X-Git-Url: http://git.indexdata.com/?p=yaz-moved-to-github.git;a=blobdiff_plain;f=src%2Fseshigh.c;h=f6dedb5d50673cfc18a7a82f39b9dc7c54417d29;hp=5a4f4efbce94181baaf88c05cb16361b7b38b457;hb=65f297c24c59e95f860f29928d3588c5dc98ba4c;hpb=27ea5a731ded352ca1b49970997be5fa570870b4 diff --git a/src/seshigh.c b/src/seshigh.c index 5a4f4ef..f6dedb5 100644 --- a/src/seshigh.c +++ b/src/seshigh.c @@ -2,7 +2,7 @@ * Copyright (C) 1995-2005, Index Data ApS * See the file LICENSE for details. * - * $Id: seshigh.c,v 1.68 2006-03-13 11:59:27 adam Exp $ + * $Id: seshigh.c,v 1.79 2006-05-08 19:48:26 adam Exp $ */ /** * \file seshigh.c @@ -60,6 +60,7 @@ #include #include "eventl.h" #include "session.h" +#include "mime.h" #include #include #include @@ -183,8 +184,7 @@ association *create_association(IOCHAN channel, COMSTACK link, request_initq(&anew->incoming); request_initq(&anew->outgoing); anew->proto = cs_getproto(link); - anew->cql_transform = 0; - anew->server_node_ptr = 0; + anew->server = 0; return anew; } @@ -359,10 +359,10 @@ void ir_session(IOCHAN h, int event) if (!z_GDU(assoc->decode, &req->gdu_request, 0, 0)) { yaz_log(YLOG_WARN, "ODR error on incoming PDU: %s [element %s] " - "[near byte %d] ", + "[near byte %ld] ", odr_errmsg(odr_geterror(assoc->decode)), odr_getelement(assoc->decode), - odr_offset(assoc->decode)); + (long) odr_offset(assoc->decode)); if (assoc->decode->error != OHTTP) { yaz_log(YLOG_WARN, "PDU dump:"); @@ -487,7 +487,7 @@ static void assoc_init_reset(association *assoc) yaz_log(log_requestdetail, "peer %s", assoc->init->peer_name); } -static int srw_bend_init(association *assoc, Z_SRW_diagnostic **d, int *num) +static int srw_bend_init(association *assoc, Z_SRW_diagnostic **d, int *num, Z_SRW_PDU *sr) { statserv_options_block *cb = statserv_getcontrol(); if (!assoc->init) @@ -501,6 +501,26 @@ static int srw_bend_init(association *assoc, Z_SRW_diagnostic **d, int *num) assoc->maximumRecordSize = 3000000; assoc->preferredMessageSize = 3000000; + + if (sr->username) + { + Z_IdAuthentication *auth = odr_malloc(assoc->decode, sizeof(*auth)); + int len; + + len = strlen(sr->username) + 1; + if (sr->password) + len += strlen(sr->password) + 2; + auth->which = Z_IdAuthentication_open; + auth->u.open = odr_malloc(assoc->decode, len); + strcpy(auth->u.open, sr->username); + if (sr->password && *sr->password) + { + strcat(auth->u.open, "/"); + strcat(auth->u.open, sr->password); + } + assoc->init->auth = auth; + } + #if 1 ce = yaz_set_proposal_charneg(assoc->decode, &encoding, 1, 0, 0, 1); assoc->init->charneg_request = ce->u.charNeg3; @@ -514,10 +534,12 @@ static int srw_bend_init(association *assoc, Z_SRW_diagnostic **d, int *num) return 0; } assoc->backend = binitres->handle; + assoc->init->auth = 0; if (binitres->errcode) { + int srw_code = yaz_diag_bib1_to_srw(binitres->errcode); assoc->state = ASSOC_DEAD; - yaz_add_srw_diagnostic(assoc->encode, d, num, binitres->errcode, + yaz_add_srw_diagnostic(assoc->encode, d, num, srw_code, binitres->errstring); return 0; } @@ -526,6 +548,137 @@ static int srw_bend_init(association *assoc, Z_SRW_diagnostic **d, int *num) return 1; } +static const char *get_esn(Z_RecordComposition *comp) +{ + if (comp && comp->which == Z_RecordComp_complex) + { + if (comp->u.complex->generic + && comp->u.complex->generic->elementSpec + && (comp->u.complex->generic->elementSpec->which == + Z_ElementSpec_elementSetName)) + return comp->u.complex->generic->elementSpec->u.elementSetName; + } + else if (comp && comp->which == Z_RecordComp_simple && + comp->u.simple->which == Z_ElementSetNames_generic) + return comp->u.simple->u.generic; + return 