Blob

Date:
Thu Jan 27 10:37:28 2022 UTC
Message:
s/whole/all 
1/*

2 * Copyright (c) 2021 Omar Polo <op@omarpolo.com>

3 *

4 * Permission to use, copy, modify, and distribute this software for any

5 * purpose with or without fee is hereby granted, provided that the above

6 * copyright notice and this permission notice appear in all copies.

7 *

8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

15 */

17#include "gmid.h"

19#include <sys/socket.h>

21#include <assert.h>

22#include <ctype.h>

23#include <errno.h>

24#include <string.h>

26enum debug {

27	DEBUG_NONE,

28	DEBUG_CODE,

29	DEBUG_HEADER,

30	DEBUG_META,

31	DEBUG_ALL,

32};

34/* flags */

35int		 debug;

36int		 dont_verify_name;

37int		 flag2;

38int		 flag3;

39int		 nop;

40int		 redirects = 5;

41int		 timer;

42int		 verbose;

43const char	*cert;

44const char	*key;

45const char	*proxy_host;

46const char	*proxy_port;

47const char	*sni;

49/* state */

50struct tls_config *tls_conf;

52static void

53timeout(int signo)

54{

55	dprintf(2, "%s: timer expired\n", getprogname());

56	exit(1);

57}

59static void

60load_tls_conf(void)

61{

62	if ((tls_conf = tls_config_new()) == NULL)

63		err(1, "tls_config_new");

65	tls_config_insecure_noverifycert(tls_conf);

66	if (dont_verify_name)

67		tls_config_insecure_noverifyname(tls_conf);

69	if (flag2 &&

70	    tls_config_set_protocols(tls_conf, TLS_PROTOCOL_TLSv1_2) == -1)

71		errx(1, "can't set TLSv1.2");

72	if (flag3 &&

73	    tls_config_set_protocols(tls_conf, TLS_PROTOCOL_TLSv1_3) == -1)

74		errx(1, "can't set TLSv1.3");

76	if (cert != NULL &&

77	    tls_config_set_keypair_file(tls_conf, cert, key) == -1)

78		errx(1, "can't load client certificate %s", cert);

79}

81static void

82connectto(struct tls *ctx, const char *host, const char *port)

83{

84	struct addrinfo hints, *res, *res0;

85	int error;

86	int saved_errno;

87	int s;

88	const char *cause = NULL;

89	const char *sname;

91	if (proxy_host != NULL) {

92		host = proxy_host;

93		port = proxy_port;

94	}

96	if ((sname = sni) == NULL)

97		sname = host;

99	memset(&hints, 0, sizeof(hints));

100	hints.ai_family = AF_UNSPEC;

101	hints.ai_socktype = SOCK_STREAM;

102	error = getaddrinfo(host, port, &hints, &res0);

103	if (error)

104		errx(1, "%s", gai_strerror(error));

106	s = -1;

107	for (res = res0; res != NULL; res = res->ai_next) {

108		s = socket(res->ai_family, res->ai_socktype,

109		    res->ai_protocol);

110		if (s == -1) {

111			cause = "socket";

112			continue;

113		}

115		if (connect(s, res->ai_addr, res->ai_addrlen) == -1) {

116			cause = "connect";

117			saved_errno = errno;

118			close(s);

119			errno = saved_errno;

120			s = -1;

121			continue;

122		}

124		break;

125	}

127	if (s == -1)

128		err(1, "%s: can't connect to %s:%s", cause,

129		    host, port);

131	freeaddrinfo(res0);

133	if (tls_connect_socket(ctx, s, sname) == -1)

134		errx(1, "tls_connect_socket: %s", tls_error(ctx));

135}

137static void

138doreq(struct tls *ctx, const char *buf)

139{

140	size_t	s;

141	ssize_t	w;

143	s = strlen(buf);

144	while (s != 0) {

145		switch (w = tls_write(ctx, buf, s)) {

146		case 0:

147		case -1:

148			errx(1, "tls_write: %s", tls_error(ctx));

149		case TLS_WANT_POLLIN:

150		case TLS_WANT_POLLOUT:

151			continue;

152		}

154		s -= w;

155		buf += w;

156	}

157}

159static size_t

160dorep(struct tls *ctx, void *buf, size_t len)

161{

162	ssize_t	w;

163	size_t	tot = 0;

165	while (len != 0) {

166		switch (w = tls_read(ctx, buf, len)) {

167		case 0:

168			return tot;

169		case -1:

170			errx(1, "tls_write: %s", tls_error(ctx));

171		case TLS_WANT_POLLIN:

172		case TLS_WANT_POLLOUT:

173			continue;

174		}

176		len -= w;

177		buf += w;

178		tot += w;

179	}

181	return tot;

182}

184static int

185get(const char *r)

186{

187	struct tls	*ctx;

188	struct iri	 iri;

189	int		 foundhdr = 0, code = -1, od;

190	char		 iribuf[GEMINI_URL_LEN];

191	char		 req[GEMINI_URL_LEN];

192	char		 buf[2048];

193	const char	*parse_err, *host, *port;

195	if (strlcpy(iribuf, r, sizeof(iribuf)) >= sizeof(iribuf))

196		errx(1, "iri too long: %s", r);

198	if (strlcpy(req, r, sizeof(req)) >= sizeof(req))

199		errx(1, "iri too long: %s", r);

201	if (strlcat(req, "\r\n", sizeof(req)) >= sizeof(req))

202		errx(1, "iri too long: %s", r);

204	if (!parse_iri(iribuf, &iri, &parse_err))

205		errx(1, "invalid IRI: %s", parse_err);

207	if (nop)

