@@ -24,6 +24,7 @@

 #include "kakumei_session.h"

 #include "kakumei_pass.h"

 #include "kakumei_posts.h"

+#include "kakumei_email.h"

 #include "kakumei_config.h"

 #define CONFIGFILE "kakumei.conf"

@@ -50,6 +51,8 @@ wk_action http_lastpost(wk *web, int connid, wk_uri *uri, void *userptr,char *us

 wk_action http_getpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

 wk_action http_newpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

 wk_action http_newcomment(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

+wk_action http_changeemail(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

+wk_action http_getemail(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

 int

 main(int argc, char *argv[])

@@ -113,8 +116,8 @@ main(int argc, char *argv[])

         log_write("INIT","Server initialized, waiting connections...");

         while(!sigint_flag) {

                 sselect_wait(ka->ssel,timeout);

-		if(sigint_flag)

-			break;

+                if(sigint_flag)

+                        break;

                 wk_service(ka->web);

         }

         wk_free(ka->web),ka->web=NULL;

@@ -322,6 +325,10 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

                         return(http_newpost(web,connid,uri,userptr,user));

                 else if(memcmp(uri->path,"/newcomment?",12)==0)

                         return(http_newcomment(web,connid,uri,userptr,user));

+                else if(memcmp(uri->path,"/changeemail?",13)==0)

+                        return(http_changeemail(web,connid,uri,userptr,user));

+                else if(memcmp(uri->path,"/getemail?",10)==0)

+                        return(http_getemail(web,connid,uri,userptr,user));

         }

         /* not found */

         log_write("HTTP","URI not found: %s",uri->path);

@@ -457,7 +464,6 @@ http_lastpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

         wk_serve_buffer_as_file(web,connid,reply,strlen(reply),"text/plain");

         log_write("LSTP","Reply: %s",reply);

         return(wkact_finished);

-

 }

 wk_action

@@ -496,6 +502,7 @@ http_newpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

                 log_write("NEWP","invalid post, send error");

                 return(wkact_finished);

         }

+        email_notify(ka,user,-1);

         log_write("NEWP","Replying with last post");

         return(http_lastpost(web,connid,uri,userptr,user));

 }

@@ -519,6 +526,41 @@ http_newcomment(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

         }

         wk_serve_buffer_as_file(web,connid,n,strlen(n),"text/plain");

         log_write("NEWC","Reply: %s",n);

+        email_notify(ka,user,num);

+        return(wkact_finished);

+}

+

+wk_action

+http_changeemail(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

+{

+        char useremail[128];

+        kakumei *ka=(kakumei *)userptr;

+        if(wk_uri_copyvar(uri,"a",useremail,sizeof(useremail))==NULL)

+                useremail[0]='\0';

+        if(email_set(ka,user,useremail)!=0) {

+                wk_serve_error(web,connid,wkerr_internal);

+                log_write("EMCH","couldn't change email, send error");

+                return(wkact_finished);

+        }

+        /* valid */

+        wk_serve_buffer_as_file(web,connid,useremail,strlen(useremail),"text/plain");

+        log_write("EMCH","Reply: %s",useremail);

+        return(wkact_finished);

+}

+

+wk_action

+http_getemail(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

+{

+        char useremail[128];

+        kakumei *ka=(kakumei *)userptr;

+        if(email_get(ka,user,useremail,sizeof(useremail))!=0) {

+                wk_serve_error(web,connid,wkerr_internal);

+                log_write("EMGT","no user email, send error");

+                return(wkact_finished);

+        }

+        /* valid */

+        wk_serve_buffer_as_file(web,connid,useremail,strlen(useremail),"text/plain");

+        log_write("EMGT","Reply: %s",useremail);

         return(wkact_finished);

 }

@@ -113,6 +113,8 @@ main(int argc, char *argv[])

         log_write("INIT","Server initialized, waiting connections...");

         while(!sigint_flag) {

                 sselect_wait(ka->ssel,timeout);

+		if(sigint_flag)

+			break;

                 wk_service(ka->web);

         }

         wk_free(ka->web),ka->web=NULL;

@@ -15,6 +15,7 @@

 #include <sys/types.h>

 #include <sys/stat.h>

 #include <unistd.h>

+#include <mhash.h>

 #include "gen_res.h"

 #include "socklib.h"

 #include "loglib.h"

@@ -32,12 +33,15 @@

 #define CFBANNERPATH "default.png"

 #define CFSSLPROXY 0

+#define DEBUG_HEADERS

+

 static int signal_init(int signum, void (*fn)(int));

 static void sigint(int signum);

 volatile int sigint_flag=0;

 int kakumei_inviteexists(kakumei *ka, char *invite);

 int kakumei_invitedel(kakumei *ka, char *invite);

+int kakumei_etag(kakumei *ka, char *filename, char *etag, int etagsize);

 wk_action callback_http(wk *web, int connid, wk_uri *uri, void *userptr);

 wk_action http_login(wk *web, int connid, wk_uri *uri, void *userptr);

@@ -177,6 +181,38 @@ kakumei_invitedel(kakumei *ka, char *invite)

         return(0);

 }

+int

+kakumei_etag(kakumei *ka, char *filename, char *etag, int etagsize)

