One Level Up Top Level

src/http/modules/ngx_http_dav_module.c - nginx

Global variables defined

Data types defined

Functions defined

Macros defined

Source code


  2. /*
  3. * Copyright (C) Igor Sysoev
  4. * Copyright (C) Nginx, Inc.
  5. */


  8. #include <ngx_config.h>
  9. #include <ngx_core.h>
  10. #include <ngx_http.h>


  13. #define NGX_HTTP_DAV_OFF             2


  16. #define NGX_HTTP_DAV_NO_DEPTH        -3
  17. #define NGX_HTTP_DAV_INVALID_DEPTH   -2
  18. #define NGX_HTTP_DAV_INFINITY_DEPTH  -1


  21. typedef struct {
  22.     ngx_uint_t  methods;
  23.     ngx_uint_t  access;
  24.     ngx_uint_t  min_delete_depth;
  25.     ngx_flag_t  create_full_put_path;
  26. } ngx_http_dav_loc_conf_t;


  29. typedef struct {
  30.     ngx_str_t   path;
  31.     size_t      len;
  32. } ngx_http_dav_copy_ctx_t;


  35. static ngx_int_t ngx_http_dav_handler(ngx_http_request_t *r);

  37. static void ngx_http_dav_put_handler(ngx_http_request_t *r);

  39. static ngx_int_t ngx_http_dav_delete_handler(ngx_http_request_t *r);
  40. static ngx_int_t ngx_http_dav_delete_path(ngx_http_request_t *r,
  41.     ngx_str_t *path, ngx_uint_t dir);
  42. static ngx_int_t ngx_http_dav_delete_dir(ngx_tree_ctx_t *ctx, ngx_str_t *path);
  43. static ngx_int_t ngx_http_dav_delete_file(ngx_tree_ctx_t *ctx, ngx_str_t *path);
  44. static ngx_int_t ngx_http_dav_noop(ngx_tree_ctx_t *ctx, ngx_str_t *path);

  46. static ngx_int_t ngx_http_dav_mkcol_handler(ngx_http_request_t *r,
  47.     ngx_http_dav_loc_conf_t *dlcf);

  49. static ngx_int_t ngx_http_dav_copy_move_handler(ngx_http_request_t *r);
  50. static void ngx_http_dav_merge_slashes(ngx_str_t *path);
  51. static ngx_int_t ngx_http_dav_validate_paths(ngx_http_request_t *r,
  52.     ngx_str_t *src, ngx_str_t *dst, ngx_uint_t slash, ngx_table_elt_t *dest);
  53. static ngx_int_t ngx_http_dav_copy_dir(ngx_tree_ctx_t *ctx, ngx_str_t *path);
  54. static ngx_int_t ngx_http_dav_copy_dir_time(ngx_tree_ctx_t *ctx,
  55.     ngx_str_t *path);
  56. static ngx_int_t ngx_http_dav_copy_tree_file(ngx_tree_ctx_t *ctx,
  57.     ngx_str_t *path);

  59. static ngx_int_t ngx_http_dav_depth(ngx_http_request_t *r, ngx_int_t dflt);
  60. static ngx_int_t ngx_http_dav_error(ngx_log_t *log, ngx_err_t err,
  61.     ngx_int_t not_found, char *failed, u_char *path);
  62. static ngx_int_t ngx_http_dav_location(ngx_http_request_t *r);
  63. static void *ngx_http_dav_create_loc_conf(ngx_conf_t *cf);
  64. static char *ngx_http_dav_merge_loc_conf(ngx_conf_t *cf,
  65.     void *parent, void *child);
  66. static ngx_int_t ngx_http_dav_init(ngx_conf_t *cf);


  69. static ngx_conf_bitmask_t  ngx_http_dav_methods_mask[] = {
  70.     { ngx_string("off"), NGX_HTTP_DAV_OFF },
  71.     { ngx_string("put"), NGX_HTTP_PUT },
  72.     { ngx_string("delete"), NGX_HTTP_DELETE },
  73.     { ngx_string("mkcol"), NGX_HTTP_MKCOL },
  74.     { ngx_string("copy"), NGX_HTTP_COPY },
  75.     { ngx_string("move"), NGX_HTTP_MOVE },
  76.     { ngx_null_string, 0 }
  77. };


  80. static ngx_command_t  ngx_http_dav_commands[] = {

  82.     { ngx_string("dav_methods"),
  83.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
  84.       ngx_conf_set_bitmask_slot,
  85.       NGX_HTTP_LOC_CONF_OFFSET,
  86.       offsetof(ngx_http_dav_loc_conf_t, methods),
  87.       &ngx_http_dav_methods_mask },

  89.     { ngx_string("create_full_put_path"),
  90.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
  91.       ngx_conf_set_flag_slot,
  92.       NGX_HTTP_LOC_CONF_OFFSET,
  93.       offsetof(ngx_http_dav_loc_conf_t, create_full_put_path),
  94.       NULL },

  96.     { ngx_string("min_delete_depth"),
  97.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  98.       ngx_conf_set_num_slot,
  99.       NGX_HTTP_LOC_CONF_OFFSET,
  100.       offsetof(ngx_http_dav_loc_conf_t, min_delete_depth),
  101.       NULL },

  103.     { ngx_string("dav_access"),
  104.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE123,
  105.       ngx_conf_set_access_slot,
  106.       NGX_HTTP_LOC_CONF_OFFSET,
  107.       offsetof(ngx_http_dav_loc_conf_t, access),
  108.       NULL },

  110.       ngx_null_command
  111. };


