void _display_openid_login(void) {display_openid_login(NULL);}
void _display_reg(void) {display_reg(0);}
+void Header_HandleAuth(StrBuf *Line, ParsedHttpHdrs *hdr)
+{
+ const char *Pos = NULL;
+ if (strncasecmp(ChrPtr(Line), "Basic", 5) == 0) {
+ StrBufCutLeft(Line, 6);
+ StrBufDecodeBase64(Line);
+ StrBufExtract_NextToken(hdr->c_username, Line, &Pos, ':');
+ StrBufExtract_NextToken(hdr->c_password, Line, &Pos, ':');
+ hdr->got_auth = AUTH_BASIC;
+ }
+ else
+ lprintf(1, "Authentication scheme not supported! [%s]\n", ChrPtr(Line));
+}
+
+void Header_HandleCookie(StrBuf *Line, ParsedHttpHdrs *hdr)
+{
+ hdr->RawCookie = Line;
+ if (hdr->DontNeedAuth)
+ return;
+/*
+ safestrncpy(c_httpauth_string, "", sizeof c_httpauth_string);
+ c_httpauth_user = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_USER));
+ c_httpauth_pass = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_PASS));
+*/
+ cookie_to_stuff(Line, &hdr->desired_session,
+ hdr->c_username,
+ hdr->c_password,
+ hdr->c_roomname);
+ hdr->got_auth = AUTH_COOKIE;
+}
+
+
void
InitModule_AUTH
(void)
{
+ RegisterHeaderHandler(HKEY("COOKIE"), Header_HandleCookie);
+ RegisterHeaderHandler(HKEY("AUTHORIZATION"), Header_HandleAuth);
+
WebcitAddUrlHandler(HKEY(""), do_welcome, ANONYMOUS|COOKIEUNNEEDED); /* no url pattern at all? Show login. */
WebcitAddUrlHandler(HKEY("do_welcome"), do_welcome, ANONYMOUS|COOKIEUNNEEDED);
WebcitAddUrlHandler(HKEY("login"), do_login, ANONYMOUS|COOKIEUNNEEDED);
Hdr->Handler = (WebcitHandler*) vHandler;
if (Hdr->Handler == NULL)
break;
- /* are we about to ignore some prefix like webcit/ ? */
+ /*
+ * If the request is prefixed by "/webcit" then chop that off. This
+ * allows a front end web server to forward all /webcit requests to us
+ * while still using the same web server port for other things.
+ */
if ((Hdr->Handler->Flags & URLNAMESPACE) == 0)
break;
} while (1);
/*
if (isbogus)
StrBufPlain(ReqLine, HKEY("/404"));
+TODO HKEY("/static/nocookies.html?force_close_session=yes"));
*/
/* dbg_PrintHash(HTTPHeaders, nix, NULL); */
- /*
- * If the request is prefixed by "/webcit" then chop that off. This
- * allows a front end web server to forward all /webcit requests to us
- * while still using the same web server port for other things.
- * /
- if (!isbogus &&
- (StrLength(ReqLine) >= 8) &&
- (strstr(ChrPtr(ReqLine), "/webcit/")) ) {
- StrBufCutLeft(ReqLine, 7);
- }
/* Begin parsing the request. * /
#ifdef TECH_PREVIEW
TheSession->Hdr = NULL;
pthread_mutex_unlock(&TheSession->SessionMutex); /* unbind */
-
http_destroy_modules(&Hdr);
-/* TODO
-
- FreeStrBuf(&c_username);
- FreeStrBuf(&c_password);
- FreeStrBuf(&c_roomname);
- FreeStrBuf(&c_httpauth_user);
- FreeStrBuf(&c_httpauth_pass);
-*/
- /* Free the request buffer */
- ///FreeStrBuf(&ReqLine);
-
}
void tmplput_nonce(StrBuf *Target, WCTemplputParams *TP)
StrBufAppendTemplate(Target, TP, WC->wc_roomname, 0);
}
-
-void Header_HandleCookie(StrBuf *Line, ParsedHttpHdrs *hdr)
-{
- hdr->RawCookie = Line;
- if (hdr->DontNeedAuth)
- return;
-/*
- c_username = NewStrBuf();
- c_password = NewStrBuf();
- c_roomname = NewStrBuf();
- safestrncpy(c_httpauth_string, "", sizeof c_httpauth_string);
- c_httpauth_user = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_USER));
- c_httpauth_pass = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_PASS));
-*/
- cookie_to_stuff(Line, &hdr->desired_session,
- hdr->c_username,
- hdr->c_password,
- hdr->c_roomname);
- hdr->got_cookie = 1;
-}
-
-
- /*
