search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[mod_webdav] compile fix when locking not enabled
[lighttpd.git] / src / mod_webdav.c
blob2157ef153a09d7cd9fb599ff7da9e5891d49a434
1 #include "first.h"
2
3 #include "base.h"
4 #include "log.h"
5 #include "buffer.h"
6 #include "response.h"
7 #include "connections.h"
8
9 #include "plugin.h"
10
11 #include "stream.h"
12 #include "stat_cache.h"
13
14 #include "sys-mmap.h"
15
16 #include <sys/types.h>
17 #include <sys/stat.h>
18 #include <ctype.h>
19 #include <stdlib.h>
20 #include <string.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <stdio.h>
24 #include <assert.h>
25
26 #include <unistd.h>
27 #include <dirent.h>
28
29 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H)
30 #define USE_PROPPATCH
31 #include <libxml/tree.h>
32 #include <libxml/parser.h>
33
34 #include <sqlite3.h>
35 #endif
36
37 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H) && defined(HAVE_UUID_UUID_H)
38 #define USE_LOCKS
39 #include <uuid/uuid.h>
40 #endif
41
42 /**
43 * this is a webdav for a lighttpd plugin
44 *
45 * at least a very basic one.
46 * - for now it is read-only and we only support PROPFIND
47 *
48 */
49
50 #define WEBDAV_FILE_MODE S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH
51 #define WEBDAV_DIR_MODE S_IRWXU | S_IRWXG | S_IRWXO
52
53 /* plugin config for all request/connections */
54
55 typedef struct {
56 unsigned short enabled;
57 unsigned short is_readonly;
58 unsigned short log_xml;
59
60 buffer *sqlite_db_name;
61 #ifdef USE_PROPPATCH
62 sqlite3 *sql;
63 sqlite3_stmt *stmt_update_prop;
64 sqlite3_stmt *stmt_delete_prop;
65 sqlite3_stmt *stmt_select_prop;
66 sqlite3_stmt *stmt_select_propnames;
67
68 sqlite3_stmt *stmt_delete_uri;
69 sqlite3_stmt *stmt_move_uri;
70 sqlite3_stmt *stmt_copy_uri;
71
72 sqlite3_stmt *stmt_remove_lock;
73 sqlite3_stmt *stmt_create_lock;
74 sqlite3_stmt *stmt_read_lock;
75 sqlite3_stmt *stmt_read_lock_by_uri;
76 sqlite3_stmt *stmt_refresh_lock;
77 #endif
78 } plugin_config;
79
80 typedef struct {
81 PLUGIN_DATA;
82
83 buffer *tmp_buf;
84 request_uri uri;
85 physical physical;
86
87 plugin_config **config_storage;
88
89 plugin_config conf;
90 } plugin_data;
91
92 typedef struct {
93 plugin_config conf;
94 } handler_ctx;
95
96 /* init the plugin data */
97 INIT_FUNC(mod_webdav_init) {
98 plugin_data *p;
99
100 p = calloc(1, sizeof(*p));
101
102 p->tmp_buf = buffer_init();
103
104 p->uri.scheme = buffer_init();
105 p->uri.path_raw = buffer_init();
106 p->uri.path = buffer_init();
107 p->uri.authority = buffer_init();
108
109 p->physical.path = buffer_init();
110 p->physical.rel_path = buffer_init();
111 p->physical.doc_root = buffer_init();
112 p->physical.basedir = buffer_init();
113
114 return p;
115 }
116
117 /* detroy the plugin data */
118 FREE_FUNC(mod_webdav_free) {
119 plugin_data *p = p_d;
120
121 UNUSED(srv);
122
123 if (!p) return HANDLER_GO_ON;
124
125 if (p->config_storage) {
126 size_t i;
127 for (i = 0; i < srv->config_context->used; i++) {
128 plugin_config *s = p->config_storage[i];
129
130 if (NULL == s) continue;
131
132 buffer_free(s->sqlite_db_name);
133 #ifdef USE_PROPPATCH
134 if (s->sql) {
135 sqlite3_finalize(s->stmt_delete_prop);
136 sqlite3_finalize(s->stmt_delete_uri);
137 sqlite3_finalize(s->stmt_copy_uri);
138 sqlite3_finalize(s->stmt_move_uri);
139 sqlite3_finalize(s->stmt_update_prop);
140 sqlite3_finalize(s->stmt_select_prop);
141 sqlite3_finalize(s->stmt_select_propnames);
142
143 sqlite3_finalize(s->stmt_read_lock);
144 sqlite3_finalize(s->stmt_read_lock_by_uri);
145 sqlite3_finalize(s->stmt_create_lock);
146 sqlite3_finalize(s->stmt_remove_lock);
147 sqlite3_finalize(s->stmt_refresh_lock);
148 sqlite3_close(s->sql);
149 }
150 #endif
151 free(s);
152 }
153 free(p->config_storage);
154 }
155
156 buffer_free(p->uri.scheme);
157 buffer_free(p->uri.path_raw);
158 buffer_free(p->uri.path);
159 buffer_free(p->uri.authority);
160
161 buffer_free(p->physical.path);
162 buffer_free(p->physical.rel_path);
163 buffer_free(p->physical.doc_root);
164 buffer_free(p->physical.basedir);
165
166 buffer_free(p->tmp_buf);
167
168 free(p);
169
170 return HANDLER_GO_ON;
171 }
172
173 /* handle plugin config and check values */
174
175 SETDEFAULTS_FUNC(mod_webdav_set_defaults) {
176 plugin_data *p = p_d;
177 size_t i = 0;
178
179 config_values_t cv[] = {
180 { "webdav.activate", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
181 { "webdav.is-readonly", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
182 { "webdav.sqlite-db-name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
183 { "webdav.log-xml", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
184 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
185 };
186
187 if (!p) return HANDLER_ERROR;
188
189 p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
190
191 for (i = 0; i < srv->config_context->used; i++) {
192 data_config const* config = (data_config const*)srv->config_context->data[i];
193 plugin_config *s;
194
195 s = calloc(1, sizeof(plugin_config));
196 s->sqlite_db_name = buffer_init();
197
198 cv[0].destination = &(s->enabled);
199 cv[1].destination = &(s->is_readonly);
200 cv[2].destination = s->sqlite_db_name;
201 cv[3].destination = &(s->log_xml);
202
203 p->config_storage[i] = s;
204
205 if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) {
206 return HANDLER_ERROR;
207 }
208
209 if (!buffer_string_is_empty(s->sqlite_db_name)) {
210 #ifdef USE_PROPPATCH
211 const char *next_stmt;
212 char *err;
213
214 if (SQLITE_OK != sqlite3_open(s->sqlite_db_name->ptr, &(s->sql))) {
215 log_error_write(srv, __FILE__, __LINE__, "sbs", "sqlite3_open failed for",
216 s->sqlite_db_name,
217 sqlite3_errmsg(s->sql));
218 return HANDLER_ERROR;
219 }
220
221 if (SQLITE_OK != sqlite3_exec(s->sql,
222 "CREATE TABLE IF NOT EXISTS properties ("
223 " resource TEXT NOT NULL,"
224 " prop TEXT NOT NULL,"
225 " ns TEXT NOT NULL,"
226 " value TEXT NOT NULL,"
227 " PRIMARY KEY(resource, prop, ns))",
228 NULL, NULL, &err)) {
229
230 if (0 != strcmp(err, "table properties already exists")) {
231 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
232 sqlite3_free(err);
233
234 return HANDLER_ERROR;
235 }
236 sqlite3_free(err);
237 }
238
239 if (SQLITE_OK != sqlite3_exec(s->sql,
240 "CREATE TABLE IF NOT EXISTS locks ("
241 " locktoken TEXT NOT NULL,"
242 " resource TEXT NOT NULL,"
243 " lockscope TEXT NOT NULL,"
244 " locktype TEXT NOT NULL,"
245 " owner TEXT NOT NULL,"
246 " depth INT NOT NULL,"
247 " timeout TIMESTAMP NOT NULL,"
248 " PRIMARY KEY(locktoken))",
249 NULL, NULL, &err)) {
250
251 if (0 != strcmp(err, "table locks already exists")) {
252 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
253 sqlite3_free(err);
254
255 return HANDLER_ERROR;
256 }
257 sqlite3_free(err);
258 }
259
260 if (SQLITE_OK != sqlite3_prepare(s->sql,
261 CONST_STR_LEN("SELECT value FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
262 &(s->stmt_select_prop), &next_stmt)) {
263 /* prepare failed */
264
265 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
266 return HANDLER_ERROR;
267 }
268
269 if (SQLITE_OK != sqlite3_prepare(s->sql,
270 CONST_STR_LEN("SELECT ns, prop FROM properties WHERE resource = ?"),
271 &(s->stmt_select_propnames), &next_stmt)) {
272 /* prepare failed */
273
274 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
275 return HANDLER_ERROR;
276 }
277
278
279 if (SQLITE_OK != sqlite3_prepare(s->sql,
280 CONST_STR_LEN("REPLACE INTO properties (resource, prop, ns, value) VALUES (?, ?, ?, ?)"),
281 &(s->stmt_update_prop), &next_stmt)) {
282 /* prepare failed */
283
284 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
285 return HANDLER_ERROR;
286 }
287
288 if (SQLITE_OK != sqlite3_prepare(s->sql,
289 CONST_STR_LEN("DELETE FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
290 &(s->stmt_delete_prop), &next_stmt)) {
291 /* prepare failed */
292 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
293
294 return HANDLER_ERROR;
295 }
296
297 if (SQLITE_OK != sqlite3_prepare(s->sql,
298 CONST_STR_LEN("DELETE FROM properties WHERE resource = ?"),
299 &(s->stmt_delete_uri), &next_stmt)) {
300 /* prepare failed */
301 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
302
303 return HANDLER_ERROR;
304 }
305
306 if (SQLITE_OK != sqlite3_prepare(s->sql,
307 CONST_STR_LEN("INSERT INTO properties SELECT ?, prop, ns, value FROM properties WHERE resource = ?"),
308 &(s->stmt_copy_uri), &next_stmt)) {
309 /* prepare failed */
310 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
311
312 return HANDLER_ERROR;
313 }
314
315 if (SQLITE_OK != sqlite3_prepare(s->sql,
316 CONST_STR_LEN("UPDATE OR REPLACE properties SET resource = ? WHERE resource = ?"),
317 &(s->stmt_move_uri), &next_stmt)) {
318 /* prepare failed */
319 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
320
321 return HANDLER_ERROR;
322 }
323
324 /* LOCKS */
325
326 if (SQLITE_OK != sqlite3_prepare(s->sql,
327 CONST_STR_LEN("INSERT INTO locks (locktoken, resource, lockscope, locktype, owner, depth, timeout) VALUES (?,?,?,?,?,?, CURRENT_TIME + 600)"),
328 &(s->stmt_create_lock), &next_stmt)) {
329 /* prepare failed */
330 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
331
332 return HANDLER_ERROR;
333 }
334
335 if (SQLITE_OK != sqlite3_prepare(s->sql,
336 CONST_STR_LEN("DELETE FROM locks WHERE locktoken = ?"),
337 &(s->stmt_remove_lock), &next_stmt)) {
338 /* prepare failed */
339 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
340
