/* * This function is for uploading an ENTIRE calendar, not just one * component. This would be for webcal:// 'publish' operations, not * for GroupDAV. */ void dav_put_bigics(void) { wcsession *WCC = WC; char buf[1024]; /* * Tell the server that when we save a calendar event, we * do *not* want the server to generate invitations. */ serv_puts("ICAL sgi|0"); serv_getln(buf, sizeof buf); serv_puts("ICAL putics"); serv_getln(buf, sizeof buf); if (buf[0] != '4') { hprintf("HTTP/1.1 502 Bad Gateway\r\n"); dav_common_headers(); hprintf("Content-type: text/plain\r\n"); begin_burst(); wc_printf("%s\r\n", &buf[4]); end_burst(); return; } serv_putbuf(WCC->upload); serv_printf("\n000"); /* Report success and not much else. */ hprintf("HTTP/1.1 204 No Content\r\n"); syslog(LOG_DEBUG, "HTTP/1.1 204 No Content\r\n"); dav_common_headers(); begin_burst(); end_burst(); }
/* * Entry point for RSS feed generator */ void feed_rss(void) { char buf[1024]; output_headers(0, 0, 0, 0, 1, 0); hprintf("Content-type: text/xml; charset=utf-8\r\n"); hprintf( "Server: %s / %s\r\n" "Connection: close\r\n" , PACKAGE_STRING, ChrPtr(WC->serv_info->serv_software) ); begin_burst(); wc_printf("<?xml version=\"1.0\"?>" "<rss version=\"2.0\">" "<channel>" ); wc_printf("<title>"); escputs(ChrPtr(WC->CurRoom.name)); wc_printf("</title>"); wc_printf("<link>"); escputs(ChrPtr(site_prefix)); wc_printf("/</link>"); serv_puts("RINF"); serv_getln(buf, sizeof buf); if (buf[0] == '1') { wc_printf("<description>\r\n"); while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) { escputs(buf); wc_printf("\r\n"); } wc_printf("</description>"); } wc_printf("<image><title>"); escputs(ChrPtr(WC->CurRoom.name)); wc_printf("</title><url>"); escputs(ChrPtr(site_prefix)); wc_printf("/roompic?room="); urlescputs(ChrPtr(WC->CurRoom.name)); wc_printf("</url><link>"); escputs(ChrPtr(site_prefix)); wc_printf("/</link></image>\r\n"); feed_rss_do_room_info_as_description(); feed_rss_do_messages(); wc_printf("</channel>" "</rss>" "\r\n\r\n" ); wDumpContent(0); }
/* * Display the OpenIDs associated with an account */ void display_openids(void) { wcsession *WCC = WC; char buf[1024]; int bg = 0; output_headers(1, 1, 1, 0, 0, 0); do_template("box_begin_1"); StrBufAppendBufPlain(WCC->WBuf, _("Manage Account/OpenID Associations"), -1, 0); do_template("box_begin_2"); if (WCC->serv_info->serv_supports_openid) { wc_printf("<table class=\"altern\">"); serv_puts("OIDL"); serv_getln(buf, sizeof buf); if (buf[0] == '1') while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) { bg = 1 - bg; wc_printf("<tr class=\"%s\">", (bg ? "even" : "odd")); wc_printf("<td><img src=\"static/webcit_icons/openid-small.gif\"></td><td>"); escputs(buf); wc_printf("</td><td>"); wc_printf("<a href=\"openid_detach?id_to_detach="); urlescputs(buf); wc_printf("\" onClick=\"return confirm('%s');\">", _("Do you really want to delete this OpenID?")); wc_printf("%s</a>", _("(delete)")); wc_printf("</td></tr>\n"); } wc_printf("</table><br>\n"); wc_printf("<form method=\"POST\" action=\"openid_attach\">\n"); wc_printf("<input type=\"hidden\" name=\"nonce\" value=\"%d\">\n", WCC->nonce); wc_printf(_("Add an OpenID: ")); wc_printf("<input type=\"text\" name=\"openid_url\" class=\"openid_urlarea\" size=\"40\">\n"); wc_printf("<input type=\"submit\" name=\"attach_button\" value=\"%s\">" "</form></center>\n", _("Attach")); } else { wc_printf(_("%s does not permit authentication via OpenID."), ChrPtr(WCC->serv_info->serv_humannode)); } do_template("box_end"); wDumpContent(2); }
/* * Attempt to attach an OpenID to an existing, logged-in account */ void openid_attach(void) { char buf[4096]; if (havebstr("attach_button")) { syslog(LOG_DEBUG, "Attempting to attach %s\n", bstr("openid_url")); snprintf(buf, sizeof buf, "OIDS %s|%s/finalize_openid_login?attach_existing=1|%s", bstr("openid_url"), ChrPtr(site_prefix), ChrPtr(site_prefix) ); serv_puts(buf); serv_getln(buf, sizeof buf); if (buf[0] == '2') { syslog(LOG_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]); http_redirect(&buf[4]); return; } else { syslog(LOG_DEBUG, "OpenID attach failed: %s\n", &buf[4]); } } /* If we get to this point then something failed. */ display_openids(); }
