2 * uhttpd - Tiny single-threaded httpd - Utility functions
4 * Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
19 #define _XOPEN_SOURCE 500 /* crypt() */
20 #define _BSD_SOURCE /* strcasecmp(), strncasecmp() */
23 #include "uhttpd-utils.h"
26 #include "uhttpd-tls.h"
30 static char *uh_index_files
[] = {
38 const char * sa_straddr(void *sa
)
40 static char str
[INET6_ADDRSTRLEN
];
41 struct sockaddr_in
*v4
= (struct sockaddr_in
*)sa
;
42 struct sockaddr_in6
*v6
= (struct sockaddr_in6
*)sa
;
44 if( v4
->sin_family
== AF_INET
)
45 return inet_ntop(AF_INET
, &(v4
->sin_addr
), str
, sizeof(str
));
47 return inet_ntop(AF_INET6
, &(v6
->sin6_addr
), str
, sizeof(str
));
50 const char * sa_strport(void *sa
)
53 snprintf(str
, sizeof(str
), "%i", sa_port(sa
));
59 return ntohs(((struct sockaddr_in6
*)sa
)->sin6_port
);
62 int sa_rfc1918(void *sa
)
64 struct sockaddr_in
*v4
= (struct sockaddr_in
*)sa
;
65 unsigned long a
= htonl(v4
->sin_addr
.s_addr
);
67 if( v4
->sin_family
== AF_INET
)
69 return ((a
>= 0x0A000000) && (a
<= 0x0AFFFFFF)) ||
70 ((a
>= 0xAC100000) && (a
<= 0xAC1FFFFF)) ||
71 ((a
>= 0xC0A80000) && (a
<= 0xC0A8FFFF));
77 /* Simple strstr() like function that takes len arguments for both haystack and needle. */
78 char *strfind(char *haystack
, int hslen
, const char *needle
, int ndlen
)
83 for( i
= 0; i
< hslen
; i
++ )
85 if( haystack
[i
] == needle
[0] )
87 match
= ((ndlen
== 1) || ((i
+ ndlen
) <= hslen
));
89 for( j
= 1; (j
< ndlen
) && ((i
+ j
) < hslen
); j
++ )
91 if( haystack
[i
+j
] != needle
[j
] )
106 /* interruptable select() */
107 int select_intr(int n
, fd_set
*r
, fd_set
*w
, fd_set
*e
, struct timeval
*t
)
112 /* unblock SIGCHLD */
114 sigaddset(&ssn
, SIGCHLD
);
115 sigaddset(&ssn
, SIGPIPE
);
116 sigprocmask(SIG_UNBLOCK
, &ssn
, &sso
);
118 rv
= select(n
, r
, w
, e
, t
);
120 /* restore signal mask */
121 sigprocmask(SIG_SETMASK
, &sso
, NULL
);
127 int uh_tcp_send_lowlevel(struct client
*cl
, const char *buf
, int len
)
130 struct timeval timeout
;
133 FD_SET(cl
->socket
, &writer
);
135 timeout
.tv_sec
= cl
->server
->conf
->network_timeout
;
138 if (select(cl
->socket
+ 1, NULL
, &writer
, NULL
, &timeout
) > 0)
139 return send(cl
->socket
, buf
, len
, 0);
144 int uh_tcp_send(struct client
*cl
, const char *buf
, int len
)
148 return cl
->server
->conf
->tls_send(cl
, (void *)buf
, len
);
151 return uh_tcp_send_lowlevel(cl
, buf
, len
);
154 int uh_tcp_peek(struct client
*cl
, char *buf
, int len
)
156 /* sanity check, prevent overflowing peek buffer */
157 if (len
> sizeof(cl
->peekbuf
))
160 int sz
= uh_tcp_recv(cl
, buf
, len
);
162 /* store received data in peek buffer */
166 memcpy(cl
->peekbuf
, buf
, sz
);
