5 files changed, 342 insertions, 1 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 12bb1f8..2d462c8 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,25 +1,27 @@
 lib_LTLIBRARIES = libkingate.la libkingate-plaincgi.la
 if HAVE_FCGI
 lib_LTLIBRARIES += libkingate-fcgi.la
 endif
 INCLUDES = -I${top_srcdir}/include -I${top_srcdir}
 AM_CXXFLAGS = ${KONFORKA_CFLAGS}
 LDADD = ${KONFORKA_LIBS}
 libkingate_la_SOURCES = \
    cgi_gateway.cc \
    cgi_interface.cc \
-    util.cc
+    util.cc \
+    cookies.cc \
+    headers.cc
 libkingate_la_LDFLAGS = -version-info 2:0:0
 libkingate_fcgi_la_SOURCES = \
    fastcgi.cc
 libkingate_fcgi_la_LDFLAGS = -version-info 1:0:0
 libkingate_plaincgi_la_SOURCES = \
        plaincgi.cc
 libkingate_plaincgi_la_LDFLAGS = -version-info 1:0:0
 EXTRA_DIST = ${libkingate_fcgi_la_SOURCES}
diff --git a/src/cgi_gateway.cc b/src/cgi_gateway.cc
index 30410f2..ab48f78 100644
--- a/src/cgi_gateway.cc
+++ b/src/cgi_gateway.cc
@@ -1,93 +1,97 @@
 #include <errno.h>
 #include <ctype.h>
 #include "kingate/cgi_gateway.h"
 #include "kingate/util.h"
 #include "kingate/exception.h"
 namespace kingate {
    static string empty_string;
    cgi_gateway::cgi_gateway(cgi_interface& ci)
        : iface(ci), b_parsed_content(false) {
            // Fetch GET content
            try {
                string qs = get_meta("QUERY_STRING");
                parse_query(qs,get);
            }catch(exception_notfound& enf) { }
            // Fetch POST content
            if(!strcasecmp(content_type().c_str(),"application/x-www-form-urlencoded")) {
                unsigned long cl = content_length();
                if(cl) {
                    char * tmp = new char[cl];
                    iface.in().read(tmp,cl);
                    string qs(tmp,cl);
                    delete tmp;
                    parse_query(qs,post);
                }
                b_parsed_content = true;
            }
+            // Parse cookies
+            try {
+                cookies.parse_cookies(get_meta("HTTP_COOKIE"));
+            }catch(exception_notfound& enf) { }
        }
    bool cgi_gateway::has_GET(const string& n) const {
        return get.find(n) != get.end();
    }
    const string& cgi_gateway::get_GET(const string& n) const {
        params_t::const_iterator i = get.find(n);
        if(i==get.end())
            throw exception_notfound(CODEPOINT,"no such parameter");
        return i->second;
    }
    bool cgi_gateway::has_POST(const string& n) const {
        return post.find(n) != post.end();
    }
    const string& cgi_gateway::get_POST(const string& n) const {
        params_t::const_iterator i = post.find(n);
        if(i==post.end())
            throw exception_notfound(CODEPOINT,"no such parameter");
        return i->second;
    }
    bool cgi_gateway::has_param(const string& n) const {
        return has_GET(n) || has_POST(n);
    }
    const string& cgi_gateway::get_param(const string& n) const {
        params_t::const_iterator i = get.find(n);
        if(i!=get.end())
            return i->second;
        i = post.find(n);
        if(i!=post.end())
            return i->second;
        throw exception_notfound(CODEPOINT,"no such parameter");
    }
    /*
     * deprecated stuff.
     */
    const string& cgi_gateway::get_content_type() const {
        if(!has_meta("CONTENT_TYPE"))
            return empty_string;
        return get_meta("CONTENT_TYPE");
    }
    unsigned long cgi_gateway::get_content_length() const {
        if(!has_meta("CONTENT_LENGTH"))
            return 0;
        string cl = get_meta("CONTENT_LENGTH");
        return strtol(cl.c_str(),NULL,10);
    }
    /*
     *
     */
    const string& cgi_gateway::http_request_header(const string& hn) const {
        string mvn = "HTTP_";
        for(const char* p=hn.c_str();*p;p++) {
            if(*p=='-')
                mvn += '_';
            else
                mvn += toupper(*p);
        }
        return get_meta(mvn);
    }
    const string& cgi_gateway::auth_type() const {
        try {
diff --git a/src/cookies.cc b/src/cookies.cc
new file mode 100644
index 0000000..40a0c8b
--- a/dev/null
+++ b/src/cookies.cc
@@ -0,0 +1,242 @@
+#include "kingate/cookies.h"
+#include "kingate/util.h"
+#include "kingate/exception.h"
+namespace kingate {
+    /*
+     * RFC 2109:
+     *    av-pairs        =       av-pair *(";" av-pair)
+     *    av-pair         =       attr ["=" value]        ; optional value
+     *    attr            =       token
+     *    value           =       word
+     *    word            =       token | quoted-string
+     */
+    /* RFC 2109:
+     *
+     * The origin server effectively ends a session by sending the client a
+     * Set-Cookie header with Max-Age=0.
