2 * Copyright (c) 2020 Omar Polo <op@omarpolo.com>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 #include <sys/socket.h>
21 #include <arpa/inet.h>
22 #include <netinet/in.h>
39 # define pledge(a, b) 0
40 # define unveil(a, b) 0
47 #define GEMINI_URL_LEN (1024+3) /* URL max len + \r\n + \0 */
49 /* large enough to hold a copy of a gemini URL and still have extra room */
53 #define TEMP_FAILURE 40
55 #define BAD_REQUEST 59
61 #define SAFE_SETENV(var, val) do { \
62 const char *_tmp = (val); \
65 setenv((var), _tmp, 1); \
68 #define LOG(priority, c, fmt, ...) \
70 char buf[INET_ADDRSTRLEN]; \
71 if (inet_ntop((c)->af, &(c)->addr, \
72 buf, sizeof(buf)) == NULL) \
73 FATAL("inet_ntop: %s", strerror(errno)); \
76 "%s " fmt "\n", buf, __VA_ARGS__); \
78 syslog((priority) | LOG_DAEMON, \
79 "%s " fmt, buf, __VA_ARGS__); \
82 #define LOGE(c, fmt, ...) LOG(LOG_ERR, c, fmt, __VA_ARGS__)
83 #define LOGN(c, fmt, ...) LOG(LOG_NOTICE, c, fmt, __VA_ARGS__)
84 #define LOGI(c, fmt, ...) LOG(LOG_INFO, c, fmt, __VA_ARGS__)
85 #define LOGD(c, fmt, ...) LOG(LOG_DEBUG, c, fmt, __VA_ARGS__)
87 #define FATAL(fmt, ...) \
90 fprintf(stderr, fmt "\n", __VA_ARGS__); \
92 syslog(LOG_DAEMON | LOG_CRIT, \
109 int fd, waiting_on_child;
111 char sbuf[1024]; /* static buffer */
112 void *buf, *i; /* mmap buffer */
113 ssize_t len, off; /* mmap/static buffer */
125 struct etm { /* file extension to mime */
129 {"application/pdf", "pdf"},
131 {"image/gif", "gif"},
132 {"image/jpeg", "jpg"},
133 {"image/jpeg", "jpeg"},
134 {"image/png", "png"},
135 {"image/svg+xml", "svg"},
137 {"text/gemini", "gemini"},
138 {"text/gemini", "gmi"},
139 {"text/markdown", "markdown"},
140 {"text/markdown", "md"},
141 {"text/plain", "txt"},
147 const char *dir, *cgi;
151 int connected_clients;
153 void siginfo_handler(int);
154 int starts_with(const char*, const char*);
156 char *url_after_proto(char*);
157 char *url_start_of_request(char*);
158 int url_trim(struct client*, char*);
159 char *adjust_path(char*);
160 ssize_t filesize(int);
162 int start_reply(struct pollfd*, struct client*, int, const char*);
163 const char *path_ext(const char*);
164 const char *mime(const char*);
165 int check_path(struct client*, const char*, int*);
166 int check_for_cgi(char *, char*, struct pollfd*, struct client*);
167 int open_file(char*, char*, struct pollfd*, struct client*);
168 int start_cgi(const char*, const char*, const char*, struct pollfd*, struct client*);
169 void cgi_setpoll_on_child(struct pollfd*, struct client*);
170 void cgi_setpoll_on_client(struct pollfd*, struct client*);
171 void handle_cgi(struct pollfd*, struct client*);
172 void send_file(char*, char*, struct pollfd*, struct client*);
173 void send_dir(char*, struct pollfd*, struct client*);
174 void handle(struct pollfd*, struct client*);
176 void mark_nonblock(int);
178 void do_accept(int, struct tls*, struct pollfd*, struct client*);
179 void goodbye(struct pollfd*, struct client*);
180 void loop(struct tls*, int);
182 void usage(const char*);
185 siginfo_handler(int sig)
191 starts_with(const char *str, const char *prefix)
195 for (i = 0; prefix[i] != '\0'; ++i)
196 if (str[i] != prefix[i])
202 url_after_proto(char *url)
205 const char *proto = "gemini:";
206 const char *marker = "//";
209 if ((s = strstr(url, marker)) == NULL)
