source: trunk/oscam-http-helpers.c@ 4331

Last change on this file since 4331 was 4331, checked in by Admin, 10 years ago

Some more cleanups

File size: 15.1 KB
Line 
1//FIXME Not checked on threadsafety yet; after checking please remove this line
2#include "globals.h"
3#ifdef WEBIF
4#include "oscam-http.h"
5
6/* Adds a name->value-mapping or appends to it. You will get a reference back which you may freely
7 use (but you should not call free/realloc on this!)*/
8char *tpl_addVar(struct templatevars *vars, int append, char *name, char *value){
9 int i;
10 char *tmp,*result = NULL;
11 for(i = (*vars).varscnt-1; i >= 0; --i){
12 if(strcmp((*vars).names[i], name) == 0){
13 result = (*vars).values[i];
14 break;
15 }
16 }
17 if(result == NULL){
18 if((*vars).varsalloc <= (*vars).varscnt){
19 (*vars).varsalloc = (*vars).varscnt * 2;
20 (*vars).names = (char**) realloc ((*vars).names, (*vars).varsalloc * sizeof(char**));
21 (*vars).values = (char**) realloc ((*vars).values, (*vars).varsalloc * sizeof(char**));
22 }
23 tmp = (char *) malloc((strlen(name) + 1) * sizeof(char));
24 strcpy(tmp, name);
25 (*vars).names[(*vars).varscnt] = tmp;
26 tmp = (char *) malloc((strlen(value) + 1) * sizeof(char));
27 strcpy(tmp, value);
28 (*vars).values[(*vars).varscnt] = tmp;
29 (*vars).varscnt = (*vars).varscnt + 1;
30 } else {
31 int newlen = strlen(value);
32 if(append == 1){
33 int oldlen = strlen((*vars).values[i]);
34 tmp = (char*) malloc ((oldlen + newlen + 1) * sizeof(char));
35 memcpy(tmp, (*vars).values[i], oldlen);
36 strcpy(tmp + oldlen, value);
37 } else {
38 tmp = (char*) malloc ((newlen + 1) * sizeof(char));
39 strcpy(tmp, value);
40 }
41 free((*vars).values[i]);
42 (*vars).values[i] = tmp;
43 }
44 return tmp;
45}
46
47/* Allows to add a char array which has been allocated by malloc. It will automatically get
48 freed when calling tpl_clear(). Please do NOT free the memory yourself or realloc
49 it after having added the array here! */
50char *tpl_addTmp(struct templatevars *vars, char *value){
51 if((*vars).tmpalloc <= (*vars).tmpcnt){
52 (*vars).tmpalloc = (*vars).tmpcnt * 2;
53 (*vars).tmp = (char**) realloc ((*vars).tmp, (*vars).tmpalloc * sizeof(char**));
54 }
55 (*vars).tmp[(*vars).tmpcnt] = value;
56 (*vars).tmpcnt = (*vars).tmpcnt + 1;
57 return value;
58}
59
60/* Allows to do a dynamic printf without knowing and defining the needed memory size. If you specify
61 varname, the printf-result will be added/appended to the varlist. You will always get a reference
62 back which you may freely use (but you should not call free/realloc on this!)*/
63char *tpl_printf(struct templatevars *vars, int append, char *varname, char *fmtstring, ...){
64 unsigned int needed;
65 char test[1];
66 va_list argptr;
67
68 va_start(argptr,fmtstring);
69 needed = vsnprintf(test, 1, fmtstring, argptr);
70 va_end(argptr);
71
72 char *result = (char *) malloc((needed + 1) * sizeof(char));
73 va_start(argptr,fmtstring);
74 vsnprintf(result, needed + 1, fmtstring, argptr);
75 va_end(argptr);
76
77 if(varname == NULL) tpl_addTmp(vars, result);
78 else {
79 char *tmp = tpl_addVar(vars, append, varname, result);
80 free(result);
81 result = tmp;
82 }
83 return result;
84}
85
86/* Returns the value for a name or an empty string if nothing was found. */
87char *tpl_getVar(struct templatevars *vars, char *name){
