summaryrefslogtreecommitdiffabout
path: root/src
Side-by-side diff
Diffstat (limited to 'src') (more/less context) (ignore whitespace changes)
-rw-r--r--src/Makefile.am4
-rw-r--r--src/cgi_gateway.cc4
-rw-r--r--src/cookies.cc242
-rw-r--r--src/headers.cc40
-rw-r--r--src/util.cc53
5 files changed, 342 insertions, 1 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 12bb1f8..2d462c8 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,25 +1,27 @@
lib_LTLIBRARIES = libkingate.la libkingate-plaincgi.la
if HAVE_FCGI
lib_LTLIBRARIES += libkingate-fcgi.la
endif
INCLUDES = -I${top_srcdir}/include -I${top_srcdir}
AM_CXXFLAGS = ${KONFORKA_CFLAGS}
LDADD = ${KONFORKA_LIBS}
libkingate_la_SOURCES = \
cgi_gateway.cc \
cgi_interface.cc \
- util.cc
+ util.cc \
+ cookies.cc \
+ headers.cc
libkingate_la_LDFLAGS = -version-info 2:0:0
libkingate_fcgi_la_SOURCES = \
fastcgi.cc
libkingate_fcgi_la_LDFLAGS = -version-info 1:0:0
libkingate_plaincgi_la_SOURCES = \
plaincgi.cc
libkingate_plaincgi_la_LDFLAGS = -version-info 1:0:0
EXTRA_DIST = ${libkingate_fcgi_la_SOURCES}
diff --git a/src/cgi_gateway.cc b/src/cgi_gateway.cc
index 30410f2..ab48f78 100644
--- a/src/cgi_gateway.cc
+++ b/src/cgi_gateway.cc
@@ -1,241 +1,245 @@
#include <errno.h>
#include <ctype.h>
#include "kingate/cgi_gateway.h"
#include "kingate/util.h"
#include "kingate/exception.h"
namespace kingate {
static string empty_string;
cgi_gateway::cgi_gateway(cgi_interface& ci)
: iface(ci), b_parsed_content(false) {
// Fetch GET content
try {
string qs = get_meta("QUERY_STRING");
parse_query(qs,get);
}catch(exception_notfound& enf) { }
// Fetch POST content
if(!strcasecmp(content_type().c_str(),"application/x-www-form-urlencoded")) {
unsigned long cl = content_length();
if(cl) {
char * tmp = new char[cl];
iface.in().read(tmp,cl);
string qs(tmp,cl);
delete tmp;
parse_query(qs,post);
}
b_parsed_content = true;
}
+ // Parse cookies
+ try {
+ cookies.parse_cookies(get_meta("HTTP_COOKIE"));
+ }catch(exception_notfound& enf) { }
}
bool cgi_gateway::has_GET(const string& n) const {
return get.find(n) != get.end();
}
const string& cgi_gateway::get_GET(const string& n) const {
params_t::const_iterator i = get.find(n);
if(i==get.end())
throw exception_notfound(CODEPOINT,"no such parameter");
return i->second;
}
bool cgi_gateway::has_POST(const string& n) const {
return post.find(n) != post.end();
}
const string& cgi_gateway::get_POST(const string& n) const {
params_t::const_iterator i = post.find(n);
if(i==post.end())
throw exception_notfound(CODEPOINT,"no such parameter");
return i->second;
}
bool cgi_gateway::has_param(const string& n) const {
return has_GET(n) || has_POST(n);
}
const string& cgi_gateway::get_param(const string& n) const {
params_t::const_iterator i = get.find(n);
if(i!=get.end())
return i->second;
i = post.find(n);
if(i!=post.end())
return i->second;
throw exception_notfound(CODEPOINT,"no such parameter");
}
/*
* deprecated stuff.
