Blame


1 3e4749f7 2020-10-02 op /*
2 43b38b2d 2023-10-18 op * Copyright (c) 2020, 2021, 2022, 2023 Omar Polo <op@omarpolo.com>
3 3e4749f7 2020-10-02 op *
4 3e4749f7 2020-10-02 op * Permission to use, copy, modify, and distribute this software for any
5 3e4749f7 2020-10-02 op * purpose with or without fee is hereby granted, provided that the above
6 3e4749f7 2020-10-02 op * copyright notice and this permission notice appear in all copies.
7 3e4749f7 2020-10-02 op *
8 3e4749f7 2020-10-02 op * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 3e4749f7 2020-10-02 op * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 3e4749f7 2020-10-02 op * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 3e4749f7 2020-10-02 op * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 3e4749f7 2020-10-02 op * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 3e4749f7 2020-10-02 op * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 3e4749f7 2020-10-02 op * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 3e4749f7 2020-10-02 op */
16 52418c8d 2021-02-12 op
17 52418c8d 2021-02-12 op #include "gmid.h"
18 3e4749f7 2020-10-02 op
19 8443bff7 2021-01-25 op #include <sys/stat.h>
20 8443bff7 2021-01-25 op
21 592fd624 2020-10-07 op #include <errno.h>
22 3e4749f7 2020-10-02 op #include <fcntl.h>
23 5777923b 2021-06-29 op #include <getopt.h>
24 0046c1fe 2023-06-06 op #include <locale.h>
25 7e1df73d 2021-03-31 op #include <libgen.h>
26 bcf5d929 2021-02-01 op #include <limits.h>
27 c9e97a6e 2022-12-24 op #include <grp.h>
28 ae08ec7d 2021-01-25 op #include <pwd.h>
29 0cf902af 2020-11-03 op #include <signal.h>
30 3e4749f7 2020-10-02 op #include <string.h>
31 eae52ad4 2023-06-06 op #include <syslog.h>
32 ddbcd3c1 2023-08-07 op #include <vis.h>
33 cc68fe70 2020-10-07 op
34 eae52ad4 2023-06-06 op #include "log.h"
35 c26f2460 2023-06-08 op #include "proc.h"
36 df5058c9 2023-06-05 op
37 c26f2460 2023-06-08 op #ifndef nitems
38 c26f2460 2023-06-08 op #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
39 c26f2460 2023-06-08 op #endif
40 5777923b 2021-06-29 op
41 c26f2460 2023-06-08 op static int main_configure(struct conf *);
42 c26f2460 2023-06-08 op static void main_configure_done(struct conf *);
43 c26f2460 2023-06-08 op static void main_reload(struct conf *);
44 c26f2460 2023-06-08 op static void main_sig_handler(int, short, void *);
45 c26f2460 2023-06-08 op static int main_dispatch_server(int, struct privsep_proc *, struct imsg *);
46 86693a33 2023-06-11 op static int main_dispatch_crypto(int, struct privsep_proc *, struct imsg *);
47 c26f2460 2023-06-08 op static int main_dispatch_logger(int, struct privsep_proc *, struct imsg *);
48 c26f2460 2023-06-08 op static void __dead main_shutdown(struct conf *);
49 5af19830 2023-06-09 op static void main_print_conf(struct conf *);
50 c26f2460 2023-06-08 op
51 c26f2460 2023-06-08 op static struct privsep_proc procs[] = {
52 c26f2460 2023-06-08 op { "server", PROC_SERVER, main_dispatch_server, server },
53 86693a33 2023-06-11 op { "crypto", PROC_CRYPTO, main_dispatch_crypto, crypto },
54 c26f2460 2023-06-08 op { "logger", PROC_LOGGER, main_dispatch_logger, logger },
55 c26f2460 2023-06-08 op };
56 c26f2460 2023-06-08 op
57 23ea79ce 2024-06-14 op static const char *opts = "c:D:fI:J:hnP:T:U:VvX:";
58 c26f2460 2023-06-08 op
59 e5d82d94 2022-03-19 op static const struct option longopts[] = {
60 5777923b 2021-06-29 op {"help", no_argument, NULL, 'h'},
61 5777923b 2021-06-29 op {"version", no_argument, NULL, 'V'},
62 5777923b 2021-06-29 op {NULL, 0, NULL, 0},
63 5777923b 2021-06-29 op };
64 15902770 2021-01-15 op
65 bc99d868 2021-03-19 op int sock4, sock6;
66 c26f2460 2023-06-08 op int privsep_process;
67 c26f2460 2023-06-08 op int pidfd = -1;
68 d672b8fb 2021-02-03 op
69 ca84625a 2023-06-08 op int debug, verbose;
70 ca84625a 2023-06-08 op
71 0d5282b6 2024-01-11 op const char *config_path = SYSCONFDIR "/gmid.conf";
72 32fbc478 2022-09-08 op const char *pidfile;
73 881a9dd9 2021-01-16 op
74 3abf91b0 2021-02-07 op static void
75 9327bc04 2021-06-29 op usage(void)
76 3abf91b0 2021-02-07 op {
77 3abf91b0 2021-02-07 op fprintf(stderr,
78 0be2a537 2021-06-29 op "Version: " GMID_STRING "\n"
79 0ac785a6 2023-06-05 op "Usage: %s [-fnv] [-c config] [-D macro=value] [-P pidfile]\n",
80 9327bc04 2021-06-29 op getprogname());
81 3abf91b0 2021-02-07 op }
82 3abf91b0 2021-02-07 op
83 6be41efe 2023-08-28 op /*
84 6be41efe 2023-08-28 op * Used by the server process, defined here so gemexp can provide
85 6be41efe 2023-08-28 op * its own implementation.
