tomasz.sowa/winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Compare commits

base: tomasz.sowa:0.6.2
Branches Tags
tomasz.sowa:master
tomasz.sowa:0.7.3 tomasz.sowa:0.7.2 tomasz.sowa:0.7.1 tomasz.sowa:0.7.0 tomasz.sowa:0.6.5 tomasz.sowa:0.6.4 tomasz.sowa:0.6.3 tomasz.sowa:0.6.2 tomasz.sowa:0.6.1 tomasz.sowa:0.6.0 tomasz.sowa:0.5.6 tomasz.sowa:0.5.5 tomasz.sowa:0.5.4 tomasz.sowa:0.5.3 tomasz.sowa:0.5.2 tomasz.sowa:0.5.1 tomasz.sowa:0.5.0 tomasz.sowa:0.4.8 tomasz.sowa:0.4.7 tomasz.sowa:0.4.6 tomasz.sowa:0.4.5 tomasz.sowa:0.4.0 tomasz.sowa:0.3.3 tomasz.sowa:0.3.2 tomasz.sowa:0.3.1 tomasz.sowa:0.3.0 tomasz.sowa:0.2.0 tomasz.sowa:0.1.0
...
compare: tomasz.sowa:0.6.5
Branches Tags
tomasz.sowa:master
tomasz.sowa:0.7.3 tomasz.sowa:0.7.2 tomasz.sowa:0.7.1 tomasz.sowa:0.7.0 tomasz.sowa:0.6.5 tomasz.sowa:0.6.4 tomasz.sowa:0.6.3 tomasz.sowa:0.6.2 tomasz.sowa:0.6.1 tomasz.sowa:0.6.0 tomasz.sowa:0.5.6 tomasz.sowa:0.5.5 tomasz.sowa:0.5.4 tomasz.sowa:0.5.3 tomasz.sowa:0.5.2 tomasz.sowa:0.5.1 tomasz.sowa:0.5.0 tomasz.sowa:0.4.8 tomasz.sowa:0.4.7 tomasz.sowa:0.4.6 tomasz.sowa:0.4.5 tomasz.sowa:0.4.0 tomasz.sowa:0.3.3 tomasz.sowa:0.3.2 tomasz.sowa:0.3.1 tomasz.sowa:0.3.0 tomasz.sowa:0.2.0 tomasz.sowa:0.1.0

25 Commits
0.6.2 ... 0.6.5

Author SHA1 Message Date
Tomasz Sowa
f54df8d600 updated: to the new EZC api (ezc functions can be methods of some special objects) 
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1012 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-06-14 18:24:08 +00:00
Tomasz Sowa
d8451ceaa0 fixed: checking for ssl redirect 
we should take into account cur.request->function->need_ssl too



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1010 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-05-29 09:46:29 +00:00
Tomasz Sowa
62f178c2ee fixed: in App::CheckIfNeedSSLredirect() 
winix made an incorrect redirect from/to SSL



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1009 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-05-29 09:24:43 +00:00
Tomasz Sowa
eb4e7343e7 changed: now 'emacs' winix function uses CodeMirror editor 
currently only htmlmixed mode is implemented


git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1008 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-04-18 18:50:39 +00:00
Tomasz Sowa
5274e8e8ff added: "server_mode" config option (std::wstring) 
you can assign any string to it such as "production" "dev"
       this value is not used by winix itself
       you can refer to it from [server_mode] and [server_mode_is] ezc functions





git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1007 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-04-16 14:43:52 +00:00
Tomasz Sowa
ae2a885d6c fixed: rm winix function returned incorrectly formated json when using jquery upload (delete file button) 
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1006 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-03-20 11:00:22 +00:00
Tomasz Sowa
901663b145 updated: to the new ezc api 
added:   following ezc functions: ezc_and_not, ezc_any_not, ezc_or_not, ezc_one_not, is, is_not, is_empty, is_not_empty





git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1005 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-03-08 23:22:05 +00:00
Tomasz Sowa
dc301d4c50 changed: editors (emacs, ckeditor...) doesn't set an item's title now (if it was empty) 
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1003 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-03-02 21:23:29 +00:00
Tomasz Sowa
34f0535a26 added: some ezc functions for displaying current date 
current_sec, current_min, current_hour, current_year, ...



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1002 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-02-22 10:23:52 +00:00
Tomasz Sowa
af0e2a778d changed: some refactoring in System: in IsMemberOfGroup method 
changed: some log messages at startup (about non existing empty group for uploads directory)




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1001 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-01-02 08:18:06 +00:00
Tomasz Sowa
904f1e70f2 fixed: compiling on Debian (it has no MSG_EOF flag) 
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1000 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-01-02 07:15:22 +00:00
Tomasz Sowa
ddf7ef30ad fixed: compiling od Debian 
sockaddr_un has no sun_len member



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@999 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-01-02 07:14:15 +00:00
Tomasz Sowa
0a43870e76 fixed: the way how winix is closing 
beforehand we made a http connection from the special thread
       now we just send a fastcgi packet to the unix socket

       the old way was broken because it requires the http server to work
       and if the operating system is going to shutdown/reboot then the http server
       can be first closed and consequently the winix cannot wake up from
       the main thread (and will be terminated SIGKILL by the os)
       



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@998 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2015-01-02 07:01:08 +00:00
Tomasz Sowa
f875bd2944 changed: when a client doesn't send a session cookie we can instead of ban just use a temporary session 
added: config option:
	// the way we behave when no_session_cookie_treshold limit is exceeded
 	// 0 - if a client doesn't send a session cookie again then use a temporary session
 	//     (other sessions from this IP address are not affected)
 	// 1 - add this IP address to ban list and create a temporary session
 	//     (this will block other sessions from this IP address too)
 	// default: 0
 	int no_session_cookie_ban_mode;




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@996 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-11-25 12:02:22 +00:00
Tomasz Sowa
c9bf20201b added: possibility to ban if a session cookie is incorrect (when we are using encoded cookies) 
added:   possibility to ban if a client tries to hijack the session cookie
added:   possibility to ban if a client did not send a session cookie
renamed: ezc functions:
         login_cannot_login -> ipban_is_login_allowed_from_this_ip  (and the return value was changed)
         login_when_available_login -> ipban_current_ip_expires_time
added: config options:
       // after how many broken encoded cookie we should ban the current IP
       // default: 2 (value in the range <0 - 65535>)
       size_t broken_encoded_cookie_treshold;

       // after how many incorrect session identifiers (or session indices) we should ban the current IP
       // do not set this value too low, as people connecting from the same IP address (from behind a NAT)
       // would be banned if they have an old session cookie remembered in the browser
       // default: 128 (value in the range <0 - 65535>)
       size_t session_hijacking_treshold;

       // after how many times a client will be banned if it did not send a session cookie
       // default: 1000 (value in the range <0 - 65535>)
       size_t no_session_cookie_treshold;








git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-11-24 20:22:30 +00:00
Tomasz Sowa
76314aab10 added: possibility to encode the session cookie (added files core/sessionidmanager.h and core/sessionidmanager.cpp) 
added: config options:
       // whether or not we should encode the session cookie
       // (we have a special algorithm)
       // default: false
       bool session_cookie_encode;

       // if session_cookie_encode is true then you should provide
       // a file where AES keys will be stored
       std::wstring session_keys_file;

       // each session has an index -- an unsigned int value
       // this value is sent in the cookie string (is encoded)
       // and is incremented when session_index_time_increment time is passed since the last incrementing
       // if a client sent the cookie back the difference between
       // current index and the index in the cookie should be less than or equal to session_allow_index_difference
       // default: 8
       size_t session_allow_index_difference;

       // the time which should pass after the session index is incremented
       // default: 30
       // (session_allow_index_difference + 1) * session_index_time_increment should be less than a time
       // load of a page and all elements on it such as images (of course it depends on client's download too)
       time_t session_index_time_increment;

       // time in seconds after a new AES key pair should be generated
       // we have 256 pairs of keys so this time multiplied by 256 should not be less than
       // the max time of a session (session_remember_max_idle),
       // by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle)
       // default: 172800 = 2 days (max: 2678400 = 1 month, min: 10)
       size_t session_key_renew_time;

changed: when printing the time of a request we print only two non-zero digits






git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-11-22 15:30:56 +00:00
Tomasz Sowa
3547d326b8 define AR macro in the main Makefile 
this is for pikotools and tito libraries



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@993 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-11-12 04:14:16 +00:00
Tomasz Sowa
0ecb2ac70e added: to HtmlTextStream: Escape(bool) method 
now the output html streams can be turn into no-escaping mode
       default true (set when a request is clearing)




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@990 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-11-06 21:17:41 +00:00
Tomasz Sowa
8f8defe0de updated: to the new Ezc API 
removed statements: [if-index ...] [is ...] [is-no ...]
added:   generic ezc functions:
         and, any (the same as and), or, one (the same as or), not, cmp, trim
         to_lower, to_upper, index
changed: in misc:
         added treat_new_line_as_white flag to IsWhite() SkipWhite() and TrimWhite()
         TrimWhite(), TrimFirst(), TrimLast(), Trim() are using only wide characters now
         (they were templates before)
         added: IsInt(), IsSize(), IsFloat()
changed: version to 0.6.4






git-svn-id: svn://ttmath.org/publicrep/winix/trunk@989 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-11-02 17:47:34 +00:00
Tomasz Sowa
db5572e864 removed: svn:executable attribute from files 
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@984 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-11-01 17:05:20 +00:00
Tomasz Sowa
1100cf75d7 updated: to the new Ezc API 
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@983 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-10-28 19:14:46 +00:00
Tomasz Sowa
4fda06b547 fixed: PatternCacher incorrectly rebuilt the cache 
some new Ezc::Pattern objects were inserted
       the storage container is std::map<long,...>
       but we traverse it as a std::vector e.g.:
       for(size_t i=0 ; i<pattern_tab.size() ; ++i)
           RebuildCache(pattern_tab[i].pattern);
       so eventually new patterns were added to the map
       (operator [])




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@980 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-10-21 07:27:21 +00:00
Tomasz Sowa
fb18b2238e added: two options to the config: 
ezc_error_prefix (string)
        ezc_error_postfix (string)
        // prefix and postfix used when there is an error in Ezc patterns
        // default:
        // prefix:  "<!-- "
        // postfix: " -->"
added:  Ezc::Blocks to templates
added:  although patterns have pointers to functions and blocks cached
        the Ezc::Generator should use SetFunctions() and SetBlocks() method
        in order to correctly recognize variables (aliases)




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@978 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-10-19 21:20:09 +00:00
Tomasz Sowa
5266a7e4e5 updated: to the new Ezc API 
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@974 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-10-18 18:12:04 +00:00
Tomasz Sowa
8196fb77d1 changed: now we do not use std::string and char* in the Winix API 
everywhere we are using std::wstring and wchar_t*
         (std::string and char* is used only locally in some places
         especially when creating a path to OS file system etc.)
added:   to the special thread when winix closes:
         a write function for curl: FetchPageOnExitCurlCallback()
         without this function the curl library will print
         the page's content to the standart output
changed: TextStream<> class from core can make
         UTF8<->wide strings conversions
removed: from config: utf8 option
         now winix expects UTF8 from the user's input (html forms, url-es)
         and outputs strings in the UTF8 format




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@965 e52654a7-88a9-db11-a3e9-0013d4bc506e
 2014-10-09 20:44:56 +00:00
446 changed files with 6342 additions and 3009 deletions
Expand all files Collapse all files

3
Makefile Executable file → Normal file
View File

@@ -15,6 +15,9 @@ ifndef CXXFLAGS
CXXFLAGS = -Wall -O0 -g -fPIC -pthread -std=c++11 -I/usr/local/include -I/usr/include/postgresql -DEZC_USE_WINIX_LOGGER -DEZC_HAS_SPECIAL_STREAM
endif
ifndef AR
AR = ar
endif
ifndef CXXWINIXINCLUDEFLAGS
# these flags are used for compiling and making dependencies (make depend)

2
Makefile.dep
View File

File diff suppressed because one or more lines are too long

0
core/Makefile Executable file → Normal file
View File

682
core/Makefile.dep Executable file → Normal file
View File

File diff suppressed because it is too large Load Diff

2
core/Makefile.o.dep Executable file → Normal file
View File

@@ -1 +1 @@
o = acceptbaseparser.o app.o basethread.o bbcodeparser.o compress.o config.o crypt.o dircontainer.o dirs.o groups.o htmlfilter.o httpsimpleparser.o image.o ipbancontainer.o item.o job.o lastcontainer.o loadavg.o lock.o log.o misc.o mount.o mountparser.o mounts.o plugin.o plugindata.o postmultiparser.o rebus.o request.o run.o session.o sessioncontainer.o sessionmanager.o sessionparser.o slog.o synchro.o system.o threadmanager.o timezone.o timezones.o user.o users.o
o = acceptbaseparser.o app.o basethread.o bbcodeparser.o compress.o config.o crypt.o dircontainer.o dirs.o groups.o htmlfilter.o httpsimpleparser.o image.o ipbancontainer.o item.o job.o lastcontainer.o loadavg.o lock.o log.o misc.o mount.o mountparser.o mounts.o plugin.o plugindata.o postmultiparser.o rebus.o request.o run.o session.o sessioncontainer.o sessionidmanager.o sessionmanager.o sessionparser.o slog.o synchro.o system.o threadmanager.o timezone.o timezones.o user.o users.o

34
core/acceptbaseparser.cpp Executable file → Normal file
View File

@@ -32,8 +32,10 @@
*
*/
#include <cstdlib>
#include <wchar.h>
#include "acceptbaseparser.h"
#include "misc.h"
namespace Winix
@@ -58,28 +60,11 @@ void AcceptBaseParser::SkipWhite()
}
void AcceptBaseParser::RemoveWhiteFromEnd(std::string & str)
{
if( str.empty() )
return;
size_t i = str.size() - 1;
for( ; i!=0 && IsWhite(str[i]) ; --i);
if( !IsWhite(str[i]) )
++i;
if( i < str.size() )
str.erase(i); // erasing until the end of the string
}
void AcceptBaseParser::ReadParameter()
{
param.clear();
SkipWhite();
while( *text!=0 && *text!=',' && *text!=';' )
@@ -88,14 +73,13 @@ void AcceptBaseParser::ReadParameter()
++text;
}
RemoveWhiteFromEnd(param);
TrimWhite(param);
}
void AcceptBaseParser::ReadQ()
{
q = 1.0;
SkipWhite();
if( *text != ';' )
@@ -113,7 +97,7 @@ void AcceptBaseParser::ReadQ()
++text; // skipping '='
SkipWhite();
q = strtod(text, (char**)&text);
q = wcstod(text, (wchar_t**)&text);
}
@@ -127,7 +111,7 @@ void AcceptBaseParser::SkipParam()
void AcceptBaseParser::Parse(const char * str)
void AcceptBaseParser::Parse(const wchar_t * str)
{
text = str;
Init();
@@ -143,6 +127,12 @@ void AcceptBaseParser::Parse(const char * str)
void AcceptBaseParser::Parse(const std::wstring & str)
{
Parse(str.c_str());
}
} // namespace Winix

12
core/acceptbaseparser.h Executable file → Normal file
View File

@@ -45,29 +45,29 @@ namespace Winix
// sample (you must create your own class derived from this one):
// object.Parse(" text/html ; , ; q = 45, application / xhtml+xml ; q = 0.4 , application/xml ; q = 0.9 , */* ; q = 0.8 ");
// object.Parse(L" text/html ; , ; q = 45, application / xhtml+xml ; q = 0.4 , application/xml ; q = 0.9 , */* ; q = 0.8 ");
class AcceptBaseParser
{
public:
void Parse(const char * str);
void Parse(const wchar_t * str);
void Parse(const std::wstring & str);
private:
virtual void Init() {} ;
virtual void Param(const std::string & param, double q) = 0;
virtual void Param(const std::wstring & param, double q) = 0;
bool IsWhite(int c);
void SkipWhite();
void RemoveWhiteFromEnd(std::string & str);
void ReadParameter();
void ReadQ();
void SkipParam();
const char * text;
std::string param;
const wchar_t * text;
std::wstring param;
double q;
};

14
core/acceptencodingparser.h Executable file → Normal file
View File

@@ -60,7 +60,7 @@ public:
}
void ParseAndLog(const char * str)
void ParseAndLog(const wchar_t * str)
{
Parse(str);
@@ -84,6 +84,12 @@ public:
}
void ParseAndLog(const std::wstring & str)
{
ParseAndLog(str.c_str());
}
private:
void Init()
@@ -93,14 +99,14 @@ private:
}
void Param(const std::string & param, double q)
void Param(const std::wstring & param, double q)
{
if( param=="deflate" && q!=0.0 )
if( param == L"deflate" && q!=0.0 )
{
accept_deflate = true;
}
if( param=="gzip" && q!=0.0 )
if( param == L"gzip" && q!=0.0 )
{
accept_gzip = true;
}

