#include <fcgi_stdio.h>
#include <openssl/sha.h>
#include <stdarg.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <ctype.h>
#include "common.h"
#include "sensor.h"
#include "control.h"
#include "options.h"
#include "image.h"
+#include "pin_test.h"
+#include "login.h"
/**The time period (in seconds) before the control key expires */
#define CONTROL_TIMEOUT 180
-/**Contextual information related to FCGI requests*/
-struct FCGIContext {
- /**The time of last valid user access possessing the control key*/
- time_t control_timestamp;
- char control_key[41];
- char control_ip[16];
- /**The name of the current module**/
- const char *current_module;
- /**For debugging purposes?**/
- int response_number;
-};
+
/**
* Identifies build information and the current API version to the user.
* @param context The context to work in
* @param params User specified paramters: [actuators, sensors]
*/
-static void IdentifyHandler(FCGIContext *context, char *params) {
+static void IdentifyHandler(FCGIContext *context, char *params)
+{
bool ident_sensors = false, ident_actuators = false;
-
int i;
FCGIValue values[2] = {{"sensors", &ident_sensors, FCGI_BOOL_T},
FCGI_BeginJSON(context, STATUS_OK);
FCGI_JSONPair("description", "MCTX3420 Server API (2013)");
FCGI_JSONPair("build_date", __DATE__ " " __TIME__);
+ struct timespec t = {0};
+ clock_getres(CLOCK_MONOTONIC, &t);
+ FCGI_JSONDouble("clock_getres", TIMEVAL_TO_DOUBLE(t));
FCGI_JSONLong("api_version", API_VERSION);
+
+ bool has_control = FCGI_HasControl(context);
+ FCGI_JSONBool("logged_in", has_control);
+ FCGI_JSONPair("user_name", has_control ? context->user_name : "");
+
//Sensor and actuator information
if (ident_sensors) {
FCGI_JSONKey("sensors");
FCGI_JSONValue("{\n\t\t");
- for (i = 0; i < NUMSENSORS; i++) {
+ for (i = 0; i < g_num_sensors; i++) {
if (i > 0) {
FCGI_JSONValue(",\n\t\t");
}
- FCGI_JSONValue("\"%d\" : \"%s\"", i, g_sensor_names[i]);
+ DataPoint d = Sensor_LastData(i);
+ FCGI_JSONValue("\"%d\" : {\"name\" : \"%s\", \"value\" : [%f,%f] }",
+ i, Sensor_GetName(i), d.time_stamp, d.value);
}
FCGI_JSONValue("\n\t}");
}
if (ident_actuators) {
FCGI_JSONKey("actuators");
FCGI_JSONValue("{\n\t\t");
- for (i = 0; i < NUMACTUATORS; i++) {
+ for (i = 0; i < g_num_actuators; i++) {
if (i > 0) {
FCGI_JSONValue(",\n\t\t");
}
- FCGI_JSONValue("\"%d\" : \"%s\"", i, g_actuator_names[i]);
+
+ DataPoint d = Actuator_LastData(i);
+ FCGI_JSONValue("\"%d\" : {\"name\" : \"%s\", \"value\" : [%f, %f] }", i, Actuator_GetName(i), d.time_stamp, d.value);
}
FCGI_JSONValue("\n\t}");
}
}
/**
- * Gives the user a key that determines who has control over
- * the system at any one time. The key can be forcibly generated, revoking
- * any previous control keys. To be used in conjunction with HTTP
- * basic authentication.
- * This function will generate a JSON response that indicates success/failure.
+ * Given an authorised user, attempt to set the control over the system.
+ * Modifies members in the context structure appropriately if successful.
* @param context The context to work in
- * @param force Whether to force key generation or not.
