[disorder] / server / cgi.c

/*
 * This file is part of DisOrder.
 * Copyright (C) 2004-2008 Richard Kettlewell
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
 * USA
 */

#include <config.h>
#include "types.h"

#include <string.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/stat.h>
#include <stddef.h>
#include <fcntl.h>
#include <unistd.h>
#include <pcre.h>
#include <limits.h>
#include <fnmatch.h>
#include <ctype.h>

#include "mem.h"
#include "log.h"
#include "hex.h"
#include "charset.h"
#include "configuration.h"
#include "table.h"
#include "syscalls.h"
#include "kvp.h"
#include "vector.h"
#include "split.h"
#include "inputline.h"
#include "regsub.h"
#include "defs.h"
#include "sink.h"
#include "cgi.h"
#include "printf.h"
#include "mime.h"
#include "unicode.h"
#include "hash.h"

struct kvp *cgi_args;

/* options */
struct column {
  struct column *next;
  char *name;
  int ncolumns;
  char **columns;
};

/* macros */
struct cgi_macro {
  int nargs;
  char **args;
  const char *value;
};

static hash *cgi_macros;

/** @brief Parse of a template */
struct cgi_element {
  /** @brief Next element */
  struct cgi_element *next;

  /** @brief Element type */
  int type;
#define ELEMENT_TEXT 0
#define ELEMENT_EXPANSION 1

  /** @brief Line number at start of element */
  int line;
  
  /** @brief Plain text */
  char *text;

  /** @brief Expansion name */
  char *name;

  /** @brief Argument count */
  int nargs;

  /** @brief Argument values (NOT recursively expanded) */
  char **args;
};

#define RELIST(x) struct re *x, **x##_tail = &x

static int have_read_options;
static struct kvp *labels;
static struct column *columns;

static void include_options(const char *name);
static void cgi_expand_parsed(const char *name,
			      struct cgi_element *head,
			      const struct cgi_expansion *expansions,
			      size_t nexpansions,
			      cgi_sink *output,
			      void *u);

static void cgi_parse_get(void) {
  const char *q;

  if(!(q = getenv("QUERY_STRING"))) fatal(0, "QUERY_STRING not set");
  cgi_args = kvp_urldecode(q, strlen(q));
}

static void cgi_input(char **ptrp, size_t *np) {
  const char *cl;
  char *q;
  size_t n, m = 0;
  int r;

  if(!(cl = getenv("CONTENT_LENGTH"))) fatal(0, "CONTENT_LENGTH not set");
  n = atol(cl);
  q = xmalloc_noptr(n + 1);
  while(m < n) {
    r = read(0, q + m, n - m);
    if(r > 0)
      m += r;
    else if(r == 0)
      fatal(0, "unexpected end of file reading request body");
    else switch(errno) {
    case EINTR: break;
    default: fatal(errno, "error reading request body");
    }
  }
  if(memchr(q, 0, n)) fatal(0, "null character in request body");
  q[n + 1] = 0;
  *ptrp = q;
  if(np) *np = n;
}

static int cgi_field_callback(const char *name, const char *value,
			      void *u) {
  char *disposition, *pname, *pvalue;
  char **namep = u;

  if(!strcmp(name, "content-disposition")) {
    if(mime_rfc2388_content_disposition(value,
					&disposition,
					&pname,
					&pvalue))
      fatal(0, "error parsing Content-Disposition field");
    if(!strcmp(disposition, "form-data")
       && pname
       && !strcmp(pname, "name")) {
      if(*namep)
	fatal(0, "duplicate Content-Disposition field");
      *namep = pvalue;
    }
  }
  return 0;
}

static int cgi_part_callback(const char *s,
			     void attribute((unused)) *u) {
  char *name = 0;
  struct kvp *k;
  
  if(!(s = mime_parse(s, cgi_field_callback, &name)))
    fatal(0, "error parsing part header");
  if(!name) fatal(0, "no name found");
  k = xmalloc(sizeof *k);
  k->next = cgi_args;
  k->name = name;
  k->value = s;
  cgi_args = k;
  return 0;
}

static void cgi_parse_multipart(const char *boundary) {
  char *q;
  
  cgi_input(&q, 0);
  if(mime_multipart(q, cgi_part_callback, boundary, 0))
    fatal(0, "invalid multipart object");
}

static void cgi_parse_post(void) {
  const char *ct, *boundary;
  char *q, *type;
  size_t n;
  struct kvp *k;

  if(!(ct = getenv("CONTENT_TYPE")))
    ct = "application/x-www-form-urlencoded";
  if(mime_content_type(ct, &type, &k))
    fatal(0, "invalid content type '%s'", ct);
  if(!strcmp(type, "application/x-www-form-urlencoded")) {
    cgi_input(&q, &n);
    cgi_args = kvp_urldecode(q, n);
    return;
  }
  if(!strcmp(type, "multipart/form-data")) {
    if(!(boundary = kvp_get(k, "boundary")))
      fatal(0, "no boundary parameter found");
    cgi_parse_multipart(boundary);
    return;
  }
  fatal(0, "unrecognized content type '%s'", type);
}

void cgi_parse(void) {
  const char *p;
  struct kvp *k;

  if(!(p = getenv("REQUEST_METHOD"))) fatal(0, "REQUEST_METHOD not set");
  if(!strcmp(p, "GET"))
    cgi_parse_get();
  else if(!strcmp(p, "POST"))
    cgi_parse_post();
  else
    fatal(0, "unknown request method %s", p);
  for(k = cgi_args; k; k = k->next)
    if(!utf8_valid(k->name, strlen(k->name))
       || !utf8_valid(k->value, strlen(k->value)))
      fatal(0, "invalid UTF-8 sequence in cgi argument");
}

const char *cgi_get(const char *name) {
  return kvp_get(cgi_args, name);
}

void cgi_output(cgi_sink *output, const char *fmt, ...) {
  va_list ap;
  int n;
  char *r;

