diff --git a/core/app.cpp b/core/app.cpp index 86d0e7f..4a261bd 100755 --- a/core/app.cpp +++ b/core/app.cpp @@ -172,6 +172,17 @@ void App::Close() } +void App::BaseUrlRedirect(int code) +{ + system.PutUrlProto(config.use_ssl, cur.request->redirect_to); + cur.request->redirect_to += config.base_url; + AssignString(cur.request->env_request_uri, cur.request->redirect_to, false); + // cur.request->env_request_uri should not be UrlEncoded + cur.request->redirect_url_encoded = true; + cur.request->redirect_type = code; +} + + bool App::BaseUrlRedirect() { @@ -181,14 +192,8 @@ bool App::BaseUrlRedirect() if( Equal(config.base_url.c_str(), cur.request->env_http_host) ) return false; - system.PutUrlProto(config.use_ssl, cur.request->redirect_to); - cur.request->redirect_to += config.base_url; - AssignString(cur.request->env_request_uri, cur.request->redirect_to, false); - // cur.request->env_request_uri should not be UrlEncoded - cur.request->redirect_url_encoded = true; - cur.request->redirect_type = 301; - - log << log3 << "RC: BaseUrlRedirect from: " << cur.request->env_http_host << logend; + BaseUrlRedirect(301); + log << log3 << "App: BaseUrlRedirect from: " << cur.request->env_http_host << logend; return true; } @@ -214,11 +219,19 @@ void App::ProcessRequestThrow() plugin.Call(WINIX_SESSION_CHANGED); - functions.Parse(); // parsing directories,files,functions and parameters - cur.mount = system.mounts.CalcCurMount(); + if( (config.use_ssl && (!config.use_ssl_only_for_logged_users || cur.session->puser)) && !cur.request->using_ssl ) + { + BaseUrlRedirect(303); + log << log3 << "App: BaseUrlRedirect from: " << cur.request->env_http_host << " to SSL connection" << logend; + } + else + { + functions.Parse(); // parsing directories,files,functions and parameters + cur.mount = system.mounts.CalcCurMount(); - if( system.mounts.pmount->type != system.mounts.MountTypeStatic() ) - Make(); + if( system.mounts.pmount->type != system.mounts.MountTypeStatic() ) + Make(); + } } SendAnswer(); @@ -336,7 +349,7 @@ void App::Make() { if( cur.request->dir_tab.empty() ) { - log << log1 << "Content: there is no a root dir (dir_tab is empty)" << logend; + log << log1 << "App: there is no a root dir (dir_tab is empty)" << logend; return; } @@ -375,11 +388,22 @@ void App::Make() { // !! dodac inne informacje (get, post, itp) // jesli jest debug_info wlaczone to nie robic przekierowan - //cur.request->PrintEnv(); // !! PrintEnv() mozna przeniesc tutaj (do klasy App) + PrintEnv(); } } +void App::PrintEnv() +{ +char ** e; + + cur.request->debug << "environment variables:\n"; + + for( e = fcgi_request.envp ; *e ; ++e ) + cur.request->debug << ' ' << *e << "\n"; + + cur.request->debug << '\n'; +} @@ -389,6 +413,7 @@ void App::ReadRequest() ReadEnvVariables(); CheckRequestMethod(); CheckFCGIRole(); + CheckSSL(); LogAccess(); @@ -399,8 +424,11 @@ void App::ReadRequest() CheckIE(); CheckKonqueror(); + if( cur.request->using_ssl ) + log << log3 << "App: SSL enabled" << logend; + if( cur.request->role == Request::authorizer ) - log << log3 << "Request: fast cgi role: authorizer" << logend; + log << log3 << "App: fast cgi role: authorizer" << logend; } @@ -431,6 +459,7 @@ void App::ReadEnvVariables() SetEnv(cur.request->env_fcgi_role, "FCGI_ROLE"); SetEnv(cur.request->env_content_type, "CONTENT_TYPE"); SetEnv(cur.request->env_http_accept_encoding, "HTTP_ACCEPT_ENCODING"); + SetEnv(cur.request->env_https, "HTTPS"); } @@ -460,6 +489,15 @@ void App::CheckFCGIRole() } +void App::CheckSSL() +{ + // value "on" exists in lighttpd server + // make sure that for other servers is "on" too + + if( EqualNoCase(cur.request->env_https, "on") ) + cur.request->using_ssl = true; +} + void App::LogAccess() { @@ -484,7 +522,7 @@ void App::ReadGetPostVars() { if( IsSubStringNoCase("multipart/form-data", cur.request->env_content_type) ) { - log << log3 << "Request: post content type: multipart/form-data" << logend; + log << log3 << "App: post content type: multipart/form-data" << logend; post_multi_parser.Parse(fcgi_request.in, cur.request->post_tab, cur.request->post_file_tab); } else @@ -543,6 +581,35 @@ void App::PrepareSessionCookie() +bool App::SendHeadersStaticCreateResource() +{ + size_t i = 0; + Item * dir = system.dirs.GetDir(system.mounts.pmount->dir_id); + sendh_t3.clear(); + + if( !dir ) + { + log << log1 << "App: cannot find the mount directory" << logend; + return false; + } + + size_t how_many_dirs = system.dirs.DirLevel(dir->id); + const char * path = SkipDirs(cur.request->env_request_uri, how_many_dirs); + + // the path begins with a slash only if how_many_dirs is zero + while( *path == '/' ) + path += 1; + + while( path[i]!=0 && path[i]!='?' && path[i]!='#' ) + ++i; + + if( i > 0 ) + sendh_t3.assign(path, i); + +return true; +} + + void App::SendHeadersStatic() { if( PathHasUpDir(cur.request->env_request_uri) ) @@ -562,28 +629,18 @@ void App::SendHeadersStatic() return; } - Ezc::WideToUTF8(config.http_header_send_file, sendheadersstatic_t); - Ezc::WideToUTF8(config.static_dirs[index], sendheadersstatic_t2); + Ezc::WideToUTF8(config.http_header_send_file, sendh_t); + Ezc::WideToUTF8(config.static_dirs[index], sendh_t2); - Item * dir = system.dirs.GetDir(system.mounts.pmount->dir_id); - - if( !dir ) + if( !SendHeadersStaticCreateResource() ) { - log << log1 << "App: cannot find the mount directory" << logend; SendHeadersForbidden(); return; } - size_t how_many_dirs = system.dirs.DirLevel(dir->id); - const char * path = SkipDirs(cur.request->env_request_uri, how_many_dirs); - - // the path begins with a slash only if how_many_dirs is zero - while( *path == '/' ) - path += 1; - - FCGX_FPrintF(fcgi_request.out, "%s: %s/%s\r\n", sendheadersstatic_t.c_str(), sendheadersstatic_t2.c_str(), path); + FCGX_FPrintF(fcgi_request.out, "%s: %s/%s\r\n", sendh_t.c_str(), sendh_t2.c_str(), sendh_t3.c_str()); FCGX_PutS("Status: 200 OK\r\n", fcgi_request.out); - log << log2 << "Sending file from a static mountpoint: " << sendheadersstatic_t2 << "/" << path << logend; + log << log2 << "App: sending a file from a static mountpoint: " << sendh_t2 << "/" << sendh_t3 << logend; } @@ -593,7 +650,7 @@ void App::SendHeadersForbidden() { FCGX_PutS("Status: 403 Forbidden\r\n", fcgi_request.out); FCGX_PutS("Content-Type: text/html\r\n", fcgi_request.out); - log << log2 << "Request: response: 403 Forbidden" << logend; + log << log2 << "App: response: 403 Forbidden" << logend; } @@ -629,7 +686,7 @@ void App::SendHeadersRedirect() Ezc::WideToUTF8(cur.request->redirect_to, cur.request->aredirect_to); FCGX_FPrintF(fcgi_request.out, "Location: %s\r\n", cur.request->aredirect_to.c_str()); - log << log2 << "Redirect to: " << cur.request->aredirect_to << logend; + log << log2 << "App: redirect to: " << cur.request->aredirect_to << logend; } @@ -640,7 +697,7 @@ void App::SendHeadersSendFile() FCGX_FPrintF(fcgi_request.out, "%s: %s\r\n", sendfilea.c_str(), sendfile2a.c_str()); FCGX_PutS("Status: 200 OK\r\n", fcgi_request.out); - log << log2 << "Sending file: " << cur.request->x_sendfile << logend; + log << log2 << "App: sending file: " << cur.request->x_sendfile << logend; } @@ -660,7 +717,7 @@ void App::SendHeadersNormal(Header header) case h_404: FCGX_PutS("Status: 404 Not Found\r\n", fcgi_request.out); FCGX_PutS("Content-Type: text/html\r\n", fcgi_request.out); - log << log2 << "Request: response: 404 Not Found" << logend; + log << log2 << "App: response: 404 Not Found" << logend; break; case h_403: diff --git a/core/app.h b/core/app.h index 3b89403..f6230fe 100755 --- a/core/app.h +++ b/core/app.h @@ -119,11 +119,12 @@ private: pthread_t signal_thread; std::string url_to_fetch_on_exit; std::string source_a; - std::string sendheadersstatic_t, sendheadersstatic_t2; + std::string sendh_t, sendh_t2, sendh_t3; std::string sendfilea, sendfile2a; void ProcessRequestThrow(); void ProcessRequest(); + void BaseUrlRedirect(int code); bool BaseUrlRedirect(); void MakePage(); void Make(); @@ -133,6 +134,8 @@ private: void ReadRequest(); void SendAnswer(); + void PrintEnv(); + void SetEnv(const char * & env, const char * name); void ReadEnvVariables(); void ReadGetPostVars(); @@ -141,10 +144,12 @@ private: void CheckKonqueror(); void CheckRequestMethod(); void CheckFCGIRole(); + void CheckSSL(); void PrepareSessionCookie(); void AddDebugInfo(std::wstring & out); void FilterCompressSend(bool compressing, int compress_encoding, const std::wstring & source_ref); + bool SendHeadersStaticCreateResource(); void SendHeadersStatic(); void SendHeadersForbidden(); void SendHeadersRedirect(); diff --git a/core/request.cpp b/core/request.cpp index 7893f5c..b57f554 100755 --- a/core/request.cpp +++ b/core/request.cpp @@ -63,6 +63,7 @@ void Request::Clear() env_fcgi_role = &char_empty; env_content_type = &char_empty; env_http_accept_encoding = &char_empty; + env_https = &char_empty; item_tab.clear(); item.Clear(); @@ -81,6 +82,8 @@ void Request::Clear() redirect_type = 303; x_sendfile.clear(); send_as_attachment = false; + + using_ssl = false; } @@ -171,20 +174,6 @@ return &p->second; -/* -void Request::PrintEnv() -{ -char ** e; - - debug << "environment variables:\n"; - - for( e = env ; *e ; ++e ) - debug << ' ' << *e << "\n"; - - debug << '\n'; -} -*/ - bool Request::AllPostVarEmpty() { diff --git a/core/request.h b/core/request.h index 11b26b5..192ab85 100755 --- a/core/request.h +++ b/core/request.h @@ -71,6 +71,7 @@ struct Request const char * env_http_accept_encoding; const char * env_fcgi_role; const char * env_content_type; + const char * env_https; // true if the browser is Microsoft Internet Explorer bool browser_msie; @@ -78,6 +79,9 @@ struct Request // true if the browser is Konqueror bool browser_konqueror; + // true if we are using encrypted connection (SSL) + bool using_ssl; + // current directory std::vector dir_tab; @@ -131,8 +135,7 @@ struct Request void SetConfig(Config * pconfig); void Clear(); - // for debugging - //void PrintEnv(); + bool IsParam(const wchar_t * param_name);