+     *
+     * An origin server may include multiple Set-Cookie headers in a response.
+     * Note that an intervening gateway could fold multiple such headers into a
+     * single header.
+     *
+     *
+     *    set-cookie      =       "Set-Cookie:" cookies
+     *    cookies         =       1#cookie
+     *    cookie          =       NAME "=" VALUE *(";" cookie-av)
+     *    NAME            =       attr
+     *    VALUE           =       value
+     *    cookie-av       =       "Comment" "=" value
+     *                    |       "Domain" "=" value
+     *                    |       "Max-Age" "=" value
+     *                    |       "Path" "=" value
+     *                    |       "Secure"
+     *                    |       "Version" "=" 1*DIGIT
+     *
+     *
+     *    The origin server should send the following additional HTTP/1.1
+     *    response headers, depending on circumstances:
+     *
+     *    * To suppress caching of the Set-Cookie header: Cache-control: no-
+     *      cache="set-cookie".
+     *
+     *    and one of the following:
+     *
+     *    * To suppress caching of a private document in shared caches: Cache-
+     *      control: private.
+     *
+     *    * To allow caching of a document and require that it be validated
+     *      before returning it to the client: Cache-control: must-revalidate.
+     *
+     *    * To allow caching of a document, but to require that proxy caches
+     *      (not user agent caches) validate it before returning it to the
+     *      client: Cache-control: proxy-revalidate.
+     *
+     *    * To allow caching of a document and request that it be validated
+     *      before returning it to the client (by "pre-expiring" it):
+     *      Cache-control: max-age=0.  Not all caches will revalidate the
+     *      document in every case.
+     *
+     *    HTTP/1.1 servers must send Expires: old-date (where old-date is a
+     *    date long in the past) on responses containing Set-Cookie response
+     *    headers unless they know for certain (by out of band means) that
+     *    there are no downsteam HTTP/1.0 proxies.  HTTP/1.1 servers may send
+     *    other Cache-Control directives that permit caching by HTTP/1.1
+     *    proxies in addition to the Expires: old-date directive; the Cache-
+     *    Control directive will override the Expires: old-date for HTTP/1.1
+     *    proxies.
+     *
+     */
+    void cookie::_set_string(const string& p,const string& v) {
+        (*this)[p]=v;
+    }
+    void cookie::set_comment(const string& c) {
+        _set_string("comment",c);
+    }
+    void cookie::set_domain(const string& d) {
+        _set_string("domain",d);
+    }
+    void cookie::set_max_age(const string& ma) {
+        _set_string("max-age",ma);
+    }
+    void cookie::set_path(const string& p) {
+        _set_string("path",p);
+    }
+    void cookie::set_secure(bool s) {
+        if(s)
+            _set_string("secure","");
+        else
+            erase("secure");
+    }
+    void cookie::set_expires(const string& e) {
+        (*this)["expires"] = e;
+    }
+    const string& cookie::_get_string(const string& s) const {
+        const_iterator i = find(s);
+        if(i==end())
+            throw exception_notfound(CODEPOINT,"No parameter set");
+        return i->second;
+    }
+    const string& cookie::get_comment() const {
+        return _get_string("comment");
+    }
+    const string& cookie::get_domain() const {
+        return _get_string("domain");
+    }
+    const string& cookie::get_max_age() const {
+        return _get_string("max-age");
+    }
+    const string& cookie::get_path() const {
+        return _get_string("path");
+    }
+    bool cookie::get_secure() const {
+        return find("secure")!=end();
+    }
+    const string& cookie::get_expires() const {
+        return _get_string("expires");
+    }
+    bool cookie::has_comment() const {
+        return find("comment")!=end();
+    }
+    bool cookie::has_domain() const {
+        return find("domain")!=end();
+    }
+    bool cookie::has_max_age() const {
+        return find("max-age")!=end();
+    }
+    bool cookie::has_path() const {
+        return find("path")!=end();
+    }
+    bool cookie::has_expires() const {
+        return find("expires")!=end();
+    }
+    void cookie::unset_comment() {
+        erase("comment");
+    }
+    void cookie::unset_domain() {
+        erase("domain");
+    }
+    void cookie::unset_max_age() {
+        erase("max-age");
+    }
+    void cookie::unset_path() {
+        erase("path");
+    }
+    void cookie::unset_expires() {
+        erase("expires");
+    }
+    string cookie::set_cookie_header_rfc2109() const {
+        string rv = name + "=" + http_quoted_string(value);
+        for(const_iterator i=begin();i!=end();++i) {
+            if(i->first=="secure") {
+                rv += "; secure";
+            }else{
+                rv += "; "+i->first+"="+http_quote(i->second);
+            }
+        }
+        rv += "; Version=1";
+        return rv;
+    }
+    string cookie::set_cookie_header() const {
