]> git.ipfire.org Git - thirdparty/cups.git/blob - scheduler/client.c
projects / thirdparty / cups.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Request files shouldn't have world-read permissions.
[thirdparty/cups.git] / scheduler / client.c
1 /*
2 * "$Id: client.c,v 1.38 1999/10/22 18:30:18 mike Exp $"
3 *
4 * Client routines for the Common UNIX Printing System (CUPS) scheduler.
5 *
6 * Copyright 1997-1999 by Easy Software Products, all rights reserved.
7 *
8 * These coded instructions, statements, and computer programs are the
9 * property of Easy Software Products and are protected by Federal
10 * copyright law. Distribution and use rights are outlined in the file
11 * "LICENSE.txt" which should have been included with this file. If this
12 * file is missing or damaged please contact Easy Software Products
13 * at:
14 *
15 * Attn: CUPS Licensing Information
16 * Easy Software Products
17 * 44141 Airport View Drive, Suite 204
18 * Hollywood, Maryland 20636-3111 USA
19 *
20 * Voice: (301) 373-9603
21 * EMail: cups-info@cups.org
22 * WWW: http://www.cups.org
23 *
24 * Contents:
25 *
26 * AcceptClient() - Accept a new client.
27 * CloseAllClients() - Close all remote clients immediately.
28 * CloseClient() - Close a remote client.
29 * ReadClient() - Read data from a client.
30 * SendCommand() - Send output from a command via HTTP.
31 * SendError() - Send an error message via HTTP.
32 * SendFile() - Send a file via HTTP.
33 * SendHeader() - Send an HTTP request.
34 * WriteClient() - Write data to a client as needed.
35 * check_if_modified() - Decode an "If-Modified-Since" line.
36 * decode_basic_auth() - Decode a Basic authorization string.
37 * get_file() - Get a filename and state info.
38 * pipe_command() - Pipe the output of a command to the remote client.
39 */
40
41 /*
42 * Include necessary headers...
43 */
44
45 #include "cupsd.h"
46
47
48 /*
49 * Local functions...
50 */
51
52 static int check_if_modified(client_t *con, struct stat *filestats);
53 static void decode_basic_auth(client_t *con);
54 static char *get_file(client_t *con, struct stat *filestats);
55 static int pipe_command(client_t *con, int infile, int *outfile, char *command, char *options);
56
57
58 /*
59 * 'AcceptClient()' - Accept a new client.
60 */
61
62 void
63 AcceptClient(listener_t *lis) /* I - Listener socket */
64 {
65 int i; /* Looping var */
66 int val; /* Parameter value */
67 client_t *con; /* New client pointer */
68 unsigned address;/* Address of client */
69 struct hostent *host; /* Host entry for address */
70
71
72 DEBUG_printf(("AcceptClient(%08x) %d NumClients = %d\n",
73 lis, lis->fd, NumClients));
74
75 /*
76 * Get a pointer to the next available client...
77 */
78
79 con = Clients + NumClients;
80
81 memset(con, 0, sizeof(client_t));
82 con->http.activity = time(NULL);
83
84 /*
85 * Accept the client and get the remote address...
86 */
87
88 val = sizeof(struct sockaddr_in);
89
90 if ((con->http.fd = accept(lis->fd, (struct sockaddr *)&(con->http.hostaddr),
91 &val)) < 0)
92 {
93 LogMessage(LOG_ERROR, "accept() failed - %s.", strerror(errno));
94 return;
95 }
96
97 con->http.hostaddr.sin_port = lis->address.sin_port;
98
99 /*
100 * Get the hostname or format the IP address as needed...
101 */
102
103 address = ntohl(con->http.hostaddr.sin_addr.s_addr);
104
105 if (HostNameLookups)
106 #ifndef __sgi
107 host = gethostbyaddr((char *)&address, sizeof(address), AF_INET);
108 #else
109 host = gethostbyaddr(&address, sizeof(address), AF_INET);
110 #endif /* !__sgi */
111 else
112 host = NULL;
113
114 if (host == NULL)
115 sprintf(con->http.hostname, "%d.%d.%d.%d", (address >> 24) & 255,
116 (address >> 16) & 255, (address >> 8) & 255, address & 255);
117 else
118 strncpy(con->http.hostname, host->h_name, sizeof(con->http.hostname) - 1);
119
120 LogMessage(LOG_DEBUG, "accept() %d from %s:%d.", con->http.fd,
121 con->http.hostname, ntohs(con->http.hostaddr.sin_port));
122
123 /*
124 * Add the socket to the select() input mask.
125 */
126
127 fcntl(con->http.fd, F_SETFD, fcntl(con->http.fd, F_GETFD) | FD_CLOEXEC);
128
129 DEBUG_printf(("AcceptClient: Adding fd %d to InputSet...\n", con->http.fd));
130 FD_SET(con->http.fd, &InputSet);
131
132 NumClients ++;
133
134 /*
135 * Temporarily suspend accept()'s until we lose a client...
136 */
137
138 if (NumClients == MaxClients)
139 for (i = 0; i < NumListeners; i ++)
140 {
141 DEBUG_printf(("AcceptClient: Removing fd %d from InputSet...\n", Listeners[i].fd));
142 FD_CLR(Listeners[i].fd, &InputSet);
143 }
144 }
145
146
147 /*
148 * 'CloseAllClients()' - Close all remote clients immediately.
149 */
150
151 void
152 CloseAllClients(void)
153 {
154 while (NumClients > 0)
155 CloseClient(Clients);
156 }
157
158
159 /*
160 * 'CloseClient()' - Close a remote client.
161 */
162
163 void
164 CloseClient(client_t *con) /* I - Client to close */
165 {
166 int i; /* Looping var */
167 int status; /* Exit status of pipe command */
168
169
170 LogMessage(LOG_DEBUG, "CloseClient() %d", con->http.fd);
171
172 /*
173 * Close the socket and clear the file from the input set for select()...
