version 1.1.1.1, 2013/10/14 10:32:48
|
version 1.1.1.2, 2016/11/02 10:35:00
|
Line 1
|
Line 1
|
|
#include "first.h" |
|
|
#include "base.h" |
#include "base.h" |
#include "array.h" |
#include "array.h" |
#include "buffer.h" |
#include "buffer.h" |
#include "log.h" |
#include "log.h" |
#include "etag.h" |
#include "etag.h" |
|
#include "http_chunk.h" |
#include "response.h" |
#include "response.h" |
|
#include "stat_cache.h" |
|
|
#include <string.h> |
#include <string.h> |
#include <errno.h> |
#include <errno.h> |
Line 123 int http_response_redirect_to_directory(server *srv, c
|
Line 127 int http_response_redirect_to_directory(server *srv, c
|
|
|
o = buffer_init(); |
o = buffer_init(); |
|
|
buffer_copy_string_buffer(o, con->uri.scheme); | buffer_copy_buffer(o, con->uri.scheme); |
buffer_append_string_len(o, CONST_STR_LEN("://")); |
buffer_append_string_len(o, CONST_STR_LEN("://")); |
if (con->uri.authority->used) { | if (!buffer_is_empty(con->uri.authority)) { |
buffer_append_string_buffer(o, con->uri.authority); |
buffer_append_string_buffer(o, con->uri.authority); |
} else { |
} else { |
/* get the name of the currently connected socket */ |
/* get the name of the currently connected socket */ |
Line 138 int http_response_redirect_to_directory(server *srv, c
|
Line 142 int http_response_redirect_to_directory(server *srv, c
|
|
|
our_addr_len = sizeof(our_addr); |
our_addr_len = sizeof(our_addr); |
|
|
if (-1 == getsockname(con->fd, &(our_addr.plain), &our_addr_len)) { | if (-1 == getsockname(con->fd, (struct sockaddr *)&our_addr, &our_addr_len) |
| || our_addr_len > (socklen_t)sizeof(our_addr)) { |
con->http_status = 500; |
con->http_status = 500; |
|
|
log_error_write(srv, __FILE__, __LINE__, "ss", |
log_error_write(srv, __FILE__, __LINE__, "ss", |
Line 163 int http_response_redirect_to_directory(server *srv, c
|
Line 168 int http_response_redirect_to_directory(server *srv, c
|
"SSS", "NOTICE: getnameinfo failed: ", |
"SSS", "NOTICE: getnameinfo failed: ", |
strerror(errno), ", using ip-address instead"); |
strerror(errno), ", using ip-address instead"); |
|
|
|
buffer_append_string_len(o, CONST_STR_LEN("[")); |
buffer_append_string(o, |
buffer_append_string(o, |
inet_ntop(AF_INET6, (char *)&our_addr.ipv6.sin6_addr, |
inet_ntop(AF_INET6, (char *)&our_addr.ipv6.sin6_addr, |
dst, sizeof(dst))); |
dst, sizeof(dst))); |
|
buffer_append_string_len(o, CONST_STR_LEN("]")); |
} else { |
} else { |
buffer_append_string(o, hbuf); |
buffer_append_string(o, hbuf); |
} |
} |
Line 197 int http_response_redirect_to_directory(server *srv, c
|
Line 204 int http_response_redirect_to_directory(server *srv, c
|
} |
} |
if (default_port != srv->srvconf.port) { |
if (default_port != srv->srvconf.port) { |
buffer_append_string_len(o, CONST_STR_LEN(":")); |
buffer_append_string_len(o, CONST_STR_LEN(":")); |
buffer_append_long(o, srv->srvconf.port); | buffer_append_int(o, srv->srvconf.port); |
} |
} |
} |
} |
} |
} |
buffer_append_string_buffer(o, con->uri.path); | buffer_append_string_encoded(o, CONST_BUF_LEN(con->uri.path), ENCODING_REL_URI); |
