1 /*
2  * Copyright (c) 2023 Omar Polo <op@omarpolo.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include "config.h"
18 
19 #include <sys/stat.h>
20 #include <sys/socket.h>
21 
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <netdb.h>
25 #include <poll.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <tls.h>
30 #include <unistd.h>
31 
32 #include "iri.h"
33 
34 #ifndef INFTIM
35 #define INFTIM -1
36 #endif
37 
38 #ifndef __OpenBSD__
39 #define pledge(a, b) (0)
40 #endif
41 
42 static int
43 dial(const char *hostname, const char *port)
44 {
45 	struct addrinfo	 hints, *res, *res0;
46 	int		 error, save_errno, s;
47 	const char	*cause = NULL;
48 
49 	if (port == NULL || *port == '\0')
50 		port = "1965";
51 
52 	memset(&hints, 0, sizeof(hints));
53 	hints.ai_family = AF_UNSPEC;
54 	hints.ai_socktype = SOCK_STREAM;
55 	error = getaddrinfo(hostname, port, &hints, &res0);
56 	if (error)
57 		errx(1, "can't resolve %s: %s", hostname, gai_strerror(error));
58 
59 	s = -1;
60 	for (res = res0; res; res = res->ai_next) {
61 		s = socket(res->ai_family, res->ai_socktype,
62 		    res->ai_protocol);
63 		if (s == -1) {
64 			cause = "socket";
65 			continue;
66 		}
67 
68 		if (connect(s, res->ai_addr, res->ai_addrlen) == -1) {
69 			cause = "connect";
70 			save_errno = errno;
71 			close(s);
72 			errno = save_errno;
73 			s = -1;
74 			continue;
75 		}
76 
77 		if (fcntl(s, F_SETFL, O_NONBLOCK) == -1)
78 			err(1, "fcntl");
79 		break; /* got one */
80 	}
81 	if (s == -1)
82 		err(1, "%s", cause);
83 	freeaddrinfo(res0);
84 	return (s);
85 }
86 
87 /* returns read bytes, or -1 on error */
88 static ssize_t
89 iomux(struct tls *ctx, int fd, const char *in, size_t inlen, char *out,
90     size_t outlen)
91 {
92 	struct pollfd	 pfd;
93 	size_t		 outwrote = 0;
94 	ssize_t		 ret;
95 
96 	memset(&pfd, 0, sizeof(pfd));
97 	pfd.fd = fd;
98 	pfd.events = POLLIN|POLLOUT;
99 
100 	for (;;) {
101 		if (poll(&pfd, 1, INFTIM) == -1)
102 			err(1, "poll");
103 		if (pfd.revents & (POLLERR|POLLNVAL))
104 			errx(1, "bad fd %d", pfd.fd);
105 
106 		/* attempt to read */
107 		if (out != NULL) {
108 			switch (ret = tls_read(ctx, out, outlen)) {
109 			case TLS_WANT_POLLIN:
110 			case TLS_WANT_POLLOUT:
111 				break;
112 			case -1:
113 				return -1;
114 			case 0:
115 				return outwrote;
116 			default:
117 				outwrote += ret;
118 				out += ret;
119 				outlen -= ret;
120 			}
121 
122 			/*
123 			 * don't write if we're reading; titan works
124 			 * like this.
125 			 */
126 			if (outwrote != 0)
127 				continue;
128 		}
129 
130 		if (inlen == 0 && out == NULL)
131 			break;
132 		if (inlen == 0)
133 			continue;
134 
135 		switch (ret = tls_write(ctx, in, inlen)) {
136 		case TLS_WANT_POLLIN:
137 		case TLS_WANT_POLLOUT:
138 			continue;
139 		case 0:
140 		case -1:
141 			return -1;
142 		default:
143 			in += ret;
144 			inlen -= ret;
145 		}
146 	}
147 
148 	return 0;
149 }
150 
151 static void __dead
152 usage(void)
153 {
154 	fprintf(stderr,
155 	    "usage: %s [-C cert] [-K key] [-m mime] [-t token] url file\n",
156 	    getprogname());
157 	exit(1);
158 }
159 
160 int
161 main(int argc, char **argv)
162 {
163 	struct tls_config *config;
164 	struct tls	*ctx;
165 	struct stat	 sb;
166 	struct iri	 iri;
167 	FILE		*in;
168 	const char	*cert = NULL, *key = NULL, *mime = NULL, *token = NULL;
169 	const char	*parse_err;
170 	char		 iribuf[1025];
171 	char		 resbuf[1025];
172 	char		*req;
173 	int		 sock, ch;
174 
175 	if (pledge("stdio rpath inet dns", NULL) == -1)
176 		err(1, "pledge");
177 