174 */
175
176 if (con->http.fd > 0)
177 {
178 DEBUG_printf(("CloseClient: Removing fd %d from InputSet...\n", con->http.fd));
179 close(con->http.fd);
180 FD_CLR(con->http.fd, &InputSet);
181 FD_CLR(con->http.fd, &OutputSet);
182 con->http.fd = 0;
183 }
184
185 for (i = 0; i < NumListeners; i ++)
186 {
187 DEBUG_printf(("CloseClient: Adding fd %d to InputSet...\n", Listeners[i].fd));
188 FD_SET(Listeners[i].fd, &InputSet);
189 }
190
191 if (con->pipe_pid != 0)
192 {
193 DEBUG_printf(("CloseClient: Removing fd %d from InputSet...\n", con->file));
194 FD_CLR(con->file, &InputSet);
195 }
196
197 /*
198 * If we have a data file open, close it...
199 */
200
201 if (con->file)
202 {
203 if (con->pipe_pid)
204 {
205 kill(con->pipe_pid, SIGKILL);
206 waitpid(con->pipe_pid, &status, WNOHANG);
207 }
208
209 FD_CLR(con->file, &InputSet);
210 close(con->file);
211 con->file = 0;
212 }
213
214 /*
215 * Compact the list of clients as necessary...
216 */
217
218 NumClients --;
219
220 if (con < (Clients + NumClients))
221 memcpy(con, con + 1, (Clients + NumClients - con) * sizeof(client_t));
222 }
223
224
225 /*
226 * 'ReadClient()' - Read data from a client.
227 */
228
229 int /* O - 1 on success, 0 on error */
230 ReadClient(client_t *con) /* I - Client to read from */
231 {
232 char line[8192], /* Line from client... */
233 operation[64], /* Operation code from socket */
234 version[64]; /* HTTP version number string */
235 int major, minor; /* HTTP version numbers */
236 http_status_t status; /* Transfer status */
237 ipp_state_t ipp_state; /* State of IPP transfer */
238 int bytes; /* Number of bytes to POST */
239 char *filename; /* Name of file for GET/HEAD */
240 struct stat filestats; /* File information */
241 mime_type_t *type; /* MIME type of file */
242 char command[1024], /* Command to run */
243 *options; /* Options/CGI data */
244 printer_t *p; /* Printer */
245
246
247 status = HTTP_CONTINUE;
248
249 switch (con->http.state)
250 {
251 case HTTP_WAITING :
252 /*
253 * See if we've received a request line...
254 */
255
256 if (httpGets(line, sizeof(line) - 1, HTTP(con)) == NULL)
257 {
258 CloseClient(con);
259 return (0);
260 }
261
262 /*
263 * Ignore blank request lines...
264 */
265
266 if (line[0] == '\0')
267 break;
268
269 /*
270 * Clear other state variables...
271 */
272
273 httpClearFields(HTTP(con));
274
275 con->http.activity = time(NULL);
276 con->http.version = HTTP_1_0;
277 con->http.keep_alive = HTTP_KEEPALIVE_OFF;
278 con->http.data_encoding = HTTP_ENCODE_LENGTH;
279 con->http.data_remaining = 0;
280 con->operation = HTTP_WAITING;
281 con->bytes = 0;
282 con->file = 0;
283 con->pipe_pid = 0;
284 con->username[0] = '\0';
285 con->password[0] = '\0';
286 con->uri[0] = '\0';
287
288 if (con->language != NULL)
289 {
290 cupsLangFree(con->language);
291 con->language = NULL;
292 }
293
294 /*
295 * Grab the request line...
296 */
297
298 switch (sscanf(line, "%63s%1023s%63s", operation, con->uri, version))
299 {
300 case 1 :
301 SendError(con, HTTP_BAD_REQUEST);
302 CloseClient(con);
303 return (0);
304 case 2 :
305 con->http.version = HTTP_0_9;
306 break;
307 case 3 :
308 if (sscanf(version, "HTTP/%d.%d", &major, &minor) != 2)
309 {
310 SendError(con, HTTP_BAD_REQUEST);
311 CloseClient(con);
312 return (0);
313 }
314
315 if (major < 2)
316 {
317 con->http.version = (http_version_t)(major * 100 + minor);
318 if (con->http.version == HTTP_1_1)
319 con->http.keep_alive = HTTP_KEEPALIVE_ON;
320 else
321 con->http.keep_alive = HTTP_KEEPALIVE_OFF;
322 }
323 else
324 {
325 SendError(con, HTTP_NOT_SUPPORTED);
326 CloseClient(con);
327 return (0);
328 }
329 break;
330 }
331
332 /*
333 * Process the request...
334 */
335
336 if (strcmp(operation, "GET") == 0)
337 con->http.state = HTTP_GET;
338 else if (strcmp(operation, "PUT") == 0)
339 con->http.state = HTTP_PUT;
340 else if (strcmp(operation, "POST") == 0)
341 con->http.state = HTTP_POST;
342 else if (strcmp(operation, "DELETE") == 0)
343 con->http.state = HTTP_DELETE;
344 else if (strcmp(operation, "TRACE") == 0)
345 con->http.state = HTTP_TRACE;
346 else if (strcmp(operation, "CLOSE") == 0)
347 con->http.state = HTTP_CLOSE;
348 else if (strcmp(operation, "OPTIONS") == 0)
349 con->http.state = HTTP_OPTIONS;
350 else if (strcmp(operation, "HEAD") == 0)
351 con->http.state = HTTP_HEAD;
352 else
353 {
354 SendError(con, HTTP_BAD_REQUEST);
355 CloseClient(con);
356 return (0);
357 }
358
359 con->start = time(NULL);
360 con->operation = con->http.state;
361
362 LogMessage(LOG_DEBUG, "ReadClient() %d %s %s HTTP/%d.%d", con->http.fd,
363 operation, con->uri,
364 con->http.version / 100, con->http.version % 100);
365
366 con->http.status = HTTP_OK;
367 break;
368
369 case HTTP_CLOSE :
370 case HTTP_DELETE :
371 case HTTP_GET :
372 case HTTP_HEAD :
373 case HTTP_POST :
374 case HTTP_PUT :
375 case HTTP_TRACE :
376 /*
377 * Parse incoming parameters until the status changes...