+{

+        struct stat st;

+        MHASH td;

+        char binhash[20];

+        char hash[40];

+        int i;

+        char c;

+        if(filename==NULL || etag==NULL || etagsize<1)

+                return(-1);

+        if(stat(filename,&st)!=0 || !S_ISREG(st.st_mode))

+                return(-1);

+        if((td=mhash_init(MHASH_SHA1))==MHASH_FAILED)

+                return(-1);

+        mhash(td,&(st.st_mtime),sizeof(st.st_mtime));

+        mhash(td,&(st.st_size),sizeof(st.st_size));

+        mhash_deinit(td,&binhash);

+        for(i=0;i<sizeof(binhash);i++) {

+                c=(((unsigned char *)binhash)[i]>>4);

+                c=(c>=10)?(c-10+'a'):c+'0';

+                hash[i<<1]=c;

+                c=(((unsigned char *)binhash)[i]&0xf);

+                c=(c>=10)?(c-10+'a'):c+'0';

+                hash[(i<<1)+1]=c;

+        }

+        memcpy(etag,hash,(etagsize>sizeof(hash))?sizeof(hash):(etagsize-1));

+        etag[(etagsize>sizeof(hash))?sizeof(hash):(etagsize-1)]='\0';

+        return(0);

+}

+

+

 wk_action

 callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

@@ -185,6 +221,7 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

         resindex *res;

         char partialpath[1024];

         char *ptr;

+        char etag[ETAGSIZE+1];

         struct {

                 char *name;

         } whitelist[]={{"/index.html"},

@@ -207,6 +244,14 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

                 log_write("HTTP","Request: /newuser?...");

         else

                 log_write("HTTP","Request: %s",uri->path);

+#ifdef DEBUG_HEADERS

+        {

+                int j;

+                char *h;

+                for(j=0;(h=wk_uri_getheaderbynum(uri,j))!=NULL;j++)

+                        log_write("HDR","%s",h);

+        }

+#endif

         /* extract the name */

         strncpy(partialpath,uri->path,sizeof(partialpath)-1);

         partialpath[sizeof(partialpath)-1]='\0';

@@ -238,6 +283,7 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

         if(partialpath[0]=='/' && (res=res_find(resindexdata,partialpath+1))!=NULL) {

                 if(whitelisted || validsession) {

                         log_write("HTTP","Serving in-memory file %s",partialpath+1);

+                        wk_serve_etagset(web,connid,res->etag);

                         wk_serve_buffer_as_file(web,connid,res->data,res->len,mime_getdefault(res->name,"application/octet-stream"));

                         return(wkact_finished);

                 } else if((res=res_find(resindexdata,"index.html"))!=NULL) {

@@ -251,6 +297,8 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

                 }

         } else if(strcmp(uri->path,"/banner.png")==0) {

                 log_write("HTTP","Serving banner from disk, file %s",partialpath);

+                if(kakumei_etag(ka,partialpath,etag,sizeof(etag))==0)

+                        wk_serve_etagset(web,connid,etag);

                 if(wk_serve_file(web,connid,partialpath,mime_getdefault(partialpath,"image/png"))!=0) {

                         log_write("HTTP","File not found, file %s",partialpath);

                         wk_serve_error(web,connid,wkerr_notfound);

@@ -50,17 +50,21 @@ wk_action http_newcomment(wk *web, int connid, wk_uri *uri, void *userptr,char *

 int

 main(int argc, char *argv[])

 {

-        int port;

         int timeout=500;

         int serverfd;

         kakumei *ka,kastore;

         memset(&kastore,0,sizeof(kastore));

         ka=&kastore;

+        char *hostnameport;

+        char hostname[128];

+        char *host;

+        long hostsize;

+        char *ptr,*sep;

         if(argc!=2) {

-                printf("Syntax: %s port\n",argv[0]);

+                printf("Syntax: %s [ip:]port\n",argv[0]);

                 return(1);

         }

-        port=atoi(argv[1]);

+        hostnameport=argv[1];

         if(kaconfig_exists(CONFIGFILE)!=0) {

                 log_setlogfile(CFLOGFILE);

                 log_write("INIT","Config file not found, writing default file %s",CONFIGFILE);

@@ -76,7 +80,20 @@ main(int argc, char *argv[])

                 log_write("INIT","ERROR: insufficient memory");

                 return(1);

         }

-        if((serverfd=ipv4_server(port))==-1) {

+        if((sep=strchr(hostnameport,':'))!=NULL) {

+                serverfd=-1;

+                strncpy(hostname,hostnameport,sizeof(hostname));

+                hostname[sizeof(hostname)-1]='\0';

+                if((ptr=strchr(hostname,':'))!=NULL)

+                        *ptr='\0';

+                if((host=ipv4_genip(hostname,&hostsize))!=NULL) {

+                        serverfd=ipv4_serverbinded(host,hostsize,atoi(sep+1));

+                        free(host),host=NULL;

+                }

+        } else {

+                serverfd=ipv4_server(atoi(hostnameport));

+        }

+        if(serverfd==-1) {

                 sselect_free(ka->ssel),ka->ssel=NULL;

                 log_write("INIT","ERROR: couldn't listen on port");

                 return(2);

