X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=server%2Ffastcgi.c;h=34c337a6732be41af5d95327cd194d37b07c9db0;hb=27ff700c938e48bd88ca63575d65575150d9e842;hp=4fc374243f4a08cf188001b19a32460524e0f8ea;hpb=8748f809d60e16d004cfc4266f101294c586bb36;p=matches%2FMCTX3420.git diff --git a/server/fastcgi.c b/server/fastcgi.c index 4fc3742..6006322 100644 --- a/server/fastcgi.c +++ b/server/fastcgi.c @@ -1,6 +1,6 @@ /** * @file fastcgi.c - * @purpose Runs the FCGI request loop to handle web interface requests. + * @brief Runs the FCGI request loop to handle web interface requests. * * fcgi_stdio.h must be included before all else so the stdio function * redirection works ok. @@ -8,118 +8,225 @@ #include #include -#include +#include +#include +#include +#include #include "common.h" -#include "fastcgi.h" #include "sensor.h" -#include "log.h" +#include "actuator.h" +#include "control.h" +#include "options.h" +#include "image.h" +#include "pin_test.h" +#include "login.h" + +/**The time period (in seconds) before the control key expires */ +#define CONTROL_TIMEOUT 180 -#define LOGIN_TIMEOUT 180 -struct FCGIContext { - /**The time of last valid logged-in user access*/ - time_t login_timestamp; - char login_key[41]; - char login_ip[16]; - /**The name of the current module**/ - const char *current_module; - /**For debugging purposes?**/ - int response_number; -}; /** - * Handles user logins. + * Identifies build information and the current API version to the user. + * Also useful for testing that the API is running and identifying the + * sensors and actuators present. * @param context The context to work in - * @param params User specified parameters - */ -static void LoginHandler(FCGIContext *context, char *params) { - const char *key, *value; - bool force = 0, end = 0; + * @param params User specified paramters: [actuators, sensors] + */ +static void IdentifyHandler(FCGIContext *context, char *params) +{ + bool ident_sensors = false, ident_actuators = false; + int i; - while ((params = FCGI_KeyPair(params, &key, &value))) { - if (!strcmp(key, "force")) - force = !force; - else if (!strcmp(key, "end")) - end = !end; + FCGIValue values[2] = {{"sensors", &ident_sensors, FCGI_BOOL_T}, + {"actuators", &ident_actuators, FCGI_BOOL_T}}; + if (!FCGI_ParseRequest(context, params, values, 2)) + return; + + FCGI_BeginJSON(context, STATUS_OK); + FCGI_JSONPair("description", "MCTX3420 Server API (2013)"); + FCGI_JSONPair("build_date", __DATE__ " " __TIME__); + struct timespec t = {0}; + clock_getres(CLOCK_MONOTONIC, &t); + FCGI_JSONDouble("clock_getres", TIMEVAL_TO_DOUBLE(t)); + FCGI_JSONLong("api_version", API_VERSION); + + bool has_control = FCGI_HasControl(context); + FCGI_JSONBool("logged_in", has_control); + FCGI_JSONPair("user_name", has_control ? context->user_name : ""); + + + //Sensor and actuator information + if (ident_sensors) { + FCGI_JSONKey("sensors"); + FCGI_JSONValue("{\n\t\t"); + for (i = 0; i < g_num_sensors; i++) { + if (i > 0) { + FCGI_JSONValue(",\n\t\t"); + } + DataPoint d = Sensor_LastData(i); + FCGI_JSONValue("\"%d\" : {\"name\" : \"%s\", \"value\" : [%f,%f] }", + i, Sensor_GetName(i), d.time_stamp, d.value); + } + FCGI_JSONValue("\n\t}"); } + if (ident_actuators) { + FCGI_JSONKey("actuators"); + FCGI_JSONValue("{\n\t\t"); + for (i = 0; i < g_num_actuators; i++) { + if (i > 0) { + FCGI_JSONValue(",\n\t\t"); + } - if (end) { - *(context->login_key) = 0; - FCGI_BeginJSON(context, STATUS_OK); - FCGI_EndJSON(); - return; + DataPoint d = Actuator_LastData(i); + FCGI_JSONValue("\"%d\" : {\"name\" : \"%s\", \"value\" : [%f, %f] }", i, Actuator_GetName(i), d.time_stamp, d.value); + } + FCGI_JSONValue("\n\t}"); } + FCGI_EndJSON(); +} +/** + * Given an authorised user, attempt to set the control over the system. + * Modifies members in the context structure appropriately if successful. + * @param context The context to work in + * @param user_name - Name of the user + * @param user_type - Type of the user, passed after successful authentication + * @return true on success, false otherwise (eg someone else already in control) + */ +bool FCGI_LockControl(FCGIContext *context, const char * user_name, UserType user_type) +{ + // Get current time time_t now = time(NULL); - if (force || !