378 */
379
380 status = httpUpdate(HTTP(con));
381
382 if (status != HTTP_OK && status != HTTP_CONTINUE)
383 {
384 SendError(con, HTTP_BAD_REQUEST);
385 CloseClient(con);
386 return (0);
387 }
388 break;
389 }
390
391 /*
392 * Handle new transfers...
393 */
394
395 if (status == HTTP_OK)
396 {
397 con->language = cupsLangGet(con->http.fields[HTTP_FIELD_ACCEPT_LANGUAGE]);
398
399 decode_basic_auth(con);
400
401 if (con->http.fields[HTTP_FIELD_HOST][0] == '\0' &&
402 con->http.version >= HTTP_1_0)
403 {
404 if (!SendError(con, HTTP_BAD_REQUEST))
405 {
406 CloseClient(con);
407 return (0);
408 }
409 }
410 else if (strncmp(con->uri, "..", 2) == 0)
411 {
412 /*
413 * Protect against malicious users!
414 */
415
416 if (!SendError(con, HTTP_FORBIDDEN))
417 {
418 CloseClient(con);
419 return (0);
420 }
421 }
422 else if (con->uri[0] != '/')
423 {
424 /*
425 * Don't allow proxying (yet)...
426 */
427
428 if (!SendError(con, HTTP_METHOD_NOT_ALLOWED))
429 {
430 CloseClient(con);
431 return (0);
432 }
433 }
434 else if ((status = IsAuthorized(con)) != HTTP_OK)
435 {
436 SendError(con, status);
437 CloseClient(con);
438 return (0);
439 }
440 else switch (con->http.state)
441 {
442 case HTTP_GET_SEND :
443 if (strncmp(con->uri, "/printers/", 10) == 0 &&
444 strcmp(con->uri + strlen(con->uri) - 4, ".ppd") == 0)
445 {
446 /*
447 * Send PPD file - get the real printer name since printer
448 * names are not case sensitive but filename can be...
449 */
450
451 con->uri[strlen(con->uri) - 4] = '\0'; /* Drop ".ppd" */
452
453 if ((p = FindPrinter(con->uri + 10)) != NULL)
454 sprintf(con->uri, "/ppd/%s.ppd", p->name);
455 else
456 {
457 if (!SendError(con, HTTP_NOT_FOUND))
458 {
459 CloseClient(con);
460 return (0);
461 }
462
463 break;
464 }
465 }
466
467 if (strncmp(con->uri, "/printers", 9) == 0 ||
468 strncmp(con->uri, "/classes", 8) == 0 ||
469 strncmp(con->uri, "/jobs", 5) == 0)
470 {
471 /*
472 * Send CGI output...
473 */
474
475 if (strncmp(con->uri, "/printers", 9) == 0)
476 {
477 snprintf(command, sizeof(command), "%s/cgi-bin/printers.cgi", ServerRoot);
478 options = con->uri + 9;
479 }
480 else if (strncmp(con->uri, "/classes", 8) == 0)
481 {
482 snprintf(command, sizeof(command), "%s/cgi-bin/classes.cgi", ServerRoot);
483 options = con->uri + 8;
484 }
485 else
486 {
487 snprintf(command, sizeof(command), "%s/cgi-bin/jobs.cgi", ServerRoot);
488 options = con->uri + 5;
489 }
490
491 if (*options == '/')
492 options ++;
493
494 if (!SendCommand(con, command, options))
495 {
496 if (!SendError(con, HTTP_NOT_FOUND))
497 {
498 CloseClient(con);
499 return (0);
500 }
501 }
502 else
503 LogRequest(con, HTTP_OK);
504
505 if (con->http.version <= HTTP_1_0)
506 con->http.keep_alive = HTTP_KEEPALIVE_OFF;
507 }
508 else
509 {
510 /*
511 * Serve a file...
512 */
513
514 if ((filename = get_file(con, &filestats)) == NULL)
515 {
516 if (!SendError(con, HTTP_NOT_FOUND))
517 {
518 CloseClient(con);
519 return (0);
520 }
521 }
522 else if (!check_if_modified(con, &filestats))
523 {
524 if (!SendError(con, HTTP_NOT_MODIFIED))
525 {
526 CloseClient(con);
527 return (0);
528 }
529 }
530 else
531 {
532 type = mimeFileType(MimeDatabase, filename);
533 if (type == NULL)
534 strcpy(line, "text/plain");
535 else
536 sprintf(line, "%s/%s", type->super, type->type);
537
538 if (!SendFile(con, HTTP_OK, filename, line, &filestats))
539 {
540 CloseClient(con);
541 return (0);
542 }
543 }
544 }
545 break;
546
547 case HTTP_POST_RECV :
548 /*
549 * See if the POST request includes a Content-Length field, and if
550 * so check the length against any limits that are set...
551 */
552
553 if (con->http.fields[HTTP_FIELD_CONTENT_LENGTH][0] &&
554 atoi(con->http.fields[HTTP_FIELD_CONTENT_LENGTH]) > MaxRequestSize &&
555 MaxRequestSize > 0)
556 {
557 /*
558 * Request too large...
559 */
560
561 if (!SendError(con, HTTP_REQUEST_TOO_LARGE))
562 {
563 CloseClient(con);
564 return (0);
565 }
566
567 break;
568 }
569
570 /*
571 * See what kind of POST request this is; for IPP requests the
572 * content-type field will be "application/ipp"...
