151 Commits

Author SHA1 Message Date
c36ba8d3a5 logging: remove client host name 2025-09-28 17:59:09 +02:00
3bc1faac39 request_handler: Initialize content_length and transferred_length 2025-09-28 17:52:55 +02:00
151c4804fe Enhance logging 2025-09-28 17:48:11 +02:00
e1a92729d2 async: Fix ASYNC_ERR overwrite 2025-09-26 15:11:38 +02:00
72904c3ba9 Add log files 2025-09-26 15:07:21 +02:00
be84c3048b Try to solve epoll critical errors 2025-09-26 11:36:54 +02:00
73a469a7de Properly use Vary header 2025-08-17 20:45:00 +02:00
a0d774c9a4 Fix caching behaviour 2025-08-17 20:15:14 +02:00
28c6809768 server: Fix error handling in main loop 2025-08-14 21:35:14 +02:00
e93c478cc3 uri: Change file priority to .xhtml, .html, .php 2024-06-24 14:08:21 +02:00
1d0a545610 async: Check if SSL layer is ready 2024-06-07 11:54:50 +02:00
fb67f7e9b0 proxy_handler: Honor Transfer-Encoding 2024-05-11 14:24:44 +02:00
0dd9a9a843 Add XHTML support 2024-04-22 15:14:31 +02:00
6eaf5f5776 local_handler: Only send 417 when value invalid 2024-02-07 15:37:53 +01:00
75d36bb5bb Use correct color string 2024-02-07 15:34:21 +01:00
c6da5413d4 Add logging for 100 Continue 2024-02-07 15:32:44 +01:00
80d7626208 Implement Expect: 100-continue 2024-02-07 15:23:14 +01:00
e97809253a local_handler: Return early when not static 2024-02-07 11:55:17 +01:00
b26e80f18a sock: Add handling for want read/write 2024-02-06 23:33:24 +01:00
90b20d40d8 Add SSL_MODE_ENABLE_PARTIAL_WRITE to ssl context 2024-02-06 23:08:10 +01:00
34b860073c utils: Add application/sql as text 2024-01-05 18:24:04 +01:00
5d6bd07cfd websocket: Fix WebSocket upgrade 2024-01-04 01:25:44 +01:00
2a2c1ea442 socket: Honor EAGAIN for socket operations 2023-11-19 21:27:42 +01:00
fee4cc808a fastcgi: Add FIXME 2023-09-28 22:49:33 +02:00
0232331f99 Fix reverse proxy timeout issues 2023-09-08 02:51:57 +02:00
62b631c862 Fix FastCGI Non-Chunked bug 2023-09-08 02:18:52 +02:00
0f526d7b95 Fix FastCGI error handling 2023-07-13 23:18:10 +02:00
642286a838 Async: lock queue and make volatile 2023-07-11 18:15:15 +02:00
91a8959c8d Add FIXME for pipe overflow 2023-07-11 02:12:26 +02:00
197756bf15 Fix typo 2023-07-11 02:12:12 +02:00
f4697ce0f3 Fix typo 2023-07-11 01:57:48 +02:00
72c2e24050 Small improvements in async 2023-07-11 01:51:47 +02:00
745509cab1 Add debug message when joining mpmc workers 2023-07-11 01:50:36 +02:00
35d3612d9b Cleanup on request timeout 2023-07-11 01:50:00 +02:00
37671546ef Handle EBADF in async 2023-07-08 13:38:19 +02:00
beec199192 Add debug messages to terminate_gracefully() 2023-07-08 01:10:07 +02:00
afa0196277 Async: ignore ENOENT errors on remove 2023-07-08 01:05:18 +02:00
29a0775bf5 Update proxy 504/502 error codes responses (3) 2023-07-07 22:30:03 +02:00
46d661d5f3 Update proxy 504/502 error codes responses (2) 2023-07-07 22:24:40 +02:00
9ec1c1c3a2 Update proxy 504/502 error codes responses 2023-07-07 22:23:15 +02:00
d6b315c91c Update proxy closing behaviour 2023-07-07 22:13:47 +02:00
fd2abf9804 Handle EEXIST in async 2023-07-07 22:04:33 +02:00
ddb6623651 Handle connection closures from proxy peers in async 2023-07-07 21:56:38 +02:00
ef3e8475fb Honor Connection: closed received from reverse proxy peers 2023-07-07 21:30:56 +02:00
0cd63ff5e9 Fix typos 2023-07-07 21:28:07 +02:00
de3fcf8fc3 Honor proxy server timeout with one second buffer 2023-07-06 17:15:53 +02:00
0f40dcb5db Fix proxy_close to keep value of in_use 2023-07-06 14:57:06 +02:00
b7c8db01ac Fix proxy locking by adding volatile keyword to in_use 2023-07-06 12:03:08 +02:00
b6c9d7330d Free proxy connection slot when upgrading to WebSocket connection 2023-07-06 01:34:23 +02:00
c59977dada Fix proxy unlocking 2023-07-06 00:29:12 +02:00
77f0eeda6d Fix spacing 2023-07-06 00:20:27 +02:00
371bff0d07 Fix async and FastCGI timeout issues 2023-07-05 23:19:40 +02:00
2e3146f69a Fix FastCGI fds default value 2023-07-05 13:11:49 +02:00
733b73760c Fix payload usage in first FastCGI frame 2023-07-05 12:52:53 +02:00
a9fbd21f80 Add todo and fix comments 2023-07-05 00:42:06 +02:00
52ebad201f Fix sock_had_pending for pipe 2023-07-04 22:00:09 +02:00
7fe4abd379 Improve proxy error handling 2023-07-04 21:40:40 +02:00
56427e3003 Close ssl also when enc is not set in socket 2023-07-04 21:16:27 +02:00
914aa2d341 Fix socket.h sock_init() definition 2023-07-03 00:03:27 +02:00
db4bca6f13 Enlarge log message buffer from 16 to 256 2023-07-02 22:54:54 +02:00
f1ba02756a Output selected proxy slot 2023-07-02 22:52:12 +02:00
0b68c67982 Fix proxy try-loop 2023-07-02 17:45:53 +02:00
cb04af739c Fix nextcloud issues 2023-07-02 13:50:07 +02:00
cd25120362 Update reverse proxy message 2023-07-02 12:42:12 +02:00
13d6e30d01 Fix proxy loop 2023-07-02 12:21:26 +02:00
04f13c49af Unset socket now is -1 instead of 0 2023-07-02 12:21:00 +02:00
9aee302f6c Rename timeout to http_timeout 2023-07-02 00:14:39 +02:00
44e3b1332f Add first steps to honor timeout from server as proxy 2023-07-01 21:50:33 +02:00
808ebdb0a0 Add http_add_to_header_fiel() 2023-07-01 21:19:27 +02:00
31cd2e7e73 Fix FastCGI segfault error 2023-07-01 20:21:21 +02:00
bd8e71e83d Rename fcgi_cnx to fcgi_ctx in client struct 2023-07-01 20:13:51 +02:00
9aaa28f1ca Update php-fpm version 2023-07-01 19:26:20 +02:00
73e0cffa78 Hide .inc and .inc.php files 2023-01-30 23:00:56 +01:00
6f0371c46f Use getaddrinfo/getnameinfo instead of deprecated methods 2023-01-29 20:31:27 +01:00
ad6ffe5425 Use file descriptor in sock_set_socket_timeout_micros() 2023-01-29 11:57:37 +01:00
ab7e5cc722 Remove dns_server directive 2023-01-29 11:55:32 +01:00
40310faa4b Update error to support getaddrinfo 2023-01-29 11:38:48 +01:00
7a3adc6ed3 Remove gotos from proxy.c 2023-01-26 18:06:53 +01:00
bd73061462 Removing gotos in config.c 2023-01-26 17:31:20 +01:00
9ee0e11c86 Remove some gotos 2023-01-26 17:15:30 +01:00
240ed6bc25 Dumping stderr on FastCGI close 2023-01-26 15:01:48 +01:00
03dd126ca7 Add php error handling 2023-01-26 14:51:47 +01:00
17327006db Add async support for FastCGI 2023-01-26 13:34:04 +01:00
9237c791bb Set chunks_transferred to 0 2023-01-26 12:49:18 +01:00
f7a6214dbc Allow proxies to delay chunks 2023-01-26 12:46:30 +01:00
8053439212 Add chunk send/receiving functions 2023-01-26 11:41:10 +01:00
299e726341 Add pip abstraction for sock 2023-01-26 11:02:44 +01:00
e721e542f3 Add chunk_handler 2023-01-24 00:07:22 +01:00
df7dfb5107 Refactor uri.c
buf3 removed, unnecessary and not initialized
2023-01-23 23:43:14 +01:00
5f3ba2b971 Add sock_init() 2023-01-23 23:35:53 +01:00
1e0a7c95da Unset prefix at other position in async 2023-01-23 23:33:01 +01:00
0394c3afb4 Add new line in ws_frame_handler.c 2023-01-23 13:02:53 +01:00
32ea03079b Add sock_splice_all() 2023-01-23 12:55:41 +01:00
8b63d2cf32 Refactor proxy and socket a bit 2023-01-23 11:09:28 +01:00
d461ba6f29 Fix typo in workers.c 2023-01-23 10:09:34 +01:00
5b98fd0dab Catching error of async_thread() in main 2023-01-23 10:07:58 +01:00
0b1b0bcb56 Update async_check to check return value of poll() 2023-01-23 01:53:36 +01:00
44fc7f2e5c Add flags to sock_splice_chunked 2023-01-23 01:50:50 +01:00
c8b605aa90 Save proxy connection time 2023-01-13 02:59:48 +01:00
59b9bfd53e Finally remove compression from proxy 2023-01-13 02:49:25 +01:00
e8655102b9 Use sock in fastcgi 2023-01-13 02:36:41 +01:00
add135b3ad Use htons and ntohs in fastcgi 2023-01-12 20:40:40 +01:00
2d250621c8 Add time to log prefix 2023-01-12 20:29:34 +01:00
f96dc46ea7 Add sock_send_x and remove fastcgi compression 2023-01-12 19:51:26 +01:00
5138dafb8e Refactor compress a bit 2023-01-12 16:30:10 +01:00
4be5b0d195 lock magic in cache_handler 2023-01-12 16:29:05 +01:00
a84aa591d4 Really avoid double free in async 2023-01-12 15:25:40 +01:00
d7db1f0be9 Make error_str GNU_SOURCE compliant 2023-01-12 15:24:30 +01:00
116f7035ed Initialize cache after logger_init() 2023-01-12 15:10:16 +01:00
8abc0b8bfa Avoid double free in async 2023-01-12 15:09:05 +01:00
410d692372 Truly initialize thread name 2023-01-12 15:07:46 +01:00
f42ac83323 Add list_contains() to list 2023-01-12 15:07:03 +01:00
7d576b2466 Better lossy error code description 2023-01-12 13:13:24 +01:00
5acab8144d Rework error interface 2023-01-12 12:54:23 +01:00
4814035b62 Fix echo Makefile bug 2023-01-12 11:47:48 +01:00
15f400f376 Add status_code_t in http.h 2023-01-12 10:22:27 +01:00
32638fdd91 Fix list_remove() 2023-01-12 10:21:57 +01:00
07d6280864 Fix list pointer bug in proxy 2023-01-12 01:58:14 +01:00
820ce8dac9 Update logger_prefix 2023-01-12 00:34:04 +01:00
5bd9b3fb33 Hopeful fix 2023-01-11 23:53:43 +01:00
a3dcddf69d Add lock for clients list 2023-01-11 18:06:55 +01:00
487386158d Remove most memory leaks with valgrind 2023-01-11 17:50:11 +01:00
32f00175e4 Add lock to cache_handler 2023-01-11 15:55:39 +01:00
581b4dc5aa Fix flines() 2023-01-11 15:07:01 +01:00
611ceabfb2 Small fixes in tcp_acceptor 2023-01-11 14:49:06 +01:00
6b295cef95 Add Accept-Ranges lines 2023-01-11 14:30:12 +01:00
764b754a6f Add more utils 2023-01-11 11:06:36 +01:00
7699583c5f List/FastCGI cleanup 2023-01-11 00:34:17 +01:00
8b92d4ff91 Remove color_table 2023-01-10 23:54:47 +01:00
e8d8abdc5a Add -C --clean 2023-01-10 23:52:29 +01:00
15c6b7ddaa Create .sesimos/ in cache_init 2023-01-09 22:53:42 +01:00
e9a065f8aa Add -pthread to Makefile 2023-01-09 22:47:50 +01:00
0730429041 Fix error.c 2023-01-09 22:45:37 +01:00
af62a3065a Add http error handling 2023-01-09 22:01:50 +01:00
c36ad8c113 Add global error handling 2023-01-09 01:07:02 +01:00
7f7a07c4d2 Add HTTP status code descriptions 2023-01-08 23:13:47 +01:00
4ff22bd0c6 Handle timeouts in epoll 2023-01-08 22:19:16 +01:00
83ca2467de Add 1xx TODO 2023-01-08 20:34:04 +01:00
0a1fb977d6 Diversifying HTTP statuses 2023-01-08 01:37:45 +01:00
1405036cf2 Add 421 message 2023-01-07 16:30:23 +01:00
5f3cd03a6f Using 203 in /.sesimos/res/ 2023-01-07 02:48:43 +01:00
819b71f285 Add more HTTP status codes 2023-01-07 02:41:57 +01:00
ceaa384fce Using more diverse HTTP codes 2023-01-07 02:35:47 +01:00
99c4eb1c8a Update http_static 2023-01-07 00:21:25 +01:00
fb59b0d8c4 Using 504 instead of 503 2023-01-06 22:45:56 +01:00
946adb54d7 Handle HEAD for proxy 2023-01-06 10:41:45 +01:00
b369a1116e Handle HEAD as proxy 2023-01-05 22:55:00 +01:00
950bf19331 Use semaphores to keep track of proxy connections 2023-01-05 22:51:30 +01:00
993cb65724 Mark proxy connection free on error 2023-01-05 22:29:28 +01:00
c7be0adc66 Catch EBADF in async 2023-01-05 22:04:18 +01:00
4782707049 Working on TODOs in proxy.c 2023-01-05 21:59:23 +01:00
47 changed files with 3328 additions and 1894 deletions

View File

@@ -1,9 +1,9 @@
CC=gcc
CFLAGS=-std=gnu11 -Wno-unused-but-set-variable -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_SVID_SOURCE -D_POSIX_C_SOURCE=200809L
LDFLAGS=-lssl -lcrypto -lmagic -lz -lmaxminddb -lbrotlienc
CFLAGS=-std=gnu11 -Wno-unused-but-set-variable -D_DEFAULT_SOURCE -D_GNU_SOURCE -D_BSD_SOURCE -D_SVID_SOURCE -D_POSIX_C_SOURCE=200809L
LDFLAGS=-pthread -lssl -lcrypto -lmagic -lz -lmaxminddb -lbrotlienc
DEBIAN_OPTS=-D CACHE_MAGIC_FILE="\"/usr/share/file/magic.mgc\"" -D PHP_FPM_SOCKET="\"/var/run/php/php7.4-fpm.sock\""
DEBIAN_OPTS=-D CACHE_MAGIC_FILE="\"/usr/share/file/magic.mgc\"" -D PHP_FPM_SOCKET="\"/var/run/php/php8.2-fpm.sock\""
.PHONY: all prod debug default debian permit clean test
all: prod
@@ -36,7 +36,7 @@ bin/res:
mkdir -p bin/res
bin/test: test/mock_*.c test/test_*.c \
src/lib/utils.c src/lib/sock.c src/lib/list.c src/lib/http.c src/lib/http_static.c src/logger.c
src/lib/utils.c src/lib/sock.c src/lib/list.c src/lib/http.c src/lib/http_static.c src/logger.c src/lib/error.c
$(CC) -o $@ $(CFLAGS) $^ -lcriterion
@@ -54,16 +54,17 @@ bin/res/%.o: bin/res/%.txt
bin/res/%.txt: res/%.*
cp $^ $@
echo -ne "\x00" >> $@
/bin/echo -ne "\x00" >> $@
bin/sesimos: bin/server.o bin/logger.o bin/cache_handler.o bin/async.o bin/workers.o \
bin/worker/request_handler.o bin/worker/tcp_acceptor.o \
bin/worker/fastcgi_handler.o bin/worker/local_handler.o bin/worker/proxy_handler.o \
bin/worker/ws_frame_handler.o \
bin/worker/proxy_peer_handler.o \
bin/worker/ws_frame_handler.o bin/worker/chunk_handler.o bin/worker/fastcgi_frame_handler.o \
bin/lib/http_static.o bin/res/default.o bin/res/proxy.o bin/res/style.o \
bin/res/icon_error.o bin/res/icon_info.o bin/res/icon_success.o bin/res/icon_warning.o \
bin/res/globe.o \
bin/lib/compress.o bin/lib/config.o bin/lib/fastcgi.o bin/lib/geoip.o \
bin/lib/compress.o bin/lib/config.o bin/lib/fastcgi.o bin/lib/geoip.o bin/lib/error.o \
bin/lib/http.o bin/lib/proxy.o bin/lib/sock.o bin/lib/uri.o \
bin/lib/utils.o bin/lib/websocket.o bin/lib/mpmc.o bin/lib/list.o
$(CC) -o $@ $^ $(CFLAGS) $(LDFLAGS)
@@ -90,8 +91,14 @@ bin/worker/local_handler.o: src/worker/func.h
bin/worker/proxy_handler.o: src/worker/func.h
bin/worker/proxy_peer_handler.o: src/worker/func.h
bin/worker/ws_frame_handler.o: src/worker/func.h
bin/worker/fastcgi_frame_handler.o: src/worker/func.h
bin/worker/chunk_handler.o: src/worker/func.h
bin/lib/compress.o: src/lib/compress.h
bin/lib/config.o: src/lib/config.h src/lib/utils.h src/lib/uri.h src/logger.h
@@ -99,6 +106,8 @@ bin/lib/config.o: src/lib/config.h src/lib/utils.h src/lib/uri.h src/logger.h
bin/lib/fastcgi.o: src/lib/fastcgi.h src/server.h src/lib/utils.h src/lib/compress.h src/lib/http.h \
src/lib/uri.h src/lib/include/fastcgi.h src/logger.h
bin/lib/error.o: src/lib/error.h
bin/lib/geoip.o: src/lib/geoip.h
bin/lib/http.o: src/lib/http.h src/lib/utils.h src/lib/compress.h src/lib/sock.h src/logger.h

View File

@@ -27,7 +27,6 @@ See [doc/example.conf](doc/example.conf) for more details.
### Global directives
* `geoip_dir` (optional) - path to a directory containing GeoIP databases
* `dns_server` (optional) - address of a DNS server
### Configuration

View File

@@ -9,6 +9,7 @@
#include "async.h"
#include "logger.h"
#include "lib/list.h"
#include "lib/utils.h"
#include <poll.h>
#include <sys/epoll.h>
@@ -18,6 +19,7 @@
#include <pthread.h>
#include <semaphore.h>
#include <unistd.h>
#include <openssl/ssl.h>
#define ASYNC_MAX_EVENTS 16
@@ -28,6 +30,7 @@ typedef struct {
int flags;
void *arg;
void (*cb)(void *);
void (*to_cb)(void *);
void (*err_cb)(void *);
} evt_listen_t;
@@ -36,7 +39,7 @@ typedef struct {
evt_listen_t *q[ASYNC_MAX_EVENTS];
} listen_queue_t;
static listen_queue_t listen1, listen2, *listen_q = &listen1;
static volatile listen_queue_t listen1, listen2, *listen_q = &listen1;
static volatile sig_atomic_t alive = 1;
static pthread_t thread = -1;
static sem_t lock;
@@ -47,6 +50,13 @@ static short async_a2p(async_evt_t events) {
if (events & ASYNC_IN) ret |= POLLIN;
if (events & ASYNC_PRI) ret |= POLLPRI;
if (events & ASYNC_OUT) ret |= POLLOUT;
if (events & ASYNC_ERR_) ret |= POLLERR;
if (events & ASYNC_HUP) ret |= POLLHUP;
if (events & ASYNC_RDNORM) ret |= POLLRDNORM;
if (events & ASYNC_RDBAND) ret |= POLLRDBAND;
if (events & ASYNC_WRNORM) ret |= POLLWRNORM;
if (events & ASYNC_WRBAND) ret |= POLLWRBAND;
if (events & ASYNC_MSG) ret |= POLLMSG;
return ret;
}
@@ -55,6 +65,13 @@ static unsigned int async_a2e(async_evt_t events) {
if (events & ASYNC_IN) ret |= EPOLLIN;
if (events & ASYNC_PRI) ret |= EPOLLPRI;
if (events & ASYNC_OUT) ret |= EPOLLOUT;
if (events & ASYNC_ERR_) ret |= EPOLLERR;
if (events & ASYNC_HUP) ret |= EPOLLHUP;
if (events & ASYNC_RDNORM) ret |= EPOLLRDNORM;
if (events & ASYNC_RDBAND) ret |= EPOLLRDBAND;
if (events & ASYNC_WRNORM) ret |= EPOLLWRNORM;
if (events & ASYNC_WRBAND) ret |= EPOLLWRBAND;
if (events & ASYNC_MSG) ret |= EPOLLMSG;
return ret;
}
@@ -63,8 +80,13 @@ static async_evt_t async_p2a(short events) {
if (events & POLLIN) ret |= ASYNC_IN;
if (events & POLLPRI) ret |= ASYNC_PRI;
if (events & POLLOUT) ret |= ASYNC_OUT;
if (events & POLLERR) ret |= ASYNC_ERR;
if (events & POLLERR) ret |= ASYNC_ERR_;
if (events & POLLHUP) ret |= ASYNC_HUP;
if (events & POLLRDNORM) ret |= ASYNC_RDNORM;
if (events & POLLRDBAND) ret |= ASYNC_RDBAND;
if (events & POLLWRNORM) ret |= ASYNC_WRNORM;
if (events & POLLWRBAND) ret |= ASYNC_WRBAND;
if (events & POLLMSG) ret |= ASYNC_MSG;
return ret;
}
@@ -73,16 +95,29 @@ static async_evt_t async_e2a(unsigned int events) {
if (events & EPOLLIN) ret |= ASYNC_IN;
if (events & EPOLLPRI) ret |= ASYNC_PRI;
if (events & EPOLLOUT) ret |= ASYNC_OUT;
if (events & EPOLLERR) ret |= ASYNC_ERR;
if (events & EPOLLERR) ret |= ASYNC_ERR_;
if (events & EPOLLHUP) ret |= ASYNC_HUP;
if (events & EPOLLRDNORM) ret |= ASYNC_RDNORM;
if (events & EPOLLRDBAND) ret |= ASYNC_RDBAND;
if (events & EPOLLWRNORM) ret |= ASYNC_WRNORM;
if (events & EPOLLWRBAND) ret |= ASYNC_WRBAND;
if (events & EPOLLMSG) ret |= ASYNC_MSG;
return ret;
}
static short async_e2p(unsigned int events) {
return async_a2p(async_e2a(events));
}
static unsigned int async_p2e(short events) {
return async_a2e(async_p2a(events));
}
static int async_add_to_queue(evt_listen_t *evt) {
try_again:
if (sem_wait(&lock) != 0) {
while (sem_wait(&lock) != 0) {
if (errno == EINTR) {
goto try_again;
errno = 0;
continue;
} else {
return -1;
}
@@ -106,7 +141,7 @@ static int async_exec(evt_listen_t *evt, async_evt_t r_events) {
int ret, e = errno;
if (r_events & evt->events) {
// specified event(s) occurred
if (evt->socket && !sock_has_pending(evt->socket)) {
if (!(evt->flags & ASYNC_IGNORE_PENDING) && evt->socket && !sock_has_pending(evt->socket, 0)) {
evt->err_cb(evt->arg);
ret = 0;
} else {
@@ -122,7 +157,6 @@ static int async_exec(evt_listen_t *evt, async_evt_t r_events) {
ret = -1;
}
logger_set_prefix("");
errno = e;
return ret;
}
@@ -134,11 +168,21 @@ static int async_check(evt_listen_t *evt) {
}};
// check, if fd is already ready
if (poll(fds, 1, 0) == 1) {
// fd already ready
if (async_exec(evt, async_p2a(fds[0].revents)) == 0)
if (evt->events & ASYNC_IN && evt->socket && evt->socket->enc && SSL_pending(evt->socket->ssl) > 0) {
// ssl layer already ready
if (async_exec(evt, ASYNC_IN) == 0)
return 1;
}
switch (poll(fds, 1, 0)) {
case 1:
// fd already ready
if (async_exec(evt, async_p2a(fds[0].revents)) == 0)
return 1;
break;
case -1:
error("Unable to poll");
return -1;
}
return 0;
}
@@ -154,7 +198,7 @@ static int async_add(evt_listen_t *evt) {
return ret;
}
int async_fd(int fd, async_evt_t events, int flags, void *arg, void cb(void *), void err_cb(void *)) {
int async_fd(int fd, async_evt_t events, int flags, void *arg, void cb(void *), void to_cb(void *), void err_cb(void *)) {
evt_listen_t evt = {
.fd = fd,
.socket = NULL,
@@ -162,12 +206,13 @@ int async_fd(int fd, async_evt_t events, int flags, void *arg, void cb(void *),
.flags = flags,
.arg = arg,
.cb = cb,
.to_cb = to_cb,
.err_cb = err_cb,
};
return async_add(&evt);
}
int async(sock *s, async_evt_t events, int flags, void *arg, void cb(void *), void err_cb(void *)) {
int async(sock *s, async_evt_t events, int flags, void *arg, void cb(void *), void to_cb(void *), void err_cb(void *)) {
evt_listen_t evt = {
.fd = s->socket,
.socket = s,
@@ -175,6 +220,7 @@ int async(sock *s, async_evt_t events, int flags, void *arg, void cb(void *), vo
.flags = flags,
.arg = arg,
.cb = cb,
.to_cb = to_cb,
.err_cb = err_cb,
};
return async_add(&evt);
@@ -206,8 +252,11 @@ void async_free(void) {
void async_thread(void) {
struct epoll_event ev, events[ASYNC_MAX_EVENTS];
int num_fds;
evt_listen_t **local = list_create(sizeof(evt_listen_t *), 16);
if (local == NULL) {
long ts, min_ts, cur_ts;
volatile listen_queue_t *l;
evt_listen_t **local;
if ((local = list_create(sizeof(evt_listen_t *), 16)) == NULL) {
critical("Unable to create async local list");
return;
}
@@ -217,8 +266,18 @@ void async_thread(void) {
// main event loop
while (alive) {
// swap listen queue
listen_queue_t *l = listen_q;
while (sem_wait(&lock) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
critical("Unable to lock async queue");
return;
}
}
l = listen_q;
listen_q = (listen_q == &listen1) ? &listen2 : &listen1;
sem_post(&lock);
// fill local list and epoll instance with previously added queue entries
for (int i = 0; i < l->n; i++) {
@@ -232,7 +291,25 @@ void async_thread(void) {
ev.events = async_a2e(evt->events);
ev.data.ptr = evt;
if (epoll_ctl(epoll_fd, EPOLL_CTL_ADD, evt->fd, &ev) == -1) {
while (epoll_ctl(epoll_fd, EPOLL_CTL_ADD, evt->fd, &ev) == -1) {
if (errno == EEXIST) {
// fd already exists, delete old one
warning("Unable to add file descriptor to epoll instance");
errno = 0;
if (epoll_ctl(epoll_fd, EPOLL_CTL_DEL, evt->fd, NULL) != -1)
continue;
} else if (errno == EBADF || errno == EPERM) {
// fd probably already closed or does not support epoll somehow
// FIXME should not happen
warning("Unable to add file descriptor to epoll instance");
errno = 0;
local = list_delete(local, &evt);
if (local == NULL) {
critical("Unable to resize async local list");
return;
}
break;
}
critical("Unable to add file descriptor to epoll instance");
return;
}
@@ -240,7 +317,19 @@ void async_thread(void) {
// reset size of queue
l->n = 0;
if ((num_fds = epoll_wait(epoll_fd, events, ASYNC_MAX_EVENTS, -1)) == -1) {
// TODO timeout calculation = O(n)
// calculate wait timeout
min_ts = -1000, cur_ts = clock_micros();
for (int i = 0; i < list_size(local); i++) {
evt_listen_t *evt = local[i];
if (!evt->socket || evt->socket->timeout_us < 0) continue;
ts = evt->socket->ts_last + evt->socket->timeout_us - cur_ts;
if (min_ts == -1000 || ts < min_ts) min_ts = ts;
}
// epoll is used in level-triggered mode, so buffers are taken into account
if ((num_fds = epoll_wait(epoll_fd, events, ASYNC_MAX_EVENTS, (int) (min_ts / 1000))) == -1) {
if (errno == EINTR) {
// interrupt
errno = 0;
@@ -254,10 +343,18 @@ void async_thread(void) {
for (int i = 0; i < num_fds; i++) {
evt_listen_t *evt = events[i].data.ptr;
if (!list_contains(local, &evt)) continue;
if (async_exec(evt, async_e2a(events[i].events)) == 0) {
logger_set_prefix("");
if (epoll_ctl(epoll_fd, EPOLL_CTL_DEL, evt->fd, NULL) == -1) {
critical("Unable to remove file descriptor from epoll instance");
return;
if (errno == EBADF || errno == ENOENT || errno == EPERM) {
// already closed, fd not found, or fd does not support epoll, anyway do not die
errno = 0;
} else {
critical("Unable to remove file descriptor from epoll instance");
return;
}
}
local = list_delete(local, &evt);
@@ -268,7 +365,33 @@ void async_thread(void) {
free(evt);
}
logger_set_prefix("");
}
// check, if some socket ran into a timeout
cur_ts = clock_micros();
for (int i = 0; i < list_size(local); i++) {
evt_listen_t *evt = local[i];
if (!evt->socket) continue;
if (evt->socket->timeout_us >= 0 && (cur_ts - evt->socket->ts_last) >= evt->socket->timeout_us) {
evt->to_cb(evt->arg);
if (epoll_ctl(epoll_fd, EPOLL_CTL_DEL, evt->fd, NULL) == -1) {
if (errno == EBADF || errno == ENOENT || errno == EPERM) {
// already closed, fd not found, or fd does not support epoll, anyway do not die
errno = 0;
} else {
critical("Unable to remove file descriptor from epoll instance");
return;
}
}
local = list_remove(local, i--);
}
}
logger_set_prefix("");
errno = 0;
}
// cleanup

View File

@@ -12,21 +12,27 @@
#include "lib/sock.h"
#define ASYNC_KEEP 1
#define ASYNC_IGNORE_PENDING 2
#define ASYNC_IN 0x01
#define ASYNC_PRI 0x02
#define ASYNC_OUT 0x04
#define ASYNC_ERR 0x08
#define ASYNC_HUP 0x10
#define ASYNC_IN 0x001
#define ASYNC_PRI 0x002
#define ASYNC_OUT 0x004
#define ASYNC_ERR_ 0x008
#define ASYNC_HUP 0x010
#define ASYNC_RDNORM 0x040
#define ASYNC_RDBAND 0x080
#define ASYNC_WRNORM 0x100
#define ASYNC_WRBAND 0x200
#define ASYNC_MSG 0x400
#define ASYNC_WAIT_READ ASYNC_IN
#define ASYNC_WAIT_WRITE ASYNC_OUT
typedef unsigned int async_evt_t;
int async(sock *s, async_evt_t events, int flags, void *arg, void cb(void *), void err_cb(void *));
int async(sock *s, async_evt_t events, int flags, void *arg, void cb(void *), void to_cb(void *), void err_cb(void *));
int async_fd(int fd, async_evt_t events, int flags, void *arg, void cb(void *), void err_cb(void *));
int async_fd(int fd, async_evt_t events, int flags, void *arg, void cb(void *), void to_cb(void *), void err_cb(void *));
int async_init(void);

View File

@@ -25,10 +25,9 @@
#define CACHE_BUF_SIZE 16
static magic_t magic;
static pthread_t thread;
static sem_t sem_free, sem_used, sem_lock;
static sem_t sem_free, sem_used, sem_lock, sem_cache, sem_magic;
volatile sig_atomic_t alive = 1;
typedef struct {
@@ -53,6 +52,56 @@ static int magic_init(void) {
return 0;
}
static void magic_mime_type(const char *restrict filename, char *buf) {
while (sem_wait(&sem_magic) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
critical("Unable to lock magic semaphore");
return;
}
}
magic_setflags(magic, MAGIC_MIME_TYPE);
const char *type = magic_file(magic, filename);
if (strstarts(type, "text/")) {
if (strends(filename, ".css")) {
strcpy(buf, "text/css");
sem_post(&sem_magic);
return;
} else if (strends(filename, ".js")) {
strcpy(buf, "application/javascript");
sem_post(&sem_magic);
return;
} else if (strends(filename, ".xhtml")) {
strcpy(buf, "application/xhtml+xml");
sem_post(&sem_magic);
return;
}
}
strcpy(buf, type);
sem_post(&sem_magic);
}
static void magic_charset(const char *restrict filename, char *buf) {
while (sem_wait(&sem_magic) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
critical("Unable to lock magic semaphore");
return;
}
}
magic_setflags(magic, MAGIC_MIME_ENCODING);
strcpy(buf, magic_file(magic, filename));
sem_post(&sem_magic);
}
static void cache_free(void) {
for (int i = 0; i < CONFIG_MAX_HOST_CONFIG; i++) {
host_config_t *hc = &config.hosts[i];
@@ -61,6 +110,14 @@ static void cache_free(void) {
munmap(hc->cache, sizeof(cache_t));
}
magic_close(magic);
sem_destroy(&sem_lock);
sem_destroy(&sem_free);
sem_destroy(&sem_used);
sem_destroy(&sem_cache);
sem_destroy(&sem_magic);
}
static cache_entry_t *cache_get_entry(cache_t *cache, const char *filename) {
@@ -69,7 +126,7 @@ static cache_entry_t *cache_get_entry(cache_t *cache, const char *filename) {
for (int i = 0; i < CACHE_ENTRIES; i++) {
entry = &cache->entries[i];
if (entry->filename[0] == 0) break;
if (strcmp(entry->filename, filename) == 0) {
if (streq(entry->filename, filename)) {
// found
return entry;
}
@@ -80,14 +137,30 @@ static cache_entry_t *cache_get_entry(cache_t *cache, const char *filename) {
}
static cache_entry_t *cache_get_new_entry(cache_t *cache) {
// globally lock cache
while (sem_wait(&sem_cache) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
return NULL;
}
}
// search empty slot
cache_entry_t *entry;
for (int i = 0; i < CACHE_ENTRIES; i++) {
entry = &cache->entries[i];
if (entry->filename[0] == 0)
if (entry->filename[0] == 0) {
// unlock cache
sem_post(&sem_cache);
return entry;
}
}
// unlock cache
sem_post(&sem_cache);
// not found
return NULL;
}
@@ -98,7 +171,7 @@ static void cache_process_entry(cache_entry_t *entry) {
info("Hashing file %s", entry->filename);
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
EVP_DigestInit(ctx, EVP_sha1());
EVP_DigestInit(ctx, EVP_sha256());
FILE *file = fopen(entry->filename, "rb");
int compress = mime_is_compressible(entry->meta.type);
@@ -120,9 +193,7 @@ static void cache_process_entry(cache_entry_t *entry) {
char *rel_path = entry->filename + entry->webroot_len + 1;
for (int j = 0; j < strlen(rel_path); j++) {
char ch = rel_path[j];
if (ch == '/') ch = '_';
buf[j] = ch;
buf[j] = (char) ((rel_path[j] == '/') ? '_' : rel_path[j]);
}
buf[strlen(rel_path)] = 0;
@@ -146,7 +217,7 @@ static void cache_process_entry(cache_entry_t *entry) {
comp_err:
compress = 0;
} else {
if ((compress_init(&comp_ctx, COMPRESS_GZ | COMPRESS_BR)) != 0) {
if ((compress_init(&comp_ctx, COMPRESS_GZ | COMPRESS_BR | (mime_is_text(entry->meta.type) ? COMPRESS_UTF8 : 0))) != 0) {
error("Unable to init compression");
compress = 0;
fclose(comp_file_gz);
@@ -155,11 +226,9 @@ static void cache_process_entry(cache_entry_t *entry) {
}
}
unsigned long read;
while ((read = fread(buf, 1, sizeof(buf), file)) > 0) {
for (unsigned long read, avail_in, avail_out; (read = fread(buf, 1, sizeof(buf), file)) > 0;) {
EVP_DigestUpdate(ctx, buf, read);
if (compress) {
unsigned long avail_in, avail_out;
avail_in = read;
do {
avail_out = sizeof(comp_buf);
@@ -243,6 +312,13 @@ int cache_init(void) {
if (hc->type == CONFIG_TYPE_UNSET) break;
if (hc->type != CONFIG_TYPE_LOCAL) continue;
sprintf(buf, "%s/.sesimos", hc->local.webroot);
if (mkdir(buf, 0755) != 0 && errno != EEXIST) {
critical("Unable to create directory %s", buf);
return 1;
}
errno = 0;
sprintf(buf, "%s/.sesimos/metadata", hc->local.webroot);
if ((fd = open(buf, O_CREAT | O_RDWR, 0600)) == -1) {
critical("Unable to open file %s", buf);
@@ -267,7 +343,9 @@ int cache_init(void) {
// try to initialize all three semaphores
if (sem_init(&sem_lock, 0, 1) != 0 ||
sem_init(&sem_free, 0, 1) != 0 ||
sem_init(&sem_used, 0, 0) != 0)
sem_init(&sem_used, 0, 0) != 0 ||
sem_init(&sem_cache, 0, 1) != 0 ||
sem_init(&sem_magic, 0, 1) != 0)
{
critical("Unable to initialize semaphore");
return -1;
@@ -295,16 +373,15 @@ static void cache_mark_entry_dirty(cache_entry_t *entry) {
if (entry->flags & CACHE_DIRTY)
return;
entry->flags |= CACHE_DIRTY;
memset(entry->meta.etag, 0, sizeof(entry->meta.etag));
memset(entry->meta.filename_comp_gz, 0, sizeof(entry->meta.filename_comp_gz));
memset(entry->meta.filename_comp_br, 0, sizeof(entry->meta.filename_comp_br));
entry->flags |= CACHE_DIRTY;
try_again_free:
if (sem_wait(&sem_free) != 0) {
while (sem_wait(&sem_free) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_free;
continue;
} else {
error("Unable to lock semaphore");
errno = 0;
@@ -313,11 +390,10 @@ static void cache_mark_entry_dirty(cache_entry_t *entry) {
}
// try to lock buffer
try_again_lock:
if (sem_wait(&sem_lock) != 0) {
while (sem_wait(&sem_lock) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_lock;
continue;
} else {
error("Unable to lock semaphore");
errno = 0;
@@ -337,28 +413,12 @@ static void cache_mark_entry_dirty(cache_entry_t *entry) {
}
static void cache_update_entry(cache_entry_t *entry, const char *filename, const char *webroot) {
struct stat statbuf;
stat(filename, &statbuf);
memcpy(&entry->meta.stat, &statbuf, sizeof(statbuf));
entry->meta.mtime = stat_mtime(filename);
entry->webroot_len = (unsigned char) strlen(webroot);
strcpy(entry->filename, filename);
magic_setflags(magic, MAGIC_MIME_TYPE);
const char *type = magic_file(magic, filename);
char type_new[URI_TYPE_SIZE];
sprintf(type_new, "%s", type);
if (strncmp(type, "text/", 5) == 0) {
if (strcmp(filename + strlen(filename) - 4, ".css") == 0) {
sprintf(type_new, "text/css");
} else if (strcmp(filename + strlen(filename) - 3, ".js") == 0) {
sprintf(type_new, "application/javascript");
}
}
strcpy(entry->meta.type, type_new);
magic_setflags(magic, MAGIC_MIME_ENCODING);
strcpy(entry->meta.charset, magic_file(magic, filename));
magic_mime_type(filename, entry->meta.type);
magic_charset(filename, entry->meta.charset);
cache_mark_entry_dirty(entry);
}
@@ -387,9 +447,7 @@ void cache_init_uri(cache_t *cache, http_uri *uri) {
return;
// check, if file has changed
struct stat statbuf;
stat(uri->filename, &statbuf);
if (memcmp(&uri->meta->stat.st_mtime, &statbuf.st_mtime, sizeof(statbuf.st_mtime)) != 0) {
if (uri->meta->mtime != stat_mtime(uri->filename)) {
// modify time has changed
cache_update_entry(entry, uri->filename, uri->webroot);
}

