📄 client.c
字号:
* limit... */ if (NumClients == MaxClients) ResumeListening(); /* * Compact the list of clients as necessary... */ NumClients --; if (con < (Clients + NumClients)) memmove(con, con + 1, (Clients + NumClients - con) * sizeof(client_t)); } return (partial);}#if 0/* * 'EncryptClient()' - Enable encryption for the client... */int /* O - 1 on success, 0 on error */EncryptClient(client_t *con) /* I - Client to encrypt */{#if defined HAVE_LIBSSL SSL_CTX *context; /* Context for encryption */ SSL *conn; /* Connection for encryption */ unsigned long error; /* Error code */ /* * Create the SSL context and accept the connection... */ context = SSL_CTX_new(SSLv23_server_method()); SSL_CTX_use_PrivateKey_file(context, ServerKey, SSL_FILETYPE_PEM); SSL_CTX_use_certificate_file(context, ServerCertificate, SSL_FILETYPE_PEM); conn = SSL_new(context); SSL_set_fd(conn, con->http.fd); if (SSL_accept(conn) != 1) { LogMessage(L_ERROR, "EncryptClient: Unable to encrypt connection from %s!", con->http.hostname); while ((error = ERR_get_error()) != 0) LogMessage(L_ERROR, "EncryptClient: %s", ERR_error_string(error, NULL)); SSL_CTX_free(context); SSL_free(conn); return (0); } LogMessage(L_DEBUG, "EncryptClient: %d Connection from %s now encrypted.", con->http.fd, con->http.hostname); con->http.tls = conn; return (1); #elif defined(HAVE_GNUTLS) http_tls_t *conn; /* TLS session object */ int error; /* Error code */ gnutls_certificate_server_credentials *credentials; /* TLS credentials */ /* * Create the SSL object and perform the SSL handshake... */ conn = (http_tls_t *)malloc(sizeof(gnutls_session)); if (conn == NULL) return (0); credentials = (gnutls_certificate_server_credentials *) malloc(sizeof(gnutls_certificate_server_credentials)); if (credentials == NULL) { LogMessage(L_ERROR, "EncryptClient: Unable to encrypt connection from %s!", con->http.hostname); LogMessage(L_ERROR, "EncryptClient: %s", strerror(errno)); free(conn); return (0); } gnutls_certificate_allocate_credentials(credentials); gnutls_certificate_set_x509_key_file(*credentials, ServerCertificate, ServerKey, GNUTLS_X509_FMT_PEM); gnutls_init(&(conn->session), GNUTLS_SERVER); gnutls_set_default_priority(conn->session); gnutls_credentials_set(conn->session, GNUTLS_CRD_CERTIFICATE, *credentials); gnutls_transport_set_ptr(conn->session, con->http.fd); error = gnutls_handshake(conn->session); if (error != GNUTLS_E_SUCCESS) { LogMessage(L_ERROR, "EncryptClient: Unable to encrypt connection from %s!", con->http.hostname); LogMessage(L_ERROR, "EncryptClient: %s", gnutls_strerror(error)); gnutls_deinit(conn->session); gnutls_certificate_free_credentials(*credentials); free(conn); free(credentials); return (0); } LogMessage(L_DEBUG, "EncryptClient: %d Connection from %s now encrypted.", con->http.fd, con->http.hostname); conn->credentials = credentials; con->http.tls = conn; return (1);#elif defined(HAVE_CDSASSL) OSStatus error; /* Error info */ SSLContextRef conn; /* New connection */ SSLProtocol tryVersion; /* Protocol version */ const char *hostName; /* Local hostname */ int allowExpired; /* Allow expired certificates? */ int allowAnyRoot; /* Allow any root certificate? */ SSLProtocol *negVersion; /* Negotiated protocol version */ SSLCipherSuite *negCipher; /* Negotiated cypher */ CFArrayRef *peerCerts; /* Certificates */ conn = NULL; error = SSLNewContext(true, &conn); allowExpired = 1; allowAnyRoot = 1; if (!error) error = SSLSetIOFuncs(conn, CDSAReadFunc, CDSAWriteFunc); if (!error) error = SSLSetProtocolVersion(conn, kSSLProtocol3); if (!error) error = SSLSetConnection(conn, (SSLConnectionRef)con->http.fd); if (!error) { hostName = ServerName; /* MRS: ??? */ error = SSLSetPeerDomainName(conn, hostName, strlen(hostName) + 1); } /* have to do these options befor setting server certs */ if (!error && allowExpired) error = SSLSetAllowsExpiredCerts(conn, true); if (!error && allowAnyRoot) error = SSLSetAllowsAnyRoot(conn, true); if (!error && ServerCertificatesArray != NULL) error = SSLSetCertificate(conn, ServerCertificatesArray); /* * Perform SSL/TLS handshake */ do { error = SSLHandshake(conn); } while (error == errSSLWouldBlock); if (error) { LogMessage(L_ERROR, "EncryptClient: Unable to encrypt connection from %s!", con->http.hostname); LogMessage(L_ERROR, "EncryptClient: CDSA error code is %d", error); con->http.error = error; con->http.status = HTTP_ERROR; if (conn != NULL) SSLDisposeContext(conn); return (0); } LogMessage(L_DEBUG, "EncryptClient: %d Connection from %s now encrypted.", con->http.fd, con->http.hostname); con->http.tls = conn; return (1);#else return (0);#endif /* HAVE_GNUTLS */}/* * 'IsCGI()' - Is the resource a CGI script/program? */int /* O - 1 = CGI, 0 = file */IsCGI(client_t *con, /* I - Client connection */ const char *filename, /* I - Real filename */ struct stat *filestats, /* I - File information */ mime_type_t *type) /* I - MIME type */{ const char *options; /* Options on URL */ LogMessage(L_DEBUG2, "IsCGI(con=%p, filename=\"%s\", filestats=%p, type=%s/%s)\n", con, filename, filestats, type ? type->super : "unknown", type ? type->type : "unknown"); /* * Get the options, if any... */ if ((options = strchr(con->uri, '?')) != NULL) options ++; /* * Check for known types... */ if (!type || strcasecmp(type->super, "application")) { LogMessage(L_DEBUG2, "IsCGI: Returning 0..."); return (0); } if (!strcasecmp(type->type, "x-httpd-cgi") && (filestats->st_mode & 0111)) { /* * "application/x-httpd-cgi" is a CGI script. */ SetString(&con->command, filename); filename = strrchr(filename, '/') + 1; /* Filename always absolute */ if (options) SetStringf(&con->options, "%s %s", filename, options); else SetStringf(&con->options, "%s", filename); LogMessage(L_DEBUG2, "IsCGI: Returning 1 with command=\"%s\" and options=\"%s\"", con->command, con->options); return (1); }#ifdef HAVE_JAVA else if (!strcasecmp(type->type, "x-httpd-java")) { /* * "application/x-httpd-java" is a Java servlet. */ SetString(&con->command, CUPS_JAVA); if (options) SetStringf(&con->options, "java %s %s", filename, options); else SetStringf(&con->options, "java %s", filename); LogMessage(L_DEBUG2, "IsCGI: Returning 1 with command=\"%s\" and options=\"%s\"", con->command, con->options); return (1); }#endif /* HAVE_JAVA */#ifdef HAVE_PERL else if (!strcasecmp(type->type, "x-httpd-perl")) { /* * "application/x-httpd-perl" is a Perl page. */ SetString(&con->command, CUPS_PERL); if (options) SetStringf(&con->options, "perl %s %s", filename, options); else SetStringf(&con->options, "perl %s", filename); LogMessage(L_DEBUG2, "IsCGI: Returning 1 with command=\"%s\" and options=\"%s\"", con->command, con->options); return (1); }#endif /* HAVE_PERL */#ifdef HAVE_PHP else if (!strcasecmp(type->type, "x-httpd-php")) { /* * "application/x-httpd-php" is a PHP page. */ SetString(&con->command, CUPS_PHP); if (options) SetStringf(&con->options, "php %s %s", filename, options); else SetStringf(&con->options, "php %s", filename); LogMessage(L_DEBUG2, "IsCGI: Returning 1 with command=\"%s\" and options=\"%s\"", con->command, con->options); return (1); }#endif /* HAVE_PHP */#ifdef HAVE_PYTHON else if (!strcasecmp(type->type, "x-httpd-python")) { /* * "application/x-httpd-python" is a Python page. */ SetString(&con->command, CUPS_PYTHON); if (options) SetStringf(&con->options, "python %s %s", filename, options); else SetStringf(&con->options, "python %s", filename); LogMessage(L_DEBUG2, "IsCGI: Returning 1 with command=\"%s\" and options=\"%s\"", con->command, con->options); return (1); }#endif /* HAVE_PYTHON */ LogMessage(L_DEBUG2, "IsCGI: Returning 0..."); return (0);}#endif/* * 'ReadClient()' - Read data from a client. */int /* O - 1 on success, 0 on error */ReadClient(client_t *con) /* I - Client to read from */{ char line[32768], /* Line from client... */ locale[64], /* Locale */ *ptr; /* Pointer