  114. static ngx_http_module_t  ngx_http_dav_module_ctx = {
  115.     NULL,                                  /* preconfiguration */
  116.     ngx_http_dav_init,                     /* postconfiguration */

  118.     NULL,                                  /* create main configuration */
  119.     NULL,                                  /* init main configuration */

  121.     NULL,                                  /* create server configuration */
  122.     NULL,                                  /* merge server configuration */

  124.     ngx_http_dav_create_loc_conf,          /* create location configuration */
  125.     ngx_http_dav_merge_loc_conf            /* merge location configuration */
  126. };


  129. ngx_module_t  ngx_http_dav_module = {
  130.     NGX_MODULE_V1,
  131.     &ngx_http_dav_module_ctx,              /* module context */
  132.     ngx_http_dav_commands,                 /* module directives */
  133.     NGX_HTTP_MODULE,                       /* module type */
  134.     NULL,                                  /* init master */
  135.     NULL,                                  /* init module */
  136.     NULL,                                  /* init process */
  137.     NULL,                                  /* init thread */
  138.     NULL,                                  /* exit thread */
  139.     NULL,                                  /* exit process */
  140.     NULL,                                  /* exit master */
  141.     NGX_MODULE_V1_PADDING
  142. };


  145. static ngx_int_t
  146. ngx_http_dav_handler(ngx_http_request_t *r)
  147. {
  148.     ngx_int_t                 rc;
  149.     ngx_http_dav_loc_conf_t  *dlcf;

  151.     dlcf = ngx_http_get_module_loc_conf(r, ngx_http_dav_module);

  153.     if (!(r->method & dlcf->methods)) {
  154.         return NGX_DECLINED;
  155.     }

  157.     switch (r->method) {

  159.     case NGX_HTTP_PUT:

  161.         if (r->uri.data[r->uri.len - 1] == '/') {
  162.             ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  163.                           "cannot PUT to a collection");
  164.             return NGX_HTTP_CONFLICT;
  165.         }

  167.         if (r->headers_in.content_range) {
  168.             ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  169.                           "PUT with range is unsupported");
  170.             return NGX_HTTP_NOT_IMPLEMENTED;
  171.         }

  173.         r->request_body_in_file_only = 1;
  174.         r->request_body_in_persistent_file = 1;
  175.         r->request_body_in_clean_file = 1;
  176.         r->request_body_file_group_access = 1;
  177.         r->request_body_file_log_level = 0;

  179.         rc = ngx_http_read_client_request_body(r, ngx_http_dav_put_handler);

  181.         if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
  182.             return rc;
  183.         }

  185.         return NGX_DONE;

  187.     case NGX_HTTP_DELETE:

  189.         return ngx_http_dav_delete_handler(r);

  191.     case NGX_HTTP_MKCOL:

  193.         return ngx_http_dav_mkcol_handler(r, dlcf);

  195.     case NGX_HTTP_COPY:

  197.         return ngx_http_dav_copy_move_handler(r);

  199.     case NGX_HTTP_MOVE:

  201.         return ngx_http_dav_copy_move_handler(r);
  202.     }

  204.     return NGX_DECLINED;
  205. }


  208. static void
  209. ngx_http_dav_put_handler(ngx_http_request_t *r)
  210. {
  211.     size_t                    root;
  212.     time_t                    date;
  213.     ngx_str_t                *temp, path;
  214.     ngx_uint_t                status;
  215.     ngx_file_info_t           fi;
  216.     ngx_ext_rename_file_t     ext;
  217.     ngx_http_dav_loc_conf_t  *dlcf;

  219.     if (r->request_body == NULL) {
  220.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  221.                       "PUT request body is unavailable");
  222.         ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
  223.         return;
  224.     }

  226.     if (r->request_body->temp_file == NULL) {
  227.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  228.                       "PUT request body must be in a file");
  229.         ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
  230.         return;
  231.     }

  233.     if (ngx_http_map_uri_to_path(r, &path, &root, 0) == NULL) {
  234.         ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
  235.         return;
  236.     }

  238.     path.len--;

  240.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  241.                    "http put filename: \"%s\"", path.data);

  243.     temp = &r->request_body->temp_file->file.name;

  245.     if (ngx_file_info(path.data, &fi) == NGX_FILE_ERROR) {
  246.         status = NGX_HTTP_CREATED;

  248.     } else {
  249.         status = NGX_HTTP_NO_CONTENT;

  251.         if (ngx_is_dir(&fi)) {
  252.             ngx_log_error(NGX_LOG_ERR, r->connection->log, NGX_EISDIR,
  253.                           "\"%s\" could not be created", path.data);

  255.             if (ngx_delete_file(temp->data) == NGX_FILE_ERROR) {
  256.                 ngx_log_error(NGX_LOG_CRIT, r->connection->log, ngx_errno,
  257.                               ngx_delete_file_n " \"%s\" failed",
  258.                               temp->data);
  259.             }

  261.             ngx_http_finalize_request(r, NGX_HTTP_CONFLICT);
  262.             return;
  263.         }
  264.     }

  266.     dlcf = ngx_http_get_module_loc_conf(r, ngx_http_dav_module);

  268.     ext.access = dlcf->access;
  269.     ext.path_access = dlcf->access;
  270.     ext.time = -1;
  271.     ext.create_path = dlcf->create_full_put_path;
  272.     ext.delete_file = 1;
  273.     ext.log = r->connection->log;

  275.     if (r->headers_in.date) {
  276.         date = ngx_parse_http_time(r->headers_in.date->value.data,
  277.                                    r->headers_in.date->value.len);