View File

@@ -15,6 +15,7 @@
#define CHUNK_SIZE 8192
#define MAX_PROXY_CNX_PER_HOST 16
#define ADDRSTRLEN 39
#ifndef DEFAULT_HOST
# define DEFAULT_HOST "www.necronda.net"

View File

@@ -13,23 +13,25 @@
int compress_init(compress_ctx *ctx, int mode) {
ctx->brotli = NULL;
ctx->mode = 0;
int ret;
if (mode & COMPRESS_GZ) {
ctx->mode |= COMPRESS_GZ;
ctx->gzip.zalloc = Z_NULL;
ctx->gzip.zfree = Z_NULL;
ctx->gzip.opaque = Z_NULL;
ret = deflateInit2(&ctx->gzip, COMPRESS_LEVEL_GZIP, Z_DEFLATED, 15 + 16, 9, Z_DEFAULT_STRATEGY);
if (ret != Z_OK) return -1;
ctx->gzip.data_type = (mode & COMPRESS_UTF8) ? Z_TEXT : Z_UNKNOWN;
if (deflateInit2(&ctx->gzip, COMPRESS_LEVEL_GZIP, Z_DEFLATED, 15 + 16, 9, Z_DEFAULT_STRATEGY) != Z_OK)
return -1;
}
if (mode & COMPRESS_BR) {
ctx->mode |= COMPRESS_BR;
ctx->brotli = BrotliEncoderCreateInstance(NULL, NULL, NULL);
if (ctx->brotli == NULL) return -1;
BrotliEncoderSetParameter(ctx->brotli, BROTLI_PARAM_MODE, BROTLI_MODE_GENERIC);
if ((ctx->brotli = BrotliEncoderCreateInstance(NULL, NULL, NULL)) == NULL)
return -1;
BrotliEncoderSetParameter(ctx->brotli, BROTLI_PARAM_MODE, (mode & COMPRESS_UTF8) ? BROTLI_MODE_TEXT : ((mode & COMPRESS_WOFF) ? BROTLI_MODE_FONT : BROTLI_MODE_GENERIC));
BrotliEncoderSetParameter(ctx->brotli, BROTLI_PARAM_QUALITY, COMPRESS_LEVEL_BROTLI);
}
return 0;
}
@@ -41,26 +43,35 @@ int compress_compress(compress_ctx *ctx, const char *in, unsigned long *in_len,
return compress_compress_mode(ctx, ctx->mode, in, in_len, out, out_len, finish);
}
static int compress_brotli(BrotliEncoderState *ctx, const char *in, unsigned long *in_len, char *out, unsigned long *out_len, int finish) {
int ret = BrotliEncoderCompressStream(
ctx, finish ? BROTLI_OPERATION_FINISH : BROTLI_OPERATION_PROCESS,
in_len, (const unsigned char**) &in, out_len, (unsigned char **) &out, NULL);
return (ret == BROTLI_TRUE) ? 0 : -1;
}
static int compress_gzip(z_stream *gzip, const char *in, unsigned long *in_len, char *out, unsigned long *out_len, int finish) {
gzip->next_in = (unsigned char*) in;
gzip->avail_in = *in_len;
gzip->next_out = (unsigned char*) out;
gzip->avail_out = *out_len;
int ret = deflate(gzip, finish ? Z_FINISH : Z_NO_FLUSH);
*in_len = gzip->avail_in;
*out_len = gzip->avail_out;
return ret;
}
int compress_compress_mode(compress_ctx *ctx, int mode, const char *in, unsigned long *in_len, char *out, unsigned long *out_len, int finish) {
if ((mode & COMPRESS_GZ) && (mode & COMPRESS_BR)) {
errno = EINVAL;
return -1;
} else if (mode & COMPRESS_GZ) {
ctx->gzip.next_in = (unsigned char*) in;
ctx->gzip.avail_in = *in_len;
ctx->gzip.next_out = (unsigned char*) out;
ctx->gzip.avail_out = *out_len;
int ret = deflate(&ctx->gzip, finish ? Z_FINISH : Z_NO_FLUSH);
*in_len = ctx->gzip.avail_in;
*out_len = ctx->gzip.avail_out;
return ret;
return compress_gzip(&ctx->gzip, in, in_len, out, out_len, finish);
} else if (mode & COMPRESS_BR) {
int ret = BrotliEncoderCompressStream(ctx->brotli, finish ? BROTLI_OPERATION_FINISH : BROTLI_OPERATION_PROCESS,
in_len, (const unsigned char**) &in, out_len, (unsigned char **) &out, NULL);
return (ret == BROTLI_TRUE) ? 0 : -1;
return compress_brotli(ctx->brotli, in, in_len, out, out_len, finish);
} else {
errno = EINVAL;
return -2;
return -1;
}
}
@@ -69,6 +80,9 @@ int compress_free(compress_ctx *ctx) {
BrotliEncoderDestroyInstance(ctx->brotli);
ctx->brotli = NULL;
}
if (ctx->mode & COMPRESS_GZ) {
deflateEnd(&ctx->gzip);
}
ctx->mode = 0;
return 0;
}

View File

@@ -18,6 +18,8 @@
#define COMPRESS_GZ 1
#define COMPRESS_BR 2
#define COMPRESS 3
#define COMPRESS_UTF8 4
#define COMPRESS_WOFF 8
typedef struct {
int mode;

View File

@@ -8,6 +8,7 @@
#include "../logger.h"
#include "config.h"
#include "utils.h"
#include <stdio.h>
#include <string.h>
@@ -15,6 +16,149 @@
config_t config;
static int config_parse_line(char *line, char *section, int *i, int *j) {
int mode = 0;
char *source, *target;
char *ptr = line;
char *comment = strpbrk(ptr, "#\r\n");
if (comment != NULL) comment[0] = 0;
unsigned long len = strlen(ptr);
char *end_ptr = (len > 0) ? ptr + len - 1 : ptr;
while (end_ptr[0] == ' ' || end_ptr[0] == '\t') {
end_ptr[0] = 0;
end_ptr--;
}
len = strlen(ptr);
if (len == 0) return 0;
if (ptr[0] == '[') {
if (ptr[len - 1] != ']') return -1;
ptr++;
int l = 0;
if (strncmp(ptr, "host", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
ptr += 4;
while (ptr[0] == ' ' || ptr[0] == '\t' || ptr[0] == ']') ptr++;
while (ptr[l] != ' ' && ptr[l] != '\t' && ptr[l] != ']') l++;
if (l == 0) return -1;
snprintf(config.hosts[*i].name, sizeof(config.hosts[*i].name), "%.*s", l, ptr);
++(*i);
*section = 'h';
} else if (strncmp(ptr, "cert", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
ptr += 4;
while (ptr[0] == ' ' || ptr[0] == '\t' || ptr[0] == ']') ptr++;
while (ptr[l] != ' ' && ptr[l] != '\t' && ptr[l] != ']') l++;
if (l == 0) return -1;
snprintf(config.certs[*j].name, sizeof(config.certs[*j].name), "%.*s", l, ptr);
++(*j);
*section = 'c';
} else {
return -1;
}
return 0;
} else if (*section == 0) {
if (len > 10 && strncmp(ptr, "geoip_dir", 9) == 0 && (ptr[9] == ' ' || ptr[9] == '\t')) {
source = ptr + 9;
target = config.geoip_dir;
} else {
return -1;
}
} else if (*section == 'c') {
cert_config_t *cc = &config.certs[*j - 1];
if (len > 12 && strncmp(ptr, "certificate", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) {
source = ptr + 11;
target = cc->full_chain;
} else if (len > 12 && strncmp(ptr, "private_key", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) {
source = ptr + 11;
target = cc->priv_key;
} else {
return -1;
}
} else if (*section == 'h') {
host_config_t *hc = &config.hosts[*i - 1];
if (len > 8 && strncmp(ptr, "webroot", 7) == 0 && (ptr[7] == ' ' || ptr[7] == '\t')) {
source = ptr + 7;
target = hc->local.webroot;
if (hc->type != 0 && hc->type != CONFIG_TYPE_LOCAL) {
return -1;
} else {
hc->type = CONFIG_TYPE_LOCAL;
}
} else if (len > 5 && strncmp(ptr, "cert", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
source = ptr + 4;
target = hc->cert_name;
} else if (len > 9 && strncmp(ptr, "dir_mode", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = NULL;
mode = 1;
if (hc->type != 0 && hc->type != CONFIG_TYPE_LOCAL) {
return -1;
} else {
hc->type = CONFIG_TYPE_LOCAL;
}
} else if (len > 9 && strncmp(ptr, "hostname", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = hc->proxy.hostname;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
return -1;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
}
} else if (len > 5 && strncmp(ptr, "port", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
source = ptr + 4;
target = NULL;
mode = 2;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
return -1;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
}
} else if (streq(ptr, "http")) {
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
return -1;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->proxy.enc = 0;
}
return 0;
} else if (streq(ptr, "https")) {
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
return -1;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->proxy.enc = 1;
}
return 0;
} else {
return -1;
}
} else {
return -1;
}
while (source[0] == ' ' || source[0] == '\t') source++;
if (strlen(source) == 0) return -1;
if (target != NULL) {
strcpy(target, source);
} else if (mode == 1) {
if (streq(source, "forbidden")) {
config.hosts[*i - 1].local.dir_mode = URI_DIR_MODE_FORBIDDEN;
} else if (streq(source, "info")) {
config.hosts[*i - 1].local.dir_mode = URI_DIR_MODE_INFO;
} else if (streq(source, "list")) {
config.hosts[*i - 1].local.dir_mode = URI_DIR_MODE_LIST;
} else {
return -1;
}
} else if (mode == 2) {
config.hosts[*i - 1].proxy.port = (unsigned short) strtoul(source, NULL, 10);
}
return 0;
}
int config_load(const char *filename) {
FILE *file = fopen(filename, "r");
if (file == NULL) {
@@ -24,184 +168,45 @@ int config_load(const char *filename) {
memset(&config, 0, sizeof(config));
int i = 0;
int j = 0;
int line_num = 0;
int mode = 0;
int i = 0, j = 0;
char section = 0;
char *source, *target;
char *line = NULL;
ssize_t read;
size_t line_len = 0;
while ((read = getline(&line, &line_len, file)) != -1) {
line_num++;
char *ptr = line;
char *comment = strpbrk(ptr, "#\r\n");
if (comment != NULL) comment[0] = 0;
unsigned long len = strlen(ptr);
char *end_ptr = ptr + len - 1;
while (end_ptr[0] == ' ' || end_ptr[0] == '\t') {
end_ptr[0] = 0;
end_ptr--;
}
len = strlen(ptr);
if (len == 0) continue;
if (ptr[0] == '[') {
if (ptr[len - 1] != ']') goto err;
ptr++;
int l = 0;
if (strncmp(ptr, "host", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
ptr += 4;
while (ptr[0] == ' ' || ptr[0] == '\t' || ptr[0] == ']') ptr++;
while (ptr[l] != ' ' && ptr[l] != '\t' && ptr[l] != ']') l++;
if (l == 0) goto err;
snprintf(config.hosts[i].name, sizeof(config.hosts[i].name), "%.*s", l, ptr);
i++;
section = 'h';
} else if (strncmp(ptr, "cert", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
ptr += 4;
while (ptr[0] == ' ' || ptr[0] == '\t' || ptr[0] == ']') ptr++;
while (ptr[l] != ' ' && ptr[l] != '\t' && ptr[l] != ']') l++;
if (l == 0) goto err;
snprintf(config.certs[j].name, sizeof(config.certs[j].name), "%.*s", l, ptr);
j++;
section = 'c';
} else {
goto err;
}
continue;
} else if (section == 0) {
if (len > 10 && strncmp(ptr, "geoip_dir", 9) == 0 && (ptr[9] == ' ' || ptr[9] == '\t')) {
source = ptr + 9;
target = config.geoip_dir;
} else if (len > 11 && strncmp(ptr, "dns_server", 10) == 0 && (ptr[10] == ' ' || ptr[10] == '\t')) {
source = ptr + 10;
target = config.dns_server;
} else {
goto err;
}
} else if (section == 'c') {
cert_config_t *cc = &config.certs[j - 1];
if (len > 12 && strncmp(ptr, "certificate", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) {
source = ptr + 11;
target = cc->full_chain;
} else if (len > 12 && strncmp(ptr, "private_key", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) {
source = ptr + 11;
target = cc->priv_key;
} else {
goto err;
}
} else if (section == 'h') {
host_config_t *hc = &config.hosts[i - 1];
if (len > 8 && strncmp(ptr, "webroot", 7) == 0 && (ptr[7] == ' ' || ptr[7] == '\t')) {
source = ptr + 7;
target = hc->local.webroot;
if (hc->type != 0 && hc->type != CONFIG_TYPE_LOCAL) {
goto err;
} else {
hc->type = CONFIG_TYPE_LOCAL;
}
} else if (len > 5 && strncmp(ptr, "cert", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
source = ptr + 4;
target = hc->cert_name;
} else if (len > 9 && strncmp(ptr, "dir_mode", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = NULL;
mode = 1;
if (hc->type != 0 && hc->type != CONFIG_TYPE_LOCAL) {
goto err;
} else {
hc->type = CONFIG_TYPE_LOCAL;
}
} else if (len > 9 && strncmp(ptr, "hostname", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = hc->proxy.hostname;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
}
} else if (len > 5 && strncmp(ptr, "port", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
source = ptr + 4;
target = NULL;
mode = 2;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
}
} else if (strcmp(ptr, "http") == 0) {
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->proxy.enc = 0;
}
continue;
} else if (strcmp(ptr, "https") == 0) {
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->proxy.enc = 1;
}
continue;
} else {
goto err;
}
} else {
goto err;
}
while (source[0] == ' ' || source[0] == '\t') source++;
if (strlen(source) == 0) {
err:
critical("Unable to parse config file (line %i)", line);
for (int line_num = 1; getline(&line, &line_len, file) != -1; line_num++) {
if (config_parse_line(line, &section, &i, &j) != 0) {
critical("Unable to parse config file (line %i)", line_num);
free(line);
fclose(file);
return -2;
}
if (target != NULL) {
strcpy(target, source);
} else if (mode == 1) {
if (strcmp(source, "forbidden") == 0) {
config.hosts[i - 1].local.dir_mode = URI_DIR_MODE_FORBIDDEN;
} else if (strcmp(source, "info") == 0) {
config.hosts[i - 1].local.dir_mode = URI_DIR_MODE_INFO;
} else if (strcmp(source, "list") == 0) {
config.hosts[i - 1].local.dir_mode = URI_DIR_MODE_LIST;
} else {
goto err;
}
} else if (mode == 2) {
config.hosts[i - 1].proxy.port = (unsigned short) strtoul(source, NULL, 10);
}
}
free(line);
fclose(file);
for (int k = 0; k < i; k++) {
host_config_t *hc = &config.hosts[k];
if (hc->type == CONFIG_TYPE_LOCAL) {
char *webroot = config.hosts[k].local.webroot;
if (webroot[strlen(webroot) - 1] == '/') {
webroot[strlen(webroot) - 1] = 0;
}
while (webroot[strlen(webroot) - 1] == '/') webroot[strlen(webroot) - 1] = 0;
}
if (hc->cert_name[0] == 0) goto err2;
if (hc->cert_name[0] == 0) {
critical("Unable to parse config file: host config (%s) does not contain a certificate", hc->name);
return -2;
}
int found = 0;
for (int m = 0; m < j; m++) {
if (strcmp(config.certs[m].name, hc->cert_name) == 0) {
if (streq(config.certs[m].name, hc->cert_name)) {
hc->cert = m;
found = 1;
break;
}
}
if (!found) {
err2:
critical("Unable to parse config file");
critical("Unable to parse config file: certificate (%s) for host config (%s) not found", hc->cert_name, hc->name);
return -2;
}
}
@@ -213,7 +218,7 @@ host_config_t *get_host_config(const char *host) {
for (int i = 0; i < CONFIG_MAX_HOST_CONFIG; i++) {
host_config_t *hc = &config.hosts[i];
if (hc->type == CONFIG_TYPE_UNSET) break;
if (strcmp(hc->name, host) == 0) return hc;
if (streq(hc->name, host)) return hc;
if (hc->name[0] == '*' && hc->name[1] == '.') {
const char *pos = strstr(host, hc->name + 1);
if (pos != NULL && strlen(pos) == strlen(hc->name + 1)) return hc;

View File

@@ -53,7 +53,6 @@ typedef struct {
host_config_t hosts[CONFIG_MAX_HOST_CONFIG];
cert_config_t certs[CONFIG_MAX_CERT_CONFIG];
char geoip_dir[256];
char dns_server[256];
} config_t;
extern config_t config;

87
src/lib/error.c Normal file
View File

@@ -0,0 +1,87 @@
/**
* sesimos - secure, simple, modern web server
* @brief Error interface
* @file src/lib/error.c
* @author Lorenz Stechauner
* @date 2023-01-08
*/
#include "error.h"
#include "../logger.h"
#include <errno.h>
#include <string.h>
#include <netdb.h>
extern const char *sock_error_str(unsigned long err);
extern const char *http_error_str(int err);
extern const char *MMDB_strerror(int err);
extern const char *ERR_reason_error_string(unsigned long err);
static int error_compress(unsigned long err) {
int comp = ((int) err & 0xFFFF) | (((int) err >> 8) & 0xFF0000);
if (err & 0xFF0000) warning("Lossy error code compression! (%08lX -> %08X)", err, comp);
return comp;
}
static unsigned long error_decompress(int err) {
return (err & 0xFFFF) | ((err << 8) & 0xFF000000);
}
const char *error_str(int err_no, char *buf, int buf_len) {
buf[0] = 0;
int e = err_no & 0x00FFFFFF;
switch (err_no >> 24) {
case 0x00: return strerror_r(e, buf, buf_len);
case 0x01: return sock_error_str(error_decompress(e));
case 0x02: return ERR_reason_error_string(error_decompress(e));
case 0x03: return MMDB_strerror(e);
case 0x04: return http_error_str(e);
case 0x05: return gai_strerror(e);
}
return buf;
}
void error_ssl(unsigned long err) {
errno = 0x01000000 | error_compress(err);
}
void error_ssl_err(unsigned long err) {
errno = 0x02000000 | error_compress(err);
}
void error_mmdb(int err) {
errno = 0x03000000 | err;
}
void error_http(int err) {
errno = 0x04000000 | err;
}
void error_gai(int err) {
errno = 0x05000000 | err;
}
static int error_get(unsigned char prefix) {
return (errno >> 24 != prefix) ? 0 : errno & 0x00FFFFFF;
}
int error_get_sys() {
return error_get(0x00);
}
int error_get_ssl() {
return error_get(0x01);
}
int error_get_ssl_err() {
return error_get(0x02);
}
int error_get_mmdb() {
return error_get(0x03);
}
int error_get_http() {
return error_get(0x04);
}

32
src/lib/error.h Normal file
View File

@@ -0,0 +1,32 @@
/**
* sesimos - secure, simple, modern web server
* @brief Error interface (header fie)
* @file src/lib/error.h
* @author Lorenz Stechauner
* @date 2023-01-08
*/
#ifndef SESIMOS_ERROR_H
#define SESIMOS_ERROR_H
const char *error_str(int err_no, char *buf, int buf_len);
void error_ssl(unsigned long err);
void error_ssl_err(unsigned long err);
void error_mmdb(int err);
void error_http(int err);
void error_gai(int err);
int error_get_sys();
int error_get_ssl();
int error_get_mmdb();
int error_get_http();
#endif //SESIMOS_ERROR_H

