search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[core] consolidate duplicated read-to-close code
[lighttpd.git] / src / mod_webdav.c
blobf48224a3a1d80658ec6b79954773680d6a72fb63
1 #include "first.h"
2
3 #include "base.h"
4 #include "log.h"
5 #include "buffer.h"
6 #include "response.h"
7 #include "connections.h"
8
9 #include "plugin.h"
10
11 #include "stat_cache.h"
12
13 #include "sys-mmap.h"
14
15 #include <sys/types.h>
16 #include <sys/stat.h>
17 #include <ctype.h>
18 #include <stdlib.h>
19 #include <string.h>
20 #include <errno.h>
21 #include <fcntl.h>
22 #include <stdio.h>
23 #include <assert.h>
24
25 #include <unistd.h>
26 #include <dirent.h>
27
28 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H)
29 #define USE_PROPPATCH
30 #include <libxml/tree.h>
31 #include <libxml/parser.h>
32
33 #include <sqlite3.h>
34 #endif
35
36 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H) && defined(HAVE_UUID_UUID_H)
37 #define USE_LOCKS
38 #include <uuid/uuid.h>
39 #endif
40
41 /**
42 * this is a webdav for a lighttpd plugin
43 *
44 * at least a very basic one.
45 * - for now it is read-only and we only support PROPFIND
46 *
47 */
48
49 #define WEBDAV_FILE_MODE S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH
50 #define WEBDAV_DIR_MODE S_IRWXU | S_IRWXG | S_IRWXO
51
52 /* plugin config for all request/connections */
53
54 typedef struct {
55 unsigned short enabled;
56 unsigned short is_readonly;
57 unsigned short log_xml;
58
59 buffer *sqlite_db_name;
60 #ifdef USE_PROPPATCH
61 sqlite3 *sql;
62 sqlite3_stmt *stmt_update_prop;
63 sqlite3_stmt *stmt_delete_prop;
64 sqlite3_stmt *stmt_select_prop;
65 sqlite3_stmt *stmt_select_propnames;
66
67 sqlite3_stmt *stmt_delete_uri;
68 sqlite3_stmt *stmt_move_uri;
69 sqlite3_stmt *stmt_copy_uri;
70
71 sqlite3_stmt *stmt_remove_lock;
72 sqlite3_stmt *stmt_create_lock;
73 sqlite3_stmt *stmt_read_lock;
74 sqlite3_stmt *stmt_read_lock_by_uri;
75 sqlite3_stmt *stmt_refresh_lock;
76 #endif
77 } plugin_config;
78
79 typedef struct {
80 PLUGIN_DATA;
81
82 buffer *tmp_buf;
83 request_uri uri;
84 physical physical;
85
86 plugin_config **config_storage;
87
88 plugin_config conf;
89 } plugin_data;
90
91 typedef struct {
92 plugin_config conf;
93 } handler_ctx;
94
95 /* init the plugin data */
96 INIT_FUNC(mod_webdav_init) {
97 plugin_data *p;
98
99 p = calloc(1, sizeof(*p));
100
101 p->tmp_buf = buffer_init();
102
103 p->uri.scheme = buffer_init();
104 p->uri.path_raw = buffer_init();
105 p->uri.path = buffer_init();
106 p->uri.authority = buffer_init();
107
108 p->physical.path = buffer_init();
109 p->physical.rel_path = buffer_init();
110 p->physical.doc_root = buffer_init();
111 p->physical.basedir = buffer_init();
112
113 return p;
114 }
115
116 /* detroy the plugin data */
117 FREE_FUNC(mod_webdav_free) {
118 plugin_data *p = p_d;
119
120 UNUSED(srv);
121
122 if (!p) return HANDLER_GO_ON;
123
124 if (p->config_storage) {
125 size_t i;
126 for (i = 0; i < srv->config_context->used; i++) {
127 plugin_config *s = p->config_storage[i];
128
129 if (NULL == s) continue;
130
131 buffer_free(s->sqlite_db_name);
132 #ifdef USE_PROPPATCH
133 if (s->sql) {
134 sqlite3_finalize(s->stmt_delete_prop);
135 sqlite3_finalize(s->stmt_delete_uri);
136 sqlite3_finalize(s->stmt_copy_uri);
137 sqlite3_finalize(s->stmt_move_uri);
138 sqlite3_finalize(s->stmt_update_prop);
139 sqlite3_finalize(s->stmt_select_prop);
140 sqlite3_finalize(s->stmt_select_propnames);
141
142 sqlite3_finalize(s->stmt_read_lock);
143 sqlite3_finalize(s->stmt_read_lock_by_uri);
144 sqlite3_finalize(s->stmt_create_lock);
145 sqlite3_finalize(s->stmt_remove_lock);
146 sqlite3_finalize(s->stmt_refresh_lock);
147 sqlite3_close(s->sql);
148 }
149 #endif
150 free(s);
151 }
152 free(p->config_storage);
153 }
154
155 buffer_free(p->uri.scheme);
156 buffer_free(p->uri.path_raw);
157 buffer_free(p->uri.path);
158 buffer_free(p->uri.authority);
159
160 buffer_free(p->physical.path);
161 buffer_free(p->physical.rel_path);
162 buffer_free(p->physical.doc_root);
163 buffer_free(p->physical.basedir);
164
165 buffer_free(p->tmp_buf);
166
167 free(p);
168
169 return HANDLER_GO_ON;
170 }
171
172 /* handle plugin config and check values */
173
174 SETDEFAULTS_FUNC(mod_webdav_set_defaults) {
175 plugin_data *p = p_d;
176 size_t i = 0;
177
178 config_values_t cv[] = {
179 { "webdav.activate", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
180 { "webdav.is-readonly", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
181 { "webdav.sqlite-db-name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
182 { "webdav.log-xml", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
183 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
184 };
185
186 if (!p) return HANDLER_ERROR;
187
188 p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
189
190 for (i = 0; i < srv->config_context->used; i++) {
191 data_config const* config = (data_config const*)srv->config_context->data[i];
192 plugin_config *s;
193
194 s = calloc(1, sizeof(plugin_config));
195 s->sqlite_db_name = buffer_init();
196
197 cv[0].destination = &(s->enabled);
198 cv[1].destination = &(s->is_readonly);
199 cv[2].destination = s->sqlite_db_name;
200 cv[3].destination = &(s->log_xml);
201
202 p->config_storage[i] = s;
203
204 if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) {
205 return HANDLER_ERROR;
206 }
207
208 if (!buffer_string_is_empty(s->sqlite_db_name)) {
209 #ifdef USE_PROPPATCH
210 const char *next_stmt;
211 char *err;
212
213 if (SQLITE_OK != sqlite3_open(s->sqlite_db_name->ptr, &(s->sql))) {
214 log_error_write(srv, __FILE__, __LINE__, "sbs", "sqlite3_open failed for",
215 s->sqlite_db_name,
216 sqlite3_errmsg(s->sql));
217 return HANDLER_ERROR;
218 }
219
220 if (SQLITE_OK != sqlite3_exec(s->sql,
221 "CREATE TABLE IF NOT EXISTS properties ("
222 " resource TEXT NOT NULL,"
223 " prop TEXT NOT NULL,"
224 " ns TEXT NOT NULL,"
225 " value TEXT NOT NULL,"
226 " PRIMARY KEY(resource, prop, ns))",
227 NULL, NULL, &err)) {
228
229 if (0 != strcmp(err, "table properties already exists")) {
230 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
231 sqlite3_free(err);
232
233 return HANDLER_ERROR;
234 }
235 sqlite3_free(err);
236 }
237
238 if (SQLITE_OK != sqlite3_exec(s->sql,
239 "CREATE TABLE IF NOT EXISTS locks ("
240 " locktoken TEXT NOT NULL,"
241 " resource TEXT NOT NULL,"
242 " lockscope TEXT NOT NULL,"
243 " locktype TEXT NOT NULL,"
244 " owner TEXT NOT NULL,"
245 " depth INT NOT NULL,"
246 " timeout TIMESTAMP NOT NULL,"
247 " PRIMARY KEY(locktoken))",
248 NULL, NULL, &err)) {
249
250 if (0 != strcmp(err, "table locks already exists")) {
251 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
252 sqlite3_free(err);
253
254 return HANDLER_ERROR;
255 }
256 sqlite3_free(err);
257 }
258
259 if (SQLITE_OK != sqlite3_prepare(s->sql,
260 CONST_STR_LEN("SELECT value FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
261 &(s->stmt_select_prop), &next_stmt)) {
262 /* prepare failed */
263
264 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
265 return HANDLER_ERROR;
266 }
267
268 if (SQLITE_OK != sqlite3_prepare(s->sql,
269 CONST_STR_LEN("SELECT ns, prop FROM properties WHERE resource = ?"),
270 &(s->stmt_select_propnames), &next_stmt)) {
271 /* prepare failed */
272
273 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
274 return HANDLER_ERROR;
275 }
276
277
278 if (SQLITE_OK != sqlite3_prepare(s->sql,
279 CONST_STR_LEN("REPLACE INTO properties (resource, prop, ns, value) VALUES (?, ?, ?, ?)"),
280 &(s->stmt_update_prop), &next_stmt)) {
281 /* prepare failed */
282
283 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s->sql));
284 return HANDLER_ERROR;
285 }
286
287 if (SQLITE_OK != sqlite3_prepare(s->sql,
288 CONST_STR_LEN("DELETE FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
289 &(s->stmt_delete_prop), &next_stmt)) {
290 /* prepare failed */
291 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
292
293 return HANDLER_ERROR;
294 }
295
296 if (SQLITE_OK != sqlite3_prepare(s->sql,
297 CONST_STR_LEN("DELETE FROM properties WHERE resource = ?"),
298 &(s->stmt_delete_uri), &next_stmt)) {
299 /* prepare failed */
300 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
301
302 return HANDLER_ERROR;
303 }
304
305 if (SQLITE_OK != sqlite3_prepare(s->sql,
306 CONST_STR_LEN("INSERT INTO properties SELECT ?, prop, ns, value FROM properties WHERE resource = ?"),
307 &(s->stmt_copy_uri), &next_stmt)) {
308 /* prepare failed */
309 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
310
311 return HANDLER_ERROR;
312 }
313
314 if (SQLITE_OK != sqlite3_prepare(s->sql,
315 CONST_STR_LEN("UPDATE OR REPLACE properties SET resource = ? WHERE resource = ?"),
316 &(s->stmt_move_uri), &next_stmt)) {
317 /* prepare failed */
318 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
319
320 return HANDLER_ERROR;
321 }
322
323 /* LOCKS */
324
325 if (SQLITE_OK != sqlite3_prepare(s->sql,
326 CONST_STR_LEN("INSERT INTO locks (locktoken, resource, lockscope, locktype, owner, depth, timeout) VALUES (?,?,?,?,?,?, CURRENT_TIME + 600)"),
327 &(s->stmt_create_lock), &next_stmt)) {
328 /* prepare failed */
329 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
330
331 return HANDLER_ERROR;
332 }
333
334 if (SQLITE_OK != sqlite3_prepare(s->sql,
335 CONST_STR_LEN("DELETE FROM locks WHERE locktoken = ?"),
336 &(s->stmt_remove_lock), &next_stmt)) {
337 /* prepare failed */
338 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
339
340 return HANDLER_ERROR;
341 }
