search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[core] set REDIRECT_STATUS to error_handler_saved_status (fixes #1828)
[lighttpd.git] / src / mod_webdav.c
blobaf4f0b6294f0f886614dde4eba11efea2eca58f7
1 #include "first.h"
2
3 #include "base.h"
4 #include "log.h"
5 #include "buffer.h"
6 #include "response.h"
7 #include "connections.h"
8
9 #include "plugin.h"
10
11 #include "stream.h"
12 #include "stat_cache.h"
13
14 #include "sys-mmap.h"
15
16 #include <sys/types.h>
17 #include <sys/stat.h>
18 #include <ctype.h>
19 #include <stdlib.h>
20 #include <string.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <stdio.h>
24 #include <assert.h>
25
26 #include <unistd.h>
27 #include <dirent.h>
28
29 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H)
30 #define USE_PROPPATCH
31 #include <libxml/tree.h>
32 #include <libxml/parser.h>
33
34 #include <sqlite3.h>
35 #endif
36
37 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H) && defined(HAVE_UUID_UUID_H)
38 #define USE_LOCKS
39 #include <uuid/uuid.h>
40 #endif
41
42 /**
43 * this is a webdav for a lighttpd plugin
44 *
45 * at least a very basic one.
46 * - for now it is read-only and we only support PROPFIND
47 *
48 */
49
50 #define WEBDAV_FILE_MODE S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH
51 #define WEBDAV_DIR_MODE S_IRWXU | S_IRWXG | S_IRWXO
52
53 /* plugin config for all request/connections */
54
55 typedef struct {
56 unsigned short enabled;
57 unsigned short is_readonly;
58 unsigned short log_xml;
59
60 buffer *sqlite_db_name;
61 #ifdef USE_PROPPATCH
62 sqlite3 *sql;
63 sqlite3_stmt *stmt_update_prop;
64 sqlite3_stmt *stmt_delete_prop;
65 sqlite3_stmt *stmt_select_prop;
66 sqlite3_stmt *stmt_select_propnames;
67
68 sqlite3_stmt *stmt_delete_uri;
69 sqlite3_stmt *stmt_move_uri;
70 sqlite3_stmt *stmt_copy_uri;
71
72 sqlite3_stmt *stmt_remove_lock;
73 sqlite3_stmt *stmt_create_lock;
74 sqlite3_stmt *stmt_read_lock;
75 sqlite3_stmt *stmt_read_lock_by_uri;
76 sqlite3_stmt *stmt_refresh_lock;
77 #endif
78 } plugin_config;
79
80 typedef struct {
81 PLUGIN_DATA;
82
83 buffer *tmp_buf;
84 request_uri uri;
85 physical physical;
86
87 plugin_config **config_storage;
88
89 plugin_config conf;
90 } plugin_data;
91
92 /* init the plugin data */
93 INIT_FUNC(mod_webdav_init) {
94 plugin_data *p;
95
96 p = calloc(1, sizeof(*p));
97
98 p->tmp_buf = buffer_init();
99
100 p->uri.scheme = buffer_init();
101 p->uri.path_raw = buffer_init();
102 p->uri.path = buffer_init();
103 p->uri.authority = buffer_init();
104
105 p->physical.path = buffer_init();
106 p->physical.rel_path = buffer_init();
107 p->physical.doc_root = buffer_init();
108 p->physical.basedir = buffer_init();
109
110 return p;
111 }
112
113 /* detroy the plugin data */
114 FREE_FUNC(mod_webdav_free) {
115 plugin_data *p = p_d;
116
117 UNUSED(srv);
118
119 if (!p) return HANDLER_GO_ON;
120
121 if (p->config_storage) {
122 size_t i;
123 for (i = 0; i < srv->config_context->used; i++) {
124 plugin_config *s = p->config_storage[i];
125
126 if (NULL == s) continue;
127
128 buffer_free(s->sqlite_db_name);
129 #ifdef USE_PROPPATCH
130 if (s->sql) {
131 sqlite3_finalize(s->stmt_delete_prop);
132 sqlite3_finalize(s->stmt_delete_uri);
133 sqlite3_finalize(s->stmt_copy_uri);
134 sqlite3_finalize(s->stmt_move_uri);
135 sqlite3_finalize(s->stmt_update_prop);
136 sqlite3_finalize(s->stmt_select_prop);
137 sqlite3_finalize(s->stmt_select_propnames);
138
139 sqlite3_finalize(s->stmt_read_lock);
140 sqlite3_finalize(s->stmt_read_lock_by_uri);
141 sqlite3_finalize(s->stmt_create_lock);
142 sqlite3_finalize(s->stmt_remove_lock);
143 sqlite3_finalize(s->stmt_refresh_lock);
144 sqlite3_close(s->sql);
145 }
146 #endif
147 free(s);
148 }
149 free(p->config_storage);
150 }
151
152 buffer_free(p->uri.scheme);
153 buffer_free(p->uri.path_raw);
154 buffer_free(p->uri.path);
155 buffer_free(p->uri.authority);
156
157 buffer_free(p->physical.path);
158 buffer_free(p->physical.rel_path);
159 buffer_free(p->physical.doc_root);
160 buffer_free(p->physical.basedir);
161
162 buffer_free(p->tmp_buf);
163
164 free(p);
165
166 return HANDLER_GO_ON;
167 }
168
169 /* handle plugin config and check values */
170
171 SETDEFAULTS_FUNC(mod_webdav_set_defaults) {
172 plugin_data *p = p_d;
173 size_t i = 0;
174
175 config_values_t cv[] = {
176 { "webdav.activate", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
177 { "webdav.is-readonly", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
178 { "webdav.sqlite-db-name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
179 { "webdav.log-xml", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
180 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
181 };
182
183 if (!p) return HANDLER_ERROR;
184
185 p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
186
187 for (i = 0; i < srv->config_context->used; i++) {
188 data_config const* config = (data_config const*)srv->config_context->data[i];
189 plugin_config *s;
190
191 s = calloc(1, sizeof(plugin_config));
192 s->sqlite_db_name = buffer_init();
193
194 cv[0].destination = &(s->enabled);
195 cv[1].destination = &(s->is_readonly);
196 cv[2].destination = s->sqlite_db_name;
197 cv[3].destination = &(s->log_xml);
198
199 p->config_storage[i] = s;
200
201 if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) {
202 return HANDLER_ERROR;
203 }
204
205 if (!buffer_string_is_empty(s->sqlite_db_name)) {
206 #ifdef USE_PROPPATCH
207 const char *next_stmt;
208 char *err;
209
210 if (SQLITE_OK != sqlite3_open(s->sqlite_db_name->ptr, &(s->sql))) {
211 log_error_write(srv, __FILE__, __LINE__, "sbs", "sqlite3_open failed for",
212 s->sqlite_db_name,
213 sqlite3_errmsg(s->sql));
214 return HANDLER_ERROR;
215 }
216
217 if (SQLITE_OK != sqlite3_exec(s->sql,
218 "CREATE TABLE properties ("
219 " resource TEXT NOT NULL,"
220 " prop TEXT NOT NULL,"
221 " ns TEXT NOT NULL,"
222 " value TEXT NOT NULL,"
223 " PRIMARY KEY(resource, prop, ns))",
224 NULL, NULL, &err)) {
225
226 if (0 != strcmp(err, "table properties already exists")) {
227 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
228 sqlite3_free(err);
229
230 return HANDLER_ERROR;
231 }
232 sqlite3_free(err);
233 }
234
235 if (SQLITE_OK != sqlite3_prepare(s->sql,
236 CONST_STR_LEN("SELECT value FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
237 &(s->stmt_select_prop), &next_stmt)) {
238 /* prepare failed */
239
240 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
241 return HANDLER_ERROR;
242 }
243
244 if (SQLITE_OK != sqlite3_prepare(s->sql,
245 CONST_STR_LEN("SELECT ns, prop FROM properties WHERE resource = ?"),
246 &(s->stmt_select_propnames), &next_stmt)) {
247 /* prepare failed */
248
249 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
250 return HANDLER_ERROR;
251 }
252
253
254 if (SQLITE_OK != sqlite3_prepare(s->sql,
255 CONST_STR_LEN("REPLACE INTO properties (resource, prop, ns, value) VALUES (?, ?, ?, ?)"),
256 &(s->stmt_update_prop), &next_stmt)) {
257 /* prepare failed */
258
259 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
260 return HANDLER_ERROR;
261 }
262
263 if (SQLITE_OK != sqlite3_prepare(s->sql,
264 CONST_STR_LEN("DELETE FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
265 &(s->stmt_delete_prop), &next_stmt)) {
266 /* prepare failed */
267 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
268
269 return HANDLER_ERROR;
270 }
271
272 if (SQLITE_OK != sqlite3_prepare(s->sql,
273 CONST_STR_LEN("DELETE FROM properties WHERE resource = ?"),
274 &(s->stmt_delete_uri), &next_stmt)) {
275 /* prepare failed */
276 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
277
278 return HANDLER_ERROR;
279 }
280
281 if (SQLITE_OK != sqlite3_prepare(s->sql,
282 CONST_STR_LEN("INSERT INTO properties SELECT ?, prop, ns, value FROM properties WHERE resource = ?"),
283 &(s->stmt_copy_uri), &next_stmt)) {
284 /* prepare failed */
285 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
286
287 return HANDLER_ERROR;
288 }
289
290 if (SQLITE_OK != sqlite3_prepare(s->sql,
291 CONST_STR_LEN("UPDATE properties SET resource = ? WHERE resource = ?"),
292 &(s->stmt_move_uri), &next_stmt)) {
293 /* prepare failed */
294 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
295
296 return HANDLER_ERROR;
297 }
298
299 /* LOCKS */
300
301 if (SQLITE_OK != sqlite3_exec(s->sql,
302 "CREATE TABLE locks ("
303 " locktoken TEXT NOT NULL,"
304 " resource TEXT NOT NULL,"
305 " lockscope TEXT NOT NULL,"
306 " locktype TEXT NOT NULL,"
