Added optional URL filtering code to the CFS web server contributed by Kajtar Zsolt (and activated it by default).

This commit is contained in:
oliverschmidt 2010-04-11 19:18:47 +00:00
parent 62e6882946
commit eae42d02d5
4 changed files with 188 additions and 2 deletions

View file

@ -30,7 +30,7 @@
* *
* Author: Adam Dunkels <adam@sics.se> * Author: Adam Dunkels <adam@sics.se>
* *
* $Id: httpd-cfs.c,v 1.20 2010/04/11 15:19:34 oliverschmidt Exp $ * $Id: httpd-cfs.c,v 1.21 2010/04/11 19:18:47 oliverschmidt Exp $
*/ */
#include <stdio.h> #include <stdio.h>
@ -45,6 +45,7 @@ int snprintf(char *str, size_t size, const char *format, ...);
#include "cfs/cfs.h" #include "cfs/cfs.h"
#include "lib/petsciiconv.h" #include "lib/petsciiconv.h"
#include "http-strings.h" #include "http-strings.h"
#include "urlconv.h"
#include "httpd-cfs.h" #include "httpd-cfs.h"
@ -54,6 +55,12 @@ int snprintf(char *str, size_t size, const char *format, ...);
#define CONNS WEBSERVER_CONF_CFS_CONNS #define CONNS WEBSERVER_CONF_CFS_CONNS
#endif /* WEBSERVER_CONF_CFS_CONNS */ #endif /* WEBSERVER_CONF_CFS_CONNS */
#ifndef WEBSERVER_CONF_CFS_URLCONV
#define URLCONV 1
#else /* WEBSERVER_CONF_CFS_URLCONV */
#define URLCONV WEBSERVER_CONF_CFS_URLCONV
#endif /* WEBSERVER_CONF_CFS_URLCONV */
#define STATE_WAITING 0 #define STATE_WAITING 0
#define STATE_OUTPUT 1 #define STATE_OUTPUT 1
@ -174,12 +181,17 @@ PT_THREAD(handle_input(struct httpd_state *s))
PSOCK_CLOSE_EXIT(&s->sin); PSOCK_CLOSE_EXIT(&s->sin);
} }
#if URLCONV
s->inputbuf[PSOCK_DATALEN(&s->sin) - 1] = 0;
urlconv_tofilename(s->filename, s->inputbuf, sizeof(s->filename));
#else /* URLCONV */
if(s->inputbuf[1] == ISO_space) { if(s->inputbuf[1] == ISO_space) {
strncpy(s->filename, http_index_html, sizeof(s->filename)); strncpy(s->filename, http_index_html, sizeof(s->filename));
} else { } else {
s->inputbuf[PSOCK_DATALEN(&s->sin) - 1] = 0; s->inputbuf[PSOCK_DATALEN(&s->sin) - 1] = 0;
strncpy(s->filename, s->inputbuf, sizeof(s->filename)); strncpy(s->filename, s->inputbuf, sizeof(s->filename));
} }
#endif /* URLCONV */
petsciiconv_topetscii(s->filename, sizeof(s->filename)); petsciiconv_topetscii(s->filename, sizeof(s->filename));
webserver_log_file(&uip_conn->ripaddr, s->filename); webserver_log_file(&uip_conn->ripaddr, s->filename);

134
apps/webserver/urlconv.c Normal file
View file

@ -0,0 +1,134 @@
/*
* Copyright (c) 2010, Kajtar Zsolt <soci@c64.rulez.org>.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* This file is part of the Contiki operating system.
*
* Author: Kajtar Zsolt <soci@c64.rulez.org>
*
* $Id: urlconv.c,v 1.1 2010/04/11 19:18:47 oliverschmidt Exp $
*/
#include <string.h>
#include "http-strings.h"
#define ISO_number 0x23
#define ISO_percent 0x25
#define ISO_period 0x2e
#define ISO_slash 0x2f
#define ISO_question 0x3f
/*---------------------------------------------------------------------------*/
/* URL to filename conversion
*
* normalizes path by removing "/./"
* interprets "/../" and calculates path accordingly
* resulting path is always absolute
* replaces "%AB" notation with characters
* strips "#fragment" and "?query" from end
* replaces multiple slashes with a single one
* rejects non-ASCII characters
*
* MAXLEN is including trailing zero!
* input and output is ASCII
*/
void
urlconv_tofilename(char *dest, char *source, unsigned char maxlen)
{
static unsigned char len;
static unsigned char c, hex1;
static unsigned char *from, *to;
len = 0;
from = source; to = dest;
*to = ISO_slash;
maxlen -= 2;
do {
c = *(from++);
switch(c) {
case ISO_number:
case ISO_question:
c = 0;
break;
case ISO_percent:
c = 0;
hex1 = (*(from++) | 0x20) ^ 0x30; // ascii only!
if(hex1 > 0x50 && hex1 < 0x57)
hex1 -= 0x47;
else
if(hex1 > 9)
break; // invalid hex
c = (*(from++) | 0x20) ^ 0x30; // ascii only!
if(c > 0x50 && c < 0x57)
c -= 0x47;
else
if(c > 9)
break; // invalid hex
c |= hex1 << 4;
}
if(c < 0x20 || c > 0x7e)
c = 0; // non ascii?!
if(len >= maxlen)
c = 0; // too long?
if(c == ISO_slash || !c) {
switch(*to) {
case ISO_slash:
continue; // no repeated slash
case ISO_period:
switch(to[-1]) {
case ISO_slash: // handle "./"
--to; --len;
continue;
case ISO_period:
if(to[-2] == ISO_slash) {
to -= 2; len -= 2;
if(len) {
do {
--to; --len;
} while(*to != ISO_slash);
}
continue;
}
}
}
}
if(c) {
++to; ++len;
*to = c;
}
} while(c);
if(*to == ISO_slash && (len + sizeof(http_index_html) - 3) < maxlen) {
strcpy(to, http_index_html); // add index.html
} else {
++to;
*to = 0;
}
}
/*---------------------------------------------------------------------------*/

40
apps/webserver/urlconv.h Normal file
View file

@ -0,0 +1,40 @@
/*
* Copyright (c) 2010, Kajtar Zsolt <soci@c64.rulez.org>.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* This file is part of the Contiki operating system.
*
* $Id: urlconv.h,v 1.1 2010/04/11 19:18:47 oliverschmidt Exp $
*
*/
#ifndef __URLCONV_H__
#define __URLCONV_H__
void urlconv_tofilename(char *dest, char *source, unsigned char maxlen);
#endif /* __URLCONV_H__ */

View file

@ -12,7 +12,7 @@ APPS = webserver
ifeq ($(HTTPD-CFS),1) ifeq ($(HTTPD-CFS),1)
override webserver_src = webserver-nogui.c http-strings.c psock.c memb.c \ override webserver_src = webserver-nogui.c http-strings.c psock.c memb.c \
httpd-cfs.c httpd-cfs.c urlconv.c
endif endif
CONTIKI = ../.. CONTIKI = ../..