@@ -52,6 +52,7 @@ main(int argc, char *argv[])

 {

         int port;

         int timeout=500;

+        int serverfd;

         kakumei *ka,kastore;

         memset(&kastore,0,sizeof(kastore));

         ka=&kastore;

@@ -61,21 +62,27 @@ main(int argc, char *argv[])

         }

         port=atoi(argv[1]);

         if(kaconfig_exists(CONFIGFILE)!=0) {

-		log_setlogfile(CFLOGFILE);

+                log_setlogfile(CFLOGFILE);

                 log_write("INIT","Config file not found, writing default file %s",CONFIGFILE);

                 kaconfig_write(CONFIGFILE,CFLOGFILE,CFCOOKIENAME,CFCOOKIEDOMAIN,CFBANNERPATH,CFSSLPROXY);

         }

         if((ka->config=kaconfig_init(CONFIGFILE))==NULL) {

-		log_setlogfile(CFLOGFILE);

+                log_setlogfile(CFLOGFILE);

                 log_write("INIT","ERROR: insufficient memory or config file error");

                 return(1);

         }

-	log_setlogfile((ka->config->logfile!=NULL)?ka->config->logfile:CFLOGFILE);

+        log_setlogfile((ka->config->logfile!=NULL)?ka->config->logfile:CFLOGFILE);

         if((ka->ssel=sselect_init())==NULL) {

                 log_write("INIT","ERROR: insufficient memory");

                 return(1);

         }

-        if((ka->web=wk_init(port,ka->ssel,NULL,callback_http,NULL,NULL,ka))==NULL) {

+        if((serverfd=ipv4_server(port))==-1) {

+                sselect_free(ka->ssel),ka->ssel=NULL;

+                log_write("INIT","ERROR: couldn't listen on port");

+                return(2);

+        }

+        sock_setunsafe(serverfd);

+        if((ka->web=wk_init(serverfd,ka->ssel,NULL,callback_http,NULL,NULL,ka))==NULL) {

                 sselect_free(ka->ssel),ka->ssel=NULL;

                 log_write("INIT","ERROR: couldn't init web server");

                 return(2);

@@ -88,6 +95,7 @@ main(int argc, char *argv[])

                 wk_service(ka->web);

         }

         wk_free(ka->web),ka->web=NULL;

+        close(serverfd),serverfd=-1;

         sselect_free(ka->ssel),ka->ssel=NULL;

         kaconfig_free(ka->config),ka->config=NULL;

         log_write("FINI","SIGINT detected, exiting...");

@@ -26,6 +26,7 @@

 #include "kakumei_config.h"

 #define CONFIGFILE "kakumei.conf"

+#define CFLOGFILE "kakumei.log"

 #define CFCOOKIENAME "kakumeiauthid"

 #define CFCOOKIEDOMAIN "localhost"

 #define CFBANNERPATH "default.png"

@@ -60,13 +61,16 @@ main(int argc, char *argv[])

         }

         port=atoi(argv[1]);

         if(kaconfig_exists(CONFIGFILE)!=0) {

+		log_setlogfile(CFLOGFILE);

                 log_write("INIT","Config file not found, writing default file %s",CONFIGFILE);

-                kaconfig_write(CONFIGFILE,CFCOOKIENAME,CFCOOKIEDOMAIN,CFBANNERPATH,CFSSLPROXY);

+                kaconfig_write(CONFIGFILE,CFLOGFILE,CFCOOKIENAME,CFCOOKIEDOMAIN,CFBANNERPATH,CFSSLPROXY);

         }

         if((ka->config=kaconfig_init(CONFIGFILE))==NULL) {

+		log_setlogfile(CFLOGFILE);

                 log_write("INIT","ERROR: insufficient memory or config file error");

                 return(1);

         }

+	log_setlogfile((ka->config->logfile!=NULL)?ka->config->logfile:CFLOGFILE);

         if((ka->ssel=sselect_init())==NULL) {

                 log_write("INIT","ERROR: insufficient memory");

                 return(1);

@@ -29,6 +29,7 @@

 #define CFCOOKIENAME "kakumeiauthid"

 #define CFCOOKIEDOMAIN "localhost"

 #define CFBANNERPATH "default.png"

+#define CFSSLPROXY 0

 static int signal_init(int signum, void (*fn)(int));

 static void sigint(int signum);

@@ -60,7 +61,7 @@ main(int argc, char *argv[])

         port=atoi(argv[1]);

         if(kaconfig_exists(CONFIGFILE)!=0) {

                 log_write("INIT","Config file not found, writing default file %s",CONFIGFILE);

-                kaconfig_write(CONFIGFILE,CFCOOKIENAME,CFCOOKIEDOMAIN,CFBANNERPATH);

+                kaconfig_write(CONFIGFILE,CFCOOKIENAME,CFCOOKIEDOMAIN,CFBANNERPATH,CFSSLPROXY);

         }

         if((ka->config=kaconfig_init(CONFIGFILE))==NULL) {

                 log_write("INIT","ERROR: insufficient memory or config file error");

@@ -298,7 +299,7 @@ http_login(wk *web, int connid, wk_uri *uri, void *userptr)