  va_start(ap, fmt);
  n = byte_vasprintf(&r, fmt, ap);
  if(n < 0)
    fatal(errno, "error calling byte_vasprintf");
  if(output->quote)
    r = cgi_sgmlquote(r, 0);
  output->sink->write(output->sink, r, strlen(r));
  va_end(ap);
}

void cgi_header(struct sink *output, const char *name, const char *value) {
  sink_printf(output, "%s: %s\r\n", name, value);
}

void cgi_body(struct sink *output) {
  sink_printf(output, "\r\n");
}

char *cgi_sgmlquote(const char *s, int raw) {
  uint32_t *ucs, *p, c;
  char *b, *bp;
  int n;

  if(!raw) {
    if(!(ucs = utf8_to_utf32(s, strlen(s), 0))) exit(EXIT_FAILURE);
  } else {
    ucs = xmalloc_noptr((strlen(s) + 1) * sizeof(uint32_t));
    for(n = 0; s[n]; ++n)
      ucs[n] = (unsigned char)s[n];
    ucs[n] = 0;
  }

  n = 1;
  /* estimate the length we'll need */
  for(p = ucs; (c = *p); ++p) {
    switch(c) {
    default:
      if(c > 127 || c < 32) {
      case '"':
      case '&':
      case '<':
      case '>':
	n += 12;
	break;
      } else
	n++;
    }
  }
  /* format the string */
  b = bp = xmalloc_noptr(n);
  for(p = ucs; (c = *p); ++p) {
    switch(c) {
    default:
      if(*p > 127 || *p < 32) {
      case '"':
      case '&':
      case '<':
      case '>':
	bp += sprintf(bp, "&#%lu;", (unsigned long)c);
	break;
      } else
	*bp++ = c;
    }
  }
  *bp = 0;
  return b;
}

void cgi_attr(struct sink *output, const char *name, const char *value) {
  if(!value[strspn(value, "abcdefghijklmnopqrstuvwxyz"
		   "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
		   "0123456789")])
    sink_printf(output, "%s=%s", name, value);
  else
    sink_printf(output, "%s=\"%s\"", name, cgi_sgmlquote(value, 0));
}

void cgi_opentag(struct sink *output, const char *name, ...) {
  va_list ap;
  const char *n, *v;
   
  sink_printf(output, "<%s", name);
  va_start(ap, name);
  while((n = va_arg(ap, const char *))) {
    sink_printf(output, " ");
    v = va_arg(ap, const char *);
    if(v)
      cgi_attr(output, n, v);
    else
      sink_printf(output, n);
  }
  sink_printf(output, ">");
}

void cgi_closetag(struct sink *output, const char *name) {
  sink_printf(output, "</%s>", name);
}

static int template_open(const char *name,
			 const char *ext,
			 const char **filenamep) {
  const char *dirs[2];
  int fd = -1, n;
  char *fullpath;

  dirs[0] = pkgconfdir;
  dirs[1] = pkgdatadir;
  if(name[0] == '/') {
    if((fd = open(name, O_RDONLY)) < 0) fatal(0, "cannot open %s", name);
    *filenamep = name;
  } else {
    for(n = 0; n < config->templates.n + (int)(sizeof dirs / sizeof *dirs); ++n) {
      byte_xasprintf(&fullpath, "%s/%s%s",
		     n < config->templates.n ? config->templates.s[n]
		                             : dirs[n - config->templates.n],
		     name, ext);
      if((fd = open(fullpath, O_RDONLY)) >= 0) break;
    }
    if(fd < 0) error(0, "cannot find %s%s in template path", name, ext);
    *filenamep = fullpath;
  }
  return fd;
}

static int valid_template_name(const char *name) {
  if(strchr(name, '/') || name[0] == '.')
    return 0;
  return 1;
}

void cgi_expand(const char *template,
		const struct cgi_expansion *expansions,
		size_t nexpansions,
		cgi_sink *output,
		void *u) {
  int fd = -1;
  int n;
  off_t m;
  char *b;
  struct stat sb;

  if(!valid_template_name(template))
    fatal(0, "invalid template name '%s'", template);
  if((fd = template_open(template, ".html", &template)) < 0)
    exitfn(EXIT_FAILURE);
  if(fstat(fd, &sb) < 0) fatal(errno, "cannot stat %s", template);
  m = 0;
  b = xmalloc_noptr(sb.st_size + 1);
  while(m < sb.st_size) {
    n = read(fd, b + m, sb.st_size - m);
    if(n > 0) m += n;
    else if(n == 0) fatal(0, "unexpected EOF reading %s", template);
    else if(errno != EINTR) fatal(errno, "error reading %s", template);
  }
  b[sb.st_size] = 0;
  xclose(fd);
  cgi_expand_string(template, b, expansions, nexpansions, output, u);
}

/** @brief Return a linked list of the parse of @p template */
static struct cgi_element *cgi_parse_string(const char *name,
					    const char *template) {
  int braces, line = 1, sline;
  const char *p;
  struct vector v;
  struct dynstr d;
  struct cgi_element *head = 0, **tailp = &head, *e;