172 int uh_tcp_recv_lowlevel(struct client
*cl
, char *buf
, int len
)
175 struct timeval timeout
;
178 FD_SET(cl
->socket
, &reader
);
180 timeout
.tv_sec
= cl
->server
->conf
->network_timeout
;
183 if (select(cl
->socket
+ 1, &reader
, NULL
, NULL
, &timeout
) > 0)
184 return recv(cl
->socket
, buf
, len
, 0);
189 int uh_tcp_recv(struct client
*cl
, char *buf
, int len
)
194 /* first serve data from peek buffer */
197 sz
= min(cl
->peeklen
, len
);
198 len
-= sz
; cl
->peeklen
-= sz
;
199 memcpy(buf
, cl
->peekbuf
, sz
);
200 memmove(cl
->peekbuf
, &cl
->peekbuf
[sz
], cl
->peeklen
);
203 /* caller wants more */
208 rsz
= cl
->server
->conf
->tls_recv(cl
, (void *)&buf
[sz
], len
);
211 rsz
= uh_tcp_recv_lowlevel(cl
, (void *)&buf
[sz
], len
);
223 int uh_http_sendhf(struct client
*cl
, int code
, const char *summary
, const char *fmt
, ...)
227 char buffer
[UH_LIMIT_MSGHEAD
];
230 len
= snprintf(buffer
, sizeof(buffer
),
231 "HTTP/1.1 %03i %s\r\n"
232 "Connection: close\r\n"
233 "Content-Type: text/plain\r\n"
234 "Transfer-Encoding: chunked\r\n\r\n",
238 ensure_ret(uh_tcp_send(cl
, buffer
, len
));
241 len
= vsnprintf(buffer
, sizeof(buffer
), fmt
, ap
);
244 ensure_ret(uh_http_sendc(cl
, buffer
, len
));
245 ensure_ret(uh_http_sendc(cl
, NULL
, 0));
251 int uh_http_sendc(struct client
*cl
, const char *data
, int len
)
261 clen
= snprintf(chunk
, sizeof(chunk
), "%X\r\n", len
);
262 ensure_ret(uh_tcp_send(cl
, chunk
, clen
));
263 ensure_ret(uh_tcp_send(cl
, data
, len
));
264 ensure_ret(uh_tcp_send(cl
, "\r\n", 2));
268 ensure_ret(uh_tcp_send(cl
, "0\r\n\r\n", 5));
275 struct client
*cl
, struct http_request
*req
, const char *fmt
, ...
278 char buffer
[UH_LIMIT_MSGHEAD
];
282 len
= vsnprintf(buffer
, sizeof(buffer
), fmt
, ap
);
285 if( (req
!= NULL
) && (req
->version
> 1.0) )
286 ensure_ret(uh_http_sendc(cl
, buffer
, len
));
288 ensure_ret(uh_tcp_send(cl
, buffer
, len
));
294 struct client
*cl
, struct http_request
*req
, const char *buf
, int len
299 if( (req
!= NULL
) && (req
->version
> 1.0) )
300 ensure_ret(uh_http_sendc(cl
, buf
, len
));
302 ensure_ret(uh_tcp_send(cl
, buf
, len
));
308 /* blen is the size of buf; slen is the length of src. The input-string need
309 ** not be, and the output string will not be, null-terminated. Returns the
310 ** length of the decoded string, -1 on buffer overflow, -2 on malformed string. */
311 int uh_urldecode(char *buf
, int blen
, const char *src
, int slen
)
317 (((x) <= '9') ? ((x) - '0') : \
318 (((x) <= 'F') ? ((x) - 'A' + 10) : \
321 for( i
= 0; (i
< slen
) && (len
< blen
); i
++ )
325 if( ((i
+2) < slen
) && isxdigit(src
[i
+1]) && isxdigit(src
[i
+2]) )
327 buf
[len
++] = (char)(16 * hex(src
[i
+1]) + hex(src
[i