342
343 if (SQLITE_OK != sqlite3_prepare(s->sql,
344 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE locktoken = ?"),
345 &(s->stmt_read_lock), &next_stmt)) {
346 /* prepare failed */
347 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
348
349 return HANDLER_ERROR;
350 }
351
352 if (SQLITE_OK != sqlite3_prepare(s->sql,
353 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE resource = ?"),
354 &(s->stmt_read_lock_by_uri), &next_stmt)) {
355 /* prepare failed */
356 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
357
358 return HANDLER_ERROR;
359 }
360
361 if (SQLITE_OK != sqlite3_prepare(s->sql,
362 CONST_STR_LEN("UPDATE locks SET timeout = CURRENT_TIME + 600 WHERE locktoken = ?"),
363 &(s->stmt_refresh_lock), &next_stmt)) {
364 /* prepare failed */
365 log_error_write(srv, __FILE__, __LINE__, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s->sql));
366
367 return HANDLER_ERROR;
368 }
369
370
371 #else
372 log_error_write(srv, __FILE__, __LINE__, "s", "Sorry, no sqlite3 and libxml2 support include, compile with --with-webdav-props");
373 return HANDLER_ERROR;
374 #endif
375 }
376 }
377
378 return HANDLER_GO_ON;
379 }
380
381 #define PATCH_OPTION(x) \
382 p->conf.x = s->x;
383 static int mod_webdav_patch_connection(server *srv, connection *con, plugin_data *p) {
384 size_t i, j;
385 plugin_config *s = p->config_storage[0];
386
387 PATCH_OPTION(enabled);
388 PATCH_OPTION(is_readonly);
389 PATCH_OPTION(log_xml);
390
391 #ifdef USE_PROPPATCH
392 PATCH_OPTION(sql);
393 PATCH_OPTION(stmt_update_prop);
394 PATCH_OPTION(stmt_delete_prop);
395 PATCH_OPTION(stmt_select_prop);
396 PATCH_OPTION(stmt_select_propnames);
397
398 PATCH_OPTION(stmt_delete_uri);
399 PATCH_OPTION(stmt_move_uri);
400 PATCH_OPTION(stmt_copy_uri);
401
402 PATCH_OPTION(stmt_remove_lock);
403 PATCH_OPTION(stmt_refresh_lock);
404 PATCH_OPTION(stmt_create_lock);
405 PATCH_OPTION(stmt_read_lock);
406 PATCH_OPTION(stmt_read_lock_by_uri);
407 #endif
408 /* skip the first, the global context */
409 for (i = 1; i < srv->config_context->used; i++) {
410 data_config *dc = (data_config *)srv->config_context->data[i];
411 s = p->config_storage[i];
412
413 /* condition didn't match */
414 if (!config_check_cond(srv, con, dc)) continue;
415
416 /* merge config */
417 for (j = 0; j < dc->value->used; j++) {
418 data_unset *du = dc->value->data[j];
419
420 if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.activate"))) {
421 PATCH_OPTION(enabled);
422 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.is-readonly"))) {
423 PATCH_OPTION(is_readonly);
424 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.log-xml"))) {
425 PATCH_OPTION(log_xml);
426 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("webdav.sqlite-db-name"))) {
427 #ifdef USE_PROPPATCH
428 PATCH_OPTION(sql);
429 PATCH_OPTION(stmt_update_prop);
430 PATCH_OPTION(stmt_delete_prop);
431 PATCH_OPTION(stmt_select_prop);
432 PATCH_OPTION(stmt_select_propnames);
433
434 PATCH_OPTION(stmt_delete_uri);
435 PATCH_OPTION(stmt_move_uri);
436 PATCH_OPTION(stmt_copy_uri);
437
438 PATCH_OPTION(stmt_remove_lock);
439 PATCH_OPTION(stmt_refresh_lock);
440 PATCH_OPTION(stmt_create_lock);
441 PATCH_OPTION(stmt_read_lock);
442 PATCH_OPTION(stmt_read_lock_by_uri);
443 #endif
444 }
445 }
446 }
447
448 return 0;
449 }
450
451 URIHANDLER_FUNC(mod_webdav_uri_handler) {
452 plugin_data *p = p_d;
453
454 UNUSED(srv);
455
456 if (buffer_is_empty(con->uri.path)) return HANDLER_GO_ON;
457
458 mod_webdav_patch_connection(srv, con, p);
459
460 if (!p->conf.enabled) return HANDLER_GO_ON;
461
462 switch (con->request.http_method) {
463 case HTTP_METHOD_OPTIONS:
464 /* we fake a little bit but it makes MS W2k happy and it let's us mount the volume */
465 response_header_overwrite(srv, con, CONST_STR_LEN("DAV"), CONST_STR_LEN("1,2"));
466 response_header_overwrite(srv, con, CONST_STR_LEN("MS-Author-Via"), CONST_STR_LEN("DAV"));
467
468 if (p->conf.is_readonly) {
469 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND"));
470 } else {
471 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND, DELETE, MKCOL, PUT, MOVE, COPY, PROPPATCH, LOCK, UNLOCK"));
472 }
473 break;
474 default:
475 break;
476 }
477
478 /* not found */
479 return HANDLER_GO_ON;
480 }
481 static int webdav_gen_prop_tag(server *srv, connection *con,
482 char *prop_name,
483 char *prop_ns,
484 char *value,
485 buffer *b) {
486
487 UNUSED(srv);
488 UNUSED(con);
489
490 if (value) {
491 buffer_append_string_len(b,CONST_STR_LEN("<"));
492 buffer_append_string(b, prop_name);
493 buffer_append_string_len(b, CONST_STR_LEN(" xmlns=\""));
494 buffer_append_string(b, prop_ns);
495 buffer_append_string_len(b, CONST_STR_LEN("\">"));
496
497 buffer_append_string(b, value);
498
499 buffer_append_string_len(b,CONST_STR_LEN("</"));
500 buffer_append_string(b, prop_name);
501 buffer_append_string_len(b, CONST_STR_LEN(">"));
502 } else {
503 buffer_append_string_len(b,CONST_STR_LEN("<"));
504 buffer_append_string(b, prop_name);
505 buffer_append_string_len(b, CONST_STR_LEN(" xmlns=\""));
506 buffer_append_string(b, prop_ns);
507 buffer_append_string_len(b, CONST_STR_LEN("\"/>"));
508 }
509
510 return 0;
511 }
512
513
514 static int webdav_gen_response_status_tag(server *srv, connection *con, physical *dst, int status, buffer *b) {
515 UNUSED(srv);
516
517 buffer_append_string_len(b,CONST_STR_LEN("<D:response xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
518
519 buffer_append_string_len(b,CONST_STR_LEN("<D:href>\n"));
520 buffer_append_string_buffer(b, dst->rel_path);
521 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
522 buffer_append_string_len(b,CONST_STR_LEN("<D:status>\n"));
523
524 if (con->request.http_version == HTTP_VERSION_1_1) {
525 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.1 "));
526 } else {
527 buffer_copy_string_len(b, CONST_STR_LEN("HTTP/1.0 "));
528 }
529 buffer_append_int(b, status);
530 buffer_append_string_len(b, CONST_STR_LEN(" "));
531 buffer_append_string(b, get_http_status_name(status));
532
533 buffer_append_string_len(b,CONST_STR_LEN("</D:status>\n"));
534 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
535
536 return 0;
537 }
538
539 static int webdav_delete_file(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
540 int status = 0;
541
542 /* try to unlink it */
543 if (-1 == unlink(dst->path->ptr)) {
544 switch(errno) {
545 case EACCES:
546 case EPERM:
547 /* 403 */
548 status = 403;
549 break;
550 default:
551 status = 501;
552 break;
553 }
554 webdav_gen_response_status_tag(srv, con, dst, status, b);
555 } else {
556 #ifdef USE_PROPPATCH
557 sqlite3_stmt *stmt = hctx->conf.stmt_delete_uri;
558
559 if (!stmt) {
560 status = 403;
561 webdav_gen_response_status_tag(srv, con, dst, status, b);
562 } else {
563 sqlite3_reset(stmt);
564
565 /* bind the values to the insert */
566
567 sqlite3_bind_text(stmt, 1,
568 CONST_BUF_LEN(dst->rel_path),
569 SQLITE_TRANSIENT);
570
571 if (SQLITE_DONE != sqlite3_step(stmt)) {
572 /* */
573 }
574 }
575 #else
576 UNUSED(hctx);
577 #endif
578 }
579
580 return (status != 0);
581 }
582
583 static int webdav_delete_dir(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
584 DIR *dir;
585 int have_multi_status = 0;
586 physical d;
587
588 d.path = buffer_init();
589 d.rel_path = buffer_init();
590
591 if (NULL != (dir = opendir(dst->path->ptr))) {
592 struct dirent *de;
593
594 while(NULL != (de = readdir(dir))) {
595 struct stat st;
596
597 if ((de->d_name[0] == '.' && de->d_name[1] == '\0') ||
598 (de->d_name[0] == '.' && de->d_name[1] == '.' && de->d_name[2] == '\0')) {
599 continue;
600 /* ignore the parent dir */
601 }
602
603 buffer_copy_buffer(d.path, dst->path);
604 buffer_append_slash(d.path);
605 buffer_append_string(d.path, de->d_name);
606
607 buffer_copy_buffer(d.rel_path, dst->rel_path);
608 buffer_append_slash(d.rel_path);
609 buffer_append_string(d.rel_path, de->d_name);
610
611 /* stat and unlink afterwards */
612 if (-1 == stat(d.path->ptr, &st)) {
613 /* don't about it yet, rmdir will fail too */
614 } else if (S_ISDIR(st.st_mode)) {
615 have_multi_status = webdav_delete_dir(srv, con, hctx, &d, b);
616
617 /* try to unlink it */
618 if (-1 == rmdir(d.path->ptr)) {
619 int status;
620 switch(errno) {
621 case EACCES:
622 case EPERM:
623 /* 403 */
624 status = 403;
625 break;
626 default:
627 status = 501;
628 break;
629 }
630 have_multi_status = 1;
631
632 webdav_gen_response_status_tag(srv, con, &d, status, b);
633 } else {
634 #ifdef USE_PROPPATCH
635 sqlite3_stmt *stmt = hctx->conf.stmt_delete_uri;
636
637 if (stmt) {
638 sqlite3_reset(stmt);
639
640 /* bind the values to the insert */
641
642 sqlite3_bind_text(stmt, 1,
643 CONST_BUF_LEN(d.rel_path),
644 SQLITE_TRANSIENT);
645
646 if (SQLITE_DONE != sqlite3_step(stmt)) {
647 /* */
648 }
649 }
650 #endif
651 }
652 } else {
653 have_multi_status = webdav_delete_file(srv, con, hctx, &d, b);
654 }
655 }
656 closedir(dir);
657
658 buffer_free(d.path);
659 buffer_free(d.rel_path);
660 }
661
662 return have_multi_status;
663 }
664
665 /* don't want to block when open()ing a fifo */
666 #if defined(O_NONBLOCK)
667 # define FIFO_NONBLOCK O_NONBLOCK
668 #else
669 # define FIFO_NONBLOCK 0
670 #endif
671
672 #ifndef O_BINARY
673 #define O_BINARY 0
674 #endif
675
676 static int webdav_copy_file(server *srv, connection *con, handler_ctx *hctx, physical *src, physical *dst, int overwrite) {
677 char *data;
678 ssize_t rd, wr, offset;
679 int status = 0, ifd, ofd;
680 UNUSED(srv);
681 UNUSED(con);
682