  while(*template) {
    if(*template != '@') {
      sline = line;
      dynstr_init(&d);
      /* Gather up text without any expansions in. */
      while(*template && *template != '@') {
	if(*template == '\n')
	  ++line;
	dynstr_append(&d, *template++);
      }
      dynstr_terminate(&d);
      e = xmalloc(sizeof *e);
      e->next = 0;
      e->line = sline;
      e->type = ELEMENT_TEXT;
      e->text = d.vec;
      *tailp = e;
      tailp = &e->next;
      continue;
    }
    vector_init(&v);
    braces = 0;
    p = template;
    ++template;
    sline = line;
    while(*template != '@') {
      /* Skip whitespace */
      while(isspace((unsigned char)*template))
	++template;
      dynstr_init(&d);
      if(*template == '{') {
	/* bracketed arg */
	++template;
	while(*template && (*template != '}' || braces > 0)) {
	  switch(*template) {
	  case '{': ++braces; break;
	  case '}': --braces; break;
	  case '\n': ++line; break;
	  }
	  dynstr_append(&d, *template++);
	}
	if(!*template) fatal(0, "%s:%d: unterminated expansion '%.*s'",
			     name, sline, (int)(template - p), p);
	++template;
	if(isspace((unsigned char)*template)) {
	  /* We have @{...}<WHITESPACE><SOMETHING> */
	  for(p = template; isspace((unsigned char)*p); ++p)
	    ;
	  /* Now we are looking at <SOMETHING>.  If it's "{" then that
	   * must be the next argument.  Otherwise we infer that this
	   * is really the end of the expansion. */
	  if(*p != '{')
	    goto finished_expansion;
	}
      } else {
	/* unbracketed arg */
	while(*template
	      && *template != '@' && *template != '{' && *template != ':') {
	  if(*template == '\n') ++line;
	  dynstr_append(&d, *template++);
	}
	if(*template == ':')
	  ++template;
	if(!*template) fatal(0, "%s:%d: unterminated expansion '%.*s'",
			     name, sline, (int)(template - p), p);
	/* trailing whitespace is not significant in unquoted args */
	while(d.nvec && (isspace((unsigned char)d.vec[d.nvec - 1])))
	  --d.nvec;
      }
      dynstr_terminate(&d);
      vector_append(&v, d.vec);
    }
    ++template;
    finished_expansion:
    vector_terminate(&v);
    /* @@ terminates this file */
    if(v.nvec == 0)
      break;
    e = xmalloc(sizeof *e);
    e->next = 0;
    e->line = sline;
    e->type = ELEMENT_EXPANSION;
    e->name = v.vec[0];
    e->nargs = v.nvec - 1;
    e->args = &v.vec[1];
    *tailp = e;
    tailp = &e->next;
  }
  return head;
}

void cgi_expand_string(const char *name,
		       const char *template,
		       const struct cgi_expansion *expansions,
		       size_t nexpansions,
		       cgi_sink *output,
		       void *u) {
  cgi_expand_parsed(name, cgi_parse_string(name, template),
		    expansions, nexpansions, output, u);
}

static void cgi_expand_parsed(const char *name,
			      struct cgi_element *head,
			      const struct cgi_expansion *expansions,
			      size_t nexpansions,
			      cgi_sink *output,
			      void *u) {
  int n, m;
  char *argname;
  struct dynstr d;
  cgi_sink parameter_output;
  const struct cgi_macro *macro;

  struct cgi_element *e;

  for(e = head; e; e = e->next) {
    switch(e->type) {
    case ELEMENT_TEXT:
      output->sink->write(output->sink, e->text, strlen(e->text));
      break;
    case ELEMENT_EXPANSION:
      if((n = table_find(expansions,
			 offsetof(struct cgi_expansion, name),
			 sizeof (struct cgi_expansion),
			 nexpansions,
			 e->name)) >= 0) {
	/* We found a built-in */
	if(e->nargs < expansions[n].minargs)
	  fatal(0, "%s:%d: insufficient arguments to @%s@ (min %d, got %d)",
		name, e->line, e->name, expansions[n].minargs, e->nargs);
	if(e->nargs > expansions[n].maxargs)
	  fatal(0, "%s:%d: too many arguments to @%s@ (max %d, got %d)",
		name, e->line, e->name, expansions[n].maxargs, e->nargs);
	/* for ordinary expansions, recursively expand the arguments */
	if(!(expansions[n].flags & EXP_MAGIC)) {
	  for(m = 0; m < e->nargs; ++m) {
	    dynstr_init(&d);
	    byte_xasprintf(&argname, "<%s:%d arg #%d>", name, e->line, m);
	    parameter_output.quote = 0;
	    parameter_output.sink = sink_dynstr(&d);
	    cgi_expand_string(argname, e->args[m],
			      expansions, nexpansions,
			      &parameter_output, u);
	    dynstr_terminate(&d);
	    e->args[m] = d.vec;
	  }
	}
	expansions[n].handler(e->nargs, e->args, output, u);
      } else if(cgi_macros && (macro = hash_find(cgi_macros, e->name))) {
	/* We found a macro */
	if(e->nargs != macro->nargs)
	  fatal(0, "%s:%d: wrong number of arguments to @%s@ (need %d, got %d)",
		name, e->line, e->name, macro->nargs, e->nargs);
	/* We must substitute in argument values */
	/* TODO  */
	cgi_expand_string(e->name,
			  macro->value,
			  expansions,
			  nexpansions,
			  output,
			  u);
      } else {
	/* Totally undefined */
	fatal(0, "%s:%d: unknown expansion '%s'", name, e->line, e->name);
      }
      break;
    }
  }
}

char *cgi_makeurl(const char *url, ...) {
  va_list ap;
  struct kvp *kvp, *k, **kk = &kvp;
  struct dynstr d;
  const char *n, *v;
  
  dynstr_init(&d);
  dynstr_append_string(&d, url);
  va_start(ap, url);
  while((n = va_arg(ap, const char *))) {
    v = va_arg(ap, const char *);
    *kk = k = xmalloc(sizeof *k);
    kk = &k->next;
    k->name = n;
    k->value = v;
  }
  *kk = 0;
  if(kvp) {
    dynstr_append(&d, '?');
    dynstr_append_string(&d, kvp_urlencode(kvp, 0));
  }
  dynstr_terminate(&d);
  return d.vec;
}

void cgi_set_option(const char *name, const char *value) {
  struct kvp *k = xmalloc(sizeof *k);

  k->next = labels;
  k->name = name;
  k->value = value;
  labels = k;
}

static void option_label(int attribute((unused)) nvec,
			 char **vec) {
  cgi_set_option(vec[0], vec[1]);
}

static void option_include(int attribute((unused)) nvec,
			   char **vec) {
  include_options(vec[0]);
}

static void option_columns(int nvec,
			    char **vec) {
  struct column *c = xmalloc(sizeof *c);
  
  c->next = columns;
  c->name = vec[0];
  c->ncolumns = nvec - 1;
  c->columns = &vec[1];
  columns = c;
}

