search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[mod_proxy] move data_fastcgi into mod_proxy.c
[lighttpd.git] / src / mod_webdav.c
blob804f0da2343aff6edcf29829947ec6b7c26d6a31
1 #include "first.h"
2
3 #include "base.h"
4 #include "log.h"
5 #include "buffer.h"
6 #include "response.h"
7 #include "connections.h"
8
9 #include "plugin.h"
10
11 #include "stat_cache.h"
12
13 #include "sys-mmap.h"
14
15 #include <sys/types.h>
16 #include <sys/stat.h>
17 #include <stdio.h>
18 #include <stdlib.h>
19 #include <string.h>
20 #include <errno.h>
21 #include <fcntl.h>
22
23 #include <unistd.h>
24 #include <dirent.h>
25
26 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H)
27 #define USE_PROPPATCH
28 #include <libxml/tree.h>
29 #include <libxml/parser.h>
30
31 #include <sqlite3.h>
32 #endif
33
34 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H) && defined(HAVE_UUID_UUID_H)
35 #define USE_LOCKS
36 #include <uuid/uuid.h>
37 #endif
38
39 /**
40 * this is a webdav for a lighttpd plugin
41 *
42 * at least a very basic one.
43 * - for now it is read-only and we only support PROPFIND
44 *
45 */
46
47 #define WEBDAV_FILE_MODE S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH
48 #define WEBDAV_DIR_MODE S_IRWXU | S_IRWXG | S_IRWXO
49
50 /* plugin config for all request/connections */
51
52 typedef struct {
53 unsigned short enabled;
54 unsigned short is_readonly;
55 unsigned short log_xml;
56
57 buffer *sqlite_db_name;
58 #ifdef USE_PROPPATCH
59 sqlite3 *sql;
60 sqlite3_stmt *stmt_update_prop;
61 sqlite3_stmt *stmt_delete_prop;
62 sqlite3_stmt *stmt_select_prop;
63 sqlite3_stmt *stmt_select_propnames;
64
65 sqlite3_stmt *stmt_delete_uri;
66 sqlite3_stmt *stmt_move_uri;
67 sqlite3_stmt *stmt_copy_uri;
68
69 sqlite3_stmt *stmt_remove_lock;
70 sqlite3_stmt *stmt_create_lock;
71 sqlite3_stmt *stmt_read_lock;
72 sqlite3_stmt *stmt_read_lock_by_uri;
73 sqlite3_stmt *stmt_refresh_lock;
74 #endif
75 } plugin_config;
76
77 typedef struct {
78 PLUGIN_DATA;
79
80 buffer *tmp_buf;
81 request_uri uri;
82 physical physical;
83
84 plugin_config **config_storage;
85
86 plugin_config conf;
87 } plugin_data;
88
89 typedef struct {
90 plugin_config conf;
91 } handler_ctx;
92
93 /* init the plugin data */
94 INIT_FUNC(mod_webdav_init) {
95 plugin_data *p;
96
97 p = calloc(1, sizeof(*p));
98
99 p->tmp_buf = buffer_init();
100
101 p->uri.scheme = buffer_init();
102 p->uri.path_raw = buffer_init();
103 p->uri.path = buffer_init();
104 p->uri.authority = buffer_init();
105
106 p->physical.path = buffer_init();
107 p->physical.rel_path = buffer_init();
108 p->physical.doc_root = buffer_init();
109 p->physical.basedir = buffer_init();
110
111 return p;
112 }
113
114 /* detroy the plugin data */
115 FREE_FUNC(mod_webdav_free) {
116 plugin_data *p = p_d;
117
118 UNUSED(srv);
119
120 if (!p) return HANDLER_GO_ON;
121
122 if (p->config_storage) {
123 size_t i;
124 for (i = 0; i < srv->config_context->used; i++) {
125 plugin_config *s = p->config_storage[i];
126
127 if (NULL == s) continue;
128
129 buffer_free(s->sqlite_db_name);
130 #ifdef USE_PROPPATCH
131 if (s->sql) {
132 sqlite3_finalize(s->stmt_delete_prop);
133 sqlite3_finalize(s->stmt_delete_uri);
134 sqlite3_finalize(s->stmt_copy_uri);
135 sqlite3_finalize(s->stmt_move_uri);
136 sqlite3_finalize(s->stmt_update_prop);
137 sqlite3_finalize(s->stmt_select_prop);
138 sqlite3_finalize(s->stmt_select_propnames);
139
140 sqlite3_finalize(s->stmt_read_lock);
141 sqlite3_finalize(s->stmt_read_lock_by_uri);
142 sqlite3_finalize(s->stmt_create_lock);
143 sqlite3_finalize(s->stmt_remove_lock);
144 sqlite3_finalize(s->stmt_refresh_lock);
145 sqlite3_close(s->sql);
146 }
147 #endif
148 free(s);
149 }
150 free(p->config_storage);
151 }
152
153 buffer_free(p->uri.scheme);
154 buffer_free(p->uri.path_raw);
155 buffer_free(p->uri.path);
156 buffer_free(p->uri.authority);
157
158 buffer_free(p->physical.path);
159 buffer_free(p->physical.rel_path);
160 buffer_free(p->physical.doc_root);
161 buffer_free(p->physical.basedir);
162
163 buffer_free(p->tmp_buf);
164
165 free(p);
166
167 return HANDLER_GO_ON;
168 }
169
170 /* handle plugin config and check values */
171
172 SETDEFAULTS_FUNC(mod_webdav_set_defaults) {
173 plugin_data *p = p_d;
174 size_t i = 0;
175
176 config_values_t cv[] = {
177 { "webdav.activate", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
178 { "webdav.is-readonly", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
179 { "webdav.sqlite-db-name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
180 { "webdav.log-xml", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
181 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
182 };
183
184 if (!p) return HANDLER_ERROR;
185
186 p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
187
188 for (i = 0; i < srv->config_context->used; i++) {
189 data_config const* config = (data_config const*)srv->config_context->data[i];
190 plugin_config *s;
191
192 s = calloc(1, sizeof(plugin_config));
193 s->sqlite_db_name = buffer_init();
194
195 cv[0].destination = &(s->enabled);
196 cv[1].destination = &(s->is_readonly);
197 cv[2].destination = s->sqlite_db_name;
198 cv[3].destination = &(s->log_xml);
199
200 p->config_storage[i] = s;
201
202 if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) {
203 return HANDLER_ERROR;
204 }
205
206 if (!buffer_string_is_empty(s->sqlite_db_name)) {
207 #ifdef USE_PROPPATCH
208 const char *next_stmt;
209 char *err;
210
211 if (SQLITE_OK != sqlite3_open(s->sqlite_db_name->ptr, &(s->sql))) {
212 log_error_write(srv, __FILE__, __LINE__, "sbs", "sqlite3_open failed for",
213 s->sqlite_db_name,
214 sqlite3_errmsg(s->sql));
215 return HANDLER_ERROR;
216 }
217
218 if (SQLITE_OK != sqlite3_exec(s->sql,
219 "CREATE TABLE IF NOT EXISTS properties ("
220 " resource TEXT NOT NULL,"
221 " prop TEXT NOT NULL,"
222 " ns TEXT NOT NULL,"
223 " value TEXT NOT NULL,"
224 " PRIMARY KEY(resource, prop, ns))",
225 NULL, NULL, &err)) {
226
227 if (0 != strcmp(err, "table properties already exists")) {
228 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
229 sqlite3_free(err);
230
231 return HANDLER_ERROR;
232 }
233 sqlite3_free(err);
234 }
235
236 if (SQLITE_OK != sqlite3_exec(s->sql,
237 "CREATE TABLE IF NOT EXISTS locks ("
238 " locktoken TEXT NOT NULL,"
239 " resource TEXT NOT NULL,"
240 " lockscope TEXT NOT NULL,"
241 " locktype TEXT NOT NULL,"
242 " owner TEXT NOT NULL,"
243 " depth INT NOT NULL,"
244 " timeout TIMESTAMP NOT NULL,"
245 " PRIMARY KEY(locktoken))",
246 NULL, NULL, &err)) {
247
248 if (0 != strcmp(err, "table locks already exists")) {
249 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
250 sqlite3_free(err);
251
252 return HANDLER_ERROR;
253 }
254 sqlite3_free(err);
255 }
256
257 if (SQLITE_OK != sqlite3_prepare(s->sql,
258 CONST_STR_LEN("SELECT value FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
259 &(s->stmt_select_prop), &next_stmt)) {
260 /* prepare failed */
261
262 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
263 return HANDLER_ERROR;
264 }
265
266 if (SQLITE_OK != sqlite3_prepare(s->sql,
267 CONST_STR_LEN("SELECT ns, prop FROM properties WHERE resource = ?"),
268 &(s->stmt_select_propnames), &next_stmt)) {
269 /* prepare failed */
270
271 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
272 return HANDLER_ERROR;
273 }
274
275
276 if (SQLITE_OK != sqlite3_prepare(s->sql,
277 CONST_STR_LEN("REPLACE INTO properties (resource, prop, ns, value) VALUES (?, ?, ?, ?)"),
278 &(s->stmt_update_prop), &next_stmt)) {
279 /* prepare failed */
280
281 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
282 return HANDLER_ERROR;
283 }
284
285 if (SQLITE_OK != sqlite3_prepare(s->sql,
286 CONST_STR_LEN("DELETE FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
287 &(s->stmt_delete_prop), &next_stmt)) {
288 /* prepare failed */
289 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
290
291 return HANDLER_ERROR;
292 }
293
294 if (SQLITE_OK != sqlite3_prepare(s->sql,
295 CONST_STR_LEN("DELETE FROM properties WHERE resource = ?"),
296 &(s->stmt_delete_uri), &next_stmt)) {
297 /* prepare failed */
298 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
299
300 return HANDLER_ERROR;
301 }
302
303 if (SQLITE_OK != sqlite3_prepare(s->sql,
304 CONST_STR_LEN("INSERT INTO properties SELECT ?, prop, ns, value FROM properties WHERE resource = ?"),
305 &(s->stmt_copy_uri), &next_stmt)) {
306 /* prepare failed */
307 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
308
309 return HANDLER_ERROR;
310 }
311
312 if (SQLITE_OK != sqlite3_prepare(s->sql,
313 CONST_STR_LEN("UPDATE OR REPLACE properties SET resource = ? WHERE resource = ?"),
314 &(s->stmt_move_uri), &next_stmt)) {
315 /* prepare failed */
316 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
317
318 return HANDLER_ERROR;
319 }
320
321 /* LOCKS */
322
323 if (SQLITE_OK != sqlite3_prepare(s->sql,
324 CONST_STR_LEN("INSERT INTO locks (locktoken, resource, lockscope, locktype, owner, depth, timeout) VALUES (?,?,?,?,?,?, CURRENT_TIME + 600)"),
325 &(s->stmt_create_lock), &next_stmt)) {
326 /* prepare failed */
327 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
328
329 return HANDLER_ERROR;
330 }
331
332 if (SQLITE_OK != sqlite3_prepare(s->sql,
333 CONST_STR_LEN("DELETE FROM locks WHERE locktoken = ?"),
334 &(s->stmt_remove_lock), &next_stmt)) {
335 /* prepare failed */
336 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
337
