modules/metadata/mod_cern_meta.c - httpd - Git at Google

 /* Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 /*
  * mod_cern_meta.c
  * version 0.1.0
  * status beta
  *
  * Andrew Wilson <Andrew.Wilson@cm.cf.ac.uk> 25.Jan.96
  *
  * *** IMPORTANT ***
  * This version of mod_cern_meta.c controls Meta File behaviour on a
  * per-directory basis.  Previous versions of the module defined behaviour
  * on a per-server basis.  The upshot is that you'll need to revisit your
  * configuration files in order to make use of the new module.
  * ***
  *
  * Emulate the CERN HTTPD Meta file semantics.  Meta files are HTTP
  * headers that can be output in addition to the normal range of
  * headers for each file accessed.  They appear rather like the Apache
  * .asis files, and are able to provide a crude way of influencing
  * the Expires: header, as well as providing other curiosities.
  * There are many ways to manage meta information, this one was
  * chosen because there is already a large number of CERN users
  * who can exploit this module.  It should be noted that there are probably
  * more sensitive ways of managing the Expires: header specifically.
  *
  * The module obeys the following directives, which can appear
  * in the server's .conf files and in .htaccess files.
  *
  *  MetaFiles <on|off>
  *
  *    turns on|off meta file processing for any directory.
  *    Default value is off
  *
  *        # turn on MetaFiles in this directory
  *        MetaFiles on
  *
  *  MetaDir <directory name>
  *
  *    specifies the name of the directory in which Apache can find
  *    meta information files.  The directory is usually a 'hidden'
  *    subdirectory of the directory that contains the file being
  *    accessed.  eg:
  *
  *        # .meta files are in the *same* directory as the
  *        # file being accessed
  *        MetaDir .
  *
  *    the default is to look in a '.web' subdirectory. This is the
  *    same as for CERN 3.+ webservers and behaviour is the same as
  *    for the directive:
  *
  *        MetaDir .web
  *
  *  MetaSuffix <meta file suffix>
  *
  *    specifies the file name suffix for the file containing the
  *    meta information.  eg:
  *
  *       # our meta files are suffixed with '.cern_meta'
  *       MetaSuffix .cern_meta
  *
  *    the default is to look for files with the suffix '.meta'.  This
  *    behaviour is the same as for the directive:
  *
  *       MetaSuffix .meta
  *
  * When accessing the file
  *
  *   DOCUMENT_ROOT/somedir/index.html
  *
  * this module will look for the file
  *
  *   DOCUMENT_ROOT/somedir/.web/index.html.meta
  *
  * and will use its contents to generate additional MIME header
  * information.
  *
  * For more information on the CERN Meta file semantics see:
  *
  *   http://www.w3.org/hypertext/WWW/Daemon/User/Config/General.html#MetaDir
  *
  * Change-log:
  * 29.Jan.96 pfopen/pfclose instead of fopen/fclose
  *           DECLINE when real file not found, we may be checking each
  *           of the index.html/index.shtml/index.htm variants and don't
  *           need to report missing ones as spurious errors.
  * 31.Jan.96 log_error reports about a malformed .meta file, rather
  *           than a script error.
  * 20.Jun.96 MetaFiles <on|off> default off, added, so that module
  *           can be configured per-directory.  Prior to this the module
  *           was running for each request anywhere on the server, naughty..
  * 29.Jun.96 All directives made per-directory.
  */

 #include "apr.h"
 #include "apr_strings.h"

 #define APR_WANT_STRFUNC
 #include "apr_want.h"

 #if APR_HAVE_SYS_TYPES_H
 #include <sys/types.h>
 #endif

 #include "ap_config.h"
 #include "httpd.h"
 #include "http_config.h"
 #include "util_script.h"
 #include "http_log.h"
 #include "http_request.h"
 #include "http_protocol.h"
 #include "apr_lib.h"

