[0001]
[0002]
[0003]
[0004]
[0005]
[0006]
[0007]
[0008]
[0009]
[0010]
[0011]
[0012]
[0013]
[0014]
[0015]
[0016]
[0017]
[0018]
[0019]
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
[0026]
[0027]
[0028]
[0029]
[0030]
[0031]
[0032]
[0033]
[0034]
[0035]
[0036]
[0037]
[0038]
[0039]
[0040]
[0041]
[0042]
[0043]
[0044]
[0045]
[0046]
[0047]
[0048]
[0049]
[0050]
[0051]
[0052]
[0053]
[0054]
[0055]
[0056]
[0057]
[0058]
[0059]
[0060]
[0061]
[0062]
[0063]
[0064]
[0065]
[0066]
[0067]
[0068]
[0069]
[0070]
[0071]
[0072]
[0073]
[0074]
[0075]
[0076]
[0077]
[0078]
[0079]
[0080]
[0081]
[0082]
[0083]
[0084]
[0085]
[0086]
[0087]
[0088]
[0089]
[0090]
[0091]
[0092]
[0093]
[0094]
[0095]
[0096]
[0097]
[0098]
[0099]
[0100]
[0101]
[0102]
[0103]
[0104]
[0105]
[0106]
[0107]
[0108]
[0109]
[0110]
[0111]
[0112]
[0113]
[0114]
[0115]
[0116]
[0117]
[0118]
[0119]
[0120]
[0121]
[0122]
[0123]
[0124]
[0125]
[0126]
[0127]
[0128]
[0129]
[0130]
[0131]
[0132]
[0133]
[0134]
[0135]
[0136]
[0137]
[0138]
[0139]
[0140]
[0141]
[0142]
[0143]
[0144]
[0145]
[0146]
[0147]
[0148]
[0149]
[0150]
[0151]
[0152]
[0153]
[0154]
[0155]
[0156]
[0157]
[0158]
[0159]
[0160]
[0161]
[0162]
[0163]
[0164]
[0165]
[0166]
[0167]
[0168]
[0169]
[0170]
[0171]
[0172]
[0173]
[0174]
[0175]
[0176]
[0177]
[0178]
[0179]
[0180]
[0181]
[0182]
[0183]
[0184]
[0185]
[0186]
[0187]
[0188]
[0189]
[0190]
[0191]
[0192]
[0193]
[0194]
[0195]
[0196]
[0197]
[0198]
[0199]
[0200]
[0201]
[0202]
[0203]
[0204]
[0205]
[0206]
[0207]
[0208]
[0209]
[0210]
[0211]
[0212]
[0213]
[0214]
[0215]
[0216]
[0217]
[0218]
[0219]
[0220]
[0221]
[0222]
[0223]
[0224]
[0225]
[0226]
[0227]
[0228]
[0229]
[0230]
[0231]
[0232]
[0233]
[0234]
[0235]
[0236]
[0237]
[0238]
[0239]
[0240]
[0241]
[0242]
[0243]
[0244]
[0245]
[0246]
[0247]
[0248]
[0249]
[0250]
[0251]
[0252]
[0253]
[0254]
[0255]
[0256]
[0257]
[0258]
[0259]
[0260]
[0261]
[0262]
[0263]
[0264]
[0265]
[0266]
[0267]
[0268]
[0269]
[0270]
[0271]
[0272]
[0273]
[0274]
[0275]
[0276]
[0277]
[0278]
[0279]
[0280]
[0281]
[0282]
[0283]
[0284]
[0285]
[0286]
[0287]
[0288]
[0289]
[0290]
[0291]
[0292]
[0293]
[0294]
[0295]
[0296]
[0297]
[0298]
[0299]
[0300]
[0301]
[0302]
[0303]
[0304]
[0305]
[0306]
[0307]
[0308]
[0309]
[0310]
[0311]
[0312]
[0313]
[0314]
[0315]
[0316]
[0317]
[0318]
[0319]
[0320]
[0321]
[0322]
[0323]
[0324]
[0325]
[0326]
[0327]
[0328]
[0329]
[0330]
[0331]
[0332]
[0333]
[0334]
[0335]
[0336]
[0337]
[0338]
[0339]
[0340]
[0341]
[0342]
[0343]
[0344]
[0345]
[0346]
[0347]
[0348]
[0349]
[0350]
[0351]
[0352]
[0353]
[0354]
[0355]
[0356]
[0357]
[0358]
[0359]
[0360]
[0361]
[0362]
[0363]
[0364]
[0365]
[0366]
[0367]
[0368]
[0369]
[0370]
[0371]
[0372]
[0373]
[0374]
[0375]
[0376]
[0377]
[0378]
[0379]
[0380]
[0381]
[0382]
[0383]
[0384]
[0385]
[0386]
[0387]
[0388]
[0389]
[0390]
[0391]
[0392]
[0393]
[0394]
[0395]
[0396]
[0397]
[0398]
[0399]
[0400]
[0401]
[0402]
[0403]
[0404]
[0405]
[0406]
[0407]
[0408]
[0409]
[0410]
[0411]
[0412]
[0413]
[0414]
[0415]
[0416]
[0417]
[0418]
[0419]
[0420]
[0421]
[0422]
[0423]
[0424]
[0425]
[0426]
[0427]
[0428]
[0429]
[0430]
[0431]
[0432]
[0433]
[0434]
[0435]
[0436]
[0437]
[0438]
[0439]
[0440]
[0441]
[0442]
[0443]
[0444]
[0445]
[0446]
[0447]
[0448]
[0449]
[0450]
[0451]
[0452]
[0453]
[0454]
[0455]
[0456]
[0457]
[0458]
[0459]
[0460]
[0461]
[0462]
[0463]
[0464]
[0465]
[0466]
[0467]
[0468]
[0469]
[0470]
[0471]
[0472]
[0473]
[0474]
[0475]
[0476]
[0477]
[0478]
[0479]
[0480]
[0481]
[0482]
[0483]
[0484]
[0485]
[0486]
[0487]
[0488]
[0489]
[0490]
[0491]
[0492]
[0493]
[0494]
[0495]
[0496]
[0497]
[0498]
[0499]
[0500]
[0501]
[0502]
[0503]
[0504]
[0505]
[0506]
[0507]
[0508]
[0509]
[0510]
[0511]
[0512]
[0513]
[0514]
[0515]
[0516]
[0517]
[0518]
[0519]
[0520]
[0521]
[0522]
[0523]
[0524]
[0525]
[0526]
[0527]
[0528]
[0529]
[0530]
[0531]
[0532]
[0533]
[0534]
[0535]
[0536]
[0537]
[0538]
[0539]
[0540]
[0541]
[0542]
[0543]
[0544]
[0545]
[0546]
[0547]
[0548]
[0549]
[0550]
[0551]
[0552]
[0553]
[0554]
[0555]
[0556]
[0557]
[0558]
[0559]
[0560]
[0561]
[0562]
[0563]
[0564]
[0565]
[0566]
[0567]
[0568]
[0569]
[0570]
[0571]
[0572]
[0573]
[0574]
[0575]
[0576]
[0577]
[0578]
[0579]
[0580]
[0581]
[0582]
[0583]
[0584]
[0585]
[0586]
[0587]
[0588]
[0589]
[0590]
[0591]
[0592]
[0593]
[0594]
[0595]
[0596]
[0597]
[0598]
[0599]
[0600]
[0601]
[0602]
[0603]
[0604]
[0605]
[0606]
[0607]
[0608]
[0609]
[0610]
[0611]
[0612]
[0613]
[0614]
[0615]
[0616]
[0617]
[0618]
[0619]
[0620]
[0621]
[0622]
[0623]
[0624]
[0625]
[0626]
[0627]
[0628]
[0629]
[0630]
[0631]
[0632]
[0633]
[0634]
[0635]
[0636]
[0637]
[0638]
[0639]
[0640]
[0641]
[0642]
[0643]
[0644]
[0645]
[0646]
[0647]
[0648]
[0649]
[0650]
[0651]
[0652]
[0653]
[0654]
[0655]
[0656]
[0657]
[0658]
[0659]
[0660]
[0661]
[0662]
[0663]
[0664]
[0665]
[0666]
[0667]
[0668]
[0669]
[0670]
[0671]
[0672]
[0673]
[0674]
[0675]
[0676]
[0677]
[0678]
[0679]
[0680]
[0681]
[0682]
[0683]
[0684]
[0685]
[0686]
[0687]
[0688]
[0689]
[0690]
[0691]
[0692]
[0693]
[0694]
[0695]
[0696]
[0697]
[0698]
[0699]
[0700]
[0701]
[0702]
[0703]
[0704]
[0705]
[0706]
[0707]
[0708]
[0709]
[0710]
[0711]
[0712]
[0713]
[0714]
[0715]
[0716]
[0717]
[0718]
[0719]
[0720]
[0721]
[0722]
[0723]
[0724]
[0725]
[0726]
[0727]
[0728]
[0729]
[0730]
[0731]
[0732]
[0733]
[0734]
[0735]
[0736]
[0737]
[0738]
[0739]
[0740]
[0741]
[0742]
[0743]
[0744]
[0745]
[0746]
[0747]
[0748]
[0749]
[0750]
[0751]
[0752]
[0753]
[0754]
[0755]
[0756]
[0757]
[0758]
[0759]
[0760]
[0761]
[0762]
[0763]
[0764]
[0765]
[0766]
[0767]
[0768]
[0769]
[0770]
[0771]
[0772]
[0773]
[0774]
[0775]
[0776]
[0777]
[0778]
[0779]
[0780]
[0781]
[0782]
[0783]
[0784]
[0785]
[0786]
[0787]
[0788]
[0789]
[0790]
[0791]
[0792]
[0793]
[0794]
[0795]
[0796]
[0797]
[0798]
[0799]
[0800]
[0801]
[0802]
[0803]
[0804]
[0805]
[0806]
[0807]
[0808]
[0809]
[0810]
[0811]
[0812]
[0813]
[0814]
[0815]
[0816]
[0817]
[0818]
[0819]
[0820]
[0821]
[0822]
[0823]
[0824]
[0825]
[0826]
[0827]
[0828]
[0829]
[0830]
[0831]
[0832]
[0833]
[0834]
[0835]
[0836]
[0837]
[0838]
[0839]
[0840]
[0841]
[0842]
[0843]
[0844]
[0845]
[0846]
[0847]
[0848]
[0849]
[0850]
[0851]
[0852]
[0853]
[0854]
[0855]
[0856]
[0857]
[0858]
[0859]
[0860]
[0861]
[0862]
[0863]
[0864]
[0865]
[0866]
[0867]
[0868]
[0869]
[0870]
[0871]
[0872]
[0873]
[0874]
[0875]
[0876]
[0877]
[0878]
[0879]
[0880]
[0881]
[0882]
[0883]
[0884]
[0885]
[0886]
[0887]
[0888]
[0889]
[0890]
[0891]
[0892]
[0893]
[0894]
[0895]
[0896]
[0897]
[0898]
[0899]
[0900]
[0901]
[0902]
[0903]
[0904]
[0905]
[0906]
[0907]
[0908]
[0909]
[0910]
[0911]
[0912]
[0913]
[0914]
[0915]
[0916]
[0917]
[0918]
[0919]
[0920]
[0921]
[0922]
[0923]
[0924]
[0925]
[0926]
[0927]
[0928]
[0929]
[0930]
[0931]
[0932]
[0933]
[0934]
[0935]
[0936]
[0937]
[0938]
[0939]
[0940]
[0941]
[0942]
[0943]
[0944]
[0945]
[0946]
[0947]
[0948]
[0949]
[0950]
[0951]
[0952]
[0953]
[0954]
[0955]
[0956]
[0957]
[0958]
[0959]
[0960]
[0961]
[0962]
[0963]
[0964]
[0965]
[0966]
[0967]
[0968]
[0969]
[0970]
[0971]
[0972]
[0973]
[0974]
[0975]
[0976]
[0977]
[0978]
[0979]
[0980]
[0981]
[0982]
[0983]
[0984]
[0985]
[0986]
[0987]
[0988]
[0989]
[0990]
[0991]
[0992]
[0993]
[0994]
[0995]
[0996]
[0997]
[0998]
[0999]
[1000]
[1001]
[1002]
[1003]
[1004]
[1005]
[1006]
[1007]
[1008]
[1009]
[1010]
[1011]
[1012]
[1013]
[1014]
[1015]
[1016]
[1017]
[1018]
[1019]
[1020]
[1021]
[1022]
[1023]
[1024]
[1025]
[1026]
[1027]
[1028]
[1029]
[1030]
[1031]
[1032]
[1033]
[1034]
[1035]
[1036]
[1037]
[1038]
[1039]
[1040]
[1041]
[1042]
[1043]
[1044]
[1045]
[1046]
[1047]
[1048]
[1049]
[1050]
[1051]
[1052]
[1053]
[1054]
[1055]
[1056]
[1057]
[1058]
[1059]
[1060]
[1061]
[1062]
[1063]
[1064]
[1065]
[1066]
[1067]
[1068]
[1069]
[1070]
[1071]
[1072]
[1073]
[1074]
[1075]
[1076]
[1077]
[1078]
[1079]
[1080]
[1081]
[1082]
[1083]
[1084]
[1085]
[1086]
[1087]
[1088]
[1089]
[1090]
[1091]
[1092]
[1093]
[1094]
[1095]
[1096]
[1097]
[1098]
[1099]
[1100]
[1101]
[1102]
[1103]
[1104]
[1105]
[1106]
[1107]
[1108]
[1109]
[1110]
[1111]
[1112]
[1113]
[1114]
[1115]
[1116]
[1117]
[1118]
[1119]
[1120]
[1121]
[1122]
[1123]
[1124]
[1125]
[1126]
[1127]
[1128]
[1129]
[1130]
[1131]
[1132]
[1133]
[1134]
[1135]
[1136]
[1137]
[1138]
[1139]
[1140]
[1141]
[1142]
[1143]
[1144]
[1145]
[1146]
[1147]
[1148]
[1149]
[1150]
[1151]
[1152]
[1153]
[1154]
[1155]
[1156]
[1157]
[1158]
[1159]
[1160]
[1161]
[1162]
[1163]
[1164]
[1165]
[1166]
[1167]
[1168]
[1169]
[1170]
[1171]
[1172]
[1173]
[1174]
[1175]
[1176]
[1177]
[1178]
[1179]
[1180]
[1181]
[1182]
[1183]
[1184]
[1185]
[1186]
[1187]
[1188]
[1189]
[1190]
[1191]
[1192]
[1193]
[1194]
[1195]
[1196]
[1197]
[1198]
[1199]
[1200]
[1201]
[1202]
[1203]
[1204]
[1205]
[1206]
[1207]
[1208]
[1209]
[1210]
[1211]
[1212]
[1213]
[1214]
[1215]
[1216]
[1217]
[1218]
[1219]
[1220]
[1221]
[1222]
