1 #include <u.h> 2 #include <libc.h> 3 #include <bin.h> 4 #include <httpd.h> 5 6 typedef struct Strings Strings; 7 8 struct Strings 9 { 10 char *s1; 11 char *s2; 12 }; 13 14 static char* abspath(HConnect *cc, char *origpath, char *curdir); 15 static int getc(HConnect*); 16 static char* getword(HConnect*); 17 static Strings parseuri(HConnect *c, char*); 18 static Strings stripsearch(char*); 19 20 /* 21 * parse the next request line 22 * returns: 23 * 1 ok 24 * 0 eof 25 * -1 error 26 */ 27 int 28 hparsereq(HConnect *c, int timeout) 29 { 30 Strings ss; 31 char *vs, *v, *search, *uri, *origuri, *extra; 32 33 if(c->bin != nil){ 34 hfail(c, HInternal); 35 return -1; 36 } 37 38 /* 39 * serve requests until a magic request. 40 * later requests have to come quickly. 41 * only works for http/1.1 or later. 42 */ 43 if(timeout) 44 alarm(timeout); 45 if(hgethead(c, 0) < 0) 46 return -1; 47 if(timeout) 48 alarm(0); 49 c->reqtime = time(nil); 50 c->req.meth = getword(c); 51 if(c->req.meth == nil){ 52 hfail(c, HSyntax); 53 return -1; 54 } 55 uri = getword(c); 56 if(uri == nil || strlen(uri) == 0){ 57 hfail(c, HSyntax); 58 return -1; 59 } 60 v = getword(c); 61 if(v == nil){ 62 if(strcmp(c->req.meth, "GET") != 0){ 63 hfail(c, HUnimp, c->req.meth); 64 return -1; 65 } 66 c->req.vermaj = 0; 67 c->req.vermin = 9; 68 }else{ 69 vs = v; 70 if(strncmp(vs, "HTTP/", 5) != 0){ 71 hfail(c, HUnkVers, vs); 72 return -1; 73 } 74 vs += 5; 75 c->req.vermaj = strtoul(vs, &vs, 10); 76 if(*vs != '.' || c->req.vermaj != 1){ 77 hfail(c, HUnkVers, vs); 78 return -1; 79 } 80 vs++; 81 c->req.vermin = strtoul(vs, &vs, 10); 82 if(*vs != '\0'){ 83 hfail(c, HUnkVers, vs); 84 return -1; 85 } 86 87 extra = getword(c); 88 if(extra != nil){ 89 hfail(c, HSyntax); 90 return -1; 91 } 92 } 93 94 /* 95 * the fragment is not supposed to be sent 96 * strip it 'cause some clients send it 97 */ 98 origuri = uri; 99 uri = strchr(origuri, '#'); 100 if(uri != nil) 101 *uri = 0; 102 103 /* 104 * http/1.1 requires the server to accept absolute 105 * or relative uri's. convert to relative with an absolute path 106 */ 107 if(http11(c)){ 108 ss = parseuri(c, origuri); 109 uri = ss.s1; 110 c->req.urihost = ss.s2; 111 if(uri == nil){ 112 hfail(c, HBadReq, uri); 113 return -1; 114 } 115 origuri = uri; 116 } 117 118 /* 119 * munge uri for search, protection, and magic 120 */ 121 ss = stripsearch(origuri); 122 origuri = ss.s1; 123 search = ss.s2; 124 uri = hurlunesc(c, origuri); 125 uri = abspath(c, uri, "/"); 126 if(uri == nil || uri[0] == '\0'){ 127 hfail(c, HNotFound, "no object specified"); 128 return -1; 129 } 130 131 c->req.uri = uri; 132 c->req.search = search; 133 if(search) 134 c->req.searchpairs = hparsequery(c, hstrdup(c, search)); 135 136 return 1; 137 } 138 139 static Strings 140 parseuri(HConnect *c, char *uri) 141 { 142 Strings ss; 143 char *urihost, *p; 144 145 urihost = nil; 146 ss.s1 = ss.s2 = nil; 147 if(uri[0] != '/') 148 if(cistrncmp(uri, "http://", 7) == 0) 149 uri += 5; /* skip http: */ 150 else if (cistrncmp(uri, "https://", 8) == 0) 151 uri += 6; /* skip https: */ 152 else 153 return ss; 154 155 /* 156 * anything starting with // is a host name or number 157 * hostnames consists of letters, digits, - and . 