search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[mod_status] page refresh option (fixes #2170)
[lighttpd.git] / src / response.c
blob3763f26bbcd8f361defd2fff37b0865a5d2d0b12
1 #include "first.h"
2
3 #include "response.h"
4 #include "keyvalue.h"
5 #include "log.h"
6 #include "stat_cache.h"
7 #include "chunk.h"
8
9 #include "configfile.h"
10 #include "connections.h"
11
12 #include "plugin.h"
13
14 #include <sys/types.h>
15 #include <sys/stat.h>
16
17 #include <limits.h>
18 #include <errno.h>
19 #include <fcntl.h>
20 #include <stdlib.h>
21 #include <string.h>
22 #include <time.h>
23 #include <unistd.h>
24 #include <ctype.h>
25 #include <assert.h>
26
27 #include <stdio.h>
28
29 #include "sys-socket.h"
30 #include "version.h"
31
32 int http_response_write_header(server *srv, connection *con) {
33 buffer *b;
34 size_t i;
35 int have_date = 0;
36 int have_server = 0;
37
38 b = buffer_init();
39
40 if (con->request.http_version == HTTP_VERSION_1_1) {
41 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.1 "));
42 } else {
43 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.0 "));
44 }
45 buffer_append_int(b, con->http_status);
46 buffer_append_string_len(b, CONST_STR_LEN(" "));
47 buffer_append_string(b, get_http_status_name(con->http_status));
48
49 /* disable keep-alive if requested */
50 if (con->request_count > con->conf.max_keep_alive_requests || 0 == con->conf.max_keep_alive_idle) {
51 con->keep_alive = 0;
52 } else {
53 con->keep_alive_idle = con->conf.max_keep_alive_idle;
54 }
55
56 if (con->request.http_version != HTTP_VERSION_1_1 || con->keep_alive == 0) {
57 if (con->keep_alive) {
58 response_header_overwrite(srv, con, CONST_STR_LEN("Connection"), CONST_STR_LEN("keep-alive"));
59 } else {
60 response_header_overwrite(srv, con, CONST_STR_LEN("Connection"), CONST_STR_LEN("close"));
61 }
62 }
63
64 if (con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) {
65 response_header_overwrite(srv, con, CONST_STR_LEN("Transfer-Encoding"), CONST_STR_LEN("chunked"));
66 }
67
68
69 /* add all headers */
70 for (i = 0; i < con->response.headers->used; i++) {
71 data_string *ds;
72
73 ds = (data_string *)con->response.headers->data[i];
74
75 if (!buffer_is_empty(ds->value) && !buffer_is_empty(ds->key) &&
76 0 != strncasecmp(ds->key->ptr, CONST_STR_LEN("X-LIGHTTPD-")) &&
77 0 != strncasecmp(ds->key->ptr, CONST_STR_LEN("X-Sendfile"))) {
78 if (0 == strcasecmp(ds->key->ptr, "Date")) have_date = 1;
79 if (0 == strcasecmp(ds->key->ptr, "Server")) have_server = 1;
80 if (0 == strcasecmp(ds->key->ptr, "Content-Encoding") && 304 == con->http_status) continue;
81
82 buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
83 buffer_append_string_buffer(b, ds->key);
84 buffer_append_string_len(b, CONST_STR_LEN(": "));
85 #if 0
86 /**
87 * the value might contain newlines, encode them with at least one white-space
88 */
89 buffer_append_string_encoded(b, CONST_BUF_LEN(ds->value), ENCODING_HTTP_HEADER);
90 #else
91 buffer_append_string_buffer(b, ds->value);
92 #endif
93 }
94 }
95
96 if (!have_date) {
97 /* HTTP/1.1 requires a Date: header */
98 buffer_append_string_len(b, CONST_STR_LEN("\r\nDate: "));
99
100 /* cache the generated timestamp */
101 if (srv->cur_ts != srv->last_generated_date_ts) {
102 buffer_string_prepare_copy(srv->ts_date_str, 255);
103
