Ye_Ol_Pi_Shack
/
CppCMS
2
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 1 Wiki Activity
ChipMaster's trial hacks on C++CMS starting with v1.2.1. Not sure I'll follow on with the v2 since it looks to be breaking and mostly frivolous.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1075 Commits
2 Branches
13 MiB
 
 
 
 
 
 
Tree: 142ffce91d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '142ffce91d'
${ noResults }
CppCMS/src/internal_file_server.cpp

546 lines
14 KiB
Raw Blame History 

  1. ///////////////////////////////////////////////////////////////////////////////

  2. //                                                                             

  3. //  Copyright (C) 2008-2012  Artyom Beilis (Tonkikh) <artyomtnk@yahoo.com>     

  4. //                                                                             

  5. //  See accompanying file COPYING.TXT file for licensing details.

  6. //

  7. ///////////////////////////////////////////////////////////////////////////////

  8. #define CPPCMS_SOURCE

  9. // make sure we all defines are given

  10. #include "dir.h"

  11. #include <cppcms/config.h>

  12. # if defined(CPPCMS_HAVE_CANONICALIZE_FILE_NAME) && !defined(_GNU_SOURCE)

  13. # define _GNU_SOURCE

  14. #endif

  15. 

  16. #include <stdlib.h>

  17. 

  18. #include <booster/callback.h>

  19. #include <cppcms/application.h>

  20. #include <cppcms/service.h>

  21. #include <cppcms/http_response.h>

  22. #include <cppcms/http_context.h>

  23. #include "internal_file_server.h"

  24. #include <cppcms/cppcms_error.h>

  25. #include <cppcms/json.h>

  26. #include <cppcms/util.h>

  27. #include <sstream>

  28. #include <booster/nowide/fstream.h>

  29. #include <booster/locale/encoding.h>

  30. #include <booster/locale/formatting.h>

  31. 

  32. #include <string.h>

  33. 

  34. #include <sys/types.h>

  35. #include <sys/stat.h>

  36. 

  37. #ifndef CPPCMS_WIN_NATIVE

  38. #include <unistd.h>

  39. #include <limits.h>

  40. #endif

  41. 

  42. 

  43. namespace cppcms {

  44. namespace impl {

  45. 

  46. file_server::file_server(cppcms::service &srv,bool async) : application(srv), async_(async)

  47. {

  48. 	if(!canonical(settings().get("file_server.document_root","."),document_root_))

  49. 		throw cppcms_error("Invalid document root");

  50. 

  51. 	list_directories_ = settings().get("file_server.listing",false);

  52. 	index_file_ = settings().get("file_server.index","index.html");

  53. 	check_symlinks_ = settings().get("file_server.check_symlink",true);

  54. 

  55. 	std::string mime_file=settings().get("file_server.mime_types","");

  56. 

  57. 	allow_deflate_ = settings().get("file_server.allow_deflate",false);

  58. 

  59. 	if(settings().find("file_server.alias").type()==json::is_array) {

  60. 		json::array const &alias = settings().find("file_server.alias").array();

  61. 		for(unsigned i=0;i<alias.size();i++) {

  62. 			std::string url = alias[i].get<std::string>("url");

  63. 			if(url.size() < 2 || url[0]!='/') {

  64. 				throw cppcms_error("Invalid alias URL: " + url);

  65. 			}

  66. 			if(url[url.size()-1]=='/')

  67. 				url.resize(url.size()-1);

  68. 			std::string input_path = alias[i].get<std::string>("path");

  69. 			std::string canon_path;

  70. 			if(!canonical(input_path,canon_path)) {

  71. 				throw cppcms_error("Invalid alias path: " + input_path);

  72. 			}

  73. 			alias_.push_back(std::make_pair(url,canon_path));

  74. 		}

  75. 	}

  76. 

  77. 	if(mime_file.empty()) {

  78. 		mime_[".pdf"]	=      "application/pdf";

  79. 		mime_[".sig"]	=      "application/pgp-signature";

  80. 		mime_[".spl"]	=      "application/futuresplash";

  81. 		mime_[".ps"]	=      "application/postscript";

  82. 		mime_[".torrent"]=      "application/x-bittorrent";

  83. 		mime_[".dvi"]	=      "application/x-dvi";

  84. 		mime_[".gz"]	=      "application/x-gzip";

  85. 		mime_[".pac"]	=      "application/x-ns-proxy-autoconfig";

  86. 		mime_[".swf"]	=      "application/x-shockwave-flash";