158 * for now, just ignore any port given 159 */ 160 if(uri[0] == '/' && uri[1] == '/'){ 161 urihost = uri + 2; 162 p = strchr(urihost, '/'); 163 if(p == nil) 164 uri = hstrdup(c, "/"); 165 else{ 166 uri = hstrdup(c, p); 167 *p = '\0'; 168 } 169 p = strchr(urihost, ':'); 170 if(p != nil) 171 *p = '\0'; 172 } 173 174 if(uri[0] != '/' || uri[1] == '/') 175 return ss; 176 177 ss.s1 = uri; 178 ss.s2 = hlower(urihost); 179 return ss; 180 } 181 static Strings 182 stripsearch(char *uri) 183 { 184 Strings ss; 185 char *search; 186 187 search = strchr(uri, '?'); 188 if(search != nil) 189 *search++ = 0; 190 ss.s1 = uri; 191 ss.s2 = search; 192 return ss; 193 } 194 195 /* 196 * to circumscribe the accessible files we have to eliminate ..'s 197 * and resolve all names from the root. 198 */ 199 static char* 200 abspath(HConnect *cc, char *origpath, char *curdir) 201 { 202 char *p, *sp, *path, *work, *rpath; 203 int len, n, c; 204 205 if(curdir == nil) 206 curdir = "/"; 207 if(origpath == nil) 208 origpath = ""; 209 work = hstrdup(cc, origpath); 210 path = work; 211 212 /* 213 * remove any really special characters 214 */ 215 for(sp = "`;|"; *sp; sp++){ 216 p = strchr(path, *sp); 217 if(p) 218 *p = 0; 219 } 220 221 len = strlen(curdir) + strlen(path) + 2 + UTFmax; 222 if(len < 10) 223 len = 10; 224 rpath = halloc(cc, len); 225 if(*path == '/') 226 rpath[0] = 0; 227 else 228 strcpy(rpath, curdir); 229 n = strlen(rpath); 230 231 while(path){ 232 p = strchr(path, '/'); 233 if(p) 234 *p++ = 0; 235 if(strcmp(path, "..") == 0){ 236 while(n > 1){ 237 n--; 238 c = rpath[n]; 239 rpath[n] = 0; 240 if(c == '/') 241 break; 242 } 243 }else if(strcmp(path, ".") == 0){ 244 ; 245 }else if(n == 1) 246 n += snprint(rpath+n, len-n, "%s", path); 247 else 248 n += snprint(rpath+n, len-n, "/%s", path); 249 path = p; 250 } 251 252 if(strncmp(rpath, "/bin/", 5) == 0) 253 strcpy(rpath, "/"); 254 return rpath; 255 } 256 257 static char* 258 getword(HConnect *c) 259 { 260 char *buf; 261 int ch, n; 262 263 while((ch = getc(c)) == ' ' || ch == '\t' || ch == '\r') 264 ; 265 if(ch == '\n') 266 return nil; 267 n = 0; 268 buf = halloc(c, 1); 269 for(;;){ 270 switch(ch){ 271 case ' ': 272 case '\t': 273 case '\r': 274 case '\n': 275 buf[n] = '\0'; 276 return hstrdup(c, buf); 277 } 278 279 if(n < HMaxWord-1){ 280 buf = bingrow(&c->bin, buf, n, n + 1, 0); 281 if(buf == nil) 282 return nil; 283 buf[n++] = ch; 284 } 285 ch = getc(c); 286 } 287 } 288 289 static int 290 getc(HConnect *c) 291 { 292 if(c->hpos < c->hstop) 293 return *c->hpos++; 294 return '\n'; 295 } 296