307 " owner TEXT NOT NULL,"
308 " depth INT NOT NULL,"
309 " timeout TIMESTAMP NOT NULL,"
310 " PRIMARY KEY(locktoken))",
311 NULL, NULL, &err)) {
312
313 if (0 != strcmp(err, "table locks already exists")) {
314 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
315 sqlite3_free(err);
316
317 return HANDLER_ERROR;
318 }
319 sqlite3_free(err);
320 }
321
322 if (SQLITE_OK != sqlite3_prepare(s->sql,
323 CONST_STR_LEN("INSERT INTO locks (locktoken, resource, lockscope, locktype, owner, depth, timeout) VALUES (?,?,?,?,?,?, CURRENT_TIME + 600)"),
324 &(s->stmt_create_lock), &next_stmt)) {
325 /* prepare failed */
326 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
327
328 return HANDLER_ERROR;
329 }
330
331 if (SQLITE_OK != sqlite3_prepare(s->sql,
332 CONST_STR_LEN("DELETE FROM locks WHERE locktoken = ?"),
333 &(s->stmt_remove_lock), &next_stmt)) {
334 /* prepare failed */
335 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
336
337 return HANDLER_ERROR;
338 }
339
340 if (SQLITE_OK != sqlite3_prepare(s->sql,
341 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout FROM locks WHERE locktoken = ?"),
342 &(s->stmt_read_lock), &next_stmt)) {
343 /* prepare failed */
344 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
345
346 return HANDLER_ERROR;
347 }
348
349 if (SQLITE_OK != sqlite3_prepare(s->sql,
350 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout FROM locks WHERE resource = ?"),
351 &(s->stmt_read_lock_by_uri), &next_stmt)) {
352 /* prepare failed */
353 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
354
355 return HANDLER_ERROR;
356 }
357
358 if (SQLITE_OK != sqlite3_prepare(s->sql,
359 CONST_STR_LEN("UPDATE locks SET timeout = CURRENT_TIME + 600 WHERE locktoken = ?"),
360 &(s->stmt_refresh_lock), &next_stmt)) {
361 /* prepare failed */
362 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
363
364 return HANDLER_ERROR;
365 }
366
367
368 #else
369 log_error_write(srv, __FILE__, __LINE__, "s", "Sorry, no sqlite3 and libxml2 support include, compile with --with-webdav-props");
370 return HANDLER_ERROR;
371 #endif
372 }
373 }
374
375 return HANDLER_GO_ON;
376 }
377
378 #define PATCH_OPTION(x) \
379 p->conf.x = s->x;
380 static int mod_webdav_patch_connection(server *srv, connection *con, plugin_data *p) {
381 size_t i, j;
382 plugin_config *s = p->config_storage[0];
383
384 PATCH_OPTION(enabled);
385 PATCH_OPTION(is_readonly);
386 PATCH_OPTION(log_xml);
387
388 #ifdef USE_PROPPATCH
389 PATCH_OPTION(sql);
390 PATCH_OPTION(stmt_update_prop);
391 PATCH_OPTION(stmt_delete_prop);
392 PATCH_OPTION(stmt_select_prop);
393 PATCH_OPTION(stmt_select_propnames);
394
395 PATCH_OPTION(stmt_delete_uri);
396 PATCH_OPTION(stmt_move_uri);
397 PATCH_OPTION(stmt_copy_uri);
398
399 PATCH_OPTION(stmt_remove_lock);
400 PATCH_OPTION(stmt_refresh_lock);
401 PATCH_OPTION(stmt_create_lock);
402 PATCH_OPTION(stmt_read_lock);
403 PATCH_OPTION(stmt_read_lock_by_uri);
404 #endif
405 /* skip the first, the global context */
406 for (i = 1; i < srv->config_context->used; i++) {
407 data_config *dc = (data_config *)srv->config_context->data[i];
408 s = p->config_storage[i];
409
410 /* condition didn't match */
411 if (!config_check_cond(srv, con, dc)) continue;
412
413 /* merge config */
414 for (j = 0; j < dc->value->used; j++) {
415 data_unset *du = dc->value->data[j];
416
417 if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.activate"))) {
418 PATCH_OPTION(enabled);
419 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.is-readonly"))) {
420 PATCH_OPTION(is_readonly);
421 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.log-xml"))) {
422 PATCH_OPTION(log_xml);
423 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.sqlite-db-name"))) {
424 #ifdef USE_PROPPATCH
425 PATCH_OPTION(sql);
426 PATCH_OPTION(stmt_update_prop);
427 PATCH_OPTION(stmt_delete_prop);
428 PATCH_OPTION(stmt_select_prop);
429 PATCH_OPTION(stmt_select_propnames);
430
431 PATCH_OPTION(stmt_delete_uri);
432 PATCH_OPTION(stmt_move_uri);
433 PATCH_OPTION(stmt_copy_uri);
434
435 PATCH_OPTION(stmt_remove_lock);
436 PATCH_OPTION(stmt_refresh_lock);
437 PATCH_OPTION(stmt_create_lock);
438 PATCH_OPTION(stmt_read_lock);
439 PATCH_OPTION(stmt_read_lock_by_uri);
440 #endif
441 }
442 }
443 }
444
445 return 0;
446 }
447
448 URIHANDLER_FUNC(mod_webdav_uri_handler) {
449 plugin_data *p = p_d;
450
451 UNUSED(srv);
452
453 if (buffer_is_empty(con->uri.path)) return HANDLER_GO_ON;
454
455 mod_webdav_patch_connection(srv, con, p);
456
457 if (!p->conf.enabled) return HANDLER_GO_ON;
458
459 switch (con->request.http_method) {
460 case HTTP_METHOD_OPTIONS:
461 /* we fake a little bit but it makes MS W2k happy and it let's us mount the volume */
462 response_header_overwrite(srv, con, CONST_STR_LEN("DAV"), CONST_STR_LEN("1,2"));
463 response_header_overwrite(srv, con, CONST_STR_LEN("MS-Author-Via"), CONST_STR_LEN("DAV"));
464
465 if (p->conf.is_readonly) {
466 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND"));
467 } else {
468 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND, DELETE, MKCOL, PUT, MOVE, COPY, PROPPATCH, LOCK, UNLOCK"));
469 }
470 break;
471 default:
472 break;
473 }
474
475 /* not found */
476 return HANDLER_GO_ON;
477 }
478 static int webdav_gen_prop_tag(server *srv, connection *con,
479 char *prop_name,
480 char *prop_ns,
481 char *value,
482 buffer *b) {
483
484 UNUSED(srv);
485 UNUSED(con);
486
487 if (value) {
488 buffer_append_string_len(b,CONST_STR_LEN("<"));
489 buffer_append_string(b, prop_name);
490 buffer_append_string_len(b, CONST_STR_LEN(" xmlns=\""));
491 buffer_append_string(b, prop_ns);
492 buffer_append_string_len(b, CONST_STR_LEN("\">"));
493
494 buffer_append_string(b, value);
495
496 buffer_append_string_len(b,CONST_STR_LEN("</"));
497 buffer_append_string(b, prop_name);
498 buffer_append_string_len(b, CONST_STR_LEN(">"));
499 } else {
500 buffer_append_string_len(b,CONST_STR_LEN("<"));
501 buffer_append_string(b, prop_name);
502 buffer_append_string_len(b, CONST_STR_LEN(" xmlns=\""));
503 buffer_append_string(b, prop_ns);
504 buffer_append_string_len(b, CONST_STR_LEN("\"/>"));
505 }
506
507 return 0;
508 }
509
510
511 static int webdav_gen_response_status_tag(server *srv, connection *con, physical *dst, int status, buffer *b) {
512 UNUSED(srv);
513
514 buffer_append_string_len(b,CONST_STR_LEN("<D:response xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
515
516 buffer_append_string_len(b,CONST_STR_LEN("<D:href>\n"));
517 buffer_append_string_buffer(b, dst->rel_path);
518 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
519 buffer_append_string_len(b,CONST_STR_LEN("<D:status>\n"));
520
521 if (con->request.http_version == HTTP_VERSION_1_1) {
522 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.1 "));
523 } else {
524 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.0 "));
525 }
526 buffer_append_int(b, status);
527 buffer_append_string_len(b, CONST_STR_LEN(" "));
528 buffer_append_string(b, get_http_status_name(status));
529
530 buffer_append_string_len(b,CONST_STR_LEN("</D:status>\n"));
531 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
532
533 return 0;
534 }
535
536 static int webdav_delete_file(server *srv, connection *con, plugin_data *p, physical *dst, buffer *b) {
537 int status = 0;
538
539 /* try to unlink it */
540 if (-1 == unlink(dst->path->ptr)) {
541 switch(errno) {
542 case EACCES:
543 case EPERM:
544 /* 403 */
545 status = 403;
546 break;
547 default:
548 status = 501;
549 break;
550 }
551 webdav_gen_response_status_tag(srv, con, dst, status, b);
552 } else {
553 #ifdef USE_PROPPATCH
554 sqlite3_stmt *stmt = p->conf.stmt_delete_uri;
555
556 if (!stmt) {
557 status = 403;
558 webdav_gen_response_status_tag(srv, con, dst, status, b);
559 } else {
560 sqlite3_reset(stmt);
561
562 /* bind the values to the insert */
563
564 sqlite3_bind_text(stmt, 1,
565 CONST_BUF_LEN(dst->rel_path),
566 SQLITE_TRANSIENT);
567
568 if (SQLITE_DONE != sqlite3_step(stmt)) {
569 /* */
570 }
571 }
572 #else
573 UNUSED(p);
574 #endif
575 }
576
577 return (status != 0);
578 }
579
580 static int webdav_delete_dir(server *srv, connection *con, plugin_data *p, physical *dst, buffer *b) {
581 DIR *dir;
582 int have_multi_status = 0;
583 physical d;
584
585 d.path = buffer_init();
586 d.rel_path = buffer_init();
587
588 if (NULL != (dir = opendir(dst->path->ptr))) {
589 struct dirent *de;
590
591 while(NULL != (de = readdir(dir))) {
592 struct stat st;
593 int status = 0;
