lorenz.stechauner/sesimos
1
1
Fork 0
Code Issues Pull Requests Projects Releases Activity

Compare commits

base: lorenz.stechauner:5acab8144dd84bef608c404833b18572b1230252
Branches Tags
lorenz.stechauner:master lorenz.stechauner:stable-4 lorenz.stechauner:dev
lorenz.stechauner:v4.6 lorenz.stechauner:v4.5 lorenz.stechauner:v4.4 lorenz.stechauner:v4.3 lorenz.stechauner:v4.2 lorenz.stechauner:v4.1 lorenz.stechauner:v4.0 lorenz.stechauner:v3.0
..
compare: lorenz.stechauner:master
Branches Tags
lorenz.stechauner:master lorenz.stechauner:stable-4 lorenz.stechauner:dev
lorenz.stechauner:v4.6 lorenz.stechauner:v4.5 lorenz.stechauner:v4.4 lorenz.stechauner:v4.3 lorenz.stechauner:v4.2 lorenz.stechauner:v4.1 lorenz.stechauner:v4.0 lorenz.stechauner:v3.0

113 Commits
5acab8144d ... master

Author SHA1 Message Date
Lorenz Stechauner
c36ba8d3a5 logging: remove client host name 2025-09-28 17:59:09 +02:00
Lorenz Stechauner
3bc1faac39 request_handler: Initialize content_length and transferred_length 2025-09-28 17:52:55 +02:00
Lorenz Stechauner
151c4804fe Enhance logging 2025-09-28 17:48:11 +02:00
Lorenz Stechauner
e1a92729d2 async: Fix ASYNC_ERR overwrite 2025-09-26 15:11:38 +02:00
Lorenz Stechauner
72904c3ba9 Add log files 2025-09-26 15:07:21 +02:00
Lorenz Stechauner
be84c3048b Try to solve epoll critical errors 2025-09-26 11:36:54 +02:00
Lorenz Stechauner
73a469a7de Properly use Vary header 2025-08-17 20:45:00 +02:00
Lorenz Stechauner
a0d774c9a4 Fix caching behaviour 2025-08-17 20:15:14 +02:00
Lorenz Stechauner
28c6809768 server: Fix error handling in main loop 2025-08-14 21:35:14 +02:00
Lorenz Stechauner
e93c478cc3 uri: Change file priority to .xhtml, .html, .php 2024-06-24 14:08:21 +02:00
Lorenz Stechauner
1d0a545610 async: Check if SSL layer is ready 2024-06-07 11:54:50 +02:00
Lorenz Stechauner
fb67f7e9b0 proxy_handler: Honor Transfer-Encoding 2024-05-11 14:24:44 +02:00
Lorenz Stechauner
0dd9a9a843 Add XHTML support 2024-04-22 15:14:31 +02:00
Lorenz Stechauner
6eaf5f5776 local_handler: Only send 417 when value invalid 2024-02-07 15:37:53 +01:00
Lorenz Stechauner
75d36bb5bb Use correct color string 2024-02-07 15:34:21 +01:00
Lorenz Stechauner
c6da5413d4 Add logging for 100 Continue 2024-02-07 15:32:44 +01:00
Lorenz Stechauner
80d7626208 Implement Expect: 100-continue 2024-02-07 15:23:14 +01:00
Lorenz Stechauner
e97809253a local_handler: Return early when not static 2024-02-07 11:55:17 +01:00
Lorenz Stechauner
b26e80f18a sock: Add handling for want read/write 2024-02-06 23:33:24 +01:00
Lorenz Stechauner
90b20d40d8 Add SSL_MODE_ENABLE_PARTIAL_WRITE to ssl context 2024-02-06 23:08:10 +01:00
Lorenz Stechauner
34b860073c utils: Add application/sql as text 2024-01-05 18:24:04 +01:00
Lorenz Stechauner
5d6bd07cfd websocket: Fix WebSocket upgrade 2024-01-04 01:25:44 +01:00
Lorenz Stechauner
2a2c1ea442 socket: Honor EAGAIN for socket operations 2023-11-19 21:27:42 +01:00
Lorenz Stechauner
fee4cc808a fastcgi: Add FIXME 2023-09-28 22:49:33 +02:00
Lorenz Stechauner
0232331f99 Fix reverse proxy timeout issues 2023-09-08 02:51:57 +02:00
Lorenz Stechauner
62b631c862 Fix FastCGI Non-Chunked bug 2023-09-08 02:18:52 +02:00
Lorenz Stechauner
0f526d7b95 Fix FastCGI error handling 2023-07-13 23:18:10 +02:00
Lorenz Stechauner
642286a838 Async: lock queue and make volatile 2023-07-11 18:15:15 +02:00
Lorenz Stechauner
91a8959c8d Add FIXME for pipe overflow 2023-07-11 02:12:26 +02:00
Lorenz Stechauner
197756bf15 Fix typo 2023-07-11 02:12:12 +02:00
Lorenz Stechauner
f4697ce0f3 Fix typo 2023-07-11 01:57:48 +02:00
Lorenz Stechauner
72c2e24050 Small improvements in async 2023-07-11 01:51:47 +02:00
Lorenz Stechauner
745509cab1 Add debug message when joining mpmc workers 2023-07-11 01:50:36 +02:00
Lorenz Stechauner
35d3612d9b Cleanup on request timeout 2023-07-11 01:50:00 +02:00
Lorenz Stechauner
37671546ef Handle EBADF in async 2023-07-08 13:38:19 +02:00
Lorenz Stechauner
beec199192 Add debug messages to terminate_gracefully() 2023-07-08 01:10:07 +02:00
Lorenz Stechauner
afa0196277 Async: ignore ENOENT errors on remove 2023-07-08 01:05:18 +02:00
Lorenz Stechauner
29a0775bf5 Update proxy 504/502 error codes responses (3) 2023-07-07 22:30:03 +02:00
Lorenz Stechauner
46d661d5f3 Update proxy 504/502 error codes responses (2) 2023-07-07 22:24:40 +02:00
Lorenz Stechauner
9ec1c1c3a2 Update proxy 504/502 error codes responses 2023-07-07 22:23:15 +02:00
Lorenz Stechauner
d6b315c91c Update proxy closing behaviour 2023-07-07 22:13:47 +02:00
Lorenz Stechauner
fd2abf9804 Handle EEXIST in async 2023-07-07 22:04:33 +02:00
Lorenz Stechauner
ddb6623651 Handle connection closures from proxy peers in async 2023-07-07 21:56:38 +02:00
Lorenz Stechauner
ef3e8475fb Honor Connection: closed received from reverse proxy peers 2023-07-07 21:30:56 +02:00
Lorenz Stechauner
0cd63ff5e9 Fix typos 2023-07-07 21:28:07 +02:00
Lorenz Stechauner
de3fcf8fc3 Honor proxy server timeout with one second buffer 2023-07-06 17:15:53 +02:00
Lorenz Stechauner
0f40dcb5db Fix proxy_close to keep value of in_use 2023-07-06 14:57:06 +02:00
Lorenz Stechauner
b7c8db01ac Fix proxy locking by adding volatile keyword to in_use 2023-07-06 12:03:08 +02:00
Lorenz Stechauner
b6c9d7330d Free proxy connection slot when upgrading to WebSocket connection 2023-07-06 01:34:23 +02:00
Lorenz Stechauner
c59977dada Fix proxy unlocking 2023-07-06 00:29:12 +02:00
Lorenz Stechauner
77f0eeda6d Fix spacing 2023-07-06 00:20:27 +02:00
Lorenz Stechauner
371bff0d07 Fix async and FastCGI timeout issues 2023-07-05 23:19:40 +02:00
Lorenz Stechauner
2e3146f69a Fix FastCGI fds default value 2023-07-05 13:11:49 +02:00
Lorenz Stechauner
733b73760c Fix payload usage in first FastCGI frame 2023-07-05 12:52:53 +02:00
Lorenz Stechauner
a9fbd21f80 Add todo and fix comments 2023-07-05 00:42:06 +02:00
Lorenz Stechauner
52ebad201f Fix sock_had_pending for pipe 2023-07-04 22:00:09 +02:00
Lorenz Stechauner
7fe4abd379 Improve proxy error handling 2023-07-04 21:40:40 +02:00
Lorenz Stechauner
56427e3003 Close ssl also when enc is not set in socket 2023-07-04 21:16:27 +02:00
Lorenz Stechauner
914aa2d341 Fix socket.h sock_init() definition 2023-07-03 00:03:27 +02:00
Lorenz Stechauner
db4bca6f13 Enlarge log message buffer from 16 to 256 2023-07-02 22:54:54 +02:00
Lorenz Stechauner
f1ba02756a Output selected proxy slot 2023-07-02 22:52:12 +02:00
Lorenz Stechauner
0b68c67982 Fix proxy try-loop 2023-07-02 17:45:53 +02:00
Lorenz Stechauner
cb04af739c Fix nextcloud issues 2023-07-02 13:50:07 +02:00
Lorenz Stechauner
cd25120362 Update reverse proxy message 2023-07-02 12:42:12 +02:00
Lorenz Stechauner
13d6e30d01 Fix proxy loop 2023-07-02 12:21:26 +02:00
Lorenz Stechauner
04f13c49af Unset socket now is -1 instead of 0 2023-07-02 12:21:00 +02:00
Lorenz Stechauner
9aee302f6c Rename timeout to http_timeout 2023-07-02 00:14:39 +02:00
Lorenz Stechauner
44e3b1332f Add first steps to honor timeout from server as proxy 2023-07-01 21:50:33 +02:00
Lorenz Stechauner
808ebdb0a0 Add http_add_to_header_fiel() 2023-07-01 21:19:27 +02:00
Lorenz Stechauner
31cd2e7e73 Fix FastCGI segfault error 2023-07-01 20:21:21 +02:00
Lorenz Stechauner
bd8e71e83d Rename fcgi_cnx to fcgi_ctx in client struct 2023-07-01 20:13:51 +02:00
Lorenz Stechauner
9aaa28f1ca Update php-fpm version 2023-07-01 19:26:20 +02:00
Lorenz Stechauner
73e0cffa78 Hide .inc and .inc.php files 2023-01-30 23:00:56 +01:00
Lorenz Stechauner
6f0371c46f Use getaddrinfo/getnameinfo instead of deprecated methods 2023-01-29 20:31:27 +01:00
Lorenz Stechauner
ad6ffe5425 Use file descriptor in sock_set_socket_timeout_micros() 2023-01-29 11:57:37 +01:00
Lorenz Stechauner
ab7e5cc722 Remove dns_server directive 2023-01-29 11:55:32 +01:00
Lorenz Stechauner
40310faa4b Update error to support getaddrinfo 2023-01-29 11:38:48 +01:00
Lorenz Stechauner
7a3adc6ed3 Remove gotos from proxy.c 2023-01-26 18:06:53 +01:00
Lorenz Stechauner
bd73061462 Removing gotos in config.c 2023-01-26 17:31:20 +01:00
Lorenz Stechauner
9ee0e11c86 Remove some gotos 2023-01-26 17:15:30 +01:00
Lorenz Stechauner
240ed6bc25 Dumping stderr on FastCGI close 2023-01-26 15:01:48 +01:00
Lorenz Stechauner
03dd126ca7 Add php error handling 2023-01-26 14:51:47 +01:00
Lorenz Stechauner
17327006db Add async support for FastCGI 2023-01-26 13:34:04 +01:00
Lorenz Stechauner
9237c791bb Set chunks_transferred to 0 2023-01-26 12:49:18 +01:00
Lorenz Stechauner
f7a6214dbc Allow proxies to delay chunks 2023-01-26 12:46:30 +01:00
Lorenz Stechauner
8053439212 Add chunk send/receiving functions 2023-01-26 11:41:10 +01:00
Lorenz Stechauner
299e726341 Add pip abstraction for sock 2023-01-26 11:02:44 +01:00
Lorenz Stechauner
e721e542f3 Add chunk_handler 2023-01-24 00:07:22 +01:00
Lorenz Stechauner
df7dfb5107 Refactor uri.c 
buf3 removed, unnecessary and not initialized
 2023-01-23 23:43:14 +01:00
Lorenz Stechauner
5f3ba2b971 Add sock_init() 2023-01-23 23:35:53 +01:00
Lorenz Stechauner
1e0a7c95da Unset prefix at other position in async 2023-01-23 23:33:01 +01:00
Lorenz Stechauner
0394c3afb4 Add new line in ws_frame_handler.c 2023-01-23 13:02:53 +01:00
Lorenz Stechauner
32ea03079b Add sock_splice_all() 2023-01-23 12:55:41 +01:00
Lorenz Stechauner
8b63d2cf32 Refactor proxy and socket a bit 2023-01-23 11:09:28 +01:00
Lorenz Stechauner
d461ba6f29 Fix typo in workers.c 2023-01-23 10:09:34 +01:00
Lorenz Stechauner
5b98fd0dab Catching error of async_thread() in main 2023-01-23 10:07:58 +01:00
Lorenz Stechauner
0b1b0bcb56 Update async_check to check return value of poll() 2023-01-23 01:53:36 +01:00
Lorenz Stechauner
44fc7f2e5c Add flags to sock_splice_chunked 2023-01-23 01:50:50 +01:00
Lorenz Stechauner
c8b605aa90 Save proxy connection time 2023-01-13 02:59:48 +01:00
Lorenz Stechauner
59b9bfd53e Finally remove compression from proxy 2023-01-13 02:49:25 +01:00
Lorenz Stechauner
e8655102b9 Use sock in fastcgi 2023-01-13 02:36:41 +01:00
Lorenz Stechauner
add135b3ad Use htons and ntohs in fastcgi 2023-01-12 20:40:40 +01:00
Lorenz Stechauner
2d250621c8 Add time to log prefix 2023-01-12 20:29:34 +01:00
Lorenz Stechauner
f96dc46ea7 Add sock_send_x and remove fastcgi compression 2023-01-12 19:51:26 +01:00
Lorenz Stechauner
5138dafb8e Refactor compress a bit 2023-01-12 16:30:10 +01:00
Lorenz Stechauner
4be5b0d195 lock magic in cache_handler 2023-01-12 16:29:05 +01:00
Lorenz Stechauner
a84aa591d4 Really avoid double free in async 2023-01-12 15:25:40 +01:00
Lorenz Stechauner
d7db1f0be9 Make error_str GNU_SOURCE compliant 2023-01-12 15:24:30 +01:00
Lorenz Stechauner
116f7035ed Initialize cache after logger_init() 2023-01-12 15:10:16 +01:00
Lorenz Stechauner
8abc0b8bfa Avoid double free in async 2023-01-12 15:09:05 +01:00
Lorenz Stechauner
410d692372 Truly initialize thread name 2023-01-12 15:07:46 +01:00
Lorenz Stechauner
f42ac83323 Add list_contains() to list 2023-01-12 15:07:03 +01:00
Lorenz Stechauner
7d576b2466 Better lossy error code description 2023-01-12 13:13:24 +01:00
43 changed files with 2074 additions and 1407 deletions
Expand all files Collapse all files

11
Makefile
View File

@@ -3,7 +3,7 @@ CC=gcc
CFLAGS=-std=gnu11 -Wno-unused-but-set-variable -D_DEFAULT_SOURCE -D_GNU_SOURCE -D_BSD_SOURCE -D_SVID_SOURCE -D_POSIX_C_SOURCE=200809L
LDFLAGS=-pthread -lssl -lcrypto -lmagic -lz -lmaxminddb -lbrotlienc
DEBIAN_OPTS=-D CACHE_MAGIC_FILE="\"/usr/share/file/magic.mgc\"" -D PHP_FPM_SOCKET="\"/var/run/php/php7.4-fpm.sock\""
DEBIAN_OPTS=-D CACHE_MAGIC_FILE="\"/usr/share/file/magic.mgc\"" -D PHP_FPM_SOCKET="\"/var/run/php/php8.2-fpm.sock\""
.PHONY: all prod debug default debian permit clean test
all: prod
@@ -59,7 +59,8 @@ bin/res/%.txt: res/%.*
bin/sesimos: bin/server.o bin/logger.o bin/cache_handler.o bin/async.o bin/workers.o \
bin/worker/request_handler.o bin/worker/tcp_acceptor.o \
bin/worker/fastcgi_handler.o bin/worker/local_handler.o bin/worker/proxy_handler.o \
bin/worker/ws_frame_handler.o \
bin/worker/proxy_peer_handler.o \
bin/worker/ws_frame_handler.o bin/worker/chunk_handler.o bin/worker/fastcgi_frame_handler.o \
bin/lib/http_static.o bin/res/default.o bin/res/proxy.o bin/res/style.o \
bin/res/icon_error.o bin/res/icon_info.o bin/res/icon_success.o bin/res/icon_warning.o \
bin/res/globe.o \
@@ -90,8 +91,14 @@ bin/worker/local_handler.o: src/worker/func.h
bin/worker/proxy_handler.o: src/worker/func.h
bin/worker/proxy_peer_handler.o: src/worker/func.h
bin/worker/ws_frame_handler.o: src/worker/func.h
bin/worker/fastcgi_frame_handler.o: src/worker/func.h
bin/worker/chunk_handler.o: src/worker/func.h
bin/lib/compress.o: src/lib/compress.h
bin/lib/config.o: src/lib/config.h src/lib/utils.h src/lib/uri.h src/logger.h

1
README.md
View File

@@ -27,7 +27,6 @@ See [doc/example.conf](doc/example.conf) for more details.
### Global directives
* `geoip_dir` (optional) - path to a directory containing GeoIP databases
* `dns_server` (optional) - address of a DNS server
### Configuration

121
src/async.c
View File

@@ -19,6 +19,7 @@
#include <pthread.h>
#include <semaphore.h>
#include <unistd.h>
#include <openssl/ssl.h>
#define ASYNC_MAX_EVENTS 16
@@ -38,7 +39,7 @@ typedef struct {
evt_listen_t *q[ASYNC_MAX_EVENTS];
} listen_queue_t;
static listen_queue_t listen1, listen2, *listen_q = &listen1;
static volatile listen_queue_t listen1, listen2, *listen_q = &listen1;
static volatile sig_atomic_t alive = 1;
static pthread_t thread = -1;
static sem_t lock;
@@ -49,6 +50,13 @@ static short async_a2p(async_evt_t events) {
if (events & ASYNC_IN) ret |= POLLIN;
if (events & ASYNC_PRI) ret |= POLLPRI;
if (events & ASYNC_OUT) ret |= POLLOUT;
if (events & ASYNC_ERR_) ret |= POLLERR;
if (events & ASYNC_HUP) ret |= POLLHUP;
if (events & ASYNC_RDNORM) ret |= POLLRDNORM;
if (events & ASYNC_RDBAND) ret |= POLLRDBAND;
if (events & ASYNC_WRNORM) ret |= POLLWRNORM;
if (events & ASYNC_WRBAND) ret |= POLLWRBAND;
if (events & ASYNC_MSG) ret |= POLLMSG;
return ret;
}
@@ -57,6 +65,13 @@ static unsigned int async_a2e(async_evt_t events) {
if (events & ASYNC_IN) ret |= EPOLLIN;
if (events & ASYNC_PRI) ret |= EPOLLPRI;
if (events & ASYNC_OUT) ret |= EPOLLOUT;
if (events & ASYNC_ERR_) ret |= EPOLLERR;
if (events & ASYNC_HUP) ret |= EPOLLHUP;
if (events & ASYNC_RDNORM) ret |= EPOLLRDNORM;
if (events & ASYNC_RDBAND) ret |= EPOLLRDBAND;
if (events & ASYNC_WRNORM) ret |= EPOLLWRNORM;
if (events & ASYNC_WRBAND) ret |= EPOLLWRBAND;
if (events & ASYNC_MSG) ret |= EPOLLMSG;
return ret;
}
@@ -65,8 +80,13 @@ static async_evt_t async_p2a(short events) {
if (events & POLLIN) ret |= ASYNC_IN;
if (events & POLLPRI) ret |= ASYNC_PRI;
if (events & POLLOUT) ret |= ASYNC_OUT;
if (events & POLLERR) ret |= ASYNC_ERR;
if (events & POLLERR) ret |= ASYNC_ERR_;
if (events & POLLHUP) ret |= ASYNC_HUP;
if (events & POLLRDNORM) ret |= ASYNC_RDNORM;
if (events & POLLRDBAND) ret |= ASYNC_RDBAND;
if (events & POLLWRNORM) ret |= ASYNC_WRNORM;
if (events & POLLWRBAND) ret |= ASYNC_WRBAND;
if (events & POLLMSG) ret |= ASYNC_MSG;
return ret;
}
@@ -75,16 +95,29 @@ static async_evt_t async_e2a(unsigned int events) {
if (events & EPOLLIN) ret |= ASYNC_IN;
if (events & EPOLLPRI) ret |= ASYNC_PRI;
if (events & EPOLLOUT) ret |= ASYNC_OUT;
if (events & EPOLLERR) ret |= ASYNC_ERR;
if (events & EPOLLERR) ret |= ASYNC_ERR_;
if (events & EPOLLHUP) ret |= ASYNC_HUP;
if (events & EPOLLRDNORM) ret |= ASYNC_RDNORM;
if (events & EPOLLRDBAND) ret |= ASYNC_RDBAND;
if (events & EPOLLWRNORM) ret |= ASYNC_WRNORM;
if (events & EPOLLWRBAND) ret |= ASYNC_WRBAND;
if (events & EPOLLMSG) ret |= ASYNC_MSG;
return ret;
}
static short async_e2p(unsigned int events) {
return async_a2p(async_e2a(events));
}
static unsigned int async_p2e(short events) {
return async_a2e(async_p2a(events));
}
static int async_add_to_queue(evt_listen_t *evt) {
try_again:
if (sem_wait(&lock) != 0) {
while (sem_wait(&lock) != 0) {
if (errno == EINTR) {
goto try_again;
errno = 0;
continue;
} else {
return -1;
}
@@ -108,7 +141,7 @@ static int async_exec(evt_listen_t *evt, async_evt_t r_events) {
int ret, e = errno;
if (r_events & evt->events) {
// specified event(s) occurred
if (evt->socket && !sock_has_pending(evt->socket)) {
if (!(evt->flags & ASYNC_IGNORE_PENDING) && evt->socket && !sock_has_pending(evt->socket, 0)) {
evt->err_cb(evt->arg);
ret = 0;
} else {
@@ -124,7 +157,6 @@ static int async_exec(evt_listen_t *evt, async_evt_t r_events) {
ret = -1;
}
logger_set_prefix("");
errno = e;
return ret;
}
@@ -136,11 +168,21 @@ static int async_check(evt_listen_t *evt) {
}};
// check, if fd is already ready
if (poll(fds, 1, 0) == 1) {
// fd already ready
if (async_exec(evt, async_p2a(fds[0].revents)) == 0)
if (evt->events & ASYNC_IN && evt->socket && evt->socket->enc && SSL_pending(evt->socket->ssl) > 0) {
// ssl layer already ready
if (async_exec(evt, ASYNC_IN) == 0)
return 1;
}
switch (poll(fds, 1, 0)) {
case 1:
// fd already ready
if (async_exec(evt, async_p2a(fds[0].revents)) == 0)
return 1;
break;
case -1:
error("Unable to poll");
return -1;
}
return 0;
}
@@ -211,9 +253,10 @@ void async_thread(void) {
struct epoll_event ev, events[ASYNC_MAX_EVENTS];
int num_fds;
long ts, min_ts, cur_ts;
listen_queue_t *l;
evt_listen_t **local = list_create(sizeof(evt_listen_t *), 16);
if (local == NULL) {
volatile listen_queue_t *l;
evt_listen_t **local;
if ((local = list_create(sizeof(evt_listen_t *), 16)) == NULL) {
critical("Unable to create async local list");
return;
}
@@ -223,8 +266,18 @@ void async_thread(void) {
// main event loop
while (alive) {
// swap listen queue
while (sem_wait(&lock) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
critical("Unable to lock async queue");
return;
}
}
l = listen_q;
listen_q = (listen_q == &listen1) ? &listen2 : &listen1;
sem_post(&lock);
// fill local list and epoll instance with previously added queue entries
for (int i = 0; i < l->n; i++) {
@@ -238,7 +291,25 @@ void async_thread(void) {
ev.events = async_a2e(evt->events);
ev.data.ptr = evt;
if (epoll_ctl(epoll_fd, EPOLL_CTL_ADD, evt->fd, &ev) == -1) {
while (epoll_ctl(epoll_fd, EPOLL_CTL_ADD, evt->fd, &ev) == -1) {
if (errno == EEXIST) {
// fd already exists, delete old one
warning("Unable to add file descriptor to epoll instance");
errno = 0;
if (epoll_ctl(epoll_fd, EPOLL_CTL_DEL, evt->fd, NULL) != -1)
continue;
} else if (errno == EBADF || errno == EPERM) {
// fd probably already closed or does not support epoll somehow
// FIXME should not happen
warning("Unable to add file descriptor to epoll instance");
errno = 0;
local = list_delete(local, &evt);
if (local == NULL) {
critical("Unable to resize async local list");
return;
}
break;
}
critical("Unable to add file descriptor to epoll instance");
return;
}
@@ -246,16 +317,18 @@ void async_thread(void) {
// reset size of queue
l->n = 0;
// TODO timeout calculation = O(n)
// calculate wait timeout
min_ts = -1000, cur_ts = clock_micros();;
min_ts = -1000, cur_ts = clock_micros();
for (int i = 0; i < list_size(local); i++) {
evt_listen_t *evt = local[i];
if (!evt->socket) continue;
if (!evt->socket || evt->socket->timeout_us < 0) continue;
ts = evt->socket->ts_last + evt->socket->timeout_us - cur_ts;
if (min_ts == -1000 || ts < min_ts) min_ts = ts;
}
// epoll is used in level-triggered mode, so buffers are taken into account
if ((num_fds = epoll_wait(epoll_fd, events, ASYNC_MAX_EVENTS, (int) (min_ts / 1000))) == -1) {
if (errno == EINTR) {
// interrupt
@@ -270,10 +343,13 @@ void async_thread(void) {
for (int i = 0; i < num_fds; i++) {
evt_listen_t *evt = events[i].data.ptr;
if (!list_contains(local, &evt)) continue;
if (async_exec(evt, async_e2a(events[i].events)) == 0) {
logger_set_prefix("");
if (epoll_ctl(epoll_fd, EPOLL_CTL_DEL, evt->fd, NULL) == -1) {
if (errno == EBADF) {
// already closed fd, do not die
if (errno == EBADF || errno == ENOENT || errno == EPERM) {
// already closed, fd not found, or fd does not support epoll, anyway do not die
errno = 0;
} else {
critical("Unable to remove file descriptor from epoll instance");
@@ -289,6 +365,7 @@ void async_thread(void) {
free(evt);
}
logger_set_prefix("");
}
// check, if some socket ran into a timeout
@@ -297,12 +374,12 @@ void async_thread(void) {
evt_listen_t *evt = local[i];
if (!evt->socket) continue;
if ((cur_ts - evt->socket->ts_last) >= evt->socket->timeout_us) {
if (evt->socket->timeout_us >= 0 && (cur_ts - evt->socket->ts_last) >= evt->socket->timeout_us) {
evt->to_cb(evt->arg);
if (epoll_ctl(epoll_fd, EPOLL_CTL_DEL, evt->fd, NULL) == -1) {
if (errno == EBADF) {
// already closed fd, do not die
if (errno == EBADF || errno == ENOENT || errno == EPERM) {
// already closed, fd not found, or fd does not support epoll, anyway do not die
errno = 0;
} else {
critical("Unable to remove file descriptor from epoll instance");

