X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=server%2Ffastcgi.c;h=bddac21383a1e4df1da6ecfb95d92afdb459f7a9;hb=0f827545e0eb6846608da4aaf4dc8047478070a4;hp=6eff2df78871c55dbb9edab9d81c1c9a19286610;hpb=e14a8636e0f9b4f097ee053367776efd977e7c92;p=matches%2FMCTX3420.git diff --git a/server/fastcgi.c b/server/fastcgi.c index 6eff2df..bddac21 100644 --- a/server/fastcgi.c +++ b/server/fastcgi.c @@ -1,6 +1,6 @@ /** * @file fastcgi.c - * @purpose Runs the FCGI request loop to handle web interface requests. + * @brief Runs the FCGI request loop to handle web interface requests. * * fcgi_stdio.h must be included before all else so the stdio function * redirection works ok. @@ -15,13 +15,15 @@ #include "control.h" #include "options.h" -#define LOGIN_TIMEOUT 180 +/**The time period (in seconds) before the control key expires @ */ +#define CONTROL_TIMEOUT 180 +/**Contextual information related to FCGI requests*/ struct FCGIContext { - /**The time of last valid logged-in user access*/ - time_t login_timestamp; - char login_key[41]; - char login_ip[16]; + /**The time of last valid user access possessing the control key*/ + time_t control_timestamp; + char control_key[41]; + char control_ip[16]; /**The name of the current module**/ const char *current_module; /**For debugging purposes?**/ @@ -40,7 +42,7 @@ static void IdentifyHandler(FCGIContext *context, char *params) { } /** - * Gives the user an authorization key that determines who has control over + * Gives the user a key that determines who has control over * the system at any one time. The key can be forcibly generated, revoking * any previous control keys. To be used in conjunction with HTTP * basic authentication. @@ -48,11 +50,11 @@ static void IdentifyHandler(FCGIContext *context, char *params) { * @param context The context to work in * @param force Whether to force key generation or not. */ -void FCGI_Authorize(FCGIContext *context, bool force) { +void FCGI_BeginControl(FCGIContext *context, bool force) { time_t now = time(NULL); - bool expired = now - context->login_timestamp > LOGIN_TIMEOUT; + bool expired = now - context->control_timestamp > CONTROL_TIMEOUT; - if (force || !*(context->login_key) || expired) { + if (force || !*(context->control_key) || expired) { SHA_CTX sha1ctx; unsigned char sha1[20]; int i = rand(); @@ -62,54 +64,55 @@ void FCGI_Authorize(FCGIContext *context, bool force) { SHA1_Update(&sha1ctx, &i, sizeof(i)); SHA1_Final(sha1, &sha1ctx); - context->login_timestamp = now; + context->control_timestamp = now; for (i = 0; i < 20; i++) - sprintf(context->login_key + i * 2, "%02x", sha1[i]); - snprintf(context->login_ip, 16, "%s", getenv("REMOTE_ADDR")); + sprintf(context->control_key + i * 2, "%02x", sha1[i]); + snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR")); FCGI_BeginJSON(context, STATUS_OK); - FCGI_JSONPair("key", context->login_key); + FCGI_JSONPair("key", context->control_key); FCGI_EndJSON(); } else { char buf[128]; strftime(buf, 128, "%H:%M:%S %d-%m-%Y", - localtime(&(context->login_timestamp))); + localtime(&(context->control_timestamp))); FCGI_BeginJSON(context, STATUS_UNAUTHORIZED); - FCGI_JSONPair("description", "Already logged in"); - FCGI_JSONPair("current_user", context->login_ip); + FCGI_JSONPair("description", "Another user already has control"); + FCGI_JSONPair("current_user", context->control_ip); FCGI_JSONPair("when", buf); FCGI_EndJSON(); } } -/** - * Revokes the current authorization key, if present. - * @param context The context to work in - */ -void FCGI_AuthorizeEnd(FCGIContext *context) { - *(context->login_key) = 0; - FCGI_BeginJSON(context, STATUS_OK); - FCGI_EndJSON(); - return; -} - /** * Given an FCGIContext, determines if the current user (as specified by - * the key) is authorized or not. If validated, the context login_timestamp is + * the key) has control or not. If validated, the context control_timestamp is * updated. * @param context The context to work in - * @param key The login key to be validated. + * @param key The control key to be validated. * @return TRUE if authorized, FALSE if not. */ -bool FCGI_Authorized(FCGIContext *context, const char *key) { +bool FCGI_HasControl(FCGIContext *context, const