573 */
574
575 if (strcmp(con->http.fields[HTTP_FIELD_CONTENT_TYPE], "application/ipp") == 0)
576 con->request = ippNew();
577 else if (strcmp(con->http.fields[HTTP_FIELD_CONTENT_TYPE], "application/x-www-form-urlencoded") == 0 &&
578 (strncmp(con->uri, "/printers", 9) == 0 ||
579 strncmp(con->uri, "/classes", 8) == 0 ||
580 strncmp(con->uri, "/jobs", 5) == 0))
581 {
582 /*
583 * CGI request...
584 */
585
586 if (strncmp(con->uri, "/printers", 9) == 0)
587 {
588 snprintf(command, sizeof(command), "%s/cgi-bin/printers", ServerRoot);
589 options = con->uri + 9;
590 }
591 else if (strncmp(con->uri, "/classes", 8) == 0)
592 {
593 snprintf(command, sizeof(command), "%s/cgi-bin/classes", ServerRoot);
594 options = con->uri + 8;
595 }
596 else
597 {
598 snprintf(command, sizeof(command), "%s/cgi-bin/jobs", ServerRoot);
599 options = con->uri + 5;
600 }
601
602 if (*options == '/')
603 options ++;
604
605 if (!SendCommand(con, command, options))
606 {
607 if (!SendError(con, HTTP_NOT_FOUND))
608 {
609 CloseClient(con);
610 return (0);
611 }
612 }
613 else
614 LogRequest(con, HTTP_OK);
615
616 if (con->http.version <= HTTP_1_0)
617 con->http.keep_alive = HTTP_KEEPALIVE_OFF;
618 }
619 else if (!SendError(con, HTTP_UNAUTHORIZED))
620 {
621 CloseClient(con);
622 return (0);
623 }
624 break;
625
626 case HTTP_PUT_RECV :
627 case HTTP_DELETE :
628 case HTTP_TRACE :
629 SendError(con, HTTP_NOT_IMPLEMENTED);
630
631 case HTTP_CLOSE :
632 CloseClient(con);
633 return (0);
634
635 case HTTP_HEAD :
636 if (strncmp(con->uri, "/printers", 9) == 0 &&
637 strcmp(con->uri + strlen(con->uri) - 4, ".ppd") == 0)
638 {
639 /*
640 * Send PPD file...
641 */
642
643 snprintf(command, sizeof(command), "/ppd/%s", con->uri + 10);
644 strcpy(con->uri, command);
645 }
646
647 if (strncmp(con->uri, "/printers/", 10) == 0 ||
648 strncmp(con->uri, "/classes/", 9) == 0 ||
649 strncmp(con->uri, "/jobs/", 6) == 0)
650 {
651 /*
652 * CGI output...
653 */
654
655 if (!SendHeader(con, HTTP_OK, "text/html"))
656 {
657 CloseClient(con);
658 return (0);
659 }
660
661 if (httpPrintf(HTTP(con), "\r\n") < 0)
662 {
663 CloseClient(con);
664 return (0);
665 }
666
667 LogRequest(con, HTTP_OK);
668 }
669 else if ((filename = get_file(con, &filestats)) == NULL)
670 {
671 if (!SendHeader(con, HTTP_NOT_FOUND, "text/html"))
672 {
673 CloseClient(con);
674 return (0);
675 }
676
677 LogRequest(con, HTTP_NOT_FOUND);
678 }
679 else if (!check_if_modified(con, &filestats))
680 {
681 if (!SendError(con, HTTP_NOT_MODIFIED))
682 {
683 CloseClient(con);
684 return (0);
685 }
686
687 LogRequest(con, HTTP_NOT_MODIFIED);
688 }
689 else
690 {
691 /*
692 * Serve a file...
693 */
694
695 type = mimeFileType(MimeDatabase, filename);
696 if (type == NULL)
697 strcpy(line, "text/plain");
698 else
699 sprintf(line, "%s/%s", type->super, type->type);
700
701 if (!SendHeader(con, HTTP_OK, line))
702 {
703 CloseClient(con);
704 return (0);
705 }
706
707 if (httpPrintf(HTTP(con), "Last-Modified: %s\r\n",
708 httpGetDateString(filestats.st_mtime)) < 0)
709 {
710 CloseClient(con);
711 return (0);
712 }
713
714 if (httpPrintf(HTTP(con), "Content-Length: %d\r\n",
715 filestats.st_size) < 0)
716 {
717 CloseClient(con);
718 return (0);
719 }
720
721 LogRequest(con, HTTP_OK);
722 }
723
724 if (httpPrintf(HTTP(con), "\r\n") < 0)
725 {
726 CloseClient(con);
727 return (0);
728 }
729
730 con->http.state = HTTP_WAITING;
731 break;
732 }
733 }
734
735 /*
736 * Handle any incoming data...
737 */
738
739 switch (con->http.state)
740 {
741 case HTTP_PUT_RECV :
742 break;
743
744 case HTTP_POST_RECV :
745 LogMessage(LOG_DEBUG, "ReadClient() %d con->data_encoding = %s con->data_remaining = %d",
746 con->http.fd,
747 con->http.data_encoding == HTTP_ENCODE_CHUNKED ? "chunked" : "length",
748 con->http.data_remaining);
749 DEBUG_printf(("ReadClient() %d con->data_encoding = %s con->data_remaining = %d\n",
750 con->http.fd,
751 con->http.data_encoding == HTTP_ENCODE_CHUNKED ? "chunked" : "length",
752 con->http.data_remaining));
753
754 if (con->request != NULL)
755 {
756 /*
757 * Grab any request data from the connection...
758 */
759
760 if ((ipp_state = ippRead(&(con->http), con->request)) == IPP_ERROR)
761 {
762 LogMessage(LOG_ERROR, "ReadClient() %d IPP Read Error!",
763 con->http.fd);
764 CloseClient(con);
765 return (0);
766 }
767 else if (ipp_state != IPP_DATA)
768 break;
769
770 if (con->file == 0 && con->http.state != HTTP_POST_SEND)
771 {
772 /*
773 * Create a file as needed for the request data...
