projects / project / uhttpd.git / blob
? search:


e95a1650a74ddbbd861e4e326e55df449335d0fe
[project/uhttpd.git] / file.c
1 /*
2 * uhttpd - Tiny single-threaded httpd
3 *
4 * Copyright (C) 2010-2012 Jo-Philipp Wich <xm@subsignal.org>
5 * Copyright (C) 2012 Felix Fietkau <nbd@openwrt.org>
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19
20 #define _BSD_SOURCE
21 #define _XOPEN_SOURCE 700
22
23 #include <sys/types.h>
24 #include <sys/dir.h>
25 #include <time.h>
26 #include <strings.h>
27
28 #include <libubox/blobmsg.h>
29
30 #include "uhttpd.h"
31 #include "mimetypes.h"
32
33 static LIST_HEAD(index_files);
34 static LIST_HEAD(dispatch_handlers);
35
36 struct index_file {
37 struct list_head list;
38 const char *name;
39 };
40
41 enum file_hdr {
42 HDR_AUTHORIZATION,
43 HDR_IF_MODIFIED_SINCE,
44 HDR_IF_UNMODIFIED_SINCE,
45 HDR_IF_MATCH,
46 HDR_IF_NONE_MATCH,
47 HDR_IF_RANGE,
48 __HDR_MAX
49 };
50
51 void uh_index_add(const char *filename)
52 {
53 struct index_file *idx;
54
55 idx = calloc(1, sizeof(*idx));
56 idx->name = filename;
57 list_add_tail(&idx->list, &index_files);
58 }
59
60 static char * canonpath(const char *path, char *path_resolved)
61 {
62 const char *path_cpy = path;
63 char *path_res = path_resolved;
64
65 if (conf.no_symlinks)
66 return realpath(path, path_resolved);
67
68 /* normalize */
69 while ((*path_cpy != '\0') && (path_cpy < (path + PATH_MAX - 2))) {
70 if (*path_cpy != '/')
71 goto next;
72
73 /* skip repeating / */
74 if (path_cpy[1] == '/') {
75 path_cpy++;
76 continue;
77 }
78
79 /* /./ or /../ */
80 if (path_cpy[1] == '.') {
81 /* skip /./ */
82 if ((path_cpy[2] == '/') || (path_cpy[2] == '\0')) {
83 path_cpy += 2;
84 continue;
85 }
86
87 /* collapse /x/../ */
88 if ((path_cpy[2] == '.') &&
89 ((path_cpy[3] == '/') || (path_cpy[3] == '\0'))) {
90 while ((path_res > path_resolved) && (*--path_res != '/'));
91
92 path_cpy += 3;
93 continue;
94 }
95 }
96
97 next:
98 *path_res++ = *path_cpy++;
99 }
100
101 /* remove trailing slash if not root / */
102 if ((path_res > (path_resolved+1)) && (path_res[-1] == '/'))
103 path_res--;
104 else if (path_res == path_resolved)
105 *path_res++ = '/';
106
107 *path_res = '\0';
108
109 return path_resolved;
110 }
111
112 /* Returns NULL on error.
