7 #include "http_header.h"
9 #include "connections.h"
13 #include "stat_cache.h"
17 #include <sys/types.h>
28 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H)
30 #include <libxml/tree.h>
31 #include <libxml/parser.h>
36 #if defined(HAVE_LIBXML_H) && defined(HAVE_SQLITE3_H) \
37 && defined(HAVE_UUID) && defined(HAVE_UUID_UUID_H)
39 #include <uuid/uuid.h>
43 * this is a webdav for a lighttpd plugin
45 * at least a very basic one.
46 * - for now it is read-only and we only support PROPFIND
50 #define WEBDAV_FILE_MODE S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH
51 #define WEBDAV_DIR_MODE S_IRWXU | S_IRWXG | S_IRWXO
53 /* plugin config for all request/connections */
56 unsigned short enabled
;
57 unsigned short is_readonly
;
58 unsigned short log_xml
;
60 buffer
*sqlite_db_name
;
63 sqlite3_stmt
*stmt_update_prop
;
64 sqlite3_stmt
*stmt_delete_prop
;
65 sqlite3_stmt
*stmt_select_prop
;
66 sqlite3_stmt
*stmt_select_propnames
;
68 sqlite3_stmt
*stmt_delete_uri
;
69 sqlite3_stmt
*stmt_move_uri
;
70 sqlite3_stmt
*stmt_copy_uri
;
72 sqlite3_stmt
*stmt_remove_lock
;
73 sqlite3_stmt
*stmt_create_lock
;
74 sqlite3_stmt
*stmt_read_lock
;
75 sqlite3_stmt
*stmt_read_lock_by_uri
;
76 sqlite3_stmt
*stmt_refresh_lock
;
87 plugin_config
**config_storage
;
96 /* init the plugin data */
97 INIT_FUNC(mod_webdav_init
) {
100 p
= calloc(1, sizeof(*p
));
102 p
->tmp_buf
= buffer_init();
104 p
->uri
.scheme
= buffer_init();
105 p
->uri
.path
= buffer_init();
106 p
->uri
.authority
= buffer_init();
108 p
->physical
.path
= buffer_init();
109 p
->physical
.rel_path
= buffer_init();
110 p
->physical
.doc_root
= buffer_init();
111 p
->physical
.basedir
= buffer_init();
116 /* detroy the plugin data */
117 FREE_FUNC(mod_webdav_free
) {
118 plugin_data
*p
= p_d
;
122 if (!p
) return HANDLER_GO_ON
;
124 if (p
->config_storage
) {
126 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
127 plugin_config
*s
= p
->config_storage
[i
];
129 if (NULL
== s
) continue;
131 buffer_free(s
->sqlite_db_name
);
134 sqlite3_finalize(s
->stmt_delete_prop
);
135 sqlite3_finalize(s
->stmt_delete_uri
);
136 sqlite3_finalize(s
->stmt_copy_uri
);
137 sqlite3_finalize(s
->stmt_move_uri
);
138 sqlite3_finalize(s
->stmt_update_prop
);
139 sqlite3_finalize(s
->stmt_select_prop
);
140 sqlite3_finalize(s
->stmt_select_propnames
);
142 sqlite3_finalize(s
->stmt_read_lock
);
143 sqlite3_finalize(s
->stmt_read_lock_by_uri
);
144 sqlite3_finalize(s
->stmt_create_lock
);
145 sqlite3_finalize(s
->stmt_remove_lock
);
146 sqlite3_finalize(s
->stmt_refresh_lock
);
147 sqlite3_close(s
->sql
);
152 free(p
->config_storage
);
155 buffer_free(p
->uri
.scheme
);
156 buffer_free(p
->uri
.path
);
157 buffer_free(p
->uri
.authority
);
159 buffer_free(p
->physical
.path
);
160 buffer_free(p
->physical
.rel_path
);
161 buffer_free(p
->physical
.doc_root
);
162 buffer_free(p
->physical
.basedir
);
164 buffer_free(p
->tmp_buf
);
168 return HANDLER_GO_ON
;
171 /* handle plugin config and check values */
173 SETDEFAULTS_FUNC(mod_webdav_set_defaults
) {
174 plugin_data
*p
= p_d
;
177 config_values_t cv
[] = {
178 { "webdav.activate", NULL
, T_CONFIG_BOOLEAN
, T_CONFIG_SCOPE_CONNECTION
}, /* 0 */
179 { "webdav.is-readonly", NULL
, T_CONFIG_BOOLEAN
, T_CONFIG_SCOPE_CONNECTION
}, /* 1 */
180 { "webdav.sqlite-db-name", NULL
, T_CONFIG_STRING
, T_CONFIG_SCOPE_CONNECTION
}, /* 2 */
181 { "webdav.log-xml", NULL
, T_CONFIG_BOOLEAN
, T_CONFIG_SCOPE_CONNECTION
}, /* 3 */
182 { NULL
, NULL
, T_CONFIG_UNSET
, T_CONFIG_SCOPE_UNSET
}
185 if (!p
) return HANDLER_ERROR
;
187 p
->config_storage
= calloc(1, srv
->config_context
->used
* sizeof(plugin_config
*));
189 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
190 data_config
const* config
= (data_config
const*)srv
->config_context
->data
[i
];
193 s
= calloc(1, sizeof(plugin_config
));
194 s
->sqlite_db_name
= buffer_init();
196 cv
[0].destination
= &(s
->enabled
);
197 cv
[1].destination
= &(s
->is_readonly
);
198 cv
[2].destination
= s
->sqlite_db_name
;
199 cv
[3].destination
= &(s
->log_xml
);
201 p
->config_storage
[i
] = s
;
203 if (0 != config_insert_values_global(srv
, config
->value
, cv
, i
== 0 ? T_CONFIG_SCOPE_SERVER
: T_CONFIG_SCOPE_CONNECTION
)) {
204 return HANDLER_ERROR
;
207 if (!buffer_string_is_empty(s
->sqlite_db_name
)) {
209 const char *next_stmt
;
212 if (SQLITE_OK
!= sqlite3_open(s
->sqlite_db_name
->ptr
, &(s
->sql
))) {
213 log_error_write(srv
, __FILE__
, __LINE__
, "sbs", "sqlite3_open failed for",
215 sqlite3_errmsg(s
->sql
));
216 return HANDLER_ERROR
;
219 if (SQLITE_OK
!= sqlite3_exec(s
->sql
,
220 "CREATE TABLE IF NOT EXISTS properties ("
221 " resource TEXT NOT NULL,"
222 " prop TEXT NOT NULL,"
224 " value TEXT NOT NULL,"
225 " PRIMARY KEY(resource, prop, ns))",
228 if (0 != strcmp(err
, "table properties already exists")) {
229 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't open transaction:", err
);
232 return HANDLER_ERROR
;
237 if (SQLITE_OK
!= sqlite3_exec(s
->sql
,
238 "CREATE TABLE IF NOT EXISTS locks ("
239 " locktoken TEXT NOT NULL,"
240 " resource TEXT NOT NULL,"
241 " lockscope TEXT NOT NULL,"
242 " locktype TEXT NOT NULL,"
243 " owner TEXT NOT NULL,"
244 " depth INT NOT NULL,"
245 " timeout TIMESTAMP NOT NULL,"
246 " PRIMARY KEY(locktoken))",
249 if (0 != strcmp(err
, "table locks already exists")) {
250 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't open transaction:", err
);
253 return HANDLER_ERROR
;
258 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
259 CONST_STR_LEN("SELECT value FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
260 &(s
->stmt_select_prop
), &next_stmt
)) {
263 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s
->sql
));
264 return HANDLER_ERROR
;
267 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
268 CONST_STR_LEN("SELECT ns, prop FROM properties WHERE resource = ?"),
269 &(s
->stmt_select_propnames
), &next_stmt
)) {
272 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s
->sql
));
273 return HANDLER_ERROR
;
277 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
278 CONST_STR_LEN("REPLACE INTO properties (resource, prop, ns, value) VALUES (?, ?, ?, ?)"),
279 &(s
->stmt_update_prop
), &next_stmt
)) {
282 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed:", sqlite3_errmsg(s
->sql
));
283 return HANDLER_ERROR
;
286 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
287 CONST_STR_LEN("DELETE FROM properties WHERE resource = ? AND prop = ? AND ns = ?"),
288 &(s
->stmt_delete_prop
), &next_stmt
)) {
290 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
292 return HANDLER_ERROR
;
295 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
296 CONST_STR_LEN("DELETE FROM properties WHERE resource = ?"),
297 &(s
->stmt_delete_uri
), &next_stmt
)) {
299 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
301 return HANDLER_ERROR
;
304 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
305 CONST_STR_LEN("INSERT INTO properties SELECT ?, prop, ns, value FROM properties WHERE resource = ?"),
306 &(s
->stmt_copy_uri
), &next_stmt
)) {
308 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
310 return HANDLER_ERROR
;
313 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
314 CONST_STR_LEN("UPDATE OR REPLACE properties SET resource = ? WHERE resource = ?"),
315 &(s
->stmt_move_uri
), &next_stmt
)) {
317 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
319 return HANDLER_ERROR
;
324 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
325 CONST_STR_LEN("INSERT INTO locks (locktoken, resource, lockscope, locktype, owner, depth, timeout) VALUES (?,?,?,?,?,?, CURRENT_TIME + 600)"),
326 &(s
->stmt_create_lock
), &next_stmt
)) {
328 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
330 return HANDLER_ERROR
;
333 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
334 CONST_STR_LEN("DELETE FROM locks WHERE locktoken = ?"),
335 &(s
->stmt_remove_lock
), &next_stmt
)) {
337 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
339 return HANDLER_ERROR
;
342 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
343 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE locktoken = ?"),
344 &(s
->stmt_read_lock
), &next_stmt
)) {
346 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
348 return HANDLER_ERROR
;
351 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
352 CONST_STR_LEN("SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout-CURRENT_TIME FROM locks WHERE resource = ?"),
353 &(s
->stmt_read_lock_by_uri
), &next_stmt
)) {
355 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
357 return HANDLER_ERROR
;
360 if (SQLITE_OK
!= sqlite3_prepare(s
->sql
,
361 CONST_STR_LEN("UPDATE locks SET timeout = CURRENT_TIME + 600 WHERE locktoken = ?"),
362 &(s
->stmt_refresh_lock
), &next_stmt
)) {
364 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sqlite3_prepare failed", sqlite3_errmsg(s
->sql
));
366 return HANDLER_ERROR
;
371 log_error_write(srv
, __FILE__
, __LINE__
, "s", "Sorry, no sqlite3 and libxml2 support include, compile with --with-webdav-props");
372 return HANDLER_ERROR
;
377 return HANDLER_GO_ON
;
380 #define PATCH_OPTION(x) \
382 static int mod_webdav_patch_connection(server
*srv
, connection
*con
, plugin_data
*p
) {
