| ︙ | | | ︙ | |
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
**
** Author contact information:
** drh@hwaci.com
** http://www.hwaci.com/drh/
**
*******************************************************************************
**
** This file contains C functions and procedures used by CGI programs
** (Fossil launched as CGI) to interpret CGI environment variables,
** gather the results, and send they reply back to the CGI server.
** This file also contains routines for running a simple web-server
** (the "fossil ui" or "fossil server" command) and launching subprocesses
** to handle each inbound HTTP request using CGI.
**
** This file contains routines used by Fossil when it is acting as a
** CGI client. For the code used by Fossil when it is acting as a
** CGI server (for the /ext webpage) see the "extcgi.c" source file.
*/
#include "config.h"
#ifdef _WIN32
|
|
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
>
|
>
>
>
>
>
>
>
>
>
>
>
>
>
|
>
>
>
>
|
>
|
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
**
** Author contact information:
** drh@hwaci.com
** http://www.hwaci.com/drh/
**
*******************************************************************************
**
** This file began as a set of C functions and procedures used intepret
** CGI environment variables for Fossil web pages that were invoked by
** CGI. That's where the file name comes from. But over the years it
** has grown to incorporate lots of related functionality, including:
**
** * Interpreting CGI environment variables when Fossil is run as
** CGI (the original purpose).
**
** * Interpreting HTTP requests received directly or via an SSH tunnel.
**
** * Interpreting SCGI requests
**
** * Generating appropriate replies to CGI, SCGI, and HTTP requests.
**
** * Listening for incoming HTTP requests and dispatching them.
** (Used by "fossil ui" and "fossil server", for example).
**
** So, even though the name of this file implies that it only deals with
** CGI, in fact, the code in this file is used to interpret webpage requests
** received by a variety of means, and to generate well-formatted replies
** to those requests.
**
** The code in this file abstracts the web-request so that downstream
** modules that generate the body of the reply (based on the requested page)
** do not need to know if the request is coming from CGI, direct HTTP,
** SCGI, or some other means.
**
** This module gathers information about web page request into a key/value
** store. Keys and values come from:
**
** * Query parameters
** * POST parameter
** * Cookies
** * Environment variables
**
** The parameters are accessed using cgi_parameter() and similar functions
** or their convenience macros P() and similar.
**
** Environment variable parameters are set as if the request were coming
** in over CGI even if the request arrived via SCGI or direct HTTP. Thus
** the downstream modules that are trying to interpret the request do not
** need to know the request protocol - they can just request the values
** of environment variables and everything will always work.
**
** This file contains routines used by Fossil when it is acting as a
** CGI client. For the code used by Fossil when it is acting as a
** CGI server (for the /ext webpage) see the "extcgi.c" source file.
*/
#include "config.h"
#ifdef _WIN32
|
| ︙ | | | ︙ | |
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
#define CGI_SSH_CLIENT 0x0001 /* Client is SSH */
#define CGI_SSH_COMPAT 0x0002 /* Compat for old SSH transport */
#define CGI_SSH_FOSSIL 0x0004 /* Use new Fossil SSH transport */
#endif /* INTERFACE */
/*
** The HTTP reply is generated in two pieces: the header and the body.
** These pieces are generated separately because they are not necessarily
** produced in order. Parts of the header might be built after all or
** part of the body. The header and body are accumulated in separate
** Blob structures then output sequentially once everything has been
** built.
**
** The cgi_destination() interface switches between the buffers.
*/
static Blob cgiContent[2] = { BLOB_INITIALIZER, BLOB_INITIALIZER };
static Blob *pContent = &cgiContent[0];
