2 * uhttpd - Tiny single-threaded httpd - Utility functions
4 * Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
19 #define _XOPEN_SOURCE 500 /* crypt() */
20 #define _BSD_SOURCE /* strcasecmp(), strncasecmp() */
23 #include "uhttpd-utils.h"
26 #include "uhttpd-tls.h"
30 static char *uh_index_files[] = {
38 const char * sa_straddr(void *sa)
40 static char str[INET6_ADDRSTRLEN];
41 struct sockaddr_in *v4 = (struct sockaddr_in *)sa;
42 struct sockaddr_in6 *v6 = (struct sockaddr_in6 *)sa;
44 if (v4->sin_family == AF_INET)
45 return inet_ntop(AF_INET, &(v4->sin_addr), str, sizeof(str));
47 return inet_ntop(AF_INET6, &(v6->sin6_addr), str, sizeof(str));
50 const char * sa_strport(void *sa)
53 snprintf(str, sizeof(str), "%i", sa_port(sa));
59 return ntohs(((struct sockaddr_in6 *)sa)->sin6_port);
62 int sa_rfc1918(void *sa)
64 struct sockaddr_in *v4 = (struct sockaddr_in *)sa;
65 unsigned long a = htonl(v4->sin_addr.s_addr);
67 if (v4->sin_family == AF_INET)
69 return ((a >= 0x0A000000) && (a <= 0x0AFFFFFF)) ||
70 ((a >= 0xAC100000) && (a <= 0xAC1FFFFF)) ||
71 ((a >= 0xC0A80000) && (a <= 0xC0A8FFFF));
77 /* Simple strstr() like function that takes len arguments for both haystack and needle. */
78 char *strfind(char *haystack, int hslen, const char *needle, int ndlen)
83 for (i = 0; i < hslen; i++)
85 if (haystack[i] == needle[0])
87 match = ((ndlen == 1) || ((i + ndlen) <= hslen));
89 for (j = 1; (j < ndlen) && ((i + j) < hslen); j++)
91 if (haystack[i+j] != needle[j])
106 /* interruptable select() */
107 int select_intr(int n, fd_set *r, fd_set *w, fd_set *e, struct timeval *t)
112 /* unblock SIGCHLD */
114 sigaddset(&ssn, SIGCHLD);
115 sigaddset(&ssn, SIGPIPE);
116 sigprocmask(SIG_UNBLOCK, &ssn, &sso);
118 rv = select(n, r, w, e, t);
120 /* restore signal mask */
121 sigprocmask(SIG_SETMASK, &sso, NULL);
127 int uh_tcp_send_lowlevel(struct client *cl, const char *buf, int len)
130 struct timeval timeout;
133 FD_SET(cl->socket, &writer);
135 timeout.tv_sec = cl->server->conf->network_timeout;
138 if (select(cl->socket + 1, NULL, &writer, NULL, &timeout) > 0)
139 return send(cl->socket, buf, len, 0);
144 int uh_tcp_send(struct client *cl, const char *buf, int len)
148 return cl->server->conf->tls_send(cl, (void *)buf, len);
151 return uh_tcp_send_lowlevel(cl, buf, len);
154 int uh_tcp_peek(struct client *cl, char *buf, int len)
156 /* sanity check, prevent overflowing peek buffer */
157 if (len > sizeof(cl->peekbuf))
160 int sz = uh_tcp_recv(cl, buf, len);
162 /* store received data in peek buffer */
166 memcpy(cl->peekbuf, buf, sz);
172 int uh_tcp_recv_lowlevel(struct client *cl, char *buf, int len)
175 struct timeval timeout;
178 FD_SET(cl->socket, &reader);
180 timeout.tv_sec = cl->server->conf->network_timeout;
183 if (select(cl->socket + 1, &reader, NULL, NULL, &timeout) > 0)
184 return recv(cl->socket, buf, len, 0);
189 int uh_tcp_recv(struct client *cl, char *buf, int len)
194 /* first serve data from peek buffer */
197 sz = min(cl->peeklen, len);
198 len -= sz; cl->peeklen -= sz;
199 memcpy(buf, cl->peekbuf, sz);
200 memmove(cl->peekbuf, &cl->peekbuf[sz], cl->peeklen);
203 /* caller wants more */
208 rsz = cl->server->conf->tls_recv(cl, (void *)&buf[sz], len);
211 rsz = uh_tcp_recv_lowlevel(cl, (void *)&buf[sz], len);
223 int uh_http_sendhf(struct client *cl, int code, const char *summary,
224 const char *fmt, ...)
