2 * This file is in the public domain.
21 char dbpath[PATH_MAX];
23 void server_sig_handler(int, short, void *);
24 void server_open_db(struct env *);
25 void server_close_db(struct env *);
26 __dead void server_shutdown(struct env *);
27 int server_reply(struct client *, int, const char *);
28 int server_urldecode(char *);
29 char *server_getquery(struct client *);
32 server_sig_handler(int sig, short ev, void *arg)
34 struct env *env = arg;
37 * Normal signal handler rules don't apply here because libevent
43 log_info("re-opening the db");
52 fatalx("unexpected signal %d", sig);
57 loadstmt(sqlite3 *db, sqlite3_stmt **stmt, const char *sql)
61 err = sqlite3_prepare_v2(db, sql, -1, stmt, NULL);
63 fatalx("failed to prepare statement \"%s\": %s",
64 sql, sqlite3_errstr(err));
68 server_open_db(struct env *env)
72 err = sqlite3_open_v2(dbpath, &env->env_db,
73 SQLITE_OPEN_READONLY, NULL);
75 fatalx("can't open database %s: %s", dbpath,
76 sqlite3_errmsg(env->env_db));
78 loadstmt(env->env_db, &env->env_query,
79 "select mid, \"from\", date, subj,"
80 " snippet(email, 4, '<strong>', '</strong>', '...', 32)"
82 " where email match ?"
83 " order by rank, date"
88 server_close_db(struct env *env)
92 sqlite3_finalize(env->env_query);
94 if ((err = sqlite3_close(env->env_db)) != SQLITE_OK)
95 log_warnx("sqlite3_close %s", sqlite3_errstr(err));
99 server_main(const char *db)
101 char path[PATH_MAX], *parent;
105 struct event sigterm;
107 signal(SIGPIPE, SIG_IGN);
109 memset(&env, 0, sizeof(env));
111 if (realpath(db, dbpath) == NULL)
112 fatal("realpath %s", db);
114 strlcpy(path, dbpath, sizeof(path));
115 parent = dirname(path);
116 if (unveil(parent, "r") == -1)
117 fatal("unveil(%s, r)", parent);
120 * rpath flock: sqlite3
123 if (pledge("stdio rpath flock unix", NULL) == -1)
126 server_open_db(&env);
132 event_set(&env.env_sockev, env.env_sockfd, EV_READ|EV_PERSIST,
134 event_add(&env.env_sockev, NULL);
136 evtimer_set(&env.env_pausev, fcgi_accept, &env);
138 signal_set(&sighup, SIGHUP, server_sig_handler, &env);
139 signal_set(&sigint, SIGINT, server_sig_handler, &env);
140 signal_set(&sigterm, SIGTERM, server_sig_handler, &env);
142 signal_add(&sighup, NULL);
143 signal_add(&sigint, NULL);
144 signal_add(&sigterm, NULL);
149 server_shutdown(&env);
153 server_shutdown(struct env *env)
155 log_info("shutting down");
156 server_close_db(env);
161 server_reply(struct client *clt, int status, const char *arg)
166 clt_printf(clt, "Status: %d\r\n", status) == -1)
169 cps = "Content-Security-Policy: default-src 'self'; "
170 "script-src 'none'; object-src 'none';\r\n";
171 if (clt_puts(clt, cps) == -1)
175 if (clt_printf(clt, "Location: %s\r\n", arg) == -1)
181 clt_printf(clt, "Content-Type: %s\r\n", arg) == -1)
184 return (clt_puts(clt, "\r\n"));
188 server_urldecode(char *s)
191 char *q, code[3] = {0};
209 if (!isxdigit((unsigned char)s[1]) ||
210 !isxdigit((unsigned char)s[2]))
214 x = strtoul(code, NULL, 16);
223 server_getquery(struct client *clt)
227 tmp = clt->clt_query;
228 while ((field = strsep(&tmp, "&")) != NULL) {
229 if (server_urldecode(field) == -1)
232 if (!strncmp(field, "q=", 2))
234 log_info("unknown query param %s", field);
241 fts_escape(const char *p, char *buf, size_t bufsize)
246 * split p into words and quote them into buf.
247 * quoting means wrapping each word into "..." and
248 * replace every " with "".
