proxy_ftp.c revision 05b232c7bd0b185d329bab8a30eefe1ca38bd6b8
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding/* ====================================================================
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * The Apache Software License, Version 1.1
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding *
bc8fd1b0b1afdf89b8d28eefa8cd74e26ba97986fielding * Copyright (c) 2000-2001 The Apache Software Foundation. All rights
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * reserved.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * Redistribution and use in source and binary forms, with or without
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * modification, are permitted provided that the following conditions
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * are met:
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * 1. Redistributions of source code must retain the above copyright
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * notice, this list of conditions and the following disclaimer.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * 2. Redistributions in binary form must reproduce the above copyright
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * notice, this list of conditions and the following disclaimer in
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * the documentation and/or other materials provided with the
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * distribution.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * 3. The end-user documentation included with the redistribution,
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * if any, must include the following acknowledgment:
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * "This product includes software developed by the
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * Apache Software Foundation (http://www.apache.org/)."
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * Alternately, this acknowledgment may appear in the software itself,
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * if and wherever such third-party acknowledgments normally appear.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * 4. The names "Apache" and "Apache Software Foundation" must
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * not be used to endorse or promote products derived from this
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * software without prior written permission. For written
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * permission, please contact apache@apache.org.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * 5. Products derived from this software may not be called "Apache",
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * nor may "Apache" appear in their name, without prior written
64185f9824e42f21ca7b9ae6c004484215c031a7rbb * permission of the Apache Software Foundation.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * SUCH DAMAGE.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * ====================================================================
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * This software consists of voluntary contributions made by many
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * individuals on behalf of the Apache Software Foundation. For more
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * information on the Apache Software Foundation, please see
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * <http://www.apache.org/>.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding *
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * Portions of this software are based upon public domain software
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * originally written at the National Center for Supercomputing Applications,
ab2c1c1c83ec91415565da5a71fbc15d9685caa6fielding * University of Illinois, Urbana-Champaign.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding */
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding
3568de757bac0b47256647504c186d17ca272f85rbb/* FTP routines for Apache proxy */
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb#include "mod_proxy.h"
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb#define AUTODETECT_PWD
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb/*
3568de757bac0b47256647504c186d17ca272f85rbb * Decodes a '%' escaped string, and returns the number of characters
3568de757bac0b47256647504c186d17ca272f85rbb */
3568de757bac0b47256647504c186d17ca272f85rbbstatic int decodeenc(char *x)
3568de757bac0b47256647504c186d17ca272f85rbb{
3568de757bac0b47256647504c186d17ca272f85rbb int i, j, ch;
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb if (x[0] == '\0')
3568de757bac0b47256647504c186d17ca272f85rbb return 0; /* special case for no characters */
3568de757bac0b47256647504c186d17ca272f85rbb for (i = 0, j = 0; x[i] != '\0'; i++, j++) {
3568de757bac0b47256647504c186d17ca272f85rbb/* decode it if not already done */
3568de757bac0b47256647504c186d17ca272f85rbb ch = x[i];
3568de757bac0b47256647504c186d17ca272f85rbb if (ch == '%' && ap_isxdigit(x[i + 1]) && ap_isxdigit(x[i + 2])) {
3568de757bac0b47256647504c186d17ca272f85rbb ch = ap_proxy_hex2c(&x[i + 1]);
3568de757bac0b47256647504c186d17ca272f85rbb i += 2;
3568de757bac0b47256647504c186d17ca272f85rbb }
3568de757bac0b47256647504c186d17ca272f85rbb x[j] = ch;
3568de757bac0b47256647504c186d17ca272f85rbb }
3568de757bac0b47256647504c186d17ca272f85rbb x[j] = '\0';
3568de757bac0b47256647504c186d17ca272f85rbb return j;
3568de757bac0b47256647504c186d17ca272f85rbb}
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb/*
3568de757bac0b47256647504c186d17ca272f85rbb * checks an encoded ftp string for bad characters, namely, CR, LF or
3568de757bac0b47256647504c186d17ca272f85rbb * non-ascii character
3568de757bac0b47256647504c186d17ca272f85rbb */
3568de757bac0b47256647504c186d17ca272f85rbbstatic int ftp_check_string(const char *x)
3568de757bac0b47256647504c186d17ca272f85rbb{
3568de757bac0b47256647504c186d17ca272f85rbb int i, ch = 0;
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb for (i = 0; x[i] != '\0'; i++) {
3568de757bac0b47256647504c186d17ca272f85rbb ch = x[i];
3568de757bac0b47256647504c186d17ca272f85rbb if (ch == '%' && ap_isxdigit(x[i + 1]) && ap_isxdigit(x[i + 2])) {
3568de757bac0b47256647504c186d17ca272f85rbb ch = ap_proxy_hex2c(&x[i + 1]);
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding i += 2;
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding }
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding#if !APR_CHARSET_EBCDIC
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding if (ch == '\015' || ch == '\012' || (ch & 0x80))
3568de757bac0b47256647504c186d17ca272f85rbb#else /*APR_CHARSET_EBCDIC*/
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick if (ch == '\r' || ch == '\n' || (os_toascii[ch] & 0x80))
3568de757bac0b47256647504c186d17ca272f85rbb#endif /*APR_CHARSET_EBCDIC*/
3568de757bac0b47256647504c186d17ca272f85rbb return 0;
3568de757bac0b47256647504c186d17ca272f85rbb }
3568de757bac0b47256647504c186d17ca272f85rbb return 1;
db12cd62083041bf90945eeb90cc40fbd2340797trawick}
db12cd62083041bf90945eeb90cc40fbd2340797trawick
db12cd62083041bf90945eeb90cc40fbd2340797trawick/*
333eac96e4fb7d6901cb75e6ca7bb22b2ccb84cetrawick * Canonicalise ftp URLs.
333eac96e4fb7d6901cb75e6ca7bb22b2ccb84cetrawick */
3568de757bac0b47256647504c186d17ca272f85rbbint ap_proxy_ftp_canon(request_rec *r, char *url)
3568de757bac0b47256647504c186d17ca272f85rbb{
3568de757bac0b47256647504c186d17ca272f85rbb char *user, *password, *host, *path, *parms, *strp, sport[7];
3568de757bac0b47256647504c186d17ca272f85rbb apr_pool_t *p = r->pool;
3568de757bac0b47256647504c186d17ca272f85rbb const char *err;
3568de757bac0b47256647504c186d17ca272f85rbb int port;
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb port = DEFAULT_FTP_PORT;
3568de757bac0b47256647504c186d17ca272f85rbb err = ap_proxy_canon_netloc(p, &url, &user, &password, &host, &port);
3568de757bac0b47256647504c186d17ca272f85rbb if (err)
3568de757bac0b47256647504c186d17ca272f85rbb return HTTP_BAD_REQUEST;
3568de757bac0b47256647504c186d17ca272f85rbb if (user != NULL && !ftp_check_string(user))
3568de757bac0b47256647504c186d17ca272f85rbb return HTTP_BAD_REQUEST;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (password != NULL && !ftp_check_string(password))
3568de757bac0b47256647504c186d17ca272f85rbb return HTTP_BAD_REQUEST;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz/* now parse path/parameters args, according to rfc1738 */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz/* N.B. if this isn't a true proxy request, then the URL path
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * (but not query args) has already been decoded.
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz * This gives rise to the problem of a ; being decoded into the
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding * path.
