hebinlong
/
aria2


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424
							/* <!-- copyright */
/*
 * aria2 - The high speed download utility
 *
 * Copyright (C) 2009 Tatsuhiro Tsujikawa
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 *
 * In addition, as a special exception, the copyright holders give
 * permission to link the code of portions of this program with the
 * OpenSSL library under certain conditions as described in each
 * individual source file, and distribute linked combinations
 * including the two.
 * You must obey the GNU General Public License in all respects
 * for all of the code used other than OpenSSL.  If you modify
 * file(s) with this exception, you may extend this exception to your
 * version of the file(s), but you are not obligated to do so.  If you
 * do not wish to do so, delete this exception statement from your
 * version.  If you delete this exception statement from all source
 * files in the program, then also delete it here.
 */
/* copyright --> */
#include "HttpServer.h"

#include <sstream>

#include "HttpHeader.h"
#include "SocketCore.h"
#include "HttpHeaderProcessor.h"
#include "DlAbortEx.h"
#include "message.h"
#include "util.h"
#include "util_security.h"
#include "LogFactory.h"
#include "Logger.h"
#include "base64.h"
#include "a2functional.h"
#include "fmt.h"
#include "SocketRecvBuffer.h"
#include "TimeA2.h"
#include "array_fun.h"
#include "JsonDiskWriter.h"
#ifdef ENABLE_XML_RPC
#  include "XmlRpcDiskWriter.h"
#endif // ENABLE_XML_RPC

namespace aria2 {

std::unique_ptr<util::security::HMAC> HttpServer::hmac_;

HttpServer::HttpServer(const std::shared_ptr<SocketCore>& socket)
 : socket_(socket),
   socketRecvBuffer_(std::make_shared<SocketRecvBuffer>(socket_)),
   socketBuffer_(socket),
   headerProcessor_(make_unique<HttpHeaderProcessor>
                    (HttpHeaderProcessor::SERVER_PARSER)),
   lastContentLength_(0),
   bodyConsumed_(0),
   reqType_(RPC_TYPE_NONE),
   keepAlive_(true),
   gzip_(false),
   acceptsGZip_(false),
   secure_(false)
{}

HttpServer::~HttpServer() {}

namespace {
const char* getStatusString(int status)
{
  switch(status) {
  case 100: return "100 Continue";
  case 101: return "101 Switching Protocols";
  case 200: return "200 OK";
  case 201: return "201 Created";
  case 202: return "202 Accepted";
  case 203: return "203 Non-Authoritative Information";
  case 204: return "204 No Content";
  case 205: return "205 Reset Content";
  case 206: return "206 Partial Content";
  case 300: return "300 Multiple Choices";
  case 301: return "301 Moved Permanently";
  case 302: return "302 Found";
  case 303: return "303 See Other";
  case 304: return "304 Not Modified";
  case 305: return "305 Use Proxy";
    // case 306: return "306 (Unused)";
  case 307: return "307 Temporary Redirect";
  case 400: return "400 Bad Request";
  case 401: return "401 Unauthorized";
  case 402: return "402 Payment Required";
  case 403: return "403 Forbidden";
  case 404: return "404 Not Found";
  case 405: return "405 Method Not Allowed";
  case 406: return "406 Not Acceptable";
  case 407: return "407 Proxy Authentication Required";
  case 408: return "408 Request Timeout";
  case 409: return "409 Conflict";
  case 410: return "410 Gone";
  case 411: return "411 Length Required";
  case 412: return "412 Precondition Failed";
  case 413: return "413 Request Entity Too Large";
  case 414: return "414 Request-URI Too Long";
  case 415: return "415 Unsupported Media Type";
  case 416: return "416 Requested Range Not Satisfiable";
  case 417: return "417 Expectation Failed";
    // RFC 2817 defines 426 status code.
  case 426: return "426 Upgrade Required";
  case 500: return "500 Internal Server Error";
  case 501: return "501 Not Implemented";
  case 502: return "502 Bad Gateway";
  case 503: return "503 Service Unavailable";
  case 504: return "504 Gateway Timeout";
  case 505: return "505 HTTP Version Not Supported";
  default: return "";
  }
}
} // namespace