static struct option {
  const char *name;
  int minargs, maxargs;
  void (*handler)(int nvec, char **vec);
} options[] = {
  { "columns", 1, INT_MAX, option_columns },
  { "include", 1, 1, option_include },
  { "label", 2, 2, option_label },
};

struct read_options_state {
  const char *name;
  int line;
};

static void read_options_error(const char *msg,
			       void *u) {
  struct read_options_state *cs = u;
  
  error(0, "%s:%d: %s", cs->name, cs->line, msg);
}

static void include_options(const char *name) {
  int n, i;
  int fd;
  FILE *fp;
  char **vec, *buffer;
  struct read_options_state cs;

  if((fd = template_open(name, "", &cs.name)) < 0) return;
  if(!(fp = fdopen(fd, "r"))) fatal(errno, "error calling fdopen");
  cs.line = 0;
  while(!inputline(cs.name, fp, &buffer, '\n')) {
    ++cs.line;
    if(!(vec = split(buffer, &n, SPLIT_COMMENTS|SPLIT_QUOTES,
		     read_options_error, &cs)))
      continue;
    if(!n) continue;
    if((i = TABLE_FIND(options, struct option, name, vec[0])) == -1) {
      error(0, "%s:%d: unknown option '%s'", cs.name, cs.line, vec[0]);
      continue;
    }
    ++vec;
    --n;
    if(n < options[i].minargs) {
      error(0, "%s:%d: too few arguments to '%s'", cs.name, cs.line, vec[-1]);
      continue;
    }
    if(n > options[i].maxargs) {
      error(0, "%s:%d: too many arguments to '%s'", cs.name, cs.line, vec[-1]);
      continue;
    }
    options[i].handler(n, vec);
  }
  fclose(fp);
}

static void read_options(void) {
  if(!have_read_options) {
    have_read_options = 1;
    include_options("options");
  }
}

const char *cgi_label(const char *key) {
  const char *label;

  read_options();
  if(!(label = kvp_get(labels, key))) {
    /* No label found */
    if(!strncmp(key, "images.", 7)) {
      static const char *url_static;
      /* images.X defaults to <url.static>X.png */

      if(!url_static)
	url_static = cgi_label("url.static");
      byte_xasprintf((char **)&label, "%s%s.png", url_static, key + 7);
    } else if((label = strchr(key, '.')))
      /* X.Y defaults to Y */
      ++label;
    else
      /* otherwise default to label name */
      label = key;
  }
  return label;
}

int cgi_label_exists(const char *key) {
  read_options();
  return kvp_get(labels, key) ? 1 : 0;
}

char **cgi_columns(const char *name, int *ncolumns) {
  struct column *c;

  read_options();
  for(c = columns; c && strcmp(name, c->name); c = c->next)
    ;
  if(c) {
    if(ncolumns)
      *ncolumns = c->ncolumns;
    return c->columns;
  } else {
    if(ncolumns)
      *ncolumns = 0;
    return 0;
  }
}

void cgi_define(const char *name,
		int nargs,
		char **args,
		const char *value) {
  struct cgi_macro m;

  if(!cgi_macros)
    cgi_macros = hash_new(sizeof(struct cgi_macro));
  m.nargs = nargs;
  m.args = args;
  m.value = value;
  hash_add(cgi_macros, name, &m, HASH_INSERT_OR_REPLACE);
}

