lorenz.stechauner/sesimos
1
1
Fork 0
Code Issues Pull Requests Projects Releases Activity

Compare commits

base: lorenz.stechauner:v4.5
Branches Tags
lorenz.stechauner:master lorenz.stechauner:stable-4 lorenz.stechauner:dev
lorenz.stechauner:v4.6 lorenz.stechauner:v4.5 lorenz.stechauner:v4.4 lorenz.stechauner:v4.3 lorenz.stechauner:v4.2 lorenz.stechauner:v4.1 lorenz.stechauner:v4.0 lorenz.stechauner:v3.0
...
compare: lorenz.stechauner:v4.6
Branches Tags
lorenz.stechauner:master lorenz.stechauner:stable-4 lorenz.stechauner:dev
lorenz.stechauner:v4.6 lorenz.stechauner:v4.5 lorenz.stechauner:v4.4 lorenz.stechauner:v4.3 lorenz.stechauner:v4.2 lorenz.stechauner:v4.1 lorenz.stechauner:v4.0 lorenz.stechauner:v3.0

28 Commits
v4.5 ... v4.6

Author SHA1 Message Date
Lorenz Stechauner
a2f4bf57e0 Bump version to 4.6 2022-08-18 14:49:49 +02:00
Lorenz Stechauner
635271ec50 Change default config file name 2022-08-18 14:36:31 +02:00
Lorenz Stechauner
2b4569aabe Rename Necronda server to Sesimos 2022-08-18 14:17:12 +02:00
Lorenz Stechauner
f361fce561 Remove second trailing new-line in websocket.c 2022-08-18 12:31:56 +02:00
Lorenz Stechauner
c92742275a Implement WebSocket reverse proxy 2022-08-18 03:07:54 +02:00
Lorenz Stechauner
041e4d43a7 Code style 2022-08-17 22:35:51 +02:00
Lorenz Stechauner
170337d4d5 Do not use select() anymore 2022-08-17 22:34:01 +02:00
Lorenz Stechauner
f0b27b3b37 Fix revproxy and fastcgi http header field merging 2022-08-17 19:11:20 +02:00
Lorenz Stechauner
ee8aedce91 Add base64_encode() to utils 2022-08-17 12:57:07 +02:00
Lorenz Stechauner
0648c75baa Refactor code a bit 2022-08-16 22:06:50 +02:00
Lorenz Stechauner
b6ba58d406 Fix memory leak on location rewrite in rev_proxy 2022-08-16 21:03:50 +02:00
Lorenz Stechauner
abe0e326cb Remove redundant compressable-mime-type 2022-08-16 20:40:55 +02:00
Lorenz Stechauner
4fe067ed7d Remove strncpy 2022-08-16 20:16:46 +02:00
Lorenz Stechauner
41e12d6293 Fix http_get_header_field(_len) 2022-08-16 20:08:00 +02:00
Lorenz Stechauner
a738f1abfe Fix http parser bugs 2022-08-16 20:04:08 +02:00
Lorenz Stechauner
b6309eec39 Update readme 2022-08-16 19:20:01 +02:00
Lorenz Stechauner
9923a76ba7 Update readme 2022-08-16 19:15:59 +02:00
Lorenz Stechauner
ea4cdff233 Update example.conf 2022-08-16 19:08:02 +02:00
Lorenz Stechauner
6526b5cbcb Rename necronda-server.* to server.* 2022-08-16 19:02:28 +02:00
Lorenz Stechauner
0119945e03 Fix header in client.h 2022-08-16 18:58:38 +02:00
Lorenz Stechauner
3fe1fe023a Fix shared memory management on error 2022-08-16 18:52:10 +02:00
Lorenz Stechauner
bc1c6d3498 Update http header parser 2022-08-16 18:35:03 +02:00
Lorenz Stechauner
50bb537074 Refactor code style 2022-08-15 22:06:10 +02:00
Lorenz Stechauner
c060ee5bb6 Add TODO 2022-07-10 21:28:00 +02:00
Lorenz Stechauner
4062883cb3 Update rev proxy error document handling 2022-07-10 21:26:01 +02:00
Lorenz Stechauner
e0e44e9c26 Fix reverse proxy retry issue 2022-07-08 11:37:07 +02:00
Lorenz Stechauner
f0d8a3db4c Fix array out of bounds for reverse proxy location 2022-07-07 20:01:30 +02:00
Lorenz Stechauner
557e176d3d Add redirection fix for reverse proxy 2022-07-07 19:36:54 +02:00
33 changed files with 959 additions and 359 deletions
Expand all files Collapse all files

16
Makefile
View File

@ -1,6 +1,6 @@
CC=gcc
CFLAGS=-std=gnu11 -Wall
CFLAGS=-std=gnu11 -Wall -Wno-unused-but-set-variable
LIBS=-lssl -lcrypto -lmagic -lz -lmaxminddb -lbrotlienc
DEBIAN_OPTS=-D CACHE_MAGIC_FILE="\"/usr/share/file/magic.mgc\"" -D PHP_FPM_SOCKET="\"/var/run/php/php7.4-fpm.sock\""
@ -11,16 +11,16 @@ packages:
@echo "Finished downloading!"
permit:
sudo setcap 'cap_net_bind_service=+ep' "$(shell pwd)/bin/necronda-server"
sudo setcap 'cap_net_bind_service=+ep' "$(shell pwd)/bin/sesimos"
compile:
@mkdir -p bin
$(CC) src/lib/*.c -o bin/libnecrondaserver.so --shared -fPIC $(CFLAGS) $(LIBS)
$(CC) src/necronda-server.c -o bin/necronda-server $(CFLAGS) $(LIBS) \
-Lbin -lnecrondaserver -Wl,-rpath=$(shell pwd)/bin
$(CC) src/lib/*.c -o bin/libsesimos.so --shared -fPIC $(CFLAGS) $(LIBS)
$(CC) src/server.c src/client.c -o bin/sesimos $(CFLAGS) $(LIBS) \
-Lbin -lsesimos -Wl,-rpath=$(shell pwd)/bin
compile-prod:
@mkdir -p bin
$(CC) src/lib/*.c -o bin/libnecrondaserver.so --shared -fPIC $(CFLAGS) $(LIBS) $(DEBIAN_OPTS) -O3
$(CC) src/necronda-server.c -o bin/necronda-server $(CFLAGS) $(LIBS) $(DEBIAN_OPTS) -O3 \
-Lbin -lnecrondaserver -Wl,-rpath=$(shell pwd)/bin
$(CC) src/lib/*.c -o bin/libsesimos.so --shared -fPIC $(CFLAGS) $(LIBS) $(DEBIAN_OPTS) -O3
$(CC) src/server.c src/client.c -o bin/sesimos $(CFLAGS) $(LIBS) $(DEBIAN_OPTS) -O3 \
-Lbin -lsesimos -Wl,-rpath=$(shell pwd)/bin

11
README.md
View File

@ -1,15 +1,18 @@
Necronda web server
===================
Sesimos Secure, simple, modern web server
===========================================
## Features
* Full IPv4 and IPv6 support
* TLS Server Name Inspection (SNI)
* Serving local files via HTTP and HTTPS
* File compression ([gzip](https://www.gzip.org/), [Brotli](https://www.brotli.org/)) and disk cache for compressed files
* File compression ([gzip](https://www.gzip.org/), [Brotli](https://www.brotli.org/))
* Disk cache for compressed files
* Reverse proxy for other HTTP and HTTPS servers
* Transparent WebSocket reverse proxy
* FastCGI support (e.g. [PHP-FPM](https://php-fpm.org/))
* Automatic path info detection (e.g. `/my/file/extra/path` -> script: `/my/file.php`, path info: `extra/path`)
* Support for [MaxMind's GeoIP Database](https://www.maxmind.com/en/geoip2-services-and-databases)
* Optional DNS reverse lookup for connecting hosts
* Automatic URL rewrite (e.g. `/index.html` -> `/`, `/test.php` -> `/test`)
@ -29,7 +32,7 @@ See [docs/example.conf](docs/example.conf) for more details.
### Configuration
* `[cert <cert-name]` - begins section for a certificate
* `[cert <cert-name>]` - begins section for a certificate
* `certificate` - path to SSL certificate (or certificate chain)
* `private_key` - path to SSL private key
* `[host <host>]` - begins section for the virtual host `<host>`

15
docs/example.conf
View File

@ -1,19 +1,24 @@
certificate /var/cert/cert.pem
private_key /var/cert/cert.key
#geoip_dir /var/dir
#dns_server 192.168.0.1
[localhost]
[cert cert1]
certificate /var/cert/cert.pem
private_key /var/cert/cert.key
[host localhost]
webroot /var/www/localhost
dir_mode forbidden
cert cert1
[me.local]
[host me.local]
hostname www.example.com
port 80
cert cert1
http
[secure.local]
[host secure.local]
hostname www.example.com
port 443
cert cert1
https