+2]));
332 /* Encoding error: it's hard to think of a
333 ** scenario in which returning an incorrect
334 ** 'decoding' of the malformed string is
335 ** preferable to signaling an error condition. */
336 #if 0 /* WORSE_IS_BETTER */
349 return (i
== slen
) ? len
: -1;
352 /* blen is the size of buf; slen is the length of src. The input-string need
353 ** not be, and the output string will not be, null-terminated. Returns the
354 ** length of the encoded string, or -1 on error (buffer overflow) */
355 int uh_urlencode(char *buf
, int blen
, const char *src
, int slen
)
359 const char hex
[] = "0123456789abcdef";
361 for( i
= 0; (i
< slen
) && (len
< blen
); i
++ )
363 if( isalnum(src
[i
]) || (src
[i
] == '-') || (src
[i
] == '_') ||
364 (src
[i
] == '.') || (src
[i
] == '~') )
368 else if( (len
+3) <= blen
)
371 buf
[len
++] = hex
[(src
[i
] >> 4) & 15];
372 buf
[len
++] = hex
[ src
[i
] & 15];
381 return (i
== slen
) ? len
: -1;
384 int uh_b64decode(char *buf
, int blen
, const unsigned char *src
, int slen
)
389 unsigned int cin
= 0;
390 unsigned int cout
= 0;
393 for( i
= 0; (i
<= slen
) && (src
[i
] != 0); i
++ )
397 if( (cin
>= '0') && (cin
<= '9') )
398 cin
= cin
- '0' + 52;
399 else if( (cin
>= 'A') && (cin
<= 'Z') )
401 else if( (cin
>= 'a') && (cin
<= 'z') )
402 cin
= cin
- 'a' + 26;
403 else if( cin
== '+' )
405 else if( cin
== '/' )
407 else if( cin
== '=' )
412 cout
= (cout
<< 6) | cin
;
416 if( (len
+ 3) < blen
)
418 buf
[len
++] = (char)(cout
>> 16);
419 buf
[len
++] = (char)(cout
>> 8);
420 buf
[len
++] = (char)(cout
);
433 static char * canonpath(const char *path
, char *path_resolved
)
435 char path_copy
[PATH_MAX
];
436 char *path_cpy
= path_copy
;
437 char *path_res
= path_resolved
;
442 /* relative -> absolute */
445 getcwd(path_copy
, PATH_MAX
);
446 strncat(path_copy
, "/", PATH_MAX
- strlen(path_copy
));
447 strncat(path_copy
, path
, PATH_MAX
- strlen(path_copy
));
451 strncpy(path_copy
, path
, PATH_MAX
);
455 while( (*path_cpy
!= '\0') && (path_cpy
< (path_copy
+ PATH_MAX
- 2)) )
457 if( *path_cpy
== '/' )
459 /* skip repeating / */
460 if( path_cpy
[1] == '/' )
467 else if( path_cpy
[1] == '.' )
470 if( (path_cpy
[2] == '/') || (path_cpy
[2] == '\0') )
476 /* collapse /x/../ */
477 else if( (path_cpy
[2] == '.') &&
478 ((path_cpy
[3] == '/') || (path_cpy
[3] == '\0'))
480 while( (path_res
> path_resolved
) && (*--path_res
!= '/') )
489 *path_res
++ = *path_cpy
++;
492 /* remove trailing slash if not root / */
493 if( (path_res
> (path_resolved
+1)) && (path_res
[-1] == '/') )
495 else if( path_res
== path_resolved
)
501 if( !stat(path_resolved
, &s
) && (s
.st_mode
& S_IROTH
) )
502 return path_resolved
;
507 /* Returns NULL on error.