341 return HANDLER_ERROR;
342 }
343
344 if (SQLITE_OK != sqlite3_prepare(s->sql,
345 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE locktoken = ?"),
346 &(s->stmt_read_lock), &next_stmt)) {
347 /* prepare failed */
348 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
349
350 return HANDLER_ERROR;
351 }
352
353 if (SQLITE_OK != sqlite3_prepare(s->sql,
354 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE resource = ?"),
355 &(s->stmt_read_lock_by_uri), &next_stmt)) {
356 /* prepare failed */
357 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
358
359 return HANDLER_ERROR;
360 }
361
362 if (SQLITE_OK != sqlite3_prepare(s->sql,
363 CONST_STR_LEN("UPDATE locks SET timeout = CURRENT_TIME + 600 WHERE locktoken = ?"),
364 &(s->stmt_refresh_lock), &next_stmt)) {
365 /* prepare failed */
366 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
367
368 return HANDLER_ERROR;
369 }
370
371
372 #else
373 log_error_write(srv, __FILE__, __LINE__, "s", "Sorry, no sqlite3 and libxml2 support include, compile with --with-webdav-props");
374 return HANDLER_ERROR;
375 #endif
376 }
377 }
378
379 return HANDLER_GO_ON;
380 }
381
382 #define PATCH_OPTION(x) \
383 p->conf.x = s->x;
384 static int mod_webdav_patch_connection(server *srv, connection *con, plugin_data *p) {
385 size_t i, j;
386 plugin_config *s = p->config_storage[0];
387
388 PATCH_OPTION(enabled);
389 PATCH_OPTION(is_readonly);
390 PATCH_OPTION(log_xml);
391
392 #ifdef USE_PROPPATCH
393 PATCH_OPTION(sql);
394 PATCH_OPTION(stmt_update_prop);
395 PATCH_OPTION(stmt_delete_prop);
396 PATCH_OPTION(stmt_select_prop);
397 PATCH_OPTION(stmt_select_propnames);
398
399 PATCH_OPTION(stmt_delete_uri);
400 PATCH_OPTION(stmt_move_uri);
401 PATCH_OPTION(stmt_copy_uri);
402
403 PATCH_OPTION(stmt_remove_lock);
404 PATCH_OPTION(stmt_refresh_lock);
405 PATCH_OPTION(stmt_create_lock);
406 PATCH_OPTION(stmt_read_lock);
407 PATCH_OPTION(stmt_read_lock_by_uri);
408 #endif
409 /* skip the first, the global context */
410 for (i = 1; i < srv->config_context->used; i++) {
411 data_config *dc = (data_config *)srv->config_context->data[i];
412 s = p->config_storage[i];
413
414 /* condition didn't match */
415 if (!config_check_cond(srv, con, dc)) continue;
416
417 /* merge config */
418 for (j = 0; j < dc->value->used; j++) {
419 data_unset *du = dc->value->data[j];
420
421 if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.activate"))) {
422 PATCH_OPTION(enabled);
423 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.is-readonly"))) {
424 PATCH_OPTION(is_readonly);
425 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.log-xml"))) {
426 PATCH_OPTION(log_xml);
427 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.sqlite-db-name"))) {
428 #ifdef USE_PROPPATCH
429 PATCH_OPTION(sql);
430 PATCH_OPTION(stmt_update_prop);
431 PATCH_OPTION(stmt_delete_prop);
432 PATCH_OPTION(stmt_select_prop);
433 PATCH_OPTION(stmt_select_propnames);
434
435 PATCH_OPTION(stmt_delete_uri);
436 PATCH_OPTION(stmt_move_uri);
437 PATCH_OPTION(stmt_copy_uri);
438
439 PATCH_OPTION(stmt_remove_lock);
440 PATCH_OPTION(stmt_refresh_lock);
441 PATCH_OPTION(stmt_create_lock);
442 PATCH_OPTION(stmt_read_lock);
443 PATCH_OPTION(stmt_read_lock_by_uri);
444 #endif
445 }
446 }
447 }
448
449 return 0;
450 }
451
452 URIHANDLER_FUNC(mod_webdav_uri_handler) {
453 plugin_data *p = p_d;
454
455 UNUSED(srv);
456
457 if (buffer_is_empty(con->uri.path)) return HANDLER_GO_ON;
458
459 mod_webdav_patch_connection(srv, con, p);
460
461 if (!p->conf.enabled) return HANDLER_GO_ON;
462
463 switch (con->request.http_method) {
464 case HTTP_METHOD_OPTIONS:
465 /* we fake a little bit but it makes MS W2k happy and it let's us mount the volume */
466 response_header_overwrite(srv, con, CONST_STR_LEN("DAV"), CONST_STR_LEN("1,2"));
467 response_header_overwrite(srv, con, CONST_STR_LEN("MS-Author-Via"), CONST_STR_LEN("DAV"));
468
469 if (p->conf.is_readonly) {
470 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND"));
471 } else {
472 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND, DELETE, MKCOL, PUT, MOVE, COPY, PROPPATCH, LOCK, UNLOCK"));
473 }
474 break;
475 default:
476 break;
477 }
478
479 /* not found */
480 return HANDLER_GO_ON;
481 }
482 static int webdav_gen_prop_tag(server *srv, connection *con,
483 char *prop_name,
484 char *prop_ns,
485 char *value,
486 buffer *b) {
487
488 UNUSED(srv);
489 UNUSED(con);
490
491 if (value) {
492 buffer_append_string_len(b,CONST_STR_LEN("<"));
493 buffer_append_string(b, prop_name);
494 buffer_append_string_len(b, CONST_STR_LEN(" xmlns=\""));
495 buffer_append_string(b, prop_ns);
496 buffer_append_string_len(b, CONST_STR_LEN("\">"));
497
498 buffer_append_string(b, value);
499
500 buffer_append_string_len(b,CONST_STR_LEN("</"));
501 buffer_append_string(b, prop_name);
502 buffer_append_string_len(b, CONST_STR_LEN(">"));
503 } else {
504 buffer_append_string_len(b,CONST_STR_LEN("<"));
505 buffer_append_string(b, prop_name);
506 buffer_append_string_len(b, CONST_STR_LEN(" xmlns=\""));
507 buffer_append_string(b, prop_ns);
508 buffer_append_string_len(b, CONST_STR_LEN("\"/>"));
509 }
510
511 return 0;
512 }
513
514
515 static int webdav_gen_response_status_tag(server *srv, connection *con, physical *dst, int status, buffer *b) {
516 UNUSED(srv);
517
518 buffer_append_string_len(b,CONST_STR_LEN("<D:response xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
519
520 buffer_append_string_len(b,CONST_STR_LEN("<D:href>\n"));
521 buffer_append_string_buffer(b, dst->rel_path);
522 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
523 buffer_append_string_len(b,CONST_STR_LEN("<D:status>\n"));
524
525 if (con->request.http_version == HTTP_VERSION_1_1) {
526 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.1 "));
527 } else {
528 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.0 "));
529 }
530 buffer_append_int(b, status);
531 buffer_append_string_len(b, CONST_STR_LEN(" "));
532 buffer_append_string(b, get_http_status_name(status));
533
534 buffer_append_string_len(b,CONST_STR_LEN("</D:status>\n"));
535 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
536
537 return 0;
538 }
539
540 static int webdav_delete_file(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
541 int status = 0;
542
543 /* try to unlink it */
544 if (-1 == unlink(dst->path->ptr)) {
545 switch(errno) {
546 case EACCES:
547 case EPERM:
548 /* 403 */
549 status = 403;
550 break;
551 default:
552 status = 501;
553 break;
554 }
555 webdav_gen_response_status_tag(srv, con, dst, status, b);
556 } else {
557 #ifdef USE_PROPPATCH
558 sqlite3_stmt *stmt = hctx->conf.stmt_delete_uri;
559
560 if (!stmt) {
561 status = 403;
562 webdav_gen_response_status_tag(srv, con, dst, status, b);
563 } else {
564 sqlite3_reset(stmt);
565
566 /* bind the values to the insert */
567
568 sqlite3_bind_text(stmt, 1,
569 CONST_BUF_LEN(dst->rel_path),
570 SQLITE_TRANSIENT);
571
572 if (SQLITE_DONE != sqlite3_step(stmt)) {
573 /* */
574 }
575 }
576 #else
577 UNUSED(hctx);
578 #endif
579 }
580
581 return (status != 0);
582 }
583
584 static int webdav_delete_dir(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
585 DIR *dir;
586 int have_multi_status = 0;
587 physical d;
588
589 d.path = buffer_init();
590 d.rel_path = buffer_init();
591
592 if (NULL != (dir = opendir(dst->path->ptr))) {
593 struct dirent *de;
594
595 while(NULL != (de = readdir(dir))) {
596 struct stat st;
597
598 if ((de->d_name[0] == '.' && de->d_name[1] == '\0') ||
599 (de->d_name[0] == '.' && de->d_name[1] == '.' && de->d_name[2] == '\0')) {
600 continue;
601 /* ignore the parent dir */
602 }
603
604 buffer_copy_buffer(d.path, dst->path);
605 buffer_append_slash(d.path);
606 buffer_append_string(d.path, de->d_name);
607
608 buffer_copy_buffer(d.rel_path, dst->rel_path);
609 buffer_append_slash(d.rel_path);
610 buffer_append_string(d.rel_path, de->d_name);
611
612 /* stat and unlink afterwards */
613 if (-1 == stat(d.path->ptr, &st)) {
614 /* don't about it yet, rmdir will fail too */
615 } else if (S_ISDIR(st.st_mode)) {
616 have_multi_status = webdav_delete_dir(srv, con, hctx, &d, b);
617
618 /* try to unlink it */
619 if (-1 == rmdir(d.path->ptr)) {
620 int status;
621 switch(errno) {
622 case EACCES:
623 case EPERM:
624 /* 403 */
625 status = 403;
626 break;
627 default:
628 status = 501;
629 break;
630 }
631 have_multi_status = 1;
632
633 webdav_gen_response_status_tag(srv, con, &d, status, b);
634 } else {
635 #ifdef USE_PROPPATCH
636 sqlite3_stmt *stmt = hctx->conf.stmt_delete_uri;
637
638 if (stmt) {
639 sqlite3_reset(stmt);
640
641 /* bind the values to the insert */
642
643 sqlite3_bind_text(stmt, 1,
644 CONST_BUF_LEN(d.rel_path),
645 SQLITE_TRANSIENT);
646
647 if (SQLITE_DONE != sqlite3_step(stmt)) {
648 /* */
649 }
650 }
651 #endif
652 }
653 } else {
654 have_multi_status = webdav_delete_file(srv, con, hctx, &d, b);
655 }
656 }
657 closedir(dir);
658
659 buffer_free(d.path);
660 buffer_free(d.rel_path);
661 }
662
663 return have_multi_status;
664 }
665
666 /* don't want to block when open()ing a fifo */
667 #if defined(O_NONBLOCK)
668 # define FIFO_NONBLOCK O_NONBLOCK
669 #else
670 # define FIFO_NONBLOCK 0
671 #endif
672
673 #ifndef O_BINARY
674 #define O_BINARY 0
675 #endif
676
677 static int webdav_copy_file(server *srv, connection *con, handler_ctx *hctx, physical *src, physical *dst, int overwrite) {
678 char *data;
679 ssize_t rd, wr, offset;
680 int status = 0, ifd, ofd;
681 UNUSED(srv);
682 UNUSED(con);
683