88 int i;
89 char *result = NULL;
90 for(i = (*vars).varscnt-1; i >= 0; --i){
91 if(strcmp((*vars).names[i], name) == 0){
92 result = (*vars).values[i];
93 break;
94 }
95 }
96 if(result == NULL) return "";
97 else return result;
98}
99
100/* Initializes all variables vor a templatevar-structure and returns a pointer to it. Make
101 sure to call tpl_clear() when you are finished or you'll run into a memory leak! */
102struct templatevars *tpl_create(){
103 struct templatevars *vars = (struct templatevars *) malloc(sizeof(struct templatevars));
104 (*vars).varsalloc = 16;
105 (*vars).varscnt = 0;
106 (*vars).tmpalloc = 16;
107 (*vars).tmpcnt = 0;
108 (*vars).names = (char**) malloc ((*vars).varsalloc * sizeof(char**));
109 (*vars).values = (char**) malloc ((*vars).varsalloc * sizeof(char**));
110 (*vars).tmp = (char**) malloc ((*vars).tmpalloc * sizeof(char**));
111 return vars;
112}
113
114/* Clears all allocated memory for the specified templatevar-structure. */
115void tpl_clear(struct templatevars *vars){
116 int i;
117 for(i = (*vars).varscnt-1; i >= 0; --i){
118 free((*vars).names[i]);
119 free((*vars).values[i]);
120 }
121 free((*vars).names);
122 free((*vars).values);
123 for(i = (*vars).tmpcnt-1; i >= 0; --i){
124 free((*vars).tmp[i]);
125 }
126 free((*vars).tmp);
127 free(vars);
128}
129
130/* Creates a path to a template file. You need to set the resultsize to the correct size of result. */
131char *tpl_getTplPath(const char *name, const char *path, char *result, unsigned int resultsize){
132 char *pch;
133 if((strlen(path) + strlen(name) + 6) <= resultsize){
134 strcpy(result, path);
135 strcat(result, name);
136 strcat(result, ".tpl");
137 result[resultsize - 1] = '\0';
138 for(pch = result + strlen(path); pch[0] != '\0'; ++pch){
139 if(pch[0] == '/' || pch[0] == '\\') pch[0] = ' ';
140 }
141 } else result[0] = '\0';
142 return result;
143}
144
145/* Returns an unparsed template either from disk or from internal templates.
146 Note: You must free() the result after using it!*/
147char *tpl_getUnparsedTpl(const char* name){
148 int i;
149 int tplcnt = sizeof(tpl)/sizeof(char *);
150 int tplmapcnt = sizeof(tplmap)/sizeof(char *);
151 char *result;
152
153 for(i = 0; i < tplcnt; ++i){
154 if(strcmp(name, tpl[i]) == 0) break;
155 }
156
157 if(strlen(cfg->http_tpl) > 0){
158 char path[255];
159 if(strlen(tpl_getTplPath(name, cfg->http_tpl, path, 255)) > 0 && file_exists(path)){
160 FILE *fp;
161 char buffer[1024];
162 int read, allocated = 1025, size = 0;
163 result = (char *) malloc(allocated * sizeof(char));
164 if((fp = fopen(path,"r"))!=NULL){
165 while((read = fread(&buffer,sizeof(char),1024,fp)) > 0){
166 if(allocated < size + read + 1) {
167 allocated += size + 1024;
168 result = (char *) realloc(result, allocated * sizeof(char));
169 }
170 memcpy(result + size, buffer, read);
171 size += read;
172 }
173 result[size] = '\0';
174 fclose (fp);
175 return result;
176 }
177 }
178 }
179 if(i >= 0 && i < tplmapcnt){
180 int len = (strlen(tplmap[i])) + 1;
181 result = (char *) malloc(len * sizeof(char));
182 memcpy(result, tplmap[i], len);
183 } else {
184 result = (char *) malloc(1 * sizeof(char));
185 result[0] = '\0';
186 }
187 return result;
188}
189
190/* Returns the specified template with all variables/other templates replaced or an