[1223]
[1224]
[1225]
[1226]
[1227]
[1228]
[1229]
[1230]
[1231]
[1232]
[1233]
[1234]
[1235]
[1236]
[1237]
[1238]
[1239]
[1240]
[1241]
[1242]
[1243]
[1244]
[1245]
[1246]
[1247]
[1248]
[1249]
[1250]
[1251]
[1252]
[1253]
[1254]
[1255]
[1256]
[1257]
[1258]
[1259]
[1260]
[1261]
[1262]
[1263]
[1264]
[1265]
[1266]
[1267]
[1268]
[1269]
[1270]
[1271]
[1272]
[1273]
[1274]
[1275]
[1276]
[1277]
[1278]
[1279]
[1280]
[1281]
[1282]
[1283]
[1284]
[1285]
[1286]
[1287]
[1288]
[1289]
[1290]
[1291]
[1292]
[1293]
[1294]
[1295]
[1296]
[1297]
[1298]
[1299]
[1300]
[1301]
[1302]
[1303]
[1304]
[1305]
[1306]
[1307]
[1308]
[1309]
[1310]
[1311]
[1312]
[1313]
[1314]
[1315]
[1316]
[1317]
[1318]
[1319]
[1320]
[1321]
[1322]
[1323]
[1324]
[1325]
[1326]
[1327]
[1328]
[1329]
[1330]
[1331]
[1332]
[1333]
[1334]
[1335]
[1336]
[1337]
[1338]
[1339]
[1340]
[1341]
[1342]
[1343]
[1344]
[1345]
[1346]
[1347]
[1348]
[1349]
[1350]
[1351]
[1352]
[1353]
[1354]
[1355]
[1356]
[1357]
[1358]
[1359]
[1360]
[1361]
[1362]
[1363]
[1364]
[1365]
[1366]
[1367]
[1368]
[1369]
[1370]
[1371]
[1372]
[1373]
[1374]
[1375]
[1376]
[1377]
[1378]
[1379]
[1380]
[1381]
[1382]
[1383]
[1384]
[1385]
[1386]
[1387]
[1388]
[1389]
[1390]
[1391]
[1392]
[1393]
[1394]
[1395]
[1396]
[1397]
[1398]
[1399]
[1400]
[1401]
[1402]
[1403]
[1404]
[1405]
[1406]
[1407]
[1408]
[1409]
[1410]
[1411]
[1412]
[1413]
[1414]
[1415]
[1416]
[1417]
[1418]
[1419]
[1420]
[1421]
[1422]
[1423]
[1424]
[1425]
[1426]
[1427]
[1428]
[1429]
[1430]
[1431]
[1432]
[1433]
[1434]
[1435]
[1436]
[1437]
[1438]
[1439]
[1440]
[1441]
[1442]
[1443]
[1444]
[1445]
[1446]
[1447]
[1448]
[1449]
[1450]
[1451]
[1452]
[1453]
[1454]
[1455]
[1456]
[1457]
[1458]
[1459]
[1460]
[1461]
[1462]
[1463]
[1464]
[1465]
[1466]
[1467]
[1468]
[1469]
[1470]
[1471]
[1472]
[1473]
[1474]
[1475]
[1476]
[1477]
[1478]
[1479]
[1480]
[1481]
[1482]
[1483]
[1484]
[1485]
[1486]
[1487]
[1488]
[1489]
[1490]
[1491]
[1492]
[1493]
[1494]
[1495]
[1496]
[1497]
[1498]
[1499]
[1500]
[1501]
[1502]
[1503]
[1504]
[1505]
[1506]
[1507]
[1508]
[1509]
[1510]
[1511]
[1512]
[1513]
[1514]
[1515]
[1516]
[1517]
[1518]
[1519]
[1520]
[1521]
[1522]
[1523]
[1524]
[1525]
[1526]
[1527]
[1528]
[1529]
[1530]
[1531]
[1532]
[1533]
[1534]
[1535]
[1536]
[1537]
[1538]
[1539]
[1540]
[1541]
[1542]
[1543]
[1544]
[1545]
[1546]
[1547]
[1548]
[1549]
[1550]
[1551]
[1552]
[1553]
[1554]
[1555]
[1556]
[1557]
[1558]
[1559]
[1560]
[1561]
[1562]
[1563]
[1564]
[1565]
[1566]
[1567]
[1568]
[1569]
[1570]
[1571]
[1572]
[1573]
[1574]
[1575]
[1576]
[1577]
[1578]
[1579]
[1580]
[1581]
[1582]
[1583]
[1584]
[1585]
[1586]
[1587]
[1588]
[1589]
[1590]
[1591]
[1592]
[1593]
[1594]
[1595]
[1596]
[1597]
[1598]
[1599]
[1600]
[1601]
[1602]
[1603]
[1604]
[1605]
[1606]
[1607]
[1608]
[1609]
[1610]
[1611]
[1612]
[1613]
[1614]
[1615]
[1616]
[1617]
[1618]
[1619]
[1620]
[1621]
[1622]
[1623]
[1624]
[1625]
[1626]
[1627]
[1628]
[1629]
[1630]
[1631]
[1632]
[1633]
[1634]
[1635]
[1636]
[1637]
[1638]
[1639]
[1640]
[1641]
[1642]
[1643]
[1644]
[1645]
[1646]
[1647]
[1648]
[1649]
[1650]
[1651]
[1652]
[1653]
[1654]
[1655]
[1656]
[1657]
[1658]
[1659]
[1660]
[1661]
[1662]
[1663]
[1664]
[1665]
[1666]
[1667]
[1668]
[1669]
[1670]
[1671]
[1672]
[1673]
[1674]
[1675]
[1676]
[1677]
[1678]
[1679]
[1680]
[1681]
[1682]
[1683]
[1684]
[1685]
[1686]
[1687]
[1688]
[1689]
[1690]
[1691]
[1692]
[1693]
[1694]
[1695]
[1696]
[1697]
[1698]
[1699]
[1700]
[1701]
[1702]
[1703]
[1704]
[1705]
[1706]
[1707]
[1708]
[1709]
[1710]
[1711]
[1712]
[1713]
[1714]
[1715]
[1716]
[1717]
[1718]
[1719]
[1720]
[1721]
[1722]
[1723]
[1724]
[1725]
[1726]
[1727]
[1728]
[1729]
[1730]
[1731]
[1732]
[1733]
[1734]
[1735]
[1736]
[1737]
[1738]
[1739]
[1740]
[1741]
[1742]
[1743]
[1744]
[1745]
[1746]
[1747]
[1748]
[1749]
[1750]
[1751]
[1752]
[1753]
[1754]
[1755]
[1756]
[1757]
[1758]
[1759]
[1760]
[1761]
[1762]
[1763]
[1764]
[1765]
[1766]
[1767]
[1768]
[1769]
[1770]
[1771]
[1772]
[1773]
[1774]
[1775]
[1776]
[1777]
[1778]
[1779]
[1780]
[1781]
[1782]
[1783]
[1784]
[1785]
[1786]
[1787]
[1788]
[1789]
[1790]
[1791]
[1792]
[1793]
[1794]
[1795]
[1796]
[1797]
[1798]
[1799]
[1800]
[1801]
[1802]
[1803]
[1804]
[1805]
[1806]
[1807]
[1808]
[1809]
[1810]
[1811]
[1812]
[1813]
[1814]
[1815]
[1816]
[1817]
[1818]
[1819]
[1820]
[1821]
[1822]
[1823]
[1824]
[1825]
[1826]
[1827]
[1828]
[1829]
[1830]
[1831]
[1832]
[1833]
[1834]
[1835]
[1836]
[1837]
[1838]
[1839]
[1840]
[1841]
[1842]
[1843]
[1844]
[1845]
[1846]
[1847]
[1848]
[1849]
[1850]
[1851]
[1852]
[1853]
[1854]
[1855]
[1856]
[1857]
[1858]
[1859]
[1860]
[1861]
[1862]
[1863]
[1864]
[1865]
[1866]
[1867]
[1868]
[1869]
[1870]
[1871]
[1872]
[1873]
[1874]
[1875]
[1876]
[1877]
[1878]
[1879]
[1880]
[1881]
[1882]
[1883]
[1884]
[1885]
[1886]
[1887]
[1888]
[1889]
[1890]
[1891]
[1892]
[1893]
[1894]
[1895]
[1896]
[1897]
[1898]
[1899]
[1900]
[1901]
[1902]
[1903]
[1904]
[1905]
[1906]
[1907]
[1908]
[1909]
[1910]
[1911]
[1912]
[1913]
[1914]
[1915]
[1916]
[1917]
[1918]
[1919]
[1920]
[1921]
[1922]
[1923]
[1924]
[1925]
[1926]
[1927]
[1928]
[1929]
[1930]
[1931]
[1932]
[1933]
[1934]
[1935]
[1936]
[1937]
[1938]
[1939]
[1940]
[1941]
[1942]
[1943]
[1944]
[1945]
[1946]
[1947]
[1948]
[1949]
[1950]
[1951]
[1952]
[1953]
[1954]
[1955]
[1956]
[1957]
[1958]
[1959]
[1960]
[1961]
[1962]
[1963]
[1964]
[1965]
[1966]
[1967]
[1968]
[1969]
[1970]
[1971]
[1972]
[1973]
[1974]
[1975]
[1976]
[1977]
[1978]
[1979]
[1980]
[1981]
[1982]
[1983]
[1984]
[1985]
[1986]
[1987]
[1988]
[1989]
[1990]
[1991]
[1992]
[1993]
[1994]
[1995]
[1996]
[1997]
[1998]
[1999]
[2000]
[2001]
[2002]
[2003]
[2004]
[2005]
[2006]
[2007]
[2008]
[2009]
[2010]
[2011]
[2012]
[2013]
[2014]
[2015]
[2016]
[2017]
[2018]
[2019]
[2020]
[2021]
[2022]
[2023]
[2024]
[2025]
[2026]
[2027]
[2028]
[2029]
[2030]
[2031]
[2032]
[2033]
[2034]
[2035]
[2036]
[2037]
[2038]
[2039]
[2040]
[2041]
[2042]
[2043]
[2044]
[2045]
[2046]
[2047]
[2048]
[2049]
[2050]
[2051]
[2052]
[2053]
[2054]
[2055]
[2056]
[2057]
[2058]
[2059]
[2060]
[2061]
[2062]
[2063]
[2064]
[2065]
[2066]
[2067]
[2068]
[2069]
[2070]
[2071]
[2072]
[2073]
[2074]
[2075]
[2076]
[2077]
[2078]
[2079]
[2080]
[2081]
[2082]
[2083]
[2084]
[2085]
[2086]
[2087]
[2088]
[2089]
[2090]
[2091]
[2092]
[2093]
[2094]
[2095]
[2096]
[2097]
[2098]
[2099]
[2100]
[2101]
[2102]
[2103]
[2104]
[2105]
[2106]
[2107]
[2108]
[2109]
[2110]
[2111]
[2112]
[2113]
[2114]
[2115]
[2116]
[2117]
[2118]
[2119]
[2120]
[2121]
[2122]
[2123]
[2124]
[2125]
[2126]
[2127]
[2128]
[2129]
[2130]
[2131]
[2132]
[2133]
[2134]
[2135]
[2136]
[2137]
[2138]
[2139]
[2140]
[2141]
[2142]
[2143]
[2144]
[2145]
[2146]
[2147]
[2148]
[2149]
[2150]
[2151]
[2152]
[2153]
[2154]
[2155]
[2156]
[2157]
[2158]
[2159]
[2160]
[2161]
[2162]
[2163]
[2164]
[2165]
[2166]
[2167]
[2168]
[2169]
[2170]
[2171]
[2172]
[2173]
[2174]
[2175]
[2176]
[2177]
[2178]
[2179]
[2180]
[2181]
[2182]
[2183]
[2184]
[2185]
[2186]
[2187]
[2188]
[2189]
[2190]
[2191]
[2192]
[2193]
[2194]
[2195]
[2196]
[2197]
[2198]
[2199]
[2200]
[2201]
[2202]
[2203]
[2204]
[2205]
[2206]
[2207]
[2208]
[2209]
[2210]
[2211]
[2212]
[2213]
[2214]
[2215]
[2216]
[2217]
[2218]
[2219]
[2220]
[2221]
[2222]
[2223]
[2224]
[2225]
[2226]
[2227]
[2228]
[2229]
[2230]
[2231]
[2232]
[2233]
[2234]
[2235]
[2236]
[2237]
[2238]
[2239]
[2240]
[2241]
[2242]
[2243]
[2244]
[2245]
[2246]
[2247]
[2248]
[2249]
[2250]
[2251]
[2252]
[2253]
[2254]
[2255]
[2256]
[2257]
[2258]
[2259]
[2260]
[2261]
[2262]
[2263]
[2264]
[2265]
[2266]
[2267]
[2268]
[2269]
[2270]
[2271]
[2272]
[2273]
[2274]
[2275]
[2276]
[2277]
[2278]
[2279]
[2280]
[2281]
[2282]
[2283]
[2284]
[2285]
[2286]
[2287]
[2288]
[2289]
[2290]
[2291]
[2292]
[2293]
[2294]
[2295]
[2296]
[2297]
[2298]
[2299]
[2300]
[2301]
[2302]
[2303]
[2304]
[2305]
[2306]
[2307]
[2308]
[2309]
[2310]
[2311]
[2312]
[2313]
[2314]
[2315]
[2316]
[2317]
[2318]
[2319]
[2320]
[2321]
[2322]
[2323]
[2324]
[2325]
[2326]
[2327]
[2328]
[2329]
[2330]
[2331]
[2332]
[2333]
[2334]
[2335]
[2336]
[2337]
[2338]
[2339]
[2340]
[2341]
[2342]
[2343]
[2344]
[2345]
[2346]
[2347]
[2348]
[2349]
[2350]
[2351]
[2352]
[2353]
[2354]
[2355]
[2356]
[2357]
[2358]
[2359]
[2360]
[2361]
[2362]
[2363]
[2364]
[2365]
[2366]
[2367]
[2368]
[2369]
[2370]
[2371]
[2372]
[2373]
[2374]
[2375]
[2376]
[2377]
[2378]
[2379]
[2380]
[2381]
[2382]
[2383]
[2384]
[2385]
[2386]
[2387]
[2388]
[2389]
[2390]
[2391]
[2392]
[2393]
[2394]
[2395]
[2396]
[2397]
[2398]
[2399]
[2400]
[2401]
[2402]
[2403]
[2404]
[2405]
[2406]
[2407]
[2408]
[2409]
[2410]
[2411]
[2412]
[2413]
[2414]
[2415]
[2416]
[2417]
[2418]
[2419]
[2420]
[2421]
[2422]
[2423]
[2424]
[2425]
[2426]
[2427]
/*****************************************************************************/
/*
Response.c
HTTP response generation related functions.
