op public repos

Blob

Date:: Sat Mar 13 11:42:56 2021 UTC
Message:: don't drop the start of the document The first tls_read may and up reading more than the response line, but we were using another buffer in copy_body so we loose up to the first 1K of every document.
Actions:: History | Blame | Raw File
1 /*
2  * Copyright (c) 2021 Omar Polo <op@omarpolo.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 /*
18  * TODO:
19  *  - move the various
20  *	imsg_compose(...);
21  *	imsg_flush(...);
22  *    to something more asynchronous
23  */
24 
25 #include <telescope.h>
26 
27 #include <sys/types.h>
28 #include <sys/socket.h>
29 
30 #include <netinet/in.h>
31 
32 #include <assert.h>
33 #include <ctype.h>
34 #include <errno.h>
35 #include <event.h>
36 #include <netdb.h>
37 #include <stdarg.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <string.h>
41 #include <tls.h>
42 #include <unistd.h>
43 
44 static struct tls_config	*tlsconf;
45 static struct imsgbuf		*ibuf;
46 
47 struct req;
48 
49 static void		 die(void) __attribute__((__noreturn__));
50 static char		*xasprintf(const char*, ...);
51 static int 		 conn_towards(struct url*, char**);
52 
53 static void		 close_with_err(struct req*, const char *err);
54 static struct req	*req_by_id(uint32_t);
55 static struct req	*req_by_id_try(uint32_t);
56 
57 static void		 do_handshake(int, short, void*);
58 static void		 write_request(int, short, void*);
59 static void		 read_reply(int, short, void*);
60 static void		 parse_reply(struct req*);
61 static void		 copy_body(int, short, void*);
62 
63 static void		 check_special_page(struct req*, const char*);
64 
65 static void		 handle_get(struct imsg*, size_t);
66 static void		 handle_cert_status(struct imsg*, size_t);
67 static void		 handle_proceed(struct imsg*, size_t);
68 static void		 handle_stop(struct imsg*, size_t);
69 static void		 handle_quit(struct imsg*, size_t);
70 
71 /* TODO: making this customizable */
72 struct timeval timeout_for_handshake = { 5, 0 };
73 
74 static imsg_handlerfn *handlers[] = {
75 	[IMSG_GET] = handle_get,
76 	[IMSG_CERT_STATUS] = handle_cert_status,
77 	[IMSG_PROCEED] = handle_proceed,
78 	[IMSG_STOP] = handle_stop,
79 	[IMSG_QUIT] = handle_quit,
80 };
81 
82 typedef void (*statefn)(int, short, void*);
83 
84 TAILQ_HEAD(, req) reqhead;
85 /* a pending request */
86 struct req {
87 	struct event		 ev;
88 	struct url		 url;
89 	uint32_t		 id;
90 	int			 fd;
91 	struct tls		*ctx;
92 	char			 buf[1024];
93 	size_t			 off;
94 	TAILQ_ENTRY(req)	 reqs;
95 };
96 
97 static inline void
98 yield_r(struct req *req, statefn fn, struct timeval *tv)
99 {
100 	event_once(req->fd, EV_READ, fn, req, tv);
101 }
102 
103 static inline void
104 yield_w(struct req *req, statefn fn, struct timeval *tv)
105 {
106 	event_once(req->fd, EV_WRITE, fn, req, tv);
107 }
108 
109 static inline void
110 advance_buf(struct req *req, size_t len)
111 {
112 	assert(len <= req->off);
113 
114 	req->off -= len;
115 	memmove(req->buf, req->buf + len, req->off);
116 }
117 
118 static void __attribute__((__noreturn__))
119 die(void)
120 {
121 	abort(); 		/* TODO */
122 }
123 
124 static char *
125 xasprintf(const char *fmt, ...)