249 * i.e. 'C++ "framework"' -> '"C++" """framework"""'
250 * flatting all the whitespaces seems fine too.
254 while (bufsize != 0) {
255 p += strspn(p, " \f\n\r\t\v");
261 while (*p && !isspace((unsigned char)*p) && bufsize != 0) {
262 if (*p == '"') { /* double the quote character */
277 if ((*p == '\0') && bufsize != 0) {
285 render_tmpl(struct client *clt, const char *tmpl,
286 const char *var, const char *val)
292 return (clt_puts(clt, tmpl));
295 while ((t = strstr(tmpl, var)) != NULL) {
296 if (clt_write(clt, tmpl, t - tmpl) == -1 ||
297 clt_putsan(clt, val) == -1)
302 return (clt_puts(clt, tmpl));
306 server_handle(struct env *env, struct client *clt)
309 char esc[QUERY_MAXLEN];
311 const char *mid, *from, *subj, *snip;
315 int err, have_results = 0;
317 if ((query = server_getquery(clt)) != NULL &&
318 fts_escape(query, esc, sizeof(esc)) != -1 &&
320 log_debug("searching for %s", esc);
322 err = sqlite3_bind_text(env->env_query, 1, esc, -1, NULL);
323 if (err != SQLITE_OK) {
324 sqlite3_reset(env->env_query);
325 if (server_reply(clt, 500, "text/plain") == -1)
327 if (clt_puts(clt, "Internal server error\n") == -1)
329 return (fcgi_end_request(clt, 1));
334 if (server_reply(clt, 200, "text/html") == -1)
337 if (render_tmpl(clt, tmpl_head, "TITLE", "Search") == -1 ||
338 render_tmpl(clt, tmpl_search_header, NULL, NULL) == -1 ||
339 render_tmpl(clt, tmpl_search, "QUERY", query) == -1)
345 if (clt_puts(clt, "<div class='thread'><ul>") == -1)
349 err = sqlite3_step(env->env_query);
350 if (err == SQLITE_DONE)
352 if (err != SQLITE_ROW) {
353 log_warnx("%s: sqlite3_step %s", __func__,
354 sqlite3_errstr(err));
360 mid = sqlite3_column_text(env->env_query, 0);
361 from = sqlite3_column_text(env->env_query, 1);
362 date = sqlite3_column_int64(env->env_query, 2);
363 subj = sqlite3_column_text(env->env_query, 3);
364 snip = sqlite3_column_text(env->env_query, 4);
366 if ((sizeof(d) == 4) && date > UINT32_MAX) {
367 log_warnx("overflow of 32bit time value");
372 if ((tm = gmtime(&d)) == NULL) {
373 log_warnx("gmtime failure");
377 if (strftime(dbuf, sizeof(dbuf), "%F %R", tm) == 0) {
378 log_warnx("strftime failure");
382 if (clt_puts(clt, "<li class='mail'>"
383 "<p class='mail-meta'><time>") == -1 ||
384 clt_putsan(clt, dbuf) == -1 ||
385 clt_puts(clt, "</time> <span class='from'>") == -1 ||
386 clt_putsan(clt, from) == -1 ||
387 clt_puts(clt, "</span><span class=colon>:</span>") == -1 ||
389 "<p class='subject'>"
390 "<a href='/mail/") == -1 ||
391 clt_putsan(clt, mid) == -1 ||
392 clt_puts(clt, ".html'>") == -1 ||
393 clt_putsan(clt, subj) == -1 ||
394 clt_puts(clt, "</a></p><p class=excerpt>") == -1 ||
395 clt_putmatch(clt, snip) == -1 ||
396 clt_puts(clt, "</p></li>") == -1)
400 if (clt_puts(clt, "</ul></div>") == -1)
404 clt_puts(clt, "<p class='notice'>No mail found.</p>") == -1)
408 if (render_tmpl(clt, tmpl_foot, NULL, NULL) == -1)
411 sqlite3_reset(env->env_query);
412 return (fcgi_end_request(clt, 0));
414 sqlite3_reset(env->env_query);
419 server_client_free(struct client *clt)
421 free(clt->clt_server_name);
422 free(clt->clt_script_name);
423 free(clt->clt_path_info);
424 free(clt->clt_query);