191 empty string if the template doesn't exist*/
192char *tpl_getTpl(struct templatevars *vars, const char* name){
193 char *tplorg = tpl_getUnparsedTpl(name);
194 char *tplend = tplorg + strlen(tplorg);
195 char *pch, *pch2, *tpl=tplorg;
196 char varname[33];
197
198 int tmp,respos = 0;
199 int allocated = 2 * strlen(tpl) + 1;
200 char *result = (char *) malloc(allocated * sizeof(char));
201
202 while(tpl < tplend){
203 if(tpl[0] == '#' && tpl[1] == '#' && tpl[2] != '#'){
204 pch2 = tpl;
205 pch = tpl + 2;
206 while(pch[0] != '\0' && (pch[0] != '#' || pch[1] != '#')) ++pch;
207 if(pch - pch2 < 32 && pch[0] == '#' && pch[1] == '#'){
208 memcpy(varname, pch2 + 2, pch - pch2 - 2);
209 varname[pch - pch2 - 2] = '\0';
210 if(strncmp(varname, "TPL", 3) == 0){
211 pch2 = tpl_getTpl(vars, varname + 3);
212 } else {
213 pch2 = tpl_getVar(vars, varname);
214 }
215 tmp = strlen(pch2);
216 if(tmp + respos + 2 >= allocated){
217 allocated = tmp + respos + 256;
218 result = (char *) realloc(result, allocated * sizeof(char));
219 }
220 memcpy(result + respos, pch2, tmp);
221 respos += tmp;
222 tpl = pch + 2;
223 }
224 } else {
225 if(respos + 2 >= allocated){
226 allocated = respos + 256;
227 result = (char *) realloc(result, allocated * sizeof(char));
228 }
229 result[respos] = tpl[0];
230 ++respos;
231 ++tpl;
232 }
233 }
234 free(tplorg);
235 result[respos] = '\0';
236 tpl_addTmp(vars, result);
237 return result;
238}
239
240/* Saves all templates to the specified paths. Existing files will be overwritten! */
241int tpl_saveIncludedTpls(const char *path){
242 int tplcnt = sizeof(tpl)/sizeof(char *);
243 int tplmapcnt = sizeof(tplmap)/sizeof(char *);
244 int i, cnt = 0;
245 char tmp[200];
246 FILE *fp;
247 for(i = 0; i < tplcnt && i < tplmapcnt; ++i){
248 if(strlen(tpl_getTplPath(tpl[i], path, tmp, 200)) > 0 && (fp = fopen(tmp,"w")) != NULL){
249 fwrite(tplmap[i], sizeof(char), strlen(tplmap[i]), fp);
250 fclose (fp);
251 ++cnt;
252 }
253 }
254 return cnt;
255}
256
257/* Parses a value in an authentication string by removing all quotes/whitespace. Note that the original array is modified*/
258char *parse_auth_value(char *value){
259 char *pch = value;
260 char *pch2;
261 value = strstr(value, "=");
262 if(value != NULL){
263 do{
264 ++value;
265 } while (value[0] == ' ' || value[0] == '"');
266 pch = value;
267 for(pch2 = value + strlen(value) - 1; pch2 >= value && (pch2[0] == ' ' || pch2[0] == '"' || pch2[0] == '\r' || pch2[0] == '\n'); --pch2) pch2[0] = '\0';
268 }
269 return pch;
270}
271
272/* Calculates the currently valid nonce value and copies it to result*/
273void calculate_nonce(char *result, int resultlen){
274 char noncetmp[128];
275 sprintf(noncetmp, "%d:%s", (int)time(NULL)/AUTHNONCEVALIDSECS, noncekey);
276 char *expectednonce = char_to_hex(MD5((unsigned char*)noncetmp, strlen(noncetmp), NULL), MD5_DIGEST_LENGTH, hex2ascii);
277 cs_strncpy(result, expectednonce, resultlen);
278 free(expectednonce);
279}
280
281/* Checks if authentication is correct. Returns -1 if not correct, 1 if correct and 2 if nonce isn't valid anymore */
282int check_auth(char *authstring, char *method, char *path, char *expectednonce){
283 int authok = 0, uriok = 0;
284 char *authnonce = "";
285 char *authnc = "";
286 char *authcnonce = "";
287 char *authresponse = "";
288 char *uri = "";
289 char *username = "";
