1 #include <u.h> 2 #include <libc.h> 3 #include <bin.h> 4 #include <httpd.h> 5 6 typedef struct Strings Strings; 7 8 struct Strings 9 { 10 char *s1; 11 char *s2; 12 }; 13 14 static char* abspath(HConnect *cc, char *origpath, char *curdir); 15 static int getc(HConnect*); 16 static char* getword(HConnect*); 17 static Strings parseuri(HConnect *c, char*); 18 static Strings stripsearch(char*); 19 20 /* 21 * parse the next request line 22 * returns: 23 * 1 ok 24 * 0 eof 25 * -1 error 26 */ 27 int 28 hparsereq(HConnect *c, int timeout) 29 { 30 Strings ss; 31 char *vs, *v, *search, *uri, *origuri, *extra; 32 33 if(c->bin != nil){ 34 hfail(c, HInternal); 35 return -1; 36 } 37 38 /* 39 * serve requests until a magic request. 40 * later requests have to come quickly. 41 * only works for http/1.1 or later. 42 */ 43 if(timeout) 44 alarm(timeout); 45 if(hgethead(c, 0) < 0) 46 return -1; 47 if(timeout) 48 alarm(0); 49 c->reqtime = time(nil); 50 c->req.meth = getword(c); 51 if(c->req.meth == nil){ 52 hfail(c, HSyntax); 53 return -1; 54 } 55 uri = getword(c); 56 if(uri == nil || strlen(uri) == 0){ 57 hfail(c, HSyntax); 58 return -1; 59 } 60 v = getword(c); 61 if(v == nil){ 62 if(strcmp(c->req.meth, "GET") != 0){ 63 hfail(c, HUnimp, c->req.meth); 64 return -1; 65 } 66 c->req.vermaj = 0; 67 c->req.vermin = 9; 68 }else{ 69 vs = v; 70 if(strncmp(vs, "HTTP/", 5) != 0){ 71 hfail(c, HUnkVers, vs); 72 return -1; 73 } 74 vs += 5; 75 c->req.vermaj = strtoul(vs, &vs, 10); 76 if(*vs != '.' || c->req.vermaj != 1){ 77 hfail(c, HUnkVers, vs); 78 return -1; 79 } 80 vs++; 81 c->req.vermin = strtoul(vs, &vs, 10); 82 if(*vs != '\0'){ 83 hfail(c, HUnkVers, vs); 84 return -1; 85 } 86 87 extra = getword(c); 88 if(extra != nil){ 89 hfail(c, HSyntax); 90 return -1; 91 } 92 } 93 94 /* 95 * the fragment is not supposed to be sent 96 * strip it 'cause some clients send it 97 */ 98 origuri = uri; 99 uri = strchr(origuri, '#'); 100 if(uri != nil) 101 *uri = 0; 102 103 /* 104 * http/1.1 requires the server to accept absolute 105 * or relative uri's. convert to relative with an absolute path 106 */ 107 if(http11(c)){ 108 ss = parseuri(c, origuri); 109 uri = ss.s1; 110 c->req.urihost = ss.s2; 111 if(uri == nil){ 112 hfail(c, HBadReq, uri); 113 return -1; 114 } 115 origuri = uri; 116 } 117 118 /* 119 * munge uri for search, protection, and magic 120 */ 121 ss = stripsearch(origuri); 122 origuri = ss.s1; 123 search = ss.s2; 124 uri = hurlunesc(c, origuri); 125 uri = abspath(c, uri, "/"); 126 if(uri == nil || uri[0] == '\0'){ 127 hfail(c, HNotFound, "no object specified"); 128 return -1; 129 } 130 131 c->req.uri = uri; 132 c->req.search = search; 133 134 return 1; 135 } 136 137 static Strings 138 parseuri(HConnect *c, char *uri) 139 { 140 Strings ss; 141 char *urihost, *p; 142 143 urihost = nil; 144 if(uri[0] != '/'){ 145 if(cistrncmp(uri, "http://", 7) != 0){ 146 ss.s1 = nil; 147 ss.s2 = nil; 148 return ss; 149 } 150 uri += 5; /* skip http: */ 151 } 152 153 /* 154 * anything starting with // is a host name or number 155 * hostnames constists of letters, digits, - and . 