164
src/client.c
View File

@ -1,10 +1,14 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Client connection and request handlers
* src/client.c
* Lorenz Stechauner, 2020-12-03
*/
#include "defs.h"
#include "client.h"
#include "server.h"
#include "lib/utils.h"
#include "lib/config.h"
#include "lib/sock.h"
@ -14,9 +18,9 @@
#include "lib/cache.h"
#include "lib/geoip.h"
#include "lib/compress.h"
#include "lib/websocket.h"
#include <string.h>
#include <sys/select.h>
#include <errno.h>
#include <unistd.h>
#include <openssl/ssl.h>
@ -24,13 +28,12 @@
#include <signal.h>
#include <arpa/inet.h>
int server_keep_alive = 1;
struct timeval client_timeout = {.tv_sec = CLIENT_TIMEOUT, .tv_usec = 0};
int server_keep_alive;
char *log_client_prefix, *log_conn_prefix, *log_req_prefix, *client_geoip;
char *client_addr_str, *client_addr_str_ptr, *server_addr_str, *server_addr_str_ptr, *client_host_str;
struct timeval client_timeout;
host_config *get_host_config(const char *host) {
for (int i = 0; i < CONFIG_MAX_HOST_CONFIG; i++) {
@ -49,11 +52,6 @@ void client_terminate() {
server_keep_alive = 0;
}
int client_websocket_handler() {
// TODO implement client_websocket_handler
return 0;
}
int client_request_handler(sock *client, unsigned long client_num, unsigned int req_num) {
struct timespec begin, end;
long ret;
@ -63,7 +61,8 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
char msg_buf[8192], msg_pre_buf_1[4096], msg_pre_buf_2[4096], err_msg[256];
char msg_content[1024];
char buffer[CHUNK_SIZE];
char host[256], *host_ptr, *hdr_connection;
char host[256];
const char *host_ptr, *hdr_connection;
msg_buf[0] = 0;
err_msg[0] = 0;
@ -81,23 +80,18 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
fastcgi_conn fcgi_conn = {.socket = 0, .req_id = 0};
http_status custom_status;
http_res res = {.version = "1.1", .status = http_get_status(501), .hdr.field_num = 0};
http_status_ctx ctx = {.status = 0, .origin = NONE};
http_res res = {.version = "1.1", .status = http_get_status(501), .hdr.field_num = 0, .hdr.last_field_num = -1};
http_status_ctx ctx = {.status = 0, .origin = NONE, .ws_key = NULL};
clock_gettime(CLOCK_MONOTONIC, &begin);
fd_set socket_fds;
FD_ZERO(&socket_fds);
FD_SET(client->socket, &socket_fds);
client_timeout.tv_sec = CLIENT_TIMEOUT;
client_timeout.tv_usec = 0;
ret = select(client->socket + 1, &socket_fds, NULL, NULL, &client_timeout);
ret = sock_poll_read(&client, NULL, 1, CLIENT_TIMEOUT * 1000);
http_add_header_field(&res.hdr, "Date", http_get_date(buf0, sizeof(buf0)));
http_add_header_field(&res.hdr, "Server", SERVER_STR);
if (ret <= 0) {
if (errno != 0) {
return 1;
}
if (errno != 0) return 1;
client_keep_alive = 0;
res.status = http_get_status(408);
goto respond;
@ -126,8 +120,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
}
hdr_connection = http_get_header_field(&req.hdr, "Connection");
client_keep_alive = hdr_connection != NULL &&
(strcmp(hdr_connection, "keep-alive") == 0 || strcmp(hdr_connection, "Keep-Alive") == 0);
client_keep_alive = (hdr_connection != NULL && (strstr(hdr_connection, "keep-alive") != NULL || strstr(hdr_connection, "Keep-Alive") != NULL));
host_ptr = http_get_header_field(&req.hdr, "Host");
if (host_ptr != NULL && strlen(host_ptr) > 255) {
host[0] = 0;
@ -153,7 +146,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
conf = get_host_config(host);
if (conf == NULL) {
print("Host unknown, redirecting to default");
print("Unknown host, redirecting to default");
res.status = http_get_status(307);
sprintf(buf0, "https://%s%s", DEFAULT_HOST, req.uri);
http_add_header_field(&res.hdr, "Location", buf0);
@ -161,7 +154,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
}
http_uri uri;
unsigned char dir_mode = conf->type == CONFIG_TYPE_LOCAL ? conf->local.dir_mode : URI_DIR_MODE_NO_VALIDATION;
unsigned char dir_mode = (conf->type == CONFIG_TYPE_LOCAL ? conf->local.dir_mode : URI_DIR_MODE_NO_VALIDATION);
ret = uri_init(&uri, conf->local.webroot, req.uri, dir_mode);
if (ret != 0) {
if (ret == 1) {
@ -218,11 +211,10 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
res.status = http_get_status(200);
http_add_header_field(&res.hdr, "Content-Type", "message/http");
content_length = snprintf(msg_buf, sizeof(msg_buf) - content_length, "%s %s HTTP/%s\r\n",
req.method, req.uri, req.version);
content_length = snprintf(msg_buf, sizeof(msg_buf) - content_length, "%s %s HTTP/%s\r\n", req.method, req.uri, req.version);
for (int i = 0; i < req.hdr.field_num; i++) {
content_length += snprintf(msg_buf + content_length, sizeof(msg_buf) - content_length, "%s: %s\r\n",
req.hdr.fields[i][0], req.hdr.fields[i][1]);
const http_field *f = &req.hdr.fields[i];
content_length += snprintf(msg_buf + content_length, sizeof(msg_buf) - content_length, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
}
goto respond;
@ -273,13 +265,13 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
sprintf(err_msg, "Unable to communicate with internal file cache.");
goto respond;
}
char *last_modified = http_format_date(uri.meta->stat.st_mtime, buf0, sizeof(buf0));
const char *last_modified = http_format_date(uri.meta->stat.st_mtime, buf0, sizeof(buf0));
http_add_header_field(&res.hdr, "Last-Modified", last_modified);
sprintf(buf1, "%s; charset=%s", uri.meta->type, uri.meta->charset);
http_add_header_field(&res.hdr, "Content-Type", buf1);
char *accept_encoding = http_get_header_field(&req.hdr, "Accept-Encoding");
const char *accept_encoding = http_get_header_field(&req.hdr, "Accept-Encoding");
int enc = 0;
if (accept_encoding != NULL) {
if (uri.meta->filename_comp_br[0] != 0 && strstr(accept_encoding, "br") != NULL) {
@ -306,8 +298,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
if (uri.meta->etag[0] != 0) {
if (enc) {
sprintf(buf0, "%s-%s", uri.meta->etag,
(enc & COMPRESS_BR) ? "br" : (enc & COMPRESS_GZ) ? "gzip" : "");
sprintf(buf0, "%s-%s", uri.meta->etag, (enc & COMPRESS_BR) ? "br" : (enc & COMPRESS_GZ) ? "gzip" : "");
http_add_header_field(&res.hdr, "ETag", buf0);
} else {
http_add_header_field(&res.hdr, "ETag", uri.meta->etag);
@ -320,16 +311,16 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
http_add_header_field(&res.hdr, "Cache-Control", "public, max-age=86400");
}
char *if_modified_since = http_get_header_field(&req.hdr, "If-Modified-Since");
char *if_none_match = http_get_header_field(&req.hdr, "If-None-Match");
const char *if_modified_since = http_get_header_field(&req.hdr, "If-Modified-Since");
const char *if_none_match = http_get_header_field(&req.hdr, "If-None-Match");
if ((if_none_match != NULL && strstr(if_none_match, uri.meta->etag) == NULL) ||
(accept_if_modified_since && if_modified_since != NULL &&
strcmp(if_modified_since, last_modified) == 0)) {
(accept_if_modified_since && if_modified_since != NULL && strcmp(if_modified_since, last_modified) == 0))
{
res.status = http_get_status(304);
goto respond;
}
char *range = http_get_header_field(&req.hdr, "Range");
const char *range = http_get_header_field(&req.hdr, "Range");
if (range != NULL) {
if (strlen(range) <= 6 || strncmp(range, "bytes=", 6) != 0) {
res.status = http_get_status(416);
@ -383,7 +374,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
} else {
int mode;
if (strcmp(uri.filename + strlen(uri.filename) - 4, ".ncr") == 0) {
mode = FASTCGI_NECRONDA;
mode = FASTCGI_SESIMOS;
} else if (strcmp(uri.filename + strlen(uri.filename) - 4, ".php") == 0) {
mode = FASTCGI_PHP;
} else {
@ -404,7 +395,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
goto respond;
}
char *client_content_length = http_get_header_field(&req.hdr, "Content-Length");
const char *client_content_length = http_get_header_field(&req.hdr, "Content-Length");
if (client_content_length != NULL) {
unsigned long client_content_len = strtoul(client_content_length, NULL, 10);
ret = fastcgi_receive(&fcgi_conn, client, client_content_len);
@ -426,7 +417,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
goto respond;
}
char *status = http_get_header_field(&res.hdr, "Status");
const char *status = http_get_header_field(&res.hdr, "Status");
if (status != NULL) {
int status_code = (int) strtoul(status, NULL, 10);
res.status = http_get_status(status_code);
@ -492,18 +483,37 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
ret = rev_proxy_init(&req, &res, &ctx, conf, client, &custom_status, err_msg);
use_rev_proxy = (ret == 0);
if (res.status->code == 101) {
const char *connection = http_get_header_field(&res.hdr, "Connection");
const char *upgrade = http_get_header_field(&res.hdr, "Upgrade");
if (connection != NULL && upgrade != NULL &&
(strstr(connection, "upgrade") != NULL || strstr(connection, "Upgrade") != NULL) &&
strcmp(upgrade, "websocket") == 0)
{
const char *ws_accept = http_get_header_field(&res.hdr, "Sec-WebSocket-Accept");
if (ws_calc_accept_key(ctx.ws_key, buf0) == 0) {
use_rev_proxy = (strcmp(buf0, ws_accept) == 0) ? 2 : 1;
}
} else {
print("Fail Test1");
ctx.status = 101;
ctx.origin = INTERNAL;
res.status = http_get_status(501);
}
}
// Let 300 be formatted by origin server
if (use_rev_proxy && res.status->code >= 301 && res.status->code < 600) {
const char *content_type = http_get_header_field(&res.hdr, "Content-Type");
const char *content_length_f = http_get_header_field(&res.hdr, "Content-Length");
const char *content_encoding = http_get_header_field(&res.hdr, "Content-Encoding");
if (content_encoding == NULL && content_type != NULL && content_length_f != NULL &&
strncmp(content_type, "text/html", 9) == 0)
{
if (content_encoding == NULL && content_type != NULL && content_length_f != NULL && strncmp(content_type, "text/html", 9) == 0) {
long content_len = strtol(content_length_f, NULL, 10);
if (content_len <= sizeof(msg_content) - 1) {
ctx.status = res.status->code;
ctx.origin = res.status->code >= 400 ? SERVER : NONE;
if (ctx.status != 101) {
ctx.status = res.status->code;
ctx.origin = res.status->code >= 400 ? SERVER : NONE;
}
use_rev_proxy = 0;
rev_proxy_dump(msg_content, content_len);
}
@ -561,12 +571,16 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
const http_doc_info *info = http_get_status_info(res.status);
const http_status_msg *http_msg = http_get_error_msg(res.status);
if (res.status->code >= 300 && res.status->code < 400 && msg_content[0] == 0) {
const char *location = http_get_header_field(&res.hdr, "Location");
if (location != NULL) {
snprintf(msg_content, sizeof(msg_content),
"<ul>\n\t<li><a href=\"%1$s\">%1$s</a></li>\n</ul>\n", location);
if (msg_content[0] == 0) {
if (res.status->code >= 300 && res.status->code < 400) {
const char *location = http_get_header_field(&res.hdr, "Location");
if (location != NULL) {
snprintf(msg_content, sizeof(msg_content), "<ul>\n\t<li><a href=\"%1$s\">%1$s</a></li>\n</ul>\n", location);
}
}
} else if (strncmp(msg_content, "<!DOCTYPE html>", 15) == 0 || strncmp(msg_content, "<html", 5) == 0) {
msg_content[0] = 0;
// TODO let relevant information pass?
}
char *rev_proxy_doc = "";
@ -592,8 +606,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
rev_proxy_doc = msg_pre_buf_2;
}
sprintf(msg_pre_buf_1, info->doc, res.status->code, res.status->msg,
http_msg != NULL ? http_msg->msg : "", err_msg[0] != 0 ? err_msg : "");
sprintf(msg_pre_buf_1, info->doc, res.status->code, res.status->msg, http_msg != NULL ? http_msg->msg : "", err_msg[0] != 0 ? err_msg : "");
content_length = snprintf(msg_buf, sizeof(msg_buf), http_default_document, res.status->code,
res.status->msg, msg_pre_buf_1, info->mode, info->icon, info->color, host,
rev_proxy_doc, msg_content[0] != 0 ? msg_content : "");
@ -607,21 +620,24 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
}
}
char *conn = http_get_header_field(&res.hdr, "Connection");
int close_proxy = conn == NULL || (strcmp(conn, "keep-alive") != 0 && strcmp(conn, "Keep-Alive") != 0);
http_remove_header_field(&res.hdr, "Connection", HTTP_REMOVE_ALL);
http_remove_header_field(&res.hdr, "Keep-Alive", HTTP_REMOVE_ALL);
if (server_keep_alive && client_keep_alive) {
http_add_header_field(&res.hdr, "Connection", "keep-alive");
sprintf(buf0, "timeout=%i, max=%i", CLIENT_TIMEOUT, REQ_PER_CONNECTION);
http_add_header_field(&res.hdr, "Keep-Alive", buf0);
} else {
http_add_header_field(&res.hdr, "Connection", "close");
int close_proxy = 0;
if (use_rev_proxy != 2) {
const char *conn = http_get_header_field(&res.hdr, "Connection");
close_proxy = (conn == NULL || (strstr(conn, "keep-alive") == NULL && strstr(conn, "Keep-Alive") == NULL));
http_remove_header_field(&res.hdr, "Connection", HTTP_REMOVE_ALL);
http_remove_header_field(&res.hdr, "Keep-Alive", HTTP_REMOVE_ALL);
if (server_keep_alive && client_keep_alive) {
http_add_header_field(&res.hdr, "Connection", "keep-alive");
sprintf(buf0, "timeout=%i, max=%i", CLIENT_TIMEOUT, REQ_PER_CONNECTION);
http_add_header_field(&res.hdr, "Keep-Alive", buf0);
} else {
http_add_header_field(&res.hdr, "Connection", "close");
}
}
http_send_response(client, &res);
clock_gettime(CLOCK_MONOTONIC, &end);
char *location = http_get_header_field(&res.hdr, "Location");
const char *location = http_get_header_field(&res.hdr, "Location");
unsigned long micros = (end.tv_nsec - begin.tv_nsec) / 1000 + (end.tv_sec - begin.tv_sec) * 1000000;
print("%s%s%03i %s%s%s (%s)%s", http_get_status_color(res.status), use_rev_proxy ? "-> " : "", res.status->code,
res.status->msg, location != NULL ? " -> " : "", location != NULL ? location : "",
@ -629,7 +645,17 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
// TODO access/error log file
if (strcmp(req.method, "HEAD") != 0) {
if (use_rev_proxy == 2) {
// WebSocket
print("Upgrading connection to WebSocket connection");
ret = ws_handle_connection(client, &rev_proxy);
if (ret != 0) {
client_keep_alive = 0;
close_proxy = 1;
}
print("WebSocket connection closed");
} else if (strcmp(req.method, "HEAD") != 0) {
// default response
unsigned long snd_len = 0;
unsigned long len;
if (msg_buf[0] != 0) {
@ -652,16 +678,16 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int
snd_len += ret;
}
} else if (use_fastcgi) {
char *transfer_encoding = http_get_header_field(&res.hdr, "Transfer-Encoding");
int chunked = transfer_encoding != NULL && strcmp(transfer_encoding, "chunked") == 0;
const char *transfer_encoding = http_get_header_field(&res.hdr, "Transfer-Encoding");
int chunked = (transfer_encoding != NULL && strcmp(transfer_encoding, "chunked") == 0);
int flags = (chunked ? FASTCGI_CHUNKED : 0) | (use_fastcgi & (FASTCGI_COMPRESS | FASTCGI_COMPRESS_HOLD));
ret = fastcgi_send(&fcgi_conn, client, flags);
} else if (use_rev_proxy) {
char *transfer_encoding = http_get_header_field(&res.hdr, "Transfer-Encoding");
const char *transfer_encoding = http_get_header_field(&res.hdr, "Transfer-Encoding");
int chunked = transfer_encoding != NULL && strstr(transfer_encoding, "chunked") != NULL;
char *content_len = http_get_header_field(&res.hdr, "Content-Length");
const char *content_len = http_get_header_field(&res.hdr, "Content-Length");
unsigned long len_to_send = 0;
if (content_len != NULL) {
len_to_send = strtol(content_len, NULL, 10);

