either. - */ - + int do_room_banner, /* 1 = include the room banner and

*/ int unset_cookies, /* 1 = session is terminating, so unset the cookies */ int suppress_check, /* 1 = suppress check for instant messages */ int cache /* 1 = allow browser to cache this page */ @@ -153,7 +141,13 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers */ wcsession *WCC = WC; char httpnow[128]; - hprintf("HTTP/1.1 200 OK\n"); + if (WCC->isFailure) + hprintf("HTTP/2.2 500 Internal Server Error"); + else if (WCC->Hdr->HaveRange > 1) + hprintf("HTTP/1.1 206 Partial Content\r\n"); + else + hprintf("HTTP/1.1 200 OK\r\n"); + http_datestring(httpnow, sizeof httpnow, time(NULL)); if (do_httpheaders) { @@ -195,54 +189,25 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers */ if (do_htmlhead) { begin_burst(); - do_template("head", NULL); - - /* check for ImportantMessages (these display in a div overlaying the main screen) */ - if (!IsEmptyStr(WCC->ImportantMessage)) { - wc_printf("

\n" - ""); - StrEscAppend(WCC->WBuf, NULL, WCC->ImportantMessage, 0, 0); - wc_printf("
\n" - "

\n" - ); - StrBufAppendBufPlain(WCC->trailing_javascript, - HKEY("setTimeout('hide_imsg_popup()', 5000); \n"), - 0 - ); - WCC->ImportantMessage[0] = 0; - } - else if (StrLength(WCC->ImportantMsg) > 0) { - wc_printf("

\n" - ""); - StrEscAppend(WCC->WBuf, WCC->ImportantMsg, NULL, 0, 0); - wc_printf("
\n" - "

\n" - ); - StrBufAppendBufPlain(WCC->trailing_javascript, - HKEY("setTimeout('hide_imsg_popup()', 5000); \n"), - 0 - ); - FlushStrBuf(WCC->ImportantMsg); - } + do_template("head"); if ( (WCC->logged_in) && (!unset_cookies) ) { DoTemplate(HKEY("paging"), NULL, &NoCtx); } - - if (do_room_banner == 1) { + if (do_room_banner) { tmplput_roombanner(NULL, NULL); } } - if (do_room_banner == 1) { + if (do_room_banner) { wc_printf("

