xref: /netbsd-src/libexec/httpd/dir-index-bozo.c (revision e6c7e151de239c49d2e38720a061ed9d1fa99309) 
1 /*	$NetBSD: dir-index-bozo.c,v 1.32 2019/02/28 08:28:21 mrg Exp $	*/
2 
3 /*	$eterna: dir-index-bozo.c,v 1.20 2011/11/18 09:21:15 mrg Exp $	*/
4 
5 /*
6  * Copyright (c) 1997-2019 Matthew R. Green
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer and
16  *    dedication in the documentation and/or other materials provided
17  *    with the distribution.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
24  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
25  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
26  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
27  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  *
31  */
32 
33 /* this code implements directory index generation for bozohttpd */
34 
35 #ifndef NO_DIRINDEX_SUPPORT
36 
37 #include <sys/param.h>
38 
39 #include <dirent.h>
40 #include <errno.h>
41 #include <string.h>
42 #include <stdlib.h>
43 #include <time.h>
44 #include <assert.h>
45 
46 #include "bozohttpd.h"
47 
48 /*
49  * output a directory index.  return 1 if it actually did something..
50  */
51 int
52 bozo_dir_index(bozo_httpreq_t *request, const char *dirpath, int isindex)
53 {
54 	bozohttpd_t *httpd = request->hr_httpd;
55 	struct stat sb;
56 	struct dirent **de, **deo;
57 	DIR *dp;
58 	char buf[MAXPATHLEN];
59 	char *file = NULL, *printname = NULL, *p;
60 	int k, j;
61 
62 	if (!isindex || !httpd->dir_indexing)
63 		return 0;
64 
65 	if (strlen(dirpath) <= strlen(httpd->index_html))
66 		dirpath = ".";
67 	else {
68 		file = bozostrdup(httpd, request, dirpath);
69 
70 		file[strlen(file) - strlen(httpd->index_html)] = '\0';
71 		dirpath = file;
72 	}
73 	debug((httpd, DEBUG_FAT, "bozo_dir_index: dirpath '%s'", dirpath));
74 	if (stat(dirpath, &sb) < 0 ||
75 	    (dp = opendir(dirpath)) == NULL) {
76 		if (errno == EPERM)
77 			bozo_http_error(httpd, 403, request,
78 					"no permission to open directory");
79 		else if (errno == ENOENT)
80 			bozo_http_error(httpd, 404, request, "no file");
81 		else
82 			bozo_http_error(httpd, 500, request, "open directory");
83 		goto done;
84 		/* NOTREACHED */
85 	}
86 
87 	bozo_printf(httpd, "%s 200 OK\r\n", request->hr_proto);
88 
89 	if (request->hr_proto != httpd->consts.http_09) {
90 		bozo_print_header(request, NULL, "text/html", "");
91 		bozo_printf(httpd, "\r\n");
92 	}
93 	bozo_flush(httpd, stdout);
94 
95 	if (request->hr_method == HTTP_HEAD) {
96 		closedir(dp);
97 		goto done;
98 	}
99 
100 #ifndef NO_USER_SUPPORT
101 	if (request->hr_user) {
102 		bozoasprintf(httpd, &printname, "~%s/%s",
103 			     request->hr_user, request->hr_file);
104 	} else
105 		printname = bozostrdup(httpd, request, request->hr_file);
106 #else
107 	printname = bozostrdup(httpd, request, request->hr_file);
108 #endif /* !NO_USER_SUPPORT */
109 	if ((p = strstr(printname, httpd->index_html)) != NULL) {
110 		if (strcmp(printname, httpd->index_html) == 0)
