summaryrefslogtreecommitdiffabout
path: root/src
authorMichael Krelin <hacker@klever.net>2005-05-09 11:00:28 (UTC)
committer Michael Krelin <hacker@klever.net>2005-05-09 11:00:28 (UTC)
commit43d47575878e4eaf3c8da84bf609fcd0bde595fb (patch) (side-by-side diff)
treef7ec4d1f0d0a01b43feb5c9b4f414e870036522c /src
parentd9578a5ae0ac4e44ff5e3c13d3f39f400f51bcf2 (diff)
downloadkingate-43d47575878e4eaf3c8da84bf609fcd0bde595fb.zip
kingate-43d47575878e4eaf3c8da84bf609fcd0bde595fb.tar.gz
kingate-43d47575878e4eaf3c8da84bf609fcd0bde595fb.tar.bz2
1. http headers container added
2. preliminary cookies support 3. absolutely useless http_quoted_string and http_quote utility functions added
Diffstat (limited to 'src') (more/less context) (show whitespace changes)
-rw-r--r--src/Makefile.am4
-rw-r--r--src/cgi_gateway.cc4
-rw-r--r--src/cookies.cc242
-rw-r--r--src/headers.cc40
-rw-r--r--src/util.cc53
5 files changed, 342 insertions, 1 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 12bb1f8..2d462c8 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -2,24 +2,26 @@ lib_LTLIBRARIES = libkingate.la libkingate-plaincgi.la
if HAVE_FCGI
lib_LTLIBRARIES += libkingate-fcgi.la
endif
INCLUDES = -I${top_srcdir}/include -I${top_srcdir}
AM_CXXFLAGS = ${KONFORKA_CFLAGS}
LDADD = ${KONFORKA_LIBS}
libkingate_la_SOURCES = \
cgi_gateway.cc \
cgi_interface.cc \
- util.cc
+ util.cc \
+ cookies.cc \
+ headers.cc
libkingate_la_LDFLAGS = -version-info 2:0:0
libkingate_fcgi_la_SOURCES = \
fastcgi.cc
libkingate_fcgi_la_LDFLAGS = -version-info 1:0:0
libkingate_plaincgi_la_SOURCES = \
plaincgi.cc
libkingate_plaincgi_la_LDFLAGS = -version-info 1:0:0
EXTRA_DIST = ${libkingate_fcgi_la_SOURCES}
diff --git a/src/cgi_gateway.cc b/src/cgi_gateway.cc
index 30410f2..ab48f78 100644
--- a/src/cgi_gateway.cc
+++ b/src/cgi_gateway.cc
@@ -18,24 +18,28 @@ namespace kingate {
// Fetch POST content
if(!strcasecmp(content_type().c_str(),"application/x-www-form-urlencoded")) {
unsigned long cl = content_length();
if(cl) {
char * tmp = new char[cl];
iface.in().read(tmp,cl);
string qs(tmp,cl);
delete tmp;
parse_query(qs,post);
}
b_parsed_content = true;
}
+ // Parse cookies
+ try {
+ cookies.parse_cookies(get_meta("HTTP_COOKIE"));
+ }catch(exception_notfound& enf) { }
}
bool cgi_gateway::has_GET(const string& n) const {
return get.find(n) != get.end();
}
const string& cgi_gateway::get_GET(const string& n) const {
params_t::const_iterator i = get.find(n);
if(i==get.end())
throw exception_notfound(CODEPOINT,"no such parameter");
return i->second;
}
bool cgi_gateway::has_POST(const string& n) const {
diff --git a/src/cookies.cc b/src/cookies.cc
new file mode 100644
index 0000000..40a0c8b
--- a/dev/null
+++ b/src/cookies.cc
@@ -0,0 +1,242 @@
+#include "kingate/cookies.h"
+#include "kingate/util.h"
+#include "kingate/exception.h"
+
+namespace kingate {
+
+ /*
+ * RFC 2109:
+ * av-pairs = av-pair *(";" av-pair)
+ * av-pair = attr ["=" value] ; optional value
+ * attr = token
+ * value = word
+ * word = token | quoted-string
+ */
+
+ /* RFC 2109:
+ *
+ * The origin server effectively ends a session by sending the client a
+ * Set-Cookie header with Max-Age=0.
+ *
+ * An origin server may include multiple Set-Cookie headers in a response.
+ * Note that an intervening gateway could fold multiple such headers into a
+ * single header.
+ *
+ *
+ * set-cookie = "Set-Cookie:" cookies
+ * cookies = 1#cookie
+ * cookie = NAME "=" VALUE *(";" cookie-av)
+ * NAME = attr
+ * VALUE = value
+ * cookie-av = "Comment" "=" value
+ * | "Domain" "=" value
+ * | "Max-Age" "=" value
+ * | "Path" "=" value
+ * | "Secure"
+ * | "Version" "=" 1*DIGIT
+ *
+ *
+ * The origin server should send the following additional HTTP/1.1
+ * response headers, depending on circumstances:
+ *
+ * * To suppress caching of the Set-Cookie header: Cache-control: no-
+ * cache="set-cookie".
