1 /**
2 * @file
3 * HTTPD example for simple POST
4 */
5
6 /*
7 * Copyright (c) 2017 Simon Goldschmidt
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without modification,
11 * are permitted provided that the following conditions are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright notice,
14 * this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 * 3. The name of the author may not be used to endorse or promote products
19 * derived from this software without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
24 * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
25 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
26 * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
29 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
30 * OF SUCH DAMAGE.
31 *
32 * This file is part of the lwIP TCP/IP stack.
33 *
34 * Author: Simon Goldschmidt <goldsimon@gmx.de>
35 *
36 */
37
38 #include "lwip/opt.h"
39
40 #include "lwip/apps/httpd.h"
41 #include "lwip/def.h"
42 #include "lwip/mem.h"
43
44 #include <stdio.h>
45 #include <string.h>
46
47 /** define LWIP_HTTPD_EXAMPLE_GENERATEDFILES to 1 to enable this file system */
48 #ifndef LWIP_HTTPD_EXAMPLE_SIMPLEPOST
49 #define LWIP_HTTPD_EXAMPLE_SIMPLEPOST 0
50 #endif
51
52 #if LWIP_HTTPD_EXAMPLE_SIMPLEPOST
53
54 #if !LWIP_HTTPD_SUPPORT_POST
55 #error This needs LWIP_HTTPD_SUPPORT_POST
56 #endif
57
58 #define USER_PASS_BUFSIZE 16
59
60 static void *current_connection;
61 static void *valid_connection;
62 static char last_user[USER_PASS_BUFSIZE];
63
64 err_t
httpd_post_begin(void * connection,const char * uri,const char * http_request,u16_t http_request_len,int content_len,char * response_uri,u16_t response_uri_len,u8_t * post_auto_wnd)65 httpd_post_begin(void *connection, const char *uri, const char *http_request,
66 u16_t http_request_len, int content_len, char *response_uri,
67 u16_t response_uri_len, u8_t *post_auto_wnd)
68 {
69 LWIP_UNUSED_ARG(connection);
70 LWIP_UNUSED_ARG(http_request);
71 LWIP_UNUSED_ARG(http_request_len);
72 LWIP_UNUSED_ARG(content_len);
73 LWIP_UNUSED_ARG(post_auto_wnd);
74 if (!memcmp(uri, "/login.cgi", 11)) {
75 if (current_connection != connection) {
76 current_connection = connection;
77 valid_connection = NULL;
78 /* default page is "login failed" */
79 snprintf(response_uri, response_uri_len, "/loginfail.html");
80 /* e.g. for large uploads to slow flash over a fast connection, you should
81 manually update the rx window. That way, a sender can only send a full
82 tcp window at a time. If this is required, set 'post_aut_wnd' to 0.
83 We do not need to throttle upload speed here, so: */
84 *post_auto_wnd = 1;
85 return ERR_OK;
86 }
87 }
88 return ERR_VAL;
89 }
90
91 err_t
httpd_post_receive_data(void * connection,struct pbuf * p)92 httpd_post_receive_data(void *connection, struct pbuf *p)
93 {
94 err_t ret;
95
96 LWIP_ASSERT("NULL pbuf", p != NULL);
97
98 if (current_connection == connection) {
99 u16_t token_user = pbuf_memfind(p, "user=", 5, 0);
100 u16_t token_pass = pbuf_memfind(p, "pass=", 5, 0);
101 if ((token_user != 0xFFFF) && (token_pass != 0xFFFF)) {
102 u16_t value_user = token_user + 5;
103 u16_t value_pass = token_pass + 5;
104 u16_t len_user = 0;
105 u16_t len_pass = 0;
106 u16_t tmp;
107 /* find user len */
108 tmp = pbuf_memfind(p, "&", 1, value_user);
109 if (tmp != 0xFFFF) {
110 len_user = tmp - value_user;
111 } else {
112 len_user = p->tot_len - value_user;
113 }
114 /* find pass len */
115 tmp = pbuf_memfind(p, "&", 1, value_pass);
116 if (tmp != 0xFFFF) {
117 len_pass = tmp - value_pass;
118 } else {
119 len_pass = p->tot_len - value_pass;
120 }
121 if ((len_user > 0) && (len_user < USER_PASS_BUFSIZE) &&
122 (len_pass > 0) && (len_pass < USER_PASS_BUFSIZE)) {
123 /* provide contiguous storage if p is a chained pbuf */
124 char buf_user[USER_PASS_BUFSIZE];
125 char buf_pass[USER_PASS_BUFSIZE];
126 char *user = (char *)pbuf_get_contiguous(p, buf_user, sizeof(buf_user), len_user, value_user);
127 char *pass = (char *)pbuf_get_contiguous(p, buf_pass, sizeof(buf_pass), len_pass, value_pass);
128 if (user && pass) {
129 user[len_user] = 0;
130 pass[len_pass] = 0;
131 if (!strcmp(user, "lwip") && !strcmp(pass, "post")) {
132 /* user and password are correct, create a "session" */
133 valid_connection = connection;
134 memcpy(last_user, user, sizeof(last_user));
135 }
136 }
137 }
138 }
139 /* not returning ERR_OK aborts the connection, so return ERR_OK unless the
140 connection is unknown */
141 ret = ERR_OK;
142 } else {
143 ret = ERR_VAL;
144 }
145
146 /* this function must ALWAYS free the pbuf it is passed or it will leak memory */
147 pbuf_free(p);
148
149 return ret;
150 }
151
152 void
httpd_post_finished(void * connection,char * response_uri,u16_t response_uri_len)153 httpd_post_finished(void *connection, char *response_uri, u16_t response_uri_len)
154 {
155 /* default page is "login failed" */
156 snprintf(response_uri, response_uri_len, "/loginfail.html");
157 if (current_connection == connection) {
158 if (valid_connection == connection) {
159 /* login succeeded */
160 snprintf(response_uri, response_uri_len, "/session.html");
161 }
162 current_connection = NULL;
163 valid_connection = NULL;
164 }
165 }
166
167 #endif /* LWIP_HTTPD_EXAMPLE_SIMPLEPOST*/
168