*/
const string& cgi_gateway::get_content_type() const {
if(!has_meta("CONTENT_TYPE"))
return empty_string;
return get_meta("CONTENT_TYPE");
}
unsigned long cgi_gateway::get_content_length() const {
if(!has_meta("CONTENT_LENGTH"))
return 0;
string cl = get_meta("CONTENT_LENGTH");
return strtol(cl.c_str(),NULL,10);
}
/*
*
*/
const string& cgi_gateway::http_request_header(const string& hn) const {
string mvn = "HTTP_";
for(const char* p=hn.c_str();*p;p++) {
if(*p=='-')
mvn += '_';
else
mvn += toupper(*p);
}
return get_meta(mvn);
}
const string& cgi_gateway::auth_type() const {
try {
return get_meta("AUTH_TYPE");
}catch(exception_notfound& enf) {
return empty_string;
}
}
unsigned long cgi_gateway::content_length() const {
try {
const string& cl = get_meta("CONTENT_LENGTH");
errno = 0;
const char *clp = cl.c_str();
unsigned long rv = strtol(clp,(char**)&clp,10);
if(errno || *clp)
throw server_error(CODEPOINT,"Invalid CONTENT_LENGTH value passed from server");
return rv;
}catch(exception_notfound& enf) {
return 0;
}
}
const string& cgi_gateway::content_type() const {
try {
return get_meta("CONTENT_TYPE");
}catch(exception_notfound& enf) {
return empty_string;
}
}
const string& cgi_gateway::gateway_interface() const {
try {
return get_meta("GATEWAY_INTERFACE");
}catch(exception_notfound& enf) {
return empty_string;
}
}
const string& cgi_gateway::path_info() const {
try {
return get_meta("PATH_INFO");
}catch(exception_notfound& enf) {
return empty_string;
}
}
const string& cgi_gateway::path_translated() const {
try {
return get_meta("PATH_TRANSLATED");
}catch(exception_notfound& enf) {
return empty_string;
}
}
const string& cgi_gateway::query_string() const {
try {
return get_meta("QUERY_STRING");
}catch(exception_notfound& enf) {
return empty_string;
}
}
const string& cgi_gateway::remote_addr() const {
try {
return get_meta("REMOTE_ADDR");
}catch(exception_notfound& enf) {
return empty_string;
}
}
const string& cgi_gateway::remote_host() const {
try {
return get_meta("REMOTE_HOST");
}catch(exception_notfound& enf) {
return remote_addr();
}
}
const string& cgi_gateway::remote_ident() const {
try {
return get_meta("REMOTE_IDENT");
}catch(exception_notfound& enf) {
return empty_string;
}
}
const string& cgi_gateway::remote_user() const {
try {
return get_meta("REMOTE_USER");
}catch(exception_notfound& enf) {
return empty_string;
}
}
const string& cgi_gateway::request_method() const {
try {
return get_meta("REQUEST_METHOD");
}catch(exception_notfound& enf) {
throw server_error(CODEPOINT,"No REQUEST_METHOD passed from server");
}
}
const string& cgi_gateway::script_name() const {
try {
return get_meta("SCRIPT_NAME");
}catch(exception_notfound& enf) {
throw server_error(CODEPOINT,"No SCRIPT_NAME passed from server");
}
}
const string& cgi_gateway::server_name() const {
try {
return get_meta("SERVER_NAME");
}catch(exception_notfound& enf) {
throw server_error(CODEPOINT,"No SERVER_NAME passed from server");
}
}
unsigned int cgi_gateway::server_port() const {
try {
const string& sp = get_meta("SERVER_PORT");
errno = 0;
const char *spp = sp.c_str();
unsigned int rv = strtol(spp,(char**)&spp,10);
if(errno || *spp)
throw server_error(CODEPOINT,"Invalid SERVER_PORT value passed from server");
return rv;
}catch(exception_notfound& enf) {
throw server_error(CODEPOINT,"No SERVER_PORT passed from server");
}
}
const string& cgi_gateway::server_protocol() const {
try {
return get_meta("SERVER_PROTOCOL");
}catch(exception_notfound& enf) {
throw server_error(CODEPOINT,"No SERVER_PROTOCOL passed from server");
}
}
const string& cgi_gateway::server_software() const {
try {
return get_meta("SERVER_SOFTWARE");
}catch(exception_notfound& enf) {
throw server_error(CODEPOINT,"No SERVER_SOFTWARE passed from server");
}
}
void cgi_gateway::parse_query(string& q,params_t& p) {
while(!q.empty()) {
string::size_type amp = q.find('&');
string pp = (amp==string::npos)?q:q.substr(0,amp);
if(amp==string::npos)
q.clear();
else
q.erase(0,amp+1);
string::size_type eq = pp.find('=');
if(eq == string::npos) {
p.insert(params_t::value_type("",url_decode(pp)));
}else{
p.insert(params_t::value_type(url_decode(pp.substr(0,eq)),url_decode(pp.substr(eq+1))));
}
}
}
}
diff --git a/src/cookies.cc b/src/cookies.cc
new file mode 100644
index 0000000..40a0c8b
--- a/dev/null
+++ b/src/cookies.cc
@@ -0,0 +1,242 @@
+#include "kingate/cookies.h"
+#include "kingate/util.h"
+#include "kingate/exception.h"
+
+namespace kingate {
+
+ /*
+ * RFC 2109:
+ * av-pairs = av-pair *(";" av-pair)
+ * av-pair = attr ["=" value] ; optional value
+ * attr = token
+ * value = word
+ * word = token | quoted-string
+ */
+
+ /* RFC 2109:
+ *
+ * The origin server effectively ends a session by sending the client a
+ * Set-Cookie header with Max-Age=0.