228 char buffer[UH_LIMIT_MSGHEAD];
231 len = snprintf(buffer, sizeof(buffer),
232 "HTTP/1.1 %03i %s\r\n"
233 "Connection: close\r\n"
234 "Content-Type: text/plain\r\n"
235 "Transfer-Encoding: chunked\r\n\r\n",
239 ensure_ret(uh_tcp_send(cl, buffer, len));
242 len = vsnprintf(buffer, sizeof(buffer), fmt, ap);
245 ensure_ret(uh_http_sendc(cl, buffer, len));
246 ensure_ret(uh_http_sendc(cl, NULL, 0));
252 int uh_http_sendc(struct client *cl, const char *data, int len)
262 clen = snprintf(chunk, sizeof(chunk), "%X\r\n", len);
263 ensure_ret(uh_tcp_send(cl, chunk, clen));
264 ensure_ret(uh_tcp_send(cl, data, len));
265 ensure_ret(uh_tcp_send(cl, "\r\n", 2));
269 ensure_ret(uh_tcp_send(cl, "0\r\n\r\n", 5));
275 int uh_http_sendf(struct client *cl, struct http_request *req,
276 const char *fmt, ...)
279 char buffer[UH_LIMIT_MSGHEAD];
283 len = vsnprintf(buffer, sizeof(buffer), fmt, ap);
286 if ((req != NULL) && (req->version > 1.0))
287 ensure_ret(uh_http_sendc(cl, buffer, len));
289 ensure_ret(uh_tcp_send(cl, buffer, len));
294 int uh_http_send(struct client *cl, struct http_request *req,
295 const char *buf, int len)
300 if ((req != NULL) && (req->version > 1.0))
301 ensure_ret(uh_http_sendc(cl, buf, len));
303 ensure_ret(uh_tcp_send(cl, buf, len));
309 /* blen is the size of buf; slen is the length of src. The input-string need
310 ** not be, and the output string will not be, null-terminated. Returns the
311 ** length of the decoded string, -1 on buffer overflow, -2 on malformed string. */
312 int uh_urldecode(char *buf, int blen, const char *src, int slen)
318 (((x) <= '9') ? ((x) - '0') : \
319 (((x) <= 'F') ? ((x) - 'A' + 10) : \
322 for (i = 0; (i < slen) && (len < blen); i++)
326 if (((i+2) < slen) && isxdigit(src[i+1]) && isxdigit(src[i+2]))
328 buf[len++] = (char)(16 * hex(src[i+1]) + hex(src[i+2]));
333 /* Encoding error: it's hard to think of a
334 ** scenario in which returning an incorrect
335 ** 'decoding' of the malformed string is
336 ** preferable to signaling an error condition. */
337 #if 0 /* WORSE_IS_BETTER */
350 return (i == slen) ? len : -1;
353 /* blen is the size of buf; slen is the length of src. The input-string need
354 ** not be, and the output string will not be, null-terminated. Returns the
355 ** length of the encoded string, or -1 on error (buffer overflow) */
356 int uh_urlencode(char *buf, int blen, const char *src, int slen)
360 const char hex[] = "0123456789abcdef";
362 for (i = 0; (i < slen) && (len < blen); i++)
364 if( isalnum(src[i]) || (src[i] == '-') || (src[i] == '_') ||
365 (src[i] == '.') || (src[i] == '~') )
369 else if ((len+3) <= blen)
372 buf[len++] = hex[(src[i] >> 4) & 15];
373 buf[len++] = hex[ src[i] & 15];
382 return (i == slen) ? len : -1;
385 int uh_b64decode(char *buf, int blen, const unsigned char *src, int slen)
390 unsigned int cin = 0;
391 unsigned int cout = 0;
394 for (i = 0; (i <= slen) && (src[i] != 0); i++)
398 if ((cin >= '0') && (cin <= '9'))
399 cin = cin - '0' + 52;
400 else if ((cin >= 'A') && (cin <= 'Z'))
402 else if ((cin >= 'a') && (cin <= 'z'))
403 cin = cin - 'a' + 26;
413 cout = (cout << 6) | cin;
417 if ((len + 3) < blen)
419 buf[len++] = (char)(cout >> 16);
420 buf[len++] = (char)(cout >> 8);
421 buf[len++] = (char)(cout);
434 static char * canonpath(const char *path, char *path_resolved)
436 char path_copy[PATH_MAX];
437 char *path_cpy = path_copy;
438 char *path_res = path_resolved;
443 /* relative -> absolute */
446 getcwd(path_copy, PATH_MAX);
447 strncat(path_copy, "/", PATH_MAX - strlen(path_copy));
448 strncat(path_copy, path, PATH_MAX - strlen(path_copy));
452 strncpy(path_copy, path, PATH_MAX);
456 while ((*path_cpy != '\0') && (path_cpy < (path_copy + PATH_MAX - 2)))
458 if (*path_cpy == '/')
460 /* skip repeating / */
461 if (path_cpy[1] == '/')
468 else if (path_cpy[1] == '.')
