1 /*
2  * Copyright (c) 2021 Omar Polo <op@omarpolo.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include "compat.h"
18 
19 #include <sys/types.h>
20 #include <sys/socket.h>
21 
22 #include <netinet/in.h>
23 
24 #include <assert.h>
25 #include <ctype.h>
26 #include <errno.h>
27 #include <netdb.h>
28 #include <stdarg.h>
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32 #include <tls.h>
33 #include <unistd.h>
34 
35 #if HAVE_ASR_RUN
36 # include <asr.h>
37 #endif
38 
39 #include "telescope.h"
40 
41 static struct imsgev		*iev_ui;
42 static struct tls_config	*tlsconf;
43 
44 struct req;
45 
46 static struct req	*req_by_id(uint32_t);
47 
48 static void		 die(void) __attribute__((__noreturn__));
49 
50 static void		 try_to_connect(int, short, void*);
51 
52 #if HAVE_ASR_RUN
53 static void		 query_done(struct asr_result*, void*);
54 static void		 async_conn_towards(struct req*);
55 #else
56 static void 		 blocking_conn_towards(struct req*);
57 #endif
58 
59 static void		 close_with_err(struct req*, const char*);
60 static void		 close_with_errf(struct req*, const char*, ...)
61     __attribute__((format(printf, 2, 3)));
62 
63 static void		 net_tls_handshake(int, short, void *);
64 static void		 net_tls_readcb(int, short, void *);
65 static void		 net_tls_writecb(int, short, void *);
66 
67 static int		 gemini_parse_reply(struct req *, const char *, size_t);
68 
69 static void		 net_ready(struct req *req);
70 static void		 net_read(struct bufferevent *, void *);
71 static void		 net_write(struct bufferevent *, void *);
72 static void		 net_error(struct bufferevent *, short, void *);
73 
74 static void		 handle_get_raw(struct imsg *, size_t);
75 static void		 handle_cert_status(struct imsg*, size_t);
76 static void		 handle_proceed(struct imsg*, size_t);
77 static void		 handle_stop(struct imsg*, size_t);
78 static void		 handle_quit(struct imsg*, size_t);
79 static void		 handle_dispatch_imsg(int, short, void*);
80 
81 static int		 net_send_ui(int, uint32_t, const void *, uint16_t);
82 
83 /* TODO: making this customizable */
84 struct timeval timeout_for_handshake = { 5, 0 };
85 
86 static imsg_handlerfn *handlers[] = {
87 	[IMSG_GET_RAW]		= handle_get_raw,
88 	[IMSG_CERT_STATUS]	= handle_cert_status,
89 	[IMSG_PROCEED]		= handle_proceed,
90 	[IMSG_STOP]		= handle_stop,
91 	[IMSG_QUIT]		= handle_quit,
92 };
93 
94 typedef void (*statefn)(int, short, void*);
95 
96 TAILQ_HEAD(, req) reqhead;
97 /* a pending request */
98 struct req {
99 	struct phos_uri		 url;
100 	uint32_t		 id;
101 	int			 fd;
102 	struct tls		*ctx;
103 	char			 req[1024];
104 	size_t			 len;
105 	int			 done_header;
106 	struct bufferevent	*bev;
107 
108 	struct addrinfo		*servinfo, *p;
109 #if HAVE_ASR_RUN
110 	struct addrinfo		 hints;
111 	struct event_asr	*asrev;
112 #endif
113 
114 	TAILQ_ENTRY(req)	 reqs;
115 };
116 
117 static inline void
118 yield_r(struct req *req, statefn fn, struct timeval *tv)
119 {
120 	event_once(req->fd, EV_READ, fn, req, tv);
121 }
122 
123 static inline void
124 yield_w(struct req *req, statefn fn, struct timeval *tv)
125 {
126 	event_once(req->fd, EV_WRITE, fn, req, tv);
127 }
128 
129 static struct req *
130 req_by_id(uint32_t id)
131 {
132 	struct req *r;
133 
134 	TAILQ_FOREACH(r, &reqhead, reqs) {
135 		if (r->id == id)
136 			return r;
137 	}
138 
139 	return NULL;
140 }
141 
142 static void __attribute__((__noreturn__))
143 die(void)
144 {
145 	abort(); 		/* TODO */
146 }
147 
148 static void
149 try_to_connect(int fd, short ev, void *d)
150 {
151 	struct req	*req = d;
152 	int		 error = 0;
153 	socklen_t	 len = sizeof(error);
154 
155 again:
156 	if (req->p == NULL)
157 		goto err;
158 
159 	if (req->fd != -1) {
160 		if (getsockopt(req->fd, SOL_SOCKET, SO_ERROR, &error,
161 		    &len) == -1)
