2 * This file is part of PowerDNS or dnsdist.
3 * Copyright -- PowerDNS.COM B.V. and its contributors
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * In addition, for the avoidance of any doubt, permission is granted to
10 * link this program with OpenSSL and to (re)distribute the binaries
11 * produced as the result of such linking.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 #include <boost/utility.hpp>
27 #pragma GCC diagnostic push
28 #pragma GCC diagnostic ignored "-Woverloaded-virtual"
29 #include <yahttp/yahttp.hpp>
30 #pragma GCC diagnostic pop
34 #include "credentials.hh"
35 #include "namespaces.hh"
39 class HttpRequest : public YaHTTP::Request {
41 HttpRequest(const string& logprefix_="") : YaHTTP::Request(), logprefix(logprefix_) { };
44 bool accept_yaml{false};
45 bool accept_json{false};
46 bool accept_html{false};
51 // checks password _only_.
52 bool compareAuthorization(const CredentialsHolder& expectedCredentials) const;
53 bool compareHeader(const string &header_name, const CredentialsHolder& expectedCredentials) const;
54 bool compareHeader(const string &header_name, const string &expected_value) const;
57 void setSLog(Logr::log_t log)
61 std::shared_ptr<Logr::Logger> d_slog;
65 class HttpResponse: public YaHTTP::Response {
67 HttpResponse() : YaHTTP::Response() { };
68 HttpResponse(const YaHTTP::Response &resp) : YaHTTP::Response(resp) { };
70 void setPlainBody(const string& document);
71 void setYamlBody(const string& document);
72 void setJsonBody(const string& document);
73 void setJsonBody(const json11::Json& document);
74 void setErrorResult(const std::string& message, const int status);
75 void setSuccessResult(const std::string& message, const int status = 200);
78 void setSLog(Logr::log_t log)
82 std::shared_ptr<Logr::Logger> d_slog;
90 HttpException(int status) : d_response()
92 d_response.status = status;
95 HttpException(int status, const string& msg) : d_response()
97 d_response.setErrorResult(msg, status);
100 HttpResponse response()
106 HttpResponse d_response;
109 class HttpBadRequestException : public HttpException {
111 HttpBadRequestException() : HttpException(400) { };
112 HttpBadRequestException(const string& msg) : HttpException(400, msg) { };
115 class HttpUnauthorizedException : public HttpException {
117 HttpUnauthorizedException(string const &scheme) : HttpException(401)
119 d_response.headers["WWW-Authenticate"] = scheme + " realm=\"PowerDNS\"";
123 class HttpForbiddenException : public HttpException {
125 HttpForbiddenException() : HttpException(403) { };
126 HttpForbiddenException(const string& msg) : HttpException(403, msg) { };
129 class HttpNotFoundException : public HttpException {
131 HttpNotFoundException() : HttpException(404) { };
132 HttpNotFoundException(const string& msg) : HttpException(404, msg) { };
135 class HttpMethodNotAllowedException : public HttpException {
137 HttpMethodNotAllowedException() : HttpException(405) { };
138 HttpMethodNotAllowedException(const string& msg) : HttpException(405, msg) { };
141 class HttpConflictException : public HttpException {
143 HttpConflictException() : HttpException(409) { };
144 HttpConflictException(const string& msg) : HttpException(409, msg) { };
147 class HttpInternalServerErrorException : public HttpException {
149 HttpInternalServerErrorException() : HttpException(500) { };
150 HttpInternalServerErrorException(const string& msg) : HttpException(500, msg) { };
153 class ApiException : public runtime_error
156 ApiException(const string& what_arg) : runtime_error(what_arg) {
163 Server(const string &localaddress, int port) : d_local(localaddress.empty() ? "0.0.0.0" : localaddress, port), d_server_socket(d_local.sin4.sin_family, SOCK_STREAM, 0) {
164 d_server_socket.setReuseAddr();
165 d_server_socket.bind(d_local);
166 d_server_socket.listen();
168 virtual ~Server() = default;
170 ComboAddress d_local;
172 std::shared_ptr<Socket> accept() {
173 return std::shared_ptr<Socket>(d_server_socket.accept());
177 Socket d_server_socket;
180 class WebServer : public boost::noncopyable
183 WebServer(string listenaddress, int port);
184 virtual ~WebServer() = default;
187 void setSLog(Logr::log_t log)
193 void setApiKey(const string &apikey, bool hashPlaintext) {
194 if (!apikey.empty()) {
195 d_apikey = make_unique<CredentialsHolder>(std::string(apikey), hashPlaintext);
202 void setPassword(const string &password, bool hashPlaintext) {
203 if (!password.empty()) {
204 d_webserverPassword = make_unique<CredentialsHolder>(std::string(password), hashPlaintext);
207 d_webserverPassword.reset();
211 void setMaxBodySize(ssize_t s) { // in megabytes
212 d_maxbodysize = s * 1024 * 1024;
215 void setACL(const NetmaskGroup &nmg) {
219 static bool validURL(const YaHTTP::URL& url);
224 void serveConnection(const std::shared_ptr<Socket>& client) const;
225 void handleRequest(HttpRequest& request, HttpResponse& resp) const;
227 typedef std::function<void(HttpRequest* req, HttpResponse* resp)> HandlerFunction;
228 void registerApiHandler(const string& url, const HandlerFunction& handler, const std::string& method = "", bool allowPassword=false);
229 void registerWebHandler(const string& url, const HandlerFunction& handler, const std::string& method = "");
231 enum class LogLevel : uint8_t {
232 None = 0, // No logs from requests at all
233 Normal = 10, // A "common log format"-like line e.g. '127.0.0.1 "GET /apache_pb.gif HTTP/1.0" 200 2326'
234 Detailed = 20, // The full request headers and body, and the full response headers and body
237 void setLogLevel(const string& level) {
238 if (level == "none") {
239 d_loglevel = LogLevel::None;
243 if (level == "normal") {
244 d_loglevel = LogLevel::Normal;
248 if (level == "detailed") {
249 d_loglevel = LogLevel::Detailed;
253 throw PDNSException("Unknown webserver log level: " + level);
256 void setLogLevel(const LogLevel level) {
260 LogLevel getLogLevel() {
265 std::shared_ptr<Logr::Logger> d_slog;
269 static void registerBareHandler(const string& url, const HandlerFunction& handler, const std::string& method);
270 void logRequest(const HttpRequest& req, const ComboAddress& remote) const;
271 void logResponse(const HttpResponse& resp, const ComboAddress& remote, const string& logprefix) const;
273 virtual std::shared_ptr<Server> createServer() {
274 return std::make_shared<Server>(d_listenaddress, d_port);
277 void apiWrapper(const WebServer::HandlerFunction& handler, HttpRequest* req, HttpResponse* resp, bool allowPassword);
278 void webWrapper(const WebServer::HandlerFunction& handler, HttpRequest* req, HttpResponse* resp);
280 string d_listenaddress;
282 std::shared_ptr<Server> d_server;
284 std::unique_ptr<CredentialsHolder> d_apikey{nullptr};
285 std::unique_ptr<CredentialsHolder> d_webserverPassword{nullptr};
287 ssize_t d_maxbodysize; // in bytes
291 const string d_logprefix = "[webserver] ";
293 // Describes the amount of logging the webserver does
294 WebServer::LogLevel d_loglevel{WebServer::LogLevel::Detailed};