  279.         if (date != NGX_ERROR) {
  280.             ext.time = date;
  281.             ext.fd = r->request_body->temp_file->file.fd;
  282.         }
  283.     }

  285.     if (ngx_ext_rename_file(temp, &path, &ext) != NGX_OK) {
  286.         ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
  287.         return;
  288.     }

  290.     if (status == NGX_HTTP_CREATED) {
  291.         if (ngx_http_dav_location(r) != NGX_OK) {
  292.             ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
  293.             return;
  294.         }

  296.         r->headers_out.content_length_n = 0;
  297.     }

  299.     r->headers_out.status = status;
  300.     r->header_only = 1;

  302.     ngx_http_finalize_request(r, ngx_http_send_header(r));
  303.     return;
  304. }


  307. static ngx_int_t
  308. ngx_http_dav_delete_handler(ngx_http_request_t *r)
  309. {
  310.     size_t                    root;
  311.     ngx_err_t                 err;
  312.     ngx_int_t                 rc, depth;
  313.     ngx_uint_t                i, d, dir;
  314.     ngx_str_t                 path;
  315.     ngx_file_info_t           fi;
  316.     ngx_http_dav_loc_conf_t  *dlcf;

  318.     if (r->headers_in.content_length_n > 0 || r->headers_in.chunked) {
  319.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  320.                       "DELETE with body is unsupported");
  321.         return NGX_HTTP_UNSUPPORTED_MEDIA_TYPE;
  322.     }

  324.     dlcf = ngx_http_get_module_loc_conf(r, ngx_http_dav_module);

  326.     if (dlcf->min_delete_depth) {
  327.         d = 0;

  329.         for (i = 0; i < r->uri.len; /* void */) {
  330.             if (r->uri.data[i++] == '/') {
  331.                 if (++d >= dlcf->min_delete_depth && i < r->uri.len) {
  332.                     goto ok;
  333.                 }
  334.             }
  335.         }

  337.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  338.                       "insufficient URI depth:%i to DELETE", d);
  339.         return NGX_HTTP_CONFLICT;
  340.     }

  342. ok:

  344.     if (ngx_http_map_uri_to_path(r, &path, &root, 0) == NULL) {
  345.         return NGX_HTTP_INTERNAL_SERVER_ERROR;
  346.     }

  348.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  349.                    "http delete filename: \"%s\"", path.data);

  351.     if (ngx_link_info(path.data, &fi) == NGX_FILE_ERROR) {
  352.         err = ngx_errno;

  354.         rc = (err == NGX_ENOTDIR) ? NGX_HTTP_CONFLICT : NGX_HTTP_NOT_FOUND;

  356.         return ngx_http_dav_error(r->connection->log, err,
  357.                                   rc, ngx_link_info_n, path.data);
  358.     }

  360.     if (ngx_is_dir(&fi)) {

  362.         if (r->uri.data[r->uri.len - 1] != '/') {
  363.             ngx_log_error(NGX_LOG_ERR, r->connection->log, NGX_EISDIR,
  364.                           "DELETE \"%s\" failed", path.data);
  365.             return NGX_HTTP_CONFLICT;
  366.         }

  368.         depth = ngx_http_dav_depth(r, NGX_HTTP_DAV_INFINITY_DEPTH);

  370.         if (depth != NGX_HTTP_DAV_INFINITY_DEPTH) {
  371.             ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  372.                           "\"Depth\" header must be infinity");
  373.             return NGX_HTTP_BAD_REQUEST;
  374.         }

  376.         path.len -= 2/* omit "/\0" */

  378.         dir = 1;

  380.     } else {

  382.         /*
  383.          * we do not need to test (r->uri.data[r->uri.len - 1] == '/')
  384.          * because ngx_link_info("/file/") returned NGX_ENOTDIR above
  385.          */

  387.         depth = ngx_http_dav_depth(r, 0);

  389.         if (depth != 0 && depth != NGX_HTTP_DAV_INFINITY_DEPTH) {
  390.             ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  391.                           "\"Depth\" header must be 0 or infinity");
  392.             return NGX_HTTP_BAD_REQUEST;
  393.         }

  395.         dir = 0;
  396.     }

  398.     rc = ngx_http_dav_delete_path(r, &path, dir);

  400.     if (rc == NGX_OK) {
  401.         return NGX_HTTP_NO_CONTENT;
  402.     }

  404.     return rc;
  405. }


  408. static ngx_int_t
  409. ngx_http_dav_delete_path(ngx_http_request_t *r, ngx_str_t *path, ngx_uint_t dir)
  410. {
  411.     char            *failed;
  412.     ngx_tree_ctx_t   tree;

  414.     if (dir) {

  416.         tree.init_handler = NULL;
  417.         tree.file_handler = ngx_http_dav_delete_file;
  418.         tree.pre_tree_handler = ngx_http_dav_noop;
  419.         tree.post_tree_handler = ngx_http_dav_delete_dir;
  420.         tree.spec_handler = ngx_http_dav_delete_file;
  421.         tree.data = NULL;
  422.         tree.alloc = 0;
  423.         tree.log = r->connection->log;

  425.         /* TODO: 207 */

  427.         if (ngx_walk_tree(&tree, path) != NGX_OK) {
  428.             return NGX_HTTP_INTERNAL_SERVER_ERROR;
  429.         }

  431.         if (ngx_delete_dir(path->data) != NGX_FILE_ERROR) {
  432.             return NGX_OK;
  433.         }

  435.         failed = ngx_delete_dir_n;

  437.     } else {

  439.         if (ngx_delete_file(path->data) != NGX_FILE_ERROR) {
  440.             return NGX_OK;
  441.         }

