• Skip to content
  • Skip to link menu
Trinity API Reference
  • Trinity API Reference
  • kioslave/http
 

kioslave/http

  • kioslave
  • http
http.cc
1 /*
2  Copyright (C) 2000-2003 Waldo Bastian <bastian@kde.org>
3  Copyright (C) 2000-2002 George Staikos <staikos@kde.org>
4  Copyright (C) 2000-2002 Dawit Alemayehu <adawit@kde.org>
5  Copyright (C) 2001,2002 Hamish Rodda <rodda@kde.org>
6 
7  This library is free software; you can redistribute it and/or
8  modify it under the terms of the GNU Library General Public
9  License (LGPL) as published by the Free Software Foundation;
10  either version 2 of the License, or (at your option) any later
11  version.
12 
13  This library is distributed in the hope that it will be useful,
14  but WITHOUT ANY WARRANTY; without even the implied warranty of
15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16  Library General Public License for more details.
17 
18  You should have received a copy of the GNU Library General Public License
19  along with this library; see the file COPYING.LIB. If not, write to
20  the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
21  Boston, MA 02110-1301, USA.
22 */
23 
24 #include <config.h>
25 
26 #include <errno.h>
27 #include <fcntl.h>
28 #include <utime.h>
29 #include <stdlib.h>
30 #include <signal.h>
31 #include <sys/stat.h>
32 #include <sys/socket.h>
33 #include <netinet/in.h> // Required for AIX
34 #include <netinet/tcp.h>
35 #include <unistd.h> // must be explicitly included for MacOSX
36 
37 /*
38 #include <netdb.h>
39 #include <sys/time.h>
40 #include <sys/wait.h>
41 */
42 
43 #include <tqdom.h>
44 #include <tqfile.h>
45 #include <tqregexp.h>
46 #include <tqdatetime.h>
47 #include <tqstringlist.h>
48 #include <tqurl.h>
49 
50 #include <kurl.h>
51 #include <kidna.h>
52 #include <ksocks.h>
53 #include <kdebug.h>
54 #include <klocale.h>
55 #include <kconfig.h>
56 #include <kextsock.h>
57 #include <kservice.h>
58 #include <krfcdate.h>
59 #include <kmdcodec.h>
60 #include <kinstance.h>
61 #include <kresolver.h>
62 #include <kmimemagic.h>
63 #include <dcopclient.h>
64 #include <kdatastream.h>
65 #include <kapplication.h>
66 #include <kstandarddirs.h>
67 #include <kstringhandler.h>
68 #include <kremoteencoding.h>
69 
70 #include "kio/ioslave_defaults.h"
71 #include "kio/http_slave_defaults.h"
72 
73 #include "httpfilter.h"
74 #include "http.h"
75 
76 #ifdef HAVE_LIBGSSAPI
77 #ifdef GSSAPI_MIT
78 #include <gssapi/gssapi.h>
79 #else
80 #include <gssapi.h>
81 #endif /* GSSAPI_MIT */
82 
83 // Catch uncompatible crap (BR86019)
84 #if defined(GSS_RFC_COMPLIANT_OIDS) && (GSS_RFC_COMPLIANT_OIDS == 0)
85 #include <gssapi/gssapi_generic.h>
86 #define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
87 #endif
88 
89 #endif /* HAVE_LIBGSSAPI */
90 
91 #include <misc/kntlm/kntlm.h>
92 
93 using namespace KIO;
94 
95 extern "C" {
96  KDE_EXPORT int kdemain(int argc, char **argv);
97 }
98 
99 int kdemain( int argc, char **argv )
100 {
101  KLocale::setMainCatalogue("kdelibs");
102  KInstance instance( "kio_http" );
103  ( void ) KGlobal::locale();
104 
105  if (argc != 4)
106  {
107  fprintf(stderr, "Usage: kio_http protocol domain-socket1 domain-socket2\n");
108  exit(-1);
109  }
110 
111  HTTPProtocol slave(argv[1], argv[2], argv[3]);
112  slave.dispatchLoop();
113  return 0;
114 }
115 
116 /*********************************** Generic utility functions ********************/
117 
118 static char * trimLead (char *orig_string)
119 {
120  while (*orig_string == ' ')
121  orig_string++;
122  return orig_string;
123 }
124 
125 static bool isCrossDomainRequest( const TQString& fqdn, const TQString& originURL )
126 {
127  if (originURL == "true") // Backwards compatibility
128  return true;
129 
130  KURL url ( originURL );
131 
132  // Document Origin domain
133  TQString a = url.host();
134 
135  // Current request domain
136  TQString b = fqdn;
137 
138  if (a == b)
139  return false;
140 
141  TQStringList l1 = TQStringList::split('.', a);
142  TQStringList l2 = TQStringList::split('.', b);
143 
144  while(l1.count() > l2.count())
145  l1.pop_front();
146 
147  while(l2.count() > l1.count())
148  l2.pop_front();
149 
150  while(l2.count() >= 2)
151  {
152  if (l1 == l2)
153  return false;
154 
155  l1.pop_front();
156  l2.pop_front();
157  }
158 
159  return true;
160 }
161 
162 /*
163  Eliminates any custom header that could potentically alter the request
164 */
165 static TQString sanitizeCustomHTTPHeader(const TQString& _header)
166 {
167  TQString sanitizedHeaders;
168  TQStringList headers = TQStringList::split(TQRegExp("[\r\n]"), _header);
169 
170  for(TQStringList::Iterator it = headers.begin(); it != headers.end(); ++it)
171  {
172  TQString header = (*it).lower();
173  // Do not allow Request line to be specified and ignore
174  // the other HTTP headers.
175  if (header.find(':') == -1 ||
176  header.startsWith("host") ||
177  header.startsWith("via"))
178  continue;
179 
180  sanitizedHeaders += (*it);
181  sanitizedHeaders += "\r\n";
182  }
183 
184  return sanitizedHeaders.stripWhiteSpace();
185 }
186 
187 static TQString htmlEscape(const TQString &plain)
188 {
189  TQString rich;
190  rich.reserve(uint(plain.length() * 1.1));
191  for (uint i = 0; i < plain.length(); ++i) {
192  if (plain.at(i) == '<') {
193  rich += "&lt;";
194  } else if (plain.at(i) == '>') {
195  rich += "&gt;";
196  } else if (plain.at(i) == '&') {
197  rich += "&amp;";
198  } else if (plain.at(i) == '"') {
199  rich += "&quot;";
200  } else {
201  rich += plain.at(i);
202  }
203  }
204  rich.squeeze();
205  return rich;
206 }
207 
208 
209 #define NO_SIZE ((KIO::filesize_t) -1)
210 
211 #ifdef HAVE_STRTOLL
212 #define STRTOLL strtoll
213 #else
214 #define STRTOLL strtol
215 #endif
216 
217 
218 /************************************** HTTPProtocol **********************************************/
219 
220 HTTPProtocol::HTTPProtocol( const TQCString &protocol, const TQCString &pool,
221  const TQCString &app )
222  :TCPSlaveBase( 0, protocol , pool, app,
223  (protocol == "https" || protocol == "webdavs") )
224 {
225  m_requestQueue.setAutoDelete(true);
226 
227  m_bBusy = false;
228  m_bFirstRequest = false;
229  m_bProxyAuthValid = false;
230 
231  m_iSize = NO_SIZE;
232  m_lineBufUnget = 0;
233 
234  m_protocol = protocol;
235 
236  m_maxCacheAge = DEFAULT_MAX_CACHE_AGE;
237  m_maxCacheSize = DEFAULT_MAX_CACHE_SIZE / 2;
238  m_remoteConnTimeout = DEFAULT_CONNECT_TIMEOUT;
239  m_remoteRespTimeout = DEFAULT_RESPONSE_TIMEOUT;
240  m_proxyConnTimeout = DEFAULT_PROXY_CONNECT_TIMEOUT;
241 
242  m_pid = getpid();
243 
244  setMultipleAuthCaching( true );
245  reparseConfiguration();
246 }
247 
248 HTTPProtocol::~HTTPProtocol()
249 {
250  httpClose(false);
251 }
252 
253 void HTTPProtocol::reparseConfiguration()
254 {
255  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::reparseConfiguration" << endl;
256 
257  m_strProxyRealm = TQString::null;
258  m_strProxyAuthorization = TQString::null;
259  ProxyAuthentication = AUTH_None;
260  m_bUseProxy = false;
261 
262  if (m_protocol == "https" || m_protocol == "webdavs")
263  m_iDefaultPort = DEFAULT_HTTPS_PORT;
264  else if (m_protocol == "ftp")
265  m_iDefaultPort = DEFAULT_FTP_PORT;
266  else
267  m_iDefaultPort = DEFAULT_HTTP_PORT;
268 }
269 
270 void HTTPProtocol::resetConnectionSettings()
271 {
272  m_bEOF = false;
273  m_bError = false;
274  m_lineCount = 0;
275  m_iWWWAuthCount = 0;
276  m_lineCountUnget = 0;
277  m_iProxyAuthCount = 0;
278 
279 }
280 
281 void HTTPProtocol::resetResponseSettings()
282 {
283  m_bRedirect = false;
284  m_redirectLocation = KURL();
285  m_bChunked = false;
286  m_iSize = NO_SIZE;
287 
288  m_responseHeader.clear();
289  m_qContentEncodings.clear();
290  m_qTransferEncodings.clear();
291  m_sContentMD5 = TQString::null;
292  m_strMimeType = TQString::null;
293 
294  setMetaData("request-id", m_request.id);
295 }
296 
297 void HTTPProtocol::resetSessionSettings()
298 {
299  // Do not reset the URL on redirection if the proxy
300  // URL, username or password has not changed!
301  KURL proxy ( config()->readEntry("UseProxy") );
302 
303  if ( m_strProxyRealm.isEmpty() || !proxy.isValid() ||
304  m_proxyURL.host() != proxy.host() ||
305  (!proxy.user().isNull() && proxy.user() != m_proxyURL.user()) ||
306  (!proxy.pass().isNull() && proxy.pass() != m_proxyURL.pass()) )
307  {
308  m_bProxyAuthValid = false;
309  m_proxyURL = proxy;
310  m_bUseProxy = m_proxyURL.isValid();
311 
312  kdDebug(7113) << "(" << m_pid << ") Using proxy: " << m_bUseProxy <<
313  " URL: " << m_proxyURL.url() <<
314  " Realm: " << m_strProxyRealm << endl;
315  }
316 
317  m_bPersistentProxyConnection = config()->readBoolEntry("PersistentProxyConnection", false);
318  kdDebug(7113) << "(" << m_pid << ") Enable Persistent Proxy Connection: "
319  << m_bPersistentProxyConnection << endl;
320 
321  m_request.bUseCookiejar = config()->readBoolEntry("Cookies");
322  m_request.bUseCache = config()->readBoolEntry("UseCache", true);
323  m_request.bErrorPage = config()->readBoolEntry("errorPage", true);
324  m_request.bNoAuth = config()->readBoolEntry("no-auth");
325  m_strCacheDir = config()->readPathEntry("CacheDir");
326  m_maxCacheAge = config()->readNumEntry("MaxCacheAge", DEFAULT_MAX_CACHE_AGE);
327  m_request.window = config()->readEntry("window-id");
328 
329  kdDebug(7113) << "(" << m_pid << ") Window Id = " << m_request.window << endl;
330  kdDebug(7113) << "(" << m_pid << ") ssl_was_in_use = "
331  << metaData ("ssl_was_in_use") << endl;
332 
333  m_request.referrer = TQString::null;
334  if ( config()->readBoolEntry("SendReferrer", true) &&
335  (m_protocol == "https" || m_protocol == "webdavs" ||
336  metaData ("ssl_was_in_use") != "TRUE" ) )
337  {
338  KURL referrerURL ( metaData("referrer") );
339  if (referrerURL.isValid())
340  {
341  // Sanitize
342  TQString protocol = referrerURL.protocol();
343  if (protocol.startsWith("webdav"))
344  {
345  protocol.replace(0, 6, "http");
346  referrerURL.setProtocol(protocol);
347  }
348 
349  if (protocol.startsWith("http"))
350  {
351  referrerURL.setRef(TQString::null);
352  referrerURL.setUser(TQString::null);
353  referrerURL.setPass(TQString::null);
354  m_request.referrer = referrerURL.url();
355  }
356  }
357  }
358 
359  if ( config()->readBoolEntry("SendLanguageSettings", true) )
360  {
361  m_request.charsets = config()->readEntry( "Charsets", "iso-8859-1" );
362 
363  if ( !m_request.charsets.isEmpty() )
364  m_request.charsets += DEFAULT_PARTIAL_CHARSET_HEADER;
365 
366  m_request.languages = config()->readEntry( "Languages", DEFAULT_LANGUAGE_HEADER );
367  }
368  else
369  {
370  m_request.charsets = TQString::null;
371  m_request.languages = TQString::null;
372  }
373 
374  // Adjust the offset value based on the "resume" meta-data.
375  TQString resumeOffset = metaData("resume");
376  if ( !resumeOffset.isEmpty() )
377  m_request.offset = resumeOffset.toInt(); // TODO: Convert to 64 bit
378  else
379  m_request.offset = 0;
380 
381  m_request.disablePassDlg = config()->readBoolEntry("DisablePassDlg", false);
382  m_request.allowCompressedPage = config()->readBoolEntry("AllowCompressedPage", true);
383  m_request.id = metaData("request-id");
384 
385  // Store user agent for this host.
386  if ( config()->readBoolEntry("SendUserAgent", true) )
387  m_request.userAgent = metaData("UserAgent");
388  else
389  m_request.userAgent = TQString::null;
390 
391  // Deal with cache cleaning.
392  // TODO: Find a smarter way to deal with cleaning the
393  // cache ?
394  if ( m_request.bUseCache )
395  cleanCache();
396 
397  // Deal with HTTP tunneling
398  if ( m_bIsSSL && m_bUseProxy && m_proxyURL.protocol() != "https" &&
399  m_proxyURL.protocol() != "webdavs")
400  {
401  m_bNeedTunnel = true;
402  setRealHost( m_request.hostname );
403  kdDebug(7113) << "(" << m_pid << ") SSL tunnel: Setting real hostname to: "
404  << m_request.hostname << endl;
405  }
406  else
407  {
408  m_bNeedTunnel = false;
409  setRealHost( TQString::null);
410  }
411 
412  m_responseCode = 0;
413  m_prevResponseCode = 0;
414 
415  m_strRealm = TQString::null;
416  m_strAuthorization = TQString::null;
417  Authentication = AUTH_None;
418 
419  // Obtain the proxy and remote server timeout values
420  m_proxyConnTimeout = proxyConnectTimeout();
421  m_remoteConnTimeout = connectTimeout();
422  m_remoteRespTimeout = responseTimeout();
423 
424  // Set the SSL meta-data here...
425  setSSLMetaData();
426 
427  // Bounce back the actual referrer sent
428  setMetaData("referrer", m_request.referrer);
429 
430  // Follow HTTP/1.1 spec and enable keep-alive by default
431  // unless the remote side tells us otherwise or we determine
432  // the persistent link has been terminated by the remote end.
433  m_bKeepAlive = true;
434  m_keepAliveTimeout = 0;
435  m_bUnauthorized = false;
436 
437  // A single request can require multiple exchanges with the remote
438  // server due to authentication challenges or SSL tunneling.
439  // m_bFirstRequest is a flag that indicates whether we are
440  // still processing the first request. This is important because we
441  // should not force a close of a keep-alive connection in the middle
442  // of the first request.
443  // m_bFirstRequest is set to "true" whenever a new connection is
444  // made in httpOpenConnection()
445  m_bFirstRequest = false;
446 }
447 
448 void HTTPProtocol::setHost( const TQString& host, int port,
449  const TQString& user, const TQString& pass )
450 {
451  // Reset the webdav-capable flags for this host
452  if ( m_request.hostname != host )
453  m_davHostOk = m_davHostUnsupported = false;
454 
455  // is it an IPv6 address?
456  if (host.find(':') == -1)
457  {
458  m_request.hostname = host;
459  m_request.encoded_hostname = KIDNA::toAscii(host);
460  }
461  else
462  {
463  m_request.hostname = host;
464  int pos = host.find('%');
465  if (pos == -1)
466  m_request.encoded_hostname = '[' + host + ']';
467  else
468  // don't send the scope-id in IPv6 addresses to the server
469  m_request.encoded_hostname = '[' + host.left(pos) + ']';
470  }
471  m_request.port = (port == 0) ? m_iDefaultPort : port;
472  m_request.user = user;
473  m_request.passwd = pass;
474 
475  m_bIsTunneled = false;
476 
477  kdDebug(7113) << "(" << m_pid << ") Hostname is now: " << m_request.hostname <<
478  " (" << m_request.encoded_hostname << ")" <<endl;
479 }
480 
481 bool HTTPProtocol::checkRequestURL( const KURL& u )
482 {
483  kdDebug (7113) << "(" << m_pid << ") HTTPProtocol::checkRequestURL: " << u.url() << endl;
484 
485  m_request.url = u;
486 
487  if (m_request.hostname.isEmpty())
488  {
489  error( KIO::ERR_UNKNOWN_HOST, i18n("No host specified."));
490  return false;
491  }
492 
493  if (u.path().isEmpty())
494  {
495  KURL newUrl(u);
496  newUrl.setPath("/");
497  redirection(newUrl);
498  finished();
499  return false;
500  }
501 
502  if ( m_protocol != u.protocol().latin1() )
503  {
504  short unsigned int oldDefaultPort = m_iDefaultPort;
505  m_protocol = u.protocol().latin1();
506  reparseConfiguration();
507  if ( m_iDefaultPort != oldDefaultPort &&
508  m_request.port == oldDefaultPort )
509  m_request.port = m_iDefaultPort;
510  }
511 
512  resetSessionSettings();
513  return true;
514 }
515 
516 void HTTPProtocol::retrieveContent( bool dataInternal /* = false */ )
517 {
518  kdDebug (7113) << "(" << m_pid << ") HTTPProtocol::retrieveContent " << endl;
519  if ( !retrieveHeader( false ) )
520  {
521  if ( m_bError )
522  return;
523  }
524  else
525  {
526  if ( !readBody( dataInternal ) && m_bError )
527  return;
528  }
529 
530  httpClose(m_bKeepAlive);
531 
532  // if data is required internally, don't finish,
533  // it is processed before we finish()
534  if ( !dataInternal )
535  {
536  if ((m_responseCode == 204) &&
537  ((m_request.method == HTTP_GET) || (m_request.method == HTTP_POST)))
538  error(ERR_NO_CONTENT, "");
539  else
540  finished();
541  }
542 }
543 
544 bool HTTPProtocol::retrieveHeader( bool close_connection )
545 {
546  kdDebug (7113) << "(" << m_pid << ") HTTPProtocol::retrieveHeader " << endl;
547  while ( 1 )
548  {
549  if (!httpOpen())
550  return false;
551 
552  resetResponseSettings();
553  if (!readHeader())
554  {
555  if ( m_bError )
556  return false;
557 
558  if (m_bIsTunneled)
559  {
560  kdDebug(7113) << "(" << m_pid << ") Re-establishing SSL tunnel..." << endl;
561  httpCloseConnection();
562  }
563  }
564  else
565  {
566  // Do not save authorization if the current response code is
567  // 4xx (client error) or 5xx (server error).
568  kdDebug(7113) << "(" << m_pid << ") Previous Response: "
569  << m_prevResponseCode << endl;
570  kdDebug(7113) << "(" << m_pid << ") Current Response: "
571  << m_responseCode << endl;
572 
573  if (isSSLTunnelEnabled() && m_bIsSSL && !m_bUnauthorized && !m_bError)
574  {
575  // If there is no error, disable tunneling
576  if ( m_responseCode < 400 )
577  {
578  kdDebug(7113) << "(" << m_pid << ") Unset tunneling flag!" << endl;
579  setEnableSSLTunnel( false );
580  m_bIsTunneled = true;
581  // Reset the CONNECT response code...
582  m_responseCode = m_prevResponseCode;
583  continue;
584  }
585  else
586  {
587  if ( !m_request.bErrorPage )
588  {
589  kdDebug(7113) << "(" << m_pid << ") Sending an error message!" << endl;
590  error( ERR_UNKNOWN_PROXY_HOST, m_proxyURL.host() );
591  return false;
592  }
593 
594  kdDebug(7113) << "(" << m_pid << ") Sending an error page!" << endl;
595  }
596  }
597 
598  if (m_responseCode < 400 && (m_prevResponseCode == 401 ||
599  m_prevResponseCode == 407))
600  saveAuthorization();
601  break;
602  }
603  }
604 
605  // Clear of the temporary POST buffer if it is not empty...
606  if (!m_bufPOST.isEmpty())
607  {
608  m_bufPOST.resize(0);
609  kdDebug(7113) << "(" << m_pid << ") HTTP::retreiveHeader: Cleared POST "
610  "buffer..." << endl;
611  }
612 
613  if ( close_connection )
614  {
615  httpClose(m_bKeepAlive);
616  finished();
617  }
618 
619  return true;
620 }
621 
622 void HTTPProtocol::stat(const KURL& url)
623 {
624  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::stat " << url.prettyURL()
625  << endl;
626 
627  if ( !checkRequestURL( url ) )
628  return;
629 
630  if ( m_protocol != "webdav" && m_protocol != "webdavs" )
631  {
632  TQString statSide = metaData(TQString::fromLatin1("statSide"));
633  if ( statSide != "source" )
634  {
635  // When uploading we assume the file doesn't exit
636  error( ERR_DOES_NOT_EXIST, url.prettyURL() );
637  return;
638  }
639 
640  // When downloading we assume it exists
641  UDSEntry entry;
642  UDSAtom atom;
643  atom.m_uds = KIO::UDS_NAME;
644  atom.m_str = url.fileName();
645  entry.append( atom );
646 
647  atom.m_uds = KIO::UDS_FILE_TYPE;
648  atom.m_long = S_IFREG; // a file
649  entry.append( atom );
650 
651  atom.m_uds = KIO::UDS_ACCESS;
652  atom.m_long = S_IRUSR | S_IRGRP | S_IROTH; // readable by everybody
653  entry.append( atom );
654 
655  statEntry( entry );
656  finished();
657  return;
658  }
659 
660  davStatList( url );
661 }
662 
663 void HTTPProtocol::listDir( const KURL& url )
664 {
665  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::listDir " << url.url()
666  << endl;
667 
668  if ( !checkRequestURL( url ) )
669  return;
670 
671  if (!url.protocol().startsWith("webdav")) {
672  error(ERR_UNSUPPORTED_ACTION, url.prettyURL());
673  return;
674  }
675 
676  davStatList( url, false );
677 }
678 
679 void HTTPProtocol::davSetRequest( const TQCString& requestXML )
680 {
681  // insert the document into the POST buffer, kill trailing zero byte
682  m_bufPOST = requestXML;
683 
684  if (m_bufPOST.size())
685  m_bufPOST.truncate( m_bufPOST.size() - 1 );
686 }
687 
688 void HTTPProtocol::davStatList( const KURL& url, bool stat )
689 {
690  UDSEntry entry;
691  UDSAtom atom;
692 
693  // check to make sure this host supports WebDAV
694  if ( !davHostOk() )
695  return;
696 
697  // Maybe it's a disguised SEARCH...
698  TQString query = metaData("davSearchQuery");
699  if ( !query.isEmpty() )
700  {
701  TQCString request = "<?xml version=\"1.0\"?>\r\n";
702  request.append( "<D:searchrequest xmlns:D=\"DAV:\">\r\n" );
703  request.append( query.utf8() );
704  request.append( "</D:searchrequest>\r\n" );
705 
706  davSetRequest( request );
707  } else {
708  // We are only after certain features...
709  TQCString request;
710  request = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>"
711  "<D:propfind xmlns:D=\"DAV:\">";
712 
713  // insert additional XML request from the davRequestResponse metadata
714  if ( hasMetaData( "davRequestResponse" ) )
715  request += metaData( "davRequestResponse" ).utf8();
716  else {
717  // No special request, ask for default properties
718  request += "<D:prop>"
719  "<D:creationdate/>"
720  "<D:getcontentlength/>"
721  "<D:displayname/>"
722  "<D:source/>"
723  "<D:getcontentlanguage/>"
724  "<D:getcontenttype/>"
725  "<D:executable/>"
726  "<D:getlastmodified/>"
727  "<D:getetag/>"
728  "<D:supportedlock/>"
729  "<D:lockdiscovery/>"
730  "<D:resourcetype/>"
731  "</D:prop>";
732  }
733  request += "</D:propfind>";
734 
735  davSetRequest( request );
736  }
737 
738  // WebDAV Stat or List...
739  m_request.method = query.isEmpty() ? DAV_PROPFIND : DAV_SEARCH;
740  m_request.query = TQString::null;
741  m_request.cache = CC_Reload;
742  m_request.doProxy = m_bUseProxy;
743  m_request.davData.depth = stat ? 0 : 1;
744  if (!stat)
745  m_request.url.adjustPath(+1);
746 
747  retrieveContent( true );
748 
749  // Has a redirection already been called? If so, we're done.
750  if (m_bRedirect) {
751  finished();
752  return;
753  }
754 
755  TQDomDocument multiResponse;
756  multiResponse.setContent( m_bufWebDavData, true );
757 
758  bool hasResponse = false;
759 
760  for ( TQDomNode n = multiResponse.documentElement().firstChild();
761  !n.isNull(); n = n.nextSibling())
762  {
763  TQDomElement thisResponse = n.toElement();
764  if (thisResponse.isNull())
765  continue;
766 
767  hasResponse = true;
768 
769  TQDomElement href = thisResponse.namedItem( "href" ).toElement();
770  if ( !href.isNull() )
771  {
772  entry.clear();
773 
774  TQString urlStr = href.text();
775 #if 0
776  int encoding = remoteEncoding()->encodingMib();
777  if ((encoding == 106) && (!KStringHandler::isUtf8(KURL::decode_string(urlStr, 4).latin1())))
778  encoding = 4; // Use latin1 if the file is not actually utf-8
779 #else
780  TQUrl::decode(urlStr);
781  int encoding = 106;
782 #endif
783 
784  KURL thisURL ( urlStr, encoding );
785 
786  atom.m_uds = KIO::UDS_NAME;
787 
788  if ( thisURL.isValid() ) {
789  // don't list the base dir of a listDir()
790  if ( !stat && thisURL.path(+1).length() == url.path(+1).length() )
791  continue;
792 
793  atom.m_str = thisURL.fileName();
794  } else {
795  // This is a relative URL.