162 			goto err;
163 		if (error != 0) {
164                         errno = error;
165                         goto err;
166 		}
167 		goto done;
168 	}
169 
170 	req->fd = socket(req->p->ai_family, req->p->ai_socktype,
171 	    req->p->ai_protocol);
172 	if (req->fd == -1) {
173 		req->p = req->p->ai_next;
174 		goto again;
175 	} else {
176 		mark_nonblock(req->fd);
177 		if (connect(req->fd, req->p->ai_addr, req->p->ai_addrlen) == 0)
178 			goto done;
179 		yield_w(req, try_to_connect, NULL);
180 	}
181 	return;
182 
183 err:
184 	freeaddrinfo(req->servinfo);
185 	close_with_errf(req, "failed to connect to %s",
186 	    req->url.host);
187 	return;
188 
189 done:
190 	freeaddrinfo(req->servinfo);
191 
192 	/* prepare tls */
193         if ((req->ctx = tls_client()) == NULL) {
194 		close_with_errf(req, "tls_client: %s", strerror(errno));
195 		return;
196 	}
197 	if (tls_configure(req->ctx, tlsconf) == -1) {
198 		close_with_errf(req, "tls_configure: %s", tls_error(req->ctx));
199 		return;
200 	}
201 	if (tls_connect_socket(req->ctx, req->fd, req->url.host) == -1) {
202 		close_with_errf(req, "tls_connect_socket: %s",
203 		    tls_error(req->ctx));
204 		return;
205 	}
206 	yield_w(req, net_tls_handshake, &timeout_for_handshake);
207 }
208 
209 #if HAVE_ASR_RUN
210 static void
211 query_done(struct asr_result *res, void *d)
212 {
213 	struct req	*req = d;
214 
215 	req->asrev = NULL;
216 	if (res->ar_gai_errno != 0) {
217 		close_with_errf(req, "failed to resolve %s: %s",
218 		    req->url.host, gai_strerror(res->ar_gai_errno));
219 		return;
220 	}
221 
222 	req->fd = -1;
223 	req->servinfo = res->ar_addrinfo;
224 	req->p = res->ar_addrinfo;
225 	try_to_connect(0, 0, req);
226 }
227 
228 static void
229 async_conn_towards(struct req *req)
230 {
231 	struct asr_query	*q;
232 	const char		*proto = "1965";
233 
234 	if (*req->url.port != '\0')
235 		proto = req->url.port;
236 
237 	req->hints.ai_family = AF_UNSPEC;
238 	req->hints.ai_socktype = SOCK_STREAM;
239 	q = getaddrinfo_async(req->url.host, proto, &req->hints, NULL);
240 	req->asrev = event_asr_run(q, query_done, req);
241 }
242 #else
243 static void
244 blocking_conn_towards(struct req *req)
245 {
246 	struct addrinfo	 hints;
247 	struct phos_uri	*url = &req->url;
248 	int		 status;
249 	const char	*proto = "1965";
250 
251 	if (*url->port != '\0')
252 		proto = url->port;
253 
254 	memset(&hints, 0, sizeof(hints));
255 	hints.ai_family = AF_UNSPEC;
256 	hints.ai_socktype = SOCK_STREAM;
257 
258 	if ((status = getaddrinfo(url->host, proto, &hints, &req->servinfo))) {
259 		close_with_errf(req, "failed to resolve %s: %s",
260 		    url->host, gai_strerror(status));
261 		return;
262 	}
263 
264 	req->fd = -1;
265 	req->p = req->servinfo;
266 	try_to_connect(0, 0, req);
267 }
268 #endif
269 
270 static void
271 close_conn(int fd, short ev, void *d)
272 {
273 	struct req	*req = d;
274 
275 #if HAVE_ASR_RUN
276 	if (req->asrev != NULL)
277 		event_asr_abort(req->asrev);
278 #endif
279 
280 	if (req->bev != NULL) {
281 		bufferevent_free(req->bev);
282 		req->bev = NULL;
283 	}
284 
285 	if (req->ctx != NULL) {
286 		switch (tls_close(req->ctx)) {
287 		case TLS_WANT_POLLIN:
288 			yield_r(req, close_conn, NULL);
289 			return;
290 		case TLS_WANT_POLLOUT:
291 			yield_w(req, close_conn, NULL);
292 			return;
293 		}
294 
295 		tls_free(req->ctx);
296 		req->ctx = NULL;
297 	}
298 
299 	TAILQ_REMOVE(&reqhead, req, reqs);
300 	if (req->fd != -1)
301 		close(req->fd);
302 	free(req);
303 }
304 
305 static void
306 close_with_err(struct req *req, const char *err)
307 {
308 	net_send_ui(IMSG_ERR, req->id, err, strlen(err)+1);
309 	close_conn(0, 0, req);
310 }
311 
312 static void
313 close_with_errf(struct req *req, const char *fmt, ...)
