2 a555e0d6 2022-07-04 op * Copyright (c) 2020, 2021, 2022 Omar Polo <op@omarpolo.com>
4 3e4749f7 2020-10-02 op * Permission to use, copy, modify, and distribute this software for any
5 3e4749f7 2020-10-02 op * purpose with or without fee is hereby granted, provided that the above
6 3e4749f7 2020-10-02 op * copyright notice and this permission notice appear in all copies.
8 3e4749f7 2020-10-02 op * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 3e4749f7 2020-10-02 op * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 3e4749f7 2020-10-02 op * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 3e4749f7 2020-10-02 op * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 3e4749f7 2020-10-02 op * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 3e4749f7 2020-10-02 op * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 3e4749f7 2020-10-02 op * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 52418c8d 2021-02-12 op #include "gmid.h"
19 8443bff7 2021-01-25 op #include <sys/stat.h>
21 592fd624 2020-10-07 op #include <errno.h>
22 3e4749f7 2020-10-02 op #include <fcntl.h>
23 5777923b 2021-06-29 op #include <getopt.h>
24 0046c1fe 2023-06-06 op #include <locale.h>
25 7e1df73d 2021-03-31 op #include <libgen.h>
26 bcf5d929 2021-02-01 op #include <limits.h>
27 c9e97a6e 2022-12-24 op #include <grp.h>
28 ae08ec7d 2021-01-25 op #include <pwd.h>
29 0cf902af 2020-11-03 op #include <signal.h>
30 3e4749f7 2020-10-02 op #include <string.h>
31 eae52ad4 2023-06-06 op #include <syslog.h>
33 eae52ad4 2023-06-06 op #include "log.h"
34 c26f2460 2023-06-08 op #include "proc.h"
36 c26f2460 2023-06-08 op #ifndef nitems
37 c26f2460 2023-06-08 op #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
40 c26f2460 2023-06-08 op static int main_configure(struct conf *);
41 c26f2460 2023-06-08 op static void main_configure_done(struct conf *);
42 c26f2460 2023-06-08 op static void main_reload(struct conf *);
43 c26f2460 2023-06-08 op static void main_sig_handler(int, short, void *);
44 c26f2460 2023-06-08 op static int main_dispatch_server(int, struct privsep_proc *, struct imsg *);
45 86693a33 2023-06-11 op static int main_dispatch_crypto(int, struct privsep_proc *, struct imsg *);
46 c26f2460 2023-06-08 op static int main_dispatch_logger(int, struct privsep_proc *, struct imsg *);
47 c26f2460 2023-06-08 op static void __dead main_shutdown(struct conf *);
48 5af19830 2023-06-09 op static void main_print_conf(struct conf *);
50 c26f2460 2023-06-08 op static struct privsep_proc procs[] = {
51 c26f2460 2023-06-08 op { "server", PROC_SERVER, main_dispatch_server, server },
52 86693a33 2023-06-11 op { "crypto", PROC_CRYPTO, main_dispatch_crypto, crypto },
53 c26f2460 2023-06-08 op { "logger", PROC_LOGGER, main_dispatch_logger, logger },
56 7fff8aa6 2023-06-09 op static const char *opts = "c:D:fI:hnP:T:U:VvX:";
58 e5d82d94 2022-03-19 op static const struct option longopts[] = {
59 5777923b 2021-06-29 op {"help", no_argument, NULL, 'h'},
60 5777923b 2021-06-29 op {"version", no_argument, NULL, 'V'},
61 5777923b 2021-06-29 op {NULL, 0, NULL, 0},
64 bc99d868 2021-03-19 op int sock4, sock6;
65 c26f2460 2023-06-08 op int privsep_process;
66 c26f2460 2023-06-08 op int pidfd = -1;
68 ca84625a 2023-06-08 op int debug, verbose;