796  atom.m_str = href.text();
797  }
798 
799  entry.append( atom );
800 
801  TQDomNodeList propstats = thisResponse.elementsByTagName( "propstat" );
802 
803  davParsePropstats( propstats, entry );
804 
805  if ( stat )
806  {
807  // return an item
808  statEntry( entry );
809  finished();
810  return;
811  }
812  else
813  {
814  listEntry( entry, false );
815  }
816  }
817  else
818  {
819  kdDebug(7113) << "Error: no URL contained in response to PROPFIND on "
820  << url.prettyURL() << endl;
821  }
822  }
823 
824  if ( stat || !hasResponse )
825  {
826  error( ERR_DOES_NOT_EXIST, url.prettyURL() );
827  }
828  else
829  {
830  listEntry( entry, true );
831  finished();
832  }
833 }
834 
835 void HTTPProtocol::davGeneric( const KURL& url, KIO::HTTP_METHOD method )
836 {
837  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::davGeneric " << url.url()
838  << endl;
839 
840  if ( !checkRequestURL( url ) )
841  return;
842 
843  // check to make sure this host supports WebDAV
844  if ( !davHostOk() )
845  return;
846 
847  // WebDAV method
848  m_request.method = method;
849  m_request.query = TQString::null;
850  m_request.cache = CC_Reload;
851  m_request.doProxy = m_bUseProxy;
852 
853  retrieveContent( false );
854 }
855 
856 int HTTPProtocol::codeFromResponse( const TQString& response )
857 {
858  int firstSpace = response.find( ' ' );
859  int secondSpace = response.find( ' ', firstSpace + 1 );
860  return response.mid( firstSpace + 1, secondSpace - firstSpace - 1 ).toInt();
861 }
862 
863 void HTTPProtocol::davParsePropstats( const TQDomNodeList& propstats, UDSEntry& entry )
864 {
865  TQString mimeType;
866  UDSAtom atom;
867  bool foundExecutable = false;
868  bool isDirectory = false;
869  uint lockCount = 0;
870  uint supportedLockCount = 0;
871 
872  for ( uint i = 0; i < propstats.count(); i++)
873  {
874  TQDomElement propstat = propstats.item(i).toElement();
875 
876  TQDomElement status = propstat.namedItem( "status" ).toElement();
877  if ( status.isNull() )
878  {
879  // error, no status code in this propstat
880  kdDebug(7113) << "Error, no status code in this propstat" << endl;
881  return;
882  }
883 
884  int code = codeFromResponse( status.text() );
885 
886  if ( code != 200 )
887  {
888  kdDebug(7113) << "Warning: status code " << code << " (this may mean that some properties are unavailable" << endl;
889  continue;
890  }
891 
892  TQDomElement prop = propstat.namedItem( "prop" ).toElement();
893  if ( prop.isNull() )
894  {
895  kdDebug(7113) << "Error: no prop segment in this propstat." << endl;
896  return;
897  }
898 
899  if ( hasMetaData( "davRequestResponse" ) )
900  {
901  atom.m_uds = KIO::UDS_XML_PROPERTIES;
902  TQDomDocument doc;
903  doc.appendChild(prop);
904  atom.m_str = doc.toString();
905  entry.append( atom );
906  }
907 
908  for ( TQDomNode n = prop.firstChild(); !n.isNull(); n = n.nextSibling() )
909  {
910  TQDomElement property = n.toElement();
911  if (property.isNull())
912  continue;
913 
914  if ( property.namespaceURI() != "DAV:" )
915  {
916  // break out - we're only interested in properties from the DAV namespace
917  continue;
918  }
919 
920  if ( property.tagName() == "creationdate" )
921  {
922  // Resource creation date. Should be is ISO 8601 format.
923  atom.m_uds = KIO::UDS_CREATION_TIME;
924  atom.m_long = parseDateTime( property.text(), property.attribute("dt") );
925  entry.append( atom );
926  }
927  else if ( property.tagName() == "getcontentlength" )
928  {
929  // Content length (file size)
930  atom.m_uds = KIO::UDS_SIZE;
931  atom.m_long = property.text().toULong();
932  entry.append( atom );
933  }
934  else if ( property.tagName() == "displayname" )
935  {
936  // Name suitable for presentation to the user
937  setMetaData( "davDisplayName", property.text() );
938  }
939  else if ( property.tagName() == "source" )
940  {
941  // Source template location
942  TQDomElement source = property.namedItem( "link" ).toElement()
943  .namedItem( "dst" ).toElement();
944  if ( !source.isNull() )
945  setMetaData( "davSource", source.text() );
946  }
947  else if ( property.tagName() == "getcontentlanguage" )
948  {
949  // equiv. to Content-Language header on a GET
950  setMetaData( "davContentLanguage", property.text() );
951  }
952  else if ( property.tagName() == "getcontenttype" )
953  {
954  // Content type (mime type)
955  // This may require adjustments for other server-side webdav implementations
956  // (tested with Apache + mod_dav 1.0.3)
957  if ( property.text() == "httpd/unix-directory" )
958  {
959  isDirectory = true;
960  }
961  else
962  {
963  mimeType = property.text();
964  }
965  }
966  else if ( property.tagName() == "executable" )
967  {
968  // File executable status
969  if ( property.text() == "T" )
970  foundExecutable = true;
971 
972  }
973  else if ( property.tagName() == "getlastmodified" )
974  {
975  // Last modification date
976  atom.m_uds = KIO::UDS_MODIFICATION_TIME;
977  atom.m_long = parseDateTime( property.text(), property.attribute("dt") );
978  entry.append( atom );
979 
980  }
981  else if ( property.tagName() == "getetag" )
982  {
983  // Entity tag
984  setMetaData( "davEntityTag", property.text() );
985  }
986  else if ( property.tagName() == "supportedlock" )
987  {
988  // Supported locking specifications
989  for ( TQDomNode n2 = property.firstChild(); !n2.isNull(); n2 = n2.nextSibling() )
990  {
991  TQDomElement lockEntry = n2.toElement();
992  if ( lockEntry.tagName() == "lockentry" )
993  {
994  TQDomElement lockScope = lockEntry.namedItem( "lockscope" ).toElement();
995  TQDomElement lockType = lockEntry.namedItem( "locktype" ).toElement();
996  if ( !lockScope.isNull() && !lockType.isNull() )
997  {
998  // Lock type was properly specified
999  supportedLockCount++;
1000  TQString scope = lockScope.firstChild().toElement().tagName();
1001  TQString type = lockType.firstChild().toElement().tagName();
1002 
1003  setMetaData( TQString("davSupportedLockScope%1").arg(supportedLockCount), scope );
1004  setMetaData( TQString("davSupportedLockType%1").arg(supportedLockCount), type );
1005  }
1006  }
1007  }
1008  }
1009  else if ( property.tagName() == "lockdiscovery" )
1010  {
1011  // Lists the available locks
1012  davParseActiveLocks( property.elementsByTagName( "activelock" ), lockCount );
1013  }
1014  else if ( property.tagName() == "resourcetype" )
1015  {
1016  // Resource type. "Specifies the nature of the resource."
1017  if ( !property.namedItem( "collection" ).toElement().isNull() )
1018  {
1019  // This is a collection (directory)
1020  isDirectory = true;
1021  }
1022  }
1023  else
1024  {
1025  kdDebug(7113) << "Found unknown webdav property: " << property.tagName() << endl;
1026  }
1027  }
1028  }
1029 
1030  setMetaData( "davLockCount", TQString("%1").arg(lockCount) );
1031  setMetaData( "davSupportedLockCount", TQString("%1").arg(supportedLockCount) );
1032 
1033  atom.m_uds = KIO::UDS_FILE_TYPE;
1034  atom.m_long = isDirectory ? S_IFDIR : S_IFREG;
1035  entry.append( atom );
1036 
1037  if ( foundExecutable || isDirectory )
1038  {
1039  // File was executable, or is a directory.
1040  atom.m_uds = KIO::UDS_ACCESS;
1041  atom.m_long = 0700;
1042  entry.append(atom);
1043  }
1044  else
1045  {
1046  atom.m_uds = KIO::UDS_ACCESS;
1047  atom.m_long = 0600;
1048  entry.append(atom);
1049  }
1050 
1051  if ( !isDirectory && !mimeType.isEmpty() )
1052  {
1053  atom.m_uds = KIO::UDS_MIME_TYPE;
1054  atom.m_str = mimeType;
1055  entry.append( atom );
1056  }
1057 }
1058 
1059 void HTTPProtocol::davParseActiveLocks( const TQDomNodeList& activeLocks,
1060  uint& lockCount )
1061 {
1062  for ( uint i = 0; i < activeLocks.count(); i++ )
1063  {
1064  TQDomElement activeLock = activeLocks.item(i).toElement();
1065 
1066  lockCount++;
1067  // required
1068  TQDomElement lockScope = activeLock.namedItem( "lockscope" ).toElement();
1069  TQDomElement lockType = activeLock.namedItem( "locktype" ).toElement();
1070  TQDomElement lockDepth = activeLock.namedItem( "depth" ).toElement();
1071  // optional
1072  TQDomElement lockOwner = activeLock.namedItem( "owner" ).toElement();
1073  TQDomElement lockTimeout = activeLock.namedItem( "timeout" ).toElement();
1074  TQDomElement lockToken = activeLock.namedItem( "locktoken" ).toElement();
1075 
1076  if ( !lockScope.isNull() && !lockType.isNull() && !lockDepth.isNull() )
1077  {
1078  // lock was properly specified
1079  lockCount++;
1080  TQString scope = lockScope.firstChild().toElement().tagName();
1081  TQString type = lockType.firstChild().toElement().tagName();
1082  TQString depth = lockDepth.text();
1083 
1084  setMetaData( TQString("davLockScope%1").arg( lockCount ), scope );
1085  setMetaData( TQString("davLockType%1").arg( lockCount ), type );
1086  setMetaData( TQString("davLockDepth%1").arg( lockCount ), depth );
1087 
1088  if ( !lockOwner.isNull() )
1089  setMetaData( TQString("davLockOwner%1").arg( lockCount ), lockOwner.text() );
1090 
1091  if ( !lockTimeout.isNull() )
1092  setMetaData( TQString("davLockTimeout%1").arg( lockCount ), lockTimeout.text() );
1093 
1094  if ( !lockToken.isNull() )
1095  {
1096  TQDomElement tokenVal = lockScope.namedItem( "href" ).toElement();
1097  if ( !tokenVal.isNull() )
1098  setMetaData( TQString("davLockToken%1").arg( lockCount ), tokenVal.text() );
1099  }
1100  }
1101  }
1102 }
1103 
1104 long HTTPProtocol::parseDateTime( const TQString& input, const TQString& type )
1105 {
1106  if ( type == "dateTime.tz" )
1107  {
1108  return KRFCDate::parseDateISO8601( input );
1109  }
1110  else if ( type == "dateTime.rfc1123" )
1111  {
1112  return KRFCDate::parseDate( input );
1113  }
1114 
1115  // format not advertised... try to parse anyway
1116  time_t time = KRFCDate::parseDate( input );
1117  if ( time != 0 )
1118  return time;
1119 
1120  return KRFCDate::parseDateISO8601( input );
1121 }
1122 
1123 TQString HTTPProtocol::davProcessLocks()
1124 {
1125  if ( hasMetaData( "davLockCount" ) )
1126  {
1127  TQString response("If:");
1128  int numLocks;
1129  numLocks = metaData( "davLockCount" ).toInt();
1130  bool bracketsOpen = false;
1131  for ( int i = 0; i < numLocks; i++ )
1132  {
1133  if ( hasMetaData( TQString("davLockToken%1").arg(i) ) )
1134  {
1135  if ( hasMetaData( TQString("davLockURL%1").arg(i) ) )
1136  {
1137  if ( bracketsOpen )
1138  {
1139  response += ")";
1140  bracketsOpen = false;
1141  }
1142  response += " <" + metaData( TQString("davLockURL%1").arg(i) ) + ">";
1143  }
1144 
1145  if ( !bracketsOpen )
1146  {
1147  response += " (";
1148  bracketsOpen = true;
1149  }
1150  else
1151  {
1152  response += " ";
1153  }
1154 
1155  if ( hasMetaData( TQString("davLockNot%1").arg(i) ) )
1156  response += "Not ";
1157 
1158  response += "<" + metaData( TQString("davLockToken%1").arg(i) ) + ">";
1159  }
1160  }
1161 
1162  if ( bracketsOpen )
1163  response += ")";
1164 
1165  response += "\r\n";
1166  return response;
1167  }
1168 
1169  return TQString::null;
1170 }
1171 
1172 bool HTTPProtocol::davHostOk()
1173 {
1174  // FIXME needs to be reworked. Switched off for now.
1175  return true;
1176 
1177  // cached?
1178  if ( m_davHostOk )
1179  {
1180  kdDebug(7113) << "(" << m_pid << ") " << k_funcinfo << " true" << endl;
1181  return true;
1182  }
1183  else if ( m_davHostUnsupported )
1184  {
1185  kdDebug(7113) << "(" << m_pid << ") " << k_funcinfo << " false" << endl;
1186  davError( -2 );
1187  return false;
1188  }
1189 
1190  m_request.method = HTTP_OPTIONS;
1191 
1192  // query the server's capabilities generally, not for a specific URL
1193  m_request.path = "*";
1194  m_request.query = TQString::null;
1195  m_request.cache = CC_Reload;
1196  m_request.doProxy = m_bUseProxy;
1197 
1198  // clear davVersions variable, which holds the response to the DAV: header
1199  m_davCapabilities.clear();
1200 
1201  retrieveHeader(false);
1202 
1203  if (m_davCapabilities.count())
1204  {
1205  for (uint i = 0; i < m_davCapabilities.count(); i++)
1206  {
1207  bool ok;
1208  uint verNo = m_davCapabilities[i].toUInt(&ok);
1209  if (ok && verNo > 0 && verNo < 3)
1210  {
1211  m_davHostOk = true;
1212  kdDebug(7113) << "Server supports DAV version " << verNo << "." << endl;
1213  }
1214  }
1215 
1216  if ( m_davHostOk )
1217  return true;
1218  }
1219 
1220  m_davHostUnsupported = true;
1221  davError( -2 );
1222  return false;
1223 }
1224 
1225 // This function is for closing retrieveHeader( false ); requests
1226 // Required because there may or may not be further info expected
1227 void HTTPProtocol::davFinished()
1228 {
1229  // TODO: Check with the DAV extension developers
1230  httpClose(m_bKeepAlive);
1231  finished();
1232 }
1233 
1234 void HTTPProtocol::mkdir( const KURL& url, int )
1235 {
1236  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::mkdir " << url.url()
1237  << endl;
1238 
1239  if ( !checkRequestURL( url ) )
1240  return;
1241 
1242  m_request.method = DAV_MKCOL;
1243  m_request.path = url.path();
1244  m_request.query = TQString::null;
1245  m_request.cache = CC_Reload;
1246  m_request.doProxy = m_bUseProxy;
1247 
1248  retrieveHeader( false );
1249 
1250  if ( m_responseCode == 201 )
1251  davFinished();
1252  else
1253  davError();
1254 }
1255 
1256 void HTTPProtocol::get( const KURL& url )
1257 {
1258  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::get " << url.url()
1259  << endl;
1260 
1261  if ( !checkRequestURL( url ) )
1262  return;
1263 
1264  m_request.method = HTTP_GET;
1265  m_request.path = url.path();
1266  m_request.query = url.query();
1267 
1268  TQString tmp = metaData("cache");
1269  if (!tmp.isEmpty())
1270  m_request.cache = parseCacheControl(tmp);
1271  else
1272  m_request.cache = DEFAULT_CACHE_CONTROL;
1273 
1274  m_request.passwd = url.pass();
1275  m_request.user = url.user();
1276  m_request.doProxy = m_bUseProxy;
1277 
1278  retrieveContent();
1279 }
1280 
1281 void HTTPProtocol::put( const KURL &url, int, bool overwrite, bool)
1282 {
1283  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::put " << url.prettyURL()
1284  << endl;
1285 
1286  if ( !checkRequestURL( url ) )
1287  return;
1288 
1289  // Webdav hosts are capable of observing overwrite == false
1290  if (!overwrite && m_protocol.left(6) == "webdav") {
1291  // check to make sure this host supports WebDAV
1292  if ( !davHostOk() )
1293  return;
1294 
1295  TQCString request;
1296  request = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>"
1297  "<D:propfind xmlns:D=\"DAV:\"><D:prop>"
1298  "<D:creationdate/>"
1299  "<D:getcontentlength/>"
1300  "<D:displayname/>"
1301  "<D:resourcetype/>"
1302  "</D:prop></D:propfind>";
1303 
1304  davSetRequest( request );
1305 
1306  // WebDAV Stat or List...
1307  m_request.method = DAV_PROPFIND;
1308  m_request.query = TQString::null;
1309  m_request.cache = CC_Reload;
1310  m_request.doProxy = m_bUseProxy;
1311  m_request.davData.depth = 0;
1312 
1313  retrieveContent(true);
1314 
1315  if (m_responseCode == 207) {
1316  error(ERR_FILE_ALREADY_EXIST, TQString::null);
1317  return;
1318  }
1319 
1320  m_bError = false;
1321  }
1322 
1323  m_request.method = HTTP_PUT;
1324  m_request.path = url.path();
1325  m_request.query = TQString::null;
1326  m_request.cache = CC_Reload;
1327  m_request.doProxy = m_bUseProxy;
1328 
1329  retrieveHeader( false );
1330 
1331  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::put error = " << m_bError << endl;
1332  if (m_bError)
1333  return;
1334 
1335  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::put responseCode = " << m_responseCode << endl;
1336 
1337  httpClose(false); // Always close connection.
1338 
1339  if ( (m_responseCode >= 200) && (m_responseCode < 300) )
1340  finished();
1341  else
1342  httpError();
1343 }
1344 
1345 void HTTPProtocol::copy( const KURL& src, const KURL& dest, int, bool overwrite )
1346 {
1347  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::copy " << src.prettyURL()
1348  << " -> " << dest.prettyURL() << endl;
1349 
1350  if ( !checkRequestURL( dest ) || !checkRequestURL( src ) )
1351  return;
1352 
1353  // destination has to be "http(s)://..."
1354  KURL newDest = dest;
1355  if (newDest.protocol() == "webdavs")
1356  newDest.setProtocol("https");
1357  else
1358  newDest.setProtocol("http");
1359 
1360  m_request.method = DAV_COPY;
1361  m_request.path = src.path();
1362  m_request.davData.desturl = newDest.url();
1363  m_request.davData.overwrite = overwrite;
1364  m_request.query = TQString::null;
1365  m_request.cache = CC_Reload;
1366  m_request.doProxy = m_bUseProxy;
1367 
1368  retrieveHeader( false );
1369 
1370  // The server returns a HTTP/1.1 201 Created or 204 No Content on successful completion
1371  if ( m_responseCode == 201 || m_responseCode == 204 )
1372  davFinished();
1373  else
1374  davError();
1375 }
1376 
1377 void HTTPProtocol::rename( const KURL& src, const KURL& dest, bool overwrite )
1378 {
1379  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::rename " << src.prettyURL()
1380  << " -> " << dest.prettyURL() << endl;
1381 
1382  if ( !checkRequestURL( dest ) || !checkRequestURL( src ) )
1383  return;
1384 
1385  // destination has to be "http://..."
1386  KURL newDest = dest;
1387  if (newDest.protocol() == "webdavs")
1388  newDest.setProtocol("https");
1389  else
1390  newDest.setProtocol("http");
1391 
1392  m_request.method = DAV_MOVE;
1393  m_request.path = src.path();
1394  m_request.davData.desturl = newDest.url();
1395  m_request.davData.overwrite = overwrite;
1396  m_request.query = TQString::null;
1397  m_request.cache = CC_Reload;
1398  m_request.doProxy = m_bUseProxy;
1399 
1400  retrieveHeader( false );
1401 
1402  if ( m_responseCode == 301 )
1403  {
1404  // Work around strict Apache-2 WebDAV implementation which refuses to cooperate
1405  // with webdav://host/directory, instead requiring webdav://host/directory/
1406  // (strangely enough it accepts Destination: without a trailing slash)
1407 
1408  if (m_redirectLocation.protocol() == "https")
1409  m_redirectLocation.setProtocol("webdavs");
1410  else
1411  m_redirectLocation.setProtocol("webdav");
1412 
1413  if ( !checkRequestURL( m_redirectLocation ) )
1414  return;
1415 
1416  m_request.method = DAV_MOVE;
1417  m_request.path = m_redirectLocation.path();
1418  m_request.davData.desturl = newDest.url();
1419  m_request.davData.overwrite = overwrite;
1420  m_request.query = TQString::null;
1421  m_request.cache = CC_Reload;
1422  m_request.doProxy = m_bUseProxy;
1423 
1424  retrieveHeader( false );
1425  }
1426 
1427  if ( m_responseCode == 201 )
1428  davFinished();
1429  else
1430  davError();
1431 }
1432 
1433 void HTTPProtocol::del( const KURL& url, bool )
1434 {
1435  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::del " << url.prettyURL()
1436  << endl;
1437 
1438  if ( !checkRequestURL( url ) )
1439  return;
1440 
1441  m_request.method = HTTP_DELETE;
1442  m_request.path = url.path();
1443  m_request.query = TQString::null;
1444  m_request.cache = CC_Reload;
1445  m_request.doProxy = m_bUseProxy;
1446 
1447  retrieveHeader( false );
1448 
1449  // The server returns a HTTP/1.1 200 Ok or HTTP/1.1 204 No Content
1450  // on successful completion
1451  if ( m_responseCode == 200 || m_responseCode == 204 )
1452  davFinished();
1453  else
1454  davError();
1455 }
1456 
1457 void HTTPProtocol::post( const KURL& url )
1458 {
1459  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::post "
1460  << url.prettyURL() << endl;
1461 
1462  if ( !checkRequestURL( url ) )
1463  return;
1464 
1465  m_request.method = HTTP_POST;
1466  m_request.path = url.path();
1467  m_request.query = url.query();
1468  m_request.cache = CC_Reload;
1469  m_request.doProxy = m_bUseProxy;
1470 
1471  retrieveContent();
1472 }
1473 
1474 void HTTPProtocol::davLock( const KURL& url, const TQString& scope,
1475  const TQString& type, const TQString& owner )
1476 {
1477  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::davLock "
1478  << url.prettyURL() << endl;
1479 
1480  if ( !checkRequestURL( url ) )
1481  return;
1482 
1483  m_request.method = DAV_LOCK;
1484  m_request.path = url.path();
1485  m_request.query = TQString::null;
1486  m_request.cache = CC_Reload;
1487  m_request.doProxy = m_bUseProxy;
1488 
1489  /* Create appropriate lock XML request. */
1490  TQDomDocument lockReq;
1491 
1492  TQDomElement lockInfo = lockReq.createElementNS( "DAV:", "lockinfo" );
1493  lockReq.appendChild( lockInfo );
1494 
1495  TQDomElement lockScope = lockReq.createElement( "lockscope" );
1496  lockInfo.appendChild( lockScope );
1497 
1498  lockScope.appendChild( lockReq.createElement( scope ) );
1499 
1500  TQDomElement lockType = lockReq.createElement( "locktype" );
1501  lockInfo.appendChild( lockType );
1502 
1503  lockType.appendChild( lockReq.createElement( type ) );
1504 
1505  if ( !owner.isNull() ) {
1506  TQDomElement ownerElement = lockReq.createElement( "owner" );
1507  lockReq.appendChild( ownerElement );
1508 
1509  TQDomElement ownerHref = lockReq.createElement( "href" );
1510  ownerElement.appendChild( ownerHref );
1511 
1512  ownerHref.appendChild( lockReq.createTextNode( owner ) );
1513  }
1514 
1515  // insert the document into the POST buffer
1516  m_bufPOST = lockReq.toCString();
1517 
1518  retrieveContent( true );
1519 
1520  if ( m_responseCode == 200 ) {
1521  // success
1522  TQDomDocument multiResponse;
1523  multiResponse.setContent( m_bufWebDavData, true );
1524 
1525  TQDomElement prop = multiResponse.documentElement().namedItem( "prop" ).toElement();
1526 
1527  TQDomElement lockdiscovery = prop.namedItem( "lockdiscovery" ).toElement();
1528 
1529  uint lockCount = 0;
1530  davParseActiveLocks( lockdiscovery.elementsByTagName( "activelock" ), lockCount );
1531 
1532  setMetaData( "davLockCount", TQString("%1").arg( lockCount ) );
1533 
1534  finished();
1535 
1536  } else
1537  davError();
1538 }
1539 
1540 void HTTPProtocol::davUnlock( const KURL& url )
1541 {
1542  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::davUnlock "
1543  << url.prettyURL() << endl;
1544 
1545  if ( !checkRequestURL( url ) )
1546  return;
1547 
1548  m_request.method = DAV_UNLOCK;
1549  m_request.path = url.path();
1550  m_request.query = TQString::null;
1551  m_request.cache = CC_Reload;
1552  m_request.doProxy = m_bUseProxy;
1553 
1554  retrieveContent( true );
1555 
1556  if ( m_responseCode == 200 )
1557  finished();
1558  else
1559  davError();
1560 }
1561 
1562 TQString HTTPProtocol::davError( int code /* = -1 */, TQString url )
1563 {
1564  bool callError = false;
1565  if ( code == -1 ) {
1566  code = m_responseCode;
1567  callError = true;
1568  }
1569  if ( code == -2 ) {
1570  callError = true;
1571  }
1572 
1573  if ( !url.isNull() )
1574  url = m_request.url.url();
1575 
1576  TQString action, errorString;
1577  KIO::Error kError;
1578 
1579  // for 412 Precondition Failed
1580  TQString ow = i18n( "Otherwise, the request would have succeeded." );
1581 
1582  switch ( m_request.method ) {
1583  case DAV_PROPFIND:
1584  action = i18n( "retrieve property values" );
1585  break;
1586  case DAV_PROPPATCH:
1587  action = i18n( "set property values" );
1588  break;
1589  case DAV_MKCOL:
1590  action = i18n( "create the requested folder" );
1591  break;
1592  case DAV_COPY:
1593  action = i18n( "copy the specified file or folder" );
1594  break;
1595  case DAV_MOVE:
1596  action = i18n( "move the specified file or folder" );
1597  break;
1598  case DAV_SEARCH:
1599  action = i18n( "search in the specified folder" );
1600  break;
1601  case DAV_LOCK:
1602  action = i18n( "lock the specified file or folder" );
1603  break;
1604  case DAV_UNLOCK:
1605  action = i18n( "unlock the specified file or folder" );
1606  break;
1607  case HTTP_DELETE:
1608  action = i18n( "delete the specified file or folder" );
1609  break;
1610  case HTTP_OPTIONS:
1611  action = i18n( "query the server's capabilities" );
1612  break;
1613  case HTTP_GET:
1614  action = i18n( "retrieve the contents of the specified file or folder" );
1615  break;
1616  case HTTP_PUT:
1617  case HTTP_POST:
1618  case HTTP_HEAD:
1619  default:
1620  // this should not happen, this function is for webdav errors only
1621  Q_ASSERT(0);
1622  }
1623 
1624  // default error message if the following code fails
1625  kError = ERR_INTERNAL;
1626  errorString = i18n("An unexpected error (%1) occurred while attempting to %2.")
1627  .arg( code ).arg( action );
1628 
1629  switch ( code )
1630  {
1631  case -2:
1632  // internal error: OPTIONS request did not specify DAV compliance
1633  kError = ERR_UNSUPPORTED_PROTOCOL;
1634  errorString = i18n("The server does not support the WebDAV protocol.");
1635  break;
1636  case 207:
1637  // 207 Multi-status
1638  {
1639  // our error info is in the returned XML document.
1640  // retrieve the XML document
1641 
1642  // there was an error retrieving the XML document.
1643  // ironic, eh?