683 if (-1 == (ifd = open(src->path->ptr, O_RDONLY | O_BINARY | FIFO_NONBLOCK))) {
684 return 403;
685 }
686
687 if (-1 == (ofd = open(dst->path->ptr, O_WRONLY|O_TRUNC|O_CREAT|(overwrite ? 0 : O_EXCL), WEBDAV_FILE_MODE))) {
688 /* opening the destination failed for some reason */
689 switch(errno) {
690 case EEXIST:
691 status = 412;
692 break;
693 case EISDIR:
694 status = 409;
695 break;
696 case ENOENT:
697 /* at least one part in the middle wasn't existing */
698 status = 409;
699 break;
700 default:
701 status = 403;
702 break;
703 }
704 close(ifd);
705 return status;
706 }
707
708 data = malloc(131072);
709 force_assert(data);
710
711 while (0 < (rd = read(ifd, data, 131072))) {
712 offset = 0;
713 do {
714 wr = write(ofd, data+offset, (size_t)(rd-offset));
715 } while (wr >= 0 ? (offset += wr) != rd : (errno == EINTR));
716 if (-1 == wr) {
717 status = (errno == ENOSPC) ? 507 : 403;
718 break;
719 }
720
721 }
722 if (0 != rd && 0 == status) status = 403;
723
724 free(data);
725 close(ifd);
726 if (0 != close(ofd)) {
727 if (0 == status) status = (errno == ENOSPC) ? 507 : 403;
728 log_error_write(srv, __FILE__, __LINE__, "sbss",
729 "close ", dst->path, "failed: ", strerror(errno));
730 }
731
732 #ifdef USE_PROPPATCH
733 if (0 == status) {
734 /* copy worked fine, copy connected properties */
735 sqlite3_stmt *stmt = hctx->conf.stmt_copy_uri;
736
737 if (stmt) {
738 sqlite3_reset(stmt);
739
740 /* bind the values to the insert */
741 sqlite3_bind_text(stmt, 1,
742 CONST_BUF_LEN(dst->rel_path),
743 SQLITE_TRANSIENT);
744
745 sqlite3_bind_text(stmt, 2,
746 CONST_BUF_LEN(src->rel_path),
747 SQLITE_TRANSIENT);
748
749 if (SQLITE_DONE != sqlite3_step(stmt)) {
750 /* */
751 }
752 }
753 }
754 #else
755 UNUSED(hctx);
756 #endif
757 return status;
758 }
759
760 static int webdav_copy_dir(server *srv, connection *con, handler_ctx *hctx, physical *src, physical *dst, int overwrite) {
761 DIR *srcdir;
762 int status = 0;
763
764 if (NULL != (srcdir = opendir(src->path->ptr))) {
765 struct dirent *de;
766 physical s, d;
767
768 s.path = buffer_init();
769 s.rel_path = buffer_init();
770
771 d.path = buffer_init();
772 d.rel_path = buffer_init();
773
774 while (NULL != (de = readdir(srcdir))) {
775 struct stat st;
776
777 if ((de->d_name[0] == '.' && de->d_name[1] == '\0')
778 || (de->d_name[0] == '.' && de->d_name[1] == '.' && de->d_name[2] == '\0')) {
779 continue;
780 }
781
782 buffer_copy_buffer(s.path, src->path);
783 buffer_append_slash(s.path);
784 buffer_append_string(s.path, de->d_name);
785
786 buffer_copy_buffer(d.path, dst->path);
787 buffer_append_slash(d.path);
788 buffer_append_string(d.path, de->d_name);
789
790 buffer_copy_buffer(s.rel_path, src->rel_path);
791 buffer_append_slash(s.rel_path);
792 buffer_append_string(s.rel_path, de->d_name);
793
794 buffer_copy_buffer(d.rel_path, dst->rel_path);
795 buffer_append_slash(d.rel_path);
796 buffer_append_string(d.rel_path, de->d_name);
797
798 if (-1 == stat(s.path->ptr, &st)) {
799 /* why ? */
800 } else if (S_ISDIR(st.st_mode)) {
801 /* a directory */
802 if (-1 == mkdir(d.path->ptr, WEBDAV_DIR_MODE) &&
803 errno != EEXIST) {
804 /* WTH ? */
805 } else {
806 #ifdef USE_PROPPATCH
807 sqlite3_stmt *stmt = hctx->conf.stmt_copy_uri;
808
809 if (0 != (status = webdav_copy_dir(srv, con, hctx, &s, &d, overwrite))) {
810 break;
811 }
812 /* directory is copied, copy the properties too */
813
814 if (stmt) {
815 sqlite3_reset(stmt);
816
817 /* bind the values to the insert */
818 sqlite3_bind_text(stmt, 1,
819 CONST_BUF_LEN(dst->rel_path),
820 SQLITE_TRANSIENT);
821
822 sqlite3_bind_text(stmt, 2,
823 CONST_BUF_LEN(src->rel_path),
824 SQLITE_TRANSIENT);
825
826 if (SQLITE_DONE != sqlite3_step(stmt)) {
827 /* */
828 }
829 }
830 #endif
831 }
832 } else if (S_ISREG(st.st_mode)) {
833 /* a plain file */
834 if (0 != (status = webdav_copy_file(srv, con, hctx, &s, &d, overwrite))) {
835 break;
836 }
837 }
838 }
839
840 buffer_free(s.path);
841 buffer_free(s.rel_path);
842 buffer_free(d.path);
843 buffer_free(d.rel_path);
844
845 closedir(srcdir);
846 }
847
848 return status;
849 }
850
851 #ifdef USE_LOCKS
852 static void webdav_activelock(buffer *b,
853 const buffer *locktoken, const char *lockscope, const char *locktype, int depth, int timeout) {
854 buffer_append_string_len(b, CONST_STR_LEN("<D:activelock>\n"));
855
856 buffer_append_string_len(b, CONST_STR_LEN("<D:lockscope>"));
857 buffer_append_string_len(b, CONST_STR_LEN("<D:"));
858 buffer_append_string(b, lockscope);
859 buffer_append_string_len(b, CONST_STR_LEN("/>"));
860 buffer_append_string_len(b, CONST_STR_LEN("</D:lockscope>\n"));
861
862 buffer_append_string_len(b, CONST_STR_LEN("<D:locktype>"));
863 buffer_append_string_len(b, CONST_STR_LEN("<D:"));
864 buffer_append_string(b, locktype);
865 buffer_append_string_len(b, CONST_STR_LEN("/>"));
866 buffer_append_string_len(b, CONST_STR_LEN("</D:locktype>\n"));
867
868 buffer_append_string_len(b, CONST_STR_LEN("<D:depth>"));
869 buffer_append_string(b, depth == 0 ? "0" : "infinity");
870 buffer_append_string_len(b, CONST_STR_LEN("</D:depth>\n"));
871
872 buffer_append_string_len(b, CONST_STR_LEN("<D:timeout>"));
873 buffer_append_string_len(b, CONST_STR_LEN("Second-"));
874 buffer_append_int(b, timeout);
875 buffer_append_string_len(b, CONST_STR_LEN("</D:timeout>\n"));
876
877 buffer_append_string_len(b, CONST_STR_LEN("<D:owner>"));
878 buffer_append_string_len(b, CONST_STR_LEN("</D:owner>\n"));
879
880 buffer_append_string_len(b, CONST_STR_LEN("<D:locktoken>"));
881 buffer_append_string_len(b, CONST_STR_LEN("<D:href>"));
882 buffer_append_string_buffer(b, locktoken);
883 buffer_append_string_len(b, CONST_STR_LEN("</D:href>"));
884 buffer_append_string_len(b, CONST_STR_LEN("</D:locktoken>\n"));
885
886 buffer_append_string_len(b, CONST_STR_LEN("</D:activelock>\n"));
887 }
888
889 static void webdav_get_live_property_lockdiscovery(server *srv, connection *con, handler_ctx *hctx, physical *dst, buffer *b) {
890
891 sqlite3_stmt *stmt = hctx->conf.stmt_read_lock_by_uri;
892 if (!stmt) { /*(should not happen)*/
893 buffer_append_string_len(b, CONST_STR_LEN("<D:lockdiscovery>\n</D:lockdiscovery>\n"));
894 return;
895 }
896 UNUSED(srv);
897 UNUSED(con);
898
899 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
900 * FROM locks
901 * WHERE resource = ? */
902
903 sqlite3_reset(stmt);
904
905 sqlite3_bind_text(stmt, 1,
906 CONST_BUF_LEN(dst->rel_path),
907 SQLITE_TRANSIENT);
908
909 buffer_append_string_len(b, CONST_STR_LEN("<D:lockdiscovery>\n"));
910 while (SQLITE_ROW == sqlite3_step(stmt)) {
911 const char *lockscope = (const char *)sqlite3_column_text(stmt, 2);
912 const char *locktype = (const char *)sqlite3_column_text(stmt, 3);
913 const int depth = sqlite3_column_int(stmt, 5);
914 const int timeout = sqlite3_column_int(stmt, 6);
915 buffer locktoken = { NULL, 0, 0 };
916 locktoken.ptr = (char *)sqlite3_column_text(stmt, 0);
917 locktoken.used = sqlite3_column_bytes(stmt, 0);
918 if (locktoken.used) ++locktoken.used;
919 locktoken.size = locktoken.used;
920
921 if (timeout > 0) {
922 webdav_activelock(b, &locktoken, lockscope, locktype, depth, timeout);
923 }
924 }
925 buffer_append_string_len(b, CONST_STR_LEN("</D:lockdiscovery>\n"));
926 }
927 #endif
928
929 static int webdav_get_live_property(server *srv, connection *con, handler_ctx *hctx, physical *dst, char *prop_name, buffer *b) {
930 stat_cache_entry *sce = NULL;
931 int found = 0;
932
933 UNUSED(hctx);
934
935 if (HANDLER_ERROR != (stat_cache_get_entry(srv, con, dst->path, &sce))) {
936 char ctime_buf[] = "2005-08-18T07:27:16Z";
937 char mtime_buf[] = "Thu, 18 Aug 2005 07:27:16 GMT";
938 size_t k;
939
940 if (0 == strcmp(prop_name, "resourcetype")) {
941 if (S_ISDIR(sce->st.st_mode)) {
942 buffer_append_string_len(b, CONST_STR_LEN("<D:resourcetype><D:collection/></D:resourcetype>"));
943 } else {
944 buffer_append_string_len(b, CONST_STR_LEN("<D:resourcetype/>"));
945 }
946 found = 1;
947 } else if (0 == strcmp(prop_name, "getcontenttype")) {
948 if (S_ISDIR(sce->st.st_mode)) {
949 buffer_append_string_len(b, CONST_STR_LEN("<D:getcontenttype>httpd/unix-directory</D:getcontenttype>"));
950 found = 1;
951 } else if(S_ISREG(sce->st.st_mode)) {
952 for (k = 0; k < con->conf.mimetypes->used; k++) {
953 data_string *ds = (data_string *)con->conf.mimetypes->data[k];
954
955 if (buffer_is_empty(ds->key)) continue;
956
957 if (buffer_is_equal_right_len(dst->path, ds->key, buffer_string_length(ds->key))) {
958 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontenttype>"));
959 buffer_append_string_buffer(b, ds->value);
960 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontenttype>"));
961 found = 1;
962
963 break;
964 }
965 }
966 }
967 } else if (0 == strcmp(prop_name, "creationdate")) {
968 buffer_append_string_len(b, CONST_STR_LEN("<D:creationdate ns0:dt=\"dateTime.tz\">"));
969 strftime(ctime_buf, sizeof(ctime_buf), "%Y-%m-%dT%H:%M:%SZ", gmtime(&(sce->st.st_ctime)));
970 buffer_append_string(b, ctime_buf);
971 buffer_append_string_len(b, CONST_STR_LEN("</D:creationdate>"));
972 found = 1;
973 } else if (0 == strcmp(prop_name, "getlastmodified")) {
974 buffer_append_string_len(b,CONST_STR_LEN("<D:getlastmodified ns0:dt=\"dateTime.rfc1123\">"));
975 strftime(mtime_buf, sizeof(mtime_buf), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&(sce->st.st_mtime)));
976 buffer_append_string(b, mtime_buf);
977 buffer_append_string_len(b, CONST_STR_LEN("</D:getlastmodified>"));
978 found = 1;