126 {
127 	va_list ap;
128 	char *s;
129 
130 	va_start(ap, fmt);
131 	if (vasprintf(&s, fmt, ap) == -1)
132 		s = NULL;
133 	va_end(ap);
134 
135 	return s;
136 }
137 
138 static int
139 conn_towards(struct url *url, char **err)
140 {
141 	struct addrinfo	 hints, *servinfo, *p;
142 	int		 status, sock;
143 	const char	*proto = "1965";
144 
145 	*err = NULL;
146 
147 	if (*url->port != '\0')
148 		proto = url->port;
149 
150 	memset(&hints, 0, sizeof(hints));
151 	hints.ai_family = AF_UNSPEC;
152 	hints.ai_socktype = SOCK_STREAM;
153 
154 	if ((status = getaddrinfo(url->host, proto, &hints, &servinfo))) {
155 		*err = xasprintf("failed to resolve %s: %s",
156 		    url->host, gai_strerror(status));
157 		return -1;
158 	}
159 
160 	sock = -1;
161 	for (p = servinfo; p != NULL; p = p->ai_next) {
162 		if ((sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1)
163 			continue;
164 		if (connect(sock, p->ai_addr, p->ai_addrlen) != -1)
165 			break;
166 		close(sock);
167 	}
168 
169 	if (sock == -1)
170 		*err = xasprintf("couldn't connect to %s", url->host);
171 	else
172 		mark_nonblock(sock);
173 
174 	freeaddrinfo(servinfo);
175 	return sock;
176 }
177 
178 static struct req *
179 req_by_id(uint32_t id)
180 {
181 	struct req *r;
182 
183 	if ((r = req_by_id_try(id)) == NULL)
184 		die();
185 	return r;
186 }
187 
188 static struct req *
189 req_by_id_try(uint32_t id)
190 {
191 	struct req *r;
192 
193 	TAILQ_FOREACH(r, &reqhead, reqs) {
194 		if (r->id == id)
195 			return r;
196 	}
197 
198 	return NULL;
199 }
200 
201 static void
202 close_conn(int fd, short ev, void *d)
203 {
204 	struct req	*req = d;
205 
206 	if (req->ctx != NULL) {
207 		switch (tls_close(req->ctx)) {
208 		case TLS_WANT_POLLIN:
209 			yield_r(req, close_conn, NULL);
210 			return;
211 		case TLS_WANT_POLLOUT:
212 			yield_w(req, close_conn, NULL);
213 			return;
214 		}
215 
216 		tls_free(req->ctx);
217 	}
218 
219 	TAILQ_REMOVE(&reqhead, req, reqs);
220 	if (req->fd != -1)
221 		close(req->fd);
222 	free(req);
223 }
224 
225 static void
226 close_with_err(struct req *req, const char *err)
227 {
228 	imsg_compose(ibuf, IMSG_ERR, req->id, 0, -1, err, strlen(err)+1);
229 	imsg_flush(ibuf);
230 	close_conn(0, 0, req);
231 }
232 
233 static void
234 do_handshake(int fd, short ev, void *d)
235 {
236 	struct req	*req = d;
237 	const char	*hash;
238 
239 	if (ev == EV_TIMEOUT) {
240 		close_with_err(req, "Timeout loading page");
241 		return;
242 	}
243 
244 	switch (tls_handshake(req->ctx)) {
245 	case TLS_WANT_POLLIN:
246 		yield_r(req, do_handshake, NULL);
247 		return;
248 	case TLS_WANT_POLLOUT:
249 		yield_w(req, do_handshake, NULL);
250 		return;
251 	}
252 
253 	hash = tls_peer_cert_hash(req->ctx);
254 	imsg_compose(ibuf, IMSG_CHECK_CERT, req->id, 0, -1, hash, strlen(hash)+1);
255 	imsg_flush(ibuf);
256 }
257 
258 static void
259 write_request(int fd, short ev, void *d)
260 {
261 	struct req	*req = d;
262 	ssize_t		 r;
263 	size_t		 len;
264 	char		 buf[1024], *err;
265 
266 	strlcpy(buf, "gemini://", sizeof(buf));
267 	strlcat(buf, req->url.host, sizeof(buf));
268 	strlcat(buf, "/", sizeof(buf));
269 	strlcat(buf, req->url.path, sizeof(buf));