384 plugin_config
*s
= p
->config_storage
[0];
386 PATCH_OPTION(enabled
);
387 PATCH_OPTION(is_readonly
);
388 PATCH_OPTION(log_xml
);
392 PATCH_OPTION(stmt_update_prop
);
393 PATCH_OPTION(stmt_delete_prop
);
394 PATCH_OPTION(stmt_select_prop
);
395 PATCH_OPTION(stmt_select_propnames
);
397 PATCH_OPTION(stmt_delete_uri
);
398 PATCH_OPTION(stmt_move_uri
);
399 PATCH_OPTION(stmt_copy_uri
);
401 PATCH_OPTION(stmt_remove_lock
);
402 PATCH_OPTION(stmt_refresh_lock
);
403 PATCH_OPTION(stmt_create_lock
);
404 PATCH_OPTION(stmt_read_lock
);
405 PATCH_OPTION(stmt_read_lock_by_uri
);
407 /* skip the first, the global context */
408 for (i
= 1; i
< srv
->config_context
->used
; i
++) {
409 data_config
*dc
= (data_config
*)srv
->config_context
->data
[i
];
410 s
= p
->config_storage
[i
];
412 /* condition didn't match */
413 if (!config_check_cond(srv
, con
, dc
)) continue;
416 for (j
= 0; j
< dc
->value
->used
; j
++) {
417 data_unset
*du
= dc
->value
->data
[j
];
419 if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("webdav.activate"))) {
420 PATCH_OPTION(enabled
);
421 } else if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("webdav.is-readonly"))) {
422 PATCH_OPTION(is_readonly
);
423 } else if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("webdav.log-xml"))) {
424 PATCH_OPTION(log_xml
);
425 } else if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("webdav.sqlite-db-name"))) {
428 PATCH_OPTION(stmt_update_prop
);
429 PATCH_OPTION(stmt_delete_prop
);
430 PATCH_OPTION(stmt_select_prop
);
431 PATCH_OPTION(stmt_select_propnames
);
433 PATCH_OPTION(stmt_delete_uri
);
434 PATCH_OPTION(stmt_move_uri
);
435 PATCH_OPTION(stmt_copy_uri
);
437 PATCH_OPTION(stmt_remove_lock
);
438 PATCH_OPTION(stmt_refresh_lock
);
439 PATCH_OPTION(stmt_create_lock
);
440 PATCH_OPTION(stmt_read_lock
);
441 PATCH_OPTION(stmt_read_lock_by_uri
);
450 URIHANDLER_FUNC(mod_webdav_uri_handler
) {
451 plugin_data
*p
= p_d
;
455 if (buffer_is_empty(con
->uri
.path
)) return HANDLER_GO_ON
;
457 mod_webdav_patch_connection(srv
, con
, p
);
459 if (!p
->conf
.enabled
) return HANDLER_GO_ON
;
461 switch (con
->request
.http_method
) {
462 case HTTP_METHOD_OPTIONS
:
463 /* we fake a little bit but it makes MS W2k happy and it let's us mount the volume */
464 http_header_response_set(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("DAV"), CONST_STR_LEN("1,2"));
465 http_header_response_set(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("MS-Author-Via"), CONST_STR_LEN("DAV"));
467 if (p
->conf
.is_readonly
) {
468 http_header_response_append(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND"));
470 http_header_response_append(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("Allow"), CONST_STR_LEN("PROPFIND, DELETE, MKCOL, PUT, MOVE, COPY, PROPPATCH, LOCK, UNLOCK"));
478 return HANDLER_GO_ON
;
480 static int webdav_gen_prop_tag(server
*srv
, connection
*con
,
490 buffer_append_string_len(b
,CONST_STR_LEN("<"));
491 buffer_append_string(b
, prop_name
);
492 buffer_append_string_len(b
, CONST_STR_LEN(" xmlns=\""));
493 buffer_append_string(b
, prop_ns
);
494 buffer_append_string_len(b
, CONST_STR_LEN("\">"));
496 buffer_append_string(b
, value
);
498 buffer_append_string_len(b
,CONST_STR_LEN("</"));
499 buffer_append_string(b
, prop_name
);
500 buffer_append_string_len(b
, CONST_STR_LEN(">"));
502 buffer_append_string_len(b
,CONST_STR_LEN("<"));
503 buffer_append_string(b
, prop_name
);
504 buffer_append_string_len(b
, CONST_STR_LEN(" xmlns=\""));
505 buffer_append_string(b
, prop_ns
);
506 buffer_append_string_len(b
, CONST_STR_LEN("\"/>"));
513 static int webdav_gen_response_status_tag(server
*srv
, connection
*con
, physical
*dst
, int status
, buffer
*b
) {
516 buffer_append_string_len(b
,CONST_STR_LEN("<D:response xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
518 buffer_append_string_len(b
,CONST_STR_LEN("<D:href>\n"));
519 buffer_append_string_buffer(b
, dst
->rel_path
);
520 buffer_append_string_len(b
,CONST_STR_LEN("</D:href>\n"));
521 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>\n"));
523 if (con
->request
.http_version
== HTTP_VERSION_1_1
) {
524 buffer_copy_string_len(b
, CONST_STR_LEN("HTTP/1.1 "));
526 buffer_copy_string_len(b
, CONST_STR_LEN("HTTP/1.0 "));
528 http_status_append(b
, status
);
530 buffer_append_string_len(b
,CONST_STR_LEN("</D:status>\n"));
531 buffer_append_string_len(b
,CONST_STR_LEN("</D:response>\n"));
536 static int webdav_delete_file(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, buffer
*b
) {
539 /* try to unlink it */
540 if (-1 == unlink(dst
->path
->ptr
)) {
551 webdav_gen_response_status_tag(srv
, con
, dst
, status
, b
);
554 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_delete_uri
;
558 webdav_gen_response_status_tag(srv
, con
, dst
, status
, b
);
562 /* bind the values to the insert */
564 sqlite3_bind_text(stmt
, 1,
565 CONST_BUF_LEN(dst
->rel_path
),
568 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
577 return (status
!= 0);
580 static int webdav_delete_dir(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, buffer
*b
) {
582 int have_multi_status
= 0;
585 d
.path
= buffer_init();
586 d
.rel_path
= buffer_init();
588 if (NULL
!= (dir
= opendir(dst
->path
->ptr
))) {
591 while(NULL
!= (de
= readdir(dir
))) {
595 if ((de
->d_name
[0] == '.' && de
->d_name
[1] == '\0') ||
596 (de
->d_name
[0] == '.' && de
->d_name
[1] == '.' && de
->d_name
[2] == '\0')) {
598 /* ignore the parent dir */
601 nlen
= strlen(de
->d_name
);
602 buffer_copy_buffer(d
.path
, dst
->path
);
603 buffer_append_path_len(d
.path
, de
->d_name
, nlen
);
605 buffer_copy_buffer(d
.rel_path
, dst
->rel_path
);
606 buffer_append_path_len(d
.rel_path
, de
->d_name
, nlen
);
608 /* stat and unlink afterwards */
609 if (-1 == stat(d
.path
->ptr
, &st
)) {
610 /* don't about it yet, rmdir will fail too */
611 } else if (S_ISDIR(st
.st_mode
)) {
612 have_multi_status
= webdav_delete_dir(srv
, con
, hctx
, &d
, b
);
614 /* try to unlink it */
615 if (-1 == rmdir(d
.path
->ptr
)) {
627 have_multi_status
= 1;
629 webdav_gen_response_status_tag(srv
, con
, &d
, status
, b
);
632 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_delete_uri
;
637 /* bind the values to the insert */
639 sqlite3_bind_text(stmt
, 1,
640 CONST_BUF_LEN(d
.rel_path
),
643 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
650 have_multi_status
= webdav_delete_file(srv
, con
, hctx
, &d
, b
);
656 buffer_free(d
.rel_path
);
659 return have_multi_status
;
662 /* don't want to block when open()ing a fifo */
663 #if defined(O_NONBLOCK)
664 # define FIFO_NONBLOCK O_NONBLOCK
666 # define FIFO_NONBLOCK 0
673 static int webdav_copy_file(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*src
, physical
*dst
, int overwrite
) {
675 ssize_t rd
, wr
, offset
;
676 int status
= 0, ifd
, ofd
;
680 if (-1 == (ifd
= open(src
->path
->ptr
, O_RDONLY
| O_BINARY
| FIFO_NONBLOCK
))) {
684 if (-1 == (ofd
= open(dst
->path
->ptr
, O_WRONLY
|O_TRUNC
|O_CREAT
|(overwrite
? 0 : O_EXCL
), WEBDAV_FILE_MODE
))) {
685 /* opening the destination failed for some reason */
694 /* at least one part in the middle wasn't existing */
705 data
= malloc(131072);
708 while (0 < (rd
= read(ifd
, data
, 131072))) {
711 wr
= write(ofd
, data
+offset
, (size_t)(rd
-offset
));
712 } while (wr
>= 0 ? (offset
+= wr
) != rd
: (errno
== EINTR
));
714 status
= (errno
== ENOSPC
) ? 507 : 403;
719 if (0 != rd
&& 0 == status
) status
= 403;
723 if (0 != close(ofd
)) {
724 if (0 == status
) status
= (errno
== ENOSPC
) ? 507 : 403;
725 log_error_write(srv
, __FILE__
, __LINE__
, "sbss",
726 "close ", dst
->path
, "failed: ", strerror(errno
));
731 /* copy worked fine, copy connected properties */
732 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_copy_uri
;
737 /* bind the values to the insert */
738 sqlite3_bind_text(stmt
, 1,
739 CONST_BUF_LEN(dst
->rel_path
),
742 sqlite3_bind_text(stmt
, 2,
743 CONST_BUF_LEN(src
->rel_path
),
746 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
757 static int webdav_copy_dir(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*src
, physical
*dst
, int overwrite
) {
761 if (NULL
!= (srcdir
= opendir(src
->path
->ptr
))) {
765 s
.path
= buffer_init();
766 s
.rel_path
= buffer_init();
768 d
.path
= buffer_init();
769 d
.rel_path
= buffer_init();
771 while (NULL
!= (de
= readdir(srcdir
))) {
775 if ((de
->d_name
[0] == '.' && de
->d_name
[1] == '\0')
776 || (de
->d_name
[0] == '.' && de
->d_name
[1] == '.' && de
->d_name
[2] == '\0')) {
780 nlen
= strlen(de
->d_name
);
781 buffer_copy_buffer(s
.path
, src
->path
);
782 buffer_append_path_len(s
.path
, de
->d_name
, nlen
);
784 buffer_copy_buffer(d
.path
, dst
->path
);
785 buffer_append_path_len(d
.path
, de
->d_name
, nlen
);
787 buffer_copy_buffer(s
.rel_path
, src
->rel_path
);
788 buffer_append_path_len(s
.rel_path
, de
->d_name
, nlen
);
790 buffer_copy_buffer(d
.rel_path
, dst
->rel_path
);
791 buffer_append_path_len(d
.rel_path
, de
->d_name
, nlen
);
793 if (-1 == stat(s
.path
->ptr
, &st
)) {
795 } else if (S_ISDIR(st
.st_mode
)) {
797 if (-1 == mkdir(d
.path
->ptr
, WEBDAV_DIR_MODE
) &&
802 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_copy_uri
;
804 if (0 != (status
