2 c2117f4b 2023-08-31 op * This is free and unencumbered software released into the public domain.
4 c2117f4b 2023-08-31 op * Anyone is free to copy, modify, publish, use, compile, sell, or
5 c2117f4b 2023-08-31 op * distribute this software, either in source code form or as a compiled
6 c2117f4b 2023-08-31 op * binary, for any purpose, commercial or non-commercial, and by any
9 c2117f4b 2023-08-31 op * In jurisdictions that recognize copyright laws, the author or authors
10 c2117f4b 2023-08-31 op * of this software dedicate any and all copyright interest in the
11 c2117f4b 2023-08-31 op * software to the public domain. We make this dedication for the benefit
12 c2117f4b 2023-08-31 op * of the public at large and to the detriment of our heirs and
13 c2117f4b 2023-08-31 op * successors. We intend this dedication to be an overt act of
14 c2117f4b 2023-08-31 op * relinquishment in perpetuity of all present and future rights to this
15 c2117f4b 2023-08-31 op * software under copyright law.
17 c2117f4b 2023-08-31 op * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
18 c2117f4b 2023-08-31 op * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
19 c2117f4b 2023-08-31 op * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
20 c2117f4b 2023-08-31 op * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
21 c2117f4b 2023-08-31 op * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
22 c2117f4b 2023-08-31 op * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
23 c2117f4b 2023-08-31 op * OTHER DEALINGS IN THE SOFTWARE.
26 04e4e993 2023-08-14 op #include "config.h"
28 04e4e993 2023-08-14 op #include <sys/uio.h>
30 04e4e993 2023-08-14 op #include <ctype.h>
31 04e4e993 2023-08-14 op #include <errno.h>
32 04e4e993 2023-08-14 op #include <limits.h>
33 04e4e993 2023-08-14 op #include <stdarg.h>
34 04e4e993 2023-08-14 op #include <stdio.h>
35 04e4e993 2023-08-14 op #include <stdlib.h>
36 04e4e993 2023-08-14 op #include <string.h>
37 04e4e993 2023-08-14 op #include <unistd.h>
39 3634fa70 2023-08-31 op #include "bufio.h"
40 04e4e993 2023-08-14 op #include "http.h"
41 04e4e993 2023-08-14 op #include "log.h"
42 04e4e993 2023-08-14 op #include "xmalloc.h"
44 04e4e993 2023-08-14 op #ifndef nitems
45 04e4e993 2023-08-14 op #define nitems(x) (sizeof(x)/sizeof(x[0]))
49 3634fa70 2023-08-31 op http_init(struct client *clt, int fd)
51 3634fa70 2023-08-31 op memset(clt, 0, sizeof(*clt));
52 3634fa70 2023-08-31 op if (bufio_init(&clt->bio) == -1)
54 3634fa70 2023-08-31 op bufio_set_fd(&clt->bio, fd);
59 3634fa70 2023-08-31 op http_parse(struct client *clt)
61 3634fa70 2023-08-31 op struct buffer *rbuf = &clt->bio.rbuf;
62 3634fa70 2023-08-31 op struct request *req = &clt->req;
64 3634fa70 2023-08-31 op uint8_t *endln;
65 5e3e9499 2023-08-31 op char *frag, *query, *http, *line;
66 04e4e993 2023-08-14 op const char *errstr, *m;
68 3634fa70 2023-08-31 op while (!clt->reqdone) {
69 3634fa70 2023-08-31 op endln = memmem(rbuf->buf, rbuf->len, "\r\n", 2);
70 3634fa70 2023-08-31 op if (endln == NULL) {
71 3634fa70 2023-08-31 op errno = EAGAIN;
75 3634fa70 2023-08-31 op line = rbuf->buf;
