webcit/groupdav_main.c

   1 /*
   2  * $Id$
   3  *
   4  * Entry point for GroupDAV functions
   5  *
   6  */
   7
   8 #include <ctype.h>
   9 #include <stdlib.h>
  10 #include <unistd.h>
  11 #include <stdio.h>
  12 #include <fcntl.h>
  13 #include <signal.h>
  14 #include <sys/types.h>
  15 #include <sys/wait.h>
  16 #include <sys/socket.h>
  17 #include <limits.h>
  18 #include <string.h>
  19 #include <pwd.h>
  20 #include <errno.h>
  21 #include <stdarg.h>
  22 #include <time.h>
  23 #include <pthread.h>
  24 #include "webcit.h"
  25 #include "webserver.h"
  26 #include "groupdav.h"
  27
  28
  29 /*
  30  * Output HTTP headers which are common to all requests.
  31  */
  32 void groupdav_common_headers(void) {
  33         wprintf(
  34                 "Server: %s / %s\n"
  35                 "Connection: close\n",
  36                 SERVER, serv_info.serv_software
  37         );
  38 }
  39
  40
  41
  42 /*
  43  * string conversion function
  44  */
  45 void euid_escapize(char *target, char *source) {
  46         int i;
  47         int target_length = 0;
  48
  49         strcpy(target, "");
  50         for (i=0; i<strlen(source); ++i) {
  51                 if (isalnum(source[i])) {
  52                         target[target_length] = source[i];
  53                         target[++target_length] = 0;
  54                 }
  55                 else {
  56                         sprintf(&target[target_length], "_%02X", source[i]);
  57                         target_length += 3;
  58                 }
  59         }
  60 }
  61
  62 /*
  63  * string conversion function
  64  */
  65 void euid_unescapize(char *target, char *source) {
  66         int a, b;
  67         char hex[3];
  68         int target_length = 0;
  69
  70         strcpy(target, "");
  71
  72         for (a = 0; a < strlen(source); ++a) {
  73                 if (source[a] == '_') {
  74                         hex[0] = source[a + 1];
  75                         hex[1] = source[a + 2];
  76                         hex[2] = 0;
  77                         b = 0;
  78                         sscanf(hex, "%02x", &b);
  79                         target[target_length] = b;
  80                         target[++target_length] = 0;
  81                         a += 2;
  82                 }
  83                 else {
  84                         target[target_length] = source[a];
  85                         target[++target_length] = 0;
  86                 }
  87         }
  88 }
  89
  90
  91
  92
  93 /*
  94  * Main entry point for GroupDAV requests
  95  */
  96 void groupdav_main(struct httprequest *req,
  97                         char *dav_content_type,
  98                         int dav_content_length,
  99                         char *dav_content
 100 ) {
 101         struct httprequest *rptr;
 102         char dav_method[SIZ];
 103         char dav_pathname[SIZ];
 104         char dav_ifmatch[SIZ];
 105
 106         strcpy(dav_method, "");
 107         strcpy(dav_pathname, "");
 108         strcpy(dav_ifmatch, "");
 109
 110         for (rptr=req; rptr!=NULL; rptr=rptr->next) {
 111                 if (!strncasecmp(rptr->line, "Host: ", 6)) {
 112                         safestrncpy(WC->http_host, &rptr->line[6],
 113                                 sizeof WC->http_host);
 114                 }
 115                 if (!strncasecmp(rptr->line, "If-Match: ", 10)) {
 116                         safestrncpy(dav_ifmatch, &rptr->line[10],
 117                                 sizeof dav_ifmatch);
 118                 }
 119         }
 120
 121         if (!WC->logged_in) {
 122                 wprintf("HTTP/1.1 401 Unauthorized\n");
 123                 groupdav_common_headers();
 124                 wprintf("WWW-Authenticate: Basic realm=\"%s\"\n",
 125                         serv_info.serv_humannode);
 126                 wprintf("Content-Type: text/plain\n");
 127                 wprintf("\n");
 128                 wprintf("GroupDAV sessions require HTTP authentication.\n");
 129                 return;
 130         }
 131
 132         extract_token(dav_method, req->line, 0, ' ');
 133         extract_token(dav_pathname, req->line, 1, ' ');
 134         unescape_input(dav_pathname);
 135
 136         /*
 137          * If there's an If-Match: header, strip out the quotes if present, and
 138          * then if all that's left is an asterisk, make it go away entirely.
 139          */
 140         if (strlen(dav_ifmatch) > 0) {
 141                 if (dav_ifmatch[0] == '\"') {
 142                         strcpy(dav_ifmatch, &dav_ifmatch[1]);
 143                         if (strtok(dav_ifmatch, "\"") != NULL) {
 144                                 strcpy(strtok(dav_ifmatch, "\""), "");
 145                         }
 146                 }
 147                 if (!strcmp(dav_ifmatch, "*")) {
 148                         strcpy(dav_ifmatch, "");
 149                 }
 150         }
 151
 152         /*
 153          * The PROPFIND method is basically used to list all objects in a
 154          * room, or to list all relevant rooms on the server.
 155          */
 156         if (!strcasecmp(dav_method, "PROPFIND")) {
 157                 groupdav_propfind(dav_pathname);
 158                 return;
 159         }
 160
 161         /*
 162          * The GET method is used for fetching individual items.
 163          */
 164         if (!strcasecmp(dav_method, "GET")) {
 165                 groupdav_get(dav_pathname);
 166                 return;
 167         }
 168
 169         /*
 170          * The PUT method is used to add or modify items.
 171          */
 172         if (!strcasecmp(dav_method, "PUT")) {
 173                 groupdav_put(dav_pathname, dav_ifmatch,
 174                                 dav_content_type, dav_content);
 175                 return;
 176         }
 177
 178         /*
 179          * The DELETE method kills, maims, and destroys.
 180          */
 181         if (!strcasecmp(dav_method, "DELETE")) {
 182                 groupdav_delete(dav_pathname, dav_ifmatch);
 183                 return;
 184         }
 185
 186         /*
 187          * Couldn't find what we were looking for.  Die in a car fire.
 188          */
 189         wprintf("HTTP/1.1 501 Method not implemented\n");
 190         groupdav_common_headers();
 191         wprintf("Content-Type: text/plain\n"
 192                 "\n"
 193                 "GroupDAV method \"%s\" is not implemented.\n",
 194                 dav_method
 195         );
 196 }