979 } else if (0 == strcmp(prop_name, "getcontentlength")) {
980 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontentlength>"));
981 buffer_append_int(b, sce->st.st_size);
982 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontentlength>"));
983 found = 1;
984 } else if (0 == strcmp(prop_name, "getcontentlanguage")) {
985 buffer_append_string_len(b,CONST_STR_LEN("<D:getcontentlanguage>"));
986 buffer_append_string_len(b, CONST_STR_LEN("en"));
987 buffer_append_string_len(b, CONST_STR_LEN("</D:getcontentlanguage>"));
988 found = 1;
989 } else if (0 == strcmp(prop_name, "getetag")) {
990 etag_create(con->physical.etag, &sce->st, con->etag_flags);
991 buffer_append_string_len(b, CONST_STR_LEN("<D:getetag>"));
992 buffer_append_string_buffer(b, con->physical.etag);
993 buffer_append_string_len(b, CONST_STR_LEN("</D:getetag>"));
994 buffer_reset(con->physical.etag);
995 found = 1;
996 #ifdef USE_LOCKS
997 } else if (0 == strcmp(prop_name, "lockdiscovery")) {
998 webdav_get_live_property_lockdiscovery(srv, con, hctx, dst, b);
999 found = 1;
1000 } else if (0 == strcmp(prop_name, "supportedlock")) {
1001 buffer_append_string_len(b,CONST_STR_LEN("<D:supportedlock>"));
1002 buffer_append_string_len(b,CONST_STR_LEN("<D:lockentry>"));
1003 buffer_append_string_len(b,CONST_STR_LEN("<D:lockscope><D:exclusive/></D:lockscope>"));
1004 buffer_append_string_len(b,CONST_STR_LEN("<D:locktype><D:write/></D:locktype>"));
1005 buffer_append_string_len(b,CONST_STR_LEN("</D:lockentry>"));
1006 buffer_append_string_len(b, CONST_STR_LEN("</D:supportedlock>"));
1007 found = 1;
1008 #endif
1009 }
1010 }
1011
1012 return found ? 0 : -1;
1013 }
1014
1015 static int webdav_get_property(server *srv, connection *con, handler_ctx *hctx, physical *dst, char *prop_name, char *prop_ns, buffer *b) {
1016 if (0 == strcmp(prop_ns, "DAV:")) {
1017 /* a local 'live' property */
1018 return webdav_get_live_property(srv, con, hctx, dst, prop_name, b);
1019 } else {
1020 int found = 0;
1021 #ifdef USE_PROPPATCH
1022 sqlite3_stmt *stmt = hctx->conf.stmt_select_prop;
1023
1024 if (stmt) {
1025 /* perhaps it is in sqlite3 */
1026 sqlite3_reset(stmt);
1027
1028 /* bind the values to the insert */
1029
1030 sqlite3_bind_text(stmt, 1,
1031 CONST_BUF_LEN(dst->rel_path),
1032 SQLITE_TRANSIENT);
1033 sqlite3_bind_text(stmt, 2,
1034 prop_name,
1035 strlen(prop_name),
1036 SQLITE_TRANSIENT);
1037 sqlite3_bind_text(stmt, 3,
1038 prop_ns,
1039 strlen(prop_ns),
1040 SQLITE_TRANSIENT);
1041
1042 /* it is the PK */
1043 while (SQLITE_ROW == sqlite3_step(stmt)) {
1044 /* there is a row for us, we only expect a single col 'value' */
1045 webdav_gen_prop_tag(srv, con, prop_name, prop_ns, (char *)sqlite3_column_text(stmt, 0), b);
1046 found = 1;
1047 }
1048 }
1049 #endif
1050 return found ? 0 : -1;
1051 }
1052
1053 /* not found */
1054 return -1;
1055 }
1056
1057 typedef struct {
1058 char *ns;
1059 char *prop;
1060 } webdav_property;
1061
1062 static webdav_property live_properties[] = {
1063 { "DAV:", "creationdate" },
1064 /*{ "DAV:", "displayname" },*//*(not implemented)*/
1065 { "DAV:", "getcontentlanguage" },
1066 { "DAV:", "getcontentlength" },
1067 { "DAV:", "getcontenttype" },
1068 { "DAV:", "getetag" },
1069 { "DAV:", "getlastmodified" },
1070 { "DAV:", "resourcetype" },
1071 /*{ "DAV:", "source" },*//*(not implemented)*/
1072 #ifdef USE_LOCKS
1073 { "DAV:", "lockdiscovery" },
1074 { "DAV:", "supportedlock" },
1075 #endif
1076
1077 { NULL, NULL }
1078 };
1079
1080 typedef struct {
1081 webdav_property **ptr;
1082
1083 size_t used;
1084 size_t size;
1085 } webdav_properties;
1086
1087 static int webdav_get_props(server *srv, connection *con, handler_ctx *hctx, physical *dst, webdav_properties *props, buffer *b_200, buffer *b_404) {
1088 size_t i;
1089
1090 if (props && props->used) {
1091 for (i = 0; i < props->used; i++) {
1092 webdav_property *prop;
1093
1094 prop = props->ptr[i];
1095
1096 if (0 != webdav_get_property(srv, con, hctx,
1097 dst, prop->prop, prop->ns, b_200)) {
1098 webdav_gen_prop_tag(srv, con, prop->prop, prop->ns, NULL, b_404);
1099 }
1100 }
1101 } else {
1102 for (i = 0; live_properties[i].prop; i++) {
1103 /* a local 'live' property */
1104 webdav_get_live_property(srv, con, hctx, dst, live_properties[i].prop, b_200);
1105 }
1106 }
1107
1108 return 0;
1109 }
1110
1111 #ifdef USE_PROPPATCH
1112 static int webdav_parse_chunkqueue(server *srv, connection *con, handler_ctx *hctx, chunkqueue *cq, xmlDoc **ret_xml) {
1113 xmlParserCtxtPtr ctxt;
1114 xmlDoc *xml;
1115 int res;
1116 int err;
1117
1118 chunk *c;
1119
1120 UNUSED(con);
1121
1122 /* read the chunks in to the XML document */
1123 ctxt = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
1124
1125 for (c = cq->first; cq->bytes_out != cq->bytes_in; c = cq->first) {
1126 size_t weWant = cq->bytes_out - cq->bytes_in;
1127 size_t weHave;
1128 int mapped;
1129 void *data;
1130
1131 switch(c->type) {
1132 case FILE_CHUNK:
1133 weHave = c->file.length - c->offset;
1134
1135 if (weHave > weWant) weHave = weWant;
1136
1137 /* xml chunks are always memory, mmap() is our friend */
1138 mapped = (c->file.mmap.start != MAP_FAILED);
1139 if (mapped) {
1140 data = c->file.mmap.start + c->offset;
1141 } else {
1142 if (-1 == c->file.fd && /* open the file if not already open */
1143 -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
1144 log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno));
1145
1146 return -1;
1147 }
1148
1149 if (MAP_FAILED != (c->file.mmap.start = mmap(0, c->file.length, PROT_READ, MAP_PRIVATE, c->file.fd, 0))) {
1150 /* chunk_reset() or chunk_free() will cleanup for us */
1151 c->file.mmap.length = c->file.length;
1152 data = c->file.mmap.start + c->offset;
1153 mapped = 1;
1154 } else {
1155 ssize_t rd;
1156 if (weHave > 65536) weHave = 65536;
1157 data = malloc(weHave);
1158 force_assert(data);
1159 if (-1 == lseek(c->file.fd, c->file.start + c->offset, SEEK_SET)
1160 || 0 > (rd = read(c->file.fd, data, weHave))) {
1161 log_error_write(srv, __FILE__, __LINE__, "ssbd", "lseek/read failed: ",
1162 strerror(errno), c->file.name, c->file.fd);
1163 free(data);
1164 return -1;
1165 }
1166 weHave = (size_t)rd;
1167 }
1168 }
1169
1170 if (XML_ERR_OK != (err = xmlParseChunk(ctxt, data, weHave, 0))) {
1171 log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
1172 }
1173
1174 chunkqueue_mark_written(cq, weHave);
1175
1176 if (!mapped) free(data);
1177 break;
1178 case MEM_CHUNK:
1179 /* append to the buffer */
1180 weHave = buffer_string_length(c->mem) - c->offset;
1181
1182 if (weHave > weWant) weHave = weWant;
1183
1184 if (hctx->conf.log_xml) {
1185 log_error_write(srv, __FILE__, __LINE__, "ss", "XML-request-body:", c->mem->ptr + c->offset);
1186 }
1187
1188 if (XML_ERR_OK != (err = xmlParseChunk(ctxt, c->mem->ptr + c->offset, weHave, 0))) {
1189 log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
1190 }
1191
1192 chunkqueue_mark_written(cq, weHave);
1193
1194 break;
1195 }
1196 }
1197
1198 switch ((err = xmlParseChunk(ctxt, 0, 0, 1))) {
1199 case XML_ERR_DOCUMENT_END:
1200 case XML_ERR_OK:
1201 break;
1202 default:
1203 log_error_write(srv, __FILE__, __LINE__, "sd", "xmlParseChunk failed at final packet:", err);
1204 break;
1205 }
1206
1207 xml = ctxt->myDoc;
1208 res = ctxt->wellFormed;
1209 xmlFreeParserCtxt(ctxt);
1210
1211 if (res == 0) {
1212 xmlFreeDoc(xml);
1213 } else {
1214 *ret_xml = xml;
1215 }
1216
1217 return res;
1218 }
1219 #endif
1220
1221 #ifdef USE_LOCKS
1222 static int webdav_lockdiscovery(server *srv, connection *con,
1223 buffer *locktoken, const char *lockscope, const char *locktype, int depth) {
1224
1225 buffer *b = buffer_init();
1226
1227 response_header_overwrite(srv, con, CONST_STR_LEN("Lock-Token"), CONST_BUF_LEN(locktoken));
1228
1229 response_header_overwrite(srv, con,
1230 CONST_STR_LEN("Content-Type"),
1231 CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1232
1233 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1234
1235 buffer_append_string_len(b,CONST_STR_LEN("<D:prop xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1236 buffer_append_string_len(b,CONST_STR_LEN("<D:lockdiscovery>\n"));
1237 webdav_activelock(b, locktoken, lockscope, locktype, depth, 600);
1238 buffer_append_string_len(b,CONST_STR_LEN("</D:lockdiscovery>\n"));
1239 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1240
1241 chunkqueue_append_buffer(con->write_queue, b);
1242 buffer_free(b);
1243
1244 return 0;
1245 }
1246 #endif
1247
1248 /**
1249 * check if resource is having the right locks to access to resource
1250 *
1251 *
1252 *
1253 */
1254 static int webdav_has_lock(server *srv, connection *con, handler_ctx *hctx, buffer *uri) {
1255 int has_lock = 1;
1256
1257 #ifdef USE_LOCKS
1258 data_string *ds;
1259 UNUSED(srv);
1260
1261 /**
1262 * This implementation is more fake than real
1263 * we need a parser for the If: header to really handle the full scope
1264 *
1265 * X-Litmus: locks: 11 (owner_modify)
1266 * If: <http://127.0.0.1:1025/dav/litmus/lockme> (<opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1>)
1267 * - a tagged check:
1268 * if http://127.0.0.1:1025/dav/litmus/lockme is locked with
1269 * opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1, go on
1270 *
1271 * X-Litmus: locks: 16 (fail_cond_put)
1272 * If: (<DAV:no-lock> ["-1622396671"])
1273 * - untagged:
1274 * go on if the resource has the etag [...] and the lock
1275 */
1276 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
1277 /* Ooh, ooh. A if tag, now the fun begins.