- */
-void FCGI_LockControl(FCGIContext *context, bool force) {
+ * @param user_name - Name of the user
+ * @param user_type - Type of the user, passed after successful authentication
+ * @return true on success, false otherwise (eg someone else already in control)
+ */
+bool FCGI_LockControl(FCGIContext *context, const char * user_name, UserType user_type)
+{
+ // Get current time
time_t now = time(NULL);
bool expired = now - context->control_timestamp > CONTROL_TIMEOUT;
-
- if (force || !*(context->control_key) || expired) {
- SHA_CTX sha1ctx;
- unsigned char sha1[20];
- int i = rand();
-
- SHA1_Init(&sha1ctx);
- SHA1_Update(&sha1ctx, &now, sizeof(now));
- SHA1_Update(&sha1ctx, &i, sizeof(i));
- SHA1_Final(sha1, &sha1ctx);
-
- context->control_timestamp = now;
- for (i = 0; i < 20; i++)
- sprintf(context->control_key + i * 2, "%02x", sha1[i]);
- snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR"));
- FCGI_BeginJSON(context, STATUS_OK);
- FCGI_JSONPair("key", context->control_key);
- FCGI_EndJSON();
- } else {
- char buf[128];
- strftime(buf, 128, "%H:%M:%S %d-%m-%Y",
- localtime(&(context->control_timestamp)));
- FCGI_BeginJSON(context, STATUS_UNAUTHORIZED);
- FCGI_JSONPair("description", "Another user already has control");
- FCGI_JSONPair("current_user", context->control_ip);
- FCGI_JSONPair("when", buf);
- FCGI_EndJSON();
+ int i;
+
+ // Can't lock control if: User not actually logged in (sanity), or key is still valid and the user is not an admin
+ if (user_type == USER_UNAUTH ||
+ (user_type != USER_ADMIN && !expired && *(context->control_key) != '\0'))
+ return false;
+
+ // Release any existing control (if any)
+ FCGI_ReleaseControl(context);
+
+ // Set timestamp
+ context->control_timestamp = now;
+
+ // Generate a SHA1 hash for the user
+ SHA_CTX sha1ctx;
+ unsigned char sha1[20];
+ i = rand();
+ SHA1_Init(&sha1ctx);
+ SHA1_Update(&sha1ctx, &now, sizeof(now));
+ SHA1_Update(&sha1ctx, &i, sizeof(i));
+ SHA1_Final(sha1, &sha1ctx);
+ for (i = 0; i < sizeof(sha1); i++)
+ sprintf(context->control_key + i * 2, "%02x", sha1[i]);
+
+ // Set the IPv4 address
+ snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR"));
+
+ // Set the user name
+ int uname_len = strlen(user_name);
+ i = snprintf(context->user_name, sizeof(context->user_name), "%s", user_name);
+ if (i < uname_len) {
+ Log(LOGERR, "Username at %d characters too long (limit %d)",
+ uname_len, sizeof(context->user_name));
+ return false; // :-(
+ }
+ // Set the user type
+ context->user_type = user_type;
+
+ // Build the user directory
+ i = snprintf(context->user_dir, sizeof(context->user_dir), "%s/%s",
+ g_options.experiment_dir, context->user_name);
+ if (i >= sizeof(context->user_dir)) {
+ Log(LOGERR, "Experiment dir too long (required %d, limit %d)",
+ i, sizeof(context->user_dir));
+ return false;
}
+
+ Log(LOGDEBUG, "User dir: %s", context->user_dir);
+ // Create directory
+ if (mkdir(context->user_dir, 0777) != 0 && errno != EEXIST)
+ {
+ Log(LOGERR, "Couldn't create user directory %s - %s",
+ context->user_dir, strerror(errno));
+ return false; // :-(
+ }
+
+ return true; // :-)
}
/**
* @param key The control key to be validated.
* @return TRUE if authorized, FALSE if not.
*/
-bool FCGI_HasControl(FCGIContext *context, const char *key) {
+bool FCGI_HasControl(FCGIContext *context)
+{
time_t now = time(NULL);
int result = (now - context->control_timestamp) <= CONTROL_TIMEOUT &&
- key != NULL && !strcmp(context->control_key, key);
+ context->control_key[0] != '\0' &&
+ !strcmp(context->control_key, context->received_key);
if (result) {
context->control_timestamp = now; //Update the control_timestamp
}
* Revokes the current control key, if present.
