rdelaage/gmid
1
0
Fork 0
mirror of https://github.com/omar-polo/gmid.git synced 2024-09-03 10:07:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
0d8ca45a28
gmid/gmid.c
Omar Polo 0d8ca45a28
explicitly require TLS 1.2 or 1.3 
it's the default, but just in case (since gemini spec explicitly talks
about 1.3 as "default" and 1.2 for ease of implementation)
2020-10-03 12:24:14 +02:00

436 lines
7.9 KiB
C
Raw Blame History

/*
* Copyright (c) 2020 Omar Polo <op@omarpolo.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/socket.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <assert.h>
#include <err.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <tls.h>
#include <unistd.h>
#ifndef __OpenBSD__
# define pledge(a, b) 0
# define unveil(a, b) 0
#endif /* __OpenBSD__ */
#define GEMINI_URL_LEN (1024+3) /* URL max len + \r\n + \0 */
/* large enough to hold a copy of a gemini URL and still have room */
#define PATHBUF (2048)
#define FILEBUF 1024
#define SUCCESS 20
#define NOT_FOUND 51
#define BAD_REQUEST 59
int dirfd;
char *
url_after_proto(char *url)
{
char *s;
const char *proto = "gemini";
const char *marker = "://";
if ((s = strstr(url, marker)) == NULL)
return url;
/* not a gemini:// URL */
if (s - strlen(proto) < url)
return NULL;
/* TODO: */
/* if (strcmp(s - strlen(proto), proto)) */
/* return NULL; */
/* a valid gemini:// URL */
return s + strlen(marker);
}
char *
url_start_of_request(char *url)
{
char *s, *t;
if ((s = url_after_proto(url)) == NULL)
return NULL;
if ((t = strstr(s, "/")) == NULL)
return s + strlen(s);
return t;
}
int
url_trim(char *url)
{
const char *e = "\r\n";
char *s;
if ((s = strstr(url, e)) == NULL)
return 0;
s[0] = '\0';
s[1] = '\0';
if (s[2] != '\0') {
fprintf(stderr, "last byte of request isn't NULL\n");
return 0;
}
return 1;
}
void
adjust_path(char *path)
{
char *s;
size_t len;
/* /.. -> / */
len = strlen(path);
if (len >= 3) {
if (!strcmp(&path[len-3], "/..")) {
path[len-2] = '\0';
}
}
/* if the path is only `..` trim out and exit */
if (!strcmp(path, "..")) {
path[0] = '\0';
return;
}
/* remove every ../ in the path */
while (1) {
if ((s = strstr(path, "../")) == NULL)
return;
memmove(s - 3, s, strlen(s)+1); /* copy also the \0 */
}
}
int
path_isdir(char *path)
{
size_t len;
if (*path == '\0')
return 1;
len = strlen(path);
/* len >= 1 */
if (path[len-1] == '/')
return 1;
return 0;
}
void
start_reply(struct tls *ctx, int code, const char *reason)
{
char buf[1030] = {0}; /* status + ' ' + max reply len + \r\n\0 */
int len;
len = snprintf(buf, sizeof(buf), "%d %s\r\n", code, reason);
assert(len < (int)sizeof(buf));
tls_write(ctx, buf, len);
}
int
isdir(int fd)
{
struct stat sb;
if (fstat(fd, &sb) == -1) {
warn("fstat");
return 1; /* we'll fail later on anyway */
}
return S_ISDIR(sb.st_mode);
}
void senddir(char*, struct tls*);
void
sendfile(char *path, struct tls *ctx)
{
int fd;
char fpath[PATHBUF];
char buf[FILEBUF];
size_t i;
ssize_t t, w;
bzero(fpath, sizeof(fpath));
if (*path != '.')
strlcpy(fpath, ".", PATHBUF);
strlcat(fpath, path, PATHBUF);
if ((fd = openat(dirfd, fpath, O_RDONLY | O_NOFOLLOW)) == -1) {
warn("open: %s", fpath);
start_reply(ctx, NOT_FOUND, "not found");
return;
}
if (isdir(fd)) {
warnx("%s is a directory, trying %s/index.gmi", fpath, fpath);
close(fd);
senddir(fpath, ctx);
return;
}
/* assume it's a text/gemini file */
start_reply(ctx, SUCCESS, "text/gemini");
while (1) {
if ((w = read(fd, buf, sizeof(buf))) == -1) {
warn("read: %s", fpath);
goto exit;
}
if (w == 0)
break;
t = w;
i = 0;
while (w > 0) {
if ((t = tls_write(ctx, buf + i, w)) == -1) {
warnx("tls_write (path=%s) : %s",
fpath,
tls_error(ctx));
goto exit;
}
w -= t;
i += t;
}
}
exit:
close(fd);
}
void
senddir(char *path, struct tls *ctx)
{
char fpath[PATHBUF];
size_t len;
bzero(fpath, PATHBUF);
if (*path != '.')