+ *
+ * An origin server may include multiple Set-Cookie headers in a response.
+ * Note that an intervening gateway could fold multiple such headers into a
+ * single header.
+ *
+ *
+ * set-cookie = "Set-Cookie:" cookies
+ * cookies = 1#cookie
+ * cookie = NAME "=" VALUE *(";" cookie-av)
+ * NAME = attr
+ * VALUE = value
+ * cookie-av = "Comment" "=" value
+ * | "Domain" "=" value
+ * | "Max-Age" "=" value
+ * | "Path" "=" value
+ * | "Secure"
+ * | "Version" "=" 1*DIGIT
+ *
+ *
+ * The origin server should send the following additional HTTP/1.1
+ * response headers, depending on circumstances:
+ *
+ * * To suppress caching of the Set-Cookie header: Cache-control: no-
+ * cache="set-cookie".
+ *
+ * and one of the following:
+ *
+ * * To suppress caching of a private document in shared caches: Cache-
+ * control: private.
+ *
+ * * To allow caching of a document and require that it be validated
+ * before returning it to the client: Cache-control: must-revalidate.
+ *
+ * * To allow caching of a document, but to require that proxy caches
+ * (not user agent caches) validate it before returning it to the
+ * client: Cache-control: proxy-revalidate.
+ *
+ * * To allow caching of a document and request that it be validated
+ * before returning it to the client (by "pre-expiring" it):
+ * Cache-control: max-age=0. Not all caches will revalidate the
+ * document in every case.
+ *
+ * HTTP/1.1 servers must send Expires: old-date (where old-date is a
+ * date long in the past) on responses containing Set-Cookie response
+ * headers unless they know for certain (by out of band means) that
+ * there are no downsteam HTTP/1.0 proxies. HTTP/1.1 servers may send
+ * other Cache-Control directives that permit caching by HTTP/1.1
+ * proxies in addition to the Expires: old-date directive; the Cache-
+ * Control directive will override the Expires: old-date for HTTP/1.1
+ * proxies.
