]>
git.ipfire.org Git - thirdparty/cups.git/blob - cgi-bin/var.c
2 * CGI form variable and array functions for CUPS.
4 * Copyright © 2007-2019 by Apple Inc.
5 * Copyright © 1997-2005 by Easy Software Products.
7 * Licensed under Apache License v2.0. See the file "LICENSE" for more information.
11 * Include necessary headers...
15 #include "cgi-private.h"
16 #include <cups/http.h>
23 #define CUPS_SID "org.cups.sid"
27 * Data structure to hold all the CGI form variables and arrays...
30 typedef struct /**** Form variable structure ****/
32 char *name
; /* Name of variable */
33 int nvalues
, /* Number of values */
34 avalues
; /* Number of values allocated */
35 char **values
; /* Value(s) of variable */
43 static int num_cookies
= 0;/* Number of cookies */
44 static cups_option_t
*cookies
= NULL
;/* Cookies */
45 static int form_count
= 0, /* Form variable count */
46 form_alloc
= 0; /* Number of variables allocated */
47 static _cgi_var_t
*form_vars
= NULL
;
49 static cgi_file_t
*form_file
= NULL
;
57 static void cgi_add_variable(const char *name
, int element
,
59 static int cgi_compare_variables(const _cgi_var_t
*v1
,
60 const _cgi_var_t
*v2
);
61 static _cgi_var_t
*cgi_find_variable(const char *name
);
62 static void cgi_initialize_cookies(void);
63 static int cgi_initialize_get(void);
64 static int cgi_initialize_multipart(const char *boundary
);
65 static int cgi_initialize_post(void);
66 static int cgi_initialize_string(const char *data
);
67 static const char *cgi_passwd(const char *prompt
);
68 static const char *cgi_set_sid(void);
69 static void cgi_sort_variables(void);
70 static void cgi_unlink_file(void);
74 * 'cgiCheckVariables()' - Check for the presence of "required" variables.
76 * Names may be separated by spaces and/or commas.
79 int /* O - 1 if all variables present, 0 otherwise */
80 cgiCheckVariables(const char *names
) /* I - Variables to look for */
82 char name
[255], /* Current variable name */
83 *s
; /* Pointer in string */
84 const char *val
; /* Value of variable */
85 int element
; /* Array element number */
91 while (*names
!= '\0')
93 while (*names
== ' ' || *names
== ',')
96 for (s
= name
; *names
!= '\0' && *names
!= ' ' && *names
!= ','; s
++, names
++)
103 if ((s
= strrchr(name
, '-')) != NULL
)
106 element
= atoi(s
+ 1) - 1;
107 val
= cgiGetArray(name
, element
);
110 val
= cgiGetVariable(name
);
116 return (0); /* Can't be blank, either! */
124 * 'cgiClearVariables()' - Clear all form variables.
128 cgiClearVariables(void)
130 int i
, j
; /* Looping vars */
131 _cgi_var_t
*v
; /* Current variable */
134 fputs("DEBUG: cgiClearVariables called.\n", stderr
);
136 for (v
= form_vars
, i
= form_count
; i
> 0; v
++, i
--)
139 for (j
= 0; j
< v
->nvalues
; j
++)
151 * 'cgiGetArray()' - Get an element from a form array.
154 const char * /* O - Element value or NULL */
155 cgiGetArray(const char *name
, /* I - Name of array variable */
156 int element
) /* I - Element number (0 to N) */
158 _cgi_var_t
*var
; /* Pointer to variable */
161 if ((var
= cgi_find_variable(name
)) == NULL
)
164 if (element
< 0 || element
>= var
->nvalues
)
167 return (strdup(var
->values
[element
]));
172 * 'cgiGetCookie()' - Get a cookie value.
175 const char * /* O - Value or NULL */
176 cgiGetCookie(const char *name
) /* I - Name of cookie */
178 return (cupsGetOption(name
, num_cookies
, cookies
));
183 * 'cgiGetFile()' - Get the file (if any) that was submitted in the form.
186 const cgi_file_t
* /* O - Attached file or NULL */
194 * 'cgiGetSize()' - Get the size of a form array value.
