Blob


1 /*
2 * Copyright (c) 2022, 2023 Omar Polo <op@omarpolo.com>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
17 #include "gmid.h"
19 #include <sys/stat.h>
20 #include <sys/wait.h>
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <getopt.h>
25 #include <locale.h>
26 #include <libgen.h>
27 #include <signal.h>
28 #include <string.h>
29 #include <syslog.h>
30 #include <unistd.h>
31 #include <vis.h>
33 #include "log.h"
35 static int gen_eckey = 1;
37 int privsep_process;
39 static const struct option opts[] = {
40 {"help", no_argument, NULL, 'h'},
41 {"version", no_argument, NULL, 'V'},
42 {NULL, 0, NULL, 0},
43 };
45 void
46 log_request(struct client *c, int code, const char *meta)
47 {
48 char b[GEMINI_URL_LEN];
49 char cntmp[64], cn[64] = "-";
50 const char *t;
52 if (c->iri.schema != NULL) {
53 /* serialize the IRI */
54 strlcpy(b, c->iri.schema, sizeof(b));
55 strlcat(b, "://", sizeof(b));
57 /* log the decoded host name, but if it was invalid
58 * use the raw one. */
59 if (*c->domain != '\0')
60 strlcat(b, c->domain, sizeof(b));
61 else
62 strlcat(b, c->iri.host, sizeof(b));
64 if (*c->iri.path != '/')
65 strlcat(b, "/", sizeof(b));
66 strlcat(b, c->iri.path, sizeof(b)); /* TODO: sanitize UTF8 */
67 if (*c->iri.query != '\0') { /* TODO: sanitize UTF8 */
68 strlcat(b, "?", sizeof(b));
69 strlcat(b, c->iri.query, sizeof(b));
70 }
71 } else {
72 if ((t = c->req) == NULL)
73 t = "";
74 strlcpy(b, t, sizeof(b));
75 }
77 if (tls_peer_cert_provided(c->ctx)) {
78 const char *subj;
79 char *n;
81 subj = tls_peer_cert_subject(c->ctx);
82 if ((n = strstr(subj, "/CN=")) != NULL) {
83 strlcpy(cntmp, subj + 4, sizeof(cntmp));
84 if ((n = strchr(cntmp, '/')) != NULL)
85 *n = '\0';
86 strnvis(cn, cntmp, sizeof(cn), VIS_WHITE|VIS_DQ);
87 }
88 }
90 fprintf(stderr, "%s %s %s %s %d %s\n", c->rhost, cn,
91 *c->domain == '\0' ? c->iri.host : c->domain, b, code, meta);
92 }
94 static void
95 load_local_cert(struct vhost *h, const char *hostname, const char *dir)
96 {
97 char *cert, *key;
99 if (asprintf(&cert, "%s/%s.pem", dir, hostname) == -1)
100 fatal("asprintf");
101 if (asprintf(&key, "%s/%s.key", dir, hostname) == -1)
102 fatal("asprintf");
104 if (access(cert, R_OK) == -1 || access(key, R_OK) == -1)
105 gencert(hostname, cert, key, gen_eckey);
107 h->cert = tls_load_file(cert, &h->certlen, NULL);
108 if (h->cert == NULL)
109 fatal("can't load %s", cert);
111 h->key = tls_load_file(key, &h->keylen, NULL);
112 if (h->key == NULL)
113 fatal("can't load %s", key);
115 if (strlcpy(h->domain, hostname, sizeof(h->domain))
116 >= sizeof(h->domain))
117 fatalx("hostname too long: %s", hostname);
120 /* wrapper around dirname(3). dn must be PATH_MAX+1 at least. */
121 static void
122 pdirname(const char *path, char *dn)
124 char p[PATH_MAX+1];
125 char *t;
127 if (strlcpy(p, path, sizeof(p)) >= sizeof(p))
128 fatalx("%s: path too long: %s", __func__, path);
129 t = dirname(p);
130 memmove(dn, t, strlen(t)+1);
133 static void
134 mkdirs(const char *path, mode_t mode)
136 char dname[PATH_MAX+1];
138 pdirname(path, dname);
139 if (!strcmp(dname, "/"))
140 return;
141 mkdirs(dname, mode);
142 if (mkdir(path, mode) != 0 && errno != EEXIST)
143 fatal("can't mkdir %s", path);
146 /* $XDG_DATA_HOME/gemexp */
147 static char *
148 data_dir(void)
150 const char *home, *xdg;
151 char *t;
153 if ((xdg = getenv("XDG_DATA_HOME")) == NULL) {
154 if ((home = getenv("HOME")) == NULL)
155 fatalx("XDG_DATA_HOME and HOME both empty");
156 if (asprintf(&t, "%s/.local/share/gemexp", home) == -1)
157 fatalx("asprintf");
158 } else {
159 if (asprintf(&t, "%s/gemexp", xdg) == -1)
160 fatal("asprintf");
163 mkdirs(t, 0755);
164 return t;
167 static int
168 serve(struct conf *conf, const char *host, int port, const char *dir)
170 struct addrinfo hints, *res, *res0;
171 struct vhost *vh = TAILQ_FIRST(&conf->hosts);
172 struct address *addr, *acp;
173 int r, error, saved_errno, sock = -1;
174 const char *cause = NULL;
175 char service[32];
176 int any = 0;
178 event_init();
180 r = snprintf(service, sizeof(service), "%d", port);