422
core/app.cpp Executable file → Normal file
View File

@@ -5,7 +5,7 @@
*/
/*
* Copyright (c) 2010-2014, Tomasz Sowa
* Copyright (c) 2010-2015, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -33,6 +33,8 @@
*/
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <pwd.h>
#include <grp.h>
#include <unistd.h>
@@ -40,7 +42,8 @@
#include <netinet/in.h>
#include <arpa/inet.h>
#include <utility>
#include <curl/curl.h>
#include <fastcgi.h>
#include <stddef.h>
#include "app.h"
#include "plugin.h"
#include "misc.h"
@@ -114,12 +117,70 @@ App::App()
bool App::InitFCGI(char * sock, char * sock_user, char * sock_group)
{
if( !WideToUTF8(config.fcgi_socket, sock, WINIX_OS_PATH_SIZE) )
return false;
if( !WideToUTF8(config.fcgi_socket_user, sock_user, WINIX_OS_USERNAME_SIZE) )
return false;
if( !WideToUTF8(config.fcgi_socket_group, sock_group, WINIX_OS_USERNAME_SIZE) )
return false;
return true;
}
/*
* chmod and chown of the socket are set before winix drops privileges
*/
bool App::InitFCGIChmodChownSocket(char * sock, char * sock_user, char * sock_group)
{
if( chmod(sock, config.fcgi_socket_chmod) < 0 )
{
log << log1 << "App: I cannot chmod a FastCGI socket, check fcgi_socket_chmod in the config" << logend;
return false;
}
passwd * pw = getpwnam(sock_user);
if( !pw )
{
log << log1 << "App: there is no a user: " << config.fcgi_socket_user << logend;
return false;
}
group * gr = getgrnam(sock_group);
if( !gr )
{
log << log1 << "App: there is no a group: " << config.fcgi_socket_group << logend;
return false;
}
if( chown(sock, pw->pw_uid, gr->gr_gid) < 0 )
{
log << log1 << "App: I cannot chown a FastCGI socket, check fcgi_socket_user "
<< "and fcgi_socket_group in the config" << logend;
return false;
}
return true;
}
bool App::InitFCGI()
{
const char * sock = config.fcgi_socket.c_str();
unlink(sock);
char sock[WINIX_OS_PATH_SIZE];
char sock_user[WINIX_OS_USERNAME_SIZE];
char sock_group[WINIX_OS_USERNAME_SIZE];
fcgi_socket = FCGX_OpenSocket(sock, 100); // !! dodac 100 do konfiga
if( !InitFCGI(sock, sock_user, sock_group) )
return false;
unlink(sock);
fcgi_socket = FCGX_OpenSocket(sock, config.fcgi_socket_listen);
if( fcgi_socket < 0 )
{
@@ -128,25 +189,9 @@ bool App::InitFCGI()
}
log << log3 << "App: FastCGI socket number: " << fcgi_socket << logend;
chmod(sock, config.fcgi_socket_chmod);
passwd * pw = getpwnam(config.fcgi_socket_user.c_str());
if( !pw )
{
log << log1 << "App: there is no user: " << config.fcgi_socket_user << logend;
if( !InitFCGIChmodChownSocket(sock, sock_user, sock_group) )
return false;
}
group * gr = getgrnam(config.fcgi_socket_group.c_str());
if( !gr )
{
log << log1 << "App: there is no group: " << config.fcgi_socket_group << logend;
return false;
}
chown(sock, pw->pw_uid, gr->gr_gid);
if( FCGX_Init() != 0 )
{
@@ -179,18 +224,17 @@ bool App::Init()
// init notify after templates (it uses locales from templates)
system.notify.ReadTemplates();
session_manager.InitBanList();
session_manager.InitTmpSession();
session_manager.InitBanList();
session_manager.InitCookieEncoding();
session_manager.LoadSessions();
CreateStaticTree();
post_parser.UTF8(config.utf8);
post_parser.LogValueSize(config.log_post_value_size);
// post_multi_parser has a pointer to the config
cookie_parser.UTF8(config.utf8);
plugin.Call((Session*)0, WINIX_PLUGIN_INIT);
return true;
@@ -218,7 +262,7 @@ void App::BaseUrlRedirect(int code, bool add_subdomain)
}
cur.request->redirect_to += config.base_url;
AssignString(cur.request->env_request_uri, cur.request->redirect_to, false);
cur.request->redirect_to += cur.request->env_request_uri;
// cur.request->env_request_uri should not be UrlEncoded because it contains slashes
cur.request->redirect_type = code;
}
@@ -241,7 +285,7 @@ bool App::BaseUrlRedirect()
if( cur.request->method == Request::post )
return false;
if( Equal(config.base_url.c_str(), cur.request->env_http_host) )
if( config.base_url == cur.request->env_http_host )
return false;
BaseUrlRedirect(config.base_url_redirect_code, false);
@@ -264,11 +308,33 @@ void App::CheckIfNeedSSLredirect()
if( config.use_ssl )
{
if( !cur.request->using_ssl )
if( config.use_ssl_only_for_logged_users )
{
if( !config.use_ssl_only_for_logged_users ||
cur.session->puser ||
(cur.request->function && cur.request->function->need_ssl) )
bool function_need_ssl = (cur.request->function && cur.request->function->need_ssl);
if( cur.request->using_ssl )
{
if( !cur.session->puser && !function_need_ssl )
{
log << log3 << "App: this operation should NOT be used through SSL" << logend;
BaseUrlRedirect(config.use_ssl_redirect_code, true);
}
}
else
{
if( cur.session->puser || function_need_ssl )
{
log << log3 << "App: this operation should be used through SSL" << logend;
BaseUrlRedirect(config.use_ssl_redirect_code, true);
}
}
}
else
{
/*
* use ssl for everyone
*/
if( !cur.request->using_ssl )
{
log << log3 << "App: this operation should be used through SSL" << logend;
BaseUrlRedirect(config.use_ssl_redirect_code, true);
@@ -345,7 +411,28 @@ void App::ProcessRequestThrow()
}
plugin.Call(WINIX_SESSION_CHANGED);
functions.Parse(); // parsing directories,files,functions and parameters
if( cur.request->env_request_uri.size() <= WINIX_URL_MAX_SIZE )
{
functions.Parse(); // parsing directories, files, functions and parameters
}
else
{
/*
* IMPROVE ME
* it will not have the root directory set
* so as a response only a blank page is shown
* (root directory is set in funcions.Parse())
*
* IMPROVE ME
* we can add a better return code (http status):
* http://www.ietf.org/rfc/rfc2616.txt
* "A server SHOULD return 414 (Request-URI Too Long) status if a URI is longer than the server can handle"
*
*/
cur.request->status = WINIX_ERR_PERMISSION_DENIED;
log << log1 << "App: the URL is too long: " << cur.request->env_request_uri.size() << logend;
}
cur.mount = system.mounts.CalcCurMount();
@@ -500,7 +587,7 @@ void App::CreateJSONAnswer()
}
// !! zmienic na lepsza nazwe
// !! IMPROVE ME change to a better name
void App::MakePage()
{
bool sent = false;
@@ -555,9 +642,9 @@ void App::CheckPostRedirect()
}
// zmienic nazwe np na ProcessRequest
// !! ta nazwa chyba juz zajeta...
// !! IMPROVE ME need some refactoring
// !! IMPROVE ME change to a better name
// may ProcessRequest()? but probably it is already defined...
// this method needs some refactoring
void App::Make()
{
if( cur.request->dir_tab.empty() )
@@ -572,8 +659,6 @@ void App::Make()
if( cur.session->ip_ban && cur.session->ip_ban->IsIPBanned() )
{
PT::Date date(cur.session->ip_ban->expires);
log << log2 << "App: this IP address is banned until to: " << date << " UTC" << logend;
slog << logerror << T("this_ip_is_banned_until") << ' ' << date << " UTC" << logend;
cur.request->status = WINIX_ERR_PERMISSION_DENIED;
@@ -637,17 +722,21 @@ void App::LogEnvironmentVariables()
/*
* reading the request (without GET parameters in the URL)
*/
void App::ReadRequest()
{
ReadEnvVariables();
ReadEnvRemoteIP();
CheckRequestMethod();
CheckSSL();
SetSubdomain();
LogAccess();
ReadGetPostVars();
ReadPostVars();
cookie_parser.Parse(cur.request->env_http_cookie, cur.request->cookie_tab);
accept_encoding_parser.ParseAndLog(cur.request->env_http_accept_encoding);
@@ -663,51 +752,63 @@ void App::ReadRequest()
void App::SetEnv(const char * & env, const char * name)
void App::SetEnv(const char * name, std::wstring & env)
{
const char * v = FCGX_GetParam(name, fcgi_request.envp);
const char * v = FCGX_GetParam(name, fcgi_request.envp);
if( v )
env = v;
// by default env is set to an empty string (in cur.request->Clear() method)
{
PT::UTF8ToWide(v, env);
}
}
void App::ReadEnvVariables()
{
// we store that values because FCGX_GetParam has O(n) complexity
// with this variables (env_*) we have O(1)
SetEnv(cur.request->env_request_method, "REQUEST_METHOD"); // !! mozna nie uzywac tego, teraz mamy w strukturze fcgi_request
SetEnv(cur.request->env_request_uri, "REQUEST_URI");
SetEnv(cur.request->env_http_cookie, "HTTP_COOKIE");
SetEnv(cur.request->env_remote_addr, "REMOTE_ADDR");
SetEnv(cur.request->env_http_host, "HTTP_HOST");
SetEnv(cur.request->env_http_user_agent, "HTTP_USER_AGENT");
SetEnv(cur.request->env_fcgi_role, "FCGI_ROLE");
SetEnv(cur.request->env_content_type, "CONTENT_TYPE");
SetEnv(cur.request->env_http_accept_encoding, "HTTP_ACCEPT_ENCODING");
SetEnv(cur.request->env_https, "HTTPS");
cur.request->ip = (int)inet_addr(cur.request->env_remote_addr);
SetEnv("REQUEST_METHOD", cur.request->env_request_method);
SetEnv("REQUEST_URI", cur.request->env_request_uri);
SetEnv("HTTP_COOKIE", cur.request->env_http_cookie);
SetEnv("REMOTE_ADDR", cur.request->env_remote_addr);
SetEnv("HTTP_HOST", cur.request->env_http_host);
SetEnv("HTTP_USER_AGENT", cur.request->env_http_user_agent);
SetEnv("FCGI_ROLE", cur.request->env_fcgi_role);
SetEnv("CONTENT_TYPE", cur.request->env_content_type);
SetEnv("HTTP_ACCEPT_ENCODING", cur.request->env_http_accept_encoding);
SetEnv("HTTPS", cur.request->env_https);
}
void App::ReadEnvRemoteIP()
{
const char * v = FCGX_GetParam("REMOTE_ADDR", fcgi_request.envp);
if( v )
{
cur.request->ip = (int)inet_addr(v);
}
}
void App::CheckRequestMethod()
{
cur.request->method = Request::unknown_method;
if( ToSmall(cur.request->env_request_method[0]) == 'g' )
cur.request->method = Request::get;
else
if( ToSmall(cur.request->env_request_method[0]) == 'p' )
cur.request->method = Request::post;
else
if( ToSmall(cur.request->env_request_method[0]) == 'h' )
cur.request->method = Request::head;
if( !cur.request->env_request_method.empty() )
{
if( ToSmall(cur.request->env_request_method[0]) == 'g' )
cur.request->method = Request::get;
else
if( ToSmall(cur.request->env_request_method[0]) == 'p' )
cur.request->method = Request::post;
else
if( ToSmall(cur.request->env_request_method[0]) == 'h' )
cur.request->method = Request::head;
}
}
@@ -718,14 +819,14 @@ void App::CheckSSL()
// value "on" exists in lighttpd server
// make sure that for other servers is "on" too
if( EqualNoCase(cur.request->env_https, "on") )
if( EqualNoCase(cur.request->env_https.c_str(), L"on") )
cur.request->using_ssl = true;
}
void App::SetSubdomain()
{
CreateSubdomain(config.base_url.c_str(), cur.request->env_http_host, cur.request->subdomain);
CreateSubdomain(config.base_url.c_str(), cur.request->env_http_host.c_str(), cur.request->subdomain);
}
@@ -747,15 +848,11 @@ void App::LogAccess()
void App::ReadGetPostVars()
void App::ReadPostVars()
{
// get parameters we have always
//get_parser.Parse(cur.request->env_request_uri, cur.request->get_tab);
if( cur.request->method == Request::post )
{
if( IsSubStringNoCase("multipart/form-data", cur.request->env_content_type) )
if( IsSubStringNoCase(L"multipart/form-data", cur.request->env_content_type.c_str()) )
{
log << log3 << "App: post content type: multipart/form-data" << logend;
post_multi_parser.Parse(fcgi_request.in, cur.request->post_tab, cur.request->post_file_tab);
@@ -772,49 +869,51 @@ void App::ReadGetPostVars()
void App::CheckIE()
{
const char * msie = strstr(cur.request->env_http_user_agent, "MSIE");
if( msie )
cur.request->browser_msie = true;
else
cur.request->browser_msie = false;
size_t msie = cur.request->env_http_user_agent.find(L"MSIE");
cur.request->browser_msie = (msie != std::wstring::npos);
}
void App::CheckKonqueror()
{
const char * kon = strstr(cur.request->env_http_user_agent, "Konqueror");
if( kon )
cur.request->browser_konqueror = true;
else
cur.request->browser_konqueror = false;
size_t kon = cur.request->env_http_user_agent.find(L"Konqueror");
cur.request->browser_konqueror = (kon != std::wstring::npos);
}
void App::PrepareSessionCookie()
{
if( !cur.session || cur.session->id==0 )
return;
if( config.session_cookie_encode )
{
if( !session_manager.EncodeSessionId(cur.session->id, cur.session->id_index, cookie_id_string) )
Toa(cur.session->id, cookie_id_string);
}
else
{
Toa(cur.session->id, cookie_id_string);
}
if( !cur.session->puser || !cur.session->remember_me )
{
cur.request->AddCookie(config.http_session_id_name, cur.session->id);
cur.request->AddCookie(config.http_session_id_name, cookie_id_string);
}
else
{
PT::Date expires = cur.request->start_time + config.session_remember_max_idle;
cur.request->AddCookie(config.http_session_id_name, cur.session->id, expires);
cur.request->AddCookie(config.http_session_id_name, cookie_id_string, expires);
}
}
bool App::AddHeader(const wchar_t * name, const wchar_t * value)
{
if( !cur.request->out_headers.GetValue(name) )
@@ -875,7 +974,7 @@ bool App::PrepareHeadersStaticCreateResource(PT::WTextStream & out_path)
}
size_t how_many_dirs = system.dirs.DirLevel(dir->id);
const char * path = SkipDirs(cur.request->env_request_uri, how_many_dirs);
const wchar_t * path = SkipDirs(cur.request->env_request_uri.c_str(), how_many_dirs);
// the path begins with a slash only if how_many_dirs is zero
while( *path == '/' )
@@ -954,7 +1053,7 @@ void App::PrepareHeaderContentType()
}
}
if( value && config.utf8 )
if( value )
*value += L"; charset=UTF-8";
}
}
@@ -1066,11 +1165,19 @@ void App::SendHeaders()
FCGX_PutS("\r\n", fcgi_request.out);
if( config.log_http_answer_headers )
log << "HTTP Header: " << aheader_name << ": " << aheader_value << logend;
log << log1 << "HTTP Header: " << aheader_name << ": " << aheader_value << logend;
}
}
template<class RawType>
DbTextStream::RawText<RawType> R(const RawType & par)
{
return DbTextStream::RawText<RawType>(par);
}
void App::SendCookies()
{
PT::Space::TableSingle::iterator i;
@@ -1090,7 +1197,7 @@ void App::SendCookies()
FCGX_PutS("\r\n", fcgi_request.out);
if( config.log_http_answer_headers )
log << "HTTP Header: " << "Set-Cookie: " << aheader_name << "=" << aheader_value << logend;
log << log1 << "HTTP Header: Set-Cookie: " << aheader_name << "=" << aheader_value << logend;
}
}
@@ -1296,10 +1403,7 @@ size_t output_size = 0;
SelectCompression(source->length(), compressing, compress_encoding);
if( config.utf8 )
PT::WideToUTF8(*source, output_8bit);
else
AssignString(*source, output_8bit);
PT::WideToUTF8(*source, output_8bit);
// !! IMPROVE ME add to log the binary stream as well
if( config.log_server_answer )
@@ -1525,13 +1629,27 @@ void App::LogUserGroups()
bool App::DropPrivileges(const std::string & user, uid_t uid, gid_t gid, bool additional_groups)
bool App::DropPrivileges(char * user, char * group)
{
if( !WideToUTF8(config.user, user, WINIX_OS_USERNAME_SIZE) )
return false;
if( !WideToUTF8(config.group, group, WINIX_OS_USERNAME_SIZE) )
return false;
return true;
}
bool App::DropPrivileges(const char * user, uid_t uid, gid_t gid, bool additional_groups)
{
if( additional_groups )
{
if( initgroups(user.c_str(), gid) < 0 )
if( initgroups(user, gid) < 0 )
{
log << log1 << "App: I can't init groups for user: " << user << logend;
log << log1 << "App: I can't init groups for a user: " << user << logend;
return false;
}
}
@@ -1545,7 +1663,7 @@ bool App::DropPrivileges(const std::string & user, uid_t uid, gid_t gid, bool ad
}
// for setting real and saved gid too
if( setgid(gid) )
if( setgid(gid) < 0 )
{
log << log1 << "App: I can't change real and saved gid" << logend;
return false;
@@ -1568,8 +1686,12 @@ return true;
}
bool App::DropPrivileges()
{
char user_name[WINIX_OS_USERNAME_SIZE];
char group_name[WINIX_OS_USERNAME_SIZE];
if( getuid()!=0 && geteuid()!=0 )
return true;
@@ -1577,20 +1699,23 @@ bool App::DropPrivileges()
if( config.user.empty() )
{
log << log1 << "App: you should specify user name in the config file "
log << log1 << "App: in the config file you should specify a user name and a group "
<< "to which I have to drop privileges" << logend;
return false;
}
if( config.group.empty() )
{
log << log1 << "App: you should specify group name in the config file "
log << log1 << "App: you should specify a group name in the config file "
<< "to which I have to drop privileges" << logend;
return false;
}
passwd * p = getpwnam(config.user.c_str());
group * g = getgrnam(config.group.c_str());
if( !DropPrivileges(user_name, group_name) )
return false;
passwd * p = getpwnam(user_name);
group * g = getgrnam(group_name);
if( !p )
{
@@ -1604,7 +1729,7 @@ bool App::DropPrivileges()
return false;
}
if( !DropPrivileges(config.user, p->pw_uid, g->gr_gid, config.additional_groups) )
if( !DropPrivileges(user_name, p->pw_uid, g->gr_gid, config.additional_groups) )
return false;
return true;
@@ -1674,25 +1799,66 @@ void App::WaitForThreads()
void App::FetchPageOnExit()
/*
we send a one FastCGI record at the end when winix closes (to wake up the main thread)
this method is called from the special thread
typedef struct {
unsigned char version;
unsigned char type;
unsigned char requestIdB1;
unsigned char requestIdB0;
unsigned char contentLengthB1;
unsigned char contentLengthB0;
unsigned char paddingLength;
unsigned char reserved;
unsigned char contentData[contentLength];
unsigned char paddingData[paddingLength];
} FCGI_Record;
*/
void App::SendEmptyFastCGIPacket()
{
// stupid trick to break FCGX_Accept_r() function
// even with FCGX_InitRequest(..., ..., FCGI_FAIL_ACCEPT_ON_INTR) the FCGX_Accept_r
// doesn't want to break on a signal
// so we request one page from the server for exiting from FCGX_Accept_r
std::string msg;
sockaddr_un to;
int res;
Lock();
CURL * curl = curl_easy_init();
Unlock();
int s = socket(PF_LOCAL, SOCK_STREAM, 0);
if( curl )
if( s < 0 )
return;
memset(&to, 0, sizeof(to));
#ifdef __FreeBSD__
to.sun_len = offsetof(sockaddr_un, sun_path)
+ socket_to_send_on_exit.size()
+ 1; // terminating zero
#endif
to.sun_family = AF_UNIX;
snprintf(to.sun_path, sizeof(to.sun_path)/sizeof(char), "%s", socket_to_send_on_exit.c_str());
// actually we can send one byte only
msg += FCGI_VERSION_1;
msg += FCGI_GET_VALUES;
msg += (char)0; // requestid
msg += (char)0;
msg += (char)0; // contentlength
msg += (char)0;
msg += (char)0; // padding length
msg += (char)0;
msg += (char)0; // reserved
res = connect(s, (sockaddr*)&to, sizeof(to));
if( res == 0 )
{
curl_easy_setopt(curl, CURLOPT_URL, url_to_fetch_on_exit.c_str());
curl_easy_setopt(curl, CURLOPT_TCP_NODELAY, 1);
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1);
curl_easy_perform(curl);
curl_easy_cleanup(curl);
send(s, msg.c_str(), msg.size(), 0);
}
close(s);
}
@@ -1714,12 +1880,10 @@ int sig;
app->synchro.was_stop_signal = true;
FCGX_ShutdownPending();
// here we don't have to use SSL version so we always use config.url_proto
PT::WideToUTF8(app->config.url_proto, app->url_to_fetch_on_exit);
PT::WideToUTF8(app->config.base_url, app->url_to_fetch_on_exit, false);
PT::WideToUTF8(app->config.fcgi_socket, app->socket_to_send_on_exit);
app->Unlock();
app->FetchPageOnExit();
app->SendEmptyFastCGIPacket();
pthread_exit(0);
return 0;