594
595 if ((de->d_name[0] == '.' && de->d_name[1] == '\0') ||
596 (de->d_name[0] == '.' && de->d_name[1] == '.' && de->d_name[2] == '\0')) {
597 continue;
598 /* ignore the parent dir */
599 }
600
601 buffer_copy_buffer(d.path, dst->path);
602 buffer_append_slash(d.path);
603 buffer_append_string(d.path, de->d_name);
604
605 buffer_copy_buffer(d.rel_path, dst->rel_path);
606 buffer_append_slash(d.rel_path);
607 buffer_append_string(d.rel_path, de->d_name);
608
609 /* stat and unlink afterwards */
610 if (-1 == stat(d.path->ptr, &st)) {
611 /* don't about it yet, rmdir will fail too */
612 } else if (S_ISDIR(st.st_mode)) {
613 have_multi_status = webdav_delete_dir(srv, con, p, &d, b);
614
615 /* try to unlink it */
616 if (-1 == rmdir(d.path->ptr)) {
617 switch(errno) {
618 case EACCES:
619 case EPERM:
620 /* 403 */
621 status = 403;
622 break;
623 default:
624 status = 501;
625 break;
626 }
627 have_multi_status = 1;
628
629 webdav_gen_response_status_tag(srv, con, &d, status, b);
630 } else {
631 #ifdef USE_PROPPATCH
632 sqlite3_stmt *stmt = p->conf.stmt_delete_uri;
633
634 status = 0;
635
636 if (stmt) {
637 sqlite3_reset(stmt);
638
639 /* bind the values to the insert */
640
641 sqlite3_bind_text(stmt, 1,
642 CONST_BUF_LEN(d.rel_path),
643 SQLITE_TRANSIENT);
644
645 if (SQLITE_DONE != sqlite3_step(stmt)) {
646 /* */
647 }
648 }
649 #endif
650 }
651 } else {
652 have_multi_status = webdav_delete_file(srv, con, p, &d, b);
653 }
654 }
655 closedir(dir);
656
657 buffer_free(d.path);
658 buffer_free(d.rel_path);
659 }
660
661 return have_multi_status;
662 }
663
664 static int webdav_copy_file(server *srv, connection *con, plugin_data *p, physical *src, physical *dst, int overwrite) {
665 stream s;
666 int status = 0, ofd;
667 UNUSED(srv);
668 UNUSED(con);
669
670 if (stream_open(&s, src->path)) {
671 return 403;
672 }
673
674 if (-1 == (ofd = open(dst->path->ptr, O_WRONLY|O_TRUNC|O_CREAT|(overwrite ? 0 : O_EXCL), WEBDAV_FILE_MODE))) {
675 /* opening the destination failed for some reason */
676 switch(errno) {
677 case EEXIST:
678 status = 412;
679 break;
680 case EISDIR:
681 status = 409;
682 break;
683 case ENOENT:
684 /* at least one part in the middle wasn't existing */
685 status = 409;
686 break;
687 default:
688 status = 403;
689 break;
690 }
691 stream_close(&s);
692 return status;
693 }
694
695 if (-1 == write(ofd, s.start, s.size)) {
696 switch(errno) {
697 case ENOSPC:
698 status = 507;
699 break;
700 default:
701 status = 403;
702 break;
703 }
704 }
705
706 stream_close(&s);
707 close(ofd);
708
709 #ifdef USE_PROPPATCH
710 if (0 == status) {
711 /* copy worked fine, copy connected properties */
712 sqlite3_stmt *stmt = p->conf.stmt_copy_uri;
713
714 if (stmt) {
715 sqlite3_reset(stmt);
716
717 /* bind the values to the insert */
718 sqlite3_bind_text(stmt, 1,
719 CONST_BUF_LEN(dst->rel_path),
720 SQLITE_TRANSIENT);
721
722 sqlite3_bind_text(stmt, 2,
723 CONST_BUF_LEN(src->rel_path),
724 SQLITE_TRANSIENT);
725
726 if (SQLITE_DONE != sqlite3_step(stmt)) {
727 /* */
728 }
729 }
730 }
731 #else
732 UNUSED(p);
733 #endif
734 return status;
735 }
736
737 static int webdav_copy_dir(server *srv, connection *con, plugin_data *p, physical *src, physical *dst, int overwrite) {
738 DIR *srcdir;
739 int status = 0;
740
741 if (NULL != (srcdir = opendir(src->path->ptr))) {
742 struct dirent *de;
743 physical s, d;
744
745 s.path = buffer_init();
746 s.rel_path = buffer_init();
747
748 d.path = buffer_init();
749 d.rel_path = buffer_init();
750
751 while (NULL != (de = readdir(srcdir))) {
752 struct stat st;
753
754 if ((de->d_name[0] == '.' && de->d_name[1] == '\0')
755 || (de->d_name[0] == '.' && de->d_name[1] == '.' && de->d_name[2] == '\0')) {
756 continue;
757 }
758
759 buffer_copy_buffer(s.path, src->path);
760 buffer_append_slash(s.path);
761 buffer_append_string(s.path, de->d_name);
762
763 buffer_copy_buffer(d.path, dst->path);
764 buffer_append_slash(d.path);
765 buffer_append_string(d.path, de->d_name);
766
767 buffer_copy_buffer(s.rel_path, src->rel_path);
768 buffer_append_slash(s.rel_path);
769 buffer_append_string(s.rel_path, de->d_name);
770
771 buffer_copy_buffer(d.rel_path, dst->rel_path);
772 buffer_append_slash(d.rel_path);
773 buffer_append_string(d.rel_path, de->d_name);
774
775 if (-1 == stat(s.path->ptr, &st)) {
776 /* why ? */
777 } else if (S_ISDIR(st.st_mode)) {
778 /* a directory */
779 if (-1 == mkdir(d.path->ptr, WEBDAV_DIR_MODE) &&
780 errno != EEXIST) {
781 /* WTH ? */
782 } else {
783 #ifdef USE_PROPPATCH
784 sqlite3_stmt *stmt = p->conf.stmt_copy_uri;
785
786 if (0 != (status = webdav_copy_dir(srv, con, p, &s, &d, overwrite))) {
787 break;
788 }
789 /* directory is copied, copy the properties too */
790
791 if (stmt) {
792 sqlite3_reset(stmt);
793
794 /* bind the values to the insert */
795 sqlite3_bind_text(stmt, 1,
796 CONST_BUF_LEN(dst->rel_path),
797 SQLITE_TRANSIENT);
798
799 sqlite3_bind_text(stmt, 2,
800 CONST_BUF_LEN(src->rel_path),
801 SQLITE_TRANSIENT);
802
803 if (SQLITE_DONE != sqlite3_step(stmt)) {
804 /* */
805 }
806 }
807 #endif
808 }
809 } else if (S_ISREG(st.st_mode)) {
810 /* a plain file */
811 if (0 != (status = webdav_copy_file(srv, con, p, &s, &d, overwrite))) {
812 break;
813 }
814 }
815 }
816
817 buffer_free(s.path);
818 buffer_free(s.rel_path);
819 buffer_free(d.path);
820 buffer_free(d.rel_path);
821
822 closedir(srcdir);
823 }
824
825 return status;
826 }
827
828 static int webdav_get_live_property(server *srv, connection *con, plugin_data *p, physical *dst, char *prop_name, buffer *b) {
829 stat_cache_entry *sce = NULL;
830 int found = 0;
831
832 UNUSED(p);
833
834 if (HANDLER_ERROR != (stat_cache_get_entry(srv, con, dst->path, &sce))) {
835 char ctime_buf[] = "2005-08-18T07:27:16Z";
836 char mtime_buf[] = "Thu, 18 Aug 2005 07:27:16 GMT";
837 size_t k;
838
839 if (0 == strcmp(prop_name, "resourcetype")) {
840 if (S_ISDIR(sce->st.st_mode)) {
841 buffer_append_string_len(b, CONST_STR_LEN("<D:resourcetype><D:collection/></D:resourcetype>"));
842 found = 1;
843 }
844 } else if (0 == strcmp(prop_name, "getcontenttype")) {
845 if (S_ISDIR(sce->st.st_mode)) {
846 buffer_append_string_len(b, CONST_STR_LEN("<D:getcontenttype>httpd/unix-directory</D:getcontenttype>"));
847 found = 1;
848 } else if(S_ISREG(sce->st.st_mode)) {
849 for (k = 0; k < con->conf.mimetypes->used; k++) {
850 data_string *ds = (data_string *)con->conf.mimetypes->data[k];
851
852 if (buffer_is_empty(ds->key)) continue;
853
854 if (buffer_is_equal_right_len(dst->path, ds->key, buffer_string_length(ds->key))) {
855 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontenttype>"));
856 buffer_append_string_buffer(b, ds->value);
857 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontenttype>"));
858 found = 1;
859
860 break;
861 }
862 }
863 }
864 } else if (0 == strcmp(prop_name, "creationdate")) {
865 buffer_append_string_len(b, CONST_STR_LEN("<D:creationdate ns0:dt=\"dateTime.tz\">"));
866 strftime(ctime_buf, sizeof(ctime_buf), "%Y-%m-%dT%H:%M:%SZ", gmtime(&(sce->st.st_ctime)));
867 buffer_append_string(b, ctime_buf);
868 buffer_append_string_len(b, CONST_STR_LEN("</D:creationdate>"));
869 found = 1;
870 } else if (0 == strcmp(prop_name, "getlastmodified")) {
871 buffer_append_string_len(b,CONST_STR_LEN("<D:getlastmodified ns0:dt=\"dateTime.rfc1123\">"));
872 strftime(mtime_buf, sizeof(mtime_buf), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&(sce->st.st_mtime)));
873 buffer_append_string(b, mtime_buf);
874 buffer_append_string_len(b, CONST_STR_LEN("</D:getlastmodified>"));
875 found = 1;
876 } else if (0 == strcmp(prop_name, "getcontentlength")) {
877 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontentlength>"));
878 buffer_append_int(b, sce->st.st_size);
879 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontentlength>"));
880 found = 1;
881 } else if (0 == strcmp(prop_name, "getcontentlanguage")) {
882 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontentlanguage>"));
883 buffer_append_string_len(b, CONST_STR_LEN("en"));
884 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontentlanguage>"));
885 found = 1;
886 }
887 }
888
889 return found ? 0 : -1;
890 }
891
892 static int webdav_get_property(server *srv, connection *con, plugin_data *p, physical *dst, char *prop_name, char *prop_ns, buffer *b) {
893 if (0 == strcmp(prop_ns, "DAV:")) {
894 /* a local 'live' property */
895 return webdav_get_live_property(srv, con, p, dst, prop_name, b);