16
src/async.h
View File

@@ -12,12 +12,18 @@
#include "lib/sock.h"
#define ASYNC_KEEP 1
#define ASYNC_IGNORE_PENDING 2
#define ASYNC_IN 0x01
#define ASYNC_PRI 0x02
#define ASYNC_OUT 0x04
#define ASYNC_ERR 0x08
#define ASYNC_HUP 0x10
#define ASYNC_IN 0x001
#define ASYNC_PRI 0x002
#define ASYNC_OUT 0x004
#define ASYNC_ERR_ 0x008
#define ASYNC_HUP 0x010
#define ASYNC_RDNORM 0x040
#define ASYNC_RDBAND 0x080
#define ASYNC_WRNORM 0x100
#define ASYNC_WRBAND 0x200
#define ASYNC_MSG 0x400
#define ASYNC_WAIT_READ ASYNC_IN
#define ASYNC_WAIT_WRITE ASYNC_OUT

98
src/cache_handler.c
View File

@@ -27,7 +27,7 @@
static magic_t magic;
static pthread_t thread;
static sem_t sem_free, sem_used, sem_lock, sem_cache;
static sem_t sem_free, sem_used, sem_lock, sem_cache, sem_magic;
volatile sig_atomic_t alive = 1;
typedef struct {
@@ -52,6 +52,56 @@ static int magic_init(void) {
return 0;
}
static void magic_mime_type(const char *restrict filename, char *buf) {
while (sem_wait(&sem_magic) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
critical("Unable to lock magic semaphore");
return;
}
}
magic_setflags(magic, MAGIC_MIME_TYPE);
const char *type = magic_file(magic, filename);
if (strstarts(type, "text/")) {
if (strends(filename, ".css")) {
strcpy(buf, "text/css");
sem_post(&sem_magic);
return;
} else if (strends(filename, ".js")) {
strcpy(buf, "application/javascript");
sem_post(&sem_magic);
return;
} else if (strends(filename, ".xhtml")) {
strcpy(buf, "application/xhtml+xml");
sem_post(&sem_magic);
return;
}
}
strcpy(buf, type);
sem_post(&sem_magic);
}
static void magic_charset(const char *restrict filename, char *buf) {
while (sem_wait(&sem_magic) != 0) {
if (errno == EINTR) {
errno = 0;
continue;
} else {
critical("Unable to lock magic semaphore");
return;
}
}
magic_setflags(magic, MAGIC_MIME_ENCODING);
strcpy(buf, magic_file(magic, filename));
sem_post(&sem_magic);
}
static void cache_free(void) {
for (int i = 0; i < CONFIG_MAX_HOST_CONFIG; i++) {
host_config_t *hc = &config.hosts[i];
@@ -67,6 +117,7 @@ static void cache_free(void) {
sem_destroy(&sem_free);
sem_destroy(&sem_used);
sem_destroy(&sem_cache);
sem_destroy(&sem_magic);
}
static cache_entry_t *cache_get_entry(cache_t *cache, const char *filename) {
@@ -87,10 +138,10 @@ static cache_entry_t *cache_get_entry(cache_t *cache, const char *filename) {
static cache_entry_t *cache_get_new_entry(cache_t *cache) {
// globally lock cache
retry:
if (sem_wait(&sem_cache) != 0) {
while (sem_wait(&sem_cache) != 0) {
if (errno == EINTR) {
goto retry;
errno = 0;
continue;
} else {
return NULL;
}
@@ -166,7 +217,7 @@ static void cache_process_entry(cache_entry_t *entry) {
comp_err:
compress = 0;
} else {
if ((compress_init(&comp_ctx, COMPRESS_GZ | COMPRESS_BR)) != 0) {
if ((compress_init(&comp_ctx, COMPRESS_GZ | COMPRESS_BR | (mime_is_text(entry->meta.type) ? COMPRESS_UTF8 : 0))) != 0) {
error("Unable to init compression");
compress = 0;
fclose(comp_file_gz);
@@ -175,11 +226,9 @@ static void cache_process_entry(cache_entry_t *entry) {
}
}
unsigned long read;
while ((read = fread(buf, 1, sizeof(buf), file)) > 0) {
for (unsigned long read, avail_in, avail_out; (read = fread(buf, 1, sizeof(buf), file)) > 0;) {
EVP_DigestUpdate(ctx, buf, read);
if (compress) {
unsigned long avail_in, avail_out;
avail_in = read;
do {
avail_out = sizeof(comp_buf);
@@ -295,7 +344,8 @@ int cache_init(void) {
if (sem_init(&sem_lock, 0, 1) != 0 ||
sem_init(&sem_free, 0, 1) != 0 ||
sem_init(&sem_used, 0, 0) != 0 ||
sem_init(&sem_cache, 0, 1) != 0)
sem_init(&sem_cache, 0, 1) != 0 ||
sem_init(&sem_magic, 0, 1) != 0)
{
critical("Unable to initialize semaphore");
return -1;
@@ -323,16 +373,15 @@ static void cache_mark_entry_dirty(cache_entry_t *entry) {
if (entry->flags & CACHE_DIRTY)
return;
entry->flags |= CACHE_DIRTY;
memset(entry->meta.etag, 0, sizeof(entry->meta.etag));
memset(entry->meta.filename_comp_gz, 0, sizeof(entry->meta.filename_comp_gz));
memset(entry->meta.filename_comp_br, 0, sizeof(entry->meta.filename_comp_br));
entry->flags |= CACHE_DIRTY;
try_again_free:
if (sem_wait(&sem_free) != 0) {
while (sem_wait(&sem_free) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_free;
continue;
} else {
error("Unable to lock semaphore");
errno = 0;
@@ -341,11 +390,10 @@ static void cache_mark_entry_dirty(cache_entry_t *entry) {
}
// try to lock buffer
try_again_lock:
if (sem_wait(&sem_lock) != 0) {
while (sem_wait(&sem_lock) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_lock;
continue;
} else {
error("Unable to lock semaphore");
errno = 0;
@@ -366,25 +414,11 @@ static void cache_mark_entry_dirty(cache_entry_t *entry) {
static void cache_update_entry(cache_entry_t *entry, const char *filename, const char *webroot) {
entry->meta.mtime = stat_mtime(filename);
entry->webroot_len = (unsigned char) strlen(webroot);
strcpy(entry->filename, filename);
magic_setflags(magic, MAGIC_MIME_TYPE);
const char *type = magic_file(magic, filename);
char type_new[URI_TYPE_SIZE];
sprintf(type_new, "%s", type);
if (strstarts(type, "text/")) {
if (strends(filename, ".css")) {
sprintf(type_new, "text/css");
} else if (strends(filename, ".js")) {
sprintf(type_new, "application/javascript");
}
}
strcpy(entry->meta.type, type_new);
magic_setflags(magic, MAGIC_MIME_ENCODING);
strcpy(entry->meta.charset, magic_file(magic, filename));
magic_mime_type(filename, entry->meta.type);
magic_charset(filename, entry->meta.charset);
cache_mark_entry_dirty(entry);
}

49
src/lib/compress.c
View File

@@ -13,23 +13,25 @@
int compress_init(compress_ctx *ctx, int mode) {
ctx->brotli = NULL;
ctx->mode = 0;
int ret;
if (mode & COMPRESS_GZ) {
ctx->mode |= COMPRESS_GZ;
ctx->gzip.zalloc = Z_NULL;
ctx->gzip.zfree = Z_NULL;
ctx->gzip.opaque = Z_NULL;
ret = deflateInit2(&ctx->gzip, COMPRESS_LEVEL_GZIP, Z_DEFLATED, 15 + 16, 9, Z_DEFAULT_STRATEGY);
if (ret != Z_OK) return -1;
ctx->gzip.data_type = (mode & COMPRESS_UTF8) ? Z_TEXT : Z_UNKNOWN;
if (deflateInit2(&ctx->gzip, COMPRESS_LEVEL_GZIP, Z_DEFLATED, 15 + 16, 9, Z_DEFAULT_STRATEGY) != Z_OK)
return -1;
}
if (mode & COMPRESS_BR) {
ctx->mode |= COMPRESS_BR;
ctx->brotli = BrotliEncoderCreateInstance(NULL, NULL, NULL);
if (ctx->brotli == NULL) return -1;
BrotliEncoderSetParameter(ctx->brotli, BROTLI_PARAM_MODE, BROTLI_MODE_GENERIC);
if ((ctx->brotli = BrotliEncoderCreateInstance(NULL, NULL, NULL)) == NULL)
return -1;
BrotliEncoderSetParameter(ctx->brotli, BROTLI_PARAM_MODE, (mode & COMPRESS_UTF8) ? BROTLI_MODE_TEXT : ((mode & COMPRESS_WOFF) ? BROTLI_MODE_FONT : BROTLI_MODE_GENERIC));
BrotliEncoderSetParameter(ctx->brotli, BROTLI_PARAM_QUALITY, COMPRESS_LEVEL_BROTLI);
}
return 0;
}
@@ -41,26 +43,35 @@ int compress_compress(compress_ctx *ctx, const char *in, unsigned long *in_len,
return compress_compress_mode(ctx, ctx->mode, in, in_len, out, out_len, finish);
}
static int compress_brotli(BrotliEncoderState *ctx, const char *in, unsigned long *in_len, char *out, unsigned long *out_len, int finish) {
int ret = BrotliEncoderCompressStream(
ctx, finish ? BROTLI_OPERATION_FINISH : BROTLI_OPERATION_PROCESS,
in_len, (const unsigned char**) &in, out_len, (unsigned char **) &out, NULL);
return (ret == BROTLI_TRUE) ? 0 : -1;
}
static int compress_gzip(z_stream *gzip, const char *in, unsigned long *in_len, char *out, unsigned long *out_len, int finish) {
gzip->next_in = (unsigned char*) in;
gzip->avail_in = *in_len;
gzip->next_out = (unsigned char*) out;
gzip->avail_out = *out_len;
int ret = deflate(gzip, finish ? Z_FINISH : Z_NO_FLUSH);
*in_len = gzip->avail_in;
*out_len = gzip->avail_out;
return ret;
}
int compress_compress_mode(compress_ctx *ctx, int mode, const char *in, unsigned long *in_len, char *out, unsigned long *out_len, int finish) {
if ((mode & COMPRESS_GZ) && (mode & COMPRESS_BR)) {
errno = EINVAL;
return -1;
} else if (mode & COMPRESS_GZ) {
ctx->gzip.next_in = (unsigned char*) in;
ctx->gzip.avail_in = *in_len;
ctx->gzip.next_out = (unsigned char*) out;
ctx->gzip.avail_out = *out_len;
int ret = deflate(&ctx->gzip, finish ? Z_FINISH : Z_NO_FLUSH);
*in_len = ctx->gzip.avail_in;
*out_len = ctx->gzip.avail_out;
return ret;
return compress_gzip(&ctx->gzip, in, in_len, out, out_len, finish);
} else if (mode & COMPRESS_BR) {
int ret = BrotliEncoderCompressStream(ctx->brotli, finish ? BROTLI_OPERATION_FINISH : BROTLI_OPERATION_PROCESS,
in_len, (const unsigned char**) &in, out_len, (unsigned char **) &out, NULL);
return (ret == BROTLI_TRUE) ? 0 : -1;
return compress_brotli(ctx->brotli, in, in_len, out, out_len, finish);
} else {
errno = EINVAL;
return -2;
return -1;
}
}

2
src/lib/compress.h
View File

@@ -18,6 +18,8 @@
#define COMPRESS_GZ 1
#define COMPRESS_BR 2
#define COMPRESS 3
#define COMPRESS_UTF8 4
#define COMPRESS_WOFF 8
typedef struct {
int mode;

309
src/lib/config.c
View File

@@ -16,6 +16,149 @@
config_t config;
static int config_parse_line(char *line, char *section, int *i, int *j) {
int mode = 0;
char *source, *target;
char *ptr = line;
char *comment = strpbrk(ptr, "#\r\n");
if (comment != NULL) comment[0] = 0;
unsigned long len = strlen(ptr);
char *end_ptr = (len > 0) ? ptr + len - 1 : ptr;
while (end_ptr[0] == ' ' || end_ptr[0] == '\t') {
end_ptr[0] = 0;
end_ptr--;
}
len = strlen(ptr);
if (len == 0) return 0;
if (ptr[0] == '[') {
if (ptr[len - 1] != ']') return -1;
ptr++;
int l = 0;
if (strncmp(ptr, "host", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
ptr += 4;
while (ptr[0] == ' ' || ptr[0] == '\t' || ptr[0] == ']') ptr++;
while (ptr[l] != ' ' && ptr[l] != '\t' && ptr[l] != ']') l++;
if (l == 0) return -1;
snprintf(config.hosts[*i].name, sizeof(config.hosts[*i].name), "%.*s", l, ptr);
++(*i);
*section = 'h';
} else if (strncmp(ptr, "cert", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
ptr += 4;
while (ptr[0] == ' ' || ptr[0] == '\t' || ptr[0] == ']') ptr++;
while (ptr[l] != ' ' && ptr[l] != '\t' && ptr[l] != ']') l++;
if (l == 0) return -1;
snprintf(config.certs[*j].name, sizeof(config.certs[*j].name), "%.*s", l, ptr);
++(*j);
*section = 'c';
} else {
return -1;
}
return 0;
} else if (*section == 0) {
if (len > 10 && strncmp(ptr, "geoip_dir", 9) == 0 && (ptr[9] == ' ' || ptr[9] == '\t')) {
source = ptr + 9;
target = config.geoip_dir;
} else {
return -1;
}
} else if (*section == 'c') {
cert_config_t *cc = &config.certs[*j - 1];
if (len > 12 && strncmp(ptr, "certificate", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) {
source = ptr + 11;
target = cc->full_chain;
} else if (len > 12 && strncmp(ptr, "private_key", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) {
source = ptr + 11;
target = cc->priv_key;
} else {
return -1;
}
} else if (*section == 'h') {
host_config_t *hc = &config.hosts[*i - 1];
if (len > 8 && strncmp(ptr, "webroot", 7) == 0 && (ptr[7] == ' ' || ptr[7] == '\t')) {
source = ptr + 7;
target = hc->local.webroot;
if (hc->type != 0 && hc->type != CONFIG_TYPE_LOCAL) {
return -1;
} else {
hc->type = CONFIG_TYPE_LOCAL;
}
} else if (len > 5 && strncmp(ptr, "cert", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
source = ptr + 4;
target = hc->cert_name;
} else if (len > 9 && strncmp(ptr, "dir_mode", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = NULL;
mode = 1;
if (hc->type != 0 && hc->type != CONFIG_TYPE_LOCAL) {
return -1;
} else {
hc->type = CONFIG_TYPE_LOCAL;
}
} else if (len > 9 && strncmp(ptr, "hostname", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = hc->proxy.hostname;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
return -1;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
}
} else if (len > 5 && strncmp(ptr, "port", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
source = ptr + 4;
target = NULL;
mode = 2;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
return -1;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
}
} else if (streq(ptr, "http")) {
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
return -1;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->proxy.enc = 0;
}
return 0;
} else if (streq(ptr, "https")) {
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
return -1;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->proxy.enc = 1;
}
return 0;
} else {
return -1;
}
} else {
return -1;
}
while (source[0] == ' ' || source[0] == '\t') source++;
if (strlen(source) == 0) return -1;
if (target != NULL) {
strcpy(target, source);
} else if (mode == 1) {
if (streq(source, "forbidden")) {
config.hosts[*i - 1].local.dir_mode = URI_DIR_MODE_FORBIDDEN;
} else if (streq(source, "info")) {
config.hosts[*i - 1].local.dir_mode = URI_DIR_MODE_INFO;
} else if (streq(source, "list")) {
config.hosts[*i - 1].local.dir_mode = URI_DIR_MODE_LIST;
} else {
return -1;
}
} else if (mode == 2) {
config.hosts[*i - 1].proxy.port = (unsigned short) strtoul(source, NULL, 10);
}
return 0;
}
int config_load(const char *filename) {
FILE *file = fopen(filename, "r");
if (file == NULL) {
@@ -25,162 +168,18 @@ int config_load(const char *filename) {
memset(&config, 0, sizeof(config));
int i = 0;
int j = 0;
int line_num = 0;
int mode = 0;
int i = 0, j = 0;
char section = 0;
char *source, *target;
char *line = NULL;
ssize_t read;
size_t line_len = 0;
while ((read = getline(&line, &line_len, file)) != -1) {
line_num++;
char *ptr = line;
char *comment = strpbrk(ptr, "#\r\n");
if (comment != NULL) comment[0] = 0;
unsigned long len = strlen(ptr);
char *end_ptr = (len > 0) ? ptr + len - 1 : ptr;
while (end_ptr[0] == ' ' || end_ptr[0] == '\t') {
end_ptr[0] = 0;
end_ptr--;
}
len = strlen(ptr);
if (len == 0) continue;
if (ptr[0] == '[') {
if (ptr[len - 1] != ']') goto err;
ptr++;
int l = 0;
if (strncmp(ptr, "host", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
ptr += 4;
while (ptr[0] == ' ' || ptr[0] == '\t' || ptr[0] == ']') ptr++;
while (ptr[l] != ' ' && ptr[l] != '\t' && ptr[l] != ']') l++;
if (l == 0) goto err;
snprintf(config.hosts[i].name, sizeof(config.hosts[i].name), "%.*s", l, ptr);
i++;
section = 'h';
} else if (strncmp(ptr, "cert", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
ptr += 4;
while (ptr[0] == ' ' || ptr[0] == '\t' || ptr[0] == ']') ptr++;
while (ptr[l] != ' ' && ptr[l] != '\t' && ptr[l] != ']') l++;
if (l == 0) goto err;
snprintf(config.certs[j].name, sizeof(config.certs[j].name), "%.*s", l, ptr);
j++;
section = 'c';
} else {
goto err;
}
continue;
} else if (section == 0) {
if (len > 10 && strncmp(ptr, "geoip_dir", 9) == 0 && (ptr[9] == ' ' || ptr[9] == '\t')) {
source = ptr + 9;
target = config.geoip_dir;
} else if (len > 11 && strncmp(ptr, "dns_server", 10) == 0 && (ptr[10] == ' ' || ptr[10] == '\t')) {
source = ptr + 10;
target = config.dns_server;
} else {
goto err;
}
} else if (section == 'c') {
cert_config_t *cc = &config.certs[j - 1];
if (len > 12 && strncmp(ptr, "certificate", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) {
source = ptr + 11;
target = cc->full_chain;
} else if (len > 12 && strncmp(ptr, "private_key", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) {
source = ptr + 11;
target = cc->priv_key;
} else {
goto err;
}
} else if (section == 'h') {
host_config_t *hc = &config.hosts[i - 1];
if (len > 8 && strncmp(ptr, "webroot", 7) == 0 && (ptr[7] == ' ' || ptr[7] == '\t')) {
source = ptr + 7;
target = hc->local.webroot;
if (hc->type != 0 && hc->type != CONFIG_TYPE_LOCAL) {
goto err;
} else {
hc->type = CONFIG_TYPE_LOCAL;
}
} else if (len > 5 && strncmp(ptr, "cert", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
source = ptr + 4;
target = hc->cert_name;
} else if (len > 9 && strncmp(ptr, "dir_mode", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = NULL;
mode = 1;
if (hc->type != 0 && hc->type != CONFIG_TYPE_LOCAL) {
goto err;
} else {
hc->type = CONFIG_TYPE_LOCAL;
}
} else if (len > 9 && strncmp(ptr, "hostname", 8) == 0 && (ptr[8] == ' ' || ptr[8] == '\t')) {
source = ptr + 8;
target = hc->proxy.hostname;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
}
} else if (len > 5 && strncmp(ptr, "port", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) {
source = ptr + 4;
target = NULL;
mode = 2;
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
}
} else if (streq(ptr, "http")) {
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->proxy.enc = 0;
}
continue;
} else if (streq(ptr, "https")) {
if (hc->type != 0 && hc->type != CONFIG_TYPE_REVERSE_PROXY) {
goto err;
} else {
hc->type = CONFIG_TYPE_REVERSE_PROXY;
hc->proxy.enc = 1;
}
continue;
} else {
goto err;
}
} else {
goto err;
}
while (source[0] == ' ' || source[0] == '\t') source++;
if (strlen(source) == 0) {
err:
critical("Unable to parse config file (line %i)", line);
for (int line_num = 1; getline(&line, &line_len, file) != -1; line_num++) {
if (config_parse_line(line, &section, &i, &j) != 0) {
critical("Unable to parse config file (line %i)", line_num);
free(line);
fclose(file);
return -2;
}
if (target != NULL) {
strcpy(target, source);
} else if (mode == 1) {
if (streq(source, "forbidden")) {
config.hosts[i - 1].local.dir_mode = URI_DIR_MODE_FORBIDDEN;
} else if (streq(source, "info")) {
config.hosts[i - 1].local.dir_mode = URI_DIR_MODE_INFO;
} else if (streq(source, "list")) {
config.hosts[i - 1].local.dir_mode = URI_DIR_MODE_LIST;
} else {
goto err;
}
} else if (mode == 2) {
config.hosts[i - 1].proxy.port = (unsigned short) strtoul(source, NULL, 10);
}
}
free(line);
@@ -190,11 +189,14 @@ int config_load(const char *filename) {
host_config_t *hc = &config.hosts[k];
if (hc->type == CONFIG_TYPE_LOCAL) {
char *webroot = config.hosts[k].local.webroot;
if (webroot[strlen(webroot) - 1] == '/') {
webroot[strlen(webroot) - 1] = 0;
}
while (webroot[strlen(webroot) - 1] == '/') webroot[strlen(webroot) - 1] = 0;
}
if (hc->cert_name[0] == 0) goto err2;
if (hc->cert_name[0] == 0) {
critical("Unable to parse config file: host config (%s) does not contain a certificate", hc->name);
return -2;
}
int found = 0;
for (int m = 0; m < j; m++) {
if (streq(config.certs[m].name, hc->cert_name)) {
@@ -204,8 +206,7 @@ int config_load(const char *filename) {
}
}
if (!found) {
err2:
critical("Unable to parse config file");
critical("Unable to parse config file: certificate (%s) for host config (%s) not found", hc->cert_name, hc->name);
return -2;
}
}

1
src/lib/config.h
View File

@@ -53,7 +53,6 @@ typedef struct {
host_config_t hosts[CONFIG_MAX_HOST_CONFIG];
cert_config_t certs[CONFIG_MAX_CERT_CONFIG];
char geoip_dir[256];
char dns_server[256];
} config_t;
extern config_t config;