 #define DIR_CMD_PERMS OR_INDEXES

 #define DEFAULT_METADIR     ".web"
 #define DEFAULT_METASUFFIX  ".meta"
 #define DEFAULT_METAFILES   0

 module AP_MODULE_DECLARE_DATA cern_meta_module;

 typedef struct {
     const char *metadir;
     const char *metasuffix;
     int metafiles;
 } cern_meta_dir_config;

 static void *create_cern_meta_dir_config(apr_pool_t *p, char *dummy)
 {
     cern_meta_dir_config *new =
     (cern_meta_dir_config *) apr_palloc(p, sizeof(cern_meta_dir_config));

     new->metadir = NULL;
     new->metasuffix = NULL;
     new->metafiles = DEFAULT_METAFILES;

     return new;
 }

 static void *merge_cern_meta_dir_configs(apr_pool_t *p, void *basev, void *addv)
 {
     cern_meta_dir_config *base = (cern_meta_dir_config *) basev;
     cern_meta_dir_config *add = (cern_meta_dir_config *) addv;
     cern_meta_dir_config *new =
     (cern_meta_dir_config *) apr_palloc(p, sizeof(cern_meta_dir_config));

     new->metadir = add->metadir ? add->metadir : base->metadir;
     new->metasuffix = add->metasuffix ? add->metasuffix : base->metasuffix;
     new->metafiles = add->metafiles;

     return new;
 }

 static const char *set_metadir(cmd_parms *parms, void *in_dconf, const char *arg)
 {
     cern_meta_dir_config *dconf = in_dconf;

     dconf->metadir = arg;
     return NULL;
 }

 static const char *set_metasuffix(cmd_parms *parms, void *in_dconf, const char *arg)
 {
     cern_meta_dir_config *dconf = in_dconf;

     dconf->metasuffix = arg;
     return NULL;
 }

 static const char *set_metafiles(cmd_parms *parms, void *in_dconf, int arg)
 {
     cern_meta_dir_config *dconf = in_dconf;

     dconf->metafiles = arg;
     return NULL;
 }


 static const command_rec cern_meta_cmds[] =
 {
     AP_INIT_FLAG("MetaFiles", set_metafiles, NULL, DIR_CMD_PERMS,
                  "Limited to 'on' or 'off'"),
     AP_INIT_TAKE1("MetaDir", set_metadir, NULL, DIR_CMD_PERMS,
                   "the name of the directory containing meta files"),
     AP_INIT_TAKE1("MetaSuffix", set_metasuffix, NULL, DIR_CMD_PERMS,
                   "the filename suffix for meta files"),
     {NULL}
 };

 /* XXX: this is very similar to ap_scan_script_header_err_core...
  * are the differences deliberate, or just a result of bit rot?
  */
 static int scan_meta_file(request_rec *r, apr_file_t *f)
 {
     char w[MAX_STRING_LEN];
     char *l;
     int p;
     apr_table_t *tmp_headers;

     tmp_headers = apr_table_make(r->pool, 5);
     while (apr_file_gets(w, MAX_STRING_LEN - 1, f) == APR_SUCCESS) {

     /* Delete terminal (CR?)LF */
         p = strlen(w);
         if (p > 0 && w[p - 1] == '\n') {
             if (p > 1 && w[p - 2] == '\015')
                 w[p - 2] = '\0';
             else
                 w[p - 1] = '\0';
         }

         if (w[0] == '\0') {
             return OK;
         }

         /* if we see a bogus header don't ignore it. Shout and scream */

         if (!(l = strchr(w, ':'))) {
             ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01560)
                 "malformed header in meta file: %s", r->filename);
             return HTTP_INTERNAL_SERVER_ERROR;
         }

