diff options
| author | Xavier Del Campo Romero <xavi.dcr@tutanota.com> | 2023-01-09 01:22:54 +0100 |
|---|---|---|
| committer | Xavier Del Campo Romero <xavi.dcr@tutanota.com> | 2023-02-28 01:43:56 +0100 |
| commit | d26f046fc9149693a6ebc28301ccc3581c0f144e (patch) | |
| tree | 9da22edd4840304d6cd19a27efab58ce245985aa | |
Initial commit
| -rw-r--r-- | CMakeLists.txt | 18 | ||||
| -rw-r--r-- | LICENSE | 661 | ||||
| -rw-r--r-- | README.md | 205 | ||||
| -rw-r--r-- | auth.c | 472 | ||||
| -rw-r--r-- | auth.h | 13 | ||||
| -rw-r--r-- | base64.c | 126 | ||||
| -rw-r--r-- | base64.h | 9 | ||||
| -rw-r--r-- | handler.c | 336 | ||||
| -rw-r--r-- | handler.h | 17 | ||||
| -rw-r--r-- | html.c | 288 | ||||
| -rw-r--r-- | html.h | 15 | ||||
| -rw-r--r-- | http.c | 1612 | ||||
| -rw-r--r-- | http.h | 96 | ||||
| -rw-r--r-- | jwt.c | 147 | ||||
| -rw-r--r-- | jwt.h | 9 | ||||
| -rw-r--r-- | main.c | 935 | ||||
| -rw-r--r-- | page.c | 832 | ||||
| -rw-r--r-- | page.h | 14 | ||||
| -rw-r--r-- | server.c | 303 | ||||
| -rw-r--r-- | server.h | 15 |
20 files changed, 6123 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100644 index 0000000..f233ede --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,18 @@ +cmake_minimum_required(VERSION 3.13) +project(slcl) +add_executable(${PROJECT_NAME} + auth.c + base64.c + handler.c + html.c + http.c + jwt.c + main.c + page.c + server.c +) +target_compile_options(${PROJECT_NAME} PRIVATE -Wall) +add_subdirectory(dynstr) +find_package(cJSON 1.0 REQUIRED) +find_package(OpenSSL 3.0 REQUIRED) +target_link_libraries(${PROJECT_NAME} PRIVATE dynstr cjson OpenSSL::SSL) @@ -0,0 +1,661 @@ + GNU AFFERO GENERAL PUBLIC LICENSE + Version 3, 19 November 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU Affero General Public License is a free, copyleft license for +software and other kinds of works, specifically designed to ensure +cooperation with the community in the case of network server software. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +our General Public Licenses are intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + Developers that use our General Public Licenses protect your rights +with two steps: (1) assert copyright on the software, and (2) offer +you this License which gives you legal permission to copy, distribute +and/or modify the software. + + A secondary benefit of defending all users' freedom is that +improvements made in alternate versions of the program, if they +receive widespread use, become available for other developers to +incorporate. Many developers of free software are heartened and +encouraged by the resulting cooperation. However, in the case of +software used on network servers, this result may fail to come about. +The GNU General Public License permits making a modified version and +letting the public access it on a server without ever releasing its +source code to the public. + + The GNU Affero General Public License is designed specifically to +ensure that, in such cases, the modified source code becomes available +to the community. It requires the operator of a network server to +provide the source code of the modified version running there to the +users of that server. Therefore, public use of a modified version, on +a publicly accessible server, gives the public access to the source +code of the modified version. + + An older license, called the Affero General Public License and +published by Affero, was designed to accomplish similar goals. This is +a different license, not a version of the Affero GPL, but Affero has +released a new version of the Affero GPL which permits relicensing under +this license. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU Affero General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Remote Network Interaction; Use with the GNU General Public License. + + Notwithstanding any other provision of this License, if you modify the +Program, your modified version must prominently offer all users +interacting with it remotely through a computer network (if your version +supports such interaction) an opportunity to receive the Corresponding +Source of your version by providing access to the Corresponding Source +from a network server at no charge, through some standard or customary +means of facilitating copying of software. This Corresponding Source +shall include the Corresponding Source for any work covered by version 3 +of the GNU General Public License that is incorporated pursuant to the +following paragraph. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the work with which it is combined will remain governed by version +3 of the GNU General Public License. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU Affero General Public License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU Affero General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU Affero General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU Affero General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. + +Also add information on how to contact you by electronic and paper mail. + + If your software can interact with users remotely through a computer +network, you should also make sure that it provides a way for users to +get its source. For example, if your program is a web application, its +interface could display a "Source" link that leads users to an archive +of the code. There are many ways you could offer source, and different +solutions will be better for different programs; see section 13 for the +specific requirements. + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU AGPL, see +<https://www.gnu.org/licenses/>. diff --git a/README.md b/README.md new file mode 100644 index 0000000..7994456 --- /dev/null +++ b/README.md @@ -0,0 +1,205 @@ +# slcl, a suckless cloud + +`slcl` is a simple and fast implementation of a web file server, commonly +known as "cloud storage" or simply "cloud", written in C99. + +## Disclaimer + +While `slcl` might not share some of the philosophical views from the +[suckless project](https://suckless.org), it still strives towards minimalism, +simplicity and efficiency. + +## Features + +- Private access directory with file uploading. +- Read-only public file sharing. +- Its own, tiny HTTP/1.0 and 1.1-compatible server. +- A simple JSON file as the credentials database. +- No JavaScript. + +### TLS + +In order to maintain simplicity and reduce the risk for security bugs, `slcl` +does **not** implement TLS support. Instead, this should be provided by a +reverse proxy, such as [`caddy`](https://caddyserver.com/). + +### Root permissions + +`slcl` is expected to listen to connections from any port number so that `root` +access is not required. So, in order to avoid the risk for security bugs, +**please do not run `slcl` as `root`**. + +### Encryption + +Since no client-side JavaScript is used, files are **uploaded unencrypted** +to `slcl`. If required, encryption should be done before uploading e.g.: using +[`gpg`](https://gnupg.org/). + +## Requirements + +- A POSIX environment. +- OpenSSL >= 3.0. +- cJSON >= 1.7.15. +- [`dynstr`](https://gitea.privatedns.org/xavi92/dynstr) +(provided as a `git` submodule). +- `xxd` (for [`usergen`](/usergen) only). +- CMake (optional). + +### Ubuntu / Debian + +```sh +sudo apt install libcjson-dev libssl-dev xxd +``` + +## How to use +### Build + +Two build environments are provided for `slcl` - feel free to choose any of +them: + +- A mostly POSIX-compliant [`Makefile`](/Makefile). +- A [`CMakeLists.txt`](/CMakeLists.txt). + +`slcl` can be built using the standard build