1 | /* $Id: http.c 359 2024-10-16 14:34:51Z nishi $ */
|
---|
2 |
|
---|
3 | #define SOURCE
|
---|
4 |
|
---|
5 | #include "../config.h"
|
---|
6 |
|
---|
7 | #include "tw_http.h"
|
---|
8 |
|
---|
9 | #include "tw_server.h"
|
---|
10 |
|
---|
11 | #include <cm_log.h>
|
---|
12 | #include <cm_string.h>
|
---|
13 |
|
---|
14 | #include <stdbool.h>
|
---|
15 | #include <stdlib.h>
|
---|
16 | #include <string.h>
|
---|
17 |
|
---|
18 | #ifdef __OS2__
|
---|
19 | #include <sys/time.h>
|
---|
20 | #include <types.h>
|
---|
21 | #include <tcpustd.h>
|
---|
22 | #endif
|
---|
23 |
|
---|
24 | #if defined(__MINGW32__) || defined(_MSC_VER) || defined(__BORLANDC__) || (defined(__WATCOMC__) && !defined(__OS2__) && !defined(__NETWARE__) && !defined(__DOS__))
|
---|
25 | #ifdef USE_WINSOCK1
|
---|
26 | #include <winsock.h>
|
---|
27 | #else
|
---|
28 | #include <winsock2.h>
|
---|
29 | #endif
|
---|
30 | #elif defined(__NETWARE__)
|
---|
31 | #include <sys/socket.h>
|
---|
32 | #else
|
---|
33 | #ifdef USE_POLL
|
---|
34 | #ifdef __PPU__
|
---|
35 | #include <net/poll.h>
|
---|
36 | #else
|
---|
37 | #include <poll.h>
|
---|
38 | #endif
|
---|
39 | #else
|
---|
40 | #ifdef __NeXT__
|
---|
41 | #include <sys/socket.h>
|
---|
42 | #include <time.h>
|
---|
43 | #include <sys/time.h>
|
---|
44 | #else
|
---|
45 | #include <sys/select.h>
|
---|
46 | #endif
|
---|
47 | #endif
|
---|
48 | #endif
|
---|
49 |
|
---|
50 | void tw_free_request(struct tw_http_request* req) {
|
---|
51 | if(req->method != NULL) free(req->method);
|
---|
52 | if(req->path != NULL) free(req->path);
|
---|
53 | if(req->query != NULL) free(req->query);
|
---|
54 | if(req->headers != NULL) {
|
---|
55 | int i;
|
---|
56 | for(i = 0; req->headers[i] != NULL; i++) free(req->headers[i]);
|
---|
57 | free(req->headers);
|
---|
58 | }
|
---|
59 | if(req->body != NULL) free(req->body);
|
---|
60 | if(req->version != NULL) free(req->version);
|
---|
61 |
|
---|
62 | req->method = NULL;
|
---|
63 | req->path = NULL;
|
---|
64 | req->query = NULL;
|
---|
65 | req->headers = NULL;
|
---|
66 | req->body = NULL;
|
---|
67 | req->version = NULL;
|
---|
68 | }
|
---|
69 |
|
---|
70 | int tw_http_parse(SSL* ssl, int sock, struct tw_http_request* req) {
|
---|
71 | char buffer[512];
|
---|
72 | char cbuf[2];
|
---|
73 | int phase = 0;
|
---|
74 | char* header;
|
---|
75 | int nl;
|
---|
76 | bool bad;
|
---|
77 |
|
---|
78 | #ifdef USE_POLL
|
---|
79 | struct pollfd pollfds[1];
|
---|
80 | pollfds[0].fd = sock;
|
---|
81 | pollfds[0].events = POLLIN | POLLPRI;
|
---|
82 | #else
|
---|
83 | fd_set fds;
|
---|
84 | #endif
|
---|
85 |
|
---|
86 | bad = false;
|
---|
87 |
|
---|
88 | cbuf[1] = 0;
|
---|
89 |
|
---|
90 | req->method = NULL;
|
---|
91 | req->path = NULL;
|
---|
92 | req->query = NULL;
|
---|
93 | req->headers = NULL;
|
---|
94 | req->body = NULL;
|
---|
95 | req->version = NULL;
|
---|
96 |
|
---|
97 | header = malloc(1);
|
---|
98 | header[0] = 0;
|
---|
99 | nl = 0;