1278 *
1279 * this can only work with a real parser
1280 **/
1281 } else {
1282 /* we didn't provided a lock-token -> */
1283 /* if the resource is locked -> 423 */
1284
1285 sqlite3_stmt *stmt = hctx->conf.stmt_read_lock_by_uri;
1286
1287 sqlite3_reset(stmt);
1288
1289 sqlite3_bind_text(stmt, 1,
1290 CONST_BUF_LEN(uri),
1291 SQLITE_TRANSIENT);
1292
1293 while (SQLITE_ROW == sqlite3_step(stmt)) {
1294 has_lock = 0;
1295 }
1296 }
1297 #else
1298 UNUSED(srv);
1299 UNUSED(con);
1300 UNUSED(hctx);
1301 UNUSED(uri);
1302 #endif
1303
1304 return has_lock;
1305 }
1306
1307
1308 SUBREQUEST_FUNC(mod_webdav_subrequest_handler_huge) {
1309 plugin_data *p = p_d;
1310 handler_ctx *hctx = con->plugin_ctx[p->id];
1311 buffer *b;
1312 DIR *dir;
1313 data_string *ds;
1314 int depth = -1; /* (Depth: infinity) */
1315 struct stat st;
1316 buffer *prop_200;
1317 buffer *prop_404;
1318 webdav_properties *req_props;
1319 stat_cache_entry *sce = NULL;
1320
1321 UNUSED(srv);
1322
1323 if (NULL == hctx) return HANDLER_GO_ON;
1324 if (!hctx->conf.enabled) return HANDLER_GO_ON;
1325 /* physical path is setup */
1326 if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
1327
1328 /* PROPFIND need them */
1329 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Depth")) && 1 == buffer_string_length(ds->value)) {
1330 if ('0' == *ds->value->ptr) {
1331 depth = 0;
1332 } else if ('1' == *ds->value->ptr) {
1333 depth = 1;
1334 }
1335 } /* else treat as Depth: infinity */
1336
1337 switch (con->request.http_method) {
1338 case HTTP_METHOD_PROPFIND:
1339 /* they want to know the properties of the directory */
1340 req_props = NULL;
1341
1342 /* is there a content-body ? */
1343
1344 switch (stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
1345 case HANDLER_ERROR:
1346 if (errno == ENOENT) {
1347 con->http_status = 404;
1348 return HANDLER_FINISHED;
1349 }
1350 break;
1351 default:
1352 break;
1353 }
1354
1355 if (S_ISDIR(sce->st.st_mode) && con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
1356 http_response_redirect_to_directory(srv, con);
1357 return HANDLER_FINISHED;
1358 }
1359
1360 #ifdef USE_PROPPATCH
1361 /* any special requests or just allprop ? */
1362 if (con->request.content_length) {
1363 xmlDocPtr xml;
1364
1365 if (con->state == CON_STATE_READ_POST) {
1366 handler_t r = connection_handle_read_post_state(srv, con);
1367 if (r != HANDLER_GO_ON) return r;
1368 }
1369
1370 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
1371 xmlNode *rootnode = xmlDocGetRootElement(xml);
1372
1373 force_assert(rootnode);
1374
1375 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "propfind")) {
1376 xmlNode *cmd;
1377
1378 req_props = calloc(1, sizeof(*req_props));
1379
1380 for (cmd = rootnode->children; cmd; cmd = cmd->next) {
1381
1382 if (0 == xmlStrcmp(cmd->name, BAD_CAST "prop")) {
1383 /* get prop by name */
1384 xmlNode *prop;
1385
1386 for (prop = cmd->children; prop; prop = prop->next) {
1387 if (prop->type == XML_TEXT_NODE) continue; /* ignore WS */
1388
1389 if (prop->ns &&
1390 (0 == xmlStrcmp(prop->ns->href, BAD_CAST "")) &&
1391 (0 != xmlStrcmp(prop->ns->prefix, BAD_CAST ""))) {
1392 size_t i;
1393 log_error_write(srv, __FILE__, __LINE__, "ss",
1394 "no name space for:",
1395 prop->name);
1396
1397 xmlFreeDoc(xml);
1398
1399 for (i = 0; i < req_props->used; i++) {
1400 free(req_props->ptr[i]->ns);
1401 free(req_props->ptr[i]->prop);
1402 free(req_props->ptr[i]);
1403 }
1404 free(req_props->ptr);
1405 free(req_props);
1406
1407 con->http_status = 400;
1408 return HANDLER_FINISHED;
1409 }
1410
1411 /* add property to requested list */
1412 if (req_props->size == 0) {
1413 req_props->size = 16;
1414 req_props->ptr = malloc(sizeof(*(req_props->ptr)) * req_props->size);
1415 } else if (req_props->used == req_props->size) {
1416 req_props->size += 16;
1417 req_props->ptr = realloc(req_props->ptr, sizeof(*(req_props->ptr)) * req_props->size);
1418 }
1419
1420 req_props->ptr[req_props->used] = malloc(sizeof(webdav_property));
1421 req_props->ptr[req_props->used]->ns = (char *)xmlStrdup(prop->ns ? prop->ns->href : (xmlChar *)"");
1422 req_props->ptr[req_props->used]->prop = (char *)xmlStrdup(prop->name);
1423 req_props->used++;
1424 }
1425 } else if (0 == xmlStrcmp(cmd->name, BAD_CAST "propname")) {
1426 sqlite3_stmt *stmt = p->conf.stmt_select_propnames;
1427
1428 if (stmt) {
1429 /* get all property names (EMPTY) */
1430 sqlite3_reset(stmt);
1431 /* bind the values to the insert */
1432
1433 sqlite3_bind_text(stmt, 1,
1434 CONST_BUF_LEN(con->uri.path),
1435 SQLITE_TRANSIENT);
1436
1437 if (SQLITE_DONE != sqlite3_step(stmt)) {
1438 }
1439 }
1440 } else if (0 == xmlStrcmp(cmd->name, BAD_CAST "allprop")) {
1441 /* get all properties (EMPTY) */
1442 }
1443 }
1444 }
1445
1446 xmlFreeDoc(xml);
1447 } else {
1448 con->http_status = 400;
1449 return HANDLER_FINISHED;
1450 }
1451 }
1452 #endif
1453 con->http_status = 207;
1454
1455 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1456
1457 b = buffer_init();
1458
1459 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1460
1461 buffer_append_string_len(b,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1462
1463 /* allprop */
1464
1465 prop_200 = buffer_init();
1466 prop_404 = buffer_init();
1467
1468 {
1469 /* Depth: 0 or Depth: 1 */
1470 webdav_get_props(srv, con, hctx, &(con->physical), req_props, prop_200, prop_404);
1471
1472 buffer_append_string_len(b,CONST_STR_LEN("<D:response>\n"));
1473 buffer_append_string_len(b,CONST_STR_LEN("<D:href>"));
1474 buffer_append_string_buffer(b, con->uri.scheme);
1475 buffer_append_string_len(b,CONST_STR_LEN("://"));
1476 buffer_append_string_buffer(b, con->uri.authority);
1477 buffer_append_string_encoded(b, CONST_BUF_LEN(con->uri.path), ENCODING_REL_URI);
1478 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
1479
1480 if (!buffer_string_is_empty(prop_200)) {
1481 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1482 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1483
1484 buffer_append_string_buffer(b, prop_200);
1485
1486 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1487
1488 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1489
1490 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1491 }
1492 if (!buffer_string_is_empty(prop_404)) {
1493 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1494 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1495
1496 buffer_append_string_buffer(b, prop_404);
1497
1498 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1499
1500 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1501
1502 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1503 }
1504
1505 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
1506 }
1507
1508 if (depth == 1) {
1509
1510 if (NULL != (dir = opendir(con->physical.path->ptr))) {
1511 struct dirent *de;
1512 physical d;
1513 physical *dst = &(con->physical);
1514
1515 d.path = buffer_init();
1516 d.rel_path = buffer_init();
1517
1518 while(NULL != (de = readdir(dir))) {
1519 if (de->d_name[0] == '.' && (de->d_name[1] == '\0' || (de->d_name[1] == '.' && de->d_name[2] == '\0'))) {
1520 continue;
1521 /* ignore the parent and target dir */
1522 }
1523
1524 buffer_copy_buffer(d.path, dst->path);
1525 buffer_append_slash(d.path);
1526
1527 buffer_copy_buffer(d.rel_path, dst->rel_path);
1528 buffer_append_slash(d.rel_path);
1529
1530 buffer_append_string(d.path, de->d_name);
1531 buffer_append_string(d.rel_path, de->d_name);
1532
1533 buffer_reset(prop_200);
1534 buffer_reset(prop_404);
1535
1536 webdav_get_props(srv, con, hctx, &d, req_props, prop_200, prop_404);
1537
1538 buffer_append_string_len(b,CONST_STR_LEN("<D:response>\n"));
1539 buffer_append_string_len(b,CONST_STR_LEN("<D:href>"));
1540 buffer_append_string_buffer(b, con->uri.scheme);
1541 buffer_append_string_len(b,CONST_STR_LEN("://"));
1542 buffer_append_string_buffer(b, con->uri.authority);
1543 buffer_append_string_encoded(b, CONST_BUF_LEN(d.rel_path), ENCODING_REL_URI);
1544 if (0 == stat(d.path->ptr, &st) && S_ISDIR(st.st_mode)) {
1545 /* Append a '/' on subdirectories */
1546 buffer_append_string_len(b,CONST_STR_LEN("/"));
1547 }
1548 buffer_append_string_len(b,CONST_STR_LEN("</D:href>\n"));
1549
1550 if (!buffer_string_is_empty(prop_200)) {
1551 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1552 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1553
1554 buffer_append_string_buffer(b, prop_200);
1555
1556 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1557
1558 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1559
1560 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1561 }
1562 if (!buffer_string_is_empty(prop_404)) {
1563 buffer_append_string_len(b,CONST_STR_LEN("<D:propstat>\n"));
1564 buffer_append_string_len(b,CONST_STR_LEN("<D:prop>\n"));
1565
1566 buffer_append_string_buffer(b, prop_404);
1567
1568 buffer_append_string_len(b,CONST_STR_LEN("</D:prop>\n"));
1569
1570 buffer_append_string_len(b,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1571
1572 buffer_append_string_len(b,CONST_STR_LEN("</D:propstat>\n"));
1573 }
1574
1575 buffer_append_string_len(b,CONST_STR_LEN("</D:response>\n"));
1576 }
1577 closedir(dir);
1578 buffer_free(d.path);
1579 buffer_free(d.rel_path);
1580 }
1581
1582 }
1583
1584 if (req_props) {
1585 size_t i;
1586 for (i = 0; i < req_props->used; i++) {
1587 free(req_props->ptr[i]->ns);
1588 free(req_props->ptr[i]->prop);
1589 free(req_props->ptr[i]);
1590 }
1591 free(req_props->ptr);
1592 free(req_props);
1593 }
1594
1595 buffer_free(prop_200);
1596 buffer_free(prop_404);
1597
1598 buffer_append_string_len(b,CONST_STR_LEN("</D:multistatus>\n"));
1599
1600 if (p->conf.log_xml) {
1601 log_error_write(srv, __FILE__, __LINE__, "sb", "XML-response-body:", b);
1602 }
1603
1604 chunkqueue_append_buffer(con->write_queue, b);
1605 buffer_free(b);
1606
1607 con->file_finished = 1;
1608
1609 return HANDLER_FINISHED;
1610 case HTTP_METHOD_MKCOL:
1611 if (p->conf.is_readonly) {
1612 con->http_status = 403;
1613 return HANDLER_FINISHED;
1614 }
1615
1616 if (con->request.content_length != 0) {
1617 /* we don't support MKCOL with a body */
1618 con->http_status = 415;
1619
1620 return HANDLER_FINISHED;
1621 }
1622
1623 /* let's create the directory */
1624
1625 if (-1 == mkdir(con->physical.path->ptr, WEBDAV_DIR_MODE)) {
1626 switch(errno) {
1627 case EPERM:
1628 con->http_status = 403;
1629 break;
1630 case ENOENT:
1631 case ENOTDIR:
1632 con->http_status = 409;
1633 break;
1634 case EEXIST:
1635 default:
1636 con->http_status = 405; /* not allowed */
1637 break;
1638 }
1639 } else {
1640 con->http_status = 201;
1641 con->file_finished = 1;
1642 }
1643
1644 return HANDLER_FINISHED;
1645 case HTTP_METHOD_DELETE:
1646 if (p->conf.is_readonly) {
1647 con->http_status = 403;
1648 return HANDLER_FINISHED;