/*
Local Variables:
c-basic-offset:2
comment-column:40
End:
*/
Commit	Line	Data
460b9539	1	/*
460b9539	2	* This file is part of DisOrder.
5aff007d	3	* Copyright (C) 2004-2008 Richard Kettlewell
460b9539	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License as published by
	7	* the Free Software Foundation; either version 2 of the License, or
	8	* (at your option) any later version.
	9	*
	10	* This program is distributed in the hope that it will be useful, but
	11	* WITHOUT ANY WARRANTY; without even the implied warranty of
	12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	* General Public License for more details.
	14	*
	15	* You should have received a copy of the GNU General Public License
	16	* along with this program; if not, write to the Free Software
	17	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
	18	* USA
	19	*/
	20
	21	#include <config.h>
	22	#include "types.h"
	23
	24	#include <string.h>
	25	#include <stdio.h>
	26	#include <unistd.h>
	27	#include <stdlib.h>
	28	#include <errno.h>
	29	#include <sys/stat.h>
	30	#include <stddef.h>
	31	#include <fcntl.h>
	32	#include <unistd.h>
	33	#include <pcre.h>
	34	#include <limits.h>
	35	#include <fnmatch.h>
	36	#include <ctype.h>
	37
	38	#include "mem.h"
	39	#include "log.h"
	40	#include "hex.h"
	41	#include "charset.h"
	42	#include "configuration.h"
	43	#include "table.h"
	44	#include "syscalls.h"
	45	#include "kvp.h"
	46	#include "vector.h"
	47	#include "split.h"
	48	#include "inputline.h"
	49	#include "regsub.h"
	50	#include "defs.h"
	51	#include "sink.h"
	52	#include "cgi.h"
	53	#include "printf.h"
	54	#include "mime.h"
18cda350	55	#include "unicode.h"
3dddcfa4	56	#include "hash.h"
460b9539	57
	58	struct kvp *cgi_args;
	59
	60	/* options */
	61	struct column {
	62	struct column *next;
	63	char *name;
	64	int ncolumns;
	65	char **columns;
	66	};
	67
3dddcfa4 RK	68	/* macros */
	69	struct cgi_macro {
	70	int nargs;
	71	char **args;
	72	const char *value;
	73	};
	74
	75	static hash *cgi_macros;
	76
c582f1e8 RK	77	/** @brief Parse of a template */
	78	struct cgi_element {
	79	/** @brief Next element */
	80	struct cgi_element *next;
	81
	82	/** @brief Element type */
	83	int type;
	84	#define ELEMENT_TEXT 0
	85	#define ELEMENT_EXPANSION 1
	86
	87	/** @brief Line number at start of element */
	88	int line;
	89
	90	/** @brief Plain text */
	91	char *text;
	92
	93	/** @brief Expansion name */
	94	char *name;
	95
	96	/** @brief Argument count */
	97	int nargs;
	98
	99	/** @brief Argument values (NOT recursively expanded) */
	100	char **args;
	101	};
	102
460b9539	103	#define RELIST(x) struct re x, *x##_tail = &x
	104
	105	static int have_read_options;
	106	static struct kvp *labels;
	107	static struct column *columns;
	108
	109	static void include_options(const char *name);
697a6f13 RK	110	static void cgi_expand_parsed(const char *name,
	111	struct cgi_element *head,
	112	const struct cgi_expansion *expansions,
	113	size_t nexpansions,
	114	cgi_sink *output,
	115	void *u);
460b9539	116
	117	static void cgi_parse_get(void) {
	118	const char *q;
	119
	120	if(!(q = getenv("QUERY_STRING"))) fatal(0, "QUERY_STRING not set");
	121	cgi_args = kvp_urldecode(q, strlen(q));
	122	}
	123
	124	static void cgi_input(char *ptrp, size_t np) {
	125	const char *cl;
	126	char *q;
	127	size_t n, m = 0;
	128	int r;
	129
	130	if(!(cl = getenv("CONTENT_LENGTH"))) fatal(0, "CONTENT_LENGTH not set");
	131	n = atol(cl);
	132	q = xmalloc_noptr(n + 1);
	133	while(m < n) {
	134	r = read(0, q + m, n - m);
	135	if(r > 0)
	136	m += r;
	137	else if(r == 0)
	138	fatal(0, "unexpected end of file reading request body");
	139	else switch(errno) {
	140	case EINTR: break;
	141	default: fatal(errno, "error reading request body");
	142	}
	143	}
	144	if(memchr(q, 0, n)) fatal(0, "null character in request body");
	145	q[n + 1] = 0;
	146	*ptrp = q;
	147	if(np) *np = n;
	148	}
	149
	150	static int cgi_field_callback(const char name, const char value,
	151	void *u) {
	152	char disposition, pname, *pvalue;
	153	char **namep = u;
	154
	155	if(!strcmp(name, "content-disposition")) {
	156	if(mime_rfc2388_content_disposition(value,
	157	&disposition,
	158	&pname,
	159	&pvalue))
	160	fatal(0, "error parsing Content-Disposition field");
	161	if(!strcmp(disposition, "form-data")
	162	&& pname
	163	&& !strcmp(pname, "name")) {
	164	if(*namep)
	165	fatal(0, "duplicate Content-Disposition field");
	166	*namep = pvalue;
	167	}
	168	}
	169	return 0;
	170	}
	171
	172	static int cgi_part_callback(const char *s,
	173	void attribute((unused)) *u) {
	174	char *name = 0;
	175	struct kvp *k;
	176
	177	if(!(s = mime_parse(s, cgi_field_callback, &name)))
	178	fatal(0, "error parsing part header");
	179	if(!name) fatal(0, "no name found");
180	k = xmalloc(sizeof *k);
181	k->next = cgi_args;
182	k->name = name;
183	k->value = s;
184	cgi_args = k;
185	return 0;
186	}
187
188	static void cgi_parse_multipart(const char *boundary) {
189	char *q;
190
191	cgi_input(&q, 0);
192	if(mime_multipart(q, cgi_part_callback, boundary, 0))
193	fatal(0, "invalid multipart object");
194	}
195
196	static void cgi_parse_post(void) {
9bce81d1	197	const char ct, boundary;
9bce81d1	198	char q, type;
460b9539	199	size_t n;
9bce81d1	200	struct kvp *k;
460b9539	201
	202	if(!(ct = getenv("CONTENT_TYPE")))