         *l++ = '\0';
         while (apr_isspace(*l))
             ++l;

         if (!ap_cstr_casecmp(w, "Content-type")) {
             char *tmp;
             /* Nuke trailing whitespace */

             char *endp = l + strlen(l) - 1;
             while (endp > l && apr_isspace(*endp))
                 *endp-- = '\0';

             tmp = apr_pstrdup(r->pool, l);
             ap_content_type_tolower(tmp);
             ap_set_content_type(r, tmp);
         }
         else if (!ap_cstr_casecmp(w, "Status")) {
             sscanf(l, "%d", &r->status);
             r->status_line = apr_pstrdup(r->pool, l);
         }
         else {
             apr_table_set(tmp_headers, w, l);
         }
     }
     apr_table_overlap(r->headers_out, tmp_headers, APR_OVERLAP_TABLES_SET);
     return OK;
 }

 static int add_cern_meta_data(request_rec *r)
 {
     char *metafilename;
     char *leading_slash;
     char *last_slash;
     char *real_file;
     char *scrap_book;
     apr_file_t *f = NULL;
     apr_status_t retcode;
     cern_meta_dir_config *dconf;
     int rv;
     request_rec *rr;

     dconf = ap_get_module_config(r->per_dir_config, &cern_meta_module);

     if (!dconf->metafiles) {
         return DECLINED;
     }

     /* if ./.web/$1.meta exists then output 'asis' */

     if (r->finfo.filetype == APR_NOFILE) {
         return DECLINED;
     }

     /* is this a directory? */
     if (r->finfo.filetype == APR_DIR || r->uri[strlen(r->uri) - 1] == '/') {
         return DECLINED;
     }

     /* what directory is this file in? */
     scrap_book = apr_pstrdup(r->pool, r->filename);

     leading_slash = strchr(scrap_book, '/');
     last_slash = strrchr(scrap_book, '/');
     if ((last_slash != NULL) && (last_slash != leading_slash)) {
         /* skip over last slash */
         real_file = last_slash;
         real_file++;
         *last_slash = '\0';
     }
     else {
         /* no last slash, buh?! */
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01561)
             "internal error in mod_cern_meta: %s", r->filename);
         /* should really barf, but hey, let's be friends... */
         return DECLINED;
     }

     metafilename = apr_pstrcat(r->pool, scrap_book, "/",
                dconf->metadir ? dconf->metadir : DEFAULT_METADIR,
                "/", real_file,
          dconf->metasuffix ? dconf->metasuffix : DEFAULT_METASUFFIX,
                NULL);

     /* It sucks to require this subrequest to complete, because this
      * means people must leave their meta files accessible to the world.
      * A better solution might be a "safe open" feature of pfopen to avoid
      * pipes, symlinks, and crap like that.
      *
      * In fact, this doesn't suck.  Because <Location > blocks are never run
      * against sub_req_lookup_file, the meta can be somewhat protected by
      * either masking it with a <Location > directive or alias, or stowing
      * the file outside of the web document tree, while providing the
      * appropriate directory blocks to allow access to it as a file.
      */
     rr = ap_sub_req_lookup_file(metafilename, r, NULL);
     if (rr->status != HTTP_OK) {
         ap_destroy_sub_req(rr);
         return DECLINED;
     }
     ap_destroy_sub_req(rr);

     retcode = apr_file_open(&f, metafilename, APR_READ, APR_OS_DEFAULT, r->pool);
     if (retcode != APR_SUCCESS) {
         if (APR_STATUS_IS_ENOENT(retcode)) {
             return DECLINED;
         }
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01562)
             "meta file permissions deny server access: %s", metafilename);
         return HTTP_FORBIDDEN;
     }

     /* read the headers in */
     rv = scan_meta_file(r, f);
     apr_file_close(f);

     return rv;
 }

 static void register_hooks(apr_pool_t *p)
 {
     ap_hook_fixups(add_cern_meta_data,NULL,NULL,APR_HOOK_MIDDLE);
 }