896 } else {
897 int found = 0;
898 #ifdef USE_PROPPATCH
899 sqlite3_stmt *stmt = p->conf.stmt_select_prop;
900
901 if (stmt) {
902 /* perhaps it is in sqlite3 */
903 sqlite3_reset(stmt);
904
905 /* bind the values to the insert */
906
907 sqlite3_bind_text(stmt, 1,
908 CONST_BUF_LEN(dst->rel_path),
909 SQLITE_TRANSIENT);
910 sqlite3_bind_text(stmt, 2,
911 prop_name,
912 strlen(prop_name),
913 SQLITE_TRANSIENT);
914 sqlite3_bind_text(stmt, 3,
915 prop_ns,
916 strlen(prop_ns),
917 SQLITE_TRANSIENT);
918
919 /* it is the PK */
920 while (SQLITE_ROW == sqlite3_step(stmt)) {
921 /* there is a row for us, we only expect a single col 'value' */
922 webdav_gen_prop_tag(srv, con, prop_name, prop_ns, (char *)sqlite3_column_text(stmt, 0), b);
923 found = 1;
924 }
925 }
926 #endif
927 return found ? 0 : -1;
928 }
929
930 /* not found */
931 return -1;
932 }
933
934 typedef struct {
935 char *ns;
936 char *prop;
937 } webdav_property;
938
939 static webdav_property live_properties[] = {
940 { "DAV:", "creationdate" },
941 { "DAV:", "displayname" },
942 { "DAV:", "getcontentlanguage" },
943 { "DAV:", "getcontentlength" },
944 { "DAV:", "getcontenttype" },
945 { "DAV:", "getetag" },
946 { "DAV:", "getlastmodified" },
947 { "DAV:", "resourcetype" },
948 { "DAV:", "lockdiscovery" },
949 { "DAV:", "source" },
950 { "DAV:", "supportedlock" },
951
952 { NULL, NULL }
953 };
954
955 typedef struct {
956 webdav_property **ptr;
957
958 size_t used;
959 size_t size;
960 } webdav_properties;
961
962 static int webdav_get_props(server *srv, connection *con, plugin_data *p, physical *dst, webdav_properties *props, buffer *b_200, buffer *b_404) {
963 size_t i;
964
965 if (props) {
966 for (i = 0; i < props->used; i++) {
967 webdav_property *prop;
968
969 prop = props->ptr[i];
970
971 if (0 != webdav_get_property(srv, con, p,
972 dst, prop->prop, prop->ns, b_200)) {
973 webdav_gen_prop_tag(srv, con, prop->prop, prop->ns, NULL, b_404);
974 }
975 }
976 } else {
977 for (i = 0; live_properties[i].prop; i++) {
978 /* a local 'live' property */
979 webdav_get_live_property(srv, con, p, dst, live_properties[i].prop, b_200);
980 }
981 }
982
983 return 0;
984 }
985
986 #ifdef USE_PROPPATCH
987 static int webdav_parse_chunkqueue(server *srv, connection *con, plugin_data *p, chunkqueue *cq, xmlDoc **ret_xml) {
988 xmlParserCtxtPtr ctxt;
989 xmlDoc *xml;
990 int res;
991 int err;
992
993 chunk *c;
994
995 UNUSED(con);
996
997 /* read the chunks in to the XML document */
998 ctxt = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
999
1000 for (c = cq->first; cq->bytes_out != cq->bytes_in; c = cq->first) {
1001 size_t weWant = cq->bytes_out - cq->bytes_in;
1002 size_t weHave;
1003
1004 switch(c->type) {
1005 case FILE_CHUNK:
1006 weHave = c->file.length - c->offset;
1007
1008 if (weHave > weWant) weHave = weWant;
1009
1010 /* xml chunks are always memory, mmap() is our friend */
1011 if (c->file.mmap.start == MAP_FAILED) {
1012 if (-1 == c->file.fd && /* open the file if not already open */
1013 -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
1014 log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno));
1015
1016 return -1;
1017 }
1018
1019 if (MAP_FAILED == (c->file.mmap.start = mmap(0, c->file.length, PROT_READ, MAP_SHARED, c->file.fd, 0))) {
1020 log_error_write(srv, __FILE__, __LINE__, "ssbd", "mmap failed: ",
1021 strerror(errno), c->file.name, c->file.fd);
1022 close(c->file.fd);
1023 c->file.fd = -1;
1024
1025 return -1;
1026 }
1027
1028 close(c->file.fd);
1029 c->file.fd = -1;
1030
1031 c->file.mmap.length = c->file.length;
1032
1033 /* chunk_reset() or chunk_free() will cleanup for us */
1034 }
1035
1036 if (XML_ERR_OK != (err = xmlParseChunk(ctxt, c->file.mmap.start + c->offset, weHave, 0))) {
1037 log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
1038 }
1039
1040 chunkqueue_mark_written(cq, weHave);
1041
1042 break;
1043 case MEM_CHUNK:
1044 /* append to the buffer */
1045 weHave = buffer_string_length(c->mem) - c->offset;
1046
1047 if (weHave > weWant) weHave = weWant;
1048
1049 if (p->conf.log_xml) {
1050 log_error_write(srv, __FILE__, __LINE__, "ss", "XML-request-body:", c->mem->ptr + c->offset);
1051 }
1052
1053 if (XML_ERR_OK != (err = xmlParseChunk(ctxt, c->mem->ptr + c->offset, weHave, 0))) {
1054 log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
1055 }
1056
1057 chunkqueue_mark_written(cq, weHave);
1058
1059 break;
1060 }
1061 }
1062
1063 switch ((err = xmlParseChunk(ctxt, 0, 0, 1))) {
1064 case XML_ERR_DOCUMENT_END:
1065 case XML_ERR_OK:
1066 break;
1067 default:
1068 log_error_write(srv, __FILE__, __LINE__, "sd", "xmlParseChunk failed at final packet:", err);
1069 break;
1070 }
1071
1072 xml = ctxt->myDoc;
1073 res = ctxt->wellFormed;
1074 xmlFreeParserCtxt(ctxt);
1075
1076 if (res == 0) {
1077 xmlFreeDoc(xml);
1078 } else {
1079 *ret_xml = xml;
1080 }
1081
1082 return res;
1083 }
1084 #endif
1085
1086 #ifdef USE_LOCKS
1087 static int webdav_lockdiscovery(server *srv, connection *con,
1088 buffer *locktoken, const char *lockscope, const char *locktype, int depth) {
1089
1090 buffer *b = buffer_init();
1091
1092 response_header_overwrite(srv, con, CONST_STR_LEN("Lock-Token"), CONST_BUF_LEN(locktoken));
1093
1094 response_header_overwrite(srv, con,
1095 CONST_STR_LEN("Content-Type"),
1096 CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1097
1098 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1099
1100 buffer_append_string_len(b,CONST_STR_LEN("<D:prop xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1101 buffer_append_string_len(b,CONST_STR_LEN("<D:lockdiscovery>\n"));
1102 buffer_append_string_len(b,CONST_STR_LEN("<D:activelock>\n"));
1103
1104 buffer_append_string_len(b,CONST_STR_LEN("<D:lockscope>"));
1105 buffer_append_string_len(b,CONST_STR_LEN("<D:"));
1106 buffer_append_string(b, lockscope);
1107 buffer_append_string_len(b, CONST_STR_LEN("/>"));
1108 buffer_append_string_len(b,CONST_STR_LEN("</D:lockscope>\n"));
1109
1110 buffer_append_string_len(b,CONST_STR_LEN("<D:locktype>"));
1111 buffer_append_string_len(b,CONST_STR_LEN("<D:"));
1112 buffer_append_string(b, locktype);
1113 buffer_append_string_len(b, CONST_STR_LEN("/>"));
1114 buffer_append_string_len(b,CONST_STR_LEN("</D:locktype>\n"));
1115
1116 buffer_append_string_len(b,CONST_STR_LEN("<D:depth>"));
1117 buffer_append_string(b, depth == 0 ? "0" : "infinity");
1118 buffer_append_string_len(b,CONST_STR_LEN("</D:depth>\n"));
1119
1120 buffer_append_string_len(b,CONST_STR_LEN("<D:timeout>"));
1121 buffer_append_string_len(b, CONST_STR_LEN("Second-600"));
1122 buffer_append_string_len(b,CONST_STR_LEN("</D:timeout>\n"));
1123
1124 buffer_append_string_len(b,CONST_STR_LEN("<D:owner>"));
1125 buffer_append_string_len(b,CONST_STR_LEN("</D:owner>\n"));
1126
1127 buffer_append_string_len(b,CONST_STR_LEN("<D:locktoken>"));
1128 buffer_append_string_len(b, CONST_STR_LEN("<D:href>"));
1129 buffer_append_string_buffer(b, locktoken);
1130 buffer_append_string_len(b, CONST_STR_LEN("</D:href>"));
1131 buffer_append_string_len(b,CONST_STR_LEN("</D:locktoken>\n"));
1132
1133 buffer_append_string_len(b,CONST_STR_LEN("</D:activelock>\n"));
1134 buffer_append_string_len(b,CONST_STR_LEN("</D:lockdiscovery>\n"));
1135 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1136
1137 chunkqueue_append_buffer(con->write_queue, b);
1138 buffer_free(b);
1139
1140 return 0;
1141 }
1142 #endif
1143
1144 /**
1145 * check if resource is having the right locks to access to resource
1146 *
1147 *
1148 *
1149 */
1150 static int webdav_has_lock(server *srv, connection *con, plugin_data *p, buffer *uri) {
1151 int has_lock = 1;
1152
1153 #ifdef USE_LOCKS
1154 data_string *ds;
1155 UNUSED(srv);
1156
1157 /**
1158 * This implementation is more fake than real
1159 * we need a parser for the If: header to really handle the full scope
1160 *
1161 * X-Litmus: locks: 11 (owner_modify)
1162 * If: <http://127.0.0.1:1025/dav/litmus/lockme> (<opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1>)
1163 * - a tagged check:
1164 * if http://127.0.0.1:1025/dav/litmus/lockme is locked with
1165 * opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1, go on
1166 *
1167 * X-Litmus: locks: 16 (fail_cond_put)
1168 * If: (<DAV:no-lock> ["-1622396671"])
1169 * - untagged:
1170 * go on if the resource has the etag [...] and the lock
1171 */
1172 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
1173 /* Ooh, ooh. A if tag, now the fun begins.
1174 *
1175 * this can only work with a real parser
1176 **/
1177 } else {
1178 /* we didn't provided a lock-token -> */
1179 /* if the resource is locked -> 423 */
1180
1181 sqlite3_stmt *stmt = p->conf.stmt_read_lock_by_uri;
1182
1183 sqlite3_reset(stmt);
1184
1185 sqlite3_bind_text(stmt, 1,
1186 CONST_BUF_LEN(uri),
1187 SQLITE_TRANSIENT);
1188
1189 while (SQLITE_ROW == sqlite3_step(stmt)) {
1190 has_lock = 0;
1191 }
1192 }
1193 #else
1194 UNUSED(srv);
1195 UNUSED(con);
1196 UNUSED(p);
1197 UNUSED(uri);
1198 #endif
1199
1200 return has_lock;
1201 }
1202
1203
1204 SUBREQUEST_FUNC(mod_webdav_subrequest_handler_huge) {
1205 plugin_data *p = p_d;
1206 buffer *b;
1207 DIR *dir;
1208 data_string *ds;
1209 int depth = -1; /* (Depth: infinity) */
1210 struct stat st;
1211 buffer *prop_200;
1212 buffer *prop_404;
1213 webdav_properties *req_props;
1214 stat_cache_entry *sce = NULL;
1215
1216 UNUSED(srv);
1217
1218 if (!p->conf.enabled) return HANDLER_GO_ON;
1219 /* physical path is setup */
1220 if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
1221
1222 /* PROPFIND need them */
1223 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Depth")) && 1 == buffer_string_length(ds->value)) {
1224 if ('0' == *ds->value->ptr) {
1225 depth = 0;
1226 } else if ('1' == *ds->value->ptr) {
1227 depth = 1;
1228 }
1229 } /* else treat as Depth: infinity */
1230
1231 switch (con->request.http_method) {
1232 case HTTP_METHOD_PROPFIND:
1233 /* they want to know the properties of the directory */
1234 req_props = NULL;
1235
1236 /* is there a content-body ? */
1237
1238 switch (stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
1239 case HANDLER_ERROR:
1240 if (errno == ENOENT) {
1241 con->http_status = 404;
1242 return HANDLER_FINISHED;
1243 }
1244 break;
1245 default:
1246 break;
1247 }
1248
1249
1250 #ifdef USE_PROPPATCH
1251 /* any special requests or just allprop ? */
1252 if (con->request.content_length) {
1253 xmlDocPtr xml;
1254
1255 if (con->state == CON_STATE_READ_POST) {
1256 handler_t r = connection_handle_read_post_state(srv, con);
1257 if (r != HANDLER_GO_ON) return r;
1258 }
1259
1260 if (1 == webdav_parse_chunkqueue(srv, con, p, con->request_content_queue, &xml)) {
1261 xmlNode *rootnode = xmlDocGetRootElement(xml);
1262
1263 force_assert(rootnode);
1264
1265 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "propfind")) {
1266 xmlNode *cmd;
1267
1268 req_props = calloc(1, sizeof(*req_props));
1269
1270 for (cmd = rootnode->children; cmd; cmd = cmd->next) {
1271
1272 if (0 == xmlStrcmp(cmd->name, BAD_CAST "prop")) {
1273 /* get prop by name */
1274 xmlNode *prop;
1275
1276 for (prop = cmd->children; prop; prop = prop->next) {
1277 if (prop->type == XML_TEXT_NODE) continue; /* ignore WS */
1278
1279 if (prop->ns &&
1280 (0 == xmlStrcmp(prop->ns->href, BAD_CAST "")) &&
1281 (0 != xmlStrcmp(prop->ns->prefix, BAD_CAST ""))) {
1282 size_t i;
1283 log_error_write(srv, __FILE__, __LINE__, "ss",
1284 "no name space for:",
1285 prop->name);
1286
1287 xmlFreeDoc(xml);
1288
1289 for (i = 0; i < req_props->used; i++) {
1290 free(req_props->ptr[i]->ns);
1291 free(req_props->ptr[i]->prop);
1292 free(req_props->ptr[i]);
1293 }
1294 free(req_props->ptr);
1295 free(req_props);
1296
1297 con->http_status = 400;
1298 return HANDLER_FINISHED;
1299 }
1300
1301 /* add property to requested list */
1302 if (req_props->size == 0) {
1303 req_props->size = 16;
1304 req_props->ptr = malloc(sizeof(*(req_props->ptr)) * req_props->size);
1305 } else if (req_props->used == req_props->size) {
1306 req_props->size += 16;
1307 req_props->ptr = realloc(req_props->ptr, sizeof(*(req_props->ptr)) * req_props->size);
1308 }
1309
1310 req_props->ptr[req_props->used] = malloc(sizeof(webdav_property));
1311 req_props->ptr[req_props->used]->ns = (char *)xmlStrdup(prop->ns ? prop->ns->href : (xmlChar *)"");
1312 req_props->ptr[req_props->used]->prop = (char *)xmlStrdup(prop->name);
1313 req_props->used++;
1314 }
1315 } else if (0 == xmlStrcmp(cmd->name, BAD_CAST "propname")) {
1316 sqlite3_stmt *stmt = p->conf.stmt_select_propnames;
1317
1318 if (stmt) {
1319 /* get all property names (EMPTY) */
1320 sqlite3_reset(stmt);
1321 /* bind the values to the insert */
1322
1323 sqlite3_bind_text(stmt, 1,
1324 CONST_BUF_LEN(con->uri.path),
1325 SQLITE_TRANSIENT);
1326
1327 if (SQLITE_DONE != sqlite3_step(stmt)) {
1328 }
1329 }
1330 } else if (0 == xmlStrcmp(cmd->name, BAD_CAST "allprop")) {
1331 /* get all properties (EMPTY) */
1332 }
1333 }
1334 }
1335
1336 xmlFreeDoc(xml);
1337 } else {
1338 con->http_status = 400;
1339 return HANDLER_FINISHED;
1340 }
1341 }
1342 #endif
1343 con->http_status = 207;
1344
1345 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1346
1347 b = buffer_init();
1348
1349 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1350
1351 buffer_append_string_len(b,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1352
1353 /* allprop */
1354
1355 prop_200 = buffer_init();
1356 prop_404 = buffer_init();
1357
1358 {
1359 /* Depth: 0 or Depth: 1 */
1360 webdav_get_props(srv, con, p, &(con->physical), req_props, prop_200, prop_404);
1361
1362 buffer_append_string_len(b,CONST_STR_LEN("<D:response>\n"));
1363 buffer_append_string_len(b,CONST_STR_LEN("<D:href>"));
1364 buffer_append_string_buffer(b, con->uri.scheme);
1365 buffer_append_string_len(b,CONST_STR_LEN("://"));
1366 buffer_append_string_buffer(b, con->uri.authority);
1367 buffer_append_string_encoded(b, CONST_BUF_LEN(con->uri.path), ENCODING_REL_URI);
1368 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
1369
1370 if (!buffer_string_is_empty(prop_200)) {
1371 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1372 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1373
1374 buffer_append_string_buffer(b, prop_200);
1375
1376 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1377
1378 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1379
1380 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1381 }
1382 if (!buffer_string_is_empty(prop_404)) {
1383 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1384 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1385
1386 buffer_append_string_buffer(b, prop_404);
1387
1388 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1389
1390 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1391
1392 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1393 }
1394
1395 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
1396 }
1397
1398 if (depth == 1) {
1399
1400 if (NULL != (dir = opendir(con->physical.path->ptr))) {
1401 struct dirent *de;
1402 physical d;
1403 physical *dst = &(con->physical);
1404
1405 d.path = buffer_init();
1406 d.rel_path = buffer_init();
1407
1408 while(NULL != (de = readdir(dir))) {
1409 if (de->d_name[0] == '.' && (de->d_name[1] == '\0' || (de->d_name[1] == '.' && de->d_name[2] == '\0'))) {
1410 continue;
1411 /* ignore the parent and target dir */
1412 }
1413
1414 buffer_copy_buffer(d.path, dst->path);
1415 buffer_append_slash(d.path);
1416
1417 buffer_copy_buffer(d.rel_path, dst->rel_path);
1418 buffer_append_slash(d.rel_path);
1419
1420 buffer_append_string(d.path, de->d_name);
1421 buffer_append_string(d.rel_path, de->d_name);
1422
1423 buffer_reset(prop_200);
1424 buffer_reset(prop_404);
1425
1426 webdav_get_props(srv, con, p, &d, req_props, prop_200, prop_404);
1427
1428 buffer_append_string_len(b,CONST_STR_LEN("<D:response>\n"));
1429 buffer_append_string_len(b,CONST_STR_LEN("<D:href>"));
1430 buffer_append_string_buffer(b, con->uri.scheme);
1431 buffer_append_string_len(b,CONST_STR_LEN("://"));
1432 buffer_append_string_buffer(b, con->uri.authority);
1433 buffer_append_string_encoded(b, CONST_BUF_LEN(d.rel_path), ENCODING_REL_URI);
1434 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
1435
1436 if (!buffer_string_is_empty(prop_200)) {
1437 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1438 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1439
1440 buffer_append_string_buffer(b, prop_200);
1441
1442 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1443
1444 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1445
1446 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1447 }
1448 if (!buffer_string_is_empty(prop_404)) {
1449 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1450 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1451
1452 buffer_append_string_buffer(b, prop_404);
1453
1454 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1455
1456 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1457
1458 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1459 }
1460
1461 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
1462 }
1463 closedir(dir);
1464 buffer_free(d.path);
1465 buffer_free(d.rel_path);
1466 }
1467
1468 }
1469
1470 if (req_props) {
1471 size_t i;
1472 for (i = 0; i < req_props->used; i++) {
1473 free(req_props->ptr[i]->ns);
1474 free(req_props->ptr[i]->prop);
1475 free(req_props->ptr[i]);
1476 }
1477 free(req_props->ptr);
1478 free(req_props);
1479 }
1480
1481 buffer_free(prop_200);
1482 buffer_free(prop_404);
1483
1484 buffer_append_string_len(b,CONST_STR_LEN("</D:multistatus>\n"));
1485
1486 if (p->conf.log_xml) {
1487 log_error_write(srv, __FILE__, __LINE__, "sb", "XML-response-body:", b);
1488 }
1489
1490 chunkqueue_append_buffer(con->write_queue, b);
1491 buffer_free(b);
1492
1493 con->file_finished = 1;
1494
1495 return HANDLER_FINISHED;
1496 case HTTP_METHOD_MKCOL:
1497 if (p->conf.is_readonly) {
1498 con->http_status = 403;
1499 return HANDLER_FINISHED;
1500 }
1501
1502 if (con->request.content_length != 0) {
1503 /* we don't support MKCOL with a body */
1504 con->http_status = 415;
1505
1506 return HANDLER_FINISHED;
1507 }
1508
1509 /* let's create the directory */
1510
1511 if (-1 == mkdir(con->physical.path->ptr, WEBDAV_DIR_MODE)) {
1512 switch(errno) {
1513 case EPERM:
1514 con->http_status = 403;
1515 break;
1516 case ENOENT:
1517 case ENOTDIR:
1518 con->http_status = 409;
1519 break;
1520 case EEXIST:
1521 default:
1522 con->http_status = 405; /* not allowed */
1523 break;
1524 }
1525 } else {
1526 con->http_status = 201;
1527 con->file_finished = 1;
1528 }
1529
1530 return HANDLER_FINISHED;
1531 case HTTP_METHOD_DELETE:
1532 if (p->conf.is_readonly) {
1533 con->http_status = 403;
1534 return HANDLER_FINISHED;
1535 }
1536
1537 /* does the client have a lock for this connection ? */
1538 if (!webdav_has_lock(srv, con, p, con->uri.path)) {
1539 con->http_status = 423;
1540 return HANDLER_FINISHED;
1541 }
1542
1543 /* stat and unlink afterwards */
1544 if (-1 == stat(con->physical.path->ptr, &st)) {