Includes NCS character set conversion.
NCS CHARACTER SET CONVERSION
----------------------------
The [CharsetConvert] configuration directive provides the information required
to convert one character set to another based on the "Accept-Charset:" of the
request and the character set associated with the response. The basic format
of the directive is
doc-charset accept-charset[,accept-charset..] [NCS-conv-function[=factor]]
At least one 'doc-charset' and one 'accept-charset' must be present. If only
these two are present (i.e. no 'NCS-conversion-function') it indicates that
the two character sets are aliases (i.e. the same set of characters, different
name) and no conversion is necessary.
If an 'NCS-conversion-function' is supplied it indicates that the document
'doc-charset' can be converted to the request 'Accept-Charset:' preference of
the 'accept-charset' using the NCS conversion function name specified.
A 'factor' parameter can be appended to the conversion function. Some
conversion functions requires more than one output byte to represent one input
byte for some characters. The 'factor' is an integer between 1 and 4
indicating how much more buffer space may be required for the converted string.
It works by allocating that many times more output buffer space than is
occupied by the input buffer. If not specified it defaults to 1, or an output
buffer the same size as the input buffer.
Multiple comma-separated 'accept-charset's may be included as the second
component for either of the above behaviours, with each being matched
individually. Wildcard '*' and '%' may be used in the 'doc-charset and
'accept-charset' strings.
1) If the document character set matches any client accepted character set
*exactly* no conversion or change of charset is required.
[CharsetConvert]
windows-1251 windows-1251,cp-1251
windows-1251 koi8-r koi8r_to_windows1251_to_koi8r
"Accept-Charset: iso-8859-1, cp-1251, *"
(document charset: windows-251)
"Content-Type: text/plain; charset: cp-1251" (with no conversion)
2) If any document-accepted pair of the directive matches the document and
accepted combination of the request and an NCS conversion function has been
specified then it is set to be converted to that. The response charset is
changed to that specified by the 'accept-charset' of the directive. Note the
third conversion function shows a conversion factor of 4, so the output buffer
will be allocated at four times the size of the input buffer.
[CharsetConvert]
koi8-r koi8-r,koi8
koi8-r windows-1251,cp-1251 koi8r_to_windows1251
koi8-r utf8 koi8-r_to_utf8=4
"Accept-Charset: iso-8859-1, cp-1251, *"
(document charset: koi8-r)
"Content-Type: text/plain; charset: cp-1251" (with conversion)
3) If no document-accepted pairs of the directive match the document and
accepted combination of the request and the 'accept-charset' list of the
request included a full wildcard (e.g. ", *") then no conversion is required
and the document charset is retained for the response.
[CharsetConvert]
koi8-r koi8-r,koi8
koi8-r windows-1251,cp-1251 koi8r_to_windows1251
"Accept-Charset: iso-8859-1, mac-cyr, *"
(document charset: koi8-r)
"Content-Type: text/plain; charset: koi8-r" (with no conversion)
4) If no document-accepted pairs of the directive match the document and
accepted combination of the request and the 'accept-charset' list of the
request contains no wildcard then 406 (not acceptable) error is returned.
[CharsetConvert]
koi8-r koi8-r,koi8
koi8-r windows-1251,cp-1251 koi8r_to_windows1251
"Accept-Charset: iso-8859-1, mac-cyr"
(document charset: koi8-r)
"HTTP/1.0 406 Not Acceptable"
Testing the NCS Convert
~~~~~~~~~~~~~~~~~~~~~~~
An $NCS/LIST provides a listing of the available character set conversion
modules. The following setup should convert all documents accessed with a path
beginning /tolower/ to lower case (e.g. http://the.host.name/tolower/ht_root/)
and similarly for upper case.
# WASD_CONFIG_GLOBAL
[CharsetConvert]
iso-8859-1_lower iso-8859-1 Multi_to_Lower
iso-8859-1_upper iso-8859-1 Multi_to_Upper
# WASD_CONFIG_MAP
set /tolower/* charset=iso-8859-1_lower
map /tolower/* /*
set /toupper/* charset=iso-8859-1_upper
map /toupper/* /*
VERSION HISTORY
---------------
VERSION HISTORY
---------------
12-NOV-2020 MGD ResponseHeader() content length now 64 bit
ResponseEntityMatch() allow for unquoted entity
12-FEB-2020 MGD ResponseHeader() provide for "content-security-policy:"
10-OCT-2019 MGD ResponseHiss() and ResponseStream() use task structure
30-JAN-2019 MGD SET response=200=203 for request tracking and log analysis
ResponseHiss() response status changed from 403 to 203
29-NOV-2017 MGD ResponseHeader() no chunk header if 204 status
03-DEC-2016 MGD ResponseHeader() ensure non-printables cannot be injected
11-AUG-2016 MGD ResponseHeader() ->rqCgi.ScriptControlHttpStatus will allow
an error reporting script to override the original status
18-FEB-2016 MGD bugfix; ResponseHeader() for HEAD request transfer-encoding
chunked suppress actual chunked body (RFC 7230 3.3)
30-DEC-2015 MGD rework around HTTP/2 integration
22-FEB-2015 MGD ResponseHeader() Strict-Transport-Security: header
19-JAN-2014 MGD ResponseStream() and request /stream/
02-JAN-2014 MGD ResponseCorsProcess() implement CORS processing
ResponseHeaderAppend() allow "pre-response" appending
17-JUN-2010 MGD ResponseWebSocketHeader() draft-ietf-hybi-..-76
10-FEB-2010 MGD according to http://www.ietf.org/rfc/rfc2145.txt a server
should respond with the minor HTTP version reflecting its
own compliance rather than the client's provided the
response itself is compliant with the client minor version
(i.e. HTTP/1.0 requests should get HTTP/1.1 in the response
status line - and now implemented by ResponseHeader())
24-JAN-2010 MGD ResponseWebSocketHeader()
08-AUG-2006 MGD bugfix; ResponseHeader() accomodate 304 (not modified)
24-NOV-2005 MGD support for the OPAQUE realm
06-OCT-2005 MGD bugfix; ResponseHeader() ensure a charset= supplied with
a text content-type (e.g. from a CGI script) is used
14-JUL-2005 MGD ResponseOptions() discriminate server and resource
requests and respond appropriately using "Allow:"
20-JAN-2005 MGD ResponseHeader() include 'rqResponse.LocationPtr'
16-DEC-2004 MGD ResponseHeader() where content-length is unknown
attempt to enable chunked transfer-encoding
06-SEP-2004 MGD allow ResponseHiss() to specify kBytes
20-JUL-2004 MGD HTTP/1.1 compliance,
modification to ResponseHeader() processing,
if any NCS conversion factor is one-to-many then any
document content-length becomes invalid and is suppressed
21-AUG-2003 MGD "Accept-Ranges:" response field
12-JUL-2003 MGD ensure content type and length set in response header data
03-JUL-2002 MGD move RequestEcho() and RequestWhere() as ResponseEcho()
and ResponseWhere(), add ResponseHiss()
30-APR-2002 MGD "Cache-Control:" field for Mozilla compatibility
23-APR-2002 MGD bugfix; ResponseCharsetConvert() must be FreeFromHeap()!!
10-NOV-2001 MGD initial (some functions moved from SUPPORT.C)
*/
/*****************************************************************************/
#ifdef WASD_VMS_V7
#undef _VMS__V6__SOURCE
#define _VMS__V6__SOURCE
#undef __VMS_VER
#define __VMS_VER 70000000
#undef __CRTL_VER
#define __CRTL_VER 70000000
#endif
/* standard C header files */
#include <stdio.h>
#include <ctype.h>
/* VMS related header files */
#include <ssdef.h>
#include <stsdef.h>
/* application-related header files */
#include "wasd.h"
#define WASD_MODULE "RESPONSE"
/******************/
/* global storage */
/******************/
int ResponseCharsetCount;
char ResponseAllowServer [] =
"Allow: CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE\r\n";
char ResponseAllowResource [] =
"Allow: DELETE, GET, HEAD, POST, PUT\r\n";
/* "MS-Author-Via: DAV" see explanation in DAVWEB.C */
char ResponseAllowWebDavServer [] =
"Allow: CONNECT, COPY, DELETE, GET, HEAD, MKCOL, MOVE, \
OPTIONS, POST, PROPFIND, PROPPATCH, PUT, TRACE\r\n\
MS-Author-Via: DAV\r\n\
DAV: 1\r\n";
char ResponseAllowWebDavLockServer [] =
"Allow: CONNECT, COPY, DELETE, GET, HEAD, LOCK, MKCOL, MOVE, \
OPTIONS, POST, PROPFIND, PROPPATCH, PUT, TRACE, UNLOCK\r\n\
MS-Author-Via: DAV\r\n\
DAV: 1,2\r\n";
char ResponseAllowWebDavResource [] =
"Allow: COPY, DELETE, GET, HEAD, MKCOL, MOVE, POST, PROPFIND, \
PROPPATCH, PUT\r\n\
MS-Author-Via: DAV\r\n\
DAV: 1\r\n";
char ResponseAllowWebDavLockResource [] =
"Allow: COPY, DELETE, GET, HEAD, LOCK, MKCOL, MOVE, POST, PROPFIND, \
PROPPATCH, PUT, UNLOCK\r\n\
MS-Author-Via: DAV\r\n\
DAV: 1,2\r\n";
LIST_HEAD ResponseCharsetList;
char ResponseHeader500 [] =
"HTTP/1.0 500 Internal error\r\n\
Content-Type: text/plain\r\n\
\r\n\
A server error occured when generating the response!\n\
Please report to the site administrator.\n\
\n\0";
/********************/
/* external storage */
/********************/
extern BOOL AuthPromiscuous,
GzipAccept,
GzipResponse,
WebDavEnabled,
WebDavLockingEnabled;
extern int64 HttpdTime64;
extern int NetReadBufferSize,
OutputBufferSize;
extern int ErrorSanityCheck[],
ToLowerCase[],
ToUpperCase[];
extern char *FaoUrlEncodeTable[];
extern char SoftwareID[];
extern ACCOUNTING_STRUCT *AccountingPtr;
extern CONFIG_STRUCT Config;
extern MSG_STRUCT Msgs;
extern WATCH_STRUCT Watch;
/*****************************************************************************/
/*
Generate the HTTP response header field dictionary entries from where an
HTTP/1.n header or HTTP/2 headers response will be derived.
If no response status code is supplied as a parameter it defaults to whatever
'rqptr->rqResponse.HttpStatus' is set. If this is not set both default to 200.
UNLESS this header is for a redirected error report in which case both are set
to the status code of the original request and generate any required
authorization challenges against the original realm if a 401 status!
If a content-type has been supplied with the call (and it always should be!)
generate a "content-type:" header line, with "charset" component if set for the
server or request. A path-set content-type overrides the parameter.
If a modified time is supplied generate a "last-modified:" header line.
If the request is marked as pre-expired then generate an "expires:" header line
containing a distant (but meaningful) past GMT time.
|OtherHeaderPtr| is a catch-all parameter. The fields in this string are
parsed from it and so should use the HTTP/1.n format.
This function will always generate a header (only failing if it cannot allocate
memory, in which case the server exits). If an error is detected when doing so
a bogus 500 header is created with an embedded indication of where the problem
occured. The request will continue but generally when delivered the error
indication will be obvious.