- * Browser-based sessions use cookies for session authentication
- * /
- if (!isbogus &&
- GetHash(HTTPHeaders, HKEY("COOKIE"), &vLine) &&
- (vLine != NULL)) {
- cookie_to_stuff(vLine, &desired_session,
- NULL, NULL, NULL);
- got_cookie = 1;
- }
- */
- /*
- * GroupDAV-based sessions use HTTP authentication
- */
-/*
- if (!isbogus &&
- GetHash(HTTPHeaders, HKEY("AUTHORIZATION"), &vLine) &&
- (vLine != NULL)) {
- Line = (StrBuf*)vLine;
- if (strncasecmp(ChrPtr(Line), "Basic", 5) == 0) {
- StrBufCutLeft(Line, 6);
- CtdlDecodeBase64(httpauth_string, ChrPtr(Line), StrLength(Line));
- extract_token(httpauth_user, httpauth_string, 0, ':', sizeof httpauth_user);
- extract_token(httpauth_pass, httpauth_string, 1, ':', sizeof httpauth_pass);
- }
- else
- lprintf(1, "Authentication scheme not supported! [%s]\n", ChrPtr(Line));
- }
-
-*/
-void Header_HandleAuth(StrBuf *Line, ParsedHttpHdrs *hdr)
-{
- const char *Pos = NULL;
- StrBufDecodeBase64(Line);
- StrBufExtract_NextToken(hdr->c_username, Line, &Pos, ':');
- StrBufExtract_NextToken(hdr->c_password, Line, &Pos, ':');
-}
-
void Header_HandleContentLength(StrBuf *Line, ParsedHttpHdrs *hdr)
{
hdr->ContentLength = StrToi(Line);
hdr->gzip_ok = 1;
}
}
-
-/*
-{
- c_username = NewStrBuf();
- c_password = NewStrBuf();
- c_roomname = NewStrBuf();
- safestrncpy(c_httpauth_string, "", sizeof c_httpauth_string);
- c_httpauth_user = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_USER));
- c_httpauth_pass = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_PASS));
-}
-*/
- /* *
- * These are the URL's which may be executed without a
- * session cookie already set. If it's not one of these,
- * force the session to close because cookies are
- * probably disabled on the client browser.
- * /
- else if ( (StrLength(ReqLine) > 1 )
- && (strncasecmp(ChrPtr(ReqLine), "/404", 4))
- && (Hdr.got_cookie == 0)) {
- StrBufPlain(ReqLine,
- HKEY("/static/nocookies.html"
- "?force_close_session=yes"));
- }
-*/
const char *ReqStrs[eNONE] = {
"GET",
"POST",
InitModule_CONTEXT
(void)
{
- RegisterHeaderHandler(HKEY("COOKIE"), Header_HandleCookie);
- RegisterHeaderHandler(HKEY("AUTHORIZATION"), Header_HandleAuth);
RegisterHeaderHandler(HKEY("CONTENT-LENGTH"), Header_HandleContentLength);
RegisterHeaderHandler(HKEY("CONTENT-TYPE"), Header_HandleContentType);
RegisterHeaderHandler(HKEY("USER-AGENT"), Header_HandleUserAgent);
* when there's no such image on the server.
*/
StrBufPrintf (Buf, "%s%s", static_dirs[0], "/blank.gif");
- //// TDODO output_static(ChrPtr(Buf));
+ output_static(ChrPtr(Buf));
FreeStrBuf(&Buf);
}
* roomname the room we sould print out as rss
* request_method the way the rss is requested????
*/
-void display_rss(const StrBuf *roomname)
+void display_rss(void)
{
message_summary *Msg;
wcsession *WCC = WC;
char msgn[256];
char content_type[256];
char charset[256];
-
+ const StrBuf *roomname;
+
if (!WCC->logged_in) {
#ifdef ALLOW_ANON_RSS
StrBuf *User;
#endif
}
- if (gotoroom(roomname)) {
+ if (gotoroom(WCC->Hdr->ReqLine)) {
lprintf(3, "RSS: Can't goto requested room\n");
hprintf("HTTP/1.1 404 Not Found\r\n");
hprintf("Content-Type: text/html\r\n");
HashList *StaticFilemappings[4] = {NULL, NULL, NULL, NULL};
-
-
/*
- for ( a = 0; a < 9; ++a)
- {
- extract_token(index[a], ChrPtr(ReqLine), a + 1, '/', sizes[a]);
- if (strstr(index[a], "?")) *strstr(index[a], "?") = 0;
- if (strstr(index[a], "&")) *strstr(index[a], "&") = 0;
- if (strstr(index[a], " ")) *strstr(index[a], " ") = 0;
- if ((index[a][0] == '.') && (index[a][1] == '.'))