/*
|
|
>
>
>
>
>
>
>
>
>
>
>
|
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
#define CGI_SSH_CLIENT 0x0001 /* Client is SSH */
#define CGI_SSH_COMPAT 0x0002 /* Compat for old SSH transport */
#define CGI_SSH_FOSSIL 0x0004 /* Use new Fossil SSH transport */
#endif /* INTERFACE */
/*
** The reply content is generated in two pieces: the header and the body.
** These pieces are generated separately because they are not necessarily
** produced in order. Parts of the header might be built after all or
** part of the body. The header and body are accumulated in separate
** Blob structures then output sequentially once everything has been
** built.
**
** Do not confuse the content header with the HTTP header. The content header
** is generated by downstream code. The HTTP header is generated by the
** cgi_reply() routine below.
**
** The content header and contenty body are *approximately* the <head>
** element and the <body> elements for HTML replies. However this is only
** approximate. The content header also includes parts of <body> that
** show the banner and menu bar at the top of each page. Also note that
** not all replies are HTML, but there can still be separate header and
** body sections of the content.
**
** The cgi_destination() interface switches between the buffers.
*/
static Blob cgiContent[2] = { BLOB_INITIALIZER, BLOB_INITIALIZER };
static Blob *pContent = &cgiContent[0];
/*
|
| ︙ | | | ︙ | |
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
|
default: {
cgi_panic("bad destination");
}
}
}
/*
** Check to see if the header contains the zNeedle string. Return true
** if it does and false if it does not.
*/
int cgi_header_contains(const char *zNeedle){
return strstr(blob_str(&cgiContent[0]), zNeedle)!=0;
}
int cgi_body_contains(const char *zNeedle){
return strstr(blob_str(&cgiContent[1]), zNeedle)!=0;
}
/*
** Append reply content to what already exists.
*/
void cgi_append_content(const char *zData, int nAmt){
blob_append(pContent, zData, nAmt);
}
/*
** Reset the HTTP reply text to be an empty string.
*/
void cgi_reset_content(void){
blob_reset(&cgiContent[0]);
blob_reset(&cgiContent[1]);
}
/*
** Return a pointer to the CGI output blob.
*/
Blob *cgi_output_blob(void){
return pContent;
}
/*
** Return complete text of the output header
*/
const char *cgi_header(void){
return blob_str(&cgiContent[0]);
}
/*
** Combine the header and body of the CGI into a single string.
*/
static void cgi_combine_header_and_body(void){
int size = blob_size(&cgiContent[1]);
if( size>0 ){
blob_append(&cgiContent[0], blob_buffer(&cgiContent[1]), size);
blob_reset(&cgiContent[1]);
}
}
/*
** Return a pointer to the HTTP reply text.
*/
char *cgi_extract_content(void){
cgi_combine_header_and_body();
return blob_buffer(&cgiContent[0]);
}
/*
** Additional information used to form the HTTP reply
*/
static const char *zContentType = "text/html"; /* Content type of the reply */
static const char *zReplyStatus = "OK"; /* Reply status description */
static int iReplyStatus = 200; /* Reply status code */
static Blob extraHeader = BLOB_INITIALIZER; /* Extra header text */
static int rangeStart = 0; /* Start of Range: */
static int rangeEnd = 0; /* End of Range: plus 1 */
/*
** Set the reply content type
*/
void cgi_set_content_type(const char *zType){
zContentType = fossil_strdup(zType);
}
/*
** Set the reply content to the specified BLOB.
*/
void cgi_set_content(Blob *pNewContent){
cgi_reset_content();
cgi_destination(CGI_HEADER);
cgiContent[0] = *pNewContent;
blob_zero(pNewContent);
}
/*
** Set the reply status code
*/
void cgi_set_status(int iStat, const char *zStat){
zReplyStatus = fossil_strdup(zStat);
iReplyStatus = iStat;
}
/*
** Append text to the header of an HTTP reply
*/
void cgi_append_header(const char *zLine){
blob_append(&extraHeader, zLine, -1);
}
void cgi_printf_header(const char *zLine, ...){
va_list ap;
va_start(ap, zLine);
|
|
|
|
|
|
|
|
>
>
|
|
>
>
>
>
>
>
>
|
|
|
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
|
default: {
cgi_panic("bad destination");
}
}
}
/*
** Check to see if the content header or body contains the zNeedle string.
** Return true if it does and false if it does not.
*/
int cgi_header_contains(const char *zNeedle){
return strstr(blob_str(&cgiContent[0]), zNeedle)!=0;
}
int cgi_body_contains(const char *zNeedle){
return strstr(blob_str(&cgiContent[1]), zNeedle)!=0;
