From 34f375960c45c0d57dc0510a242563c89a4e36c6 Mon Sep 17 00:00:00 2001 From: Chris Tallon Date: Sat, 16 Mar 2013 14:38:43 +0000 Subject: [PATCH] Initial import --- COPYING | 340 ++++ HISTORY | 6 + Makefile | 114 ++ README | 19 + handler.c | 646 +++++++ handler.h | 20 + jsonserver.c | 169 ++ log.c | 158 ++ log.h | 84 + mongoose.c | 5180 ++++++++++++++++++++++++++++++++++++++++++++++++++ mongoose.h | 292 +++ 11 files changed, 7028 insertions(+) create mode 100644 COPYING create mode 100644 HISTORY create mode 100644 Makefile create mode 100644 README create mode 100644 handler.c create mode 100644 handler.h create mode 100644 jsonserver.c create mode 100644 log.c create mode 100644 log.h create mode 100644 mongoose.c create mode 100644 mongoose.h diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..f90922e --- /dev/null +++ b/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/HISTORY b/HISTORY new file mode 100644 index 0000000..24668f3 --- /dev/null +++ b/HISTORY @@ -0,0 +1,6 @@ +VDR Plugin 'jsonserver' Revision History +---------------------------------------- + +2013-03-16: Version 0.0.1 + +- Initial revision. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..586985c --- /dev/null +++ b/Makefile @@ -0,0 +1,114 @@ +# +# Makefile for a Video Disk Recorder plugin +# +# $Id$ + +# The official name of this plugin. +# This name will be used in the '-P...' option of VDR to load the plugin. +# By default the main source file also carries this name. +# IMPORTANT: the presence of this macro is important for the Make.config +# file. So it must be defined, even if it is not used here! +# +PLUGIN = jsonserver + +### The version number of this plugin (taken from the main source file): + +VERSION = $(shell grep 'static const char \*VERSION *=' $(PLUGIN).c | awk '{ print $$6 }' | sed -e 's/[";]//g') + +### The C++ compiler and options: + +CXX ?= g++ +CXXFLAGS ?= -g -O3 -Wall -Werror=overloaded-virtual -Wno-parentheses -fpermissive + +### The directory environment: + +VDRDIR ?= ../../.. +LIBDIR ?= ../../lib +TMPDIR ?= /tmp + +### Make sure that necessary options are included: + +include $(VDRDIR)/Make.global + +### Allow user defined options to overwrite defaults: + +-include $(VDRDIR)/Make.config + +### The version number of VDR's plugin API (taken from VDR's "config.h"): + +APIVERSION = $(shell sed -ne '/define APIVERSION/s/^.*"\(.*\)".*$$/\1/p' $(VDRDIR)/config.h) + +### The name of the distribution archive: + +ARCHIVE = $(PLUGIN)-$(VERSION) +PACKAGE = vdr-$(ARCHIVE) + +### Includes and Defines (add further entries here): + +INCLUDES += -I$(VDRDIR)/include + +DEFINES += -D_GNU_SOURCE -DPLUGIN_NAME_I18N='"$(PLUGIN)"' + +### The object files (add further files here): + +OBJS = $(PLUGIN).o mongoose.o handler.o log.o + +### The main target: + +all: libvdr-$(PLUGIN).so i18n + +### Implicit rules: + +%.o: %.c + $(CXX) $(CXXFLAGS) -c $(DEFINES) $(INCLUDES) $< + +### Dependencies: + +MAKEDEP = $(CXX) -MM -MG +DEPFILE = .dependencies +$(DEPFILE): Makefile + @$(MAKEDEP) $(DEFINES) $(INCLUDES) $(OBJS:%.o=%.c) > $@ + +-include $(DEPFILE) + +### Internationalization (I18N): + +PODIR = po +LOCALEDIR = $(VDRDIR)/locale +I18Npo = $(wildcard $(PODIR)/*.po) +I18Nmsgs = $(addprefix $(LOCALEDIR)/, $(addsuffix /LC_MESSAGES/vdr-$(PLUGIN).mo, $(notdir $(foreach file, $(I18Npo), $(basename $(file)))))) +I18Npot = $(PODIR)/$(PLUGIN).pot + +%.mo: %.po + msgfmt -c -o $@ $< + +$(I18Npot): $(wildcard *.c) + xgettext -C -cTRANSLATORS --no-wrap --no-location -k -ktr -ktrNOOP --package-name=vdr-$(PLUGIN) --package-version=$(VERSION) --msgid-bugs-address='' -o $@ $^ + +%.po: $(I18Npot) + msgmerge -U --no-wrap --no-location --backup=none -q $@ $< + @touch $@ + +$(I18Nmsgs): $(LOCALEDIR)/%/LC_MESSAGES/vdr-$(PLUGIN).mo: $(PODIR)/%.mo + @mkdir -p $(dir $@) + cp $< $@ + +.PHONY: i18n +i18n: $(I18Nmsgs) $(I18Npot) + +### Targets: + +libvdr-$(PLUGIN).so: $(OBJS) + $(CXX) $(CXXFLAGS) $(LDFLAGS) -shared $(OBJS) -ljsoncpp -o $@ + @cp --remove-destination $@ $(LIBDIR)/$@.$(APIVERSION) + +dist: $(I18Npo) clean + @-rm -rf $(TMPDIR)/$(ARCHIVE) + @mkdir $(TMPDIR)/$(ARCHIVE) + @cp -a * $(TMPDIR)/$(ARCHIVE) + @tar czf $(PACKAGE).tgz -C $(TMPDIR) $(ARCHIVE) + @-rm -rf $(TMPDIR)/$(ARCHIVE) + @echo Distribution package created as $(PACKAGE).tgz + +clean: + @-rm -f $(OBJS) $(DEPFILE) *.so *.tgz core* *~ $(PODIR)/*.mo $(PODIR)/*.pot diff --git a/README b/README new file mode 100644 index 0000000..91cf4b6 --- /dev/null +++ b/README @@ -0,0 +1,19 @@ +This is a "plugin" for the Video Disk Recorder (VDR). + +Written by: Your Name + +Project's homepage: http://vomp.tv/jsonserver + +Latest version available at: http://vomp.tv/jsonserver + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. +See the file COPYING for more information. + +Description: + +A JSON data server plugin for VDR. + +Uses embedded Mongoose 3.7, and depends on libjsoncpp (0.6) from system. diff --git a/handler.c b/handler.c new file mode 100644 index 0000000..9976be8 --- /dev/null +++ b/handler.c @@ -0,0 +1,646 @@ +#include "handler.h" + +#include +#include +#include +#include + +#include +#include +#include +#include + +#include "log.h" + +int jsonserver_request_handler(struct mg_connection *conn) +{ + Log* log = Log::getInstance(); + const struct mg_request_info *request_info = mg_get_request_info(conn); + + if (strcmp(request_info->uri, "/jsonserver")) return 0; // not for us + + char wvrequest[20]; + int wvrl = mg_get_var(request_info->query_string, strlen(request_info->query_string), "req", wvrequest, 20); + if (wvrl == -1) + { + log->log("JSONServer", Log::ERR, "Could not decode req"); + return 0; + } + +/* + if (!strcmp(request_info->request_method, "OPTIONS")) + { + mg_printf(conn, "%s", "HTTP/1.0 200 OK\r\n"); + mg_printf(conn, "%s", "Access-Control-Allow-Origin: *\r\n"); + mg_printf(conn, "%s", "Content-Type: text/plain\r\n\r\n"); + return (void*)1; + } +*/ + + // Get POST data + char postData[10000]; + postData[0] = '\0'; + if (!strcmp(request_info->request_method, "POST")) + { + const char* contentLength = mg_get_header(conn, "Content-Length"); + int contentLengthI = atoi(contentLength); + log->log("JSONServer", Log::DEBUG, "POST data content length: %i", contentLengthI); + if (contentLengthI > 10000) + { + log->log("JSONServer", Log::DEBUG, "Length > 10000, rejecting"); + return 0; + } + + if (contentLengthI > 0) + { + // FIXME - assume for now that all post data will be small enough to have arrived immediately + int bytesRead = mg_read(conn, postData, contentLengthI); + if (bytesRead != contentLengthI) + { + log->log("JSONServer", Log::DEBUG, "Could not read up to contentLength"); + return 0; + } + } + } + + Json::Value js; + bool success = false; + + if (!strcmp(wvrequest, "reclist")) success = jsonserver_reclist(js); + else if (!strcmp(wvrequest, "recinfo")) success = jsonserver_recinfo(js, postData); + else if (!strcmp(wvrequest, "recdel")) success = jsonserver_recdel(js, postData); + else if (!strcmp(wvrequest, "recmove")) success = jsonserver_recmove(js, postData); + else if (!strcmp(wvrequest, "channellist")) success = jsonserver_channellist(js); + else if (!strcmp(wvrequest, "channelschedule")) success = jsonserver_channelschedule(js, postData); + else if (!strcmp(wvrequest, "timerlist")) success = jsonserver_timerlist(js); + else if (!strcmp(wvrequest, "timerdel")) success = jsonserver_timerdel(js, postData); + else if (!strcmp(wvrequest, "timerset")) success = jsonserver_timerset(js, postData); + + if (!success) return 0; // the specific handler failed badly + + // Now js will be filled + + Json::StyledWriter sw; + std::string jsonout = sw.write(js); + mg_printf(conn, "%s", "HTTP/1.0 200 OK\r\n"); + mg_printf(conn, "%s", "Content-Type: text/plain\r\n\r\n"); + mg_write(conn, jsonout.c_str(), jsonout.length()); + return 1; + + +/* + else if (event == MG_EVENT_LOG) + { + if (request_info->status_code == 400) // bad request + { + log->log("Mongoose", Log::DEBUG, "400 BAD REQUEST:"); + log->log("Mongoose", Log::DEBUG, request_info->request_method); + log->log("Mongoose", Log::DEBUG, request_info->uri); + log->log("Mongoose", Log::DEBUG, request_info->http_version); + log->log("Mongoose", Log::DEBUG, request_info->query_string); + log->log("Mongoose", Log::DEBUG, request_info->log_message); + for (int i = 0; i < request_info->num_headers; i++) + { + log->log("Mongoose", Log::DEBUG, "%s: %s", request_info->http_headers[i].name, request_info->http_headers[i].value); + } + } + else + { + log->log("Mongoose", Log::DEBUG, request_info->log_message); + log->log("Mongoose", Log::DEBUG, request_info->uri); + } + return (void*)1; + } + + // other events not handled: + // MG_HTTP_ERROR, MG_INIT_SSL + // Let mongoose do something with those + + return NULL; + +*/ + +} + +bool jsonserver_reclist(Json::Value& js) +{ + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "reclist"); + + int FreeMB; + int Percent = VideoDiskSpace(&FreeMB); + int Total = (FreeMB / (100 - Percent)) * 100; + + js["MBFree"] = FreeMB; + js["Percent"] = Percent; + js["Total"] = Total; + + Json::Value jsrecordings; + cRecordings Recordings; + Recordings.Load(); + for (cRecording *recording = Recordings.First(); recording; recording = Recordings.Next(recording)) + { + Json::Value oneRec; + oneRec["StartTime"] = (Json::UInt)recording->Start(); + oneRec["Name"] = recording->Name(); + oneRec["Filename"] = recording->FileName(); + jsrecordings.append(oneRec); + } + js["Recordings"] = jsrecordings; + + return true; +} + +bool jsonserver_recinfo(Json::Value& js, const char* postData) +{ + // For now this returns just the string summary of the recording + + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "recinfo"); + + char reqfilename[1000]; + int mgv1 = mg_get_var(postData, strlen(postData), "filename", reqfilename, 1000); + if (mgv1 == -1) + { + log->log("JSONServer", Log::ERR, "Could not decode filename"); + js["Result"] = false; + js["Error"] = "Could not decode filename"; + return true; + } + + log->log("JSONServer", Log::DEBUG, "%s", reqfilename); + + cRecordings Recordings; + Recordings.Load(); // probably have to do this + cRecording *recording = Recordings.GetByName(reqfilename); + + if (recording) + { + const cRecordingInfo *Info = recording->Info(); + char* summary = (char*)Info->ShortText(); + if (isempty(summary)) summary = (char*)Info->Description(); + js["Result"] = true; + js["Summary"] = summary; + } + else + { + log->log("JSONServer", Log::ERR, "recinfo found no recording"); + js["Result"] = false; + js["Summary"] = ""; + } + + return true; +} + +bool jsonserver_recdel(Json::Value& js, const char* postData) +{ + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "recdel"); + + char reqfilename[1000]; + int mgv1 = mg_get_var(postData, strlen(postData), "filename", reqfilename, 1000); + if (mgv1 == -1) + { + log->log("JSONServer", Log::ERR, "Could not decode filename"); + js["Result"] = false; + js["Error"] = "Could not decode filename"; + return true; + } + + log->log("JSONServer", Log::DEBUG, "%s", reqfilename); + + cRecordings Recordings; + Recordings.Load(); // probably have to do this + cRecording *recording = Recordings.GetByName(reqfilename); + + if (!recording) + { + js["Result"] = false; + js["Error"] = "Could not find recording to delete"; + return true; + } + + log->log("JSONServer", Log::DEBUG, "Deleting recording: %s", recording->Name()); + cRecordControl *rc = cRecordControls::GetRecordControl(recording->FileName()); + if (rc) + { + js["Result"] = false; + js["Error"] = "This recording is still recording.. ho ho"; + return true; + } + + if (recording->Delete()) + { + ::Recordings.DelByName(recording->FileName()); + js["Result"] = true; + } + else + { + js["Result"] = false; + js["Error"] = "Failed to delete recording"; + } + + return true; +} + +bool jsonserver_recmove(Json::Value& js, const char* postData) +{ + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "recmove"); + + char sFileName[1000]; int mgv1 = mg_get_var(postData, strlen(postData), "filename", sFileName, 1000); + char sNewPath[1000]; int mgv2 = mg_get_var(postData, strlen(postData), "newpath", sNewPath, 1000); + + if ( (mgv1 == -1) || (mgv2 == -1) || !strlen(sFileName) || !strlen(sNewPath) ) + { + log->log("JSONServer", Log::ERR, "request mgvs: %i %i", mgv1, mgv2); + js["Result"] = false; + js["Error"] = "Bad request parameters"; + return true; + } + + cRecordings Recordings; + Recordings.Load(); // probably have to do this + cRecording* recording = Recordings.GetByName(sFileName); + + if (!recording) + { + log->log("JSONServer", Log::ERR, "Could not find recording to move"); + js["Result"] = false; + js["Error"] = "Bad filename"; + return true; + } + + cRecordControl *rc = cRecordControls::GetRecordControl(recording->FileName()); + if (rc) + { + log->log("JSONServer", Log::ERR, "Could not move recording, it is still recording"); + js["Result"] = false; + js["Error"] = "Cannot move recording in progress"; + return true; + } + + log->log("JSONServer", Log::DEBUG, "moving recording: %s", recording->Name()); + log->log("JSONServer", Log::DEBUG, "moving recording: %s", recording->FileName()); + log->log("JSONServer", Log::DEBUG, "to: %s", sNewPath); + + const char* t = recording->FileName(); + + char* dateDirName = NULL; int k; + char* titleDirName = NULL; int j; + char* newContainer = NULL; + + // Find the datedirname + for(k = strlen(t) - 1; k >= 0; k--) + { + if (t[k] == '/') + { + log->log("JSONServer", Log::DEBUG, "l1: %i", strlen(&t[k+1]) + 1); + dateDirName = new char[strlen(&t[k+1]) + 1]; + strcpy(dateDirName, &t[k+1]); + break; + } + } + + // Find the titledirname + + for(j = k-1; j >= 0; j--) + { + if (t[j] == '/') + { + log->log("JSONServer", Log::DEBUG, "l2: %i", (k - j - 1) + 1); + titleDirName = new char[(k - j - 1) + 1]; + memcpy(titleDirName, &t[j+1], k - j - 1); + titleDirName[k - j - 1] = '\0'; + break; + } + } + + log->log("JSONServer", Log::DEBUG, "datedirname: %s", dateDirName); + log->log("JSONServer", Log::DEBUG, "titledirname: %s", titleDirName); + log->log("JSONServer", Log::DEBUG, "viddir: %s", VideoDirectory); + + ExchangeChars(sNewPath, true); + log->log("JSONServer", Log::DEBUG, "EC: %s", sNewPath); + + newContainer = new char[strlen(VideoDirectory) + strlen(sNewPath) + strlen(titleDirName) + 1]; + log->log("JSONServer", Log::DEBUG, "l10: %i", strlen(VideoDirectory) + strlen(sNewPath) + strlen(titleDirName) + 1); + sprintf(newContainer, "%s%s%s", VideoDirectory, sNewPath, titleDirName); + log->log("JSONServer", Log::DEBUG, "%s", newContainer); + + struct stat dstat; + int statret = stat(newContainer, &dstat); + if ((statret == -1) && (errno == ENOENT)) // Dir does not exist + { + log->log("JSONServer", Log::DEBUG, "new dir does not exist"); + int mkdirret = mkdir(newContainer, 0755); + if (mkdirret != 0) + { + delete[] dateDirName; + delete[] titleDirName; + delete[] newContainer; + + log->log("JSONServer", Log::ERR, "Failed to make new dir"); + js["Result"] = false; + js["Error"] = "Failed to create new directory"; + return true; + } + } + else if ((statret == 0) && (! (dstat.st_mode && S_IFDIR))) // Something exists but it's not a dir + { + delete[] dateDirName; + delete[] titleDirName; + delete[] newContainer; + + log->log("JSONServer", Log::ERR, "Something already exists?"); + js["Result"] = false; + js["Error"] = "Something already exists at the new path"; + return true; + } + + // Ok, the directory container has been made, or it pre-existed. + + char* newDir = new char[strlen(newContainer) + 1 + strlen(dateDirName) + 1]; + sprintf(newDir, "%s/%s", newContainer, dateDirName); + + log->log("JSONServer", Log::DEBUG, "doing rename '%s' '%s'", t, newDir); + int renameret = rename(t, newDir); + if (renameret == 0) + { + // Success. Test for remove old dir containter + char* oldTitleDir = new char[k+1]; + memcpy(oldTitleDir, t, k); + oldTitleDir[k] = '\0'; + log->log("JSONServer", Log::DEBUG, "len: %i, cp: %i, strlen: %i, oldtitledir: %s", k+1, k, strlen(oldTitleDir), oldTitleDir); + rmdir(oldTitleDir); // can't do anything about a fail result at this point. + delete[] oldTitleDir; + + ::Recordings.Update(); + js["Result"] = true; + } + else + { + log->log("JSONServer", Log::ERR, "Rename failed"); + js["Result"] = false; + js["Error"] = "Move failed"; + } + + delete[] dateDirName; + delete[] titleDirName; + delete[] newContainer; + delete[] newDir; + + return true; +} + +bool jsonserver_channellist(Json::Value& js) +{ + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "channellist"); + + Json::Value jschannels; + + int type; + for (cChannel *channel = Channels.First(); channel; channel = Channels.Next(channel)) + { + if (!channel->GroupSep()) + { + log->log("JSONServer", Log::DEBUG, "name: '%s'", channel->Name()); + + if (channel->Vpid()) type = 1; + else if (channel->Apid(0)) type = 2; + else continue; + + Json::Value oneChannel; + oneChannel["Number"] = channel->Number(); + oneChannel["Type"] = type; + oneChannel["Name"] = channel->Name(); +#if