+        string rv = name + "=" + value;
+        for(const_iterator i=begin();i!=end();++i) {
+            if(i->first=="secure") {
+                rv += "; secure";
+            }else{
+                rv += "; "+i->first+"="+i->second;
+            }
+        }
+        return rv;
+    }
+    bool cookies_t::has_cookie(const key_type& n) const {
+        return find(n)!=end();
+    }
+    const cookie& cookies_t::get_cookie(const key_type& n) const {
+        const_iterator i=find(n);
+        if(i==end())
+            throw exception_notfound(CODEPOINT,"No cookie with such name found");
+        return i->second;
+    }
+    cookie& cookies_t::get_cookie(const key_type& n) {
+        iterator i=find(n);
+        if(i==end())
+            throw exception_notfound(CODEPOINT,"No cookie with such name found");
+        return i->second;
+    }
+    void cookies_t::parse_cookies(const string& s) {
+        string str = s;
+        while(!str.empty()) {
+            string::size_type sc = str.find(';');
+            string s;
+            if(sc==string::npos) {
+                s = str;
+                str.erase();
+            }else{
+                s = str.substr(0,sc);
+                str.erase(0,sc+1);
+            }
+            string::size_type nsp=s.find_first_not_of(" \t");
+            if((nsp!=string::npos) && nsp)
+                s.erase(0,nsp);
+            string::size_type eq=s.find('=');
+            if(eq==string::npos)
+                continue;
+            string n = s.substr(0,eq);
+            s.erase(0,eq+1);
+            nsp = n.find_last_not_of(" \t");
+            n.erase(nsp+1);
+            nsp = s.find_first_not_of(" \t");
+            string v;
+            if(nsp!=string::npos)
+                v = s.substr(nsp);
+            else
+                v = s;
+            nsp = v.find_last_not_of(" \t");
+            if(nsp==string::npos)
+                v.erase();
+            else
+                v.erase(nsp+1);
+            cookie& c = (*this)[n];
+            c.set_name(n); c.set_value(v);
+        }
+    }
+}
diff --git a/src/headers.cc b/src/headers.cc
new file mode 100644
index 0000000..89ac519
--- a/dev/null
+++ b/src/headers.cc
@@ -0,0 +1,40 @@
+#include "kingate/headers.h"
+#include "kingate/exception.h"
+namespace kingate {
+    void headers::set_header(const key_type& h,const mapped_type& c) {
+        erase(h);
+        insert(value_type(h,c));
+    }
+    void headers::add_header(const key_type& h,const mapped_type& c) {
+        insert(value_type(h,c));
+    }
+    void headers::unset_header(const key_type& h) {
+        erase(h);
+    }
+    const headers::mapped_type& headers::get_header(const key_type& h) const {
+        const_iterator i=find(h);
+        if(i==end())
+            throw exception_notfound(CODEPOINT,"No such header");
+        return i->second;
+    }
+    headers::mapped_type& headers::get_header(const key_type& h) {
+        // XXX: or should it fail if there's no such thing, unlike operator[]?
+        iterator i=find(h);
+        if(i==end())
+            i = insert(value_type(h,""));
+        return i->second;
+    }
+    pair<headers::const_iterator,headers::const_iterator> headers::get_headers(const key_type& h) const {
+        return equal_range(h);
+    }
+    pair<headers::iterator,headers::iterator> headers::get_headers(const key_type& h) {
+        return equal_range(h);
+    }
+    bool headers::has_header(const key_type& h) const {
+        return find(h)!=end();
+    }
+}
diff --git a/src/util.cc b/src/util.cc
index 3166e62..48e486a 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -1,53 +1,106 @@
 #include "kingate/util.h"
 #include "kingate/exception.h"
 namespace kingate {
    static const char *safeChars = 
        "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
        "abcdefghijklmnopqrstuvwxyz"
        "0123456789"
        "_-" ;
    string url_encode(const string& str) {
        string rv = str;
        string::size_type screwed = 0;
        for(;;) {
            screwed = rv.find_first_not_of(safeChars,screwed);
            if(screwed == string::npos)
                break;
            while(screwed<rv.length() && !strchr(safeChars,rv.at(screwed))) {
                char danger = rv.at(screwed);
                if(danger==' ') {
                    rv.replace(screwed++,1,1,'+');
                }else{
                    static char tmp[4] = {'%',0,0,0};
                    snprintf(&tmp[1],3,"%02X",0xFF&(int)danger);
                    rv.replace(screwed,1,tmp,3);
                    screwed+=3;
                }
            }
        }
        return rv;
    }
    string url_decode(const string& str) {
        string rv = str;
        string::size_type unscrewed = 0;
        for(;;) {
            unscrewed = rv.find_first_of("%+",unscrewed);
            if(unscrewed == string::npos)
                break;
            if(rv.at(unscrewed)=='+') {
                rv.replace(unscrewed++,1,1,' ');
            }else{
                if((rv.length()-unscrewed)<3)
                    throw exception(CODEPOINT,"incorrectly escaped string");
                // XXX: ensure it's hex?