	203	ct = "application/x-www-form-urlencoded";
9bce81d1	204	if(mime_content_type(ct, &type, &k))
460b9539	205	fatal(0, "invalid content type '%s'", ct);
	206	if(!strcmp(type, "application/x-www-form-urlencoded")) {
	207	cgi_input(&q, &n);
	208	cgi_args = kvp_urldecode(q, n);
	209	return;
	210	}
	211	if(!strcmp(type, "multipart/form-data")) {
9bce81d1	212	if(!(boundary = kvp_get(k, "boundary")))
	213	fatal(0, "no boundary parameter found");
	214	cgi_parse_multipart(boundary);
460b9539	215	return;
	216	}
	217	fatal(0, "unrecognized content type '%s'", type);
	218	}
	219
	220	void cgi_parse(void) {
	221	const char *p;
	222	struct kvp *k;
	223
	224	if(!(p = getenv("REQUEST_METHOD"))) fatal(0, "REQUEST_METHOD not set");
	225	if(!strcmp(p, "GET"))
	226	cgi_parse_get();
	227	else if(!strcmp(p, "POST"))
	228	cgi_parse_post();
	229	else
	230	fatal(0, "unknown request method %s", p);
	231	for(k = cgi_args; k; k = k->next)
18cda350 RK	232	if(!utf8_valid(k->name, strlen(k->name))
18cda350 RK	233	\|\| !utf8_valid(k->value, strlen(k->value)))
460b9539	234	fatal(0, "invalid UTF-8 sequence in cgi argument");
	235	}
	236
	237	const char cgi_get(const char name) {
	238	return kvp_get(cgi_args, name);
	239	}
	240
	241	void cgi_output(cgi_sink output, const char fmt, ...) {
	242	va_list ap;
	243	int n;
	244	char *r;
	245
	246	va_start(ap, fmt);
	247	n = byte_vasprintf(&r, fmt, ap);
	248	if(n < 0)
	249	fatal(errno, "error calling byte_vasprintf");
	250	if(output->quote)
	251	r = cgi_sgmlquote(r, 0);
	252	output->sink->write(output->sink, r, strlen(r));
	253	va_end(ap);
	254	}
	255
	256	void cgi_header(struct sink output, const char name, const char *value) {
	257	sink_printf(output, "%s: %s\r\n", name, value);
	258	}
	259
	260	void cgi_body(struct sink *output) {
	261	sink_printf(output, "\r\n");
	262	}
	263
	264	char cgi_sgmlquote(const char s, int raw) {
	265	uint32_t ucs, p, c;
	266	char b, bp;
	267	int n;
	268
	269	if(!raw) {
caecd4f4	270	if(!(ucs = utf8_to_utf32(s, strlen(s), 0))) exit(EXIT_FAILURE);
460b9539	271	} else {
	272	ucs = xmalloc_noptr((strlen(s) + 1) * sizeof(uint32_t));
	273	for(n = 0; s[n]; ++n)
	274	ucs[n] = (unsigned char)s[n];
	275	ucs[n] = 0;
	276	}
	277
	278	n = 1;
	279	/* estimate the length we'll need */
	280	for(p = ucs; (c = *p); ++p) {
	281	switch(c) {
	282	default:
	283	if(c > 127 \|\| c < 32) {
	284	case '"':
	285	case '&':
	286	case '<':
	287	case '>':
	288	n += 12;
	289	break;
	290	} else
	291	n++;
	292	}
	293	}
	294	/* format the string */
	295	b = bp = xmalloc_noptr(n);
	296	for(p = ucs; (c = *p); ++p) {
	297	switch(c) {
	298	default:
	299	if(p > 127 \|\| p < 32) {
	300	case '"':
	301	case '&':
	302	case '<':
	303	case '>':
	304	bp += sprintf(bp, "&#%lu;", (unsigned long)c);
	305	break;
	306	} else
	307	*bp++ = c;
	308	}
	309	}
	310	*bp = 0;
	311	return b;
	312	}
	313
	314	void cgi_attr(struct sink output, const char name, const char *value) {
	315	if(!value[strspn(value, "abcdefghijklmnopqrstuvwxyz"
	316	"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
	317	"0123456789")])
	318	sink_printf(output, "%s=%s", name, value);
	319	else
	320	sink_printf(output, "%s=\"%s\"", name, cgi_sgmlquote(value, 0));
	321	}
	322
	323	void cgi_opentag(struct sink output, const char name, ...) {
	324	va_list ap;
	325	const char n, v;
	326
	327	sink_printf(output, "<%s", name);
	328	va_start(ap, name);
	329	while((n = va_arg(ap, const char *))) {
	330	sink_printf(output, " ");
	331	v = va_arg(ap, const char *);
	332	if(v)
	333	cgi_attr(output, n, v);
	334	else
335	sink_printf(output, n);
336	}
337	sink_printf(output, ">");
338	}
339
340	void cgi_closetag(struct sink output, const char name) {
341	sink_printf(output, "</%s>", name);
342	}
343
344	static int template_open(const char *name,
345	const char *ext,
346	const char **filenamep) {
347	const char *dirs[2];
348	int fd = -1, n;
349	char *fullpath;
350
351	dirs[0] = pkgconfdir;
352	dirs[1] = pkgdatadir;
353	if(name[0] == '/') {
354	if((fd = open(name, O_RDONLY)) < 0) fatal(0, "cannot open %s", name);
355	*filenamep = name;
356	} else {
357	for(n = 0; n < config->templates.n + (int)(sizeof dirs / sizeof *dirs); ++n) {
358	byte_xasprintf(&fullpath, "%s/%s%s",
359	n < config->templates.n ? config->templates.s[n]
360	: dirs[n - config->templates.n],
361	name, ext);
362	if((fd = open(fullpath, O_RDONLY)) >= 0) break;
363	}
364	if(fd < 0) error(0, "cannot find %s%s in template path", name, ext);
365	*filenamep = fullpath;
366	}
367	return fd;
368	}
369
370	static int valid_template_name(const char *name) {
371	if(strchr(name, '/') \|\| name[0] == '.')
372	return 0;
373	return 1;
374	}
375
376	void cgi_expand(const char *template,
377	const struct cgi_expansion *expansions,
378	size_t nexpansions,
379	cgi_sink *output,
380	void *u) {
381	int fd = -1;
382	int n;
383	off_t m;
384	char *b;
385	struct stat sb;
386
387	if(!valid_template_name(template))
388	fatal(0, "invalid template name '%s'", template);
389	if((fd = template_open(template, ".html", &template)) < 0)
390	exitfn(EXIT_FAILURE);
391	if(fstat(fd, &sb) < 0) fatal(errno, "cannot stat %s", template);
392	m = 0;
393	b = xmalloc_noptr(sb.st_size + 1);
394	while(m < sb.st_size) {
395	n = read(fd, b + m, sb.st_size - m);
396	if(n > 0) m += n;
