lorenz.stechauner/sesimos
1
1
Fork 0
Code Issues Pull Requests Projects Releases Activity

Renamed rev_proxy -> proxy

Browse Source
This commit is contained in:
Lorenz Stechauner
2022-12-13 19:53:15 +01:00
parent 74c97a512f
commit b422b37806
11 changed files with 169 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Makefile
View File

@ -42,16 +42,16 @@ bin/lib/%.o: src/lib/%.c
bin/sesimos: bin/server.o bin/client.o bin/logger.o \
bin/lib/cache.o bin/lib/compress.o bin/lib/config.o bin/lib/fastcgi.o bin/lib/geoip.o \
bin/lib/http.o bin/lib/http_static.o bin/lib/rev_proxy.o bin/lib/sock.o bin/lib/uri.o \
bin/lib/http.o bin/lib/http_static.o bin/lib/proxy.o bin/lib/sock.o bin/lib/uri.o \
bin/lib/utils.o bin/lib/websocket.o
$(CC) -o $@ $^ $(CFLAGS) $(LDFLAGS)
bin/server.o: src/server.h src/defs.h src/client.h src/lib/cache.h src/lib/config.h src/lib/sock.h \
src/lib/rev_proxy.h src/lib/geoip.h src/lib/utils.h src/logger.h
src/lib/proxy.h src/lib/geoip.h src/lib/utils.h src/logger.h
bin/client.o: src/client.h src/defs.h src/server.h src/lib/utils.h src/lib/config.h src/lib/sock.h \
src/lib/http.h src/lib/rev_proxy.h src/lib/fastcgi.h src/lib/cache.h src/lib/geoip.h src/lib/compress.h \
src/lib/http.h src/lib/proxy.h src/lib/fastcgi.h src/lib/cache.h src/lib/geoip.h src/lib/compress.h \
src/lib/websocket.h src/logger.h
bin/logger.o: src/logger.h
@ -69,7 +69,7 @@ bin/lib/geoip.o: src/lib/geoip.h
bin/lib/http.o: src/lib/http.h src/lib/utils.h src/lib/compress.h src/lib/sock.h src/logger.h
bin/lib/rev_proxy.o: src/lib/rev_proxy.h src/defs.h src/server.h src/lib/compress.h src/logger.h
bin/lib/proxy.o: src/lib/proxy.h src/defs.h src/server.h src/lib/compress.h src/logger.h
bin/lib/sock.o: src/lib/sock.h

4
architecture.md
View File

@ -7,7 +7,7 @@
* connection_initializer
* request_handler
* local_handler
* rev_proxy_handler
* proxy_handler
* ws_handler
* fastcgi_handler
@ -19,4 +19,4 @@
* request_handler -> local_handler -> request_handler
* local_handler -> fastcgi_handler -> request_handler
* request_handler -> rp_handler -> request_handler
* rev_proxy_handler -> ws_handler -> request_handler
* proxy_handler -> ws_handler -> request_handler

