http_dav.c

   1 /*
   2  * Copyright (C) 2012-2020 all contributors <cmogstored-public@yhbt.net>
   3  * License: GPL-3.0+ <https://www.gnu.org/licenses/gpl-3.0.txt>
   4  *
   5  * TODO: ensure compliance with relevant RFCs.
   6  *       This is only enough to work with MogileFS.
   7  */
   8 #include "cmogstored.h"
   9 #include "http.h"
  10
  11 void mog_http_delete(struct mog_fd *mfd, char *buf)
  12 {
  13         struct mog_http *http = &mfd->as.http;
  14         int rc;
  15         char *path;
  16
  17         if (mfd->fd_type == MOG_FD_TYPE_HTTPGET) {
  18                 mog_http_resp(mfd, "405 Method Not Allowed", true);
  19                 return;
  20         }
  21
  22         path = mog_http_path(http, buf);
  23         if (!path) goto forbidden; /* path traversal attack */
  24         assert(path[0] == '/' && "bad path");
  25         if (path[1] == '\0') goto forbidden;
  26
  27         TRACE(CMOGSTORED_HTTP_REQ_START(mfd->fd, "DELETE", path));
  28
  29         rc = mog_unlink(http->svc, path);
  30         if (rc == 0) {
  31                 mog_http_resp(mfd, "204 No Content", true);
  32                 mog_notify(MOG_NOTIFY_DEVICE_REFRESH);
  33
  34                 return;
  35         }
  36
  37         switch (errno) {
  38         case EPERM:
  39         case EISDIR:
  40         case EACCES:
  41 forbidden:
  42                 mog_http_resp(mfd, "403 Forbidden", true);
  43                 return;
  44         case ENOENT:
  45                 mog_http_resp(mfd, "404 Not Found", true);
  46                 return;
  47         }
  48         PRESERVE_ERRNO(do {
  49                 mog_http_resp(mfd, "500 Internal Server Error", true);
  50         } while(0));
  51         syslog(LOG_ERR, "Failed to unlink %s (in %s): %m",
  52                 path, http->svc->docroot);
  53 }
  54
  55 void mog_http_mkcol(struct mog_fd *mfd, char *buf)
  56 {
  57         struct mog_http *http = &mfd->as.http;
  58         char *path;
  59
  60         if (mfd->fd_type == MOG_FD_TYPE_HTTPGET) {
  61                 mog_http_resp(mfd, "405 Method Not Allowed", true);
  62                 return;
  63         }
  64         path = mog_http_path(http, buf);
  65
  66         /*
  67          * This can be useful for making sure the skip_mkcol server setting
  68          * is enabled in the tracker/database to avoid latency
  69          */
  70         TRACE(CMOGSTORED_HTTP_REQ_START(mfd->fd, "MKCOL", path));
  71
  72         /*
  73          * Do not do anything on MKCOL and rely on PUT to create
  74          * directories.  This stops MogileFS trackers from trying
  75          * (expensive) MKCOL requests.  Perlbal/mogstored also does
  76          * this.
  77          */
  78         if (path)
  79                 mog_http_resp(mfd, "400 Bad Request", true);
  80         else /* path traversal attack */
  81                 mog_http_resp(mfd, "403 Forbidden", true);
  82 }