290 char *expectedPassword = cfg->http_pwd;
291 char *pch = authstring + 22;
292 char *pch2;
293
294 pch = strtok (pch,",");
295 while (pch != NULL){
296 pch2 = pch;
297 while(pch2[0] == ' ' && pch2[0] != '\0') ++pch2;
298 if(strncmp(pch2, "nonce", 5) == 0){
299 authnonce=parse_auth_value(pch2);
300 } else if (strncmp(pch2, "nc", 2) == 0){
301 authnc=parse_auth_value(pch2);
302 } else if (strncmp(pch2, "cnonce", 6) == 0){
303 authcnonce=parse_auth_value(pch2);
304 } else if (strncmp(pch2, "response", 8) == 0){
305 authresponse=parse_auth_value(pch2);
306 } else if (strncmp(pch2, "uri", 3) == 0){
307 uri=parse_auth_value(pch2);
308 } else if (strncmp(pch2, "username", 8) == 0){
309 username=parse_auth_value(pch2);
310 }
311 pch = strtok (NULL, ",");
312 }
313
314 if(strncmp(uri, path, strlen(path)) == 0) uriok = 1;
315 else {
316 pch2 = uri;
317 for(pch = uri; pch[0] != '\0'; ++pch) {
318 if(pch[0] == '/') pch2 = pch;
319 }
320 if(strncmp(pch2, path, strlen(path)) == 0) uriok = 1;
321 }
322 if(uriok == 1 && strcmp(username, cfg->http_user) == 0){
323 char A1tmp[3 + strlen(username) + strlen(AUTHREALM) + strlen(expectedPassword)];
324 sprintf(A1tmp, "%s:%s:%s", username, AUTHREALM, expectedPassword);
325 char *A1 = char_to_hex(MD5((unsigned char*)A1tmp, strlen(A1tmp), NULL), MD5_DIGEST_LENGTH, hex2ascii);
326
327 char A2tmp[2 + strlen(method) + strlen(uri)];
328 sprintf(A2tmp, "%s:%s", method, uri);
329 char *A2 = char_to_hex(MD5((unsigned char*)A2tmp, strlen(A2tmp), NULL), MD5_DIGEST_LENGTH, hex2ascii);
330
331 char A3tmp[10 + strlen(A1) + strlen(A2) + strlen(authnonce) + strlen(authnc) + strlen(authcnonce)];
332 sprintf(A3tmp, "%s:%s:%s:%s:auth:%s", A1, authnonce, authnc, authcnonce, A2);
333 char *A3 = char_to_hex(MD5((unsigned char*)A3tmp, strlen(A3tmp), NULL), MD5_DIGEST_LENGTH, hex2ascii);
334
335 if(strcmp(A3, authresponse) == 0) {
336 if(strcmp(expectednonce, authnonce) == 0) authok = 1;
337 else authok = 2;
338 }
339 free(A1);
340 free(A2);
341 free(A3);
342 }
343 return authok;
344}
345
346#ifdef WITH_SSL
347#include <openssl/crypto.h>
348#include <openssl/ssl.h>
349#include <openssl/err.h>
350#endif
351
352int webif_write(char *buf, FILE* f) {
353#ifdef WITH_SSL
354 if (cfg->http_use_ssl) {
355 return SSL_write((SSL*)f, buf, strlen(buf));
356 } else
357#endif
358 return fwrite(buf, 1, strlen(buf), f);
359}
360
361int webif_read(char *buf, int num, FILE *f) {
362#ifdef WITH_SSL
363 if (cfg->http_use_ssl) {
364 return SSL_read((SSL*)f, buf, num);
365 } else
366#endif
367 return read(fileno(f), buf, num);
368}
369
370void send_headers(FILE *f, int status, char *title, char *extra, char *mime){
371
372 time_t now;
373 char timebuf[128];
374 char buf[1024];
375
376 sprintf(buf, "%s %d %s\r\n", PROTOCOL, status, title);
377 sprintf(buf+strlen(buf), "Server: %s\r\n", SERVER);
378
379 now = time(NULL);
380 strftime(timebuf, sizeof(timebuf), RFC1123FMT, gmtime(&now));
381 sprintf(buf+strlen(buf), "Date: %s\r\n", timebuf);
382
383 if (extra)
384 sprintf(buf+strlen(buf), "%s\r\n", extra);
385
386 if (mime)
387 sprintf(buf+strlen(buf), "Content-Type: %s\r\n", mime);
388
389 strftime(timebuf, sizeof(timebuf), RFC1123FMT, gmtime(&now));
390 sprintf(buf+strlen(buf), "Cache-Control: no-store, no-cache, must-revalidate\r\n");
391 sprintf(buf+strlen(buf), "Expires: Sat, 26 Jul 1997 05:00:00 GMT\r\n");