62
src/client.c
View File

@ -15,7 +15,7 @@
#include "lib/config.h"
#include "lib/sock.h"
#include "lib/http.h"
#include "lib/rev_proxy.h"
#include "lib/proxy.h"
#include "lib/fastcgi.h"
#include "lib/cache.h"
#include "lib/geoip.h"
@ -74,7 +74,7 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
long content_length = 0;
int accept_if_modified_since = 0;
int use_fastcgi = 0;
int use_rev_proxy = 0;
int use_proxy = 0;
int p_len;
fastcgi_conn fcgi_conn = {.socket = 0, .req_id = 0, .ctx = cctx};
@ -474,12 +474,12 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
}
}
} else if (conf->type == CONFIG_TYPE_REVERSE_PROXY) {
info("Reverse proxy for " BLD_STR "%s:%i" CLR_STR, conf->rev_proxy.hostname, conf->rev_proxy.port);
info("Reverse proxy for " BLD_STR "%s:%i" CLR_STR, conf->proxy.hostname, conf->proxy.port);
http_remove_header_field(&res.hdr, "Date", HTTP_REMOVE_ALL);
http_remove_header_field(&res.hdr, "Server", HTTP_REMOVE_ALL);
ret = rev_proxy_init(&req, &res, &ctx, conf, client, cctx, &custom_status, err_msg);
use_rev_proxy = (ret == 0);
ret = proxy_init(&req, &res, &ctx, conf, client, cctx, &custom_status, err_msg);
use_proxy = (ret == 0);
if (res.status->code == 101) {
const char *connection = http_get_header_field(&res.hdr, "Connection");
@ -490,7 +490,7 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
{
const char *ws_accept = http_get_header_field(&res.hdr, "Sec-WebSocket-Accept");
if (ws_calc_accept_key(ctx.ws_key, buf0) == 0) {
use_rev_proxy = (strcmp(buf0, ws_accept) == 0) ? 2 : 1;
use_proxy = (strcmp(buf0, ws_accept) == 0) ? 2 : 1;
}
} else {
ctx.status = 101;
@ -500,7 +500,7 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
}
// Let 300 be formatted by origin server
if (use_rev_proxy && res.status->code >= 301 && res.status->code < 600) {
if (use_proxy && res.status->code >= 301 && res.status->code < 600) {
const char *content_type = http_get_header_field(&res.hdr, "Content-Type");
const char *content_length_f = http_get_header_field(&res.hdr, "Content-Length");
const char *content_encoding = http_get_header_field(&res.hdr, "Content-Encoding");
@ -511,20 +511,20 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
ctx.status = res.status->code;
ctx.origin = res.status->code >= 400 ? SERVER : NONE;
}
use_rev_proxy = 0;
rev_proxy_dump(msg_content, content_len);
use_proxy = 0;
proxy_dump(msg_content, content_len);
}
}
}
/*
char *content_encoding = http_get_header_field(&res.hdr, "Content-Encoding");
if (use_rev_proxy && content_encoding == NULL) {
if (use_proxy && content_encoding == NULL) {
int http_comp = http_get_compression(&req, &res);
if (http_comp & COMPRESS_BR) {
use_rev_proxy |= REV_PROXY_COMPRESS_BR;
use_proxy |= PROXY_COMPRESS_BR;
} else if (http_comp & COMPRESS_GZ) {
use_rev_proxy |= REV_PROXY_COMPRESS_GZ;
use_proxy |= PROXY_COMPRESS_GZ;
}
}
@ -532,9 +532,9 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
int chunked = transfer_encoding != NULL && strcmp(transfer_encoding, "chunked") == 0;
http_remove_header_field(&res.hdr, "Transfer-Encoding", HTTP_REMOVE_ALL);
ret = sprintf(buf0, "%s%s%s",
(use_rev_proxy & REV_PROXY_COMPRESS_BR) ? "br" :
((use_rev_proxy & REV_PROXY_COMPRESS_GZ) ? "gzip" : ""),
((use_rev_proxy & REV_PROXY_COMPRESS) && chunked) ? ", " : "",
(use_proxy & PROXY_COMPRESS_BR) ? "br" :
((use_proxy & PROXY_COMPRESS_GZ) ? "gzip" : ""),
((use_proxy & PROXY_COMPRESS) && chunked) ? ", " : "",
chunked ? "chunked" : "");
if (ret > 0) {
http_add_header_field(&res.hdr, "Transfer-Encoding", buf0);
@ -546,7 +546,7 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
}
respond:
if (!use_rev_proxy) {
if (!use_proxy) {
if (conf != NULL && conf->type == CONFIG_TYPE_LOCAL && uri.is_static && res.status->code == 405) {
http_add_header_field(&res.hdr, "Allow", "GET, HEAD, TRACE");
}
@ -580,12 +580,12 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
// TODO let relevant information pass?
}
char *rev_proxy_doc = "";
char *proxy_doc = "";
if (conf != NULL && conf->type == CONFIG_TYPE_REVERSE_PROXY) {
const http_status *status = http_get_status(ctx.status);
char stat_str[8];
sprintf(stat_str, "%03i", ctx.status);
sprintf(msg_pre_buf_2, http_rev_proxy_document,
sprintf(msg_pre_buf_2, http_proxy_document,
" success",
(ctx.origin == CLIENT_REQ) ? " error" : " success",
(ctx.origin == INTERNAL) ? " error" : " success",
@ -600,13 +600,13 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
(ctx.status == 0) ? "???" : stat_str,
(status != NULL) ? status->msg : "",
host);
rev_proxy_doc = msg_pre_buf_2;
proxy_doc = msg_pre_buf_2;
}
sprintf(msg_pre_buf_1, info->doc, res.status->code, res.status->msg, http_msg != NULL ? http_msg->msg : "", err_msg[0] != 0 ? err_msg : "");
content_length = snprintf(msg_buf, sizeof(msg_buf), http_default_document, res.status->code,
res.status->msg, msg_pre_buf_1, info->mode, info->icon, info->color, host,
rev_proxy_doc, msg_content[0] != 0 ? msg_content : "");
proxy_doc, msg_content[0] != 0 ? msg_content : "");
}
if (content_length >= 0) {
sprintf(buf0, "%li", content_length);
@ -618,7 +618,7 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
}
int close_proxy = 0;
if (use_rev_proxy != 2) {
if (use_proxy != 2) {
const char *conn = http_get_header_field(&res.hdr, "Connection");
close_proxy = (conn == NULL || (strstr(conn, "keep-alive") == NULL && strstr(conn, "Keep-Alive") == NULL));
http_remove_header_field(&res.hdr, "Connection", HTTP_REMOVE_ALL);
@ -636,16 +636,16 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
clock_gettime(CLOCK_MONOTONIC, &end);
const char *location = http_get_header_field(&res.hdr, "Location");
unsigned long micros = (end.tv_nsec - begin.tv_nsec) / 1000 + (end.tv_sec - begin.tv_sec) * 1000000;
info("%s%s%03i %s%s%s (%s)%s", http_get_status_color(res.status), use_rev_proxy ? "-> " : "", res.status->code,
info("%s%s%03i %s%s%s (%s)%s", http_get_status_color(res.status), use_proxy ? "-> " : "", res.status->code,
res.status->msg, location != NULL ? " -> " : "", location != NULL ? location : "",
format_duration(micros, buf0), CLR_STR);
// TODO access/error log file
if (use_rev_proxy == 2) {
if (use_proxy == 2) {
// WebSocket
info("Upgrading connection to WebSocket connection");
ret = ws_handle_connection(client, &rev_proxy);
ret = ws_handle_connection(client, &proxy);
if (ret != 0) {
client_keep_alive = 0;
close_proxy = 1;
@ -680,7 +680,7 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
int flags = (chunked ? FASTCGI_CHUNKED : 0) | (use_fastcgi & (FASTCGI_COMPRESS | FASTCGI_COMPRESS_HOLD));
ret = fastcgi_send(&fcgi_conn, client, flags);
} else if (use_rev_proxy) {
} else if (use_proxy) {
const char *transfer_encoding = http_get_header_field(&res.hdr, "Transfer-Encoding");
int chunked = transfer_encoding != NULL && strstr(transfer_encoding, "chunked") != NULL;
@ -690,8 +690,8 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
len_to_send = strtol(content_len, NULL, 10);
}
int flags = (chunked ? REV_PROXY_CHUNKED : 0) | (use_rev_proxy & REV_PROXY_COMPRESS);
ret = rev_proxy_send(client, len_to_send, flags);
int flags = (chunked ? PROXY_CHUNKED : 0) | (use_proxy & PROXY_COMPRESS);
ret = proxy_send(client, len_to_send, flags);
}
if (ret < 0) {
@ -699,9 +699,9 @@ int client_request_handler(client_ctx_t *cctx, sock *client, unsigned long clien
}
}
if (close_proxy && rev_proxy.socket != 0) {
if (close_proxy && proxy.socket != 0) {
info(BLUE_STR "Closing proxy connection");
sock_close(&rev_proxy);
sock_close(&proxy);
}
clock_gettime(CLOCK_MONOTONIC, &end);
@ -837,9 +837,9 @@ int client_connection_handler(client_ctx_t *ctx, sock *client, unsigned long cli
close:
sock_close(client);
if (rev_proxy.socket != 0) {
if (proxy.socket != 0) {
info(BLUE_STR "Closing proxy connection");
sock_close(&rev_proxy);
sock_close(&proxy);
}
clock_gettime(CLOCK_MONOTONIC, &end);