1644  if ( !readBody( true ) && m_bError )
1645  return TQString::null;
1646 
1647  TQStringList errors;
1648  TQDomDocument multiResponse;
1649 
1650  multiResponse.setContent( m_bufWebDavData, true );
1651 
1652  TQDomElement multistatus = multiResponse.documentElement().namedItem( "multistatus" ).toElement();
1653 
1654  TQDomNodeList responses = multistatus.elementsByTagName( "response" );
1655 
1656  for (uint i = 0; i < responses.count(); i++)
1657  {
1658  int errCode;
1659  TQString errUrl;
1660 
1661  TQDomElement response = responses.item(i).toElement();
1662  TQDomElement code = response.namedItem( "status" ).toElement();
1663 
1664  if ( !code.isNull() )
1665  {
1666  errCode = codeFromResponse( code.text() );
1667  TQDomElement href = response.namedItem( "href" ).toElement();
1668  if ( !href.isNull() )
1669  errUrl = href.text();
1670  errors << davError( errCode, errUrl );
1671  }
1672  }
1673 
1674  //kError = ERR_SLAVE_DEFINED;
1675  errorString = i18n("An error occurred while attempting to %1, %2. A "
1676  "summary of the reasons is below.<ul>").arg( action ).arg( url );
1677 
1678  for ( TQStringList::Iterator it = errors.begin(); it != errors.end(); ++it )
1679  errorString += "<li>" + *it + "</li>";
1680 
1681  errorString += "</ul>";
1682  }
1683  case 403:
1684  case 500: // hack: Apache mod_dav returns this instead of 403 (!)
1685  // 403 Forbidden
1686  kError = ERR_ACCESS_DENIED;
1687  errorString = i18n("Access was denied while attempting to %1.").arg( action );
1688  break;
1689  case 405:
1690  // 405 Method Not Allowed
1691  if ( m_request.method == DAV_MKCOL )
1692  {
1693  kError = ERR_DIR_ALREADY_EXIST;
1694  errorString = i18n("The specified folder already exists.");
1695  }
1696  break;
1697  case 409:
1698  // 409 Conflict
1699  kError = ERR_ACCESS_DENIED;
1700  errorString = i18n("A resource cannot be created at the destination "
1701  "until one or more intermediate collections (folders) "
1702  "have been created.");
1703  break;
1704  case 412:
1705  // 412 Precondition failed
1706  if ( m_request.method == DAV_COPY || m_request.method == DAV_MOVE )
1707  {
1708  kError = ERR_ACCESS_DENIED;
1709  errorString = i18n("The server was unable to maintain the liveness of "
1710  "the properties listed in the propertybehavior XML "
1711  "element or you attempted to overwrite a file while "
1712  "requesting that files are not overwritten. %1")
1713  .arg( ow );
1714 
1715  }
1716  else if ( m_request.method == DAV_LOCK )
1717  {
1718  kError = ERR_ACCESS_DENIED;
1719  errorString = i18n("The requested lock could not be granted. %1").arg( ow );
1720  }
1721  break;
1722  case 415:
1723  // 415 Unsupported Media Type
1724  kError = ERR_ACCESS_DENIED;
1725  errorString = i18n("The server does not support the request type of the body.");
1726  break;
1727  case 423:
1728  // 423 Locked
1729  kError = ERR_ACCESS_DENIED;
1730  errorString = i18n("Unable to %1 because the resource is locked.").arg( action );
1731  break;
1732  case 425:
1733  // 424 Failed Dependency
1734  errorString = i18n("This action was prevented by another error.");
1735  break;
1736  case 502:
1737  // 502 Bad Gateway
1738  if ( m_request.method == DAV_COPY || m_request.method == DAV_MOVE )
1739  {
1740  kError = ERR_WRITE_ACCESS_DENIED;
1741  errorString = i18n("Unable to %1 because the destination server refuses "
1742  "to accept the file or folder.").arg( action );
1743  }
1744  break;
1745  case 507:
1746  // 507 Insufficient Storage
1747  kError = ERR_DISK_FULL;
1748  errorString = i18n("The destination resource does not have sufficient space "
1749  "to record the state of the resource after the execution "
1750  "of this method.");
1751  break;
1752  }
1753 
1754  // if ( kError != ERR_SLAVE_DEFINED )
1755  //errorString += " (" + url + ")";
1756 
1757  if ( callError )
1758  error( ERR_SLAVE_DEFINED, errorString );
1759 
1760  return errorString;
1761 }
1762 
1763 void HTTPProtocol::httpError()
1764 {
1765  TQString action, errorString;
1766  KIO::Error kError;
1767 
1768  switch ( m_request.method ) {
1769  case HTTP_PUT:
1770  action = i18n( "upload %1" ).arg(m_request.url.prettyURL());
1771  break;
1772  default:
1773  // this should not happen, this function is for http errors only
1774  Q_ASSERT(0);
1775  }
1776 
1777  // default error message if the following code fails
1778  kError = ERR_INTERNAL;
1779  errorString = i18n("An unexpected error (%1) occurred while attempting to %2.")
1780  .arg( m_responseCode ).arg( action );
1781 
1782  switch ( m_responseCode )
1783  {
1784  case 403:
1785  case 405:
1786  case 500: // hack: Apache mod_dav returns this instead of 403 (!)
1787  // 403 Forbidden
1788  // 405 Method Not Allowed
1789  kError = ERR_ACCESS_DENIED;
1790  errorString = i18n("Access was denied while attempting to %1.").arg( action );
1791  break;
1792  case 409:
1793  // 409 Conflict
1794  kError = ERR_ACCESS_DENIED;
1795  errorString = i18n("A resource cannot be created at the destination "
1796  "until one or more intermediate collections (folders) "
1797  "have been created.");
1798  break;
1799  case 423:
1800  // 423 Locked
1801  kError = ERR_ACCESS_DENIED;
1802  errorString = i18n("Unable to %1 because the resource is locked.").arg( action );
1803  break;
1804  case 502:
1805  // 502 Bad Gateway
1806  kError = ERR_WRITE_ACCESS_DENIED;
1807  errorString = i18n("Unable to %1 because the destination server refuses "
1808  "to accept the file or folder.").arg( action );
1809  break;
1810  case 507:
1811  // 507 Insufficient Storage
1812  kError = ERR_DISK_FULL;
1813  errorString = i18n("The destination resource does not have sufficient space "
1814  "to record the state of the resource after the execution "
1815  "of this method.");
1816  break;
1817  }
1818 
1819  // if ( kError != ERR_SLAVE_DEFINED )
1820  //errorString += " (" + url + ")";
1821 
1822  error( ERR_SLAVE_DEFINED, errorString );
1823 }
1824 
1825 bool HTTPProtocol::isOffline(const KURL &url)
1826 {
1827  const int NetWorkStatusUnknown = 1;
1828  const int NetWorkStatusOnline = 8;
1829  TQCString replyType;
1830  TQByteArray params;
1831  TQByteArray reply;
1832 
1833  TQDataStream stream(params, IO_WriteOnly);
1834 
1835  if ( url.host() == TQString::fromLatin1("localhost") || url.host() == TQString::fromLatin1("127.0.0.1") || url.host() == TQString::fromLatin1("::") ) {
1836  return false;
1837  }
1838  if ( dcopClient()->call( "kded", "networkstatus", "status()",
1839  params, replyType, reply ) && (replyType == "int") )
1840  {
1841  int result;
1842  TQDataStream stream2( reply, IO_ReadOnly );
1843  stream2 >> result;
1844  kdDebug(7113) << "(" << m_pid << ") networkstatus status = " << result << endl;
1845  return (result != NetWorkStatusUnknown) && (result != NetWorkStatusOnline);
1846  }
1847  kdDebug(7113) << "(" << m_pid << ") networkstatus <unreachable>" << endl;
1848  return false; // On error, assume we are online
1849 }
1850 
1851 void HTTPProtocol::multiGet(const TQByteArray &data)
1852 {
1853  TQDataStream stream(data, IO_ReadOnly);
1854  TQ_UINT32 n;
1855  stream >> n;
1856 
1857  kdDebug(7113) << "(" << m_pid << ") HTTPProtcool::multiGet n = " << n << endl;
1858 
1859  HTTPRequest saveRequest;
1860  if (m_bBusy)
1861  saveRequest = m_request;
1862 
1863 // m_requestQueue.clear();
1864  for(unsigned i = 0; i < n; i++)
1865  {
1866  KURL url;
1867  stream >> url >> mIncomingMetaData;
1868 
1869  if ( !checkRequestURL( url ) )
1870  continue;
1871 
1872  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::multi_get " << url.url() << endl;
1873 
1874  m_request.method = HTTP_GET;
1875  m_request.path = url.path();
1876  m_request.query = url.query();
1877  TQString tmp = metaData("cache");
1878  if (!tmp.isEmpty())
1879  m_request.cache = parseCacheControl(tmp);
1880  else
1881  m_request.cache = DEFAULT_CACHE_CONTROL;
1882 
1883  m_request.passwd = url.pass();
1884  m_request.user = url.user();
1885  m_request.doProxy = m_bUseProxy;
1886 
1887  HTTPRequest *newRequest = new HTTPRequest(m_request);
1888  m_requestQueue.append(newRequest);
1889  }
1890 
1891  if (m_bBusy)
1892  m_request = saveRequest;
1893 
1894  if (!m_bBusy)
1895  {
1896  m_bBusy = true;
1897  while(!m_requestQueue.isEmpty())
1898  {
1899  HTTPRequest *request = m_requestQueue.take(0);
1900  m_request = *request;
1901  delete request;
1902  retrieveContent();
1903  }
1904  m_bBusy = false;
1905  }
1906 }
1907 
1908 ssize_t HTTPProtocol::write (const void *_buf, size_t nbytes)
1909 {
1910  int bytes_sent = 0;
1911  const char* buf = static_cast<const char*>(_buf);
1912  while ( nbytes > 0 )
1913  {
1914  int n = TCPSlaveBase::write(buf, nbytes);
1915 
1916  if ( n <= 0 )
1917  {
1918  // remote side closed connection ?
1919  if ( n == 0 )
1920  break;
1921  // a valid exception(s) occurred, let's retry...
1922  if (n < 0 && ((errno == EINTR) || (errno == EAGAIN)))
1923  continue;
1924  // some other error occurred ?
1925  return -1;
1926  }
1927 
1928  nbytes -= n;
1929  buf += n;
1930  bytes_sent += n;
1931  }
1932 
1933  return bytes_sent;
1934 }
1935 
1936 void HTTPProtocol::setRewindMarker()
1937 {
1938  m_rewindCount = 0;
1939 }
1940 
1941 void HTTPProtocol::rewind()
1942 {
1943  m_linePtrUnget = m_rewindBuf,
1944  m_lineCountUnget = m_rewindCount;
1945  m_rewindCount = 0;
1946 }
1947 
1948 
1949 char *HTTPProtocol::gets (char *s, int size)
1950 {
1951  int len=0;
1952  char *buf=s;
1953  char mybuf[2]={0,0};
1954 
1955  while (len < size)
1956  {
1957  read(mybuf, 1);
1958  if (m_bEOF)
1959  break;
1960 
1961  if (m_rewindCount < sizeof(m_rewindBuf))
1962  m_rewindBuf[m_rewindCount++] = *mybuf;
1963 
1964  if (*mybuf == '\r') // Ignore!
1965  continue;
1966 
1967  if ((*mybuf == '\n') || !*mybuf)
1968  break;
1969 
1970  *buf++ = *mybuf;
1971  len++;
1972  }
1973 
1974  *buf=0;
1975  return s;
1976 }
1977 
1978 ssize_t HTTPProtocol::read (void *b, size_t nbytes)
1979 {
1980  ssize_t ret = 0;
1981 
1982  if (m_lineCountUnget > 0)
1983  {
1984  ret = ( nbytes < m_lineCountUnget ? nbytes : m_lineCountUnget );
1985  m_lineCountUnget -= ret;
1986  memcpy(b, m_linePtrUnget, ret);
1987  m_linePtrUnget += ret;
1988 
1989  return ret;
1990  }
1991 
1992  if (m_lineCount > 0)
1993  {
1994  ret = ( nbytes < m_lineCount ? nbytes : m_lineCount );
1995  m_lineCount -= ret;
1996  memcpy(b, m_linePtr, ret);
1997  m_linePtr += ret;
1998  return ret;
1999  }
2000 
2001  if (nbytes == 1)
2002  {
2003  ret = read(m_lineBuf, 1024); // Read into buffer
2004  m_linePtr = m_lineBuf;
2005  if (ret <= 0)
2006  {
2007  m_lineCount = 0;
2008  return ret;
2009  }
2010  m_lineCount = ret;
2011  return read(b, 1); // Read from buffer
2012  }
2013 
2014  do
2015  {
2016  ret = TCPSlaveBase::read( b, nbytes);
2017  if (ret == 0)
2018  m_bEOF = true;
2019 
2020  } while ((ret == -1) && (errno == EAGAIN || errno == EINTR));
2021 
2022  return ret;
2023 }
2024 
2025 void HTTPProtocol::httpCheckConnection()
2026 {
2027  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::httpCheckConnection: " <<
2028  " Socket status: " << m_iSock <<
2029  " Keep Alive: " << m_bKeepAlive <<
2030  " First: " << m_bFirstRequest << endl;
2031 
2032  if ( !m_bFirstRequest && (m_iSock != -1) )
2033  {
2034  bool closeDown = false;
2035  if ( !isConnectionValid())
2036  {
2037  kdDebug(7113) << "(" << m_pid << ") Connection lost!" << endl;
2038  closeDown = true;
2039  }
2040  else if ( m_request.method != HTTP_GET )
2041  {
2042  closeDown = true;
2043  }
2044  else if ( !m_state.doProxy && !m_request.doProxy )
2045  {
2046  if (m_state.hostname != m_request.hostname ||
2047  m_state.port != m_request.port ||
2048  m_state.user != m_request.user ||
2049  m_state.passwd != m_request.passwd)
2050  closeDown = true;
2051  }
2052  else
2053  {
2054  // Keep the connection to the proxy.
2055  if ( !(m_request.doProxy && m_state.doProxy) )
2056  closeDown = true;
2057  }
2058 
2059  if (closeDown)
2060  httpCloseConnection();
2061  }
2062 
2063  // Let's update our current state
2064  m_state.hostname = m_request.hostname;
2065  m_state.encoded_hostname = m_request.encoded_hostname;
2066  m_state.port = m_request.port;
2067  m_state.user = m_request.user;
2068  m_state.passwd = m_request.passwd;
2069  m_state.doProxy = m_request.doProxy;
2070 }
2071 
2072 bool HTTPProtocol::httpOpenConnection()
2073 {
2074  int errCode;
2075  TQString errMsg;
2076 
2077  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::httpOpenConnection" << endl;
2078 
2079  setBlockConnection( true );
2080  // kio_http uses its own proxying:
2081  KSocks::self()->disableSocks();
2082 
2083  if ( m_state.doProxy )
2084  {
2085  TQString proxy_host = m_proxyURL.host();
2086  int proxy_port = m_proxyURL.port();
2087 
2088  kdDebug(7113) << "(" << m_pid << ") Connecting to proxy server: "
2089  << proxy_host << ", port: " << proxy_port << endl;
2090 
2091  infoMessage( i18n("Connecting to %1...").arg(m_state.hostname) );
2092 
2093  setConnectTimeout( m_proxyConnTimeout );
2094 
2095  if ( !connectToHost(proxy_host, proxy_port, false) )
2096  {
2097  if (userAborted()) {
2098  error(ERR_NO_CONTENT, "");
2099  return false;
2100  }
2101 
2102  switch ( connectResult() )
2103  {
2104  case IO_LookupError:
2105  errMsg = proxy_host;
2106  errCode = ERR_UNKNOWN_PROXY_HOST;
2107  break;
2108  case IO_TimeOutError:
2109  errMsg = i18n("Proxy %1 at port %2").arg(proxy_host).arg(proxy_port);
2110  errCode = ERR_SERVER_TIMEOUT;
2111  break;
2112  default:
2113  errMsg = i18n("Proxy %1 at port %2").arg(proxy_host).arg(proxy_port);
2114  errCode = ERR_COULD_NOT_CONNECT;
2115  }
2116  error( errCode, errMsg );
2117  return false;
2118  }
2119  }
2120  else
2121  {
2122  // Apparently we don't want a proxy. let's just connect directly
2123  setConnectTimeout(m_remoteConnTimeout);
2124 
2125  if ( !connectToHost(m_state.hostname, m_state.port, false ) )
2126  {
2127  if (userAborted()) {
2128  error(ERR_NO_CONTENT, "");
2129  return false;
2130  }
2131 
2132  switch ( connectResult() )
2133  {
2134  case IO_LookupError:
2135  errMsg = m_state.hostname;
2136  errCode = ERR_UNKNOWN_HOST;
2137  break;
2138  case IO_TimeOutError:
2139  errMsg = i18n("Connection was to %1 at port %2").arg(m_state.hostname).arg(m_state.port);
2140  errCode = ERR_SERVER_TIMEOUT;
2141  break;
2142  default:
2143  errCode = ERR_COULD_NOT_CONNECT;
2144  if (m_state.port != m_iDefaultPort)
2145  errMsg = i18n("%1 (port %2)").arg(m_state.hostname).arg(m_state.port);
2146  else
2147  errMsg = m_state.hostname;
2148  }
2149  error( errCode, errMsg );
2150  return false;
2151  }
2152  }
2153 
2154  // Set our special socket option!!
2155  int on = 1;
2156  (void) setsockopt( m_iSock, IPPROTO_TCP, TCP_NODELAY, (char*)&on, sizeof(on) );
2157 
2158  m_bFirstRequest = true;
2159 
2160  connected();
2161  return true;
2162 }
2163 
2164 
2187 bool HTTPProtocol::httpOpen()
2188 {
2189  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::httpOpen" << endl;
2190 
2191  // Cannot have an https request without the m_bIsSSL being set! This can
2192  // only happen if TCPSlaveBase::InitializeSSL() function failed in which it
2193  // means the current installation does not support SSL...
2194  if ( (m_protocol == "https" || m_protocol == "webdavs") && !m_bIsSSL )
2195  {
2196  error( ERR_UNSUPPORTED_PROTOCOL, m_protocol );
2197  return false;
2198  }
2199 
2200  m_request.fcache = 0;
2201  m_request.bCachedRead = false;
2202  m_request.bCachedWrite = false;
2203  m_request.bMustRevalidate = false;
2204  m_request.expireDate = 0;
2205  m_request.creationDate = 0;
2206 
2207  if (m_request.bUseCache)
2208  {
2209  m_request.fcache = checkCacheEntry( );
2210 
2211  bool bCacheOnly = (m_request.cache == KIO::CC_CacheOnly);
2212  bool bOffline = isOffline(m_request.doProxy ? m_proxyURL : m_request.url);
2213  if (bOffline && (m_request.cache != KIO::CC_Reload))
2214  m_request.cache = KIO::CC_CacheOnly;
2215 
2216  if (m_request.cache == CC_Reload && m_request.fcache)
2217  {
2218  if (m_request.fcache)
2219  fclose(m_request.fcache);
2220  m_request.fcache = 0;
2221  }
2222  if ((m_request.cache == KIO::CC_CacheOnly) || (m_request.cache == KIO::CC_Cache))
2223  m_request.bMustRevalidate = false;
2224 
2225  m_request.bCachedWrite = true;
2226 
2227  if (m_request.fcache && !m_request.bMustRevalidate)
2228  {
2229  // Cache entry is OK.
2230  m_request.bCachedRead = true; // Cache hit.
2231  return true;
2232  }
2233  else if (!m_request.fcache)
2234  {
2235  m_request.bMustRevalidate = false; // Cache miss
2236  }
2237  else
2238  {
2239  // Conditional cache hit. (Validate)
2240  }
2241 
2242  if (bCacheOnly && bOffline)
2243  {
2244  error( ERR_OFFLINE_MODE, m_request.url.url() );
2245  return false;
2246  }
2247  if (bCacheOnly)
2248  {
2249  error( ERR_DOES_NOT_EXIST, m_request.url.url() );
2250  return false;
2251  }
2252  if (bOffline)
2253  {
2254  error( ERR_OFFLINE_MODE, m_request.url.url() );
2255  return false;
2256  }
2257  }
2258 
2259  TQString header;
2260  TQString davHeader;
2261 
2262  bool moreData = false;
2263  bool davData = false;
2264 
2265  // Clear out per-connection settings...
2266  resetConnectionSettings ();
2267 
2268  // Check the validity of the current connection, if one exists.
2269  httpCheckConnection();
2270 
2271  if ( !m_bIsTunneled && m_bNeedTunnel )
2272  {
2273  setEnableSSLTunnel( true );
2274  // We send a HTTP 1.0 header since some proxies refuse HTTP 1.1 and we don't
2275  // need any HTTP 1.1 capabilities for CONNECT - Waba
2276  header = TQString("CONNECT %1:%2 HTTP/1.0"
2277  "\r\n").arg( m_request.encoded_hostname).arg(m_request.port);
2278 
2279  // Identify who you are to the proxy server!
2280  if (!m_request.userAgent.isEmpty())
2281  header += "User-Agent: " + m_request.userAgent + "\r\n";
2282 
2283  /* Add hostname information */
2284  header += "Host: " + m_state.encoded_hostname;
2285 
2286  if (m_state.port != m_iDefaultPort)
2287  header += TQString(":%1").arg(m_state.port);
2288  header += "\r\n";
2289 
2290  header += proxyAuthenticationHeader();
2291  }
2292  else
2293  {
2294  // Determine if this is a POST or GET method
2295  switch (m_request.method)
2296  {
2297  case HTTP_GET:
2298  header = "GET ";
2299  break;
2300  case HTTP_PUT:
2301  header = "PUT ";
2302  moreData = true;
2303  m_request.bCachedWrite = false; // Do not put any result in the cache
2304  break;
2305  case HTTP_POST:
2306  header = "POST ";
2307  moreData = true;
2308  m_request.bCachedWrite = false; // Do not put any result in the cache
2309  break;
2310  case HTTP_HEAD:
2311  header = "HEAD ";
2312  break;
2313  case HTTP_DELETE:
2314  header = "DELETE ";
2315  m_request.bCachedWrite = false; // Do not put any result in the cache
2316  break;
2317  case HTTP_OPTIONS:
2318  header = "OPTIONS ";
2319  m_request.bCachedWrite = false; // Do not put any result in the cache
2320  break;
2321  case DAV_PROPFIND:
2322  header = "PROPFIND ";
2323  davData = true;
2324  davHeader = "Depth: ";
2325  if ( hasMetaData( "davDepth" ) )
2326  {
2327  kdDebug(7113) << "Reading DAV depth from metadata: " << metaData( "davDepth" ) << endl;
2328  davHeader += metaData( "davDepth" );
2329  }
2330  else
2331  {
2332  if ( m_request.davData.depth == 2 )
2333  davHeader += "infinity";
2334  else
2335  davHeader += TQString("%1").arg( m_request.davData.depth );
2336  }
2337  davHeader += "\r\n";
2338  m_request.bCachedWrite = false; // Do not put any result in the cache
2339  break;
2340  case DAV_PROPPATCH:
2341  header = "PROPPATCH ";
2342  davData = true;
2343  m_request.bCachedWrite = false; // Do not put any result in the cache
2344  break;
2345  case DAV_MKCOL:
2346  header = "MKCOL ";
2347  m_request.bCachedWrite = false; // Do not put any result in the cache
2348  break;
2349  case DAV_COPY:
2350  case DAV_MOVE:
2351  header = ( m_request.method == DAV_COPY ) ? "COPY " : "MOVE ";
2352  davHeader = "Destination: " + m_request.davData.desturl;
2353  // infinity depth means copy recursively
2354  // (optional for copy -> but is the desired action)
2355  davHeader += "\r\nDepth: infinity\r\nOverwrite: ";
2356  davHeader += m_request.davData.overwrite ? "T" : "F";
2357  davHeader += "\r\n";
2358  m_request.bCachedWrite = false; // Do not put any result in the cache
2359  break;
2360  case DAV_LOCK:
2361  header = "LOCK ";
2362  davHeader = "Timeout: ";
2363  {
2364  uint timeout = 0;
2365  if ( hasMetaData( "davTimeout" ) )
2366  timeout = metaData( "davTimeout" ).toUInt();
2367  if ( timeout == 0 )
2368  davHeader += "Infinite";
2369  else
2370  davHeader += TQString("Seconds-%1").arg(timeout);
2371  }
2372  davHeader += "\r\n";
2373  m_request.bCachedWrite = false; // Do not put any result in the cache
2374  davData = true;
2375  break;
2376  case DAV_UNLOCK:
2377  header = "UNLOCK ";
2378  davHeader = "Lock-token: " + metaData("davLockToken") + "\r\n";
2379  m_request.bCachedWrite = false; // Do not put any result in the cache
2380  break;
2381  case DAV_SEARCH:
2382  header = "SEARCH ";
2383  davData = true;
2384  m_request.bCachedWrite = false;
2385  break;
2386  case DAV_SUBSCRIBE:
2387  header = "SUBSCRIBE ";
2388  m_request.bCachedWrite = false;
2389  break;
2390  case DAV_UNSUBSCRIBE:
2391  header = "UNSUBSCRIBE ";
2392  m_request.bCachedWrite = false;
2393  break;
2394  case DAV_POLL:
2395  header = "POLL ";
2396  m_request.bCachedWrite = false;
2397  break;
2398  default:
2399  error (ERR_UNSUPPORTED_ACTION, TQString::null);
2400  return false;
2401  }
2402  // DAV_POLL; DAV_NOTIFY
2403 
2404  // format the URI
2405  if (m_state.doProxy && !m_bIsTunneled)
2406  {
2407  KURL u;
2408 
2409  if (m_protocol == "webdav")
2410  u.setProtocol( "http" );
2411  else if (m_protocol == "webdavs" )
2412  u.setProtocol( "https" );
2413  else
2414  u.setProtocol( m_protocol );
2415 
2416  // For all protocols other than the once handled by this io-slave
2417  // append the username. This fixes a long standing bug of ftp io-slave
2418  // logging in anonymously in proxied connections even when the username
2419  // is explicitly specified.
2420  if (m_protocol != "http" && m_protocol != "https" &&
2421  !m_state.user.isEmpty())
2422  u.setUser (m_state.user);
2423 
2424  u.setHost( m_state.hostname );
2425  if (m_state.port != m_iDefaultPort)
2426  u.setPort( m_state.port );
2427  u.setEncodedPathAndQuery( m_request.url.encodedPathAndQuery(0,true) );
2428  header += u.url();
2429  }
2430  else
2431  {
2432  header += m_request.url.encodedPathAndQuery(0, true);
2433  }
2434 
2435  header += " HTTP/1.1\r\n"; /* start header */
2436 
2437  if (!m_request.userAgent.isEmpty())
2438  {
2439  header += "User-Agent: ";
2440  header += m_request.userAgent;
2441  header += "\r\n";
2442  }
2443 
2444  if (!m_request.referrer.isEmpty())
2445  {
2446  header += "Referer: "; //Don't try to correct spelling!