View File

@@ -6,102 +6,112 @@
* @date 2020-12-26
*/
#include "../defs.h"
#include "fastcgi.h"
#include "utils.h"
#include "compress.h"
#include "../logger.h"
#include "list.h"
#include "../workers.h"
#include <sys/un.h>
#include <sys/socket.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
char *fastcgi_add_param(char *buf, const char *key, const char *value) {
char *ptr = buf;
unsigned long key_len = strlen(key);
unsigned long val_len = strlen(value);
if (key_len <= 127) {
ptr[0] = (char) (key_len & 0x7F);
ptr++;
} else {
ptr[0] = (char) (0x80 | (key_len >> 24));
ptr[1] = (char) ((key_len >> 16) & 0xFF);
ptr[2] = (char) ((key_len >> 8) & 0xFF);
ptr[3] = (char) (key_len & 0xFF);
*((int *) ptr) = htonl(0x80000000 | key_len);
ptr += 4;
}
if (val_len <= 127) {
ptr[0] = (char) (val_len & 0x7F);
ptr++;
} else {
ptr[0] = (char) (0x80 | (val_len >> 24));
ptr[1] = (char) ((val_len >> 16) & 0xFF);
ptr[2] = (char) ((val_len >> 8) & 0xFF);
ptr[3] = (char) (val_len & 0xFF);
*((int *) ptr) = htonl(0x80000000 | val_len);
ptr += 4;
}
strcpy(ptr, key);
memcpy(ptr, key, key_len);
ptr += key_len;
strcpy(ptr, value);
memcpy(ptr, value, val_len);
ptr += val_len;
return ptr;
}
int fastcgi_send_data(fastcgi_cnx_t *cnx, unsigned char type, unsigned short len, void *data) {
// build header
FCGI_Header header = {
.version = FCGI_VERSION_1,
.type = type,
.requestId = htons(cnx->req_id),
.contentLength = htons(len),
.paddingLength = 0,
.reserved = 0,
};
// send FastCGI header with MSG_MORE flag
if (sock_send_x(&cnx->socket, &header, sizeof(header), (len != 0) ? MSG_MORE : 0) == -1) {
error("Unable to send to FastCGI socket");
return -1;
}
// send data (if available)
if (sock_send_x(&cnx->socket, data, len, 0) == -1) {
error("Unable to send to FastCGI socket");
return -1;
}
// return bytes sent totally
return len + (int) sizeof(header);
}
int fastcgi_init(fastcgi_cnx_t *conn, int mode, unsigned int req_num, const sock *client, const http_req *req, const http_uri *uri) {
conn->mode = mode;
conn->header_sent = 0;
conn->req_id = (req_num + 1) & 0xFFFF;
conn->out_buf = NULL;
conn->out_off = 0;
conn->webroot = uri->webroot;
conn->err = NULL;
conn->fd_err_bytes = 0;
conn->fd_out = -1;
conn->fd_err = -1;
sock_init(&conn->out, -1, SOCK_PIPE);
int fcgi_sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (fcgi_sock < 0) {
conn->socket.enc = 0;
if ((conn->socket.socket = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
error("Unable to create unix socket");
return -1;
}
conn->socket = fcgi_sock;
struct sockaddr_un sock_addr = {AF_UNIX};
if (conn->mode == FASTCGI_SESIMOS) {
snprintf(sock_addr.sun_path, sizeof(sock_addr.sun_path) - 1, "%s", SESIMOS_BACKEND_SOCKET);
} else if (conn->mode == FASTCGI_PHP) {
snprintf(sock_addr.sun_path, sizeof(sock_addr.sun_path) - 1, "%s", PHP_FPM_SOCKET);
struct sockaddr_un sock_addr = { AF_UNIX };
if (conn->mode == FASTCGI_BACKEND_PHP) {
strcpy(sock_addr.sun_path, PHP_FPM_SOCKET);
}
if (connect(conn->socket, (struct sockaddr *) &sock_addr, sizeof(sock_addr)) < 0) {
error("Unable to connect to unix socket of FastCGI socket");
if (connect(conn->socket.socket, (struct sockaddr *) &sock_addr, sizeof(sock_addr)) != 0) {
error("Unable to connect to FastCGI (unix) socket");
return -1;
}
FCGI_Header header = {
.version = FCGI_VERSION_1,
.requestIdB1 = conn->req_id >> 8,
.requestIdB0 = conn->req_id & 0xFF,
.paddingLength = 0,
.reserved = 0
FCGI_BeginRequestBody begin = {
.role = htons(FCGI_RESPONDER),
.flags = 0,
.reserved = {0},
};
header.type = FCGI_BEGIN_REQUEST;
header.contentLengthB1 = 0;
header.contentLengthB0 = sizeof(FCGI_BeginRequestBody);
FCGI_BeginRequestRecord begin = {
header,
{.roleB1 = (FCGI_RESPONDER >> 8) & 0xFF, .roleB0 = FCGI_RESPONDER & 0xFF, .flags = 0}
};
if (send(conn->socket, &begin, sizeof(begin), 0) != sizeof(begin)) {
error("Unable to send to FastCGI socket");
return -2;
}
char param_buf[4096];
char buf0[256];
char *param_ptr = param_buf + sizeof(header);
if (fastcgi_send_data(conn, FCGI_BEGIN_REQUEST, sizeof(begin), &begin) == -1)
return -1;
char param_buf[4096], buf0[256], *param_ptr = param_buf;
param_ptr = fastcgi_add_param(param_ptr, "REDIRECT_STATUS", "CGI");
param_ptr = fastcgi_add_param(param_ptr, "DOCUMENT_ROOT", uri->webroot);
param_ptr = fastcgi_add_param(param_ptr, "GATEWAY_INTERFACE", "CGI/1.1");
@@ -117,13 +127,13 @@ int fastcgi_init(fastcgi_cnx_t *conn, int mode, unsigned int req_num, const sock
socklen_t len = sizeof(addr_storage);
getsockname(client->socket, (struct sockaddr *) &addr_storage, &len);
addr = (struct sockaddr_in6 *) &addr_storage;
sprintf(buf0, "%i", addr->sin6_port);
sprintf(buf0, "%i", ntohs(addr->sin6_port));
param_ptr = fastcgi_add_param(param_ptr, "SERVER_PORT", buf0);
len = sizeof(addr_storage);
getpeername(client->socket, (struct sockaddr *) &addr_storage, &len);
addr = (struct sockaddr_in6 *) &addr_storage;
sprintf(buf0, "%i", addr->sin6_port);
sprintf(buf0, "%i", ntohs(addr->sin6_port));
param_ptr = fastcgi_add_param(param_ptr, "REMOTE_PORT", buf0);
param_ptr = fastcgi_add_param(param_ptr, "REMOTE_ADDR", conn->r_addr);
param_ptr = fastcgi_add_param(param_ptr, "REMOTE_HOST", conn->r_host != NULL ? conn->r_host : conn->r_addr);
@@ -153,7 +163,7 @@ int fastcgi_init(fastcgi_cnx_t *conn, int mode, unsigned int req_num, const sock
// param_ptr = fastcgi_add_param(param_ptr, "REMOTE_INFO", conn->ctx->geoip);
//}
for (int i = 0; i < list_size(&req->hdr); i++) {
for (int i = 0; i < list_size(req->hdr.fields); i++) {
const http_field *f = &req->hdr.fields[i];
const char *name = http_field_get_name(f);
char *ptr = buf0;
@@ -173,216 +183,230 @@ int fastcgi_init(fastcgi_cnx_t *conn, int mode, unsigned int req_num, const sock
param_ptr = fastcgi_add_param(param_ptr, buf0, http_field_get_value(f));
}
unsigned short param_len = param_ptr - param_buf - sizeof(header);
header.type = FCGI_PARAMS;
header.contentLengthB1 = param_len >> 8;
header.contentLengthB0 = param_len & 0xFF;
memcpy(param_buf, &header, sizeof(header));
if (send(conn->socket, param_buf, param_len + sizeof(header), 0) != param_len + sizeof(header)) {
error("Unable to send to FastCGI socket");
return -2;
}
if (fastcgi_send_data(conn, FCGI_PARAMS, param_ptr - param_buf, param_buf) == -1)
return -1;
header.type = FCGI_PARAMS;
header.contentLengthB1 = 0;
header.contentLengthB0 = 0;
if (send(conn->socket, &header, sizeof(header), 0) != sizeof(header)) {
error("Unable to send to FastCGI socket");
return -2;
}
if (fastcgi_send_data(conn, FCGI_PARAMS, 0, NULL) == -1)
return -1;
int pipes[2][2];
if (pipe(pipes[0]) == -1 || pipe(pipes[1]) == -1)
return -1;
conn->fd_out = pipes[1][1];
conn->out.socket = pipes[1][0];
sock_set_timeout(&conn->out, FASTCGI_TIMEOUT);
conn->fd_err = pipes[0][1];
conn->err = fdopen(pipes[0][0], "r");
return 0;
}
int fastcgi_close_stdin(fastcgi_cnx_t *conn) {
FCGI_Header header = {
.version = FCGI_VERSION_1,
.type = FCGI_STDIN,
.requestIdB1 = conn->req_id >> 8,
.requestIdB0 = conn->req_id & 0xFF,
.contentLengthB1 = 0,
.contentLengthB0 = 0,
.paddingLength = 0,
.reserved = 0
};
int fastcgi_close_cnx(fastcgi_cnx_t *cnx) {
int e = errno;
if (send(conn->socket, &header, sizeof(header), 0) != sizeof(header)) {
error("Unable to send to FastCGI socket");
return -2;
}
if (cnx->err) fclose(cnx->err);
cnx->err = NULL;
sock_close(&cnx->socket);
sock_close(&cnx->out);
if (cnx->fd_err != -1) close(cnx->fd_err);
if (cnx->fd_out != -1) close(cnx->fd_out);
cnx->fd_err = -1;
cnx->fd_out = -1;
errno = e;
return 0;
}
int fastcgi_php_error(const fastcgi_cnx_t *conn, const char *msg, int msg_len, char *err_msg) {
char *msg_str = malloc(msg_len + 1);
char *ptr0 = msg_str;
memcpy(msg_str, msg, msg_len);
msg_str[msg_len] = 0;
char *ptr1 = NULL;
int len;
int fastcgi_close_stdin(fastcgi_cnx_t *cnx) {
return (fastcgi_send_data(cnx, FCGI_STDIN, 0, NULL) == -1) ? -1 : 0;
}
int fastcgi_php_error(fastcgi_cnx_t *cnx, char *err_msg) {
char *line = NULL, *line_ptr = NULL;
size_t line_len = 0;
int err = 0;
// FIXME *msg is part of a stream, handle fragmented lines
while (1) {
log_lvl_t msg_type = LOG_INFO;
int msg_pre_len = 0;
ptr1 = strstr(ptr0, "PHP message: ");
if (ptr1 == NULL) {
len = (int) (msg_len - (ptr0 - msg_str));
if (ptr0 == msg_str) msg_type = 2;
} else {
len = (int) (ptr1 - ptr0);
}
if (len == 0) {
goto next;
log_lvl_t msg_type = LOG_INFO;
// FIXME php fastcgi sends multiple calls with '; ' as delimiter
for (long ret; cnx->fd_err_bytes > 0 && (ret = getline(&line, &line_len, cnx->err)) != -1; cnx->fd_err_bytes -= ret) {
if (ret > 0) line[ret - 1] = 0;
line_ptr = line;
if (strstarts(line_ptr, "PHP message: ")) {
line_ptr += 13;
if (strstarts(line_ptr, "PHP Warning: ")) {
msg_type = LOG_WARNING;
} else if (strstarts(line_ptr, "PHP Fatal error: ")) {
msg_type = LOG_ERROR;
} else if (strstarts(line_ptr, "PHP Parse error: ")) {
msg_type = LOG_ERROR;
} else if (strstarts(line_ptr, "PHP Notice: ")) {
msg_type = LOG_NOTICE;
}
}
if (len >= 14 && strncmp(ptr0, "PHP Warning: ", 14) == 0) {
msg_type = LOG_WARNING;
msg_pre_len = 14;
} else if (len >= 18 && strncmp(ptr0, "PHP Fatal error: ", 18) == 0) {
msg_type = LOG_ERROR;
msg_pre_len = 18;
} else if (len >= 18 && strncmp(ptr0, "PHP Parse error: ", 18) == 0) {
msg_type = LOG_ERROR;
msg_pre_len = 18;
} else if (len >= 18 && strncmp(ptr0, "PHP Notice: ", 13) == 0) {
msg_type = LOG_NOTICE;
msg_pre_len = 13;
}
logmsgf(msg_type, "%s", line_ptr);
char *ptr2 = ptr0;
char *ptr3;
int len2;
while (ptr2 - ptr0 < len) {
ptr3 = strchr(ptr2, '\n');
len2 = (int) (len - (ptr2 - ptr0));
if (ptr3 != NULL && (ptr3 - ptr2) < len2) {
len2 = (int) (ptr3 - ptr2);
}
logmsgf(msg_type, "%.*s", len2, ptr2);
if (msg_type == 2 && ptr2 == ptr0) {
strcpy_rem_webroot(err_msg, ptr2, len2, conn->webroot);
err = 1;
}
if (ptr3 == NULL) {
break;
}
ptr2 = ptr3 + 1;
if (err_msg && msg_type <= LOG_ERROR && line_ptr != line) {
strcpy_rem_webroot(err_msg, line_ptr, cnx->webroot);
err = 1;
}
next:
if (ptr1 == NULL) {
break;
}
ptr0 = ptr1 + 13;
}
free(msg_str);
// cleanup
free(line);
return err;
}
int fastcgi_header(fastcgi_cnx_t *conn, http_res *res, char *err_msg) {
int fastcgi_recv_frame(fastcgi_cnx_t *cnx) {
FCGI_Header header;
char *content;
unsigned short content_len, req_id;
long ret;
int err = 0;
unsigned short req_id, content_len;
while (1) {
ret = recv(conn->socket, &header, sizeof(header), 0);
if (ret < 0) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket");
return 1;
} else if (ret != sizeof(header)) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket");
return 1;
}
req_id = (header.requestIdB1 << 8) | header.requestIdB0;
content_len = (header.contentLengthB1 << 8) | header.contentLengthB0;
content = malloc(content_len + header.paddingLength);
ret = recv(conn->socket, content, content_len + header.paddingLength, 0);
if (ret < 0) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket");
free(content);
return 1;
} else if (ret != (content_len + header.paddingLength)) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket");
free(content);
return 1;
}
if (sock_recv_x(&cnx->socket, &header, sizeof(header), 0) == -1)
return -1;
if (req_id != conn->req_id) {
continue;
}
req_id = ntohs(header.requestId);
content_len = ntohs(header.contentLength);
if (header.type == FCGI_END_REQUEST) {
FCGI_EndRequestBody *body = (FCGI_EndRequestBody *) content;
int app_status = (body->appStatusB3 << 24) | (body->appStatusB2 << 16) | (body->appStatusB1 << 8) |
body->appStatusB0;
if (body->protocolStatus != FCGI_REQUEST_COMPLETE) {
error("FastCGI protocol error: %i", body->protocolStatus);
}
if (app_status != 0) {
error("FastCGI app terminated with exit code %i", app_status);
}
close(conn->socket);
conn->socket = 0;
free(content);
return 1;
} else if (header.type == FCGI_STDERR) {
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
err = err || fastcgi_php_error(conn, content, content_len, err_msg);
if (req_id != cnx->req_id) {
warning("Invalid request id from FastCGI socket");
char content[256 * 256];
sock_recv_x(&cnx->socket, content, content_len + header.paddingLength, 0);
return -1;
}
if (header.type == FCGI_STDOUT || header.type == FCGI_STDERR) {
char buf[256];
if (header.type == FCGI_STDOUT && !cnx->header_sent) {
char content[256 * 256];
if (sock_recv_x(&cnx->socket, content, content_len + header.paddingLength, 0) == -1)
return -1;
char *h_pos = strstr(content, "\r\n\r\n");
long header_len = h_pos - content + 4;
if (h_pos != NULL) {
uint64_t len;
len = header_len;
if (write(cnx->fd_out, &len, sizeof(len)) == -1)
return -1;
if (write(cnx->fd_out, content, len) == -1)
return -1;
cnx->header_sent = 1;
len = content_len - header_len;
if (len > 0) {
if (write(cnx->fd_out, &len, sizeof(len)) == -1)
return -1;
if (write(cnx->fd_out, content + header_len, len) == -1)
return -1;
}
return header.type;
}
} else if (header.type == FCGI_STDOUT) {
break;
} else {
error("Unknown FastCGI type: %i", header.type);
uint64_t len = content_len;
if (write(cnx->fd_out, &len, sizeof(len)) == -1)
return -1;
}
free(content);
}
if (err) {
res->status = http_get_status(500);
return 2;
int fd = cnx->fd_out;
if (header.type == FCGI_STDERR) {
fd = cnx->fd_err;
cnx->fd_err_bytes += content_len + 1;
}
for (long ret, sent = 0; sent < content_len; sent += ret) {
// FIXME if pipe is full thread gets stuck
if ((ret = splice(cnx->socket.socket, 0, fd, 0, content_len - sent, 0)) == -1) {
if (errno == EINTR) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
}
if (header.type == FCGI_STDERR) write(fd, "\n", 1);
if (sock_recv_x(&cnx->socket, buf, header.paddingLength, 0) == -1)
return -1;
return header.type;
}
conn->out_buf = content;
conn->out_len = content_len;
conn->out_off = (unsigned short) (strstr(content, "\r\n\r\n") - content + 4);
char content[256 * 256];
if (sock_recv_x(&cnx->socket, content, content_len + header.paddingLength, 0) == -1)
return -1;
if (header.type == FCGI_END_REQUEST) {
FCGI_EndRequestBody *body = (FCGI_EndRequestBody *) content;
cnx->app_status = ntohl(body->appStatus);
if (body->protocolStatus != FCGI_REQUEST_COMPLETE)
error("FastCGI protocol error: %i", body->protocolStatus);
} else {
warning("Unknown FastCGI type: %i", header.type);
return -1;
}
return header.type;
}
int fastcgi_header(fastcgi_cnx_t *cnx, http_res *res, char *err_msg) {
long ret, len;
char content[CLIENT_MAX_HEADER_SIZE];
if ((len = sock_recv_chunk_header(&cnx->out)) == -1) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket (1)");
return -1;
}
if ((ret = sock_recv_x(&cnx->out, content, len, 0)) == -1) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket (2)");
return -1;
}
content[ret] = 0;
char *buf = content;
unsigned short header_len = conn->out_off;
if (header_len <= 0) {
char *h_pos = strstr(content, "\r\n\r\n");
if (h_pos == NULL) {
error("Unable to parse header: End of header not found");
return 1;
return -1;
}
long header_len = h_pos - content + 4;
for (int i = 0; i < header_len; i++) {
if ((buf[i] >= 0x00 && buf[i] <= 0x1F && buf[i] != '\r' && buf[i] != '\n') || buf[i] == 0x7F) {
error("Unable to parse header: Header contains illegal characters");
return 2;
return -1;
}
}
if (fastcgi_php_error(cnx, err_msg) != 0) {
res->status = http_get_status(500);
return 1;
}
char *ptr = buf;
while (header_len != (ptr - buf)) {
char *pos0 = strstr(ptr, "\r\n");
if (pos0 == NULL) {
error("Unable to parse header: Invalid header format");
return 1;
return -1;
}
ret = http_parse_header_field(&res->hdr, ptr, pos0, 0);
if (ret != 0) return (int) ret;
if (pos0[2] == '\r' && pos0[3] == '\n') {
return 0;
}
@@ -392,237 +416,36 @@ int fastcgi_header(fastcgi_cnx_t *conn, http_res *res, char *err_msg) {
return 0;
}
int fastcgi_send(fastcgi_cnx_t *conn, sock *client, int flags) {
FCGI_Header header;
long ret;
char buf0[256];
int len;
char *content, *ptr;
unsigned short req_id, content_len;
char comp_out[4096];
int finish_comp = 0;
compress_ctx comp_ctx;
if (flags & FASTCGI_COMPRESS_BR) {
flags &= ~FASTCGI_COMPRESS_GZ;
if (compress_init(&comp_ctx, COMPRESS_BR) != 0) {
error("Unable to init brotli");
flags &= ~FASTCGI_COMPRESS_BR;
}
} else if (flags & FASTCGI_COMPRESS_GZ) {
flags &= ~FASTCGI_COMPRESS_BR;
if (compress_init(&comp_ctx, COMPRESS_GZ) != 0) {
error("Unable to init gzip");
flags &= ~FASTCGI_COMPRESS_GZ;
}
}
if (conn->out_buf != NULL && conn->out_len > conn->out_off) {
content = conn->out_buf;
ptr = content + conn->out_off;
content_len = conn->out_len - conn->out_off;
goto out;
}
while (1) {
ret = recv(conn->socket, &header, sizeof(header), 0);
if (ret < 0) {
error("Unable to receive from FastCGI socket");
return -1;
} else if (ret != sizeof(header)) {
error("Unable to receive from FastCGI socket: received len (%li) != header len (%li)", ret, sizeof(header));
return -1;
}
req_id = (header.requestIdB1 << 8) | header.requestIdB0;
content_len = (header.contentLengthB1 << 8) | header.contentLengthB0;
content = malloc(content_len + header.paddingLength);
ptr = content;
long rcv_len = 0;
while (rcv_len < content_len + header.paddingLength) {
ret = recv(conn->socket, content + rcv_len, content_len + header.paddingLength - rcv_len, 0);
if (ret < 0) {
error("Unable to receive from FastCGI socket");
free(content);
return -1;
}
rcv_len += ret;
}
if (header.type == FCGI_END_REQUEST) {
FCGI_EndRequestBody *body = (FCGI_EndRequestBody *) content;
int app_status = (body->appStatusB3 << 24) | (body->appStatusB2 << 16) | (body->appStatusB1 << 8) |
body->appStatusB0;
if (body->protocolStatus != FCGI_REQUEST_COMPLETE) {
error("FastCGI protocol error: %i", body->protocolStatus);
}
if (app_status != 0) {
error("FastCGI app terminated with exit code %i", app_status);
}
close(conn->socket);
conn->socket = 0;
free(content);
if (flags & FASTCGI_COMPRESS) {
finish_comp = 1;
content_len = 0;
goto out;
finish:
compress_free(&comp_ctx);
}
if (flags & FASTCGI_CHUNKED) {
sock_send(client, "0\r\n\r\n", 5, 0);
}
return 0;
} else if (header.type == FCGI_STDERR) {
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
fastcgi_php_error(conn, content, content_len, buf0);
}
} else if (header.type == FCGI_STDOUT) {
unsigned long avail_in, avail_out;
out:
avail_in = content_len;
char *next_in = ptr;
do {
int buf_len = content_len;
if (flags & FASTCGI_COMPRESS) {
avail_out = sizeof(comp_out);
compress_compress(&comp_ctx, next_in + content_len - avail_in, &avail_in, comp_out, &avail_out, finish_comp);
ptr = comp_out;
buf_len = (int) (sizeof(comp_out) - avail_out);
}
if (buf_len != 0) {
len = sprintf(buf0, "%X\r\n", buf_len);
if (flags & FASTCGI_CHUNKED) sock_send(client, buf0, len, 0);
sock_send(client, ptr, buf_len, 0);
if (flags & FASTCGI_CHUNKED) sock_send(client, "\r\n", 2, 0);
}
} while ((flags & FASTCGI_COMPRESS) && (avail_in != 0 || avail_out != sizeof(comp_out)));
if (finish_comp) goto finish;
} else {
error("Unknown FastCGI type: %i", header.type);
}
free(content);
}
int fastcgi_dump(fastcgi_cnx_t *cnx, char *buf, long len) {
return sock_recv_x(&cnx->socket, buf, len, 0) == -1 ? -1 : 0;
}
int fastcgi_dump(fastcgi_cnx_t *conn, char *buf, long len) {
FCGI_Header header;
long ret;
char buf0[256];
char *content, *ptr = buf;
unsigned short req_id, content_len;
int fastcgi_receive(fastcgi_cnx_t *cnx, sock *client, unsigned long len) {
char buf[CHUNK_SIZE];
if (conn->out_buf != NULL && conn->out_len > conn->out_off) {
ptr += snprintf(ptr, len, "%.*s", conn->out_len - conn->out_off, conn->out_buf + conn->out_off);
}
while (1) {
ret = recv(conn->socket, &header, sizeof(header), 0);
if (ret < 0) {
error("Unable to receive from FastCGI socket");
return -1;
} else if (ret != sizeof(header)) {
error("Unable to receive from FastCGI socket: received len (%li) != header len (%li)", ret, sizeof(header));
for (long to_send = (long) len, ret; to_send > 0; to_send -= ret) {
if ((ret = sock_recv(client, buf, (to_send > sizeof(buf)) ? sizeof(buf) : to_send, 0)) <= 0) {
error("Unable to receive");
return -1;
}
req_id = (header.requestIdB1 << 8) | header.requestIdB0;
content_len = (header.contentLengthB1 << 8) | header.contentLengthB0;
content = malloc(content_len + header.paddingLength);
long rcv_len = 0;
while (rcv_len < content_len + header.paddingLength) {
ret = recv(conn->socket, content + rcv_len, content_len + header.paddingLength - rcv_len, 0);
if (ret < 0) {
error("Unable to receive from FastCGI socket");
free(content);
return -1;
}
rcv_len += ret;
}
if (header.type == FCGI_END_REQUEST) {
FCGI_EndRequestBody *body = (FCGI_EndRequestBody *) content;
int app_status = (body->appStatusB3 << 24) | (body->appStatusB2 << 16) | (body->appStatusB1 << 8) |
body->appStatusB0;
if (body->protocolStatus != FCGI_REQUEST_COMPLETE) {
error("FastCGI protocol error: %i", body->protocolStatus);
}
if (app_status != 0) {
error("FastCGI app terminated with exit code %i", app_status);
}
close(conn->socket);
conn->socket = 0;
free(content);
return 0;
} else if (header.type == FCGI_STDERR) {
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
fastcgi_php_error(conn, content, content_len, buf0);
}
} else if (header.type == FCGI_STDOUT) {
ptr += snprintf(ptr, len - (ptr - buf), "%.*s", content_len, content);
} else {
error("Unknown FastCGI type: %i", header.type);
}
free(content);
}
}
int fastcgi_receive(fastcgi_cnx_t *conn, sock *client, unsigned long len) {
unsigned long rcv_len = 0;
char *buf[16384];
long ret;
FCGI_Header header = {
.version = FCGI_VERSION_1,
.type = FCGI_STDIN,
.requestIdB1 = conn->req_id >> 8,
.requestIdB0 = conn->req_id & 0xFF,
.contentLengthB1 = 0,
.contentLengthB0 = 0,
.paddingLength = 0,
.reserved = 0
};
while (rcv_len < len) {
ret = sock_recv(client, buf, sizeof(buf), 0);
if (ret <= 0) {
error("Unable to receive: %s", sock_strerror(client));
if (fastcgi_send_data(cnx, FCGI_STDIN, ret, buf) == -1)
return -1;
}
rcv_len += ret;
header.contentLengthB1 = (ret >> 8) & 0xFF;
header.contentLengthB0 = ret & 0xFF;
if (send(conn->socket, &header, sizeof(header), 0) != sizeof(header)) goto err;
if (send(conn->socket, buf, ret, 0) != ret) {
err:
error("Unable to send to FastCGI socket");
return -2;
}
}
return 0;
}
int fastcgi_receive_chunked(fastcgi_cnx_t *conn, sock *client) {
long ret;
unsigned long next_len;
while (1) {
ret = sock_get_chunk_header(client);
if (ret < 0) return (int) ret;
next_len = ret;
if (next_len <= 0) break;
ret = fastcgi_receive(conn, client, next_len);
if (ret < 0) return (int) ret;
}
return 0;
}
int fastcgi_receive_chunked(fastcgi_cnx_t *cnx, sock *client) {
for (long ret;;) {
if ((ret = sock_recv_chunk_header(client)) < 0) {
return (int) ret;
} else if (ret == 0) {
break;
}
if ((ret = fastcgi_receive(cnx, client, ret)) < 0)
return (int) ret;
}
return 0;

View File

@@ -13,29 +13,25 @@
#include "http.h"
#include "uri.h"
#define FASTCGI_CHUNKED 1
#define FASTCGI_COMPRESS_GZ 2
#define FASTCGI_COMPRESS_BR 4
#define FASTCGI_COMPRESS 6
#define FASTCGI_COMPRESS_HOLD 8
#define FASTCGI_SOCKET_TIMEOUT 1
#define FASTCGI_TIMEOUT 3600
#define FASTCGI_PHP 1
#define FASTCGI_SESIMOS 2
#define FASTCGI_BACKEND_PHP 1
#ifndef PHP_FPM_SOCKET
# define PHP_FPM_SOCKET "/var/run/php-fpm/php-fpm.sock"
#endif
#define SESIMOS_BACKEND_SOCKET "/var/run/sesimos/backend.sock"
typedef struct {
int mode;
int socket;
unsigned char header_sent:1;
sock socket, out;
int fd_err, fd_out;
long fd_err_bytes;
FILE *err;
unsigned short req_id;
char *out_buf;
int app_status;
const char *webroot;
unsigned short out_len;
unsigned short out_off;
char *r_addr;
char *r_host;
} fastcgi_cnx_t;
@@ -44,18 +40,24 @@ char *fastcgi_add_param(char *buf, const char *key, const char *value);
int fastcgi_init(fastcgi_cnx_t *conn, int mode, unsigned int req_num, const sock *client, const http_req *req, const http_uri *uri);
int fastcgi_close_stdin(fastcgi_cnx_t *conn);
int fastcgi_close_cnx(fastcgi_cnx_t *cnx);
int fastcgi_php_error(const fastcgi_cnx_t *conn, const char *msg, int msg_len, char *err_msg);
int fastcgi_close_stdin(fastcgi_cnx_t *cnx);
int fastcgi_header(fastcgi_cnx_t *conn, http_res *res, char *err_msg);
int fastcgi_php_error(fastcgi_cnx_t *cnx, char *err_msg);
int fastcgi_send(fastcgi_cnx_t *conn, sock *client, int flags);
int fastcgi_recv_frame(fastcgi_cnx_t *cnx);
int fastcgi_dump(fastcgi_cnx_t *conn, char *buf, long len);
int fastcgi_header(fastcgi_cnx_t *cnx, http_res *res, char *err_msg);
long fastcgi_send(fastcgi_cnx_t *cnx, sock *client);
int fastcgi_dump(fastcgi_cnx_t *cnx, char *buf, long len);
int fastcgi_receive(fastcgi_cnx_t *cnx, sock *client, unsigned long len);
int fastcgi_receive_chunked(fastcgi_cnx_t *cnx, sock *client);
int fastcgi_receive(fastcgi_cnx_t *conn, sock *client, unsigned long len);
int fastcgi_receive_chunked(fastcgi_cnx_t *conn, sock *client);
#endif //SESIMOS_FASTCGI_H

View File

@@ -8,12 +8,25 @@
#include "geoip.h"
#include "../logger.h"
#include "error.h"
#include "utils.h"
#include <memory.h>
#include <dirent.h>
#include <errno.h>
static MMDB_s mmdbs[GEOIP_MAX_MMDB];
static void mmdb_error(int err) {
if (err == MMDB_SUCCESS) {
errno = 0;
} else if (err == MMDB_IO_ERROR) {
// errno already set
} else {
error_mmdb(err);
}
}
static MMDB_entry_data_list_s *geoip_json(MMDB_entry_data_list_s *list, char *str, long *str_off, long str_len) {
switch (list->entry_data.type) {
case MMDB_DATA_TYPE_MAP:
@@ -90,7 +103,7 @@ int geoip_init(const char *directory) {
struct dirent *entry;
int i = 0, status;
while ((entry = readdir(geoip_dir)) != NULL) {
if (strcmp(entry->d_name + strlen(entry->d_name) - 5, ".mmdb") != 0)
if (!strends(entry->d_name, ".mmdb"))
continue;
if (i >= GEOIP_MAX_MMDB) {
@@ -101,7 +114,8 @@ int geoip_init(const char *directory) {
sprintf(buf, "%s/%s", directory, entry->d_name);
if ((status = MMDB_open(buf, 0, &mmdbs[i])) != MMDB_SUCCESS) {
critical("Unable to initialize geoip: Unable to open .mmdb file: %s", MMDB_strerror(status));
mmdb_error(status);
critical("Unable to initialize geoip: Unable to open .mmdb file");
closedir(geoip_dir);
return 1;
}
@@ -164,7 +178,8 @@ int geoip_lookup_json(struct sockaddr *addr, char *json, long len) {
int mmdb_res;
MMDB_lookup_result_s result = MMDB_lookup_sockaddr(&mmdbs[i], addr, &mmdb_res);
if (mmdb_res != MMDB_SUCCESS) {
error("Unable to lookup geoip info: %s", MMDB_strerror(mmdb_res));
mmdb_error(mmdb_res);
error("Unable to lookup geoip info");
continue;
} else if (!result.found_entry) {
continue;
@@ -172,7 +187,8 @@ int geoip_lookup_json(struct sockaddr *addr, char *json, long len) {
MMDB_entry_data_list_s *list;
if ((mmdb_res = MMDB_get_entry_data_list(&result.entry, &list)) != MMDB_SUCCESS) {
error("Unable to lookup geoip info: %s", MMDB_strerror(mmdb_res));
mmdb_error(mmdb_res);
error("Unable to lookup geoip info");
continue;
}

View File

@@ -6,14 +6,45 @@
* @date 2020-12-09
*/
#include "../logger.h"
#include "http.h"
#include "utils.h"
#include "compress.h"
#include "list.h"
#include "error.h"
#include <string.h>
#include <errno.h>
void http_append_to_header_field(http_field *field, const char *value, unsigned long len);
static int http_error(int err) {
if (err == 0) {
errno = 0;
} else if (err == HTTP_ERROR_SYSCALL) {
// errno already set
} else {
error_http(err);
}
return -1;
}
const char *http_error_str(int err) {
switch (err) {
case HTTP_ERROR_TOO_MANY_HEADER_FIELDS:
return "too many header fields";
case HTTP_ERROR_EOH_NOT_FOUND:
return "end of http header not found";
case HTTP_ERROR_HEADER_MALFORMED:
return "http header malformed";
case HTTP_ERROR_INVALID_VERSION:
return "invalid http version";
case HTTP_ERROR_URI_TOO_LONG:
return "uri too long";
case HTTP_ERROR_GENERAL:
default:
return "unknown error";
}
}
void http_to_camel_case(char *str, int mode) {
if (mode == HTTP_PRESERVE)
@@ -88,25 +119,23 @@ void http_free_res(http_res *res) {
}
int http_init_hdr(http_hdr *hdr) {
hdr->last_field_num = -1;
hdr->fields = list_create(sizeof(http_field), HTTP_INIT_HEADER_FIELD_NUM);
if (hdr->fields == NULL)
return -1;
return http_error(HTTP_ERROR_SYSCALL);
return 0;
}
int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr, int flags) {
if (hdr->last_field_num > list_size(hdr->fields)) {
error("Unable to parse header: Invalid state");
return 3;
}
if (hdr->last_field_num > list_size(hdr->fields))
return http_error(HTTP_ERROR_GENERAL);
char *pos1 = (char *) buf, *pos2 = (char *) end_ptr;
if (buf[0] == ' ' || buf[0] == '\t') {
if (hdr->last_field_num == -1) {
error("Unable to parse header");
return 3;
}
if (hdr->last_field_num == -1)
return http_error(HTTP_ERROR_GENERAL);
http_field *f = &hdr->fields[(int) hdr->last_field_num];
str_trim_lws(&pos1, &pos2);
@@ -116,23 +145,23 @@ int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr,
}
pos1 = memchr(buf, ':', end_ptr - buf);
if (pos1 == NULL) {
error("Unable to parse header");
return 3;
}
if (pos1 == NULL)
return http_error(HTTP_ERROR_GENERAL);
long len1 = pos1 - buf;
pos1++;
str_trim_lws(&pos1, &pos2);
long len2 = pos2 - pos1;
char header_name[256];
sprintf(header_name, "%.*s", (int) len1, buf);
int field_num = list_size(hdr->fields);
int found = http_get_header_field_num_len(hdr, buf, len1);
int found = http_get_header_field_num(hdr, header_name);
if (!(flags & HTTP_MERGE_FIELDS) || found == -1) {
if (http_add_header_field_len(hdr, buf, len1, pos1, len2 < 0 ? 0 : len2) != 0) {
error("Unable to parse header: Too many header fields");
return 3;
}
if (http_add_header_field_len(hdr, buf, len1, pos1, len2 < 0 ? 0 : len2) != 0)
return http_error(HTTP_ERROR_TOO_MANY_HEADER_FIELDS);
} else {
field_num = found;
http_append_to_header_field(&hdr->fields[found], ", ", 2);
@@ -148,62 +177,51 @@ int http_parse_request(char *buf, http_req *req) {
long len;
unsigned long header_len = strstr(buf, "\r\n\r\n") - buf + 4;
if (header_len <= 0) {
error("Unable to parse http header: End of header not found");
return -5;
}
if (header_len <= 0)
return http_error(HTTP_ERROR_EOH_NOT_FOUND);
for (int i = 0; i < header_len; i++) {
if ((buf[i] >= 0x00 && buf[i] <= 0x1F && buf[i] != '\r' && buf[i] != '\n') || buf[i] == 0x7F) {
error("Unable to parse http header: Header contains illegal characters");
return -4;
}
if ((buf[i] >= 0x00 && buf[i] <= 0x1F && buf[i] != '\r' && buf[i] != '\n') || buf[i] == 0x7F)
return http_error(HTTP_ERROR_HEADER_MALFORMED);
}
ptr = buf;
while (header_len > (ptr - buf + 2)) {
pos0 = strstr(ptr, "\r\n");
if (pos0 == NULL) {
error("Unable to parse http header: Invalid header format");
return -1;
}
if (pos0 == NULL)
return http_error(HTTP_ERROR_HEADER_MALFORMED);
if (req->version[0] == 0) {
pos1 = (char *) strchr(ptr, ' ') + 1;
if (pos1 == NULL) goto err_hdr_fmt;
if (pos1 == NULL)
return http_error(HTTP_ERROR_HEADER_MALFORMED);
if (pos1 - ptr - 1 >= sizeof(req->method)) {
error("Unable to parse http header: Method name too long");
return -2;
}
if (pos1 - ptr - 1 >= sizeof(req->method))
return http_error(HTTP_ERROR_HEADER_MALFORMED);
for (int i = 0; i < (pos1 - ptr - 1); i++) {
if (ptr[i] < 'A' || ptr[i] > 'Z') {
error("Unable to parse http header: Invalid method");
return -2;
}
if (ptr[i] < 'A' || ptr[i] > 'Z')
return http_error(HTTP_ERROR_HEADER_MALFORMED);
}
snprintf(req->method, sizeof(req->method), "%.*s", (int) (pos1 - ptr - 1), ptr);
pos2 = (char *) strchr(pos1, ' ') + 1;
if (pos2 == NULL) {
err_hdr_fmt:
error("Unable to parse http header: Invalid header format");
return -1;
}
if (pos2 == NULL)
return http_error(HTTP_ERROR_HEADER_MALFORMED);
if (memcmp(pos2, "HTTP/", 5) != 0 || memcmp(pos2 + 8, "\r\n", 2) != 0) {
error("Unable to parse http header: Invalid version");
return -3;
}
if (memcmp(pos2, "HTTP/", 5) != 0 || memcmp(pos2 + 8, "\r\n", 2) != 0)
return http_error(HTTP_ERROR_INVALID_VERSION);
len = pos2 - pos1 - 1;
if (len >= 2048)
return http_error(HTTP_ERROR_URI_TOO_LONG);
req->uri = malloc(len + 1);
sprintf(req->uri, "%.*s", (int) len, pos1);
sprintf(req->version, "%.3s", pos2 + 5);
} else {
int ret = http_parse_header_field(&req->hdr, ptr, pos0, HTTP_MERGE_FIELDS);
if (ret != 0) return -ret;
if (http_parse_header_field(&req->hdr, ptr, pos0, HTTP_MERGE_FIELDS) != 0)
return -1;
}
ptr = pos0 + 2;
}
@@ -212,7 +230,7 @@ int http_parse_request(char *buf, http_req *req) {
return (int) header_len;
}
return -1;
return http_error(HTTP_ERROR_GENERAL);
}
int http_receive_request(sock *client, http_req *req) {
@@ -222,43 +240,32 @@ int http_receive_request(sock *client, http_req *req) {
memset(req->method, 0, sizeof(req->method));
memset(req->version, 0, sizeof(req->version));
req->uri = NULL;
req->hdr.last_field_num = -1;
http_init_hdr(&req->hdr);
rcv_len = sock_recv(client, buf, CLIENT_MAX_HEADER_SIZE - 1, MSG_PEEK);
if (rcv_len <= 0) {
error("Unable to receive http header: %s", sock_strerror(client));
if (rcv_len <= 0)
return -1;
}
buf[rcv_len] = 0;
long header_len = http_parse_request(buf, req);
if (header_len < 0)
return (int) -header_len;
rcv_len = sock_recv(client, buf, header_len, 0);
if (rcv_len != header_len)
if (sock_recv_x(client, buf, header_len, 0) == -1)
return -1;
return 0;
}
const char *http_get_header_field(const http_hdr *hdr, const char *field_name) {
return http_get_header_field_len(hdr, field_name, strlen(field_name));
}
const char *http_get_header_field_len(const http_hdr *hdr, const char *field_name, unsigned long len) {
int num = http_get_header_field_num_len(hdr, field_name, len);
int num = http_get_header_field_num(hdr, field_name);
return (num >= 0 && num < list_size(hdr->fields)) ? http_field_get_value(&hdr->fields[num]) : NULL;
}
int http_get_header_field_num(const http_hdr *hdr, const char *field_name) {
return http_get_header_field_num_len(hdr, field_name, strlen(field_name));
}
int http_get_header_field_num_len(const http_hdr *hdr, const char *field_name, unsigned long len) {
for (int i = 0; i < list_size(hdr->fields); i++) {
if (strncasecmp(field_name, http_field_get_name(&hdr->fields[i]), len) == 0)
if (strcasecmp(field_name, http_field_get_name(&hdr->fields[i])) == 0)
return i;
}
@@ -302,6 +309,15 @@ int http_add_header_field_len(http_hdr *hdr, const char *name, unsigned long nam
return 0;
}
int http_add_to_header_field(http_hdr *hdr, const char *field_name, const char *field_value) {
int field_num = http_get_header_field_num(hdr, field_name);
if (field_num == -1)
return http_add_header_field(hdr, field_name, field_value);
http_append_to_header_field(&hdr->fields[field_num], field_value, strlen(field_value));
return 0;
}
void http_append_to_header_field(http_field *field, const char *value, unsigned long len) {
if (field->type == HTTP_FIELD_NORMAL) {
unsigned long total_len = strlen(field->normal.value) + len + 1;
@@ -351,9 +367,9 @@ int http_send_response(sock *client, http_res *res) {
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
}
off += sprintf(buf + off, "\r\n");
if (sock_send(client, buf, off, 0) < 0) {
if (sock_send_x(client, buf, off, 0) != off)
return -1;
}
return 0;
}
@@ -365,14 +381,21 @@ int http_send_request(sock *server, http_req *req) {
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
}
off += sprintf(buf + off, "\r\n");
long ret = sock_send(server, buf, off, 0);
if (ret <= 0) {
if (sock_send_x(server, buf, off, 0) != off)
return -1;
}
return 0;
}
const http_status *http_get_status(unsigned short status_code) {
int http_send_100_continue(sock *client) {
char buf[256];
char date_buf[64];
int size = sprintf(buf, "HTTP/1.1 100 Continue\r\nDate: %s\r\nServer: " SERVER_STR "\r\n\r\n",
http_get_date(date_buf, sizeof(date_buf)));
return sock_send_x(client, buf, size, 0) == -1 ? -1 : 0;
}
const http_status *http_get_status(status_code_t status_code) {
for (int i = 0; i < http_statuses_size; i++) {
if (http_statuses[i].code == status_code) {
return &http_statuses[i];
@@ -381,62 +404,55 @@ const http_status *http_get_status(unsigned short status_code) {
return NULL;
}
const http_status_msg *http_get_error_msg(const http_status *status) {
unsigned short code = status->code;
const http_status_msg *http_get_error_msg(status_code_t status_code) {
for (int i = 0; i < http_status_messages_size; i++) {
if (http_status_messages[i].code == code) {
if (http_status_messages[i].code == status_code) {
return &http_status_messages[i];
}
}
return NULL;
}
const char *http_get_status_color(const http_status *status) {
unsigned short code = status->code;
if (code >= 100 && code < 200) {
return HTTP_1XX_STR;
} else if ((code >= 200 && code < 300) || code == 304) {
return HTTP_2XX_STR;
} else if (code >= 300 && code < 400) {
return HTTP_3XX_STR;
} else if (code >= 400 && code < 500) {
return HTTP_4XX_STR;
} else if (code >= 500 && code < 600) {
return HTTP_5XX_STR;
const char *http_get_status_color(status_code_t status_code) {
if (status_code == 304) return HTTP_2XX_STR;
switch (status_code / 100) {
case 1: return HTTP_1XX_STR;
case 2: return HTTP_2XX_STR;
case 3: return HTTP_3XX_STR;
case 4: return HTTP_4XX_STR;
case 5: return HTTP_5XX_STR;
default: return "";
}
return "";
}
char *http_format_date(time_t time, char *buf, size_t size) {
struct tm timeinfo;
strftime(buf, size, "%a, %d %b %Y %H:%M:%S GMT", gmtime_r(&time, &timeinfo));
char *http_format_date(time_t ts, char *buf, size_t size) {
struct tm time_info;
strftime(buf, size, "%a, %d %b %Y %H:%M:%S GMT", gmtime_r(&ts, &time_info));
return buf;
}
char *http_get_date(char *buf, size_t size) {
time_t rawtime;
time(&rawtime);
return http_format_date(rawtime, buf, size);
time_t raw_time;
time(&raw_time);
return http_format_date(raw_time, buf, size);
}
const http_doc_info *http_get_status_info(const http_status *status) {
unsigned short code = status->code;
static http_doc_info info[] = {
const http_doc_info *http_get_status_info(status_code_t status_code) {
static const http_doc_info info[] = {
{"info", HTTP_COLOR_INFO, "/.sesimos/res/icon-info.svg", http_info_doc},
{"success", HTTP_COLOR_SUCCESS, "/.sesimos/res/icon-success.svg", http_success_doc},
{"warning", HTTP_COLOR_WARNING, "/.sesimos/res/icon-warning.svg", http_warning_doc},
{"error", HTTP_COLOR_ERROR, "/.sesimos/res/icon-error.svg", http_error_doc}
};
if (code >= 100 && code < 200) {
return &info[0];
} else if ((code >= 200 && code < 300) || code == 304) {
return &info[1];
} else if (code >= 300 && code < 400) {
return &info[2];
} else if (code >= 400 && code < 600) {
return &info[3];
if (status_code == 304) return &info[1];
switch (status_code / 100) {
case 1: return &info[0];
case 2: return &info[1];
case 3: return &info[2];
case 4: // see case 5
case 5: return &info[3];
default: return NULL;
}
return NULL;
}
int http_get_compression(const http_req *req, const http_res *res) {
@@ -444,11 +460,19 @@ int http_get_compression(const http_req *req, const http_res *res) {
const char *content_type = http_get_header_field(&res->hdr, "Content-Type");
const char *content_encoding = http_get_header_field(&res->hdr, "Content-Encoding");
if (mime_is_compressible(content_type) && content_encoding == NULL && accept_encoding != NULL) {
if (strstr(accept_encoding, "br") != NULL) {
if (strcontains(accept_encoding, "br")) {
return COMPRESS_BR;
} else if (strstr(accept_encoding, "gzip") != NULL) {
} else if (strcontains(accept_encoding, "gzip")) {
return COMPRESS_GZ;
}
}
return 0;
}
long http_get_keep_alive_timeout(http_hdr *hdr) {
const char *keep_alive = http_get_header_field(hdr, "Keep-Alive");
if (!keep_alive) return -1;
const char *timeout = strstr(keep_alive, "timeout=");
if (!timeout) return -1;
return strtol(timeout + 8, NULL, 10);
}

