1 // Copyright (c) 1987-2024 by the citadel.org team (Art Cancro et al)
2 // This program is open source software. Use, duplication, or disclosure is subject to the GNU General Public license v3.
5 #include <sys/select.h>
16 #include <sys/types.h>
18 #include <sys/socket.h>
23 #include <sys/socket.h>
24 #include <netinet/in.h>
25 #include <arpa/inet.h>
36 #include <sys/utsname.h>
38 #include <libcitadel.h>
50 #define _(string) gettext(string)
52 #define _(string) (string)
56 #define DBG_QR(x) if(DO_DBG_QR) _DBG_QR(x)
57 #define DBG_QR2(x) if(DO_DBG_QR) _DBG_QR2(x)
61 #include <libical/ical.h>
67 #undef PACKAGE_TARNAME
68 #undef PACKAGE_VERSION
69 #undef PACKAGE_BUGREPORT
71 typedef struct wcsession wcsession;
77 #include "paramhandling.h"
79 #include "preferences.h"
84 // Work around RedHat's b0rken OpenSSL includes
85 #define OPENSSL_NO_KRB5
86 #include <openssl/ssl.h>
87 #include <openssl/err.h>
88 #include <openssl/rand.h>
89 extern char *ssl_cipher_list;
90 #define DEFAULT_SSL_CIPHER_LIST "DEFAULT" // See http://openssl.org/docs/apps/ciphers.html
93 #if SIZEOF_SIZE_T == SIZEOF_INT
94 #define SIZE_T_FMT "%d"
96 #define SIZE_T_FMT "%ld"
99 #if SIZEOF_LONG_UNSIGNED_INT == SIZEOF_INT
100 #define ULONG_FMT "%d"
102 #define ULONG_FMT "%ld"
105 #define CALENDAR_ROOM_NAME "Calendar"
106 #define PRODID "-//Citadel//NONSGML Citadel Calendar//EN"
108 #define SIZ 4096 /* generic buffer size */
110 #define TRACE syslog(LOG_DEBUG, "\033[3%dmCHECKPOINT: %s:%d\033[0m", ((__LINE__%6)+1), __FILE__, __LINE__)
116 #define SLEEPING 180 /* TCP connection timeout */
117 #define WEBCIT_TIMEOUT 900 /* WebCit session timeout */
118 #define PORT_NUM 80 /* port number to listen on */
119 #define DEVELOPER_ID 0
121 #define CLIENT_VERSION 998 /* This version of WebCit */
122 #define MINIMUM_CIT_VERSION 931 /* Minimum required version of Citadel server */
123 #define LIBCITADEL_MIN 931 /* Minimum required version of libcitadel */
124 #define DEFAULT_CTDLDIR "/usr/local/citadel" /* Default Citadel server directory */
125 #define TARGET "webcit01" /* Window target for inline URL's */
126 #define HOUSEKEEPING 15 /* Housekeeping frequency */
127 #define MAX_WORKER_THREADS 250
128 #define LISTEN_QUEUE_LENGTH 100 /* listen() backlog queue */
130 #define USERCONFIGROOM "My Citadel Config"
131 #define DEFAULT_MAXMSGS 20
133 #ifdef LIBCITADEL_VERSION_NUMBER
134 #if LIBCITADEL_VERSION_NUMBER < LIBCITADEL_MIN
135 #error libcitadel is too old. Please upgrade it before continuing.
139 #define SRV_STATUS_MSG(ServerLineBuf) (ChrPtr(ServerLineBuf) + 4), (StrLength(ServerLineBuf) - 4)
140 #define MAJORCODE(a) (((int)(a / 100) ) * 100)
142 #define LISTING_FOLLOWS 100
144 #define MORE_DATA 300
145 #define SEND_LISTING 400
147 #define BINARY_FOLLOWS 600
148 #define SEND_BINARY 700
149 #define SEND_THEN_RECV 800
150 #define ASYNC_MSG 900
152 #define MINORCODE(a) (a % 100)
153 #define ASYNC_GEXP 02
154 #define INTERNAL_ERROR 10
156 #define ILLEGAL_VALUE 12
157 #define NOT_LOGGED_IN 20
158 #define CMD_NOT_SUPPORTED 30
159 #define SERVER_SHUTTING_DOWN 31
160 #define PASSWORD_REQUIRED 40
161 #define ALREADY_LOGGED_IN 41
162 #define USERNAME_REQUIRED 42
163 #define HIGHER_ACCESS_REQUIRED 50
164 #define MAX_SESSIONS_EXCEEDED 51
165 #define RESOURCE_BUSY 52
166 #define RESOURCE_NOT_OPEN 53
168 #define INVALID_FLOOR_OPERATION 61
169 #define NO_SUCH_USER 70
170 #define FILE_NOT_FOUND 71
171 #define ROOM_NOT_FOUND 72
172 #define NO_SUCH_SYSTEM 73
173 #define ALREADY_EXISTS 74
174 #define MESSAGE_NOT_FOUND 75
176 // NLI is the string that shows up in a who's online listing for sessions that are active but do not (yet) have a user logged in.