104 buffer_append_strftime(srv->ts_date_str, "%a, %d %b %Y %H:%M:%S GMT", gmtime(&(srv->cur_ts)));
105
106 srv->last_generated_date_ts = srv->cur_ts;
107 }
108
109 buffer_append_string_buffer(b, srv->ts_date_str);
110 }
111
112 if (!have_server) {
113 if (buffer_is_empty(con->conf.server_tag)) {
114 buffer_append_string_len(b, CONST_STR_LEN("\r\nServer: " PACKAGE_DESC));
115 } else if (!buffer_string_is_empty(con->conf.server_tag)) {
116 buffer_append_string_len(b, CONST_STR_LEN("\r\nServer: "));
117 buffer_append_string_encoded(b, CONST_BUF_LEN(con->conf.server_tag), ENCODING_HTTP_HEADER);
118 }
119 }
120
121 buffer_append_string_len(b, CONST_STR_LEN("\r\n\r\n"));
122
123 con->bytes_header = buffer_string_length(b);
124
125 if (con->conf.log_response_header) {
126 log_error_write(srv, __FILE__, __LINE__, "sSb", "Response-Header:", "\n", b);
127 }
128
129 chunkqueue_prepend_buffer(con->write_queue, b);
130 buffer_free(b);
131
132 return 0;
133 }
134
135 #ifdef USE_OPENSSL
136 static void https_add_ssl_entries(connection *con) {
137 X509 *xs;
138 X509_NAME *xn;
139 X509_NAME_ENTRY *xe;
140 int i, nentries;
141
142 if (
143 SSL_get_verify_result(con->ssl) != X509_V_OK
144 || !(xs = SSL_get_peer_certificate(con->ssl))
145 ) {
146 return;
147 }
148
149 xn = X509_get_subject_name(xs);
150 for (i = 0, nentries = X509_NAME_entry_count(xn); i < nentries; ++i) {
151 int xobjnid;
152 const char * xobjsn;
153 data_string *envds;
154
155 if (!(xe = X509_NAME_get_entry(xn, i))) {
156 continue;
157 }
158 xobjnid = OBJ_obj2nid((ASN1_OBJECT*)X509_NAME_ENTRY_get_object(xe));
159 xobjsn = OBJ_nid2sn(xobjnid);
160 if (!xobjsn) {
161 continue;
162 }
163
164 if (NULL == (envds = (data_string *)array_get_unused_element(con->environment, TYPE_STRING))) {
165 envds = data_string_init();
166 }
167 buffer_copy_string_len(envds->key, CONST_STR_LEN("SSL_CLIENT_S_DN_"));
168 buffer_append_string(envds->key, xobjsn);
169 buffer_copy_string_len(
170 envds->value,
171 (const char *)xe->value->data, xe->value->length
172 );
173 /* pick one of the exported values as "REMOTE_USER", for example
174 * ssl.verifyclient.username = "SSL_CLIENT_S_DN_UID" or "SSL_CLIENT_S_DN_emailAddress"
175 */
176 if (buffer_is_equal(con->conf.ssl_verifyclient_username, envds->key)) {
177 data_string *ds;
178 if (NULL == (ds = (data_string *)array_get_element(con->environment, "REMOTE_USER"))) {
179 if (NULL == (ds = (data_string *)array_get_unused_element(con->environment, TYPE_STRING))) {
180 ds = data_string_init();
181 }
182 buffer_copy_string(ds->key, "REMOTE_USER");
183 array_insert_unique(con->environment, (data_unset *)ds);
184 }
185 buffer_copy_buffer(ds->value, envds->value);
186 }
187 array_insert_unique(con->environment, (data_unset *)envds);
188 }
189 if (con->conf.ssl_verifyclient_export_cert) {
190 BIO *bio;
191 if (NULL != (bio = BIO_new(BIO_s_mem()))) {
192 data_string *envds;
193 int n;
194
195 PEM_write_bio_X509(bio, xs);
196 n = BIO_pending(bio);
197
198 if (NULL == (envds = (data_string *)array_get_unused_element(con->environment, TYPE_STRING))) {
199 envds = data_string_init();
200 }
201
202 buffer_copy_string_len(envds->key, CONST_STR_LEN("SSL_CLIENT_CERT"));
203 buffer_string_prepare_copy(envds->value, n);
204 BIO_read(bio, envds->value->ptr, n);
205 BIO_free(bio);
206 buffer_commit(envds->value, n);
207 array_insert_unique(con->environment, (data_unset *)envds);