15
core/app.h Executable file → Normal file
View File

@@ -147,7 +147,7 @@ private:
int fcgi_socket;
Synchro synchro;
pthread_t signal_thread;
std::string url_to_fetch_on_exit;
std::string socket_to_send_on_exit;
std::string send_data_buf;
PT::SpaceToJSON json_generic_serializer;
TextStream<std::wstring> json_out_stream;
@@ -155,7 +155,12 @@ private:
std::wstring html_filtered;
std::string output_8bit;
BinaryPage compressed_output;
std::wstring cookie_id_string;
bool InitFCGI(char * sock, char * sock_user, char * sock_group);
bool InitFCGIChmodChownSocket(char * sock, char * sock_user, char * sock_group);
bool DropPrivileges(char * user, char * group);
bool DropPrivileges(const char * user, uid_t uid, gid_t gid, bool additional_groups);
bool CheckAccessFromPlugins();
void ProcessRequestThrow();
void ProcessRequest();
@@ -178,9 +183,10 @@ private:
void LogEnvironmentVariables();
void SetEnv(const char * & env, const char * name);
void SetEnv(const char * name, std::wstring & env);
void ReadEnvVariables();
void ReadGetPostVars();
void ReadEnvRemoteIP();
void ReadPostVars();
void CheckIE();
void CheckKonqueror();
@@ -217,10 +223,9 @@ private:
void LogUsers();
void LogEffectiveGroups(std::vector<gid_t> & tab);
void LogGroups();
bool DropPrivileges(const std::string & user, uid_t uid, gid_t gid, bool additional_groups);
static void * SpecialThreadForSignals(void*);
void FetchPageOnExit();
void SendEmptyFastCGIPacket();
void CreateStaticTree();

0
core/basethread.cpp Executable file → Normal file
View File

0
core/basethread.h Executable file → Normal file
View File

0
core/bbcodeparser.cpp Executable file → Normal file
View File

0
core/bbcodeparser.h Executable file → Normal file
View File

0
core/compress.cpp Executable file → Normal file
View File

0
core/compress.h Executable file → Normal file
View File

76
core/config.cpp Executable file → Normal file
View File

@@ -5,7 +5,7 @@
*/
/*
* Copyright (c) 2008-2014, Tomasz Sowa
* Copyright (c) 2008-2015, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -70,14 +70,14 @@ void Config::ShowError()
case PT::SpaceParser::cant_open_file:
if( errors_to_stdout )
std::cout << "Config: cant open a config file: " << config_file << std::endl;
std::wcout << L"Config: I cannot open a config file: " << config_file << std::endl;
log << log1 << "Config: cant open a config file: " << config_file << logend;
break;
case PT::SpaceParser::syntax_error:
if( errors_to_stdout )
std::cout << "Config: syntax error, line: " << parser.line << std::endl;
std::wcout << "Config: syntax error, line: " << parser.line << std::endl;
log << log1 << "Config: syntax error, line: " << parser.line << logend;
break;
@@ -102,7 +102,6 @@ bool Config::ReadConfig(bool errors_to_stdout_, bool stdout_is_closed)
log << log2 << "Config: reading a config file" << logend;
parser.SplitSingle(true);
parser.UTF8(true); // config is always read in UTF-8
parser.SetSpace(space);
PT::SpaceParser::Status status = parser.Parse(config_file);
@@ -125,19 +124,21 @@ bool Config::ReadConfig(bool errors_to_stdout_, bool stdout_is_closed)
void Config::AssignValues(bool stdout_is_closed)
{
server_mode = Text(L"server_mode");
demonize = Bool(L"demonize", true);
user = AText(L"user");
group = AText(L"group");
user = Text(L"user");
group = Text(L"group");
additional_groups = Bool(L"additional_groups", true);
log_file = AText(L"log_file");
log_notify_file = AText(L"log_notify_file");
log_file = Text(L"log_file");
log_notify_file = Text(L"log_notify_file");
log_delimiter = Text(L"log_delimiter", L"---------------------------------------------------------------------------------");
fcgi_socket = AText(L"fcgi_socket");
fcgi_socket = Text(L"fcgi_socket");
fcgi_socket_chmod = Int(L"fcgi_socket_chmod", 0770);
fcgi_socket_user = AText(L"fcgi_socket_user");
fcgi_socket_group = AText(L"fcgi_socket_group");
fcgi_socket_user = Text(L"fcgi_socket_user");
fcgi_socket_group = Text(L"fcgi_socket_group");
fcgi_socket_listen = Int(L"fcgi_socket_listen", 100);
log_level = Int(L"log_level", 1);
log_request = Int(L"log_request", 1);
log_save_each_line = Bool(L"log_save_each_line", false);
@@ -157,7 +158,7 @@ void Config::AssignValues(bool stdout_is_closed)
NoLastSlash(upload_dir);
NoLastSlash(common_dir);
upload_group = AText(L"upload_group");
upload_group = Text(L"upload_group");
upload_dirs_chmod = Int(L"upload_dirs_chmod", 0750);
upload_files_chmod = Int(L"upload_files_chmod", 0640);
ListText(L"static_dirs", static_dirs);
@@ -184,9 +185,9 @@ void Config::AssignValues(bool stdout_is_closed)
template_only_root_use_template_fun = Bool(L"template_only_root_use_template_fun", false);
http_session_id_name = Text(L"http_session_id_name", L"session_id");
db_database = AText(L"db_database");
db_user = AText(L"db_user");
db_pass = AText(L"db_pass");
db_database = Text(L"db_database");
db_user = Text(L"db_user");
db_pass = Text(L"db_pass");
item_url_empty = Text(L"item_url_empty");
url_proto = Text(L"url_proto", L"http://");
@@ -214,8 +215,17 @@ void Config::AssignValues(bool stdout_is_closed)
session_max_idle = Int(L"session_max_idle", 10800); // 3h
session_remember_max_idle = Int(L"session_remember_max_idle", 16070400); // 3 months
session_file = AText(L"session_file");
session_file = Text(L"session_file");
session_max = Size(L"session_max", 1000000);
session_cookie_encode = Bool(L"session_cookie_encode", false);
session_keys_file = Text(L"session_keys_file");
session_allow_index_difference = Size(L"session_allow_index_difference", 8);
session_index_time_increment = Long(L"session_index_time_increment", 30);
session_key_renew_time = Size(L"session_key_renew_time", 172800); // 2 days
broken_encoded_cookie_treshold = Size(L"broken_encoded_cookie_treshold", 2);
session_hijacking_treshold = Size(L"session_hijacking_treshold", 128);
no_session_cookie_treshold = Size(L"no_session_cookie_treshold", 128);
no_session_cookie_ban_mode = Int(L"no_session_cookie_ban_mode", 0);
compression = Bool(L"compression", true);
compression_page_min_size = Size(L"compression_page_min_size", 512);
@@ -247,7 +257,6 @@ void Config::AssignValues(bool stdout_is_closed)
NoLastSlash(plugins_dir);
ListText(L"plugins", plugin_file);
utf8 = Bool(L"utf8", true);
symlinks_follow_max = Size(L"symlinks_follow_max", 20);
ticket_form_prefix = Text(L"ticket_form_prefix", L"ticketparam");
@@ -270,6 +279,8 @@ void Config::AssignValues(bool stdout_is_closed)
ezc_max_elements = Size(L"ezc_max_elements", 50000);
ezc_max_loop_elements = Size(L"ezc_max_loop_elements", 5000);
ezc_out_streams_size = Size(L"ezc_out_streams_size", 16);
ezc_error_prefix = Text(L"ezc_error_prefix", L"<!-- ");
ezc_error_postfix = Text(L"ezc_error_postfix", L" -->");
account_need_email_verification = Bool(L"account_need_email_verification", true);
reset_password_code_expiration_time = Long(L"reset_password_code_expiration_time", 86400);
@@ -293,6 +304,7 @@ void Config::AssignValues(bool stdout_is_closed)
incorrect_login_cannot_login_treshold = Size(L"incorrect_login_cannot_login_treshold", 20);
incorrect_login_cannot_login_delay = Size(L"incorrect_login_cannot_login_delay", 1800);
pid_file = Text(L"pid_file", L"");
}
@@ -321,7 +333,16 @@ void Config::SetAdditionalVariables()
if( locale_files.empty() )
locale_files.push_back(L"en");
upload_group_int = GetGroupId(upload_group);
if( !upload_group.empty() )
upload_group_int = GetGroupId(upload_group);
else
upload_group_int = -1;
if( session_cookie_encode && session_keys_file.empty() )
session_cookie_encode = false;
if( session_index_time_increment < 0 )
session_index_time_increment = 0;
}
@@ -368,25 +389,6 @@ std::wstring & Config::Text(const std::wstring & name, const wchar_t * def)
}
std::string & Config::AText(const wchar_t * name)
{
return space.AText(name);
}
std::string & Config::AText(const wchar_t * name, const char * def)
{
return space.AText(name, def);
}
std::string & Config::AText(const std::wstring & name, const char * def)
{
return space.AText(name, def);
}
int Config::Int(const wchar_t * name)
{
return space.Int(name);

114
core/config.h Executable file → Normal file
View File

@@ -5,7 +5,7 @@
*/
/*
* Copyright (c) 2008-2014, Tomasz Sowa
* Copyright (c) 2008-2015, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -53,7 +53,14 @@ public:
// name of the config file
// this is the parameter passed to winix programm
std::string config_file;
std::wstring config_file;
// server mode
// you can assign any string to it such as "production" "dev"
// this value is not used by winix itself
// you can refer to it from [server_mode] and [server_mode_is] ezc functions
std::wstring server_mode;
// start as a demon (in the background)
// default: true
@@ -61,11 +68,11 @@ public:
// system user's name to whom winix should drop privileges
// used only if winix is started as the root
std::string user;
std::wstring user;
// system group's name to which drop privileges
// used only if winix is started as the root
std::string group;
std::wstring group;
// setting additional effective groups from /etc/group
// by using initgroups()
@@ -74,7 +81,7 @@ public:
bool additional_groups;
// log file name, log file name for notifications (sending emails, etc)
std::string log_file, log_notify_file;
std::wstring log_file, log_notify_file;
// the log level (how much info should be inserted to logs)
// 1 - minimum
@@ -132,16 +139,24 @@ public:
bool log_http_answer_headers;
// fast cgi: socket (unix domain)
std::string fcgi_socket;
std::wstring fcgi_socket;
// fast cgi: socket permissions
// chmod and chown of the socket are set before winix drops privileges
int fcgi_socket_chmod;
// fast cgi: owner of the socket
std::string fcgi_socket_user;
// chmod and chown of the socket are set before winix drops privileges
std::wstring fcgi_socket_user;
// fast cgi: group of the socket
std::string fcgi_socket_group;
// chmod and chown of the socket are set before winix drops privileges
std::wstring fcgi_socket_group;
// fcgi_socket_listen is the listen queue depth used in the listen() call
// when creating a FastCGI socket for the web server
// default: 100
int fcgi_socket_listen;
std::wstring templates_dir;
std::wstring templates_dir_default; // html templates from winix
@@ -165,9 +180,9 @@ public:
bool template_only_root_use_template_fun;
// the database name, user name and a password for the PostgreSQL database
std::string db_database;
std::string db_user;
std::string db_pass;
std::wstring db_database;
std::wstring db_user;
std::wstring db_pass;
// the name of the cookie which has the session identifier
std::wstring http_session_id_name;
@@ -189,12 +204,65 @@ public:
// a file to which winix stores sessions info
// it is used when winix starts (boots) and quits
std::string session_file;
std::wstring session_file;
// how many sessions can be (zero turn off this checking)
// default: 1000000 (one milion)
size_t session_max;
// whether or not we should encode the session cookie
// (we have a special algorithm)
// default: false
bool session_cookie_encode;
// if session_cookie_encode is true then you should provide
// a file where AES keys will be stored
std::wstring session_keys_file;
// each session has an index -- an unsigned int value
// this value is sent in the cookie string (is encoded)
// and is incremented when session_index_time_increment time is passed since the last incrementing
// if a client sent the cookie back the difference between
// current index and the index in the cookie should be less than or equal to session_allow_index_difference
// default: 8
size_t session_allow_index_difference;
// the time which should pass after the session index is incremented
// default: 30
// (session_allow_index_difference + 1) * session_index_time_increment should be less than a time
// load of a page and all elements on it such as images (of course it depends on client's download too)
time_t session_index_time_increment;
// time in seconds after a new AES key pair should be generated
// we have 256 pairs of keys so this time multiplied by 256 should not be less than
// the max time of a session (session_remember_max_idle),
// by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle)
// default: 172800 = 2 days (max: 2678400 = 1 month, min: 10)
size_t session_key_renew_time;
// after how many broken encoded cookie we should ban the current IP
// default: 2 (value in the range <0 - 65535>)
size_t broken_encoded_cookie_treshold;
// after how many incorrect session identifiers (or session indices) we should ban the current IP
// do not set this value too low, as people connecting from the same IP address (from behind a NAT)
// would be banned if they have an old session cookie remembered in the browser
// default: 128 (value in the range <0 - 65535>)
size_t session_hijacking_treshold;
// after how many times a client will be banned if it did not send a session cookie
// this can be a bot such as a Google Bot or just people connecting from a NAT and all have the same IP
// default: 128 (value in the range <0 - 65535>)
size_t no_session_cookie_treshold;
// the way we behave when no_session_cookie_treshold limit is exceeded
// 0 - if a client doesn't send a session cookie again then use a temporary session
// (other sessions from this IP address are not affected)
// 1 - add this IP address to ban list and create a temporary session
// (this will block other sessions from this IP address too)
// default: 0
int no_session_cookie_ban_mode;
// allow the winix output to be compressed
// default: true
bool compression;
@@ -295,7 +363,7 @@ public:
// system group's name for new uploaded files (created directories in the file system)
// it can be empty (it is not used then)
std::string upload_group;
std::wstring upload_group;
// this value will be set based on upload_group
// will be -1 if upload_group is empty or if it is invalid
@@ -462,11 +530,6 @@ public:
// (if true the html code for root is not filtered)
bool editors_html_safe_mode_skip_root;
// charset used in templates, locales, logs etc.
// default: true (UTF-8)
// if false it means 8-bit ASCII
bool utf8;
// how many maximum symlinks can be followed
// (symlinks on directories as well)
// default: 20
@@ -549,6 +612,13 @@ public:
// default: 16 (64 maximum)
size_t ezc_out_streams_size;
// prefix and postfix used when there is an error in Ezc patterns
// default:
// prefix: "<!-- "
// postfix: " -->"
std::wstring ezc_error_prefix;
std::wstring ezc_error_postfix;
// when true then when a user want to create a new account
// he has to provide his email and a message will be sent back to him
// with a link to activate the account
@@ -632,7 +702,7 @@ public:
// how many incorrect logins there must have been passed to display a captcha
// next to the login form
// default: 3
// default: 3 (value in the range <0 - 65535>)
size_t incorrect_login_captcha_treshold;
// the way how we prevent to login if there are too many incorrect login attempts
@@ -643,7 +713,7 @@ public:
int incorrect_login_cannot_login_mode;
// after how many incorrect login attempts we do the incorrect_login_cannot_login_mode action
// default: 20
// default: 20 (value in the range <0 - 65535>)
size_t incorrect_login_cannot_login_treshold;
// used when incorrect_login_cannot_login_mode is zero
@@ -666,9 +736,6 @@ public:
std::wstring & Text(const wchar_t * name);
std::wstring & Text(const wchar_t * name, const wchar_t * def);
std::wstring & Text(const std::wstring & name, const wchar_t * def);
std::string & AText(const wchar_t * name);
std::string & AText(const wchar_t * name, const char * def);
std::string & AText(const std::wstring & name, const char * def);
int Int(const wchar_t *);
int Int(const wchar_t * name, int def);
@@ -700,7 +767,6 @@ public:
private:
PT::SpaceParser parser;
std::string default_str;
bool errors_to_stdout;
void ShowError();

52
core/cookieparser.h Executable file → Normal file
View File

@@ -35,7 +35,6 @@
#ifndef headerfile_winix_core_cookieparser
#define headerfile_winix_core_cookieparser
#include <fcgiapp.h>
#include "httpsimpleparser.h"
#include "requesttypes.h"
#include "log.h"
@@ -49,10 +48,8 @@ namespace Winix
class CookieParser : public HttpSimpleParser
{
const char * cookie_string;
const wchar_t * cookie_string;
CookieTab * cookie_tab;
std::wstring temp_name, temp_value;
bool input_as_utf8;
protected:
@@ -63,32 +60,23 @@ protected:
if( !cookie_string || *cookie_string == 0 )
return -1;
return (int)(unsigned char)*(cookie_string++);
}
void ConvStr(const std::string & src, std::wstring & dst)
{
if( input_as_utf8 )
PT::UTF8ToWide(src, dst);
else
AssignString(src, dst);
return (int)*(cookie_string++);
}
virtual void Parameter(std::string & name, std::string & value)
virtual void Parameter(std::wstring & name, std::wstring & value)
{
// Cookie names are case insensitive according to section 3.1 of RFC 2965
// (we don't use locale here)
ToLower(name);
ConvStr(name, temp_name);
ConvStr(value, temp_value);
std::pair<CookieTab::iterator, bool> res = cookie_tab->insert( std::make_pair(temp_name, temp_value) );
log << log2 << "Cookie, name: \"" << temp_name << "\", value: \"" << temp_value << "\"";
std::pair<CookieTab::iterator, bool> res = cookie_tab->insert( std::make_pair(name, value) );
log << log2 << "Cookie, name: \"" << name << "\", value: \"" << value << "\"";
if( res.second == false )
{
res.first->second = temp_value;
res.first->second = value;
log << " (overwritten)";
}
@@ -101,28 +89,28 @@ public:
CookieParser()
{
input_as_utf8 = false;
HttpSimpleParser::separator = ';';
HttpSimpleParser::value_can_be_quoted = true;
HttpSimpleParser::skip_white_chars = true;
HttpSimpleParser::recognize_special_chars = false;
HttpSimpleParser::separator = ';';
HttpSimpleParser::value_can_be_quoted = true;
HttpSimpleParser::skip_white_chars = true;
HttpSimpleParser::recognize_special_chars = false;
HttpSimpleParser::getchar_returns_utf8_chars = false;
}
void UTF8(bool utf)
{
input_as_utf8 = utf;
}
// cookie_string can be null
void Parse(const char * cookie_string_, CookieTab & cookie_tab_)
void Parse(const wchar_t * cookie_string_, CookieTab & cookie_tab_)
{
cookie_string = cookie_string_;
cookie_tab = &cookie_tab_;
cookie_tab = &cookie_tab_;
HttpSimpleParser::Parse();
}
void Parse(const std::wstring & cookie_string_, CookieTab & cookie_tab_)
{
Parse(cookie_string_.c_str(), cookie_tab_);
}
};