1649 }
1650
1651 /* does the client have a lock for this connection ? */
1652 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
1653 con->http_status = 423;
1654 return HANDLER_FINISHED;
1655 }
1656
1657 /* stat and unlink afterwards */
1658 if (-1 == stat(con->physical.path->ptr, &st)) {
1659 /* don't about it yet, unlink will fail too */
1660 switch(errno) {
1661 case ENOENT:
1662 con->http_status = 404;
1663 break;
1664 default:
1665 con->http_status = 403;
1666 break;
1667 }
1668 } else if (S_ISDIR(st.st_mode)) {
1669 buffer *multi_status_resp;
1670
1671 if (con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
1672 http_response_redirect_to_directory(srv, con);
1673 return HANDLER_FINISHED;
1674 }
1675
1676 multi_status_resp = buffer_init();
1677
1678 if (webdav_delete_dir(srv, con, hctx, &(con->physical), multi_status_resp)) {
1679 /* we got an error somewhere in between, build a 207 */
1680 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1681
1682 b = buffer_init();
1683
1684 buffer_copy_string_len(b, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1685
1686 buffer_append_string_len(b,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\">\n"));
1687
1688 buffer_append_string_buffer(b, multi_status_resp);
1689
1690 buffer_append_string_len(b,CONST_STR_LEN("</D:multistatus>\n"));
1691
1692 if (p->conf.log_xml) {
1693 log_error_write(srv, __FILE__, __LINE__, "sb", "XML-response-body:", b);
1694 }
1695
1696 chunkqueue_append_buffer(con->write_queue, b);
1697 buffer_free(b);
1698
1699 con->http_status = 207;
1700 con->file_finished = 1;
1701 } else {
1702 /* everything went fine, remove the directory */
1703
1704 if (-1 == rmdir(con->physical.path->ptr)) {
1705 switch(errno) {
1706 case EPERM:
1707 con->http_status = 403;
1708 break;
1709 case ENOENT:
1710 con->http_status = 404;
1711 break;
1712 default:
1713 con->http_status = 501;
1714 break;
1715 }
1716 } else {
1717 con->http_status = 204;
1718 }
1719 }
1720
1721 buffer_free(multi_status_resp);
1722 } else if (-1 == unlink(con->physical.path->ptr)) {
1723 switch(errno) {
1724 case EPERM:
1725 con->http_status = 403;
1726 break;
1727 case ENOENT:
1728 con->http_status = 404;
1729 break;
1730 default:
1731 con->http_status = 501;
1732 break;
1733 }
1734 } else {
1735 con->http_status = 204;
1736 }
1737 return HANDLER_FINISHED;
1738 case HTTP_METHOD_PUT: {
1739 int fd;
1740 chunkqueue *cq = con->request_content_queue;
1741 chunk *c;
1742 data_string *ds_range;
1743
1744 if (p->conf.is_readonly) {
1745 con->http_status = 403;
1746 return HANDLER_FINISHED;
1747 }
1748
1749 /* is a exclusive lock set on the source */
1750 /* (check for lock once before potentially reading large input) */
1751 if (0 == cq->bytes_in && !webdav_has_lock(srv, con, hctx, con->uri.path)) {
1752 con->http_status = 423;
1753 return HANDLER_FINISHED;
1754 }
1755
1756 if (con->state == CON_STATE_READ_POST) {
1757 handler_t r = connection_handle_read_post_state(srv, con);
1758 if (r != HANDLER_GO_ON) return r;
1759 }
1760
1761 /* RFC2616 Section 9.6 PUT requires us to send 501 on all Content-* we don't support
1762 * - most important Content-Range
1763 *
1764 *
1765 * Example: Content-Range: bytes 100-1037/1038 */
1766
1767 if (NULL != (ds_range = (data_string *)array_get_element(con->request.headers, "Content-Range"))) {
1768 const char *num = ds_range->value->ptr;
1769 off_t offset;
1770 char *err = NULL;
1771
1772 if (0 != strncmp(num, "bytes ", 6)) {
1773 con->http_status = 501; /* not implemented */
1774
1775 return HANDLER_FINISHED;
1776 }
1777
1778 /* we only support <num>- ... */
1779
1780 num += 6;
1781
1782 /* skip WS */
1783 while (*num == ' ' || *num == '\t') num++;
1784
1785 if (*num == '\0') {
1786 con->http_status = 501; /* not implemented */
1787
1788 return HANDLER_FINISHED;
1789 }
1790
1791 offset = strtoll(num, &err, 10);
1792
1793 if (*err != '-' || offset < 0) {
1794 con->http_status = 501; /* not implemented */
1795
1796 return HANDLER_FINISHED;
1797 }
1798
1799 if (-1 == (fd = open(con->physical.path->ptr, O_WRONLY, WEBDAV_FILE_MODE))) {
1800 switch (errno) {
1801 case ENOENT:
1802 con->http_status = 404; /* not found */
1803 break;
1804 default:
1805 con->http_status = 403; /* not found */
1806 break;
1807 }
1808 return HANDLER_FINISHED;
1809 }
1810
1811 if (-1 == lseek(fd, offset, SEEK_SET)) {
1812 con->http_status = 501; /* not implemented */
1813
1814 close(fd);
1815
1816 return HANDLER_FINISHED;
1817 }
1818 con->http_status = 200; /* modified */
1819 } else {
1820 /* take what we have in the request-body and write it to a file */
1821
1822 /* if the file doesn't exist, create it */
1823 if (-1 == (fd = open(con->physical.path->ptr, O_WRONLY|O_TRUNC, WEBDAV_FILE_MODE))) {
1824 if (errno != ENOENT ||
1825 -1 == (fd = open(con->physical.path->ptr, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, WEBDAV_FILE_MODE))) {
1826 /* we can't open the file */
1827 con->http_status = 403;
1828
1829 return HANDLER_FINISHED;
1830 } else {
1831 con->http_status = 201; /* created */
1832 }
1833 } else {
1834 con->http_status = 200; /* modified */
1835 }
1836 }
1837
1838 con->file_finished = 1;
1839
1840 for (c = cq->first; c; c = cq->first) {
1841 int r = 0;
1842 int mapped;
1843 void *data;
1844 size_t dlen;
1845
1846 /* copy all chunks */
1847 switch(c->type) {
1848 case FILE_CHUNK:
1849
1850 mapped = (c->file.mmap.start != MAP_FAILED);
1851 dlen = c->file.length - c->offset;
1852 if (mapped) {
1853 data = c->file.mmap.start + c->offset;
1854 } else {
1855 if (-1 == c->file.fd && /* open the file if not already open */
1856 -1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
1857 log_error_write(srv, __FILE__, __LINE__, "ss", "open failed: ", strerror(errno));
1858 close(fd);
1859 return HANDLER_ERROR;
1860 }
1861
1862 if (MAP_FAILED != (c->file.mmap.start = mmap(NULL, c->file.length, PROT_READ, MAP_PRIVATE, c->file.fd, 0))) {
1863 /* chunk_reset() or chunk_free() will cleanup for us */
1864 c->file.mmap.length = c->file.length;
1865 data = c->file.mmap.start + c->offset;
1866 mapped = 1;
1867 } else {
1868 ssize_t rd;
1869 if (dlen > 65536) dlen = 65536;
1870 data = malloc(dlen);
1871 force_assert(data);
1872 if (-1 == lseek(c->file.fd, c->file.start + c->offset, SEEK_SET)
1873 || 0 > (rd = read(c->file.fd, data, dlen))) {
1874 log_error_write(srv, __FILE__, __LINE__, "ssbd", "lseek/read failed: ",
1875 strerror(errno), c->file.name, c->file.fd);
1876 free(data);
1877 close(fd);
1878 return HANDLER_ERROR;
1879 }
1880 dlen = (size_t)rd;
1881 }
1882
1883 }
1884
1885 if ((r = write(fd, data, dlen)) < 0) {
1886 switch(errno) {
1887 case ENOSPC:
1888 con->http_status = 507;
1889
1890 break;
1891 default:
1892 con->http_status = 403;
1893 break;
1894 }
1895 }
1896
1897 if (!mapped) free(data);
1898 break;
1899 case MEM_CHUNK:
1900 if ((r = write(fd, c->mem->ptr + c->offset, buffer_string_length(c->mem) - c->offset)) < 0) {
1901 switch(errno) {
1902 case ENOSPC:
1903 con->http_status = 507;
1904
1905 break;
1906 default:
1907 con->http_status = 403;
1908 break;
1909 }
1910 }
1911 break;
1912 }
1913
1914 if (r > 0) {
1915 chunkqueue_mark_written(cq, r);
1916 } else {
1917 break;
1918 }
1919 }
1920 if (0 != close(fd)) {
1921 log_error_write(srv, __FILE__, __LINE__, "sbss",
1922 "close ", con->physical.path, "failed: ", strerror(errno));
1923 return HANDLER_ERROR;
1924 }
1925
1926 return HANDLER_FINISHED;
1927 }
1928 case HTTP_METHOD_MOVE:
1929 case HTTP_METHOD_COPY: {
1930 buffer *destination = NULL;
1931 char *sep, *sep2, *start;
1932 int overwrite = 1;
1933
1934 if (p->conf.is_readonly) {
1935 con->http_status = 403;
1936 return HANDLER_FINISHED;
1937 }
1938
1939 /* is a exclusive lock set on the source */
1940 if (con->request.http_method == HTTP_METHOD_MOVE) {
1941 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
1942 con->http_status = 423;
1943 return HANDLER_FINISHED;
1944 }
1945 }
1946
1947 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Destination"))) {
1948 destination = ds->value;
1949 } else {
1950 con->http_status = 400;
1951 return HANDLER_FINISHED;
1952 }
1953
1954 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Overwrite"))) {
1955 if (buffer_string_length(ds->value) != 1 ||
1956 (ds->value->ptr[0] != 'F' &&
1957 ds->value->ptr[0] != 'T') ) {
1958 con->http_status = 400;
1959 return HANDLER_FINISHED;
1960 }
1961 overwrite = (ds->value->ptr[0] == 'F' ? 0 : 1);
1962 }
1963 /* let's parse the Destination
1964 *
1965 * http://127.0.0.1:1025/dav/litmus/copydest
1966 *
1967 * - host has to be the same as the Host: header we got
1968 * - we have to stay inside the document root
1969 * - the query string is thrown away
1970 * */
1971
1972 buffer_reset(p->uri.scheme);
1973 buffer_reset(p->uri.path_raw);
1974 buffer_reset(p->uri.authority);
1975
1976 start = destination->ptr;
1977
1978 if (NULL == (sep = strstr(start, "://"))) {
1979 con->http_status = 400;
1980 return HANDLER_FINISHED;
1981 }
1982 buffer_copy_string_len(p->uri.scheme, start, sep - start);
1983
1984 start = sep + 3;
1985
1986 if (NULL == (sep = strchr(start, '/'))) {
1987 con->http_status = 400;
1988 return HANDLER_FINISHED;
1989 }
1990 if (NULL != (sep2 = memchr(start, '@', sep - start))) {
1991 /* skip login information */
1992 start = sep2 + 1;
1993 }
1994 buffer_copy_string_len(p->uri.authority, start, sep - start);
1995
1996 start = sep + 1;
1997
1998 if (NULL == (sep = strchr(start, '?'))) {
1999 /* no query string, good */
2000 buffer_copy_string(p->uri.path_raw, start);
2001 } else {
2002 buffer_copy_string_len(p->uri.path_raw, start, sep - start);
2003 }
2004
2005 if (!buffer_is_equal(p->uri.authority, con->uri.authority)) {
2006 /* not the same host */
2007 con->http_status = 502;
2008 return HANDLER_FINISHED;
2009 }
2010
2011 buffer_copy_buffer(p->tmp_buf, p->uri.path_raw);
2012 buffer_urldecode_path(p->tmp_buf);
2013 buffer_path_simplify(p->uri.path, p->tmp_buf);
2014
2015 /* we now have a URI which is clean. transform it into a physical path */
2016 buffer_copy_buffer(p->physical.doc_root, con->physical.doc_root);
2017 buffer_copy_buffer(p->physical.rel_path, p->uri.path);
2018
2019 if (con->conf.force_lowercase_filenames) {
2020 buffer_to_lower(p->physical.rel_path);
2021 }
2022
2023 /* Destination physical path
2024 * src con->physical.path might have been remapped with mod_alias.
2025 * (but mod_alias does not modify con->physical.rel_path)
2026 * Find matching prefix to support use of mod_alias to remap webdav root.
2027 * Aliasing of paths underneath the webdav root might not work.
2028 * Likewise, mod_rewrite URL rewriting might thwart this comparison.
2029 * Use mod_redirect instead of mod_alias to remap paths *under* webdav root.
2030 * Use mod_redirect instead of mod_rewrite on *any* parts of path to webdav.