208 }
209 }
210 X509_free(xs);
211 }
212 #endif
213
214
215 handler_t http_response_prepare(server *srv, connection *con) {
216 handler_t r;
217
218 /* looks like someone has already done a decision */
219 if (con->mode == DIRECT &&
220 (con->http_status != 0 && con->http_status != 200)) {
221 /* remove a packets in the queue */
222 if (con->file_finished == 0) {
223 chunkqueue_reset(con->write_queue);
224 }
225
226 return HANDLER_FINISHED;
227 }
228
229 /* no decision yet, build conf->filename */
230 if (con->mode == DIRECT && buffer_is_empty(con->physical.path)) {
231 char *qstr;
232
233 /* we only come here when we have the parse the full request again
234 *
235 * a HANDLER_COMEBACK from mod_rewrite and mod_fastcgi might be a
236 * problem here as mod_setenv might get called multiple times
237 *
238 * fastcgi-auth might lead to a COMEBACK too
239 * fastcgi again dead server too
240 *
241 * mod_compress might add headers twice too
242 *
243 * */
244
245 config_cond_cache_reset(srv, con);
246 config_setup_connection(srv, con); /* Perhaps this could be removed at other places. */
247
248 if (con->conf.log_condition_handling) {
249 log_error_write(srv, __FILE__, __LINE__, "s", "run condition");
250 }
251
252 /**
253 * prepare strings
254 *
255 * - uri.path_raw
256 * - uri.path (secure)
257 * - uri.query
258 *
259 */
260
261 /**
262 * Name according to RFC 2396
263 *
264 * - scheme
265 * - authority
266 * - path
267 * - query
268 *
269 * (scheme)://(authority)(path)?(query)#fragment
270 *
271 *
272 */
273
274 /* initial scheme value. can be overwritten for example by mod_extforward later */
275 if (con->srv_socket->is_ssl) {
276 buffer_copy_string_len(con->uri.scheme, CONST_STR_LEN("https"));
277 } else {
278 buffer_copy_string_len(con->uri.scheme, CONST_STR_LEN("http"));
279 }
280 buffer_copy_buffer(con->uri.authority, con->request.http_host);
281 buffer_to_lower(con->uri.authority);
282
283 /** their might be a fragment which has to be cut away */
284 if (NULL != (qstr = strchr(con->request.uri->ptr, '#'))) {
285 buffer_string_set_length(con->request.uri, qstr - con->request.uri->ptr);
286 }
287
288 /** extract query string from request.uri */
289 if (NULL != (qstr = strchr(con->request.uri->ptr, '?'))) {
290 buffer_copy_string (con->uri.query, qstr + 1);
291 buffer_copy_string_len(con->uri.path_raw, con->request.uri->ptr, qstr - con->request.uri->ptr);
292 } else {
293 buffer_reset (con->uri.query);
294 buffer_copy_buffer(con->uri.path_raw, con->request.uri);
295 }
296
297 /* decode url to path
298 *
299 * - decode url-encodings (e.g. %20 -> ' ')
300 * - remove path-modifiers (e.g. /../)
301 */
302
303 if (con->request.http_method == HTTP_METHOD_OPTIONS &&
304 con->uri.path_raw->ptr[0] == '*' && con->uri.path_raw->ptr[1] == '\0') {
305 /* OPTIONS * ... */
306 buffer_copy_buffer(con->uri.path, con->uri.path_raw);
307 } else {
308 buffer_copy_buffer(srv->tmp_buf, con->uri.path_raw);
309 buffer_urldecode_path(srv->tmp_buf);
310 buffer_path_simplify(con->uri.path, srv->tmp_buf);
311 }
312
313 con->conditional_is_valid[COMP_SERVER_SOCKET] = 1; /* SERVERsocket */
314 con->conditional_is_valid[COMP_HTTP_SCHEME] = 1; /* Scheme: */
315 con->conditional_is_valid[COMP_HTTP_HOST] = 1; /* Host: */
316 con->conditional_is_valid[COMP_HTTP_REMOTE_IP] = 1; /* Client-IP */