*/
ResponseHeader
(
REQUEST_STRUCT *rqptr,
int HttpStatusCode,
char *ContentTypePtr,
int64 ContentLength64,
unsigned long *ModifiedTime64Ptr,
char *OtherHeaderPtr
)
{
static char CookieString [32],
NumberString [32];
static $DESCRIPTOR (NumberDsc, NumberString);
static $DESCRIPTOR (NumberFaoDsc, "!UL\0");
static $DESCRIPTOR (Number64FaoDsc, "!@SQ\0");
int idx, status, length;
char *cptr, *sptr, *zptr;
char *AuthRealmBufferPtr,
*CharsetPtr,
*LocationPtr,
*SuppliedCharsetPtr;
char ContentTypeString [512],
ModifiedString [32];
DICT_ENTRY_STRUCT *denptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseHeader() !UL !&Z !@SQ !%D !&Z",
HttpStatusCode, ContentTypePtr, &ContentLength64,
ModifiedTime64Ptr ? ModifiedTime64Ptr : 0,
OtherHeaderPtr);
rqptr->rqResponse.HeaderGenerated = true;
if (rqptr->RedirectedXray)
{
rqptr->rqResponse.NoGzip = true;
rqptr->PersistentResponse = false;
}
if (rqptr->rqCgi.ScriptControlHttpStatus)
HttpStatusCode = rqptr->rqCgi.ScriptControlHttpStatus;
if (!HttpStatusCode) HttpStatusCode = rqptr->rqResponse.HttpStatus;
if (!HttpStatusCode) HttpStatusCode = 200;
if (rqptr->rqPathSet.Response200is203 == 203)
if (HttpStatusCode == 200)
HttpStatusCode = 203;
rqptr->rqResponse.HttpStatus = HttpStatusCode;
if (rqptr->RedirectErrorStatusCode &&
!rqptr->rqCgi.ScriptControlHttpStatus)
{
/********************************************/
/* special case ... redirected error report */
/********************************************/
rqptr->rqResponse.HttpStatus = rqptr->RedirectErrorStatusCode;
/* if authorization error then generate authentication challenge(s) */
if (rqptr->rqResponse.HttpStatus == 401)
{
/* of course, use the realm of the original request! */
sptr = rqptr->rqAuth.RealmDescrPtr;
rqptr->rqAuth.RealmDescrPtr = rqptr->RedirectErrorAuthRealmDescrPtr;
ResponseHeaderChallenge (rqptr);
rqptr->rqAuth.RealmDescrPtr = sptr;
}
}
else
if (rqptr->rqResponse.HttpStatus == 401 ||
rqptr->rqResponse.HttpStatus == 407)
ResponseHeaderChallenge (rqptr);
/* if the path has a content-type SET against it then that overrides */
if (rqptr->rqPathSet.ContentTypePtr)
ContentTypePtr = rqptr->rqPathSet.ContentTypePtr;
if (LocationPtr = rqptr->rqResponse.LocationPtr)
rqptr->rqResponse.LocationPtr = NULL;
if (rqptr->rqResponse.HttpStatus == 304)
{
/* not-modified can have no content-type or response body */
ContentTypePtr = NULL;
/* make the content-length zero so there's no temptation to chunk */
ContentLength64 = 0;
}
if (ContentTypePtr && (MATCH5(ContentTypePtr,"text/") ||
MATCH5(ContentTypePtr,"TEXT/")))
{
/*********************/
/* text of some sort */
/*********************/
SuppliedCharsetPtr = NULL;
zptr = (sptr = ContentTypeString) + sizeof(ContentTypeString)-1;
/* as we copy note where any "; charset=" begins */
for (cptr = ContentTypePtr; *cptr && sptr < zptr; *sptr++ = *cptr++)
if (*cptr == ';') SuppliedCharsetPtr = sptr;
if (SuppliedCharsetPtr)
{
cptr = SuppliedCharsetPtr;
if (*cptr) cptr++;
while (ISLWS(*cptr)) cptr++;
if (!strsame (cptr, "charset=", 8)) SuppliedCharsetPtr = NULL;
}
/* if the response character set has been specifically set */
if (!(CharsetPtr = rqptr->rqResponse.MsgCharsetPtr))
/* if the path has a charset SET against it then that overrides */
if (CharsetPtr = rqptr->rqPathSet.CharsetPtr)
if (*CharsetPtr == '(') CharsetPtr = NULL;
/* otherwise, if the server has a default charset then use that */
if (!SuppliedCharsetPtr &&
!CharsetPtr && Config.cfContent.CharsetDefault[0])
CharsetPtr = Config.cfContent.CharsetDefault;
/* if response specifies a character set and we're converting them */
if (CharsetPtr && CharsetPtr[0] && ResponseCharsetCount)
CharsetPtr = ResponseCharsetConvertBegin (rqptr, CharsetPtr);
if (CharsetPtr && CharsetPtr[0])
{
if (SuppliedCharsetPtr) sptr = SuppliedCharsetPtr;
for (cptr = "; charset="; *cptr && sptr < zptr; *sptr++ = *cptr++);
for (cptr = CharsetPtr; *cptr && sptr < zptr; *sptr++ = *cptr++);
}
/* if it overflows (!) just chop it off */
*sptr = '\0';
ContentTypePtr = ContentTypeString;
}
/***************************/
/* generate header entries */
/***************************/
/* note this is an "internal" entry */
sys$fao (&NumberFaoDsc, 0, &NumberDsc, rqptr->rqResponse.HttpStatus);
DictInsert (rqptr->rqDictPtr, DICT_TYPE_INTERNAL,
"response_status", 15, NumberString, -1);
/* note this is an "internal" entry */
DictInsert (rqptr->rqDictPtr, DICT_TYPE_INTERNAL,
"response_reason", 15,
HttpStatusCodeText(rqptr->rqResponse.HttpStatus), -1);
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"server", 6, SoftwareID, -1);
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"date", 4, rqptr->rqTime.GmDateTime, -1);
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"accept-ranges", 13, "bytes", 5);
if (GzipAccept)
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"accept-encoding", 15, "gzip, deflate", 13);
if (rqptr->ServicePtr->SSLserverPtr)
{
char *aptr;
SESOLA_CONTEXT *scptr;
if (!(aptr = rqptr->rqPathSet.ResponseStrictTransSecPtr))
{
scptr = (SESOLA_CONTEXT*)rqptr->ServicePtr->SSLserverPtr;
aptr = scptr->StrictTransSecPtr;
}
/* must begin with a digit (integer seconds) or suppresses */
if (aptr && isdigit(*aptr))
{
denptr = DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"strict-transport-security", 25, NULL, 16);
zptr = (sptr = DICT_GET_VALUE(denptr)) + 16;
for (cptr = "max-age="; *cptr && sptr < zptr; *sptr++ = *cptr++);
for (cptr = aptr; *cptr && sptr < zptr; *sptr++ = *cptr++);
DictValueLength (denptr, (uchar*)sptr - DICT_GET_VALUE(denptr));
}
}
if (LocationPtr)
{
cptr = ResponseNonPrint (rqptr, LocationPtr, -1);
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"location", 8, cptr, -1);
}
if (rqptr->rqResponse.HttpStatus == 401 ||
rqptr->rqResponse.HttpStatus == 407)
{
/* requires authorization challenge */
if (rqptr->rqAuth.BasicChallengePtr)
ResponseDictFromString (rqptr, rqptr->rqAuth.BasicChallengePtr, -1);
if (rqptr->rqAuth.DigestChallengePtr)
ResponseDictFromString (rqptr, rqptr->rqAuth.DigestChallengePtr, -1);
}
if (rqptr->rqResponse.EntityTag[0])
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"etag", 4, rqptr->rqResponse.EntityTag, -1);
if (ModifiedTime64Ptr)
{
status = HttpGmTimeString (ModifiedString, ModifiedTime64Ptr);
if (VMSnok (status))
{
ErrorNoticed (rqptr, status, NULL, FI_LI);
rqptr->rqResponse.Internal500 = true;
return;
}
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"last-modified", 13, ModifiedString, -1);
}
if (rqptr->rqResponse.PreExpired ||
rqptr->rqPathSet.Expired)
{
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"expires", 7, "Fri, 13 Jan 1978 14:00:00 GMT", 29);
/* trying fairly hard here */
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"cache-control", 13,
"no-cache, no-store, max-age=0, must-revalidate, private", 55);
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"pragma", 6, "no-cache", 8);
}
if (ContentTypePtr)
{
cptr = ResponseNonPrint (rqptr, ContentTypePtr, -1);
denptr = DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"content-type", 12, cptr, -1);
rqptr->rqResponse.ContentTypePtr = DICT_GET_VALUE(denptr);
}
if (rqptr->rqResponse.CharsetNcsCfFactor > 1)
{
/* if the conversion is one-to-many the content-length is invalid */
ContentLength64 = -1;
}
if (GzipResponse)
rqptr->rqResponse.ContentEncodeAsGzip =
GzipShouldDeflate (rqptr, ContentTypePtr, ContentLength64);
if (rqptr->rqResponse.ContentEncodeAsGzip)
{
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"content-encoding", 16, "gzip", 4);
/* disable the content-length header */
ContentLength64 = -1;
}
if (HTTP2_REQUEST(rqptr))
{
/* HTTP/2 write are implicitly "chunked" */
rqptr->rqResponse.TransferEncodingChunked = false;
}
else
if (rqptr->rqResponse.HttpVersion == HTTP_VERSION_1_1)
{
if (rqptr->rqResponse.HttpStatus != 204 &&
!rqptr->rqResponse.NoChunked &&
!rqptr->rqPathSet.ResponseNoChunked)
{
if (rqptr->rqCgi.TransferEncodingChunked == CGI_OUTPUT_CHUNK)
{
/* any script has explicitly requested content chunking */
if (!rqptr->rqCgi.TransferEncoding)
{
rqptr->rqResponse.TransferEncodingChunked = true;
ContentLength64 = -1;
}
}
else
if (rqptr->rqCgi.TransferEncodingChunked != CGI_OUTPUT_NO_CHUNK)
{
/* any script has NOT explicitly requested NO content chunking */
if (ContentLength64 < 0 &&
rqptr->PersistentRequest &&
!rqptr->rqCgi.TransferEncoding)
{
/* there's a chance of connection persistence if it's chunked */
rqptr->rqResponse.TransferEncodingChunked = true;
}
}
if (rqptr->rqResponse.TransferEncodingChunked)
{
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"transfer-encoding", 17, "chunked", 7);
/* suppress actual chunked body stream (RFC 7230 3.3) */
if (rqptr->rqHeader.Method == HTTP_METHOD_HEAD)
rqptr->rqResponse.TransferEncodingChunked = false;
}
}
}
if (ContentLength64 != -1)
{
sys$fao (&Number64FaoDsc, 0, &NumberDsc, &ContentLength64);
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"content-length", 14, NumberString, -1);
/* any time we've got a content-length this becomes possible */
rqptr->PersistentResponse = true;
rqptr->rqResponse.ContentLength64 = ContentLength64;
}
else
if (rqptr->rqResponse.TransferEncodingChunked)
{
/* chunking contains it's own implicit content-length */
rqptr->PersistentResponse = true;
}
else
{
/* without content-length this is not possible */
rqptr->PersistentResponse = false;
}
for (idx = 0; idx < RESPONSE_COOKIE_MAX; idx++)
if (rqptr->rqResponse.CookiePtr[idx])
denptr = DictInsert (rqptr->rqDictPtr,
DICT_TYPE_RESPONSE_UNIQUE,
"set-cookie", 10,
rqptr->rqResponse.CookiePtr[idx], -1);
if (NOT_HTTP2_REQUEST(rqptr))
{
/* HTTP/2 manages it's own connectivity */
if (rqptr->rqResponse.HttpVersion == HTTP_VERSION_1_1)
{
if (!rqptr->PersistentRequest || !rqptr->PersistentResponse)
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"connection", 10, "close", 5);
}
else
{
if (rqptr->PersistentRequest && rqptr->PersistentResponse)
{
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"connection", 10, "keep-alive", 10);
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"keep-alive", 10, "", 0);
}
}
}
if (rqptr->rqPathSet.ResponseCspLength)
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"content-security-policy", 23,
rqptr->rqPathSet.ResponseCspPtr,
rqptr->rqPathSet.ResponseCspLength);
if (rqptr->rqPathSet.ResponseCsproLength)
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE,
"content-security-policy-report-only", 35,
rqptr->rqPathSet.ResponseCsproPtr,
rqptr->rqPathSet.ResponseCsproLength);
if (rqptr->rqPathSet.ResponseHeaderAddLength)
ResponseDictFromString (rqptr, rqptr->rqPathSet.ResponseHeaderAddPtr, -1);
if (OtherHeaderPtr)
ResponseDictFromString (rqptr, OtherHeaderPtr, -1);
if (Watch.Category && Watch.Category != WATCH_ONE_SHOT_CAT)
WatchFilterHttpStatus (rqptr);
}
/*****************************************************************************/
/*
Insert response header entries into the dictionary as parsed from a
null-terminated string. Format is "<field-name>:[ ]<field-value>[\r\n]" and if
the string does not comply then is ignored. Field value can be empty. If the
string appears to begin with a NPH request line then parse and add that to the
dictionary.
*/
void ResponseDictFromString
(
REQUEST_STRUCT *rqptr,
char *string,
int length
)
{
int klen, vlen;
char *cptr, *kptr, *vptr, *zptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseDictFromString() !#AZ",
length >= 0 ? length : strlen(string), string);
if (length < 0)
for (zptr = cptr = string; *zptr; zptr++);
else
zptr = (cptr = string) + length;
if (length > 8 && MATCH7 (cptr, "HTTP/1."))