34
src/lib/error.c
View File

@@ -11,6 +11,7 @@
#include <errno.h>
#include <string.h>
#include <netdb.h>
extern const char *sock_error_str(unsigned long err);
extern const char *http_error_str(int err);
@@ -18,8 +19,9 @@ extern const char *MMDB_strerror(int err);
extern const char *ERR_reason_error_string(unsigned long err);
static int error_compress(unsigned long err) {
if (err & 0xFF0000) warning("Lossy error code compression!");
return ((int) err & 0xFFFF) | (((int) err >> 8) & 0xFF0000);
int comp = ((int) err & 0xFFFF) | (((int) err >> 8) & 0xFF0000);
if (err & 0xFF0000) warning("Lossy error code compression! (%08lX -> %08X)", err, comp);
return comp;
}
static unsigned long error_decompress(int err) {
@@ -28,24 +30,14 @@ static unsigned long error_decompress(int err) {
const char *error_str(int err_no, char *buf, int buf_len) {
buf[0] = 0;
unsigned char mode = (unsigned char) (err_no >> 24);
int e = err_no & 0x00FFFFFF;
if (mode == 0x00) {
// normal
strerror_r(e, buf, buf_len);
return buf;
} else if (mode == 0x01) {
// ssl
return sock_error_str(error_decompress(e));
} else if (mode == 0x02) {
// ssl err
return ERR_reason_error_string(error_decompress(e));
} else if (mode == 0x03) {
// mmdb
return MMDB_strerror(e);
} else if (mode == 0x04) {
// http
return http_error_str(e);
switch (err_no >> 24) {
case 0x00: return strerror_r(e, buf, buf_len);
case 0x01: return sock_error_str(error_decompress(e));
case 0x02: return ERR_reason_error_string(error_decompress(e));
case 0x03: return MMDB_strerror(e);
case 0x04: return http_error_str(e);
case 0x05: return gai_strerror(e);
}
return buf;
}
@@ -66,6 +58,10 @@ void error_http(int err) {
errno = 0x04000000 | err;
}
void error_gai(int err) {
errno = 0x05000000 | err;
}
static int error_get(unsigned char prefix) {
return (errno >> 24 != prefix) ? 0 : errno & 0x00FFFFFF;
}

2
src/lib/error.h
View File

@@ -19,6 +19,8 @@ void error_mmdb(int err);
void error_http(int err);
void error_gai(int err);
int error_get_sys();
int error_get_ssl();

673
src/lib/fastcgi.c
View File

@@ -9,13 +9,16 @@
#include "../defs.h"
#include "fastcgi.h"
#include "utils.h"
#include "compress.h"
#include "../logger.h"
#include "list.h"
#include "../workers.h"
#include <sys/un.h>
#include <sys/socket.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
char *fastcgi_add_param(char *buf, const char *key, const char *value) {
char *ptr = buf;
@@ -26,20 +29,14 @@ char *fastcgi_add_param(char *buf, const char *key, const char *value) {
ptr[0] = (char) (key_len & 0x7F);
ptr++;
} else {
ptr[0] = (char) (0x80 | (key_len >> 24));
ptr[1] = (char) ((key_len >> 16) & 0xFF);
ptr[2] = (char) ((key_len >> 8) & 0xFF);
ptr[3] = (char) (key_len & 0xFF);
*((int *) ptr) = htonl(0x80000000 | key_len);
ptr += 4;
}
if (val_len <= 127) {
ptr[0] = (char) (val_len & 0x7F);
ptr++;
} else {
ptr[0] = (char) (0x80 | (val_len >> 24));
ptr[1] = (char) ((val_len >> 16) & 0xFF);
ptr[2] = (char) ((val_len >> 8) & 0xFF);
ptr[3] = (char) (val_len & 0xFF);
*((int *) ptr) = htonl(0x80000000 | val_len);
ptr += 4;
}
@@ -51,56 +48,70 @@ char *fastcgi_add_param(char *buf, const char *key, const char *value) {
return ptr;
}
int fastcgi_send_data(fastcgi_cnx_t *cnx, unsigned char type, unsigned short len, void *data) {
// build header
FCGI_Header header = {
.version = FCGI_VERSION_1,
.type = type,
.requestId = htons(cnx->req_id),
.contentLength = htons(len),
.paddingLength = 0,
.reserved = 0,
};
// send FastCGI header with MSG_MORE flag
if (sock_send_x(&cnx->socket, &header, sizeof(header), (len != 0) ? MSG_MORE : 0) == -1) {
error("Unable to send to FastCGI socket");
return -1;
}
// send data (if available)
if (sock_send_x(&cnx->socket, data, len, 0) == -1) {
error("Unable to send to FastCGI socket");
return -1;
}
// return bytes sent totally
return len + (int) sizeof(header);
}
int fastcgi_init(fastcgi_cnx_t *conn, int mode, unsigned int req_num, const sock *client, const http_req *req, const http_uri *uri) {
conn->mode = mode;
conn->header_sent = 0;
conn->req_id = (req_num + 1) & 0xFFFF;
conn->out_buf = NULL;
conn->out_off = 0;
conn->webroot = uri->webroot;
conn->err = NULL;
conn->fd_err_bytes = 0;
conn->fd_out = -1;
conn->fd_err = -1;
sock_init(&conn->out, -1, SOCK_PIPE);
int fcgi_sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (fcgi_sock < 0) {
conn->socket.enc = 0;
if ((conn->socket.socket = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
error("Unable to create unix socket");
return -1;
}
conn->socket = fcgi_sock;
struct sockaddr_un sock_addr = {AF_UNIX};
if (conn->mode == FASTCGI_SESIMOS) {
snprintf(sock_addr.sun_path, sizeof(sock_addr.sun_path) - 1, "%s", SESIMOS_BACKEND_SOCKET);
} else if (conn->mode == FASTCGI_PHP) {
snprintf(sock_addr.sun_path, sizeof(sock_addr.sun_path) - 1, "%s", PHP_FPM_SOCKET);
struct sockaddr_un sock_addr = { AF_UNIX };
if (conn->mode == FASTCGI_BACKEND_PHP) {
strcpy(sock_addr.sun_path, PHP_FPM_SOCKET);
}
if (connect(conn->socket, (struct sockaddr *) &sock_addr, sizeof(sock_addr)) < 0) {
error("Unable to connect to unix socket of FastCGI socket");
if (connect(conn->socket.socket, (struct sockaddr *) &sock_addr, sizeof(sock_addr)) != 0) {
error("Unable to connect to FastCGI (unix) socket");
return -1;
}
FCGI_Header header = {
.version = FCGI_VERSION_1,
.requestIdB1 = conn->req_id >> 8,
.requestIdB0 = conn->req_id & 0xFF,
.paddingLength = 0,
.reserved = 0
FCGI_BeginRequestBody begin = {
.role = htons(FCGI_RESPONDER),
.flags = 0,
.reserved = {0},
};
header.type = FCGI_BEGIN_REQUEST;
header.contentLengthB1 = 0;
header.contentLengthB0 = sizeof(FCGI_BeginRequestBody);
FCGI_BeginRequestRecord begin = {
header,
{.roleB1 = (FCGI_RESPONDER >> 8) & 0xFF, .roleB0 = FCGI_RESPONDER & 0xFF, .flags = 0}
};
if (send(conn->socket, &begin, sizeof(begin), 0) != sizeof(begin)) {
error("Unable to send to FastCGI socket");
return -2;
}
char param_buf[4096];
char buf0[256];
char *param_ptr = param_buf + sizeof(header);
if (fastcgi_send_data(conn, FCGI_BEGIN_REQUEST, sizeof(begin), &begin) == -1)
return -1;
char param_buf[4096], buf0[256], *param_ptr = param_buf;
param_ptr = fastcgi_add_param(param_ptr, "REDIRECT_STATUS", "CGI");
param_ptr = fastcgi_add_param(param_ptr, "DOCUMENT_ROOT", uri->webroot);
param_ptr = fastcgi_add_param(param_ptr, "GATEWAY_INTERFACE", "CGI/1.1");
@@ -172,212 +183,225 @@ int fastcgi_init(fastcgi_cnx_t *conn, int mode, unsigned int req_num, const sock
param_ptr = fastcgi_add_param(param_ptr, buf0, http_field_get_value(f));
}
unsigned short param_len = param_ptr - param_buf - sizeof(header);
header.type = FCGI_PARAMS;
header.contentLengthB1 = param_len >> 8;
header.contentLengthB0 = param_len & 0xFF;
memcpy(param_buf, &header, sizeof(header));
if (send(conn->socket, param_buf, param_len + sizeof(header), 0) != param_len + sizeof(header)) {
error("Unable to send to FastCGI socket");
return -2;
}
if (fastcgi_send_data(conn, FCGI_PARAMS, param_ptr - param_buf, param_buf) == -1)
return -1;
header.type = FCGI_PARAMS;
header.contentLengthB1 = 0;
header.contentLengthB0 = 0;
if (send(conn->socket, &header, sizeof(header), 0) != sizeof(header)) {
error("Unable to send to FastCGI socket");
return -2;
}
if (fastcgi_send_data(conn, FCGI_PARAMS, 0, NULL) == -1)
return -1;
int pipes[2][2];
if (pipe(pipes[0]) == -1 || pipe(pipes[1]) == -1)
return -1;
conn->fd_out = pipes[1][1];
conn->out.socket = pipes[1][0];
sock_set_timeout(&conn->out, FASTCGI_TIMEOUT);
conn->fd_err = pipes[0][1];
conn->err = fdopen(pipes[0][0], "r");
return 0;
}
int fastcgi_close_stdin(fastcgi_cnx_t *conn) {
FCGI_Header header = {
.version = FCGI_VERSION_1,
.type = FCGI_STDIN,
.requestIdB1 = conn->req_id >> 8,
.requestIdB0 = conn->req_id & 0xFF,
.contentLengthB1 = 0,
.contentLengthB0 = 0,
.paddingLength = 0,
.reserved = 0
};
int fastcgi_close_cnx(fastcgi_cnx_t *cnx) {
int e = errno;
if (send(conn->socket, &header, sizeof(header), 0) != sizeof(header)) {
error("Unable to send to FastCGI socket");
return -2;
}
if (cnx->err) fclose(cnx->err);
cnx->err = NULL;
sock_close(&cnx->socket);
sock_close(&cnx->out);
if (cnx->fd_err != -1) close(cnx->fd_err);
if (cnx->fd_out != -1) close(cnx->fd_out);
cnx->fd_err = -1;
cnx->fd_out = -1;
errno = e;
return 0;
}
int fastcgi_php_error(const fastcgi_cnx_t *conn, const char *msg, int msg_len, char *err_msg) {
char *msg_str = malloc(msg_len + 1);
char *ptr0 = msg_str;
memcpy(msg_str, msg, msg_len);
msg_str[msg_len] = 0;
char *ptr1 = NULL;
int len;
int fastcgi_close_stdin(fastcgi_cnx_t *cnx) {
return (fastcgi_send_data(cnx, FCGI_STDIN, 0, NULL) == -1) ? -1 : 0;
}
int fastcgi_php_error(fastcgi_cnx_t *cnx, char *err_msg) {
char *line = NULL, *line_ptr = NULL;
size_t line_len = 0;
int err = 0;
// FIXME *msg is part of a stream, handle fragmented lines
while (1) {
log_lvl_t msg_type = LOG_INFO;
int msg_pre_len = 0;
ptr1 = strstr(ptr0, "PHP message: ");
if (ptr1 == NULL) {
len = (int) (msg_len - (ptr0 - msg_str));
if (ptr0 == msg_str) msg_type = 2;
} else {
len = (int) (ptr1 - ptr0);
}
if (len == 0) {
goto next;
log_lvl_t msg_type = LOG_INFO;
// FIXME php fastcgi sends multiple calls with '; ' as delimiter
for (long ret; cnx->fd_err_bytes > 0 && (ret = getline(&line, &line_len, cnx->err)) != -1; cnx->fd_err_bytes -= ret) {
if (ret > 0) line[ret - 1] = 0;
line_ptr = line;
if (strstarts(line_ptr, "PHP message: ")) {
line_ptr += 13;
if (strstarts(line_ptr, "PHP Warning: ")) {
msg_type = LOG_WARNING;
} else if (strstarts(line_ptr, "PHP Fatal error: ")) {
msg_type = LOG_ERROR;
} else if (strstarts(line_ptr, "PHP Parse error: ")) {
msg_type = LOG_ERROR;
} else if (strstarts(line_ptr, "PHP Notice: ")) {
msg_type = LOG_NOTICE;
}
}
if (len >= 14 && strstarts(ptr0, "PHP Warning: ")) {
msg_type = LOG_WARNING;
msg_pre_len = 14;
} else if (len >= 18 && strstarts(ptr0, "PHP Fatal error: ")) {
msg_type = LOG_ERROR;
msg_pre_len = 18;
} else if (len >= 18 && strstarts(ptr0, "PHP Parse error: ")) {
msg_type = LOG_ERROR;
msg_pre_len = 18;
} else if (len >= 18 && strstarts(ptr0, "PHP Notice: ")) {
msg_type = LOG_NOTICE;
msg_pre_len = 13;
}
logmsgf(msg_type, "%s", line_ptr);
char *ptr2 = ptr0;
char *ptr3;
int len2;
while (ptr2 - ptr0 < len) {
ptr3 = strchr(ptr2, '\n');
len2 = (int) (len - (ptr2 - ptr0));
if (ptr3 != NULL && (ptr3 - ptr2) < len2) {
len2 = (int) (ptr3 - ptr2);
}
logmsgf(msg_type, "%.*s", len2, ptr2);
if (msg_type == 2 && ptr2 == ptr0) {
strcpy_rem_webroot(err_msg, ptr2, len2, conn->webroot);
err = 1;
}
if (ptr3 == NULL) {
break;
}
ptr2 = ptr3 + 1;
if (err_msg && msg_type <= LOG_ERROR && line_ptr != line) {
strcpy_rem_webroot(err_msg, line_ptr, cnx->webroot);
err = 1;
}
next:
if (ptr1 == NULL) {
break;
}
ptr0 = ptr1 + 13;
}
free(msg_str);
// cleanup
free(line);
return err;
}
int fastcgi_header(fastcgi_cnx_t *conn, http_res *res, char *err_msg) {
int fastcgi_recv_frame(fastcgi_cnx_t *cnx) {
FCGI_Header header;
char *content;
unsigned short content_len, req_id;
long ret;
int err = 0;
unsigned short req_id, content_len;
while (1) {
ret = recv(conn->socket, &header, sizeof(header), 0);
if (ret < 0) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket");
return 1;
} else if (ret != sizeof(header)) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket");
return 1;
}
req_id = (header.requestIdB1 << 8) | header.requestIdB0;
content_len = (header.contentLengthB1 << 8) | header.contentLengthB0;
content = malloc(content_len + header.paddingLength);
ret = recv(conn->socket, content, content_len + header.paddingLength, 0);
if (ret < 0) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket");
free(content);
return 1;
} else if (ret != (content_len + header.paddingLength)) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket");
free(content);
return 1;
}
if (sock_recv_x(&cnx->socket, &header, sizeof(header), 0) == -1)
return -1;
if (req_id != conn->req_id) {
continue;
}
req_id = ntohs(header.requestId);
content_len = ntohs(header.contentLength);
if (header.type == FCGI_END_REQUEST) {
FCGI_EndRequestBody *body = (FCGI_EndRequestBody *) content;
int app_status = (body->appStatusB3 << 24) | (body->appStatusB2 << 16) | (body->appStatusB1 << 8) |
body->appStatusB0;
if (body->protocolStatus != FCGI_REQUEST_COMPLETE) {
error("FastCGI protocol error: %i", body->protocolStatus);
}
if (app_status != 0) {
error("FastCGI app terminated with exit code %i", app_status);
}
close(conn->socket);
conn->socket = 0;
free(content);
return 1;
} else if (header.type == FCGI_STDERR) {
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
err = err || fastcgi_php_error(conn, content, content_len, err_msg);
if (req_id != cnx->req_id) {
warning("Invalid request id from FastCGI socket");
char content[256 * 256];
sock_recv_x(&cnx->socket, content, content_len + header.paddingLength, 0);
return -1;
}
if (header.type == FCGI_STDOUT || header.type == FCGI_STDERR) {
char buf[256];
if (header.type == FCGI_STDOUT && !cnx->header_sent) {
char content[256 * 256];
if (sock_recv_x(&cnx->socket, content, content_len + header.paddingLength, 0) == -1)
return -1;
char *h_pos = strstr(content, "\r\n\r\n");
long header_len = h_pos - content + 4;
if (h_pos != NULL) {
uint64_t len;
len = header_len;
if (write(cnx->fd_out, &len, sizeof(len)) == -1)
return -1;
if (write(cnx->fd_out, content, len) == -1)
return -1;
cnx->header_sent = 1;
len = content_len - header_len;
if (len > 0) {
if (write(cnx->fd_out, &len, sizeof(len)) == -1)
return -1;
if (write(cnx->fd_out, content + header_len, len) == -1)
return -1;
}
return header.type;
}
} else if (header.type == FCGI_STDOUT) {
break;
} else {
error("Unknown FastCGI type: %i", header.type);
uint64_t len = content_len;
if (write(cnx->fd_out, &len, sizeof(len)) == -1)
return -1;
}
free(content);
}
if (err) {
res->status = http_get_status(500);
return 2;
int fd = cnx->fd_out;
if (header.type == FCGI_STDERR) {
fd = cnx->fd_err;
cnx->fd_err_bytes += content_len + 1;
}
for (long ret, sent = 0; sent < content_len; sent += ret) {
// FIXME if pipe is full thread gets stuck
if ((ret = splice(cnx->socket.socket, 0, fd, 0, content_len - sent, 0)) == -1) {
if (errno == EINTR) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
}
if (header.type == FCGI_STDERR) write(fd, "\n", 1);
if (sock_recv_x(&cnx->socket, buf, header.paddingLength, 0) == -1)
return -1;
return header.type;
}
conn->out_buf = content;
conn->out_len = content_len;
conn->out_off = (unsigned short) (strstr(content, "\r\n\r\n") - content + 4);
char content[256 * 256];
if (sock_recv_x(&cnx->socket, content, content_len + header.paddingLength, 0) == -1)
return -1;
if (header.type == FCGI_END_REQUEST) {
FCGI_EndRequestBody *body = (FCGI_EndRequestBody *) content;
cnx->app_status = ntohl(body->appStatus);
if (body->protocolStatus != FCGI_REQUEST_COMPLETE)
error("FastCGI protocol error: %i", body->protocolStatus);
} else {
warning("Unknown FastCGI type: %i", header.type);
return -1;
}
return header.type;
}
int fastcgi_header(fastcgi_cnx_t *cnx, http_res *res, char *err_msg) {
long ret, len;
char content[CLIENT_MAX_HEADER_SIZE];
if ((len = sock_recv_chunk_header(&cnx->out)) == -1) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket (1)");
return -1;
}
if ((ret = sock_recv_x(&cnx->out, content, len, 0)) == -1) {
res->status = http_get_status(500);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
error("Unable to receive from FastCGI socket (2)");
return -1;
}
content[ret] = 0;
char *buf = content;
unsigned short header_len = conn->out_off;
if (header_len <= 0) {
char *h_pos = strstr(content, "\r\n\r\n");
if (h_pos == NULL) {
error("Unable to parse header: End of header not found");
return 1;
return -1;
}
long header_len = h_pos - content + 4;
for (int i = 0; i < header_len; i++) {
if ((buf[i] >= 0x00 && buf[i] <= 0x1F && buf[i] != '\r' && buf[i] != '\n') || buf[i] == 0x7F) {
error("Unable to parse header: Header contains illegal characters");
return 2;
return -1;
}
}
if (fastcgi_php_error(cnx, err_msg) != 0) {
res->status = http_get_status(500);
return 1;
}
char *ptr = buf;
while (header_len != (ptr - buf)) {
char *pos0 = strstr(ptr, "\r\n");
if (pos0 == NULL) {
error("Unable to parse header: Invalid header format");
return 1;
return -1;
}
ret = http_parse_header_field(&res->hdr, ptr, pos0, 0);
@@ -392,237 +416,36 @@ int fastcgi_header(fastcgi_cnx_t *conn, http_res *res, char *err_msg) {
return 0;
}
int fastcgi_send(fastcgi_cnx_t *conn, sock *client, int flags) {
FCGI_Header header;
long ret;
char buf0[256];
int len;
char *content, *ptr;
unsigned short req_id, content_len;
char comp_out[4096];
int finish_comp = 0;
compress_ctx comp_ctx;
if (flags & FASTCGI_COMPRESS_BR) {
flags &= ~FASTCGI_COMPRESS_GZ;
if (compress_init(&comp_ctx, COMPRESS_BR) != 0) {
error("Unable to init brotli");
flags &= ~FASTCGI_COMPRESS_BR;
}
} else if (flags & FASTCGI_COMPRESS_GZ) {
flags &= ~FASTCGI_COMPRESS_BR;
if (compress_init(&comp_ctx, COMPRESS_GZ) != 0) {
error("Unable to init gzip");
flags &= ~FASTCGI_COMPRESS_GZ;
}
}
if (conn->out_buf != NULL && conn->out_len > conn->out_off) {
content = conn->out_buf;
ptr = content + conn->out_off;
content_len = conn->out_len - conn->out_off;
goto out;
}
while (1) {
ret = recv(conn->socket, &header, sizeof(header), 0);
if (ret < 0) {
error("Unable to receive from FastCGI socket");
return -1;
} else if (ret != sizeof(header)) {
error("Unable to receive from FastCGI socket: received len (%li) != header len (%li)", ret, sizeof(header));
return -1;
}
req_id = (header.requestIdB1 << 8) | header.requestIdB0;
content_len = (header.contentLengthB1 << 8) | header.contentLengthB0;
content = malloc(content_len + header.paddingLength);
ptr = content;
long rcv_len = 0;
while (rcv_len < content_len + header.paddingLength) {
ret = recv(conn->socket, content + rcv_len, content_len + header.paddingLength - rcv_len, 0);
if (ret < 0) {
error("Unable to receive from FastCGI socket");
free(content);
return -1;
}
rcv_len += ret;
}
if (header.type == FCGI_END_REQUEST) {
FCGI_EndRequestBody *body = (FCGI_EndRequestBody *) content;
int app_status = (body->appStatusB3 << 24) | (body->appStatusB2 << 16) | (body->appStatusB1 << 8) |
body->appStatusB0;
if (body->protocolStatus != FCGI_REQUEST_COMPLETE) {
error("FastCGI protocol error: %i", body->protocolStatus);
}
if (app_status != 0) {
error("FastCGI app terminated with exit code %i", app_status);
}
close(conn->socket);
conn->socket = 0;
free(content);
if (flags & FASTCGI_COMPRESS) {
finish_comp = 1;
content_len = 0;
goto out;
finish:
compress_free(&comp_ctx);
}
if (flags & FASTCGI_CHUNKED) {
sock_send(client, "0\r\n\r\n", 5, 0);
}
return 0;
} else if (header.type == FCGI_STDERR) {
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
fastcgi_php_error(conn, content, content_len, buf0);
}
} else if (header.type == FCGI_STDOUT) {
unsigned long avail_in, avail_out;
out:
avail_in = content_len;
char *next_in = ptr;
do {
int buf_len = content_len;
if (flags & FASTCGI_COMPRESS) {
avail_out = sizeof(comp_out);
compress_compress(&comp_ctx, next_in + content_len - avail_in, &avail_in, comp_out, &avail_out, finish_comp);
ptr = comp_out;
buf_len = (int) (sizeof(comp_out) - avail_out);
}
if (buf_len != 0) {
len = sprintf(buf0, "%X\r\n", buf_len);
if (flags & FASTCGI_CHUNKED) sock_send(client, buf0, len, 0);
sock_send(client, ptr, buf_len, 0);
if (flags & FASTCGI_CHUNKED) sock_send(client, "\r\n", 2, 0);
}
} while ((flags & FASTCGI_COMPRESS) && (avail_in != 0 || avail_out != sizeof(comp_out)));
if (finish_comp) goto finish;
} else {
error("Unknown FastCGI type: %i", header.type);
}
free(content);
}
int fastcgi_dump(fastcgi_cnx_t *cnx, char *buf, long len) {
return sock_recv_x(&cnx->socket, buf, len, 0) == -1 ? -1 : 0;
}
int fastcgi_dump(fastcgi_cnx_t *conn, char *buf, long len) {
FCGI_Header header;
long ret;
char buf0[256];
char *content, *ptr = buf;
unsigned short req_id, content_len;
int fastcgi_receive(fastcgi_cnx_t *cnx, sock *client, unsigned long len) {
char buf[CHUNK_SIZE];
if (conn->out_buf != NULL && conn->out_len > conn->out_off) {
ptr += snprintf(ptr, len, "%.*s", conn->out_len - conn->out_off, conn->out_buf + conn->out_off);
}
while (1) {
ret = recv(conn->socket, &header, sizeof(header), 0);
if (ret < 0) {
error("Unable to receive from FastCGI socket");
return -1;
} else if (ret != sizeof(header)) {
error("Unable to receive from FastCGI socket: received len (%li) != header len (%li)", ret, sizeof(header));
return -1;
}
req_id = (header.requestIdB1 << 8) | header.requestIdB0;
content_len = (header.contentLengthB1 << 8) | header.contentLengthB0;
content = malloc(content_len + header.paddingLength);
long rcv_len = 0;
while (rcv_len < content_len + header.paddingLength) {
ret = recv(conn->socket, content + rcv_len, content_len + header.paddingLength - rcv_len, 0);
if (ret < 0) {
error("Unable to receive from FastCGI socket");
free(content);
return -1;
}
rcv_len += ret;
}
if (header.type == FCGI_END_REQUEST) {
FCGI_EndRequestBody *body = (FCGI_EndRequestBody *) content;
int app_status = (body->appStatusB3 << 24) | (body->appStatusB2 << 16) | (body->appStatusB1 << 8) |
body->appStatusB0;
if (body->protocolStatus != FCGI_REQUEST_COMPLETE) {
error("FastCGI protocol error: %i", body->protocolStatus);
}
if (app_status != 0) {
error("FastCGI app terminated with exit code %i", app_status);
}
close(conn->socket);
conn->socket = 0;
free(content);
return 0;
} else if (header.type == FCGI_STDERR) {
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
fastcgi_php_error(conn, content, content_len, buf0);
}
} else if (header.type == FCGI_STDOUT) {
ptr += snprintf(ptr, len - (ptr - buf), "%.*s", content_len, content);
} else {
error("Unknown FastCGI type: %i", header.type);
}
free(content);
}
}
int fastcgi_receive(fastcgi_cnx_t *conn, sock *client, unsigned long len) {
unsigned long rcv_len = 0;
char *buf[16384];
long ret;
FCGI_Header header = {
.version = FCGI_VERSION_1,
.type = FCGI_STDIN,
.requestIdB1 = conn->req_id >> 8,
.requestIdB0 = conn->req_id & 0xFF,
.contentLengthB1 = 0,
.contentLengthB0 = 0,
.paddingLength = 0,
.reserved = 0
};
while (rcv_len < len) {
ret = sock_recv(client, buf, sizeof(buf), 0);
if (ret <= 0) {
for (long to_send = (long) len, ret; to_send > 0; to_send -= ret) {
if ((ret = sock_recv(client, buf, (to_send > sizeof(buf)) ? sizeof(buf) : to_send, 0)) <= 0) {
error("Unable to receive");
return -1;
}
rcv_len += ret;
header.contentLengthB1 = (ret >> 8) & 0xFF;
header.contentLengthB0 = ret & 0xFF;
if (send(conn->socket, &header, sizeof(header), 0) != sizeof(header)) goto err;
if (send(conn->socket, buf, ret, 0) != ret) {
err:
error("Unable to send to FastCGI socket");
return -2;
if (fastcgi_send_data(cnx, FCGI_STDIN, ret, buf) == -1)
return -1;
}
return 0;
}
int fastcgi_receive_chunked(fastcgi_cnx_t *cnx, sock *client) {
for (long ret;;) {
if ((ret = sock_recv_chunk_header(client)) < 0) {
return (int) ret;
} else if (ret == 0) {
break;
}
}
return 0;
}
int fastcgi_receive_chunked(fastcgi_cnx_t *conn, sock *client) {
long ret;
unsigned long next_len;
while (1) {
ret = sock_get_chunk_header(client);
if (ret < 0) return (int) ret;
next_len = ret;
if (next_len <= 0) break;
ret = fastcgi_receive(conn, client, next_len);
if (ret < 0) return (int) ret;
if ((ret = fastcgi_receive(cnx, client, ret)) < 0)
return (int) ret;
}
return 0;

