Thu Apr 28 2011 16:56:48

Asterisk developer's documentation


res_http_post.c

Go to the documentation of this file.
00001 /*
00002  * Asterisk -- An open source telephony toolkit.
00003  *
00004  * Copyright (C) 1999 - 2006, Digium, Inc.
00005  *
00006  * Mark Spencer <markster@digium.com>
00007  *
00008  * See http://www.asterisk.org for more information about
00009  * the Asterisk project. Please do not directly contact
00010  * any of the maintainers of this project for assistance;
00011  * the project provides a web site, mailing lists and IRC
00012  * channels for your use.
00013  *
00014  * This program is free software, distributed under the terms of
00015  * the GNU General Public License Version 2. See the LICENSE file
00016  * at the top of the source tree.
00017  */
00018 
00019 /*!
00020  * \file 
00021  * \brief HTTP POST upload support for Asterisk HTTP server
00022  *
00023  * \author Terry Wilson <twilson@digium.com
00024  *
00025  * \ref AstHTTP - AMI over the http protocol
00026  */
00027 
00028 /*** MODULEINFO
00029    <depend>gmime</depend>
00030  ***/
00031 
00032 
00033 #include "asterisk.h"
00034 
00035 ASTERISK_FILE_VERSION(__FILE__, "$Revision: 226101 $")
00036 
00037 #include <sys/stat.h>
00038 #include <fcntl.h>
00039 #include <gmime/gmime.h>
00040 #if defined (__OpenBSD__) || defined(__FreeBSD__)
00041 #include <libgen.h>
00042 #endif
00043 
00044 #include "asterisk/linkedlists.h"
00045 #include "asterisk/http.h"
00046 #include "asterisk/paths.h"   /* use ast_config_AST_DATA_DIR */
00047 #include "asterisk/tcptls.h"
00048 #include "asterisk/manager.h"
00049 #include "asterisk/cli.h"
00050 #include "asterisk/module.h"
00051 #include "asterisk/ast_version.h"
00052 
00053 #define MAX_PREFIX 80
00054 
00055 /* just a little structure to hold callback info for gmime */
00056 struct mime_cbinfo {
00057    int count;
00058    const char *post_dir;
00059 };
00060 
00061 /* all valid URIs must be prepended by the string in prefix. */
00062 static char prefix[MAX_PREFIX];
00063 
00064 static void post_raw(GMimePart *part, const char *post_dir, const char *fn)
00065 {
00066    char filename[PATH_MAX];
00067    GMimeDataWrapper *content;
00068    GMimeStream *stream;
00069    int fd;
00070 
00071    snprintf(filename, sizeof(filename), "%s/%s", post_dir, fn);
00072 
00073    ast_debug(1, "Posting raw data to %s\n", filename);
00074 
00075    if ((fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC, 0666)) == -1) {
00076       ast_log(LOG_WARNING, "Unable to open %s for writing file from a POST!\n", filename);
00077 
00078       return;
00079    }
00080 
00081    stream = g_mime_stream_fs_new(fd);
00082 
00083    content = g_mime_part_get_content_object(part);
00084    g_mime_data_wrapper_write_to_stream(content, stream);
00085    g_mime_stream_flush(stream);
00086 
00087    g_object_unref(content);
00088    g_object_unref(stream);
00089 }
00090 
00091 static GMimeMessage *parse_message(FILE *f)
00092 {
00093    GMimeMessage *message;
00094    GMimeParser *parser;
00095    GMimeStream *stream;
00096 
00097    stream = g_mime_stream_file_new(f);
00098 
00099    parser = g_mime_parser_new_with_stream(stream);
00100    g_mime_parser_set_respect_content_length(parser, 1);
00101    
00102    g_object_unref(stream);
00103 
00104    message = g_mime_parser_construct_message(parser);
00105 
00106    g_object_unref(parser);
00107 
00108    return message;
00109 }
00110 
00111 static void process_message_callback(GMimeObject *part, gpointer user_data)
00112 {
00113    struct mime_cbinfo *cbinfo = user_data;
00114 
00115    cbinfo->count++;
00116 
00117    /* We strip off the headers before we get here, so should only see GMIME_IS_PART */
00118    if (GMIME_IS_MESSAGE_PART(part)) {
00119       ast_log(LOG_WARNING, "Got unexpected GMIME_IS_MESSAGE_PART\n");
00120       return;
00121    } else if (GMIME_IS_MESSAGE_PARTIAL(part)) {
00122       ast_log(LOG_WARNING, "Got unexpected GMIME_IS_MESSAGE_PARTIAL\n");
00123       return;
00124    } else if (GMIME_IS_MULTIPART(part)) {
00125       GList *l;
00126       
00127       ast_log(LOG_WARNING, "Got unexpected GMIME_IS_MULTIPART, trying to process subparts\n");
00128       l = GMIME_MULTIPART(part)->subparts;
00129       while (l) {
00130          process_message_callback(l->data, cbinfo);
00131          l = l->next;
00132       }
00133    } else if (GMIME_IS_PART(part)) {
00134       const char *filename;
00135 