317 con->conditional_is_valid[COMP_HTTP_REFERER] = 1; /* Referer: */
318 con->conditional_is_valid[COMP_HTTP_USER_AGENT] = /* User-Agent: */
319 con->conditional_is_valid[COMP_HTTP_LANGUAGE] = 1; /* Accept-Language: */
320 con->conditional_is_valid[COMP_HTTP_COOKIE] = 1; /* Cookie: */
321 con->conditional_is_valid[COMP_HTTP_REQUEST_METHOD] = 1; /* REQUEST_METHOD */
322 con->conditional_is_valid[COMP_HTTP_URL] = 1; /* HTTPurl */
323 con->conditional_is_valid[COMP_HTTP_QUERY_STRING] = 1; /* HTTPqs */
324 config_patch_connection(srv, con);
325
326 #ifdef USE_OPENSSL
327 if (con->srv_socket->is_ssl && con->conf.ssl_verifyclient) {
328 https_add_ssl_entries(con);
329 }
330 #endif
331
332 /* do we have to downgrade to 1.0 ? */
333 if (!con->conf.allow_http11) {
334 con->request.http_version = HTTP_VERSION_1_0;
335 }
336
337 if (con->conf.log_request_handling) {
338 log_error_write(srv, __FILE__, __LINE__, "s", "-- splitting Request-URI");
339 log_error_write(srv, __FILE__, __LINE__, "sb", "Request-URI : ", con->request.uri);
340 log_error_write(srv, __FILE__, __LINE__, "sb", "URI-scheme : ", con->uri.scheme);
341 log_error_write(srv, __FILE__, __LINE__, "sb", "URI-authority : ", con->uri.authority);
342 log_error_write(srv, __FILE__, __LINE__, "sb", "URI-path (raw) : ", con->uri.path_raw);
343 log_error_write(srv, __FILE__, __LINE__, "sb", "URI-path (clean): ", con->uri.path);
344 log_error_write(srv, __FILE__, __LINE__, "sb", "URI-query : ", con->uri.query);
345 }
346
347
348 /**
349 *
350 * call plugins
351 *
352 * - based on the raw URL
353 *
354 */
355
356 switch(r = plugins_call_handle_uri_raw(srv, con)) {
357 case HANDLER_GO_ON:
358 break;
359 case HANDLER_FINISHED:
360 case HANDLER_COMEBACK:
361 case HANDLER_WAIT_FOR_EVENT:
362 case HANDLER_ERROR:
363 return r;
364 default:
365 log_error_write(srv, __FILE__, __LINE__, "sd", "handle_uri_raw: unknown return value", r);
366 break;
367 }
368
369 /**
370 *
371 * call plugins
372 *
373 * - based on the clean URL
374 *
375 */
376
377 switch(r = plugins_call_handle_uri_clean(srv, con)) {
378 case HANDLER_GO_ON:
379 break;
380 case HANDLER_FINISHED:
381 case HANDLER_COMEBACK:
382 case HANDLER_WAIT_FOR_EVENT:
383 case HANDLER_ERROR:
384 return r;
385 default:
386 log_error_write(srv, __FILE__, __LINE__, "");
387 break;
388 }
389
390 if (con->request.http_method == HTTP_METHOD_OPTIONS &&
391 con->uri.path->ptr[0] == '*' && con->uri.path_raw->ptr[1] == '\0') {
392 /* option requests are handled directly without checking of the path */
393
394 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("OPTIONS, GET, HEAD, POST"));
395
396 con->http_status = 200;
397 con->file_finished = 1;
398
399 return HANDLER_FINISHED;
400 }
401
402 /***
403 *
404 * border
405 *
406 * logical filename (URI) becomes a physical filename here
407 *
408 *
409 *
410 */
411
412
413
414
415 /* 1. stat()
416 * ... ISREG() -> ok, go on
417 * ... ISDIR() -> index-file -> redirect
418 *
419 * 2. pathinfo()
420 * ... ISREG()
421 *
422 * 3. -> 404
423 *
424 */
425
426 /*
427 * SEARCH DOCUMENT ROOT
428 */
429
430 /* set a default */
431
432 buffer_copy_buffer(con->physical.doc_root, con->conf.document_root);
433 buffer_copy_buffer(con->physical.rel_path, con->uri.path);
434
435 #if defined(__WIN32) || defined(__CYGWIN__)
436 /* strip dots from the end and spaces
437 *
438 * windows/dos handle those filenames as the same file
439 *
440 * foo == foo. == foo..... == "foo... " == "foo.. ./"
441 *
442 * This will affect in some cases PATHINFO
443 *
444 * on native windows we could prepend the filename with \\?\ to circumvent
445 * this behaviour. I have no idea how to push this through cygwin
446 *
447 * */
448
449 if (con->physical.rel_path->used > 1) {
450 buffer *b = con->physical.rel_path;
451 size_t len = buffer_string_length(b);
452 size_t i;
453
454 /* strip trailing " /" or "./" once */
455 if (len > 1 &&
456 b->ptr[len - 1] == '/' &&
457 (b->ptr[len - 2] == ' ' || b->ptr[len - 2] == '.')) {
458 len -= 2;
459 }
460 /* strip all trailing " " and "." */
461 while (len > 0 && ( ' ' == b->ptr[len-1] || '.' == b->ptr[len-1] ) ) --len;
462 buffer_string_set_length(b, len);
463 }
464 #endif
465
466 if (con->conf.log_request_handling) {
467 log_error_write(srv, __FILE__, __LINE__, "s", "-- before doc_root");
468 log_error_write(srv, __FILE__, __LINE__, "sb", "Doc-Root :", con->physical.doc_root);
469 log_error_write(srv, __FILE__, __LINE__, "sb", "Rel-Path :", con->physical.rel_path);
470 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
471 }
472 /* the docroot plugin should set the doc_root and might also set the physical.path
473 * for us (all vhost-plugins are supposed to set the doc_root)
474 * */
475 switch(r = plugins_call_handle_docroot(srv, con)) {
476 case HANDLER_GO_ON:
477 break;
478 case HANDLER_FINISHED:
479 case HANDLER_COMEBACK:
480 case HANDLER_WAIT_FOR_EVENT:
481 case HANDLER_ERROR:
482 return r;
483 default:
484 log_error_write(srv, __FILE__, __LINE__, "");
485 break;
486 }
487
488 /* MacOS X and Windows can't distiguish between upper and lower-case
489 *
490 * convert to lower-case
491 */
492 if (con->conf.force_lowercase_filenames) {
493 buffer_to_lower(con->physical.rel_path);
494 }
495
496 /* the docroot plugins might set the servername, if they don't we take http-host */
497 if (buffer_string_is_empty(con->server_name)) {
498 buffer_copy_buffer(con->server_name, con->uri.authority);
499 }
500
501 /**
502 * create physical filename
503 * -> physical.path = docroot + rel_path
504 *
505 */
506
507 buffer_copy_buffer(con->physical.basedir, con->physical.doc_root);
508 buffer_copy_buffer(con->physical.path, con->physical.doc_root);
509 buffer_append_slash(con->physical.path);
510 if (!buffer_string_is_empty(con->physical.rel_path) &&
511 con->physical.rel_path->ptr[0] == '/') {
512 buffer_append_string_len(con->physical.path, con->physical.rel_path->ptr + 1, buffer_string_length(con->physical.rel_path) - 1);
513 } else {
514 buffer_append_string_buffer(con->physical.path, con->physical.rel_path);
515 }
516
517 if (con->conf.log_request_handling) {
518 log_error_write(srv, __FILE__, __LINE__, "s", "-- after doc_root");
519 log_error_write(srv, __FILE__, __LINE__, "sb", "Doc-Root :", con->physical.doc_root);
520 log_error_write(srv, __FILE__, __LINE__, "sb", "Rel-Path :", con->physical.rel_path);
521 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
522 }
523
524 switch(r = plugins_call_handle_physical(srv, con)) {
525 case HANDLER_GO_ON:
526 break;
527 case HANDLER_FINISHED:
528 case HANDLER_COMEBACK:
529 case HANDLER_WAIT_FOR_EVENT:
530 case HANDLER_ERROR:
531 return r;
532 default:
533 log_error_write(srv, __FILE__, __LINE__, "");
534 break;
