7 #include "connections.h"
12 #include "stat_cache.h"
16 #include <sys/types.h>
29 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H)
31 #include <libxml/tree.h>
32 #include <libxml/parser.h>
37 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H) && defined(HAVE_UUID_UUID_H)
39 #include <uuid/uuid.h>
43 * this is a webdav for a lighttpd plugin
45 * at least a very basic one.
46 * - for now it is read-only and we only support PROPFIND
50 #define WEBDAV_FILE_MODE S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH
51 #define WEBDAV_DIR_MODE S_IRWXU | S_IRWXG | S_IRWXO
53 /* plugin config for all request/connections */
56 unsigned short enabled
;
57 unsigned short is_readonly
;
58 unsigned short log_xml
;
60 buffer
*sqlite_db_name
;
63 sqlite3_stmt
*stmt_update_prop
;
64 sqlite3_stmt
*stmt_delete_prop
;
65 sqlite3_stmt
*stmt_select_prop
;
66 sqlite3_stmt
*stmt_select_propnames
;
68 sqlite3_stmt
*stmt_delete_uri
;
69 sqlite3_stmt
*stmt_move_uri
;
70 sqlite3_stmt
*stmt_copy_uri
;
72 sqlite3_stmt
*stmt_remove_lock
;
73 sqlite3_stmt
*stmt_create_lock
;
74 sqlite3_stmt
*stmt_read_lock
;
75 sqlite3_stmt
*stmt_read_lock_by_uri
;
76 sqlite3_stmt
*stmt_refresh_lock
;
87 plugin_config
**config_storage
;
96 /* init the plugin data */
97 INIT_FUNC(mod_webdav_init
) {
100 p
= calloc(1, sizeof(*p
));
102 p
->tmp_buf
= buffer_init();
104 p
->uri
.scheme
= buffer_init();
105 p
->uri
.path_raw
= buffer_init();
106 p
->uri
.path
= buffer_init();
107 p
->uri
.authority
= buffer_init();
109 p
->physical
.path
= buffer_init();
110 p
->physical
.rel_path
= buffer_init();
111 p
->physical
.doc_root
= buffer_init();
112 p
->physical
.basedir
= buffer_init();
117 /* detroy the plugin data */
118 FREE_FUNC(mod_webdav_free
) {
119 plugin_data
*p
= p_d
;
123 if (!p
) return HANDLER_GO_ON
;
125 if (p
->config_storage
) {
127 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
128 plugin_config
*s
= p
->config_storage
[i
];
130 if (NULL
== s
) continue;
132 buffer_free(s
->sqlite_db_name
);
135 sqlite3_finalize(s
->stmt_delete_prop
);
136 sqlite3_finalize(s
->stmt_delete_uri
);
137 sqlite3_finalize(s
->stmt_copy_uri
);
138 sqlite3_finalize(s
->stmt_move_uri
);
139 sqlite3_finalize(s
->stmt_update_prop
);
140 sqlite3_finalize(s
->stmt_select_prop
);
141 sqlite3_finalize(s
->stmt_select_propnames
);
143 sqlite3_finalize(s
->stmt_read_lock
);
144 sqlite3_finalize(s
->stmt_read_lock_by_uri
);
145 sqlite3_finalize(s
->stmt_create_lock
);
146 sqlite3_finalize(s
->stmt_remove_lock
);
147 sqlite3_finalize(s
->stmt_refresh_lock
);
148 sqlite3_close(s
->sql
);
153 free(p
->config_storage
);
156 buffer_free(p
->uri
.scheme
);
157 buffer_free(p
->uri
.path_raw
);
158 buffer_free(p
->uri
.path
);
159 buffer_free(p
->uri
.authority
);
161 buffer_free(p
->physical
.path
);
162 buffer_free(p
->physical
.rel_path
);
163 buffer_free(p
->physical
.doc_root
);
164 buffer_free(p
->physical
.basedir
);
166 buffer_free(p
->tmp_buf
);
170 return HANDLER_GO_ON
;
173 /* handle plugin config and check values */
175 SETDEFAULTS_FUNC(mod_webdav_set_defaults
) {
176 plugin_data
*p
= p_d
;
179 config_values_t cv
[] = {
180 { "webdav.activate", NULL
, T_CONFIG_BOOLEAN
, T_CONFIG_SCOPE_CONNECTION
}, /* 0 */
181 { "webdav.is-readonly", NULL
, T_CONFIG_BOOLEAN
, T_CONFIG_SCOPE_CONNECTION
}, /* 1 */
182 { "webdav.sqlite-db-name", NULL
, T_CONFIG_STRING
, T_CONFIG_SCOPE_CONNECTION
}, /* 2 */
183 { "webdav.log-xml", NULL
, T_CONFIG_BOOLEAN
, T_CONFIG_SCOPE_CONNECTION
}, /* 3 */
184 { NULL
, NULL
, T_CONFIG_UNSET
, T_CONFIG_SCOPE_UNSET
}
187 if (!p
) return HANDLER_ERROR
;
189 p
->config_storage
= calloc(1, srv
->config_context
->used
* sizeof(plugin_config
*));
191 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
192 data_config
const* config
= (data_config
const*)srv
->config_context
->data
[i
];
195 s
= calloc(1, sizeof(plugin_config
));
196 s
->sqlite_db_name
= buffer_init();
198 cv
[0].destination
= &(s
->enabled
);
199 cv
[1].destination
= &(s
->is_readonly
);
200 cv
[2].destination
= s
->sqlite_db_name
;
201 cv
[3].destination
= &(s
->log_xml
);
203 p
->config_storage
[i
] = s
;
205 if (0 != config_insert_values_global(srv
, config
->value
, cv
, i
== 0 ? T_CONFIG_SCOPE_SERVER
: T_CONFIG_SCOPE_CONNECTION
)) {
206 return HANDLER_ERROR
;
209 if (!buffer_string_is_empty(s
->sqlite_db_name
)) {
211 const char *next_stmt
;
214 if (SQLITE_OK
!= sqlite3_open(s
->sqlite_db_name
->ptr
, &(s
->sql
))) {
215 log_error_write(srv
, __FILE__
, __LINE__
, "sbs", "sqlite3_open failed for",
217 sqlite3_errmsg(s
->sql
));
218 return HANDLER_ERROR
;
221 if (SQLITE_OK
!= sqlite3_exec(s
->sql
,
222 "CREATE TABLE IF NOT EXISTS properties ("
223 " resource TEXT NOT NULL,"
224 " prop TEXT NOT NULL,"
226 " value TEXT NOT NULL,"
227 " PRIMARY KEY(resource, prop, ns))",
230 if (0 != strcmp(err
, "table properties already exists")) {
231 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't open transaction:", err
);
234 return HANDLER_ERROR
;
239 if (SQLITE_OK
!= sqlite3_exec(s
->sql
,
240 "CREATE TABLE IF NOT EXISTS locks ("
241 " locktoken TEXT NOT NULL,"
242 " resource TEXT NOT NULL,"
243 " lockscope TEXT NOT NULL,"
244 " locktype TEXT NOT NULL,"
245 " owner TEXT NOT NULL,"
246 " depth INT NOT NULL,"
247 " timeout TIMESTAMP NOT NULL,"
248 " PRIMARY KEY(locktoken))",
251 if (0 != strcmp(err
, "table locks already exists")) {
252 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't open transaction:", err
);
255 return HANDLER_ERROR
;
260 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
261 CONST_STR_LEN("SELECT value FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
262 &(s
->stmt_select_prop
), &next_stmt
)) {
265 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s
->sql
));
266 return HANDLER_ERROR
;
269 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
270 CONST_STR_LEN("SELECT ns, prop FROM properties WHERE resource = ?"),
271 &(s
->stmt_select_propnames
), &next_stmt
)) {
274 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s
->sql
));
275 return HANDLER_ERROR
;
279 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
280 CONST_STR_LEN("REPLACE INTO properties (resource, prop, ns, value) VALUES (?, ?, ?, ?)"),
281 &(s
->stmt_update_prop
), &next_stmt
)) {
284 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s
->sql
));
285 return HANDLER_ERROR
;
288 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
289 CONST_STR_LEN("DELETE FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
290 &(s
->stmt_delete_prop
), &next_stmt
)) {
292 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
294 return HANDLER_ERROR
;
297 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
298 CONST_STR_LEN("DELETE FROM properties WHERE resource = ?"),
299 &(s
->stmt_delete_uri
), &next_stmt
)) {
301 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
303 return HANDLER_ERROR
;
306 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
307 CONST_STR_LEN("INSERT INTO properties SELECT ?, prop, ns, value FROM properties WHERE resource = ?"),
308 &(s
->stmt_copy_uri
), &next_stmt
)) {
310 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
312 return HANDLER_ERROR
;
315 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
316 CONST_STR_LEN("UPDATE OR REPLACE properties SET resource = ? WHERE resource = ?"),
317 &(s
->stmt_move_uri
), &next_stmt
)) {
319 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
321 return HANDLER_ERROR
;
326 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
327 CONST_STR_LEN("INSERT INTO locks (locktoken, resource, lockscope, locktype, owner, depth, timeout) VALUES (?,?,?,?,?,?, CURRENT_TIME + 600)"),
328 &(s
->stmt_create_lock
), &next_stmt
)) {
330 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
332 return HANDLER_ERROR
;
335 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
336 CONST_STR_LEN("DELETE FROM locks WHERE locktoken = ?"),
337 &(s
->stmt_remove_lock
), &next_stmt
)) {
339 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
341 return HANDLER_ERROR
;
344 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
345 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE locktoken = ?"),
346 &(s
->stmt_read_lock
), &next_stmt
)) {
348 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
350 return HANDLER_ERROR
;
353 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
354 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE resource = ?"),
355 &(s
->stmt_read_lock_by_uri
), &next_stmt
)) {
357 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