                int danger = strtol(rv.substr(unscrewed+1,2).c_str(),NULL,16);
                rv.replace(unscrewed,3,1,danger);
                unscrewed++;
            }
        }
        return rv;
    }
+    /*
+     * RFC 2616:
+     *
+     *        separators     = "(" | ")" | "<" | ">" | "@"
+     *                       | "," | ";" | ":" | "\" | <">
+     *                       | "/" | "[" | "]" | "?" | "="
+     *                       | "{" | "}" | SP | HT
+     */
+    
+    /*
+     * RFC 2616:
+     *
+     *        token          = 1*<any CHAR except CTLs or separators>
+     */
+    static const char *quotible_chars =
+        "\001\002\003\004\005\006\007\010"
+        "\011\012\013\014\015\016\017\020"
+        "\021\022\023\024\025\026\027\030"
+        "\031\032\033\034\035\036\037\040"
+        "()<>@,;:\\\"/[]?={}" /* separator chars (except for SP and HT mentioned elsewhere */
+        "\177"
+        ;
+    /*
+     * RFC 2616:
+     *
+     *        quoted-string  = ( <"> *(qdtext | quoted-pair ) <"> )
+     *        qdtext         = <any TEXT except <">>
+     *
+     *    The backslash character ("\") MAY be used as a single-character
+     *    quoting mechanism only within quoted-string and comment constructs.
+     *
+     *        quoted-pair    = "\" CHAR
+     */
+    string http_quoted_string(const string& str) {
+        string rv = str;
+        string::size_type sp=0;
+        for(string::size_type q=rv.find('"');(q=rv.find('"',q))!=string::npos;q+=2)
+            rv.insert(q,1,'\\');
+        rv.insert(0,1,'"');
+        rv += '"';
+        return rv;
+    }
+    string http_quote(const string& str) {
+        if(str.find_first_of(quotible_chars)==string::npos)
+            return str;
+        return http_quoted_string(str);
+    }
 }

diff --git a/src/Makefile.am b/src/Makefile.am index 12bb1f8..2d462c8 100644 --- a/src/Makefile.am +++ b/src/Makefile.am
@@ -1,25 +1,27 @@
1	lib_LTLIBRARIES = libkingate.la libkingate-plaincgi.la	1	lib_LTLIBRARIES = libkingate.la libkingate-plaincgi.la
2		2
3	if HAVE_FCGI	3	if HAVE_FCGI
4	lib_LTLIBRARIES += libkingate-fcgi.la	4	lib_LTLIBRARIES += libkingate-fcgi.la
5	endif	5	endif
6		6
7	INCLUDES = -I${top_srcdir}/include -I${top_srcdir}	7	INCLUDES = -I${top_srcdir}/include -I${top_srcdir}
8	AM_CXXFLAGS = ${KONFORKA_CFLAGS}	8	AM_CXXFLAGS = ${KONFORKA_CFLAGS}
9	LDADD = ${KONFORKA_LIBS}	9	LDADD = ${KONFORKA_LIBS}
10		10
11	libkingate_la_SOURCES = \	11	libkingate_la_SOURCES = \
12	cgi_gateway.cc \	12	cgi_gateway.cc \
13	cgi_interface.cc \	13	cgi_interface.cc \
14	util.cc	14	util.cc \
		15	cookies.cc \
		16	headers.cc
15	libkingate_la_LDFLAGS = -version-info 2:0:0	17	libkingate_la_LDFLAGS = -version-info 2:0:0
16		18
17	libkingate_fcgi_la_SOURCES = \	19	libkingate_fcgi_la_SOURCES = \
18	fastcgi.cc	20	fastcgi.cc
19	libkingate_fcgi_la_LDFLAGS = -version-info 1:0:0	21	libkingate_fcgi_la_LDFLAGS = -version-info 1:0:0
20		22
21	libkingate_plaincgi_la_SOURCES = \	23	libkingate_plaincgi_la_SOURCES = \
22	plaincgi.cc	24	plaincgi.cc
23	libkingate_plaincgi_la_LDFLAGS = -version-info 1:0:0	25	libkingate_plaincgi_la_LDFLAGS = -version-info 1:0:0
24		26
25	EXTRA_DIST = ${libkingate_fcgi_la_SOURCES}	27	EXTRA_DIST = ${libkingate_fcgi_la_SOURCES}


diff --git a/src/cgi_gateway.cc b/src/cgi_gateway.cc index 30410f2..ab48f78 100644 --- a/src/cgi_gateway.cc +++ b/src/cgi_gateway.cc
@@ -1,93 +1,97 @@
1	#include <errno.h>	1	#include <errno.h>
2	#include <ctype.h>	2	#include <ctype.h>
3	#include "kingate/cgi_gateway.h"	3	#include "kingate/cgi_gateway.h"
4	#include "kingate/util.h"	4	#include "kingate/util.h"
5	#include "kingate/exception.h"	5	#include "kingate/exception.h"
6		6
7	namespace kingate {	7	namespace kingate {
8		8
9	static string empty_string;	9	static string empty_string;
10		10
11	cgi_gateway::cgi_gateway(cgi_interface& ci)	11	cgi_gateway::cgi_gateway(cgi_interface& ci)
12	: iface(ci), b_parsed_content(false) {	12	: iface(ci), b_parsed_content(false) {
13	// Fetch GET content	13	// Fetch GET content
14	try {	14	try {
15	string qs = get_meta("QUERY_STRING");	15	string qs = get_meta("QUERY_STRING");
16	parse_query(qs,get);	16	parse_query(qs,get);
17	}catch(exception_notfound& enf) { }	17	}catch(exception_notfound& enf) { }
18	// Fetch POST content	18	// Fetch POST content
19	if(!strcasecmp(content_type().c_str(),"application/x-www-form-urlencoded")) {	19	if(!strcasecmp(content_type().c_str(),"application/x-www-form-urlencoded")) {
20	unsigned long cl = content_length();	20	unsigned long cl = content_length();