0
core/crypt.cpp Executable file → Normal file
View File

0
core/crypt.h Executable file → Normal file
View File

0
core/cur.h Executable file → Normal file
View File

0
core/dircontainer.cpp Executable file → Normal file
View File

0
core/dircontainer.h Executable file → Normal file
View File

0
core/dirs.cpp Executable file → Normal file
View File

0
core/dirs.h Executable file → Normal file
View File

0
core/error.h Executable file → Normal file
View File

0
core/group.h Executable file → Normal file
View File

0
core/groups.cpp Executable file → Normal file
View File

0
core/groups.h Executable file → Normal file
View File

0
core/htmlfilter.cpp Executable file → Normal file
View File

0
core/htmlfilter.h Executable file → Normal file
View File

131
core/httpsimpleparser.cpp Executable file → Normal file
View File

@@ -33,6 +33,9 @@
*/
#include "httpsimpleparser.h"
#include "misc.h"
#include "utf8/utf8.h"
namespace Winix
@@ -41,14 +44,12 @@ namespace Winix
void HttpSimpleParser::ToLower(std::string & s)
void HttpSimpleParser::ToLower(std::wstring & s)
{
std::string::iterator i;
for(i=s.begin() ; i!= s.end() ; ++i)
for(wchar_t & c : s)
{
if( *i>='A' && *i<='Z' )
*i = *i - 'A' + 'a';
if( c>='A' && c<='Z' )
c = c - 'A' + 'a';
}
}
@@ -70,38 +71,6 @@ void HttpSimpleParser::SkipWhiteChars()
void HttpSimpleParser::TrimWhiteChars(std::string & s)
{
if( s.empty() )
return;
std::string::size_type i;
for(i = 0 ; i<s.size() && IsWhite(s[i]) ; ++i);
if( i == s.size() )
{
// all characters are white
s.clear();
return;
}
if( i > 0 )
// there are some white characters at the beginning
s.erase(0, i);
// s is not empty now (i was not equal s.size())
// and we have some non white characters
// we stops at the last non white character
for(i = s.size()-1 ; i>0 && IsWhite(s[i]) ; --i);
if( i != s.size()-1 )
// there are some white characters at the end
// we're starting from i+1 even when i==0 (there are some non white characters)
s.erase(i+1, s.size() - i - 1);
}
int HttpSimpleParser::ParseHalfHex(int c)
@@ -152,33 +121,42 @@ void HttpSimpleParser::CheckSpecialChar()
void HttpSimpleParser::ReadName()
{
// we're checking 'separator' and '=' because the string is allowed not having '=' (the value is optional)
utf8_token.clear();
last_name.clear();
for( ; last_c!=-1 && last_c!=separator && last_c!='=' ; last_c = GetChar() )
{
if( recognize_special_chars )
CheckSpecialChar();
if( last_c != -1 )
last_name += last_c;
{
if( getchar_returns_utf8_chars )
utf8_token += last_c;
else
last_name += last_c;
}
}
if( getchar_returns_utf8_chars )
PT::UTF8ToWide(utf8_token, last_name);
if( last_c == '=' )
last_c = GetChar();
}
void HttpSimpleParser::ReadQuotedValue()
{
// skipping '"'
last_c = GetChar();
utf8_token.clear();
last_value.clear();
for( ; last_c!=-1 && last_c!='"' ; last_c = GetChar() )
{
@@ -186,9 +164,16 @@ void HttpSimpleParser::ReadQuotedValue()
CheckSpecialChar();
if( last_c != -1 )
last_value += last_c;
{
if( getchar_returns_utf8_chars )
utf8_token += last_c;
else
last_value += last_c;
}
}
if( getchar_returns_utf8_chars )
PT::UTF8ToWide(utf8_token, last_value);
if( last_c == '"' )
last_c = GetChar();
@@ -199,26 +184,39 @@ void HttpSimpleParser::ReadQuotedValue()
}
void HttpSimpleParser::ReadNormalValue()
{
utf8_token.clear();
last_value.clear();
for( ; last_c!=-1 && last_c!=separator ; last_c = GetChar() )
{
if( recognize_special_chars )
CheckSpecialChar();
if( last_c != -1 )
{
if( getchar_returns_utf8_chars )
utf8_token += last_c;
else
last_value += last_c;
}
}
if( getchar_returns_utf8_chars )
PT::UTF8ToWide(utf8_token, last_value);
}
void HttpSimpleParser::ReadValue()
{
if( skip_white_chars )
SkipWhiteChars();
if( value_can_be_quoted && last_c == '"' )
{
ReadQuotedValue();
}
else
{
for( ; last_c!=-1 && last_c!=separator ; last_c = GetChar() )
{
if( recognize_special_chars )
CheckSpecialChar();
if( last_c != -1 )
last_value += last_c;
}
}
ReadNormalValue();
if( last_c == separator )
@@ -228,6 +226,21 @@ void HttpSimpleParser::ReadValue()
/*
* there can be some important values like passwords so its better
* to clear them now
*/
void HttpSimpleParser::Clear()
{
Overwrite(last_name);
Overwrite(last_value);
Overwrite(utf8_token);
last_name.clear();
last_value.clear();
utf8_token.clear();
}
void HttpSimpleParser::Parse()
{
for( last_c = GetChar() ; last_c != -1 ; )
@@ -242,12 +255,14 @@ void HttpSimpleParser::Parse()
if( skip_white_chars )
{
TrimWhiteChars(last_name);
TrimWhiteChars(last_value);
TrimWhite(last_name);
TrimWhite(last_value);
}
Parameter(last_name, last_value); // user definied function
}
Clear();
}

26
core/httpsimpleparser.h Executable file → Normal file
View File

@@ -52,26 +52,33 @@ protected:
bool skip_white_chars;
bool recognize_special_chars;
int ParseHalfHex(int c);
// if false then GetChar() returns wide characters (converted to int)
// if true then GetChar() returns utf8 characters (we have to convert them from utf8 to wide chars)
bool getchar_returns_utf8_chars;
int ParseHalfHex(int c);
void ReadName();
void ReadQuotedValue();
void ReadNormalValue();
void ReadValue();
void Clear();
std::string last_name;
std::string last_value;
std::wstring last_name;
std::wstring last_value;
std::string utf8_token;
int last_c;
int separator;
// '-1' means end (eof)
// when there is an eof this method can be called more than once (it should always return -1 in such a case)
virtual int GetChar() = 0;
virtual void Parameter(std::string & last_name, std::string & last_value) = 0;
virtual void Parameter(std::wstring & last_name, std::wstring & last_value) = 0;
void ToLower(std::string & s);
void ToLower(std::wstring & s);
bool IsWhite(int c);
void SkipWhiteChars();
void TrimWhiteChars(std::string & s);
void CheckSpecialChar();
void Parse();
@@ -84,9 +91,10 @@ public:
{
separator = '&';
read_name = true;
value_can_be_quoted = false;
skip_white_chars = false;
recognize_special_chars = true;
value_can_be_quoted = false;
skip_white_chars = false;
recognize_special_chars = true;
getchar_returns_utf8_chars = false;
}
};

5
core/image.cpp Executable file → Normal file
View File

@@ -545,10 +545,7 @@ void Image::SaveImage()
{
// it doesn't matter for us if there is an error when chmod/chown on a file
// the admin (root) will correct it
std::string dst_patha; // IMPROVE ME temporary -- in the futere there'll be SetPriv() with std::wstring
PT::WideToUTF8(dst_path, dst_patha);
SetPriv(dst_patha, config->upload_files_chmod, config->upload_group_int);
SetPriv(dst_path, config->upload_files_chmod, config->upload_group_int);
ImageSavedCorrectly();
}
else

0
core/image.h Executable file → Normal file
View File

28
core/ipban.h
View File

@@ -87,11 +87,21 @@ struct IPBan
// the ban level to a greater value
time_t expires;
// how many incorrect login attempts there are
unsigned int incorrect_login_events;
unsigned short int incorrect_login_events;
// in the future there can be more *_events fields
// how many incorrect encoded cookie were sent
// only used if config.session_cookie_encode is true and session_keys_file is defined
unsigned short int broken_encoded_cookie_events;
// how many incorrect session identifiers were sent
unsigned short int session_hijacking_events;
// client didn't send a session cookie
// it can be a bot or just someone wants to DOS the server
// (a new session will be create)
unsigned short int no_session_cookie_events;
bool HasFlag(int flag) const
@@ -123,7 +133,7 @@ struct IPBan
}
void AddNextBanLevel(time_t level1_expires, time_t level2_expires, time_t level3_expires)
void IncrementBanLevel(time_t level1_expires, time_t level2_expires, time_t level3_expires)
{
if( HasFlag(WINIX_IPBAN_FLAG_BAN_LEVEL3) )
{
@@ -164,14 +174,20 @@ struct IPBan
flags = 0;
last_used = 0;
expires = 0;
incorrect_login_events = 0;
incorrect_login_events = 0;
broken_encoded_cookie_events = 0;
session_hijacking_events = 0;
no_session_cookie_events = 0;
}
void ClearAfterRemovingBan()
void ResetEventsCounters()
{
ClearFlag(WINIX_IPBAN_FLAG_ACTIVE);
incorrect_login_events = 0;
incorrect_login_events = 0;
broken_encoded_cookie_events = 0;
session_hijacking_events = 0;
no_session_cookie_events = 0;
expires = 0;
}

0
core/item.cpp Executable file → Normal file
View File

0
core/item.h Executable file → Normal file
View File

0
core/job.cpp Executable file → Normal file
View File

0
core/job.h Executable file → Normal file
View File

0
core/lastcontainer.cpp Executable file → Normal file
View File

0
core/lastcontainer.h Executable file → Normal file
View File

9
core/loadavg.cpp Executable file → Normal file
View File

@@ -201,8 +201,12 @@ void LoadAvg::StartRequest()
void LoadAvg::StopRequest()
{
char buf[50];
clock_gettime(CLOCK_REALTIME, &stop_req);
double dr = (stop_req.tv_sec - start_req.tv_sec);
@@ -216,7 +220,10 @@ void LoadAvg::StopRequest()
current5.req += 1;
current15.req += 1;
log << log2 << "LA: request took: " << dr << "s" << logend;
sprintf(buf, "%f", dr);
SetNonZeroDigitsAfterComma(buf, 2);
log << log2 << "LA: request took: " << buf << "s" << logend;
was_stop_request = true;
}

0
core/loadavg.h Executable file → Normal file
View File

0
core/lock.cpp Executable file → Normal file
View File

0
core/lock.h Executable file → Normal file
View File

4
core/log.cpp Executable file → Normal file
View File

@@ -78,14 +78,14 @@ int Log::LogLevel()
void Log::Init(int log_level_, bool save_each_line_, const std::string & log_file_, bool log_std, int log_max_requests)
void Log::Init(int log_level_, bool save_each_line_, const std::wstring & log_file_, bool log_std, int log_max_requests)
{
log_level = log_level_;
log_file = log_file_;
log_stdout = log_std;
max_requests = log_max_requests;
save_each_line = save_each_line_;
PT::WideToUTF8(log_file_, log_file);
// don't open the file here
// because it would be created with the root as an owner
}

2
core/log.h Executable file → Normal file
View File

@@ -62,7 +62,7 @@ public:
~Log();
void SetTimeZones(TimeZones * ptime_zones);
void Init(int log_level_, bool save_each_line_, const std::string & log_file_, bool log_std, int log_max_requests);
void Init(int log_level_, bool save_each_line_, const std::wstring & log_file_, bool log_std, int log_max_requests);
Log & operator<<(const void * s);
Log & operator<<(const char * s);