338 return HANDLER_ERROR;
339 }
340
341 if (SQLITE_OK != sqlite3_prepare(s->sql,
342 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE locktoken = ?"),
343 &(s->stmt_read_lock), &next_stmt)) {
344 /* prepare failed */
345 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
346
347 return HANDLER_ERROR;
348 }
349
350 if (SQLITE_OK != sqlite3_prepare(s->sql,
351 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE resource = ?"),
352 &(s->stmt_read_lock_by_uri), &next_stmt)) {
353 /* prepare failed */
354 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
355
356 return HANDLER_ERROR;
357 }
358
359 if (SQLITE_OK != sqlite3_prepare(s->sql,
360 CONST_STR_LEN("UPDATE locks SET timeout = CURRENT_TIME + 600 WHERE locktoken = ?"),
361 &(s->stmt_refresh_lock), &next_stmt)) {
362 /* prepare failed */
363 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
364
365 return HANDLER_ERROR;
366 }
367
368
369 #else
370 log_error_write(srv, __FILE__, __LINE__, "s", "Sorry, no sqlite3 and libxml2 support include, compile with --with-webdav-props");
371 return HANDLER_ERROR;
372 #endif
373 }
374 }
375
376 return HANDLER_GO_ON;
377 }
378
379 #define PATCH_OPTION(x) \
380 p->conf.x = s->x;
381 static int mod_webdav_patch_connection(server *srv, connection *con, plugin_data *p) {
382 size_t i, j;
383 plugin_config *s = p->config_storage[0];
384
385 PATCH_OPTION(enabled);
386 PATCH_OPTION(is_readonly);
387 PATCH_OPTION(log_xml);
388
389 #ifdef USE_PROPPATCH
390 PATCH_OPTION(sql);
391 PATCH_OPTION(stmt_update_prop);
392 PATCH_OPTION(stmt_delete_prop);
393 PATCH_OPTION(stmt_select_prop);
394 PATCH_OPTION(stmt_select_propnames);
395
396 PATCH_OPTION(stmt_delete_uri);
397 PATCH_OPTION(stmt_move_uri);
398 PATCH_OPTION(stmt_copy_uri);
399
400 PATCH_OPTION(stmt_remove_lock);
401 PATCH_OPTION(stmt_refresh_lock);
402 PATCH_OPTION(stmt_create_lock);
403 PATCH_OPTION(stmt_read_lock);
404 PATCH_OPTION(stmt_read_lock_by_uri);
405 #endif
406 /* skip the first, the global context */
407 for (i = 1; i < srv->config_context->used; i++) {
408 data_config *dc = (data_config *)srv->config_context->data[i];
409 s = p->config_storage[i];
410
411 /* condition didn't match */
412 if (!config_check_cond(srv, con, dc)) continue;
413
414 /* merge config */
415 for (j = 0; j < dc->value->used; j++) {
416 data_unset *du = dc->value->data[j];
417
418 if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.activate"))) {
419 PATCH_OPTION(enabled);
420 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.is-readonly"))) {
421 PATCH_OPTION(is_readonly);
422 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.log-xml"))) {
423 PATCH_OPTION(log_xml);
424 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.sqlite-db-name"))) {
425 #ifdef USE_PROPPATCH
426 PATCH_OPTION(sql);
427 PATCH_OPTION(stmt_update_prop);
428 PATCH_OPTION(stmt_delete_prop);
429 PATCH_OPTION(stmt_select_prop);
430 PATCH_OPTION(stmt_select_propnames);
431
432 PATCH_OPTION(stmt_delete_uri);
433 PATCH_OPTION(stmt_move_uri);
434 PATCH_OPTION(stmt_copy_uri);
435
436 PATCH_OPTION(stmt_remove_lock);
437 PATCH_OPTION(stmt_refresh_lock);
438 PATCH_OPTION(stmt_create_lock);
439 PATCH_OPTION(stmt_read_lock);
440 PATCH_OPTION(stmt_read_lock_by_uri);
441 #endif
442 }
443 }
444 }
445
446 return 0;
447 }
448
449 URIHANDLER_FUNC(mod_webdav_uri_handler) {
450 plugin_data *p = p_d;
451
452 UNUSED(srv);
453
454 if (buffer_is_empty(con->uri.path)) return HANDLER_GO_ON;
455
456 mod_webdav_patch_connection(srv, con, p);
457
458 if (!p->conf.enabled) return HANDLER_GO_ON;
459
460 switch (con->request.http_method) {
461 case HTTP_METHOD_OPTIONS:
462 /* we fake a little bit but it makes MS W2k happy and it let's us mount the volume */
463 response_header_overwrite(srv, con, CONST_STR_LEN("DAV"), CONST_STR_LEN("1,2"));
464 response_header_overwrite(srv, con, CONST_STR_LEN("MS-Author-Via"), CONST_STR_LEN("DAV"));
465
466 if (p->conf.is_readonly) {
467 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND"));
468 } else {
469 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND, DELETE, MKCOL, PUT, MOVE, COPY, PROPPATCH, LOCK, UNLOCK"));
470 }
471 break;
472 default:
473 break;
474 }
475
476 /* not found */
477 return HANDLER_GO_ON;
478 }
479 static int webdav_gen_prop_tag(server *srv, connection *con,
480 char *prop_name,
481 char *prop_ns,
482 char *value,
483 buffer *b) {
484
485 UNUSED(srv);
486 UNUSED(con);
487
488 if (value) {
489 buffer_append_string_len(b,CONST_STR_LEN("<"));
490 buffer_append_string(b, prop_name);
491 buffer_append_string_len(b, CONST_STR_LEN(" xmlns=\""));
492 buffer_append_string(b, prop_ns);
493 buffer_append_string_len(b, CONST_STR_LEN("\">"));
494
495 buffer_append_string(b, value);
496
497 buffer_append_string_len(b,CONST_STR_LEN("</"));
498 buffer_append_string(b, prop_name);
499 buffer_append_string_len(b, CONST_STR_LEN(">"));
500 } else {
501 buffer_append_string_len(b,CONST_STR_LEN("<"));
502 buffer_append_string(b, prop_name);
503 buffer_append_string_len(b, CONST_STR_LEN(" xmlns=\""));
504 buffer_append_string(b, prop_ns);
505 buffer_append_string_len(b, CONST_STR_LEN("\"/>"));
506 }
507
508 return 0;
509 }
510
511
512 static int webdav_gen_response_status_tag(server *srv, connection *con, physical *dst, int status, buffer *b) {
513 UNUSED(srv);
514
515 buffer_append_string_len(b,CONST_STR_LEN("<D:response xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
516
517 buffer_append_string_len(b,CONST_STR_LEN("<D:href>\n"));
518 buffer_append_string_buffer(b, dst->rel_path);
519 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
520 buffer_append_string_len(b,CONST_STR_LEN("<D:status>\n"));
521
522 if (con->request.http_version == HTTP_VERSION_1_1) {
523 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.1 "));
524 } else {
525 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.0 "));
526 }
527 buffer_append_int(b, status);
528 buffer_append_string_len(b, CONST_STR_LEN(" "));
529 buffer_append_string(b, get_http_status_name(status));
530
531 buffer_append_string_len(b,CONST_STR_LEN("</D:status>\n"));
532 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
533
534 return 0;
535 }
536
537 static int webdav_delete_file(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
538 int status = 0;
539
540 /* try to unlink it */
541 if (-1 == unlink(dst->path->ptr)) {
542 switch(errno) {
543 case EACCES:
544 case EPERM:
545 /* 403 */
546 status = 403;
547 break;
548 default:
549 status = 501;
550 break;
551 }
552 webdav_gen_response_status_tag(srv, con, dst, status, b);
553 } else {
554 #ifdef USE_PROPPATCH
555 sqlite3_stmt *stmt = hctx->conf.stmt_delete_uri;
556
557 if (!stmt) {
558 status = 403;
559 webdav_gen_response_status_tag(srv, con, dst, status, b);
560 } else {
561 sqlite3_reset(stmt);
562
563 /* bind the values to the insert */
564
565 sqlite3_bind_text(stmt, 1,
566 CONST_BUF_LEN(dst->rel_path),
567 SQLITE_TRANSIENT);
568
569 if (SQLITE_DONE != sqlite3_step(stmt)) {
570 /* */
571 }
572 }
573 #else
574 UNUSED(hctx);
575 #endif
576 }
577
578 return (status != 0);
579 }
580
581 static int webdav_delete_dir(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
582 DIR *dir;
583 int have_multi_status = 0;
584 physical d;
585
586 d.path = buffer_init();
587 d.rel_path = buffer_init();
588
589 if (NULL != (dir = opendir(dst->path->ptr))) {
590 struct dirent *de;
591
592 while(NULL != (de = readdir(dir))) {
593 struct stat st;
594
595 if ((de->d_name[0] == '.' && de->d_name[1] == '\0') ||
596 (de->d_name[0] == '.' && de->d_name[1] == '.' && de->d_name[2] == '\0')) {
597 continue;
598 /* ignore the parent dir */
599 }
600
601 buffer_copy_buffer(d.path, dst->path);
602 buffer_append_slash(d.path);
603 buffer_append_string(d.path, de->d_name);
604
605 buffer_copy_buffer(d.rel_path, dst->rel_path);
606 buffer_append_slash(d.rel_path);
607 buffer_append_string(d.rel_path, de->d_name);
608
609 /* stat and unlink afterwards */
610 if (-1 == stat(d.path->ptr, &st)) {
611 /* don't about it yet, rmdir will fail too */
612 } else if (S_ISDIR(st.st_mode)) {
613 have_multi_status = webdav_delete_dir(srv, con, hctx, &d, b);
614
615 /* try to unlink it */
616 if (-1 == rmdir(d.path->ptr)) {
617 int status;
618 switch(errno) {
619 case EACCES:
620 case EPERM:
621 /* 403 */
622 status = 403;
623 break;
624 default:
625 status = 501;
626 break;
627 }
628 have_multi_status = 1;
629
630 webdav_gen_response_status_tag(srv, con, &d, status, b);
631 } else {
632 #ifdef USE_PROPPATCH
633 sqlite3_stmt *stmt = hctx->conf.stmt_delete_uri;
634
635 if (stmt) {
636 sqlite3_reset(stmt);
637
638 /* bind the values to the insert */
639
640 sqlite3_bind_text(stmt, 1,
641 CONST_BUF_LEN(d.rel_path),
642 SQLITE_TRANSIENT);
643
644 if (SQLITE_DONE != sqlite3_step(stmt)) {
645 /* */
646 }
647 }
648 #endif
649 }
650 } else {
651 have_multi_status = webdav_delete_file(srv, con, hctx, &d, b);
652 }
653 }
654 closedir(dir);
655
656 buffer_free(d.path);
657 buffer_free(d.rel_path);
658 }
659
660 return have_multi_status;
661 }
662
663 /* don't want to block when open()ing a fifo */
664 #if defined(O_NONBLOCK)
665 # define FIFO_NONBLOCK O_NONBLOCK
666 #else
667 # define FIFO_NONBLOCK 0
668 #endif
669
670 #ifndef O_BINARY
671 #define O_BINARY 0
672 #endif
673
674 static int webdav_copy_file(server *srv, connection *con, handler_ctx *hctx, physical *src, physical *dst, int overwrite) {
675 char *data;
676 ssize_t rd, wr, offset;