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding */
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding strp = strchr(url, ';');
8f3ec4772d2aeb347cf40e87c77627bb784dd018rbb if (strp != NULL) {
8f3ec4772d2aeb347cf40e87c77627bb784dd018rbb *(strp++) = '\0';
3d96ee83babeec32482c9082c9426340cee8c44dwrowe parms = ap_proxy_canonenc(p, strp, strlen(strp), enc_parm,
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding r->proxyreq);
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick if (parms == NULL)
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick return HTTP_BAD_REQUEST;
3568de757bac0b47256647504c186d17ca272f85rbb }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz else
3568de757bac0b47256647504c186d17ca272f85rbb parms = "";
3568de757bac0b47256647504c186d17ca272f85rbb
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz path = ap_proxy_canonenc(p, url, strlen(url), enc_path, r->proxyreq);
3568de757bac0b47256647504c186d17ca272f85rbb if (path == NULL)
3568de757bac0b47256647504c186d17ca272f85rbb return HTTP_BAD_REQUEST;
3568de757bac0b47256647504c186d17ca272f85rbb if (!ftp_check_string(path))
3568de757bac0b47256647504c186d17ca272f85rbb return HTTP_BAD_REQUEST;
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb if (r->proxyreq && r->args != NULL) {
3568de757bac0b47256647504c186d17ca272f85rbb if (strp != NULL) {
3568de757bac0b47256647504c186d17ca272f85rbb strp = ap_proxy_canonenc(p, r->args, strlen(r->args), enc_parm, 1);
3568de757bac0b47256647504c186d17ca272f85rbb if (strp == NULL)
3568de757bac0b47256647504c186d17ca272f85rbb return HTTP_BAD_REQUEST;
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding parms = apr_pstrcat(p, parms, "?", strp, NULL);
3568de757bac0b47256647504c186d17ca272f85rbb }
3568de757bac0b47256647504c186d17ca272f85rbb else {
3568de757bac0b47256647504c186d17ca272f85rbb strp = ap_proxy_canonenc(p, r->args, strlen(r->args), enc_fpath, 1);
3568de757bac0b47256647504c186d17ca272f85rbb if (strp == NULL)
3568de757bac0b47256647504c186d17ca272f85rbb return HTTP_BAD_REQUEST;
3568de757bac0b47256647504c186d17ca272f85rbb path = apr_pstrcat(p, path, "?", strp, NULL);
41634f717c623556a16b27b25d7d909a66fe20f8wrowe }
3568de757bac0b47256647504c186d17ca272f85rbb r->args = NULL;
3568de757bac0b47256647504c186d17ca272f85rbb }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
3568de757bac0b47256647504c186d17ca272f85rbb/* now, rebuild URL */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
3568de757bac0b47256647504c186d17ca272f85rbb if (port != DEFAULT_FTP_PORT)
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz apr_snprintf(sport, sizeof(sport), ":%d", port);
3568de757bac0b47256647504c186d17ca272f85rbb else
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz sport[0] = '\0';
3568de757bac0b47256647504c186d17ca272f85rbb
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding r->filename = apr_pstrcat(p, "proxy:ftp://", (user != NULL) ? user : "",
41634f717c623556a16b27b25d7d909a66fe20f8wrowe (password != NULL) ? ":" : "",
3568de757bac0b47256647504c186d17ca272f85rbb (password != NULL) ? password : "",
3568de757bac0b47256647504c186d17ca272f85rbb (user != NULL) ? "@" : "", host, sport, "/", path,
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz (parms[0] != '\0') ? ";" : "", parms, NULL);
3568de757bac0b47256647504c186d17ca272f85rbb
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz return OK;
3568de757bac0b47256647504c186d17ca272f85rbb}
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding/* we chop lines longer than 80 characters */
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding#define MAX_LINE_LEN 80
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
3568de757bac0b47256647504c186d17ca272f85rbb/*
fc1efab92032301e317f07e1b3a00082d9d71f3frbb * Reads response lines, returns both the ftp status code and
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz * remembers the response message in the supplied buffer
24b534291150023e6b68eca89ddd33e475ccddc0wrowe */
3568de757bac0b47256647504c186d17ca272f85rbbstatic int ftp_getrc_msg(conn_rec *c, apr_bucket_brigade *bb, char *msgbuf, int msglen)
24b534291150023e6b68eca89ddd33e475ccddc0wrowe{
3568de757bac0b47256647504c186d17ca272f85rbb int status;
24b534291150023e6b68eca89ddd33e475ccddc0wrowe char response[MAX_LINE_LEN];
24b534291150023e6b68eca89ddd33e475ccddc0wrowe char buff[5];
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz char *mb = msgbuf,
3568de757bac0b47256647504c186d17ca272f85rbb *me = &msgbuf[msglen];
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz apr_status_t rv;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz int eos;
3568de757bac0b47256647504c186d17ca272f85rbb
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (APR_SUCCESS != (rv = ap_proxy_string_read(c, bb, response, sizeof(response), &eos))) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz return -1;
3568de757bac0b47256647504c186d17ca272f85rbb }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (!apr_isdigit(response[0]) || !apr_isdigit(response[1]) ||
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz !apr_isdigit(response[2]) || (response[3] != ' ' && response[3] != '-'))
3568de757bac0b47256647504c186d17ca272f85rbb status = 0;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz else
3568de757bac0b47256647504c186d17ca272f85rbb status = 100 * response[0] + 10 * response[1] + response[2] - 111 * '0';
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb mb = apr_cpystrn(mb, response+4, me - mb);
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb if (response[3] == '-') {
3568de757bac0b47256647504c186d17ca272f85rbb memcpy(buff, response, 3);
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz buff[3] = ' ';
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz do {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (APR_SUCCESS != (rv = ap_proxy_string_read(c, bb, response, sizeof(response), &eos))) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz return -1;
3568de757bac0b47256647504c186d17ca272f85rbb }
3568de757bac0b47256647504c186d17ca272f85rbb mb = apr_cpystrn(mb, response + (' ' == response[0] ? 1 : 4), me - mb);
3568de757bac0b47256647504c186d17ca272f85rbb } while (memcmp(response, buff, 4) != 0);
3568de757bac0b47256647504c186d17ca272f85rbb }
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb return status;
3568de757bac0b47256647504c186d17ca272f85rbb}
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
3568de757bac0b47256647504c186d17ca272f85rbb/* this is a filter that turns a raw ASCII directory listing into pretty HTML */
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb/* ideally, mod_proxy should simply send the raw directory list up the filter
3568de757bac0b47256647504c186d17ca272f85rbb * stack to mod_autoindex, which in theory should turn the raw ascii into
3568de757bac0b47256647504c186d17ca272f85rbb * pretty html along with all the bells and whistles it provides...