684 if (-1 == (ifd = open(src->path->ptr, O_RDONLY | O_BINARY | FIFO_NONBLOCK))) {
685 return 403;
686 }
687
688 if (-1 == (ofd = open(dst->path->ptr, O_WRONLY|O_TRUNC|O_CREAT|(overwrite ? 0 : O_EXCL), WEBDAV_FILE_MODE))) {
689 /* opening the destination failed for some reason */
690 switch(errno) {
691 case EEXIST:
692 status = 412;
693 break;
694 case EISDIR:
695 status = 409;
696 break;
697 case ENOENT:
698 /* at least one part in the middle wasn't existing */
699 status = 409;
700 break;
701 default:
702 status = 403;
703 break;
704 }
705 close(ifd);
706 return status;
707 }
708
709 data = malloc(131072);
710 force_assert(data);
711
712 while (0 < (rd = read(ifd, data, 131072))) {
713 offset = 0;
714 do {
715 wr = write(ofd, data+offset, (size_t)(rd-offset));
716 } while (wr >= 0 ? (offset += wr) != rd : (errno == EINTR));
717 if (-1 == wr) {
718 status = (errno == ENOSPC) ? 507 : 403;
719 break;
720 }
721
722 }
723 if (0 != rd && 0 == status) status = 403;
724
725 free(data);
726 close(ifd);
727 if (0 != close(ofd)) {
728 if (0 == status) status = (errno == ENOSPC) ? 507 : 403;
729 log_error_write(srv, __FILE__, __LINE__, "sbss",
730 "close ", dst->path, "failed: ", strerror(errno));
731 }
732
733 #ifdef USE_PROPPATCH
734 if (0 == status) {
735 /* copy worked fine, copy connected properties */
736 sqlite3_stmt *stmt = hctx->conf.stmt_copy_uri;
737
738 if (stmt) {
739 sqlite3_reset(stmt);
740
741 /* bind the values to the insert */
742 sqlite3_bind_text(stmt, 1,
743 CONST_BUF_LEN(dst->rel_path),
744 SQLITE_TRANSIENT);
745
746 sqlite3_bind_text(stmt, 2,
747 CONST_BUF_LEN(src->rel_path),
748 SQLITE_TRANSIENT);
749
750 if (SQLITE_DONE != sqlite3_step(stmt)) {
751 /* */
752 }
753 }
754 }
755 #else
756 UNUSED(hctx);
757 #endif
758 return status;
759 }
760
761 static int webdav_copy_dir(server *srv, connection *con, handler_ctx *hctx, physical *src, physical *dst, int overwrite) {
762 DIR *srcdir;
763 int status = 0;
764
765 if (NULL != (srcdir = opendir(src->path->ptr))) {
766 struct dirent *de;
767 physical s, d;
768
769 s.path = buffer_init();
770 s.rel_path = buffer_init();
771
772 d.path = buffer_init();
773 d.rel_path = buffer_init();
774
775 while (NULL != (de = readdir(srcdir))) {
776 struct stat st;
777
778 if ((de->d_name[0] == '.' && de->d_name[1] == '\0')
779 || (de->d_name[0] == '.' && de->d_name[1] == '.' && de->d_name[2] == '\0')) {
780 continue;
781 }
782
783 buffer_copy_buffer(s.path, src->path);
784 buffer_append_slash(s.path);
785 buffer_append_string(s.path, de->d_name);
786
787 buffer_copy_buffer(d.path, dst->path);
788 buffer_append_slash(d.path);
789 buffer_append_string(d.path, de->d_name);
790
791 buffer_copy_buffer(s.rel_path, src->rel_path);
792 buffer_append_slash(s.rel_path);
793 buffer_append_string(s.rel_path, de->d_name);
794
795 buffer_copy_buffer(d.rel_path, dst->rel_path);
796 buffer_append_slash(d.rel_path);
797 buffer_append_string(d.rel_path, de->d_name);
798
799 if (-1 == stat(s.path->ptr, &st)) {
800 /* why ? */
801 } else if (S_ISDIR(st.st_mode)) {
802 /* a directory */
803 if (-1 == mkdir(d.path->ptr, WEBDAV_DIR_MODE) &&
804 errno != EEXIST) {
805 /* WTH ? */
806 } else {
807 #ifdef USE_PROPPATCH
808 sqlite3_stmt *stmt = hctx->conf.stmt_copy_uri;
809
810 if (0 != (status = webdav_copy_dir(srv, con, hctx, &s, &d, overwrite))) {
811 break;
812 }
813 /* directory is copied, copy the properties too */
814
815 if (stmt) {
816 sqlite3_reset(stmt);
817
818 /* bind the values to the insert */
819 sqlite3_bind_text(stmt, 1,
820 CONST_BUF_LEN(dst->rel_path),
821 SQLITE_TRANSIENT);
822
823 sqlite3_bind_text(stmt, 2,
824 CONST_BUF_LEN(src->rel_path),
825 SQLITE_TRANSIENT);
826
827 if (SQLITE_DONE != sqlite3_step(stmt)) {
828 /* */
829 }
830 }
831 #endif
832 }
833 } else if (S_ISREG(st.st_mode)) {
834 /* a plain file */
835 if (0 != (status = webdav_copy_file(srv, con, hctx, &s, &d, overwrite))) {
836 break;
837 }
838 }
839 }
840
841 buffer_free(s.path);
842 buffer_free(s.rel_path);
843 buffer_free(d.path);
844 buffer_free(d.rel_path);
845
846 closedir(srcdir);
847 }
848
849 return status;
850 }
851
852 #ifdef USE_LOCKS
853 static void webdav_activelock(buffer *b,
854 const buffer *locktoken, const char *lockscope, const char *locktype, int depth, int timeout) {
855 buffer_append_string_len(b, CONST_STR_LEN("<D:activelock>\n"));
856
857 buffer_append_string_len(b, CONST_STR_LEN("<D:lockscope>"));
858 buffer_append_string_len(b, CONST_STR_LEN("<D:"));
859 buffer_append_string(b, lockscope);
860 buffer_append_string_len(b, CONST_STR_LEN("/>"));
861 buffer_append_string_len(b, CONST_STR_LEN("</D:lockscope>\n"));
862
863 buffer_append_string_len(b, CONST_STR_LEN("<D:locktype>"));
864 buffer_append_string_len(b, CONST_STR_LEN("<D:"));
865 buffer_append_string(b, locktype);
866 buffer_append_string_len(b, CONST_STR_LEN("/>"));
867 buffer_append_string_len(b, CONST_STR_LEN("</D:locktype>\n"));
868
869 buffer_append_string_len(b, CONST_STR_LEN("<D:depth>"));
870 buffer_append_string(b, depth == 0 ? "0" : "infinity");
871 buffer_append_string_len(b, CONST_STR_LEN("</D:depth>\n"));
872
873 buffer_append_string_len(b, CONST_STR_LEN("<D:timeout>"));
874 buffer_append_string_len(b, CONST_STR_LEN("Second-"));
875 buffer_append_int(b, timeout);
876 buffer_append_string_len(b, CONST_STR_LEN("</D:timeout>\n"));
877
878 buffer_append_string_len(b, CONST_STR_LEN("<D:owner>"));
879 buffer_append_string_len(b, CONST_STR_LEN("</D:owner>\n"));
880
881 buffer_append_string_len(b, CONST_STR_LEN("<D:locktoken>"));
882 buffer_append_string_len(b, CONST_STR_LEN("<D:href>"));
883 buffer_append_string_buffer(b, locktoken);
884 buffer_append_string_len(b, CONST_STR_LEN("</D:href>"));
885 buffer_append_string_len(b, CONST_STR_LEN("</D:locktoken>\n"));
886
887 buffer_append_string_len(b, CONST_STR_LEN("</D:activelock>\n"));
888 }
889
890 static void webdav_get_live_property_lockdiscovery(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
891
892 sqlite3_stmt *stmt = hctx->conf.stmt_read_lock_by_uri;
893 if (!stmt) { /*(should not happen)*/
894 buffer_append_string_len(b, CONST_STR_LEN("<D:lockdiscovery>\n</D:lockdiscovery>\n"));
895 return;
896 }
897 UNUSED(srv);
898 UNUSED(con);
899
900 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
901 * FROM locks
902 * WHERE resource = ? */
903
904 sqlite3_reset(stmt);
905
906 sqlite3_bind_text(stmt, 1,
907 CONST_BUF_LEN(dst->rel_path),
908 SQLITE_TRANSIENT);
909
910 buffer_append_string_len(b, CONST_STR_LEN("<D:lockdiscovery>\n"));
911 while (SQLITE_ROW == sqlite3_step(stmt)) {
912 const char *lockscope = (const char *)sqlite3_column_text(stmt, 2);
913 const char *locktype = (const char *)sqlite3_column_text(stmt, 3);
914 const int depth = sqlite3_column_int(stmt, 5);
915 const int timeout = sqlite3_column_int(stmt, 6);
916 buffer locktoken = { NULL, 0, 0 };
917 locktoken.ptr = (char *)sqlite3_column_text(stmt, 0);
918 locktoken.used = sqlite3_column_bytes(stmt, 0);
919 if (locktoken.used) ++locktoken.used;
920 locktoken.size = locktoken.used;
921
922 if (timeout > 0) {
923 webdav_activelock(b, &locktoken, lockscope, locktype, depth, timeout);
924 }
925 }
926 buffer_append_string_len(b, CONST_STR_LEN("</D:lockdiscovery>\n"));
927 }
928 #endif
929
930 static int webdav_get_live_property(server *srv, connection *con, handler_ctx *hctx, physical *dst, char *prop_name, buffer *b) {
931 stat_cache_entry *sce = NULL;
932 int found = 0;
933
934 UNUSED(hctx);
935
936 if (HANDLER_ERROR != (stat_cache_get_entry(srv, con, dst->path, &sce))) {
937 char ctime_buf[] = "2005-08-18T07:27:16Z";
938 char mtime_buf[] = "Thu, 18 Aug 2005 07:27:16 GMT";
939 size_t k;
940
941 if (0 == strcmp(prop_name, "resourcetype")) {
942 if (S_ISDIR(sce->st.st_mode)) {
943 buffer_append_string_len(b, CONST_STR_LEN("<D:resourcetype><D:collection/></D:resourcetype>"));
944 } else {
945 buffer_append_string_len(b, CONST_STR_LEN("<D:resourcetype/>"));
946 }
947 found = 1;
948 } else if (0 == strcmp(prop_name, "getcontenttype")) {
949 if (S_ISDIR(sce->st.st_mode)) {
950 buffer_append_string_len(b, CONST_STR_LEN("<D:getcontenttype>httpd/unix-directory</D:getcontenttype>"));
951 found = 1;
952 } else if(S_ISREG(sce->st.st_mode)) {
953 for (k = 0; k < con->conf.mimetypes->used; k++) {
954 data_string *ds = (data_string *)con->conf.mimetypes->data[k];
955
956 if (buffer_is_empty(ds->key)) continue;
957
958 if (buffer_is_equal_right_len(dst->path, ds->key, buffer_string_length(ds->key))) {
959 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontenttype>"));
960 buffer_append_string_buffer(b, ds->value);
961 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontenttype>"));
962 found = 1;
963
964 break;
965 }
966 }
967 }
968 } else if (0 == strcmp(prop_name, "creationdate")) {
969 buffer_append_string_len(b, CONST_STR_LEN("<D:creationdate ns0:dt=\"dateTime.tz\">"));
970 strftime(ctime_buf, sizeof(ctime_buf), "%Y-%m-%dT%H:%M:%SZ", gmtime(&(sce->st.st_ctime)));
971 buffer_append_string(b, ctime_buf);
972 buffer_append_string_len(b, CONST_STR_LEN("</D:creationdate>"));
973 found = 1;
974 } else if (0 == strcmp(prop_name, "getlastmodified")) {
975 buffer_append_string_len(b,CONST_STR_LEN("<D:getlastmodified ns0:dt=\"dateTime.rfc1123\">"));
976 strftime(mtime_buf, sizeof(mtime_buf), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&(sce->st.st_mtime)));
977 buffer_append_string(b, mtime_buf);
978 buffer_append_string_len(b, CONST_STR_LEN("</D:getlastmodified>"));
979 found = 1;
980 } else if (0 == strcmp(prop_name, "getcontentlength")) {
