webcit/groupdav_main.c

   1 /*
   2  * $Id$
   3  *
   4  * Entry point for GroupDAV functions
   5  *
   6  */
   7
   8 #include <ctype.h>
   9 #include <stdlib.h>
  10 #include <unistd.h>
  11 #include <stdio.h>
  12 #include <fcntl.h>
  13 #include <signal.h>
  14 #include <sys/types.h>
  15 #include <sys/wait.h>
  16 #include <sys/socket.h>
  17 #include <limits.h>
  18 #include <string.h>
  19 #include <pwd.h>
  20 #include <errno.h>
  21 #include <stdarg.h>
  22 #include <time.h>
  23 #include <pthread.h>
  24 #include "webcit.h"
  25 #include "webserver.h"
  26 #include "groupdav.h"
  27
  28
  29 /*
  30  * Output HTTP headers which are common to all requests.
  31  *
  32  * Please observe that we don't use the usual output_headers()
  33  * and wDumpContent() functions in the GroupDAV subsystem, so we
  34  * do our own header stuff here.
  35  *
  36  */
  37 void groupdav_common_headers(void) {
  38         wprintf(
  39                 "Server: %s / %s\r\n"
  40                 "Connection: close\r\n",
  41                 SERVER, serv_info.serv_software
  42         );
  43 }
  44
  45
  46
  47 /*
  48  * string conversion function
  49  */
  50 void euid_escapize(char *target, char *source) {
  51         int i;
  52         int target_length = 0;
  53
  54         strcpy(target, "");
  55         for (i=0; i<strlen(source); ++i) {
  56                 if (isalnum(source[i])) {
  57                         target[target_length] = source[i];
  58                         target[++target_length] = 0;
  59                 }
  60                 else if (source[i] == ' ') {
  61                         target[target_length] = '_';
  62                         target[++target_length] = 0;
  63                 }
  64                 else if (source[i] == '-') {
  65                         target[target_length] = '-';
  66                         target[++target_length] = 0;
  67                 }
  68                 else {
  69                         sprintf(&target[target_length], "%%%02X", source[i]);
  70                         target_length += 3;
  71                 }
  72         }
  73 }
  74
  75 /*
  76  * string conversion function
  77  */
  78 void euid_unescapize(char *target, char *source) {
  79         int a, b;
  80         char hex[3];
  81         int target_length = 0;
  82
  83         strcpy(target, "");
  84
  85         for (a = 0; a < strlen(source); ++a) {
  86                 if (source[a] == '%') {
  87                         hex[0] = source[a + 1];
  88                         hex[1] = source[a + 2];
  89                         hex[2] = 0;
  90                         b = 0;
  91                         sscanf(hex, "%02x", &b);
  92                         target[target_length] = b;
  93                         target[++target_length] = 0;
  94                         a += 2;
  95                 }
  96                 else if (source[a] == '_') {
  97                         target[target_length] = ' ';
  98                         target[++target_length] = 0;
  99                 }
 100                 else if (source[a] == '-') {
 101                         target[target_length] = '-';
 102                         target[++target_length] = 0;
 103                 }
 104                 else {
 105                         target[target_length] = source[a];
 106                         target[++target_length] = 0;
 107                 }
 108         }
 109 }
 110
 111
 112
 113
 114 /*
 115  * Main entry point for GroupDAV requests
 116  */
 117 void groupdav_main(struct httprequest *req,
 118                         char *dav_content_type,
 119                         int dav_content_length,
 120                         char *dav_content
 121 ) {
 122         struct httprequest *rptr;
 123         char dav_method[256];
 124         char dav_pathname[256];
 125         char dav_ifmatch[256];
 126         char buf[256];
 127         char *ds;
 128         int i;
 129
 130         strcpy(dav_method, "");
 131         strcpy(dav_pathname, "");
 132         strcpy(dav_ifmatch, "");
 133
 134         for (rptr=req; rptr!=NULL; rptr=rptr->next) {
 135                 /* lprintf(9, "< %s\n", rptr->line); */
 136                 if (!strncasecmp(rptr->line, "Host: ", 6)) {
 137                         safestrncpy(WC->http_host, &rptr->line[6],
 138                                 sizeof WC->http_host);
 139                 }
 140                 if (!strncasecmp(rptr->line, "If-Match: ", 10)) {
 141                         safestrncpy(dav_ifmatch, &rptr->line[10],
 142                                 sizeof dav_ifmatch);
 143                 }
 144         }
 145
 146         if (!WC->logged_in) {
 147                 wprintf("HTTP/1.1 401 Unauthorized\r\n");
 148                 groupdav_common_headers();
 149                 wprintf("WWW-Authenticate: Basic realm=\"%s\"\r\n",
 150                         serv_info.serv_humannode);
 151                 wprintf("Content-Length: 0\r\n\r\n");
 152                 return;
 153         }
 154
 155         extract_token(dav_method, req->line, 0, ' ', sizeof dav_method);
 156         extract_token(dav_pathname, req->line, 1, ' ', sizeof dav_pathname);
 157         unescape_input(dav_pathname);
 158
 159         /* If the request does not begin with "/groupdav", prepend it.  If
 160          * we happen to introduce a double-slash, that's ok; we'll strip it
 161          * in the next step.
