static void*
handle_import(enum mg_event event,
struct mg_connection *conn,
const struct mg_request_info *request_info) {
std::string file = get_qs(request_info, "file");
int sorted = atoi(get_qs(request_info, "sorted").c_str());
uint_t limit = atoi(get_qs(request_info, "limit").c_str());
int nadded, nlines;
const time_t start_time = time(NULL);
if (!limit) {
limit = minus_one;
}
int ret = do_import(file, sorted, limit, nadded, nlines);
if (ret < 0) {
switch (-ret) {
case IMPORT_FILE_NOT_FOUND:
print_HTTP_response(conn, 404, "Not Found");
break;
default:
cerr<<"ERROR::Unknown error: "<<ret<<endl;
}
}
else {
print_HTTP_response(conn, 200, "OK");
mg_printf(conn, "Successfully added %d/%d records from \"%s\" in %d second(s)\n",
nadded, nlines, file.c_str(), time(NULL) - start_time);
}
return (void*)"";
}
static void*
handle_suggest(enum mg_event event,
struct mg_connection *conn,
const struct mg_request_info *request_info) {
++nreq;
if (building) {
print_HTTP_response(conn, 412, "Busy");
return (void*)"";
}
std::string q = get_qs(request_info, "q");
std::string sn = get_qs(request_info, "n");
std::string cb = get_qs(request_info, "callback");
std::string type = get_qs(request_info, "type");
DCERR("handle_suggest::q:"<<q<<", sn:"<<sn<<", callback: "<<cb<<endl);
unsigned int n = sn.empty() ? NMAX : atoi(sn.c_str());
if (n > NMAX) {
n = NMAX;
}
const bool has_cb = !cb.empty();
if (has_cb && !is_valid_cb(cb)) {
print_HTTP_response(conn, 400, "Invalid Request");
return (void*)"";
}
print_HTTP_response(conn, 200, "OK");
str_lowercase(q);
vp_t results = suggest(pm, st, q, n);
/*
for (size_t i = 0; i < results.size(); ++i) {
mg_printf(conn, "%s:%d\n", results[i].first.c_str(), results[i].second);
}
*/
if (has_cb) {
mg_printf(conn, "%s(%s);\n", cb.c_str(), results_json(q, results, type).c_str());
}
else {
mg_printf(conn, "%s\n", results_json(q, results, type).c_str());
}
return (void*)"";
}
int main(){
char curDir[512], *cd=curDir, newDir[512], *curtok, *newtok, RealDir[1024], buf[2048], *ptr;
printf("Content-type: text/html\n\n<html><meta http-equiv=\"Content-Type\" content=\"text/html; charset=koi8-r\"><body>\n");
if(!(ptr = get_qs(buf, 2048)))
printerr("no query string", 1);
if(!get_qs_param(ptr, "DIR", curDir, 512))
printerr("no directory selected", 2);
if(!get_qs_param(ptr, "NEWDIR", newDir, 512))
printerr("no name of new directory", 3);
unhexdump(newDir);
if(!strstr(curDir, "/Inc"))
unhexdump(curDir);
ptr = strstr(curDir, "/Inc");
if(ptr) cd = ptr + 4;
ptr = strstr(curDir, "..");
if(ptr) printerr("bad directory name", 4);
curtok = strtok(cd, "/");
newtok = strtok(newDir, "/");
if(!newtok) printerr("no directory name", 5);
if(!curtok) sprintf(RealDir, "/var/www/tmp/Incoming/%s", newtok);
else sprintf(RealDir, "/var/www/tmp/Incoming/%s/%s", curtok, newtok);
if(mkdir(RealDir, 0777) < 0) printerr("can't create directory", 7);
chmod(RealDir, 0777);
printerr("directory created", 0);
