANDLED str_uri:%s", str_uri);
FINISH_CAT_CSTR(str_response, "HTTP/1.1 303 See Other\r\nLocation: /index.html\r\n");
}
finish:
if (str_response != NULL) {
INFO("REPLACE COOKIE IN str_response");
//replace cookie before expiration
str_complete_response = replace_cookie(str_response, str_request);
SFREE_PWORD(str_response);
DEBUG("str_complete_response: %s", str_complete_response);
if ((long)write(csock, str_complete_response, strlen(str_complete_response)) != (long)strlen(str_complete_response)) {
str_complete_response = ERROR_RESPONSE("write failed: %d (%s)", errno, strerror(errno));
write(csock, str_complete_response, strlen(str_complete_response));
}
} else {
ERROR_NORESPONSE("no str_response");
}
fsync(csock);
NOTICE("RESPONSE SENT %d bytes", strlen(str_complete_response));
if (cnxn != NULL) PQfinish(cnxn);
SFREE_PWORD(str_request);
SFREE_ALL();
return true;
}