\n"); } } void output_custom_content_header(const char *ctype) { - hprintf("HTTP/1.1 200 OK\r\n"); - hprintf("Content-type: %s; charset=utf-8\r\n",ctype); - hprintf("Server: %s / %s\r\n", PACKAGE_STRING, ChrPtr(WC->serv_info->serv_software)); - hprintf("Connection: close\r\n"); + hprintf("HTTP/1.1 200 OK\r\n"); + hprintf("Content-type: %s; charset=utf-8\r\n",ctype); + hprintf("Server: %s / %s\r\n", PACKAGE_STRING, ChrPtr(WC->serv_info->serv_software)); + hprintf("Connection: close\r\n"); } @@ -254,6 +219,7 @@ void http_redirect(const char *whichpage) { hprintf("Location: %s\r\n", whichpage); hprintf("URI: %s\r\n", whichpage); hprintf("Content-type: text/html; charset=utf-8\r\n"); + stuff_to_cookie(0); begin_burst(); wc_printf(""); wc_printf("Go here.", whichpage); @@ -264,12 +230,17 @@ void http_redirect(const char *whichpage) { /* - * Output a piece of content to the web browser using conformant HTTP and MIME semantics + * Output a piece of content to the web browser using conformant HTTP and MIME semantics. + * + * If this function is called, it is expected that begin_burst() has already been called + * and some sort of content has been fed into the buffer. This function will transmit a + * bunch of headers to the client. end_burst() will add some headers of its own, and then + * transmit the buffered content to the client. */ void http_transmit_thing(const char *content_type, int is_static) { - - syslog(9, "http_transmit_thing(%s)%s\n", content_type, ((is_static > 0) ? " (static)" : "")); + if (verbose) + syslog(LOG_DEBUG, "http_transmit_thing(%s)%s", content_type, ((is_static > 0) ? " (static)" : "")); output_headers(0, 0, 0, 0, 0, is_static); hprintf("Content-type: %s\r\n" @@ -281,6 +252,31 @@ void http_transmit_thing(const char *content_type, int is_static) end_burst(); } +void http_transmit_headers(const char *content_type, int is_static, long is_chunked, int is_gzip) +{ + wcsession *WCC = WC; + if (verbose) + syslog(LOG_DEBUG, "http_transmit_thing(%s)%s", content_type, ((is_static > 0) ? " (static)" : "")); + output_headers(0, 0, 0, 0, 0, is_static); + + if (is_gzip) + hprintf("Content-encoding: gzip\r\n"); + + if (WCC->Hdr->HaveRange) + hprintf("Accept-Ranges: bytes\r\n" + "Content-Range: bytes %ld-%ld/%ld\r\n", + WCC->Hdr->RangeStart, + WCC->Hdr->RangeTil, + WCC->Hdr->TotalBytes); + + hprintf("Content-type: %s\r\n" + "Server: "PACKAGE_STRING"\r\n" + "%s" + "Connection: close\r\n\r\n", + content_type, + (is_chunked)?"Transfer-Encoding: chunked\r\n":""); +} + /* * Convenience functions to display a page containing only a string @@ -292,14 +288,13 @@ void http_transmit_thing(const char *content_type, int is_static) void convenience_page(const char *titlebarcolor, const char *titlebarmsg, const char *messagetext) { hprintf("HTTP/1.1 200 OK\n"); - output_headers(1, 1, 2, 0, 0, 0); - wc_printf("

\n"); + output_headers(1, 1, 1, 0, 0, 0); + wc_printf("

\n"); wc_printf("

", titlebarcolor); wc_printf("%s\n", titlebarmsg); wc_printf("

\n"); wc_printf("

\n"); escputs(messagetext); - wc_printf("

\n"); wDumpContent(1); } @@ -330,7 +325,7 @@ void url_do_template(void) { /* * convenience function to indicate success */ -void display_success(char *successmessage) +void display_success(const char *successmessage) { convenience_page("007700", "OK", successmessage); } @@ -351,24 +346,30 @@ void authorization_required(void) PACKAGE_STRING, ChrPtr(WC->serv_info->serv_software) ); hprintf("WWW-Authenticate: Basic realm=\"%s\"\r\n", ChrPtr(WC->serv_info->serv_humannode)); + + /* if this is a false cookie authentication, remove it to avoid endless loops. */ + if (StrLength(WCC->Hdr->HR.RawCookie) > 0) + stuff_to_cookie(1); + hprintf("Content-Type: text/html\r\n"); begin_burst(); wc_printf("

"); wc_printf(_("Authorization Required")); wc_printf("