- nBackDots++;
- if (index[a][0] == '\0')
- nEmpty++;
- }
-*/
-
-/* TODO: staticdata
-{
-
-
- /** Figure out the action * /
- index[0] = action;
- sizes[0] = sizeof action;
- for (a=1; a<9; a++)
- {
- index[a] = arg[a-1];
- sizes[a] = sizeof arg[a-1];
- }
- nBackDots = 0;
- nEmpty = 0;
-
-
- /* Static content can be sent without connecting to Citadel. * /
- is_static = 0;
- for (a=0; a<ndirs && ! is_static; ++a) {
- if (!strcasecmp(action, (char*)static_content_dirs[a])) { /* map web to disk location * /
- is_static = 1;
- n_static = a;
- }
- }
- if (is_static) {
- if (nBackDots < 2)
- {
- snprintf(buf, sizeof buf, "%s/%s/%s/%s/%s/%s/%s/%s",
- static_dirs[n_static],
- index[1], index[2], index[3], index[4], index[5], index[6], index[7]);
- for (a=0; a<8; ++a) {
- if (buf[strlen(buf)-1] == '/') {
- buf[strlen(buf)-1] = 0;
- }
- }
- for (a = 0; a < strlen(buf); ++a) {
- if (isspace(buf[a])) {
- buf[a] = 0;
- }
- }
- output_static(buf);
- }
- else
{
lprintf(9, "Suspicious request. Ignoring.");
hprintf("HTTP/1.1 404 Security check failed\r\n");
wprintf("You have sent a malformed or invalid request.\r\n");
end_burst();
}
- goto SKIP_ALL_THIS_CRAP; /* Don't try to connect * /
- }
- }*/
-
-
+*/
/*
* dump out static pages from disk
*/
}
}
- /* TODO: integrate this into the static startup logic
-
- * While we're at it, gracefully handle requests for the
- * robots.txt and favicon.ico files.
- * /
- if ((StrLength(ReqLine) >= 11) &&
- !strncasecmp(ChrPtr(ReqLine), "/robots.txt", 11)) {
- StrBufPlain(ReqLine,
- HKEY("/static/robots.txt"
- "?force_close_session=yes HTTP/1.1"));
- Hdr.eReqType = eGET;
- }
- else if ((StrLength(ReqLine) >= 11) &&
- !strncasecmp(ChrPtr(ReqLine), "/favicon.ico", 12)) {
- StrBufPlain(ReqLine, HKEY("/static/favicon.ico"));
- Hdr.eReqType = eGET;
- }
-
-*/
-
-
-
int LoadStaticDir(const char *DirName, HashList *DirList, const char *RelDir)
{
}
+void output_flat_static(void)
+{
+ wcsession *WCC = WC;
+ void *vFile;
+ StrBuf *File;
+
+ if (GetHash(StaticFilemappings[0], SKEY(WCC->Hdr->Handler->Name), &vFile) &&
+ (vFile != NULL))
+ {
+ File = (StrBuf*) vFile;
+ output_static(ChrPtr(vFile));
+ }
+}
+
+
+
void output_static_safe(HashList *DirList)
{
wcsession *WCC = WC;
LoadStaticDir(static_dirs[2], StaticFilemappings[2], "");
LoadStaticDir(static_dirs[3], StaticFilemappings[3], "");
- WebcitAddUrlHandler(HKEY("robots.txt"), output_static_0, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC);
- WebcitAddUrlHandler(HKEY("favicon.ico"), output_static_0, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC);
+ WebcitAddUrlHandler(HKEY("robots.txt"), output_flat_static, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC);
+ WebcitAddUrlHandler(HKEY("favicon.ico"), output_flat_static, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC);
WebcitAddUrlHandler(HKEY("static"), output_static_0, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC);
WebcitAddUrlHandler(HKEY("static.local"), output_static_1, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC);
WebcitAddUrlHandler(HKEY("tinymce"), output_static_2, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC);
-
-
}
} addrbookent;
-
-
#define AJAX (1<<0)
#define ANONYMOUS (1<<1)
#define NEED_URL (1<<2)
} WebcitHandler;
void WebcitAddUrlHandler(const char * UrlString, long UrlSLen, WebcitHandlerFunc F, long Flags);
-
-
-
-
-
-
typedef struct _headereval {
ExamineMsgHeaderFunc evaluator;
int Type;
};
const char *ReqStrs[eNONE];
-
+#define NO_AUTH 0
+#define AUTH_COOKIE 1
+#define AUTH_BASIC 2
typedef struct _ParsedHttpHdrs {
int http_sock; /**< HTTP server socket */
const WebcitHandler *Handler;
int DontNeedAuth;
- int got_cookie;
+ int got_auth;
long ContentLength;
time_t if_modified_since;
int gzip_ok; /**< Nonzero if Accept-encoding: gzip */
int HaveEvaluator;
} OneHttpHeader;
+void RegisterHeaderHandler(const char *Name, long Len, Header_Evaluator F);
/* values for WC->current_iconbar */
long unescape_input(char *buf);
void do_selected_iconbar(void);
void spawn_another_worker_thread(void);
-void display_rss(const StrBuf *roomname);
void StrEndTab(StrBuf *Target, int tabnum, int num_tabs);
void StrBeginTab(StrBuf *Target, int tabnum, int num_tabs);
void StrTabbedDialog(StrBuf *Target, int num_tabs, StrBuf *tabnames[]);