213 * if a protocol is not specified, gemini should be implied:
214 * this handles the case of //example.com
217 return s + strlen(marker);
219 if (s - strlen(proto) != url)
222 if (!starts_with(url, proto))
225 return s + strlen(marker);
229 url_start_of_request(char *url)
233 if ((s = url_after_proto(url)) == NULL)
236 /* non-absolute URL */
240 if ((t = strstr(s, "/")) == NULL)
241 return s + strlen(s);
246 url_trim(struct client *c, char *url)
248 const char *e = "\r\n";
251 if ((s = strstr(url, e)) == NULL)
257 LOGE(c, "%s", "request longer than 1024 bytes");
265 adjust_path(char *path)
270 if ((query = strchr(path, '?')) != NULL) {
278 if (!strcmp(&path[len-3], "/..")) {
283 /* if the path is only `..` trim out and exit */
284 if (!strcmp(path, "..")) {
289 /* remove every ../ in the path */
291 if ((s = strstr(path, "../")) == NULL)
293 memmove(s, s+3, strlen(s)+1); /* copy also the \0 */
298 start_reply(struct pollfd *pfd, struct client *client, int code, const char *reason)
300 char buf[1030] = {0}; /* status + ' ' + max reply len + \r\n\0 */
305 client->meta = reason;
306 client->state = S_INITIALIZING;
308 len = snprintf(buf, sizeof(buf), "%d %s\r\n", code, reason);
309 assert(len < (int)sizeof(buf));
310 ret = tls_write(client->ctx, buf, len);
311 if (ret == TLS_WANT_POLLIN) {
312 pfd->events = POLLIN;
316 if (ret == TLS_WANT_POLLOUT) {
317 pfd->events = POLLOUT;
329 if ((len = lseek(fd, 0, SEEK_END)) == -1)
331 if (lseek(fd, 0, SEEK_SET) == -1)
337 path_ext(const char *path)
341 end = path + strlen(path)-1; /* the last byte before the NUL */
342 for (; end != path; --end) {
353 mime(const char *path)
355 const char *ext, *def = "application/octet-stream";
358 if ((ext = path_ext(path)) == NULL)
361 for (t = filetypes; t->mime != NULL; ++t)
362 if (!strcmp(ext, t->ext))
369 check_path(struct client *c, const char *path, int *fd)
373 assert(path != NULL);
374 if ((*fd = openat(dirfd, path,
375 O_RDONLY | O_NOFOLLOW | O_CLOEXEC)) == -1) {
379 if (fstat(*fd, &sb) == -1) {
380 LOGN(c, "failed stat for %s: %s", path, strerror(errno));
384 if (S_ISDIR(sb.st_mode))
385 return FILE_DIRECTORY;
387 if (sb.st_mode & S_IXUSR)
388 return FILE_EXECUTABLE;
394 * the inverse of this algorithm, i.e. starting from the start of the
395 * path + strlen(cgi), and checking if each component, should be
396 * faster. But it's tedious to write. This does the opposite: starts
397 * from the end and strip one component at a time, until either an
398 * executable is found or we emptied the path.
401 check_for_cgi(char *path, char *query, struct pollfd *fds, struct client *c)
404 end = strchr(path, '\0');
406 /* NB: assume CGI is enabled and path matches cgi */
409 /* go up one level. UNIX paths are simple and POSIX
410 * dirname, with its ambiguities on if the given path
411 * is changed or not, gives me headaches. */
416 switch (check_path(c, path, &c->fd)) {
417 case FILE_EXECUTABLE:
418 return start_cgi(path, end+1, query, fds,c);
430 if (!start_reply(fds, c, NOT_FOUND, "not found"))
438 open_file(char *path, char *query, struct pollfd *fds, struct client *c)
442 bzero(fpath, sizeof(fpath));
446 strlcat(fpath, path, PATHBUF);
448 switch (check_path(c, fpath, &c->fd)) {
449 case FILE_EXECUTABLE:
450 /* +2 to skip the ./ */
