webserver: decompose post_iterator under the CCN 10 bar (21 -> 7)

etr · claude · etr · commit 368bf85c28d5 · 2026-05-21T11:14:45.000-07:00
webserver_impl::post_iterator is the MHD post-iterator trampoline: called repeatedly per request as MHD feeds form fields and file chunks. The original 82-line body wove together the non-file form-arg path and the file-upload path (including memory and/or disk targets, random vs sanitized filename, stream open/close on key/filename transitions, write + size update). CCN 21. Decomposed into per-responsibility helpers on detail::webserver_impl: handle_post_form_arg static; form-arg path (set vs grow on off). setup_new_upload_file_info per-instance; first-chunk filename choice + content_type/transfer_encoding seed. Returns false if sanitize_upload_filename fails so the caller maps it to MHD_NO. manage_upload_stream static; close-on-transition, open-if-needed. process_file_upload per-instance orchestrator for the disk branch. Returns MHD_YES / MHD_NO. post_iterator is now: dispatch (no filename -> handle_post_form_arg); try-block with memory-target arg-flat update; disk-target dispatch to process_file_upload; catch generateFilenameException -> MHD_NO. CCN 7. Every new helper sits at CCN <= 8. Static helpers are static because they don't read parent state (handle_post_form_arg, manage_upload_stream); the disk-orchestrator and setup_new_upload_file_info are instance methods because they read parent->{file_upload_target, generate_random_filename_on_upload, file_upload_dir}. Behaviour preserved verbatim: the four-way OR that detects (filename, key) transitions; the per-chunk grow vs replace based on @p off; the unlink before opening to avoid appending to a leftover file; the short-circuit returns of MHD_NO on sanitize failure and write failure. Verified locally: full `make check`. scripts/check-complexity.sh CCN_MAX ratcheted 22 -> 19 (the new worst offenders are ip_representation::operator< and populate_all_cert_fields, both CCN 18). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
diff --git a/scripts/check-complexity.sh b/scripts/check-complexity.sh
@@ -27,7 +27,7 @@
 set -euo pipefail
 
 REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
-CCN_MAX="${CCN_MAX:-22}"
+CCN_MAX="${CCN_MAX:-19}"
 
 # Prefer the standalone `lizard` entrypoint if it's on PATH; fall back to
 # `python3 -m lizard` which is what `pip install --user lizard` produces
diff --git a/src/httpserver/detail/webserver_impl.hpp b/src/httpserver/detail/webserver_impl.hpp
@@ -513,6 +513,32 @@ class webserver_impl {
                                   method_set methods,
                                   std::shared_ptr<::httpserver::http_resource> shim);
 
+    // Helpers carved out of post_iterator. The MHD post-iterator
+    // trampoline is a static MHD callback; the orchestrator below
+    // (process_file_upload) is an instance method because it reads the
+    // const config bag on parent (file_upload_target,
+    // generate_random_filename_on_upload, file_upload_dir).
+    static MHD_Result handle_post_form_arg(modded_request* mr,
+                                           const char* key,
+                                           const char* data,
+                                           size_t size,
+                                           uint64_t off);
+    bool setup_new_upload_file_info(::httpserver::http::file_info& file,
+                                    const char* filename,
+                                    const char* content_type,
+                                    const char* transfer_encoding) const;
+    static void manage_upload_stream(modded_request* mr,
+                                     const char* filename,
+                                     const char* key,
+                                     ::httpserver::http::file_info& file);
+    MHD_Result process_file_upload(modded_request* mr,
+                                   const char* key,
+                                   const char* filename,
+                                   const char* content_type,
+                                   const char* transfer_encoding,
+                                   const char* data,
+                                   size_t size) const;
+
     MHD_Result complete_request(MHD_Connection* connection, modded_request* mr,
                                 const char* version, const char* method);
     struct MHD_Response* get_raw_response_with_fallback(modded_request* mr);
diff --git a/src/webserver.cpp b/src/webserver.cpp
@@ -1521,85 +1521,105 @@ size_t webserver_impl::unescaper_func(void * cls, struct MHD_Connection *c, char
 