76 3634fa70 2023-08-31 op if (endln == rbuf->buf)
77 3634fa70 2023-08-31 op clt->reqdone = 1;
79 3634fa70 2023-08-31 op len = endln - rbuf->buf + 2;
80 3634fa70 2023-08-31 op while (len > 0 && (line[len - 1] == '\r' ||
81 3634fa70 2023-08-31 op line[len - 1] == '\n' || line[len - 1] == ' ' ||
82 3634fa70 2023-08-31 op line[len - 1] == '\t'))
83 3634fa70 2023-08-31 op line[--len] = '\0';
85 3634fa70 2023-08-31 op /* first line */
86 3634fa70 2023-08-31 op if (clt->req.method == METHOD_UNKNOWN) {
87 3634fa70 2023-08-31 op if (!strncmp("GET ", line, 4)) {
88 3634fa70 2023-08-31 op req->method = METHOD_GET;
90 3634fa70 2023-08-31 op } else if (!strncmp("POST ", line, 5)) {
91 3634fa70 2023-08-31 op req->method = METHOD_POST;
94 3634fa70 2023-08-31 op errno = EINVAL;
98 5e3e9499 2023-08-31 op if ((http = strchr(line, ' ')) == NULL)
100 5e3e9499 2023-08-31 op if (*http != '\0')
101 5e3e9499 2023-08-31 op *http++ = '\0';
103 a2298955 2023-08-31 op if ((query = strchr(line, '?')))
104 a2298955 2023-08-31 op *query = '\0';
105 a2298955 2023-08-31 op if ((frag = strchr(line, '#')))
106 a2298955 2023-08-31 op *frag = '\0';
108 7add2c3c 2023-08-31 op clt->req.path = xstrdup(line);
110 5e3e9499 2023-08-31 op if (!strcmp(http, "HTTP/1.0"))
111 3634fa70 2023-08-31 op clt->req.version = HTTP_1_0;
112 5e3e9499 2023-08-31 op else if (!strcmp(http, "HTTP/1.1")) {
113 3634fa70 2023-08-31 op clt->req.version = HTTP_1_1;
114 3634fa70 2023-08-31 op clt->chunked = 1;
116 5e3e9499 2023-08-31 op log_warnx("unknown http version %s", http);
117 3634fa70 2023-08-31 op errno = EINVAL;
121 5e3e9499 2023-08-31 op line = http; /* so that no header below matches */
124 3634fa70 2023-08-31 op if (!strncasecmp(line, "Content-Length:", 15)) {
126 3634fa70 2023-08-31 op line += strspn(line, " \t");
127 3634fa70 2023-08-31 op clt->req.clen = strtonum(line, 0, LONG_MAX,
129 3634fa70 2023-08-31 op if (errstr) {
130 3634fa70 2023-08-31 op log_warnx("content-length is %s: %s",
131 3634fa70 2023-08-31 op errstr, line);
132 3634fa70 2023-08-31 op errno = EINVAL;
137 3634fa70 2023-08-31 op buf_drain(rbuf, endln - rbuf->buf + 2);
140 04e4e993 2023-08-14 op if (req->method == METHOD_GET)
142 04e4e993 2023-08-14 op else if (req->method == METHOD_POST)
145 04e4e993 2023-08-14 op m = "unknown";
146 9daa6569 2023-08-31 op log_debug("< %s %s HTTP/%s", m, req->path,
147 9daa6569 2023-08-31 op req->version == HTTP_1_1 ? "1.1" : "1.0");
153 3634fa70 2023-08-31 op http_read(struct client *clt)
155 3634fa70 2023-08-31 op struct request *req = &clt->req;
159 3634fa70 2023-08-31 op if (req->clen > sizeof(clt->buf) - 1) {
160 87eb9c1e 2023-08-15 op log_warnx("POST has more data then what can be accepted");
164 87eb9c1e 2023-08-15 op /* clients may have sent more data than advertised */
165 3634fa70 2023-08-31 op if (req->clen < clt->len)
168 3634fa70 2023-08-31 op left = req->clen - clt->len;
170 3634fa70 2023-08-31 op if (left > 0) {
171 3634fa70 2023-08-31 op nr = bufio_drain(&clt->bio, clt->buf + clt->len, left);
172 3634fa70 2023-08-31 op clt->len += nr;
173 3634fa70 2023-08-31 op if (nr < left) {
174 3634fa70 2023-08-31 op errno = EAGAIN;