{
for (cptr += 7; cptr < zptr && !ISLWS(*cptr) && NOTEOL(*cptr); cptr++);
while (cptr < zptr && ISLWS(*cptr)) cptr++;
if (isdigit(*cptr))
{
for (vptr = cptr; cptr < zptr && isdigit(*cptr); cptr++);
vlen = cptr - vptr;
DictInsert (rqptr->rqDictPtr, DICT_TYPE_INTERNAL,
"response_status", 15, vptr, vlen);
while (cptr < zptr && ISLWS(*cptr)) cptr++;
if (NOTEOL(*cptr))
{
for (vptr = cptr; cptr < zptr && NOTEOL(*cptr); cptr++);
vlen = cptr - vptr;
DictInsert (rqptr->rqDictPtr, DICT_TYPE_INTERNAL,
"response_reason", 15, vptr, vlen);
}
}
while (cptr < zptr && ISEOL(*cptr)) cptr++;
}
while (cptr < zptr)
{
for (kptr = cptr; cptr < zptr && *cptr != ':' && NOTEOL(*cptr); cptr++);
if (*cptr != ':') break;
klen = cptr - kptr;
for (cptr++; cptr < zptr && ISLWS(*cptr); cptr++);
for (vptr = cptr; cptr < zptr && NOTEOL(*cptr); cptr++);
vlen = cptr - vptr;
DictInsert (rqptr->rqDictPtr, DICT_TYPE_RESPONSE_UNIQUE,
kptr, klen, vptr, vlen);
while (cptr < zptr && ISEOL(*cptr)) cptr++;
}
}
/*****************************************************************************/
/*
The HTTP/1.1 compliant "100 Continue" interim response written synchronously.
*/
ResponseHeader100Continue (REQUEST_STRUCT *rqptr)
{
#define STRCAT(string) { \
for (cptr = string; *cptr && sptr < zptr; *sptr++ = *cptr++); \
}
#define CHRCAT(character) { \
if (sptr < zptr) *sptr++ = character; \
}
int status,
BufferLength;
char *cptr, *sptr, *zptr;
char Buffer [256];
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseHeader100Continue() HTTP/2:!&B",
rqptr->Http2Stream.Http2Ptr != NULL);
if (HTTP2_REQUEST(rqptr)) return;
zptr = (sptr = Buffer) + sizeof(Buffer)-1;
if (rqptr->rqResponse.HttpVersion == HTTP_VERSION_1_1)
STRCAT ("HTTP/1.1 100 Continue\r\nServer: ")
else
STRCAT ("HTTP/1.0 100 Continue\r\nServer: ")
STRCAT (SoftwareID)
STRCAT ("\r\nDate: ")
STRCAT (rqptr->rqTime.GmDateTime)
STRCAT ("\r\nAccept-Ranges: bytes\r\n\r\n")
if (sptr >= zptr)
{
ErrorNoticed (rqptr, SS$_RESULTOVF, NULL, FI_LI);
rqptr->rqResponse.Internal500 = true;
return;
}
*sptr = '\0';
BufferLength = sptr - Buffer;
/* synchronous network write (just for the convenience of it!) */
NetWrite (rqptr, NULL, Buffer, BufferLength);
InstanceMutexLock (INSTANCE_MUTEX_HTTPD);
AccountingPtr->ResponseStatusCodeGroup[1]++;
AccountingPtr->ResponseStatusCodeCount[RequestHttpStatusIndex(100)]++;
InstanceMutexUnLock (INSTANCE_MUTEX_HTTPD);
#undef STRCAT
#undef CHRCAT
}
/*****************************************************************************/
/*
Generate a 200 header response. If output has been buffered and a reference to
the descriptor provided then total-up the content length in all the associated
descriptors and provide that.
*/
ResponseHeader200
(
REQUEST_STRUCT *rqptr,
char *ContentType,
STR_DSC *sdptr
)
{
int64 ContentLength64;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseHeader200() !AZ !&X", ContentType, sdptr);
if (sdptr)
{
/* total-up the content of all associated descriptors */
ContentLength64 = 0;
while (sdptr)
{
ContentLength64 += STR_DSC_LEN(sdptr);
sdptr = STR_DSC_NEXT(sdptr);
}
}
else
ContentLength64 = -1;
ResponseHeader (rqptr, 200, ContentType, ContentLength64, NULL, NULL);
}
/*****************************************************************************/
/*
Generate DIGEST and/or BASIC challenges as appropriate. If the response status
code is 401 (authorization needed) and no realm has been specified change the
code to 403 (forbidden) and just return.
*/
ResponseHeaderChallenge (REQUEST_STRUCT *rqptr)
{
int status;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseHeaderChallenge()");
if (rqptr->rqResponse.HttpStatus == 401 ||
rqptr->rqResponse.HttpStatus == 407)
{
/* for OPAQUE realm it's all up to the script */
if (rqptr->rqAuth.SourceRealm == AUTH_SOURCE_OPAQUE) return;
/* for EXTERNAL realm with a "param=/NO401" it's all up to the script */
if (rqptr->rqAuth.SourceRealm == AUTH_SOURCE_EXTERNAL &&
rqptr->rqAuth.PathParameterPtr &&
strsame (rqptr->rqAuth.PathParameterPtr, "/NO401", 6)) return;
/* without a realm for authentication convert it to forbidden */
if (!rqptr->rqAuth.RealmDescrPtr || !rqptr->rqAuth.RealmDescrPtr[0])
{
rqptr->rqResponse.HttpStatus = 403;
return;
}
}
if (!rqptr->rqAuth.ChallengeScheme)
{
/* ensure at least a BASIC challenge is generated if promiscuous */
if (Config.cfAuth.BasicEnabled || AuthPromiscuous)
rqptr->rqAuth.ChallengeScheme |= AUTH_SCHEME_BASIC;
if (Config.cfAuth.DigestEnabled)
rqptr->rqAuth.ChallengeScheme |= AUTH_SCHEME_DIGEST;
/* if neither scheme enabled don't challenge */
if (!rqptr->rqAuth.ChallengeScheme) rqptr->rqResponse.HttpStatus = 403;
}
if ((rqptr->rqAuth.ChallengeScheme & AUTH_SCHEME_BASIC) &&
!rqptr->rqAuth.BasicChallengePtr)
BasicChallenge (rqptr);
if ((rqptr->rqAuth.ChallengeScheme & AUTH_SCHEME_DIGEST) &&
!rqptr->rqAuth.DigestChallengePtr)
DigestChallenge (rqptr, "");
}
/*****************************************************************************/
/*
Build a complete (HTTP/1.n) response header from dictionary entries and insert
that into the dictionary. Return a pointer to that entry. This may be
directly used as an HTTP/1.n response header.
*/
DICT_ENTRY_STRUCT* ResponseDictHeader (REQUEST_STRUCT *rqptr)
{
BOOL is1;
int size;
char *bptr, *cptr, *kptr, *sptr, *zptr,
*scode, *stext;
DICT_ENTRY_STRUCT *denptr, *renptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE, "ResponseDictHeader()");
is1 = (rqptr->Http2Stream.Http2Ptr == NULL);
size = sizeof("HTTP/1.n \r\n\r\n");
denptr = DictLookup (rqptr->rqDictPtr, DICT_TYPE_INTERNAL,
"response_status", 15);
/* quite possible the header has not been generated yet */
if (denptr == NULL) return (NULL);
scode = DICT_GET_VALUE(denptr);
size += DICT_GET_VALUE_LEN(denptr);
denptr = DictLookup (rqptr->rqDictPtr, DICT_TYPE_INTERNAL,
"response_reason", 15);
/* if response status is in the dictionary the reason should be too */
if (denptr == NULL)
ErrorExitVmsStatus (SS$_BUGCHECK, ErrorSanityCheck, FI_LI);
stext = DICT_GET_VALUE(denptr);
size += DICT_GET_VALUE_LEN(denptr);
DictIterate (rqptr->rqDictPtr, NULL);
while ((denptr = DictIterate (rqptr->rqDictPtr, DICT_TYPE_RESPONSE)) != NULL)
size += DICT_GET_KEY_LEN(denptr) + DICT_GET_VALUE_LEN(denptr) + 4;
/* insert the entry reserving space */
renptr = DictInsert (rqptr->rqDictPtr, DICT_TYPE_INTERNAL,
"response_header", 15, NULL, size);
bptr = DICT_GET_VALUE(renptr);
zptr = (sptr = bptr) + size;
/* response line */
if (rqptr->rqResponse.HttpVersion == HTTP_VERSION_0_9)
cptr = "HTTP/1.0 ";
else
if (rqptr->rqResponse.HttpVersion == HTTP_VERSION_1_0 &&
rqptr->rqPathSet.ResponseHttpOriginal)
cptr = "HTTP/1.0 ";
else
cptr = "HTTP/1.1 ";
while (*cptr && sptr < zptr) *sptr++ = *cptr++;
for (cptr = scode; *cptr && sptr < zptr; *sptr++ = *cptr++);
if (sptr < zptr) *sptr++ = ' ';
for (cptr = stext; *cptr && sptr < zptr; *sptr++ = *cptr++);
if (sptr < zptr) *sptr++ = '\r';
if (sptr < zptr) *sptr++ = '\n';
/* request fields */
DictIterate (rqptr->rqDictPtr, NULL);
while ((denptr = DictIterate (rqptr->rqDictPtr, DICT_TYPE_RESPONSE)) != NULL)
{
/* e.g. |set-cookie| field begins with a number to allow multiples */
for (cptr = kptr = DICT_GET_KEY(denptr); !isalpha(*cptr); cptr++);
while (*cptr && sptr < zptr)
{
/* make it look more like an HTTP/1.1 response by capitalising */
if (is1 && (cptr == kptr || *(cptr-1) == '-'))
*sptr++ = TOUP(*cptr++);
else
*sptr++ = *cptr++;
}
if (sptr < zptr) *sptr++ = ':';
if (sptr < zptr) *sptr++ = ' ';
for (cptr = DICT_GET_VALUE(denptr);
*cptr && sptr < zptr;
*sptr++ = *cptr++);
if (sptr < zptr) *sptr++ = '\r';
if (sptr < zptr) *sptr++ = '\n';
}
if (sptr < zptr) *sptr++ = '\r';
if (sptr < zptr) *sptr++ = '\n';
DictValueLength (renptr, sptr - bptr);
if (sptr > zptr) ErrorNoticed (rqptr, SS$_RESULTOVF, NULL, FI_LI);
return (renptr);
}
/*****************************************************************************/
/*
Generate a location dictionary entry in preparation for a redirect.
If |string| is NULL then the dictionary entry merely reserves space.
*/
char* ResponseLocation
(
REQUEST_STRUCT *rqptr,
char *string,
int length
)
{
DICT_ENTRY_STRUCT *denptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseLocation() !UL !&Z", length, string);
/* no empty locations! */
if (string != NULL && !string[0])
return (rqptr->rqResponse.LocationPtr = NULL);
denptr = DictInsert (rqptr->rqDictPtr, DICT_TYPE_INTERNAL,
"location", 8, string, length);
rqptr->rqResponse.LocationPtr = DICT_GET_VALUE(denptr);
return (rqptr->rqResponse.LocationPtr);
}
/*****************************************************************************/
/*
Ensure non-printables (e.g. <CR>, <LF>) cannot be injected, by URL-encoding.
*/
char* ResponseNonPrint
(
REQUEST_STRUCT *rqptr,
char *string,
int length
)
{
int nonprint;
char *aptr, *cptr, *czptr, *eptr, *sptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseNonPrint() !UL !&Z", length, string);
if (string == NULL) return (string);
if (length >= 0)
czptr = string + length;
else
czptr = string + 1048560;
nonprint = 0;
for (cptr = string; *cptr && cptr < czptr; cptr++)
if (*(uchar*)cptr <= 0x1f || *(uchar*)cptr >= 0x7f) nonprint++;
/* if zero non-printable characters and not a substring */
if (!nonprint && length < 0) return (string);
if (length >= 0)
{
/* substring copied to intermediate storage */
aptr = sptr = VmGetHeap (rqptr, length+1);
for (cptr = string; *cptr && cptr < czptr; *sptr++ = *cptr++);
string = aptr;
}
else
length = cptr - string;
if (nonprint) length += nonprint * 2;
/* URL-encode non-printable characters */
aptr = sptr = VmGetHeap (rqptr, length+1);
cptr = string;
while (*cptr)
{
if (*(uchar*)cptr > 0x1f && *(uchar*)cptr < 0x7f)
*sptr++ = *cptr++;
else
{
eptr = FaoUrlEncodeTable[*(uchar*)cptr++];
while (*eptr) *sptr++ = *eptr++;
}
}
return (aptr);
}
/*****************************************************************************/
/*
Cross-Origin Resource Sharing (CORS) request processing.
