X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=server%2Ffastcgi.c;h=08c413b203035d350039ba1e87b690cc34f2aed7;hb=f858232d7c564f14e6d2fb9d616f8e12a1ec9171;hp=71f8e5567a5531211a86f18daf2044c4e31d48f5;hpb=de5c190385d1b963a3fe1f3c186dc0b3efa31bc4;p=matches%2FMCTX3420.git diff --git a/server/fastcgi.c b/server/fastcgi.c index 71f8e55..08c413b 100644 --- a/server/fastcgi.c +++ b/server/fastcgi.c @@ -12,23 +12,17 @@ #include "common.h" #include "sensor.h" +#include "actuator.h" #include "control.h" #include "options.h" +#include "image.h" +#include "pin_test.h" +#include "login.h" -/**The time period (in seconds) before the control key expires @ */ +/**The time period (in seconds) before the control key expires */ #define CONTROL_TIMEOUT 180 -/**Contextual information related to FCGI requests*/ -struct FCGIContext { - /**The time of last valid user access possessing the control key*/ - time_t control_timestamp; - char control_key[41]; - char control_ip[16]; - /**The name of the current module**/ - const char *current_module; - /**For debugging purposes?**/ - int response_number; -}; + /** * Identifies build information and the current API version to the user. @@ -87,11 +81,12 @@ static void IdentifyHandler(FCGIContext *context, char *params) { * @param context The context to work in * @param force Whether to force key generation or not. */ -void FCGI_BeginControl(FCGIContext *context, bool force) { +void FCGI_LockControl(FCGIContext *context, bool force) { time_t now = time(NULL); bool expired = now - context->control_timestamp > CONTROL_TIMEOUT; - if (force || !*(context->control_key) || expired) { + if (force || !*(context->control_key) || expired) + { SHA_CTX sha1ctx; unsigned char sha1[20]; int i = rand(); @@ -105,18 +100,6 @@ void FCGI_BeginControl(FCGIContext *context, bool force) { for (i = 0; i < 20; i++) sprintf(context->control_key + i * 2, "%02x", sha1[i]); snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR")); - FCGI_BeginJSON(context, STATUS_OK); - FCGI_JSONPair("key", context->control_key); - FCGI_EndJSON(); - } else { - char buf[128]; - strftime(buf, 128, "%H:%M:%S %d-%m-%Y", - localtime(&(context->control_timestamp))); - FCGI_BeginJSON(context, STATUS_UNAUTHORIZED); - FCGI_JSONPair("description", "Another user already has control"); - FCGI_JSONPair("current_user", context->control_ip); - FCGI_JSONPair("when", buf); - FCGI_EndJSON(); } } @@ -143,7 +126,7 @@ bool FCGI_HasControl(FCGIContext *context, const char *key) { * Revokes the current control key, if present. * @param context The context to work in */ -void FCGI_EndControl(FCGIContext *context) { +void FCGI_ReleaseControl(FCGIContext *context) { *(context->control_key) = 0; FCGI_BeginJSON(context, STATUS_OK); FCGI_EndJSON(); @@ -190,9 +173,9 @@ char *FCGI_KeyPair(char *in, const char **key, const char **value) } /** - * Aids in parsing request parameters. Expected keys along with their type - * and whether or not they're required are provided. This function will then - * parse the parameter string to find these keys. + * Aids in parsing request parameters. + * Input: The expected keys along with their type and whether or not + * they're required. * @param context The context to work in * @param params The parameter string to be parsed * @param values An array of FCGIValue's that specify expected keys @@ -225,18 +208,27 @@ bool FCGI_ParseRequest(FCGIContext *context, char *params, FCGIValue values[], s switch(FCGI_TYPE(val->flags)) { case FCGI_BOOL_T: - *((bool*) val->value) = true; + if (!*value) //No value: Default true + *((bool*) val->value) = true; + else { + *((bool*) val->value) = !!(strtol(value, &ptr, 10)); + if (*ptr) { + snprintf(buf, BUFSIZ, "Expected bool for '%s' but got '%s'", key, value); + FCGI_RejectJSON(context, buf); + return false; + } + } break; case FCGI_INT_T: case FCGI_LONG_T: { long parsed = strtol(value, &ptr, 10); if (!*value || *ptr) { snprintf(buf, BUFSIZ, "Expected int for '%s' but got '%s'", key, value); - FCGI_RejectJSON(context, FCGI_EscapeJSON(buf)); + FCGI_RejectJSON(context, buf); return false; } if (FCGI_TYPE(val->flags) == FCGI_INT_T) - *((int*) val->value) = parsed; + *((int*) val->value) = (int) parsed; else *((long*) val->value) = parsed; } break; @@ -244,7 +236,7 @@ bool FCGI_ParseRequest(FCGIContext *context, char *params, FCGIValue values[], s *((double*) val->value) = strtod(value, &ptr); if (!