535 }
536
537 if (con->conf.log_request_handling) {
538 log_error_write(srv, __FILE__, __LINE__, "s", "-- logical -> physical");
539 log_error_write(srv, __FILE__, __LINE__, "sb", "Doc-Root :", con->physical.doc_root);
540 log_error_write(srv, __FILE__, __LINE__, "sb", "Basedir :", con->physical.basedir);
541 log_error_write(srv, __FILE__, __LINE__, "sb", "Rel-Path :", con->physical.rel_path);
542 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
543 }
544 }
545
546 /*
547 * Noone catched away the file from normal path of execution yet (like mod_access)
548 *
549 * Go on and check of the file exists at all
550 */
551
552 if (con->mode == DIRECT) {
553 char *slash = NULL;
554 char *pathinfo = NULL;
555 int found = 0;
556 stat_cache_entry *sce = NULL;
557
558 if (con->conf.log_request_handling) {
559 log_error_write(srv, __FILE__, __LINE__, "s", "-- handling physical path");
560 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
561 }
562
563 if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
564 /* file exists */
565
566 if (con->conf.log_request_handling) {
567 log_error_write(srv, __FILE__, __LINE__, "s", "-- file found");
568 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
569 }
570 #ifdef HAVE_LSTAT
571 if ((sce->is_symlink != 0) && !con->conf.follow_symlink) {
572 con->http_status = 403;
573
574 if (con->conf.log_request_handling) {
575 log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied due symlink restriction");
576 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
577 }
578
579 buffer_reset(con->physical.path);
580 return HANDLER_FINISHED;
581 };
582 #endif
583 if (S_ISDIR(sce->st.st_mode)) {
584 if (con->uri.path->ptr[buffer_string_length(con->uri.path) - 1] != '/') {
585 /* redirect to .../ */
586
587 http_response_redirect_to_directory(srv, con);
588
589 return HANDLER_FINISHED;
590 }
591 #ifdef HAVE_LSTAT
592 } else if (!S_ISREG(sce->st.st_mode) && !sce->is_symlink) {
593 #else
594 } else if (!S_ISREG(sce->st.st_mode)) {
595 #endif
596 /* any special handling of non-reg files ?*/
597
598
599 }
600 } else {
601 switch (errno) {
602 case EACCES:
603 con->http_status = 403;
604
605 if (con->conf.log_request_handling) {
606 log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied");
607 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
608 }
609
610 buffer_reset(con->physical.path);
611 return HANDLER_FINISHED;
612 case ENAMETOOLONG:
613 /* file name to be read was too long. return 404 */
614 case ENOENT:
615 con->http_status = 404;
616
617 if (con->conf.log_request_handling) {
618 log_error_write(srv, __FILE__, __LINE__, "s", "-- file not found");
619 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
620 }
621
622 buffer_reset(con->physical.path);
623 return HANDLER_FINISHED;
624 case ENOTDIR:
625 /* PATH_INFO ! :) */
626 break;
627 default:
628 /* we have no idea what happend. let's tell the user so. */
629 con->http_status = 500;
630 buffer_reset(con->physical.path);
631
632 log_error_write(srv, __FILE__, __LINE__, "ssbsb",
633 "file not found ... or so: ", strerror(errno),
634 con->uri.path,
635 "->", con->physical.path);
636
637 return HANDLER_FINISHED;
638 }
639
640 /* not found, perhaps PATHINFO */
641
642 buffer_copy_buffer(srv->tmp_buf, con->physical.path);
643
644 do {
645 if (slash) {