8
src/lib/config.c
View File

@ -170,7 +170,7 @@ int config_load(const char *filename) {
}
} else if (len > 9 && strncmp(ptr, "hostname", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = hc->rev_proxy.hostname;
target = hc->proxy.hostname;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
@ -190,7 +190,7 @@ int config_load(const char *filename) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->rev_proxy.enc = 0;
hc->proxy.enc = 0;
}
continue;
} else if (strcmp(ptr, "https") == 0) {
@ -198,7 +198,7 @@ int config_load(const char *filename) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->rev_proxy.enc = 1;
hc->proxy.enc = 1;
}
continue;
} else {
@ -229,7 +229,7 @@ int config_load(const char *filename) {
goto err;
}
} else if (mode == 2) {
tmp_config->hosts[i - 1].rev_proxy.port = (unsigned short) strtoul(source, NULL, 10);
tmp_config->hosts[i - 1].proxy.port = (unsigned short) strtoul(source, NULL, 10);
}
}

2
src/lib/config.h
View File

@ -34,7 +34,7 @@ typedef struct {
char hostname[256];
unsigned short port;
unsigned char enc:1;
} rev_proxy;
} proxy;
struct {
char webroot[256];
unsigned char dir_mode:2;

2
src/lib/http.h
View File

@ -118,7 +118,7 @@ extern const int http_statuses_size;
extern const int http_status_messages_size;
extern const char http_default_document[];
extern const char http_rev_proxy_document[];
extern const char http_proxy_document[];
extern const char http_error_document[];
extern const char http_error_icon[];
extern const char http_warning_document[];

2
src/lib/http_static.c
View File

@ -212,7 +212,7 @@ const char http_default_document[] =
"</body>\n"
"</html>\n";
const char http_rev_proxy_document[] =
const char http_proxy_document[] =
"\t\t<section class=\"error-ctx\">\n"
"\t\t\t<div class=\"box%1$s\">\n"
"\t\t\t\t<div class=\"content\">\n"