This function is called if the request has an "Origin: .." header and the path
has been SET CORS=ORIGIN=.. Performs pre-flight and request checks. If CORS
authorised adds CORS response headers. If not authorised adds nothing.
http://www.w3.org/TR/cors/
http://www.html5rocks.com/en/tutorials/cors/
http://en.wikipedia.org/wiki/Cross-origin_resource_sharing
http://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS
http://www.html5rocks.com/static/images/cors_server_flowchart.png
< Origin:? > --no-------> ( invalid CORS )
|
yes
|
+--------<------no-- < HTTP method OPTIONS? >
| |
| yes
| |
[ actual request ] <---no-- < Access-Control-Request-Method:? > --yes--> [ pre-flight request ]
| |
| |
| < header valid? > --no-----------> ( invalid request )
| | |
| yes no
| | |
| < Access-Control-Request-Header:? > --yes--> < header valid? >
| | |
| no yes
| | |
| [ set Access-Control-Allow-Methods: ] -------<--------+
| |
| |
< expose response headers? > --no------>-------+ [ set Access-Control-Allow-Headers: ]
| | |
yes | |
| | |
[ set Access-Control-Expose-Headers: ] | [ set Access-Control-Max-Age: (optional) ]
| | |
| | |
+--------------->------------------+-----------------<------------------+
|
|
[ set Access-Control-Allow-Origin: ]
|
|
< cookies allowed? > --yes---> [set Access-Control-Allow-Credentials: ]
| |
no |
| |
+-----------------<------------------+
|
|
< pre-flight request? > --yes---------> ( HTTP 200 no body )
|
no
|
( process the request )
*/
ResponseCorsProcess (REQUEST_STRUCT *rqptr)
{
#define STRCAT(string) \
for (cptr = string; *cptr && sptr < zptr; *sptr++ = *cptr++);
static char SimpleMethods [] = "$GET,HEAD,POST",
/* plus a pragmatic few */
SimpleHeaders [] = "$Accept,Accept-Encoding,Accept-Language,\
Connection,Content-Language,Content-Type,DNT,Host,Origin,Referer,User-Agent",
SimpleTypes [] = "$application/x-www-form-urlencoded,\
multipart/form-data,text/plain";
BOOL AllowedCORS,
NonSimpleHeader,
NonSimpleMethod,
SimpleHeader,
SimpleMethod,
SimpleRequest;
int cnt;
char *cptr, *sptr, *zptr;
char buf [2048];
DICT_ENTRY_STRUCT *denptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE, "ResponseCorsProcess()");
if (WATCHING (rqptr, WATCH_REQUEST))
{
WatchThis (WATCHITM(rqptr), WATCH_REQUEST, "CORS: !AZ",
rqptr->rqPathSet.CorsAllowOriginPtr);
WatchDataFormatted ("methods: !AZ\nheaders: !AZ\n\
expose: !AZ\ncredentials: !&B\nmax-age: !UL\n",
rqptr->rqPathSet.CorsAllowMethodsPtr ?
rqptr->rqPathSet.CorsAllowMethodsPtr : "n/a",
rqptr->rqPathSet.CorsAllowHeadersPtr ?
rqptr->rqPathSet.CorsAllowHeadersPtr : "n/a",
rqptr->rqPathSet.CorsExposeHeadersPtr ?
rqptr->rqPathSet.CorsExposeHeadersPtr : "n/a",
rqptr->rqPathSet.CorsAllowCredentials,
rqptr->rqPathSet.CorsMaxAge);
}
/****************/
/* check origin */
/****************/
if (!ResponseCorsOrigin (rqptr))
{
if (WATCHING (rqptr, WATCH_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE,
"CORS: fail \"!AZ\"", rqptr->rqHeader.OriginPtr);
return;
}
AllowedCORS = SimpleRequest = true;
NonSimpleHeader = NonSimpleMethod = SimpleHeader = SimpleMethod = false;
if (rqptr->rqHeader.Method == HTTP_METHOD_OPTIONS &&
rqptr->rqHeader.AccConRequestMethodPtr)
{
/********************/
/* pre-flight check */
/********************/
/* check allowed methods */
if (cptr = rqptr->rqHeader.AccConRequestMethodPtr)
{
NonSimpleMethod = false;
if (!(SimpleMethod = ResponseCorsToken (rqptr, cptr, SimpleMethods)))
NonSimpleMethod = ResponseCorsToken (rqptr, cptr,
rqptr->rqPathSet.CorsAllowMethodsPtr);
if (!(SimpleMethod || NonSimpleMethod))
AllowedCORS = false;
else
if (NonSimpleMethod)
SimpleRequest = false;
}
/* check allowed headers */
if (cptr = rqptr->rqHeader.AccConRequestHeadersPtr)
{
NonSimpleHeader = false;
if (!(SimpleHeader = ResponseCorsToken (rqptr, cptr, SimpleHeaders)))
NonSimpleHeader = ResponseCorsToken (rqptr, cptr,
rqptr->rqPathSet.CorsAllowHeadersPtr);
if (!(SimpleHeader || NonSimpleHeader))
AllowedCORS = false;
else
if (NonSimpleHeader)
SimpleRequest = false;
}
/* for simple requests check any content type */
if (AllowedCORS && SimpleRequest)
if (cptr = rqptr->rqHeader.ContentTypePtr)
if (!ResponseCorsToken (rqptr, cptr, SimpleTypes))
AllowedCORS = false;
if (!AllowedCORS) return;
/**********************/
/* pre-flight headers */
/**********************/
if (WATCHING (rqptr, WATCH_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE,
"CORS: !AZsimple pre-flight OK",
SimpleRequest ? "" : "non-");
zptr = (sptr = buf) + sizeof(buf)-1;
STRCAT ("Access-Control-Allow-Origin: ")
if (*rqptr->rqPathSet.CorsAllowMethodsPtr == '*')
STRCAT ("*")
else
STRCAT (rqptr->rqHeader.OriginPtr)
STRCAT ("\r\n")
if (NonSimpleMethod && rqptr->rqPathSet.CorsAllowMethodsPtr)
{
STRCAT ("Access-Control-Allow-Methods: ")
STRCAT (rqptr->rqPathSet.CorsAllowMethodsPtr)
STRCAT ("\r\n")
}
if (NonSimpleHeader)
{
STRCAT ("Access-Control-Allow-Headers: Content-Type")
if (rqptr->rqPathSet.CorsAllowHeadersPtr)
{
STRCAT (",")
STRCAT (rqptr->rqPathSet.CorsAllowHeadersPtr)
}
STRCAT ("\r\n")
}
if (rqptr->rqPathSet.CorsAllowCredentials)
STRCAT ("Access-Control-Allow-Credentials: true\r\n");
if (rqptr->rqPathSet.CorsMaxAge)
if (sptr+48 < zptr)
sptr += sprintf (sptr, "Access-Control-Max-Age: %d\r\n",
rqptr->rqPathSet.CorsMaxAge);
*sptr = '\0';
if (sptr >= zptr) ErrorNoticed (rqptr, SS$_RESULTOVF, NULL, FI_LI);
ResponseDictFromString (rqptr, buf, sptr - buf);
return;
}
/*****************/
/* request check */
/*****************/
/* request method */
cptr = rqptr->rqHeader.MethodName;
NonSimpleMethod = false;
if (!(SimpleMethod = ResponseCorsToken (rqptr, cptr, SimpleMethods)))
NonSimpleMethod = ResponseCorsToken (rqptr, cptr,
rqptr->rqPathSet.CorsAllowMethodsPtr);
if (!(SimpleMethod || NonSimpleMethod))
AllowedCORS = false;
else
if (NonSimpleMethod)
SimpleRequest = false;
/* request headers */
DictIterate (rqptr->rqDictPtr, NULL);
while (denptr = DictIterate (rqptr->rqDictPtr, DICT_TYPE_REQUEST))
{
cptr = DICT_GET_KEY(denptr);
NonSimpleHeader = false;
if (!(SimpleHeader = ResponseCorsToken (rqptr, cptr, SimpleHeaders)))
NonSimpleHeader = ResponseCorsToken (rqptr, cptr,
rqptr->rqPathSet.CorsAllowHeadersPtr);
if (!(SimpleHeader || NonSimpleHeader))
AllowedCORS = false;
else
if (NonSimpleHeader)
SimpleRequest = false;
/* only check *all* headers if currently WATCHing */
if (!AllowedCORS)
if (!(WATCHING (rqptr, WATCH_RESPONSE)))
break;
}
/* for simple requests check any content type */
if (AllowedCORS && SimpleRequest)
if (cptr = rqptr->rqHeader.ContentTypePtr)
if (!ResponseCorsToken (rqptr, cptr, SimpleTypes))
AllowedCORS = false;
if (!AllowedCORS) return;
/**************/
/* request OK */
/**************/
if (WATCHING (rqptr, WATCH_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE,
"CORS: !AZsimple request OK", SimpleRequest ? "" : "non-");
zptr = (sptr = buf) + sizeof(buf)-1;
STRCAT ("Access-Control-Allow-Origin: ")
STRCAT (rqptr->rqHeader.OriginPtr)
if (rqptr->rqPathSet.CorsAllowCredentials)
STRCAT ("\r\nAccess-Control-Allow-Credentials: true\r\n")
else
STRCAT ("\r\n")
if (rqptr->rqPathSet.CorsExposeHeadersPtr)
{
STRCAT ("Access-Control-Expose-Headers: ")
STRCAT (rqptr->rqPathSet.CorsExposeHeadersPtr)
STRCAT ("\r\n")
}
*sptr = '\0';
if (sptr >= zptr) ErrorNoticed (rqptr, SS$_RESULTOVF, NULL, FI_LI);
ResponseDictFromString (rqptr, buf, sptr - buf);
#undef STRCAT
}
/*****************************************************************************/
/*
Match a comma/white-space separated list of possible origins to the supplied
origin. List origin of '*' matches all. Host portion and port can contain
'*' wildcard allowing the likes of "http://*.example.com" and
"https://example.com:*". Return true or false on match.
*/
BOOL ResponseCorsOrigin (REQUEST_STRUCT *rqptr)
{
BOOL http, match;
int port1, port2;
char ch;
char *c1ptr, *s1ptr, *c2ptr, *s2ptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseCorsOrigin() \"!&Z\" in \"!&Z\"",
rqptr->rqHeader.OriginPtr,
rqptr->rqPathSet.CorsAllowOriginPtr);
if (!(c2ptr = rqptr->rqPathSet.CorsAllowOriginPtr)) return (false);
if (*c2ptr == '*') return (true);
if (!(s1ptr = rqptr->rqHeader.OriginPtr)) return (false);
if (!(http = MATCH7(s1ptr,"http://")) &&
!MATCH8(s1ptr,"https://")) return (false);
match = false;
while (*c2ptr)
{
while (ISLWS(*c2ptr) || *c2ptr == ',') c2ptr++;
if (!*(s2ptr = c2ptr)) break;
c1ptr = s1ptr;
/* match "http://" or "https:/" */
if (MATCH7(c1ptr,c2ptr))
{
if (http)
{
c1ptr += 7;
c2ptr += 7;
port1 = port2 = 80;
}
else
{
c1ptr += 8;
c2ptr += 8;
port1 = port2 = 443;
}
/* match host portion up to (possible) port */
while (*c1ptr && *c1ptr != ':' &&
*c2ptr && *c2ptr != ':' && !ISLWS(*c2ptr) && *c2ptr != ',')
{
if (*c2ptr == '*')
{
/* e.g. "http://*.example.com" */
c2ptr++;
if (*c2ptr && *c2ptr != ':' && !ISLWS(*c2ptr) && *c2ptr != ',')
while (*c1ptr && *c1ptr != *c2ptr) c1ptr++;
}
else
{
if (TOLO(*c1ptr) != TOLO(*c2ptr)) break;
c1ptr++;
c2ptr++;
}
}
if ((!*c1ptr || *c1ptr == ':') &&
(!*c2ptr || *c2ptr == ':' || ISLWS(*c2ptr) || *c2ptr == ','))
{
/* host portion matched, check ports */
if (*c2ptr == ':' && *(c2ptr+1) == '*')
match = true;
else
{
if (*c1ptr == ':' && isdigit(*(c1ptr+1))) port1 = atoi(c1ptr+1);
if (*c2ptr == ':' && isdigit(*(c2ptr+1))) port2 = atoi(c2ptr+1);
if (port1 == port2) match = true;
}
}
if (match) break;
}
while (*c2ptr && !ISLWS(*c2ptr) && *c2ptr != ',') c2ptr++;
}
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE, "match !&B", match);
return (match);
}
/*****************************************************************************/
/*
Processes two lists of tokens (e.g. "one, Two, Three-four") looking for any one
of the first list being in the second list. Return true if hit, otherwise
false. If the second list begins with a dollar symbol it's considered a simple
list and not reported.
*/
BOOL ResponseCorsToken
(
REQUEST_STRUCT *rqptr,
char *List1Ptr,
char *List2Ptr
)
{
#define ISTOK(c) (isalnum(c) || c == '-' || c == '_' || c == '/')
BOOL hit, simple;
int HitCount,
TokenCount;
char *c1ptr, *c2ptr, *s1ptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHALL, WATCH_MOD_RESPONSE,
"ResponseCorsToken() \"!&Z\" in \"!&Z\"",
List1Ptr, List2Ptr);
hit = false;
if (!(c1ptr = List1Ptr) || !List2Ptr) return (false);
if (simple = (*List2Ptr == '$')) List2Ptr++;
/* always matching is acceptable */
if (*List2Ptr == '*') return (true);
HitCount = TokenCount = 0;
while (*c1ptr)
{
while (*c1ptr && !ISTOK(*c1ptr)) c1ptr++;
if (!*(s1ptr = c1ptr)) break;
TokenCount++;
c2ptr = List2Ptr;
while (*c2ptr)
{
while (*c2ptr && !ISTOK(*c2ptr)) c2ptr++;
if (!*c2ptr) break;
c1ptr = s1ptr;
while (ISTOK(*c1ptr) && ISTOK(*c2ptr) &&
TOLO(*c1ptr) == TOLO(*c2ptr))
{
c1ptr++;
c2ptr++;
}
if (hit = !ISTOK(*c1ptr) && !ISTOK(*c2ptr))
{
HitCount++;
break;
}
while (ISTOK(*c2ptr)) c2ptr++;
}
while (ISTOK(*c1ptr)) c1ptr++;
if (!hit)
{
/* only check *all* tokens if currently WATCHing */
if (!simple && WATCHING (rqptr, WATCH_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE,
"CORS: fail \"!#AZ\"", c1ptr-s1ptr, s1ptr);
else
break;
}
}
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHALL, WATCH_MOD_RESPONSE, "hit !&B", hit);
return (HitCount == TokenCount);
#undef ISTOK
}
/*****************************************************************************/
/*
CONFIG.C module calls this function with a string list of all/any
[CharsetConvert] directive entries. Enter the required parameters into a
charset NCS conversion structure and places this at the end of a linked list.
The conversion information is stored as a series of null-terminated strings
addressed by the three pointers. The first, the 'DocCharsetPtr', may itself
be one or more null-terminated strings, terminated by a null-string. Then the
'AccCharsetPtr' and 'NcsCfNamePtr' strings.