|
---|
100 |
|
---|
101 | while(1) {
|
---|
102 | int i;
|
---|
103 | int len;
|
---|
104 | int n;
|
---|
105 | #ifndef USE_POLL
|
---|
106 | struct timeval tv;
|
---|
107 | FD_ZERO(&fds);
|
---|
108 | FD_SET(sock, &fds);
|
---|
109 | tv.tv_sec = 5;
|
---|
110 | tv.tv_usec = 0;
|
---|
111 | #endif
|
---|
112 | #ifndef NO_SSL
|
---|
113 | if(ssl == NULL || !SSL_has_pending(ssl)) {
|
---|
114 | #endif
|
---|
115 | #ifdef USE_POLL
|
---|
116 | n = poll(pollfds, 1, 5000);
|
---|
117 | #else
|
---|
118 | #ifdef __HAIKU__
|
---|
119 | n = select(32, &fds, NULL, NULL, &tv);
|
---|
120 | #else
|
---|
121 | n = select(FD_SETSIZE, &fds, NULL, NULL, &tv);
|
---|
122 | #endif
|
---|
123 | #endif
|
---|
124 | if(n <= 0) {
|
---|
125 | cm_log("HTTP", "Timeout, disconnecting");
|
---|
126 | free(header);
|
---|
127 | tw_free_request(req);
|
---|
128 | return -1;
|
---|
129 | }
|
---|
130 | #ifndef NO_SSL
|
---|
131 | }
|
---|
132 | #endif
|
---|
133 | len = tw_read(ssl, sock, buffer, 512);
|
---|
134 | if(len <= 0) {
|
---|
135 | bad = true;
|
---|
136 | break;
|
---|
137 | }
|
---|
138 | for(i = 0; i < len; i++) {
|
---|
139 | char c = buffer[i];
|
---|
140 | if(phase == 0) {
|
---|
141 | if(c == ' ') {
|
---|
142 | if(req->method == NULL) {
|
---|
143 | tw_free_request(req);
|
---|
144 | bad = true;
|
---|
145 | goto getout;
|
---|
146 | } else {
|
---|
147 | phase++;
|
---|
148 | }
|
---|
149 | } else {
|
---|
150 | char* tmp;
|
---|
151 | if(req->method == NULL) {
|
---|
152 | req->method = malloc(1);
|
---|
153 | req->method[0] = 0;
|
---|
154 | }
|
---|
155 | cbuf[0] = c;
|
---|
156 | tmp = req->method;
|
---|
157 | req->method = cm_strcat(tmp, cbuf);
|
---|
158 | free(tmp);
|
---|
159 | }
|
---|
160 | } else if(phase == 1) {
|
---|
161 | if(c == ' ') {
|
---|
162 | if(req->path == NULL) {
|
---|
163 | tw_free_request(req);
|
---|
164 | bad = true;
|
---|
165 | goto getout;
|
---|
166 | } else {
|
---|
167 | phase++;
|
---|
168 | }
|
---|
169 | } else {
|
---|
170 | char* tmp;
|
---|
171 | if(req->path == NULL) {
|
---|
172 | req->path = malloc(1);
|
---|
173 | req->path[0] = 0;
|
---|
174 | }
|
---|
175 | cbuf[0] = c;
|
---|
176 | tmp = req->path;
|
---|
177 | req->path = cm_strcat(tmp, cbuf);
|
---|
178 | free(tmp);
|
---|
179 | }
|
---|
180 | } else if(phase == 2) {
|
---|
181 | if(c == '\n') {
|
---|
182 | if(req->version == NULL) {
|
---|
183 | tw_free_request(req);
|
---|
184 | bad = true;
|
---|
185 | goto getout;
|
---|
186 | } else {
|
---|
187 | /* We have Method, Path, Version now */
|
---|
188 | int j;
|
---|
189 | char* p;
|
---|
190 | int incr;
|
---|
191 | if(strcmp(req->version, "HTTP/1.1") != 0 && strcmp(req->version, "HTTP/1.0") != 0) {
|
---|
192 | cm_log("HTTP", "Bad HTTP Version");
|
---|
193 | bad = true;
|
---|
194 | goto getout;
|
---|
195 | }
|
---|
196 |
|
---|
197 | p = malloc(1);
|
---|
198 | p[0] = 0;
|
---|
199 | for(j = 0; req->path[j] != 0; j++) {
|
---|
200 | char* tmp;
|
---|
201 | if(req->path[j] == '/') {
