1 /*
2  * Copyright (c) 2022 Omar Polo <op@omarpolo.com>
3  * Copyright (c) 2014 Reyk Floeter <reyk@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include <sys/types.h>
19 #include <sys/queue.h>
20 #include <sys/tree.h>
21 #include <sys/socket.h>
22 #include <sys/uio.h>
23 
24 #include <netinet/in.h>
25 #include <arpa/inet.h>
26 
27 #include <errno.h>
28 #include <event.h>
29 #include <limits.h>
30 #include <locale.h>
31 #include <pwd.h>
32 #include <signal.h>
33 #include <stdint.h>
34 #include <stdio.h>
35 #include <stdlib.h>
36 #include <string.h>
37 #include <syslog.h>
38 #include <unistd.h>
39 #include <imsg.h>
40 
41 #include "log.h"
42 #include "proc.h"
43 #include "xmalloc.h"
44 
45 #include "galileo.h"
46 
47 static int		parent_configure(struct galileo *);
48 static void		parent_configure_done(struct galileo *);
49 static void		parent_reload(struct galileo *);
50 static void		parent_sig_handler(int, short, void *);
51 static int		parent_dispatch_proxy(int, struct privsep_proc *,
52 			    struct imsg *);
53 static __dead void	parent_shutdown(struct galileo *);
54 
55 static struct privsep_proc procs[] = {
56 	{ "proxy",	PROC_PROXY, parent_dispatch_proxy, proxy },
57 };
58 
59 int privsep_process;
60 
61 const char *conffile = GALILEO_CONF;
62 
63 static __dead void
64 usage(void)
65 {
66 	fprintf(stderr, "usage: %s [-dnv] [-D macro=value] [-f file]",
67 	    getprogname());
68 	exit(1);
69 }
70 
71 int
72 main(int argc, char **argv)
73 {
74 	struct galileo	*env;
75 	struct privsep	*ps;
76 	const char	*errstr;
77 	const char	*title = NULL;
78 	size_t		 i;
79 	int		 conftest = 0, debug = 0, verbose = 0;
80 	int		 argc0 = argc, ch;
81 	int		 proc_id = PROC_PARENT;
82 	int		 proc_instance = 0;
83 
84 	setlocale(LC_CTYPE, "");
85 
86 	/* log to stderr until daemonized */
87 	log_init(1, LOG_DAEMON);
88 	log_setverbose(verbose);
89 
90 	while ((ch = getopt(argc, argv, "D:df:I:nP:v")) != -1) {
91 		switch (ch) {
92 		case 'D':
93 			if (cmdline_symset(optarg) < 0)
94 				log_warnx("could not parse macro definition %s",
95 				    optarg);
96 			break;
97 		case 'd':
98 			debug = 1;
99 			break;
100 		case 'f':
101 			conffile = optarg;
102 			break;
103 		case 'I':
104 			proc_instance = strtonum(optarg, 0, PROC_MAX_INSTANCES,
105 			    &errstr);
106 			if (errstr != NULL)
107 				fatalx("invalid process instance");
108 			break;
109 		case 'n':
110 			conftest = 1;
111 			break;
112 		case 'P':
113 			title = optarg;
114 			proc_id = proc_getid(procs, nitems(procs), title);
115 			if (proc_id == PROC_MAX)
116 				fatalx("invalid process name");
117 			break;
118 		case 'v':
119 			verbose = 1;
120 			break;
121 		default:
122 			usage();
123 		}
124 	}
125 	argc -= optind;
126 	if (argc != 0)
127 		usage();
128 
129 	if (geteuid())
130 		fatalx("need root privileges");
131 
132 	log_setverbose(verbose);
133 
134 	env = xcalloc(1, sizeof(*env));
135 	config_init(env);
136 	if (parse_config(conffile, env) == -1)
137 		return (1);
138 
139 	if (conftest) {
140 		fprintf(stderr, "configuration OK\n");
141 		return (0);
142 	}
143 
144 	ps = xcalloc(1, sizeof(*ps));
145 	ps->ps_env = env;
146 	env->sc_ps = ps;
147 	if ((ps->ps_pw = getpwnam(GALILEO_USER)) == NULL)
148 		fatalx("unknown user %s", GALILEO_USER);
149 
150 	ps->ps_instances[PROC_PROXY] = env->sc_prefork;
151 	ps->ps_instance = proc_instance;
152 	if (title != NULL)
153 		ps->ps_title[proc_id] = title;
154 
155 	if (*env->sc_chroot == '\0') {
156 		if (strlcpy(env->sc_chroot, ps->ps_pw->pw_dir,
157 		    sizeof(env->sc_chroot)) >= sizeof(env->sc_chroot))
158 			fatalx("chroot path too long!");
159 	}
160 
161 	for (i = 0; i < nitems(procs); ++i)
162 		procs[i].p_chroot = env->sc_chroot;
163 
164 	/* only the parent returns */
165 	proc_init(ps, procs, nitems(procs), debug, argc0, argv, proc_id);
166 
167 	log_procinit("parent");
168 	if (!debug && daemon(0, 0) == -1)
169 		fatal("failed to daemonize");
170 
171 	log_init(debug, LOG_DAEMON);
172 
173 	log_info("startup");
174 
175 	/* if (pledge("stdio rpath wpath cpath unix fattr sendfd", NULL) == -1) */
176 		/* fatal("pledge"); */
177 
178 	event_init();
179 
180 	signal(SIGPIPE, SIG_IGN);
181 
182 	signal_set(&ps->ps_evsigint, SIGINT, parent_sig_handler, ps);
183 	signal_set(&ps->ps_evsigterm, SIGTERM, parent_sig_handler, ps);
184 	signal_set(&ps->ps_evsigchld, SIGCHLD, parent_sig_handler, ps);
185 	signal_set(&ps->ps_evsighup, SIGHUP, parent_sig_handler, ps);
186 
187 	signal_add(&ps->ps_evsigint, NULL);
188 	signal_add(&ps->ps_evsigterm, NULL);
189 	signal_add(&ps->ps_evsigchld, NULL);
190 	signal_add(&ps->ps_evsighup, NULL);
191 
192 	proc_connect(ps);
193 
194 	if (parent_configure(env) == -1)
195 		fatalx("configuration failed");
196 
197 	event_dispatch();
198 
199 	parent_shutdown(env);
200 	/* NOTREACHED */
201 
202 	return (0);
203 }
204 
205 static int
206 parent_configure(struct galileo *env)
207 {
208 	struct proxy	*proxy;
209 	int		 id;
210 
211 	TAILQ_FOREACH(proxy, &env->sc_proxies, pr_entry) {
212 		if (config_setproxy(env, proxy) == -1)
213 			fatal("send proxy");
214 	}
215 
216 	/* XXX: eventually they will be more than just one */
217 	if (config_setsock(env) == -1)
218 		fatal("send socket");
219 
220 	/* The proxiess need to reload their config. */
221 	env->sc_reload = env->sc_prefork;
222 
223 	for (id = 0; id < PROC_MAX; id++) {
224 		if (id == privsep_process)
225 			continue;
226 		proc_compose(env->sc_ps, id, IMSG_CFG_DONE, env, sizeof(env));
227 	}
228 
229 	config_purge(env);
230 	return (0);
231 }
232 
233 static void
234 parent_configure_done(struct galileo *env)
235 {
236 	int	 id;
237 
238 	if (env->sc_reload == 0) {
239 		log_warnx("configuration already finished");
240 		return;
241 	}
242 
243 	env->sc_reload--;
244 	if (env->sc_reload == 0) {
245 		for (id = 0; id < PROC_MAX; ++id) {
246 			if (id == privsep_process)
247 				continue;
248 
249 			proc_compose(env->sc_ps, id, IMSG_CTL_START, NULL, 0);
250 		}
251 	}
252 }
253 
254 static void
255 parent_reload(struct galileo *env)
256 {
257 	if (env->sc_reload) {
258 		log_debug("%s: already in progress: %d pending",
259 		    __func__, env->sc_reload);
260 	}
261 
262 	log_debug("%s: config file %s", __func__, conffile);
263 
264 	config_purge(env);
265 
266 	if (parse_config(conffile, env) == -1) {
267 		log_warnx("failed to load config file: %s", conffile);
268 		return;
269 	}
270 
271 	config_setreset(env);
272 	parent_configure(env);
273 }
274 
275 static void
276 parent_sig_handler(int sig, short ev, void *arg)
277 {
278 	struct privsep	*ps = arg;
279 
280 	/*
281 	 * Normal signal handler rules don't apply because libevent
282 	 * decouples for us.
283 	 */
284 
285 	switch (sig) {
286 	case SIGHUP:
287 		if (privsep_process != PROC_PARENT)
288 			return;
289 		log_info("reload requested with SIGHUP");
290 		parent_reload(ps->ps_env);
291 		break;
292 	case SIGCHLD:
293 		log_warnx("one child died, quitting.");
294 		/* fallthrough */
295 	case SIGTERM:
296 	case SIGINT:
297 		parent_shutdown(ps->ps_env);
298 		break;
299 	default:
300 		fatalx("unexpected signal %d", sig);
301 	}
302 }
303 
304 static int
305 parent_dispatch_proxy(int fd, struct privsep_proc *p, struct imsg *imsg)
306 {
307 	struct privsep	*ps = p->p_ps;
308 	struct galileo	*env = ps->ps_env;
309 
310 	switch (imsg->hdr.type) {
311 	case IMSG_CFG_DONE:
312 		parent_configure_done(env);
313 		break;
314 	default:
315 		return (-1);
316 	}
317 
318 	return (0);
319 }
320 
321 static __dead void
322 parent_shutdown(struct galileo *env)
323 {
324 	config_purge(env);
325 
326 	proc_kill(env->sc_ps);
327 
328 	free(env->sc_ps);
329 	free(env);
330 
331 	log_info("parent terminating, pid %d", getpid());
332 	exit(0);
333 }
334 
335 int
336 accept_reserve(int sockfd, struct sockaddr *addr, socklen_t *addrlen,
337     int reserve, volatile int *counter)
338 {
339 	int ret;
340 	if (getdtablecount() + reserve +
341 	    *counter >= getdtablesize()) {
342 		errno = EMFILE;
343 		return (-1);
344 	}
345 
346 	if ((ret = accept4(sockfd, addr, addrlen, SOCK_NONBLOCK)) > -1) {
347 		(*counter)++;
348 		log_debug("%s: inflight incremented, now %d",__func__, *counter);
349 	}
350 	return (ret);
351 }