70 32fbc478 2022-09-08 op const char *config_path = "/etc/gmid.conf";
71 32fbc478 2022-09-08 op const char *pidfile;
76 3abf91b0 2021-02-07 op fprintf(stderr,
77 0be2a537 2021-06-29 op "Version: " GMID_STRING "\n"
78 0ac785a6 2023-06-05 op "Usage: %s [-fnv] [-c config] [-D macro=value] [-P pidfile]\n",
79 9327bc04 2021-06-29 op getprogname());
82 47b0ff10 2023-06-08 op /* used by the server process, defined here so gg can provide its own impl. */
84 2c381068 2023-07-01 op log_request(struct client *c, int code, const char *meta)
86 af1dab18 2023-06-09 op struct conf *conf = c->conf;
87 ed164e72 2023-06-26 op char b[GEMINI_URL_LEN];
89 47b0ff10 2023-06-08 op const char *t;
92 47b0ff10 2023-06-08 op if (c->iri.schema != NULL) {
93 47b0ff10 2023-06-08 op /* serialize the IRI */
94 47b0ff10 2023-06-08 op strlcpy(b, c->iri.schema, sizeof(b));
95 47b0ff10 2023-06-08 op strlcat(b, "://", sizeof(b));
97 47b0ff10 2023-06-08 op /* log the decoded host name, but if it was invalid
98 47b0ff10 2023-06-08 op * use the raw one. */
99 47b0ff10 2023-06-08 op if (*c->domain != '\0')
100 47b0ff10 2023-06-08 op strlcat(b, c->domain, sizeof(b));
102 47b0ff10 2023-06-08 op strlcat(b, c->iri.host, sizeof(b));
104 47b0ff10 2023-06-08 op if (*c->iri.path != '/')
105 47b0ff10 2023-06-08 op strlcat(b, "/", sizeof(b));
106 47b0ff10 2023-06-08 op strlcat(b, c->iri.path, sizeof(b)); /* TODO: sanitize UTF8 */
107 47b0ff10 2023-06-08 op if (*c->iri.query != '\0') { /* TODO: sanitize UTF8 */
108 47b0ff10 2023-06-08 op strlcat(b, "?", sizeof(b));
109 47b0ff10 2023-06-08 op strlcat(b, c->iri.query, sizeof(b));
112 47b0ff10 2023-06-08 op if ((t = c->req) == NULL)
114 47b0ff10 2023-06-08 op strlcpy(b, t, sizeof(b));
117 2c381068 2023-07-01 op ec = asprintf(&fmted, "%s:%s GET %s %d %s", c->rhost, c->rserv, b,
119 47b0ff10 2023-06-08 op if (ec == -1)
120 792f302a 2023-06-09 op fatal("asprintf");
122 af1dab18 2023-06-09 op proc_compose(conf->ps, PROC_LOGGER, IMSG_LOG_REQUEST,
123 47b0ff10 2023-06-08 op fmted, ec + 1);
129 419a4235 2021-04-28 op write_pidfile(const char *pidfile)
131 419a4235 2021-04-28 op struct flock lock;
134 419a4235 2021-04-28 op if (pidfile == NULL)
137 419a4235 2021-04-28 op if ((fd = open(pidfile, O_WRONLY|O_CREAT|O_CLOEXEC, 0600)) == -1)
138 df5058c9 2023-06-05 op fatal("can't open pidfile %s", pidfile);
140 419a4235 2021-04-28 op lock.l_start = 0;
141 419a4235 2021-04-28 op lock.l_len = 0;
142 419a4235 2021-04-28 op lock.l_type = F_WRLCK;
143 419a4235 2021-04-28 op lock.l_whence = SEEK_SET;
145 419a4235 2021-04-28 op if (fcntl(fd, F_SETLK, &lock) == -1)
146 df5058c9 2023-06-05 op fatalx("can't lock %s, gmid is already running?", pidfile);
148 419a4235 2021-04-28 op if (ftruncate(fd, 0) == -1)
149 df5058c9 2023-06-05 op fatal("ftruncate %s", pidfile);
151 419a4235 2021-04-28 op dprintf(fd, "%d\n", getpid());
157 8d6ae384 2021-01-24 op main(int argc, char **argv)
159 af1dab18 2023-06-09 op struct conf *conf;
160 c26f2460 2023-06-08 op struct privsep *ps;
161 c26f2460 2023-06-08 op const char *errstr, *title = NULL;
162 7fff8aa6 2023-06-09 op const char *user = NULL, *chroot = NULL;
164 c26f2460 2023-06-08 op int ch, conftest = 0;
165 c26f2460 2023-06-08 op int proc_instance = 0;
166 c26f2460 2023-06-08 op int proc_id = PROC_PARENT;