1545 /* don't about it yet, unlink will fail too */
1546 switch(errno) {
1547 case ENOENT:
1548 con->http_status = 404;
1549 break;
1550 default:
1551 con->http_status = 403;
1552 break;
1553 }
1554 } else if (S_ISDIR(st.st_mode)) {
1555 buffer *multi_status_resp = buffer_init();
1556
1557 if (webdav_delete_dir(srv, con, p, &(con->physical), multi_status_resp)) {
1558 /* we got an error somewhere in between, build a 207 */
1559 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1560
1561 b = buffer_init();
1562
1563 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1564
1565 buffer_append_string_len(b,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\">\n"));
1566
1567 buffer_append_string_buffer(b, multi_status_resp);
1568
1569 buffer_append_string_len(b,CONST_STR_LEN("</D:multistatus>\n"));
1570
1571 if (p->conf.log_xml) {
1572 log_error_write(srv, __FILE__, __LINE__, "sb", "XML-response-body:", b);
1573 }
1574
1575 chunkqueue_append_buffer(con->write_queue, b);
1576 buffer_free(b);
1577
1578 con->http_status = 207;
1579 con->file_finished = 1;
1580 } else {
1581 /* everything went fine, remove the directory */
1582
1583 if (-1 == rmdir(con->physical.path->ptr)) {
1584 switch(errno) {
1585 case ENOENT:
1586 con->http_status = 404;
1587 break;
1588 default:
1589 con->http_status = 501;
1590 break;
1591 }
1592 } else {
1593 con->http_status = 204;
1594 }
1595 }
1596
1597 buffer_free(multi_status_resp);
1598 } else if (-1 == unlink(con->physical.path->ptr)) {
1599 switch(errno) {
1600 case EPERM:
1601 con->http_status = 403;
1602 break;
1603 case ENOENT:
1604 con->http_status = 404;
1605 break;
1606 default:
1607 con->http_status = 501;
1608 break;
1609 }
1610 } else {
1611 con->http_status = 204;
1612 }
1613 return HANDLER_FINISHED;
1614 case HTTP_METHOD_PUT: {
1615 int fd;
1616 chunkqueue *cq = con->request_content_queue;
1617 chunk *c;
1618 data_string *ds_range;
1619
1620 if (p->conf.is_readonly) {
1621 con->http_status = 403;
1622 return HANDLER_FINISHED;
1623 }
1624
1625 /* is a exclusive lock set on the source */
1626 /* (check for lock once before potentially reading large input) */
1627 if (0 == cq->bytes_in && !webdav_has_lock(srv, con, p, con->uri.path)) {
1628 con->http_status = 423;
1629 return HANDLER_FINISHED;
1630 }
1631
1632 if (con->state == CON_STATE_READ_POST) {
1633 handler_t r = connection_handle_read_post_state(srv, con);
1634 if (r != HANDLER_GO_ON) return r;
1635 }
1636
1637 /* RFC2616 Section 9.6 PUT requires us to send 501 on all Content-* we don't support
1638 * - most important Content-Range
1639 *
1640 *
1641 * Example: Content-Range: bytes 100-1037/1038 */
1642
1643 if (NULL != (ds_range = (data_string *)array_get_element(con->request.headers, "Content-Range"))) {
1644 const char *num = ds_range->value->ptr;
1645 off_t offset;
1646 char *err = NULL;
1647
1648 if (0 != strncmp(num, "bytes ", 6)) {
1649 con->http_status = 501; /* not implemented */
1650
1651 return HANDLER_FINISHED;
1652 }
1653
1654 /* we only support <num>- ... */
1655
1656 num += 6;
1657
1658 /* skip WS */
1659 while (*num == ' ' || *num == '\t') num++;
1660
1661 if (*num == '\0') {
1662 con->http_status = 501; /* not implemented */
1663
1664 return HANDLER_FINISHED;
1665 }
1666
1667 offset = strtoll(num, &err, 10);
1668
1669 if (*err != '-' || offset < 0) {
1670 con->http_status = 501; /* not implemented */
1671
1672 return HANDLER_FINISHED;
1673 }
1674
1675 if (-1 == (fd = open(con->physical.path->ptr, O_WRONLY, WEBDAV_FILE_MODE))) {
1676 switch (errno) {
1677 case ENOENT:
1678 con->http_status = 404; /* not found */
1679 break;
1680 default:
1681 con->http_status = 403; /* not found */
1682 break;
1683 }
1684 return HANDLER_FINISHED;
1685 }
1686
1687 if (-1 == lseek(fd, offset, SEEK_SET)) {
1688 con->http_status = 501; /* not implemented */
1689
1690 close(fd);
1691
1692 return HANDLER_FINISHED;
1693 }
1694 con->http_status = 200; /* modified */
1695 } else {
1696 /* take what we have in the request-body and write it to a file */
1697
1698 /* if the file doesn't exist, create it */
1699 if (-1 == (fd = open(con->physical.path->ptr, O_WRONLY|O_TRUNC, WEBDAV_FILE_MODE))) {
1700 if (errno != ENOENT ||
1701 -1 == (fd = open(con->physical.path->ptr, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, WEBDAV_FILE_MODE))) {
1702 /* we can't open the file */
1703 con->http_status = 403;
1704
1705 return HANDLER_FINISHED;
1706 } else {
1707 con->http_status = 201; /* created */
1708 }
1709 } else {
1710 con->http_status = 200; /* modified */
1711 }
1712 }
1713
1714 con->file_finished = 1;
1715
1716 for (c = cq->first; c; c = cq->first) {
1717 int r = 0;
1718
1719 /* copy all chunks */
1720 switch(c->type) {
1721 case FILE_CHUNK:
1722
1723 if (c->file.mmap.start == MAP_FAILED) {
1724 if (-1 == c->file.fd && /* open the file if not already open */
1725 -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
1726 log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno));
1727 close(fd);
1728 return HANDLER_ERROR;
1729 }
1730
1731 if (MAP_FAILED == (c->file.mmap.start = mmap(NULL, c->file.length, PROT_READ, MAP_SHARED, c->file.fd, 0))) {
1732 log_error_write(srv, __FILE__, __LINE__, "ssbd", "mmap failed: ",
1733 strerror(errno), c->file.name, c->file.fd);
1734 close(c->file.fd);
1735 c->file.fd = -1;
1736 close(fd);
1737 return HANDLER_ERROR;
1738 }
1739
1740 c->file.mmap.length = c->file.length;
1741
1742 close(c->file.fd);
1743 c->file.fd = -1;
1744
1745 /* chunk_reset() or chunk_free() will cleanup for us */
1746 }
1747
1748 if ((r = write(fd, c->file.mmap.start + c->offset, c->file.length - c->offset)) < 0) {
1749 switch(errno) {
1750 case ENOSPC:
1751 con->http_status = 507;
1752
1753 break;
1754 default:
1755 con->http_status = 403;
1756 break;
1757 }
1758 }
1759 break;
1760 case MEM_CHUNK:
1761 if ((r = write(fd, c->mem->ptr + c->offset, buffer_string_length(c->mem) - c->offset)) < 0) {
1762 switch(errno) {
1763 case ENOSPC:
1764 con->http_status = 507;
1765
1766 break;
1767 default:
1768 con->http_status = 403;
1769 break;
1770 }
1771 }
1772 break;
1773 }
1774
1775 if (r > 0) {
1776 chunkqueue_mark_written(cq, r);
1777 } else {
1778 break;
1779 }
1780 }
1781 close(fd);
1782
1783 return HANDLER_FINISHED;
1784 }
1785 case HTTP_METHOD_MOVE:
1786 case HTTP_METHOD_COPY: {
1787 buffer *destination = NULL;
1788 char *sep, *sep2, *start;
1789 int overwrite = 1;
1790
1791 if (p->conf.is_readonly) {
1792 con->http_status = 403;
1793 return HANDLER_FINISHED;
1794 }
1795
1796 /* is a exclusive lock set on the source */
1797 if (con->request.http_method == HTTP_METHOD_MOVE) {
1798 if (!webdav_has_lock(srv, con, p, con->uri.path)) {
1799 con->http_status = 423;
1800 return HANDLER_FINISHED;
1801 }
1802 }
1803
1804 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Destination"))) {
1805 destination = ds->value;
1806 } else {
1807 con->http_status = 400;
1808 return HANDLER_FINISHED;
1809 }
1810
1811 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Overwrite"))) {
1812 if (buffer_string_length(ds->value) != 1 ||
1813 (ds->value->ptr[0] != 'F' &&
1814 ds->value->ptr[0] != 'T') ) {
1815 con->http_status = 400;
1816 return HANDLER_FINISHED;
1817 }
1818 overwrite = (ds->value->ptr[0] == 'F' ? 0 : 1);
1819 }
1820 /* let's parse the Destination
1821 *
1822 * http://127.0.0.1:1025/dav/litmus/copydest
1823 *
1824 * - host has to be the same as the Host: header we got
1825 * - we have to stay inside the document root
1826 * - the query string is thrown away
1827 * */
1828
1829 buffer_reset(p->uri.scheme);
1830 buffer_reset(p->uri.path_raw);
1831 buffer_reset(p->uri.authority);
1832
1833 start = destination->ptr;
1834
1835 if (NULL == (sep = strstr(start, "://"))) {
1836 con->http_status = 400;
1837 return HANDLER_FINISHED;
1838 }
1839 buffer_copy_string_len(p->uri.scheme, start, sep - start);
1840
1841 start = sep + 3;
1842
1843 if (NULL == (sep = strchr(start, '/'))) {
1844 con->http_status = 400;
1845 return HANDLER_FINISHED;
1846 }
1847 if (NULL != (sep2 = memchr(start, '@', sep - start))) {
1848 /* skip login information */
1849 start = sep2 + 1;
1850 }
1851 buffer_copy_string_len(p->uri.authority, start, sep - start);
1852
1853 start = sep + 1;
1854
1855 if (NULL == (sep = strchr(start, '?'))) {
1856 /* no query string, good */
1857 buffer_copy_string(p->uri.path_raw, start);
1858 } else {
1859 buffer_copy_string_len(p->uri.path_raw, start, sep - start);
1860 }
1861
1862 if (!buffer_is_equal(p->uri.authority, con->uri.authority)) {
1863 /* not the same host */
1864 con->http_status = 502;
1865 return HANDLER_FINISHED;
1866 }
1867
1868 buffer_copy_buffer(p->tmp_buf, p->uri.path_raw);
1869 buffer_urldecode_path(p->tmp_buf);
1870 buffer_path_simplify(p->uri.path, p->tmp_buf);
1871
1872 /* we now have a URI which is clean. transform it into a physical path */
1873 buffer_copy_buffer(p->physical.doc_root, con->physical.doc_root);
1874 buffer_copy_buffer(p->physical.rel_path, p->uri.path);
1875
1876 if (con->conf.force_lowercase_filenames) {
1877 buffer_to_lower(p->physical.rel_path);
1878 }
1879
1880 buffer_copy_buffer(p->physical.path, p->physical.doc_root);
1881 buffer_append_slash(p->physical.path);
1882 buffer_copy_buffer(p->physical.basedir, p->physical.path);
1883
1884 /* don't add a second / */
1885 if (p->physical.rel_path->ptr[0] == '/') {
1886 buffer_append_string_len(p->physical.path, p->physical.rel_path->ptr + 1, buffer_string_length(p->physical.rel_path) - 1);
1887 } else {
1888 buffer_append_string_buffer(p->physical.path, p->physical.rel_path);
1889 }
1890
1891 /* let's see if the source is a directory
1892 * if yes, we fail with 501 */
1893
1894 if (-1 == stat(con->physical.path->ptr, &st)) {
1895 /* don't about it yet, unlink will fail too */
1896 switch(errno) {
1897 case ENOENT:
1898 con->http_status = 404;
1899 break;
1900 default:
1901 con->http_status = 403;
1902 break;
1903 }
1904 } else if (S_ISDIR(st.st_mode)) {
1905 int r;
1906 /* src is a directory */
1907
1908 if (-1 == stat(p->physical.path->ptr, &st)) {
1909 if (-1 == mkdir(p->physical.path->ptr, WEBDAV_DIR_MODE)) {
1910 con->http_status = 403;
1911 return HANDLER_FINISHED;
1912 }
1913 } else if (!S_ISDIR(st.st_mode)) {
1914 if (overwrite == 0) {
1915 /* copying into a non-dir ? */
1916 con->http_status = 409;
1917 return HANDLER_FINISHED;
1918 } else {
1919 unlink(p->physical.path->ptr);
1920 if (-1 == mkdir(p->physical.path->ptr, WEBDAV_DIR_MODE)) {
1921 con->http_status = 403;
1922 return HANDLER_FINISHED;
1923 }
1924 }
1925 }
1926
1927 /* copy the content of src to dest */
