2 * Copyright (c) 2020, 2021, 2022 Omar Polo <op@omarpolo.com>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
37 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
40 static int main_configure(struct conf *);
41 static void main_configure_done(struct conf *);
42 static void main_reload(struct conf *);
43 static void main_sig_handler(int, short, void *);
44 static int main_dispatch_server(int, struct privsep_proc *, struct imsg *);
45 static int main_dispatch_crypto(int, struct privsep_proc *, struct imsg *);
46 static int main_dispatch_logger(int, struct privsep_proc *, struct imsg *);
47 static void __dead main_shutdown(struct conf *);
48 static void main_print_conf(struct conf *);
50 static struct privsep_proc procs[] = {
51 { "server", PROC_SERVER, main_dispatch_server, server },
52 { "crypto", PROC_CRYPTO, main_dispatch_crypto, crypto },
53 { "logger", PROC_LOGGER, main_dispatch_logger, logger },
56 static const char *opts = "c:D:fI:hnP:T:U:VvX:";
58 static const struct option longopts[] = {
59 {"help", no_argument, NULL, 'h'},
60 {"version", no_argument, NULL, 'V'},
70 const char *config_path = "/etc/gmid.conf";
77 "Version: " GMID_STRING "\n"
78 "Usage: %s [-fnv] [-c config] [-D macro=value] [-P pidfile]\n",
82 /* used by the server process, defined here so gg can provide its own impl. */
84 log_request(struct client *c, int code, const char *meta)
86 struct conf *conf = c->conf;
87 char b[GEMINI_URL_LEN];
92 if (c->iri.schema != NULL) {
93 /* serialize the IRI */
94 strlcpy(b, c->iri.schema, sizeof(b));
95 strlcat(b, "://", sizeof(b));
97 /* log the decoded host name, but if it was invalid
99 if (*c->domain != '\0')
100 strlcat(b, c->domain, sizeof(b));
102 strlcat(b, c->iri.host, sizeof(b));
104 if (*c->iri.path != '/')
105 strlcat(b, "/", sizeof(b));
106 strlcat(b, c->iri.path, sizeof(b)); /* TODO: sanitize UTF8 */
107 if (*c->iri.query != '\0') { /* TODO: sanitize UTF8 */
108 strlcat(b, "?", sizeof(b));
109 strlcat(b, c->iri.query, sizeof(b));
112 if ((t = c->req) == NULL)
114 strlcpy(b, t, sizeof(b));
117 ec = asprintf(&fmted, "%s:%s GET %s %d %s", c->rhost, c->rserv, b,
122 proc_compose(conf->ps, PROC_LOGGER, IMSG_LOG_REQUEST,
129 write_pidfile(const char *pidfile)
137 if ((fd = open(pidfile, O_WRONLY|O_CREAT|O_CLOEXEC, 0600)) == -1)
138 fatal("can't open pidfile %s", pidfile);
142 lock.l_type = F_WRLCK;
143 lock.l_whence = SEEK_SET;
145 if (fcntl(fd, F_SETLK, &lock) == -1)
146 fatalx("can't lock %s, gmid is already running?", pidfile);
148 if (ftruncate(fd, 0) == -1)
149 fatal("ftruncate %s", pidfile);
151 dprintf(fd, "%d\n", getpid());
157 main(int argc, char **argv)
161 const char *errstr, *title = NULL;
162 const char *user = NULL, *chroot = NULL;
164 int ch, conftest = 0;
165 int proc_instance = 0;
166 int proc_id = PROC_PARENT;
169 setlocale(LC_CTYPE, "");
171 /* log to stderr until daemonized */
172 log_init(1, LOG_DAEMON);
174 while ((ch = getopt_long(argc, argv, opts, longopts, NULL)) != -1) {
177 config_path = absolutify_path(optarg);
180 if (cmdline_symset(optarg) == -1)
181 fatalx("could not parse macro definition: %s",
191 proc_instance = strtonum(optarg, 0, PROC_MAX_INSTANCES,
194 fatalx("invalid process instance");
200 pidfile = absolutify_path(optarg);
204 proc_id = proc_getid(procs, nitems(procs), title);
205 if (proc_id == PROC_MAX)
206 fatalx("invalid process name");
212 puts("Version: " GMID_STRING);
226 if (argc - optind != 0)
232 * Only the parent loads the config, the others get user and
233 * chroot via flags and the rest via imsg.
