op public repos

Blob

Date:: Fri Mar 19 19:21:29 2021 UTC
Message:: refactoring: imsg everywhere use imsg to handle ALL kinds of IPC in gmid. This simplifies and shorten the code, and makes everything more uniform too.
Actions:: History | Blame | Raw File
1 /*
2  * Copyright (c) 2020 Omar Polo <op@omarpolo.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #ifndef GMID_H
18 #define GMID_H
19 
20 #include "config.h"
21 
22 #include <sys/socket.h>
23 #include <sys/types.h>
24 
25 #include <arpa/inet.h>
26 #include <netinet/in.h>
27 
28 #include <dirent.h>
29 #include <limits.h>
30 #include <netdb.h>
31 #include <signal.h>
32 #include <stdio.h>
33 #include <stdlib.h>
34 #include <time.h>
35 #include <tls.h>
36 #include <unistd.h>
37 
38 #include <openssl/x509.h>
39 
40 #define GEMINI_URL_LEN (1024+3)	/* URL max len + \r\n + \0 */
41 
42 #define SUCCESS		20
43 #define TEMP_REDIRECT	30
44 #define TEMP_FAILURE	40
45 #define CGI_ERROR	42
46 #define NOT_FOUND	51
47 #define PROXY_REFUSED	53
48 #define BAD_REQUEST	59
49 #define CLIENT_CERT_REQ	60
50 #define CERT_NOT_AUTH	61
51 
52 #define MAX_USERS	64
53 
54 #define HOSTSLEN	64
55 #define LOCLEN		32
56 
57 /* maximum hostname and label length, +1 for the NUL-terminator */
58 #define DOMAIN_NAME_LEN	(253+1)
59 #define LABEL_LEN	(63+1)
60 
61 #define PROC_MAX	16
62 
63 struct location {
64 	const char	*match;
65 	const char	*lang;
66 	const char	*default_mime;
67 	const char	*index;
68 	int		 auto_index; /* 0 auto, -1 off, 1 on */
69 	int		 block_code;
70 	const char	*block_fmt;
71 	int		 strip;
72 	X509_STORE	*reqca;
73 	int		 disable_log;
74 };
75 
76 struct vhost {
77 	const char	*domain;
78 	const char	*cert;
79 	const char	*key;
80 	const char	*dir;
81 	const char	*cgi;
82 	const char	*entrypoint;
83 	int		 dirfd;
84 
85 	/* the first location rule is always '*' and holds the default
86 	 * settings for the vhost, from locations[1] onwards there are
87 	 * the "real" location rules specified in the configuration. */
88 	struct location	 locations[LOCLEN];
89 };
90 
91 extern struct vhost hosts[HOSTSLEN];
92 
93 struct etm {			/* extension to mime */
94 	const char	*mime;
95 	const char	*ext;
96 };
97 
98 struct mime {
99 	struct etm	*t;
100 	size_t		len;
101 	size_t		cap;
102 };
103 
104 struct conf {
105 	/* from command line */
106 	int		 foreground;
107 	int		 verbose;
108 
109 	/* in the config */
110 	int		 port;
111 	int		 ipv6;
112 	uint32_t	 protos;
113 	struct mime	 mime;
114 	char		*chroot;
115 	char		*user;
116 	int		 prefork;
117 };
118 
119 extern const char *config_path;
120 extern struct conf conf;
121 
122 extern struct imsgbuf logibuf, exibuf, servibuf[PROC_MAX];
123 
124 extern int servpipes[PROC_MAX];
125 
126 struct iri {
127 	char		*schema;
128 	char		*host;
129 	char		*port;
130 	uint16_t	 port_no;
131 	char		*path;
132 	char		*query;
133 	char		*fragment;
134 };
135 
136 struct parser {
137 	char		*iri;
138 	struct iri	*parsed;
139 	const char	*err;
140 };
141 
142 struct client;
143 
144 typedef void (imsg_handlerfn)(struct imsgbuf*, struct imsg*, size_t);
145 
146 typedef void (*statefn)(int, short, void*);
147 
148 /*
149  * DFA: handle_handshake is the initial state, close_conn the final.
150  * Sometimes we have an enter_* function to handle the state switch.
151  *
152  * handle_handshake -> handle_open_conn
153  * handle_handshake -> close_conn		// on err
154  *
155  * handle_open_conn -> handle_cgi_reply		// via open_file/dir/...