113 ** NB: improperly encoded URL should give client 400 [Bad Syntax]; returning
114 ** NULL here causes 404 [Not Found], but that's not too unreasonable. */
115 static struct path_info *
116 uh_path_lookup(struct client *cl, const char *url)
117 {
118 static char path_phys[PATH_MAX];
119 static char path_info[PATH_MAX];
120 static struct path_info p;
121
122 const char *docroot = conf.docroot;
123 int docroot_len = strlen(docroot);
124 char *pathptr = NULL;
125 bool slash;
126
127 int i = 0;
128 int len;
129 struct stat s;
130 struct index_file *idx;
131
132 /* back out early if url is undefined */
133 if (url == NULL)
134 return NULL;
135
136 memset(&p, 0, sizeof(p));
137 path_phys[0] = 0;
138 path_info[0] = 0;
139
140 strcpy(uh_buf, docroot);
141
142 /* separate query string from url */
143 if ((pathptr = strchr(url, '?')) != NULL) {
144 p.query = pathptr[1] ? pathptr + 1 : NULL;
145
146 /* urldecode component w/o query */
147 if (pathptr > url) {
148 if (uh_urldecode(&uh_buf[docroot_len],
149 sizeof(uh_buf) - docroot_len - 1,
150 url, pathptr - url ) < 0)
151 return NULL;
152 }
153 }
154
155 /* no query string, decode all of url */
156 else if (uh_urldecode(&uh_buf[docroot_len],
157 sizeof(uh_buf) - docroot_len - 1,
158 url, strlen(url) ) < 0)
159 return NULL;
160
161 /* create canon path */
162 len = strlen(uh_buf);
163 slash = len && uh_buf[len - 1] == '/';
164 len = min(len, sizeof(path_phys) - 1);
165
166 for (i = len; i >= 0; i--) {
167 char ch = uh_buf[i];
168 bool exists;
169
170 if (ch != 0 && ch != '/')
171 continue;
172
173 uh_buf[i] = 0;
174 exists = !!canonpath(uh_buf, path_phys);
175 uh_buf[i] = ch;
176
177 snprintf(path_info, sizeof(path_info), "%s", uh_buf + i);
178 break;
179 }
180
181 /* check whether found path is within docroot */
182 if (strncmp(path_phys, docroot, docroot_len) != 0 ||
183 (path_phys[docroot_len] != 0 &&
184 path_phys[docroot_len] != '/'))
185 return NULL;
186
187 /* test current path */
188 if (stat(path_phys, &p.stat))
189 return NULL;
190
191 /* is a regular file */
192 if (p.stat.st_mode & S_IFREG) {
193 p.root = docroot;
194 p.phys = path_phys;
195 p.name = &path_phys[docroot_len];
196 p.info = path_info[0] ? path_info : NULL;
197 return &p;
198 }
199
200 if (!(p.stat.st_mode & S_IFDIR))
201 return NULL;
202
203 if (path_info[0])
204 return NULL;
205
206 pathptr = path_phys + strlen(path_phys);
207
208 /* ensure trailing slash */
209 if (pathptr[-1] != '/') {
210 pathptr[0] = '/';
211 pathptr[1] = 0;
212 pathptr++;
213 }
214
215 /* if requested url resolves to a directory and a trailing slash
216 is missing in the request url, redirect the client to the same
217 url with trailing slash appended */
218 if (!slash) {
219 uh_http_header(cl, 302, "Found");
220 ustream_printf(cl->us, "Location: %s%s%s\r\n\r\n",
221 &path_phys[docroot_len],
222 p.query ? "?" : "",
223 p.query ? p.query : "");
224 uh_request_done(cl);
225 p.redirected = 1;
226 return &p;
227 }
228
229 /* try to locate index file */
230 len = path_phys + sizeof(path_phys) - pathptr - 1;
231 list_for_each_entry(idx, &index_files, list) {
232 if (strlen(idx->name) > len)
233 continue;
234
235 strcpy(pathptr, idx->name);
236 if (!stat(path_phys, &s) && (s.st_mode & S_IFREG)) {
237 memcpy(&p.stat, &s, sizeof(p.stat));
238 break;
239 }
240
241 *pathptr = 0;
242 }
243
244 p.root = docroot;
245 p.phys = path_phys;
246 p.name = &path_phys[docroot_len];
247
248 return p.phys ? &p : NULL;
249 }
250
251 static const char * uh_file_mime_lookup(const char *path)
252 {
