From 19efac53a8a87446e66e6e0213d7f9b46af60a48 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Wilfried=20G=C3=B6esgens?= <willi@citadel.org>
Date: Sun, 23 Aug 2009 22:07:27 +0000
Subject: [PATCH] * add logging if auth-basic session connecting fails with
 weird conditions * be more picky about what sending with hprintf and wprintf
 in some sluggish errormessages * add missing begin_bursts()

---
 webcit/auth.c             |  5 ++++-
 webcit/context_loop.c     |  6 ++++++
 webcit/groupdav_get.c     |  4 +++-
 webcit/groupdav_options.c | 18 +++++++++---------
 webcit/groupdav_put.c     |  8 ++++++--
 webcit/messages.c         |  2 ++
 webcit/paging.c           |  2 ++
 webcit/static.c           |  2 ++
 webcit/vcard_edit.c       |  1 +
 webcit/webcit.c           |  5 ++++-
 10 files changed, 39 insertions(+), 14 deletions(-)

diff --git a/webcit/auth.c b/webcit/auth.c
index 008e115e4..d61d7c203 100644
--- a/webcit/auth.c
+++ b/webcit/auth.c
@@ -957,7 +957,10 @@ void CheckAuthBasic(ParsedHttpHdrs *hdr)
 	StrBufAppendBufPlain(hdr->HR.plainauth, HKEY(":"), 0);
 	StrBufAppendBuf(hdr->HR.plainauth, hdr->HR.user_agent, 0);
 	hdr->HR.SessionKey = hashlittle(SKEY(hdr->HR.plainauth), 89479832);
-	
+/*
+	lprintf(1, "CheckAuthBasic: calculated sessionkey %ld\n", 
+		hdr->HR.SessionKey);
+*/
 }
 
 void GetAuthBasic(ParsedHttpHdrs *hdr)
diff --git a/webcit/context_loop.c b/webcit/context_loop.c
index 17c549174..62ee82a03 100644
--- a/webcit/context_loop.c
+++ b/webcit/context_loop.c
@@ -158,6 +158,9 @@ wcsession *FindSession(wcsession **wclist, ParsedHttpHdrs *Hdr, pthread_mutex_t
 			    (!strcasecmp(ChrPtr(Hdr->c_password), ChrPtr(sptr->wc_password))) ) {
 				TheSession = sptr;
 			}
+			if (TheSession == NULL)
+				lprintf(1, "found sessionkey [%ld], but credentials for [%s|%s] didn't match\n",
+					Hdr->HR.SessionKey,ChrPtr(Hdr->c_username), ChrPtr(sptr->wc_username));
 			break;
 		case AUTH_COOKIE:
 			/* If cookie-session, look for a session with matching session ID */
@@ -171,6 +174,9 @@ wcsession *FindSession(wcsession **wclist, ParsedHttpHdrs *Hdr, pthread_mutex_t
 		}
 	}
 	pthread_mutex_unlock(ListMutex);
+	if (TheSession == NULL)
+		lprintf(1, "didn't find sessionkey [%ld] for user [%s]\n",
+			Hdr->HR.SessionKey,ChrPtr(Hdr->c_username));
 	return TheSession;
 }
 
diff --git a/webcit/groupdav_get.c b/webcit/groupdav_get.c
index 1c6e48307..7977eb093 100644
--- a/webcit/groupdav_get.c
+++ b/webcit/groupdav_get.c
@@ -23,9 +23,11 @@ void groupdav_get_big_ics(void) {
 		hprintf("HTTP/1.1 404 not found\r\n");
 		groupdav_common_headers();
 		hprintf("Content-Type: text/plain\r\n");
+		begin_burst();
 		wprintf("%s\r\n",
 			&buf[4]
-			);/* TODO: do we need to end-burst here? */
+			);
+		end_burst();
 		return;
 	}
 
diff --git a/webcit/groupdav_options.c b/webcit/groupdav_options.c
index 9f1fefcef..e20d1a07f 100644
--- a/webcit/groupdav_options.c
+++ b/webcit/groupdav_options.c
@@ -56,12 +56,12 @@ void groupdav_options(void)
 		groupdav_common_headers();
 		hprintf("Date: %s\r\n", datestring);
 		hprintf(
-			"Content-Type: text/plain\r\n"
-			"\r\n"
+			"Content-Type: text/plain\r\n");
+		begin_burst();
+		wprintf(
 			"There is no folder called \"%s\" on this server.\r\n",
 			ChrPtr(dav_roomname)
 		);
-		begin_burst();
 		end_burst();
 		FreeStrBuf(&dav_roomname);
 		FreeStrBuf(&dav_uid);
@@ -77,16 +77,16 @@ void groupdav_options(void)
 		if (dav_msgnum < 0) {
 			hprintf("HTTP/1.1 404 not found\r\n");
 			groupdav_common_headers();
-			hprintf(
-				"Content-Type: text/plain\r\n"
-				"\r\n"
+			hprintf("Content-Type: text/plain\r\n");
+			begin_burst();
+			wprintf(
 				"Object \"%s\" was not found in the \"%s\" folder.\r\n",
 				ChrPtr(dav_uid),
 				ChrPtr(dav_roomname)
 			);
 			FreeStrBuf(&dav_roomname);
 			FreeStrBuf(&dav_uid);
-			begin_burst();end_burst();return;
+			end_burst();return;
 		}
 