3568de757bac0b47256647504c186d17ca272f85rbb *
3568de757bac0b47256647504c186d17ca272f85rbb * all in good time...! :)
3568de757bac0b47256647504c186d17ca272f85rbb */
3568de757bac0b47256647504c186d17ca272f85rbb
0f081398cf0eef8cc7c66a535d450110a92dc8aefieldingtypedef struct {
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding apr_bucket_brigade *in;
3568de757bac0b47256647504c186d17ca272f85rbb char buffer[MAX_STRING_LEN];
239f998fbee5ac5b114b965bb76e217cce0003edstoddard enum {HEADER, BODY, FOOTER} state;
78ae889ffe0fdfab72f56c6993b0f302cb48da55rbb} proxy_dir_ctx_t;
3568de757bac0b47256647504c186d17ca272f85rbb
6653a33e820463abd4f81915b7a1eba0f602e200brianpapr_status_t ap_proxy_send_dir_filter(ap_filter_t *f, apr_bucket_brigade *in)
6653a33e820463abd4f81915b7a1eba0f602e200brianp{
6653a33e820463abd4f81915b7a1eba0f602e200brianp request_rec *r = f->r;
41634f717c623556a16b27b25d7d909a66fe20f8wrowe apr_pool_t *p = r->pool;
41634f717c623556a16b27b25d7d909a66fe20f8wrowe apr_bucket *e;
6653a33e820463abd4f81915b7a1eba0f602e200brianp apr_bucket_brigade *out = apr_brigade_create(p);
3568de757bac0b47256647504c186d17ca272f85rbb apr_status_t rv;
ad83978f20c7d1a4323059d9af122e56fcd353bdstoddard
6653a33e820463abd4f81915b7a1eba0f602e200brianp register int n;
3568de757bac0b47256647504c186d17ca272f85rbb char *dir, *path, *reldir, *site, *str;
6653a33e820463abd4f81915b7a1eba0f602e200brianp
6653a33e820463abd4f81915b7a1eba0f602e200brianp const char *pwd = apr_table_get(r->notes, "Directory-PWD");
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm const char *readme = apr_table_get(r->notes, "Directory-README");
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick proxy_dir_ctx_t *ctx = f->ctx;
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick if (!ctx) {
3568de757bac0b47256647504c186d17ca272f85rbb f->ctx = ctx = apr_pcalloc(p, sizeof(*ctx));
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding ctx->in = apr_brigade_create(p);
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz ctx->buffer[0] = 0;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz ctx->state = HEADER;
ca53a74f4012a45cbad48e940eddf27d866981f9dougm }
ca53a74f4012a45cbad48e940eddf27d866981f9dougm
ca53a74f4012a45cbad48e940eddf27d866981f9dougm /* combine the stored and the new */
6653a33e820463abd4f81915b7a1eba0f602e200brianp APR_BRIGADE_CONCAT(ctx->in, in);
6653a33e820463abd4f81915b7a1eba0f602e200brianp
6653a33e820463abd4f81915b7a1eba0f602e200brianp if (HEADER == ctx->state) {
6653a33e820463abd4f81915b7a1eba0f602e200brianp
6653a33e820463abd4f81915b7a1eba0f602e200brianp /* Save "scheme://site" prefix without password */
6653a33e820463abd4f81915b7a1eba0f602e200brianp site = ap_unparse_uri_components(p, &f->r->parsed_uri, UNP_OMITPASSWORD|UNP_OMITPATHINFO);
6653a33e820463abd4f81915b7a1eba0f602e200brianp /* ... and path without query args */
6653a33e820463abd4f81915b7a1eba0f602e200brianp path = ap_unparse_uri_components(p, &f->r->parsed_uri, UNP_OMITSITEPART|UNP_OMITQUERY);
6653a33e820463abd4f81915b7a1eba0f602e200brianp (void)decodeenc(path);
6653a33e820463abd4f81915b7a1eba0f602e200brianp
6653a33e820463abd4f81915b7a1eba0f602e200brianp /* Copy path, strip (all except the last) trailing slashes */
6653a33e820463abd4f81915b7a1eba0f602e200brianp path = dir = apr_pstrcat(p, path, "/", NULL);
6653a33e820463abd4f81915b7a1eba0f602e200brianp while ((n = strlen(path)) > 1 && path[n-1] == '/' && path[n-2] == '/')
6653a33e820463abd4f81915b7a1eba0f602e200brianp path[n-1] = '\0';
6653a33e820463abd4f81915b7a1eba0f602e200brianp
6653a33e820463abd4f81915b7a1eba0f602e200brianp /* print "ftp://host/" */
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick str = apr_psprintf(p, DOCTYPE_HTML_3_2
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick "\n\n<HTML>\n<HEAD>\n<TITLE>%s%s</TITLE>\n"
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick "<BASE HREF=\"%s%s\">\n</HEAD>\n\n"
239f998fbee5ac5b114b965bb76e217cce0003edstoddard "<BODY>\n\n<H2>Directory of "
3568de757bac0b47256647504c186d17ca272f85rbb "<A HREF=\"/\">%s</A>/",
3568de757bac0b47256647504c186d17ca272f85rbb site, path, site, path, site);
3568de757bac0b47256647504c186d17ca272f85rbb
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard e = apr_bucket_pool_create(str, strlen(str), p);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard APR_BRIGADE_INSERT_TAIL(out, e);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
3568de757bac0b47256647504c186d17ca272f85rbb while ((dir = strchr(dir+1, '/')) != NULL)
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz {
48d2edbfb84e5559b5da0f8d614ccab805cc67a8rbb *dir = '\0';
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding if ((reldir = strrchr(path+1, '/'))==NULL)
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard reldir = path+1;
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding else
e0d102c882a7ed34d3eec24b36da49f097066a36stoddard ++reldir;
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding /* print "path/" component */
3568de757bac0b47256647504c186d17ca272f85rbb str = apr_psprintf(p, "<A HREF=\"/%s/\">%s</A>/", path+1, reldir);
3568de757bac0b47256647504c186d17ca272f85rbb e = apr_bucket_pool_create(str, strlen(str), p);
3568de757bac0b47256647504c186d17ca272f85rbb APR_BRIGADE_INSERT_TAIL(out, e);
3568de757bac0b47256647504c186d17ca272f85rbb *dir = '/';
3568de757bac0b47256647504c186d17ca272f85rbb }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard /* If the caller has determined the current directory, and it differs */
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard /* from what the client requested, then show the real name */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (pwd == NULL || strncmp (pwd, path, strlen(pwd)) == 0) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz str = apr_psprintf(p, "</H2>\n\n<HR></HR>\n\n<PRE>");
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard } else {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard str = apr_psprintf(p, "</H2>\n\n(%s)\n\n<HR></HR>\n\n<PRE>", pwd);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz e = apr_bucket_pool_create(str, strlen(str), p);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard APR_BRIGADE_INSERT_TAIL(out, e);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard /* print README */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (readme) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz str = apr_psprintf(p, "%s\n</PRE>\n\n<HR></HR>\n\n<PRE>\n",
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz readme);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard e = apr_bucket_pool_create(str, strlen(str), p);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard APR_BRIGADE_INSERT_TAIL(out, e);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard /* make sure page intro gets sent out */
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard e = apr_bucket_flush_create();
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard APR_BRIGADE_INSERT_TAIL(out, e);
e0d102c882a7ed34d3eec24b36da49f097066a36stoddard if (APR_SUCCESS != (rv = ap_pass_brigade(f->next, out))) {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard return rv;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_brigade_cleanup(out);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz ctx->state = BODY;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
3568de757bac0b47256647504c186d17ca272f85rbb /* loop through each line of directory */
3568de757bac0b47256647504c186d17ca272f85rbb while (BODY == ctx->state) {
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding char *filename;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard int found = 0;
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding int eos = 0;
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick ctx->buffer[0] = 0;
98cd3186185bb28ae6c95a3f159899fcf56a663ftrawick
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick /* get a complete line */
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick while (!found && !APR_BRIGADE_EMPTY(ctx->in)) {
3568de757bac0b47256647504c186d17ca272f85rbb char *pos, *response;
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm apr_size_t len, max;
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm e = APR_BRIGADE_FIRST(ctx->in);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard if (APR_BUCKET_IS_EOS(e)) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz eos = 1;
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm break;
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm }
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm if (APR_SUCCESS != (rv = apr_bucket_read(e, (const char **)&response, &len, APR_BLOCK_READ))) {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard return rv;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard pos = memchr(response, APR_ASCII_LF, len);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard if (pos != NULL) {
5a0f707b48da7703cbe6bc087f13a6735b1c742dgregames if ((pos - response + 1) != len) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz apr_bucket_split(e, pos - response + 1);
5a0f707b48da7703cbe6bc087f13a6735b1c742dgregames }
5a0f707b48da7703cbe6bc087f13a6735b1c742dgregames found = 1;
5a0f707b48da7703cbe6bc087f13a6735b1c742dgregames }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard max = sizeof(ctx->buffer)-strlen(ctx->buffer)-1;
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm if (len > max) {
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm len = max;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_cpystrn(ctx->buffer+strlen(ctx->buffer), response, len);
ad83978f20c7d1a4323059d9af122e56fcd353bdstoddard APR_BUCKET_REMOVE(e);
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm apr_bucket_destroy(e);
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm }
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm /* EOS? jump to footer */
ad83978f20c7d1a4323059d9af122e56fcd353bdstoddard if (eos) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz ctx->state = FOOTER;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard break;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard /* not complete? leave and try get some more */
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard if (!found) {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard return APR_SUCCESS;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddardap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
3568de757bac0b47256647504c186d17ca272f85rbb "proxy: directory line: [%s]", ctx->buffer);
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm
3568de757bac0b47256647504c186d17ca272f85rbb /* a symlink? */
3568de757bac0b47256647504c186d17ca272f85rbb if (ctx->buffer[0] == 'l' && (filename=strstr(ctx->buffer, " -> ")) != NULL) {
74fd6d9aeadb9022086259c5c1ae00bc0dda9c9astoddard char *link_ptr = filename;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz do {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz filename--;
3568de757bac0b47256647504c186d17ca272f85rbb } while (filename[0] != ' ');
3568de757bac0b47256647504c186d17ca272f85rbb *(filename++) = '\0';
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard *(link_ptr++) = '\0';
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard if ((n = strlen(link_ptr)) > 1 && link_ptr[n - 1] == '\n')
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard link_ptr[n - 1] = '\0';