                 /* valid login */

                 snprintf(reply,sizeof(reply),"/posts.html?s=%s",session);

                 reply[sizeof(reply)-1]='\0';

-                wk_serve_cookieadd(web,connid,ka->config->cookiename,authid,ka->config->cookiedomain,21600 /* 6h */,"secure");

+                wk_serve_cookieadd(web,connid,ka->config->cookiename,authid,ka->config->cookiedomain,21600 /* 6h */,(ka->config->sslproxy)?"secure":NULL);

                 wk_serve_buffer_as_file(web,connid,reply,strlen(reply),"text/plain");

                 log_write("LGIN","Reply: %s",reply);

                 return(wkact_finished);

@@ -354,7 +355,7 @@ http_newuser(wk *web, int connid, wk_uri *uri, void *userptr)

         /* valid login */

         snprintf(reply,sizeof(reply),"/posts.html?s=%s",session);

         reply[sizeof(reply)-1]='\0';

-        wk_serve_cookieadd(web,connid,ka->config->cookiename,authid,ka->config->cookiedomain,21600 /* 6h */,"secure");

+        wk_serve_cookieadd(web,connid,ka->config->cookiename,authid,ka->config->cookiedomain,21600 /* 6h */,(ka->config->sslproxy)?"secure":NULL);

         wk_serve_buffer_as_file(web,connid,reply,strlen(reply),"text/plain");

         log_write("NEWU","Reply: %s",reply);

         return(wkact_finished);

@@ -26,7 +26,7 @@

 #include "kakumei_config.h"

 #define CONFIGFILE "kakumei.conf"

-#define CFCOOKIEPREFIX "kakumei_"

+#define CFCOOKIENAME "kakumeiauthid"

 #define CFCOOKIEDOMAIN "localhost"

 #define CFBANNERPATH "default.png"

@@ -60,7 +60,7 @@ main(int argc, char *argv[])

         port=atoi(argv[1]);

         if(kaconfig_exists(CONFIGFILE)!=0) {

                 log_write("INIT","Config file not found, writing default file %s",CONFIGFILE);

-                kaconfig_write(CONFIGFILE,CFCOOKIEPREFIX,CFCOOKIEDOMAIN,CFBANNERPATH);

+                kaconfig_write(CONFIGFILE,CFCOOKIENAME,CFCOOKIEDOMAIN,CFBANNERPATH);

         }

         if((ka->config=kaconfig_init(CONFIGFILE))==NULL) {

                 log_write("INIT","ERROR: insufficient memory or config file error");

@@ -164,8 +164,9 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

         int ishtml;

         int whitelisted;

         int validsession;

-        char session[SESSIONSIZE];

+        char session[SESSIONSIZE+1];

         char user[MAXUSERSIZE+1];

+        char authid[AUTHIDSIZE+1];

         int i;

         if(ka==NULL)

                 return(wkact_finished);

@@ -200,7 +201,9 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

         if(wk_uri_copyvar(uri,"s",session,sizeof(session))==NULL)

                 session[0]='\0';

         user[0]='\0';

-        validsession=(session_check(ka,session,user,sizeof(user))!=NULL)?1:0;

+        if(wk_uri_copycookie(uri,ka->config->cookiename,authid,sizeof(authid))==NULL)

+                authid[0]='\0';

+        validsession=(session_check(ka,session,authid,user,sizeof(user))!=NULL)?1:0;

         /* serve the page */

         if(partialpath[0]=='/' && (res=res_find(resindexdata,partialpath+1))!=NULL) {

                 if(whitelisted || validsession) {

@@ -269,7 +272,8 @@ http_login(wk *web, int connid, wk_uri *uri, void *userptr)

 {

         char u[MAXUSERSIZE+1],p[MAXPASSWDSIZE+1];

         char reply[1024];

-        char session[SESSIONSIZE];

+        char session[SESSIONSIZE+1];

+        char authid[AUTHIDSIZE+1];

         kakumei *ka=(kakumei *)userptr;

         if(web==NULL || connid<0 || uri==NULL || ka==NULL) {

                 log_write("EINT","%s:%i",__FILE__,__LINE__);

@@ -290,10 +294,11 @@ http_login(wk *web, int connid, wk_uri *uri, void *userptr)

                 log_write("LGIN","Reply: %s",reply);

                 return(wkact_finished);

         } else if(pass_check(ka,u,p)==0 &&

-                  session_new(ka,u,session,sizeof(session))!=NULL) {

+                  session_new(ka,u,session,sizeof(session),authid,sizeof(authid))!=NULL) {

                 /* valid login */

                 snprintf(reply,sizeof(reply),"/posts.html?s=%s",session);

                 reply[sizeof(reply)-1]='\0';

+                wk_serve_cookieadd(web,connid,ka->config->cookiename,authid,ka->config->cookiedomain,21600 /* 6h */,"secure");

                 wk_serve_buffer_as_file(web,connid,reply,strlen(reply),"text/plain");

                 log_write("LGIN","Reply: %s",reply);

                 return(wkact_finished);

@@ -308,7 +313,8 @@ http_newuser(wk *web, int connid, wk_uri *uri, void *userptr)

 {

         char u[MAXUSERSIZE+1],p[MAXPASSWDSIZE+1],i[MAXPASSWDSIZE+1];

         char reply[1024];