buffer_append_string_len(o, CONST_STR_LEN("/")); |
buffer_append_string_len(o, CONST_STR_LEN("/")); |
if (!buffer_is_empty(con->uri.query)) { | if (!buffer_string_is_empty(con->uri.query)) { |
buffer_append_string_len(o, CONST_STR_LEN("?")); |
buffer_append_string_len(o, CONST_STR_LEN("?")); |
buffer_append_string_buffer(o, con->uri.query); |
buffer_append_string_buffer(o, con->uri.query); |
} |
} |
Line 235 buffer * strftime_cache_get(server *srv, time_t last_m
|
Line 242 buffer * strftime_cache_get(server *srv, time_t last_m
|
} |
} |
|
|
srv->mtime_cache[i].mtime = last_mod; |
srv->mtime_cache[i].mtime = last_mod; |
buffer_prepare_copy(srv->mtime_cache[i].str, 1024); | buffer_string_prepare_copy(srv->mtime_cache[i].str, 1023); |
tm = gmtime(&(srv->mtime_cache[i].mtime)); |
tm = gmtime(&(srv->mtime_cache[i].mtime)); |
srv->mtime_cache[i].str->used = strftime(srv->mtime_cache[i].str->ptr, | buffer_append_strftime(srv->mtime_cache[i].str, "%a, %d %b %Y %H:%M:%S GMT", tm); |
srv->mtime_cache[i].str->size - 1, | |
"%a, %d %b %Y %H:%M:%S GMT", tm); | |
srv->mtime_cache[i].str->used++; | |
|
|
return srv->mtime_cache[i].str; |
return srv->mtime_cache[i].str; |
} |
} |
|
|
|
|
int http_response_handle_cachable(server *srv, connection *con, buffer *mtime) { |
int http_response_handle_cachable(server *srv, connection *con, buffer *mtime) { |
|
int head_or_get = |
|
( HTTP_METHOD_GET == con->request.http_method |
|
|| HTTP_METHOD_HEAD == con->request.http_method); |
UNUSED(srv); |
UNUSED(srv); |
|
|
/* |
/* |
* 14.26 If-None-Match |
* 14.26 If-None-Match |
* [...] |
* [...] |
Line 258 int http_response_handle_cachable(server *srv, connect
|
Line 266 int http_response_handle_cachable(server *srv, connect
|
* return a 304 (Not Modified) response. |
* return a 304 (Not Modified) response. |
*/ |
*/ |
|
|
/* last-modified handling */ |
|
if (con->request.http_if_none_match) { |
if (con->request.http_if_none_match) { |
if (etag_is_equal(con->physical.etag, con->request.http_if_none_match)) { | /* use strong etag checking for now: weak comparison must not be used |
if (con->request.http_method == HTTP_METHOD_GET || | * for ranged requests |
con->request.http_method == HTTP_METHOD_HEAD) { | */ |
| if (etag_is_equal(con->physical.etag, con->request.http_if_none_match, 0)) { |
| if (head_or_get) { |
con->http_status = 304; |
con->http_status = 304; |
return HANDLER_FINISHED; |
return HANDLER_FINISHED; |
} else { |
} else { |
Line 272 int http_response_handle_cachable(server *srv, connect
|
Line 280 int http_response_handle_cachable(server *srv, connect
|
return HANDLER_FINISHED; |
return HANDLER_FINISHED; |
} |
} |
} |
} |
} else if (con->request.http_if_modified_since && | } else if (con->request.http_if_modified_since && head_or_get) { |
(con->request.http_method == HTTP_METHOD_GET || | /* last-modified handling */ |
con->request.http_method == HTTP_METHOD_HEAD)) { | |
size_t used_len; |
size_t used_len; |
char *semicolon; |
char *semicolon; |
|
|
Line 319 int http_response_handle_cachable(server *srv, connect
|
Line 326 int http_response_handle_cachable(server *srv, connect
