2 * Copyright (c) 2021 Omar Polo <op@omarpolo.com>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
31 int connected_clients;
33 static int check_path(struct client*, const char*, int*);
34 static void open_file(struct pollfd*, struct client*);
35 static void load_file(struct pollfd*, struct client*);
36 static void check_for_cgi(struct pollfd*, struct client*);
37 static void handle_handshake(struct pollfd*, struct client*);
38 static void handle_open_conn(struct pollfd*, struct client*);
39 static void start_reply(struct pollfd*, struct client*, int, const char*);
40 static void handle_start_reply(struct pollfd*, struct client*);
41 static void start_cgi(const char*, const char*, struct pollfd*, struct client*);
42 static void send_file(struct pollfd*, struct client*);
43 static void open_dir(struct pollfd*, struct client*);
44 static void redirect_canonical_dir(struct pollfd*, struct client*);
45 static void enter_handle_dirlist(struct pollfd*, struct client*);
46 static void handle_dirlist(struct pollfd*, struct client*);
47 static int read_next_dir_entry(struct client*);
48 static void send_directory_listing(struct pollfd*, struct client*);
49 static void cgi_poll_on_child(struct pollfd*, struct client*);
50 static void cgi_poll_on_client(struct pollfd*, struct client*);
51 static void handle_cgi_reply(struct pollfd*, struct client*);
52 static void handle_cgi(struct pollfd*, struct client*);
53 static void close_conn(struct pollfd*, struct client*);
54 static void do_accept(int, struct tls*, struct pollfd*, struct client*);
57 vhost_lang(struct vhost *v, const char *path)
61 if (v == NULL || path == NULL)
64 for (loc = &v->locations[1]; loc->match != NULL; ++loc) {
65 if (!fnmatch(loc->match, path, 0)) {
66 if (loc->lang != NULL)
71 return v->locations[0].lang;
75 vhost_default_mime(struct vhost *v, const char *path)
78 const char *default_mime = "application/octet-stream";
80 if (v == NULL || path == NULL)
83 for (loc = &v->locations[1]; loc->match != NULL; ++loc) {
84 if (!fnmatch(loc->match, path, 0)) {
85 if (loc->default_mime != NULL)
86 return loc->default_mime;
90 if (v->locations[0].default_mime != NULL)
91 return v->locations[0].default_mime;
96 vhost_index(struct vhost *v, const char *path)
99 const char *index = "index.gmi";
101 if (v == NULL || path == NULL)
104 for (loc = &v->locations[1]; loc->match != NULL; ++loc) {
105 if (!fnmatch(loc->match, path, 0)) {
106 if (loc->index != NULL)
111 if (v->locations[0].index != NULL)
112 return v->locations[0].index;
117 vhost_auto_index(struct vhost *v, const char *path)
119 struct location *loc;
121 if (v == NULL || path == NULL)
124 for (loc = v->locations; loc->match != NULL; ++loc) {
125 if (!fnmatch(loc->match, path, 0)) {
126 if (loc->auto_index != 0)
127 return loc->auto_index == 1;
131 return v->locations[0].auto_index == 1;
135 check_path(struct client *c, const char *path, int *fd)
141 assert(path != NULL);
145 else if (*path == '/')
146 /* in send_dir we add an initial / (to be
147 * redirect-friendly), but here we want to skip it */
152 flags = O_RDONLY | O_NOFOLLOW;