156  * handle_open_conn -> handle_dirlist		// ...same
157  * handle_open_conn -> send_file		// ...same
158  * handle_open_conn -> start_reply		// on error
159  *
160  * handle_cgi_reply -> handle_cgi	// after logging the CGI reply
161  * handle_cgi_reply -> start_reply	// on error
162  *
163  * handle_cgi -> close_conn
164  *
165  * handle_dirlist -> send_directory_listing
166  * handle_dirlist -> close_conn			// on error
167  *
168  * send_directory_listing -> close_conn
169  *
170  * send_file -> close_conn
171  */
172 struct client {
173 	int		 id;
174 	struct tls	*ctx;
175 	char		 req[GEMINI_URL_LEN];
176 	struct iri	 iri;
177 	char		 domain[DOMAIN_NAME_LEN];
178 	statefn		 next;
179 	int		 code;
180 	const char	*meta;
181 	int		 fd, pfd;
182 	DIR		*dir;
183 	char		 sbuf[1024];
184 	ssize_t		 len, off;
185 	struct sockaddr_storage	 addr;
186 	struct vhost	*host;	/* host they're talking to */
187 };
188 
189 struct cgireq {
190 	char		buf[GEMINI_URL_LEN];
191 
192 	size_t		iri_schema_off;
193 	size_t		iri_host_off;
194 	size_t		iri_port_off;
195 	size_t		iri_path_off;
196 	size_t		iri_query_off;
197 	size_t		iri_fragment_off;
198 	int		iri_portno;
199 
200 	char		spath[PATH_MAX+1];
201 	char		relpath[PATH_MAX+1];
202 	char		addr[NI_MAXHOST+1];
203 
204 	/* AFAIK there isn't an upper limit for these two fields. */
205 	char		subject[64+1];
206 	char		issuer[64+1];
207 
208 	char		hash[128+1];
209 	time_t		notbefore;
210 	time_t		notafter;
211 
212 	size_t		host_off;
213 };
214 
215 enum {
216 	FILE_EXISTS,
217 	FILE_EXECUTABLE,
218 	FILE_DIRECTORY,
219 	FILE_MISSING,
220 };
221 
222 enum imsg_type {
223 	IMSG_CGI_REQ,
224 	IMSG_CGI_RES,
225 	IMSG_LOG,
226 	IMSG_QUIT,
227 };
228 
229 /* gmid.c */
230 void		 mkdirs(const char*);
231 char		*data_dir(void);
232 void		 load_local_cert(const char*, const char*);
233 void		 load_vhosts(void);
234 int		 make_socket(int, int);
235 void		 setup_tls(void);
236 void		 init_config(void);
237 void		 free_config(void);
238 void		 drop_priv(void);
239 
240 /* provided by lex/yacc */
241 extern FILE *yyin;
242 extern int yylineno;
243 extern int yyparse(void);
244 extern int yylex(void);
245 
246 void		 yyerror(const char*, ...);
247 int		 parse_portno(const char*);
248 void		 parse_conf(const char*);
249 
250 /* log.c */
251 void		 fatal(const char*, ...)
252 	__attribute__((format (printf, 1, 2)))
253 	__attribute__((__noreturn__));
254 
255 #define LOG_ATTR_FMT __attribute__((format (printf, 2, 3)))
256 void		 log_err(struct client*, const char*, ...)	LOG_ATTR_FMT;
257 void		 log_warn(struct client*, const char*, ...)	LOG_ATTR_FMT;
258 void		 log_notice(struct client*, const char*, ...)	LOG_ATTR_FMT;
259 void		 log_info(struct client*, const char*, ...)	LOG_ATTR_FMT;
260 void		 log_debug(struct client*, const char*, ...)	LOG_ATTR_FMT;
261 void		 log_request(struct client*, char*, size_t);
262 int		 logger_main(int, struct imsgbuf*);
263 
264 /* mime.c */
265 void		 init_mime(struct mime*);
266 void		 add_mime(struct mime*, const char*, const char*);
267 void		 load_default_mime(struct mime*);
268 const char	*mime(struct vhost*, const char*);
269 
270 /* server.c */
271 const char	*vhost_lang(struct vhost*, const char*);
272 const char	*vhost_default_mime(struct vhost*, const char*);
273 const char	*vhost_index(struct vhost*, const char*);
274 int		 vhost_auto_index(struct vhost*, const char*);
275 int		 vhost_block_return(struct vhost*, const char*, int*, const char**);
276 int		 vhost_strip(struct vhost*, const char*);
277 X509_STORE	*vhost_require_ca(struct vhost*, const char*);
278 int		 vhost_disable_log(struct vhost*, const char*);
279 void		 mark_nonblock(int);
280 void		 loop(struct tls*, int, int, struct imsgbuf*);
281 
282 /* ex.c */
283 int		 send_string(int, const char*);
284 int		 recv_string(int, char**);
285 int		 send_iri(int, struct iri*);
286 int		 recv_iri(int, struct iri*);
287 void		 free_recvd_iri(struct iri*);
288 int		 send_vhost(int, struct vhost*);
289 int		 recv_vhost(int, struct vhost**);
290 int		 send_time(int, time_t);
291 int		 recv_time(int, time_t*);
292 int		 send_fd(int, int);
293 int		 recv_fd(int);
294 int		 executor_main(struct imsgbuf*);
295 
296 /* sandbox.c */
297 void		 sandbox(void);
298 
299 /* utf8.c */
300 int		 valid_multibyte_utf8(struct parser*);
301 char		*utf8_nth(char*, size_t);
302 
303 /* iri.c */
304 int		 parse_iri(char*, struct iri*, const char**);
305 int		 trim_req_iri(char*, const char **);
306 int		 serialize_iri(struct iri*, char*, size_t);
307 char		*pct_decode_str(char *);
308 
309 /* puny.c */
310 int		 puny_decode(const char*, char*, size_t, const char**);
311 
312 /* utils.c */
313 void		 block_signals(void);
314 void		 unblock_signals(void);
315 int		 starts_with(const char*, const char*);
316 int		 ends_with(const char*, const char*);
317 ssize_t		 filesize(int);
318 char		*absolutify_path(const char*);
319 char		*xstrdup(const char*);
320 void		 gen_certificate(const char*, const char*, const char*);
321 X509_STORE	*load_ca(const char*);
322 int		 validate_against_ca(X509_STORE*, const uint8_t*, size_t);
323 void		 dispatch_imsg(struct imsgbuf*, imsg_handlerfn**, size_t);
324 
325 #endif