168
src/lib/rev_proxy.c → src/lib/proxy.c
View File

@ -1,7 +1,7 @@
/**
* sesimos - secure, simple, modern web server
* @brief Reverse proxy
* @file src/lib/rev_proxy.c
* @file src/lib/proxy.c
* @author Lorenz Stechauner
* @date 2021-01-07
*/
@ -9,7 +9,7 @@
#include "../defs.h"
#include "../server.h"
#include "../logger.h"
#include "rev_proxy.h"
#include "proxy.h"
#include "utils.h"
#include "compress.h"
@ -21,16 +21,16 @@
#include <sys/time.h>
sock rev_proxy;
char *rev_proxy_host = NULL;
sock proxy;
char *proxy_host = NULL;
struct timeval server_timeout = {.tv_sec = SERVER_TIMEOUT, .tv_usec = 0};
int rev_proxy_preload(void) {
rev_proxy.ctx = SSL_CTX_new(TLS_client_method());
int proxy_preload(void) {
proxy.ctx = SSL_CTX_new(TLS_client_method());
return 0;
}
int rev_proxy_request_header(http_req *req, int enc, client_ctx_t *ctx) {
int proxy_request_header(http_req *req, int enc, client_ctx_t *ctx) {
char buf1[256], buf2[256];
int p_len;
@ -128,7 +128,7 @@ int rev_proxy_request_header(http_req *req, int enc, client_ctx_t *ctx) {
return 0;
}
int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) {
int proxy_response_header(http_req *req, http_res *res, host_config *conf) {
char buf1[256], buf2[256];
int p_len;
@ -152,7 +152,7 @@ int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) {
const char *location = http_get_header_field(&res->hdr, "Location");
if (location != NULL) {
char *hostnames[] = {conf->name, conf->rev_proxy.hostname};
char *hostnames[] = {conf->name, conf->proxy.hostname};
for (int i = 0; i < sizeof(hostnames) / sizeof(hostnames[0]); i++) {
char *hostname = hostnames[i];
@ -162,10 +162,10 @@ int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) {
p_len = snprintf(buf1, sizeof(buf1), "https://%s/", hostname);
if (strncmp(location, buf1, p_len) == 0) goto match;
p_len = snprintf(buf1, sizeof(buf1), "http://%s:%i/", hostname, conf->rev_proxy.port);
p_len = snprintf(buf1, sizeof(buf1), "http://%s:%i/", hostname, conf->proxy.port);
if (strncmp(location, buf1, p_len) == 0) goto match;
p_len = snprintf(buf1, sizeof(buf1), "https://%s:%i/", hostname, conf->rev_proxy.port);
p_len = snprintf(buf1, sizeof(buf1), "https://%s:%i/", hostname, conf->proxy.port);
if (strncmp(location, buf1, p_len) == 0) goto match;
}
@ -180,25 +180,25 @@ int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) {
return 0;
}
int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_config *conf, sock *client, client_ctx_t *cctx, http_status *custom_status, char *err_msg) {
int proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_config *conf, sock *client, client_ctx_t *cctx, http_status *custom_status, char *err_msg) {
char buffer[CHUNK_SIZE];
const char *connection, *upgrade, *ws_version;
long ret;
int tries = 0, retry = 0;
if (rev_proxy.socket != 0 && strcmp(rev_proxy_host, conf->name) == 0 && sock_check(&rev_proxy) == 0)
goto rev_proxy;
if (proxy.socket != 0 && strcmp(proxy_host, conf->name) == 0 && sock_check(&proxy) == 0)
goto proxy;
retry:
if (rev_proxy.socket != 0) {
if (proxy.socket != 0) {
info(BLUE_STR "Closing proxy connection");
sock_close(&rev_proxy);
sock_close(&proxy);
}
retry = 0;
tries++;
rev_proxy.socket = socket(AF_INET6, SOCK_STREAM, 0);
if (rev_proxy.socket < 0) {
proxy.socket = socket(AF_INET6, SOCK_STREAM, 0);
if (proxy.socket < 0) {
error("Unable to create socket");
res->status = http_get_status(500);
ctx->origin = INTERNAL;
@ -207,14 +207,14 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
server_timeout.tv_sec = SERVER_TIMEOUT_INIT;
server_timeout.tv_usec = 0;
if (setsockopt(rev_proxy.socket, SOL_SOCKET, SO_RCVTIMEO, &server_timeout, sizeof(server_timeout)) < 0)
goto rev_proxy_timeout_err;
if (setsockopt(rev_proxy.socket, SOL_SOCKET, SO_SNDTIMEO, &server_timeout, sizeof(server_timeout)) < 0)