154 if (*fd == -1 && (*fd = openat(c->host->dirfd, p, flags)) == -1)
157 if (fstat(*fd, &sb) == -1) {
158 LOGN(c, "failed stat for %s: %s", path, strerror(errno));
162 if (S_ISDIR(sb.st_mode))
163 return FILE_DIRECTORY;
165 if (sb.st_mode & S_IXUSR)
166 return FILE_EXECUTABLE;
172 open_file(struct pollfd *fds, struct client *c)
174 switch (check_path(c, c->iri.path, &c->fd)) {
175 case FILE_EXECUTABLE:
176 if (c->host->cgi != NULL && !fnmatch(c->host->cgi, c->iri.path, 0)) {
177 start_cgi(c->iri.path, "", fds, c);
192 if (c->host->cgi != NULL && !fnmatch(c->host->cgi, c->iri.path, 0)) {
193 check_for_cgi(fds, c);
196 start_reply(fds, c, NOT_FOUND, "not found");
206 load_file(struct pollfd *fds, struct client *c)
208 if ((c->len = filesize(c->fd)) == -1) {
209 LOGE(c, "failed to get file size for %s: %s",
210 c->iri.path, strerror(errno));
211 start_reply(fds, c, TEMP_FAILURE, "internal server error");
215 if ((c->buf = mmap(NULL, c->len, PROT_READ, MAP_PRIVATE,
216 c->fd, 0)) == MAP_FAILED) {
217 LOGW(c, "mmap: %s: %s", c->iri.path, strerror(errno));
218 start_reply(fds, c, TEMP_FAILURE, "internal server error");
223 start_reply(fds, c, SUCCESS, mime(c->host, c->iri.path));
227 * the inverse of this algorithm, i.e. starting from the start of the
228 * path + strlen(cgi), and checking if each component, should be
229 * faster. But it's tedious to write. This does the opposite: starts
230 * from the end and strip one component at a time, until either an
231 * executable is found or we emptied the path.
234 check_for_cgi(struct pollfd *fds, struct client *c)
239 strlcpy(path, c->iri.path, sizeof(path));
240 end = strchr(path, '\0');
242 /* NB: assume CGI is enabled and path matches cgi */
245 /* go up one level. UNIX paths are simple and POSIX
246 * dirname, with its ambiguities on if the given path
247 * is changed or not, gives me headaches. */
252 switch (check_path(c, path, &c->fd)) {
253 case FILE_EXECUTABLE:
254 start_cgi(path, end+1, fds, c);
267 start_reply(fds, c, NOT_FOUND, "not found");
272 mark_nonblock(int fd)
276 if ((flags = fcntl(fd, F_GETFL)) == -1)
277 fatal("fcntl(F_GETFL): %s", strerror(errno));
278 if (fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1)
279 fatal("fcntl(F_SETFL): %s", strerror(errno));
283 handle_handshake(struct pollfd *fds, struct client *c)
286 const char *servname;
287 const char *parse_err = "unknown error";
289 switch (tls_handshake(c->ctx)) {
290 case 0: /* success */
291 case -1: /* already handshaked */
293 case TLS_WANT_POLLIN:
294 fds->events = POLLIN;
296 case TLS_WANT_POLLOUT:
297 fds->events = POLLOUT;
304 servname = tls_conn_servername(c->ctx);
305 if (!puny_decode(servname, c->domain, sizeof(c->domain), &parse_err)) {
306 LOGI(c, "%s", parse_err);
310 for (h = hosts; h->domain != NULL; ++h) {
311 if (!fnmatch(h->domain, c->domain, 0))
315 /* LOGD(c, "handshake: SNI: \"%s\"; decoded: \"%s\"; matched: \"%s\"", */
316 /* servname != NULL ? servname : "(null)", */
318 /* h->domain != NULL ? h->domain : "(null)"); */
320 if (h->domain != NULL) {
322 c->state = handle_open_conn;
328 if (servname != NULL)
329 strncpy(c->req, servname, sizeof(c->req));