677 int status = 0, ifd, ofd;
678 UNUSED(srv);
679 UNUSED(con);
680
681 if (-1 == (ifd = open(src->path->ptr, O_RDONLY | O_BINARY | FIFO_NONBLOCK))) {
682 return 403;
683 }
684
685 if (-1 == (ofd = open(dst->path->ptr, O_WRONLY|O_TRUNC|O_CREAT|(overwrite ? 0 : O_EXCL), WEBDAV_FILE_MODE))) {
686 /* opening the destination failed for some reason */
687 switch(errno) {
688 case EEXIST:
689 status = 412;
690 break;
691 case EISDIR:
692 status = 409;
693 break;
694 case ENOENT:
695 /* at least one part in the middle wasn't existing */
696 status = 409;
697 break;
698 default:
699 status = 403;
700 break;
701 }
702 close(ifd);
703 return status;
704 }
705
706 data = malloc(131072);
707 force_assert(data);
708
709 while (0 < (rd = read(ifd, data, 131072))) {
710 offset = 0;
711 do {
712 wr = write(ofd, data+offset, (size_t)(rd-offset));
713 } while (wr >= 0 ? (offset += wr) != rd : (errno == EINTR));
714 if (-1 == wr) {
715 status = (errno == ENOSPC) ? 507 : 403;
716 break;
717 }
718
719 }
720 if (0 != rd && 0 == status) status = 403;
721
722 free(data);
723 close(ifd);
724 if (0 != close(ofd)) {
725 if (0 == status) status = (errno == ENOSPC) ? 507 : 403;
726 log_error_write(srv, __FILE__, __LINE__, "sbss",
727 "close ", dst->path, "failed: ", strerror(errno));
728 }
729
730 #ifdef USE_PROPPATCH
731 if (0 == status) {
732 /* copy worked fine, copy connected properties */
733 sqlite3_stmt *stmt = hctx->conf.stmt_copy_uri;
734
735 if (stmt) {
736 sqlite3_reset(stmt);
737
738 /* bind the values to the insert */
739 sqlite3_bind_text(stmt, 1,
740 CONST_BUF_LEN(dst->rel_path),
741 SQLITE_TRANSIENT);
742
743 sqlite3_bind_text(stmt, 2,
744 CONST_BUF_LEN(src->rel_path),
745 SQLITE_TRANSIENT);
746
747 if (SQLITE_DONE != sqlite3_step(stmt)) {
748 /* */
749 }
750 }
751 }
752 #else
753 UNUSED(hctx);
754 #endif
755 return status;
756 }
757
758 static int webdav_copy_dir(server *srv, connection *con, handler_ctx *hctx, physical *src, physical *dst, int overwrite) {
759 DIR *srcdir;
760 int status = 0;
761
762 if (NULL != (srcdir = opendir(src->path->ptr))) {
763 struct dirent *de;
764 physical s, d;
765
766 s.path = buffer_init();
767 s.rel_path = buffer_init();
768
769 d.path = buffer_init();
770 d.rel_path = buffer_init();
771
772 while (NULL != (de = readdir(srcdir))) {
773 struct stat st;
774
775 if ((de->d_name[0] == '.' && de->d_name[1] == '\0')
776 || (de->d_name[0] == '.' && de->d_name[1] == '.' && de->d_name[2] == '\0')) {
777 continue;
778 }
779
780 buffer_copy_buffer(s.path, src->path);
781 buffer_append_slash(s.path);
782 buffer_append_string(s.path, de->d_name);
783
784 buffer_copy_buffer(d.path, dst->path);
785 buffer_append_slash(d.path);
786 buffer_append_string(d.path, de->d_name);
787
788 buffer_copy_buffer(s.rel_path, src->rel_path);
789 buffer_append_slash(s.rel_path);
790 buffer_append_string(s.rel_path, de->d_name);
791
792 buffer_copy_buffer(d.rel_path, dst->rel_path);
793 buffer_append_slash(d.rel_path);
794 buffer_append_string(d.rel_path, de->d_name);
795
796 if (-1 == stat(s.path->ptr, &st)) {
797 /* why ? */
798 } else if (S_ISDIR(st.st_mode)) {
799 /* a directory */
800 if (-1 == mkdir(d.path->ptr, WEBDAV_DIR_MODE) &&
801 errno != EEXIST) {
802 /* WTH ? */
803 } else {
804 #ifdef USE_PROPPATCH
805 sqlite3_stmt *stmt = hctx->conf.stmt_copy_uri;
806
807 if (0 != (status = webdav_copy_dir(srv, con, hctx, &s, &d, overwrite))) {
808 break;
809 }
810 /* directory is copied, copy the properties too */
811
812 if (stmt) {
813 sqlite3_reset(stmt);
814
815 /* bind the values to the insert */
816 sqlite3_bind_text(stmt, 1,
817 CONST_BUF_LEN(dst->rel_path),
818 SQLITE_TRANSIENT);
819
820 sqlite3_bind_text(stmt, 2,
821 CONST_BUF_LEN(src->rel_path),
822 SQLITE_TRANSIENT);
823
824 if (SQLITE_DONE != sqlite3_step(stmt)) {
825 /* */
826 }
827 }
828 #endif
829 }
830 } else if (S_ISREG(st.st_mode)) {
831 /* a plain file */
832 if (0 != (status = webdav_copy_file(srv, con, hctx, &s, &d, overwrite))) {
833 break;
834 }
835 }
836 }
837
838 buffer_free(s.path);
839 buffer_free(s.rel_path);
840 buffer_free(d.path);
841 buffer_free(d.rel_path);
842
843 closedir(srcdir);
844 }
845
846 return status;
847 }
848
849 #ifdef USE_LOCKS
850 static void webdav_activelock(buffer *b,
851 const buffer *locktoken, const char *lockscope, const char *locktype, int depth, int timeout) {
852 buffer_append_string_len(b, CONST_STR_LEN("<D:activelock>\n"));
853
854 buffer_append_string_len(b, CONST_STR_LEN("<D:lockscope>"));
855 buffer_append_string_len(b, CONST_STR_LEN("<D:"));
856 buffer_append_string(b, lockscope);
857 buffer_append_string_len(b, CONST_STR_LEN("/>"));
858 buffer_append_string_len(b, CONST_STR_LEN("</D:lockscope>\n"));
859
860 buffer_append_string_len(b, CONST_STR_LEN("<D:locktype>"));
861 buffer_append_string_len(b, CONST_STR_LEN("<D:"));
862 buffer_append_string(b, locktype);
863 buffer_append_string_len(b, CONST_STR_LEN("/>"));
864 buffer_append_string_len(b, CONST_STR_LEN("</D:locktype>\n"));
865
866 buffer_append_string_len(b, CONST_STR_LEN("<D:depth>"));
867 buffer_append_string(b, depth == 0 ? "0" : "infinity");
868 buffer_append_string_len(b, CONST_STR_LEN("</D:depth>\n"));
869
870 buffer_append_string_len(b, CONST_STR_LEN("<D:timeout>"));
871 buffer_append_string_len(b, CONST_STR_LEN("Second-"));
872 buffer_append_int(b, timeout);
873 buffer_append_string_len(b, CONST_STR_LEN("</D:timeout>\n"));
874
875 buffer_append_string_len(b, CONST_STR_LEN("<D:owner>"));
876 buffer_append_string_len(b, CONST_STR_LEN("</D:owner>\n"));
877
878 buffer_append_string_len(b, CONST_STR_LEN("<D:locktoken>"));
879 buffer_append_string_len(b, CONST_STR_LEN("<D:href>"));
880 buffer_append_string_buffer(b, locktoken);
881 buffer_append_string_len(b, CONST_STR_LEN("</D:href>"));
882 buffer_append_string_len(b, CONST_STR_LEN("</D:locktoken>\n"));
883
884 buffer_append_string_len(b, CONST_STR_LEN("</D:activelock>\n"));
885 }
886
887 static void webdav_get_live_property_lockdiscovery(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
888
889 sqlite3_stmt *stmt = hctx->conf.stmt_read_lock_by_uri;
890 if (!stmt) { /*(should not happen)*/
891 buffer_append_string_len(b, CONST_STR_LEN("<D:lockdiscovery>\n</D:lockdiscovery>\n"));
892 return;
893 }
894 UNUSED(srv);
895 UNUSED(con);
896
897 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
898 * FROM locks
899 * WHERE resource = ? */
900
901 sqlite3_reset(stmt);
902
903 sqlite3_bind_text(stmt, 1,
904 CONST_BUF_LEN(dst->rel_path),
905 SQLITE_TRANSIENT);
906
907 buffer_append_string_len(b, CONST_STR_LEN("<D:lockdiscovery>\n"));
908 while (SQLITE_ROW == sqlite3_step(stmt)) {
909 const char *lockscope = (const char *)sqlite3_column_text(stmt, 2);
910 const char *locktype = (const char *)sqlite3_column_text(stmt, 3);
911 const int depth = sqlite3_column_int(stmt, 5);
912 const int timeout = sqlite3_column_int(stmt, 6);
913 buffer locktoken = { NULL, 0, 0 };
914 locktoken.ptr = (char *)sqlite3_column_text(stmt, 0);
915 locktoken.used = sqlite3_column_bytes(stmt, 0);
916 if (locktoken.used) ++locktoken.used;
917 locktoken.size = locktoken.used;
918
919 if (timeout > 0) {
920 webdav_activelock(b, &locktoken, lockscope, locktype, depth, timeout);
921 }
922 }
923 buffer_append_string_len(b, CONST_STR_LEN("</D:lockdiscovery>\n"));
924 }
925 #endif
926
927 static int webdav_get_live_property(server *srv, connection *con, handler_ctx *hctx, physical *dst, char *prop_name, buffer *b) {
928 stat_cache_entry *sce = NULL;
929 int found = 0;
930
931 UNUSED(hctx);
932
933 if (HANDLER_ERROR != (stat_cache_get_entry(srv, con, dst->path, &sce))) {
934 char ctime_buf[] = "2005-08-18T07:27:16Z";
935 char mtime_buf[] = "Thu, 18 Aug 2005 07:27:16 GMT";
936
937 if (0 == strcmp(prop_name, "resourcetype")) {
938 if (S_ISDIR(sce->st.st_mode)) {
939 buffer_append_string_len(b, CONST_STR_LEN("<D:resourcetype><D:collection/></D:resourcetype>"));
940 } else {
941 buffer_append_string_len(b, CONST_STR_LEN("<D:resourcetype/>"));
942 }
943 found = 1;
944 } else if (0 == strcmp(prop_name, "getcontenttype")) {
945 if (S_ISDIR(sce->st.st_mode)) {
946 buffer_append_string_len(b, CONST_STR_LEN("<D:getcontenttype>httpd/unix-directory</D:getcontenttype>"));
947 found = 1;
948 } else if(S_ISREG(sce->st.st_mode)) {
949 const buffer *type = stat_cache_mimetype_by_ext(con, CONST_BUF_LEN(dst->path));
950 if (NULL != type) {
951 buffer_append_string_len(b, CONST_STR_LEN("<D:getcontenttype>"));
952 buffer_append_string_buffer(b, type);
953 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontenttype>"));
954 found = 1;
955 }
956 }
957 } else if (0 == strcmp(prop_name, "creationdate")) {
958 buffer_append_string_len(b, CONST_STR_LEN("<D:creationdate ns0:dt=\"dateTime.tz\">"));
959 strftime(ctime_buf, sizeof(ctime_buf), "%Y-%m-%dT%H:%M:%SZ", gmtime(&(sce->st.st_ctime)));
960 buffer_append_string(b, ctime_buf);
961 buffer_append_string_len(b, CONST_STR_LEN("</D:creationdate>"));
962 found = 1;
963 } else if (0 == strcmp(prop_name, "getlastmodified")) {
964 buffer_append_string_len(b,CONST_STR_LEN("<D:getlastmodified ns0:dt=\"dateTime.rfc1123\">"));
965 strftime(mtime_buf, sizeof(mtime_buf), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&(sce->st.st_mtime)));
966 buffer_append_string(b, mtime_buf);
967 buffer_append_string_len(b, CONST_STR_LEN("</D:getlastmodified>"));
968 found = 1;
969 } else if (0 == strcmp(prop_name, "getcontentlength")) {