void save_net_conf(HashList *Nodelist) { char buf[SIZ]; StrBuf *Buf; HashPos *where; void *vNode; NodeConf *Node; const char *Key; long KeyLen; serv_puts("CONF putsys|application/x-citadel-ignet-config"); serv_getln(buf, sizeof buf); if (buf[0] == '4') { if ((Nodelist != NULL) && (GetCount(Nodelist) > 0)) { where = GetNewHashPos(Nodelist, 0); Buf = NewStrBuf(); while (GetNextHashPos(Nodelist, where, &KeyLen, &Key, &vNode)) { Node = (NodeConf*) vNode; if (Node->DeleteMe==0) { SerializeNode(Node, Buf); serv_putbuf(Buf); } } FreeStrBuf(&Buf); DeleteHashPos(&where); } serv_puts("000"); } }
HashList *load_netconf(StrBuf *Target, WCTemplputParams *TP) { StrBuf *Buf; HashList *Hash; char nnn[64]; char buf[SIZ]; int nUsed; NodeConf *Node; serv_puts("CONF getsys|application/x-citadel-ignet-config"); serv_getln(buf, sizeof buf); if (buf[0] == '1') { Hash = NewHash(1, NULL); Buf = NewStrBuf(); while (StrBuf_ServGetln(Buf), strcmp(ChrPtr(Buf), "000")) { Node = NewNode(Buf); if (Node != NULL) { nUsed = GetCount(Hash); nUsed = snprintf(nnn, sizeof(nnn), "%d", nUsed+1); Put(Hash, nnn, nUsed, Node, DeleteNodeConf); } } FreeStrBuf(&Buf); return Hash; } return NULL; }
/* * This is the sending side of the chat window. The form is designed to transmit asynchronously. */ void chat_send(void) { char send_this[SIZ]; char buf[SIZ]; begin_ajax_response(); if (havebstr("send_this")) { strcpy(send_this, bstr("send_this")); } else { strcpy(send_this, ""); } if (havebstr("exit_button")) { strcpy(send_this, "/quit"); } if (!IsEmptyStr(send_this)) { serv_puts("RCHT send"); serv_getln(buf, sizeof buf); if (buf[0] == '4') { text_to_server(send_this); serv_puts("000"); } } end_ajax_response(); }
/* * wholist for chat */ void chat_rwho(void) { char buf[1024]; serv_puts("RCHT rwho"); serv_getln(buf, sizeof buf); if (buf[0] == '1') { while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) { if (!strcasecmp(buf, ChrPtr(WC->wc_fullname))) { wc_printf("<span class=\"chat_myname_class\">"); } else { wc_printf("<span class=\"chat_notmyname_class\">"); } wc_printf("<img src=\"static/webcit_icons/essen/16x16/chat.png\">"); escputs(buf); wc_printf("</span><br>\n"); } } }
/* * Display a specific page from a wiki room * * "rev" may be set to an empty string to display the current version. * "do_revert" may be set to nonzero to perform a reversion to the specified version. */ void display_wiki_page_backend(char *pagename, char *rev, int do_revert) { wcsession *WCC = WC; const StrBuf *Mime; long msgnum = (-1L); char buf[256]; if ((WCC->CurRoom.view != VIEW_WIKI) && (WCC->CurRoom.view != VIEW_WIKIMD)) { wc_printf(_("'%s' is not a Wiki room."), ChrPtr(WCC->CurRoom.name) ); return; } if (IsEmptyStr(pagename)) { strcpy(pagename, "home"); } str_wiki_index(pagename); /* convert index name to lowercase and numeric only */ if ((rev != NULL) && (strlen(rev) > 0)) { /* read an older revision */ serv_printf("WIKI rev|%s|%s|%s", pagename, rev, (do_revert ? "revert" : "fetch") ); serv_getln(buf, sizeof buf); if (buf[0] == '2') { msgnum = extract_long(&buf[4], 0); } } else { /* read the current revision */ msgnum = locate_message_by_uid(pagename); } if (msgnum >= 0L) { read_message(WCC->WBuf, HKEY("view_message"), msgnum, NULL, &Mime); return; } wc_printf("<br><br>" "<div align=\"center\">" "<table border=\"0\" bgcolor=\"#ffffff\" cellpadding=\"10\">" "<tr><td align=\"center\">" ); wc_printf("<br><b>"); wc_printf(_("There is no page called '%s' here."), pagename); wc_printf("</b><br><br>"); wc_printf(_("Select the 'Edit this page' link in the room banner " "if you would like to create this page.")); wc_printf("<br><br>"); wc_printf("</td></tr></table></div>\n"); }
/* * Display the screen containing multiuser chat for a room. */ void do_chat(void) { char buf[256]; WC->last_chat_seq = 0; WC->last_chat_user[0] = 0; output_headers(1, 1, 1, 0, 0, 0); do_template("roomchat"); serv_puts("RCHT enter"); serv_getln(buf, sizeof buf); wDumpContent(1); }