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard str = apr_psprintf(p, "%s <A HREF=\"%s\">%s %s</A>\n", ctx->buffer, filename, filename, link_ptr);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard /* a directory/file? */
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard else if (ctx->buffer[0] == 'd' || ctx->buffer[0] == '-' || ctx->buffer[0] == 'l' || apr_isdigit(ctx->buffer[0])) {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard int searchidx = 0;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard char *searchptr = NULL;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz int firstfile = 1;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (apr_isdigit(ctx->buffer[0])) { /* handle DOS dir */
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard searchptr = strchr(ctx->buffer, '<');
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (searchptr != NULL)
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz *searchptr = '[';
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz searchptr = strchr(ctx->buffer, '>');
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard if (searchptr != NULL)
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz *searchptr = ']';
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard filename = strrchr(ctx->buffer, ' ');
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard *(filename++) = 0;
3568de757bac0b47256647504c186d17ca272f85rbb filename[strlen(filename) - 1] = 0;
3568de757bac0b47256647504c186d17ca272f85rbb
3568de757bac0b47256647504c186d17ca272f85rbb /* handle filenames with spaces in 'em */
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard if (!strcmp(filename, ".") || !strcmp(filename, "..") || firstfile) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz firstfile = 0;
f714f1a7002928d785e53e70349700a7f595fee3trawick searchidx = filename - ctx->buffer;
f714f1a7002928d785e53e70349700a7f595fee3trawick }
3568de757bac0b47256647504c186d17ca272f85rbb else if (searchidx != 0 && ctx->buffer[searchidx] != 0) {
ad83978f20c7d1a4323059d9af122e56fcd353bdstoddard *(--filename) = ' ';
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz ctx->buffer[searchidx - 1] = 0;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz filename = &ctx->buffer[searchidx];
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
3568de757bac0b47256647504c186d17ca272f85rbb /* Special handling for '.' and '..' */
3568de757bac0b47256647504c186d17ca272f85rbb if (!strcmp(filename, ".") || !strcmp(filename, "..") || ctx->buffer[0] == 'd') {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard str = apr_psprintf(p, "%s <A HREF=\"%s/\">%s</A>\n",
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard ctx->buffer, filename, filename);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard else {
3568de757bac0b47256647504c186d17ca272f85rbb str = apr_psprintf(p, "%s <A HREF=\"%s\">%s</A>\n",
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard ctx->buffer, filename, filename);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
3568de757bac0b47256647504c186d17ca272f85rbb
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard e = apr_bucket_pool_create(str, strlen(str), p);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard APR_BRIGADE_INSERT_TAIL(out, e);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard e = apr_bucket_flush_create();
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard APR_BRIGADE_INSERT_TAIL(out, e);
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (APR_SUCCESS != (rv = ap_pass_brigade(f->next, out))) {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard return rv;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_brigade_cleanup(out);
3568de757bac0b47256647504c186d17ca272f85rbb
ad83978f20c7d1a4323059d9af122e56fcd353bdstoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard if (FOOTER == ctx->state) {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard str = apr_psprintf(p, "</PRE>\n\n<HR></HR>\n\n%s\n\n</BODY>\n</HTML>\n", ap_psignature("", r));
3568de757bac0b47256647504c186d17ca272f85rbb e = apr_bucket_pool_create(str, strlen(str), p);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard APR_BRIGADE_INSERT_TAIL(out, e);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard e = apr_bucket_flush_create();
3568de757bac0b47256647504c186d17ca272f85rbb APR_BRIGADE_INSERT_TAIL(out, e);
3568de757bac0b47256647504c186d17ca272f85rbb
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard e = apr_bucket_eos_create();
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard APR_BRIGADE_INSERT_TAIL(out, e);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
3568de757bac0b47256647504c186d17ca272f85rbb if (APR_SUCCESS != (rv = ap_pass_brigade(f->next, out))) {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard return rv;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_brigade_destroy(out);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard }
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
3568de757bac0b47256647504c186d17ca272f85rbb return APR_SUCCESS;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard}
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard/* Common routine for failed authorization (i.e., missing or wrong password)
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard * to an ftp service. This causes most browsers to retry the request
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard * with username and password (which was presumably queried from the user)
3568de757bac0b47256647504c186d17ca272f85rbb * supplied in the Authorization: header.
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard * Note that we "invent" a realm name which consists of the
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz * ftp://user@host part of the reqest (sans password -if supplied but invalid-)
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz */
3568de757bac0b47256647504c186d17ca272f85rbbstatic int ftp_unauthorized (request_rec *r, int log_it)
3568de757bac0b47256647504c186d17ca272f85rbb{
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz r->proxyreq = PROXYREQ_NONE;
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz /* Log failed requests if they supplied a password
3568de757bac0b47256647504c186d17ca272f85rbb * (log username/password guessing attempts)
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard */
3568de757bac0b47256647504c186d17ca272f85rbb if (log_it)
3568de757bac0b47256647504c186d17ca272f85rbb ap_log_rerror(APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, 0, r,
3568de757bac0b47256647504c186d17ca272f85rbb "proxy: missing or failed auth to %s",
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard ap_unparse_uri_components(r->pool,
3568de757bac0b47256647504c186d17ca272f85rbb &r->parsed_uri, UNP_OMITPATHINFO));
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
3568de757bac0b47256647504c186d17ca272f85rbb apr_table_setn(r->err_headers_out, "WWW-Authenticate",
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick apr_pstrcat(r->pool, "Basic realm=\"",
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick ap_unparse_uri_components(r->pool, &r->parsed_uri,
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick UNP_OMITPASSWORD|UNP_OMITPATHINFO),
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard "\"", NULL));
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz return HTTP_UNAUTHORIZED;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard}
beb70d51e435dc36c56a72b6cd83556c04db9283wrowe
fe6baec9bbcd36f932b71a355120cd7b5a685d6cfielding
3568de757bac0b47256647504c186d17ca272f85rbb/*
3568de757bac0b47256647504c186d17ca272f85rbb * Handles direct access of ftp:// URLs
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard * Original (Non-PASV) version from
3568de757bac0b47256647504c186d17ca272f85rbb * Troy Morrison <spiffnet@zoom.com>
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard * PASV added by Chuck
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard * Filters by [Graham Leggett <minfrin@sharp.fm>]
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard */
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddardint ap_proxy_ftp_handler(request_rec *r, char *url)
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard{
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_pool_t *p = r->pool;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard conn_rec *c = r->connection;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_socket_t *sock, *local_sock, *remote_sock;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_sockaddr_t *connect_addr;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_status_t rv;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard conn_rec *origin, *remote;
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe int err;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_bucket *e;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_bucket_brigade *bb = apr_brigade_create(p);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard apr_bucket_brigade *cbb = apr_brigade_create(p);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard char *buf, *connectname;
8e9734d1a4af74c141e2a0f880bb51bb061fa03atrawick apr_port_t connectport;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard char buffer[MAX_STRING_LEN];
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard char *path, *strp, *parms;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard char *user = NULL;
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick/* char *account = NULL; how to supply an account in a URL? */
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick const char *password = NULL;
3568de757bac0b47256647504c186d17ca272f85rbb int i, j, len, rc;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard int one = 1;
cb97ae2ff6969c2789b8e03f1bc4187fa73b6bafwrowe char *size = NULL;
0f113d7123e8bd3e3e2e9b6373461a1a773bfccatrawick
0f113d7123e8bd3e3e2e9b6373461a1a773bfccatrawick /* stuff for PASV mode */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz int pasvmode = 0;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard char dates[AP_RFC822_DATE_LEN];
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard void *sconf = r->server->module_config;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard proxy_server_conf *conf =
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard (proxy_server_conf *) ap_get_module_config(sconf, &proxy_module);
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard
3568de757bac0b47256647504c186d17ca272f85rbb proxy_conn_rec *backend =
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard (proxy_conn_rec *) ap_get_module_config(c->conn_config, &proxy_module);
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (!backend) {
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard backend = ap_pcalloc(c->pool, sizeof(proxy_conn_rec));
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard backend->connection = NULL;
c0659e61002e9d6ff77b2dca72540e0af1b2ca64stoddard backend->hostname = NULL;
3568de757bac0b47256647504c186d17ca272f85rbb backend->port = 0;
3568de757bac0b47256647504c186d17ca272f85rbb ap_set_module_config(c->conn_config, &proxy_module, backend);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /*
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * I: Who Do I Connect To?