2447  header += m_request.referrer;
2448  header += "\r\n";
2449  }
2450 
2451  if ( m_request.offset > 0 )
2452  {
2453  header += TQString("Range: bytes=%1-\r\n").arg(KIO::number(m_request.offset));
2454  kdDebug(7103) << "kio_http : Range = " << KIO::number(m_request.offset) << endl;
2455  }
2456 
2457  if ( m_request.cache == CC_Reload )
2458  {
2459  /* No caching for reload */
2460  header += "Pragma: no-cache\r\n"; /* for HTTP/1.0 caches */
2461  header += "Cache-control: no-cache\r\n"; /* for HTTP >=1.1 caches */
2462  }
2463 
2464  if (m_request.bMustRevalidate)
2465  {
2466  /* conditional get */
2467  if (!m_request.etag.isEmpty())
2468  header += "If-None-Match: "+m_request.etag+"\r\n";
2469  if (!m_request.lastModified.isEmpty())
2470  header += "If-Modified-Since: "+m_request.lastModified+"\r\n";
2471  }
2472 
2473  header += "Accept: ";
2474  TQString acceptHeader = metaData("accept");
2475  if (!acceptHeader.isEmpty())
2476  header += acceptHeader;
2477  else
2478  header += DEFAULT_ACCEPT_HEADER;
2479  header += "\r\n";
2480 
2481 #ifdef DO_GZIP
2482  if (m_request.allowCompressedPage)
2483  header += "Accept-Encoding: x-gzip, x-deflate, gzip, deflate\r\n";
2484 #endif
2485 
2486  if (!m_request.charsets.isEmpty())
2487  header += "Accept-Charset: " + m_request.charsets + "\r\n";
2488 
2489  if (!m_request.languages.isEmpty())
2490  header += "Accept-Language: " + m_request.languages + "\r\n";
2491 
2492 
2493  /* support for virtual hosts and required by HTTP 1.1 */
2494  header += "Host: " + m_state.encoded_hostname;
2495 
2496  if (m_state.port != m_iDefaultPort)
2497  header += TQString(":%1").arg(m_state.port);
2498  header += "\r\n";
2499 
2500  TQString cookieStr;
2501  TQString cookieMode = metaData("cookies").lower();
2502  if (cookieMode == "none")
2503  {
2504  m_request.cookieMode = HTTPRequest::CookiesNone;
2505  }
2506  else if (cookieMode == "manual")
2507  {
2508  m_request.cookieMode = HTTPRequest::CookiesManual;
2509  cookieStr = metaData("setcookies");
2510  }
2511  else
2512  {
2513  m_request.cookieMode = HTTPRequest::CookiesAuto;
2514  if (m_request.bUseCookiejar)
2515  cookieStr = findCookies( m_request.url.url());
2516  }
2517 
2518  if (!cookieStr.isEmpty())
2519  header += cookieStr + "\r\n";
2520 
2521  TQString customHeader = metaData( "customHTTPHeader" );
2522  if (!customHeader.isEmpty())
2523  {
2524  header += sanitizeCustomHTTPHeader(customHeader);
2525  header += "\r\n";
2526  }
2527 
2528  if (m_request.method == HTTP_POST)
2529  {
2530  header += metaData("content-type");
2531  header += "\r\n";
2532  }
2533 
2534  // Only check for a cached copy if the previous
2535  // response was NOT a 401 or 407.
2536  // no caching for Negotiate auth.
2537  if ( !m_request.bNoAuth && m_responseCode != 401 && m_responseCode != 407 && Authentication != AUTH_Negotiate )
2538  {
2539  kdDebug(7113) << "(" << m_pid << ") Calling checkCachedAuthentication " << endl;
2540  AuthInfo info;
2541  info.url = m_request.url;
2542  info.verifyPath = true;
2543  if ( !m_request.user.isEmpty() )
2544  info.username = m_request.user;
2545  if ( checkCachedAuthentication( info ) && !info.digestInfo.isEmpty() )
2546  {
2547  Authentication = info.digestInfo.startsWith("Basic") ? AUTH_Basic : info.digestInfo.startsWith("NTLM") ? AUTH_NTLM : info.digestInfo.startsWith("Negotiate") ? AUTH_Negotiate : AUTH_Digest ;
2548  m_state.user = info.username;
2549  m_state.passwd = info.password;
2550  m_strRealm = info.realmValue;
2551  if ( Authentication != AUTH_NTLM && Authentication != AUTH_Negotiate ) // don't use the cached challenge
2552  m_strAuthorization = info.digestInfo;
2553  }
2554  }
2555  else
2556  {
2557  kdDebug(7113) << "(" << m_pid << ") Not calling checkCachedAuthentication " << endl;
2558  }
2559 
2560  switch ( Authentication )
2561  {
2562  case AUTH_Basic:
2563  header += createBasicAuth();
2564  break;
2565  case AUTH_Digest:
2566  header += createDigestAuth();
2567  break;
2568 #ifdef HAVE_LIBGSSAPI
2569  case AUTH_Negotiate:
2570  header += createNegotiateAuth();
2571  break;
2572 #endif
2573  case AUTH_NTLM:
2574  header += createNTLMAuth();
2575  break;
2576  case AUTH_None:
2577  default:
2578  break;
2579  }
2580 
2581  /********* Only for debugging purpose *********/
2582  if ( Authentication != AUTH_None )
2583  {
2584  kdDebug(7113) << "(" << m_pid << ") Using Authentication: " << endl;
2585  kdDebug(7113) << "(" << m_pid << ") HOST= " << m_state.hostname << endl;
2586  kdDebug(7113) << "(" << m_pid << ") PORT= " << m_state.port << endl;
2587  kdDebug(7113) << "(" << m_pid << ") USER= " << m_state.user << endl;
2588  kdDebug(7113) << "(" << m_pid << ") PASSWORD= [protected]" << endl;
2589  kdDebug(7113) << "(" << m_pid << ") REALM= " << m_strRealm << endl;
2590  kdDebug(7113) << "(" << m_pid << ") EXTRA= " << m_strAuthorization << endl;
2591  }
2592 
2593  // Do we need to authorize to the proxy server ?
2594  if ( m_state.doProxy && !m_bIsTunneled )
2595  header += proxyAuthenticationHeader();
2596 
2597  // Support old HTTP/1.0 style keep-alive header for compatability
2598  // purposes as well as performance improvements while giving end
2599  // users the ability to disable this feature proxy servers that
2600  // don't not support such feature, e.g. junkbuster proxy server.
2601  if (!m_bUseProxy || m_bPersistentProxyConnection || m_bIsTunneled)
2602  header += "Connection: Keep-Alive\r\n";
2603  else
2604  header += "Connection: close\r\n";
2605 
2606  if ( m_protocol == "webdav" || m_protocol == "webdavs" )
2607  {
2608  header += davProcessLocks();
2609 
2610  // add extra webdav headers, if supplied
2611  TQString davExtraHeader = metaData("davHeader");
2612  if ( !davExtraHeader.isEmpty() )
2613  davHeader += davExtraHeader;
2614 
2615  // Set content type of webdav data
2616  if (davData)
2617  davHeader += "Content-Type: text/xml; charset=utf-8\r\n";
2618 
2619  // add extra header elements for WebDAV
2620  if ( !davHeader.isNull() )
2621  header += davHeader;
2622  }
2623  }
2624 
2625  kdDebug(7103) << "(" << m_pid << ") ============ Sending Header:" << endl;
2626 
2627  TQStringList headerOutput = TQStringList::split("\r\n", header);
2628  TQStringList::Iterator it = headerOutput.begin();
2629 
2630  for (; it != headerOutput.end(); it++)
2631  kdDebug(7103) << "(" << m_pid << ") " << (*it) << endl;
2632 
2633  if ( !moreData && !davData)
2634  header += "\r\n"; /* end header */
2635 
2636  // Now that we have our formatted header, let's send it!
2637  // Create a new connection to the remote machine if we do
2638  // not already have one...
2639  if ( m_iSock == -1)
2640  {
2641  if (!httpOpenConnection())
2642  return false;
2643  }
2644 
2645  // Send the data to the remote machine...
2646  bool sendOk = (write(header.latin1(), header.length()) == (ssize_t) header.length());
2647  if (!sendOk)
2648  {
2649  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::httpOpen: "
2650  "Connection broken! (" << m_state.hostname << ")" << endl;
2651 
2652  // With a Keep-Alive connection this can happen.
2653  // Just reestablish the connection.
2654  if (m_bKeepAlive)
2655  {
2656  httpCloseConnection();
2657  return true; // Try again
2658  }
2659 
2660  if (!sendOk)
2661  {
2662  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::httpOpen: sendOk==false."
2663  " Connnection broken !" << endl;
2664  error( ERR_CONNECTION_BROKEN, m_state.hostname );
2665  return false;
2666  }
2667  }
2668 
2669  bool res = true;
2670 
2671  if ( moreData || davData )
2672  res = sendBody();
2673 
2674  infoMessage(i18n("%1 contacted. Waiting for reply...").arg(m_request.hostname));
2675 
2676  return res;
2677 }
2678 
2679 void HTTPProtocol::forwardHttpResponseHeader()
2680 {
2681  // Send the response header if it was requested
2682  if ( config()->readBoolEntry("PropagateHttpHeader", false) )
2683  {
2684  setMetaData("HTTP-Headers", m_responseHeader.join("\n"));
2685  sendMetaData();
2686  }
2687  m_responseHeader.clear();
2688 }
2689 
2696 bool HTTPProtocol::readHeader()
2697 {
2698 try_again:
2699  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::readHeader" << endl;
2700 
2701  // Check
2702  if (m_request.bCachedRead)
2703  {
2704  m_responseHeader << "HTTP-CACHE";
2705  // Read header from cache...
2706  char buffer[4097];
2707  if (!fgets(buffer, 4096, m_request.fcache) )
2708  {
2709  // Error, delete cache entry
2710  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::readHeader: "
2711  << "Could not access cache to obtain mimetype!" << endl;
2712  error( ERR_CONNECTION_BROKEN, m_state.hostname );
2713  return false;
2714  }
2715 
2716  m_strMimeType = TQString(TQString::fromUtf8( buffer)).stripWhiteSpace();
2717 
2718  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::readHeader: cached "
2719  << "data mimetype: " << m_strMimeType << endl;
2720 
2721  if (!fgets(buffer, 4096, m_request.fcache) )
2722  {
2723  // Error, delete cache entry
2724  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::readHeader: "
2725  << "Could not access cached data! " << endl;
2726  error( ERR_CONNECTION_BROKEN, m_state.hostname );
2727  return false;
2728  }
2729 
2730  m_request.strCharset = TQString(TQString::fromUtf8( buffer)).stripWhiteSpace().lower();
2731  setMetaData("charset", m_request.strCharset);
2732  if (!m_request.lastModified.isEmpty())
2733  setMetaData("modified", m_request.lastModified);
2734  TQString tmp;
2735  tmp.setNum(m_request.expireDate);
2736  setMetaData("expire-date", tmp);
2737  tmp.setNum(m_request.creationDate);
2738  setMetaData("cache-creation-date", tmp);
2739  mimeType(m_strMimeType);
2740  forwardHttpResponseHeader();
2741  return true;
2742  }
2743 
2744  TQCString locationStr; // In case we get a redirect.
2745  TQCString cookieStr; // In case we get a cookie.
2746 
2747  TQString dispositionType; // In case we get a Content-Disposition type
2748  TQString dispositionFilename; // In case we get a Content-Disposition filename
2749 
2750  TQString mediaValue;
2751  TQString mediaAttribute;
2752 
2753  TQStringList upgradeOffers;
2754 
2755  bool upgradeRequired = false; // Server demands that we upgrade to something
2756  // This is also true if we ask to upgrade and
2757  // the server accepts, since we are now
2758  // committed to doing so
2759  bool canUpgrade = false; // The server offered an upgrade
2760 
2761 
2762  m_request.etag = TQString::null;
2763  m_request.lastModified = TQString::null;
2764  m_request.strCharset = TQString::null;
2765 
2766  time_t dateHeader = 0;
2767  time_t expireDate = 0; // 0 = no info, 1 = already expired, > 1 = actual date
2768  int currentAge = 0;
2769  int maxAge = -1; // -1 = no max age, 0 already expired, > 0 = actual time
2770  int maxHeaderSize = 64*1024; // 64Kb to catch DOS-attacks
2771 
2772  // read in 8192 bytes at a time (HTTP cookies can be quite large.)
2773  int len = 0;
2774  char buffer[8193];
2775  bool cont = false;
2776  bool cacheValidated = false; // Revalidation was successful
2777  bool mayCache = true;
2778  bool hasCacheDirective = false;
2779  bool bCanResume = false;
2780 
2781  if (m_iSock == -1)
2782  {
2783  kdDebug(7113) << "HTTPProtocol::readHeader: No connection." << endl;
2784  return false; // Restablish connection and try again
2785  }
2786 
2787  if (!waitForResponse(m_remoteRespTimeout))
2788  {
2789  // No response error
2790  error( ERR_SERVER_TIMEOUT , m_state.hostname );
2791  return false;
2792  }
2793 
2794  setRewindMarker();
2795 
2796  gets(buffer, sizeof(buffer)-1);
2797 
2798  if (m_bEOF || *buffer == '\0')
2799  {
2800  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::readHeader: "
2801  << "EOF while waiting for header start." << endl;
2802  if (m_bKeepAlive) // Try to reestablish connection.
2803  {
2804  httpCloseConnection();
2805  return false; // Reestablish connection and try again.
2806  }
2807 
2808  if (m_request.method == HTTP_HEAD)
2809  {
2810  // HACK
2811  // Some web-servers fail to respond properly to a HEAD request.
2812  // We compensate for their failure to properly implement the HTTP standard
2813  // by assuming that they will be sending html.
2814  kdDebug(7113) << "(" << m_pid << ") HTTPPreadHeader: HEAD -> returned "
2815  << "mimetype: " << DEFAULT_MIME_TYPE << endl;
2816  mimeType(TQString::fromLatin1(DEFAULT_MIME_TYPE));
2817  return true;
2818  }
2819 
2820  kdDebug(7113) << "HTTPProtocol::readHeader: Connection broken !" << endl;
2821  error( ERR_CONNECTION_BROKEN, m_state.hostname );
2822  return false;
2823  }
2824 
2825  kdDebug(7103) << "(" << m_pid << ") ============ Received Response:"<< endl;
2826 
2827  bool noHeader = true;
2828  HTTP_REV httpRev = HTTP_None;
2829  int headerSize = 0;
2830 
2831  do
2832  {
2833  // strip off \r and \n if we have them
2834  len = strlen(buffer);
2835 
2836  while(len && (buffer[len-1] == '\n' || buffer[len-1] == '\r'))
2837  buffer[--len] = 0;
2838 
2839  // if there was only a newline then continue
2840  if (!len)
2841  {
2842  kdDebug(7103) << "(" << m_pid << ") --empty--" << endl;
2843  continue;
2844  }
2845 
2846  headerSize += len;
2847 
2848  // We have a response header. This flag is a work around for
2849  // servers that append a "\r\n" before the beginning of the HEADER
2850  // response!!! It only catches x number of \r\n being placed at the
2851  // top of the reponse...
2852  noHeader = false;
2853 
2854  kdDebug(7103) << "(" << m_pid << ") \"" << buffer << "\"" << endl;
2855 
2856  // Save broken servers from damnation!!
2857  char* buf = buffer;
2858  while( *buf == ' ' )
2859  buf++;
2860 
2861 
2862  if (buf[0] == '<')
2863  {
2864  // We get XML / HTTP without a proper header
2865  // put string back
2866  kdDebug(7103) << "kio_http: No valid HTTP header found! Document starts with XML/HTML tag" << endl;
2867 
2868  // Document starts with a tag, assume html instead of text/plain
2869  m_strMimeType = "text/html";
2870 
2871  rewind();
2872  break;
2873  }
2874 
2875  // Store the the headers so they can be passed to the
2876  // calling application later
2877  m_responseHeader << TQString::fromLatin1(buf);
2878 
2879  if ((strncasecmp(buf, "HTTP/", 5) == 0) ||
2880  (strncasecmp(buf, "ICY ", 4) == 0)) // Shoutcast support
2881  {
2882  if (strncasecmp(buf, "ICY ", 4) == 0)
2883  {
2884  // Shoutcast support
2885  httpRev = SHOUTCAST;
2886  m_bKeepAlive = false;
2887  }
2888  else if (strncmp((buf + 5), "1.0",3) == 0)
2889  {
2890  httpRev = HTTP_10;
2891  // For 1.0 servers, the server itself has to explicitly
2892  // tell us whether it supports persistent connection or
2893  // not. By default, we assume it does not, but we do
2894  // send the old style header "Connection: Keep-Alive" to
2895  // inform it that we support persistence.
2896  m_bKeepAlive = false;
2897  }
2898  else if (strncmp((buf + 5), "1.1",3) == 0)
2899  {
2900  httpRev = HTTP_11;
2901  }
2902  else
2903  {
2904  httpRev = HTTP_Unknown;
2905  }
2906 
2907  if (m_responseCode)
2908  m_prevResponseCode = m_responseCode;
2909 
2910  const char* rptr = buf;
2911  while ( *rptr && *rptr > ' ' )
2912  ++rptr;
2913  m_responseCode = atoi(rptr);
2914 
2915  // server side errors
2916  if (m_responseCode >= 500 && m_responseCode <= 599)
2917  {
2918  if (m_request.method == HTTP_HEAD)
2919  {
2920  ; // Ignore error
2921  }
2922  else
2923  {
2924  if (m_request.bErrorPage)
2925  errorPage();
2926  else
2927  {
2928  error(ERR_INTERNAL_SERVER, m_request.url.url());
2929  return false;
2930  }
2931  }
2932  m_request.bCachedWrite = false; // Don't put in cache
2933  mayCache = false;
2934  }
2935  // Unauthorized access
2936  else if (m_responseCode == 401 || m_responseCode == 407)
2937  {
2938  // Double authorization requests, i.e. a proxy auth
2939  // request followed immediately by a regular auth request.
2940  if ( m_prevResponseCode != m_responseCode &&
2941  (m_prevResponseCode == 401 || m_prevResponseCode == 407) )
2942  saveAuthorization();
2943 
2944  m_bUnauthorized = true;
2945  m_request.bCachedWrite = false; // Don't put in cache
2946  mayCache = false;
2947  }
2948  //
2949  else if (m_responseCode == 416) // Range not supported
2950  {
2951  m_request.offset = 0;
2952  httpCloseConnection();
2953  return false; // Try again.
2954  }
2955  // Upgrade Required
2956  else if (m_responseCode == 426)
2957  {
2958  upgradeRequired = true;
2959  }
2960  // Any other client errors
2961  else if (m_responseCode >= 400 && m_responseCode <= 499)
2962  {
2963  // Tell that we will only get an error page here.
2964  if (m_request.bErrorPage)
2965  errorPage();
2966  else
2967  {
2968  error(ERR_DOES_NOT_EXIST, m_request.url.url());
2969  return false;
2970  }
2971  m_request.bCachedWrite = false; // Don't put in cache
2972  mayCache = false;
2973  }
2974  else if (m_responseCode == 307)
2975  {
2976  // 307 Temporary Redirect
2977  m_request.bCachedWrite = false; // Don't put in cache
2978  mayCache = false;
2979  }
2980  else if (m_responseCode == 304)
2981  {
2982  // 304 Not Modified
2983  // The value in our cache is still valid.
2984  cacheValidated = true;
2985  }
2986  else if (m_responseCode >= 301 && m_responseCode<= 303)
2987  {
2988  // 301 Moved permanently
2989  if (m_responseCode == 301)
2990  setMetaData("permanent-redirect", "true");
2991 
2992  // 302 Found (temporary location)
2993  // 303 See Other
2994  if (m_request.method != HTTP_HEAD && m_request.method != HTTP_GET)
2995  {
2996 #if 0
2997  // Reset the POST buffer to avoid a double submit
2998  // on redirection
2999  if (m_request.method == HTTP_POST)
3000  m_bufPOST.resize(0);
3001 #endif
3002 
3003  // NOTE: This is wrong according to RFC 2616. However,
3004  // because most other existing user agent implementations
3005  // treat a 301/302 response as a 303 response and preform
3006  // a GET action regardless of what the previous method was,
3007  // many servers have simply adapted to this way of doing
3008  // things!! Thus, we are forced to do the same thing or we
3009  // won't be able to retrieve these pages correctly!! See RFC
3010  // 2616 sections 10.3.[2/3/4/8]
3011  m_request.method = HTTP_GET; // Force a GET
3012  }
3013  m_request.bCachedWrite = false; // Don't put in cache
3014  mayCache = false;
3015  }
3016  else if ( m_responseCode == 207 ) // Multi-status (for WebDav)
3017  {
3018 
3019  }
3020  else if ( m_responseCode == 204 ) // No content
3021  {
3022  // error(ERR_NO_CONTENT, i18n("Data have been successfully sent."));
3023  // Short circuit and do nothing!
3024 
3025  // The original handling here was wrong, this is not an error: eg. in the
3026  // example of a 204 No Content response to a PUT completing.
3027  // m_bError = true;
3028  // return false;
3029  }
3030  else if ( m_responseCode == 206 )
3031  {
3032  if ( m_request.offset )
3033  bCanResume = true;
3034  }
3035  else if (m_responseCode == 102) // Processing (for WebDAV)
3036  {
3037  /***
3038  * This status code is given when the server expects the
3039  * command to take significant time to complete. So, inform
3040  * the user.
3041  */
3042  infoMessage( i18n( "Server processing request, please wait..." ) );
3043  cont = true;
3044  }
3045  else if (m_responseCode == 100)
3046  {
3047  // We got 'Continue' - ignore it
3048  cont = true;
3049  }
3050  }
3051 
3052  // are we allowd to resume? this will tell us
3053  else if (strncasecmp(buf, "Accept-Ranges:", 14) == 0) {
3054  if (strncasecmp(trimLead(buf + 14), "none", 4) == 0)
3055  bCanResume = false;
3056  }
3057  // Keep Alive
3058  else if (strncasecmp(buf, "Keep-Alive:", 11) == 0) {
3059  TQStringList options = TQStringList::split(',',
3060  TQString::fromLatin1(trimLead(buf+11)));
3061  for(TQStringList::ConstIterator it = options.begin();
3062  it != options.end();
3063  it++)
3064  {
3065  TQString option = (*it).stripWhiteSpace().lower();
3066  if (option.startsWith("timeout="))
3067  {
3068  m_keepAliveTimeout = option.mid(8).toInt();
3069  }
3070  }
3071  }
3072 
3073  // Cache control
3074  else if (strncasecmp(buf, "Cache-Control:", 14) == 0) {
3075  TQStringList cacheControls = TQStringList::split(',',
3076  TQString::fromLatin1(trimLead(buf+14)));
3077  for(TQStringList::ConstIterator it = cacheControls.begin();
3078  it != cacheControls.end();
3079  it++)
3080  {
3081  TQString cacheControl = (*it).stripWhiteSpace();
3082  if (strncasecmp(cacheControl.latin1(), "no-cache", 8) == 0)
3083  {
3084  m_request.bCachedWrite = false; // Don't put in cache
3085  mayCache = false;
3086  }
3087  else if (strncasecmp(cacheControl.latin1(), "no-store", 8) == 0)
3088  {
3089  m_request.bCachedWrite = false; // Don't put in cache
3090  mayCache = false;
3091  }
3092  else if (strncasecmp(cacheControl.latin1(), "max-age=", 8) == 0)
3093  {
3094  TQString age = cacheControl.mid(8).stripWhiteSpace();
3095  if (!age.isNull())
3096  maxAge = STRTOLL(age.latin1(), 0, 10);
3097  }
3098  }
3099  hasCacheDirective = true;
3100  }
3101 
3102  // get the size of our data
3103  else if (strncasecmp(buf, "Content-length:", 15) == 0) {
3104  char* len = trimLead(buf + 15);
3105  if (len)
3106  m_iSize = STRTOLL(len, 0, 10);
3107  }
3108 
3109  else if (strncasecmp(buf, "Content-location:", 17) == 0) {
3110  setMetaData ("content-location",
3111  TQString::fromLatin1(trimLead(buf+17)).stripWhiteSpace());
3112  }
3113 
3114  // what type of data do we have?
3115  else if (strncasecmp(buf, "Content-type:", 13) == 0) {
3116  char *start = trimLead(buf + 13);
3117  char *pos = start;
3118 
3119  // Increment until we encounter ";" or the end of the buffer
3120  while ( *pos && *pos != ';' ) pos++;
3121 
3122  // Assign the mime-type.
3123  m_strMimeType = TQString::fromLatin1(start, pos-start).stripWhiteSpace().lower();
3124  kdDebug(7113) << "(" << m_pid << ") Content-type: " << m_strMimeType << endl;
3125 
3126  // If we still have text, then it means we have a mime-type with a
3127  // parameter (eg: charset=iso-8851) ; so let's get that...
3128  while (*pos)
3129  {
3130  start = ++pos;
3131  while ( *pos && *pos != '=' ) pos++;
3132 
3133  char *end = pos;
3134  while ( *end && *end != ';' ) end++;
3135 
3136  if (*pos)
3137  {
3138  mediaAttribute = TQString::fromLatin1(start, pos-start).stripWhiteSpace().lower();
3139  mediaValue = TQString::fromLatin1(pos+1, end-pos-1).stripWhiteSpace();
3140  pos = end;
3141  if (mediaValue.length() &&
3142  (mediaValue[0] == '"') &&
3143  (mediaValue[mediaValue.length()-1] == '"'))
3144  mediaValue = mediaValue.mid(1, mediaValue.length()-2);
3145 
3146  kdDebug (7113) << "(" << m_pid << ") Media-Parameter Attribute: "
3147  << mediaAttribute << endl;
3148  kdDebug (7113) << "(" << m_pid << ") Media-Parameter Value: "
3149  << mediaValue << endl;
3150 
3151  if ( mediaAttribute == "charset")
3152  {
3153  mediaValue = mediaValue.lower();
3154  m_request.strCharset = mediaValue;
3155  }
3156  else
3157  {
3158  setMetaData("media-"+mediaAttribute, mediaValue);
3159  }
3160  }
3161  }
3162  }
3163 
3164  // Date
3165  else if (strncasecmp(buf, "Date:", 5) == 0) {
3166  dateHeader = KRFCDate::parseDate(trimLead(buf+5));
3167  }
3168 
3169  // Cache management
3170  else if (strncasecmp(buf, "ETag:", 5) == 0) {
3171  m_request.etag = trimLead(buf+5);
3172  }
3173 
3174  // Cache management
3175  else if (strncasecmp(buf, "Expires:", 8) == 0) {
3176  expireDate = KRFCDate::parseDate(trimLead(buf+8));
3177  if (!expireDate)
3178  expireDate = 1; // Already expired
3179  }
3180 
3181  // Cache management
3182  else if (strncasecmp(buf, "Last-Modified:", 14) == 0) {
3183  m_request.lastModified = (TQString::fromLatin1(trimLead(buf+14))).stripWhiteSpace();
3184  }
3185 
3186  // whoops.. we received a warning
3187  else if (strncasecmp(buf, "Warning:", 8) == 0) {
3188  //Don't use warning() here, no need to bother the user.
3189  //Those warnings are mostly about caches.
3190  infoMessage(trimLead(buf + 8));
3191  }
3192 
3193  // Cache management (HTTP 1.0)
3194  else if (strncasecmp(buf, "Pragma:", 7) == 0) {
3195  TQCString pragma = TQCString(trimLead(buf+7)).stripWhiteSpace().lower();
3196  if (pragma == "no-cache")
3197  {
3198  m_request.bCachedWrite = false; // Don't put in cache
3199  mayCache = false;
3200  hasCacheDirective = true;
3201  }
3202  }
3203 
3204  // The deprecated Refresh Response
3205  else if (strncasecmp(buf,"Refresh:", 8) == 0) {
3206  mayCache = false; // Do not cache page as it defeats purpose of Refresh tag!