\r\n"); - - if (WCC->ImportantMsg != NULL) + if (WCC->ImportantMsg != NULL) { message = ChrPtr(WCC->ImportantMsg); - else if (WCC->ImportantMessage != NULL) - message = WCC->ImportantMessage; + } - wc_printf(_("The resource you requested requires a valid username and password. " - "You could not be logged in: %s\n"), message); + wc_printf( + _("The resource you requested requires a valid username and password. " + "You could not be logged in: %s\n"), + message + ); wDumpContent(0); - end_webcit_session(); } + /* * Convenience functions to wrap around asynchronous ajax responses */ @@ -386,6 +387,7 @@ void begin_ajax_response(void) { begin_burst(); } + /* * print ajax response footer */ @@ -394,7 +396,6 @@ void end_ajax_response(void) { } - /* * Wraps a Citadel server command in an AJAX transaction. */ @@ -406,7 +407,8 @@ void ajax_servcmd(void) char *junk; size_t len; - syslog(LOG_DEBUG, "ajax_servcmd() g_cmd=\"%s\"\n", bstr("g_cmd") ); + if (verbose) + syslog(LOG_DEBUG, "ajax_servcmd() g_cmd=\"%s\"", bstr("g_cmd") ); begin_ajax_response(); Buf = NewStrBuf(); serv_puts(bstr("g_cmd")); @@ -424,7 +426,8 @@ void ajax_servcmd(void) } case 1: while (!Done) { - StrBuf_ServGetln(Buf); + if (StrBuf_ServGetln(Buf) < 0) + break; if ( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000")) { Done = 1; @@ -455,7 +458,7 @@ void ajax_servcmd(void) * This is kind of an ugly hack, but this is the only place it can go. * If the command was GEXP, then the instant messenger window must be * running, so reset the "last_pager_check" watchdog timer so - * that page_popup() doesn't try to open it a second time. + * that page_popup() doesn't try to open it a second time. TODO: page_popup isn't with us anymore. */ if (!strncasecmp(bstr("g_cmd"), "GEXP", 4)) { WCC->last_pager_check = time(NULL); @@ -501,23 +504,48 @@ void push_destination(void) { } FreeStrBuf(&WCC->PushedDestination); - WCC->PushedDestination = NewStrBufDup(SBSTR("url")); - syslog(9, "Push: %s\n", ChrPtr(WCC->PushedDestination)); + WCC->PushedDestination = NewStrBufDup(sbstr("url")); + if (verbose) + syslog(LOG_DEBUG, "Push: %s", ChrPtr(WCC->PushedDestination)); wc_printf("OK"); } + /* * Go to the URL saved by push_destination() */ void pop_destination(void) { wcsession *WCC = WC; + /* + * If we are in the middle of a new user signup, the server may request that + * we first pass through a registration screen. + */ + if ((WCC) && (WCC->need_regi)) { + if ((WCC->PushedDestination != NULL) && (StrLength(WCC->PushedDestination) > 0)) { + /* Registering will take us to the My Citadel Config room, so save our place */ + StrBufAppendBufPlain(WCC->PushedDestination, HKEY("?go="), 0); + StrBufUrlescAppend(WCC->PushedDestination, WCC->CurRoom.name, NULL); + } + WCC->need_regi = 0; + display_reg(1); + return; + } + + /* + * Do something reasonable if we somehow ended up requesting a pop without + * having first done a push. + */ if ( (!WCC) || (WCC->PushedDestination == NULL) || (StrLength(WCC->PushedDestination) == 0) ) { do_welcome(); return; } - syslog(9, "Pop: %s\n", ChrPtr(WCC->PushedDestination)); + /* + * All