adamc@853
|
1 #define _GNU_SOURCE
|
adamc@853
|
2
|
adamc@853
|
3 #include <stdio.h>
|
adamc@853
|
4 #include <string.h>
|
adamc@853
|
5 #include <stdlib.h>
|
adamc@853
|
6 #include <sys/types.h>
|
adamc@853
|
7 #include <sys/socket.h>
|
adamc@853
|
8 #include <netinet/in.h>
|
adamc@853
|
9 #include <unistd.h>
|
adamc@853
|
10 #include <signal.h>
|
adamc@853
|
11
|
adamc@853
|
12 #include <pthread.h>
|
adamc@853
|
13
|
adamc@853
|
14 #include <mhash.h>
|
adamc@853
|
15
|
adamc@853
|
16 #include "urweb.h"
|
adamc@853
|
17
|
adamc@853
|
18 #define MAX_RETRIES 5
|
adamc@853
|
19
|
adamc@853
|
20 static int try_rollback(uw_context ctx) {
|
adamc@853
|
21 int r = uw_rollback(ctx);
|
adamc@853
|
22
|
adamc@853
|
23 if (r) {
|
adamc@853
|
24 printf("Error running SQL ROLLBACK\n");
|
adamc@853
|
25 uw_reset(ctx);
|
adamc@853
|
26 uw_write(ctx, "HTTP/1.1 500 Internal Server Error\n\r");
|
adamc@853
|
27 uw_write(ctx, "Content-type: text/plain\r\n\r\n");
|
adamc@853
|
28 uw_write(ctx, "Error running SQL ROLLBACK\n");
|
adamc@853
|
29 }
|
adamc@853
|
30
|
adamc@853
|
31 return r;
|
adamc@853
|
32 }
|
adamc@853
|
33
|
adamc@853
|
34 uw_context uw_request_new_context() {
|
adamc@853
|
35 uw_context ctx = uw_init();
|
adamc@853
|
36 int retries_left = MAX_RETRIES;
|
adamc@853
|
37
|
adamc@853
|
38 while (1) {
|
adamc@853
|
39 failure_kind fk = uw_begin_init(ctx);
|
adamc@853
|
40
|
adamc@853
|
41 if (fk == SUCCESS) {
|
adamc@853
|
42 printf("Database connection initialized.\n");
|
adamc@853
|
43 break;
|
adamc@853
|
44 } else if (fk == BOUNDED_RETRY) {
|
adamc@853
|
45 if (retries_left) {
|
adamc@853
|
46 printf("Initialization error triggers bounded retry: %s\n", uw_error_message(ctx));
|
adamc@853
|
47 --retries_left;
|
adamc@853
|
48 } else {
|
adamc@853
|
49 printf("Fatal initialization error (out of retries): %s\n", uw_error_message(ctx));
|
adamc@853
|
50 uw_free(ctx);
|
adamc@853
|
51 return NULL;
|
adamc@853
|
52 }
|
adamc@853
|
53 } else if (fk == UNLIMITED_RETRY)
|
adamc@853
|
54 printf("Initialization error triggers unlimited retry: %s\n", uw_error_message(ctx));
|
adamc@853
|
55 else if (fk == FATAL) {
|
adamc@853
|
56 printf("Fatal initialization error: %s\n", uw_error_message(ctx));
|
adamc@853
|
57 uw_free(ctx);
|
adamc@853
|
58 return NULL;
|
adamc@853
|
59 } else {
|
adamc@853
|
60 printf("Unknown uw_begin_init return code!\n");
|
adamc@853
|
61 uw_free(ctx);
|
adamc@853
|
62 return NULL;
|
adamc@853
|
63 }
|
adamc@853
|
64 }
|
adamc@853
|
65
|
adamc@853
|
66 return ctx;
|
adamc@853
|
67 }
|
adamc@853
|
68
|
adamc@853
|
69 #define KEYSIZE 16
|
adamc@853
|
70 #define PASSSIZE 4
|
adamc@853
|
71
|
adamc@853
|
72 #define HASH_ALGORITHM MHASH_SHA256
|
adamc@853
|
73 #define HASH_BLOCKSIZE 32
|
adamc@853
|
74 #define KEYGEN_ALGORITHM KEYGEN_MCRYPT
|
adamc@853
|
75
|
adamc@853
|
76 int uw_hash_blocksize = HASH_BLOCKSIZE;
|
adamc@853
|
77
|
adamc@853
|
