1/* 2 A trivial static http webserver using Libevent's evhttp. 3 4 This is not the best code in the world, and it does some fairly stupid stuff 5 that you would never want to do in a production webserver. Caveat hackor! 6 7 */ 8 9/* Compatibility for possible missing IPv6 declarations */ 10#include "../util-internal.h" 11 12#include <stdio.h> 13#include <stdlib.h> 14#include <string.h> 15 16#include <sys/types.h> 17#include <sys/stat.h> 18 19#ifdef _WIN32 20#include <winsock2.h> 21#include <ws2tcpip.h> 22#include <windows.h> 23#include <io.h> 24#include <fcntl.h> 25#ifndef S_ISDIR 26#define S_ISDIR(x) (((x) & S_IFMT) == S_IFDIR) 27#endif 28#else 29#include <sys/stat.h> 30#include <sys/socket.h> 31#include <signal.h> 32#include <fcntl.h> 33#include <unistd.h> 34#include <dirent.h> 35#endif 36 37#include <event2/event.h> 38#include <event2/http.h> 39#include <event2/buffer.h> 40#include <event2/util.h> 41#include <event2/keyvalq_struct.h> 42 43#ifdef EVENT__HAVE_NETINET_IN_H 44#include <netinet/in.h> 45# ifdef _XOPEN_SOURCE_EXTENDED 46# include <arpa/inet.h> 47# endif 48#endif 49 50#ifdef _WIN32 51#ifndef stat 52#define stat _stat 53#endif 54#ifndef fstat 55#define fstat _fstat 56#endif 57#ifndef open 58#define open _open 59#endif 60#ifndef close 61#define close _close 62#endif 63#ifndef O_RDONLY 64#define O_RDONLY _O_RDONLY 65#endif 66#endif 67 68char uri_root[512]; 69 70static const struct table_entry { 71 const char *extension; 72 const char *content_type; 73} content_type_table[] = { 74 { "txt", "text/plain" }, 75 { "c", "text/plain" }, 76 { "h", "text/plain" }, 77 { "html", "text/html" }, 78 { "htm", "text/htm" }, 79 { "css", "text/css" }, 80 { "gif", "image/gif" }, 81 { "jpg", "image/jpeg" }, 82 { "jpeg", "image/jpeg" }, 83 { "png", "image/png" }, 84 { "pdf", "application/pdf" }, 85 { "ps", "application/postscript" }, 86 { NULL, NULL }, 87}; 88 89/* Try to guess a good content-type for 'path' */ 90static const char * 91guess_content_type(const char *path) 92{ 93 const char *last_period, *extension; 94 const struct table_entry *ent; 95 last_period = strrchr(path, '.'); 96 if (!last_period || strchr(last_period, '/')) 97 goto not_found; /* no exension */ 98 extension = last_period + 1; 99 for (ent = &content_type_table[0]; ent->extension; ++ent) { 100 if (!evutil_ascii_strcasecmp(ent->extension, extension)) 101 return ent->content_type; 102 } 103 104not_found: 105 return "application/misc"; 106} 107 108/* Callback used for the /dump URI, and for every non-GET request: 109 * dumps all information to stdout and gives back a trivial 200 ok */ 110static void 111dump_request_cb(struct evhttp_request *req, void *arg) 112{ 113 const char *cmdtype; 114 struct evkeyvalq *headers; 115 struct evkeyval *header; 116 struct evbuffer *buf; 117 118 switch (evhttp_request_get_command(req)) { 119 case EVHTTP_REQ_GET: cmdtype = "GET"; break; 120 case EVHTTP_REQ_POST: cmdtype = "POST"; break; 121 case EVHTTP_REQ_HEAD: cmdtype = "HEAD"; break; 122 case EVHTTP_REQ_PUT: cmdtype = "PUT"; break; 123 case EVHTTP_REQ_DELETE: cmdtype = "DELETE"; break; 124 case EVHTTP_REQ_OPTIONS: cmdtype = "OPTIONS"; break; 125 case EVHTTP_REQ_TRACE: cmdtype = "TRACE"; break; 126 case EVHTTP_REQ_CONNECT: cmdtype = "CONNECT"; break; 127 case EVHTTP_REQ_PATCH: cmdtype = "PATCH"; break; 128 default: cmdtype = "unknown"; break; 129 } 130 131 printf("Received a %s request for %s\nHeaders:\n", 132 cmdtype, evhttp_request_get_uri(req)); 133 134 headers = evhttp_request_get_input_headers(req); 135 for (header = headers->tqh_first; header; 136 header = header->next.tqe_next) { 137 printf(" %s: %s\n", header->key, header->value); 138 } 139 140 buf = evhttp_request_get_input_buffer(req); 141 puts("Input data: <<<"); 142 while (evbuffer_get_length(buf)) { 143 int n; 144 char cbuf[128]; 145 n = evbuffer_remove(buf, cbuf, sizeof(cbuf)); 146 if (n > 0) 147 (void) fwrite(cbuf, 1, n, stdout); 148 } 149 puts(">>>"); 150 151 evhttp_send_reply(req, 200, "OK", NULL); 152} 153 154/* This callback gets invoked when we get any http request that doesn't match 155 * any other callback. Like any evhttp server callback, it has a simple job: 156 * it must eventually call evhttp_send_error() or evhttp_send_reply(). 