  443.         failed = ngx_delete_file_n;
  444.     }

  446.     return ngx_http_dav_error(r->connection->log, ngx_errno,
  447.                               NGX_HTTP_NOT_FOUND, failed, path->data);
  448. }


  451. static ngx_int_t
  452. ngx_http_dav_delete_dir(ngx_tree_ctx_t *ctx, ngx_str_t *path)
  453. {
  454.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
  455.                    "http delete dir: \"%s\"", path->data);

  457.     if (ngx_delete_dir(path->data) == NGX_FILE_ERROR) {

  459.         /* TODO: add to 207 */

  461.         (void) ngx_http_dav_error(ctx->log, ngx_errno, 0, ngx_delete_dir_n,
  462.                                   path->data);
  463.     }

  465.     return NGX_OK;
  466. }


  469. static ngx_int_t
  470. ngx_http_dav_delete_file(ngx_tree_ctx_t *ctx, ngx_str_t *path)
  471. {
  472.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
  473.                    "http delete file: \"%s\"", path->data);

  475.     if (ngx_delete_file(path->data) == NGX_FILE_ERROR) {

  477.         /* TODO: add to 207 */

  479.         (void) ngx_http_dav_error(ctx->log, ngx_errno, 0, ngx_delete_file_n,
  480.                                   path->data);
  481.     }

  483.     return NGX_OK;
  484. }


  487. static ngx_int_t
  488. ngx_http_dav_noop(ngx_tree_ctx_t *ctx, ngx_str_t *path)
  489. {
  490.     return NGX_OK;
  491. }


  494. static ngx_int_t
  495. ngx_http_dav_mkcol_handler(ngx_http_request_t *r, ngx_http_dav_loc_conf_t *dlcf)
  496. {
  497.     u_char    *p;
  498.     size_t     root;
  499.     ngx_str_t  path;

  501.     if (r->headers_in.content_length_n > 0 || r->headers_in.chunked) {
  502.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  503.                       "MKCOL with body is unsupported");
  504.         return NGX_HTTP_UNSUPPORTED_MEDIA_TYPE;
  505.     }

  507.     if (r->uri.data[r->uri.len - 1] != '/') {
  508.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  509.                       "MKCOL can create a collection only");
  510.         return NGX_HTTP_CONFLICT;
  511.     }

  513.     p = ngx_http_map_uri_to_path(r, &path, &root, 0);
  514.     if (p == NULL) {
  515.         return NGX_HTTP_INTERNAL_SERVER_ERROR;
  516.     }

  518.     *(p - 1) = '\0';

  520.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  521.                    "http mkcol path: \"%s\"", path.data);

  523.     if (ngx_create_dir(path.data, ngx_dir_access(dlcf->access))
  524.         != NGX_FILE_ERROR)
  525.     {
  526.         if (ngx_http_dav_location(r) != NGX_OK) {
  527.             return NGX_HTTP_INTERNAL_SERVER_ERROR;
  528.         }

  530.         return NGX_HTTP_CREATED;
  531.     }

  533.     return ngx_http_dav_error(r->connection->log, ngx_errno,
  534.                               NGX_HTTP_CONFLICT, ngx_create_dir_n, path.data);
  535. }


  538. static ngx_int_t
  539. ngx_http_dav_copy_move_handler(ngx_http_request_t *r)
  540. {
  541.     u_char                    *p, *host, *last, ch;
  542.     size_t                     len, root;
  543.     ngx_err_t                  err;
  544.     ngx_int_t                  rc, depth;
  545.     ngx_uint_t                 overwrite, slash, dir, flags;
  546.     ngx_str_t                  path, uri, duri, args;
  547.     ngx_tree_ctx_t             tree;
  548.     ngx_copy_file_t            cf;
  549.     ngx_file_info_t            fi;
  550.     ngx_table_elt_t           *dest, *over;
  551.     ngx_ext_rename_file_t      ext;
  552.     ngx_http_dav_copy_ctx_t    copy;
  553.     ngx_http_dav_loc_conf_t   *dlcf;
  554.     ngx_http_core_loc_conf_t  *clcf;

  556.     if (r->headers_in.content_length_n > 0 || r->headers_in.chunked) {
  557.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  558.                       "COPY and MOVE with body are unsupported");
  559.         return NGX_HTTP_UNSUPPORTED_MEDIA_TYPE;
  560.     }

  562.     dest = r->headers_in.destination;

  564.     if (dest == NULL) {
  565.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  566.                       "client sent no \"Destination\" header");
  567.         return NGX_HTTP_BAD_REQUEST;
  568.     }

  570.     p = dest->value.data;
  571.     /* there is always '\0' even after empty header value */
  572.     if (p[0] == '/') {
  573.         last = p + dest->value.len;
  574.         goto destination_done;
  575.     }

  577.     len = r->headers_in.server.len;

  579.     if (len == 0) {
  580.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  581.                       "client sent no \"Host\" header");
  582.         return NGX_HTTP_BAD_REQUEST;
  583.     }

  585. #if (NGX_HTTP_SSL)

  587.     if (r->connection->ssl) {
  588.         if (ngx_strncmp(dest->value.data, "https://", sizeof("https://") - 1)
  589.             != 0)
  590.         {
  591.             goto invalid_destination;
  592.         }

  594.         host = dest->value.data + sizeof("https://") - 1;

  596.     } else
  597. #endif
  598.     {
  599.         if (ngx_strncmp(dest->value.data, "http://", sizeof("http://") - 1)
  600.             != 0)
  601.         {
  602.             goto invalid_destination;
  603.         }