* @param context The context to work in
*/
-void FCGI_ReleaseControl(FCGIContext *context) {
+void FCGI_ReleaseControl(FCGIContext *context)
+{
*(context->control_key) = 0;
- FCGI_BeginJSON(context, STATUS_OK);
- FCGI_EndJSON();
+ // Note: context->user_name should *not* be cleared
return;
}
+/**
+ * Gets the control cookie
+ * @param buffer A storage buffer of exactly CONTROL_KEY_BUFSIZ length to
+ store the control key
+ */
+void FCGI_GetControlCookie(char buffer[CONTROL_KEY_BUFSIZ])
+{
+ const char *cookies = getenv("COOKIE_STRING");
+ const char *start = strstr(cookies, "mctxkey=");
+
+ *buffer = 0; //Clear the buffer
+ if (start != NULL) {
+ int i;
+ start += 8; //length of mctxkey=
+ for (i = 0; i < CONTROL_KEY_BUFSIZ; i++) {
+ if (*start == 0 || *start == ';') {
+ break;
+ }
+ buffer[i] = *start++;
+ }
+ buffer[i] = 0;
+ }
+}
+
+/**
+ * Sends the control key to the user as a cookie.
+ * @param context the context to work in
+ * @param set Whether to set or unset the control cookie
+ */
+void FCGI_SendControlCookie(FCGIContext *context, bool set) {
+ if (set) {
+ printf("Set-Cookie: mctxkey=%s\r\n", context->control_key);
+ } else {
+ printf("Set-Cookie: mctxkey=\r\n");
+ }
+}
+
/**
* Extracts a key/value pair from a request string.
* Note that the input is modified by this function.
switch(FCGI_TYPE(val->flags)) {
case FCGI_BOOL_T:
- *((bool*) val->value) = true;
+ if (!*value) //No value: Default true
+ *((bool*) val->value) = true;
+ else {
+ *((bool*) val->value) = !!(strtol(value, &ptr, 10));
+ if (*ptr) {
+ snprintf(buf, BUFSIZ, "Expected bool for '%s' but got '%s'", key, value);
+ FCGI_RejectJSON(context, buf);
+ return false;
+ }
+ }
break;
case FCGI_INT_T: case FCGI_LONG_T: {
long parsed = strtol(value, &ptr, 10);
printf("\t\"module\" : \"%s\"", context->current_module);
FCGI_JSONLong("status", status_code);
//Time and running statistics
- struct timeval now;
- gettimeofday(&now, NULL);
+ struct timespec now;
+ clock_gettime(CLOCK_MONOTONIC, &now);
FCGI_JSONDouble("start_time", TIMEVAL_TO_DOUBLE(g_options.start_time));
FCGI_JSONDouble("current_time", TIMEVAL_TO_DOUBLE(now));
FCGI_JSONDouble("running_time", TIMEVAL_DIFF(now, g_options.start_time));
+ FCGI_JSONPair("control_state", Control_GetModeName());
+}
+
+/**
+ * Generic accept response in JSON format.
+ * @param context The context to work in
+ * @param description A short description.
+ * @param cookie Optional. If given, the cookie field is set to that value.
+ */
+void FCGI_AcceptJSON(FCGIContext *context, const char *description)
+{
+ printf("Content-type: application/json; charset=utf-8\r\n");
+ printf("\r\n{\r\n");
+ printf("\t\"module\" : \"%s\"", context->current_module);
+ FCGI_JSONLong("status", STATUS_OK);
+ FCGI_JSONPair("description", description);
+ FCGI_EndJSON();
}
/**
*/
void FCGI_JSONDouble(const char *key, double value)
{
- printf(",\r\n\t\"%s\" : %f", key, value);
+ printf(",\r\n\t\"%s\" : %.9f", key, value);
}
/**
FCGI_BeginJSON(context, status);
FCGI_JSONPair("description", description);
FCGI_JSONLong("responsenumber", context->response_number);
- //FCGI_JSONPair("params", getenv("QUERY_STRING"));
+ //FCGI_JSONPair("params", getenv("QUERY_STRING")); //A bad idea if contains password but also if contains unescaped stuff
FCGI_JSONPair("host", getenv("SERVER_HOSTNAME"));
FCGI_JSONPair("user", getenv("REMOTE_USER"));
FCGI_JSONPair("ip", getenv("REMOTE_ADDR"));
return buf;
}
+/**
+ * Unescapes a URL encoded string in-place. The string
+ * must be NULL terminated.