3207  setMetaData( "http-refresh", TQString::fromLatin1(trimLead(buf+8)).stripWhiteSpace() );
3208  }
3209 
3210  // In fact we should do redirection only if we got redirection code
3211  else if (strncasecmp(buf, "Location:", 9) == 0) {
3212  // Redirect only for 3xx status code, will ya! Thanks, pal!
3213  if ( m_responseCode > 299 && m_responseCode < 400 )
3214  locationStr = TQCString(trimLead(buf+9)).stripWhiteSpace();
3215  }
3216 
3217  // Check for cookies
3218  else if (strncasecmp(buf, "Set-Cookie", 10) == 0) {
3219  cookieStr += buf;
3220  cookieStr += '\n';
3221  }
3222 
3223  // check for direct authentication
3224  else if (strncasecmp(buf, "WWW-Authenticate:", 17) == 0) {
3225  configAuth(trimLead(buf + 17), false);
3226  }
3227 
3228  // check for proxy-based authentication
3229  else if (strncasecmp(buf, "Proxy-Authenticate:", 19) == 0) {
3230  configAuth(trimLead(buf + 19), true);
3231  }
3232 
3233  else if (strncasecmp(buf, "Upgrade:", 8) == 0) {
3234  // Now we have to check to see what is offered for the upgrade
3235  TQString offered = &(buf[8]);
3236  upgradeOffers = TQStringList::split(TQRegExp("[ \n,\r\t]"), offered);
3237  }
3238 
3239  // content?
3240  else if (strncasecmp(buf, "Content-Encoding:", 17) == 0) {
3241  // This is so wrong !! No wonder kio_http is stripping the
3242  // gzip encoding from downloaded files. This solves multiple
3243  // bug reports and caitoo's problem with downloads when such a
3244  // header is encountered...
3245 
3246  // A quote from RFC 2616:
3247  // " When present, its (Content-Encoding) value indicates what additional
3248  // content have been applied to the entity body, and thus what decoding
3249  // mechanism must be applied to obtain the media-type referenced by the
3250  // Content-Type header field. Content-Encoding is primarily used to allow
3251  // a document to be compressed without loosing the identity of its underlying
3252  // media type. Simply put if it is specified, this is the actual mime-type
3253  // we should use when we pull the resource !!!
3254  addEncoding(trimLead(buf + 17), m_qContentEncodings);
3255  }
3256  // Refer to RFC 2616 sec 15.5/19.5.1 and RFC 2183
3257  else if(strncasecmp(buf, "Content-Disposition:", 20) == 0) {
3258  char* dispositionBuf = trimLead(buf + 20);
3259  while ( *dispositionBuf )
3260  {
3261  if ( strncasecmp( dispositionBuf, "filename", 8 ) == 0 )
3262  {
3263  dispositionBuf += 8;
3264 
3265  while ( *dispositionBuf == ' ' || *dispositionBuf == '=' )
3266  dispositionBuf++;
3267 
3268  char* bufStart = dispositionBuf;
3269 
3270  while ( *dispositionBuf && *dispositionBuf != ';' )
3271  dispositionBuf++;
3272 
3273  if ( dispositionBuf > bufStart )
3274  {
3275  // Skip any leading quotes...
3276  while ( *bufStart == '"' )
3277  bufStart++;
3278 
3279  // Skip any trailing quotes as well as white spaces...
3280  while ( *(dispositionBuf-1) == ' ' || *(dispositionBuf-1) == '"')
3281  dispositionBuf--;
3282 
3283  if ( dispositionBuf > bufStart )
3284  dispositionFilename = TQString::fromLatin1( bufStart, dispositionBuf-bufStart );
3285 
3286  break;
3287  }
3288  }
3289  else
3290  {
3291  char *bufStart = dispositionBuf;
3292 
3293  while ( *dispositionBuf && *dispositionBuf != ';' )
3294  dispositionBuf++;
3295 
3296  if ( dispositionBuf > bufStart )
3297  dispositionType = TQString::fromLatin1( bufStart, dispositionBuf-bufStart ).stripWhiteSpace();
3298 
3299  while ( *dispositionBuf == ';' || *dispositionBuf == ' ' )
3300  dispositionBuf++;
3301  }
3302  }
3303 
3304  // Content-Dispostion is not allowed to dictate directory
3305  // path, thus we extract the filename only.
3306  if ( !dispositionFilename.isEmpty() )
3307  {
3308  int pos = dispositionFilename.findRev( '/' );
3309 
3310  if( pos > -1 )
3311  dispositionFilename = dispositionFilename.mid(pos+1);
3312 
3313  kdDebug(7113) << "(" << m_pid << ") Content-Disposition: filename="
3314  << dispositionFilename<< endl;
3315  }
3316  }
3317  else if(strncasecmp(buf, "Content-Language:", 17) == 0) {
3318  TQString language = TQString::fromLatin1(trimLead(buf+17)).stripWhiteSpace();
3319  if (!language.isEmpty())
3320  setMetaData("content-language", language);
3321  }
3322  else if (strncasecmp(buf, "Proxy-Connection:", 17) == 0)
3323  {
3324  if (strncasecmp(trimLead(buf + 17), "Close", 5) == 0)
3325  m_bKeepAlive = false;
3326  else if (strncasecmp(trimLead(buf + 17), "Keep-Alive", 10)==0)
3327  m_bKeepAlive = true;
3328  }
3329  else if (strncasecmp(buf, "Link:", 5) == 0) {
3330  // We only support Link: <url>; rel="type" so far
3331  TQStringList link = TQStringList::split(";", TQString(buf)
3332  .replace(TQRegExp("^Link:[ ]*"),
3333  ""));
3334  if (link.count() == 2) {
3335  TQString rel = link[1].stripWhiteSpace();
3336  if (rel.startsWith("rel=\"")) {
3337  rel = rel.mid(5, rel.length() - 6);
3338  if (rel.lower() == "pageservices") {
3339  TQString url = TQString(link[0].replace(TQRegExp("[<>]"),"")).stripWhiteSpace();
3340  setMetaData("PageServices", url);
3341  }
3342  }
3343  }
3344  }
3345  else if (strncasecmp(buf, "P3P:", 4) == 0) {
3346  TQString p3pstr = buf;
3347  p3pstr = p3pstr.mid(4).simplifyWhiteSpace();
3348  TQStringList policyrefs, compact;
3349  TQStringList policyfields = TQStringList::split(TQRegExp(",[ ]*"), p3pstr);
3350  for (TQStringList::Iterator it = policyfields.begin();
3351  it != policyfields.end();
3352  ++it) {
3353  TQStringList policy = TQStringList::split("=", *it);
3354 
3355  if (policy.count() == 2) {
3356  if (policy[0].lower() == "policyref") {
3357  policyrefs << TQString(policy[1].replace(TQRegExp("[\"\']"), ""))
3358  .stripWhiteSpace();
3359  } else if (policy[0].lower() == "cp") {
3360  // We convert to cp\ncp\ncp\n[...]\ncp to be consistent with
3361  // other metadata sent in strings. This could be a bit more
3362  // efficient but I'm going for correctness right now.
3363  TQStringList cps = TQStringList::split(" ",
3364  TQString(policy[1].replace(TQRegExp("[\"\']"), ""))
3365  .simplifyWhiteSpace());
3366 
3367  for (TQStringList::Iterator j = cps.begin(); j != cps.end(); ++j)
3368  compact << *j;
3369  }
3370  }
3371  }
3372 
3373  if (!policyrefs.isEmpty())
3374  setMetaData("PrivacyPolicy", policyrefs.join("\n"));
3375 
3376  if (!compact.isEmpty())
3377  setMetaData("PrivacyCompactPolicy", compact.join("\n"));
3378  }
3379  // let them tell us if we should stay alive or not
3380  else if (strncasecmp(buf, "Connection:", 11) == 0)
3381  {
3382  if (strncasecmp(trimLead(buf + 11), "Close", 5) == 0)
3383  m_bKeepAlive = false;
3384  else if (strncasecmp(trimLead(buf + 11), "Keep-Alive", 10)==0)
3385  m_bKeepAlive = true;
3386  else if (strncasecmp(trimLead(buf + 11), "Upgrade", 7)==0)
3387  {
3388  if (m_responseCode == 101) {
3389  // Ok, an upgrade was accepted, now we must do it
3390  upgradeRequired = true;
3391  } else if (upgradeRequired) { // 426
3392  // Nothing to do since we did it above already
3393  } else {
3394  // Just an offer to upgrade - no need to take it
3395  canUpgrade = true;
3396  }
3397  }
3398  }
3399  // continue only if we know that we're HTTP/1.1
3400  else if ( httpRev == HTTP_11) {
3401  // what kind of encoding do we have? transfer?
3402  if (strncasecmp(buf, "Transfer-Encoding:", 18) == 0) {
3403  // If multiple encodings have been applied to an entity, the
3404  // transfer-codings MUST be listed in the order in which they
3405  // were applied.
3406  addEncoding(trimLead(buf + 18), m_qTransferEncodings);
3407  }
3408 
3409  // md5 signature
3410  else if (strncasecmp(buf, "Content-MD5:", 12) == 0) {
3411  m_sContentMD5 = TQString::fromLatin1(trimLead(buf + 12));
3412  }
3413 
3414  // *** Responses to the HTTP OPTIONS method follow
3415  // WebDAV capabilities
3416  else if (strncasecmp(buf, "DAV:", 4) == 0) {
3417  if (m_davCapabilities.isEmpty()) {
3418  m_davCapabilities << TQString::fromLatin1(trimLead(buf + 4));
3419  }
3420  else {
3421  m_davCapabilities << TQString::fromLatin1(trimLead(buf + 4));
3422  }
3423  }
3424  // *** Responses to the HTTP OPTIONS method finished
3425  }
3426  else if ((httpRev == HTTP_None) && (strlen(buf) != 0))
3427  {
3428  // Remote server does not seem to speak HTTP at all
3429  // Put the crap back into the buffer and hope for the best
3430  rewind();
3431  if (m_responseCode)
3432  m_prevResponseCode = m_responseCode;
3433 
3434  m_responseCode = 200; // Fake it
3435  httpRev = HTTP_Unknown;
3436  m_bKeepAlive = false;
3437  break;
3438  }
3439  setRewindMarker();
3440 
3441  // Clear out our buffer for further use.
3442  memset(buffer, 0, sizeof(buffer));
3443 
3444  } while (!m_bEOF && (len || noHeader) && (headerSize < maxHeaderSize) && (gets(buffer, sizeof(buffer)-1)));
3445 
3446  // Now process the HTTP/1.1 upgrade
3447  TQStringList::Iterator opt = upgradeOffers.begin();
3448  for( ; opt != upgradeOffers.end(); ++opt) {
3449  if (*opt == "TLS/1.0") {
3450  if(upgradeRequired) {
3451  if (!startTLS() && !usingTLS()) {
3452  error(ERR_UPGRADE_REQUIRED, *opt);
3453  return false;
3454  }
3455  }
3456  } else if (*opt == "HTTP/1.1") {
3457  httpRev = HTTP_11;
3458  } else {
3459  // unknown
3460  if (upgradeRequired) {
3461  error(ERR_UPGRADE_REQUIRED, *opt);
3462  return false;
3463  }
3464  }
3465  }
3466 
3467  setMetaData("charset", m_request.strCharset);
3468 
3469  // If we do not support the requested authentication method...
3470  if ( (m_responseCode == 401 && Authentication == AUTH_None) ||
3471  (m_responseCode == 407 && ProxyAuthentication == AUTH_None) )
3472  {
3473  m_bUnauthorized = false;
3474  if (m_request.bErrorPage)
3475  errorPage();
3476  else
3477  {
3478  error( ERR_UNSUPPORTED_ACTION, "Unknown Authorization method!" );
3479  return false;
3480  }
3481  }
3482 
3483  // Fixup expire date for clock drift.
3484  if (expireDate && (expireDate <= dateHeader))
3485  expireDate = 1; // Already expired.
3486 
3487  // Convert max-age into expireDate (overriding previous set expireDate)
3488  if (maxAge == 0)
3489  expireDate = 1; // Already expired.
3490  else if (maxAge > 0)
3491  {
3492  if (currentAge)
3493  maxAge -= currentAge;
3494  if (maxAge <=0)
3495  maxAge = 0;
3496  expireDate = time(0) + maxAge;
3497  }
3498 
3499  if (!expireDate)
3500  {
3501  time_t lastModifiedDate = 0;
3502  if (!m_request.lastModified.isEmpty())
3503  lastModifiedDate = KRFCDate::parseDate(m_request.lastModified);
3504 
3505  if (lastModifiedDate)
3506  {
3507  long diff = static_cast<long>(difftime(dateHeader, lastModifiedDate));
3508  if (diff < 0)
3509  expireDate = time(0) + 1;
3510  else
3511  expireDate = time(0) + (diff / 10);
3512  }
3513  else
3514  {
3515  expireDate = time(0) + DEFAULT_CACHE_EXPIRE;
3516  }
3517  }
3518 
3519  // DONE receiving the header!
3520  if (!cookieStr.isEmpty())
3521  {
3522  if ((m_request.cookieMode == HTTPRequest::CookiesAuto) && m_request.bUseCookiejar)
3523  {
3524  // Give cookies to the cookiejar.
3525  TQString domain = config()->readEntry("cross-domain");
3526  if (!domain.isEmpty() && isCrossDomainRequest(m_request.url.host(), domain))
3527  cookieStr = "Cross-Domain\n" + cookieStr;
3528  addCookies( m_request.url.url(), cookieStr );
3529  }
3530  else if (m_request.cookieMode == HTTPRequest::CookiesManual)
3531  {
3532  // Pass cookie to application
3533  setMetaData("setcookies", cookieStr);
3534  }
3535  }
3536 
3537  if (m_request.bMustRevalidate)
3538  {
3539  m_request.bMustRevalidate = false; // Reset just in case.
3540  if (cacheValidated)
3541  {
3542  // Yippie, we can use the cached version.
3543  // Update the cache with new "Expire" headers.
3544  fclose(m_request.fcache);
3545  m_request.fcache = 0;
3546  updateExpireDate( expireDate, true );
3547  m_request.fcache = checkCacheEntry( ); // Re-read cache entry
3548 
3549  if (m_request.fcache)
3550  {
3551  m_request.bCachedRead = true;
3552  goto try_again; // Read header again, but now from cache.
3553  }
3554  else
3555  {
3556  // Where did our cache entry go???
3557  }
3558  }
3559  else
3560  {
3561  // Validation failed. Close cache.
3562  fclose(m_request.fcache);
3563  m_request.fcache = 0;
3564  }
3565  }
3566 
3567  // We need to reread the header if we got a '100 Continue' or '102 Processing'
3568  if ( cont )
3569  {
3570  goto try_again;
3571  }
3572 
3573  // Do not do a keep-alive connection if the size of the
3574  // response is not known and the response is not Chunked.
3575  if (!m_bChunked && (m_iSize == NO_SIZE))
3576  m_bKeepAlive = false;
3577 
3578  if ( m_responseCode == 204 )
3579  {
3580  return true;
3581  }
3582 
3583  // We need to try to login again if we failed earlier
3584  if ( m_bUnauthorized )
3585  {
3586  if ( (m_responseCode == 401) ||
3587  (m_bUseProxy && (m_responseCode == 407))
3588  )
3589  {
3590  if ( getAuthorization() )
3591  {
3592  // for NTLM Authentication we have to keep the connection open!
3593  if ( Authentication == AUTH_NTLM && m_strAuthorization.length() > 4 )
3594  {
3595  m_bKeepAlive = true;
3596  readBody( true );
3597  }
3598  else if (ProxyAuthentication == AUTH_NTLM && m_strProxyAuthorization.length() > 4)
3599  {
3600  readBody( true );
3601  }
3602  else
3603  httpCloseConnection();
3604  return false; // Try again.
3605  }
3606 
3607  if (m_bError)
3608  return false; // Error out
3609 
3610  // Show error page...
3611  }
3612  m_bUnauthorized = false;
3613  }
3614 
3615  // We need to do a redirect
3616  if (!locationStr.isEmpty())
3617  {
3618  KURL u(m_request.url, locationStr);
3619  if(!u.isValid())
3620  {
3621  error(ERR_MALFORMED_URL, u.url());
3622  return false;
3623  }
3624  if ((u.protocol() != "http") && (u.protocol() != "https") &&
3625  (u.protocol() != "ftp") && (u.protocol() != "webdav") &&
3626  (u.protocol() != "webdavs"))
3627  {
3628  redirection(u);
3629  error(ERR_ACCESS_DENIED, u.url());
3630  return false;
3631  }
3632 
3633  // preserve #ref: (bug 124654)
3634  // if we were at http://host/resource1#ref, we sent a GET for "/resource1"
3635  // if we got redirected to http://host/resource2, then we have to re-add
3636  // the fragment:
3637  if (m_request.url.hasRef() && !u.hasRef() &&
3638  (m_request.url.host() == u.host()) &&
3639  (m_request.url.protocol() == u.protocol()))
3640  u.setRef(m_request.url.ref());
3641 
3642  m_bRedirect = true;
3643  m_redirectLocation = u;
3644 
3645  if (!m_request.id.isEmpty())
3646  {
3647  sendMetaData();
3648  }
3649 
3650  kdDebug(7113) << "(" << m_pid << ") request.url: " << m_request.url.url()
3651  << endl << "LocationStr: " << locationStr.data() << endl;
3652 
3653  kdDebug(7113) << "(" << m_pid << ") Requesting redirection to: " << u.url()
3654  << endl;
3655 
3656  // If we're redirected to a http:// url, remember that we're doing webdav...
3657  if (m_protocol == "webdav" || m_protocol == "webdavs")
3658  u.setProtocol(m_protocol);
3659 
3660  redirection(u);
3661  m_request.bCachedWrite = false; // Turn off caching on re-direction (DA)
3662  mayCache = false;
3663  }
3664 
3665  // Inform the job that we can indeed resume...
3666  if ( bCanResume && m_request.offset )
3667  canResume();
3668  else
3669  m_request.offset = 0;
3670 
3671  // We don't cache certain text objects
3672  if (m_strMimeType.startsWith("text/") &&
3673  (m_strMimeType != "text/css") &&
3674  (m_strMimeType != "text/x-javascript") &&
3675  !hasCacheDirective)
3676  {
3677  // Do not cache secure pages or pages
3678  // originating from password protected sites
3679  // unless the webserver explicitly allows it.
3680  if ( m_bIsSSL || (Authentication != AUTH_None) )
3681  {
3682  m_request.bCachedWrite = false;
3683  mayCache = false;
3684  }
3685  }
3686 
3687  // WABA: Correct for tgz files with a gzip-encoding.
3688  // They really shouldn't put gzip in the Content-Encoding field!
3689  // Web-servers really shouldn't do this: They let Content-Size refer
3690  // to the size of the tgz file, not to the size of the tar file,
3691  // while the Content-Type refers to "tar" instead of "tgz".
3692  if (m_qContentEncodings.last() == "gzip")
3693  {
3694  if (m_strMimeType == "application/x-tar")
3695  {
3696  m_qContentEncodings.remove(m_qContentEncodings.fromLast());
3697  m_strMimeType = TQString::fromLatin1("application/x-tgz");
3698  }
3699  else if (m_strMimeType == "application/postscript")
3700  {
3701  // LEONB: Adding another exception for psgz files.
3702  // Could we use the mimelnk files instead of hardcoding all this?
3703  m_qContentEncodings.remove(m_qContentEncodings.fromLast());
3704  m_strMimeType = TQString::fromLatin1("application/x-gzpostscript");
3705  }
3706  else if ( m_request.allowCompressedPage &&
3707  m_strMimeType != "application/x-tgz" &&
3708  m_strMimeType != "application/x-targz" &&
3709  m_strMimeType != "application/x-gzip" &&
3710  m_request.url.path().right(6) == ".ps.gz" )
3711  {
3712  m_qContentEncodings.remove(m_qContentEncodings.fromLast());
3713  m_strMimeType = TQString::fromLatin1("application/x-gzpostscript");
3714  }
3715  else if ( (m_request.allowCompressedPage &&
3716  m_strMimeType == "text/html")
3717  ||
3718  (m_request.allowCompressedPage &&
3719  m_strMimeType != "application/x-tgz" &&
3720  m_strMimeType != "application/x-targz" &&
3721  m_strMimeType != "application/x-gzip" &&
3722  m_request.url.path().right(3) != ".gz")
3723  )
3724  {
3725  // Unzip!
3726  }
3727  else
3728  {
3729  m_qContentEncodings.remove(m_qContentEncodings.fromLast());
3730  m_strMimeType = TQString::fromLatin1("application/x-gzip");
3731  }
3732  }
3733 
3734  // We can't handle "bzip2" encoding (yet). So if we get something with
3735  // bzip2 encoding, we change the mimetype to "application/x-bzip2".
3736  // Note for future changes: some web-servers send both "bzip2" as
3737  // encoding and "application/x-bzip2" as mimetype. That is wrong.
3738  // currently that doesn't bother us, because we remove the encoding
3739  // and set the mimetype to x-bzip2 anyway.
3740  if (m_qContentEncodings.last() == "bzip2")
3741  {
3742  m_qContentEncodings.remove(m_qContentEncodings.fromLast());
3743  m_strMimeType = TQString::fromLatin1("application/x-bzip2");
3744  }
3745 
3746  // Convert some common mimetypes to standard KDE mimetypes
3747  if (m_strMimeType == "application/x-targz")
3748  m_strMimeType = TQString::fromLatin1("application/x-tgz");
3749  else if (m_strMimeType == "application/zip")
3750  m_strMimeType = TQString::fromLatin1("application/x-zip");
3751  else if (m_strMimeType == "image/x-png")
3752  m_strMimeType = TQString::fromLatin1("image/png");
3753  else if (m_strMimeType == "image/bmp")
3754  m_strMimeType = TQString::fromLatin1("image/x-bmp");
3755  else if (m_strMimeType == "audio/mpeg" || m_strMimeType == "audio/x-mpeg" || m_strMimeType == "audio/mp3")
3756  m_strMimeType = TQString::fromLatin1("audio/x-mp3");
3757  else if (m_strMimeType == "audio/microsoft-wave")
3758  m_strMimeType = TQString::fromLatin1("audio/x-wav");
3759  else if (m_strMimeType == "audio/midi")
3760  m_strMimeType = TQString::fromLatin1("audio/x-midi");
3761  else if (m_strMimeType == "image/x-xpixmap")
3762  m_strMimeType = TQString::fromLatin1("image/x-xpm");
3763  else if (m_strMimeType == "application/rtf")
3764  m_strMimeType = TQString::fromLatin1("text/rtf");
3765 
3766  // Crypto ones....
3767  else if (m_strMimeType == "application/pkix-cert" ||
3768  m_strMimeType == "application/binary-certificate")
3769  {
3770  m_strMimeType = TQString::fromLatin1("application/x-x509-ca-cert");
3771  }
3772 
3773  // Prefer application/x-tgz or x-gzpostscript over application/x-gzip.
3774  else if (m_strMimeType == "application/x-gzip")
3775  {
3776  if ((m_request.url.path().right(7) == ".tar.gz") ||
3777  (m_request.url.path().right(4) == ".tar"))
3778  m_strMimeType = TQString::fromLatin1("application/x-tgz");
3779  if ((m_request.url.path().right(6) == ".ps.gz"))
3780  m_strMimeType = TQString::fromLatin1("application/x-gzpostscript");
3781  }
3782 
3783  // Some webservers say "text/plain" when they mean "application/x-bzip2"
3784  else if ((m_strMimeType == "text/plain") || (m_strMimeType == "application/octet-stream"))
3785  {
3786  TQString ext = m_request.url.path().right(4).upper();
3787  if (ext == ".BZ2")
3788  m_strMimeType = TQString::fromLatin1("application/x-bzip2");
3789  else if (ext == ".PEM")
3790  m_strMimeType = TQString::fromLatin1("application/x-x509-ca-cert");
3791  else if (ext == ".SWF")
3792  m_strMimeType = TQString::fromLatin1("application/x-shockwave-flash");
3793  else if (ext == ".PLS")
3794  m_strMimeType = TQString::fromLatin1("audio/x-scpls");
3795  else if (ext == ".WMV")
3796  m_strMimeType = TQString::fromLatin1("video/x-ms-wmv");
3797  }
3798 
3799 #if 0
3800  // Even if we can't rely on content-length, it seems that we should
3801  // never get more data than content-length. Maybe less, if the
3802  // content-length refers to the unzipped data.
3803  if (!m_qContentEncodings.isEmpty())
3804  {
3805  // If we still have content encoding we can't rely on the Content-Length.
3806  m_iSize = NO_SIZE;
3807  }
3808 #endif
3809 
3810  if( !dispositionType.isEmpty() )
3811  {
3812  kdDebug(7113) << "(" << m_pid << ") Setting Content-Disposition type to: "
3813  << dispositionType << endl;
3814  setMetaData("content-disposition-type", dispositionType);
3815  }
3816  if( !dispositionFilename.isEmpty() )
3817  {
3818  kdDebug(7113) << "(" << m_pid << ") Setting Content-Disposition filename to: "
3819  << dispositionFilename << endl;
3820  // ### KDE4: setting content-disposition to filename for pre 3.5.2 compatability
3821  setMetaData("content-disposition", dispositionFilename);
3822  setMetaData("content-disposition-filename", dispositionFilename);
3823  }
3824 
3825  if (!m_request.lastModified.isEmpty())
3826  setMetaData("modified", m_request.lastModified);
3827 
3828  if (!mayCache)
3829  {
3830  setMetaData("no-cache", "true");
3831  setMetaData("expire-date", "1"); // Expired
3832  }
3833  else
3834  {
3835  TQString tmp;
3836  tmp.setNum(expireDate);
3837  setMetaData("expire-date", tmp);
3838  tmp.setNum(time(0)); // Cache entry will be created shortly.
3839  setMetaData("cache-creation-date", tmp);
3840  }
3841 
3842  // Let the app know about the mime-type iff this is not
3843  // a redirection and the mime-type string is not empty.
3844  if (locationStr.isEmpty() && (!m_strMimeType.isEmpty() ||
3845  m_request.method == HTTP_HEAD))
3846  {
3847  kdDebug(7113) << "(" << m_pid << ") Emitting mimetype " << m_strMimeType << endl;
3848  mimeType( m_strMimeType );
3849  }
3850 
3851  // Do not move send response header before any redirection as it seems
3852  // to screw up some sites. See BR# 150904.
3853  forwardHttpResponseHeader();
3854 
3855  if (m_request.method == HTTP_HEAD)
3856  return true;
3857 
3858  // Do we want to cache this request?
3859  if (m_request.bUseCache)
3860  {
3861  ::unlink( TQFile::encodeName(m_request.cef));
3862  if ( m_request.bCachedWrite && !m_strMimeType.isEmpty() )
3863  {
3864  // Check...
3865  createCacheEntry(m_strMimeType, expireDate); // Create a cache entry
3866  if (!m_request.fcache)
3867  {
3868  m_request.bCachedWrite = false; // Error creating cache entry.