process: + +#### Make + +```sh +$ make +``` + +#### CMake + +```sh +$ mkdir build/ +$ cmake .. +$ cmake --build . +``` + +### Setting up + +`slcl` consumes a path to a directory with the following tree structure: + +``` +. +├── db.json +├── public +└── user +``` + +Where: + +- `db.json` is the credentials database. Details are explained below. + - **Note:** `slcl` creates a database with no users if not found, with + file mode bits set to `0600`. +- `public` is a directory containing read-only files that can be accessed +without authentication. Internally, they are implemented as simlinks to +other files. + - **Note:** this directory must be created before running `slcl`. +- `user` is a directory containing user directories, which in turn contain +anything users put into them. + - **Note:** this directory must be created before running `slcl`. + +A more complete example: + +``` +. +├── db.json +├── public +│  └── 416d604c03a1cbb2 -> user/alice/file.txt +└── user + ├── alice + │  └── file.txt + └── john + └── file2.txt +``` + +**Note:** user directories (`alice` and `john` on the example above) must be +created before running `slcl`. + +### Credentials database + +`slcl` reads credentials from the `db.json` database, with the following +schema: + +```json +{ + "users": [{ + "name": "...", + "password": "...", + "salt": "...", + "key": "..." + }] +} +``` + +[`usergen`](/usergen) is an interactive script that consumes a username and +password, and writes a JSON object that can be appended to the `users` JSON +array in `db.json`. A salt is randomly generated using `openssl` and passwords +are hashed multiple times beforehand - see [`usergen`](/usergen) and +[`auth.c`](/auth.c) for further reference. Also, a random key is generated +that is later used to sign HTTP cookies. + +When users authenticate from a web browser, `slcl` sends a SHA256HMAC-signed +[JSON Web Token](https://jwt.io), using the random key generated by +[`usergen`](/usergen). No session data is kept on the server. + +### Running + +To run `slcl`, simply run the executable with the path to a directory including +the files listed above. By default, `slcl` will listen to incoming connections +on a random TCP port number. To set a specific port number, use the `-p` +command line option. For example: + +```sh +slcl -p 7822 ~/my-db/ +``` + +## Why this project? + +Previously, I had been recommended Nextcloud as an alternative to proprietary +services like Dropbox. Unfortunately, despite being a very flexible piece of +software, Nextcloud is _way too_ heavy on resources, specially on lower end +hardware such as the Raspberry Pi 3: + +- It uses around **30%** RAM on my Raspberry Pi 3, configured with 973 MiB of +RAM, and of course it gets worse with several simultaneous users. +- Simple operations like searching and previewing files cause large amounts +of I/O and RAM usage, so much that it locks the whole server up more often than +not. +- Nextcloud pages are bloated. Even the login page is over **15 MiB** (!). +- Requires clients to run JavaScript, which also has a significant performance +penalty on the web browser. Also, some users do not feel comfortable running +JavaScript from their web browsers, and thus prefer to disable it. + +After years of recurring frustration as a Nextcloud administrator and user, +I looked for alternatives that stripped out most of the unneeded bloat from +Nextcloud, while providing the required features listed above. However, +I could not find any that fit them, so I felt challenged to design a new +implementation. + +On the other hand, command line-based solutions like `rsync` might not be as +convenient for non-technical people, compared to a web browser, or might not +be even available e.g.: phones. + +## License + +``` +slcl, a suckless