webcit/groupdav_main.c

   1 /*
   2  * $Id$
   3  *
   4  * Entry point for GroupDAV functions
   5  *
   6  */
   7
   8 #include "webcit.h"
   9 #include "webserver.h"
  10 #include "groupdav.h"
  11
  12
  13 /*
  14  * Output HTTP headers which are common to all requests.
  15  *
  16  * Please observe that we don't use the usual output_headers()
  17  * and wDumpContent() functions in the GroupDAV subsystem, so we
  18  * do our own header stuff here.
  19  *
  20  */
  21 void groupdav_common_headers(void) {
  22         wprintf(
  23                 "Server: %s / %s\r\n"
  24                 "Connection: close\r\n",
  25                 SERVER, serv_info.serv_software
  26         );
  27 }
  28
  29
  30
  31 /*
  32  * string conversion function
  33  */
  34 void euid_escapize(char *target, char *source) {
  35         int i;
  36         int target_length = 0;
  37
  38         strcpy(target, "");
  39         for (i=0; i<strlen(source); ++i) {
  40                 if (isalnum(source[i])) {
  41                         target[target_length] = source[i];
  42                         target[++target_length] = 0;
  43                 }
  44                 else if (source[i] == ' ') {
  45                         target[target_length] = '_';
  46                         target[++target_length] = 0;
  47                 }
  48                 else if (source[i] == '-') {
  49                         target[target_length] = '-';
  50                         target[++target_length] = 0;
  51                 }
  52                 else {
  53                         sprintf(&target[target_length], "%%%02X", source[i]);
  54                         target_length += 3;
  55                 }
  56         }
  57 }
  58
  59 /*
  60  * string conversion function
  61  */
  62 void euid_unescapize(char *target, char *source) {
  63         int a, b;
  64         char hex[3];
  65         int target_length = 0;
  66
  67         strcpy(target, "");
  68
  69         for (a = 0; a < strlen(source); ++a) {
  70                 if (source[a] == '%') {
  71                         hex[0] = source[a + 1];
  72                         hex[1] = source[a + 2];
  73                         hex[2] = 0;
  74                         b = 0;
  75                         sscanf(hex, "%02x", &b);
  76                         target[target_length] = b;
  77                         target[++target_length] = 0;
  78                         a += 2;
  79                 }
  80                 else if (source[a] == '_') {
  81                         target[target_length] = ' ';
  82                         target[++target_length] = 0;
  83                 }
  84                 else if (source[a] == '-') {
  85                         target[target_length] = '-';
  86                         target[++target_length] = 0;
  87                 }
  88                 else {
  89                         target[target_length] = source[a];
  90                         target[++target_length] = 0;
  91                 }
  92         }
  93 }
  94
  95
  96
  97
  98 /*
  99  * Main entry point for GroupDAV requests
 100  */
 101 void groupdav_main(struct httprequest *req,
 102                         char *dav_content_type,
 103                         int dav_content_length,
 104                         char *dav_content
 105 ) {
 106         struct httprequest *rptr;
 107         char dav_method[256];
 108         char dav_pathname[256];
 109         char dav_ifmatch[256];
 110         int dav_depth;
 111         char *ds;
 112         int i;
 113
 114         strcpy(dav_method, "");
 115         strcpy(dav_pathname, "");
 116         strcpy(dav_ifmatch, "");
 117         dav_depth = 0;
 118
 119         for (rptr=req; rptr!=NULL; rptr=rptr->next) {
 120                 if (!strncasecmp(rptr->line, "Host: ", 6)) {
 121                         if (strlen(WC->http_host) == 0) {
 122                                 safestrncpy(WC->http_host, &rptr->line[6],
 123                                         sizeof WC->http_host);
 124                         }
 125                 }
 126                 if (!strncasecmp(rptr->line, "If-Match: ", 10)) {
 127                         safestrncpy(dav_ifmatch, &rptr->line[10],
 128                                 sizeof dav_ifmatch);
 129                 }
 130                 if (!strncasecmp(rptr->line, "Depth: ", 7)) {
 131                         if (!strcasecmp(&rptr->line[7], "infinity")) {
 132                                 dav_depth = 32767;
 133                         }
 134                         else if (!strcmp(&rptr->line[7], "0")) {
 135                                 dav_depth = 0;
 136                         }
 137                         else if (!strcmp(&rptr->line[7], "1")) {
 138                                 dav_depth = 1;
 139                         }
 140                 }
 141         }
 142
 143         if (!WC->logged_in) {
 144                 wprintf("HTTP/1.1 401 Unauthorized\r\n");
 145                 groupdav_common_headers();
 146                 wprintf("WWW-Authenticate: Basic realm=\"%s\"\r\n",
 147                         serv_info.serv_humannode);
 148                 wprintf("Content-Length: 0\r\n\r\n");
 149                 return;
 150         }
 151
 152         extract_token(dav_method, req->line, 0, ' ', sizeof dav_method);
 153         extract_token(dav_pathname, req->line, 1, ' ', sizeof dav_pathname);
 154         unescape_input(dav_pathname);
 155
 156         /* If the request does not begin with "/groupdav", prepend it.  If
 157          * we happen to introduce a double-slash, that's ok; we'll strip it
 158          * in the next step.