}
/*
** Append new reply content to what already exists.
*/
void cgi_append_content(const char *zData, int nAmt){
blob_append(pContent, zData, nAmt);
}
/*
** Reset both reply content buffers to be empty.
*/
void cgi_reset_content(void){
blob_reset(&cgiContent[0]);
blob_reset(&cgiContent[1]);
}
/*
** Return a pointer to Blob that is currently accumulating reply content.
*/
Blob *cgi_output_blob(void){
return pContent;
}
/*
** Return the content header as a text string
*/
const char *cgi_header(void){
return blob_str(&cgiContent[0]);
}
/*
** Combine the header and body content all into the header buffer.
** In other words, append the body content to the end of the header
** content.
*/
static void cgi_combine_header_and_body(void){
int size = blob_size(&cgiContent[1]);
if( size>0 ){
blob_append(&cgiContent[0], blob_buffer(&cgiContent[1]), size);
blob_reset(&cgiContent[1]);
}
}
/*
** Return a pointer to the combined header+body content.
*/
char *cgi_extract_content(void){
cgi_combine_header_and_body();
return blob_buffer(&cgiContent[0]);
}
/*
** Additional information used to form the HTTP reply
*/
static const char *zContentType = "text/html"; /* Content type of the reply */
static const char *zReplyStatus = "OK"; /* Reply status description */
static int iReplyStatus = 200; /* Reply status code */
static Blob extraHeader = BLOB_INITIALIZER; /* Extra header text */
static int rangeStart = 0; /* Start of Range: */
static int rangeEnd = 0; /* End of Range: plus 1 */
/*
** Set the reply content type.
**
** The reply content type defaults to "text/html". It only needs to be
** changed (by calling this routine) in the exceptional case where some
** other content type is being returned.
*/
void cgi_set_content_type(const char *zType){
zContentType = fossil_strdup(zType);
}
/*
** Erase any existing reply content. Replace is with a pNewContent.
**
** This routine erases pNewContent. In other words, it move pNewContent
** into the content buffer.
*/
void cgi_set_content(Blob *pNewContent){
cgi_reset_content();
cgi_destination(CGI_HEADER);
cgiContent[0] = *pNewContent;
blob_zero(pNewContent);
}
/*
** Set the reply status code
*/
void cgi_set_status(int iStat, const char *zStat){
zReplyStatus = fossil_strdup(zStat);
iReplyStatus = iStat;
}
/*
** Append text to the content header buffer.
*/
void cgi_append_header(const char *zLine){
blob_append(&extraHeader, zLine, -1);
}
void cgi_printf_header(const char *zLine, ...){
va_list ap;
va_start(ap, zLine);
|
| ︙ | | | ︙ | |
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
|
if( strstr(PD("HTTP_ACCEPT_ENCODING", ""), "gzip")==0 ) return 0;
return strncmp(zContentType, "text/", 5)==0
|| sqlite3_strglob("application/*xml", zContentType)==0
|| sqlite3_strglob("application/*javascript", zContentType)==0;
}
/*
** Do a normal HTTP reply
*/
void cgi_reply(void){
Blob hdr = BLOB_INITIALIZER;
int total_size;
if( iReplyStatus<=0 ){
iReplyStatus = 200;
zReplyStatus = "OK";
|
>
|
>
>
>
>
|
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
|
if( strstr(PD("HTTP_ACCEPT_ENCODING", ""), "gzip")==0 ) return 0;
return strncmp(zContentType, "text/", 5)==0
|| sqlite3_strglob("application/*xml", zContentType)==0
|| sqlite3_strglob("application/*javascript", zContentType)==0;
}
/*
** Generate the reply to a web request. The output might be an
** full HTTP response, or a CGI response, depending on how things have
** be set up.
**
** The reply consists of a response header (an HTTP or CGI response header)
** followed by the concatenation of the content header and content body.
*/
void cgi_reply(void){
Blob hdr = BLOB_INITIALIZER;
int total_size;
if( iReplyStatus<=0 ){
iReplyStatus = 200;
zReplyStatus = "OK";
|
| ︙ | | | ︙ | |
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
|
g.cgiOutput = 2;
if( g.db!=0 && iReplyStatus==200 ){
backoffice_check_if_needed();