00136       if (ast_strlen_zero(filename = g_mime_part_get_filename(GMIME_PART(part)))) {
00137          ast_debug(1, "Skipping part with no filename\n");
00138          return;
00139       }
00140 
00141       post_raw(GMIME_PART(part), cbinfo->post_dir, filename);
00142    } else {
00143       ast_log(LOG_ERROR, "Encountered unknown MIME part. This should never happen!\n");
00144    }
00145 }
00146 
00147 static int process_message(GMimeMessage *message, const char *post_dir)
00148 {
00149    struct mime_cbinfo cbinfo = {
00150       .count = 0,
00151       .post_dir = post_dir,
00152    };
00153 
00154    g_mime_message_foreach_part(message, process_message_callback, &cbinfo);
00155 
00156    return cbinfo.count;
00157 }
00158 
00159 
00160 /* Find a sequence of bytes within a binary array. */
00161 static int find_sequence(char * inbuf, int inlen, char * matchbuf, int matchlen)
00162 {
00163    int current;
00164    int comp;
00165    int found = 0;
00166 
00167    for (current = 0; current < inlen-matchlen; current++, inbuf++) {
00168       if (*inbuf == *matchbuf) {
00169          found=1;
00170          for (comp = 1; comp < matchlen; comp++) {
00171             if (inbuf[comp] != matchbuf[comp]) {
00172                found = 0;
00173                break;
00174             }
00175          }
00176          if (found) {
00177             break;
00178          }
00179       }
00180    }
00181    if (found) {
00182       return current;
00183    } else {
00184       return -1;
00185    }
00186 }
00187 
00188 /*
00189 * The following is a work around to deal with how IE7 embeds the local file name
00190 * within the Mime header using full WINDOWS file path with backslash directory delimiters.
00191 * This section of code attempts to isolate the directory path and remove it
00192 * from what is written into the output file.  In addition, it changes
00193 * esc chars (i.e. backslashes) to forward slashes.
00194 * This function has two modes.  The first to find a boundary marker.  The
00195 * second is to find the filename immediately after the boundary.
00196 */
00197 static int readmimefile(FILE * fin, FILE * fout, char * boundary, int contentlen)
00198 {
00199    int find_filename = 0;
00200    char buf[4096];
00201    int marker;
00202    int x;
00203    int char_in_buf = 0;
00204    int num_to_read;
00205    int boundary_len;
00206    char * path_end, * path_start, * filespec;
00207 
00208    if (NULL == fin || NULL == fout || NULL == boundary || 0 >= contentlen) {
00209       return -1;
00210    }
00211 
00212    boundary_len = strlen(boundary);
00213    while (0 < contentlen || 0 < char_in_buf) {
00214       /* determine how much I will read into the buffer */
00215       if (contentlen > sizeof(buf) - char_in_buf) {
00216          num_to_read = sizeof(buf)- char_in_buf;
00217       } else {
00218          num_to_read = contentlen;
00219       }
00220 
00221       if (0 < num_to_read) {
00222          if (fread(&(buf[char_in_buf]), 1, num_to_read, fin) < num_to_read) {
00223             ast_log(LOG_WARNING, "fread() failed: %s\n", strerror(errno));
00224             num_to_read = 0;
00225          }
00226          contentlen -= num_to_read;
00227          char_in_buf += num_to_read;
00228       }
00229       /* If I am looking for the filename spec */
00230       if (find_filename) {
00231          path_end = filespec = NULL;
00232          x = strlen("filename=\"");
00233          marker = find_sequence(buf, char_in_buf, "filename=\"", x );
00234          if (0 <= marker) {
00235             marker += x;  /* Index beyond the filename marker */
00236             path_start = &buf[marker];
00237             for (path_end = path_start, x = 0; x < char_in_buf-marker; x++, path_end++) {
00238                if ('\\' == *path_end) {   /* convert backslashses to forward slashes */
00239                   *path_end = '/';
00240                }
00241                if ('\"' == *path_end) {   /* If at the end of the file name spec */
00242                   *path_end = '\0';    /* temporarily null terminate the file spec for basename */
00243                   filespec = basename(path_start);
00244                   *path_end = '\"';
00245                   break;
00246                }
00247             }
00248          }
00249          if (filespec) {   /* If the file name path was found in the header */
00250             if (fwrite(buf, 1, marker, fout) != marker) {
00251                ast_log(LOG_WARNING, "fwrite() failed: %s\n", strerror(errno));