359 return HANDLER_ERROR
;
362 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
363 CONST_STR_LEN("UPDATE locks SET timeout = CURRENT_TIME + 600 WHERE locktoken = ?"),
364 &(s
->stmt_refresh_lock
), &next_stmt
)) {
366 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
368 return HANDLER_ERROR
;
373 log_error_write(srv
, __FILE__
, __LINE__
, "s", "Sorry, no sqlite3 and libxml2 support include, compile with --with-webdav-props");
374 return HANDLER_ERROR
;
379 return HANDLER_GO_ON
;
382 #define PATCH_OPTION(x) \
384 static int mod_webdav_patch_connection(server
*srv
, connection
*con
, plugin_data
*p
) {
386 plugin_config
*s
= p
->config_storage
[0];
388 PATCH_OPTION(enabled
);
389 PATCH_OPTION(is_readonly
);
390 PATCH_OPTION(log_xml
);
394 PATCH_OPTION(stmt_update_prop
);
395 PATCH_OPTION(stmt_delete_prop
);
396 PATCH_OPTION(stmt_select_prop
);
397 PATCH_OPTION(stmt_select_propnames
);
399 PATCH_OPTION(stmt_delete_uri
);
400 PATCH_OPTION(stmt_move_uri
);
401 PATCH_OPTION(stmt_copy_uri
);
403 PATCH_OPTION(stmt_remove_lock
);
404 PATCH_OPTION(stmt_refresh_lock
);
405 PATCH_OPTION(stmt_create_lock
);
406 PATCH_OPTION(stmt_read_lock
);
407 PATCH_OPTION(stmt_read_lock_by_uri
);
409 /* skip the first, the global context */
410 for (i
= 1; i
< srv
->config_context
->used
; i
++) {
411 data_config
*dc
= (data_config
*)srv
->config_context
->data
[i
];
412 s
= p
->config_storage
[i
];
414 /* condition didn't match */
415 if (!config_check_cond(srv
, con
, dc
)) continue;
418 for (j
= 0; j
< dc
->value
->used
; j
++) {
419 data_unset
*du
= dc
->value
->data
[j
];
421 if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("webdav.activate"))) {
422 PATCH_OPTION(enabled
);
423 } else if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("webdav.is-readonly"))) {
424 PATCH_OPTION(is_readonly
);
425 } else if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("webdav.log-xml"))) {
426 PATCH_OPTION(log_xml
);
427 } else if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("webdav.sqlite-db-name"))) {
430 PATCH_OPTION(stmt_update_prop
);
431 PATCH_OPTION(stmt_delete_prop
);
432 PATCH_OPTION(stmt_select_prop
);
433 PATCH_OPTION(stmt_select_propnames
);
435 PATCH_OPTION(stmt_delete_uri
);
436 PATCH_OPTION(stmt_move_uri
);
437 PATCH_OPTION(stmt_copy_uri
);
439 PATCH_OPTION(stmt_remove_lock
);
440 PATCH_OPTION(stmt_refresh_lock
);
441 PATCH_OPTION(stmt_create_lock
);
442 PATCH_OPTION(stmt_read_lock
);
443 PATCH_OPTION(stmt_read_lock_by_uri
);
452 URIHANDLER_FUNC(mod_webdav_uri_handler
) {
453 plugin_data
*p
= p_d
;
457 if (buffer_is_empty(con
->uri
.path
)) return HANDLER_GO_ON
;
459 mod_webdav_patch_connection(srv
, con
, p
);
461 if (!p
->conf
.enabled
) return HANDLER_GO_ON
;
463 switch (con
->request
.http_method
) {
464 case HTTP_METHOD_OPTIONS
:
465 /* we fake a little bit but it makes MS W2k happy and it let's us mount the volume */
466 response_header_overwrite(srv
, con
, CONST_STR_LEN("DAV"), CONST_STR_LEN("1,2"));
467 response_header_overwrite(srv
, con
, CONST_STR_LEN("MS-Author-Via"), CONST_STR_LEN("DAV"));
469 if (p
->conf
.is_readonly
) {
470 response_header_insert(srv
, con
, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND"));
472 response_header_insert(srv
, con
, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND, DELETE, MKCOL, PUT, MOVE, COPY, PROPPATCH, LOCK, UNLOCK"));
480 return HANDLER_GO_ON
;
482 static int webdav_gen_prop_tag(server
*srv
, connection
*con
,
492 buffer_append_string_len(b
,CONST_STR_LEN("<"));
493 buffer_append_string(b
, prop_name
);
494 buffer_append_string_len(b
, CONST_STR_LEN(" xmlns=\""));
495 buffer_append_string(b
, prop_ns
);
496 buffer_append_string_len(b
, CONST_STR_LEN("\">"));
498 buffer_append_string(b
, value
);
500 buffer_append_string_len(b
,CONST_STR_LEN("</"));
501 buffer_append_string(b
, prop_name
);
502 buffer_append_string_len(b
, CONST_STR_LEN(">"));
504 buffer_append_string_len(b
,CONST_STR_LEN("<"));
505 buffer_append_string(b
, prop_name
);
506 buffer_append_string_len(b
, CONST_STR_LEN(" xmlns=\""));
507 buffer_append_string(b
, prop_ns
);
508 buffer_append_string_len(b
, CONST_STR_LEN("\"/>"));
515 static int webdav_gen_response_status_tag(server
*srv
, connection
*con
, physical
*dst
, int status
, buffer
*b
) {
518 buffer_append_string_len(b
,CONST_STR_LEN("<D:response xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
520 buffer_append_string_len(b
,CONST_STR_LEN("<D:href>\n"));
521 buffer_append_string_buffer(b
, dst
->rel_path
);
522 buffer_append_string_len(b
,CONST_STR_LEN("</D:href>\n"));
523 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>\n"));
525 if (con
->request
.http_version
== HTTP_VERSION_1_1
) {
526 buffer_copy_string_len(b
, CONST_STR_LEN("HTTP/1.1 "));
528 buffer_copy_string_len(b
, CONST_STR_LEN("HTTP/1.0 "));
530 buffer_append_int(b
, status
);
531 buffer_append_string_len(b
, CONST_STR_LEN(" "));
532 buffer_append_string(b
, get_http_status_name(status
));
534 buffer_append_string_len(b
,CONST_STR_LEN("</D:status>\n"));
535 buffer_append_string_len(b
,CONST_STR_LEN("</D:response>\n"));
540 static int webdav_delete_file(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, buffer
*b
) {
543 /* try to unlink it */
544 if (-1 == unlink(dst
->path
->ptr
)) {
555 webdav_gen_response_status_tag(srv
, con
, dst
, status
, b
);
558 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_delete_uri
;
562 webdav_gen_response_status_tag(srv
, con
, dst
, status
, b
);
566 /* bind the values to the insert */
568 sqlite3_bind_text(stmt
, 1,
569 CONST_BUF_LEN(dst
->rel_path
),
572 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
581 return (status
!= 0);
584 static int webdav_delete_dir(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, buffer
*b
) {
586 int have_multi_status
= 0;
589 d
.path
= buffer_init();
590 d
.rel_path
= buffer_init();
592 if (NULL
!= (dir
= opendir(dst
->path
->ptr
))) {
595 while(NULL
!= (de
= readdir(dir
))) {
598 if ((de
->d_name
[0] == '.' && de
->d_name
[1] == '\0') ||
599 (de
->d_name
[0] == '.' && de
->d_name
[1] == '.' && de
->d_name
[2] == '\0')) {
601 /* ignore the parent dir */
604 buffer_copy_buffer(d
.path
, dst
->path
);
605 buffer_append_slash(d
.path
);
606 buffer_append_string(d
.path
, de
->d_name
);
608 buffer_copy_buffer(d
.rel_path
, dst
->rel_path
);
609 buffer_append_slash(d
.rel_path
);
610 buffer_append_string(d
.rel_path
, de
->d_name
);
612 /* stat and unlink afterwards */
613 if (-1 == stat(d
.path
->ptr
, &st
)) {
614 /* don't about it yet, rmdir will fail too */
615 } else if (S_ISDIR(st
.st_mode
)) {
616 have_multi_status
= webdav_delete_dir(srv
, con
, hctx
, &d
, b
);
618 /* try to unlink it */
619 if (-1 == rmdir(d
.path
->ptr
)) {
631 have_multi_status
= 1;
633 webdav_gen_response_status_tag(srv
, con
, &d
, status
, b
);
636 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_delete_uri
;
641 /* bind the values to the insert */
643 sqlite3_bind_text(stmt
, 1,
644 CONST_BUF_LEN(d
.rel_path
),
647 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
654 have_multi_status
= webdav_delete_file(srv
, con
, hctx
, &d
, b
);
660 buffer_free(d
.rel_path
);
663 return have_multi_status
;
666 /* don't want to block when open()ing a fifo */
667 #if defined(O_NONBLOCK)
668 # define FIFO_NONBLOCK O_NONBLOCK
670 # define FIFO_NONBLOCK 0
677 static int webdav_copy_file(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*src
, physical
*dst
, int overwrite
) {
679 ssize_t rd
, wr
, offset
;
680 int status
= 0, ifd
, ofd
;
684 if (-1 == (ifd
= open(src
->path
->ptr
, O_RDONLY
| O_BINARY
| FIFO_NONBLOCK
))) {
688 if (-1 == (ofd
= open(dst
->path
->ptr
, O_WRONLY
|O_TRUNC
|O_CREAT
|(overwrite
? 0 : O_EXCL
), WEBDAV_FILE_MODE
))) {
689 /* opening the destination failed for some reason */
698 /* at least one part in the middle wasn't existing */
709 data
= malloc(131072);
712 while (0 < (rd
= read(ifd
, data
, 131072))) {
715 wr
= write(ofd
, data
+offset
, (size_t)(rd
-offset
));
716 } while (wr
>= 0 ? (offset
+= wr
) != rd
: (errno
== EINTR
));
718 status
= (errno
== ENOSPC
) ? 507 : 403;
723 if (0 != rd
&& 0 == status
) status
= 403;
727 if (0 != close(ofd
)) {
728 if (0 == status
) status
= (errno
== ENOSPC
) ? 507 : 403;
729 log_error_write(srv
, __FILE__
, __LINE__
, "sbss",
730 "close ", dst
->path
, "failed: ", strerror(errno
));
735 /* copy worked fine, copy connected properties */
736 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_copy_uri
;
741 /* bind the values to the insert */