cloud. +Copyright (C) 2023 Xavier Del Campo Romero + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU Affero General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU Affero General Public License for more details. + +You should have received a copy of the GNU Affero General Public License +along with this program. If not, see <https://www.gnu.org/licenses/>. +``` + +Also, see [`LICENSE`](/LICENSE). @@ -0,0 +1,472 @@ +#include "auth.h" +#include "http.h" +#include "jwt.h" +#include <cjson/cJSON.h> +#include <dynstr.h> +#include <openssl/sha.h> +#include <errno.h> +#include <limits.h> +#include <stddef.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <fcntl.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <unistd.h> + +struct auth +{ + struct dynstr dir, db; +}; + +enum {KEYLEN = 32}; + +static char *dump_db(const char *const path) +{ + char *ret = NULL; + FILE *f = NULL; + struct stat sb; + + if (stat(path, &sb)) + { + fprintf(stderr, "%s: stat(2): %s\n", __func__, strerror(errno)); + goto end; + } + else if (sb.st_size > SIZE_MAX) + { + fprintf(stderr, "%s: %s too big (%llu bytes, %zu max)\n", + __func__, path, (unsigned long long)sb.st_size, (size_t)SIZE_MAX); + goto end; + } + else if (!(f = fopen(path, "rb"))) + { + fprintf(stderr, "%s: fopen(3): %s\n", __func__, strerror(errno)); + goto end; + } + else if (!(ret = malloc(sb.st_size + 1))) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + goto end; + } + else if (!fread(ret, sb.st_size, 1, f)) + { + fprintf(stderr, "%s: failed to dump %zu bytes, ferror=%d\n", + __func__, (size_t)sb.st_size, ferror(f)); + goto end; + } + + ret[sb.st_size] = '\0'; + +end: + + if (f && fclose(f)) + { + fprintf(stderr, "%s: fclose(3): %s\n", __func__, strerror(errno)); + free(ret); + return NULL; + } + + return ret; +} + +static int decode_hex(const char *const hex, unsigned char *buf, size_t n) +{ + for (const char *s = hex; *s; s += 2) + { + const char nibble[sizeof "00"] = {*s, *(s + 1)}; + + if (!n) + return -1; + + *buf++ = strtoul(nibble, NULL, 16); + n--; + } + + return n ? -1 : 0; +} + +static int find_cookie(const cJSON *const users, const char *const cookie) +{ + const cJSON *u; + + cJSON_ArrayForEach(u, users) + { + const cJSON *const n = cJSON_GetObjectItem(u, "name"), + *const k = cJSON_GetObjectItem(u, "key"); + const char *name, *key; + unsigned char dkey[KEYLEN]; + + if (!n || !(name = cJSON_GetStringValue(n))) + { + fprintf(stderr, "%s: missing username\n", __func__); + return -1; + } + else if (!k || !(key = cJSON_GetStringValue(k))) + { + fprintf(stderr, "%s: missing key\n", __func__); + return -1; + } + else if (decode_hex(key, dkey, sizeof dkey)) + { + fprintf(stderr, "%s: decode_hex failed\n", __func__); + return -1; + } + + const int res = jwt_check(cookie, dkey, sizeof dkey); + + if (!res) + return 0; + if (res < 0) + { + fprintf(stderr, "%s: jwt_decode failed\n", __func__); + return -1; + } + } + + return 1; +} + +int auth_cookie(const struct auth *const a, const struct http_cookie *const c) +{ + int ret = -1; + char *db = NULL; + cJSON *json = NULL; + + if (!c->field || !c->value) + return 1; + else if (!(db = dump_db(a->db.str))) + { + fprintf(stderr, "%s: dump_db failed\n", __func__); + goto end; + } + else if (!(json = cJSON_Parse(db))) + { + fprintf(stderr, "%s: cJSON_Parse failed\n", __func__); + goto end; + } + + const cJSON *const users = cJSON_GetObjectItem(json, "users"); + + if (!users) + { + fprintf(stderr, "%s: could not find users\n", __func__); + goto end; + } + else if (!cJSON_IsArray(users)) + { + fprintf(stderr, "%s: expected JSON array for users\n", __func__); + goto end; + } + else if ((ret = find_cookie(users, c->value)) < 0) + { + fprintf(stderr, "%s: find_cookie failed\n", __func__); + goto end; + } + +end: + free(db); + cJSON_Delete(json); + return ret; +} + +static int generate_cookie(const cJSON *const json, const char *const path, + const char *const name, const char *const key, char **const cookie) +{ + unsigned char dkey[KEYLEN]; + int ret = -1; + char *jwt = NULL; + + if (decode_hex(key, dkey, sizeof dkey)) + { + fprintf(stderr, "%s: decode_hex failed\n", __func__); + goto end; + } + else if (!