42
src/lib/fastcgi.h
View File

@@ -13,29 +13,25 @@
#include "http.h"
#include "uri.h"
#define FASTCGI_CHUNKED 1
#define FASTCGI_COMPRESS_GZ 2
#define FASTCGI_COMPRESS_BR 4
#define FASTCGI_COMPRESS 6
#define FASTCGI_COMPRESS_HOLD 8
#define FASTCGI_SOCKET_TIMEOUT 1
#define FASTCGI_TIMEOUT 3600
#define FASTCGI_PHP 1
#define FASTCGI_SESIMOS 2
#define FASTCGI_BACKEND_PHP 1
#ifndef PHP_FPM_SOCKET
# define PHP_FPM_SOCKET "/var/run/php-fpm/php-fpm.sock"
#endif
#define SESIMOS_BACKEND_SOCKET "/var/run/sesimos/backend.sock"
typedef struct {
int mode;
int socket;
unsigned char header_sent:1;
sock socket, out;
int fd_err, fd_out;
long fd_err_bytes;
FILE *err;
unsigned short req_id;
char *out_buf;
int app_status;
const char *webroot;
unsigned short out_len;
unsigned short out_off;
char *r_addr;
char *r_host;
} fastcgi_cnx_t;
@@ -44,18 +40,24 @@ char *fastcgi_add_param(char *buf, const char *key, const char *value);
int fastcgi_init(fastcgi_cnx_t *conn, int mode, unsigned int req_num, const sock *client, const http_req *req, const http_uri *uri);
int fastcgi_close_stdin(fastcgi_cnx_t *conn);
int fastcgi_close_cnx(fastcgi_cnx_t *cnx);
int fastcgi_php_error(const fastcgi_cnx_t *conn, const char *msg, int msg_len, char *err_msg);
int fastcgi_close_stdin(fastcgi_cnx_t *cnx);
int fastcgi_header(fastcgi_cnx_t *conn, http_res *res, char *err_msg);
int fastcgi_php_error(fastcgi_cnx_t *cnx, char *err_msg);
int fastcgi_send(fastcgi_cnx_t *conn, sock *client, int flags);
int fastcgi_recv_frame(fastcgi_cnx_t *cnx);
int fastcgi_dump(fastcgi_cnx_t *conn, char *buf, long len);
int fastcgi_header(fastcgi_cnx_t *cnx, http_res *res, char *err_msg);
long fastcgi_send(fastcgi_cnx_t *cnx, sock *client);
int fastcgi_dump(fastcgi_cnx_t *cnx, char *buf, long len);
int fastcgi_receive(fastcgi_cnx_t *cnx, sock *client, unsigned long len);
int fastcgi_receive_chunked(fastcgi_cnx_t *cnx, sock *client);
int fastcgi_receive(fastcgi_cnx_t *conn, sock *client, unsigned long len);
int fastcgi_receive_chunked(fastcgi_cnx_t *conn, sock *client);
#endif //SESIMOS_FASTCGI_H

45
src/lib/http.c
View File

@@ -15,6 +15,8 @@
#include <string.h>
#include <errno.h>
void http_append_to_header_field(http_field *field, const char *value, unsigned long len);
static int http_error(int err) {
if (err == 0) {
errno = 0;
@@ -191,7 +193,8 @@ int http_parse_request(char *buf, http_req *req) {
if (req->version[0] == 0) {
pos1 = (char *) strchr(ptr, ' ') + 1;
if (pos1 == NULL) goto err_hdr_fmt;
if (pos1 == NULL)
return http_error(HTTP_ERROR_HEADER_MALFORMED);
if (pos1 - ptr - 1 >= sizeof(req->method))
return http_error(HTTP_ERROR_HEADER_MALFORMED);
@@ -203,10 +206,8 @@ int http_parse_request(char *buf, http_req *req) {
snprintf(req->method, sizeof(req->method), "%.*s", (int) (pos1 - ptr - 1), ptr);
pos2 = (char *) strchr(pos1, ' ') + 1;
if (pos2 == NULL) {
err_hdr_fmt:
if (pos2 == NULL)
return http_error(HTTP_ERROR_HEADER_MALFORMED);
}
if (memcmp(pos2, "HTTP/", 5) != 0 || memcmp(pos2 + 8, "\r\n", 2) != 0)
return http_error(HTTP_ERROR_INVALID_VERSION);
@@ -251,8 +252,7 @@ int http_receive_request(sock *client, http_req *req) {
if (header_len < 0)
return (int) -header_len;
rcv_len = sock_recv(client, buf, header_len, 0);
if (rcv_len != header_len)
if (sock_recv_x(client, buf, header_len, 0) == -1)
return -1;
return 0;
@@ -309,6 +309,15 @@ int http_add_header_field_len(http_hdr *hdr, const char *name, unsigned long nam
return 0;
}
int http_add_to_header_field(http_hdr *hdr, const char *field_name, const char *field_value) {
int field_num = http_get_header_field_num(hdr, field_name);
if (field_num == -1)
return http_add_header_field(hdr, field_name, field_value);
http_append_to_header_field(&hdr->fields[field_num], field_value, strlen(field_value));
return 0;
}
void http_append_to_header_field(http_field *field, const char *value, unsigned long len) {
if (field->type == HTTP_FIELD_NORMAL) {
unsigned long total_len = strlen(field->normal.value) + len + 1;
@@ -358,7 +367,7 @@ int http_send_response(sock *client, http_res *res) {
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
}
off += sprintf(buf + off, "\r\n");
if (sock_send(client, buf, off, 0) != off)
if (sock_send_x(client, buf, off, 0) != off)
return -1;
return 0;
@@ -372,12 +381,20 @@ int http_send_request(sock *server, http_req *req) {
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
}
off += sprintf(buf + off, "\r\n");
if (sock_send(server, buf, off, 0) != off)
if (sock_send_x(server, buf, off, 0) != off)
return -1;
return 0;
}
int http_send_100_continue(sock *client) {
char buf[256];
char date_buf[64];
int size = sprintf(buf, "HTTP/1.1 100 Continue\r\nDate: %s\r\nServer: " SERVER_STR "\r\n\r\n",
http_get_date(date_buf, sizeof(date_buf)));
return sock_send_x(client, buf, size, 0) == -1 ? -1 : 0;
}
const http_status *http_get_status(status_code_t status_code) {
for (int i = 0; i < http_statuses_size; i++) {
if (http_statuses[i].code == status_code) {
@@ -408,9 +425,9 @@ const char *http_get_status_color(status_code_t status_code) {
}
}
char *http_format_date(time_t time, char *buf, size_t size) {
char *http_format_date(time_t ts, char *buf, size_t size) {
struct tm time_info;
strftime(buf, size, "%a, %d %b %Y %H:%M:%S GMT", gmtime_r(&time, &time_info));
strftime(buf, size, "%a, %d %b %Y %H:%M:%S GMT", gmtime_r(&ts, &time_info));
return buf;
}
@@ -451,3 +468,11 @@ int http_get_compression(const http_req *req, const http_res *res) {
}
return 0;
}
long http_get_keep_alive_timeout(http_hdr *hdr) {
const char *keep_alive = http_get_header_field(hdr, "Keep-Alive");
if (!keep_alive) return -1;
const char *timeout = strstr(keep_alive, "timeout=");
if (!timeout) return -1;
return strtol(timeout + 8, NULL, 10);
}

6
src/lib/http.h
View File

@@ -166,7 +166,7 @@ int http_add_header_field(http_hdr *hdr, const char *field_name, const char *fie
int http_add_header_field_len(http_hdr *hdr, const char *name, unsigned long name_len, const char *value, unsigned long value_len);
void http_append_to_header_field(http_field *field, const char *value, unsigned long len);
int http_add_to_header_field(http_hdr *hdr, const char *field_name, const char *field_value);
void http_remove_header_field(http_hdr *hdr, const char *field_name, int mode);
@@ -174,6 +174,8 @@ int http_send_response(sock *client, http_res *res);
int http_send_request(sock *server, http_req *req);
int http_send_100_continue(sock *client);
const http_status *http_get_status(status_code_t status_code);
const http_status_msg *http_get_error_msg(status_code_t status_code);
@@ -188,4 +190,6 @@ const http_doc_info *http_get_status_info(status_code_t status_code);
int http_get_compression(const http_req *req, const http_res *res);
long http_get_keep_alive_timeout(http_hdr *hdr);
#endif //SESIMOS_HTTP_H

14
src/lib/include/fastcgi.h
View File

@@ -15,10 +15,8 @@
typedef struct {
unsigned char version;
unsigned char type;
unsigned char requestIdB1;
unsigned char requestIdB0;
unsigned char contentLengthB1;
unsigned char contentLengthB0;
unsigned short requestId;
unsigned short contentLength;
unsigned char paddingLength;
unsigned char reserved;
} FCGI_Header;
@@ -56,8 +54,7 @@ typedef struct {
#define FCGI_NULL_REQUEST_ID 0
typedef struct {
unsigned char roleB1;
unsigned char roleB0;
unsigned short role;
unsigned char flags;
unsigned char reserved[5];
} FCGI_BeginRequestBody;
@@ -80,10 +77,7 @@ typedef struct {
#define FCGI_FILTER 3
typedef struct {
unsigned char appStatusB3;
unsigned char appStatusB2;
unsigned char appStatusB1;
unsigned char appStatusB0;
unsigned int appStatus;
unsigned char protocolStatus;
unsigned char reserved[3];
} FCGI_EndRequestBody;

9
src/lib/list.c
View File

@@ -14,8 +14,11 @@ typedef struct {
} list_meta_t;
static void *list_resize(list_meta_t *list, int new_size) {
if (new_size <= 0)
if (new_size <= 0) {
return NULL;
} else if (new_size == list->max_size) {
return list;
}
list_meta_t *new_ptr = realloc(list, sizeof(list_meta_t) + list->elem_size * new_size);
if (new_ptr == NULL)
@@ -61,6 +64,10 @@ int list_find(void *list_ptr, void *elem) {
return -1;
}
int list_contains(void *list_ptr, void *elem) {
return list_find(list_ptr, elem) != -1;
}
void *list_insert(void *list_ptr, void *elem, int n) {
void *ptr = NULL;
list_ptr = list_insert_ptr(list_ptr, &ptr, n);

2
src/lib/list.h
View File

@@ -8,6 +8,8 @@ int list_size(const void *list_ptr);
int list_find(void *list_ptr, void *elem);
int list_contains(void *list_ptr, void *elem);
void *list_insert(void *list_ptr, void *elem, int n);
void *list_insert_ptr(void *list_ptr, void **elem, int n);

11
src/lib/mpmc.c
View File

@@ -52,22 +52,20 @@ int mpmc_init(mpmc_t *ctx, int n_workers, int buf_size, void (*consumer)(void *o
int mpmc_queue(mpmc_t *ctx, void *obj) {
// wait for buffer to be emptied
try_again_1:
if (sem_wait(&ctx->free) != 0) {
while (sem_wait(&ctx->free) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_1;
continue;
} else {
return -1;
}
}
// lock wr field
try_again_2:
if (sem_wait(&ctx->lck_wr) != 0) {
while (sem_wait(&ctx->lck_wr) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_2;
continue;
} else {
sem_post(&ctx->free);
return -1;
@@ -151,6 +149,7 @@ void mpmc_destroy(mpmc_t *ctx) {
mpmc_stop(ctx);
for (int i = 0; i < ctx->n_workers; i++) {
if (ctx->workers[i] == -1) break;
debug("Waiting for worker %s/%i to finish...", ctx->name, i);
pthread_kill(ctx->workers[i], SIGUSR1);
pthread_join(ctx->workers[i], NULL);
}