= webdav_copy_dir(srv
, con
, hctx
, &s
, &d
, overwrite
))) {
807 /* directory is copied, copy the properties too */
812 /* bind the values to the insert */
813 sqlite3_bind_text(stmt
, 1,
814 CONST_BUF_LEN(dst
->rel_path
),
817 sqlite3_bind_text(stmt
, 2,
818 CONST_BUF_LEN(src
->rel_path
),
821 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
827 } else if (S_ISREG(st
.st_mode
)) {
829 if (0 != (status
= webdav_copy_file(srv
, con
, hctx
, &s
, &d
, overwrite
))) {
836 buffer_free(s
.rel_path
);
838 buffer_free(d
.rel_path
);
847 static void webdav_activelock(buffer
*b
,
848 const buffer
*locktoken
, const char *lockscope
, const char *locktype
, int depth
, int timeout
) {
849 buffer_append_string_len(b
, CONST_STR_LEN("<D:activelock>\n"));
851 buffer_append_string_len(b
, CONST_STR_LEN("<D:lockscope>"));
852 buffer_append_string_len(b
, CONST_STR_LEN("<D:"));
853 buffer_append_string(b
, lockscope
);
854 buffer_append_string_len(b
, CONST_STR_LEN("/>"));
855 buffer_append_string_len(b
, CONST_STR_LEN("</D:lockscope>\n"));
857 buffer_append_string_len(b
, CONST_STR_LEN("<D:locktype>"));
858 buffer_append_string_len(b
, CONST_STR_LEN("<D:"));
859 buffer_append_string(b
, locktype
);
860 buffer_append_string_len(b
, CONST_STR_LEN("/>"));
861 buffer_append_string_len(b
, CONST_STR_LEN("</D:locktype>\n"));
863 buffer_append_string_len(b
, CONST_STR_LEN("<D:depth>"));
864 buffer_append_string(b
, depth
== 0 ? "0" : "infinity");
865 buffer_append_string_len(b
, CONST_STR_LEN("</D:depth>\n"));
867 buffer_append_string_len(b
, CONST_STR_LEN("<D:timeout>"));
868 buffer_append_string_len(b
, CONST_STR_LEN("Second-"));
869 buffer_append_int(b
, timeout
);
870 buffer_append_string_len(b
, CONST_STR_LEN("</D:timeout>\n"));
872 buffer_append_string_len(b
, CONST_STR_LEN("<D:owner>"));
873 buffer_append_string_len(b
, CONST_STR_LEN("</D:owner>\n"));
875 buffer_append_string_len(b
, CONST_STR_LEN("<D:locktoken>"));
876 buffer_append_string_len(b
, CONST_STR_LEN("<D:href>"));
877 buffer_append_string_buffer(b
, locktoken
);
878 buffer_append_string_len(b
, CONST_STR_LEN("</D:href>"));
879 buffer_append_string_len(b
, CONST_STR_LEN("</D:locktoken>\n"));
881 buffer_append_string_len(b
, CONST_STR_LEN("</D:activelock>\n"));
884 static void webdav_get_live_property_lockdiscovery(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, buffer
*b
) {
886 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_read_lock_by_uri
;
887 if (!stmt
) { /*(should not happen)*/
888 buffer_append_string_len(b
, CONST_STR_LEN("<D:lockdiscovery>\n</D:lockdiscovery>\n"));
894 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
896 * WHERE resource = ? */
900 sqlite3_bind_text(stmt
, 1,
901 CONST_BUF_LEN(dst
->rel_path
),
904 buffer_append_string_len(b
, CONST_STR_LEN("<D:lockdiscovery>\n"));
905 while (SQLITE_ROW
== sqlite3_step(stmt
)) {
906 const char *lockscope
= (const char *)sqlite3_column_text(stmt
, 2);
907 const char *locktype
= (const char *)sqlite3_column_text(stmt
, 3);
908 const int depth
= sqlite3_column_int(stmt
, 5);
909 const int timeout
= sqlite3_column_int(stmt
, 6);
910 buffer locktoken
= { NULL
, 0, 0 };
911 locktoken
.ptr
= (char *)sqlite3_column_text(stmt
, 0);
912 locktoken
.used
= sqlite3_column_bytes(stmt
, 0);
913 if (locktoken
.used
) ++locktoken
.used
;
914 locktoken
.size
= locktoken
.used
;
917 webdav_activelock(b
, &locktoken
, lockscope
, locktype
, depth
, timeout
);
920 buffer_append_string_len(b
, CONST_STR_LEN("</D:lockdiscovery>\n"));
924 static int webdav_get_live_property(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, char *prop_name
, buffer
*b
) {
925 stat_cache_entry
*sce
= NULL
;
930 if (HANDLER_ERROR
!= (stat_cache_get_entry(srv
, con
, dst
->path
, &sce
))) {
931 char ctime_buf
[] = "2005-08-18T07:27:16Z";
932 char mtime_buf
[] = "Thu, 18 Aug 2005 07:27:16 GMT";
934 if (0 == strcmp(prop_name
, "resourcetype")) {
935 if (S_ISDIR(sce
->st
.st_mode
)) {
936 buffer_append_string_len(b
, CONST_STR_LEN("<D:resourcetype><D:collection/></D:resourcetype>"));
938 buffer_append_string_len(b
, CONST_STR_LEN("<D:resourcetype/>"));
941 } else if (0 == strcmp(prop_name
, "getcontenttype")) {
942 if (S_ISDIR(sce
->st
.st_mode
)) {
943 buffer_append_string_len(b
, CONST_STR_LEN("<D:getcontenttype>httpd/unix-directory</D:getcontenttype>"));
945 } else if(S_ISREG(sce
->st
.st_mode
)) {
946 const buffer
*type
= stat_cache_mimetype_by_ext(con
, CONST_BUF_LEN(dst
->path
));
948 buffer_append_string_len(b
, CONST_STR_LEN("<D:getcontenttype>"));
949 buffer_append_string_buffer(b
, type
);
950 buffer_append_string_len(b
, CONST_STR_LEN("</D:getcontenttype>"));
954 } else if (0 == strcmp(prop_name
, "creationdate")) {
955 buffer_append_string_len(b
, CONST_STR_LEN("<D:creationdate ns0:dt=\"dateTime.tz\">"));
956 strftime(ctime_buf
, sizeof(ctime_buf
), "%Y-%m-%dT%H:%M:%SZ", gmtime(&(sce
->st
.st_ctime
)));
957 buffer_append_string(b
, ctime_buf
);
958 buffer_append_string_len(b
, CONST_STR_LEN("</D:creationdate>"));
960 } else if (0 == strcmp(prop_name
, "getlastmodified")) {
961 buffer_append_string_len(b
,CONST_STR_LEN("<D:getlastmodified ns0:dt=\"dateTime.rfc1123\">"));
962 strftime(mtime_buf
, sizeof(mtime_buf
), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&(sce
->st
.st_mtime
)));
963 buffer_append_string(b
, mtime_buf
);
964 buffer_append_string_len(b
, CONST_STR_LEN("</D:getlastmodified>"));
966 } else if (0 == strcmp(prop_name
, "getcontentlength")) {
967 buffer_append_string_len(b
,CONST_STR_LEN("<D:getcontentlength>"));
968 buffer_append_int(b
, sce
->st
.st_size
);
969 buffer_append_string_len(b
, CONST_STR_LEN("</D:getcontentlength>"));
971 } else if (0 == strcmp(prop_name
, "getcontentlanguage")) {
972 buffer_append_string_len(b
,CONST_STR_LEN("<D:getcontentlanguage>"));
973 buffer_append_string_len(b
, CONST_STR_LEN("en"));
974 buffer_append_string_len(b
, CONST_STR_LEN("</D:getcontentlanguage>"));
976 } else if (0 == strcmp(prop_name
, "getetag")) {
977 etag_create(con
->physical
.etag
, &sce
->st
, con
->etag_flags
);
978 etag_mutate(con
->physical
.etag
, con
->physical
.etag
);
979 buffer_append_string_len(b
, CONST_STR_LEN("<D:getetag>"));
980 buffer_append_string_buffer(b
, con
->physical
.etag
);
981 buffer_append_string_len(b
, CONST_STR_LEN("</D:getetag>"));
982 buffer_clear(con
->physical
.etag
);
985 } else if (0 == strcmp(prop_name
, "lockdiscovery")) {
986 webdav_get_live_property_lockdiscovery(srv
, con
, hctx
, dst
, b
);
988 } else if (0 == strcmp(prop_name
, "supportedlock")) {
989 buffer_append_string_len(b
,CONST_STR_LEN("<D:supportedlock>"));
990 buffer_append_string_len(b
,CONST_STR_LEN("<D:lockentry>"));
991 buffer_append_string_len(b
,CONST_STR_LEN("<D:lockscope><D:exclusive/></D:lockscope>"));
992 buffer_append_string_len(b
,CONST_STR_LEN("<D:locktype><D:write/></D:locktype>"));
993 buffer_append_string_len(b
,CONST_STR_LEN("</D:lockentry>"));
994 buffer_append_string_len(b
, CONST_STR_LEN("</D:supportedlock>"));
1000 return found
? 0 : -1;
1003 static int webdav_get_property(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, char *prop_name
, char *prop_ns
, buffer
*b
) {
1004 if (0 == strcmp(prop_ns
, "DAV:")) {
1005 /* a local 'live' property */
1006 return webdav_get_live_property(srv
, con
, hctx
, dst
, prop_name
, b
);
1009 #ifdef USE_PROPPATCH
1010 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_select_prop
;
1013 /* perhaps it is in sqlite3 */
1014 sqlite3_reset(stmt
);
1016 /* bind the values to the insert */
1018 sqlite3_bind_text(stmt
, 1,
1019 CONST_BUF_LEN(dst
->rel_path
),
1021 sqlite3_bind_text(stmt
, 2,
1025 sqlite3_bind_text(stmt
, 3,
1031 while (SQLITE_ROW
== sqlite3_step(stmt
)) {
1032 /* there is a row for us, we only expect a single col 'value' */
1033 webdav_gen_prop_tag(srv
, con
, prop_name
, prop_ns
, (char *)sqlite3_column_text(stmt
, 0), b
);
1038 return found
? 0 : -1;
1050 static webdav_property live_properties
[] = {
1051 { "DAV:", "creationdate" },
1052 /*{ "DAV:", "displayname" },*//*(not implemented)*/
1053 { "DAV:", "getcontentlanguage" },
1054 { "DAV:", "getcontentlength" },
1055 { "DAV:", "getcontenttype" },
1056 { "DAV:", "getetag" },
1057 { "DAV:", "getlastmodified" },
1058 { "DAV:", "resourcetype" },
1059 /*{ "DAV:", "source" },*//*(not implemented)*/
1061 { "DAV:", "lockdiscovery" },
1062 { "DAV:", "supportedlock" },
1069 webdav_property
**ptr
;
1073 } webdav_properties
;
1075 static int webdav_get_props(server
*srv
, connection
*con
, handler_ctx
*hctx
, physical
*dst
, webdav_properties
*props
, buffer
*b_200
, buffer
*b_404
) {
1078 if (props
&& props
->used
) {
1079 for (i
= 0; i
< props
->used
; i
++) {
1080 webdav_property
*prop
;
1082 prop
= props
->ptr
[i
];
1084 if (0 != webdav_get_property(srv
, con
, hctx
,
1085 dst
, prop
->prop
, prop
->ns
, b_200
)) {
1086 webdav_gen_prop_tag(srv
, con
, prop
->prop
, prop
->ns
, NULL
, b_404
);
1090 for (i
= 0; live_properties
[i
].prop
; i
++) {
1091 /* a local 'live' property */
1092 webdav_get_live_property(srv
, con
, hctx
, dst
, live_properties
[i
].prop
, b_200
);
1099 #ifdef USE_PROPPATCH
1100 static int webdav_parse_chunkqueue(server
*srv
, connection
*con
, handler_ctx
*hctx
, chunkqueue
*cq
, xmlDoc
**ret_xml
) {
1101 xmlParserCtxtPtr ctxt
;
1110 /* read the chunks in to the XML document */
1111 ctxt
= xmlCreatePushParserCtxt(NULL
, NULL
, NULL
, 0, NULL
);
1113 for (c
= cq
->first
; cq
->bytes_out
!= cq
->bytes_in
; c
= cq
->first
) {
1114 size_t weWant
= cq
->bytes_out
- cq
->bytes_in
;
1121 weHave
= c
->file
.length
- c
->offset
;
1123 if (weHave
> weWant
) weHave
= weWant
;
1125 /* xml chunks are always memory, mmap() is our friend */
1126 mapped
= (c
->file
.mmap
.start
!= MAP_FAILED
);
1128 data
= c
->file
.mmap
.start
+ c
->offset
;
1130 if (-1 == c
->file
.fd
&& /* open the file if not already open */
1131 -1 == (c
->file
.fd
= fdevent_open_cloexec(c
->mem
->ptr
, con
->conf
.follow_symlink
, O_RDONLY
, 0))) {
1132 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "open failed: ", strerror(errno
));
1137 if (MAP_FAILED
!= (c
->file
.mmap
.start
= mmap(0, c
->file
.length
, PROT_READ
, MAP_PRIVATE
, c
->file
.fd
, 0))) {
1138 /* chunk_reset() or chunk_free() will cleanup for us */
1139 c
->file
.mmap
.length
= c
->file
.length
;
1140 data
= c
->file
.mmap
.start
+ c
->offset
;
1144 if (weHave
> 65536) weHave
= 65536;
1145 data
= malloc(weHave
);
1147 if (-1 == lseek(c
->file
.fd
, c
->file
.start
+ c
->offset
, SEEK_SET
)
1148 || 0 > (rd
= read(c
->file
.fd
, data
, weHave
))) {
1149 log_error_write(srv
, __FILE__
, __LINE__
, "ssbd", "lseek/read failed: ",
1150 strerror(errno
), c
->mem
, c
->file
.fd
);
1154 weHave
= (size_t)rd
;
1158 if (XML_ERR_OK
!= (err
= xmlParseChunk(ctxt
, data
, weHave
, 0))) {
1159 log_error_write(srv
, __FILE__
, __LINE__
, "sodd", "xmlParseChunk failed at:", cq
->bytes_out
, weHave
, err
);
1162 chunkqueue_mark_written(cq
, weHave
);
1164 if (!mapped
) free(data
);
1167 /* append to the buffer */
1168 weHave
= buffer_string_length(c
->mem
) - c
->offset
;
1170 if (weHave
> weWant
) weHave
= weWant
;
1172 if (hctx
->conf
.log_xml
) {
1173 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "XML-request-body:", c
->mem
->ptr
+ c
->offset
);
1176 if (XML_ERR_OK
!= (err
= xmlParseChunk(ctxt
, c
->mem
->ptr
+ c
->offset
, weHave
, 0))) {
1177 log_error_write(srv
, __FILE__
, __LINE__
, "sodd", "xmlParseChunk failed at:", cq
->bytes_out
, weHave
, err
);
1180 chunkqueue_mark_written(cq
, weHave
);
1186 switch ((err
= xmlParseChunk(ctxt
, 0, 0, 1))) {
1187 case XML_ERR_DOCUMENT_END
:
1191 log_error_write(srv
, __FILE__
, __LINE__
, "sd", "xmlParseChunk failed at final packet:", err
);
1196 res
= ctxt
->wellFormed
;
1197 xmlFreeParserCtxt(ctxt
);
1210 static int webdav_lockdiscovery(connection
*con
, buffer
*locktoken
, const char *lockscope
, const char *locktype
, int depth
) {
1212 buffer
*b
= chunkqueue_append_buffer_open(con
->write_queue
);
1214 http_header_response_set(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("Lock-Token"), CONST_BUF_LEN(locktoken
));
1216 http_header_response_set(con
, HTTP_HEADER_CONTENT_TYPE
,
1217 CONST_STR_LEN("Content-Type"),
1218 CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1220 buffer_copy_string_len(b
, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1222 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1223 buffer_append_string_len(b
,CONST_STR_LEN("<D:lockdiscovery>\n"));
1224 webdav_activelock(b
, locktoken
, lockscope
, locktype
, depth
, 600);
1225 buffer_append_string_len(b
,CONST_STR_LEN("</D:lockdiscovery>\n"));
1226 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1228 chunkqueue_append_buffer_commit(con
->write_queue
);
1235 * check if resource is having the right locks to access to resource
1240 static int webdav_has_lock(server
*srv
, connection
*con
, handler_ctx
*hctx
, buffer
*uri
) {
1248 * This implementation is more fake than real
1249 * we need a parser for the If: header to really handle the full scope
1251 * X-Litmus: locks: 11 (owner_modify)
1252 * If: <http://127.0.0.1:1025/dav/litmus/lockme> (<opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1>)
1254 * if http://127.0.0.1:1025/dav/litmus/lockme is locked with
1255 * opaquelocktoken:2165478d-0611-49c4-be92-e790d68a38f1, go on
1257 * X-Litmus: locks: 16 (fail_cond_put)
1258 * If: (<DAV:no-lock> ["-1622396671"])
1260 * go on if the resource has the etag [...] and the lock
1262 if (NULL
!= (vb
= http_header_request_get(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("If")))) {
1263 /* Ooh, ooh. A if tag, now the fun begins.
1265 * this can only work with a real parser
1268 /* we didn't provided a lock-token -> */
1269 /* if the resource is locked -> 423 */
1271 sqlite3_stmt
*stmt
= hctx
->conf
.stmt_read_lock_by_uri
;
1273 sqlite3_reset(stmt
);
1275 sqlite3_bind_text(stmt
, 1,
1279 while (SQLITE_ROW
== sqlite3_step(stmt
)) {
1293 static int mod_webdav_depth(connection
*con
) {
1295 http_header_request_get(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("Depth"));
1296 if (NULL
!= b
&& 1 == buffer_string_length(b
)) {
1297 if (b
->ptr
[0] == '0') return 0;
1298 if (b
->ptr
[0] == '1') return 1;
1300 return -1; /* (Depth: infinity) */
1303 static handler_t
mod_webdav_propfind(server
*srv
, connection
*con
, plugin_data
*p
, handler_ctx
*hctx
) {
1306 int depth
= mod_webdav_depth(con
);
1310 webdav_properties
*req_props
;
1311 stat_cache_entry
*sce
= NULL
;
1313 /* they want to know the properties of the directory */
1316 /* is there a content-body ? */
1318 switch (stat_cache_get_entry(srv
, con
, con
->physical
.path
, &sce
)) {
1320 if (errno
== ENOENT
) {
1321 con
->http_status
= 404;
1322 return HANDLER_FINISHED
;
1324 else if (errno
== EACCES
) {
1325 con
->http_status
= 403;
1326 return HANDLER_FINISHED
;
1329 con
->http_status
= 500;
1330 return HANDLER_FINISHED
;
1337 if (S_ISDIR(sce
->st
.st_mode
) && con
->physical
.path
->ptr
[buffer_string_length(con
->physical
.path
)-1] != '/') {
1338 http_response_redirect_to_directory(srv
, con
, 308);
1339 return HANDLER_FINISHED
;
1342 #ifdef USE_PROPPATCH
1343 /* any special requests or just allprop ? */
1344 if (con
->request
.content_length
) {
1347 if (con
->state
== CON_STATE_READ_POST
) {
1348 handler_t r
= connection_handle_read_post_state(srv
, con
);
1349 if (r
!= HANDLER_GO_ON
) return r
;
1352 if (1 == webdav_parse_chunkqueue(srv
, con
, hctx
, con
->request_content_queue
, &xml
)) {
1353 xmlNode
*rootnode
= xmlDocGetRootElement(xml
);
1355 force_assert(rootnode
);
1357 if (0 == xmlStrcmp(rootnode
->name
, BAD_CAST
"propfind")) {
1360 req_props
= calloc(1, sizeof(*req_props
));
1362 for (cmd
= rootnode
->children
; cmd
; cmd
= cmd
->next
) {
1364 if (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"prop")) {
1365 /* get prop by name */
1368 for (prop
= cmd
->children
; prop
; prop
= prop
->next
) {
1369 if (prop
->type
== XML_TEXT_NODE
) continue; /* ignore WS */
1372 (0 == xmlStrcmp(prop
->ns
->href
, BAD_CAST
"")) &&
1373 (0 != xmlStrcmp(prop
->ns
->prefix
, BAD_CAST
""))) {
1375 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
1376 "no name space for:",
1381 for (i
= 0; i
< req_props
->used
; i
++) {
1382 free(req_props
->ptr
[i
]->ns
);
1383 free(req_props
->ptr
[i
]->prop
);
1384 free(req_props
->ptr
[i
]);
1386 free(req_props
->ptr
);
1389 con
->http_status
= 400;
1390 return HANDLER_FINISHED
;
1393 /* add property to requested list */
1394 if (req_props
->used
== req_props
->size
) {
1395 req_props
->size
+= 16;
1396 req_props
->ptr
= realloc(req_props
->ptr
, sizeof(*(req_props
->ptr
)) * req_props
->size
);
1399 req_props
->ptr
[req_props
->used
] = malloc(sizeof(webdav_property
));
1400 req_props
->ptr
[req_props
->used
]->ns
= (char *)xmlStrdup(prop
->ns
? prop
->ns
->href
: (xmlChar
*)"");
1401 req_props
->ptr
[req_props
->used
]->prop
= (char *)xmlStrdup(prop
->name
);
1404 } else if (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"propname")) {
1405 sqlite3_stmt
*stmt
= p
->conf
.stmt_select_propnames
;
1408 /* get all property names (EMPTY) */
1409 sqlite3_reset(stmt
);
1410 /* bind the values to the insert */
1412 sqlite3_bind_text(stmt
, 1,
1413 CONST_BUF_LEN(con
->uri
.path
),
1416 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
1419 } else if (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"allprop")) {
1420 /* get all properties (EMPTY) */
1427 con
->http_status
= 400;
1428 return HANDLER_FINISHED
;
1432 con
->http_status
= 207;
1434 http_header_response_set(con
, HTTP_HEADER_CONTENT_TYPE
, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1436 b
= chunkqueue_append_buffer_open(con
->write_queue
);
1438 buffer_copy_string_len(b
, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1440 buffer_append_string_len(b
,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\" xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\">\n"));
1444 prop_200
= buffer_init();
1445 prop_404
= buffer_init();
1448 /* Depth: 0 or Depth: 1 */
1449 webdav_get_props(srv
, con
, hctx
, &(con
->physical
), req_props
, prop_200
, prop_404
);
1451 buffer_append_string_len(b
,CONST_STR_LEN("<D:response>\n"));
1452 buffer_append_string_len(b
,CONST_STR_LEN("<D:href>"));
1453 buffer_append_string_buffer(b
, con
->uri
.scheme
);
1454 buffer_append_string_len(b
,CONST_STR_LEN("://"));
1455 buffer_append_string_buffer(b
, con
->uri
.authority
);
1456 buffer_append_string_encoded(b
, CONST_BUF_LEN(con
->uri
.path
), ENCODING_REL_URI
);
1457 buffer_append_string_len(b
,CONST_STR_LEN("</D:href>\n"));
1459 if (!buffer_string_is_empty(prop_200
)) {
1460 buffer_append_string_len(b
,CONST_STR_LEN("<D:propstat>\n"));
1461 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop>\n"));
1463 buffer_append_string_buffer(b
, prop_200
);
1465 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1467 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1469 buffer_append_string_len(b
,CONST_STR_LEN("</D:propstat>\n"));
1471 if (!buffer_string_is_empty(prop_404
)) {
1472 buffer_append_string_len(b
,CONST_STR_LEN("<D:propstat>\n"));
1473 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop>\n"));
1475 buffer_append_string_buffer(b
, prop_404
);
1477 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1479 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1481 buffer_append_string_len(b
,CONST_STR_LEN("</D:propstat>\n"));
1484 buffer_append_string_len(b
,CONST_STR_LEN("</D:response>\n"));
1489 if (NULL
!= (dir
= opendir(con
->physical
.path
->ptr
))) {
1492 physical
*dst
= &(con
->physical
);
1494 d
.path
= buffer_init();
1495 d
.rel_path
= buffer_init();
1497 while(NULL
!= (de
= readdir(dir
))) {
1499 if (de
->d_name
[0] == '.' && (de
->d_name
[1] == '\0' || (de
->d_name
[1] == '.' && de
->d_name
[2] == '\0'))) {
1501 /* ignore the parent and target dir */
1504 nlen
= strlen(de
->d_name
);
1505 buffer_copy_buffer(d
.path
, dst
->path
);
1506 buffer_append_path_len(d
.path
, de
->d_name
, nlen
);
1508 buffer_copy_buffer(d
.rel_path
, dst
->rel_path
);
1509 buffer_append_path_len(d
.rel_path
, de
->d_name
, nlen
);
1511 buffer_clear(prop_200
);
1512 buffer_clear(prop_404
);
1514 webdav_get_props(srv
, con
, hctx
, &d
, req_props
, prop_200
, prop_404
);
1516 buffer_append_string_len(b
,CONST_STR_LEN("<D:response>\n"));
1517 buffer_append_string_len(b
,CONST_STR_LEN("<D:href>"));
1518 buffer_append_string_buffer(b
, con
->uri
.scheme
);
1519 buffer_append_string_len(b
,CONST_STR_LEN("://"));
1520 buffer_append_string_buffer(b
, con
->uri
.authority
);
1521 buffer_append_string_encoded(b
, CONST_BUF_LEN(d
.rel_path
), ENCODING_REL_URI
);
1522 if (0 == stat(d
.path
->ptr
, &st
) && S_ISDIR(st
.st_mode
)) {
1523 /* Append a '/' on subdirectories */
1524 buffer_append_string_len(b
,CONST_STR_LEN("/"));
1526 buffer_append_string_len(b
,CONST_STR_LEN("</D:href>\n"));
1528 if (!buffer_string_is_empty(prop_200
)) {
1529 buffer_append_string_len(b
,CONST_STR_LEN("<D:propstat>\n"));
1530 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop>\n"));
1532 buffer_append_string_buffer(b
, prop_200
);
1534 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1536 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>HTTP/1.1 200 OK</D:status>\n"));
1538 buffer_append_string_len(b
,CONST_STR_LEN("</D:propstat>\n"));
1540 if (!buffer_string_is_empty(prop_404
)) {
1541 buffer_append_string_len(b
,CONST_STR_LEN("<D:propstat>\n"));
1542 buffer_append_string_len(b
,CONST_STR_LEN("<D:prop>\n"));
1544 buffer_append_string_buffer(b
, prop_404
);
1546 buffer_append_string_len(b
,CONST_STR_LEN("</D:prop>\n"));
1548 buffer_append_string_len(b
,CONST_STR_LEN("<D:status>HTTP/1.1 404 Not Found</D:status>\n"));
1550 buffer_append_string_len(b
,CONST_STR_LEN("</D:propstat>\n"));
1553 buffer_append_string_len(b
,CONST_STR_LEN("</D:response>\n"));
1556 buffer_free(d
.path
);
1557 buffer_free(d
.rel_path
);
1564 for (i
= 0; i
< req_props
->used
; i
++) {
1565 free(req_props
->ptr
[i
]->ns
);
1566 free(req_props
->ptr
[i
]->prop
);
1567 free(req_props
->ptr
[i
]);
1569 free(req_props
->ptr
);
1573 buffer_free(prop_200
);
1574 buffer_free(prop_404
);
1576 buffer_append_string_len(b
,CONST_STR_LEN("</D:multistatus>\n"));
1578 if (p
->conf
.log_xml
) {
1579 log_error_write(srv
, __FILE__
, __LINE__
, "sb", "XML-response-body:", b
);
1582 chunkqueue_append_buffer_commit(con
->write_queue
);
1584 con
->file_finished
= 1;
1586 return HANDLER_FINISHED
;
1589 static handler_t
mod_webdav_mkcol(connection
*con
, plugin_data
*p
) {
1590 if (p
->conf
.is_readonly
) {
1591 con
->http_status
= 403;
1592 return HANDLER_FINISHED
;
1595 if (con
->request
.content_length
!= 0) {
1596 /* we don't support MKCOL with a body */
1597 con
->http_status
= 415;
1599 return HANDLER_FINISHED
;
1602 /* let's create the directory */
1604 if (-1 == mkdir(con
->physical
.path
->ptr
, WEBDAV_DIR_MODE
)) {
1607 con
->http_status
= 403;
1611 con
->http_status
= 409;
1615 con
->http_status
= 405; /* not allowed */
1619 con
->http_status
= 201;
1620 con
->file_finished
= 1;
1623 return HANDLER_FINISHED
;
1626 static handler_t
mod_webdav_delete(server
*srv
, connection
*con
, plugin_data
*p
, handler_ctx
*hctx
) {
1629 if (p
->conf
.is_readonly
) {
1630 con
->http_status
= 403;
1631 return HANDLER_FINISHED
;
1634 /* does the client have a lock for this connection ? */
1635 if (!webdav_has_lock(srv
, con
, hctx
, con
->uri
.path
)) {
1636 con
->http_status
= 423;
1637 return HANDLER_FINISHED
;
1640 /* stat and unlink afterwards */
1641 if (-1 == stat(con
->physical
.path
->ptr
, &st
)) {
1642 /* don't about it yet, unlink will fail too */
1645 con
->http_status
= 404;
1648 con
->http_status
= 403;
1651 } else if (S_ISDIR(st
.st_mode
)) {
1652 buffer
*multi_status_resp
;
1654 if (con
->physical
.path
->ptr
[buffer_string_length(con
->physical
.path
)-1] != '/') {
1655 http_response_redirect_to_directory(srv
, con
, 308);
1656 return HANDLER_FINISHED
;
1659 multi_status_resp
= buffer_init();
1661 if (webdav_delete_dir(srv
, con
, hctx
, &(con
->physical
), multi_status_resp
)) {
1662 /* we got an error somewhere in between, build a 207 */
1664 http_header_response_set(con
, HTTP_HEADER_CONTENT_TYPE
, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
1666 b
= chunkqueue_append_buffer_open(con
->write_queue
);
1668 buffer_copy_string_len(b
, CONST_STR_LEN("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"));
1670 buffer_append_string_len(b
,CONST_STR_LEN("<D:multistatus xmlns:D=\"DAV:\">\n"));
1672 buffer_append_string_buffer(b
, multi_status_resp
);
1674 buffer_append_string_len(b
,CONST_STR_LEN("</D:multistatus>\n"));
1676 if (p
->conf
.log_xml
) {
1677 log_error_write(srv
, __FILE__
, __LINE__
, "sb", "XML-response-body:", b
);
1680 chunkqueue_append_buffer_commit(con
->write_queue
);
1682 con
->http_status
= 207;
1683 con
->file_finished
= 1;
1685 /* everything went fine, remove the directory */
1687 if (-1 == rmdir(con
->physical
.path
->ptr
)) {
1690 con
->http_status
= 403;
1693 con
->http_status
= 404;
1696 con
->http_status
= 501;
1700 con
->http_status
= 204;
1704 buffer_free(multi_status_resp
);
1705 } else if (-1 == unlink(con
->physical
.path
->ptr
)) {
1708 con
->http_status
= 403;
1711 con
->http_status
= 404;
1714 con
->http_status
= 501;
1718 con
->http_status
= 204;
1720 return HANDLER_FINISHED
;
1723 static handler_t
mod_webdav_put(server
*srv
, connection
*con
, plugin_data
*p
, handler_ctx
*hctx
) {
1726 chunkqueue
*cq
= con
->request_content_queue
;
1729 if (p
->conf
.is_readonly
) {
1730 con
->http_status
= 403;
1731 return HANDLER_FINISHED
;
1734 /* is a exclusive lock set on the source */
1735 /* (check for lock once before potentially reading large input) */
1736 if (0 == cq
->bytes_in
&& !webdav_has_lock(srv
, con
, hctx
, con
->uri
.path
)) {
1737 con
->http_status
= 423;
1738 return HANDLER_FINISHED
;
1741 if (con
->state
== CON_STATE_READ_POST
) {
1742 handler_t r
= connection_handle_read_post_state(srv
, con
);
1743 if (r
!= HANDLER_GO_ON
) return r
;
1746 /* RFC2616 Section 9.6 PUT requires us to send 501 on all Content-* we don't support
1747 * - most important Content-Range
1750 * Example: Content-Range: bytes 100-1037/1038 */
1752 if (NULL
!= (b
= http_header_request_get(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("Content-Range")))) {
1753 const char *num
= b
->ptr
;
1757 if (0 != strncmp(num
, "bytes ", 6)) {
1758 con
->http_status
= 501; /* not implemented */
1760 return HANDLER_FINISHED
;
1763 /* we only support <num>- ... */
1768 while (*num
== ' ' || *num
== '\t') num
++;
1771 con
->http_status
= 501; /* not implemented */
1773 return HANDLER_FINISHED
;
1776 offset
= strtoll(num
, &err
, 10);
1778 if (*err
!= '-' || offset
< 0) {
1779 con
->http_status
= 501; /* not implemented */
1781 return HANDLER_FINISHED
;
1784 if (-1 == (fd
= open(con
->physical
.path
->ptr
, O_WRONLY
, WEBDAV_FILE_MODE
))) {
1787 con
->http_status
= 404; /* not found */
1790 con
->http_status
= 403; /* not found */
1793 return HANDLER_FINISHED
;
1796 if (-1 == lseek(fd
, offset
, SEEK_SET
)) {
1797 con
->http_status
= 501; /* not implemented */
1801 return HANDLER_FINISHED
;
1803 con
->http_status
= 200; /* modified */
1805 /* take what we have in the request-body and write it to a file */
1807 /* if the file doesn't exist, create it */
1808 if (-1 == (fd
= open(con
->physical
.path
->ptr
, O_WRONLY
|O_TRUNC
, WEBDAV_FILE_MODE
))) {
1809 if (errno
!= ENOENT
||
1810 -1 == (fd
= open(con
->physical
.path
->ptr
, O_WRONLY
|O_CREAT
|O_TRUNC
|O_EXCL
, WEBDAV_FILE_MODE
))) {
1811 /* we can't open the file */
1812 con
->http_status
= 403;
1814 return HANDLER_FINISHED
;
1816 con