111 			strcpy(printname, "/");	/* is ``slashdir'' */
112 		else
113 			*p = '\0';		/* strip unwanted ``index_html'' */
114 	}
115 	if ((p = bozo_escape_html(httpd, printname)) != NULL) {
116 		free(printname);
117 		printname = p;
118 	}
119 
120 	bozo_printf(httpd,
121 		"<!DOCTYPE html>\r\n"
122 		"<html><head><meta charset=\"utf-8\"/>\r\n"
123 		"<style type=\"text/css\">\r\n"
124 		"table {\r\n"
125 		"\tborder-top: 1px solid black;\r\n"
126 		"\tborder-bottom: 1px solid black;\r\n"
127 		"}\r\n"
128 		"th { background: aquamarine; }\r\n"
129 		"tr:nth-child(even) { background: lavender; }\r\n"
130 		"</style>\r\n");
131 	bozo_printf(httpd, "<title>Index of %s</title></head>\r\n",
132 		printname);
133 	bozo_printf(httpd, "<body><h1>Index of %s</h1>\r\n",
134 		printname);
135 	bozo_printf(httpd,
136 		"<table cols=3>\r\n<thead>\r\n"
137 		"<tr><th>Name<th>Last modified<th align=right>Size\r\n"
138 		"<tbody>\r\n");
139 
140 	for (j = k = scandir(dirpath, &de, NULL, alphasort), deo = de;
141 	    j--; de++) {
142 		int nostat = 0;
143 		char *name = (*de)->d_name;
144 		char *urlname, *htmlname;
145 
146 		if (strcmp(name, ".") == 0 ||
147 		    (strcmp(name, "..") != 0 &&
148 		     httpd->hide_dots && name[0] == '.'))
149 			continue;
150 
151 		if (bozo_check_special_files(request, name, false))
152 			continue;
153 
154 		snprintf(buf, sizeof buf, "%s/%s", dirpath, name);
155 		if (stat(buf, &sb))
156 			nostat = 1;
157 
158 		urlname = bozo_escape_rfc3986(httpd, name, 0);
159 		htmlname = bozo_escape_html(httpd, name);
160 		if (htmlname == NULL)
161 			htmlname = name;
162 		bozo_printf(httpd, "<tr><td>");
163 		if (strcmp(name, "..") == 0) {
164 			bozo_printf(httpd, "<a href=\"../\">");
165 			bozo_printf(httpd, "Parent Directory");
166 		} else if (!nostat && S_ISDIR(sb.st_mode)) {
167 			bozo_printf(httpd, "<a href=\"%s/\">", urlname);
168 			bozo_printf(httpd, "%s/", htmlname);
169 		} else if (strchr(name, ':') != NULL) {
170 			/* RFC 3986 4.2 */
171 			bozo_printf(httpd, "<a href=\"./%s\">", urlname);
172 			bozo_printf(httpd, "%s", htmlname);
173 		} else {
174 			bozo_printf(httpd, "<a href=\"%s\">", urlname);
175 			bozo_printf(httpd, "%s", htmlname);
176 		}
177 		if (htmlname != name)
178 			free(htmlname);
179 		bozo_printf(httpd, "</a>");
180 
181 		if (nostat)
182 			bozo_printf(httpd, "<td>?<td>?\r\n");
183 		else {
184 			unsigned long long len;
185 
186 			strftime(buf, sizeof buf, "%d-%b-%Y %R", gmtime(&sb.st_mtime));
187 			bozo_printf(httpd, "<td>%s", buf);
188 
189 			len = ((unsigned long long)sb.st_size + 1023) / 1024;
190 			bozo_printf(httpd, "<td align=right>%llukB", len);
191 		}
192 		bozo_printf(httpd, "\r\n");
193 	}
194 
195 	closedir(dp);
196 	while (k--)
197         	free(deo[k]);
198 	free(deo);
199 	bozo_printf(httpd, "</table>\r\n");
200 	bozo_printf(httpd, "</body></html>\r\n\r\n");
201 	bozo_flush(httpd, stdout);
202 
203 done:
204 	free(file);
205 	free(printname);
206 	return 1;
207 }
208 #endif /* NO_DIRINDEX_SUPPORT */
209