/* * Receiving side of the chat window. * This does JavaScript writes to * other divs whenever it refreshes and finds new data. */ void chat_recv(void) { char buf[SIZ]; char cl_user[SIZ]; serv_printf("RCHT poll|%d", WC->last_chat_seq); serv_getln(buf, sizeof buf); if (buf[0] == '1') { WC->last_chat_seq = extract_int(&buf[4], 0); extract_token(cl_user, &buf[4], 2, '|', sizeof cl_user); /* who is speaking ... */ if (strcasecmp(cl_user, WC->last_chat_user)) { wc_printf("<br>\n"); if (!strcasecmp(cl_user, ChrPtr(WC->wc_fullname))) { wc_printf("<span class=\"chat_myname_class\">"); } else { wc_printf("<span class=\"chat_notmyname_class\">"); } escputs(cl_user); strcpy(WC->last_chat_user, cl_user); wc_printf(": </span>"); } else { wc_printf(" "); } /* what did they say ... */ wc_printf("<span class=\"chat_text_class\">"); while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) { escputs(buf); } wc_printf("<br></span>\n"); } }
/* * Helper function for the asynchronous check to see if we need * to open the instant messenger window. */ void seconds_since_last_gexp(void) { char buf[256]; if ( (time(NULL) - WC->last_pager_check) < 30) { wc_printf("NO\n"); } else { memset(buf, 0, 5); serv_puts("NOOP"); serv_getln(buf, sizeof buf); if (buf[3] == '*') { wc_printf("YES"); } else { wc_printf("NO"); } } }
/* * Serialize a vnote and write it to the server */ void write_vnote_to_server(struct vnote *v) { char buf[1024]; char *pch; char boundary[256]; static int seq = 0; snprintf(boundary, sizeof boundary, "Citadel--Multipart--%s--%04x--%04x", ChrPtr(WC->serv_info->serv_fqdn), getpid(), ++seq ); serv_puts("ENT0 1|||4"); serv_getln(buf, sizeof buf); if (buf[0] == '4') { /* Remember, serv_printf() appends an extra newline */ serv_printf("Content-type: multipart/alternative; " "boundary=\"%s\"\n", boundary); serv_printf("This is a multipart message in MIME format.\n"); serv_printf("--%s", boundary); serv_puts("Content-type: text/plain; charset=utf-8"); serv_puts("Content-Transfer-Encoding: 7bit"); serv_puts(""); serv_puts(v->body); serv_puts(""); serv_printf("--%s", boundary); serv_puts("Content-type: text/vnote"); serv_puts("Content-Transfer-Encoding: 7bit"); serv_puts(""); pch = vnote_serialize(v); serv_puts(pch); free(pch); serv_printf("--%s--", boundary); serv_puts("000"); } }
/* * RSS feed generator -- do one message */ void feed_rss_one_message(long msgnum) { int in_body = 0; int in_messagetext = 0; int found_title = 0; int found_guid = 0; char pubdate[128]; StrBuf *messagetext = NULL; int is_top_level_post = 1; const char *BufPtr = NULL; StrBuf *Line = NewStrBufPlain(NULL, 1024); char buf[1024]; int permalink_hash = 0; /* Phase 1: read the message into memory */ serv_printf("MSG4 %ld", msgnum); serv_getln(buf, sizeof buf); if (buf[0] != '1') return; StrBuf *ServerResponse = NewStrBuf(); while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) { StrBufAppendPrintf(ServerResponse, "%s\n", buf); } /* Phase 2: help SkyNet become self-aware */ BufPtr = NULL; while (StrBufSipLine(Line, ServerResponse, &BufPtr), ((BufPtr!=StrBufNOTNULL)&&(BufPtr!=NULL)) ) { if (in_body) { /* do nothing */ } else if (StrLength(Line) == 0) { ++in_body; } else if ((StrLength(Line) > 5) && (!strncasecmp(ChrPtr(Line), "wefw=", 5))) { is_top_level_post = 0; /* presence of references means it's a reply/comment */ } else if ((StrLength(Line) > 5) && (!strncasecmp(ChrPtr(Line), "msgn=", 5))) { StrBufCutLeft(Line, 5); permalink_hash = ThreadIdHash(Line); } } /* * Phase 3: output the message in RSS <item> form * (suppress replies [comments] if this is a blog room) */ if ( (WC->CurRoom.view != VIEW_BLOG) || (is_top_level_post == 1) ) { wc_printf("<item>"); wc_printf("<link>%s/readfwd?go=", ChrPtr(site_prefix)); urlescputs(ChrPtr(WC->CurRoom.name)); if ((WC->CurRoom.view == VIEW_BLOG) && (permalink_hash != 0)) { wc_printf("?p=%d", permalink_hash); } else { wc_printf("?start_reading_at=%ld", msgnum); } wc_printf("</link>"); BufPtr = NULL; in_body = 0; in_messagetext = 0; while (StrBufSipLine(Line, ServerResponse, &BufPtr), ((BufPtr!=StrBufNOTNULL)&&(BufPtr!