197 int /* O - Number of elements */
198 cgiGetSize(const char *name
) /* I - Name of variable */
200 _cgi_var_t
*var
; /* Pointer to variable */
203 if ((var
= cgi_find_variable(name
)) == NULL
)
206 return (var
->nvalues
);
211 * 'cgiGetVariable()' - Get a CGI variable from the database.
213 * Returns NULL if the variable doesn't exist. If the variable is an
214 * array of values, returns the last element.
217 const char * /* O - Value of variable */
218 cgiGetVariable(const char *name
) /* I - Name of variable */
220 const _cgi_var_t
*var
; /* Returned variable */
223 var
= cgi_find_variable(name
);
225 return ((var
== NULL
) ? NULL
: strdup(var
->values
[var
->nvalues
- 1]));
230 * 'cgiInitialize()' - Initialize the CGI variable "database".
233 int /* O - Non-zero if there was form data */
236 const char *method
, /* Form posting method */
237 *content_type
, /* Content-Type of post data */
238 *cups_sid_cookie
, /* SID cookie */
239 *cups_sid_form
; /* SID form variable */
243 * Setup a password callback for authentication...
246 cupsSetPasswordCB(cgi_passwd
);
249 * Set the locale so that times, etc. are formatted properly...
252 setlocale(LC_ALL
, "");
256 * Disable output buffering to find bugs...
259 setbuf(stdout
, NULL
);
266 cgi_initialize_cookies();
268 if ((cups_sid_cookie
= cgiGetCookie(CUPS_SID
)) == NULL
)
270 fputs("DEBUG: " CUPS_SID
" cookie not found, initializing!\n", stderr
);
271 cups_sid_cookie
= cgi_set_sid();
274 fprintf(stderr
, "DEBUG: " CUPS_SID
" cookie is \"%s\"\n", cups_sid_cookie
);
277 * Get the request method (GET or POST)...
280 method
= getenv("REQUEST_METHOD");
281 content_type
= getenv("CONTENT_TYPE");
286 * Grab form data from the corresponding location...
289 if (!_cups_strcasecmp(method
, "GET"))
290 return (cgi_initialize_get());
291 else if (!_cups_strcasecmp(method
, "POST") && content_type
)
293 const char *boundary
= strstr(content_type
, "boundary=");
298 if (content_type
&& !strncmp(content_type
, "multipart/form-data; ", 21))
300 if (!cgi_initialize_multipart(boundary
))
303 else if (!cgi_initialize_post())
306 if ((cups_sid_form
= cgiGetVariable(CUPS_SID
)) == NULL
||
307 strcmp(cups_sid_cookie
, cups_sid_form
))
310 fprintf(stderr
, "DEBUG: " CUPS_SID
" form variable is \"%s\"\n",
313 fputs("DEBUG: " CUPS_SID
" form variable is not present.\n", stderr
);
327 * 'cgiIsPOST()' - Determine whether this page was POSTed.
330 int /* O - 1 if POST, 0 if GET */
333 const char *method
; /* REQUEST_METHOD environment variable */
336 if ((method
= getenv("REQUEST_METHOD")) == NULL
)
339 return (!strcmp(method
, "POST"));
344 * 'cgiSetArray()' - Set array element N to the specified string.
346 * If the variable array is smaller than (element + 1), the intervening
347 * elements are set to NULL.
351 cgiSetArray(const char *name
, /* I - Name of variable */
352 int element
, /* I - Element number (0 to N) */
353 const char *value
) /* I - Value of variable */
355 int i
; /* Looping var */
356 _cgi_var_t
*var
; /* Returned variable */
359 if (name
== NULL
|| value
== NULL
|| element
< 0 || element
> 100000)
362 fprintf(stderr
, "DEBUG: cgiSetArray: %s[%d]=\"%s\"\n", name
, element
, value
);
364 if ((var
= cgi_find_variable(name
)) == NULL
)
366 cgi_add_variable(name
, element
, value
);
367 cgi_sort_variables();
371 if (element
>= var
->avalues
)
373 char **temp
; /* Temporary pointer */
375 temp
= (char **)realloc((void *)(var
->values
), sizeof(char *) * (size_t)(element
+ 16));
379 var
->avalues
= element
+ 16;
383 if (element
>= var
->nvalues
)
385 for (i
= var
->nvalues
; i
< element
; i
++)
386 var
->values
[i
] = NULL
;
388 var
->nvalues
= element
+ 1;
390 else if (var
->values
[element
])
391 free((char *)var
->values
[element
]);
393 var
->values
[element
] = strdup(value
);
399 * 'cgiSetCookie()' - Set a cookie value.