742 sqlite3_bind_text(stmt
, 1,
743 CONST_BUF_LEN(dst
->rel_path
),
746 sqlite3_bind_text(stmt
, 2,
747 CONST_BUF_LEN(src
->rel_path
),
750 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
761 static int webdav_copy_dir(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*src
, physical
*dst
, int overwrite
) {
765 if (NULL
!= (srcdir
= opendir(src
->path
->ptr
))) {
769 s
.path
= buffer_init();
770 s
.rel_path
= buffer_init();
772 d
.path
= buffer_init();
773 d
.rel_path
= buffer_init();
775 while (NULL
!= (de
= readdir(srcdir
))) {
778 if ((de
->d_name
[0] == '.' && de
->d_name
[1] == '\0')
779 || (de
->d_name
[0] == '.' && de
->d_name
[1] == '.' && de
->d_name
[2] == '\0')) {
783 buffer_copy_buffer(s
.path
, src
->path
);
784 buffer_append_slash(s
.path
);
785 buffer_append_string(s
.path
, de
->d_name
);
787 buffer_copy_buffer(d
.path
, dst
->path
);
788 buffer_append_slash(d
.path
);
789 buffer_append_string(d
.path
, de
->d_name
);
791 buffer_copy_buffer(s
.rel_path
, src
->rel_path
);
792 buffer_append_slash(s
.rel_path
);
793 buffer_append_string(s
.rel_path
, de
->d_name
);
795 buffer_copy_buffer(d
.rel_path
, dst
->rel_path
);
796 buffer_append_slash(d
.rel_path
);
797 buffer_append_string(d
.rel_path
, de
->d_name
);
799 if (-1 == stat(s
.path
->ptr
, &st
)) {
801 } else if (S_ISDIR(st
.st_mode
)) {
803 if (-1 == mkdir(d
.path
->ptr
, WEBDAV_DIR_MODE
) &&
808 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_copy_uri
;
810 if (0 != (status
= webdav_copy_dir(srv
, con
, hctx
, &s
, &d
, overwrite
))) {
813 /* directory is copied, copy the properties too */
818 /* bind the values to the insert */
819 sqlite3_bind_text(stmt
, 1,
820 CONST_BUF_LEN(dst
->rel_path
),
823 sqlite3_bind_text(stmt
, 2,
824 CONST_BUF_LEN(src
->rel_path
),
827 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
833 } else if (S_ISREG(st
.st_mode
)) {
835 if (0 != (status
= webdav_copy_file(srv
, con
, hctx
, &s
, &d
, overwrite
))) {
842 buffer_free(s
.rel_path
);
844 buffer_free(d
.rel_path
);
853 static void webdav_activelock(buffer
*b
,
854 const buffer
*locktoken
, const char *lockscope
, const char *locktype
, int depth
, int timeout
) {
855 buffer_append_string_len(b
, CONST_STR_LEN("<D:activelock>\n"));
857 buffer_append_string_len(b
, CONST_STR_LEN("<D:lockscope>"));
858 buffer_append_string_len(b
, CONST_STR_LEN("<D:"));
859 buffer_append_string(b
, lockscope
);
860 buffer_append_string_len(b
, CONST_STR_LEN("/>"));
861 buffer_append_string_len(b
, CONST_STR_LEN("</D:lockscope>\n"));
863 buffer_append_string_len(b
, CONST_STR_LEN("<D:locktype>"));
864 buffer_append_string_len(b
, CONST_STR_LEN("<D:"));
865 buffer_append_string(b
, locktype
);
866 buffer_append_string_len(b
, CONST_STR_LEN("/>"));
867 buffer_append_string_len(b
, CONST_STR_LEN("</D:locktype>\n"));
869 buffer_append_string_len(b
, CONST_STR_LEN("<D:depth>"));
870 buffer_append_string(b
, depth
== 0 ? "0" : "infinity");
871 buffer_append_string_len(b
, CONST_STR_LEN("</D:depth>\n"));
873 buffer_append_string_len(b
, CONST_STR_LEN("<D:timeout>"));
874 buffer_append_string_len(b
, CONST_STR_LEN("Second-"));
875 buffer_append_int(b
, timeout
);
876 buffer_append_string_len(b
, CONST_STR_LEN("</D:timeout>\n"));
878 buffer_append_string_len(b
, CONST_STR_LEN("<D:owner>"));
879 buffer_append_string_len(b
, CONST_STR_LEN("</D:owner>\n"));
881 buffer_append_string_len(b
, CONST_STR_LEN("<D:locktoken>"));
882 buffer_append_string_len(b
, CONST_STR_LEN("<D:href>"));
883 buffer_append_string_buffer(b
, locktoken
);
884 buffer_append_string_len(b
, CONST_STR_LEN("</D:href>"));
885 buffer_append_string_len(b
, CONST_STR_LEN("</D:locktoken>\n"));
887 buffer_append_string_len(b
, CONST_STR_LEN("</D:activelock>\n"));
890 static void webdav_get_live_property_lockdiscovery(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, buffer
*b
) {
892 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_read_lock_by_uri
;
893 if (!stmt
) { /*(should not happen)*/
894 buffer_append_string_len(b
, CONST_STR_LEN("<D:lockdiscovery>\n</D:lockdiscovery>\n"));
900 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
902 * WHERE resource = ? */
906 sqlite3_bind_text(stmt
, 1,
907 CONST_BUF_LEN(dst
->rel_path
),
910 buffer_append_string_len(b
, CONST_STR_LEN("<D:lockdiscovery>\n"));
911 while (SQLITE_ROW
== sqlite3_step(stmt
)) {
912 const char *lockscope
= (const char *)sqlite3_column_text(stmt
, 2);
913 const char *locktype
= (const char *)sqlite3_column_text(stmt
, 3);
914 const int depth
= sqlite3_column_int(stmt
, 5);
915 const int timeout
= sqlite3_column_int(stmt
, 6);
916 buffer locktoken
= { NULL
, 0, 0 };
917 locktoken
.ptr
= (char *)sqlite3_column_text(stmt
, 0);
918 locktoken
.used
= sqlite3_column_bytes(stmt
, 0);
919 if (locktoken
.used
) ++locktoken
.used
;
920 locktoken
.size
= locktoken
.used
;
923 webdav_activelock(b
, &locktoken
, lockscope
, locktype
, depth
, timeout
);
926 buffer_append_string_len(b
, CONST_STR_LEN("</D:lockdiscovery>\n"));
930 static int webdav_get_live_property(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, char *prop_name
, buffer
*b
) {
931 stat_cache_entry
*sce
= NULL
;
936 if (HANDLER_ERROR
!= (stat_cache_get_entry(srv
, con
, dst
->path
, &sce
))) {
937 char ctime_buf
[] = "2005-08-18T07:27:16Z";
938 char mtime_buf
[] = "Thu, 18 Aug 2005 07:27:16 GMT";
941 if (0 == strcmp(prop_name
, "resourcetype")) {
942 if (S_ISDIR(sce
->st
.st_mode
)) {
943 buffer_append_string_len(b
, CONST_STR_LEN("<D:resourcetype><D:collection/></D:resourcetype>"));
945 buffer_append_string_len(b
, CONST_STR_LEN("<D:resourcetype/>"));
948 } else if (0 == strcmp(prop_name
, "getcontenttype")) {
949 if (S_ISDIR(sce
->st
.st_mode
)) {
950 buffer_append_string_len(b
, CONST_STR_LEN("<D:getcontenttype>httpd/unix-directory</D:getcontenttype>"));
952 } else if(S_ISREG(sce
->st
.st_mode
)) {
953 for (k
= 0; k
< con
->conf
.mimetypes
->used
; k
++) {
954 data_string
*ds
= (data_string
*)con
->conf
.mimetypes
->data
[k
];
956 if (buffer_is_empty(ds
->key
)) continue;
958 if (buffer_is_equal_right_len(dst
->path
, ds
->key
, buffer_string_length(ds
->key
))) {
959 buffer_append_string_len(b
,CONST_STR_LEN("<D:getcontenttype>"));
960 buffer_append_string_buffer(b
, ds
->value
);
961 buffer_append_string_len(b
, CONST_STR_LEN("</D:getcontenttype>"));
968 } else if (0 == strcmp(prop_name
, "creationdate")) {
969 buffer_append_string_len(b
, CONST_STR_LEN("<D:creationdate ns0:dt=\"dateTime.tz\">"));
970 strftime(ctime_buf
, sizeof(ctime_buf
), "%Y-%m-%dT%H:%M:%SZ", gmtime(&(sce
->st
.st_ctime
)));
971 buffer_append_string(b
, ctime_buf
);
972 buffer_append_string_len(b
, CONST_STR_LEN("</D:creationdate>"));
974 } else if (0 == strcmp(prop_name
, "getlastmodified")) {
975 buffer_append_string_len(b
,CONST_STR_LEN("<D:getlastmodified ns0:dt=\"dateTime.rfc1123\">"));
976 strftime(mtime_buf
, sizeof(mtime_buf
), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&(sce
->st
.st_mtime
)));
977 buffer_append_string(b
, mtime_buf
);
978 buffer_append_string_len(b
, CONST_STR_LEN("</D:getlastmodified>"));
980 } else if (0 == strcmp(prop_name
, "getcontentlength")) {
981 buffer_append_string_len(b
,CONST_STR_LEN("<D:getcontentlength>"));
982 buffer_append_int(b
, sce
->st
.st_size
);
983 buffer_append_string_len(b
, CONST_STR_LEN("</D:getcontentlength>"));
985 } else if (0 == strcmp(prop_name
, "getcontentlanguage")) {
986 buffer_append_string_len(b
,CONST_STR_LEN("<D:getcontentlanguage>"));
987 buffer_append_string_len(b
, CONST_STR_LEN("en"));
988 buffer_append_string_len(b
, CONST_STR_LEN("</D:getcontentlanguage>"));
990 } else if (0 == strcmp(prop_name
, "getetag")) {
991 etag_create(con
->physical
.etag
, &sce
->st
, con
->etag_flags
);
992 buffer_append_string_len(b
, CONST_STR_LEN("<D:getetag>"));
993 buffer_append_string_buffer(b
, con
->physical
.etag
);
994 buffer_append_string_len(b
, CONST_STR_LEN("</D:getetag>"));
995 buffer_reset(con
->physical
.etag
);
998 } else if (0 == strcmp(prop_name
, "lockdiscovery")) {
999 webdav_get_live_property_lockdiscovery(srv
, con
, hctx
, dst
, b
);
1001 } else if (0 == strcmp(prop_name
, "supportedlock")) {
1002 buffer_append_string_len(b
,CONST_STR_LEN("<D:supportedlock>"));
1003 buffer_append_string_len(b
,CONST_STR_LEN("<D:lockentry>"));
1004 buffer_append_string_len(b
,CONST_STR_LEN("<D:lockscope><D:exclusive/></D:lockscope>"));
1005 buffer_append_string_len(b
,CONST_STR_LEN("<D:locktype><D:write/></D:locktype>"));
1006 buffer_append_string_len(b