397	else if(n == 0) fatal(0, "unexpected EOF reading %s", template);
398	else if(errno != EINTR) fatal(errno, "error reading %s", template);
399	}
400	b[sb.st_size] = 0;
401	xclose(fd);
402	cgi_expand_string(template, b, expansions, nexpansions, output, u);
403	}
404
c582f1e8 RK	405	/** @brief Return a linked list of the parse of @p template */
	406	static struct cgi_element cgi_parse_string(const char name,
	407	const char *template) {
	408	int braces, line = 1, sline;
460b9539	409	const char *p;
	410	struct vector v;
	411	struct dynstr d;
c582f1e8 RK	412	struct cgi_element head = 0, tailp = &head, e;
c582f1e8 RK	413
460b9539	414	while(*template) {
460b9539	415	if(*template != '@') {
c582f1e8 RK	416	sline = line;
	417	dynstr_init(&d);
	418	/* Gather up text without any expansions in. */
	419	while(template && template != '@') {
	420	if(*template == '\n')
	421	++line;
	422	dynstr_append(&d, *template++);
460b9539	423	}
c582f1e8 RK	424	dynstr_terminate(&d);
	425	e = xmalloc(sizeof *e);
	426	e->next = 0;
	427	e->line = sline;
	428	e->type = ELEMENT_TEXT;
	429	e->text = d.vec;
	430	*tailp = e;
	431	tailp = &e->next;
460b9539	432	continue;
	433	}
	434	vector_init(&v);
	435	braces = 0;
c582f1e8	436	p = template;
460b9539	437	++template;
	438	sline = line;
	439	while(*template != '@') {
f6b388d0 RK	440	/* Skip whitespace */
	441	while(isspace((unsigned char)*template))
	442	++template;
460b9539	443	dynstr_init(&d);
	444	if(*template == '{') {
	445	/* bracketed arg */
	446	++template;
	447	while(template && (template != '}' \|\| braces > 0)) {
	448	switch(*template) {
	449	case '{': ++braces; break;
	450	case '}': --braces; break;
	451	case '\n': ++line; break;
	452	}
	453	dynstr_append(&d, *template++);
	454	}
c582f1e8 RK	455	if(!template) fatal(0, "%s:%d: unterminated expansion '%.s'",
c582f1e8 RK	456	name, sline, (int)(template - p), p);
460b9539	457	++template;
f6b388d0 RK	458	if(isspace((unsigned char)*template)) {
	459	/* We have @{...}<WHITESPACE><SOMETHING> */
	460	for(p = template; isspace((unsigned char)*p); ++p)
	461	;
	462	/* Now we are looking at <SOMETHING>. If it's "{" then that
	463	* must be the next argument. Otherwise we infer that this
	464	* is really the end of the expansion. */
	465	if(*p != '{')
	466	goto finished_expansion;
	467	}
460b9539	468	} else {
460b9539	469	/* unbracketed arg */
460b9539	470	while(*template
	471	&& template != '@' && template != '{' && *template != ':') {
	472	if(*template == '\n') ++line;
	473	dynstr_append(&d, *template++);
	474	}
	475	if(*template == ':')
	476	++template;
c582f1e8 RK	477	if(!template) fatal(0, "%s:%d: unterminated expansion '%.s'",
c582f1e8 RK	478	name, sline, (int)(template - p), p);
460b9539	479	/* trailing whitespace is not significant in unquoted args */
	480	while(d.nvec && (isspace((unsigned char)d.vec[d.nvec - 1])))
	481	--d.nvec;
	482	}
	483	dynstr_terminate(&d);
	484	vector_append(&v, d.vec);
	485	}
	486	++template;
c582f1e8	487	finished_expansion:
460b9539	488	vector_terminate(&v);
	489	/* @@ terminates this file */
	490	if(v.nvec == 0)
	491	break;
c582f1e8 RK	492	e = xmalloc(sizeof *e);
	493	e->next = 0;
	494	e->line = sline;
	495	e->type = ELEMENT_EXPANSION;
	496	e->name = v.vec[0];
	497	e->nargs = v.nvec - 1;
	498	e->args = &v.vec[1];
	499	*tailp = e;
	500	tailp = &e->next;
	501	}
	502	return head;
	503	}
	504
	505	void cgi_expand_string(const char *name,
	506	const char *template,
	507	const struct cgi_expansion *expansions,
	508	size_t nexpansions,
	509	cgi_sink *output,
	510	void *u) {
697a6f13 RK	511	cgi_expand_parsed(name, cgi_parse_string(name, template),
	512	expansions, nexpansions, output, u);
	513	}
	514
	515	static void cgi_expand_parsed(const char *name,
	516	struct cgi_element *head,
	517	const struct cgi_expansion *expansions,
	518	size_t nexpansions,
	519	cgi_sink *output,
	520	void *u) {
c582f1e8 RK	521	int n, m;
	522	char *argname;
	523	struct dynstr d;
	524	cgi_sink parameter_output;
	525	const struct cgi_macro *macro;
	526
	527	struct cgi_element *e;
	528
697a6f13	529	for(e = head; e; e = e->next) {
c582f1e8 RK	530	switch(e->type) {
	531	case ELEMENT_TEXT:
	532	output->sink->write(output->sink, e->text, strlen(e->text));
	533	break;
	534	case ELEMENT_EXPANSION:
	535	if((n = table_find(expansions,
	536	offsetof(struct cgi_expansion, name),
	537	sizeof (struct cgi_expansion),
	538	nexpansions,
	539	e->name)) >= 0) {
	540	/* We found a built-in */
	541	if(e->nargs < expansions[n].minargs)
	542	fatal(0, "%s:%d: insufficient arguments to @%s@ (min %d, got %d)",
	543	name, e->line, e->name, expansions[n].minargs, e->nargs);
	544	if(e->nargs > expansions[n].maxargs)
	545	fatal(0, "%s:%d: too many arguments to @%s@ (max %d, got %d)",
	546	name, e->line, e->name, expansions[n].maxargs, e->nargs);
	547	/* for ordinary expansions, recursively expand the arguments */
	548	if(!(expansions[n].flags & EXP_MAGIC)) {
	549	for(m = 0; m < e->nargs; ++m) {
	550	dynstr_init(&d);
	551	byte_xasprintf(&argname, "<%s:%d arg #%d>", name, e->line, m);
	552	parameter_output.quote = 0;
	553	parameter_output.sink = sink_dynstr(&d);
	554	cgi_expand_string(argname, e->args[m],
	555	expansions, nexpansions,
	556	&parameter_output, u);
	557	dynstr_terminate(&d);
	558	e->args[m] = d.vec;
	559	}