+ *
+ * and one of the following:
+ *
+ * * To suppress caching of a private document in shared caches: Cache-
+ * control: private.
+ *
+ * * To allow caching of a document and require that it be validated
+ * before returning it to the client: Cache-control: must-revalidate.
+ *
+ * * To allow caching of a document, but to require that proxy caches
+ * (not user agent caches) validate it before returning it to the
+ * client: Cache-control: proxy-revalidate.
+ *
+ * * To allow caching of a document and request that it be validated
+ * before returning it to the client (by "pre-expiring" it):
+ * Cache-control: max-age=0. Not all caches will revalidate the
+ * document in every case.
+ *
+ * HTTP/1.1 servers must send Expires: old-date (where old-date is a
+ * date long in the past) on responses containing Set-Cookie response
+ * headers unless they know for certain (by out of band means) that
+ * there are no downsteam HTTP/1.0 proxies. HTTP/1.1 servers may send
+ * other Cache-Control directives that permit caching by HTTP/1.1
+ * proxies in addition to the Expires: old-date directive; the Cache-
+ * Control directive will override the Expires: old-date for HTTP/1.1
+ * proxies.
+ *
+ */
+
+ void cookie::_set_string(const string& p,const string& v) {
+ (*this)[p]=v;
+ }
+
+ void cookie::set_comment(const string& c) {
+ _set_string("comment",c);
+ }
+ void cookie::set_domain(const string& d) {
+ _set_string("domain",d);
+ }
+ void cookie::set_max_age(const string& ma) {
+ _set_string("max-age",ma);
+ }
+ void cookie::set_path(const string& p) {
+ _set_string("path",p);
+ }
+ void cookie::set_secure(bool s) {
+ if(s)
+ _set_string("secure","");
+ else
+ erase("secure");
+ }
+
+ void cookie::set_expires(const string& e) {
+ (*this)["expires"] = e;
+ }
+
+ const string& cookie::_get_string(const string& s) const {
+ const_iterator i = find(s);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No parameter set");
+ return i->second;
+ }
+
+ const string& cookie::get_comment() const {
+ return _get_string("comment");
+ }
+ const string& cookie::get_domain() const {
+ return _get_string("domain");
+ }
+ const string& cookie::get_max_age() const {
+ return _get_string("max-age");
+ }
+ const string& cookie::get_path() const {
+ return _get_string("path");
+ }
+ bool cookie::get_secure() const {
+ return find("secure")!=end();
+ }
+
+ const string& cookie::get_expires() const {
+ return _get_string("expires");
+ }
+
+ bool cookie::has_comment() const {
+ return find("comment")!=end();
+ }
+ bool cookie::has_domain() const {
+ return find("domain")!=end();
+ }
+ bool cookie::has_max_age() const {
+ return find("max-age")!=end();
+ }
+ bool cookie::has_path() const {
+ return find("path")!=end();
+ }
+
+ bool cookie::has_expires() const {
+ return find("expires")!=end();
+ }
+
+ void cookie::unset_comment() {
+ erase("comment");
+ }
+ void cookie::unset_domain() {
+ erase("domain");
+ }
+ void cookie::unset_max_age() {
+ erase("max-age");
+ }
+ void cookie::unset_path() {
+ erase("path");
+ }
+
+ void cookie::unset_expires() {
+ erase("expires");
+ }
+
+ string cookie::set_cookie_header_rfc2109() const {
+ string rv = name + "=" + http_quoted_string(value);
+ for(const_iterator i=begin();i!=end();++i) {
+ if(i->first=="secure") {
+ rv += "; secure";
+ }else{
+ rv += "; "+i->first+"="+http_quote(i->second);
+ }
+ }
+ rv += "; Version=1";
+ return rv;
+ }
+
+ string cookie::set_cookie_header() const {
+ string rv = name + "=" + value;
+ for(const_iterator i=begin();i!=end();++i) {
+ if(i->first=="secure") {
+ rv += "; secure";
+ }else{
+ rv += "; "+i->first+"="+i->second;
+ }
+ }
+ return rv;
+ }
+
+ bool cookies_t::has_cookie(const key_type& n) const {
+ return find(n)!=end();
+ }
+
+ const cookie& cookies_t::get_cookie(const key_type& n) const {
+ const_iterator i=find(n);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No cookie with such name found");
+ return i->second;