508 ** NB: improperly encoded URL should give client 400 [Bad Syntax]; returning
509 ** NULL here causes 404 [Not Found], but that's not too unreasonable. */
510 struct path_info
* uh_path_lookup(struct client
*cl
, const char *url
)
512 static char path_phys
[PATH_MAX
];
513 static char path_info
[PATH_MAX
];
514 static struct path_info p
;
516 char buffer
[UH_LIMIT_MSGHEAD
];
517 char *docroot
= cl
->server
->conf
->docroot
;
518 char *pathptr
= NULL
;
521 int no_sym
= cl
->server
->conf
->no_symlinks
;
525 /* back out early if url is undefined */
529 memset(path_phys
, 0, sizeof(path_phys
));
530 memset(path_info
, 0, sizeof(path_info
));
531 memset(buffer
, 0, sizeof(buffer
));
532 memset(&p
, 0, sizeof(p
));
535 memcpy(buffer
, docroot
,
536 min(strlen(docroot
), sizeof(buffer
) - 1));
538 /* separate query string from url */
539 if( (pathptr
= strchr(url
, '?')) != NULL
)
541 p
.query
= pathptr
[1] ? pathptr
+ 1 : NULL
;
543 /* urldecode component w/o query */
546 &buffer
[strlen(docroot
)],
547 sizeof(buffer
) - strlen(docroot
) - 1,
548 url
, pathptr
- url
) < 0 )
549 return NULL
; /* bad URL */
552 /* no query string, decode all of url */
556 &buffer
[strlen(docroot
)],
557 sizeof(buffer
) - strlen(docroot
) - 1,
558 url
, strlen(url
) ) < 0 )
559 return NULL
; /* bad URL */
562 /* create canon path */
563 for( i
= strlen(buffer
), slash
= (buffer
[max(0, i
-1)] == '/'); i
>= 0; i
-- )
565 if( (buffer
[i
] == 0) || (buffer
[i
] == '/') )
567 memset(path_info
, 0, sizeof(path_info
));
568 memcpy(path_info
, buffer
, min(i
+ 1, sizeof(path_info
) - 1));
570 if( no_sym
? realpath(path_info
, path_phys
)
571 : canonpath(path_info
, path_phys
)
573 memset(path_info
, 0, sizeof(path_info
));
574 memcpy(path_info
, &buffer
[i
],
575 min(strlen(buffer
) - i
, sizeof(path_info
) - 1));
582 /* check whether found path is within docroot */
583 if( strncmp(path_phys
, docroot
, strlen(docroot
)) ||
584 ((path_phys
[strlen(docroot
)] != 0) &&
585 (path_phys
[strlen(docroot
)] != '/'))
590 /* test current path */
591 if( ! stat(path_phys
, &p
.stat
) )
593 /* is a regular file */
594 if( p
.stat
.st_mode
& S_IFREG
)
598 p
.name
= &path_phys
[strlen(docroot
)];
599 p
.info
= path_info
[0] ? path_info
: NULL
;
603 else if( (p
.stat
.st_mode
& S_IFDIR
) && !strlen(path_info
) )
605 /* ensure trailing slash */
606 if( path_phys
[strlen(path_phys
)-1] != '/' )
607 path_phys
[strlen(path_phys
)] = '/';
609 /* try to locate index file */
610 memset(buffer
, 0, sizeof(buffer
));
611 memcpy(buffer
, path_phys
, sizeof(buffer
));
612 pathptr
= &buffer
[strlen(buffer
)];
614 /* if requested url resolves to a directory and a trailing slash
615 is missing in the request url, redirect the client to the same
616 url with trailing slash appended */
619 uh_http_sendf(cl
, NULL
,
620 "HTTP/1.1 302 Found\r\n"
621 "Location: %s%s%s\r\n"
622 "Connection: close\r\n\r\n",
623 &path_phys
[strlen(docroot
)],
625 p
.query
? p
.query
: ""