 159          *
 160          * (THIS IS DISABLED BECAUSE WE ARE NOW TRYING TO DO REAL DAV.)
 161          *
 162         if (strncasecmp(dav_pathname, "/groupdav", 9)) {
 163                 char buf[512];
 164                 snprintf(buf, sizeof buf, "/groupdav/%s", dav_pathname);
 165                 safestrncpy(dav_pathname, buf, sizeof dav_pathname);
 166         }
 167          *
 168          */
 169
 170         /* Remove any stray double-slashes in pathname */
 171         while (ds=strstr(dav_pathname, "//"), ds != NULL) {
 172                 strcpy(ds, ds+1);
 173         }
 174
 175         /*
 176          * If there's an If-Match: header, strip out the quotes if present, and
 177          * then if all that's left is an asterisk, make it go away entirely.
 178          */
 179         if (strlen(dav_ifmatch) > 0) {
 180                 striplt(dav_ifmatch);
 181                 if (dav_ifmatch[0] == '\"') {
 182                         strcpy(dav_ifmatch, &dav_ifmatch[1]);
 183                         for (i=0; i<strlen(dav_ifmatch); ++i) {
 184                                 if (dav_ifmatch[i] == '\"') {
 185                                         dav_ifmatch[i] = 0;
 186                                 }
 187                         }
 188                 }
 189                 if (!strcmp(dav_ifmatch, "*")) {
 190                         strcpy(dav_ifmatch, "");
 191                 }
 192         }
 193
 194         /*
 195          * The OPTIONS method is not required by GroupDAV.  This is an
 196          * experiment to determine what might be involved in supporting
 197          * other variants of DAV in the future.
 198          */
 199         if (!strcasecmp(dav_method, "OPTIONS")) {
 200                 groupdav_options(dav_pathname);
 201                 return;
 202         }
 203
 204         /*
 205          * The PROPFIND method is basically used to list all objects in a
 206          * room, or to list all relevant rooms on the server.
 207          */
 208         if (!strcasecmp(dav_method, "PROPFIND")) {
 209                 groupdav_propfind(dav_pathname, dav_depth,
 210                                 dav_content_type, dav_content);
 211                 return;
 212         }
 213
 214         /*
 215          * The GET method is used for fetching individual items.
 216          */
 217         if (!strcasecmp(dav_method, "GET")) {
 218                 groupdav_get(dav_pathname);
 219                 return;
 220         }
 221
 222         /*
 223          * The PUT method is used to add or modify items.
 224          */
 225         if (!strcasecmp(dav_method, "PUT")) {
 226                 groupdav_put(dav_pathname, dav_ifmatch,
 227                                 dav_content_type, dav_content);
 228                 return;
 229         }
 230
 231         /*
 232          * The DELETE method kills, maims, and destroys.
 233          */
 234         if (!strcasecmp(dav_method, "DELETE")) {
 235                 groupdav_delete(dav_pathname, dav_ifmatch);
 236                 return;
 237         }
 238
 239         /*
 240          * Couldn't find what we were looking for.  Die in a car fire.
 241          */
 242         wprintf("HTTP/1.1 501 Method not implemented\r\n");
 243         groupdav_common_headers();
 244         wprintf("Content-Type: text/plain\r\n"
 245                 "\r\n"
 246                 "GroupDAV method \"%s\" is not implemented.\r\n",
 247                 dav_method
 248         );
 249 }
 250
 251
 252 /*
 253  * Output our host prefix for globally absolute URL's.
 254  */
 255 void groupdav_identify_host(void) {
 256         if (strlen(WC->http_host) > 0) {
 257                 wprintf("%s://%s",
 258                         (is_https ? "https" : "http"),
 259                         WC->http_host);
 260         }
 261 }