->http_status
= 201; /* created */
1819 con
->http_status
= 200; /* modified */
1823 con
->file_finished
= 1;
1825 for (c
= cq
->first
; c
; c
= cq
->first
) {
1831 /* copy all chunks */
1835 mapped
= (c
->file
.mmap
.start
!= MAP_FAILED
);
1836 dlen
= c
->file
.length
- c
->offset
;
1838 data
= c
->file
.mmap
.start
+ c
->offset
;
1840 if (-1 == c
->file
.fd
&& /* open the file if not already open */
1841 -1 == (c
->file
.fd
= fdevent_open_cloexec(c
->mem
->ptr
, con
->conf
.follow_symlink
, O_RDONLY
, 0))) {
1842 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "open failed: ", strerror(errno
));
1844 return HANDLER_ERROR
;
1847 if (MAP_FAILED
!= (c
->file
.mmap
.start
= mmap(NULL
, c
->file
.length
, PROT_READ
, MAP_PRIVATE
, c
->file
.fd
, 0))) {
1848 /* chunk_reset() or chunk_free() will cleanup for us */
1849 c
->file
.mmap
.length
= c
->file
.length
;
1850 data
= c
->file
.mmap
.start
+ c
->offset
;
1854 if (dlen
> 65536) dlen
= 65536;
1855 data
= malloc(dlen
);
1857 if (-1 == lseek(c
->file
.fd
, c
->file
.start
+ c
->offset
, SEEK_SET
)
1858 || 0 > (rd
= read(c
->file
.fd
, data
, dlen
))) {
1859 log_error_write(srv
, __FILE__
, __LINE__
, "ssbd", "lseek/read failed: ",
1860 strerror(errno
), c
->mem
, c
->file
.fd
);
1863 return HANDLER_ERROR
;
1870 if ((r
= write(fd
, data
, dlen
)) < 0) {
1873 con
->http_status
= 507;
1877 con
->http_status
= 403;
1882 if (!mapped
) free(data
);
1885 if ((r
= write(fd
, c
->mem
->ptr
+ c
->offset
, buffer_string_length(c
->mem
) - c
->offset
)) < 0) {
1888 con
->http_status
= 507;
1892 con
->http_status
= 403;
1900 chunkqueue_mark_written(cq
, r
);
1905 if (0 != close(fd
)) {
1906 log_error_write(srv
, __FILE__
, __LINE__
, "sbss",
1907 "close ", con
->physical
.path
, "failed: ", strerror(errno
));
1908 return HANDLER_ERROR
;
1911 return HANDLER_FINISHED
;
1914 static handler_t
mod_webdav_copymove(server
*srv
, connection
*con
, plugin_data
*p
, handler_ctx
*hctx
) {
1917 buffer
*destination
= NULL
;
1918 char *sep
, *sep2
, *start
;
1921 if (p
->conf
.is_readonly
) {
1922 con
->http_status
= 403;
1923 return HANDLER_FINISHED
;
1926 /* is a exclusive lock set on the source */
1927 if (con
->request
.http_method
== HTTP_METHOD_MOVE
) {
1928 if (!webdav_has_lock(srv
, con
, hctx
, con
->uri
.path
)) {
1929 con
->http_status
= 423;
1930 return HANDLER_FINISHED
;
1934 if (NULL
== (destination
= http_header_request_get(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("Destination")))) {
1935 con
->http_status
= 400;
1936 return HANDLER_FINISHED
;
1939 if (NULL
!= (b
= http_header_request_get(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("Overwrite")))) {
1940 if (buffer_string_length(b
) != 1 ||
1941 (b
->ptr
[0] != 'F' &&
1942 b
->ptr
[0] != 'T') ) {
1943 con
->http_status
= 400;
1944 return HANDLER_FINISHED
;
1946 overwrite
= (b
->ptr
[0] == 'F' ? 0 : 1);
1948 /* let's parse the Destination
1950 * http://127.0.0.1:1025/dav/litmus/copydest
1952 * - host has to be the same as the Host: header we got
1953 * - we have to stay inside the document root
1954 * - the query string is thrown away
1957 start
= destination
->ptr
;
1958 sep
= start
+ buffer_string_length(con
->uri
.scheme
);
1960 if (0 != strncmp(start
, con
->uri
.scheme
->ptr
, sep
- start
)
1961 || sep
[0] != ':' || sep
[1] != '/' || sep
[2] != '/') {
1962 con
->http_status
= 400;
1963 return HANDLER_FINISHED
;
1965 buffer_copy_buffer(p
->uri
.scheme
, con
->uri
.scheme
); /*(unused?)*/
1969 if (NULL
== (sep
= strchr(start
, '/'))) {
1970 con
->http_status
= 400;
1971 return HANDLER_FINISHED
;
1973 if (NULL
!= (sep2
= memchr(start
, '@', sep
- start
))) {
1974 /* skip login information */
1977 buffer_copy_string_len(p
->uri
.authority
, start
, sep
- start
);
1981 if (NULL
== (sep
= strchr(start
, '?'))) {
1982 /* no query string, good */
1983 buffer_copy_string(p
->uri
.path
, start
);
1985 buffer_copy_string_len(p
->uri
.path
, start
, sep
- start
);
1988 if (!buffer_is_equal(p
->uri
.authority
, con
->uri
.authority
)) {
1989 /* not the same host */
1990 con
->http_status
= 502;
1991 return HANDLER_FINISHED
;
1994 buffer_urldecode_path(p
->uri
.path
);
1995 if (!buffer_is_valid_UTF8(p
->uri
.path
)) {
1996 /* invalid UTF-8 after url-decode */
1997 con
->http_status
= 400;
1998 return HANDLER_FINISHED
;
2000 buffer_path_simplify(p
->uri
.path
, p
->uri
.path
);
2002 if (buffer_string_is_empty(p
->uri
.path
) || p
->uri
.path
->ptr
[0] != '/') {
2003 con
->http_status
= 400;
2004 return HANDLER_FINISHED
;
2007 /* we now have a URI which is clean. transform it into a physical path */
2008 buffer_copy_buffer(p
->physical
.doc_root
, con
->physical
.doc_root
);
2009 buffer_copy_buffer(p
->physical
.rel_path
, p
->uri
.path
);
2011 if (con
->conf
.force_lowercase_filenames
) {
2012 buffer_to_lower(p
->physical
.rel_path
);
2015 /* Destination physical path
2016 * src con->physical.path might have been remapped with mod_alias.
2017 * (but mod_alias does not modify con->physical.rel_path)
2018 * Find matching prefix to support use of mod_alias to remap webdav root.
2019 * Aliasing of paths underneath the webdav root might not work.
2020 * Likewise, mod_rewrite URL rewriting might thwart this comparison.
2021 * Use mod_redirect instead of mod_alias to remap paths *under* webdav root.
2022 * Use mod_redirect instead of mod_rewrite on *any* parts of path to webdav.
2023 * (Related, use mod_auth to protect webdav root, but avoid attempting to
2024 * use mod_auth on paths underneath webdav root, as Destination is not
2025 * validated with mod_auth)
2027 * tl;dr: webdav paths and webdav properties are managed by mod_webdav,
2028 * so do not modify paths externally or else undefined behavior
2029 * or corruption may occur
2032 /* find matching URI prefix
2033 * check if remaining con->physical.rel_path matches suffix
2034 * of con->physical.basedir so that we can use it to
2035 * remap Destination physical path */
2037 sep
= con
->uri
.path
->ptr
;
2038 sep2
= p
->uri
.path
->ptr
;
2039 for (i
= 0; sep
[i
] && sep
[i
] == sep2
[i
]; ++i
) ;
2040 if (sep
[i
] == '\0' && (sep2
[i
] == '\0' || sep2
[i
] == '/' || (i
> 0 && sep
[i
-1] == '/'))) {
2041 /* src and dst URI match or dst is nested inside src; invalid COPY or MOVE */
2042 con
->http_status
= 403;
2043 return HANDLER_FINISHED
;
2045 while (i
!= 0 && sep
[--i
] != '/') ; /* find matching directory path */
2046 remain
= buffer_string_length(con
->uri
.path
) - i
;
2047 if (!con
->conf
.force_lowercase_filenames
2048 ? buffer_is_equal_right_len(con
->physical
.path
, con
->physical
.rel_path
, remain
)
2049 :(buffer_string_length(con
->physical
.path
) >= remain
2050 && 0 == strncasecmp(con
->physical
.path
->ptr
+buffer_string_length(con
->physical
.path
)-remain
, con
->physical
.rel_path
->ptr
+i
, remain
))) {
2051 /* (at this point, p->physical.rel_path is identical to (or lowercased version of) p->uri.path) */
2052 buffer_copy_string_len(p
->physical
.path
, con
->physical
.path
->ptr
, buffer_string_length(con
->physical
.path
)-remain
);
2053 buffer_append_string_len(p
->physical
.path
, p
->physical
.rel_path
->ptr
+i
, buffer_string_length(p
->physical
.rel_path
)-i
);
2055 buffer_copy_buffer(p
->physical
.basedir
, con
->physical
.basedir
);
2056 buffer_append_slash(p
->physical
.basedir
);
2058 /* unable to perform physical path remap here;
2059 * assume doc_root/rel_path and no remapping */
2060 buffer_copy_buffer(p
->physical
.path
, p
->physical
.doc_root
);
2061 buffer_append_slash(p
->physical
.path
);
2062 buffer_copy_buffer(p
->physical
.basedir
, p
->physical
.path
);
2063 buffer_append_path_len(p
->physical
.path
, CONST_BUF_LEN(p
->physical
.rel_path
));
2067 /* let's see if the source is a directory
2068 * if yes, we fail with 501 */
2070 if (-1 == stat(con
->physical
.path
->ptr
, &st
)) {
2071 /* don't about it yet, unlink will fail too */
2074 con
->http_status
= 404;
2077 con
->http_status
= 403;
2080 } else if (S_ISDIR(st
.st_mode
)) {
2083 /* src is a directory */
2085 if (con
->physical
.path
->ptr
[buffer_string_length(con
->physical
.path
)-1] != '/') {
2086 http_response_redirect_to_directory(srv
, con
, 308);
2087 return HANDLER_FINISHED
;
2090 if (-1 == stat(p
->physical
.path
->ptr
, &st
)) {
2091 if (-1 == mkdir(p
->physical
.path
->ptr
, WEBDAV_DIR_MODE
)) {
2092 con
->http_status
= 403;
2093 return HANDLER_FINISHED
;
2096 } else if (!S_ISDIR(st
.st_mode
)) {
2097 if (overwrite
== 0) {
2098 /* copying into a non-dir ? */
2099 con
->http_status
= 409;
2100 return HANDLER_FINISHED
;
2102 unlink(p
->physical
.path
->ptr
);
2103 if (-1 == mkdir(p
->physical
.path
->ptr
, WEBDAV_DIR_MODE
)) {
2104 con
->http_status
= 403;
2105 return HANDLER_FINISHED
;
2111 /* copy the content of src to dest */
2112 if (0 != (r
= webdav_copy_dir(srv
, con
, hctx
, &(con
->physical
), &(p
->physical
), overwrite
))) {
2113 con
->http_status
= r
;
2114 return HANDLER_FINISHED
;
2116 if (con
->request
.http_method
== HTTP_METHOD_MOVE
) {
2118 webdav_delete_dir(srv
, con
, hctx
, &(con
->physical
), b
); /* content */
2121 rmdir(con
->physical
.path
->ptr
);
2123 con
->http_status
= created
? 201 : 204;
2124 con
->file_finished
= 1;
2126 /* it is just a file, good */