VDRVERSNUM < 10703 + oneChannel["VType"] = 2; +#else + oneChannel["VType"] = channel->Vtype(); +#endif + jschannels.append(oneChannel); + } + } + js["Channels"] = jschannels; + + return true; +} + +bool jsonserver_channelschedule(Json::Value& js, const char* postData) +{ + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "channelschedule '%s'", postData); + + char sChannelNumber[15]; int mgv1 = mg_get_var(postData, strlen(postData), "channelnumber", sChannelNumber, 15); + char sStartTime[15]; int mgv2 = mg_get_var(postData, strlen(postData), "starttime", sStartTime, 15); + char sDuration[15]; int mgv3 = mg_get_var(postData, strlen(postData), "duration", sDuration, 15); + + if ( (mgv1 == -1) || (mgv2 == -1) || (mgv3 == -1) ) + { + log->log("JSONServer", Log::ERR, "request mgvs: %i %i %i", mgv1, mgv2, mgv3); + js["Result"] = false; + js["Error"] = "Bad request parameters"; + return true; + } + + int channelNumber = atoi(sChannelNumber); + int startTime = atoi(sStartTime); + int duration = atoi(sDuration); + + cChannel* channel = NULL; + for (channel = Channels.First(); channel; channel = Channels.Next(channel)) + { + if (channel->GroupSep()) continue; + if (channel->Number() == channelNumber) break; + } + + if (!channel) + { + log->log("JSONServer", Log::ERR, "Could not find requested channel: %i", channelNumber); + js["Result"] = false; + js["Error"] = "Could not find channel"; + return true; + } + + cSchedulesLock MutexLock; + const cSchedules *Schedules = cSchedules::Schedules(MutexLock); + if (!Schedules) + { + log->log("JSONServer", Log::ERR, "Could not find requested channel: %i", channelNumber); + js["Result"] = false; + js["Error"] = "Internal schedules error (1)"; + return true; + } + const cSchedule *Schedule = Schedules->GetSchedule(channel->GetChannelID()); + if (!Schedule) + { + log->log("JSONServer", Log::ERR, "Could not find requested channel: %i", channelNumber); + js["Result"] = false; + js["Error"] = "Internal schedules error (2)"; + return true; + } + + Json::Value jsevents; + + for (const cEvent* event = Schedule->Events()->First(); event; event = Schedule->Events()->Next(event)) + { + //in the past filter + if ((event->StartTime() + event->Duration()) < time(NULL)) continue; + //start time filter + if ((event->StartTime() + event->Duration()) <= startTime) continue; + //duration filter + if (event->StartTime() >= (startTime + duration)) continue; + + Json::Value oneEvent; + oneEvent["ID"] = event->EventID(); + oneEvent["Time"] = (Json::UInt)event->StartTime(); + oneEvent["Duration"] = event->Duration(); + oneEvent["Title"] = event->Title() ? event->Title() : ""; + oneEvent["Description"] = event->Description() ? event->Description() : ""; + jsevents.append(oneEvent); + } + + js["Events"] = jsevents; + return true; +} + +bool jsonserver_timerlist(Json::Value& js) +{ + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "timerlist"); + + Json::Value jstimers; + + cTimer *timer; + int numTimers = Timers.Count(); + + for (int i = 0; i < numTimers; i++) + { + timer = Timers.Get(i); + Json::Value oneTimer; + oneTimer["Active"] = timer->HasFlags(tfActive); + oneTimer["Recording"] = timer->Recording(); + oneTimer["Pending"] = timer->Pending(); + oneTimer["Priority"] = timer->Priority(); + oneTimer["Lifetime"] = timer->Lifetime(); + oneTimer["ChannelNumber"] = timer->Channel()->Number(); + oneTimer["StartTime"] = (int)timer->StartTime(); + oneTimer["StopTime"] = (int)timer->StopTime(); + oneTimer["Day"] = (int)timer->Day(); + oneTimer["WeekDays"] = timer->WeekDays(); + oneTimer["Name"] = timer->File(); + jstimers.append(oneTimer); + } + + js["Timers"] = jstimers; + return true; +} + +bool jsonserver_timerdel(Json::Value& js, const char* postData) +{ + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "timerdel"); + + char sdelChannel[15]; int mgv1 = mg_get_var(postData, strlen(postData), "delchannel", sdelChannel, 15); + char sdelWeekdays[15]; int mgv2 = mg_get_var(postData, strlen(postData), "delweekdays", sdelWeekdays, 15); + char sdelDay[15]; int mgv3 = mg_get_var(postData, strlen(postData), "delday", sdelDay, 15); + char sdelStart[15]; int mgv4 = mg_get_var(postData, strlen(postData), "delstart", sdelStart, 15); + char sdelStop[15]; int mgv5 = mg_get_var(postData, strlen(postData), "delstop", sdelStop, 15); + + if ( (mgv1 == -1) || (mgv2 == -1) || (mgv3 == -1) || (mgv4 == -1) || (mgv5 == -1) ) + { + log->log("JSONServer", Log::ERR, "request mgvs: %i %i %i %i %i", mgv1, mgv2, mgv3, mgv4, mgv5); + js["Result"] = false; + js["Error"] = "Bad request parameters"; + return true; + } + + int delChannel = atoi(sdelChannel); + int delWeekdays = atoi(sdelWeekdays); + int delDay = atoi(sdelDay); + int delStart = atoi(sdelStart); + int delStop = atoi(sdelStop); + + cTimer* ti = NULL; + for (ti = Timers.First(); ti; ti = Timers.Next(ti)) + { + if ( (ti->Channel()->Number() == delChannel) + && ((ti->WeekDays() && (ti->WeekDays() == delWeekdays)) || (!ti->WeekDays() && (ti->Day() == delDay))) + && (ti->StartTime() == delStart) + && (ti->StopTime() == delStop) ) + break; + } + + if (!ti) + { + log->log("JSONServer", Log::ERR, "Could not find timer"); + js["Result"] = false; + js["Error"] = "Could not find timer"; + return true; + } + + if (Timers.BeingEdited()) + { + log->log("JSONServer", Log::ERR, "Unable to delete timer - timers being edited at VDR"); + js["Result"] = false; + js["Error"] = "Timers being edited at VDR"; + return true; + } + + if (ti->Recording()) + { + log->log("JSONServer", Log::ERR, "Unable to delete timer - timer is running"); + js["Result"] = false; + js["Error"] = "Timer is running"; + return true; + } + + Timers.Del(ti); + Timers.SetModified(); + js["Result"] = true; + + return true; +} + +bool jsonserver_timerset(Json::Value& js, const char* postData) +{ + Log* log = Log::getInstance(); + log->log("JSONServer", Log::DEBUG, "timerset"); + + char sTimerString[1024]; int mgv1 = mg_get_var(postData, strlen(postData), "timerstring", sTimerString, 1024); + + if (mgv1 == -1) + { + log->log("JSONServer", Log::ERR, "Could not get timerstring"); + js["Result"] = false; + js["Error"] = "Bad request parameters"; + return true; + } + + log->log("JSONServer", Log::DEBUG, "'%s'", sTimerString); + cTimer *timer = new cTimer; + if (!timer->Parse(sTimerString)) + { + delete timer; + js["Result"] = false; + js["Error"] = "Failed to parse timer request details"; + return true; + } + + cTimer *t = Timers.GetTimer(timer); + if (t) + { + delete timer; + js["Result"] = false; + js["Error"] = "Timer already exists"; + return true; + } + + Timers.Add(timer); + Timers.SetModified(); + js["Result"] = true; + return true; +} + diff --git a/handler.h b/handler.h new file mode 100644 index 0000000..e58993a --- /dev/null +++ b/handler.h @@ -0,0 +1,20 @@ +#ifndef JSONSERVERHANDLER_H +#define JSONSERVERHANDLER_H + +#include +#include "mongoose.h" + +int jsonserver_request_handler(struct mg_connection* conn); + +bool jsonserver_reclist(Json::Value& js); +bool jsonserver_recinfo(Json::Value& js, const char* postData); +bool jsonserver_recdel(Json::Value& js, const char* postData); +bool jsonserver_recmove(Json::Value& js, const char* postData); +bool jsonserver_channellist(Json::Value& js); +bool jsonserver_channelschedule(Json::Value& js, const char* postData); +bool jsonserver_timerlist(Json::Value& js); +bool jsonserver_timerdel(Json::Value& js, const char* postData); +bool jsonserver_timerset(Json::Value& js, const char* postData); + +#endif + diff --git a/jsonserver.c b/jsonserver.c new file mode 100644 index 0000000..2e4ede0 --- /dev/null +++ b/jsonserver.c @@ -0,0 +1,169 @@ +/* + * jsonserver.c: A plugin for the Video Disk Recorder + * + * See the README file for copyright information and how to reach the author. + * + */ + +#include + +#include "mongoose.h" +#include "handler.h" +#include "log.h" + +static const char *VERSION = "0.0.1"; +static const char *DESCRIPTION = "JSON data server plugin for VDR"; +static const char *MAINMENUENTRY = "Jsonserver"; + +class cPluginJsonserver : public cPlugin { +private: + // Add any member variables or functions you may need here. + struct mg_context *mg; + Log* log; +public: + cPluginJsonserver(void); + virtual ~cPluginJsonserver(); + virtual const char *Version(void) { return VERSION; } + virtual const char *Description(void) { return DESCRIPTION; } + virtual const char *CommandLineHelp(void); + virtual bool ProcessArgs(int argc, char *argv[]); + virtual bool Initialize(void); + virtual bool Start(void); + virtual void Stop(void); + virtual void Housekeeping(void); + virtual void MainThreadHook(void); + virtual cString Active(void); + virtual time_t WakeupTime(void); + virtual const char *MainMenuEntry(void) { return MAINMENUENTRY; } + virtual cOsdObject *MainMenuAction(void); + virtual cMenuSetupPage *SetupMenu(void); + virtual bool SetupParse(const char *Name, const char *Value); + virtual bool Service(const char *Id, void *Data = NULL); + virtual const char **SVDRPHelpPages(void); + virtual cString SVDRPCommand(const char *Command, const char *Option, int &ReplyCode); + }; + +cPluginJsonserver::cPluginJsonserver(void) +{ + // Initialize any member variables here. + // DON'T DO ANYTHING ELSE THAT MAY HAVE SIDE EFFECTS, REQUIRE GLOBAL + // VDR OBJECTS TO EXIST OR PRODUCE ANY OUTPUT! + + log = new Log(); + if (log) log->init(Log::DEBUG, "/tmp/jsonserver.log"); +} + +cPluginJsonserver::~cPluginJsonserver() +{ + // Clean up after yourself! + delete log; + log = NULL; +} + +const char *cPluginJsonserver::CommandLineHelp(void) +{ + // Return a string that describes all known command line options. + return NULL; +} + +bool cPluginJsonserver::ProcessArgs(int argc, char *argv[]) +{ + // Implement command line argument processing here if applicable. + return true; +} + +bool cPluginJsonserver::Initialize(void) +{ + // Initialize any background activities the plugin shall perform. + return true; +} + +bool cPluginJsonserver::Start(void) +{ + // Start any background activities the plugin shall perform. + + // Make Mongoose options + const char *options[] = + { + "document_root", "/home/chris/dvb/vdr-1.7.32/PLUGINS/src/jsonserver/docroot", + "listening_ports", "8005", + "num_threads", "5", + NULL + }; + + // Prepare callbacks structure. We have only one callback, the rest are NULL. + struct mg_callbacks callbacks; + memset(&callbacks, 0, sizeof(callbacks)); + callbacks.begin_request = jsonserver_request_handler; + + mg = mg_start(&callbacks, NULL, options); + log->log("JSONServer", Log::INFO, "Mongoose started"); + return true; +} + +void cPluginJsonserver::Stop(void) +{ + // Stop any background activities the plugin is performing. + mg_stop(mg); +} + +void cPluginJsonserver::Housekeeping(void) +{ + // Perform any cleanup or other regular tasks. +} + +void cPluginJsonserver::MainThreadHook(void) +{ + // Perform actions in the context of the main program thread. + // WARNING: Use with great care - see PLUGINS.html! +} + +cString cPluginJsonserver::Active(void) +{ + // Return a message string if shutdown should be postponed + return NULL; +} + +time_t cPluginJsonserver::WakeupTime(void) +{ + // Return custom wakeup time for shutdown script + return 0; +} + +cOsdObject *cPluginJsonserver::MainMenuAction(void) +{ + // Perform the action when selected from the main VDR menu. + return NULL; +} + +cMenuSetupPage *cPluginJsonserver::SetupMenu(void) +{ + // Return a setup menu in case the plugin supports one. + return NULL; +} + +bool cPluginJsonserver::SetupParse(const char *Name, const char *Value) +{ + // Parse your own setup parameters and store their values. + return false; +} + +bool cPluginJsonserver::Service(const char *Id, void *Data) +{ + // Handle custom service requests from other plugins + return false; +} + +const char **cPluginJsonserver::SVDRPHelpPages(void) +{ + // Return help text for SVDRP commands this plugin implements + return NULL; +} + +cString cPluginJsonserver::SVDRPCommand(const char *Command, const char *Option, int &ReplyCode) +{ + // Process SVDRP commands this plugin implements + return NULL; +} + +VDRPLUGINCREATOR(cPluginJsonserver); // Don't touch this! diff --git a/log.c b/log.c new file mode 100644 index 0000000..49a9add --- /dev/null +++ b/log.c @@ -0,0 +1,158 @@ +/* + Copyright 2004-2013 Chris Tallon + Copyright 2003-2004 University Of Bradford + + This file is part of VOMP. + + VOMP is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + VOMP is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with VOMP; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#include +#include +#include +#include + +#include "log.h" + +Log* Log::instance = NULL; + +Log::Log() +{ + if (instance) return; + instance = this; + logfile = NULL; + initted = 0; + logLevel = 0; +} + +Log::~Log() +{ + instance = NULL; +} + +Log* Log::getInstance() +{ + return instance; +} + +void Log::upLogLevel() +{ + if (!initted) return; + + if (logLevel == Log::DEBUG) + { + log("Log", logLevel, "Log level is at its highest already"); + return; + } + + logLevel++; + log("Log", logLevel, "Log level is now %i", logLevel); +} + +void Log::downLogLevel() +{ + if (!initted) return; + + if (logLevel == Log::CRAZY) + { + log("Log", logLevel, "Log level is at its lowest already"); + return; + } + + logLevel--; + log("Log", logLevel, "Log level is now %i", logLevel); +} + +int Log::init(int startLogLevel, const char* fileName) +{ + logLevel = startLogLevel; + + logfile = fopen(fileName, "a"); + if (logfile) + { + initted = 1; + return 1; + } + else + { + return 0; + } +} + +int Log::shutdown() +{ + if (!initted) return 1; + initted = 0; + if (logfile) fclose(logfile); + return 1; +} + +int Log::log(const char *fromModule, int level, const char* message, ...) +{ + if (!initted) return 0; + + if (level > logLevel) return 1; + + int lineLength = 250; + + char buffer[lineLength + 1]; + int spaceLeft = lineLength; + + struct timeval tv; + gettimeofday(&tv, NULL); + struct tm* tm = localtime(&tv.tv_sec); + spaceLeft -= strftime(buffer, spaceLeft, "%H:%M:%S.", tm); + spaceLeft -= snprintf(&buffer[lineLength-spaceLeft], spaceLeft, "%06lu ", (unsigned long)tv.tv_usec); + + + char levelString[10]; + if (level == CRAZY) strcpy(levelString, "[CRAZY] "); + if (level == EMERG) strcpy(levelString, "[EMERG] "); + if (level == ALERT) strcpy(levelString, "[ALERT] "); + if (level == CRIT) strcpy(levelString, "[CRIT] "); + if (level == ERR) strcpy(levelString, "[ERR] "); + if (level == WARN) strcpy(levelString, "[WARN] "); + if (level == NOTICE) strcpy(levelString, "[notice]"); + if (level == INFO) strcpy(levelString, "[info] "); + if (level == DEBUG) strcpy(levelString, "[debug] "); + + spaceLeft -= snprintf(&buffer[lineLength-spaceLeft], spaceLeft, "%s %s - ", levelString, fromModule); + + va_list ap; + va_start(ap, message); + spaceLeft = vsnprintf(&buffer[lineLength-spaceLeft], spaceLeft, message, ap); + va_end(ap); + + int messageLength = strlen(buffer); + if (messageLength < lineLength) + { + buffer[messageLength] = '\n'; + buffer[messageLength+1] = '\0'; + } + else + { + buffer[lineLength-1] = '\n'; + buffer[lineLength] = '\0'; + } + + int success = fputs(buffer, logfile); + fflush(NULL); + + if (success != EOF) + return 1; + else + return 0; + +} diff --git a/log.h b/log.h new file mode 100644 index 0000000..50741d2 --- /dev/null +++ b/log.h @@ -0,0 +1,84 @@ +/* + Copyright 2004-2013 Chris Tallon + Copyright 2003-2004 University Of Bradford + + This file is part of VOMP. + + VOMP is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + VOMP is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with VOMP; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#ifndef LOG_H +#define LOG_H + +#include + +class Log +{ + public: + Log(); + ~Log(); + static Log* getInstance(); + + int init(int defaultLevel, const char* fileName); + int shutdown(); + int log(const char *fromModule, int level, const char *message, ...); + void upLogLevel(); + void downLogLevel(); + + const static int CRAZY = 0; // mad crazy things that should never happen + const static int EMERG = 1; // human assist required NOW + const static int ALERT = 2; // system unusable, but happy to sit there + const static int CRIT = 3; // still working, but maybe about to die + const static int ERR = 4; // that response is not even listed... + const static int WARN = 5; // this could be a bad thing. still running tho + const static int NOTICE = 6; // significant good thing + const static int INFO = 7; // verbose good thing + const static int DEBUG = 8; // debug-level messages + + private: + static Log* instance; + int initted; + int logLevel; + int enabled; + + FILE *logfile; +}; + +#endif + +/* + +Documentation +------------- + +This class is intended to be instatiated once by the core. +For a one off use: + +Log::getInstance()->log("", Log::, ""); + +Or, a pointer can be stored and used: + +Log *myptr = Log::getInstance(); + +myptr->log("", Log::, ""); +myptr->log("", Log::, ""); + +Level usages are above. + +The message parameter in the log function can be used in the same way as printf, eg. + +myptr->log("", Log::, "Success: %s %i", stringpointer, integer); + +*/ diff --git a/mongoose.c b/mongoose.c new file mode 100644 index 0000000..6fc3d17 --- /dev/null +++ b/mongoose.c @@ -0,0 +1,5180 @@ +// Copyright (c) 2004-2013 Sergey Lyubka +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. + +#if defined(_WIN32) +#define _CRT_SECURE_NO_WARNINGS // Disable deprecation warning in VS2005 +#else +#ifdef __linux__ +#define _XOPEN_SOURCE 600 // For flockfile() on Linux +#endif +//#define _LARGEFILE_SOURCE // Enable 64-bit file offsets +#define __STDC_FORMAT_MACROS // wants this for C++ +#define __STDC_LIMIT_MACROS // C++ wants that for INT64_MAX +#endif + +#if defined (_MSC_VER) +// conditional expression is constant: introduced by FD_SET(..) +#pragma warning (disable : 4127) +// non-constant aggregate initializer: issued due to missing C99 support +#pragma warning (disable : 4204) +#endif + +// Disable WIN32_LEAN_AND_MEAN. +// This makes windows.h always include winsock2.h +#ifdef WIN32_LEAN_AND_MEAN +#undef WIN32_LEAN_AND_MEAN +#endif + +#if defined(__SYMBIAN32__) +#define NO_SSL // SSL is not supported +#define NO_CGI // CGI is not supported +#define PATH_MAX FILENAME_MAX +#endif // __SYMBIAN32__ + +#ifndef _WIN32_WCE // Some ANSI #includes are not available on Windows CE +#include +#include +#include +#include +#include +#endif // !