(jwt = jwt_encode(name, dkey, sizeof dkey))) + { + fprintf(stderr, "%s: jwt_encode failed\n", __func__); + goto end; + } + else if (!(*cookie = http_cookie_create(name, jwt))) + { + fprintf(stderr, "%s: http_cookie_create failed\n", __func__); + goto end; + } + + ret = 0; + +end: + free(jwt); + return ret; +} + +static int compare_pwd(const char *const salt, const char *const password, + const char *const exp_password) +{ + int ret = -1; + enum {SALT_LEN = SHA256_DIGEST_LENGTH}; + unsigned char dec_salt[SALT_LEN], sha256[SHA256_DIGEST_LENGTH]; + const size_t slen = strlen(salt), + len = strlen(password), n = sizeof dec_salt + len; + unsigned char *const salted = malloc(n); + + if (slen != SALT_LEN * 2) + { + fprintf(stderr, "%s: unexpected salt length: %zu\n", __func__, slen); + goto end; + } + else if (!salted) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + goto end; + } + else if (decode_hex(salt, dec_salt, sizeof dec_salt)) + { + fprintf(stderr, "%s: decode_hex failed\n", __func__); + goto end; + } + + memcpy(salted, dec_salt, sizeof dec_salt); + memcpy(salted + sizeof dec_salt, password, len); + + if (!SHA256(salted, n, sha256)) + { + fprintf(stderr, "%s: SHA256 (first round) failed\n", __func__); + goto end; + } + + enum {ROUNDS = 1000 - 1}; + + for (int i = 0; i < ROUNDS; i++) + if (!SHA256(sha256, sizeof sha256, sha256)) + { + fprintf(stderr, "%s: SHA256 failed\n", __func__); + goto end; + } + + char sha256_str[sizeof + "00000000000000000000000000000000" + "00000000000000000000000000000000"]; + + for (struct {char *p; size_t i;} a = {.p = sha256_str}; + a.i < sizeof sha256 / sizeof *sha256; a.i++, a.p += 2) + sprintf(a.p, "%02x", sha256[a.i]); + + if (!strcmp(sha256_str, exp_password)) + ret = 0; + else + /* Positive error code for password mismatch. */ + ret = 1; + +end: + free(salted); + return ret; +} + +int auth_login(const struct auth *const a, const char *const user, + const char *const password, char **const cookie) +{ + int ret = -1; + const char *const path = a->db.str; + char *const db = dump_db(path); + cJSON *json = NULL; + + if (!db) + { + fprintf(stderr, "%s: dump_db failed\n", __func__); + goto end; + } + else if (!(json = cJSON_Parse(db))) + { + fprintf(stderr, "%s: cJSON_Parse failed\n", __func__); + goto end; + } + + const cJSON *const users = cJSON_GetObjectItem(json, "users"); + + if (!users) + { + fprintf(stderr, "%s: could not find users\n", __func__); + goto end; + } + else if (!cJSON_IsArray(users)) + { + fprintf(stderr, "%s: expected JSON array for users\n", __func__); + goto end; + } + + cJSON *u; + + cJSON_ArrayForEach(u, users) + { + const cJSON *const n = cJSON_GetObjectItem(u, "name"), + *const s = cJSON_GetObjectItem(u, "salt"), + *const p = cJSON_GetObjectItem(u, "password"), + *const k = cJSON_GetObjectItem(u, "key"); + const char *name, *salt, *pwd, *key; + + if (!n || !(name = cJSON_GetStringValue(n))) + { + fprintf(stderr, "%s: missing username\n", __func__); + goto end; + } + else if (!s || !(salt = cJSON_GetStringValue(s))) + { + fprintf(stderr, "%s: missing salt\n", __func__); + goto end; + } + else if (!p || !(pwd = cJSON_GetStringValue(p))) + { + fprintf(stderr, "%s: missing password\n", __func__); + goto end; + } + else if (!k || !