|
} |
} |
|
|
return HANDLER_GO_ON; |
return HANDLER_GO_ON; |
|
} |
|
|
|
|
|
static int http_response_parse_range(server *srv, connection *con, buffer *path, stat_cache_entry *sce) { |
|
int multipart = 0; |
|
int error; |
|
off_t start, end; |
|
const char *s, *minus; |
|
char *boundary = "fkj49sn38dcn3"; |
|
data_string *ds; |
|
buffer *content_type = NULL; |
|
|
|
start = 0; |
|
end = sce->st.st_size - 1; |
|
|
|
con->response.content_length = 0; |
|
|
|
if (NULL != (ds = (data_string *)array_get_element(con->response.headers, "Content-Type"))) { |
|
content_type = ds->value; |
|
} |
|
|
|
for (s = con->request.http_range, error = 0; |
|
!error && *s && NULL != (minus = strchr(s, '-')); ) { |
|
char *err; |
|
off_t la, le; |
|
|
|
if (s == minus) { |
|
/* -<stop> */ |
|
|
|
le = strtoll(s, &err, 10); |
|
|
|
if (le == 0) { |
|
/* RFC 2616 - 14.35.1 */ |
|
|
|
con->http_status = 416; |
|
error = 1; |
|
} else if (*err == '\0') { |
|
/* end */ |
|
s = err; |
|
|
|
end = sce->st.st_size - 1; |
|
start = sce->st.st_size + le; |
|
} else if (*err == ',') { |
|
multipart = 1; |
|
s = err + 1; |
|
|
|
end = sce->st.st_size - 1; |
|
start = sce->st.st_size + le; |
|
} else { |
|
error = 1; |
|
} |
|
|
|
} else if (*(minus+1) == '\0' || *(minus+1) == ',') { |
|
/* <start>- */ |
|
|
|
la = strtoll(s, &err, 10); |
|
|
|
if (err == minus) { |
|
/* ok */ |
|
|
|
if (*(err + 1) == '\0') { |
|
s = err + 1; |
|
|
|
end = sce->st.st_size - 1; |
|
start = la; |
|
|
|
} else if (*(err + 1) == ',') { |
|
multipart = 1; |
|
s = err + 2; |
|
|
|
end = sce->st.st_size - 1; |
|
start = la; |
|
} else { |
|
error = 1; |
|
} |
|
} else { |
|
/* error */ |
|
error = 1; |
|
} |
|
} else { |
|
/* <start>-<stop> */ |
|
|
|
la = strtoll(s, &err, 10); |
|
|
|
if (err == minus) { |
|
le = strtoll(minus+1, &err, 10); |
|
|
|
/* RFC 2616 - 14.35.1 */ |
|
if (la > le) { |
|
error = 1; |
|
} |
|
|
|
if (*err == '\0') { |
|
/* ok, end*/ |
|
s = err; |
|
|
|
end = le; |
|
start = la; |
|
} else if (*err == ',') { |
|
multipart = 1; |
|
s = err + 1; |
|
|
|
end = le; |
|
start = la; |
|
} else { |
|
/* error */ |
|
|
|
error = 1; |
|
} |
|
} else { |
|
/* error */ |
|
|
|
error = 1; |
|
} |
|
} |
|
|
|
if (!error) { |
|
if (start < 0) start = 0; |
|
|
|
/* RFC 2616 - 14.35.1 */ |
|
if (end > sce->st.st_size - 1) end = sce->st.st_size - 1; |
|
|
|
if (start > sce->st.st_size - 1) { |
|
error = 1; |
|
|
|
con->http_status = 416; |
|
} |
|
} |
|
|
|
if (!error) { |
|
if (multipart) { |
|
/* write boundary-header */ |
|
buffer *b = buffer_init(); |
|
|
|
buffer_copy_string_len(b, CONST_STR_LEN("\r\n--")); |
|
buffer_append_string(b, boundary); |
|
|
|
/* write Content-Range */ |
|
buffer_append_string_len(b, CONST_STR_LEN("\r\nContent-Range: bytes ")); |
|
buffer_append_int(b, start); |
|
buffer_append_string_len(b, CONST_STR_LEN("-")); |
|
buffer_append_int(b, end); |
|
buffer_append_string_len(b, CONST_STR_LEN("/")); |
|
buffer_append_int(b, sce->st.st_size); |
|
|
|
buffer_append_string_len(b, CONST_STR_LEN("\r\nContent-Type: ")); |
|