970 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontentlength>"));
971 buffer_append_int(b, sce->st.st_size);
972 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontentlength>"));
973 found = 1;
974 } else if (0 == strcmp(prop_name, "getcontentlanguage")) {
975 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontentlanguage>"));
976 buffer_append_string_len(b, CONST_STR_LEN("en"));
977 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontentlanguage>"));
978 found = 1;
979 } else if (0 == strcmp(prop_name, "getetag")) {
980 etag_create(con->physical.etag, &sce->st, con->etag_flags);
981 buffer_append_string_len(b, CONST_STR_LEN("<D:getetag>"));
982 buffer_append_string_buffer(b, con->physical.etag);
983 buffer_append_string_len(b, CONST_STR_LEN("</D:getetag>"));
984 buffer_reset(con->physical.etag);
985 found = 1;
986 #ifdef USE_LOCKS
987 } else if (0 == strcmp(prop_name, "lockdiscovery")) {
988 webdav_get_live_property_lockdiscovery(srv, con, hctx, dst, b);
989 found = 1;
990 } else if (0 == strcmp(prop_name, "supportedlock")) {
991 buffer_append_string_len(b,CONST_STR_LEN("<D:supportedlock>"));
992 buffer_append_string_len(b,CONST_STR_LEN("<D:lockentry>"));
993 buffer_append_string_len(b,CONST_STR_LEN("<D:lockscope><D:exclusive/></D:lockscope>"));
994 buffer_append_string_len(b,CONST_STR_LEN("<D:locktype><D:write/></D:locktype>"));
995 buffer_append_string_len(b,CONST_STR_LEN("</D:lockentry>"));
996 buffer_append_string_len(b, CONST_STR_LEN("</D:supportedlock>"));
997 found = 1;
998 #endif
999 }
1000 }
1001
1002 return found ? 0 : -1;
1003 }
1004
1005 static int webdav_get_property(server *srv, connection *con, handler_ctx *hctx, physical *dst, char *prop_name, char *prop_ns, buffer *b) {
1006 if (0 == strcmp(prop_ns, "DAV:")) {
1007 /* a local 'live' property */
1008 return webdav_get_live_property(srv, con, hctx, dst, prop_name, b);
1009 } else {
1010 int found = 0;
1011 #ifdef USE_PROPPATCH
1012 sqlite3_stmt *stmt = hctx->conf.stmt_select_prop;
1013
1014 if (stmt) {
1015 /* perhaps it is in sqlite3 */
1016 sqlite3_reset(stmt);
1017
1018 /* bind the values to the insert */
1019
1020 sqlite3_bind_text(stmt, 1,
1021 CONST_BUF_LEN(dst->rel_path),
1022 SQLITE_TRANSIENT);
1023 sqlite3_bind_text(stmt, 2,
1024 prop_name,
1025 strlen(prop_name),
1026 SQLITE_TRANSIENT);
1027 sqlite3_bind_text(stmt, 3,
1028 prop_ns,
1029 strlen(prop_ns),
1030 SQLITE_TRANSIENT);
1031
1032 /* it is the PK */
1033 while (SQLITE_ROW == sqlite3_step(stmt)) {
1034 /* there is a row for us, we only expect a single col 'value' */
1035 webdav_gen_prop_tag(srv, con, prop_name, prop_ns, (char *)sqlite3_column_text(stmt, 0), b);
1036 found = 1;
1037 }
1038 }
1039 #endif
1040 return found ? 0 : -1;
1041 }
1042
1043 /* not found */
1044 return -1;
1045 }
1046
1047 typedef struct {
1048 char *ns;
1049 char *prop;
1050 } webdav_property;
1051
1052 static webdav_property live_properties[] = {
1053 { "DAV:", "creationdate" },
1054 /*{ "DAV:", "displayname" },*//*(not implemented)*/
1055 { "DAV:", "getcontentlanguage" },
1056 { "DAV:", "getcontentlength" },
1057 { "DAV:", "getcontenttype" },
1058 { "DAV:", "getetag" },
1059 { "DAV:", "getlastmodified" },
1060 { "DAV:", "resourcetype" },
1061 /*{ "DAV:", "source" },*//*(not implemented)*/
1062 #ifdef USE_LOCKS
1063 { "DAV:", "lockdiscovery" },
1064 { "DAV:", "supportedlock" },
1065 #endif
1066
1067 { NULL, NULL }
1068 };
1069
1070 typedef struct {
1071 webdav_property **ptr;
1072
1073 size_t used;
1074 size_t size;
1075 } webdav_properties;
1076
1077 static int webdav_get_props(server *srv, connection *con, handler_ctx *hctx, physical *dst, webdav_properties *props, buffer *b_200, buffer *b_404) {
1078 size_t i;
1079
1080 if (props && props->used) {
1081 for (i = 0; i < props->used; i++) {
1082 webdav_property *prop;
1083
1084 prop = props->ptr[i];
1085
1086 if (0 != webdav_get_property(srv, con, hctx,
1087 dst, prop->prop, prop->ns, b_200)) {
1088 webdav_gen_prop_tag(srv, con, prop->prop, prop->ns, NULL, b_404);
1089 }
1090 }
1091 } else {
1092 for (i = 0; live_properties[i].prop; i++) {
1093 /* a local 'live' property */
1094 webdav_get_live_property(srv, con, hctx, dst, live_properties[i].prop, b_200);
1095 }
1096 }
1097
1098 return 0;
1099 }
1100
1101 #ifdef USE_PROPPATCH
1102 static int webdav_parse_chunkqueue(server *srv, connection *con, handler_ctx *hctx, chunkqueue *cq, xmlDoc **ret_xml) {
1103 xmlParserCtxtPtr ctxt;
1104 xmlDoc *xml;
1105 int res;
1106 int err;
1107
1108 chunk *c;
1109
1110 UNUSED(con);
1111
1112 /* read the chunks in to the XML document */
1113 ctxt = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
1114
1115 for (c = cq->first; cq->bytes_out != cq->bytes_in; c = cq->first) {
1116 size_t weWant = cq->bytes_out - cq->bytes_in;
1117 size_t weHave;
1118 int mapped;
1119 void *data;
1120
1121 switch(c->type) {
1122 case FILE_CHUNK:
1123 weHave = c->file.length - c->offset;
1124
1125 if (weHave > weWant) weHave = weWant;
1126
1127 /* xml chunks are always memory, mmap() is our friend */
1128 mapped = (c->file.mmap.start != MAP_FAILED);
1129 if (mapped) {
1130 data = c->file.mmap.start + c->offset;
1131 } else {
1132 if (-1 == c->file.fd && /* open the file if not already open */
1133 -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
1134 log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno));
1135
1136 return -1;
1137 }
1138
1139 if (MAP_FAILED != (c->file.mmap.start = mmap(0, c->file.length, PROT_READ, MAP_PRIVATE, c->file.fd, 0))) {
1140 /* chunk_reset() or chunk_free() will cleanup for us */
1141 c->file.mmap.length = c->file.length;
1142 data = c->file.mmap.start + c->offset;
1143 mapped = 1;
1144 } else {
1145 ssize_t rd;
1146 if (weHave > 65536) weHave = 65536;
1147 data = malloc(weHave);
1148 force_assert(data);
1149 if (-1 == lseek(c->file.fd, c->file.start + c->offset, SEEK_SET)
1150 || 0 > (rd = read(c->file.fd, data, weHave))) {
1151 log_error_write(srv, __FILE__, __LINE__, "ssbd", "lseek/read failed: ",
1152 strerror(errno), c->file.name, c->file.fd);
1153 free(data);
1154 return -1;
1155 }
1156 weHave = (size_t)rd;
1157 }
1158 }
1159
1160 if (XML_ERR_OK != (err = xmlParseChunk(ctxt, data, weHave, 0))) {
1161 log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
1162 }
1163
1164 chunkqueue_mark_written(cq, weHave);
1165
1166 if (!mapped) free(data);
1167 break;
1168 case MEM_CHUNK:
1169 /* append to the buffer */
1170 weHave = buffer_string_length(c->mem) - c->offset;
1171
1172 if (weHave > weWant) weHave = weWant;
1173
1174 if (hctx->conf.log_xml) {
1175 log_error_write(srv, __FILE__, __LINE__, "ss", "XML-request-body:", c->mem->ptr + c->offset);
1176 }
1177
1178 if (XML_ERR_OK != (err = xmlParseChunk(ctxt, c->mem->ptr + c->offset, weHave, 0))) {
1179 log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
1180 }
1181
1182 chunkqueue_mark_written(cq, weHave);
1183
1184 break;
1185 }
1186 }
1187
1188 switch ((err = xmlParseChunk(ctxt, 0, 0, 1))) {
1189 case XML_ERR_DOCUMENT_END:
1190 case XML_ERR_OK:
1191 break;
1192 default:
1193 log_error_write(srv, __FILE__, __LINE__, "sd", "xmlParseChunk failed at final packet:", err);
1194 break;
1195 }
1196
1197 xml = ctxt->myDoc;
1198 res = ctxt->wellFormed;
1199 xmlFreeParserCtxt(ctxt);
1200
1201 if (res == 0) {
1202 xmlFreeDoc(xml);
1203 } else {
1204 *ret_xml = xml;
1205 }
1206
1207 return res;
1208 }
1209 #endif
1210
1211 #ifdef USE_LOCKS
1212 static int webdav_lockdiscovery(server *srv, connection *con,
1213 buffer *locktoken, const char *lockscope, const char *locktype, int depth) {
1214
1215 buffer *b = buffer_init();
1216
1217 response_header_overwrite(srv, con, CONST_STR_LEN("Lock-Token"), CONST_BUF_LEN(locktoken));
1218
1219 response_header_overwrite(srv, con,
1220 CONST_STR_LEN("Content-Type"),
1221 CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1222
1223 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1224
1225 buffer_append_string_len(b,CONST_STR_LEN("<D:prop xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1226 buffer_append_string_len(b,CONST_STR_LEN("<D:lockdiscovery>\n"));
1227 webdav_activelock(b, locktoken, lockscope, locktype, depth, 600);
1228 buffer_append_string_len(b,CONST_STR_LEN("</D:lockdiscovery>\n"));
1229 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1230
1231 chunkqueue_append_buffer(con->write_queue, b);
1232 buffer_free(b);
1233
1234 return 0;
1235 }
1236 #endif
1237
1238 /**
1239 * check if resource is having the right locks to access to resource
1240 *
1241 *
1242 *
1243 */
1244 static int webdav_has_lock(server *srv, connection *con, handler_ctx *hctx, buffer *uri) {
1245 int has_lock = 1;
1246
1247 #ifdef USE_LOCKS
1248 data_string *ds;
1249 UNUSED(srv);
1250
1251 /**
1252 * This implementation is more fake than real
1253 * we need a parser for the If: header to really handle the full scope
1254 *
1255 * X-Litmus: locks: 11 (owner_modify)
1256 * If: <http://127.0.0.1:1025/dav/litmus/lockme> (<opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1>)
1257 * - a tagged check:
1258 * if http://127.0.0.1:1025/dav/litmus/lockme is locked with
1259 * opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1, go on
1260 *
1261 * X-Litmus: locks: 16 (fail_cond_put)
1262 * If: (<DAV:no-lock> ["-1622396671"])
1263 * - untagged:
1264 * go on if the resource has the etag [...] and the lock
1265 */
1266 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
1267 /* Ooh, ooh. A if tag, now the fun begins.