314 {
315 	va_list	 ap;
316 	char	*s;
317 
318 	va_start(ap, fmt);
319 	if (vasprintf(&s, fmt, ap) == -1)
320 		abort();
321 	va_end(ap);
322 
323 	close_with_err(req, s);
324 	free(s);
325 }
326 
327 static void
328 net_tls_handshake(int fd, short event, void *d)
329 {
330 	struct req	*req = d;
331 	const char	*hash;
332 
333 	if (event == EV_TIMEOUT) {
334 		close_with_err(req, "Timeout loading page");
335 		return;
336 	}
337 
338 	switch (tls_handshake(req->ctx)) {
339 	case TLS_WANT_POLLIN:
340 		yield_r(req, net_tls_handshake, NULL);
341 		return;
342 	case TLS_WANT_POLLOUT:
343 		yield_w(req, net_tls_handshake, NULL);
344 		return;
345 	}
346 
347 	hash = tls_peer_cert_hash(req->ctx);
348 	if (hash == NULL) {
349 		close_with_errf(req, "handshake failed: %s",
350 		    tls_error(req->ctx));
351 		return;
352 	}
353 	net_send_ui(IMSG_CHECK_CERT, req->id, hash, strlen(hash)+1);
354 }
355 
356 static void
357 net_tls_readcb(int fd, short event, void *d)
358 {
359 	struct bufferevent	*bufev = d;
360 	struct req		*req = bufev->cbarg;
361 	char			 buf[BUFSIZ];
362 	int			 what = EVBUFFER_READ;
363 	int			 howmuch = IBUF_READ_SIZE;
364 	ssize_t			 ret;
365 	size_t			 len;
366 
367 	if (event == EV_TIMEOUT) {
368 		what |= EVBUFFER_TIMEOUT;
369 		goto err;
370 	}
371 
372 	if (bufev->wm_read.high != 0)
373 		howmuch = MIN(sizeof(buf), bufev->wm_read.high);
374 
375 	switch (ret = tls_read(req->ctx, buf, howmuch)) {
376 	case TLS_WANT_POLLIN:
377 	case TLS_WANT_POLLOUT:
378 		goto retry;
379 	case -1:
380 		what |= EVBUFFER_ERROR;
381 		goto err;
382 	}
383 	len = ret;
384 
385 	if (len == 0) {
386 		what |= EVBUFFER_EOF;
387 		goto err;
388 	}
389 
390 	if (evbuffer_add(bufev->input, buf, len) == -1) {
391 		what |= EVBUFFER_ERROR;
392 		goto err;
393 	}
394 
395 	event_add(&bufev->ev_read, NULL);
396 
397 	len = EVBUFFER_LENGTH(bufev->input);
398 	if (bufev->wm_read.low != 0 && len < bufev->wm_read.low)
399 		return;
400 
401 	if (bufev->readcb != NULL)
402 		(*bufev->readcb)(bufev, bufev->cbarg);
403 	return;
404 
405 retry:
406 	event_add(&bufev->ev_read, NULL);
407 	return;
408 
409 err:
410 	(*bufev->errorcb)(bufev, what, bufev->cbarg);
411 }
412 
413 static void
414 net_tls_writecb(int fd, short event, void *d)
415 {
416 	struct bufferevent	*bufev = d;
417 	struct req		*req = bufev->cbarg;
418 	ssize_t			 ret;
419 	size_t			 len;
420 	short			 what = EVBUFFER_WRITE;
421 
422 	if (event & EV_TIMEOUT) {
423 		what |= EVBUFFER_TIMEOUT;
424 		goto err;
425 	}
426 
427 	if (EVBUFFER_LENGTH(bufev->output) != 0) {
428 		ret = tls_write(req->ctx, EVBUFFER_DATA(bufev->output),
429 		    EVBUFFER_LENGTH(bufev->output));
430 		switch (ret) {
431 		case TLS_WANT_POLLIN:
432 		case TLS_WANT_POLLOUT:
433 			goto retry;
434 		case -1:
435 			what |= EVBUFFER_ERROR;
436 			goto err;
437 		}
438 		len = ret;
439 		evbuffer_drain(bufev->output, len);
440 	}
441 
442 	if (EVBUFFER_LENGTH(bufev->output) != 0)
443 		event_add(&bufev->ev_write, NULL);
444 
445 	if (bufev->writecb != NULL &&
446 	    EVBUFFER_LENGTH(bufev->output) <= bufev->wm_write.low)
447 		(*bufev->writecb)(bufev, bufev->cbarg);
448 	return;
449 
450 retry:
451 	event_add(&bufev->ev_write, NULL);
452 	return;
453 
454 err:
455 	(*bufev->errorcb)(bufev, what, bufev->cbarg);
456 }
457 
458 static int
459 gemini_parse_reply(struct req *req, const char *header, size_t len)
460 {
461 	int		 code;
462 	const char	*t;
463 
464 	if (len < 4)
465 		return 0;
466 
467 	if (!isdigit(header[0]) || !isdigit(header[1]))
468 		return 0;
469 
470 	code = (header[0] - '0')*10 + (header[1] - '0');
471 	if (header[2] != ' ')
472 		return 0;
473 
474 	t = header + 3;
475 
476 	net_send_ui(IMSG_GOT_CODE, req->id, &code, sizeof(code));
477 	net_send_ui(IMSG_GOT_META, req->id, t, strlen(t)+1);
478 
479 	bufferevent_disable(req->bev, EV_READ|EV_WRITE);
480 
481 	if (code < 20 || code >= 30)
482 		close_conn(0, 0, req);
483 	return 1;
484 }
485 
486 /* called when we're ready to read/write */
487 static void
488 net_ready(struct req *req)
489 {
490 	req->bev = bufferevent_new(req->fd, net_read, net_write, net_error,
491 	    req);
492 	if (req->bev == NULL)
493 		die();
494 
495 	/* setup tls i/o layer */
496 	if (req->ctx != NULL) {
497 		event_set(&req->bev->ev_read, req->fd, EV_READ,
498 		    net_tls_readcb, req->bev);
499 		event_set(&req->bev->ev_write, req->fd, EV_WRITE,
500 		    net_tls_writecb, req->bev);
501 	}
502 
503 	/* TODO: adjust watermarks */
504 	bufferevent_setwatermark(req->bev, EV_WRITE, 1, 0);
505 	bufferevent_setwatermark(req->bev, EV_READ,  1, 0);
506 
507 	bufferevent_enable(req->bev, EV_READ|EV_WRITE);
508 
509 	bufferevent_write(req->bev, req->req, req->len);
510 }
511 
512 /* called after a read has been done */
513 static void
514 net_read(struct bufferevent *bev, void *d)
515 {
516 	struct req	*req = d;
517 	struct evbuffer	*src = EVBUFFER_INPUT(bev);
518 	void		*data;
519 	size_t		 len;
520 	int		 r;
521 	char		*header;
522 
523 	if (!req->done_header) {
524 		header = evbuffer_readln(src, &len, EVBUFFER_EOL_CRLF_STRICT);
525 		if (header == NULL && EVBUFFER_LENGTH(src) >= 1024)
526 			goto err;
527 		if (header == NULL)
528 			return;
529 		r = gemini_parse_reply(req, header, len);
530 		free(header);
531 		if (!r)
532 			goto err;
533 		req->done_header = 1;
534 		return;
535 	}
536 
537 	if ((len = EVBUFFER_LENGTH(src)) == 0)
538 		return;
539 	data = EVBUFFER_DATA(src);
540 	net_send_ui(IMSG_BUF, req->id, data, len);
541 	evbuffer_drain(src, len);
542 	return;
543 
544 err:
545 	(*bev->errorcb)(bev, EVBUFFER_READ, bev->cbarg);
546 }
547 
548 /* called after a write has been done */
549 static void
550 net_write(struct bufferevent *bev, void *d)
551 {
552 	struct evbuffer	*dst = EVBUFFER_OUTPUT(bev);
553 
554 	if (EVBUFFER_LENGTH(dst) == 0)
555 		(*bev->errorcb)(bev, EVBUFFER_WRITE, bev->cbarg);
556 }
557 
558 static void
559 net_error(struct bufferevent *bev, short error, void *d)
560 {
561 	struct req	*req = d;
562 
563 	if (error & EVBUFFER_TIMEOUT) {
564 		close_with_err(req, "Timeout loading page");
565 		return;
566 	}
567 
568 	if (error & EVBUFFER_ERROR) {
569 		close_with_err(req, "buffer event error");
570 		return;
571 	}
572 
573 	if (error & EVBUFFER_EOF) {
574 		net_send_ui(IMSG_EOF, req->id, NULL, 0);
575 		close_conn(0, 0, req);
576 		return;
577 	}
578 