179 3634fa70 2023-08-31 op clt->buf[clt->len] = '\0';
180 3634fa70 2023-08-31 op while (clt->len > 0 && (clt->buf[clt->len - 1] == '\r' ||
181 3634fa70 2023-08-31 op (clt->buf[clt->len - 1] == '\n')))
182 3634fa70 2023-08-31 op clt->buf[--clt->len] = '\0';
188 3634fa70 2023-08-31 op http_reply(struct client *clt, int code, const char *reason, const char *ctype)
190 2c962d05 2023-08-31 op const char *version, *location = NULL;
193 04e4e993 2023-08-14 op log_debug("> %d %s", code, reason);
195 04e4e993 2023-08-14 op if (code >= 300 && code < 400) {
196 04e4e993 2023-08-14 op location = ctype;
197 c83e450a 2023-08-14 op ctype = "text/html;charset=UTF-8";
200 2c962d05 2023-08-31 op version = "HTTP/1.1";
201 2c962d05 2023-08-31 op if (clt->req.version == HTTP_1_0)
202 2c962d05 2023-08-31 op version = "HTTP/1.0";
204 2c962d05 2023-08-31 op r = bufio_compose_fmt(&clt->bio, "%s %d %s\r\n"
205 04e4e993 2023-08-14 op "Connection: close\r\n"
206 04e4e993 2023-08-14 op "Cache-Control: no-store\r\n"
211 2c962d05 2023-08-31 op version, code, reason,
212 04e4e993 2023-08-14 op ctype == NULL ? "" : "Content-Type: ",
213 04e4e993 2023-08-14 op ctype == NULL ? "" : ctype,
214 04e4e993 2023-08-14 op ctype == NULL ? "" : "\r\n",
215 04e4e993 2023-08-14 op location == NULL ? "" : "Location: ",
216 04e4e993 2023-08-14 op location == NULL ? "" : location,
217 04e4e993 2023-08-14 op location == NULL ? "" : "\r\n",
218 3634fa70 2023-08-31 op clt->chunked ? "Transfer-Encoding: chunked\r\n" : "");
219 3634fa70 2023-08-31 op if (r == -1) {
220 3634fa70 2023-08-31 op clt->err = 1;
224 6d85a326 2023-08-31 op bufio_set_chunked(&clt->bio, clt->chunked);
226 c83e450a 2023-08-14 op if (location) {
227 3634fa70 2023-08-31 op if (http_writes(clt, "<a href='") == -1 ||
228 3634fa70 2023-08-31 op http_htmlescape(clt, location) == -1 ||
229 3634fa70 2023-08-31 op http_writes(clt, "'>") == -1 ||
230 3634fa70 2023-08-31 op http_htmlescape(clt, reason) == -1 ||
231 3634fa70 2023-08-31 op http_writes(clt, "</a>") == -1)
239 3634fa70 2023-08-31 op http_flush(struct client *clt)
241 3634fa70 2023-08-31 op if (clt->err)
244 3634fa70 2023-08-31 op if (clt->len == 0)
247 3634fa70 2023-08-31 op if (bufio_compose(&clt->bio, clt->buf, clt->len) == -1) {
248 3634fa70 2023-08-31 op clt->err = 1;
252 3634fa70 2023-08-31 op clt->len = 0;
258 3634fa70 2023-08-31 op http_write(struct client *clt, const char *d, size_t len)
260 04e4e993 2023-08-14 op size_t avail;
262 3634fa70 2023-08-31 op if (clt->err)
265 04e4e993 2023-08-14 op while (len > 0) {
266 3634fa70 2023-08-31 op avail = sizeof(clt->buf) - clt->len;
267 04e4e993 2023-08-14 op if (avail > len)
270 3634fa70 2023-08-31 op memcpy(clt->buf + clt->len, d, avail);
271 3634fa70 2023-08-31 op clt->len += avail;
272 04e4e993 2023-08-14 op len -= avail;
274 3634fa70 2023-08-31 op if (clt->len == sizeof(clt->buf)) {
275 3634fa70 2023-08-31 op if (http_flush(clt) == -1)
284 3634fa70 2023-08-31 op http_writes(struct client *clt, const char *str)
286 3634fa70 2023-08-31 op return http_write(clt, str, strlen(str));
290 3634fa70 2023-08-31 op http_fmt(struct client *clt, const char *fmt, ...)