1268 *
1269 * this can only work with a real parser
1270 **/
1271 } else {
1272 /* we didn't provided a lock-token -> */
1273 /* if the resource is locked -> 423 */
1274
1275 sqlite3_stmt *stmt = hctx->conf.stmt_read_lock_by_uri;
1276
1277 sqlite3_reset(stmt);
1278
1279 sqlite3_bind_text(stmt, 1,
1280 CONST_BUF_LEN(uri),
1281 SQLITE_TRANSIENT);
1282
1283 while (SQLITE_ROW == sqlite3_step(stmt)) {
1284 has_lock = 0;
1285 }
1286 }
1287 #else
1288 UNUSED(srv);
1289 UNUSED(con);
1290 UNUSED(hctx);
1291 UNUSED(uri);
1292 #endif
1293
1294 return has_lock;
1295 }
1296
1297
1298 SUBREQUEST_FUNC(mod_webdav_subrequest_handler_huge) {
1299 plugin_data *p = p_d;
1300 handler_ctx *hctx = con->plugin_ctx[p->id];
1301 buffer *b;
1302 DIR *dir;
1303 data_string *ds;
1304 int depth = -1; /* (Depth: infinity) */
1305 struct stat st;
1306 buffer *prop_200;
1307 buffer *prop_404;
1308 webdav_properties *req_props;
1309 stat_cache_entry *sce = NULL;
1310
1311 UNUSED(srv);
1312
1313 if (NULL == hctx) return HANDLER_GO_ON;
1314 if (!hctx->conf.enabled) return HANDLER_GO_ON;
1315 /* physical path is setup */
1316 if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
1317
1318 /* PROPFIND need them */
1319 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Depth")) && 1 == buffer_string_length(ds->value)) {
1320 if ('0' == *ds->value->ptr) {
1321 depth = 0;
1322 } else if ('1' == *ds->value->ptr) {
1323 depth = 1;
1324 }
1325 } /* else treat as Depth: infinity */
1326
1327 switch (con->request.http_method) {
1328 case HTTP_METHOD_PROPFIND:
1329 /* they want to know the properties of the directory */
1330 req_props = NULL;
1331
1332 /* is there a content-body ? */
1333
1334 switch (stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
1335 case HANDLER_ERROR:
1336 if (errno == ENOENT) {
1337 con->http_status = 404;
1338 return HANDLER_FINISHED;
1339 }
1340 break;
1341 default:
1342 break;
1343 }
1344
1345 if (S_ISDIR(sce->st.st_mode) && con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
1346 http_response_redirect_to_directory(srv, con);
1347 return HANDLER_FINISHED;
1348 }
1349
1350 #ifdef USE_PROPPATCH
1351 /* any special requests or just allprop ? */
1352 if (con->request.content_length) {
1353 xmlDocPtr xml;
1354
1355 if (con->state == CON_STATE_READ_POST) {
1356 handler_t r = connection_handle_read_post_state(srv, con);
1357 if (r != HANDLER_GO_ON) return r;
1358 }
1359
1360 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
1361 xmlNode *rootnode = xmlDocGetRootElement(xml);
1362
1363 force_assert(rootnode);
1364
1365 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "propfind")) {
1366 xmlNode *cmd;
1367
1368 req_props = calloc(1, sizeof(*req_props));
1369
1370 for (cmd = rootnode->children; cmd; cmd = cmd->next) {
1371
1372 if (0 == xmlStrcmp(cmd->name, BAD_CAST "prop")) {
1373 /* get prop by name */
1374 xmlNode *prop;
1375
1376 for (prop = cmd->children; prop; prop = prop->next) {
1377 if (prop->type == XML_TEXT_NODE) continue; /* ignore WS */
1378
1379 if (prop->ns &&
1380 (0 == xmlStrcmp(prop->ns->href, BAD_CAST "")) &&
1381 (0 != xmlStrcmp(prop->ns->prefix, BAD_CAST ""))) {
1382 size_t i;
1383 log_error_write(srv, __FILE__, __LINE__, "ss",
1384 "no name space for:",
1385 prop->name);
1386
1387 xmlFreeDoc(xml);
1388
1389 for (i = 0; i < req_props->used; i++) {
1390 free(req_props->ptr[i]->ns);
1391 free(req_props->ptr[i]->prop);
1392 free(req_props->ptr[i]);
1393 }
1394 free(req_props->ptr);
1395 free(req_props);
1396
1397 con->http_status = 400;
1398 return HANDLER_FINISHED;
1399 }
1400
1401 /* add property to requested list */
1402 if (req_props->size == 0) {
1403 req_props->size = 16;
1404 req_props->ptr = malloc(sizeof(*(req_props->ptr)) * req_props->size);
1405 } else if (req_props->used == req_props->size) {
1406 req_props->size += 16;
1407 req_props->ptr = realloc(req_props->ptr, sizeof(*(req_props->ptr)) * req_props->size);
1408 }
1409
1410 req_props->ptr[req_props->used] = malloc(sizeof(webdav_property));
1411 req_props->ptr[req_props->used]->ns = (char *)xmlStrdup(prop->ns ? prop->ns->href : (xmlChar *)"");
1412 req_props->ptr[req_props->used]->prop = (char *)xmlStrdup(prop->name);
1413 req_props->used++;
1414 }
1415 } else if (0 == xmlStrcmp(cmd->name, BAD_CAST "propname")) {
1416 sqlite3_stmt *stmt = p->conf.stmt_select_propnames;
1417
1418 if (stmt) {
1419 /* get all property names (EMPTY) */
1420 sqlite3_reset(stmt);
1421 /* bind the values to the insert */
1422
1423 sqlite3_bind_text(stmt, 1,
1424 CONST_BUF_LEN(con->uri.path),
1425 SQLITE_TRANSIENT);
1426
1427 if (SQLITE_DONE != sqlite3_step(stmt)) {
1428 }
1429 }
1430 } else if (0 == xmlStrcmp(cmd->name, BAD_CAST "allprop")) {
1431 /* get all properties (EMPTY) */
1432 }
1433 }
1434 }
1435
1436 xmlFreeDoc(xml);
1437 } else {
1438 con->http_status = 400;
1439 return HANDLER_FINISHED;
1440 }
1441 }
1442 #endif
1443 con->http_status = 207;
1444
1445 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1446
1447 b = buffer_init();
1448
1449 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1450
1451 buffer_append_string_len(b,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1452
1453 /* allprop */
1454
1455 prop_200 = buffer_init();
1456 prop_404 = buffer_init();
1457
1458 {
1459 /* Depth: 0 or Depth: 1 */
1460 webdav_get_props(srv, con, hctx, &(con->physical), req_props, prop_200, prop_404);
1461
1462 buffer_append_string_len(b,CONST_STR_LEN("<D:response>\n"));
1463 buffer_append_string_len(b,CONST_STR_LEN("<D:href>"));
1464 buffer_append_string_buffer(b, con->uri.scheme);
1465 buffer_append_string_len(b,CONST_STR_LEN("://"));
1466 buffer_append_string_buffer(b, con->uri.authority);
1467 buffer_append_string_encoded(b, CONST_BUF_LEN(con->uri.path), ENCODING_REL_URI);
1468 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
1469
1470 if (!buffer_string_is_empty(prop_200)) {
1471 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1472 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1473
1474 buffer_append_string_buffer(b, prop_200);
1475
1476 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1477
1478 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1479
1480 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1481 }
1482 if (!buffer_string_is_empty(prop_404)) {
1483 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1484 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1485
1486 buffer_append_string_buffer(b, prop_404);
1487
1488 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1489
1490 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1491
1492 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1493 }
1494
1495 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
1496 }
1497
1498 if (depth == 1) {
1499
1500 if (NULL != (dir = opendir(con->physical.path->ptr))) {
1501 struct dirent *de;
1502 physical d;
1503 physical *dst = &(con->physical);
1504
1505 d.path = buffer_init();
1506 d.rel_path = buffer_init();
1507
1508 while(NULL != (de = readdir(dir))) {
1509 if (de->d_name[0] == '.' && (de->d_name[1] == '\0' || (de->d_name[1] == '.' && de->d_name[2] == '\0'))) {
1510 continue;
1511 /* ignore the parent and target dir */
1512 }
1513
1514 buffer_copy_buffer(d.path, dst->path);
1515 buffer_append_slash(d.path);
1516
1517 buffer_copy_buffer(d.rel_path, dst->rel_path);
1518 buffer_append_slash(d.rel_path);
1519
1520 buffer_append_string(d.path, de->d_name);
1521 buffer_append_string(d.rel_path, de->d_name);
1522
1523 buffer_reset(prop_200);
1524 buffer_reset(prop_404);
1525
1526 webdav_get_props(srv, con, hctx, &d, req_props, prop_200, prop_404);
1527
1528 buffer_append_string_len(b,CONST_STR_LEN("<D:response>\n"));
1529 buffer_append_string_len(b,CONST_STR_LEN("<D:href>"));
1530 buffer_append_string_buffer(b, con->uri.scheme);
1531 buffer_append_string_len(b,CONST_STR_LEN("://"));
1532 buffer_append_string_buffer(b, con->uri.authority);
1533 buffer_append_string_encoded(b, CONST_BUF_LEN(d.rel_path), ENCODING_REL_URI);
1534 if (0 == stat(d.path->ptr, &st) && S_ISDIR(st.st_mode)) {
1535 /* Append a '/' on subdirectories */
1536 buffer_append_string_len(b,CONST_STR_LEN("/"));
1537 }
1538 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
1539
1540 if (!buffer_string_is_empty(prop_200)) {
1541 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1542 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1543
1544 buffer_append_string_buffer(b, prop_200);
1545
1546 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1547
1548 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1549
1550 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1551 }
1552 if (!buffer_string_is_empty(prop_404)) {
1553 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1554 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1555
1556 buffer_append_string_buffer(b, prop_404);
1557
1558 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1559
1560 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1561
1562 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1563 }
1564
1565 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
1566 }
1567 closedir(dir);
1568 buffer_free(d.path);
1569 buffer_free(d.rel_path);
1570 }
1571
1572 }
1573
1574 if (req_props) {
1575 size_t i;
1576 for (i = 0; i < req_props->used; i++) {
1577 free(req_props->ptr[i]->ns);
1578 free(req_props->ptr[i]->prop);
1579 free(req_props->ptr[i]);
1580 }
1581 free(req_props->ptr);
1582 free(req_props);
1583 }
1584
1585 buffer_free(prop_200);
1586 buffer_free(prop_404);
1587
1588 buffer_append_string_len(b,CONST_STR_LEN("</D:multistatus>\n"));
1589
1590 if (p->conf.log_xml) {
1591 log_error_write(srv, __FILE__, __LINE__, "sb", "XML-response-body:", b);
1592 }
1593
1594 chunkqueue_append_buffer(con->write_queue, b);
1595 buffer_free(b);
1596
1597 con->file_finished = 1;
1598
1599 return HANDLER_FINISHED;
1600 case HTTP_METHOD_MKCOL:
1601 if (p->conf.is_readonly) {
1602 con->http_status = 403;
1603 return HANDLER_FINISHED;
1604 }
1605
1606 if (con->request.content_length != 0) {
1607 /* we don't support MKCOL with a body */
1608 con->http_status = 415;
1609
1610 return HANDLER_FINISHED;
1611 }
1612
1613 /* let's create the directory */
1614
1615 if (-1 == mkdir(con->physical.path->ptr, WEBDAV_DIR_MODE)) {
1616 switch(errno) {
1617 case EPERM:
1618 con->http_status = 403;
1619 break;
1620 case ENOENT:
1621 case ENOTDIR:
1622 con->http_status = 409;
1623 break;
1624 case EEXIST:
1625 default:
1626 con->http_status = 405; /* not allowed */
1627 break;
1628 }
1629 } else {
1630 con->http_status = 201;
1631 con->file_finished = 1;
1632 }
1633
1634 return HANDLER_FINISHED;
1635 case HTTP_METHOD_DELETE:
1636 if (p->conf.is_readonly) {
1637 con->http_status = 403;
1638 return HANDLER_FINISHED;