157 */ 158static void 159send_document_cb(struct evhttp_request *req, void *arg) 160{ 161 struct evbuffer *evb = NULL; 162 const char *docroot = arg; 163 const char *uri = evhttp_request_get_uri(req); 164 struct evhttp_uri *decoded = NULL; 165 const char *path; 166 char *decoded_path; 167 char *whole_path = NULL; 168 size_t len; 169 int fd = -1; 170 struct stat st; 171 172 if (evhttp_request_get_command(req) != EVHTTP_REQ_GET) { 173 dump_request_cb(req, arg); 174 return; 175 } 176 177 printf("Got a GET request for <%s>\n", uri); 178 179 /* Decode the URI */ 180 decoded = evhttp_uri_parse(uri); 181 if (!decoded) { 182 printf("It's not a good URI. Sending BADREQUEST\n"); 183 evhttp_send_error(req, HTTP_BADREQUEST, 0); 184 return; 185 } 186 187 /* Let's see what path the user asked for. */ 188 path = evhttp_uri_get_path(decoded); 189 if (!path) path = "/"; 190 191 /* We need to decode it, to see what path the user really wanted. */ 192 decoded_path = evhttp_uridecode(path, 0, NULL); 193 if (decoded_path == NULL) 194 goto err; 195 /* Don't allow any ".."s in the path, to avoid exposing stuff outside 196 * of the docroot. This test is both overzealous and underzealous: 197 * it forbids aceptable paths like "/this/one..here", but it doesn't 198 * do anything to prevent symlink following." */ 199 if (strstr(decoded_path, "..")) 200 goto err; 201 202 len = strlen(decoded_path)+strlen(docroot)+2; 203 if (!(whole_path = malloc(len))) { 204 perror("malloc"); 205 goto err; 206 } 207 evutil_snprintf(whole_path, len, "%s/%s", docroot, decoded_path); 208 209 if (stat(whole_path, &st)<0) { 210 goto err; 211 } 212 213 /* This holds the content we're sending. */ 214 evb = evbuffer_new(); 215 216 if (S_ISDIR(st.st_mode)) { 217 /* If it's a directory, read the comments and make a little 218 * index page */ 219#ifdef _WIN32 220 HANDLE d; 221 WIN32_FIND_DATAA ent; 222 char *pattern; 223 size_t dirlen; 224#else 225 DIR *d; 226 struct dirent *ent; 227#endif 228 const char *trailing_slash = ""; 229 230 if (!strlen(path) || path[strlen(path)-1] != '/') 231 trailing_slash = "/"; 232 233#ifdef _WIN32 234 dirlen = strlen(whole_path); 235 pattern = malloc(dirlen+3); 236 memcpy(pattern, whole_path, dirlen); 237 pattern[dirlen] = '\\'; 238 pattern[dirlen+1] = '*'; 239 pattern[dirlen+2] = '\0'; 240 d = FindFirstFileA(pattern, &ent); 241 free(pattern); 242 if (d == INVALID_HANDLE_VALUE) 243 goto err; 244#else 245 if (!(d = opendir(whole_path))) 246 goto err; 247#endif 248 249 evbuffer_add_printf(evb, 250 "<!DOCTYPE html>\n" 251 "<html>\n <head>\n" 252 " <meta charset='utf-8'>\n" 253 " <title>%s</title>\n" 254 " <base href='%s%s'>\n" 255 " </head>\n" 256 " <body>\n" 257 " <h1>%s</h1>\n" 258 " <ul>\n", 259 decoded_path, /* XXX html-escape this. */ 260 path, /* XXX html-escape this? */ 261 trailing_slash, 262 decoded_path /* XXX html-escape this */); 263#ifdef _WIN32 264 do { 265 const char *name = ent.cFileName; 266#else 267 while ((ent = readdir(d))) { 268 const char *name = ent->d_name; 269#endif 270 evbuffer_add_printf(evb, 271 " <li><a href=\"%s\">%s</a>\n", 272 name, name);/* XXX escape this */ 273#ifdef _WIN32 274 } while (FindNextFileA(d, &ent)); 275#else 276 } 277#endif 278 