  605.         host = dest->value.data + sizeof("http://") - 1;
  606.     }

  608.     if (ngx_strncmp(host, r->headers_in.server.data, len) != 0) {
  609.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  610.                       "\"Destination\" URI \"%V\" is handled by "
  611.                       "different repository than the source URI",
  612.                       &dest->value);
  613.         return NGX_HTTP_BAD_REQUEST;
  614.     }

  616.     last = dest->value.data + dest->value.len;

  618.     for (p = host + len; p < last; p++) {
  619.         if (*p == '/') {
  620.             goto destination_done;
  621.         }
  622.     }

  624. invalid_destination:

  626.     ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  627.                   "client sent invalid \"Destination\" header: \"%V\"",
  628.                   &dest->value);
  629.     return NGX_HTTP_BAD_REQUEST;

  631. destination_done:

  633.     duri.len = last - p;
  634.     duri.data = p;
  635.     flags = NGX_HTTP_LOG_UNSAFE;

  637.     if (ngx_http_parse_unsafe_uri(r, &duri, &args, &flags) != NGX_OK) {
  638.         goto invalid_destination;
  639.     }

  641.     if ((r->uri.data[r->uri.len - 1] == '/' && *(last - 1) != '/')
  642.         || (r->uri.data[r->uri.len - 1] != '/' && *(last - 1) == '/'))
  643.     {
  644.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  645.                       "both URI \"%V\" and \"Destination\" URI \"%V\" "
  646.                       "should be either collections or non-collections",
  647.                       &r->uri, &dest->value);
  648.         return NGX_HTTP_CONFLICT;
  649.     }

  651.     clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);

  653.     if (clcf->alias
  654.         && clcf->alias != NGX_MAX_SIZE_T_VALUE
  655.         && duri.len < clcf->alias)
  656.     {
  657.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  658.                       "client sent invalid \"Destination\" header: \"%V\"",
  659.                       &dest->value);
  660.         return NGX_HTTP_BAD_REQUEST;
  661.     }

  663.     depth = ngx_http_dav_depth(r, NGX_HTTP_DAV_INFINITY_DEPTH);

  665.     if (depth != NGX_HTTP_DAV_INFINITY_DEPTH) {

  667.         if (r->method == NGX_HTTP_COPY) {
  668.             if (depth != 0) {
  669.                 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  670.                               "\"Depth\" header must be 0 or infinity");
  671.                 return NGX_HTTP_BAD_REQUEST;
  672.             }

  674.         } else {
  675.             ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  676.                           "\"Depth\" header must be infinity");
  677.             return NGX_HTTP_BAD_REQUEST;
  678.         }
  679.     }

  681.     over = r->headers_in.overwrite;

  683.     if (over) {
  684.         if (over->value.len == 1) {
  685.             ch = over->value.data[0];

  687.             if (ch == 'T' || ch == 't') {
  688.                 overwrite = 1;
  689.                 goto overwrite_done;
  690.             }

  692.             if (ch == 'F' || ch == 'f') {
  693.                 overwrite = 0;
  694.                 goto overwrite_done;
  695.             }

  697.         }

  699.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  700.                       "client sent invalid \"Overwrite\" header: \"%V\"",
  701.                       &over->value);
  702.         return NGX_HTTP_BAD_REQUEST;
  703.     }

  705.     overwrite = 1;

  707. overwrite_done:

  709.     if (ngx_http_map_uri_to_path(r, &path, &root, 0) == NULL) {
  710.         return NGX_HTTP_INTERNAL_SERVER_ERROR;
  711.     }

  713.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  714.                    "http copy from: \"%s\"", path.data);

  716.     uri = r->uri;
  717.     r->uri = duri;

  719.     if (ngx_http_map_uri_to_path(r, &copy.path, &root, 0) == NULL) {
  720.         return NGX_HTTP_INTERNAL_SERVER_ERROR;
  721.     }

  723.     r->uri = uri;

  725.     ngx_http_dav_merge_slashes(&path);
  726.     ngx_http_dav_merge_slashes(&copy.path);

  728.     copy.path.len--;  /* omit "\0" */

  730.     if (copy.path.data[copy.path.len - 1] == '/') {
  731.         slash = 1;
  732.         copy.path.len--;
  733.         copy.path.data[copy.path.len] = '\0';

  735.     } else {
  736.         slash = 0;
  737.     }

  739.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  740.                    "http copy to: \"%s\"", copy.path.data);

  742.     if (ngx_http_dav_validate_paths(r, &path, &copy.path, slash, dest)
  743.         != NGX_OK)
  744.     {
  745.         return NGX_HTTP_FORBIDDEN;
  746.     }

  748.     if (ngx_link_info(copy.path.data, &fi) == NGX_FILE_ERROR) {
  749.         err = ngx_errno;

  751.         if (err != NGX_ENOENT) {
  752.             return ngx_http_dav_error(r->connection->log, err,
  753.                                       NGX_HTTP_NOT_FOUND, ngx_link_info_n,
  754.                                       copy.path.data);
  755.         }

  757.         /* destination does not exist */

  759.         overwrite = 0;
  760.         dir = 0;

  762.     } else {

  764.         /* destination exists */

  766.         if (ngx_is_dir(&fi) && !slash) {
  767.             ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  768.                           "\"%V\" could not be %Ved to collection \"%V\"",
  769.                           &r->uri, &r->method_name, &dest->value);
  770.             return NGX_HTTP_CONFLICT;
  771.         }

