1 /*
2  * Copyright (c) 2021 Omar Polo <op@omarpolo.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include "compat.h"
18 
19 #include <sys/types.h>
20 #include <sys/socket.h>
21 
22 #include <netinet/in.h>
23 
24 #include <assert.h>
25 #include <ctype.h>
26 #include <errno.h>
27 #include <netdb.h>
28 #include <stdarg.h>
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32 #include <tls.h>
33 #include <unistd.h>
34 
35 #if HAVE_ASR_RUN
36 # include <asr.h>
37 #endif
38 
39 #include "telescope.h"
40 
41 static struct imsgev		*iev_ui;
42 static struct tls_config	*tlsconf;
43 
44 /* a pending request */
45 struct req {
46 	struct phos_uri		 url;
47 	uint32_t		 id;
48 	int			 fd;
49 	struct tls		*ctx;
50 	char			 req[1024];
51 	size_t			 len;
52 	int			 done_header;
53 	struct bufferevent	*bev;
54 
55 	struct addrinfo		*servinfo, *p;
56 #if HAVE_ASR_RUN
57 	struct addrinfo		 hints;
58 	struct event_asr	*asrev;
59 #endif
60 
61 	TAILQ_ENTRY(req)	 reqs;
62 };
63 
64 static struct req	*req_by_id(uint32_t);
65 
66 static void	 die(void) __attribute__((__noreturn__));
67 
68 static void	 try_to_connect(int, short, void*);
69 
70 #if HAVE_ASR_RUN
71 static void	 query_done(struct asr_result*, void*);
72 static void	 async_conn_towards(struct req*);
73 #else
74 static void	 blocking_conn_towards(struct req*);
75 #endif
76 
77 static void	 close_with_err(struct req*, const char*);
78 static void	 close_with_errf(struct req*, const char*, ...)
79     __attribute__((format(printf, 2, 3)));
80 
81 static void	 net_tls_handshake(int, short, void *);
82 static void	 net_tls_readcb(int, short, void *);
83 static void	 net_tls_writecb(int, short, void *);
84 
85 static int	 gemini_parse_reply(struct req *, const char *, size_t);
86 
87 static void	 net_ready(struct req *req);
88 static void	 net_read(struct bufferevent *, void *);
89 static void	 net_write(struct bufferevent *, void *);
90 static void	 net_error(struct bufferevent *, short, void *);
91 
92 static void	 handle_get_raw(struct imsg *, size_t);
93 static void	 handle_cert_status(struct imsg*, size_t);
94 static void	 handle_proceed(struct imsg*, size_t);
95 static void	 handle_stop(struct imsg*, size_t);
96 static void	 handle_quit(struct imsg*, size_t);
97 static void	 handle_dispatch_imsg(int, short, void*);
98 
99 static int	 net_send_ui(int, uint32_t, const void *, uint16_t);
100 
101 /* TODO: making this customizable */
102 struct timeval timeout_for_handshake = { 5, 0 };
103 
104 static imsg_handlerfn *handlers[] = {
105 	[IMSG_GET_RAW]		= handle_get_raw,
106 	[IMSG_CERT_STATUS]	= handle_cert_status,
107 	[IMSG_PROCEED]		= handle_proceed,
108 	[IMSG_STOP]		= handle_stop,
109 	[IMSG_QUIT]		= handle_quit,
110 };
111 
112 typedef void (*statefn)(int, short, void*);
113 
114 TAILQ_HEAD(, req) reqhead;
115 
116 static inline void
117 yield_r(struct req *req, statefn fn, struct timeval *tv)
118 {
119 	event_once(req->fd, EV_READ, fn, req, tv);
120 }
121 
122 static inline void
123 yield_w(struct req *req, statefn fn, struct timeval *tv)
124 {
125 	event_once(req->fd, EV_WRITE, fn, req, tv);
126 }
127 
128 static struct req *
129 req_by_id(uint32_t id)
130 {
131 	struct req *r;
132 
133 	TAILQ_FOREACH(r, &reqhead, reqs) {
134 		if (r->id == id)
135 			return r;
136 	}
137 
138 	return NULL;
139 }
140 
141 static void __attribute__((__noreturn__))
142 die(void)
143 {
144 	abort(); 		/* TODO */
145 }
146 
147 static void
148 try_to_connect(int fd, short ev, void *d)
149 {
150 	struct req	*req = d;
151 	int		 error = 0;
152 	socklen_t	 len = sizeof(error);
153 
154 again:
155 	if (req->p == NULL)
156 		goto err;
157 
158 	if (req->fd != -1) {
159 		if (getsockopt(req->fd, SOL_SOCKET, SO_ERROR, &error,
160 		    &len) == -1)
161 			goto err;