 162          */
 163         if (strncasecmp(dav_pathname, "/groupdav", 9)) {
 164                 snprintf(buf, sizeof buf, "/groupdav/%s", dav_pathname);
 165                 safestrncpy(dav_pathname, buf, sizeof dav_pathname);
 166         }
 167
 168         /* Remove any stray double-slashes in pathname */
 169         while (ds=strstr(dav_pathname, "//"), ds != NULL) {
 170                 strcpy(ds, ds+1);
 171         }
 172
 173         /*
 174          * If there's an If-Match: header, strip out the quotes if present, and
 175          * then if all that's left is an asterisk, make it go away entirely.
 176          */
 177         if (strlen(dav_ifmatch) > 0) {
 178                 striplt(dav_ifmatch);
 179                 if (dav_ifmatch[0] == '\"') {
 180                         strcpy(dav_ifmatch, &dav_ifmatch[1]);
 181                         for (i=0; i<strlen(dav_ifmatch); ++i) {
 182                                 if (dav_ifmatch[i] == '\"') {
 183                                         dav_ifmatch[i] = 0;
 184                                 }
 185                         }
 186                 }
 187                 if (!strcmp(dav_ifmatch, "*")) {
 188                         strcpy(dav_ifmatch, "");
 189                 }
 190         }
 191
 192         /*
 193          * The OPTIONS method is not required by GroupDAV.  This is an
 194          * experiment to determine what might be involved in supporting
 195          * other variants of DAV in the future.
 196          */
 197         if (!strcasecmp(dav_method, "OPTIONS")) {
 198                 groupdav_options(dav_pathname);
 199                 return;
 200         }
 201
 202         /*
 203          * The PROPFIND method is basically used to list all objects in a
 204          * room, or to list all relevant rooms on the server.
 205          */
 206         if (!strcasecmp(dav_method, "PROPFIND")) {
 207                 groupdav_propfind(dav_pathname);
 208                 return;
 209         }
 210
 211         /*
 212          * The GET method is used for fetching individual items.
 213          */
 214         if (!strcasecmp(dav_method, "GET")) {
 215                 groupdav_get(dav_pathname);
 216                 return;
 217         }
 218
 219         /*
 220          * The PUT method is used to add or modify items.
 221          */
 222         if (!strcasecmp(dav_method, "PUT")) {
 223                 groupdav_put(dav_pathname, dav_ifmatch,
 224                                 dav_content_type, dav_content);
 225                 return;
 226         }
 227
 228         /*
 229          * The DELETE method kills, maims, and destroys.
 230          */
 231         if (!strcasecmp(dav_method, "DELETE")) {
 232                 groupdav_delete(dav_pathname, dav_ifmatch);
 233                 return;
 234         }
 235
 236         /*
 237          * Couldn't find what we were looking for.  Die in a car fire.
 238          */
 239         wprintf("HTTP/1.1 501 Method not implemented\r\n");
 240         groupdav_common_headers();
 241         wprintf("Content-Type: text/plain\r\n"
 242                 "\r\n"
 243                 "GroupDAV method \"%s\" is not implemented.\r\n",
 244                 dav_method
 245         );
 246 }