-        char session[SESSIONSIZE];

+        char session[SESSIONSIZE+1];

+        char authid[AUTHIDSIZE+1];

         kakumei *ka=(kakumei *)userptr;

         if(web==NULL || connid<0 || uri==NULL || ka==NULL) {

                 log_write("EINT","%s:%i",__FILE__,__LINE__);

@@ -339,7 +345,7 @@ http_newuser(wk *web, int connid, wk_uri *uri, void *userptr)

         /* delete invitation */

         kakumei_invitedel(ka,i);

         /* create session and go to "posts" page */

-        if(session_new(ka,u,session,sizeof(session))==NULL) {

+        if(session_new(ka,u,session,sizeof(session),authid,sizeof(authid))==NULL) {

                 /* "autologin" didn't work, ask for login */

                 log_write("NEWU","couldn't generate new session, redirecting to login");

                 wk_serve_buffer_as_file(web,connid,"/",1,"text/plain");

@@ -348,6 +354,7 @@ http_newuser(wk *web, int connid, wk_uri *uri, void *userptr)

         /* valid login */

         snprintf(reply,sizeof(reply),"/posts.html?s=%s",session);

         reply[sizeof(reply)-1]='\0';

+        wk_serve_cookieadd(web,connid,ka->config->cookiename,authid,ka->config->cookiedomain,21600 /* 6h */,"secure");

         wk_serve_buffer_as_file(web,connid,reply,strlen(reply),"text/plain");

         log_write("NEWU","Reply: %s",reply);

         return(wkact_finished);

@@ -23,6 +23,12 @@

 #include "kakumei_session.h"

 #include "kakumei_pass.h"

 #include "kakumei_posts.h"

+#include "kakumei_config.h"

+

+#define CONFIGFILE "kakumei.conf"

+#define CFCOOKIEPREFIX "kakumei_"

+#define CFCOOKIEDOMAIN "localhost"

+#define CFBANNERPATH "default.png"

 static int signal_init(int signum, void (*fn)(int));

 static void sigint(int signum);

@@ -52,6 +58,14 @@ main(int argc, char *argv[])

                 return(1);

         }

         port=atoi(argv[1]);

+        if(kaconfig_exists(CONFIGFILE)!=0) {

+                log_write("INIT","Config file not found, writing default file %s",CONFIGFILE);

+                kaconfig_write(CONFIGFILE,CFCOOKIEPREFIX,CFCOOKIEDOMAIN,CFBANNERPATH);

+        }

+        if((ka->config=kaconfig_init(CONFIGFILE))==NULL) {

+                log_write("INIT","ERROR: insufficient memory or config file error");

+                return(1);

+        }

         if((ka->ssel=sselect_init())==NULL) {

                 log_write("INIT","ERROR: insufficient memory");

                 return(1);

@@ -70,6 +84,7 @@ main(int argc, char *argv[])

         }

         wk_free(ka->web),ka->web=NULL;

         sselect_free(ka->ssel),ka->ssel=NULL;

+        kaconfig_free(ka->config),ka->config=NULL;

         log_write("FINI","SIGINT detected, exiting...");

         return(0);

 }

@@ -166,6 +181,8 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

         partialpath[sizeof(partialpath)-1]='\0';

         if(strcmp(uri->path,"/")==0)

                 strcpy(partialpath,"/index.html");

+        if(strcmp(uri->path,"/banner.png")==0)

+                strcpy(partialpath,(ka->config->bannerpath!=NULL)?ka->config->bannerpath:"/" CFBANNERPATH);

         if((ptr=strchr(partialpath,'?'))!=NULL)

                 *ptr='\0';

         /* check whitelist */

@@ -199,6 +216,14 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

                         wk_serve_error(web,connid,wkerr_internal);

                         return(wkact_finished); /* internal error */

                 }

+        } else if(strcmp(uri->path,"/banner.png")==0) {

+                log_write("HTTP","Serving banner from disk, file %s",partialpath);

+                if(wk_serve_file(web,connid,partialpath,mime_getdefault(partialpath,"image/png"))!=0) {

+                        log_write("HTTP","File not found, file %s",partialpath);

+                        wk_serve_error(web,connid,wkerr_notfound);

+                        return(wkact_finished); /* internal error */

+                }

+                return(wkact_finished);

         }

         /* check for actions */

         if(memcmp(uri->path,"/login?",7)==0) {

@@ -372,11 +372,14 @@ http_getpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

 wk_action

 http_newpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

 {

+        char h[8192];

         char t[8192];

         kakumei *ka=(kakumei *)userptr;

+        if(wk_uri_copyvar(uri,"h",h,sizeof(h))==NULL)

+                h[0]='\0';

         if(wk_uri_copyvar(uri,"t",t,sizeof(t))==NULL)

                 t[0]='\0';

-        if(t[0]=='\0' || post_new(ka,user,t)!=0) {

+        if((t[0]=='\0' && h[0]=='\0') || post_new(ka,user,h,t)!=0) {

                 wk_serve_error(web,connid,wkerr_internal);

                 log_write("NEWP","invalid post, send error");

                 return(wkact_finished);