  87. 		mime_[".tgz"]	=      "application/x-tgz";

  88. 		mime_[".tar"]	=      "application/x-tar";

  89. 		mime_[".zip"]	=      "application/zip";

  90. 		mime_[".mp3"]	=      "audio/mpeg";

  91. 		mime_[".m3u"]	=      "audio/x-mpegurl";

  92. 		mime_[".wma"]	=      "audio/x-ms-wma";

  93. 		mime_[".wax"]	=      "audio/x-ms-wax";

  94. 		mime_[".ogg"]	=      "application/ogg";

  95. 		mime_[".wav"]	=      "audio/x-wav";

  96. 		mime_[".gif"]	=      "image/gif";

  97. 		mime_[".jpg"]	=      "image/jpeg";

  98. 		mime_[".jpeg"]	=      "image/jpeg";

  99. 		mime_[".png"]	=      "image/png";

  100. 		mime_[".xbm"]	=      "image/x-xbitmap";

  101. 		mime_[".xpm"]	=      "image/x-xpixmap";

  102. 		mime_[".xwd"]	=      "image/x-xwindowdump";

  103. 		mime_[".css"]	=      "text/css";

  104. 		mime_[".html"]	=      "text/html";

  105. 		mime_[".htm"]	=      "text/html";

  106. 		mime_[".js"]	=      "text/javascript";

  107. 		mime_[".asc"]	=      "text/plain";

  108. 		mime_[".c"]	=      "text/plain";

  109. 		mime_[".cpp"]	=      "text/plain";

  110. 		mime_[".log"]	=      "text/plain";

  111. 		mime_[".conf"]	=      "text/plain";

  112. 		mime_[".text"]	=      "text/plain";

  113. 		mime_[".txt"]	=      "text/plain";

  114. 		mime_[".dtd"]	=      "text/xml";

  115. 		mime_[".xml"]	=      "text/xml";

  116. 		mime_[".mpeg"]	=      "video/mpeg";

  117. 		mime_[".mpg"]	=      "video/mpeg";

  118. 		mime_[".mov"]	=      "video/quicktime";

  119. 		mime_[".qt"]	=      "video/quicktime";

  120. 		mime_[".avi"]	=      "video/x-msvideo";

  121. 		mime_[".asf"]	=      "video/x-ms-asf";

  122. 		mime_[".asx"]	=      "video/x-ms-asf";

  123. 		mime_[".wmv"]	=      "video/x-ms-wmv";

  124. 		mime_[".bz2"]	=      "application/x-bzip";

  125. 		mime_[".tbz"]	=      "application/x-bzip-compressed-tar";

  126. 	}

  127. 	else {

  128. 		load_mime_types(mime_file);

  129. 	}

  130. 

  131. }

  132. 

  133. void file_server::load_mime_types(std::string file_name)

  134. {

  135. 	booster::nowide::ifstream inp(file_name.c_str());

  136. 	if(!inp) {

  137. 		return;

  138. 	}

  139. 	std::string line;

  140. 	while(!inp.eof() && getline(inp,line)) {

  141. 		if(line.empty() || line[0]=='#')

  142. 			continue;

  143. 		std::istringstream ss(line);

  144. 		std::string mime;

  145. 		std::string ext;

  146. 		if(ss>>mime) {

  147. 			while(ss>>ext) {

  148. 				mime_["."+ext]=mime;

  149. 			}

  150. 		}

  151. 	}

  152. }

  153. 

  154. file_server::~file_server()

  155. {

  156. }

  157. 

  158. bool file_server::canonical(std::string normal,std::string &real)

  159. {

  160. #ifndef CPPCMS_WIN_NATIVE

  161. 

  162. 

  163. 	#ifdef CPPCMS_HAVE_CANONICALIZE_FILE_NAME

  164. 

  165. 		char *canon=::canonicalize_file_name(normal.c_str());

  166. 		if(!canon) return false;

  167. 		try { 

  168. 			real=canon;

  169. 		}

  170. 		catch(...)

  171. 		{

  172. 			free(canon);

  173. 			throw; 

  174. 		}

  175. 		free(canon);

  176. 		canon=0;

  177. 

  178. 	#else

  179. 		#if defined(PATH_MAX)

  180. 			int len = PATH_MAX;

  181. 		#else

  182. 			int len = pathconf(normal.c_str(),_PC_PATH_MAX);

  183. 			if(len <= 0)

  184. 				len = 32768; // Hope it is enough

  185. 		#endif

  186. 