451 if (cgi != NULL && starts_with(fpath+2, cgi))
452 return start_cgi(fpath, "", query, fds, c);
457 if ((c->len = filesize(c->fd)) == -1) {
458 LOGE(c, "failed to get file size for %s", fpath);
463 if ((c->buf = mmap(NULL, c->len, PROT_READ, MAP_PRIVATE,
464 c->fd, 0)) == MAP_FAILED) {
465 warn("mmap: %s", fpath);
470 return start_reply(fds, c, SUCCESS, mime(fpath));
473 LOGD(c, "%s is a directory, trying %s/index.gmi", fpath, fpath);
476 send_dir(fpath, fds, c);
480 if (cgi != NULL && starts_with(fpath+2, cgi))
481 return check_for_cgi(fpath, query, fds, c);
483 if (!start_reply(fds, c, NOT_FOUND, "not found"))
495 start_cgi(const char *spath, const char *relpath, const char *query,
496 struct pollfd *fds, struct client *c)
499 int p[2]; /* read end, write end */
504 switch (pid = fork()) {
508 case 0: { /* child */
509 char *ex, *requri, *portno;
510 char addr[INET_ADDRSTRLEN];
511 char *argv[] = { NULL, NULL, NULL };
516 if (dup2(p[1], 1) == -1)
519 if (inet_ntop(c->af, &c->addr, addr, sizeof(addr)) == NULL)
522 if (asprintf(&portno, "%d", port) == -1)
525 if (asprintf(&ex, "%s%s", dir, spath+1) == -1)
528 if (asprintf(&requri, "%s%s%s", spath,
529 *relpath == '\0' ? "" : "/",
533 argv[0] = argv[1] = ex;
536 SAFE_SETENV("GATEWAY_INTERFACE", "CGI/1.1");
537 SAFE_SETENV("SERVER_SOFTWARE", "gmid");
538 SAFE_SETENV("SERVER_PORT", portno);
539 /* setenv("SERVER_NAME", "", 1); */
540 SAFE_SETENV("SCRIPT_NAME", spath);
541 SAFE_SETENV("SCRIPT_EXECUTABLE", ex);
542 SAFE_SETENV("REQUEST_URI", requri);
543 SAFE_SETENV("REQUEST_RELATIVE", relpath);
544 SAFE_SETENV("QUERY_STRING", query);
545 SAFE_SETENV("REMOTE_HOST", addr);
546 SAFE_SETENV("REMOTE_ADDR", addr);
547 SAFE_SETENV("DOCUMENT_ROOT", dir);
549 if (tls_peer_cert_provided(c->ctx)) {
550 SAFE_SETENV("AUTH_TYPE", "Certificate");
551 SAFE_SETENV("REMOTE_USER", tls_peer_cert_subject(c->ctx));
552 SAFE_SETENV("TLS_CLIENT_ISSUER", tls_peer_cert_issuer(c->ctx));
553 SAFE_SETENV("TLS_CLIENT_HASH", tls_peer_cert_hash(c->ctx));
560 default: /* parent */
565 mark_nonblock(c->fd);
566 c->state = S_SENDING;
572 if (!start_reply(fds, c, TEMP_FAILURE, "internal server error"))
578 dprintf(p[1], "%d internal server error\r\n", TEMP_FAILURE);
584 cgi_setpoll_on_child(struct pollfd *fds, struct client *c)
588 if (c->waiting_on_child)
590 c->waiting_on_child = 1;
592 fds->events = POLLIN;
600 cgi_setpoll_on_client(struct pollfd *fds, struct client *c)
604 if (!c->waiting_on_child)
606 c->waiting_on_child = 0;
614 handle_cgi(struct pollfd *fds, struct client *c)
618 /* ensure c->fd is the child and fds->fd the client */
619 cgi_setpoll_on_client(fds, c);
623 if ((r = read(c->fd, c->sbuf, sizeof(c->sbuf))) == 0)
626 if (errno == EAGAIN || errno == EWOULDBLOCK) {
627 cgi_setpoll_on_child(fds, c);
637 switch (r = tls_write(c->ctx, c->sbuf + c->off, c->len)) {
641 case TLS_WANT_POLLOUT:
642 fds->events = POLLOUT;
645 case TLS_WANT_POLLIN:
646 fds->events = POLLIN;
662 send_file(char *path, char *query, struct pollfd *fds, struct client *c)
667 if (!open_file(path, query, fds, c))
669 c->state = S_SENDING;
672 len = (c->buf + c->len) - c->i;
675 switch (ret = tls_write(c->ctx, c->i, len)) {
677 LOGE(c, "tls_write: %s", tls_error(c->ctx));
681 case TLS_WANT_POLLIN:
682 fds->events = POLLIN;
685 case TLS_WANT_POLLOUT:
686 fds->events = POLLOUT;
700 send_dir(char *path, struct pollfd *fds, struct client *client)
705 bzero(fpath, PATHBUF);
710 /* this cannot fail since sizeof(fpath) > maxlen of path */
711 strlcat(fpath, path, PATHBUF);
714 /* add a trailing / in case. */
715 if (fpath[len-1] != '/') {
719 strlcat(fpath, "index.gmi", sizeof(fpath));
721 send_file(fpath, NULL, fds, client);
725 handle(struct pollfd *fds, struct client *client)
727 char buf[GEMINI_URL_LEN];
731 switch (client->state) {
733 bzero(buf, GEMINI_URL_LEN);
734 switch (tls_read(client->ctx, buf, sizeof(buf)-1)) {
736 LOGE(client, "tls_read: %s", tls_error(client->ctx));
737 goodbye(fds, client);
740 case TLS_WANT_POLLIN:
741 fds->events = POLLIN;
744 case TLS_WANT_POLLOUT:
745 fds->events = POLLOUT;
749 if (!url_trim(client, buf)) {
750 if (!start_reply(fds, client, BAD_REQUEST, "bad request"))
752 goodbye(fds, client);
756 if ((path = url_start_of_request(buf)) == NULL) {
757 if (!start_reply(fds, client, BAD_REQUEST, "bad request"))
759 goodbye(fds, client);
763 query = adjust_path(path);
764 LOGI(client, "GET %s%s%s", path,
768 send_file(path, query, fds, client);
772 if (!start_reply(fds, client, client->code, client->meta))
775 if (client->code != SUCCESS) {
776 /* we don't need a body */
777 goodbye(fds, client);
781 client->state = S_SENDING;
786 if (client->child != -1)
787 handle_cgi(fds, client);
789 send_file(NULL, NULL, fds, client);
793 goodbye(fds, client);
803 mark_nonblock(int fd)
807 if ((flags = fcntl(fd, F_GETFL)) == -1)
808 FATAL("fcntl(F_GETFL): %s", strerror(errno));
809 if (fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1)
810 FATAL("fcntl(F_SETFL): %s", strerror(errno));
814 make_socket(int port, int family)
817 struct sockaddr_in addr4;
818 struct sockaddr_in6 addr6;
819 struct sockaddr *addr;
824 bzero(&addr4, sizeof(addr4));
825 addr4.sin_family = family;
826 addr4.sin_port = htons(port);
827 addr4.sin_addr.s_addr = INADDR_ANY;
828 addr = (struct sockaddr*)&addr4;
833 bzero(&addr6, sizeof(addr6));
834 addr6.sin6_family = AF_INET6;
835 addr6.sin6_port = htons(port);
836 addr6.sin6_addr = in6addr_any;
837 addr = (struct sockaddr*)&addr6;
846 if ((sock = socket(family, SOCK_STREAM, 0)) == -1)
847 FATAL("socket: %s", strerror(errno));
850 if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &v, sizeof(v)) == -1)
851 FATAL("setsockopt(SO_REUSEADDR): %s", strerror(errno));
854 if (setsockopt(sock, SOL_SOCKET, SO_REUSEPORT, &v, sizeof(v)) == -1)
855 FATAL("setsockopt(SO_REUSEPORT): %s", strerror(errno));
859 if (bind(sock, addr, len) == -1)
860 FATAL("bind: %s", strerror(errno));
862 if (listen(sock, 16) == -1)
863 FATAL("listen: %s", strerror(errno));
869 do_accept(int sock, struct tls *ctx, struct pollfd *fds, struct client *clients)
872 struct sockaddr_in addr;
876 if ((fd = accept(sock, (struct sockaddr*)&addr, &len)) == -1) {
877 if (errno == EWOULDBLOCK)
879 FATAL("accept: %s", strerror(errno));
884 for (i = 0; i < MAX_USERS; ++i) {
885 if (fds[i].fd == -1) {
886 bzero(&clients[i], sizeof(struct client));
887 if (tls_accept_socket(ctx, &clients[i].ctx, fd) == -1)
888 break; /* goodbye fd! */
891 fds[i].events = POLLIN;
893 clients[i].state = S_OPEN;
895 clients[i].child = -1;
896 clients[i].buf = MAP_FAILED;
897 clients[i].af = AF_INET;