981 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontentlength>"));
982 buffer_append_int(b, sce->st.st_size);
983 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontentlength>"));
984 found = 1;
985 } else if (0 == strcmp(prop_name, "getcontentlanguage")) {
986 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontentlanguage>"));
987 buffer_append_string_len(b, CONST_STR_LEN("en"));
988 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontentlanguage>"));
989 found = 1;
990 } else if (0 == strcmp(prop_name, "getetag")) {
991 etag_create(con->physical.etag, &sce->st, con->etag_flags);
992 buffer_append_string_len(b, CONST_STR_LEN("<D:getetag>"));
993 buffer_append_string_buffer(b, con->physical.etag);
994 buffer_append_string_len(b, CONST_STR_LEN("</D:getetag>"));
995 buffer_reset(con->physical.etag);
996 found = 1;
997 #ifdef USE_LOCKS
998 } else if (0 == strcmp(prop_name, "lockdiscovery")) {
999 webdav_get_live_property_lockdiscovery(srv, con, hctx, dst, b);
1000 found = 1;
1001 } else if (0 == strcmp(prop_name, "supportedlock")) {
1002 buffer_append_string_len(b,CONST_STR_LEN("<D:supportedlock>"));
1003 buffer_append_string_len(b,CONST_STR_LEN("<D:lockentry>"));
1004 buffer_append_string_len(b,CONST_STR_LEN("<D:lockscope><D:exclusive/></D:lockscope>"));
1005 buffer_append_string_len(b,CONST_STR_LEN("<D:locktype><D:write/></D:locktype>"));
1006 buffer_append_string_len(b,CONST_STR_LEN("</D:lockentry>"));
1007 buffer_append_string_len(b, CONST_STR_LEN("</D:supportedlock>"));
1008 found = 1;
1009 #endif
1010 }
1011 }
1012
1013 return found ? 0 : -1;
1014 }
1015
1016 static int webdav_get_property(server *srv, connection *con, handler_ctx *hctx, physical *dst, char *prop_name, char *prop_ns, buffer *b) {
1017 if (0 == strcmp(prop_ns, "DAV:")) {
1018 /* a local 'live' property */
1019 return webdav_get_live_property(srv, con, hctx, dst, prop_name, b);
1020 } else {
1021 int found = 0;
1022 #ifdef USE_PROPPATCH
1023 sqlite3_stmt *stmt = hctx->conf.stmt_select_prop;
1024
1025 if (stmt) {
1026 /* perhaps it is in sqlite3 */
1027 sqlite3_reset(stmt);
1028
1029 /* bind the values to the insert */
1030
1031 sqlite3_bind_text(stmt, 1,
1032 CONST_BUF_LEN(dst->rel_path),
1033 SQLITE_TRANSIENT);
1034 sqlite3_bind_text(stmt, 2,
1035 prop_name,
1036 strlen(prop_name),
1037 SQLITE_TRANSIENT);
1038 sqlite3_bind_text(stmt, 3,
1039 prop_ns,
1040 strlen(prop_ns),
1041 SQLITE_TRANSIENT);
1042
1043 /* it is the PK */
1044 while (SQLITE_ROW == sqlite3_step(stmt)) {
1045 /* there is a row for us, we only expect a single col 'value' */
1046 webdav_gen_prop_tag(srv, con, prop_name, prop_ns, (char *)sqlite3_column_text(stmt, 0), b);
1047 found = 1;
1048 }
1049 }
1050 #endif
1051 return found ? 0 : -1;
1052 }
1053
1054 /* not found */
1055 return -1;
1056 }
1057
1058 typedef struct {
1059 char *ns;
1060 char *prop;
1061 } webdav_property;
1062
1063 static webdav_property live_properties[] = {
1064 { "DAV:", "creationdate" },
1065 /*{ "DAV:", "displayname" },*//*(not implemented)*/
1066 { "DAV:", "getcontentlanguage" },
1067 { "DAV:", "getcontentlength" },
1068 { "DAV:", "getcontenttype" },
1069 { "DAV:", "getetag" },
1070 { "DAV:", "getlastmodified" },
1071 { "DAV:", "resourcetype" },
1072 /*{ "DAV:", "source" },*//*(not implemented)*/
1073 #ifdef USE_LOCKS
1074 { "DAV:", "lockdiscovery" },
1075 { "DAV:", "supportedlock" },
1076 #endif
1077
1078 { NULL, NULL }
1079 };
1080
1081 typedef struct {
1082 webdav_property **ptr;
1083
1084 size_t used;
1085 size_t size;
1086 } webdav_properties;
1087
1088 static int webdav_get_props(server *srv, connection *con, handler_ctx *hctx, physical *dst, webdav_properties *props, buffer *b_200, buffer *b_404) {
1089 size_t i;
1090
1091 if (props && props->used) {
1092 for (i = 0; i < props->used; i++) {
1093 webdav_property *prop;
1094
1095 prop = props->ptr[i];
1096
1097 if (0 != webdav_get_property(srv, con, hctx,
1098 dst, prop->prop, prop->ns, b_200)) {
1099 webdav_gen_prop_tag(srv, con, prop->prop, prop->ns, NULL, b_404);
1100 }
1101 }
1102 } else {
1103 for (i = 0; live_properties[i].prop; i++) {
1104 /* a local 'live' property */
1105 webdav_get_live_property(srv, con, hctx, dst, live_properties[i].prop, b_200);
1106 }
1107 }
1108
1109 return 0;
1110 }
1111
1112 #ifdef USE_PROPPATCH
1113 static int webdav_parse_chunkqueue(server *srv, connection *con, handler_ctx *hctx, chunkqueue *cq, xmlDoc **ret_xml) {
1114 xmlParserCtxtPtr ctxt;
1115 xmlDoc *xml;
1116 int res;
1117 int err;
1118
1119 chunk *c;
1120
1121 UNUSED(con);
1122
1123 /* read the chunks in to the XML document */
1124 ctxt = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
1125
1126 for (c = cq->first; cq->bytes_out != cq->bytes_in; c = cq->first) {
1127 size_t weWant = cq->bytes_out - cq->bytes_in;
1128 size_t weHave;
1129 int mapped;
1130 void *data;
1131
1132 switch(c->type) {
1133 case FILE_CHUNK:
1134 weHave = c->file.length - c->offset;
1135
1136 if (weHave > weWant) weHave = weWant;
1137
1138 /* xml chunks are always memory, mmap() is our friend */
1139 mapped = (c->file.mmap.start != MAP_FAILED);
1140 if (mapped) {
1141 data = c->file.mmap.start + c->offset;
1142 } else {
1143 if (-1 == c->file.fd && /* open the file if not already open */
1144 -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
1145 log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno));
1146
1147 return -1;
1148 }
1149
1150 if (MAP_FAILED != (c->file.mmap.start = mmap(0, c->file.length, PROT_READ, MAP_PRIVATE, c->file.fd, 0))) {
1151 /* chunk_reset() or chunk_free() will cleanup for us */
1152 c->file.mmap.length = c->file.length;
1153 data = c->file.mmap.start + c->offset;
1154 mapped = 1;
1155 } else {
1156 ssize_t rd;
1157 if (weHave > 65536) weHave = 65536;
1158 data = malloc(weHave);
1159 force_assert(data);
1160 if (-1 == lseek(c->file.fd, c->file.start + c->offset, SEEK_SET)
1161 || 0 > (rd = read(c->file.fd, data, weHave))) {
1162 log_error_write(srv, __FILE__, __LINE__, "ssbd", "lseek/read failed: ",
1163 strerror(errno), c->file.name, c->file.fd);
1164 free(data);
1165 return -1;
1166 }
1167 weHave = (size_t)rd;
1168 }
1169 }
1170
1171 if (XML_ERR_OK != (err = xmlParseChunk(ctxt, data, weHave, 0))) {
1172 log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
1173 }
1174
1175 chunkqueue_mark_written(cq, weHave);
1176
1177 if (!mapped) free(data);
1178 break;
1179 case MEM_CHUNK:
1180 /* append to the buffer */
1181 weHave = buffer_string_length(c->mem) - c->offset;
1182
1183 if (weHave > weWant) weHave = weWant;
1184
1185 if (hctx->conf.log_xml) {
1186 log_error_write(srv, __FILE__, __LINE__, "ss", "XML-request-body:", c->mem->ptr + c->offset);
1187 }
1188
1189 if (XML_ERR_OK != (err = xmlParseChunk(ctxt, c->mem->ptr + c->offset, weHave, 0))) {
1190 log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
1191 }
1192
1193 chunkqueue_mark_written(cq, weHave);
1194
1195 break;
1196 }
1197 }
1198
1199 switch ((err = xmlParseChunk(ctxt, 0, 0, 1))) {
1200 case XML_ERR_DOCUMENT_END:
1201 case XML_ERR_OK:
1202 break;
1203 default:
1204 log_error_write(srv, __FILE__, __LINE__, "sd", "xmlParseChunk failed at final packet:", err);
1205 break;
1206 }
1207
1208 xml = ctxt->myDoc;
1209 res = ctxt->wellFormed;
1210 xmlFreeParserCtxt(ctxt);
1211
1212 if (res == 0) {
1213 xmlFreeDoc(xml);
1214 } else {
1215 *ret_xml = xml;
1216 }
1217
1218 return res;
1219 }
1220 #endif
1221
1222 #ifdef USE_LOCKS
1223 static int webdav_lockdiscovery(server *srv, connection *con,
1224 buffer *locktoken, const char *lockscope, const char *locktype, int depth) {
1225
1226 buffer *b = buffer_init();
1227
1228 response_header_overwrite(srv, con, CONST_STR_LEN("Lock-Token"), CONST_BUF_LEN(locktoken));
1229
1230 response_header_overwrite(srv, con,
1231 CONST_STR_LEN("Content-Type"),
1232 CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1233
1234 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1235
1236 buffer_append_string_len(b,CONST_STR_LEN("<D:prop xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1237 buffer_append_string_len(b,CONST_STR_LEN("<D:lockdiscovery>\n"));
1238 webdav_activelock(b, locktoken, lockscope, locktype, depth, 600);
1239 buffer_append_string_len(b,CONST_STR_LEN("</D:lockdiscovery>\n"));
1240 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1241
1242 chunkqueue_append_buffer(con->write_queue, b);
1243 buffer_free(b);
1244
1245 return 0;
1246 }
1247 #endif
1248
1249 /**
1250 * check if resource is having the right locks to access to resource
1251 *
1252 *
1253 *
1254 */
1255 static int webdav_has_lock(server *srv, connection *con, handler_ctx *hctx, buffer *uri) {
1256 int has_lock = 1;
1257
1258 #ifdef USE_LOCKS
1259 data_string *ds;
1260 UNUSED(srv);
1261
1262 /**
1263 * This implementation is more fake than real
1264 * we need a parser for the If: header to really handle the full scope
1265 *
1266 * X-Litmus: locks: 11 (owner_modify)
1267 * If: <http://127.0.0.1:1025/dav/litmus/lockme> (<opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1>)
1268 * - a tagged check:
1269 * if http://127.0.0.1:1025/dav/litmus/lockme is locked with
1270 * opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1, go on
1271 *
1272 * X-Litmus: locks: 16 (fail_cond_put)
1273 * If: (<DAV:no-lock> ["-1622396671"])
1274 * - untagged:
1275 * go on if the resource has the etag [...] and the lock
1276 */
1277 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
1278 /* Ooh, ooh. A if tag, now the fun begins.