2031 * (Related, use mod_auth to protect webdav root, but avoid attempting to
2032 * use mod_auth on paths underneath webdav root, as Destination is not
2033 * validated with mod_auth)
2034 *
2035 * tl;dr: webdav paths and webdav properties are managed by mod_webdav,
2036 * so do not modify paths externally or else undefined behavior
2037 * or corruption may occur
2038 */
2039 {
2040 /* find matching URI prefix
2041 * check if remaining con->physical.rel_path matches suffix
2042 * of con->physical.basedir so that we can use it to
2043 * remap Destination physical path */
2044 size_t i, remain;
2045 sep = con->uri.path->ptr;
2046 sep2 = p->uri.path->ptr;
2047 for (i = 0; sep[i] && sep[i] == sep2[i]; ++i) ;
2048 if (sep[i] == '\0' && (sep2[i] == '\0' || sep2[i] == '/' || (i > 0 && sep[i-1] == '/'))) {
2049 /* src and dst URI match or dst is nested inside src; invalid COPY or MOVE */
2050 con->http_status = 403;
2051 return HANDLER_FINISHED;
2052 }
2053 while (i != 0 && sep[--i] != '/') ; /* find matching directory path */
2054 remain = buffer_string_length(con->uri.path) - i;
2055 if (!con->conf.force_lowercase_filenames
2056 ? buffer_is_equal_right_len(con->physical.path, con->physical.rel_path, remain)
2057 :(buffer_string_length(con->physical.path) >= remain
2058 && 0 == strncasecmp(con->physical.path->ptr+buffer_string_length(con->physical.path)-remain, con->physical.rel_path->ptr+i, remain))) {
2059 /* (at this point, p->physical.rel_path is identical to (or lowercased version of) p->uri.path) */
2060 buffer_copy_string_len(p->physical.path, con->physical.path->ptr, buffer_string_length(con->physical.path)-remain);
2061 buffer_append_string_len(p->physical.path, p->physical.rel_path->ptr+i, buffer_string_length(p->physical.rel_path)-i);
2062
2063 buffer_copy_buffer(p->physical.basedir, con->physical.basedir);
2064 buffer_append_slash(p->physical.basedir);
2065 } else {
2066 /* unable to perform physical path remap here;
2067 * assume doc_root/rel_path and no remapping */
2068 buffer_copy_buffer(p->physical.path, p->physical.doc_root);
2069 buffer_append_slash(p->physical.path);
2070 buffer_copy_buffer(p->physical.basedir, p->physical.path);
2071
2072 /* don't add a second / */
2073 if (p->physical.rel_path->ptr[0] == '/') {
2074 buffer_append_string_len(p->physical.path, p->physical.rel_path->ptr + 1, buffer_string_length(p->physical.rel_path) - 1);
2075 } else {
2076 buffer_append_string_buffer(p->physical.path, p->physical.rel_path);
2077 }
2078 }
2079 }
2080
2081 /* let's see if the source is a directory
2082 * if yes, we fail with 501 */
2083
2084 if (-1 == stat(con->physical.path->ptr, &st)) {
2085 /* don't about it yet, unlink will fail too */
2086 switch(errno) {
2087 case ENOENT:
2088 con->http_status = 404;
2089 break;
2090 default:
2091 con->http_status = 403;
2092 break;
2093 }
2094 } else if (S_ISDIR(st.st_mode)) {
2095 int r;
2096 int created = 0;
2097 /* src is a directory */
2098
2099 if (con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
2100 http_response_redirect_to_directory(srv, con);
2101 return HANDLER_FINISHED;
2102 }
2103
2104 if (-1 == stat(p->physical.path->ptr, &st)) {
2105 if (-1 == mkdir(p->physical.path->ptr, WEBDAV_DIR_MODE)) {
2106 con->http_status = 403;
2107 return HANDLER_FINISHED;
2108 }
2109 created = 1;
2110 } else if (!S_ISDIR(st.st_mode)) {
2111 if (overwrite == 0) {
2112 /* copying into a non-dir ? */
2113 con->http_status = 409;
2114 return HANDLER_FINISHED;
2115 } else {
2116 unlink(p->physical.path->ptr);
2117 if (-1 == mkdir(p->physical.path->ptr, WEBDAV_DIR_MODE)) {
2118 con->http_status = 403;
2119 return HANDLER_FINISHED;
2120 }
2121 created = 1;
2122 }
2123 }
2124
2125 /* copy the content of src to dest */
2126 if (0 != (r = webdav_copy_dir(srv, con, hctx, &(con->physical), &(p->physical), overwrite))) {
2127 con->http_status = r;
2128 return HANDLER_FINISHED;
2129 }
2130 if (con->request.http_method == HTTP_METHOD_MOVE) {
2131 b = buffer_init();
2132 webdav_delete_dir(srv, con, hctx, &(con->physical), b); /* content */
2133 buffer_free(b);
2134
2135 rmdir(con->physical.path->ptr);
2136 }
2137 con->http_status = created ? 201 : 204;
2138 con->file_finished = 1;
2139 } else {
2140 /* it is just a file, good */
2141 int r;
2142 int destdir = 0;
2143
2144 /* does the client have a lock for this connection ? */
2145 if (!webdav_has_lock(srv, con, hctx, p->uri.path)) {
2146 con->http_status = 423;
2147 return HANDLER_FINISHED;
2148 }
2149
2150 /* destination exists */
2151 if (0 == (r = stat(p->physical.path->ptr, &st))) {
2152 if (S_ISDIR(st.st_mode)) {
2153 /* file to dir/
2154 * append basename to physical path */
2155 destdir = 1;
2156
2157 if (NULL != (sep = strrchr(con->physical.path->ptr, '/'))) {
2158 buffer_append_string(p->physical.path, sep);
2159 r = stat(p->physical.path->ptr, &st);
2160 }
2161 }
2162 }
2163
2164 if (-1 == r) {
2165 con->http_status = destdir ? 204 : 201; /* we will create a new one */
2166 con->file_finished = 1;
2167
2168 switch(errno) {
2169 case ENOTDIR:
2170 con->http_status = 409;
2171 return HANDLER_FINISHED;
2172 }
2173 } else if (overwrite == 0) {
2174 /* destination exists, but overwrite is not set */
2175 con->http_status = 412;
2176 return HANDLER_FINISHED;
2177 } else {
2178 con->http_status = 204; /* resource already existed */
2179 }
2180
2181 if (con->request.http_method == HTTP_METHOD_MOVE) {
2182 /* try a rename */
2183
2184 if (0 == rename(con->physical.path->ptr, p->physical.path->ptr)) {
2185 #ifdef USE_PROPPATCH
2186 sqlite3_stmt *stmt;
2187
2188 stmt = p->conf.stmt_move_uri;
2189 if (stmt) {
2190
2191 sqlite3_reset(stmt);
2192
2193 /* bind the values to the insert */
2194 sqlite3_bind_text(stmt, 1,
2195 CONST_BUF_LEN(p->uri.path),
2196 SQLITE_TRANSIENT);
2197
2198 sqlite3_bind_text(stmt, 2,
2199 CONST_BUF_LEN(con->uri.path),
2200 SQLITE_TRANSIENT);
2201
2202 if (SQLITE_DONE != sqlite3_step(stmt)) {
2203 log_error_write(srv, __FILE__, __LINE__, "ss", "sql-move failed:", sqlite3_errmsg(p->conf.sql));
2204 }
2205 }
2206 #endif
2207 return HANDLER_FINISHED;
2208 }
2209
2210 /* rename failed, fall back to COPY + DELETE */
2211 }
2212
2213 if (0 != (r = webdav_copy_file(srv, con, hctx, &(con->physical), &(p->physical), overwrite))) {
2214 con->http_status = r;
2215
2216 return HANDLER_FINISHED;
2217 }
2218
2219 if (con->request.http_method == HTTP_METHOD_MOVE) {
2220 b = buffer_init();
2221 webdav_delete_file(srv, con, hctx, &(con->physical), b);
2222 buffer_free(b);
2223 }
2224 }
2225
2226 return HANDLER_FINISHED;
2227 }
2228 case HTTP_METHOD_PROPPATCH:
2229 if (p->conf.is_readonly) {
2230 con->http_status = 403;
2231 return HANDLER_FINISHED;
2232 }
2233
2234 if (!webdav_has_lock(srv, con, hctx, con->uri.path)) {
2235 con->http_status = 423;
2236 return HANDLER_FINISHED;
2237 }
2238
2239 /* check if destination exists */
2240 if (-1 == stat(con->physical.path->ptr, &st)) {
2241 switch(errno) {
2242 case ENOENT:
2243 con->http_status = 404;
2244 break;
2245 }
2246 }
2247
2248 if (S_ISDIR(st.st_mode) && con->physical.path->ptr[buffer_string_length(con->physical.path)-1] != '/') {
2249 http_response_redirect_to_directory(srv, con);
2250 return HANDLER_FINISHED;
2251 }
2252
2253 #ifdef USE_PROPPATCH
2254 if (con->request.content_length) {
2255 xmlDocPtr xml;
2256
2257 if (con->state == CON_STATE_READ_POST) {
2258 handler_t r = connection_handle_read_post_state(srv, con);
2259 if (r != HANDLER_GO_ON) return r;
2260 }
2261
2262 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
2263 xmlNode *rootnode = xmlDocGetRootElement(xml);
2264
2265 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "propertyupdate")) {
2266 xmlNode *cmd;
2267 char *err = NULL;
2268 int empty_ns = 0; /* send 400 on a empty namespace attribute */
2269
2270 /* start response */
2271
2272 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "BEGIN TRANSACTION", NULL, NULL, &err)) {
2273 log_error_write(srv, __FILE__, __LINE__, "ss", "can't open transaction:", err);
2274 sqlite3_free(err);
2275
2276 goto propmatch_cleanup;
2277 }
2278
2279 /* a UPDATE request, we know 'set' and 'remove' */
2280 for (cmd = rootnode->children; cmd; cmd = cmd->next) {
2281 xmlNode *props;
2282 /* either set or remove */
2283
2284 if ((0 == xmlStrcmp(cmd->name, BAD_CAST "set")) ||
2285 (0 == xmlStrcmp(cmd->name, BAD_CAST "remove"))) {
2286
2287 sqlite3_stmt *stmt;
2288
2289 stmt = (0 == xmlStrcmp(cmd->name, BAD_CAST "remove")) ?
2290 p->conf.stmt_delete_prop : p->conf.stmt_update_prop;
2291
2292 for (props = cmd->children; props; props = props->next) {
2293 if (0 == xmlStrcmp(props->name, BAD_CAST "prop")) {
2294 xmlNode *prop;
2295 char *propval = NULL;
2296 int r;
2297
2298 prop = props->children;
2299
2300 if (prop->ns &&
2301 (0 == xmlStrcmp(prop->ns->href, BAD_CAST "")) &&
2302 (0 != xmlStrcmp(prop->ns->prefix, BAD_CAST ""))) {
2303 log_error_write(srv, __FILE__, __LINE__, "ss",
2304 "no name space for:",
2305 prop->name);
2306
2307 empty_ns = 1;
2308 break;
2309 }
2310
2311 sqlite3_reset(stmt);
2312
2313 /* bind the values to the insert */
2314
2315 sqlite3_bind_text(stmt, 1,
2316 CONST_BUF_LEN(con->uri.path),
2317 SQLITE_TRANSIENT);
2318 sqlite3_bind_text(stmt, 2,
2319 (char *)prop->name,
2320 strlen((char *)prop->name),
2321 SQLITE_TRANSIENT);
2322 if (prop->ns) {
2323 sqlite3_bind_text(stmt, 3,
2324 (char *)prop->ns->href,
2325 strlen((char *)prop->ns->href),
2326 SQLITE_TRANSIENT);
2327 } else {
2328 sqlite3_bind_text(stmt, 3,
2329 "",
2330 0,
2331 SQLITE_TRANSIENT);
2332 }
2333 if (stmt == p->conf.stmt_update_prop) {
2334 propval = prop->children
2335 ? (char *)xmlNodeListGetString(xml, prop->children, 0)
2336 : NULL;
2337
2338 sqlite3_bind_text(stmt, 4,
2339 propval ? propval : "",
2340 propval ? strlen(propval) : 0,
2341 SQLITE_TRANSIENT);
2342 }
2343
2344 if (SQLITE_DONE != (r = sqlite3_step(stmt))) {
2345 log_error_write(srv, __FILE__, __LINE__, "ss",
2346 "sql-set failed:", sqlite3_errmsg(p->conf.sql));
2347 }
2348
2349 if (propval) xmlFree(propval);
2350 }
2351 }
2352 if (empty_ns) break;
2353 }
2354 }
2355
2356 if (empty_ns) {
2357 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "ROLLBACK", NULL, NULL, &err)) {
2358 log_error_write(srv, __FILE__, __LINE__, "ss", "can't rollback transaction:", err);
2359 sqlite3_free(err);
2360
2361 goto propmatch_cleanup;
2362 }
2363
2364 con->http_status = 400;
2365 } else {
2366 if (SQLITE_OK != sqlite3_exec(p->conf.sql, "COMMIT", NULL, NULL, &err)) {
2367 log_error_write(srv, __FILE__, __LINE__, "ss", "can't commit transaction:", err);
2368 sqlite3_free(err);
2369
2370 goto propmatch_cleanup;
2371 }
2372 con->http_status = 200;
2373 }
2374 con->file_finished = 1;
2375
2376 xmlFreeDoc(xml);
2377 return HANDLER_FINISHED;
2378 }
2379
2380 propmatch_cleanup:
2381
2382 xmlFreeDoc(xml);
2383 } else {
2384 con->http_status = 400;
2385 return HANDLER_FINISHED;
2386 }
2387 }
2388 #endif
2389 con->http_status = 501;
2390 return HANDLER_FINISHED;
2391 case HTTP_METHOD_LOCK:
2392 /**
2393 * a mac wants to write
2394 *
2395 * LOCK /dav/expire.txt HTTP/1.1\r\n
2396 * User-Agent: WebDAVFS/1.3 (01308000) Darwin/8.1.0 (Power Macintosh)\r\n
2397 * Accept: * / *\r\n
2398 * Depth: 0\r\n
2399 * Timeout: Second-600\r\n
2400 * Content-Type: text/xml; charset=\"utf-8\"\r\n
2401 * Content-Length: 229\r\n
2402 * Connection: keep-alive\r\n
2403 * Host: 192.168.178.23:1025\r\n
2404 * \r\n
2405 * <?xml version=\"1.0\" encoding=\"utf-8\"?>\n
2406 * <D:lockinfo xmlns:D=\"DAV:\">\n
2407 * <D:lockscope><D:exclusive/></D:lockscope>\n
2408 * <D:locktype><D:write/></D:locktype>\n
2409 * <D:owner>\n
2410 * <D:href>http://www.apple.com/webdav_fs/</D:href>\n
2411 * </D:owner>\n
2412 * </D:lockinfo>\n
2413 */
2414
2415 if (depth != 0 && depth != -1) {
2416 con->http_status = 400;
2417
2418 return HANDLER_FINISHED;
2419 }
2420
2421 #ifdef USE_LOCKS
2422 if (con->request.content_length) {
2423 xmlDocPtr xml;
2424 buffer *hdr_if = NULL;
2425 int created = 0;
2426
2427 if (con->state == CON_STATE_READ_POST) {
2428 handler_t r = connection_handle_read_post_state(srv, con);
2429 if (r != HANDLER_GO_ON) return r;
2430 }
2431
2432 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
2433 hdr_if = ds->value;
2434 }
2435
2436 if (0 != stat(con->physical.path->ptr, &st)) {
2437 if (errno == ENOENT) {
2438 int fd = open(con->physical.path->ptr, O_WRONLY|O_CREAT|O_APPEND|O_BINARY|FIFO_NONBLOCK, WEBDAV_FILE_MODE);
2439 if (fd >= 0) {
2440 close(fd);
2441 created = 1;
2442 } else {
2443 log_error_write(srv, __FILE__, __LINE__, "sBss",
2444 "create file", con->physical.path, ":", strerror(errno));
2445 con->http_status = 403; /* Forbidden */
2446
2447 return HANDLER_FINISHED;
2448 }
2449 }
2450 } else if (hdr_if == NULL && depth == -1) {
2451 /* we don't support Depth: Infinity on directories */
2452 if (S_ISDIR(st.st_mode)) {
2453 con->http_status = 409; /* Conflict */
2454
2455 return HANDLER_FINISHED;
2456 }
2457 }
2458
2459 if (1 == webdav_parse_chunkqueue(srv, con, hctx, con->request_content_queue, &xml)) {
2460 xmlNode *rootnode = xmlDocGetRootElement(xml);
2461
2462 force_assert(rootnode);
2463
2464 if (0 == xmlStrcmp(rootnode->name, BAD_CAST "lockinfo")) {
2465 xmlNode *lockinfo;
2466 const xmlChar *lockscope = NULL, *locktype = NULL; /* TODO: compiler says unused: *owner = NULL; */
2467
2468 for (lockinfo = rootnode->children; lockinfo; lockinfo = lockinfo->next) {
2469 if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "lockscope")) {
2470 xmlNode *value;
2471 for (value = lockinfo->children; value; value = value->next) {
2472 if ((0 == xmlStrcmp(value->name, BAD_CAST "exclusive")) ||
2473 (0 == xmlStrcmp(value->name, BAD_CAST "shared"))) {
2474 lockscope = value->name;
2475 } else {
2476 con->http_status = 400;
2477
2478 xmlFreeDoc(xml);
2479 return HANDLER_FINISHED;
2480 }
2481 }
2482 } else if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "locktype")) {
2483 xmlNode *value;
2484 for (value = lockinfo->children; value; value = value->next) {
2485 if ((0 == xmlStrcmp(value->name, BAD_CAST "write"))) {
2486 locktype = value->name;
2487 } else {
2488 con->http_status = 400;
2489
2490 xmlFreeDoc(xml);
2491 return HANDLER_FINISHED;
2492 }
2493 }
2494
2495 } else if (0 == xmlStrcmp(lockinfo->name, BAD_CAST "owner")) {
2496 }
2497 }
2498
2499 if (lockscope && locktype) {
2500 sqlite3_stmt *stmt = p->conf.stmt_read_lock_by_uri;
2501
2502 /* is this resourse already locked ? */
2503
2504 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
2505 * FROM locks
2506 * WHERE resource = ? */
2507
2508 if (stmt) {
2509
2510 sqlite3_reset(stmt);
2511
2512 sqlite3_bind_text(stmt, 1,
2513 CONST_BUF_LEN(p->uri.path),
2514 SQLITE_TRANSIENT);
2515
2516 /* it is the PK */
2517 while (SQLITE_ROW == sqlite3_step(stmt)) {
2518 /* we found a lock
2519 * 1. is it compatible ?