+ *
+ */
+
+ void cookie::_set_string(const string& p,const string& v) {
+ (*this)[p]=v;
+ }
+
+ void cookie::set_comment(const string& c) {
+ _set_string("comment",c);
+ }
+ void cookie::set_domain(const string& d) {
+ _set_string("domain",d);
+ }
+ void cookie::set_max_age(const string& ma) {
+ _set_string("max-age",ma);
+ }
+ void cookie::set_path(const string& p) {
+ _set_string("path",p);
+ }
+ void cookie::set_secure(bool s) {
+ if(s)
+ _set_string("secure","");
+ else
+ erase("secure");
+ }
+
+ void cookie::set_expires(const string& e) {
+ (*this)["expires"] = e;
+ }
+
+ const string& cookie::_get_string(const string& s) const {
+ const_iterator i = find(s);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No parameter set");
+ return i->second;
+ }
+
+ const string& cookie::get_comment() const {
+ return _get_string("comment");
+ }
+ const string& cookie::get_domain() const {
+ return _get_string("domain");
+ }
+ const string& cookie::get_max_age() const {
+ return _get_string("max-age");
+ }
+ const string& cookie::get_path() const {
+ return _get_string("path");
+ }
+ bool cookie::get_secure() const {
+ return find("secure")!=end();
+ }
+
+ const string& cookie::get_expires() const {
+ return _get_string("expires");
+ }
+
+ bool cookie::has_comment() const {
+ return find("comment")!=end();
+ }
+ bool cookie::has_domain() const {
+ return find("domain")!=end();
+ }
+ bool cookie::has_max_age() const {
+ return find("max-age")!=end();
+ }
+ bool cookie::has_path() const {
+ return find("path")!=end();
+ }
+
+ bool cookie::has_expires() const {
+ return find("expires")!=end();
+ }
+
+ void cookie::unset_comment() {
+ erase("comment");
+ }
+ void cookie::unset_domain() {
+ erase("domain");
+ }
+ void cookie::unset_max_age() {
+ erase("max-age");
+ }
+ void cookie::unset_path() {
+ erase("path");
+ }
+
+ void cookie::unset_expires() {
+ erase("expires");
+ }
+
+ string cookie::set_cookie_header_rfc2109() const {
+ string rv = name + "=" + http_quoted_string(value);
+ for(const_iterator i=begin();i!=end();++i) {
+ if(i->first=="secure") {
+ rv += "; secure";
+ }else{
+ rv += "; "+i->first+"="+http_quote(i->second);
+ }
+ }
+ rv += "; Version=1";
+ return rv;
+ }
+
+ string cookie::set_cookie_header() const {
+ string rv = name + "=" + value;
+ for(const_iterator i=begin();i!=end();++i) {
+ if(i->first=="secure") {
+ rv += "; secure";
+ }else{
+ rv += "; "+i->first+"="+i->second;
+ }
+ }
+ return rv;
+ }
+
+ bool cookies_t::has_cookie(const key_type& n) const {
+ return find(n)!=end();
+ }
+
+ const cookie& cookies_t::get_cookie(const key_type& n) const {
+ const_iterator i=find(n);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No cookie with such name found");
+ return i->second;
+ }
+
+ cookie& cookies_t::get_cookie(const key_type& n) {
+ iterator i=find(n);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No cookie with such name found");
+ return i->second;
+ }
+
+ void cookies_t::parse_cookies(const string& s) {
+ string str = s;
+ while(!str.empty()) {
+ string::size_type sc = str.find(';');
+ string s;
+ if(sc==string::npos) {
+ s = str;
+ str.erase();
+ }else{
+ s = str.substr(0,sc);
+ str.erase(0,sc+1);
+ }
+ string::size_type nsp=s.find_first_not_of(" \t");
+ if((nsp!=string::npos) && nsp)
+ s.erase(0,nsp);
+ string::size_type eq=s.find('=');
+ if(eq==string::npos)
+ continue;
+ string n = s.substr(0,eq);
+ s.erase(0,eq+1);
+ nsp = n.find_last_not_of(" \t");
+ n.erase(nsp+1);
+ nsp = s.find_first_not_of(" \t");
+ string v;
+ if(nsp!=string::npos)
+ v = s.substr(nsp);
+ else
+ v = s;
+ nsp = v.find_last_not_of(" \t");
+ if(nsp==string::npos)
+ v.erase();
+ else
+ v.erase(nsp+1);
+ cookie& c = (*this)[n];
+ c.set_name(n); c.set_value(v);
+ }
+ }
+
+}
diff --git a/src/headers.cc b/src/headers.cc
new file mode 100644
index 0000000..89ac519
--- a/dev/null
+++ b/src/headers.cc
@@ -0,0 +1,40 @@
+#include "kingate/headers.h"
+#include "kingate/exception.h"
+
+namespace kingate {
+
+ void headers::set_header(const key_type& h,const mapped_type& c) {
+ erase(h);
+ insert(value_type(h,c));
+ }
+ void headers::add_header(const key_type& h,const mapped_type& c) {
+ insert(value_type(h,c));
+ }
+ void headers::unset_header(const key_type& h) {
+ erase(h);
+ }
+ const headers::mapped_type& headers::get_header(const key_type& h) const {
+ const_iterator i=find(h);
+ if(i==end())
+ throw exception_notfound(CODEPOINT,"No such header");
+ return i->second;
+ }
+ headers::mapped_type& headers::get_header(const key_type& h) {
+ // XXX: or should it fail if there's no such thing, unlike operator[]?