View File

@@ -39,6 +39,20 @@
#define CLIENT_MAX_HEADER_SIZE 8192
#define HTTP_INIT_HEADER_FIELD_NUM 16
#define HTTP_TYPE_INFORMATIONAL 1
#define HTTP_TYPE_SUCCESS 2
#define HTTP_TYPE_REDIRECTION 3
#define HTTP_TYPE_CLIENT_ERROR 4
#define HTTP_TYPE_SERVER_ERROR 5
#define HTTP_ERROR_GENERAL 1
#define HTTP_ERROR_SYSCALL 2
#define HTTP_ERROR_TOO_MANY_HEADER_FIELDS 3
#define HTTP_ERROR_EOH_NOT_FOUND 4
#define HTTP_ERROR_HEADER_MALFORMED 5
#define HTTP_ERROR_INVALID_VERSION 6
#define HTTP_ERROR_URI_TOO_LONG 7
#ifndef SERVER_STR
# define SERVER_STR "sesimos"
#endif
@@ -47,14 +61,16 @@
# define SERVER_STR_HTML "sesimos&nbsp;web&nbsp;server"
#endif
typedef unsigned short status_code_t;
typedef struct {
unsigned short code;
char type[16];
status_code_t code:10;
unsigned char type:3;
char msg[64];
} http_status;
typedef struct {
unsigned short code;
status_code_t code:10;
const char *msg;
} http_status_msg;
@@ -106,7 +122,7 @@ typedef enum {
} http_error_origin;
typedef struct {
unsigned short status;
status_code_t status;
http_error_origin origin;
const char* ws_key;
} http_status_ctx;
@@ -118,6 +134,8 @@ extern const int http_status_messages_size;
extern const char http_error_doc[], http_warning_doc[], http_success_doc[], http_info_doc[];
const char *http_error_str(int err);
void http_to_camel_case(char *str, int mode);
const char *http_field_get_name(const http_field *field);
@@ -142,17 +160,13 @@ int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr,
const char *http_get_header_field(const http_hdr *hdr, const char *field_name);
const char *http_get_header_field_len(const http_hdr *hdr, const char *field_name, unsigned long len);
int http_get_header_field_num(const http_hdr *hdr, const char *field_name);
int http_get_header_field_num_len(const http_hdr *hdr, const char *field_name, unsigned long len);
int http_add_header_field(http_hdr *hdr, const char *field_name, const char *field_value);
int http_add_header_field_len(http_hdr *hdr, const char *name, unsigned long name_len, const char *value, unsigned long value_len);
void http_append_to_header_field(http_field *field, const char *value, unsigned long len);
int http_add_to_header_field(http_hdr *hdr, const char *field_name, const char *field_value);
void http_remove_header_field(http_hdr *hdr, const char *field_name, int mode);
@@ -160,18 +174,22 @@ int http_send_response(sock *client, http_res *res);
int http_send_request(sock *server, http_req *req);
const http_status *http_get_status(unsigned short status_code);
int http_send_100_continue(sock *client);
const http_status_msg *http_get_error_msg(const http_status *status);
const http_status *http_get_status(status_code_t status_code);
const char *http_get_status_color(const http_status *status);
const http_status_msg *http_get_error_msg(status_code_t status_code);
const char *http_get_status_color(status_code_t status_code);
char *http_format_date(time_t time, char *buf, size_t size);
char *http_get_date(char *buf, size_t size);
const http_doc_info *http_get_status_info(const http_status *status);
const http_doc_info *http_get_status_info(status_code_t status_code);
int http_get_compression(const http_req *req, const http_res *res);
long http_get_keep_alive_timeout(http_hdr *hdr);
#endif //SESIMOS_HTTP_H

View File

@@ -4,103 +4,184 @@
* @file src/lib/http_static.c
* @author Lorenz Stechauner
* @date 2021-05-03
* @details https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
*/
#include "http.h"
const http_status http_statuses[] = {
{100, "Informational", "Continue"},
{101, "Informational", "Switching Protocols"},
{100, HTTP_TYPE_INFORMATIONAL, "Continue"},
{101, HTTP_TYPE_INFORMATIONAL, "Switching Protocols"},
{102, HTTP_TYPE_INFORMATIONAL, "Processing"},
{103, HTTP_TYPE_INFORMATIONAL, "Early Hints"},
{200, "Success", "OK"},
{201, "Success", "Created"},
{202, "Success", "Accepted"},
{203, "Success", "Non-Authoritative Information"},
{204, "Success", "No Content"},
{205, "Success", "Reset Content"},
{206, "Success", "Partial Content"},
{200, HTTP_TYPE_SUCCESS, "OK"},
{201, HTTP_TYPE_SUCCESS, "Created"},
{202, HTTP_TYPE_SUCCESS, "Accepted"},
{203, HTTP_TYPE_SUCCESS, "Non-Authoritative Information"},
{204, HTTP_TYPE_SUCCESS, "No Content"},
{205, HTTP_TYPE_SUCCESS, "Reset Content"},
{206, HTTP_TYPE_SUCCESS, "Partial Content"},
{207, HTTP_TYPE_SUCCESS, "Multi-Status"},
{208, HTTP_TYPE_SUCCESS, "Already Reported"},
{226, HTTP_TYPE_SUCCESS, "Instance Manipulation Used"},
{300, "Redirection", "Multiple Choices"},
{301, "Redirection", "Moved Permanently"},
{302, "Redirection", "Found"},
{303, "Redirection", "See Other"},
{304, "Success", "Not Modified"},
{305, "Redirection", "Use Proxy"},
{307, "Redirection", "Temporary Redirect"},
{308, "Redirection", "Permanent Redirect"},
{300, HTTP_TYPE_REDIRECTION, "Multiple Choices"},
{301, HTTP_TYPE_REDIRECTION, "Moved Permanently"},
{302, HTTP_TYPE_REDIRECTION, "Found"},
{303, HTTP_TYPE_REDIRECTION, "See Other"},
{304, HTTP_TYPE_SUCCESS, "Not Modified"},
{305, HTTP_TYPE_REDIRECTION, "Use Proxy"},
{307, HTTP_TYPE_REDIRECTION, "Temporary Redirect"},
{308, HTTP_TYPE_REDIRECTION, "Permanent Redirect"},
{400, "Client Error", "Bad Request"},
{401, "Client Error", "Unauthorized"},
{402, "Client Error", "Payment Required"},
{403, "Client Error", "Forbidden"},
{404, "Client Error", "Not Found"},
{405, "Client Error", "Method Not Allowed"},
{406, "Client Error", "Not Acceptable"},
{407, "Client Error", "Proxy Authentication Required"},
{408, "Client Error", "Request Timeout"},
{409, "Client Error", "Conflict"},
{410, "Client Error", "Gone"},
{411, "Client Error", "Length Required"},
{412, "Client Error", "Precondition Failed"},
{413, "Client Error", "Request Entity Too Large"},
{414, "Client Error", "Request-URI Too Long"},
{415, "Client Error", "Unsupported Media Type"},
{416, "Client Error", "Range Not Satisfiable"},
{417, "Client Error", "Expectation Failed"},
{400, HTTP_TYPE_CLIENT_ERROR, "Bad Request"},
{401, HTTP_TYPE_CLIENT_ERROR, "Unauthorized"},
{402, HTTP_TYPE_CLIENT_ERROR, "Payment Required"},
{403, HTTP_TYPE_CLIENT_ERROR, "Forbidden"},
{404, HTTP_TYPE_CLIENT_ERROR, "Not Found"},
{405, HTTP_TYPE_CLIENT_ERROR, "Method Not Allowed"},
{406, HTTP_TYPE_CLIENT_ERROR, "Not Acceptable"},
{407, HTTP_TYPE_CLIENT_ERROR, "Proxy Authentication Required"},
{408, HTTP_TYPE_CLIENT_ERROR, "Request Timeout"},
{409, HTTP_TYPE_CLIENT_ERROR, "Conflict"},
{410, HTTP_TYPE_CLIENT_ERROR, "Gone"},
{411, HTTP_TYPE_CLIENT_ERROR, "Length Required"},
{412, HTTP_TYPE_CLIENT_ERROR, "Precondition Failed"},
{413, HTTP_TYPE_CLIENT_ERROR, "Request Entity Too Large"},
{414, HTTP_TYPE_CLIENT_ERROR, "Request-URI Too Long"},
{415, HTTP_TYPE_CLIENT_ERROR, "Unsupported Media Type"},
{416, HTTP_TYPE_CLIENT_ERROR, "Range Not Satisfiable"},
{417, HTTP_TYPE_CLIENT_ERROR, "Expectation Failed"},
{421, HTTP_TYPE_CLIENT_ERROR, "Misdirected Request"},
{422, HTTP_TYPE_CLIENT_ERROR, "Unprocessable Content"},
{423, HTTP_TYPE_CLIENT_ERROR, "Locked"},
{424, HTTP_TYPE_CLIENT_ERROR, "Failed Dependency"},
{425, HTTP_TYPE_CLIENT_ERROR, "Too Early"},
{426, HTTP_TYPE_CLIENT_ERROR, "Upgrade Required"},
{428, HTTP_TYPE_CLIENT_ERROR, "Precondition Required"},
{429, HTTP_TYPE_CLIENT_ERROR, "Too Many Requests"},
{431, HTTP_TYPE_CLIENT_ERROR, "Request Header Fields Too Large"},
{451, HTTP_TYPE_CLIENT_ERROR, "Unavailable For Legal Reasons"},
{500, "Server Error", "Internal Server Error"},
{501, "Server Error", "Not Implemented"},
{502, "Server Error", "Bad Gateway"},
{503, "Server Error", "Service Unavailable"},
{504, "Server Error", "Gateway Timeout"},
{505, "Server Error", "HTTP Version Not Supported"},
{500, HTTP_TYPE_SERVER_ERROR, "Internal Server Error"},
{501, HTTP_TYPE_SERVER_ERROR, "Not Implemented"},
{502, HTTP_TYPE_SERVER_ERROR, "Bad Gateway"},
{503, HTTP_TYPE_SERVER_ERROR, "Service Unavailable"},
{504, HTTP_TYPE_SERVER_ERROR, "Gateway Timeout"},
{505, HTTP_TYPE_SERVER_ERROR, "HTTP Version Not Supported"},
{506, HTTP_TYPE_SERVER_ERROR, "Variant Also Negotiates"},
{507, HTTP_TYPE_SERVER_ERROR, "Insufficient Storage"},
{508, HTTP_TYPE_SERVER_ERROR, "Loop Detected"},
{511, HTTP_TYPE_SERVER_ERROR, "Network Authentication Required"},
};
const http_status_msg http_status_messages[] = {
{100, "The client SHOULD continue with its request."},
{101, "The server understands and is willing to comply with the clients request, via the Upgrade message header field, for a change in the application protocol being used on this connection."},
{100, "The client SHOULD continue with its request. The server MUST send a final response after the request "
"has been completed."},
{101, "The server understands and is willing to comply with the clients request, via the Upgrade message "
"header field, for a change in the application protocol being used on this connection."},
{102, "The server has a reasonable expectation that the request will take significant time to complete. The "
"server MUST send a final response after the request has been completed."},
{103, "The client can speculatively evaluate the header fields included in the response while waiting for the "
"final response. The server MUST send a final response after the request has been completed."},
{200, "The request has succeeded."},
{201, "The request has been fulfilled and resulted in a new resource being created."},
{202, "The request has been accepted for processing, but the processing has not been completed."},
{203, "The returned meta information in the entity-header is not the definitive set as available from the origin server, but is gathered from a local or a third-party copy."},
{204, "The server has fulfilled the request but does not need to return an entity-body, and might want to return updated meta information."},
{205, "The server has fulfilled the request and the user agent SHOULD reset the document view which caused the request to be sent."},
{203, "The returned meta information in the entity-header is not the definitive set as available from the "
"origin server, but is gathered from a local or a third-party copy."},
{204, "The server has fulfilled the request but does not need to return an entity-body, and might want to "
"return updated meta information."},
{205, "The server has fulfilled the request and the user agent SHOULD reset the document view which caused the "
"request to be sent."},
{206, "The server has fulfilled the partial GET request for the resource."},
{207, "The response provides status for multiple independent operations."},
{208, "The response is used to avoid enumerating the internal members of multiple bindings to the same "
"collection repeatedly."},
{226, "The server has fulfilled a GET request for the resource, and the response is a representation of the "
"result of one or more instance-manipulations applied to the current instance."},
{300, "The requested resource corresponds to any one of a set of representations, each with its own specific location, and agent-driven negotiation information is being provided so that the user (or user agent) can select a preferred representation and redirect its request to that location."},
{301, "The requested resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs."},
{300, "The requested resource corresponds to any one of a set of representations, each with its own specific "
"location, and agent-driven negotiation information is being provided so that the user (or user agent) "
"can select a preferred representation and redirect its request to that location."},
{301, "The requested resource has been assigned a new permanent URI and any future references to this resource "
"SHOULD use one of the returned URIs."},
{302, "The requested resource resides temporarily under a different URI."},
{303, "The response to the request can be found under a different URI and SHOULD be retrieved using a GET method on that resource."},
{303, "The response to the request can be found under a different URI and SHOULD be retrieved using a GET "
"method on that resource."},
{304, "The request has been fulfilled and the requested resource has not been modified."},
{305, "The requested resource MUST be accessed through the proxy given by the Location field."},
{307, "The requested resource resides temporarily under a different URI."},
{308, "The requested resource has been assigned a new permanent URI and any future references to this resource ought to use one of the enclosed URIs."},
{308, "The requested resource has been assigned a new permanent URI and any future references to this resource "
"ought to use one of the enclosed URIs."},
{400, "The request could not be understood by the server due to malformed syntax."},
{401, "The request requires user authentication."},
{403, "The server understood the request, but is refusing to fulfill it."},
{404, "The server has not found anything matching the Request-URI."},
{405, "The method specified in the Request-Line is not allowed for the resource identified by the Request-URI."},
{406, "The resource identified by the request is only capable of generating response entities which have content characteristics not acceptable according to the accept headers sent in the request."},
{405, "The method specified in the Request-Line is not allowed for the resource identified by the "
"Request-URI."},
{406, "The resource identified by the request is only capable of generating response entities which have "
"content characteristics not acceptable according to the accept headers sent in the request."},
{407, "The request requires user authentication on the proxy."},
{408, "The client did not produce a request within the time that the server was prepared to wait."},
{409, "The request could not be completed due to a conflict with the current state of the resource."},
{410, "The requested resource is no longer available at the server and no forwarding address is known."},
{411, "The server refuses to accept the request without a defined Content-Length."},
{412, "The precondition given in one or more of the request-header fields evaluated to false when it was tested on the server."},
{413, "The server is refusing to process a request because the request entity is larger than the server is willing or able to process."},
{414, "The server is refusing to service the request because the Request-URI is longer than the server is willing to interpret."},
{415, "The server is refusing to service the request because the entity of the request is in a format not supported by the requested resource for the requested method."},
{416, "None of the ranges in the requests Range header field overlap the current extent of the selected resource or that the set of ranges requested has been rejected due to invalid ranges or an excessive request of small or overlapping ranges."},
{417, "The expectation given in an Expect request-header field could not be met by this server, or, if the server is a proxy, the server has unambiguous evidence that the request could not be met by the next-hop server."},
{412, "The precondition given in one or more of the request-header fields evaluated to false when it was "
"tested on the server."},
{413, "The server is refusing to process a request because the request entity is larger than the server is "
"willing or able to process."},
{414, "The server is refusing to service the request because the Request-URI is longer than the server is "
"willing to interpret."},
{415, "The server is refusing to service the request because the entity of the request is in a format not "
"supported by the requested resource for the requested method."},
{416, "None of the ranges in the requests Range header field overlap the current extent of the selected "
"resource or that the set of ranges requested has been rejected due to invalid ranges or an excessive "
"request of small or overlapping ranges."},
{417, "The expectation given in an Expect request-header field could not be met by this server, or, if the "
"server is a proxy, the server has unambiguous evidence that the request could not be met by the "
"next-hop server."},
{421, "The server is not able to produce a response. The client MAY retry the request over a different "
"connection."},
{422, "The server understands the content type of the request content, and the syntax of the request content "
"is correct, but the server was unable to process the contained information."},
{423, "The source or destination resource of a method is locked."},
{424, "The method could not be performed on the resource because the requested action depended on another "
"action and that action failed."},
{425, "The server is unwilling to risk processing a request that might be replayed."},
{426, "The server refuses to perform the request using the current protocol but might be willing to do so "
"after the client upgrades to a different protocol. The server MUST send an Upgrade header field to"
"indicate the required protocol(s)."},
{428, "The origin server requires the request to be conditional. By requiring requests to be conditional, the "
"server can assure that clients are working with the correct copies and thus avoiding a lost update."},
{429, "The client has sent too many requests in a given amount of time."},
{431, "The server is unwilling to process the request because its header fields are too large. The request MAY "
"be resubmitted after reducing the size of the request header fields."},
{451, "The server is denying access to the resource as a consequence of a legal demand."},
{500, "The server encountered an unexpected condition which prevented it from fulfilling the request."},
{501, "The server does not support the functionality required to fulfill the request."},
{502, "The server, while acting as a gateway or proxy, received an invalid response from the upstream server it accessed in attempting to fulfill the request."},
{503, "The server is currently unable to handle the request due to a temporary overloading or maintenance of the server."},
{504, "The server, while acting as a gateway or proxy, did not receive a timely response from the upstream server specified by the URI or some other auxiliary server it needed to access in attempting to complete the request."},
{505, "The server does not support, or refuses to support, the HTTP protocol version that was used in the request message."}
{502, "The server, while acting as a gateway or proxy, received an invalid response from the upstream server "
"it accessed in attempting to fulfill the request."},
{503, "The server is currently unable to handle the request due to a temporary overloading or maintenance of "
"the server."},
{504, "The server, while acting as a gateway or proxy, did not receive a timely response from the upstream "
"server specified by the URI or some other auxiliary server it needed to access in attempting to "
"complete the request."},
{505, "The server does not support, or refuses to support, the HTTP protocol version that was used in the "
"request message."},
{506, "The server has an internal configuration error: the chosen variant resource is configured to engage in "
"transparent content negotiation itself, and is therefore not a proper end point in the negotiation "
"process."},
{507, "The method could not be performed on the resource because the server is unable to store the "
"representation needed to successfully complete the request. This condition is considered to be "
"temporary."},
{508, "The server terminated an operation because it encountered an infinite loop while processing the "
"request."},
{511, "The client needs to authenticate to gain network access. The response representation SHOULD contain a "
"link to a resource that allows the user to submit credentials."},
};
const int http_statuses_size = sizeof(http_statuses) / sizeof(http_status);

View File

@@ -15,10 +15,8 @@
typedef struct {
unsigned char version;
unsigned char type;
unsigned char requestIdB1;
unsigned char requestIdB0;
unsigned char contentLengthB1;
unsigned char contentLengthB0;
unsigned short requestId;
unsigned short contentLength;
unsigned char paddingLength;
unsigned char reserved;
} FCGI_Header;
@@ -56,8 +54,7 @@ typedef struct {
#define FCGI_NULL_REQUEST_ID 0
typedef struct {
unsigned char roleB1;
unsigned char roleB0;
unsigned short role;
unsigned char flags;
unsigned char reserved[5];
} FCGI_BeginRequestBody;
@@ -80,10 +77,7 @@ typedef struct {
#define FCGI_FILTER 3
typedef struct {
unsigned char appStatusB3;
unsigned char appStatusB2;
unsigned char appStatusB1;
unsigned char appStatusB0;
unsigned int appStatus;
unsigned char protocolStatus;
unsigned char reserved[3];
} FCGI_EndRequestBody;

View File

@@ -6,14 +6,19 @@
#include <errno.h>
#define FACTOR 4
#define meta(ptr) ((list_meta_t *) ((unsigned char *) (ptr) - sizeof(list_meta_t)))
#define data(ptr) ((unsigned char *) (ptr) + sizeof(list_meta_t))
typedef struct {
int init_size, elem_size, max_size, size;
} list_meta_t;
static void *list_resize(list_meta_t *list, int new_size) {
if (new_size <= 0)
if (new_size <= 0) {
return NULL;
} else if (new_size == list->max_size) {
return list;
}
list_meta_t *new_ptr = realloc(list, sizeof(list_meta_t) + list->elem_size * new_size);
if (new_ptr == NULL)
@@ -30,21 +35,24 @@ void *list_create(int elem_size, int init_elem_n) {
}
void *list_ptr = malloc(sizeof(list_meta_t) + elem_size * init_elem_n);
if (list_ptr == NULL)
return NULL;
memset(list_ptr, 0, sizeof(list_meta_t) + elem_size * init_elem_n);
list_meta_t *list = list_ptr;
list->init_size = init_elem_n;
list->elem_size = elem_size;
list->max_size = init_elem_n;
list->size = 0;
return (unsigned char *) list_ptr + sizeof(list_meta_t);
return data(list_ptr);
}
int list_size(const void *list_ptr) {
list_meta_t *list = (void *) ((unsigned char *) list_ptr - sizeof(list_meta_t));
return list->size;
return meta(list_ptr)->size;
}
int list_find(void *list_ptr, void *elem) {
list_meta_t *list = (void *) ((unsigned char *) list_ptr - sizeof(list_meta_t));
list_meta_t *list = meta(list_ptr);
unsigned char *array = list_ptr;
for (int i = 0; i < list->size; i++) {
@@ -56,36 +64,39 @@ int list_find(void *list_ptr, void *elem) {
return -1;
}
int list_contains(void *list_ptr, void *elem) {
return list_find(list_ptr, elem) != -1;
}
void *list_insert(void *list_ptr, void *elem, int n) {
void *ptr = NULL;
list_ptr = list_insert_ptr(list_ptr, &ptr, n);
if (list_ptr != NULL && ptr != NULL) {
list_meta_t *list = (void *) ((unsigned char *) list_ptr - sizeof(list_meta_t));
memcpy(ptr, elem, list->elem_size);
memcpy(ptr, elem, meta(list_ptr)->elem_size);
}
return list_ptr;
}
void *list_insert_ptr(void *list_ptr, void **elem, int n) {
list_meta_t *list = (void *) ((unsigned char *) list_ptr - sizeof(list_meta_t));
list_meta_t *list = meta(list_ptr);
if (n < 0)
n = list->size + n + 1;
if (list->size >= list->max_size) {
if ((list = list_resize(list, list->max_size * FACTOR)) == NULL) {
if ((list = list_resize(list, list->max_size * FACTOR)) == NULL)
return NULL;
}
}
unsigned char *array = (unsigned char *) list + sizeof(list_meta_t);
unsigned char *array = data(list);
if (n < list->size)
memmove(array + (n + 1) * list->elem_size, array + n * list->elem_size, (list->size - n) * list->elem_size);
*elem = array + n * list->elem_size;
memset(*elem, 0, list->elem_size);
list->size++;
return (unsigned char *) list + sizeof(list_meta_t);
return array;
}
void *list_append(void *list_ptr, void *elem) {
@@ -97,7 +108,7 @@ void *list_append_ptr(void *list_ptr, void **elem) {
}
void *list_remove(void *list_ptr, int n) {
list_meta_t *list = (void *) ((unsigned char *) list_ptr - sizeof(list_meta_t));
list_meta_t *list = meta(list_ptr);
if (n < 0)
n = list->size + n;
@@ -107,13 +118,15 @@ void *list_remove(void *list_ptr, int n) {
memmove(array + n * list->elem_size, array + (n + 1) * list->elem_size, (list->size - n - 1) * list->elem_size);
list->size--;
if (list->size < list->max_size / FACTOR / 2 && list->max_size / FACTOR >= list->init_size) {
memset(array + list->size * list->elem_size, 0, list->elem_size);
if (list->size <= list->max_size / FACTOR * 3 / 4 && list->max_size / FACTOR >= list->init_size) {
if ((list = list_resize(list, list->max_size / FACTOR)) == NULL) {
return NULL;
}
}
return (unsigned char *) list + sizeof(list_meta_t);
return data(list);
}
void *list_delete(void *list_ptr, void *elem) {
@@ -126,14 +139,12 @@ void *list_delete(void *list_ptr, void *elem) {
}
void *list_clear(void *list_ptr) {
list_meta_t *list = (void *) ((unsigned char *) list_ptr - sizeof(list_meta_t));
list_meta_t *list = meta(list_ptr);
list->size = 0;
memset(list_ptr, 0, list->max_size * list->elem_size);
list->max_size = list->init_size;
return (unsigned char *) list_resize(list, list->max_size * list->elem_size) + sizeof(list_meta_t);
return data(list_resize(list, list->init_size));
}
void list_free(void *list_ptr) {
list_meta_t *list = (void *) ((unsigned char *) list_ptr - sizeof(list_meta_t));
free(list);
free(meta(list_ptr));
}

View File

@@ -8,6 +8,8 @@ int list_size(const void *list_ptr);
int list_find(void *list_ptr, void *elem);
int list_contains(void *list_ptr, void *elem);
void *list_insert(void *list_ptr, void *elem, int n);
void *list_insert_ptr(void *list_ptr, void **elem, int n);

View File

@@ -52,22 +52,20 @@ int mpmc_init(mpmc_t *ctx, int n_workers, int buf_size, void (*consumer)(void *o
int mpmc_queue(mpmc_t *ctx, void *obj) {
// wait for buffer to be emptied
try_again_1:
if (sem_wait(&ctx->free) != 0) {
while (sem_wait(&ctx->free) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_1;
continue;
} else {
return -1;
}
}
// lock wr field
try_again_2:
if (sem_wait(&ctx->lck_wr) != 0) {
while (sem_wait(&ctx->lck_wr) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_2;
continue;
} else {
sem_post(&ctx->free);
return -1;
@@ -151,6 +149,7 @@ void mpmc_destroy(mpmc_t *ctx) {
mpmc_stop(ctx);
for (int i = 0; i < ctx->n_workers; i++) {
if (ctx->workers[i] == -1) break;
debug("Waiting for worker %s/%i to finish...", ctx->name, i);
pthread_kill(ctx->workers[i], SIGUSR1);
pthread_join(ctx->workers[i], NULL);
}