*(context->login_key) || - (now - context->login_timestamp > LOGIN_TIMEOUT)) - { - SHA_CTX sha1ctx; - unsigned char sha1[20]; - int i = rand(); - - SHA1_Init(&sha1ctx); - SHA1_Update(&sha1ctx, &now, sizeof(now)); - SHA1_Update(&sha1ctx, &i, sizeof(i)); - SHA1_Final(sha1, &sha1ctx); - - context->login_timestamp = now; - for (i = 0; i < 20; i++) - sprintf(context->login_key + i * 2, "%02x", sha1[i]); - snprintf(context->login_ip, 16, "%s", getenv("REMOTE_ADDR")); - FCGI_BeginJSON(context, STATUS_OK); - FCGI_JSONPair("key", context->login_key); - FCGI_EndJSON(); - } else { - char buf[128]; - strftime(buf, 128, "%H:%M:%S %d-%m-%Y", - localtime(&(context->login_timestamp))); - FCGI_BeginJSON(context, STATUS_UNAUTHORIZED); - FCGI_JSONPair("description", "Already logged in"); - FCGI_JSONPair("user", context->login_ip); - FCGI_JSONPair("time", buf); - FCGI_EndJSON(); + bool expired = now - context->control_timestamp > CONTROL_TIMEOUT; + int i; + + // Can't lock control if: User not actually logged in (sanity), or key is still valid and the user is not an admin + if (user_type == USER_UNAUTH || + (user_type != USER_ADMIN && !expired && *(context->control_key) != '\0')) + return false; + + // Release any existing control (if any) + FCGI_ReleaseControl(context); + + // Set timestamp + context->control_timestamp = now; + + // Generate a SHA1 hash for the user + SHA_CTX sha1ctx; + unsigned char sha1[20]; + i = rand(); + SHA1_Init(&sha1ctx); + SHA1_Update(&sha1ctx, &now, sizeof(now)); + SHA1_Update(&sha1ctx, &i, sizeof(i)); + SHA1_Final(sha1, &sha1ctx); + for (i = 0; i < sizeof(sha1); i++) + sprintf(context->control_key + i * 2, "%02x", sha1[i]); + + // Set the IPv4 address + snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR")); + + // Set the user name + int uname_len = strlen(user_name); + i = snprintf(context->user_name, sizeof(context->user_name), "%s", user_name); + if (i < uname_len) { + Log(LOGERR, "Username at %d characters too long (limit %d)", + uname_len, sizeof(context->user_name)); + return false; // :-( } -} + // Set the user type + context->user_type = user_type; -/*TODO: Remove and replace with the actual actuator code*/ -static void ActuatorHandler(FCGIContext *context, char *params) { - const char *key, *value, *loginkey = NULL; - while ((params = FCGI_KeyPair(params, &key, &value))) { - if (!strcmp(key, "key")) { - loginkey = value; - } + // Build the user directory + i = snprintf(context->user_dir, sizeof(context->user_dir), "%s/%s", + g_options.experiment_dir, context->user_name); + if (i >= sizeof(context->user_dir)) { + Log(LOGERR, "Experiment dir too long (required %d, limit %d)", + i, sizeof(context->user_dir)); + return false; } - if (!loginkey || !FCGI_Authorized(context, loginkey)) { - FCGI_BeginJSON(context, STATUS_UNAUTHORIZED); - FCGI_JSONPair("description", "Invalid key specified."); - FCGI_EndJSON(); - } else { - FCGI_BeginJSON(context, STATUS_OK); - FCGI_JSONPair("description", "Logged in!"); - FCGI_EndJSON(); + + Log(LOGDEBUG, "User dir: %s", context->user_dir); + // Create directory + if (mkdir(context->user_dir, 0777) != 0 && errno != EEXIST) + { + Log(LOGERR, "Couldn't create user directory %s - %s", + context->user_dir, strerror(errno)); + return