+ * (e.g this%2d+string --> this- string)
+ * @param buf The buffer to decode. Will be modified in-place.
+ * @return The same buffer.
+ */
+char *FCGI_URLDecode(char *buf)
+{
+ char *head = buf, *tail = buf;
+ char val, hex[3] = {0};
+
+ while (*tail) {
+ if (*tail == '%') { //%hh hex to char
+ tail++;
+ if (isxdigit(*tail) && isxdigit(*(tail+1))) {
+ hex[0] = *tail++;
+ hex[1] = *tail++;
+ val = (char)strtol(hex, NULL, 16);
+ //Control codes --> Space character
+ *head++ = (val < 0x20) ? 0x20 : val;
+ } else { //Not valid format; keep original
+ head++;
+ }
+ } else if (*tail == '+') { //Plus to space
+ tail++;
+ *head++ = ' ';
+ } else { //Anything else
+ *head++ = *tail++;
+ }
+ }
+ *head = 0; //NULL-terminate at new end point
+
+ return buf;
+}
+
/**
* Main FCGI request loop that receives/responds to client requests.
* @param data Reserved.
{
FCGIContext context = {0};
- Log(LOGDEBUG, "First request...");
+ Log(LOGDEBUG, "Start loop");
while (FCGI_Accept() >= 0) {
- Log(LOGDEBUG, "Got request #%d", context.response_number);
+
ModuleHandler module_handler = NULL;
char module[BUFSIZ], params[BUFSIZ];
//strncpy doesn't zero-truncate properly
snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL"));
+
+ //Get the GET query string
snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING"));
+ //URL decode the parameters
+ FCGI_URLDecode(params);
+
+ FCGI_GetControlCookie(context.received_key);
+ Log(LOGDEBUG, "Got request #%d - Module %s, params %s", context.response_number, module, params);
+ Log(LOGDEBUG, "Control key: %s", context.received_key);
+
//Remove trailing slashes (if present) from module query
size_t lastchar = strlen(module) - 1;
if (lastchar > 0 && module[lastchar] == '/')
module[lastchar] = 0;
- //Escape all special characters
- FCGI_EscapeText(params);
-
//Default to the 'identify' module if none specified
if (!*module)
strcpy(module, "identify");
module_handler = Actuator_Handler;
} else if (!strcmp("image", module)) {
module_handler = Image_Handler;
+ } else if (!strcmp("pin", module)) {
+ module_handler = Pin_Handler; // *Debug only* pin test module
+ } else if (!strcmp("bind", module)) {
+ module_handler = Login_Handler;
+ } else if (!strcmp("unbind", module)) {
+ module_handler = Logout_Handler;
}
context.current_module = module;
+ context.response_number++;
+
if (module_handler) {
+ if (module_handler == IdentifyHandler) {
+ FCGI_EscapeText(params);
+ } else if (module_handler != Login_Handler) {
+ if (!FCGI_HasControl(&context))
+ {
+ if (g_options.auth_method == AUTH_NONE) { //:(
+ Log(LOGWARN, "Locking control (no auth!)");
+ FCGI_LockControl(&context, NOAUTH_USERNAME, USER_ADMIN);
+ FCGI_SendControlCookie(&context, true);
+ }
+ else {
+ FCGI_RejectJSON(&context, "Please login. Invalid control key.");
+ continue;
+ }
+ }
+
+ //Escape all special characters.
+ //Don't escape for login (password may have special chars?)
+ FCGI_EscapeText(params);
+ } else { //Only for Login handler.
+ //If GET data is empty, use POST instead.
+ if (*params == '\0') {
+ Log(LOGDEBUG, "Using POST!");
+ fgets(params, BUFSIZ, stdin);
+ FCGI_URLDecode(params);
+ }
+ }
+
module_handler(&context, params);
- } else {
+ }
+ else {
FCGI_RejectJSON(&context, "Unhandled module");
}
- context.response_number++;
-
- Log(LOGDEBUG, "Waiting for request #%d", context.response_number);
}
Log(LOGDEBUG, "Thread exiting.");