buffer_append_string_buffer(b, content_type); |
|
|
|
/* write END-OF-HEADER */ |
|
buffer_append_string_len(b, CONST_STR_LEN("\r\n\r\n")); |
|
|
|
con->response.content_length += buffer_string_length(b); |
|
chunkqueue_append_buffer(con->write_queue, b); |
|
buffer_free(b); |
|
} |
|
|
|
chunkqueue_append_file(con->write_queue, path, start, end - start + 1); |
|
con->response.content_length += end - start + 1; |
|
} |
|
} |
|
|
|
/* something went wrong */ |
|
if (error) return -1; |
|
|
|
if (multipart) { |
|
/* add boundary end */ |
|
buffer *b = buffer_init(); |
|
|
|
buffer_copy_string_len(b, "\r\n--", 4); |
|
buffer_append_string(b, boundary); |
|
buffer_append_string_len(b, "--\r\n", 4); |
|
|
|
con->response.content_length += buffer_string_length(b); |
|
chunkqueue_append_buffer(con->write_queue, b); |
|
buffer_free(b); |
|
|
|
/* set header-fields */ |
|
|
|
buffer_copy_string_len(srv->tmp_buf, CONST_STR_LEN("multipart/byteranges; boundary=")); |
|
buffer_append_string(srv->tmp_buf, boundary); |
|
|
|
/* overwrite content-type */ |
|
response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(srv->tmp_buf)); |
|
} else { |
|
/* add Content-Range-header */ |
|
|
|
buffer_copy_string_len(srv->tmp_buf, CONST_STR_LEN("bytes ")); |
|
buffer_append_int(srv->tmp_buf, start); |
|
buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN("-")); |
|
buffer_append_int(srv->tmp_buf, end); |
|
buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN("/")); |
|
buffer_append_int(srv->tmp_buf, sce->st.st_size); |
|
|
|
response_header_insert(srv, con, CONST_STR_LEN("Content-Range"), CONST_BUF_LEN(srv->tmp_buf)); |
|
} |
|
|
|
/* ok, the file is set-up */ |
|
return 0; |
|
} |
|
|
|
|
|
void http_response_send_file (server *srv, connection *con, buffer *path) { |
|
stat_cache_entry *sce = NULL; |
|
buffer *mtime = NULL; |
|
data_string *ds; |
|
int allow_caching = (0 == con->http_status || 200 == con->http_status); |
|
|
|
if (HANDLER_ERROR == stat_cache_get_entry(srv, con, path, &sce)) { |
|
con->http_status = (errno == ENOENT) ? 404 : 403; |
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sbsb", |
|
"not a regular file:", con->uri.path, |
|
"->", path); |
|
|
|
return; |
|
} |
|
|
|
/* we only handline regular files */ |
|
#ifdef HAVE_LSTAT |
|
if ((sce->is_symlink == 1) && !con->conf.follow_symlink) { |
|
con->http_status = 403; |
|
|
|
if (con->conf.log_request_handling) { |
|
log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied due symlink restriction"); |
|
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", path); |
|
} |
|
|
|
return; |
|
} |
|
#endif |
|
if (!S_ISREG(sce->st.st_mode)) { |
|
con->http_status = 403; |
|
|
|
if (con->conf.log_file_not_found) { |
|
log_error_write(srv, __FILE__, __LINE__, "sbsb", |
|
"not a regular file:", con->uri.path, |
|
"->", sce->name); |
|
} |
|
|
|
return; |
|
} |
|
|
|
/* mod_compress might set several data directly, don't overwrite them */ |
|
|
|
/* set response content-type, if not set already */ |
|
|
|
if (NULL == array_get_element(con->response.headers, "Content-Type")) { |
|