bool HttpServer::receiveRequest()
{
  if(socketRecvBuffer_->bufferEmpty()) {
    if(socketRecvBuffer_->recv() == 0 &&
       !socket_->wantRead() && !socket_->wantWrite()) {
      throw DL_ABORT_EX(EX_EOF_FROM_PEER);
    }
  }
  if(headerProcessor_->parse(socketRecvBuffer_->getBuffer(),
                             socketRecvBuffer_->getBufferLength())) {
    lastRequestHeader_ = headerProcessor_->getResult();
    A2_LOG_INFO(fmt("HTTP Server received request\n%s",
                    headerProcessor_->getHeaderString().c_str()));
    socketRecvBuffer_->drain(headerProcessor_->getLastBytesProcessed());
    bodyConsumed_ = 0;
    if(setupResponseRecv() < 0) {
      A2_LOG_INFO("Request path is invaild. Ignore the request body.");
    }
    const std::string& contentLengthHdr = lastRequestHeader_->
      find(HttpHeader::CONTENT_LENGTH);
    if(!contentLengthHdr.empty()) {
      if(!util::parseLLIntNoThrow(lastContentLength_, contentLengthHdr) ||
         lastContentLength_ < 0) {
        throw DL_ABORT_EX(fmt("Invalid Content-Length=%s",
                              contentLengthHdr.c_str()));
      }
    } else {
      lastContentLength_ = 0;
    }
    headerProcessor_->clear();

    std::vector<Scip> acceptEncodings;
    const std::string& acceptEnc =
      lastRequestHeader_->find(HttpHeader::ACCEPT_ENCODING);
    util::splitIter(acceptEnc.begin(), acceptEnc.end(),
                    std::back_inserter(acceptEncodings), ',', true);
    acceptsGZip_ = false;
    for(std::vector<Scip>::const_iterator i = acceptEncodings.begin(),
          eoi = acceptEncodings.end(); i != eoi; ++i) {
      if(util::strieq((*i).first, (*i).second, "gzip")) {
        acceptsGZip_ = true;
        break;
      }
    }
    return true;
  } else {
    socketRecvBuffer_->drain(headerProcessor_->getLastBytesProcessed());
    return false;
  }
}

bool HttpServer::receiveBody()
{
  if(lastContentLength_ == bodyConsumed_) {
    return true;
  }
  if(socketRecvBuffer_->bufferEmpty()) {
    if(socketRecvBuffer_->recv() == 0 &&
       !socket_->wantRead() && !socket_->wantWrite()) {
      throw DL_ABORT_EX(EX_EOF_FROM_PEER);
    }
  }
  size_t length =
    std::min(socketRecvBuffer_->getBufferLength(),
             static_cast<size_t>(lastContentLength_ - bodyConsumed_));
  if(lastBody_) {
    lastBody_->writeData(socketRecvBuffer_->getBuffer(), length, 0);
  }
  socketRecvBuffer_->drain(length);
  bodyConsumed_ += length;
  return lastContentLength_ == bodyConsumed_;
}

const std::string& HttpServer::getMethod() const
{
  return lastRequestHeader_->getMethod();
}

const std::string& HttpServer::getRequestPath() const
{
  return lastRequestHeader_->getRequestPath();
}

void HttpServer::feedResponse(std::string text,
                              const std::string& contentType)
{
  feedResponse(200, "", std::move(text), contentType);
}

void HttpServer::feedResponse(int status,
                              const std::string& headers,
                              std::string text,
                              const std::string& contentType)
{
  std::string httpDate = Time().toHTTPDate();
  std::string header = fmt("HTTP/1.1 %s\r\n"
                           "Date: %s\r\n"
                           "Content-Length: %lu\r\n"
                           "Expires: %s\r\n"
                           "Cache-Control: no-cache\r\n",
                           getStatusString(status),
                           httpDate.c_str(),
                           static_cast<unsigned long>(text.size()),
                           httpDate.c_str());
  if(!contentType.empty()) {
    header += "Content-Type: ";
    header += contentType;
    header += "\r\n";
  }
  if(!allowOrigin_.empty()) {
    header += "Access-Control-Allow-Origin: ";
    header += allowOrigin_;
    header += "\r\n";
  }
  if(supportsGZip()) {
    header += "Content-Encoding: gzip\r\n";
  }
  if(!supportsPersistentConnection()) {
    header += "Connection: close\r\n";
  }
  header += headers;
  header += "\r\n";
  A2_LOG_DEBUG(fmt("HTTP Server sends response:\n%s", header.c_str()));
  socketBuffer_.pushStr(std::move(header));
  socketBuffer_.pushStr(std::move(text));
}