162 		if (error != 0) {
163                         errno = error;
164                         goto err;
165 		}
166 		goto done;
167 	}
168 
169 	req->fd = socket(req->p->ai_family, req->p->ai_socktype,
170 	    req->p->ai_protocol);
171 	if (req->fd == -1) {
172 		req->p = req->p->ai_next;
173 		goto again;
174 	} else {
175 		mark_nonblock(req->fd);
176 		if (connect(req->fd, req->p->ai_addr, req->p->ai_addrlen) == 0)
177 			goto done;
178 		yield_w(req, try_to_connect, NULL);
179 	}
180 	return;
181 
182 err:
183 	freeaddrinfo(req->servinfo);
184 	close_with_errf(req, "failed to connect to %s",
185 	    req->url.host);
186 	return;
187 
188 done:
189 	freeaddrinfo(req->servinfo);
190 
191 	/* prepare tls */
192         if ((req->ctx = tls_client()) == NULL) {
193 		close_with_errf(req, "tls_client: %s", strerror(errno));
194 		return;
195 	}
196 	if (tls_configure(req->ctx, tlsconf) == -1) {
197 		close_with_errf(req, "tls_configure: %s", tls_error(req->ctx));
198 		return;
199 	}
200 	if (tls_connect_socket(req->ctx, req->fd, req->url.host) == -1) {
201 		close_with_errf(req, "tls_connect_socket: %s",
202 		    tls_error(req->ctx));
203 		return;
204 	}
205 	yield_w(req, net_tls_handshake, &timeout_for_handshake);
206 }
207 
208 #if HAVE_ASR_RUN
209 static void
210 query_done(struct asr_result *res, void *d)
211 {
212 	struct req	*req = d;
213 
214 	req->asrev = NULL;
215 	if (res->ar_gai_errno != 0) {
216 		close_with_errf(req, "failed to resolve %s: %s",
217 		    req->url.host, gai_strerror(res->ar_gai_errno));
218 		return;
219 	}
220 
221 	req->fd = -1;
222 	req->servinfo = res->ar_addrinfo;
223 	req->p = res->ar_addrinfo;
224 	try_to_connect(0, 0, req);
225 }
226 
227 static void
228 async_conn_towards(struct req *req)
229 {
230 	struct asr_query	*q;
231 	const char		*proto = "1965";
232 
233 	if (*req->url.port != '\0')
234 		proto = req->url.port;
235 
236 	req->hints.ai_family = AF_UNSPEC;
237 	req->hints.ai_socktype = SOCK_STREAM;
238 	q = getaddrinfo_async(req->url.host, proto, &req->hints, NULL);
239 	req->asrev = event_asr_run(q, query_done, req);
240 }
241 #else
242 static void
243 blocking_conn_towards(struct req *req)
244 {
245 	struct addrinfo	 hints;
246 	struct phos_uri	*url = &req->url;
247 	int		 status;
248 	const char	*proto = "1965";
249 
250 	if (*url->port != '\0')
251 		proto = url->port;
252 
253 	memset(&hints, 0, sizeof(hints));
254 	hints.ai_family = AF_UNSPEC;
255 	hints.ai_socktype = SOCK_STREAM;
256 
257 	if ((status = getaddrinfo(url->host, proto, &hints, &req->servinfo))) {
258 		close_with_errf(req, "failed to resolve %s: %s",
259 		    url->host, gai_strerror(status));
260 		return;
261 	}
262 
263 	req->fd = -1;
264 	req->p = req->servinfo;
265 	try_to_connect(0, 0, req);
266 }
267 #endif
268 
269 static void
270 close_conn(int fd, short ev, void *d)
271 {
272 	struct req	*req = d;
273 
274 #if HAVE_ASR_RUN
275 	if (req->asrev != NULL)
276 		event_asr_abort(req->asrev);
277 #endif
278 
279 	if (req->bev != NULL) {
280 		bufferevent_free(req->bev);
281 		req->bev = NULL;
282 	}
283 
284 	if (req->ctx != NULL) {
285 		switch (tls_close(req->ctx)) {
286 		case TLS_WANT_POLLIN:
287 			yield_r(req, close_conn, NULL);
288 			return;
289 		case TLS_WANT_POLLOUT:
290 			yield_w(req, close_conn, NULL);
291 			return;
292 		}
293 
294 		tls_free(req->ctx);
295 		req->ctx = NULL;
296 	}
297 
298 	TAILQ_REMOVE(&reqhead, req, reqs);
299 	if (req->fd != -1)
300 		close(req->fd);
301 	free(req);
302 }
303 
304 static void
305 close_with_err(struct req *req, const char *err)
306 {
307 	net_send_ui(IMSG_ERR, req->id, err, strlen(err)+1);
308 	close_conn(0, 0, req);
309 }
310 
311 static void
312 close_with_errf(struct req *req, const char *fmt, ...)