if (buffer_string_is_empty(sce->content_type)) { |
|
/* we are setting application/octet-stream, but also announce that |
|
* this header field might change in the seconds few requests |
|
* |
|
* This should fix the aggressive caching of FF and the script download |
|
* seen by the first installations |
|
*/ |
|
response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("application/octet-stream")); |
|
|
|
allow_caching = 0; |
|
} else { |
|
response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type)); |
|
} |
|
} |
|
|
|
if (con->conf.range_requests) { |
|
response_header_overwrite(srv, con, CONST_STR_LEN("Accept-Ranges"), CONST_STR_LEN("bytes")); |
|
} |
|
|
|
if (allow_caching) { |
|
if (con->etag_flags != 0 && !buffer_string_is_empty(sce->etag)) { |
|
if (NULL == array_get_element(con->response.headers, "ETag")) { |
|
/* generate e-tag */ |
|
etag_mutate(con->physical.etag, sce->etag); |
|
|
|
response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag)); |
|
} |
|
} |
|
|
|
/* prepare header */ |
|
if (NULL == (ds = (data_string *)array_get_element(con->response.headers, "Last-Modified"))) { |
|
mtime = strftime_cache_get(srv, sce->st.st_mtime); |
|
response_header_overwrite(srv, con, CONST_STR_LEN("Last-Modified"), CONST_BUF_LEN(mtime)); |
|
} else { |
|
mtime = ds->value; |
|
} |
|
|
|
if (HANDLER_FINISHED == http_response_handle_cachable(srv, con, mtime)) { |
|
return; |
|
} |
|
} |
|
|
|
if (con->request.http_range && con->conf.range_requests |
|
&& (200 == con->http_status || 0 == con->http_status) |
|
&& NULL == array_get_element(con->response.headers, "Content-Encoding")) { |
|
int do_range_request = 1; |
|
/* check if we have a conditional GET */ |
|
|
|
if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If-Range"))) { |
|
/* if the value is the same as our ETag, we do a Range-request, |
|
* otherwise a full 200 */ |
|
|
|
if (ds->value->ptr[0] == '"') { |
|
/** |
|
* client wants a ETag |
|
*/ |
|
if (!con->physical.etag) { |
|
do_range_request = 0; |
|
} else if (!buffer_is_equal(ds->value, con->physical.etag)) { |
|
do_range_request = 0; |
|
} |
|
} else if (!mtime) { |
|
/** |
|
* we don't have a Last-Modified and can match the If-Range: |
|
* |
|
* sending all |
|
*/ |
|
do_range_request = 0; |
|
} else if (!buffer_is_equal(ds->value, mtime)) { |
|
do_range_request = 0; |
|
} |
|
} |
|
|
|
if (do_range_request) { |
|
/* content prepared, I'm done */ |
|
con->file_finished = 1; |
|
|
|
if (0 == http_response_parse_range(srv, con, path, sce)) { |
|
con->http_status = 206; |
|
} |
|
return; |
|
} |
|
} |
|
|
|
/* if we are still here, prepare body */ |
|
|
|
/* we add it here for all requests |
|
* the HEAD request will drop it afterwards again |
|
*/ |
|
if (0 == sce->st.st_size || 0 == http_chunk_append_file(srv, con, path)) { |
|
con->http_status = 200; |
|
con->file_finished = 1; |
|
} else { |
|
con->http_status = 403; |
|
} |
|
} |
|
|
|
void http_response_xsendfile (server *srv, connection *con, buffer *path, const array *xdocroot) { |
|
const int status = con->http_status; |
|
int valid = 1; |
|
|
|