=NULL)) ) { safestrncpy(buf, ChrPtr(Line), sizeof buf); /* XML parsers can be picky; strip out nonprintable header characters */ if ((strlen(buf)>=6) && (buf[4]=='=')) { char *p = &buf[5]; while (*p) { if (!isprint(*p)) { *p = 0; } ++p; } } /* Now output fields */ if (in_body) { if (in_messagetext) { StrBufAppendBufPlain(messagetext, buf, -1, 0); StrBufAppendBufPlain(messagetext, HKEY("\r\n"), 0); } else if (IsEmptyStr(buf)) { in_messagetext = 1; } } else if (!strncasecmp(buf, "subj=", 5)) { wc_printf("<title>"); escputs(&buf[5]); wc_printf("</title>"); ++found_title; } else if (!strncasecmp(buf, "exti=", 5)) { wc_printf("<guid isPermaLink=\"false\">"); escputs(&buf[5]); wc_printf("</guid>"); ++found_guid; } else if (!strncasecmp(buf, "time=", 5)) { http_datestring(pubdate, sizeof pubdate, atol(&buf[5])); wc_printf("<pubDate>%s</pubDate>", pubdate); } else if (!strncasecmp(buf, "text", 4)) { if (!found_title) { wc_printf("<title>Message #%ld</title>", msgnum); } if (!found_guid) { wc_printf("<guid isPermaLink=\"false\">%ld@%s</guid>", msgnum, ChrPtr(WC->serv_info->serv_humannode) ); } wc_printf("<description>"); in_body = 1; messagetext = NewStrBuf(); } } if (in_body) { cdataout((char*)ChrPtr(messagetext)); FreeStrBuf(&messagetext); wc_printf("</description>"); } wc_printf("</item>"); } FreeStrBuf(&Line); FreeStrBuf(&ServerResponse); return; }
/* * Background ajax call to receive updates from the browser when a note is moved, resized, or updated. */ void ajax_update_note(void) { char buf[1024]; int msgnum; struct vnote *v = NULL; if (!havebstr("note_uid")) { begin_ajax_response(); wc_printf("Received ajax_update_note() request without a note UID."); end_ajax_response(); return; } serv_printf("EUID %s", bstr("note_uid")); serv_getln(buf, sizeof buf); if (buf[0] != '2') { begin_ajax_response(); wc_printf("Cannot find message containing vNote with the requested uid!"); end_ajax_response(); return; } msgnum = atol(&buf[4]); /* Was this request a delete operation? If so, nuke it... */ if (havebstr("deletenote")) { if (!strcasecmp(bstr("deletenote"), "yes")) { serv_printf("DELE %d", msgnum); serv_getln(buf, sizeof buf); begin_ajax_response(); wc_printf("%s", buf); end_ajax_response(); return; } } /* If we get to this point it's an update, not a delete */ v = vnote_new_from_msg(msgnum, 0); if (!v) { begin_ajax_response(); wc_printf("Cannot locate a vNote within message %d\n", msgnum); end_ajax_response(); return; } /* Make any requested changes */ if (havebstr("top")) { v->pos_top = atoi(bstr("top")); } if (havebstr("left")) { v->pos_left = atoi(bstr("left")); } if (havebstr("height")) { v->pos_height = atoi(bstr("height")); } if (havebstr("width")) { v->pos_width = atoi(bstr("width")); } if (havebstr("red")) { v->color_red = atoi(bstr("red")); } if (havebstr("green")) { v->color_green = atoi(bstr("green")); } if (havebstr("blue")) { v->color_blue = atoi(bstr("blue")); } if (havebstr("value")) { /* I would have preferred 'body' but InPlaceEditor hardcodes 'value' */ if (v->body) free(v->body); v->body = strdup(bstr("value")); } /* Serialize it and save it to the message base. Server will delete the old one. */ write_vnote_to_server(v); begin_ajax_response(); if (v->body) { escputs(v->body); } end_ajax_response(); vnote_free(v); }
/* * The pathname is always going to take one of two formats: * [/groupdav/]room_name/euid (GroupDAV) * [/groupdav/]room_name (webcal) */ void dav_put(void) { wcsession *WCC = WC; StrBuf *dav_roomname; StrBuf *dav_uid; long new_msgnum = (-2L); long old_msgnum = (-1L); char buf[SIZ]; int n = 0; if (StrBufNum_tokens(WCC->Hdr->HR.ReqLine, '/') < 2) { hprintf("HTTP/1.1 404 not found\r\n"); dav_common_headers(); hprintf("Content-Type: text/plain\r\n"); begin_burst(); wc_printf("The object you requested was not found.\r\n"); end_burst(); return; } dav_roomname = NewStrBuf();; dav_uid = NewStrBuf();; StrBufExtract_token(dav_roomname, WCC->Hdr->HR.ReqLine, 0, '/'); StrBufExtract_token(dav_uid, WCC->Hdr->HR.ReqLine, 1, '/'); if ((!strcasecmp(ChrPtr(dav_uid), "ics")) || (!strcasecmp(ChrPtr(dav_uid), "calendar.ics"))) { FlushStrBuf(dav_uid); } /* Go to the correct room. */ if (strcasecmp(ChrPtr(WC->CurRoom.name), ChrPtr(dav_roomname))) { gotoroom(dav_roomname); } if (strcasecmp(ChrPtr(WC->CurRoom.name), ChrPtr(dav_roomname))) { hprintf("HTTP/1.1 404 not found\r\n"); dav_common_headers(); hprintf("Content-Type: text/plain\r\n"); begin_burst(); wc_printf("There is no folder called \"%s\" on this server.