3869  kdDebug(7113) << "(" << m_pid << ") Error creating cache entry for " << m_request.url.url()<<"!\n";
3870  }
3871  m_request.expireDate = expireDate;
3872  m_maxCacheSize = config()->readNumEntry("MaxCacheSize", DEFAULT_MAX_CACHE_SIZE) / 2;
3873  }
3874  }
3875 
3876  if (m_request.bCachedWrite && !m_strMimeType.isEmpty())
3877  kdDebug(7113) << "(" << m_pid << ") Cache, adding \"" << m_request.url.url() << "\"" << endl;
3878  else if (m_request.bCachedWrite && m_strMimeType.isEmpty())
3879  kdDebug(7113) << "(" << m_pid << ") Cache, pending \"" << m_request.url.url() << "\"" << endl;
3880  else
3881  kdDebug(7113) << "(" << m_pid << ") Cache, not adding \"" << m_request.url.url() << "\"" << endl;
3882  return true;
3883 }
3884 
3885 
3886 void HTTPProtocol::addEncoding(TQString encoding, TQStringList &encs)
3887 {
3888  encoding = encoding.stripWhiteSpace().lower();
3889  // Identity is the same as no encoding
3890  if (encoding == "identity") {
3891  return;
3892  } else if (encoding == "8bit") {
3893  // Strange encoding returned by http://linac.ikp.physik.tu-darmstadt.de
3894  return;
3895  } else if (encoding == "chunked") {
3896  m_bChunked = true;
3897  // Anyone know of a better way to handle unknown sizes possibly/ideally with unsigned ints?
3898  //if ( m_cmd != CMD_COPY )
3899  m_iSize = NO_SIZE;
3900  } else if ((encoding == "x-gzip") || (encoding == "gzip")) {
3901  encs.append(TQString::fromLatin1("gzip"));
3902  } else if ((encoding == "x-bzip2") || (encoding == "bzip2")) {
3903  encs.append(TQString::fromLatin1("bzip2")); // Not yet supported!
3904  } else if ((encoding == "x-deflate") || (encoding == "deflate")) {
3905  encs.append(TQString::fromLatin1("deflate"));
3906  } else {
3907  kdDebug(7113) << "(" << m_pid << ") Unknown encoding encountered. "
3908  << "Please write code. Encoding = \"" << encoding
3909  << "\"" << endl;
3910  }
3911 }
3912 
3913 bool HTTPProtocol::sendBody()
3914 {
3915  int result=-1;
3916  int length=0;
3917 
3918  infoMessage( i18n( "Requesting data to send" ) );
3919 
3920  // m_bufPOST will NOT be empty iff authentication was required before posting
3921  // the data OR a re-connect is requested from ::readHeader because the
3922  // connection was lost for some reason.
3923  if ( !m_bufPOST.isNull() )
3924  {
3925  kdDebug(7113) << "(" << m_pid << ") POST'ing saved data..." << endl;
3926 
3927  result = 0;
3928  length = m_bufPOST.size();
3929  }
3930  else
3931  {
3932  kdDebug(7113) << "(" << m_pid << ") POST'ing live data..." << endl;
3933 
3934  TQByteArray buffer;
3935  int old_size;
3936 
3937  m_bufPOST.resize(0);
3938  do
3939  {
3940  dataReq(); // Request for data
3941  result = readData( buffer );
3942  if ( result > 0 )
3943  {
3944  length += result;
3945  old_size = m_bufPOST.size();
3946  m_bufPOST.resize( old_size+result );
3947  memcpy( m_bufPOST.data()+ old_size, buffer.data(), buffer.size() );
3948  buffer.resize(0);
3949  }
3950  } while ( result > 0 );
3951  }
3952 
3953  if ( result < 0 )
3954  {
3955  error( ERR_ABORTED, m_request.hostname );
3956  return false;
3957  }
3958 
3959  infoMessage( i18n( "Sending data to %1" ).arg( m_request.hostname ) );
3960 
3961  TQString size = TQString ("Content-Length: %1\r\n\r\n").arg(length);
3962  kdDebug( 7113 ) << "(" << m_pid << ")" << size << endl;
3963 
3964  // Send the content length...
3965  bool sendOk = (write(size.latin1(), size.length()) == (ssize_t) size.length());
3966  if (!sendOk)
3967  {
3968  kdDebug( 7113 ) << "(" << m_pid << ") Connection broken when sending "
3969  << "content length: (" << m_state.hostname << ")" << endl;
3970  error( ERR_CONNECTION_BROKEN, m_state.hostname );
3971  return false;
3972  }
3973 
3974  // Send the data...
3975  // kdDebug( 7113 ) << "(" << m_pid << ") POST DATA: " << TQCString(m_bufPOST) << endl;
3976  sendOk = (write(m_bufPOST.data(), m_bufPOST.size()) == (ssize_t) m_bufPOST.size());
3977  if (!sendOk)
3978  {
3979  kdDebug(7113) << "(" << m_pid << ") Connection broken when sending message body: ("
3980  << m_state.hostname << ")" << endl;
3981  error( ERR_CONNECTION_BROKEN, m_state.hostname );
3982  return false;
3983  }
3984 
3985  return true;
3986 }
3987 
3988 void HTTPProtocol::httpClose( bool keepAlive )
3989 {
3990  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::httpClose" << endl;
3991 
3992  if (m_request.fcache)
3993  {
3994  fclose(m_request.fcache);
3995  m_request.fcache = 0;
3996  if (m_request.bCachedWrite)
3997  {
3998  TQString filename = m_request.cef + ".new";
3999  ::unlink( TQFile::encodeName(filename) );
4000  }
4001  }
4002 
4003  // Only allow persistent connections for GET requests.
4004  // NOTE: we might even want to narrow this down to non-form
4005  // based submit requests which will require a meta-data from
4006  // khtml.
4007  if (keepAlive && (!m_bUseProxy ||
4008  m_bPersistentProxyConnection || m_bIsTunneled))
4009  {
4010  if (!m_keepAliveTimeout)
4011  m_keepAliveTimeout = DEFAULT_KEEP_ALIVE_TIMEOUT;
4012  else if (m_keepAliveTimeout > 2*DEFAULT_KEEP_ALIVE_TIMEOUT)
4013  m_keepAliveTimeout = 2*DEFAULT_KEEP_ALIVE_TIMEOUT;
4014 
4015  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::httpClose: keep alive (" << m_keepAliveTimeout << ")" << endl;
4016  TQByteArray data;
4017  TQDataStream stream( data, IO_WriteOnly );
4018  stream << int(99); // special: Close connection
4019  setTimeoutSpecialCommand(m_keepAliveTimeout, data);
4020  return;
4021  }
4022 
4023  httpCloseConnection();
4024 }
4025 
4026 void HTTPProtocol::closeConnection()
4027 {
4028  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::closeConnection" << endl;
4029  httpCloseConnection ();
4030 }
4031 
4032 void HTTPProtocol::httpCloseConnection ()
4033 {
4034  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::httpCloseConnection" << endl;
4035  m_bIsTunneled = false;
4036  m_bKeepAlive = false;
4037  closeDescriptor();
4038  setTimeoutSpecialCommand(-1); // Cancel any connection timeout
4039 }
4040 
4041 void HTTPProtocol::slave_status()
4042 {
4043  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::slave_status" << endl;
4044 
4045  if ( m_iSock != -1 && !isConnectionValid() )
4046  httpCloseConnection();
4047 
4048  slaveStatus( m_state.hostname, (m_iSock != -1) );
4049 }
4050 
4051 void HTTPProtocol::mimetype( const KURL& url )
4052 {
4053  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::mimetype: "
4054  << url.prettyURL() << endl;
4055 
4056  if ( !checkRequestURL( url ) )
4057  return;
4058 
4059  m_request.method = HTTP_HEAD;
4060  m_request.path = url.path();
4061  m_request.query = url.query();
4062  m_request.cache = CC_Cache;
4063  m_request.doProxy = m_bUseProxy;
4064 
4065  retrieveHeader();
4066 
4067  kdDebug(7113) << "(" << m_pid << ") http: mimetype = " << m_strMimeType
4068  << endl;
4069 }
4070 
4071 void HTTPProtocol::special( const TQByteArray &data )
4072 {
4073  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::special" << endl;
4074 
4075  int tmp;
4076  TQDataStream stream(data, IO_ReadOnly);
4077 
4078  stream >> tmp;
4079  switch (tmp) {
4080  case 1: // HTTP POST
4081  {
4082  KURL url;
4083  stream >> url;
4084  post( url );
4085  break;
4086  }
4087  case 2: // cache_update
4088  {
4089  KURL url;
4090  bool no_cache;
4091  time_t expireDate;
4092  stream >> url >> no_cache >> expireDate;
4093  cacheUpdate( url, no_cache, expireDate );
4094  break;
4095  }
4096  case 5: // WebDAV lock
4097  {
4098  KURL url;
4099  TQString scope, type, owner;
4100  stream >> url >> scope >> type >> owner;
4101  davLock( url, scope, type, owner );
4102  break;
4103  }
4104  case 6: // WebDAV unlock
4105  {
4106  KURL url;
4107  stream >> url;
4108  davUnlock( url );
4109  break;
4110  }
4111  case 7: // Generic WebDAV
4112  {
4113  KURL url;
4114  int method;
4115  stream >> url >> method;
4116  davGeneric( url, (KIO::HTTP_METHOD) method );
4117  break;
4118  }
4119  case 99: // Close Connection
4120  {
4121  httpCloseConnection();
4122  break;
4123  }
4124  default:
4125  // Some command we don't understand.
4126  // Just ignore it, it may come from some future version of KDE.
4127  break;
4128  }
4129 }
4130 
4134 int HTTPProtocol::readChunked()
4135 {
4136  if ((m_iBytesLeft == 0) || (m_iBytesLeft == NO_SIZE))
4137  {
4138  setRewindMarker();
4139 
4140  m_bufReceive.resize(4096);
4141 
4142  if (!gets(m_bufReceive.data(), m_bufReceive.size()-1))
4143  {
4144  kdDebug(7113) << "(" << m_pid << ") gets() failure on Chunk header" << endl;
4145  return -1;
4146  }
4147  // We could have got the CRLF of the previous chunk.
4148  // If so, try again.
4149  if (m_bufReceive[0] == '\0')
4150  {
4151  if (!gets(m_bufReceive.data(), m_bufReceive.size()-1))
4152  {
4153  kdDebug(7113) << "(" << m_pid << ") gets() failure on Chunk header" << endl;
4154  return -1;
4155  }
4156  }
4157 
4158  // m_bEOF is set to true when read called from gets returns 0. For chunked reading 0
4159  // means end of chunked transfer and not error. See RFC 2615 section 3.6.1
4160  #if 0
4161  if (m_bEOF)
4162  {
4163  kdDebug(7113) << "(" << m_pid << ") EOF on Chunk header" << endl;
4164  return -1;
4165  }
4166  #endif
4167 
4168  long long trunkSize = STRTOLL(m_bufReceive.data(), 0, 16);
4169  if (trunkSize < 0)
4170  {
4171  kdDebug(7113) << "(" << m_pid << ") Negative chunk size" << endl;
4172  return -1;
4173  }
4174  m_iBytesLeft = trunkSize;
4175 
4176  // kdDebug(7113) << "(" << m_pid << ") Chunk size = " << m_iBytesLeft << " bytes" << endl;
4177 
4178  if (m_iBytesLeft == 0)
4179  {
4180  // Last chunk.
4181  // Skip trailers.
4182  do {
4183  // Skip trailer of last chunk.
4184  if (!gets(m_bufReceive.data(), m_bufReceive.size()-1))
4185  {
4186  kdDebug(7113) << "(" << m_pid << ") gets() failure on Chunk trailer" << endl;
4187  return -1;
4188  }
4189  // kdDebug(7113) << "(" << m_pid << ") Chunk trailer = \"" << m_bufReceive.data() << "\"" << endl;
4190  }
4191  while (strlen(m_bufReceive.data()) != 0);
4192 
4193  return 0;
4194  }
4195  }
4196 
4197  int bytesReceived = readLimited();
4198  if (!m_iBytesLeft)
4199  m_iBytesLeft = NO_SIZE; // Don't stop, continue with next chunk
4200 
4201  // kdDebug(7113) << "(" << m_pid << ") readChunked: BytesReceived=" << bytesReceived << endl;
4202  return bytesReceived;
4203 }
4204 
4205 int HTTPProtocol::readLimited()
4206 {
4207  if (!m_iBytesLeft)
4208  return 0;
4209 
4210  m_bufReceive.resize(4096);
4211 
4212  int bytesReceived;
4213  int bytesToReceive;
4214 
4215  if (m_iBytesLeft > m_bufReceive.size())
4216  bytesToReceive = m_bufReceive.size();
4217  else
4218  bytesToReceive = m_iBytesLeft;
4219 
4220  bytesReceived = read(m_bufReceive.data(), bytesToReceive);
4221 
4222  if (bytesReceived <= 0)
4223  return -1; // Error: connection lost
4224 
4225  m_iBytesLeft -= bytesReceived;
4226  return bytesReceived;
4227 }
4228 
4229 int HTTPProtocol::readUnlimited()
4230 {
4231  if (m_bKeepAlive)
4232  {
4233  kdDebug(7113) << "(" << m_pid << ") Unbounded datastream on a Keep "
4234  << "alive connection!" << endl;
4235  m_bKeepAlive = false;
4236  }
4237 
4238  m_bufReceive.resize(4096);
4239 
4240  int result = read(m_bufReceive.data(), m_bufReceive.size());
4241  if (result > 0)
4242  return result;
4243 
4244  m_bEOF = true;
4245  m_iBytesLeft = 0;
4246  return 0;
4247 }
4248 
4249 void HTTPProtocol::slotData(const TQByteArray &_d)
4250 {
4251  if (!_d.size())
4252  {
4253  m_bEOD = true;
4254  return;
4255  }
4256 
4257  if (m_iContentLeft != NO_SIZE)
4258  {
4259  if (m_iContentLeft >= _d.size())
4260  m_iContentLeft -= _d.size();
4261  else
4262  m_iContentLeft = NO_SIZE;
4263  }
4264 
4265  TQByteArray d = _d;
4266  if ( !m_dataInternal )
4267  {
4268  // If a broken server does not send the mime-type,
4269  // we try to id it from the content before dealing
4270  // with the content itself.
4271  if ( m_strMimeType.isEmpty() && !m_bRedirect &&
4272  !( m_responseCode >= 300 && m_responseCode <=399) )
4273  {
4274  kdDebug(7113) << "(" << m_pid << ") Determining mime-type from content..." << endl;
4275  int old_size = m_mimeTypeBuffer.size();
4276  m_mimeTypeBuffer.resize( old_size + d.size() );
4277  memcpy( m_mimeTypeBuffer.data() + old_size, d.data(), d.size() );
4278  if ( (m_iBytesLeft != NO_SIZE) && (m_iBytesLeft > 0)
4279  && (m_mimeTypeBuffer.size() < 1024) )
4280  {
4281  m_cpMimeBuffer = true;
4282  return; // Do not send up the data since we do not yet know its mimetype!
4283  }
4284 
4285  kdDebug(7113) << "(" << m_pid << ") Mimetype buffer size: " << m_mimeTypeBuffer.size()
4286  << endl;
4287 
4288  KMimeMagicResult *result;
4289  result = KMimeMagic::self()->findBufferFileType( m_mimeTypeBuffer,
4290  m_request.url.fileName() );
4291  if( result )
4292  {
4293  m_strMimeType = result->mimeType();
4294  kdDebug(7113) << "(" << m_pid << ") Mimetype from content: "
4295  << m_strMimeType << endl;
4296  }
4297 
4298  if ( m_strMimeType.isEmpty() )
4299  {
4300  m_strMimeType = TQString::fromLatin1( DEFAULT_MIME_TYPE );
4301  kdDebug(7113) << "(" << m_pid << ") Using default mimetype: "
4302  << m_strMimeType << endl;
4303  }
4304 
4305  if ( m_request.bCachedWrite )
4306  {
4307  createCacheEntry( m_strMimeType, m_request.expireDate );
4308  if (!m_request.fcache)
4309  m_request.bCachedWrite = false;
4310  }
4311 
4312  if ( m_cpMimeBuffer )
4313  {
4314  // Do not make any assumption about the state of the TQByteArray we received.
4315  // Fix the crash described by BR# 130104.
4316  d.detach();
4317  d.resize(0);
4318  d.resize(m_mimeTypeBuffer.size());
4319  memcpy( d.data(), m_mimeTypeBuffer.data(),
4320  d.size() );
4321  }
4322  mimeType(m_strMimeType);
4323  m_mimeTypeBuffer.resize(0);
4324  }
4325 
4326  data( d );
4327  if (m_request.bCachedWrite && m_request.fcache)
4328  writeCacheEntry(d.data(), d.size());
4329  }
4330  else
4331  {
4332  uint old_size = m_bufWebDavData.size();
4333  m_bufWebDavData.resize (old_size + d.size());
4334  memcpy (m_bufWebDavData.data() + old_size, d.data(), d.size());
4335  }
4336 }
4337 
4347 bool HTTPProtocol::readBody( bool dataInternal /* = false */ )
4348 {
4349  if (m_responseCode == 204)
4350  return true;
4351 
4352  m_bEOD = false;
4353  // Note that when dataInternal is true, we are going to:
4354  // 1) save the body data to a member variable, m_bufWebDavData
4355  // 2) _not_ advertise the data, speed, size, etc., through the
4356  // corresponding functions.
4357  // This is used for returning data to WebDAV.
4358  m_dataInternal = dataInternal;
4359  if ( dataInternal )
4360  m_bufWebDavData.resize (0);
4361 
4362  // Check if we need to decode the data.
4363  // If we are in copy mode, then use only transfer decoding.
4364  bool useMD5 = !m_sContentMD5.isEmpty();
4365 
4366  // Deal with the size of the file.
4367  KIO::filesize_t sz = m_request.offset;
4368  if ( sz )
4369  m_iSize += sz;
4370 
4371  // Update the application with total size except when
4372  // it is compressed, or when the data is to be handled
4373  // internally (webDAV). If compressed we have to wait
4374  // until we uncompress to find out the actual data size
4375  if ( !dataInternal ) {
4376  if ( (m_iSize > 0) && (m_iSize != NO_SIZE)) {
4377  totalSize(m_iSize);
4378  infoMessage( i18n( "Retrieving %1 from %2...").arg(KIO::convertSize(m_iSize))
4379  .arg( m_request.hostname ) );
4380  }
4381  else
4382  {
4383  totalSize ( 0 );
4384  }
4385  }
4386  else
4387  infoMessage( i18n( "Retrieving from %1..." ).arg( m_request.hostname ) );
4388 
4389  if (m_request.bCachedRead)
4390  {
4391  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::readBody: read data from cache!" << endl;
4392  m_request.bCachedWrite = false;
4393 
4394  char buffer[ MAX_IPC_SIZE ];
4395 
4396  m_iContentLeft = NO_SIZE;
4397 
4398  // Jippie! It's already in the cache :-)
4399  while (!feof(m_request.fcache) && !ferror(m_request.fcache))
4400  {
4401  int nbytes = fread( buffer, 1, MAX_IPC_SIZE, m_request.fcache);
4402 
4403  if (nbytes > 0)
4404  {
4405  m_bufReceive.setRawData( buffer, nbytes);
4406  slotData( m_bufReceive );
4407  m_bufReceive.resetRawData( buffer, nbytes );
4408  sz += nbytes;
4409  }
4410  }
4411 
4412  m_bufReceive.resize( 0 );
4413 
4414  if ( !dataInternal )
4415  {
4416  processedSize( sz );
4417  data( TQByteArray() );
4418  }
4419 
4420  return true;
4421  }
4422 
4423 
4424  if (m_iSize != NO_SIZE)
4425  m_iBytesLeft = m_iSize - sz;
4426  else
4427  m_iBytesLeft = NO_SIZE;
4428 
4429  m_iContentLeft = m_iBytesLeft;
4430 
4431  if (m_bChunked)
4432  m_iBytesLeft = NO_SIZE;
4433 
4434  kdDebug(7113) << "(" << m_pid << ") HTTPProtocol::readBody: retrieve data. "
4435  << KIO::number(m_iBytesLeft) << " left." << endl;
4436 
4437  // Main incoming loop... Gather everything while we can...
4438  m_cpMimeBuffer = false;
4439  m_mimeTypeBuffer.resize(0);
4440  struct timeval last_tv;
4441  gettimeofday( &last_tv, 0L );
4442 
4443  HTTPFilterChain chain;
4444 
4445  TQObject::connect(&chain, TQT_SIGNAL(output(const TQByteArray &)),
4446  this, TQT_SLOT(slotData(const TQByteArray &)));
4447  TQObject::connect(&chain, TQT_SIGNAL(error(int, const TQString &)),
4448  this, TQT_SLOT(error(int, const TQString &)));
4449 
4450  // decode all of the transfer encodings
4451  while (!m_qTransferEncodings.isEmpty())
4452  {
4453  TQString enc = m_qTransferEncodings.last();
4454  m_qTransferEncodings.remove(m_qTransferEncodings.fromLast());
4455  if ( enc == "gzip" )
4456  chain.addFilter(new HTTPFilterGZip);
4457  else if ( enc == "deflate" )
4458  chain.addFilter(new HTTPFilterDeflate);
4459  }
4460 
4461  // From HTTP 1.1 Draft 6:
4462  // The MD5 digest is computed based on the content of the entity-body,
4463  // including any content-coding that has been applied, but not including
4464  // any transfer-encoding applied to the message-body. If the message is
4465  // received with a transfer-encoding, that encoding MUST be removed
4466  // prior to checking the Content-MD5 value against the received entity.
4467  HTTPFilterMD5 *md5Filter = 0;
4468  if ( useMD5 )
4469  {
4470  md5Filter = new HTTPFilterMD5;
4471  chain.addFilter(md5Filter);
4472  }
4473 
4474  // now decode all of the content encodings
4475  // -- Why ?? We are not
4476  // -- a proxy server, be a client side implementation!! The applications
4477  // -- are capable of determinig how to extract the encoded implementation.
4478  // WB: That's a misunderstanding. We are free to remove the encoding.
4479  // WB: Some braindead www-servers however, give .tgz files an encoding
4480  // WB: of "gzip" (or even "x-gzip") and a content-type of "applications/tar"
4481  // WB: They shouldn't do that. We can work around that though...
4482  while (!m_qContentEncodings.isEmpty())
4483  {
4484  TQString enc = m_qContentEncodings.last();
4485  m_qContentEncodings.remove(m_qContentEncodings.fromLast());
4486  if ( enc == "gzip" )
4487  chain.addFilter(new HTTPFilterGZip);
4488  else if ( enc == "deflate" )
4489  chain.addFilter(new HTTPFilterDeflate);
4490  }
4491 
4492  while (!m_bEOF)
4493  {
4494  int bytesReceived;
4495 
4496  if (m_bChunked)
4497  bytesReceived = readChunked();
4498  else if (m_iSize != NO_SIZE)
4499  bytesReceived = readLimited();
4500  else
4501  bytesReceived = readUnlimited();
4502 
4503  // make sure that this wasn't an error, first
4504  // kdDebug(7113) << "(" << (int) m_pid << ") readBody: bytesReceived: "
4505  // << (int) bytesReceived << " m_iSize: " << (int) m_iSize << " Chunked: "
4506  // << (int) m_bChunked << " BytesLeft: "<< (int) m_iBytesLeft << endl;
4507  if (bytesReceived == -1)
4508  {
4509  if (m_iContentLeft == 0)
4510  {
4511  // gzip'ed data sometimes reports a too long content-length.
4512  // (The length of the unzipped data)
4513  m_iBytesLeft = 0;
4514  break;
4515  }
4516  // Oh well... log an error and bug out
4517  kdDebug(7113) << "(" << m_pid << ") readBody: bytesReceived==-1 sz=" << (int)sz
4518  << " Connnection broken !" << endl;
4519  error(ERR_CONNECTION_BROKEN, m_state.hostname);
4520  return false;
4521  }
4522 
4523  // I guess that nbytes == 0 isn't an error.. but we certainly
4524  // won't work with it!
4525  if (bytesReceived > 0)
4526  {
4527  // Important: truncate the buffer to the actual size received!
4528  // Otherwise garbage will be passed to the app
4529  m_bufReceive.truncate( bytesReceived );
4530 
4531  chain.slotInput(m_bufReceive);
4532 
4533  if (m_bError)
4534  return false;
4535 
4536  sz += bytesReceived;
4537  if (!dataInternal)
4538  processedSize( sz );
4539  }
4540  m_bufReceive.resize(0); // res
4541 
4542  if (m_iBytesLeft && m_bEOD && !m_bChunked)
4543  {
4544  // gzip'ed data sometimes reports a too long content-length.
4545  // (The length of the unzipped data)
4546  m_iBytesLeft = 0;
4547  }
4548 
4549  if (m_iBytesLeft == 0)
4550  {
4551  kdDebug(7113) << "("<<m_pid<<") EOD received! Left = "<< KIO::number(m_iBytesLeft) << endl;
4552  break;
4553  }
4554  }
4555  chain.slotInput(TQByteArray()); // Flush chain.
4556 
4557  if ( useMD5 )
4558  {
4559  TQString calculatedMD5 = md5Filter->md5();
4560 
4561  if ( m_sContentMD5 == calculatedMD5 )
4562  kdDebug(7113) << "(" << m_pid << ") MD5 checksum MATCHED!!" << endl;
4563  else
4564  kdDebug(7113) << "(" << m_pid << ") MD5 checksum MISMATCH! Expected: "
4565  << calculatedMD5 << ", Got: " << m_sContentMD5 << endl;
4566  }
4567 
4568  // Close cache entry
4569  if (m_iBytesLeft == 0)
4570  {
4571  if (m_request.bCachedWrite && m_request.fcache)
4572  closeCacheEntry();
4573  else if (m_request.bCachedWrite)
4574  kdDebug(7113) << "(" << m_pid << ") no cache file!\n";
4575  }
4576  else
4577  {
4578  kdDebug(7113) << "(" << m_pid << ") still "<< KIO::number(m_iBytesLeft)
4579  << " bytes left! can't close cache entry!\n";
4580  }
4581 
4582  if (sz <= 1)
4583  {
4584  /* kdDebug(7113) << "(" << m_pid << ") readBody: sz = " << KIO::number(sz)
4585  << ", responseCode =" << m_responseCode << endl; */
4586  if (m_responseCode >= 500 && m_responseCode <= 599)
4587  error(ERR_INTERNAL_SERVER, m_state.hostname);
4588  else if (m_responseCode >= 400 && m_responseCode <= 499)
4589  error(ERR_DOES_NOT_EXIST, m_state.hostname);
4590  }
4591 
4592  if (!dataInternal)
4593  data( TQByteArray() );
4594 
4595  return true;
4596 }
4597 
4598 
4599 void HTTPProtocol::error( int _err, const TQString &_text )
4600 {
4601  httpClose(false);
4602 
4603  if (!m_request.id.isEmpty())
4604  {
4605  forwardHttpResponseHeader();
4606  sendMetaData();
4607  }
4608 
4609  // Clear of the temporary POST buffer if it is not empty...