482
src/lib/proxy.c
View File

@@ -11,7 +11,6 @@
#include "../logger.h"
#include "proxy.h"
#include "utils.h"
#include "compress.h"
#include "config.h"
#include "error.h"
@@ -20,7 +19,6 @@
#include <errno.h>
#include <openssl/err.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <semaphore.h>
static SSL_CTX *proxy_ctx = NULL;
@@ -106,19 +104,19 @@ proxy_ctx_t *proxy_get_by_conf(host_config_t *conf) {
n++;
}
try_again_1:
if (sem_wait(&available[n]) != 0) {
while (sem_wait(&available[n]) != 0) {
if (errno == EINTR) {
goto try_again_1;
errno = 0;
continue;
} else {
return NULL;
}
}
try_again_2:
if (sem_wait(&lock) != 0) {
while (sem_wait(&lock) != 0) {
if (errno == EINTR) {
goto try_again_2;
errno = 0;
continue;
} else {
sem_post(&available[n]);
return NULL;
@@ -139,10 +137,20 @@ proxy_ctx_t *proxy_get_by_conf(host_config_t *conf) {
return NULL;
}
void proxy_unlock_ctx(proxy_ctx_t *ctx) {
int proxy_unlock_ctx(proxy_ctx_t *ctx) {
int n = (int) ((ctx - proxies) / MAX_PROXY_CNX_PER_HOST);
if (ctx->close) proxy_close(ctx);
debug("Released proxy connection slot %i/%i", (ctx - proxies) % MAX_PROXY_CNX_PER_HOST, MAX_PROXY_CNX_PER_HOST);
ctx->in_use = 0;
ctx->client = NULL;
sem_post(&available[n]);
if (!ctx->close) {
return 1;
} else {
ctx->close = 0;
return 0;
}
}
int proxy_request_header(http_req *req, sock *sock) {
@@ -269,24 +277,28 @@ int proxy_response_header(http_req *req, http_res *res, host_config_t *conf) {
const char *location = http_get_header_field(&res->hdr, "Location");
if (location != NULL) {
char *hostnames[] = {conf->name, conf->proxy.hostname};
int found = 0;
for (int i = 0; i < sizeof(hostnames) / sizeof(hostnames[0]); i++) {
char *hostname = hostnames[i];
found = 1;
p_len = snprintf(buf1, sizeof(buf1), "http://%s/", hostname);
if (strncmp(location, buf1, p_len) == 0) goto match;
if (strstarts(location, buf1)) break;
p_len = snprintf(buf1, sizeof(buf1), "https://%s/", hostname);
if (strncmp(location, buf1, p_len) == 0) goto match;
if (strstarts(location, buf1)) break;
p_len = snprintf(buf1, sizeof(buf1), "http://%s:%i/", hostname, conf->proxy.port);
if (strncmp(location, buf1, p_len) == 0) goto match;
if (strstarts(location, buf1)) break;
p_len = snprintf(buf1, sizeof(buf1), "https://%s:%i/", hostname, conf->proxy.port);
if (strncmp(location, buf1, p_len) == 0) goto match;
if (strstarts(location, buf1)) break;
found = 0;
}
if (0) {
match:
if (found) {
strcpy(buf1, location + p_len - 1);
http_remove_header_field(&res->hdr, "Location", HTTP_REMOVE_ALL);
http_add_header_field(&res->hdr, "Location", buf1);
@@ -296,84 +308,39 @@ int proxy_response_header(http_req *req, http_res *res, host_config_t *conf) {
return 0;
}
int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_status_ctx *ctx, host_config_t *conf, sock *client, http_status *custom_status, char *err_msg) {
char buffer[CHUNK_SIZE], err_buf[256];
const char *connection, *upgrade, *ws_version;
long ret;
int tries = 0, retry = 0;
static int proxy_connect(proxy_ctx_t *proxy, host_config_t *conf, http_res *res, http_status_ctx *ctx, char *err_msg) {
char err_buf[256], addr_buf[1024];
*proxy_ptr = proxy_get_by_conf(conf);
proxy_ctx_t *proxy = *proxy_ptr;
proxy->client = NULL;
info(BLUE_STR "Connecting to " BLD_STR "[%s]:%i" CLR_STR BLUE_STR "...", conf->proxy.hostname, conf->proxy.port);
if (proxy->initialized && sock_has_pending(&proxy->proxy) == 0)
goto proxy;
retry:
if (proxy->initialized)
proxy_close(proxy);
retry = 0;
tries++;
proxy->proxy.socket = socket(AF_INET6, SOCK_STREAM, 0);
if (proxy->proxy.socket < 0) {
error("Unable to create socket");
res->status = http_get_status(500);
ctx->origin = INTERNAL;
return -1;
}
if (sock_set_socket_timeout(&proxy->proxy, 1) != 0 || sock_set_timeout(&proxy->proxy, SERVER_TIMEOUT_INIT) != 0)
goto proxy_timeout_err;
struct hostent *host_ent = gethostbyname2(conf->proxy.hostname, AF_INET6);
if (host_ent == NULL) {
host_ent = gethostbyname2(conf->proxy.hostname, AF_INET);
if (host_ent == NULL) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to connect to server: Name or service not known");
sprintf(err_msg, "Unable to connect to server: Name or service not known.");
goto proxy_err;
}
}
struct sockaddr_in6 address = {.sin6_family = AF_INET6, .sin6_port = htons(conf->proxy.port)};
if (host_ent->h_addrtype == AF_INET6) {
memcpy(&address.sin6_addr, host_ent->h_addr_list[0], host_ent->h_length);
} else if (host_ent->h_addrtype == AF_INET) {
unsigned char addr[16] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF, 0, 0, 0, 0};
memcpy(addr + 12, host_ent->h_addr_list[0], host_ent->h_length);
memcpy(&address.sin6_addr, addr, 16);
}
inet_ntop(address.sin6_family, (void *) &address.sin6_addr, buffer, sizeof(buffer));
info(BLUE_STR "Connecting to " BLD_STR "[%s]:%i" CLR_STR BLUE_STR "...", buffer, conf->proxy.port);
if (connect(proxy->proxy.socket, (struct sockaddr *) &address, sizeof(address)) < 0) {
if (errno == ETIMEDOUT || errno == EINPROGRESS) {
int fd;
if ((fd = sock_connect(conf->proxy.hostname, conf->proxy.port, SERVER_SOCKET_TIMEOUT_INIT, addr_buf, sizeof(addr_buf))) == -1) {
if (errno == ETIMEDOUT || errno == EINPROGRESS || errno == EHOSTDOWN || errno == EHOSTUNREACH) {
res->status = http_get_status(504);
ctx->origin = SERVER_REQ;
} else if (errno == ECONNREFUSED) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
} else if (errno == ECONNABORTED || errno == ECONNRESET) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
} else {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
}
error("Unable to connect to [%s]:%i", buffer, conf->proxy.port);
error("Unable to connect to [%s]:%i", addr_buf, conf->proxy.port);
sprintf(err_msg, "Unable to connect to server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
goto proxy_err;
return -1;
}
sock_init(&proxy->proxy, fd, 0);
if (sock_set_timeout(&proxy->proxy, SERVER_TIMEOUT) != 0) {
proxy_timeout_err:
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unable to set timeout for reverse proxy socket");
sprintf(err_msg, "Unable to set timeout for reverse proxy socket: %s", error_str(errno, err_buf, sizeof(err_buf)));
goto proxy_err;
return -1;
}
if (conf->proxy.enc) {
@@ -381,28 +348,44 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
SSL_set_fd(proxy->proxy.ssl, proxy->proxy.socket);
SSL_set_connect_state(proxy->proxy.ssl);
ret = SSL_do_handshake(proxy->proxy.ssl);
if (ret != 1) {
sock_error(&proxy->proxy, ret);
int ret;
if ((ret = SSL_do_handshake(proxy->proxy.ssl)) != 1) {
sock_error(&proxy->proxy, (int) ret);
SSL_free(proxy->proxy.ssl);
proxy->proxy.ssl = NULL;
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to perform handshake");
sprintf(err_msg, "Unable to perform handshake: %s.", error_str(errno, err_buf, sizeof(err_buf)));
goto proxy_err;
return -1;
}
proxy->proxy.enc = 1;
}
proxy->initialized = 1;
proxy->cnx_s = clock_micros();
proxy->host = conf->name;
info(BLUE_STR "Established new connection with " BLD_STR "[%s]:%i", buffer, conf->proxy.port);
proxy->http_timeout = 0;
proxy:
connection = http_get_header_field(&req->hdr, "Connection");
info(BLUE_STR "Established new connection with " BLD_STR "[%s]:%i" CLR_STR BLUE_STR " (slot %i/%i)",
addr_buf, conf->proxy.port, (proxy - proxies) % MAX_PROXY_CNX_PER_HOST, MAX_PROXY_CNX_PER_HOST);
return 0;
}
int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_status_ctx *ctx, host_config_t *conf, sock *client, http_status *custom_status, char *err_msg) {
char buffer[CHUNK_SIZE], err_buf[256];
long ret;
*proxy_ptr = proxy_get_by_conf(conf);
proxy_ctx_t *proxy = *proxy_ptr;
proxy->client = NULL;
debug("Selected proxy connection slot %i/%i", (proxy - proxies) % MAX_PROXY_CNX_PER_HOST, MAX_PROXY_CNX_PER_HOST);
const char *connection = http_get_header_field(&req->hdr, "Connection");
if (strcontains(connection, "upgrade") || strcontains(connection, "Upgrade")) {
upgrade = http_get_header_field(&req->hdr, "Upgrade");
ws_version = http_get_header_field(&req->hdr, "Sec-WebSocket-Version");
const char *upgrade = http_get_header_field(&req->hdr, "Upgrade");
const char *ws_version = http_get_header_field(&req->hdr, "Sec-WebSocket-Version");
if (streq(upgrade, "websocket") && streq(ws_version, "13")) {
ctx->ws_key = http_get_header_field(&req->hdr, "Sec-WebSocket-Key");
} else {
@@ -422,48 +405,163 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
return -1;
}
ret = http_send_request(&proxy->proxy, req);
if (ret < 0) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to send request to server (1)");
sprintf(err_msg, "Unable to send request to server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
retry = tries < 4;
goto proxy_err;
}
for (int retry = 1, srv_error = 0, tries = 0;; tries++) {
errno = 0;
if (!retry)
return -1;
const char *content_length = http_get_header_field(&req->hdr, "Content-Length");
unsigned long content_len = content_length != NULL ? strtoul(content_length, NULL, 10) : 0;
const char *transfer_encoding = http_get_header_field(&req->hdr, "Transfer-Encoding");
// honor server timeout with one second buffer
if (!proxy->initialized || srv_error ||
(proxy->http_timeout > 0 && (clock_micros() - proxy->proxy.ts_last_send) >= proxy->http_timeout) ||
sock_has_pending(&proxy->proxy, SOCK_DONTWAIT))
{
if (proxy->initialized)
proxy_close(proxy);
ret = 0;
if (content_len > 0) {
ret = sock_splice(&proxy->proxy, client, buffer, sizeof(buffer), content_len);
} else if (strcontains(transfer_encoding, "chunked")) {
ret = sock_splice_chunked(&proxy->proxy, client, buffer, sizeof(buffer));
}
retry = 0;
srv_error = 0;
tries++;
if (ret < 0 || (content_len != 0 && ret != content_len)) {
if (ret == -1) {
if (proxy_connect(proxy, conf, res, ctx, err_msg) != 0)
continue;
}
ret = http_send_request(&proxy->proxy, req);
if (ret < 0) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to send request to server (2)");
error("Unable to send request to server (1)");
sprintf(err_msg, "Unable to send request to server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
retry = tries < 4;
goto proxy_err;
} else if (ret == -2) {
res->status = http_get_status(400);
ctx->origin = CLIENT_REQ;
error("Unable to receive request from client");
sprintf(err_msg, "Unable to receive request from client: %s.", error_str(errno, err_buf, sizeof(err_buf)));
srv_error = 1;
continue;
}
break;
}
const char *client_expect = http_get_header_field(&req->hdr, "Expect");
int expect_100_continue = (client_expect != NULL && strcasecmp(client_expect, "100-continue") == 0);
int ignore_content = 0;
if (expect_100_continue) {
http_res tmp_res = {
.version = "1.1",
.status = http_get_status(501),
};
if (http_init_hdr(&tmp_res.hdr) != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unable to initialize http header");
return -1;
}
ret = proxy_peek_response(proxy, &tmp_res, ctx, custom_status, err_msg);
http_free_hdr(&tmp_res.hdr);
if (ret < 0)
return (int) ret;
if (tmp_res.status->code == 100) {
if (sock_recv_x(&proxy->proxy, buffer, ret, 0) == -1) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
error("Unable to receive from server");
return -1;
}
info("%s -> %03i %s%s", http_get_status_color(tmp_res.status->code), tmp_res.status->code, tmp_res.status->msg, CLR_STR);
if (http_send_response(client, &tmp_res) != 0) {
res->status = http_get_status(400);
ctx->origin = CLIENT_RES;
error("Unable to send to client");
return -1;
}
} else {
ignore_content = 1;
}
}
if (!ignore_content) {
const char *content_length = http_get_header_field(&req->hdr, "Content-Length");
unsigned long content_len = content_length != NULL ? strtoul(content_length, NULL, 10) : 0;
const char *transfer_encoding = http_get_header_field(&req->hdr, "Transfer-Encoding");
ret = 0;
if (content_len > 0) {
ret = sock_splice(&proxy->proxy, client, buffer, sizeof(buffer), content_len);
} else if (strcontains(transfer_encoding, "chunked")) {
ret = sock_splice_chunked(&proxy->proxy, client, buffer, sizeof(buffer), SOCK_CHUNKED);
}
if (ret < 0 || (content_len != 0 && ret != content_len)) {
if (ret == -1 && errno != EPROTO) {
res->status = http_get_status(502);
ctx->origin = SERVER_REQ;
error("Unable to send request to server (2)");
sprintf(err_msg, "Unable to send request to server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
return -1;
} else if (ret == -1) {
res->status = http_get_status(400);
ctx->origin = CLIENT_REQ;
error("Unable to receive request from client");
sprintf(err_msg, "Unable to receive request from client: %s.", error_str(errno, err_buf, sizeof(err_buf)));
return -1;
}
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unknown Error");
return -1;
}
}
if (sock_set_socket_timeout(&proxy->proxy, SERVER_SOCKET_TIMEOUT_RES) != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unknown Error");
error("Unable to set timeout for reverse proxy socket");
return -1;
}
while (1) {
ret = proxy_peek_response(proxy, res, ctx, custom_status, err_msg);
if (ret < 0) {
return (int) ret;
} else if (sock_recv_x(&proxy->proxy, buffer, ret, 0) == -1) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
error("Unable to receive from server");
return -1;
}
if (res->status->code == 100) {
info("%s -> %03i %s%s", http_get_status_color(res->status->code), res->status->code, res->status->msg, CLR_STR);
if (http_send_response(client, res) != 0) {
res->status = http_get_status(400);
ctx->origin = CLIENT_RES;
error("Unable to send to client");
return -1;
}
} else {
break;
}
}
long keep_alive_timeout = http_get_keep_alive_timeout(&res->hdr);
proxy->http_timeout = (keep_alive_timeout > 0) ? keep_alive_timeout * 1000000 : 0;
connection = http_get_header_field(&res->hdr, "Connection");
proxy->close = !streq(res->version, "1.1") || strcontains(connection, "close") || strcontains(connection, "Close");
ret = proxy_response_header(req, res, conf);
if (ret != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
return -1;
}
return 0;
}
int proxy_peek_response(proxy_ctx_t *proxy, http_res *res, http_status_ctx *ctx, http_status *custom_status, char *err_msg) {
char buffer[CHUNK_SIZE], err_buf[256];
long ret;
ret = sock_recv(&proxy->proxy, buffer, sizeof(buffer) - 1, MSG_PEEK);
if (ret <= 0) {
int e_sys = error_get_sys(), e_ssl = error_get_ssl();
@@ -476,11 +574,17 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
}
error("Unable to receive response from server");
sprintf(err_msg, "Unable to receive response from server: %s.", error_str(errno, err_buf, sizeof(err_buf)));
retry = tries < 4;
goto proxy_err;
return -1;
}
buffer[ret] = 0;
if (sock_set_socket_timeout(&proxy->proxy, SOCKET_TIMEOUT) != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
error("Unable to set timeout for reverse proxy socket");
return -1;
}
char *buf = buffer;
unsigned short header_len = (unsigned short) (strstr(buffer, "\r\n\r\n") - buffer + 4);
@@ -489,7 +593,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: End of header not found");
sprintf(err_msg, "Unable to parser header: End of header not found.");
goto proxy_err;
return -2;
}
for (int i = 0; i < header_len; i++) {
@@ -498,7 +602,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: Header contains illegal characters");
sprintf(err_msg, "Unable to parse header: Header contains illegal characters.");
goto proxy_err;
return -2;
}
}
@@ -510,7 +614,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: Invalid header format");
sprintf(err_msg, "Unable to parse header: Invalid header format.");
goto proxy_err;
return -2;
}
if (ptr == buf) {
if (!strstarts(ptr, "HTTP/")) {
@@ -518,7 +622,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: Invalid header format");
sprintf(err_msg, "Unable to parse header: Invalid header format.");
goto proxy_err;
return -2;
}
int status_code = (int) strtol(ptr + 9, NULL, 10);
res->status = http_get_status(status_code);
@@ -533,7 +637,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header: Invalid or unknown status code");
sprintf(err_msg, "Unable to parse header: Invalid or unknown status code.");
goto proxy_err;
return -2;
}
} else {
if (http_parse_header_field(&res->hdr, ptr, pos0, 0) != 0) {
@@ -541,7 +645,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
ctx->origin = SERVER_RES;
error("Unable to parse header");
sprintf(err_msg, "Unable to parse header.");
goto proxy_err;
return -2;
}
}
if (pos0[2] == '\r' && pos0[3] == '\n') {
@@ -549,125 +653,15 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
}
ptr = pos0 + 2;
}
sock_recv(&proxy->proxy, buffer, header_len, 0);
ret = proxy_response_header(req, res, conf);
if (ret != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
return -1;
}
return 0;
proxy_err:
errno = 0;
if (retry) goto retry;
return -1;
return header_len;
}
int proxy_send(proxy_ctx_t *proxy, sock *client, unsigned long len_to_send, int flags) {
char buffer[CHUNK_SIZE], comp_out[CHUNK_SIZE], buf[256], *ptr;
long ret = 0, len, snd_len;
int finish_comp = 0;
compress_ctx comp_ctx;
if (flags & PROXY_COMPRESS_BR) {
flags &= ~PROXY_COMPRESS_GZ;
if (compress_init(&comp_ctx, COMPRESS_BR) != 0) {
error("Unable to init brotli");
flags &= ~PROXY_COMPRESS_BR;
}
} else if (flags & PROXY_COMPRESS_GZ) {
flags &= ~PROXY_COMPRESS_BR;
if (compress_init(&comp_ctx, COMPRESS_GZ) != 0) {
error("Unable to init gzip");
flags &= ~PROXY_COMPRESS_GZ;
}
}
do {
snd_len = 0;
if (flags & PROXY_CHUNKED) {
ret = sock_get_chunk_header(&proxy->proxy);
if (ret < 0) {
if (ret == -1) {
error("Unable to receive from server: Malformed chunk header");
} else {
error("Unable to receive from server");
}
break;
}
len_to_send = ret;
ret = 1;
if (len_to_send == 0 && (flags & PROXY_COMPRESS)) {
finish_comp = 1;
len = 0;
ptr = NULL;
goto out;
finish:
compress_free(&comp_ctx);
}
}
while (snd_len < len_to_send) {
unsigned long avail_in, avail_out;
ret = sock_recv(&proxy->proxy, buffer, CHUNK_SIZE < (len_to_send - snd_len) ? CHUNK_SIZE : len_to_send - snd_len, 0);
if (ret <= 0) {
error("Unable to receive from server");
break;
}
len = ret;
ptr = buffer;
out:
avail_in = len;
char *next_in = ptr;
do {
long buf_len = len;
if (flags & PROXY_COMPRESS) {
avail_out = sizeof(comp_out);
compress_compress(&comp_ctx, next_in + len - avail_in, &avail_in, comp_out, &avail_out, finish_comp);
ptr = comp_out;
buf_len = (int) (sizeof(comp_out) - avail_out);
snd_len += (long) (len - avail_in);
}
if (buf_len != 0) {
len = sprintf(buf, "%lX\r\n", buf_len);
ret = 1;
if (flags & PROXY_CHUNKED) ret = sock_send(client, buf, len, 0);
if (ret <= 0) goto err;
ret = sock_send(client, ptr, buf_len, 0);
if (ret <= 0) goto err;
if (!(flags & PROXY_COMPRESS)) snd_len += ret;
if (flags & PROXY_CHUNKED) ret = sock_send(client, "\r\n", 2, 0);
if (ret <= 0) {
err:
error("Unable to send");
break;
}
}
} while ((flags & PROXY_COMPRESS) && (avail_in != 0 || avail_out != sizeof(comp_out)));
if (ret <= 0) break;
if (finish_comp) goto finish;
}
if (ret <= 0) break;
if (flags & PROXY_CHUNKED) sock_recv(&proxy->proxy, buffer, 2, 0);
} while ((flags & PROXY_CHUNKED) && len_to_send > 0);
if (ret <= 0) return -1;
if (flags & PROXY_CHUNKED) {
ret = sock_send(client, "0\r\n\r\n", 5, 0);
if (ret <= 0) {
error("Unable to send");
return -1;
}
}
return 0;
long proxy_send(proxy_ctx_t *proxy, sock *client, unsigned long len_to_send, int flags) {
long ret;
char buffer[CHUNK_SIZE];
if ((ret = sock_splice(client, &proxy->proxy, buffer, sizeof(buffer), len_to_send)) == -1)
return -1;
return ret;
}
int proxy_dump(proxy_ctx_t *proxy, char *buf, long len) {
@@ -683,9 +677,19 @@ void proxy_close(proxy_ctx_t *ctx) {
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, cctx->req_host, CLR_STR, cctx->log_prefix);
}
info(BLUE_STR "Closing proxy connection");
sock_close(&ctx->proxy);
if (ctx->initialized) {
ctx->cnx_e = clock_micros();
char buf[32];
info(BLUE_STR "Closing proxy connection %i/%i (%s)",
(ctx - proxies) % MAX_PROXY_CNX_PER_HOST, MAX_PROXY_CNX_PER_HOST,
format_duration(ctx->cnx_e - ctx->cnx_s, buf));
}
memset(ctx, 0, sizeof(*ctx));
sock_close(&ctx->proxy);
ctx->initialized = 0;
ctx->http_timeout = 0;
ctx->cnx_e = 0, ctx->cnx_s = 0;
ctx->client = NULL;
ctx->host = NULL;
errno = 0;
}

13
src/lib/proxy.h
View File

@@ -10,9 +10,6 @@
#define SESIMOS_PROXY_H
#define PROXY_CHUNKED 1
#define PROXY_COMPRESS_GZ 2
#define PROXY_COMPRESS_BR 4
#define PROXY_COMPRESS 6
#ifndef SERVER_NAME
# define SERVER_NAME "reverse proxy"
@@ -22,8 +19,10 @@
#include "config.h"
typedef struct {
unsigned char initialized:1, in_use:1;
volatile unsigned char initialized:1, in_use:1, close:1;
sock proxy;
long cnx_s, cnx_e;
long http_timeout;
char *host;
void *client;
} proxy_ctx_t;
@@ -36,7 +35,7 @@ void proxy_close_all(void);
proxy_ctx_t *proxy_get_by_conf(host_config_t *conf);
void proxy_unlock_ctx(proxy_ctx_t *ctx);
int proxy_unlock_ctx(proxy_ctx_t *ctx);
int proxy_request_header(http_req *req, sock *sock);
@@ -44,7 +43,9 @@ int proxy_response_header(http_req *req, http_res *res, host_config_t *conf);
int proxy_init(proxy_ctx_t **proxy, http_req *req, http_res *res, http_status_ctx *ctx, host_config_t *conf, sock *client, http_status *custom_status, char *err_msg);
int proxy_send(proxy_ctx_t *proxy, sock *client, unsigned long len_to_send, int flags);
int proxy_peek_response(proxy_ctx_t *proxy, http_res *res, http_status_ctx *ctx, http_status *custom_status, char *err_msg);
long proxy_send(proxy_ctx_t *proxy, sock *client, unsigned long len_to_send, int flags);
int proxy_dump(proxy_ctx_t *proxy, char *buf, long len);

396
src/lib/sock.c
View File

@@ -9,6 +9,7 @@
#include "sock.h"
#include "utils.h"
#include "error.h"
#include "../logger.h"
#include <errno.h>
#include <openssl/ssl.h>
@@ -16,8 +17,11 @@
#include <sys/socket.h>
#include <unistd.h>
#include <openssl/err.h>
#include <sys/ioctl.h>
#include <fcntl.h>
#include <netdb.h>
static void ssl_error(unsigned long err) {
static void sock_ssl_error(unsigned long err) {
if (err == SSL_ERROR_NONE) {
errno = 0;
} else if (err == SSL_ERROR_SYSCALL) {
@@ -30,7 +34,18 @@ static void ssl_error(unsigned long err) {
}
void sock_error(sock *s, int ret) {
ssl_error(SSL_get_error(s->ssl, ret));
sock_ssl_error(SSL_get_error(s->ssl, ret));
}
int sock_gai_error(int ret) {
if (ret == 0) {
errno = 0;
} else if (ret == EAI_SYSTEM) {
// errno already set
} else {
error_gai(ret);
}
return -1;
}
const char *sock_error_str(unsigned long err) {
@@ -60,21 +75,120 @@ const char *sock_error_str(unsigned long err) {
}
}
int sock_set_socket_timeout_micros(sock *s, long recv_micros, long send_micros) {
int sock_init(sock *s, int fd, int flags) {
if ((flags & SOCK_ENCRYPTED) && (flags & SOCK_PIPE)) {
errno = EINVAL;
return -1;
}
s->socket = fd;
s->enc = !!(flags & SOCK_ENCRYPTED);
s->pipe = !!(flags & SOCK_PIPE);
s->ts_start = clock_micros();
s->ts_last = s->ts_start;
s->ts_last_send = s->ts_last;
s->timeout_us = -1;
s->ssl = NULL;
s->addr = NULL;
s->s_addr = NULL;
return 0;
}
int sock_connect(const char *hostname, unsigned short port, double timeout_sec, char *addr_buf, size_t addr_buf_size) {
char buf[INET6_ADDRSTRLEN + 1];
int ret, fd, e = 0;
long timeout_micros = (long) (timeout_sec * 1000000L);
struct addrinfo *result, *rp,
hints = {
.ai_family = AF_UNSPEC,
.ai_socktype = SOCK_STREAM,
.ai_protocol = 0,
.ai_flags = 0,
};
if (addr_buf && addr_buf_size > 1)
addr_buf[0] = 0;
if ((ret = getaddrinfo(hostname, NULL, &hints, &result)) != 0)
return sock_gai_error(ret);
for (rp = result; rp != NULL; rp = rp->ai_next) {
switch (rp->ai_family) {
case AF_INET:
((struct sockaddr_in *) rp->ai_addr)->sin_port = htons(port);
inet_ntop(rp->ai_family, &((struct sockaddr_in *) rp->ai_addr)->sin_addr, buf, addr_buf_size);
break;
case AF_INET6:
((struct sockaddr_in6 *) rp->ai_addr)->sin6_port = htons(port);
inet_ntop(rp->ai_family, &((struct sockaddr_in6 *) rp->ai_addr)->sin6_addr, buf, addr_buf_size);
break;
}
debug("Trying [%s]:%i", buf, port);
if ((fd = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol)) == -1) {
if (e == 0) {
e = errno;
} else if (e != errno) {
e = -1;
}
continue;
}
if (sock_set_socket_timeout_micros(fd, timeout_micros, timeout_micros) == -1) {
close(fd);
return -1;
}
if (connect(fd, rp->ai_addr, rp->ai_addrlen) == -1) {
e = errno;
close(fd);
continue;
}
break;
}
freeaddrinfo(result);
if (addr_buf && addr_buf_size > 1 && addr_buf[0] == 0)
strncpy(addr_buf, buf, addr_buf_size);
errno = e;
return (e == 0) ? fd : -1;
}
int sock_reverse_lookup(const sock *s, char *host, size_t host_size) {
memset(host, 0, host_size);
int ret;
if ((ret = getnameinfo(&s->_addr.sock, sizeof(s->_addr), host, host_size, NULL, 0, 0)) != 0) {
if (ret == EAI_NONAME) {
return 0;
} else {
return sock_gai_error(ret);
}
}
return 0;
}
int sock_set_socket_timeout_micros(int fd, long recv_micros, long send_micros) {
struct timeval recv_to = {.tv_sec = recv_micros / 1000000, .tv_usec = recv_micros % 1000000},
send_to = {.tv_sec = send_micros / 1000000, .tv_usec = send_micros % 1000000};
if (setsockopt(s->socket, SOL_SOCKET, SO_RCVTIMEO, &recv_to, sizeof(recv_to)) != 0)
if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &recv_to, sizeof(recv_to)) != 0)
return -1;
if (setsockopt(s->socket, SOL_SOCKET, SO_SNDTIMEO, &send_to, sizeof(send_to)) != 0)
if (setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &send_to, sizeof(send_to)) != 0)
return -1;
return 0;
}
int sock_set_socket_timeout(sock *s, double sec) {
return sock_set_socket_timeout_micros(s, (long) (sec * 1000000L), (long) (sec * 1000000L));
return sock_set_socket_timeout_micros(s->socket, (long) (sec * 1000000L), (long) (sec * 1000000L));
}
int sock_set_timeout_micros(sock *s, long micros) {
@@ -90,28 +204,65 @@ int sock_set_timeout(sock *s, double sec) {
}
long sock_send(sock *s, void *buf, unsigned long len, int flags) {
if (s->socket < 0) {
errno = ENOTCONN;
return -1;
}
long ret;
if (s->enc) {
ret = SSL_write(s->ssl, buf, (int) len);
if (ret <= 0) sock_error(s, (int) ret);
} else if (s->pipe) {
if (flags & ~MSG_MORE) {
errno = EINVAL;
return -1;
}
ret = write(s->socket, buf, len);
} else {
ret = send(s->socket, buf, len, flags);
}
if (ret >= 0) {
s->ts_last = clock_micros();
s->ts_last_send = s->ts_last;
return ret;
} else {
return -1;
}
}
long sock_send_x(sock *s, void *buf, unsigned long len, int flags) {
for (long ret, sent = 0; sent < len; sent += ret) {
if ((ret = sock_send(s, (unsigned char *) buf + sent, len - sent, flags)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
}
return (long) len;
}
long sock_recv(sock *s, void *buf, unsigned long len, int flags) {
if (s->socket < 0) {
errno = ENOTCONN;
return -1;
}
long ret;
if (s->enc) {
int (*func)(SSL*, void*, int) = (flags & MSG_PEEK) ? SSL_peek : SSL_read;
int (*func)(SSL *, void *, int) = (flags & MSG_PEEK) ? SSL_peek : SSL_read;
ret = func(s->ssl, buf, (int) len);
if (ret <= 0) sock_error(s, (int) ret);
} else if (s->pipe) {
if (flags & ~MSG_WAITALL) {
errno = EINVAL;
return -1;
}
ret = read(s->socket, buf, len);
} else {
ret = recv(s->socket, buf, len, flags);
}
@@ -124,95 +275,212 @@ long sock_recv(sock *s, void *buf, unsigned long len, int flags) {
}
}
long sock_splice(sock *dst, sock *src, void *buf, unsigned long buf_len, unsigned long len) {
long ret;
unsigned long send_len = 0;
unsigned long next_len;
while (send_len < len) {
next_len = (buf_len < (len - send_len)) ? buf_len : (len - send_len);
ret = sock_recv(src, buf, next_len, 0);
if (ret <= 0) return -2;
next_len = ret;
ret = sock_send(dst, buf, next_len, send_len + next_len < len ? MSG_MORE : 0);
if (ret < 0) return -1;
if (ret != next_len) return -3;
send_len += next_len;
long sock_recv_x(sock *s, void *buf, unsigned long len, int flags) {
for (long ret, rcv = 0; rcv < len; rcv += ret) {
if ((ret = sock_recv(s, (unsigned char *) buf + rcv, len - rcv, flags | MSG_WAITALL)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
}
return (long) send_len;
return (long) len;
}
long sock_splice_chunked(sock *dst, sock *src, void *buf, unsigned long buf_len) {
long ret;
unsigned long send_len = 0;
unsigned long next_len;
long sock_splice(sock *dst, sock *src, void *buf, unsigned long buf_len, unsigned long len) {
long send_len = 0;
while (1) {
ret = sock_get_chunk_header(src);
if (ret < 0) return -2;
if ((src->pipe || dst->pipe) && !src->enc && !dst->enc) {
for (long ret; send_len < len; send_len += ret) {
if ((ret = splice(src->socket, 0, dst->socket, 0, len, 0)) == -1) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
}
} else {
for (long ret, next_len; send_len < len; send_len += ret) {
next_len = (long) ((buf_len < (len - send_len)) ? buf_len : (len - send_len));
if ((ret = sock_recv(src, buf, next_len, MSG_WAITALL)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else {
return -1;
}
}
if (sock_send_x(dst, buf, ret, send_len + ret < len ? MSG_MORE : 0) == -1)
return -1;
}
}
return send_len;
}
long sock_splice_all(sock *dst, sock *src, void *buf, unsigned long buf_len) {
long send_len = 0;
for (long ret;; send_len += ret) {
if ((ret = sock_recv(src, buf, buf_len, 0)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0, ret = 0;
continue;
} else if (ret == 0) {
break;
} else {
return -1;
}
}
if (sock_send_x(dst, buf, ret, 0) == -1)
return -1;
}
return send_len;
}
long sock_splice_chunked(sock *dst, sock *src, void *buf, unsigned long buf_len, int flags) {
long ret;
unsigned long send_len = 0, next_len;
do {
if ((ret = sock_recv_chunk_header(src)) == -1)
return -1;
next_len = ret;
if (next_len <= 0) break;
ret = sock_splice(dst, src, buf, buf_len, next_len);
if (ret < 0) return ret;
}
if (flags & SOCK_CHUNKED)
if (sock_send_chunk_header(dst, next_len) == -1)
return -1;
if ((ret = sock_splice(dst, src, buf, buf_len, next_len)) == -1)
return ret;
send_len += ret;
if (sock_recv_chunk_trailer(src) == -1)
return -1;
if (flags & SOCK_CHUNKED)
if (sock_send_chunk_trailer(dst) == -1)
return -1;
} while (!(flags & SOCK_SINGLE_CHUNK) && next_len != 0);
return (long) send_len;
}
int sock_close(sock *s) {
int e = errno;
if (s->enc && s->ssl != NULL) {
if (s->ssl != NULL) {
SSL_shutdown(s->ssl);
SSL_free(s->ssl);
s->ssl = NULL;
}
close(s->socket);
s->socket = 0;
s->enc = 0;
if (s->socket != -1) close(s->socket);
s->socket = -1;
s->enc = 0, s->pipe = 0;
errno = e;
return 0;
}
int sock_has_pending(sock *s) {
char buf[1];
int sock_has_pending(sock *s, int flags) {
int e = errno;
long ret = sock_recv(s, &buf, 1, MSG_PEEK | MSG_DONTWAIT);
long ret;
if (s->pipe) {
int arg;
ioctl(s->socket, FIONREAD, &arg);
ret = arg;
} else if (s->enc && (flags & SOCK_DONTWAIT)) {
ret = SSL_pending(s->ssl);
} else {
char buf[1];
ret = sock_recv(s, &buf, sizeof(buf), MSG_PEEK | ((flags & SOCK_DONTWAIT) ? MSG_DONTWAIT : 0));
}
errno = e;
return ret == 1;
return ret > 0;
}
long sock_parse_chunk_header(const char *buf, long len, long *ret_len) {
for (int i = 0; i < len; i++) {
char ch = buf[i];
if (ch == '\r') {
continue;
} else if (ch == '\n') {
if (ret_len != NULL) *ret_len = i + 1;
return strtol(buf, NULL, 16);
} else if (!((ch >= '0' && ch <= '9') || (ch >= 'a' && ch <= 'f') || (ch >= 'A' && ch <= 'F'))) {
return -2;
}
long sock_recv_chunk_header(sock *s) {
if (s->pipe) {
uint64_t len;
if (sock_recv_x(s, &len, sizeof(len), 0) == -1)
return -1;
return (long) len;
}
return -1;
}
long sock_get_chunk_header(sock *s) {
long ret, len;
char buf[16];
long ret;
size_t len = 0;
char buf[20];
do {
ret = sock_recv(s, buf, sizeof(buf), MSG_PEEK);
if (ret <= 0) return -2;
else if (ret < 2) continue;
if ((ret = sock_recv(s, buf, sizeof(buf) - 1, MSG_PEEK)) <= 0) {
if (errno == EINTR || errno == EAGAIN) {
errno = 0;
continue;
} else {
return -1;
}
} else if (ret < 2) {
continue;
}
buf[ret] = 0;
ret = sock_parse_chunk_header(buf, ret, &len);
if (ret == -2) return -1;
if ((ret = parse_chunk_header(buf, ret, &len)) == -1 && errno == EPROTO)
return -1;
} while (ret < 0);
if (sock_recv(s, buf, len, 0) != len)
return -2;
if (sock_recv_x(s, buf, len, 0) == -1)
return -1;
return ret;
}
int sock_send_chunk_header(sock *s, unsigned long size) {
if (s->pipe) {
uint64_t len = size;
if (sock_send_x(s, &len, sizeof(len), 0) == -1)
return -1;
} else {
char buf[20];
if (sock_send_x(s, buf, sprintf(buf, "%lX\r\n", size), 0) == -1)
return -1;
}
return 0;
}
int sock_recv_chunk_trailer(sock *s) {
if (s->pipe) return 0;
char buf[2];
if (sock_recv_x(s, buf, sizeof(buf), MSG_PEEK) == -1)
return -1;
if (buf[0] != '\r' || buf[1] != '\n') {
errno = EPROTO;
return -1;
}
if (sock_recv_x(s, buf, sizeof(buf), 0) == -1)
return -1;
return 0;
}
int sock_send_chunk_trailer(sock *s) {
if (s->pipe) return 0;
if (sock_send_x(s, "\r\n", 2, 0) == -1)
return -1;
return 0;
}
int sock_send_last_chunk(sock *s) {
if (s->pipe) return sock_send_chunk_header(s, 0);
if (sock_send_x(s, "0\r\n\r\n", 5, 0) == -1)
return -1;
return 0;
}

42
src/lib/sock.h
View File

@@ -13,8 +13,16 @@
#include <sys/socket.h>
#include <arpa/inet.h>
#define SOCK_CHUNKED 1
#define SOCK_SINGLE_CHUNK 2
#define SOCK_ENCRYPTED 1
#define SOCK_PIPE 2
#define SOCK_DONTWAIT 1
typedef struct {
unsigned int enc:1;
unsigned int enc:1, pipe:1;
int socket;
union {
struct sockaddr sock;
@@ -23,14 +31,22 @@ typedef struct {
char *addr, *s_addr;
SSL_CTX *ctx;
SSL *ssl;
long ts_start, ts_last, timeout_us;
long ts_start, ts_last, ts_last_send, timeout_us;
} sock;
void sock_error(sock *s, int ret);
const char *sock_error_str(unsigned long err);
int sock_set_socket_timeout_micros(sock *s, long recv_micros, long send_micros);
int sock_init(sock *s, int fd, int flags);
int sock_connect(const char *hostname, unsigned short port, double timeout_sec, char *addr_buf, size_t addr_buf_size);
int sock_reverse_lookup(const sock *s, char *host, size_t host_size);
int sock_init_addr_str(const sock *s, char *c_addr, size_t c_addr_size, char *s_addr, size_t s_addr_size);
int sock_set_socket_timeout_micros(int fd, long recv_micros, long send_micros);
int sock_set_socket_timeout(sock *s, double sec);
@@ -40,18 +56,30 @@ int sock_set_timeout(sock *s, double sec);
long sock_send(sock *s, void *buf, unsigned long len, int flags);
long sock_send_x(sock *s, void *buf, unsigned long len, int flags);
long sock_recv(sock *s, void *buf, unsigned long len, int flags);
long sock_recv_x(sock *s, void *buf, unsigned long len, int flags);
long sock_splice(sock *dst, sock *src, void *buf, unsigned long buf_len, unsigned long len);
long sock_splice_chunked(sock *dst, sock *src, void *buf, unsigned long buf_len);
long sock_splice_all(sock *dst, sock *src, void *buf, unsigned long buf_len);
long sock_splice_chunked(sock *dst, sock *src, void *buf, unsigned long buf_len, int flags);
int sock_close(sock *s);
int sock_has_pending(sock *s);
int sock_has_pending(sock *s, int flags);
long sock_parse_chunk_header(const char *buf, long len, long *ret_len);
long sock_recv_chunk_header(sock *s);
long sock_get_chunk_header(sock *s);
int sock_send_chunk_header(sock *s, unsigned long size);
int sock_recv_chunk_trailer(sock *s);
int sock_send_chunk_trailer(sock *s);
int sock_send_last_chunk(sock *s);
#endif //SESIMOS_SOCK_H

86
src/lib/uri.c
View File

@@ -39,12 +39,9 @@ int path_exists(const char *path) {
}
int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mode) {
char buf0[1024];
char buf1[1024];
char buf2[1024];
char buf3[1024];
char buf4[1024];
char buf0[1024], buf1[1024], buf2[1024], buf3[1024], buf4[1024];
int p_len;
uri->webroot = NULL;
uri->req_path = NULL;
uri->path = NULL;
@@ -55,9 +52,10 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
uri->meta = NULL;
uri->is_static = 1;
uri->is_dir = 0;
if (uri_str[0] != '/') {
if (uri_str[0] != '/')
return 1;
}
uri->webroot = malloc(strlen(webroot) + 1);
strcpy(uri->webroot, webroot);
@@ -75,12 +73,10 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
long size = (long) strlen(uri_str) + 1;
uri->req_path = malloc(size);
url_decode(uri_str, uri->req_path, &size);
if (query != NULL) {
query[-1] = '?';
}
if (strcontains(uri->req_path, "/../") || strcontains(uri->req_path, "/./")) {
if (query != NULL) query[-1] = '?';
if (strcontains(uri->req_path, "/../") || strcontains(uri->req_path, "/./"))
return 2;
}
size = (long) strlen(uri->req_path) + 1;
uri->path = malloc(size);
@@ -96,9 +92,8 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
last = ch;
}
if (dir_mode == URI_DIR_MODE_NO_VALIDATION) {
if (dir_mode == URI_DIR_MODE_NO_VALIDATION)
return 0;
}
if (uri->path[strlen(uri->path) - 1] == '/') {
uri->path[strlen(uri->path) - 1] = 0;
@@ -107,26 +102,20 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
strcpy(uri->pathinfo, "");
}
if (!path_exists(uri->webroot)) {
if (!path_exists(uri->webroot))
return 3;
}
while (1) {
sprintf(buf0, "%s%s", uri->webroot, uri->path);
p_len = snprintf(buf1, sizeof(buf1), "%s.ncr", buf0);
p_len = snprintf(buf1, sizeof(buf1), "%s.xhtml", buf0);
if (p_len < 0 || p_len >= sizeof(buf1)) return -1;
p_len = snprintf(buf2, sizeof(buf2), "%s.php", buf0);
p_len = snprintf(buf2, sizeof(buf2), "%s.html", buf0);
if (p_len < 0 || p_len >= sizeof(buf2)) return -1;
p_len = snprintf(buf3, sizeof(buf3), "%s.html", buf0);
p_len = snprintf(buf3, sizeof(buf3), "%s.php", buf0);
if (p_len < 0 || p_len >= sizeof(buf3)) return -1;
if (strlen(uri->path) <= 1 ||
path_exists(buf0) ||
path_is_file(buf1) ||
path_is_file(buf2) ||
path_is_file(buf3)) {
if (strlen(uri->path) <= 1 || path_exists(buf0) || path_is_file(buf1) || path_is_file(buf2) || path_is_file(buf3))
break;
}
char *ptr;
parent_dir:
@@ -145,40 +134,44 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
uri->filename = malloc(strlen(buf0) + 1);
strcpy(uri->filename, buf0);
long len = (long) strlen(uri->path);
if (strends(uri->path, ".ncr") || strends(uri->path, ".php")) {
uri->path[len - 4] = 0;
uri->is_static = 0;
if (strends(uri->path, ".xhtml")) {
uri->path[len - 6] = 0;
} else if (strends(uri->path, ".html")) {
uri->path[len - 5] = 0;
} else if (strends(uri->path, ".php")) {
uri->path[len - 4] = 0;
uri->is_static = 0;
}
} else if (path_is_file(buf1)) {
uri->is_static = 0;
uri->filename = malloc(strlen(buf1) + 1);
strcpy(uri->filename, buf1);
} else if (path_is_file(buf2)) {
uri->is_static = 0;
uri->filename = malloc(strlen(buf2) + 1);
strcpy(uri->filename, buf2);
} else if (path_is_file(buf3)) {
uri->filename = malloc(strlen(buf3) + 1);
strcpy(uri->filename, buf3);
uri->is_static = 0;
} else {
uri->is_dir = 1;
strcpy(uri->path + strlen(uri->path), "/");
sprintf(buf1, "%s%sindex.ncr", uri->webroot, uri->path);
sprintf(buf2, "%s%sindex.php", uri->webroot, uri->path);
sprintf(buf3, "%s%sindex.html", uri->webroot, uri->path);
if (path_is_file(buf1)) {
sprintf(buf1, "%s%s" "index.xhtml", uri->webroot, uri->path);
sprintf(buf2, "%s%s" "index.html", uri->webroot, uri->path);
sprintf(buf3, "%s%s" "index.php", uri->webroot, uri->path);
if (path_is_file(buf3) && uri->pathinfo[0] != 0) {
uri->filename = malloc(strlen(buf3) + 1);
strcpy(uri->filename, buf3);
uri->is_static = 0;
} else if (path_is_file(buf1)) {
uri->filename = malloc(strlen(buf1) + 1);
strcpy(uri->filename, buf1);
uri->is_static = 0;
} else if (path_is_file(buf2)) {
uri->filename = malloc(strlen(buf2) + 1);
strcpy(uri->filename, buf2);
uri->is_static = 0;
} else if (path_is_file(buf3)) {
uri->filename = malloc(strlen(buf3) + 1);
strcpy(uri->filename, buf3);
uri->is_static = 0;
} else {
if (dir_mode == URI_DIR_MODE_FORBIDDEN) {
uri->is_static = 1;
@@ -195,20 +188,17 @@ int uri_init(http_uri *uri, const char *webroot, const char *uri_str, int dir_mo
}
}
if (strends(uri->path + strlen(uri->path), "index")) {
if (strends(uri->path, "/index"))
uri->path[strlen(uri->path) - 5] = 0;
}
if (streq(uri->pathinfo, "index.ncr") ||
streq(uri->pathinfo, "index.php") ||
streq(uri->pathinfo, "index.html")) {
uri->pathinfo[0] = 0;
}
sprintf(buf0, "%s%s%s%s%s", uri->path,
(strlen(uri->pathinfo) == 0 || uri->path[strlen(uri->path) - 1] == '/') ? "" : "/", uri->pathinfo,
uri->query != NULL ? "?" : "", uri->query != NULL ? uri->query : "");
uri->uri = malloc(strlen(buf0) + 1);
strcpy(uri->uri, buf0);
if (streq(uri->pathinfo, "index.php") || streq(uri->pathinfo, "index.html") || streq(uri->pathinfo, "index.xhtml"))
uri->pathinfo[0] = 0;
sprintf(buf4, "%s%s%s%s%s", uri->path,
(strlen(uri->pathinfo) == 0 || uri->path[strlen(uri->path) - 1] == '/') ? "" : "/",
uri->pathinfo, uri->query != NULL ? "?" : "", uri->query != NULL ? uri->query : "");
uri->uri = malloc(strlen(buf4) + 1);
strcpy(uri->uri, buf4);
return 0;
}

3
src/lib/uri.h
View File

@@ -38,8 +38,7 @@ typedef struct {
char *filename; // "/account/index.php"
char *uri; // "/account/login?username=test"
metadata_t *meta;
unsigned int is_static:1;
unsigned int is_dir:1;
unsigned int is_static:1, is_dir:1;
} http_uri;

76
src/lib/utils.c
View File

@@ -20,6 +20,24 @@
static const char base64_encode_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const int base64_mod_table[3] = {0, 2, 1};
static const char base64_decode_table[256] = {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, 0, -1, -1,
-1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1,
-1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
};
char *format_duration(unsigned long micros, char *buf) {
@@ -150,6 +168,7 @@ int mime_is_text(const char *restrict type) {
streq(type_parsed, "application/javascript") ||
streq(type_parsed, "application/json") ||
streq(type_parsed, "application/xml") ||
streq(type_parsed, "application/sql") ||
streq(type_parsed, "application/x-www-form-urlencoded") ||
streq(type_parsed, "application/x-tex") ||
streq(type_parsed, "application/x-httpd-php") ||
@@ -157,9 +176,8 @@ int mime_is_text(const char *restrict type) {
streq(type_parsed, "application/x-javascript");
}
int strcpy_rem_webroot(char *dst, const char *src, long len, const char *webroot) {
memcpy(dst, src, len);
dst[len] = 0;
int strcpy_rem_webroot(char *dst, const char *src, const char *webroot) {
strcpy(dst, src);
if (webroot == NULL)
return 0;
@@ -207,25 +225,25 @@ int strcontains(const char *restrict haystack, const char *restrict needle) {
int strstarts(const char *restrict str, const char *restrict prefix) {
if (str == NULL || prefix == NULL) return 0;
unsigned long l1 = strlen(str), l2 = strlen(prefix);
const unsigned long l1 = strlen(str), l2 = strlen(prefix);
return l2 <= l1 && strncmp(str, prefix, l2) == 0;
}
int strends(const char *restrict str, const char *restrict suffix) {
if (str == NULL || suffix == NULL) return 0;
unsigned long l1 = strlen(str), l2 = strlen(suffix);
const unsigned long l1 = strlen(str), l2 = strlen(suffix);
return l2 <= l1 && strcmp(str + l1 - l2, suffix) == 0;
}
int base64_encode(void *data, unsigned long data_len, char *output, unsigned long *output_len) {
unsigned long out_len = 4 * ((data_len + 2) / 3);
const unsigned long out_len = 4 * ((data_len + 2) / 3);
if (output_len != NULL) *output_len = out_len;
for (int i = 0, j = 0; i < data_len;) {
unsigned int octet_a = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int octet_b = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int octet_c = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int triple = (octet_a << 0x10) + (octet_b << 0x08) + octet_c;
const unsigned int octet_a = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
const unsigned int octet_b = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
const unsigned int octet_c = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
const unsigned int triple = (octet_a << 16) | (octet_b << 8) | octet_c;
output[j++] = base64_encode_table[(triple >> 3 * 6) & 0x3F];
output[j++] = base64_encode_table[(triple >> 2 * 6) & 0x3F];
output[j++] = base64_encode_table[(triple >> 1 * 6) & 0x3F];
@@ -239,6 +257,28 @@ int base64_encode(void *data, unsigned long data_len, char *output, unsigned lon
return 0;
}
int base64_decode(const char *data, unsigned long data_len, void *output, unsigned long *output_len) {
const unsigned long out_len = 3 * ((data_len + 2) / 4);
if (output_len != NULL) *output_len = out_len;
char *out = output;
for (int i = 0, j = 0; i < data_len;) {
const int octet_a = (i < data_len) ? base64_decode_table[((unsigned char *) data)[i++]] : 0;
const int octet_b = (i < data_len) ? base64_decode_table[((unsigned char *) data)[i++]] : 0;
const int octet_c = (i < data_len) ? base64_decode_table[((unsigned char *) data)[i++]] : 0;
const int octet_d = (i < data_len) ? base64_decode_table[((unsigned char *) data)[i++]] : 0;
if (octet_a < 0 || octet_b < 0 || octet_c < 0 || octet_d < 0) return -1;
const unsigned int triple = (octet_a << 3 * 6) | (octet_b << 2 * 6) | (octet_c << 6) | octet_d;
out[j++] = (char) (triple >> 16);
out[j++] = (char) ((triple >> 8) & 0xFF);
out[j++] = (char) (triple & 0xFF);
}
out[out_len] = 0;
return 0;
}
long clock_micros(void) {
struct timespec time;
clock_gettime(CLOCK_MONOTONIC, &time);
@@ -383,3 +423,19 @@ long ftelll(FILE *file) {
return -1;
return lines + 1;
}
long parse_chunk_header(const char *buf, size_t len, size_t *ret_len) {
for (int i = 0; i < len; i++) {
char ch = buf[i];
if (ch == '\r') {
continue;
} else if (ch == '\n' && i > 1 && buf[i - 1] == '\r') {
if (ret_len != NULL) *ret_len = i + 1;
return strtol(buf, NULL, 16);
} else if (!((ch >= '0' && ch <= '9') || (ch >= 'a' && ch <= 'f') || (ch >= 'A' && ch <= 'F'))) {
errno = EPROTO;
return -1;
}
}
return -1;
}

6
src/lib/utils.h
View File

@@ -31,7 +31,7 @@ int mime_is_compressible(const char *restrict type);
int mime_is_text(const char *restrict type);
int strcpy_rem_webroot(char *dst, const char *str, long len, const char *webroot);
int strcpy_rem_webroot(char *dst, const char *str, const char *webroot);
int str_trim(char **start, char **end);
@@ -47,6 +47,8 @@ int strends(const char *restrict str, const char *restrict suffix);
int base64_encode(void *data, unsigned long data_len, char *output, unsigned long *output_len);
int base64_decode(const char *data, unsigned long data_len, void *output, unsigned long *output_len);
long clock_micros(void);
long clock_cpu(void);
@@ -65,4 +67,6 @@ int fseekl(FILE *file, long line_num);
long ftelll(FILE *file);
long parse_chunk_header(const char *buf, size_t len, size_t *ret_len);
#endif //SESIMOS_UTILS_H

14
src/lib/websocket.c
View File

@@ -36,13 +36,9 @@ int ws_calc_accept_key(const char *key, char *accept_key) {
int ws_recv_frame_header(sock *s, ws_frame *frame) {
unsigned char buf[12];
long ret = sock_recv(s, buf, 2, 0);
if (ret < 0) {
if (sock_recv_x(s, buf, 2, 0) == -1) {
error("Unable to receive from socket");
return -1;
} else if (ret != 2) {
error("Unable to receive 2 bytes from socket");
return -2;
}
unsigned short bits = (buf[0] << 8) | buf[1];
@@ -61,13 +57,9 @@ int ws_recv_frame_header(sock *s, ws_frame *frame) {
remaining += 8;
}
ret = sock_recv(s, buf, remaining, 0);
if (ret < 0) {
if (sock_recv_x(s, buf, remaining, 0) == -1) {
error("Unable to receive from socket");
return -1;
} else if (ret != remaining) {
error("Unable to receive correct number of bytes from socket");
return -2;
}
if (len == 126) {
@@ -125,7 +117,7 @@ int ws_send_frame_header(sock *s, ws_frame *frame) {
ptr += 4;
}
long ret = sock_send(s, buf, ptr - buf, frame->len != 0 ? MSG_MORE : 0);
long ret = sock_send_x(s, buf, ptr - buf, frame->len != 0 ? MSG_MORE : 0);
if (ret < 0) {
error("Unable to send to socket");
return -1;

43
src/logger.c
View File

@@ -20,14 +20,17 @@
#include <malloc.h>
#define LOG_MAX_MSG_SIZE 2048
#define LOG_BUF_SIZE 16
#define LOG_BUF_SIZE 256
#define LOG_NAME_LEN 12
#define LOG_PREFIX_LEN 256
#define LOG_PREFIX "[%-8s][%-6s]"
#define LOG_PREFIX "[%8s][%-8s][%-6s]"
#define LOG_TIME_BUF_SIZE 9
#define LOG_TIME_FMT "%H:%M:%S"
typedef struct {
log_lvl_t lvl;
long time;
char name[LOG_NAME_LEN];
char prefix[LOG_PREFIX_LEN];
char txt[LOG_MAX_MSG_SIZE];
@@ -58,15 +61,20 @@ static const char *level_keywords[] = {
"DEBUG"
};
static const char *timestr(time_t ts, char *buf) {
struct tm time_info;
strftime(buf, LOG_TIME_BUF_SIZE, LOG_TIME_FMT, localtime_r(&ts, &time_info));
return buf;
}
static void err(const char *restrict msg) {
char err_buf[64];
fprintf(stderr, ERR_STR LOG_PREFIX " %s: %s" CLR_STR "\n", "logger",
char err_buf[64], time_buf[LOG_TIME_BUF_SIZE];
fprintf(stderr, ERR_STR LOG_PREFIX " %s: %s" CLR_STR "\n", timestr(time(NULL), time_buf), "logger",
level_keywords[LOG_CRITICAL], msg, error_str(errno, err_buf, sizeof(err_buf)));
}
void logmsgf(log_lvl_t level, const char *restrict format, ...) {
char buf[256];
char err_buf[64];
char buf[256], err_buf[256], time_buf[LOG_TIME_BUF_SIZE];
va_list args;
va_start(args, format);
@@ -85,16 +93,19 @@ void logmsgf(log_lvl_t level, const char *restrict format, ...) {
if (!alive) {
// no logger thread running
// simply write to stdout without synchronization
printf("%s" LOG_PREFIX "%s%s ", color, (name != NULL) ? (char *) name : "", level_keywords[level], CLR_STR, (prefix != NULL) ? (char *) prefix : "");
printf("%s" LOG_PREFIX "%s%s ", color,
timestr(time(NULL), time_buf),
(name != NULL) ? (char *) name : "",
level_keywords[level], CLR_STR,
(prefix != NULL) ? (char *) prefix : "");
vprintf(buf, args);
printf("\n");
} else {
// wait for free slot in buffer
try_again_free:
if (sem_wait(&sem_buf_free) != 0) {
while (sem_wait(&sem_buf_free) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_free;
continue;
} else {
err("Unable to lock semaphore");
errno = 0;
@@ -105,11 +116,10 @@ void logmsgf(log_lvl_t level, const char *restrict format, ...) {
}
// try to lock buffer
try_again_buf:
if (sem_wait(&sem_buf) != 0) {
while (sem_wait(&sem_buf) != 0) {
if (errno == EINTR) {
errno = 0;
goto try_again_buf;
continue;
} else {
err("Unable to lock semaphore");
errno = 0;
@@ -126,6 +136,7 @@ void logmsgf(log_lvl_t level, const char *restrict format, ...) {
vsnprintf(msg->txt, sizeof(msg->txt), buf, args);
msg->lvl = level;
msg->time = time(NULL);
if (name != NULL) {
snprintf(msg->name, sizeof(msg->name), "%s", (char *) name);
@@ -187,7 +198,8 @@ void logger_set_name(const char *restrict format, ...) {
}
// set thread name
pthread_setname_np(pthread_self(), global_name);
// warning: max length is 16 (incl. terminating null byte)
pthread_setname_np(pthread_self(), ptr);
// cleanup
va_end(args);
@@ -220,6 +232,8 @@ void logger_set_prefix(const char *restrict format, ...) {
}
static void *logger_thread(void *arg) {
char time_buf[LOG_TIME_BUF_SIZE];
logger_set_name("logger");
alive = 1;
@@ -241,6 +255,7 @@ static void *logger_thread(void *arg) {
printf("%s" LOG_PREFIX "%s%s %s\n",
(msg->lvl <= LOG_ERROR) ? ERR_STR : ((msg->lvl <= LOG_WARNING) ? WRN_STR : ""),
(timestr(msg->time, time_buf)),
(msg->name[0] != 0) ? (char *) msg->name : "", level_keywords[msg->lvl], CLR_STR,
(msg->prefix[0] != 0) ? (char *) msg->prefix : "", msg->txt);