(key = cJSON_GetStringValue(k))) + { + fprintf(stderr, "%s: missing key\n", __func__); + goto end; + } + else if (!strcmp(name, user)) + { + const int res = compare_pwd(salt, password, pwd); + + if (res < 0) + { + fprintf(stderr, "%s: generate_cookie failed\n", __func__); + goto end; + } + else if (!res) + { + if (generate_cookie(json, path, name, key, cookie)) + { + fprintf(stderr, "%s: generate_cookie failed\n", __func__); + goto end; + } + + ret = 0; + goto end; + } + } + } + + ret = 1; + +end: + free(db); + cJSON_Delete(json); + return ret; +} + +void auth_free(struct auth *const a) +{ + if (a) + { + dynstr_free(&a->dir); + dynstr_free(&a->db); + } + + free(a); +} + +const char *auth_dir(const struct auth *const a) +{ + return a->dir.str; +} + +static int create_db(const char *const path) +{ + int ret = -1; + const int fd = open(path, O_WRONLY | O_CREAT, 0600); + + if (fd < 0) + { + fprintf(stderr, "%s: open(2): %s\n", __func__, strerror(errno)); + goto end; + } + + static const char db[] = "{\"users\": []}\n"; + + for (struct {size_t n; const void *p;} + a = {.n = strlen(db), .p = db}; a.n;) + { + const ssize_t n = write(fd, a.p, a.n); + + if (n < 0) + { + fprintf(stderr, "%s: write(2): %s\n", __func__, strerror(errno)); + goto end; + } + + a.n -= n; + a.p = ((const char *)a.p) + n; + } + + printf("Created login database at %s\n", path); + ret = 0; + +end: + + if (fd >= 0 && close(fd)) + { + fprintf(stderr, "%s: close(2): %s\n", __func__, strerror(errno)); + return -1; + } + + return ret; +} + +static int init_db(struct auth *const a) +{ + struct stat sb; + const char *const path = a->db.str; + + if (stat(path, &sb)) + { + if (errno == ENOENT) + return create_db(path); + else + { + fprintf(stderr, "%s: stat(2): %s\n", __func__, strerror(errno)); + return -1; + } + } + + return 0; +} + +struct auth *auth_alloc(const char *const dir) +{ + struct auth *const a = malloc(sizeof *a); + + if (!a) + { + fprintf(stderr, "%s: malloc(3) auth: %s\n", __func__, strerror(errno)); + goto failure; + } + + *a = (const struct auth){0}; + + dynstr_init(&a->db); + dynstr_init(&a->dir); + + if (dynstr_append(&a->dir, "%s", dir)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto failure; + } + else if (dynstr_append(&a->db, "%s/db.json", dir)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto failure; + } + else if (init_db(a)) + { + fprintf(stderr, "%s: init_db failed\n", __func__); + goto failure; + } + + return a; + +failure: + auth_free(a); + return NULL; +} @@ -0,0 +1,13 @@ +#ifndef AUTH_H +#define AUTH_H + +#include "http.h" + +struct auth *auth_alloc(const char *dir); +void auth_free(struct auth *a); +int auth_cookie(const struct auth *a, const struct http_cookie *c); +int auth_login(const struct auth *a, const char *user, const char *password, + char **cookie); +const char *auth_dir(const struct auth *a); + +#endif /* AUTH_H */ diff --git a/base64.c b/base64.c new file mode 100644 index 0000000..b1d4737 --- /dev/null +++ b/base64.c @@ -0,0 +1,126 @@ +#include "base64.h" +#include <openssl/evp.h> +#include <errno.h> +#include <stddef.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +static void remove_lf(char *b64) +{ + while ((b64 = strchr(b64, '\n'))) + memcpy(b64, b64 + 1, strlen(b64)); +} + +static size_t base64len(const size_t n) +{ + /* Read EVP_EncodeInit(3) for further reference. */ + return ((n / 48) * 65) + (n % 48 ? 1 + ((n / 3) + 1) * 4 : 0); +} + +static size_t decodedlen(const size_t n) +{ + return ((n / 64) * 48) + (n % 64 ? (n / 4) * 3 : 0); +} + +char *base64_encode(const void *const buf, const size_t n) +{ + EVP_ENCODE_CTX *const ctx = EVP_ENCODE_CTX_new(); + char *ret = NULL; + unsigned char *b64 = NULL; + + if (!ctx) + { + fprintf(stderr, "%s: EVP_ENCODE_CTX_new failed\n", __func__); + goto end; + } + + const size_t b64len = base64len(n); + + if (!(b64 = malloc(b64len + 1))) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + goto end; + } + + EVP_EncodeInit(ctx); + + size_t rem = n, done = 0; + int outl = b64len; + + while (rem) + { + const size_t i = n - rem, inl = rem > 48 ? 