00252             }
00253             x = (int)(path_end+1 - filespec);
00254             if (fwrite(filespec, 1, x, fout) != x) {
00255                ast_log(LOG_WARNING, "fwrite() failed: %s\n", strerror(errno));
00256             }
00257             x = (int)(path_end+1 - buf);
00258             memmove(buf, &(buf[x]), char_in_buf-x);
00259             char_in_buf -= x;
00260          }
00261          find_filename = 0;
00262       } else { /* I am looking for the boundary marker */
00263          marker = find_sequence(buf, char_in_buf, boundary, boundary_len);
00264          if (0 > marker) {
00265             if (char_in_buf < (boundary_len)) {
00266                /*no possibility to find the boundary, write all you have */
00267                if (fwrite(buf, 1, char_in_buf, fout) != char_in_buf) {
00268                   ast_log(LOG_WARNING, "fwrite() failed: %s\n", strerror(errno));
00269                }
00270                char_in_buf = 0;
00271             } else {
00272                /* write all except for area where the boundary marker could be */
00273                if (fwrite(buf, 1, char_in_buf -(boundary_len -1), fout) != char_in_buf - (boundary_len - 1)) {
00274                   ast_log(LOG_WARNING, "fwrite() failed: %s\n", strerror(errno));
00275                }
00276                x = char_in_buf -(boundary_len -1);
00277                memmove(buf, &(buf[x]), char_in_buf-x);
00278                char_in_buf = (boundary_len -1);
00279             }
00280          } else {
00281             /* write up through the boundary, then look for filename in the rest */
00282             if (fwrite(buf, 1, marker + boundary_len, fout) != marker + boundary_len) {
00283                ast_log(LOG_WARNING, "fwrite() failed: %s\n", strerror(errno));
00284             }
00285             x = marker + boundary_len;
00286             memmove(buf, &(buf[x]), char_in_buf-x);
00287             char_in_buf -= marker + boundary_len;
00288             find_filename =1;
00289          }
00290       }
00291    }
00292    return 0;
00293 }
00294 
00295 
00296 static struct ast_str *http_post_callback(struct ast_tcptls_session_instance *ser, const struct ast_http_uri *urih, const char *uri, enum ast_http_method method, struct ast_variable *vars, struct ast_variable *headers, int *status, char **title, int *contentlength)
00297 {
00298    struct ast_variable *var;
00299    unsigned long ident = 0;
00300    FILE *f;
00301    int content_len = 0;
00302    struct ast_str *post_dir;
00303    GMimeMessage *message;
00304    int message_count = 0;
00305    char * boundary_marker = NULL;
00306 
00307    if (!urih) {
00308       return ast_http_error((*status = 400),
00309             (*title = ast_strdup("Missing URI handle")),
00310             NULL, "There was an error parsing the request");
00311    }
00312 
00313    for (var = vars; var; var = var->next) {
00314       if (strcasecmp(var->name, "mansession_id")) {
00315          continue;
00316       }
00317 
00318       if (sscanf(var->value, "%30lx", &ident) != 1) {
00319          return ast_http_error((*status = 400),
00320                      (*title = ast_strdup("Bad Request")),
00321                      NULL, "The was an error parsing the request.");
00322       }
00323 
00324       if (!astman_verify_session_writepermissions(ident, EVENT_FLAG_CONFIG)) {
00325          return ast_http_error((*status = 401),
00326                      (*title = ast_strdup("Unauthorized")),
00327                      NULL, "You are not authorized to make this request.");
00328       }
00329 
00330       break;
00331    }
00332 
00333    if (!var) {
00334       return ast_http_error((*status = 401),
00335                   (*title = ast_strdup("Unauthorized")),
00336                   NULL, "You are not authorized to make this request.");
00337    }
00338 
00339    if (!(f = tmpfile())) {
00340       ast_log(LOG_ERROR, "Could not create temp file.\n");
00341       return NULL;
00342    }
00343 
00344    for (var = headers; var; var = var->next) {
00345       fprintf(f, "%s: %s\r\n", var->name, var->value);
00346 
00347       if (!strcasecmp(var->name, "Content-Length")) {
00348          if ((sscanf(var->value, "%30u", &content_len)) != 1) {
00349             ast_log(LOG_ERROR, "Invalid Content-Length in POST request!\n");
00350             fclose(f);
00351 
00352             return NULL;
00353          }
00354          ast_debug(1, "Got a Content-Length of %d\n", content_len);