evbuffer_add_printf(evb, "</ul></body></html>\n"); 279#ifdef _WIN32 280 FindClose(d); 281#else 282 closedir(d); 283#endif 284 evhttp_add_header(evhttp_request_get_output_headers(req), 285 "Content-Type", "text/html"); 286 } else { 287 /* Otherwise it's a file; add it to the buffer to get 288 * sent via sendfile */ 289 const char *type = guess_content_type(decoded_path); 290 if ((fd = open(whole_path, O_RDONLY)) < 0) { 291 perror("open"); 292 goto err; 293 } 294 295 if (fstat(fd, &st)<0) { 296 /* Make sure the length still matches, now that we 297 * opened the file :/ */ 298 perror("fstat"); 299 goto err; 300 } 301 evhttp_add_header(evhttp_request_get_output_headers(req), 302 "Content-Type", type); 303 evbuffer_add_file(evb, fd, 0, st.st_size); 304 } 305 306 evhttp_send_reply(req, 200, "OK", evb); 307 goto done; 308err: 309 evhttp_send_error(req, 404, "Document was not found"); 310 if (fd>=0) 311 close(fd); 312done: 313 if (decoded) 314 evhttp_uri_free(decoded); 315 if (decoded_path) 316 free(decoded_path); 317 if (whole_path) 318 free(whole_path); 319 if (evb) 320 evbuffer_free(evb); 321} 322 323static void 324syntax(void) 325{ 326 fprintf(stdout, "Syntax: http-server <docroot>\n"); 327} 328 329int 330main(int argc, char **argv) 331{ 332 struct event_base *base; 333 struct evhttp *http; 334 struct evhttp_bound_socket *handle; 335 336 ev_uint16_t port = 0; 337#ifdef _WIN32 338 WSADATA WSAData; 339 WSAStartup(0x101, &WSAData); 340#else 341 if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) 342 return (1); 343#endif 344 if (argc < 2) { 345 syntax(); 346 return 1; 347 } 348 349 base = event_base_new(); 350 if (!base) { 351 fprintf(stderr, "Couldn't create an event_base: exiting\n"); 352 return 1; 353 } 354 355 /* Create a new evhttp object to handle requests. */ 356 http = evhttp_new(base); 357 if (!http) { 358 fprintf(stderr, "couldn't create evhttp. Exiting.\n"); 359 return 1; 360 } 361 362 /* The /dump URI will dump all requests to stdout and say 200 ok. */ 363 evhttp_set_cb(http, "/dump", dump_request_cb, NULL); 364 365 /* We want to accept arbitrary requests, so we need to set a "generic" 366 * cb. We can also add callbacks for specific paths. */ 367 evhttp_set_gencb(http, send_document_cb, argv[1]); 368 369 /* Now we tell the evhttp what port to listen on */ 370 handle = evhttp_bind_socket_with_handle(http, "0.0.0.0", port); 371 if (!handle) { 372 fprintf(stderr, "couldn't bind to port %d. Exiting.\n", 373 (int)port); 374 return 1; 375 } 376 377 { 378 /* Extract and display the address we're listening on. */ 379 struct sockaddr_storage ss; 380 evutil_socket_t fd; 381 ev_socklen_t socklen = sizeof(ss); 382 char addrbuf[128]; 383 void *inaddr; 384 const char *addr; 385 int got_port = -1; 386 fd = evhttp_bound_socket_get_fd(handle); 387 memset(&ss, 0, sizeof(ss)); 388 if (getsockname(fd, (struct sockaddr *)&ss, &socklen)) { 389 perror("getsockname() failed"); 390 return 1; 391 } 392 if (ss.ss_family == AF_INET) { 393 got_port = ntohs(((struct sockaddr_in*)&ss)->sin_port); 394 inaddr = &((struct sockaddr_in*)&ss)->sin_addr; 395 } else if (ss.ss_family == AF_INET6) { 396 got_port = ntohs(((struct sockaddr_in6*)&ss)->sin6_port); 397 inaddr = &((struct sockaddr_in6*)&ss)->sin6_addr; 398 } else { 399 fprintf(stderr, "Weird address family %d\n", 400 ss.ss_family); 401 return 1; 402 } 403 addr = evutil_inet_ntop(ss.ss_family, inaddr, addrbuf, 404 sizeof(addrbuf)); 405 if (addr) { 406 printf("Listening on %s:%d\n", addr, got_port); 407 evutil_snprintf(uri_root, sizeof(uri_root), 408 "http://%s:%d",addr,got_port); 409 } else { 410 fprintf(stderr, "evutil_inet_ntop failed\n"); 411 return 1; 412 } 413 } 414 415 event_base_dispatch(base); 416 417 return 0; 418} 419