20
src/client.h Normal file
View File

@ -0,0 +1,20 @@
/**
* sesimos - secure, simple, modern web server
* Client connection and request handlers (header file)
* src/client.h
* Lorenz Stechauner, 2022-08-16
*/
#ifndef SESIMOS_CLIENT_H
#define SESIMOS_CLIENT_H
#include "lib/config.h"
#include "lib/sock.h"
#include <arpa/inet.h>
host_config *get_host_config(const char *host);
int client_handler(sock *client, unsigned long client_num, struct sockaddr_in6 *client_addr);
#endif //SESIMOS_CLIENT_H

25
src/defs.h Normal file
View File

@ -0,0 +1,25 @@
/**
* sesimos - secure, simple, modern web server
* Definitions
* src/defs.h
* Lorenz Stechauner, 2021-05-04
*/
#ifndef SESIMOS_DEF_H
#define SESIMOS_DEF_H
#define SERVER_VERSION "4.6"
#define SERVER_STR "Sesimos/" SERVER_VERSION
#define SERVER_STR_HTML "Sesimos&nbsp;web&nbsp;server&nbsp;" SERVER_VERSION
#define CHUNK_SIZE 8192
#ifndef DEFAULT_HOST
# define DEFAULT_HOST "www.necronda.net"
#endif
#ifndef SERVER_NAME
# define SERVER_NAME DEFAULT_HOST
#endif
#endif //SESIMOS_DEF_H

42
src/lib/cache.c
View File

@ -1,5 +1,5 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* File cache implementation
* src/lib/cache.c
* Lorenz Stechauner, 2020-12-19
@ -8,6 +8,7 @@
#include "cache.h"
#include "utils.h"
#include "compress.h"
#include <stdio.h>
#include <magic.h>
#include <sys/ipc.h>
@ -18,6 +19,7 @@
#include <openssl/sha.h>
#include <malloc.h>
int cache_continue = 1;
magic_t magic;
cache_entry *cache;
@ -45,29 +47,29 @@ int cache_process() {
int shm_id = shmget(CACHE_SHM_KEY, CACHE_ENTRIES * sizeof(cache_entry), 0);
if (shm_id < 0) {
fprintf(stderr, ERR_STR "Unable to create shared memory: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to create cache shared memory: %s" CLR_STR "\n", strerror(errno));
return -1;
}
shmdt(cache);
void *shm_rw = shmat(shm_id, NULL, 0);
if (shm_rw == (void *) -1) {
fprintf(stderr, ERR_STR "Unable to attach shared memory (rw): %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to attach cache shared memory (rw): %s" CLR_STR "\n", strerror(errno));
return -2;
}
cache = shm_rw;
if (mkdir("/var/necronda/", 0755) < 0 && errno != EEXIST) {
fprintf(stderr, ERR_STR "Unable to create directory '/var/necronda/': %s" CLR_STR "\n", strerror(errno));
if (mkdir("/var/sesimos/", 0755) < 0 && errno != EEXIST) {
fprintf(stderr, ERR_STR "Unable to create directory '/var/sesimos/': %s" CLR_STR "\n", strerror(errno));
return -3;
}
if (mkdir("/var/necronda/server/", 0755) < 0 && errno != EEXIST) {
fprintf(stderr, ERR_STR "Unable to create directory '/var/necronda/server/': %s" CLR_STR "\n", strerror(errno));
if (mkdir("/var/sesimos/server/", 0755) < 0 && errno != EEXIST) {
fprintf(stderr, ERR_STR "Unable to create directory '/var/sesimos/server/': %s" CLR_STR "\n", strerror(errno));
return -3;
}
FILE *cache_file = fopen("/var/necronda/server/cache", "rb");
FILE *cache_file = fopen("/var/sesimos/server/cache", "rb");
if (cache_file != NULL) {
fread(cache, sizeof(cache_entry), CACHE_ENTRIES, cache_file);
fclose(cache_file);
@ -102,13 +104,13 @@ int cache_process() {
FILE *comp_file_gz = NULL;
FILE *comp_file_br = NULL;
if (compress) {
sprintf(buf, "%.*s/.necronda-server", cache[i].webroot_len, cache[i].filename);
sprintf(buf, "%.*s/.sesimos", cache[i].webroot_len, cache[i].filename);
if (mkdir(buf, 0755) != 0 && errno != EEXIST) {
fprintf(stderr, ERR_STR "Unable to create directory %s: %s" CLR_STR "\n", buf, strerror(errno));
goto comp_err;
}
sprintf(buf, "%.*s/.necronda-server/cache", cache[i].webroot_len, cache[i].filename);
sprintf(buf, "%.*s/.sesimos/cache", cache[i].webroot_len, cache[i].filename);
if (mkdir(buf, 0700) != 0 && errno != EEXIST) {
fprintf(stderr, ERR_STR "Unable to create directory %s: %s" CLR_STR "\n", buf, strerror(errno));
goto comp_err;
@ -123,10 +125,10 @@ int cache_process() {
buf[strlen(rel_path)] = 0;
p_len_gz = snprintf(filename_comp_gz, sizeof(filename_comp_gz),
"%.*s/.necronda-server/cache/%s.gz",
"%.*s/.sesimos/cache/%s.gz",
cache[i].webroot_len, cache[i].filename, buf);
p_len_br = snprintf(filename_comp_br, sizeof(filename_comp_br),
"%.*s/.necronda-server/cache/%s.br",
"%.*s/.sesimos/cache/%s.br",
cache[i].webroot_len, cache[i].filename, buf);
if (p_len_gz < 0 || p_len_gz >= sizeof(filename_comp_gz) ||
p_len_br < 0 || p_len_br >= sizeof(filename_comp_br))
@ -201,7 +203,7 @@ int cache_process() {
if (cache_changed) {
cache_changed = 0;
cache_file = fopen("/var/necronda/server/cache", "wb");
cache_file = fopen("/var/sesimos/server/cache", "wb");
if (cache_file == NULL) {
fprintf(stderr, ERR_STR "Unable to open cache file: %s" CLR_STR "\n", strerror(errno));
free(buf);
@ -226,20 +228,20 @@ int cache_init() {
int shm_id = shmget(CACHE_SHM_KEY, CACHE_ENTRIES * sizeof(cache_entry), IPC_CREAT | IPC_EXCL | 0600);
if (shm_id < 0) {
fprintf(stderr, ERR_STR "Unable to create shared memory: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to create cache shared memory: %s" CLR_STR "\n", strerror(errno));
return -2;
}
void *shm = shmat(shm_id, NULL, SHM_RDONLY);
if (shm == (void *) -1) {
fprintf(stderr, ERR_STR "Unable to attach shared memory (ro): %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to attach cache shared memory (ro): %s" CLR_STR "\n", strerror(errno));
return -3;
}
cache = shm;
void *shm_rw = shmat(shm_id, NULL, 0);
if (shm_rw == (void *) -1) {
fprintf(stderr, ERR_STR "Unable to attach shared memory (rw): %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to attach cache shared memory (rw): %s" CLR_STR "\n", strerror(errno));
return -4;
}
cache = shm_rw;
@ -268,11 +270,11 @@ int cache_init() {
int cache_unload() {
int shm_id = shmget(CACHE_SHM_KEY, 0, 0);
if (shm_id < 0) {
fprintf(stderr, ERR_STR "Unable to get shared memory id: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to get cache shared memory id: %s" CLR_STR "\n", strerror(errno));
shmdt(cache);
return -1;
} else if (shmctl(shm_id, IPC_RMID, NULL) < 0) {
fprintf(stderr, ERR_STR "Unable to configure shared memory: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to configure cache shared memory: %s" CLR_STR "\n", strerror(errno));
shmdt(cache);
return -1;
}
@ -285,7 +287,7 @@ int cache_update_entry(int entry_num, const char *filename, const char *webroot)
int shm_id = shmget(CACHE_SHM_KEY, 0, 0);
void *shm_rw = shmat(shm_id, NULL, 0);
if (shm_rw == (void *) -1) {
print(ERR_STR "Unable to attach shared memory (rw): %s" CLR_STR, strerror(errno));
print(ERR_STR "Unable to attach cache shared memory (rw): %s" CLR_STR, strerror(errno));
return -1;
}
cache = shm_rw;
@ -328,7 +330,7 @@ int cache_filename_comp_invalid(const char *filename) {
int shm_id = shmget(CACHE_SHM_KEY, 0, 0);
void *shm_rw = shmat(shm_id, NULL, 0);
if (shm_rw == (void *) -1) {
print(ERR_STR "Unable to attach shared memory (rw): %s" CLR_STR, strerror(errno));
print(ERR_STR "Unable to attach cache shared memory (rw): %s" CLR_STR, strerror(errno));
return -1;
}
cache = shm_rw;

8
src/lib/cache.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* File cache implementation (header file)
* src/lib/cache.h
* Lorenz Stechauner, 2020-12-19
*/
#ifndef NECRONDA_SERVER_CACHE_H
#define NECRONDA_SERVER_CACHE_H
#ifndef SESIMOS_CACHE_H
#define SESIMOS_CACHE_H
#include "uri.h"
@ -46,4 +46,4 @@ int cache_filename_comp_invalid(const char *filename);
int uri_cache_init(http_uri *uri);
#endif //NECRONDA_SERVER_CACHE_H
#endif //SESIMOS_CACHE_H

4
src/lib/compress.c
View File

@ -1,14 +1,16 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Compression interface
* src/lib/compress.c
* Lorenz Stechauner, 2021-05-05
*/
#include "compress.h"
#include <malloc.h>
#include <errno.h>
int compress_init(compress_ctx *ctx, int mode) {
ctx->gzip = NULL;
ctx->brotli = NULL;

8
src/lib/compress.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Compression interface (header file)
* src/lib/compress.h
* Lorenz Stechauner, 2021-05-05
*/
#ifndef NECRONDA_SERVER_COMPRESS_H
#define NECRONDA_SERVER_COMPRESS_H
#ifndef SESIMOS_COMPRESS_H
#define SESIMOS_COMPRESS_H
#include <zlib.h>
#include <brotli/encode.h>
@ -34,4 +34,4 @@ int compress_compress_mode(compress_ctx *ctx, int mode, const char *in, unsigned
int compress_free(compress_ctx *ctx);
#endif //NECRONDA_SERVER_COMPRESS_H
#endif //SESIMOS_COMPRESS_H

18
src/lib/config.c
View File

@ -1,5 +1,5 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Configuration file loader
* src/lib/config.c
* Lorenz Stechauner, 2021-01-05
@ -7,6 +7,7 @@
#include "config.h"
#include "utils.h"
#include <stdio.h>
#include <sys/ipc.h>
#include <sys/shm.h>
@ -14,26 +15,27 @@
#include <errno.h>
#include <stdlib.h>
t_config *config;
char geoip_dir[256], dns_server[256];
int config_init() {
int shm_id = shmget(CONFIG_SHM_KEY, sizeof(t_config), IPC_CREAT | IPC_EXCL | 0640);
if (shm_id < 0) {
fprintf(stderr, ERR_STR "Unable to create shared memory: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to create config shared memory: %s" CLR_STR "\n", strerror(errno));
return -1;
}
void *shm = shmat(shm_id, NULL, SHM_RDONLY);
if (shm == (void *) -1) {
fprintf(stderr, ERR_STR "Unable to attach shared memory (ro): %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to attach config shared memory (ro): %s" CLR_STR "\n", strerror(errno));
return -2;
}
config = shm;
void *shm_rw = shmat(shm_id, NULL, 0);
if (shm_rw == (void *) -1) {
fprintf(stderr, ERR_STR "Unable to attach shared memory (rw): %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to attach config shared memory (rw): %s" CLR_STR "\n", strerror(errno));
return -3;
}
config = shm_rw;
@ -46,11 +48,11 @@ int config_init() {
int config_unload() {
int shm_id = shmget(CONFIG_SHM_KEY, 0, 0);
if (shm_id < 0) {
fprintf(stderr, ERR_STR "Unable to get shared memory id: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to get config shared memory id: %s" CLR_STR "\n", strerror(errno));
shmdt(config);
return -1;
} else if (shmctl(shm_id, IPC_RMID, NULL) < 0) {
fprintf(stderr, ERR_STR "Unable to configure shared memory: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to configure config shared memory: %s" CLR_STR "\n", strerror(errno));
shmdt(config);
return -1;
}
@ -256,7 +258,7 @@ int config_load(const char *filename) {
int shm_id = shmget(CONFIG_SHM_KEY, 0, 0);
if (shm_id < 0) {
fprintf(stderr, ERR_STR "Unable to get shared memory id: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to get config shared memory id: %s" CLR_STR "\n", strerror(errno));
shmdt(config);
return -3;
}
@ -264,7 +266,7 @@ int config_load(const char *filename) {
void *shm_rw = shmat(shm_id, NULL, 0);
if (shm_rw == (void *) -1) {
free(tmp_config);
fprintf(stderr, ERR_STR "Unable to attach shared memory (rw): %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to attach config shared memory (rw): %s" CLR_STR "\n", strerror(errno));
return -4;
}
memcpy(shm_rw, tmp_config, sizeof(t_config));