,CONST_STR_LEN("</D:lockentry>"));
1007 buffer_append_string_len(b
, CONST_STR_LEN("</D:supportedlock>"));
1013 return found
? 0 : -1;
1016 static int webdav_get_property(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, char *prop_name
, char *prop_ns
, buffer
*b
) {
1017 if (0 == strcmp(prop_ns
, "DAV:")) {
1018 /* a local 'live' property */
1019 return webdav_get_live_property(srv
, con
, hctx
, dst
, prop_name
, b
);
1022 #ifdef USE_PROPPATCH
1023 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_select_prop
;
1026 /* perhaps it is in sqlite3 */
1027 sqlite3_reset(stmt
);
1029 /* bind the values to the insert */
1031 sqlite3_bind_text(stmt
, 1,
1032 CONST_BUF_LEN(dst
->rel_path
),
1034 sqlite3_bind_text(stmt
, 2,
1038 sqlite3_bind_text(stmt
, 3,
1044 while (SQLITE_ROW
== sqlite3_step(stmt
)) {
1045 /* there is a row for us, we only expect a single col 'value' */
1046 webdav_gen_prop_tag(srv
, con
, prop_name
, prop_ns
, (char *)sqlite3_column_text(stmt
, 0), b
);
1051 return found
? 0 : -1;
1063 static webdav_property live_properties
[] = {
1064 { "DAV:", "creationdate" },
1065 /*{ "DAV:", "displayname" },*//*(not implemented)*/
1066 { "DAV:", "getcontentlanguage" },
1067 { "DAV:", "getcontentlength" },
1068 { "DAV:", "getcontenttype" },
1069 { "DAV:", "getetag" },
1070 { "DAV:", "getlastmodified" },
1071 { "DAV:", "resourcetype" },
1072 /*{ "DAV:", "source" },*//*(not implemented)*/
1074 { "DAV:", "lockdiscovery" },
1075 { "DAV:", "supportedlock" },
1082 webdav_property
**ptr
;
1086 } webdav_properties
;
1088 static int webdav_get_props(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, webdav_properties
*props
, buffer
*b_200
, buffer
*b_404
) {
1091 if (props
&& props
->used
) {
1092 for (i
= 0; i
< props
->used
; i
++) {
1093 webdav_property
*prop
;
1095 prop
= props
->ptr
[i
];
1097 if (0 != webdav_get_property(srv
, con
, hctx
,
1098 dst
, prop
->prop
, prop
->ns
, b_200
)) {
1099 webdav_gen_prop_tag(srv
, con
, prop
->prop
, prop
->ns
, NULL
, b_404
);
1103 for (i
= 0; live_properties
[i
].prop
; i
++) {
1104 /* a local 'live' property */
1105 webdav_get_live_property(srv
, con
, hctx
, dst
, live_properties
[i
].prop
, b_200
);
1112 #ifdef USE_PROPPATCH
1113 static int webdav_parse_chunkqueue(server
*srv
, connection
*con
, handler_ctx
*hctx
, chunkqueue
*cq
, xmlDoc
**ret_xml
) {
1114 xmlParserCtxtPtr ctxt
;
1123 /* read the chunks in to the XML document */
1124 ctxt
= xmlCreatePushParserCtxt(NULL
, NULL
, NULL
, 0, NULL
);
1126 for (c
= cq
->first
; cq
->bytes_out
!= cq
->bytes_in
; c
= cq
->first
) {
1127 size_t weWant
= cq
->bytes_out
- cq
->bytes_in
;
1134 weHave
= c
->file
.length
- c
->offset
;
1136 if (weHave
> weWant
) weHave
= weWant
;
1138 /* xml chunks are always memory, mmap() is our friend */
1139 mapped
= (c
->file
.mmap
.start
!= MAP_FAILED
);
1141 data
= c
->file
.mmap
.start
+ c
->offset
;
1143 if (-1 == c
->file
.fd
&& /* open the file if not already open */
1144 -1 == (c
->file
.fd
= open(c
->file
.name
->ptr
, O_RDONLY
))) {
1145 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "open failed: ", strerror(errno
));
1150 if (MAP_FAILED
!= (c
->file
.mmap
.start
= mmap(0, c
->file
.length
, PROT_READ
, MAP_PRIVATE
, c
->file
.fd
, 0))) {
1151 /* chunk_reset() or chunk_free() will cleanup for us */
1152 c
->file
.mmap
.length
= c
->file
.length
;
1153 data
= c
->file
.mmap
.start
+ c
->offset
;
1157 if (weHave
> 65536) weHave
= 65536;
1158 data
= malloc(weHave
);
1160 if (-1 == lseek(c
->file
.fd
, c
->file
.start
+ c
->offset
, SEEK_SET
)
1161 || 0 > (rd
= read(c
->file
.fd
, data
, weHave
))) {
1162 log_error_write(srv
, __FILE__
, __LINE__
, "ssbd", "lseek/read failed: ",
1163 strerror(errno
), c
->file
.name
, c
->file
.fd
);
1167 weHave
= (size_t)rd
;
1171 if (XML_ERR_OK
!= (err
= xmlParseChunk(ctxt
, data
, weHave
, 0))) {
1172 log_error_write(srv
, __FILE__
, __LINE__
, "sodd", "xmlParseChunk failed at:", cq
->bytes_out
, weHave
, err
);
1175 chunkqueue_mark_written(cq
, weHave
);
1177 if (!mapped
) free(data
);
1180 /* append to the buffer */
1181 weHave
= buffer_string_length(c
->mem
) - c
->offset
;
1183 if (weHave
> weWant
) weHave
= weWant
;
1185 if (hctx
->conf
.log_xml
) {
1186 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "XML-request-body:", c
->mem
->ptr
+ c
->offset
);
1189 if (XML_ERR_OK
!= (err
= xmlParseChunk(ctxt
, c
->mem
->ptr
+ c
->offset
, weHave
, 0))) {
1190 log_error_write(srv
, __FILE__
, __LINE__
, "sodd", "xmlParseChunk failed at:", cq
->bytes_out
, weHave
, err
);
1193 chunkqueue_mark_written(cq
, weHave
);
1199 switch ((err
= xmlParseChunk(ctxt
, 0, 0, 1))) {
1200 case XML_ERR_DOCUMENT_END
:
1204 log_error_write(srv
, __FILE__
, __LINE__
, "sd", "xmlParseChunk failed at final packet:", err
);
1209 res
= ctxt
->wellFormed
;
1210 xmlFreeParserCtxt(ctxt
);
1223 static int webdav_lockdiscovery(server
*srv
, connection
*con
,
1224 buffer
*locktoken
, const char *lockscope
, const char *locktype
, int depth
) {
1226 buffer
*b
= buffer_init();
1228 response_header_overwrite(srv
, con
, CONST_STR_LEN("Lock-Token"), CONST_BUF_LEN(locktoken
));
1230 response_header_overwrite(srv
, con
,
1231 CONST_STR_LEN("Content-Type"),
1232 CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1234 buffer_copy_string_len(b
, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1236 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1237 buffer_append_string_len(b
,CONST_STR_LEN("<D:lockdiscovery>\n"));
1238 webdav_activelock(b
, locktoken
, lockscope
, locktype
, depth
, 600);
1239 buffer_append_string_len(b
,CONST_STR_LEN("</D:lockdiscovery>\n"));
1240 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1242 chunkqueue_append_buffer(con
->write_queue
, b
);
1250 * check if resource is having the right locks to access to resource
1255 static int webdav_has_lock(server
*srv
, connection
*con
, handler_ctx
*hctx
, buffer
*uri
) {
1263 * This implementation is more fake than real
1264 * we need a parser for the If: header to really handle the full scope
1266 * X-Litmus: locks: 11 (owner_modify)
1267 * If: <http://127.0.0.1:1025/dav/litmus/lockme> (<opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1>)
1269 * if http://127.0.0.1:1025/dav/litmus/lockme is locked with
1270 * opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1, go on
1272 * X-Litmus: locks: 16 (fail_cond_put)
1273 * If: (<DAV:no-lock> ["-1622396671"])
1275 * go on if the resource has the etag [...] and the lock
1277 if (NULL
!= (ds
= (data_string
*)array_get_element(con
->request
.headers
, "If"))) {
1278 /* Ooh, ooh. A if tag, now the fun begins.
1280 * this can only work with a real parser
1283 /* we didn't provided a lock-token -> */
1284 /* if the resource is locked -> 423 */
1286 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_read_lock_by_uri
;
1288 sqlite3_reset(stmt
);
1290 sqlite3_bind_text(stmt
, 1,
1294 while (SQLITE_ROW
== sqlite3_step(stmt
)) {
1309 SUBREQUEST_FUNC(mod_webdav_subrequest_handler_huge
) {
1310 plugin_data
*p
= p_d
;
1311 handler_ctx
*hctx
= con
->plugin_ctx
[p
->id
];
1315 int depth
= -1; /* (Depth: infinity) */
1319 webdav_properties
*req_props
;
1320 stat_cache_entry
*sce
= NULL
;
1324 if (NULL
== hctx
) return HANDLER_GO_ON
;
1325 if (!hctx
->conf
.enabled
) return HANDLER_GO_ON
;
1326 /* physical path is setup */
1327 if (buffer_is_empty(con
->physical
.path
)) return HANDLER_GO_ON
;
1329 /* PROPFIND need them */
1330 if (NULL
!= (ds
= (data_string
*)array_get_element(con
->request
.headers
, "Depth")) && 1 == buffer_string_length(ds
->value
)) {
1331 if ('0' == *ds
->value
->ptr
) {
1333 } else if ('1' == *ds
->value
->ptr
) {
1336 } /* else treat as Depth: infinity */
1338 switch (con
->request
.http_method
) {
1339 case HTTP_METHOD_PROPFIND
:
1340 /* they want to know the properties of the directory */
1343 /* is there a content-body ? */
1345 switch (stat_cache_get_entry(srv
, con
, con
->physical
.path
, &sce
)) {
1347 if (errno
== ENOENT
) {
1348 con
->http_status
= 404;
1349 return HANDLER_FINISHED
;
1356 if (S_ISDIR(sce
->st
.st_mode
) && con
->physical
.path
->ptr
[buffer_string_length(con
->physical
.path
)-1] != '/') {
1357 http_response_redirect_to_directory(srv
, con
);
1358 return HANDLER_FINISHED
;
1361 #ifdef USE_PROPPATCH
1362 /* any special requests or just allprop ? */
1363 if (con
->request
.content_length
) {
1366 if (con
->state
== CON_STATE_READ_POST
) {
1367 handler_t r
= connection_handle_read_post_state(srv
, con
);
1368 if (r
!= HANDLER_GO_ON