471 if ((path_cpy[2] == '/') || (path_cpy[2] == '\0'))
477 /* collapse /x/../ */
478 else if ((path_cpy[2] == '.') &&
479 ((path_cpy[3] == '/') || (path_cpy[3] == '\0')))
481 while ((path_res > path_resolved) && (*--path_res != '/'))
490 *path_res++ = *path_cpy++;
493 /* remove trailing slash if not root / */
494 if ((path_res > (path_resolved+1)) && (path_res[-1] == '/'))
496 else if (path_res == path_resolved)
502 if (!stat(path_resolved, &s) && (s.st_mode & S_IROTH))
503 return path_resolved;
508 /* Returns NULL on error.
509 ** NB: improperly encoded URL should give client 400 [Bad Syntax]; returning
510 ** NULL here causes 404 [Not Found], but that's not too unreasonable. */
511 struct path_info * uh_path_lookup(struct client *cl, const char *url)
513 static char path_phys[PATH_MAX];
514 static char path_info[PATH_MAX];
515 static struct path_info p;
517 char buffer[UH_LIMIT_MSGHEAD];
518 char *docroot = cl->server->conf->docroot;
519 char *pathptr = NULL;
522 int no_sym = cl->server->conf->no_symlinks;
526 /* back out early if url is undefined */
530 memset(path_phys, 0, sizeof(path_phys));
531 memset(path_info, 0, sizeof(path_info));
532 memset(buffer, 0, sizeof(buffer));
533 memset(&p, 0, sizeof(p));
536 memcpy(buffer, docroot,
537 min(strlen(docroot), sizeof(buffer) - 1));
539 /* separate query string from url */
540 if ((pathptr = strchr(url, '?')) != NULL)
542 p.query = pathptr[1] ? pathptr + 1 : NULL;
544 /* urldecode component w/o query */
547 if (uh_urldecode(&buffer[strlen(docroot)],
548 sizeof(buffer) - strlen(docroot) - 1,
549 url, pathptr - url ) < 0)
551 return NULL; /* bad URL */
556 /* no query string, decode all of url */
559 if (uh_urldecode(&buffer[strlen(docroot)],
560 sizeof(buffer) - strlen(docroot) - 1,
561 url, strlen(url) ) < 0)
563 return NULL; /* bad URL */
567 /* create canon path */
568 for (i = strlen(buffer), slash = (buffer[max(0, i-1)] == '/'); i >= 0; i--)
570 if ((buffer[i] == 0) || (buffer[i] == '/'))
572 memset(path_info, 0, sizeof(path_info));
573 memcpy(path_info, buffer, min(i + 1, sizeof(path_info) - 1));
575 if (no_sym ? realpath(path_info, path_phys)
576 : canonpath(path_info, path_phys))
578 memset(path_info, 0, sizeof(path_info));
579 memcpy(path_info, &buffer[i],
580 min(strlen(buffer) - i, sizeof(path_info) - 1));
587 /* check whether found path is within docroot */
588 if (strncmp(path_phys, docroot, strlen(docroot)) ||
589 ((path_phys[strlen(docroot)] != 0) &&
590 (path_phys[strlen(docroot)] != '/')))
595 /* test current path */
596 if (!stat(path_phys, &p.stat))
598 /* is a regular file */
599 if (p.stat.st_mode & S_IFREG)
603 p.name = &path_phys[strlen(docroot)];
604 p.info = path_info[0] ? path_info : NULL;
608 else if ((p.stat.st_mode & S_IFDIR) && !strlen(path_info))
610 /* ensure trailing slash */
611 if (path_phys[strlen(path_phys)-1] != '/')
612 path_phys[strlen(path_phys)] = '/';
614 /* try to locate index file */
615 memset(buffer, 0, sizeof(buffer));
616 memcpy(buffer, path_phys, sizeof(buffer));