  773.         if (!overwrite) {
  774.             ngx_log_error(NGX_LOG_ERR, r->connection->log, NGX_EEXIST,
  775.                           "\"%s\" could not be created", copy.path.data);
  776.             return NGX_HTTP_PRECONDITION_FAILED;
  777.         }

  779.         dir = ngx_is_dir(&fi);
  780.     }

  782.     if (ngx_link_info(path.data, &fi) == NGX_FILE_ERROR) {
  783.         return ngx_http_dav_error(r->connection->log, ngx_errno,
  784.                                   NGX_HTTP_NOT_FOUND, ngx_link_info_n,
  785.                                   path.data);
  786.     }

  788.     if (ngx_is_dir(&fi)) {

  790.         if (r->uri.data[r->uri.len - 1] != '/') {
  791.             ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  792.                           "\"%V\" is collection", &r->uri);
  793.             return NGX_HTTP_BAD_REQUEST;
  794.         }

  796.         if (overwrite) {
  797.             ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  798.                            "http delete: \"%s\"", copy.path.data);

  800.             rc = ngx_http_dav_delete_path(r, &copy.path, dir);

  802.             if (rc != NGX_OK) {
  803.                 return rc;
  804.             }
  805.         }
  806.     }

  808.     if (ngx_is_dir(&fi)) {

  810.         path.len -= 2/* omit "/\0" */

  812.         if (r->method == NGX_HTTP_MOVE) {
  813.             if (ngx_rename_file(path.data, copy.path.data) != NGX_FILE_ERROR) {
  814.                 return NGX_HTTP_CREATED;
  815.             }
  816.         }

  818.         if (ngx_create_dir(copy.path.data, ngx_file_access(&fi))
  819.             == NGX_FILE_ERROR)
  820.         {
  821.             return ngx_http_dav_error(r->connection->log, ngx_errno,
  822.                                       NGX_HTTP_NOT_FOUND,
  823.                                       ngx_create_dir_n, copy.path.data);
  824.         }

  826.         copy.len = path.len;

  828.         tree.init_handler = NULL;
  829.         tree.file_handler = ngx_http_dav_copy_tree_file;
  830.         tree.pre_tree_handler = ngx_http_dav_copy_dir;
  831.         tree.post_tree_handler = ngx_http_dav_copy_dir_time;
  832.         tree.spec_handler = ngx_http_dav_noop;
  833.         tree.data = &copy;
  834.         tree.alloc = 0;
  835.         tree.log = r->connection->log;

  837.         if (ngx_walk_tree(&tree, &path) == NGX_OK) {

  839.             if (r->method == NGX_HTTP_MOVE) {
  840.                 rc = ngx_http_dav_delete_path(r, &path, 1);

  842.                 if (rc != NGX_OK) {
  843.                     return rc;
  844.                 }
  845.             }

  847.             return NGX_HTTP_CREATED;
  848.         }

  850.     } else {

  852.         if (r->method == NGX_HTTP_MOVE) {

  854.             dlcf = ngx_http_get_module_loc_conf(r, ngx_http_dav_module);

  856.             ext.access = 0;
  857.             ext.path_access = dlcf->access;
  858.             ext.time = -1;
  859.             ext.create_path = 1;
  860.             ext.delete_file = 0;
  861.             ext.log = r->connection->log;

  863.             if (ngx_ext_rename_file(&path, &copy.path, &ext) == NGX_OK) {
  864.                 return NGX_HTTP_NO_CONTENT;
  865.             }

  867.             return NGX_HTTP_INTERNAL_SERVER_ERROR;
  868.         }

  870.         cf.size = ngx_file_size(&fi);
  871.         cf.buf_size = 0;
  872.         cf.access = ngx_file_access(&fi);
  873.         cf.time = ngx_file_mtime(&fi);
  874.         cf.log = r->connection->log;

  876.         if (ngx_copy_file(path.data, copy.path.data, &cf) == NGX_OK) {
  877.             return NGX_HTTP_NO_CONTENT;
  878.         }
  879.     }

  881.     return NGX_HTTP_INTERNAL_SERVER_ERROR;
  882. }


  885. static void
  886. ngx_http_dav_merge_slashes(ngx_str_t *path)
  887. {
  888.     u_char  *p, *q;

  890.     p = path->data;
  891.     q = path->data;

  893.     while (*p) {
  894.         *q++ = *p;

  896.         if (*p++ == '/') {
  897.             while (*p == '/') {
  898.                 p++;
  899.             }
  900.         }
  901.     }

  903.     *q++ = '\0';
  904.     path->len = q - path->data;
  905. }


  908. static ngx_int_t
  909. ngx_http_dav_validate_paths(ngx_http_request_t *r, ngx_str_t *src,
  910.     ngx_str_t *dst, ngx_uint_t slash, ngx_table_elt_t *dest)
  911. {
  912.     size_t  len;

  914.     len = src->len - 1;

  916.     if (len > 0 && src->data[len - 1] == '/') {
  917.         len--;
  918.     }

  920.     if (len == dst->len && ngx_strncmp(src->data, dst->data, len) == 0) {
  921.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  922.                       "both URI \"%V\" and \"Destination\" URI \"%V\" "
  923.                       "point to the same location",
  924.                       &r->uri, &dest->value);
  925.         return NGX_HTTP_FORBIDDEN;
  926.     }

  928.     if (slash
  929.         && ngx_strncmp(src->data, dst->data, ngx_min(len, dst->len)) == 0
  930.         && (len < dst->len
  931.             ? dst->data[len] == '/'
  932.             : src->data[dst->len] == '/'))
  933.     {
  934.         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  935.                       "\"%V\" could not be %Ved to collection \"%V\"",
  936.                       &r->uri, &r->method_name, &dest->value);
  937.         return NGX_HTTP_FORBIDDEN;
  938.     }

