-//
// This module handles HTTP transactions.
//
-// Copyright (c) 1996-2018 by the citadel.org team
+// Copyright (c) 1996-2022 by the citadel.org team
//
// This program is open source software. It runs great on the
// Linux operating system (and probably elsewhere). You can use,
// Push one new header into the response of an HTTP request.
// When completed, the HTTP transaction now owns the memory allocated for key and val.
void add_response_header(struct http_transaction *h, char *key, char *val) {
- struct http_header *new_response_header = malloc(sizeof(struct http_header));
- new_response_header->key = key;
- new_response_header->val = val;
- new_response_header->next = h->response_headers;
- h->response_headers = new_response_header;
+ struct keyval new_response_header;
+ new_response_header.key = key;
+ new_response_header.val = val;
+ array_append(h->response_headers, &new_response_header);
}
struct http_transaction h;
char *c, *d;
struct sockaddr_in sin;
- struct http_header *clh; // general purpose iterator variable
+ int i; // general purpose iterator variable
memset(&h, 0, sizeof h);
+ h.request_headers = array_new(sizeof(struct keyval));
+ h.request_parms = array_new(sizeof(struct keyval));
+ h.response_headers = array_new(sizeof(struct keyval));
while (len = client_readline(ch, buf, sizeof buf), (len > 0)) {
++lines_read;
- if (lines_read == 1) { // First line is method and URI.
+ if (lines_read == 1) { // First line is method and URL.
c = strchr(buf, ' '); // IGnore the HTTP-version.
if (c == NULL) {
h.method = strdup("NULL");
- h.uri = strdup("/");
+ h.url = strdup("/");
}
else {
*c = 0;
*c = 0;
}
++c;
- h.uri = strdup(d);
+ h.url = strdup(d);
}
}
else { // Subsequent lines are headers.
c = strchr(buf, ':'); // Header line folding is obsolete so we don't support it.
if (c != NULL) {
- struct http_header *new_request_header = malloc(sizeof(struct http_header));
+
+ struct keyval new_request_header;
*c = 0;
- new_request_header->key = strdup(buf);
+ new_request_header.key = strdup(buf);
++c;
- new_request_header->val = strdup(c);
- striplt(new_request_header->key);
- striplt(new_request_header->val);
- new_request_header->next = h.request_headers;
- h.request_headers = new_request_header;
+ new_request_header.val = strdup(c);
+ striplt(new_request_header.key);
+ striplt(new_request_header.val);
+ array_append(h.request_headers, &new_request_header);
#ifdef DEBUG_HTTP
- syslog(LOG_DEBUG, "{ %s: %s", new_request_header->key, new_request_header->val);
+ syslog(LOG_DEBUG, "\033[1m\033[35m{ %s: %s\033[0m", new_request_header.key, new_request_header.val);
#endif
}
}
}
+ // If the URL had any query parameters in it, parse them out now.
+ char *p = (h.url ? strchr(h.url, '?') : NULL);
+ if (p) {
+ *p++ = 0; // insert a null to remove parameters from the URL
+ char *tok, *saveptr = NULL;
+ for (tok = strtok_r(p, "&", &saveptr); tok!=NULL; tok = strtok_r(NULL, "&", &saveptr)) {
+ char *eq = strchr(tok, '=');
+ if (eq) {
+ *eq++ = 0;
+ unescape_input(eq);
+ struct keyval kv;
+ kv.key = strdup(tok);
+ kv.val = strdup(eq);
+ array_append(h.request_parms, &kv);
+ syslog(LOG_DEBUG, "\033[1m\033[33m| %s = %s\033[0m", kv.key, kv.val);
+ }
+ }
+ }
+
// build up the site prefix, such as https://foo.bar.com:4343
h.site_prefix = malloc(256);
strcpy(h.site_prefix, (is_https ? "https://" : "http://"));
syslog(LOG_DEBUG, "Client disconnected");
}
else {
- syslog(LOG_DEBUG, "< %s %s", h.method, h.uri);
+ syslog(LOG_DEBUG, "\033[33m\033[1m< %s %s\033[0m", h.method, h.url);
// If there is a request body, read it now.
char *ccl = header_val(&h, "Content-Length");
h.request_body = malloc(h.request_body_length);
client_read(ch, h.request_body, h.request_body_length);
- //write(2, HKEY("\033[31m"));
- //write(2, h.request_body, h.request_body_length);
- //write(2, HKEY("\033[0m\n"));
+ // Write the entire request body to stderr -- not what you want during normal operation.
+ #ifdef BODY_TO_STDERR
+ write(2, HKEY("\033[31m"));
+ write(2, h.request_body, h.request_body_length);
+ write(2, HKEY("\033[0m\n"));
+ #endif
}
+
// Now pass control up to the next layer to perform the request.
perform_request(&h);
- // Output the results back to the client.
- //write(2, HKEY("\033[32m"));
- //write(2, h.response_body, h.response_body_length);
- //write(2, HKEY("\033[0m\n"));
+ // Write the entire response body to stderr -- not what you want during normal operation.