false; // :-( } + + return true; // :-) } /** * Given an FCGIContext, determines if the current user (as specified by - * the key) is authorized or not. If validated, the context login_timestamp is + * the key) has control or not. If validated, the context control_timestamp is * updated. * @param context The context to work in - * @param key The login key to be validated. * @return TRUE if authorized, FALSE if not. */ -bool FCGI_Authorized(FCGIContext *context, const char *key) { +bool FCGI_HasControl(FCGIContext *context) +{ time_t now = time(NULL); - int result = (now - context->login_timestamp) <= LOGIN_TIMEOUT && - !strcmp(context->login_key, key); + int result = (now - context->control_timestamp) <= CONTROL_TIMEOUT && + context->control_key[0] != '\0' && + !strcmp(context->control_key, context->received_key); if (result) { - context->login_timestamp = now; //Update the login_timestamp + context->control_timestamp = now; //Update the control_timestamp } return result; } + +/** + * Revokes the current control key, if present. + * @param context The context to work in + */ +void FCGI_ReleaseControl(FCGIContext *context) +{ + *(context->control_key) = 0; + // Note: context->user_name should *not* be cleared + return; +} + +/** + * Gets the control cookie + * @param buffer A storage buffer of exactly CONTROL_KEY_BUFSIZ length to + store the control key + */ +void FCGI_GetControlCookie(char buffer[CONTROL_KEY_BUFSIZ]) +{ + const char *cookies = getenv("COOKIE_STRING"); + const char *start = strstr(cookies, "mctxkey="); + + *buffer = 0; //Clear the buffer + if (start != NULL) { + int i; + start += 8; //length of mctxkey= + for (i = 0; i < CONTROL_KEY_BUFSIZ; i++) { + if (*start == 0 || *start == ';') { + break; + } + buffer[i] = *start++; + } + buffer[i] = 0; + } +} + +/** + * Sends the control key to the user as a cookie. + * @param context the context to work in + * @param set Whether to set or unset the control cookie + */ +void FCGI_SendControlCookie(FCGIContext *context, bool set) { + if (set) { + printf("Set-Cookie: mctxkey=%s\r\n", context->control_key); + } else { + printf("Set-Cookie: mctxkey=\r\n"); + } +} + /** * Extracts a key/value pair from a request string. * Note that the input is modified by this function. @@ -159,6 +266,101 @@ char *FCGI_KeyPair(char *in, const char **key, const char **value) return ptr; } +/** + * Aids in parsing request parameters. + * Input: The expected keys along with their type and whether or not + * they're required. + * @param context The context to work in + * @param params The parameter string to be parsed + * @param values An array of FCGIValue's that specify expected keys + * @param count The number of elements in 'values'. + * @return true If the parameter string was parsed successfully, false otherwise. + * Modes of failure include: Invalid a parsing error on the value, + * an unknown key is specified, + * a key/value pair is specified more than once, or + * not all required keys were present. + * If this function returns false, it is guaranteed that FCGI_RejectJSON + * has already been called with the appropriate description message. + */ +bool FCGI_ParseRequest(FCGIContext *context, char *params, FCGIValue values[], size_t count) +{ + const char *key, *value; + char buf[BUFSIZ], *ptr; + size_t i; + + while ((params = FCGI_KeyPair(params, &key, &value))) { + for (i = 0; i < count; i++) { + if (!strcmp(key, values[i].key)) { + FCGIValue *val = &values[i]; + + if (FCGI_RECEIVED(val->flags)) { + snprintf(buf, BUFSIZ, "Value already specified for '%s'.", key); + FCGI_RejectJSON(context, buf); + return false; + } + val->flags |= FCGI_PARAM_RECEIVED; + + switch(FCGI_TYPE(val->flags)) { + case FCGI_BOOL_T: + if (!*value) //No value: Default true + *((bool*) val->value) = true; + else { + *((bool*) val->value) = !!(strtol(value, &ptr, 10)); + if (*ptr) { + snprintf(buf, BUFSIZ, "Expected bool for '%s' but got '%s'", key, value); + FCGI_RejectJSON(context, buf); + return false; + } + } + break; + case FCGI_INT_T: case FCGI_LONG_T: { + long parsed = strtol(value, &ptr, 10); + if (!*value || *ptr) { + snprintf(buf, BUFSIZ, "Expected int for '%s' but got '%s'", key, value); + FCGI_RejectJSON(context, buf); + return false; + } + + if (FCGI_TYPE(val->flags) == FCGI_INT_T) + *((int*) val->value) = (int) parsed; + else + *((long*) val->value) = parsed; + } break; + case FCGI_DOUBLE_T: + *((double*) val->value) = strtod(value, &ptr); + if (!*value || *ptr) { + snprintf(buf, BUFSIZ, "Expected float for '%s' but got '%s'", key, value); + FCGI_RejectJSON(context, buf); + return false; + } + break; + case FCGI_STRING_T: + *((const char**) val->value) = value; + break; + default: + Fatal("Invalid type %d given", FCGI_TYPE(val->flags)); + } + break; //No need to search any more + } + } //End for loop + if (i == count) { + snprintf(buf, BUFSIZ, "Unknown key '%s' specified", key); + FCGI_RejectJSON(context, buf); + return false; + } + } + + //Check that required parameters are received + for (i = 0; i < count; i++) { + if (FCGI_IS_REQUIRED(values[i].flags) && !FCGI_RECEIVED(values[i].flags)) { + snprintf(buf, BUFSIZ, "Key '%s' required, but was not given.", values[i].key); + FCGI_RejectJSON(context, buf); + return false; + } + } + return true; +} + /** * Begins a response to the client in JSON format. * @param context The context to work in. @@ -170,13 +372,35 @@ void FCGI_BeginJSON(FCGIContext *context, StatusCodes status_code) printf("{\r\n"); printf("\t\"module\" : \"%s\"", context->current_module); FCGI_JSONLong("status", status_code); + //Time and running statistics + struct timespec now; + clock_gettime(CLOCK_MONOTONIC, &now); + FCGI_JSONDouble("start_time", TIMEVAL_TO_DOUBLE(g_options.start_time)); + FCGI_JSONDouble("current_time", TIMEVAL_TO_DOUBLE(now)); + FCGI_JSONDouble("running_time", TIMEVAL_DIFF(now, g_options.start_time)); + FCGI_JSONPair("control_state", Control_GetModeName()); +} + +/** + * Generic accept response in JSON format. + * @param context The context to work in + * @param description A short description. + */ +void FCGI_AcceptJSON(FCGIContext *context, const char *description) +{ + printf("Content-type: application/json; charset=utf-8\r\n"); + printf("\r\n{\r\n"); + printf("\t\"module\" : \"%s\"", context->current_module); + FCGI_JSONLong("status", STATUS_OK); + FCGI_JSONPair("description", description); + FCGI_EndJSON(); } /** * Adds a key/value pair to a JSON response. The response must have already - * been initiated by FCGI_BeginJSON. Note that characters are not escaped. + * been initiated by FCGI_BeginJSON. Special characters are not escaped. * @param key The key of the JSON entry - * ¶m value The value associated with the key. + * @param value The value associated with the key. */ void FCGI_JSONPair(const char *key, const char *value) { @@ -200,30 +424,27 @@ void FCGI_JSONLong(const char *key, long value) */ void FCGI_JSONDouble(const char *key, double value) { - printf(",\r\n\t\"%s\" : %f", key, value); + printf(",\r\n\t\"%s\" : %.9f", key, value); } /** - * Begins a JSON entry by writing the key. To be used in conjunction - * with FCGI_JsonValue. + * Similar to FCGI_JsonPair except for boolean values. * @param key The key of the JSON entry + * @param value The value associated with the key */ -void FCGI_JSONKey(const char *key) +void FCGI_JSONBool(const char *key, bool value) { - printf(",\r\n\t\"%s\" : ", key); + printf(",\r\n\t\"%s\" : %s", key, value ? "true" : "false"); } /** - * Should be used to