  187. 		std::vector<char> buffer;

  188. 		try { 

  189. 			// Size may be not feasible for allocation according to POSIX

  190. 			buffer.resize(len,0);

  191. 		}

  192. 		catch(std::bad_alloc const &e) {

  193. 			buffer.resize(32768); 

  194. 		}

  195. 

  196. 		char *canon = ::realpath(normal.c_str(),&buffer.front());

  197. 		if(!canon)

  198. 			return false;

  199. 		real = canon;

  200. 	#endif

  201. 

  202. #else

  203. 		wchar_t *wreal = 0;

  204. 		try {

  205. 			std::wstring wnormal = booster::locale::conv::utf_to_utf<wchar_t>(normal,booster::locale::conv::stop);

  206. 			wchar_t *wreal = _wfullpath(0,wnormal.c_str(),0);

  207. 			if(!wreal)

  208. 				return false;

  209. 			real = booster::locale::conv::utf_to_utf<char>(wreal,booster::locale::conv::stop);

  210. 			free(wreal);

  211. 			wreal = 0;

  212. 		}

  213. 		catch(booster::locale::conv::conversion_error const &) {

  214. 			if(wreal)

  215. 				free(wreal);

  216. 			return false;

  217. 		}

  218. 		// stat would not work on files like foo/ so remove the last slash as realpath

  219. 		// and canonicalize does

  220. 		if(real.size()>1 && real[real.size()-1]=='\\')

  221. 			real.resize(real.size()-1);

  222. #endif

  223. 	return true;

  224. }

  225. 

  226. static bool is_directory_separator(char c)

  227. {

  228. #ifdef CPPCMS_WIN32

  229. 	return c=='\\'  || c=='/';

  230. #else

  231. 	return c=='/';

  232. #endif

  233. }

  234. 

  235. static bool is_file_prefix(std::string const &prefix,std::string const &full)

  236. {

  237. 	size_t prefix_size = prefix.size();

  238. 	if(prefix_size > full.size())

  239. 		return false;

  240. 	if(memcmp(prefix.c_str(),full.c_str(),prefix_size) != 0)

  241. 		return false;

  242. 	if(prefix_size == 0 || is_directory_separator(prefix[prefix_size-1]))

  243. 		return true;

  244. 	if(full.size() > prefix_size && !is_directory_separator(full[prefix_size]))

  245. 		return false;

  246. 	return true;

  247. }

  248. 

  249. bool file_server::is_in_root(std::string const &input_path,std::string const &root,std::string &real)

  250. {

  251. 	std::string normal=root + "/" + input_path;

  252. 	if(!canonical(normal,real))

  253. 		return false;

  254. 	if(!is_file_prefix(root,real))

  255. 		return false;

  256. 	return true;

  257. }

  258. 

  259. void file_server::normalize_path(std::string &path)

  260. {

  261. #ifdef CPPCMS_WIN32

  262. 	for(size_t i=0;i<path.size();i++)

  263. 		if(path[i]=='\\')

  264. 			path[i]='/';

  265. #endif

  266. 	if(path.empty() || path[0]!='/')

  267. 		path = "/" + path;

  268. 	

  269. 	std::string::iterator out = path.begin() + 1;

  270. 	std::string::iterator start = path.begin() + 1;

  271. 	while(start < path.end()) {

  272. 		std::string::iterator end = std::find(start,path.end(),'/');

  273. 		if(end==start || (end-start == 1 && *start == '.')) { // case of "//" and "/./"

  274. 			// nothing to do

  275. 		}

  276. 		else if(end-start == 2 && *start == '.' && *(start+1) == '.') {

  277. 			std::string::iterator min_pos = path.begin() + 1;

  278. 			if(out > min_pos)

  279. 				out --;

  280. 			while(out > min_pos) {

  281. 				out --;

  282. 				if(*out == '/')

  283. 					break;

  284. 			}

  285. 		}

  286. 		else {

  287. 			out = std::copy(start,end,out);

  288. 			if(end != path.end())

  289. 				*out++ = '/';

  290. 		}

  291. 		if(end == path.end())

  292. 			break;

  293. 		start = end;

  294. 		++start;

  295. 	}

  296. 	if(*(out-1) == '/' && out > path.begin()+1)

  297. 		out--;

  298. 	path.resize(out - path.begin());

  299. }

  300. 

