X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=testing%2Ffastcgi-approach%2Ffastcgi.c;h=363857aeb0e26fcbf050f2c67e14716e9e17ebd1;hb=a42af4ebe7c8ec36bd68a31cba1e6af7c514d203;hp=8ade3f2958c3a83c1506511c5fdd342b341156a9;hpb=d75166147014e75d49f066983740e42902a38e90;p=matches%2FMCTX3420.git diff --git a/testing/fastcgi-approach/fastcgi.c b/testing/fastcgi-approach/fastcgi.c index 8ade3f2..363857a 100644 --- a/testing/fastcgi-approach/fastcgi.c +++ b/testing/fastcgi-approach/fastcgi.c @@ -1,26 +1,103 @@ /** * @file fastcgi.c * @purpose Runs the FCGI request loop to handle web interface requests. - * - * should not be included, because these functions are handled by - * fcgi_stdio.h. If included, it must be included after fcgi_stdio.h. + * + * fcgi_stdio.h must be included before all else so the stdio function + * redirection works ok. */ - + #include -#include -#include +#include +#include "fastcgi.h" +#include "common.h" +#include -/* - But the suggestion was: FunctionName, variable_name (local or member), - Structure, ENUMVALUE, Extern_FunctionName, g_global -*/ +#define LOGIN_TIMEOUT 180 -//Replace with whatever holds the 'data' -typedef struct Data Data; -enum {RESPONSE_OK = 200, RESPONSE_BADREQUEST = 400, - RESPONSE_UNAUTHORIZED = 401}; -typedef void (*ModuleHandler) (Data *data, char *params); +struct FCGIContext { + /**The time of last valid logged-in user access*/ + time_t login_timestamp; + char login_key[41]; + char login_ip[16]; + /**The name of the current module**/ + const char *current_module; + /**For debugging purposes?**/ + int response_number; +}; + +/** + * Handles user logins. + * @param context The context to work in + * @param params User specified parameters + */ +static void LoginHandler(FCGIContext *context, char *params) { + const char *key, *value; + bool force = 0, end = 0; + + while ((params = FCGI_KeyPair(params, &key, &value))) { + if (!strcmp(key, "force")) + force = !force; + else if (!strcmp(key, "end")) + end = !end; + } + + if (end) { + *(context->login_key) = 0; + FCGI_BeginJSON(context, STATUS_OK); + FCGI_EndJSON(); + return; + } + + time_t now = time(NULL); + if (force || !*(context->login_key) || + (now - context->login_timestamp > LOGIN_TIMEOUT)) + { + SHA_CTX sha1ctx; + unsigned char sha1[20]; + int i = rand(); + + SHA1_Init(&sha1ctx); + SHA1_Update(&sha1ctx, &now, sizeof(now)); + SHA1_Update(&sha1ctx, &i, sizeof(i)); + SHA1_Final(sha1, &sha1ctx); + + context->login_timestamp = now; + for (i = 0; i < 20; i++) + sprintf(context->login_key + i * 2, "%02x", sha1[i]); + snprintf(context->login_ip, 16, "%s", getenv("REMOTE_ADDR")); + FCGI_BeginJSON(context, STATUS_OK); + FCGI_JSONPair("key", context->login_key); + FCGI_EndJSON(); + } else { + char buf[128]; + strftime(buf, 128, "%H:%M:%S %d-%m-%Y", + localtime(&(context->login_timestamp))); + FCGI_BeginJSON(context, STATUS_UNAUTHORIZED); + FCGI_JSONPair("description", "Already logged in"); + FCGI_JSONPair("user", context->login_ip); + FCGI_JSONPair("time", buf); + FCGI_EndJSON(); + } +} + +/** + * Given an FCGIContext, determines if the current user (as specified by + * the key) is authorized or not. If validated, the context login_timestamp is + * updated. + * @param context The context to work in + * @param key The login key to be validated. + * @return TRUE if authorized, FALSE if not. + */ +int FCGI_Authorized(FCGIContext *context, const char *key) { + time_t now = time(NULL); + int result = (now - context->login_timestamp) <= LOGIN_TIMEOUT && + !strcmp(context->login_key, key); + if (result) { + context->login_timestamp = now; //Update the login_timestamp + } + return result; +} /** * Extracts a key/value pair from a request string. @@ -31,67 +108,141 @@ typedef void (*ModuleHandler) (Data *data, char *params); * @return A pointer to the start of the next search location, or NULL if * the EOL is reached. */ -static char *KeyPair(char *in, const char **key, const char **value) { - char *next, *split; +char *FCGI_KeyPair(char *in, const char **key, const char **value) +{ + char *ptr; if (!in || !*in) { //Invalid input or string is EOL return NULL; } *key = in; - //Must be first so value will be empty if it's not specified - if ((next = strchr(in, '&'))) { - *next++ = 0; - } else { //Don't return NULL as current pair needs to be returned - next = ""; - } - if ((split = strchr(in, '='))) { - *split++ = 0; - *value = split; - return next; + //Find either = or &, whichever comes first + if ((ptr = strpbrk(in, "=&"))) { + if (*ptr == '&') { //No value specified + *value = ptr; + *ptr++ = 0; + } else { + //Stopped at an '=' sign + *ptr++ = 0; + *value = ptr; + if ((ptr = strchr(ptr,'&'))) { + *ptr++ = 0; + } else { + ptr = ""; + } + } + } else { //No value specified and no other pair + ptr = ""; + *value = ptr; } - //Split was not found, set to default value - *value = ""; - return next; + return ptr; } -static void BeginResponse(int response_code, const char *module) { - switch (response_code) { - case RESPONSE_OK: - break; - case RESPONSE_UNAUTHORIZED: - printf("Status: 401 Unauthorized\r\n"); - break; - default: - printf("Status: 400 Bad Request\r\n"); - } +/** + * Begins a response to the client in JSON format. + * @param context The context to work in. + * @param status_code The status code to be returned. + */ +void FCGI_BeginJSON(FCGIContext *context, StatusCodes status_code) +{ printf("Content-type: application/json; charset=utf-8\r\n\r\n"); printf("{\r\n"); - printf("\t\"module\" : \"%s\"", module); + printf("\t\"module\" : \"%s\"", context->current_module); + FCGI_JSONLong("status", status_code); } -static void BuildResponse(const char *key, const char *value) { +/** + * Adds a key/value pair to a JSON response. The response must have already + * been initiated by FCGI_BeginJSON. Note that characters are not escaped. + * @param key The key of the JSON entry + * ¶m value The value associated with the key. + */ +void FCGI_JSONPair(const char *key, const char *value) +{ printf(",\r\n\t\"%s\" : \"%s\"", key, value); } -static void EndResponse() { +/** + * Similar to FCGI_JSONPair except for signed integer values. + * @param key The key of the JSON entry + * @param value The value associated with the key + */ +void FCGI_JSONLong(const char *key, long value) +{ + printf(",\r\n\t\"%s\" : %ld", key, value); +} + +/** + * Similar to FCGI_JsonPair except for floating point values. + * @param key The key of the JSON entry + * @param value The value associated with the key + */ +void FCGI_JSONDouble(const char *key, double value) +{ + printf(",\r\n\t\"%s\" : %f", key, value); +} + +/** + * Begins a JSON entry by writing the key. To be used in conjunction + * with FCGI_JsonValue. + * @param key The key of the JSON entry + */ +void FCGI_JSONKey(const char *key) +{ + printf(",\r\n\t\"%s\" : ", key); +} + +/** + * Should be used to write out the value of a JSON key. This has + * the same format as the printf functions. Care should be taken to format + * the output in valid JSON. + */ +void FCGI_JSONValue(const char *format, ...) +{ + va_list list; + va_start(list, format); + vprintf(format, list); + va_end(list); +} + +/** + * Ends a JSON response that was initiated by FCGI_BeginJSON. + */ +void FCGI_EndJSON() +{ printf("\r\n}\r\n"); } -static void SensorsHandler(Data *data, char *params) { - const char *key, *value; - BeginResponse(RESPONSE_OK, "sensors"); - - while ((params = KeyPair(params, &key, &value))) { - BuildResponse(key, value); - } - EndResponse(); +/** + * To be used when the input parameters are invalid. + * Sends a response with HTTP status 400 Bad request, along with + * JSON data for debugging. + * @param context The context to work in + * @param params The parameters that the module handler received. + */ +void FCGI_RejectJSON(FCGIContext *context, const char *params) +{ + printf("Status: 400 Bad Request\r\n"); + FCGI_BeginJSON(context, STATUS_ERROR); + FCGI_JSONPair("description", "Invalid request"); + FCGI_JSONLong("responsenumber", context->response_number); + FCGI_JSONPair("params", params); + FCGI_JSONPair("host", getenv("SERVER_HOSTNAME")); + FCGI_JSONPair("user", getenv("REMOTE_USER")); + FCGI_JSONPair("ip", getenv("REMOTE_ADDR")); + FCGI_EndJSON(); } -void FCGI_RequestLoop (Data *data) +/** + * Main FCGI request loop that receives/responds to client requests. + * @param data Reserved. + */ +void FCGI_RequestLoop (void *data) { - int count = 0; - while (FCGI_Accept() >= 0) { + FCGIContext context = {0}; + + while (FCGI_Accept() >= 0) { ModuleHandler module_handler = NULL; char module[BUFSIZ], params[BUFSIZ]; @@ -102,37 +253,25 @@ void FCGI_RequestLoop (Data *data) //Remove trailing slashes (if present) from module query size_t lastchar = strlen(module) - 1; if (lastchar > 0 && module[lastchar] == '/') - module[lastchar] = '\0'; + module[lastchar] = 0; if (!strcmp("sensors", module)) { - module_handler = SensorsHandler; - } else if (!strcmp("admin", module)) { - //module_handler = AdminHandlerReplace with pointer to admin handler + module_handler = Handler_Sensors; + } else if (!strcmp("login", module)) { + module_handler = LoginHandler; + } else if (!strcmp("actuators", module)) { + } + context.current_module = module; if (module_handler) { - module_handler(data, params); + module_handler(&context, params); } else { - char buf[BUFSIZ]; - - BeginResponse(400, module); - BuildResponse("description", "400 Invalid response"); - snprintf(buf, BUFSIZ, "%d", count); - BuildResponse("request-number", buf); - BuildResponse("params", params); - BuildResponse("host", getenv("SERVER_HOSTNAME")); - EndResponse(); + strncat(module, " [unknown]", BUFSIZ); + FCGI_RejectJSON(&context, params); } - - count++; - //Debgging: - //printf("Module: %s, Params: %s
\n", module, params); - //printf("Request number %d, host %s\n", - // count++, getenv("SERVER_HOSTNAME")); + + context.response_number++; } } - -int main(int argc, char *argv[]) { - FCGI_RequestLoop(NULL); -}