0; +} + +static void set_esn(Z_RecordComposition **comp_p, const char *esn, NMEM nmem) +{ + Z_RecordComposition *comp = nmem_malloc(nmem, sizeof(*comp)); + + comp->which = Z_RecordComp_simple; + comp->u.simple = nmem_malloc(nmem, sizeof(*comp->u.simple)); + comp->u.simple->which = Z_ElementSetNames_generic; + comp->u.simple->u.generic = nmem_strdup(nmem, esn); + *comp_p = comp; +} + +static int retrieve_fetch(association *assoc, bend_fetch_rr *rr) +{ +#if HAVE_XML2 + yaz_record_conv_t rc = 0; + const char *match_schema = 0; + int *match_syntax = 0; + + if (assoc->server) + { + int r; + const char *input_schema = get_esn(rr->comp); + Odr_oid *input_syntax_raw = rr->request_format_raw; + + const char *backend_schema = 0; + Odr_oid *backend_syntax = 0; + + r = yaz_retrieval_request(assoc->server->retrieval, + input_schema, + input_syntax_raw, + &match_schema, + &match_syntax, + &rc, + &backend_schema, + &backend_syntax); + yaz_log(YLOG_LOG, "yaz_retrieval_request r=%d", r); + if (r == -1) /* error ? */ + { + const char *details = yaz_retrieval_get_error( + assoc->server->retrieval); + + rr->errcode = YAZ_BIB1_SYSTEM_ERROR_IN_PRESENTING_RECORDS; + if (details) + rr->errstring = odr_strdup(rr->stream, details); + return -1; + } + else if (r == 1 || r == 3) + { + const char *details = input_schema; + rr->errcode = YAZ_BIB1_ELEMENT_SET_NAMES_UNSUPP; + if (details) + rr->errstring = odr_strdup(rr->stream, details); + return -1; + } + else if (r == 2) + { + rr->errcode = YAZ_BIB1_RECORD_SYNTAX_UNSUPP; + if (input_syntax_raw) + { + char oidbuf[OID_STR_MAX]; + oid_to_dotstring(input_syntax_raw, oidbuf); + rr->errstring = odr_strdup(rr->stream, oidbuf); + } + return -1; + } + if (backend_schema) + { + set_esn(&rr->comp, backend_schema, rr->stream->mem); + } + if (backend_syntax) + { + oident *oident_syntax = oid_getentbyoid(backend_syntax); + + rr->request_format_raw = backend_syntax; + + if (oident_syntax) + rr->request_format = oident_syntax->value; + else + rr->request_format = VAL_NONE; + } + } + (*assoc->init->bend_fetch)(assoc->backend, rr); + if (rc && rr->record && rr->errcode == 0 && rr->len > 0) + { /* post conversion must take place .. */ + WRBUF output_record = wrbuf_alloc(); + int r = yaz_record_conv_record(rc, rr->record, rr->len, output_record); + if (r) + { + const char *details = yaz_record_conv_get_error(rc); + rr->errcode = YAZ_BIB1_SYSTEM_ERROR_IN_PRESENTING_RECORDS; + if (details) + rr->errstring = odr_strdup(rr->stream, details); + } + else + { + rr->len = wrbuf_len(output_record); + rr->record = odr_malloc(rr->stream, rr->len); + memcpy(rr->record, wrbuf_buf(output_record), rr->len); + } + wrbuf_free(output_record, 1); + } + if (match_syntax) + { + struct oident *oi = oid_getentbyoid(match_syntax); + rr->output_format = oi ? oi->value : VAL_NONE; + rr->output_format_raw = match_syntax; + } + if (match_schema) + rr->schema = odr_strdup(rr->stream, match_schema); + return 0; +#else + (*assoc->init->bend_fetch)(assoc->backend, rr); +#endif +} + static int srw_bend_fetch(association *assoc, int pos, Z_SRW_searchRetrieveRequest *srw_req, Z_SRW_record *record) @@ -589,7 +742,7 @@ static int srw_bend_fetch(association *assoc, int pos, if (!assoc->init->bend_fetch) return 1; - (*assoc->init->bend_fetch)(assoc->backend, &rr); + retrieve_fetch(assoc, &rr); if (rr.errcode && rr.surrogate_flag) { @@ -640,7 +793,7 @@ static int cql2pqf(ODR odr, const char *cql, cql_transform_t ct, int r; int srw_errcode = 0; const char *add = 0; - char rpn_buf[512]; + char rpn_buf[5120]; r = cql_parser_string(cp, cql); if (r) @@ -706,16 +859,17 @@ static int