4610  if (!m_bufPOST.isEmpty())
4611  {
4612  m_bufPOST.resize(0);
4613  kdDebug(7113) << "(" << m_pid << ") HTTP::retreiveHeader: Cleared POST "
4614  "buffer..." << endl;
4615  }
4616 
4617  SlaveBase::error( _err, _text );
4618  m_bError = true;
4619 }
4620 
4621 
4622 void HTTPProtocol::addCookies( const TQString &url, const TQCString &cookieHeader )
4623 {
4624  long windowId = m_request.window.toLong();
4625  TQByteArray params;
4626  TQDataStream stream(params, IO_WriteOnly);
4627  stream << url << cookieHeader << windowId;
4628 
4629  kdDebug(7113) << "(" << m_pid << ") " << cookieHeader << endl;
4630  kdDebug(7113) << "(" << m_pid << ") " << "Window ID: "
4631  << windowId << ", for host = " << url << endl;
4632 
4633  if ( !dcopClient()->send( "kded", "kcookiejar", "addCookies(TQString,TQCString,long int)", params ) )
4634  {
4635  kdWarning(7113) << "(" << m_pid << ") Can't communicate with kded_kcookiejar!" << endl;
4636  }
4637 }
4638 
4639 TQString HTTPProtocol::findCookies( const TQString &url)
4640 {
4641  TQCString replyType;
4642  TQByteArray params;
4643  TQByteArray reply;
4644  TQString result;
4645 
4646  long windowId = m_request.window.toLong();
4647  result = TQString::null;
4648  TQDataStream stream(params, IO_WriteOnly);
4649  stream << url << windowId;
4650 
4651  if ( !dcopClient()->call( "kded", "kcookiejar", "findCookies(TQString,long int)",
4652  params, replyType, reply ) )
4653  {
4654  kdWarning(7113) << "(" << m_pid << ") Can't communicate with kded_kcookiejar!" << endl;
4655  return result;
4656  }
4657  if ( replyType == "TQString" )
4658  {
4659  TQDataStream stream2( reply, IO_ReadOnly );
4660  stream2 >> result;
4661  }
4662  else
4663  {
4664  kdError(7113) << "(" << m_pid << ") DCOP function findCookies(...) returns "
4665  << replyType << ", expected TQString" << endl;
4666  }
4667  return result;
4668 }
4669 
4670 /******************************* CACHING CODE ****************************/
4671 
4672 
4673 void HTTPProtocol::cacheUpdate( const KURL& url, bool no_cache, time_t expireDate)
4674 {
4675  if ( !checkRequestURL( url ) )
4676  return;
4677 
4678  m_request.path = url.path();
4679  m_request.query = url.query();
4680  m_request.cache = CC_Reload;
4681  m_request.doProxy = m_bUseProxy;
4682 
4683  if (no_cache)
4684  {
4685  m_request.fcache = checkCacheEntry( );
4686  if (m_request.fcache)
4687  {
4688  fclose(m_request.fcache);
4689  m_request.fcache = 0;
4690  ::unlink( TQFile::encodeName(m_request.cef) );
4691  }
4692  }
4693  else
4694  {
4695  updateExpireDate( expireDate );
4696  }
4697  finished();
4698 }
4699 
4700 // !START SYNC!
4701 // The following code should be kept in sync
4702 // with the code in http_cache_cleaner.cpp
4703 
4704 FILE* HTTPProtocol::checkCacheEntry( bool readWrite)
4705 {
4706  const TQChar separator = '_';
4707 
4708  TQString CEF = m_request.path;
4709 
4710  int p = CEF.find('/');
4711 
4712  while(p != -1)
4713  {
4714  CEF[p] = separator;
4715  p = CEF.find('/', p);
4716  }
4717 
4718  TQString host = m_request.hostname.lower();
4719  CEF = host + CEF + '_';
4720 
4721  TQString dir = m_strCacheDir;
4722  if (dir[dir.length()-1] != '/')
4723  dir += "/";
4724 
4725  int l = host.length();
4726  for(int i = 0; i < l; i++)
4727  {
4728  if (host[i].isLetter() && (host[i] != 'w'))
4729  {
4730  dir += host[i];
4731  break;
4732  }
4733  }
4734  if (dir[dir.length()-1] == '/')
4735  dir += "0";
4736 
4737  unsigned long hash = 0x00000000;
4738  TQCString u = m_request.url.url().latin1();
4739  for(int i = u.length(); i--;)
4740  {
4741  hash = (hash * 12211 + static_cast<const char>(u.at(i))) % 2147483563;
4742  }
4743 
4744  TQString hashString;
4745  hashString.sprintf("%08lx", hash);
4746 
4747  CEF = CEF + hashString;
4748 
4749  CEF = dir + "/" + CEF;
4750 
4751  m_request.cef = CEF;
4752 
4753  const char *mode = (readWrite ? "r+" : "r");
4754 
4755  FILE *fs = fopen( TQFile::encodeName(CEF), mode); // Open for reading and writing
4756  if (!fs)
4757  return 0;
4758 
4759  char buffer[401];
4760  bool ok = true;
4761 
4762  // CacheRevision
4763  if (ok && (!fgets(buffer, 400, fs)))
4764  ok = false;
4765  if (ok && (strcmp(buffer, CACHE_REVISION) != 0))
4766  ok = false;
4767 
4768  time_t date;
4769  time_t currentDate = time(0);
4770 
4771  // URL
4772  if (ok && (!fgets(buffer, 400, fs)))
4773  ok = false;
4774  if (ok)
4775  {
4776  int l = strlen(buffer);
4777  if (l>0)
4778  buffer[l-1] = 0; // Strip newline
4779  if (m_request.url.url() != buffer)
4780  {
4781  ok = false; // Hash collision
4782  }
4783  }
4784 
4785  // Creation Date
4786  if (ok && (!fgets(buffer, 400, fs)))
4787  ok = false;
4788  if (ok)
4789  {
4790  date = (time_t) strtoul(buffer, 0, 10);
4791  m_request.creationDate = date;
4792  if (m_maxCacheAge && (difftime(currentDate, date) > m_maxCacheAge))
4793  {
4794  m_request.bMustRevalidate = true;
4795  m_request.expireDate = currentDate;
4796  }
4797  }
4798 
4799  // Expiration Date
4800  m_request.cacheExpireDateOffset = ftell(fs);
4801  if (ok && (!fgets(buffer, 400, fs)))
4802  ok = false;
4803  if (ok)
4804  {
4805  if (m_request.cache == CC_Verify)
4806  {
4807  date = (time_t) strtoul(buffer, 0, 10);
4808  // After the expire date we need to revalidate.
4809  if (!date || difftime(currentDate, date) >= 0)
4810  m_request.bMustRevalidate = true;
4811  m_request.expireDate = date;
4812  }
4813  else if (m_request.cache == CC_Refresh)
4814  {
4815  m_request.bMustRevalidate = true;
4816  m_request.expireDate = currentDate;
4817  }
4818  }
4819 
4820  // ETag
4821  if (ok && (!fgets(buffer, 400, fs)))
4822  ok = false;
4823  if (ok)
4824  {
4825  m_request.etag = TQString(buffer).stripWhiteSpace();
4826  }
4827 
4828  // Last-Modified
4829  if (ok && (!fgets(buffer, 400, fs)))
4830  ok = false;
4831  if (ok)
4832  {
4833  m_request.lastModified = TQString(buffer).stripWhiteSpace();
4834  }
4835 
4836  if (ok)
4837  return fs;
4838 
4839  fclose(fs);
4840  unlink( TQFile::encodeName(CEF));
4841  return 0;
4842 }
4843 
4844 void HTTPProtocol::updateExpireDate(time_t expireDate, bool updateCreationDate)
4845 {
4846  bool ok = true;
4847 
4848  FILE *fs = checkCacheEntry(true);
4849  if (fs)
4850  {
4851  TQString date;
4852  char buffer[401];
4853  time_t creationDate;
4854 
4855  fseek(fs, 0, SEEK_SET);
4856  if (ok && !fgets(buffer, 400, fs))
4857  ok = false;
4858  if (ok && !fgets(buffer, 400, fs))
4859  ok = false;
4860  long cacheCreationDateOffset = ftell(fs);
4861  if (ok && !fgets(buffer, 400, fs))
4862  ok = false;
4863  creationDate = strtoul(buffer, 0, 10);
4864  if (!creationDate)
4865  ok = false;
4866 
4867  if (updateCreationDate)
4868  {
4869  if (!ok || fseek(fs, cacheCreationDateOffset, SEEK_SET))
4870  return;
4871  TQString date;
4872  date.setNum( time(0) );
4873  date = date.leftJustify(16);
4874  fputs(date.latin1(), fs); // Creation date
4875  fputc('\n', fs);
4876  }
4877 
4878  if (expireDate>(30*365*24*60*60))
4879  {
4880  // expire date is a really a big number, it can't be
4881  // a relative date.
4882  date.setNum( expireDate );
4883  }
4884  else
4885  {
4886  // expireDate before 2000. those values must be
4887  // interpreted as relative expiration dates from
4888  // <META http-equiv="Expires"> tags.
4889  // so we have to scan the creation time and add
4890  // it to the expiryDate
4891  date.setNum( creationDate + expireDate );
4892  }
4893  date = date.leftJustify(16);
4894  if (!ok || fseek(fs, m_request.cacheExpireDateOffset, SEEK_SET))
4895  return;
4896  fputs(date.latin1(), fs); // Expire date
4897  fseek(fs, 0, SEEK_END);
4898  fclose(fs);
4899  }
4900 }
4901 
4902 void HTTPProtocol::createCacheEntry( const TQString &mimetype, time_t expireDate)
4903 {
4904  TQString dir = m_request.cef;
4905  int p = dir.findRev('/');
4906  if (p == -1) return; // Error.
4907  dir.truncate(p);
4908 
4909  // Create file
4910  (void) ::mkdir( TQFile::encodeName(dir), 0700 );
4911 
4912  TQString filename = m_request.cef + ".new"; // Create a new cache entryexpireDate
4913 
4914 // kdDebug( 7103 ) << "creating new cache entry: " << filename << endl;
4915 
4916  m_request.fcache = fopen( TQFile::encodeName(filename), "w");
4917  if (!m_request.fcache)
4918  {
4919  kdWarning(7113) << "(" << m_pid << ")createCacheEntry: opening " << filename << " failed." << endl;
4920  return; // Error.
4921  }
4922 
4923  fputs(CACHE_REVISION, m_request.fcache); // Revision
4924 
4925  fputs(m_request.url.url().latin1(), m_request.fcache); // Url
4926  fputc('\n', m_request.fcache);
4927 
4928  TQString date;
4929  m_request.creationDate = time(0);
4930  date.setNum( m_request.creationDate );
4931  date = date.leftJustify(16);
4932  fputs(date.latin1(), m_request.fcache); // Creation date
4933  fputc('\n', m_request.fcache);
4934 
4935  date.setNum( expireDate );
4936  date = date.leftJustify(16);
4937  fputs(date.latin1(), m_request.fcache); // Expire date
4938  fputc('\n', m_request.fcache);
4939 
4940  if (!m_request.etag.isEmpty())
4941  fputs(m_request.etag.latin1(), m_request.fcache); //ETag
4942  fputc('\n', m_request.fcache);
4943 
4944  if (!m_request.lastModified.isEmpty())
4945  fputs(m_request.lastModified.latin1(), m_request.fcache); // Last modified
4946  fputc('\n', m_request.fcache);
4947 
4948  fputs(mimetype.latin1(), m_request.fcache); // Mimetype
4949  fputc('\n', m_request.fcache);
4950 
4951  if (!m_request.strCharset.isEmpty())
4952  fputs(m_request.strCharset.latin1(), m_request.fcache); // Charset
4953  fputc('\n', m_request.fcache);
4954 
4955  return;
4956 }
4957 // The above code should be kept in sync
4958 // with the code in http_cache_cleaner.cpp
4959 // !END SYNC!
4960 
4961 void HTTPProtocol::writeCacheEntry( const char *buffer, int nbytes)
4962 {
4963  if (fwrite( buffer, nbytes, 1, m_request.fcache) != 1)
4964  {
4965  kdWarning(7113) << "(" << m_pid << ") writeCacheEntry: writing " << nbytes << " bytes failed." << endl;
4966  fclose(m_request.fcache);
4967  m_request.fcache = 0;
4968  TQString filename = m_request.cef + ".new";
4969  ::unlink( TQFile::encodeName(filename) );
4970  return;
4971  }
4972  long file_pos = ftell( m_request.fcache ) / 1024;
4973  if ( file_pos > m_maxCacheSize )
4974  {
4975  kdDebug(7113) << "writeCacheEntry: File size reaches " << file_pos
4976  << "Kb, exceeds cache limits. (" << m_maxCacheSize << "Kb)" << endl;
4977  fclose(m_request.fcache);
4978  m_request.fcache = 0;
4979  TQString filename = m_request.cef + ".new";
4980  ::unlink( TQFile::encodeName(filename) );
4981  return;
4982  }
4983 }
4984 
4985 void HTTPProtocol::closeCacheEntry()
4986 {
4987  TQString filename = m_request.cef + ".new";
4988  int result = fclose( m_request.fcache);
4989  m_request.fcache = 0;
4990  if (result == 0)
4991  {
4992  if (::rename( TQFile::encodeName(filename), TQFile::encodeName(m_request.cef)) == 0)
4993  return; // Success
4994 
4995  kdWarning(7113) << "(" << m_pid << ") closeCacheEntry: error renaming "
4996  << "cache entry. (" << filename << " -> " << m_request.cef
4997  << ")" << endl;
4998  }
4999 
5000  kdWarning(7113) << "(" << m_pid << ") closeCacheEntry: error closing cache "
5001  << "entry. (" << filename<< ")" << endl;
5002 }
5003 
5004 void HTTPProtocol::cleanCache()
5005 {
5006  const time_t maxAge = DEFAULT_CLEAN_CACHE_INTERVAL; // 30 Minutes.
5007  bool doClean = false;
5008  TQString cleanFile = m_strCacheDir;
5009  if (cleanFile[cleanFile.length()-1] != '/')
5010  cleanFile += "/";
5011  cleanFile += "cleaned";
5012 
5013  struct stat stat_buf;
5014 
5015  int result = ::stat(TQFile::encodeName(cleanFile), &stat_buf);
5016  if (result == -1)
5017  {
5018  int fd = creat( TQFile::encodeName(cleanFile), 0600);
5019  if (fd != -1)
5020  {
5021  doClean = true;
5022  ::close(fd);
5023  }
5024  }
5025  else
5026  {
5027  time_t age = (time_t) difftime( time(0), stat_buf.st_mtime );
5028  if (age > maxAge) //
5029  doClean = true;
5030  }
5031  if (doClean)
5032  {
5033  // Touch file.
5034  utime(TQFile::encodeName(cleanFile), 0);
5035  KApplication::startServiceByDesktopPath("http_cache_cleaner.desktop");
5036  }
5037 }
5038 
5039 
5040 
5041 //************************** AUTHENTICATION CODE ********************/
5042 
5043 
5044 void HTTPProtocol::configAuth( char *p, bool isForProxy )
5045 {
5046  HTTP_AUTH f = AUTH_None;
5047  const char *strAuth = p;
5048 
5049  if ( strncasecmp( p, "Basic", 5 ) == 0 )
5050  {
5051  f = AUTH_Basic;
5052  p += 5;
5053  strAuth = "Basic"; // Correct for upper-case variations.
5054  }
5055  else if ( strncasecmp (p, "Digest", 6) == 0 )
5056  {
5057  f = AUTH_Digest;
5058  memcpy((void *)p, "Digest", 6); // Correct for upper-case variations.
5059  p += 6;
5060  }
5061  else if (strncasecmp( p, "MBS_PWD_COOKIE", 14 ) == 0)
5062  {
5063  // Found on http://www.webscription.net/baen/default.asp
5064  f = AUTH_Basic;
5065  p += 14;
5066  strAuth = "Basic";
5067  }
5068 #ifdef HAVE_LIBGSSAPI
5069  else if ( strncasecmp( p, "Negotiate", 9 ) == 0 )
5070  {
5071  // if we get two 401 in a row let's assume for now that
5072  // Negotiate isn't working and ignore it
5073  if ( !isForProxy && !(m_responseCode == 401 && m_prevResponseCode == 401) )
5074  {
5075  f = AUTH_Negotiate;
5076  memcpy((void *)p, "Negotiate", 9); // Correct for upper-case variations.
5077  p += 9;
5078  };
5079  }
5080 #endif
5081  else if ( strncasecmp( p, "NTLM", 4 ) == 0 )
5082  {
5083  f = AUTH_NTLM;
5084  memcpy((void *)p, "NTLM", 4); // Correct for upper-case variations.
5085  p += 4;
5086  m_strRealm = "NTLM"; // set a dummy realm
5087  }
5088  else
5089  {
5090  kdWarning(7113) << "(" << m_pid << ") Unsupported or invalid authorization "
5091  << "type requested" << endl;
5092  if (isForProxy)
5093  kdWarning(7113) << "(" << m_pid << ") Proxy URL: " << m_proxyURL << endl;
5094  else
5095  kdWarning(7113) << "(" << m_pid << ") URL: " << m_request.url << endl;
5096  kdWarning(7113) << "(" << m_pid << ") Request Authorization: " << p << endl;
5097  }
5098 
5099  /*
5100  This check ensures the following:
5101  1.) Rejection of any unknown/unsupported authentication schemes
5102  2.) Usage of the strongest possible authentication schemes if
5103  and when multiple Proxy-Authenticate or WWW-Authenticate
5104  header field is sent.
5105  */
5106  if (isForProxy)
5107  {
5108  if ((f == AUTH_None) ||
5109  ((m_iProxyAuthCount > 0) && (f < ProxyAuthentication)))
5110  {
5111  // Since I purposefully made the Proxy-Authentication settings
5112  // persistent to reduce the number of round-trips to kdesud we
5113  // have to take special care when an unknown/unsupported auth-
5114  // scheme is received. This check accomplishes just that...
5115  if ( m_iProxyAuthCount == 0)
5116  ProxyAuthentication = f;
5117  kdDebug(7113) << "(" << m_pid << ") Rejected proxy auth method: " << f << endl;
5118  return;
5119  }
5120  m_iProxyAuthCount++;
5121  kdDebug(7113) << "(" << m_pid << ") Accepted proxy auth method: " << f << endl;
5122  }
5123  else
5124  {
5125  if ((f == AUTH_None) ||
5126  ((m_iWWWAuthCount > 0) && (f < Authentication)))
5127  {
5128  kdDebug(7113) << "(" << m_pid << ") Rejected auth method: " << f << endl;
5129  return;
5130  }
5131  m_iWWWAuthCount++;
5132  kdDebug(7113) << "(" << m_pid << ") Accepted auth method: " << f << endl;
5133  }
5134 
5135 
5136  while (*p)
5137  {
5138  int i = 0;
5139  while( (*p == ' ') || (*p == ',') || (*p == '\t') ) { p++; }
5140  if ( strncasecmp( p, "realm=", 6 ) == 0 )
5141  {
5142  //for sites like lib.homelinux.org
5143  TQTextCodec* oldCodec=TQTextCodec::codecForCStrings();
5144  if (KGlobal::locale()->language().contains("ru"))
5145  TQTextCodec::setCodecForCStrings(TQTextCodec::codecForName("CP1251"));
5146 
5147  p += 6;
5148  if (*p == '"') p++;
5149  while( p[i] && p[i] != '"' ) i++;
5150  if( isForProxy )
5151  m_strProxyRealm = TQString::fromAscii( p, i );
5152  else
5153  m_strRealm = TQString::fromAscii( p, i );
5154 
5155  TQTextCodec::setCodecForCStrings(oldCodec);
5156 
5157  if (!p[i]) break;
5158  }
5159  p+=(i+1);
5160  }
5161 
5162  if( isForProxy )
5163  {
5164  ProxyAuthentication = f;
5165  m_strProxyAuthorization = TQString::fromLatin1( strAuth );
5166  }
5167  else
5168  {
5169  Authentication = f;
5170  m_strAuthorization = TQString::fromLatin1( strAuth );
5171  }
5172 }
5173 
5174 
5175 bool HTTPProtocol::retryPrompt()
5176 {
5177  TQString prompt;
5178  switch ( m_responseCode )
5179  {
5180  case 401:
5181  prompt = i18n("Authentication Failed.");
5182  break;
5183  case 407:
5184  prompt = i18n("Proxy Authentication Failed.");
5185  break;
5186  default:
5187  break;
5188  }
5189  prompt += i18n(" Do you want to retry?");
5190  return (messageBox(QuestionYesNo, prompt, i18n("Authentication")) == 3);
5191 }
5192 
5193 void HTTPProtocol::promptInfo( AuthInfo& info )
5194 {
5195  if ( m_responseCode == 401 )
5196  {
5197  info.url = m_request.url;
5198  if ( !m_state.user.isEmpty() )
5199  info.username = m_state.user;
5200  info.readOnly = !m_request.url.user().isEmpty();
5201  info.prompt = i18n( "You need to supply a username and a "
5202  "password to access this site." );
5203  info.keepPassword = true; // Prompt the user for persistence as well.
5204  if ( !m_strRealm.isEmpty() )
5205  {
5206  info.realmValue = m_strRealm;
5207  info.verifyPath = false;
5208  info.digestInfo = m_strAuthorization;
5209  info.commentLabel = i18n( "Site:" );
5210  info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( htmlEscape(m_strRealm) ).arg( m_request.hostname );
5211  }
5212  }
5213  else if ( m_responseCode == 407 )
5214  {
5215  info.url = m_proxyURL;
5216  info.username = m_proxyURL.user();
5217  info.prompt = i18n( "You need to supply a username and a password for "
5218  "the proxy server listed below before you are allowed "
5219  "to access any sites." );
5220  info.keepPassword = true;
5221  if ( !m_strProxyRealm.isEmpty() )
5222  {
5223  info.realmValue = m_strProxyRealm;
5224  info.verifyPath = false;
5225  info.digestInfo = m_strProxyAuthorization;
5226  info.commentLabel = i18n( "Proxy:" );
5227  info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( htmlEscape(m_strProxyRealm) ).arg( m_proxyURL.host() );
5228  }
5229  }
5230 }
5231 
5232 bool HTTPProtocol::getAuthorization()
5233 {
5234  AuthInfo info;
5235  bool result = false;
5236 
5237  kdDebug (7113) << "(" << m_pid << ") HTTPProtocol::getAuthorization: "
5238  << "Current Response: " << m_responseCode << ", "
5239  << "Previous Response: " << m_prevResponseCode << ", "
5240  << "Authentication: " << Authentication << ", "
5241  << "ProxyAuthentication: " << ProxyAuthentication << endl;
5242 
5243  if (m_request.bNoAuth)
5244  {
5245  if (m_request.bErrorPage)
5246  errorPage();
5247  else
5248  error( ERR_COULD_NOT_LOGIN, i18n("Authentication needed for %1 but authentication is disabled.").arg(m_request.hostname));
5249  return false;
5250  }
5251 
5252  bool repeatFailure = (m_prevResponseCode == m_responseCode);
5253 
5254  TQString errorMsg;
5255 
5256  if (repeatFailure)
5257  {
5258  bool prompt = true;
5259  if ( Authentication == AUTH_Digest || ProxyAuthentication == AUTH_Digest )
5260  {
5261  bool isStaleNonce = false;
5262  TQString auth = ( m_responseCode == 401 ) ? m_strAuthorization : m_strProxyAuthorization;
5263  int pos = auth.find("stale", 0, false);
5264  if ( pos != -1 )
5265  {
5266  pos += 5;
5267  int len = auth.length();
5268  while( pos < len && (auth[pos] == ' ' || auth[pos] == '=') ) pos++;
5269  if ( pos < len && auth.find("true", pos, false) != -1 )
5270  {
5271  isStaleNonce = true;
5272  kdDebug(7113) << "(" << m_pid << ") Stale nonce value. "
5273  << "Will retry using same info..." << endl;
5274  }
5275  }
5276  if ( isStaleNonce )
5277  {
5278  prompt = false;
5279  result = true;
5280  if ( m_responseCode == 401 )
5281  {
5282  info.username = m_request.user;
5283  info.password = m_request.passwd;
5284  info.realmValue = m_strRealm;
5285  info.digestInfo = m_strAuthorization;
5286  }
5287  else if ( m_responseCode == 407 )
5288  {
5289  info.username = m_proxyURL.user();
5290  info.password = m_proxyURL.pass();
5291  info.realmValue = m_strProxyRealm;
5292  info.digestInfo = m_strProxyAuthorization;
5293  }
5294  }
5295  }
5296 
5297  if ( Authentication == AUTH_NTLM || ProxyAuthentication == AUTH_NTLM )
5298  {
5299  TQString auth = ( m_responseCode == 401 ) ? m_strAuthorization : m_strProxyAuthorization;
5300  kdDebug(7113) << "auth: " << auth << endl;
5301  if ( auth.length() > 4 )
5302  {
5303  prompt = false;
5304  result = true;
5305  kdDebug(7113) << "(" << m_pid << ") NTLM auth second phase, "
5306  << "sending response..." << endl;
5307  if ( m_responseCode == 401 )
5308  {
5309  info.username = m_request.user;
5310  info.password = m_request.passwd;
5311  info.realmValue = m_strRealm;
5312  info.digestInfo = m_strAuthorization;
5313  }
5314  else if ( m_responseCode == 407 )
5315  {
5316  info.username = m_proxyURL.user();
5317  info.password = m_proxyURL.pass();
5318  info.realmValue = m_strProxyRealm;
5319  info.digestInfo = m_strProxyAuthorization;
5320  }
5321  }
5322  }
5323 
5324  if ( prompt )
5325  {
5326  switch ( m_responseCode )
5327  {
5328  case 401:
5329  errorMsg = i18n("Authentication Failed.");
5330  break;
5331  case 407:
5332  errorMsg = i18n("Proxy Authentication Failed.");
5333  break;
5334  default:
5335  break;
5336  }
5337  }
5338  }
5339  else
5340  {
5341  // At this point we know more details, so use it to find
5342  // out if we have a cached version and avoid a re-prompt!
5343  // We also do not use verify path unlike the pre-emptive
5344  // requests because we already know the realm value...
5345 
5346  if (m_bProxyAuthValid)
5347  {
5348  // Reset cached proxy auth
5349  m_bProxyAuthValid = false;
5350  KURL proxy ( config()->readEntry("UseProxy") );
5351  m_proxyURL.setUser(proxy.user());
5352  m_proxyURL.setPass(proxy.pass());
5353  }
5354 
5355  info.verifyPath = false;
5356  if ( m_responseCode == 407 )
5357  {
5358  info.url = m_proxyURL;
5359  info.username = m_proxyURL.user();
5360  info.password = m_proxyURL.pass();
5361  info.realmValue = m_strProxyRealm;
5362  info.digestInfo = m_strProxyAuthorization;
5363  }
5364  else
5365  {
5366  info.url = m_request.url;
5367  info.username = m_request.user;
5368  info.password = m_request.passwd;
5369  info.realmValue = m_strRealm;
5370  info.digestInfo = m_strAuthorization;
5371  }
5372 
5373  // If either username or password is not supplied
5374  // with the request, check the password cache.
5375  if ( info.username.isNull() ||
5376  info.password.isNull() )
5377  result = checkCachedAuthentication( info );
5378 
5379  if ( Authentication == AUTH_Digest )
5380  {
5381  TQString auth;
5382 
5383  if (m_responseCode == 401)
5384  auth = m_strAuthorization;
5385  else
5386  auth = m_strProxyAuthorization;
5387 
5388  int pos = auth.find("stale", 0, false);
5389  if ( pos != -1 )
5390  {
5391  pos += 5;
5392  int len = auth.length();
5393  while( pos < len && (auth[pos] == ' ' || auth[pos] == '=') ) pos++;
5394  if ( pos < len && auth.find("true", pos, false) != -1 )
5395  {
5396  info.digestInfo = (m_responseCode == 401) ? m_strAuthorization : m_strProxyAuthorization;
5397  kdDebug(7113) << "(" << m_pid << ") Just a stale nonce value! "
5398  << "Retrying using the new nonce sent..." << endl;
5399  }
5400  }
5401  }
5402  }
5403 
5404  if (!result )
5405  {
5406  // Do not prompt if the username & password
5407  // is already supplied and the login attempt
5408  // did not fail before.
