12 static HConnect *connect;
13 static int vermaj, gidwidth, uidwidth, lenwidth, devwidth;
14 static Biobuf *aio, *dio;
19 hprint(hout, "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n");
20 hprint(hout, " \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n");
24 error(char *title, char *fmt, ...)
30 out = vseprint(buf, buf+sizeof(buf), fmt, arg);
34 hprint(hout, "%s 404 %s\r\n", hversion, title);
35 hprint(hout, "Date: %D\r\n", time(nil));
36 hprint(hout, "Server: Plan9\r\n");
37 hprint(hout, "Content-type: text/html\r\n");
40 hprint(hout, "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n");
41 hprint(hout, "<head><title>%s</title></head>\n", title);
42 hprint(hout, "<body>\n");
43 hprint(hout, "<h1>%s</h1>\n", title);
44 hprint(hout, "%s\n", buf);
45 hprint(hout, "</body>\n");
46 hprint(hout, "</html>\n");
48 writelog(connect, "Reply: 404\nReason: %s\n", title);
53 * Are we actually allowed to look in here?
56 * 1) If neither allowed nor denied files exist, access is granted.
57 * 2) If allowed exists and denied does not, dir *must* be in allowed
58 * for access to be granted, otherwise, access is denied.
59 * 3) If denied exists and allowed does not, dir *must not* be in
60 * denied for access to be granted, otherwise, access is enied.
61 * 4) If both exist, okay if either (a) file is not in denied, or
62 * (b) in denied and in allowed. Otherwise, access is denied.
75 p = Brdstr(buf, '\n', 0);
82 while (--t > p && isspace(*t))
88 /* root the regular expresssion */
91 sysfatal("out of memory");
111 if (strcmp(dir, "..") == 0 || strncmp(dir, "../", 3) == 0)
121 /* if no deny list, assume everything is denied */
124 /* go through denials till we find a match */
125 while (okay && (re = getre(dio)) != nil) {
126 memset(&match, 0, sizeof(match));
127 okay = (regexec(re, dir, &match, 1) != 1);
131 /* go through accepts till we have a match */
134 while (!okay && (re = getre(aio)) != nil) {
135 memset(&match, 0, sizeof(match));
136 okay = (regexec(re, dir, &match, 1) == 1);
143 * Comparison routine for sorting the directory.
146 compar(Dir *a, Dir *b)
148 return(strcmp(a->name, b->name));
152 * These is for formating; how wide are variable-length
156 maxwidths(Dir *dp, long n)
161 for (i = 0; i < n; i++) {
162 if (snprint(scratch, sizeof scratch, "%ud", dp[i].dev) > devwidth)
163 devwidth = strlen(scratch);
164 if (strlen(dp[i].uid) > uidwidth)
165 uidwidth = strlen(dp[i].uid);
166 if (strlen(dp[i].gid) > gidwidth)
167 gidwidth = strlen(dp[i].gid);
168 if (snprint(scratch, sizeof scratch, "%lld", dp[i].length) > lenwidth)
169 lenwidth = strlen(scratch);
174 * Do an actual directory listing.
175 * asciitime is lifted directly out of ls.
186 /* 6 months in the past or a day in the future */
187 if(l<clk-180L*24*60*60 || clk+24L*60*60<l){
188 memmove(buf, t+4, 7); /* month and day */
189 memmove(buf+7, t+23, 5); /* year */
191 memmove(buf, t+4, 12); /* skip day of week */
204 cleanname(dir); // expands "" to "."; ``dir+1'' access below depends on that
206 error("Permission denied", "<p>Cannot list directory %s: Access prohibited</p>", dir);
209 fd = open(dir, OREAD);
211 error("Cannot read directory", "<p>Cannot read directory %s: %r</p>", dir);
216 hprint(hout, "Content-type: text/html\r\n");
217 hprint(hout, "\r\n");
220 hprint(hout, "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n");
221 hprint(hout, "<head><title>Index of %s</title></head>\n", dir);
222 hprint(hout, "<body>\n");
223 hprint(hout, "<h1>Index of ");
225 while((p = strchr(nm, '/')) != nil){
227 f = (*dir == '\0') ? "/" : dir;
228 if (!(*dir == '\0' && *(dir+1) == '\0') && allowed(f))
229 hprint(hout, "<a href=\"/magic/webls?dir=%H\">%s/</a>", f, nm);
231 hprint(hout, "%s/", nm);
235 hprint(hout, "%s</h1>\n", nm);
236 n = dirreadall(fd, &d);
239 qsort(d, n, sizeof(Dir), (int (*)(void *, void *))compar);
240 hprint(hout, "<pre>\n");
241 for (i = 0; i < n; i++) {
242 f = smprint("%s/%s", dir, d[i].name);
244 if (d[i].mode & DMDIR) {
245 p = smprint("/magic/webls?dir=%H", f);
249 hprint(hout, "%M %C %*ud %-*s %-*s %*lld %s <a href=\"%s\">%s</a>\n",
250 d[i].mode, d[i].type,
254 lenwidth, d[i].length,
255 asciitime(d[i].mtime), f, d[i].name);
258 f = smprint("%s/..", dir);
260 if (strcmp(f, dir) != 0 && allowed(f))
261 hprint(hout, "\nGo to <a href=\"/magic/webls?dir=%H\">parent</a> directory\n", f);
263 hprint(hout, "\nEnd of directory listing\n");
265 hprint(hout, "</pre>\n</body>\n</html>\n");
271 * Handle unpacking the request in the URI and
272 * invoking the actual handler.
275 dosearch(char *search)
277 if (strncmp(search, "dir=", 4) == 0){
278 search = hurlunesc(connect, search+4);
284 * Otherwise, we've gotten an illegal request.
285 * spit out a non-apologetic error.
287 search = hurlunesc(connect, search);
288 error("Bad directory listing request",
289 "<p>Illegal formatted directory listing request:</p>\n"
290 "<p>%H</p>", search);
294 main(int argc, char **argv)
296 fmtinstall('H', httpfmt);
297 fmtinstall('U', hurlfmt);
298 fmtinstall('M', dirmodefmt);
300 aio = Bopen("/sys/lib/webls.allowed", OREAD);
301 dio = Bopen("/sys/lib/webls.denied", OREAD);
304 hinit(&houtb, 1, Hwrite);
311 connect = init(argc, argv);
312 hout = &connect->hout;
313 vermaj = connect->req.vermaj;
314 if(hparseheaders(connect, HSTIMEOUT) < 0)
317 if(strcmp(connect->req.meth, "GET") != 0 && strcmp(connect->req.meth, "HEAD") != 0){
318 hunallowed(connect, "GET, HEAD");
319 exits("not allowed");
321 if(connect->head.expectother || connect->head.expectcont){
322 hfail(connect, HExpectFail, nil);
326 bind(webroot, "/", MREPL);
328 if(connect->req.search != nil)
329 dosearch(connect->req.search);
331 error("Bad argument", "<p>Need a search argument</p>");
333 writelog(connect, "200 webls %ld %ld\n", hout->seek, hout->seek);