403 cgiSetCookie(const char *name
, /* I - Name */
404 const char *value
, /* I - Value */
405 const char *path
, /* I - Path (typically "/") */
406 const char *domain
, /* I - Domain name */
407 time_t expires
, /* I - Expiration date (0 for session) */
408 int secure
) /* I - Require SSL */
410 num_cookies
= cupsAddOption(name
, value
, num_cookies
, &cookies
);
412 printf("Set-Cookie: %s=%s;", name
, value
);
414 printf(" path=%s;", path
);
416 printf(" domain=%s;", domain
);
419 char date
[256]; /* Date string */
421 printf(" expires=%s;", httpGetDateString2(expires
, date
, sizeof(date
)));
424 puts(" httponly; secure;");
431 * 'cgiSetSize()' - Set the array size.
435 cgiSetSize(const char *name
, /* I - Name of variable */
436 int size
) /* I - Number of elements (0 to N) */
438 int i
; /* Looping var */
439 _cgi_var_t
*var
; /* Returned variable */
442 if (name
== NULL
|| size
< 0 || size
> 100000)
445 if ((var
= cgi_find_variable(name
)) == NULL
)
448 if (size
>= var
->avalues
)
450 char **temp
; /* Temporary pointer */
452 temp
= (char **)realloc((void *)(var
->values
), sizeof(char *) * (size_t)(size
+ 16));
456 var
->avalues
= size
+ 16;
460 if (size
> var
->nvalues
)
462 for (i
= var
->nvalues
; i
< size
; i
++)
463 var
->values
[i
] = NULL
;
465 else if (size
< var
->nvalues
)
467 for (i
= size
; i
< var
->nvalues
; i
++)
469 free((void *)(var
->values
[i
]));
477 * 'cgiSetVariable()' - Set a CGI variable in the database.
479 * If the variable is an array, this truncates the array to a single element.
483 cgiSetVariable(const char *name
, /* I - Name of variable */
484 const char *value
) /* I - Value of variable */
486 int i
; /* Looping var */
487 _cgi_var_t
*var
; /* Returned variable */
490 if (name
== NULL
|| value
== NULL
)
493 fprintf(stderr
, "cgiSetVariable: %s=\"%s\"\n", name
, value
);
495 if ((var
= cgi_find_variable(name
)) == NULL
)
497 cgi_add_variable(name
, 0, value
);
498 cgi_sort_variables();
502 for (i
= 0; i
< var
->nvalues
; i
++)
504 free((char *)var
->values
[i
]);
506 var
->values
[0] = strdup(value
);
513 * 'cgi_add_variable()' - Add a form variable.
517 cgi_add_variable(const char *name
, /* I - Variable name */
518 int element
, /* I - Array element number */
519 const char *value
) /* I - Variable value */
521 _cgi_var_t
*var
; /* New variable */
524 if (name
== NULL
|| value
== NULL
|| element
< 0 || element
> 100000)
527 if (form_count
>= form_alloc
)
529 _cgi_var_t
*temp_vars
; /* Temporary form pointer */
533 temp_vars
= malloc(sizeof(_cgi_var_t
) * 16);
535 temp_vars
= realloc(form_vars
, (size_t)(form_alloc
+ 16) * sizeof(_cgi_var_t
));
540 form_vars
= temp_vars
;
544 var
= form_vars
+ form_count
;
546 if ((var
->values
= calloc((size_t)element
+ 1, sizeof(char *))) == NULL
)
549 var
->name
= strdup(name
);
550 var
->nvalues
= element
+ 1;
551 var
->avalues
= element
+ 1;
552 var
->values
[element
] = strdup(value
);
559 * 'cgi_compare_variables()' - Compare two variables.