+ iterator i=find(h);
+ if(i==end())
+ i = insert(value_type(h,""));
+ return i->second;
+ }
+
+ pair<headers::const_iterator,headers::const_iterator> headers::get_headers(const key_type& h) const {
+ return equal_range(h);
+ }
+ pair<headers::iterator,headers::iterator> headers::get_headers(const key_type& h) {
+ return equal_range(h);
+ }
+
+ bool headers::has_header(const key_type& h) const {
+ return find(h)!=end();
+ }
+}
diff --git a/src/util.cc b/src/util.cc
index 3166e62..48e486a 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -1,53 +1,106 @@
#include "kingate/util.h"
#include "kingate/exception.h"
namespace kingate {
static const char *safeChars =
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz"
"0123456789"
"_-" ;
string url_encode(const string& str) {
string rv = str;
string::size_type screwed = 0;
for(;;) {
screwed = rv.find_first_not_of(safeChars,screwed);
if(screwed == string::npos)
break;
while(screwed<rv.length() && !strchr(safeChars,rv.at(screwed))) {
char danger = rv.at(screwed);
if(danger==' ') {
rv.replace(screwed++,1,1,'+');
}else{
static char tmp[4] = {'%',0,0,0};
snprintf(&tmp[1],3,"%02X",0xFF&(int)danger);
rv.replace(screwed,1,tmp,3);
screwed+=3;
}
}
}
return rv;
}
string url_decode(const string& str) {
string rv = str;
string::size_type unscrewed = 0;
for(;;) {
unscrewed = rv.find_first_of("%+",unscrewed);
if(unscrewed == string::npos)
break;
if(rv.at(unscrewed)=='+') {
rv.replace(unscrewed++,1,1,' ');
}else{
if((rv.length()-unscrewed)<3)
throw exception(CODEPOINT,"incorrectly escaped string");
// XXX: ensure it's hex?
int danger = strtol(rv.substr(unscrewed+1,2).c_str(),NULL,16);
rv.replace(unscrewed,3,1,danger);
unscrewed++;
}
}
return rv;
}
+
+ /*
+ * RFC 2616:
+ *
+ * separators = "(" | ")" | "<" | ">" | "@"
+ * | "," | ";" | ":" | "\" | <">
+ * | "/" | "[" | "]" | "?" | "="
+ * | "{" | "}" | SP | HT
+ */
+
+ /*
+ * RFC 2616:
+ *
+ * token = 1*<any CHAR except CTLs or separators>
+ */
+
+ static const char *quotible_chars =
+ "\001\002\003\004\005\006\007\010"
+ "\011\012\013\014\015\016\017\020"
+ "\021\022\023\024\025\026\027\030"
+ "\031\032\033\034\035\036\037\040"
+ "()<>@,;:\\\"/[]?={}" /* separator chars (except for SP and HT mentioned elsewhere */
+ "\177"
+ ;
+
+ /*
+ * RFC 2616:
+ *
+ * quoted-string = ( <"> *(qdtext | quoted-pair ) <"> )
+ * qdtext = <any TEXT except <">>
+ *
+ * The backslash character ("\") MAY be used as a single-character
+ * quoting mechanism only within quoted-string and comment constructs.
+ *
+ * quoted-pair = "\" CHAR
+ */
+
+ string http_quoted_string(const string& str) {
+ string rv = str;
+ string::size_type sp=0;
+ for(string::size_type q=rv.find('"');(q=rv.find('"',q))!=string::npos;q+=2)
+ rv.insert(q,1,'\\');
+ rv.insert(0,1,'"');
+ rv += '"';
+ return rv;
+ }
+
+ string http_quote(const string& str) {
+ if(str.find_first_of(quotible_chars)==string::npos)
+ return str;
+ return http_quoted_string(str);
+ }
+
}