cql2pqf_scan(ODR odr, const char *cql, cql_transform_t ct, } static void srw_bend_search(association *assoc, request *req, - Z_SRW_searchRetrieveRequest *srw_req, + Z_SRW_PDU *sr, Z_SRW_searchRetrieveResponse *srw_res, int *http_code) { int srw_error = 0; Z_External *ext; + Z_SRW_searchRetrieveRequest *srw_req = sr->u.request; *http_code = 200; yaz_log(log_requestdetail, "Got SRW SearchRetrieveRequest"); - srw_bend_init(assoc, &srw_res->diagnostics, &srw_res->num_diagnostics); + srw_bend_init(assoc, &srw_res->diagnostics, &srw_res->num_diagnostics, sr); if (srw_res->num_diagnostics == 0 && assoc->init) { bend_search_rr rr; @@ -732,10 +886,11 @@ static void srw_bend_search(association *assoc, request *req, if (srw_req->query_type == Z_SRW_query_type_cql) { - if (assoc->cql_transform) + if (assoc->server && assoc->server->cql_transform) { int srw_errcode = cql2pqf(assoc->encode, srw_req->query.cql, - assoc->cql_transform, rr.query); + assoc->server->cql_transform, + rr.query); if (srw_errcode) { yaz_add_srw_diagnostic(assoc->encode, @@ -773,8 +928,8 @@ static void srw_bend_search(association *assoc, request *req, const char *pqf_msg; size_t off; int code = yaz_pqf_error (pqf_parser, &pqf_msg, &off); - yaz_log(log_requestdetail, "Parse error %d %s near offset %d", - code, pqf_msg, off); + yaz_log(log_requestdetail, "Parse error %d %s near offset %ld", + code, pqf_msg, (long) off); srw_error = YAZ_SRW_QUERY_SYNTAX_ERROR; } @@ -974,13 +1129,14 @@ static char *srw_bend_explain_default(void *handle, bend_explain_rr *rr) } static void srw_bend_explain(association *assoc, request *req, - Z_SRW_explainRequest *srw_req, + Z_SRW_PDU *sr, Z_SRW_explainResponse *srw_res, int *http_code) { + Z_SRW_explainRequest *srw_req = sr->u.explain_request; yaz_log(log_requestdetail, "Got SRW ExplainRequest"); *http_code = 404; - srw_bend_init(assoc, &srw_res->diagnostics, &srw_res->num_diagnostics); + srw_bend_init(assoc, &srw_res->diagnostics, &srw_res->num_diagnostics, sr); if (assoc->init) { bend_explain_rr rr; @@ -990,7 +1146,10 @@ static void srw_bend_explain(association *assoc, request *req, rr.print = assoc->print; rr.explain_buf = 0; rr.database = srw_req->database; - rr.server_node_ptr = assoc->server_node_ptr; + if (assoc->server) + rr.server_node_ptr = assoc->server->server_node_ptr; + else + rr.server_node_ptr = 0; rr.schema = "http://explain.z3950.org/dtd/2.0/"; if (assoc->init->bend_explain) (*assoc->init->bend_explain)(assoc->backend, &rr); @@ -1018,14 +1177,15 @@ static void srw_bend_explain(association *assoc, request *req, } static void srw_bend_scan(association *assoc, request *req, - Z_SRW_scanRequest *srw_req, + Z_SRW_PDU *sr, Z_SRW_scanResponse *srw_res, int *http_code) { + Z_SRW_scanRequest *srw_req = sr->u.scan_request; yaz_log(log_requestdetail, "Got SRW ScanRequest"); *http_code = 200; - srw_bend_init(assoc, &srw_res->diagnostics, &srw_res->num_diagnostics); + srw_bend_init(assoc, &srw_res->diagnostics, &srw_res->num_diagnostics, sr); if (srw_res->num_diagnostics == 0 && assoc->init) { struct scan_entry *save_entries; @@ -1087,7 +1247,8 @@ static void srw_bend_scan(association *assoc, request *req, (*assoc->init->bend_scan))(assoc->backend, bsrr); } else if (srw_req->query_type == Z_SRW_query_type_cql - && assoc->init->bend_scan && assoc->cql_transform) + && assoc->init->bend_scan && assoc->server + && assoc->server->cql_transform) { int srw_error; bsrr->scanClause = 0; @@ -1095,7 +1256,7 @@ static void srw_bend_scan(association *assoc, request *req, bsrr->term = odr_malloc(assoc->decode, sizeof(*bsrr->term)); srw_error = cql2pqf_scan(assoc->encode, srw_req->scanClause.cql, - assoc->cql_transform, + assoc->server->cql_transform, bsrr->term); if (srw_error) yaz_add_srw_diagnostic(assoc->encode, &srw_res->diagnostics, @@ -1202,14 +1363,15 @@ static void srw_bend_scan(association *assoc, request *req, } static void srw_bend_update(association *assoc, request *req, - Z_SRW_updateRequest *srw_req, + Z_SRW_PDU *sr, Z_SRW_updateResponse *srw_res, int *http_code) { + Z_SRW_updateRequest *srw_req = sr->u.update_request; yaz_log(YLOG_DEBUG, "Got SRW UpdateRequest"); yaz_log(YLOG_DEBUG, "num_diag = %d", srw_res->num_diagnostics ); *http_code = 404; - srw_bend_init(assoc, &srw_res->diagnostics, &srw_res->num_diagnostics); + srw_bend_init(assoc, &srw_res->diagnostics, &srw_res->num_diagnostics, sr); if (assoc->init) { bend_update_rr rr; @@ -1383,6 +1545,32 @@ static void srw_bend_update(association *assoc, request *req, } } +/* check if path is OK (1); BAD (0) */ +static int check_path(const char *path) +{ + if (*path != '/') + return 0; + if (strstr(path, "..")) + return 0; + return 1; +} + +static char *read_file(const char *fname, ODR o, int *sz) +{ + char *buf; + FILE *inf = fopen(fname, "rb"); + if (!inf) + return 0; + + fseek(inf, 0L, SEEK_END); + *sz = ftell(inf); + rewind(inf); + buf = odr_malloc(o, *sz); + fread(buf, 1, *sz, inf); + fclose(inf); + return buf; +} + static void process_http_request(association *assoc, request *req) { Z_HTTP_Request *hreq = req->gdu_request->u.HTTP_Request; @@ -1394,7 +1582,7 @@ static void process_http_request(association *assoc, request *req) char *charset = 0; Z_HTTP_Response *hres = 0; int keepalive = 1; - char *stylesheet = 0; + const char *stylesheet = 0; /* for now .. set later */ Z_SRW_diagnostic *diagnostic = 0; int num_diagnostic = 0; const char *host = z_HTTP_header_lookup(hreq->headers, "Host"); @@ -1404,14 +1592,66 @@ static void process_http_request(association *assoc, request *req) p = z_get_HTTP_Response(o, 404); r = 1; } - if (r == 2 && !strcmp(hreq->path, "/test")) + if (r == 2 && assoc->server && assoc->server->docpath + && hreq->path[0] == '/' + && + /* check if path is a proper prefix of documentroot */ + strncmp(hreq->path+1, assoc->server->docpath, + strlen(assoc->server->docpath)) + == 0) { - p = z_get_HTTP_Response(o, 200); - hres = p->u.HTTP_Response; - hres->content_buf = "1234567890\n"; - hres->content_len = strlen(hres->content_buf); + if (!check_path(hreq->path)) + { + yaz_log(YLOG_LOG, "File %s access forbidden", hreq->path+1); + p = z_get_HTTP_Response(o, 404); + } + else + { + int content_size = 0; + char *content_buf = read_file(hreq->path+1, o, &content_size); + if (!content_buf) + { + yaz_log(YLOG_LOG, "File %s not found", hreq->path+1); + p = z_get_HTTP_Response(o, 404); + } + else + { + const char *ctype = 0; + yaz_mime_types types = yaz_mime_types_create(); + + yaz_mime_types_add(types, "xsl", "application/xml"); + yaz_mime_types_add(types, "xml", "application/xml"); + yaz_mime_types_add(types, "css", "text/css"); + yaz_mime_types_add(types, "html", "text/html"); + yaz_mime_types_add(types, "htm", "text/html"); + yaz_mime_types_add(types, "txt", "text/plain"); + yaz_mime_types_add(types, "js", "application/x-javascript"); + + yaz_mime_types_add(types, "gif", "image/gif"); + yaz_mime_types_add(types, "png", "image/png"); + yaz_mime_types_add(types, "jpg", "image/jpeg"); + yaz_mime_types_add(types, "jpeg", "image/jpeg"); + + ctype = yaz_mime_lookup_fname(types, hreq->path); + if (!ctype) + { + yaz_log(YLOG_LOG, "No mime type for %s", hreq->path+1); + p = z_get_HTTP_Response(o, 404); + } + else + { + p = z_get_HTTP_Response(o, 200); + hres = p->u.HTTP_Response; + hres->content_buf = content_buf; + hres->content_len = content_size; + z_HTTP_header_add(o, &hres->headers, "Content-Type", ctype); + } + yaz_mime_types_destroy(types); + } + } r = 1; } + if (r == 2) { r = yaz_srw_decode(hreq, &sr, &soap_package, assoc->decode, &charset); @@ -1439,7 +1679,7 @@ static void process_http_request(association *assoc, request *req) } else { - srw_bend_search(assoc, req, sr->u.request, res->u.response, + srw_bend_search(assoc, req, sr, res->u.response, &http_code); } if (http_code == 200) @@ -1454,7 +1694,7 @@ static void process_http_request(association *assoc, request *req) res->u.explain_response->diagnostics = diagnostic; res->u.explain_response->num_diagnostics = num_diagnostic; } - srw_bend_explain(assoc, req, sr->u.explain_request, + srw_bend_explain(assoc, req, sr, res->u.explain_response, &http_code); if (http_code == 200) soap_package->u.generic->p = res; @@ -1468,7 +1708,7 @@ static void process_http_request(association *assoc, request *req) res->u.scan_response->diagnostics = diagnostic; res->u.scan_response->num_diagnostics = num_diagnostic; } - srw_bend_scan(assoc, req, sr->u.scan_request, + srw_bend_scan(assoc, req, sr, res->u.scan_response, &http_code); if (http_code == 200) soap_package->u.generic->p = res; @@ -1483,7 +1723,7 @@ static void process_http_request(association *assoc, request *req) res->u.update_response->num_diagnostics = num_diagnostic; } yaz_log(YLOG_DEBUG, "num_diag = %d", res->u.update_response->num_diagnostics ); - srw_bend_update(assoc, req, sr->u.update_request, + srw_bend_update(assoc, req, sr, res->u.update_response, &http_code); if (http_code == 200) soap_package->u.generic->p = res; @@ -1513,6 +1753,14 @@ static void process_http_request(association *assoc, request *req) int ret; p = z_get_HTTP_Response(o, 200); hres = p->u.HTTP_Response; + + if (!stylesheet && assoc->server) + stylesheet = assoc->server->stylesheet; + + /* empty stylesheet means NO stylesheet */ + if (stylesheet && *stylesheet == '\0') + stylesheet = 0; + ret = z_soap_codec_enc_xsl(assoc->encode, &soap_package, &hres->content_buf, &hres->content_len, soap_handlers, charset, stylesheet); @@ -1987,7 +2235,7 @@ static Z_APDU *process_initRequest(association *assoc, request *reqb) assoc->init->implementation_name, odr_prepend(assoc->encode, "GFS", resp->implementationName)); - version = odr_strdup(assoc->encode, "$Revision: 1.68 $"); + version = odr_strdup(assoc->encode, "$Revision: 1.79 $"); if (strlen(version) > 10) /* check for unexpanded CVS strings */ version[strlen(version)-2] = '\0'; resp->implementationVersion = odr_prepend(assoc->encode, @@ -2151,7 +2399,8 @@ static Z_Records *pack_records(association *a, char *setname, int start, freq.print = a->print; freq.referenceId = referenceId; freq.schema = 0; - (*a->init->bend_fetch)(a->backend, &freq); + + retrieve_fetch(a, &freq); *next = freq.last_in_set ? 0 : recno + 1; @@ -2296,14 +2545,14 @@ static Z_APDU *process_searchRequest(association *assoc, request *reqb, bsrr->errstring = NULL; bsrr->search_info = NULL; - if (assoc->cql_transform && - req->query->which == Z_Query_type_104 && - req->query->u.type_104->which == Z_External_CQL) + if (assoc->server && assoc->server->cql_transform + && req->query->which == Z_Query_type_104 + && req->query->u.type_104->which == Z_External_CQL) { /* have a CQL query and a CQL to PQF transform .. */ int srw_errcode = cql2pqf(bsrr->stream, req->query->u.type_104->u.cql, - assoc->cql_transform, bsrr->query); + assoc->server->cql_transform, bsrr->query); if (srw_errcode) bsrr->errcode = yaz_diag_srw_to_bib1(srw_errcode); }