10
src/lib/config.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Configuration file loader (header file)
* src/lib/config.h
* Lorenz Stechauner, 2021-01-05
*/
#ifndef NECRONDA_SERVER_CONFIG_H
#define NECRONDA_SERVER_CONFIG_H
#ifndef SESIMOS_CONFIG_H
#define SESIMOS_CONFIG_H
#include "uri.h"
@ -19,7 +19,7 @@
#define CONFIG_TYPE_REVERSE_PROXY 2
#ifndef DEFAULT_CONFIG_FILE
# define DEFAULT_CONFIG_FILE "/etc/necronda/server.conf"
# define DEFAULT_CONFIG_FILE "/etc/sesimos/server.conf"
#endif
@ -61,4 +61,4 @@ int config_load(const char *filename);
int config_unload();
#endif //NECRONDA_SERVER_CONFIG_H
#endif //SESIMOS_CONFIG_H

37
src/lib/fastcgi.c
View File

@ -1,5 +1,5 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* FastCGI interface implementation
* src/lib/fastcgi.c
* Lorenz Stechauner, 2020-12-26
@ -8,12 +8,14 @@
#include "fastcgi.h"
#include "utils.h"
#include "compress.h"
#include "../necronda-server.h"
#include "../server.h"
#include <sys/un.h>
#include <sys/socket.h>
#include <errno.h>
#include <string.h>
char *fastcgi_add_param(char *buf, const char *key, const char *value) {
char *ptr = buf;
unsigned long key_len = strlen(key);
@ -41,9 +43,9 @@ char *fastcgi_add_param(char *buf, const char *key, const char *value) {
ptr += 4;
}
memcpy(ptr, key, key_len);
strcpy(ptr, key);
ptr += key_len;
memcpy(ptr, value, val_len);
strcpy(ptr, value);
ptr += val_len;
return ptr;
@ -71,8 +73,8 @@ int fastcgi_init(fastcgi_conn *conn, int mode, unsigned int client_num, unsigned
conn->socket = fcgi_sock;
struct sockaddr_un sock_addr = {AF_UNIX};
if (conn->mode == FASTCGI_NECRONDA) {
snprintf(sock_addr.sun_path, sizeof(sock_addr.sun_path) - 1, "%s", NECRONDA_BACKEND_SOCKET);
if (conn->mode == FASTCGI_SESIMOS) {
snprintf(sock_addr.sun_path, sizeof(sock_addr.sun_path) - 1, "%s", SESIMOS_BACKEND_SOCKET);
} else if (conn->mode == FASTCGI_PHP) {
snprintf(sock_addr.sun_path, sizeof(sock_addr.sun_path) - 1, "%s", PHP_FPM_SOCKET);
}
@ -149,19 +151,21 @@ int fastcgi_init(fastcgi_conn *conn, int mode, unsigned int client_num, unsigned
param_ptr = fastcgi_add_param(param_ptr, "PATH_INFO", buf0);
//param_ptr = fastcgi_add_param(param_ptr, "AUTH_TYPE", "");
char *content_length = http_get_header_field(&req->hdr, "Content-Length");
const char *content_length = http_get_header_field(&req->hdr, "Content-Length");
param_ptr = fastcgi_add_param(param_ptr, "CONTENT_LENGTH", content_length != NULL ? content_length : "");
char *content_type = http_get_header_field(&req->hdr, "Content-Type");
const char *content_type = http_get_header_field(&req->hdr, "Content-Type");
param_ptr = fastcgi_add_param(param_ptr, "CONTENT_TYPE", content_type != NULL ? content_type : "");
if (client_geoip != NULL) {
param_ptr = fastcgi_add_param(param_ptr, "REMOTE_INFO", client_geoip);
}
for (int i = 0; i < req->hdr.field_num; i++) {
const http_field *f = &req->hdr.fields[i];
const char *name = http_field_get_name(f);
char *ptr = buf0;
ptr += sprintf(ptr, "HTTP_");
for (int j = 0; j < strlen(req->hdr.fields[i][0]); j++, ptr++) {
char ch = req->hdr.fields[i][0][j];
for (int j = 0; j < strlen(name); j++, ptr++) {
char ch = name[j];
if ((ch >= 'A' && ch <= 'Z') || (ch >= '0' && ch <= '9')) {
ch = ch;
} else if (ch >= 'a' && ch <= 'z') {
@ -172,7 +176,7 @@ int fastcgi_init(fastcgi_conn *conn, int mode, unsigned int client_num, unsigned
ptr[0] = ch;
ptr[1] = 0;
}
param_ptr = fastcgi_add_param(param_ptr, buf0, req->hdr.fields[i][1]);
param_ptr = fastcgi_add_param(param_ptr, buf0, http_field_get_value(f));
}
unsigned short param_len = param_ptr - param_buf - sizeof(header);
@ -219,7 +223,8 @@ int fastcgi_close_stdin(fastcgi_conn *conn) {
int fastcgi_php_error(const fastcgi_conn *conn, const char *msg, int msg_len, char *err_msg) {
char *msg_str = malloc(msg_len + 1);
char *ptr0 = msg_str;
strncpy(msg_str, msg, msg_len);
memcpy(msg_str, msg, msg_len);
msg_str[msg_len] = 0;
char *ptr1 = NULL;
int len;
int err = 0;
@ -339,7 +344,7 @@ int fastcgi_header(fastcgi_conn *conn, http_res *res, char *err_msg) {
free(content);
return 1;
} else if (header.type == FCGI_STDERR) {
// TODO implement Necronda backend error handling
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
err = err || fastcgi_php_error(conn, content, content_len, err_msg);
}
@ -382,7 +387,7 @@ int fastcgi_header(fastcgi_conn *conn, http_res *res, char *err_msg) {
return 1;
}
ret = http_parse_header_field(&res->hdr, ptr, pos0);
ret = http_parse_header_field(&res->hdr, ptr, pos0, 0);
if (ret != 0) return (int) ret;
if (pos0[2] == '\r' && pos0[3] == '\n') {
return 0;
@ -480,7 +485,7 @@ int fastcgi_send(fastcgi_conn *conn, sock *client, int flags) {
return 0;
} else if (header.type == FCGI_STDERR) {
// TODO implement Necronda backend error handling
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
fastcgi_php_error(conn, content, content_len, buf0);
}
@ -566,7 +571,7 @@ int fastcgi_dump(fastcgi_conn *conn, char *buf, long len) {
return 0;
} else if (header.type == FCGI_STDERR) {
// TODO implement Necronda backend error handling
// TODO implement Sesimos backend error handling
if (conn->mode == FASTCGI_PHP) {
fastcgi_php_error(conn, content, content_len, buf0);
}

12
src/lib/fastcgi.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* FastCGI interface implementation (header file)
* src/lib/fastcgi.h
* Lorenz Stechauner, 2020-12-26
*/
#ifndef NECRONDA_SERVER_FASTCGI_H
#define NECRONDA_SERVER_FASTCGI_H
#ifndef SESIMOS_FASTCGI_H
#define SESIMOS_FASTCGI_H
#include "include/fastcgi.h"
#include "http.h"
@ -19,13 +19,13 @@
#define FASTCGI_COMPRESS_HOLD 8
#define FASTCGI_PHP 1
#define FASTCGI_NECRONDA 2
#define FASTCGI_SESIMOS 2
#ifndef PHP_FPM_SOCKET
# define PHP_FPM_SOCKET "/var/run/php-fpm/php-fpm.sock"
#endif
#define NECRONDA_BACKEND_SOCKET "/var/run/necronda/necronda-backend.sock"
#define SESIMOS_BACKEND_SOCKET "/var/run/sesimos/backend.sock"
typedef struct {
int mode;
@ -54,4 +54,4 @@ int fastcgi_dump(fastcgi_conn *conn, char *buf, long len);
int fastcgi_receive(fastcgi_conn *conn, sock *client, unsigned long len);
#endif //NECRONDA_SERVER_FASTCGI_H
#endif //SESIMOS_FASTCGI_H

3
src/lib/geoip.c
View File

@ -1,5 +1,5 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* MaxMind GeoIP Database interface
* src/lib/geoip.c
* Lorenz Stechauner, 2021-05-04
@ -7,6 +7,7 @@
#include "geoip.h"
MMDB_entry_data_list_s *mmdb_json(MMDB_entry_data_list_s *list, char *str, long *str_off, long str_len) {
switch (list->entry_data.type) {
case MMDB_DATA_TYPE_MAP:

8
src/lib/geoip.h
View File

@ -1,13 +1,13 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* MaxMind GeoIP Database interface (header file)
* src/lib/geoip.h
* Lorenz Stechauner, 2021-05-04
*/
#ifndef NECRONDA_SERVER_GEOIP_H
#define NECRONDA_SERVER_GEOIP_H
#ifndef SESIMOS_GEOIP_H
#define SESIMOS_GEOIP_H
#include <maxminddb.h>
@ -15,4 +15,4 @@
MMDB_entry_data_list_s *mmdb_json(MMDB_entry_data_list_s *list, char *str, long *str_off, long str_len);
#endif //NECRONDA_SERVER_GEOIP_H
#endif //SESIMOS_GEOIP_H