2520 * 2. is it ours */
2521 char *sql_lockscope = (char *)sqlite3_column_text(stmt, 2);
2522
2523 if (strcmp(sql_lockscope, "exclusive")) {
2524 con->http_status = 423;
2525 } else if (0 == xmlStrcmp(lockscope, BAD_CAST "exclusive")) {
2526 /* resourse is locked with a shared lock
2527 * client wants exclusive */
2528 con->http_status = 423;
2529 }
2530 }
2531 if (con->http_status == 423) {
2532 xmlFreeDoc(xml);
2533 return HANDLER_FINISHED;
2534 }
2535 }
2536
2537 stmt = p->conf.stmt_create_lock;
2538 if (stmt) {
2539 /* create a lock-token */
2540 uuid_t id;
2541 char uuid[37] /* 36 + \0 */;
2542
2543 uuid_generate(id);
2544 uuid_unparse(id, uuid);
2545
2546 buffer_copy_string_len(p->tmp_buf, CONST_STR_LEN("opaquelocktoken:"));
2547 buffer_append_string(p->tmp_buf, uuid);
2548
2549 /* "CREATE TABLE locks ("
2550 * " locktoken TEXT NOT NULL,"
2551 * " resource TEXT NOT NULL,"
2552 * " lockscope TEXT NOT NULL,"
2553 * " locktype TEXT NOT NULL,"
2554 * " owner TEXT NOT NULL,"
2555 * " depth INT NOT NULL,"
2556 */
2557
2558 sqlite3_reset(stmt);
2559
2560 sqlite3_bind_text(stmt, 1,
2561 CONST_BUF_LEN(p->tmp_buf),
2562 SQLITE_TRANSIENT);
2563
2564 sqlite3_bind_text(stmt, 2,
2565 CONST_BUF_LEN(con->uri.path),
2566 SQLITE_TRANSIENT);
2567
2568 sqlite3_bind_text(stmt, 3,
2569 (const char *)lockscope,
2570 xmlStrlen(lockscope),
2571 SQLITE_TRANSIENT);
2572
2573 sqlite3_bind_text(stmt, 4,
2574 (const char *)locktype,
2575 xmlStrlen(locktype),
2576 SQLITE_TRANSIENT);
2577
2578 /* owner */
2579 sqlite3_bind_text(stmt, 5,
2580 "",
2581 0,
2582 SQLITE_TRANSIENT);
2583
2584 /* depth */
2585 sqlite3_bind_int(stmt, 6,
2586 depth);
2587
2588
2589 if (SQLITE_DONE != sqlite3_step(stmt)) {
2590 log_error_write(srv, __FILE__, __LINE__, "ss",
2591 "create lock:", sqlite3_errmsg(p->conf.sql));
2592 }
2593
2594 /* looks like we survived */
2595 webdav_lockdiscovery(srv, con, p->tmp_buf, (const char *)lockscope, (const char *)locktype, depth);
2596
2597 con->http_status = created ? 201 : 200;
2598 con->file_finished = 1;
2599 }
2600 }
2601 }
2602
2603 xmlFreeDoc(xml);
2604 return HANDLER_FINISHED;
2605 } else {
2606 con->http_status = 400;
2607 return HANDLER_FINISHED;
2608 }
2609 } else {
2610
2611 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "If"))) {
2612 buffer *locktoken = ds->value;
2613 sqlite3_stmt *stmt = p->conf.stmt_refresh_lock;
2614
2615 /* remove the < > around the token */
2616 if (buffer_string_length(locktoken) < 5) {
2617 con->http_status = 400;
2618
2619 return HANDLER_FINISHED;
2620 }
2621
2622 buffer_copy_string_len(p->tmp_buf, locktoken->ptr + 2, buffer_string_length(locktoken) - 4);
2623
2624 sqlite3_reset(stmt);
2625
2626 sqlite3_bind_text(stmt, 1,
2627 CONST_BUF_LEN(p->tmp_buf),
2628 SQLITE_TRANSIENT);
2629
2630 if (SQLITE_DONE != sqlite3_step(stmt)) {
2631 log_error_write(srv, __FILE__, __LINE__, "ss",
2632 "refresh lock:", sqlite3_errmsg(p->conf.sql));
2633 }
2634
2635 webdav_lockdiscovery(srv, con, p->tmp_buf, "exclusive", "write", 0);
2636
2637 con->http_status = 200;
2638 con->file_finished = 1;
2639 return HANDLER_FINISHED;
2640 } else {
2641 /* we need a lock-token to refresh */
2642 con->http_status = 400;
2643
2644 return HANDLER_FINISHED;
2645 }
2646 }
2647 break;
2648 #else
2649 con->http_status = 501;
2650 return HANDLER_FINISHED;
2651 #endif
2652 case HTTP_METHOD_UNLOCK:
2653 #ifdef USE_LOCKS
2654 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Lock-Token"))) {
2655 buffer *locktoken = ds->value;
2656 sqlite3_stmt *stmt = p->conf.stmt_remove_lock;
2657
2658 /* remove the < > around the token */
2659 if (buffer_string_length(locktoken) < 3) {
2660 con->http_status = 400;
2661
2662 return HANDLER_FINISHED;
2663 }
2664
2665 /**
2666 * FIXME:
2667 *
2668 * if the resourse is locked:
2669 * - by us: unlock
2670 * - by someone else: 401
2671 * if the resource is not locked:
2672 * - 412
2673 * */
2674
2675 buffer_copy_string_len(p->tmp_buf, locktoken->ptr + 1, buffer_string_length(locktoken) - 2);
2676
2677 sqlite3_reset(stmt);
2678
2679 sqlite3_bind_text(stmt, 1,
2680 CONST_BUF_LEN(p->tmp_buf),
2681 SQLITE_TRANSIENT);
2682
2683 if (SQLITE_DONE != sqlite3_step(stmt)) {
2684 log_error_write(srv, __FILE__, __LINE__, "ss",
2685 "remove lock:", sqlite3_errmsg(p->conf.sql));
2686 }
2687
2688 if (0 == sqlite3_changes(p->conf.sql)) {
2689 con->http_status = 401;
2690 } else {
2691 con->http_status = 204;
2692 }
2693 return HANDLER_FINISHED;
2694 } else {
2695 /* we need a lock-token to unlock */
2696 con->http_status = 400;
2697
2698 return HANDLER_FINISHED;
2699 }
2700 break;
2701 #else
2702 con->http_status = 501;
2703 return HANDLER_FINISHED;
2704 #endif
2705 default:
2706 break;
2707 }
2708
2709 /* not found */
2710 return HANDLER_GO_ON;
2711 }
2712
2713
2714 SUBREQUEST_FUNC(mod_webdav_subrequest_handler) {
2715 handler_t r;
2716 plugin_data *p = p_d;
2717 if (con->mode != p->id) return HANDLER_GO_ON;
2718
2719 r = mod_webdav_subrequest_handler_huge(srv, con, p_d);
2720 if (con->http_status >= 400) con->mode = DIRECT;
2721 return r;
2722 }
2723
2724
2725 PHYSICALPATH_FUNC(mod_webdav_physical_handler) {
2726 plugin_data *p = p_d;
2727 if (!p->conf.enabled) return HANDLER_GO_ON;
2728
2729 /* physical path is setup */
2730 if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
2731
2732 UNUSED(srv);
2733
2734 switch (con->request.http_method) {
2735 case HTTP_METHOD_PROPFIND:
2736 case HTTP_METHOD_PROPPATCH:
2737 case HTTP_METHOD_PUT:
2738 case HTTP_METHOD_COPY:
2739 case HTTP_METHOD_MOVE:
2740 case HTTP_METHOD_MKCOL:
2741 case HTTP_METHOD_DELETE:
2742 case HTTP_METHOD_LOCK:
2743 case HTTP_METHOD_UNLOCK: {
2744 handler_ctx *hctx = calloc(1, sizeof(*hctx));
2745 memcpy(&hctx->conf, &p->conf, sizeof(plugin_config));
2746 con->plugin_ctx[p->id] = hctx;
2747 con->conf.stream_request_body = 0;
2748 con->mode = p->id;
2749 break;
2750 }
2751 default:
2752 break;
2753 }
2754
2755 return HANDLER_GO_ON;
2756 }
2757
2758 static handler_t mod_webdav_connection_reset(server *srv, connection *con, void *p_d) {
2759 plugin_data *p = p_d;
2760 handler_ctx *hctx = con->plugin_ctx[p->id];
2761 if (hctx) free(hctx);
2762
2763 UNUSED(srv);
2764 return HANDLER_GO_ON;
2765 }
2766
2767
2768 /* this function is called at dlopen() time and inits the callbacks */
2769
2770 int mod_webdav_plugin_init(plugin *p);
2771 int mod_webdav_plugin_init(plugin *p) {
2772 p->version = LIGHTTPD_VERSION_ID;
2773 p->name = buffer_init_string("webdav");
2774
2775 p->init = mod_webdav_init;
2776 p->handle_uri_clean = mod_webdav_uri_handler;
2777 p->handle_physical = mod_webdav_physical_handler;
2778 p->handle_subrequest = mod_webdav_subrequest_handler;
2779 p->connection_reset = mod_webdav_connection_reset;
2780 p->set_defaults = mod_webdav_set_defaults;
2781 p->cleanup = mod_webdav_free;
2782
2783 p->data = NULL;
2784
2785 return 0;
2786 }
A fast webserver with minimal memory-footprint (lighttpd)