) return r
;
1371 if (1 == webdav_parse_chunkqueue(srv
, con
, hctx
, con
->request_content_queue
, &xml
)) {
1372 xmlNode
*rootnode
= xmlDocGetRootElement(xml
);
1374 force_assert(rootnode
);
1376 if (0 == xmlStrcmp(rootnode
->name
, BAD_CAST
"propfind")) {
1379 req_props
= calloc(1, sizeof(*req_props
));
1381 for (cmd
= rootnode
->children
; cmd
; cmd
= cmd
->next
) {
1383 if (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"prop")) {
1384 /* get prop by name */
1387 for (prop
= cmd
->children
; prop
; prop
= prop
->next
) {
1388 if (prop
->type
== XML_TEXT_NODE
) continue; /* ignore WS */
1391 (0 == xmlStrcmp(prop
->ns
->href
, BAD_CAST
"")) &&
1392 (0 != xmlStrcmp(prop
->ns
->prefix
, BAD_CAST
""))) {
1394 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
1395 "no name space for:",
1400 for (i
= 0; i
< req_props
->used
; i
++) {
1401 free(req_props
->ptr
[i
]->ns
);
1402 free(req_props
->ptr
[i
]->prop
);
1403 free(req_props
->ptr
[i
]);
1405 free(req_props
->ptr
);
1408 con
->http_status
= 400;
1409 return HANDLER_FINISHED
;
1412 /* add property to requested list */
1413 if (req_props
->size
== 0) {
1414 req_props
->size
= 16;
1415 req_props
->ptr
= malloc(sizeof(*(req_props
->ptr
)) * req_props
->size
);
1416 } else if (req_props
->used
== req_props
->size
) {
1417 req_props
->size
+= 16;
1418 req_props
->ptr
= realloc(req_props
->ptr
, sizeof(*(req_props
->ptr
)) * req_props
->size
);
1421 req_props
->ptr
[req_props
->used
] = malloc(sizeof(webdav_property
));
1422 req_props
->ptr
[req_props
->used
]->ns
= (char *)xmlStrdup(prop
->ns
? prop
->ns
->href
: (xmlChar
*)"");
1423 req_props
->ptr
[req_props
->used
]->prop
= (char *)xmlStrdup(prop
->name
);
1426 } else if (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"propname")) {
1427 sqlite3_stmt
*stmt
= p
->conf
.stmt_select_propnames
;
1430 /* get all property names (EMPTY) */
1431 sqlite3_reset(stmt
);
1432 /* bind the values to the insert */
1434 sqlite3_bind_text(stmt
, 1,
1435 CONST_BUF_LEN(con
->uri
.path
),
1438 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
1441 } else if (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"allprop")) {
1442 /* get all properties (EMPTY) */
1449 con
->http_status
= 400;
1450 return HANDLER_FINISHED
;
1454 con
->http_status
= 207;
1456 response_header_overwrite(srv
, con
, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1460 buffer_copy_string_len(b
, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1462 buffer_append_string_len(b
,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1466 prop_200
= buffer_init();
1467 prop_404
= buffer_init();
1470 /* Depth: 0 or Depth: 1 */
1471 webdav_get_props(srv
, con
, hctx
, &(con
->physical
), req_props
, prop_200
, prop_404
);
1473 buffer_append_string_len(b
,CONST_STR_LEN("<D:response>\n"));
1474 buffer_append_string_len(b
,CONST_STR_LEN("<D:href>"));
1475 buffer_append_string_buffer(b
, con
->uri
.scheme
);
1476 buffer_append_string_len(b
,CONST_STR_LEN("://"));
1477 buffer_append_string_buffer(b
, con
->uri
.authority
);
1478 buffer_append_string_encoded(b
, CONST_BUF_LEN(con
->uri
.path
), ENCODING_REL_URI
);
1479 buffer_append_string_len(b
,CONST_STR_LEN("</D:href>\n"));
1481 if (!buffer_string_is_empty(prop_200
)) {
1482 buffer_append_string_len(b
,CONST_STR_LEN("<D:propstat>\n"));
1483 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop>\n"));
1485 buffer_append_string_buffer(b
, prop_200
);
1487 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1489 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1491 buffer_append_string_len(b
,CONST_STR_LEN("</D:propstat>\n"));
1493 if (!buffer_string_is_empty(prop_404
)) {
1494 buffer_append_string_len(b
,CONST_STR_LEN("<D:propstat>\n"));
1495 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop>\n"));
1497 buffer_append_string_buffer(b
, prop_404
);
1499 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1501 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1503 buffer_append_string_len(b
,CONST_STR_LEN("</D:propstat>\n"));
1506 buffer_append_string_len(b
,CONST_STR_LEN("</D:response>\n"));
1511 if (NULL
!= (dir
= opendir(con
->physical
.path
->ptr
))) {
1514 physical
*dst
= &(con
->physical
);
1516 d
.path
= buffer_init();
1517 d
.rel_path
= buffer_init();
1519 while(NULL
!= (de
= readdir(dir
))) {
1520 if (de
->d_name
[0] == '.' && (de
->d_name
[1] == '\0' || (de
->d_name
[1] == '.' && de
->d_name
[2] == '\0'))) {
1522 /* ignore the parent and target dir */
1525 buffer_copy_buffer(d
.path
, dst
->path
);
1526 buffer_append_slash(d
.path
);
1528 buffer_copy_buffer(d
.rel_path
, dst
->rel_path
);
1529 buffer_append_slash(d
.rel_path
);
1531 buffer_append_string(d
.path
, de
->d_name
);
1532 buffer_append_string(d
.rel_path
, de
->d_name
);
1534 buffer_reset(prop_200
);
1535 buffer_reset(prop_404
);
1537 webdav_get_props(srv
, con
, hctx
, &d
, req_props
, prop_200
, prop_404
);
1539 buffer_append_string_len(b
,CONST_STR_LEN("<D:response>\n"));
1540 buffer_append_string_len(b
,CONST_STR_LEN("<D:href>"));
1541 buffer_append_string_buffer(b
, con
->uri
.scheme
);
1542 buffer_append_string_len(b
,CONST_STR_LEN("://"));
1543 buffer_append_string_buffer(b
, con
->uri
.authority
);
1544 buffer_append_string_encoded(b
, CONST_BUF_LEN(d
.rel_path
), ENCODING_REL_URI
);
1545 if (0 == stat(d
.path
->ptr
, &st
) && S_ISDIR(st
.st_mode
)) {
1546 /* Append a '/' on subdirectories */
1547 buffer_append_string_len(b
,CONST_STR_LEN("/"));
1549 buffer_append_string_len(b
,CONST_STR_LEN("</D:href>\n"));
1551 if (!buffer_string_is_empty(prop_200
)) {
1552 buffer_append_string_len(b
,CONST_STR_LEN("<D:propstat>\n"));
1553 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop>\n"));
1555 buffer_append_string_buffer(b
, prop_200
);
1557 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1559 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1561 buffer_append_string_len(b
,CONST_STR_LEN("</D:propstat>\n"));
1563 if (!buffer_string_is_empty(prop_404
)) {
1564 buffer_append_string_len(b
,CONST_STR_LEN("<D:propstat>\n"));
1565 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop>\n"));
1567 buffer_append_string_buffer(b
, prop_404
);
1569 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1571 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1573 buffer_append_string_len(b
,CONST_STR_LEN("</D:propstat>\n"));
1576 buffer_append_string_len(b
,CONST_STR_LEN("</D:response>\n"));
1579 buffer_free(d
.path
);
1580 buffer_free(d
.rel_path
);
1587 for (i
= 0; i
< req_props
->used
; i
++) {
1588 free(req_props
->ptr
[i
]->ns
);
1589 free(req_props
->ptr
[i
]->prop
);
1590 free(req_props
->ptr
[i
]);
1592 free(req_props
->ptr
);
1596 buffer_free(prop_200
);
1597 buffer_free(prop_404
);
1599 buffer_append_string_len(b
,CONST_STR_LEN("</D:multistatus>\n"));
1601 if (p
->conf
.log_xml
) {
1602 log_error_write(srv
, __FILE__
, __LINE__
, "sb", "XML-response-body:", b
);
1605 chunkqueue_append_buffer(con
->write_queue
, b
);
1608 con
->file_finished
= 1;
1610 return HANDLER_FINISHED
;
1611 case HTTP_METHOD_MKCOL
:
1612 if (p
->conf
.is_readonly
) {
1613 con
->http_status
= 403;
1614 return HANDLER_FINISHED
;
1617 if (con
->request
.content_length
!= 0) {
1618 /* we don't support MKCOL with a body */
1619 con
->http_status
= 415;
1621 return HANDLER_FINISHED
;
1624 /* let's create the directory */
1626 if (-1 == mkdir(con
->physical
.path
->ptr
, WEBDAV_DIR_MODE
)) {
1629 con
->http_status
= 403;
1633 con
->http_status
= 409;
1637 con
->http_status
= 405; /* not allowed */
1641 con
->http_status
= 201;
1642 con
->file_finished
= 1;
1645 return HANDLER_FINISHED
;
1646 case HTTP_METHOD_DELETE
:
1647 if (p
->conf
.is_readonly
) {
1648 con
->http_status
= 403;
1649 return HANDLER_FINISHED
;
1652 /* does the client have a lock for this connection ? */
1653 if (!webdav_has_lock(srv
, con
, hctx
, con
->uri
.path
)) {
1654 con
->http_status
= 423;
1655 return HANDLER_FINISHED
;
1658 /* stat and unlink afterwards */
1659 if (-1 == stat(con
->physical
.path
->ptr
, &st
)) {
1660 /* don't about it yet, unlink will fail too */
1663 con
->http_status
= 404;
1666 con
->http_status
= 403;
1669 } else if (S_ISDIR(st
.st_mode
)) {
1670 buffer
*multi_status_resp
;
1672 if (con
->physical
.path
->ptr
[buffer_string_length(con
->physical
.path
)-1] != '/') {
1673 http_response_redirect_to_directory(srv
, con
);
1674 return HANDLER_FINISHED
;
1677 multi_status_resp
= buffer_init();
1679 if (webdav_delete_dir(srv
, con
, hctx
, &(con
->physical