296 04e4e993 2023-08-14 op va_start(ap, fmt);
297 04e4e993 2023-08-14 op r = vasprintf(&str, fmt, ap);
300 04e4e993 2023-08-14 op if (r == -1) {
301 04e4e993 2023-08-14 op log_warn("vasprintf");
302 3634fa70 2023-08-31 op clt->err = 1;
306 3634fa70 2023-08-31 op r = http_write(clt, str, r);
312 3634fa70 2023-08-31 op http_urlescape(struct client *clt, const char *str)
317 04e4e993 2023-08-14 op for (; *str; ++str) {
318 04e4e993 2023-08-14 op if (iscntrl((unsigned char)*str) ||
319 04e4e993 2023-08-14 op isspace((unsigned char)*str) ||
320 04e4e993 2023-08-14 op *str == '\'' || *str == '"' || *str == '\\') {
321 04e4e993 2023-08-14 op r = snprintf(tmp, sizeof(tmp), "%%%2X",
322 04e4e993 2023-08-14 op (unsigned char)*str);
323 04e4e993 2023-08-14 op if (r < 0 || (size_t)r >= sizeof(tmp)) {
324 04e4e993 2023-08-14 op log_warn("snprintf failed");
325 3634fa70 2023-08-31 op clt->err = 1;
328 3634fa70 2023-08-31 op if (http_write(clt, tmp, r) == -1)
330 3634fa70 2023-08-31 op } else if (http_write(clt, str, 1) == -1)
338 3634fa70 2023-08-31 op http_htmlescape(struct client *clt, const char *str)
342 04e4e993 2023-08-14 op for (; *str; ++str) {
343 04e4e993 2023-08-14 op switch (*str) {
345 3634fa70 2023-08-31 op r = http_writes(clt, "<");
348 3634fa70 2023-08-31 op r = http_writes(clt, ">");
351 3634fa70 2023-08-31 op r = http_writes(clt, ">");
354 3634fa70 2023-08-31 op r = http_writes(clt, """);
357 3634fa70 2023-08-31 op r = http_writes(clt, "'");
360 3634fa70 2023-08-31 op r = http_write(clt, str, 1);
372 3634fa70 2023-08-31 op http_close(struct client *clt)
374 3634fa70 2023-08-31 op if (clt->err)
376 3634fa70 2023-08-31 op if (clt->len != 0 && http_flush(clt) == -1)
378 3634fa70 2023-08-31 op if (bufio_compose(&clt->bio, NULL, 0) == -1)
379 3634fa70 2023-08-31 op clt->err = 1;
380 3634fa70 2023-08-31 op return (clt->err ? -1 : 0);
384 3634fa70 2023-08-31 op http_free(struct client *clt)
386 3634fa70 2023-08-31 op free(clt->req.path);
387 3634fa70 2023-08-31 op free(clt->req.ctype);
388 3634fa70 2023-08-31 op free(clt->req.body);
389 3634fa70 2023-08-31 op bufio_free(&clt->bio);