1279 *
1280 * this can only work with a real parser
1281 **/
1282 } else {
1283 /* we didn't provided a lock-token -> */
1284 /* if the resource is locked -> 423 */
1285
1286 sqlite3_stmt *stmt = hctx->conf.stmt_read_lock_by_uri;
1287
1288 sqlite3_reset(stmt);
1289
1290 sqlite3_bind_text(stmt, 1,
1291 CONST_BUF_LEN(uri),
1292 SQLITE_TRANSIENT);
1293
1294 while (SQLITE_ROW == sqlite3_step(stmt)) {
1295 has_lock = 0;
1296 }
1297 }
1298 #else
1299 UNUSED(srv);
1300 UNUSED(con);
1301 UNUSED(hctx);
1302 UNUSED(uri);
1303 #endif
1304
1305 return has_lock;
1306 }
1307
1308
1309 SUBREQUEST_FUNC(mod_webdav_subrequest_handler_huge) {
1310 plugin_data *p = p_d;
1311 handler_ctx *hctx = con->plugin_ctx[p->id];
1312 buffer *b;
1313 DIR *dir;
1314 data_string *ds;
1315 int depth = -1; /* (Depth: infinity) */
1316 struct stat st;
1317 buffer *prop_200;
1318 buffer *prop_404;
1319 webdav_properties *req_props;
1320 stat_cache_entry *sce = NULL;
1321
1322 UNUSED(srv);
1323
1324 if (NULL == hctx) return HANDLER_GO_ON;
1325 if (!hctx->conf.enabled) return HANDLER_GO_ON;
1326 /* physical path is setup */
1327 if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
1328
1329 /* PROPFIND need them */
1330 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Depth")) && 1 == buffer_string_length(ds->value)) {
1331 if ('0' == *ds->value->ptr) {
1332 depth = 0;
1333 } else if ('1' == *ds->value->ptr) {
1334 depth = 1;
1335 }
1336 } /* else treat as Depth: infinity */
1337
1338 switch (con->request.http_method) {
1339 case HTTP_METHOD_PROPFIND:
1340 /* they want to know the properties of the directory */
1341 req_props = NULL;
1342
1343 /* is there a content-body ? */
1344
1345 switch (stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
1346 case HANDLER_ERROR:
1347 if (errno == ENOENT) {
1348 con->http_status = 404;
1349 return HANDLER_FINISHED;
1350 }
1351 break;
1352 default:
1353 break;
1354 }
1355
1356 if (S_ISDIR(sce->st.st_mode) && con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
1357 http_response_redirect_to_directory(srv, con);
1358 return HANDLER_FINISHED;
1359 }
1360
1361 #ifdef USE_PROPPATCH
1362 /* any special requests or just allprop ? */
1363 if (con->request.content_length) {
1364 xmlDocPtr xml;
1365
1366 if (con->state == CON_STATE_READ_POST) {
1367 handler_t r = connection_handle_read_post_state(srv, con);
1368 if (r != HANDLER_GO_ON) return r;
1369 }
1370
1371 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
1372 xmlNode *rootnode = xmlDocGetRootElement(xml);
1373
1374 force_assert(rootnode);
1375
1376 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "propfind")) {
1377 xmlNode *cmd;
1378
1379 req_props = calloc(1, sizeof(*req_props));
1380
1381 for (cmd = rootnode->children; cmd; cmd = cmd->next) {
1382
1383 if (0 == xmlStrcmp(cmd->name, BAD_CAST "prop")) {
1384 /* get prop by name */
1385 xmlNode *prop;
1386
1387 for (prop = cmd->children; prop; prop = prop->next) {
1388 if (prop->type == XML_TEXT_NODE) continue; /* ignore WS */
1389
1390 if (prop->ns &&
1391 (0 == xmlStrcmp(prop->ns->href, BAD_CAST "")) &&
1392 (0 != xmlStrcmp(prop->ns->prefix, BAD_CAST ""))) {
1393 size_t i;
1394 log_error_write(srv, __FILE__, __LINE__, "ss",
1395 "no name space for:",
1396 prop->name);
1397
1398 xmlFreeDoc(xml);
1399
1400 for (i = 0; i < req_props->used; i++) {
1401 free(req_props->ptr[i]->ns);
1402 free(req_props->ptr[i]->prop);
1403 free(req_props->ptr[i]);
1404 }
1405 free(req_props->ptr);
1406 free(req_props);
1407
1408 con->http_status = 400;
1409 return HANDLER_FINISHED;
1410 }
1411
1412 /* add property to requested list */
1413 if (req_props->size == 0) {
1414 req_props->size = 16;
1415 req_props->ptr = malloc(sizeof(*(req_props->ptr)) * req_props->size);
1416 } else if (req_props->used == req_props->size) {
1417 req_props->size += 16;
1418 req_props->ptr = realloc(req_props->ptr, sizeof(*(req_props->ptr)) * req_props->size);
1419 }
1420
1421 req_props->ptr[req_props->used] = malloc(sizeof(webdav_property));
1422 req_props->ptr[req_props->used]->ns = (char *)xmlStrdup(prop->ns ? prop->ns->href : (xmlChar *)"");
1423 req_props->ptr[req_props->used]->prop = (char *)xmlStrdup(prop->name);
1424 req_props->used++;
1425 }
1426 } else if (0 == xmlStrcmp(cmd->name, BAD_CAST "propname")) {
1427 sqlite3_stmt *stmt = p->conf.stmt_select_propnames;
1428
1429 if (stmt) {
1430 /* get all property names (EMPTY) */
1431 sqlite3_reset(stmt);
1432 /* bind the values to the insert */
1433
1434 sqlite3_bind_text(stmt, 1,
1435 CONST_BUF_LEN(con->uri.path),
1436 SQLITE_TRANSIENT);
1437
1438 if (SQLITE_DONE != sqlite3_step(stmt)) {
1439 }
1440 }
1441 } else if (0 == xmlStrcmp(cmd->name, BAD_CAST "allprop")) {
1442 /* get all properties (EMPTY) */
1443 }
1444 }
1445 }
1446
1447 xmlFreeDoc(xml);
1448 } else {
1449 con->http_status = 400;
1450 return HANDLER_FINISHED;
1451 }
1452 }
1453 #endif
1454 con->http_status = 207;
1455
1456 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1457
1458 b = buffer_init();
1459
1460 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1461
1462 buffer_append_string_len(b,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1463
1464 /* allprop */
1465
1466 prop_200 = buffer_init();
1467 prop_404 = buffer_init();
1468
1469 {
1470 /* Depth: 0 or Depth: 1 */
1471 webdav_get_props(srv, con, hctx, &(con->physical), req_props, prop_200, prop_404);
1472
1473 buffer_append_string_len(b,CONST_STR_LEN("<D:response>\n"));
1474 buffer_append_string_len(b,CONST_STR_LEN("<D:href>"));
1475 buffer_append_string_buffer(b, con->uri.scheme);
1476 buffer_append_string_len(b,CONST_STR_LEN("://"));
1477 buffer_append_string_buffer(b, con->uri.authority);
1478 buffer_append_string_encoded(b, CONST_BUF_LEN(con->uri.path), ENCODING_REL_URI);
1479 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
1480
1481 if (!buffer_string_is_empty(prop_200)) {
1482 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1483 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1484
1485 buffer_append_string_buffer(b, prop_200);
1486
1487 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1488
1489 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1490
1491 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1492 }
1493 if (!buffer_string_is_empty(prop_404)) {
1494 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1495 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1496
1497 buffer_append_string_buffer(b, prop_404);
1498
1499 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1500
1501 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1502
1503 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1504 }
1505
1506 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
1507 }
1508
1509 if (depth == 1) {
1510
1511 if (NULL != (dir = opendir(con->physical.path->ptr))) {
1512 struct dirent *de;
1513 physical d;
1514 physical *dst = &(con->physical);
1515
1516 d.path = buffer_init();
1517 d.rel_path = buffer_init();
1518
1519 while(NULL != (de = readdir(dir))) {
1520 if (de->d_name[0] == '.' && (de->d_name[1] == '\0' || (de->d_name[1] == '.' && de->d_name[2] == '\0'))) {
1521 continue;
1522 /* ignore the parent and target dir */
1523 }
1524
1525 buffer_copy_buffer(d.path, dst->path);
1526 buffer_append_slash(d.path);
1527
1528 buffer_copy_buffer(d.rel_path, dst->rel_path);
1529 buffer_append_slash(d.rel_path);
1530
1531 buffer_append_string(d.path, de->d_name);
1532 buffer_append_string(d.rel_path, de->d_name);
1533
1534 buffer_reset(prop_200);
1535 buffer_reset(prop_404);
1536
1537 webdav_get_props(srv, con, hctx, &d, req_props, prop_200, prop_404);
1538
1539 buffer_append_string_len(b,CONST_STR_LEN("<D:response>\n"));
1540 buffer_append_string_len(b,CONST_STR_LEN("<D:href>"));
1541 buffer_append_string_buffer(b, con->uri.scheme);
1542 buffer_append_string_len(b,CONST_STR_LEN("://"));
1543 buffer_append_string_buffer(b, con->uri.authority);
1544 buffer_append_string_encoded(b, CONST_BUF_LEN(d.rel_path), ENCODING_REL_URI);
1545 if (0 == stat(d.path->ptr, &st) && S_ISDIR(st.st_mode)) {
1546 /* Append a '/' on subdirectories */
1547 buffer_append_string_len(b,CONST_STR_LEN("/"));
1548 }
1549 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
1550
1551 if (!buffer_string_is_empty(prop_200)) {
1552 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1553 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1554
1555 buffer_append_string_buffer(b, prop_200);
1556
1557 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1558
1559 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1560
1561 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1562 }
1563 if (!buffer_string_is_empty(prop_404)) {
1564 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1565 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1566
1567 buffer_append_string_buffer(b, prop_404);
1568
1569 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1570
1571 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1572
1573 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1574 }
1575
1576 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
1577 }
1578 closedir(dir);
1579 buffer_free(d.path);
1580 buffer_free(d.rel_path);
1581 }
1582
1583 }
1584
1585 if (req_props) {
1586 size_t i;
1587 for (i = 0; i < req_props->used; i++) {
1588 free(req_props->ptr[i]->ns);
1589 free(req_props->ptr[i]->prop);
1590 free(req_props->ptr[i]);
1591 }
1592 free(req_props->ptr);
1593 free(req_props);
1594 }
1595
1596 buffer_free(prop_200);
1597 buffer_free(prop_404);
1598
1599 buffer_append_string_len(b,CONST_STR_LEN("</D:multistatus>\n"));
1600
1601 if (p->conf.log_xml) {
1602 log_error_write(srv, __FILE__, __LINE__, "sb", "XML-response-body:", b);
1603 }
1604
1605 chunkqueue_append_buffer(con->write_queue, b);
1606 buffer_free(b);
1607
1608 con->file_finished = 1;
1609
1610 return HANDLER_FINISHED;
1611 case HTTP_METHOD_MKCOL:
1612 if (p->conf.is_readonly) {
1613 con->http_status = 403;
1614 return HANDLER_FINISHED;
1615 }
1616
1617 if (con->request.content_length != 0) {
1618 /* we don't support MKCOL with a body */
1619 con->http_status = 415;
1620
1621 return HANDLER_FINISHED;
1622 }
1623
1624 /* let's create the directory */
1625
1626 if (-1 == mkdir(con->physical.path->ptr, WEBDAV_DIR_MODE)) {
1627 switch(errno) {
1628 case EPERM:
1629 con->http_status = 403;
1630 break;
1631 case ENOENT:
1632 case ENOTDIR:
1633 con->http_status = 409;
1634 break;
1635 case EEXIST:
1636 default:
1637 con->http_status = 405; /* not allowed */
1638 break;
1639 }
1640 } else {
1641 con->http_status = 201;
1642 con->file_finished = 1;
1643 }
1644
1645 return HANDLER_FINISHED;
1646 case HTTP_METHOD_DELETE:
1647 if (p->conf.is_readonly) {
1648 con->http_status = 403;
1649 return HANDLER_FINISHED;