goto rev_proxy_timeout_err;
if (setsockopt(proxy.socket, SOL_SOCKET, SO_RCVTIMEO, &server_timeout, sizeof(server_timeout)) < 0)
goto proxy_timeout_err;
if (setsockopt(proxy.socket, SOL_SOCKET, SO_SNDTIMEO, &server_timeout, sizeof(server_timeout)) < 0)
goto proxy_timeout_err;
struct hostent *host_ent = gethostbyname2(conf->rev_proxy.hostname, AF_INET6);
struct hostent *host_ent = gethostbyname2(conf->proxy.hostname, AF_INET6);
if (host_ent == NULL) {
host_ent = gethostbyname2(conf->rev_proxy.hostname, AF_INET);
host_ent = gethostbyname2(conf->proxy.hostname, AF_INET);
if (host_ent == NULL) {
res->status = http_get_status(503);
ctx->origin = SERVER_REQ;
@ -224,7 +224,7 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
}
}
struct sockaddr_in6 address = {.sin6_family = AF_INET6, .sin6_port = htons(conf->rev_proxy.port)};
struct sockaddr_in6 address = {.sin6_family = AF_INET6, .sin6_port = htons(conf->proxy.port)};
if (host_ent->h_addrtype == AF_INET6) {
memcpy(&address.sin6_addr, host_ent->h_addr_list[0], host_ent->h_length);
} else if (host_ent->h_addrtype == AF_INET) {
@ -235,8 +235,8 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
inet_ntop(address.sin6_family, (void *) &address.sin6_addr, buffer, sizeof(buffer));
info(BLUE_STR "Connecting to " BLD_STR "[%s]:%i" CLR_STR BLUE_STR "...", buffer, conf->rev_proxy.port);
if (connect(rev_proxy.socket, (struct sockaddr *) &address, sizeof(address)) < 0) {
info(BLUE_STR "Connecting to " BLD_STR "[%s]:%i" CLR_STR BLUE_STR "...", buffer, conf->proxy.port);
if (connect(proxy.socket, (struct sockaddr *) &address, sizeof(address)) < 0) {
if (errno == ETIMEDOUT || errno == EINPROGRESS) {
res->status = http_get_status(504);
ctx->origin = SERVER_REQ;
@ -247,17 +247,17 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
res->status = http_get_status(500);
ctx->origin = INTERNAL;
}
error("Unable to connect to [%s]:%i: %s", buffer, conf->rev_proxy.port, strerror(errno));
error("Unable to connect to [%s]:%i: %s", buffer, conf->proxy.port, strerror(errno));
sprintf(err_msg, "Unable to connect to server: %s.", strerror(errno));
goto proxy_err;
}
server_timeout.tv_sec = SERVER_TIMEOUT;
server_timeout.tv_usec = 0;
if (setsockopt(rev_proxy.socket, SOL_SOCKET, SO_RCVTIMEO, &server_timeout, sizeof(server_timeout)) < 0)
goto rev_proxy_timeout_err;
if (setsockopt(rev_proxy.socket, SOL_SOCKET, SO_SNDTIMEO, &server_timeout, sizeof(server_timeout)) < 0) {
rev_proxy_timeout_err:
if (setsockopt(proxy.socket, SOL_SOCKET, SO_RCVTIMEO, &server_timeout, sizeof(server_timeout)) < 0)
goto proxy_timeout_err;
if (setsockopt(proxy.socket, SOL_SOCKET, SO_SNDTIMEO, &server_timeout, sizeof(server_timeout)) < 0) {
proxy_timeout_err:
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unable to set timeout for reverse proxy socket");
@ -265,29 +265,29 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
goto proxy_err;
}
if (conf->rev_proxy.enc) {
rev_proxy.ssl = SSL_new(rev_proxy.ctx);
SSL_set_fd(rev_proxy.ssl, rev_proxy.socket);
SSL_set_connect_state(rev_proxy.ssl);
if (conf->proxy.enc) {
proxy.ssl = SSL_new(proxy.ctx);
SSL_set_fd(proxy.ssl, proxy.socket);
SSL_set_connect_state(proxy.ssl);
ret = SSL_do_handshake(rev_proxy.ssl);
rev_proxy._last_ret = ret;
rev_proxy._errno = errno;
rev_proxy._ssl_error = ERR_get_error();
rev_proxy.enc = 1;
ret = SSL_do_handshake(proxy.ssl);
proxy._last_ret = ret;
proxy._errno = errno;
proxy._ssl_error = ERR_get_error();
proxy.enc = 1;
if (ret < 0) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to perform handshake: %s", sock_strerror(&rev_proxy));
sprintf(err_msg, "Unable to perform handshake: %s.", sock_strerror(&rev_proxy));
error("Unable to perform handshake: %s", sock_strerror(&proxy));
sprintf(err_msg, "Unable to perform handshake: %s.", sock_strerror(&proxy));
goto proxy_err;
}
}