0
core/logmanipulators.h Executable file → Normal file
View File

597
core/misc.cpp Executable file → Normal file
View File

@@ -51,20 +51,26 @@ namespace Winix
namespace misc_private
{
// white_chars table should be sorted
// we do not treat a new line character (10) as a white character
// we do not treat a new line character (10) as a white character here
static const wchar_t white_chars[] = { 0x0009, 0x000B, 0x000C, 0x000D, 0x0020, 0x0085, 0x00A0,
0x1680, 0x180E, 0x2000, 0x2001, 0x2002, 0x2003, 0x2004,
0x2005, 0x2006, 0x2007, 0x2008, 0x2009, 0x200A, 0x2028,
0x2029, 0x202F, 0x205F, 0x3000 };
std::ifstream get_file_content;
std::string get_file_content_ansi;
PT::WTextStream tmp_qencode;
}
/*
* IMPROVE ME
* we ca add our own functions with treat_new_line_as_white flag
* and with a pointer pointing after the number
*
* Toi(const wchar_t * str, const wchar_t ** str_after, bool treat_new_line_as_white);
* Toi(const wchar_t * str, bool treat_new_line_as_white);
* Toi(const std::wstring & str, bool treat_new_line_as_white);
*
*/
int Toi(const std::string & str, int base)
{
return Toi(str.c_str(), base);
@@ -177,7 +183,7 @@ return buffer;
void Toa(int value, std::string & res, int base, bool clear)
{
static char buffer[50];
static char buffer[50]; // !! IMPROVE ME this 'static' is not needed here?
size_t len = sizeof(buffer) / sizeof(char);
if( clear )
@@ -190,7 +196,7 @@ size_t len = sizeof(buffer) / sizeof(char);
void Toa(long value, std::string & res, int base, bool clear)
{
static char buffer[50];
static char buffer[50]; // !! IMPROVE ME the same as above
size_t len = sizeof(buffer) / sizeof(char);
if( clear )
@@ -203,7 +209,7 @@ size_t len = sizeof(buffer) / sizeof(char);
void Toa(int value, std::wstring & res, int base, bool clear)
{
static wchar_t buffer[50];
static wchar_t buffer[50]; // !!
size_t len = sizeof(buffer) / sizeof(wchar_t);
if( clear )
@@ -216,7 +222,7 @@ size_t len = sizeof(buffer) / sizeof(wchar_t);
void Toa(long value, std::wstring & res, int base, bool clear)
{
static wchar_t buffer[50];
static wchar_t buffer[50]; // !!
size_t len = sizeof(buffer) / sizeof(wchar_t);
if( clear )
@@ -230,142 +236,43 @@ size_t len = sizeof(buffer) / sizeof(wchar_t);
void AssignString(const char * src, size_t len, std::wstring & dst, bool clear)
void SetNonZeroDigitsAfterComma(char * str, size_t digits)
{
if( clear )
dst.clear();
bool was_comma = false;
bool was_not_zero = false;
size_t zeroes = 0;
size_t not_zeroes = 0;
if( dst.capacity() < dst.size() + len )
dst.reserve(dst.size() + len + 128);
for(size_t i=0 ; str[i] != 0 ; ++i)
{
if( str[i] == '.' || str[i] == ',' )
{
was_comma = true;
}
else
if( was_comma )
{
if( str[i] == '0' && !was_not_zero )
{
zeroes += 1;
}
else
{
was_not_zero = true;
not_zeroes += 1;
for(size_t i=0 ; i<len ; ++i )
dst += static_cast<unsigned char>(src[i]);
if( not_zeroes >= digits )
{
str[i+1] = 0;
break;
}
}
}
}
}
void AssignString(const char * src, std::wstring & dst, bool clear)
{
size_t len;
for(len=0 ; src[len] ; ++len){}
AssignString(src, len, dst, clear);
}
void AssignString(const std::string & src, std::wstring & dst, bool clear)
{
AssignString(src.c_str(), src.size(), dst, clear);
}
void AssignString(const wchar_t * src, size_t len, std::string & dst, bool clear)
{
if( clear )
dst.clear();
if( dst.capacity() < dst.size() + len )
dst.reserve(dst.size() + len + 128);
for(size_t i=0 ; i<len ; ++i)
dst += static_cast<char>(src[i]);
}
void AssignString(const wchar_t * src, std::string & dst, bool clear)
{
size_t len;
for(len=0 ; src[len] ; ++len){}
AssignString(src, len, dst, clear);
}
void AssignString(const std::wstring & src, std::string & dst, bool clear)
{
AssignString(src.c_str(), src.size(), dst, clear);
}
void AssignString(const char * src, size_t len, std::string & dst, bool clear)
{
if( clear )
dst.clear();
// we suppose that append is smart enough and we don't have to use reserve()
dst.append(src, len);
}
void AssignString(const char * src, std::string & dst, bool clear)
{
size_t len;
for(len=0 ; src[len] ; ++len){}
AssignString(src, len, dst, clear);
}
void AssignString(const std::string & src, std::string & dst, bool clear)
{
if( clear )
dst.clear();
dst.append(src);
}
void AssignString(const wchar_t * src, size_t len, std::wstring & dst, bool clear)
{
if( clear )
dst.clear();
// we suppose that append is smart enough and we don't have to use reserve()
dst.append(src, len);
}
void AssignString(const wchar_t * src, std::wstring & dst, bool clear)
{
size_t len;
for(len=0 ; src[len] ; ++len){}
AssignString(src, len, dst, clear);
}
void AssignString(const std::wstring & src, std::wstring & dst, bool clear)
{
if( clear )
dst.clear();
dst.append(src);
}
bool CorrectUrlChar(wchar_t c)
{
@@ -610,9 +517,9 @@ PT::WTextStream IPToStr(int ip)
/*
we do not treat a new line character (10) as a white character
by default we do not treat a new line character (10) as a white character
*/
bool IsWhite(wchar_t c)
bool IsWhite(wchar_t c, bool treat_new_line_as_white)
{
using misc_private::white_chars;
@@ -620,6 +527,9 @@ using misc_private::white_chars;
size_t o1 = 0;
size_t o2 = len - 1;
if( c == 10 )
return treat_new_line_as_white ? true : false;
if( c < white_chars[o1] || c > white_chars[o2] )
return false;
@@ -652,13 +562,7 @@ bool IsWhite(const wchar_t * str, bool treat_new_line_as_white)
{
for( ; *str != 0 ; ++str )
{
if( *str == '\n' )
{
if( !treat_new_line_as_white )
return false;
}
else
if( !IsWhite(*str) )
if( !IsWhite(*str, treat_new_line_as_white) )
return false;
}
@@ -677,6 +581,95 @@ bool IsWhite(const std::wstring & str, bool treat_new_line_as_white)
void TrimWhite(std::wstring & s, bool trim_new_line_too)
{
size_t i;
if( s.empty() )
return;
// looking for white characters at the end
for(i=s.size()-1 ; i>0 && IsWhite(s[i], trim_new_line_too) ; --i);
if( i==0 && IsWhite(s[i], trim_new_line_too) )
{
// the whole string has white characters
s.clear();
return;
}
// deleting white characters at the end
if( i != s.size() - 1 )
s.erase(i+1, std::wstring::npos);
// looking for white characters at the beginning
for(i=0 ; i<s.size() && IsWhite(s[i], trim_new_line_too) ; ++i);
// deleting white characters at the beginning
if( i != 0 )
s.erase(0, i);
}
const wchar_t * SkipWhite(const wchar_t * s, bool treat_new_line_as_white)
{
while( IsWhite(*s, treat_new_line_as_white) )
++s;
return s;
}
void TrimFirst(std::wstring & s, wchar_t c)
{
size_t i;
if( s.empty() )
return;
// looking for the 'c' characters at the beginning
for(i=0 ; i<s.size() && s[i]==c ; ++i);
// deleting the 'c' characters at the beginning
if( i != 0 )
s.erase(0, i);
}
void TrimLast(std::wstring & s, wchar_t c)
{
size_t i;
if( s.empty() )
return;
// looking for the 'c' characters at the end
for(i=s.size()-1 ; i>0 && s[i]==c ; --i);
if( i==0 && s[i]==c )
{
// the whole string has the 'c' characters
s.clear();
return;
}
// deleting 'c' characters at the end
if( i != s.size() - 1 )
s.erase(i+1, std::wstring::npos);
}
void Trim(std::wstring & s, wchar_t c)
{
if( s.empty() )
return;
TrimLast(s, c);
TrimFirst(s, c);
}
bool IsLastSlash(const std::wstring & path)
@@ -688,27 +681,113 @@ return path[path.size()-1] == '/';
}
const char * SkipWhite(const char * s)
bool IsInt(const wchar_t * str, bool treat_new_line_as_white, bool allow_negative_value)
{
while( IsWhite(*s) )
++s;
size_t digit = 0;
return s;
str = SkipWhite(str, treat_new_line_as_white);
if( allow_negative_value && *str == '-' )
str += 1;
while( *str>='0' && *str<='9' )
{
digit += 1;
str += 1;
}
if( digit == 0 )
return false;
str = SkipWhite(str, treat_new_line_as_white);
if( *str != 0 )
return false;
return true;
}
bool IsInt(const wchar_t * str, bool treat_new_line_as_white)
{
return IsInt(str, treat_new_line_as_white, true);
}
const wchar_t * SkipWhite(const wchar_t * s)
bool IsInt(const std::wstring & str, bool treat_new_line_as_white)
{
while( IsWhite(*s) )
++s;
return s;
return IsInt(str.c_str(), treat_new_line_as_white);
}
bool IsSize(const wchar_t * str, bool treat_new_line_as_white)
{
return IsInt(str, treat_new_line_as_white, false);
}
bool IsSize(const std::wstring & str, bool treat_new_line_as_white)
{
return IsSize(str.c_str(), treat_new_line_as_white);
}
bool IsFloat(const wchar_t * str, bool treat_new_line_as_white)
{
size_t digit = 0;
size_t comma = 0;
str = SkipWhite(str, treat_new_line_as_white);
if( *str == '-' )
str += 1;
while( (*str == ',' || *str == '.') || (*str>='0' && *str<='9') )
{
if( *str == ',' || *str == '.' )
comma += 1;
else
digit += 1;
str += 1;
}
if( comma > 1 || digit == 0 )
return false;
str = SkipWhite(str, treat_new_line_as_white);
if( *str != 0 )
return false;
return true;
}
bool IsFloat(const std::wstring & str, bool treat_new_line_as_white)
{
return IsFloat(str.c_str(), treat_new_line_as_white);
}
void Overwrite(std::string & str)
{
for(char & c : str)
c = 0;
}
void Overwrite(std::wstring & str)
{
for(wchar_t & c : str)
c = 0;
}
wchar_t ToSmall(wchar_t c)
{
if( c>='A' && c<='Z' )
@@ -792,11 +871,12 @@ bool ValidateEmail(const std::wstring & email)
bool IsFile(const wchar_t * file)
{
struct stat sb;
static std::string afile;
char file_name[WINIX_OS_PATH_SIZE];
PT::WideToUTF8(file, afile);
if( !WideToUTF8(file, file_name, WINIX_OS_PATH_SIZE) )
return false;
return (stat(afile.c_str(), &sb) == 0);
return (stat(file_name, &sb) == 0);
}
@@ -811,19 +891,20 @@ bool IsFile(const std::wstring & file)
*/
bool CreateDir(const wchar_t * dir, int priv, int group)
{
static std::string adir;
char dir_name[WINIX_OS_PATH_SIZE];
if( !IsFile(dir) )
{
PT::WideToUTF8(dir, adir);
if( !WideToUTF8(dir, dir_name, WINIX_OS_PATH_SIZE) )
return false;
if( mkdir(adir.c_str(), 0777) < 0 )
if( mkdir(dir_name, 0777) < 0 )
{
log << log1 << "Can't create a directory on fs: " << adir << logend;
log << log1 << "Can't create a directory on fs: " << dir << logend;
return false;
}
return SetPriv(adir, priv, group);
return SetPriv(dir, priv, group);
}
return true;
@@ -841,7 +922,7 @@ bool CreateDir(const std::wstring & dir, int priv, int group)
// 'dirs' can begin with a slash (will be skipped)
bool CreateDirs(const wchar_t * base_dir, const wchar_t * dirs, int priv, int group, bool skip_last)
{
static std::wstring temp;
static std::wstring temp; // !! IMPROVE ME change to char[WINIX_OS_PATH_SIZE] or just remove 'static'
const wchar_t * p = dirs;
temp = base_dir; // we start creating from 'base_dir'
@@ -883,15 +964,19 @@ bool CreateDirs(const std::wstring & base_dir, const std::wstring & dirs, int pr
int GetGroupId(const char * name)
int GetGroupId(const wchar_t * name)
{
struct group gr;
struct group * result;
char group_name[WINIX_OS_USERNAME_SIZE];
char buffer[512];
if( getgrnam_r(name, &gr, buffer, sizeof(buffer)/sizeof(char), &result) != 0 )
if( !WideToUTF8(name, group_name, WINIX_OS_USERNAME_SIZE) )
return -1;
if( getgrnam_r(group_name, &gr, buffer, sizeof(buffer)/sizeof(char), &result) != 0 )
{
log << log1 << "I cannot get the group_id for group name: " << name << logend;
log << log1 << "Misc: I cannot get the group_id for group name: " << name << logend;
return -1;
}
@@ -900,7 +985,7 @@ char buffer[512];
*/
if( result == 0 )
{
log << log1 << "There is no a group with name: " << name << logend;
log << log1 << "Misc: There is no a group with name: " << name << logend;
return -1;
}
@@ -908,7 +993,7 @@ return gr.gr_gid;
}
int GetGroupId(const std::string & name)
int GetGroupId(const std::wstring & name)
{
return GetGroupId(name.c_str());
}
@@ -918,19 +1003,25 @@ int GetGroupId(const std::string & name)
* setting priveleges and a group id on a file or on a directory
* group can be -1 (it is not used then)
*/
bool SetPriv(const char * name, int priv, int group)
bool SetPriv(const wchar_t * name, int priv, int group)
{
if( chmod(name, priv) < 0 )
char file_name[WINIX_OS_PATH_SIZE];
if( !WideToUTF8(name, file_name, WINIX_OS_PATH_SIZE) )
return false;
if( chmod(file_name, priv) < 0 )
{
log << log1 << "Can't set proper fs privileges on: " << name << logend;
log << log1 << "Misc: Can't set proper fs privileges on: " << name << logend;
return false;
}
if( group != -1 )
{
if( chown(name, geteuid(), group) < 0 )
if( chown(file_name, geteuid(), group) < 0 )
{
log << log1 << "Can't set proper fs group on: " << name << logend;
log << log1 << "Can't set proper fs group on: " << name
<< ", group id was: " << group << logend;
return false;
}
}
@@ -939,7 +1030,7 @@ return true;
}
bool SetPriv(const std::string & name, int priv, int group)
bool SetPriv(const std::wstring & name, int priv, int group)
{
return SetPriv(name.c_str(), priv, group);
}
@@ -970,18 +1061,22 @@ return true;
bool CopyFile(const wchar_t * src, const wchar_t * dst)
{
static std::string asrc, adst;
char src_name[WINIX_OS_PATH_SIZE];
char dst_name[WINIX_OS_PATH_SIZE];
FILE * in, * out;
PT::WideToUTF8(src, asrc);
PT::WideToUTF8(dst, adst);
if( !WideToUTF8(src, src_name, WINIX_OS_PATH_SIZE) )
return false;
in = fopen(asrc.c_str(), "rb");
if( !WideToUTF8(dst, dst_name, WINIX_OS_PATH_SIZE) )
return false;
in = fopen(src_name, "rb");
if( !in )
return false;
out = fopen(adst.c_str(), "wb");
out = fopen(dst_name, "wb");
if( !out )
{
@@ -998,7 +1093,7 @@ FILE * in, * out;
res = false;
if( !res )
remove(adst.c_str());
remove(dst_name);
return res;
}
@@ -1013,11 +1108,12 @@ bool CopyFile(const std::wstring & src, const std::wstring & dst)
bool RemoveFile(const wchar_t * file)
{
static std::string afile;
char file_name[WINIX_OS_PATH_SIZE];
PT::WideToUTF8(file, afile);
if( !WideToUTF8(file, file_name, WINIX_OS_PATH_SIZE) )
return false;
return unlink(afile.c_str()) == 0;
return unlink(file_name) == 0;
}
@@ -1030,12 +1126,16 @@ bool RemoveFile(const std::wstring & file)
bool RenameFile(const wchar_t * from, const wchar_t * to)
{
static std::string afrom, ato;
char from_name[WINIX_OS_PATH_SIZE];
char to_name[WINIX_OS_PATH_SIZE];
PT::WideToUTF8(from, afrom);
PT::WideToUTF8(to, ato);
if( !WideToUTF8(from, from_name, WINIX_OS_PATH_SIZE) )
return false;
return rename(afrom.c_str(), ato.c_str()) == 0;
if( !WideToUTF8(to, to_name, WINIX_OS_PATH_SIZE) )
return false;
return rename(from_name, to_name) == 0;
}
@@ -1048,19 +1148,25 @@ bool RenameFile(const std::wstring & from, const std::wstring & to)
bool GetUTF8File(const char * file_path, std::wstring & content, bool clear_content)
bool GetUTF8File(const wchar_t * file_path, std::wstring & content, bool clear_content)
{
using namespace misc_private;
char file[WINIX_OS_PATH_SIZE];
std::ifstream get_file_content;
if( clear_content )
content.clear();
get_file_content.clear();
get_file_content.open(file_path, std::ios_base::in | std::ios_base::binary);
if( !WideToUTF8(file_path, file, WINIX_OS_PATH_SIZE) )
return false;
get_file_content.open(file, std::ios_base::in | std::ios_base::binary);
if( !get_file_content )
return false;
/*
* we don't report any errors when converting from UTF8 to wide characters here
*/
PT::UTF8ToWide(get_file_content, content);
get_file_content.close();
@@ -1068,21 +1174,6 @@ return true;
}
bool GetUTF8File(const wchar_t * file_path, std::wstring & content, bool clear_content)
{
using namespace misc_private;
PT::WideToUTF8(file_path, get_file_content_ansi);
return GetUTF8File(get_file_content_ansi.c_str(), content, clear_content);
}
bool GetUTF8File(const std::string & file_path, std::wstring & content, bool clear_content)
{
return GetUTF8File(file_path.c_str(), content, clear_content);
}
bool GetUTF8File(const std::wstring & file_path, std::wstring & content, bool clear_content)
{
return GetUTF8File(file_path.c_str(), content, clear_content);
@@ -1222,6 +1313,69 @@ void UrlEncode(const std::wstring & in, std::wstring & out, bool clear_out)
bool UrlDecodeFromHex(int c, int & out)
{
if( c>='0' && c<='9' )
{
out = c - '0';
return true;
}
else
if( c>='a' && c<='f' )
{
out = c - 'a' + 10;
return true;
}
else
if( c>='A' && c<='F' )
{
out = c - 'A' + 10;
return true;
}
out = 0;
return false;
}
bool UrlDecode(const char * url, std::wstring & out, bool clear_out)
{
char url_utf8[WINIX_URL_MAX_SIZE];
size_t index = 0;
int c1, c2;
if( clear_out )
out.clear();
while( *url && index < WINIX_URL_MAX_SIZE-1 )
{
if( *url == '%' && *(url+1) && *(url+2) &&
UrlDecodeFromHex(*(url+1), c1) && UrlDecodeFromHex(*(url+2), c2) )
{
url_utf8[index++] = (c1 << 4) + c2;
url += 3;
}
else
{
url_utf8[index++] = *url;
url += 1;
}
}
url_utf8[index] = 0;
return PT::UTF8ToWide(url_utf8, out, false);
}
bool UrlDecode(const std::string & url, std::wstring & out, bool clear_out)
{
return UrlDecode(url.c_str(), out, clear_out);
}
void QEncode(const std::wstring & in, std::string & out, bool clear)
{
@@ -1254,6 +1408,27 @@ void RemovePostFileTmp(PostFileTab & post_file_tab)
}
bool WideToUTF8(const wchar_t * wide_string, char * utf8, size_t utf8_size)
{
bool res = PT::WideToUTF8(wide_string, utf8, utf8_size);
if( !res )
{
/*
* either the 'utf8' buffer is too small or there was an error when converting
*/
log << log1 << "Misc: I cannot convert from a wide string to an UTF-8 string, original string was: "
<< wide_string << logend;
}
return res;
}
bool WideToUTF8(const std::wstring & wide_string, char * utf8, size_t utf8_size)
{
return WideToUTF8(wide_string.c_str(), utf8, utf8_size);
}
} // namespace Winix

219
core/misc.h Executable file → Normal file
View File

@@ -44,6 +44,9 @@
#include "date/date.h"
#include "textstream/textstream.h"
#include "utf8/utf8.h"
#include "winix_const.h"
namespace Winix
@@ -211,33 +214,19 @@ void Toa(int value, std::wstring & res, int base = 10, bool clear = true);
void Toa(long value, std::wstring & res, int base = 10, bool clear = true);
/*
conversions between ascii text and wide characters
(destination is always std::string or std::wstring)
characters are copied as they are without any locales checking
*/
void AssignString(const char * src, size_t len, std::wstring & dst, bool clear = true);
void AssignString(const char * src, std::wstring & dst, bool clear = true);
void AssignString(const std::string & src, std::wstring & dst, bool clear = true);
void AssignString(const wchar_t * src, size_t len, std::string & dst, bool clear = true);
void AssignString(const wchar_t * src, std::string & dst, bool clear = true);
void AssignString(const std::wstring & src, std::string & dst, bool clear = true);
void AssignString(const char * src, size_t len, std::string & dst, bool clear = true);
void AssignString(const char * src, std::string & dst, bool clear = true);
void AssignString(const std::string & src, std::string & dst, bool clear = true);
void AssignString(const wchar_t * src, size_t len, std::wstring & dst, bool clear = true);
void AssignString(const wchar_t * src, std::wstring & dst, bool clear = true);
void AssignString(const std::wstring & src, std::wstring & dst, bool clear = true);
* this method make sure that there is no more than 'digits' non zero digits
* in the given string
*
*
* samples (if parameter 'digits' is equal to two):
* "0.0001234" -> "0.00012"
* "10" -> "10"
* "123.345" -> "123.34"
* "55.1003" -> "55.10"
*
*/
void SetNonZeroDigitsAfterComma(char * str, size_t digits);
bool CorrectUrlChar(wchar_t c);
@@ -268,94 +257,74 @@ PT::WTextStream IPToStr(int ip);
bool IsWhite(wchar_t s);
bool IsWhite(wchar_t s, bool treat_new_line_as_white = false);
bool IsWhite(const wchar_t * str, bool treat_new_line_as_white = false);
bool IsWhite(const std::wstring & str, bool treat_new_line_as_white = false);
void TrimWhite(std::wstring & s, bool trim_new_line_too = false);
const wchar_t * SkipWhite(const wchar_t * s, bool treat_new_line_as_white = false);
void TrimFirst(std::wstring & s, wchar_t c);
void TrimLast(std::wstring & s, wchar_t c);
void Trim(std::wstring & s, wchar_t c);
bool IsLastSlash(const std::wstring & path);
template<class StringType>
void TrimWhite(StringType & s)
{
typename StringType::size_type i;
if( s.empty() )
return;
// looking for white characters at the end
for(i=s.size()-1 ; i>0 && IsWhite(s[i]) ; --i);
if( i==0 && IsWhite(s[i]) )
{
// the whole string has white characters
s.clear();
return;
}
// deleting white characters at the end
if( i != s.size() - 1 )
s.erase(i+1, StringType::npos);
// looking for white characters at the beginning
for(i=0 ; i<s.size() && IsWhite(s[i]) ; ++i);
// deleting white characters at the beginning
if( i != 0 )
s.erase(0, i);
}
/*
* returns true if str is an integer number
* white strings at the beginning and at the end are ignored
* e.g. returns true for:
* " 10 "
* " -20 "
* e.g. returns false for:
* ""
* "- 20"
* "z"
*/
bool IsInt(const wchar_t * str, bool treat_new_line_as_white = false);
bool IsInt(const std::wstring & str, bool treat_new_line_as_white = false);
template<class StringType>
void TrimFirst(StringType & s, wchar_t c)
{
typename StringType::size_type i;
if( s.empty() )
return;
// looking for the 'c' characters at the beginning
for(i=0 ; i<s.size() && s[i]==c ; ++i);
// deleting the 'c' characters at the beginning
if( i != 0 )
s.erase(0, i);
}
/*
* returns true if str is a non-negative integer number
* white strings at the beginning and at the end are ignored
* e.g. returns true for:
* " 0 "
* " 10 "
* " 20 "
* e.g. returns false for:
* ""
* " -20 "
* "z"
*/
bool IsSize(const wchar_t * str, bool treat_new_line_as_white = false);
bool IsSize(const std::wstring & str, bool treat_new_line_as_white = false);
template<class StringType>
void TrimLast(StringType & s, wchar_t c)
{
typename StringType::size_type i;
if( s.empty() )
return;
// looking for the 'c' characters at the end
for(i=s.size()-1 ; i>0 && s[i]==c ; --i);
if( i==0 && s[i]==c )
{
// the whole string has the 'c' characters
s.clear();
return;
}
// deleting 'c' characters at the end
if( i != s.size() - 1 )
s.erase(i+1, StringType::npos);
}
/*
* returns true if str is a floating point number
* white strings at the beginning and at the end are ignored
* as a decimal comma can be a dot or a comma
* e.g. returns true for:
* " 10 "
* " -20.3 "
* " 30,5 "
* e.g. returns false for:
* ""
* "- 20.1"
* "20.1.2"
* "z"
*/
bool IsFloat(const wchar_t * str, bool treat_new_line_as_white = false);
bool IsFloat(const std::wstring & str, bool treat_new_line_as_white = false);
template<class StringType>
void Trim(StringType & s, wchar_t c)
{
if( s.empty() )
return;
TrimLast(s, c);
TrimFirst(s, c);
}
void Overwrite(std::string & str);
void Overwrite(std::wstring & str);
@@ -412,8 +381,7 @@ bool was_comma = false;
wchar_t ToSmall(wchar_t c);
void ToSmall(std::wstring & s);
const char * SkipWhite(const char * s);
const wchar_t * SkipWhite(const wchar_t * s);
@@ -756,25 +724,23 @@ bool CreateDir(const std::wstring & dir, int priv, int group = -1);
bool CreateDirs(const wchar_t * base_dir, const wchar_t * dirs, int priv = 0755, int group = -1, bool skip_last = false);
bool CreateDirs(const std::wstring & base_dir, const std::wstring & dirs, int priv = 0755, int group = -1, bool skip_last = false);
int GetGroupId(const char * name);
int GetGroupId(const std::string & name);
int GetGroupId(const wchar_t * name);
int GetGroupId(const std::wstring & name);
bool SetPriv(const char * name, int priv, int group = -1);
bool SetPriv(const std::string & name, int priv, int group = -1);
bool SetPriv(const wchar_t * name, int priv, int group = -1);
bool SetPriv(const std::wstring & name, int priv, int group = -1);
bool CopyFile(FILE * in, FILE * out);
bool CopyFile(const wchar_t * src, const wchar_t * dst);
bool CopyFile(const wchar_t * src, const wchar_t * dst);
bool CopyFile(const std::wstring & src, const std::wstring & dst);
bool RemoveFile(const wchar_t * file);
bool RemoveFile(const std::wstring & file);
bool RenameFile(const wchar_t * from, const wchar_t * to);
bool RenameFile(const wchar_t * from, const wchar_t * to);
bool RenameFile(const std::wstring & from, const std::wstring & to);
bool GetUTF8File(const char * file_path, std::wstring & content, bool clear_content = true);
bool GetUTF8File(const wchar_t * file_path, std::wstring & content, bool clear_content = true);
bool GetUTF8File(const std::string & file_path, std::wstring & content, bool clear_content = true);
bool GetUTF8File(const std::wstring & file_path, std::wstring & content, bool clear_content = true);
@@ -897,6 +863,19 @@ void UrlEncode(const std::wstring & in, std::wstring & out, bool clear_out = tru
/*
* decoding a URL
*
* return false is the url is too long (longer than WINIX_URL_MAX_SIZE)
* or it cannot be correctly converted from UTF8 to wide characters
*
*/
bool UrlDecode(const char * url, std::wstring & out, bool clear_out = true);
bool UrlDecode(const std::string & url, std::wstring & out, bool clear_out = true);
template<typename char_type, size_t stack_size, size_t heap_block_size>
void QEncodeAddChar(char_type c, PT::TextStreamBase<char_type, stack_size, heap_block_size> & out)
@@ -1076,6 +1055,18 @@ void JSONescape(Stream & out, const StringType & str)
}
/*
* converting from a wide string to an UTF-8 string
* and puts a log if the conversion fails
*
* it uses PT::WideToUTF8()
*/
bool WideToUTF8(const wchar_t * wide_string, char * utf8, size_t utf8_size);
bool WideToUTF8(const std::wstring & wide_string, char * utf8, size_t utf8_size);
} // namespace Winix