*value || *ptr) { snprintf(buf, BUFSIZ, "Expected float for '%s' but got '%s'", key, value); - FCGI_RejectJSON(context, FCGI_EscapeJSON(buf)); + FCGI_RejectJSON(context, buf); return false; } break; @@ -259,7 +251,7 @@ bool FCGI_ParseRequest(FCGIContext *context, char *params, FCGIValue values[], s } //End for loop if (i == count) { snprintf(buf, BUFSIZ, "Unknown key '%s' specified", key); - FCGI_RejectJSON(context, FCGI_EscapeJSON(buf)); + FCGI_RejectJSON(context, buf); return false; } } @@ -292,6 +284,7 @@ void FCGI_BeginJSON(FCGIContext *context, StatusCodes status_code) FCGI_JSONDouble("start_time", TIMEVAL_TO_DOUBLE(g_options.start_time)); FCGI_JSONDouble("current_time", TIMEVAL_TO_DOUBLE(now)); FCGI_JSONDouble("running_time", TIMEVAL_DIFF(now, g_options.start_time)); + FCGI_JSONPair("control_state", Control_GetModeName()); } /** @@ -353,36 +346,6 @@ void FCGI_EndJSON() printf("\r\n}\r\n"); } -/** - * Escapes a string so it can be used as a JSON string value. - * Does not support unicode specifiers in the form of \uXXXX. - * @param buf The string to be escaped - * @return The escaped string (return value == buf) - */ -char *FCGI_EscapeJSON(char *buf) -{ - int length, i; - length = strlen(buf); - - //Escape special characters. Must count down to escape properly - for (i = length - 1; i >= 0; i--) { - if (buf[i] < 0x20) { //Control characters - buf[i] = ' '; - } else if (buf[i] == '"') { - if (i-1 >= 0 && buf[i-1] == '\\') - i--; - else - buf[i] = '\''; - } else if (buf[i] == '\\') { - if (i-1 >= 0 && buf[i-1] == '\'') - i--; - else - buf[i] = ' '; - } - } - return buf; -} - /** * To be used when the input parameters are rejected. The return data * will also have debugging information provided. @@ -399,7 +362,7 @@ void FCGI_RejectJSONEx(FCGIContext *context, StatusCodes status, const char *des FCGI_BeginJSON(context, status); FCGI_JSONPair("description", description); FCGI_JSONLong("responsenumber", context->response_number); - FCGI_JSONPair("params", getenv("QUERY_STRING")); + //FCGI_JSONPair("params", getenv("QUERY_STRING")); FCGI_JSONPair("host", getenv("SERVER_HOSTNAME")); FCGI_JSONPair("user", getenv("REMOTE_USER")); FCGI_JSONPair("ip", getenv("REMOTE_ADDR")); @@ -422,6 +385,48 @@ void FCGI_PrintRaw(const char *format, ...) va_end(list); } + +/** + * Write binary data + * See fwrite + */ +void FCGI_WriteBinary(void * data, size_t size, size_t num_elem) +{ + Log(LOGDEBUG,"Writing!"); + fwrite(data, size, num_elem, stdout); +} + +/** + * Escapes a string so it can be used safely. + * Currently escapes to ensure the validity for use as a JSON string + * Does not support unicode specifiers in the form of \uXXXX. + * @param buf The string to be escaped + * @return The escaped string (return value == buf) + */ +char *FCGI_EscapeText(char *buf) +{ + int length, i; + length = strlen(buf); + + //Escape special characters. Must count down to escape properly + for (i = length - 1; i >= 0; i--) { + if (buf[i] < 0x20) { //Control characters + buf[i] = ' '; + } else if (buf[i] == '"') { + if (i-1 >= 0 && buf[i-1] == '\\') + i--; + else + buf[i] = '\''; + } else if (buf[i] == '\\') { + if (i-1 >= 0 && buf[i-1] == '\'') + i--; + else + buf[i] = ' '; + } + } + return buf; +} + /** * Main FCGI request loop that receives/responds to client requests. * @param data Reserved. @@ -432,21 +437,30 @@ void * FCGI_RequestLoop (void *data) { FCGIContext context = {0}; - Log(LOGDEBUG, "First request..."); + Log(LOGDEBUG, "Start loop"); while (FCGI_Accept() >= 0) { - Log(LOGDEBUG, "Got request #%d", context.response_number); + ModuleHandler module_handler = NULL; - char module[BUFSIZ], params[BUFSIZ]; + char module[BUFSIZ], params[BUFSIZ], cookie[BUFSIZ]; //strncpy doesn't zero-truncate properly snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL")); snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING")); + snprintf(cookie, BUFSIZ, "%s", getenv("COOKIE_STRING")); + + Log(LOGDEBUG, "Got request #%d - Module %s, params %s", context.response_number, module, params); + Log(LOGDEBUG, "Cookie: %s", cookie); + + //Remove trailing slashes (if present) from module query size_t lastchar = strlen(module) - 1; if (lastchar > 0 && module[lastchar] == '/') module[lastchar] = 0; + //Escape all special characters + FCGI_EscapeText(params); + //Default to the 'identify' module if none specified if (!*module) strcpy(module, "identify"); @@ -457,17 +471,48 @@ void * FCGI_RequestLoop (void *data) module_handler = Control_Handler; } else if (!strcmp("sensors", module)) { module_handler = Sensor_Handler; + } else if (!strcmp("actuators", module)) { + module_handler = Actuator_Handler; + } else if (!strcmp("image", module)) { + module_handler = Image_Handler; + } else if (!strcmp("pin", module)) { + module_handler = Pin_Handler; // *Debug only* pin test module + } else if (!strcmp("bind", module)) { + module_handler = Login_Handler; + } else if (!strcmp("unbind", module)) { + module_handler = Logout_Handler; } context.current_module = module; - if (module_handler) { + context.response_number++; + + + + if (module_handler) + { + if (module_handler != Login_Handler) + { + if (cookie[0] == '\0') + { + FCGI_RejectJSON(&context, "Please login."); + continue; + } + if (!FCGI_HasControl(&context, cookie)) + { + FCGI_RejectJSON(&context, "Invalid control key."); + continue; + } + } + module_handler(&context, params); - } else { + } + else + { FCGI_RejectJSON(&context, "Unhandled module"); } - context.response_number++; + - Log(LOGDEBUG, "Waiting for request #%d", context.response_number); + } Log(LOGDEBUG, "Thread exiting.");