774 */
775
776 snprintf(con->filename, sizeof(con->filename), "%s/requests/XXXXXX", ServerRoot);
777 con->file = mkstemp(con->filename);
778 fchmod(con->file, 0640);
779
780 LogMessage(LOG_DEBUG, "ReadClient() %d REQUEST %s", con->http.fd,
781 con->filename);
782
783 if (con->file < 0)
784 {
785 if (!SendError(con, HTTP_REQUEST_TOO_LARGE))
786 {
787 CloseClient(con);
788 return (0);
789 }
790 }
791 }
792 }
793
794 if (con->http.state != HTTP_POST_SEND)
795 {
796 if ((bytes = httpRead(HTTP(con), line, sizeof(line))) < 0)
797 {
798 CloseClient(con);
799 return (0);
800 }
801 else if (bytes > 0)
802 {
803 con->bytes += bytes;
804
805 if (bytes >= 1024)
806 LogMessage(LOG_DEBUG, "ReadClient() %d writing %d bytes", bytes);
807
808 if (write(con->file, line, bytes) < bytes)
809 {
810 close(con->file);
811 con->file = 0;
812 unlink(con->filename);
813
814 if (!SendError(con, HTTP_REQUEST_TOO_LARGE))
815 {
816 CloseClient(con);
817 return (0);
818 }
819 }
820 }
821 else if (con->http.state != HTTP_POST_SEND)
822 {
823 CloseClient(con);
824 return (0);
825 }
826 }
827
828 if (con->http.state == HTTP_POST_SEND)
829 {
830 if (con->file)
831 {
832 fstat(con->file, &filestats);
833 close(con->file);
834 con->file = 0;
835
836 if (filestats.st_size > MaxRequestSize &&
837 MaxRequestSize > 0)
838 {
839 /*
840 * Request is too big; remove it and send an error...
841 */
842
843 unlink(con->filename);
844
845 if (con->request)
846 {
847 /*
848 * Delete any IPP request data...
849 */
850
851 ippDelete(con->request);
852 con->request = NULL;
853 }
854
855 if (!SendError(con, HTTP_REQUEST_TOO_LARGE))
856 {
857 CloseClient(con);
858 return (0);
859 }
860 }
861 }
862
863 if (con->request)
864 ProcessIPPRequest(con);
865 }
866 break;
867 }
868
869 if (!con->http.keep_alive && con->http.state == HTTP_WAITING)
870 {
871 CloseClient(con);
872 return (0);
873 }
874 else
875 return (1);
876 }
877
878
879 /*
880 * 'SendCommand()' - Send output from a command via HTTP.
881 */
882
883 int
884 SendCommand(client_t *con,
885 char *command,
886 char *options)
887 {
888 con->pipe_pid = pipe_command(con, 0, &(con->file), command, options);
889
890 LogMessage(LOG_DEBUG, "SendCommand() %d command=\"%s\" file=%d pipe_pid=%d",
891 con->http.fd, command, con->file, con->pipe_pid);
892
893 if (con->pipe_pid == 0)
894 return (0);
895
896 fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
897
898 DEBUG_printf(("SendCommand: Adding fd %d to InputSet...\n", con->file));
899 FD_SET(con->file, &InputSet);
900 FD_SET(con->http.fd, &OutputSet);
901
902 if (!SendHeader(con, HTTP_OK, NULL))
903 return (0);
904
905 if (con->http.version == HTTP_1_1)
906 {
907 con->http.data_encoding = HTTP_ENCODE_CHUNKED;
908
909 if (httpPrintf(HTTP(con), "Transfer-Encoding: chunked\r\n") < 0)
910 return (0);
911 }
912
913 return (1);
914 }
915
916
917 /*
918 * 'SendError()' - Send an error message via HTTP.
919 */
920
921 int /* O - 1 if successful, 0 otherwise */
922 SendError(client_t *con, /* I - Connection */
923 http_status_t code) /* I - Error code */
924 {
925 char message[1024]; /* Message for user */
926
927
928 /*
929 * Put the request in the access_log file...
930 */
931
932 if (con->operation > HTTP_WAITING)
933 LogRequest(con, code);
934
935 /*
936 * To work around bugs in some proxies, don't use Keep-Alive for some
937 * error messages...
938 */
939
940 if (code >= HTTP_BAD_REQUEST)
941 con->http.keep_alive = HTTP_KEEPALIVE_OFF;
942
943 /*
944 * Send an error message back to the client. If the error code is a
945 * 400 or 500 series, make sure the message contains some text, too!
946 */
947
948 if (!SendHeader(con, code, NULL))
949 return (0);
950
951 if (code == HTTP_UNAUTHORIZED)
952 {
953 if (httpPrintf(HTTP(con), "WWW-Authenticate: Basic realm=\"CUPS\"\r\n") < 0)
954 return (0);
955 }
956
957 if (con->http.version >= HTTP_1_1 && !con->http.keep_alive)
958 {
959 if (httpPrintf(HTTP(con), "Connection: close\r\n") < 0)
960 return (0);
961 }
962
963 if (code >= HTTP_BAD_REQUEST)
964 {
965 /*
966 * Send a human-readable error message.
967 */
968
969 snprintf(message, sizeof(message),
970 "<HTML><HEAD><TITLE>%d %s</TITLE></HEAD>"
971 "<BODY><H1>%s</H1>%s</BODY></HTML>\n",
972 code, httpStatus(code), httpStatus(code),
973 con->language ? con->language->messages[code] :
974 httpStatus(code));
975
976 if (httpPrintf(HTTP(con), "Content-Type: text/html\r\n") < 0)
977 return (0);
978 if (httpPrintf(HTTP(con), "Content-Length: %d\r\n", strlen(message)) < 0)
979 return (0);
980 if (httpPrintf(HTTP(con), "\r\n") < 0)
981 return (0);
982 if (httpPrintf(HTTP(con), "%s", message) < 0)
983 return (0);
984 }
985 else if (httpPrintf(HTTP(con), "\r\n") < 0)
986 return (0);
987
988 con->http.state = HTTP_WAITING;
989
990 return (1);
991 }
992
993
994 /*
995 * 'SendFile()' - Send a file via HTTP.