 AP_DECLARE_MODULE(cern_meta) =
 {
     STANDARD20_MODULE_STUFF,
     create_cern_meta_dir_config, /* dir config creater */
     merge_cern_meta_dir_configs, /* dir merger --- default is to override */
     NULL,                        /* server config */
     NULL,                        /* merge server configs */
     cern_meta_cmds,              /* command apr_table_t */
     register_hooks               /* register hooks */
 };
	/* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	/*
	* mod_cern_meta.c
	* version 0.1.0
	* status beta
	*
	* Andrew Wilson <Andrew.Wilson@cm.cf.ac.uk> 25.Jan.96
	*
	* * IMPORTANT *
	* This version of mod_cern_meta.c controls Meta File behaviour on a
	* per-directory basis. Previous versions of the module defined behaviour
	* on a per-server basis. The upshot is that you'll need to revisit your
	* configuration files in order to make use of the new module.
	* ***
	*
	* Emulate the CERN HTTPD Meta file semantics. Meta files are HTTP
	* headers that can be output in addition to the normal range of
	* headers for each file accessed. They appear rather like the Apache
	* .asis files, and are able to provide a crude way of influencing
	* the Expires: header, as well as providing other curiosities.
	* There are many ways to manage meta information, this one was
	* chosen because there is already a large number of CERN users
	* who can exploit this module. It should be noted that there are probably
	* more sensitive ways of managing the Expires: header specifically.
	*
	* The module obeys the following directives, which can appear
	* in the server's .conf files and in .htaccess files.
	*
	* MetaFiles <on\|off>
	*
	* turns on\|off meta file processing for any directory.
	* Default value is off
	*
	* # turn on MetaFiles in this directory
	* MetaFiles on
	*
	* MetaDir <directory name>
	*
	* specifies the name of the directory in which Apache can find
	* meta information files. The directory is usually a 'hidden'
	* subdirectory of the directory that contains the file being
	* accessed. eg:
	*
	* # .meta files are in the same directory as the
	* # file being accessed
	* MetaDir .
	*
	* the default is to look in a '.web' subdirectory. This is the
	* same as for CERN 3.+ webservers and behaviour is the same as
	* for the directive:
	*
	* MetaDir .web
	*
	* MetaSuffix <meta file suffix>
	*
	* specifies the file name suffix for the file containing the
	* meta information. eg:
	*
	* # our meta files are suffixed with '.cern_meta'
	* MetaSuffix .cern_meta
	*
	* the default is to look for files with the suffix '.meta'. This
	* behaviour is the same as for the directive:
	*
	* MetaSuffix .meta
	*
	* When accessing the file
	*
	* DOCUMENT_ROOT/somedir/index.html
	*
	* this module will look for the file
	*
	* DOCUMENT_ROOT/somedir/.web/index.html.meta
	*
	* and will use its contents to generate additional MIME header
	* information.
	*
	* For more information on the CERN Meta file semantics see:
	*
	* http://www.w3.org/hypertext/WWW/Daemon/User/Config/General.html#MetaDir
	*
	* Change-log:
	* 29.Jan.96 pfopen/pfclose instead of fopen/fclose
	* DECLINE when real file not found, we may be checking each
	* of the index.html/index.shtml/index.htm variants and don't
	* need to report missing ones as spurious errors.
	* 31.Jan.96 log_error reports about a malformed .meta file, rather
	* than a script error.
	* 20.Jun.96 MetaFiles <on\|off> default off, added, so that module
	* can be configured per-directory. Prior to this the module
	* was running for each request anywhere on the server, naughty..
	* 29.Jun.96 All directives made per-directory.
	*/

	#include "apr.h"
	#include "apr_strings.h"

	#define APR_WANT_STRFUNC
	#include "apr_want.h"

	#if APR_HAVE_SYS_TYPES_H
	#include <sys/types.h>
	#endif

	#include "ap_config.h"
	#include "httpd.h"
	#include "http_config.h"
	#include "util_script.h"
	#include "http_log.h"
	#include "http_request.h"
	#include "http_protocol.h"
	#include "apr_lib.h"

	#define DIR_CMD_PERMS OR_INDEXES

	#define DEFAULT_METADIR ".web"
	#define DEFAULT_METASUFFIX ".meta"
	#define DEFAULT_METAFILES 0

	module AP_MODULE_DECLARE_DATA cern_meta_module;

	typedef struct {
	const char *metadir;
	const char *metasuffix;
	int metafiles;
	} cern_meta_dir_config;

	static void create_cern_meta_dir_config(apr_pool_t p, char *dummy)
	{
	cern_meta_dir_config *new =
	(cern_meta_dir_config *) apr_palloc(p, sizeof(cern_meta_dir_config));

	new->metadir = NULL;
	new->metasuffix = NULL;
	new->metafiles = DEFAULT_METAFILES;

	return new;
	}

	static void merge_cern_meta_dir_configs(apr_pool_t p, void basev, void addv)
	{
	cern_meta_dir_config base = (cern_meta_dir_config ) basev;
	cern_meta_dir_config add = (cern_meta_dir_config ) addv;
	cern_meta_dir_config *new =
	(cern_meta_dir_config *) apr_palloc(p, sizeof(cern_meta_dir_config));

	new->metadir = add->metadir ? add->metadir : base->metadir;
	new->metasuffix = add->metasuffix ? add->metasuffix : base->metasuffix;
	new->metafiles = add->metafiles;

	return new;
	}

	static const char set_metadir(cmd_parms parms, void in_dconf, const char arg)
	{
	cern_meta_dir_config *dconf = in_dconf;

	dconf->metadir = arg;
	return NULL;
	}

	static const char set_metasuffix(cmd_parms parms, void in_dconf, const char arg)
	{
	cern_meta_dir_config *dconf = in_dconf;

	dconf->metasuffix = arg;
	return NULL;
	}

	static const char set_metafiles(cmd_parms parms, void *in_dconf, int arg)
	{
	cern_meta_dir_config *dconf = in_dconf;

	dconf->metafiles = arg;
	return NULL;
	}


	static const command_rec cern_meta_cmds[] =
	{
	AP_INIT_FLAG("MetaFiles", set_metafiles, NULL, DIR_CMD_PERMS,
	"Limited to 'on' or 'off'"),
	AP_INIT_TAKE1("MetaDir", set_metadir, NULL, DIR_CMD_PERMS,
	"the name of the directory containing meta files"),
	AP_INIT_TAKE1("MetaSuffix", set_metasuffix, NULL, DIR_CMD_PERMS,
	"the filename suffix for meta files"),
	{NULL}
	};

	/* XXX: this is very similar to ap_scan_script_header_err_core...
	* are the differences deliberate, or just a result of bit rot?
	*/
	static int scan_meta_file(request_rec r, apr_file_t f)
	{
	char w[MAX_STRING_LEN];
	char *l;
	int p;
	apr_table_t *tmp_headers;

	tmp_headers = apr_table_make(r->pool, 5);
	while (apr_file_gets(w, MAX_STRING_LEN - 1, f) == APR_SUCCESS) {

	/* Delete terminal (CR?)LF */
	p = strlen(w);
	if (p > 0 && w[p - 1] == '\n') {
	if (p > 1 && w[p - 2] == '\015')
	w[p - 2] = '\0';
	else
	w[p - 1] = '\0';
	}

	if (w[0] == '\0') {
	return OK;
	}

	/* if we see a bogus header don't ignore it. Shout and scream */

	if (!(l = strchr(w, ':'))) {
	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01560)
	"malformed header in meta file: %s", r->filename);
	return HTTP_INTERNAL_SERVER_ERROR;
	}