}
static void*
handle_export(enum mg_event event,
struct mg_connection *conn,
const struct mg_request_info *request_info) {
std::string file = get_qs(request_info, "file");
if (building) {
print_HTTP_response(conn, 412, "Busy");
mg_printf(conn, "Busy\n");
return (void*)"";
}
// Prevent modifications to 'pm' while we export
building = true;
ofstream fout(file.c_str());
const time_t start_time = time(NULL);
for (size_t i = 0; i < pm.repr.size(); ++i) {
fout<<pm.repr[i].weight<<'\t'<<pm.repr[i].phrase<<'\t'<<std::string(pm.repr[i].snippet)<<'\n';
}
building = false;
mg_printf(conn, "Successfully wrote %u records to output file '%s' in %d second(s)\n",
pm.repr.size(), file.c_str(), time(NULL) - start_time);
return (void*)"";
}
// получение смещения на начало данных в multipart-строке запроса (в очередном куске)
// QS модифицируется соответствующим образом (curpos - начало файла, qlen - его длина)
off_t get_data_beginning(){
DBG("fd=%d, curpos=%lld, qlen=%zd", QS->fd, QS->curpos, QS->qlen);
if((!qs && !get_qs()) || (QS->fd && !QS->curpos)) return -1;
off_t offs = 0;
char *ctpos = strstr(QS->str, "\r\n\r\n");
if(!ctpos) return -1;
offs = ctpos - QS->str + 4;
if(offs > 0 && offs < QS->qlen){
QS->str = ctpos + 4;
DBG("Found data");
if(QS->fd) QS->curpos += offs;
QS->size -= offs;
QS->qlen -= offs;
}else return -1;
/* char *ctpos = strcasestr(QS->str, "Content-Type");
if(ctpos) ctpos = strchr(ctpos, '\r');
if(ctpos) offs = ctpos - QS->str + 4;
if(offs > 0 && offs < QS->qlen){
QS->str = ctpos + 4;
DBG("Found file data");
if(QS->fd) QS->curpos += offs;
QS->size -= offs;
QS->qlen -= offs;
}else return -1;
*/
DBG("offs: %lld, curpos: %lld", offs, QS->curpos);
return QS->curpos;
}
int digest_authorization(struct openconnect_info *vpninfo, int proxy,
struct http_auth_state *auth_state,
struct oc_text_buf *hdrbuf)
{
char *chall;
int ret = -EINVAL;
int algo = ALGO_MD5;
int qop_auth = 0;
int nc = 1;
struct oc_text_buf *realm = NULL, *nonce = NULL, *opaque = NULL;
struct oc_text_buf *a1 = NULL, *a2 = NULL, *kd = NULL;
struct oc_text_buf *cnonce = NULL;
unsigned char cnonce_random[32];
const char *user, *pass;
if (proxy) {
user = vpninfo->proxy_user;
pass = vpninfo->proxy_pass;
} else {
/* Need to parse this out of the URL */
return -EINVAL;
}
if (!user || !pass)
return -EINVAL;
if (auth_state->state < AUTH_AVAILABLE)
return -EINVAL;
if (auth_state->state == AUTH_IN_PROGRESS) {
auth_state->state = AUTH_FAILED;
return -EAGAIN;
}
chall = auth_state->challenge;
if (!chall)
return -EINVAL;
while (*chall) {
if (!realm && !strncmp(chall, "realm=", 6)) {
chall += 6;
realm = get_qs(&chall);
if (!realm)
goto err;
} else if (!nonce && !strncmp(chall, "nonce=", 6)) {
chall += 6;
nonce = get_qs(&chall);
if (!nonce)
goto err;
} else if (!strncmp(chall, "qop=", 4)) {
chall += 4;
if (strncmp(chall, "\"auth\"", 6)) {
/* We don't support "auth-int" */
goto err;
}
qop_auth = 1;