74
src/server.c
View File

@@ -40,6 +40,8 @@ static SSL_CTX *contexts[CONFIG_MAX_CERT_CONFIG];
static client_ctx_t **clients;
static sem_t sem_clients_lock;
static void terminate_gracefully(int sig);
static void clean(void) {
notice("Cleaning sesimos cache and metadata files...");
@@ -82,10 +84,10 @@ static int ssl_servername_cb(SSL *ssl, int *ad, void *arg) {
void server_free_client(client_ctx_t *ctx) {
// try to lock clients list
retry:
if (sem_wait(&sem_clients_lock) != 0) {
while (sem_wait(&sem_clients_lock) != 0) {
if (errno == EINTR) {
goto retry;
errno = 0;
continue;
} else {
critical("Unable to lock clients list");
return;
@@ -121,7 +123,7 @@ static void accept_cb(void *arg) {
client_ctx_t *client_ctx = malloc(sizeof(client_ctx_t));
if (client_ctx == NULL) {
critical("Unable to allocate memory for client context");
errno = 0;
terminate_gracefully(0);
return;
}
sock *client = &client_ctx->socket;
@@ -132,23 +134,22 @@ static void accept_cb(void *arg) {
if (client_fd < 0) {
critical("Unable to accept connection");
free(client_ctx);
terminate_gracefully(0);
return;
}
client->socket = client_fd;
client->enc = (i == 1);
client->ts_start = clock_micros();
client->ts_last = client->ts_start;
sock_init(client, client_fd, (i == 1) ? SOCK_ENCRYPTED : 0);
client_ctx->cnx_s = client->ts_start;
client_ctx->cnx_e = -1, client_ctx->req_s = -1, client_ctx->req_e = -1, client_ctx->res_ts = -1;
// try to lock clients list
retry:
if (sem_wait(&sem_clients_lock) != 0) {
while (sem_wait(&sem_clients_lock) != 0) {
if (errno == EINTR) {
goto retry;
errno = 0;
continue;
} else {
critical("Unable to lock clients list");
terminate_gracefully(0);
return;
}
}
@@ -157,8 +158,9 @@ static void accept_cb(void *arg) {
clients = list_append(clients, &client_ctx);
if (clients == NULL) {
critical("Unable to add client context to list");
sem_post(&sem_clients_lock);
free(client_ctx);
errno = 0;
terminate_gracefully(0);
return;
}
@@ -185,7 +187,7 @@ static void terminate_forcefully(int sig) {
}
static void terminate_gracefully(int sig) {
fprintf(stderr, "\n");
if (sig != 0) fprintf(stderr, "\n");
notice("Terminating gracefully...");
struct sigaction act = {0};
@@ -193,20 +195,27 @@ static void terminate_gracefully(int sig) {
sigaction(SIGINT, &act, NULL);
sigaction(SIGTERM, &act, NULL);
debug("Closing listening sockets...");
for (int i = 0; i < NUM_SOCKETS; i++) {
close(sockets[i]);
}
debug("Stopping workers...");
cache_stop();
workers_stop();
debug("Destroying workers...");
workers_destroy();
while (list_size(clients) > 0)
tcp_close(clients[0]);
logger_set_prefix("");
debug("Closing proxy connections...");
proxy_close_all();
debug("Closing client connections...");
while (list_size(clients) > 0)
tcp_close(clients[0]);
logger_set_prefix("");
debug("Stopping async loop...");
async_stop();
}
@@ -313,12 +322,6 @@ int main(int argc, char *const argv[]) {
return 1;
}
if ((ret = cache_init()) != 0) {
geoip_free();
if (ret == -1) critical("Unable to initialize cache");
return 1;
}
for (int i = 0; i < CONFIG_MAX_CERT_CONFIG; i++) {
const cert_config_t *conf = &config.certs[i];
if (conf->name[0] == 0) break;
@@ -328,7 +331,7 @@ int main(int argc, char *const argv[]) {
SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY);
SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4");
SSL_CTX_set_ecdh_auto(ctx, 1);
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
@@ -392,7 +395,21 @@ int main(int argc, char *const argv[]) {
}
logger_init();
logger_set_name("server");
if ((ret = cache_init()) != 0) {
if (ret == -1) critical("Unable to initialize cache");
ssl_free();
geoip_free();
list_free(clients);
sem_destroy(&sem_clients_lock);
async_free();
proxy_unload();
logger_stop();
logger_join();
return 1;
}
logger_set_name("main");
workers_init();
@@ -402,7 +419,13 @@ int main(int argc, char *const argv[]) {
notice("Ready to accept connections");
int error = 0;
async_thread();
if (errno != 0) {
errno = 0;
error = 2;
terminate_gracefully(0);
}
notice("Goodbye!");
@@ -416,5 +439,6 @@ int main(int argc, char *const argv[]) {
async_free();
logger_stop();
logger_join();
return 0;
return error;
}

5
src/server.h
View File

@@ -14,8 +14,11 @@
#define NUM_SOCKETS 2
#define LISTEN_BACKLOG 16
#define REQ_PER_CONNECTION 200
#define SOCKET_TIMEOUT 1
#define CLIENT_TIMEOUT 3600
#define SERVER_TIMEOUT_INIT 4
#define SERVER_SOCKET_TIMEOUT_INIT 5
#define SERVER_SOCKET_TIMEOUT_RES 60
#define SERVER_TIMEOUT 3600
#define CNX_HANDLER_WORKERS 8

51
src/worker/chunk_handler.c Normal file
View File

@@ -0,0 +1,51 @@
/**
* sesimos - secure, simple, modern web server
* @brief FastCGI frame handler
* @file src/worker/fcgi_frame_handler.c
* @author Lorenz Stechauner
* @date 2023-01-22
*/
#include "func.h"
#include "../logger.h"
#include "../workers.h"
#include <errno.h>
void chunk_handler_func(chunk_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
char buf[CHUNK_SIZE];
const long sent = sock_splice_chunked(&ctx->client->socket, ctx->socket, buf, sizeof(buf), ctx->flags | SOCK_SINGLE_CHUNK);
if (sent < 0) {
// error
error("Unable to splice chunk");
errno = 0;
ctx->err_cb(ctx);
} else if (sent == 0) {
// last chunk
ctx->client->chunks_transferred = 1;
ctx->next_cb(ctx);
} else {
// next chunk
ctx->client->transferred_length += sent;
handle_chunk(ctx);
return;
}
free(ctx);
}
int handle_chunks(client_ctx_t *ctx, sock *socket, int flags, void (*next_cb)(chunk_ctx_t *), void (*err_cb)(chunk_ctx_t *)) {
chunk_ctx_t *a = malloc(sizeof(chunk_ctx_t));
a->client = ctx;
a->socket = socket;
a->flags = flags;
a->next_cb = (void (*)(void *)) next_cb;
a->err_cb = (void (*)(void *)) err_cb;
handle_chunk(a);
return 0;
}

76
src/worker/fastcgi_frame_handler.c Normal file
View File

@@ -0,0 +1,76 @@
/**
* sesimos - secure, simple, modern web server
* @brief FastCGI frame handler
* @file src/worker/fastcgi_frame_handler.c
* @author Lorenz Stechauner
* @date 2023-01-22
*/
#include "func.h"
#include "../lib/fastcgi.h"
#include "../logger.h"
#include "../workers.h"
#include <errno.h>
#include <memory.h>
#include <unistd.h>
void fastcgi_frame_handler_func(fastcgi_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
switch (fastcgi_recv_frame(&ctx->cnx)) {
case FCGI_STDOUT:
case FCGI_STDERR:
fastcgi_handle_frame(ctx);
break;
case -1:
error("Unable to receive FastCGI frame");
ctx->client->s_keep_alive = 0;
fastcgi_close(ctx);
break;
default:
// end of request received
write(ctx->cnx.fd_out, "\0\0\0\0\0\0\0\0\r\n", 10);
fastcgi_close(ctx);
}
}
int fastcgi_handle_connection(client_ctx_t *ctx, fastcgi_cnx_t **cnx) {
sock_set_timeout(&(*cnx)->socket, FASTCGI_TIMEOUT);
sock_set_socket_timeout(&(*cnx)->socket, FASTCGI_SOCKET_TIMEOUT);
fastcgi_ctx_t *a = malloc(sizeof(fastcgi_ctx_t));
a->closed = 0;
a->client = ctx;
memcpy(&a->cnx, *cnx, sizeof(fastcgi_cnx_t));
ctx->fcgi_ctx = a;
fastcgi_handle_frame(a);
*cnx = &a->cnx;
return 0;
}
void fastcgi_close(fastcgi_ctx_t *ctx) {
ctx->closed++;
if (ctx->closed != 2)
return;
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
fastcgi_php_error(&ctx->cnx, NULL);
if (ctx->cnx.app_status != 0)
error("FastCGI app terminated with exit code %i", ctx->cnx.app_status);
debug("Closing FastCGI connection");
fastcgi_close_cnx(&ctx->cnx);
ctx->client->fcgi_ctx = NULL;
free(ctx);
errno = 0;
}
void fastcgi_close_error(fastcgi_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
fastcgi_close_cnx(&ctx->cnx);
}

152
src/worker/fastcgi_handler.c
View File

@@ -9,72 +9,97 @@
#include "func.h"
#include "../logger.h"
#include "../lib/utils.h"
#include "../lib/compress.h"
#include "../workers.h"
#include "../lib/fastcgi.h"
#include <string.h>
#include <errno.h>
#include <unistd.h>
static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx);
static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t **fcgi_cnx);
static int fastcgi_handler_2(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx);
void fastcgi_handler_func(client_ctx_t *ctx) {
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, ctx->req_host, CLR_STR, ctx->log_prefix);
fastcgi_cnx_t fcgi_cnx;
int ret = fastcgi_handler_1(ctx, &fcgi_cnx);
respond(ctx);
if (ret == 0) fastcgi_handler_2(ctx, &fcgi_cnx);
request_complete(ctx);
if (!ctx->chunks_transferred) {
fastcgi_cnx_t *fcgi_cnx = NULL;
int ret = fastcgi_handler_1(ctx, &fcgi_cnx);
respond(ctx);
if (ret == 0) {
fastcgi_handler_2(ctx, fcgi_cnx);
return;
} else if (ctx->fcgi_ctx != NULL) {
fastcgi_close(ctx->fcgi_ctx);
}
}
request_complete(ctx);
handle_request(ctx);
}
static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t **fcgi_cnx) {
http_res *res = &ctx->res;
http_req *req = &ctx->req;
http_uri *uri = &ctx->uri;
sock *client = &ctx->socket;
char *err_msg = ctx->err_msg;
fcgi_cnx->socket = 0;
fcgi_cnx->req_id = 0;
fcgi_cnx->r_addr = ctx->socket.addr;
fcgi_cnx->r_host = (ctx->host[0] != 0) ? ctx->host : NULL;
char buf[1024];
int mode, ret;
if (strends(uri->filename, ".ncr")) {
mode = FASTCGI_SESIMOS;
} else if (strends(uri->filename, ".php")) {
mode = FASTCGI_PHP;
if (strends(uri->filename, ".php")) {
mode = FASTCGI_BACKEND_PHP;
} else {
res->status = http_get_status(500);
error("Invalid FastCGI extension: %s", uri->filename);
return 0;
return 3;
}
struct stat statbuf;
stat(uri->filename, &statbuf);
char *last_modified = http_format_date(statbuf.st_mtime, buf, sizeof(buf));
http_add_header_field(&res->hdr, "Last-Modified", last_modified);
fastcgi_cnx_t fcgi_cnx_buf;
sock_init(&fcgi_cnx_buf.socket, -1, 0);
fcgi_cnx_buf.req_id = 0;
fcgi_cnx_buf.r_addr = ctx->socket.addr;
fcgi_cnx_buf.r_host = (ctx->host[0] != 0) ? ctx->host : NULL;
res->status = http_get_status(200);
if (fastcgi_init(fcgi_cnx, mode, ctx->req_num, client, req, uri) != 0) {
if (fastcgi_init(&fcgi_cnx_buf, mode, ctx->req_num, client, req, uri) != 0) {
fastcgi_close_cnx(&fcgi_cnx_buf);
res->status = http_get_status(503);
sprintf(err_msg, "Unable to communicate with FastCGI socket.");
return 2;
return 3;
}
(*fcgi_cnx) = &fcgi_cnx_buf;
fastcgi_handle_connection(ctx, fcgi_cnx);
int expect_100_continue = 0;
const char *client_expect = http_get_header_field(&req->hdr, "Expect");
if (client_expect != NULL && strcasecmp(client_expect, "100-continue") == 0) {
expect_100_continue = 1;
} else if (client_expect != NULL) {
fastcgi_close_cnx((&fcgi_cnx_buf));
res->status = http_get_status(417);
return 3;
}
const char *client_content_length = http_get_header_field(&req->hdr, "Content-Length");
const char *client_transfer_encoding = http_get_header_field(&req->hdr, "Transfer-Encoding");
if (client_content_length != NULL) {
if (expect_100_continue) {
info(HTTP_1XX_STR "100 Continue" CLR_STR);
http_send_100_continue(client);
}
unsigned long client_content_len = strtoul(client_content_length, NULL, 10);
ret = fastcgi_receive(fcgi_cnx, client, client_content_len);
ret = fastcgi_receive(*fcgi_cnx, client, client_content_len);
} else if (strcontains(client_transfer_encoding, "chunked")) {
ret = fastcgi_receive_chunked(fcgi_cnx, client);
if (expect_100_continue) {
info(HTTP_1XX_STR "100 Continue" CLR_STR);
http_send_100_continue(client);
}
ret = fastcgi_receive_chunked(*fcgi_cnx, client);
} else if (expect_100_continue) {
fastcgi_close_cnx((&fcgi_cnx_buf));
res->status = http_get_status(417);
return 3;
} else {
ret = 0;
}
@@ -87,11 +112,11 @@ static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
res->status = http_get_status(502);
return 2;
}
fastcgi_close_stdin(fcgi_cnx);
fastcgi_close_stdin(*fcgi_cnx);
ret = fastcgi_header(fcgi_cnx, res, err_msg);
if (ret != 0) {
return (ret < 0) ? -1 : 1;
if ((ret = fastcgi_header(*fcgi_cnx, res, err_msg)) != 0) {
if (ret == -1) res->status = http_get_status(502);
return ret;
}
const char *status_hdr = http_get_header_field(&res->hdr, "Status");
@@ -122,32 +147,13 @@ static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
ctx->content_length != -1 &&
ctx->content_length <= sizeof(ctx->msg_content) - 1)
{
fastcgi_dump(fcgi_cnx, ctx->msg_content, sizeof(ctx->msg_content));
fastcgi_dump(*fcgi_cnx, ctx->msg_content, sizeof(ctx->msg_content));
return 1;
}
ctx->use_fastcgi = 1;
if (ctx->content_length != -1 && ctx->content_length < 1024000) {
ctx->use_fastcgi |= FASTCGI_COMPRESS_HOLD;
}
ctx->content_length = -1;
int http_comp = http_get_compression(req, res);
if (http_comp & COMPRESS) {
if (http_comp & COMPRESS_BR) {
ctx->use_fastcgi |= FASTCGI_COMPRESS_BR;
sprintf(buf, "br");
} else if (http_comp & COMPRESS_GZ) {
ctx->use_fastcgi |= FASTCGI_COMPRESS_GZ;
sprintf(buf, "gzip");
}
http_add_header_field(&res->hdr, "Vary", "Accept-Encoding");
http_add_header_field(&res->hdr, "Content-Encoding", buf);
http_remove_header_field(&res->hdr, "Content-Length", HTTP_REMOVE_ALL);
}
if (http_get_header_field(&res->hdr, "Content-Length") == NULL) {
http_add_header_field(&res->hdr, "Transfer-Encoding", "chunked");
}
@@ -155,21 +161,35 @@ static int fastcgi_handler_1(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
return 0;
}
static int fastcgi_handler_2(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
const char *transfer_encoding = http_get_header_field(&ctx->res.hdr, "Transfer-Encoding");
int chunked = strcontains(transfer_encoding, "chunked");
int flags = (chunked ? FASTCGI_CHUNKED : 0) | (ctx->use_fastcgi & (FASTCGI_COMPRESS | FASTCGI_COMPRESS_HOLD));
int ret = fastcgi_send(fcgi_cnx, &ctx->socket, flags);
if (ret < 0) {
ctx->c_keep_alive = 0;
errno = 0;
static void fastcgi_next_cb(chunk_ctx_t *ctx) {
if (ctx->client->fcgi_ctx) {
fastcgi_close(ctx->client->fcgi_ctx);
ctx->client->fcgi_ctx = NULL;
}
if (fcgi_cnx->socket != 0) {
close(fcgi_cnx->socket);
fcgi_cnx->socket = 0;
}
return ret;
fastcgi_handle(ctx->client);
}
static void fastcgi_error_cb(chunk_ctx_t *ctx) {
if (ctx->client->chunks_transferred)
return;
logger_set_prefix("[%s%*s%s]%s", BLD_STR, ADDRSTRLEN, ctx->client->req_host, CLR_STR, ctx->client->log_prefix);
// FIXME segfault on error_cb
warning("Closing connection due to FastCGI error");
if(ctx->client->fcgi_ctx) {
fastcgi_close_error(ctx->client->fcgi_ctx);
ctx->client->fcgi_ctx = NULL;
}
tcp_close(ctx->client);
errno = 0;
}
static int fastcgi_handler_2(client_ctx_t *ctx, fastcgi_cnx_t *fcgi_cnx) {
int chunked = strcontains(http_get_header_field(&ctx->res.hdr, "Transfer-Encoding"), "chunked");
handle_chunks(ctx, &fcgi_cnx->out, chunked ? SOCK_CHUNKED : 0, fastcgi_next_cb, fastcgi_error_cb);
return 1;
}

34
src/worker/func.h
View File

@@ -15,11 +15,12 @@
#include "../lib/uri.h"
#include "../lib/config.h"
#include "../lib/proxy.h"
#include "../lib/fastcgi.h"
typedef struct {
sock socket;
int req_num;
unsigned char s_keep_alive:1, c_keep_alive:1, use_fastcgi:4, use_proxy:2, ws_close:2;
unsigned char s_keep_alive:1, c_keep_alive:1, use_fastcgi:4, use_proxy:2, ws_close:2, chunks_transferred:1;
char cc[3], host[256];
char req_host[256], err_msg[256];
char log_prefix[128];
@@ -32,9 +33,10 @@ typedef struct {
http_status custom_status;
host_config_t *conf;
FILE *file;
long content_length;
long content_length, transferred_length;
char *msg_buf, *msg_buf_ptr, msg_content[1024];
proxy_ctx_t *proxy;
void *fcgi_ctx;
} client_ctx_t;
typedef struct {
@@ -43,6 +45,20 @@ typedef struct {
void *other;
} ws_ctx_t;
typedef struct {
unsigned char closed:4;
client_ctx_t *client;
fastcgi_cnx_t cnx;
} fastcgi_ctx_t;
typedef struct {
client_ctx_t *client;
sock *socket;
int flags;
void (*next_cb)(void *);
void (*err_cb)(void *);
} chunk_ctx_t;
void tcp_acceptor_func(client_ctx_t *ctx);
void request_handler_func(client_ctx_t *ctx);
@@ -51,10 +67,16 @@ void local_handler_func(client_ctx_t *ctx);
void fastcgi_handler_func(client_ctx_t *ctx);
void fastcgi_frame_handler_func(fastcgi_ctx_t *ctx);
void proxy_handler_func(client_ctx_t *ctx);
void proxy_peer_handler_func(proxy_ctx_t *ctx);
void ws_frame_handler_func(ws_ctx_t *ctx);
void chunk_handler_func(chunk_ctx_t *ctx);
int respond(client_ctx_t *ctx);
void request_complete(client_ctx_t *ctx);
@@ -67,4 +89,12 @@ int ws_handle_connection(client_ctx_t *ctx);
void ws_close(ws_ctx_t *ctx);
int handle_chunks(client_ctx_t *ctx, sock *socket, int flags, void (*next_cb)(chunk_ctx_t *), void (*err_cb)(chunk_ctx_t *));
int fastcgi_handle_connection(client_ctx_t *ctx, fastcgi_cnx_t **cnx);
void fastcgi_close(fastcgi_ctx_t *ctx);
void fastcgi_close_error(fastcgi_ctx_t *ctx);
#endif //SESIMOS_FUNC_H

190
src/worker/local_handler.c
View File

@@ -134,7 +134,7 @@ static int local_handler(client_ctx_t *ctx) {
http_add_header_field(&res->hdr, "Access-Control-Allow-Origin", "*");
}
if (!strstarts(uri->req_path, "/.well-known/") && strcontains(uri->path, "/.")) {
if ((!strstarts(uri->req_path, "/.well-known/") && strcontains(uri->path, "/.")) || strends(uri->filename, ".inc") || strends(uri->filename, ".inc.php")) {
res->status = http_get_status(403);
sprintf(err_msg, "Parts of this URI are hidden.");
return 0;
@@ -155,97 +155,107 @@ static int local_handler(client_ctx_t *ctx) {
return 0;
}
if (uri->is_static) {
res->status = http_get_status(200);
cache_init_uri(ctx->conf->cache, uri);
http_add_header_field(&res->hdr, "Accept-Ranges", mime_is_text(uri->meta->type) ? "bytes, lines" : "bytes");
if (!streq(req->method, "GET") && !streq(req->method, "HEAD")) {
res->status = http_get_status(405);
return 0;
}
if (http_get_header_field(&req->hdr, "Content-Length") != NULL || http_get_header_field(&req->hdr, "Transfer-Encoding") != NULL) {
res->status = http_get_status(400);
sprintf(err_msg, "A GET request must not contain a payload");
return 0;
}
const char *last_modified = http_format_date(uri->meta->mtime, buf1, sizeof(buf1));
http_add_header_field(&res->hdr, "Last-Modified", last_modified);
sprintf(buf2, "%s; charset=%s", uri->meta->type, uri->meta->charset);
http_add_header_field(&res->hdr, "Content-Type", buf2);
const char *accept_encoding = http_get_header_field(&req->hdr, "Accept-Encoding");
int enc = 0;
if (accept_encoding != NULL) {
if (uri->meta->filename_comp_br[0] != 0 && strcontains(accept_encoding, "br")) {
ctx->file = fopen(uri->meta->filename_comp_br, "rb");
if (ctx->file == NULL) {
cache_mark_dirty(ctx->conf->cache, uri->filename);
errno = 0;
} else {
http_add_header_field(&res->hdr, "Content-Encoding", "br");
enc = COMPRESS_BR;
}
} else if (uri->meta->filename_comp_gz[0] != 0 && strcontains(accept_encoding, "gzip")) {
ctx->file = fopen(uri->meta->filename_comp_gz, "rb");
if (ctx->file == NULL) {
cache_mark_dirty(ctx->conf->cache, uri->filename);
errno = 0;
} else {
http_add_header_field(&res->hdr, "Content-Encoding", "gzip");
enc = COMPRESS_GZ;
}
}
if (enc != 0) {
http_add_header_field(&res->hdr, "Vary", "Accept-Encoding");
}
}
if (uri->meta->etag[0] != 0) {
strcpy(buf1, uri->meta->etag);
if (enc) {
strcat(buf1, "-");
strcat(buf1, (enc & COMPRESS_BR) ? "br" : (enc & COMPRESS_GZ) ? "gzip" : "");
}
http_add_header_field(&res->hdr, "ETag", buf1);
}
http_add_header_field(&res->hdr, "Cache-Control", mime_is_text(uri->meta->type) ? "public, max-age=3600" : "public, max-age=86400");
const char *if_modified_since = http_get_header_field(&req->hdr, "If-Modified-Since");
const char *if_none_match = http_get_header_field(&req->hdr, "If-None-Match");
if ((if_none_match != NULL && !strcontains(if_none_match, uri->meta->etag)) ||
(accept_if_modified_since && streq(if_modified_since, last_modified)))
{
res->status = http_get_status(304);
return 0;
}
if (http_get_header_field(&req->hdr, "Range") != NULL) {
if (range_handler(ctx) == 0) {
res->status = http_get_status(206);
} else {
if (ctx->file) {
fclose(ctx->file);
ctx->file = NULL;
}
http_remove_header_field(&res->hdr, "Content-Type", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Last-Modified", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "ETag", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Cache-Control", HTTP_REMOVE_ALL);
res->status = http_get_status(416);
}
return 0;
}
if (ctx->file == NULL) ctx->file = fopen(uri->filename, "rb");
ctx->content_length = fsize(ctx->file);
} else {
if (!uri->is_static) {
return 1;
}
const char *client_expect = http_get_header_field(&req->hdr, "Expect");
if (client_expect != NULL && strcasecmp(client_expect, "100-continue") != 0) {
res->status = http_get_status(417);
return 0;
}
res->status = http_get_status(200);
cache_init_uri(ctx->conf->cache, uri);
http_add_header_field(&res->hdr, "Accept-Ranges", mime_is_text(uri->meta->type) ? "bytes, lines" : "bytes");
if (!streq(req->method, "GET") && !streq(req->method, "HEAD")) {
res->status = http_get_status(405);
return 0;
}
if (http_get_header_field(&req->hdr, "Content-Length") != NULL || http_get_header_field(&req->hdr, "Transfer-Encoding") != NULL) {
res->status = http_get_status(400);
sprintf(err_msg, "A GET request must not contain a payload");
return 0;
}
const char *last_modified = http_format_date(uri->meta->mtime, buf1, sizeof(buf1));
http_add_header_field(&res->hdr, "Last-Modified", last_modified);
sprintf(buf2, "%s; charset=%s", uri->meta->type, uri->meta->charset);
http_add_header_field(&res->hdr, "Content-Type", buf2);
const char *accept_encoding = http_get_header_field(&req->hdr, "Accept-Encoding");
int enc = 0;
if (accept_encoding != NULL) {
if (uri->meta->filename_comp_br[0] != 0 && strcontains(accept_encoding, "br")) {
ctx->file = fopen(uri->meta->filename_comp_br, "rb");
if (ctx->file == NULL) {
cache_mark_dirty(ctx->conf->cache, uri->filename);
errno = 0;
} else {
http_add_header_field(&res->hdr, "Content-Encoding", "br");
enc = COMPRESS_BR;
}
} else if (uri->meta->filename_comp_gz[0] != 0 && strcontains(accept_encoding, "gzip")) {
ctx->file = fopen(uri->meta->filename_comp_gz, "rb");
if (ctx->file == NULL) {
cache_mark_dirty(ctx->conf->cache, uri->filename);
errno = 0;
} else {
http_add_header_field(&res->hdr, "Content-Encoding", "gzip");
enc = COMPRESS_GZ;
}
}
}
if (uri->meta->filename_comp_br[0] != 0 || uri->meta->filename_comp_gz[0] != 0) {
http_add_header_field(&res->hdr, "Vary", "Accept-Encoding");
}
buf1[0] = 0;
if (uri->meta->etag[0] != 0) {
buf1[0] = '"';
strcpy(buf1 + 1, uri->meta->etag);
if (enc) {
strcat(buf1, "-");
strcat(buf1, (enc & COMPRESS_BR) ? "br" : (enc & COMPRESS_GZ) ? "gzip" : "");
}
strcat(buf1, "\"");
http_add_header_field(&res->hdr, "ETag", buf1);
}
http_add_header_field(&res->hdr, "Cache-Control", mime_is_text(uri->meta->type) ? "public, must-revalidate, max-age=3600" : "public, must-revalidate, max-age=86400");
const char *if_modified_since = http_get_header_field(&req->hdr, "If-Modified-Since");
const char *if_none_match = http_get_header_field(&req->hdr, "If-None-Match");
if ((if_none_match != NULL && strcontains(if_none_match, buf1)) ||
(accept_if_modified_since && streq(if_modified_since, last_modified)))
{
res->status = http_get_status(304);
ctx->content_length = 0;
return 0;
}
if (http_get_header_field(&req->hdr, "Range") != NULL) {
if (range_handler(ctx) == 0) {
res->status = http_get_status(206);
} else {
if (ctx->file) {
fclose(ctx->file);
ctx->file = NULL;
}
http_remove_header_field(&res->hdr, "Content-Type", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Last-Modified", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "ETag", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Cache-Control", HTTP_REMOVE_ALL);
res->status = http_get_status(416);
}
return 0;
}
if (ctx->file == NULL) ctx->file = fopen(uri->filename, "rb");
ctx->content_length = fsize(ctx->file);
return 0;
}