996 */
997
998 int
999 SendFile(client_t *con,
1000 http_status_t code,
1001 char *filename,
1002 char *type,
1003 struct stat *filestats)
1004 {
1005 con->file = open(filename, O_RDONLY);
1006
1007 LogMessage(LOG_DEBUG, "SendFile() %d file=%d", con->http.fd, con->file);
1008
1009 if (con->file < 0)
1010 return (0);
1011
1012 fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
1013
1014 con->pipe_pid = 0;
1015
1016 if (!SendHeader(con, code, type))
1017 return (0);
1018
1019 if (httpPrintf(HTTP(con), "Last-Modified: %s\r\n", httpGetDateString(filestats->st_mtime)) < 0)
1020 return (0);
1021 if (httpPrintf(HTTP(con), "Content-Length: %d\r\n", filestats->st_size) < 0)
1022 return (0);
1023 if (httpPrintf(HTTP(con), "\r\n") < 0)
1024 return (0);
1025
1026 FD_SET(con->http.fd, &OutputSet);
1027
1028 return (1);
1029 }
1030
1031
1032 /*
1033 * 'SendHeader()' - Send an HTTP request.
1034 */
1035
1036 int /* O - 1 on success, 0 on failure */
1037 SendHeader(client_t *con, /* I - Client to send to */
1038 http_status_t code, /* I - HTTP status code */
1039 char *type) /* I - MIME type of document */
1040 {
1041 if (httpPrintf(HTTP(con), "HTTP/%d.%d %d %s\r\n", con->http.version / 100,
1042 con->http.version % 100, code, httpStatus(code)) < 0)
1043 return (0);
1044 if (httpPrintf(HTTP(con), "Date: %s\r\n", httpGetDateString(time(NULL))) < 0)
1045 return (0);
1046 if (httpPrintf(HTTP(con), "Server: CUPS/1.0\r\n") < 0)
1047 return (0);
1048 if (con->http.keep_alive && con->http.version >= HTTP_1_0)
1049 {
1050 if (httpPrintf(HTTP(con), "Connection: Keep-Alive\r\n") < 0)
1051 return (0);
1052 if (httpPrintf(HTTP(con), "Keep-Alive: timeout=%d\r\n", KeepAliveTimeout) < 0)
1053 return (0);
1054 }
1055 if (con->language != NULL)
1056 {
1057 if (httpPrintf(HTTP(con), "Content-Language: %s\r\n",
1058 con->language->language) < 0)
1059 return (0);
1060
1061 if (type != NULL)
1062 if (httpPrintf(HTTP(con), "Content-Type: %s; charset=%s\r\n", type,
1063 cupsLangEncoding(con->language)) < 0)
1064 return (0);
1065 }
1066 else if (type != NULL)
1067 if (httpPrintf(HTTP(con), "Content-Type: %s\r\n", type) < 0)
1068 return (0);
1069
1070 return (1);
1071 }
1072
1073
1074 /*
1075 * 'WriteClient()' - Write data to a client as needed.
1076 */
1077
1078 int /* O - 1 if success, 0 if fail */
1079 WriteClient(client_t *con) /* I - Client connection */
1080 {
1081 int bytes; /* Number of bytes written */
1082 char buf[HTTP_MAX_BUFFER]; /* Data buffer */
1083 ipp_state_t ipp_state; /* IPP state value */
1084
1085
1086 if (con->http.state != HTTP_GET_SEND &&
1087 con->http.state != HTTP_POST_SEND)
1088 return (1);
1089
1090 if (con->response != NULL)
1091 {
1092 ipp_state = ippWrite(&(con->http), con->response);
1093 bytes = ipp_state != IPP_ERROR && ipp_state != IPP_DATA;
1094 }
1095 else if ((bytes = read(con->file, buf, sizeof(buf))) > 0)
1096 {
1097 if (httpWrite(HTTP(con), buf, bytes) < 0)
1098 {
1099 CloseClient(con);
1100 return (0);
1101 }
1102
1103 con->bytes += bytes;
1104 }
1105
1106 if (bytes <= 0)
1107 {
1108 LogRequest(con, HTTP_OK);
1109
1110 if (con->http.data_encoding == HTTP_ENCODE_CHUNKED)
1111 {
1112 if (httpPrintf(HTTP(con), "0\r\n\r\n") < 0)
1113 {
1114 CloseClient(con);
1115 return (0);
1116 }
1117 }
1118
1119 con->http.state = HTTP_WAITING;
1120
1121 FD_CLR(con->http.fd, &OutputSet);
1122
1123 if (con->file)
1124 {
1125 DEBUG_printf(("WriteClient: Removing fd %d from InputSet...\n", con->file));
1126 FD_CLR(con->file, &InputSet);
1127
1128 if (con->pipe_pid)
1129 kill(con->pipe_pid, SIGTERM);
1130
1131 close(con->file);
1132 con->file = 0;
1133 con->pipe_pid = 0;
1134 }
1135
1136 if (con->request != NULL)
1137 {
1138 ippDelete(con->request);
1139 con->request = NULL;
1140 }
1141
1142 if (con->response != NULL)
1143 {
1144 ippDelete(con->response);
1145 con->response = NULL;
1146 }
1147
1148 if (!con->http.keep_alive)
1149 {
1150 CloseClient(con);
1151 return (0);
1152 }
1153 }
1154
1155 if (bytes >= 1024)
1156 LogMessage(LOG_DEBUG, "WriteClient() %d %d bytes", con->http.fd, bytes);
1157
1158 con->http.activity = time(NULL);
1159
1160 return (1);
1161 }
1162
1163
1164 /*
1165 * 'check_if_modified()' - Decode an "If-Modified-Since" line.