1650 }
1651
1652 /* does the client have a lock for this connection ? */
1653 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
1654 con->http_status = 423;
1655 return HANDLER_FINISHED;
1656 }
1657
1658 /* stat and unlink afterwards */
1659 if (-1 == stat(con->physical.path->ptr, &st)) {
1660 /* don't about it yet, unlink will fail too */
1661 switch(errno) {
1662 case ENOENT:
1663 con->http_status = 404;
1664 break;
1665 default:
1666 con->http_status = 403;
1667 break;
1668 }
1669 } else if (S_ISDIR(st.st_mode)) {
1670 buffer *multi_status_resp;
1671
1672 if (con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
1673 http_response_redirect_to_directory(srv, con);
1674 return HANDLER_FINISHED;
1675 }
1676
1677 multi_status_resp = buffer_init();
1678
1679 if (webdav_delete_dir(srv, con, hctx, &(con->physical), multi_status_resp)) {
1680 /* we got an error somewhere in between, build a 207 */
1681 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1682
1683 b = buffer_init();
1684
1685 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1686
1687 buffer_append_string_len(b,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\">\n"));
1688
1689 buffer_append_string_buffer(b, multi_status_resp);
1690
1691 buffer_append_string_len(b,CONST_STR_LEN("</D:multistatus>\n"));
1692
1693 if (p->conf.log_xml) {
1694 log_error_write(srv, __FILE__, __LINE__, "sb", "XML-response-body:", b);
1695 }
1696
1697 chunkqueue_append_buffer(con->write_queue, b);
1698 buffer_free(b);
1699
1700 con->http_status = 207;
1701 con->file_finished = 1;
1702 } else {
1703 /* everything went fine, remove the directory */
1704
1705 if (-1 == rmdir(con->physical.path->ptr)) {
1706 switch(errno) {
1707 case EPERM:
1708 con->http_status = 403;
1709 break;
1710 case ENOENT:
1711 con->http_status = 404;
1712 break;
1713 default:
1714 con->http_status = 501;
1715 break;
1716 }
1717 } else {
1718 con->http_status = 204;
1719 }
1720 }
1721
1722 buffer_free(multi_status_resp);
1723 } else if (-1 == unlink(con->physical.path->ptr)) {
1724 switch(errno) {
1725 case EPERM:
1726 con->http_status = 403;
1727 break;
1728 case ENOENT:
1729 con->http_status = 404;
1730 break;
1731 default:
1732 con->http_status = 501;
1733 break;
1734 }
1735 } else {
1736 con->http_status = 204;
1737 }
1738 return HANDLER_FINISHED;
1739 case HTTP_METHOD_PUT: {
1740 int fd;
1741 chunkqueue *cq = con->request_content_queue;
1742 chunk *c;
1743 data_string *ds_range;
1744
1745 if (p->conf.is_readonly) {
1746 con->http_status = 403;
1747 return HANDLER_FINISHED;
1748 }
1749
1750 /* is a exclusive lock set on the source */
1751 /* (check for lock once before potentially reading large input) */
1752 if (0 == cq->bytes_in && !webdav_has_lock(srv, con, hctx, con->uri.path)) {
1753 con->http_status = 423;
1754 return HANDLER_FINISHED;
1755 }
1756
1757 if (con->state == CON_STATE_READ_POST) {
1758 handler_t r = connection_handle_read_post_state(srv, con);
1759 if (r != HANDLER_GO_ON) return r;
1760 }
1761
1762 /* RFC2616 Section 9.6 PUT requires us to send 501 on all Content-* we don't support
1763 * - most important Content-Range
1764 *
1765 *
1766 * Example: Content-Range: bytes 100-1037/1038 */
1767
1768 if (NULL != (ds_range = (data_string *)array_get_element(con->request.headers, "Content-Range"))) {
1769 const char *num = ds_range->value->ptr;
1770 off_t offset;
1771 char *err = NULL;
1772
1773 if (0 != strncmp(num, "bytes ", 6)) {
1774 con->http_status = 501; /* not implemented */
1775
1776 return HANDLER_FINISHED;
1777 }
1778
1779 /* we only support <num>- ... */
1780
1781 num += 6;
1782
1783 /* skip WS */
1784 while (*num == ' ' || *num == '\t') num++;
1785
1786 if (*num == '\0') {
1787 con->http_status = 501; /* not implemented */
1788
1789 return HANDLER_FINISHED;
1790 }
1791
1792 offset = strtoll(num, &err, 10);
1793
1794 if (*err != '-' || offset < 0) {
1795 con->http_status = 501; /* not implemented */
1796
1797 return HANDLER_FINISHED;
1798 }
1799
1800 if (-1 == (fd = open(con->physical.path->ptr, O_WRONLY, WEBDAV_FILE_MODE))) {
1801 switch (errno) {
1802 case ENOENT:
1803 con->http_status = 404; /* not found */
1804 break;
1805 default:
1806 con->http_status = 403; /* not found */
1807 break;
1808 }
1809 return HANDLER_FINISHED;
1810 }
1811
1812 if (-1 == lseek(fd, offset, SEEK_SET)) {
1813 con->http_status = 501; /* not implemented */
1814
1815 close(fd);
1816
1817 return HANDLER_FINISHED;
1818 }
1819 con->http_status = 200; /* modified */
1820 } else {
1821 /* take what we have in the request-body and write it to a file */
1822
1823 /* if the file doesn't exist, create it */
1824 if (-1 == (fd = open(con->physical.path->ptr, O_WRONLY|O_TRUNC, WEBDAV_FILE_MODE))) {
1825 if (errno != ENOENT ||
1826 -1 == (fd = open(con->physical.path->ptr, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, WEBDAV_FILE_MODE))) {
1827 /* we can't open the file */
1828 con->http_status = 403;
1829
1830 return HANDLER_FINISHED;
1831 } else {
1832 con->http_status = 201; /* created */
1833 }
1834 } else {
1835 con->http_status = 200; /* modified */
1836 }
1837 }
1838
1839 con->file_finished = 1;
1840
1841 for (c = cq->first; c; c = cq->first) {
1842 int r = 0;
1843 int mapped;
1844 void *data;
1845 size_t dlen;
1846
1847 /* copy all chunks */
1848 switch(c->type) {
1849 case FILE_CHUNK:
1850
1851 mapped = (c->file.mmap.start != MAP_FAILED);
1852 dlen = c->file.length - c->offset;
1853 if (mapped) {
1854 data = c->file.mmap.start + c->offset;
1855 } else {
1856 if (-1 == c->file.fd && /* open the file if not already open */
1857 -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
1858 log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno));
1859 close(fd);
1860 return HANDLER_ERROR;
1861 }
1862
1863 if (MAP_FAILED != (c->file.mmap.start = mmap(NULL, c->file.length, PROT_READ, MAP_PRIVATE, c->file.fd, 0))) {
1864 /* chunk_reset() or chunk_free() will cleanup for us */
1865 c->file.mmap.length = c->file.length;
1866 data = c->file.mmap.start + c->offset;
1867 mapped = 1;
1868 } else {
1869 ssize_t rd;
1870 if (dlen > 65536) dlen = 65536;
1871 data = malloc(dlen);
1872 force_assert(data);
1873 if (-1 == lseek(c->file.fd, c->file.start + c->offset, SEEK_SET)
1874 || 0 > (rd = read(c->file.fd, data, dlen))) {
1875 log_error_write(srv, __FILE__, __LINE__, "ssbd", "lseek/read failed: ",
1876 strerror(errno), c->file.name, c->file.fd);
1877 free(data);
1878 close(fd);
1879 return HANDLER_ERROR;
1880 }
1881 dlen = (size_t)rd;
1882 }
1883
1884 }
1885
1886 if ((r = write(fd, data, dlen)) < 0) {
1887 switch(errno) {
1888 case ENOSPC:
1889 con->http_status = 507;
1890
1891 break;
1892 default:
1893 con->http_status = 403;
1894 break;
1895 }
1896 }
1897
1898 if (!mapped) free(data);
1899 break;
1900 case MEM_CHUNK:
1901 if ((r = write(fd, c->mem->ptr + c->offset, buffer_string_length(c->mem) - c->offset)) < 0) {
1902 switch(errno) {
1903 case ENOSPC:
1904 con->http_status = 507;
1905
1906 break;
1907 default:
1908 con->http_status = 403;
1909 break;
1910 }
1911 }
1912 break;
1913 }
1914
1915 if (r > 0) {
1916 chunkqueue_mark_written(cq, r);
1917 } else {
1918 break;
1919 }
1920 }
1921 if (0 != close(fd)) {
1922 log_error_write(srv, __FILE__, __LINE__, "sbss",
1923 "close ", con->physical.path, "failed: ", strerror(errno));
1924 return HANDLER_ERROR;
1925 }
1926
1927 return HANDLER_FINISHED;
1928 }
1929 case HTTP_METHOD_MOVE:
1930 case HTTP_METHOD_COPY: {
1931 buffer *destination = NULL;
1932 char *sep, *sep2, *start;
1933 int overwrite = 1;
1934
1935 if (p->conf.is_readonly) {
1936 con->http_status = 403;
1937 return HANDLER_FINISHED;
1938 }
1939
1940 /* is a exclusive lock set on the source */
1941 if (con->request.http_method == HTTP_METHOD_MOVE) {
1942 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
1943 con->http_status = 423;
1944 return HANDLER_FINISHED;
1945 }
1946 }
1947
1948 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Destination"))) {
1949 destination = ds->value;
1950 } else {
1951 con->http_status = 400;
1952 return HANDLER_FINISHED;
1953 }
1954
1955 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Overwrite"))) {
1956 if (buffer_string_length(ds->value) != 1 ||
1957 (ds->value->ptr[0] != 'F' &&
1958 ds->value->ptr[0] != 'T') ) {
1959 con->http_status = 400;
1960 return HANDLER_FINISHED;
1961 }
1962 overwrite = (ds->value->ptr[0] == 'F' ? 0 : 1);
1963 }
1964 /* let's parse the Destination
1965 *
1966 * http://127.0.0.1:1025/dav/litmus/copydest
1967 *
1968 * - host has to be the same as the Host: header we got
1969 * - we have to stay inside the document root
1970 * - the query string is thrown away
1971 * */
1972
1973 buffer_reset(p->uri.scheme);
1974 buffer_reset(p->uri.path_raw);
1975 buffer_reset(p->uri.authority);
1976
1977 start = destination->ptr;
1978
1979 if (NULL == (sep = strstr(start, "://"))) {
1980 con->http_status = 400;
1981 return HANDLER_FINISHED;
1982 }
1983 buffer_copy_string_len(p->uri.scheme, start, sep - start);
1984
1985 start = sep + 3;
1986
1987 if (NULL == (sep = strchr(start, '/'))) {
1988 con->http_status = 400;
1989 return HANDLER_FINISHED;
1990 }
1991 if (NULL != (sep2 = memchr(start, '@', sep - start))) {
1992 /* skip login information */
1993 start = sep2 + 1;
1994 }
1995 buffer_copy_string_len(p->uri.authority, start, sep - start);
1996
1997 start = sep + 1;
1998
1999 if (NULL == (sep = strchr(start, '?'))) {
2000 /* no query string, good */
2001 buffer_copy_string(p->uri.path_raw, start);
2002 } else {
2003 buffer_copy_string_len(p->uri.path_raw, start, sep - start);
2004 }
2005
2006 if (!buffer_is_equal(p->uri.authority, con->uri.authority)) {
2007 /* not the same host */
2008 con->http_status = 502;
2009 return HANDLER_FINISHED;
2010 }
2011
2012 buffer_copy_buffer(p->tmp_buf, p->uri.path_raw);
2013 buffer_urldecode_path(p->tmp_buf);
2014 buffer_path_simplify(p->uri.path, p->tmp_buf);
2015
2016 /* we now have a URI which is clean. transform it into a physical path */
2017 buffer_copy_buffer(p->physical.doc_root, con->physical.doc_root);
2018 buffer_copy_buffer(p->physical.rel_path, p->uri.path);
2019
2020 if (con->conf.force_lowercase_filenames) {
2021 buffer_to_lower(p->physical.rel_path);
2022 }
2023
2024 /* Destination physical path
2025 * src con->physical.path might have been remapped with mod_alias.
2026 * (but mod_alias does not modify con->physical.rel_path)
2027 * Find matching prefix to support use of mod_alias to remap webdav root.
2028 * Aliasing of paths underneath the webdav root might not work.
2029 * Likewise, mod_rewrite URL rewriting might thwart this comparison.
2030 * Use mod_redirect instead of mod_alias to remap paths *under* webdav root.
2031 * Use mod_redirect instead of mod_rewrite on *any* parts of path to webdav.