579 	if (error & EVBUFFER_WRITE) {
580 		/* finished sending request */
581 		bufferevent_disable(bev, EV_WRITE);
582 		return;
583 	}
584 
585 	if (error & EVBUFFER_READ) {
586 		close_with_err(req, "protocol error");
587 		return;
588 	}
589 
590 	close_with_errf(req, "unknown event error %x", error);
591 }
592 
593 static void
594 handle_get_raw(struct imsg *imsg, size_t datalen)
595 {
596 	struct req	*req;
597 	struct get_req	*r;
598 
599 	r = imsg->data;
600 
601 	if (datalen != sizeof(*r))
602 		die();
603 
604 	if ((req = calloc(1, sizeof(*req))) == NULL)
605 		die();
606 
607 	req->id = imsg->hdr.peerid;
608 	TAILQ_INSERT_HEAD(&reqhead, req, reqs);
609 
610 	strlcpy(req->url.host, r->host, sizeof(req->url.host));
611 	strlcpy(req->url.port, r->port, sizeof(req->url.port));
612 
613 	strlcpy(req->req, r->req, sizeof(req->req));
614 	req->len = strlen(r->req);
615 
616 #if HAVE_ASR_RUN
617         async_conn_towards(req);
618 #else
619 	blocking_conn_towards(req);
620 #endif
621 }
622 
623 static void
624 handle_cert_status(struct imsg *imsg, size_t datalen)
625 {
626 	struct req	*req;
627 	int		 is_ok;
628 
629 	req = req_by_id(imsg->hdr.peerid);
630 
631 	if (datalen < sizeof(is_ok))
632 		die();
633 	memcpy(&is_ok, imsg->data, sizeof(is_ok));
634 
635 	if (is_ok)
636 		net_ready(req);
637 	else
638 		close_conn(0, 0, req);
639 }
640 
641 static void
642 handle_proceed(struct imsg *imsg, size_t datalen)
643 {
644 	struct req *req;
645 
646 	if ((req = req_by_id(imsg->hdr.peerid)) == NULL)
647 		return;
648 
649 	bufferevent_enable(req->bev, EV_READ);
650 }
651 
652 static void
653 handle_stop(struct imsg *imsg, size_t datalen)
654 {
655 	struct req	*req;
656 
657 	if ((req = req_by_id(imsg->hdr.peerid)) == NULL)
658 		return;
659 	close_conn(0, 0, req);
660 }
661 
662 static void
663 handle_quit(struct imsg *imsg, size_t datalen)
664 {
665 	event_loopbreak();
666 }
667 
668 static void
669 handle_dispatch_imsg(int fd, short ev, void *d)
670 {
671 	struct imsgev	*iev = d;
672 
673 	if (dispatch_imsg(iev, ev, handlers, sizeof(handlers)) == -1)
674 		err(1, "connection closed");
675 }
676 
677 static int
678 net_send_ui(int type, uint32_t peerid, const void *data,
679     uint16_t datalen)
680 {
681 	return imsg_compose_event(iev_ui, type, peerid, 0, -1,
682 	    data, datalen);
683 }
684 
685 int
686 net_main(void)
687 {
688 	setproctitle("net");
689 
690 	TAILQ_INIT(&reqhead);
691 
692 	if ((tlsconf = tls_config_new()) == NULL)
693 		die();
694 	tls_config_insecure_noverifycert(tlsconf);
695 	tls_config_insecure_noverifyname(tlsconf);
696 
697 	event_init();
698 
699 	/* Setup pipe and event handler to the main process */
700 	if ((iev_ui = malloc(sizeof(*iev_ui))) == NULL)
701 		die();
702 	imsg_init(&iev_ui->ibuf, 3);
703 	iev_ui->handler = handle_dispatch_imsg;
704 	iev_ui->events = EV_READ;
705 	event_set(&iev_ui->ev, iev_ui->ibuf.fd, iev_ui->events,
706 	    iev_ui->handler, iev_ui);
707 	event_add(&iev_ui->ev, NULL);
708 
709 	sandbox_net_process();
710 
711 	event_dispatch();
712 
713 	tls_config_free(tlsconf);
714 	msgbuf_clear(&iev_ui->ibuf.w);
715 	close(iev_ui->ibuf.fd);
716 	free(iev_ui);
717 
718 	return 0;
719 }