0
core/mount.cpp Executable file → Normal file
View File

0
core/mount.h Executable file → Normal file
View File

0
core/mountparser.cpp Executable file → Normal file
View File

0
core/mountparser.h Executable file → Normal file
View File

0
core/mounts.cpp Executable file → Normal file
View File

0
core/mounts.h Executable file → Normal file
View File

25
core/plugin.cpp Executable file → Normal file
View File

@@ -186,17 +186,18 @@ void Plugin::LoadPlugins(const std::wstring & plugins_dir, const std::vector<std
}
void Plugin::LoadPlugin(const std::string & filename)
{
LoadPlugin(filename.c_str());
}
// we don't have to use Lock() here because plusings are read
// we don't have to use Lock() here because plugins are read
// before threads are started
void * Plugin::LoadInitFun(const char * filename, Fun1 & fun_init)
void * Plugin::LoadInitFun(const wchar_t * filename, Fun1 & fun_init)
{
void * p = dlopen(filename, RTLD_NOW | RTLD_LOCAL);
char file[WINIX_OS_PATH_SIZE];
if( !WideToUTF8(filename, file, WINIX_OS_PATH_SIZE) )
return 0;
void * p = dlopen(file, RTLD_NOW | RTLD_LOCAL);
if( !p )
{
@@ -225,7 +226,7 @@ return p;
void Plugin::LoadPlugin(const char * filename)
void Plugin::LoadPlugin(const wchar_t * filename)
{
Fun1 fun_init;
void * plugin_handle;
@@ -255,19 +256,13 @@ PluginInfo info;
}
void Plugin::LoadPlugin(const wchar_t * filename)
{
AssignString(filename, afilename);
LoadPlugin(afilename.c_str());
}
void Plugin::LoadPlugin(const std::wstring & filename)
{
LoadPlugin(filename.c_str());
}
bool Plugin::HasPlugin(const wchar_t * name)
{
if( *name == 0 )

7
core/plugin.h Executable file → Normal file
View File

@@ -66,7 +66,7 @@ namespace Winix
in the Init you can add your own functions by using plugin.Assign() method
and you can set the name of the plugin by setting info.p1 pointer
to a string buffer (const char *)
to a string buffer (const wchar_t *)
(this buffer will not be copied so it should not be destroyed after Init finishes)
also in Init you can only use logger (log) info.config and info.db objects
(the rest winix objects are not initialized yet)
@@ -201,8 +201,6 @@ public:
void SetSynchro(Synchro * psynchro);
void SetSessionManager(SessionManager * psession_manager);
void LoadPlugin(const char * filename);
void LoadPlugin(const std::string & filename);
void LoadPlugin(const wchar_t * filename);
void LoadPlugin(const std::wstring & filename);
@@ -256,14 +254,13 @@ private:
SessionManager * session_manager;
std::wstring temp_path; // used when loading plugins
std::string afilename;
Plugins plugins;
typedef std::multimap<int, Slot> Slots;
Slots slots;
void * LoadInitFun(const char * filename, Fun1 & fun_init);
void * LoadInitFun(const wchar_t * filename, Fun1 & fun_init);
void Call(Session * ses, int message, Slots::iterator & slot, PluginInfo & info);
bool SetPointers(PluginInfo & info);

0
core/plugindata.cpp Executable file → Normal file
View File

0
core/plugindata.h Executable file → Normal file
View File

7
core/pluginmsg.h Executable file → Normal file
View File

@@ -5,7 +5,7 @@
*/
/*
* Copyright (c) 2008-2014, Tomasz Sowa
* Copyright (c) 2008-2015, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -45,6 +45,7 @@ namespace Winix
// here you can add your own EZC functions ([function])
// PluginInfo.p1 is a pointer to Ezc::Functions object
// PluginInfo.p2 is a pointer to Ezc::Objects object
// session pointer is null
#define WINIX_TEMPLATES_CREATEFUNCTIONS 999
@@ -268,8 +269,8 @@ namespace Winix
#define WINIX_BASE_URL_REDIRECT 31030
// raw POST parameters
// in p1 there is a pointer to std::string meaning a parameter's name
// in p2 there is a pointer to std::string value
// in p1 there is a pointer to std::wstring meaning a parameter's name
// in p2 there is a pointer to std::wstring value
// this is sent only from PostParser
// PostMultiParser (multipart/form-data html forms) doesn't send this messsage
// there is no a session set (session pointer is null)

9
core/postmultiparser.cpp Executable file → Normal file
View File

@@ -388,10 +388,7 @@ void PostMultiParser::ReadContent()
void PostMultiParser::ConvStr(const std::string & src, std::wstring & dst)
{
if( config->utf8 )
PT::UTF8ToWide(src, dst);
else
AssignString(src, dst);
PT::UTF8ToWide(src, dst);
}
@@ -484,7 +481,7 @@ void PostMultiParser::CheckBoundaryEnd()
void PostMultiParser::CreateTmpFile()
{
wchar_t buf[1024];
wchar_t buf[WINIX_OS_PATH_SIZE];
size_t buf_len = sizeof(buf)/sizeof(wchar_t);
if( config->upload_dir.empty() )
@@ -501,7 +498,7 @@ size_t buf_len = sizeof(buf)/sizeof(wchar_t);
PT::WideToUTF8(tmp_filename, atmp_filename);
tmp_file.open(atmp_filename.c_str(), std::ios_base::binary | std::ios_base::out);
// !! dodac ustawienie chmod config.upload_files_chmod dla tymczasowego pliku
// !! IMPROVE ME dodac ustawienie chmod config.upload_files_chmod dla tymczasowego pliku
if( !tmp_file )
{

0
core/postmultiparser.h Executable file → Normal file
View File

47
core/postparser.h Executable file → Normal file
View File

@@ -42,7 +42,6 @@
#include "misc.h"
#include "utf8/utf8.h"
#include "log.h"
#include "config.h"
#include "plugin.h"
@@ -53,18 +52,14 @@ namespace Winix
class PostParser : public HttpSimpleParser
{
FCGX_Stream * in;
PostTab * post_tab;
std::wstring temp_name, temp_value;
bool input_as_utf8;
size_t log_value_size;
int var_index;
bool has_winix_post_params_msg;
bool has_winix_raw_post_msg;
std::string raw_post;
protected:
@@ -79,20 +74,20 @@ protected:
}
void CreateLog(bool param_added)
void CreateLog(bool param_added, const std::wstring & name, const std::wstring & value)
{
log << log2 << "Method POST, name: \"" << temp_name << "\"";
log << log2 << "Method POST, name: \"" << name << "\"";
if( log_value_size > 0 && !IsSubStringNoCase(L"pass", temp_name.c_str()) )
if( log_value_size > 0 && !IsSubStringNoCase(L"pass", name.c_str()) )
{
log << ", value: ";
if( temp_value.size() > log_value_size )
if( value.size() > log_value_size )
log << "(first " << log_value_size << " characters) ";
log << "\"";
log.LogString(temp_value, log_value_size);
log << "\" (size: " << temp_value.size() << ")";
log.LogString(value, log_value_size);
log << "\" (size: " << value.size() << ")";
}
if( param_added == false )
@@ -102,16 +97,8 @@ protected:
}
void ConvStr(const std::string & src, std::wstring & dst)
{
if( input_as_utf8 )
PT::UTF8ToWide(src, dst);
else
AssignString(src, dst);
}
virtual void Parameter(std::string & name, std::string & value)
virtual void Parameter(std::wstring & name, std::wstring & value)
{
bool added;
std::pair<PostTab::iterator, bool> res;
@@ -119,22 +106,19 @@ protected:
if( has_winix_post_params_msg )
plugin.Call(0, WINIX_POST_PARAMS, &name, &value);
ConvStr(name, temp_name);
ConvStr(value, temp_value);
res = post_tab->insert( std::make_pair(temp_name, temp_value) );
res = post_tab->insert( std::make_pair(name, value) );
added = res.second;
if( !added )
{
temp_name += L"_inc";
temp_name += Toa(var_index);
res = post_tab->insert( std::make_pair(temp_name, temp_value) );
name += L"_inc";
name += Toa(var_index);
res = post_tab->insert( std::make_pair(name, value) );
added = res.second;
var_index += 1;
}
CreateLog(added);
CreateLog(added, name, value);
}
@@ -142,13 +126,8 @@ public:
PostParser()
{
input_as_utf8 = false;
log_value_size = 0;
}
void UTF8(bool utf)
{
input_as_utf8 = utf;
HttpSimpleParser::getchar_returns_utf8_chars = true;
}
void LogValueSize(size_t s)

0
core/rebus.cpp Executable file → Normal file
View File

0
core/rebus.h Executable file → Normal file
View File

30
core/request.cpp Executable file → Normal file
View File

@@ -46,7 +46,7 @@ namespace Winix
Request::Request() : char_empty(0)
Request::Request()
{
id = 0;
config = 0;
@@ -71,12 +71,16 @@ size_t len = 16;
if( len < 1 || len > 64 )
len = 16;
out_streams.resize(len);
use_html_filter.resize(len);
if( out_streams.size() != len )
out_streams.resize(len);
if( use_html_filter.size() != len )
use_html_filter.resize(len);
for(size_t i=0 ; i<out_streams.size() ; ++i)
{
out_streams[i].Clear();
out_streams[i].Escape(true);
use_html_filter[i] = true;
}
}
@@ -102,16 +106,16 @@ void Request::Clear()
page_generated = false;
env_request_method = &char_empty;
env_request_uri = &char_empty;
env_http_cookie = &char_empty;
env_remote_addr = &char_empty;
env_http_host = &char_empty;
env_http_user_agent = &char_empty;
env_fcgi_role = &char_empty;
env_content_type = &char_empty;
env_http_accept_encoding = &char_empty;
env_https = &char_empty;
env_request_method.clear();
env_request_uri.clear();
env_http_cookie.clear();
env_remote_addr.clear();
env_http_host.clear();
env_http_user_agent.clear();
env_http_accept_encoding.clear();
env_fcgi_role.clear();
env_content_type.clear();
env_https.clear();
item_tab.clear();
item.Clear();

28
core/request.h Executable file → Normal file
View File

@@ -123,19 +123,16 @@ struct Request
// environment variables
// they are not null -- when the server doesn't have such a variable
// it will be pointing into 'char_empty' which is default '\0'
// !! IMPROVE ME change it to std::wstring, or may PT::Space too?
const char * env_request_method;
const char * env_request_uri;
const char * env_http_cookie;
const char * env_remote_addr;
const char * env_http_host;
const char * env_http_user_agent;
const char * env_http_accept_encoding;
const char * env_fcgi_role;
const char * env_content_type;
const char * env_https;
std::wstring env_request_method;
std::wstring env_request_uri;
std::wstring env_http_cookie;
std::wstring env_remote_addr;
std::wstring env_http_host;
std::wstring env_http_user_agent;
std::wstring env_http_accept_encoding;
std::wstring env_fcgi_role;
std::wstring env_content_type;
std::wstring env_https;
// current IP address of the remote host (read from REMOTE_ADDR environment variable)
// (at the moment only IPv4 are supported)
@@ -377,10 +374,6 @@ private:
Config * config;
// contains '\0'
// used to set env_* pointers to the empty value
const char char_empty;
// used in ParamValue() and PostVar() when there is no such a param
const std::wstring str_empty;
@@ -390,6 +383,7 @@ private:
template<typename NameType, typename ValueType>
std::wstring & Request::AddCookie(const NameType & name, const ValueType & value, PT::Date * expires)
{

0
core/requesttypes.h Executable file → Normal file
View File

0
core/run.cpp Executable file → Normal file
View File

0
core/run.h Executable file → Normal file
View File

24
core/session.cpp Executable file → Normal file
View File

@@ -89,18 +89,20 @@ void Session::SetTimesTo(time_t time)
// clear_plugin_data is used when clearing the temporary session
void Session::Clear(bool clear_plugin_data)
{
id = 0;
puser = 0;
rebus_item = 0;
rebus_checked = false;
remember_me = false;
new_session = true;
spam_score = 0;
remove_me = false;
id = 0;
id_index = 0;
id_index_changed = 0;
puser = 0;
rebus_item = 0;
rebus_checked = false;
remember_me = false;
new_session = true;
spam_score = 0;
remove_me = false;
start_time = 0;
last_time = 0;
last_time_get = 0;
start_time = 0;
last_time = 0;
last_time_get = 0;
start_date.Clear();
last_date.Clear();

7
core/session.h Executable file → Normal file
View File

@@ -67,6 +67,13 @@ struct Session
// 0 - means that there is a temporary session
long id;
// a session index
// incremented each time a request to this session is made
unsigned int id_index;
// the last time when id_index was incremented
time_t id_index_changed;
// true if the session was created now
bool new_session;

0
core/sessioncontainer.cpp Executable file → Normal file
View File

0
core/sessioncontainer.h Executable file → Normal file
View File

561
core/sessionidmanager.cpp Normal file
View File

@@ -0,0 +1,561 @@
/*
* This file is a part of Winix
* and is distributed under the 2-Clause BSD licence.
* Author: Tomasz Sowa <t.sowa@ttmath.org>
*/
/*
* Copyright (c) 2014, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
#include <cstdlib>
#include <sys/types.h>
#include <unistd.h>
#include "sessionidmanager.h"
#include "space/spaceparser.h"
#include "utf8/utf8.h"
#include "date/date.h"
#include "log.h"
#include "misc.h"
namespace Winix
{
SessionIdManager::SessionIdManager()
{
algorithm_type = 'a';
key_tab_size = 256;
key_index = 0;
last_key_generated = 0;
key_renew_time = 60;
was_inited = false;
}
void SessionIdManager::Init(const std::wstring & keys_file)
{
was_inited = true;
key_tab1.resize(key_tab_size);
key_tab2.resize(key_tab_size);
aes1.resize(key_tab_size);
aes2.resize(key_tab_size);
key_file_name = keys_file;
ReadKeysFromFile(key_file_name);
}
void SessionIdManager::SetKeyRenewTime(time_t renew_time)
{
key_renew_time = renew_time;
if( key_renew_time < 10 )
key_renew_time = 10;
time_t one_month = 60 * 60 * 24 * 31;
if( key_renew_time > one_month )
key_renew_time = one_month;
}
void SessionIdManager::ReadKey(const wchar_t * name, PT::Space & space, std::vector<std::string> & dest_key)
{
std::vector<std::wstring> keys;
std::string key_ascii, key_base64_decoded;
space.ListText(name, keys);
for(size_t i=0 ; i<key_tab_size ; ++i)
dest_key[i].clear();
for(size_t i=0 ; i<keys.size() && i<key_tab_size ; ++i)
{
dest_key[i].clear();
if( PT::WideToUTF8(keys[i], key_ascii) )
{
if( base64.Decode(key_ascii, key_base64_decoded) )
{
size_t len = key_base64_decoded.size();
if( len == 16 || len == 24 || len == 32 )
{
dest_key[i] = key_base64_decoded;
}
}
}
}
}
void SessionIdManager::InitializeAesKeys(size_t index)
{
if( !aes1[index].Key((unsigned char*)key_tab1[index].c_str(), key_tab1[index].size()) )
log << log1 << "SIM: I cannot initialize a key1, size of the key: " << key_tab1[index].size() << logend;
if( !aes2[index].Key((unsigned char*)key_tab2[index].c_str(), key_tab2[index].size()) )
log << log1 << "SIM: I cannot initialize a key2, size of the key: " << key_tab2[index].size() << logend;
}
void SessionIdManager::InitializeAesKeys()
{
for(size_t i=0 ; i < key_tab_size ; ++i)
{
if( AreKeysCorrect(i) )
InitializeAesKeys(i);
}
}
bool SessionIdManager::ReadKeysFromFile(const wchar_t * file)
{
PT::Space space;
PT::SpaceParser parser;
PT::Date date;
parser.SetSpace(space);
PT::SpaceParser::Status status = parser.Parse(file);
if( status == PT::SpaceParser::ok )
{
key_index = space.Size(L"key_index");
if( key_index >= 256 )
key_index = 0;
if( date.Parse(space.Text(L"last_key_generated", L"0")) )
last_key_generated = date.ToTime();
ReadKey(L"key_tab1", space, key_tab1);
ReadKey(L"key_tab2", space, key_tab2);
InitializeAesKeys();
}
else
{
log << log1 << "SIM: I cannot read the session keys from: " << file << logend;
}
return status == PT::SpaceParser::ok;
}
bool SessionIdManager::ReadKeysFromFile(const std::wstring & file)
{
return ReadKeysFromFile(file.c_str());
}
void SessionIdManager::SaveKeysToFile(std::vector<std::string> & keys)
{
out_file << "(\n";
for(size_t i=0 ; i<keys.size() ; ++i)
{
base64.Encode(keys[i], tmp_key_base64_encoded);
out_file << '\"' << tmp_key_base64_encoded << "\"\n";
}
out_file << ")\n\n";
tmp_key_base64_encoded.clear();
}
bool SessionIdManager::SaveKeysToFile(const wchar_t * file)
{
PT::Date date = last_key_generated;
PT::WideToUTF8(file, file_name_ascii);
out_file.clear();
out_file.open(file_name_ascii, std::ios_base::binary | std::ios_base::out);
if( out_file )
{
out_file << "key_index = " << key_index << "\n";
out_file << "last_key_generated = \"";
date.Serialize(out_file);
out_file << "\"\n\n";
out_file << "key_tab1 = ";
SaveKeysToFile(key_tab1);
out_file << "key_tab2 = ";
SaveKeysToFile(key_tab2);
out_file.flush();
}
out_file.close();
file_name_ascii.clear();
SetPriv(file, 0600);
return !out_file.fail();
}
bool SessionIdManager::SaveKeysToFile(const std::wstring & file)
{
return SaveKeysToFile(file.c_str());
}
bool SessionIdManager::AreKeysCorrect(size_t index)
{
if( index >= 256 )
return false;
size_t len = key_tab1[index].size();
if( len != 16 && len != 24 && len != 32 )
return false;
len = key_tab2[index].size();
if( len != 16 && len != 24 && len != 32 )
return false;
return true;
}
/*
* IMPROVE ME
* we need a better algorithm
*/
void SessionIdManager::GenerateKey(std::string & key, time_t cur_utc_time)
{
unsigned int pid = (unsigned int)getpid();
unsigned int t = (unsigned int)cur_utc_time;
key.clear();
for(size_t i=0 ; i<16 ; ++i)
{
unsigned int r = rand();
unsigned int v = r ^ pid ^ t;
v = ((v >> 24) ^ (v >> 16) ^ (v >> 8) ^ v) & 0xff;
key.push_back((unsigned char)v);
}
}
void SessionIdManager::GenerateKeys(size_t index, time_t cur_utc_time)
{
GenerateKey(key_tab1[index], cur_utc_time);
GenerateKey(key_tab2[index], cur_utc_time);
InitializeAesKeys(index);
last_key_generated = cur_utc_time;
if( !SaveKeysToFile(key_file_name) )
log << log2 << "SIM: I cannot save the session keys to: " << key_file_name << logend;
}
void SessionIdManager::CheckKeys(time_t cur_utc_time)
{
if( !AreKeysCorrect(key_index) )
{
log << log1 << "SIM: keys with index: " << key_index << " are incorrect, generating new keys" << logend;
GenerateKeys(key_index, cur_utc_time);
}
else
if( last_key_generated + key_renew_time < cur_utc_time )
{
key_index += 1;
if( key_index >= key_tab_size )
key_index = 0;
log << log2 << "SIM: generating new AES keys with index: " << key_index << logend;
GenerateKeys(key_index, cur_utc_time);
}
}
void SessionIdManager::RandPadding(size_t & pad_top_size, char & pad_top_value,
size_t & pad_bottom_size, char & pad_bottom_value)
{
pad_top_size = (std::rand() * 5) / RAND_MAX; // multiply by 5 (not by 4)
if( pad_top_size > 4 )
pad_top_size = 4;
pad_top_size += 5; // now pad_top_size is from <5;9>
pad_top_value = (char)std::rand();
pad_bottom_size = 14 - pad_top_size; // pad_bottom_size is from <5;9> too
pad_bottom_value = (char)std::rand();
}
void SessionIdManager::AppendSum(std::string & str)
{
int s = 0;
for(size_t i=0 ; i<str.size() ; ++i)
s += (int)(unsigned char)str[i];
str += (unsigned char)s;
}
void SessionIdManager::AppendXor(std::string & str)
{
int s = 0;
for(size_t i=0 ; i<str.size() ; ++i)
s ^= (int)(unsigned char)str[i];
str += (unsigned char)s;
}
void SessionIdManager::CopyString(const std::string & in, std::wstring & out)
{
out.clear();
if( out.capacity() < in.size() )
out.reserve(in.size());
for(size_t i=0 ; i<in.size() ; ++i)
out += in[i];
}
void SessionIdManager::CopyString(const std::wstring & in, std::string & out)
{
out.clear();
if( out.capacity() < in.size() )
out.reserve(in.size());
for(size_t i=0 ; i<in.size() ; ++i)
out += in[i];
}
bool SessionIdManager::Encode(std::string & str)
{
if( str.size() != 34 )
return false;
if( !aes1[key_index].Encode((unsigned char*)string_token.c_str()+2, 16) )
{
log << log1 << "SIM: I cannot AES encode the first part of the token" << logend;
return false;
}
if( !aes2[key_index].Encode((unsigned char*)string_token.c_str()+16+2, 16) )
{
log << log1 << "SIM: I cannot AES encode the second part of the token" << logend;
return false;
}
return true;
}
bool SessionIdManager::EncodeToken(size_t id, unsigned int index, time_t cur_utc_time, std::wstring & token)
{
size_t pad_top_size;
size_t pad_bottom_size;
char pad_top_value;
char pad_bottom_value;
string_token.clear();
string_token.reserve(50);
if( !was_inited )
return false;
CheckKeys(cur_utc_time);
RandPadding(pad_top_size, pad_top_value, pad_bottom_size, pad_bottom_value);
string_token += algorithm_type;
string_token += (unsigned char)key_index;
string_token += pad_top_value;
string_token += pad_bottom_value;
string_token += (unsigned char)pad_top_size;
string_token += (unsigned char)pad_bottom_size;
string_token.append(pad_top_size, pad_top_value);
Append(string_token, id);
Append(string_token, index);
string_token.append(pad_bottom_size, pad_bottom_value);
AppendSum(string_token);
AppendXor(string_token);
if( !Encode(string_token) )
return false;
base64.Encode(string_token, string_token_base64);
CopyString(string_token_base64, token);
return true;
}
bool SessionIdManager::IsPaddingCorrect(const char * str, size_t len, char val)
{
if( len < 5 || len > 9 )
return false;
for(size_t i=0 ; i<len ; ++i)
if( str[i] != val )
return false;
return true;
}
bool SessionIdManager::DecodeAES(const char * str, size_t key)
{
if( !aes1[key].Decode((unsigned char*)str, 16) )
{
log << log1 << "SIM: I cannot AES decode the first block" << logend;
return false;
}
if( !aes2[key].Decode((unsigned char*)str + 16, 16) )
{
log << log1 << "SIM: I cannot AES decode the second block" << logend;
return false;
}
return true;
}
bool SessionIdManager::CheckControlSums(const char * str)
{
char old_sum = *(str++);
char old_xor = *(str++);
string_token.erase(string_token.size()-2);
AppendSum(string_token);
AppendXor(string_token);
if( old_sum != string_token[string_token.size()-2] ||
old_xor != string_token[string_token.size()-1] )
return false;
return true;
}
bool SessionIdManager::DecodeTokenA(size_t & id, unsigned int & index)
{
size_t pad_top_size;
size_t pad_bottom_size;
char pad_top_value;
char pad_bottom_value;
const char * str = string_token.c_str() + 1;
size_t key = (unsigned char)(*str);
str += 1;
if( !DecodeAES(str, key) )
return false;
pad_top_value = *(str++);
pad_bottom_value = *(str++);
pad_top_size = (unsigned char)*(str++);
pad_bottom_size = (unsigned char)*(str++);
if( pad_bottom_size != 14 - pad_top_size )
return false;
if( !IsPaddingCorrect(str, pad_top_size, pad_top_value) )
return false;
str += pad_top_size;
Read(str, id);
str += 8; // sizeof(id), it's better to use constant '8' instead of sizeof() operator
// because at the beginning we are making a test whether the string size is equal to 34
// (in the future sizeof(size_t) can be different from 8)
Read(str, index);
str += 4; // sizeof(index)
if( !IsPaddingCorrect(str, pad_bottom_size, pad_bottom_value) )
return false;
str += pad_bottom_size;
return CheckControlSums(str);
}
bool SessionIdManager::DecodeToken(const std::wstring & token, size_t & id, unsigned int & index)
{
if( !was_inited )
return false;
CopyString(token, string_token_base64);
if( !base64.Decode(string_token_base64, string_token) )
return false;
if( string_token.size() != 34 )
return false;
if( string_token[0] == 'a' )
return DecodeTokenA(id, index);
return false;
}
} // namespace Winix