167 c26f2460 2023-06-08 op int argc0 = argc;
169 0046c1fe 2023-06-06 op setlocale(LC_CTYPE, "");
171 eae52ad4 2023-06-06 op /* log to stderr until daemonized */
172 eae52ad4 2023-06-06 op log_init(1, LOG_DAEMON);
174 5777923b 2021-06-29 op while ((ch = getopt_long(argc, argv, opts, longopts, NULL)) != -1) {
175 3e4749f7 2020-10-02 op switch (ch) {
177 0ac785a6 2023-06-05 op config_path = absolutify_path(optarg);
180 f98e9045 2021-06-29 op if (cmdline_symset(optarg) == -1)
181 df5058c9 2023-06-05 op fatalx("could not parse macro definition: %s",
191 c26f2460 2023-06-08 op proc_instance = strtonum(optarg, 0, PROC_MAX_INSTANCES,
193 c26f2460 2023-06-08 op if (errstr != NULL)
194 c26f2460 2023-06-08 op fatalx("invalid process instance");
200 f1f13cb7 2023-06-08 op pidfile = absolutify_path(optarg);
203 c26f2460 2023-06-08 op title = optarg;
204 c26f2460 2023-06-08 op proc_id = proc_getid(procs, nitems(procs), title);
205 c26f2460 2023-06-08 op if (proc_id == PROC_MAX)
206 c26f2460 2023-06-08 op fatalx("invalid process name");
209 7fff8aa6 2023-06-09 op user = optarg;
212 fdb43a4c 2021-06-29 op puts("Version: " GMID_STRING);
218 7fff8aa6 2023-06-09 op chroot = optarg;
226 c26f2460 2023-06-08 op if (argc - optind != 0)
229 af1dab18 2023-06-09 op conf = config_new();
232 7fff8aa6 2023-06-09 op * Only the parent loads the config, the others get user and
233 7fff8aa6 2023-06-09 op * chroot via flags and the rest via imsg.
235 7fff8aa6 2023-06-09 op if (proc_id == PROC_PARENT) {
236 7fff8aa6 2023-06-09 op if (parse_conf(conf, config_path) == -1)
237 7fff8aa6 2023-06-09 op fatalx("failed to load configuration file");
238 7fff8aa6 2023-06-09 op if (*conf->chroot != '\0' && *conf->user == '\0')
239 7fff8aa6 2023-06-09 op fatalx("can't chroot without a user to switch to.");
242 7fff8aa6 2023-06-09 op strlcpy(conf->user, user, sizeof(conf->user));
244 7fff8aa6 2023-06-09 op strlcpy(conf->chroot, chroot, sizeof(conf->chroot));
247 132cae8c 2021-01-18 op if (conftest) {
248 f0a01fc7 2021-10-09 op fprintf(stderr, "config OK\n");
249 f0a01fc7 2021-10-09 op if (conftest > 1)
250 5af19830 2023-06-09 op main_print_conf(conf);
254 c26f2460 2023-06-08 op if ((ps = calloc(1, sizeof(*ps))) == NULL)
255 c26f2460 2023-06-08 op fatal("calloc");
256 af1dab18 2023-06-09 op ps->ps_env = conf;
257 af1dab18 2023-06-09 op conf->ps = ps;
258 af1dab18 2023-06-09 op if (*conf->user) {
259 c26f2460 2023-06-08 op if (geteuid())
260 c26f2460 2023-06-08 op fatalx("need root privileges");
261 af1dab18 2023-06-09 op if ((ps->ps_pw = getpwnam(conf->user)) == NULL)
262 af1dab18 2023-06-09 op fatalx("unknown user %s", conf->user);
263 287ab865 2023-06-24 op if (*conf->chroot == '\0')
264 287ab865 2023-06-24 op strlcpy(conf->chroot, ps->ps_pw->pw_dir,
265 287ab865 2023-06-24 op sizeof(conf->chroot));
268 af1dab18 2023-06-09 op ps->ps_instances[PROC_SERVER] = conf->prefork;
269 c26f2460 2023-06-08 op ps->ps_instance = proc_instance;
270 c26f2460 2023-06-08 op if (title != NULL)
271 c26f2460 2023-06-08 op ps->ps_title[proc_id] = title;
273 af1dab18 2023-06-09 op if (*conf->chroot != '\0') {
274 c26f2460 2023-06-08 op for (i = 0; i < nitems(procs); ++i)
275 af1dab18 2023-06-09 op procs[i].p_chroot = conf->chroot;
278 ca84625a 2023-06-08 op log_init(debug, LOG_DAEMON);