 namespace detail {
 
+MHD_Result webserver_impl::handle_post_form_arg(detail::modded_request* mr,
+        const char* key, const char* data, size_t size, uint64_t off) {
+    // No file: set the arg key/value and return. A non-zero @p off
+    // means MHD is feeding us a continuation chunk of a previously-
+    // started value, so append rather than replace.
+    if (off > 0) {
+        mr->dhr->grow_last_arg(key, std::string(data, size));
+    } else {
+        mr->dhr->set_arg(key, std::string(data, size));
+    }
+    return MHD_YES;
+}
+
+bool webserver_impl::setup_new_upload_file_info(http::file_info& file,
+        const char* filename, const char* content_type,
+        const char* transfer_encoding) const {
+    // First chunk for this (key, filename) pair: choose the on-disk
+    // destination path (random if generate_random_filename_on_upload,
+    // otherwise sanitize the client-supplied filename) and prime the
+    // file_info with content_type / transfer_encoding when MHD gave
+    // them to us.
+    if (parent->generate_random_filename_on_upload) {
+        file.set_file_system_file_name(
+            http_utils::generate_random_upload_filename(parent->file_upload_dir));
+    } else {
+        std::string safe_name = http_utils::sanitize_upload_filename(filename);
+        if (safe_name.empty()) return false;
+        file.set_file_system_file_name(parent->file_upload_dir + "/" + safe_name);
+    }
+    // Avoid appending to a leftover file from a previous request.
+    unlink(file.get_file_system_file_name().c_str());
+    if (content_type != nullptr) file.set_content_type(content_type);
+    if (transfer_encoding != nullptr) file.set_transfer_encoding(transfer_encoding);
+    return true;
+}
+
+void webserver_impl::manage_upload_stream(detail::modded_request* mr,
+        const char* filename, const char* key, http::file_info& file) {
+    // If MHD switches us to a different (filename, key) pair, close the
+    // previous output stream. The four-way OR covers fresh state (both
+    // tracking strings empty) and either coordinate changing.
+    if (mr->upload_filename.empty()
+            || mr->upload_key.empty()
+            || strcmp(filename, mr->upload_filename.c_str()) != 0
+            || strcmp(key, mr->upload_key.c_str()) != 0) {
+        if (mr->upload_ostrm != nullptr) mr->upload_ostrm->close();
+    }
+    // Open a stream when we don't already have one (first chunk, or
+    // just-closed above).
+    if (mr->upload_ostrm == nullptr || !mr->upload_ostrm->is_open()) {
+        mr->upload_key = key;
+        mr->upload_filename = filename;
+        mr->upload_ostrm = std::make_unique<std::ofstream>();
+        mr->upload_ostrm->open(file.get_file_system_file_name(),
+                               std::ios::binary | std::ios::app);
+    }
+}
+
+MHD_Result webserver_impl::process_file_upload(detail::modded_request* mr,
+        const char* key, const char* filename, const char* content_type,
+        const char* transfer_encoding, const char* data, size_t size) const {
+    http::file_info& file = mr->dhr->get_or_create_file_info(key, filename);
+    if (file.get_file_system_file_name().empty()) {
+        if (!setup_new_upload_file_info(file, filename, content_type, transfer_encoding)) {
+            return MHD_NO;
+        }
+    }
+    manage_upload_stream(mr, filename, key, file);
+    if (size > 0) {
+        mr->upload_ostrm->write(data, size);
+        if (!mr->upload_ostrm->good()) return MHD_NO;
+    }
+    file.grow_file_size(size);
+    return MHD_YES;
+}
+
 MHD_Result webserver_impl::post_iterator(void *cls, enum MHD_ValueKind kind,
         const char *key, const char *filename, const char *content_type,
         const char *transfer_encoding, const char *data, uint64_t off, size_t size) {
     // Parameter needed to respect MHD interface, but not needed here.
     std::ignore = kind;
-
     auto* mr = static_cast<detail::modded_request*>(cls);
 
     if (!filename) {
-        // There is no actual file, just set the arg key/value and return.
-        if (off > 0) {
-            mr->dhr->grow_last_arg(key, std::string(data, size));
-            return MHD_YES;
-        }
-
-        mr->dhr->set_arg(key, std::string(data, size));
-        return MHD_YES;
+        return handle_post_form_arg(mr, key, data, size, off);
     }
 
     try {
         if (mr->ws->file_upload_target != FILE_UPLOAD_DISK_ONLY) {
-            mr->dhr->set_arg_flat(key, std::string(mr->dhr->get_arg(key)) + std::string(data, size));
+            mr->dhr->set_arg_flat(key,
+                std::string(mr->dhr->get_arg(key)) + std::string(data, size));
         }
-
         if (*filename != '\0' && mr->ws->file_upload_target != FILE_UPLOAD_MEMORY_ONLY) {
-            // either get the existing file info struct or create a new one in the file map
-            http::file_info& file = mr->dhr->get_or_create_file_info(key, filename);
-            // if the file_system_file_name is not filled yet, this is a new entry and the name has to be set
-            // (either random or copy of the original filename)
-            if (file.get_file_system_file_name().empty()) {
-                if (mr->ws->generate_random_filename_on_upload) {
-                    file.set_file_system_file_name(http_utils::generate_random_upload_filename(mr->ws->file_upload_dir));
-                } else {
-                    std::string safe_name = http_utils::sanitize_upload_filename(filename);
-                    if (safe_name.empty()) {
-                        return MHD_NO;
-                    }
-                    file.set_file_system_file_name(mr->ws->file_upload_dir + "/" + safe_name);
-                }
-                // to not append to an already existing file, delete an already existing file
-                unlink(file.get_file_system_file_name().c_str());
-                if (content_type != nullptr) {
-                    file.set_content_type(content_type);
-                }
-                if (transfer_encoding != nullptr) {
-                    file.set_transfer_encoding(transfer_encoding);
-                }
-            }
-
-            // if multiple files are uploaded, a different filename or a different key indicates
-            // the start of a new file, so close the previous one
-            if (mr->upload_filename.empty() ||
-                mr->upload_key.empty() ||
-                0 != strcmp(filename, mr->upload_filename.c_str()) ||
-                0 != strcmp(key, mr->upload_key.c_str())) {
-                if (mr->upload_ostrm != nullptr) {
-                    mr->upload_ostrm->close();
-                }
-            }
-
-            if (mr->upload_ostrm == nullptr || !mr->upload_ostrm->is_open()) {
-                mr->upload_key = key;
-                mr->upload_filename = filename;
-                mr->upload_ostrm = std::make_unique<std::ofstream>();
-                mr->upload_ostrm->open(file.get_file_system_file_name(), std::ios::binary | std::ios::app);
-            }
-
-            if (size > 0) {
-                mr->upload_ostrm->write(data, size);
-                if (!mr->upload_ostrm->good()) {
-                    return MHD_NO;
-                }
-            }
-
-            // update the file size in the map
-            file.grow_file_size(size);
+            MHD_Result r = mr->ws->impl_->process_file_upload(
+                mr, key, filename, content_type, transfer_encoding, data, size);
+            if (r != MHD_YES) return r;
         }
         return MHD_YES;
-    } catch(const http::generateFilenameException& e) {
+    } catch (const http::generateFilenameException&) {
         return MHD_NO;
     }
 }
