Greenbone Security Assistant
|
HTTP handling. More...
#include "gsad_http.h"
#include "gsad_base.h"
#include "gsad_i18n.h"
#include "gsad_settings.h"
#include "utils.h"
#include <assert.h>
#include <gvm/base/networking.h>
#include <gvm/util/xmlutils.h>
#include <locale.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
Macros | |
#define | G_LOG_DOMAIN "gsad http" |
GLib log domain. More... | |
Functions | |
content_type_t | guess_content_type (const gchar *path) |
Guess a content type from a file extension. More... | |
void | gsad_add_content_type_header (http_response_t *response, content_type_t *ct) |
Adds content-type header fields to a response. More... | |
int | send_redirect_to_uri (http_connection_t *connection, const char *uri, const gchar *sid) |
Sends a HTTP redirection to an uri. More... | |
int | send_response (http_connection_t *connection, const char *content, int status_code, const gchar *sid, content_type_t content_type, const char *content_disposition, size_t content_length) |
Sends a HTTP response. More... | |
int | handler_send_response (http_connection_t *connection, http_response_t *response, cmd_response_data_t *response_data, const gchar *sid) |
Send response for handle_request. More... | |
int | handler_create_response (http_connection_t *connection, gchar *data, cmd_response_data_t *response_data, const gchar *sid) |
Create and send a response. More... | |
http_response_t * | create_not_found_response (cmd_response_data_t *response_data) |
Create a default 404 (not found) http response. More... | |
int | handler_send_reauthentication (http_connection_t *connection, int http_status_code, authentication_reason_t reason) |
Allow for reauthentication of a user. More... | |
int | remove_sid (http_response_t *response) |
Attach expired SID cookie to response. More... | |
int | attach_sid (http_response_t *response, const char *sid) |
Attach SID cookie to a response, resetting "expire" arg. More... | |
int | attach_remove_sid (http_response_t *response, const gchar *sid) |
static int | file_reader (void *cls, uint64_t pos, char *buf, int max) |
Reads from a file. More... | |
http_response_t * | file_content_response (http_connection_t *connection, const char *url, const char *path, cmd_response_data_t *response_data) |
Create a response to serve a file from a path. More... | |
static int | append_param (void *string, enum MHD_ValueKind kind, const char *key, const char *value) |
Append a request param to a string. More... | |
gchar * | reconstruct_url (http_connection_t *connection, const char *url) |
Reconstruct the URL for a connection. More... | |
void | add_security_headers (http_response_t *response) |
Add security headers to a MHD response. More... | |
void | add_guest_chart_content_security_headers (http_response_t *response) |
Add guest chart content security headers to a MHD response. More... | |
void | add_cors_headers (http_response_t *response) |
void | add_forbid_caching_headers (http_response_t *response) |
Add header to forbid caching to a HTTP response. More... | |
int | get_client_address (http_connection_t *conn, char *client_address) |
Get the client's address. More... | |
int | serve_post (void *coninfo_cls, enum MHD_ValueKind kind, const char *key, const char *filename, const char *content_type, const char *transfer_encoding, const char *data, uint64_t off, size_t size) |
Serves part of a POST request. More... | |
char * | gsad_message (credentials_t *credentials, const char *title, const char *function, int line, const char *msg, cmd_response_data_t *response_data) |
Handles fatal errors. More... | |
HTTP handling.
#define G_LOG_DOMAIN "gsad http" |
GLib log domain.
void add_cors_headers | ( | http_response_t * | response | ) |
void add_forbid_caching_headers | ( | http_response_t * | response | ) |
Add header to forbid caching to a HTTP response.
[in] | response | The HTTP response to add the headers to. |
[in] | allow_caching | 1 to allow caching, 0 to forbid. |
void add_guest_chart_content_security_headers | ( | http_response_t * | response | ) |
Add guest chart content security headers to a MHD response.
void add_security_headers | ( | http_response_t * | response | ) |
Add security headers to a MHD response.
|
static |
Append a request param to a string.
[in] | string | String. |
[in] | kind | Kind of request data. |
[in] | key | Key. |
[in] | value | Value. |
int attach_remove_sid | ( | http_response_t * | response, |
const gchar * | sid | ||
) |
Attach or remove session id
If sid is "0" the session id will be removed. Otherwise if the sid is not NULL the sid will be attached to the response.
[in] | response | HTTP response |
[in] | sid | Session ID |
int attach_sid | ( | http_response_t * | response, |
const char * | sid | ||
) |
Attach SID cookie to a response, resetting "expire" arg.
[in] | response | Response. |
[in] | sid | Session ID. |
http_response_t* create_not_found_response | ( | cmd_response_data_t * | response_data | ) |
Create a default 404 (not found) http response.
[out] | response_data | Response data to return |
http_response_t* file_content_response | ( | http_connection_t * | connection, |
const char * | url, | ||
const char * | path, | ||
cmd_response_data_t * | response_data | ||
) |
Create a response to serve a file from a path.
[in] | connection | Connection. |
[in] | url | Requested URL. |
[in] | path | Path to file. |
[out] | response_data | Return response data |
|
static |
Reads from a file.
[in] | cls | File. |
[in] | pos | Position in file to start reading. |
[out] | buf | Buffer to read into. |
[in] | max | Maximum number of bytes to read. |
int get_client_address | ( | http_connection_t * | conn, |
char * | client_address | ||
) |
Get the client's address.
[in] | conn | Connection. |
[out] | client_address | Buffer to store client address. Must have at least INET6_ADDRSTRLEN bytes. |
void gsad_add_content_type_header | ( | http_response_t * | response, |
content_type_t * | ct | ||
) |
Adds content-type header fields to a response.
This function should be called only once per response and is the only function where values of enum content_types are translated into strings.
[in,out] | response | Response to add header to. |
[in] | ct | Content Type to set. |
char* gsad_message | ( | credentials_t * | credentials, |
const char * | title, | ||
const char * | function, | ||
int | line, | ||
const char * | msg, | ||
cmd_response_data_t * | response_data | ||
) |
Handles fatal errors.
[in] | credentials | User authentication information. |
[in] | title | The title for the message. |
[in] | function | The function in which the error occurred. |
[in] | line | The line number at which the error occurred. |
[in] | msg | The response message. |
[out] | response_data | Extra data return for the HTTP response. |
content_type_t guess_content_type | ( | const gchar * | path | ) |
Guess a content type from a file extension.
[in] | path | filename with extension |
int handler_create_response | ( | http_connection_t * | connection, |
gchar * | data, | ||
cmd_response_data_t * | response_data, | ||
const gchar * | sid | ||
) |
Create and send a response.
The passed response data will be freed and can't be used afterwards
[in] | connection | Connection handle, e.g. used to send response. |
[in] | data | Data to send in response |
[in] | response_data | Response data struct. Response data will be freed. |
[in] | sid | Session ID, or NULL. "0" to remove session. |
int handler_send_reauthentication | ( | http_connection_t * | connection, |
int | http_status_code, | ||
authentication_reason_t | reason | ||
) |
Allow for reauthentication of a user.
[in] | connection | Connection handle, e.g. used to send response. |
[in] | http_status_code | HTTP status code for the response. |
[in] | reason | Reason for re-authentication |
int handler_send_response | ( | http_connection_t * | connection, |
http_response_t * | response, | ||
cmd_response_data_t * | response_data, | ||
const gchar * | sid | ||
) |
Send response for handle_request.
The passed response data will be freed and can't be used afterwards
[in] | connection | Connection handle, e.g. used to send response. |
[in] | response | Response. |
[in] | response_data | Response data struct. Response data will be freed. |
[in] | sid | Session ID, or NULL. "0" to remove session. |
gchar* reconstruct_url | ( | http_connection_t * | connection, |
const char * | url | ||
) |
Reconstruct the URL for a connection.
[in] | connection | Connection. |
[in] | url | Base part of URL. |
int remove_sid | ( | http_response_t * | response | ) |
Attach expired SID cookie to response.
[in] | response | Response. |
int send_redirect_to_uri | ( | http_connection_t * | connection, |
const char * | uri, | ||
const gchar * | sid | ||
) |
Sends a HTTP redirection to an uri.
[in] | connection | The connection handle. |
[in] | uri | The full URI to redirect to. |
[in] | sid | Session ID to add, or NULL. |
int send_response | ( | http_connection_t * | connection, |
const char * | content, | ||
int | status_code, | ||
const gchar * | sid, | ||
content_type_t | content_type, | ||
const char * | content_disposition, | ||
size_t | content_length | ||
) |
Sends a HTTP response.
[in] | connection | The connection handle. |
[in] | content | The content. |
[in] | status_code | The HTTP status code. |
[in] | sid | Session ID, or NULL. |
[in] | content_type | The content type. |
[in] | content_disposition | The content disposition or NULL. |
[in] | content_length | Content length, 0 for strlen (content). |
int serve_post | ( | void * | coninfo_cls, |
enum MHD_ValueKind | kind, | ||
const char * | key, | ||
const char * | filename, | ||
const char * | content_type, | ||
const char * | transfer_encoding, | ||
const char * | data, | ||
uint64_t | off, | ||
size_t | size | ||
) |
Serves part of a POST request.
Implements an MHD_PostDataIterator.
Called one or more times to collect the multiple parts (key/value pairs) of a POST request. Fills the params of a gsad_connection_info.
After serve_post, the connection info is free'd.
[in,out] | coninfo_cls | Connection info (a gsad_connection_info). |
[in] | kind | Type of request data (header, cookie, etc.). |
[in] | key | Name of data (name of request variable). |
[in] | filename | Name of uploaded file if any, else NULL. |
[in] | content_type | MIME type of data if known, else NULL. |
[in] | transfer_encoding | Transfer encoding if known, else NULL. |
[in] | data | Data. |
[in] | off | Offset into entire data. |
[in] | size | Size of data, in bytes. |