write out the value of a JSON key. This has - * the same format as the printf functions. Care should be taken to format - * the output in valid JSON. + * Begins a JSON entry by writing the key. To be used in conjunction + * with FCGI_JsonValue. + * @param key The key of the JSON entry */ -void FCGI_JSONValue(const char *format, ...) +void FCGI_JSONKey(const char *key) { - va_list list; - va_start(list, format); - vprintf(format, list); - va_end(list); + printf(",\r\n\t\"%s\" : ", key); } /** @@ -235,64 +456,218 @@ void FCGI_EndJSON() } /** - * To be used when the input parameters are invalid. - * Sends a response with HTTP status 400 Bad request, along with - * JSON data for debugging. + * To be used when the input parameters are rejected. The return data + * will also have debugging information provided. * @param context The context to work in - * @param params The parameters that the module handler received. + * @param status The status the return data should have. + * @param description A short description of why the input was rejected. */ -void FCGI_RejectJSON(FCGIContext *context) +void FCGI_RejectJSONEx(FCGIContext *context, StatusCodes status, const char *description) { - printf("Status: 400 Bad Request\r\n"); + if (description == NULL) + description = "Unknown"; - FCGI_BeginJSON(context, STATUS_ERROR); - FCGI_JSONPair("description", "Invalid request"); + Log(LOGINFO, "%s: Rejected query with: %d: %s", context->current_module, status, description); + FCGI_BeginJSON(context, status); + FCGI_JSONPair("description", description); FCGI_JSONLong("responsenumber", context->response_number); - FCGI_JSONPair("params", getenv("DOCUMENT_URI_LOCAL")); + //FCGI_JSONPair("params", getenv("QUERY_STRING")); //A bad idea if contains password but also if contains unescaped stuff FCGI_JSONPair("host", getenv("SERVER_HOSTNAME")); FCGI_JSONPair("user", getenv("REMOTE_USER")); FCGI_JSONPair("ip", getenv("REMOTE_ADDR")); FCGI_EndJSON(); } +/** + * Generates a response to the client as described by the format parameter and + * extra arguments (exactly like printf). To be used when none of the other + * predefined functions will work exactly as needed. Extra care should be taken + * to ensure the correctness of the output. + * @param format The format string + * @param ... Any extra arguments as required by the format string. + */ +void FCGI_PrintRaw(const char *format, ...) +{ + va_list list; + va_start(list, format); + vprintf(format, list); + va_end(list); +} + + +/** + * Write binary data + * See fwrite + */ +void FCGI_WriteBinary(void * data, size_t size, size_t num_elem) +{ + Log(LOGDEBUG,"Writing!"); + fwrite(data, size, num_elem, stdout); +} + +/** + * Escapes a string so it can be used safely. + * Currently escapes to ensure the validity for use as a JSON string + * Does not support unicode specifiers in the form of \\uXXXX. + * @param buf The string to be escaped + * @return The escaped string (return value == buf) + */ +char *FCGI_EscapeText(char *buf) +{ + int length, i; + length = strlen(buf); + + //Escape special characters. Must count down to escape properly + for (i = length - 1; i >= 0; i--) { + if (buf[i] < 0x20) { //Control characters + buf[i] = ' '; + } else if (buf[i] == '"') { + if (i-1 >= 0 && buf[i-1] == '\\') + i--; + else + buf[i] = '\''; + } else if (buf[i] == '\\') { + if (i-1 >= 0 && buf[i-1] == '\'') + i--; + else + buf[i] = ' '; + } + } + return buf; +} + +/** + * Unescapes a URL encoded string in-place. The string + * must be NULL terminated. + * (e.g this%2d+string --> this- string) + * @param buf The buffer to decode. Will be modified in-place. + * @return The same buffer. + */ +char *FCGI_URLDecode(char *buf) +{ + char *head = buf, *tail = buf; + char val, hex[3] = {0}; + + while (*tail) { + if (*tail == '%') { //%hh hex to char + tail++; + if (isxdigit(*tail) && isxdigit(*(tail+1))) { + hex[0] = *tail++; + hex[1] = *tail++; + val = (char)strtol(hex, NULL, 16); + //Control codes --> Space character + *head++ = (val < 0x20) ? 