1639 }
1640
1641 /* does the client have a lock for this connection ? */
1642 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
1643 con->http_status = 423;
1644 return HANDLER_FINISHED;
1645 }
1646
1647 /* stat and unlink afterwards */
1648 if (-1 == stat(con->physical.path->ptr, &st)) {
1649 /* don't about it yet, unlink will fail too */
1650 switch(errno) {
1651 case ENOENT:
1652 con->http_status = 404;
1653 break;
1654 default:
1655 con->http_status = 403;
1656 break;
1657 }
1658 } else if (S_ISDIR(st.st_mode)) {
1659 buffer *multi_status_resp;
1660
1661 if (con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
1662 http_response_redirect_to_directory(srv, con);
1663 return HANDLER_FINISHED;
1664 }
1665
1666 multi_status_resp = buffer_init();
1667
1668 if (webdav_delete_dir(srv, con, hctx, &(con->physical), multi_status_resp)) {
1669 /* we got an error somewhere in between, build a 207 */
1670 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1671
1672 b = buffer_init();
1673
1674 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1675
1676 buffer_append_string_len(b,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\">\n"));
1677
1678 buffer_append_string_buffer(b, multi_status_resp);
1679
1680 buffer_append_string_len(b,CONST_STR_LEN("</D:multistatus>\n"));
1681
1682 if (p->conf.log_xml) {
1683 log_error_write(srv, __FILE__, __LINE__, "sb", "XML-response-body:", b);
1684 }
1685
1686 chunkqueue_append_buffer(con->write_queue, b);
1687 buffer_free(b);
1688
1689 con->http_status = 207;
1690 con->file_finished = 1;
1691 } else {
1692 /* everything went fine, remove the directory */
1693
1694 if (-1 == rmdir(con->physical.path->ptr)) {
1695 switch(errno) {
1696 case EPERM:
1697 con->http_status = 403;
1698 break;
1699 case ENOENT:
1700 con->http_status = 404;
1701 break;
1702 default:
1703 con->http_status = 501;
1704 break;
1705 }
1706 } else {
1707 con->http_status = 204;
1708 }
1709 }
1710
1711 buffer_free(multi_status_resp);
1712 } else if (-1 == unlink(con->physical.path->ptr)) {
1713 switch(errno) {
1714 case EPERM:
1715 con->http_status = 403;
1716 break;
1717 case ENOENT:
1718 con->http_status = 404;
1719 break;
1720 default:
1721 con->http_status = 501;
1722 break;
1723 }
1724 } else {
1725 con->http_status = 204;
1726 }
1727 return HANDLER_FINISHED;
1728 case HTTP_METHOD_PUT: {
1729 int fd;
1730 chunkqueue *cq = con->request_content_queue;
1731 chunk *c;
1732 data_string *ds_range;
1733
1734 if (p->conf.is_readonly) {
1735 con->http_status = 403;
1736 return HANDLER_FINISHED;
1737 }
1738
1739 /* is a exclusive lock set on the source */
1740 /* (check for lock once before potentially reading large input) */
1741 if (0 == cq->bytes_in && !webdav_has_lock(srv, con, hctx, con->uri.path)) {
1742 con->http_status = 423;
1743 return HANDLER_FINISHED;
1744 }
1745
1746 if (con->state == CON_STATE_READ_POST) {
1747 handler_t r = connection_handle_read_post_state(srv, con);
1748 if (r != HANDLER_GO_ON) return r;
1749 }
1750
1751 /* RFC2616 Section 9.6 PUT requires us to send 501 on all Content-* we don't support
1752 * - most important Content-Range
1753 *
1754 *
1755 * Example: Content-Range: bytes 100-1037/1038 */
1756
1757 if (NULL != (ds_range = (data_string *)array_get_element(con->request.headers, "Content-Range"))) {
1758 const char *num = ds_range->value->ptr;
1759 off_t offset;
1760 char *err = NULL;
1761
1762 if (0 != strncmp(num, "bytes ", 6)) {
1763 con->http_status = 501; /* not implemented */
1764
1765 return HANDLER_FINISHED;
1766 }
1767
1768 /* we only support <num>- ... */
1769
1770 num += 6;
1771
1772 /* skip WS */
1773 while (*num == ' ' || *num == '\t') num++;
1774
1775 if (*num == '\0') {
1776 con->http_status = 501; /* not implemented */
1777
1778 return HANDLER_FINISHED;
1779 }
1780
1781 offset = strtoll(num, &err, 10);
1782
1783 if (*err != '-' || offset < 0) {
1784 con->http_status = 501; /* not implemented */
1785
1786 return HANDLER_FINISHED;
1787 }
1788
1789 if (-1 == (fd = open(con->physical.path->ptr, O_WRONLY, WEBDAV_FILE_MODE))) {
1790 switch (errno) {
1791 case ENOENT:
1792 con->http_status = 404; /* not found */
1793 break;
1794 default:
1795 con->http_status = 403; /* not found */
1796 break;
1797 }
1798 return HANDLER_FINISHED;
1799 }
1800
1801 if (-1 == lseek(fd, offset, SEEK_SET)) {
1802 con->http_status = 501; /* not implemented */
1803
1804 close(fd);
1805
1806 return HANDLER_FINISHED;
1807 }
1808 con->http_status = 200; /* modified */
1809 } else {
1810 /* take what we have in the request-body and write it to a file */
1811
1812 /* if the file doesn't exist, create it */
1813 if (-1 == (fd = open(con->physical.path->ptr, O_WRONLY|O_TRUNC, WEBDAV_FILE_MODE))) {
1814 if (errno != ENOENT ||
1815 -1 == (fd = open(con->physical.path->ptr, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, WEBDAV_FILE_MODE))) {
1816 /* we can't open the file */
1817 con->http_status = 403;
1818
1819 return HANDLER_FINISHED;
1820 } else {
1821 con->http_status = 201; /* created */
1822 }
1823 } else {
1824 con->http_status = 200; /* modified */
1825 }
1826 }
1827
1828 con->file_finished = 1;
1829
1830 for (c = cq->first; c; c = cq->first) {
1831 int r = 0;
1832 int mapped;
1833 void *data;
1834 size_t dlen;
1835
1836 /* copy all chunks */
1837 switch(c->type) {
1838 case FILE_CHUNK:
1839
1840 mapped = (c->file.mmap.start != MAP_FAILED);
1841 dlen = c->file.length - c->offset;
1842 if (mapped) {
1843 data = c->file.mmap.start + c->offset;
1844 } else {
1845 if (-1 == c->file.fd && /* open the file if not already open */
1846 -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
1847 log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno));
1848 close(fd);
1849 return HANDLER_ERROR;
1850 }
1851
1852 if (MAP_FAILED != (c->file.mmap.start = mmap(NULL, c->file.length, PROT_READ, MAP_PRIVATE, c->file.fd, 0))) {
1853 /* chunk_reset() or chunk_free() will cleanup for us */
1854 c->file.mmap.length = c->file.length;
1855 data = c->file.mmap.start + c->offset;
1856 mapped = 1;
1857 } else {
1858 ssize_t rd;
1859 if (dlen > 65536) dlen = 65536;
1860 data = malloc(dlen);
1861 force_assert(data);
1862 if (-1 == lseek(c->file.fd, c->file.start + c->offset, SEEK_SET)
1863 || 0 > (rd = read(c->file.fd, data, dlen))) {
1864 log_error_write(srv, __FILE__, __LINE__, "ssbd", "lseek/read failed: ",
1865 strerror(errno), c->file.name, c->file.fd);
1866 free(data);
1867 close(fd);
1868 return HANDLER_ERROR;
1869 }
1870 dlen = (size_t)rd;
1871 }
1872
1873 }
1874
1875 if ((r = write(fd, data, dlen)) < 0) {
1876 switch(errno) {
1877 case ENOSPC:
1878 con->http_status = 507;
1879
1880 break;
1881 default:
1882 con->http_status = 403;
1883 break;
1884 }
1885 }
1886
1887 if (!mapped) free(data);
1888 break;
1889 case MEM_CHUNK:
1890 if ((r = write(fd, c->mem->ptr + c->offset, buffer_string_length(c->mem) - c->offset)) < 0) {
1891 switch(errno) {
1892 case ENOSPC:
1893 con->http_status = 507;
1894
1895 break;
1896 default:
1897 con->http_status = 403;
1898 break;
1899 }
1900 }
1901 break;
1902 }
1903
1904 if (r > 0) {
1905 chunkqueue_mark_written(cq, r);
1906 } else {
1907 break;
1908 }
1909 }
1910 if (0 != close(fd)) {
1911 log_error_write(srv, __FILE__, __LINE__, "sbss",
1912 "close ", con->physical.path, "failed: ", strerror(errno));
1913 return HANDLER_ERROR;
1914 }
1915
1916 return HANDLER_FINISHED;
1917 }
1918 case HTTP_METHOD_MOVE:
1919 case HTTP_METHOD_COPY: {
1920 buffer *destination = NULL;
1921 char *sep, *sep2, *start;
1922 int overwrite = 1;
1923
1924 if (p->conf.is_readonly) {
1925 con->http_status = 403;
1926 return HANDLER_FINISHED;
1927 }
1928
1929 /* is a exclusive lock set on the source */
1930 if (con->request.http_method == HTTP_METHOD_MOVE) {
1931 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
1932 con->http_status = 423;
1933 return HANDLER_FINISHED;
1934 }
1935 }
1936
1937 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Destination"))) {
1938 destination = ds->value;
1939 } else {
1940 con->http_status = 400;
1941 return HANDLER_FINISHED;
1942 }
1943
1944 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Overwrite"))) {
1945 if (buffer_string_length(ds->value) != 1 ||
1946 (ds->value->ptr[0] != 'F' &&
1947 ds->value->ptr[0] != 'T') ) {
1948 con->http_status = 400;
1949 return HANDLER_FINISHED;
1950 }
1951 overwrite = (ds->value->ptr[0] == 'F' ? 0 : 1);
1952 }
1953 /* let's parse the Destination
1954 *
1955 * http://127.0.0.1:1025/dav/litmus/copydest
1956 *
1957 * - host has to be the same as the Host: header we got
1958 * - we have to stay inside the document root
1959 * - the query string is thrown away
1960 * */
1961
1962 buffer_reset(p->uri.scheme);
1963 buffer_reset(p->uri.path_raw);
1964 buffer_reset(p->uri.authority);
1965
1966 start = destination->ptr;
1967
1968 if (NULL == (sep = strstr(start, "://"))) {
1969 con->http_status = 400;
1970 return HANDLER_FINISHED;
1971 }
1972 buffer_copy_string_len(p->uri.scheme, start, sep - start);
1973
1974 start = sep + 3;
1975
1976 if (NULL == (sep = strchr(start, '/'))) {
1977 con->http_status = 400;
1978 return HANDLER_FINISHED;
1979 }
1980 if (NULL != (sep2 = memchr(start, '@', sep - start))) {
1981 /* skip login information */
1982 start = sep2 + 1;
1983 }
1984 buffer_copy_string_len(p->uri.authority, start, sep - start);
1985
1986 start = sep + 1;
1987
1988 if (NULL == (sep = strchr(start, '?'))) {
1989 /* no query string, good */
1990 buffer_copy_string(p->uri.path_raw, start);
1991 } else {
1992 buffer_copy_string_len(p->uri.path_raw, start, sep - start);
1993 }
1994
1995 if (!buffer_is_equal(p->uri.authority, con->uri.authority)) {
1996 /* not the same host */
1997 con->http_status = 502;
1998 return HANDLER_FINISHED;
1999 }
2000
2001 buffer_copy_buffer(p->tmp_buf, p->uri.path_raw);
2002 buffer_urldecode_path(p->tmp_buf);
2003 buffer_path_simplify(p->uri.path, p->tmp_buf);
2004
2005 /* we now have a URI which is clean. transform it into a physical path */
2006 buffer_copy_buffer(p->physical.doc_root, con->physical.doc_root);
2007 buffer_copy_buffer(p->physical.rel_path, p->uri.path);
2008
2009 if (con->conf.force_lowercase_filenames) {
2010 buffer_to_lower(p->physical.rel_path);
2011 }
2012
2013 /* Destination physical path
2014 * src con->physical.path might have been remapped with mod_alias.
2015 * (but mod_alias does not modify con->physical.rel_path)
2016 * Find matching prefix to support use of mod_alias to remap webdav root.
2017 * Aliasing of paths underneath the webdav root might not work.
2018 * Likewise, mod_rewrite URL rewriting might thwart this comparison.
2019 * Use mod_redirect instead of mod_alias to remap paths *under* webdav root.
2020 * Use mod_redirect instead of mod_rewrite on *any* parts of path to webdav.