48 : rem; + const unsigned char *const in = buf; + + if (!EVP_EncodeUpdate(ctx, &b64[done], &outl, &in[i], inl)) + { + fprintf(stderr, "%s: EVP_EncodeUpdate failed\n", __func__); + goto end; + } + + done += outl; + rem -= inl; + } + + EVP_EncodeFinal(ctx, b64, &outl); + ret = (char *)b64; + remove_lf(ret); + +end: + if (!ret) + free(b64); + + EVP_ENCODE_CTX_free(ctx); + return ret; +} + +void *base64_decode(const char *const b64, size_t *const n) +{ + void *ret = NULL; + const size_t len = strlen(b64), dlen = decodedlen(len); + EVP_ENCODE_CTX *const ctx = EVP_ENCODE_CTX_new(); + unsigned char *const buf = malloc(dlen); + + if (!buf) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + goto end; + } + else if (!ctx) + { + fprintf(stderr, "%s: EVP_ENCODE_CTX_new failed\n", __func__); + goto end; + } + + EVP_DecodeInit(ctx); + + size_t rem = len, done = 0; + int outl = dlen; + + while (rem) + { + const size_t i = len - rem, inl = rem > 64 ? 64 : rem; + const unsigned char *const in = (const unsigned char *)b64; + + if (EVP_DecodeUpdate(ctx, &buf[done], &outl, &in[i], inl) < 0) + { + fprintf(stderr, "%s: EVP_EncodeUpdate failed\n", __func__); + goto end; + } + + done += outl; + rem -= inl; + } + + EVP_DecodeFinal(ctx, buf, &outl); + *n = done; + ret = buf; + +end: + if (!ret) + free(buf); + + EVP_ENCODE_CTX_free(ctx); + return ret; +} diff --git a/base64.h b/base64.h new file mode 100644 index 0000000..6ca0f18 --- /dev/null +++ b/base64.h @@ -0,0 +1,9 @@ +#ifndef BASE64_H +#define BASE64_H + +#include <stddef.h> + +char *base64_encode(const void *buf, size_t n); +void *base64_decode(const char *b64, size_t *n); + +#endif /* BASE64_H */ diff --git a/handler.c b/handler.c new file mode 100644 index 0000000..b152cf1 --- /dev/null +++ b/handler.c @@ -0,0 +1,336 @@ +#include "handler.h" +#include "http.h" +#include "server.h" +#include <errno.h> +#include <stdbool.h> +#include <stddef.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +struct handler +{ + const char *tmpdir; + + struct handler_cfg + { + char *url; + enum http_op op; + handler_fn f; + void *user; + } *cfg; + + struct server *server; + struct client + { + struct handler *h; + struct server_client *c; + struct http_ctx *http; + struct client *next; + } *clients; + + size_t n_cfg; +}; + +static int on_read(void *const buf, const size_t n, void *const user) +{ + struct client *const c = user; + + return server_read(buf, n, c->c); +} + +static int on_write(const void *const buf, const size_t n, void *const user) +{ + struct client *const c = user; + + return server_write(buf, n, c->c); +} + +static int wildcard_cmp(const char *s, const char *p) +{ + while (*p && *s) + { + const char *const wc = strchr(p, '*'); + + if (!wc) + return strcmp(s, p); + + const size_t n = wc - p; + + if (n) + { + const int r = strncmp(s, p, n); + + if (r) + return r; + + p += n; + s += n; + } + else if (*(wc + 1) == *s) + { + p = wc + 1; + s += n; + } + else if (*(wc + 1) == '*') + p++; + else + { + s++; + p += n; + } + } + + while (*p) + if (*p++ != '*') + return -1; + + return 0; +} + +static int on_payload(const struct http_payload *const p, + struct http_response *const r, void *const user) +{ + struct client *const c = user; + struct handler *const h = c->h; + + for (size_t i = 0; i < h->n_cfg; i++) + { + const struct handler_cfg *const cfg = &h->cfg[i]; + + if (cfg->op == p->op && !wildcard_cmp(p->resource, cfg->url)) + return cfg->f(p, r, cfg->user); + } + + fprintf(stderr, "Not found: %s\n", p->resource); + + *r = (const struct http_response) + { + .status = HTTP_STATUS_NOT_FOUND + }; + + return 0; +} + +static struct client *find_or_alloc_client(struct handler *const h, + struct