238
src/lib/http.c
View File

@ -1,5 +1,5 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* HTTP implementation
* src/lib/http.c
* Lorenz Stechauner, 2020-12-09
@ -8,11 +8,15 @@
#include "http.h"
#include "utils.h"
#include "compress.h"
#include <string.h>
void http_to_camel_case(char *str, int mode) {
char last = '-';
char ch;
if (mode == HTTP_PRESERVE)
return;
char ch, last = '-';
for (int i = 0; i < strlen(str); i++) {
ch = str[i];
if (mode == HTTP_CAMEL && last == '-' && ch >= 'a' && ch <= 'z') {
@ -24,12 +28,50 @@ void http_to_camel_case(char *str, int mode) {
}
}
const char *http_field_get_name(const http_field *field) {
if (field->type == HTTP_FIELD_NORMAL) {
return field->normal.name;
} else if (field->type == HTTP_FIELD_EX_VALUE) {
return field->ex_value.name;
} else if (field->type == HTTP_FIELD_EX_NAME) {
return field->ex_name.name;
}
return NULL;
}
const char *http_field_get_value(const http_field *field) {
if (field->type == HTTP_FIELD_NORMAL) {
return field->normal.value;
} else if (field->type == HTTP_FIELD_EX_VALUE) {
return field->ex_value.value;
} else if (field->type == HTTP_FIELD_EX_NAME) {
return field->ex_name.value;
}
return NULL;
}
void http_free_field(http_field *f) {
if (f->type == HTTP_FIELD_NORMAL) {
f->normal.name[0] = 0;
f->normal.value[0] = 0;
} else if (f->type == HTTP_FIELD_EX_VALUE) {
f->ex_value.name[0] = 0;
free(f->ex_value.value);
f->ex_value.value = NULL;
} else if (f->type == HTTP_FIELD_EX_NAME) {
free(f->ex_name.name);
free(f->ex_name.value);
f->ex_name.name = NULL;
f->ex_name.value = NULL;
}
}
void http_free_hdr(http_hdr *hdr) {
for (int i = 0; i < hdr->field_num; i++) {
free(hdr->fields[i][0]);
free(hdr->fields[i][1]);
http_free_field(&hdr->fields[i]);
}
hdr->field_num = 0;
hdr->last_field_num = -1;
}
void http_free_req(http_req *req) {
@ -42,45 +84,64 @@ void http_free_res(http_res *res) {
http_free_hdr(&res->hdr);
}
int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr) {
char *pos1 = memchr(buf, ':', end_ptr - buf);
char *pos2;
int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr, int flags) {
if (hdr->last_field_num > hdr->field_num) {
print(ERR_STR "Unable to parse header: Invalid state" CLR_STR);
return 3;
}
char *pos1 = (char *) buf, *pos2 = (char *) end_ptr;
if (buf[0] == ' ' || buf[0] == '\t') {
if (hdr->last_field_num == -1) {
print(ERR_STR "Unable to parse header" CLR_STR);
return 3;
}
http_field *f = &hdr->fields[(int) hdr->last_field_num];
str_trim_lws(&pos1, &pos2);
http_append_to_header_field(f, pos1, pos2 - pos1);
return 0;
}
pos1 = memchr(buf, ':', end_ptr - buf);
if (pos1 == NULL) {
print(ERR_STR "Unable to parse header" CLR_STR);
return 3;
}
long len = pos1 - buf;
hdr->fields[(int) hdr->field_num][0] = malloc(len + 1);
sprintf(hdr->fields[(int) hdr->field_num][0], "%.*s", (int) len, buf);
http_to_camel_case(hdr->fields[(int) hdr->field_num][0], HTTP_CAMEL);
long len1 = pos1 - buf;
pos1++;
pos2 = (char *) end_ptr - 1;
while (pos1[0] == ' ') pos1++;
while (pos2[0] == ' ') pos2--;
len = pos2 - pos1 + 1;
str_trim_lws(&pos1, &pos2);
long len2 = pos2 - pos1;
if (len <= 0) {
hdr->fields[(int) hdr->field_num][1] = malloc(1);
hdr->fields[(int) hdr->field_num][1][0] = 0;
char field_num = hdr->field_num;
int found = http_get_header_field_num_len(hdr, buf, len1);
if (!(flags & HTTP_MERGE_FIELDS) || found == -1) {
if (http_add_header_field_len(hdr, buf, len1, pos1, len2 < 0 ? 0 : len2) != 0) {
print(ERR_STR "Unable to parse header: Too many header fields" CLR_STR);
return 3;
}
} else {
hdr->fields[(int) hdr->field_num][1] = malloc(len + 1);
sprintf(hdr->fields[(int) hdr->field_num][1], "%.*s", (int) len, pos1);
field_num = (char) found;
http_append_to_header_field(&hdr->fields[found], ", ", 2);
http_append_to_header_field(&hdr->fields[found], pos1, len2);
}
hdr->field_num++;
hdr->last_field_num = (char) field_num;
return 0;
}
int http_receive_request(sock *client, http_req *req) {
long rcv_len, len;
char *ptr, *pos0, *pos1, *pos2;
char buf[CLIENT_MAX_HEADER_SIZE];
char *ptr, *pos0 = buf, *pos1, *pos2;
memset(buf, 0, sizeof(buf));
memset(req->method, 0, sizeof(req->method));
memset(req->version, 0, sizeof(req->version));
req->uri = NULL;
req->hdr.field_num = 0;
req->hdr.last_field_num = -1;
while (1) {
rcv_len = sock_recv(client, buf, CLIENT_MAX_HEADER_SIZE, 0);
@ -144,7 +205,7 @@ int http_receive_request(sock *client, http_req *req) {
sprintf(req->uri, "%.*s", (int) len, pos1);
sprintf(req->version, "%.3s", pos2 + 5);
} else {
int ret = http_parse_header_field(&req->hdr, ptr, pos0);
int ret = http_parse_header_field(&req->hdr, ptr, pos0, HTTP_MERGE_FIELDS);
if (ret != 0) return ret;
}
ptr = pos0 + 2;
@ -164,31 +225,95 @@ int http_receive_request(sock *client, http_req *req) {
return 0;
}
char *http_get_header_field(const http_hdr *hdr, const char *field_name) {
char field_name_1[256], field_name_2[256];
strcpy(field_name_1, field_name);
http_to_camel_case(field_name_1, HTTP_LOWER);
for (int i = 0; i < hdr->field_num; i++) {
strcpy(field_name_2, hdr->fields[i][0]);
http_to_camel_case(field_name_2, HTTP_LOWER);
if (strcmp(field_name_1, field_name_2) == 0) {
return hdr->fields[i][1];
}
}
return NULL;
const char *http_get_header_field(const http_hdr *hdr, const char *field_name) {
return http_get_header_field_len(hdr, field_name, strlen(field_name));
}
void http_add_header_field(http_hdr *hdr, const char *field_name, const char *field_value) {
size_t len_name = strlen(field_name);
size_t len_value = strlen(field_value);
char *_field_name = malloc(len_name + 1);
char *_field_value = malloc(len_value + 1);
strcpy(_field_name, field_name);
strcpy(_field_value, field_value);
http_to_camel_case(_field_name, HTTP_PRESERVE);
hdr->fields[(int) hdr->field_num][0] = _field_name;
hdr->fields[(int) hdr->field_num][1] = _field_value;
const char *http_get_header_field_len(const http_hdr *hdr, const char *field_name, unsigned long len) {
int num = http_get_header_field_num_len(hdr, field_name, len);
return (num >= 0 && num < HTTP_MAX_HEADER_FIELD_NUM) ? http_field_get_value(&hdr->fields[num]) : NULL;
}
int http_get_header_field_num(const http_hdr *hdr, const char *field_name) {
return http_get_header_field_num_len(hdr, field_name, strlen(field_name));
}
int http_get_header_field_num_len(const http_hdr *hdr, const char *field_name, unsigned long len) {
char field_name_1[256], field_name_2[256];
memcpy(field_name_1, field_name, len);
field_name_1[len] = 0;
http_to_camel_case(field_name_1, HTTP_LOWER);
for (int i = 0; i < hdr->field_num; i++) {
strcpy(field_name_2, http_field_get_name(&hdr->fields[i]));
http_to_camel_case(field_name_2, HTTP_LOWER);
if (strcmp(field_name_1, field_name_2) == 0)
return i;
}
return -1;
}
int http_add_header_field(http_hdr *hdr, const char *field_name, const char *field_value) {
return http_add_header_field_len(hdr, field_name, strlen(field_name), field_value, strlen(field_value));
}
int http_add_header_field_len(http_hdr *hdr, const char *name, unsigned long name_len, const char *value, unsigned long value_len) {
if (hdr->field_num >= HTTP_MAX_HEADER_FIELD_NUM)
return -1;
http_field *f = &hdr->fields[(int) hdr->field_num];
if (name_len < sizeof(f->normal.name) && value_len < sizeof(f->normal.value)) {
f->type = HTTP_FIELD_NORMAL;
memcpy(f->normal.name, name, name_len);
memcpy(f->normal.value, value, value_len);
f->normal.name[name_len] = 0;
f->normal.value[value_len] = 0;
http_to_camel_case(f->normal.name, HTTP_PRESERVE);
} else if (name_len < sizeof(f->ex_value.name)) {
f->type = HTTP_FIELD_EX_VALUE;
f->ex_value.value = malloc(value_len + 1);
memcpy(f->ex_value.name, name, name_len);
memcpy(f->ex_value.value, value, value_len);
f->ex_value.name[name_len] = 0;
f->ex_value.value[value_len] = 0;
http_to_camel_case(f->ex_value.name, HTTP_PRESERVE);
} else {
f->type = HTTP_FIELD_EX_NAME;
f->ex_name.name = malloc(name_len + 1);
f->ex_name.value = malloc(value_len + 1);
memcpy(f->ex_name.name, name, name_len);
memcpy(f->ex_name.value, value, value_len);
f->ex_name.name[name_len] = 0;
f->ex_name.value[value_len] = 0;
http_to_camel_case(f->ex_name.name, HTTP_PRESERVE);
}
hdr->field_num++;
return 0;
}
void http_append_to_header_field(http_field *field, const char *value, unsigned long len) {
if (field->type == HTTP_FIELD_NORMAL) {
unsigned long total_len = strlen(field->normal.value) + len + 1;
if (total_len < sizeof(field->normal.value)) {
strncat(field->normal.value, value, len);
} else {
field->type = HTTP_FIELD_EX_VALUE;
char *new = malloc(total_len);
strcpy(new, field->normal.value);
strncat(new, value, len);
field->ex_value.value = new;
}
} else if (field->type == HTTP_FIELD_EX_VALUE) {
field->ex_value.value = realloc(field->ex_value.value, strlen(field->ex_value.value) + len + 1);
strncat(field->ex_value.value, value, len);
} else if (field->type == HTTP_FIELD_EX_NAME) {
field->ex_name.value = realloc(field->ex_name.value, strlen(field->ex_name.value) + len + 1);
strncat(field->ex_name.value, value, len);
}
}
void http_remove_header_field(http_hdr *hdr, const char *field_name, int mode) {
@ -203,12 +328,11 @@ void http_remove_header_field(http_hdr *hdr, const char *field_name, int mode) {
diff = -1;
}
for (; i < hdr->field_num && i >= 0; i += diff) {
strcpy(field_name_2, hdr->fields[i][0]);
strcpy(field_name_2, http_field_get_name(&hdr->fields[i]));
http_to_camel_case(field_name_2, HTTP_LOWER);
if (strcmp(field_name_1, field_name_2) == 0) {
for (int j = i; j < hdr->field_num - 1; j++) {
memcpy(hdr->fields[j], hdr->fields[j + 1], sizeof(hdr->fields[0]));
}
http_free_field(&hdr->fields[i]);
memmove(&hdr->fields[i], &hdr->fields[i + 1], sizeof(hdr->fields[0]) * (hdr->field_num - i));
hdr->field_num--;
if (mode == HTTP_REMOVE_ALL) {
i -= diff;
@ -223,7 +347,8 @@ int http_send_response(sock *client, http_res *res) {
char buf[CLIENT_MAX_HEADER_SIZE];
long off = sprintf(buf, "HTTP/%s %03i %s\r\n", res->version, res->status->code, res->status->msg);
for (int i = 0; i < res->hdr.field_num; i++) {
off += sprintf(buf + off, "%s: %s\r\n", res->hdr.fields[i][0], res->hdr.fields[i][1]);
const http_field *f = &res->hdr.fields[i];
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
}
off += sprintf(buf + off, "\r\n");
if (sock_send(client, buf, off, 0) < 0) {
@ -236,7 +361,8 @@ int http_send_request(sock *server, http_req *req) {
char buf[CLIENT_MAX_HEADER_SIZE];
long off = sprintf(buf, "%s %s HTTP/%s\r\n", req->method, req->uri, req->version);
for (int i = 0; i < req->hdr.field_num; i++) {
off += sprintf(buf + off, "%s: %s\r\n", req->hdr.fields[i][0], req->hdr.fields[i][1]);
const http_field *f = &req->hdr.fields[i];
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
}
off += sprintf(buf + off, "\r\n");
long ret = sock_send(server, buf, off, 0);
@ -314,9 +440,9 @@ const http_doc_info *http_get_status_info(const http_status *status) {
}
int http_get_compression(const http_req *req, const http_res *res) {
char *accept_encoding = http_get_header_field(&req->hdr, "Accept-Encoding");
char *content_type = http_get_header_field(&res->hdr, "Content-Type");
char *content_encoding = http_get_header_field(&res->hdr, "Content-Encoding");
const char *accept_encoding = http_get_header_field(&req->hdr, "Accept-Encoding");
const char *content_type = http_get_header_field(&res->hdr, "Content-Type");
const char *content_encoding = http_get_header_field(&res->hdr, "Content-Encoding");
if (mime_is_compressible(content_type) && content_encoding == NULL && accept_encoding != NULL) {
if (strstr(accept_encoding, "br") != NULL) {
return COMPRESS_BR;

63
src/lib/http.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* HTTP implementation (header file)
* src/lib/http.h
* Lorenz Stechauner, 2020-12-09
*/
#ifndef NECRONDA_SERVER_HTTP_H
#define NECRONDA_SERVER_HTTP_H
#ifndef SESIMOS_HTTP_H
#define SESIMOS_HTTP_H
#include "sock.h"
@ -18,6 +18,12 @@
#define HTTP_REMOVE_ALL 1
#define HTTP_REMOVE_LAST 2
#define HTTP_FIELD_NORMAL 0
#define HTTP_FIELD_EX_VALUE 1
#define HTTP_FIELD_EX_NAME 2
#define HTTP_MERGE_FIELDS 1
#define HTTP_1XX_STR "\x1B[1;32m"
#define HTTP_2XX_STR "\x1B[1;32m"
#define HTTP_3XX_STR "\x1B[1;33m"
@ -30,13 +36,14 @@
#define HTTP_COLOR_ERROR "#C00000"
#define CLIENT_MAX_HEADER_SIZE 8192
#define HTTP_MAX_HEADER_FIELD_NUM 64
#ifndef SERVER_STR
# define SERVER_STR "Necronda"
# define SERVER_STR "Sesimos"
#endif
#ifndef SERVER_STR_HTML
# define SERVER_STR_HTML "Necronda&nbsp;web&nbsp;server"
# define SERVER_STR_HTML "Sesimos&nbsp;web&nbsp;server"
#endif
typedef struct {
@ -57,9 +64,28 @@ typedef struct {
const char *doc;
} http_doc_info;
typedef struct {
char type;
union {
struct {
char name[64];
char value[192];
} normal;
struct {
char name[192];
char *value;
} ex_value;
struct {
char *name;
char *value;
} ex_name;
};
} http_field;
typedef struct {
char field_num;
char *fields[64][2];
char last_field_num;
http_field fields[HTTP_MAX_HEADER_FIELD_NUM];
} http_hdr;
typedef struct {
@ -82,6 +108,7 @@ typedef enum {
typedef struct {
unsigned short status;
http_error_origin origin;
const char* ws_key;
} http_status_ctx;
extern const http_status http_statuses[];
@ -102,6 +129,12 @@ extern const char http_info_icon[];
void http_to_camel_case(char *str, int mode);
const char *http_field_get_name(const http_field *field);
const char *http_field_get_value(const http_field *field);
void http_free_field(http_field *f);
void http_free_hdr(http_hdr *hdr);
void http_free_req(http_req *req);
@ -110,11 +143,21 @@ void http_free_res(http_res *res);
int http_receive_request(sock *client, http_req *req);
int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr) ;
int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr, int flags);
char *http_get_header_field(const http_hdr *hdr, const char *field_name);
const char *http_get_header_field(const http_hdr *hdr, const char *field_name);
void http_add_header_field(http_hdr *hdr, const char *field_name, const char *field_value);
const char *http_get_header_field_len(const http_hdr *hdr, const char *field_name, unsigned long len);
int http_get_header_field_num(const http_hdr *hdr, const char *field_name);
int http_get_header_field_num_len(const http_hdr *hdr, const char *field_name, unsigned long len);
int http_add_header_field(http_hdr *hdr, const char *field_name, const char *field_value);
int http_add_header_field_len(http_hdr *hdr, const char *name, unsigned long name_len, const char *value, unsigned long value_len);
void http_append_to_header_field(http_field *field, const char *value, unsigned long len);
void http_remove_header_field(http_hdr *hdr, const char *field_name, int mode);
@ -136,4 +179,4 @@ const http_doc_info *http_get_status_info(const http_status *status);
int http_get_compression(const http_req *req, const http_res *res);
#endif //NECRONDA_SERVER_HTTP_H
#endif //SESIMOS_HTTP_H