_WIN32_WCE + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#if defined(_WIN32) && !defined(__SYMBIAN32__) // Windows specific +#define _WIN32_WINNT 0x0400 // To make it link in VS2005 +#include + +#ifndef PATH_MAX +#define PATH_MAX MAX_PATH +#endif + +#ifndef _WIN32_WCE +#include +#include +#include +#else // _WIN32_WCE +#define NO_CGI // WinCE has no pipes + +typedef long off_t; + +#define errno GetLastError() +#define strerror(x) _ultoa(x, (char *) _alloca(sizeof(x) *3 ), 10) +#endif // _WIN32_WCE + +#define MAKEUQUAD(lo, hi) ((uint64_t)(((uint32_t)(lo)) | \ + ((uint64_t)((uint32_t)(hi))) << 32)) +#define RATE_DIFF 10000000 // 100 nsecs +#define EPOCH_DIFF MAKEUQUAD(0xd53e8000, 0x019db1de) +#define SYS2UNIX_TIME(lo, hi) \ + (time_t) ((MAKEUQUAD((lo), (hi)) - EPOCH_DIFF) / RATE_DIFF) + +// Visual Studio 6 does not know __func__ or __FUNCTION__ +// The rest of MS compilers use __FUNCTION__, not C99 __func__ +// Also use _strtoui64 on modern M$ compilers +#if defined(_MSC_VER) && _MSC_VER < 1300 +#define STRX(x) #x +#define STR(x) STRX(x) +#define __func__ __FILE__ ":" STR(__LINE__) +#define strtoull(x, y, z) strtoul(x, y, z) +#define strtoll(x, y, z) strtol(x, y, z) +#else +#define __func__ __FUNCTION__ +#define strtoull(x, y, z) _strtoui64(x, y, z) +#define strtoll(x, y, z) _strtoi64(x, y, z) +#endif // _MSC_VER + +#define ERRNO GetLastError() +#define NO_SOCKLEN_T +#define SSL_LIB "ssleay32.dll" +#define CRYPTO_LIB "libeay32.dll" +#define O_NONBLOCK 0 +#if !defined(EWOULDBLOCK) +#define EWOULDBLOCK WSAEWOULDBLOCK +#endif // !EWOULDBLOCK +#define _POSIX_ +#define INT64_FMT "I64d" + +#define WINCDECL __cdecl +#define SHUT_WR 1 +#define snprintf _snprintf +#define vsnprintf _vsnprintf +#define mg_sleep(x) Sleep(x) + +#define pipe(x) _pipe(x, MG_BUF_LEN, _O_BINARY) +#define popen(x, y) _popen(x, y) +#define pclose(x) _pclose(x) +#define close(x) _close(x) +#define dlsym(x,y) GetProcAddress((HINSTANCE) (x), (y)) +#define RTLD_LAZY 0 +#define fseeko(x, y, z) _lseeki64(_fileno(x), (y), (z)) +#define fdopen(x, y) _fdopen((x), (y)) +#define write(x, y, z) _write((x), (y), (unsigned) z) +#define read(x, y, z) _read((x), (y), (unsigned) z) +#define flockfile(x) EnterCriticalSection(&global_log_file_lock) +#define funlockfile(x) LeaveCriticalSection(&global_log_file_lock) +#define sleep(x) Sleep((x) * 1000) +#define va_copy(x, y) x = y + +#if !defined(fileno) +#define fileno(x) _fileno(x) +#endif // !fileno MINGW #defines fileno + +typedef HANDLE pthread_mutex_t; +typedef struct {HANDLE signal, broadcast;} pthread_cond_t; +typedef DWORD pthread_t; +#define pid_t HANDLE // MINGW typedefs pid_t to int. Using #define here. + +static int pthread_mutex_lock(pthread_mutex_t *); +static int pthread_mutex_unlock(pthread_mutex_t *); +static void to_unicode(const char *path, wchar_t *wbuf, size_t wbuf_len); +struct file; +static char *mg_fgets(char *buf, size_t size, struct file *filep, char **p); + +#if defined(HAVE_STDINT) +#include +#else +typedef unsigned int uint32_t; +typedef unsigned short uint16_t; +typedef unsigned __int64 uint64_t; +typedef __int64 int64_t; +#define INT64_MAX 9223372036854775807 +#endif // HAVE_STDINT + +// POSIX dirent interface +struct dirent { + char d_name[PATH_MAX]; +}; + +typedef struct DIR { + HANDLE handle; + WIN32_FIND_DATAW info; + struct dirent result; +} DIR; + +#ifndef HAS_POLL +struct pollfd { + int fd; + short events; + short revents; +}; +#define POLLIN 1 +#endif + + +// Mark required libraries +#pragma comment(lib, "Ws2_32.lib") + +#else // UNIX specific +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#if !defined(NO_SSL_DL) && !defined(NO_SSL) +#include +#endif +#include +#if defined(__MACH__) +#define SSL_LIB "libssl.dylib" +#define CRYPTO_LIB "libcrypto.dylib" +#else +#if !defined(SSL_LIB) +#define SSL_LIB "libssl.so" +#endif +#if !defined(CRYPTO_LIB) +#define CRYPTO_LIB "libcrypto.so" +#endif +#endif +#ifndef O_BINARY +#define O_BINARY 0 +#endif // O_BINARY +#define closesocket(a) close(a) +#define mg_mkdir(x, y) mkdir(x, y) +#define mg_remove(x) remove(x) +#define mg_rename(x, y) rename(x, y) +#define mg_sleep(x) usleep((x) * 1000) +#define ERRNO errno +#define INVALID_SOCKET (-1) +#define INT64_FMT PRId64 +typedef int SOCKET; +#define WINCDECL + +#endif // End of Windows and UNIX specific includes + +#include "mongoose.h" + +#ifdef USE_LUA +#include +#include +#endif + +#define MONGOOSE_VERSION "3.7" +#define PASSWORDS_FILE_NAME ".htpasswd" +#define CGI_ENVIRONMENT_SIZE 4096 +#define MAX_CGI_ENVIR_VARS 64 +#define MG_BUF_LEN 8192 +#define MAX_REQUEST_SIZE 16384 +#define ARRAY_SIZE(array) (sizeof(array) / sizeof(array[0])) + +#ifdef _WIN32 +static CRITICAL_SECTION global_log_file_lock; +static pthread_t pthread_self(void) { + return GetCurrentThreadId(); +} +#endif // _WIN32 + +#ifdef DEBUG_TRACE +#undef DEBUG_TRACE +#define DEBUG_TRACE(x) +#else +#if defined(DEBUG) +#define DEBUG_TRACE(x) do { \ + flockfile(stdout); \ + printf("*** %lu.%p.%s.%d: ", \ + (unsigned long) time(NULL), (void *) pthread_self(), \ + __func__, __LINE__); \ + printf x; \ + putchar('\n'); \ + fflush(stdout); \ + funlockfile(stdout); \ +} while (0) +#else +#define DEBUG_TRACE(x) +#endif // DEBUG +#endif // DEBUG_TRACE + +// Darwin prior to 7.0 and Win32 do not have socklen_t +#ifdef NO_SOCKLEN_T +typedef int socklen_t; +#endif // NO_SOCKLEN_T +#define _DARWIN_UNLIMITED_SELECT + +#if !defined(MSG_NOSIGNAL) +#define MSG_NOSIGNAL 0 +#endif + +#if !defined(SOMAXCONN) +#define SOMAXCONN 100 +#endif + +#if !defined(PATH_MAX) +#define PATH_MAX 4096 +#endif + +static const char *http_500_error = "Internal Server Error"; + +#if defined(NO_SSL_DL) +#include +#else +// SSL loaded dynamically from DLL. +// I put the prototypes here to be independent from OpenSSL source installation. +typedef struct ssl_st SSL; +typedef struct ssl_method_st SSL_METHOD; +typedef struct ssl_ctx_st SSL_CTX; + +struct ssl_func { + const char *name; // SSL function name + void (*ptr)(void); // Function pointer +}; + +#define SSL_free (* (void (*)(SSL *)) ssl_sw[0].ptr) +#define SSL_accept (* (int (*)(SSL *)) ssl_sw[1].ptr) +#define SSL_connect (* (int (*)(SSL *)) ssl_sw[2].ptr) +#define SSL_read (* (int (*)(SSL *, void *, int)) ssl_sw[3].ptr) +#define SSL_write (* (int (*)(SSL *, const void *,int)) ssl_sw[4].ptr) +#define SSL_get_error (* (int (*)(SSL *, int)) ssl_sw[5].ptr) +#define SSL_set_fd (* (int (*)(SSL *, SOCKET)) ssl_sw[6].ptr) +#define SSL_new (* (SSL * (*)(SSL_CTX *)) ssl_sw[7].ptr) +#define SSL_CTX_new (* (SSL_CTX * (*)(SSL_METHOD *)) ssl_sw[8].ptr) +#define SSLv23_server_method (* (SSL_METHOD * (*)(void)) ssl_sw[9].ptr) +#define SSL_library_init (* (int (*)(void)) ssl_sw[10].ptr) +#define SSL_CTX_use_PrivateKey_file (* (int (*)(SSL_CTX *, \ + const char *, int)) ssl_sw[11].ptr) +#define SSL_CTX_use_certificate_file (* (int (*)(SSL_CTX *, \ + const char *, int)) ssl_sw[12].ptr) +#define SSL_CTX_set_default_passwd_cb \ + (* (void (*)(SSL_CTX *, mg_callback_t)) ssl_sw[13].ptr) +#define SSL_CTX_free (* (void (*)(SSL_CTX *)) ssl_sw[14].ptr) +#define SSL_load_error_strings (* (void (*)(void)) ssl_sw[15].ptr) +#define SSL_CTX_use_certificate_chain_file \ + (* (int (*)(SSL_CTX *, const char *)) ssl_sw[16].ptr) +#define SSLv23_client_method (* (SSL_METHOD * (*)(void)) ssl_sw[17].ptr) +#define SSL_pending (* (int (*)(SSL *)) ssl_sw[18].ptr) +#define SSL_CTX_set_verify (* (void (*)(SSL_CTX *, int, int)) ssl_sw[19].ptr) + +#define CRYPTO_num_locks (* (int (*)(void)) crypto_sw[0].ptr) +#define CRYPTO_set_locking_callback \ + (* (void (*)(void (*)(int, int, const char *, int))) crypto_sw[1].ptr) +#define CRYPTO_set_id_callback \ + (* (void (*)(unsigned long (*)(void))) crypto_sw[2].ptr) +#define ERR_get_error (* (unsigned long (*)(void)) crypto_sw[3].ptr) +#define ERR_error_string (* (char * (*)(unsigned long,char *)) crypto_sw[4].ptr) + +// set_ssl_option() function updates this array. +// It loads SSL library dynamically and changes NULLs to the actual addresses +// of respective functions. The macros above (like SSL_connect()) are really +// just calling these functions indirectly via the pointer. +static struct ssl_func ssl_sw[] = { + {"SSL_free", NULL}, + {"SSL_accept", NULL}, + {"SSL_connect", NULL}, + {"SSL_read", NULL}, + {"SSL_write", NULL}, + {"SSL_get_error", NULL}, + {"SSL_set_fd", NULL}, + {"SSL_new", NULL}, + {"SSL_CTX_new", NULL}, + {"SSLv23_server_method", NULL}, + {"SSL_library_init", NULL}, + {"SSL_CTX_use_PrivateKey_file", NULL}, + {"SSL_CTX_use_certificate_file",NULL}, + {"SSL_CTX_set_default_passwd_cb",NULL}, + {"SSL_CTX_free", NULL}, + {"SSL_load_error_strings", NULL}, + {"SSL_CTX_use_certificate_chain_file", NULL}, + {"SSLv23_client_method", NULL}, + {"SSL_pending", NULL}, + {"SSL_CTX_set_verify", NULL}, + {NULL, NULL} +}; + +// Similar array as ssl_sw. These functions could be located in different lib. +#if !defined(NO_SSL) +static struct ssl_func crypto_sw[] = { + {"CRYPTO_num_locks", NULL}, + {"CRYPTO_set_locking_callback", NULL}, + {"CRYPTO_set_id_callback", NULL}, + {"ERR_get_error", NULL}, + {"ERR_error_string", NULL}, + {NULL, NULL} +}; +#endif // NO_SSL +#endif // NO_SSL_DL + +static const char *month_names[] = { + "Jan", "Feb", "Mar", "Apr", "May", "Jun", + "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" +}; + +// Unified socket address. For IPv6 support, add IPv6 address structure +// in the union u. +union usa { + struct sockaddr sa; + struct sockaddr_in sin; +#if defined(USE_IPV6) + struct sockaddr_in6 sin6; +#endif +}; + +// Describes a string (chunk of memory). +struct vec { + const char *ptr; + size_t len; +}; + +struct file { + int is_directory; + time_t modification_time; + int64_t size; + FILE *fp; + const char *membuf; // Non-NULL if file data is in memory +}; +#define STRUCT_FILE_INITIALIZER {0, 0, 0, NULL, NULL} + +// Describes listening socket, or socket which was accept()-ed by the master +// thread and queued for future handling by the worker thread. +struct socket { + SOCKET sock; // Listening socket + union usa lsa; // Local socket address + union usa rsa; // Remote socket address + unsigned is_ssl:1; // Is port SSL-ed + unsigned ssl_redir:1; // Is port supposed to redirect everything to SSL port +}; + +// NOTE(lsm): this enum shoulds be in sync with the config_options below. +enum { + CGI_EXTENSIONS, CGI_ENVIRONMENT, PUT_DELETE_PASSWORDS_FILE, CGI_INTERPRETER, + PROTECT_URI, AUTHENTICATION_DOMAIN, SSI_EXTENSIONS, THROTTLE, + ACCESS_LOG_FILE, ENABLE_DIRECTORY_LISTING, ERROR_LOG_FILE, + GLOBAL_PASSWORDS_FILE, INDEX_FILES, ENABLE_KEEP_ALIVE, ACCESS_CONTROL_LIST, + EXTRA_MIME_TYPES, LISTENING_PORTS, DOCUMENT_ROOT, SSL_CERTIFICATE, + NUM_THREADS, RUN_AS_USER, REWRITE, HIDE_FILES, REQUEST_TIMEOUT, + NUM_OPTIONS +}; + +static const char *config_options[] = { + "C", "cgi_pattern", "**.cgi$|**.pl$|**.php$", + "E", "cgi_environment", NULL, + "G", "put_delete_auth_file", NULL, + "I", "cgi_interpreter", NULL, + "P", "protect_uri", NULL, + "R", "authentication_domain", "mydomain.com", + "S", "ssi_pattern", "**.shtml$|**.shtm$", + "T", "throttle", NULL, + "a", "access_log_file", NULL, + "d", "enable_directory_listing", "yes", + "e", "error_log_file", NULL, + "g", "global_auth_file", NULL, + "i", "index_files", "index.html,index.htm,index.cgi,index.shtml,index.php", + "k", "enable_keep_alive", "no", + "l", "access_control_list", NULL, + "m", "extra_mime_types", NULL, + "p", "listening_ports", "8080", + "r", "document_root", ".", + "s", "ssl_certificate", NULL, + "t", "num_threads", "20", + "u", "run_as_user", NULL, + "w", "url_rewrite_patterns", NULL, + "x", "hide_files_patterns", NULL, + "z", "request_timeout_ms", "30000", + NULL +}; +#define ENTRIES_PER_CONFIG_OPTION 3 + +struct mg_context { + volatile int stop_flag; // Should we stop event loop + SSL_CTX *ssl_ctx; // SSL context + char *config[NUM_OPTIONS]; // Mongoose configuration parameters + struct mg_callbacks callbacks; // User-defined callback function + void *user_data; // User-defined data + + struct socket *listening_sockets; + int num_listening_sockets; + + volatile int num_threads; // Number of threads + pthread_mutex_t mutex; // Protects (max|num)_threads + pthread_cond_t cond; // Condvar for tracking workers terminations + + struct socket queue[20]; // Accepted sockets + volatile int sq_head; // Head of the socket queue + volatile int sq_tail; // Tail of the socket queue + pthread_cond_t sq_full; // Signaled when socket is produced + pthread_cond_t sq_empty; // Signaled when socket is consumed +}; + +struct mg_connection { + struct mg_request_info request_info; + struct mg_context *ctx; + SSL *ssl; // SSL descriptor + SSL_CTX *client_ssl_ctx; // SSL context for client connections + struct socket client; // Connected client + time_t birth_time; // Time when request was received + int64_t num_bytes_sent; // Total bytes sent to client + int64_t content_len; // Content-Length header value + int64_t consumed_content; // How many bytes of content have been read + char *buf; // Buffer for received data + char *path_info; // PATH_INFO part of the URL + int must_close; // 1 if connection must be closed + int buf_size; // Buffer size + int request_len; // Size of the request + headers in a buffer + int data_len; // Total size of data in a buffer + int status_code; // HTTP reply status code, e.g. 200 + int throttle; // Throttling, bytes/sec. <= 0 means no throttle + time_t last_throttle_time; // Last time throttled data was sent + int64_t last_throttle_bytes;// Bytes sent this second +}; + +const char **mg_get_valid_option_names(void) { + return config_options; +} + +static int is_file_in_memory(struct mg_connection *conn, const char *path, + struct file *filep) { + size_t size = 0; + if ((filep->membuf = conn->ctx->callbacks.open_file == NULL ? NULL : + conn->ctx->callbacks.open_file(conn, path, &size)) != NULL) { + // NOTE: override filep->size only on success. Otherwise, it might break + // constructs like if (!mg_stat() || !mg_fopen()) ... + filep->size = size; + } + return filep->membuf != NULL; +} + +static int is_file_opened(const struct file *filep) { + return filep->membuf != NULL || filep->fp != NULL; +} + +static int mg_fopen(struct mg_connection *conn, const char *path, + const char *mode, struct file *filep) { + if (!is_file_in_memory(conn, path, filep)) { +#ifdef _WIN32 + wchar_t wbuf[PATH_MAX], wmode[20]; + to_unicode(path, wbuf, ARRAY_SIZE(wbuf)); + MultiByteToWideChar(CP_UTF8, 0, mode, -1, wmode, ARRAY_SIZE(wmode)); + filep->fp = _wfopen(wbuf, wmode); +#else + filep->fp = fopen(path, mode); +#endif + } + + return is_file_opened(filep); +} + +static void mg_fclose(struct file *filep) { + if (filep != NULL && filep->fp != NULL) { + fclose(filep->fp); + } +} + +static int get_option_index(const char *name) { + int i; + + for (i = 0; config_options[i] != NULL; i += ENTRIES_PER_CONFIG_OPTION) { + if (strcmp(config_options[i], name) == 0 || + strcmp(config_options[i + 1], name) == 0) { + return i / ENTRIES_PER_CONFIG_OPTION; + } + } + return -1; +} + +const char *mg_get_option(const struct mg_context *ctx, const char *name) { + int i; + if ((i = get_option_index(name)) == -1) { + return NULL; + } else if (ctx->config[i] == NULL) { + return ""; + } else { + return ctx->config[i]; + } +} + +static void sockaddr_to_string(char *buf, size_t len, + const union usa *usa) { + buf[0] = '\0'; +#if defined(USE_IPV6) + inet_ntop(usa->sa.sa_family, usa->sa.sa_family == AF_INET ? + (void *) &usa->sin.sin_addr : + (void *) &usa->sin6.sin6_addr, buf, len); +#elif defined(_WIN32) + // Only Windoze Vista (and newer) have inet_ntop() + strncpy(buf, inet_ntoa(usa->sin.sin_addr), len); +#else + inet_ntop(usa->sa.sa_family, (void *) &usa->sin.sin_addr, buf, len); +#endif +} + +static void cry(struct mg_connection *conn, + PRINTF_FORMAT_STRING(const char *fmt), ...) PRINTF_ARGS(2, 3); + +// Print error message to the opened error log stream. +static void cry(struct mg_connection *conn, const char *fmt, ...) { + char buf[MG_BUF_LEN], src_addr[20]; + va_list ap; + FILE *fp; + time_t timestamp; + + va_start(ap, fmt); + (void) vsnprintf(buf, sizeof(buf), fmt, ap); + va_end(ap); + + // Do not lock when getting the callback value, here and below. + // I suppose this is fine, since function cannot disappear in the + // same way string option can. + if (conn->ctx->callbacks.log_message == NULL || + conn->ctx->callbacks.log_message(conn, buf) == 0) { + fp = conn->ctx == NULL || conn->ctx->config[ERROR_LOG_FILE] == NULL ? NULL : + fopen(conn->ctx->config[ERROR_LOG_FILE], "a+"); + + if (fp != NULL) { + flockfile(fp); + timestamp = time(NULL); + + sockaddr_to_string(src_addr, sizeof(src_addr), &conn->client.rsa); + fprintf(fp, "[%010lu] [error] [client %s] ", (unsigned long) timestamp, + src_addr); + + if (conn->request_info.request_method != NULL) { + fprintf(fp, "%s %s: ", conn->request_info.request_method, + conn->request_info.uri); + } + + fprintf(fp, "%s", buf); + fputc('\n', fp); + funlockfile(fp); + fclose(fp); + } + } +} + +// Return fake connection structure. Used for logging, if connection +// is not applicable at the moment of logging. +static struct mg_connection *fc(struct mg_context *ctx) { + static struct mg_connection fake_connection; + fake_connection.ctx = ctx; + return &fake_connection; +} + +const char *mg_version(void) { + return MONGOOSE_VERSION; +} + +struct mg_request_info *mg_get_request_info(struct mg_connection *conn) { + return &conn->request_info; +} + +static void mg_strlcpy(register char *dst, register const char *src, size_t n) { + for (; *src != '\0' && n > 1; n--) { + *dst++ = *src++; + } + *dst = '\0'; +} + +static int lowercase(const char *s) { + return tolower(* (const unsigned char *) s); +} + +static int mg_strncasecmp(const char *s1, const char *s2, size_t len) { + int diff = 0; + + if (len > 0) + do { + diff = lowercase(s1++) - lowercase(s2++); + } while (diff == 0 && s1[-1] != '\0' && --len > 0); + + return diff; +} + +static int mg_strcasecmp(const char *s1, const char *s2) { + int diff; + + do { + diff = lowercase(s1++) - lowercase(s2++); + } while (diff == 0 && s1[-1] != '\0'); + + return diff; +} + +static char * mg_strndup(const char *ptr, size_t len) { + char *p; + + if ((p = (char *) malloc(len + 1)) != NULL) { + mg_strlcpy(p, ptr, len + 1); + } + + return p; +} + +static char * mg_strdup(const char *str) { + return mg_strndup(str, strlen(str)); +} + +// Like snprintf(), but never returns negative value, or a value +// that is larger than a supplied buffer. +// Thanks to Adam Zeldis to pointing snprintf()-caused vulnerability +// in his audit report. +static int mg_vsnprintf(struct mg_connection *conn, char *buf, size_t buflen, + const char *fmt, va_list ap) { + int n; + + if (buflen == 0) + return 0; + + n = vsnprintf(buf, buflen, fmt, ap); + + if (n < 0) { + cry(conn, "vsnprintf error"); + n = 0; + } else if (n >= (int) buflen) { + cry(conn, "truncating vsnprintf buffer: [%.*s]", + n > 200 ? 200 : n, buf); + n = (int) buflen - 1; + } + buf[n] = '\0'; + + return n; +} + +static int mg_snprintf(struct mg_connection *conn, char *buf, size_t buflen, + PRINTF_FORMAT_STRING(const char *fmt), ...) + PRINTF_ARGS(4, 5); + +static int mg_snprintf(struct mg_connection *conn, char *buf, size_t buflen, + const char *fmt, ...) { + va_list ap; + int n; + + va_start(ap, fmt); + n = mg_vsnprintf(conn, buf, buflen, fmt, ap); + va_end(ap); + + return n; +} + +// Skip the characters until one of the delimiters characters found. +// 0-terminate resulting word. Skip the delimiter and following whitespaces. +// Advance pointer to buffer to the next word. Return found 0-terminated word. +// Delimiters can be quoted with quotechar. +static char *skip_quoted(char **buf, const char *delimiters, + const char *whitespace, char quotechar) { + char *p, *begin_word, *end_word, *end_whitespace; + + begin_word = *buf; + end_word = begin_word + strcspn(begin_word, delimiters); + + // Check for quotechar + if (end_word > begin_word) { + p = end_word - 1; + while (*p == quotechar) { + // If there is anything beyond end_word, copy it + if (*end_word == '\0') { + *p = '\0'; + break; + } else { + size_t end_off = strcspn(end_word + 1, delimiters); + memmove (p, end_word, end_off + 1); + p += end_off; // p must correspond to end_word - 1 + end_word += end_off + 1; + } + } + for (p++; p < end_word; p++) { + *p = '\0'; + } + } + + if (*end_word == '\0') { + *buf = end_word; + } else { + end_whitespace = end_word + 1 + strspn(end_word + 1, whitespace); + + for (p = end_word; p < end_whitespace; p++) { + *p = '\0'; + } + + *buf = end_whitespace; + } + + return begin_word; +} + +// Simplified version of skip_quoted without quote char +// and whitespace == delimiters +static char *skip(char **buf, const char *delimiters) { + return skip_quoted(buf, delimiters, delimiters, 0); +} + + +// Return HTTP header value, or NULL if not found. +static const char *get_header(const struct mg_request_info *ri, + const char *name) { + int i; + + for (i = 0; i < ri->num_headers; i++) + if (!mg_strcasecmp(name, ri->http_headers[i].name)) + return ri->http_headers[i].value; + + return NULL; +} + +const char *mg_get_header(const struct mg_connection *conn, const char *name) { + return get_header(&conn->request_info, name); +} + +// A helper function for traversing a comma separated list of values. +// It returns a list pointer shifted to the next value, or NULL if the end +// of the list found. +// Value is stored in val vector. If value has form "x=y", then eq_val +// vector is initialized to point to the "y" part, and val vector length +// is adjusted to point only to "x". +static const char *next_option(const char *list, struct vec *val, + struct vec *eq_val) { + if (list == NULL || *list == '\0') { + // End of the list + list = NULL; + } else { + val->ptr = list; + if ((list = strchr(val->ptr, ',')) != NULL) { + // Comma found. Store length and shift the list ptr + val->len = list - val->ptr; + list++; + } else { + // This value is the last one + list = val->ptr + strlen(val->ptr); + val->len = list - val->ptr; + } + + if (eq_val != NULL) { + // Value has form "x=y", adjust pointers and lengths + // so that val points to "x", and eq_val points to "y". + eq_val->len = 0; + eq_val->ptr = (const char *) memchr(val->ptr, '=', val->len); + if (eq_val->ptr != NULL) { + eq_val->ptr++; // Skip over '=' character + eq_val->len = val->ptr + val->len - eq_val->ptr; + val->len = (eq_val->ptr - val->ptr) - 1; + } + } + } + + return list; +} + +static int match_prefix(const char *pattern, int pattern_len, const char *str) { + const char *or_str; + int i, j, len, res; + + if ((or_str = (const char *) memchr(pattern, '|', pattern_len)) != NULL) { + res = match_prefix(pattern, or_str - pattern, str); + return res > 0 ? res : + match_prefix(or_str + 1, (pattern + pattern_len) - (or_str + 1), str); + } + + i = j = 0; + res = -1; + for (; i < pattern_len; i++, j++) { + if (pattern[i] == '?' && str[j] != '\0') { + continue; + } else if (pattern[i] == '$') { + return str[j] == '\0' ? j : -1; + } else if (pattern[i] == '*') { + i++; + if (pattern[i] == '*') { + i++; + len = (int) strlen(str + j); + } else { + len = (int) strcspn(str + j, "/"); + } + if (i == pattern_len) { + return j + len; + } + do { + res = match_prefix(pattern + i, pattern_len - i, str + j + len); + } while (res == -1 && len-- > 0); + return res == -1 ? -1 : j + res + len; + } else if (pattern[i] != str[j]) { + return -1; + } + } + return j; +} + +// HTTP 1.1 assumes keep alive if "Connection:" header is not set +// This function must tolerate situations when connection info is not +// set up, for example if request parsing failed. +static int should_keep_alive(const struct mg_connection *conn) { + const char *http_version = conn->request_info.http_version; + const char *header = mg_get_header(conn, "Connection"); + if (conn->must_close || + conn->status_code == 401 || + mg_strcasecmp(conn->ctx->config[ENABLE_KEEP_ALIVE], "yes") != 0 || + (header != NULL && mg_strcasecmp(header, "keep-alive") != 0) || + (header == NULL && http_version && strcmp(http_version, "1.1"))) { + return 0; + } + return 1; +} + +static const char *suggest_connection_header(const struct mg_connection *conn) { + return should_keep_alive(conn) ? "keep-alive" : "close"; +} + +static void send_http_error(struct mg_connection *, int, const char *, + PRINTF_FORMAT_STRING(const char *fmt), ...) + PRINTF_ARGS(4, 5); + + +static void send_http_error(struct mg_connection *conn, int status, + const char *reason, const char *fmt, ...) { + char buf[MG_BUF_LEN]; + va_list ap; + int len = 0; + + conn->status_code = status; + buf[0] = '\0'; + + // Errors 1xx, 204 and 304 MUST NOT send a body + if (status > 199 && status != 204 && status != 304) { + len = mg_snprintf(conn, buf, sizeof(buf), "Error %d: %s", status, reason); + buf[len++] = '\n'; + + va_start(ap, fmt); + len += mg_vsnprintf(conn, buf + len, sizeof(buf) - len, fmt, ap); + va_end(ap); + } + DEBUG_TRACE(("[%s]", buf)); + + mg_printf(conn, "HTTP/1.1 %d %s\r\n" + "Content-Length: %d\r\n" + "Connection: %s\r\n\r\n", status, reason, len, + suggest_connection_header(conn)); + conn->num_bytes_sent += mg_printf(conn, "%s", buf); +} + +#if defined(_WIN32) && !defined(__SYMBIAN32__) +static int pthread_mutex_init(pthread_mutex_t *mutex, void *unused) { + unused = NULL; + *mutex = CreateMutex(NULL, FALSE, NULL); + return *mutex == NULL ? -1 : 0; +} + +static int pthread_mutex_destroy(pthread_mutex_t *mutex) { + return CloseHandle(*mutex) == 0 ? -1 : 0; +} + +static int pthread_mutex_lock(pthread_mutex_t *mutex) { + return WaitForSingleObject(*mutex, INFINITE) == WAIT_OBJECT_0? 0 : -1; +} + +static int pthread_mutex_unlock(pthread_mutex_t *mutex) { + return ReleaseMutex(*mutex) == 0 ? -1 : 0; +} + +static int pthread_cond_init(pthread_cond_t *cv, const void *unused) { + unused = NULL; + cv->signal = CreateEvent(NULL, FALSE, FALSE, NULL); + cv->broadcast = CreateEvent(NULL, TRUE, FALSE, NULL); + return cv->signal != NULL && cv->broadcast != NULL ? 0 : -1; +} + +static int pthread_cond_wait(pthread_cond_t *cv, pthread_mutex_t *mutex) { + HANDLE handles[] = {cv->signal, cv->broadcast}; + ReleaseMutex(*mutex); + WaitForMultipleObjects(2, handles, FALSE, INFINITE); + return WaitForSingleObject(*mutex, INFINITE) == WAIT_OBJECT_0? 0 : -1; +} + +static int pthread_cond_signal(pthread_cond_t *cv) { + return SetEvent(cv->signal) == 0 ? -1 : 0; +} + +static int pthread_cond_broadcast(pthread_cond_t *cv) { + // Implementation with PulseEvent() has race condition, see + // http://www.cs.wustl.edu/~schmidt/win32-cv-1.html + return PulseEvent(cv->broadcast) == 0 ? -1 : 0; +} + +static int pthread_cond_destroy(pthread_cond_t *cv) { + return CloseHandle(cv->signal) && CloseHandle(cv->broadcast) ? 0 : -1; +} + +// For Windows, change all slashes to backslashes in path names. +static void change_slashes_to_backslashes(char *path) { + int i; + + for (i = 0; path[i] != '\0'; i++) { + if (path[i] == '/') + path[i] = '\\'; + // i > 0 check is to preserve UNC paths, like \\server\file.txt + if (path[i] == '\\' && i > 0) + while (path[i + 1] == '\\' || path[i + 1] == '/') + (void) memmove(path + i + 1, + path + i + 2, strlen(path + i + 1)); + } +} + +// Encode 'path' which is assumed UTF-8 string, into UNICODE string. +// wbuf and wbuf_len is a target buffer and its length. +static void to_unicode(const char *path, wchar_t *wbuf, size_t wbuf_len) { + char buf[PATH_MAX], buf2[PATH_MAX], *p; + + mg_strlcpy(buf, path, sizeof(buf)); + change_slashes_to_backslashes(buf); + + // Point p to the end of the file name + p = buf + strlen(buf) - 1; + + // Convert to Unicode and back. If doubly-converted string does not + // match the original, something is fishy, reject. + memset(wbuf, 0, wbuf_len * sizeof(wchar_t)); + MultiByteToWideChar(CP_UTF8, 0, buf, -1, wbuf, (int) wbuf_len); + WideCharToMultiByte(CP_UTF8, 0, wbuf, (int) wbuf_len, buf2, sizeof(buf2), + NULL, NULL); + if (strcmp(buf, buf2) != 0) { + wbuf[0] = L'\0'; + } +} + +#if defined(_WIN32_WCE) +static time_t time(time_t *ptime) { + time_t t; + SYSTEMTIME st; + FILETIME ft; + + GetSystemTime(&st); + SystemTimeToFileTime(&st, &ft); + t = SYS2UNIX_TIME(ft.dwLowDateTime, ft.dwHighDateTime); + + if (ptime != NULL) { + *ptime = t; + } + + return t; +} + +static struct tm *localtime(const time_t *ptime, struct tm *ptm) { + int64_t t = ((int64_t) *ptime) * RATE_DIFF + EPOCH_DIFF; + FILETIME ft, lft; + SYSTEMTIME st; + TIME_ZONE_INFORMATION tzinfo; + + if (ptm == NULL) { + return NULL; + } + + * (int64_t *) &ft = t; + FileTimeToLocalFileTime(&ft, &lft); + FileTimeToSystemTime(&lft, &st); + ptm->tm_year = st.wYear - 1900; + ptm->tm_mon = st.wMonth - 1; + ptm->tm_wday = st.wDayOfWeek; + ptm->tm_mday = st.wDay; + ptm->tm_hour = st.wHour; + ptm->tm_min = st.wMinute; + ptm->tm_sec = st.wSecond; + ptm->tm_yday = 0; // hope nobody uses this + ptm->tm_isdst = + GetTimeZoneInformation(&tzinfo) == TIME_ZONE_ID_DAYLIGHT ? 1 : 0; + + return ptm; +} + +static struct tm *gmtime(const time_t *ptime, struct tm *ptm) { + // FIXME(lsm): fix this. + return localtime(ptime, ptm); +} + +static size_t strftime(char *dst, size_t dst_size, const char *fmt, + const struct tm *tm) { + (void) snprintf(dst, dst_size, "implement strftime() for WinCE"); + return 0; +} +#endif + +static int mg_rename(const char* oldname, const char* newname) { + wchar_t woldbuf[PATH_MAX]; + wchar_t wnewbuf[PATH_MAX]; + + to_unicode(oldname, woldbuf, ARRAY_SIZE(woldbuf)); + to_unicode(newname, wnewbuf, ARRAY_SIZE(wnewbuf)); + + return MoveFileW(woldbuf, wnewbuf) ? 0 : -1; +} + +// Windows happily opens files with some garbage at the end of file name. +// For example, fopen("a.cgi ", "r") on Windows successfully opens +// "a.cgi", despite one would expect an error back. +// This function returns non-0 if path ends with some garbage. +static int path_cannot_disclose_cgi(const char *path) { + static const char *allowed_last_characters = "_-"; + int last = path[strlen(path) - 1]; + return isalnum(last) || strchr(allowed_last_characters, last) != NULL; +} + +static int mg_stat(struct mg_connection *conn, const char *path, + struct file *filep) { + wchar_t wbuf[PATH_MAX]; + WIN32_FILE_ATTRIBUTE_DATA info; + + if (!is_file_in_memory(conn, path, filep)) { + to_unicode(path, wbuf, ARRAY_SIZE(wbuf)); + if (GetFileAttributesExW(wbuf, GetFileExInfoStandard, &info) != 0) { + filep->size = MAKEUQUAD(info.nFileSizeLow, info.nFileSizeHigh); + filep->modification_time = SYS2UNIX_TIME( + info.ftLastWriteTime.dwLowDateTime, + info.ftLastWriteTime.dwHighDateTime); + filep->is_directory = info.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY; + // If file name is fishy, reset the file structure and return error. + // Note it is important to reset, not just return the error, cause + // functions like is_file_opened() check the struct. + if (!filep->is_directory && !path_cannot_disclose_cgi(path)) { + memset(filep, 0, sizeof(*filep)); + } + } + } + + return filep->membuf != NULL || filep->modification_time != 0; +} + +static int mg_remove(const char *path) { + wchar_t wbuf[PATH_MAX]; + to_unicode(path, wbuf, ARRAY_SIZE(wbuf)); + return DeleteFileW(wbuf) ? 0 : -1; +} + +static int mg_mkdir(const char *path, int mode) { + char buf[PATH_MAX]; + wchar_t wbuf[PATH_MAX]; + + mode = 0; // Unused + mg_strlcpy(buf, path, sizeof(buf)); + change_slashes_to_backslashes(buf); + + (void) MultiByteToWideChar(CP_UTF8, 0, buf, -1, wbuf, ARRAY_SIZE(wbuf)); + + return CreateDirectoryW(wbuf, NULL) ? 0 : -1; +} + +// Implementation of POSIX opendir/closedir/readdir for Windows. +static DIR * opendir(const char *name) { + DIR *dir = NULL; + wchar_t wpath[PATH_MAX]; + DWORD attrs; + + if (name == NULL) { + SetLastError(ERROR_BAD_ARGUMENTS); + } else if ((dir = (DIR *) malloc(sizeof(*dir))) == NULL) { + SetLastError(ERROR_NOT_ENOUGH_MEMORY); + } else { + to_unicode(name, wpath, ARRAY_SIZE(wpath)); + attrs = GetFileAttributesW(wpath); + if (attrs != 0xFFFFFFFF && + ((attrs & FILE_ATTRIBUTE_DIRECTORY) == FILE_ATTRIBUTE_DIRECTORY)) { + (void) wcscat(wpath, L"\\*"); + dir->handle = FindFirstFileW(wpath, &dir->info); + dir->result.d_name[0] = '\0'; + } else { + free(dir); + dir = NULL; + } + } + + return dir; +} + +static int closedir(DIR *dir) { + int result = 0; + + if (dir != NULL) { + if (dir->handle != INVALID_HANDLE_VALUE) + result = FindClose(dir->handle) ? 