1166 */
1167
1168 static int /* O - 1 if modified since */
1169 check_if_modified(client_t *con, /* I - Client connection */
1170 struct stat *filestats) /* I - File information */
1171 {
1172 char *ptr; /* Pointer into field */
1173 time_t date; /* Time/date value */
1174 int size; /* Size/length value */
1175
1176
1177 size = 0;
1178 date = 0;
1179 ptr = con->http.fields[HTTP_FIELD_IF_MODIFIED_SINCE];
1180
1181 if (*ptr == '\0')
1182 return (1);
1183
1184 LogMessage(LOG_DEBUG, "check_if_modified() %d If-Modified-Since=\"%s\"",
1185 con->http.fd, ptr);
1186
1187 while (*ptr != '\0')
1188 {
1189 while (isspace(*ptr) || *ptr == ';')
1190 ptr ++;
1191
1192 if (strncasecmp(ptr, "length=", 7) == 0)
1193 {
1194 ptr += 7;
1195 size = atoi(ptr);
1196
1197 while (isdigit(*ptr))
1198 ptr ++;
1199 }
1200 else if (isalpha(*ptr))
1201 {
1202 date = httpGetDateTime(ptr);
1203 while (*ptr != '\0' && *ptr != ';')
1204 ptr ++;
1205 }
1206 }
1207
1208 LogMessage(LOG_DEBUG, "check_if_modified() %d sizes=%d,%d dates=%d,%d",
1209 con->http.fd, size, filestats->st_size, date, filestats->st_mtime);
1210
1211 return ((size != filestats->st_size && size != 0) ||
1212 (date < filestats->st_mtime && date != 0) ||
1213 (size == 0 && date == 0));
1214 }
1215
1216
1217 /*
1218 * 'decode_basic_auth()' - Decode a Basic authorization string.
1219 */
1220
1221 static void
1222 decode_basic_auth(client_t *con) /* I - Client to decode to */
1223 {
1224 char *s, /* Authorization string */
1225 value[1024]; /* Value string */
1226
1227
1228 /*
1229 * Decode the string and pull the username and password out...
1230 */
1231
1232 s = con->http.fields[HTTP_FIELD_AUTHORIZATION];
1233 if (strncmp(s, "Basic", 5) != 0)
1234 return;
1235
1236 s += 5;
1237 while (isspace(*s))
1238 s ++;
1239
1240 httpDecode64(value, s);
1241
1242 sscanf(value, "%31[^:]:%31s", con->username, con->password);
1243
1244 LogMessage(LOG_DEBUG, "decode_basic_auth() %d username=\"%s\"",
1245 con->http.fd, con->username);
1246 }
1247
1248
1249 /*
1250 * 'get_file()' - Get a filename and state info.
1251 */
1252
1253 static char * /* O - Real filename */
1254 get_file(client_t *con, /* I - Client connection */
1255 struct stat *filestats)/* O - File information */
1256 {
1257 int status; /* Status of filesystem calls */
1258 char *params; /* Pointer to parameters in URI */
1259 static char filename[1024]; /* Filename buffer */
1260
1261
1262 /*
1263 * Need to add DocumentRoot global...
1264 */
1265
1266 if (strncmp(con->uri, "/ppd/", 5) == 0)
1267 snprintf(filename, sizeof(filename), "%s%s", ServerRoot, con->uri);
1268 else if (con->language != NULL)
1269 snprintf(filename, sizeof(filename), "%s/%s%s", DocumentRoot, con->language->language,
1270 con->uri);
1271 else
1272 snprintf(filename, sizeof(filename), "%s%s", DocumentRoot, con->uri);
1273
1274 if ((params = strchr(filename, '?')) != NULL)
1275 *params = '\0';
1276
1277 /*
1278 * Grab the status for this language; if there isn't a language-specific file
1279 * then fallback to the default one...
1280 */
1281
1282 if ((status = stat(filename, filestats)) != 0 && con->language != NULL)
1283 {
1284 /*
1285 * Drop the language prefix and try the current directory...
1286 */
1287
1288 if (strncmp(con->uri, "/ppd/", 5) != 0)
1289 {
1290 snprintf(filename, sizeof(filename), "%s%s", DocumentRoot, con->uri);
1291
1292 status = stat(filename, filestats);
1293 }
1294 }
1295
1296 /*
1297 * If we're found a directory, get the index.html file instead...
1298 */
1299
1300 if (!status && S_ISDIR(filestats->st_mode))
1301 {
1302 if (filename[strlen(filename) - 1] == '/')
1303 strcat(filename, "index.html");
1304 else
1305 strcat(filename, "/index.html");
1306
1307 status = stat(filename, filestats);
1308 }
1309
1310 LogMessage(LOG_DEBUG, "get_file() %d filename=%s size=%d",
1311 con->http.fd, filename, status ? -1 : filestats->st_size);
1312
1313 if (status)
1314 return (NULL);
1315 else
1316 return (filename);
1317 }
1318
1319
1320 /*
1321 * 'pipe_command()' - Pipe the output of a command to the remote client.
1322 */
1323
1324 static int /* O - Process ID */
1325 pipe_command(client_t *con, /* I - Client connection */
1326 int infile, /* I - Standard input for command */
1327 int *outfile, /* O - Standard output for command */
1328 char *command, /* I - Command to run */
1329 char *options) /* I - Options for command */
1330 {
1331 int pid; /* Process ID */
1332 char *commptr; /* Command string pointer */
1333 int fds[2]; /* Pipe FDs */
1334 int argc; /* Number of arguments */
1335 char argbuf[1024], /* Argument buffer */
1336 *argv[100], /* Argument strings */
1337 *envp[100]; /* Environment variables */
1338 char hostname[1024]; /* Hostname string */
1339 static char lang[1024]; /* LANG env variable */
1340 static char content_length[1024]; /* CONTENT_LENGTH env variable */
1341 static char content_type[1024]; /* CONTENT_TYPE env variable */
1342 static char ipp_port[1024]; /* Default listen port */
1343 static char server_port[1024]; /* Default listen port */
1344 static char server_name[1024]; /* Default listen hostname */
1345 static char remote_host[1024]; /* REMOTE_HOST env variable */
1346 static char remote_user[1024]; /* REMOTE_HOST env variable */
1347 static char tmpdir[1024]; /* TMPDIR env variable */
1348
1349
1350 /*
1351 * Copy the command string...