21	if(cl) {	21	if(cl) {
22	char * tmp = new char[cl];	22	char * tmp = new char[cl];
23	iface.in().read(tmp,cl);	23	iface.in().read(tmp,cl);
24	string qs(tmp,cl);	24	string qs(tmp,cl);
25	delete tmp;	25	delete tmp;
26	parse_query(qs,post);	26	parse_query(qs,post);
27	}	27	}
28	b_parsed_content = true;	28	b_parsed_content = true;
29	}	29	}
		30	// Parse cookies
		31	try {
		32	cookies.parse_cookies(get_meta("HTTP_COOKIE"));
		33	}catch(exception_notfound& enf) { }
30	}	34	}
31		35
32	bool cgi_gateway::has_GET(const string& n) const {	36	bool cgi_gateway::has_GET(const string& n) const {
33	return get.find(n) != get.end();	37	return get.find(n) != get.end();
34	}	38	}
35	const string& cgi_gateway::get_GET(const string& n) const {	39	const string& cgi_gateway::get_GET(const string& n) const {
36	params_t::const_iterator i = get.find(n);	40	params_t::const_iterator i = get.find(n);
37	if(i==get.end())	41	if(i==get.end())
38	throw exception_notfound(CODEPOINT,"no such parameter");	42	throw exception_notfound(CODEPOINT,"no such parameter");
39	return i->second;	43	return i->second;
40	}	44	}
41	bool cgi_gateway::has_POST(const string& n) const {	45	bool cgi_gateway::has_POST(const string& n) const {
42	return post.find(n) != post.end();	46	return post.find(n) != post.end();
43	}	47	}
44	const string& cgi_gateway::get_POST(const string& n) const {	48	const string& cgi_gateway::get_POST(const string& n) const {
45	params_t::const_iterator i = post.find(n);	49	params_t::const_iterator i = post.find(n);
46	if(i==post.end())	50	if(i==post.end())
47	throw exception_notfound(CODEPOINT,"no such parameter");	51	throw exception_notfound(CODEPOINT,"no such parameter");
48	return i->second;	52	return i->second;
49	}	53	}
50	bool cgi_gateway::has_param(const string& n) const {	54	bool cgi_gateway::has_param(const string& n) const {
51	return has_GET(n) \|\| has_POST(n);	55	return has_GET(n) \|\| has_POST(n);
52	}	56	}
53	const string& cgi_gateway::get_param(const string& n) const {	57	const string& cgi_gateway::get_param(const string& n) const {
54	params_t::const_iterator i = get.find(n);	58	params_t::const_iterator i = get.find(n);
55	if(i!=get.end())	59	if(i!=get.end())
56	return i->second;	60	return i->second;
57	i = post.find(n);	61	i = post.find(n);
58	if(i!=post.end())	62	if(i!=post.end())
59	return i->second;	63	return i->second;
60	throw exception_notfound(CODEPOINT,"no such parameter");	64	throw exception_notfound(CODEPOINT,"no such parameter");
61	}	65	}
62		66
63	/*	67	/*
64	* deprecated stuff.	68	* deprecated stuff.
65	*/	69	*/
66	const string& cgi_gateway::get_content_type() const {	70	const string& cgi_gateway::get_content_type() const {
67	if(!has_meta("CONTENT_TYPE"))	71	if(!has_meta("CONTENT_TYPE"))
68	return empty_string;	72	return empty_string;
69	return get_meta("CONTENT_TYPE");	73	return get_meta("CONTENT_TYPE");
70	}	74	}
71	unsigned long cgi_gateway::get_content_length() const {	75	unsigned long cgi_gateway::get_content_length() const {
72	if(!has_meta("CONTENT_LENGTH"))	76	if(!has_meta("CONTENT_LENGTH"))
73	return 0;	77	return 0;
74	string cl = get_meta("CONTENT_LENGTH");	78	string cl = get_meta("CONTENT_LENGTH");
75	return strtol(cl.c_str(),NULL,10);	79	return strtol(cl.c_str(),NULL,10);
76	}	80	}
77	/*	81	/*
78	*	82	*
79	*/	83	*/
80		84
81	const string& cgi_gateway::http_request_header(const string& hn) const {	85	const string& cgi_gateway::http_request_header(const string& hn) const {
82	string mvn = "HTTP_";	86	string mvn = "HTTP_";
83	for(const char* p=hn.c_str();*p;p++) {	87	for(const char* p=hn.c_str();*p;p++) {
84	if(*p=='-')	88	if(*p=='-')
85	mvn += '_';	89	mvn += '_';
86	else	90	else
87	mvn += toupper(*p);	91	mvn += toupper(*p);
88	}	92	}
89	return get_meta(mvn);	93	return get_meta(mvn);
90	}	94	}
91		95
92	const string& cgi_gateway::auth_type() const {	96	const string& cgi_gateway::auth_type() const {
93	try {	97	try {


diff --git a/src/cookies.cc b/src/cookies.cc new file mode 100644 index 0000000..40a0c8b --- a/dev/null +++ b/src/cookies.cc
@@ -0,0 +1,242 @@
		1	#include "kingate/cookies.h"
		2	#include "kingate/util.h"
		3	#include "kingate/exception.h"
		4
		5	namespace kingate {
		6
		7	/*
		8	* RFC 2109:
		9	* av-pairs = av-pair *(";" av-pair)
		10	* av-pair = attr ["=" value] ; optional value
		11	* attr = token
		12	* value = word
		13	* word = token \| quoted-string
		14	*/
		15
		16	/* RFC 2109:
		17	*
		18	* The origin server effectively ends a session by sending the client a
		19	* Set-Cookie header with Max-Age=0.