  940.     return NGX_OK;
  941. }


  944. static ngx_int_t
  945. ngx_http_dav_copy_dir(ngx_tree_ctx_t *ctx, ngx_str_t *path)
  946. {
  947.     u_char                   *p, *dir;
  948.     size_t                    len;
  949.     ngx_http_dav_copy_ctx_t  *copy;

  951.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
  952.                    "http copy dir: \"%s\"", path->data);

  954.     copy = ctx->data;

  956.     len = copy->path.len + path->len;

  958.     dir = ngx_alloc(len + 1, ctx->log);
  959.     if (dir == NULL) {
  960.         return NGX_ABORT;
  961.     }

  963.     p = ngx_cpymem(dir, copy->path.data, copy->path.len);
  964.     (void) ngx_cpystrn(p, path->data + copy->len, path->len - copy->len + 1);

  966.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
  967.                    "http copy dir to: \"%s\"", dir);

  969.     if (ngx_create_dir(dir, ngx_dir_access(ctx->access)) == NGX_FILE_ERROR) {
  970.         (void) ngx_http_dav_error(ctx->log, ngx_errno, 0, ngx_create_dir_n,
  971.                                   dir);
  972.     }

  974.     ngx_free(dir);

  976.     return NGX_OK;
  977. }


  980. static ngx_int_t
  981. ngx_http_dav_copy_dir_time(ngx_tree_ctx_t *ctx, ngx_str_t *path)
  982. {
  983.     u_char                   *p, *dir;
  984.     size_t                    len;
  985.     ngx_http_dav_copy_ctx_t  *copy;

  987.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
  988.                    "http copy dir time: \"%s\"", path->data);

  990.     copy = ctx->data;

  992.     len = copy->path.len + path->len;

  994.     dir = ngx_alloc(len + 1, ctx->log);
  995.     if (dir == NULL) {
  996.         return NGX_ABORT;
  997.     }

  999.     p = ngx_cpymem(dir, copy->path.data, copy->path.len);
  1000.     (void) ngx_cpystrn(p, path->data + copy->len, path->len - copy->len + 1);

  1002.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
  1003.                    "http copy dir time to: \"%s\"", dir);

  1005. #if (NGX_WIN32)
  1006.     {
  1007.     ngx_fd_t  fd;

  1009.     fd = ngx_open_file(dir, NGX_FILE_RDWR, NGX_FILE_OPEN, 0);

  1011.     if (fd == NGX_INVALID_FILE) {
  1012.         (void) ngx_http_dav_error(ctx->log, ngx_errno, 0, ngx_open_file_n, dir);
  1013.         goto failed;
  1014.     }

  1016.     if (ngx_set_file_time(NULL, fd, ctx->mtime) != NGX_OK) {
  1017.         ngx_log_error(NGX_LOG_ALERT, ctx->log, ngx_errno,
  1018.                       ngx_set_file_time_n " \"%s\" failed", dir);
  1019.     }

  1021.     if (ngx_close_file(fd) == NGX_FILE_ERROR) {
  1022.         ngx_log_error(NGX_LOG_ALERT, ctx->log, ngx_errno,
  1023.                       ngx_close_file_n " \"%s\" failed", dir);
  1024.     }
  1025.     }

  1027. failed:

  1029. #else

  1031.     if (ngx_set_file_time(dir, 0, ctx->mtime) != NGX_OK) {
  1032.         ngx_log_error(NGX_LOG_ALERT, ctx->log, ngx_errno,
  1033.                       ngx_set_file_time_n " \"%s\" failed", dir);
  1034.     }

  1036. #endif

  1038.     ngx_free(dir);

  1040.     return NGX_OK;
  1041. }


  1044. static ngx_int_t
  1045. ngx_http_dav_copy_tree_file(ngx_tree_ctx_t *ctx, ngx_str_t *path)
  1046. {
  1047.     u_char                   *p, *file;
  1048.     size_t                    len;
  1049.     ngx_copy_file_t           cf;
  1050.     ngx_http_dav_copy_ctx_t  *copy;

  1052.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
  1053.                    "http copy file: \"%s\"", path->data);

  1055.     copy = ctx->data;

  1057.     len = copy->path.len + path->len;

  1059.     file = ngx_alloc(len + 1, ctx->log);
  1060.     if (file == NULL) {
  1061.         return NGX_ABORT;
  1062.     }

  1064.     p = ngx_cpymem(file, copy->path.data, copy->path.len);
  1065.     (void) ngx_cpystrn(p, path->data + copy->len, path->len - copy->len + 1);

  1067.     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ctx->log, 0,
  1068.                    "http copy file to: \"%s\"", file);

  1070.     cf.size = ctx->size;
  1071.     cf.buf_size = 0;
  1072.     cf.access = ctx->access;
  1073.     cf.time = ctx->mtime;
  1074.     cf.log = ctx->log;

  1076.     (void) ngx_copy_file(path->data, file, &cf);

  1078.     ngx_free(file);

  1080.     return NGX_OK;
  1081. }


  1084. static ngx_int_t
  1085. ngx_http_dav_depth(ngx_http_request_t *r, ngx_int_t dflt)
  1086. {
  1087.     ngx_table_elt_t  *depth;

  1089.     depth = r->headers_in.depth;

  1091.     if (depth == NULL) {
  1092.         return dflt;
  1093.     }

  1095.     if (depth->value.len == 1) {

  1097.         if (depth->value.data[0] == '0') {
  1098.             return 0;
  1099.         }