View File

@@ -11,18 +11,21 @@
#include "../logger.h"
#include "proxy.h"
#include "utils.h"
#include "compress.h"
#include "config.h"
#include "error.h"
#include <openssl/ssl.h>
#include <string.h>
#include <errno.h>
#include <openssl/err.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <semaphore.h>
static SSL_CTX *proxy_ctx = NULL;
static proxy_ctx_t *proxies = NULL;
static sem_t *available = NULL;
static sem_t lock;
static int num_proxy_hosts = -1;
int proxy_preload(void) {
int n = 0;
@@ -33,37 +36,65 @@ int proxy_preload(void) {
n++;
}
// FIXME return value check
proxy_ctx = SSL_CTX_new(TLS_client_method());
if (proxy_ctx == NULL) {
return -1;
}
proxies = malloc(n * MAX_PROXY_CNX_PER_HOST * sizeof(proxy_ctx_t));
if (proxies == NULL) {
proxy_unload();
return -1;
}
memset(proxies, 0, n * MAX_PROXY_CNX_PER_HOST * sizeof(proxy_ctx_t));
available = malloc(n * sizeof(*available));
if (available == NULL) {
proxy_unload();
return -1;
}
for (int i = 0; i < n; i++) {
if (sem_init(&available[i], 0, MAX_PROXY_CNX_PER_HOST) != 0) {
proxy_unload();
return -1;
}
}
if (sem_init(&lock, 0, 1) != 0) {
proxy_unload();
return -1;
}
num_proxy_hosts = n;
return 0;
}
void proxy_unload(void) {
int e = errno;
SSL_CTX_free(proxy_ctx);
sem_destroy(&lock);
if (num_proxy_hosts != -1) {
for (int i = 0; i < num_proxy_hosts; i++) {
sem_destroy(&available[i]);
}
}
free(available);
free(proxies);
errno = e;
}
void proxy_close_all(void) {
int n = 0;
for (int i = 0; i < CONFIG_MAX_HOST_CONFIG; i++) {
host_config_t *hc = &config.hosts[i];
if (hc->type == CONFIG_TYPE_UNSET) break;
if (hc->type != CONFIG_TYPE_REVERSE_PROXY) continue;
n++;
}
proxy_ctx_t *ptr = proxies;
for (int i = 0; i < MAX_PROXY_CNX_PER_HOST * n; i++, ptr++) {
if (ptr->initialized)
for (int i = 0; i < MAX_PROXY_CNX_PER_HOST * num_proxy_hosts; i++, ptr++) {
if (ptr->initialized) {
proxy_close(ptr);
logger_set_prefix("");
}
}
}
static proxy_ctx_t *proxy_get_by_conf(host_config_t *conf) {
// TODO locking void *proxies
proxy_ctx_t *proxy_get_by_conf(host_config_t *conf) {
int n = 0;
for (int i = 0; i < CONFIG_MAX_HOST_CONFIG; i++) {
host_config_t *hc = &config.hosts[i];
@@ -73,16 +104,55 @@ static proxy_ctx_t *proxy_get_by_conf(host_config_t *conf) {
n++;
}
while (sem_wait(&available[n]) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
return NULL;
}
}
while (sem_wait(&lock) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
sem_post(&available[n]);
return NULL;
}
}
proxy_ctx_t *ptr = proxies + n * MAX_PROXY_CNX_PER_HOST;
for (int i = 0; i < MAX_PROXY_CNX_PER_HOST; i++, ptr++) {
if (!ptr->in_use) {
ptr->in_use = 1;
sem_post(&lock);
return ptr;
}
}
sem_post(&lock);
sem_post(&available[n]);
return NULL;
}
int proxy_unlock_ctx(proxy_ctx_t *ctx) {
int n = (int) ((ctx - proxies) / MAX_PROXY_CNX_PER_HOST);
if (ctx->close) proxy_close(ctx);
debug("Released proxy connection slot %i/%i", (ctx - proxies) % MAX_PROXY_CNX_PER_HOST, MAX_PROXY_CNX_PER_HOST);
ctx->in_use = 0;
ctx->client = NULL;
sem_post(&available[n]);
if (!ctx->close) {
return 1;
} else {
ctx->close = 0;
return 0;
}
}
int proxy_request_header(http_req *req, sock *sock) {
char buf1[256], buf2[256];
int p_len;
@@ -101,20 +171,19 @@ int proxy_request_header(http_req *req, sock *sock) {
http_add_header_field(&req->hdr, "Via", buf2);
}
const char *host = http_get_header_field(&req->hdr, "Host");
const char *forwarded = http_get_header_field(&req->hdr, "Forwarded");
int client_ipv6 = strchr(sock->addr, ':') != NULL;
int server_ipv6 = strchr(sock->s_addr, ':') != NULL;
p_len = snprintf(buf1, sizeof(buf1), "by=%s%s%s;for=%s%s%s;host=%s;proto=%s",
server_ipv6 ? "\"[" : "", sock->s_addr, server_ipv6 ? "]\"" : "",
client_ipv6 ? "\"[" : "", sock->addr, client_ipv6 ? "]\"" : "",
host, sock->enc ? "https" : "http");
http_get_header_field(&req->hdr, "Host"), sock->enc ? "https" : "http");
if (p_len < 0 || p_len >= sizeof(buf1)) {
error("Appended part of header field 'Forwarded' too long");
return -1;
}
const char *forwarded = http_get_header_field(&req->hdr, "Forwarded");
if (forwarded == NULL) {
http_add_header_field(&req->hdr, "Forwarded", buf1);
} else {
@@ -137,9 +206,10 @@ int proxy_request_header(http_req *req, sock *sock) {
}
const char *xfh = http_get_header_field(&req->hdr, "X-Forwarded-Host");
forwarded = http_get_header_field(&req->hdr, "Forwarded");
if (xfh == NULL) {
if (forwarded == NULL) {
http_add_header_field(&req->hdr, "X-Forwarded-Host", host);
http_add_header_field(&req->hdr, "X-Forwarded-Host", http_get_header_field(&req->hdr, "Host"));
} else {
char *ptr = strchr(forwarded, ',');
unsigned long len;
@@ -158,6 +228,7 @@ int proxy_request_header(http_req *req, sock *sock) {
}
const char *xfp = http_get_header_field(&req->hdr, "X-Forwarded-Proto");
forwarded = http_get_header_field(&req->hdr, "Forwarded");
if (xfp == NULL) {
if (forwarded == NULL) {
http_add_header_field(&req->hdr, "X-Forwarded-Proto", sock->enc ? "https" : "http");
@@ -206,24 +277,28 @@ int proxy_response_header(http_req *req, http_res *res, host_config_t *conf) {
const char *location = http_get_header_field(&res->hdr, "Location");
if (location != NULL) {
char *hostnames[] = {conf->name, conf->proxy.hostname};
int found = 0;
for (int i = 0; i < sizeof(hostnames) / sizeof(hostnames[0]); i++) {
char *hostname = hostnames[i];
found = 1;
p_len = snprintf(buf1, sizeof(buf1), "http://%s/", hostname);
if (strncmp(location, buf1, p_len) == 0) goto match;
if (strstarts(location, buf1)) break;
p_len = snprintf(buf1, sizeof(buf1), "https://%s/", hostname);
if (strncmp(location, buf1, p_len) == 0) goto match;
if (strstarts(location, buf1)) break;
p_len = snprintf(buf1, sizeof(buf1), "http://%s:%i/", hostname, conf->proxy.port);
if (strncmp(location, buf1, p_len) == 0) goto match;
if (strstarts(location, buf1)) break;
p_len = snprintf(buf1, sizeof(buf1), "https://%s:%i/", hostname, conf->proxy.port);
if (strncmp(location, buf1, p_len) == 0) goto match;
if (strstarts(location, buf1)) break;
found = 0;
}
if (0) {
match:
if (found) {
strcpy(buf1, location + p_len - 1);
http_remove_header_field(&res->hdr, "Location", HTTP_REMOVE_ALL);
http_add_header_field(&res->hdr, "Location", buf1);
@@ -233,87 +308,39 @@ int proxy_response_header(http_req *req, http_res *res, host_config_t *conf) {
return 0;
}
int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_status_ctx *ctx, host_config_t *conf, sock *client, http_status *custom_status, char *err_msg) {
char buffer[CHUNK_SIZE];
const char *connection, *upgrade, *ws_version;
long ret;
int tries = 0, retry = 0;
static int proxy_connect(proxy_ctx_t *proxy, host_config_t *conf, http_res *res, http_status_ctx *ctx, char *err_msg) {
char err_buf[256], addr_buf[1024];
*proxy_ptr = proxy_get_by_conf(conf);
proxy_ctx_t *proxy = *proxy_ptr;
proxy->client = NULL;
proxy->in_use = 1;
info(BLUE_STR "Connecting to " BLD_STR "[%s]:%i" CLR_STR BLUE_STR "...", conf->proxy.hostname, conf->proxy.port);
if (proxy->initialized && sock_has_pending(&proxy->proxy) == 0)
goto proxy;
retry:
if (proxy->initialized) {
info(BLUE_STR "Closing proxy connection");
sock_close(&proxy->proxy);
proxy->initialized = 0;
}
retry = 0;
tries++;
proxy->proxy.socket = socket(AF_INET6, SOCK_STREAM, 0);
if (proxy->proxy.socket < 0) {
error("Unable to create socket");
res->status = http_get_status(500);
ctx->origin = INTERNAL;
return -1;
}
if (sock_set_timeout(&proxy->proxy, SERVER_TIMEOUT_INIT) != 0)
goto proxy_timeout_err;
struct hostent *host_ent = gethostbyname2(conf->proxy.hostname, AF_INET6);
if (host_ent == NULL) {
host_ent = gethostbyname2(conf->proxy.hostname, AF_INET);
if (host_ent == NULL) {
res->status = http_get_status(503);
ctx->origin = SERVER_REQ;
error("Unable to connect to server: Name or service not known");
sprintf(err_msg, "Unable to connect to server: Name or service not known.");
goto proxy_err;
}
}
struct sockaddr_in6 address = {.sin6_family = AF_INET6, .sin6_port = htons(conf->proxy.port)};
if (host_ent->h_addrtype == AF_INET6) {
memcpy(&address.sin6_addr, host_ent->h_addr_list[0], host_ent->h_length);
} else if (host_ent->h_addrtype == AF_INET) {
unsigned char addr[16] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF, 0, 0, 0, 0};
memcpy(addr + 12, host_ent->h_addr_list[0], host_ent->h_length);
memcpy(&address.sin6_addr, addr, 16);
}
inet_ntop(address.sin6_family, (void *) &address.sin6_addr, buffer, sizeof(buffer));
info(BLUE_STR "Connecting to " BLD_STR "[%s]:%i" CLR_STR BLUE_STR "...", buffer, conf->proxy.port);
if (connect(proxy->proxy.socket, (struct sockaddr *) &address, sizeof(address)) < 0) {
if (errno == ETIMEDOUT || errno == EINPROGRESS) {
int fd;
if ((fd = sock_connect(conf->proxy.hostname, conf->proxy.port, SERVER_SOCKET_TIMEOUT_INIT, addr_buf, sizeof(addr_buf))) == -1) {
if (errno == ETIMEDOUT || errno == EINPROGRESS || errno == EHOSTDOWN || errno == EHOSTUNREACH) {
res->status = http_get_status(504);
ctx->origin = SERVER_REQ;
} else if (errno == ECONNREFUSED) {
res->status = http_get_status(503);
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
} else if (errno == ECONNABORTED || errno == ECONNRESET) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
} else {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
}
error("Unable to connect to [%s]:%i: %s", buffer, conf->proxy.port, strerror(errno));
sprintf(err_msg, "Unable to connect to server: %s.", strerror(errno));
goto proxy_err;
error("Unable to connect to [%s]:%i", addr_buf, conf->proxy.port);
sprintf(err_msg, "Unable to connect to server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
return -1;
}
sock_init(&proxy->proxy, fd, 0);
if (sock_set_timeout(&proxy->proxy, SERVER_TIMEOUT) != 0) {
proxy_timeout_err:
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unable to set timeout for reverse proxy socket");
sprintf(err_msg, "Unable to set timeout for reverse proxy socket: %s", strerror(errno));
goto proxy_err;
sprintf(err_msg, "Unable to set timeout for reverse proxy socket: %s", error_str(errno, err_buf, sizeof(err_buf)));
return -1;
}
if (conf->proxy.enc) {
@@ -321,30 +348,45 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
SSL_set_fd(proxy->proxy.ssl, proxy->proxy.socket);
SSL_set_connect_state(proxy->proxy.ssl);
ret = SSL_do_handshake(proxy->proxy.ssl);
proxy->proxy._last_ret = ret;
proxy->proxy._errno = errno;
proxy->proxy._ssl_error = ERR_get_error();
proxy->proxy.enc = 1;
if (ret < 0) {
int ret;
if ((ret = SSL_do_handshake(proxy->proxy.ssl)) != 1) {
sock_error(&proxy->proxy, (int) ret);
SSL_free(proxy->proxy.ssl);
proxy->proxy.ssl = NULL;
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to perform handshake: %s", sock_strerror(&proxy->proxy));
sprintf(err_msg, "Unable to perform handshake: %s.", sock_strerror(&proxy->proxy));
goto proxy_err;
error("Unable to perform handshake");
sprintf(err_msg, "Unable to perform handshake: %s.", error_str(errno, err_buf, sizeof(err_buf)));
return -1;
}
proxy->proxy.enc = 1;
}
proxy->initialized = 1;
proxy->cnx_s = clock_micros();
proxy->host = conf->name;
info(BLUE_STR "Established new connection with " BLD_STR "[%s]:%i", buffer, conf->proxy.port);
proxy->http_timeout = 0;
proxy:
connection = http_get_header_field(&req->hdr, "Connection");
if (connection != NULL && (strstr(connection, "upgrade") != NULL || strstr(connection, "Upgrade") != NULL)) {
upgrade = http_get_header_field(&req->hdr, "Upgrade");
ws_version = http_get_header_field(&req->hdr, "Sec-WebSocket-Version");
if (upgrade != NULL && ws_version != NULL && strcmp(upgrade, "websocket") == 0 && strcmp(ws_version, "13") == 0) {
info(BLUE_STR "Established new connection with " BLD_STR "[%s]:%i" CLR_STR BLUE_STR " (slot %i/%i)",
addr_buf, conf->proxy.port, (proxy - proxies) % MAX_PROXY_CNX_PER_HOST, MAX_PROXY_CNX_PER_HOST);
return 0;
}
int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_status_ctx *ctx, host_config_t *conf, sock *client, http_status *custom_status, char *err_msg) {
char buffer[CHUNK_SIZE], err_buf[256];
long ret;
*proxy_ptr = proxy_get_by_conf(conf);
proxy_ctx_t *proxy = *proxy_ptr;
proxy->client = NULL;
debug("Selected proxy connection slot %i/%i", (proxy - proxies) % MAX_PROXY_CNX_PER_HOST, MAX_PROXY_CNX_PER_HOST);
const char *connection = http_get_header_field(&req->hdr, "Connection");
if (strcontains(connection, "upgrade") || strcontains(connection, "Upgrade")) {
const char *upgrade = http_get_header_field(&req->hdr, "Upgrade");
const char *ws_version = http_get_header_field(&req->hdr, "Sec-WebSocket-Version");
if (streq(upgrade, "websocket") && streq(ws_version, "13")) {
ctx->ws_key = http_get_header_field(&req->hdr, "Sec-WebSocket-Key");
} else {
res->status = http_get_status(501);
@@ -363,64 +405,184 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
return -1;
}
ret = http_send_request(&proxy->proxy, req);
if (ret < 0) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to send request to server (1): %s", sock_strerror(&proxy->proxy));
sprintf(err_msg, "Unable to send request to server: %s.", sock_strerror(&proxy->proxy));
retry = tries < 4;
goto proxy_err;
}
for (int retry = 1, srv_error = 0, tries = 0;; tries++) {
errno = 0;
if (!retry)
return -1;
const char *content_length = http_get_header_field(&req->hdr, "Content-Length");
unsigned long content_len = content_length != NULL ? strtoul(content_length, NULL, 10) : 0;
const char *transfer_encoding = http_get_header_field(&req->hdr, "Transfer-Encoding");
// honor server timeout with one second buffer
if (!proxy->initialized || srv_error ||
(proxy->http_timeout > 0 && (clock_micros() - proxy->proxy.ts_last_send) >= proxy->http_timeout) ||
sock_has_pending(&proxy->proxy, SOCK_DONTWAIT))
{
if (proxy->initialized)
proxy_close(proxy);
ret = 0;
if (content_len > 0) {
ret = sock_splice(&proxy->proxy, client, buffer, sizeof(buffer), content_len);
} else if (transfer_encoding != NULL && strstr(transfer_encoding, "chunked") != NULL) {
ret = sock_splice_chunked(&proxy->proxy, client, buffer, sizeof(buffer));
}
retry = 0;
srv_error = 0;
tries++;
if (ret < 0 || (content_len != 0 && ret != content_len)) {
if (ret == -1) {
if (proxy_connect(proxy, conf, res, ctx, err_msg) != 0)
continue;
}
ret = http_send_request(&proxy->proxy, req);
if (ret < 0) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to send request to server (2): %s", sock_strerror(&proxy->proxy));
sprintf(err_msg, "Unable to send request to server: %s.", sock_strerror(&proxy->proxy));
error("Unable to send request to server (1)");
sprintf(err_msg, "Unable to send request to server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
retry = tries < 4;
goto proxy_err;
} else if (ret == -2) {
res->status = http_get_status(400);
ctx->origin = CLIENT_REQ;
error("Unable to receive request from client: %s", sock_strerror(client));
sprintf(err_msg, "Unable to receive request from client: %s.", sock_strerror(client));
srv_error = 1;
continue;
}
break;
}
const char *client_expect = http_get_header_field(&req->hdr, "Expect");
int expect_100_continue = (client_expect != NULL && strcasecmp(client_expect, "100-continue") == 0);
int ignore_content = 0;
if (expect_100_continue) {
http_res tmp_res = {
.version = "1.1",
.status = http_get_status(501),
};
if (http_init_hdr(&tmp_res.hdr) != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unable to initialize http header");
return -1;
}
ret = proxy_peek_response(proxy, &tmp_res, ctx, custom_status, err_msg);
http_free_hdr(&tmp_res.hdr);
if (ret < 0)
return (int) ret;
if (tmp_res.status->code == 100) {
if (sock_recv_x(&proxy->proxy, buffer, ret, 0) == -1) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
error("Unable to receive from server");
return -1;
}
info("%s -> %03i %s%s", http_get_status_color(tmp_res.status->code), tmp_res.status->code, tmp_res.status->msg, CLR_STR);
if (http_send_response(client, &tmp_res) != 0) {
res->status = http_get_status(400);
ctx->origin = CLIENT_RES;
error("Unable to send to client");
return -1;
}
} else {
ignore_content = 1;
}
}
if (!ignore_content) {
const char *content_length = http_get_header_field(&req->hdr, "Content-Length");
unsigned long content_len = content_length != NULL ? strtoul(content_length, NULL, 10) : 0;
const char *transfer_encoding = http_get_header_field(&req->hdr, "Transfer-Encoding");
ret = 0;
if (content_len > 0) {
ret = sock_splice(&proxy->proxy, client, buffer, sizeof(buffer), content_len);
} else if (strcontains(transfer_encoding, "chunked")) {
ret = sock_splice_chunked(&proxy->proxy, client, buffer, sizeof(buffer), SOCK_CHUNKED);
}
if (ret < 0 || (content_len != 0 && ret != content_len)) {
if (ret == -1 && errno != EPROTO) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to send request to server (2)");
sprintf(err_msg, "Unable to send request to server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
return -1;
} else if (ret == -1) {
res->status = http_get_status(400);
ctx->origin = CLIENT_REQ;
error("Unable to receive request from client");
sprintf(err_msg, "Unable to receive request from client: %s.", error_str(errno, err_buf, sizeof(err_buf)));
return -1;
}
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unknown Error");
return -1;
}
}
if (sock_set_socket_timeout(&proxy->proxy, SERVER_SOCKET_TIMEOUT_RES) != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unknown Error");
error("Unable to set timeout for reverse proxy socket");
return -1;
}
ret = sock_recv(&proxy->proxy, buffer, sizeof(buffer), MSG_PEEK);
while (1) {
ret = proxy_peek_response(proxy, res, ctx, custom_status, err_msg);
if (ret < 0) {
return (int) ret;
} else if (sock_recv_x(&proxy->proxy, buffer, ret, 0) == -1) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
error("Unable to receive from server");
return -1;
}
if (res->status->code == 100) {
info("%s -> %03i %s%s", http_get_status_color(res->status->code), res->status->code, res->status->msg, CLR_STR);
if (http_send_response(client, res) != 0) {
res->status = http_get_status(400);
ctx->origin = CLIENT_RES;
error("Unable to send to client");
return -1;
}
} else {
break;
}
}
long keep_alive_timeout = http_get_keep_alive_timeout(&res->hdr);
proxy->http_timeout = (keep_alive_timeout > 0) ? keep_alive_timeout * 1000000 : 0;
connection = http_get_header_field(&res->hdr, "Connection");
proxy->close = !streq(res->version, "1.1") || strcontains(connection, "close") || strcontains(connection, "Close");
ret = proxy_response_header(req, res, conf);
if (ret != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
return -1;
}
return 0;
}
int proxy_peek_response(proxy_ctx_t *proxy, http_res *res, http_status_ctx *ctx, http_status *custom_status, char *err_msg) {
char buffer[CHUNK_SIZE], err_buf[256];
long ret;
ret = sock_recv(&proxy->proxy, buffer, sizeof(buffer) - 1, MSG_PEEK);
if (ret <= 0) {
int enc_err = sock_enc_error(&proxy->proxy);
if (errno == EAGAIN || errno == EINPROGRESS || enc_err == SSL_ERROR_WANT_READ ||
enc_err == SSL_ERROR_WANT_WRITE)
{
int e_sys = error_get_sys(), e_ssl = error_get_ssl();
if (e_sys == EAGAIN || e_sys == EINPROGRESS || e_ssl == SSL_ERROR_WANT_READ || e_ssl == SSL_ERROR_WANT_WRITE) {
res->status = http_get_status(504);
ctx->origin = SERVER_RES;
} else {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
}
error("Unable to receive response from server: %s", sock_strerror(&proxy->proxy));
sprintf(err_msg, "Unable to receive response from server: %s.", sock_strerror(&proxy->proxy));
retry = tries < 4;
goto proxy_err;
error("Unable to receive response from server");
sprintf(err_msg, "Unable to receive response from server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
return -1;
}
buffer[ret] = 0;
if (sock_set_socket_timeout(&proxy->proxy, SOCKET_TIMEOUT) != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unable to set timeout for reverse proxy socket");
return -1;
}
char *buf = buffer;
@@ -431,7 +593,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: End of header not found");
sprintf(err_msg, "Unable to parser header: End of header not found.");
goto proxy_err;
return -2;
}
for (int i = 0; i < header_len; i++) {
@@ -440,7 +602,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: Header contains illegal characters");
sprintf(err_msg, "Unable to parse header: Header contains illegal characters.");
goto proxy_err;
return -2;
}
}
@@ -452,21 +614,21 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: Invalid header format");
sprintf(err_msg, "Unable to parse header: Invalid header format.");
goto proxy_err;
return -2;
}
if (ptr == buf) {
if (strncmp(ptr, "HTTP/", 5) != 0) {
if (!strstarts(ptr, "HTTP/")) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
error("Unable to parse header: Invalid header format");
sprintf(err_msg, "Unable to parse header: Invalid header format.");
goto proxy_err;
return -2;
}
int status_code = (int) strtol(ptr + 9, NULL, 10);
res->status = http_get_status(status_code);
if (res->status == NULL && status_code >= 100 && status_code <= 999) {
custom_status->code = status_code;
strcpy(custom_status->type, "");
custom_status->type = 0;
snprintf(custom_status->msg, sizeof(custom_status->msg), "%.*s",
(int) (strchr(ptr, '\r') - ptr - 13), ptr + 13);
res->status = custom_status;
@@ -475,16 +637,15 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: Invalid or unknown status code");
sprintf(err_msg, "Unable to parse header: Invalid or unknown status code.");
goto proxy_err;
return -2;
}
} else {
ret = http_parse_header_field(&res->hdr, ptr, pos0, 0);
if (ret != 0) {
if (http_parse_header_field(&res->hdr, ptr, pos0, 0) != 0) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
error("Unable to parse header");
sprintf(err_msg, "Unable to parse header.");
goto proxy_err;
return -2;
}
}
if (pos0[2] == '\r' && pos0[3] == '\n') {
@@ -492,128 +653,43 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
}
ptr = pos0 + 2;
}
sock_recv(&proxy->proxy, buffer, header_len, 0);
ret = proxy_response_header(req, res, conf);
if (ret != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
return -1;
}
return 0;
proxy_err:
errno = 0;
if (retry) goto retry;
return -1;
return header_len;
}
int proxy_send(proxy_ctx_t *proxy, sock *client, unsigned long len_to_send, int flags) {
char buffer[CHUNK_SIZE], comp_out[CHUNK_SIZE], buf[256], *ptr;
long ret = 0, len, snd_len;
int finish_comp = 0;
compress_ctx comp_ctx;
if (flags & PROXY_COMPRESS_BR) {
flags &= ~PROXY_COMPRESS_GZ;
if (compress_init(&comp_ctx, COMPRESS_BR) != 0) {
error("Unable to init brotli");
flags &= ~PROXY_COMPRESS_BR;
}
} else if (flags & PROXY_COMPRESS_GZ) {
flags &= ~PROXY_COMPRESS_BR;
if (compress_init(&comp_ctx, COMPRESS_GZ) != 0) {
error("Unable to init gzip");
flags &= ~PROXY_COMPRESS_GZ;
}
}
do {
snd_len = 0;
if (flags & PROXY_CHUNKED) {
ret = sock_get_chunk_header(&proxy->proxy);
if (ret < 0) {
if (ret == -1) {
error("Unable to receive from server: Malformed chunk header");
} else {
error("Unable to receive from server: %s", sock_strerror(&proxy->proxy));
}
break;
}
len_to_send = ret;
ret = 1;
if (len_to_send == 0 && (flags & PROXY_COMPRESS)) {
finish_comp = 1;
len = 0;
ptr = NULL;
goto out;
finish:
compress_free(&comp_ctx);
}
}
while (snd_len < len_to_send) {
unsigned long avail_in, avail_out;
ret = sock_recv(&proxy->proxy, buffer, CHUNK_SIZE < (len_to_send - snd_len) ? CHUNK_SIZE : len_to_send - snd_len, 0);
if (ret <= 0) {
error("Unable to receive from server: %s", sock_strerror(&proxy->proxy));
break;
}
len = ret;
ptr = buffer;
out:
avail_in = len;
char *next_in = ptr;
do {
long buf_len = len;
if (flags & PROXY_COMPRESS) {
avail_out = sizeof(comp_out);
compress_compress(&comp_ctx, next_in + len - avail_in, &avail_in, comp_out, &avail_out, finish_comp);
ptr = comp_out;
buf_len = (int) (sizeof(comp_out) - avail_out);
snd_len += (long) (len - avail_in);
}
if (buf_len != 0) {
len = sprintf(buf, "%lX\r\n", buf_len);
ret = 1;
if (flags & PROXY_CHUNKED) ret = sock_send(client, buf, len, 0);
if (ret <= 0) goto err;
ret = sock_send(client, ptr, buf_len, 0);
if (ret <= 0) goto err;
if (!(flags & PROXY_COMPRESS)) snd_len += ret;
if (flags & PROXY_CHUNKED) ret = sock_send(client, "\r\n", 2, 0);
if (ret <= 0) {
err:
error("Unable to send: %s", sock_strerror(client));
break;
}
}
} while ((flags & PROXY_COMPRESS) && (avail_in != 0 || avail_out != sizeof(comp_out)));
if (ret <= 0) break;
if (finish_comp) goto finish;
}
if (ret <= 0) break;
if (flags & PROXY_CHUNKED) sock_recv(&proxy->proxy, buffer, 2, 0);
} while ((flags & PROXY_CHUNKED) && len_to_send > 0);
if (ret <= 0) return -1;
if (flags & PROXY_CHUNKED) {
ret = sock_send(client, "0\r\n\r\n", 5, 0);
if (ret <= 0) {
error("Unable to send: %s", sock_strerror(client));
return -1;
}
}
return 0;
long proxy_send(proxy_ctx_t *proxy, sock *client, unsigned long len_to_send, int flags) {
long ret;
char buffer[CHUNK_SIZE];
if ((ret = sock_splice(client, &proxy->proxy, buffer, sizeof(buffer), len_to_send)) == -1)
return -1;
return ret;
}
int proxy_dump(proxy_ctx_t *proxy, char *buf, long len) {
sock_recv(&proxy->proxy, buf, len, 0);
long ret = sock_recv(&proxy->proxy, buf, len, 0);
if (ret == -1) return -1;
buf[ret] = 0;
return 0;
}
void proxy_close(proxy_ctx_t *ctx) {
client_ctx_t *cctx = ctx->client;
if (cctx) {
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, cctx->req_host, CLR_STR, cctx->log_prefix);
}
if (ctx->initialized) {
ctx->cnx_e = clock_micros();
char buf[32];
info(BLUE_STR "Closing proxy connection %i/%i (%s)",
(ctx - proxies) % MAX_PROXY_CNX_PER_HOST, MAX_PROXY_CNX_PER_HOST,
format_duration(ctx->cnx_e - ctx->cnx_s, buf));
}
sock_close(&ctx->proxy);
ctx->initialized = 0;
ctx->http_timeout = 0;
ctx->cnx_e = 0, ctx->cnx_s = 0;
ctx->client = NULL;
ctx->host = NULL;
errno = 0;
}

View File

@@ -10,9 +10,6 @@
#define SESIMOS_PROXY_H
#define PROXY_CHUNKED 1
#define PROXY_COMPRESS_GZ 2
#define PROXY_COMPRESS_BR 4
#define PROXY_COMPRESS 6
#ifndef SERVER_NAME
# define SERVER_NAME "reverse proxy"
@@ -22,8 +19,10 @@
#include "config.h"
typedef struct {
unsigned char initialized:1, in_use:1;
volatile unsigned char initialized:1, in_use:1, close:1;
sock proxy;
long cnx_s, cnx_e;
long http_timeout;
char *host;
void *client;
} proxy_ctx_t;
@@ -34,14 +33,22 @@ void proxy_unload(void);
void proxy_close_all(void);
proxy_ctx_t *proxy_get_by_conf(host_config_t *conf);
int proxy_unlock_ctx(proxy_ctx_t *ctx);
int proxy_request_header(http_req *req, sock *sock);
int proxy_response_header(http_req *req, http_res *res, host_config_t *conf);
int proxy_init(proxy_ctx_t **proxy, http_req *req, http_res *res, http_status_ctx *ctx, host_config_t *conf, sock *client, http_status *custom_status, char *err_msg);
int proxy_send(proxy_ctx_t *proxy, sock *client, unsigned long len_to_send, int flags);
int proxy_peek_response(proxy_ctx_t *proxy, http_res *res, http_status_ctx *ctx, http_status *custom_status, char *err_msg);
long proxy_send(proxy_ctx_t *proxy, sock *client, unsigned long len_to_send, int flags);
int proxy_dump(proxy_ctx_t *proxy, char *buf, long len);
void proxy_close(proxy_ctx_t *ctx);
#endif //SESIMOS_PROXY_H

View File

@@ -8,190 +8,479 @@
#include "sock.h"
#include "utils.h"
#include "error.h"
#include "../logger.h"
#include <openssl/err.h>
#include <errno.h>
#include <openssl/ssl.h>
#include <string.h>
#include <sys/socket.h>
#include <unistd.h>
#include <openssl/err.h>
#include <sys/ioctl.h>
#include <fcntl.h>
#include <netdb.h>
int sock_enc_error(sock *s) {
return (int) s->enc ? SSL_get_error(s->ssl, (int) s->_last_ret) : 0;
}
const char *sock_strerror(sock *s) {
// FIXME sock_strerror not Thread Safe!
// (and ugly)
errno = 0;
if (s->_last_ret == 0) {
return "closed";
} else if (s->enc) {
if (s->_last_ret > 0) {
return NULL;
}
const char *err1 = ERR_reason_error_string(s->_ssl_error);
const char *err2 = strerror(s->_errno);
switch (sock_enc_error(s)) {
case SSL_ERROR_NONE:
return NULL;
case SSL_ERROR_ZERO_RETURN:
return "closed";
case SSL_ERROR_WANT_READ:
return "want read";
case SSL_ERROR_WANT_WRITE:
return "want write";
case SSL_ERROR_WANT_CONNECT:
return "want connect";
case SSL_ERROR_WANT_ACCEPT:
return "want accept";
case SSL_ERROR_WANT_X509_LOOKUP:
return "want x509 lookup";
case SSL_ERROR_SYSCALL:
return ((s->_ssl_error == 0) ? ((s->_last_ret == 0) ? "protocol violation" : err2) : err1);
case SSL_ERROR_SSL:
return err1;
default:
return "unknown error";
}
static void sock_ssl_error(unsigned long err) {
if (err == SSL_ERROR_NONE) {
errno = 0;
} else if (err == SSL_ERROR_SYSCALL) {
// errno already set
} else if (err == SSL_ERROR_SSL) {
error_ssl_err(ERR_get_error());
} else {
return strerror(s->_errno);
error_ssl(err);
}
}
int sock_set_timeout_micros(sock *s, long recv_micros, long send_micros) {
void sock_error(sock *s, int ret) {
sock_ssl_error(SSL_get_error(s->ssl, ret));
}
int sock_gai_error(int ret) {
if (ret == 0) {
errno = 0;
} else if (ret == EAI_SYSTEM) {
// errno already set
} else {
error_gai(ret);
}
return -1;
}
const char *sock_error_str(unsigned long err) {
switch (err) {
case SSL_ERROR_ZERO_RETURN:
return "closed";
case SSL_ERROR_WANT_READ:
return "want read";
case SSL_ERROR_WANT_WRITE:
return "want write";
case SSL_ERROR_WANT_CONNECT:
return "want connect";
case SSL_ERROR_WANT_ACCEPT:
return "want accept";
case SSL_ERROR_WANT_X509_LOOKUP:
return "want x509 lookup";
case SSL_ERROR_WANT_ASYNC:
return "want async";
case SSL_ERROR_WANT_ASYNC_JOB:
return "want async job";
case SSL_ERROR_WANT_CLIENT_HELLO_CB:
return "want client hello callback";
//case SSL_ERROR_WANT_RETRY_VERIFY:
// return "want retry verify";
default:
return "unknown error";
}
}
int sock_init(sock *s, int fd, int flags) {
if ((flags & SOCK_ENCRYPTED) && (flags & SOCK_PIPE)) {
errno = EINVAL;
return -1;
}
s->socket = fd;
s->enc = !!(flags & SOCK_ENCRYPTED);
s->pipe = !!(flags & SOCK_PIPE);
s->ts_start = clock_micros();
s->ts_last = s->ts_start;
s->ts_last_send = s->ts_last;
s->timeout_us = -1;
s->ssl = NULL;
s->addr = NULL;
s->s_addr = NULL;
return 0;
}
int sock_connect(const char *hostname, unsigned short port, double timeout_sec, char *addr_buf, size_t addr_buf_size) {
char buf[INET6_ADDRSTRLEN + 1];
int ret, fd, e = 0;
long timeout_micros = (long) (timeout_sec * 1000000L);
struct addrinfo *result, *rp,
hints = {
.ai_family = AF_UNSPEC,
.ai_socktype = SOCK_STREAM,
.ai_protocol = 0,
.ai_flags = 0,
};
if (addr_buf && addr_buf_size > 1)
addr_buf[0] = 0;
if ((ret = getaddrinfo(hostname, NULL, &hints, &result)) != 0)
return sock_gai_error(ret);
for (rp = result; rp != NULL; rp = rp->ai_next) {
switch (rp->ai_family) {
case AF_INET:
((struct sockaddr_in *) rp->ai_addr)->sin_port = htons(port);
inet_ntop(rp->ai_family, &((struct sockaddr_in *) rp->ai_addr)->sin_addr, buf, addr_buf_size);
break;
case AF_INET6:
((struct sockaddr_in6 *) rp->ai_addr)->sin6_port = htons(port);
inet_ntop(rp->ai_family, &((struct sockaddr_in6 *) rp->ai_addr)->sin6_addr, buf, addr_buf_size);
break;
}
debug("Trying [%s]:%i", buf, port);
if ((fd = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol)) == -1) {
if (e == 0) {
e = errno;
} else if (e != errno) {
e = -1;
}
continue;
}
if (sock_set_socket_timeout_micros(fd, timeout_micros, timeout_micros) == -1) {
close(fd);
return -1;
}
if (connect(fd, rp->ai_addr, rp->ai_addrlen) == -1) {
e = errno;
close(fd);
continue;
}
break;
}
freeaddrinfo(result);
if (addr_buf && addr_buf_size > 1 && addr_buf[0] == 0)
strncpy(addr_buf, buf, addr_buf_size);
errno = e;
return (e == 0) ? fd : -1;
}
int sock_reverse_lookup(const sock *s, char *host, size_t host_size) {
memset(host, 0, host_size);
int ret;
if ((ret = getnameinfo(&s->_addr.sock, sizeof(s->_addr), host, host_size, NULL, 0, 0)) != 0) {
if (ret == EAI_NONAME) {
return 0;
} else {
return sock_gai_error(ret);
}
}
return 0;
}
int sock_set_socket_timeout_micros(int fd, long recv_micros, long send_micros) {
struct timeval recv_to = {.tv_sec = recv_micros / 1000000, .tv_usec = recv_micros % 1000000},
send_to = {.tv_sec = send_micros / 1000000, .tv_usec = send_micros % 1000000};
if (setsockopt(s->socket, SOL_SOCKET, SO_RCVTIMEO, &recv_to, sizeof(recv_to)) != 0)
if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &recv_to, sizeof(recv_to)) != 0)
return -1;
if (setsockopt(s->socket, SOL_SOCKET, SO_SNDTIMEO, &send_to, sizeof(send_to)) != 0)
if (setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &send_to, sizeof(send_to)) != 0)
return -1;
return 0;
}
int sock_set_timeout(sock *s, int sec) {
return sock_set_timeout_micros(s, sec * 1000000L, sec * 1000000L);
int sock_set_socket_timeout(sock *s, double sec) {
return sock_set_socket_timeout_micros(s->socket, (long) (sec * 1000000L), (long) (sec * 1000000L));
}
int sock_set_timeout_micros(sock *s, long micros) {
if (micros < 0)
return -1;
s->timeout_us = micros;
return 0;
}
int sock_set_timeout(sock *s, double sec) {
return sock_set_timeout_micros(s, (long) (sec * 1000000));
}
long sock_send(sock *s, void *buf, unsigned long len, int flags) {
if (s->socket < 0) {
errno = ENOTCONN;
return -1;
}
long ret;
if (s->enc) {
ret = SSL_write(s->ssl, buf, (int) len);
s->_ssl_error = ERR_get_error();
if (ret <= 0) sock_error(s, (int) ret);
} else if (s->pipe) {
if (flags & ~MSG_MORE) {
errno = EINVAL;
return -1;
}
ret = write(s->socket, buf, len);
} else {
ret = send(s->socket, buf, len, flags);
}
s->_last_ret = ret;
s->_errno = errno;
return ret >= 0 ? ret : -1;
if (ret >= 0) {
s->ts_last = clock_micros();
s->ts_last_send = s->ts_last;
return ret;
} else {
return -1;
}
}
long sock_send_x(sock *s, void *buf, unsigned long len, int flags) {
for (long ret, sent = 0; sent < len; sent += ret) {
if ((ret = sock_send(s, (unsigned char *) buf + sent, len - sent, flags)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
}
return (long) len;
}
long sock_recv(sock *s, void *buf, unsigned long len, int flags) {
if (s->socket < 0) {
errno = ENOTCONN;
return -1;
}
long ret;
if (s->enc) {
int (*func)(SSL*, void*, int) = (flags & MSG_PEEK) ? SSL_peek : SSL_read;
int (*func)(SSL *, void *, int) = (flags & MSG_PEEK) ? SSL_peek : SSL_read;
ret = func(s->ssl, buf, (int) len);
s->_ssl_error = ERR_get_error();
if (ret <= 0) sock_error(s, (int) ret);
} else if (s->pipe) {
if (flags & ~MSG_WAITALL) {
errno = EINVAL;
return -1;
}
ret = read(s->socket, buf, len);
} else {
ret = recv(s->socket, buf, len, flags);
}
s->_last_ret = ret;
s->_errno = errno;
return ret >= 0 ? ret : -1;
if (ret >= 0) {
s->ts_last = clock_micros();
return ret;
} else {
return -1;
}
}
long sock_recv_x(sock *s, void *buf, unsigned long len, int flags) {
for (long ret, rcv = 0; rcv < len; rcv += ret) {
if ((ret = sock_recv(s, (unsigned char *) buf + rcv, len - rcv, flags | MSG_WAITALL)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
}
return (long) len;
}
long sock_splice(sock *dst, sock *src, void *buf, unsigned long buf_len, unsigned long len) {
long ret;
unsigned long send_len = 0;
unsigned long next_len;
while (send_len < len) {
next_len = (buf_len < (len - send_len)) ? buf_len : (len - send_len);
ret = sock_recv(src, buf, next_len, 0);
if (ret <= 0) return -2;
next_len = ret;
ret = sock_send(dst, buf, next_len, send_len + next_len < len ? MSG_MORE : 0);
if (ret < 0) return -1;
if (ret != next_len) return -3;
send_len += next_len;
long send_len = 0;
if ((src->pipe || dst->pipe) && !src->enc && !dst->enc) {
for (long ret; send_len < len; send_len += ret) {
if ((ret = splice(src->socket, 0, dst->socket, 0, len, 0)) == -1) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
}
} else {
for (long ret, next_len; send_len < len; send_len += ret) {
next_len = (long) ((buf_len < (len - send_len)) ? buf_len : (len - send_len));
if ((ret = sock_recv(src, buf, next_len, MSG_WAITALL)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
if (sock_send_x(dst, buf, ret, send_len + ret < len ? MSG_MORE : 0) == -1)
return -1;
}
}
return (long) send_len;
return send_len;
}
long sock_splice_chunked(sock *dst, sock *src, void *buf, unsigned long buf_len) {
long ret;
unsigned long send_len = 0;
unsigned long next_len;
long sock_splice_all(sock *dst, sock *src, void *buf, unsigned long buf_len) {
long send_len = 0;
for (long ret;; send_len += ret) {
if ((ret = sock_recv(src, buf, buf_len, 0)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else if (ret == 0) {
break;
} else {
return -1;
}
}
while (1) {
ret = sock_get_chunk_header(src);
if (ret < 0) return -2;
if (sock_send_x(dst, buf, ret, 0) == -1)
return -1;
}
return send_len;
}
long sock_splice_chunked(sock *dst, sock *src, void *buf, unsigned long buf_len, int flags) {
long ret;
unsigned long send_len = 0, next_len;
do {
if ((ret = sock_recv_chunk_header(src)) == -1)
return -1;
next_len = ret;
if (next_len <= 0) break;
ret = sock_splice(dst, src, buf, buf_len, next_len);
if (ret < 0) return ret;
}
if (flags & SOCK_CHUNKED)
if (sock_send_chunk_header(dst, next_len) == -1)
return -1;
if ((ret = sock_splice(dst, src, buf, buf_len, next_len)) == -1)
return ret;
send_len += ret;
if (sock_recv_chunk_trailer(src) == -1)
return -1;
if (flags & SOCK_CHUNKED)
if (sock_send_chunk_trailer(dst) == -1)
return -1;
} while (!(flags & SOCK_SINGLE_CHUNK) && next_len != 0);
return (long) send_len;
}
int sock_close(sock *s) {
int e = errno;
if (s->enc && s->ssl != NULL) {
if (s->_last_ret >= 0) SSL_shutdown(s->ssl);
if (s->ssl != NULL) {
SSL_shutdown(s->ssl);
SSL_free(s->ssl);
s->ssl = NULL;
}
close(s->socket);
s->socket = 0;
s->enc = 0;
if (s->socket != -1) close(s->socket);
s->socket = -1;
s->enc = 0, s->pipe = 0;
errno = e;
return 0;
}
int sock_has_pending(sock *s) {
char buf[1];
int sock_has_pending(sock *s, int flags) {
int e = errno;
long ret = sock_recv(s, &buf, 1, MSG_PEEK | MSG_DONTWAIT);
long ret;
if (s->pipe) {
int arg;
ioctl(s->socket, FIONREAD, &arg);
ret = arg;
} else if (s->enc && (flags & SOCK_DONTWAIT)) {
ret = SSL_pending(s->ssl);
} else {
char buf[1];
ret = sock_recv(s, &buf, sizeof(buf), MSG_PEEK | ((flags & SOCK_DONTWAIT) ? MSG_DONTWAIT : 0));
}
errno = e;
return ret == 1;
return ret > 0;
}
long sock_parse_chunk_header(const char *buf, long len, long *ret_len) {
for (int i = 0; i < len; i++) {
char ch = buf[i];
if (ch == '\r') {
continue;
} else if (ch == '\n') {
if (ret_len != NULL) *ret_len = i + 1;
return strtol(buf, NULL, 16);
} else if (!((ch >= '0' && ch <= '9') || (ch >= 'a' && ch <= 'f') || (ch >= 'A' && ch <= 'F'))) {
return -2;
}
long sock_recv_chunk_header(sock *s) {
if (s->pipe) {
uint64_t len;
if (sock_recv_x(s, &len, sizeof(len), 0) == -1)
return -1;
return (long) len;
}
return -1;
}
long sock_get_chunk_header(sock *s) {
long ret, len;
char buf[16];
long ret;
size_t len = 0;
char buf[20];
do {
ret = sock_recv(s, buf, sizeof(buf), MSG_PEEK);
if (ret <= 0) return -2;
else if (ret < 2) continue;
if ((ret = sock_recv(s, buf, sizeof(buf) - 1, MSG_PEEK)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0;
continue;
} else {
return -1;
}
} else if (ret < 2) {
continue;
}
buf[ret] = 0;
ret = sock_parse_chunk_header(buf, ret, &len);
if (ret == -2) return -1;
if ((ret = parse_chunk_header(buf, ret, &len)) == -1 && errno == EPROTO)
return -1;
} while (ret < 0);
if (sock_recv(s, buf, len, 0) != len)
return -2;
if (sock_recv_x(s, buf, len, 0) == -1)
return -1;
return ret;
}
int sock_send_chunk_header(sock *s, unsigned long size) {
if (s->pipe) {
uint64_t len = size;
if (sock_send_x(s, &len, sizeof(len), 0) == -1)
return -1;
} else {
char buf[20];
if (sock_send_x(s, buf, sprintf(buf, "%lX\r\n", size), 0) == -1)
return -1;
}
return 0;
}
int sock_recv_chunk_trailer(sock *s) {
if (s->pipe) return 0;
char buf[2];
if (sock_recv_x(s, buf, sizeof(buf), MSG_PEEK) == -1)
return -1;
if (buf[0] != '\r' || buf[1] != '\n') {
errno = EPROTO;
return -1;
}
if (sock_recv_x(s, buf, sizeof(buf), 0) == -1)
return -1;
return 0;
}
int sock_send_chunk_trailer(sock *s) {
if (s->pipe) return 0;
if (sock_send_x(s, "\r\n", 2, 0) == -1)
return -1;
return 0;
}
int sock_send_last_chunk(sock *s) {
if (s->pipe) return sock_send_chunk_header(s, 0);
if (sock_send_x(s, "0\r\n\r\n", 5, 0) == -1)
return -1;
return 0;
}