char *key) { time_t now = time(NULL); - int result = (now - context->login_timestamp) <= LOGIN_TIMEOUT && - key != NULL && !strcmp(context->login_key, key); + int result = (now - context->control_timestamp) <= CONTROL_TIMEOUT && + key != NULL && !strcmp(context->control_key, key); if (result) { - context->login_timestamp = now; //Update the login_timestamp + context->control_timestamp = now; //Update the control_timestamp } return result; } + +/** + * Revokes the current control key, if present. + * @param context The context to work in + */ +void FCGI_EndControl(FCGIContext *context) { + *(context->control_key) = 0; + FCGI_BeginJSON(context, STATUS_OK); + FCGI_EndJSON(); + return; +} + /** * Extracts a key/value pair from a request string. * Note that the input is modified by this function. @@ -176,7 +179,7 @@ void FCGI_BeginJSON(FCGIContext *context, StatusCodes status_code) * Adds a key/value pair to a JSON response. The response must have already * been initiated by FCGI_BeginJSON. Note that characters are not escaped. * @param key The key of the JSON entry - * ¶m value The value associated with the key. + * @param value The value associated with the key. */ void FCGI_JSONPair(const char *key, const char *value) { @@ -224,39 +227,38 @@ void FCGI_JSONKey(const char *key) } /** - * Should be used to write out the value of a JSON key. This has - * the same format as the printf functions. Care should be taken to format - * the output in valid JSON. + * Ends a JSON response that was initiated by FCGI_BeginJSON. */ -void FCGI_JSONValue(const char *format, ...) +void FCGI_EndJSON() { - va_list list; - va_start(list, format); - vprintf(format, list); - va_end(list); + printf("\r\n}\r\n"); } /** - * Ends a JSON response that was initiated by FCGI_BeginJSON. + * To be used when the input parameters are invalid. The return data will + * have a status of STATUS_ERROR, along with other debugging information. + * @param context The context to work in */ -void FCGI_EndJSON() +void FCGI_RejectJSON(FCGIContext *context) { - printf("\r\n}\r\n"); + FCGI_RejectJSONEx(context, STATUS_ERROR, "Invalid request"); } /** - * To be used when the input parameters are invalid. - * Sends a response with HTTP status 400 Bad request, along with - * JSON data for debugging. + * To be used when the input parameters are rejected. The return data + * will also have debugging information provided. * @param context The context to work in - * @param params The parameters that the module handler received. + * @param status The status the return data should have. + * @param description A short description of why the input was rejected. */ -void FCGI_RejectJSON(FCGIContext *context) +void FCGI_RejectJSONEx(FCGIContext *context, StatusCodes status, const char *description) { - printf("Status: 400 Bad Request\r\n"); + if (description == NULL) + description = "Unknown"; - FCGI_BeginJSON(context, STATUS_ERROR); - FCGI_JSONPair("description", "Invalid request"); + Log(LOGINFO, "%s: Rejected query with: %d: %s", context->current_module, status, description); + FCGI_BeginJSON(context, status); + FCGI_JSONPair("description", description); FCGI_JSONLong("responsenumber", context->response_number); FCGI_JSONPair("params", getenv("QUERY_STRING")); FCGI_JSONPair("host", getenv("SERVER_HOSTNAME")); @@ -265,6 +267,22 @@ void FCGI_RejectJSON(FCGIContext *context) FCGI_EndJSON(); } +/** + * Generates a response to the client as described by the format parameter and + * extra arguments (exactly like printf). To be used when none of the other + * predefined functions will work exactly as needed. Extra care should be taken + * to ensure the correctness of the output. + * @param format The format string + * @param ... Any extra arguments as required by the format string. + */ +void FCGI_PrintRaw(const char *format, ...) +{ + va_list list; + va_start(list, format); + vprintf(format, list); + va_end(list); +} + /** * Main FCGI request loop that receives/responds to client requests. * @param data Reserved. @@ -326,6 +344,4 @@ void * FCGI_RequestLoop (void *data) Thread_QuitProgram(false); // NOTE: Don't call pthread_exit, because this runs in the main thread. Just return. return NULL; - - }