898 clients[i].addr = addr.sin_addr;
909 goodbye(struct pollfd *pfd, struct client *c)
913 c->state = S_CLOSING;
915 ret = tls_close(c->ctx);
916 if (ret == TLS_WANT_POLLIN) {
917 pfd->events = POLLIN;
920 if (ret == TLS_WANT_POLLOUT) {
921 pfd->events = POLLOUT;
930 if (c->buf != MAP_FAILED)
931 munmap(c->buf, c->len);
941 loop(struct tls *ctx, int sock)
944 struct client clients[MAX_USERS];
945 struct pollfd fds[MAX_USERS];
947 for (i = 0; i < MAX_USERS; ++i) {
949 fds[i].events = POLLIN;
950 bzero(&clients[i], sizeof(struct client));
956 if ((todo = poll(fds, MAX_USERS, INFTIM)) == -1) {
957 if (errno == EINTR) {
958 warnx("connected clients: %d",
962 FATAL("poll: %s", strerror(errno));
965 for (i = 0; i < MAX_USERS; i++) {
966 assert(i < MAX_USERS);
968 if (fds[i].revents == 0)
971 if (fds[i].revents & (POLLERR|POLLNVAL))
972 FATAL("bad fd %d: %s", fds[i].fd,
975 if (fds[i].revents & POLLHUP) {
976 /* fds[i] may be the fd of the stdin
977 * of a cgi script that has exited. */
978 if (!clients[i].waiting_on_child) {
979 goodbye(&fds[i], &clients[i]);
986 if (i == 0) { /* new client */
987 do_accept(sock, ctx, fds, clients);
991 handle(&fds[i], &clients[i]);
997 absolutify_path(const char *path)
1002 return strdup(path);
1005 if (asprintf(&r, "%s/%s", wd, path) == -1)
1012 usage(const char *me)
1015 "USAGE: %s [-h] [-c cert.pem] [-d docs] [-k key.pem] "
1016 "[-l logfile] [-p port] [-x cgi-bin]\n",
1021 main(int argc, char **argv)
1023 const char *cert = "cert.pem", *key = "key.pem";
1024 struct tls *ctx = NULL;
1025 struct tls_config *conf;
1028 signal(SIGPIPE, SIG_IGN);
1029 signal(SIGCHLD, SIG_IGN);
1032 signal(SIGINFO, siginfo_handler);
1034 signal(SIGUSR2, siginfo_handler);
1036 connected_clients = 0;
1038 if ((dir = absolutify_path("docs")) == NULL)
1039 err(1, "absolutify_path");
1045 while ((ch = getopt(argc, argv, "c:d:fhk:p:x:")) != -1) {
1053 if ((dir = absolutify_path(optarg)) == NULL)
1054 err(1, "absolutify_path");
1074 lval = strtol(optarg, &ep, 10);
1075 if (optarg[0] == '\0' || *ep != '\0')
1076 err(1, "not a number: %s", optarg);
1077 if (lval < 0 || lval > UINT16_MAX)
1078 err(1, "port number out of range: %s", optarg);
1093 if ((conf = tls_config_new()) == NULL)
1094 err(1, "tls_config_new");
1096 /* optionally accept client certs, but don't try to verify them */
1097 tls_config_verify_client_optional(conf);
1098 tls_config_insecure_noverifycert(conf);
1100 if (tls_config_set_protocols(conf,
1101 TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3) == -1)
1102 err(1, "tls_config_set_protocols");
1104 if (tls_config_set_cert_file(conf, cert) == -1)
1105 err(1, "tls_config_set_cert_file: %s", cert);
1107 if (tls_config_set_key_file(conf, key) == -1)
1108 err(1, "tls_config_set_key_file: %s", key);
1110 if ((ctx = tls_server()) == NULL)
1111 err(1, "tls_server");
1113 if (tls_configure(ctx, conf) == -1)
1114 errx(1, "tls_configure: %s", tls_error(ctx));
1116 sock = make_socket(port, AF_INET);
1118 if ((dirfd = open(dir, O_RDONLY | O_DIRECTORY)) == -1)
1119 err(1, "open: %s", dir);
1121 if (!foreground && daemon(0, 1) == -1)
1125 if (unveil(dir, "rx") == -1)
1127 if (pledge("stdio rpath inet proc exec", NULL) == -1)
1130 if (unveil(dir, "r") == -1)
1132 if (pledge("stdio rpath inet", NULL) == -1)
1140 tls_config_free(conf);