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * -----------------------
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick *
f886987cd0bd4220c14043c4d9be77ec22902e73trawick * Break up the URL to determine the host to connect to
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick */
f886987cd0bd4220c14043c4d9be77ec22902e73trawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* we only support GET and HEAD */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (r->method_number != M_GET)
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick return HTTP_NOT_IMPLEMENTED;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz /* We break the URL into host, port, path-search */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz connectname = r->parsed_uri.hostname;
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm connectport = (r->parsed_uri.port != 0)
2e7f1d7da527c09e717251e186deffe55e6fbd0ftrawick ? r->parsed_uri.port
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm : ap_default_port_for_request(r);
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm path = apr_pstrdup(p, r->parsed_uri.path);
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm path = (path != NULL && path[0] != '\0') ? &path[1] : "";
2e7f1d7da527c09e717251e186deffe55e6fbd0ftrawick
2e7f1d7da527c09e717251e186deffe55e6fbd0ftrawick parms = strchr(path, ';');
2e7f1d7da527c09e717251e186deffe55e6fbd0ftrawick if (parms != NULL)
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm *(parms++) = '\0';
3568de757bac0b47256647504c186d17ca272f85rbb
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm /* The "Authorization:" header must be checked first.
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz * We allow the user to "override" the URL-coded user [ & password ]
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz * in the Browsers' User&Password Dialog.
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz * NOTE that this is only marginally more secure than having the
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * password travel in plain as part of the URL, because Basic Auth
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * simply uuencodes the plain text password.
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz * But chances are still smaller that the URL is logged regularly.
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if ((password = apr_table_get(r->headers_in, "Authorization")) != NULL
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm && strcasecmp(ap_getword(r->pool, &password, ' '), "Basic") == 0
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm && (password = ap_pbase64decode(r->pool, password))[0] != ':') {
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm /* Note that this allocation has to be made from r->connection->pool
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * because it has the lifetime of the connection. The other allocations
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * are temporary and can be tossed away any time.
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz user = ap_getword_nulls (r->connection->pool, &password, ':');
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick r->ap_auth_type = "Basic";
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm r->user = r->parsed_uri.user = user;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick else if ((user = r->parsed_uri.user) != NULL) {
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm user = apr_pstrdup(p, user);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick decodeenc(user);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if ((password = r->parsed_uri.password) != NULL) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick char *tmp = apr_pstrdup(p, password);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick decodeenc(tmp);
cb97ae2ff6969c2789b8e03f1bc4187fa73b6bafwrowe password = tmp;
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm }
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick else {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick user = "anonymous";
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm password = "apache-proxy@";
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "proxy: FTP connecting %s to %s:%d", url, connectname, connectport);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* do a DNS lookup for the destination host */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick err = apr_sockaddr_info_get(&connect_addr, connectname, APR_UNSPEC, connectport, 0, p);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* check if ProxyBlock directive on this host */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (OK != ap_proxy_checkproxyblock(r, conf, connect_addr)) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick return ap_proxyerror(r, HTTP_FORBIDDEN,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "Connect to remote machine blocked");
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /*
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * II: Make the Connection
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * -----------------------
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick *
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * We have determined who to connect to. Now make the connection.
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* get all the possible IP addresses for the destname and loop through them
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * until we get a successful connection
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (APR_SUCCESS != err) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick return ap_proxyerror(r, HTTP_BAD_GATEWAY, apr_pstrcat(p,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "DNS lookup failure for: ",
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick connectname, NULL));
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if ((apr_socket_create(&sock, APR_INET, SOCK_STREAM, r->pool)) != APR_SUCCESS) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "proxy: error creating socket");
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick return HTTP_INTERNAL_SERVER_ERROR;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick#if !defined(TPF) && !defined(BEOS)
f886987cd0bd4220c14043c4d9be77ec22902e73trawick if (conf->recv_buffer_size > 0
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick && apr_setsocketopt(sock, APR_SO_RCVBUF,
f886987cd0bd4220c14043c4d9be77ec22902e73trawick conf->recv_buffer_size)) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
f886987cd0bd4220c14043c4d9be77ec22902e73trawick "setsockopt(SO_RCVBUF): Failed to set ProxyReceiveBufferSize, using default");
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm }
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm#endif
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm if (apr_setsocketopt(sock, APR_SO_REUSEADDR, one)) {
3568de757bac0b47256647504c186d17ca272f85rbb#ifndef _OSD_POSIX /* BS2000 has this option "always on" */
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "proxy: error setting reuseaddr option: setsockopt(SO_REUSEADDR)");
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick return HTTP_INTERNAL_SERVER_ERROR;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick#endif /*_OSD_POSIX*/
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "proxy: socket has been created");
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /*
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * At this point we have a list of one or more IP addresses of
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * the machine to connect to. If configured, reorder this
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * list so that the "best candidate" is first try. "best
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * candidate" could mean the least loaded server, the fastest
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * responding server, whatever.
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick *
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * For now we do nothing, ie we get DNS round robin.
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * XXX FIXME
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick */
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm
2e7f1d7da527c09e717251e186deffe55e6fbd0ftrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* try each IP address until we connect successfully */
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick int failed = 1;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick while (connect_addr) {
f886987cd0bd4220c14043c4d9be77ec22902e73trawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* make the connection out of the socket */
cb97ae2ff6969c2789b8e03f1bc4187fa73b6bafwrowe err = apr_connect(sock, connect_addr);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm /* if an error occurred, loop round and try again */
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm if (err != APR_SUCCESS) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_log_error(APLOG_MARK, APLOG_ERR, err, r->server,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "proxy: attempt to connect to %pI (%s) failed", connect_addr, connectname);
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm connect_addr = connect_addr->next;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick continue;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* if we get here, all is well */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick failed = 0;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick break;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* handle a permanent error from the above loop */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (failed) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick return ap_proxyerror(r, HTTP_BAD_GATEWAY, apr_psprintf(r->pool,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "Could not connect to remote machine: %s port %d",
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick connectname, connectport));
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* the socket is now open, create a new connection */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick origin = ap_new_connection(p, r->server, sock, r->connection->id);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (!origin) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* the peer reset the connection already; ap_new_connection()
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * closed the socket */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "proxy: an error occurred creating a new connection to %pI (%s)", connect_addr, connectname);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick return HTTP_INTERNAL_SERVER_ERROR;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* if a keepalive connection is floating around, close it first! */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* we might support ftp keepalives later, but not now... */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (backend->connection) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick apr_socket_close(backend->connection->client_socket);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick backend->connection = NULL;
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "proxy: connection complete");
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /*
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * III: Send Control Request
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * -------------------------
f886987cd0bd4220c14043c4d9be77ec22902e73trawick *
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * Log into the ftp server, send the username & password, change to the correct
f886987cd0bd4220c14043c4d9be77ec22902e73trawick * directory...