617 pathptr = &buffer[strlen(buffer)];
619 /* if requested url resolves to a directory and a trailing slash
620 is missing in the request url, redirect the client to the same
621 url with trailing slash appended */
624 uh_http_sendf(cl, NULL,
625 "HTTP/1.1 302 Found\r\n"
626 "Location: %s%s%s\r\n"
627 "Connection: close\r\n\r\n",
628 &path_phys[strlen(docroot)],
630 p.query ? p.query : ""
635 else if (cl->server->conf->index_file)
637 strncat(buffer, cl->server->conf->index_file, sizeof(buffer));
639 if (!stat(buffer, &s) && (s.st_mode & S_IFREG))
641 memcpy(path_phys, buffer, sizeof(path_phys));
642 memcpy(&p.stat, &s, sizeof(p.stat));
647 for (i = 0; i < array_size(uh_index_files); i++)
649 strncat(buffer, uh_index_files[i], sizeof(buffer));
651 if (!stat(buffer, &s) && (s.st_mode & S_IFREG))
653 memcpy(path_phys, buffer, sizeof(path_phys));
654 memcpy(&p.stat, &s, sizeof(p.stat));
664 p.name = &path_phys[strlen(docroot)];
668 return p.phys ? &p : NULL;
672 static struct auth_realm *uh_realms = NULL;
674 struct auth_realm * uh_auth_add(char *path, char *user, char *pass)
676 struct auth_realm *new = NULL;
683 if((new = (struct auth_realm *)malloc(sizeof(struct auth_realm))) != NULL)
685 memset(new, 0, sizeof(struct auth_realm));
687 memcpy(new->path, path,
688 min(strlen(path), sizeof(new->path) - 1));
690 memcpy(new->user, user,
691 min(strlen(user), sizeof(new->user) - 1));
693 /* given password refers to a passwd entry */
694 if ((strlen(pass) > 3) && !strncmp(pass, "$p$", 3))
697 /* try to resolve shadow entry */
698 if (((spwd = getspnam(&pass[3])) != NULL) && spwd->sp_pwdp)
700 memcpy(new->pass, spwd->sp_pwdp,
701 min(strlen(spwd->sp_pwdp), sizeof(new->pass) - 1));
707 /* try to resolve passwd entry */
708 if (((pwd = getpwnam(&pass[3])) != NULL) && pwd->pw_passwd &&
709 (pwd->pw_passwd[0] != '!') && (pwd->pw_passwd[0] != 0))
711 memcpy(new->pass, pwd->pw_passwd,
712 min(strlen(pwd->pw_passwd), sizeof(new->pass) - 1));
719 memcpy(new->pass, pass,
720 min(strlen(pass), sizeof(new->pass) - 1));
725 new->next = uh_realms;
737 int uh_auth_check(struct client *cl, struct http_request *req,
738 struct path_info *pi)
740 int i, plen, rlen, protected;
741 char buffer[UH_LIMIT_MSGHEAD];
745 struct auth_realm *realm = NULL;
747 plen = strlen(pi->name);
750 /* check whether at least one realm covers the requested url */
751 for (realm = uh_realms; realm; realm = realm->next)
753 rlen = strlen(realm->path);
755 if ((plen >= rlen) && !strncasecmp(pi->name, realm->path, rlen))
763 /* requested resource is covered by a realm */
766 /* try to get client auth info */
767 foreach_header(i, req->headers)
769 if (!strcasecmp(req->headers[i], "Authorization") &&
770 (strlen(req->headers[i+1]) > 6) &&
771 !strncasecmp(req->headers[i+1], "Basic ", 6))
773 memset(buffer, 0, sizeof(buffer));
774 uh_b64decode(buffer, sizeof(buffer) - 1,
775 (unsigned char *) &req->headers[i+1][6],
776 strlen(req->headers[i+1]) - 6);
778 if ((pass = strchr(buffer, ':')) != NULL)
788 /* have client auth */
791 /* find matching realm */