270 
271 	if (req->url.query[0] != '\0') {
272 		strlcat(buf, "?", sizeof(buf));
273 		strlcat(buf, req->url.query, sizeof(buf));
274 	}
275 
276 	len = strlcat(buf, "\r\n", sizeof(buf));
277 
278 	assert(len <= sizeof(buf));
279 
280 	switch (r = tls_write(req->ctx, buf, len)) {
281 	case -1:
282 		err = xasprintf("tls_write: %s", tls_error(req->ctx));
283 		close_with_err(req, err);
284 		free(err);
285 		break;
286 	case TLS_WANT_POLLIN:
287 		yield_r(req, write_request, NULL);
288 		break;
289 	case TLS_WANT_POLLOUT:
290 		yield_w(req, write_request, NULL);
291 		break;
292 	default:
293 		/* assume r == len */
294 		(void)r;
295 		yield_r(req, read_reply, NULL);
296 		break;
297 	}
298 }
299 
300 static void
301 read_reply(int fd, short ev, void *d)
302 {
303 	struct req	*req = d;
304 	size_t		 len;
305 	ssize_t		 r;
306 	char		*buf, *e;
307 
308 	buf = req->buf + req->off;
309 	len = sizeof(req->buf) - req->off;
310 
311 	switch (r = tls_read(req->ctx, buf, len)) {
312 	case -1:
313 		e = xasprintf("tls_read: %s", tls_error(req->ctx));
314 		close_with_err(req, e);
315 		free(e);
316 		break;
317 	case TLS_WANT_POLLIN:
318 		yield_r(req, read_reply, NULL);
319 		break;
320 	case TLS_WANT_POLLOUT:
321 		yield_w(req, read_reply, NULL);
322 		break;
323 	default:
324 		req->off += r;
325 
326 		/* TODO: really watch for \r\n not \n alone */
327 		if ((e = telescope_strnchr(req->buf, '\n', req->off)) != NULL)
328 			parse_reply(req);
329 		else if (req->off == sizeof(req->buf))
330 			close_with_err(req, "invalid response");
331 		else
332 			yield_r(req, read_reply, NULL);
333 		break;
334 	}
335 }
336 
337 static void
338 parse_reply(struct req *req)
339 {
340 	int	 code;
341 	char	*e;
342 	size_t	 len;
343 
344 	if (req->off < 4)
345 		goto err;
346 
347 	if (!isdigit(req->buf[0]) || !isdigit(req->buf[1]))
348 		goto err;
349 
350 	code = (req->buf[0] - '0')*10 + (req->buf[1] - '0');
351 
352 	if (!isspace(req->buf[2]))
353 		goto err;
354 
355 	advance_buf(req, 3);
356 	if ((e = telescope_strnchr(req->buf, '\r', req->off)) == NULL)
357 		goto err;
358 
359 	*e = '\0';
360 	e++;
361 	len = e - req->buf;
362 	imsg_compose(ibuf, IMSG_GOT_CODE, req->id, 0, -1, &code, sizeof(code));
363 	imsg_compose(ibuf, IMSG_GOT_META, req->id, 0, -1,
364 	    req->buf, len);
365 	imsg_flush(ibuf);
366 
367 	if (code != 20)
368 		close_conn(0, 0, req);
369 	advance_buf(req, len+1); /* skip \n too */
370 
371 	return;
372 
373 err:
374 	close_with_err(req, "malformed request");
375 }
376 
377 static void
378 copy_body(int fd, short ev, void *d)
379 {
380 	struct req	*req = d;
381 	ssize_t		 r;
382 
383 	do {
384 		if (req->off != 0) {
385 			imsg_compose(ibuf, IMSG_BUF, req->id, 0, -1,
386 			    req->buf, req->off);
387 			imsg_flush(ibuf);
388 		}
389 
390 		switch (r = tls_read(req->ctx, req->buf, sizeof(req->buf))) {
391 		case TLS_WANT_POLLIN:
392 			yield_r(req, copy_body, NULL);
393 			return;
394 		case TLS_WANT_POLLOUT:
395 			yield_w(req, copy_body, NULL);
396 			return;
397 		case 0:
398 			imsg_compose(ibuf, IMSG_EOF, req->id, 0, -1, NULL, 0);
399 			imsg_flush(ibuf);
400 			close_conn(0, 0, req);