5
src/lib/http_static.c
View File

@ -1,13 +1,14 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* HTTP static implementation
* src/lib/http_static.c
* Lorenz Stechauner, 2021-05-03
*/
#include "../necronda.h"
#include "../defs.h"
#include "http.h"
const http_status http_statuses[] = {
{100, "Informational", "Continue"},
{101, "Informational", "Switching Protocols"},

8
src/lib/include/fastcgi.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* FastCGI header file
* src/lib/include/fastcgi.h
* Lorenz Stechauner, 2021-05-03
*/
#ifndef NECRONDA_SERVER_EXTERN_FASTCGI_H
#define NECRONDA_SERVER_EXTERN_FASTCGI_H
#ifndef SESIMOS_EXTERN_FASTCGI_H
#define SESIMOS_EXTERN_FASTCGI_H
/*
* Listening socket file number
@ -119,4 +119,4 @@ typedef struct {
FCGI_UnknownTypeBody body;
} FCGI_UnknownTypeRecord;
#endif //NECRONDA_SERVER_EXTERN_FASTCGI_H
#endif //SESIMOS_EXTERN_FASTCGI_H

107
src/lib/rev_proxy.c
View File

@ -1,14 +1,16 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Reverse proxy
* src/lib/rev_proxy.c
* Lorenz Stechauner, 2021-01-07
*/
#include "../defs.h"
#include "../server.h"
#include "rev_proxy.h"
#include "utils.h"
#include "compress.h"
#include "../necronda-server.h"
#include <openssl/ssl.h>
#include <string.h>
#include <errno.h>
@ -16,6 +18,7 @@
#include <arpa/inet.h>
#include <sys/time.h>
sock rev_proxy;
char *rev_proxy_host = NULL;
struct timeval server_timeout = {.tv_sec = SERVER_TIMEOUT, .tv_usec = 0};
@ -29,13 +32,10 @@ int rev_proxy_preload() {
}
int rev_proxy_request_header(http_req *req, int enc) {
char buf1[256];
char buf2[256];
char buf1[256], buf2[256];
int p_len;
http_remove_header_field(&req->hdr, "Connection", HTTP_REMOVE_ALL);
http_add_header_field(&req->hdr, "Connection", "keep-alive");
char *via = http_get_header_field(&req->hdr, "Via");
const char *via = http_get_header_field(&req->hdr, "Via");
sprintf(buf1, "HTTP/%s %s", req->version, SERVER_NAME);
if (via == NULL) {
http_add_header_field(&req->hdr, "Via", buf1);
@ -49,10 +49,10 @@ int rev_proxy_request_header(http_req *req, int enc) {
http_add_header_field(&req->hdr, "Via", buf2);
}
char *host = http_get_header_field(&req->hdr, "Host");
char *forwarded = http_get_header_field(&req->hdr, "Forwarded");
const char *host = http_get_header_field(&req->hdr, "Host");
const char *forwarded = http_get_header_field(&req->hdr, "Forwarded");
int client_ipv6 = strchr(client_addr_str, ':') != NULL;
int server_ipv6 = strchr(server_addr_str, ':') != NULL;
int server_ipv6 = strchr(server_addr_str, ':') != NULL;
p_len = snprintf(buf1, sizeof(buf1), "by=%s%s%s;for=%s%s%s;host=%s;proto=%s",
server_ipv6 ? "\"[" : "", server_addr_str, server_ipv6 ? "]\"" : "",
@ -62,6 +62,7 @@ int rev_proxy_request_header(http_req *req, int enc) {
print(ERR_STR "Appended part of header field 'Forwarded' too long" CLR_STR);
return -1;
}
if (forwarded == NULL) {
http_add_header_field(&req->hdr, "Forwarded", buf1);
} else {
@ -74,7 +75,7 @@ int rev_proxy_request_header(http_req *req, int enc) {
http_add_header_field(&req->hdr, "Forwarded", buf2);
}
char *xff = http_get_header_field(&req->hdr, "X-Forwarded-For");
const char *xff = http_get_header_field(&req->hdr, "X-Forwarded-For");
if (xff == NULL) {
http_add_header_field(&req->hdr, "X-Forwarded-For", client_addr_str);
} else {
@ -83,7 +84,7 @@ int rev_proxy_request_header(http_req *req, int enc) {
http_add_header_field(&req->hdr, "X-Forwarded-For", buf1);
}
char *xfh = http_get_header_field(&req->hdr, "X-Forwarded-Host");
const char *xfh = http_get_header_field(&req->hdr, "X-Forwarded-Host");
if (xfh == NULL) {
if (forwarded == NULL) {
http_add_header_field(&req->hdr, "X-Forwarded-Host", host);
@ -104,7 +105,7 @@ int rev_proxy_request_header(http_req *req, int enc) {
}
}
char *xfp = http_get_header_field(&req->hdr, "X-Forwarded-Proto");
const char *xfp = http_get_header_field(&req->hdr, "X-Forwarded-Proto");
if (xfp == NULL) {
if (forwarded == NULL) {
http_add_header_field(&req->hdr, "X-Forwarded-Proto", enc ? "https" : "http");
@ -128,12 +129,11 @@ int rev_proxy_request_header(http_req *req, int enc) {
return 0;
}
int rev_proxy_response_header(http_req *req, http_res *res) {
char buf1[256];
char buf2[256];
int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) {
char buf1[256], buf2[256];
int p_len;
char *via = http_get_header_field(&res->hdr, "Via");
const char *via = http_get_header_field(&res->hdr, "Via");
p_len = snprintf(buf1, sizeof(buf1), "HTTP/%s %s", req->version, SERVER_NAME);
if (p_len < 0 || p_len >= sizeof(buf1)) {
print(ERR_STR "Appended part of header field 'Via' too long" CLR_STR);
@ -151,19 +151,44 @@ int rev_proxy_response_header(http_req *req, http_res *res) {
http_add_header_field(&res->hdr, "Via", buf2);
}
const char *location = http_get_header_field(&res->hdr, "Location");
if (location != NULL) {
char *hostnames[] = {conf->name, conf->rev_proxy.hostname};
for (int i = 0; i < sizeof(hostnames) / sizeof(hostnames[0]); i++) {
char *hostname = hostnames[i];
p_len = snprintf(buf1, sizeof(buf1), "http://%s/", hostname);
if (strncmp(location, buf1, p_len) == 0) goto match;
p_len = snprintf(buf1, sizeof(buf1), "https://%s/", hostname);
if (strncmp(location, buf1, p_len) == 0) goto match;
p_len = snprintf(buf1, sizeof(buf1), "http://%s:%i/", hostname, conf->rev_proxy.port);
if (strncmp(location, buf1, p_len) == 0) goto match;
p_len = snprintf(buf1, sizeof(buf1), "https://%s:%i/", hostname, conf->rev_proxy.port);
if (strncmp(location, buf1, p_len) == 0) goto match;
}
if (0) {
match:
strcpy(buf1, location + p_len - 1);
http_remove_header_field(&res->hdr, "Location", HTTP_REMOVE_ALL);
http_add_header_field(&res->hdr, "Location", buf1);
}
}
return 0;
}
int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_config *conf, sock *client,
http_status *custom_status, char *err_msg) {
int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_config *conf, sock *client, http_status *custom_status, char *err_msg) {
char buffer[CHUNK_SIZE];
const char *connection, *upgrade, *ws_version;
long ret;
int tries = 0;
int retry = 0;
int tries = 0, retry = 0;
if (rev_proxy.socket != 0 && strcmp(rev_proxy_host, conf->name) == 0 && sock_check(&rev_proxy) == 0) {
if (rev_proxy.socket != 0 && strcmp(rev_proxy_host, conf->name) == 0 && sock_check(&rev_proxy) == 0)
goto rev_proxy;
}
retry:
if (rev_proxy.socket != 0) {
@ -264,6 +289,22 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
print(BLUE_STR "Established new connection with " BLD_STR "[%s]:%i" CLR_STR, buffer, conf->rev_proxy.port);
rev_proxy:
connection = http_get_header_field(&req->hdr, "Connection");
if (connection != NULL && (strstr(connection, "upgrade") != NULL || strstr(connection, "Upgrade") != NULL)) {
upgrade = http_get_header_field(&req->hdr, "Upgrade");
ws_version = http_get_header_field(&req->hdr, "Sec-WebSocket-Version");
if (upgrade != NULL && ws_version != NULL && strcmp(upgrade, "websocket") == 0 && strcmp(ws_version, "13") == 0) {
ctx->ws_key = http_get_header_field(&req->hdr, "Sec-WebSocket-Key");
} else {
res->status = http_get_status(501);
ctx->origin = INTERNAL;
return -1;
}
} else {
http_remove_header_field(&req->hdr, "Connection", HTTP_REMOVE_ALL);
http_add_header_field(&req->hdr, "Connection", "keep-alive");
}
ret = rev_proxy_request_header(req, (int) client->enc);
if (ret != 0) {
res->status = http_get_status(500);
@ -281,7 +322,7 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
goto proxy_err;
}
char *content_length = http_get_header_field(&req->hdr, "Content-Length");
const char *content_length = http_get_header_field(&req->hdr, "Content-Length");
if (content_length != NULL) {
unsigned long content_len = strtoul(content_length, NULL, 10);
if (client->buf_len - client->buf_off > 0) {
@ -338,6 +379,7 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
}
print(ERR_STR "Unable to receive response from server: %s" CLR_STR, sock_strerror(&rev_proxy));
sprintf(err_msg, "Unable to receive response from server: %s.", sock_strerror(&rev_proxy));
retry = tries < 4;
goto proxy_err;
}
@ -396,7 +438,7 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
goto proxy_err;
}
} else {
ret = http_parse_header_field(&res->hdr, ptr, pos0);
ret = http_parse_header_field(&res->hdr, ptr, pos0, 0);
if (ret != 0) {
res->status = http_get_status(502);
ctx->origin = SERVER_RES;
@ -412,7 +454,7 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
}
sock_recv(&rev_proxy, buffer, header_len, 0);
ret = rev_proxy_response_header(req, res);
ret = rev_proxy_response_header(req, res, conf);
if (ret != 0) {
res->status = http_get_status(500);
ctx->origin = INTERNAL;
@ -427,14 +469,9 @@ int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_conf
}
int rev_proxy_send(sock *client, unsigned long len_to_send, int flags) {
// TODO handle websockets
long ret;
char buffer[CHUNK_SIZE];
char comp_out[CHUNK_SIZE];
char buf[256];
long len, snd_len;
char buffer[CHUNK_SIZE], comp_out[CHUNK_SIZE], buf[256], *ptr;
long ret = 0, len, snd_len;
int finish_comp = 0;
char *ptr;
compress_ctx comp_ctx;
if (flags & REV_PROXY_COMPRESS_BR) {
@ -471,6 +508,7 @@ int rev_proxy_send(sock *client, unsigned long len_to_send, int flags) {
if (len_to_send == 0 && (flags & REV_PROXY_COMPRESS)) {
finish_comp = 1;
len = 0;
ptr = NULL;
goto out;
finish:
compress_free(&comp_ctx);
@ -492,8 +530,7 @@ int rev_proxy_send(sock *client, unsigned long len_to_send, int flags) {
long buf_len = len;
if (flags & REV_PROXY_COMPRESS) {
avail_out = sizeof(comp_out);
compress_compress(&comp_ctx, next_in + len - avail_in, &avail_in, comp_out, &avail_out,
finish_comp);
compress_compress(&comp_ctx, next_in + len - avail_in, &avail_in, comp_out, &avail_out, finish_comp);
ptr = comp_out;
buf_len = (int) (sizeof(comp_out) - avail_out);
snd_len += (long) (len - avail_in);

10
src/lib/rev_proxy.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Reverse proxy (header file)
* src/lib/rev_proxy.h
* Lorenz Stechauner, 2021-01-07
*/
#ifndef NECRONDA_SERVER_REV_PROXY_H
#define NECRONDA_SERVER_REV_PROXY_H
#ifndef SESIMOS_REV_PROXY_H
#define SESIMOS_REV_PROXY_H
#define REV_PROXY_CHUNKED 1
#define REV_PROXY_COMPRESS_GZ 2
@ -26,7 +26,7 @@ int rev_proxy_preload();
int rev_proxy_request_header(http_req *req, int enc);
int rev_proxy_response_header(http_req *req, http_res *res);
int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf);
int rev_proxy_init(http_req *req, http_res *res, http_status_ctx *ctx, host_config *conf, sock *client,
http_status *custom_status, char *err_msg);
@ -35,4 +35,4 @@ int rev_proxy_send(sock *client, unsigned long len_to_send, int flags);
int rev_proxy_dump(char *buf, long len);
#endif //NECRONDA_SERVER_REV_PROXY_H
#endif //SESIMOS_REV_PROXY_H