78 static int password[PASSSIZE];
|
adamc@853
|
79 static unsigned char private_key[KEYSIZE];
|
adamc@853
|
80
|
adamc@853
|
81 static void init_crypto() {
|
adamc@853
|
82 KEYGEN kg = {{HASH_ALGORITHM, HASH_ALGORITHM}};
|
adamc@853
|
83 int i;
|
adamc@853
|
84
|
adamc@853
|
85 assert(mhash_get_block_size(HASH_ALGORITHM) == HASH_BLOCKSIZE);
|
adamc@853
|
86
|
adamc@853
|
87 for (i = 0; i < PASSSIZE; ++i)
|
adamc@853
|
88 password[i] = rand();
|
adamc@853
|
89
|
adamc@853
|
90 if (mhash_keygen_ext(KEYGEN_ALGORITHM, kg,
|
adamc@853
|
91 private_key, sizeof(private_key),
|
adamc@853
|
92 (unsigned char*)password, sizeof(password)) < 0) {
|
adamc@853
|
93 printf("Key generation failed\n");
|
adamc@853
|
94 exit(1);
|
adamc@853
|
95 }
|
adamc@853
|
96 }
|
adamc@853
|
97
|
adamc@853
|
98 void uw_request_init() {
|
adamc@853
|
99 uw_context ctx;
|
adamc@853
|
100 failure_kind fk;
|
adamc@853
|
101
|
adamc@853
|
102 uw_global_init();
|
adamc@853
|
103
|
adamc@853
|
104 ctx = uw_request_new_context();
|
adamc@853
|
105
|
adamc@853
|
106 if (!ctx)
|
adamc@853
|
107 exit(1);
|
adamc@853
|
108
|
adamc@853
|
109 for (fk = uw_initialize(ctx); fk == UNLIMITED_RETRY; fk = uw_initialize(ctx)) {
|
adamc@853
|
110 printf("Unlimited retry during init: %s\n", uw_error_message(ctx));
|
adamc@853
|
111 uw_db_rollback(ctx);
|
adamc@853
|
112 uw_reset(ctx);
|
adamc@853
|
113 }
|
adamc@853
|
114
|
adamc@853
|
115 if (fk != SUCCESS) {
|
adamc@853
|
116 printf("Failed to initialize database! %s\n", uw_error_message(ctx));
|
adamc@853
|
117 uw_db_rollback(ctx);
|
adamc@853
|
118 exit(1);
|
adamc@853
|
119 }
|
adamc@853
|
120
|
adamc@853
|
121 uw_free(ctx);
|
adamc@853
|
122
|
adamc@853
|
123 init_crypto();
|
adamc@853
|
124 }
|
adamc@853
|
125
|
adamc@853
|
126 void uw_sign(const char *in, char *out) {
|
adamc@853
|
127 MHASH td;
|
adamc@853
|
128
|
adamc@853
|
129 td = mhash_hmac_init(HASH_ALGORITHM, private_key, sizeof(private_key),
|
adamc@853
|
130 mhash_get_hash_pblock(HASH_ALGORITHM));
|
adamc@853
|
131
|
adamc@853
|
132 mhash(td, in, strlen(in));
|
adamc@853
|
133 if (mhash_hmac_deinit(td, out) < 0)
|
adamc@853
|
134 printf("Signing failed");
|
adamc@853
|
135 }
|
adamc@853
|
136
|
adamc@853
|
137 typedef struct uw_rc {
|
adamc@853
|
138 size_t path_copy_size;
|
adamc@853
|
139 char *path_copy;
|
adamc@853
|
140 } *uw_request_context;
|
adamc@853
|
141
|
adamc@853
|
142 uw_request_context uw_new_request_context(void) {
|
adamc@853
|
143 uw_request_context r = malloc(sizeof(struct uw_rc));
|
adamc@853
|
144 r->path_copy_size = 0;
|
adamc@853
|
145 r->path_copy = malloc(0);
|
adamc@853
|
146 return r;
|
adamc@853
|
147 }
|
adamc@853
|
148
|
adamc@853
|
149 void uw_free_request_context(uw_request_context r) {
|
adamc@853
|
150 free(r->path_copy);
|
adamc@853
|
151 free(r);
|
adamc@853
|
152 }
|
adamc@853
|
153
|
adamc@854
|
154 request_result uw_request(uw_request_context rc, uw_context ctx,
|