1928 if (0 != (r = webdav_copy_dir(srv, con, p, &(con->physical), &(p->physical), overwrite))) {
1929 con->http_status = r;
1930 return HANDLER_FINISHED;
1931 }
1932 if (con->request.http_method == HTTP_METHOD_MOVE) {
1933 b = buffer_init();
1934 webdav_delete_dir(srv, con, p, &(con->physical), b); /* content */
1935 buffer_free(b);
1936
1937 rmdir(con->physical.path->ptr);
1938 }
1939 con->http_status = 201;
1940 con->file_finished = 1;
1941 } else {
1942 /* it is just a file, good */
1943 int r;
1944
1945 /* does the client have a lock for this connection ? */
1946 if (!webdav_has_lock(srv, con, p, p->uri.path)) {
1947 con->http_status = 423;
1948 return HANDLER_FINISHED;
1949 }
1950
1951 /* destination exists */
1952 if (0 == (r = stat(p->physical.path->ptr, &st))) {
1953 if (S_ISDIR(st.st_mode)) {
1954 /* file to dir/
1955 * append basename to physical path */
1956
1957 if (NULL != (sep = strrchr(con->physical.path->ptr, '/'))) {
1958 buffer_append_string(p->physical.path, sep);
1959 r = stat(p->physical.path->ptr, &st);
1960 }
1961 }
1962 }
1963
1964 if (-1 == r) {
1965 con->http_status = 201; /* we will create a new one */
1966 con->file_finished = 1;
1967
1968 switch(errno) {
1969 case ENOTDIR:
1970 con->http_status = 409;
1971 return HANDLER_FINISHED;
1972 }
1973 } else if (overwrite == 0) {
1974 /* destination exists, but overwrite is not set */
1975 con->http_status = 412;
1976 return HANDLER_FINISHED;
1977 } else {
1978 con->http_status = 204; /* resource already existed */
1979 }
1980
1981 if (con->request.http_method == HTTP_METHOD_MOVE) {
1982 /* try a rename */
1983
1984 if (0 == rename(con->physical.path->ptr, p->physical.path->ptr)) {
1985 #ifdef USE_PROPPATCH
1986 sqlite3_stmt *stmt;
1987
1988 stmt = p->conf.stmt_delete_uri;
1989 if (stmt) {
1990
1991 sqlite3_reset(stmt);
1992
1993 /* bind the values to the insert */
1994 sqlite3_bind_text(stmt, 1,
1995 CONST_BUF_LEN(con->uri.path),
1996 SQLITE_TRANSIENT);
1997
1998 if (SQLITE_DONE != sqlite3_step(stmt)) {
1999 log_error_write(srv, __FILE__, __LINE__, "ss", "sql-move(delete old) failed:", sqlite3_errmsg(p->conf.sql));
2000 }
2001 }
2002
2003 stmt = p->conf.stmt_move_uri;
2004 if (stmt) {
2005
2006 sqlite3_reset(stmt);
2007
2008 /* bind the values to the insert */
2009 sqlite3_bind_text(stmt, 1,
2010 CONST_BUF_LEN(p->uri.path),
2011 SQLITE_TRANSIENT);
2012
2013 sqlite3_bind_text(stmt, 2,
2014 CONST_BUF_LEN(con->uri.path),
2015 SQLITE_TRANSIENT);
2016
2017 if (SQLITE_DONE != sqlite3_step(stmt)) {
2018 log_error_write(srv, __FILE__, __LINE__, "ss", "sql-move failed:", sqlite3_errmsg(p->conf.sql));
2019 }
2020 }
2021 #endif
2022 return HANDLER_FINISHED;
2023 }
2024
2025 /* rename failed, fall back to COPY + DELETE */
2026 }
2027
2028 if (0 != (r = webdav_copy_file(srv, con, p, &(con->physical), &(p->physical), overwrite))) {
2029 con->http_status = r;
2030
2031 return HANDLER_FINISHED;
2032 }
2033
2034 if (con->request.http_method == HTTP_METHOD_MOVE) {
2035 b = buffer_init();
2036 webdav_delete_file(srv, con, p, &(con->physical), b);
2037 buffer_free(b);
2038 }
2039 }
2040
2041 return HANDLER_FINISHED;
2042 }
2043 case HTTP_METHOD_PROPPATCH:
2044 if (p->conf.is_readonly) {
2045 con->http_status = 403;
2046 return HANDLER_FINISHED;
2047 }
2048
2049 if (!webdav_has_lock(srv, con, p, con->uri.path)) {
2050 con->http_status = 423;
2051 return HANDLER_FINISHED;
2052 }
2053
2054 /* check if destination exists */
2055 if (-1 == stat(con->physical.path->ptr, &st)) {
2056 switch(errno) {
2057 case ENOENT:
2058 con->http_status = 404;
2059 break;
2060 }
2061 }
2062
2063 #ifdef USE_PROPPATCH
2064 if (con->request.content_length) {
2065 xmlDocPtr xml;
2066
2067 if (con->state == CON_STATE_READ_POST) {
2068 handler_t r = connection_handle_read_post_state(srv, con);
2069 if (r != HANDLER_GO_ON) return r;
2070 }
2071
2072 if (1 == webdav_parse_chunkqueue(srv, con, p, con->request_content_queue, &xml)) {
2073 xmlNode *rootnode = xmlDocGetRootElement(xml);
2074
2075 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "propertyupdate")) {
2076 xmlNode *cmd;
2077 char *err = NULL;
2078 int empty_ns = 0; /* send 400 on a empty namespace attribute */
2079
2080 /* start response */
2081
2082 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "BEGIN TRANSACTION", NULL, NULL, &err)) {
2083 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
2084 sqlite3_free(err);
2085
2086 goto propmatch_cleanup;
2087 }
2088
2089 /* a UPDATE request, we know 'set' and 'remove' */
2090 for (cmd = rootnode->children; cmd; cmd = cmd->next) {
2091 xmlNode *props;
2092 /* either set or remove */
2093
2094 if ((0 == xmlStrcmp(cmd->name, BAD_CAST "set")) ||
2095 (0 == xmlStrcmp(cmd->name, BAD_CAST "remove"))) {
2096
2097 sqlite3_stmt *stmt;
2098
2099 stmt = (0 == xmlStrcmp(cmd->name, BAD_CAST "remove")) ?
2100 p->conf.stmt_delete_prop : p->conf.stmt_update_prop;
2101
2102 for (props = cmd->children; props; props = props->next) {
2103 if (0 == xmlStrcmp(props->name, BAD_CAST "prop")) {
2104 xmlNode *prop;
2105 int r;
2106
2107 prop = props->children;
2108
2109 if (prop->ns &&
2110 (0 == xmlStrcmp(prop->ns->href, BAD_CAST "")) &&
2111 (0 != xmlStrcmp(prop->ns->prefix, BAD_CAST ""))) {
2112 log_error_write(srv, __FILE__, __LINE__, "ss",
2113 "no name space for:",
2114 prop->name);
2115
2116 empty_ns = 1;
2117 break;
2118 }
2119
2120 sqlite3_reset(stmt);
2121
2122 /* bind the values to the insert */
2123
2124 sqlite3_bind_text(stmt, 1,
2125 CONST_BUF_LEN(con->uri.path),
2126 SQLITE_TRANSIENT);
2127 sqlite3_bind_text(stmt, 2,
2128 (char *)prop->name,
2129 strlen((char *)prop->name),
2130 SQLITE_TRANSIENT);
2131 if (prop->ns) {
2132 sqlite3_bind_text(stmt, 3,
2133 (char *)prop->ns->href,
2134 strlen((char *)prop->ns->href),
2135 SQLITE_TRANSIENT);
2136 } else {
2137 sqlite3_bind_text(stmt, 3,
2138 "",
2139 0,
2140 SQLITE_TRANSIENT);
2141 }
2142 if (stmt == p->conf.stmt_update_prop) {
2143 sqlite3_bind_text(stmt, 4,
2144 (char *)xmlNodeGetContent(prop),
2145 strlen((char *)xmlNodeGetContent(prop)),
2146 SQLITE_TRANSIENT);
2147 }
2148
2149 if (SQLITE_DONE != (r = sqlite3_step(stmt))) {
2150 log_error_write(srv, __FILE__, __LINE__, "ss",
2151 "sql-set failed:", sqlite3_errmsg(p->conf.sql));
2152 }
2153 }
2154 }
2155 if (empty_ns) break;
2156 }
2157 }
2158
2159 if (empty_ns) {
2160 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "ROLLBACK", NULL, NULL, &err)) {
2161 log_error_write(srv, __FILE__, __LINE__, "ss", "can't rollback transaction:", err);
2162 sqlite3_free(err);
2163
2164 goto propmatch_cleanup;
2165 }
2166
2167 con->http_status = 400;
2168 } else {
2169 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "COMMIT", NULL, NULL, &err)) {
2170 log_error_write(srv, __FILE__, __LINE__, "ss", "can't commit transaction:", err);
2171 sqlite3_free(err);
2172
2173 goto propmatch_cleanup;
2174 }
2175 con->http_status = 200;
2176 }
2177 con->file_finished = 1;
2178
2179 return HANDLER_FINISHED;
2180 }
2181
2182 propmatch_cleanup:
2183
2184 xmlFreeDoc(xml);
2185 } else {
2186 con->http_status = 400;
2187 return HANDLER_FINISHED;
2188 }
2189 }
2190 #endif
2191 con->http_status = 501;
2192 return HANDLER_FINISHED;
2193 case HTTP_METHOD_LOCK:
2194 /**
2195 * a mac wants to write
2196 *
2197 * LOCK /dav/expire.txt HTTP/1.1\r\n
2198 * User-Agent: WebDAVFS/1.3 (01308000) Darwin/8.1.0 (Power Macintosh)\r\n
2199 * Accept: * / *\r\n
2200 * Depth: 0\r\n
2201 * Timeout: Second-600\r\n
2202 * Content-Type: text/xml; charset=\"utf-8\"\r\n
2203 * Content-Length: 229\r\n
2204 * Connection: keep-alive\r\n
2205 * Host: 192.168.178.23:1025\r\n
2206 * \r\n
2207 * <?xml version=\"1.0\" encoding=\"utf-8\"?>\n
2208 * <D:lockinfo xmlns:D=\"DAV:\">\n
2209 * <D:lockscope><D:exclusive/></D:lockscope>\n
2210 * <D:locktype><D:write/></D:locktype>\n
2211 * <D:owner>\n
2212 * <D:href>http://www.apple.com/webdav_fs/</D:href>\n
2213 * </D:owner>\n
2214 * </D:lockinfo>\n
2215 */
2216
2217 if (depth != 0 && depth != -1) {
2218 con->http_status = 400;
2219
2220 return HANDLER_FINISHED;
2221 }
2222
2223 #ifdef USE_LOCKS
2224 if (con->request.content_length) {
2225 xmlDocPtr xml;
2226 buffer *hdr_if = NULL;
2227
2228 if (con->state == CON_STATE_READ_POST) {
2229 handler_t r = connection_handle_read_post_state(srv, con);
2230 if (r != HANDLER_GO_ON) return r;
2231 }
2232
2233 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
2234 hdr_if = ds->value;
2235 }
2236
2237 /* we don't support Depth: Infinity on directories */
2238 if (hdr_if == NULL && depth == -1) {
2239 if (0 == stat(con->physical.path->ptr, &st) && S_ISDIR(st.st_mode)) {
2240 con->http_status = 409; /* Conflict */
2241
2242 return HANDLER_FINISHED;
2243 }
2244 }
2245
2246 if (1 == webdav_parse_chunkqueue(srv, con, p, con->request_content_queue, &xml)) {
2247 xmlNode *rootnode = xmlDocGetRootElement(xml);
2248
2249 force_assert(rootnode);
2250
2251 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "lockinfo")) {
2252 xmlNode *lockinfo;
2253 const xmlChar *lockscope = NULL, *locktype = NULL; /* TODO: compiler says unused: *owner = NULL; */
2254
2255 for (lockinfo = rootnode->children; lockinfo; lockinfo = lockinfo->next) {
2256 if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "lockscope")) {
2257 xmlNode *value;
2258 for (value = lockinfo->children; value; value = value->next) {
2259 if ((0 == xmlStrcmp(value->name, BAD_CAST "exclusive")) ||
2260 (0 == xmlStrcmp(value->name, BAD_CAST "shared"))) {
2261 lockscope = value->name;
2262 } else {
2263 con->http_status = 400;
2264
2265 xmlFreeDoc(xml);
2266 return HANDLER_FINISHED;
2267 }
2268 }
2269 } else if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "locktype")) {
2270 xmlNode *value;
2271 for (value = lockinfo->children; value; value = value->next) {
2272 if ((0 == xmlStrcmp(value->name, BAD_CAST "write"))) {
2273 locktype = value->name;
2274 } else {
2275 con->http_status = 400;
2276
2277 xmlFreeDoc(xml);
2278 return HANDLER_FINISHED;
2279 }
2280 }
2281
2282 } else if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "owner")) {
2283 }
2284 }
2285
2286 if (lockscope && locktype) {
2287 sqlite3_stmt *stmt = p->conf.stmt_read_lock_by_uri;
2288
2289 /* is this resourse already locked ? */
2290
2291 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
2292 * FROM locks
2293 * WHERE resource = ? */
2294
2295 if (stmt) {
2296
2297 sqlite3_reset(stmt);
2298
2299 sqlite3_bind_text(stmt, 1,
2300 CONST_BUF_LEN(p->uri.path),
2301 SQLITE_TRANSIENT);
2302
2303 /* it is the PK */
2304 while (SQLITE_ROW == sqlite3_step(stmt)) {
2305 /* we found a lock
2306 * 1. is it compatible ?