199
core/sessionidmanager.h Normal file
View File

@@ -0,0 +1,199 @@
/*
* This file is a part of Winix
* and is distributed under the 2-Clause BSD licence.
* Author: Tomasz Sowa <t.sowa@ttmath.org>
*/
/*
* Copyright (c) 2014, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef headerfile_winix_core_sessionidmanager
#define headerfile_winix_core_sessionidmanager
#include <string>
#include <vector>
#include <ctime>
#include <fstream>
#include "base64.h"
#include "space/space.h"
#include "aes.h"
namespace Winix
{
/*
* this class is used to encode/decode the session cookie
* in which there is a session id and a session's index
*
* session index is incremented each time a request comes to this session
*
* format of the encoded token:
* 1 byte - algorithm type, currently only one algorithm: 'a'
* 1 byte - an AES keys pair index
* ---- below everything is encoded by AES (two 128 bits blocks, first block
* is encoded by the first key and the second block is encoded by the second key) ------
* 1 byte - top padding value
* 1 byte - bottom padding value
* 1 byte - top padding size
* 1 byte - bottom padding size
* 5-9 bytes - top padding
* 8 bytes - the session id
* 4 bytes - the session index
* 5-9 bytes - bottom padding (bottom_padding_size = 14 - top_padding_size)
* 1 byte - the sum of all previous bytes
* 1 byte - the xor of all previous bytes (with the previous sum too)
*
* and at the end everyting is base64 encoded
*
*
*/
class SessionIdManager
{
public:
SessionIdManager();
/*
* initialization
* this method takes about 1MB memory more (for AES key expansions)
* if you do not need the session cookie to be enrypted then don't call this method
*
*/
void Init(const std::wstring & keys_file);
/*
* how often a new AES key pairs should be generated
*/
void SetKeyRenewTime(time_t renew_time);
/*
* encode/decode the session cookie
* make sure the Init() method is called first
*/
bool EncodeToken(size_t id, unsigned int index, time_t cur_utc_time, std::wstring & token);
bool DecodeToken(const std::wstring & token, size_t & id, unsigned int & index);
private:
bool was_inited;
char algorithm_type;
std::string string_token, string_token_base64;
std::vector<std::string> key_tab1, key_tab2;
size_t key_index;
time_t last_key_generated;
time_t key_renew_time;
Tito::Base64 base64;
size_t key_tab_size;
std::ofstream out_file;
std::string tmp_key_base64_encoded;
std::wstring key_file_name;
std::string file_name_ascii;
std::vector<Tito::AES> aes1, aes2;
bool ReadKeysFromFile(const wchar_t * file);
bool ReadKeysFromFile(const std::wstring & file);
bool SaveKeysToFile(const wchar_t * file);
bool SaveKeysToFile(const std::wstring & file);
void ReadKey(const wchar_t * name, PT::Space & space, std::vector<std::string> & dest_key);
bool AreKeysCorrect(size_t index);
void GenerateKeys(size_t index, time_t cur_utc_time);
void CheckKeys(time_t cur_utc_time);
void GenerateKey(std::string & key, time_t cur_utc_time);
void SaveKeysToFile(std::vector<std::string> & keys);
void InitializeAesKeys();
void RandPadding(size_t & pad_top_size, char & pad_top_value, size_t & pad_bottom_size, char & pad_bottom_value);
void AppendSum(std::string & str);
void AppendXor(std::string & str);
void CopyString(const std::string & in, std::wstring & out);
void CopyString(const std::wstring & in, std::string & out);
bool Encode(std::string & str);
bool DecodeTokenA(size_t & id, unsigned int & index);
bool IsPaddingCorrect(const char * str, size_t len, char val);
bool CheckControlSums(const char * str);
void InitializeAesKeys(size_t index);
bool DecodeAES(const char * str, size_t key);
template<typename Value>
void Append(std::string & str, Value val);
template<typename Value>
void Read(const char * str, Value & val);
};
template<typename Value>
void SessionIdManager::Append(std::string & str, Value val)
{
int move = sizeof(Value) * 8 - 8;
int v;
do
{
if( move > 0 )
v = ((val >> move) & 0xff);
else
v = val & 0xff;
str += (unsigned char)v;
move -= 8;
}
while( move >= 0 );
}
template<typename Value>
void SessionIdManager::Read(const char * str, Value & val)
{
val = 0;
for(size_t i=0 ; i<sizeof(Value) ; ++i)
{
val = val << 8;
val = val | (unsigned char)str[i];
}
}
} // namespace Winix
#endif

330
core/sessionmanager.cpp Executable file → Normal file
View File

@@ -33,6 +33,7 @@
*/
#include <sys/stat.h>
#include <limits>
#include "sessionmanager.h"
#include "request.h"
#include "log.h"
@@ -85,12 +86,26 @@ void SessionManager::SetLastContainer(LastContainer * plast_container)
}
void SessionManager::InitBanList()
{
ban_tab.SetMaxSize(config->ban_list_soft_max_size, config->ban_list_max_size);
}
void SessionManager::InitCookieEncoding()
{
if( config->session_cookie_encode && !config->session_keys_file.empty() )
session_id_manager.Init(config->session_keys_file);
session_id_manager.SetKeyRenewTime(config->session_key_renew_time);
}
size_t SessionManager::Size()
{
return session_tab.Size();
@@ -106,7 +121,15 @@ return true;
}
bool SessionManager::EncodeSessionId(long id, unsigned int index, std::wstring & str)
{
return session_id_manager.EncodeToken((size_t)id, index, cur->request->start_time, str);
}
/*
* IMPROVE ME we need a better algorithm
*/
long SessionManager::CreateSessionId()
{
long id;
@@ -159,17 +182,19 @@ SessionContainer::Iterator i = session_tab.End();
if( i != session_tab.End() )
{
is_session_set = true;
session = &(*i);
session->new_session = true;
session->SetTimesTo(cur->request->start_time);
session->id_index = (unsigned int)session->id;
session->id_index += std::rand();
log << log2 << "SM: created a new session: " << session->id << logend;
}
else
{
// there is a problem with generating a new session id
// we do not set a session cookie
log << log1 << "SM: cannot create a session id (temporary used: with id 0)" << logend;
log << log1 << "SM: cannot create a session id" << logend;
SetTemporarySession();
}
}
@@ -177,82 +202,280 @@ SessionContainer::Iterator i = session_tab.End();
void SessionManager::SetTemporarySession()
{
is_session_set = true;
session = &temporary_session;
session->Clear(false);
session->SetTimesTo(cur->request->start_time);
session->new_session = false; // temporary session was initialized at the beginning
log << log2 << "SM: using temporary session" << logend;
}
unsigned int SessionManager::CalculateIndexDifference(Session & ses, unsigned int index)
{
unsigned int difference;
if( index > ses.id_index )
difference = std::numeric_limits<unsigned int>::max() - index + ses.id_index + 1;
else
difference = ses.id_index - index;
return difference;
}
void SessionManager::SetSessionPutLogInfo(Session & ses, bool has_index, unsigned int difference)
{
log << log2 << "SM: session: " << ses.id;
if( has_index )
log << ", index difference: " << (size_t)difference;
if( ses.puser )
log << log2 << ", user: " << ses.puser->name << ", id: " << ses.puser->id;
log << log2 << logend;
}
bool SessionManager::SetSessionFromCookie(const std::wstring & cookie)
void SessionManager::IncrementBanLevel(IPBan * ip_ban)
{
long id = Tol(cookie.c_str());
SessionContainer::Iterator s = session_tab.FindById(id);
ip_ban->SetFlag(WINIX_IPBAN_FLAG_ACTIVE);
if( s == session_tab.End() || s->remove_me )
ip_ban->IncrementBanLevel(cur->request->start_time + (time_t)config->ban_level_1_delay,
cur->request->start_time + (time_t)config->ban_level_2_delay,
cur->request->start_time + (time_t)config->ban_level_3_delay);
PT::Date date(ip_ban->expires);
log << log2 << "SM: this IP address has been banned to: " << date << " UTC" << logend;
}
void SessionManager::SetFirstExpirationTime(IPBan * ip_ban)
{
time_t expiry = cur->request->start_time + (time_t)config->ban_level_1_delay;
if( ip_ban->expires < expiry )
ip_ban->expires = expiry;
}
void SessionManager::BrokenCookieCheckBan()
{
if( !current_ip_ban )
current_ip_ban = &AddIPToBanList(cur->request->ip, cur->request->start_time);
if( current_ip_ban->broken_encoded_cookie_events < config->broken_encoded_cookie_treshold )
{
current_ip_ban->broken_encoded_cookie_events += 1;
SetFirstExpirationTime(current_ip_ban);
}
else
{
log << log2 << "SM: too many incorrect encoded cookies were sent from this IP" << logend;
IncrementBanLevel(current_ip_ban);
SetTemporarySession();
}
}
void SessionManager::IncorrectSessionCheckBan()
{
if( !current_ip_ban )
current_ip_ban = &AddIPToBanList(cur->request->ip, cur->request->start_time);
if( current_ip_ban->session_hijacking_events < config->session_hijacking_treshold )
{
current_ip_ban->session_hijacking_events += 1;
SetFirstExpirationTime(current_ip_ban);
}
else
{
log << log2 << "SM: too many incorrect sessions identifiers were sent from this IP" << logend;
IncrementBanLevel(current_ip_ban);
SetTemporarySession();
}
}
void SessionManager::NoSessionCookieCheckBan()
{
if( !current_ip_ban )
current_ip_ban = &AddIPToBanList(cur->request->ip, cur->request->start_time);
if( current_ip_ban->no_session_cookie_events < config->no_session_cookie_treshold )
{
current_ip_ban->no_session_cookie_events += 1;
SetFirstExpirationTime(current_ip_ban);
}
else
{
log << log2 << "SM: too many times you have not sent a session cookie" << logend;
if( config->no_session_cookie_ban_mode == 1 )
IncrementBanLevel(current_ip_ban);
SetTemporarySession();
}
}
bool SessionManager::IsSessionCorrect(long id, bool has_index, unsigned int index,
const SessionContainer::Iterator & s, unsigned int & difference)
{
difference = 0;
if( id == 0 )
{
log << log3 << "SM: id 0 is reserved for the temporary session" << logend;
IncorrectSessionCheckBan();
return false;
// that session is in the table
session = &(*s);
session->new_session = false;
session->last_time = cur->request->start_time;
session->last_date = cur->request->start_time;
}
if( cur->request->method == Request::get )
session->last_time_get = cur->request->start_time;
if( s == session_tab.End() )
{
log << log3 << "SM: there is no a session with id: " << id << logend;
IncorrectSessionCheckBan();
return false;
}
log << log2 << "SM: session: " << session->id;
if( s->remove_me )
{
log << log3 << "SM: session: " << id << " is marked for removing" << logend;
return false;
}
if( session->puser )
log << log2 << ", user: " << session->puser->name << ", id: " << session->puser->id;
log << log2 << logend;
if( has_index )
{
difference = CalculateIndexDifference(*s, index);
if( (size_t)difference > config->session_allow_index_difference )
{
log << log2 << "SM: an incorrect session index for session: " << id
<< ", index difference: " << (size_t)difference << logend;
IncorrectSessionCheckBan();
return false;
}
}
return true;
}
void SessionManager::SetSession()
bool SessionManager::SetSessionFromCookie(long id, bool has_index, unsigned int index)
{
current_ip_ban = ban_tab.FindIP(cur->request->ip);
unsigned int difference;
bool is_session_correct;
if( current_ip_ban && current_ip_ban->IsIPBanned() )
SessionContainer::Iterator s = session_tab.FindById(id);
is_session_correct = IsSessionCorrect(id, has_index, index, s, difference);
if( is_session_correct )
{
if( current_ip_ban->expires != 0 && cur->request->start_time >= current_ip_ban->expires )
is_session_set = true;
session = &(*s);
session->new_session = false;
session->last_time = cur->request->start_time;
session->last_date = cur->request->start_date;
if( session->id_index_changed + config->session_index_time_increment < cur->request->start_time )
{
log << log2 << "SM: removing a ban from this IP and resetting events counter" << logend;
current_ip_ban->ClearAfterRemovingBan();
}
else
{
log << log2 << "SM: this ip is bannned, using a temporary session" << logend;
SetTemporarySession();
session->ip_ban = current_ip_ban;
return;
session->id_index += 1;
session->id_index_changed = cur->request->start_time;
}
if( cur->request->method == Request::get )
session->last_time_get = cur->request->start_time;
SetSessionPutLogInfo(*session, has_index, difference);
}
CookieTab::iterator i = cur->request->cookie_tab.find(config->http_session_id_name);
return is_session_correct;
}
if( i == cur->request->cookie_tab.end() )
bool SessionManager::SetSessionFromCookie(const std::wstring & cookie)
{
if( config->session_cookie_encode )
{
CreateSession();
size_t id;
unsigned int index;
if( !session_id_manager.DecodeToken(cookie, id, index) )
{
log << log2 << "SM: an incorrect cookie string was sent" << logend;
BrokenCookieCheckBan();
return false;
}
return SetSessionFromCookie((long)id, true, index);
}
else
{
if( !SetSessionFromCookie(i->second) )
{
// there is no such a session
// deleting the old cookie
cur->request->cookie_tab.erase(i);
long id = Tol(cookie.c_str());
return SetSessionFromCookie(id, false, 0);
}
}
// and creating a new one
CreateSession();
bool SessionManager::IsIPBanned()
{
current_ip_ban = ban_tab.FindIP(cur->request->ip);
if( current_ip_ban )
{
current_ip_ban->last_used = cur->request->start_time;
if( current_ip_ban->expires != 0 && cur->request->start_time >= current_ip_ban->expires )
{
log << log2 << "SM: resetting events counters for this IP" << logend;
current_ip_ban->ResetEventsCounters();
}
else
if( current_ip_ban->IsIPBanned() )
{
PT::Date date = current_ip_ban->expires;
log << log2 << "SM: this ip is bannned to: " << date << logend;
SetTemporarySession();
return true;
}
}
return false;
}
void SessionManager::SetSession()
{
is_session_set = false;
if( !IsIPBanned() )
{
CookieTab::iterator i = cur->request->cookie_tab.find(config->http_session_id_name);
if( i != cur->request->cookie_tab.end() )
{
if( !SetSessionFromCookie(i->second) )
cur->request->cookie_tab.erase(i);
}
else
{
NoSessionCookieCheckBan();
}
}
if( !is_session_set )
CreateSession();
session->ip_ban = current_ip_ban;
}
@@ -400,10 +623,15 @@ SessionContainer::Iterator i;
void SessionManager::SaveSessions()
{
char file_path[WINIX_OS_PATH_SIZE];
if( config->session_file.empty() )
return;
std::ofstream file(config->session_file.c_str());
if( !WideToUTF8(config->session_file, file_path, WINIX_OS_PATH_SIZE) )
return;
std::ofstream file(file_path);
if( !file )
{
@@ -421,14 +649,15 @@ void SessionManager::SaveSessions()
if( i->id != 0 && i->puser && !i->remove_me )
{
file << i->id << ' ' << i->puser->id << ' ' << i->remember_me << ' ';
file << (long)i->start_time << ' ' << (long)i->last_time << std::endl;
file << (long)i->start_time << ' ' << (long)i->last_time << ' ';
file << i->id_index << std::endl;
++len;
}
}
file.close();
chmod(config->session_file.c_str(), 0600);
chmod(file_path, 0600);
log << log2 << "SM: saved " << len << " session(s)" << logend;
}
@@ -476,6 +705,15 @@ IPBan & SessionManager::AddIPToBanList(int ip)
}
IPBan & SessionManager::AddIPToBanList(int ip, time_t last_used)
{
IPBan & ban = ban_tab.AddIP(ip);
ban.last_used = last_used;
return ban;
}
size_t SessionManager::BanListSize()
{
return ban_tab.Size();