31
src/lib/sock.c
View File

@ -1,16 +1,19 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Basic TCP and TLS socket
* src/lib/sock.c
* Lorenz Stechauner, 2021-01-07
*/
#include "sock.h"
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <string.h>
#include <sys/socket.h>
#include <unistd.h>
#include <poll.h>
int sock_enc_error(sock *s) {
return (int) s->enc ? SSL_get_error(s->ssl, (int) s->_last_ret) : 0;
@ -116,3 +119,29 @@ int sock_check(sock *s) {
char buf;
return recv(s->socket, &buf, 1, MSG_PEEK | MSG_DONTWAIT) == 1;
}
int sock_poll(sock *sockets[], sock *ready[], short events, int n_sock, int timeout_ms) {
struct pollfd fds[n_sock];
for (int i = 0; i < n_sock; i++) {
fds[i].fd = sockets[i]->socket;
fds[i].events = events;
}
int ret = poll(fds, n_sock, timeout_ms);
if (ret < 0 || ready == NULL) return ret;
int j = 0;
for (int i = 0; i < n_sock; i++) {
if (fds[i].revents & events)
ready[j++] = sockets[i];
}
return j;
}
int sock_poll_read(sock *sockets[], sock *readable[], int n_sock, int timeout_ms) {
return sock_poll(sockets, readable, POLLIN, n_sock, timeout_ms);
}
int sock_poll_write(sock *sockets[], sock *writable[], int n_sock, int timeout_ms) {
return sock_poll(sockets, writable, POLLOUT, n_sock, timeout_ms);
}

15
src/lib/sock.h
View File

@ -1,14 +1,15 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Basic TCP and TLS socket (header file)
* src/lib/sock.h
* Lorenz Stechauner, 2021-01-07
*/
#ifndef NECRONDA_SERVER_SOCK_H
#define NECRONDA_SERVER_SOCK_H
#ifndef SESIMOS_SOCK_H
#define SESIMOS_SOCK_H
#include <openssl/crypto.h>
#include <sys/socket.h>
typedef struct {
unsigned int enc:1;
@ -37,4 +38,10 @@ int sock_close(sock *s);
int sock_check(sock *s);
#endif //NECRONDA_SERVER_SOCK_H
int sock_poll(sock *sockets[], sock *readable[], short events, int n_sock, int timeout_ms);
int sock_poll_read(sock *sockets[], sock *readable[], int n_sock, int timeout_ms);
int sock_poll_write(sock *sockets[], sock *writable[], int n_sock, int timeout_ms);
#endif //SESIMOS_SOCK_H

4
src/lib/uri.c
View File

@ -1,5 +1,5 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* URI and path handlers
* src/lib/uri.c
* Lorenz Stechauner, 2020-12-13
@ -7,9 +7,11 @@
#include "uri.h"
#include "utils.h"
#include <stdlib.h>
#include <string.h>
int path_is_directory(const char *path) {
struct stat statbuf;
return stat(path, &statbuf) == 0 && S_ISDIR(statbuf.st_mode) != 0;

8
src/lib/uri.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* URI and path handlers (header file)
* src/lib/uri.h
* Lorenz Stechauner, 2020-12-13
*/
#ifndef NECRONDA_SERVER_URI_H
#define NECRONDA_SERVER_URI_H
#ifndef SESIMOS_URI_H
#define SESIMOS_URI_H
#include <sys/stat.h>
@ -44,4 +44,4 @@ int uri_init_cache(http_uri *uri);
void uri_free(http_uri *uri);
#endif //NECRONDA_SERVER_URI_H
#endif //SESIMOS_URI_H

63
src/lib/utils.c
View File

@ -1,15 +1,17 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Utilities
* src/lib/utils.c
* Lorenz Stechauner, 2020-12-03
*/
#include "utils.h"
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
char *log_prefix;
char *format_duration(unsigned long micros, char *buf) {
@ -124,7 +126,6 @@ int mime_is_compressible(const char *type) {
strcmp(type_parsed, "application/vnd.ms-fontobject") == 0 ||
strcmp(type_parsed, "application/x-font-ttf") == 0 ||
strcmp(type_parsed, "application/x-javascript") == 0 ||
strcmp(type_parsed, "application/x-web-app-manifest+json") == 0 ||
strcmp(type_parsed, "font/eot") == 0 ||
strcmp(type_parsed, "font/opentype") == 0 ||
strcmp(type_parsed, "image/bmp") == 0 ||
@ -135,11 +136,63 @@ int mime_is_compressible(const char *type) {
}
int strcpy_rem_webroot(char *dst, const char *src, long len, const char *webroot) {
strncpy(dst, src, len);
if (webroot == NULL) return 0;
memcpy(dst, src, len);
dst[len] = 0;
if (webroot == NULL)
return 0;
char *pos;
const unsigned long webroot_len = strlen(webroot);
if (webroot_len == 0)
return 0;
while ((pos = strstr(dst, webroot)) != NULL) {
strcpy(pos, pos + strlen(webroot));
strcpy(pos, pos + webroot_len);
}
return 0;
}
int str_trim(char **start, char **end) {
if (start == NULL || end == NULL || *start == NULL || *end == NULL)
return -1;
(*end)--;
while (*start[0] == ' ' || *start[0] == '\t' || *start[0] == '\r' || *start[0] == '\n') (*start)++;
while (*end[0] == ' ' || *end[0] == '\t' || *end[0] == '\r' || *end[0] == '\n') (*end)--;
(*end)++;
return 0;
}
int str_trim_lws(char **start, char **end) {
if (start == NULL || end == NULL || *start == NULL || *end == NULL)
return -1;
(*end)--;
while (*start[0] == ' ' || *start[0] == '\t') (*start)++;
while (*end[0] == ' ' || *end[0] == '\t') (*end)--;
(*end)++;
return 0;
}
int base64_encode(void *data, unsigned long data_len, char *output, unsigned long *output_len) {
unsigned long out_len = 4 * ((data_len + 2) / 3);
if (output_len != NULL) *output_len = out_len;
for (int i = 0, j = 0; i < data_len;) {
unsigned int octet_a = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int octet_b = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int octet_c = (i < data_len) ? ((unsigned char *) data)[i++] : 0;
unsigned int triple = (octet_a << 0x10) + (octet_b << 0x08) + octet_c;
output[j++] = base64_encode_table[(triple >> 3 * 6) & 0x3F];
output[j++] = base64_encode_table[(triple >> 2 * 6) & 0x3F];
output[j++] = base64_encode_table[(triple >> 1 * 6) & 0x3F];
output[j++] = base64_encode_table[(triple >> 0 * 6) & 0x3F];
}
for (int i = 0; i < base64_mod_table[data_len % 3]; i++)
output[out_len - 1 - i] = '=';
output[out_len] = 0;
return 0;
}

18
src/lib/utils.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Utilities (header file)
* src/lib/utils.h
* Lorenz Stechauner, 2020-12-03
*/
#ifndef NECRONDA_SERVER_UTILS_H
#define NECRONDA_SERVER_UTILS_H
#ifndef SESIMOS_UTILS_H
#define SESIMOS_UTILS_H
#include <stdio.h>
@ -20,6 +20,10 @@
extern char *log_prefix;
static const char base64_encode_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const int base64_mod_table[3] = {0, 2, 1};
#define out_1(fmt) fprintf(stdout, "%s" fmt "\n", log_prefix)
#define out_2(fmt, args...) fprintf(stdout, "%s" fmt "\n", log_prefix, args)
@ -42,4 +46,10 @@ int mime_is_compressible(const char *type);
int strcpy_rem_webroot(char *dst, const char *str, long len, const char *webroot);
#endif //NECRONDA_SERVER_UTILS_H
int str_trim(char **start, char **end);
int str_trim_lws(char **start, char **end);
int base64_encode(void *data, unsigned long data_len, char *output, unsigned long *output_len);
#endif //SESIMOS_UTILS_H

201
src/lib/websocket.c Normal file
View File

@ -0,0 +1,201 @@
/**
* sesimos - secure, simple, modern web server
* WebSocket reverse proxy
* src/lib/websocket.c
* Lorenz Stechauner, 2022-08-16
*/
#include "../defs.h"
#include "websocket.h"
#include "utils.h"
#include <string.h>
#include <openssl/sha.h>
#include <errno.h>
#include <signal.h>
int terminate = 0;
void ws_terminate() {
terminate = 1;
}
int ws_calc_accept_key(const char *key, char *accept_key) {
if (key == NULL || accept_key == NULL)
return -1;
char input[256] = "";
unsigned char output[SHA_DIGEST_LENGTH];
strcat(input, key);
strcat(input, ws_key_uuid);
if (SHA1((unsigned char *) input, strlen(input), output) == NULL) {
return -2;
}
base64_encode(output, sizeof(output), accept_key, NULL);
return 0;
}
int ws_recv_frame_header(sock *s, ws_frame *frame) {
unsigned char buf[12];
long ret = sock_recv(s, buf, 2, 0);
if (ret < 0) {
print(ERR_STR "Unable to receive from socket: %s" CLR_STR, strerror(errno));
return -1;
} else if (ret != 2) {
print(ERR_STR "Unable to receive 2 bytes from socket" CLR_STR);
return -2;
}
unsigned short bits = (buf[0] << 8) | buf[1];
frame->f_fin = (bits >> 15) & 1;
frame->f_rsv1 = (bits >> 14) & 1;
frame->f_rsv2 = (bits >> 13) & 1;
frame->f_rsv3 = (bits >> 12) & 1;
frame->opcode = (bits >> 8) & 0xF;
frame->f_mask = (bits >> 7) & 1;
unsigned short len = (bits & 0x7F);
int remaining = frame->f_mask ? 4 : 0;
if (len == 126) {
remaining += 2;
} else if (len == 127) {
remaining += 8;
}
ret = sock_recv(s, buf, remaining, 0);
if (ret < 0) {
print(ERR_STR "Unable to receive from socket: %s" CLR_STR, strerror(errno));
return -1;
} else if (ret != remaining) {
print(ERR_STR "Unable to receive correct number of bytes from socket" CLR_STR);
return -2;
}
if (len == 126) {
frame->len = (((unsigned long) buf[0]) << 8) | ((unsigned long) buf[1]);
} else if (len == 127) {
frame->len =
(((unsigned long) buf[0]) << 56) |
(((unsigned long) buf[1]) << 48) |
(((unsigned long) buf[2]) << 40) |
(((unsigned long) buf[3]) << 32) |
(((unsigned long) buf[4]) << 24) |
(((unsigned long) buf[5]) << 16) |
(((unsigned long) buf[6]) << 8) |
(((unsigned long) buf[7]) << 0);
} else {
frame->len = len;
}
if (frame->f_mask) memcpy(frame->masking_key, buf + (remaining - 4), 4);
return 0;
}
int ws_send_frame_header(sock *s, ws_frame *frame) {
unsigned char buf[14], *ptr = buf;
unsigned short len;
if (frame->len > 0x7FFF) {
len = 127;
} else if (frame->len > 125) {
len = 126;
} else {
len = frame->len;
}
unsigned short bits =
(frame->f_fin << 15) |
(frame->f_rsv1 << 14) |
(frame->f_rsv2 << 13) |
(frame->f_rsv3 << 12) |
(frame->opcode << 8) |
(frame->f_mask << 7) |
len;
ptr++[0] = bits >> 8;
ptr++[0] = bits & 0xFF;
if (len >= 126) {
for (int i = (len == 126 ? 2 : 8) - 1; i >= 0; i--)
ptr++[0] = (unsigned char) ((frame->len >> (i * 8)) & 0xFF);
}
if (frame->f_mask) {
memcpy(ptr, frame->masking_key, 4);
ptr += 4;
}
long ret = sock_send(s, buf, ptr - buf, frame->len != 0 ? MSG_MORE : 0);
if (ret < 0) {
print(ERR_STR "Unable to send to socket: %s" CLR_STR, strerror(errno));
return -1;
} else if (ret != ptr - buf) {
print(ERR_STR "Unable to send to socket" CLR_STR);
return -2;
}
return 0;
}
int ws_handle_connection(sock *s1, sock *s2) {
sock *poll_socks[2] = {s1, s2};
sock *readable[2];
int n_sock = 2;
ws_frame frame;
char buf[CHUNK_SIZE];
int poll, closes = 0;
long ret;
signal(SIGINT, ws_terminate);
signal(SIGTERM, ws_terminate);
while (!terminate && closes != 3) {
poll = sock_poll_read(poll_socks, readable, n_sock, WS_TIMEOUT * 1000);
if (terminate) {
break;
} else if (poll < 0) {
print(ERR_STR "Unable to poll sockets: %s" CLR_STR, strerror(errno));
return -1;
} else if (poll == 0) {
print(ERR_STR "Connection timed out" CLR_STR);
return -2;
}
for (int i = 0; i < poll; i++) {
sock *s = readable[i];
sock *o = (s == s1) ? s2 : s1;
if (ws_recv_frame_header(s, &frame) != 0) return -3;
if (frame.opcode == 0x8) {
n_sock--;
if (s == s1) {
poll_socks[0] = s2;
closes |= 1;
} else {
closes |= 2;
}
}
if (ws_send_frame_header(o, &frame) != 0) return -3;
if (frame.len > 0) {
ret = sock_splice(o, s, buf, sizeof(buf), frame.len);
if (ret < 0) {
print(ERR_STR "Unable to forward data in WebSocket: %s" CLR_STR, strerror(errno));
return -3;
} else if (ret != frame.len) {
print(ERR_STR "Unable to forward correct number of bytes in WebSocket" CLR_STR);
return -3;
}
}
}
}
return 0;
}

