2 * This module handles HTTP transactions.
4 * Copyright (c) 1996-2018 by the citadel.org team
6 * This program is open source software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License version 3.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
18 * Write data to the HTTP client. Encrypt if necessary.
20 int client_write(struct client_handle *ch, char *buf, int nbytes)
23 return client_write_ssl(ch, buf, nbytes);
26 return write(ch->sock, buf, nbytes);
32 * Read data from the HTTP client. Decrypt if necessary.
33 * Returns number of bytes read, or -1 to indicate an error.
35 int client_read(struct client_handle *ch, char *buf, int nbytes)
38 return client_read_ssl(ch, buf, nbytes);
41 int bytes_received = 0;
42 int bytes_this_block = 0;
43 while (bytes_received < nbytes) {
44 bytes_this_block = read(ch->sock, &buf[bytes_received], nbytes-bytes_received);
45 if (bytes_this_block < 1) {
48 bytes_received += bytes_this_block;
56 * Read a newline-terminated line of text from the client.
57 * Implemented in terms of client_read() and is therefore transparent...
58 * Returns the string length or -1 for error.
60 int client_readline(struct client_handle *ch, char *buf, int maxbytes)
65 if (buf == NULL) return(-1);
67 while (len < maxbytes) {
68 c = client_read(ch, &buf[len], 1);
70 syslog(LOG_DEBUG, "Socket error or zero-length read");
73 if (buf[len] == '\n') {
74 if ( (len >0) && (buf[len-1] == '\r') ) {
87 * printf() type function to send data to the web client.
89 void client_printf(struct client_handle *ch, const char *format,...)
92 StrBuf *Buf = NewStrBuf();
94 va_start(arg_ptr, format);
95 StrBufVAppendPrintf(Buf, format, arg_ptr);
98 client_write(ch, (char *)ChrPtr(Buf), StrLength(Buf));
104 * Push one new header into the response of an HTTP request.
105 * When completed, the HTTP transaction now owns the memory allocated for key and val.
107 void add_response_header(struct http_transaction *h, char *key, char *val)
109 struct http_header *new_response_header = malloc(sizeof(struct http_header));
110 new_response_header->key = key;
111 new_response_header->val = val;
112 new_response_header->next = h->response_headers;
113 h->response_headers = new_response_header;
118 * Entry point for this layer. Socket is connected. If running as an HTTPS
119 * server, SSL has already been negotiated. Now perform one transaction.
121 void perform_one_http_transaction(struct client_handle *ch)
126 struct http_transaction h;
128 struct sockaddr_in sin;
129 struct http_header *clh; // general purpose iterator variable
131 memset(&h, 0, sizeof h);
133 while (len = client_readline(ch, buf, sizeof buf), (len > 0) ) {
136 if (lines_read == 1) { // First line is method and URI.
137 c = strchr(buf, ' '); // IGnore the HTTP-version.
139 h.method = strdup("NULL");
144 h.method = strdup(buf);
155 else { // Subsequent lines are headers.
156 c = strchr(buf, ':'); // Header line folding is obsolete so we don't support it.
158 struct http_header *new_request_header = malloc(sizeof(struct http_header));
160 new_request_header->key = strdup(buf);
162 new_request_header->val = strdup(c);
163 striplt(new_request_header->key);
164 striplt(new_request_header->val);
165 new_request_header->next = h.request_headers;
166 h.request_headers = new_request_header;
168 syslog(LOG_DEBUG, "{ %s: %s", new_request_header->key, new_request_header->val);
175 // build up the site prefix, such as https://foo.bar.com:4343
177 h.site_prefix = malloc(256);
178 strcpy(h.site_prefix, (is_https ? "https://" : "http://"));
179 char *hostheader = header_val(&h, "Host");
181 strcat(h.site_prefix, hostheader);
184 strcat(h.site_prefix, "127.0.0.1");
186 socklen_t llen = sizeof(sin);
187 if (getsockname(ch->sock, (struct sockaddr *)&sin, &llen) >= 0) {
188 sprintf(&h.site_prefix[strlen(h.site_prefix)], ":%d", ntohs(sin.sin_port));
191 // Now try to read in the request body (if one is present)
194 syslog(LOG_DEBUG, "Client disconnected");
197 syslog(LOG_DEBUG, "< %s %s", h.method, h.uri);
199 // If there is a request body, read it now.
200 char *ccl = header_val(&h, "Content-Length");
202 h.request_body_length = atol(ccl);
204 if (h.request_body_length > 0) {
205 syslog(LOG_DEBUG, "Reading request body (%ld bytes)", h.request_body_length);
206 h.request_body = malloc(h.request_body_length);
207 client_read(ch, h.request_body, h.request_body_length);
209 //write(2, HKEY("\033[31m"));
210 //write(2, h.request_body, h.request_body_length);
211 //write(2, HKEY("\033[0m\n"));
215 // Now pass control up to the next layer to perform the request.
218 // Output the results back to the client.
219 //write(2, HKEY("\033[32m"));
220 //write(2, h.response_body, h.response_body_length);
221 //write(2, HKEY("\033[0m\n"));
223 syslog(LOG_DEBUG, "> %03d %s", h.response_code, h.response_string);
224 client_printf(ch, "HTTP/1.1 %03d %s\r\n", h.response_code, h.response_string);
225 client_printf(ch, "Connection: close\r\n");
226 client_printf(ch, "Content-Length: %ld\r\n", h.response_body_length);
227 char *datestring = http_datestring(time(NULL));
229 client_printf(ch, "Date: %s\r\n", datestring);
233 client_printf(ch, "Content-encoding: identity\r\n"); // change if we gzip/deflate
234 for (clh = h.response_headers; clh != NULL; clh = clh->next) {
236 syslog(LOG_DEBUG, "} %s: %s", clh->key, clh->val);
238 client_printf(ch, "%s: %s\r\n", clh->key, clh->val);
240 client_printf(ch, "\r\n");
241 if ((h.response_body_length > 0) && (h.response_body != NULL)) {
242 client_write(ch, h.response_body, h.response_body_length);
246 // free the transaction memory
247 while (h.request_headers) {
248 if (h.request_headers->key) free(h.request_headers->key);
249 if (h.request_headers->val) free(h.request_headers->val);
250 clh = h.request_headers->next;
251 free(h.request_headers);
252 h.request_headers = clh;
254 while (h.response_headers) {
255 if (h.response_headers->key) free(h.response_headers->key);
256 if (h.response_headers->val) free(h.response_headers->val);
257 clh = h.response_headers->next;
258 free(h.response_headers);
259 h.response_headers = clh;
261 if (h.method) free(h.method);
262 if (h.uri) free(h.uri);
263 if (h.request_body) free(h.request_body);
264 if (h.response_string) free(h.response_string);
265 if (h.site_prefix) free(h.site_prefix);
270 * Utility function to fetch a specific header from a completely read-in request.
271 * Returns the value of the requested header, or NULL if the specified header was not sent.
272 * The caller does NOT own the memory of the returned pointer, but can count on the pointer
273 * to still be valid through the end of the transaction.
275 char *header_val(struct http_transaction *h, char *requested_header)
277 struct http_header *clh; // general purpose iterator variable
278 for (clh = h->request_headers; clh != NULL; clh = clh->next) {
279 if (!strcasecmp(clh->key, requested_header)) {