), multi_status_resp
)) {
1680 /* we got an error somewhere in between, build a 207 */
1681 response_header_overwrite(srv
, con
, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1685 buffer_copy_string_len(b
, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1687 buffer_append_string_len(b
,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\">\n"));
1689 buffer_append_string_buffer(b
, multi_status_resp
);
1691 buffer_append_string_len(b
,CONST_STR_LEN("</D:multistatus>\n"));
1693 if (p
->conf
.log_xml
) {
1694 log_error_write(srv
, __FILE__
, __LINE__
, "sb", "XML-response-body:", b
);
1697 chunkqueue_append_buffer(con
->write_queue
, b
);
1700 con
->http_status
= 207;
1701 con
->file_finished
= 1;
1703 /* everything went fine, remove the directory */
1705 if (-1 == rmdir(con
->physical
.path
->ptr
)) {
1708 con
->http_status
= 403;
1711 con
->http_status
= 404;
1714 con
->http_status
= 501;
1718 con
->http_status
= 204;
1722 buffer_free(multi_status_resp
);
1723 } else if (-1 == unlink(con
->physical
.path
->ptr
)) {
1726 con
->http_status
= 403;
1729 con
->http_status
= 404;
1732 con
->http_status
= 501;
1736 con
->http_status
= 204;
1738 return HANDLER_FINISHED
;
1739 case HTTP_METHOD_PUT
: {
1741 chunkqueue
*cq
= con
->request_content_queue
;
1743 data_string
*ds_range
;
1745 if (p
->conf
.is_readonly
) {
1746 con
->http_status
= 403;
1747 return HANDLER_FINISHED
;
1750 /* is a exclusive lock set on the source */
1751 /* (check for lock once before potentially reading large input) */
1752 if (0 == cq
->bytes_in
&& !webdav_has_lock(srv
, con
, hctx
, con
->uri
.path
)) {
1753 con
->http_status
= 423;
1754 return HANDLER_FINISHED
;
1757 if (con
->state
== CON_STATE_READ_POST
) {
1758 handler_t r
= connection_handle_read_post_state(srv
, con
);
1759 if (r
!= HANDLER_GO_ON
) return r
;
1762 /* RFC2616 Section 9.6 PUT requires us to send 501 on all Content-* we don't support
1763 * - most important Content-Range
1766 * Example: Content-Range: bytes 100-1037/1038 */
1768 if (NULL
!= (ds_range
= (data_string
*)array_get_element(con
->request
.headers
, "Content-Range"))) {
1769 const char *num
= ds_range
->value
->ptr
;
1773 if (0 != strncmp(num
, "bytes ", 6)) {
1774 con
->http_status
= 501; /* not implemented */
1776 return HANDLER_FINISHED
;
1779 /* we only support <num>- ... */
1784 while (*num
== ' ' || *num
== '\t') num
++;
1787 con
->http_status
= 501; /* not implemented */
1789 return HANDLER_FINISHED
;
1792 offset
= strtoll(num
, &err
, 10);
1794 if (*err
!= '-' || offset
< 0) {
1795 con
->http_status
= 501; /* not implemented */
1797 return HANDLER_FINISHED
;
1800 if (-1 == (fd
= open(con
->physical
.path
->ptr
, O_WRONLY
, WEBDAV_FILE_MODE
))) {
1803 con
->http_status
= 404; /* not found */
1806 con
->http_status
= 403; /* not found */
1809 return HANDLER_FINISHED
;
1812 if (-1 == lseek(fd
, offset
, SEEK_SET
)) {
1813 con
->http_status
= 501; /* not implemented */
1817 return HANDLER_FINISHED
;
1819 con
->http_status
= 200; /* modified */
1821 /* take what we have in the request-body and write it to a file */
1823 /* if the file doesn't exist, create it */
1824 if (-1 == (fd
= open(con
->physical
.path
->ptr
, O_WRONLY
|O_TRUNC
, WEBDAV_FILE_MODE
))) {
1825 if (errno
!= ENOENT
||
1826 -1 == (fd
= open(con
->physical
.path
->ptr
, O_WRONLY
|O_CREAT
|O_TRUNC
|O_EXCL
, WEBDAV_FILE_MODE
))) {
1827 /* we can't open the file */
1828 con
->http_status
= 403;
1830 return HANDLER_FINISHED
;
1832 con
->http_status
= 201; /* created */
1835 con
->http_status
= 200; /* modified */
1839 con
->file_finished
= 1;
1841 for (c
= cq
->first
; c
; c
= cq
->first
) {
1847 /* copy all chunks */
1851 mapped
= (c
->file
.mmap
.start
!= MAP_FAILED
);
1852 dlen
= c
->file
.length
- c
->offset
;
1854 data
= c
->file
.mmap
.start
+ c
->offset
;
1856 if (-1 == c
->file
.fd
&& /* open the file if not already open */
1857 -1 == (c
->file
.fd
= open(c
->file
.name
->ptr
, O_RDONLY
))) {
1858 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "open failed: ", strerror(errno
));
1860 return HANDLER_ERROR
;
1863 if (MAP_FAILED
!= (c
->file
.mmap
.start
= mmap(NULL
, c
->file
.length
, PROT_READ
, MAP_PRIVATE
, c
->file
.fd
, 0))) {
1864 /* chunk_reset() or chunk_free() will cleanup for us */
1865 c
->file
.mmap
.length
= c
->file
.length
;
1866 data
= c
->file
.mmap
.start
+ c
->offset
;
1870 if (dlen
> 65536) dlen
= 65536;
1871 data
= malloc(dlen
);
1873 if (-1 == lseek(c
->file
.fd
, c
->file
.start
+ c
->offset
, SEEK_SET
)
1874 || 0 > (rd
= read(c
->file
.fd
, data
, dlen
))) {
1875 log_error_write(srv
, __FILE__
, __LINE__
, "ssbd", "lseek/read failed: ",
1876 strerror(errno
), c
->file
.name
, c
->file
.fd
);
1879 return HANDLER_ERROR
;
1886 if ((r
= write(fd
, data
, dlen
)) < 0) {
1889 con
->http_status
= 507;
1893 con
->http_status
= 403;
1898 if (!mapped
) free(data
);
1901 if ((r
= write(fd
, c
->mem
->ptr
+ c
->offset
, buffer_string_length(c
->mem
) - c
->offset
)) < 0) {
1904 con
->http_status
= 507;
1908 con
->http_status
= 403;
1916 chunkqueue_mark_written(cq
, r
);
1921 if (0 != close(fd
)) {
1922 log_error_write(srv
, __FILE__
, __LINE__
, "sbss",
1923 "close ", con
->physical
.path
, "failed: ", strerror(errno
));
1924 return HANDLER_ERROR
;
1927 return HANDLER_FINISHED
;
1929 case HTTP_METHOD_MOVE
:
1930 case HTTP_METHOD_COPY
: {
1931 buffer
*destination
= NULL
;
1932 char *sep
, *sep2
, *start
;
1935 if (p
->conf
.is_readonly
) {
1936 con
->http_status
= 403;
1937 return HANDLER_FINISHED
;
1940 /* is a exclusive lock set on the source */
1941 if (con
->request
.http_method
== HTTP_METHOD_MOVE
) {
1942 if (!webdav_has_lock(srv
, con
, hctx
, con
->uri
.path
)) {
1943 con
->http_status
= 423;
1944 return HANDLER_FINISHED
;
1948 if (NULL
!= (ds
= (data_string
*)array_get_element(con
->request
.headers
, "Destination"))) {
1949 destination
= ds
->value
;
1951 con
->http_status
= 400;
1952 return HANDLER_FINISHED
;
1955 if (NULL
!= (ds
= (data_string
*)array_get_element(con
->request
.headers
, "Overwrite"))) {
1956 if (buffer_string_length(ds
->value
) != 1 ||
1957 (ds
->value
->ptr
[0] != 'F' &&
1958 ds
->value
->ptr
[0] != 'T') ) {
1959 con
->http_status
= 400;
1960 return HANDLER_FINISHED
;
1962 overwrite
= (ds
->value
->ptr
[0] == 'F' ? 0 : 1);
1964 /* let's parse the Destination
1966 * http://127.0.0.1:1025/dav/litmus/copydest
1968 * - host has to be the same as the Host: header we got
1969 * - we have to stay inside the document root
1970 * - the query string is thrown away
1973 buffer_reset(p
->uri
.scheme
);
1974 buffer_reset(p
->uri
.path_raw
);
1975 buffer_reset(p
->uri
.authority
);
1977 start
= destination
->ptr
;
1979 if (NULL
== (sep
= strstr(start
, "://"))) {
1980 con
->http_status
= 400;
1981 return HANDLER_FINISHED
;
1983 buffer_copy_string_len(p
->uri
.scheme
, start
, sep
- start
);
1987 if (NULL
== (sep
= strchr(start
, '/'))) {
1988 con
->http_status
= 400;
1989 return HANDLER_FINISHED
;
1991 if (NULL
!= (sep2
= memchr(start
, '@', sep
- start
))) {
1992 /* skip login information */
1995 buffer_copy_string_len(p
->uri
.authority
, start
, sep
- start
);
1999 if (NULL
== (sep
= strchr(start
, '?'))) {
2000 /* no query string, good */
2001 buffer_copy_string(p
->uri
.path_raw
, start
);
2003 buffer_copy_string_len(p
->uri
.path_raw
, start
, sep
- start
);
2006 if (!buffer_is_equal(p
->uri
.authority
, con
->uri
.authority
)) {
2007 /* not the same host */
2008 con
->http_status
= 502;
2009 return HANDLER_FINISHED
;
2012 buffer_copy_buffer(p
->tmp_buf
, p
->uri
.path_raw
);
2013 buffer_urldecode_path(p
->tmp_buf
);
2014 buffer_path_simplify(p
->uri
.path
, p
->tmp_buf
);
2016 /* we now have a URI which is clean. transform it into a physical path */
2017 buffer_copy_buffer(p
->physical
.doc_root
, con
->physical
.doc_root
);
2018 buffer_copy_buffer(p
->physical
.rel_path
, p
->uri
.path
);
2020 if (con
->conf
.force_lowercase_filenames
) {
2021 buffer_to_lower(p
->physical
.rel_path
);
2024 /* Destination physical path
2025 * src con->physical.path might have been remapped with mod_alias.
2026 * (but mod_alias does not modify con->physical.rel_path)
2027 * Find matching prefix to support use of mod_alias to remap webdav root.
2028 * Aliasing of paths underneath the webdav root might not work.
2029 * Likewise, mod_rewrite URL rewriting might thwart this comparison.
2030 * Use mod_redirect instead of mod_alias to remap paths *under* webdav root.
2031 * Use mod_redirect instead of mod_rewrite on *any* parts of path to webdav.