331 strncpy(c->req, "null", sizeof(c->req));
333 start_reply(fds, c, BAD_REQUEST, "Wrong/malformed host or missing SNI");
337 handle_open_conn(struct pollfd *fds, struct client *c)
339 const char *parse_err = "invalid request";
340 char decoded[DOMAIN_NAME_LEN];
342 bzero(c->req, sizeof(c->req));
343 bzero(&c->iri, sizeof(c->iri));
345 switch (tls_read(c->ctx, c->req, sizeof(c->req)-1)) {
347 LOGE(c, "tls_read: %s", tls_error(c->ctx));
351 case TLS_WANT_POLLIN:
352 fds->events = POLLIN;
355 case TLS_WANT_POLLOUT:
356 fds->events = POLLOUT;
360 if (!trim_req_iri(c->req, &parse_err)
361 || !parse_iri(c->req, &c->iri, &parse_err)
362 || !puny_decode(c->iri.host, decoded, sizeof(decoded), &parse_err)) {
363 LOGI(c, "iri parse error: %s", parse_err);
364 start_reply(fds, c, BAD_REQUEST, "invalid request");
368 if (c->iri.port_no != conf.port
369 || strcmp(c->iri.schema, "gemini")
370 || strcmp(decoded, c->domain)) {
371 start_reply(fds, c, PROXY_REFUSED, "won't proxy request");
379 start_reply(struct pollfd *pfd, struct client *c, int code, const char *meta)
383 c->state = handle_start_reply;
384 handle_start_reply(pfd, c);
388 handle_start_reply(struct pollfd *pfd, struct client *c)
390 char buf[1030]; /* status + ' ' + max reply len + \r\n\0 */
394 lang = vhost_lang(c->host, c->iri.path);
396 snprintf(buf, sizeof(buf), "%d ", c->code);
397 strlcat(buf, c->meta, sizeof(buf));
398 if (!strcmp(c->meta, "text/gemini") && lang != NULL) {
399 strlcat(buf, "; lang=", sizeof(buf));
400 strlcat(buf, lang, sizeof(buf));
403 len = strlcat(buf, "\r\n", sizeof(buf));
404 assert(len < sizeof(buf));
406 switch (tls_write(c->ctx, buf, len)) {
410 case TLS_WANT_POLLIN:
411 pfd->events = POLLIN;
413 case TLS_WANT_POLLOUT:
414 pfd->events = POLLOUT;
418 log_request(c, buf, sizeof(buf));
420 /* we don't need a body */
421 if (c->code != SUCCESS) {
426 /* advance the state machine */
432 start_cgi(const char *spath, const char *relpath,
433 struct pollfd *fds, struct client *c)
435 char addr[NI_MAXHOST];
436 const char *ruser, *cissuer, *chash;
439 e = getnameinfo((struct sockaddr*)&c->addr, sizeof(c->addr),
446 if (tls_peer_cert_provided(c->ctx)) {
447 ruser = tls_peer_cert_subject(c->ctx);
448 cissuer = tls_peer_cert_issuer(c->ctx);
449 chash = tls_peer_cert_hash(c->ctx);
456 if (!send_iri(exfd, &c->iri)
457 || !send_string(exfd, spath)
458 || !send_string(exfd, relpath)
459 || !send_string(exfd, addr)
460 || !send_string(exfd, ruser)
461 || !send_string(exfd, cissuer)
462 || !send_string(exfd, chash)
463 || !send_vhost(exfd, c->host))
467 if ((c->fd = recv_fd(exfd)) == -1) {
468 start_reply(fds, c, TEMP_FAILURE, "internal server error");
472 cgi_poll_on_child(fds, c);
473 c->state = handle_cgi_reply;
477 /* fatal("cannot talk to the executor process: %s", strerror(errno)); */
478 fatal("cannot talk to the executor process");
482 send_file(struct pollfd *fds, struct client *c)
486 len = (c->buf + c->len) - c->i;
489 switch (ret = tls_write(c->ctx, c->i, len)) {
491 LOGE(c, "tls_write: %s", tls_error(c->ctx));
495 case TLS_WANT_POLLIN:
496 fds->events = POLLIN;
499 case TLS_WANT_POLLOUT:
500 fds->events = POLLOUT;
514 open_dir(struct pollfd *fds, struct client *c)
520 len = strlen(c->iri.path);
521 if (len > 0 && !ends_with(c->iri.path, "/")) {
522 redirect_canonical_dir(fds, c);
526 strlcpy(c->sbuf, "/", sizeof(c->sbuf));
527 strlcat(c->sbuf, c->iri.path, sizeof(c->sbuf));
528 if (!ends_with(c->sbuf, "/"))
529 strlcat(c->sbuf, "/", sizeof(c->sbuf));
530 before_file = strchr(c->sbuf, '\0');
531 len = strlcat(c->sbuf, vhost_index(c->host, c->iri.path),
533 if (len >= sizeof(c->sbuf)) {
534 start_reply(fds, c, TEMP_FAILURE, "internal server error");
538 c->iri.path = c->sbuf;
540 /* close later unless we have to generate the dir listing */
544 switch (check_path(c, c->iri.path, &c->fd)) {
545 case FILE_EXECUTABLE:
546 if (c->host->cgi != NULL && !fnmatch(c->host->cgi, c->iri.path, 0)) {
547 start_cgi(c->iri.path, "", fds, c);
558 start_reply(fds, c, TEMP_REDIRECT, c->sbuf);
564 if (!vhost_auto_index(c->host, c->iri.path)) {
565 start_reply(fds, c, NOT_FOUND, "not found");
570 c->next = enter_handle_dirlist;
572 if ((c->dir = fdopendir(c->fd)) == NULL) {
573 LOGE(c, "can't fdopendir(%d) (vhost:%s) %s: %s",
574 c->fd, c->host->domain, c->iri.path, strerror(errno));
575 start_reply(fds, c, TEMP_FAILURE, "internal server error");
580 start_reply(fds, c, SUCCESS, "text/gemini");
592 redirect_canonical_dir(struct pollfd *fds, struct client *c)
596 strlcpy(c->sbuf, "/", sizeof(c->sbuf));
597 strlcat(c->sbuf, c->iri.path, sizeof(c->sbuf));
598 len = strlcat(c->sbuf, "/", sizeof(c->sbuf));
600 if (len >= sizeof(c->sbuf)) {
601 start_reply(fds, c, TEMP_FAILURE, "internal server error");
605 start_reply(fds, c, TEMP_REDIRECT, c->sbuf);
609 enter_handle_dirlist(struct pollfd *fds, struct client *c)
614 strlcpy(b, c->iri.path, sizeof(b));
615 l = snprintf(c->sbuf, sizeof(c->sbuf),
616 "# Index of %s\n\n", b);
617 if (l >= sizeof(c->sbuf)) {
618 /* this is impossible, given that we have enough space
619 * in c->sbuf to hold the ancilliary string plus the
620 * full path; but it wouldn't read nice without some
621 * error checking, and I'd like to avoid a strlen. */
627 c->state = handle_dirlist;
628 handle_dirlist(fds, c);
632 handle_dirlist(struct pollfd *fds, struct client *c)
637 switch (r = tls_write(c->ctx, c->sbuf + c->off, c->len)) {
641 case TLS_WANT_POLLOUT:
642 fds->events = POLLOUT;
644 case TLS_WANT_POLLIN:
645 fds->events = POLLIN;
653 c->state = send_directory_listing;
654 send_directory_listing(fds, c);
658 read_next_dir_entry(struct client *c)
664 if ((d = readdir(c->dir)) == NULL) {
666 LOGE(c, "readdir: %s", strerror(errno));
669 } while (!strcmp(d->d_name, "."));
671 /* XXX: url escape */
672 snprintf(c->sbuf, sizeof(c->sbuf), "=> %s %s\n",
673 d->d_name, d->d_name);
674 c->len = strlen(c->sbuf);
681 send_directory_listing(struct pollfd *fds, struct client *c)
687 if (!read_next_dir_entry(c))
692 switch (r = tls_write(c->ctx, c->sbuf + c->off, c->len)) {
696 case TLS_WANT_POLLOUT:
697 fds->events = POLLOUT;
700 case TLS_WANT_POLLIN:
701 fds->events = POLLIN;
717 cgi_poll_on_child(struct pollfd *fds, struct client *c)
721 if (c->waiting_on_child)