+ #ifdef BODY_TO_STDERR
+ write(2, HKEY("\033[32m"));
+ write(2, h.response_body, h.response_body_length);
+ write(2, HKEY("\033[0m\n"));
+ #endif
- syslog(LOG_DEBUG, "> %03d %s", h.response_code, h.response_string);
+ // Output the results back to the client.
+ syslog(LOG_DEBUG, "\033[33m\033[1m> %03d %s\033[0m", h.response_code, h.response_string);
client_printf(ch, "HTTP/1.1 %03d %s\r\n", h.response_code, h.response_string);
client_printf(ch, "Connection: close\r\n");
client_printf(ch, "Content-Length: %ld\r\n", h.response_body_length);
}
client_printf(ch, "Content-encoding: identity\r\n"); // change if we gzip/deflate
- for (clh = h.response_headers; clh != NULL; clh = clh->next) {
+ int number_of_response_headers = array_len(h.response_headers);
+ for (i=0; i<number_of_response_headers; ++i) {
+ struct keyval *kv = array_get_element_at(h.response_headers, i);
#ifdef DEBUG_HTTP
- syslog(LOG_DEBUG, "} %s: %s", clh->key, clh->val);
+ syslog(LOG_DEBUG, "\033[1m\033[35m} %s: %s\033[0m", kv->key, kv->val);
#endif
- client_printf(ch, "%s: %s\r\n", clh->key, clh->val);
+ client_printf(ch, "%s: %s\r\n", kv->key, kv->val);
}
client_printf(ch, "\r\n");
if ((h.response_body_length > 0) && (h.response_body != NULL)) {
}
// free the transaction memory
- while (h.request_headers) {
- if (h.request_headers->key)
- free(h.request_headers->key);
- if (h.request_headers->val)
- free(h.request_headers->val);
- clh = h.request_headers->next;
- free(h.request_headers);
- h.request_headers = clh;
+ while (array_len(h.request_headers) > 0) {
+ struct keyval *kv = array_get_element_at(h.request_headers, 0);
+ if (kv->key) free(kv->key);
+ if (kv->val) free(kv->val);
+ array_delete_element_at(h.request_headers, 0);
}
- while (h.response_headers) {
- if (h.response_headers->key)
- free(h.response_headers->key);
- if (h.response_headers->val)
- free(h.response_headers->val);
- clh = h.response_headers->next;
- free(h.response_headers);
- h.response_headers = clh;
+ array_free(h.request_headers);
+ while (array_len(h.request_parms) > 0) {
+ struct keyval *kv = array_get_element_at(h.request_parms, 0);
+ if (kv->key) free(kv->key);
+ if (kv->val) free(kv->val);
+ array_delete_element_at(h.request_parms, 0);
}
- if (h.method)
+ array_free(h.request_parms);
+ while (array_len(h.response_headers) > 0) {
+ struct keyval *kv = array_get_element_at(h.response_headers, 0);
+ if (kv->key) free(kv->key);
+ if (kv->val) free(kv->val);
+ array_delete_element_at(h.response_headers, 0);
+ }
+ array_free(h.response_headers);
+ if (h.method) {
free(h.method);
- if (h.uri)
- free(h.uri);
- if (h.request_body)
+ }
+ if (h.url) {
+ free(h.url);
+ }
+ if (h.request_body) {
free(h.request_body);
- if (h.response_string)
+ }
+ if (h.response_string) {
free(h.response_string);
- if (h.site_prefix)
+ }
+ if (h.site_prefix) {
free(h.site_prefix);
+ }
}
// The caller does NOT own the memory of the returned pointer, but can count on the pointer
// to still be valid through the end of the transaction.
char *header_val(struct http_transaction *h, char *requested_header) {
- struct http_header *clh; // general purpose iterator variable
- for (clh = h->request_headers; clh != NULL; clh = clh->next) {
- if (!strcasecmp(clh->key, requested_header)) {
- return (clh->val);
+ struct keyval *kv;
+ int i;
+ for (i=0; i<array_len(h->request_headers); ++i) {
+ kv = array_get_element_at(h->request_headers, i);
+ if (!strcasecmp(kv->key, requested_header)) {
+ return (kv->val);
+ }
+ }
+ return (NULL);
+}
+
+
+// Utility function to fetch a specific URL parameter from a completely read-in request.
+// Returns the value of the requested parameter, or NULL if the specified parameter was not sent.
+// The caller does NOT own the memory of the returned pointer, but can count on the pointer
+// to still be valid through the end of the transaction.
+char *get_url_param(struct http_transaction *h, char *requested_param) {
+ struct keyval *kv;
+ int i;
+ for (i=0; i<array_len(h->request_parms); ++i) {
+ kv = array_get_element_at(h->request_parms, i);
+ if (!strcasecmp(kv->key, requested_param)) {
+ return (kv->val);
}
}
return (NULL);