  1101.         if (depth->value.data[0] == '1') {
  1102.             return 1;
  1103.         }

  1105.     } else {

  1107.         if (depth->value.len == sizeof("infinity") - 1
  1108.             && ngx_strcmp(depth->value.data, "infinity") == 0)
  1109.         {
  1110.             return NGX_HTTP_DAV_INFINITY_DEPTH;
  1111.         }
  1112.     }

  1114.     ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
  1115.                   "client sent invalid \"Depth\" header: \"%V\"",
  1116.                   &depth->value);

  1118.     return NGX_HTTP_DAV_INVALID_DEPTH;
  1119. }


  1122. static ngx_int_t
  1123. ngx_http_dav_error(ngx_log_t *log, ngx_err_t err, ngx_int_t not_found,
  1124.     char *failed, u_char *path)
  1125. {
  1126.     ngx_int_t   rc;
  1127.     ngx_uint_t  level;

  1129.     if (err == NGX_ENOENT || err == NGX_ENOTDIR || err == NGX_ENAMETOOLONG) {
  1130.         level = NGX_LOG_ERR;
  1131.         rc = not_found;

  1133.     } else if (err == NGX_EACCES || err == NGX_EPERM) {
  1134.         level = NGX_LOG_ERR;
  1135.         rc = NGX_HTTP_FORBIDDEN;

  1137.     } else if (err == NGX_EEXIST) {
  1138.         level = NGX_LOG_ERR;
  1139.         rc = NGX_HTTP_NOT_ALLOWED;

  1141.     } else if (err == NGX_ENOSPC) {
  1142.         level = NGX_LOG_CRIT;
  1143.         rc = NGX_HTTP_INSUFFICIENT_STORAGE;

  1145.     } else {
  1146.         level = NGX_LOG_CRIT;
  1147.         rc = NGX_HTTP_INTERNAL_SERVER_ERROR;
  1148.     }

  1150.     ngx_log_error(level, log, err, "%s \"%s\" failed", failed, path);

  1152.     return rc;
  1153. }


  1156. static ngx_int_t
  1157. ngx_http_dav_location(ngx_http_request_t *r)
  1158. {
  1159.     u_char     *p;
  1160.     size_t      len;
  1161.     uintptr_t   escape;

  1163.     r->headers_out.location = ngx_list_push(&r->headers_out.headers);
  1164.     if (r->headers_out.location == NULL) {
  1165.         return NGX_ERROR;
  1166.     }

  1168.     r->headers_out.location->hash = 1;
  1169.     r->headers_out.location->next = NULL;
  1170.     ngx_str_set(&r->headers_out.location->key, "Location");

  1172.     escape = 2 * ngx_escape_uri(NULL, r->uri.data, r->uri.len, NGX_ESCAPE_URI);

  1174.     if (escape) {
  1175.         len = r->uri.len + escape;

  1177.         p = ngx_pnalloc(r->pool, len);
  1178.         if (p == NULL) {
  1179.             ngx_http_clear_location(r);
  1180.             return NGX_ERROR;
  1181.         }

  1183.         r->headers_out.location->value.len = len;
  1184.         r->headers_out.location->value.data = p;

  1186.         ngx_escape_uri(p, r->uri.data, r->uri.len, NGX_ESCAPE_URI);

  1188.     } else {
  1189.         r->headers_out.location->value = r->uri;
  1190.     }

  1192.     return NGX_OK;
  1193. }


  1196. static void *
  1197. ngx_http_dav_create_loc_conf(ngx_conf_t *cf)
  1198. {
  1199.     ngx_http_dav_loc_conf_t  *conf;

  1201.     conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_dav_loc_conf_t));
  1202.     if (conf == NULL) {
  1203.         return NULL;
  1204.     }

  1206.     /*
  1207.      * set by ngx_pcalloc():
  1208.      *
  1209.      *     conf->methods = 0;
  1210.      */

  1212.     conf->min_delete_depth = NGX_CONF_UNSET_UINT;
  1213.     conf->access = NGX_CONF_UNSET_UINT;
  1214.     conf->create_full_put_path = NGX_CONF_UNSET;

  1216.     return conf;
  1217. }


  1220. static char *
  1221. ngx_http_dav_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
  1222. {
  1223.     ngx_http_dav_loc_conf_t  *prev = parent;
  1224.     ngx_http_dav_loc_conf_t  *conf = child;

  1226.     ngx_conf_merge_bitmask_value(conf->methods, prev->methods,
  1227.                          (NGX_CONF_BITMASK_SET|NGX_HTTP_DAV_OFF));

  1229.     ngx_conf_merge_uint_value(conf->min_delete_depth,
  1230.                          prev->min_delete_depth, 0);

  1232.     ngx_conf_merge_uint_value(conf->access, prev->access, 0600);

  1234.     ngx_conf_merge_value(conf->create_full_put_path,
  1235.                          prev->create_full_put_path, 0);

  1237.     return NGX_CONF_OK;
  1238. }


  1241. static ngx_int_t
  1242. ngx_http_dav_init(ngx_conf_t *cf)
  1243. {
  1244.     ngx_http_handler_pt        *h;
  1245.     ngx_http_core_main_conf_t  *cmcf;

  1247.     cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);

  1249.     h = ngx_array_push(&cmcf->phases[NGX_HTTP_CONTENT_PHASE].handlers);
  1250.     if (h == NULL) {
  1251.         return NGX_ERROR;
  1252.     }

  1254.     *h = ngx_http_dav_handler;

  1256.     return NGX_OK;
  1257. }

One Level Up Top Level