00355       } else if (!strcasecmp(var->name, "Content-Type")) {
00356          boundary_marker = strstr(var->value, "boundary=");
00357          if (boundary_marker) {
00358             boundary_marker += strlen("boundary=");
00359          }
00360       }
00361    }
00362 
00363    fprintf(f, "\r\n");
00364 
00365    if (0 > readmimefile(ser->f, f, boundary_marker, content_len)) {
00366       if (option_debug) {
00367          ast_log(LOG_DEBUG, "Cannot find boundary marker in POST request.\n");
00368       }
00369       fclose(f);
00370       
00371       return NULL;
00372    }
00373 
00374    if (fseek(f, SEEK_SET, 0)) {
00375       ast_log(LOG_ERROR, "Failed to seek temp file back to beginning.\n");
00376       fclose(f);
00377 
00378       return NULL;
00379    }
00380 
00381    post_dir = urih->data;
00382 
00383    message = parse_message(f); /* Takes ownership and will close f */
00384 
00385    if (!message) {
00386       ast_log(LOG_ERROR, "Error parsing MIME data\n");
00387 
00388       return ast_http_error((*status = 400),
00389                   (*title = ast_strdup("Bad Request")),
00390                   NULL, "The was an error parsing the request.");
00391    }
00392 
00393    if (!(message_count = process_message(message, ast_str_buffer(post_dir)))) {
00394       ast_log(LOG_ERROR, "Invalid MIME data, found no parts!\n");
00395       g_object_unref(message);
00396       return ast_http_error((*status = 400),
00397                   (*title = ast_strdup("Bad Request")),
00398                   NULL, "The was an error parsing the request.");
00399    }
00400 
00401    g_object_unref(message);
00402 
00403    return ast_http_error((*status = 200),
00404                (*title = ast_strdup("OK")),
00405                NULL, "File successfully uploaded.");
00406 }
00407 
00408 static int __ast_http_post_load(int reload)
00409 {
00410    struct ast_config *cfg;
00411    struct ast_variable *v;
00412    struct ast_flags config_flags = { reload ? CONFIG_FLAG_FILEUNCHANGED : 0 };
00413 
00414    cfg = ast_config_load2("http.conf", "http", config_flags);
00415    if (cfg == CONFIG_STATUS_FILEMISSING || cfg == CONFIG_STATUS_FILEUNCHANGED || cfg == CONFIG_STATUS_FILEINVALID) {
00416       return 0;
00417    }
00418 
00419    if (reload) {
00420       ast_http_uri_unlink_all_with_key(__FILE__);
00421    }
00422 
00423    if (cfg) {
00424       for (v = ast_variable_browse(cfg, "general"); v; v = v->next) {
00425          if (!strcasecmp(v->name, "prefix")) {
00426             ast_copy_string(prefix, v->value, sizeof(prefix));
00427             if (prefix[strlen(prefix)] == '/') {
00428                prefix[strlen(prefix)] = '\0';
00429             }
00430          }
00431       }
00432 
00433       for (v = ast_variable_browse(cfg, "post_mappings"); v; v = v->next) {
00434          struct ast_http_uri *urih;
00435          struct ast_str *ds;
00436 
00437          if (!(urih = ast_calloc(sizeof(*urih), 1))) {
00438             ast_config_destroy(cfg);
00439             return -1;
00440          }
00441 
00442          if (!(ds = ast_str_create(32))) {
00443             ast_free(urih);
00444             ast_config_destroy(cfg);
00445             return -1;
00446          }
00447 
00448          urih->description = ast_strdup("HTTP POST mapping");
00449          urih->uri = ast_strdup(v->name);
00450          ast_str_set(&ds, 0, "%s", v->value);
00451          urih->data = ds;
00452          urih->has_subtree = 0;
00453          urih->supports_get = 0;
00454          urih->supports_post = 1;
00455          urih->callback = http_post_callback;
00456          urih->key = __FILE__;
00457          urih->mallocd = urih->dmallocd = 1;
00458 
00459          ast_http_uri_link(urih);
00460       }
00461 
00462       ast_config_destroy(cfg);
00463    }
00464    return 0;
00465 }
00466 
00467 static int unload_module(void)
00468 {
00469    ast_http_uri_unlink_all_with_key(__FILE__);
00470 
00471    return 0;
00472 }
00473 
00474 static int reload(void)
00475 {
00476    __ast_http_post_load(1);
00477 
00478    return AST_MODULE_LOAD_SUCCESS;
00479 }
00480 
00481 static int load_module(void)
00482 {
00483    g_mime_init(0);
00484 
00485    __ast_http_post_load(0);
00486 
00487    return AST_MODULE_LOAD_SUCCESS;
00488 }
00489 
00490 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_DEFAULT, "HTTP POST support",
00491    .load = load_module,
00492    .unload = unload_module,
00493    .reload = reload,
00494 );