chall += 6;
} else if (!opaque && !strncmp(chall, "opaque=", 7)) {
chall += 7;
opaque = get_qs(&chall);
if (!opaque)
goto err;
} else if (!strncmp(chall, "algorithm=", 10)) {
chall += 10;
if (!strncmp(chall, "MD5-sess", 8)) {
algo = ALGO_MD5_SESS;
chall += 8;
} else if (!strncmp(chall, "MD5", 3)) {
algo = ALGO_MD5;
chall += 3;
}
} else {
char *p = strchr(chall, '=');
if (!p)
goto err;
p++;
if (*p == '\"') {
/* Eat and discard a quoted-string */
int escaped = 0;
p++;
do {
if (escaped)
escaped = 0;
else if (*p == '\\')
escaped = 1;
if (!*p)
goto err;
} while (escaped || *p != '\"');
chall = p+1;
} else {
/* Not quoted. Just find the next comma (or EOL) */
p = strchr(p, ',');
if (!p)
break;
chall = p;
}
}
while (isspace((int)(unsigned char)*chall))
chall++;
if (!*chall)
break;
if (*chall != ',')
goto err;
chall++;
while (isspace((int)(unsigned char)*chall))
chall++;
if (!*chall)
break;
}
if (!nonce || !realm)
goto err;
if (openconnect_random(&cnonce_random, sizeof(cnonce_random)))
goto err;
cnonce = buf_alloc();
buf_append_base64(cnonce, cnonce_random, sizeof(cnonce_random));
if (buf_error(cnonce))
goto err;
/*
* According to RFC2617 §3.2.2.2:
* A1 = unq(username-value) ":" unq(realm-value) ":" passwd
* So the username is escaped, while the password isn't.
*/
a1 = buf_alloc();
buf_append_unq(a1, user);
buf_append(a1, ":%s:%s", realm->data, pass);
if (buf_error(a1))
goto err;
if (algo == ALGO_MD5_SESS) {
struct oc_text_buf *old_a1 = a1;
a1 = buf_alloc();
buf_append_md5(a1, old_a1->data, old_a1->pos);
buf_free(old_a1);
buf_append(a1, ":%s:%s\n", nonce->data, cnonce->data);
if (buf_error(a1))
goto err;
}
a2 = buf_alloc();
buf_append(a2, "CONNECT:%s:%d", vpninfo->hostname, vpninfo->port);
if (buf_error(a2))
goto err;
kd = buf_alloc();
buf_append_md5(kd, a1->data, a1->pos);
buf_append(kd, ":%s:", nonce->data);
if (qop_auth) {
buf_append(kd, "%08x:%s:auth:", nc, cnonce->data);
}
buf_append_md5(kd, a2->data, a2->pos);
if (buf_error(kd))
goto err;
buf_append(hdrbuf, "%sAuthorization: Digest username=\"", proxy ? "Proxy-" : "");
buf_append_unq(hdrbuf, user);
buf_append(hdrbuf, "\", realm=\"%s\", nonce=\"%s\", uri=\"%s:%d\", ",
realm->data, nonce->data, vpninfo->hostname, vpninfo->port);
if (qop_auth)
buf_append(hdrbuf, "cnonce=\"%s\", nc=%08x, qop=auth, ",
cnonce->data, nc);
if (opaque)
buf_append(hdrbuf, "opaque=\"%s\", ", opaque->data);
buf_append(hdrbuf, "response=\"");
buf_append_md5(hdrbuf, kd->data, kd->pos);
buf_append(hdrbuf, "\"\r\n");
ret = 0;
auth_state->state = AUTH_IN_PROGRESS;
if (proxy)
vpn_progress(vpninfo, PRG_INFO,
_("Attempting Digest authentication to proxy\n"));
else
vpn_progress(vpninfo, PRG_INFO,
_("Attempting Digest authentication to server '%s'\n"),
vpninfo->hostname);
err:
if (a1 && a1->data)
memset(a1->data, 0, a1->pos);
buf_free(a1);
buf_free(a2);
buf_free(kd);
buf_free(realm);
buf_free(nonce);
buf_free(cnonce);
buf_free(opaque);
return ret;
}