36
src/lib/websocket.h Normal file
View File

@ -0,0 +1,36 @@
/**
* sesimos - secure, simple, modern web server
* WebSocket reverse proxy (header file)
* src/lib/websocket.h
* Lorenz Stechauner, 2022-08-16
*/
#ifndef SESIMOS_WEBSOCKET_H
#define SESIMOS_WEBSOCKET_H
#include "sock.h"
#define WS_TIMEOUT 3600
const char *ws_key_uuid = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
typedef struct {
unsigned char f_fin:1;
unsigned char f_rsv1:1;
unsigned char f_rsv2:1;
unsigned char f_rsv3:1;
unsigned char opcode:4;
unsigned char f_mask:1;
unsigned long len;
char masking_key[4];
} ws_frame;
int ws_calc_accept_key(const char *key, char *accept_key);
int ws_recv_frame_header(sock *s, ws_frame *frame);
int ws_send_frame_header(sock *s, ws_frame *frame);
int ws_handle_connection(sock *s1, sock *s2);
#endif //SESIMOS_WEBSOCKET_H

23
src/necronda.h
View File

@ -1,23 +0,0 @@
/**
* Necronda Web Server
* Definitions
* src/necronda.h
* Lorenz Stechauner, 2021-05-04
*/
#ifndef NECRONDA_SERVER_NECRONDA_H
#define NECRONDA_SERVER_NECRONDA_H
#define NECRONDA_VERSION "4.5"
#define SERVER_STR "Necronda/" NECRONDA_VERSION
#define SERVER_STR_HTML "Necronda&nbsp;web&nbsp;server&nbsp;" NECRONDA_VERSION
#ifndef DEFAULT_HOST
# define DEFAULT_HOST "www.necronda.net"
#endif
#ifndef SERVER_NAME
# define SERVER_NAME DEFAULT_HOST
#endif
#endif //NECRONDA_SERVER_NECRONDA_H

76
src/necronda-server.c → src/server.c
View File

@ -1,27 +1,28 @@
/**
* Necronda Web Server
* Sesimos - secure, simple, modern web server
* Main executable
* src/necronda-server.c
* src/server.c
* Lorenz Stechauner, 2020-12-03
*/
#define _POSIX_C_SOURCE 199309L
#include "necronda.h"
#include "necronda-server.h"
#include "client.c"
#include "defs.h"
#include "server.h"
#include "client.h"
#include "lib/cache.h"
#include "lib/config.h"
#include "lib/sock.h"
#include "lib/rev_proxy.h"
#include "lib/geoip.h"
#include "lib/utils.h"
#include <stdio.h>
#include <sys/socket.h>
#include <signal.h>
#include <unistd.h>
#include <sys/select.h>
#include <poll.h>
#include <string.h>
#include <errno.h>
#include <arpa/inet.h>
@ -33,6 +34,7 @@
#include <openssl/conf.h>
#include <dirent.h>
int active = 1;
const char *config_file;
int sockets[NUM_SOCKETS];
@ -65,13 +67,11 @@ void destroy() {
if (children[i] != 0) {
ret = waitpid(children[i], &status, WNOHANG);
if (ret < 0) {
fprintf(stderr, ERR_STR "Unable to wait for child process (PID %i): %s" CLR_STR "\n",
children[i], strerror(errno));
fprintf(stderr, ERR_STR "Unable to wait for child process (PID %i): %s" CLR_STR "\n", children[i], strerror(errno));
} else if (ret == children[i]) {
children[i] = 0;
if (status != 0) {
fprintf(stderr, ERR_STR "Child process with PID %i terminated with exit code %i" CLR_STR "\n",
ret, status);
fprintf(stderr, ERR_STR "Child process with PID %i terminated with exit code %i" CLR_STR "\n", ret, status);
}
} else {
kill(children[i], SIGKILL);
@ -106,13 +106,11 @@ void terminate() {
if (children[i] != 0) {
ret = waitpid(children[i], &status, WNOHANG);
if (ret < 0) {
fprintf(stderr, ERR_STR "Unable to wait for child process (PID %i): %s" CLR_STR "\n",
children[i], strerror(errno));
fprintf(stderr, ERR_STR "Unable to wait for child process (PID %i): %s" CLR_STR "\n", children[i], strerror(errno));
} else if (ret == children[i]) {
children[i] = 0;
if (status != 0) {
fprintf(stderr, ERR_STR "Child process with PID %i terminated with exit code %i" CLR_STR "\n",
ret, status);
fprintf(stderr, ERR_STR "Child process with PID %i terminated with exit code %i" CLR_STR "\n", ret, status);
}
} else {
kill(children[i], SIGTERM);
@ -129,13 +127,11 @@ void terminate() {
if (children[i] != 0) {
ret = waitpid(children[i], &status, 0);
if (ret < 0) {
fprintf(stderr, ERR_STR "Unable to wait for child process (PID %i): %s" CLR_STR "\n",
children[i], strerror(errno));
fprintf(stderr, ERR_STR "Unable to wait for child process (PID %i): %s" CLR_STR "\n", children[i], strerror(errno));
} else if (ret == children[i]) {
children[i] = 0;
if (status != 0) {
fprintf(stderr, ERR_STR "Child process with PID %i terminated with exit code %i" CLR_STR "\n",
ret, status);
fprintf(stderr, ERR_STR "Child process with PID %i terminated with exit code %i" CLR_STR "\n", ret, status);
}
}
}
@ -158,8 +154,7 @@ void terminate() {
int main(int argc, const char *argv[]) {
const int YES = 1;
fd_set socket_fds, read_socket_fds;
int max_socket_fd = 0;
struct pollfd poll_fds[NUM_SOCKETS];
int ready_sockets_num;
long client_num = 0;
char buf[1024];
@ -174,8 +169,6 @@ int main(int argc, const char *argv[]) {
memset(children, 0, sizeof(children));
memset(mmdbs, 0, sizeof(mmdbs));
struct timeval timeout;
const struct sockaddr_in6 addresses[2] = {
{.sin6_family = AF_INET6, .sin6_addr = IN6ADDR_ANY_INIT, .sin6_port = htons(80)},
{.sin6_family = AF_INET6, .sin6_addr = IN6ADDR_ANY_INIT, .sin6_port = htons(443)}
@ -185,7 +178,7 @@ int main(int argc, const char *argv[]) {
fprintf(stderr, ERR_STR "Unable to set stdout to line-buffered mode: %s" CLR_STR, strerror(errno));
return 1;
}
printf("Necronda Web Server " NECRONDA_VERSION "\n");
printf("Sesimos web server " SERVER_VERSION "\n");
ret = config_init();
if (ret != 0) {
@ -196,7 +189,7 @@ int main(int argc, const char *argv[]) {
for (int i = 1; i < argc; i++) {
const char *arg = argv[i];
if (strcmp(arg, "-h") == 0 || strcmp(arg, "--help") == 0) {
printf("Usage: necronda-server [-h] [-c <CONFIG-FILE>]\n"
printf("Usage: sesimos [-h] [-c <CONFIG-FILE>]\n"
"\n"
"Options:\n"
" -c, --config <CONFIG-FILE> path to the config file. If not provided, default will be used\n"
@ -316,15 +309,15 @@ int main(int argc, const char *argv[]) {
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
if (SSL_CTX_use_certificate_chain_file(ctx, conf->full_chain) != 1) {
fprintf(stderr, ERR_STR "Unable to load certificate chain file: %s: %s" CLR_STR "\n",
ERR_reason_error_string(ERR_get_error()), conf->full_chain);
fprintf(stderr, ERR_STR "Unable to load certificate chain file: %s: %s" CLR_STR "\n", ERR_reason_error_string(ERR_get_error()), conf->full_chain);
config_unload();
cache_unload();
return 1;
}
if (SSL_CTX_use_PrivateKey_file(ctx, conf->priv_key, SSL_FILETYPE_PEM) != 1) {
fprintf(stderr, ERR_STR "Unable to load private key file: %s: %s" CLR_STR "\n",
ERR_reason_error_string(ERR_get_error()), conf->priv_key);
fprintf(stderr, ERR_STR "Unable to load private key file: %s: %s" CLR_STR "\n", ERR_reason_error_string(ERR_get_error()), conf->priv_key);
config_unload();
cache_unload();
return 1;
}
}
@ -338,33 +331,28 @@ int main(int argc, const char *argv[]) {
if (listen(sockets[i], LISTEN_BACKLOG) < 0) {
fprintf(stderr, ERR_STR "Unable to listen on socket %i: %s" CLR_STR "\n", i, strerror(errno));
config_unload();
cache_unload();
return 1;
}
}
FD_ZERO(&socket_fds);
for (int i = 0; i < NUM_SOCKETS; i++) {
FD_SET(sockets[i], &socket_fds);
if (sockets[i] > max_socket_fd) {
max_socket_fd = sockets[i];
}
poll_fds[i].fd = sockets[i];
poll_fds[i].events = POLLIN;
}
fprintf(stderr, "Ready to accept connections\n");
while (active) {
timeout.tv_sec = 1;
timeout.tv_usec = 0;
read_socket_fds = socket_fds;
ready_sockets_num = select(max_socket_fd + 1, &read_socket_fds, NULL, NULL, &timeout);
ready_sockets_num = poll(poll_fds, NUM_SOCKETS, 1000);
if (ready_sockets_num < 0) {
fprintf(stderr, ERR_STR "Unable to select sockets: %s" CLR_STR "\n", strerror(errno));
fprintf(stderr, ERR_STR "Unable to poll sockets: %s" CLR_STR "\n", strerror(errno));
terminate();
return 1;
}
for (int i = 0; i < NUM_SOCKETS; i++) {
if (FD_ISSET(sockets[i], &read_socket_fds)) {
if (poll_fds[i].revents & POLLIN) {
client_fd = accept(sockets[i], (struct sockaddr *) &client_addr, &client_addr_len);
if (client_fd < 0) {
fprintf(stderr, ERR_STR "Unable to accept connection: %s" CLR_STR "\n", strerror(errno));
@ -378,7 +366,7 @@ int main(int argc, const char *argv[]) {
signal(SIGTERM, SIG_IGN);
client.socket = client_fd;
client.enc = i == 1;
client.enc = (i == 1);
return client_handler(&client, client_num, &client_addr);
} else if (pid > 0) {
// parent
@ -402,18 +390,18 @@ int main(int argc, const char *argv[]) {
if (children[i] != 0) {
ret = waitpid(children[i], &status, WNOHANG);
if (ret < 0) {
fprintf(stderr, ERR_STR "Unable to wait for child process (PID %i): %s" CLR_STR "\n",
children[i], strerror(errno));
fprintf(stderr, ERR_STR "Unable to wait for child process (PID %i): %s" CLR_STR "\n", children[i], strerror(errno));
} else if (ret == children[i]) {
children[i] = 0;
if (status != 0) {
fprintf(stderr, ERR_STR "Child process with PID %i terminated with exit code %i" CLR_STR "\n",
ret, status);
fprintf(stderr, ERR_STR "Child process with PID %i terminated with exit code %i" CLR_STR "\n", ret, status);
}
}
}
}
}
config_unload();
cache_unload();
return 0;
}

11
src/necronda-server.h → src/server.h
View File

@ -1,12 +1,12 @@
/**
* Necronda Web Server
* sesimos - secure, simple, modern web server
* Main executable (header file)
* src/necronda-server.h
* src/server.h
* Lorenz Stechauner, 2020-12-03
*/
#ifndef NECRONDA_SERVER_NECRONDA_SERVER_H
#define NECRONDA_SERVER_NECRONDA_SERVER_H
#ifndef SESIMOS_SERVER_H
#define SESIMOS_SERVER_H
#include <sys/time.h>
#include <maxminddb.h>
@ -20,7 +20,6 @@
#define SERVER_TIMEOUT_INIT 4
#define SERVER_TIMEOUT 3600
#define CHUNK_SIZE 8192
extern int sockets[NUM_SOCKETS];
extern pid_t children[MAX_CHILDREN];
@ -31,4 +30,4 @@ extern char *log_client_prefix, *log_conn_prefix, *log_req_prefix, *client_geoip
extern char *client_addr_str, *client_addr_str_ptr, *server_addr_str, *server_addr_str_ptr, *client_host_str;
extern struct timeval client_timeout;
#endif //NECRONDA_SERVER_NECRONDA_SERVER_H
#endif //SESIMOS_SERVER_H