235 if (proc_id == PROC_PARENT) {
236 if (parse_conf(conf, config_path) == -1)
237 fatalx("failed to load configuration file");
238 if (*conf->chroot != '\0' && *conf->user == '\0')
239 fatalx("can't chroot without a user to switch to.");
242 strlcpy(conf->user, user, sizeof(conf->user));
244 strlcpy(conf->chroot, chroot, sizeof(conf->chroot));
248 fprintf(stderr, "config OK\n");
250 main_print_conf(conf);
254 if ((ps = calloc(1, sizeof(*ps))) == NULL)
260 fatalx("need root privileges");
261 if ((ps->ps_pw = getpwnam(conf->user)) == NULL)
262 fatalx("unknown user %s", conf->user);
263 if (*conf->chroot == '\0')
264 strlcpy(conf->chroot, ps->ps_pw->pw_dir,
265 sizeof(conf->chroot));
268 ps->ps_instances[PROC_SERVER] = conf->prefork;
269 ps->ps_instance = proc_instance;
271 ps->ps_title[proc_id] = title;
273 if (*conf->chroot != '\0') {
274 for (i = 0; i < nitems(procs); ++i)
275 procs[i].p_chroot = conf->chroot;
278 log_init(debug, LOG_DAEMON);
279 log_setverbose(verbose);
283 /* only the parent returns */
284 proc_init(ps, procs, nitems(procs), debug, argc0, argv, proc_id);
286 log_procinit("main");
287 if (!debug && daemon(0, 0) == -1)
290 pidfd = write_pidfile(pidfile);
292 sandbox_main_process();
296 signal(SIGPIPE, SIG_IGN);
298 signal_set(&ps->ps_evsigint, SIGINT, main_sig_handler, ps);
299 signal_set(&ps->ps_evsigterm, SIGTERM, main_sig_handler, ps);
300 signal_set(&ps->ps_evsigchld, SIGCHLD, main_sig_handler, ps);
301 signal_set(&ps->ps_evsighup, SIGHUP, main_sig_handler, ps);
302 signal_set(&ps->ps_evsigusr1, SIGUSR1, main_sig_handler, ps);
304 signal_add(&ps->ps_evsigint, NULL);
305 signal_add(&ps->ps_evsigterm, NULL);
306 signal_add(&ps->ps_evsigchld, NULL);
307 signal_add(&ps->ps_evsighup, NULL);
308 signal_add(&ps->ps_evsigusr1, NULL);
312 if (main_configure(conf) == -1)
313 fatal("configuration failed");
322 main_send_logfd(struct conf *conf)
324 struct privsep *ps = conf->ps;
330 if (conf->log_access) {
331 fd = open(conf->log_access, O_WRONLY|O_CREAT|O_APPEND, 0600);
333 log_warn("can't open %s", conf->log_access);
335 if (proc_compose_imsg(ps, PROC_LOGGER, -1, IMSG_LOG_TYPE, -1, fd,
342 main_configure(struct conf *conf)
344 struct privsep *ps = conf->ps;
346 if (main_send_logfd(conf) == -1)
349 conf->reload = conf->prefork + 1; /* servers, crypto */
351 if (proc_compose(ps, PROC_SERVER, IMSG_RECONF_START, NULL, 0) == -1)
353 if (proc_compose(ps, PROC_CRYPTO, IMSG_RECONF_START, NULL, 0) == -1)
356 if (config_send(conf) == -1)
359 if (proc_compose(ps, PROC_SERVER, IMSG_RECONF_END, NULL, 0) == -1)
361 if (proc_compose(ps, PROC_CRYPTO, IMSG_RECONF_END, NULL, 0) == -1)
368 main_configure_done(struct conf *conf)
370 if (conf->reload == 0) {
371 log_warnx("configuration already done");
376 /* send IMSG_CTL_START? */
380 main_reload(struct conf *conf)
383 log_debug("%s: already in progress: %d pending",
384 __func__, conf->reload);
388 log_debug("%s: config file %s", __func__, config_path);
391 if (parse_conf(conf, config_path) == -1) {
392 log_warnx("failed to parse the config");
396 main_configure(conf);
400 main_sig_handler(int sig, short ev, void *arg)
402 struct privsep *ps = arg;
405 * Normal signal handler rules don't apply here because libevent
411 if (privsep_process != PROC_PARENT)
413 log_info("reload requested with SIGHUP");
414 main_reload(ps->ps_env);
417 log_warnx("one child died, quitting");
421 main_shutdown(ps->ps_env);
424 main_send_logfd(ps->ps_env);
427 fatalx("unexpected signal %d", sig);
432 main_dispatch_server(int fd, struct privsep_proc *p, struct imsg *imsg)
434 struct privsep *ps = p->p_ps;
435 struct conf *conf = ps->ps_env;
437 switch (imsg->hdr.type) {
438 case IMSG_RECONF_DONE:
439 main_configure_done(conf);
449 main_dispatch_crypto(int fd, struct privsep_proc *p, struct imsg *imsg)
451 struct privsep *ps = p->p_ps;
452 struct conf *conf = ps->ps_env;
454 switch (imsg->hdr.type) {
455 case IMSG_RECONF_DONE:
456 main_configure_done(conf);
466 main_dispatch_logger(int fd, struct privsep_proc *p, struct imsg *imsg)
468 struct privsep *ps = p->p_ps;
469 struct conf *conf = ps->ps_env;
471 switch (imsg->hdr.type) {
472 case IMSG_RECONF_DONE:
473 main_configure_done(conf);
483 main_shutdown(struct conf *conf)
490 log_info("parent terminating, pid %d", getpid());
499 main_print_conf(struct conf *conf)
502 /* struct location *l; */
503 /* struct envlist *e; */
504 /* struct alist *a; */
506 if (*conf->chroot != '\0')
507 printf("chroot \"%s\"\n", conf->chroot);
508 /* XXX: defined mimes? */
509 printf("prefork %d\n", conf->prefork);
510 /* XXX: protocols? */
511 if (*conf->user != '\0')
512 printf("user \"%s\"\n", conf->user);
514 TAILQ_FOREACH(h, &conf->hosts, vhosts) {
515 printf("\nserver \"%s\" {\n", h->domain);
516 printf(" cert \"%s\"\n", h->cert);
517 printf(" key \"%s\"\n", h->key);
518 /* TODO: print locations... */