adamc@854
|
155 char *method, char *path, char *query_string,
|
adamc@854
|
156 char *body, size_t body_len,
|
adamc@854
|
157 int sock) {
|
adamc@853
|
158 int retries_left = MAX_RETRIES;
|
adamc@853
|
159 char *s;
|
adamc@853
|
160 failure_kind fk;
|
adamc@853
|
161 int is_post = 0, do_normal_send = 1;
|
adamc@853
|
162 char *boundary = NULL;
|
adamc@853
|
163 size_t boundary_len;
|
adamc@854
|
164 char *inputs;
|
adamc@853
|
165
|
adamc@854
|
166 if (!strcmp(method, "POST")) {
|
adamc@853
|
167 char *clen_s = uw_Basis_requestHeader(ctx, "Content-length");
|
adamc@853
|
168 if (!clen_s) {
|
adamc@853
|
169 fprintf(stderr, "No Content-length with POST\n");
|
adamc@853
|
170 return FAILED;
|
adamc@853
|
171 }
|
adamc@853
|
172 int clen = atoi(clen_s);
|
adamc@853
|
173 if (clen < 0) {
|
adamc@853
|
174 fprintf(stderr, "Negative Content-length with POST\n");
|
adamc@853
|
175 return FAILED;
|
adamc@853
|
176 }
|
adamc@853
|
177
|
adamc@854
|
178 if (body_len < clen) {
|
adamc@853
|
179 fprintf(stderr, "Request doesn't contain all POST data (according to Content-Length)\n");
|
adamc@853
|
180 return FAILED;
|
adamc@853
|
181 }
|
adamc@853
|
182
|
adamc@853
|
183 is_post = 1;
|
adamc@853
|
184
|
adamc@853
|
185 clen_s = uw_Basis_requestHeader(ctx, "Content-type");
|
adamc@853
|
186 if (clen_s && !strncasecmp(clen_s, "multipart/form-data", 19)) {
|
adamc@853
|
187 if (strncasecmp(clen_s + 19, "; boundary=", 11)) {
|
adamc@853
|
188 fprintf(stderr, "Bad multipart boundary spec");
|
adamc@853
|
189 return FAILED;
|
adamc@853
|
190 }
|
adamc@853
|
191
|
adamc@853
|
192 boundary = clen_s + 28;
|
adamc@853
|
193 boundary[0] = '-';
|
adamc@853
|
194 boundary[1] = '-';
|
adamc@853
|
195 boundary_len = strlen(boundary);
|
adamc@853
|
196 }
|
adamc@854
|
197 } else if (strcmp(method, "GET")) {
|
adamc@854
|
198 fprintf(stderr, "Not ready for non-GET/POST command: %s\n", method);
|
adamc@853
|
199 return FAILED;
|
adamc@853
|
200 }
|
adamc@853
|
201
|
adamc@853
|
202 if (!strcmp(path, "/.msgs")) {
|
adamc@853
|
203 char *id = uw_Basis_requestHeader(ctx, "UrWeb-Client");
|
adamc@853
|
204 char *pass = uw_Basis_requestHeader(ctx, "UrWeb-Pass");
|
adamc@853
|
205
|
adamc@853
|
206 if (sock < 0) {
|
adamc@853
|
207 fprintf(stderr, ".msgs requested, but not socket supplied\n");
|
adamc@853
|
208 return FAILED;
|
adamc@853
|
209 }
|
adamc@853
|
210
|
adamc@853
|
211 if (id && pass) {
|
adamc@853
|
212 unsigned idn = atoi(id);
|
adamc@853
|
213 uw_client_connect(idn, atoi(pass), sock);
|
adamc@853
|
214 fprintf(stderr, "Processed request for messages by client %u\n\n", idn);
|
adamc@853
|
215 return KEEP_OPEN;
|
adamc@853
|
216 }
|
adamc@853
|
217 else {
|
adamc@853
|
218 fprintf(stderr, "Missing fields in .msgs request: %s, %s\n\n", id, pass);
|
adamc@853
|
219 return FAILED;
|
adamc@853
|
220 }
|
adamc@853
|
221 }
|
adamc@853
|
222
|
adamc@853
|
223 if (boundary) {
|
adamc@854
|