\r\n", ChrPtr(dav_roomname)); end_burst(); FreeStrBuf(&dav_roomname); FreeStrBuf(&dav_uid); return; } /* * If an HTTP If-Match: header is present, the client is attempting * to replace an existing item. We have to check to see if the * message number associated with the supplied uid matches what the * client is expecting. If not, the server probably contains a newer * version, so we fail... */ if (StrLength(WCC->Hdr->HR.dav_ifmatch) > 0) { syslog(LOG_DEBUG, "dav_ifmatch: %s\n", ChrPtr(WCC->Hdr->HR.dav_ifmatch)); old_msgnum = locate_message_by_uid(ChrPtr(dav_uid)); syslog(LOG_DEBUG, "old_msgnum: %ld\n", old_msgnum); if (StrTol(WCC->Hdr->HR.dav_ifmatch) != old_msgnum) { hprintf("HTTP/1.1 412 Precondition Failed\r\n"); syslog(LOG_INFO, "HTTP/1.1 412 Precondition Failed (ifmatch=%ld, old_msgnum=%ld)\r\n", StrTol(WCC->Hdr->HR.dav_ifmatch), old_msgnum); dav_common_headers(); end_burst(); FreeStrBuf(&dav_roomname); FreeStrBuf(&dav_uid); return; } } /** PUT on the collection itself uploads an ICS of the entire collection. */ if (StrLength(dav_uid) == 0) { dav_put_bigics(); FreeStrBuf(&dav_roomname); FreeStrBuf(&dav_uid); return; } /* * We are cleared for upload! We use the new calling syntax for ENT0 * which allows a confirmation to be sent back to us. That's how we * extract the message ID. */ serv_puts("ENT0 1|||4|||1|"); serv_getln(buf, sizeof buf); if (buf[0] != '8') { hprintf("HTTP/1.1 502 Bad Gateway\r\n"); dav_common_headers(); hprintf("Content-type: text/plain\r\n"); begin_burst(); wc_printf("%s\r\n", &buf[4]); end_burst(); return; } /* Send the content to the Citadel server */ //serv_printf("Content-type: %s\n\n", WCC->upload_content_type); serv_putbuf(WCC->upload); serv_puts("\n000"); /* Fetch the reply from the Citadel server */ n = 0; FlushStrBuf(dav_uid); while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) { switch(n++) { case 0: new_msgnum = atol(buf); break; case 1: syslog(LOG_DEBUG, "new_msgnum=%ld (%s)\n", new_msgnum, buf); break; case 2: StrBufAppendBufPlain(dav_uid, buf, -1, 0); break; default: break; } } /* Tell the client what happened. */ /* Citadel failed in some way? */ if (new_msgnum < 0L) { hprintf("HTTP/1.1 502 Bad Gateway\r\n"); dav_common_headers(); hprintf("Content-type: text/plain\r\n"); begin_burst(); wc_printf("new_msgnum is %ld\r\n" "\r\n", new_msgnum); end_burst(); FreeStrBuf(&dav_roomname); FreeStrBuf(&dav_uid); return; } /* We created this item for the first time. */ if (old_msgnum < 0L) { char escaped_uid[1024]; hprintf("HTTP/1.1 201 Created\r\n"); syslog(LOG_DEBUG, "HTTP/1.1 201 Created\r\n"); dav_common_headers(); hprintf("etag: \"%ld\"\r\n", new_msgnum); hprintf("Location: "); dav_identify_hosthdr(); hprintf("/groupdav/");/* TODO */ hurlescputs(ChrPtr(dav_roomname)); euid_escapize(escaped_uid, ChrPtr(dav_uid)); hprintf("/%s\r\n", escaped_uid); end_burst(); FreeStrBuf(&dav_roomname); FreeStrBuf(&dav_uid); return; } /* We modified an existing item. */ hprintf("HTTP/1.1 204 No Content\r\n"); syslog(LOG_DEBUG, "HTTP/1.1 204 No Content\r\n"); dav_common_headers(); hprintf("Etag: \"%ld\"\r\n", new_msgnum); /* The item we replaced has probably already been deleted by * the Citadel server, but we'll do this anyway, just in case. */ serv_printf("DELE %ld", old_msgnum); serv_getln(buf, sizeof buf); begin_burst(); end_burst(); FreeStrBuf(&dav_roomname); FreeStrBuf(&dav_uid); return; }
/* * advise the Citadel server that the user is navigating away from the chat window */ void chat_exit(void) { char buf[1024]; serv_puts("RCHT exit"); serv_getln(buf, sizeof buf); /* Throw away the server reply */ }
/* * Sanitize and enhance an HTML message for display. * Also convert weird character sets to UTF-8 if necessary. * Also fixup img src="cid:..." type inline images to fetch the image * */ void output_html(const char *supplied_charset, int treat_as_wiki, int msgnum, StrBuf *Source, StrBuf *Target) { char buf[SIZ]; char *msg; char *ptr; char *msgstart; char *msgend; StrBuf *converted_msg; int buffer_length = 1; int line_length = 0; int content_length = 0; char new_window[SIZ]; int brak = 0; int alevel = 0; int scriptlevel = 0; int script_start_pos = (-1); int i; int linklen; char charset[128]; StrBuf *BodyArea = NULL; #ifdef HAVE_ICONV iconv_t ic = (iconv_t)(-1) ; char *ibuf; /* Buffer of characters to be converted */ char *obuf; /* Buffer for converted characters */ size_t ibuflen; /* Length of input buffer */ size_t obuflen; /* Length of output buffer */ char *osav; /* Saved pointer to output buffer */ #endif if (Target == NULL) Target = WC->WBuf; safestrncpy(charset, supplied_charset, sizeof charset); msg = strdup(""); sprintf(new_window, "<a target=\"%s\" href=", TARGET); if (Source == NULL) while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) { line_length = strlen(buf); buffer_length = content_length + line_length + 2; ptr = realloc(msg, buffer_length); if (ptr == NULL) { StrBufAppendPrintf(Target, "<b>"); StrBufAppendPrintf(Target, _("realloc() error! couldn't get %d bytes: %s"), buffer_length + 1, strerror(errno)); StrBufAppendPrintf(Target, "</b><br><br>\n"); while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) { /** flush */ } free(msg); return; } msg = ptr; strcpy(&msg[content_length], buf); content_length += line_length; strcpy(&msg[content_length], "\n"); content_length += 1; } else { content_length = StrLength(Source); free(msg); msg = (char*) ChrPtr(Source);/* TODO: remove cast */ buffer_length = content_length; } /** Do a first pass to isolate the message body */ ptr = msg + 1; msgstart = msg; msgend = &msg[content_length]; while (ptr < msgend) { /** Advance to next tag */ ptr = strchr(ptr, '<'); if ((ptr == NULL) || (ptr >= msgend)) break; ++ptr; if ((ptr == NULL) || (ptr >= msgend)) break; /* * Look for META tags. Some messages (particularly in * Asian locales) illegally declare a message's character * set in the HTML instead of in the MIME headers. This * is wrong but we have to work around it anyway. */ if (!strncasecmp(ptr, "META", 4)) { char *meta_start; char *meta_end; int meta_length; char *meta; char *meta_http_equiv; char *meta_content; char *spaceptr; meta_start = &ptr[4]; meta_end = strchr(ptr, '>'); if ((meta_end != NULL) && (meta_end <= msgend)) { meta_length = meta_end - meta_start + 1; meta = malloc(meta_length + 1); safestrncpy(meta, meta_start, meta_length); meta[meta_length] = 0; striplt(meta); if (!strncasecmp(meta, "HTTP-EQUIV=", 11)) { meta_http_equiv = strdup(&meta[11]); spaceptr = strchr(meta_http_equiv, ' '); if (spaceptr != NULL) { *spaceptr = 0; meta_content = strdup(++spaceptr); if (!strncasecmp(meta_content, "content=", 8)) { strcpy(meta_content, &meta_content[8]); stripquotes(meta_http_equiv); stripquotes(meta_content); extract_charset_from_meta(charset, meta_http_equiv, meta_content); } free(meta_content); } free(meta_http_equiv); } free(meta); } } /* * Any of these tags cause everything up to and including * the tag to be removed. */ if ( (!strncasecmp(ptr, "HTML", 4)) ||(!strncasecmp(ptr, "HEAD", 4)) ||(!strncasecmp(ptr, "/HEAD", 5)) ||(!strncasecmp(ptr, "BODY", 4)) ) { char *pBody = NULL; if (!strncasecmp(ptr, "BODY", 4)) { pBody = ptr; } ptr = strchr(ptr, '>'); if ((ptr == NULL) || (ptr >= msgend)) break; if ((pBody != NULL) && (ptr - pBody > 4)) { char* src; char *cid_start, *cid_end; *ptr = '\0'; pBody += 4; while ((isspace(*pBody)) && (pBody < ptr)) pBody ++; BodyArea = NewStrBufPlain(NULL, ptr - pBody); if (pBody < ptr) { src = strstr(pBody, "cid:"); if (src) { cid_start = src + 4; cid_end = cid_start; while ((*cid_end != '"') && !isspace(*cid_end) && (cid_end < ptr)) cid_end ++; /* copy tag and attributes up to src="cid: */ StrBufAppendBufPlain(BodyArea, pBody, src - pBody, 0); /* add in /webcit/mimepart/<msgno>/CID/ trailing / stops dumb URL filters getting excited */ StrBufAppendPrintf(BodyArea, "/webcit/mimepart/%d/",msgnum); StrBufAppendBufPlain(BodyArea, cid_start, cid_end - cid_start, 0); if (ptr - cid_end > 0) StrBufAppendBufPlain(BodyArea, cid_end + 1, ptr - cid_end, 0); } else StrBufAppendBufPlain(BodyArea, pBody, ptr - pBody, 0); } *ptr = '>'; } ++ptr; if ((ptr == NULL) || (ptr >= msgend)) break; msgstart = ptr; } /* * Any of these tags cause everything including and following * the tag to be removed. */ if ( (!strncasecmp(ptr, "/HTML", 5)) ||(!strncasecmp(ptr, "/BODY", 5)) ) { --ptr; msgend = ptr; strcpy(ptr, ""); } ++ptr; } if (msgstart > msg) { strcpy(msg, msgstart); } /* Now go through the message, parsing tags as necessary. */ converted_msg = NewStrBufPlain(NULL, content_length + 8192); /** Convert foreign character sets to UTF-8 if necessary. */ #ifdef HAVE_ICONV if ( (strcasecmp(charset, "us-ascii")) && (strcasecmp(charset, "UTF-8")) && (strcasecmp(charset, "")) ) { syslog(LOG_DEBUG, "Converting %s to UTF-8\n", charset); ctdl_iconv_open("UTF-8", charset, &ic); if (ic == (iconv_t)(-1) ) { syslog(LOG_WARNING, "%s:%d iconv_open() failed: %s\n", __FILE__, __LINE__, strerror(errno)); } } if (Source == NULL) { if (ic != (iconv_t)(-1) ) { ibuf = msg; ibuflen = content_length; obuflen = content_length + (content_length / 2) ; obuf = (char *) malloc(obuflen); osav = obuf; iconv(ic, &ibuf, &ibuflen, &obuf, &obuflen); content_length = content_length + (content_length / 2) - obuflen; osav[content_length] = 0; free(msg); msg = osav; iconv_close(ic); } } else { if (ic != (iconv_t)(-1) ) { StrBuf *Buf = NewStrBufPlain(NULL, StrLength(Source) + 8096);; StrBufConvert(Source, Buf, &ic); FreeStrBuf(&Buf); iconv_close(ic); msg = (char*)ChrPtr(Source); /* TODO: get rid of this. */ } } #endif /* * At this point, the message has been stripped down to * only the content inside the <BODY></BODY> tags, and has * been converted to UTF-8 if it was originally in a foreign * character set. The text is also guaranteed to be null * terminated now. */ if (converted_msg == NULL) { StrBufAppendPrintf(Target, "Error %d: %s<br>%s:%d", errno, strerror(errno), __FILE__, __LINE__); goto BAIL; } if (BodyArea != NULL) { StrBufAppendBufPlain(converted_msg, HKEY("<table "), 0); StrBufAppendBuf(converted_msg, BodyArea, 0); StrBufAppendBufPlain(converted_msg, HKEY(" width=\"100%\"><tr><td>"), 0); } ptr = msg; msgend = strchr(msg, 0); while (ptr < msgend) { /** Try to sanitize the html of any rogue scripts */ if (!strncasecmp(ptr, "<script", 7)) { if (scriptlevel == 0) { script_start_pos = StrLength(converted_msg); } ++scriptlevel; } if (!strncasecmp(ptr, "</script", 8)) { --scriptlevel; } /** * Change mailto: links to WebCit mail, by replacing the * link with one that points back to our mail room. Due to * the way we parse URL's, it'll even handle mailto: links * that have "?subject=" in them. */ if (!strncasecmp(ptr, "<a href=\"mailto:", 16)) { content_length += 64; StrBufAppendPrintf(converted_msg, "<a href=\"display_enter?force_room=_MAIL_?recp="); ptr = &ptr[16]; ++alevel; ++brak; } /** Make external links open in a separate window */ else if (!strncasecmp(ptr, "<a href=\"", 9)) { ++alevel; ++brak; if ( ((strchr(ptr, ':') < strchr(ptr, '/'))) && ((strchr(ptr, '/') < strchr(ptr, '>'))) ) { /* open external links to new window */ StrBufAppendPrintf(converted_msg, new_window); ptr = &ptr[8]; } else if ( (treat_as_wiki) && (strncasecmp(ptr, "<a href=\"wiki?", 14)) && (strncasecmp(ptr, "<a href=\"dotgoto?", 17)) && (strncasecmp(ptr, "<a href=\"knrooms?", 17)) ) { content_length += 64; StrBufAppendPrintf(converted_msg, "<a href=\"wiki?go="); StrBufUrlescAppend(converted_msg, WC->CurRoom.name, NULL); StrBufAppendPrintf(converted_msg, "?page="); ptr = &ptr[9]; } else { StrBufAppendPrintf(converted_msg, "<a href=\""); ptr = &ptr[9]; } } /** Fixup <img src="cid:... ...> to fetch the mime part */ else if (!strncasecmp(ptr, "<img ", 5)) { char *cid_start, *cid_end; char* tag_end=strchr(ptr,'>'); char* src; /* FIXME - handle this situation (maybe someone opened an <img cid... * and then ended the message) */ if (!tag_end) { syslog(LOG_DEBUG, "tag_end is null and ptr is:\n"); syslog(LOG_DEBUG, "%s\n", ptr); syslog(LOG_DEBUG, "Theoretical bytes remaining: %d\n", (int)(msgend - ptr)); } src=strstr(ptr, "src=\"cid:"); ++brak; if (src && isspace(*(src-1)) && tag_end && (cid_start=strchr(src,':')) && (cid_end=strchr(cid_start,'"')) && (cid_end < tag_end) ) { /* copy tag and attributes up to src="cid: */ StrBufAppendBufPlain(converted_msg, ptr, src - ptr, 0); cid_start++; /* add in /webcit/mimepart/<msgno>/CID/ trailing / stops dumb URL filters getting excited */ StrBufAppendPrintf(converted_msg, " src=\"/webcit/mimepart/%d/",msgnum); StrBufAppendBufPlain(converted_msg, cid_start, cid_end - cid_start, 0); StrBufAppendBufPlain(converted_msg, "/\"", -1, 0); ptr = cid_end+1; } StrBufAppendBufPlain(converted_msg, ptr, tag_end - ptr, 0); ptr = tag_end; } /** * Turn anything that looks like a URL into a real link, as long * as it's not inside a tag already */ else if ( (brak == 0) && (alevel == 0) && ( (!strncasecmp(ptr, "http://", 7)) || (!strncasecmp(ptr, "https://", 8)))) { /** Find the end of the link */ int strlenptr; linklen = 0; strlenptr = strlen(ptr); for (i=0; i<=strlenptr; ++i) { if ((ptr[i]==0) ||(isspace(ptr[i])) ||(ptr[i]==10) ||(ptr[i]==13) ||(ptr[i]=='(') ||(ptr[i]==')') ||(ptr[i]=='<') ||(ptr[i]=='>') ||(ptr[i]=='[') ||(ptr[i]==']') ||(ptr[i]=='"') ||(ptr[i]=='\'') ) linklen = i; /* did