630 else if( cl
->server
->conf
->index_file
)
632 strncat(buffer
, cl
->server
->conf
->index_file
, sizeof(buffer
));
634 if( !stat(buffer
, &s
) && (s
.st_mode
& S_IFREG
) )
636 memcpy(path_phys
, buffer
, sizeof(path_phys
));
637 memcpy(&p
.stat
, &s
, sizeof(p
.stat
));
642 for( i
= 0; i
< array_size(uh_index_files
); i
++ )
644 strncat(buffer
, uh_index_files
[i
], sizeof(buffer
));
646 if( !stat(buffer
, &s
) && (s
.st_mode
& S_IFREG
) )
648 memcpy(path_phys
, buffer
, sizeof(path_phys
));
649 memcpy(&p
.stat
, &s
, sizeof(p
.stat
));
659 p
.name
= &path_phys
[strlen(docroot
)];
663 return p
.phys
? &p
: NULL
;
667 static struct auth_realm
*uh_realms
= NULL
;
669 struct auth_realm
* uh_auth_add(char *path
, char *user
, char *pass
)
671 struct auth_realm
*new = NULL
;
678 if((new = (struct auth_realm
*)malloc(sizeof(struct auth_realm
))) != NULL
)
680 memset(new, 0, sizeof(struct auth_realm
));
682 memcpy(new->path
, path
,
683 min(strlen(path
), sizeof(new->path
) - 1));
685 memcpy(new->user
, user
,
686 min(strlen(user
), sizeof(new->user
) - 1));
688 /* given password refers to a passwd entry */
689 if( (strlen(pass
) > 3) && !strncmp(pass
, "$p$", 3) )
692 /* try to resolve shadow entry */
693 if( ((spwd
= getspnam(&pass
[3])) != NULL
) && spwd
->sp_pwdp
)
695 memcpy(new->pass
, spwd
->sp_pwdp
,
696 min(strlen(spwd
->sp_pwdp
), sizeof(new->pass
) - 1));
702 /* try to resolve passwd entry */
703 if( ((pwd
= getpwnam(&pass
[3])) != NULL
) && pwd
->pw_passwd
&&
704 (pwd
->pw_passwd
[0] != '!') && (pwd
->pw_passwd
[0] != 0)
706 memcpy(new->pass
, pwd
->pw_passwd
,
707 min(strlen(pwd
->pw_passwd
), sizeof(new->pass
) - 1));
714 memcpy(new->pass
, pass
,
715 min(strlen(pass
), sizeof(new->pass
) - 1));
720 new->next
= uh_realms
;
733 struct client
*cl
, struct http_request
*req
, struct path_info
*pi
735 int i
, plen
, rlen
, protected;
736 char buffer
[UH_LIMIT_MSGHEAD
];
740 struct auth_realm
*realm
= NULL
;
742 plen
= strlen(pi
->name
);
745 /* check whether at least one realm covers the requested url */
746 for( realm
= uh_realms
; realm
; realm
= realm
->next
)
748 rlen
= strlen(realm
->path
);
750 if( (plen
>= rlen
) && !strncasecmp(pi
->name
, realm
->path
, rlen
) )
758 /* requested resource is covered by a realm */
761 /* try to get client auth info */
762 foreach_header(i
, req
->headers
)
764 if( !strcasecmp(req
->headers
[i
], "Authorization") &&
765 (strlen(req
->headers
[i
+1]) > 6) &&
766 !strncasecmp(req
->headers
[i
+1], "Basic ", 6)
768 memset(buffer
, 0, sizeof(buffer
));
769 uh_b64decode(buffer
, sizeof(buffer
) - 1,
770 (unsigned char *) &req
->headers
[i
+1][6],
771 strlen(req
->headers
[i
+1]) - 6);
773 if( (pass
= strchr(buffer
, ':')) != NULL
)
783 /* have client auth */
786 /* find matching realm */
787 for( realm
= uh_realms
; realm
; realm
= realm
->next
)
789 rlen
= strlen(realm
->path
);
791 if( (plen
>= rlen
) &&
792 !strncasecmp(pi
->name
, realm
->path
, rlen
) &&
793 !strcmp(user
