diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/integration/exploid-keyring-with-dupe-keys.pub | bin | 0 -> 3986 bytes | |||
-rw-r--r-- | test/integration/exploid-keyring-with-dupe-subkeys.pub | bin | 0 -> 2016 bytes | |||
-rw-r--r-- | test/integration/framework | 26 | ||||
-rwxr-xr-x | test/integration/test-apt-get-source | 60 | ||||
-rwxr-xr-x | test/integration/test-apt-key-net-update | 95 | ||||
-rwxr-xr-x | test/integration/test-bug-719263-print-uris-removes-authentication | 1 | ||||
-rwxr-xr-x | test/integration/test-partial-file-support | 18 | ||||
-rwxr-xr-x | test/integration/test-releasefile-verification | 2 | ||||
-rw-r--r-- | test/interactive-helper/aptwebserver.cc | 432 | ||||
-rw-r--r-- | test/interactive-helper/makefile | 2 |
10 files changed, 447 insertions, 189 deletions
diff --git a/test/integration/exploid-keyring-with-dupe-keys.pub b/test/integration/exploid-keyring-with-dupe-keys.pub Binary files differnew file mode 100644 index 000000000..642952a40 --- /dev/null +++ b/test/integration/exploid-keyring-with-dupe-keys.pub diff --git a/test/integration/exploid-keyring-with-dupe-subkeys.pub b/test/integration/exploid-keyring-with-dupe-subkeys.pub Binary files differnew file mode 100644 index 000000000..02d4e6ee8 --- /dev/null +++ b/test/integration/exploid-keyring-with-dupe-subkeys.pub diff --git a/test/integration/framework b/test/integration/framework index 20f3487cc..89b5bb0e4 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -192,6 +192,7 @@ setupenvironment() { fi echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf echo 'quiet::NoUpdate "true";' >> aptconfig.conf + echo "Acquire::https::CaInfo \"${TESTDIR}/apt.pem\";" > rootdir/etc/apt/apt.conf.d/99https export LC_ALL=C export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin" configcompression '.' 'gz' #'bz2' 'lzma' 'xz' @@ -791,6 +792,22 @@ signreleasefiles() { msgdone "info" } +webserverconfig() { + msgtest "Set webserver config option '${1}' to" "$2" + downloadfile "http://localhost:8080/_config/set/${1}/${2}" '/dev/null' >/dev/null + local DOWNLOG='download-testfile.log' + rm -f "$DOWNLOG" + local STATUS="$(mktemp)" + addtrap "rm $STATUS;" + downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG" + if [ "$(cat "$STATUS")" = '200' ]; then + msgpass + else + cat >&2 "$DOWNLOG" + msgfail "Statuscode was $(cat "$STATUS")" + fi +} + rewritesourceslist() { local APTARCHIVE="file://$(readlink -f "${TMPWORKINGDIRECTORY}/aptarchive")" for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do @@ -799,6 +816,11 @@ rewritesourceslist() { } changetowebserver() { + if [ "$1" != '--no-rewrite' ]; then + rewritesourceslist 'http://localhost:8080/' + else + shift + fi local LOG='/dev/null' if test -x ${BUILDDIRECTORY}/aptwebserver; then cd aptarchive @@ -812,9 +834,6 @@ changetowebserver() { else msgdie 'You have to build aptwerbserver or install a webserver' fi - if [ "$1" != '--no-rewrite' ]; then - rewritesourceslist 'http://localhost:8080/' - fi } changetohttpswebserver() { @@ -826,6 +845,7 @@ changetohttpswebserver() { fi echo "pid = ${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid cert = ${TESTDIRECTORY}/apt.pem +output = /dev/null [https] accept = 4433 diff --git a/test/integration/test-apt-get-source b/test/integration/test-apt-get-source new file mode 100755 index 000000000..5bef781f1 --- /dev/null +++ b/test/integration/test-apt-get-source @@ -0,0 +1,60 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# we need to insert a package into "unstable" so that a Release file is +# create for the test +insertpackage 'wheezy' 'unreleated-package' 'all' '1.0' + +# a "normal" package with source and binary +insertpackage 'unstable' 'foo' 'all' '2.0' +insertsource 'unstable' 'foo' 'all' '2.0' + +insertpackage 'stable' 'foo' 'all' '1.0' +insertsource 'stable' 'foo' 'all' '1.0' + +# this package exists only as source +insertsource 'wheezy' 'foo' 'all' '0.1' + +setupaptarchive + +APTARCHIVE=$(readlink -f ./aptarchive) + +# normal operation gets highest version number +HEADER="Reading package lists... +Building dependency tree..." +testequal "$HEADER +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_2.0.dsc' foo_2.