 		hprintf("HTTP/1.1 200 OK\r\n");
@@ -94,7 +94,7 @@ void groupdav_options(void)
 		hprintf("Date: %s\r\n", datestring);
 		hprintf("DAV: 1\r\n");
 		hprintf("Allow: OPTIONS, PROPFIND, GET, PUT, DELETE\r\n");
-		hprintf("\r\n");
+		
 		begin_burst();
 		end_burst();
 		FreeStrBuf(&dav_roomname);
@@ -114,7 +114,7 @@ void groupdav_options(void)
 	hprintf("Date: %s\r\n", datestring);
 	hprintf("DAV: 1\r\n");
 	hprintf("Allow: OPTIONS, PROPFIND, GET, PUT\r\n");
-	hprintf("\r\n");
 	begin_burst();
+	wprintf("\r\n");
 	end_burst();
 }
diff --git a/webcit/groupdav_put.c b/webcit/groupdav_put.c
index 8d08a1e49..48f0b4a85 100644
--- a/webcit/groupdav_put.c
+++ b/webcit/groupdav_put.c
@@ -33,6 +33,7 @@ void groupdav_put_bigics(void)
 		hprintf("HTTP/1.1 502 Bad Gateway\r\n");
 		groupdav_common_headers();
 		hprintf("Content-type: text/plain\r\n");
+		begin_burst();
 		wprintf("%s\r\n", &buf[4]);
 		end_burst();
 		return;
@@ -70,6 +71,7 @@ void groupdav_put(void)
 		hprintf("HTTP/1.1 404 not found\r\n");
 		groupdav_common_headers();
 		hprintf("Content-Type: text/plain\r\n");
+		begin_burst();
 		wprintf("The object you requested was not found.\r\n");
 		end_burst();
 		return;
@@ -92,6 +94,7 @@ void groupdav_put(void)
 		hprintf("HTTP/1.1 404 not found\r\n");
 		groupdav_common_headers();
 		hprintf("Content-Type: text/plain\r\n");
+		begin_burst();
 		wprintf("There is no folder called \"%s\" on this server.\r\n",
 			ChrPtr(dav_roomname));
 		end_burst();
@@ -116,7 +119,7 @@ void groupdav_put(void)
 			lprintf(9, "HTTP/1.1 412 Precondition Failed (ifmatch=%ld, old_msgnum=%ld)\r\n",
 				StrTol(WCC->Hdr->HR.dav_ifmatch), old_msgnum);
 			groupdav_common_headers();
-			hprintf("Content-Length: 0\r\n");
+			
 			end_burst();
 			FreeStrBuf(&dav_roomname);
 			FreeStrBuf(&dav_uid);
@@ -144,7 +147,7 @@ void groupdav_put(void)
 		hprintf("HTTP/1.1 502 Bad Gateway\r\n");
 		groupdav_common_headers();
 		hprintf("Content-type: text/plain\r\n");
-
+		begin_burst();
 		wprintf("%s\r\n", &buf[4]);
 		end_burst();
 		return;
@@ -181,6 +184,7 @@ void groupdav_put(void)
 		hprintf("HTTP/1.1 502 Bad Gateway\r\n");
 		groupdav_common_headers();
 		hprintf("Content-type: text/plain\r\n");
+		begin_burst();
 		wprintf("new_msgnum is %ld\r\n"
 			"\r\n", new_msgnum);
 		end_burst();
diff --git a/webcit/messages.c b/webcit/messages.c
index 3c5439345..921f5366d 100644
--- a/webcit/messages.c
+++ b/webcit/messages.c
@@ -1480,6 +1480,7 @@ void postpart(StrBuf *partnum, StrBuf *filename, int force_download)
 		hprintf("HTTP/1.1 404 %s\n", ChrPtr(partnum));
 		output_headers(0, 0, 0, 0, 0, 0);
 		hprintf("Content-Type: text/plain\r\n");
+		begin_burst();
 		wprintf(_("An error occurred while retrieving this part: %s/%s\n"), 
 			ChrPtr(partnum), ChrPtr(filename));
 		end_burst();
@@ -1539,6 +1540,7 @@ void mimepart(int force_download)
 		hprintf("HTTP/1.1 404 %s\n", ChrPtr(Buf));
 		output_headers(0, 0, 0, 0, 0, 0);
 		hprintf("Content-Type: text/plain\r\n");
+		begin_burst();
 		wprintf(_("An error occurred while retrieving this part: %s\n"), 
 			ChrPtr(Buf));
 		end_burst();
diff --git a/webcit/paging.c b/webcit/paging.c
index d44c816cb..e93ac646b 100644
--- a/webcit/paging.c
+++ b/webcit/paging.c
@@ -279,6 +279,7 @@ void chat_recv(void) {
 	output_headers(0, 0, 0, 0, 0, 0);
 