righty then! We have a destination saved, so go there now. + */ + if (verbose) + syslog(LOG_DEBUG, "Pop: %s", ChrPtr(WCC->PushedDestination)); http_redirect(ChrPtr(WCC->PushedDestination)); } @@ -573,48 +601,6 @@ int ReadPostData(void) } -void ParseREST_URL(void) -{ - StrBuf *Buf; - StrBuf *pFloor = NULL; - wcsession *WCC = WC; - long i = 0; - const char *pCh = NULL; - HashList *Floors; - void *vFloor; - - syslog(1, "parsing rest URL: %s\n", ChrPtr(WCC->Hdr->HR.ReqLine)); - - WCC->Directory = NewHash(1, Flathash); - WCC->CurrentFloor = NULL; - - Buf = NewStrBuf(); - while (StrBufExtract_NextToken(Buf, WCC->Hdr->HR.ReqLine, &pCh, '/') >= 0) - { - if (StrLength(Buf) != 0) { - /* ignore empty path segments */ - StrBufUnescape(Buf, 1); - Put(WCC->Directory, IKEY(i), Buf, HFreeStrBuf); - if (i==0) - pFloor = Buf; - Buf = NewStrBuf(); - } - i++; - } - - FreeStrBuf(&Buf); - if (pFloor != NULL) - { - Floors = GetFloorListHash(NULL, NULL); - - if (Floors != NULL) - { - if (GetHash(WCC->FloorsByName, SKEY(pFloor), &vFloor)) - WCC->CurrentFloor = (Floor*) vFloor; - } - } -} - int Conditional_REST_DEPTH(StrBuf *Target, WCTemplputParams *TP) { long Depth, IsDepth; @@ -642,7 +628,6 @@ int Conditional_REST_DEPTH(StrBuf *Target, WCTemplputParams *TP) */ void session_loop(void) { - int Flags = 0; int xhttp; StrBuf *Buf; @@ -656,8 +641,6 @@ void session_loop(void) WCC->upload_length = 0; WCC->upload = NULL; WCC->Hdr->nWildfireHeaders = 0; - if (WCC->Hdr->HR.Handler != NULL) - Flags = WCC->Hdr->HR.Handler->Flags; /* so we can temporarily add our own... */ if (WCC->Hdr->HR.ContentLength > 0) { if (ReadPostData() < 0) { @@ -682,11 +665,12 @@ void session_loop(void) /* If the client sent a nonce that is incorrect, kill the request. */ if (havebstr("nonce")) { - syslog(9, "Comparing supplied nonce %s to session nonce %d\n", - bstr("nonce"), WCC->nonce - ); + if (verbose) + syslog(LOG_DEBUG, "Comparing supplied nonce %s to session nonce %d", + bstr("nonce"), WCC->nonce + ); if (ibstr("nonce") != WCC->nonce) { - syslog(9, "Ignoring request with mismatched nonce.\n"); + syslog(LOG_INFO, "Ignoring request with mismatched nonce."); hprintf("HTTP/1.1 404 Security check failed\r\n"); hprintf("Content-Type: text/plain\r\n"); begin_burst(); @@ -724,10 +708,10 @@ void session_loop(void) * If we're not logged in, but we have authentication data (either from * a cookie or from http-auth), try logging in to Citadel using that. */ - if ((!WCC->logged_in) - && (StrLength(WCC->Hdr->c_username) > 0) - && (StrLength(WCC->Hdr->c_password) > 0)) - { + if ( (!WCC->logged_in) + && (StrLength(WCC->Hdr->c_username) > 0) + && (StrLength(WCC->Hdr->c_password) > 0) + ) { long Status; FlushStrBuf(Buf); @@ -762,18 +746,21 @@ void session_loop(void) */ if (havebstr("go")) { int ret; - syslog(9, "Explicit room selection: %s\n", bstr("go")); + if (verbose) + syslog(LOG_DEBUG, "Explicit room selection: %s", bstr("go")); ret = gotoroom(sbstr("go")); /* do quietly to avoid session output! */ if ((ret/100) != 2) { - syslog(1, "Unable to change to [%s]; Reason: %d\n", bstr("go"), ret); + if (verbose) + syslog(LOG_DEBUG, "Unable to change to [%s]; Reason: %d", bstr("go"), ret); } } else if (havebstr("gotofirst")) { int ret; - syslog(9, "Explicit room selection: %s\n", bstr("gotofirst")); + if (verbose) + syslog(LOG_DEBUG, "Explicit room selection: %s", bstr("gotofirst")); ret = gotoroom(sbstr("gotofirst")); /* do quietly to avoid session output! */ if ((ret/100) != 2) { - syslog(1, "Unable to change to [%s]; Reason: %d\n", bstr("gotofirst"), ret); + syslog(LOG_INFO, "Unable to change to [%s]; Reason: %d", bstr("gotofirst"), ret); } } @@ -784,34 +771,35 @@ void session_loop(void) else if ( (StrLength(WCC->CurRoom.name) == 0) && ( (StrLength(WCC->Hdr->c_roomname) > 0) )) { int ret; - syslog(9, "We are in '%s' but cookie indicates '%s', going there...\n", - ChrPtr(WCC->CurRoom.name), - ChrPtr(WCC->Hdr->c_roomname) + if (verbose) + syslog(LOG_DEBUG, "We are in '%s' but cookie indicates '%s', going there...", + ChrPtr(WCC->CurRoom.name), + ChrPtr(WCC->Hdr->c_roomname) ); ret = gotoroom(WCC->Hdr->c_roomname); /* do quietly to avoid session output! */ if ((ret/100) != 2) { - syslog(1, "COOKIEGOTO: Unable to change to [%s]; Reason: %d\n", - ChrPtr(WCC->Hdr->c_roomname), ret); + if (verbose) + syslog(LOG_DEBUG, "COOKIEGOTO: Unable to change to [%s]; Reason: %d", + ChrPtr(WCC->Hdr->c_roomname), ret); } } if (WCC->Hdr->HR.Handler != NULL) { if ( (!WCC->logged_in) && ((WCC->Hdr->HR.Handler->Flags & ANONYMOUS) == 0) + && (WCC->serv_info != NULL) && (WCC->serv_info->serv_supports_guest == 0) ) { display_login(); } else { -/* - if ((WCC->Hdr->HR.Handler->Flags & PARSE_REST_URL) != 0) - ParseREST_URL(); -*/ - if ((WCC->Hdr->HR.Handler->Flags & AJAX) != 0) + if ((WCC->Hdr->HR.Handler->Flags & AJAX) != 0) { begin_ajax_response(); + } WCC->Hdr->HR.Handler->F(); - if ((WCC->Hdr->HR.Handler->Flags & AJAX) != 0) + if ((WCC->Hdr->HR.Handler->Flags & AJAX) != 0) { end_ajax_response(); + } } } /* When all else fails, display the default landing page or a main menu. */ @@ -832,10 +820,12 @@ void session_loop(void) * Toplevel dav requests? or just a flat browser request? */ else { - if (xhttp) - groupdav_main(); - else + if (xhttp) { + dav_main(); + } + else { display_main_menu(); + } } } @@ -850,11 +840,24 @@ SKIP_ALL_THIS_CRAP: * Display the appropriate landing page for this site. */ void display_default_landing_page(void) { - if (WC->serv_info->serv_supports_guest) { - /* default action. probably revisit this. */ - StrBuf *teh_lobby = NewStrBufPlain(HKEY("_BASEROOM_")); - smart_goto(teh_lobby); - FreeStrBuf(&teh_lobby); + wcsession *WCC = WC; + + if (WCC && WCC->serv_info && WCC->serv_info->serv_supports_guest) { + /* default action */ + + if (havebstr("go")) { + if (verbose) + syslog(LOG_DEBUG, "Explicit room selection: %s", bstr("go")); + smart_goto(sbstr("go")); + } + else if (default_landing_page) { + http_redirect(default_landing_page); + } + else { + StrBuf *teh_lobby = NewStrBufPlain(HKEY("_BASEROOM_")); + smart_goto(teh_lobby); + FreeStrBuf(&teh_lobby); + } } else { display_login(); @@ -894,8 +897,7 @@ int ConditionalImportantMesage(StrBuf *Target, WCTemplputParams *TP) { wcsession *WCC = WC; if (WCC != NULL) - return ((!IsEmptyStr(WCC->ImportantMessage)) || - (StrLength(WCC->ImportantMsg) > 0)); + return (StrLength(WCC->ImportantMsg) > 0); else return 0; } @@ -905,13 +907,8 @@ void tmplput_importantmessage(StrBuf *Target, WCTemplputParams *TP) wcsession *WCC = WC; if (WCC != NULL) { - if (!IsEmptyStr(WCC->ImportantMessage)) { - StrEscAppend(Target, NULL, WCC->ImportantMessage, 0, 0); - WCC->ImportantMessage[0] = '\0'; - } - else if (StrLength(WCC->ImportantMsg) > 0) { + if (StrLength(WCC->ImportantMsg) > 0) { StrEscAppend(Target, WCC->ImportantMsg, NULL, 0, 0); - FlushStrBuf(WCC->ImportantMsg); } } } @@ -930,6 +927,12 @@ void tmplput_csslocal(StrBuf *Target, WCTemplputParams *TP) csslocal, 0); } +void tmplput_packagestring(StrBuf *Target, WCTemplputParams *TP) +{ + StrBufAppendBufPlain(Target, + HKEY(PACKAGE_STRING), 0); +} + extern char static_local_dir[PATH_MAX]; @@ -939,6 +942,7 @@ InitModule_WEBCIT { char dir[SIZ]; WebcitAddUrlHandler(HKEY("blank"), "", 0, blank_page, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC); + WebcitAddUrlHandler(HKEY("landing"), "", 0, display_default_landing_page, ANONYMOUS|COOKIEUNNEEDED); WebcitAddUrlHandler(HKEY("do_template"), "", 0, url_do_template, ANONYMOUS); WebcitAddUrlHandler(HKEY("sslg"), "", 0, seconds_since_last_gexp, AJAX|LOGCHATTY); WebcitAddUrlHandler(HKEY("ajax_servcmd"), "", 0, ajax_servcmd, 0); @@ -947,23 +951,24 @@ InitModule_WEBCIT WebcitAddUrlHandler(HKEY("pop"), "", 0, pop_destination, 0); WebcitAddUrlHandler(HKEY("401"), "", 0, authorization_required, ANONYMOUS|COOKIEUNNEEDED); - RegisterConditional(HKEY("COND:IMPMSG"), 0, ConditionalImportantMesage, CTX_NONE); - RegisterConditional(HKEY("COND:REST:DEPTH"), 0, Conditional_REST_DEPTH, CTX_NONE); - RegisterConditional(HKEY("COND:IS_HTTPS"), 0, Conditional_IS_HTTPS, CTX_NONE); + RegisterConditional("COND:IMPMSG", 0, ConditionalImportantMesage, CTX_NONE); + RegisterConditional("COND:REST:DEPTH", 0, Conditional_REST_DEPTH, CTX_NONE); + RegisterConditional("COND:IS_HTTPS", 0, Conditional_IS_HTTPS, CTX_NONE); RegisterNamespace("CSSLOCAL", 0, 0, tmplput_csslocal, NULL, CTX_NONE); RegisterNamespace("IMPORTANTMESSAGE", 0, 0, tmplput_importantmessage, NULL, CTX_NONE); RegisterNamespace("TRAILING_JAVASCRIPT", 0, 0, tmplput_trailing_javascript, NULL, CTX_NONE); RegisterNamespace("URL:DISPLAYNAME", 0, 1, tmplput_HANDLER_DISPLAYNAME, NULL, CTX_NONE); + RegisterNamespace("PACKAGESTRING", 0, 1, tmplput_packagestring, NULL, CTX_NONE); snprintf(dir, SIZ, "%s/webcit.css", static_local_dir); if (!access(dir, R_OK)) { - syslog(9, "Using local Stylesheet [%s]\n", dir); + syslog(LOG_INFO, "Using local Stylesheet [%s]", dir); csslocal = NewStrBufPlain(HKEY("")); } else - syslog(9, "No Site-local Stylesheet [%s] installed. \n", dir); + syslog(LOG_INFO, "No Site-local Stylesheet [%s] installed.", dir); } @@ -1013,6 +1018,10 @@ SessionDetachModule_WEBCIT else FlushStrBuf(sess->WBuf); FlushStrBuf(sess->HBuf); + if (StrLength(sess->ImportantMsg) > 0) { + FlushStrBuf(sess->ImportantMsg); + } + } void