224 char *part = body, *after_sub_headers, *header, *after_header;
|
adamc@853
|
225 size_t part_len;
|
adamc@853
|
226
|
adamc@853
|
227 part = strstr(part, boundary);
|
adamc@853
|
228 if (!part) {
|
adamc@853
|
229 fprintf(stderr, "Missing first multipart boundary\n");
|
adamc@853
|
230 return FAILED;
|
adamc@853
|
231 }
|
adamc@853
|
232 part += boundary_len;
|
adamc@853
|
233
|
adamc@853
|
234 while (1) {
|
adamc@853
|
235 char *name = NULL, *filename = NULL, *type = NULL;
|
adamc@853
|
236
|
adamc@853
|
237 if (part[0] == '-' && part[1] == '-')
|
adamc@853
|
238 break;
|
adamc@853
|
239
|
adamc@853
|
240 if (*part != '\r') {
|
adamc@853
|
241 fprintf(stderr, "No \\r after multipart boundary\n");
|
adamc@853
|
242 return FAILED;
|
adamc@853
|
243 }
|
adamc@853
|
244 ++part;
|
adamc@853
|
245 if (*part != '\n') {
|
adamc@853
|
246 fprintf(stderr, "No \\n after multipart boundary\n");
|
adamc@853
|
247 return FAILED;
|
adamc@853
|
248 }
|
adamc@853
|
249 ++part;
|
adamc@853
|
250
|
adamc@853
|
251 if (!(after_sub_headers = strstr(part, "\r\n\r\n"))) {
|
adamc@853
|
252 fprintf(stderr, "Missing end of headers after multipart boundary\n");
|
adamc@853
|
253 return FAILED;
|
adamc@853
|
254 }
|
adamc@853
|
255 after_sub_headers[2] = 0;
|
adamc@853
|
256 after_sub_headers += 4;
|
adamc@853
|
257
|
adamc@853
|
258 for (header = part; after_header = strstr(header, "\r\n"); header = after_header + 2) {
|
adamc@853
|
259 char *colon, *after_colon;
|
adamc@853
|
260
|
adamc@853
|
261 *after_header = 0;
|
adamc@853
|
262 if (!(colon = strchr(header, ':'))) {
|
adamc@853
|
263 fprintf(stderr, "Missing colon in multipart sub-header\n");
|
adamc@853
|
264 return FAILED;
|
adamc@853
|
265 }
|
adamc@853
|
266 *colon++ = 0;
|
adamc@853
|
267 if (*colon++ != ' ') {
|
adamc@853
|
268 fprintf(stderr, "No space after colon in multipart sub-header\n");
|
adamc@853
|
269 return FAILED;
|
adamc@853
|
270 }
|
adamc@853
|
271
|
adamc@853
|
272 if (!strcasecmp(header, "Content-Disposition")) {
|
adamc@853
|
273 if (strncmp(colon, "form-data; ", 11)) {
|
adamc@853
|
274 fprintf(stderr, "Multipart data is not \"form-data\"\n");
|
adamc@853
|
275 return FAILED;
|
adamc@853
|
276 }
|
adamc@853
|
277
|
adamc@853
|
278 for (colon += 11; after_colon = strchr(colon, '='); colon = after_colon) {
|
adamc@853
|
279 char *data;
|
adamc@853
|
280 after_colon[0] = 0;
|
adamc@853
|
281 if (after_colon[1] != '"') {
|
adamc@853
|
282 fprintf(stderr, "Disposition setting is missing initial quote\n");
|
adamc@853
|
283 return FAILED;
|
adamc@853
|
284 }
|
adamc@853
|
285 data = after_colon+2;
|
adamc@853
|
286 if (!(after_colon = strchr(data, '"'))) {
|
adamc@853
|
287 fprintf(stderr, "Disposition setting is missing final quote\n");
|
adamc@853
|
288 return FAILED;
|
adamc@853
|
289 }
|
adamc@853
|
290 after_colon[0] = 0;
|
adamc@853
|
291 ++after_colon;
|
adamc@853
|
292 if (after_colon[0] == ';' && after_colon[1] == ' ')