0 : -1; + + free(dir); + } else { + result = -1; + SetLastError(ERROR_BAD_ARGUMENTS); + } + + return result; +} + +static struct dirent *readdir(DIR *dir) { + struct dirent *result = 0; + + if (dir) { + if (dir->handle != INVALID_HANDLE_VALUE) { + result = &dir->result; + (void) WideCharToMultiByte(CP_UTF8, 0, + dir->info.cFileName, -1, result->d_name, + sizeof(result->d_name), NULL, NULL); + + if (!FindNextFileW(dir->handle, &dir->info)) { + (void) FindClose(dir->handle); + dir->handle = INVALID_HANDLE_VALUE; + } + + } else { + SetLastError(ERROR_FILE_NOT_FOUND); + } + } else { + SetLastError(ERROR_BAD_ARGUMENTS); + } + + return result; +} + +#ifndef HAVE_POLL +static int poll(struct pollfd *pfd, int n, int milliseconds) { + struct timeval tv; + fd_set set; + int i, result; + + tv.tv_sec = milliseconds / 1000; + tv.tv_usec = (milliseconds % 1000) * 1000; + FD_ZERO(&set); + + for (i = 0; i < n; i++) { + FD_SET((SOCKET) pfd[i].fd, &set); + pfd[i].revents = 0; + } + + if ((result = select(0, &set, NULL, NULL, &tv)) > 0) { + for (i = 0; i < n; i++) { + if (FD_ISSET(pfd[i].fd, &set)) { + pfd[i].revents = POLLIN; + } + } + } + + return result; +} +#endif // HAVE_POLL + +#define set_close_on_exec(x) // No FD_CLOEXEC on Windows + +int mg_start_thread(mg_thread_func_t f, void *p) { + return _beginthread((void (__cdecl *)(void *)) f, 0, p) == -1L ? -1 : 0; +} + +static HANDLE dlopen(const char *dll_name, int flags) { + wchar_t wbuf[PATH_MAX]; + flags = 0; // Unused + to_unicode(dll_name, wbuf, ARRAY_SIZE(wbuf)); + return LoadLibraryW(wbuf); +} + +#if !defined(NO_CGI) +#define SIGKILL 0 +static int kill(pid_t pid, int sig_num) { + (void) TerminateProcess(pid, sig_num); + (void) CloseHandle(pid); + return 0; +} + +static void trim_trailing_whitespaces(char *s) { + char *e = s + strlen(s) - 1; + while (e > s && isspace(* (unsigned char *) e)) { + *e-- = '\0'; + } +} + +static pid_t spawn_process(struct mg_connection *conn, const char *prog, + char *envblk, char *envp[], int fd_stdin, + int fd_stdout, const char *dir) { + HANDLE me; + char *p, *interp, full_interp[PATH_MAX], full_dir[PATH_MAX], + cmdline[PATH_MAX], buf[PATH_MAX]; + struct file file = STRUCT_FILE_INITIALIZER; + STARTUPINFOA si = { sizeof(si) }; + PROCESS_INFORMATION pi = { 0 }; + + envp = NULL; // Unused + + // TODO(lsm): redirect CGI errors to the error log file + si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW; + si.wShowWindow = SW_HIDE; + + me = GetCurrentProcess(); + DuplicateHandle(me, (HANDLE) _get_osfhandle(fd_stdin), me, + &si.hStdInput, 0, TRUE, DUPLICATE_SAME_ACCESS); + DuplicateHandle(me, (HANDLE) _get_osfhandle(fd_stdout), me, + &si.hStdOutput, 0, TRUE, DUPLICATE_SAME_ACCESS); + + // If CGI file is a script, try to read the interpreter line + interp = conn->ctx->config[CGI_INTERPRETER]; + if (interp == NULL) { + buf[0] = buf[1] = '\0'; + + // Read the first line of the script into the buffer + snprintf(cmdline, sizeof(cmdline), "%s%c%s", dir, '/', prog); + if (mg_fopen(conn, cmdline, "r", &file)) { + p = (char *) file.membuf; + mg_fgets(buf, sizeof(buf), &file, &p); + mg_fclose(&file); + buf[sizeof(buf) - 1] = '\0'; + } + + if (buf[0] == '#' && buf[1] == '!') { + trim_trailing_whitespaces(buf + 2); + } else { + buf[2] = '\0'; + } + interp = buf + 2; + } + + if (interp[0] != '\0') { + GetFullPathNameA(interp, sizeof(full_interp), full_interp, NULL); + interp = full_interp; + } + GetFullPathNameA(dir, sizeof(full_dir), full_dir, NULL); + + mg_snprintf(conn, cmdline, sizeof(cmdline), "%s%s%s\\%s", + interp, interp[0] == '\0' ? "" : " ", full_dir, prog); + + DEBUG_TRACE(("Running [%s]", cmdline)); + if (CreateProcessA(NULL, cmdline, NULL, NULL, TRUE, + CREATE_NEW_PROCESS_GROUP, envblk, NULL, &si, &pi) == 0) { + cry(conn, "%s: CreateProcess(%s): %d", + __func__, cmdline, ERRNO); + pi.hProcess = (pid_t) -1; + } + + // Always close these to prevent handle leakage. + (void) close(fd_stdin); + (void) close(fd_stdout); + + (void) CloseHandle(si.hStdOutput); + (void) CloseHandle(si.hStdInput); + (void) CloseHandle(pi.hThread); + + return (pid_t) pi.hProcess; +} +#endif // !NO_CGI + +static int set_non_blocking_mode(SOCKET sock) { + unsigned long on = 1; + return ioctlsocket(sock, FIONBIO, &on); +} + +#else +static int mg_stat(struct mg_connection *conn, const char *path, + struct file *filep) { + struct stat st; + + if (!is_file_in_memory(conn, path, filep) && !stat(path, &st)) { + filep->size = st.st_size; + filep->modification_time = st.st_mtime; + filep->is_directory = S_ISDIR(st.st_mode); + } else { + filep->modification_time = (time_t) 0; + } + + return filep->membuf != NULL || filep->modification_time != (time_t) 0; +} + +static void set_close_on_exec(int fd) { + fcntl(fd, F_SETFD, FD_CLOEXEC); +} + +int mg_start_thread(mg_thread_func_t func, void *param) { + pthread_t thread_id; + pthread_attr_t attr; + + (void) pthread_attr_init(&attr); + (void) pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED); + // TODO(lsm): figure out why mongoose dies on Linux if next line is enabled + // (void) pthread_attr_setstacksize(&attr, sizeof(struct mg_connection) * 5); + + return pthread_create(&thread_id, &attr, func, param); +} + +#ifndef NO_CGI +static pid_t spawn_process(struct mg_connection *conn, const char *prog, + char *envblk, char *envp[], int fd_stdin, + int fd_stdout, const char *dir) { + pid_t pid; + const char *interp; + + (void) envblk; + + if ((pid = fork()) == -1) { + // Parent + send_http_error(conn, 500, http_500_error, "fork(): %s", strerror(ERRNO)); + } else if (pid == 0) { + // Child + if (chdir(dir) != 0) { + cry(conn, "%s: chdir(%s): %s", __func__, dir, strerror(ERRNO)); + } else if (dup2(fd_stdin, 0) == -1) { + cry(conn, "%s: dup2(%d, 0): %s", __func__, fd_stdin, strerror(ERRNO)); + } else if (dup2(fd_stdout, 1) == -1) { + cry(conn, "%s: dup2(%d, 1): %s", __func__, fd_stdout, strerror(ERRNO)); + } else { + (void) dup2(fd_stdout, 2); + (void) close(fd_stdin); + (void) close(fd_stdout); + + // After exec, all signal handlers are restored to their default values, + // with one exception of SIGCHLD. According to POSIX.1-2001 and Linux's + // implementation, SIGCHLD's handler will leave unchanged after exec + // if it was set to be ignored. Restore it to default action. + signal(SIGCHLD, SIG_DFL); + + interp = conn->ctx->config[CGI_INTERPRETER]; + if (interp == NULL) { + (void) execle(prog, prog, NULL, envp); + cry(conn, "%s: execle(%s): %s", __func__, prog, strerror(ERRNO)); + } else { + (void) execle(interp, interp, prog, NULL, envp); + cry(conn, "%s: execle(%s %s): %s", __func__, interp, prog, + strerror(ERRNO)); + } + } + exit(EXIT_FAILURE); + } + + // Parent. Close stdio descriptors + (void) close(fd_stdin); + (void) close(fd_stdout); + + return pid; +} +#endif // !NO_CGI + +static int set_non_blocking_mode(SOCKET sock) { + int flags; + + flags = fcntl(sock, F_GETFL, 0); + (void) fcntl(sock, F_SETFL, flags | O_NONBLOCK); + + return 0; +} +#endif // _WIN32 + +// Write data to the IO channel - opened file descriptor, socket or SSL +// descriptor. Return number of bytes written. +static int64_t push(FILE *fp, SOCKET sock, SSL *ssl, const char *buf, + int64_t len) { + int64_t sent; + int n, k; + + sent = 0; + while (sent < len) { + + // How many bytes we send in this iteration + k = len - sent > INT_MAX ? INT_MAX : (int) (len - sent); + +#ifndef NO_SSL + if (ssl != NULL) { + n = SSL_write(ssl, buf + sent, k); + } else +#endif + if (fp != NULL) { + n = (int) fwrite(buf + sent, 1, (size_t) k, fp); + if (ferror(fp)) + n = -1; + } else { + n = send(sock, buf + sent, (size_t) k, MSG_NOSIGNAL); + } + + if (n <= 0) + break; + + sent += n; + } + + return sent; +} + +// Read from IO channel - opened file descriptor, socket, or SSL descriptor. +// Return negative value on error, or number of bytes read on success. +static int pull(FILE *fp, struct mg_connection *conn, char *buf, int len) { + int nread; + + if (fp != NULL) { + // Use read() instead of fread(), because if we're reading from the CGI + // pipe, fread() may block until IO buffer is filled up. We cannot afford + // to block and must pass all read bytes immediately to the client. + nread = read(fileno(fp), buf, (size_t) len); +#ifndef NO_SSL + } else if (conn->ssl != NULL) { + nread = SSL_read(conn->ssl, buf, len); +#endif + } else { + nread = recv(conn->client.sock, buf, (size_t) len, 0); + } + + return conn->ctx->stop_flag ? -1 : nread; +} + +int mg_read(struct mg_connection *conn, void *buf, size_t len) { + int n, buffered_len, nread; + const char *body; + + nread = 0; + if (conn->consumed_content < conn->content_len) { + // Adjust number of bytes to read. + int64_t to_read = conn->content_len - conn->consumed_content; + if (to_read < (int64_t) len) { + len = (size_t) to_read; + } + + // Return buffered data + body = conn->buf + conn->request_len + conn->consumed_content; + buffered_len = &conn->buf[conn->data_len] - body; + if (buffered_len > 0) { + if (len < (size_t) buffered_len) { + buffered_len = (int) len; + } + memcpy(buf, body, (size_t) buffered_len); + len -= buffered_len; + conn->consumed_content += buffered_len; + nread += buffered_len; + buf = (char *) buf + buffered_len; + } + + // We have returned all buffered data. Read new data from the remote socket. + while (len > 0) { + n = pull(NULL, conn, (char *) buf, (int) len); + if (n < 0) { + nread = n; // Propagate the error + break; + } else if (n == 0) { + break; // No more data to read + } else { + buf = (char *) buf + n; + conn->consumed_content += n; + nread += n; + len -= n; + } + } + } + return nread; +} + +int mg_write(struct mg_connection *conn, const void *buf, size_t len) { + time_t now; + int64_t n, total, allowed; + + if (conn->throttle > 0) { + if ((now = time(NULL)) != conn->last_throttle_time) { + conn->last_throttle_time = now; + conn->last_throttle_bytes = 0; + } + allowed = conn->throttle - conn->last_throttle_bytes; + if (allowed > (int64_t) len) { + allowed = len; + } + if ((total = push(NULL, conn->client.sock, conn->ssl, (const char *) buf, + (int64_t) allowed)) == allowed) { + buf = (char *) buf + total; + conn->last_throttle_bytes += total; + while (total < (int64_t) len && conn->ctx->stop_flag == 0) { + allowed = conn->throttle > (int64_t) len - total ? + (int64_t) len - total : conn->throttle; + if ((n = push(NULL, conn->client.sock, conn->ssl, (const char *) buf, + (int64_t) allowed)) != allowed) { + break; + } + sleep(1); + conn->last_throttle_bytes = allowed; + conn->last_throttle_time = time(NULL); + buf = (char *) buf + n; + total += n; + } + } + } else { + total = push(NULL, conn->client.sock, conn->ssl, (const char *) buf, + (int64_t) len); + } + return (int) total; +} + +// Print message to buffer. If buffer is large enough to hold the message, +// return buffer. If buffer is to small, allocate large enough buffer on heap, +// and return allocated buffer. +static int alloc_vprintf(char **buf, size_t size, const char *fmt, va_list ap) { + va_list ap_copy; + int len; + + // Windows is not standard-compliant, and vsnprintf() returns -1 if + // buffer is too small. Also, older versions of msvcrt.dll do not have + // _vscprintf(). However, if size is 0, vsnprintf() behaves correctly. + // Therefore, we make two passes: on first pass, get required message length. + // On second pass, actually print the message. + va_copy(ap_copy, ap); + len = vsnprintf(NULL, 0, fmt, ap_copy); + + if (len > (int) size && + (size = len + 1) > 0 && + (*buf = (char *) malloc(size)) == NULL) { + len = -1; // Allocation failed, mark failure + } else { + va_copy(ap_copy, ap); + vsnprintf(*buf, size, fmt, ap_copy); + } + + return len; +} + +int mg_vprintf(struct mg_connection *conn, const char *fmt, va_list ap) { + char mem[MG_BUF_LEN], *buf = mem; + int len; + + if ((len = alloc_vprintf(&buf, sizeof(mem), fmt, ap)) > 0) { + len = mg_write(conn, buf, (size_t) len); + } + if (buf != mem && buf != NULL) { + free(buf); + } + + return len; +} + +int mg_printf(struct mg_connection *conn, const char *fmt, ...) { + va_list ap; + va_start(ap, fmt); + return mg_vprintf(conn, fmt, ap); +} + +// URL-decode input buffer into destination buffer. +// 0-terminate the destination buffer. Return the length of decoded data. +// form-url-encoded data differs from URI encoding in a way that it +// uses '+' as character for space, see RFC 1866 section 8.2.1 +// http://ftp.ics.uci.edu/pub/ietf/html/rfc1866.txt +static int url_decode(const char *src, int src_len, char *dst, + int dst_len, int is_form_url_encoded) { + int i, j, a, b; +#define HEXTOI(x) (isdigit(x) ? x - '0' : x - 'W') + + for (i = j = 0; i < src_len && j < dst_len - 1; i++, j++) { + if (src[i] == '%' && + isxdigit(* (const unsigned char *) (src + i + 1)) && + isxdigit(* (const unsigned char *) (src + i + 2))) { + a = tolower(* (const unsigned char *) (src + i + 1)); + b = tolower(* (const unsigned char *) (src + i + 2)); + dst[j] = (char) ((HEXTOI(a) << 4) | HEXTOI(b)); + i += 2; + } else if (is_form_url_encoded && src[i] == '+') { + dst[j] = ' '; + } else { + dst[j] = src[i]; + } + } + + dst[j] = '\0'; // Null-terminate the destination + + return i >= src_len ? j : -1; +} + +int mg_get_var(const char *data, size_t data_len, const char *name, + char *dst, size_t dst_len) { + const char *p, *e, *s; + size_t name_len; + int len; + + if (dst == NULL || dst_len == 0) { + len = -2; + } else if (data == NULL || name == NULL || data_len == 0) { + len = -1; + dst[0] = '\0'; + } else { + name_len = strlen(name); + e = data + data_len; + len = -1; + dst[0] = '\0'; + + // data is "var1=val1&var2=val2...". Find variable first + for (p = data; p + name_len < e; p++) { + if ((p == data || p[-1] == '&') && p[name_len] == '=' && + !mg_strncasecmp(name, p, name_len)) { + + // Point p to variable value + p += name_len + 1; + + // Point s to the end of the value + s = (const char *) memchr(p, '&', (size_t)(e - p)); + if (s == NULL) { + s = e; + } + assert(s >= p); + + // Decode variable into destination buffer + len = url_decode(p, (size_t)(s - p), dst, dst_len, 1); + + // Redirect error code from -1 to -2 (destination buffer too small). + if (len == -1) { + len = -2; + } + break; + } + } + } + + return len; +} + +int mg_get_cookie(const struct mg_connection *conn, const char *cookie_name, + char *dst, size_t dst_size) { + const char *s, *p, *end; + int name_len, len = -1; + + if (dst == NULL || dst_size == 0) { + len = -2; + } else if (cookie_name == NULL || (s = mg_get_header(conn, "Cookie")) == NULL) { + len = -1; + dst[0] = '\0'; + } else { + name_len = (int) strlen(cookie_name); + end = s + strlen(s); + dst[0] = '\0'; + + for (; (s = strstr(s, cookie_name)) != NULL; s += name_len) { + if (s[name_len] == '=') { + s += name_len + 1; + if ((p = strchr(s, ' ')) == NULL) + p = end; + if (p[-1] == ';') + p--; + if (*s == '"' && p[-1] == '"' && p > s + 1) { + s++; + p--; + } + if ((size_t) (p - s) < dst_size) { + len = p - s; + mg_strlcpy(dst, s, (size_t) len + 1); + } else { + len = -2; + } + break; + } + } + } + return len; +} + +static void convert_uri_to_file_name(struct mg_connection *conn, char *buf, + size_t buf_len, struct file *filep) { + struct vec a, b; + const char *rewrite, *uri = conn->request_info.uri; + char *p; + int match_len; + + // Using buf_len - 1 because memmove() for PATH_INFO may shift part + // of the path one byte on the right. + mg_snprintf(conn, buf, buf_len - 1, "%s%s", conn->ctx->config[DOCUMENT_ROOT], + uri); + + rewrite = conn->ctx->config[REWRITE]; + while ((rewrite = next_option(rewrite, &a, &b)) != NULL) { + if ((match_len = match_prefix(a.ptr, a.len, uri)) > 0) { + mg_snprintf(conn, buf, buf_len - 1, "%.