2032 * (Related, use mod_auth to protect webdav root, but avoid attempting to
2033 * use mod_auth on paths underneath webdav root, as Destination is not
2034 * validated with mod_auth)
2035 *
2036 * tl;dr: webdav paths and webdav properties are managed by mod_webdav,
2037 * so do not modify paths externally or else undefined behavior
2038 * or corruption may occur
2039 */
2040 {
2041 /* find matching URI prefix
2042 * check if remaining con->physical.rel_path matches suffix
2043 * of con->physical.basedir so that we can use it to
2044 * remap Destination physical path */
2045 size_t i, remain;
2046 sep = con->uri.path->ptr;
2047 sep2 = p->uri.path->ptr;
2048 for (i = 0; sep[i] && sep[i] == sep2[i]; ++i) ;
2049 if (sep[i] == '\0' && (sep2[i] == '\0' || sep2[i] == '/' || (i > 0 && sep[i-1] == '/'))) {
2050 /* src and dst URI match or dst is nested inside src; invalid COPY or MOVE */
2051 con->http_status = 403;
2052 return HANDLER_FINISHED;
2053 }
2054 while (i != 0 && sep[--i] != '/') ; /* find matching directory path */
2055 remain = buffer_string_length(con->uri.path) - i;
2056 if (!con->conf.force_lowercase_filenames
2057 ? buffer_is_equal_right_len(con->physical.path, con->physical.rel_path, remain)
2058 :(buffer_string_length(con->physical.path) >= remain
2059 && 0 == strncasecmp(con->physical.path->ptr+buffer_string_length(con->physical.path)-remain, con->physical.rel_path->ptr+i, remain))) {
2060 /* (at this point, p->physical.rel_path is identical to (or lowercased version of) p->uri.path) */
2061 buffer_copy_string_len(p->physical.path, con->physical.path->ptr, buffer_string_length(con->physical.path)-remain);
2062 buffer_append_string_len(p->physical.path, p->physical.rel_path->ptr+i, buffer_string_length(p->physical.rel_path)-i);
2063
2064 buffer_copy_buffer(p->physical.basedir, con->physical.basedir);
2065 buffer_append_slash(p->physical.basedir);
2066 } else {
2067 /* unable to perform physical path remap here;
2068 * assume doc_root/rel_path and no remapping */
2069 buffer_copy_buffer(p->physical.path, p->physical.doc_root);
2070 buffer_append_slash(p->physical.path);
2071 buffer_copy_buffer(p->physical.basedir, p->physical.path);
2072
2073 /* don't add a second / */
2074 if (p->physical.rel_path->ptr[0] == '/') {
2075 buffer_append_string_len(p->physical.path, p->physical.rel_path->ptr + 1, buffer_string_length(p->physical.rel_path) - 1);
2076 } else {
2077 buffer_append_string_buffer(p->physical.path, p->physical.rel_path);
2078 }
2079 }
2080 }
2081
2082 /* let's see if the source is a directory
2083 * if yes, we fail with 501 */
2084
2085 if (-1 == stat(con->physical.path->ptr, &st)) {
2086 /* don't about it yet, unlink will fail too */
2087 switch(errno) {
2088 case ENOENT:
2089 con->http_status = 404;
2090 break;
2091 default:
2092 con->http_status = 403;
2093 break;
2094 }
2095 } else if (S_ISDIR(st.st_mode)) {
2096 int r;
2097 int created = 0;
2098 /* src is a directory */
2099
2100 if (con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
2101 http_response_redirect_to_directory(srv, con);
2102 return HANDLER_FINISHED;
2103 }
2104
2105 if (-1 == stat(p->physical.path->ptr, &st)) {
2106 if (-1 == mkdir(p->physical.path->ptr, WEBDAV_DIR_MODE)) {
2107 con->http_status = 403;
2108 return HANDLER_FINISHED;
2109 }
2110 created = 1;
2111 } else if (!S_ISDIR(st.st_mode)) {
2112 if (overwrite == 0) {
2113 /* copying into a non-dir ? */
2114 con->http_status = 409;
2115 return HANDLER_FINISHED;
2116 } else {
2117 unlink(p->physical.path->ptr);
2118 if (-1 == mkdir(p->physical.path->ptr, WEBDAV_DIR_MODE)) {
2119 con->http_status = 403;
2120 return HANDLER_FINISHED;
2121 }
2122 created = 1;
2123 }
2124 }
2125
2126 /* copy the content of src to dest */
2127 if (0 != (r = webdav_copy_dir(srv, con, hctx, &(con->physical), &(p->physical), overwrite))) {
2128 con->http_status = r;
2129 return HANDLER_FINISHED;
2130 }
2131 if (con->request.http_method == HTTP_METHOD_MOVE) {
2132 b = buffer_init();
2133 webdav_delete_dir(srv, con, hctx, &(con->physical), b); /* content */
2134 buffer_free(b);
2135
2136 rmdir(con->physical.path->ptr);
2137 }
2138 con->http_status = created ? 201 : 204;
2139 con->file_finished = 1;
2140 } else {
2141 /* it is just a file, good */
2142 int r;
2143 int destdir = 0;
2144
2145 /* does the client have a lock for this connection ? */
2146 if (!webdav_has_lock(srv, con, hctx, p->uri.path)) {
2147 con->http_status = 423;
2148 return HANDLER_FINISHED;
2149 }
2150
2151 /* destination exists */
2152 if (0 == (r = stat(p->physical.path->ptr, &st))) {
2153 if (S_ISDIR(st.st_mode)) {
2154 /* file to dir/
2155 * append basename to physical path */
2156 destdir = 1;
2157
2158 if (NULL != (sep = strrchr(con->physical.path->ptr, '/'))) {
2159 buffer_append_string(p->physical.path, sep);
2160 r = stat(p->physical.path->ptr, &st);
2161 }
2162 }
2163 }
2164
2165 if (-1 == r) {
2166 con->http_status = destdir ? 204 : 201; /* we will create a new one */
2167 con->file_finished = 1;
2168
2169 switch(errno) {
2170 case ENOTDIR:
2171 con->http_status = 409;
2172 return HANDLER_FINISHED;
2173 }
2174 } else if (overwrite == 0) {
2175 /* destination exists, but overwrite is not set */
2176 con->http_status = 412;
2177 return HANDLER_FINISHED;
2178 } else {
2179 con->http_status = 204; /* resource already existed */
2180 }
2181
2182 if (con->request.http_method == HTTP_METHOD_MOVE) {
2183 /* try a rename */
2184
2185 if (0 == rename(con->physical.path->ptr, p->physical.path->ptr)) {
2186 #ifdef USE_PROPPATCH
2187 sqlite3_stmt *stmt;
2188
2189 stmt = p->conf.stmt_move_uri;
2190 if (stmt) {
2191
2192 sqlite3_reset(stmt);
2193
2194 /* bind the values to the insert */
2195 sqlite3_bind_text(stmt, 1,
2196 CONST_BUF_LEN(p->uri.path),
2197 SQLITE_TRANSIENT);
2198
2199 sqlite3_bind_text(stmt, 2,
2200 CONST_BUF_LEN(con->uri.path),
2201 SQLITE_TRANSIENT);
2202
2203 if (SQLITE_DONE != sqlite3_step(stmt)) {
2204 log_error_write(srv, __FILE__, __LINE__, "ss", "sql-move failed:", sqlite3_errmsg(p->conf.sql));
2205 }
2206 }
2207 #endif
2208 return HANDLER_FINISHED;
2209 }
2210
2211 /* rename failed, fall back to COPY + DELETE */
2212 }
2213
2214 if (0 != (r = webdav_copy_file(srv, con, hctx, &(con->physical), &(p->physical), overwrite))) {
2215 con->http_status = r;
2216
2217 return HANDLER_FINISHED;
2218 }
2219
2220 if (con->request.http_method == HTTP_METHOD_MOVE) {
2221 b = buffer_init();
2222 webdav_delete_file(srv, con, hctx, &(con->physical), b);
2223 buffer_free(b);
2224 }
2225 }
2226
2227 return HANDLER_FINISHED;
2228 }
2229 case HTTP_METHOD_PROPPATCH:
2230 if (p->conf.is_readonly) {
2231 con->http_status = 403;
2232 return HANDLER_FINISHED;
2233 }
2234
2235 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
2236 con->http_status = 423;
2237 return HANDLER_FINISHED;
2238 }
2239
2240 /* check if destination exists */
2241 if (-1 == stat(con->physical.path->ptr, &st)) {
2242 switch(errno) {
2243 case ENOENT:
2244 con->http_status = 404;
2245 break;
2246 }
2247 }
2248
2249 if (S_ISDIR(st.st_mode) && con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
2250 http_response_redirect_to_directory(srv, con);
2251 return HANDLER_FINISHED;
2252 }
2253
2254 #ifdef USE_PROPPATCH
2255 if (con->request.content_length) {
2256 xmlDocPtr xml;
2257
2258 if (con->state == CON_STATE_READ_POST) {
2259 handler_t r = connection_handle_read_post_state(srv, con);
2260 if (r != HANDLER_GO_ON) return r;
2261 }
2262
2263 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
2264 xmlNode *rootnode = xmlDocGetRootElement(xml);
2265
2266 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "propertyupdate")) {
2267 xmlNode *cmd;
2268 char *err = NULL;
2269 int empty_ns = 0; /* send 400 on a empty namespace attribute */
2270
2271 /* start response */
2272
2273 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "BEGIN TRANSACTION", NULL, NULL, &err)) {
2274 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
2275 sqlite3_free(err);
2276
2277 goto propmatch_cleanup;
2278 }
2279
2280 /* a UPDATE request, we know 'set' and 'remove' */
2281 for (cmd = rootnode->children; cmd; cmd = cmd->next) {
2282 xmlNode *props;
2283 /* either set or remove */
2284
2285 if ((0 == xmlStrcmp(cmd->name, BAD_CAST "set")) ||
2286 (0 == xmlStrcmp(cmd->name, BAD_CAST "remove"))) {
2287
2288 sqlite3_stmt *stmt;
2289
2290 stmt = (0 == xmlStrcmp(cmd->name, BAD_CAST "remove")) ?
2291 p->conf.stmt_delete_prop : p->conf.stmt_update_prop;
2292
2293 for (props = cmd->children; props; props = props->next) {
2294 if (0 == xmlStrcmp(props->name, BAD_CAST "prop")) {
2295 xmlNode *prop;
2296 char *propval = NULL;
2297 int r;
2298
2299 prop = props->children;
2300
2301 if (prop->ns &&
2302 (0 == xmlStrcmp(prop->ns->href, BAD_CAST "")) &&
2303 (0 != xmlStrcmp(prop->ns->prefix, BAD_CAST ""))) {
2304 log_error_write(srv, __FILE__, __LINE__, "ss",
2305 "no name space for:",
2306 prop->name);
2307
2308 empty_ns = 1;
2309 break;
2310 }
2311
2312 sqlite3_reset(stmt);
2313
2314 /* bind the values to the insert */
2315
2316 sqlite3_bind_text(stmt, 1,
2317 CONST_BUF_LEN(con->uri.path),
2318 SQLITE_TRANSIENT);
2319 sqlite3_bind_text(stmt, 2,
2320 (char *)prop->name,
2321 strlen((char *)prop->name),
2322 SQLITE_TRANSIENT);
2323 if (prop->ns) {
2324 sqlite3_bind_text(stmt, 3,
2325 (char *)prop->ns->href,
2326 strlen((char *)prop->ns->href),
2327 SQLITE_TRANSIENT);
2328 } else {
2329 sqlite3_bind_text(stmt, 3,
2330 "",
2331 0,
2332 SQLITE_TRANSIENT);
2333 }
2334 if (stmt == p->conf.stmt_update_prop) {
2335 propval = prop->children
2336 ? (char *)xmlNodeListGetString(xml, prop->children, 0)
2337 : NULL;
2338
2339 sqlite3_bind_text(stmt, 4,
2340 propval ? propval : "",
2341 propval ? strlen(propval) : 0,
2342 SQLITE_TRANSIENT);
2343 }
2344
2345 if (SQLITE_DONE != (r = sqlite3_step(stmt))) {
2346 log_error_write(srv, __FILE__, __LINE__, "ss",
2347 "sql-set failed:", sqlite3_errmsg(p->conf.sql));
2348 }
2349
2350 if (propval) xmlFree(propval);
2351 }
2352 }
2353 if (empty_ns) break;
2354 }
2355 }
2356
2357 if (empty_ns) {
2358 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "ROLLBACK", NULL, NULL, &err)) {
2359 log_error_write(srv, __FILE__, __LINE__, "ss", "can't rollback transaction:", err);
2360 sqlite3_free(err);
2361
2362 goto propmatch_cleanup;
2363 }
2364
2365 con->http_status = 400;
2366 } else {
2367 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "COMMIT", NULL, NULL, &err)) {
2368 log_error_write(srv, __FILE__, __LINE__, "ss", "can't commit transaction:", err);
2369 sqlite3_free(err);
2370
2371 goto propmatch_cleanup;
2372 }
2373 con->http_status = 200;
2374 }
2375 con->file_finished = 1;
2376
2377 xmlFreeDoc(xml);
2378 return HANDLER_FINISHED;
2379 }
2380
2381 propmatch_cleanup:
2382
2383 xmlFreeDoc(xml);
2384 } else {
2385 con->http_status = 400;
2386 return HANDLER_FINISHED;
2387 }
2388 }
2389 #endif
2390 con->http_status = 501;
2391 return HANDLER_FINISHED;
2392 case HTTP_METHOD_LOCK:
2393 /**
2394 * a mac wants to write
2395 *
2396 * LOCK /dav/expire.txt HTTP/1.1\r\n
2397 * User-Agent: WebDAVFS/1.3 (01308000) Darwin/8.1.0 (Power Macintosh)\r\n
2398 * Accept: * / *\r\n
2399 * Depth: 0\r\n
2400 * Timeout: Second-600\r\n
2401 * Content-Type: text/xml; charset=\"utf-8\"\r\n
2402 * Content-Length: 229\r\n
2403 * Connection: keep-alive\r\n
2404 * Host: 192.168.178.23:1025\r\n
2405 * \r\n
2406 * <?xml version=\"1.0\" encoding=\"utf-8\"?>\n
2407 * <D:lockinfo xmlns:D=\"DAV:\">\n
2408 * <D:lockscope><D:exclusive/></D:lockscope>\n
2409 * <D:locktype><D:write/></D:locktype>\n
2410 * <D:owner>\n
2411 * <D:href>http://www.apple.com/webdav_fs/</D:href>\n
2412 * </D:owner>\n
2413 * </D:lockinfo>\n
2414 */
2415
2416 if (depth != 0 && depth != -1) {
2417 con->http_status = 400;
2418
2419 return HANDLER_FINISHED;
2420 }
2421
2422 #ifdef USE_LOCKS
2423 if (con->request.content_length) {
2424 xmlDocPtr xml;
2425 buffer *hdr_if = NULL;
2426 int created = 0;
2427
2428 if (con->state == CON_STATE_READ_POST) {
2429 handler_t r = connection_handle_read_post_state(srv, con);
2430 if (r != HANDLER_GO_ON) return r;
2431 }
2432
2433 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
2434 hdr_if = ds->value;
2435 }
2436
2437 if (0 != stat(con->physical.path->ptr, &st)) {
2438 if (errno == ENOENT) {
2439 int fd = open(con->physical.path->ptr, O_WRONLY|O_CREAT|O_APPEND|O_BINARY|FIFO_NONBLOCK, WEBDAV_FILE_MODE);
2440 if (fd >= 0) {
2441 close(fd);
2442 created = 1;
2443 } else {
2444 log_error_write(srv, __FILE__, __LINE__, "sBss",
2445 "create file", con->physical.path, ":", strerror(errno));
2446 con->http_status = 403; /* Forbidden */
2447
2448 return HANDLER_FINISHED;
2449 }
2450 }
2451 } else if (hdr_if == NULL && depth == -1) {
2452 /* we don't support Depth: Infinity on directories */
2453 if (S_ISDIR(st.st_mode)) {
2454 con->http_status = 409; /* Conflict */
2455
2456 return HANDLER_FINISHED;
2457 }
2458 }
2459
2460 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
2461 xmlNode *rootnode = xmlDocGetRootElement(xml);
2462
2463 force_assert(rootnode);
2464
2465 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "lockinfo")) {
2466 xmlNode *lockinfo;
2467 const xmlChar *lockscope = NULL, *locktype = NULL; /* TODO: compiler says unused: *owner = NULL; */
2468
2469 for (lockinfo = rootnode->children; lockinfo; lockinfo = lockinfo->next) {
2470 if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "lockscope")) {
2471 xmlNode *value;
2472 for (value = lockinfo->children; value; value = value->next) {
2473 if ((0 == xmlStrcmp(value->name, BAD_CAST "exclusive")) ||
2474 (0 == xmlStrcmp(value->name, BAD_CAST "shared"))) {
2475 lockscope = value->name;
2476 } else {
2477 con->http_status = 400;
2478
2479 xmlFreeDoc(xml);
2480 return HANDLER_FINISHED;
2481 }
2482 }
2483 } else if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "locktype")) {
2484 xmlNode *value;
2485 for (value = lockinfo->children; value; value = value->next) {
2486 if ((0 == xmlStrcmp(value->name, BAD_CAST "write"))) {
2487 locktype = value->name;
2488 } else {
2489 con->http_status = 400;
2490
2491 xmlFreeDoc(xml);
2492 return HANDLER_FINISHED;
2493 }
2494 }
2495
2496 } else if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "owner")) {
2497 }
2498 }
2499
2500 if (lockscope && locktype) {
2501 sqlite3_stmt *stmt = p->conf.stmt_read_lock_by_uri;
2502
2503 /* is this resourse already locked ? */
2504
2505 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
2506 * FROM locks
2507 * WHERE resource = ? */
2508
2509 if (stmt) {
2510
2511 sqlite3_reset(stmt);
2512
2513 sqlite3_bind_text(stmt, 1,
2514 CONST_BUF_LEN(p->uri.path),
2515 SQLITE_TRANSIENT);
2516
2517 /* it is the PK */
2518 while (SQLITE_ROW == sqlite3_step(stmt)) {
2519 /* we found a lock
2520 * 1. is it compatible ?