|
---|
202 | cbuf[0] = '/';
|
---|
203 | for(; req->path[j] != 0 && req->path[j] == '/'; j++)
|
---|
204 | ;
|
---|
205 | j--;
|
---|
206 | } else {
|
---|
207 | cbuf[0] = req->path[j];
|
---|
208 | }
|
---|
209 | tmp = p;
|
---|
210 | p = cm_strcat(tmp, cbuf);
|
---|
211 | free(tmp);
|
---|
212 | }
|
---|
213 | free(req->path);
|
---|
214 | req->path = p;
|
---|
215 |
|
---|
216 | incr = 0;
|
---|
217 | p = malloc(1);
|
---|
218 | p[0] = 0;
|
---|
219 | for(j = 0;; j++) {
|
---|
220 | if(req->path[j] == '/' || req->path[j] == 0) {
|
---|
221 | char oldc = req->path[j];
|
---|
222 | char* pth;
|
---|
223 | cbuf[0] = oldc;
|
---|
224 | req->path[j] = 0;
|
---|
225 |
|
---|
226 | pth = req->path + incr;
|
---|
227 |
|
---|
228 | if(strcmp(pth, "..") == 0) {
|
---|
229 | int k;
|
---|
230 | if(p[strlen(p) - 1] == '/') p[strlen(p) - 1] = 0;
|
---|
231 | for(k = strlen(p) - 1; k >= 0; k--) {
|
---|
232 | if(p[k] == '/') {
|
---|
233 | p[k + 1] = 0;
|
---|
234 | break;
|
---|
235 | }
|
---|
236 | }
|
---|
237 | if(strlen(p) == 0) {
|
---|
238 | free(p);
|
---|
239 | p = cm_strdup("/");
|
---|
240 | }
|
---|
241 | } else if(strcmp(pth, ".") == 0) {
|
---|
242 | } else {
|
---|
243 | char* tmp = p;
|
---|
244 | p = cm_strcat3(tmp, pth, cbuf);
|
---|
245 | free(tmp);
|
---|
246 | }
|
---|
247 |
|
---|
248 | incr = j + 1;
|
---|
249 | if(oldc == 0) break;
|
---|
250 | }
|
---|
251 | }
|
---|
252 | free(req->path);
|
---|
253 | req->path = p;
|
---|
254 |
|
---|
255 | cm_log("HTTP", "Request: %s %s %s", req->method, req->path, req->version);
|
---|
256 |
|
---|
257 | phase++;
|
---|
258 | }
|
---|
259 | } else if(c != '\r') {
|
---|
260 | char* tmp;
|
---|
261 | if(req->version == NULL) {
|
---|
262 | req->version = malloc(1);
|
---|
263 | req->version[0] = 0;
|
---|
264 | }
|
---|
265 | cbuf[0] = c;
|
---|
266 | tmp = req->version;
|
---|
267 | req->version = cm_strcat(tmp, cbuf);
|
---|
268 | free(tmp);
|
---|
269 | }
|
---|
270 | } else if(phase == 3) {
|
---|
271 | if(c == '\n') {
|
---|
272 | nl++;
|
---|
273 | if(nl == 2) {
|
---|
274 | phase++;
|
---|
275 | goto getout;
|
---|
276 | } else {
|
---|
277 | int j;
|
---|
278 | if(req->headers == NULL) {
|
---|
279 | req->headers = malloc(sizeof(*req->headers));
|
---|
280 | req->headers[0] = NULL;
|
---|
281 | }
|
---|
282 | for(j = 0; header[j] != 0; j++) {
|
---|
283 | if(header[j] == ':') {
|
---|
284 | char* kv;
|
---|
285 | char* vv;
|
---|
286 | char** old;
|
---|
287 | int k;
|
---|
288 | header[j] = 0;
|
---|
289 | j++;
|
---|
290 | for(; header[j] != 0 && (header[j] == ' ' || header[j] == '\t'); j++)
|
---|
291 | ;
|
---|
292 | kv = header;
|
---|
293 | vv = header + j;
|
---|
294 |
|
---|
295 | old = req->headers;
|
---|
296 | for(k = 0; old[k] != NULL; k++)
|
---|
297 | ;
|
---|
298 | req->headers = malloc(sizeof(*req->headers) * (k + 3));
|
---|
299 | for(k = 0; old[k] != NULL; k++) req->headers[k] = old[k];
|
---|
300 | req->headers[k] = cm_strdup(kv);