401 			return;
402 		default:
403 			req->off = r;
404 		}
405 	} while(1);
406 }
407 
408 static void
409 handle_get(struct imsg *imsg, size_t datalen)
410 {
411 	struct req	*req;
412 	const char	*e;
413 	char		*data, *err = NULL;
414 
415 	data = imsg->data;
416 
417 	if (data[datalen-1] != '\0')
418 		die();
419 
420 	if ((req = calloc(1, sizeof(*req))) == NULL)
421 		die();
422 
423 	req->id = imsg->hdr.peerid;
424 	TAILQ_INSERT_HEAD(&reqhead, req, reqs);
425 
426         if (!url_parse(imsg->data, &req->url, &e)) {
427 		fprintf(stderr, "failed to parse url: %s\n", e);
428 		close_with_err(req, e);
429 		return;
430 	}
431 
432 	if ((req->fd = conn_towards(&req->url, &err)) == -1)
433 		goto err;
434 	if ((req->ctx = tls_client()) == NULL)
435 		goto err;
436 	if (tls_configure(req->ctx, tlsconf) == -1) {
437 		err = xasprintf("tls_configure: %s", tls_error(req->ctx));
438 		goto err;
439 	}
440 	if (tls_connect_socket(req->ctx, req->fd, req->url.host) == -1) {
441 		err = xasprintf("tls_connect_socket: %s", tls_error(req->ctx));
442 		goto err;
443 	}
444 
445 	yield_w(req, do_handshake, &timeout_for_handshake);
446 	return;
447 
448 err:
449         close_with_err(req, err);
450 	free(err);
451 }
452 
453 static void
454 handle_cert_status(struct imsg *imsg, size_t datalen)
455 {
456 	struct req	*req;
457 	int		 is_ok;
458 
459 	req = req_by_id(imsg->hdr.peerid);
460 
461 	if (datalen < sizeof(is_ok))
462 		die();
463 	memcpy(&is_ok, imsg->data, sizeof(is_ok));
464 
465 	if (is_ok)
466 		yield_w(req, write_request, NULL);
467 	else
468 		close_conn(0, 0, req);
469 }
470 
471 static void
472 handle_proceed(struct imsg *imsg, size_t datalen)
473 {
474 	struct req	*req;
475 
476 	req = req_by_id(imsg->hdr.peerid);
477 	yield_r(req, copy_body, NULL);
478 }
479 
480 static void
481 handle_stop(struct imsg *imsg, size_t datalen)
482 {
483 	struct req	*req;
484 
485 	if ((req = req_by_id_try(imsg->hdr.peerid)) == NULL)
486 		return;
487 	close_conn(0, 0, req);
488 }
489 
490 static void
491 handle_quit(struct imsg *imsg, size_t datalen)
492 {
493 	event_loopbreak();
494 }
495 
496 static void
497 dispatch_imsg(int fd, short ev, void *d)
498 {
499 	struct imsgbuf	*ibuf = d;
500 	struct imsg	 imsg;
501 	ssize_t		 n;
502 	size_t		 datalen;
503 
504 	if ((n = imsg_read(ibuf)) == -1) {
505 		if (errno == EAGAIN || errno == EWOULDBLOCK)
506 			return;
507 		_exit(1);
508 	}
509 
510 	if (n == 0)
511 		_exit(1);
512 
513 	for (;;) {
514 		if ((n = imsg_get(ibuf, &imsg)) == -1)
515 			_exit(1);
516 		if (n == 0)
517 			return;
518 		datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
519 		handlers[imsg.hdr.type](&imsg, datalen);
520 		imsg_free(&imsg);
521 	}
522 }
523 
524 int
525 client_main(struct imsgbuf *b)
526 {
527 	ibuf = b;
528 
529 	TAILQ_INIT(&reqhead);
530 
531 	if ((tlsconf = tls_config_new()) == NULL)
532 		die();
533 	tls_config_insecure_noverifycert(tlsconf);
534 
535 	event_init();
536 
537 	event_set(&imsgev, ibuf->fd, EV_READ | EV_PERSIST, dispatch_imsg, ibuf);
538 	event_add(&imsgev, NULL);
539 
540 	sandbox_network_process();
541 
542 	event_dispatch();
543 	return 0;
544 }