}
}
/*
** Do a redirect request to the URL given in the argument.
**
** The URL must be relative to the base of the fossil server.
*/
NORETURN void cgi_redirect_with_status(
const char *zURL,
int iStat,
const char *zStat
|
>
|
|
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
|
g.cgiOutput = 2;
if( g.db!=0 && iReplyStatus==200 ){
backoffice_check_if_needed();
}
}
/*
** Generate an HTTP or CGI redirect response that causes a redirect
** to the URL given in the argument.
**
** The URL must be relative to the base of the fossil server.
*/
NORETURN void cgi_redirect_with_status(
const char *zURL,
int iStat,
const char *zStat
|
| ︙ | | | ︙ | |
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
|
}
cgi_append_header(z);
fossil_free(z);
}
/*
** Return the URL for the caller. This is obtained from either the
** referer CGI parameter, if it exists, or the HTTP_REFERER HTTP parameter.
** If neither exist, return zDefault.
*/
const char *cgi_referer(const char *zDefault){
const char *zRef = P("referer");
if( zRef==0 ){
zRef = P("HTTP_REFERER");
if( zRef==0 ) zRef = zDefault;
|
|
|
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
|
}
cgi_append_header(z);
fossil_free(z);
}
/*
** Return the URL for the caller. This is obtained from either the
** "referer" CGI parameter, if it exists, or the HTTP_REFERER HTTP parameter.
** If neither exist, return zDefault.
*/
const char *cgi_referer(const char *zDefault){
const char *zRef = P("referer");
if( zRef==0 ){
zRef = P("HTTP_REFERER");
if( zRef==0 ) zRef = zDefault;
|
| ︙ | | | ︙ | |
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
|
nBase = (int)strlen(g.zBaseURL);
if( strncmp(g.zBaseURL,zRef,nBase)!=0 ) return 0;
if( zRef[nBase]!=0 && zRef[nBase]!='/' ) return 0;
return 1;
}
/*
** Information about all query parameters and cookies are stored
** in these variables.
*/
static int nAllocQP = 0; /* Space allocated for aParamQP[] */
static int nUsedQP = 0; /* Space actually used in aParamQP[] */
static int sortQP = 0; /* True if aParamQP[] needs sorting */
static int seqQP = 0; /* Sequence numbers */
static struct QParam { /* One entry for each query parameter or cookie */
const char *zName; /* Parameter or cookie name */
|
|
|
|
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
|
nBase = (int)strlen(g.zBaseURL);
if( strncmp(g.zBaseURL,zRef,nBase)!=0 ) return 0;
if( zRef[nBase]!=0 && zRef[nBase]!='/' ) return 0;
return 1;
}
/*
** Information about all query parameters, post parameter, cookies and
** CGI environment variables are stored in a hash table as follows:
*/
static int nAllocQP = 0; /* Space allocated for aParamQP[] */
static int nUsedQP = 0; /* Space actually used in aParamQP[] */
static int sortQP = 0; /* True if aParamQP[] needs sorting */
static int seqQP = 0; /* Sequence numbers */
static struct QParam { /* One entry for each query parameter or cookie */
const char *zName; /* Parameter or cookie name */
|
| ︙ | | | ︙ | |
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
|
}
return;
}
}
}
/*
** Add a query parameter. The zName portion is fixed but a copy
** must be made of zValue.
*/
void cgi_setenv(const char *zName, const char *zValue){
cgi_set_parameter_nocopy(zName, fossil_strdup(zValue), 0);
}
/*
** Add a list of query parameters or cookies to the parameter set.
|
|
|
|
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
|
}
return;
}
}
}
/*
** Add an environment varaible value to the parameter set. The zName
** portion is fixed but a copy is be made of zValue.
*/
void cgi_setenv(const char *zName, const char *zValue){
cgi_set_parameter_nocopy(zName, fossil_strdup(zValue), 0);
}
/*
** Add a list of query parameters or cookies to the parameter set.
|
| ︙ | | | ︙ | |