562 static int /* O - Result of comparison */
563 cgi_compare_variables(
564 const _cgi_var_t
*v1
, /* I - First variable */
565 const _cgi_var_t
*v2
) /* I - Second variable */
567 return (_cups_strcasecmp(v1
->name
, v2
->name
));
572 * 'cgi_find_variable()' - Find a variable.
575 static _cgi_var_t
* /* O - Variable pointer or NULL */
576 cgi_find_variable(const char *name
) /* I - Name of variable */
578 _cgi_var_t key
; /* Search key */
581 if (form_count
< 1 || name
== NULL
)
584 key
.name
= (char *)name
;
586 return ((_cgi_var_t
*)bsearch(&key
, form_vars
, (size_t)form_count
, sizeof(_cgi_var_t
),
587 (int (*)(const void *, const void *))cgi_compare_variables
));
592 * 'cgi_initialize_cookies()' - Initialize cookies.
596 cgi_initialize_cookies(void)
598 const char *cookie
; /* HTTP_COOKIE environment variable */
599 char name
[128], /* Name string */
600 value
[512], /* Value string */
601 *ptr
; /* Pointer into name/value */
604 if ((cookie
= getenv("HTTP_COOKIE")) == NULL
)
609 int skip
= 0; /* Skip this cookie? */
612 * Skip leading whitespace...
615 while (isspace(*cookie
& 255))
624 for (ptr
= name
; *cookie
&& *cookie
!= '=';)
625 if (ptr
< (name
+ sizeof(name
) - 1))
647 for (cookie
++, ptr
= value
; *cookie
&& *cookie
!= '\"';)
648 if (ptr
< (value
+ sizeof(value
) - 1))
665 for (ptr
= value
; *cookie
&& *cookie
!= ';';)
666 if (ptr
< (value
+ sizeof(value
) - 1))
685 * Then add the cookie to an array as long as the name doesn't start with
689 if (name
[0] != '$' && !skip
)
690 num_cookies
= cupsAddOption(name
, value
, num_cookies
, &cookies
);
696 * 'cgi_initialize_get()' - Initialize form variables using the GET method.
699 static int /* O - 1 if form data read */
700 cgi_initialize_get(void)
702 char *data
; /* Pointer to form data string */
706 * Check to see if there is anything for us to read...
709 data
= getenv("QUERY_STRING");
710 if (data
== NULL
|| strlen(data
) == 0)
714 * Parse it out and return...
717 return (cgi_initialize_string(data
));
722 * 'cgi_initialize_multipart()' - Initialize variables and file using the POST
725 * TODO: Update to support files > 2GB.
728 static int /* O - 1 if form data was read */
729 cgi_initialize_multipart(
730 const char *boundary
) /* I - Boundary string */
732 char line
[10240], /* MIME header line */
733 name
[1024], /* Form variable name */
734 filename
[1024], /* Form filename */
735 mimetype
[1024], /* MIME media type */
736 bstring
[256], /* Boundary string to look for */
737 *ptr
, /* Pointer into name/filename */
738 *end
; /* End of buffer */
739 int ch
, /* Character from file */
740 fd
; /* Temporary file descriptor */
741 size_t blen
; /* Length of boundary string */
745 * Read multipart form data until we run out...
752 snprintf(bstring
, sizeof(bstring
), "\r\n--%s", boundary
);
753 blen
= strlen(bstring
);
755 while (fgets(line
, sizeof(line
), stdin
))
757 if (!strcmp(line
, "\r\n"))
760 * End of headers, grab value...
766 * Read an embedded file...
772 * Remove previous file...
779 * Allocate memory for the new file...
782 if ((form_file
= calloc(1, sizeof(cgi_file_t
))) == NULL
)
785 form_file
->name
= strdup(name
);
786 form_file
->filename
= strdup(filename
);
787 form_file
->mimetype
= strdup(mimetype
);
789 fd
= cupsTempFd(form_file
->tempfile
, sizeof(form_file
->tempfile
));
794 atexit(cgi_unlink_file
);
797 * Copy file data to the temp file...
802 while ((ch
= getchar()) != EOF
)
806 if ((size_t)(ptr
- line
) >= blen
&& !memcmp(ptr
- blen
, bstring
, blen
))
812 if ((ptr
- line
- (int)blen
) >= 8192)
815 * Write out the first 8k of the buffer...