279 ca84625a 2023-06-08 op log_setverbose(verbose);
280 c26f2460 2023-06-08 op if (title != NULL)
281 c26f2460 2023-06-08 op log_procinit(title);
283 c26f2460 2023-06-08 op /* only the parent returns */
284 ca84625a 2023-06-08 op proc_init(ps, procs, nitems(procs), debug, argc0, argv, proc_id);
286 c26f2460 2023-06-08 op log_procinit("main");
287 ca84625a 2023-06-08 op if (!debug && daemon(0, 0) == -1)
288 c26f2460 2023-06-08 op fatal("daemon");
290 8e8b2e25 2021-04-28 op pidfd = write_pidfile(pidfile);
292 c26f2460 2023-06-08 op sandbox_main_process();
294 c26f2460 2023-06-08 op event_init();
296 c26f2460 2023-06-08 op signal(SIGPIPE, SIG_IGN);
298 c26f2460 2023-06-08 op signal_set(&ps->ps_evsigint, SIGINT, main_sig_handler, ps);
299 c26f2460 2023-06-08 op signal_set(&ps->ps_evsigterm, SIGTERM, main_sig_handler, ps);
300 c26f2460 2023-06-08 op signal_set(&ps->ps_evsigchld, SIGCHLD, main_sig_handler, ps);
301 c26f2460 2023-06-08 op signal_set(&ps->ps_evsighup, SIGHUP, main_sig_handler, ps);
303 c26f2460 2023-06-08 op signal_add(&ps->ps_evsigint, NULL);
304 c26f2460 2023-06-08 op signal_add(&ps->ps_evsigterm, NULL);
305 c26f2460 2023-06-08 op signal_add(&ps->ps_evsigchld, NULL);
306 c26f2460 2023-06-08 op signal_add(&ps->ps_evsighup, NULL);
308 c26f2460 2023-06-08 op proc_connect(ps);
310 af1dab18 2023-06-09 op if (main_configure(conf) == -1)
311 c26f2460 2023-06-08 op fatal("configuration failed");
313 c26f2460 2023-06-08 op event_dispatch();
314 af1dab18 2023-06-09 op main_shutdown(conf);
315 c26f2460 2023-06-08 op /* NOTREACHED */
320 c26f2460 2023-06-08 op main_configure(struct conf *conf)
322 c26f2460 2023-06-08 op struct privsep *ps = conf->ps;
324 86693a33 2023-06-11 op conf->reload = conf->prefork + 1; /* servers, crypto */
326 c26f2460 2023-06-08 op if (proc_compose(ps, PROC_SERVER, IMSG_RECONF_START, NULL, 0) == -1)
328 86693a33 2023-06-11 op if (proc_compose(ps, PROC_CRYPTO, IMSG_RECONF_START, NULL, 0) == -1)
331 e45334e6 2023-06-09 op if (config_send(conf) == -1)
334 c26f2460 2023-06-08 op if (proc_compose(ps, PROC_SERVER, IMSG_RECONF_END, NULL, 0) == -1)
336 86693a33 2023-06-11 op if (proc_compose(ps, PROC_CRYPTO, IMSG_RECONF_END, NULL, 0) == -1)
343 c26f2460 2023-06-08 op main_configure_done(struct conf *conf)
345 c26f2460 2023-06-08 op if (conf->reload == 0) {
346 c26f2460 2023-06-08 op log_warnx("configuration already done");
350 c26f2460 2023-06-08 op conf->reload--;
351 c26f2460 2023-06-08 op /* send IMSG_CTL_START? */
355 c26f2460 2023-06-08 op main_reload(struct conf *conf)
357 c26f2460 2023-06-08 op if (conf->reload) {
358 c26f2460 2023-06-08 op log_debug("%s: already in progress: %d pending",
359 c26f2460 2023-06-08 op __func__, conf->reload);
363 c26f2460 2023-06-08 op log_debug("%s: config file %s", __func__, config_path);
364 af1dab18 2023-06-09 op config_purge(conf);
366 68368f4c 2023-06-09 op if (parse_conf(conf, config_path) == -1) {
367 68368f4c 2023-06-09 op log_warnx("failed to parse the config");
371 c26f2460 2023-06-08 op main_configure(conf);
375 c26f2460 2023-06-08 op main_sig_handler(int sig, short ev, void *arg)
377 c26f2460 2023-06-08 op struct privsep *ps = arg;
380 c26f2460 2023-06-08 op * Normal signal handler rules don't apply here because libevent
381 c26f2460 2023-06-08 op * decouples for us.