*/
ResponseCharsetConfig (META_CONFIG *mcptr)
{
static char ProblemParam [] =
"NCS conversion parameter problem\n\\!AZ\\",
ProblemNcsCf [] =
"NCS conversion function !AZ\n%!&M";
int status;
char *aptr, *cptr, *sptr;
$DESCRIPTOR (CsNameDsc, "");
RESPONSE_CHARSET *csptr;
/*********/
/* begin */
/*********/
if (WATCH_MODULE(WATCH_MOD_CONFIG))
WatchThis (WATCHALL, WATCH_MOD_CONFIG,
"ResponseCharsetConfig()\n!&Z",
Config.cfContent.CharsetConvertPtr);
cptr = Config.cfContent.CharsetConvertPtr;
while (*cptr)
{
/* scan to get maximum possible length of this string */
for (aptr = sptr = cptr; *sptr && *sptr != STRING_LIST_CHAR; sptr++);
/* allocate sufficient storage */
csptr = (RESPONSE_CHARSET*)
VmGet (sizeof(RESPONSE_CHARSET)+((sptr-cptr)*2)+4);
/* this first, literal string is used only for WATCH purposes */
for (sptr = csptr->Storage;
*cptr && *cptr != STRING_LIST_CHAR;
*sptr++ = *cptr++);
*sptr++ = '\0';
/* back to start, skip leading white space */
for (cptr = aptr; *cptr && ISLWS(*cptr); cptr++);
/* parse 'doc-charset' string */
csptr->DocCharsetPtr = sptr;
while (*cptr && !ISLWS(*cptr) && *cptr != STRING_LIST_CHAR)
*sptr++ = *cptr++;
*sptr++ = '\0';
while (*cptr && ISLWS(*cptr)) cptr++;
/* parse 'accept-charset' string */
csptr->AccCharsetPtr = sptr;
while (*cptr)
{
/* parse out comma/white-space delimited string(s) */
while (*cptr && !ISLWS(*cptr) && *cptr != ',' &&
*cptr != STRING_LIST_CHAR) *sptr++ = *cptr++;
*sptr++ = '\0';
while (*cptr && ISLWS(*cptr)) cptr++;
if (*cptr != ',') break;
cptr++;
while (*cptr && ISLWS(*cptr)) cptr++;
}
/* empty string terminate (possible set of) 'accept-charset' string(s) */
*sptr++ = '\0';
while (*cptr && ISLWS(*cptr)) cptr++;
/* parse 'NCS-conversion function' string */
csptr->NcsCfFactor = 1;
csptr->NcsCfNamePtr = sptr;
while (*cptr && !ISLWS(*cptr) &&
*cptr != '=' && *cptr != STRING_LIST_CHAR)
*sptr++ = *cptr++;
*sptr++ = '\0';
if (*cptr == '=')
{
cptr++;
csptr->NcsCfFactor = atoi(cptr);
if (csptr->NcsCfFactor < 1) csptr->NcsCfFactor = 1;
if (csptr->NcsCfFactor > 4) csptr->NcsCfFactor = 4;
while (*cptr && !ISLWS(*cptr) && *cptr != STRING_LIST_CHAR) cptr++;
}
/* scan over any trailing white-space */
while (*cptr && *cptr != STRING_LIST_CHAR) cptr++;
if (*cptr) cptr++;
if (!*csptr->DocCharsetPtr ||
!*csptr->AccCharsetPtr)
{
MetaConReport (mcptr, METACON_REPORT_ERROR, ProblemParam, aptr);
VmFree (csptr, FI_LI);
continue;
}
if (*csptr->NcsCfNamePtr)
{
CsNameDsc.dsc$a_pointer = csptr->NcsCfNamePtr;
CsNameDsc.dsc$w_length = strlen(csptr->NcsCfNamePtr);
status = ncs$get_cf (&csptr->NcsCf, &CsNameDsc, NULL);
if (VMSnok (status))
{
MetaConReport (mcptr, METACON_REPORT_ERROR, ProblemNcsCf, csptr->NcsCfNamePtr, status);
VmFree (csptr, FI_LI);
continue;
}
}
else
csptr->NcsCf = 0;
ListAddTail (&ResponseCharsetList, csptr, LIST_ENTRY_TYPE_CHARSET);
ResponseCharsetCount++;
}
}
/*****************************************************************************/
/*
Accepts a character set name string. Compares this to the request's accepted
character sets, one by one. The comparison algorithm is described in this
module's preamble. Returns a pointer to the response character set. Modifies
the '->rqResponse.CharsetNcsCf' longword to contain the NCS character set
conversion function. This will be used to indicate a conversion should be
performed before writing a network buffer.
*/
char* ResponseCharsetConvertBegin
(
REQUEST_STRUCT *rqptr,
char *CharsetPtr
)
{
BOOL MatchAllWildcard;
int status;
char ch;
char *aptr, *cptr, *sptr;
RESPONSE_CHARSET *csptr;
LIST_ENTRY *leptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseCharsetConvertBegin() !&Z !&Z",
CharsetPtr, rqptr->rqHeader.AcceptCharsetPtr);
if (!(cptr = rqptr->rqHeader.AcceptCharsetPtr))
{
if (WATCHING (rqptr, WATCH_RESPONSE_BODY))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE_BODY,
"NCS$CONVERT no request charset");
return (CharsetPtr);
}
if (WATCHING (rqptr, WATCH_RESPONSE_BODY))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE_BODY, "NCS$CONVERT !AZ to !AZ",
CharsetPtr, cptr);
InstanceGblSecIncrLong (&AccountingPtr->NcsCount);
/* attempt to match character set with one accepted by the request header */
while (*cptr)
{
while (*cptr && ISLWS(*cptr)) cptr++;
sptr = cptr;
while (*cptr && *cptr != ';' && *cptr != ',' && !ISLWS(*cptr))
cptr++;
ch = *cptr;
*cptr = '\0';
if (SAME2(sptr,'*\0'))
{
/* note the presence of a match-all wildcard */
MatchAllWildcard = true;
if (*cptr = ch) cptr++;
while (*cptr && *cptr != ',') cptr++;
while (*cptr == ',') cptr++;
continue;
}
if (strsame (CharsetPtr, sptr, -1))
{
/* exact match, no conversion necessary */
if (WATCHING (rqptr, WATCH_RESPONSE_BODY))
WatchDataFormatted ("\"!AZ\" match, no conversion\n", sptr);
*cptr = ch;
return (CharsetPtr);
}
/* look through the list of sets of convertable character sets */
for (leptr = ResponseCharsetList.HeadPtr; leptr; leptr = leptr->NextPtr)
{
csptr = (RESPONSE_CHARSET*)leptr;
if (WATCHING (rqptr, WATCH_RESPONSE_BODY))
WatchDataFormatted ("\"!AZ\" with \"!AZ\"\n", sptr, csptr->Storage);
/* if the 'doc-charset' does not match the 'document' charset */
if (!StringMatch (rqptr, CharsetPtr, csptr->DocCharsetPtr)) continue;
/* if (one of) 'acc-charset' does not match 'Accept-Charset:' */
aptr = csptr->AccCharsetPtr;
while (*aptr)
{
if (StringMatch (rqptr, sptr, aptr)) break;
while (*aptr) aptr++;
aptr++;
}
if (!*aptr) continue;
/* matches both charset strings */
rqptr->rqResponse.CharsetNcsCf = csptr->NcsCf;
rqptr->rqResponse.CharsetNcsCfFactor = csptr->NcsCfFactor;
if (WATCHING (rqptr, WATCH_RESPONSE_BODY))
if (rqptr->rqResponse.CharsetNcsCf)
WatchDataFormatted ("\"!AZ\" conversion using \"!AZ\"\n",
sptr, csptr->NcsCfNamePtr);
else
WatchDataFormatted ("\"!AZ\" alias, no conversion\n", sptr);
if (rqptr->rqResponse.CharsetNcsCf)
InstanceGblSecIncrLong (&AccountingPtr->NcsConvertCount);
CharsetPtr = VmGetHeap (rqptr, strlen(sptr)+1);
strcpy (CharsetPtr, sptr);
*cptr = ch;
return (CharsetPtr);
}
if (*cptr = ch) cptr++;
while (*cptr && *cptr != ',') cptr++;
while (*cptr == ',') cptr++;
}
if (WATCHING (rqptr, WATCH_RESPONSE_BODY))
if (MatchAllWildcard)
WatchDataFormatted ("\"*\" wildcard, no conversion\n");
else
WatchDataFormatted ("no match, no conversion\n");
return (CharsetPtr);
}
/*****************************************************************************/
/*
When 'rqResponse.CharsetNcsCf' is non-zero NetWrite() calls this function
immediately before writing the buffer specified by 'DataPtr' and 'DataLength'
passed as the addresses of these two parameters by 'DataPtrPtr' and
'DataLengthPtr'. This function uses ncs$convert() to transliterate each
character into the target character set. It allocates specific buffer space
(which may vary in size depending on whether it coming from cache, file or
other modules), the conversion is performed into that, and the data pointer and
size originally passed as parameters are adjusted to point to this. Returns a
VMS status which NetWrite() should report and abort the write if an error.
*/
int ResponseCharsetConvert
(
REQUEST_STRUCT *rqptr,
char **DataPtrPtr,
int *DataLengthPtr
)
{
static $DESCRIPTOR (SrcDsc, "");
static $DESCRIPTOR (DstDsc, "");
int status,
BufferSize;
unsigned short CvtLen, NotCvtLen;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseCharsetConvert() !&X !UL !UL !UL",
*DataPtrPtr, *DataLengthPtr,
rqptr->rqResponse.CharsetNcsBufferSize,
rqptr->rqResponse.CharsetNcsCfFactor);
if (rqptr->rqResponse.CharsetNcsBufferSize <
*DataLengthPtr * rqptr->rqResponse.CharsetNcsCfFactor)
{
if (*DataLengthPtr < OutputBufferSize)
BufferSize = OutputBufferSize;
else
BufferSize = *DataLengthPtr;
BufferSize *= rqptr->rqResponse.CharsetNcsCfFactor;
if (BufferSize > 65535)
{
ErrorNoticed (rqptr, SS$_IVBUFLEN, NULL, FI_LI);
return (SS$_IVBUFLEN);
}
if (rqptr->rqResponse.CharsetNcsBufferPtr)
VmFreeFromHeap (rqptr, rqptr->rqResponse.CharsetNcsBufferPtr, FI_LI);
rqptr->rqResponse.CharsetNcsBufferPtr = VmGetHeap (rqptr, BufferSize);
rqptr->rqResponse.CharsetNcsBufferSize = BufferSize;
}
SrcDsc.dsc$a_pointer = *DataPtrPtr;
SrcDsc.dsc$w_length = *DataLengthPtr;
DstDsc.dsc$a_pointer = rqptr->rqResponse.CharsetNcsBufferPtr;
DstDsc.dsc$w_length = rqptr->rqResponse.CharsetNcsBufferSize;
status = ncs$convert (&rqptr->rqResponse.CharsetNcsCf, &SrcDsc, &DstDsc,
&CvtLen, &NotCvtLen);
if (VMSok (status) && NotCvtLen) status = SS$_BUGCHECK;
if (VMSnok (status)) ErrorNoticed (rqptr, status, NULL, FI_LI);
if (WATCHING (rqptr, WATCH_RESPONSE_BODY))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE_BODY,
"NCS$CONVERT src:!UL dst:!UL cvt:!UL not:!UL !&S",
*DataLengthPtr, rqptr->rqResponse.CharsetNcsBufferSize,
CvtLen, NotCvtLen, status);
*DataPtrPtr = rqptr->rqResponse.CharsetNcsBufferPtr;
*DataLengthPtr = CvtLen;
return (status);
}
/*****************************************************************************/
/*
Implements the HTTP/1.1 OPTIONS method by returning an appropriate response
header. Discriminate between per-server ('*') and per-resource (path) requests
and respond using "Allow:".
*/
ResponseOptions (REQUEST_STRUCT *rqptr)
{
BOOL WebDavLockingOptions,
WebDavOptions;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseOptions() !&F", &ResponseOptions);
if (!rqptr->rqHeader.RequestUriPtr ||
rqptr->rqHeader.RequestUriPtr[0] == '*')
{
if (WebDavLockingEnabled)
ResponseHeader (rqptr, 200, NULL, 0, NULL,
ResponseAllowWebDavLockServer);
else
if (WebDavEnabled)
ResponseHeader (rqptr, 200, NULL, 0, NULL,
ResponseAllowWebDavServer);
else
ResponseHeader (rqptr, 200, NULL, 0, NULL,
ResponseAllowServer);
}
else
{
WebDavOptions = WebDavEnabled &&
(rqptr->rqPathSet.WebDavProfile ||
rqptr->rqPathSet.WebDavRead ||
rqptr->rqPathSet.WebDavServer ||
rqptr->rqPathSet.WebDavWrite);
WebDavLockingOptions = WebDavOptions &&
WebDavLockingEnabled &&
!rqptr->rqPathSet.WebDavNoLock;
if (WebDavLockingOptions)
ResponseHeader (rqptr, 200, NULL, 0, NULL,
ResponseAllowWebDavLockResource);
else
if (WebDavOptions)
ResponseHeader (rqptr, 200, NULL, 0, NULL,
ResponseAllowWebDavResource);
else
ResponseHeader (rqptr, 200, NULL, 0, NULL,
ResponseAllowResource);
}
RequestEnd (rqptr);
}
/*****************************************************************************/
/*
Echo back to the client as a "message/http" response the entire request header
and any body content. This implements the HTTP/1.1 TRACE method and the WASD
/echo/ 'script'.