818 write(fd
, line
, 8192);
819 memmove(line
, line
+ 8192, (size_t)(ptr
- line
- 8192));
825 * Write the rest of the data and close the temp file...
829 write(fd
, line
, (size_t)(ptr
- line
));
836 * Just get a form variable; the current code only handles
837 * form values up to 10k in size...
841 end
= line
+ sizeof(line
) - 1;
843 while ((ch
= getchar()) != EOF
)
848 if ((size_t)(ptr
- line
) >= blen
&& !memcmp(ptr
- blen
, bstring
, blen
))
858 * Set the form variable...
861 if ((ptr
= strrchr(name
, '-')) != NULL
&& isdigit(ptr
[1] & 255))
864 * Set a specific index in the array...
869 cgiSetArray(name
, atoi(ptr
) - 1, line
);
871 else if (cgiGetVariable(name
))
874 * Add another element in the array...
877 cgiSetArray(name
, cgiGetSize(name
), line
);
882 * Just set the line...
885 cgiSetVariable(name
, line
);
890 * Read the rest of the current line...
893 fgets(line
, sizeof(line
), stdin
);
896 * Clear the state vars...
903 else if (!_cups_strncasecmp(line
, "Content-Disposition:", 20))
905 if ((ptr
= strstr(line
+ 20, " name=\"")) != NULL
)
907 strlcpy(name
, ptr
+ 7, sizeof(name
));
909 if ((ptr
= strchr(name
, '\"')) != NULL
)
913 if ((ptr
= strstr(line
+ 20, " filename=\"")) != NULL
)
915 strlcpy(filename
, ptr
+ 11, sizeof(filename
));
917 if ((ptr
= strchr(filename
, '\"')) != NULL
)
921 else if (!_cups_strncasecmp(line
, "Content-Type:", 13))
923 for (ptr
= line
+ 13; isspace(*ptr
& 255); ptr
++);
925 strlcpy(mimetype
, ptr
, sizeof(mimetype
));
927 for (ptr
= mimetype
+ strlen(mimetype
) - 1;
928 ptr
> mimetype
&& isspace(*ptr
& 255);
934 * Return 1 for "form data found"...
942 * 'cgi_initialize_post()' - Initialize variables using the POST method.
945 static int /* O - 1 if form data was read */
946 cgi_initialize_post(void)
948 char *content_length
, /* Length of input data (string) */
949 *data
; /* Pointer to form data string */
950 size_t length
, /* Length of input data */
951 tbytes
; /* Total number of bytes read */
952 ssize_t nbytes
; /* Number of bytes read this read() */
953 int status
; /* Return status */
957 * Check to see if there is anything for us to read...
960 content_length
= getenv("CONTENT_LENGTH");
961 if (content_length
== NULL
|| atoi(content_length
) <= 0)
965 * Get the length of the input stream and allocate a buffer for it...
968 length
= (size_t)strtol(content_length
, NULL
, 10);
969 data
= malloc(length
+ 1);
975 * Read the data into the buffer...
978 for (tbytes
= 0; tbytes
< length
; tbytes
+= (size_t)nbytes
)
979 if ((nbytes
= read(0, data
+ tbytes
, (size_t)(length
- tbytes
))) < 0)
989 else if (nbytes
== 0)
992 * CUPS STR #3176: OpenBSD: Early end-of-file on POST data causes 100% CPU
994 * This should never happen, but does on OpenBSD. If we see early end-of-
995 * file, treat this as an error and process no data.
1002 data
[length
] = '\0';
1008 status
= cgi_initialize_string(data
);
1011 * Free the data and return...
1021 * 'cgi_initialize_string()' - Initialize form variables from a string.
1024 static int /* O - 1 if form data was processed */
1025 cgi_initialize_string(const char *data
) /* I - Form data string */
1027 int done
; /* True if we're done reading a form variable */
1028 char *s
, /* Pointer to current form string */
1029 ch
, /* Temporary character */
1030 name
[255], /* Name of form variable */
1031 value
[65536]; /* Variable value */
1042 * Loop until we've read all the form data...
1045 while (*data
!= '\0')
1048 * Get the variable name...
1051 for (s
= name
; *data
!= '\0'; data
++)
1054 else if (*data
>= ' ' && s
< (name
+ sizeof(name
) - 1))
1064 * Read the variable value...