		20	*
		21	* An origin server may include multiple Set-Cookie headers in a response.
		22	* Note that an intervening gateway could fold multiple such headers into a
		23	* single header.
		24	*
		25	*
		26	* set-cookie = "Set-Cookie:" cookies
		27	* cookies = 1#cookie
		28	* cookie = NAME "=" VALUE *(";" cookie-av)
		29	* NAME = attr
		30	* VALUE = value
		31	* cookie-av = "Comment" "=" value
		32	* \| "Domain" "=" value
		33	* \| "Max-Age" "=" value
		34	* \| "Path" "=" value
		35	* \| "Secure"
		36	* \| "Version" "=" 1*DIGIT
		37	*
		38	*
		39	* The origin server should send the following additional HTTP/1.1
		40	* response headers, depending on circumstances:
		41	*
		42	* * To suppress caching of the Set-Cookie header: Cache-control: no-
		43	* cache="set-cookie".
		44	*
		45	* and one of the following:
		46	*
		47	* * To suppress caching of a private document in shared caches: Cache-
		48	* control: private.
		49	*
		50	* * To allow caching of a document and require that it be validated
		51	* before returning it to the client: Cache-control: must-revalidate.
		52	*
		53	* * To allow caching of a document, but to require that proxy caches
		54	* (not user agent caches) validate it before returning it to the
		55	* client: Cache-control: proxy-revalidate.
		56	*
		57	* * To allow caching of a document and request that it be validated
		58	* before returning it to the client (by "pre-expiring" it):
		59	* Cache-control: max-age=0. Not all caches will revalidate the
		60	* document in every case.
		61	*
		62	* HTTP/1.1 servers must send Expires: old-date (where old-date is a
		63	* date long in the past) on responses containing Set-Cookie response
		64	* headers unless they know for certain (by out of band means) that
		65	* there are no downsteam HTTP/1.0 proxies. HTTP/1.1 servers may send
		66	* other Cache-Control directives that permit caching by HTTP/1.1
		67	* proxies in addition to the Expires: old-date directive; the Cache-
		68	* Control directive will override the Expires: old-date for HTTP/1.1
		69	* proxies.
		70	*
		71	*/
		72
		73	void cookie::_set_string(const string& p,const string& v) {
		74	(*this)[p]=v;
		75	}
		76
		77	void cookie::set_comment(const string& c) {
		78	_set_string("comment",c);
		79	}
		80	void cookie::set_domain(const string& d) {
		81	_set_string("domain",d);
		82	}
		83	void cookie::set_max_age(const string& ma) {
		84	_set_string("max-age",ma);
		85	}
		86	void cookie::set_path(const string& p) {
		87	_set_string("path",p);
		88	}
		89	void cookie::set_secure(bool s) {
		90	if(s)
		91	_set_string("secure","");
		92	else
		93	erase("secure");
		94	}
		95
		96	void cookie::set_expires(const string& e) {
		97	(*this)["expires"] = e;
		98	}
		99
		100	const string& cookie::_get_string(const string& s) const {
		101	const_iterator i = find(s);
		102	if(i==end())
		103	throw exception_notfound(CODEPOINT,"No parameter set");
		104	return i->second;
		105	}
		106
		107	const string& cookie::get_comment() const {
		108	return _get_string("comment");
		109	}
		110	const string& cookie::get_domain() const {
		111	return _get_string("domain");
		112	}
		113	const string& cookie::get_max_age() const {
		114	return _get_string("max-age");
		115	}
		116	const string& cookie::get_path() const {
		117	return _get_string("path");
		118	}
		119	bool cookie::get_secure() const {
		120	return find("secure")!=end();
		121	}
		122
		123	const string& cookie::get_expires() const {
		124	return _get_string("expires");
		125	}
		126
		127	bool cookie::has_comment() const {
		128	return find("comment")!=end();
		129	}
		130	bool cookie::has_domain() const {
		131	return find("domain")!=end();
		132	}