86 6be41efe 2023-08-28 op */
87 47b0ff10 2023-06-08 op void
88 2c381068 2023-07-01 op log_request(struct client *c, int code, const char *meta)
89 47b0ff10 2023-06-08 op {
90 af1dab18 2023-06-09 op struct conf *conf = c->conf;
91 abd261d2 2023-07-25 op char tstamp[64], rfc3339[32];
92 ddbcd3c1 2023-08-07 op char cntmp[64], cn[64] = "-";
93 ed164e72 2023-06-26 op char b[GEMINI_URL_LEN];
94 47b0ff10 2023-06-08 op char *fmted;
95 47b0ff10 2023-06-08 op const char *t;
96 abd261d2 2023-07-25 op struct tm *tm;
97 abd261d2 2023-07-25 op time_t now;
98 47b0ff10 2023-06-08 op int ec;
99 47b0ff10 2023-06-08 op
100 abd261d2 2023-07-25 op if ((now = time(NULL)) == -1)
101 abd261d2 2023-07-25 op fatal("time");
102 abd261d2 2023-07-25 op if ((tm = localtime(&now)) == NULL)
103 abd261d2 2023-07-25 op fatal("localtime");
104 abd261d2 2023-07-25 op if (strftime(tstamp, sizeof(tstamp), "%d/%b%Y:%H:%M:%S %z", tm) == 0)
105 abd261d2 2023-07-25 op fatal("strftime");
106 abd261d2 2023-07-25 op if (strftime(rfc3339, sizeof(rfc3339), "%FT%T%z", tm) == 0)
107 abd261d2 2023-07-25 op fatal("strftime");
108 abd261d2 2023-07-25 op
109 47b0ff10 2023-06-08 op if (c->iri.schema != NULL) {
110 47b0ff10 2023-06-08 op /* serialize the IRI */
111 47b0ff10 2023-06-08 op strlcpy(b, c->iri.schema, sizeof(b));
112 47b0ff10 2023-06-08 op strlcat(b, "://", sizeof(b));
113 47b0ff10 2023-06-08 op
114 47b0ff10 2023-06-08 op /* log the decoded host name, but if it was invalid
115 47b0ff10 2023-06-08 op * use the raw one. */
116 47b0ff10 2023-06-08 op if (*c->domain != '\0')
117 47b0ff10 2023-06-08 op strlcat(b, c->domain, sizeof(b));
118 47b0ff10 2023-06-08 op else
119 47b0ff10 2023-06-08 op strlcat(b, c->iri.host, sizeof(b));
120 47b0ff10 2023-06-08 op
121 47b0ff10 2023-06-08 op if (*c->iri.path != '/')
122 47b0ff10 2023-06-08 op strlcat(b, "/", sizeof(b));
123 47b0ff10 2023-06-08 op strlcat(b, c->iri.path, sizeof(b)); /* TODO: sanitize UTF8 */
124 47b0ff10 2023-06-08 op if (*c->iri.query != '\0') { /* TODO: sanitize UTF8 */
125 47b0ff10 2023-06-08 op strlcat(b, "?", sizeof(b));
126 47b0ff10 2023-06-08 op strlcat(b, c->iri.query, sizeof(b));
127 47b0ff10 2023-06-08 op }
128 47b0ff10 2023-06-08 op } else {
129 47b0ff10 2023-06-08 op if ((t = c->req) == NULL)
130 47b0ff10 2023-06-08 op t = "";
131 47b0ff10 2023-06-08 op strlcpy(b, t, sizeof(b));
132 47b0ff10 2023-06-08 op }
133 47b0ff10 2023-06-08 op
134 ddbcd3c1 2023-08-07 op if (tls_peer_cert_provided(c->ctx)) {
135 ddbcd3c1 2023-08-07 op const char *subj;
136 ddbcd3c1 2023-08-07 op char *n;
137 ddbcd3c1 2023-08-07 op
138 ddbcd3c1 2023-08-07 op subj = tls_peer_cert_subject(c->ctx);
139 ddbcd3c1 2023-08-07 op if ((n = strstr(subj, "/CN=")) != NULL) {
140 ddbcd3c1 2023-08-07 op strlcpy(cntmp, subj + 4, sizeof(cntmp));
141 ddbcd3c1 2023-08-07 op if ((n = strchr(cntmp, '/')) != NULL)
142 ddbcd3c1 2023-08-07 op *n = '\0';
143 40103011 2024-06-08 op strnvis(cn, cntmp, sizeof(cn), VIS_WHITE|VIS_DQ);
144 ddbcd3c1 2023-08-07 op }
145 ddbcd3c1 2023-08-07 op }
146 ddbcd3c1 2023-08-07 op
147 abd261d2 2023-07-25 op switch (conf->log_format) {
148 abd261d2 2023-07-25 op case LOG_FORMAT_LEGACY:
149 abd261d2 2023-07-25 op ec = asprintf(&fmted, "%s:%s GET %s %d %s", c->rhost,
150 abd261d2 2023-07-25 op c->rserv, b, code, meta);
151 abd261d2 2023-07-25 op break;
152 abd261d2 2023-07-25 op
153 abd261d2 2023-07-25 op case LOG_FORMAT_CONDENSED:
154 abd261d2 2023-07-25 op /*
155 b5963536 2023-08-01 op * XXX it should log the size of the request and
156 b5963536 2023-08-01 op * response.