91
src/worker/proxy_handler.c
View File

@@ -1,7 +1,7 @@
/**
* sesimos - secure, simple, modern web server
* @brief Proxy handler
* @file src/worker/proxy_handler_1.c
* @file src/worker/proxy_handler.c
* @author Lorenz Stechauner
* @date 2022-12-29
*/
@@ -27,22 +27,28 @@ void proxy_handler_func(client_ctx_t *ctx) {
respond(ctx);
if (ret == 1) {
proxy_unlock_ctx(ctx->proxy);
ctx->proxy->client = NULL;
ctx->proxy = NULL;
// error status code
if (proxy_unlock_ctx(ctx->proxy) == 1)
proxy_peer_handle(ctx->proxy);
} else if (ctx->use_proxy == 0) {
// proxy not used
proxy_close(ctx->proxy);
} else if (ctx->use_proxy == 1) {
proxy_handler_2(ctx);
proxy_unlock_ctx(ctx->proxy);
ctx->proxy->client = NULL;
ctx->proxy = NULL;
} else if (ctx->use_proxy == 1) {
// proxy is used
if (proxy_handler_2(ctx) == 1) {
// chunked
return;
}
if (proxy_unlock_ctx(ctx->proxy) == 1)
proxy_peer_handle(ctx->proxy);
} else if (ctx->use_proxy == 2) {
// WebSocket
ws_handle_connection(ctx);
return;
}
ctx->proxy = NULL;
request_complete(ctx);
handle_request(ctx);
}
@@ -53,13 +59,16 @@ static int proxy_handler_1(client_ctx_t *ctx) {
char buf[1024];
info("Reverse proxy for " BLD_STR "%s:%i" CLR_STR, ctx->conf->proxy.hostname, ctx->conf->proxy.port);
info("Reverse proxy for " BLD_STR "[%s]:%i" CLR_STR, ctx->conf->proxy.hostname, ctx->conf->proxy.port);
http_remove_header_field(&res->hdr, "Date", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Server", HTTP_REMOVE_ALL);
ctx->use_proxy = proxy_init(&ctx->proxy, &ctx->req, res, status, ctx->conf, &ctx->socket, &ctx->custom_status, ctx->err_msg) == 0;
ctx->proxy->client = ctx;
if (ctx->use_proxy == 0)
return 0;
if (res->status->code == 101) {
const char *connection = http_get_header_field(&res->hdr, "Connection");
const char *upgrade = http_get_header_field(&res->hdr, "Upgrade");
@@ -83,7 +92,8 @@ static int proxy_handler_1(client_ctx_t *ctx) {
const char *content_type = http_get_header_field(&res->hdr, "Content-Type");
const char *content_length_f = http_get_header_field(&res->hdr, "Content-Length");
const char *content_encoding = http_get_header_field(&res->hdr, "Content-Encoding");
if (content_encoding == NULL && (
const char *transfer_encoding = http_get_header_field(&res->hdr, "Transfer-Encoding");
if (transfer_encoding == NULL && content_encoding == NULL && (
content_length_f == NULL ||
streq(content_length_f, "0") ||
(content_length_f != NULL && strstarts(content_type, "text/html"))))
@@ -104,52 +114,45 @@ static int proxy_handler_1(client_ctx_t *ctx) {
}
}
if (streq(ctx->req.method, "HEAD")) {
return 1;
}
return streq(ctx->req.method, "HEAD") ? 1 : 0;
}
/*
char *content_encoding = http_get_header_field(&res->hdr, "Content-Encoding");
if (use_proxy && content_encoding == NULL) {
int http_comp = http_get_compression(&req, &res);
if (http_comp & COMPRESS_BR) {
use_proxy |= PROXY_COMPRESS_BR;
} else if (http_comp & COMPRESS_GZ) {
use_proxy |= PROXY_COMPRESS_GZ;
}
}
static void proxy_chunk_next_cb(chunk_ctx_t *ctx) {
if (proxy_unlock_ctx(ctx->client->proxy) == 1)
proxy_peer_handle(ctx->client->proxy);
char *transfer_encoding = http_get_header_field(&res->hdr, "Transfer-Encoding");
int chunked = transfer_encoding != NULL && streq(transfer_encoding, "chunked");
http_remove_header_field(&res->hdr, "Transfer-Encoding", HTTP_REMOVE_ALL);
ret = sprintf(buf, "%s%s%s",
(use_proxy & PROXY_COMPRESS_BR) ? "br" :
((use_proxy & PROXY_COMPRESS_GZ) ? "gzip" : ""),
((use_proxy & PROXY_COMPRESS) && chunked) ? ", " : "",
chunked ? "chunked" : "");
if (ret > 0) {
http_add_header_field(&res->hdr, "Transfer-Encoding", buf);
}
*/
ctx->client->proxy = NULL;
request_complete(ctx->client);
handle_request(ctx->client);
}
return 0;
static void proxy_chunk_err_cb(chunk_ctx_t *ctx) {
ctx->client->c_keep_alive = 0;
proxy_close(ctx->client->proxy);
proxy_unlock_ctx(ctx->client->proxy);
ctx->client->proxy = NULL;
request_complete(ctx->client);
handle_request(ctx->client);
}
static int proxy_handler_2(client_ctx_t *ctx) {
const char *transfer_encoding = http_get_header_field(&ctx->res.hdr, "Transfer-Encoding");
int chunked = strcontains(transfer_encoding, "chunked");
const int chunked = strcontains(transfer_encoding, "chunked");
const char *content_len = http_get_header_field(&ctx->res.hdr, "Content-Length");
unsigned long len_to_send = 0;
if (content_len != NULL) {
len_to_send = strtol(content_len, NULL, 10);
const unsigned long len_to_send = (content_len != NULL) ? strtol(content_len, NULL, 10) : 0;
if (chunked) {
handle_chunks(ctx, &ctx->proxy->proxy, SOCK_CHUNKED, proxy_chunk_next_cb, proxy_chunk_err_cb);
return 1;
}
int flags = (chunked ? PROXY_CHUNKED : 0) | (ctx->use_proxy & PROXY_COMPRESS);
int ret = proxy_send(ctx->proxy, &ctx->socket, len_to_send, flags);
if (ret < 0) {
long ret;
if ((ret = proxy_send(ctx->proxy, &ctx->socket, len_to_send, 0)) == -1) {
ctx->c_keep_alive = 0;
} else if (ret > 0) {
ctx->transferred_length += ret;
}
return ret;

17
src/worker/proxy_peer_handler.c Normal file
View File

@@ -0,0 +1,17 @@
/**
* sesimos - secure, simple, modern web server
* @brief Proxy peer handler
* @file src/worker/proxy_peer_handler.c
* @author Lorenz Stechauner
* @date 2023-07-07
*/
#include "func.h"
#include "../logger.h"
#include "../lib/utils.h"
void proxy_peer_handler_func(proxy_ctx_t *ctx) {
if (!ctx->initialized || ctx->in_use) return;
logger_set_prefix("[%s%*s%s]", BLD_STR, ADDRSTRLEN, ctx->host, CLR_STR);
proxy_close(ctx);
}

51
src/worker/request_handler.c
View File

@@ -48,6 +48,8 @@ static void init_ctx(client_ctx_t *ctx) {
ctx->file = NULL;
ctx->proxy = NULL;
ctx->use_fastcgi = 0;
ctx->chunks_transferred = 0;
ctx->fcgi_ctx = NULL;
ctx->use_proxy = 0;
ctx->ws_close = 0;
ctx->proxy = NULL;
@@ -57,6 +59,8 @@ static void init_ctx(client_ctx_t *ctx) {
ctx->req_host[0] = 0;
ctx->err_msg[0] = 0;
ctx->req_s = ctx->socket.ts_last;
ctx->transferred_length = 0;
ctx->content_length = 0;
memset(&ctx->uri, 0, sizeof(ctx->uri));
memset(&ctx->req, 0, sizeof(ctx->req));
@@ -247,7 +251,7 @@ int respond(client_ctx_t *ctx) {
if (http_get_header_field(&res->hdr, "Accept-Ranges") == NULL) {
http_add_header_field(&res->hdr, "Accept-Ranges", "none");
}
if (!ctx->use_fastcgi && ctx->file == NULL && ctx->msg_buf == NULL) {
if (!ctx->use_fastcgi && ctx->file == NULL && ctx->msg_buf == NULL && res->status->code != 304) {
http_remove_header_field(&res->hdr, "Date", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Server", HTTP_REMOVE_ALL);
http_remove_header_field(&res->hdr, "Cache-Control", HTTP_REMOVE_ALL);
@@ -341,7 +345,7 @@ int respond(client_ctx_t *ctx) {
} else if (!streq(req->method, "HEAD")) {
// default response
if (ctx->msg_buf != NULL) {
ret = sock_send(client, ctx->msg_buf, ctx->content_length, 0);
ret = sock_send_x(client, ctx->msg_buf, ctx->content_length, 0);
if (ret <= 0) {
error("Unable to send");
}
@@ -352,7 +356,7 @@ int respond(client_ctx_t *ctx) {
if (snd_len + len > ctx->content_length) {
len = ctx->content_length - snd_len;
}
ret = sock_send(client, buffer, len, feof(ctx->file) ? 0 : MSG_MORE);
ret = sock_send_x(client, buffer, len, feof(ctx->file) ? 0 : MSG_MORE);
if (ret <= 0) {
error("Unable to send");
break;
@@ -371,10 +375,48 @@ int respond(client_ctx_t *ctx) {
}
void request_complete(client_ctx_t *ctx) {
char buf[32];
char buf[64];
ctx->req_e = clock_micros();
info("Transfer complete: %s", format_duration(ctx->req_e - ctx->req_s, buf));
if (ctx->conf) {
char path[256];
sprintf(path, "/var/log/sesimos/%s.access.log", ctx->req_host);
FILE *log = fopen(path, "a");
if (log) {
struct timespec time1, time2;
clock_gettime(CLOCK_MONOTONIC, &time1);
clock_gettime(CLOCK_REALTIME, &time2);
const long diff = (time2.tv_sec - time1.tv_sec) * 1000000 + (time2.tv_nsec - time1.tv_nsec) / 1000;
struct tm time_info;
const long ts = (ctx->req_s + diff) / 1000000;
strftime(buf, sizeof(buf), "%Y-%m-%dT%H:%M:%S%z", localtime_r(&ts, &time_info));
const char *auth = http_get_header_field(&ctx->req.hdr, "Authorization");
char user[256] = {0};
if (auth != NULL && strstarts(auth, "Basic ")) {
base64_decode(auth + 6, strlen(auth) - 6, user, NULL);
char *col = strchr(user, ':');
if (col != NULL) col[0] = 0;
}
const char *ref = http_get_header_field(&ctx->req.hdr, "Referer");
const char *ua = http_get_header_field(&ctx->req.hdr, "User-Agent");
const char *loc = http_get_header_field(&ctx->res.hdr, "Location");
const char *type = http_get_header_field(&ctx->res.hdr, "Content-Type");
const long len = ctx->content_length <= 0 ? ctx->transferred_length : ctx->content_length;
fprintf(log, "%s %s %s [%s] \"%s %s HTTP/%s\" %i %li %s%s%s %s%s%s %s%s%s %s%s%s\n",
ctx->socket.addr, "-", user[0] != 0 ? user : "-", buf,
ctx->req.method, ctx->req.uri, ctx->req.version, ctx->res.status->code, len,
loc != NULL ? "\"" : "", loc != NULL ? loc : "-", loc != NULL ? "\"" : "",
type != NULL ? "\"" : "", type != NULL ? type : "-", type != NULL ? "\"" : "",
ref != NULL ? "\"" : "", ref != NULL ? ref : "-", ref != NULL ? "\"" : "",
ua != NULL ? "\"" : "", ua != NULL ? ua : "-", ua != NULL ? "\"" : "");
fclose(log);
}
errno = 0;
}
if (ctx->file) fclose(ctx->file);
free(ctx->msg_buf_ptr);
uri_free(&ctx->uri);
@@ -390,5 +432,6 @@ void timeout_request(client_ctx_t *ctx) {
ctx->res.status = http_get_status(408);
respond(ctx);
request_complete(ctx);
tcp_close(ctx);
}

36
src/worker/tcp_acceptor.c
View File

@@ -17,7 +17,6 @@
#include <string.h>
#include <errno.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
static int tcp_acceptor(client_ctx_t *ctx);
@@ -56,35 +55,10 @@ static int tcp_acceptor(client_ctx_t *ctx) {
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->socket.s_addr, ctx->log_prefix);
int ret;
char buf[1024];
sock *client = &ctx->socket;
ctx->cnx_s = clock_micros();
if (config.dns_server[0] != 0) {
sprintf(buf, "dig @%s +short +time=1 -x %s", config.dns_server, ctx->socket.addr);
FILE *dig = popen(buf, "r");
if (dig == NULL) {
error("Unable to start dig: %s");
goto dig_err;
}
unsigned long read = fread(buf, 1, sizeof(buf), dig);
ret = pclose(dig);
if (ret != 0) {
error("Dig terminated with exit code %i", ret);
goto dig_err;
}
char *ptr = memchr(buf, '\n', read);
if (ptr == buf || ptr == NULL) {
goto dig_err;
}
ptr[-1] = 0;
strncpy(ctx->host, buf, sizeof(ctx->host));
} else {
dig_err:
ctx->host[0] = 0;
}
sock_reverse_lookup(&ctx->socket, ctx->host, sizeof(ctx->host));
ctx->cc[0] = 0;
geoip_lookup_country(&client->_addr.sock, ctx->cc);
@@ -93,7 +67,7 @@ static int tcp_acceptor(client_ctx_t *ctx) {
ctx->host[0] != 0 ? ctx->host : "", ctx->host[0] != 0 ? ") " : "",
ctx->cc[0] != 0 ? ctx->cc : "N/A");
if (sock_set_socket_timeout(client, 1) != 0 || sock_set_timeout(client, CLIENT_TIMEOUT) != 0) {
if (sock_set_socket_timeout(client, SOCKET_TIMEOUT) != 0 || sock_set_timeout(client, CLIENT_TIMEOUT) != 0) {
error("Unable to set timeout for socket");
return -1;
}
@@ -103,18 +77,20 @@ static int tcp_acceptor(client_ctx_t *ctx) {
SSL_set_fd(client->ssl, client->socket);
SSL_set_accept_state(client->ssl);
ret = SSL_accept(client->ssl);
if (ret != 1) {
int ret;
if ((ret = SSL_accept(client->ssl)) != 1) {
sock_error(client, ret);
info("Unable to perform handshake");
return -1;
}
client->ts_last = clock_micros();
client->ts_last_send = client->ts_last;
}
ctx->req_num = 0;
ctx->s_keep_alive = 1;
ctx->c_keep_alive = 1;
ctx->chunks_transferred = 0;
return 0;
}

27
src/worker/ws_frame_handler.c
View File

@@ -11,7 +11,10 @@
#include "../logger.h"
#include "../lib/websocket.h"
#include "../workers.h"
#include "../lib/utils.h"
#include <errno.h>
#include <string.h>
static int ws_frame_handler(ws_ctx_t *ctx);
@@ -31,15 +34,25 @@ void ws_frame_handler_func(ws_ctx_t *ctx) {
int ws_handle_connection(client_ctx_t *ctx) {
info("Upgrading to WebSocket connection");
// copy proxy connection details
proxy_ctx_t *proxy = malloc(sizeof(proxy_ctx_t));
memcpy(proxy, ctx->proxy, sizeof(proxy_ctx_t));
// free proxy connection slot
ctx->proxy->initialized = 0;
proxy_unlock_ctx(ctx->proxy);
ctx->proxy = proxy;
sock_set_timeout(&ctx->socket, WS_TIMEOUT);
sock_set_timeout(&ctx->proxy->proxy, WS_TIMEOUT);
sock_set_timeout(&proxy->proxy, WS_TIMEOUT);
ws_ctx_t *a = malloc(sizeof(ws_ctx_t));
ws_ctx_t *b = malloc(sizeof(ws_ctx_t));
a->other = b, b->other = a;
a->client = ctx, b->client = ctx;
a->socket = &ctx->socket, b->socket = &ctx->proxy->proxy;
a->socket = &ctx->socket, b->socket = &proxy->proxy;
ws_handle_frame(a);
ws_handle_frame(b);
@@ -83,10 +96,16 @@ static int ws_frame_handler(ws_ctx_t *ctx) {
void ws_close(ws_ctx_t *ctx) {
ws_ctx_t *other = ctx->other;
if (other) {
proxy_ctx_t *proxy = ctx->client->proxy;
other->other = NULL;
logger_set_prefix("[%*s]%s", ADDRSTRLEN, ctx->client->socket.s_addr, ctx->client->log_prefix);
info("Closing WebSocket connection");
proxy_close(ctx->client->proxy);
proxy->cnx_e = clock_micros();
char buf[32];
info("Closing WebSocket connection (%s)", format_duration(proxy->cnx_e - proxy->cnx_s, buf));
sock_close(&proxy->proxy);
free(ctx->client->proxy);
tcp_close(ctx->client);
}
free(ctx);

64
src/workers.c
View File

@@ -12,35 +12,44 @@
#include "worker/func.h"
#include "async.h"
static mpmc_t tcp_acceptor_ctx, request_handler_ctx, local_handler_ctx, fastcgi_handler_cxt, proxy_handler_ctx,
ws_frame_handler_ctx;
static mpmc_t tcp_acceptor_ctx, request_handler_ctx, local_handler_ctx, fastcgi_handler_ctx, proxy_handler_ctx,
proxy_peer_handler_ctx, ws_frame_handler_ctx, chunk_handler_ctx, fastcgi_frame_handler_ctx;
int workers_init(void) {
mpmc_init(&tcp_acceptor_ctx, 8, 64, (void (*)(void *)) tcp_acceptor_func, "tcp");
mpmc_init(&request_handler_ctx, 16, 64, (void (*)(void *)) request_handler_func, "req");
mpmc_init(&local_handler_ctx, 16, 64, (void (*)(void *)) local_handler_func, "local");
mpmc_init(&fastcgi_handler_cxt, 16, 64, (void (*)(void *)) fastcgi_handler_func, "fcgi");
mpmc_init(&proxy_handler_ctx, 16, 64, (void (*)(void *)) proxy_handler_func, "proxy");
mpmc_init(&ws_frame_handler_ctx, 16, 64, (void (*)(void *)) ws_frame_handler_func, "ws");
mpmc_init(&tcp_acceptor_ctx, 8, 64, (void (*)(void *)) tcp_acceptor_func, "tcp");
mpmc_init(&request_handler_ctx, 8, 64, (void (*)(void *)) request_handler_func, "req");
mpmc_init(&local_handler_ctx, 8, 64, (void (*)(void *)) local_handler_func, "local");
mpmc_init(&fastcgi_handler_ctx, 8, 64, (void (*)(void *)) fastcgi_handler_func, "fcgi");
mpmc_init(&proxy_handler_ctx, 8, 64, (void (*)(void *)) proxy_handler_func, "proxy");
mpmc_init(&proxy_peer_handler_ctx, 1, 8, (void (*)(void *)) proxy_peer_handler_func, "prxy_p");
mpmc_init(&ws_frame_handler_ctx, 8, 64, (void (*)(void *)) ws_frame_handler_func, "ws");
mpmc_init(&chunk_handler_ctx, 8, 64, (void (*)(void *)) chunk_handler_func, "chunk");
mpmc_init(&fastcgi_frame_handler_ctx, 8, 64, (void (*)(void *)) fastcgi_frame_handler_func, "fcgi_f");
return -1;
}
void workers_stop(void) {
mpmc_stop(&tcp_acceptor_ctx);
mpmc_stop(&local_handler_ctx);
mpmc_stop(&fastcgi_handler_cxt);
mpmc_stop(&fastcgi_handler_ctx);
mpmc_stop(&proxy_handler_ctx);
mpmc_stop(&proxy_peer_handler_ctx);
mpmc_stop(&request_handler_ctx);
mpmc_stop(&ws_frame_handler_ctx);
mpmc_stop(&chunk_handler_ctx);
mpmc_stop(&fastcgi_frame_handler_ctx);
}
void workers_destroy(void) {
mpmc_destroy(&tcp_acceptor_ctx);
mpmc_destroy(&local_handler_ctx);
mpmc_destroy(&fastcgi_handler_cxt);
mpmc_destroy(&fastcgi_handler_ctx);
mpmc_destroy(&proxy_handler_ctx);
mpmc_destroy(&proxy_peer_handler_ctx);
mpmc_destroy(&request_handler_ctx);
mpmc_destroy(&ws_frame_handler_ctx);
mpmc_destroy(&chunk_handler_ctx);
mpmc_destroy(&fastcgi_frame_handler_ctx);
}
int tcp_accept(client_ctx_t *ctx) {
@@ -68,13 +77,35 @@ int local_handle(client_ctx_t *ctx) {
}
int fastcgi_handle(client_ctx_t *ctx) {
return mpmc_queue(&fastcgi_handler_cxt, ctx);
return mpmc_queue(&fastcgi_handler_ctx, ctx);
}
static int fastcgi_handle_frame_cb(fastcgi_ctx_t *ctx) {
return mpmc_queue(&fastcgi_frame_handler_ctx, ctx);
}
int fastcgi_handle_frame(fastcgi_ctx_t *ctx) {
return async(&ctx->cnx.socket, ASYNC_WAIT_READ, 0, ctx,
(void (*)(void *)) fastcgi_handle_frame_cb,
(void (*)(void *)) fastcgi_close,
(void (*)(void *)) fastcgi_close);
}
int proxy_handle(client_ctx_t *ctx) {
return mpmc_queue(&proxy_handler_ctx, ctx);
}
static int proxy_peer_handle_cb(proxy_ctx_t *ctx) {
return mpmc_queue(&proxy_peer_handler_ctx, ctx);
}
int proxy_peer_handle(proxy_ctx_t *ctx) {
return async(&ctx->proxy, ASYNC_WAIT_READ, ASYNC_IGNORE_PENDING, ctx,
(void (*)(void *)) proxy_peer_handle_cb,
(void (*)(void *)) proxy_peer_handle_cb,
(void (*)(void *)) proxy_peer_handle_cb);
}
static int ws_handle_frame_cb(ws_ctx_t *ctx) {
return mpmc_queue(&ws_frame_handler_ctx, ctx);
}
@@ -85,3 +116,14 @@ int ws_handle_frame(ws_ctx_t *ctx) {
(void (*)(void *)) ws_close,
(void (*)(void *)) ws_close);
}
static int handle_chunk_cb(chunk_ctx_t *ctx) {
return mpmc_queue(&chunk_handler_ctx, ctx);
}
int handle_chunk(chunk_ctx_t *ctx) {
return async(ctx->socket, ASYNC_WAIT_READ, 0, ctx,
(void (*)(void *)) handle_chunk_cb,
(void (*)(void *)) ctx->err_cb,
(void (*)(void *)) ctx->err_cb);
}

6
src/workers.h
View File

@@ -25,8 +25,14 @@ int local_handle(client_ctx_t *ctx);
int fastcgi_handle(client_ctx_t *ctx);
int fastcgi_handle_frame(fastcgi_ctx_t *ctx);
int proxy_handle(client_ctx_t *ctx);
int proxy_peer_handle(proxy_ctx_t *ctx);
int ws_handle_frame(ws_ctx_t *ctx);
int handle_chunk(chunk_ctx_t *ctx);
#endif //SESIMOS_WORKERS_H