1352 */
1353
1354 strncpy(argbuf, options, sizeof(argbuf) - 1);
1355 argbuf[sizeof(argbuf) - 1] = '\0';
1356
1357 /*
1358 * Parse the string; arguments can be separated by spaces or by ? or +...
1359 */
1360
1361 argv[0] = argbuf;
1362
1363 for (commptr = argbuf, argc = 1; *commptr != '\0' && argc < 99; commptr ++)
1364 if (*commptr == ' ' || *commptr == '?' || *commptr == '+')
1365 {
1366 *commptr++ = '\0';
1367
1368 while (*commptr == ' ')
1369 commptr ++;
1370
1371 if (*commptr != '\0')
1372 {
1373 argv[argc] = commptr;
1374 argc ++;
1375 }
1376
1377 commptr --;
1378 }
1379 else if (*commptr == '%')
1380 {
1381 if (commptr[1] >= '0' && commptr[1] <= '9')
1382 *commptr = (commptr[1] - '0') << 4;
1383 else
1384 *commptr = (tolower(commptr[1]) - 'a' + 10) << 4;
1385
1386 if (commptr[2] >= '0' && commptr[2] <= '9')
1387 *commptr |= commptr[2] - '0';
1388 else
1389 *commptr |= tolower(commptr[2]) - 'a' + 10;
1390
1391 strcpy(commptr + 1, commptr + 3);
1392 }
1393
1394 argv[argc] = NULL;
1395
1396 if (argv[0][0] == '\0')
1397 argv[0] = strrchr(command, '/') + 1;
1398
1399 /*
1400 * Setup the environment variables as needed...
1401 */
1402
1403 gethostname(hostname, sizeof(hostname) - 1);
1404
1405 sprintf(lang, "LANG=%s", con->language ? con->language->language : "C");
1406 sprintf(ipp_port, "IPP_PORT=%d", ntohs(con->http.hostaddr.sin_port));
1407 sprintf(server_port, "SERVER_PORT=%d", ntohs(con->http.hostaddr.sin_port));
1408 sprintf(server_name, "SERVER_NAME=%s", hostname);
1409 sprintf(remote_host, "REMOTE_HOST=%s", con->http.hostname);
1410 sprintf(remote_user, "REMOTE_USER=%s", con->username);
1411 sprintf(tmpdir, "TMPDIR=%s", TempDir);
1412
1413 envp[0] = "PATH=/bin:/usr/bin";
1414 envp[1] = "SERVER_SOFTWARE=CUPS/1.0";
1415 envp[2] = "GATEWAY_INTERFACE=CGI/1.1";
1416 envp[3] = "SERVER_PROTOCOL=HTTP/1.1";
1417 envp[4] = ipp_port;
1418 envp[5] = server_name;
1419 envp[6] = server_port;
1420 envp[7] = remote_host;
1421 envp[8] = remote_user;
1422 envp[9] = lang;
1423 envp[10] = TZ;
1424 envp[11] = tmpdir;
1425
1426 if (con->operation == HTTP_GET)
1427 {
1428 envp[12] = "REQUEST_METHOD=GET";
1429 envp[13] = NULL;
1430 }
1431 else
1432 {
1433 sprintf(content_length, "CONTENT_LENGTH=%d", con->http.data_remaining);
1434 snprintf(content_type, sizeof(content_type), "CONTENT_TYPE=%s",
1435 con->http.fields[HTTP_FIELD_CONTENT_TYPE]);
1436
1437 envp[12] = "REQUEST_METHOD=POST";
1438 envp[13] = content_length;
1439 envp[14] = content_type;
1440 envp[15] = NULL;
1441 }
1442
1443 /*
1444 * Create a pipe for the output...
1445 */
1446
1447 if (pipe(fds))
1448 {
1449 LogMessage(LOG_ERROR, "Unable to create pipes for CGI %s - %s",
1450 argv[0], strerror(errno));
1451 return (0);
1452 }
1453
1454 /*
1455 * Then execute the command...
1456 */
1457
1458 if ((pid = fork()) == 0)
1459 {
1460 /*
1461 * Child comes here... Close stdin if necessary and dup the pipe to stdout.
1462 */
1463
1464 setgid(Group);
1465 setuid(User);
1466
1467 if (infile)
1468 {
1469 close(0);
1470 dup(infile);
1471 }
1472
1473 close(1);
1474 dup(fds[1]);
1475
1476 close(fds[0]);
1477 close(fds[1]);
1478
1479 /*
1480 * Execute the pipe program; if an error occurs, exit with status 1...
1481 */
1482
1483 execve(command, argv, envp);
1484 perror("execve failed");
1485 exit(errno);
1486 return (0);
1487 }
1488 else if (pid < 0)
1489 {
1490 /*
1491 * Error - can't fork!
1492 */
1493
1494 LogMessage(LOG_ERROR, "Unable to fork for CGI %s - %s", argv[0],
1495 strerror(errno));
1496
1497 close(fds[0]);
1498 close(fds[1]);
1499 return (0);
1500 }
1501 else
1502 {
1503 /*
1504 * Fork successful - return the PID...
1505 */
1506
1507 LogMessage(LOG_DEBUG, "CGI %s started - PID = %d", argv[0], pid);
1508
1509 *outfile = fds[0];
1510 close(fds[1]);
1511
1512 return (pid);
1513 }
1514 }
1515
1516
1517 /*
1518 * End of "$Id: client.c,v 1.38 1999/10/22 18:30:18 mike Exp $".
1519 */
Unnamed repository; edit this file 'description' to name the repository.