*/
ResponseTrace (REQUEST_STRUCT *rqptr)
{
DICT_ENTRY_STRUCT *denptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"ResponseTrace() !&F", &ResponseTrace);
if (!rqptr->TraceTaskPtr)
{
/* first call, initialize */
rqptr->TraceTaskPtr = VmGetHeap (rqptr, sizeof(TRACE_TASK));
if (RequestDictHeader (rqptr))
BodyReadBegin (rqptr, &ResponseTrace, NULL);
else
RequestEnd (rqptr);
return;
}
if (!rqptr->rqResponse.PreExpired)
{
/* second call (from BodyReadBegin()) */
rqptr->rqResponse.PreExpired = rqptr->rqResponse.NoGzip = true;
if (rqptr->rqHeader.Method == HTTP_METHOD_TRACE)
ResponseHeader (rqptr, 200, "message/http", -1, NULL, NULL);
else
ResponseHeader (rqptr, 200, "text/plain", -1, NULL, NULL);
denptr = RequestDictHeader (rqptr);
NetWrite (rqptr, &ResponseTrace, DICT_GET_VALUE(denptr),
DICT_GET_VALUE_LEN(denptr));
return;
}
/* third and subsequent calls */
if (VMSnok (rqptr->rqBody.DataStatus) ||
rqptr->RequestState >= REQUEST_STATE_ABORT)
{
/* error or end-of-file (body) */
rqptr->TraceTaskPtr = NULL;
RequestEnd (rqptr);
return;
}
NetWrite (rqptr, &BodyRead, rqptr->rqBody.DataPtr, rqptr->rqBody.DataCount);
}
/*****************************************************************************/
/*
Return a stream of pseudo-random alpha-numeric noise. Designed to return
low-cost 'discouraging' responses to clients that may be sourcing attacks.
This function is called directly to initiate and thereafter as an AST.
Output stops after the client disconnects or when the path specified (e.g.
"/hiss/30" kilobytes) or ADMIN_SCRIPT_HISS_MAX_BYTES number of bytes is
reached.
*/
ResponseHiss (REQUEST_STRUCT *rqptr)
{
int cnt;
char *cptr, *sptr, *zptr;
HISS_TASK *tkptr;
int64 RandomNumber;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE, "ResponseHiss() !&F !AZ",
&ResponseHiss, rqptr->MappedPathPtr);
if (!(tkptr = rqptr->HissTaskPtr))
{
/* first call, initialize */
rqptr->HissTaskPtr = tkptr = VmGetHeap (rqptr, sizeof(HISS_TASK));
rqptr->rqResponse.HttpStatus = 203;
rqptr->rqResponse.HeaderSent = true;
StrDscIfNotBegin (rqptr, &rqptr->NetWriteBufferDsc, NetReadBufferSize);
zptr = (sptr = STR_DSC_PTR(&rqptr->NetWriteBufferDsc)) +
STR_DSC_SIZE(&rqptr->NetWriteBufferDsc);
RandomNumber = HttpdTime64;
while (sptr < zptr)
{
/* cheap (no subroutine call) MTH$RANDOM() */
RandomNumber = RandomNumber * 69069 + 1;
cptr = (char*)&RandomNumber;
for (cnt = sizeof(RandomNumber); cnt && sptr < zptr; cnt--)
{
if (isalnum(*cptr)) *sptr++ = *cptr;
cptr++;
}
}
/* get value optionally following path */
if (*(cptr = rqptr->MappedPathPtr) == '/') cptr++;
tkptr->HissBytesMax = atoi(cptr) * 1024;
if (!tkptr->HissBytesMax ||
tkptr->HissBytesMax > ADMIN_SCRIPT_HISS_MAX_BYTES)
tkptr->HissBytesMax = ADMIN_SCRIPT_HISS_MAX_BYTES;
/* before any real network write just fudge the status */
rqptr->NetIoPtr->WriteStatus = SS$_NORMAL;
}
if (VMSnok (rqptr->NetIoPtr->WriteStatus) ||
rqptr->NetIoPtr->BytesRawTx64 >= tkptr->HissBytesMax ||
rqptr->RequestState >= REQUEST_STATE_ABORT)
{
StrDscNoContent(&rqptr->NetWriteBufferDsc);
rqptr->HissTaskPtr = NULL;
RequestEnd (rqptr);
return;
}
NetWriteRaw (rqptr, &ResponseHiss,
STR_DSC_PTR(&rqptr->NetWriteBufferDsc),
STR_DSC_SIZE(&rqptr->NetWriteBufferDsc));
}
/*****************************************************************************/
/*
By default returns a stream of pseudo-random "lines" of 8 bit printable
characters. Very light-weight test stream at maximum throughput. URI is
/stream/ with optional trailing type of stream ("binary", "octet", "text") and
further optional trailing integer (of kbytes).
Examples: /stream/ 8 bit printables until client disconnects
/stream/100/ 100kB of 8 bit printables and then quit
/stream/binary:250/ 250kB of random octets and then quit
/stream/text/ unlimited lines of 80 column 7 bit text
/stream/text:10/ 10kB of 80 column 7 bit text then quit
/stream/octet/ unlimited octets cycling thru 0x00..0xff
*/
ResponseStream (REQUEST_STRUCT *rqptr)
{
uint bytes, cnt;
unsigned char octet;
unsigned char *aptr, *cptr, *sptr, *zptr;
STREAM_TASK *tkptr;
uint64 RandomNumber;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE, "ResponseStream() !&F !AZ",
&ResponseStream, rqptr->MappedPathPtr);
if (!(tkptr = rqptr->StreamTaskPtr))
{
/* first call, initialize */
rqptr->StreamTaskPtr = tkptr = VmGetHeap (rqptr, sizeof(STREAM_TASK));
if (*(cptr = rqptr->MappedPathPtr) == '/') cptr++;
if (!(tkptr->StreamTypeFlag = TOLO(*cptr)))
tkptr->StreamTypeFlag = 's';
while (*cptr && !isdigit(*cptr)) cptr++;
tkptr->StreamBytesMax = atoi(cptr) * 1024;
if (!tkptr->StreamBytesMax) tkptr->StreamBytesMax = -1;
tkptr->StreamOctetBuffer = 0;
rqptr->rqResponse.NoChunked = rqptr->rqResponse.NoGzip =
rqptr->rqResponse.PreExpired = true;
if (tkptr->StreamTypeFlag == 'b' ||
tkptr->StreamTypeFlag == 'o')
ResponseHeader200 (rqptr, "application/binary", NULL);
else
ResponseHeader200 (rqptr, "text/plain", NULL);
StrDscIfNotBegin (rqptr, &rqptr->NetWriteBufferDsc, OutputBufferSize);
/* before any real network write just fudge the status */
rqptr->NetIoPtr->WriteStatus = SS$_NORMAL;
}
if (!tkptr->StreamBytesMax ||
VMSnok (rqptr->NetIoPtr->WriteStatus) ||
rqptr->RequestState >= REQUEST_STATE_ABORT)
{
StrDscNoContent(&rqptr->NetWriteBufferDsc);
rqptr->StreamTaskPtr = NULL;
RequestEnd (rqptr);
return;
}
aptr = sptr = STR_DSC_PTR(&rqptr->NetWriteBufferDsc);
zptr = sptr + STR_DSC_SIZE(&rqptr->NetWriteBufferDsc);
switch (tkptr->StreamTypeFlag)
{
case 'b' :
/* binary - random 8 bit octets */
sys$gettim (&RandomNumber);
while (sptr < zptr)
{
/* cheap (no subroutine call) MTH$RANDOM() */
RandomNumber = RandomNumber * 69069 + 1;
cptr = (unsigned char*)&RandomNumber;
for (cnt = sizeof(RandomNumber); cnt && sptr < zptr; cnt--)
*sptr++ = *cptr++;
}
break;
case 'o' :
/* octets - continuously cycle 0x00..0xff */
octet = (unsigned char)tkptr->StreamOctetBuffer;
while (sptr < zptr) *sptr++ = (char)octet++;
tkptr->StreamOctetBuffer = (int)octet;
break;
case 't' :
/* text - repeated lines of 7 bit characters */
while (sptr < zptr)
{
for (cnt = ('z'-80+1); cnt <= 'z'; cnt++) *sptr++ = (char)cnt;
*sptr++ = '\n';
/* only complete lines of 80 characters */
if (sptr + 81 >= zptr) zptr = sptr;
}
break;
default :
/* stream of 8 bit printables */
sys$gettim (&RandomNumber);
while (sptr < zptr)
{
/* cheap (no subroutine call) MTH$RANDOM() */
RandomNumber = RandomNumber * 69069 + 1;
cptr = (unsigned char*)&RandomNumber;
for (cnt = sizeof(RandomNumber); cnt && sptr < zptr; cnt--)
if (isprint(*cptr) || *cptr == '\n')
*sptr++ = *cptr++;
else
cptr++;
}
}
if (tkptr->StreamBytesMax != -1)
{
/* not unlimited stream */
bytes = tkptr->StreamBytesMax;
if (bytes < sptr - aptr) sptr = aptr + bytes;
tkptr->StreamBytesMax -= sptr - aptr;
}
NetWrite (rqptr, &ResponseStream, aptr, sptr - aptr);
}
/*****************************************************************************/
/*
After the mapping the path, etc., parse it again (in case of error,
RequestScript() ignores errors) and return the VMS file name as a plain text
document. This function merely translates any logicals, etc., and reports the
resulting name, it does not demonstrate the directory or file actually exists.
The call is set up in RequestScript().
*/
ResponseWhere
(
REQUEST_STRUCT *rqptr,
char *MappedFile
)
{
int status;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE, "ResponseWhere()");
OdsParse (&rqptr->ParseOds,
MappedFile, 0, NULL, 0,
NAM$M_SYNCHK, NULL, rqptr);
if (VMSok (status = rqptr->ParseOds.Fab.fab$l_sts))
{
if (VMSnok (status = OdsParseTerminate (&rqptr->ParseOds)))
{
ErrorNoticed (rqptr, status, NULL, FI_LI);
RequestEnd (rqptr);
return;
}
rqptr->rqResponse.PreExpired = true;
ResponseHeader200 (rqptr, "text/plain", NULL);
/* queue a network write to the client, AST to end processing */
NetWrite (rqptr, &RequestEnd,
rqptr->ParseOds.ExpFileName, rqptr->ParseOds.ExpFileNameLength);
return;
}
else
{
rqptr->rqResponse.ErrorTextPtr = rqptr->rqHeader.PathInfoPtr;
ErrorVmsStatus (rqptr, status, FI_LI);
RequestEnd (rqptr);
return;
}
}
/*****************************************************************************/
/*
Match any request match conditionals to any entity present. Generate a 412
HTTP response (precondition failed) and return false to halt continued request
processing if the conditional(s) requires, otherwise return true to continue
processing the request.
*/
BOOL ResponseEntityMatch
(
REQUEST_STRUCT *rqptr,
char *EntityTag
)
{
BOOL DoesMatch;
char ch;
char *cptr, *sptr;
/*********/
/* begin */
/*********/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE, "ResponseEntityMatch()");
if (rqptr->rqHeader.IfMatchPtr)
{
/***********************/
/* if match entity tag */
/***********************/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"if-match !&Z !&Z",
rqptr->rqHeader.IfMatchPtr,
EntityTag && *EntityTag ? EntityTag : "(none)");
if (!(EntityTag && *EntityTag))
DoesMatch = false;
else
if (rqptr->rqHeader.IfMatchPtr[0] == '*')
DoesMatch = true;
else
{
DoesMatch = false;
cptr = rqptr->rqHeader.IfMatchPtr;
while (*cptr)
{
ch = ',';
while (*cptr && *cptr == ' ') cptr++;
if (*cptr == '\"') ch = *cptr++;
for (sptr = cptr; *sptr && *sptr != ch; sptr++);
ch = *sptr;
*sptr = '\0';
DoesMatch = !strcmp (cptr, EntityTag);
if (WATCHING (rqptr, WATCH_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE,
"IF match !AZ !AZ !&B",
EntityTag, cptr, DoesMatch);
*(cptr = sptr) = ch;
if (DoesMatch) break;
if (*cptr == '\"') cptr++;
if (*cptr == ',') cptr++;
}
}
if (!DoesMatch)
{
/* precondition failed */
if (rqptr->WebDavTaskPtr)
DavWebResponse (rqptr, 412, 0, "If-Match:", FI_LI);
else
ResponseHeader (rqptr, 412, NULL, 0, NULL, NULL);
return (false);
}
}
if (rqptr->rqHeader.IfNoneMatchPtr)
{
/****************************/
/* if none-match entity tag */
/****************************/
if (WATCHMOD (rqptr, WATCH_MOD_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_MOD_RESPONSE,
"if-none-match !&Z !&Z",
rqptr->rqHeader.IfNoneMatchPtr,
EntityTag && *EntityTag ? EntityTag : "(none)");
DoesMatch = false;
if (!EntityTag || !*EntityTag)
DoesMatch = false;
else
if (rqptr->rqHeader.IfNoneMatchPtr[0] == '*')
DoesMatch = true;
else
{
cptr = rqptr->rqHeader.IfNoneMatchPtr;
while (*cptr)
{
while (*cptr && *cptr != '\"') cptr++;
if (*cptr) cptr++;
for (sptr = cptr; *sptr && *sptr != '\"'; sptr++);
if (*sptr)
{
*sptr = '\0';
DoesMatch = !strcmp (cptr, EntityTag);
if (WATCHING (rqptr, WATCH_RESPONSE))
WatchThis (WATCHITM(rqptr), WATCH_RESPONSE,
"IF none-match !AZ !AZ !&B",
EntityTag, cptr, DoesMatch);
*sptr = '\"';
if (DoesMatch) break;
cptr = sptr + 1;
}
}
}
if (DoesMatch &&
rqptr->rqHeader.Method != HTTP_METHOD_GET &&
rqptr->rqHeader.Method != HTTP_METHOD_HEAD)
{
/* precondition failed */
if (rqptr->WebDavTaskPtr)
DavWebResponse (rqptr, 412, 0, "If-None-Match:", FI_LI);
else
ResponseHeader (rqptr, 412, NULL, 0, NULL, NULL);
return (false);
}
}
return (true);
}
/*****************************************************************************/