2032 * (Related, use mod_auth to protect webdav root, but avoid attempting to
2033 * use mod_auth on paths underneath webdav root, as Destination is not
2034 * validated with mod_auth)
2036 * tl;dr: webdav paths and webdav properties are managed by mod_webdav,
2037 * so do not modify paths externally or else undefined behavior
2038 * or corruption may occur
2041 /* find matching URI prefix
2042 * check if remaining con->physical.rel_path matches suffix
2043 * of con->physical.basedir so that we can use it to
2044 * remap Destination physical path */
2046 sep
= con
->uri
.path
->ptr
;
2047 sep2
= p
->uri
.path
->ptr
;
2048 for (i
= 0; sep
[i
] && sep
[i
] == sep2
[i
]; ++i
) ;
2049 if (sep
[i
] == '\0' && (sep2
[i
] == '\0' || sep2
[i
] == '/' || (i
> 0 && sep
[i
-1] == '/'))) {
2050 /* src and dst URI match or dst is nested inside src; invalid COPY or MOVE */
2051 con
->http_status
= 403;
2052 return HANDLER_FINISHED
;
2054 while (i
!= 0 && sep
[--i
] != '/') ; /* find matching directory path */
2055 remain
= buffer_string_length(con
->uri
.path
) - i
;
2056 if (!con
->conf
.force_lowercase_filenames
2057 ? buffer_is_equal_right_len(con
->physical
.path
, con
->physical
.rel_path
, remain
)
2058 :(buffer_string_length(con
->physical
.path
) >= remain
2059 && 0 == strncasecmp(con
->physical
.path
->ptr
+buffer_string_length(con
->physical
.path
)-remain
, con
->physical
.rel_path
->ptr
+i
, remain
))) {
2060 /* (at this point, p->physical.rel_path is identical to (or lowercased version of) p->uri.path) */
2061 buffer_copy_string_len(p
->physical
.path
, con
->physical
.path
->ptr
, buffer_string_length(con
->physical
.path
)-remain
);
2062 buffer_append_string_len(p
->physical
.path
, p
->physical
.rel_path
->ptr
+i
, buffer_string_length(p
->physical
.rel_path
)-i
);
2064 buffer_copy_buffer(p
->physical
.basedir
, con
->physical
.basedir
);
2065 buffer_append_slash(p
->physical
.basedir
);
2067 /* unable to perform physical path remap here;
2068 * assume doc_root/rel_path and no remapping */
2069 buffer_copy_buffer(p
->physical
.path
, p
->physical
.doc_root
);
2070 buffer_append_slash(p
->physical
.path
);
2071 buffer_copy_buffer(p
->physical
.basedir
, p
->physical
.path
);
2073 /* don't add a second / */
2074 if (p
->physical
.rel_path
->ptr
[0] == '/') {
2075 buffer_append_string_len(p
->physical
.path
, p
->physical
.rel_path
->ptr
+ 1, buffer_string_length(p
->physical
.rel_path
) - 1);
2077 buffer_append_string_buffer(p
->physical
.path
, p
->physical
.rel_path
);
2082 /* let's see if the source is a directory
2083 * if yes, we fail with 501 */
2085 if (-1 == stat(con
->physical
.path
->ptr
, &st
)) {
2086 /* don't about it yet, unlink will fail too */
2089 con
->http_status
= 404;
2092 con
->http_status
= 403;
2095 } else if (S_ISDIR(st
.st_mode
)) {
2098 /* src is a directory */
2100 if (con
->physical
.path
->ptr
[buffer_string_length(con
->physical
.path
)-1] != '/') {
2101 http_response_redirect_to_directory(srv
, con
);
2102 return HANDLER_FINISHED
;
2105 if (-1 == stat(p
->physical
.path
->ptr
, &st
)) {
2106 if (-1 == mkdir(p
->physical
.path
->ptr
, WEBDAV_DIR_MODE
)) {
2107 con
->http_status
= 403;
2108 return HANDLER_FINISHED
;
2111 } else if (!S_ISDIR(st
.st_mode
)) {
2112 if (overwrite
== 0) {
2113 /* copying into a non-dir ? */
2114 con
->http_status
= 409;
2115 return HANDLER_FINISHED
;
2117 unlink(p
->physical
.path
->ptr
);
2118 if (-1 == mkdir(p
->physical
.path
->ptr
, WEBDAV_DIR_MODE
)) {
2119 con
->http_status
= 403;
2120 return HANDLER_FINISHED
;
2126 /* copy the content of src to dest */
2127 if (0 != (r
= webdav_copy_dir(srv
, con
, hctx
, &(con
->physical
), &(p
->physical
), overwrite
))) {
2128 con
->http_status
= r
;
2129 return HANDLER_FINISHED
;
2131 if (con
->request
.http_method
== HTTP_METHOD_MOVE
) {
2133 webdav_delete_dir(srv
, con
, hctx
, &(con
->physical
), b
); /* content */
2136 rmdir(con
->physical
.path
->ptr
);
2138 con
->http_status
= created
? 201 : 204;
2139 con
->file_finished
= 1;
2141 /* it is just a file, good */
2145 /* does the client have a lock for this connection ? */
2146 if (!webdav_has_lock(srv
, con
, hctx
, p
->uri
.path
)) {
2147 con
->http_status
= 423;
2148 return HANDLER_FINISHED
;
2151 /* destination exists */
2152 if (0 == (r
= stat(p
->physical
.path
->ptr
, &st
))) {
2153 if (S_ISDIR(st
.st_mode
)) {
2155 * append basename to physical path */
2158 if (NULL
!= (sep
= strrchr(con
->physical
.path
->ptr
, '/'))) {
2159 buffer_append_string(p
->physical
.path
, sep
);
2160 r
= stat(p
->physical
.path
->ptr
, &st
);
2166 con
->http_status
= destdir
? 204 : 201; /* we will create a new one */
2167 con
->file_finished
= 1;
2171 con
->http_status
= 409;
2172 return HANDLER_FINISHED
;
2174 } else if (overwrite
== 0) {
2175 /* destination exists, but overwrite is not set */
2176 con
->http_status
= 412;
2177 return HANDLER_FINISHED
;
2179 con
->http_status
= 204; /* resource already existed */
2182 if (con
->request
.http_method
== HTTP_METHOD_MOVE
) {
2185 if (0 == rename(con
->physical
.path
->ptr
, p
->physical
.path
->ptr
)) {
2186 #ifdef USE_PROPPATCH
2189 stmt
= p
->conf
.stmt_move_uri
;
2192 sqlite3_reset(stmt
);
2194 /* bind the values to the insert */
2195 sqlite3_bind_text(stmt
, 1,
2196 CONST_BUF_LEN(p
->uri
.path
),
2199 sqlite3_bind_text(stmt
, 2,
2200 CONST_BUF_LEN(con
->uri
.path
),
2203 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
2204 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sql-move failed:", sqlite3_errmsg(p
->conf
.sql
));
2208 return HANDLER_FINISHED
;
2211 /* rename failed, fall back to COPY + DELETE */
2214 if (0 != (r
= webdav_copy_file(srv
, con
, hctx
, &(con
->physical
), &(p
->physical
), overwrite
))) {
2215 con
->http_status
= r
;
2217 return HANDLER_FINISHED
;
2220 if (con
->request
.http_method
== HTTP_METHOD_MOVE
) {
2222 webdav_delete_file(srv
, con
, hctx
, &(con
->physical
), b
);
2227 return HANDLER_FINISHED
;
2229 case HTTP_METHOD_PROPPATCH
:
2230 if (p
->conf
.is_readonly
) {
2231 con
->http_status
= 403;
2232 return HANDLER_FINISHED
;
2235 if (!webdav_has_lock(srv
, con
, hctx
, con
->uri
.path
)) {
2236 con
->http_status
= 423;
2237 return HANDLER_FINISHED
;
2240 /* check if destination exists */
2241 if (-1 == stat(con
->physical
.path
->ptr
, &st
)) {
2244 con
->http_status
= 404;
2249 if (S_ISDIR(st
.st_mode
) && con
->physical
.path
->ptr
[buffer_string_length(con
->physical
.path
)-1] != '/') {
2250 http_response_redirect_to_directory(srv
, con
);
2251 return HANDLER_FINISHED
;
2254 #ifdef USE_PROPPATCH
2255 if (con
->request
.content_length
) {
2258 if (con
->state
== CON_STATE_READ_POST
) {
2259 handler_t r
= connection_handle_read_post_state(srv
, con
);
2260 if (r
!= HANDLER_GO_ON
) return r
;
2263 if (1 == webdav_parse_chunkqueue(srv
, con
, hctx
, con
->request_content_queue
, &xml
)) {
2264 xmlNode
*rootnode
= xmlDocGetRootElement(xml
);
2266 if (0 == xmlStrcmp(rootnode
->name
, BAD_CAST
"propertyupdate")) {
2269 int empty_ns
= 0; /* send 400 on a empty namespace attribute */
2271 /* start response */
2273 if (SQLITE_OK
!= sqlite3_exec(p
->conf
.sql
, "BEGIN TRANSACTION", NULL
, NULL
, &err
)) {
2274 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't open transaction:", err
);
2277 goto propmatch_cleanup
;
2280 /* a UPDATE request, we know 'set' and 'remove' */
2281 for (cmd
= rootnode
->children
; cmd
; cmd
= cmd
->next
) {
2283 /* either set or remove */
2285 if ((0 == xmlStrcmp(cmd
->name
, BAD_CAST
"set")) ||
2286 (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"remove"))) {
2290 stmt
= (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"remove")) ?
2291 p
->conf
.stmt_delete_prop
: p
->conf
.stmt_update_prop
;
2293 for (props
= cmd
->children
; props
; props
= props
->next
) {
2294 if (0 == xmlStrcmp(props
->name
, BAD_CAST
"prop")) {
2296 char *propval
= NULL
;
2299 prop
= props
->children
;
2302 (0 == xmlStrcmp(prop
->ns
->href
, BAD_CAST
"")) &&
2303 (0 != xmlStrcmp(prop
->ns
->prefix
, BAD_CAST
""))) {
2304 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2305 "no name space for:",
2312 sqlite3_reset(stmt
);
2314 /* bind the values to the insert */
2316 sqlite3_bind_text(stmt
, 1,
2317 CONST_BUF_LEN(con
->uri
.path
),
2319 sqlite3_bind_text(stmt
, 2,
2321 strlen((char *)prop
->name
),
2324 sqlite3_bind_text(stmt
, 3,
2325 (char *)prop
->ns
->href
,
2326 strlen((char *)prop
->ns
->href
),
2329 sqlite3_bind_text(stmt
, 3,
2334 if (stmt
== p
->conf
.stmt_update_prop
) {
2335 propval
= prop
->children
2336 ? (char *)xmlNodeListGetString(xml
, prop
->children
, 0)
2339 sqlite3_bind_text(stmt
, 4,
2340 propval
? propval
: "",
2341 propval
? strlen(propval
) : 0,
2345 if (SQLITE_DONE
!= (r
= sqlite3_step(stmt
))) {
2346 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2347 "sql-set failed:", sqlite3_errmsg(p
->conf
.sql
));
2350 if (propval
) xmlFree(propval
);
2353 if (empty_ns
) break;
2358 if (SQLITE_OK
!= sqlite3_exec(p
->conf
.sql
, "ROLLBACK", NULL
, NULL
, &err
)) {
2359 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't rollback transaction:", err
);
2362 goto propmatch_cleanup
;
2365 con
->http_status
= 400;
2367 if (SQLITE_OK
!= sqlite3_exec(p
->conf
.sql
, "COMMIT", NULL
, NULL
, &err
)) {
2368 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't commit transaction:", err
);
2371 goto propmatch_cleanup
;
2373 con
->http_status
= 200;
2375 con
->file_finished
= 1;
2378 return HANDLER_FINISHED
;
2385 con
->http_status
= 400;
2386 return HANDLER_FINISHED
;
2390 con
->http_status
= 501;
2391 return HANDLER_FINISHED
;
2392 case HTTP_METHOD_LOCK
:
2394 * a mac wants to write
2396 * LOCK /dav/expire.txt HTTP/1.1\r\n
2397 * User-Agent: WebDAVFS/1.3 (01308000) Darwin/8.1.0 (Power Macintosh)\r\n
2400 * Timeout: Second-600\r\n
2401 * Content-Type: text/xml; charset=\"utf-8\"\r\n
2402 * Content-Length: 229\r\n
2403 * Connection: keep-alive\r\n
2404 * Host: 192.168.178.23:1025\r\n
2406 * <?xml version=\"1.0\" encoding=\"utf-8\"?>\n
2407 * <D:lockinfo xmlns:D=\"DAV:\">\n
2408 * <D:lockscope><D:exclusive/></D:lockscope>\n
2409 * <D:locktype><D:write/></D:locktype>\n
2411 * <D:href>http://www.apple.com/webdav_fs/</D:href>\n
2416 if (depth
!= 0 && depth
!= -1) {
2417 con
->http_status
= 400;
2419 return HANDLER_FINISHED
;
2423 if (con
->request
.content_length
) {
2425 buffer
*hdr_if
= NULL
;
2428 if (con
->state
== CON_STATE_READ_POST
) {
2429 handler_t r
= connection_handle_read_post_state(srv
, con
);
2430 if (r
!= HANDLER_GO_ON
) return r
;
2433 if (NULL
!= (ds
= (data_string
*)array_get_element(con
->request
.headers
, "If"))) {
2437 if (0 != stat(con
->physical
.path
->ptr
, &st
)) {
2438 if (errno
== ENOENT
) {
2439 int fd
= open(con
->physical
.path
->ptr
, O_WRONLY
|O_CREAT
|O_APPEND
|O_BINARY
|FIFO_NONBLOCK
, WEBDAV_FILE_MODE
);
2444 log_error_write(srv
, __FILE__
, __LINE__
, "sBss",
2445 "create file", con
->physical
.path
, ":", strerror(errno
));
2446 con
->http_status
= 403; /* Forbidden */
2448 return HANDLER_FINISHED
;
2451 } else if (hdr_if
== NULL
&& depth
== -1) {
2452 /* we don't support Depth: Infinity on directories */
2453 if (S_ISDIR(st
.st_mode
)) {
2454 con
->http_status
= 409; /* Conflict */
2456 return HANDLER_FINISHED
;
2460 if (1 == webdav_parse_chunkqueue(srv
, con
, hctx
, con
->request_content_queue
, &xml
)) {
2461 xmlNode
*rootnode
= xmlDocGetRootElement(xml
);
2463 force_assert(rootnode
);
2465 if (0 == xmlStrcmp(rootnode
->name
, BAD_CAST
"lockinfo")) {
2467 const xmlChar
*lockscope
= NULL
, *locktype
= NULL
; /* TODO: compiler says unused: *owner = NULL; */
2469 for (lockinfo
= rootnode
->children
; lockinfo
; lockinfo
= lockinfo
->next
) {
2470 if (0 == xmlStrcmp(lockinfo
->name
, BAD_CAST
"lockscope")) {
2472 for (value
= lockinfo
->children
; value
; value
= value
->next
) {
2473 if ((0 == xmlStrcmp(value
->name
, BAD_CAST
"exclusive")) ||
2474 (0 == xmlStrcmp(value
->name
, BAD_CAST
"shared"))) {
2475 lockscope
= value
->name
;
2477 con
->http_status
= 400;
2480 return HANDLER_FINISHED
;
2483 } else if (0 == xmlStrcmp(lockinfo
->name
, BAD_CAST
"locktype")) {
2485 for (value
= lockinfo
->children
; value
; value
= value
->next
) {
2486 if ((0 == xmlStrcmp(value
->name
, BAD_CAST
"write"))) {
2487 locktype
= value
->name
;
2489 con
->http_status
= 400;
2492 return HANDLER_FINISHED
;
2496 } else if (0 == xmlStrcmp(lockinfo
->name
, BAD_CAST
"owner")) {
2500 if (lockscope
&& locktype
) {
2501 sqlite3_stmt
*stmt
= p
->conf
.stmt_read_lock_by_uri
;
2503 /* is this resourse already locked ? */
2505 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
2507 * WHERE resource = ? */
2511 sqlite3_reset(stmt
);
2513 sqlite3_bind_text(stmt
, 1,
2514 CONST_BUF_LEN(p
->uri
.path
),
2518 while (SQLITE_ROW
== sqlite3_step(stmt
)) {
2520 * 1. is it compatible ?