*s%s", (int) b.len, b.ptr, + uri + match_len); + break; + } + } + + if (!mg_stat(conn, buf, filep)) { + // Support PATH_INFO for CGI scripts. + for (p = buf + strlen(buf); p > buf + 1; p--) { + if (*p == '/') { + *p = '\0'; + if (match_prefix(conn->ctx->config[CGI_EXTENSIONS], + strlen(conn->ctx->config[CGI_EXTENSIONS]), buf) > 0 && + mg_stat(conn, buf, filep)) { + // Shift PATH_INFO block one character right, e.g. + // "/x.cgi/foo/bar\x00" => "/x.cgi\x00/foo/bar\x00" + // conn->path_info is pointing to the local variable "path" declared + // in handle_request(), so PATH_INFO is not valid after + // handle_request returns. + conn->path_info = p + 1; + memmove(p + 2, p + 1, strlen(p + 1) + 1); // +1 is for trailing \0 + p[1] = '/'; + break; + } else { + *p = '/'; + } + } + } + } +} + +// Check whether full request is buffered. Return: +// -1 if request is malformed +// 0 if request is not yet fully buffered +// >0 actual request length, including last \r\n\r\n +static int get_request_len(const char *buf, int buflen) { + const char *s, *e; + int len = 0; + + for (s = buf, e = s + buflen - 1; len <= 0 && s < e; s++) + // Control characters are not allowed but >=128 is. + if (!isprint(* (const unsigned char *) s) && *s != '\r' && + *s != '\n' && * (const unsigned char *) s < 128) { + len = -1; + break; // [i_a] abort scan as soon as one malformed character is found; + // don't let subsequent \r\n\r\n win us over anyhow + } else if (s[0] == '\n' && s[1] == '\n') { + len = (int) (s - buf) + 2; + } else if (s[0] == '\n' && &s[1] < e && + s[1] == '\r' && s[2] == '\n') { + len = (int) (s - buf) + 3; + } + + return len; +} + +// Convert month to the month number. Return -1 on error, or month number +static int get_month_index(const char *s) { + size_t i; + + for (i = 0; i < ARRAY_SIZE(month_names); i++) + if (!strcmp(s, month_names[i])) + return (int) i; + + return -1; +} + +static int num_leap_years(int year) { + return year / 4 - year / 100 + year / 400; +} + +// Parse UTC date-time string, and return the corresponding time_t value. +static time_t parse_date_string(const char *datetime) { + static const unsigned short days_before_month[] = { + 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334 + }; + char month_str[32]; + int second, minute, hour, day, month, year, leap_days, days; + time_t result = (time_t) 0; + + if (((sscanf(datetime, "%d/%3s/%d %d:%d:%d", + &day, month_str, &year, &hour, &minute, &second) == 6) || + (sscanf(datetime, "%d %3s %d %d:%d:%d", + &day, month_str, &year, &hour, &minute, &second) == 6) || + (sscanf(datetime, "%*3s, %d %3s %d %d:%d:%d", + &day, month_str, &year, &hour, &minute, &second) == 6) || + (sscanf(datetime, "%d-%3s-%d %d:%d:%d", + &day, month_str, &year, &hour, &minute, &second) == 6)) && + year > 1970 && + (month = get_month_index(month_str)) != -1) { + leap_days = num_leap_years(year) - num_leap_years(1970); + year -= 1970; + days = year * 365 + days_before_month[month] + (day - 1) + leap_days; + result = days * 24 * 3600 + hour * 3600 + minute * 60 + second; + } + + return result; +} + +// Protect against directory disclosure attack by removing '..', +// excessive '/' and '\' characters +static void remove_double_dots_and_double_slashes(char *s) { + char *p = s; + + while (*s != '\0') { + *p++ = *s++; + if (s[-1] == '/' || s[-1] == '\\') { + // Skip all following slashes, backslashes and double-dots + while (s[0] != '\0') { + if (s[0] == '/' || s[0] == '\\') { + s++; + } else if (s[0] == '.' && s[1] == '.') { + s += 2; + } else { + break; + } + } + } + } + *p = '\0'; +} + +static const struct { + const char *extension; + size_t ext_len; + const char *mime_type; +} builtin_mime_types[] = { + {".html", 5, "text/html"}, + {".htm", 4, "text/html"}, + {".shtm", 5, "text/html"}, + {".shtml", 6, "text/html"}, + {".css", 4, "text/css"}, + {".js", 3, "application/x-javascript"}, + {".ico", 4, "image/x-icon"}, + {".gif", 4, "image/gif"}, + {".jpg", 4, "image/jpeg"}, + {".jpeg", 5, "image/jpeg"}, + {".png", 4, "image/png"}, + {".svg", 4, "image/svg+xml"}, + {".txt", 4, "text/plain"}, + {".torrent", 8, "application/x-bittorrent"}, + {".wav", 4, "audio/x-wav"}, + {".mp3", 4, "audio/x-mp3"}, + {".mid", 4, "audio/mid"}, + {".m3u", 4, "audio/x-mpegurl"}, + {".ogg", 4, "audio/ogg"}, + {".ram", 4, "audio/x-pn-realaudio"}, + {".xml", 4, "text/xml"}, + {".json", 5, "text/json"}, + {".xslt", 5, "application/xml"}, + {".xsl", 4, "application/xml"}, + {".ra", 3, "audio/x-pn-realaudio"}, + {".doc", 4, "application/msword"}, + {".exe", 4, "application/octet-stream"}, + {".zip", 4, "application/x-zip-compressed"}, + {".xls", 4, "application/excel"}, + {".tgz", 4, "application/x-tar-gz"}, + {".tar", 4, "application/x-tar"}, + {".gz", 3, "application/x-gunzip"}, + {".arj", 4, "application/x-arj-compressed"}, + {".rar", 4, "application/x-arj-compressed"}, + {".rtf", 4, "application/rtf"}, + {".pdf", 4, "application/pdf"}, + {".swf", 4, "application/x-shockwave-flash"}, + {".mpg", 4, "video/mpeg"}, + {".webm", 5, "video/webm"}, + {".mpeg", 5, "video/mpeg"}, + {".mp4", 4, "video/mp4"}, + {".m4v", 4, "video/x-m4v"}, + {".asf", 4, "video/x-ms-asf"}, + {".avi", 4, "video/x-msvideo"}, + {".bmp", 4, "image/bmp"}, + {NULL, 0, NULL} +}; + +const char *mg_get_builtin_mime_type(const char *path) { + const char *ext; + size_t i, path_len; + + path_len = strlen(path); + + for (i = 0; builtin_mime_types[i].extension != NULL; i++) { + ext = path + (path_len - builtin_mime_types[i].ext_len); + if (path_len > builtin_mime_types[i].ext_len && + mg_strcasecmp(ext, builtin_mime_types[i].extension) == 0) { + return builtin_mime_types[i].mime_type; + } + } + + return "text/plain"; +} + +// Look at the "path" extension and figure what mime type it has. +// Store mime type in the vector. +static void get_mime_type(struct mg_context *ctx, const char *path, + struct vec *vec) { + struct vec ext_vec, mime_vec; + const char *list, *ext; + size_t path_len; + + path_len = strlen(path); + + // Scan user-defined mime types first, in case user wants to + // override default mime types. + list = ctx->config[EXTRA_MIME_TYPES]; + while ((list = next_option(list, &ext_vec, &mime_vec)) != NULL) { + // ext now points to the path suffix + ext = path + path_len - ext_vec.len; + if (mg_strncasecmp(ext, ext_vec.ptr, ext_vec.len) == 0) { + *vec = mime_vec; + return; + } + } + + vec->ptr = mg_get_builtin_mime_type(path); + vec->len = strlen(vec->ptr); +} + +static int is_big_endian(void) { + static const int n = 1; + return ((char *) &n)[0] == 0; +} + +#ifndef HAVE_MD5 +typedef struct MD5Context { + uint32_t buf[4]; + uint32_t bits[2]; + unsigned char in[64]; +} MD5_CTX; + +static void byteReverse(unsigned char *buf, unsigned longs) { + uint32_t t; + + // Forrest: MD5 expect LITTLE_ENDIAN, swap if BIG_ENDIAN + if (is_big_endian()) { + do { + t = (uint32_t) ((unsigned) buf[3] << 8 | buf[2]) << 16 | + ((unsigned) buf[1] << 8 | buf[0]); + * (uint32_t *) buf = t; + buf += 4; + } while (--longs); + } +} + +#define F1(x, y, z) (z ^ (x & (y ^ z))) +#define F2(x, y, z) F1(z, x, y) +#define F3(x, y, z) (x ^ y ^ z) +#define F4(x, y, z) (y ^ (x | ~z)) + +#define MD5STEP(f, w, x, y, z, data, s) \ + ( w += f(x, y, z) + data, w = w<>(32-s), w += x ) + +// Start MD5 accumulation. Set bit count to 0 and buffer to mysterious +// initialization constants. +static void MD5Init(MD5_CTX *ctx) { + ctx->buf[0] = 0x67452301; + ctx->buf[1] = 0xefcdab89; + ctx->buf[2] = 0x98badcfe; + ctx->buf[3] = 0x10325476; + + ctx->bits[0] = 0; + ctx->bits[1] = 0; +} + +static void MD5Transform(uint32_t buf[4], uint32_t const in[16]) { + register uint32_t a, b, c, d; + + a = buf[0]; + b = buf[1]; + c = buf[2]; + d = buf[3]; + + MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); + MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); + MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); + MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); + MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); + MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); + MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); + MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); + MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); + MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); + MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); + MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); + MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); + MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); + MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); + MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); + + MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); + MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); + MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); + MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); + MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); + MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); + MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); + MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); + MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); + MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); + MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); + MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); + MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); + MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); + MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); + MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); + + MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); + MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); + MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); + MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); + MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); + MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); + MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); + MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); + MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); + MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); + MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); + MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); + MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); + MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); + MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); + MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); + + MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); + MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); + MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); + MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); + MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); + MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); + MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); + MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); + MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); + MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); + MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); + MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); + MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); + MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); + MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); + MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); + + buf[0] += a; + buf[1] += b; + buf[2] += c; + buf[3] += d; +} + +static void MD5Update(MD5_CTX *ctx, unsigned char const *buf, unsigned len) { + uint32_t t; + + t = ctx->bits[0]; + if ((ctx->bits[0] = t + ((uint32_t) len << 3)) < t) + ctx->bits[1]++; + ctx->bits[1] += len >> 29; + + t = (t >> 3) & 0x3f; + + if (t) { + unsigned char *p = (unsigned char *) ctx->in + t; + + t = 64 - t; + if (len < t) { + memcpy(p, buf, len); + return; + } + memcpy(p, buf, t); + byteReverse(ctx->in, 16); + MD5Transform(ctx->buf, (uint32_t *) ctx->in); + buf += t; + len -= t; + } + + while (len >= 64) { + memcpy(ctx->in, buf, 64); + byteReverse(ctx->in, 16); + MD5Transform(ctx->buf, (uint32_t *) ctx->in); + buf += 64; + len -= 64; + } + + memcpy(ctx->in, buf, len); +} + +static void MD5Final(unsigned char digest[16], MD5_CTX *ctx) { + unsigned count; + unsigned char *p; + + count = (ctx->bits[0] >> 3) & 0x3F; + + p = ctx->in + count; + *p++ = 0x80; + count = 64 - 1 - count; + if (count < 8) { + memset(p, 0, count); + byteReverse(ctx->in, 16); + MD5Transform(ctx->buf, (uint32_t *) ctx->in); + memset(ctx->in, 0, 56); + } else { + memset(p, 0, count - 8); + } + byteReverse(ctx->in, 14); + + ((uint32_t *) ctx->in)[14] = ctx->bits[0]; + ((uint32_t *) ctx->in)[15] = ctx->bits[1]; + + MD5Transform(ctx->buf, (uint32_t *) ctx->in); + byteReverse((unsigned char *) ctx->buf, 4); + memcpy(digest, ctx->buf, 16); + memset((char *) ctx, 0, sizeof(*ctx)); +} +#endif // !HAVE_MD5 + +// Stringify binary data. Output buffer must be twice as big as input, +// because each byte takes 2 bytes in string representation +static void bin2str(char *to, const unsigned char *p, size_t len) { + static const char *hex = "0123456789abcdef"; + + for (; len--; p++) { + *to++ = hex[p[0] >> 4]; + *to++ = hex[p[0] & 0x0f]; + } + *to = '\0'; +} + +// Return stringified MD5 hash for list of strings. Buffer must be 33 bytes. +void mg_md5(char buf[33], ...) { + unsigned char hash[16]; + const char *p; + va_list ap; + MD5_CTX ctx; + + MD5Init(&ctx); + + va_start(ap, buf); + while ((p = va_arg(ap, const char *)) != NULL) { + MD5Update(&ctx, (const unsigned char *) p, (unsigned) strlen(p)); + } + va_end(ap); + + MD5Final(hash, &ctx); + bin2str(buf, hash, sizeof(hash)); +} + +// Check the user's password, return 1 if OK +static int check_password(const char *method, const char *ha1, const char *uri, + const char *nonce, const char *nc, const char *cnonce, + const char *qop, const char *response) { + char ha2[32 + 1], expected_response[32 + 1]; + + // Some of the parameters may be NULL + if (method == NULL || nonce == NULL || nc == NULL || cnonce == NULL || + qop == NULL || response == NULL) { + return 0; + } + + // NOTE(lsm): due to a bug in MSIE, we do not compare the URI + // TODO(lsm): check for authentication timeout + if (// strcmp(dig->uri, c->ouri) != 0 || + strlen(response) != 32 + // || now - strtoul(dig->nonce, NULL, 10) > 3600 + ) { + return 0; + } + + mg_md5(ha2, method, ":", uri, NULL); + mg_md5(expected_response, ha1, ":", nonce, ":", nc, + ":", cnonce, ":", qop, ":", ha2, NULL); + + return mg_strcasecmp(response, expected_response) == 0; +} + +// Use the global passwords file, if specified by auth_gpass option, +// or search for .htpasswd in the requested directory. +static void open_auth_file(struct mg_connection *conn, const char *path, + struct file *filep) { + char name[PATH_MAX]; + const char *p, *e, *gpass = conn->ctx->config[GLOBAL_PASSWORDS_FILE]; + + if (gpass != NULL) { + // Use global passwords file + if (!mg_fopen(conn, gpass, "r", filep)) { + cry(conn, "fopen(%s): %s", gpass, strerror(ERRNO)); + } + } else if (mg_stat(conn, path, filep) && filep->is_directory) { + mg_snprintf(conn, name, sizeof(name), "%s%c%s", + path, '/', PASSWORDS_FILE_NAME); + mg_fopen(conn, name, "r", filep); + } else { + // Try to find .htpasswd in requested directory. + for (p = path, e = p + strlen(p) - 1; e > p; e--) + if (e[0] == '/') + break; + mg_snprintf(conn, name, sizeof(name), "%.*s%c%s", + (int) (e - p), p, '/', PASSWORDS_FILE_NAME); + mg_fopen(conn, name, "r", filep); + } +} + +// Parsed Authorization header +struct ah { + char *user, *uri, *cnonce, *response, *qop, *nc, *nonce; +}; + +// Return 1 on success. Always initializes the ah structure. +static int parse_auth_header(struct mg_connection *conn, char *buf, + size_t buf_size, struct ah *ah) { + char *name, *value, *s; + const char *auth_header; + + (void) memset(ah, 0, sizeof(*ah)); + if ((auth_header = mg_get_header(conn, "Authorization")) == NULL || + mg_strncasecmp(auth_header, "Digest ", 7) != 0) { + return 0; + } + + // Make modifiable copy of the auth header + (void) mg_strlcpy(buf, auth_header + 7, buf_size); + s = buf; + + // Parse authorization header + for (;;) { + // Gobble initial spaces + while (isspace(* (unsigned char *) s)) { + s++; + } + name = skip_quoted(&s, "=", " ", 0); + // Value is either quote-delimited, or ends at first comma or space. + if (s[0] == '\"') { + s++; + value = skip_quoted(&s, "\"", " ", '\\'); + if (s[0] == ',') { + s++; + } + } else { + value = skip_quoted(&s, ", ", " ", 0); // IE uses commas, FF uses spaces + } + if (*name == '\0') { + break; + } + + if (!strcmp(name, "username")) { + ah->user = value; + } else if (!strcmp(name, "cnonce")) { + ah->cnonce = value; + } else if (!strcmp(name, "response")) { + ah->response = value; + } else if (!strcmp(name, "uri")) { + ah->uri = value; + } else if (!strcmp(name, "qop")) { + ah->qop = value; + } else if (!strcmp(name, "nc")) { + ah->nc = value; + } else if (!strcmp(name, "nonce")) { + ah->nonce = value; + } + } + + // CGI needs it as REMOTE_USER + if (ah->user != NULL) { + conn->request_info.remote_user = mg_strdup(ah->user); + } else { + return 0; + } + + return 1; +} + +static char *mg_fgets(char *buf, size_t size, struct file *filep, char **p) { + char *eof; + size_t len; + + if (filep->membuf != NULL && *p != NULL) { + eof = memchr(*p, '\n', &filep->membuf[filep->size] - *p); + len = (size_t) (eof - *p) > size - 1 ? size - 1 : (size_t) (eof - *p); + memcpy(buf, *p, len); + buf[len] = '\0'; + *p = eof; + return eof; + } else if (filep->fp != NULL) { + return fgets(buf, size, filep->fp); + } else { + return NULL; + } +} + +// Authorize against the opened passwords file. Return 1 if authorized. +static int authorize(struct mg_connection *conn, struct file *filep) { + struct ah ah; + char line[256], f_user[256], ha1[256], f_domain[256], buf[MG_BUF_LEN], *p; + + if (!parse_auth_header(conn, buf, sizeof(buf), &ah)) { + return 0; + } + + // Loop over passwords file + p = (char *) filep->membuf; + while (mg_fgets(line, sizeof(line), filep, &p) != NULL) { + if (sscanf(line, "%[^:]:%[^:]:%s", f_user, f_domain, ha1) != 3) { + continue; + } + + if (!strcmp(ah.user, f_user) && + !strcmp(conn->ctx->config[AUTHENTICATION_DOMAIN], f_domain)) + return check_password(conn->request_info.request_method, ha1, ah.uri, + ah.nonce, ah.nc, ah.cnonce, ah.qop, ah.response); + } + + return 0; +} + +// Return 1 if request is authorised, 0 otherwise. +static int check_authorization(struct mg_connection *conn, const char *path) { + char fname[PATH_MAX]; + struct vec uri_vec, filename_vec; + const char *list; + struct file file = STRUCT_FILE_INITIALIZER; + int authorized = 1; + + list = conn->ctx->config[PROTECT_URI]; + while ((list = next_option(list, &uri_vec, &filename_vec)) != NULL) { + if (!memcmp(conn->request_info.uri, uri_vec.ptr, uri_vec.len)) { + mg_snprintf(conn, fname, sizeof(fname), "%.