177 #define NLI "(not logged in)"
179 // Expiry policy for the autopurger
180 typedef struct __ExpirePolicy {
185 // Linked list of session variables encoded in an x-www-urlencoded content type
186 typedef struct urlcontent urlcontent;
188 char url_key[32]; /* key */
190 StrBuf *url_data; /* value */
194 // Information about the Citadel server to which we are connected
195 typedef struct _serv_info {
196 int serv_pid; /* Process ID of the Citadel server */
197 StrBuf *serv_nodename; /* Node name of the Citadel server */
198 StrBuf *serv_humannode; /* Juman readable node name of the Citadel server */
199 StrBuf *serv_fqdn; /* Fully qualified Domain Name (such as uncensored.citadel.org) */
200 StrBuf *serv_software; /* Free form text description of the server software in use */
201 int serv_rev_level; /* Server version number (times 100) */
202 StrBuf *serv_bbs_city; /* Geographic location of the Citadel server */
203 StrBuf *serv_sysadm; /* Name of system administrator */
204 int serv_supports_ldap; /* is the server linked against an ldap tree for adresses? */
205 int serv_newuser_disabled; /* Has the server disabled self-service new user creation? */
206 StrBuf *serv_default_cal_zone; /* Default timezone for unspecified calendar items */
207 int serv_supports_sieve; /* Server supports Sieve mail filtering */
208 int serv_fulltext_enabled; /* Full text index is enabled */
209 StrBuf *serv_svn_revision; /* svn or git revision of the server */
210 int serv_supports_openid; /* Server supports authentication via OpenID */
211 int serv_supports_guest; /* Server supports unauthenticated guest logins */
215 typedef struct _disp_cal {
216 icalcomponent *cal; /* cal items for display */
217 long cal_msgnum; /* cal msgids for display */
218 char *from; /* owner of this component */
219 int unread; /* already seen by the user? */
226 icalcomponent *SortBy; /* cal items for display */
227 icalproperty_status Status;
230 typedef struct _IcalKindEnumMap {
233 icalproperty_kind map;
235 typedef struct _IcalMethodEnumMap {
238 icalproperty_method map;
243 #define ANONYMOUS (1<<1)
244 #define NEED_URL (1<<2)
245 #define XHTTP_COMMANDS (1<<3)
247 #define URLNAMESPACE (1<<4)
248 #define LOGCHATTY (1<<5)
249 #define COOKIEUNNEEDED (1<<6)
250 #define ISSTATIC (1<<7)
251 #define FORCE_SESSIONCLOSE (1<<8)
252 #define PARSE_REST_URL (1<<9)
253 #define PROHIBIT_STARTPAGE (1<<10)
256 #define DATEFMT_FULL 0
257 #define DATEFMT_BRIEF 1
258 #define DATEFMT_RAWDATE 2
259 #define DATEFMT_LOCALEDATE 3
260 long webcit_fmt_date(char *buf, size_t siz, time_t thetime, int Format);
263 typedef enum _RESTDispatchID {
269 typedef int (*WebcitRESTDispatchID)(RESTDispatchID WhichAction, int IgnoreFloor);
270 typedef void (*WebcitHandlerFunc)(void);
271 typedef struct _WebcitHandler{
273 WebcitRESTDispatchID RID;
279 void WebcitAddUrlHandler(const char * UrlString, long UrlSLen, const char *DisplayName, long dslen, WebcitHandlerFunc F, long Flags);
281 typedef struct _headereval {
282 ExamineMsgHeaderFunc evaluator;
310 extern const char *ReqStrs[eNONE];
313 #define AUTH_COOKIE 1
316 typedef struct _HdrRefs {
317 long eReqType; /* HTTP method */
324 time_t if_modified_since;
325 int gzip_ok; /* Nonzero if Accept-encoding: gzip */
326 int prohibit_caching;
330 /* these are references into Hdr->HTTPHeaders, so we don't need to free them. */
334 StrBuf *browser_host;
335 StrBuf *browser_language;
340 const WebcitHandler *Handler;
343 typedef struct _ParsedHttpHdrs {
344 int http_sock; /* HTTP server socket */
356 StrBuf *this_page; /* URL of current page */
360 HashList *urlstrings; /* variables passed to webcit in a URL */
361 HashList *HTTPHeaders; /* the headers the client sent us */
362 int nWildfireHeaders; /* how many wildfire headers did we already send? */
367 // One of these is kept for each active Citadel session.