5409  if ( !repeatFailure &&
5410  !info.username.isNull() &&
5411  !info.password.isNull() )
5412  result = true;
5413  else
5414  {
5415  if (Authentication == AUTH_Negotiate)
5416  {
5417  if (!repeatFailure)
5418  result = true;
5419  }
5420  else if ( m_request.disablePassDlg == false )
5421  {
5422  kdDebug( 7113 ) << "(" << m_pid << ") Prompting the user for authorization..." << endl;
5423  promptInfo( info );
5424  result = openPassDlg( info, errorMsg );
5425  }
5426  }
5427  }
5428 
5429  if ( result )
5430  {
5431  switch (m_responseCode)
5432  {
5433  case 401: // Request-Authentication
5434  m_request.user = info.username;
5435  m_request.passwd = info.password;
5436  m_strRealm = info.realmValue;
5437  m_strAuthorization = info.digestInfo;
5438  break;
5439  case 407: // Proxy-Authentication
5440  m_proxyURL.setUser( info.username );
5441  m_proxyURL.setPass( info.password );
5442  m_strProxyRealm = info.realmValue;
5443  m_strProxyAuthorization = info.digestInfo;
5444  break;
5445  default:
5446  break;
5447  }
5448  return true;
5449  }
5450 
5451  if (m_request.bErrorPage)
5452  errorPage();
5453  else
5454  error( ERR_USER_CANCELED, TQString::null );
5455  return false;
5456 }
5457 
5458 void HTTPProtocol::saveAuthorization()
5459 {
5460  AuthInfo info;
5461  if ( m_prevResponseCode == 407 )
5462  {
5463  if (!m_bUseProxy)
5464  return;
5465  m_bProxyAuthValid = true;
5466  info.url = m_proxyURL;
5467  info.username = m_proxyURL.user();
5468  info.password = m_proxyURL.pass();
5469  info.realmValue = m_strProxyRealm;
5470  info.digestInfo = m_strProxyAuthorization;
5471  cacheAuthentication( info );
5472  }
5473  else
5474  {
5475  info.url = m_request.url;
5476  info.username = m_request.user;
5477  info.password = m_request.passwd;
5478  info.realmValue = m_strRealm;
5479  info.digestInfo = m_strAuthorization;
5480  cacheAuthentication( info );
5481  }
5482 }
5483 
5484 #ifdef HAVE_LIBGSSAPI
5485 TQCString HTTPProtocol::gssError( int major_status, int minor_status )
5486 {
5487  OM_uint32 new_status;
5488  OM_uint32 msg_ctx = 0;
5489  gss_buffer_desc major_string;
5490  gss_buffer_desc minor_string;
5491  OM_uint32 ret;
5492  TQCString errorstr;
5493 
5494  errorstr = "";
5495 
5496  do {
5497  ret = gss_display_status(&new_status, major_status, GSS_C_GSS_CODE, GSS_C_NULL_OID, &msg_ctx, &major_string);
5498  errorstr += (const char *)major_string.value;
5499  errorstr += " ";
5500  ret = gss_display_status(&new_status, minor_status, GSS_C_MECH_CODE, GSS_C_NULL_OID, &msg_ctx, &minor_string);
5501  errorstr += (const char *)minor_string.value;
5502  errorstr += " ";
5503  } while (!GSS_ERROR(ret) && msg_ctx != 0);
5504 
5505  return errorstr;
5506 }
5507 
5508 TQString HTTPProtocol::createNegotiateAuth()
5509 {
5510  TQString auth;
5511  TQCString servicename;
5512  TQByteArray input;
5513  OM_uint32 major_status, minor_status;
5514  OM_uint32 req_flags = 0;
5515  gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
5516  gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
5517  gss_name_t server;
5518  gss_ctx_id_t ctx;
5519  gss_OID mech_oid;
5520  static gss_OID_desc krb5_oid_desc = {9, (void *) "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"};
5521  static gss_OID_desc spnego_oid_desc = {6, (void *) "\x2b\x06\x01\x05\x05\x02"};
5522  int found = 0;
5523  unsigned int i;
5524  gss_OID_set mech_set;
5525  gss_OID tmp_oid;
5526 
5527  ctx = GSS_C_NO_CONTEXT;
5528  mech_oid = &krb5_oid_desc;
5529 
5530  // see whether we can use the SPNEGO mechanism
5531  major_status = gss_indicate_mechs(&minor_status, &mech_set);
5532  if (GSS_ERROR(major_status)) {
5533  kdDebug(7113) << "(" << m_pid << ") gss_indicate_mechs failed: " << gssError(major_status, minor_status) << endl;
5534  } else {
5535  for (i=0; i<mech_set->count && !found; i++) {
5536  tmp_oid = &mech_set->elements[i];
5537  if (tmp_oid->length == spnego_oid_desc.length &&
5538  !memcmp(tmp_oid->elements, spnego_oid_desc.elements, tmp_oid->length)) {
5539  kdDebug(7113) << "(" << m_pid << ") createNegotiateAuth: found SPNEGO mech" << endl;
5540  found = 1;
5541  mech_oid = &spnego_oid_desc;
5542  break;
5543  }
5544  }
5545  gss_release_oid_set(&minor_status, &mech_set);
5546  }
5547 
5548  // the service name is "HTTP/f.q.d.n"
5549  servicename = "HTTP@";
5550  servicename += m_state.hostname.ascii();
5551 
5552  input_token.value = (void *)servicename.data();
5553  input_token.length = servicename.length() + 1;
5554 
5555  major_status = gss_import_name(&minor_status, &input_token,
5556  GSS_C_NT_HOSTBASED_SERVICE, &server);
5557 
5558  input_token.value = NULL;
5559  input_token.length = 0;
5560 
5561  if (GSS_ERROR(major_status)) {
5562  kdDebug(7113) << "(" << m_pid << ") gss_import_name failed: " << gssError(major_status, minor_status) << endl;
5563  // reset the auth string so that subsequent methods aren't confused
5564  m_strAuthorization = TQString::null;
5565  return TQString::null;
5566  }
5567 
5568  major_status = gss_init_sec_context(&minor_status, GSS_C_NO_CREDENTIAL,
5569  &ctx, server, mech_oid,
5570  req_flags, GSS_C_INDEFINITE,
5571  GSS_C_NO_CHANNEL_BINDINGS,
5572  GSS_C_NO_BUFFER, NULL, &output_token,
5573  NULL, NULL);
5574 
5575 
5576  if (GSS_ERROR(major_status) || (output_token.length == 0)) {
5577  kdDebug(7113) << "(" << m_pid << ") gss_init_sec_context failed: " << gssError(major_status, minor_status) << endl;
5578  gss_release_name(&minor_status, &server);
5579  if (ctx != GSS_C_NO_CONTEXT) {
5580  gss_delete_sec_context(&minor_status, &ctx, GSS_C_NO_BUFFER);
5581  ctx = GSS_C_NO_CONTEXT;
5582  }
5583  // reset the auth string so that subsequent methods aren't confused
5584  m_strAuthorization = TQString::null;
5585  return TQString::null;
5586  }
5587 
5588  input.duplicate((const char *)output_token.value, output_token.length);
5589  auth = "Authorization: Negotiate ";
5590  auth += KCodecs::base64Encode( input );
5591  auth += "\r\n";
5592 
5593  // free everything
5594  gss_release_name(&minor_status, &server);
5595  if (ctx != GSS_C_NO_CONTEXT) {
5596  gss_delete_sec_context(&minor_status, &ctx, GSS_C_NO_BUFFER);
5597  ctx = GSS_C_NO_CONTEXT;
5598  }
5599  gss_release_buffer(&minor_status, &output_token);
5600 
5601  return auth;
5602 }
5603 #else
5604 
5605 // Dummy
5606 TQCString HTTPProtocol::gssError( int, int )
5607 {
5608  return "";
5609 }
5610 
5611 // Dummy
5612 TQString HTTPProtocol::createNegotiateAuth()
5613 {
5614  return TQString::null;
5615 }
5616 #endif
5617 
5618 TQString HTTPProtocol::createNTLMAuth( bool isForProxy )
5619 {
5620  uint len;
5621  TQString auth, user, domain, passwd;
5622  TQCString strauth;
5623  TQByteArray buf;
5624 
5625  if ( isForProxy )
5626  {
5627  auth = "Proxy-Connection: Keep-Alive\r\n";
5628  auth += "Proxy-Authorization: NTLM ";
5629  user = m_proxyURL.user();
5630  passwd = m_proxyURL.pass();
5631  strauth = m_strProxyAuthorization.latin1();
5632  len = m_strProxyAuthorization.length();
5633  }
5634  else
5635  {
5636  auth = "Authorization: NTLM ";
5637  user = m_state.user;
5638  passwd = m_state.passwd;
5639  strauth = m_strAuthorization.latin1();
5640  len = m_strAuthorization.length();
5641  }
5642  if ( user.contains('\\') ) {
5643  domain = user.section( '\\', 0, 0);
5644  user = user.section( '\\', 1 );
5645  }
5646 
5647  kdDebug(7113) << "(" << m_pid << ") NTLM length: " << len << endl;
5648  if ( user.isEmpty() || passwd.isEmpty() || len < 4 )
5649  return TQString::null;
5650 
5651  if ( len > 4 )
5652  {
5653  // create a response
5654  TQByteArray challenge;
5655  KCodecs::base64Decode( strauth.right( len - 5 ), challenge );
5656  KNTLM::getAuth( buf, challenge, user, passwd, domain,
5657  KNetwork::KResolver::localHostName(), false, false );
5658  }
5659  else
5660  {
5661  KNTLM::getNegotiate( buf );
5662  }
5663 
5664  // remove the challenge to prevent reuse
5665  if ( isForProxy )
5666  m_strProxyAuthorization = "NTLM";
5667  else
5668  m_strAuthorization = "NTLM";
5669 
5670  auth += KCodecs::base64Encode( buf );
5671  auth += "\r\n";
5672 
5673  return auth;
5674 }
5675 
5676 TQString HTTPProtocol::createBasicAuth( bool isForProxy )
5677 {
5678  TQString auth;
5679  TQCString user, passwd;
5680  if ( isForProxy )
5681  {
5682  auth = "Proxy-Authorization: Basic ";
5683  user = m_proxyURL.user().latin1();
5684  passwd = m_proxyURL.pass().latin1();
5685  }
5686  else
5687  {
5688  auth = "Authorization: Basic ";
5689  user = m_state.user.latin1();
5690  passwd = m_state.passwd.latin1();
5691  }
5692 
5693  if ( user.isEmpty() )
5694  user = "";
5695  if ( passwd.isEmpty() )
5696  passwd = "";
5697 
5698  user += ':';
5699  user += passwd;
5700  auth += KCodecs::base64Encode( user );
5701  auth += "\r\n";
5702 
5703  return auth;
5704 }
5705 
5706 void HTTPProtocol::calculateResponse( DigestAuthInfo& info, TQCString& Response )
5707 {
5708  KMD5 md;
5709  TQCString HA1;
5710  TQCString HA2;
5711 
5712  // Calculate H(A1)
5713  TQCString authStr = info.username;
5714  authStr += ':';
5715  authStr += info.realm;
5716  authStr += ':';
5717  authStr += info.password;
5718  md.update( authStr );
5719 
5720  if ( info.algorithm.lower() == "md5-sess" )
5721  {
5722  authStr = md.hexDigest();
5723  authStr += ':';
5724  authStr += info.nonce;
5725  authStr += ':';
5726  authStr += info.cnonce;
5727  md.reset();
5728  md.update( authStr );
5729  }
5730  HA1 = md.hexDigest();
5731 
5732  kdDebug(7113) << "(" << m_pid << ") calculateResponse(): A1 => " << HA1 << endl;
5733 
5734  // Calcualte H(A2)
5735  authStr = info.method;
5736  authStr += ':';
5737  authStr += m_request.url.encodedPathAndQuery(0, true).latin1();
5738  if ( info.qop == "auth-int" )
5739  {
5740  authStr += ':';
5741  authStr += info.entityBody;
5742  }
5743  md.reset();
5744  md.update( authStr );
5745  HA2 = md.hexDigest();
5746 
5747  kdDebug(7113) << "(" << m_pid << ") calculateResponse(): A2 => "
5748  << HA2 << endl;
5749 
5750  // Calcualte the response.
5751  authStr = HA1;
5752  authStr += ':';
5753  authStr += info.nonce;
5754  authStr += ':';
5755  if ( !info.qop.isEmpty() )
5756  {
5757  authStr += info.nc;
5758  authStr += ':';
5759  authStr += info.cnonce;
5760  authStr += ':';
5761  authStr += info.qop;
5762  authStr += ':';
5763  }
5764  authStr += HA2;
5765  md.reset();
5766  md.update( authStr );
5767  Response = md.hexDigest();
5768 
5769  kdDebug(7113) << "(" << m_pid << ") calculateResponse(): Response => "
5770  << Response << endl;
5771 }
5772 
5773 TQString HTTPProtocol::createDigestAuth ( bool isForProxy )
5774 {
5775  const char *p;
5776 
5777  TQString auth;
5778  TQCString opaque;
5779  TQCString Response;
5780 
5781  DigestAuthInfo info;
5782 
5783  opaque = "";
5784  if ( isForProxy )
5785  {
5786  auth = "Proxy-Authorization: Digest ";
5787  info.username = m_proxyURL.user().latin1();
5788  info.password = m_proxyURL.pass().latin1();
5789  p = m_strProxyAuthorization.latin1();
5790  }
5791  else
5792  {
5793  auth = "Authorization: Digest ";
5794  info.username = m_state.user.latin1();
5795  info.password = m_state.passwd.latin1();
5796  p = m_strAuthorization.latin1();
5797  }
5798  if (!p || !*p)
5799  return TQString::null;
5800 
5801  p += 6; // Skip "Digest"
5802 
5803  if ( info.username.isEmpty() || info.password.isEmpty() || !p )
5804  return TQString::null;
5805 
5806  // info.entityBody = p; // FIXME: send digest of data for POST action ??
5807  info.realm = "";
5808  info.algorithm = "MD5";
5809  info.nonce = "";
5810  info.qop = "";
5811 
5812  // cnonce is recommended to contain about 64 bits of entropy
5813  info.cnonce = KApplication::randomString(16).latin1();
5814 
5815  // HACK: Should be fixed according to RFC 2617 section 3.2.2
5816  info.nc = "00000001";
5817 
5818  // Set the method used...
5819  switch ( m_request.method )
5820  {
5821  case HTTP_GET:
5822  info.method = "GET";
5823  break;
5824  case HTTP_PUT:
5825  info.method = "PUT";
5826  break;
5827  case HTTP_POST:
5828  info.method = "POST";
5829  break;
5830  case HTTP_HEAD:
5831  info.method = "HEAD";
5832  break;
5833  case HTTP_DELETE:
5834  info.method = "DELETE";
5835  break;
5836  case DAV_PROPFIND:
5837  info.method = "PROPFIND";
5838  break;
5839  case DAV_PROPPATCH:
5840  info.method = "PROPPATCH";
5841  break;
5842  case DAV_MKCOL:
5843  info.method = "MKCOL";
5844  break;
5845  case DAV_COPY:
5846  info.method = "COPY";
5847  break;
5848  case DAV_MOVE:
5849  info.method = "MOVE";
5850  break;
5851  case DAV_LOCK:
5852  info.method = "LOCK";
5853  break;
5854  case DAV_UNLOCK:
5855  info.method = "UNLOCK";
5856  break;
5857  case DAV_SEARCH:
5858  info.method = "SEARCH";
5859  break;
5860  case DAV_SUBSCRIBE:
5861  info.method = "SUBSCRIBE";
5862  break;
5863  case DAV_UNSUBSCRIBE:
5864  info.method = "UNSUBSCRIBE";
5865  break;
5866  case DAV_POLL:
5867  info.method = "POLL";
5868  break;
5869  default:
5870  error( ERR_UNSUPPORTED_ACTION, i18n("Unsupported method: authentication will fail. Please submit a bug report."));
5871  break;
5872  }
5873 
5874  // Parse the Digest response....
5875  while (*p)
5876  {
5877  int i = 0;
5878  while ( (*p == ' ') || (*p == ',') || (*p == '\t')) { p++; }
5879  if (strncasecmp(p, "realm=", 6 )==0)
5880  {
5881  p+=6;
5882  while ( *p == '"' ) p++; // Go past any number of " mark(s) first
5883  while ( p[i] != '"' ) i++; // Read everything until the last " mark
5884  info.realm = TQCString( p, i+1 );
5885  }
5886  else if (strncasecmp(p, "algorith=", 9)==0)
5887  {
5888  p+=9;
5889  while ( *p == '"' ) p++; // Go past any number of " mark(s) first
5890  while ( ( p[i] != '"' ) && ( p[i] != ',' ) && ( p[i] != '\0' ) ) i++;
5891  info.algorithm = TQCString(p, i+1);
5892  }
5893  else if (strncasecmp(p, "algorithm=", 10)==0)
5894  {
5895  p+=10;
5896  while ( *p == '"' ) p++; // Go past any " mark(s) first
5897  while ( ( p[i] != '"' ) && ( p[i] != ',' ) && ( p[i] != '\0' ) ) i++;
5898  info.algorithm = TQCString(p,i+1);
5899  }
5900  else if (strncasecmp(p, "domain=", 7)==0)
5901  {
5902  p+=7;
5903  while ( *p == '"' ) p++; // Go past any " mark(s) first
5904  while ( p[i] != '"' ) i++; // Read everything until the last " mark
5905  int pos;
5906  int idx = 0;
5907  TQCString uri = TQCString(p,i+1);
5908  do
5909  {
5910  pos = uri.find( ' ', idx );
5911  if ( pos != -1 )
5912  {
5913  KURL u (m_request.url, uri.mid(idx, pos-idx));
5914  if (u.isValid ())
5915  info.digestURI.append( u.url().latin1() );
5916  }
5917  else
5918  {
5919  KURL u (m_request.url, uri.mid(idx, uri.length()-idx));
5920  if (u.isValid ())
5921  info.digestURI.append( u.url().latin1() );
5922  }
5923  idx = pos+1;
5924  } while ( pos != -1 );
5925  }
5926  else if (strncasecmp(p, "nonce=", 6)==0)
5927  {
5928  p+=6;
5929  while ( *p == '"' ) p++; // Go past any " mark(s) first
5930  while ( p[i] != '"' ) i++; // Read everything until the last " mark
5931  info.nonce = TQCString(p,i+1);
5932  }
5933  else if (strncasecmp(p, "opaque=", 7)==0)
5934  {
5935  p+=7;
5936  while ( *p == '"' ) p++; // Go past any " mark(s) first
5937  while ( p[i] != '"' ) i++; // Read everything until the last " mark
5938  opaque = TQCString(p,i+1);
5939  }
5940  else if (strncasecmp(p, "qop=", 4)==0)
5941  {
5942  p+=4;
5943  while ( *p == '"' ) p++; // Go past any " mark(s) first
5944  while ( p[i] != '"' ) i++; // Read everything until the last " mark
5945  info.qop = TQCString(p,i+1);
5946  }
5947  p+=(i+1);
5948  }
5949 
5950  if (info.realm.isEmpty() || info.nonce.isEmpty())
5951  return TQString::null;
5952 
5953  // If the "domain" attribute was not specified and the current response code
5954  // is authentication needed, add the current request url to the list over which
5955  // this credential can be automatically applied.
5956  if (info.digestURI.isEmpty() && (m_responseCode == 401 || m_responseCode == 407))
5957  info.digestURI.append (m_request.url.url().latin1());
5958  else
5959  {
5960  // Verify whether or not we should send a cached credential to the
5961  // server based on the stored "domain" attribute...
5962  bool send = true;
5963 
5964  // Determine the path of the request url...
5965  TQString requestPath = m_request.url.directory(false, false);
5966  if (requestPath.isEmpty())
5967  requestPath = "/";
5968 
5969  int count = info.digestURI.count();
5970 
5971  for (int i = 0; i < count; i++ )
5972  {
5973  KURL u ( info.digestURI.at(i) );
5974 
5975  send &= (m_request.url.protocol().lower() == u.protocol().lower());
5976  send &= (m_request.hostname.lower() == u.host().lower());
5977 
5978  if (m_request.port > 0 && u.port() > 0)
5979  send &= (m_request.port == u.port());
5980 
5981  TQString digestPath = u.directory (false, false);
5982  if (digestPath.isEmpty())
5983  digestPath = "/";
5984 
5985  send &= (requestPath.startsWith(digestPath));
5986 
5987  if (send)
5988  break;
5989  }
5990 
5991  kdDebug(7113) << "(" << m_pid << ") createDigestAuth(): passed digest "
5992  "authentication credential test: " << send << endl;
5993 
5994  if (!send)
5995  return TQString::null;
5996  }
5997 
5998  kdDebug(7113) << "(" << m_pid << ") RESULT OF PARSING:" << endl;
5999  kdDebug(7113) << "(" << m_pid << ") algorithm: " << info.algorithm << endl;
6000  kdDebug(7113) << "(" << m_pid << ") realm: " << info.realm << endl;
6001  kdDebug(7113) << "(" << m_pid << ") nonce: " << info.nonce << endl;
6002  kdDebug(7113) << "(" << m_pid << ") opaque: " << opaque << endl;
6003  kdDebug(7113) << "(" << m_pid << ") qop: " << info.qop << endl;
6004 
6005  // Calculate the response...
6006  calculateResponse( info, Response );
6007 
6008  auth += "username=\"";
6009  auth += info.username;
6010 
6011  auth += "\", realm=\"";
6012  auth += info.realm;
6013  auth += "\"";
6014 
6015  auth += ", nonce=\"";
6016  auth += info.nonce;
6017 
6018  auth += "\", uri=\"";
6019  auth += m_request.url.encodedPathAndQuery(0, true);
6020 
6021  auth += "\", algorithm=\"";
6022  auth += info.algorithm;
6023  auth +="\"";
6024 
6025  if ( !info.qop.isEmpty() )
6026  {
6027  auth += ", qop=\"";
6028  auth += info.qop;
6029  auth += "\", cnonce=\"";
6030  auth += info.cnonce;
6031  auth += "\", nc=";
6032  auth += info.nc;
6033  }
6034 
6035  auth += ", response=\"";
6036  auth += Response;
6037  if ( !opaque.isEmpty() )
6038  {
6039  auth += "\", opaque=\"";
6040  auth += opaque;
6041  }
6042  auth += "\"\r\n";
6043 
6044  return auth;
6045 }
6046 
6047 TQString HTTPProtocol::proxyAuthenticationHeader()
6048 {
6049  TQString header;
6050 
6051  // We keep proxy authentication locally until they are changed.
6052  // Thus, no need to check with the password manager for every
6053  // connection.
6054  if ( m_strProxyRealm.isEmpty() )
6055  {
6056  AuthInfo info;
6057  info.url = m_proxyURL;
6058  info.username = m_proxyURL.user();
6059  info.password = m_proxyURL.pass();
6060  info.verifyPath = true;
6061 
6062  // If the proxy URL already contains username
6063  // and password simply attempt to retrieve it
6064  // without prompting the user...
6065  if ( !info.username.isNull() && !info.password.isNull() )
6066  {
6067  if( m_strProxyAuthorization.isEmpty() )
6068  ProxyAuthentication = AUTH_None;
6069  else if( m_strProxyAuthorization.startsWith("Basic") )
6070  ProxyAuthentication = AUTH_Basic;
6071  else if( m_strProxyAuthorization.startsWith("NTLM") )
6072  ProxyAuthentication = AUTH_NTLM;
6073  else
6074  ProxyAuthentication = AUTH_Digest;
6075  }
6076  else
6077  {
6078  if ( checkCachedAuthentication(info) && !info.digestInfo.isEmpty() )
6079  {
6080  m_proxyURL.setUser( info.username );
6081  m_proxyURL.setPass( info.password );
6082  m_strProxyRealm = info.realmValue;
6083  m_strProxyAuthorization = info.digestInfo;
6084  if( m_strProxyAuthorization.startsWith("Basic") )
6085  ProxyAuthentication = AUTH_Basic;
6086  else if( m_strProxyAuthorization.startsWith("NTLM") )
6087  ProxyAuthentication = AUTH_NTLM;
6088  else
6089  ProxyAuthentication = AUTH_Digest;
6090  }
6091  else
6092  {
6093  ProxyAuthentication = AUTH_None;
6094  }
6095  }
6096  }
6097 
6098  /********* Only for debugging purpose... *********/
6099  if ( ProxyAuthentication != AUTH_None )
6100  {
6101  kdDebug(7113) << "(" << m_pid << ") Using Proxy Authentication: " << endl;
6102  kdDebug(7113) << "(" << m_pid << ") HOST= " << m_proxyURL.host() << endl;
6103  kdDebug(7113) << "(" << m_pid << ") PORT= " << m_proxyURL.port() << endl;
6104  kdDebug(7113) << "(" << m_pid << ") USER= " << m_proxyURL.user() << endl;
6105  kdDebug(7113) << "(" << m_pid << ") PASSWORD= [protected]" << endl;
6106  kdDebug(7113) << "(" << m_pid << ") REALM= " << m_strProxyRealm << endl;
6107  kdDebug(7113) << "(" << m_pid << ") EXTRA= " << m_strProxyAuthorization << endl;
6108  }
6109 
6110  switch ( ProxyAuthentication )
6111  {
6112  case AUTH_Basic:
6113  header += createBasicAuth( true );
6114  break;
6115  case AUTH_Digest:
6116  header += createDigestAuth( true );
6117  break;
6118  case AUTH_NTLM:
6119  if ( m_bFirstRequest ) header += createNTLMAuth( true );
6120  break;
6121  case AUTH_None:
6122  default:
6123  break;
6124  }
6125 
6126  return header;
6127 }
6128 
6129 #include "http.moc"

kioslave/http

Skip menu "kioslave/http"
  • Main Page
  • Alphabetical List
  • Class List
  • File List

kioslave/http

Skip menu "kioslave/http"
  • arts
  • dcop
  • dnssd
  • interfaces
  •     interface
  •     library
  •   kspeech
  •   ktexteditor
  • kabc
  • kate
  • kcmshell
  • kdecore
  • kded
  • kdefx
  • kdeprint
  • kdesu
  • kdeui
  • kdoctools
  • khtml
  • kimgio
  • kinit
  • kio
  •   bookmarks
  •   httpfilter
  •   kfile
  •   kio
  •   kioexec
  •   kpasswdserver
  •   kssl
  • kioslave
  •   http
  • kjs
  • kmdi
  •   kmdi
  • knewstuff
  • kparts
  • krandr
  • kresources
  • kspell2
  • kunittest
  • kutils
  • kwallet
  • libkmid
  • libkscreensaver
Generated for kioslave/http by doxygen 1.8.3.1
This website is maintained by Timothy Pearson.
KDE® and the K Desktop Environment® logo are registered trademarks of KDE e.V. |