646 buffer_copy_string_len(con->physical.path, srv->tmp_buf->ptr, slash - srv->tmp_buf->ptr);
647 } else {
648 buffer_copy_buffer(con->physical.path, srv->tmp_buf);
649 }
650
651 if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
652 found = S_ISREG(sce->st.st_mode);
653 break;
654 }
655
656 if (pathinfo != NULL) {
657 *pathinfo = '\0';
658 }
659 slash = strrchr(srv->tmp_buf->ptr, '/');
660
661 if (pathinfo != NULL) {
662 /* restore '/' */
663 *pathinfo = '/';
664 }
665
666 if (slash) pathinfo = slash;
667 } while ((found == 0) && (slash != NULL) && ((size_t)(slash - srv->tmp_buf->ptr) > (buffer_string_length(con->physical.basedir) - 1)));
668
669 if (found == 0) {
670 /* no it really doesn't exists */
671 con->http_status = 404;
672
673 if (con->conf.log_file_not_found) {
674 log_error_write(srv, __FILE__, __LINE__, "sbsb",
675 "file not found:", con->uri.path,
676 "->", con->physical.path);
677 }
678
679 buffer_reset(con->physical.path);
680
681 return HANDLER_FINISHED;
682 }
683
684 #ifdef HAVE_LSTAT
685 if ((sce->is_symlink != 0) && !con->conf.follow_symlink) {
686 con->http_status = 403;
687
688 if (con->conf.log_request_handling) {
689 log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied due symlink restriction");
690 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
691 }
692
693 buffer_reset(con->physical.path);
694 return HANDLER_FINISHED;
695 };
696 #endif
697
698 /* we have a PATHINFO */
699 if (pathinfo) {
700 buffer_copy_string(con->request.pathinfo, pathinfo);
701
702 /*
703 * shorten uri.path
704 */
705
706 buffer_string_set_length(con->uri.path, buffer_string_length(con->uri.path) - strlen(pathinfo));
707 }
708
709 if (con->conf.log_request_handling) {
710 log_error_write(srv, __FILE__, __LINE__, "s", "-- after pathinfo check");
711 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
712 log_error_write(srv, __FILE__, __LINE__, "sb", "URI :", con->uri.path);
713 log_error_write(srv, __FILE__, __LINE__, "sb", "Pathinfo :", con->request.pathinfo);
714 }
715 }
716
717 if (con->conf.log_request_handling) {
718 log_error_write(srv, __FILE__, __LINE__, "s", "-- handling subrequest");
719 log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
720 }
721
722 /* call the handlers */
723 switch(r = plugins_call_handle_subrequest_start(srv, con)) {
724 case HANDLER_GO_ON:
725 /* request was not handled */
726 break;
727 case HANDLER_FINISHED:
728 default:
729 if (con->conf.log_request_handling) {
730 log_error_write(srv, __FILE__, __LINE__, "s", "-- subrequest finished");
731 }
732
733 /* something strange happend */
734 return r;
735 }
736
737 /* if we are still here, no one wanted the file, status 403 is ok I think */
738
739 if (con->mode == DIRECT && con->http_status == 0) {
740 switch (con->request.http_method) {
741 case HTTP_METHOD_OPTIONS:
742 con->http_status = 200;
743 break;
744 default:
745 con->http_status = 403;
746 }
747
748 return HANDLER_FINISHED;
749 }
750
751 }
752
753 switch(r = plugins_call_handle_subrequest(srv, con)) {
754 case HANDLER_GO_ON:
755 /* request was not handled, looks like we are done */
756 return HANDLER_FINISHED;
757 case HANDLER_FINISHED:
758 /* request is finished */
759 default:
760 /* something strange happend */
761 return r;
762 }
763
764 /* can't happen */
765 return HANDLER_COMEBACK;
766 }
767
768
769
A fast webserver with minimal memory-footprint (lighttpd)