2 * Copyright (c) 2020 Omar Polo <op@omarpolo.com>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 #include <sys/socket.h>
23 #include <sys/types.h>
25 #include <arpa/inet.h>
26 #include <netinet/in.h>
39 #include <openssl/x509.h>
41 #define GMID_STRING "gmid 1.7"
42 #define GMID_VERSION "gmid/1.7"
44 #define GEMINI_URL_LEN (1024+3) /* URL max len + \r\n + \0 */
47 #define TEMP_REDIRECT 30
48 #define TEMP_FAILURE 40
51 #define PROXY_REFUSED 53
52 #define BAD_REQUEST 59
53 #define CLIENT_CERT_REQ 60
54 #define CERT_NOT_AUTH 61
58 /* maximum hostname and label length, +1 for the NUL-terminator */
59 #define DOMAIN_NAME_LEN (253+1)
60 #define LABEL_LEN (63+1)
74 #define FCGI_INFLIGHT 1
78 extern struct fcgi fcgi[FCGI_MAX];
80 TAILQ_HEAD(lochead, location);
84 const char *default_mime;
86 int auto_index; /* 0 auto, -1 off, 1 on */
88 const char *block_fmt;
97 TAILQ_ENTRY(location) locations;
100 TAILQ_HEAD(envhead, envlist);
104 TAILQ_ENTRY(envlist) envs;
107 TAILQ_HEAD(aliashead, alist);
110 TAILQ_ENTRY(alist) aliases;
113 extern TAILQ_HEAD(vhosthead, vhost) hosts;
119 const char *entrypoint;
121 TAILQ_ENTRY(vhost) vhosts;
123 /* the first location rule is always '*' and holds the default
124 * settings for the vhost, then follows the "real" location
125 * rules as specified in the configuration. */
126 struct lochead locations;
129 struct envhead params;
130 struct aliashead aliases;
133 struct etm { /* extension to mime */
145 /* from command line */
159 extern const char *config_path;
160 extern struct conf conf;
162 extern struct imsgbuf logibuf, exibuf, servibuf[PROC_MAX];
164 extern int servpipes[PROC_MAX];
185 TAILQ_ENTRY(mbuf) mbufs;
188 TAILQ_HEAD(mbufhead, mbuf);
190 typedef void (imsg_handlerfn)(struct imsgbuf*, struct imsg*, size_t);
192 typedef void (*statefn)(int, short, void*);
195 * DFA: handle_handshake is the initial state, close_conn the final.
196 * Sometimes we have an enter_* function to handle the state switch.
198 * handle_handshake -> handle_open_conn
199 * handle_handshake -> close_conn // on err
201 * handle_open_conn -> handle_cgi_reply // via open_file/dir/...
202 * handle_open_conn -> send_fcgi_req // via apply_fastcgi, IMSG_FCGI_FD
203 * handle_open_conn -> handle_dirlist // ...same
204 * handle_open_conn -> send_file // ...same
205 * handle_open_conn -> start_reply // on error
207 * handle_cgi_reply -> handle_cgi // after logging the CGI reply
208 * handle_cgi_reply -> start_reply // on error
210 * handle_cgi -> close_conn
212 * send_fcgi_req -> copy_mbuf // via handle_fcgi
213 * handle_fcgi -> close_all // on error
214 * copy_mbuf -> close_conn // on success/error
216 * handle_dirlist -> send_directory_listing
217 * handle_dirlist -> close_conn // on error
219 * send_directory_listing -> close_conn
221 * send_file -> close_conn
226 char req[GEMINI_URL_LEN];
228 char domain[DOMAIN_NAME_LEN];
231 * start_reply uses this to know what function call after the
232 * reply. It's also used as sentinel value in fastcgi to know
233 * if the server has closed the request.