178 	while ((ch = getopt(argc, argv, "C:K:m:t:")) != -1) {
179 		switch (ch) {
180 		case 'C':
181 			cert = optarg;
182 			break;
183 		case 'K':
184 			key = optarg;
185 			break;
186 		case 'm':
187 			mime = optarg;
188 			break;
189 		case 't':
190 			token = optarg;
191 			break;
192 		}
193 	}
194 	argc -= optind;
195 	argv += optind;
196 
197 	if (cert == NULL && key != NULL)
198 		usage();
199 	if (cert != NULL && key == NULL)
200 		key = cert;
201 
202 	if (argc != 2)
203 		usage();
204 
205 	if ((in = fopen(argv[1], "r")) == NULL)
206 		err(1, "can't open %s", argv[1]);
207 
208 	/* drop rpath */
209 	if (pledge("stdio inet dns", NULL) == -1)
210 		err(1, "pledge");
211 
212 	if (fstat(fileno(in), &sb) == -1)
213 		err(1, "fstat");
214 
215 	/* prepare the URL */
216 	if (token && mime) {
217 		if (asprintf(&req, "%s;size=%lld;token=%s;mime=%s\r\n", argv[0],
218 		    (long long)sb.st_size, token, mime) == -1)
219 			err(1, "asprintf");
220 	} else if (token) {
221 		if (asprintf(&req, "%s;size=%lld;token=%s\r\n", argv[0],
222 		    (long long)sb.st_size, token) == -1)
223 			err(1, "asprintf");
224 	} else if (mime) {
225 		if (asprintf(&req, "%s;size=%lld;mime=%s\r\n", argv[0],
226 		    (long long)sb.st_size, mime) == -1)
227 			err(1, "asprintf");
228 	} else {
229 		if (asprintf(&req, "%s;size=%lld\r\n", argv[0],
230 		    (long long)sb.st_size) == -1)
231 			err(1, "asprintf");
232 	}
233 
234 	if (strlcpy(iribuf, argv[0], sizeof(iribuf)) >= sizeof(iribuf))
235 		errx(1, "URL too long");
236 
237 	if (!parse_iri(iribuf, &iri, &parse_err))
238 		errx(1, "invalid IRI: %s", parse_err);
239 
240 	if ((config = tls_config_new()) == NULL)
241 		err(1, "tls_config_new");
242 	tls_config_insecure_noverifycert(config);
243 	tls_config_insecure_noverifyname(config);
244 
245 	if (cert && tls_config_set_keypair_file(config, cert, key) == -1)
246 		errx(1, "cant load certificate client %s", cert);
247 
248 	if ((ctx = tls_client()) == NULL)
249 		errx(1, "can't create tls context");
250 
251 	if (tls_configure(ctx, config) == -1)
252 		errx(1, "tls_configure: %s", tls_error(ctx));
253 
254 	sock = dial(iri.host, iri.port);
255 	if (tls_connect_socket(ctx, sock, iri.host) == -1)
256 		errx(1, "failed to connect to %s:%s: %s", iri.host,
257 		    *iri.port == '\0' ? "1965" : iri.port, tls_error(ctx));
258 
259 	/* drop inet tls */
260 	if (pledge("stdio", NULL) == -1)
261 		err(1, "pledge");
262 
263 	/* send request */
264 	if (iomux(ctx, sock, req, strlen(req), NULL, 0) == -1)
265 		errx(1, "I/O error: %s", tls_error(ctx));
266 
267 	for (;;) {
268 		static char buf[BUFSIZ];
269 		size_t buflen;
270 		ssize_t w;
271 		char *m;
272 
273 		/* will be zero on EOF */
274 		buflen = fread(buf, 1, sizeof(buf), in);
275 
276 		w = iomux(ctx, sock, buf, buflen, resbuf, sizeof(resbuf));
277 		if (w == -1)
278 			errx(1, "I/O error: %s", tls_error(ctx));
279 		if (w != 0) {
280 			if ((m = memmem(resbuf, w, "\r\n", 2)) == NULL)
281 				errx(1, "invalid reply");
282 			*m = '\0';
283 			/* XXX parse */
284 			puts(resbuf);
285 			break;
286 		}
287 	}
288 
289 	/* close connection */
290 	for (;;) {
291 		struct pollfd pfd;
292 
293 		memset(&pfd, 0, sizeof(pfd));
294 		pfd.fd = sock;
295 		pfd.events = POLLIN|POLLOUT;
296 
297 		switch (tls_close(ctx)) {
298 		case TLS_WANT_POLLIN:
299 		case TLS_WANT_POLLOUT:
300 			if (poll(&pfd, 1, INFTIM) == -1)
301 				err(1, "poll");
302 			break;
303 		case -1:
304 			warnx("tls_close: %s", tls_error(ctx));
305 			/* fallthrough */
306 		default:
307 			tls_free(ctx);
308 			return (0);
309 		}
310 	}
311 }