313 {
314 	va_list	 ap;
315 	char	*s;
316 
317 	va_start(ap, fmt);
318 	if (vasprintf(&s, fmt, ap) == -1)
319 		abort();
320 	va_end(ap);
321 
322 	close_with_err(req, s);
323 	free(s);
324 }
325 
326 static void
327 net_tls_handshake(int fd, short event, void *d)
328 {
329 	struct req	*req = d;
330 	const char	*hash;
331 
332 	if (event == EV_TIMEOUT) {
333 		close_with_err(req, "Timeout loading page");
334 		return;
335 	}
336 
337 	switch (tls_handshake(req->ctx)) {
338 	case TLS_WANT_POLLIN:
339 		yield_r(req, net_tls_handshake, NULL);
340 		return;
341 	case TLS_WANT_POLLOUT:
342 		yield_w(req, net_tls_handshake, NULL);
343 		return;
344 	}
345 
346 	hash = tls_peer_cert_hash(req->ctx);
347 	if (hash == NULL) {
348 		close_with_errf(req, "handshake failed: %s",
349 		    tls_error(req->ctx));
350 		return;
351 	}
352 	net_send_ui(IMSG_CHECK_CERT, req->id, hash, strlen(hash)+1);
353 }
354 
355 static void
356 net_tls_readcb(int fd, short event, void *d)
357 {
358 	struct bufferevent	*bufev = d;
359 	struct req		*req = bufev->cbarg;
360 	char			 buf[IBUF_READ_SIZE];
361 	int			 what = EVBUFFER_READ;
362 	int			 howmuch = IBUF_READ_SIZE;
363 	ssize_t			 ret;
364 	size_t			 len;
365 
366 	if (event == EV_TIMEOUT) {
367 		what |= EVBUFFER_TIMEOUT;
368 		goto err;
369 	}
370 
371 	if (bufev->wm_read.high != 0)
372 		howmuch = MIN(sizeof(buf), bufev->wm_read.high);
373 
374 	switch (ret = tls_read(req->ctx, buf, howmuch)) {
375 	case TLS_WANT_POLLIN:
376 	case TLS_WANT_POLLOUT:
377 		goto retry;
378 	case -1:
379 		what |= EVBUFFER_ERROR;
380 		goto err;
381 	}
382 	len = ret;
383 
384 	if (len == 0) {
385 		what |= EVBUFFER_EOF;
386 		goto err;
387 	}
388 
389 	if (evbuffer_add(bufev->input, buf, len) == -1) {
390 		what |= EVBUFFER_ERROR;
391 		goto err;
392 	}
393 
394 	event_add(&bufev->ev_read, NULL);
395 
396 	len = EVBUFFER_LENGTH(bufev->input);
397 	if (bufev->wm_read.low != 0 && len < bufev->wm_read.low)
398 		return;
399 
400 	if (bufev->readcb != NULL)
401 		(*bufev->readcb)(bufev, bufev->cbarg);
402 	return;
403 
404 retry:
405 	event_add(&bufev->ev_read, NULL);
406 	return;
407 
408 err:
409 	(*bufev->errorcb)(bufev, what, bufev->cbarg);
410 }
411 
412 static void
413 net_tls_writecb(int fd, short event, void *d)
414 {
415 	struct bufferevent	*bufev = d;
416 	struct req		*req = bufev->cbarg;
417 	ssize_t			 ret;
418 	size_t			 len;
419 	short			 what = EVBUFFER_WRITE;
420 
421 	if (event & EV_TIMEOUT) {
422 		what |= EVBUFFER_TIMEOUT;
423 		goto err;
424 	}
425 
426 	if (EVBUFFER_LENGTH(bufev->output) != 0) {
427 		ret = tls_write(req->ctx, EVBUFFER_DATA(bufev->output),
428 		    EVBUFFER_LENGTH(bufev->output));
429 		switch (ret) {
430 		case TLS_WANT_POLLIN:
431 		case TLS_WANT_POLLOUT:
432 			goto retry;
433 		case -1:
434 			what |= EVBUFFER_ERROR;
435 			goto err;
436 		}
437 		len = ret;
438 		evbuffer_drain(bufev->output, len);
439 	}
440 
441 	if (EVBUFFER_LENGTH(bufev->output) != 0)
442 		event_add(&bufev->ev_write, NULL);
443 
444 	if (bufev->writecb != NULL &&
445 	    EVBUFFER_LENGTH(bufev->output) <= bufev->wm_write.low)
446 		(*bufev->writecb)(bufev, bufev->cbarg);
447 	return;
448 
449 retry:
450 	event_add(&bufev->ev_write, NULL);
451 	return;
452 
453 err:
454 	(*bufev->errorcb)(bufev, what, bufev->cbarg);
455 }
456 
457 static int
458 gemini_parse_reply(struct req *req, const char *header, size_t len)
459 {
460 	int		 code;
461 	const char	*t;
462 
463 	if (len < 4)
464 		return 0;
465 
466 	if (!isdigit(header[0]) || !isdigit(header[1]))
467 		return 0;
468 
469 	code = (header[0] - '0')*10 + (header[1] - '0');
470 	if (header[2] != ' ')
471 		return 0;
472 
473 	t = header + 3;
474 
475 	net_send_ui(IMSG_GOT_CODE, req->id, &code, sizeof(code));
476 	net_send_ui(IMSG_GOT_META, req->id, t, strlen(t)+1);
477 
478 	bufferevent_disable(req->bev, EV_READ|EV_WRITE);
479 
480 	if (code < 20 || code >= 30)
481 		close_conn(0, 0, req);
482 	return 1;
483 }
484 
485 /* called when we're ready to read/write */
486 static void
487 net_ready(struct req *req)
488 {
489 	req->bev = bufferevent_new(req->fd, net_read, net_write, net_error,
490 	    req);
491 	if (req->bev == NULL)
492 		die();
493 
494 	/* setup tls i/o layer */
495 	if (req->ctx != NULL) {
496 		event_set(&req->bev->ev_read, req->fd, EV_READ,
497 		    net_tls_readcb, req->bev);
498 		event_set(&req->bev->ev_write, req->fd, EV_WRITE,
499 		    net_tls_writecb, req->bev);
500 	}
501 
502 	/* TODO: adjust watermarks */
503 	bufferevent_setwatermark(req->bev, EV_WRITE, 1, 0);
504 	bufferevent_setwatermark(req->bev, EV_READ,  1, 0);
505 
506 	bufferevent_enable(req->bev, EV_READ|EV_WRITE);
507 
508 	bufferevent_write(req->bev, req->req, req->len);
509 }
510 
511 /* called after a read has been done */
512 static void
513 net_read(struct bufferevent *bev, void *d)
514 {
515 	struct req	*req = d;
516 	struct evbuffer	*src = EVBUFFER_INPUT(bev);
517 	void		*data;
518 	size_t		 len;
519 	int		 r;
520 	char		*header;
521 
522 	if (!req->done_header) {
523 		header = evbuffer_readln(src, &len, EVBUFFER_EOL_CRLF_STRICT);
524 		if (header == NULL && EVBUFFER_LENGTH(src) >= 1024)
525 			goto err;
526 		if (header == NULL)
527 			return;
528 		r = gemini_parse_reply(req, header, len);
529 		free(header);
530 		if (!r)
531 			goto err;
532 		req->done_header = 1;
533 		return;
534 	}
535 
536 	if ((len = EVBUFFER_LENGTH(src)) == 0)
537 		return;
538 	data = EVBUFFER_DATA(src);
539 	net_send_ui(IMSG_BUF, req->id, data, len);
540 	evbuffer_drain(src, len);
541 	return;
542 
543 err:
544 	(*bev->errorcb)(bev, EVBUFFER_READ, bev->cbarg);
545 }
546 
547 /* called after a write has been done */
548 static void
549 net_write(struct bufferevent *bev, void *d)
550 {
551 	struct evbuffer	*dst = EVBUFFER_OUTPUT(bev);
552 
553 	if (EVBUFFER_LENGTH(dst) == 0)
554 		(*bev->errorcb)(bev, EVBUFFER_WRITE, bev->cbarg);
555 }
556 
557 static void
558 net_error(struct bufferevent *bev, short error, void *d)
559 {
560 	struct req	*req = d;
561 
562 	if (error & EVBUFFER_TIMEOUT) {
563 		close_with_err(req, "Timeout loading page");
564 		return;
565 	}
566 
567 	if (error & EVBUFFER_ERROR) {
568 		close_with_err(req, "buffer event error");
569 		return;
570 	}
571 
572 	if (error & EVBUFFER_EOF) {
573 		net_send_ui(IMSG_EOF, req->id, NULL, 0);
574 		close_conn(0, 0, req);
575 		return;
576 	}
577 