 	hprintf("Content-type: text/html; charset=utf-8\r\n");
+	begin_burst();
 	wprintf("<html>\n"
 		"<head>\n"
 		"<meta http-equiv=\"refresh\" content=\"3\" />\n"
@@ -426,6 +427,7 @@ void chat_send(void) {
 
 	output_headers(0, 0, 0, 0, 0, 0);
 	hprintf("Content-type: text/html; charset=utf-8\r\n");
+	begin_burst();
 	wprintf("<HTML>"
 		"<BODY onLoad=\"document.chatsendform.send_this.focus();\" >"
 	);
diff --git a/webcit/static.c b/webcit/static.c
index 0d538f1b3..139cd32b4 100644
--- a/webcit/static.c
+++ b/webcit/static.c
@@ -46,6 +46,7 @@ void output_static(const char *what)
 		lprintf(9, "output_static('%s') [%s]  -- NOT FOUND --\n", what, ChrPtr(WC->Hdr->this_page));
 		hprintf("HTTP/1.1 404 %s\r\n", strerror(errno));
 		hprintf("Content-Type: text/plain\r\n");
+		begin_burst();
 		wprintf("Cannot open %s: %s\r\n", what, strerror(errno));
 		end_burst();
 	} else {
@@ -56,6 +57,7 @@ void output_static(const char *what)
 			lprintf(9, "output_static('%s')  -- FSTAT FAILED --\n", what);
 			hprintf("HTTP/1.1 404 %s\r\n", strerror(errno));
 			hprintf("Content-Type: text/plain\r\n");
+			begin_burst();
 			wprintf("Cannot fstat %s: %s\n", what, strerror(errno));
 			end_burst();
 			return;
diff --git a/webcit/vcard_edit.c b/webcit/vcard_edit.c
index 11a059b87..1f44dd862 100644
--- a/webcit/vcard_edit.c
+++ b/webcit/vcard_edit.c
@@ -1231,6 +1231,7 @@ void display_vcard_photo_img(void)
 		hprintf("HTTP/1.1 500 %s\n","Unable to get photo");
 		output_headers(0, 0, 0, 0, 0, 0);
 		hprintf("Content-Type: text/plain\r\n");
+		begin_burst();
 		wprintf(_("Could Not decode vcard photo\n"));
 		end_burst();
 		return;
diff --git a/webcit/webcit.c b/webcit/webcit.c
index 33fcc7046..869793a2c 100644
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -241,6 +241,7 @@ void http_redirect(const char *whichpage) {
 	hprintf("Location: %s\r\n", whichpage);
 	hprintf("URI: %s\r\n", whichpage);
 	hprintf("Content-type: text/html; charset=utf-8\r\n");
+	begin_burst();
 	wprintf("<html><body>");
 	wprintf("Go <a href=\"%s\">here</A>.", whichpage);
 	wprintf("</body></html>\n");
@@ -379,6 +380,7 @@ void authorization_required(void)
 	);
 	hprintf("WWW-Authenticate: Basic realm=\"%s\"\r\n", ChrPtr(WC->serv_info->serv_humannode));
 	hprintf("Content-Type: text/html\r\n");
+	begin_burst();
 	wprintf("<h1>");
 	wprintf(_("Authorization Required"));
 	wprintf("</h1>\r\n");
@@ -392,7 +394,7 @@ void authorization_required(void)
 	wprintf(_("The resource you requested requires a valid username and password. "
 		"You could not be logged in: %s\n"), message);
 	wDumpContent(0);
-	WCC->killthis = 1;
+	end_webcit_session();
 }
 
 /*
@@ -601,6 +603,7 @@ void session_loop(void)
 			lprintf(9, "Ignoring request with mismatched nonce.\n");
 			hprintf("HTTP/1.1 404 Security check failed\r\n");
 			hprintf("Content-Type: text/plain\r\n\r\n");
+			begin_burst();
 			wprintf("Security check failed.\r\n");
 			end_burst();
 			goto SKIP_ALL_THIS_CRAP;
-- 
2.30.2