35
core/sessionmanager.h Executable file → Normal file
View File

@@ -46,6 +46,7 @@
#include "system.h"
#include "synchro.h"
#include "basethread.h"
#include "sessionidmanager.h"
@@ -73,8 +74,12 @@ public:
void DeleteSessions(); // deleting all sessions
bool ChangeSessionId(long old_id);
void InitBanList();
void IncrementBanLevel(IPBan * ip_ban);
void InitTmpSession();
void InitBanList();
void InitCookieEncoding();
void UninitTmpSession();
Session * GetTmpSession();
@@ -90,38 +95,50 @@ public:
size_t MarkAllSessionsToRemove(long user_id);
IPBan & AddIPToBanList(int ip);
IPBan & AddIPToBanList(int ip, time_t last_used);
size_t BanListSize();
IPBan & GetIPBan(size_t index);
void RemoveIPBan(int ip);
void ClearIPBanList();
bool EncodeSessionId(long id, unsigned int index, std::wstring & str);
private:
Config * config;
Cur * cur;
System * system;
LastContainer * last_container;
// current session - set by SetSession()
Session * session;
SessionContainer session_tab;
IPBanContainer ban_tab;
IPBan * current_ip_ban;
// session with id 0
bool is_session_set;
Session temporary_session;
SessionIdManager session_id_manager;
bool IsSession(long s);
long CreateSessionId();
void CreateSession();
bool IsSessionCorrect(long id, bool has_index, unsigned int index, const SessionContainer::Iterator & s, unsigned int & difference);
bool SetSessionFromCookie(long id, bool has_index, unsigned int index);
bool SetSessionFromCookie(const std::wstring & cookie);
void SetTemporarySession();
unsigned int CalculateIndexDifference(Session & ses, unsigned int index);
void SetSessionPutLogInfo(Session & ses, bool has_index, unsigned int difference);
bool IsIPBanned();
void SetFirstExpirationTime(IPBan * ip_ban);
void BrokenCookieCheckBan();
void IncorrectSessionCheckBan();
void NoSessionCookieCheckBan();
// second thread
/*
* second thread
*/
int deleted;
virtual void Work();
void CheckSession(SessionContainer::Iterator & i);

13
core/sessionparser.cpp Executable file → Normal file
View File

@@ -42,7 +42,7 @@ namespace Winix
bool SessionParser::Parse(const std::string & path, SessionContainer & container)
bool SessionParser::Parse(const std::wstring & path, SessionContainer & container)
{
return Parse(path.c_str(), container);
}
@@ -54,10 +54,16 @@ void SessionParser::SetUsers(Users * pusers)
}
bool SessionParser::Parse(const char * path, SessionContainer & container)
bool SessionParser::Parse(const wchar_t * path, SessionContainer & container)
{
char file_path[WINIX_OS_PATH_SIZE];
container.Clear();
file.open(path, std::ios_base::in | std::ios_base::binary);
if( !WideToUTF8(path, file_path, WINIX_OS_PATH_SIZE) )
return false;
file.open(file_path, std::ios_base::in | std::ios_base::binary);
if( !file )
{
@@ -123,6 +129,7 @@ void SessionParser::MakeSession(long id, long user_id, SessionContainer & contai
i->remember_me = ReadLong();
i->start_time = ReadLong();
i->last_time = ReadLong();
i->id_index = ReadLong();
i->start_date = i->start_time;
i->last_date = i->last_time;
// !! IMPROVE ME we do not save last_time_get

4
core/sessionparser.h Executable file → Normal file
View File

@@ -51,8 +51,8 @@ class SessionParser
{
public:
bool Parse(const char * path, SessionContainer & container);
bool Parse(const std::string & path, SessionContainer & container);
bool Parse(const wchar_t * path, SessionContainer & container);
bool Parse(const std::wstring & path, SessionContainer & container);
void SetUsers(Users * pusers);
private:

3
core/slog.cpp Executable file → Normal file
View File

@@ -33,6 +33,7 @@
*/
#include "slog.h"
#include "utf8/utf8.h"
namespace Winix
@@ -188,7 +189,7 @@ return *this;
SLog & SLog::TranslateText(const char * str)
{
AssignString(str, key_temp);
PT::UTF8ToWide(str, key_temp);
return TranslateText(key_temp.c_str());
}

0
core/slog.h Executable file → Normal file
View File

0
core/synchro.cpp Executable file → Normal file
View File

0
core/synchro.h Executable file → Normal file
View File

18
core/system.cpp Executable file → Normal file
View File

@@ -742,7 +742,7 @@ int System::NewDirPrivileges()
bool System::CanUseHtml(long user_id)
{
return IsMemberOfGroup(user_id, L"allow_html");
return IsSuperUser(user_id) || IsMemberOfGroup(user_id, L"allow_html");
}
@@ -755,11 +755,22 @@ bool System::CanUseBBCode(long user_id)
bool System::CanUseRaw(long user_id)
{
return IsMemberOfGroup(user_id, L"allow_raw");
return IsSuperUser(user_id) || IsMemberOfGroup(user_id, L"allow_raw");
}
bool System::IsSuperUser(long user_id)
{
User * puser = users.GetUser(user_id);
if( !puser )
return false;
return puser->super_user;
}
bool System::IsMemberOfGroup(long user_id, const wchar_t * group_name)
{
User * puser = users.GetUser(user_id);
@@ -767,9 +778,6 @@ bool System::IsMemberOfGroup(long user_id, const wchar_t * group_name)
if( !puser )
return false;
if( puser->super_user )
return true; // !! ?? zakladamy ze administrator jest czlonkiem wszystkich grup? dlaczego?
long group = groups.GetGroupId(group_name);
if( group == -1 )

1
core/system.h Executable file → Normal file
View File

@@ -160,6 +160,7 @@ public:
bool CanUseBBCode(long user_id);
bool CanUseRaw(long user_id);
bool IsSuperUser(long user_id);
bool IsMemberOfGroup(long user_id, const wchar_t * group_name);
// creating item.file_path and item.file_fs (the mountpoint where the item is located)

190
core/textstream.h Executable file → Normal file
View File

@@ -41,6 +41,7 @@
#include "space/space.h"
#include "date/date.h"
#include "textstream/textstream.h"
#include "utf8/utf8.h"
namespace Winix
@@ -54,7 +55,17 @@ namespace Winix
similar to std::ostringstream
StringType can be either std::string or std::wstring
this class doesn't use UTF-8 in any kind
this class uses UTF-8 <-> wide characters conversions:
if StringType is std::string:
operator<<(const char*) only copies the input string
operator<<(const wchar_t*) converts from wide characters to UTF-8
(similary for an operator with std::string and std::wstring)
if StringType is std::wstring:
operator<<(const char*) converts from UTF-8 to wide characters
operator<<(const wchar_t*) only copies the input string
(similary for an operator with std::string and std::wstring)
*/
template<class StringType>
class TextStream
@@ -99,16 +110,35 @@ public:
template<typename arg_char_type, size_t arg_stack_size, size_t arg_heap_block_size>
TextStream & operator<<(const PT::TextStreamBase<arg_char_type, arg_stack_size, arg_heap_block_size> & arg);
TextStream & Write(const char * buf, size_t len);
TextStream & Write(const char * buf, size_t len);
TextStream & Write(const wchar_t * buf, size_t len);
TextStream & write(const char * buf, size_t len); // for compatibility with standard library (Ezc uses it)
TextStream & write(const char * buf, size_t len); // for compatibility with standard library (Ezc uses it)
TextStream & write(const wchar_t * buf, size_t len);
protected:
StringType buffer;
std::wstring space_str; // for using with spaces
void Convert(wchar_t c, std::string & dst);
void Convert(wchar_t c, std::wstring & dst);
void Convert(const char * src, size_t len, std::wstring & dst);
void Convert(const char * src, std::wstring & dst);
void Convert(const std::string & src, std::wstring & dst);
void Convert(const wchar_t * src, size_t len, std::string & dst);
void Convert(const wchar_t * src, std::string & dst);
void Convert(const std::wstring & src, std::string & dst);
void Convert(const char * src, size_t len, std::string & dst);
void Convert(const char * src, std::string & dst);
void Convert(const std::string & src, std::string & dst);
void Convert(const wchar_t * src, size_t len, std::wstring & dst);
void Convert(const wchar_t * src, std::wstring & dst);
void Convert(const std::wstring & src, std::wstring & dst);
};
@@ -178,7 +208,7 @@ typename TextStream<StringType>::CharType TextStream<StringType>::operator[](siz
template<class StringType>
TextStream<StringType> & TextStream<StringType>::operator<<(const char * str)
{
AssignString(str, buffer, false);
Convert(str, buffer);
return *this;
}
@@ -187,7 +217,7 @@ return *this;
template<class StringType>
TextStream<StringType> & TextStream<StringType>::operator<<(const std::string * str)
{
AssignString(*str, buffer, false);
Convert(*str, buffer);
return *this;
}
@@ -196,7 +226,7 @@ return *this;
template<class StringType>
TextStream<StringType> & TextStream<StringType>::operator<<(const std::string & str)
{
AssignString(str, buffer, false);
Convert(str, buffer);
return *this;
}
@@ -206,7 +236,7 @@ return *this;
template<class StringType>
TextStream<StringType> & TextStream<StringType>::operator<<(const wchar_t * str)
{
AssignString(str, buffer, false);
Convert(str, buffer);
return *this;
}
@@ -215,7 +245,7 @@ return *this;
template<class StringType>
TextStream<StringType> & TextStream<StringType>::operator<<(const std::wstring * str)
{
AssignString(*str, buffer, false);
Convert(*str, buffer);
return *this;
}
@@ -224,7 +254,7 @@ return *this;
template<class StringType>
TextStream<StringType> & TextStream<StringType>::operator<<(const std::wstring & str)
{
AssignString(str, buffer, false);
Convert(str, buffer);
return *this;
}
@@ -234,6 +264,10 @@ return *this;
template<class StringType>
TextStream<StringType> & TextStream<StringType>::operator<<(char v)
{
/*
* there is no any possibility to treat 'v' as UTF-8 character if we have got
* only one character so we only copy it
*/
buffer += v;
return *this;
@@ -243,7 +277,7 @@ return *this;
template<class StringType>
TextStream<StringType> & TextStream<StringType>::operator<<(wchar_t v)
{
buffer += static_cast<CharType>(v);
Convert(v, buffer);
return *this;
}
@@ -256,7 +290,7 @@ wchar_t buf[50];
size_t len = sizeof(buf) / sizeof(wchar_t);
Toa(v, buf, len);
AssignString(buf, buffer, false);
Convert(buf, buffer);
return *this;
}
@@ -269,7 +303,7 @@ wchar_t buf[50];
size_t len = sizeof(buf) / sizeof(wchar_t);
Toa(v, buf, len);
AssignString(buf, buffer, false);
Convert(buf, buffer);
return *this;
}
@@ -282,7 +316,7 @@ wchar_t buf[50];
size_t len = sizeof(buf) / sizeof(wchar_t);
Toa(v, buf, len);
AssignString(buf, buffer, false);
Convert(buf, buffer);
return *this;
}
@@ -295,7 +329,7 @@ wchar_t buf[50];
size_t len = sizeof(buf) / sizeof(wchar_t);
Toa(v, buf, len);
AssignString(buf, buffer, false);
Convert(buf, buffer);
return *this;
}
@@ -307,7 +341,7 @@ TextStream<StringType> & TextStream<StringType>::operator<<(double v)
char buf[50];
sprintf(buf, "%f", v);
AssignString(buf, buffer, false);
Convert(buf, buffer);
return *this;
}
@@ -323,7 +357,7 @@ size_t len = sizeof(buf) / sizeof(wchar_t);
buf[1] = 'x';
Toa(reinterpret_cast<unsigned long>(v), buf+2, len-2, 16);
AssignString(buf, buffer, false);
Convert(buf, buffer);
return *this;
}
@@ -332,7 +366,7 @@ return *this;
template<class StringType>
TextStream<StringType> & TextStream<StringType>::Write(const char * buf, size_t len)
{
AssignString(buf, len, buffer, false);
Convert(buf, len, buffer);
return *this;
}
@@ -348,7 +382,7 @@ TextStream<StringType> & TextStream<StringType>::write(const char * buf, size_t
template<class StringType>
TextStream<StringType> & TextStream<StringType>::Write(const wchar_t * buf, size_t len)
{
AssignString(buf, len, buffer, false);
Convert(buf, len, buffer);
return *this;
}
@@ -396,6 +430,124 @@ return *this;
template<class StringType>
void TextStream<StringType>::Convert(wchar_t c, std::string & dst)
{
PT::IntToUTF8((int)c, dst, false);
}
template<class StringType>
void TextStream<StringType>::Convert(wchar_t c, std::wstring & dst)
{
dst += c;
}
template<class StringType>
void TextStream<StringType>::Convert(const char * src, size_t len, std::wstring & dst)
{
PT::UTF8ToWide(src, len, dst, false);
}
template<class StringType>
void TextStream<StringType>::Convert(const char * src, std::wstring & dst)
{
PT::UTF8ToWide(src, dst, false);
}
template<class StringType>
void TextStream<StringType>::Convert(const std::string & src, std::wstring & dst)
{
PT::UTF8ToWide(src, dst, false);
}
template<class StringType>
void TextStream<StringType>::Convert(const wchar_t * src, size_t len, std::string & dst)
{
PT::WideToUTF8(src, len, dst, false);
}
template<class StringType>
void TextStream<StringType>::Convert(const wchar_t * src, std::string & dst)
{
PT::WideToUTF8(src, dst, false);
}
template<class StringType>
void TextStream<StringType>::Convert(const std::wstring & src, std::string & dst)
{
PT::WideToUTF8(src, dst, false);
}
template<class StringType>
void TextStream<StringType>::Convert(const char * src, size_t len, std::string & dst)
{
// we suppose that append is smart enough and we don't have to use reserve()
dst.append(src, len);
}
template<class StringType>
void TextStream<StringType>::Convert(const char * src, std::string & dst)
{
size_t len;
for(len=0 ; src[len] ; ++len){}
Convert(src, len, dst);
}
template<class StringType>
void TextStream<StringType>::Convert(const std::string & src, std::string & dst)
{
dst.append(src);
}
template<class StringType>
void TextStream<StringType>::Convert(const wchar_t * src, size_t len, std::wstring & dst)
{
// we suppose that append is smart enough and we don't have to use reserve()
dst.append(src, len);
}
template<class StringType>
void TextStream<StringType>::Convert(const wchar_t * src, std::wstring & dst)
{
size_t len;
for(len=0 ; src[len] ; ++len){}
Convert(src, len, dst);
}
template<class StringType>
void TextStream<StringType>::Convert(const std::wstring & src, std::wstring & dst)
{
dst.append(src);
}
} // namespace Winix

0
core/threadmanager.cpp Executable file → Normal file
View File

0
core/threadmanager.h Executable file → Normal file
View File

1
core/timezones.cpp
View File

@@ -164,7 +164,6 @@ void TimeZones::ParseZones()
// just space by space (not implemented in Space at the moment)
bool TimeZones::ReadTimeZones(const wchar_t * path)
{
parser.UTF8(true);
parser.SetSpace(temp_space);
zone_tab.clear();
temp_space.Clear();

0
core/ugcontainer.h Executable file → Normal file
View File

0
core/user.cpp Executable file → Normal file
View File

0
core/user.h Executable file → Normal file
View File

2
core/users.cpp Executable file → Normal file
View File

@@ -255,7 +255,7 @@ bool Users::LoginUser(long user_id, bool remember_me, bool use_ses_log)
if( !cur->session->new_session )
session_manager->ChangeSessionId(cur->session->id);
last.UserLogin(user_id, cur->session->puser->name, inet_addr(cur->request->env_remote_addr), cur->session->id);
last.UserLogin(user_id, cur->session->puser->name, cur->request->ip, cur->session->id);
how_many_logged += 1;
log << log2 << "Users: user " << cur->session->puser->name << " (id: " << user_id << ") logged" << logend;

0
core/users.h Executable file → Normal file
View File

2
core/version.h Executable file → Normal file
View File

@@ -42,7 +42,7 @@ namespace Winix
#define WINIX_VER_MAJOR 0
#define WINIX_VER_MINOR 6
#define WINIX_VER_REVISION 2
#define WINIX_VER_REVISION 5

81
core/winix_const.h Normal file
View File

@@ -0,0 +1,81 @@
/*
* This file is a part of Winix
* and is distributed under the 2-Clause BSD licence.
* Author: Tomasz Sowa <t.sowa@ttmath.org>
*/
/*
* Copyright (c) 2014, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef headerfile_winix_core_winix_const
#define headerfile_winix_core_winix_const
/*
* some constants used throughout winix
*/
/*
* a size of an UTF-8 buffer when converting a file system path from a wide string
* to UTF-8 string
*
* don't set it too long as it is used in local arrays: char[WINIX_OS_PATH_SIZE]
*/
#define WINIX_OS_PATH_SIZE 4096
/*
* a size of an UTF-8 buffer when converting a user's name from a wide string
* to UTF-8 string
* it can be applied to a user, group etc.
*
* don't set it too long as it is used in local arrays: char[WINIX_OS_USERNAME_SIZE]
*
*/
#define WINIX_OS_USERNAME_SIZE 128
/*
* maximum size of a URL
*
* URLs longer than this value will be rejected (permission denied)
* don't set it too long as it is used in local arrays: char[WINIX_URL_MAX_SIZE]
*/
#define WINIX_URL_MAX_SIZE 4096
#endif

Some files were not shown because too many files have changed in this diff Show More