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick */
f886987cd0bd4220c14043c4d9be77ec22902e73trawick
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm /* set up the connection filters */
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm ap_proxy_pre_http_connection(origin, NULL);
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm /* possible results: */
3568de757bac0b47256647504c186d17ca272f85rbb /* 120 Service ready in nnn minutes. */
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm /* 220 Service ready for new user. */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* 421 Service not available, closing control connection. */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick "proxy: FTP: %d %s", i, buffer);
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (i == -1) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick return ap_proxyerror(r, HTTP_BAD_GATEWAY, "Error reading from remote server");
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick }
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm#if 0
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (i == 120) {
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* RFC2068 states:
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * 14.38 Retry-After
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick *
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * The Retry-After response-header field can be used with a 503 (Service
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * Unavailable) response to indicate how long the service is expected to
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * be unavailable to the requesting client. The value of this field can
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * be either an HTTP-date or an integer number of seconds (in decimal)
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm * after the time of the response.
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick * Retry-After = "Retry-After" ":" ( HTTP-date | delta-seconds )
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick ap_table_add(r->headers_out, "Retry-After", apr_psprintf(p, "%u", 60*wait_mins);
2e7f1d7da527c09e717251e186deffe55e6fbd0ftrawick return ap_proxyerror(r, HTTP_SERVICE_UNAVAILABLE, buffer);
2e7f1d7da527c09e717251e186deffe55e6fbd0ftrawick }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz#endif
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick if (i != 220) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe }
3568de757bac0b47256647504c186d17ca272f85rbb
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe "proxy: FTP: connected.");
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe
f886987cd0bd4220c14043c4d9be77ec22902e73trawick buf = apr_pstrcat(p, "USER ", user, CRLF, NULL);
f886987cd0bd4220c14043c4d9be77ec22902e73trawick e = apr_bucket_pool_create(buf, strlen(buf), p);
f886987cd0bd4220c14043c4d9be77ec22902e73trawick APR_BRIGADE_INSERT_TAIL(bb, e);
f886987cd0bd4220c14043c4d9be77ec22902e73trawick e = apr_bucket_flush_create();
f886987cd0bd4220c14043c4d9be77ec22902e73trawick APR_BRIGADE_INSERT_TAIL(bb, e);
f886987cd0bd4220c14043c4d9be77ec22902e73trawick ap_pass_brigade(origin->output_filters, bb);
f886987cd0bd4220c14043c4d9be77ec22902e73trawick ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe "proxy: FTP: USER %s", user);
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe /* possible results; 230, 331, 332, 421, 500, 501, 530 */
1ec8bd0373f11c07688ec9afbbf778cf78a0bc52wrowe /* states: 1 - error, 2 - success; 3 - send password, 4,5 fail */
3568de757bac0b47256647504c186d17ca272f85rbb /* 230 User logged in, proceed. */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz /* 331 User name okay, need password. */
8bfe865d8d61be4ba4a89e45427a3c4211ebabdctrawick /* 332 Need account for login. */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz /* 421 Service not available, closing control connection. */
3568de757bac0b47256647504c186d17ca272f85rbb /* 500 Syntax error, command unrecognized. */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz /* (This may include errors such as command line too long.) */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz /* 501 Syntax error in parameters or arguments. */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz /* 530 Not logged in. */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
3568de757bac0b47256647504c186d17ca272f85rbb "proxy: FTP: %d %s", i, buffer);
3568de757bac0b47256647504c186d17ca272f85rbb if (i == -1) {
3568de757bac0b47256647504c186d17ca272f85rbb return ap_proxyerror(r, HTTP_BAD_GATEWAY, "Error reading from remote server");
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (i == 530) {
3568de757bac0b47256647504c186d17ca272f85rbb return ftp_unauthorized (r, 1); /* log it: user name guessing attempt? */
3568de757bac0b47256647504c186d17ca272f85rbb }
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding if (i != 230 && i != 331) {
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding }
3568de757bac0b47256647504c186d17ca272f85rbb
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (i == 331) { /* send password */
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (password == NULL) {
3568de757bac0b47256647504c186d17ca272f85rbb return ftp_unauthorized (r, 0);
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz buf = apr_pstrcat(p, "PASS ", password, CRLF, NULL);
3568de757bac0b47256647504c186d17ca272f85rbb e = apr_bucket_pool_create(buf, strlen(buf), p);
3568de757bac0b47256647504c186d17ca272f85rbb APR_BRIGADE_INSERT_TAIL(bb, e);
3568de757bac0b47256647504c186d17ca272f85rbb e = apr_bucket_flush_create();
3568de757bac0b47256647504c186d17ca272f85rbb APR_BRIGADE_INSERT_TAIL(bb, e);
3568de757bac0b47256647504c186d17ca272f85rbb ap_pass_brigade(origin->output_filters, bb);
3568de757bac0b47256647504c186d17ca272f85rbb ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
ec020ca384efb30d501a5af796ddc3bb237d7b8fgregames "proxy: FTP: PASS %s", password);
3568de757bac0b47256647504c186d17ca272f85rbb
ce03576b2434cec77f2921db9d5b6a0510581c23rederpj /* possible results 202, 230, 332, 421, 500, 501, 503, 530 */
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick /* 230 User logged in, proceed. */
cd8f8c995d415473f3bfb0b329b2450f2a722c3atrawick /* 332 Need account for login. */
9d0665da83d1e22c0ea0e5f6f940f70f75bf5237ianh /* 421 Service not available, closing control connection. */
3568de757bac0b47256647504c186d17ca272f85rbb /* 500 Syntax error, command unrecognized. */
3568de757bac0b47256647504c186d17ca272f85rbb /* 501 Syntax error in parameters or arguments. */
73e8b26287de5c06fa470d36162e103dbac9c7e5wrowe /* 503 Bad sequence of commands. */
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding /* 530 Not logged in. */
b980ad7fdc218b4855cde9f75a747527f50c554dwrowe i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
3568de757bac0b47256647504c186d17ca272f85rbb ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
ca53a74f4012a45cbad48e940eddf27d866981f9dougm "proxy: FTP: %d %s", i, buffer);
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding if (i == -1) {
3d96ee83babeec32482c9082c9426340cee8c44dwrowe return ap_proxyerror(r, HTTP_BAD_GATEWAY,
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding "Error reading from remote server");
302dc1f7b3feee23a91ad8f3cf3cb2edd95a557bmanoj }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz if (i == 332) {
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz return ap_proxyerror(r, HTTP_UNAUTHORIZED,
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz apr_pstrcat(p, "Need account for login: ", buffer, NULL));
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz }
28c170ac8e99644de58cad454c6e0f9b4b359be6jerenkrantz /* @@@ questionable -- we might as well return a 403 Forbidden here */
3568de757bac0b47256647504c186d17ca272f85rbb if (i == 530) {
0f081398cf0eef8cc7c66a535d450110a92dc8aefielding return ftp_unauthorized (r, 1); /* log it: passwd guessing attempt? */
3568de757bac0b47256647504c186d17ca272f85rbb }
if (i != 230 && i != 202) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
}
}
/* set the directory (walk directory component by component):
* this is what we must do if we don't know the OS type of the remote
* machine
*/
for (;;) {
strp = strchr(path, '/');
if (strp == NULL)
break;
*strp = '\0';
len = decodeenc(path);
buf = apr_pstrcat(p, "CWD ", path, CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: CWD %s", path);
*strp = '/';
/* responses: 250, 421, 500, 501, 502, 530, 550 */
/* 250 Requested file action okay, completed. */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 502 Command not implemented. */
/* 530 Not logged in. */
/* 550 Requested action not taken. */
i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", i, buffer);
if (i == -1) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (i == 550) {
return ap_proxyerror(r, HTTP_NOT_FOUND, buffer);
}
if (i != 250) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
}
path = strp + 1;
}
apr_table_set(r->notes, "Directory-README", buffer);
if (parms != NULL && strncasecmp(parms, "type=a", 6) == 0) {
parms = "A";
}
else {
parms = "I";
}
/* changed to make binary transfers the default */
/* set type to binary */
buf = apr_pstrcat(p, "TYPE ", parms, CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: TYPE I");
/* responses: 200, 421, 500, 501, 504, 530 */
/* 200 Command okay. */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 504 Command not implemented for that parameter. */
/* 530 Not logged in. */
i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", i, buffer);
if (i == -1) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (i != 200 && i != 504) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
}
/* Allow not implemented */
if (i == 504) {
parms[0] = '\0';
}
/*
* IV: Make Data Connection?