  301. bool file_server::check_in_document_root(std::string normal,std::string &real) 

  302. {

  303. 	normalize_path(normal);

  304. 	std::string root = document_root_;

  305. 	for(unsigned i=0;i<alias_.size();i++) {

  306. 		std::string const &ref=alias_[i].first;

  307. 		if(is_file_prefix(ref,normal))

  308. 		{

  309. 			root = alias_[i].second;

  310. 			normal = normal.substr(ref.size());

  311. 			if(normal.empty())

  312. 				normal="/";

  313. 			break;

  314. 		}

  315. 	}

  316. 	if(normal.empty())

  317. 		return false;

  318. 	if(normal[0]!='/')

  319. 		return false;

  320. 	if(check_symlinks_) {

  321. 		if(!is_in_root(normal,root,real))

  322. 			return false;

  323. 	}

  324. 	else {

  325. 		real = root + normal;

  326. 	}

  327. 	return true;

  328. }

  329. 

  330. namespace {

  331. 

  332. #ifdef CPPCMS_WIN_NATIVE

  333. typedef struct _stat port_stat;

  334. int get_stat(char const *name,port_stat *st)

  335. {

  336. 	std::wstring wname = booster::locale::conv::utf_to_utf<wchar_t>(name,booster::locale::conv::stop);

  337. 	return ::_wstat(wname.c_str(),st);

  338. }

  339. #else

  340. typedef struct stat port_stat;

  341. int get_stat(char const *name,port_stat *st)

  342. {

  343. 	return ::stat(name,st);

  344. }

  345. #endif

  346. 

  347. }

  348. 

  349. int file_server::file_mode(std::string const &file_name)

  350. {

  351. 	port_stat st;

  352. 	if(get_stat(file_name.c_str(),&st) < 0)

  353. 		return 0;

  354. 	return st.st_mode;

  355. }

  356. 

  357. void file_server::list_dir(std::string const &url,std::string const &path)

  358. {

  359. 	cppcms::impl::directory d;

  360. 	if(!d.open(path)) {

  361. 		show404();

  362. 		return;

  363. 	}

  364. 	

  365. #ifdef CPPCMS_WIN_NATIVE

  366. 	response().content_type("text/html; charset=UTF-8");

  367. #endif

  368. 	std::ostream &out = response().out();

  369. 	out << "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n"

  370. 	       "     \"http://www.w3.org/TR/html4/loose.dtd\">\n";

  371. 

  372. 	out << "<html><head><title>Directory Listing</title></head>\n"

  373. 		"<body><h1>Index of " << util::escape(url) << "</h1>\n";

  374. 	out << booster::locale::as::gmt;

  375. 	//out <<"<table cellpadding='0' cellspacing='2' border='0' >\n";

  376. 	out <<"<table>\n";

  377. 	out <<"<thead><tr><td width='60%'>File</td><td width='20%' >Date</td><td width='5%'>&nbsp;</td><td width='15%'>Size</td></tr></thead>\n"

  378. 		"<tbody>\n";

  379. 	if(url!="/" && !url.empty()) {

  380. 		out << "<tr><td><code><a href='../' >..</a></code></td><td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td></tr>\n";

  381. 	}

  382. 	out << booster::locale::as::ftime("%Y-%m-%d %H:%M:%S");

  383. 	while(d.next()) {

  384. 		if(memcmp(d.name(),".",1) == 0)

  385. 			continue;

  386. 		port_stat st;

  387. 		if(get_stat((path + "/" + d.name()).c_str(),&st) < 0)

  388. 			continue;

  389. 		char const *add="";

  390. 		if(st.st_mode & S_IFDIR)

  391. 			add="/";

  392. 		else if(st.st_mode & S_IFREG)

  393. 			;

  394. 		else 

  395. 			continue;

  396. 		out << "<tr>";

  397. 		out << "<td><code><a href='" 

  398. 			<< util::urlencode(d.name()) << add << "'>" << util::escape(d.name()) << add << "</a></code></td>";

  399. 		out << "<td>" << booster::locale::as::strftime << st.st_mtime <<"</td><td>&nbsp;</td>";

  400. 		if(st.st_mode & S_IFREG)

  401. 			out << "<td>" << booster::locale::as::number << st.st_size <<"</td>";

  402. 		else

  403. 			out << "<td> <strong>-</strong> </td>";

  404. 		out <<"</tr>\n";

  405. 	}

  406. 	out <<"</tbody>\n</table>\n";

  407. 	out <<"<p>CppCMS-Embedded/" CPPCMS_PACKAGE_VERSION "</p>\n";

  408. 	out <<"</body>\n";

  409. }

  410. 

  411. namespace file_server_detail {

  412. 