157 abd261d2 2023-07-25 op */
158 ddbcd3c1 2023-08-07 op ec = asprintf(&fmted, "%s %s %s %s %s 0 0 %d %s", rfc3339,
159 ddbcd3c1 2023-08-07 op c->rhost, cn, *c->domain == '\0' ? c->iri.host : c->domain,
160 abd261d2 2023-07-25 op b, code, meta);
161 abd261d2 2023-07-25 op break;
162 abd261d2 2023-07-25 op
163 abd261d2 2023-07-25 op /*
164 abd261d2 2023-07-25 op * Attempt to be compatible with the default Apache httpd'
165 abd261d2 2023-07-25 op * LogFormat "%h %l %u %t \"%r\" %>s %b"
166 abd261d2 2023-07-25 op * see <https://httpd.apache.org/docs/current/mod/mod_log_config.html>
167 abd261d2 2023-07-25 op */
168 abd261d2 2023-07-25 op case LOG_FORMAT_COMMON:
169 abd261d2 2023-07-25 op /*
170 abd261d2 2023-07-25 op * XXX it should log the size of the response.
171 abd261d2 2023-07-25 op */
172 ddbcd3c1 2023-08-07 op ec = asprintf(&fmted, "%s %s - %s %s \"%s\" %d 0",
173 abd261d2 2023-07-25 op *c->domain == '\0' ? c->iri.host : c->domain,
174 ddbcd3c1 2023-08-07 op c->rhost, cn, tstamp, b, code);
175 abd261d2 2023-07-25 op break;
176 abd261d2 2023-07-25 op
177 abd261d2 2023-07-25 op /*
178 abd261d2 2023-07-25 op * Attempt to be compatible with the default nginx' log_format
179 abd261d2 2023-07-25 op * combined:
180 abd261d2 2023-07-25 op * '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
181 abd261d2 2023-07-25 op */
182 abd261d2 2023-07-25 op case LOG_FORMAT_COMBINED:
183 abd261d2 2023-07-25 op default:
184 abd261d2 2023-07-25 op /*
185 abd261d2 2023-07-25 op * XXX it should log the size of the response.
186 abd261d2 2023-07-25 op */
187 ddbcd3c1 2023-08-07 op ec = asprintf(&fmted, "%s - %s [%s] \"%s\" %d 0 \"-\" \"\"",
188 ddbcd3c1 2023-08-07 op c->rhost, cn, tstamp, b, code);
189 abd261d2 2023-07-25 op break;
190 abd261d2 2023-07-25 op }
191 abd261d2 2023-07-25 op
192 47b0ff10 2023-06-08 op if (ec == -1)
193 792f302a 2023-06-09 op fatal("asprintf");
194 e0750210 2023-07-24 op
195 e0750210 2023-07-24 op if (debug)
196 e0750210 2023-07-24 op fprintf(stderr, "%s\n", fmted);
197 47b0ff10 2023-06-08 op
198 af1dab18 2023-06-09 op proc_compose(conf->ps, PROC_LOGGER, IMSG_LOG_REQUEST,
199 47b0ff10 2023-06-08 op fmted, ec + 1);
200 47b0ff10 2023-06-08 op
201 47b0ff10 2023-06-08 op free(fmted);
202 47b0ff10 2023-06-08 op }
203 47b0ff10 2023-06-08 op
204 419a4235 2021-04-28 op static int
205 419a4235 2021-04-28 op write_pidfile(const char *pidfile)
206 419a4235 2021-04-28 op {
207 419a4235 2021-04-28 op struct flock lock;
208 419a4235 2021-04-28 op int fd;
209 d672b8fb 2021-02-03 op
210 419a4235 2021-04-28 op if (pidfile == NULL)
211 419a4235 2021-04-28 op return -1;
212 419a4235 2021-04-28 op
213 419a4235 2021-04-28 op if ((fd = open(pidfile, O_WRONLY|O_CREAT|O_CLOEXEC, 0600)) == -1)
214 df5058c9 2023-06-05 op fatal("can't open pidfile %s", pidfile);
215 419a4235 2021-04-28 op
216 419a4235 2021-04-28 op lock.l_start = 0;
217 419a4235 2021-04-28 op lock.l_len = 0;
218 419a4235 2021-04-28 op lock.l_type = F_WRLCK;
219 419a4235 2021-04-28 op lock.l_whence = SEEK_SET;
220 419a4235 2021-04-28 op
221 419a4235 2021-04-28 op if (fcntl(fd, F_SETLK, &lock) == -1)
222 df5058c9 2023-06-05 op fatalx("can't lock %s, gmid is already running?", pidfile);
223 419a4235 2021-04-28 op
224 419a4235 2021-04-28 op if (ftruncate(fd, 0) == -1)
225 df5058c9 2023-06-05 op fatal("ftruncate %s", pidfile);
226 419a4235 2021-04-28 op
227 419a4235 2021-04-28 op dprintf(fd, "%d\n", getpid());
228 419a4235 2021-04-28 op
229 419a4235 2021-04-28 op return fd;
230 419a4235 2021-04-28 op }
231 419a4235 2021-04-28 op
232 8d6ae384 2021-01-24 op int
233 8d6ae384 2021-01-24 op main(int argc, char **argv)
234 8d6ae384 2021-01-24 op {
235 af1dab18 2023-06-09 op struct conf *conf;
236 c26f2460 2023-06-08 op struct privsep *ps;
237 c26f2460 2023-06-08 op const char *errstr, *title = NULL;
238 7fff8aa6 2023-06-09 op const char *user = NULL, *chroot = NULL;
239 c26f2460 2023-06-08 op size_t i;
240 c26f2460 2023-06-08 op int ch, conftest = 0;
241 c26f2460 2023-06-08 op int proc_instance = 0;
242 c26f2460 2023-06-08 op int proc_id = PROC_PARENT;
243 23ea79ce 2024-06-14 op int nprocs = 0;
244 c26f2460 2023-06-08 op int argc0 = argc;
245 501e489c 2021-01-24 op
246 0046c1fe 2023-06-06 op setlocale(LC_CTYPE, "");
247 0046c1fe 2023-06-06 op
248 eae52ad4 2023-06-06 op /* log to stderr until daemonized */
249 eae52ad4 2023-06-06 op log_init(1, LOG_DAEMON);
250 8d6ae384 2021-01-24 op
251 5777923b 2021-06-29 op while ((ch = getopt_long(argc, argv, opts, longopts, NULL)) != -1) {
252 3e4749f7 2020-10-02 op switch (ch) {
253 0ac785a6 2023-06-05 op case 'c':
254 0ac785a6 2023-06-05 op config_path = absolutify_path(optarg);
255 0ac785a6 2023-06-05 op break;
256 f98e9045 2021-06-29 op case 'D':
257 f98e9045 2021-06-29 op if (cmdline_symset(optarg) == -1)
258 df5058c9 2023-06-05 op fatalx("could not parse macro definition: %s",
259 8a50fc03 2021-07-07 op optarg);
260 f98e9045 2021-06-29 op break;
261 0ac785a6 2023-06-05 op case 'f':
262 ca84625a 2023-06-08 op debug = 1;
263 46af8c6c 2021-01-27 op break;
264 3e4749f7 2020-10-02 op case 'h':
265 9327bc04 2021-06-29 op usage();
266 3e4749f7 2020-10-02 op return 0;
267 c26f2460 2023-06-08 op case 'I':
268 c26f2460 2023-06-08 op proc_instance = strtonum(optarg, 0, PROC_MAX_INSTANCES,
269 c26f2460 2023-06-08 op &errstr);
270 c26f2460 2023-06-08 op if (errstr != NULL)
271 c26f2460 2023-06-08 op fatalx("invalid process instance");
272 c26f2460 2023-06-08 op break;
273 23ea79ce 2024-06-14 op case 'J':
274 23ea79ce 2024-06-14 op nprocs = strtonum(optarg, 0, PROC_MAX_INSTANCES,
275 23ea79ce 2024-06-14 op &errstr);
276 23ea79ce 2024-06-14 op if (errstr != NULL)
277 23ea79ce 2024-06-14 op fatalx("invalid process instance");
278 23ea79ce 2024-06-14 op break;
279 15902770 2021-01-15 op case 'n':
280 f0a01fc7 2021-10-09 op conftest++;
281 721e2325 2020-11-18 op break;
282 8e8b2e25 2021-04-28 op case 'P':
283 f1f13cb7 2023-06-08 op pidfile = absolutify_path(optarg);
284 8e8b2e25 2021-04-28 op break;
285 c26f2460 2023-06-08 op case 'T':
286 c26f2460 2023-06-08 op title = optarg;
287 c26f2460 2023-06-08 op proc_id = proc_getid(procs, nitems(procs), title);
288 c26f2460 2023-06-08 op if (proc_id == PROC_MAX)
289 c26f2460 2023-06-08 op fatalx("invalid process name");
290 c26f2460 2023-06-08 op break;
291 7fff8aa6 2023-06-09 op case 'U':
292 7fff8aa6 2023-06-09 op user = optarg;
293 7fff8aa6 2023-06-09 op break;
294 5777923b 2021-06-29 op case 'V':
295 fdb43a4c 2021-06-29 op puts("Version: " GMID_STRING);
296 5777923b 2021-06-29 op return 0;
297 8904fa0e 2021-01-27 op case 'v':
298 ca84625a 2023-06-08 op verbose = 1;
299 8904fa0e 2021-01-27 op break;
300 7fff8aa6 2023-06-09 op case 'X':
301 7fff8aa6 2023-06-09 op chroot = optarg;
302 7fff8aa6 2023-06-09 op break;
303 3e4749f7 2020-10-02 op default:
304 9327bc04 2021-06-29 op usage();
305 3e4749f7 2020-10-02 op return 1;
306 3e4749f7 2020-10-02 op }
307 3e4749f7 2020-10-02 op }
308 3e4749f7 2020-10-02 op
309 c26f2460 2023-06-08 op if (argc - optind != 0)
310 d29a2ee2 2022-09-06 op usage();
311 d29a2ee2 2022-09-06 op
312 af1dab18 2023-06-09 op conf = config_new();
313 af1dab18 2023-06-09 op
314 7fff8aa6 2023-06-09 op /*
315 7fff8aa6 2023-06-09 op * Only the parent loads the config, the others get user and
316 7fff8aa6 2023-06-09 op * chroot via flags and the rest via imsg.
317 7fff8aa6 2023-06-09 op */
318 7fff8aa6 2023-06-09 op if (proc_id == PROC_PARENT) {
319 7fff8aa6 2023-06-09 op if (parse_conf(conf, config_path) == -1)
320 7fff8aa6 2023-06-09 op fatalx("failed to load configuration file");
321 7fff8aa6 2023-06-09 op if (*conf->chroot != '\0' && *conf->user == '\0')
322 7fff8aa6 2023-06-09 op fatalx("can't chroot without a user to switch to.");
323 7fff8aa6 2023-06-09 op } else {
324 68d36b20 2024-06-09 op if (user && strlcpy(conf->user, user, sizeof(conf->user))
325 68d36b20 2024-06-09 op >= sizeof(conf->user))
326 68d36b20 2024-06-09 op fatalx("user name too long: %s", user);
327 68d36b20 2024-06-09 op if (chroot && strlcpy(conf->chroot, chroot, sizeof(conf->chroot))
328 c616a6d6 2024-06-12 op >= sizeof(conf->chroot))
329 68d36b20 2024-06-09 op fatalx("chroot path too long: %s", chroot);
330 23ea79ce 2024-06-14 op conf->prefork = nprocs;
331 7fff8aa6 2023-06-09 op }
332 d672b8fb 2021-02-03 op
333 c26f2460 2023-06-08 op if ((ps = calloc(1, sizeof(*ps))) == NULL)
334 c26f2460 2023-06-08 op fatal("calloc");
335 af1dab18 2023-06-09 op ps->ps_env = conf;
336 af1dab18 2023-06-09 op conf->ps = ps;
337 af1dab18 2023-06-09 op if (*conf->user) {
338 c26f2460 2023-06-08 op if (geteuid())
339 c26f2460 2023-06-08 op fatalx("need root privileges");
340 af1dab18 2023-06-09 op if ((ps->ps_pw = getpwnam(conf->user)) == NULL)
341 af1dab18 2023-06-09 op fatalx("unknown user %s", conf->user);
342 287ab865 2023-06-24 op if (*conf->chroot == '\0')
343 287ab865 2023-06-24 op strlcpy(conf->chroot, ps->ps_pw->pw_dir,
344 287ab865 2023-06-24 op sizeof(conf->chroot));
345 c26f2460 2023-06-08 op }
346 8a50fc03 2021-07-07 op
347 e371817b 2024-01-09 op if (conftest) {
348 e371817b 2024-01-09 op conf->conftest = 1;
349 e371817b 2024-01-09 op if (config_test(conf) == -1)
350 e371817b 2024-01-09 op fatalx("failed to load the configuration");
351 e371817b 2024-01-09 op fprintf(stderr, "config OK\n");
352 e371817b 2024-01-09 op if (conftest > 1)
353 e371817b 2024-01-09 op main_print_conf(conf);
354 e371817b 2024-01-09 op return 0;
355 e371817b 2024-01-09 op }
356 e371817b 2024-01-09 op
357 af1dab18 2023-06-09 op ps->ps_instances[PROC_SERVER] = conf->prefork;
358 c26f2460 2023-06-08 op ps->ps_instance = proc_instance;
359 c26f2460 2023-06-08 op if (title != NULL)
360 c26f2460 2023-06-08 op ps->ps_title[proc_id] = title;
361 c26f2460 2023-06-08 op
362 af1dab18 2023-06-09 op if (*conf->chroot != '\0') {
363 c26f2460 2023-06-08 op for (i = 0; i < nitems(procs); ++i)
364 af1dab18 2023-06-09 op procs[i].p_chroot = conf->chroot;
365 0170ba02 2021-01-17 op }
366 c26f2460 2023-06-08 op
367 ca84625a 2023-06-08 op log_init(debug, LOG_DAEMON);
368 ca84625a 2023-06-08 op log_setverbose(verbose);
369 c26f2460 2023-06-08 op if (title != NULL)
370 c26f2460 2023-06-08 op log_procinit(title);
371 4a28dd01 2020-12-28 op
372 c26f2460 2023-06-08 op /* only the parent returns */
373 ca84625a 2023-06-08 op proc_init(ps, procs, nitems(procs), debug, argc0, argv, proc_id);
374 3e4749f7 2020-10-02 op
375 c26f2460 2023-06-08 op log_procinit("main");
376 ca84625a 2023-06-08 op if (!debug && daemon(0, 0) == -1)
377 c26f2460 2023-06-08 op fatal("daemon");
378 3841a369 2021-04-20 op
379 8e8b2e25 2021-04-28 op pidfd = write_pidfile(pidfile);
380 8e8b2e25 2021-04-28 op
381 c26f2460 2023-06-08 op sandbox_main_process();
382 c26f2460 2023-06-08 op
383 c26f2460 2023-06-08 op event_init();
384 c26f2460 2023-06-08 op
385 c26f2460 2023-06-08 op signal(SIGPIPE, SIG_IGN);
386 b9c9123b 2021-03-20 op
387 c26f2460 2023-06-08 op signal_set(&ps->ps_evsigint, SIGINT, main_sig_handler, ps);