368 // HTTP transactions are bound to one at a time.
370 /* infrastructural members */
371 wcsession *next; /* Linked list */
372 pthread_mutex_t SessionMutex; /* mutex for exclusive access */
373 int wc_session; /* WebCit session ID */
374 int killthis; /* Nonzero == purge this session */
375 int ctdl_pid; /* Session ID on the Citadel server */
376 int nonce; /* session nonce (to prevent session riding) */
377 int inuse; /* set to nonzero if bound to a running thread */
378 int isFailure; /* Http 2xx or 5xx? */
380 /* Session local Members */
381 int serv_sock; /* Client socket to Citadel server */
382 StrBuf *ReadBuf; /* linebuffered reads from the server */
383 StrBuf *MigrateReadLineBuf; /* here we buffer legacy server read stuff */
384 const char *ReadPos; /* whats our read position in ReadBuf? */
385 int last_chat_seq; /* When in chat - last message seq# we saw */
386 time_t lastreq; /* Timestamp of most recent HTTP */
387 time_t last_pager_check; /* last time we polled for instant msgs */
388 ServInfo *serv_info; /* Information about the citserver we're connected to */
389 StrBuf *PushedDestination; /* Where to go after login, registration, etc. */
391 /* Request local Members */
392 StrBuf *CLineBuf; /* linebuffering client stuff */
394 StrBuf *WBuf; /* Our output buffer */
395 StrBuf *HBuf; /* Our HeaderBuffer */
396 StrBuf *WFBuf; /* Wildfire error logging buffer */
397 StrBuf *trailing_javascript; /* extra javascript to be appended to page */
398 StrBuf *ImportantMsg;
399 HashList *Directory; /* Parts of the directory URL in snippets */
400 const Floor *CurrentFloor; /* when Parsing REST, which floor are we on? */
403 StrBuf *wc_username; /* login name of current user */
404 StrBuf *wc_fullname; /* Screen name of current user */
405 StrBuf *wc_password; /* Password of current user */
406 StrBuf *httpauth_pass; /* only for GroupDAV sessions */
407 int axlevel; /* this user's access level */
408 int is_aide; /* nonzero == this user is an Admin */
409 int connected; /* nonzero == we are connected to Citadel */
410 int logged_in; /* nonzero == we are logged in */
411 int need_regi; /* This user needs to register. */
412 int need_vali; /* New users require validation. */
415 StrBuf *cs_inet_email; /* User's preferred Internet addr. */
416 HashList *hash_prefs; /* WebCit preferences for this user */
417 StrBuf *DefaultCharset; /* Charset the user preferes */
418 int downloaded_prefs; /* Has the client download its prefs yet? */
419 int SavePrefsToServer; /* Should we save our preferences to the server at the end of the request? */
420 int selected_language; /* Language selected by user */
421 int time_format_cache; /* which timeformat does our user like? */
423 folder CurRoom; /* information about our current room */
424 const folder *ThisRoom; /* if REST found a room, remember it here. */
425 /* next/previous room thingabob */
426 struct march *march; /* march mode room list */
427 char ugname[128]; /* where does 'ungoto' take us */
428 long uglsn; /* last seen message number for ungoto */
430 /* Uploading; mime attachments for composing messages */
431 HashList *attachments; /* list of attachments for 'enter message' */
432 int upload_length; /* content length of http-uploaded data */
433 StrBuf *upload; /* pointer to http-uploaded data */
434 StrBuf *upload_filename; /* filename of http-uploaded data */
435 char upload_content_type[256]; /* content type of http-uploaded data */
437 int remember_new_mail; /* last count of new mail messages */
439 /* Roomiew control */
440 HashList *Floors; /* floors our citserver has hashed numeric for quicker access*/
441 HashList *FloorsByName; /* same but hashed by its name */