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_2.0.tar.gz' foo_2.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo + +# select by release +testequal "$HEADER +Selectied version '1.0' (stable) for foo +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo/stable + +# select by version +testequal "$HEADER +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_1.0.dsc' foo_1.0.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_1.0.tar.gz' foo_1.0.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo=1.0 + +# select by release with no binary package (Bug#731102) +testequal "$HEADER +Selectied version '0.1' (wheezy) for foo +Need to get 0 B of source archives. +'file://${APTARCHIVE}/foo_0.1.dsc' foo_0.1.dsc 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e +'file://${APTARCHIVE}/foo_0.1.tar.gz' foo_0.1.tar.gz 0 MD5Sum:d41d8cd98f00b204e9800998ecf8427e" aptget source -q --print-uris foo/wheezy + +# unavailable one +testequal "$HEADER +E: Ignore unavailable version '9.9-not-there' of package 'foo' +E: Unable to find a source package for foo" aptget source -q --print-uris foo=9.9-not-there + diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update new file mode 100755 index 000000000..d5205836f --- /dev/null +++ b/test/integration/test-apt-key-net-update @@ -0,0 +1,95 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture "i386" + +# mock +requires_root() { + return 0 +} + +# extract net_update() and import it +func=$( sed -n -e '/^add_keys_with_verify_against_master_keyring/,/^}/p' ${BUILDDIRECTORY}/apt-key ) +eval "$func" + +mkdir -p ./etc/apt +TRUSTEDFILE=./etc/apt/trusted.gpg +mkdir -p ./var/lib/apt/keyrings +TMP_KEYRING=./var/lib/apt/keyrings/maybe-import-keyring.gpg +GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring" +GPG="$GPG_CMD --keyring $TRUSTEDFILE" +MASTER_KEYRING=/usr/share/keyrings/ubuntu-master-keyring.gpg + + +msgtest "add_keys_with_verify_against_master_keyring" +if [ ! -e $MASTER_KEYRING ]; then + echo -n "No $MASTER_KEYRING found" + msgskip + exit 0 +fi + +# test bad keyring and ensure its not added (LP: #857472) +ADD_KEYRING=./keys/exploid-keyring-with-dupe-keys.pub +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgfail +else + msgpass +fi + +# ensure the keyring is still empty +gpg_out=$($GPG --list-keys) +msgtest "Test if keyring is empty" +if [ -n "" ]; then + msgfail +else + msgpass +fi + + +# test another possible attack vector using subkeys (LP: #1013128) +msgtest "add_keys_with_verify_against_master_keyring with subkey attack" +ADD_KEYRING=./keys/exploid-keyring-with-dupe-subkeys.pub +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgfail +else + msgpass +fi + +# ensure the keyring is still empty +gpg_out=$($GPG --list-keys) +msgtest "Test if keyring is empty" +if [ -n "" ]; then + msgfail +else + msgpass +fi + + +# test good keyring and ensure we get no errors +ADD_KEYRING=/usr/share/keyrings/ubuntu-archive-keyring.gpg +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgpass +else + msgfail +fi + +testequal './etc/apt/trusted.gpg +--------------------- +pub 1024D/437D05B5 2004-09-12 +uid Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com> +sub 2048g/79164387 2004-09-12 + +pub 1024D/FBB75451 2004-12-30 +uid Ubuntu CD Image Automatic Signing Key <cdimage@ubuntu.com> + +pub 4096R/C0B21F32 2012-05-11 +uid Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com> + +pub 4096R/EFE21092 2012-05-11 +uid Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com> +' $GPG --list-keys + diff --git a/test/integration/test-bug-719263-print-uris-removes-authentication b/test/integration/test-bug-719263-print-uris-removes-authentication index 1c1a27ceb..5e674db0b 100755 --- a/test/integration/test-bug-719263-print-uris-removes-authentication +++ b/test/integration/test-bug-719263-print-uris-removes-authentication @@ -25,6 +25,7 @@ Inst unrelated [1] (2 unstable [all]) Conf unrelated (2 unstable [all])' aptget install unrelated -s testsuccess aptget install unrelated -y testdpkginstalled unrelated + rm -rf rootdir/var/cache/apt/*.bin cp -a rootdir/var/lib/dpkg/status-backup-noact rootdir/var/lib/dpkg/status } diff --git a/test/integration/test-partial-file-support b/test/integration/test-partial-file-support index 8d1c51ae0..382789e68 100755 --- a/test/integration/test-partial-file-support +++ b/test/integration/test-partial-file-support @@ -18,7 +18,7 @@ testdownloadfile() { rm -f "$DOWNLOG" msgtest "Testing download of file $2 with" "$1" if ! downloadfile "$2" "$3" > "$DOWNLOG"; then - cat "$DOWNLOG" + cat >&2 "$DOWNLOG" msgfail else msgpass @@ -40,21 +40,23 @@ testdownloadfile() { if [ "$EXPECTED" "$4" "$hash" ]; then msgpass else - cat "$DOWNLOG" + cat >&2 "$DOWNLOG" msgfail "expected: $EXPECTED ; got: $hash" fi done } testwebserverlaststatuscode() { - STATUS="$(mktemp)" + local DOWNLOG='download-testfile.log' + rm -f "$DOWNLOG" + local STATUS="$(mktemp)" addtrap "rm $STATUS;" msgtest 'Test last status code from the webserver was' "$1" - downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" >/dev/null + downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG" if [ "$(cat "$STATUS")" = "$1" ]; then msgpass else - cat download-testfile.log + cat >&2 "$DOWNLOG" msgfail "Status was $(cat "$STATUS")" fi } @@ -64,8 +66,7 @@ TESTFILE='aptarchive/testfile' cp -a ${TESTDIR}/framework $TESTFILE testrun() { - downloadfile "$1/_config/set/aptwebserver::support::range/true" '/dev/null' >/dev/null - testwebserverlaststatuscode '200' + webserverconfig 'aptwebserver::support::range' 'true' copysource $TESTFILE 0 ./testfile testdownloadfile 'no data' "${1}/testfile" './testfile' '=' @@ -92,8 +93,7 @@ testrun() { testdownloadfile 'old data' "${1}/testfile" './testfile' '=' testwebserverlaststatuscode '200' - downloadfile "$1/_config/set/aptwebserver::support::range/false" '/dev/null' >/dev/null - testwebserverlaststatuscode '200' + webserverconfig 'aptwebserver::support::range' 'false' copysource $TESTFILE 20 ./testfile testdownloadfile 'no server support' "${1}/testfile" './testfile' '=' diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification index 9d34a521a..e558b83e8 100755 --- a/test/integration/test-releasefile-verification +++ b/test/integration/test-releasefile-verification @@ -11,7 +11,7 @@ buildaptarchive setupflataptarchive changetowebserver -downloadfile "http://localhost:8080/_config/set/aptwebserver::support::range/false" '/dev/null' >/dev/null +webserverconfig 'aptwebserver::support::range' 'false' prepare() { local DATE="${2:-now}" diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc index 4dae342dd..b7663a76a 100644 --- a/test/interactive-helper/aptwebserver.cc +++ b/test/interactive-helper/aptwebserver.cc @@ -112,7 +112,7 @@ bool sendHead(int const client, int const httpcode, std::list<std::string> &head date.append(TimeRFC1123(time(NULL))); headers.push_back(date); - std::clog << ">>> RESPONSE >>>" << std::endl; + std::clog << ">>> RESPONSE to " << client << " >>>" << std::endl; bool Success = true; for (std::list<std::string>::const_iterator h = headers.begin(); Success == true && h != headers.end(); ++h) @@ -137,21 +137,21 @@ bool sendFile(int const client, FileFd &data) /*{{{*/ { if (actual == 0) break; - if (Success == true) - Success &= FileFd::Write(client, buffer, actual); + Success &= FileFd::Write(client, buffer, actual); } - if (Success == true) - Success &= FileFd::Write(client, "\r\n", 2); + if (Success == false) + std::cerr << "SENDFILE: READ/WRITE ERROR to " << client << std::endl; return Success; } /*}}}*/ bool sendData(int const client, std::string const &data) /*{{{*/ { - bool Success = true; - Success &= FileFd::Write(client, data.c_str(), data.size()); - if (Success == true) - Success &= FileFd::Write(client, "\r\n", 2); - return Success; + if (FileFd::Write(client, data.c_str(), data.size()) == false) + { + std::cerr << "SENDDATA: WRITE ERROR to " << client << std::endl; + return false; + } + return true; } /*}}}*/ void sendError(int const client, int const httpcode, std::string const &request,/*{{{*/ @@ -198,7 +198,17 @@ void sendRedirect(int const client, int const httpcode, std::string const &uri,/ addDataHeaders(headers, response); std::string location("Location: "); if (strncmp(uri.c_str(), "http://", 7) != 0) - location.append("http://").append(LookupTag(request, "Host")).append("/").append(uri); + { + location.append("http://").append(LookupTag(request, "Host")).append("/"); + if (strncmp("/home/", uri.c_str(), strlen("/home/")) == 0 && uri.find("/public_html/") != std::string::npos) + { + std::string homeuri = SubstVar(uri, "/home/", "~"); + homeuri = SubstVar(homeuri, "/public_html/", "/"); + location.append(homeuri); + } + else + location.append(uri); + } else location.append(uri); headers.push_back(location); @@ -267,7 +277,7 @@ void sendDirectoryListing(int const client, std::string const &dir, /*{{{*/ << "</head>" << std::endl << "<body><h1>Index of " << dir << "</h1>" << std::endl << "<table><tr><th>#</th><th>Name</th><th>Size</th><th>Last-Modified</th></tr>" << std::endl; - if (dir != ".") + if (dir != "./") listing << "<tr><td>d</td><td><a href=\"..\">Parent Directory</a></td><td>-</td><td>-</td></tr>"; for (int i = 0; i < counter; ++i) { struct stat fs; @@ -298,7 +308,7 @@ void sendDirectoryListing(int const client, std::string const &dir, /*{{{*/ } /*}}}*/ bool parseFirstLine(int const client, std::string const &request, /*{{{*/ - std::string &filename, bool &sendContent, + std::string &filename, std::string ¶ms, bool &sendContent, bool &closeConnection) { if (strncmp(request.c_str(), "HEAD ", 5) == 0) @@ -365,6 +375,14 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/ sendError(client, 400, request, sendContent, "Request is absolutePath, but configured to not accept that"); return false; } + + size_t paramspos = filename.find('?'); + if (paramspos != std::string::npos) + { + params = filename.substr(paramspos + 1); + filename.erase(paramspos); + } + filename = DeQuoteString(filename); // this is not a secure server, but at least prevent the obvious … @@ -380,7 +398,32 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/ // nuke the first character which is a / as we assured above filename.erase(0, 1); if (filename.empty() == true) - filename = "."; + filename = "./"; + // support ~user/ uris to refer to /home/user/public_html/ as a kind-of special directory + else if (filename[0] == '~') + { + // /home/user is actually not entirely correct, but good enough for now + size_t dashpos = filename.find('/'); + if (dashpos != std::string::npos) + { + std::string home = filename.substr(1, filename.find('/') - 1); + std::string pubhtml = filename.substr(filename.find('/') + 1); + filename = "/home/" + home + "/public_html/" + pubhtml; + } + else + filename = "/home/" + filename.substr(1) + "/public_html/"; + } + + // if no filename is given, but a valid directory see if we can use an index or + // have to resort to a autogenerated directory listing later on + if (DirectoryExists(filename) == true) + { + std::string const directoryIndex = _config->Find("aptwebserver::directoryindex"); + if (directoryIndex.empty() == false && directoryIndex == flNotDir(directoryIndex) && + RealFileExists(filename + directoryIndex) == true) + filename += directoryIndex; + } + return true; } /*}}}*/ @@ -427,6 +470,173 @@ bool handleOnTheFlyReconfiguration(int const client, std::string const &request, return false; } /*}}}*/ +void * handleClient(void * voidclient) /*{{{*/ +{ + int client = *((int*)(voidclient)); + std::clog << "ACCEPT client " << client << std::endl; + std::vector<std::string> messages; + while (ReadMessages(client, messages)) + { + bool closeConnection = false; + for (std::vector<std::string>::const_iterator m = messages.begin(); + m != messages.end() && closeConnection == false; ++m) { + std::clog << ">>> REQUEST from " << client << " >>>" << std::endl << *m + << std::endl << "<<<<<<<<<<<<<<<<" << std::endl; + std::list<std::string> headers; + std::string filename; + std::string params; + bool sendContent = true; + if (parseFirstLine(client, *m, filename, params, sendContent, closeConnection) == false) + continue; + + // special webserver command request + if (filename.length() > 1 && filename[0] == '_') + { + std::vector<std::string> parts = VectorizeString(filename, '/'); + if (parts[0] == "_config") + { + handleOnTheFlyReconfiguration(client, *m, parts); + continue; + } + } + + // string replacements in the requested filename + ::Configuration::Item const *Replaces = _config->Tree("aptwebserver::redirect::replace"); + if (Replaces != NULL) + { + std::string redirect = "/" + filename; + for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next) + redirect = SubstVar(redirect, I->Tag, I->Value); + redirect.erase(0,1); + if (redirect != filename) + { + sendRedirect(client, 301, redirect, *m, sendContent); + continue; + } + } + + ::Configuration::Item const *Overwrite = _config->Tree("aptwebserver::overwrite"); + if (Overwrite != NULL) + { + for (::Configuration::Item *I = Overwrite->Child; I != NULL; I = I->Next) + { + regex_t *pattern = new regex_t; + int const res = regcomp(pattern, I->Tag.c_str(), REG_EXTENDED | REG_ICASE | REG_NOSUB); + if (res != 0) + { + char error[300]; + regerror(res, pattern, error, sizeof(error)); + sendError(client, 500, *m, sendContent, error); + continue; + } + if (regexec(pattern, filename.c_str(), 0, 0, 0) == 0) + { + filename = _config->Find("aptwebserver::overwrite::" + I->Tag + "::filename", filename); + if (filename[0] == '/') + filename.erase(0,1); + regfree(pattern); + break; + } + regfree(pattern); + } + } + + // deal with the request + if (RealFileExists(filename) == true) + { + FileFd data(filename, FileFd::ReadOnly); + std::string condition = LookupTag(*m, "If-Modified-Since", ""); + if (_config->FindB("aptwebserver::support::modified-since", true) == true && condition.empty() == false) + { + time_t cache; + if (RFC1123StrToTime(condition.c_str(), cache) == true && + cache >= data.ModificationTime()) + { + sendHead(client, 304, headers); + continue; + } + } + + if (_config->FindB("aptwebserver::support::range", true) == true) + condition = LookupTag(*m, "Range", ""); + else + condition.clear(); + if (condition.empty() == false && strncmp(condition.c_str(), "bytes=", 6) == 0) + { + time_t cache; + std::string ifrange; + if (_config->FindB("aptwebserver::support::if-range", true) == true) + ifrange = LookupTag(*m, "If-Range", ""); + bool validrange = (ifrange.empty() == true || + (RFC1123StrToTime(ifrange.c_str(), cache) == true && + cache <= data.ModificationTime())); + + // FIXME: support multiple byte-ranges (APT clients do not do this) + if (condition.find(',') == std::string::npos) + { + size_t start = 6; + unsigned long long filestart = strtoull(condition.c_str() + start, NULL, 10); + // FIXME: no support for last-byte-pos being not the end of the file (APT clients do not do this) + size_t dash = condition.find('-') + 1; + unsigned long long fileend = strtoull(condition.c_str() + dash, NULL, 10); + unsigned long long filesize = data.FileSize(); + if ((fileend == 0 || (fileend == filesize && fileend >= filestart)) && + validrange == true) + { + if (filesize > filestart) + { + data.Skip(filestart); + std::ostringstream contentlength; + contentlength << "Content-Length: " << (filesize - filestart); + headers.push_back(contentlength.str()); + std::ostringstream contentrange; + contentrange << "Content-Range: bytes " << filestart << "-" + << filesize - 1 << "/" << filesize; + headers.push_back(contentrange.str()); + sendHead(client, 206, headers); + if (sendContent == true) + sendFile(client, data); + continue; + } + else + { + headers.push_back("Content-Length: 0"); + std::ostringstream contentrange; + contentrange << "Content-Range: bytes */" << filesize; + headers.push_back(contentrange.str()); + sendHead(client, 416, headers); + continue; + } + } + } + } + + addFileHeaders(headers, data); + sendHead(client, 200, headers); + if (sendContent == true) + sendFile(client, data); + } + else if (DirectoryExists(filename) == true) + { + if (filename[filename.length()-1] == '/') + sendDirectoryListing(client, filename, *m, sendContent); + else + sendRedirect(client, 301, filename.append("/"), *m, sendContent); + } + else + sendError(client, 404, *m, sendContent); + } + _error->DumpErrors(std::cerr); + messages.clear(); + if (closeConnection == true) + break; + } + close(client); + std::clog << "CLOSE client " << client << std::endl; + return NULL; +} + /*}}}*/ + int main(int const argc, const char * argv[]) { CommandLine::Args Args[] = { @@ -447,6 +657,9 @@ int main(int const argc, const char * argv[]) // create socket, bind and listen to it {{{ // ignore SIGPIPE, this can happen on write() if the socket closes connection signal(SIGPIPE, SIG_IGN); + // we don't care for our slaves, so ignore their death + signal(SIGCHLD, SIG_IGN); + int sock = socket(AF_INET6, SOCK_STREAM, 0); if(sock < 0) { @@ -514,178 +727,47 @@ int main(int const argc, const char * argv[]) std::clog << "Serving ANY file on port: " << port << std::endl; - listen(sock, 1); + int const slaves = _config->FindB("aptwebserver::slaves", SOMAXCONN); + listen(sock, slaves); /*}}}*/ _config->CndSet("aptwebserver::response-header::Server", "APT webserver"); _config->CndSet("aptwebserver::response-header::Accept-Ranges", "bytes"); + _config->CndSet("aptwebserver::directoryindex", "index.html"); - std::vector<std::string> messages; - int client; - while ((client = accept(sock, NULL, NULL)) != -1) - { - std::clog << "ACCEPT client " << client - << " on socket " << sock << std::endl; + std::list<int> accepted_clients; - while (ReadMessages(client, messages)) + while (true) + { + int client = accept(sock, NULL, NULL); + if (client == -1) { - bool closeConnection = false; - for (std::vector<std::string>::const_iterator m = messages.begin(); - m != messages.end() && closeConnection == false; ++m) { - std::clog << ">>> REQUEST >>>>" << std::endl << *m - << std::endl << "<<<<<<<<<<<<<<<<" << std::endl; - std::list<std::string> headers; - std::string filename; - bool sendContent = true; - if (parseFirstLine(client, *m, filename, sendContent, closeConnection) == false) - continue; - - // special webserver command request - if (filename.length() > 1 && filename[0] == '_') - { - std::vector<std::string> parts = VectorizeString(filename, '/'); - if (parts[0] == "_config") - { - handleOnTheFlyReconfiguration(client, *m, parts); - continue; - } - } - - // string replacements in the requested filename - ::Configuration::Item const *Replaces = _config->Tree("aptwebserver::redirect::replace"); - if (Replaces != NULL) - { - std::string redirect = "/" + filename; - for (::Configuration::Item *I = Replaces->Child; I != NULL; I = I->Next) - redirect = SubstVar(redirect, I->Tag, I->Value); - redirect.erase(0,1); - if (redirect != filename) - { - sendRedirect(client, 301, redirect, *m, sendContent); - continue; - } - } - - ::Configuration::Item const *Overwrite = _config->Tree("aptwebserver::overwrite"); - if (Overwrite != NULL) - { - for (::Configuration::Item *I = Overwrite->Child; I != NULL; I = I->Next) - { - regex_t *pattern = new regex_t; - int const res = regcomp(pattern, I->Tag.c_str(), REG_EXTENDED | REG_ICASE | REG_NOSUB); - if (res != 0) - { - char error[300]; - regerror(res, pattern, error, sizeof(error)); - sendError(client, 500, *m, sendContent, error); - continue; - } - if (regexec(pattern, filename.c_str(), 0, 0, 0) == 0) - { - filename = _config->Find("aptwebserver::overwrite::" + I->Tag + "::filename", filename); - if (filename[0] == '/') - filename.erase(0,1); - regfree(pattern); - break; - } - regfree(pattern); - } - } - - // deal with the request - if (RealFileExists(filename) == true) - { - FileFd data(filename, FileFd::ReadOnly); - std::string