3dddcfa4	560	}
c582f1e8 RK	561	expansions[n].handler(e->nargs, e->args, output, u);
	562	} else if(cgi_macros && (macro = hash_find(cgi_macros, e->name))) {
	563	/* We found a macro */
	564	if(e->nargs != macro->nargs)
	565	fatal(0, "%s:%d: wrong number of arguments to @%s@ (need %d, got %d)",
	566	name, e->line, e->name, macro->nargs, e->nargs);
	567	/* We must substitute in argument values */
	568	/* TODO */
	569	cgi_expand_string(e->name,
	570	macro->value,
	571	expansions,
	572	nexpansions,
	573	output,
	574	u);
	575	} else {
	576	/* Totally undefined */
	577	fatal(0, "%s:%d: unknown expansion '%s'", name, e->line, e->name);
460b9539	578	}
c582f1e8	579	break;
460b9539	580	}
460b9539	581	}
	582	}
	583
	584	char cgi_makeurl(const char url, ...) {
	585	va_list ap;
	586	struct kvp kvp, k, **kk = &kvp;
	587	struct dynstr d;
	588	const char n, v;
	589
	590	dynstr_init(&d);
	591	dynstr_append_string(&d, url);
	592	va_start(ap, url);
	593	while((n = va_arg(ap, const char *))) {
	594	v = va_arg(ap, const char *);
	595	kk = k = xmalloc(sizeof k);
	596	kk = &k->next;
	597	k->name = n;
	598	k->value = v;
	599	}
	600	*kk = 0;
	601	if(kvp) {
	602	dynstr_append(&d, '?');
	603	dynstr_append_string(&d, kvp_urlencode(kvp, 0));
	604	}
	605	dynstr_terminate(&d);
	606	return d.vec;
	607	}
	608
	609	void cgi_set_option(const char name, const char value) {
	610	struct kvp k = xmalloc(sizeof k);
	611
	612	k->next = labels;
	613	k->name = name;
	614	k->value = value;
	615	labels = k;
	616	}
	617
	618	static void option_label(int attribute((unused)) nvec,
	619	char **vec) {
	620	cgi_set_option(vec[0], vec[1]);
	621	}
	622
	623	static void option_include(int attribute((unused)) nvec,
	624	char **vec) {
	625	include_options(vec[0]);
	626	}
	627
	628	static void option_columns(int nvec,
	629	char **vec) {
	630	struct column c = xmalloc(sizeof c);
	631
	632	c->next = columns;
	633	c->name = vec[0];
	634	c->ncolumns = nvec - 1;
	635	c->columns = &vec[1];
	636	columns = c;
	637	}
	638
	639	static struct option {
	640	const char *name;
	641	int minargs, maxargs;
	642	void (handler)(int nvec, char *vec);
	643	} options[] = {
	644	{ "columns", 1, INT_MAX, option_columns },
645	{ "include", 1, 1, option_include },
646	{ "label", 2, 2, option_label },
647	};
648
649	struct read_options_state {
650	const char *name;
651	int line;
652	};
653
654	static void read_options_error(const char *msg,
655	void *u) {
656	struct read_options_state *cs = u;
657
658	error(0, "%s:%d: %s", cs->name, cs->line, msg);
659	}
660
661	static void include_options(const char *name) {
662	int n, i;
663	int fd;
664	FILE *fp;
665	char *vec, buffer;
666	struct read_options_state cs;
667
668	if((fd = template_open(name, "", &cs.name)) < 0) return;
669	if(!(fp = fdopen(fd, "r"))) fatal(errno, "error calling fdopen");
670	cs.line = 0;
671	while(!inputline(cs.name, fp, &buffer, '\n')) {
672	++cs.line;
673	if(!(vec = split(buffer, &n, SPLIT_COMMENTS\|SPLIT_QUOTES,
674	read_options_error, &cs)))
675	continue;
676	if(!n) continue;
677	if((i = TABLE_FIND(options, struct option, name, vec[0])) == -1) {
678	error(0, "%s:%d: unknown option '%s'", cs.name, cs.line, vec[0]);
679	continue;
680	}
681	++vec;
682	--n;
683	if(n < options[i].minargs) {
684	error(0, "%s:%d: too few arguments to '%s'", cs.name, cs.line, vec[-1]);
685	continue;
686	}
687	if(n > options[i].maxargs) {
688	error(0, "%s:%d: too many arguments to '%s'", cs.name, cs.line, vec[-1]);
689	continue;
690	}
691	options[i].handler(n, vec);
692	}
693	fclose(fp);
694	}
695
696	static void read_options(void) {
697	if(!have_read_options) {
698	have_read_options = 1;
699	include_options("options");
700	}
701	}
702
703	const char cgi_label(const char key) {
704	const char *label;
705
706	read_options();
707	if(!(label = kvp_get(labels, key))) {
5e34540b	708	/* No label found */
	709	if(!strncmp(key, "images.", 7)) {
	710	static const char *url_static;
	711	/* images.X defaults to <url.static>X.png */
	712
	713	if(!url_static)
	714	url_static = cgi_label("url.static");
	715	byte_xasprintf((char **)&label, "%s%s.png", url_static, key + 7);
	716	} else if((label = strchr(key, '.')))
	717	/* X.Y defaults to Y */
460b9539	718	++label;
460b9539	719	else
5e34540b	720	/* otherwise default to label name */
460b9539	721	label = key;
	722	}
	723	return label;
	724	}
	725
8f9616f1 RK	726	int cgi_label_exists(const char *key) {
	727	read_options();
	728	return kvp_get(labels, key) ? 1 : 0;
	729	}
	730
460b9539	731	char *cgi_columns(const char name, int *ncolumns) {
	732	struct column *c;
	733
	734	read_options();
	735	for(c = columns; c && strcmp(name, c->name); c = c->next)
	736	;
	737	if(c) {
	738	if(ncolumns)
	739	*ncolumns = c->ncolumns;
	740	return c->columns;
	741	} else {
	742	if(ncolumns)
	743	*ncolumns = 0;
	744	return 0;
	745	}
	746	}
	747
3dddcfa4 RK	748	void cgi_define(const char *name,
	749	int nargs,
	750	char **args,
	751	const char *value) {
	752	struct cgi_macro m;
	753
	754	if(!cgi_macros)
	755	cgi_macros = hash_new(sizeof(struct cgi_macro));
	756	m.nargs = nargs;
	757	m.args = args;
	758	m.value = value;
	759	hash_add(cgi_macros, name, &m, HASH_INSERT_OR_REPLACE);
	760	}
	761
460b9539	762	/*
	763	Local Variables:
	764	c-basic-offset:2
	765	comment-column:40
	766	End:
	767	*/