442 HashList *Rooms; /* our directory structure as loaded by LKRA */
443 HashList *summ; /* list of messages for mailbox summary view */
444 long startmsg; /* message number to start at */
445 long maxmsgs; /* maximum messages to display */
446 long num_displayed; /* number of messages actually displayed */
447 HashList *disp_cal_items; /* sorted list of calendar items; startdate is the sort criteria. */
448 char last_chat_user[256];
449 StrBuf *IconTheme; /* Icontheme setting */
451 /* Iconbar controls */
452 int cache_max_folders;
453 int cache_num_floors;
454 long *IBSettingsVec; /* which icons should be shown / not shown? */
455 const StrBuf *floordiv_expanded; /* which floordiv currently expanded */
456 int ib_wholist_expanded;
457 int ib_roomlist_expanded;
459 /* our known Sieve scripts; loaded by SIEVE:SCRIPTS iterator. */
460 HashList *KnownSieveScripts;
462 /* Transcoding cache buffers; used to avoid to frequent realloc */
466 /* cache stuff for templates. */
467 HashList *ServCfg; /* cache our server config for editing */
468 HashList *InetCfg; /* Our inet server config for editing */
469 ExpirePolicy Policy[maxpolicy];
474 typedef void (*Header_Evaluator)(StrBuf *Line, ParsedHttpHdrs *hdr);
476 typedef struct _HttpHeader {
482 void RegisterHeaderHandler(const char *Name, long Len, Header_Evaluator F);
491 #define num_parms(source) num_tokens(source, '|')
494 #define site_prefix (WC ? (WC->Hdr->HostHeader) : NULL)
496 /* Per-session data */
497 #define WC ((struct wcsession *)pthread_getspecific(MyConKey))
498 extern pthread_key_t MyConKey;
500 /* Per-thread SSL context */
502 #define THREADSSL ((SSL *)pthread_getspecific(ThreadSSL))
503 extern pthread_key_t ThreadSSL;
507 int starttls(int sock);
508 extern SSL_CTX *ssl_ctx;
509 int client_read_sslbuffer(StrBuf *buf, int timeout);
510 int client_write_ssl(const StrBuf *Buf);
514 extern int follow_xff;
515 extern char *server_cookie;
516 extern char *axdefs[];
517 extern int num_threads_existing;
518 extern int num_threads_executing;
520 void InitialiseSemaphores(void);
521 void begin_critical_section(int which_one);
522 void end_critical_section(int which_one);
524 void CheckGZipCompressionAllowed(const char *MimeType, long MLen);
526 extern void do_404(void);
527 void http_redirect(const char *);
530 #ifdef UBER_VERBOSE_DEBUGGING
531 #define wc_printf(...) wcc_printf(__FILE__, __FUNCTION__, __LINE__, __VA_ARGS__)
532 void wcc_printf(const char *FILE, const char *FUNCTION, long LINE, const char *format, ...);
534 void wc_printf(const char *format,...)__attribute__((__format__(__printf__,1,2)));
536 void hprintf(const char *format,...)__attribute__((__format__(__printf__,1,2)));
537 void CheckAuthBasic(ParsedHttpHdrs *hdr);
538 void GetAuthBasic(ParsedHttpHdrs *hdr);
539 void sleeeeeeeeeep(int);
540 size_t wc_strftime(char *s, size_t max, const char *format, const struct tm *tm);
541 void fmt_time(char *buf, size_t siz, time_t thetime);
542 void httpdate(char *buf, time_t thetime);
543 time_t httpdate_to_timestamp(StrBuf *buf);
544 void end_webcit_session(void);
545 void cookie_to_stuff(StrBuf *cookie, int *session, StrBuf *user, StrBuf *pass, StrBuf *room, StrBuf *language);
546 void locate_host(StrBuf *TBuf, int);
547 void become_logged_in(const StrBuf *user, const StrBuf *pass, StrBuf *serv_response);
548 void display_login(void);
549 void display_openids(void);
550 void display_default_landing_page(void);
551 void do_welcome(void);
552 void display_reg(int during_login);
553 void display_main_menu(void);
554 void display_aide_menu(void);
555 void RegisterEmbeddableMimeType(const char *MimeType, long MTLen, int Priority);