into strings */ http_status_t status; /* Transfer status */ ipp_state_t ipp_state; /* State of IPP transfer */ int bytes; /* Number of bytes to POST */ char operation[64]; /* Operation code from socket */ char version[64]; /* HTTP version number string */ int major, minor; /* HTTP version numbers */#if 0 static unsigned request_id = 0; /* Request ID for temp files */ char *filename; /* Name of file for GET/HEAD */ char buf[1024]; /* Buffer for real filename */ struct stat filestats; /* File information */ printer_t *p; /* Printer */ mime_type_t *type; /* MIME type of file */ location_t *best; /* Best match for authentication */#endif DEBUG_printf(("\nFunction RadeClient() START...... \n")); status = HTTP_CONTINUE; LogMessage(L_DEBUG2, "ReadClient: %d, used=%d, file=%d", con->http.fd, con->http.used, con->file); if (con->http.error) { LogMessage(L_DEBUG2, "ReadClient: http error seen..."); return (CloseClient(con)); } switch (con->http.state) { case HTTP_WAITING : /* * See if we've received a request line... */ if (httpGets(line, sizeof(line) - 1, HTTP(con)) == NULL) { LogMessage(L_DEBUG2, "ReadClient: httpGets returned EOF..."); return (CloseClient(con)); } /* * Ignore blank request lines... */ if (line[0] == '\0') break; /* * Clear other state variables... */ httpClearFields(HTTP(con)); con->http.activity = time(NULL); con->http.version = HTTP_1_0; con->http.keep_alive = HTTP_KEEPALIVE_OFF; con->http.data_encoding = HTTP_ENCODE_LENGTH; con->http.data_remaining = 0; con->operation = HTTP_WAITING; con->bytes = 0; con->file = -1; con->file_ready = 0; con->pipe_pid = 0; con->username[0] = '\0'; con->password[0] = '\0'; con->uri[0] = '\0'; ClearString(&con->command); ClearString(&con->options); if (con->language != NULL) { cupsLangFree(con->language); con->language = NULL; } /* * Grab the request line... */ switch (sscanf(line, "%63s%1023s%63s", operation, con->uri, version)) { case 1 : LogMessage(L_ERROR, "Bad request line \"%s\" from %s!", line, con->http.hostname); SendError(con, HTTP_BAD_REQUEST); return (CloseClient(con)); case 2 : con->http.version = HTTP_0_9; break; case 3 : if (sscanf(version, "HTTP/%d.%d", &major, &minor) != 2) { LogMessage(L_ERROR, "Bad request line \"%s\" from %s!", line, con->http.hostname); SendError(con, HTTP_BAD_REQUEST); return (CloseClient(con)); } if (major < 2) { con->http.version = (http_version_t)(major * 100 + minor); if (con->http.version == HTTP_1_1 && KeepAlive) con->http.keep_alive = HTTP_KEEPALIVE_ON; else con->http.keep_alive = HTTP_KEEPALIVE_OFF; } else { SendError(con, HTTP_NOT_SUPPORTED); return (CloseClient(con)); } break; } /* * Handle full URLs in the request line... */ if (con->uri[0] != '/' && strcmp(con->uri, "*")) { char method[HTTP_MAX_URI], /* Method/scheme */ userpass[HTTP_MAX_URI], /* Username:password */ hostname[HTTP_MAX_URI], /* Hostname */ resource[HTTP_MAX_URI]; /* Resource path */ int port; /* Port number */ /* * Separate the URI into its components... */ httpSeparate(con->uri, method, userpass, hostname, &port, resource); /* * Only allow URIs with the servername, localhost, or an IP * address... */ if (strcasecmp(hostname, ServerName) && strcasecmp(hostname, "localhost") && !isdigit(hostname[0])) { /* * Nope, we don't do proxies... */ LogMessage(L_ERROR, "Bad URI \"%s\" in request!", con->uri); SendError(con, HTTP_METHOD_NOT_ALLOWED); return (CloseClient(con)); } /* * Copy the resource portion back into the URI; both resource and * con->uri are HTTP_MAX_URI bytes in size... */ strcpy(con->uri, resource); } /* * Process the request... */ if (strcmp(operation, "GET") == 0) con->http.state = HTTP_GET; else if (strcmp(operation, "PUT") == 0) con->http.state = HTTP_PUT; else if (strcmp(operation, "POST") == 0) con->http.state = HTTP_POST; else if (strcmp(operation, "DELETE") == 0) con->http.state = HTTP_DELETE; else if (strcmp(operation, "TRACE") == 0)⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -