[Openvas-commits] r6043 - in trunk/gsa: . src
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Wed Dec 2 20:35:32 CET 2009
Author: jan
Date: 2009-12-02 20:35:31 +0100 (Wed, 02 Dec 2009)
New Revision: 6043
Modified:
trunk/gsa/ChangeLog
trunk/gsa/src/gsad.c
Log:
* src/gsad.c (print_header, send_response,
send_http_authenticate_header, request_handler): Improve documentation.
(request_handler): Use "const" where possible. Introduce
oap_cgi_base. Improve redirect for non-base URLs. Redirect
"/login/". Fix memleak.
(gsad_init): Improve documentation. Call init_validator.
Modified: trunk/gsa/ChangeLog
===================================================================
--- trunk/gsa/ChangeLog 2009-12-02 19:13:51 UTC (rev 6042)
+++ trunk/gsa/ChangeLog 2009-12-02 19:35:31 UTC (rev 6043)
@@ -1,5 +1,14 @@
2009-12-02 Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
+ * src/gsad.c (print_header, send_response,
+ send_http_authenticate_header, request_handler): Improve documentation.
+ (request_handler): Use "const" where possible. Introduce
+ oap_cgi_base. Improve redirect for non-base URLs. Redirect
+ "/login/". Fix memleak.
+ (gsad_init): Improve documentation. Call init_validator.
+
+2009-12-02 Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
+
* src/gsad.c: Fixed some comments. Added list of includes.
(DEFAULT_GSAD_PORT, DEFAULT_OPENVAS_ADMINISTRATOR_PORT,
DEFAULT_OPENVAS_MANAGER_PORT, GCRY_THREAD_OPTION_PTHREAD_IMPL,
Modified: trunk/gsa/src/gsad.c
===================================================================
--- trunk/gsa/src/gsad.c 2009-12-02 19:13:51 UTC (rev 6042)
+++ trunk/gsa/src/gsad.c 2009-12-02 19:35:31 UTC (rev 6043)
@@ -174,14 +174,11 @@
*
* The current implementation is empty.
*
- * @param cls Not used for this callback.
+ * @param[in] cls Not used for this callback.
+ * @param[in] kind Not used for this callback.
+ * @param[in] key Header key.
+ * @param[in] value Header value.
*
- * @param kind Not used for this callback.
- *
- * @param key Header key.
- *
- * @param key Header value.
- *
* @return MHD_YES is always returned.
*/
int
@@ -194,12 +191,10 @@
/**
* @brief Sends a HTTP response.
*
- * @param connection The connection handle.
+ * @param[in] connection The connection handle.
+ * @param[in] page The HTML page content.
+ * @param[in] status_code The HTTP status code.
*
- * @param page The HTML page content.
- *
- * @param status The HTTP status code.
- *
* @return The result of MHD_queue_response.
*/
int
@@ -219,10 +214,9 @@
/**
* @brief Sends a HTTP redirection.
*
- * @param connection The connection handle.
+ * @param[in] connection The connection handle.
+ * @param[in] location The URL to redirect to.
*
- * @param location The URL where to redirect.
- *
* @return MHD_NO in case of a problem. Else MHD_YES.
*/
int
@@ -251,10 +245,9 @@
/**
* @brief Sends HTTP header requesting the browser to authenticate itself.
*
- * @param connection The connection object.
+ * @param[in] connection The connection object.
+ * @param[in] realm Name of the realm that was authenticated for.
*
- * @param realm Name of the realm that was authenticated for.
- *
* @return MHD_NO in case of an error. Else the result of queueing
* the response.
*/
@@ -293,6 +286,8 @@
/**
* @brief HTTP request handler for GSAD.
*
+ * This routine is the callback request handler for microhttpd.
+ *
* @param[in] cls Not used for this callback.
* @param[in] connection Connection handle, e.g. used to send response.
* @param[in] url The URL requested.
@@ -300,12 +295,10 @@
* @param[in] version Not used for this callback.
* @param[in] upload_data Data used for POST requests.
* @param[in] upload_data_size Size of upload_data.
- * @param[out] con_cls For exhange of connection-related data
+ * @param[out] con_cls For exchange of connection-related data
* (here a struct gsad_connection_info).
*
* @return MHD_NO in case of problems. MHD_YES if all is OK.
- *
- * This routine is the callback request handler for microhttpd.
*/
int
request_handler (void *cls, struct MHD_Connection *connection,
@@ -313,8 +306,9 @@
const char *version, const char *upload_data,
size_t * upload_data_size, void **con_cls)
{
- char *url_base = "/";
- char *cgi_base = "/omp";
+ const char *url_base = "/";
+ const char *omp_cgi_base = "/omp";
+ const char *oap_cgi_base = "/oap";
char *default_file = "/login/login.html";
struct MHD_Response *response;
@@ -329,6 +323,7 @@
{
struct gsad_connection_info *con_info;
+ // @todo what frees this?
con_info = calloc (1, sizeof (struct gsad_connection_info));
if (NULL == con_info)
return MHD_NO;
@@ -344,14 +339,22 @@
return MHD_NO;
/* Only accept GET and POST methods and send ERROR_PAGE in other cases. */
- if ((0 != strcmp (method, "GET")) && (0 != strcmp (method, "POST")))
+ if (strcmp (method, "GET") && strcmp (method, "POST"))
+ /** @todo return MHD_NO;? */
send_response (connection, ERROR_PAGE, MHD_HTTP_METHOD_NOT_ACCEPTABLE);
/* Redirect any URL not matching the base to the default file. */
if (strcmp (&url[0], url_base) == 0)
{
- send_redirect_header (connection, default_file);
- return MHD_YES;
+ if (is_http_authenticated (connection))
+ {
+ return send_http_authenticate_header (connection, REALM);
+ }
+ else
+ {
+ send_redirect_header (connection, default_file);
+ return MHD_YES;
+ }
}
/* Treat logging out specially. */
@@ -359,6 +362,12 @@
&& (!strncmp (&url[0], "/logout", strlen ("/logout")))) /* flawfinder: ignore,
it is a const str */
{
+ /**
+ * @todo The problem is the URL is still "/logout" after the
+ * authentication, so this just keeps sending the auth header.
+ * All the user can do is cancel so the browser clears the
+ * credentials. Perhaps the only way to do this is to keep
+ * state across requests. */
if (is_http_authenticated (connection))
{
return send_http_authenticate_header (connection, REALM);
@@ -370,6 +379,15 @@
}
}
+ if ((!strcmp (method, "GET"))
+ && (! strncmp (&url[0], "/login/", strlen ("/login/"))) /* flawfinder: ignore,
+ it is a const str */
+ && ! url[strlen ("/login/")])
+ {
+ send_redirect_header (connection, default_file);
+ return MHD_YES;
+ }
+
/* Check for authentication. */
if ((!is_http_authenticated (connection))
&& (strncmp (&url[0], "/login/", strlen ("/login/")))) /* flawfinder: ignore,
@@ -385,10 +403,10 @@
{
/* This is a GET request. */
- if (!strncmp (&url[0], cgi_base, strlen (cgi_base))) /* flawfinder: ignore,
- it is a const str */
+ if (!strncmp (&url[0], omp_cgi_base, strlen (omp_cgi_base))
+ || !strncmp (&url[0], oap_cgi_base, strlen (oap_cgi_base)))
{
- /* URL requests to run OMP command. */
+ /* URL requests to run OMP or OAP command. */
unsigned int res_len = 0;
res = exec_omp_get (connection);
@@ -398,7 +416,9 @@
response_size = 0;
}
else
- res_len = strlen (res);
+ {
+ res_len = strlen (res);
+ }
response = MHD_create_response_from_data (res_len,
(void *) res,
@@ -438,16 +458,23 @@
/* URL requests neither an OMP command nor a special GSAD command,
* so it is a simple file. */
- /* FIXME: validation, URL length restriction */
+ /* @todo: validation, URL length restriction */
path = g_strconcat (GSA_STATE_DIR, url, NULL);
file = fopen (path, "r"); /* flawfinder: ignore, this file is just
read and sent */
- /* In case the file is not found, always serve the default file. */
+ /* In case the file is not found, logout if logged in, else always
+ * the default file. */
if (file == NULL)
{
tracef ("File %s failed, ", path);
g_free (path);
+
+ if (is_http_authenticated (connection))
+ {
+ return send_http_authenticate_header (connection, REALM);
+ }
+
path = g_strconcat (GSA_STATE_DIR, default_file, NULL);
tracef ("trying default file <%s>.\n", path);
file = fopen (path, "r"); /* flawfinder: ignore, this file is just
@@ -459,6 +486,7 @@
/* Even the default file failed. */
tracef ("Default file failed.\n");
send_response (connection, FILE_NOT_FOUND, MHD_HTTP_NOT_FOUND);
+ g_free (path);
}
else
{
@@ -493,12 +521,13 @@
{
struct gsad_connection_info *con_info;
+ // @todo what frees this?
con_info = calloc (1, sizeof (struct gsad_connection_info));
if (NULL == con_info)
return MHD_NO;
con_info->postprocessor =
- MHD_create_post_processor (connection, POSTBUFFERSIZE,
+ MHD_create_post_processor (connection, POST_BUFFER_SIZE,
serve_post, (void *) con_info);
if (NULL == con_info->postprocessor)
return MHD_NO;
@@ -527,10 +556,10 @@
/**
* @brief Initialization routine for GSAD.
*
+ * This routine checks for required files and initializes the gcrypt
+ * library.
+ *
* @return MHD_NO in case of problems. MHD_YES if all is OK.
- *
- * This routine checks or required files and initializes the gcrypt
- * library.
*/
int
gsad_init (void)
@@ -587,6 +616,9 @@
return MHD_NO;
}
+ /* Init the validator. */
+ init_validator ();
+
tracef ("Initialization of GSA successful.\n");
return MHD_YES;
}
More information about the Openvas-commits
mailing list