253 struct mimetype *m = &uh_mime_types[0];
254 const char *e;
255
256 while (m->extn) {
257 e = &path[strlen(path)-1];
258
259 while (e >= path) {
260 if ((*e == '.' || *e == '/') && !strcasecmp(&e[1], m->extn))
261 return m->mime;
262
263 e--;
264 }
265
266 m++;
267 }
268
269 return "application/octet-stream";
270 }
271
272 static const char * uh_file_mktag(struct stat *s, char *buf)
273 {
274 snprintf(buf, sizeof(buf), "\"%x-%x-%x\"",
275 (unsigned int) s->st_ino,
276 (unsigned int) s->st_size,
277 (unsigned int) s->st_mtime);
278
279 return buf;
280 }
281
282 static time_t uh_file_date2unix(const char *date)
283 {
284 struct tm t;
285
286 memset(&t, 0, sizeof(t));
287
288 if (strptime(date, "%a, %d %b %Y %H:%M:%S %Z", &t) != NULL)
289 return timegm(&t);
290
291 return 0;
292 }
293
294 static char * uh_file_unix2date(time_t ts, char *buf, int len)
295 {
296 struct tm *t = gmtime(&ts);
297
298 strftime(buf, len, "%a, %d %b %Y %H:%M:%S GMT", t);
299
300 return buf;
301 }
302
303 static char *uh_file_header(struct client *cl, int idx)
304 {
305 if (!cl->dispatch.file.hdr[idx])
306 return NULL;
307
308 return (char *) blobmsg_data(cl->dispatch.file.hdr[idx]);
309 }
310
311 static void uh_file_response_ok_hdrs(struct client *cl, struct stat *s)
312 {
313 char buf[128];
314
315 if (s) {
316 ustream_printf(cl->us, "ETag: %s\r\n", uh_file_mktag(s, buf));
317 ustream_printf(cl->us, "Last-Modified: %s\r\n",
318 uh_file_unix2date(s->st_mtime, buf, sizeof(buf)));
319 }
320 ustream_printf(cl->us, "Date: %s\r\n",
321 uh_file_unix2date(time(NULL), buf, sizeof(buf)));
322 }
323
324 static void uh_file_response_200(struct client *cl, struct stat *s)
325 {
326 uh_http_header(cl, 200, "OK");
327 return uh_file_response_ok_hdrs(cl, s);
328 }
329
330 static void uh_file_response_304(struct client *cl, struct stat *s)
331 {
332 uh_http_header(cl, 304, "Not Modified");
333
334 return uh_file_response_ok_hdrs(cl, s);
335 }
336
337 static void uh_file_response_412(struct client *cl)
338 {
339 uh_http_header(cl, 412, "Precondition Failed");
340 }
341
342 static bool uh_file_if_match(struct client *cl, struct stat *s)
343 {
344 char buf[128];
345 const char *tag = uh_file_mktag(s, buf);
346 char *hdr = uh_file_header(cl, HDR_IF_MATCH);
347 char *p;
348 int i;
349
350 if (!hdr)
351 return true;
352
353 p = &hdr[0];
354 for (i = 0; i < strlen(hdr); i++)
355 {
356 if ((hdr[i] == ' ') || (hdr[i] == ',')) {
357 hdr[i++] = 0;
358 p = &hdr[i];
359 } else if (!strcmp(p, "*") || !strcmp(p, tag)) {
360 return true;
361 }
362 }
363
364 uh_file_response_412(cl);
365 return false;
366 }
367
368 static int uh_file_if_modified_since(struct client *cl, struct stat *s)
369 {
370 char *hdr = uh_file_header(cl, HDR_IF_MODIFIED_SINCE);
371
372 if (!hdr)
373 return true;
374
375 if (uh_file_date2unix(hdr) >= s->st_mtime) {
376 uh_file_response_304(cl, s);
377 return false;
378 }
379
380 return true;
381 }
382
383 static int uh_file_if_none_match(struct client *cl, struct stat *s)
384 {
385 char buf[128];
386 const char *tag = uh_file_mktag(s, buf);
387 char *hdr = uh_file_header(cl, HDR_IF_NONE_MATCH);
388 char *p;
389 int i;
390
391 if (!hdr)
392 return true;
393
394 p = &hdr[0];
395 for (i = 0; i < strlen(hdr); i++) {
396 if ((hdr[i] == ' ') || (hdr[i] == ',')) {
397 hdr[i++] = 0;
398 p = &hdr[i];
399 } else if (!strcmp(p, "*") || !strcmp(p, tag)) {
400 if ((cl->request.method == UH_HTTP_MSG_GET) ||
401 (cl->request.method == UH_HTTP_MSG_HEAD))
402 uh_file_response_304(cl, s);
403 else
404 uh_file_response_412(cl);
405
406 return false;
407 }
408 }
409
410 return true;
411 }
412
413 static int uh_file_if_range(struct client *cl, struct stat *s)
414 {
415 char *hdr = uh_file_header(cl, HDR_IF_RANGE);
416
417 if (hdr) {
418 uh_file_response_412(cl);
419 return false;
420 }
421
422 return true;
423 }
424
425 static int uh_file_if_unmodified_since(struct client *cl, struct stat *s)
426 {
427 char *hdr = uh_file_header(cl, HDR_IF_UNMODIFIED_SINCE);
428
429 if (hdr && uh_file_date2unix(hdr) <= s->st_mtime) {
430 uh_file_response_412(cl);
431 return false;
432 }
433
434 return true;
435 }
436
437
438 static int uh_file_scandir_filter_dir(const struct dirent *e)
439 {
440 return strcmp(e->d_name, ".") ? 1 : 0;
441 }
442
443 static void uh_file_dirlist(struct client *cl, struct path_info *pi)
444 {
445 int i;
446 int count = 0;
447 char *filename = uh_buf;
448 char *pathptr;
449 struct dirent **files = NULL;
450 struct stat s;
451 char buf[128];
452
453 uh_file_response_200(cl, NULL);
454 ustream_printf(cl->us, "Content-Type: text/html\r\n\r\n");
455
456 uh_chunk_printf(cl,
457 "<html><head><title>Index of %s</title></head>"
458 "<body><h1>Index of %s</h1><hr /><ol>",
459 pi->name, pi->name);
460
461 if ((count = scandir(pi->phys, &files, uh_file_scandir_filter_dir,
462 alphasort)) > 0)
463 {
464 int len;
465
466 strcpy(filename, pi->phys);
467 len = strlen(filename);
468 pathptr = filename + len;
469 len = PATH_MAX - len;
470
471 /* list subdirs */
472 for (i = 0; i < count; i++) {
473 snprintf(pathptr, len, "%s", files[i]->d_name);
474
475 if (!stat(filename, &s) &&
476 (s.st_mode & S_IFDIR) && (s.st_mode & S_IXOTH))
477 uh_chunk_printf(cl,
478 "<li><strong><a href='%s%s/'>%s</a>/"
479 "</strong><br /><small>modified: %s"
480 "<br />directory - %.02f kbyte<br />"
481 "<br /></small></li>",
482 pi->name, files[i]->d_name,
483 files[i]->d_name,
484 uh_file_unix2date(s.st_mtime, buf, sizeof(buf)),
485 s.st_size / 1024.0);
486
487 *pathptr = 0;
488 }
489
490 /* list files */
491 for (i = 0; i < count; i++) {
492 snprintf(pathptr, len, "%s", files[i]->d_name);
493
494 if (!stat(filename, &s) &&
495 !(s.st_mode & S_IFDIR) && (s.st_mode & S_IROTH))
496 uh_chunk_printf(cl,
497 "<li><strong><a href='%s%s'>%s</a>"
498 "</strong><br /><small>modified: %s"
499 "<br />%s - %.02f kbyte<br />"
500 "<br /></small></li>",
501 pi->name, files[i]->d_name,
502 files[i]->d_name,
503 uh_file_unix2date(s.st_mtime, buf, sizeof(buf)),
504 uh_file_mime_lookup(filename),
505 s.st_size / 1024.0);
506
507 *pathptr = 0;
508 }
509 }
510
511 uh_chunk_printf(cl, "</ol><hr /></body></html>");
512 uh_request_done(cl);
513
514 if (files)
515 {
516 for (i = 0; i < count; i++)
517 free(files[i]);
518
519 free(files);
520 }
521 }
522
523 static void file_write_cb(struct client *cl)
524 {
525 int fd = cl->dispatch.file.fd;
526 int r;
527
528 while (cl->us->w.data_bytes < 256) {
529 r = read(fd, uh_buf, sizeof(uh_buf));
530 if (r < 0) {
531 if (errno == EINTR)
532 continue;
533 }
534
535 if (!r) {
536 uh_request_done(cl);
537 return;
538 }
539
540 uh_chunk_write(cl, uh_buf, r);
541 }
542 }
543
544 static void uh_file_free(struct client *cl)
545 {
546 close(cl->dispatch.file.fd);
547 }
548
549 static void uh_file_data(struct client *cl, struct path_info *pi, int fd)
550 {
551 /* test preconditions */
552 if (!uh_file_if_modified_since(cl, &pi->stat) ||
553 !uh_file_if_match(cl, &pi->stat) ||
554 !uh_file_if_range(cl, &pi->stat) ||
555 !uh_file_if_unmodified_since(cl, &pi->stat) ||
556 !uh_file_if_none_match(cl, &pi->stat)) {
557 uh_request_done(cl);
558 close(fd);
559 return;
560 }
561
562 /* write status */
563 uh_file_response_200(cl, &pi->stat);
564
565 ustream_printf(cl->us, "Content-Type: %s\r\n",
566 uh_file_mime_lookup(pi->name));
567
568 ustream_printf(cl->us, "Content-Length: %i\r\n\r\n",
569 pi->stat.st_size);
570
571
572 /* send body */
573 if (cl->request.method == UH_HTTP_MSG_HEAD) {
574 uh_request_done(cl);
575 close(fd);
576 return;
577 }
578
579 cl->dispatch.file.fd = fd;
580 cl->dispatch.write_cb = file_write_cb;
581 cl->dispatch.free = uh_file_free;
582 cl->dispatch.close_fds = uh_file_free;
583 file_write_cb(cl);
584 }
585
586 static void uh_file_request(struct client *cl, const char *url,
587 struct path_info *pi, struct blob_attr **tb)
588 {
589 int fd;
590
591 if (!(pi->stat.st_mode & S_IROTH))
592 goto error;
593
594 if (pi->stat.st_mode & S_IFREG) {
595 fd = open(pi->phys, O_RDONLY);
596 if (fd < 0)
597 goto error;
598
599 cl->dispatch.file.hdr = tb;
600 uh_file_data(cl, pi, fd);
601 cl->dispatch.file.hdr = NULL;
602 return;
603 }
604
605 if ((pi->stat.st_mode & S_IFDIR)) {
606 if (conf.no_dirlists)
607 goto error;
608
609 uh_file_dirlist(cl, pi);
610 return;
611 }
612
613 error:
614 uh_client_error(cl, 403, "Forbidden",
615 "You don't have permission to access %s on this server.",
616 url);
617 }
618
619 void uh_dispatch_add(struct dispatch_handler *d)
620 {
621 list_add_tail(&d->list, &dispatch_handlers);
622 }
623
624 static struct dispatch_handler *
625 dispatch_find(const char *url, struct path_info *pi)
626 {
627 struct dispatch_handler *d;
628
629 list_for_each_entry(d, &dispatch_handlers, list) {
630 if (pi) {
631 if (d->check_url)
632 continue;
633
634 if (d->check_path(pi, url))
635 return d;
636 } else {
637 if (d->check_path)
638 continue;
639
640 if (d->check_url(url))
641 return d;
642 }
643 }
644
645 return NULL;
646 }
647
648 static bool __handle_file_request(struct client *cl, const char *url)
649 {
650 static const struct blobmsg_policy hdr_policy[__HDR_MAX] = {
651 [HDR_AUTHORIZATION] = { "authorization", BLOBMSG_TYPE_STRING },
652 [HDR_IF_MODIFIED_SINCE] = { "if-modified-since", BLOBMSG_TYPE_STRING },
653 [HDR_IF_UNMODIFIED_SINCE] = { "if-unmodified-since", BLOBMSG_TYPE_STRING },
654 [HDR_IF_MATCH] = { "if-match", BLOBMSG_TYPE_STRING },
655 [HDR_IF_NONE_MATCH] = { "if-none-match", BLOBMSG_TYPE_STRING },
656 [HDR_IF_RANGE] = { "if-range", BLOBMSG_TYPE_STRING },
657 };
658 struct dispatch_handler *d;
659 struct blob_attr *tb[__HDR_MAX];
660 struct path_info *pi;
661
662 pi = uh_path_lookup(cl, url);
663 if (!pi)
664 return false;
665
666 if (pi->redirected)
667 return true;
668
669 blobmsg_parse(hdr_policy, __HDR_MAX, tb, blob_data(cl->hdr.head), blob_len(cl->hdr.head));
670 if (tb[HDR_AUTHORIZATION])
671 pi->auth = blobmsg_data(tb[HDR_AUTHORIZATION]);
672
673 if (!uh_auth_check(cl, pi))
674 return true;
675
676 d = dispatch_find(url, pi);
677 if (d)
678 d->handle_request(cl, url, pi);
679 else
680 uh_file_request(cl, url, pi, tb);
681
682 return true;
683 }
684
685 void uh_handle_request(struct client *cl)
686 {
687 struct dispatch_handler *d;
688 const char *url = blobmsg_data(blob_data(cl->hdr.head));;
689
690 d = dispatch_find(url, NULL);
691 if (d) {
692 d->handle_request(cl, url, NULL);
693 return;
694 }
695
696 if (__handle_file_request(cl, url) ||
697 __handle_file_request(cl, conf.error_handler))
698 return;
699
700 uh_client_error(cl, 404, "Not Found", "The requested URL %s was not found on this server.", url);
701 }
Tiny HTTP server