|
adamc@853
|
293 after_colon += 2;
|
adamc@853
|
294
|
adamc@853
|
295 if (!strcasecmp(colon, "name"))
|
adamc@853
|
296 name = data;
|
adamc@853
|
297 else if (!strcasecmp(colon, "filename"))
|
adamc@853
|
298 filename = data;
|
adamc@853
|
299 }
|
adamc@853
|
300 } else if (!strcasecmp(header, "Content-Type")) {
|
adamc@853
|
301 type = colon;
|
adamc@853
|
302 }
|
adamc@853
|
303 }
|
adamc@853
|
304
|
adamc@854
|
305 part = memmem(after_sub_headers, body + body_len - after_sub_headers, boundary, boundary_len);
|
adamc@853
|
306 if (!part) {
|
adamc@853
|
307 fprintf(stderr, "Missing boundary after multipart payload\n");
|
adamc@853
|
308 return FAILED;
|
adamc@853
|
309 }
|
adamc@853
|
310 part[-2] = 0;
|
adamc@853
|
311 part_len = part - after_sub_headers - 2;
|
adamc@853
|
312 part[0] = 0;
|
adamc@853
|
313 part += boundary_len;
|
adamc@853
|
314
|
adamc@853
|
315 if (filename) {
|
adamc@853
|
316 uw_Basis_file f = {filename, type, {part_len, after_sub_headers}};
|
adamc@853
|
317
|
adamc@853
|
318 if (uw_set_file_input(ctx, name, f)) {
|
adamc@853
|
319 fprintf(stderr, "%s\n", uw_error_message(ctx));
|
adamc@853
|
320 return FAILED;
|
adamc@853
|
321 }
|
adamc@853
|
322 } else if (uw_set_input(ctx, name, after_sub_headers)) {
|
adamc@853
|
323 fprintf(stderr, "%s\n", uw_error_message(ctx));
|
adamc@853
|
324 return FAILED;
|
adamc@853
|
325 }
|
adamc@853
|
326 }
|
adamc@853
|
327 }
|
adamc@853
|
328 else {
|
adamc@854
|
329 inputs = is_post ? body : query_string;
|
adamc@853
|
330
|
adamc@853
|
331 if (inputs) {
|
adamc@853
|
332 char *name, *value;
|
adamc@853
|
333
|
adamc@853
|
334 while (*inputs) {
|
adamc@853
|
335 name = inputs;
|
adamc@853
|
336 if (inputs = strchr(inputs, '&'))
|
adamc@853
|
337 *inputs++ = 0;
|
adamc@853
|
338 else
|
adamc@853
|
339 inputs = strchr(name, 0);
|
adamc@853
|
340
|
adamc@853
|
341 if (value = strchr(name, '=')) {
|
adamc@853
|
342 *value++ = 0;
|
adamc@853
|
343 if (uw_set_input(ctx, name, value)) {
|
adamc@853
|
344 fprintf(stderr, "%s\n", uw_error_message(ctx));
|
adamc@853
|
345 return FAILED;
|
adamc@853
|
346 }
|
adamc@853
|
347 }
|
adamc@853
|
348 else if (uw_set_input(ctx, name, "")) {
|
adamc@853
|
349 fprintf(stderr, "%s\n", uw_error_message(ctx));
|
adamc@853
|
350 return FAILED;
|
adamc@853
|
351 }
|
adamc@853
|
352 }
|
adamc@853
|
353 }
|
adamc@853
|
354 }
|
adamc@853
|
355
|
adamc@853
|
356 printf("Serving URI %s....\n", path);
|
adamc@853
|
357
|
adamc@853
|
358 while (1) {
|
adamc@853
|
359 size_t path_len = strlen(path);
|
adamc@853
|
360
|
adamc@853
|
361 uw_write_header(ctx, "HTTP/1.1 200 OK\r\n");
|
adamc@853
|
362
|
adamc@853
|
363 if (path_len + 1 > rc->path_copy_size) {
|
adamc@853
|
364 rc->path_copy_size = path_len + 1;
|
adamc@853
|
365 rc->path_copy = realloc(rc->path_copy, rc->path_copy_size);
|
adamc@853
|
366 }
|
adamc@853
|
367 strcpy(rc->path_copy, path);
|
adamc@853