		133	bool cookie::has_max_age() const {
		134	return find("max-age")!=end();
		135	}
		136	bool cookie::has_path() const {
		137	return find("path")!=end();
		138	}
		139
		140	bool cookie::has_expires() const {
		141	return find("expires")!=end();
		142	}
		143
		144	void cookie::unset_comment() {
		145	erase("comment");
		146	}
		147	void cookie::unset_domain() {
		148	erase("domain");
		149	}
		150	void cookie::unset_max_age() {
		151	erase("max-age");
		152	}
		153	void cookie::unset_path() {
		154	erase("path");
		155	}
		156
		157	void cookie::unset_expires() {
		158	erase("expires");
		159	}
		160
		161	string cookie::set_cookie_header_rfc2109() const {
		162	string rv = name + "=" + http_quoted_string(value);
		163	for(const_iterator i=begin();i!=end();++i) {
		164	if(i->first=="secure") {
		165	rv += "; secure";
		166	}else{
		167	rv += "; "+i->first+"="+http_quote(i->second);
		168	}
		169	}
		170	rv += "; Version=1";
		171	return rv;
		172	}
		173
		174	string cookie::set_cookie_header() const {
		175	string rv = name + "=" + value;
		176	for(const_iterator i=begin();i!=end();++i) {
		177	if(i->first=="secure") {
		178	rv += "; secure";
		179	}else{
		180	rv += "; "+i->first+"="+i->second;
		181	}
		182	}
		183	return rv;
		184	}
		185
		186	bool cookies_t::has_cookie(const key_type& n) const {
		187	return find(n)!=end();
		188	}
		189
		190	const cookie& cookies_t::get_cookie(const key_type& n) const {
		191	const_iterator i=find(n);
		192	if(i==end())
		193	throw exception_notfound(CODEPOINT,"No cookie with such name found");
		194	return i->second;
		195	}
		196
		197	cookie& cookies_t::get_cookie(const key_type& n) {
		198	iterator i=find(n);
		199	if(i==end())
		200	throw exception_notfound(CODEPOINT,"No cookie with such name found");
		201	return i->second;
		202	}
		203
		204	void cookies_t::parse_cookies(const string& s) {
		205	string str = s;
		206	while(!str.empty()) {
		207	string::size_type sc = str.find(';');
		208	string s;
		209	if(sc==string::npos) {
		210	s = str;
		211	str.erase();
		212	}else{
		213	s = str.substr(0,sc);
		214	str.erase(0,sc+1);
		215	}
		216	string::size_type nsp=s.find_first_not_of(" \t");
		217	if((nsp!=string::npos) && nsp)
		218	s.erase(0,nsp);
		219	string::size_type eq=s.find('=');
		220	if(eq==string::npos)
		221	continue;
		222	string n = s.substr(0,eq);
		223	s.erase(0,eq+1);
		224	nsp = n.find_last_not_of(" \t");
		225	n.erase(nsp+1);
		226	nsp = s.find_first_not_of(" \t");
		227	string v;
		228	if(nsp!=string::npos)
		229	v = s.substr(nsp);
		230	else
		231	v = s;
		232	nsp = v.find_last_not_of(" \t");
		233	if(nsp==string::npos)
		234	v.erase();
		235	else
		236	v.erase(nsp+1);
		237	cookie& c = (*this)[n];
		238	c.set_name(n); c.set_value(v);
		239	}
		240	}
		241
		242	}


diff --git a/src/headers.cc b/src/headers.cc new file mode 100644 index 0000000..89ac519 --- a/dev/null +++ b/src/headers.cc
@@ -0,0 +1,40 @@
		1	#include "kingate/headers.h"
		2	#include "kingate/exception.h"
		3
		4	namespace kingate {
		5
		6	void headers::set_header(const key_type& h,const mapped_type& c) {
		7	erase(h);
		8	insert(value_type(h,c));
		9	}
		10	void headers::add_header(const key_type& h,const mapped_type& c) {
		11	insert(value_type(h,c));
		12	}
		13	void headers::unset_header(const key_type& h) {
		14	erase(h);
		15	}
		16	const headers::mapped_type& headers::get_header(const key_type& h) const {
		17	const_iterator i=find(h);
		18	if(i==end())
		19	throw exception_notfound(CODEPOINT,"No such header");
		20	return i->second;
		21	}
		22	headers::mapped_type& headers::get_header(const key_type& h) {
		23	// XXX: or should it fail if there's no such thing, unlike operator[]?