rev_proxy_host = conf->name;
info(BLUE_STR "Established new connection with " BLD_STR "[%s]:%i", buffer, conf->rev_proxy.port);
proxy_host = conf->name;
info(BLUE_STR "Established new connection with " BLD_STR "[%s]:%i", buffer, conf->proxy.port);
rev_proxy:
proxy:
connection = http_get_header_field(&req->hdr, "Connection");
if (connection != NULL && (strstr(connection, "upgrade") != NULL || strstr(connection, "Upgrade") != NULL)) {
upgrade = http_get_header_field(&req->hdr, "Upgrade");
@ -304,19 +304,19 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
http_add_header_field(&req->hdr, "Connection", "keep-alive");
}
ret = rev_proxy_request_header(req, (int) client->enc, cctx);
ret = proxy_request_header(req, (int) client->enc, cctx);
if (ret != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
return -1;
}
ret = http_send_request(&rev_proxy, req);
ret = http_send_request(&proxy, req);
if (ret < 0) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to send request to server (1): %s", sock_strerror(&rev_proxy));
sprintf(err_msg, "Unable to send request to server: %s.", sock_strerror(&rev_proxy));
error("Unable to send request to server (1): %s", sock_strerror(&proxy));
sprintf(err_msg, "Unable to send request to server: %s.", sock_strerror(&proxy));
retry = tries < 4;
goto proxy_err;
}
@ -327,17 +327,17 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
ret = 0;
if (content_len > 0) {
ret = sock_splice(&rev_proxy, client, buffer, sizeof(buffer), content_len);
ret = sock_splice(&proxy, client, buffer, sizeof(buffer), content_len);
} else if (transfer_encoding != NULL && strstr(transfer_encoding, "chunked") != NULL) {
ret = sock_splice_chunked(&rev_proxy, client, buffer, sizeof(buffer));
ret = sock_splice_chunked(&proxy, client, buffer, sizeof(buffer));
}
if (ret < 0 || (content_len != 0 && ret != content_len)) {
if (ret == -1) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to send request to server (2): %s", sock_strerror(&rev_proxy));
sprintf(err_msg, "Unable to send request to server: %s.", sock_strerror(&rev_proxy));
error("Unable to send request to server (2): %s", sock_strerror(&proxy));
sprintf(err_msg, "Unable to send request to server: %s.", sock_strerror(&proxy));
retry = tries < 4;
goto proxy_err;
} else if (ret == -2) {
@ -353,9 +353,9 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
return -1;
}
ret = sock_recv(&rev_proxy, buffer, sizeof(buffer), MSG_PEEK);
ret = sock_recv(&proxy, buffer, sizeof(buffer), MSG_PEEK);
if (ret <= 0) {
int enc_err = sock_enc_error(&rev_proxy);
int enc_err = sock_enc_error(&proxy);
if (errno == EAGAIN || errno == EINPROGRESS || enc_err == SSL_ERROR_WANT_READ ||
enc_err == SSL_ERROR_WANT_WRITE)
{
@ -365,8 +365,8 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
}
error("Unable to receive response from server: %s", sock_strerror(&rev_proxy));
sprintf(err_msg, "Unable to receive response from server: %s.", sock_strerror(&rev_proxy));
error("Unable to receive response from server: %s", sock_strerror(&proxy));
sprintf(err_msg, "Unable to receive response from server: %s.", sock_strerror(&proxy));
retry = tries < 4;
goto proxy_err;
}
@ -440,9 +440,9 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
}
ptr = pos0 + 2;
}
sock_recv(&rev_proxy, buffer, header_len, 0);
sock_recv(&proxy, buffer, header_len, 0);
ret = rev_proxy_response_header(req, res, conf);
ret = proxy_response_header(req, res, conf);
if (ret != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
@ -456,42 +456,42 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
return -1;
}
int rev_proxy_send(sock *client, unsigned long len_to_send, int flags) {
int proxy_send(sock *client, unsigned long len_to_send, int flags) {
char buffer[CHUNK_SIZE], comp_out[CHUNK_SIZE], buf[256], *ptr;
long ret = 0, len, snd_len;