1067 for (s
= value
, done
= 0; !done
&& *data
!= '\0'; data
++)
1070 case '&' : /* End of data... */
1074 case '+' : /* Escaped space character */
1075 if (s
< (value
+ sizeof(value
) - 1))
1079 case '%' : /* Escaped control character */
1081 * Read the hex code...
1084 if (!isxdigit(data
[1] & 255) || !isxdigit(data
[2] & 255))
1087 if (s
< (value
+ sizeof(value
) - 1))
1093 *s
= (char)(ch
<< 4);
1105 default : /* Other characters come straight through */
1106 if (*data
>= ' ' && s
< (value
+ sizeof(value
) - 1))
1111 *s
= '\0'; /* nul terminate the string */
1114 * Remove trailing whitespace...
1120 while (s
>= value
&& isspace(*s
& 255))
1124 * Add the string to the variable "database"...
1127 if ((s
= strrchr(name
, '-')) != NULL
&& isdigit(s
[1] & 255))
1131 cgiSetArray(name
, atoi(s
) - 1, value
);
1133 else if (cgiGetVariable(name
) != NULL
)
1134 cgiSetArray(name
, cgiGetSize(name
), value
);
1136 cgiSetVariable(name
, value
);
1144 * 'cgi_passwd()' - Catch authentication requests and notify the server.
1146 * This function sends a Status header and exits, forcing authentication
1150 static const char * /* O - NULL (no return) */
1151 cgi_passwd(const char *prompt
) /* I - Prompt (not used) */
1155 fprintf(stderr
, "DEBUG: cgi_passwd(prompt=\"%s\") called!\n",
1156 prompt
? prompt
: "(null)");
1159 * Send a 401 (unauthorized) status to the server, so it can notify
1160 * the client that authentication is required.
1163 puts("Status: 401\n");
1167 * This code is never executed, but is present to satisfy the compiler.
1175 * 'cgi_set_sid()' - Set the CUPS session ID.
1178 static const char * /* O - New session ID */
1181 char buffer
[512], /* SID data */
1182 sid
[33]; /* SID string */
1183 unsigned char sum
[16]; /* MD5 sum */
1184 const char *remote_addr
, /* REMOTE_ADDR */
1185 *server_name
, /* SERVER_NAME */
1186 *server_port
; /* SERVER_PORT */
1187 struct timeval curtime
; /* Current time */
1190 if ((remote_addr
= getenv("REMOTE_ADDR")) == NULL
)
1191 remote_addr
= "REMOTE_ADDR";
1192 if ((server_name
= getenv("SERVER_NAME")) == NULL
)
1193 server_name
= "SERVER_NAME";
1194 if ((server_port
= getenv("SERVER_PORT")) == NULL
)
1195 server_port
= "SERVER_PORT";
1197 gettimeofday(&curtime
, NULL
);
1198 CUPS_SRAND(curtime
.tv_sec
+ curtime
.tv_usec
);
1199 snprintf(buffer
, sizeof(buffer
), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X",
1200 remote_addr
, server_name
, server_port
,
1201 (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
1202 (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
1203 (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
1204 (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255);
1205 cupsHashData("md5", (unsigned char *)buffer
, strlen(buffer
), sum
, sizeof(sum
));
1207 cgiSetCookie(CUPS_SID
, cupsHashString(sum
, sizeof(sum
), sid
, sizeof(sid
)), "/", NULL
, 0, 0);
1209 return (cupsGetOption(CUPS_SID
, num_cookies
, cookies
));
1214 * 'cgi_sort_variables()' - Sort all form variables for faster lookup.
1218 cgi_sort_variables(void)
1223 qsort(form_vars
, (size_t)form_count
, sizeof(_cgi_var_t
),
1224 (int (*)(const void *, const void *))cgi_compare_variables
);
1229 * 'cgi_unlink_file()' - Remove the uploaded form.
1233 cgi_unlink_file(void)
1238 * Remove the temporary file...
1241 unlink(form_file
->tempfile
);
1244 * Free memory used...
1247 free(form_file
->name
);
1248 free(form_file
->filename
);
1249 free(form_file
->mimetype
);