2522 char *sql_lockscope
= (char *)sqlite3_column_text(stmt
, 2);
2524 if (strcmp(sql_lockscope
, "exclusive")) {
2525 con
->http_status
= 423;
2526 } else if (0 == xmlStrcmp(lockscope
, BAD_CAST
"exclusive")) {
2527 /* resourse is locked with a shared lock
2528 * client wants exclusive */
2529 con
->http_status
= 423;
2532 if (con
->http_status
== 423) {
2534 return HANDLER_FINISHED
;
2538 stmt
= p
->conf
.stmt_create_lock
;
2540 /* create a lock-token */
2542 char uuid
[37] /* 36 + \0 */;
2545 uuid_unparse(id
, uuid
);
2547 buffer_copy_string_len(p
->tmp_buf
, CONST_STR_LEN("opaquelocktoken:"));
2548 buffer_append_string(p
->tmp_buf
, uuid
);
2550 /* "CREATE TABLE locks ("
2551 * " locktoken TEXT NOT NULL,"
2552 * " resource TEXT NOT NULL,"
2553 * " lockscope TEXT NOT NULL,"
2554 * " locktype TEXT NOT NULL,"
2555 * " owner TEXT NOT NULL,"
2556 * " depth INT NOT NULL,"
2559 sqlite3_reset(stmt
);
2561 sqlite3_bind_text(stmt
, 1,
2562 CONST_BUF_LEN(p
->tmp_buf
),
2565 sqlite3_bind_text(stmt
, 2,
2566 CONST_BUF_LEN(con
->uri
.path
),
2569 sqlite3_bind_text(stmt
, 3,
2570 (const char *)lockscope
,
2571 xmlStrlen(lockscope
),
2574 sqlite3_bind_text(stmt
, 4,
2575 (const char *)locktype
,
2576 xmlStrlen(locktype
),
2580 sqlite3_bind_text(stmt
, 5,
2586 sqlite3_bind_int(stmt
, 6,
2590 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
2591 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2592 "create lock:", sqlite3_errmsg(p
->conf
.sql
));
2595 /* looks like we survived */
2596 webdav_lockdiscovery(srv
, con
, p
->tmp_buf
, (const char *)lockscope
, (const char *)locktype
, depth
);
2598 con
->http_status
= created
? 201 : 200;
2599 con
->file_finished
= 1;
2605 return HANDLER_FINISHED
;
2607 con
->http_status
= 400;
2608 return HANDLER_FINISHED
;
2612 if (NULL
!= (ds
= (data_string
*)array_get_element(con
->request
.headers
, "If"))) {
2613 buffer
*locktoken
= ds
->value
;
2614 sqlite3_stmt
*stmt
= p
->conf
.stmt_refresh_lock
;
2616 /* remove the < > around the token */
2617 if (buffer_string_length(locktoken
) < 5) {
2618 con
->http_status
= 400;
2620 return HANDLER_FINISHED
;
2623 buffer_copy_string_len(p
->tmp_buf
, locktoken
->ptr
+ 2, buffer_string_length(locktoken
) - 4);
2625 sqlite3_reset(stmt
);
2627 sqlite3_bind_text(stmt
, 1,
2628 CONST_BUF_LEN(p
->tmp_buf
),
2631 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
2632 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2633 "refresh lock:", sqlite3_errmsg(p
->conf
.sql
));
2636 webdav_lockdiscovery(srv
, con
, p
->tmp_buf
, "exclusive", "write", 0);
2638 con
->http_status
= 200;
2639 con
->file_finished
= 1;
2640 return HANDLER_FINISHED
;
2642 /* we need a lock-token to refresh */
2643 con
->http_status
= 400;
2645 return HANDLER_FINISHED
;
2650 con
->http_status
= 501;
2651 return HANDLER_FINISHED
;
2653 case HTTP_METHOD_UNLOCK
:
2655 if (NULL
!= (ds
= (data_string
*)array_get_element(con
->request
.headers
, "Lock-Token"))) {
2656 buffer
*locktoken
= ds
->value
;
2657 sqlite3_stmt
*stmt
= p
->conf
.stmt_remove_lock
;
2659 /* remove the < > around the token */
2660 if (buffer_string_length(locktoken
) < 3) {
2661 con
->http_status
= 400;
2663 return HANDLER_FINISHED
;
2669 * if the resourse is locked:
2671 * - by someone else: 401
2672 * if the resource is not locked:
2676 buffer_copy_string_len(p
->tmp_buf
, locktoken
->ptr
+ 1, buffer_string_length(locktoken
) - 2);
2678 sqlite3_reset(stmt
);
2680 sqlite3_bind_text(stmt
, 1,
2681 CONST_BUF_LEN(p
->tmp_buf
),
2684 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
2685 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2686 "remove lock:", sqlite3_errmsg(p
->conf
.sql
));
2689 if (0 == sqlite3_changes(p
->conf
.sql
)) {
2690 con
->http_status
= 401;
2692 con
->http_status
= 204;
2694 return HANDLER_FINISHED
;
2696 /* we need a lock-token to unlock */
2697 con
->http_status
= 400;
2699 return HANDLER_FINISHED
;
2703 con
->http_status
= 501;
2704 return HANDLER_FINISHED
;
2711 return HANDLER_GO_ON
;
2715 SUBREQUEST_FUNC(mod_webdav_subrequest_handler
) {
2717 plugin_data
*p
= p_d
;
2718 if (con
->mode
!= p
->id
) return HANDLER_GO_ON
;
2720 r
= mod_webdav_subrequest_handler_huge(srv
, con
, p_d
);
2721 if (con
->http_status
>= 400) con
->mode
= DIRECT
;
2726 PHYSICALPATH_FUNC(mod_webdav_physical_handler
) {
2727 plugin_data
*p
= p_d
;
2728 if (!p
->conf
.enabled
) return HANDLER_GO_ON
;
2730 /* physical path is setup */
2731 if (buffer_is_empty(con
->physical
.path
)) return HANDLER_GO_ON
;
2735 switch (con
->request
.http_method
) {
2736 case HTTP_METHOD_PROPFIND
:
2737 case HTTP_METHOD_PROPPATCH
:
2738 case HTTP_METHOD_PUT
:
2739 case HTTP_METHOD_COPY
:
2740 case HTTP_METHOD_MOVE
:
2741 case HTTP_METHOD_MKCOL
:
2742 case HTTP_METHOD_DELETE
:
2743 case HTTP_METHOD_LOCK
:
2744 case HTTP_METHOD_UNLOCK
: {
2745 handler_ctx
*hctx
= calloc(1, sizeof(*hctx
));
2746 memcpy(&hctx
->conf
, &p
->conf
, sizeof(plugin_config
));
2747 con
->plugin_ctx
[p
->id
] = hctx
;
2748 con
->conf
.stream_request_body
= 0;
2756 return HANDLER_GO_ON
;
2759 static handler_t
mod_webdav_connection_reset(server
*srv
, connection
*con
, void *p_d
) {
2760 plugin_data
*p
= p_d
;
2761 handler_ctx
*hctx
= con
->plugin_ctx
[p
->id
];
2762 if (hctx
) free(hctx
);
2765 return HANDLER_GO_ON
;
2769 /* this function is called at dlopen() time and inits the callbacks */
2771 int mod_webdav_plugin_init(plugin
*p
);
2772 int mod_webdav_plugin_init(plugin
*p
) {
2773 p
->version
= LIGHTTPD_VERSION_ID
;
2774 p
->name
= buffer_init_string("webdav");
2776 p
->init
= mod_webdav_init
;
2777 p
->handle_uri_clean
= mod_webdav_uri_handler
;
2778 p
->handle_physical
= mod_webdav_physical_handler
;
2779 p
->handle_subrequest
= mod_webdav_subrequest_handler
;
2780 p
->connection_reset
= mod_webdav_connection_reset
;
2781 p
->set_defaults
= mod_webdav_set_defaults
;
2782 p
->cleanup
= mod_webdav_free
;