578 	if (error & EVBUFFER_WRITE) {
579 		/* finished sending request */
580 		bufferevent_disable(bev, EV_WRITE);
581 		return;
582 	}
583 
584 	if (error & EVBUFFER_READ) {
585 		close_with_err(req, "protocol error");
586 		return;
587 	}
588 
589 	close_with_errf(req, "unknown event error %x", error);
590 }
591 
592 static void
593 handle_get_raw(struct imsg *imsg, size_t datalen)
594 {
595 	struct req	*req;
596 	struct get_req	*r;
597 
598 	r = imsg->data;
599 
600 	if (datalen != sizeof(*r))
601 		die();
602 
603 	if ((req = calloc(1, sizeof(*req))) == NULL)
604 		die();
605 
606 	req->id = imsg->hdr.peerid;
607 	TAILQ_INSERT_HEAD(&reqhead, req, reqs);
608 
609 	strlcpy(req->url.host, r->host, sizeof(req->url.host));
610 	strlcpy(req->url.port, r->port, sizeof(req->url.port));
611 
612 	strlcpy(req->req, r->req, sizeof(req->req));
613 	req->len = strlen(r->req);
614 
615 #if HAVE_ASR_RUN
616         async_conn_towards(req);
617 #else
618 	blocking_conn_towards(req);
619 #endif
620 }
621 
622 static void
623 handle_cert_status(struct imsg *imsg, size_t datalen)
624 {
625 	struct req	*req;
626 	int		 is_ok;
627 
628 	req = req_by_id(imsg->hdr.peerid);
629 
630 	if (datalen < sizeof(is_ok))
631 		die();
632 	memcpy(&is_ok, imsg->data, sizeof(is_ok));
633 
634 	if (is_ok)
635 		net_ready(req);
636 	else
637 		close_conn(0, 0, req);
638 }
639 
640 static void
641 handle_proceed(struct imsg *imsg, size_t datalen)
642 {
643 	struct req *req;
644 
645 	if ((req = req_by_id(imsg->hdr.peerid)) == NULL)
646 		return;
647 
648 	bufferevent_enable(req->bev, EV_READ);
649 }
650 
651 static void
652 handle_stop(struct imsg *imsg, size_t datalen)
653 {
654 	struct req	*req;
655 
656 	if ((req = req_by_id(imsg->hdr.peerid)) == NULL)
657 		return;
658 	close_conn(0, 0, req);
659 }
660 
661 static void
662 handle_quit(struct imsg *imsg, size_t datalen)
663 {
664 	event_loopbreak();
665 }
666 
667 static void
668 handle_dispatch_imsg(int fd, short ev, void *d)
669 {
670 	struct imsgev	*iev = d;
671 
672 	if (dispatch_imsg(iev, ev, handlers, sizeof(handlers)) == -1)
673 		err(1, "connection closed");
674 }
675 
676 static int
677 net_send_ui(int type, uint32_t peerid, const void *data,
678     uint16_t datalen)
679 {
680 	return imsg_compose_event(iev_ui, type, peerid, 0, -1,
681 	    data, datalen);
682 }
683 
684 int
685 net_main(void)
686 {
687 	setproctitle("net");
688 
689 	TAILQ_INIT(&reqhead);
690 
691 	if ((tlsconf = tls_config_new()) == NULL)
692 		die();
693 	tls_config_insecure_noverifycert(tlsconf);
694 	tls_config_insecure_noverifyname(tlsconf);
695 
696 	event_init();
697 
698 	/* Setup pipe and event handler to the main process */
699 	if ((iev_ui = malloc(sizeof(*iev_ui))) == NULL)
700 		die();
701 	imsg_init(&iev_ui->ibuf, 3);
702 	iev_ui->handler = handle_dispatch_imsg;
703 	iev_ui->events = EV_READ;
704 	event_set(&iev_ui->ev, iev_ui->ibuf.fd, iev_ui->events,
705 	    iev_ui->handler, iev_ui);
706 	event_add(&iev_ui->ev, NULL);
707 
708 	sandbox_net_process();
709 
710 	event_dispatch();
711 
712 	tls_config_free(tlsconf);
713 	msgbuf_clear(&iev_ui->ibuf.w);
714 	close(iev_ui->ibuf.fd);
715 	free(iev_ui);
716 
717 	return 0;
718 }