792 for (realm = uh_realms; realm; realm = realm->next)
794 rlen = strlen(realm->path);
796 if ((plen >= rlen) &&
797 !strncasecmp(pi->name, realm->path, rlen) &&
798 !strcmp(user, realm->user))
805 /* found a realm matching the username */
808 /* check user pass */
809 if (!strcmp(pass, realm->pass) ||
810 !strcmp(crypt(pass, realm->pass), realm->pass))
816 uh_http_sendf(cl, NULL,
817 "HTTP/%.1f 401 Authorization Required\r\n"
818 "WWW-Authenticate: Basic realm=\"%s\"\r\n"
819 "Content-Type: text/plain\r\n"
820 "Content-Length: 23\r\n\r\n"
821 "Authorization Required\n",
822 req->version, cl->server->conf->realm
832 static struct listener *uh_listeners = NULL;
833 static struct client *uh_clients = NULL;
835 struct listener * uh_listener_add(int sock, struct config *conf)
837 struct listener *new = NULL;
840 if ((new = (struct listener *)malloc(sizeof(struct listener))) != NULL)
842 memset(new, 0, sizeof(struct listener));
847 /* get local endpoint addr */
848 sl = sizeof(struct sockaddr_in6);
849 memset(&(new->addr), 0, sl);
850 getsockname(sock, (struct sockaddr *) &(new->addr), &sl);
852 new->next = uh_listeners;
861 struct listener * uh_listener_lookup(int sock)
863 struct listener *cur = NULL;
865 for (cur = uh_listeners; cur; cur = cur->next)
866 if (cur->socket == sock)
873 struct client * uh_client_add(int sock, struct listener *serv)
875 struct client *new = NULL;
878 if ((new = (struct client *)malloc(sizeof(struct client))) != NULL)
880 memset(new, 0, sizeof(struct client));
885 /* get remote endpoint addr */
886 sl = sizeof(struct sockaddr_in6);
887 memset(&(new->peeraddr), 0, sl);
888 getpeername(sock, (struct sockaddr *) &(new->peeraddr), &sl);
890 /* get local endpoint addr */
891 sl = sizeof(struct sockaddr_in6);
892 memset(&(new->servaddr), 0, sl);
893 getsockname(sock, (struct sockaddr *) &(new->servaddr), &sl);
895 new->next = uh_clients;
902 struct client * uh_client_lookup(int sock)
904 struct client *cur = NULL;
906 for (cur = uh_clients; cur; cur = cur->next)
907 if (cur->socket == sock)
913 void uh_client_remove(int sock)
915 struct client *cur = NULL;
916 struct client *prv = NULL;
918 for (cur = uh_clients; cur; prv = cur, cur = cur->next)
920 if (cur->socket == sock)
923 prv->next = cur->next;
925 uh_clients = cur->next;
935 static struct interpreter *uh_interpreters = NULL;
937 struct interpreter * uh_interpreter_add(const char *extn, const char *path)
939 struct interpreter *new = NULL;
941 if ((new = (struct interpreter *)malloc(sizeof(struct interpreter))) != NULL)
943 memset(new, 0, sizeof(struct interpreter));
945 memcpy(new->extn, extn, min(strlen(extn), sizeof(new->extn)-1));
946 memcpy(new->path, path, min(strlen(path), sizeof(new->path)-1));
948 new->next = uh_interpreters;
949 uh_interpreters = new;
957 struct interpreter * uh_interpreter_lookup(const char *path)
959 struct interpreter *cur = NULL;
962 for (cur = uh_interpreters; cur; cur = cur->next)
964 e = &path[max(strlen(path) - strlen(cur->extn), 0)];
966 if (!strcmp(e, cur->extn))