392 sprintf(buf+strlen(buf), "Last-Modified: %s\r\n", timebuf);
393 sprintf(buf+strlen(buf), "Connection: close\r\n");
394 sprintf(buf+strlen(buf), "\r\n");
395 webif_write(buf, f);
396}
397
398
399/*
400 * function for sending files. 1 = CSS, 2 = JS
401 */
402void send_file(FILE *f, int fileno){
403
404 char *filename;
405
406 if (fileno == 1)
407 filename = cfg->http_css;
408 else if (fileno == 2)
409 filename = cfg->http_jscript;
410 else
411 return;
412
413 if(strlen(filename) > 0 && file_exists(filename) == 1){
414 FILE *fp;
415 char buffer[1024];
416 int read;
417
418 if((fp = fopen(filename, "r"))==NULL) return;
419 while((read = fread(buffer,sizeof(char), 1023, fp)) > 0) {
420 buffer[read] = '\0';
421 webif_write(buffer, f);
422 }
423
424 fclose (fp);
425 } else {
426 if (fileno == 1)
427 webif_write(CSS, f);
428 else if (fileno == 2)
429 webif_write(JSCRIPT, f);
430
431 }
432}
433
434void send_error(FILE *f, int status, char *title, char *extra, char *text){
435 char buf[1024];
436 send_headers(f, status, title, extra, "text/html");
437 sprintf(buf, "<HTML><HEAD><TITLE>%d %s</TITLE></HEAD>\r\n", status, title);
438 sprintf(buf+strlen(buf), "<BODY><H4>%d %s</H4>\r\n", status, title);
439 sprintf(buf+strlen(buf), "%s\r\n", text);
440 sprintf(buf+strlen(buf), "</BODY></HTML>\r\n");
441 webif_write(buf, f);
442}
443
444char *getParam(struct uriparams *params, char *name){
445 int i;
446 for(i=(*params).paramcount-1; i>=0; --i){
447 if(strcmp((*params).params[i], name) == 0) return (*params).values[i];
448 }
449 return "";
450}
451
452char *getParamDef(struct uriparams *params, char *name, char* def){
453 int i;
454 for(i=(*params).paramcount-1; i>=0; --i){
455 if(strcmp((*params).params[i], name) == 0) return (*params).values[i];
456 }
457 return def;
458}
459
460/* XML-Escapes a char array. The returned reference will be automatically cleaned through the templatevars-mechanism tpl_clear().
461 Do not call free() or realloc on the returned reference or you will get memory corruption! */
462char *xml_encode(struct templatevars *vars, char *chartoencode) {
463 int i, pos = 0, len = strlen(chartoencode);
464 /* In worst case, every character could get converted to 6 chars (we only support ASCII, for Unicode it would be 7)*/
465 char encoded[len * 6 + 1], buffer[7];
466 for (i = 0; i < len; ++i){
467 switch(chartoencode[i]) {
468 case '&': memcpy(encoded + pos, "&amp;", 5); pos+=5; break;
469 case '<': memcpy(encoded + pos, "&lt;", 4); pos+=4; break;
470 case '>': memcpy(encoded + pos, "&gt;", 4); pos+=4; break;
471 case '"': memcpy(encoded + pos, "&quot;", 6); pos+=6; break;
472 case '\'': memcpy(encoded + pos, "&apos;", 6); pos+=6; break;
473
474 default:
475 if ( (unsigned int)chartoencode[i] < 32 || (unsigned int)chartoencode[i] > 127 ) {
476 snprintf(buffer, 7, "&#%d;", chartoencode[i] + 256);
477 memcpy(encoded + pos, buffer, strlen(buffer));
478 pos+=strlen(buffer);
479
480 } else {
481 encoded[pos] = chartoencode[i];
482 ++pos;
483 }
484
485 }
486 }
487 /* Allocate the needed memory size and store it in the templatevars */
488 char *result = (char *)malloc(pos + 1);
489 memcpy(result, encoded, pos);
490 result[pos] = '\0';
491 return tpl_addTmp(vars, result);
492}
493#endif
Note: See TracBrowser for help on using the repository browser.