*s", + (int) filename_vec.len, filename_vec.ptr); + if (!mg_fopen(conn, fname, "r", &file)) { + cry(conn, "%s: cannot open %s: %s", __func__, fname, strerror(errno)); + } + break; + } + } + + if (!is_file_opened(&file)) { + open_auth_file(conn, path, &file); + } + + if (is_file_opened(&file)) { + authorized = authorize(conn, &file); + mg_fclose(&file); + } + + return authorized; +} + +static void send_authorization_request(struct mg_connection *conn) { + conn->status_code = 401; + mg_printf(conn, + "HTTP/1.1 401 Unauthorized\r\n" + "Content-Length: 0\r\n" + "WWW-Authenticate: Digest qop=\"auth\", " + "realm=\"%s\", nonce=\"%lu\"\r\n\r\n", + conn->ctx->config[AUTHENTICATION_DOMAIN], + (unsigned long) time(NULL)); +} + +static int is_authorized_for_put(struct mg_connection *conn) { + struct file file = STRUCT_FILE_INITIALIZER; + const char *passfile = conn->ctx->config[PUT_DELETE_PASSWORDS_FILE]; + int ret = 0; + + if (passfile != NULL && mg_fopen(conn, passfile, "r", &file)) { + ret = authorize(conn, &file); + mg_fclose(&file); + } + + return ret; +} + +int mg_modify_passwords_file(const char *fname, const char *domain, + const char *user, const char *pass) { + int found; + char line[512], u[512], d[512], ha1[33], tmp[PATH_MAX]; + FILE *fp, *fp2; + + found = 0; + fp = fp2 = NULL; + + // Regard empty password as no password - remove user record. + if (pass != NULL && pass[0] == '\0') { + pass = NULL; + } + + (void) snprintf(tmp, sizeof(tmp), "%s.tmp", fname); + + // Create the file if does not exist + if ((fp = fopen(fname, "a+")) != NULL) { + (void) fclose(fp); + } + + // Open the given file and temporary file + if ((fp = fopen(fname, "r")) == NULL) { + return 0; + } else if ((fp2 = fopen(tmp, "w+")) == NULL) { + fclose(fp); + return 0; + } + + // Copy the stuff to temporary file + while (fgets(line, sizeof(line), fp) != NULL) { + if (sscanf(line, "%[^:]:%[^:]:%*s", u, d) != 2) { + continue; + } + + if (!strcmp(u, user) && !strcmp(d, domain)) { + found++; + if (pass != NULL) { + mg_md5(ha1, user, ":", domain, ":", pass, NULL); + fprintf(fp2, "%s:%s:%s\n", user, domain, ha1); + } + } else { + fprintf(fp2, "%s", line); + } + } + + // If new user, just add it + if (!found && pass != NULL) { + mg_md5(ha1, user, ":", domain, ":", pass, NULL); + fprintf(fp2, "%s:%s:%s\n", user, domain, ha1); + } + + // Close files + fclose(fp); + fclose(fp2); + + // Put the temp file in place of real file + remove(fname); + rename(tmp, fname); + + return 1; +} + +struct de { + struct mg_connection *conn; + char *file_name; + struct file file; +}; + +static void url_encode(const char *src, char *dst, size_t dst_len) { + static const char *dont_escape = "._-$,;~()"; + static const char *hex = "0123456789abcdef"; + const char *end = dst + dst_len - 1; + + for (; *src != '\0' && dst < end; src++, dst++) { + if (isalnum(*(const unsigned char *) src) || + strchr(dont_escape, * (const unsigned char *) src) != NULL) { + *dst = *src; + } else if (dst + 2 < end) { + dst[0] = '%'; + dst[1] = hex[(* (const unsigned char *) src) >> 4]; + dst[2] = hex[(* (const unsigned char *) src) & 0xf]; + dst += 2; + } + } + + *dst = '\0'; +} + +static void print_dir_entry(struct de *de) { + char size[64], mod[64], href[PATH_MAX]; + + if (de->file.is_directory) { + mg_snprintf(de->conn, size, sizeof(size), "%s", "[DIRECTORY]"); + } else { + // We use (signed) cast below because MSVC 6 compiler cannot + // convert unsigned __int64 to double. Sigh. + if (de->file.size < 1024) { + mg_snprintf(de->conn, size, sizeof(size), "%d", (int) de->file.size); + } else if (de->file.size < 0x100000) { + mg_snprintf(de->conn, size, sizeof(size), + "%.1fk", (double) de->file.size / 1024.0); + } else if (de->file.size < 0x40000000) { + mg_snprintf(de->conn, size, sizeof(size), + "%.1fM", (double) de->file.size / 1048576); + } else { + mg_snprintf(de->conn, size, sizeof(size), + "%.1fG", (double) de->file.size / 1073741824); + } + } + strftime(mod, sizeof(mod), "%d-%b-%Y %H:%M", + localtime(&de->file.modification_time)); + url_encode(de->file_name, href, sizeof(href)); + de->conn->num_bytes_sent += mg_printf(de->conn, + "%s%s" + " %s  %s\n", + de->conn->request_info.uri, href, de->file.is_directory ? "/" : "", + de->file_name, de->file.is_directory ? "/" : "", mod, size); +} + +// This function is called from send_directory() and used for +// sorting directory entries by size, or name, or modification time. +// On windows, __cdecl specification is needed in case if project is built +// with __stdcall convention. qsort always requires __cdels callback. +static int WINCDECL compare_dir_entries(const void *p1, const void *p2) { + const struct de *a = (const struct de *) p1, *b = (const struct de *) p2; + const char *query_string = a->conn->request_info.query_string; + int cmp_result = 0; + + if (query_string == NULL) { + query_string = "na"; + } + + if (a->file.is_directory && !b->file.is_directory) { + return -1; // Always put directories on top + } else if (!a->file.is_directory && b->file.is_directory) { + return 1; // Always put directories on top + } else if (*query_string == 'n') { + cmp_result = strcmp(a->file_name, b->file_name); + } else if (*query_string == 's') { + cmp_result = a->file.size == b->file.size ? 0 : + a->file.size > b->file.size ? 1 : -1; + } else if (*query_string == 'd') { + cmp_result = a->file.modification_time == b->file.modification_time ? 0 : + a->file.modification_time > b->file.modification_time ? 1 : -1; + } + + return query_string[1] == 'd' ? -cmp_result : cmp_result; +} + +static int must_hide_file(struct mg_connection *conn, const char *path) { + const char *pw_pattern = "**" PASSWORDS_FILE_NAME "$"; + const char *pattern = conn->ctx->config[HIDE_FILES]; + return match_prefix(pw_pattern, strlen(pw_pattern), path) > 0 || + (pattern != NULL && match_prefix(pattern, strlen(pattern), path) > 0); +} + +static int scan_directory(struct mg_connection *conn, const char *dir, + void *data, void (*cb)(struct de *, void *)) { + char path[PATH_MAX]; + struct dirent *dp; + DIR *dirp; + struct de de; + + if ((dirp = opendir(dir)) == NULL) { + return 0; + } else { + de.conn = conn; + + while ((dp = readdir(dirp)) != NULL) { + // Do not show current dir and hidden files + if (!strcmp(dp->d_name, ".") || + !strcmp(dp->d_name, "..") || + must_hide_file(conn, dp->d_name)) { + continue; + } + + mg_snprintf(conn, path, sizeof(path), "%s%c%s", dir, '/', dp->d_name); + + // If we don't memset stat structure to zero, mtime will have + // garbage and strftime() will segfault later on in + // print_dir_entry(). memset is required only if mg_stat() + // fails. For more details, see + // http://code.google.com/p/mongoose/issues/detail?id=79 + memset(&de.file, 0, sizeof(de.file)); + mg_stat(conn, path, &de.file); + + de.file_name = dp->d_name; + cb(&de, data); + } + (void) closedir(dirp); + } + return 1; +} + +struct dir_scan_data { + struct de *entries; + int num_entries; + int arr_size; +}; + +static void dir_scan_callback(struct de *de, void *data) { + struct dir_scan_data *dsd = (struct dir_scan_data *) data; + + if (dsd->entries == NULL || dsd->num_entries >= dsd->arr_size) { + dsd->arr_size *= 2; + dsd->entries = (struct de *) realloc(dsd->entries, dsd->arr_size * + sizeof(dsd->entries[0])); + } + if (dsd->entries == NULL) { + // TODO(lsm): propagate an error to the caller + dsd->num_entries = 0; + } else { + dsd->entries[dsd->num_entries].file_name = mg_strdup(de->file_name); + dsd->entries[dsd->num_entries].file = de->file; + dsd->entries[dsd->num_entries].conn = de->conn; + dsd->num_entries++; + } +} + +static void handle_directory_request(struct mg_connection *conn, + const char *dir) { + int i, sort_direction; + struct dir_scan_data data = { NULL, 0, 128 }; + + if (!scan_directory(conn, dir, &data, dir_scan_callback)) { + send_http_error(conn, 500, "Cannot open directory", + "Error: opendir(%s): %s", dir, strerror(ERRNO)); + return; + } + + sort_direction = conn->request_info.query_string != NULL && + conn->request_info.query_string[1] == 'd' ? 'a' : 'd'; + + conn->must_close = 1; + mg_printf(conn, "%s", + "HTTP/1.1 200 OK\r\n" + "Connection: close\r\n" + "Content-Type: text/html; charset=utf-8\r\n\r\n"); + + conn->num_bytes_sent += mg_printf(conn, + "Index of %s" + "" + "

Index of %s

"
+      ""
+      ""
+      ""
+      "",
+      conn->request_info.uri, conn->request_info.uri,
+      sort_direction, sort_direction, sort_direction);
+
+  // Print first entry - link to a parent directory
+  conn->num_bytes_sent += mg_printf(conn,
+      ""
+      "\n",
+      conn->request_info.uri, "..", "Parent directory", "-", "-");
+
+  // Sort and print directory entries
+  qsort(data.entries, (size_t) data.num_entries, sizeof(data.entries[0]),
+        compare_dir_entries);
+  for (i = 0; i < data.num_entries; i++) {
+    print_dir_entry(&data.entries[i]);
+    free(data.entries[i].file_name);
+  }
+  free(data.entries);
+
+  conn->num_bytes_sent += mg_printf(conn, "%s", "
NameModifiedSize

%s %s  %s
"); + conn->status_code = 200; +} + +// Send len bytes from the opened file to the client. +static void send_file_data(struct mg_connection *conn, struct file *filep, + int64_t offset, int64_t len) { + char buf[MG_BUF_LEN]; + int to_read, num_read, num_written; + + if (len > 0 && filep->membuf != NULL && filep->size > 0) { + if (len > filep->size - offset) { + len = filep->size - offset; + } + mg_write(conn, filep->membuf + offset, (size_t) len); + } else if (len > 0 && filep->fp != NULL) { + fseeko(filep->fp, offset, SEEK_SET); + while (len > 0) { + // Calculate how much to read from the file in the buffer + to_read = sizeof(buf); + if ((int64_t) to_read > len) { + to_read = (int) len; + } + + // Read from file, exit the loop on error + if ((num_read = fread(buf, 1, (size_t) to_read, filep->fp)) <= 0) { + break; + } + + // Send read bytes to the client, exit the loop on error + if ((num_written = mg_write(conn, buf, (size_t) num_read)) != num_read) { + break; + } + + // Both read and were successful, adjust counters + conn->num_bytes_sent += num_written; + len -= num_written; + } + } +} + +static int parse_range_header(const char *header, int64_t *a, int64_t *b) { + return sscanf(header, "bytes=%" INT64_FMT "-%" INT64_FMT, a, b); +} + +static void gmt_time_string(char *buf, size_t buf_len, time_t *t) { + strftime(buf, buf_len, "%a, %d %b %Y %H:%M:%S GMT", gmtime(t)); +} + +static void construct_etag(char *buf, size_t buf_len, + const struct file *filep) { + snprintf(buf, buf_len, "\"%lx.%" INT64_FMT "\"", + (unsigned long) filep->modification_time, filep->size); +} + +static void fclose_on_exec(struct file *filep) { + if (filep != NULL && filep->fp != NULL) { +#ifndef _WIN32 + fcntl(fileno(filep->fp), F_SETFD, FD_CLOEXEC); +#endif + } +} + +static void handle_file_request(struct mg_connection *conn, const char *path, + struct file *filep) { + char date[64], lm[64], etag[64], range[64]; + const char *msg = "OK", *hdr; + time_t curtime = time(NULL); + int64_t cl, r1, r2; + struct vec mime_vec; + int n; + + get_mime_type(conn->ctx, path, &mime_vec); + cl = filep->size; + conn->status_code = 200; + range[0] = '\0'; + + if (!mg_fopen(conn, path, "rb", filep)) { + send_http_error(conn, 500, http_500_error, + "fopen(%s): %s", path, strerror(ERRNO)); + return; + } + fclose_on_exec(filep); + + // If Range: header specified, act accordingly + r1 = r2 = 0; + hdr = mg_get_header(conn, "Range"); + if (hdr != NULL && (n = parse_range_header(hdr, &r1, &r2)) > 0 && + r1 >= 0 && r2 > 0) { + conn->status_code = 206; + cl = n == 2 ? (r2 > cl ? cl : r2) - r1 + 1: cl - r1; + mg_snprintf(conn, range, sizeof(range), + "Content-Range: bytes " + "%" INT64_FMT "-%" + INT64_FMT "/%" INT64_FMT "\r\n", + r1, r1 + cl - 1, filep->size); + msg = "Partial Content"; + } + + // Prepare Etag, Date, Last-Modified headers. Must be in UTC, according to + // http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.3 + gmt_time_string(date, sizeof(date), &curtime); + gmt_time_string(lm, sizeof(lm), &filep->modification_time); + construct_etag(etag, sizeof(etag), filep); + + (void) mg_printf(conn, + "HTTP/1.1 %d %s\r\n" + "Date: %s\r\n" + "Last-Modified: %s\r\n" + "Etag: %s\r\n" + "Content-Type: %.*s\r\n" + "Content-Length: %" INT64_FMT "\r\n" + "Connection: %s\r\n" + "Accept-Ranges: bytes\r\n" + "%s\r\n", + conn->status_code, msg, date, lm, etag, (int) mime_vec.len, + mime_vec.ptr, cl, suggest_connection_header(conn), range); + + if (strcmp(conn->request_info.request_method, "HEAD") != 0) { + send_file_data(conn, filep, r1, cl); + } + mg_fclose(filep); +} + +void mg_send_file(struct mg_connection *conn, const char *path) { + struct file file = STRUCT_FILE_INITIALIZER; + if (mg_stat(conn, path, &file)) { + handle_file_request(conn, path, &file); + } else { + send_http_error(conn, 404, "Not Found", "%s", "File not found"); + } +} + + +// Parse HTTP headers from the given buffer, advance buffer to the point +// where parsing stopped. +static void parse_http_headers(char **buf, struct mg_request_info *ri) { + int i; + + for (i = 0; i < (int) ARRAY_SIZE(ri->http_headers); i++) { + ri->http_headers[i].name = skip_quoted(buf, ":", " ", 0); + ri->http_headers[i].value = skip(buf, "\r\n"); + if (ri->http_headers[i].name[0] == '\0') + break; + ri->num_headers = i + 1; + } +} + +static int is_valid_http_method(const char *method) { + return !strcmp(method, "GET") || !strcmp(method, "POST") || + !strcmp(method, "HEAD") || !strcmp(method, "CONNECT") || + !strcmp(method, "PUT") || !strcmp(method, "DELETE") || + !strcmp(method, "OPTIONS") || !strcmp(method, "PROPFIND"); +} + +// Parse HTTP request, fill in mg_request_info structure. +// This function modifies the buffer by NUL-terminating +// HTTP request components, header names and header values. +static int parse_http_message(char *buf, int len, struct mg_request_info *ri) { + int is_request, request_length = get_request_len(buf, len); + if (request_length > 0) { + // Reset attributes. DO NOT TOUCH is_ssl, remote_ip, remote_port + ri->remote_user = ri->request_method = ri->uri = ri->http_version = NULL; + ri->num_headers = 0; + + buf[request_length - 1] = '\0'; + + // RFC says that all initial whitespaces should be ingored + while (*buf != '\0' && isspace(* (unsigned char *) buf)) { + buf++; + } + ri->request_method = skip(&buf, " "); + ri->uri = skip(&buf, " "); + ri->http_version = skip(&buf, "\r\n"); + if (((is_request = is_valid_http_method(ri->request_method)) && + memcmp(ri->http_version, "HTTP/", 5) != 0) || + (!is_request && memcmp(ri->request_method, "HTTP/", 5)) != 0) { + request_length = -1; + } else { + if (is_request) { + ri->http_version += 5; + } + parse_http_headers(&buf, ri); + } + } + return request_length; +} + +// Keep reading the input (either opened file descriptor fd, or socket sock, +// or SSL descriptor ssl) into buffer buf, until \r\n\r\n appears in the +// buffer (which marks the end of HTTP request). Buffer buf may already +// have some data. The length of the data is stored in nread. +// Upon every read operation, increase nread by the number of bytes read. +static int read_request(FILE *fp, struct mg_connection *conn, + char *buf, int bufsiz, int *nread) { + int request_len, n = 0; + + request_len = get_request_len(buf, *nread); + while (*nread < bufsiz && request_len == 0 && + (n = pull(fp, conn, buf + *nread, bufsiz - *nread)) > 0) { + *nread += n; + request_len = get_request_len(buf, *nread); + } + + return request_len <= 0 && n <= 0 ? -1 : request_len; +} + +// For given directory path, substitute it to valid index file. +// Return 0 if index file has been found, -1 if not found. +// If the file is found, it's stats is returned in stp. +static int substitute_index_file(struct mg_connection *conn, char *path, + size_t path_len, struct file *filep) { + const char *list = conn->ctx->config[INDEX_FILES]; + struct file file = STRUCT_FILE_INITIALIZER; + struct vec filename_vec; + size_t n = strlen(path); + int found = 0; + + // The 'path' given to us points to the directory. Remove all trailing + // directory separator characters from the end of the path, and + // then append single directory separator character. + while (n > 0 && path[n - 1] == '/') { + n--; + } + path[n] = '/'; + + // Traverse