723 c->waiting_on_child = 1;
725 fds->events = POLLIN;
733 cgi_poll_on_client(struct pollfd *fds, struct client *c)
737 if (!c->waiting_on_child)
739 c->waiting_on_child = 0;
746 /* accumulate the meta line from the cgi script. */
748 handle_cgi_reply(struct pollfd *fds, struct client *c)
754 buf = c->sbuf + c->len;
755 len = sizeof(c->sbuf) - c->len;
757 /* we're polling on the child! */
758 r = read(fds->fd, buf, len);
759 if (r == 0 || r == -1) {
760 cgi_poll_on_client(fds, c);
761 start_reply(fds, c, CGI_ERROR, "CGI error");
767 /* TODO: error if the CGI script don't reply correctly */
768 e = strchr(c->sbuf, '\n');
769 if (e != NULL || c->len == sizeof(c->sbuf)) {
770 log_request(c, c->sbuf, c->len);
773 c->state = handle_cgi;
780 handle_cgi(struct pollfd *fds, struct client *c)
784 /* ensure c->fd is the child and fds->fd the client */
785 cgi_poll_on_client(fds, c);
789 switch (r = read(c->fd, c->sbuf, sizeof(c->sbuf))) {
793 if (errno == EAGAIN || errno == EWOULDBLOCK) {
794 cgi_poll_on_child(fds, c);
805 switch (r = tls_write(c->ctx, c->sbuf + c->off, c->len)) {
809 case TLS_WANT_POLLOUT:
810 fds->events = POLLOUT;
813 case TLS_WANT_POLLIN:
814 fds->events = POLLIN;
830 close_conn(struct pollfd *pfd, struct client *c)
832 c->state = close_conn;
834 switch (tls_close(c->ctx)) {
835 case TLS_WANT_POLLIN:
836 pfd->events = POLLIN;
838 case TLS_WANT_POLLOUT:
839 pfd->events = POLLOUT;
848 if (c->buf != MAP_FAILED)
849 munmap(c->buf, c->len);
862 do_accept(int sock, struct tls *ctx, struct pollfd *fds, struct client *clients)
865 struct sockaddr_storage addr;
869 if ((fd = accept(sock, (struct sockaddr*)&addr, &len)) == -1) {
870 if (errno == EWOULDBLOCK)
872 fatal("accept: %s", strerror(errno));
877 for (i = 0; i < MAX_USERS; ++i) {
878 if (fds[i].fd == -1) {
879 bzero(&clients[i], sizeof(struct client));
880 if (tls_accept_socket(ctx, &clients[i].ctx, fd) == -1)
881 break; /* goodbye fd! */
884 fds[i].events = POLLIN;
886 clients[i].state = handle_handshake;
887 clients[i].next = send_file;
889 clients[i].waiting_on_child = 0;
890 clients[i].buf = MAP_FAILED;
891 clients[i].dir = NULL;
892 clients[i].addr = addr;
903 loop(struct tls *ctx, int sock4, int sock6)
906 struct client clients[MAX_USERS];
907 struct pollfd fds[MAX_USERS];
909 for (i = 0; i < MAX_USERS; ++i) {
911 fds[i].events = POLLIN;
912 bzero(&clients[i], sizeof(struct client));
919 if ((n = poll(fds, MAX_USERS, INFTIM)) == -1) {
920 if (errno == EINTR) {
921 fprintf(stderr, "connected clients: %d\n",
924 fatal("poll: %s", strerror(errno));
927 for (i = 0; i < MAX_USERS && n > 0; i++) {
928 if (fds[i].revents == 0)
931 if (fds[i].revents & (POLLERR|POLLNVAL))
932 fatal("bad fd %d: %s", fds[i].fd,
937 if (fds[i].revents & POLLHUP) {
938 /* fds[i] may be the fd of the stdin
939 * of a cgi script that has exited. */
940 if (!clients[i].waiting_on_child) {
941 close_conn(&fds[i], &clients[i]);
946 if (fds[i].fd == sock4)
947 do_accept(sock4, ctx, fds, clients);
948 else if (fds[i].fd == sock6)
949 do_accept(sock6, ctx, fds, clients);
951 clients[i].state(&fds[i], &clients[i]);
955 if (connected_clients == 0)