388 c26f2460 2023-06-08 op signal_set(&ps->ps_evsigterm, SIGTERM, main_sig_handler, ps);
389 c26f2460 2023-06-08 op signal_set(&ps->ps_evsigchld, SIGCHLD, main_sig_handler, ps);
390 c26f2460 2023-06-08 op signal_set(&ps->ps_evsighup, SIGHUP, main_sig_handler, ps);
391 3bda540e 2023-07-24 op signal_set(&ps->ps_evsigusr1, SIGUSR1, main_sig_handler, ps);
392 ca21e100 2021-02-04 op
393 c26f2460 2023-06-08 op signal_add(&ps->ps_evsigint, NULL);
394 c26f2460 2023-06-08 op signal_add(&ps->ps_evsigterm, NULL);
395 c26f2460 2023-06-08 op signal_add(&ps->ps_evsigchld, NULL);
396 c26f2460 2023-06-08 op signal_add(&ps->ps_evsighup, NULL);
397 3bda540e 2023-07-24 op signal_add(&ps->ps_evsigusr1, NULL);
398 1d3eb470 2021-03-20 op
399 c26f2460 2023-06-08 op proc_connect(ps);
400 ca21e100 2021-02-04 op
401 af1dab18 2023-06-09 op if (main_configure(conf) == -1)
402 c26f2460 2023-06-08 op fatal("configuration failed");
403 bc99d868 2021-03-19 op
404 c26f2460 2023-06-08 op event_dispatch();
405 af1dab18 2023-06-09 op main_shutdown(conf);
406 c26f2460 2023-06-08 op /* NOTREACHED */
407 c26f2460 2023-06-08 op return 0;
408 c26f2460 2023-06-08 op }
409 ca21e100 2021-02-04 op
410 c26f2460 2023-06-08 op static int
411 3bda540e 2023-07-24 op main_send_logfd(struct conf *conf)
412 c26f2460 2023-06-08 op {
413 c26f2460 2023-06-08 op struct privsep *ps = conf->ps;
414 4acf495f 2023-07-24 op char path[PATH_MAX];
415 4acf495f 2023-07-24 op int r, fd = -1;
416 226f13ec 2023-07-24 op
417 3bda540e 2023-07-24 op if (conf->log_access) {
418 4acf495f 2023-07-24 op r = snprintf(path, sizeof(path), "%s%s%s", conf->chroot,
419 4acf495f 2023-07-24 op *conf->chroot == '\0' ? "" : "/", conf->log_access);
420 4acf495f 2023-07-24 op if (r < 0 || (size_t)r >= sizeof(path)) {
421 4acf495f 2023-07-24 op log_warnx("path too long: %s", conf->log_access);
422 4acf495f 2023-07-24 op goto done;
423 4acf495f 2023-07-24 op }
424 4acf495f 2023-07-24 op
425 248fb833 2024-03-03 op fd = open(path, O_WRONLY|O_CREAT|O_APPEND, 0600);
426 3bda540e 2023-07-24 op if (fd == -1)
427 3bda540e 2023-07-24 op log_warn("can't open %s", conf->log_access);
428 226f13ec 2023-07-24 op }
429 4acf495f 2023-07-24 op
430 4acf495f 2023-07-24 op done:
431 cba01a86 2023-07-26 op if (proc_compose_imsg(ps, PROC_LOGGER, -1, IMSG_LOG_ACCESS, -1, fd,
432 3bda540e 2023-07-24 op NULL, 0) == -1)
433 3bda540e 2023-07-24 op return -1;
434 9abba172 2023-08-07 op if (proc_compose_imsg(ps, PROC_LOGGER, -1, IMSG_LOG_FACILITY, -1, -1,
435 9abba172 2023-08-07 op &conf->log_facility, sizeof(conf->log_facility)) == -1)
436 9abba172 2023-08-07 op return -1;
437 46bcc4ea 2023-07-26 op if (proc_compose_imsg(ps, PROC_LOGGER, -1, IMSG_LOG_SYSLOG, -1, -1,
438 46bcc4ea 2023-07-26 op &conf->log_syslog, sizeof(conf->log_syslog)) == -1)
439 46bcc4ea 2023-07-26 op return -1;
440 3bda540e 2023-07-24 op return 0;
441 3bda540e 2023-07-24 op }
442 ca21e100 2021-02-04 op
443 3bda540e 2023-07-24 op static int
444 3bda540e 2023-07-24 op main_configure(struct conf *conf)
445 3bda540e 2023-07-24 op {
446 3bda540e 2023-07-24 op struct privsep *ps = conf->ps;
447 3bda540e 2023-07-24 op
448 3bda540e 2023-07-24 op if (main_send_logfd(conf) == -1)
449 3bda540e 2023-07-24 op return -1;
450 3bda540e 2023-07-24 op
451 86693a33 2023-06-11 op conf->reload = conf->prefork + 1; /* servers, crypto */
452 ca21e100 2021-02-04 op
453 c26f2460 2023-06-08 op if (proc_compose(ps, PROC_SERVER, IMSG_RECONF_START, NULL, 0) == -1)
454 86693a33 2023-06-11 op return -1;
455 86693a33 2023-06-11 op if (proc_compose(ps, PROC_CRYPTO, IMSG_RECONF_START, NULL, 0) == -1)
456 c26f2460 2023-06-08 op return -1;
457 ca21e100 2021-02-04 op
458 e45334e6 2023-06-09 op if (config_send(conf) == -1)