View File

@@ -13,8 +13,16 @@
#include <sys/socket.h>
#include <arpa/inet.h>
#define SOCK_CHUNKED 1
#define SOCK_SINGLE_CHUNK 2
#define SOCK_ENCRYPTED 1
#define SOCK_PIPE 2
#define SOCK_DONTWAIT 1
typedef struct {
unsigned int enc:1;
unsigned int enc:1, pipe:1;
int socket;
union {
struct sockaddr sock;
@@ -23,33 +31,55 @@ typedef struct {
char *addr, *s_addr;
SSL_CTX *ctx;
SSL *ssl;
long _last_ret;
int _errno;
unsigned long _ssl_error;
long ts_start, ts_last, ts_last_send, timeout_us;
} sock;
int sock_enc_error(sock *s);
void sock_error(sock *s, int ret);
const char *sock_strerror(sock *s);
const char *sock_error_str(unsigned long err);
int sock_set_timeout_micros(sock *s, long recv_micros, long send_micros);
int sock_init(sock *s, int fd, int flags);
int sock_set_timeout(sock *s, int sec);
int sock_connect(const char *hostname, unsigned short port, double timeout_sec, char *addr_buf, size_t addr_buf_size);
int sock_reverse_lookup(const sock *s, char *host, size_t host_size);
int sock_init_addr_str(const sock *s, char *c_addr, size_t c_addr_size, char *s_addr, size_t s_addr_size);
int sock_set_socket_timeout_micros(int fd, long recv_micros, long send_micros);
int sock_set_socket_timeout(sock *s, double sec);
int sock_set_timeout_micros(sock *s, long micros);
int sock_set_timeout(sock *s, double sec);
long sock_send(sock *s, void *buf, unsigned long len, int flags);
long sock_send_x(sock *s, void *buf, unsigned long len, int flags);
long sock_recv(sock *s, void *buf, unsigned long len, int flags);
long sock_recv_x(sock *s, void *buf, unsigned long len, int flags);
long sock_splice(sock *dst, sock *src, void *buf, unsigned long buf_len, unsigned long len);
long sock_splice_chunked(sock *dst, sock *src, void *buf, unsigned long buf_len);
long sock_splice_all(sock *dst, sock *src, void *buf, unsigned long buf_len);
long sock_splice_chunked(sock *dst, sock *src, void *buf, unsigned long buf_len, int flags);
int sock_close(sock *s);
int sock_has_pending(sock *s);
int sock_has_pending(sock *s, int flags);
long sock_parse_chunk_header(const char *buf, long len, long *ret_len);
long sock_recv_chunk_header(sock *s);
long sock_get_chunk_header(sock *s);
int sock_send_chunk_header(sock *s, unsigned long size);
int sock_recv_chunk_trailer(sock *s);
int sock_send_chunk_trailer(sock *s);
int sock_send_last_chunk(sock *s);
#endif //SESIMOS_SOCK_H

View File

@@ -15,31 +15,33 @@
int path_is_directory(const char *path) {
struct stat statbuf;
return stat(path, &statbuf) == 0 && S_ISDIR(statbuf.st_mode) != 0;
int e = errno;
struct stat stat_buf;
int ret = stat(path, &stat_buf);
errno = e;
return ret == 0 && S_ISDIR(stat_buf.st_mode) != 0;
}
int path_is_file(const char *path) {
struct stat statbuf;
int ret = stat(path, &statbuf);
errno = 0;
return ret == 0 && S_ISDIR(statbuf.st_mode) == 0;
int e = errno;
struct stat stat_buf;
int ret = stat(path, &stat_buf);
errno = e;
return ret == 0 && S_ISDIR(stat_buf.st_mode) == 0;
}
int path_exists(const char *path) {
struct stat statbuf;
int ret = stat(path, &statbuf);
errno = 0;
int e = errno;
struct stat stat_buf;
int ret = stat(path, &stat_buf);
errno = e;
return ret == 0;
}
int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mode) {
char buf0[1024];
char buf1[1024];
char buf2[1024];
char buf3[1024];
char buf4[1024];
char buf0[1024], buf1[1024], buf2[1024], buf3[1024], buf4[1024];
int p_len;
uri->webroot = NULL;
uri->req_path = NULL;
uri->path = NULL;
@@ -50,9 +52,10 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
uri->meta = NULL;
uri->is_static = 1;
uri->is_dir = 0;
if (uri_str[0] != '/') {
if (uri_str[0] != '/')
return 1;
}
uri->webroot = malloc(strlen(webroot) + 1);
strcpy(uri->webroot, webroot);
@@ -70,12 +73,10 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
long size = (long) strlen(uri_str) + 1;
uri->req_path = malloc(size);
url_decode(uri_str, uri->req_path, &size);
if (query != NULL) {
query[-1] = '?';
}
if (strstr(uri->req_path, "/../") != NULL || strstr(uri->req_path, "/./") != NULL) {
if (query != NULL) query[-1] = '?';
if (strcontains(uri->req_path, "/../") || strcontains(uri->req_path, "/./"))
return 2;
}
size = (long) strlen(uri->req_path) + 1;
uri->path = malloc(size);
@@ -91,9 +92,8 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
last = ch;
}
if (dir_mode == URI_DIR_MODE_NO_VALIDATION) {
if (dir_mode == URI_DIR_MODE_NO_VALIDATION)
return 0;
}
if (uri->path[strlen(uri->path) - 1] == '/') {
uri->path[strlen(uri->path) - 1] = 0;
@@ -102,26 +102,20 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
strcpy(uri->pathinfo, "");
}
if (!path_exists(uri->webroot)) {
if (!path_exists(uri->webroot))
return 3;
}
while (1) {
sprintf(buf0, "%s%s", uri->webroot, uri->path);
p_len = snprintf(buf1, sizeof(buf1), "%s.ncr", buf0);
p_len = snprintf(buf1, sizeof(buf1), "%s.xhtml", buf0);
if (p_len < 0 || p_len >= sizeof(buf1)) return -1;
p_len = snprintf(buf2, sizeof(buf2), "%s.php", buf0);
p_len = snprintf(buf2, sizeof(buf2), "%s.html", buf0);
if (p_len < 0 || p_len >= sizeof(buf2)) return -1;
p_len = snprintf(buf3, sizeof(buf3), "%s.html", buf0);
p_len = snprintf(buf3, sizeof(buf3), "%s.php", buf0);
if (p_len < 0 || p_len >= sizeof(buf3)) return -1;
if (strlen(uri->path) <= 1 ||
path_exists(buf0) ||
path_is_file(buf1) ||
path_is_file(buf2) ||
path_is_file(buf3)) {
if (strlen(uri->path) <= 1 || path_exists(buf0) || path_is_file(buf1) || path_is_file(buf2) || path_is_file(buf3))
break;
}
char *ptr;
parent_dir:
@@ -140,40 +134,44 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
uri->filename = malloc(strlen(buf0) + 1);
strcpy(uri->filename, buf0);
long len = (long) strlen(uri->path);
if (strcmp(uri->path + len - 4, ".ncr") == 0 || strcmp(uri->path + len - 4, ".php") == 0) {
if (strends(uri->path, ".xhtml")) {
uri->path[len - 6] = 0;
} else if (strends(uri->path, ".html")) {
uri->path[len - 5] = 0;
} else if (strends(uri->path, ".php")) {
uri->path[len - 4] = 0;
uri->is_static = 0;
} else if (strcmp(uri->path + len - 5, ".html") == 0) {
uri->path[len - 5] = 0;
}
} else if (path_is_file(buf1)) {
uri->is_static = 0;
uri->filename = malloc(strlen(buf1) + 1);
strcpy(uri->filename, buf1);
} else if (path_is_file(buf2)) {
uri->is_static = 0;
uri->filename = malloc(strlen(buf2) + 1);
strcpy(uri->filename, buf2);
} else if (path_is_file(buf3)) {
uri->filename = malloc(strlen(buf3) + 1);
strcpy(uri->filename, buf3);
uri->is_static = 0;
} else {
uri->is_dir = 1;
strcpy(uri->path + strlen(uri->path), "/");
sprintf(buf1, "%s%sindex.ncr", uri->webroot, uri->path);
sprintf(buf2, "%s%sindex.php", uri->webroot, uri->path);
sprintf(buf3, "%s%sindex.html", uri->webroot, uri->path);
if (path_is_file(buf1)) {
sprintf(buf1, "%s%s" "index.xhtml", uri->webroot, uri->path);
sprintf(buf2, "%s%s" "index.html", uri->webroot, uri->path);
sprintf(buf3, "%s%s" "index.php", uri->webroot, uri->path);
if (path_is_file(buf3) && uri->pathinfo[0] != 0) {
uri->filename = malloc(strlen(buf3) + 1);
strcpy(uri->filename, buf3);
uri->is_static = 0;
} else if (path_is_file(buf1)) {
uri->filename = malloc(strlen(buf1) + 1);
strcpy(uri->filename, buf1);
uri->is_static = 0;
} else if (path_is_file(buf2)) {
uri->filename = malloc(strlen(buf2) + 1);
strcpy(uri->filename, buf2);
uri->is_static = 0;
} else if (path_is_file(buf3)) {
uri->filename = malloc(strlen(buf3) + 1);
strcpy(uri->filename, buf3);
uri->is_static = 0;
} else {
if (dir_mode == URI_DIR_MODE_FORBIDDEN) {
uri->is_static = 1;
@@ -190,20 +188,17 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
}
}
if (strcmp(uri->path + strlen(uri->path) - 5, "index") == 0) {
if (strends(uri->path, "/index"))
uri->path[strlen(uri->path) - 5] = 0;
}
if (strcmp(uri->pathinfo, "index.ncr") == 0 ||
strcmp(uri->pathinfo, "index.php") == 0 ||
strcmp(uri->pathinfo, "index.html") == 0) {
uri->pathinfo[0] = 0;
}
sprintf(buf0, "%s%s%s%s%s", uri->path,
(strlen(uri->pathinfo) == 0 || uri->path[strlen(uri->path) - 1] == '/') ? "" : "/", uri->pathinfo,
uri->query != NULL ? "?" : "", uri->query != NULL ? uri->query : "");
uri->uri = malloc(strlen(buf0) + 1);
strcpy(uri->uri, buf0);
if (streq(uri->pathinfo, "index.php") || streq(uri->pathinfo, "index.html") || streq(uri->pathinfo, "index.xhtml"))
uri->pathinfo[0] = 0;
sprintf(buf4, "%s%s%s%s%s", uri->path,
(strlen(uri->pathinfo) == 0 || uri->path[strlen(uri->path) - 1] == '/') ? "" : "/",
uri->pathinfo, uri->query != NULL ? "?" : "", uri->query != NULL ? uri->query : "");
uri->uri = malloc(strlen(buf4) + 1);
strcpy(uri->uri, buf4);
return 0;
}

View File

@@ -26,7 +26,7 @@ typedef struct {
char charset[URI_CHARSET_SIZE];
char filename_comp_gz[256];
char filename_comp_br[256];
struct stat stat;
long mtime;
} metadata_t;
typedef struct {
@@ -38,8 +38,7 @@ typedef struct {
char *filename; // "/account/index.php"
char *uri; // "/account/login?username=test"
metadata_t *meta;
unsigned int is_static:1;
unsigned int is_dir:1;
unsigned int is_static:1, is_dir:1;
} http_uri;

View File

@@ -12,10 +12,32 @@
#include <string.h>
#include <stdlib.h>
#include <time.h>
#include <sys/stat.h>
#include <errno.h>
#include <unistd.h>
#include <dirent.h>
static const char base64_encode_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const int base64_mod_table[3] = {0, 2, 1};
static const char base64_decode_table[256] = {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, 0, -1, -1,
-1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1,
-1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
};
char *format_duration(unsigned long micros, char *buf) {
@@ -113,39 +135,49 @@ int url_decode(const char *str, char *dec, long *size) {
return 0;
}
int mime_is_compressible(const char *type) {
int mime_is_compressible(const char *restrict type) {
if (type == NULL) return 0;
char type_parsed[64];
snprintf(type_parsed, sizeof(type_parsed), "%s", type);
char *pos = strchr(type_parsed, ';');
if (pos != NULL) pos[0] = 0;
return
strncmp(type_parsed, "text/", 5) == 0 ||
strncmp(type_parsed, "message/", 7) == 0 ||
strstr(type_parsed, "+xml") != NULL ||
strstr(type_parsed, "+json") != NULL ||
strcmp(type_parsed, "application/javascript") == 0 ||
strcmp(type_parsed, "application/json") == 0 ||
strcmp(type_parsed, "application/xml") == 0 ||
strcmp(type_parsed, "application/x-www-form-urlencoded") == 0 ||
strcmp(type_parsed, "application/x-tex") == 0 ||
strcmp(type_parsed, "application/x-httpd-php") == 0 ||
strcmp(type_parsed, "application/x-latex") == 0 ||
strcmp(type_parsed, "application/vnd.ms-fontobject") == 0 ||
strcmp(type_parsed, "application/x-font-ttf") == 0 ||
strcmp(type_parsed, "application/x-javascript") == 0 ||
strcmp(type_parsed, "font/eot") == 0 ||
strcmp(type_parsed, "font/opentype") == 0 ||
strcmp(type_parsed, "image/bmp") == 0 ||
strcmp(type_parsed, "image/gif") == 0 ||
strcmp(type_parsed, "image/vnd.microsoft.icon") == 0 ||
strcmp(type_parsed, "image/vnd.microsoft.iconbinary") == 0 ||
strcmp(type_parsed, "image/x-icon") == 0;
mime_is_text(type) ||
streq(type_parsed, "application/vnd.ms-fontobject") ||
streq(type_parsed, "application/x-font-ttf") ||
streq(type_parsed, "font/eot") ||
streq(type_parsed, "font/opentype") ||
streq(type_parsed, "image/bmp") ||
streq(type_parsed, "image/gif") ||
streq(type_parsed, "image/vnd.microsoft.icon") ||
streq(type_parsed, "image/vnd.microsoft.iconbinary") ||
streq(type_parsed, "image/x-icon");
}
int strcpy_rem_webroot(char *dst, const char *src, long len, const char *webroot) {
memcpy(dst, src, len);
dst[len] = 0;
int mime_is_text(const char *restrict type) {
if (type == NULL) return 0;
char type_parsed[64];
snprintf(type_parsed, sizeof(type_parsed), "%s", type);
char *pos = strchr(type_parsed, ';');
if (pos != NULL) pos[0] = 0;
return
strstarts(type_parsed, "text/") ||
strstarts(type_parsed, "message/") ||
strends(type_parsed, "+xml") ||
strends(type_parsed, "+json") ||
streq(type_parsed, "application/javascript") ||
streq(type_parsed, "application/json") ||
streq(type_parsed, "application/xml") ||
streq(type_parsed, "application/sql") ||
streq(type_parsed, "application/x-www-form-urlencoded") ||
streq(type_parsed, "application/x-tex") ||
streq(type_parsed, "application/x-httpd-php") ||
streq(type_parsed, "application/x-latex") ||
streq(type_parsed, "application/x-javascript");
}
int strcpy_rem_webroot(char *dst, const char *src, const char *webroot) {
strcpy(dst, src);
if (webroot == NULL)
return 0;
@@ -183,15 +215,35 @@ int str_trim_lws(char **start, char **end) {
return 0;
}
int streq(const char *restrict str1, const char *restrict str2) {
return str1 != NULL && str2 != NULL && strcmp(str1, str2) == 0;
}
int strcontains(const char *restrict haystack, const char *restrict needle) {
return haystack != NULL && needle != NULL && strstr(haystack, needle) != NULL;
}
int strstarts(const char *restrict str, const char *restrict prefix) {
if (str == NULL || prefix == NULL) return 0;
const unsigned long l1 = strlen(str), l2 = strlen(prefix);
return l2 <= l1 && strncmp(str, prefix, l2) == 0;
}
int strends(const char *restrict str, const char *restrict suffix) {
if (str == NULL || suffix == NULL) return 0;
const unsigned long l1 = strlen(str), l2 = strlen(suffix);
return l2 <= l1 && strcmp(str + l1 - l2, suffix) == 0;
}
int base64_encode(void *data, unsigned long data_len, char *output, unsigned long *output_len) {
unsigned long out_len = 4 * ((data_len + 2) / 3);
const unsigned long out_len = 4 * ((data_len + 2) / 3);
if (output_len != NULL) *output_len = out_len;
for (int i = 0, j = 0; i < data_len;) {
unsigned int octet_a = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int octet_b = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int octet_c = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int triple = (octet_a << 0x10) + (octet_b << 0x08) + octet_c;
const unsigned int octet_a = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
const unsigned int octet_b = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
const unsigned int octet_c = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
const unsigned int triple = (octet_a << 16) | (octet_b << 8) | octet_c;
output[j++] = base64_encode_table[(triple >> 3 * 6) & 0x3F];
output[j++] = base64_encode_table[(triple >> 2 * 6) & 0x3F];
output[j++] = base64_encode_table[(triple >> 1 * 6) & 0x3F];
@@ -205,15 +257,185 @@ int base64_encode(void *data, unsigned long data_len, char *output, unsigned lon
return 0;
}
int base64_decode(const char *data, unsigned long data_len, void *output, unsigned long *output_len) {
const unsigned long out_len = 3 * ((data_len + 2) / 4);
if (output_len != NULL) *output_len = out_len;
char *out = output;
for (int i = 0, j = 0; i < data_len;) {
const int octet_a = (i < data_len) ? base64_decode_table[((unsigned char *) data)[i++]] : 0;
const int octet_b = (i < data_len) ? base64_decode_table[((unsigned char *) data)[i++]] : 0;
const int octet_c = (i < data_len) ? base64_decode_table[((unsigned char *) data)[i++]] : 0;
const int octet_d = (i < data_len) ? base64_decode_table[((unsigned char *) data)[i++]] : 0;
if (octet_a < 0 || octet_b < 0 || octet_c < 0 || octet_d < 0) return -1;
const unsigned int triple = (octet_a << 3 * 6) | (octet_b << 2 * 6) | (octet_c << 6) | octet_d;
out[j++] = (char) (triple >> 16);
out[j++] = (char) ((triple >> 8) & 0xFF);
out[j++] = (char) (triple & 0xFF);
}
out[out_len] = 0;
return 0;
}
long clock_micros(void) {
struct timespec time;
clock_gettime(CLOCK_MONOTONIC, &time);
return time.tv_sec * 1000000 + time.tv_nsec / 1000;
}
long clock_cpu(void) {
struct timespec time;
clock_gettime(CLOCK_THREAD_CPUTIME_ID, &time);
return time.tv_sec * 1000000000 + time.tv_nsec;
}
long stat_mtime(const char *filename) {
struct stat stat_buf;
stat(filename, &stat_buf);
return stat_buf.st_mtime;
}
int rm_rf(const char *path) {
struct stat stat_buf;
if (lstat(path, &stat_buf) != 0)
return (errno == ENOENT) ? 0 : -1;
if (S_ISREG(stat_buf.st_mode)) {
// regular file
return unlink(path);
} else if (S_ISLNK(stat_buf.st_mode)) {
// link
return unlink(path);
} else if (S_ISDIR(stat_buf.st_mode)) {
// directory
char buf[FILENAME_MAX];
DIR *dir;
// open directory
if ((dir = opendir(path)) == NULL)
return -1;
// read directory
for (struct dirent *ent; (ent = readdir(dir)) != NULL;) {
if (streq(ent->d_name, ".") || streq(ent->d_name, ".."))
continue;
snprintf(buf, sizeof(buf), "%s/%s", path, ent->d_name);
if (rm_rf(buf) != 0) {
closedir(dir);
return -1;
}
}
// close and remove directory
closedir(dir);
return rmdir(path);
} else {
// other - not supported
errno = ENOTSUP;
return -1;
}
}
long fsize(FILE *file) {
long cur_pos, len;
if ((cur_pos = ftell(file)) == -1)
return -1;
if (fseek(file, 0, SEEK_END) != 0)
return -1;
if ((len = ftell(file)) == -1)
return -1;
if (fseek(file, cur_pos, SEEK_SET) != 0)
return -1;
return len;
}
long flines(FILE *file) {
long cur_pos, lines = 0;
if ((cur_pos = ftell(file)) == -1)
return -1;
if (fseek(file, 0, SEEK_SET) != 0)
return -1;
for (int ch; (ch = fgetc(file)) != EOF;) {
if (ch == '\n') lines++;
}
if (fseek(file, cur_pos, SEEK_SET) != 0)
return -1;
return lines + 1;
}
long file_get_line_pos(FILE *file, long line_num) {
if (line_num < 1) {
errno = EINVAL;
return -1;
}
long cur_pos;
if ((cur_pos = ftell(file)) == -1)
return -1;
if (fseek(file, 0, SEEK_SET) != 0)
return -1;
long lines = 0, pos = 0;
for (int ch; lines < line_num - 1 && (ch = fgetc(file)) != EOF; pos++) {
if (ch == '\n') lines++;
}
if (fseek(file, cur_pos, SEEK_SET) != 0)
return -1;
return pos;
}
int fseekl(FILE *file, long line_num) {
if (line_num < 1) {
errno = EINVAL;
return -1;
}
if (fseek(file, 0, SEEK_SET) != 0)
return -1;
long lines = 0;
for (int ch; lines < line_num - 1 && (ch = fgetc(file)) != EOF;) {
if (ch == '\n') lines++;
}
return 0;
}
long ftelll(FILE *file) {
long cur_pos;
if ((cur_pos = ftell(file)) == -1)
return -1;
if (fseek(file, 0, SEEK_SET) != 0)
return -1;
long lines = 0, pos = 0;
for (int ch; pos < cur_pos && (ch = fgetc(file)) != EOF; pos++) {
if (ch == '\n') lines++;
}
if (fseek(file, cur_pos, SEEK_SET) != 0)
return -1;
return lines + 1;
}
long parse_chunk_header(const char *buf, size_t len, size_t *ret_len) {
for (int i = 0; i < len; i++) {
char ch = buf[i];
if (ch == '\r') {
continue;
} else if (ch == '\n' && i > 1 && buf[i - 1] == '\r') {
if (ret_len != NULL) *ret_len = i + 1;
return strtol(buf, NULL, 16);
} else if (!((ch >= '0' && ch <= '9') || (ch >= 'a' && ch <= 'f') || (ch >= 'A' && ch <= 'F'))) {
errno = EPROTO;
return -1;
}
}
return -1;
}

View File

@@ -27,18 +27,46 @@ int url_encode(const void *in, size_t size_in, char *out, size_t size_out);
int url_decode(const char *str, char *dec, long *size);
int mime_is_compressible(const char *type);
int mime_is_compressible(const char *restrict type);
int strcpy_rem_webroot(char *dst, const char *str, long len, const char *webroot);
int mime_is_text(const char *restrict type);
int strcpy_rem_webroot(char *dst, const char *str, const char *webroot);
int str_trim(char **start, char **end);
int str_trim_lws(char **start, char **end);
int streq(const char *restrict str1, const char *restrict str2);
int strcontains(const char *restrict haystack, const char *restrict needle);
int strstarts(const char *restrict str, const char *restrict prefix);
int strends(const char *restrict str, const char *restrict suffix);
int base64_encode(void *data, unsigned long data_len, char *output, unsigned long *output_len);
int base64_decode(const char *data, unsigned long data_len, void *output, unsigned long *output_len);
long clock_micros(void);
long clock_cpu(void);
long stat_mtime(const char *filename);
int rm_rf(const char *path);
long fsize(FILE *file);
long flines(FILE *file);
long file_get_line_pos(FILE *file, long line_num);
int fseekl(FILE *file, long line_num);
long ftelll(FILE *file);
long parse_chunk_header(const char *buf, size_t len, size_t *ret_len);
#endif //SESIMOS_UTILS_H

View File

@@ -36,13 +36,9 @@ int ws_calc_accept_key(const char *key, char *accept_key) {
int ws_recv_frame_header(sock *s, ws_frame *frame) {
unsigned char buf[12];
long ret = sock_recv(s, buf, 2, 0);
if (ret < 0) {
if (sock_recv_x(s, buf, 2, 0) == -1) {
error("Unable to receive from socket");
return -1;
} else if (ret != 2) {
error("Unable to receive 2 bytes from socket");
return -2;
}
unsigned short bits = (buf[0] << 8) | buf[1];
@@ -61,13 +57,9 @@ int ws_recv_frame_header(sock *s, ws_frame *frame) {
remaining += 8;
}
ret = sock_recv(s, buf, remaining, 0);
if (ret < 0) {
if (sock_recv_x(s, buf, remaining, 0) == -1) {
error("Unable to receive from socket");
return -1;
} else if (ret != remaining) {
error("Unable to receive correct number of bytes from socket");
return -2;
}
if (len == 126) {
@@ -125,7 +117,7 @@ int ws_send_frame_header(sock *s, ws_frame *frame) {
ptr += 4;
}
long ret = sock_send(s, buf, ptr - buf, frame->len != 0 ? MSG_MORE : 0);
long ret = sock_send_x(s, buf, ptr - buf, frame->len != 0 ? MSG_MORE : 0);
if (ret < 0) {
error("Unable to send to socket");
return -1;

View File

@@ -8,6 +8,7 @@
#include "logger.h"
#include "lib/utils.h"
#include "lib/error.h"
#include <stdio.h>
#include <pthread.h>
@@ -19,14 +20,17 @@
#include <malloc.h>
#define LOG_MAX_MSG_SIZE 2048
#define LOG_BUF_SIZE 16
#define LOG_BUF_SIZE 256
#define LOG_NAME_LEN 12
#define LOG_PREFIX_LEN 256
#define LOG_PREFIX "[%-8s][%-6s]"
#define LOG_PREFIX "[%8s][%-8s][%-6s]"
#define LOG_TIME_BUF_SIZE 9
#define LOG_TIME_FMT "%H:%M:%S"
typedef struct {
log_lvl_t lvl;
long time;
char name[LOG_NAME_LEN];
char prefix[LOG_PREFIX_LEN];
char txt[LOG_MAX_MSG_SIZE];
@@ -57,22 +61,26 @@ static const char *level_keywords[] = {
"DEBUG"
};
static const char *timestr(time_t ts, char *buf) {
struct tm time_info;
strftime(buf, LOG_TIME_BUF_SIZE, LOG_TIME_FMT, localtime_r(&ts, &time_info));
return buf;
}
static void err(const char *restrict msg) {
char err_buf[64];
strerror_r(errno, err_buf, sizeof(err_buf));
fprintf(stderr, ERR_STR LOG_PREFIX " %s: %s" CLR_STR "\n", "logger", level_keywords[LOG_CRITICAL], msg, err_buf);
char err_buf[64], time_buf[LOG_TIME_BUF_SIZE];
fprintf(stderr, ERR_STR LOG_PREFIX " %s: %s" CLR_STR "\n", timestr(time(NULL), time_buf), "logger",
level_keywords[LOG_CRITICAL], msg, error_str(errno, err_buf, sizeof(err_buf)));
}
void logmsgf(log_lvl_t level, const char *restrict format, ...) {
char buf[256];
char err_buf[64];
char buf[256], err_buf[256], time_buf[LOG_TIME_BUF_SIZE];
va_list args;
va_start(args, format);
const char *color = (level <= LOG_ERROR) ? ERR_STR : ((level <= LOG_WARNING) ? WRN_STR : "");
if (errno != 0) {
strerror_r(errno, err_buf, sizeof(err_buf));
snprintf(buf, sizeof(buf), "%s%s: %s" CLR_STR, color, format, err_buf);
snprintf(buf, sizeof(buf), "%s%s: %s" CLR_STR, color, format, error_str(errno, err_buf, sizeof(err_buf)));
} else {
snprintf(buf, sizeof(buf), "%s%s" CLR_STR, color, format);
}
@@ -85,16 +93,19 @@ void logmsgf(log_lvl_t level, const char *restrict format, ...) {
if (!alive) {
// no logger thread running
// simply write to stdout without synchronization
printf("%s" LOG_PREFIX "%s%s ", color, (name != NULL) ? (char *) name : "", level_keywords[level], CLR_STR, (prefix != NULL) ? (char *) prefix : "");
printf("%s" LOG_PREFIX "%s%s ", color,
timestr(time(NULL), time_buf),
(name != NULL) ? (char *) name : "",
level_keywords[level], CLR_STR,
(prefix != NULL) ? (char *) prefix : "");
vprintf(buf, args);
printf("\n");
} else {
// wait for free slot in buffer
try_again_free:
if (sem_wait(&sem_buf_free) != 0) {
while (sem_wait(&sem_buf_free) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_free;
continue;
} else {
err("Unable to lock semaphore");
errno = 0;
@@ -105,11 +116,10 @@ void logmsgf(log_lvl_t level, const char *restrict format, ...) {
}
// try to lock buffer
try_again_buf:
if (sem_wait(&sem_buf) != 0) {
while (sem_wait(&sem_buf) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_buf;
continue;
} else {
err("Unable to lock semaphore");
errno = 0;
@@ -126,6 +136,7 @@ void logmsgf(log_lvl_t level, const char *restrict format, ...) {
vsnprintf(msg->txt, sizeof(msg->txt), buf, args);
msg->lvl = level;
msg->time = time(NULL);
if (name != NULL) {
snprintf(msg->name, sizeof(msg->name), "%s", (char *) name);
@@ -165,14 +176,15 @@ static int logger_remaining(void) {
void logger_set_name(const char *restrict format, ...) {
va_list args;
void *ptr;
if (key_name == -1) {
// not initialized
va_start(args, format);
vsnprintf(global_name, sizeof(global_name), format, args);
ptr = global_name;
} else {
int ret;
void *ptr = pthread_getspecific(key_name);
if (!ptr) {
if ((ptr = pthread_getspecific(key_name)) == NULL) {
ptr = malloc(LOG_NAME_LEN);
if ((ret = pthread_setspecific(key_name, ptr)) != 0) {
errno = ret;
@@ -185,6 +197,10 @@ void logger_set_name(const char *restrict format, ...) {
vsnprintf(ptr, LOG_NAME_LEN, format, args);
}
// set thread name
// warning: max length is 16 (incl. terminating null byte)
pthread_setname_np(pthread_self(), ptr);
// cleanup
va_end(args);
}
@@ -216,6 +232,8 @@ void logger_set_prefix(const char *restrict format, ...) {
}
static void *logger_thread(void *arg) {
char time_buf[LOG_TIME_BUF_SIZE];
logger_set_name("logger");
alive = 1;
@@ -237,6 +255,7 @@ static void *logger_thread(void *arg) {
printf("%s" LOG_PREFIX "%s%s %s\n",
(msg->lvl <= LOG_ERROR) ? ERR_STR : ((msg->lvl <= LOG_WARNING) ? WRN_STR : ""),
(timestr(msg->time, time_buf)),
(msg->name[0] != 0) ? (char *) msg->name : "", level_keywords[msg->lvl], CLR_STR,
(msg->prefix[0] != 0) ? (char *) msg->prefix : "", msg->txt);
@@ -278,4 +297,9 @@ int logger_init(void) {
void logger_stop(void) {
alive = 0;
pthread_kill(thread, SIGUSR1);
}
int logger_join(void) {
return pthread_join(thread, NULL);
}

View File

@@ -37,4 +37,6 @@ int logger_init(void);
void logger_stop(void);
int logger_join(void);
#endif //SESIMOS_LOGGER_H

View File

@@ -18,6 +18,7 @@
#include "workers.h"
#include "worker/func.h"
#include "lib/list.h"
#include "lib/utils.h"
#include <stdio.h>
#include <getopt.h>
@@ -31,21 +32,45 @@
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/conf.h>
#include <semaphore.h>
const char *config_file;
static int sockets[NUM_SOCKETS];
static SSL_CTX *contexts[CONFIG_MAX_CERT_CONFIG];
static client_ctx_t **clients;
static sem_t sem_clients_lock;
static const char *color_table[] = {"\x1B[31m", "\x1B[32m", "\x1B[33m", "\x1B[34m", "\x1B[35m", "\x1B[36m"};
static void terminate_gracefully(int sig);
static int clean() {
remove("/var/sesimos/server/cache");
rmdir("/var/sesimos/server/");
return 0;
static void clean(void) {
notice("Cleaning sesimos cache and metadata files...");
// remove legacy files
// /.../server/, /.../server/cache
if (rm_rf("/var/sesimos/server") != 0) {
error("Unable to remove /var/sesimos/server/");
} else if (!errno) {
notice("Successfully removed /var/sesimos/server/");
}
errno = 0;
// remove cache and metadata files
char buf[512];
for (int i = 0; i < CONFIG_MAX_HOST_CONFIG; i++) {
host_config_t *hc = &config.hosts[i];
if (hc->type == CONFIG_TYPE_UNSET) break;
if (hc->type != CONFIG_TYPE_LOCAL) continue;
snprintf(buf, sizeof(buf), "%s/.sesimos", hc->local.webroot);
if (rm_rf(buf) != 0) {
error("Unable to remove %s/", buf);
} else if (!errno) {
notice("Successfully removed %s/", buf);
}
errno = 0;
}
notice("Cleaned all sesimos cache and metadata files!");
}
static int ssl_servername_cb(SSL *ssl, int *ad, void *arg) {
@@ -58,15 +83,39 @@ static int ssl_servername_cb(SSL *ssl, int *ad, void *arg) {
}
void server_free_client(client_ctx_t *ctx) {
for (int i = 0; i < list_size(clients); i++) {
if (clients[i] == ctx) {
clients = list_remove(clients, i);
break;
// try to lock clients list
while (sem_wait(&sem_clients_lock) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
critical("Unable to lock clients list");
return;
}
}
// delete from list
clients = list_delete(clients, &ctx);
if (clients == NULL) {
critical("Unable to delete context from list");
return;
}
// unlock clients list
sem_post(&sem_clients_lock);
// free data
free(ctx);
}
static void ssl_free() {
for (int i = 0; i < CONFIG_MAX_CERT_CONFIG; i++) {
const cert_config_t *conf = &config.certs[i];
if (conf->name[0] == 0) break;
SSL_CTX_free(contexts[i]);
}
}
static void accept_cb(void *arg) {
int i = (int) (((int *) arg) - sockets);
int fd = sockets[i];
@@ -74,18 +123,9 @@ static void accept_cb(void *arg) {
client_ctx_t *client_ctx = malloc(sizeof(client_ctx_t));
if (client_ctx == NULL) {
critical("Unable to allocate memory for client context");
errno = 0;
terminate_gracefully(0);
return;
}
clients = list_append(clients, &client_ctx);
if (clients == NULL) {
critical("Unable to add client context to list");
errno = 0;
return;
}
client_ctx->in_use = 1;
sock *client = &client_ctx->socket;
client->ctx = contexts[0];
@@ -93,11 +133,39 @@ static void accept_cb(void *arg) {
int client_fd = accept(fd, &client->_addr.sock, &addr_len);
if (client_fd < 0) {
critical("Unable to accept connection");
free(client_ctx);
terminate_gracefully(0);
return;
}
client->socket = client_fd;
client->enc = (i == 1);
sock_init(client, client_fd, (i == 1) ? SOCK_ENCRYPTED : 0);
client_ctx->cnx_s = client->ts_start;
client_ctx->cnx_e = -1, client_ctx->req_s = -1, client_ctx->req_e = -1, client_ctx->res_ts = -1;
// try to lock clients list
while (sem_wait(&sem_clients_lock) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
critical("Unable to lock clients list");
terminate_gracefully(0);
return;
}
}
// append to list
clients = list_append(clients, &client_ctx);
if (clients == NULL) {
critical("Unable to add client context to list");
sem_post(&sem_clients_lock);
free(client_ctx);
terminate_gracefully(0);
return;
}
// unlock clients list
sem_post(&sem_clients_lock);
tcp_accept(client_ctx);
}
@@ -119,7 +187,7 @@ static void terminate_forcefully(int sig) {
}
static void terminate_gracefully(int sig) {
fprintf(stderr, "\n");
if (sig != 0) fprintf(stderr, "\n");
notice("Terminating gracefully...");
struct sigaction act = {0};
@@ -127,20 +195,27 @@ static void terminate_gracefully(int sig) {
sigaction(SIGINT, &act, NULL);
sigaction(SIGTERM, &act, NULL);
debug("Closing listening sockets...");
for (int i = 0; i < NUM_SOCKETS; i++) {
close(sockets[i]);
}
debug("Stopping workers...");
cache_stop();
workers_stop();
debug("Destroying workers...");
workers_destroy();
for (int i = 0; i < list_size(clients); i++) {
tcp_close(clients[i]);
}
logger_set_prefix("");
debug("Closing proxy connections...");
proxy_close_all();
debug("Closing client connections...");
while (list_size(clients) > 0)
tcp_close(clients[0]);
logger_set_prefix("");
debug("Stopping async loop...");
async_stop();
}
@@ -149,21 +224,15 @@ static void nothing(int sig) {}
int main(int argc, char *const argv[]) {
const int YES = 1;
int ret;
int mode = 0;
memset(sockets, 0, sizeof(sockets));
clients = list_create(sizeof(void *), 64);
if (clients == NULL) {
critical("Unable to initialize client list");
return 1;
}
const struct sockaddr_in6 addresses[2] = {
{.sin6_family = AF_INET6, .sin6_addr = IN6ADDR_ANY_INIT, .sin6_port = htons(80)},
{.sin6_family = AF_INET6, .sin6_addr = IN6ADDR_ANY_INIT, .sin6_port = htons(443)}
};
logger_init();
logger_set_name("server");
if (setvbuf(stdout, NULL, _IOLBF, 0) != 0 || setvbuf(stderr, NULL, _IOLBF, 0) != 0) {
@@ -174,13 +243,13 @@ int main(int argc, char *const argv[]) {
static const struct option long_opts[] = {
{"help", no_argument, 0, 'h'},
{"clean", no_argument, 0, 'C'},
{"config", required_argument, 0, 'c'},
{ 0, 0, 0, 0 }
};
config_file = NULL;
int c, opt_idx;
while ((c = getopt_long(argc, argv, "hc:", long_opts, &opt_idx)) != -1) {
for (int c, opt_idx; (c = getopt_long(argc, argv, "hCc:", long_opts, &opt_idx)) != -1;) {
switch (c) {
case 'h':
fprintf(stderr,
@@ -188,11 +257,15 @@ int main(int argc, char *const argv[]) {
"\n"
"Options:\n"
" -c, --config <CONFIG-FILE> path to the config file. If not provided, default will be used\n"
" -C, --clean clear cached files and other metadata\n"
" -h, --help print this dialogue\n");
return 0;
case 'c':
config_file = optarg;
break;
case 'C':
mode = 1;
break;
case '?':
default:
critical("Unable to parse arguments");
@@ -208,6 +281,11 @@ int main(int argc, char *const argv[]) {
if (config_load(config_file == NULL ? DEFAULT_CONFIG_FILE : config_file) != 0)
return 1;
if (mode == 1) {
clean();
return 0;
}
if ((sockets[0] = socket(AF_INET6, SOCK_STREAM, 0)) == -1 ||
(sockets[1] = socket(AF_INET6, SOCK_STREAM, 0)) == -1)
{
@@ -244,12 +322,6 @@ int main(int argc, char *const argv[]) {
return 1;
}
if ((ret = cache_init()) != 0) {
geoip_free();
if (ret == -1) critical("Unable to initialize cache");
return 1;
}
for (int i = 0; i < CONFIG_MAX_CERT_CONFIG; i++) {
const cert_config_t *conf = &config.certs[i];
if (conf->name[0] == 0) break;
@@ -259,7 +331,7 @@ int main(int argc, char *const argv[]) {
SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY);
SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4");
SSL_CTX_set_ecdh_auto(ctx, 1);
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
@@ -276,40 +348,97 @@ int main(int argc, char *const argv[]) {
}
}
if (async_init() != 0) {
critical("Unable to initialize async thread");
geoip_free();
clients = list_create(sizeof(client_ctx_t *), 64);
if (clients == NULL) {
critical("Unable to initialize client list");
ssl_free();
return 1;
}
proxy_preload();
if (sem_init(&sem_clients_lock, 0, 1) != 0) {
critical("Unable to create clients lock semaphore");
ssl_free();
list_free(clients);
return 1;
}
if (async_init() != 0) {
critical("Unable to initialize async thread");
ssl_free();
geoip_free();
list_free(clients);
sem_destroy(&sem_clients_lock);
return 1;
}
if (proxy_preload() != 0) {
critical("Unable to initialize proxy");
ssl_free();
geoip_free();
list_free(clients);
sem_destroy(&sem_clients_lock);
async_free();
return 1;
}
for (int i = 0; i < NUM_SOCKETS; i++) {
if (listen(sockets[i], LISTEN_BACKLOG) < 0) {
critical("Unable to listen on socket %i", i);
ssl_free();
geoip_free();
list_free(clients);
sem_destroy(&sem_clients_lock);
async_free();
proxy_unload();
return 1;
}
}
logger_init();
if ((ret = cache_init()) != 0) {
if (ret == -1) critical("Unable to initialize cache");
ssl_free();
geoip_free();
list_free(clients);
sem_destroy(&sem_clients_lock);
async_free();
proxy_unload();
logger_stop();
logger_join();
return 1;
}
logger_set_name("main");
workers_init();
for (int i = 0; i < NUM_SOCKETS; i++) {
async_fd(sockets[i], ASYNC_WAIT_READ, ASYNC_KEEP, &sockets[i], accept_cb, accept_err_cb);
async_fd(sockets[i], ASYNC_WAIT_READ, ASYNC_KEEP, &sockets[i], accept_cb, accept_err_cb, accept_err_cb);
}
notice("Ready to accept connections");
int error = 0;
async_thread();
if (errno != 0) {
errno = 0;
error = 2;
terminate_gracefully(0);
}
notice("Goodbye!");
// cleanup
ssl_free();
list_free(clients);
sem_destroy(&sem_clients_lock);
geoip_free();
proxy_unload();
cache_join();
async_free();
return 0;
logger_stop();
logger_join();
return error;
}