2130 /* does the client have a lock for this connection ? */
2131 if (!webdav_has_lock(srv
, con
, hctx
, p
->uri
.path
)) {
2132 con
->http_status
= 423;
2133 return HANDLER_FINISHED
;
2136 /* destination exists */
2137 if (0 == (r
= stat(p
->physical
.path
->ptr
, &st
))) {
2138 if (S_ISDIR(st
.st_mode
)) {
2140 * append basename to physical path */
2143 if (NULL
!= (sep
= strrchr(con
->physical
.path
->ptr
, '/'))) {
2144 buffer_append_string(p
->physical
.path
, sep
);
2145 r
= stat(p
->physical
.path
->ptr
, &st
);
2151 con
->http_status
= destdir
? 204 : 201; /* we will create a new one */
2152 con
->file_finished
= 1;
2156 con
->http_status
= 409;
2157 return HANDLER_FINISHED
;
2159 } else if (overwrite
== 0) {
2160 /* destination exists, but overwrite is not set */
2161 con
->http_status
= 412;
2162 return HANDLER_FINISHED
;
2164 con
->http_status
= 204; /* resource already existed */
2167 if (con
->request
.http_method
== HTTP_METHOD_MOVE
) {
2170 if (0 == rename(con
->physical
.path
->ptr
, p
->physical
.path
->ptr
)) {
2171 #ifdef USE_PROPPATCH
2174 stmt
= p
->conf
.stmt_move_uri
;
2177 sqlite3_reset(stmt
);
2179 /* bind the values to the insert */
2180 sqlite3_bind_text(stmt
, 1,
2181 CONST_BUF_LEN(p
->uri
.path
),
2184 sqlite3_bind_text(stmt
, 2,
2185 CONST_BUF_LEN(con
->uri
.path
),
2188 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
2189 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "sql-move failed:", sqlite3_errmsg(p
->conf
.sql
));
2193 return HANDLER_FINISHED
;
2196 /* rename failed, fall back to COPY + DELETE */
2199 if (0 != (r
= webdav_copy_file(srv
, con
, hctx
, &(con
->physical
), &(p
->physical
), overwrite
))) {
2200 con
->http_status
= r
;
2202 return HANDLER_FINISHED
;
2205 if (con
->request
.http_method
== HTTP_METHOD_MOVE
) {
2207 webdav_delete_file(srv
, con
, hctx
, &(con
->physical
), b
);
2212 return HANDLER_FINISHED
;
2215 static handler_t
mod_webdav_proppatch(server
*srv
, connection
*con
, plugin_data
*p
, handler_ctx
*hctx
) {
2217 if (p
->conf
.is_readonly
) {
2218 con
->http_status
= 403;
2219 return HANDLER_FINISHED
;
2222 if (!webdav_has_lock(srv
, con
, hctx
, con
->uri
.path
)) {
2223 con
->http_status
= 423;
2224 return HANDLER_FINISHED
;
2227 /* check if destination exists */
2228 if (-1 == stat(con
->physical
.path
->ptr
, &st
)) {
2231 con
->http_status
= 404;
2234 con
->http_status
= 403;
2237 return HANDLER_FINISHED
;
2240 if (S_ISDIR(st
.st_mode
) && con
->physical
.path
->ptr
[buffer_string_length(con
->physical
.path
)-1] != '/') {
2241 http_response_redirect_to_directory(srv
, con
, 308);
2242 return HANDLER_FINISHED
;
2245 #ifdef USE_PROPPATCH
2246 if (con
->request
.content_length
) {
2249 if (con
->state
== CON_STATE_READ_POST
) {
2250 handler_t r
= connection_handle_read_post_state(srv
, con
);
2251 if (r
!= HANDLER_GO_ON
) return r
;
2254 if (1 == webdav_parse_chunkqueue(srv
, con
, hctx
, con
->request_content_queue
, &xml
)) {
2255 xmlNode
*rootnode
= xmlDocGetRootElement(xml
);
2257 if (0 == xmlStrcmp(rootnode
->name
, BAD_CAST
"propertyupdate")) {
2260 int empty_ns
= 0; /* send 400 on a empty namespace attribute */
2262 /* start response */
2264 if (SQLITE_OK
!= sqlite3_exec(p
->conf
.sql
, "BEGIN TRANSACTION", NULL
, NULL
, &err
)) {
2265 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't open transaction:", err
);
2268 goto propmatch_cleanup
;
2271 /* a UPDATE request, we know 'set' and 'remove' */
2272 for (cmd
= rootnode
->children
; cmd
; cmd
= cmd
->next
) {
2274 /* either set or remove */
2276 if ((0 == xmlStrcmp(cmd
->name
, BAD_CAST
"set")) ||
2277 (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"remove"))) {
2281 stmt
= (0 == xmlStrcmp(cmd
->name
, BAD_CAST
"remove")) ?
2282 p
->conf
.stmt_delete_prop
: p
->conf
.stmt_update_prop
;
2284 for (props
= cmd
->children
; props
; props
= props
->next
) {
2285 if (0 == xmlStrcmp(props
->name
, BAD_CAST
"prop")) {
2287 char *propval
= NULL
;
2290 prop
= props
->children
;
2293 (0 == xmlStrcmp(prop
->ns
->href
, BAD_CAST
"")) &&
2294 (0 != xmlStrcmp(prop
->ns
->prefix
, BAD_CAST
""))) {
2295 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2296 "no name space for:",
2303 sqlite3_reset(stmt
);
2305 /* bind the values to the insert */
2307 sqlite3_bind_text(stmt
, 1,
2308 CONST_BUF_LEN(con
->uri
.path
),
2310 sqlite3_bind_text(stmt
, 2,
2312 strlen((char *)prop
->name
),
2315 sqlite3_bind_text(stmt
, 3,
2316 (char *)prop
->ns
->href
,
2317 strlen((char *)prop
->ns
->href
),
2320 sqlite3_bind_text(stmt
, 3,
2325 if (stmt
== p
->conf
.stmt_update_prop
) {
2326 propval
= prop
->children
2327 ? (char *)xmlNodeListGetString(xml
, prop
->children
, 0)
2330 sqlite3_bind_text(stmt
, 4,
2331 propval
? propval
: "",
2332 propval
? strlen(propval
) : 0,
2336 if (SQLITE_DONE
!= (r
= sqlite3_step(stmt
))) {
2337 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2338 "sql-set failed:", sqlite3_errmsg(p
->conf
.sql
));
2341 if (propval
) xmlFree(propval
);
2344 if (empty_ns
) break;
2349 if (SQLITE_OK
!= sqlite3_exec(p
->conf
.sql
, "ROLLBACK", NULL
, NULL
, &err
)) {
2350 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't rollback transaction:", err
);
2353 goto propmatch_cleanup
;
2356 con
->http_status
= 400;
2358 if (SQLITE_OK
!= sqlite3_exec(p
->conf
.sql
, "COMMIT", NULL
, NULL
, &err
)) {
2359 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "can't commit transaction:", err
);
2362 goto propmatch_cleanup
;
2364 con
->http_status
= 200;
2366 con
->file_finished
= 1;
2369 return HANDLER_FINISHED
;
2376 con
->http_status
= 400;
2377 return HANDLER_FINISHED
;
2381 con
->http_status
= 501;
2382 return HANDLER_FINISHED
;
2386 static handler_t
mod_webdav_lock(server
*srv
, connection
*con
, plugin_data
*p
, handler_ctx
*hctx
) {
2388 * a mac wants to write
2390 * LOCK /dav/expire.txt HTTP/1.1\r\n
2391 * User-Agent: WebDAVFS/1.3 (01308000) Darwin/8.1.0 (Power Macintosh)\r\n
2394 * Timeout: Second-600\r\n
2395 * Content-Type: text/xml; charset=\"utf-8\"\r\n
2396 * Content-Length: 229\r\n
2397 * Connection: keep-alive\r\n
2398 * Host: 192.168.178.23:1025\r\n
2400 * <?xml version=\"1.0\" encoding=\"utf-8\"?>\n
2401 * <D:lockinfo xmlns:D=\"DAV:\">\n
2402 * <D:lockscope><D:exclusive/></D:lockscope>\n
2403 * <D:locktype><D:write/></D:locktype>\n
2405 * <D:href>http://www.apple.com/webdav_fs/</D:href>\n
2410 int depth
= mod_webdav_depth(con
);
2411 if (depth
!= 0 && depth
!= -1) {
2412 con
->http_status
= 400;
2414 return HANDLER_FINISHED
;
2417 if (con
->request
.content_length
) {
2419 buffer
*hdr_if
= NULL
;
2423 if (con
->state
== CON_STATE_READ_POST
) {
2424 handler_t r
= connection_handle_read_post_state(srv
, con
);
2425 if (r
!= HANDLER_GO_ON
) return r
;
2428 hdr_if
= http_header_request_get(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("If"));
2430 if (0 != stat(con
->physical
.path
->ptr
, &st
)) {
2431 if (errno
== ENOENT
) {
2432 int fd
= open(con
->physical
.path
->ptr
, O_WRONLY
|O_CREAT
|O_APPEND
|O_BINARY
|FIFO_NONBLOCK
, WEBDAV_FILE_MODE
);
2437 log_error_write(srv
, __FILE__
, __LINE__
, "sBss",
2438 "create file", con
->physical
.path
, ":", strerror(errno
));
2439 con
->http_status
= 403; /* Forbidden */
2441 return HANDLER_FINISHED
;
2445 log_error_write(srv
, __FILE__
, __LINE__
, "sBss",
2446 "stat", con
->physical
.path
, ":", strerror(errno
));
2447 con
->http_status
= 403; /* Forbidden */
2448 return HANDLER_FINISHED
;
2450 } else if (hdr_if
== NULL
&& depth
== -1) {
2451 /* we don't support Depth: Infinity on directories */
2452 if (S_ISDIR(st
.st_mode
)) {
2453 con
->http_status
= 409; /* Conflict */
2455 return HANDLER_FINISHED
;
2459 if (1 == webdav_parse_chunkqueue(srv
, con
, hctx
, con
->request_content_queue
, &xml
)) {
2460 xmlNode
*rootnode
= xmlDocGetRootElement(xml
);
2462 force_assert(rootnode
);
2464 if (0 == xmlStrcmp(rootnode
->name
, BAD_CAST
"lockinfo")) {
2466 const xmlChar
*lockscope
= NULL
, *locktype
= NULL
; /* TODO: compiler says unused: *owner = NULL; */
2468 for (lockinfo
= rootnode
->children
; lockinfo
; lockinfo
= lockinfo
->next
) {
2469 if (0 == xmlStrcmp(lockinfo
->name
, BAD_CAST
"lockscope")) {
2471 for (value
= lockinfo
->children
; value
; value
= value
->next
) {
2472 if ((0 == xmlStrcmp(value
->name
, BAD_CAST
"exclusive")) ||
2473 (0 == xmlStrcmp(value
->name
, BAD_CAST
"shared"))) {
2474 lockscope
= value
->name
;
2476 con
->http_status
= 400;
2479 return HANDLER_FINISHED
;
2482 } else if (0 == xmlStrcmp(lockinfo
->name
, BAD_CAST
"locktype")) {
2484 for (value
= lockinfo
->children
; value
; value
= value
->next
) {
2485 if ((0 == xmlStrcmp(value
->name
, BAD_CAST
"write"))) {
2486 locktype
= value
->name
;
2488 con
->http_status
= 400;
2491 return HANDLER_FINISHED
;
2495 } else if (0 == xmlStrcmp(lockinfo
->name
, BAD_CAST
"owner")) {
2499 if (lockscope
&& locktype
) {
2500 sqlite3_stmt
*stmt
= p
->conf
.stmt_read_lock_by_uri
;
2502 /* is this resourse already locked ? */
2504 /* SELECT locktoken, resource, lockscope, locktype, owner, depth, timeout
2506 * WHERE resource = ? */
2510 sqlite3_reset(stmt
);
2512 sqlite3_bind_text(stmt
, 1,
2513 CONST_BUF_LEN(con
->uri
.path
),
2517 while (SQLITE_ROW
== sqlite3_step(stmt
)) {
2519 * 1. is it compatible ?