2521 * 2. is it ours */
2522 char *sql_lockscope = (char *)sqlite3_column_text(stmt, 2);
2523
2524 if (strcmp(sql_lockscope, "exclusive")) {
2525 con->http_status = 423;
2526 } else if (0 == xmlStrcmp(lockscope, BAD_CAST "exclusive")) {
2527 /* resourse is locked with a shared lock
2528 * client wants exclusive */
2529 con->http_status = 423;
2530 }
2531 }
2532 if (con->http_status == 423) {
2533 xmlFreeDoc(xml);
2534 return HANDLER_FINISHED;
2535 }
2536 }
2537
2538 stmt = p->conf.stmt_create_lock;
2539 if (stmt) {
2540 /* create a lock-token */
2541 uuid_t id;
2542 char uuid[37] /* 36 + \0 */;
2543
2544 uuid_generate(id);
2545 uuid_unparse(id, uuid);
2546
2547 buffer_copy_string_len(p->tmp_buf, CONST_STR_LEN("opaquelocktoken:"));
2548 buffer_append_string(p->tmp_buf, uuid);
2549
2550 /* "CREATE TABLE locks ("
2551 * " locktoken TEXT NOT NULL,"
2552 * " resource TEXT NOT NULL,"
2553 * " lockscope TEXT NOT NULL,"
2554 * " locktype TEXT NOT NULL,"
2555 * " owner TEXT NOT NULL,"
2556 * " depth INT NOT NULL,"
2557 */
2558
2559 sqlite3_reset(stmt);
2560
2561 sqlite3_bind_text(stmt, 1,
2562 CONST_BUF_LEN(p->tmp_buf),
2563 SQLITE_TRANSIENT);
2564
2565 sqlite3_bind_text(stmt, 2,
2566 CONST_BUF_LEN(con->uri.path),
2567 SQLITE_TRANSIENT);
2568
2569 sqlite3_bind_text(stmt, 3,
2570 (const char *)lockscope,
2571 xmlStrlen(lockscope),
2572 SQLITE_TRANSIENT);
2573
2574 sqlite3_bind_text(stmt, 4,
2575 (const char *)locktype,
2576 xmlStrlen(locktype),
2577 SQLITE_TRANSIENT);
2578
2579 /* owner */
2580 sqlite3_bind_text(stmt, 5,
2581 "",
2582 0,
2583 SQLITE_TRANSIENT);
2584
2585 /* depth */
2586 sqlite3_bind_int(stmt, 6,
2587 depth);
2588
2589
2590 if (SQLITE_DONE != sqlite3_step(stmt)) {
2591 log_error_write(srv, __FILE__, __LINE__, "ss",
2592 "create lock:", sqlite3_errmsg(p->conf.sql));
2593 }
2594
2595 /* looks like we survived */
2596 webdav_lockdiscovery(srv, con, p->tmp_buf, (const char *)lockscope, (const char *)locktype, depth);
2597
2598 con->http_status = created ? 201 : 200;
2599 con->file_finished = 1;
2600 }
2601 }
2602 }
2603
2604 xmlFreeDoc(xml);
2605 return HANDLER_FINISHED;
2606 } else {
2607 con->http_status = 400;
2608 return HANDLER_FINISHED;
2609 }
2610 } else {
2611
2612 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
2613 buffer *locktoken = ds->value;
2614 sqlite3_stmt *stmt = p->conf.stmt_refresh_lock;
2615
2616 /* remove the < > around the token */
2617 if (buffer_string_length(locktoken) < 5) {
2618 con->http_status = 400;
2619
2620 return HANDLER_FINISHED;
2621 }
2622
2623 buffer_copy_string_len(p->tmp_buf, locktoken->ptr + 2, buffer_string_length(locktoken) - 4);
2624
2625 sqlite3_reset(stmt);
2626
2627 sqlite3_bind_text(stmt, 1,
2628 CONST_BUF_LEN(p->tmp_buf),
2629 SQLITE_TRANSIENT);
2630
2631 if (SQLITE_DONE != sqlite3_step(stmt)) {
2632 log_error_write(srv, __FILE__, __LINE__, "ss",
2633 "refresh lock:", sqlite3_errmsg(p->conf.sql));
2634 }
2635
2636 webdav_lockdiscovery(srv, con, p->tmp_buf, "exclusive", "write", 0);
2637
2638 con->http_status = 200;
2639 con->file_finished = 1;
2640 return HANDLER_FINISHED;
2641 } else {
2642 /* we need a lock-token to refresh */
2643 con->http_status = 400;
2644
2645 return HANDLER_FINISHED;
2646 }
2647 }
2648 break;
2649 #else
2650 con->http_status = 501;
2651 return HANDLER_FINISHED;
2652 #endif
2653 case HTTP_METHOD_UNLOCK:
2654 #ifdef USE_LOCKS
2655 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Lock-Token"))) {
2656 buffer *locktoken = ds->value;
2657 sqlite3_stmt *stmt = p->conf.stmt_remove_lock;
2658
2659 /* remove the < > around the token */
2660 if (buffer_string_length(locktoken) < 3) {
2661 con->http_status = 400;
2662
2663 return HANDLER_FINISHED;
2664 }
2665
2666 /**
2667 * FIXME:
2668 *
2669 * if the resourse is locked:
2670 * - by us: unlock
2671 * - by someone else: 401
2672 * if the resource is not locked:
2673 * - 412
2674 * */
2675
2676 buffer_copy_string_len(p->tmp_buf, locktoken->ptr + 1, buffer_string_length(locktoken) - 2);
2677
2678 sqlite3_reset(stmt);
2679
2680 sqlite3_bind_text(stmt, 1,
2681 CONST_BUF_LEN(p->tmp_buf),
2682 SQLITE_TRANSIENT);
2683
2684 if (SQLITE_DONE != sqlite3_step(stmt)) {
2685 log_error_write(srv, __FILE__, __LINE__, "ss",
2686 "remove lock:", sqlite3_errmsg(p->conf.sql));
2687 }
2688
2689 if (0 == sqlite3_changes(p->conf.sql)) {
2690 con->http_status = 401;
2691 } else {
2692 con->http_status = 204;
2693 }
2694 return HANDLER_FINISHED;
2695 } else {
2696 /* we need a lock-token to unlock */
2697 con->http_status = 400;
2698
2699 return HANDLER_FINISHED;
2700 }
2701 break;
2702 #else
2703 con->http_status = 501;
2704 return HANDLER_FINISHED;
2705 #endif
2706 default:
2707 break;
2708 }
2709
2710 /* not found */
2711 return HANDLER_GO_ON;
2712 }
2713
2714
2715 SUBREQUEST_FUNC(mod_webdav_subrequest_handler) {
2716 handler_t r;
2717 plugin_data *p = p_d;
2718 if (con->mode != p->id) return HANDLER_GO_ON;
2719
2720 r = mod_webdav_subrequest_handler_huge(srv, con, p_d);
2721 if (con->http_status >= 400) con->mode = DIRECT;
2722 return r;
2723 }
2724
2725
2726 PHYSICALPATH_FUNC(mod_webdav_physical_handler) {
2727 plugin_data *p = p_d;
2728 if (!p->conf.enabled) return HANDLER_GO_ON;
2729
2730 /* physical path is setup */
2731 if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
2732
2733 UNUSED(srv);
2734
2735 switch (con->request.http_method) {
2736 case HTTP_METHOD_PROPFIND:
2737 case HTTP_METHOD_PROPPATCH:
2738 case HTTP_METHOD_PUT:
2739 case HTTP_METHOD_COPY:
2740 case HTTP_METHOD_MOVE:
2741 case HTTP_METHOD_MKCOL:
2742 case HTTP_METHOD_DELETE:
2743 case HTTP_METHOD_LOCK:
2744 case HTTP_METHOD_UNLOCK: {
2745 handler_ctx *hctx = calloc(1, sizeof(*hctx));
2746 memcpy(&hctx->conf, &p->conf, sizeof(plugin_config));
2747 con->plugin_ctx[p->id] = hctx;
2748 con->conf.stream_request_body = 0;
2749 con->mode = p->id;
2750 break;
2751 }
2752 default:
2753 break;
2754 }
2755
2756 return HANDLER_GO_ON;
2757 }
2758
2759 static handler_t mod_webdav_connection_reset(server *srv, connection *con, void *p_d) {
2760 plugin_data *p = p_d;
2761 handler_ctx *hctx = con->plugin_ctx[p->id];
2762 if (hctx) free(hctx);
2763
2764 UNUSED(srv);
2765 return HANDLER_GO_ON;
2766 }
2767
2768
2769 /* this function is called at dlopen() time and inits the callbacks */
2770
2771 int mod_webdav_plugin_init(plugin *p);
2772 int mod_webdav_plugin_init(plugin *p) {
2773 p->version = LIGHTTPD_VERSION_ID;
2774 p->name = buffer_init_string("webdav");
2775
2776 p->init = mod_webdav_init;
2777 p->handle_uri_clean = mod_webdav_uri_handler;
2778 p->handle_physical = mod_webdav_physical_handler;
2779 p->handle_subrequest = mod_webdav_subrequest_handler;
2780 p->connection_reset = mod_webdav_connection_reset;
2781 p->set_defaults = mod_webdav_set_defaults;
2782 p->cleanup = mod_webdav_free;
2783
2784 p->data = NULL;
2785
2786 return 0;
2787 }
A fast webserver with minimal memory-footprint (lighttpd)