View File

@@ -14,8 +14,11 @@
#define NUM_SOCKETS 2
#define LISTEN_BACKLOG 16
#define REQ_PER_CONNECTION 200
#define SOCKET_TIMEOUT 1
#define CLIENT_TIMEOUT 3600
#define SERVER_TIMEOUT_INIT 4
#define SERVER_SOCKET_TIMEOUT_INIT 5
#define SERVER_SOCKET_TIMEOUT_RES 60
#define SERVER_TIMEOUT 3600
#define CNX_HANDLER_WORKERS 8

View File

@@ -0,0 +1,51 @@
/**
* sesimos - secure, simple, modern web server
* @brief FastCGI frame handler
* @file src/worker/fcgi_frame_handler.c
* @author Lorenz Stechauner
* @date 2023-01-22
*/
#include "func.h"
#include "../logger.h"
#include "../workers.h"
#include <errno.h>
void chunk_handler_func(chunk_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
char buf[CHUNK_SIZE];
const long sent = sock_splice_chunked(&ctx->client->socket, ctx->socket, buf, sizeof(buf), ctx->flags | SOCK_SINGLE_CHUNK);
if (sent < 0) {
// error
error("Unable to splice chunk");
errno = 0;
ctx->err_cb(ctx);
} else if (sent == 0) {
// last chunk
ctx->client->chunks_transferred = 1;
ctx->next_cb(ctx);
} else {
// next chunk
ctx->client->transferred_length += sent;
handle_chunk(ctx);
return;
}
free(ctx);
}
int handle_chunks(client_ctx_t *ctx, sock *socket, int flags, void (*next_cb)(chunk_ctx_t *), void (*err_cb)(chunk_ctx_t *)) {
chunk_ctx_t *a = malloc(sizeof(chunk_ctx_t));
a->client = ctx;
a->socket = socket;
a->flags = flags;
a->next_cb = (void (*)(void *)) next_cb;
a->err_cb = (void (*)(void *)) err_cb;
handle_chunk(a);
return 0;
}

View File

@@ -0,0 +1,76 @@
/**
* sesimos - secure, simple, modern web server
* @brief FastCGI frame handler
* @file src/worker/fastcgi_frame_handler.c
* @author Lorenz Stechauner
* @date 2023-01-22
*/
#include "func.h"
#include "../lib/fastcgi.h"
#include "../logger.h"
#include "../workers.h"
#include <errno.h>
#include <memory.h>
#include <unistd.h>
void fastcgi_frame_handler_func(fastcgi_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
switch (fastcgi_recv_frame(&ctx->cnx)) {
case FCGI_STDOUT:
case FCGI_STDERR:
fastcgi_handle_frame(ctx);
break;
case -1:
error("Unable to receive FastCGI frame");
ctx->client->s_keep_alive = 0;
fastcgi_close(ctx);
break;
default:
// end of request received
write(ctx->cnx.fd_out, "\0\0\0\0\0\0\0\0\r\n", 10);
fastcgi_close(ctx);
}
}
int fastcgi_handle_connection(client_ctx_t *ctx, fastcgi_cnx_t **cnx) {
sock_set_timeout(&(*cnx)->socket, FASTCGI_TIMEOUT);
sock_set_socket_timeout(&(*cnx)->socket, FASTCGI_SOCKET_TIMEOUT);
fastcgi_ctx_t *a = malloc(sizeof(fastcgi_ctx_t));
a->closed = 0;
a->client = ctx;
memcpy(&a->cnx, *cnx, sizeof(fastcgi_cnx_t));
ctx->fcgi_ctx = a;
fastcgi_handle_frame(a);
*cnx = &a->cnx;
return 0;
}
void fastcgi_close(fastcgi_ctx_t *ctx) {
ctx->closed++;
if (ctx->closed != 2)
return;
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
fastcgi_php_error(&ctx->cnx, NULL);
if (ctx->cnx.app_status != 0)
error("FastCGI app terminated with exit code %i", ctx->cnx.app_status);
debug("Closing FastCGI connection");
fastcgi_close_cnx(&ctx->cnx);
ctx->client->fcgi_ctx = NULL;
free(ctx);
errno = 0;
}
void fastcgi_close_error(fastcgi_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
fastcgi_close_cnx(&ctx->cnx);
}

View File

@@ -9,72 +9,97 @@
#include "func.h"
#include "../logger.h"
#include "../lib/utils.h"
#include "../lib/compress.h"
#include "../workers.h"
#include "../lib/fastcgi.h"
#include <string.h>
#include <errno.h>
#include <unistd.h>
static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx);
static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t **fcgi_cnx);
static int fastcgi_handler_2(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx);
void fastcgi_handler_func(client_ctx_t *ctx) {
logger_set_prefix("[%s%*s%s]%s", BLD_STR, INET6_ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
if (!ctx->chunks_transferred) {
fastcgi_cnx_t *fcgi_cnx = NULL;
int ret = fastcgi_handler_1(ctx, &fcgi_cnx);
respond(ctx);
if (ret == 0) {
fastcgi_handler_2(ctx, fcgi_cnx);
return;
} else if (ctx->fcgi_ctx != NULL) {
fastcgi_close(ctx->fcgi_ctx);
}
}
fastcgi_cnx_t fcgi_cnx;
int ret = fastcgi_handler_1(ctx, &fcgi_cnx);
respond(ctx);
if (ret == 0) fastcgi_handler_2(ctx, &fcgi_cnx);
request_complete(ctx);
handle_request(ctx);
}
static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t **fcgi_cnx) {
http_res *res = &ctx->res;
http_req *req = &ctx->req;
http_uri *uri = &ctx->uri;
sock *client = &ctx->socket;
char *err_msg = ctx->err_msg;
fcgi_cnx->socket = 0;
fcgi_cnx->req_id = 0;
fcgi_cnx->r_addr = ctx->socket.addr;
fcgi_cnx->r_host = (ctx->host[0] != 0) ? ctx->host : NULL;
char buf[1024];
int mode, ret;
if (strcmp(uri->filename + strlen(uri->filename) - 4, ".ncr") == 0) {
mode = FASTCGI_SESIMOS;
} else if (strcmp(uri->filename + strlen(uri->filename) - 4, ".php") == 0) {
mode = FASTCGI_PHP;
if (strends(uri->filename, ".php")) {
mode = FASTCGI_BACKEND_PHP;
} else {
res->status = http_get_status(500);
error("Invalid FastCGI extension: %s", uri->filename);
return 0;
return 3;
}
struct stat statbuf;
stat(uri->filename, &statbuf);
char *last_modified = http_format_date(statbuf.st_mtime, buf, sizeof(buf));
http_add_header_field(&res->hdr, "Last-Modified", last_modified);
fastcgi_cnx_t fcgi_cnx_buf;
sock_init(&fcgi_cnx_buf.socket, -1, 0);
fcgi_cnx_buf.req_id = 0;
fcgi_cnx_buf.r_addr = ctx->socket.addr;
fcgi_cnx_buf.r_host = (ctx->host[0] != 0) ? ctx->host : NULL;
res->status = http_get_status(200);
if (fastcgi_init(fcgi_cnx, mode, ctx->req_num, client, req, uri) != 0) {
if (fastcgi_init(&fcgi_cnx_buf, mode, ctx->req_num, client, req, uri) != 0) {
fastcgi_close_cnx(&fcgi_cnx_buf);
res->status = http_get_status(503);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
return 2;
return 3;
}
(*fcgi_cnx) = &fcgi_cnx_buf;
fastcgi_handle_connection(ctx, fcgi_cnx);
int expect_100_continue = 0;
const char *client_expect = http_get_header_field(&req->hdr, "Expect");
if (client_expect != NULL && strcasecmp(client_expect, "100-continue") == 0) {
expect_100_continue = 1;
} else if (client_expect != NULL) {
fastcgi_close_cnx((&fcgi_cnx_buf));
res->status = http_get_status(417);
return 3;
}
const char *client_content_length = http_get_header_field(&req->hdr, "Content-Length");
const char *client_transfer_encoding = http_get_header_field(&req->hdr, "Transfer-Encoding");
if (client_content_length != NULL) {
if (expect_100_continue) {
info(HTTP_1XX_STR "100 Continue" CLR_STR);
http_send_100_continue(client);
}
unsigned long client_content_len = strtoul(client_content_length, NULL, 10);
ret = fastcgi_receive(fcgi_cnx, client, client_content_len);
} else if (client_transfer_encoding != NULL && strstr(client_transfer_encoding, "chunked") != NULL) {
ret = fastcgi_receive_chunked(fcgi_cnx, client);
ret = fastcgi_receive(*fcgi_cnx, client, client_content_len);
} else if (strcontains(client_transfer_encoding, "chunked")) {
if (expect_100_continue) {
info(HTTP_1XX_STR "100 Continue" CLR_STR);
http_send_100_continue(client);
}
ret = fastcgi_receive_chunked(*fcgi_cnx, client);
} else if (expect_100_continue) {
fastcgi_close_cnx((&fcgi_cnx_buf));
res->status = http_get_status(417);
return 3;
} else {
ret = 0;
}
@@ -87,11 +112,11 @@ static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
res->status = http_get_status(502);
return 2;
}
fastcgi_close_stdin(fcgi_cnx);
fastcgi_close_stdin(*fcgi_cnx);
ret = fastcgi_header(fcgi_cnx, res, err_msg);
if (ret != 0) {
return (ret < 0) ? -1 : 1;
if ((ret = fastcgi_header(*fcgi_cnx, res, err_msg)) != 0) {
if (ret == -1) res->status = http_get_status(502);
return ret;
}
const char *status_hdr = http_get_header_field(&res->hdr, "Status");
@@ -101,7 +126,7 @@ static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
http_remove_header_field(&res->hdr, "Status", HTTP_REMOVE_ALL);
if (res->status == NULL && status_code >= 100 && status_code <= 999) {
ctx->custom_status.code = status_code;
strcpy(ctx->custom_status.type, "");
ctx->custom_status.type = 0;
strcpy(ctx->custom_status.msg, status_hdr + 4);
res->status = &ctx->custom_status;
} else if (res->status == NULL) {
@@ -118,36 +143,17 @@ static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
const char *content_encoding = http_get_header_field(&res->hdr, "Content-Encoding");
if (content_encoding == NULL &&
content_type != NULL &&
strncmp(content_type, "text/html", 9) == 0 &&
strstarts(content_type, "text/html") &&
ctx->content_length != -1 &&
ctx->content_length <= sizeof(ctx->msg_content) - 1)
{
fastcgi_dump(fcgi_cnx, ctx->msg_content, sizeof(ctx->msg_content));
fastcgi_dump(*fcgi_cnx, ctx->msg_content, sizeof(ctx->msg_content));
return 1;
}
ctx->use_fastcgi = 1;
if (ctx->content_length != -1 && ctx->content_length < 1024000) {
ctx->use_fastcgi |= FASTCGI_COMPRESS_HOLD;
}
ctx->content_length = -1;
int http_comp = http_get_compression(req, res);
if (http_comp & COMPRESS) {
if (http_comp & COMPRESS_BR) {
ctx->use_fastcgi |= FASTCGI_COMPRESS_BR;
sprintf(buf, "br");
} else if (http_comp & COMPRESS_GZ) {
ctx->use_fastcgi |= FASTCGI_COMPRESS_GZ;
sprintf(buf, "gzip");
}
http_add_header_field(&res->hdr, "Vary", "Accept-Encoding");
http_add_header_field(&res->hdr, "Content-Encoding", buf);
http_remove_header_field(&res->hdr, "Content-Length", HTTP_REMOVE_ALL);
}
if (http_get_header_field(&res->hdr, "Content-Length") == NULL) {
http_add_header_field(&res->hdr, "Transfer-Encoding", "chunked");
}
@@ -155,21 +161,35 @@ static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
return 0;
}
static int fastcgi_handler_2(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
const char *transfer_encoding = http_get_header_field(&ctx->res.hdr, "Transfer-Encoding");
int chunked = (transfer_encoding != NULL && strstr(transfer_encoding, "chunked") != NULL);
int flags = (chunked ? FASTCGI_CHUNKED : 0) | (ctx->use_fastcgi & (FASTCGI_COMPRESS | FASTCGI_COMPRESS_HOLD));
int ret = fastcgi_send(fcgi_cnx, &ctx->socket, flags);
if (ret < 0) {
ctx->c_keep_alive = 0;
errno = 0;
static void fastcgi_next_cb(chunk_ctx_t *ctx) {
if (ctx->client->fcgi_ctx) {
fastcgi_close(ctx->client->fcgi_ctx);
ctx->client->fcgi_ctx = NULL;
}
if (fcgi_cnx->socket != 0) {
close(fcgi_cnx->socket);
fcgi_cnx->socket = 0;
}
return ret;
fastcgi_handle(ctx->client);
}
static void fastcgi_error_cb(chunk_ctx_t *ctx) {
if (ctx->client->chunks_transferred)
return;
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, ctx->client->req_host, CLR_STR, ctx->client->log_prefix);
// FIXME segfault on error_cb
warning("Closing connection due to FastCGI error");
if(ctx->client->fcgi_ctx) {
fastcgi_close_error(ctx->client->fcgi_ctx);
ctx->client->fcgi_ctx = NULL;
}
tcp_close(ctx->client);
errno = 0;
}
static int fastcgi_handler_2(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
int chunked = strcontains(http_get_header_field(&ctx->res.hdr, "Transfer-Encoding"), "chunked");
handle_chunks(ctx, &fcgi_cnx->out, chunked ? SOCK_CHUNKED : 0, fastcgi_next_cb, fastcgi_error_cb);
return 1;
}

View File

@@ -9,16 +9,18 @@
#ifndef SESIMOS_FUNC_H
#define SESIMOS_FUNC_H
#include "../defs.h"
#include "../lib/sock.h"
#include "../lib/http.h"
#include "../lib/uri.h"
#include "../lib/config.h"
#include "../lib/proxy.h"
#include "../lib/fastcgi.h"
typedef struct {
sock socket;
int req_num;
unsigned char in_use: 1, s_keep_alive:1, c_keep_alive:1, use_fastcgi:4, use_proxy:2, ws_close:2;
unsigned char s_keep_alive:1, c_keep_alive:1, use_fastcgi:4, use_proxy:2, ws_close:2, chunks_transferred:1;
char cc[3], host[256];
char req_host[256], err_msg[256];
char log_prefix[128];
@@ -31,9 +33,10 @@ typedef struct {
http_status custom_status;
host_config_t *conf;
FILE *file;
long content_length;
long content_length, transferred_length;
char *msg_buf, *msg_buf_ptr, msg_content[1024];
proxy_ctx_t *proxy;
void *fcgi_ctx;
} client_ctx_t;
typedef struct {
@@ -42,6 +45,20 @@ typedef struct {
void *other;
} ws_ctx_t;
typedef struct {
unsigned char closed:4;
client_ctx_t *client;
fastcgi_cnx_t cnx;
} fastcgi_ctx_t;
typedef struct {
client_ctx_t *client;
sock *socket;
int flags;
void (*next_cb)(void *);
void (*err_cb)(void *);
} chunk_ctx_t;
void tcp_acceptor_func(client_ctx_t *ctx);
void request_handler_func(client_ctx_t *ctx);
@@ -50,20 +67,34 @@ void local_handler_func(client_ctx_t *ctx);
void fastcgi_handler_func(client_ctx_t *ctx);
void fastcgi_frame_handler_func(fastcgi_ctx_t *ctx);
void proxy_handler_func(client_ctx_t *ctx);
void proxy_peer_handler_func(proxy_ctx_t *ctx);
void ws_frame_handler_func(ws_ctx_t *ctx);
void chunk_handler_func(chunk_ctx_t *ctx);
int respond(client_ctx_t *ctx);
void request_complete(client_ctx_t *ctx);
void tcp_close(client_ctx_t *ctx);
void timeout_request(client_ctx_t *ctx);
void proxy_close(proxy_ctx_t *ctx);
void tcp_close(client_ctx_t *ctx);
int ws_handle_connection(client_ctx_t *ctx);
void ws_close(ws_ctx_t *ctx);
int handle_chunks(client_ctx_t *ctx, sock *socket, int flags, void (*next_cb)(chunk_ctx_t *), void (*err_cb)(chunk_ctx_t *));
int fastcgi_handle_connection(client_ctx_t *ctx, fastcgi_cnx_t **cnx);
void fastcgi_close(fastcgi_ctx_t *ctx);
void fastcgi_close_error(fastcgi_ctx_t *ctx);
#endif //SESIMOS_FUNC_H

View File

@@ -19,7 +19,7 @@
static int local_handler(client_ctx_t *ctx);
void local_handler_func(client_ctx_t *ctx) {
logger_set_prefix("[%s%*s%s]%s", BLD_STR, INET6_ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
switch (local_handler(ctx)) {
case 0:
@@ -36,6 +36,76 @@ void local_handler_func(client_ctx_t *ctx) {
}
}
static int range_handler(client_ctx_t *ctx) {
char buf[64];
long num0, num1, num2;
char *ptr;
int mode;
const char *range = http_get_header_field(&ctx->req.hdr, "Range");
if (strcontains(range, ","))
return -1;
ctx->file = fopen(ctx->uri.filename, "rb");
if (strstarts(range, "bytes=")) {
mode = 0;
range += 6;
num0 = fsize(ctx->file), num1 = 0, num2 = num0 - 1;
sprintf(buf, "bytes */%li", num0);
} else if (strstarts(range, "lines=") && mime_is_text(ctx->uri.meta->type)) {
mode = 1;
range += 6;
num0 = flines(ctx->file), num1 = 1, num2 = num0;
sprintf(buf, "lines */%li", num0);
} else {
return -1;
}
http_add_header_field(&ctx->res.hdr, "Content-Range", buf);
if ((ptr = strchr(range, '-')) == NULL)
return -1;
if (num0 == 0) {
ctx->content_length = 0;
return 0;
}
if (ptr[1] != 0) num2 = (long) strtoul(ptr + 1, NULL, 10);
if (ptr != range) {
num1 = (long) strtoul(range, NULL, 10);
} else {
if (mode == 0) {
num1 = num0 - num2 - 1;
num2 = num0 - 1;
} else if (mode == 1) {
num1 = num0 - num2 + 1;
num2 = num0;
}
}
if ((mode == 0 && (num1 >= num0 || num2 >= num0 || num1 > num2 || num1 < 0 || num2 < 0)) ||
(mode == 1 && (num1 > num0 || num2 > num0 || num1 > num2 || num1 <= 0 || num2 <= 0)))
{
return -1;
}
sprintf(buf, "%s %li-%li/%li", (mode == 0) ? "bytes" : "lines", num1, num2, num0);
http_remove_header_field(&ctx->res.hdr, "Content-Range", HTTP_REMOVE_ALL);
http_add_header_field(&ctx->res.hdr, "Content-Range", buf);
if (mode == 0) {
fseek(ctx->file, num1, SEEK_SET);
ctx->content_length = num2 - num1 + 1;
} else if (mode == 1) {
fseekl(ctx->file, num1);
ctx->content_length = file_get_line_pos(ctx->file, num2 + 1) - file_get_line_pos(ctx->file, num1);
}
return 0;
}
static int local_handler(client_ctx_t *ctx) {
http_res *res = &ctx->res;
http_req *req = &ctx->req;
@@ -45,14 +115,14 @@ static int local_handler(client_ctx_t *ctx) {
char buf1[1024], buf2[1024];
int accept_if_modified_since = 0;
if (strcmp(req->method, "TRACE") == 0) {
if (streq(req->method, "TRACE")) {
res->status = http_get_status(200);
http_add_header_field(&res->hdr, "Content-Type", "message/http");
ctx->msg_buf_ptr = malloc(4096);
ctx->msg_buf = ctx->msg_buf_ptr;
ctx->content_length = snprintf(ctx->msg_buf, 4096 - ctx->content_length, "%s %s HTTP/%s\r\n", req->method, req->uri, req->version);
for (int i = 0; i < list_size(&req->hdr); i++) {
for (int i = 0; i < list_size(req->hdr.fields); i++) {
const http_field *f = &req->hdr.fields[i];
ctx->content_length += snprintf(ctx->msg_buf + ctx->content_length, 4096 - ctx->content_length, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
}
@@ -60,11 +130,11 @@ static int local_handler(client_ctx_t *ctx) {
return 0;
}
if (strncmp(uri->req_path, "/.well-known/", 13) == 0) {
if (strstarts(uri->req_path, "/.well-known/")) {
http_add_header_field(&res->hdr, "Access-Control-Allow-Origin", "*");
}
if (strncmp(uri->req_path, "/.well-known/", 13) != 0 && strstr(uri->path, "/.") != NULL) {
if ((!strstarts(uri->req_path, "/.well-known/") && strcontains(uri->path, "/.")) || strends(uri->filename, ".inc") || strends(uri->filename, ".inc.php")) {
res->status = http_get_status(403);
sprintf(err_msg, "Parts of this URI are hidden.");
return 0;
@@ -85,133 +155,107 @@ static int local_handler(client_ctx_t *ctx) {
return 0;
}
if (uri->is_static) {
res->status = http_get_status(200);
http_add_header_field(&res->hdr, "Accept-Ranges", "bytes");
if (strcmp(req->method, "GET") != 0 && strcmp(req->method, "HEAD") != 0) {
res->status = http_get_status(405);
return 0;
}
if (http_get_header_field(&req->hdr, "Content-Length") != NULL || http_get_header_field(&req->hdr, "Transfer-Encoding") != NULL) {
res->status = http_get_status(400);
sprintf(err_msg, "A GET request must not contain a payload");
return 0;
}
cache_init_uri(ctx->conf->cache, uri);
const char *last_modified = http_format_date(uri->meta->stat.st_mtime, buf1, sizeof(buf1));
http_add_header_field(&res->hdr, "Last-Modified", last_modified);
sprintf(buf2, "%s; charset=%s", uri->meta->type, uri->meta->charset);
http_add_header_field(&res->hdr, "Content-Type", buf2);
const char *accept_encoding = http_get_header_field(&req->hdr, "Accept-Encoding");
int enc = 0;
if (accept_encoding != NULL) {
if (uri->meta->filename_comp_br[0] != 0 && strstr(accept_encoding, "br") != NULL) {
ctx->file = fopen(uri->meta->filename_comp_br, "rb");
if (ctx->file == NULL) {
cache_mark_dirty(ctx->conf->cache, uri->filename);
errno = 0;
} else {
http_add_header_field(&res->hdr, "Content-Encoding", "br");
enc = COMPRESS_BR;
}
} else if (uri->meta->filename_comp_gz[0] != 0 && strstr(accept_encoding, "gzip") != NULL) {
ctx->file = fopen(uri->meta->filename_comp_gz, "rb");
if (ctx->file == NULL) {
cache_mark_dirty(ctx->conf->cache, uri->filename);
errno = 0;
} else {
http_add_header_field(&res->hdr, "Content-Encoding", "gzip");
enc = COMPRESS_GZ;
}
}
if (enc != 0) {
http_add_header_field(&res->hdr, "Vary", "Accept-Encoding");
}
}
if (uri->meta->etag[0] != 0) {
if (enc) {
sprintf(buf1, "%s-%s", uri->meta->etag, (enc & COMPRESS_BR) ? "br" : (enc & COMPRESS_GZ) ? "gzip" : "");
http_add_header_field(&res->hdr, "ETag", buf1);
} else {
http_add_header_field(&res->hdr, "ETag", uri->meta->etag);
}
}
if (strncmp(uri->meta->type, "text/", 5) == 0) {
http_add_header_field(&res->hdr, "Cache-Control", "public, max-age=3600");
} else {
http_add_header_field(&res->hdr, "Cache-Control", "public, max-age=86400");
}
const char *if_modified_since = http_get_header_field(&req->hdr, "If-Modified-Since");
const char *if_none_match = http_get_header_field(&req->hdr, "If-None-Match");
if ((if_none_match != NULL && strstr(if_none_match, uri->meta->etag) == NULL) ||
(accept_if_modified_since && if_modified_since != NULL && strcmp(if_modified_since, last_modified) == 0))
{
res->status = http_get_status(304);
return 0;
}
const char *range = http_get_header_field(&req->hdr, "Range");
if (range != NULL) {
if (strlen(range) <= 6 || strncmp(range, "bytes=", 6) != 0) {
res->status = http_get_status(416);
http_remove_header_field(&res->hdr, "Content-Type", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Last-Modified", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "ETag", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Cache-Control", HTTP_REMOVE_ALL);
return 0;
}
range += 6;
char *ptr = strchr(range, '-');
if (ptr == NULL) {
res->status = http_get_status(416);
return 0;
}
ctx->file = fopen(uri->filename, "rb");
fseek(ctx->file, 0, SEEK_END);
unsigned long file_len = ftell(ctx->file);
fseek(ctx->file, 0, SEEK_SET);
if (file_len == 0) {
ctx->content_length = 0;
return 0;
}
long num1 = 0;
long num2 = (long) file_len - 1;
if (ptr != range) num1 = (long) strtoul(range, NULL, 10);
if (ptr[1] != 0) num2 = (long) strtoul(ptr + 1, NULL, 10);
if (num1 >= file_len || num2 >= file_len || num1 > num2) {
res->status = http_get_status(416);
return 0;
}
sprintf(buf1, "bytes %li-%li/%li", num1, num2, file_len);
http_add_header_field(&res->hdr, "Content-Range", buf1);
res->status = http_get_status(206);
fseek(ctx->file, num1, SEEK_SET);
ctx->content_length = num2 - num1 + 1;
return 0;
}
if (ctx->file == NULL) {
ctx->file = fopen(uri->filename, "rb");
}
fseek(ctx->file, 0, SEEK_END);
ctx->content_length = ftell(ctx->file);
fseek(ctx->file, 0, SEEK_SET);
} else {
if (!uri->is_static) {
return 1;
}
const char *client_expect = http_get_header_field(&req->hdr, "Expect");
if (client_expect != NULL && strcasecmp(client_expect, "100-continue") != 0) {
res->status = http_get_status(417);
return 0;
}
res->status = http_get_status(200);
cache_init_uri(ctx->conf->cache, uri);
http_add_header_field(&res->hdr, "Accept-Ranges", mime_is_text(uri->meta->type) ? "bytes, lines" : "bytes");
if (!streq(req->method, "GET") && !streq(req->method, "HEAD")) {
res->status = http_get_status(405);
return 0;
}
if (http_get_header_field(&req->hdr, "Content-Length") != NULL || http_get_header_field(&req->hdr, "Transfer-Encoding") != NULL) {
res->status = http_get_status(400);
sprintf(err_msg, "A GET request must not contain a payload");
return 0;
}
const char *last_modified = http_format_date(uri->meta->mtime, buf1, sizeof(buf1));
http_add_header_field(&res->hdr, "Last-Modified", last_modified);
sprintf(buf2, "%s; charset=%s", uri->meta->type, uri->meta->charset);
http_add_header_field(&res->hdr, "Content-Type", buf2);
const char *accept_encoding = http_get_header_field(&req->hdr, "Accept-Encoding");
int enc = 0;
if (accept_encoding != NULL) {
if (uri->meta->filename_comp_br[0] != 0 && strcontains(accept_encoding, "br")) {
ctx->file = fopen(uri->meta->filename_comp_br, "rb");
if (ctx->file == NULL) {
cache_mark_dirty(ctx->conf->cache, uri->filename);
errno = 0;
} else {
http_add_header_field(&res->hdr, "Content-Encoding", "br");
enc = COMPRESS_BR;
}
} else if (uri->meta->filename_comp_gz[0] != 0 && strcontains(accept_encoding, "gzip")) {
ctx->file = fopen(uri->meta->filename_comp_gz, "rb");
if (ctx->file == NULL) {
cache_mark_dirty(ctx->conf->cache, uri->filename);
errno = 0;
} else {
http_add_header_field(&res->hdr, "Content-Encoding", "gzip");
enc = COMPRESS_GZ;
}
}
}
if (uri->meta->filename_comp_br[0] != 0 || uri->meta->filename_comp_gz[0] != 0) {
http_add_header_field(&res->hdr, "Vary", "Accept-Encoding");
}
buf1[0] = 0;
if (uri->meta->etag[0] != 0) {
buf1[0] = '"';
strcpy(buf1 + 1, uri->meta->etag);
if (enc) {
strcat(buf1, "-");
strcat(buf1, (enc & COMPRESS_BR) ? "br" : (enc & COMPRESS_GZ) ? "gzip" : "");
}
strcat(buf1, "\"");
http_add_header_field(&res->hdr, "ETag", buf1);
}
http_add_header_field(&res->hdr, "Cache-Control", mime_is_text(uri->meta->type) ? "public, must-revalidate, max-age=3600" : "public, must-revalidate, max-age=86400");
const char *if_modified_since = http_get_header_field(&req->hdr, "If-Modified-Since");
const char *if_none_match = http_get_header_field(&req->hdr, "If-None-Match");
if ((if_none_match != NULL && strcontains(if_none_match, buf1)) ||
(accept_if_modified_since && streq(if_modified_since, last_modified)))
{
res->status = http_get_status(304);
ctx->content_length = 0;
return 0;
}
if (http_get_header_field(&req->hdr, "Range") != NULL) {
if (range_handler(ctx) == 0) {
res->status = http_get_status(206);
} else {
if (ctx->file) {
fclose(ctx->file);
ctx->file = NULL;
}
http_remove_header_field(&res->hdr, "Content-Type", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Last-Modified", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "ETag", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Cache-Control", HTTP_REMOVE_ALL);
res->status = http_get_status(416);
}
return 0;
}
if (ctx->file == NULL) ctx->file = fopen(uri->filename, "rb");
ctx->content_length = fsize(ctx->file);
return 0;
}