* -------------------------
*
* Try PASV, if that fails try normally.
*/
/* this temporarily switches off PASV */
/*goto bypass;*/
/* try to set up PASV data connection first */
/* IPV6 FIXME:
* The EPSV command replaces PASV where both IPV4 and IPV6 is supported. Only
* the port is returned, the IP address is always the same as that on the
* control connection. Example:
* Entering Extended Passive Mode (|||6446|)
*/
buf = apr_pstrcat(p, "PASV", CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: PASV");
/* possible results: 227, 421, 500, 501, 502, 530 */
/* 227 Entering Passive Mode (h1,h2,h3,h4,p1,p2). */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 502 Command not implemented. */
/* 530 Not logged in. */
i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", i, buffer);
if (i == -1) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (i != 227 && i != 502) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
}
else if (i == 227) {
unsigned int h0, h1, h2, h3, p0, p1;
char *pstr;
/* FIXME: Check PASV against RFC1123 */
pstr = apr_pstrdup(p, buffer);
pstr = strtok(pstr, " "); /* separate result code */
if (pstr != NULL) {
if (*(pstr + strlen(pstr) + 1) == '=') {
pstr += strlen(pstr) + 2;
}
else {
pstr = strtok(NULL, "("); /* separate address & port params */
if (pstr != NULL)
pstr = strtok(NULL, ")");
}
}
/* FIXME: Only supports IPV4 - fix in RFC2428 */
if (pstr != NULL && (sscanf(pstr,
"%d,%d,%d,%d,%d,%d", &h3, &h2, &h1, &h0, &p1, &p0) == 6)) {
apr_sockaddr_t *pasv_addr;
int pasvport = (p1 << 8) + p0;
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: PASV contacting host %d.%d.%d.%d:%d",
h3, h2, h1, h0, pasvport);
if ((rv = apr_socket_create(&remote_sock, APR_INET, SOCK_STREAM, r->pool)) != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
"proxy: error creating PASV socket");
return HTTP_INTERNAL_SERVER_ERROR;
}
#if !defined (TPF) && !defined(BEOS)
if (conf->recv_buffer_size > 0 && (rv = apr_setsocketopt(remote_sock, APR_SO_RCVBUF,
conf->recv_buffer_size))) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
"setsockopt(SO_RCVBUF): Failed to set ProxyReceiveBufferSize, using default");
}
#endif
/* make the connection */
apr_sockaddr_info_get(&pasv_addr, apr_psprintf(p, "%d.%d.%d.%d", h3, h2, h1, h0), APR_INET, pasvport, 0, p);
rv = apr_connect(remote_sock, pasv_addr);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, rv, r->server,
"proxy: FTP: PASV error creating socket");
return ap_proxyerror(r, HTTP_BAD_GATEWAY, apr_psprintf(r->pool,
"PASV attempt to connect to %pI failed - firewall/NAT?", pasv_addr));
}
else {
pasvmode = 1;
}
}
else
/* and try the regular way */
apr_socket_close(remote_sock);
}
/*bypass:*/
/* set up data connection */
if (!pasvmode) {
apr_sockaddr_t *local_addr;
char *local_ip;
apr_port_t local_port;
unsigned int h0, h1, h2, h3, p0, p1;
if ((apr_socket_create(&local_sock, APR_INET, SOCK_STREAM, r->pool)) != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"proxy: FTP: error creating local socket");
return HTTP_INTERNAL_SERVER_ERROR;
}
apr_socket_addr_get(&local_addr, APR_LOCAL, sock);
apr_sockaddr_port_get(&local_port, local_addr);
apr_sockaddr_ip_get(&local_ip, local_addr);
if (apr_setsocketopt(local_sock, APR_SO_REUSEADDR, one) != APR_SUCCESS) {
#ifndef _OSD_POSIX /* BS2000 has this option "always on" */
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"proxy: FTP: error setting reuseaddr option");
return HTTP_INTERNAL_SERVER_ERROR;
#endif /*_OSD_POSIX*/
}
if (apr_sockaddr_info_get(&local_addr, local_ip, APR_UNSPEC,
local_port, 0, r->pool) != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"proxy: FTP: error creating local socket address");
return HTTP_INTERNAL_SERVER_ERROR;
}
if (apr_bind(local_sock, local_addr) != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"proxy: FTP: error binding to ftp data socket %s:%d", local_ip, local_port);
return HTTP_INTERNAL_SERVER_ERROR;
}
/* only need a short queue */
apr_listen(local_sock, 2);
/* FIXME: Sent PORT here */
if (local_ip && (sscanf(local_ip,
"%d.%d.%d.%d", &h3, &h2, &h1, &h0) == 4)) {
p1 = (local_port >> 8);
p0 = (local_port & 0xFF);
buf = apr_psprintf(p, "PORT %d,%d,%d,%d,%d,%d" CRLF, h3, h2, h1, h0, p1, p0);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: PORT %d,%d,%d,%d,%d,%d", h3, h2, h1, h0, p1, p0);
/* possible results: 200, 421, 500, 501, 502, 530 */
/* 200 Command okay. */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 502 Command not implemented. */
/* 530 Not logged in. */
rc = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", rc, buffer);
if (rc == -1) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (rc != 200) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
}
}
else {
/* IPV6 FIXME:
* The EPRT command replaces PORT where both IPV4 and IPV6 is supported. The first
* number (1,2) indicates the protocol type. Examples:
* EPRT |1|132.235.1.2|6275|
* EPRT |2|1080::8:800:200C:417A|5282|
*/
return ap_proxyerror(r, HTTP_NOT_IMPLEMENTED, "Connect to IPV6 ftp server not supported");
}
}
/*
* V: Set The Headers
* -------------------
*
* Get the size of the request, set up the environment for HTTP.