244 /* big enough to store STATUS + SPACE + META + CRLF */
248 struct mbufhead mbufhead;
250 struct sockaddr_storage addr;
251 struct vhost *host; /* host they're talking to */
252 size_t loc; /* location matched */
255 extern struct client clients[MAX_USERS];
258 char buf[GEMINI_URL_LEN];
260 size_t iri_schema_off;
264 size_t iri_query_off;
265 size_t iri_fragment_off;
268 char spath[PATH_MAX+1];
269 char relpath[PATH_MAX+1];
270 char addr[NI_MAXHOST+1];
272 /* AFAIK there isn't an upper limit for these two fields. */
305 char *data_dir(void);
306 void load_local_cert(const char*, const char*);
307 void load_vhosts(void);
308 int make_socket(int, int);
309 void setup_tls(void);
310 void init_config(void);
311 void free_config(void);
312 void drop_priv(void);
314 void yyerror(const char*, ...);
315 int parse_portno(const char*);
316 void parse_conf(const char*);
317 int cmdline_symset(char *);
320 void fatal(const char*, ...)
321 __attribute__((format (printf, 1, 2)))
322 __attribute__((__noreturn__));
324 #define LOG_ATTR_FMT __attribute__((format (printf, 2, 3)))
325 void log_err(struct client*, const char*, ...) LOG_ATTR_FMT;
326 void log_warn(struct client*, const char*, ...) LOG_ATTR_FMT;
327 void log_notice(struct client*, const char*, ...) LOG_ATTR_FMT;
328 void log_info(struct client*, const char*, ...) LOG_ATTR_FMT;
329 void log_debug(struct client*, const char*, ...) LOG_ATTR_FMT;
330 void log_request(struct client*, char*, size_t);
331 int logger_main(int, struct imsgbuf*);
334 void init_mime(struct mime*);
335 void add_mime(struct mime*, const char*, const char*);
336 void load_default_mime(struct mime*);
337 const char *mime(struct vhost*, const char*);
340 const char *vhost_lang(struct vhost*, const char*);
341 const char *vhost_default_mime(struct vhost*, const char*);
342 const char *vhost_index(struct vhost*, const char*);
343 int vhost_auto_index(struct vhost*, const char*);
344 int vhost_block_return(struct vhost*, const char*, int*, const char**);
345 int vhost_fastcgi(struct vhost*, const char*);
346 int vhost_dirfd(struct vhost*, const char*, size_t*);
347 int vhost_strip(struct vhost*, const char*);
348 X509_STORE *vhost_require_ca(struct vhost*, const char*);
349 int vhost_disable_log(struct vhost*, const char*);
351 void mark_nonblock(int);
352 void start_reply(struct client*, int, const char*);
353 void close_conn(int, short, void*);
354 struct client *try_client_by_id(int);
355 void loop(struct tls*, int, int, struct imsgbuf*);
358 int scandir_fd(int, struct dirent***, int(*)(const struct dirent*),
359 int(*)(const struct dirent**, const struct dirent**));
360 int select_non_dot(const struct dirent*);
361 int select_non_dotdot(const struct dirent*);
364 int send_string(int, const char*);
365 int recv_string(int, char**);
366 int send_iri(int, struct iri*);
367 int recv_iri(int, struct iri*);
368 void free_recvd_iri(struct iri*);
369 int send_vhost(int, struct vhost*);
370 int recv_vhost(int, struct vhost**);
371 int send_time(int, time_t);
372 int recv_time(int, time_t*);
373 int send_fd(int, int);
375 int executor_main(struct imsgbuf*);
378 void handle_fcgi(int, short, void*);
379 void send_fcgi_req(struct fcgi*, struct client*);
382 void sandbox_server_process(void);
383 void sandbox_executor_process(void);
384 void sandbox_logger_process(void);
387 int valid_multibyte_utf8(struct parser*);
388 char *utf8_nth(char*, size_t);
391 int parse_iri(char*, struct iri*, const char**);
392 int trim_req_iri(char*, const char **);
393 int serialize_iri(struct iri*, char*, size_t);
394 char *pct_decode_str(char *);
397 int puny_decode(const char*, char*, size_t, const char**);
400 void block_signals(void);
401 void unblock_signals(void);
402 int starts_with(const char*, const char*);
403 int ends_with(const char*, const char*);
404 ssize_t filesize(int);
405 char *absolutify_path(const char*);
406 char *xstrdup(const char*);
407 void *xcalloc(size_t, size_t);
408 void gen_certificate(const char*, const char*, const char*);
409 X509_STORE *load_ca(const char*);
410 int validate_against_ca(X509_STORE*, const uint8_t*, size_t);
411 void dispatch_imsg(struct imsgbuf*, imsg_handlerfn**, size_t);