, realm
->user
)
800 /* found a realm matching the username */
803 /* check user pass */
804 if (!strcmp(pass
, realm
->pass
) ||
805 !strcmp(crypt(pass
, realm
->pass
), realm
->pass
))
811 uh_http_sendf(cl
, NULL
,
812 "HTTP/%.1f 401 Authorization Required\r\n"
813 "WWW-Authenticate: Basic realm=\"%s\"\r\n"
814 "Content-Type: text/plain\r\n"
815 "Content-Length: 23\r\n\r\n"
816 "Authorization Required\n",
817 req
->version
, cl
->server
->conf
->realm
827 static struct listener
*uh_listeners
= NULL
;
828 static struct client
*uh_clients
= NULL
;
830 struct listener
* uh_listener_add(int sock
, struct config
*conf
)
832 struct listener
*new = NULL
;
835 if( (new = (struct listener
*)malloc(sizeof(struct listener
))) != NULL
)
837 memset(new, 0, sizeof(struct listener
));
842 /* get local endpoint addr */
843 sl
= sizeof(struct sockaddr_in6
);
844 memset(&(new->addr
), 0, sl
);
845 getsockname(sock
, (struct sockaddr
*) &(new->addr
), &sl
);
847 new->next
= uh_listeners
;
856 struct listener
* uh_listener_lookup(int sock
)
858 struct listener
*cur
= NULL
;
860 for( cur
= uh_listeners
; cur
; cur
= cur
->next
)
861 if( cur
->socket
== sock
)
868 struct client
* uh_client_add(int sock
, struct listener
*serv
)
870 struct client
*new = NULL
;
873 if( (new = (struct client
*)malloc(sizeof(struct client
))) != NULL
)
875 memset(new, 0, sizeof(struct client
));
880 /* get remote endpoint addr */
881 sl
= sizeof(struct sockaddr_in6
);
882 memset(&(new->peeraddr
), 0, sl
);
883 getpeername(sock
, (struct sockaddr
*) &(new->peeraddr
), &sl
);
885 /* get local endpoint addr */
886 sl
= sizeof(struct sockaddr_in6
);
887 memset(&(new->servaddr
), 0, sl
);
888 getsockname(sock
, (struct sockaddr
*) &(new->servaddr
), &sl
);
890 new->next
= uh_clients
;
897 struct client
* uh_client_lookup(int sock
)
899 struct client
*cur
= NULL
;
901 for( cur
= uh_clients
; cur
; cur
= cur
->next
)
902 if( cur
->socket
== sock
)
908 void uh_client_remove(int sock
)
910 struct client
*cur
= NULL
;
911 struct client
*prv
= NULL
;
913 for( cur
= uh_clients
; cur
; prv
= cur
, cur
= cur
->next
)
915 if( cur
->socket
== sock
)
918 prv
->next
= cur
->next
;
920 uh_clients
= cur
->next
;
930 static struct interpreter
*uh_interpreters
= NULL
;
932 struct interpreter
* uh_interpreter_add(const char *extn
, const char *path
)
934 struct interpreter
*new = NULL
;
936 if( (new = (struct interpreter
*)
937 malloc(sizeof(struct interpreter
))) != NULL
)
939 memset(new, 0, sizeof(struct interpreter
));
941 memcpy(new->extn
, extn
, min(strlen(extn
), sizeof(new->extn
)-1));
942 memcpy(new->path
, path
, min(strlen(path
), sizeof(new->path
)-1));
944 new->next
= uh_interpreters
;
945 uh_interpreters
= new;
953 struct interpreter
* uh_interpreter_lookup(const char *path
)
955 struct interpreter
*cur
= NULL
;
958 for( cur
= uh_interpreters
; cur
; cur
= cur
->next
)
960 e
= &path
[max(strlen(path
) - strlen(cur
->extn
), 0)];
962 if( !strcmp(e
, cur
->extn
) )