index files list. For each entry, append it to the given + // path and see if the file exists. If it exists, break the loop + while ((list = next_option(list, &filename_vec, NULL)) != NULL) { + + // Ignore too long entries that may overflow path buffer + if (filename_vec.len > path_len - (n + 2)) + continue; + + // Prepare full path to the index file + mg_strlcpy(path + n + 1, filename_vec.ptr, filename_vec.len + 1); + + // Does it exist? + if (mg_stat(conn, path, &file)) { + // Yes it does, break the loop + *filep = file; + found = 1; + break; + } + } + + // If no index file exists, restore directory path + if (!found) { + path[n] = '\0'; + } + + return found; +} + +// Return True if we should reply 304 Not Modified. +static int is_not_modified(const struct mg_connection *conn, + const struct file *filep) { + char etag[64]; + const char *ims = mg_get_header(conn, "If-Modified-Since"); + const char *inm = mg_get_header(conn, "If-None-Match"); + construct_etag(etag, sizeof(etag), filep); + return (inm != NULL && !mg_strcasecmp(etag, inm)) || + (ims != NULL && filep->modification_time <= parse_date_string(ims)); +} + +static int forward_body_data(struct mg_connection *conn, FILE *fp, + SOCKET sock, SSL *ssl) { + const char *expect, *body; + char buf[MG_BUF_LEN]; + int to_read, nread, buffered_len, success = 0; + + expect = mg_get_header(conn, "Expect"); + assert(fp != NULL); + + if (conn->content_len == -1) { + send_http_error(conn, 411, "Length Required", "%s", ""); + } else if (expect != NULL && mg_strcasecmp(expect, "100-continue")) { + send_http_error(conn, 417, "Expectation Failed", "%s", ""); + } else { + if (expect != NULL) { + (void) mg_printf(conn, "%s", "HTTP/1.1 100 Continue\r\n\r\n"); + } + + body = conn->buf + conn->request_len + conn->consumed_content; + buffered_len = &conn->buf[conn->data_len] - body; + assert(buffered_len >= 0); + assert(conn->consumed_content == 0); + + if (buffered_len > 0) { + if ((int64_t) buffered_len > conn->content_len) { + buffered_len = (int) conn->content_len; + } + push(fp, sock, ssl, body, (int64_t) buffered_len); + conn->consumed_content += buffered_len; + } + + nread = 0; + while (conn->consumed_content < conn->content_len) { + to_read = sizeof(buf); + if ((int64_t) to_read > conn->content_len - conn->consumed_content) { + to_read = (int) (conn->content_len - conn->consumed_content); + } + nread = pull(NULL, conn, buf, to_read); + if (nread <= 0 || push(fp, sock, ssl, buf, nread) != nread) { + break; + } + conn->consumed_content += nread; + } + + if (conn->consumed_content == conn->content_len) { + success = nread >= 0; + } + + // Each error code path in this function must send an error + if (!success) { + send_http_error(conn, 577, http_500_error, "%s", ""); + } + } + + return success; +} + +#if !defined(NO_CGI) +// This structure helps to create an environment for the spawned CGI program. +// Environment is an array of "VARIABLE=VALUE\0" ASCIIZ strings, +// last element must be NULL. +// However, on Windows there is a requirement that all these VARIABLE=VALUE\0 +// strings must reside in a contiguous buffer. The end of the buffer is +// marked by two '\0' characters. +// We satisfy both worlds: we create an envp array (which is vars), all +// entries are actually pointers inside buf. +struct cgi_env_block { + struct mg_connection *conn; + char buf[CGI_ENVIRONMENT_SIZE]; // Environment buffer + int len; // Space taken + char *vars[MAX_CGI_ENVIR_VARS]; // char **envp + int nvars; // Number of variables +}; + +static char *addenv(struct cgi_env_block *block, + PRINTF_FORMAT_STRING(const char *fmt), ...) + PRINTF_ARGS(2, 3); + +// Append VARIABLE=VALUE\0 string to the buffer, and add a respective +// pointer into the vars array. +static char *addenv(struct cgi_env_block *block, const char *fmt, ...) { + int n, space; + char *added; + va_list ap; + + // Calculate how much space is left in the buffer + space = sizeof(block->buf) - block->len - 2; + assert(space >= 0); + + // Make a pointer to the free space int the buffer + added = block->buf + block->len; + + // Copy VARIABLE=VALUE\0 string into the free space + va_start(ap, fmt); + n = mg_vsnprintf(block->conn, added, (size_t) space, fmt, ap); + va_end(ap); + + // Make sure we do not overflow buffer and the envp array + if (n > 0 && n + 1 < space && + block->nvars < (int) ARRAY_SIZE(block->vars) - 2) { + // Append a pointer to the added string into the envp array + block->vars[block->nvars++] = added; + // Bump up used length counter. Include \0 terminator + block->len += n + 1; + } else { + cry(block->conn, "%s: CGI env buffer truncated for [%s]", __func__, fmt); + } + + return added; +} + +static void prepare_cgi_environment(struct mg_connection *conn, + const char *prog, + struct cgi_env_block *blk) { + const char *s, *slash; + struct vec var_vec; + char *p, src_addr[20]; + int i; + + blk->len = blk->nvars = 0; + blk->conn = conn; + sockaddr_to_string(src_addr, sizeof(src_addr), &conn->client.rsa); + + addenv(blk, "SERVER_NAME=%s", conn->ctx->config[AUTHENTICATION_DOMAIN]); + addenv(blk, "SERVER_ROOT=%s", conn->ctx->config[DOCUMENT_ROOT]); + addenv(blk, "DOCUMENT_ROOT=%s", conn->ctx->config[DOCUMENT_ROOT]); + + // Prepare the environment block + addenv(blk, "%s", "GATEWAY_INTERFACE=CGI/1.1"); + addenv(blk, "%s", "SERVER_PROTOCOL=HTTP/1.1"); + addenv(blk, "%s", "REDIRECT_STATUS=200"); // For PHP + + // TODO(lsm): fix this for IPv6 case + addenv(blk, "SERVER_PORT=%d", ntohs(conn->client.lsa.sin.sin_port)); + + addenv(blk, "REQUEST_METHOD=%s", conn->request_info.request_method); + addenv(blk, "REMOTE_ADDR=%s", src_addr); + addenv(blk, "REMOTE_PORT=%d", conn->request_info.remote_port); + addenv(blk, "REQUEST_URI=%s", conn->request_info.uri); + + // SCRIPT_NAME + assert(conn->request_info.uri[0] == '/'); + slash = strrchr(conn->request_info.uri, '/'); + if ((s = strrchr(prog, '/')) == NULL) + s = prog; + addenv(blk, "SCRIPT_NAME=%.*s%s", (int) (slash - conn->request_info.uri), + conn->request_info.uri, s); + + addenv(blk, "SCRIPT_FILENAME=%s", prog); + addenv(blk, "PATH_TRANSLATED=%s", prog); + addenv(blk, "HTTPS=%s", conn->ssl == NULL ? "off" : "on"); + + if ((s = mg_get_header(conn, "Content-Type")) != NULL) + addenv(blk, "CONTENT_TYPE=%s", s); + + if (conn->request_info.query_string != NULL) + addenv(blk, "QUERY_STRING=%s", conn->request_info.query_string); + + if ((s = mg_get_header(conn, "Content-Length")) != NULL) + addenv(blk, "CONTENT_LENGTH=%s", s); + + if ((s = getenv("PATH")) != NULL) + addenv(blk, "PATH=%s", s); + + if (conn->path_info != NULL) { + addenv(blk, "PATH_INFO=%s", conn->path_info); + } + +#if defined(_WIN32) + if ((s = getenv("COMSPEC")) != NULL) { + addenv(blk, "COMSPEC=%s", s); + } + if ((s = getenv("SYSTEMROOT")) != NULL) { + addenv(blk, "SYSTEMROOT=%s", s); + } + if ((s = getenv("SystemDrive")) != NULL) { + addenv(blk, "SystemDrive=%s", s); + } +#else + if ((s = getenv("LD_LIBRARY_PATH")) != NULL) + addenv(blk, "LD_LIBRARY_PATH=%s", s); +#endif // _WIN32 + + if ((s = getenv("PERLLIB")) != NULL) + addenv(blk, "PERLLIB=%s", s); + + if (conn->request_info.remote_user != NULL) { + addenv(blk, "REMOTE_USER=%s", conn->request_info.remote_user); + addenv(blk, "%s", "AUTH_TYPE=Digest"); + } + + // Add all headers as HTTP_* variables + for (i = 0; i < conn->request_info.num_headers; i++) { + p = addenv(blk, "HTTP_%s=%s", + conn->request_info.http_headers[i].name, + conn->request_info.http_headers[i].value); + + // Convert variable name into uppercase, and change - to _ + for (; *p != '=' && *p != '\0'; p++) { + if (*p == '-') + *p = '_'; + *p = (char) toupper(* (unsigned char *) p); + } + } + + // Add user-specified variables + s = conn->ctx->config[CGI_ENVIRONMENT]; + while ((s = next_option(s, &var_vec, NULL)) != NULL) { + addenv(blk, "%.*s", (int) var_vec.len, var_vec.ptr); + } + + blk->vars[blk->nvars++] = NULL; + blk->buf[blk->len++] = '\0'; + + assert(blk->nvars < (int) ARRAY_SIZE(blk->vars)); + assert(blk->len > 0); + assert(blk->len < (int) sizeof(blk->buf)); +} + +static void handle_cgi_request(struct mg_connection *conn, const char *prog) { + int headers_len, data_len, i, fd_stdin[2], fd_stdout[2]; + const char *status, *status_text; + char buf[16384], *pbuf, dir[PATH_MAX], *p; + struct mg_request_info ri; + struct cgi_env_block blk; + FILE *in, *out; + struct file fout = STRUCT_FILE_INITIALIZER; + pid_t pid; + + prepare_cgi_environment(conn, prog, &blk); + + // CGI must be executed in its own directory. 'dir' must point to the + // directory containing executable program, 'p' must point to the + // executable program name relative to 'dir'. + (void) mg_snprintf(conn, dir, sizeof(dir), "%s", prog); + if ((p = strrchr(dir, '/')) != NULL) { + *p++ = '\0'; + } else { + dir[0] = '.', dir[1] = '\0'; + p = (char *) prog; + } + + pid = (pid_t) -1; + fd_stdin[0] = fd_stdin[1] = fd_stdout[0] = fd_stdout[1] = -1; + in = out = NULL; + + if (pipe(fd_stdin) != 0 || pipe(fd_stdout) != 0) { + send_http_error(conn, 500, http_500_error, + "Cannot create CGI pipe: %s", strerror(ERRNO)); + goto done; + } + + pid = spawn_process(conn, p, blk.buf, blk.vars, fd_stdin[0], fd_stdout[1], + dir); + // spawn_process() must close those! + // If we don't mark them as closed, close() attempt before + // return from this function throws an exception on Windows. + // Windows does not like when closed descriptor is closed again. + fd_stdin[0] = fd_stdout[1] = -1; + + if (pid == (pid_t) -1) { + send_http_error(conn, 500, http_500_error, + "Cannot spawn CGI process [%s]: %s", prog, strerror(ERRNO)); + goto done; + } + + if ((in = fdopen(fd_stdin[1], "wb")) == NULL || + (out = fdopen(fd_stdout[0], "rb")) == NULL) { + send_http_error(conn, 500, http_500_error, + "fopen: %s", strerror(ERRNO)); + goto done; + } + + setbuf(in, NULL); + setbuf(out, NULL); + fout.fp = out; + + // Send POST data to the CGI process if needed + if (!strcmp(conn->request_info.request_method, "POST") && + !forward_body_data(conn, in, INVALID_SOCKET, NULL)) { + goto done; + } + + // Close so child gets an EOF. + fclose(in); + in = NULL; + fd_stdin[1] = -1; + + // Now read CGI reply into a buffer. We need to set correct + // status code, thus we need to see all HTTP headers first. + // Do not send anything back to client, until we buffer in all + // HTTP headers. + data_len = 0; + headers_len = read_request(out, conn, buf, sizeof(buf), &data_len); + if (headers_len <= 0) { + send_http_error(conn, 500, http_500_error, + "CGI program sent malformed or too big (>%u bytes) " + "HTTP headers: [%.*s]", + (unsigned) sizeof(buf), data_len, buf); + goto done; + } + pbuf = buf; + buf[headers_len - 1] = '\0'; + parse_http_headers(&pbuf, &ri); + + // Make up and send the status line + status_text = "OK"; + if ((status = get_header(&ri, "Status")) != NULL) { + conn->status_code = atoi(status); + status_text = status; + while (isdigit(* (unsigned char *) status_text) || *status_text == ' ') { + status_text++; + } + } else if (get_header(&ri, "Location") != NULL) { + conn->status_code = 302; + } else { + conn->status_code = 200; + } + if (get_header(&ri, "Connection") != NULL && + !mg_strcasecmp(get_header(&ri, "Connection"), "keep-alive")) { + conn->must_close = 1; + } + (void) mg_printf(conn, "HTTP/1.1 %d %s\r\n", conn->status_code, + status_text); + + // Send headers + for (i = 0; i < ri.num_headers; i++) { + mg_printf(conn, "%s: %s\r\n", + ri.http_headers[i].name, ri.http_headers[i].value); + } + mg_write(conn, "\r\n", 2); + + // Send chunk of data that may have been read after the headers + conn->num_bytes_sent += mg_write(conn, buf + headers_len, + (size_t)(data_len - headers_len)); + + // Read the rest of CGI output and send to the client + send_file_data(conn, &fout, 0, INT64_MAX); + +done: + if (pid != (pid_t) -1) { + kill(pid, SIGKILL); + } + if (fd_stdin[0] != -1) { + close(fd_stdin[0]); + } + if (fd_stdout[1] != -1) { + close(fd_stdout[1]); + } + + if (in != NULL) { + fclose(in); + } else if (fd_stdin[1] != -1) { + close(fd_stdin[1]); + } + + if (out != NULL) { + fclose(out); + } else if (fd_stdout[0] != -1) { + close(fd_stdout[0]); + } +} +#endif // !NO_CGI + +// For a given PUT path, create all intermediate subdirectories +// for given path. Return 0 if the path itself is a directory, +// or -1 on error, 1 if OK. +static int put_dir(struct mg_connection *conn, const char *path) { + char buf[PATH_MAX]; + const char *s, *p; + struct file file = STRUCT_FILE_INITIALIZER; + int len, res = 1; + + for (s = p = path + 2; (p = strchr(s, '/')) != NULL; s = ++p) { + len = p - path; + if (len >= (int) sizeof(buf)) { + res = -1; + break; + } + memcpy(buf, path, len); + buf[len] = '\0'; + + // Try to create intermediate directory + DEBUG_TRACE(("mkdir(%s)", buf)); + if (!mg_stat(conn, buf, &file) && mg_mkdir(buf, 0755) != 0) { + res = -1; + break; + } + + // Is path itself a directory? + if (p[1] == '\0') { + res = 0; + } + } + + return res; +} + +static void put_file(struct mg_connection *conn, const char *path) { + struct file file = STRUCT_FILE_INITIALIZER; + const char *range; + int64_t r1, r2; + int rc; + + conn->status_code = mg_stat(conn, path, &file) ? 200 : 201; + + if ((rc = put_dir(conn, path)) == 0) { + mg_printf(conn, "HTTP/1.1 %d OK\r\n\r\n", conn->status_code); + } else if (rc == -1) { + send_http_error(conn, 500, http_500_error, + "put_dir(%s): %s", path, strerror(ERRNO)); + } else if (!mg_fopen(conn, path, "wb+", &file) || file.fp == NULL) { + mg_fclose(&file); + send_http_error(conn, 500, http_500_error, + "fopen(%s): %s", path, strerror(ERRNO)); + } else { + fclose_on_exec(&file); + range = mg_get_header(conn, "Content-Range"); + r1 = r2 = 0; + if (range != NULL && parse_range_header(range, &r1, &r2) > 0) { + conn->status_code = 206; + fseeko(file.fp, r1, SEEK_SET); + } + if (forward_body_data(conn, file.fp, INVALID_SOCKET, NULL)) { + mg_printf(conn, "HTTP/1.1 %d OK\r\n\r\n", conn->status_code); + } + mg_fclose(&file); + } +} + +static void send_ssi_file(struct mg_connection *, const char *, + struct file *, int); + +static void do_ssi_include(struct mg_connection *conn, const char *ssi, + char *tag, int include_level) { + char file_name[MG_BUF_LEN], path[PATH_MAX], *p; + struct file file = STRUCT_FILE_INITIALIZER; + + // sscanf() is safe here, since send_ssi_file() also uses buffer + // of size MG_BUF_LEN to get the tag. So strlen(tag) is always < MG_BUF_LEN. + if (sscanf(tag, " virtual=\"%[^\"]\"", file_name) == 1) { + // File name is relative to the webserver root + (void) mg_snprintf(conn, path, sizeof(path), "%s%c%s", + conn->ctx->config[DOCUMENT_ROOT], '/', file_name); + } else if (sscanf(tag, " file=\"%[^\"]\"", file_name) == 1) { + // File name is relative to the webserver working directory + // or it is absolute system path + (void) mg_snprintf(conn, path, sizeof(path), "%s", file_name); + } else if (sscanf(tag, " \"%[^\"]\"", file_name) == 1) { + // File name is relative to the currect document + (void) mg_snprintf(conn, path, sizeof(path), "%s", ssi); + if ((p = strrchr(path, '/')) != NULL) { + p[1] = '\0'; + } + (void) mg_snprintf(conn, path + strlen(path), + sizeof(path) - strlen(path), "%s", file_name); + } else { + cry(conn, "Bad SSI #include: [%s]", tag); + return; + } + + if (!mg_fopen(conn, path, "rb", &file)) { + cry(conn, "Cannot open SSI #include: [%s]: fopen(%s): %s", + tag, path, strerror(ERRNO)); + } else { + fclose_on_exec(&file); + if (match_prefix(conn->ctx->config[SSI_EXTENSIONS], + strlen(conn->ctx->config[SSI_EXTENSIONS]), path) > 0) { + send_ssi_file(conn, path, &file, include_level + 1); + } else { + send_file_data(conn, &file, 0, INT64_MAX); + } + mg_fclose(&file); + } +} + +#if !defined(NO_POPEN) +static void do_ssi_exec(struct mg_connection *conn, char *tag) { + char cmd[MG_BUF_LEN]; + struct file file = STRUCT_FILE_INITIALIZER; + + if (sscanf(tag, " \"%[^\"]\"", cmd) != 1) { + cry(conn, "Bad SSI #exec: [%s]", tag); + } else if ((file.fp = popen(cmd, "r")) == NULL) { + cry(conn, "Cannot SSI #exec: [%s]: %s", cmd, strerror(ERRNO)); + } else { + send_file_data(conn, &file, 0, INT64_MAX); + pclose(file.fp); + } +} +#endif // !NO_POPEN + +static int mg_fgetc(struct file *filep, int offset) { + if (filep->membuf != NULL && offset >=0 && offset < filep->size) { + return ((unsigned char *) filep->membuf)[offset]; + } else if (filep->fp != NULL) { + return fgetc(filep->fp); + } else { + return EOF; + } +} + +static void send_ssi_file(struct mg_connection *conn, const char *path, + struct file *filep, int include_level) { + char buf[MG_BUF_LEN]; + int ch, offset, len, in_ssi_tag; + + if (include_level > 10) { + cry(conn, "SSI #include level is too deep (%s)", path); + return; + } + + in_ssi_tag = len = offset = 0; + while ((ch = mg_fgetc(filep, offset)) != EOF) { + if (in_ssi_tag && ch == '>') { + in_ssi_tag = 0; + buf[len++] = (char) ch; + buf[len] = '\0'; + assert(len <= (int) sizeof(buf)); + if (len < 6 || memcmp(buf, "