  413. class async_file_handler : public booster::callable<void(cppcms::http::context::completion_type)>

  414. {

  415. public:

  416. 	async_file_handler(std::string const &path,booster::shared_ptr<cppcms::http::context> c) : 

  417. 		f(path.c_str(),std::ios_base::binary),

  418. 		ctx(c)

  419. 	{ 

  420. 	}

  421. 	typedef booster::intrusive_ptr<async_file_handler> pointer_type;

  422. 	void go()

  423. 	{

  424. 		if(!f) {

  425. 			ctx->response().set_html_header();

  426. 			ctx->response().make_error_response(404);

  427. 			ctx->async_complete_response();

  428. 		}

  429. 		else {

  430. 			ctx->response();

  431. 			(*this)(cppcms::http::context::operation_completed);

  432. 		}

  433. 		

  434. 	}

  435. 	void operator()(cppcms::http::context::completion_type c)

  436. 	{

  437. 		if(c!=cppcms::http::context::operation_completed) 

  438. 			return;

  439. 		char buf[4096];

  440. 		size_t total = 0;

  441. 		while(!f.eof() && total < 65536) {

  442. 			f.read(buf,sizeof(buf));

  443. 			size_t n = f.gcount();

  444. 			total += n;

  445. 			ctx->response().out().write(buf,n);

  446. 		}

  447. 		if(f.eof())

  448. 			ctx->async_complete_response();

  449. 		else

  450. 			ctx->async_flush_output(pointer_type(this));

  451. 	}

  452. private:

  453. 	booster::nowide::ifstream f;

  454. 	booster::shared_ptr<cppcms::http::context> ctx;

  455. };

  456. 

  457. } // file_server_detail

  458. 

  459. void file_server::main(std::string file_name)

  460. {

  461. 	std::string path;

  462. 

  463. 	if(!check_in_document_root(file_name,path)) {

  464. 		show404();

  465. 		return;

  466. 	}

  467. 

  468. 	int s=file_mode(path);

  469. 	

  470. 	if((s & S_IFDIR)) {

  471. 		std::string path2;

  472. 		int mode_2=0;

  473. 	

  474. 		bool have_index = check_in_document_root(file_name+"/" + index_file_ ,path2);

  475. 		if(have_index) {

  476. 			mode_2 = file_mode(path2);

  477. 			have_index = (mode_2  & S_IFREG) != 0;

  478. 		}

  479. 

  480. 		if(     !file_name.empty() 

  481. 			&& file_name[file_name.size()-1]!='/'  // not ending with "/" as should

  482. 			&& (have_index || list_directories_)

  483. 		) 

  484. 		{

  485. 			response().set_redirect_header(file_name + "/");

  486. 			response().out()<<std::flush;

  487. 			return;

  488. 		}

  489. 		if(have_index) {

  490. 			path = path2;

  491. 			s=mode_2;

  492. 		}

  493. 		else {

  494. 			if(list_directories_) 

  495. 				list_dir(file_name,path);

  496. 			else

  497. 				show404();

  498. 			return;

  499. 		}

  500. 

  501. 	}

  502. 

  503. 	if(!(s & S_IFREG)) {

  504. 		show404();

  505. 		return;

  506. 	}

  507. 		

  508. 	std::string ext;

  509. 	size_t pos = path.rfind('.');

  510. 	if(pos != std::string::npos)

  511. 		ext=path.substr(pos);

  512. 

  513. 	mime_type::const_iterator p=mime_.find(ext);

  514. 	if(p!=mime_.end()) 

  515. 		response().content_type(p->second);

  516. 	else

  517. 		response().content_type("application/octet-stream");

  518. 

  519. 	if(!allow_deflate_ && !async_) {

  520. 		response().io_mode(http::response::nogzip);

  521. 	}

  522. 

  523. 	if(async_) {

  524. 		file_server_detail::async_file_handler::pointer_type p=new file_server_detail::async_file_handler(path,release_context());

  525. 		p->go();

  526. 	}

  527. 	else {

  528. 		booster::nowide::ifstream file(path.c_str(),std::ios_base::binary);

  529. 		if(!file) {

  530. 			show404();

  531. 			return;

  532. 		}

  533. 		response().out()<<file.rdbuf(); // write stream to stream

  534. 	}

  535. }

  536. 

  537. void file_server::show404()

  538. {

  539. 	response().set_html_header();

  540. 	response().make_error_response(404);

  541. }

  542. 

  543. 

  544. } // impl

  545. } // cppcms