fpath[0] = '.';
/* this cannot fail since sizeof(fpath) > maxlen of path */
strlcat(fpath, path, PATHBUF);
len = strlen(fpath);
/* add a trailing / in case. */
if (fpath[len-1] != '/') {
fpath[len] = '/';
}
strlcat(fpath, "index.gmi", sizeof(fpath));
sendfile(fpath, ctx);
}
void
handle(char *url, struct tls *ctx)
{
char *path;
if (!url_trim(url)) {
start_reply(ctx, BAD_REQUEST, "bad request");
return;
}
if ((path = url_start_of_request(url)) == NULL)
return;
adjust_path(path);
fprintf(stderr, "requested path: %s\n", path);
if (path_isdir(path))
senddir(path, ctx);
else
sendfile(path, ctx);
}
int
make_socket(int port)
{
int sock, v;
struct sockaddr_in addr;
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1)
err(1, "socket");
v = 1;
if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &v, sizeof(v)) == -1)
err(1, "setsockopt(SO_REUSEADDR)");
v = 1;
if (setsockopt(sock, SOL_SOCKET, SO_REUSEPORT, &v, sizeof(v)) == -1)
err(1, "setsockopt(SO_REUSEPORT)");
bzero(&addr, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = INADDR_ANY;
if (bind(sock, (struct sockaddr*)&addr, sizeof(addr)) == -1)
err(1, "bind");
if (listen(sock, 16) == -1)
err(1, "listen");
return sock;
}
void
loop(struct tls *ctx, int sock)
{
int fd;
struct sockaddr_in client;
socklen_t len;
struct tls *clientctx;
char buf[GEMINI_URL_LEN];
ssize_t r;
for (;;) {
len = sizeof(client);
if ((fd = accept(sock, (struct sockaddr*)&client, &len)) == -1)
err(1, "accept");
if (tls_accept_socket(ctx, &clientctx, fd) == -1) {
warnx("tls_accept_socket: %s", tls_error(ctx));
continue;
}
bzero(buf, GEMINI_URL_LEN);
if ((r = tls_read(clientctx, buf, sizeof(buf)-1)) == -1) {
warnx("tls_read: %s", tls_error(clientctx));
goto clienterr;
}
handle(buf, clientctx);
clienterr:
if (tls_close(clientctx) == -1)
warn("tls_close: client");
tls_free(clientctx);
close(fd);
}
}
void
usage(const char *me)
{
fprintf(stderr,
"USAGE: %s [-h] [-c cert.pem] [-d docs] [-k key.pem]\n",
me);
}
int
main(int argc, char **argv)
{
const char *cert = "cert.pem", *key = "key.pem", *dir = "docs";
struct tls *ctx = NULL;
struct tls_config *conf;
void *m;
size_t mlen;
int sock, ch;
while ((ch = getopt(argc, argv, "c:d:hk:")) != -1) {
switch (ch) {
case 'c':
cert = optarg;
break;
case 'd':
dir = optarg;
break;
case 'h':
usage(*argv);
return 0;
case 'k':
key = optarg;
break;
default:
usage(*argv);
return 1;
}
}
if ((conf = tls_config_new()) == NULL)
err(1, "tls_config_new");
if (tls_config_set_protocols(conf,
TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3) == -1)
err(1, "tls_config_set_protocols");
if ((m = tls_load_file(cert, &mlen, NULL)) == NULL)
err(1, "tls_load_file: %s", cert);
if (tls_config_set_cert_mem(conf, m, mlen) == -1)
err(1, "tls_config_set_cert_mem: server certificate");
if ((m = tls_load_file(key, &mlen, NULL)) == NULL)
err(1, "tls_load_file: %s", key);
if (tls_config_set_key_mem(conf, m, mlen) == -1)
err(1, "tls_config_set_cert_mem: server key");
if ((ctx = tls_server()) == NULL)
err(1, "tls_server");
if (tls_configure(ctx, conf) == -1)
errx(1, "tls_configure: %s", tls_error(ctx));
sock = make_socket(1965);
if ((dirfd = open(dir, O_RDONLY | O_DIRECTORY)) == -1)
err(1, "open: %s", dir);
if (unveil(dir, "r") == -1)
err(1, "unveil");
if (pledge("stdio rpath inet", "") == -1)
err(1, "pledge");
loop(ctx, sock);
if (1) {
printf("why im I here?\n");
abort();
}
close(sock);
tls_free(ctx);
tls_config_free(conf);
}
Reference in New Issue View Git Blame Copy Permalink