void HttpServer::feedUpgradeResponse(const std::string& protocol,
                                     const std::string& headers)
{
  std::string header= fmt("HTTP/1.1 101 Switching Protocols\r\n"
                          "Upgrade: %s\r\n"
                          "Connection: Upgrade\r\n"
                          "%s"
                          "\r\n",
                          protocol.c_str(),
                          headers.c_str());
  A2_LOG_DEBUG(fmt("HTTP Server sends upgrade response:\n%s", header.c_str()));
  socketBuffer_.pushStr(std::move(header));
}

ssize_t HttpServer::sendResponse()
{
  return socketBuffer_.send();
}

bool HttpServer::sendBufferIsEmpty() const
{
  return socketBuffer_.sendBufferIsEmpty();
}

bool HttpServer::authenticate()
{
  if (!username_) {
    return true;
  }

  const std::string& authHeader =
    lastRequestHeader_->find(HttpHeader::AUTHORIZATION);
  if(authHeader.empty()) {
    return false;
  }
  auto p = util::divide(std::begin(authHeader), std::end(authHeader), ' ');
  if(!util::streq(p.first.first, p.first.second, "Basic")) {
    return false;
  }

  std::string userpass = base64::decode(p.second.first, p.second.second);
  auto up = util::divide(std::begin(userpass), std::end(userpass), ':', false);
  std::string username(up.first.first, up.first.second);
  std::string password(up.second.first, up.second.second);
  return *username_ == hmac_->getResult(username) &&
    (!password_ || *password_ == hmac_->getResult(password));
}

void HttpServer::setUsernamePassword
(const std::string& username, const std::string& password)
{
  using namespace util::security;

  if (!hmac_) {
    hmac_ = HMAC::createRandom();
  }

  if (!username.empty()) {
    username_ = make_unique<HMACResult>(hmac_->getResult(username));
  }
  else {
    username_.reset();
  }

  if (!password.empty()) {
    password_ = make_unique<HMACResult>(hmac_->getResult(password));
  }
  else {
    password_.reset();
  }
}

int HttpServer::setupResponseRecv()
{
  std::string path = createPath();
  if(getMethod() == "GET") {
    if(path == "/jsonrpc") {
      reqType_ = RPC_TYPE_JSONP;
      lastBody_.reset();
      return 0;
    }
  } else if(getMethod() == "POST") {
    if(path == "/jsonrpc") {
      if(reqType_ != RPC_TYPE_JSON) {
        reqType_ = RPC_TYPE_JSON;
        lastBody_ = make_unique<json::JsonDiskWriter>();
      }
      return 0;
    }
#ifdef ENABLE_XML_RPC
    if(path == "/rpc") {
      if(reqType_ != RPC_TYPE_XML) {
        reqType_ = RPC_TYPE_XML;
        lastBody_ = make_unique<rpc::XmlRpcDiskWriter>();
      }
      return 0;
    }
#endif // ENABLE_XML_RPC
  }
  reqType_ = RPC_TYPE_NONE;
  lastBody_.reset();
  return -1;
}

std::string HttpServer::createPath() const
{
  std::string reqPath = getRequestPath();
  size_t i;
  size_t len = reqPath.size();
  for(i = 0; i < len; ++i) {
    if(reqPath[i] == '#' || reqPath[i] == '?') {
      break;
    }
  }
  reqPath = reqPath.substr(0, i);
  if(reqPath.empty()) {
    reqPath = "/";
  }
  return reqPath;
}

std::string HttpServer::createQuery() const
{
  std::string reqPath = getRequestPath();
  size_t i;
  size_t len = reqPath.size();
  for(i = 0; i < len; ++i) {
    if(reqPath[i] == '#' || reqPath[i] == '?') {
      break;
    }
  }
  if(i == len || reqPath[i] == '#') {
    return "";
  } else {
    size_t start = i;
    for(; i < len; ++i) {
      if(reqPath[i] == '#') {
        break;
      }
    }
    return reqPath.substr(start, i - start);
  }
}

DiskWriter* HttpServer::getBody() const
{
  return lastBody_.get();
}

bool HttpServer::supportsPersistentConnection() const
{
  return keepAlive_ &&
    lastRequestHeader_ && lastRequestHeader_->isKeepAlive();
}

bool HttpServer::wantRead() const
{
  return socket_->wantRead();
}

bool HttpServer::wantWrite() const
{
  return socket_->wantWrite();
}

} // namespace aria2