156 * for now, just ignore any port given 157 */ 158 if(uri[0] == '/' && uri[1] == '/'){ 159 urihost = uri + 2; 160 p = strchr(urihost, '/'); 161 if(p == nil) 162 uri = hstrdup(c, "/"); 163 else{ 164 uri = hstrdup(c, p); 165 *p = '\0'; 166 } 167 p = strchr(urihost, ':'); 168 if(p != nil) 169 *p = '\0'; 170 } 171 172 if(uri[0] != '/' || uri[1] == '/'){ 173 ss.s1 = nil; 174 ss.s2 = nil; 175 return ss; 176 } 177 178 ss.s1 = uri; 179 ss.s2 = hlower(urihost); 180 return ss; 181 } 182 static Strings 183 stripsearch(char *uri) 184 { 185 Strings ss; 186 char *search; 187 188 search = strchr(uri, '?'); 189 if(search != nil) 190 *search++ = 0; 191 ss.s1 = uri; 192 ss.s2 = search; 193 return ss; 194 } 195 196 /* 197 * to circumscribe the accessible files we have to eliminate ..'s 198 * and resolve all names from the root. 199 */ 200 static char* 201 abspath(HConnect *cc, char *origpath, char *curdir) 202 { 203 char *p, *sp, *path, *work, *rpath; 204 int len, n, c; 205 206 if(curdir == nil) 207 curdir = "/"; 208 if(origpath == nil) 209 origpath = ""; 210 work = hstrdup(cc, origpath); 211 path = work; 212 213 /* 214 * remove any really special characters 215 */ 216 for(sp = "`;| "; *sp; sp++){ 217 p = strchr(path, *sp); 218 if(p) 219 *p = 0; 220 } 221 222 len = strlen(curdir) + strlen(path) + 2 + UTFmax; 223 if(len < 10) 224 len = 10; 225 rpath = halloc(cc, len); 226 if(*path == '/') 227 rpath[0] = 0; 228 else 229 strcpy(rpath, curdir); 230 n = strlen(rpath); 231 232 while(path){ 233 p = strchr(path, '/'); 234 if(p) 235 *p++ = 0; 236 if(strcmp(path, "..") == 0){ 237 while(n > 1){ 238 n--; 239 c = rpath[n]; 240 rpath[n] = 0; 241 if(c == '/') 242 break; 243 } 244 }else if(strcmp(path, ".") == 0){ 245 ; 246 }else if(n == 1) 247 n += snprint(rpath+n, len-n, "%s", path); 248 else 249 n += snprint(rpath+n, len-n, "/%s", path); 250 path = p; 251 } 252 253 if(strncmp(rpath, "/bin/", 5) == 0) 254 strcpy(rpath, "/"); 255 return rpath; 256 } 257 258 static char* 259 getword(HConnect *c) 260 { 261 char *buf; 262 int ch, n; 263 264 while((ch = getc(c)) == ' ' || ch == '\t' || ch == '\r') 265 ; 266 if(ch == '\n') 267 return nil; 268 n = 0; 269 buf = halloc(c, 1); 270 for(;;){ 271 switch(ch){ 272 case ' ': 273 case '\t': 274 case '\r': 275 case '\n': 276 buf[n] = '\0'; 277 return hstrdup(c, buf); 278 } 279 280 if(n < HMaxWord-1){ 281 buf = bingrow(&c->bin, buf, n, n + 1, 0); 282 if(buf == nil) 283 return nil; 284 buf[n++] = ch; 285 } 286 ch = getc(c); 287 } 288 } 289 290 static int 291 getc(HConnect *c) 292 { 293 if(c->hpos < c->hstop) 294 return *c->hpos++; 295 return '\n'; 296 } 297