	*l++ = '\0';
	while (apr_isspace(*l))
	++l;

	if (!ap_cstr_casecmp(w, "Content-type")) {
	char *tmp;
	/* Nuke trailing whitespace */

	char *endp = l + strlen(l) - 1;
	while (endp > l && apr_isspace(*endp))
	*endp-- = '\0';

	tmp = apr_pstrdup(r->pool, l);
	ap_content_type_tolower(tmp);
	ap_set_content_type(r, tmp);
	}
	else if (!ap_cstr_casecmp(w, "Status")) {
	sscanf(l, "%d", &r->status);
	r->status_line = apr_pstrdup(r->pool, l);
	}
	else {
	apr_table_set(tmp_headers, w, l);
	}
	}
	apr_table_overlap(r->headers_out, tmp_headers, APR_OVERLAP_TABLES_SET);
	return OK;
	}

	static int add_cern_meta_data(request_rec *r)
	{
	char *metafilename;
	char *leading_slash;
	char *last_slash;
	char *real_file;
	char *scrap_book;
	apr_file_t *f = NULL;
	apr_status_t retcode;
	cern_meta_dir_config *dconf;
	int rv;
	request_rec *rr;

	dconf = ap_get_module_config(r->per_dir_config, &cern_meta_module);

	if (!dconf->metafiles) {
	return DECLINED;
	}

	/* if ./.web/$1.meta exists then output 'asis' */

	if (r->finfo.filetype == APR_NOFILE) {
	return DECLINED;
	}

	/* is this a directory? */
	if (r->finfo.filetype == APR_DIR \|\| r->uri[strlen(r->uri) - 1] == '/') {
	return DECLINED;
	}

	/* what directory is this file in? */
	scrap_book = apr_pstrdup(r->pool, r->filename);

	leading_slash = strchr(scrap_book, '/');
	last_slash = strrchr(scrap_book, '/');
	if ((last_slash != NULL) && (last_slash != leading_slash)) {
	/* skip over last slash */
	real_file = last_slash;
	real_file++;
	*last_slash = '\0';
	}
	else {
	/* no last slash, buh?! */
	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01561)
	"internal error in mod_cern_meta: %s", r->filename);
	/* should really barf, but hey, let's be friends... */
	return DECLINED;
	}

	metafilename = apr_pstrcat(r->pool, scrap_book, "/",
	dconf->metadir ? dconf->metadir : DEFAULT_METADIR,
	"/", real_file,
	dconf->metasuffix ? dconf->metasuffix : DEFAULT_METASUFFIX,
	NULL);

	/* It sucks to require this subrequest to complete, because this
	* means people must leave their meta files accessible to the world.
	* A better solution might be a "safe open" feature of pfopen to avoid
	* pipes, symlinks, and crap like that.
	*
	* In fact, this doesn't suck. Because <Location > blocks are never run
	* against sub_req_lookup_file, the meta can be somewhat protected by
	* either masking it with a <Location > directive or alias, or stowing
	* the file outside of the web document tree, while providing the
	* appropriate directory blocks to allow access to it as a file.
	*/
	rr = ap_sub_req_lookup_file(metafilename, r, NULL);
	if (rr->status != HTTP_OK) {
	ap_destroy_sub_req(rr);
	return DECLINED;
	}
	ap_destroy_sub_req(rr);

	retcode = apr_file_open(&f, metafilename, APR_READ, APR_OS_DEFAULT, r->pool);
	if (retcode != APR_SUCCESS) {
	if (APR_STATUS_IS_ENOENT(retcode)) {
	return DECLINED;
	}
	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01562)
	"meta file permissions deny server access: %s", metafilename);
	return HTTP_FORBIDDEN;
	}

	/* read the headers in */
	rv = scan_meta_file(r, f);
	apr_file_close(f);

	return rv;
	}

	static void register_hooks(apr_pool_t *p)
	{
	ap_hook_fixups(add_cern_meta_data,NULL,NULL,APR_HOOK_MIDDLE);
	}

	AP_DECLARE_MODULE(cern_meta) =
	{
	STANDARD20_MODULE_STUFF,
	create_cern_meta_dir_config, /* dir config creater */
	merge_cern_meta_dir_configs, /* dir merger --- default is to override */
	NULL, /* server config */
	NULL, /* merge server configs */
	cern_meta_cmds, /* command apr_table_t */
	register_hooks /* register hooks */
	};