2021 * (Related, use mod_auth to protect webdav root, but avoid attempting to
2022 * use mod_auth on paths underneath webdav root, as Destination is not
2023 * validated with mod_auth)
2024 *
2025 * tl;dr: webdav paths and webdav properties are managed by mod_webdav,
2026 * so do not modify paths externally or else undefined behavior
2027 * or corruption may occur
2028 */
2029 {
2030 /* find matching URI prefix
2031 * check if remaining con->physical.rel_path matches suffix
2032 * of con->physical.basedir so that we can use it to
2033 * remap Destination physical path */
2034 size_t i, remain;
2035 sep = con->uri.path->ptr;
2036 sep2 = p->uri.path->ptr;
2037 for (i = 0; sep[i] && sep[i] == sep2[i]; ++i) ;
2038 if (sep[i] == '\0' && (sep2[i] == '\0' || sep2[i] == '/' || (i > 0 && sep[i-1] == '/'))) {
2039 /* src and dst URI match or dst is nested inside src; invalid COPY or MOVE */
2040 con->http_status = 403;
2041 return HANDLER_FINISHED;
2042 }
2043 while (i != 0 && sep[--i] != '/') ; /* find matching directory path */
2044 remain = buffer_string_length(con->uri.path) - i;
2045 if (!con->conf.force_lowercase_filenames
2046 ? buffer_is_equal_right_len(con->physical.path, con->physical.rel_path, remain)
2047 :(buffer_string_length(con->physical.path) >= remain
2048 && 0 == strncasecmp(con->physical.path->ptr+buffer_string_length(con->physical.path)-remain, con->physical.rel_path->ptr+i, remain))) {
2049 /* (at this point, p->physical.rel_path is identical to (or lowercased version of) p->uri.path) */
2050 buffer_copy_string_len(p->physical.path, con->physical.path->ptr, buffer_string_length(con->physical.path)-remain);
2051 buffer_append_string_len(p->physical.path, p->physical.rel_path->ptr+i, buffer_string_length(p->physical.rel_path)-i);
2052
2053 buffer_copy_buffer(p->physical.basedir, con->physical.basedir);
2054 buffer_append_slash(p->physical.basedir);
2055 } else {
2056 /* unable to perform physical path remap here;
2057 * assume doc_root/rel_path and no remapping */
2058 buffer_copy_buffer(p->physical.path, p->physical.doc_root);
2059 buffer_append_slash(p->physical.path);
2060 buffer_copy_buffer(p->physical.basedir, p->physical.path);
2061
2062 /* don't add a second / */
2063 if (p->physical.rel_path->ptr[0] == '/') {
2064 buffer_append_string_len(p->physical.path, p->physical.rel_path->ptr + 1, buffer_string_length(p->physical.rel_path) - 1);
2065 } else {
2066 buffer_append_string_buffer(p->physical.path, p->physical.rel_path);
2067 }
2068 }
2069 }
2070
2071 /* let's see if the source is a directory
2072 * if yes, we fail with 501 */
2073
2074 if (-1 == stat(con->physical.path->ptr, &st)) {
2075 /* don't about it yet, unlink will fail too */
2076 switch(errno) {
2077 case ENOENT:
2078 con->http_status = 404;
2079 break;
2080 default:
2081 con->http_status = 403;
2082 break;
2083 }
2084 } else if (S_ISDIR(st.st_mode)) {
2085 int r;
2086 int created = 0;
2087 /* src is a directory */
2088
2089 if (con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
2090 http_response_redirect_to_directory(srv, con);
2091 return HANDLER_FINISHED;
2092 }
2093
2094 if (-1 == stat(p->physical.path->ptr, &st)) {
2095 if (-1 == mkdir(p->physical.path->ptr, WEBDAV_DIR_MODE)) {
2096 con->http_status = 403;
2097 return HANDLER_FINISHED;
2098 }
2099 created = 1;
2100 } else if (!S_ISDIR(st.st_mode)) {
2101 if (overwrite == 0) {
2102 /* copying into a non-dir ? */
2103 con->http_status = 409;
2104 return HANDLER_FINISHED;
2105 } else {
2106 unlink(p->physical.path->ptr);
2107 if (-1 == mkdir(p->physical.path->ptr, WEBDAV_DIR_MODE)) {
2108 con->http_status = 403;
2109 return HANDLER_FINISHED;
2110 }
2111 created = 1;
2112 }
2113 }
2114
2115 /* copy the content of src to dest */
2116 if (0 != (r = webdav_copy_dir(srv, con, hctx, &(con->physical), &(p->physical), overwrite))) {
2117 con->http_status = r;
2118 return HANDLER_FINISHED;
2119 }
2120 if (con->request.http_method == HTTP_METHOD_MOVE) {
2121 b = buffer_init();
2122 webdav_delete_dir(srv, con, hctx, &(con->physical), b); /* content */
2123 buffer_free(b);
2124
2125 rmdir(con->physical.path->ptr);
2126 }
2127 con->http_status = created ? 201 : 204;
2128 con->file_finished = 1;
2129 } else {
2130 /* it is just a file, good */
2131 int r;
2132 int destdir = 0;
2133
2134 /* does the client have a lock for this connection ? */
2135 if (!webdav_has_lock(srv, con, hctx, p->uri.path)) {
2136 con->http_status = 423;
2137 return HANDLER_FINISHED;
2138 }
2139
2140 /* destination exists */
2141 if (0 == (r = stat(p->physical.path->ptr, &st))) {
2142 if (S_ISDIR(st.st_mode)) {
2143 /* file to dir/
2144 * append basename to physical path */
2145 destdir = 1;
2146
2147 if (NULL != (sep = strrchr(con->physical.path->ptr, '/'))) {
2148 buffer_append_string(p->physical.path, sep);
2149 r = stat(p->physical.path->ptr, &st);
2150 }
2151 }
2152 }
2153
2154 if (-1 == r) {
2155 con->http_status = destdir ? 204 : 201; /* we will create a new one */
2156 con->file_finished = 1;
2157
2158 switch(errno) {
2159 case ENOTDIR:
2160 con->http_status = 409;
2161 return HANDLER_FINISHED;
2162 }
2163 } else if (overwrite == 0) {
2164 /* destination exists, but overwrite is not set */
2165 con->http_status = 412;
2166 return HANDLER_FINISHED;
2167 } else {
2168 con->http_status = 204; /* resource already existed */
2169 }
2170
2171 if (con->request.http_method == HTTP_METHOD_MOVE) {
2172 /* try a rename */
2173
2174 if (0 == rename(con->physical.path->ptr, p->physical.path->ptr)) {
2175 #ifdef USE_PROPPATCH
2176 sqlite3_stmt *stmt;
2177
2178 stmt = p->conf.stmt_move_uri;
2179 if (stmt) {
2180
2181 sqlite3_reset(stmt);
2182
2183 /* bind the values to the insert */
2184 sqlite3_bind_text(stmt, 1,
2185 CONST_BUF_LEN(p->uri.path),
2186 SQLITE_TRANSIENT);
2187
2188 sqlite3_bind_text(stmt, 2,
2189 CONST_BUF_LEN(con->uri.path),
2190 SQLITE_TRANSIENT);
2191
2192 if (SQLITE_DONE != sqlite3_step(stmt)) {
2193 log_error_write(srv, __FILE__, __LINE__, "ss", "sql-move failed:", sqlite3_errmsg(p->conf.sql));
2194 }
2195 }
2196 #endif
2197 return HANDLER_FINISHED;
2198 }
2199
2200 /* rename failed, fall back to COPY + DELETE */
2201 }
2202
2203 if (0 != (r = webdav_copy_file(srv, con, hctx, &(con->physical), &(p->physical), overwrite))) {
2204 con->http_status = r;
2205
2206 return HANDLER_FINISHED;
2207 }
2208
2209 if (con->request.http_method == HTTP_METHOD_MOVE) {
2210 b = buffer_init();
2211 webdav_delete_file(srv, con, hctx, &(con->physical), b);
2212 buffer_free(b);
2213 }
2214 }
2215
2216 return HANDLER_FINISHED;
2217 }
2218 case HTTP_METHOD_PROPPATCH:
2219 if (p->conf.is_readonly) {
2220 con->http_status = 403;
2221 return HANDLER_FINISHED;
2222 }
2223
2224 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
2225 con->http_status = 423;
2226 return HANDLER_FINISHED;
2227 }
2228
2229 /* check if destination exists */
2230 if (-1 == stat(con->physical.path->ptr, &st)) {
2231 switch(errno) {
2232 case ENOENT:
2233 con->http_status = 404;
2234 break;
2235 }
2236 }
2237
2238 if (S_ISDIR(st.st_mode) && con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
2239 http_response_redirect_to_directory(srv, con);
2240 return HANDLER_FINISHED;
2241 }
2242
2243 #ifdef USE_PROPPATCH
2244 if (con->request.content_length) {
2245 xmlDocPtr xml;
2246
2247 if (con->state == CON_STATE_READ_POST) {
2248 handler_t r = connection_handle_read_post_state(srv, con);
2249 if (r != HANDLER_GO_ON) return r;
2250 }
2251
2252 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
2253 xmlNode *rootnode = xmlDocGetRootElement(xml);
2254
2255 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "propertyupdate")) {
2256 xmlNode *cmd;
2257 char *err = NULL;
2258 int empty_ns = 0; /* send 400 on a empty namespace attribute */
2259
2260 /* start response */
2261
2262 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "BEGIN TRANSACTION", NULL, NULL, &err)) {
2263 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
2264 sqlite3_free(err);
2265
2266 goto propmatch_cleanup;
2267 }
2268
2269 /* a UPDATE request, we know 'set' and 'remove' */
2270 for (cmd = rootnode->children; cmd; cmd = cmd->next) {
2271 xmlNode *props;
2272 /* either set or remove */
2273
2274 if ((0 == xmlStrcmp(cmd->name, BAD_CAST "set")) ||
2275 (0 == xmlStrcmp(cmd->name, BAD_CAST "remove"))) {
2276
2277 sqlite3_stmt *stmt;
2278
2279 stmt = (0 == xmlStrcmp(cmd->name, BAD_CAST "remove")) ?
2280 p->conf.stmt_delete_prop : p->conf.stmt_update_prop;
2281
2282 for (props = cmd->children; props; props = props->next) {
2283 if (0 == xmlStrcmp(props->name, BAD_CAST "prop")) {
2284 xmlNode *prop;
2285 char *propval = NULL;
2286 int r;
2287
2288 prop = props->children;
2289
2290 if (prop->ns &&
2291 (0 == xmlStrcmp(prop->ns->href, BAD_CAST "")) &&
2292 (0 != xmlStrcmp(prop->ns->prefix, BAD_CAST ""))) {
2293 log_error_write(srv, __FILE__, __LINE__, "ss",
2294 "no name space for:",
2295 prop->name);
2296
2297 empty_ns = 1;
2298 break;
2299 }
2300
2301 sqlite3_reset(stmt);
2302
2303 /* bind the values to the insert */
2304
2305 sqlite3_bind_text(stmt, 1,
2306 CONST_BUF_LEN(con->uri.path),
2307 SQLITE_TRANSIENT);
2308 sqlite3_bind_text(stmt, 2,
2309 (char *)prop->name,
2310 strlen((char *)prop->name),
2311 SQLITE_TRANSIENT);
2312 if (prop->ns) {
2313 sqlite3_bind_text(stmt, 3,
2314 (char *)prop->ns->href,
2315 strlen((char *)prop->ns->href),
2316 SQLITE_TRANSIENT);
2317 } else {
2318 sqlite3_bind_text(stmt, 3,
2319 "",
2320 0,
2321 SQLITE_TRANSIENT);
2322 }
2323 if (stmt == p->conf.stmt_update_prop) {
2324 propval = prop->children
2325 ? (char *)xmlNodeListGetString(xml, prop->children, 0)
2326 : NULL;
2327
2328 sqlite3_bind_text(stmt, 4,
2329 propval ? propval : "",
2330 propval ? strlen(propval) : 0,
2331 SQLITE_TRANSIENT);
2332 }
2333
2334 if (SQLITE_DONE != (r = sqlite3_step(stmt))) {
2335 log_error_write(srv, __FILE__, __LINE__, "ss",
2336 "sql-set failed:", sqlite3_errmsg(p->conf.sql));
2337 }
2338
2339 if (propval) xmlFree(propval);
2340 }
2341 }
2342 if (empty_ns) break;
2343 }
2344 }
2345
2346 if (empty_ns) {
2347 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "ROLLBACK", NULL, NULL, &err)) {
2348 log_error_write(srv, __FILE__, __LINE__, "ss", "can't rollback transaction:", err);
2349 sqlite3_free(err);
2350
2351 goto propmatch_cleanup;
2352 }
2353
2354 con->http_status = 400;
2355 } else {
2356 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "COMMIT", NULL, NULL, &err)) {
2357 log_error_write(srv, __FILE__, __LINE__, "ss", "can't commit transaction:", err);
2358 sqlite3_free(err);
2359
2360 goto propmatch_cleanup;
2361 }
2362 con->http_status = 200;
2363 }
2364 con->file_finished = 1;
2365
2366 xmlFreeDoc(xml);
2367 return HANDLER_FINISHED;
2368 }
2369
2370 propmatch_cleanup:
2371
2372 xmlFreeDoc(xml);
2373 } else {
2374 con->http_status = 400;
2375 return HANDLER_FINISHED;
2376 }
2377 }
2378 #endif
2379 con->http_status = 501;
2380 return HANDLER_FINISHED;
2381 case HTTP_METHOD_LOCK:
2382 /**
2383 * a mac wants to write
2384 *
2385 * LOCK /dav/expire.txt HTTP/1.1\r\n
2386 * User-Agent: WebDAVFS/1.3 (01308000) Darwin/8.1.0 (Power Macintosh)\r\n
2387 * Accept: * / *\r\n
2388 * Depth: 0\r\n
2389 * Timeout: Second-600\r\n
2390 * Content-Type: text/xml; charset=\"utf-8\"\r\n
2391 * Content-Length: 229\r\n
2392 * Connection: keep-alive\r\n
2393 * Host: 192.168.178.23:1025\r\n
2394 * \r\n
2395 * <?xml version=\"1.0\" encoding=\"utf-8\"?>\n
2396 * <D:lockinfo xmlns:D=\"DAV:\">\n
2397 * <D:lockscope><D:exclusive/></D:lockscope>\n
2398 * <D:locktype><D:write/></D:locktype>\n
2399 * <D:owner>\n
2400 * <D:href>http://www.apple.com/webdav_fs/</D:href>\n
2401 * </D:owner>\n
2402 * </D:lockinfo>\n
2403 */
2404
2405 if (depth != 0 && depth != -1) {
2406 con->http_status = 400;
2407
2408 return HANDLER_FINISHED;
2409 }
2410
2411 #ifdef USE_LOCKS
2412 if (con->request.content_length) {
2413 xmlDocPtr xml;
2414 buffer *hdr_if = NULL;
2415 int created = 0;
2416
2417 if (con->state == CON_STATE_READ_POST) {
2418 handler_t r = connection_handle_read_post_state(srv, con);
2419 if (r != HANDLER_GO_ON) return r;
2420 }
2421
2422 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
2423 hdr_if = ds->value;
2424 }
2425
2426 if (0 != stat(con->physical.path->ptr, &st)) {
2427 if (errno == ENOENT) {
2428 int fd = open(con->physical.path->ptr, O_WRONLY|O_CREAT|O_APPEND|O_BINARY|FIFO_NONBLOCK, WEBDAV_FILE_MODE);
2429 if (fd >= 0) {
2430 close(fd);
2431 created = 1;
2432 } else {
2433 log_error_write(srv, __FILE__, __LINE__, "sBss",
2434 "create file", con->physical.path, ":", strerror(errno));
2435 con->http_status = 403; /* Forbidden */
2436
2437 return HANDLER_FINISHED;
2438 }
2439 }
2440 } else if (hdr_if == NULL && depth == -1) {
2441 /* we don't support Depth: Infinity on directories */
2442 if (S_ISDIR(st.st_mode)) {
2443 con->http_status = 409; /* Conflict */
2444
2445 return HANDLER_FINISHED;
2446 }
2447 }
2448
2449 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
2450 xmlNode *rootnode = xmlDocGetRootElement(xml);
2451
2452 force_assert(rootnode);
2453
2454 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "lockinfo")) {
2455 xmlNode *lockinfo;
2456 const xmlChar *lockscope = NULL, *locktype = NULL; /* TODO: compiler says unused: *owner = NULL; */
2457
2458 for (lockinfo = rootnode->children; lockinfo; lockinfo = lockinfo->next) {
2459 if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "lockscope")) {
2460 xmlNode *value;
2461 for (value = lockinfo->children; value; value = value->next) {
2462 if ((0 == xmlStrcmp(value->name, BAD_CAST "exclusive")) ||
2463 (0 == xmlStrcmp(value->name, BAD_CAST "shared"))) {
2464 lockscope = value->name;
2465 } else {
2466 con->http_status = 400;
2467
2468 xmlFreeDoc(xml);
2469 return HANDLER_FINISHED;
2470 }
2471 }
2472 } else if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "locktype")) {
2473 xmlNode *value;
2474 for (value = lockinfo->children; value; value = value->next) {
2475 if ((0 == xmlStrcmp(value->name, BAD_CAST "write"))) {
2476 locktype = value->name;
2477 } else {
2478 con->http_status = 400;
2479
2480 xmlFreeDoc(xml);
2481 return HANDLER_FINISHED;
2482 }
2483 }
2484
2485 } else if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "owner")) {
2486 }
2487 }
2488
2489 if (lockscope && locktype) {
2490 sqlite3_stmt *stmt = p->conf.stmt_read_lock_by_uri;
2491
2492 /* is this resourse already locked ? */
2493
2494 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
2495 * FROM locks
2496 * WHERE resource = ? */
2497
2498 if (stmt) {
2499
2500 sqlite3_reset(stmt);
2501
2502 sqlite3_bind_text(stmt, 1,
2503 CONST_BUF_LEN(p->uri.path),
2504 SQLITE_TRANSIENT);
2505
2506 /* it is the PK */
2507 while (SQLITE_ROW == sqlite3_step(stmt)) {
2508 /* we found a lock
2509 * 1. is it compatible ?