|
---|
301 | req->headers[k + 1] = cm_strdup(vv);
|
---|
302 | req->headers[k + 2] = NULL;
|
---|
303 | free(old);
|
---|
304 |
|
---|
305 | cm_log("HTTP", "Header: %s: %s", kv, vv);
|
---|
306 |
|
---|
307 | break;
|
---|
308 | }
|
---|
309 | }
|
---|
310 | free(header);
|
---|
311 | header = malloc(1);
|
---|
312 | header[0] = 0;
|
---|
313 | }
|
---|
314 | } else if(c != '\r') {
|
---|
315 | char* tmp;
|
---|
316 | nl = 0;
|
---|
317 | cbuf[0] = c;
|
---|
318 | tmp = header;
|
---|
319 | header = cm_strcat(tmp, cbuf);
|
---|
320 | free(tmp);
|
---|
321 | }
|
---|
322 | }
|
---|
323 | }
|
---|
324 | }
|
---|
325 | getout:
|
---|
326 | free(header);
|
---|
327 | if(bad) {
|
---|
328 | tw_free_request(req);
|
---|
329 | return 1;
|
---|
330 | }
|
---|
331 | {
|
---|
332 | char* result = malloc(1);
|
---|
333 | int i;
|
---|
334 | int j;
|
---|
335 | int incr;
|
---|
336 | char* p;
|
---|
337 | result[0] = 0;
|
---|
338 | for(i = 0; req->path[i] != 0; i++) {
|
---|
339 | if(req->path[i] == '?') {
|
---|
340 | req->path[i] = 0;
|
---|
341 | req->query = cm_strdup(req->path + i + 1);
|
---|
342 | break;
|
---|
343 | }
|
---|
344 | }
|
---|
345 | for(i = 0; req->path[i] != 0; i++) {
|
---|
346 | if(req->path[i] == '%') {
|
---|
347 | if(req->path[i + 1] == 0) continue;
|
---|
348 | cbuf[0] = cm_hex(req->path + i + 1, 2);
|
---|
349 | if(cbuf[0] != '\\') {
|
---|
350 | char* tmp = result;
|
---|
351 | result = cm_strcat(tmp, cbuf);
|
---|
352 | free(tmp);
|
---|
353 | }
|
---|
354 | i += 2;
|
---|
355 | } else if(req->path[i] != '\\') {
|
---|
356 | char* tmp;
|
---|
357 | cbuf[0] = req->path[i];
|
---|
358 | tmp = result;
|
---|
359 | result = cm_strcat(tmp, cbuf);
|
---|
360 | free(tmp);
|
---|
361 | }
|
---|
362 | }
|
---|
363 | free(req->path);
|
---|
364 | req->path = result;
|
---|
365 |
|
---|
366 | incr = 0;
|
---|
367 | p = malloc(1);
|
---|
368 | p[0] = 0;
|
---|
369 | for(j = 0;; j++) {
|
---|
370 | if(req->path[j] == '/' || req->path[j] == 0) {
|
---|
371 | char oldc = req->path[j];
|
---|
372 | char* pth;
|
---|
373 | cbuf[0] = oldc;
|
---|
374 | req->path[j] = 0;
|
---|
375 |
|
---|
376 | pth = req->path + incr;
|
---|
377 |
|
---|
378 | if(strcmp(pth, "..") == 0) {
|
---|
379 | int k;
|
---|
380 | if(p[strlen(p) - 1] == '/') p[strlen(p) - 1] = 0;
|
---|
381 | for(k = strlen(p) - 1; k >= 0; k--) {
|
---|
382 | if(p[k] == '/') {
|
---|
383 | p[k + 1] = 0;
|
---|
384 | break;
|
---|
385 | }
|
---|
386 | }
|
---|
387 | if(strlen(p) == 0) {
|
---|
388 | free(p);
|
---|
389 | p = cm_strdup("/");
|
---|
390 | }
|
---|
391 | } else if(strcmp(pth, ".") == 0) {
|
---|
392 | } else {
|
---|
393 | char* tmp = p;
|
---|
394 | p = cm_strcat3(tmp, pth, cbuf);
|
---|
395 | free(tmp);
|
---|
396 | }
|
---|
397 |
|
---|
398 | incr = j + 1;
|
---|
399 | if(oldc == 0) break;
|
---|
400 | }
|
---|
401 | }
|
---|
402 | free(req->path);
|
---|
403 | req->path = p;
|
---|
404 | return 0;
|
---|
405 | }
|
---|
406 | }
|
---|