459 c26f2460 2023-06-08 op return -1;
460 c26f2460 2023-06-08 op
461 c26f2460 2023-06-08 op if (proc_compose(ps, PROC_SERVER, IMSG_RECONF_END, NULL, 0) == -1)
462 c26f2460 2023-06-08 op return -1;
463 86693a33 2023-06-11 op if (proc_compose(ps, PROC_CRYPTO, IMSG_RECONF_END, NULL, 0) == -1)
464 86693a33 2023-06-11 op return -1;
465 c26f2460 2023-06-08 op
466 c26f2460 2023-06-08 op return 0;
467 c26f2460 2023-06-08 op }
468 c26f2460 2023-06-08 op
469 c26f2460 2023-06-08 op static void
470 c26f2460 2023-06-08 op main_configure_done(struct conf *conf)
471 c26f2460 2023-06-08 op {
472 c26f2460 2023-06-08 op if (conf->reload == 0) {
473 c26f2460 2023-06-08 op log_warnx("configuration already done");
474 c26f2460 2023-06-08 op return;
475 ca21e100 2021-02-04 op }
476 1d3eb470 2021-03-20 op
477 c26f2460 2023-06-08 op conf->reload--;
478 c26f2460 2023-06-08 op /* send IMSG_CTL_START? */
479 c26f2460 2023-06-08 op }
480 c26f2460 2023-06-08 op
481 c26f2460 2023-06-08 op static void
482 c26f2460 2023-06-08 op main_reload(struct conf *conf)
483 c26f2460 2023-06-08 op {
484 c26f2460 2023-06-08 op if (conf->reload) {
485 c26f2460 2023-06-08 op log_debug("%s: already in progress: %d pending",
486 c26f2460 2023-06-08 op __func__, conf->reload);
487 c26f2460 2023-06-08 op return;
488 5c485529 2022-09-10 op }
489 1d3eb470 2021-03-20 op
490 c26f2460 2023-06-08 op log_debug("%s: config file %s", __func__, config_path);
491 af1dab18 2023-06-09 op config_purge(conf);
492 1d3eb470 2021-03-20 op
493 68368f4c 2023-06-09 op if (parse_conf(conf, config_path) == -1) {
494 68368f4c 2023-06-09 op log_warnx("failed to parse the config");
495 68368f4c 2023-06-09 op return;
496 68368f4c 2023-06-09 op }
497 68368f4c 2023-06-09 op
498 c26f2460 2023-06-08 op main_configure(conf);
499 c26f2460 2023-06-08 op }
500 c26f2460 2023-06-08 op
501 c26f2460 2023-06-08 op static void
502 c26f2460 2023-06-08 op main_sig_handler(int sig, short ev, void *arg)
503 c26f2460 2023-06-08 op {
504 c26f2460 2023-06-08 op struct privsep *ps = arg;
505 c26f2460 2023-06-08 op
506 c26f2460 2023-06-08 op /*
507 c26f2460 2023-06-08 op * Normal signal handler rules don't apply here because libevent
508 c26f2460 2023-06-08 op * decouples for us.
509 c26f2460 2023-06-08 op */
510 c26f2460 2023-06-08 op
511 c26f2460 2023-06-08 op switch (sig) {
512 c26f2460 2023-06-08 op case SIGHUP:
513 c26f2460 2023-06-08 op if (privsep_process != PROC_PARENT)
514 c26f2460 2023-06-08 op return;
515 c26f2460 2023-06-08 op log_info("reload requested with SIGHUP");
516 c26f2460 2023-06-08 op main_reload(ps->ps_env);
517 c26f2460 2023-06-08 op break;
518 c26f2460 2023-06-08 op case SIGCHLD:
519 c26f2460 2023-06-08 op log_warnx("one child died, quitting");
520 c26f2460 2023-06-08 op /* fallthrough */
521 c26f2460 2023-06-08 op case SIGTERM:
522 c26f2460 2023-06-08 op case SIGINT:
523 c26f2460 2023-06-08 op main_shutdown(ps->ps_env);
524 c26f2460 2023-06-08 op break;
525 3bda540e 2023-07-24 op case SIGUSR1:
526 3bda540e 2023-07-24 op main_send_logfd(ps->ps_env);
527 3bda540e 2023-07-24 op break;
528 c26f2460 2023-06-08 op default:
529 c26f2460 2023-06-08 op fatalx("unexpected signal %d", sig);
530 c26f2460 2023-06-08 op }
531 c26f2460 2023-06-08 op }
532 c26f2460 2023-06-08 op
533 c26f2460 2023-06-08 op static int
534 c26f2460 2023-06-08 op main_dispatch_server(int fd, struct privsep_proc *p, struct imsg *imsg)
535 c26f2460 2023-06-08 op {
536 c26f2460 2023-06-08 op struct privsep *ps = p->p_ps;
537 c26f2460 2023-06-08 op struct conf *conf = ps->ps_env;
538 c26f2460 2023-06-08 op
539 83a2644b 2024-01-21 op switch (imsg_get_type(imsg)) {
540 c26f2460 2023-06-08 op case IMSG_RECONF_DONE:
541 c26f2460 2023-06-08 op main_configure_done(conf);
542 c26f2460 2023-06-08 op break;
543 c26f2460 2023-06-08 op default:
544 c26f2460 2023-06-08 op return -1;
545 c26f2460 2023-06-08 op }
546 c26f2460 2023-06-08 op
547 c26f2460 2023-06-08 op return 0;
548 c26f2460 2023-06-08 op }
549 c26f2460 2023-06-08 op
550 c26f2460 2023-06-08 op static int
551 86693a33 2023-06-11 op main_dispatch_crypto(int fd, struct privsep_proc *p, struct imsg *imsg)
552 86693a33 2023-06-11 op {
553 86693a33 2023-06-11 op struct privsep *ps = p->p_ps;
554 86693a33 2023-06-11 op struct conf *conf = ps->ps_env;
555 86693a33 2023-06-11 op
556 83a2644b 2024-01-21 op switch (imsg_get_type(imsg)) {
557 86693a33 2023-06-11 op case IMSG_RECONF_DONE:
558 86693a33 2023-06-11 op main_configure_done(conf);
559 86693a33 2023-06-11 op break;
560 86693a33 2023-06-11 op default:
561 86693a33 2023-06-11 op return -1;
562 86693a33 2023-06-11 op }
563 86693a33 2023-06-11 op
564 86693a33 2023-06-11 op return 0;
565 86693a33 2023-06-11 op }
566 86693a33 2023-06-11 op
567 86693a33 2023-06-11 op static int
568 c26f2460 2023-06-08 op main_dispatch_logger(int fd, struct privsep_proc *p, struct imsg *imsg)
569 c26f2460 2023-06-08 op {
570 c26f2460 2023-06-08 op struct privsep *ps = p->p_ps;
571 c26f2460 2023-06-08 op struct conf *conf = ps->ps_env;
572 c26f2460 2023-06-08 op
573 83a2644b 2024-01-21 op switch (imsg_get_type(imsg)) {
574 c26f2460 2023-06-08 op case IMSG_RECONF_DONE:
575 c26f2460 2023-06-08 op main_configure_done(conf);
576 c26f2460 2023-06-08 op break;
577 c26f2460 2023-06-08 op default:
578 c26f2460 2023-06-08 op return -1;
579 c26f2460 2023-06-08 op }
580 c26f2460 2023-06-08 op
581 c26f2460 2023-06-08 op return 0;
582 c26f2460 2023-06-08 op }
583 c26f2460 2023-06-08 op
584 c26f2460 2023-06-08 op static void __dead
585 c26f2460 2023-06-08 op main_shutdown(struct conf *conf)
586 c26f2460 2023-06-08 op {
587 c26f2460 2023-06-08 op proc_kill(conf->ps);
588 af1dab18 2023-06-09 op config_purge(conf);
589 c26f2460 2023-06-08 op free(conf->ps);
590 c26f2460 2023-06-08 op /* free(conf); */
591 c26f2460 2023-06-08 op
592 c26f2460 2023-06-08 op log_info("parent terminating, pid %d", getpid());
593 c26f2460 2023-06-08 op
594 8e8b2e25 2021-04-28 op if (pidfd != -1)
595 8e8b2e25 2021-04-28 op close(pidfd);
596 8e8b2e25 2021-04-28 op
597 c26f2460 2023-06-08 op exit(0);
598 5af19830 2023-06-09 op }
599 5af19830 2023-06-09 op
600 5af19830 2023-06-09 op static void
601 5af19830 2023-06-09 op main_print_conf(struct conf *conf)
602 5af19830 2023-06-09 op {
603 5af19830 2023-06-09 op struct vhost *h;
604 5af19830 2023-06-09 op /* struct location *l; */
605 5af19830 2023-06-09 op /* struct envlist *e; */
606 5af19830 2023-06-09 op /* struct alist *a; */
607 5af19830 2023-06-09 op
608 5af19830 2023-06-09 op if (*conf->chroot != '\0')
609 5af19830 2023-06-09 op printf("chroot \"%s\"\n", conf->chroot);
610 5af19830 2023-06-09 op /* XXX: defined mimes? */
611 5af19830 2023-06-09 op printf("prefork %d\n", conf->prefork);
612 5af19830 2023-06-09 op /* XXX: protocols? */
613 5af19830 2023-06-09 op if (*conf->user != '\0')
614 5af19830 2023-06-09 op printf("user \"%s\"\n", conf->user);
615 5af19830 2023-06-09 op
616 5af19830 2023-06-09 op TAILQ_FOREACH(h, &conf->hosts, vhosts) {
617 5af19830 2023-06-09 op printf("\nserver \"%s\" {\n", h->domain);
618 f53f5e5f 2024-04-04 op printf(" cert \"%s\"\n", h->cert_path);
619 f53f5e5f 2024-04-04 op printf(" key \"%s\"\n", h->key_path);
620 5af19830 2023-06-09 op /* TODO: print locations... */
621 5af19830 2023-06-09 op printf("}\n");
622 5af19830 2023-06-09 op }
623 3e4749f7 2020-10-02 op }