2521 char *sql_lockscope
= (char *)sqlite3_column_text(stmt
, 2);
2523 if (strcmp(sql_lockscope
, "exclusive")) {
2524 con
->http_status
= 423;
2525 } else if (0 == xmlStrcmp(lockscope
, BAD_CAST
"exclusive")) {
2526 /* resourse is locked with a shared lock
2527 * client wants exclusive */
2528 con
->http_status
= 423;
2531 if (con
->http_status
== 423) {
2533 return HANDLER_FINISHED
;
2537 stmt
= p
->conf
.stmt_create_lock
;
2539 /* create a lock-token */
2541 char uuid
[37] /* 36 + \0 */;
2544 uuid_unparse(id
, uuid
);
2546 buffer_copy_string_len(p
->tmp_buf
, CONST_STR_LEN("opaquelocktoken:"));
2547 buffer_append_string(p
->tmp_buf
, uuid
);
2549 /* "CREATE TABLE locks ("
2550 * " locktoken TEXT NOT NULL,"
2551 * " resource TEXT NOT NULL,"
2552 * " lockscope TEXT NOT NULL,"
2553 * " locktype TEXT NOT NULL,"
2554 * " owner TEXT NOT NULL,"
2555 * " depth INT NOT NULL,"
2558 sqlite3_reset(stmt
);
2560 sqlite3_bind_text(stmt
, 1,
2561 CONST_BUF_LEN(p
->tmp_buf
),
2564 sqlite3_bind_text(stmt
, 2,
2565 CONST_BUF_LEN(con
->uri
.path
),
2568 sqlite3_bind_text(stmt
, 3,
2569 (const char *)lockscope
,
2570 xmlStrlen(lockscope
),
2573 sqlite3_bind_text(stmt
, 4,
2574 (const char *)locktype
,
2575 xmlStrlen(locktype
),
2579 sqlite3_bind_text(stmt
, 5,
2585 sqlite3_bind_int(stmt
, 6,
2589 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
2590 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2591 "create lock:", sqlite3_errmsg(p
->conf
.sql
));
2594 /* looks like we survived */
2595 webdav_lockdiscovery(con
, p
->tmp_buf
, (const char *)lockscope
, (const char *)locktype
, depth
);
2597 con
->http_status
= created
? 201 : 200;
2598 con
->file_finished
= 1;
2604 return HANDLER_FINISHED
;
2606 con
->http_status
= 400;
2607 return HANDLER_FINISHED
;
2611 if (NULL
!= (b
= http_header_request_get(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("If")))) {
2612 buffer
*locktoken
= b
;
2613 sqlite3_stmt
*stmt
= p
->conf
.stmt_refresh_lock
;
2615 /* remove the < > around the token */
2616 if (buffer_string_length(locktoken
) < 5) {
2617 con
->http_status
= 400;
2619 return HANDLER_FINISHED
;
2622 buffer_copy_string_len(p
->tmp_buf
, locktoken
->ptr
+ 2, buffer_string_length(locktoken
) - 4);
2624 sqlite3_reset(stmt
);
2626 sqlite3_bind_text(stmt
, 1,
2627 CONST_BUF_LEN(p
->tmp_buf
),
2630 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
2631 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2632 "refresh lock:", sqlite3_errmsg(p
->conf
.sql
));
2635 webdav_lockdiscovery(con
, p
->tmp_buf
, "exclusive", "write", 0);
2637 con
->http_status
= 200;
2638 con
->file_finished
= 1;
2639 return HANDLER_FINISHED
;
2641 /* we need a lock-token to refresh */
2642 con
->http_status
= 400;
2644 return HANDLER_FINISHED
;
2651 static handler_t
mod_webdav_unlock(server
*srv
, connection
*con
, plugin_data
*p
) {
2653 if (NULL
!= (b
= http_header_request_get(con
, HTTP_HEADER_OTHER
, CONST_STR_LEN("Lock-Token")))) {
2654 buffer
*locktoken
= b
;
2655 sqlite3_stmt
*stmt
= p
->conf
.stmt_remove_lock
;
2657 /* remove the < > around the token */
2658 if (buffer_string_length(locktoken
) < 3) {
2659 con
->http_status
= 400;
2661 return HANDLER_FINISHED
;
2667 * if the resourse is locked:
2669 * - by someone else: 401
2670 * if the resource is not locked:
2674 buffer_copy_string_len(p
->tmp_buf
, locktoken
->ptr
+ 1, buffer_string_length(locktoken
) - 2);
2676 sqlite3_reset(stmt
);
2678 sqlite3_bind_text(stmt
, 1,
2679 CONST_BUF_LEN(p
->tmp_buf
),
2682 if (SQLITE_DONE
!= sqlite3_step(stmt
)) {
2683 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2684 "remove lock:", sqlite3_errmsg(p
->conf
.sql
));
2687 if (0 == sqlite3_changes(p
->conf
.sql
)) {
2688 con
->http_status
= 401;
2690 con
->http_status
= 204;
2692 return HANDLER_FINISHED
;
2694 /* we need a lock-token to unlock */
2695 con
->http_status
= 400;
2697 return HANDLER_FINISHED
;
2702 SUBREQUEST_FUNC(mod_webdav_subrequest_handler_huge
) {
2703 plugin_data
*p
= p_d
;
2704 handler_ctx
*hctx
= con
->plugin_ctx
[p
->id
];
2706 if (NULL
== hctx
) return HANDLER_GO_ON
;
2707 if (!hctx
->conf
.enabled
) return HANDLER_GO_ON
;
2708 /* physical path is setup */
2709 if (buffer_is_empty(con
->physical
.path
)) return HANDLER_GO_ON
;
2711 switch (con
->request
.http_method
) {
2712 case HTTP_METHOD_PROPFIND
:
2713 return mod_webdav_propfind(srv
, con
, p
, hctx
);
2714 case HTTP_METHOD_MKCOL
:
2715 return mod_webdav_mkcol(con
, p
);
2716 case HTTP_METHOD_DELETE
:
2717 return mod_webdav_delete(srv
, con
, p
, hctx
);
2718 case HTTP_METHOD_PUT
:
2719 return mod_webdav_put(srv
, con
, p
, hctx
);
2720 case HTTP_METHOD_MOVE
:
2721 case HTTP_METHOD_COPY
:
2722 return mod_webdav_copymove(srv
, con
, p
, hctx
);
2723 case HTTP_METHOD_PROPPATCH
:
2724 return mod_webdav_proppatch(srv
, con
, p
, hctx
);
2726 case HTTP_METHOD_LOCK
:
2727 return mod_webdav_lock(srv
, con
, p
, hctx
);
2728 case HTTP_METHOD_UNLOCK
:
2729 return mod_webdav_unlock(srv
, con
, p
);
2731 case HTTP_METHOD_LOCK
:
2732 case HTTP_METHOD_UNLOCK
:
2733 con
->http_status
= 501;
2734 return HANDLER_FINISHED
;
2737 return HANDLER_GO_ON
; /* not found */
2742 SUBREQUEST_FUNC(mod_webdav_subrequest_handler
) {
2744 plugin_data
*p
= p_d
;
2745 if (con
->mode
!= p
->id
) return HANDLER_GO_ON
;
2747 r
= mod_webdav_subrequest_handler_huge(srv
, con
, p_d
);
2748 if (con
->http_status
>= 400) con
->mode
= DIRECT
;
2753 PHYSICALPATH_FUNC(mod_webdav_physical_handler
) {
2754 plugin_data
*p
= p_d
;
2755 if (!p
->conf
.enabled
) return HANDLER_GO_ON
;
2757 /* physical path is setup */
2758 if (buffer_is_empty(con
->physical
.path
)) return HANDLER_GO_ON
;
2762 switch (con
->request
.http_method
) {
2763 case HTTP_METHOD_PROPFIND
:
2764 case HTTP_METHOD_PROPPATCH
:
2765 case HTTP_METHOD_PUT
:
2766 case HTTP_METHOD_COPY
:
2767 case HTTP_METHOD_MOVE
:
2768 case HTTP_METHOD_MKCOL
:
2769 case HTTP_METHOD_DELETE
:
2770 case HTTP_METHOD_LOCK
:
2771 case HTTP_METHOD_UNLOCK
: {
2772 handler_ctx
*hctx
= calloc(1, sizeof(*hctx
));
2773 memcpy(&hctx
->conf
, &p
->conf
, sizeof(plugin_config
));
2774 con
->plugin_ctx
[p
->id
] = hctx
;
2775 con
->conf
.stream_request_body
= 0;
2783 return HANDLER_GO_ON
;
2786 static handler_t
mod_webdav_connection_reset(server
*srv
, connection
*con
, void *p_d
) {
2787 plugin_data
*p
= p_d
;
2788 handler_ctx
*hctx
= con
->plugin_ctx
[p
->id
];
2791 con
->plugin_ctx
[p
->id
] = NULL
;
2795 return HANDLER_GO_ON
;
2799 /* this function is called at dlopen() time and inits the callbacks */
2801 int mod_webdav_plugin_init(plugin
*p
);
2802 int mod_webdav_plugin_init(plugin
*p
) {
2803 p
->version
= LIGHTTPD_VERSION_ID
;
2804 p
->name
= buffer_init_string("webdav");
2806 p
->init
= mod_webdav_init
;
2807 p
->handle_uri_clean
= mod_webdav_uri_handler
;
2808 p
->handle_physical
= mod_webdav_physical_handler
;
2809 p
->handle_subrequest
= mod_webdav_subrequest_handler
;
2810 p
->connection_reset
= mod_webdav_connection_reset
;
2811 p
->set_defaults
= mod_webdav_set_defaults
;
2812 p
->cleanup
= mod_webdav_free
;