@@ -334,7 +334,7 @@ http_lastpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

         char reply[64];

         int n;

         kakumei *ka=(kakumei *)userptr;

-        if((n=post_last(ka))<=0) {

+        if((n=post_last(ka))<0) {

                 wk_serve_error(web,connid,wkerr_internal);

                 log_write("LSTP","invalid postnum, send error");

                 return(wkact_finished);

@@ -22,6 +22,7 @@

 #include "kakumei.h"

 #include "kakumei_session.h"

 #include "kakumei_pass.h"

+#include "kakumei_posts.h"

 static int signal_init(int signum, void (*fn)(int));

 static void sigint(int signum);

@@ -33,6 +34,10 @@ int kakumei_invitedel(kakumei *ka, char *invite);

 wk_action callback_http(wk *web, int connid, wk_uri *uri, void *userptr);

 wk_action http_login(wk *web, int connid, wk_uri *uri, void *userptr);

 wk_action http_newuser(wk *web, int connid, wk_uri *uri, void *userptr);

+wk_action http_lastpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

+wk_action http_getpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

+wk_action http_newpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

+wk_action http_newcomment(wk *web, int connid, wk_uri *uri, void *userptr,char *user);

 int

 main(int argc, char *argv[])

@@ -200,6 +205,15 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

                 return(http_login(web,connid,uri,userptr));

         } else if(memcmp(uri->path,"/newuser?",9)==0) {

                 return(http_newuser(web,connid,uri,userptr));

+        } else if(validsession && user[0]!='\0') {

+                if(memcmp(uri->path,"/lastpost?",10)==0)

+                        return(http_lastpost(web,connid,uri,userptr,user));

+                else if(memcmp(uri->path,"/getpost?",9)==0)

+                        return(http_getpost(web,connid,uri,userptr,user));

+                else if(memcmp(uri->path,"/newpost?",9)==0)

+                        return(http_newpost(web,connid,uri,userptr,user));

+                else if(memcmp(uri->path,"/newcomment?",12)==0)

+                        return(http_newcomment(web,connid,uri,userptr,user));

         }

         /* not found */

         log_write("HTTP","URI not found: %s",uri->path);

@@ -314,4 +328,82 @@ http_newuser(wk *web, int connid, wk_uri *uri, void *userptr)

         return(wkact_finished);

 }

+wk_action

+http_lastpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

+{

+        char reply[64];

+        int n;

+        kakumei *ka=(kakumei *)userptr;

+        if((n=post_last(ka))<=0) {

+                wk_serve_error(web,connid,wkerr_internal);

+                log_write("LSTP","invalid postnum, send error");

+                return(wkact_finished);

+        }

+        /* valid */

+        snprintf(reply,sizeof(reply),"%i",n);

+        reply[sizeof(reply)-1]='\0';

+        wk_serve_buffer_as_file(web,connid,reply,strlen(reply),"text/plain");

+        log_write("LSTP","Reply: %s",reply);

+        return(wkact_finished);

+

+}

+

+wk_action

+http_getpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

+{

+        kakumei *ka=(kakumei *)userptr;

+        char filename[1024];

+        char n[64];

+        int num;

+        if(wk_uri_copyvar(uri,"n",n,sizeof(n))==NULL)

+                n[0]='\0';

+        num=atoi(n);

+        if(n[0]=='\0' || num<0 || post_get(ka,num,filename,sizeof(filename))!=0) {

+                wk_serve_error(web,connid,wkerr_internal);

+                log_write("GETP","invalid postnum, send error");

+                return(wkact_finished);

+        }

+        /* valid login */

+        wk_serve_file(web,connid,filename,"application/json");

+        log_write("GETP","Reply: contents of %s",filename);

+        return(wkact_finished);

+}

+

+wk_action

+http_newpost(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

+{

+        char t[8192];

+        kakumei *ka=(kakumei *)userptr;

+        if(wk_uri_copyvar(uri,"t",t,sizeof(t))==NULL)

+                t[0]='\0';

+        if(t[0]=='\0' || post_new(ka,user,t)!=0) {

+                wk_serve_error(web,connid,wkerr_internal);

+                log_write("NEWP","invalid post, send error");

+                return(wkact_finished);

+        }

+        log_write("NEWP","Replying with last post");

+        return(http_lastpost(web,connid,uri,userptr,user));

+}

+

+wk_action

+http_newcomment(wk *web, int connid, wk_uri *uri, void *userptr,char *user)

+{

+        char t[8192];

+        kakumei *ka=(kakumei *)userptr;

+        char n[64];

+        int num;

+        if(wk_uri_copyvar(uri,"n",n,sizeof(n))==NULL)

+                n[0]='\0';

+        num=atoi(n);

+        if(wk_uri_copyvar(uri,"t",t,sizeof(t))==NULL)

+                t[0]='\0';

+        if(n[0]=='\0' || n<0 || t[0]=='\0' || post_addcomment(ka,num,user,t)!=0) {

+                wk_serve_error(web,connid,wkerr_internal);

+                log_write("NEWC","invalid post, send error");

+                return(wkact_finished);

+        }

+        wk_serve_buffer_as_file(web,connid,n,strlen(n),"text/plain");

+        log_write("NEWC","Reply: %s",n);

+        return(wkact_finished);