384 c26f2460 2023-06-08 op switch (sig) {
386 c26f2460 2023-06-08 op if (privsep_process != PROC_PARENT)
388 c26f2460 2023-06-08 op log_info("reload requested with SIGHUP");
389 c26f2460 2023-06-08 op main_reload(ps->ps_env);
391 c26f2460 2023-06-08 op case SIGCHLD:
392 c26f2460 2023-06-08 op log_warnx("one child died, quitting");
393 c26f2460 2023-06-08 op /* fallthrough */
394 c26f2460 2023-06-08 op case SIGTERM:
396 c26f2460 2023-06-08 op main_shutdown(ps->ps_env);
399 c26f2460 2023-06-08 op fatalx("unexpected signal %d", sig);
404 c26f2460 2023-06-08 op main_dispatch_server(int fd, struct privsep_proc *p, struct imsg *imsg)
406 c26f2460 2023-06-08 op struct privsep *ps = p->p_ps;
407 c26f2460 2023-06-08 op struct conf *conf = ps->ps_env;
409 c26f2460 2023-06-08 op switch (imsg->hdr.type) {
410 c26f2460 2023-06-08 op case IMSG_RECONF_DONE:
411 c26f2460 2023-06-08 op main_configure_done(conf);
421 86693a33 2023-06-11 op main_dispatch_crypto(int fd, struct privsep_proc *p, struct imsg *imsg)
423 86693a33 2023-06-11 op struct privsep *ps = p->p_ps;
424 86693a33 2023-06-11 op struct conf *conf = ps->ps_env;
426 86693a33 2023-06-11 op switch (imsg->hdr.type) {
427 86693a33 2023-06-11 op case IMSG_RECONF_DONE:
428 86693a33 2023-06-11 op main_configure_done(conf);
438 c26f2460 2023-06-08 op main_dispatch_logger(int fd, struct privsep_proc *p, struct imsg *imsg)
440 c26f2460 2023-06-08 op struct privsep *ps = p->p_ps;
441 c26f2460 2023-06-08 op struct conf *conf = ps->ps_env;
443 c26f2460 2023-06-08 op switch (imsg->hdr.type) {
444 c26f2460 2023-06-08 op case IMSG_RECONF_DONE:
445 c26f2460 2023-06-08 op main_configure_done(conf);
454 c26f2460 2023-06-08 op static void __dead
455 c26f2460 2023-06-08 op main_shutdown(struct conf *conf)
457 c26f2460 2023-06-08 op proc_kill(conf->ps);
458 af1dab18 2023-06-09 op config_purge(conf);
459 c26f2460 2023-06-08 op free(conf->ps);
460 c26f2460 2023-06-08 op /* free(conf); */
462 c26f2460 2023-06-08 op log_info("parent terminating, pid %d", getpid());
464 8e8b2e25 2021-04-28 op if (pidfd != -1)
465 8e8b2e25 2021-04-28 op close(pidfd);
471 5af19830 2023-06-09 op main_print_conf(struct conf *conf)
473 5af19830 2023-06-09 op struct vhost *h;
474 5af19830 2023-06-09 op /* struct location *l; */
475 5af19830 2023-06-09 op /* struct envlist *e; */
476 5af19830 2023-06-09 op /* struct alist *a; */
478 5af19830 2023-06-09 op if (*conf->chroot != '\0')
479 5af19830 2023-06-09 op printf("chroot \"%s\"\n", conf->chroot);
480 5af19830 2023-06-09 op /* XXX: defined mimes? */
481 5af19830 2023-06-09 op printf("prefork %d\n", conf->prefork);
482 5af19830 2023-06-09 op /* XXX: protocols? */
483 5af19830 2023-06-09 op if (*conf->user != '\0')
484 5af19830 2023-06-09 op printf("user \"%s\"\n", conf->user);
486 5af19830 2023-06-09 op TAILQ_FOREACH(h, &conf->hosts, vhosts) {
487 5af19830 2023-06-09 op printf("\nserver \"%s\" {\n", h->domain);
488 5af19830 2023-06-09 op printf(" cert \"%s\"\n", h->cert);
489 5af19830 2023-06-09 op printf(" key \"%s\"\n", h->key);
490 5af19830 2023-06-09 op /* TODO: print locations... */
491 5af19830 2023-06-09 op printf("}\n");