*/
/* set request; "path" holds last path component */
len = decodeenc(path);
/* TM - if len == 0 then it must be a directory (you can't RETR nothing) */
if (len == 0) {
parms = "d";
}
else {
buf = apr_pstrcat(p, "SIZE ", path, CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: SIZE %s", path);
i = ftp_getrc_msg(origin, cbb, buffer, sizeof buffer);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: returned status %d with response %s", i, buffer);
if (i != 500) { /* Size command not recognized */
if (i == 550) { /* Not a regular file */
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: SIZE shows this is a directory");
parms = "d";
buf = apr_pstrcat(p, "CWD ", path, CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: CWD %s", path);
i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
/* possible results: 250, 421, 500, 501, 502, 530, 550 */
/* 250 Requested file action okay, completed. */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 502 Command not implemented. */
/* 530 Not logged in. */
/* 550 Requested action not taken. */
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", i, buffer);
if (i == -1) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (i == 550) {
return ap_proxyerror(r, HTTP_NOT_FOUND, buffer);
}
if (i != 250) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
}
path = "";
len = 0;
}
else if (i == 213) { /* Size command ok */
for (j = 0; j < sizeof(buffer) && apr_isdigit(buffer[j]); j++);
buffer[j] = '\0';
if (buffer[0] != '\0')
size = apr_pstrdup(p, buffer);
}
}
}
#ifdef AUTODETECT_PWD
buf = apr_pstrcat(p, "PWD", CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: PWD");
/* responses: 257, 500, 501, 502, 421, 550 */
/* 257 "<directory-name>" <commentary> */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 502 Command not implemented. */
/* 550 Requested action not taken. */
i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", i, buffer);
if (i == -1 || i == 421) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (i == 550) {
return ap_proxyerror(r, HTTP_NOT_FOUND, buffer);
}
if (i == 257) {
const char *dirp = buffer;
apr_table_set(r->notes, "Directory-PWD", ap_getword_conf(r->pool, &dirp));
}
#endif /*AUTODETECT_PWD*/
if (parms[0] == 'd') {
if (len != 0)
buf = apr_pstrcat(p, "LIST ", path, CRLF, NULL);
else
buf = apr_pstrcat(p, "LIST -lag", CRLF, NULL);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: LIST %s", (len == 0 ? "-lag" : path));
}
else {
/* FIXME: Handle range requests - send REST */
buf = apr_pstrcat(p, "RETR ", path, CRLF, NULL);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: RETR %s", path);
}
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
/* RETR: 110, 125, 150, 226, 250, 421, 425, 426, 450, 451, 500, 501, 530, 550
* NLST: 125, 150, 226, 250, 421, 425, 426, 450, 451, 500, 501, 502, 530 */
/* 110 Restart marker reply. */
/* 125 Data connection already open; transfer starting. */
/* 150 File status okay; about to open data connection. */
/* 226 Closing data connection. */
/* 250 Requested file action okay, completed. */
/* 421 Service not available, closing control connection. */
/* 425 Can't open data connection. */
/* 426 Connection closed; transfer aborted. */
/* 450 Requested file action not taken. */
/* 451 Requested action aborted. Local error in processing. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 530 Not logged in. */
/* 550 Requested action not taken. */
rc = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", rc, buffer);
if (rc == -1) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (rc == 550) {
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: RETR failed, trying LIST instead");
parms = "d";
buf = apr_pstrcat(p, "CWD ", path, CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: CWD %s", path);
/* possible results: 250, 421, 500, 501, 502, 530, 550 */
/* 250 Requested file action okay, completed. */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 502 Command not implemented. */
/* 530 Not logged in. */
/* 550 Requested action not taken. */
rc = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", rc, buffer);
if (rc == -1) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (rc == 550) {
return ap_proxyerror(r, HTTP_NOT_FOUND, buffer);
}
if (rc != 250) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
}
#ifdef AUTODETECT_PWD
buf = apr_pstrcat(p, "PWD ", CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: PWD");
/* responses: 257, 500, 501, 502, 421, 550 */
/* 257 "<directory-name>" <commentary> */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 502 Command not implemented. */
/* 550 Requested action not taken. */
i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", i, buffer);
if (i == -1 || i == 421) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (i == 550) {
return ap_proxyerror(r, HTTP_NOT_FOUND, buffer);
}
if (i == 257) {
const char *dirp = buffer;
apr_table_set(r->notes, "Directory-PWD", ap_getword_conf(r->pool, &dirp));
}
#endif /*AUTODETECT_PWD*/
buf = apr_pstrcat(p, "LIST -lag", CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: LIST -lag");
rc = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", rc, buffer);
if (rc == -1)
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Error reading from remote server");
}
if (rc != 125 && rc != 150 && rc != 226 && rc != 250) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY, buffer);
}
r->status = HTTP_OK;
r->status_line = "200 OK";
apr_rfc822_date(dates, r->request_time);
apr_table_setn(r->headers_out, "Date", dates);
apr_table_setn(r->headers_out, "Server", ap_get_server_version());
if (parms[0] == 'd') {
r->content_type = "text/html";
apr_table_setn(r->headers_out, "Content-Type", r->content_type);
}
else {
if (r->content_type != NULL) {
apr_table_setn(r->headers_out, "Content-Type", r->content_type);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: Content-Type set to %s", r->content_type);
}
else {
apr_table_setn(r->headers_out, "Content-Type", ap_default_type(r));
}
if (parms[0] != 'a' && size != NULL) {
/* We "trust" the ftp server to really serve (size) bytes... */
apr_table_setn(r->headers_out, "Content-Length", size);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: Content-Length set to %s", size);
}
}
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: Content-Type set to %s", r->content_type);
if (r->content_encoding != NULL && r->content_encoding[0] != '\0') {
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: Content-Encoding set to %s", r->content_encoding);
apr_table_setn(r->headers_out, "Content-Encoding", r->content_encoding);
}
/* wait for connection */
if (!pasvmode) {
for(;;)
{
/* FIXME: this does not return, despite the incoming connection being accepted */
switch(apr_accept(&remote_sock, local_sock, r->pool))
{
case APR_EINTR:
continue;
case APR_SUCCESS:
break;
default:
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"proxy: FTP: failed to accept data connection");
return HTTP_BAD_GATEWAY;
}
}
}
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"proxy: FTP: ready to suck data");
/* the transfer socket is now open, create a new connection */
remote = ap_new_connection(p, r->server, remote_sock, r->connection->id);
if (!remote) {
/* the peer reset the connection already; ap_new_connection()
* closed the socket */
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: an error occurred creating the transfer connection");
return HTTP_INTERNAL_SERVER_ERROR;
}
/* set up the connection filters */
ap_proxy_pre_http_connection(remote, NULL);
/*
* VI: Receive the Response
* ------------------------
*
* Get response from the remote ftp socket, and pass it up the
* filter chain.
*/
/* send response */
r->sent_bodyct = 1;
/* read till EOF */
c->remain = -1;
if (parms[0] == 'd') {
/* insert directory filter */
ap_add_output_filter("PROXY_SEND_DIR", NULL, r, r->connection);
}
/* send body */
if (!r->header_only) {
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: start body send");
/* read the body, pass it to the output filters */
while (ap_get_brigade(remote->input_filters, bb, AP_MODE_BLOCKING) == APR_SUCCESS) {
if (APR_BUCKET_IS_EOS(APR_BRIGADE_LAST(bb))) {
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(r->output_filters, bb);
break;
}
ap_pass_brigade(r->output_filters, bb);
apr_brigade_cleanup(bb);
}
apr_brigade_cleanup(bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: end body send");
}
else {
/* abort the transfer */
buf = apr_pstrcat(p, "ABOR", CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: ABOR");
/* responses: 225, 226, 421, 500, 501, 502 */
/* 225 Data connection open; no transfer in progress. */
/* 226 Closing data connection. */
/* 421 Service not available, closing control connection. */
/* 500 Syntax error, command unrecognized. */
/* 501 Syntax error in parameters or arguments. */
/* 502 Command not implemented. */
i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", i, buffer);
}
/*
* VII: Clean Up
* -------------
*
* If there are no KeepAlives, or if the connection has been signalled
* to close, close the socket and clean up
*/
/* finish */
buf = apr_pstrcat(p, "QUIT", CRLF, NULL);
e = apr_bucket_pool_create(buf, strlen(buf), p);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_flush_create();
APR_BRIGADE_INSERT_TAIL(bb, e);
ap_pass_brigade(origin->output_filters, bb);
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: QUIT");
/* responses: 221, 500 */
/* 221 Service closing control connection. */
/* 500 Syntax error, command unrecognized. */
i = ftp_getrc_msg(origin, cbb, buffer, sizeof(buffer));
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: FTP: %d %s", i, buffer);
apr_brigade_destroy(bb);
return OK;
}