con->file_started = 1; |
|
|
|
/* reset Content-Length, if set by backend |
|
* Content-Length might later be set to size of X-Sendfile static file, |
|
* determined by open(), fstat() to reduces race conditions if the file |
|
* is modified between stat() (stat_cache_get_entry()) and open(). */ |
|
if (con->parsed_response & HTTP_CONTENT_LENGTH) { |
|
data_string *ds = (data_string *) array_get_element(con->response.headers, "Content-Length"); |
|
if (ds) buffer_reset(ds->value); |
|
con->parsed_response &= ~HTTP_CONTENT_LENGTH; |
|
con->response.content_length = -1; |
|
} |
|
|
|
buffer_urldecode_path(path); |
|
buffer_path_simplify(path, path); |
|
if (con->conf.force_lowercase_filenames) { |
|
buffer_to_lower(path); |
|
} |
|
|
|
/* check that path is under xdocroot(s) |
|
* - xdocroot should have trailing slash appended at config time |
|
* - con->conf.force_lowercase_filenames is not a server-wide setting, |
|
* and so can not be definitively applied to xdocroot at config time*/ |
|
if (xdocroot->used) { |
|
size_t i, xlen = buffer_string_length(path); |
|
for (i = 0; i < xdocroot->used; ++i) { |
|
data_string *ds = (data_string *)xdocroot->data[i]; |
|
size_t dlen = buffer_string_length(ds->value); |
|
if (dlen <= xlen |
|
&& (!con->conf.force_lowercase_filenames |
|
? 0 == memcmp(path->ptr, ds->value->ptr, dlen) |
|
: 0 == strncasecmp(path->ptr, ds->value->ptr, dlen))) { |
|
break; |
|
} |
|
} |
|
if (i == xdocroot->used) { |
|
log_error_write(srv, __FILE__, __LINE__, "SBs", |
|
"X-Sendfile (", path, |
|
") not under configured x-sendfile-docroot(s)"); |
|
con->http_status = 403; |
|
valid = 0; |
|
} |
|
} |
|
|
|
if (valid) http_response_send_file(srv, con, path); |
|
|
|
if (con->http_status >= 400 && status < 300) { |
|
con->mode = DIRECT; |
|
} else if (0 != status && 200 != status) { |
|
con->http_status = status; |
|
} |
|
} |
|
|
|
void http_response_backend_error (server *srv, connection *con) { |
|
UNUSED(srv); |
|
if (con->file_started) { |
|
/*(response might have been already started, kill the connection)*/ |
|
/*(mode == DIRECT to avoid later call to http_response_backend_done())*/ |
|
con->mode = DIRECT; /*(avoid sending final chunked block)*/ |
|
con->keep_alive = 0; /*(no keep-alive; final chunked block not sent)*/ |
|
con->file_finished = 1; |
|
} /*(else error status set later by http_response_backend_done())*/ |
|
} |
|
|
|
void http_response_backend_done (server *srv, connection *con) { |
|
/* (not CON_STATE_ERROR and not CON_STATE_RESPONSE_END, |
|
* i.e. not called from handle_connection_close or connection_reset |
|
* hooks, except maybe from errdoc handler, which later resets state)*/ |
|
switch (con->state) { |
|
case CON_STATE_HANDLE_REQUEST: |
|
case CON_STATE_READ_POST: |
|
if (!con->file_started) { |
|
/* Send an error if we haven't sent any data yet */ |
|
con->http_status = 500; |
|
con->mode = DIRECT; |
|
break; |
|
} /* else fall through */ |
|
case CON_STATE_WRITE: |
|
if (!con->file_finished) { |
|
http_chunk_close(srv, con); |
|
con->file_finished = 1; |
|
} |
|
default: |
|
break; |
|
} |
} |
} |