208		errx(0, "IRI OK");

210	if ((ctx = tls_client()) == NULL)

211		errx(1, "can't create tls context");

213	if (tls_configure(ctx, tls_conf) == -1)

214		errx(1, "tls_configure: %s", tls_error(ctx));

216	host = iri.host;

217	port = "1965";

218	if (*iri.port != '\0')

219		port = iri.port;

221	connectto(ctx, host, port);

223	od = 0;

224	while (!od) {

225		switch (tls_handshake(ctx)) {

226		case 0:

227			od = 1;

228			break;

229		case -1:

230			errx(1, "handshake: %s", tls_error(ctx));

231		}

232	}

234	if (verbose)

235		printf("%s", req);

237	doreq(ctx, req);

239	for (;;) {

240		char	*t;

241		size_t	 len;

243		len = dorep(ctx, buf, sizeof(buf));

244		if (len == 0)

245			goto close;

247		if (foundhdr) {

248			write(1, buf, len);

249			continue;

250		}

251		foundhdr = 1;

253		if (memmem(buf, len, "\r\n", 2) == NULL)

254			errx(1, "invalid reply: no \\r\\n");

255		if (!isdigit(buf[0]) || !isdigit(buf[1]) || buf[2] != ' ')

256			errx(1, "invalid reply: invalid response format");

258		code = (buf[0] - '0') * 10 + buf[1] - '0';

260		if (debug == DEBUG_CODE) {

261			printf("%d\n", code);

262			goto close;

263		}

265		if (debug == DEBUG_HEADER) {

266			t = memmem(buf, len, "\r\n", 2);

267			assert(t != NULL);

268			*t = '\0';

269			printf("%s\n", buf);

270			goto close;

271		}

273		if (debug == DEBUG_META) {

274			t = memmem(buf, len, "\r\n", 2);

275			assert(t != NULL);

276			*t = '\0';

277			printf("%s\n", buf+3);

278			goto close;

279		}

281		if (debug == DEBUG_ALL) {

282			write(1, buf, len);

283			continue;

284		}

286		/* skip the header */

287		t = memmem(buf, len, "\r\n", 2);

288		assert(t != NULL);

289		t += 2; /* skip \r\n */

290		len -= t - buf;

291		write(1, t, len);

292	}

294close:

295	od = tls_close(ctx);

296	if (od == TLS_WANT_POLLIN || od == TLS_WANT_POLLOUT)

297		goto close;

299	tls_close(ctx);

300	tls_free(ctx);

301	return code;

302}

304static void __attribute__((noreturn))

305usage(void)

306{

307	fprintf(stderr, "usage: %s [-23Nnv] [-C cert] [-d mode] [-H sni] "

308	    "[-K key] [-P host[:port]]\n",

309	    getprogname());

310	fprintf(stderr, "          [-T seconds] gemini://...\n");

311	exit(1);

312}

314static int

315parse_debug(const char *arg)

316{

317	if (!strcmp(arg, "none"))

318		return DEBUG_NONE;

319	if (!strcmp(arg, "code"))

320		return DEBUG_CODE;

321	if (!strcmp(arg, "header"))

322		return DEBUG_HEADER;

323	if (!strcmp(arg, "meta"))

324		return DEBUG_META;

325	if (!strcmp(arg, "all"))

326		return DEBUG_ALL;

327	usage();

328}

330static void

331parse_proxy(const char *arg)

332{

333	char *at;

335	if ((proxy_host = strdup(arg)) == NULL)

336		err(1, "strdup");

338	proxy_port = "1965";

340	if ((at = strchr(proxy_host, ':')) == NULL)

341		return;

342	*at = '\0';

343	proxy_port = ++at;

345	if (strchr(proxy_port, ':') != NULL)

346		errx(1, "invalid port %s", proxy_port);

347}

349int

350main(int argc, char **argv)

351{

352	int		 ch, code;

353	const char	*errstr;

355	while ((ch = getopt(argc, argv, "23C:d:H:K:NP:T:v")) != -1) {

356		switch (ch) {

357		case '2':

358			flag2 = 1;

359			break;

360		case '3':

361			flag3 = 1;

362			break;

363		case 'C':

364			cert = optarg;

365			break;

366		case 'd':

367			debug = parse_debug(optarg);

368			break;

369		case 'H':

370			sni = optarg;

371			break;

372		case 'K':

373			key = optarg;

374			break;

375		case 'N':

376			dont_verify_name = 1;

377			break;

378		case 'n':

379			nop = 1;

380			break;

381		case 'P':

382			parse_proxy(optarg);

383			dont_verify_name = 1;

384			break;

385		case 'T':

386			timer = strtonum(optarg, 1, 1000, &errstr);

387			if (errstr != NULL)

388				errx(1, "timeout is %s: %s",

389				    errstr, optarg);

390			signal(SIGALRM, timeout);

391			alarm(timer);

392			break;

393		case 'v':

394			verbose++;

395			break;

396		default:

397			usage();

398		}

399	}

400	argc -= optind;

401	argv += optind;

403	if (flag2 + flag3 > 1) {

404		warnx("only -2 or -3 can be specified at the same time");

405		usage();

406	}

408	if ((cert != NULL && key == NULL) ||

409	    (cert == NULL && key != NULL)) {

410		warnx("cert or key is missing");

411		usage();

412	}

414	if (argc != 1)

415		usage();

417	load_tls_conf();

419	signal(SIGPIPE, SIG_IGN);

421#ifdef __OpenBSD__

422	if (pledge("stdio inet dns", NULL) == -1)

423		err(1, "pledge");

424#endif

426	code = get(*argv);

428	return code < 20 || code >= 30;

429}