|
368 fk = uw_begin(ctx, rc->path_copy);
|
adamc@853
|
369 if (fk == SUCCESS || fk == RETURN_BLOB) {
|
adamc@853
|
370 uw_commit(ctx);
|
adamc@853
|
371 return SERVED;
|
adamc@853
|
372 } else if (fk == BOUNDED_RETRY) {
|
adamc@853
|
373 if (retries_left) {
|
adamc@853
|
374 printf("Error triggers bounded retry: %s\n", uw_error_message(ctx));
|
adamc@853
|
375 --retries_left;
|
adamc@853
|
376 }
|
adamc@853
|
377 else {
|
adamc@853
|
378 printf("Fatal error (out of retries): %s\n", uw_error_message(ctx));
|
adamc@853
|
379
|
adamc@853
|
380 try_rollback(ctx);
|
adamc@853
|
381
|
adamc@853
|
382 uw_reset_keep_error_message(ctx);
|
adamc@853
|
383 uw_write_header(ctx, "HTTP/1.1 500 Internal Server Error\n\r");
|
adamc@853
|
384 uw_write_header(ctx, "Content-type: text/plain\r\n");
|
adamc@853
|
385 uw_write(ctx, "Fatal error (out of retries): ");
|
adamc@853
|
386 uw_write(ctx, uw_error_message(ctx));
|
adamc@853
|
387 uw_write(ctx, "\n");
|
adamc@853
|
388
|
adamc@853
|
389 return FAILED;
|
adamc@853
|
390 }
|
adamc@853
|
391 } else if (fk == UNLIMITED_RETRY)
|
adamc@853
|
392 printf("Error triggers unlimited retry: %s\n", uw_error_message(ctx));
|
adamc@853
|
393 else if (fk == FATAL) {
|
adamc@853
|
394 printf("Fatal error: %s\n", uw_error_message(ctx));
|
adamc@853
|
395
|
adamc@853
|
396 try_rollback(ctx);
|
adamc@853
|
397
|
adamc@853
|
398 uw_reset_keep_error_message(ctx);
|
adamc@853
|
399 uw_write_header(ctx, "HTTP/1.1 500 Internal Server Error\r\n");
|
adamc@853
|
400 uw_write_header(ctx, "Content-type: text/html\r\n");
|
adamc@853
|
401 uw_write(ctx, "<html><head><title>Fatal Error</title></head><body>");
|
adamc@853
|
402 uw_write(ctx, "Fatal error: ");
|
adamc@853
|
403 uw_write(ctx, uw_error_message(ctx));
|
adamc@853
|
404 uw_write(ctx, "\n</body></html>");
|
adamc@853
|
405
|
adamc@853
|
406 return FAILED;
|
adamc@853
|
407 } else {
|
adamc@853
|
408 printf("Unknown uw_handle return code!\n");
|
adamc@853
|
409
|
adamc@853
|
410 try_rollback(ctx);
|
adamc@853
|
411
|
adamc@853
|
412 uw_reset_keep_request(ctx);
|
adamc@853
|
413 uw_write_header(ctx, "HTTP/1.1 500 Internal Server Error\n\r");
|
adamc@853
|
414 uw_write_header(ctx, "Content-type: text/plain\r\n");
|
adamc@853
|
415 uw_write(ctx, "Unknown uw_handle return code!\n");
|
adamc@853
|
416
|
adamc@853
|
417 return FAILED;
|
adamc@853
|
418 }
|
adamc@853
|
419
|
adamc@853
|
420 if (try_rollback(ctx))
|
adamc@853
|
421 return FAILED;
|
adamc@853
|
422
|
adamc@853
|
423 uw_reset_keep_request(ctx);
|
adamc@853
|
424 }
|
adamc@853
|
425 }
|
adamc@853
|
426
|
adamc@853
|
427 void *client_pruner(void *data) {
|
adamc@853
|
428 uw_context ctx = uw_request_new_context();
|
adamc@853
|
429
|
adamc@853
|
430 if (!ctx)
|
adamc@853
|
431 exit(1);
|
adamc@853
|
432
|
adamc@853
|
433 while (1) {
|
adamc@853
|
434 uw_prune_clients(ctx);
|
adamc@853
|
435 sleep(5);
|
adamc@853
|
436 }
|
adamc@853
|
437 }
|