0x20 : val; + } else { //Not valid format; keep original + head++; + } + } else if (*tail == '+') { //Plus to space + tail++; + *head++ = ' '; + } else { //Anything else + *head++ = *tail++; + } + } + *head = 0; //NULL-terminate at new end point + + return buf; +} + /** * Main FCGI request loop that receives/responds to client requests. * @param data Reserved. + * @returns NULL (void* required for consistency with pthreads, although at the moment this runs in the main thread anyway) + * TODO: Get this to exit with the rest of the program! */ -void FCGI_RequestLoop (void *data) +void * FCGI_RequestLoop (void *data) { FCGIContext context = {0}; + Log(LOGDEBUG, "Start loop"); while (FCGI_Accept() >= 0) { + ModuleHandler module_handler = NULL; char module[BUFSIZ], params[BUFSIZ]; //strncpy doesn't zero-truncate properly snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL")); + + //Get the GET query string snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING")); + //URL decode the parameters + FCGI_URLDecode(params); + + FCGI_GetControlCookie(context.received_key); + Log(LOGDEBUG, "Got request #%d - Module %s, params %s", context.response_number, module, params); + Log(LOGDEBUG, "Control key: %s", context.received_key); + //Remove trailing slashes (if present) from module query size_t lastchar = strlen(module) - 1; if (lastchar > 0 && module[lastchar] == '/') module[lastchar] = 0; - - if (!strcmp("login", module)) { - module_handler = LoginHandler; + //Default to the 'identify' module if none specified + if (!*module) + strcpy(module, "identify"); + + if (!strcmp("identify", module)) { + module_handler = IdentifyHandler; + } else if (!strcmp("control", module)) { + module_handler = Control_Handler; } else if (!strcmp("sensors", module)) { module_handler = Sensor_Handler; } else if (!strcmp("actuators", module)) { - module_handler = ActuatorHandler; + module_handler = Actuator_Handler; + } else if (!strcmp("image", module)) { + module_handler = Image_Handler; + } else if (!strcmp("pin", module)) { + module_handler = Pin_Handler; // *Debug only* pin test module + } else if (!strcmp("bind", module)) { + module_handler = Login_Handler; + } else if (!strcmp("unbind", module)) { + module_handler = Logout_Handler; } context.current_module = module; + context.response_number++; + if (module_handler) { + if (module_handler == IdentifyHandler) { + FCGI_EscapeText(params); + } else if (module_handler != Login_Handler) { + if (!FCGI_HasControl(&context)) + { + if (g_options.auth_method == AUTH_NONE) { //:( + Log(LOGWARN, "Locking control (no auth!)"); + FCGI_LockControl(&context, NOAUTH_USERNAME, USER_ADMIN); + FCGI_SendControlCookie(&context, true); + } + else { + FCGI_RejectJSON(&context, "Please login. Invalid control key."); + continue; + } + } + + //Escape all special characters. + //Don't escape for login (password may have special chars?) + FCGI_EscapeText(params); + } else { //Only for Login handler. + //If GET data is empty, use POST instead. + if (*params == '\0') { + Log(LOGDEBUG, "Using POST!"); + fgets(params, BUFSIZ, stdin); + FCGI_URLDecode(params); + } + } + module_handler(&context, params); - } else { - strncat(module, " [unknown]", BUFSIZ); - FCGI_RejectJSON(&context); + } + else { + FCGI_RejectJSON(&context, "Unhandled module"); } - - context.response_number++; } + + Log(LOGDEBUG, "Thread exiting."); + // NOTE: Don't call pthread_exit, because this runs in the main thread. Just return. + return NULL; }