condition = LookupTag(*m, "If-Modified-Since", ""); - if (condition.empty() == false) - { - time_t cache; - if (RFC1123StrToTime(condition.c_str(), cache) == true && - cache >= data.ModificationTime()) - { - sendHead(client, 304, headers); - continue; - } - } - - if (_config->FindB("aptwebserver::support::range", true) == true) - condition = LookupTag(*m, "Range", ""); - else - condition.clear(); - if (condition.empty() == false && strncmp(condition.c_str(), "bytes=", 6) == 0) - { - time_t cache; - std::string ifrange; - if (_config->FindB("aptwebserver::support::if-range", true) == true) - ifrange = LookupTag(*m, "If-Range", ""); - bool validrange = (ifrange.empty() == true || - (RFC1123StrToTime(ifrange.c_str(), cache) == true && - cache <= data.ModificationTime())); - - // FIXME: support multiple byte-ranges (APT clients do not do this) - if (condition.find(',') == std::string::npos) - { - size_t start = 6; - unsigned long long filestart = strtoull(condition.c_str() + start, NULL, 10); - // FIXME: no support for last-byte-pos being not the end of the file (APT clients do not do this) - size_t dash = condition.find('-') + 1; - unsigned long long fileend = strtoull(condition.c_str() + dash, NULL, 10); - unsigned long long filesize = data.FileSize(); - if ((fileend == 0 || (fileend == filesize && fileend >= filestart)) && - validrange == true) - { - if (filesize > filestart) - { - data.Skip(filestart); - std::ostringstream contentlength; - contentlength << "Content-Length: " << (filesize - filestart); - headers.push_back(contentlength.str()); - std::ostringstream contentrange; - contentrange << "Content-Range: bytes " << filestart << "-" - << filesize - 1 << "/" << filesize; - headers.push_back(contentrange.str()); - sendHead(client, 206, headers); - if (sendContent == true) - sendFile(client, data); - continue; - } - else - { - headers.push_back("Content-Length: 0"); - std::ostringstream contentrange; - contentrange << "Content-Range: bytes */" << filesize; - headers.push_back(contentrange.str()); - sendHead(client, 416, headers); - continue; - } - } - } - } + if (errno == EINTR) + continue; + _error->Errno("accept", "Couldn't accept client on socket %d", sock); + _error->DumpErrors(std::cerr); + return 6; + } - addFileHeaders(headers, data); - sendHead(client, 200, headers); - if (sendContent == true) - sendFile(client, data); - } - else if (DirectoryExists(filename) == true) - { - if (filename == "." || filename[filename.length()-1] == '/') - sendDirectoryListing(client, filename, *m, sendContent); - else - sendRedirect(client, 301, filename.append("/"), *m, sendContent); - } - else - sendError(client, 404, *m, sendContent); - } + pthread_attr_t attr; + if (pthread_attr_init(&attr) != 0 || pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED) != 0) + { + _error->Errno("pthread_attr", "Couldn't set detach attribute for a fresh thread to handle client %d on socket %d", client, sock); _error->DumpErrors(std::cerr); - messages.clear(); - if (closeConnection == true) - break; + close(client); + continue; } - std::clog << "CLOSE client " << client - << " on socket " << sock << std::endl; - close(client); + pthread_t tid; + // thats rather dirty, but we need to store the client socket somewhere safe + accepted_clients.push_front(client); + if (pthread_create(&tid, &attr, &handleClient, &(*accepted_clients.begin())) != 0) + { + _error->Errno("pthread_create", "Couldn't create a fresh thread to handle client %d on socket %d", client, sock); + _error->DumpErrors(std::cerr); + close(client); + continue; + } } pidfile.Close(); diff --git a/test/interactive-helper/makefile b/test/interactive-helper/makefile index f43df97e3..8dc014b98 100644 --- a/test/interactive-helper/makefile +++ b/test/interactive-helper/makefile @@ -41,7 +41,7 @@ include $(PROGRAM_H) # Program for testing udevcdrom PROGRAM=aptwebserver -SLIBS = -lapt-pkg +SLIBS = -lapt-pkg -lpthread LIB_MAKES = apt-pkg/makefile SOURCE = aptwebserver.cc include $(PROGRAM_H) |