+}

@@ -156,7 +156,6 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

                 log_write("HTTP","Request: /newuser?...");

         else

                 log_write("HTTP","Request: %s",uri->path);

-

         /* extract the name */

         strncpy(partialpath,uri->path,sizeof(partialpath)-1);

         partialpath[sizeof(partialpath)-1]='\0';

@@ -188,7 +187,7 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

                         return(wkact_finished);

                 } else if((res=res_find(resindexdata,"index.html"))!=NULL) {

                         log_write("HTTP","Not allowed page, redirecting to login");

-                        wk_serve_buffer_as_file(web,connid,res->data,res->len,mime_getdefault(res->name,"application/octet-stream"));

+                        wk_serve_redirect(web,connid,"/");

                         return(wkact_finished);

                 } else {

                         log_write("EINT","%s:%i",__FILE__,__LINE__);

@@ -287,8 +286,8 @@ http_newuser(wk *web, int connid, wk_uri *uri, void *userptr)

         /* check validity */

         if(kakumei_inviteexists(ka,i)!=0) {

                 /* retry login */

-                wk_serve_buffer_as_file(web,connid,"/",1,"text/plain");

                 log_write("NEWU","invalid invite %s, redirecting to login",i);

+                wk_serve_buffer_as_file(web,connid,"/",1,"text/plain");

                 return(wkact_finished);

         }

         /* create user */

@@ -303,8 +302,8 @@ http_newuser(wk *web, int connid, wk_uri *uri, void *userptr)

         /* create session and go to "posts" page */

         if(session_new(ka,u,session,sizeof(session))==NULL) {

                 /* "autologin" didn't work, ask for login */

-                wk_serve_buffer_as_file(web,connid,"/",1,"text/plain");

                 log_write("NEWU","couldn't generate new session, redirecting to login");

+                wk_serve_buffer_as_file(web,connid,"/",1,"text/plain");

                 return(wkact_finished);

         }

         /* valid login */

@@ -135,6 +135,18 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

         resindex *res;

         char partialpath[1024];

         char *ptr;

+        struct {

+                char *name;

+        } whitelist[]={{"/index.html"},

+                       {"/newuser.html"}

+                      };

+        int len;

+        int ishtml;

+        int whitelisted;

+        int validsession;

+        char session[SESSIONSIZE];

+        char user[MAXUSERSIZE+1];

+        int i;

         if(ka==NULL)

                 return(wkact_finished);

         /* log without passwords */

@@ -144,17 +156,45 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

                 log_write("HTTP","Request: /newuser?...");

         else

                 log_write("HTTP","Request: %s",uri->path);

-        /* check for an in-memory file */

+

+        /* extract the name */

         strncpy(partialpath,uri->path,sizeof(partialpath)-1);

         partialpath[sizeof(partialpath)-1]='\0';

+        if(strcmp(uri->path,"/")==0)

+                strcpy(partialpath,"/index.html");

         if((ptr=strchr(partialpath,'?'))!=NULL)

                 *ptr='\0';

-#warning TODO check if the page is a "protected" one and, in that case, check for correct session id

-        if((strcmp(uri->path,"/")==0 && (res=res_find(resindexdata,"index.html"))!=NULL) ||

-          (partialpath[0]=='/' && (res=res_find(resindexdata,partialpath+1))!=NULL)) {

-                log_write("HTTP","Serving in-memory file %s",partialpath+1);

-                wk_serve_buffer_as_file(web,connid,res->data,res->len,mime_getdefault(res->name,"application/octet-stream"));

-                return(wkact_finished);

+        /* check whitelist */

+        len=strlen(partialpath);

+        ishtml=(len>5 && strcmp(partialpath+len-5,".html")==0)?1:0;

+        if(ishtml) {

+                for(whitelisted=0,i=0;i<(sizeof(whitelist)/sizeof(whitelist[0]));i++) {

+                        if(strcmp(partialpath,whitelist[i].name)==0) {

+                                whitelisted=1;

+                                break;

+                        }

+                }

+        } else

+                whitelisted=1;

+        if(wk_uri_copyvar(uri,"s",session,sizeof(session))==NULL)

+                session[0]='\0';

+        user[0]='\0';

+        validsession=(session_check(ka,session,user,sizeof(user))!=NULL)?1:0;

+        /* serve the page */

+        if(partialpath[0]=='/' && (res=res_find(resindexdata,partialpath+1))!=NULL) {

+                if(whitelisted || validsession) {

+                        log_write("HTTP","Serving in-memory file %s",partialpath+1);

+                        wk_serve_buffer_as_file(web,connid,res->data,res->len,mime_getdefault(res->name,"application/octet-stream"));

+                        return(wkact_finished);

+                } else if((res=res_find(resindexdata,"index.html"))!=NULL) {

+                        log_write("HTTP","Not allowed page, redirecting to login");

+                        wk_serve_buffer_as_file(web,connid,res->data,res->len,mime_getdefault(res->name,"application/octet-stream"));

+                        return(wkact_finished);

+                } else {

+                        log_write("EINT","%s:%i",__FILE__,__LINE__);

+                        wk_serve_error(web,connid,wkerr_internal);