		24	iterator i=find(h);
		25	if(i==end())
		26	i = insert(value_type(h,""));
		27	return i->second;
		28	}
		29
		30	pair<headers::const_iterator,headers::const_iterator> headers::get_headers(const key_type& h) const {
		31	return equal_range(h);
		32	}
		33	pair<headers::iterator,headers::iterator> headers::get_headers(const key_type& h) {
		34	return equal_range(h);
		35	}
		36
		37	bool headers::has_header(const key_type& h) const {
		38	return find(h)!=end();
		39	}
		40	}


diff --git a/src/util.cc b/src/util.cc index 3166e62..48e486a 100644 --- a/src/util.cc +++ b/src/util.cc
@@ -1,53 +1,106 @@
1	#include "kingate/util.h"	1	#include "kingate/util.h"
2	#include "kingate/exception.h"	2	#include "kingate/exception.h"
3		3
4	namespace kingate {	4	namespace kingate {
5		5
6	static const char *safeChars =	6	static const char *safeChars =
7	"ABCDEFGHIJKLMNOPQRSTUVWXYZ"	7	"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
8	"abcdefghijklmnopqrstuvwxyz"	8	"abcdefghijklmnopqrstuvwxyz"
9	"0123456789"	9	"0123456789"
10	"_-" ;	10	"_-" ;
11		11
12	string url_encode(const string& str) {	12	string url_encode(const string& str) {
13	string rv = str;	13	string rv = str;
14	string::size_type screwed = 0;	14	string::size_type screwed = 0;
15	for(;;) {	15	for(;;) {
16	screwed = rv.find_first_not_of(safeChars,screwed);	16	screwed = rv.find_first_not_of(safeChars,screwed);
17	if(screwed == string::npos)	17	if(screwed == string::npos)
18	break;	18	break;
19	while(screwed<rv.length() && !strchr(safeChars,rv.at(screwed))) {	19	while(screwed<rv.length() && !strchr(safeChars,rv.at(screwed))) {
20	char danger = rv.at(screwed);	20	char danger = rv.at(screwed);
21	if(danger==' ') {	21	if(danger==' ') {
22	rv.replace(screwed++,1,1,'+');	22	rv.replace(screwed++,1,1,'+');
23	}else{	23	}else{
24	static char tmp[4] = {'%',0,0,0};	24	static char tmp[4] = {'%',0,0,0};
25	snprintf(&tmp[1],3,"%02X",0xFF&(int)danger);	25	snprintf(&tmp[1],3,"%02X",0xFF&(int)danger);
26	rv.replace(screwed,1,tmp,3);	26	rv.replace(screwed,1,tmp,3);
27	screwed+=3;	27	screwed+=3;
28	}	28	}
29	}	29	}
30	}	30	}
31	return rv;	31	return rv;
32	}	32	}
33	string url_decode(const string& str) {	33	string url_decode(const string& str) {
34	string rv = str;	34	string rv = str;
35	string::size_type unscrewed = 0;	35	string::size_type unscrewed = 0;
36	for(;;) {	36	for(;;) {
37	unscrewed = rv.find_first_of("%+",unscrewed);	37	unscrewed = rv.find_first_of("%+",unscrewed);
38	if(unscrewed == string::npos)	38	if(unscrewed == string::npos)
39	break;	39	break;
40	if(rv.at(unscrewed)=='+') {	40	if(rv.at(unscrewed)=='+') {
41	rv.replace(unscrewed++,1,1,' ');	41	rv.replace(unscrewed++,1,1,' ');
42	}else{	42	}else{
43	if((rv.length()-unscrewed)<3)	43	if((rv.length()-unscrewed)<3)
44	throw exception(CODEPOINT,"incorrectly escaped string");	44	throw exception(CODEPOINT,"incorrectly escaped string");
45	// XXX: ensure it's hex?	45	// XXX: ensure it's hex?
46	int danger = strtol(rv.substr(unscrewed+1,2).c_str(),NULL,16);	46	int danger = strtol(rv.substr(unscrewed+1,2).c_str(),NULL,16);
47	rv.replace(unscrewed,3,1,danger);	47	rv.replace(unscrewed,3,1,danger);
48	unscrewed++;	48	unscrewed++;
49	}	49	}
50	}	50	}
51	return rv;	51	return rv;
52	}	52	}
		53
		54	/*
		55	* RFC 2616:
		56	*
		57	* separators = "(" \| ")" \| "<" \| ">" \| "@"
		58	* \| "," \| ";" \| ":" \| "\" \| <">
		59	* \| "/" \| "[" \| "]" \| "?" \| "="
		60	* \| "{" \| "}" \| SP \| HT
		61	*/
		62
		63	/*
		64	* RFC 2616:
		65	*
		66	* token = 1*<any CHAR except CTLs or separators>
		67	*/
		68
		69	static const char *quotible_chars =
		70	"\001\002\003\004\005\006\007\010"
		71	"\011\012\013\014\015\016\017\020"
		72	"\021\022\023\024\025\026\027\030"
		73	"\031\032\033\034\035\036\037\040"
		74	"()<>@,;:\\\"/[]?={}" /* separator chars (except for SP and HT mentioned elsewhere */
		75	"\177"
		76	;
		77
		78	/*
		79	* RFC 2616:
		80	*
		81	* quoted-string = ( <"> *(qdtext \| quoted-pair ) <"> )
		82	* qdtext = <any TEXT except <">>
		83	*
		84	* The backslash character ("\") MAY be used as a single-character
		85	* quoting mechanism only within quoted-string and comment constructs.
		86	*
		87	* quoted-pair = "\" CHAR
		88	*/
		89
		90	string http_quoted_string(const string& str) {
		91	string rv = str;
		92	string::size_type sp=0;
		93	for(string::size_type q=rv.find('"');(q=rv.find('"',q))!=string::npos;q+=2)
		94	rv.insert(q,1,'\\');
		95	rv.insert(0,1,'"');
		96	rv += '"';
		97	return rv;
		98	}
		99
		100	string http_quote(const string& str) {
		101	if(str.find_first_of(quotible_chars)==string::npos)
		102	return str;
		103	return http_quoted_string(str);
		104	}
		105
53	}	106	}