s.b. send us an entity? */ if (ptr[i] == '&') { if ((ptr[i+2] ==';') || (ptr[i+3] ==';') || (ptr[i+5] ==';') || (ptr[i+6] ==';') || (ptr[i+7] ==';')) linklen = i; } if (linklen > 0) break; } if (linklen > 0) { char *ltreviewptr; char *nbspreviewptr; char linkedchar; int len; len = linklen; linkedchar = ptr[len]; ptr[len] = '\0'; /* spot for some subject strings tinymce tends to give us. */ ltreviewptr = strchr(ptr, '<'); if (ltreviewptr != NULL) { *ltreviewptr = '\0'; linklen = ltreviewptr - ptr; } nbspreviewptr = strstr(ptr, " "); if (nbspreviewptr != NULL) { /* nbspreviewptr = '\0'; */ linklen = nbspreviewptr - ptr; } if (ltreviewptr != 0) *ltreviewptr = '<'; ptr[len] = linkedchar; content_length += (32 + linklen); StrBufAppendPrintf(converted_msg, "%s\"", new_window); StrBufAppendBufPlain(converted_msg, ptr, linklen, 0); StrBufAppendPrintf(converted_msg, "\">"); StrBufAppendBufPlain(converted_msg, ptr, linklen, 0); ptr += linklen; StrBufAppendPrintf(converted_msg, "</A>"); } } else { StrBufAppendBufPlain(converted_msg, ptr, 1, 0); ptr++; } if ((ptr >= msg) && (ptr <= msgend)) { /* * We need to know when we're inside a tag, * so we don't turn things that look like URL's into * links, when they're already links - or image sources. */ if ((ptr > msg) && (*(ptr-1) == '<')) { ++brak; } if ((ptr > msg) && (*(ptr-1) == '>')) { --brak; if ((scriptlevel == 0) && (script_start_pos >= 0)) { StrBufCutRight(converted_msg, StrLength(converted_msg) - script_start_pos); script_start_pos = (-1); } } if (!strncasecmp(ptr, "</A>", 3)) --alevel; } } if (BodyArea != NULL) { StrBufAppendBufPlain(converted_msg, HKEY("</td></tr></table>"), 0); FreeStrBuf(&BodyArea); } /** uncomment these two lines to override conversion */ /** memcpy(converted_msg, msg, content_length); */ /** output_length = content_length; */ /** Output our big pile of markup */ StrBufAppendBuf(Target, converted_msg, 0); BAIL: /** A little trailing vertical whitespace... */ StrBufAppendPrintf(Target, "<br><br>\n"); /** Now give back the memory */ FreeStrBuf(&converted_msg); if ((msg != NULL) && (Source == NULL)) free(msg); }
/* * The pathname is always going to be /groupdav/room_name/euid */ void dav_delete(void) { wcsession *WCC = WC; char dav_uid[SIZ]; long dav_msgnum = (-1); char buf[SIZ]; int n = 0; StrBuf *dav_roomname = NewStrBuf(); /* Now extract the message euid */ n = StrBufNum_tokens(WCC->Hdr->HR.ReqLine, '/'); extract_token(dav_uid, ChrPtr(WCC->Hdr->HR.ReqLine), n-1, '/', sizeof dav_uid); StrBufExtract_token(dav_roomname, WCC->Hdr->HR.ReqLine, 0, '/'); ///* What's left is the room name. Remove trailing slashes. */ //len = StrLength(WCC->Hdr->HR.ReqLine); //if ((len > 0) && (ChrPtr(WCC->Hdr->HR.ReqLinee)[len-1] == '/')) { // StrBufCutRight(WCC->Hdr->HR.ReqLine, 1); //} //StrBufCutLeft(WCC->Hdr->HR.ReqLine, 1); /* Go to the correct room. */ if (strcasecmp(ChrPtr(WC->CurRoom.name), ChrPtr(dav_roomname))) { gotoroom(dav_roomname); } if (strcasecmp(ChrPtr(WC->CurRoom.name), ChrPtr(dav_roomname))) { hprintf("HTTP/1.1 404 not found\r\n"); dav_common_headers(); hprintf("Content-Length: 0\r\n\r\n"); begin_burst(); end_burst(); FreeStrBuf(&dav_roomname); return; } dav_msgnum = locate_message_by_uid(dav_uid); /* * If no item exists with the requested uid ... simple error. */ if (dav_msgnum < 0L) { hprintf("HTTP/1.1 404 Not Found\r\n"); dav_common_headers(); hprintf("Content-Length: 0\r\n\r\n"); begin_burst(); end_burst(); FreeStrBuf(&dav_roomname); return; } /* * It's there ... check the ETag and make sure it matches * the message number. */ if (StrLength(WCC->Hdr->HR.dav_ifmatch) > 0) { if (StrTol(WCC->Hdr->HR.dav_ifmatch) != dav_msgnum) { hprintf("HTTP/1.1 412 Precondition Failed\r\n"); dav_common_headers(); hprintf("Content-Length: 0\r\n\r\n"); begin_burst(); end_burst(); FreeStrBuf(&dav_roomname); return; } } /* * Ok, attempt to delete the item. */ serv_printf("DELE %ld", dav_msgnum); serv_getln(buf, sizeof buf); if (buf[0] == '2') { hprintf("HTTP/1.1 204 No Content\r\n"); /* success */ dav_common_headers(); hprintf("Content-Length: 0\r\n\r\n"); begin_burst(); end_burst(); } else { hprintf("HTTP/1.1 403 Forbidden\r\n"); /* access denied */ dav_common_headers(); hprintf("Content-Length: 0\r\n\r\n"); begin_burst(); end_burst(); } FreeStrBuf(&dav_roomname); return; }