+                        return(wkact_finished); /* internal error */

+                }

         }

         /* check for actions */

         if(memcmp(uri->path,"/login?",7)==0) {

@@ -195,6 +235,7 @@ http_login(wk *web, int connid, wk_uri *uri, void *userptr)

         kakumei *ka=(kakumei *)userptr;

         if(web==NULL || connid<0 || uri==NULL || ka==NULL) {

                 log_write("EINT","%s:%i",__FILE__,__LINE__);

+                wk_serve_error(web,connid,wkerr_internal);

                 return(wkact_finished); /* internal error */

         }

         if(wk_uri_copyvar(uri,"u",u,sizeof(u))==NULL)

@@ -233,6 +274,7 @@ http_newuser(wk *web, int connid, wk_uri *uri, void *userptr)

         kakumei *ka=(kakumei *)userptr;

         if(web==NULL || connid<0 || uri==NULL || ka==NULL) {

                 log_write("EINT","%s:%i",__FILE__,__LINE__);

+

                 return(wkact_finished); /* internal error */

         }

         /* get vars */

@@ -17,6 +17,7 @@

 #include <unistd.h>

 #include "gen_res.h"

 #include "socklib.h"

+#include "loglib.h"

 #include "webkernel.h"

 #include "kakumei.h"

 #include "kakumei_session.h"

@@ -47,22 +48,24 @@ main(int argc, char *argv[])

         }

         port=atoi(argv[1]);

         if((ka->ssel=sselect_init())==NULL) {

-                fprintf(stderr,"ERROR: insufficient memory\n");

+                log_write("INIT","ERROR: insufficient memory");

                 return(1);

         }

         if((ka->web=wk_init(port,ka->ssel,NULL,callback_http,NULL,NULL,ka))==NULL) {

                 sselect_free(ka->ssel),ka->ssel=NULL;

-                fprintf(stderr,"ERROR: couldn't init web server\n");

+                log_write("INIT","ERROR: couldn't init web server");

                 return(2);

         }

         sigint_flag=0;

         signal_init(SIGINT,sigint);

+        log_write("INIT","Server initialized, waiting connections...");

         while(!sigint_flag) {

                 sselect_wait(ka->ssel,timeout);

                 wk_service(ka->web);

         }

         wk_free(ka->web),ka->web=NULL;

         sselect_free(ka->ssel),ka->ssel=NULL;

+        log_write("FINI","SIGINT detected, exiting...");

         return(0);

 }

@@ -134,22 +137,33 @@ callback_http(wk *web, int connid, wk_uri *uri, void *userptr)

         char *ptr;

         if(ka==NULL)

                 return(wkact_finished);

-        printf("http: %s\n",uri->path);

+        /* log without passwords */

+        if(memcmp(uri->path,"/login?",7)==0)

+                log_write("HTTP","Request: /login?...");

+        else if(memcmp(uri->path,"/newuser?",9)==0)

+                log_write("HTTP","Request: /newuser?...");

+        else

+                log_write("HTTP","Request: %s",uri->path);

+        /* check for an in-memory file */

         strncpy(partialpath,uri->path,sizeof(partialpath)-1);

         partialpath[sizeof(partialpath)-1]='\0';

         if((ptr=strchr(partialpath,'?'))!=NULL)

                 *ptr='\0';

+#warning TODO check if the page is a "protected" one and, in that case, check for correct session id

         if((strcmp(uri->path,"/")==0 && (res=res_find(resindexdata,"index.html"))!=NULL) ||

           (partialpath[0]=='/' && (res=res_find(resindexdata,partialpath+1))!=NULL)) {

+                log_write("HTTP","Serving in-memory file %s",partialpath+1);

                 wk_serve_buffer_as_file(web,connid,res->data,res->len,mime_getdefault(res->name,"application/octet-stream"));

                 return(wkact_finished);

         }

+        /* check for actions */

         if(memcmp(uri->path,"/login?",7)==0) {

                 return(http_login(web,connid,uri,userptr));

         } else if(memcmp(uri->path,"/newuser?",9)==0) {

                 return(http_newuser(web,connid,uri,userptr));

         }

-        printf("URI not found: %s\n",uri->path);

+        /* not found */

+        log_write("HTTP","URI not found: %s",uri->path);

         wk_serve_error(web,connid,wkerr_notfound);

         return(wkact_finished);

 }

@@ -179,8 +193,10 @@ http_login(wk *web, int connid, wk_uri *uri, void *userptr)

         char reply[1024];

         char session[SESSIONSIZE];

         kakumei *ka=(kakumei *)userptr;

-        if(web==NULL || connid<0 || uri==NULL || ka==NULL)

+        if(web==NULL || connid<0 || uri==NULL || ka==NULL) {

+                log_write("EINT","%s:%i",__FILE__,__LINE__);

                 return(wkact_finished); /* internal error */

+        }

         if(wk_uri_copyvar(uri,"u",u,sizeof(u))==NULL)

                 u[0]='\0';

         if(wk_uri_copyvar(uri,"p",p,sizeof(p))==NULL)

@@ -192,6 +208,7 @@ http_login(wk *web, int connid, wk_uri *uri, void *userptr)

                 snprintf(reply,sizeof(reply),"/newuser.html?i=%s",p);