556 void CreateMimeStr(void);
557 void pop_destination(void);
558 void FmOut(StrBuf *Target, const char *align, const StrBuf *Source);
559 void wDumpContent(int);
560 void PutRequestLocalMem(void *Data, DeleteHashDataFunc DeleteIt);
561 void output_headers(int do_httpheaders, int do_htmlhead, int do_room_banner, int unset_cookies, int suppress_check, int cache);
562 void cdataout(char *rawdata);
563 void url(char *buf, size_t bufsize);
564 void UrlizeText(StrBuf* Target, StrBuf *Source, StrBuf *WrkBuf);
565 void display_success(const char *successmessage);
566 void shutdown_sessions(void);
567 StrBuf *load_mimepart(long msgnum, char *partnum);
568 void MimeLoadData(wc_mime_attachment *Mime);
569 void do_edit_vcard(long msgnum, char *partnum, message_summary *VCMsg, wc_mime_attachment *VCAtt, const char *return_to, const char *force_room);
570 void select_user_to_edit(const char *preselect);
571 void convenience_page(const char *titlebarcolor, const char *titlebarmsg, const char *messagetext);
572 void output_html(const char *, int, int, StrBuf *, StrBuf *);
573 ssize_t write(int fd, const void *buf, size_t count);
574 void cal_process_attachment(wc_mime_attachment *Mime);
575 void begin_ajax_response(void);
576 void end_ajax_response(void);
577 extern char *months[];
579 long locate_user_vcard_in_this_room(message_summary **VCMsg, wc_mime_attachment **VCAtt);
580 void http_transmit_thing(const char *content_type, int is_static);
581 void http_transmit_headers(const char *content_type, int is_static, long is_chunked, int is_gzip);
582 long unescape_input(char *buf);
583 void check_thread_pool_size(void);
584 void StrEndTab(StrBuf *Target, int tabnum, int num_tabs);
585 void StrBeginTab(StrBuf *Target, int tabnum, int num_tabs, StrBuf **Names);
586 void StrTabbedDialog(StrBuf *Target, int num_tabs, StrBuf *tabnames[]);
587 void tabbed_dialog(int num_tabs, const char *tabnames[]);
588 void begin_tab(int tabnum, int num_tabs);
589 void end_tab(int tabnum, int num_tabs);
590 int get_time_format_cached (void);
591 void display_wiki_pagelist(void);
592 void str_wiki_index(StrBuf *);
593 HashList *GetRoomListHashLKRA(StrBuf *Target, WCTemplputParams *TP);
594 void TmplGettext(StrBuf *Target, WCTemplputParams *TP); /* actual supported locales */
595 void set_selected_language(const char *);
596 void go_selected_language(void);
597 const char *get_selected_language(void);
598 void begin_burst(void);
599 long end_burst(void);
600 void AppendImportantMessage(const char *pch, long len);
601 void http_datestring(char *buf, size_t n, time_t xtime);
602 void display_enter(void);
604 /* These should be empty, but we have them for testing */
605 #define DEFAULT_HTTPAUTH_USER ""
606 #define DEFAULT_HTTPAUTH_PASS ""
608 // Exit codes 101 through 109 are initialization failures so we don't want to just keep respawning indefinitely.
609 #define WC_EXIT_BIND 101 /* Can't bind to the port */
610 #define WC_EXIT_SSL 102 /* Can't initialize SSL */
612 #define WC_TIMEFORMAT_NONE 0
613 #define WC_TIMEFORMAT_AMPM 1
614 #define WC_TIMEFORMAT_24 2
616 extern int time_to_die; /* Nonzero if server is shutting down */
617 extern int DisableGzip;
619 void display_summary_page(void);
620 HashList *GetValidDomainNames(StrBuf *Target, WCTemplputParams *TP);
621 void output_error_pic(const char *ErrMsg1, const char *ErrMsg2);
622 void jsonMessageListHdr(void);
623 extern char *ctdl_dir; /* Directory where Citadel Server is running */
625 // ical_dezonify() references this, but it's also used in WebCit Classic so we abstract it
626 #define default_zone_name ChrPtr(WC->serv_info->serv_default_cal_zone)
628 #include "webserver.h"