int finish_comp = 0;
compress_ctx comp_ctx;
if (flags & REV_PROXY_COMPRESS_BR) {
flags &= ~REV_PROXY_COMPRESS_GZ;
if (flags & PROXY_COMPRESS_BR) {
flags &= ~PROXY_COMPRESS_GZ;
if (compress_init(&comp_ctx, COMPRESS_BR) != 0) {
error("Unable to init brotli");
flags &= ~REV_PROXY_COMPRESS_BR;
flags &= ~PROXY_COMPRESS_BR;
}
} else if (flags & REV_PROXY_COMPRESS_GZ) {
flags &= ~REV_PROXY_COMPRESS_BR;
} else if (flags & PROXY_COMPRESS_GZ) {
flags &= ~PROXY_COMPRESS_BR;
if (compress_init(&comp_ctx, COMPRESS_GZ) != 0) {
error("Unable to init gzip");
flags &= ~REV_PROXY_COMPRESS_GZ;
flags &= ~PROXY_COMPRESS_GZ;
}
}
do {
snd_len = 0;
if (flags & REV_PROXY_CHUNKED) {
ret = sock_get_chunk_header(&rev_proxy);
if (flags & PROXY_CHUNKED) {
ret = sock_get_chunk_header(&proxy);
if (ret < 0) {
if (ret == -1) {
error("Unable to receive from server: Malformed chunk header");
} else {
error("Unable to receive from server: %s", sock_strerror(&rev_proxy));
error("Unable to receive from server: %s", sock_strerror(&proxy));
}
break;
}
len_to_send = ret;
ret = 1;
if (len_to_send == 0 && (flags & REV_PROXY_COMPRESS)) {
if (len_to_send == 0 && (flags & PROXY_COMPRESS)) {
finish_comp = 1;
len = 0;
ptr = NULL;
@ -502,9 +502,9 @@ int rev_proxy_send(sock *client, unsigned long len_to_send, int flags) {
}
while (snd_len < len_to_send) {
unsigned long avail_in, avail_out;
ret = sock_recv(&rev_proxy, buffer, CHUNK_SIZE < (len_to_send - snd_len) ? CHUNK_SIZE : len_to_send - snd_len, 0);
ret = sock_recv(&proxy, buffer, CHUNK_SIZE < (len_to_send - snd_len) ? CHUNK_SIZE : len_to_send - snd_len, 0);
if (ret <= 0) {
error("Unable to receive from server: %s", sock_strerror(&rev_proxy));
error("Unable to receive from server: %s", sock_strerror(&proxy));
break;
}
len = ret;
@ -514,7 +514,7 @@ int rev_proxy_send(sock *client, unsigned long len_to_send, int flags) {
char *next_in = ptr;
do {
long buf_len = len;
if (flags & REV_PROXY_COMPRESS) {
if (flags & PROXY_COMPRESS) {
avail_out = sizeof(comp_out);
compress_compress(&comp_ctx, next_in + len - avail_in, &avail_in, comp_out, &avail_out, finish_comp);
ptr = comp_out;
@ -525,31 +525,31 @@ int rev_proxy_send(sock *client, unsigned long len_to_send, int flags) {
len = sprintf(buf, "%lX\r\n", buf_len);
ret = 1;
if (flags & REV_PROXY_CHUNKED) ret = sock_send(client, buf, len, 0);
if (flags & PROXY_CHUNKED) ret = sock_send(client, buf, len, 0);
if (ret <= 0) goto err;
ret = sock_send(client, ptr, buf_len, 0);
if (ret <= 0) goto err;
if (!(flags & REV_PROXY_COMPRESS)) snd_len += ret;
if (!(flags & PROXY_COMPRESS)) snd_len += ret;
if (flags & REV_PROXY_CHUNKED) ret = sock_send(client, "\r\n", 2, 0);
if (flags & PROXY_CHUNKED) ret = sock_send(client, "\r\n", 2, 0);
if (ret <= 0) {
err:
error("Unable to send: %s", sock_strerror(client));
break;
}
}
} while ((flags & REV_PROXY_COMPRESS) && (avail_in != 0 || avail_out != sizeof(comp_out)));
} while ((flags & PROXY_COMPRESS) && (avail_in != 0 || avail_out != sizeof(comp_out)));
if (ret <= 0) break;
if (finish_comp) goto finish;
}
if (ret <= 0) break;
if (flags & REV_PROXY_CHUNKED) sock_recv(&rev_proxy, buffer, 2, 0);
} while ((flags & REV_PROXY_CHUNKED) && len_to_send > 0);
if (flags & PROXY_CHUNKED) sock_recv(&proxy, buffer, 2, 0);
} while ((flags & PROXY_CHUNKED) && len_to_send > 0);
if (ret <= 0) return -1;
if (flags & REV_PROXY_CHUNKED) {
if (flags & PROXY_CHUNKED) {
ret = sock_send(client, "0\r\n\r\n", 5, 0);
if (ret <= 0) {
error("Unable to send: %s", sock_strerror(client));
@ -560,8 +560,8 @@ int rev_proxy_send(sock *client, unsigned long len_to_send, int flags) {
return 0;
}
int rev_proxy_dump(char *buf, long len) {
sock_recv(&rev_proxy, buf, len, 0);
sock_close(&rev_proxy);
int proxy_dump(char *buf, long len) {
sock_recv(&proxy, buf, len, 0);
sock_close(&proxy);
return 0;
}