2307 * 2. is it ours */
2308 char *sql_lockscope = (char *)sqlite3_column_text(stmt, 2);
2309
2310 if (strcmp(sql_lockscope, "exclusive")) {
2311 con->http_status = 423;
2312 } else if (0 == xmlStrcmp(lockscope, BAD_CAST "exclusive")) {
2313 /* resourse is locked with a shared lock
2314 * client wants exclusive */
2315 con->http_status = 423;
2316 }
2317 }
2318 if (con->http_status == 423) {
2319 xmlFreeDoc(xml);
2320 return HANDLER_FINISHED;
2321 }
2322 }
2323
2324 stmt = p->conf.stmt_create_lock;
2325 if (stmt) {
2326 /* create a lock-token */
2327 uuid_t id;
2328 char uuid[37] /* 36 + \0 */;
2329
2330 uuid_generate(id);
2331 uuid_unparse(id, uuid);
2332
2333 buffer_copy_string_len(p->tmp_buf, CONST_STR_LEN("opaquelocktoken:"));
2334 buffer_append_string(p->tmp_buf, uuid);
2335
2336 /* "CREATE TABLE locks ("
2337 * " locktoken TEXT NOT NULL,"
2338 * " resource TEXT NOT NULL,"
2339 * " lockscope TEXT NOT NULL,"
2340 * " locktype TEXT NOT NULL,"
2341 * " owner TEXT NOT NULL,"
2342 * " depth INT NOT NULL,"
2343 */
2344
2345 sqlite3_reset(stmt);
2346
2347 sqlite3_bind_text(stmt, 1,
2348 CONST_BUF_LEN(p->tmp_buf),
2349 SQLITE_TRANSIENT);
2350
2351 sqlite3_bind_text(stmt, 2,
2352 CONST_BUF_LEN(con->uri.path),
2353 SQLITE_TRANSIENT);
2354
2355 sqlite3_bind_text(stmt, 3,
2356 (const char *)lockscope,
2357 xmlStrlen(lockscope),
2358 SQLITE_TRANSIENT);
2359
2360 sqlite3_bind_text(stmt, 4,
2361 (const char *)locktype,
2362 xmlStrlen(locktype),
2363 SQLITE_TRANSIENT);
2364
2365 /* owner */
2366 sqlite3_bind_text(stmt, 5,
2367 "",
2368 0,
2369 SQLITE_TRANSIENT);
2370
2371 /* depth */
2372 sqlite3_bind_int(stmt, 6,
2373 depth);
2374
2375
2376 if (SQLITE_DONE != sqlite3_step(stmt)) {
2377 log_error_write(srv, __FILE__, __LINE__, "ss",
2378 "create lock:", sqlite3_errmsg(p->conf.sql));
2379 }
2380
2381 /* looks like we survived */
2382 webdav_lockdiscovery(srv, con, p->tmp_buf, (const char *)lockscope, (const char *)locktype, depth);
2383
2384 con->http_status = 201;
2385 con->file_finished = 1;
2386 }
2387 }
2388 }
2389
2390 xmlFreeDoc(xml);
2391 return HANDLER_FINISHED;
2392 } else {
2393 con->http_status = 400;
2394 return HANDLER_FINISHED;
2395 }
2396 } else {
2397
2398 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
2399 buffer *locktoken = ds->value;
2400 sqlite3_stmt *stmt = p->conf.stmt_refresh_lock;
2401
2402 /* remove the < > around the token */
2403 if (buffer_string_length(locktoken) < 5) {
2404 con->http_status = 400;
2405
2406 return HANDLER_FINISHED;
2407 }
2408
2409 buffer_copy_string_len(p->tmp_buf, locktoken->ptr + 2, buffer_string_length(locktoken) - 4);
2410
2411 sqlite3_reset(stmt);
2412
2413 sqlite3_bind_text(stmt, 1,
2414 CONST_BUF_LEN(p->tmp_buf),
2415 SQLITE_TRANSIENT);
2416
2417 if (SQLITE_DONE != sqlite3_step(stmt)) {
2418 log_error_write(srv, __FILE__, __LINE__, "ss",
2419 "refresh lock:", sqlite3_errmsg(p->conf.sql));
2420 }
2421
2422 webdav_lockdiscovery(srv, con, p->tmp_buf, "exclusive", "write", 0);
2423
2424 con->http_status = 200;
2425 con->file_finished = 1;
2426 return HANDLER_FINISHED;
2427 } else {
2428 /* we need a lock-token to refresh */
2429 con->http_status = 400;
2430
2431 return HANDLER_FINISHED;
2432 }
2433 }
2434 break;
2435 #else
2436 con->http_status = 501;
2437 return HANDLER_FINISHED;
2438 #endif
2439 case HTTP_METHOD_UNLOCK:
2440 #ifdef USE_LOCKS
2441 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Lock-Token"))) {
2442 buffer *locktoken = ds->value;
2443 sqlite3_stmt *stmt = p->conf.stmt_remove_lock;
2444
2445 /* remove the < > around the token */
2446 if (buffer_string_length(locktoken) < 3) {
2447 con->http_status = 400;
2448
2449 return HANDLER_FINISHED;
2450 }
2451
2452 /**
2453 * FIXME:
2454 *
2455 * if the resourse is locked:
2456 * - by us: unlock
2457 * - by someone else: 401
2458 * if the resource is not locked:
2459 * - 412
2460 * */
2461
2462 buffer_copy_string_len(p->tmp_buf, locktoken->ptr + 1, buffer_string_length(locktoken) - 2);
2463
2464 sqlite3_reset(stmt);
2465
2466 sqlite3_bind_text(stmt, 1,
2467 CONST_BUF_LEN(p->tmp_buf),
2468 SQLITE_TRANSIENT);
2469
2470 sqlite3_bind_text(stmt, 2,
2471 CONST_BUF_LEN(con->uri.path),
2472 SQLITE_TRANSIENT);
2473
2474 if (SQLITE_DONE != sqlite3_step(stmt)) {
2475 log_error_write(srv, __FILE__, __LINE__, "ss",
2476 "remove lock:", sqlite3_errmsg(p->conf.sql));
2477 }
2478
2479 if (0 == sqlite3_changes(p->conf.sql)) {
2480 con->http_status = 401;
2481 } else {
2482 con->http_status = 204;
2483 }
2484 return HANDLER_FINISHED;
2485 } else {
2486 /* we need a lock-token to unlock */
2487 con->http_status = 400;
2488
2489 return HANDLER_FINISHED;
2490 }
2491 break;
2492 #else
2493 con->http_status = 501;
2494 return HANDLER_FINISHED;
2495 #endif
2496 default:
2497 break;
2498 }
2499
2500 /* not found */
2501 return HANDLER_GO_ON;
2502 }
2503
2504
2505 SUBREQUEST_FUNC(mod_webdav_subrequest_handler) {
2506 handler_t r;
2507 plugin_data *p = p_d;
2508 if (con->mode != p->id) return HANDLER_GO_ON;
2509
2510 r = mod_webdav_subrequest_handler_huge(srv, con, p_d);
2511 if (con->http_status >= 400) con->mode = DIRECT;
2512 return r;
2513 }
2514
2515
2516 PHYSICALPATH_FUNC(mod_webdav_physical_handler) {
2517 plugin_data *p = p_d;
2518 if (!p->conf.enabled) return HANDLER_GO_ON;
2519
2520 /* physical path is setup */
2521 if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
2522
2523 UNUSED(srv);
2524
2525 switch (con->request.http_method) {
2526 case HTTP_METHOD_PROPFIND:
2527 case HTTP_METHOD_PROPPATCH:
2528 case HTTP_METHOD_PUT:
2529 case HTTP_METHOD_COPY:
2530 case HTTP_METHOD_MOVE:
2531 case HTTP_METHOD_MKCOL:
2532 case HTTP_METHOD_DELETE:
2533 case HTTP_METHOD_LOCK:
2534 case HTTP_METHOD_UNLOCK:
2535 con->mode = p->id;
2536 break;
2537 default:
2538 break;
2539 }
2540
2541 return HANDLER_GO_ON;
2542 }
2543
2544
2545 /* this function is called at dlopen() time and inits the callbacks */
2546
2547 int mod_webdav_plugin_init(plugin *p);
2548 int mod_webdav_plugin_init(plugin *p) {
2549 p->version = LIGHTTPD_VERSION_ID;
2550 p->name = buffer_init_string("webdav");
2551
2552 p->init = mod_webdav_init;
2553 p->handle_uri_clean = mod_webdav_uri_handler;
2554 p->handle_physical = mod_webdav_physical_handler;
2555 p->handle_subrequest = mod_webdav_subrequest_handler;
2556 p->set_defaults = mod_webdav_set_defaults;
2557 p->cleanup = mod_webdav_free;
2558
2559 p->data = NULL;
2560
2561 return 0;
2562 }
A fast webserver with minimal memory-footprint (lighttpd)