View File

@@ -1,7 +1,7 @@
/**
* sesimos - secure, simple, modern web server
* @brief Proxy handler
* @file src/worker/proxy_handler_1.c
* @file src/worker/proxy_handler.c
* @author Lorenz Stechauner
* @date 2022-12-29
*/
@@ -14,29 +14,41 @@
#include "../workers.h"
#include <string.h>
#include <errno.h>
static int proxy_handler_1(client_ctx_t *ctx);
static int proxy_handler_2(client_ctx_t *ctx);
void proxy_handler_func(client_ctx_t *ctx) {
logger_set_prefix("[%s%*s%s]%s", BLD_STR, INET6_ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
// TODO handle 1xx responses
int ret = proxy_handler_1(ctx);
respond(ctx);
if (ret == 1) {
// error status code
if (proxy_unlock_ctx(ctx->proxy) == 1)
proxy_peer_handle(ctx->proxy);
} else if (ctx->use_proxy == 0) {
// proxy not used
proxy_close(ctx->proxy);
proxy_unlock_ctx(ctx->proxy);
} else if (ctx->use_proxy == 1) {
proxy_handler_2(ctx);
// proxy is used
if (proxy_handler_2(ctx) == 1) {
// chunked
return;
}
if (proxy_unlock_ctx(ctx->proxy) == 1)
proxy_peer_handle(ctx->proxy);
} else if (ctx->use_proxy == 2) {
// WebSocket
ws_handle_connection(ctx);
return;
}
ctx->proxy = NULL;
request_complete(ctx);
handle_request(ctx);
}
@@ -47,23 +59,26 @@ static int proxy_handler_1(client_ctx_t *ctx) {
char buf[1024];
info("Reverse proxy for " BLD_STR "%s:%i" CLR_STR, ctx->conf->proxy.hostname, ctx->conf->proxy.port);
info("Reverse proxy for " BLD_STR "[%s]:%i" CLR_STR, ctx->conf->proxy.hostname, ctx->conf->proxy.port);
http_remove_header_field(&res->hdr, "Date", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Server", HTTP_REMOVE_ALL);
ctx->use_proxy = proxy_init(&ctx->proxy, &ctx->req, res, status, ctx->conf, &ctx->socket, &ctx->custom_status, ctx->err_msg) == 0;
ctx->proxy->client = ctx;
if (ctx->use_proxy == 0)
return 0;
if (res->status->code == 101) {
const char *connection = http_get_header_field(&res->hdr, "Connection");
const char *upgrade = http_get_header_field(&res->hdr, "Upgrade");
if (connection != NULL && upgrade != NULL &&
(strstr(connection, "upgrade") != NULL || strstr(connection, "Upgrade") != NULL) &&
strcmp(upgrade, "websocket") == 0)
(strcontains(connection, "upgrade") || strcontains(connection, "Upgrade")) &&
streq(upgrade, "websocket"))
{
const char *ws_accept = http_get_header_field(&res->hdr, "Sec-WebSocket-Accept");
if (ws_calc_accept_key(status->ws_key, buf) == 0) {
ctx->use_proxy = (strcmp(buf, ws_accept) == 0) ? 2 : 1;
ctx->use_proxy = streq(buf, ws_accept) ? 2 : 1;
}
} else {
status->status = 101;
@@ -77,13 +92,14 @@ static int proxy_handler_1(client_ctx_t *ctx) {
const char *content_type = http_get_header_field(&res->hdr, "Content-Type");
const char *content_length_f = http_get_header_field(&res->hdr, "Content-Length");
const char *content_encoding = http_get_header_field(&res->hdr, "Content-Encoding");
if (content_encoding == NULL && (
strcmp(ctx->req.method, "HEAD") == 0 ||
(content_length_f != NULL && strcmp(content_length_f, "0") == 0) ||
(content_type != NULL && content_length_f != NULL && strncmp(content_type, "text/html", 9) == 0)))
const char *transfer_encoding = http_get_header_field(&res->hdr, "Transfer-Encoding");
if (transfer_encoding == NULL && content_encoding == NULL && (
content_length_f == NULL ||
streq(content_length_f, "0") ||
(content_length_f != NULL && strstarts(content_type, "text/html"))))
{
long content_len = (content_length_f != NULL) ? strtol(content_length_f, NULL, 10) : 0;
if (content_len <= sizeof(ctx->msg_content) - 1) {
long content_len = (!streq(ctx->req.method, "HEAD") && content_length_f != NULL) ? strtol(content_length_f, NULL, 10) : 0;
if (content_len < sizeof(ctx->msg_content)) {
if (status->status != 101) {
status->status = res->status->code;
status->origin = res->status->code >= 400 ? SERVER : NONE;
@@ -98,66 +114,46 @@ static int proxy_handler_1(client_ctx_t *ctx) {
}
}
/*
char *content_encoding = http_get_header_field(&res->hdr, "Content-Encoding");
if (use_proxy && content_encoding == NULL) {
int http_comp = http_get_compression(&req, &res);
if (http_comp & COMPRESS_BR) {
use_proxy |= PROXY_COMPRESS_BR;
} else if (http_comp & COMPRESS_GZ) {
use_proxy |= PROXY_COMPRESS_GZ;
}
}
return streq(ctx->req.method, "HEAD") ? 1 : 0;
}
char *transfer_encoding = http_get_header_field(&res->hdr, "Transfer-Encoding");
int chunked = transfer_encoding != NULL && strcmp(transfer_encoding, "chunked") == 0;
http_remove_header_field(&res->hdr, "Transfer-Encoding", HTTP_REMOVE_ALL);
ret = sprintf(buf, "%s%s%s",
(use_proxy & PROXY_COMPRESS_BR) ? "br" :
((use_proxy & PROXY_COMPRESS_GZ) ? "gzip" : ""),
((use_proxy & PROXY_COMPRESS) && chunked) ? ", " : "",
chunked ? "chunked" : "");
if (ret > 0) {
http_add_header_field(&res->hdr, "Transfer-Encoding", buf);
}
*/
static void proxy_chunk_next_cb(chunk_ctx_t *ctx) {
if (proxy_unlock_ctx(ctx->client->proxy) == 1)
proxy_peer_handle(ctx->client->proxy);
return 0;
ctx->client->proxy = NULL;
request_complete(ctx->client);
handle_request(ctx->client);
}
static void proxy_chunk_err_cb(chunk_ctx_t *ctx) {
ctx->client->c_keep_alive = 0;
proxy_close(ctx->client->proxy);
proxy_unlock_ctx(ctx->client->proxy);
ctx->client->proxy = NULL;
request_complete(ctx->client);
handle_request(ctx->client);
}
static int proxy_handler_2(client_ctx_t *ctx) {
const char *transfer_encoding = http_get_header_field(&ctx->res.hdr, "Transfer-Encoding");
int chunked = transfer_encoding != NULL && strstr(transfer_encoding, "chunked") != NULL;
const int chunked = strcontains(transfer_encoding, "chunked");
const char *content_len = http_get_header_field(&ctx->res.hdr, "Content-Length");
unsigned long len_to_send = 0;
if (content_len != NULL) {
len_to_send = strtol(content_len, NULL, 10);
const unsigned long len_to_send = (content_len != NULL) ? strtol(content_len, NULL, 10) : 0;
if (chunked) {
handle_chunks(ctx, &ctx->proxy->proxy, SOCK_CHUNKED, proxy_chunk_next_cb, proxy_chunk_err_cb);
return 1;
}
int flags = (chunked ? PROXY_CHUNKED : 0) | (ctx->use_proxy & PROXY_COMPRESS);
int ret = proxy_send(ctx->proxy, &ctx->socket, len_to_send, flags);
ctx->proxy->in_use = 0;
ctx->proxy = NULL;
if (ret < 0) {
long ret;
if ((ret = proxy_send(ctx->proxy, &ctx->socket, len_to_send, 0)) == -1) {
ctx->c_keep_alive = 0;
} else if (ret > 0) {
ctx->transferred_length += ret;
}
return ret;
}
void proxy_close(proxy_ctx_t *ctx) {
client_ctx_t *cctx = ctx->client;
if (cctx) {
logger_set_prefix("[%s%*s%s]%s", BLD_STR, INET6_ADDRSTRLEN, cctx->req_host, CLR_STR, cctx->log_prefix);
} else {
logger_set_prefix("");
}
info(BLUE_STR "Closing proxy connection");
sock_close(&ctx->proxy);
memset(ctx, 0, sizeof(*ctx));
errno = 0;
}

View File

@@ -0,0 +1,17 @@
/**
* sesimos - secure, simple, modern web server
* @brief Proxy peer handler
* @file src/worker/proxy_peer_handler.c
* @author Lorenz Stechauner
* @date 2023-07-07
*/
#include "func.h"
#include "../logger.h"
#include "../lib/utils.h"
void proxy_peer_handler_func(proxy_ctx_t *ctx) {
if (!ctx->initialized || ctx->in_use) return;
logger_set_prefix("[%s%*s%s]", BLD_STR, ADDRSTRLEN, ctx->host, CLR_STR);
proxy_close(ctx);
}

View File

@@ -14,14 +14,16 @@
#include "../lib/utils.h"
#include "../server.h"
#include "../lib/res.h"
#include "../lib/error.h"
#include <string.h>
#include <arpa/inet.h>
#include <errno.h>
static int request_handler(client_ctx_t *ctx);
void request_handler_func(client_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", INET6_ADDRSTRLEN, ctx->socket.s_addr, ctx->log_prefix);
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->socket.s_addr, ctx->log_prefix);
switch (request_handler(ctx)) {
case 0:
@@ -41,19 +43,13 @@ void request_handler_func(client_ctx_t *ctx) {
}
}
static int request_handler(client_ctx_t *ctx) {
sock *client = &ctx->socket;
char *err_msg = ctx->err_msg;
long ret;
char buf0[1024], buf1[1024];
err_msg[0] = 0;
static void init_ctx(client_ctx_t *ctx) {
ctx->conf = NULL;
ctx->file = NULL;
ctx->proxy = NULL;
ctx->use_fastcgi = 0;
ctx->chunks_transferred = 0;
ctx->fcgi_ctx = NULL;
ctx->use_proxy = 0;
ctx->ws_close = 0;
ctx->proxy = NULL;
@@ -62,24 +58,35 @@ static int request_handler(client_ctx_t *ctx) {
ctx->msg_buf_ptr = NULL;
ctx->req_host[0] = 0;
ctx->err_msg[0] = 0;
ctx->req_s = ctx->socket.ts_last;
ctx->transferred_length = 0;
ctx->content_length = 0;
memset(&ctx->uri, 0, sizeof(ctx->uri));
memset(&ctx->req, 0, sizeof(ctx->req));
memset(&ctx->res, 0, sizeof(ctx->res));
http_res *res = &ctx->res;
res->status = http_get_status(501);
http_init_hdr(&res->hdr);
res->hdr.last_field_num = -1;
sprintf(res->version, "1.1");
ctx->res.status = http_get_status(501);
http_init_hdr(&ctx->res.hdr);
sprintf(ctx->res.version, "1.1");
http_status_ctx *status = &ctx->status;
status->status = 0;
status->origin = NONE;
status->ws_key = NULL;
ctx->status.status = 0;
ctx->status.origin = NONE;
ctx->status.ws_key = NULL;
}
static int request_handler(client_ctx_t *ctx) {
sock *client = &ctx->socket;
char *err_msg = ctx->err_msg;
http_res *res = &ctx->res;
long ret;
char buf0[1024], buf1[1024];
ctx->req_s = clock_micros();
init_ctx(ctx);
http_add_header_field(&res->hdr, "Date", http_get_date(buf0, sizeof(buf0)));
http_add_header_field(&res->hdr, "Server", SERVER_STR);
/*if (ret <= 0) {
@@ -94,25 +101,16 @@ static int request_handler(client_ctx_t *ctx) {
ret = http_receive_request(client, req);
if (ret != 0) {
ctx->c_keep_alive = 0;
if (ret < 0) {
return -1;
} else if (ret == 1) {
sprintf(err_msg, "Unable to parse http header: Invalid header format.");
} else if (ret == 2) {
sprintf(err_msg, "Unable to parse http header: Invalid method.");
} else if (ret == 3) {
sprintf(err_msg, "Unable to parse http header: Invalid version.");
} else if (ret == 4) {
sprintf(err_msg, "Unable to parse http header: Header contains illegal characters.");
} else if (ret == 5) {
sprintf(err_msg, "Unable to parse http header: End of header not found.");
}
res->status = http_get_status(400);
error("Unable to receive http header");
sprintf(err_msg, "Unable to receive http header: %s.", error_str(errno, buf0, sizeof(buf0)));
int err = error_get_http();
res->status = http_get_status(err == HTTP_ERROR_URI_TOO_LONG ? 414 : (err == HTTP_ERROR_TOO_MANY_HEADER_FIELDS ? 431 : 400));
errno = 0;
return 0;
}
const char *hdr_connection = http_get_header_field(&req->hdr, "Connection");
ctx->c_keep_alive = (hdr_connection != NULL && (strstr(hdr_connection, "keep-alive") != NULL || strstr(hdr_connection, "Keep-Alive") != NULL));
ctx->c_keep_alive = (strcontains(hdr_connection, "keep-alive") || strcontains(hdr_connection, "Keep-Alive"));
const char *host_ptr = http_get_header_field(&req->hdr, "Host");
if (host_ptr != NULL && strlen(host_ptr) > 255) {
ctx->req_host[0] = 0;
@@ -132,11 +130,11 @@ static int request_handler(client_ctx_t *ctx) {
strcpy(ctx->req_host, host_ptr);
}
logger_set_prefix("[%s%*s%s]%s", BLD_STR, INET6_ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
info(BLD_STR "%s %s", req->method, req->uri);
if (strncmp(req->uri, "/.sesimos/res/", 14) == 0) {
if (strcmp(req->method, "GET") != 0 && strcmp(req->method, "HEAD") != 0) {
if (strstarts(req->uri, "/.sesimos/res/")) {
if (!streq(req->method, "GET") && !streq(req->method, "HEAD")) {
res->status = http_get_status(405);
http_add_header_field(&res->hdr, "Allow", "GET, HEAD");
return 0;
@@ -154,8 +152,8 @@ static int request_handler(client_ctx_t *ctx) {
res->status = http_get_status(404);
for (int i = 0; i < sizeof(resources) / sizeof(res_t); i++) {
const res_t *r = &resources[i];
if (strcmp(req->uri + 14, r->name) == 0) {
res->status = http_get_status(200);
if (streq(req->uri + 14, r->name)) {
res->status = http_get_status(203);
http_add_header_field(&res->hdr, "Content-Type", r->type);
http_add_header_field(&res->hdr, "Cache-Control", "public, max-age=86400");
ctx->msg_buf = (char *) r->content;
@@ -169,10 +167,8 @@ static int request_handler(client_ctx_t *ctx) {
ctx->conf = get_host_config(ctx->req_host);
if (ctx->conf == NULL) {
info("Unknown host, redirecting to default");
res->status = http_get_status(307);
sprintf(buf0, "https://%s%s", DEFAULT_HOST, req->uri);
http_add_header_field(&res->hdr, "Location", buf0);
res->status = http_get_status(421);
strcpy(ctx->err_msg, "The requested host name is not configured on the server.");
return 0;
}
@@ -195,13 +191,13 @@ static int request_handler(client_ctx_t *ctx) {
return 0;
}
if (ctx->conf->type == CONFIG_TYPE_LOCAL && strcmp(req->method, "TRACE") == 0) {
if (ctx->conf->type == CONFIG_TYPE_LOCAL && streq(req->method, "TRACE")) {
return 1;
} else if (dir_mode != URI_DIR_MODE_NO_VALIDATION) {
ssize_t size = sizeof(buf0);
url_decode(req->uri, buf0, &size);
int change_proto = (!client->enc && strncmp(uri->uri, "/.well-known/", 13) != 0);
if (strcmp(uri->uri, buf0) != 0 || change_proto) {
int change_proto = (!client->enc && !strstarts(uri->uri, "/.well-known/"));
if (!streq(uri->uri, buf0) || change_proto) {
res->status = http_get_status(308);
size = url_encode(uri->uri, strlen(uri->uri), buf0, sizeof(buf0));
if (change_proto) {
@@ -255,7 +251,7 @@ int respond(client_ctx_t *ctx) {
if (http_get_header_field(&res->hdr, "Accept-Ranges") == NULL) {
http_add_header_field(&res->hdr, "Accept-Ranges", "none");
}
if (!ctx->use_fastcgi && ctx->file == NULL && ctx->msg_buf == NULL) {
if (!ctx->use_fastcgi && ctx->file == NULL && ctx->msg_buf == NULL && res->status->code != 304) {
http_remove_header_field(&res->hdr, "Date", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Server", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Cache-Control", HTTP_REMOVE_ALL);
@@ -267,8 +263,8 @@ int respond(client_ctx_t *ctx) {
http_add_header_field(&res->hdr, "Content-Type", "text/html; charset=UTF-8");
// TODO list Locations on 3xx Redirects
const http_doc_info *http_info = http_get_status_info(res->status);
const http_status_msg *http_msg = http_get_error_msg(res->status);
const http_doc_info *http_info = http_get_status_info(res->status->code);
const http_status_msg *http_msg = http_get_error_msg(res->status->code);
if (ctx->msg_content[0] == 0) {
if (res->status->code >= 300 && res->status->code < 400) {
@@ -277,7 +273,7 @@ int respond(client_ctx_t *ctx) {
snprintf(ctx->msg_content, sizeof(ctx->msg_content), " <ul>\n <li><a href=\"%s\">%s</a></li>\n </ul>\n", location, location);
}
}
} else if (strncmp(ctx->msg_content, "<!DOCTYPE html>", 15) == 0 || strncmp(ctx->msg_content, "<html", 5) == 0) {
} else if (strstarts(ctx->msg_content, "<!DOCTYPE html>") || strstarts(ctx->msg_content, "<html")) {
ctx->msg_content[0] = 0;
// TODO let relevant information pass?
}
@@ -308,10 +304,10 @@ int respond(client_ctx_t *ctx) {
ctx->msg_buf_ptr = malloc(4096);
ctx->msg_buf = ctx->msg_buf_ptr;
snprintf(msg_pre_buf_1, sizeof(msg_pre_buf_1), http_info->doc,
res->status->code, res->status->msg, http_msg != NULL ? http_msg->msg : "", err_msg[0] != 0 ? err_msg : "");
ctx->content_length = snprintf(ctx->msg_buf, 4096, http_default_doc, res->status->code,
res->status->msg, msg_pre_buf_1, http_info->mode, http_info->icon, http_info->color, ctx->req_host,
proxy_doc, ctx->msg_content[0] != 0 ? ctx->msg_content : "", SERVER_STR_HTML);
res->status->code, res->status->msg, http_msg != NULL ? http_msg->msg : "", err_msg);
ctx->content_length = snprintf(ctx->msg_buf, 4096, http_default_doc, res->status->code, res->status->msg,
msg_pre_buf_1, http_info->mode, http_info->icon, http_info->color,
ctx->req_host, proxy_doc, ctx->msg_content, SERVER_STR_HTML);
}
if (ctx->content_length >= 0) {
sprintf(buf0, "%li", ctx->content_length);
@@ -337,7 +333,7 @@ int respond(client_ctx_t *ctx) {
http_send_response(client, res);
ctx->res_ts = clock_micros();
const char *location = http_get_header_field(&res->hdr, "Location");
info("%s%s%03i %s%s%s (%s)%s", http_get_status_color(res->status), ctx->use_proxy ? "-> " : "", res->status->code,
info("%s%s%03i %s%s%s (%s)%s", http_get_status_color(res->status->code), ctx->use_proxy ? "-> " : "", res->status->code,
res->status->msg, location != NULL ? " -> " : "", location != NULL ? location : "",
format_duration(ctx->res_ts - ctx->req_s, buf0), CLR_STR);
@@ -346,12 +342,12 @@ int respond(client_ctx_t *ctx) {
if (ctx->use_proxy) {
// reverse proxy
return 3;
} else if (strcmp(req->method, "HEAD") != 0) {
} else if (!streq(req->method, "HEAD")) {
// default response
if (ctx->msg_buf != NULL) {
ret = sock_send(client, ctx->msg_buf, ctx->content_length, 0);
ret = sock_send_x(client, ctx->msg_buf, ctx->content_length, 0);
if (ret <= 0) {
error("Unable to send: %s", sock_strerror(client));
error("Unable to send");
}
} else if (ctx->file != NULL) {
unsigned long len, snd_len = 0;
@@ -360,9 +356,9 @@ int respond(client_ctx_t *ctx) {
if (snd_len + len > ctx->content_length) {
len = ctx->content_length - snd_len;
}
ret = sock_send(client, buffer, len, feof(ctx->file) ? 0 : MSG_MORE);
ret = sock_send_x(client, buffer, len, feof(ctx->file) ? 0 : MSG_MORE);
if (ret <= 0) {
error("Unable to send: %s", sock_strerror(client));
error("Unable to send");
break;
}
snd_len += ret;
@@ -379,13 +375,63 @@ int respond(client_ctx_t *ctx) {
}
void request_complete(client_ctx_t *ctx) {
char buf[32];
char buf[64];
ctx->req_e = clock_micros();
info("Transfer complete: %s", format_duration(ctx->req_e - ctx->req_s, buf));
if (ctx->conf) {
char path[256];
sprintf(path, "/var/log/sesimos/%s.access.log", ctx->req_host);
FILE *log = fopen(path, "a");
if (log) {
struct timespec time1, time2;
clock_gettime(CLOCK_MONOTONIC, &time1);
clock_gettime(CLOCK_REALTIME, &time2);
const long diff = (time2.tv_sec - time1.tv_sec) * 1000000 + (time2.tv_nsec - time1.tv_nsec) / 1000;
struct tm time_info;
const long ts = (ctx->req_s + diff) / 1000000;
strftime(buf, sizeof(buf), "%Y-%m-%dT%H:%M:%S%z", localtime_r(&ts, &time_info));
const char *auth = http_get_header_field(&ctx->req.hdr, "Authorization");
char user[256] = {0};
if (auth != NULL && strstarts(auth, "Basic ")) {
base64_decode(auth + 6, strlen(auth) - 6, user, NULL);
char *col = strchr(user, ':');
if (col != NULL) col[0] = 0;
}
const char *ref = http_get_header_field(&ctx->req.hdr, "Referer");
const char *ua = http_get_header_field(&ctx->req.hdr, "User-Agent");
const char *loc = http_get_header_field(&ctx->res.hdr, "Location");
const char *type = http_get_header_field(&ctx->res.hdr, "Content-Type");
const long len = ctx->content_length <= 0 ? ctx->transferred_length : ctx->content_length;
fprintf(log, "%s %s %s [%s] \"%s %s HTTP/%s\" %i %li %s%s%s %s%s%s %s%s%s %s%s%s\n",
ctx->socket.addr, "-", user[0] != 0 ? user : "-", buf,
ctx->req.method, ctx->req.uri, ctx->req.version, ctx->res.status->code, len,
loc != NULL ? "\"" : "", loc != NULL ? loc : "-", loc != NULL ? "\"" : "",
type != NULL ? "\"" : "", type != NULL ? type : "-", type != NULL ? "\"" : "",
ref != NULL ? "\"" : "", ref != NULL ? ref : "-", ref != NULL ? "\"" : "",
ua != NULL ? "\"" : "", ua != NULL ? ua : "-", ua != NULL ? "\"" : "");
fclose(log);
}
errno = 0;
}
if (ctx->file) fclose(ctx->file);
free(ctx->msg_buf_ptr);
uri_free(&ctx->uri);
http_free_req(&ctx->req);
http_free_res(&ctx->res);
}
void timeout_request(client_ctx_t *ctx) {
init_ctx(ctx);
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->socket.s_addr, ctx->log_prefix);
ctx->s_keep_alive = 0;
ctx->res.status = http_get_status(408);
respond(ctx);
request_complete(ctx);
tcp_close(ctx);
}

View File

@@ -12,11 +12,11 @@
#include "../lib/geoip.h"
#include "../workers.h"
#include "../server.h"
#include "../lib/error.h"
#include <string.h>
#include <errno.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
static int tcp_acceptor(client_ctx_t *ctx);
@@ -31,8 +31,10 @@ void tcp_acceptor_func(client_ctx_t *ctx) {
static int tcp_acceptor(client_ctx_t *ctx) {
struct sockaddr_in6 server_addr;
memset(ctx->_c_addr, 0, sizeof(ctx->_c_addr));
memset(ctx->_s_addr, 0, sizeof(ctx->_s_addr));
inet_ntop(ctx->socket._addr.ipv6.sin6_family, &ctx->socket._addr.ipv6.sin6_addr, ctx->_c_addr, sizeof(ctx->_c_addr));
if (strncmp(ctx->_c_addr, "::ffff:", 7) == 0) {
if (strstarts(ctx->_c_addr, "::ffff:")) {
ctx->socket.addr = ctx->_c_addr + 7;
} else {
ctx->socket.addr = ctx->_c_addr;
@@ -41,47 +43,22 @@ static int tcp_acceptor(client_ctx_t *ctx) {
socklen_t len = sizeof(server_addr);
getsockname(ctx->socket.socket, (struct sockaddr *) &server_addr, &len);
inet_ntop(server_addr.sin6_family, (void *) &server_addr.sin6_addr, ctx->_s_addr, sizeof(ctx->_s_addr));
if (strncmp(ctx->_s_addr, "::ffff:", 7) == 0) {
if (strstarts(ctx->_s_addr, "::ffff:")) {
ctx->socket.s_addr = ctx->_s_addr + 7;
} else {
ctx->socket.s_addr = ctx->_s_addr;
}
sprintf(ctx->log_prefix, "[%s%4i%s]%s[%*s][%5i]%s", (int) ctx->socket.enc ? HTTPS_STR : HTTP_STR,
ntohs(server_addr.sin6_port), CLR_STR, /*color_table[0]*/ "", INET6_ADDRSTRLEN, ctx->socket.addr,
ntohs(server_addr.sin6_port), CLR_STR, /*color_table[0]*/ "", ADDRSTRLEN, ctx->socket.addr,
ntohs(ctx->socket._addr.ipv6.sin6_port), CLR_STR);
logger_set_prefix("[%*s]%s", INET6_ADDRSTRLEN, ctx->socket.s_addr, ctx->log_prefix);
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->socket.s_addr, ctx->log_prefix);
int ret;
char buf[1024];
sock *client = &ctx->socket;
ctx->cnx_s = clock_micros();
if (config.dns_server[0] != 0) {
sprintf(buf, "dig @%s +short +time=1 -x %s", config.dns_server, ctx->socket.addr);
FILE *dig = popen(buf, "r");
if (dig == NULL) {
error("Unable to start dig: %s", strerror(errno));
goto dig_err;
}
unsigned long read = fread(buf, 1, sizeof(buf), dig);
ret = pclose(dig);
if (ret != 0) {
error("Dig terminated with exit code %i", ret);
goto dig_err;
}
char *ptr = memchr(buf, '\n', read);
if (ptr == buf || ptr == NULL) {
goto dig_err;
}
ptr[-1] = 0;
strncpy(ctx->host, buf, sizeof(ctx->host));
} else {
dig_err:
ctx->host[0] = 0;
}
sock_reverse_lookup(&ctx->socket, ctx->host, sizeof(ctx->host));
ctx->cc[0] = 0;
geoip_lookup_country(&client->_addr.sock, ctx->cc);
@@ -90,7 +67,7 @@ static int tcp_acceptor(client_ctx_t *ctx) {
ctx->host[0] != 0 ? ctx->host : "", ctx->host[0] != 0 ? ") " : "",
ctx->cc[0] != 0 ? ctx->cc : "N/A");
if (sock_set_timeout(client, CLIENT_TIMEOUT)) {
if (sock_set_socket_timeout(client, SOCKET_TIMEOUT) != 0 || sock_set_timeout(client, CLIENT_TIMEOUT) != 0) {
error("Unable to set timeout for socket");
return -1;
}
@@ -100,25 +77,27 @@ static int tcp_acceptor(client_ctx_t *ctx) {
SSL_set_fd(client->ssl, client->socket);
SSL_set_accept_state(client->ssl);
ret = SSL_accept(client->ssl);
client->_last_ret = ret;
client->_errno = errno;
client->_ssl_error = ERR_get_error();
if (ret <= 0) {
info("Unable to perform handshake: %s", sock_strerror(client));
return - 1;
int ret;
if ((ret = SSL_accept(client->ssl)) != 1) {
sock_error(client, ret);
info("Unable to perform handshake");
return -1;
}
client->ts_last = clock_micros();
client->ts_last_send = client->ts_last;
}
ctx->req_num = 0;
ctx->s_keep_alive = 1;
ctx->c_keep_alive = 1;
ctx->chunks_transferred = 0;
return 0;
}
void tcp_close(client_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", INET6_ADDRSTRLEN, ctx->socket.s_addr, ctx->log_prefix);
errno = 0;
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->socket.s_addr, ctx->log_prefix);
sock_close(&ctx->socket);

View File

@@ -11,12 +11,15 @@
#include "../logger.h"
#include "../lib/websocket.h"
#include "../workers.h"
#include "../lib/utils.h"
#include <errno.h>
#include <string.h>
static int ws_frame_handler(ws_ctx_t *ctx);
void ws_frame_handler_func(ws_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", INET6_ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
if (ws_frame_handler(ctx) == 0) {
if (ctx->client->ws_close == 3) {
@@ -31,15 +34,25 @@ void ws_frame_handler_func(ws_ctx_t *ctx) {
int ws_handle_connection(client_ctx_t *ctx) {
info("Upgrading to WebSocket connection");
// copy proxy connection details
proxy_ctx_t *proxy = malloc(sizeof(proxy_ctx_t));
memcpy(proxy, ctx->proxy, sizeof(proxy_ctx_t));
// free proxy connection slot
ctx->proxy->initialized = 0;
proxy_unlock_ctx(ctx->proxy);
ctx->proxy = proxy;
sock_set_timeout(&ctx->socket, WS_TIMEOUT);
sock_set_timeout(&ctx->proxy->proxy, WS_TIMEOUT);
sock_set_timeout(&proxy->proxy, WS_TIMEOUT);
ws_ctx_t *a = malloc(sizeof(ws_ctx_t));
ws_ctx_t *b = malloc(sizeof(ws_ctx_t));
a->other = b, b->other = a;
a->client = ctx, b->client = ctx;
a->socket = &ctx->socket, b->socket = &ctx->proxy->proxy;
a->socket = &ctx->socket, b->socket = &proxy->proxy;
ws_handle_frame(a);
ws_handle_frame(b);
@@ -83,10 +96,16 @@ static int ws_frame_handler(ws_ctx_t *ctx) {
void ws_close(ws_ctx_t *ctx) {
ws_ctx_t *other = ctx->other;
if (other) {
proxy_ctx_t *proxy = ctx->client->proxy;
other->other = NULL;
logger_set_prefix("[%*s]%s", INET6_ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
info("Closing WebSocket connection");
proxy_close(ctx->client->proxy);
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
proxy->cnx_e = clock_micros();
char buf[32];
info("Closing WebSocket connection (%s)", format_duration(proxy->cnx_e - proxy->cnx_s, buf));
sock_close(&proxy->proxy);
free(ctx->client->proxy);
tcp_close(ctx->client);
}
free(ctx);

View File

@@ -12,35 +12,44 @@
#include "worker/func.h"
#include "async.h"
static mpmc_t tcp_acceptor_ctx, request_handler_ctx, local_handler_ctx, fastcgi_handler_cxt, proxy_handler_ctx,
ws_frame_handler_ctx;
static mpmc_t tcp_acceptor_ctx, request_handler_ctx, local_handler_ctx, fastcgi_handler_ctx, proxy_handler_ctx,
proxy_peer_handler_ctx, ws_frame_handler_ctx, chunk_handler_ctx, fastcgi_frame_handler_ctx;
int workers_init(void) {
mpmc_init(&tcp_acceptor_ctx, 8, 64, (void (*)(void *)) tcp_acceptor_func, "tcp");
mpmc_init(&request_handler_ctx, 16, 64, (void (*)(void *)) request_handler_func, "req");
mpmc_init(&local_handler_ctx, 16, 64, (void (*)(void *)) local_handler_func, "local");
mpmc_init(&fastcgi_handler_cxt, 16, 64, (void (*)(void *)) fastcgi_handler_func, "fcgi");
mpmc_init(&proxy_handler_ctx, 16, 64, (void (*)(void *)) proxy_handler_func, "proxy");
mpmc_init(&ws_frame_handler_ctx, 16, 64, (void (*)(void *)) ws_frame_handler_func, "ws");
mpmc_init(&tcp_acceptor_ctx, 8, 64, (void (*)(void *)) tcp_acceptor_func, "tcp");
mpmc_init(&request_handler_ctx, 8, 64, (void (*)(void *)) request_handler_func, "req");
mpmc_init(&local_handler_ctx, 8, 64, (void (*)(void *)) local_handler_func, "local");
mpmc_init(&fastcgi_handler_ctx, 8, 64, (void (*)(void *)) fastcgi_handler_func, "fcgi");
mpmc_init(&proxy_handler_ctx, 8, 64, (void (*)(void *)) proxy_handler_func, "proxy");
mpmc_init(&proxy_peer_handler_ctx, 1, 8, (void (*)(void *)) proxy_peer_handler_func, "prxy_p");
mpmc_init(&ws_frame_handler_ctx, 8, 64, (void (*)(void *)) ws_frame_handler_func, "ws");
mpmc_init(&chunk_handler_ctx, 8, 64, (void (*)(void *)) chunk_handler_func, "chunk");
mpmc_init(&fastcgi_frame_handler_ctx, 8, 64, (void (*)(void *)) fastcgi_frame_handler_func, "fcgi_f");
return -1;
}
void workers_stop(void) {
mpmc_stop(&tcp_acceptor_ctx);
mpmc_stop(&local_handler_ctx);
mpmc_stop(&fastcgi_handler_cxt);
mpmc_stop(&fastcgi_handler_ctx);
mpmc_stop(&proxy_handler_ctx);
mpmc_stop(&proxy_peer_handler_ctx);
mpmc_stop(&request_handler_ctx);
mpmc_stop(&ws_frame_handler_ctx);
mpmc_stop(&chunk_handler_ctx);
mpmc_stop(&fastcgi_frame_handler_ctx);
}
void workers_destroy(void) {
mpmc_destroy(&tcp_acceptor_ctx);
mpmc_destroy(&local_handler_ctx);
mpmc_destroy(&fastcgi_handler_cxt);
mpmc_destroy(&fastcgi_handler_ctx);
mpmc_destroy(&proxy_handler_ctx);
mpmc_destroy(&proxy_peer_handler_ctx);
mpmc_destroy(&request_handler_ctx);
mpmc_destroy(&ws_frame_handler_ctx);
mpmc_destroy(&chunk_handler_ctx);
mpmc_destroy(&fastcgi_frame_handler_ctx);
}
int tcp_accept(client_ctx_t *ctx) {
@@ -53,7 +62,10 @@ static int handle_request_cb(client_ctx_t *ctx) {
int handle_request(client_ctx_t *ctx) {
if (ctx->c_keep_alive && ctx->s_keep_alive) {
return async(&ctx->socket, ASYNC_WAIT_READ, 0, ctx, (void (*)(void *)) handle_request_cb, (void (*)(void *)) tcp_close);
return async(&ctx->socket, ASYNC_WAIT_READ, 0, ctx,
(void (*)(void *)) handle_request_cb,
(void (*)(void *)) timeout_request,
(void (*)(void *)) tcp_close);
} else {
tcp_close(ctx);
return 0;
@@ -65,17 +77,53 @@ int local_handle(client_ctx_t *ctx) {
}
int fastcgi_handle(client_ctx_t *ctx) {
return mpmc_queue(&fastcgi_handler_cxt, ctx);
return mpmc_queue(&fastcgi_handler_ctx, ctx);
}
static int fastcgi_handle_frame_cb(fastcgi_ctx_t *ctx) {
return mpmc_queue(&fastcgi_frame_handler_ctx, ctx);
}
int fastcgi_handle_frame(fastcgi_ctx_t *ctx) {
return async(&ctx->cnx.socket, ASYNC_WAIT_READ, 0, ctx,
(void (*)(void *)) fastcgi_handle_frame_cb,
(void (*)(void *)) fastcgi_close,
(void (*)(void *)) fastcgi_close);
}
int proxy_handle(client_ctx_t *ctx) {
return mpmc_queue(&proxy_handler_ctx, ctx);
}
static int proxy_peer_handle_cb(proxy_ctx_t *ctx) {
return mpmc_queue(&proxy_peer_handler_ctx, ctx);
}
int proxy_peer_handle(proxy_ctx_t *ctx) {
return async(&ctx->proxy, ASYNC_WAIT_READ, ASYNC_IGNORE_PENDING, ctx,
(void (*)(void *)) proxy_peer_handle_cb,
(void (*)(void *)) proxy_peer_handle_cb,
(void (*)(void *)) proxy_peer_handle_cb);
}
static int ws_handle_frame_cb(ws_ctx_t *ctx) {
return mpmc_queue(&ws_frame_handler_ctx, ctx);
}
int ws_handle_frame(ws_ctx_t *ctx) {
return async(ctx->socket, ASYNC_WAIT_READ, 0, ctx, (void (*)(void *)) ws_handle_frame_cb, (void (*)(void *)) ws_close);
return async(ctx->socket, ASYNC_WAIT_READ, 0, ctx,
(void (*)(void *)) ws_handle_frame_cb,
(void (*)(void *)) ws_close,
(void (*)(void *)) ws_close);
}
static int handle_chunk_cb(chunk_ctx_t *ctx) {
return mpmc_queue(&chunk_handler_ctx, ctx);
}
int handle_chunk(chunk_ctx_t *ctx) {
return async(ctx->socket, ASYNC_WAIT_READ, 0, ctx,
(void (*)(void *)) handle_chunk_cb,
(void (*)(void *)) ctx->err_cb,
(void (*)(void *)) ctx->err_cb);
}

View File

@@ -25,8 +25,14 @@ int local_handle(client_ctx_t *ctx);
int fastcgi_handle(client_ctx_t *ctx);
int fastcgi_handle_frame(fastcgi_ctx_t *ctx);
int proxy_handle(client_ctx_t *ctx);
int proxy_peer_handle(proxy_ctx_t *ctx);
int ws_handle_frame(ws_ctx_t *ctx);
int handle_chunk(chunk_ctx_t *ctx);
#endif //SESIMOS_WORKERS_H