181 if (r < 0 || (size_t)r >= sizeof(service))
182 fatal("snprintf");
184 memset(&hints, 0, sizeof(hints));
185 hints.ai_family = AF_UNSPEC;
186 hints.ai_socktype = SOCK_STREAM;
187 hints.ai_flags = AI_PASSIVE;
188 error = getaddrinfo(host, service, &hints, &res0);
189 if (error)
190 fatalx("%s", gai_strerror(error));
191 for (res = res0; res; res = res->ai_next) {
192 sock = socket(res->ai_family, res->ai_socktype,
193 res->ai_protocol);
194 if (sock == -1) {
195 cause = "socket";
196 continue;
199 if (bind(sock, res->ai_addr, res->ai_addrlen) == -1) {
200 cause = "bind";
201 saved_errno = errno;
202 close(sock);
203 errno = saved_errno;
204 continue;
207 if (listen(sock, 5) == -1)
208 fatal("listen");
210 any = 1;
212 addr = xcalloc(1, sizeof(*addr));
213 addr->ai_flags = res->ai_flags;
214 addr->ai_family = res->ai_family;
215 addr->ai_socktype = res->ai_socktype;
216 addr->ai_protocol = res->ai_protocol;
217 addr->slen = res->ai_addrlen;
218 memcpy(&addr->ss, res->ai_addr, res->ai_addrlen);
220 addr->conf = conf;
221 addr->sock = sock;
222 event_set(&addr->evsock, addr->sock, EV_READ|EV_PERSIST,
223 server_accept, addr);
225 if ((addr->ctx = tls_server()) == NULL)
226 fatal("tls_server failure");
228 TAILQ_INSERT_HEAD(&conf->addrs, addr, addrs);
230 acp = xcalloc(1, sizeof(*acp));
231 memcpy(acp, addr, sizeof(*acp));
232 acp->sock = -1;
233 memset(&acp->evsock, 0, sizeof(acp->evsock));
234 TAILQ_INSERT_HEAD(&vh->addrs, addr, addrs);
237 if (!any)
238 fatal("%s", cause);
239 freeaddrinfo(res0);
241 server_init(NULL, NULL, NULL);
242 if (server_configure_done(conf) == -1)
243 fatalx("server configuration failed");
245 log_info("serving %s on port %d", dir, port);
246 event_dispatch();
247 log_info("quitting");
248 return 0;
251 static __dead void
252 usage(void)
254 fprintf(stderr,
255 "Version: " GEMEXP_STRING "\n"
256 "Usage: %s [-hRV] [-d certs-dir] [-H hostname] [-p port] [dir]\n",
257 getprogname());
258 exit(1);
261 int
262 main(int argc, char **argv)
264 struct conf *conf;
265 struct vhost *host;
266 struct location *loc;
267 const char *errstr, *certs_dir = NULL, *hostname = "localhost";
268 char path[PATH_MAX];
269 int ch, verbose = 0, port = 1965;
271 setlocale(LC_CTYPE, "");
273 log_init(1, LOG_DAEMON);
274 conf = config_new();
276 /* ge doesn't do privsep so no privsep crypto engine. */
277 conf->use_privsep_crypto = 0;
279 while ((ch = getopt_long(argc, argv, "d:H:hp:RVv", opts, NULL)) != -1) {
280 switch (ch) {
281 case 'd':
282 certs_dir = optarg;
283 break;
284 case 'H':
285 hostname = optarg;
286 break;
287 case 'h':
288 usage();
289 break;
290 case 'p':
291 port = strtonum(optarg, 0, UINT16_MAX, &errstr);
292 if (errstr)
293 fatalx("port number is %s: %s", errstr,
294 optarg);
295 break;
296 case 'R':
297 gen_eckey = 0;
298 break;
299 case 'V':
300 puts("Version: " GEMEXP_STRING);
301 return 0;
302 case 'v':
303 verbose = 1;
304 break;
305 default:
306 usage();
307 break;
310 argc -= optind;
311 argv += optind;
313 if (argc > 1)
314 usage();
316 log_init(1, LOG_DAEMON);
317 log_setverbose(verbose);
319 /* prepare the configuration */
320 init_mime(&conf->mime);
322 if (certs_dir == NULL)
323 certs_dir = data_dir();
325 /* set up the implicit vhost and location */
326 host = xcalloc(1, sizeof(*host));
327 TAILQ_INSERT_HEAD(&conf->hosts, host, vhosts);
329 loc = xcalloc(1, sizeof(*loc));
330 loc->fcgi = -1;
331 TAILQ_INSERT_HEAD(&host->locations, loc, locations);
333 load_local_cert(host, hostname, certs_dir);
335 strlcpy(host->domain, "*", sizeof(host->domain));
336 loc->auto_index = 1;
337 strlcpy(loc->match, "*", sizeof(loc->match));
339 if (*argv == NULL) {
340 if (getcwd(path, sizeof(path)) == NULL)
341 fatal("getcwd");
342 strlcpy(loc->dir, path, sizeof(loc->dir));
343 } else {
344 char *tmp;
346 tmp = absolutify_path(*argv);
347 strlcpy(loc->dir, tmp, sizeof(loc->dir));
348 free(tmp);
351 /* start the server */
352 signal(SIGPIPE, SIG_IGN);
353 setproctitle("%s", loc->dir);
354 return serve(conf, hostname, port, loc->dir);