+ }
+
+ cookie& cookies_t::get_cookie(const key_type& n) {
+ iterator i=find(n);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No cookie with such name found");
+ return i->second;
+ }
+
+ void cookies_t::parse_cookies(const string& s) {
+ string str = s;
+ while(!str.empty()) {
+ string::size_type sc = str.find(';');
+ string s;
+ if(sc==string::npos) {
+ s = str;
+ str.erase();
+ }else{
+ s = str.substr(0,sc);
+ str.erase(0,sc+1);
+ }
+ string::size_type nsp=s.find_first_not_of(" \t");
+ if((nsp!=string::npos) && nsp)
+ s.erase(0,nsp);
+ string::size_type eq=s.find('=');
+ if(eq==string::npos)
+ continue;
+ string n = s.substr(0,eq);
+ s.erase(0,eq+1);
+ nsp = n.find_last_not_of(" \t");
+ n.erase(nsp+1);
+ nsp = s.find_first_not_of(" \t");
+ string v;
+ if(nsp!=string::npos)
+ v = s.substr(nsp);
+ else
+ v = s;
+ nsp = v.find_last_not_of(" \t");
+ if(nsp==string::npos)
+ v.erase();
+ else
+ v.erase(nsp+1);
+ cookie& c = (*this)[n];
+ c.set_name(n); c.set_value(v);
+ }
+ }
+
+}
diff --git a/src/headers.cc b/src/headers.cc
new file mode 100644
index 0000000..89ac519
--- a/dev/null
+++ b/src/headers.cc
@@ -0,0 +1,40 @@
+#include "kingate/headers.h"
+#include "kingate/exception.h"
+
+namespace kingate {
+
+ void headers::set_header(const key_type& h,const mapped_type& c) {
+ erase(h);
+ insert(value_type(h,c));
+ }
+ void headers::add_header(const key_type& h,const mapped_type& c) {
+ insert(value_type(h,c));
+ }
+ void headers::unset_header(const key_type& h) {
+ erase(h);
+ }
+ const headers::mapped_type& headers::get_header(const key_type& h) const {
+ const_iterator i=find(h);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No such header");
+ return i->second;
+ }
+ headers::mapped_type& headers::get_header(const key_type& h) {
+ // XXX: or should it fail if there's no such thing, unlike operator[]?
+ iterator i=find(h);
+ if(i==end())
+ i = insert(value_type(h,""));
+ return i->second;
+ }
+
+ pair<headers::const_iterator,headers::const_iterator> headers::get_headers(const key_type& h) const {
+ return equal_range(h);
+ }
+ pair<headers::iterator,headers::iterator> headers::get_headers(const key_type& h) {
+ return equal_range(h);
+ }
+
+ bool headers::has_header(const key_type& h) const {
+ return find(h)!=end();
+ }
+}
diff --git a/src/util.cc b/src/util.cc
index 3166e62..48e486a 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -41,13 +41,66 @@ namespace kingate {
rv.replace(unscrewed++,1,1,' ');
}else{
if((rv.length()-unscrewed)<3)
throw exception(CODEPOINT,"incorrectly escaped string");
// XXX: ensure it's hex?
int danger = strtol(rv.substr(unscrewed+1,2).c_str(),NULL,16);
rv.replace(unscrewed,3,1,danger);
unscrewed++;
}
}
return rv;
}
+
+ /*
+ * RFC 2616:
+ *
+ * separators = "(" | ")" | "<" | ">" | "@"
+ * | "," | ";" | ":" | "\" | <">
+ * | "/" | "[" | "]" | "?" | "="
+ * | "{" | "}" | SP | HT
+ */
+
+ /*
+ * RFC 2616:
+ *
+ * token = 1*<any CHAR except CTLs or separators>
+ */
+
+ static const char *quotible_chars =
+ "\001\002\003\004\005\006\007\010"
+ "\011\012\013\014\015\016\017\020"
+ "\021\022\023\024\025\026\027\030"
+ "\031\032\033\034\035\036\037\040"
+ "()<>@,;:\\\"/[]?={}" /* separator chars (except for SP and HT mentioned elsewhere */
+ "\177"
+ ;
+
+ /*
+ * RFC 2616:
+ *
+ * quoted-string = ( <"> *(qdtext | quoted-pair ) <"> )
+ * qdtext = <any TEXT except <">>
+ *
+ * The backslash character ("\") MAY be used as a single-character
+ * quoting mechanism only within quoted-string and comment constructs.
+ *
+ * quoted-pair = "\" CHAR
+ */
+
+ string http_quoted_string(const string& str) {
+ string rv = str;
+ string::size_type sp=0;
+ for(string::size_type q=rv.find('"');(q=rv.find('"',q))!=string::npos;q+=2)
+ rv.insert(q,1,'\\');
+ rv.insert(0,1,'"');
+ rv += '"';
+ return rv;
+ }
+
+ string http_quote(const string& str) {
+ if(str.find_first_of(quotible_chars)==string::npos)
+ return str;
+ return http_quoted_string(str);
+ }
+
}