39
src/lib/proxy.h Normal file
View File

@ -0,0 +1,39 @@
/**
* sesimos - secure, simple, modern web server
* @brief Reverse proxy (header file)
* @file src/lib/proxy.h
* @author Lorenz Stechauner
* @date 2021-01-07
*/
#ifndef SESIMOS_PROXY_H
#define SESIMOS_PROXY_H
#define PROXY_CHUNKED 1
#define PROXY_COMPRESS_GZ 2
#define PROXY_COMPRESS_BR 4
#define PROXY_COMPRESS 6
#ifndef SERVER_NAME
# define SERVER_NAME "revproxy"
#endif
#include "http.h"
#include "config.h"
#include "../client.h"
extern sock proxy;
int proxy_preload(void);
int proxy_request_header(http_req *req, int enc, client_ctx_t *ctx);
int proxy_response_header(http_req *req, http_res *res, host_config *conf);
int proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_config *conf, sock *client, client_ctx_t *cctx, http_status *custom_status, char *err_msg);
int proxy_send(sock *client, unsigned long len_to_send, int flags);
int proxy_dump(char *buf, long len);
#endif //SESIMOS_PROXY_H

39
src/lib/rev_proxy.h
View File

@ -1,39 +0,0 @@
/**
* sesimos - secure, simple, modern web server
* @brief Reverse proxy (header file)
* @file src/lib/rev_proxy.h
* @author Lorenz Stechauner
* @date 2021-01-07
*/
#ifndef SESIMOS_REV_PROXY_H
#define SESIMOS_REV_PROXY_H
#define REV_PROXY_CHUNKED 1
#define REV_PROXY_COMPRESS_GZ 2
#define REV_PROXY_COMPRESS_BR 4
#define REV_PROXY_COMPRESS 6
#ifndef SERVER_NAME
# define SERVER_NAME "revproxy"
#endif
#include "http.h"
#include "config.h"
#include "../client.h"
extern sock rev_proxy;
int rev_proxy_preload(void);
int rev_proxy_request_header(http_req *req, int enc, client_ctx_t *ctx);
int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf);
int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_config *conf, sock *client, client_ctx_t *cctx, http_status *custom_status, char *err_msg);
int rev_proxy_send(sock *client, unsigned long len_to_send, int flags);
int rev_proxy_dump(char *buf, long len);
#endif //SESIMOS_REV_PROXY_H

4
src/server.c
View File

@ -14,7 +14,7 @@
#include "lib/cache.h"
#include "lib/config.h"
#include "lib/sock.h"
#include "lib/rev_proxy.h"
#include "lib/proxy.h"
#include "lib/geoip.h"
#include "lib/utils.h"
@ -314,7 +314,7 @@ int main(int argc, const char *argv[]) {
client.ctx = contexts[0];
rev_proxy_preload();
proxy_preload();
for (int i = 0; i < NUM_SOCKETS; i++) {
if (listen(sockets[i], LISTEN_BACKLOG) < 0) {