2510 * 2. is it ours */
2511 char *sql_lockscope = (char *)sqlite3_column_text(stmt, 2);
2512
2513 if (strcmp(sql_lockscope, "exclusive")) {
2514 con->http_status = 423;
2515 } else if (0 == xmlStrcmp(lockscope, BAD_CAST "exclusive")) {
2516 /* resourse is locked with a shared lock
2517 * client wants exclusive */
2518 con->http_status = 423;
2519 }
2520 }
2521 if (con->http_status == 423) {
2522 xmlFreeDoc(xml);
2523 return HANDLER_FINISHED;
2524 }
2525 }
2526
2527 stmt = p->conf.stmt_create_lock;
2528 if (stmt) {
2529 /* create a lock-token */
2530 uuid_t id;
2531 char uuid[37] /* 36 + \0 */;
2532
2533 uuid_generate(id);
2534 uuid_unparse(id, uuid);
2535
2536 buffer_copy_string_len(p->tmp_buf, CONST_STR_LEN("opaquelocktoken:"));
2537 buffer_append_string(p->tmp_buf, uuid);
2538
2539 /* "CREATE TABLE locks ("
2540 * " locktoken TEXT NOT NULL,"
2541 * " resource TEXT NOT NULL,"
2542 * " lockscope TEXT NOT NULL,"
2543 * " locktype TEXT NOT NULL,"
2544 * " owner TEXT NOT NULL,"
2545 * " depth INT NOT NULL,"
2546 */
2547
2548 sqlite3_reset(stmt);
2549
2550 sqlite3_bind_text(stmt, 1,
2551 CONST_BUF_LEN(p->tmp_buf),
2552 SQLITE_TRANSIENT);
2553
2554 sqlite3_bind_text(stmt, 2,
2555 CONST_BUF_LEN(con->uri.path),
2556 SQLITE_TRANSIENT);
2557
2558 sqlite3_bind_text(stmt, 3,
2559 (const char *)lockscope,
2560 xmlStrlen(lockscope),
2561 SQLITE_TRANSIENT);
2562
2563 sqlite3_bind_text(stmt, 4,
2564 (const char *)locktype,
2565 xmlStrlen(locktype),
2566 SQLITE_TRANSIENT);
2567
2568 /* owner */
2569 sqlite3_bind_text(stmt, 5,
2570 "",
2571 0,
2572 SQLITE_TRANSIENT);
2573
2574 /* depth */
2575 sqlite3_bind_int(stmt, 6,
2576 depth);
2577
2578
2579 if (SQLITE_DONE != sqlite3_step(stmt)) {
2580 log_error_write(srv, __FILE__, __LINE__, "ss",
2581 "create lock:", sqlite3_errmsg(p->conf.sql));
2582 }
2583
2584 /* looks like we survived */
2585 webdav_lockdiscovery(srv, con, p->tmp_buf, (const char *)lockscope, (const char *)locktype, depth);
2586
2587 con->http_status = created ? 201 : 200;
2588 con->file_finished = 1;
2589 }
2590 }
2591 }
2592
2593 xmlFreeDoc(xml);
2594 return HANDLER_FINISHED;
2595 } else {
2596 con->http_status = 400;
2597 return HANDLER_FINISHED;
2598 }
2599 } else {
2600
2601 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
2602 buffer *locktoken = ds->value;
2603 sqlite3_stmt *stmt = p->conf.stmt_refresh_lock;
2604
2605 /* remove the < > around the token */
2606 if (buffer_string_length(locktoken) < 5) {
2607 con->http_status = 400;
2608
2609 return HANDLER_FINISHED;
2610 }
2611
2612 buffer_copy_string_len(p->tmp_buf, locktoken->ptr + 2, buffer_string_length(locktoken) - 4);
2613
2614 sqlite3_reset(stmt);
2615
2616 sqlite3_bind_text(stmt, 1,
2617 CONST_BUF_LEN(p->tmp_buf),
2618 SQLITE_TRANSIENT);
2619
2620 if (SQLITE_DONE != sqlite3_step(stmt)) {
2621 log_error_write(srv, __FILE__, __LINE__, "ss",
2622 "refresh lock:", sqlite3_errmsg(p->conf.sql));
2623 }
2624
2625 webdav_lockdiscovery(srv, con, p->tmp_buf, "exclusive", "write", 0);
2626
2627 con->http_status = 200;
2628 con->file_finished = 1;
2629 return HANDLER_FINISHED;
2630 } else {
2631 /* we need a lock-token to refresh */
2632 con->http_status = 400;
2633
2634 return HANDLER_FINISHED;
2635 }
2636 }
2637 break;
2638 #else
2639 con->http_status = 501;
2640 return HANDLER_FINISHED;
2641 #endif
2642 case HTTP_METHOD_UNLOCK:
2643 #ifdef USE_LOCKS
2644 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Lock-Token"))) {
2645 buffer *locktoken = ds->value;
2646 sqlite3_stmt *stmt = p->conf.stmt_remove_lock;
2647
2648 /* remove the < > around the token */
2649 if (buffer_string_length(locktoken) < 3) {
2650 con->http_status = 400;
2651
2652 return HANDLER_FINISHED;
2653 }
2654
2655 /**
2656 * FIXME:
2657 *
2658 * if the resourse is locked:
2659 * - by us: unlock
2660 * - by someone else: 401
2661 * if the resource is not locked:
2662 * - 412
2663 * */
2664
2665 buffer_copy_string_len(p->tmp_buf, locktoken->ptr + 1, buffer_string_length(locktoken) - 2);
2666
2667 sqlite3_reset(stmt);
2668
2669 sqlite3_bind_text(stmt, 1,
2670 CONST_BUF_LEN(p->tmp_buf),
2671 SQLITE_TRANSIENT);
2672
2673 if (SQLITE_DONE != sqlite3_step(stmt)) {
2674 log_error_write(srv, __FILE__, __LINE__, "ss",
2675 "remove lock:", sqlite3_errmsg(p->conf.sql));
2676 }
2677
2678 if (0 == sqlite3_changes(p->conf.sql)) {
2679 con->http_status = 401;
2680 } else {
2681 con->http_status = 204;
2682 }
2683 return HANDLER_FINISHED;
2684 } else {
2685 /* we need a lock-token to unlock */
2686 con->http_status = 400;
2687
2688 return HANDLER_FINISHED;
2689 }
2690 break;
2691 #else
2692 con->http_status = 501;
2693 return HANDLER_FINISHED;
2694 #endif
2695 default:
2696 break;
2697 }
2698
2699 /* not found */
2700 return HANDLER_GO_ON;
2701 }
2702
2703
2704 SUBREQUEST_FUNC(mod_webdav_subrequest_handler) {
2705 handler_t r;
2706 plugin_data *p = p_d;
2707 if (con->mode != p->id) return HANDLER_GO_ON;
2708
2709 r = mod_webdav_subrequest_handler_huge(srv, con, p_d);
2710 if (con->http_status >= 400) con->mode = DIRECT;
2711 return r;
2712 }
2713
2714
2715 PHYSICALPATH_FUNC(mod_webdav_physical_handler) {
2716 plugin_data *p = p_d;
2717 if (!p->conf.enabled) return HANDLER_GO_ON;
2718
2719 /* physical path is setup */
2720 if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
2721
2722 UNUSED(srv);
2723
2724 switch (con->request.http_method) {
2725 case HTTP_METHOD_PROPFIND:
2726 case HTTP_METHOD_PROPPATCH:
2727 case HTTP_METHOD_PUT:
2728 case HTTP_METHOD_COPY:
2729 case HTTP_METHOD_MOVE:
2730 case HTTP_METHOD_MKCOL:
2731 case HTTP_METHOD_DELETE:
2732 case HTTP_METHOD_LOCK:
2733 case HTTP_METHOD_UNLOCK: {
2734 handler_ctx *hctx = calloc(1, sizeof(*hctx));
2735 memcpy(&hctx->conf, &p->conf, sizeof(plugin_config));
2736 con->plugin_ctx[p->id] = hctx;
2737 con->conf.stream_request_body = 0;
2738 con->mode = p->id;
2739 break;
2740 }
2741 default:
2742 break;
2743 }
2744
2745 return HANDLER_GO_ON;
2746 }
2747
2748 static handler_t mod_webdav_connection_reset(server *srv, connection *con, void *p_d) {
2749 plugin_data *p = p_d;
2750 handler_ctx *hctx = con->plugin_ctx[p->id];
2751 if (hctx) {
2752 free(hctx);
2753 con->plugin_ctx[p->id] = NULL;
2754 }
2755
2756 UNUSED(srv);
2757 return HANDLER_GO_ON;
2758 }
2759
2760
2761 /* this function is called at dlopen() time and inits the callbacks */
2762
2763 int mod_webdav_plugin_init(plugin *p);
2764 int mod_webdav_plugin_init(plugin *p) {
2765 p->version = LIGHTTPD_VERSION_ID;
2766 p->name = buffer_init_string("webdav");
2767
2768 p->init = mod_webdav_init;
2769 p->handle_uri_clean = mod_webdav_uri_handler;
2770 p->handle_physical = mod_webdav_physical_handler;
2771 p->handle_subrequest = mod_webdav_subrequest_handler;
2772 p->connection_reset = mod_webdav_connection_reset;
2773 p->set_defaults = mod_webdav_set_defaults;
2774 p->cleanup = mod_webdav_free;
2775
2776 p->data = NULL;
2777
2778 return 0;
2779 }
A fast webserver with minimal memory-footprint (lighttpd)