1 /* This program is free software; you can redistribute it and/or modify 2 * it under the terms of the GNU General Public License as published by 3 * the Free Software Foundation; version 2 of the License. For a copy, 4 * see http://www.gnu.org/licenses/gpl-2.0.html. 5 * 6 * This program is distributed in the hope that it will be useful, 7 * but WITHOUT ANY WARRANTY; without even the implied warranty of 8 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 9 * GNU General Public License for more details. 10 */ 11 12 #ifndef _SESSION_H 13 #define _SESSION_H 14 15 #include "config.h" 16 #include <time.h> 17 #ifdef ENABLE_TLS 18 #include "tls.h" 19 #endif 20 #include "ip.h" 21 #include "liblist.h" 22 #include "serverconfig.h" 23 24 #define MAX_CHILD_ID 30000 25 #define OUTPUT_BUFFER_SIZE 2 * KILOBYTE 26 27 #define ec_NONE 0 28 #define ec_SOCKET_READ_ERROR -1 29 #define ec_SOCKET_WRITE_ERROR -2 30 #define ec_MAX_REQUESTSIZE -3 31 #define ec_TIMEOUT -4 32 #define ec_CLIENT_DISCONNECTED -5 33 #define ec_FORCE_QUIT -6 34 #define ec_SQL_INJECTION -7 35 #define ec_XSS -8 36 #define ec_CSRF -9 37 #define ec_INVALID_URL -10 38 39 typedef enum { no_cgi, binary, script, fastcgi } t_cgi_type; 40 typedef enum { unknown, GET, POST, HEAD, TRACE, PUT, DELETE, CONNECT, WHEN, unsupported } t_req_method; 41 typedef enum { missing_slash, require_tls, location, enforce_first_hostname } t_cause_of_30x; 42 43 typedef struct type_session { 44 t_config *config; 45 46 int error_cause; 47 time_t time; 48 int client_id; 49 int client_socket; 50 t_binding *binding; 51 bool socket_open; 52 bool via_trusted_proxy; 53 bool parsing_oke; 54 bool keep_alive; 55 int kept_alive; 56 t_cgi_type cgi_type; 57 char *cgi_handler; 58 t_fcgi_server *fcgi_server; 59 char *request, *method, *uri, *path_info, *vars, *http_version, *body, *file_on_disk; 60 long header_length, content_length, buffer_size, bytes_in_buffer; 61 t_req_method request_method; 62 char *extension; 63 char *request_uri; 64 int uri_len; 65 bool header_sent; 66 bool data_sent; 67 char *local_user; 68 bool force_quit; 69 bool uri_is_dir; 70 bool encode_gzip; 71 t_keyvalue *alias; 72 t_keyvalue *script_alias; 73 bool request_limit; 74 t_http_header *http_headers; 75 t_ip_addr ip_address; 76 char *mimetype; 77 char *hostname; 78 t_host *host; 79 t_host *last_host; 80 bool host_copied; 81 char *remote_user; 82 t_auth_method http_auth; 83 t_directory *directory; 84 bool handling_error; 85 char *reason_for_403; 86 char *cookies; 87 off_t bytes_sent; 88 int return_code; 89 int error_code; 90 bool log_request; 91 t_tempdata *tempdata; 92 char *uploaded_file; 93 char *location; 94 bool send_date; 95 bool send_expires; 96 int expires; 97 bool caco_private; 98 t_cause_of_30x cause_of_30x; 99 #ifdef ENABLE_TOOLKIT 100 char *toolkit_fastcgi; 101 #endif 102 #ifdef ENABLE_XSLT 103 char *xslt_file; 104 #endif 105 bool letsencrypt_auth_request; 106 107 /* Throttling: send_buffer() in send.c 108 */ 109 long throttle; 110 long bytecounter; 111 int throttle_timer; 112 bool part_of_dirspeed; 113 114 /* Flooding protection 115 */ 116 time_t flooding_timer; 117 118 /* TLS 119 */ 120 #ifdef ENABLE_TLS 121 TLS_context tls_context; 122 #endif 123 124 /* Output buffer 125 */ 126 char output_buffer[OUTPUT_BUFFER_SIZE]; 127 int output_size; 128 129 #ifdef ENABLE_DEBUG 130 int thread_id; 131 char *current_task; 132 #endif 133 134 #ifdef ENABLE_RPROXY 135 /* Reverse proxy keep-alive 136 */ 137 bool rproxy_kept_alive; 138 t_ip_addr rproxy_addr; 139 int rproxy_port; 140 int rproxy_socket; 141 #ifdef ENABLE_TLS 142 bool rproxy_use_tls; 143 TLS_context rproxy_tls; 144 #endif 145 #endif 146 147 #ifdef ENABLE_HTTP2 148 bool use_http2; 149 #endif 150 } t_session; 151 152 void init_session(t_session *session); 153 void reset_session(t_session *session); 154 void destroy_session(t_session *session); 155 156 void determine_request_method(t_session *session); 157 int get_target_extension(t_session *session); 158 159 int get_homedir(t_session *session, char *username); 160 bool duplicate_host(t_session *session); 161 int load_user_root_config(t_session *session); 162 int load_user_config(t_session *session); 163 int copy_directory_settings(t_session *session); 164 int remove_port_from_hostname(t_session *session); 165 int prevent_xss(t_session *session); 166 int init_sqli_detection(void); 167 int prevent_sqli(t_session *session); 168 int prevent_csrf(t_session *session); 169 void close_socket(t_session *session); 170 int handle_connection_not_allowed(t_session *session, int connections); 171 bool file_can_be_compressed(t_session *session); 172 #ifdef ENABLE_DEBUG 173 void printhex(char *str, int len); 174 #endif 175 176 #endif 177