server_client *const c) +{ + for (struct client *cl = h->clients; cl; cl = cl->next) + { + if (cl->c == c) + return cl; + } + + struct client *const ret = malloc(sizeof *ret); + + if (!ret) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + return NULL; + } + + const struct http_cfg cfg = + { + .read = on_read, + .write = on_write, + .payload = on_payload, + .user = ret, + .tmpdir = h->tmpdir + }; + + *ret = (const struct client) + { + .c = c, + .h = h, + .http = http_alloc(&cfg) + }; + + if (!ret->http) + { + fprintf(stderr, "%s: http_alloc failed\n", __func__); + return NULL; + } + + if (!h->clients) + h->clients = ret; + else + { + for (struct client *c = h->clients; c; c = c->next) + if (!c->next) + { + c->next = ret; + break; + } + } + + return ret; +} + +static void client_free(struct client *const c) +{ + if (c) + http_free(c->http); + + free(c); +} + +static int remove_client_from_list(struct handler *const h, + struct client *const c) +{ + int ret = -1; + + if (server_client_close(h->server, c->c)) + { + fprintf(stderr, "%s: server_client_close failed\n", + __func__); + goto end; + } + + for (struct client *cl = h->clients, *prev = NULL; cl; + prev = cl, cl = cl->next) + { + if (cl == c) + { + if (!prev) + h->clients = c->next; + else + prev->next = cl->next; + + break; + } + } + + ret = 0; + +end: + client_free(c); + return ret; +} + +int handler_listen(struct handler *const h, const short port) +{ + if (!(h->server = server_init(port))) + { + fprintf(stderr, "%s: server_init failed\n", __func__); + return -1; + } + + for (;;) + { + bool exit, io; + struct server_client *const c = server_select(h->server, &io, &exit); + + if (exit) + { + printf("Exiting...\n"); + break; + } + else if (!c) + { + fprintf(stderr, "%s: server_select failed\n", __func__); + return -1; + } + + struct client *const cl = find_or_alloc_client(h, c); + + if (!cl) + { + fprintf(stderr, "%s: find_or_alloc_client failed\n", __func__); + return -1; + } + else if (io) + { + bool write, close; + const int res = http_update(cl->http, &write, &close); + + if (res || close) + { + if (res < 0) + { + fprintf(stderr, "%s: http_update failed\n", __func__); + return -1; + } + else if (remove_client_from_list(h, cl)) + { + fprintf(stderr, "%s: remove_client_from_list failed\n", + __func__); + return -1; + } + } + else + server_client_write_pending(cl->c, write); + } + } + + return 0; +} + +static void free_clients(struct handler *const h) +{ + for (struct client *c = h->clients; c;) + { + struct client *const next = c->next; + + server_client_close(h->server, c->c); + client_free(c); + c = next; + } +} + +void handler_free(struct handler *const h) +{ + if (h) + { + for (size_t i = 0; i < h->n_cfg; i++) + free(h->cfg[i].url); + + free(h->cfg); + free_clients(h); + server_close(h->server); + } + + free(h); +} + +struct handler *handler_alloc(const char *const tmpdir) +{ + struct handler *const h = malloc(sizeof *h); + + if (!h) + { + fprintf(stderr, "%s: malloc(3) handler: %s\n", + __func__, strerror(errno)); + return NULL; + } + + *h = (const struct handler){.tmpdir = tmpdir}; + return h; +} + +int handler_add(struct handler *const h, const char *url, + const enum http_op op, const handler_fn f, void *const user) +{ + if (!h || !(h->cfg = realloc(h->cfg, (h->n_cfg + 1) * sizeof *h->cfg))) + { + fprintf(stderr, "%s: realloc(3): %s\n", __func__, strerror(errno)); + return -1; + } + + char *const new = strdup(url); + + if (!new) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + return -1; + } + + h->cfg[h->n_cfg++] = (const struct handler_cfg) + { + .url = new, + .op = op, + .f = f, + .user = user + }; + + return 0; +} diff --git a/handler.h b/handler.h new file mode 100644 index 0000000..8550010 --- /dev/null +++ b/handler.h @@ -0,0 +1,17 @@ +#ifndef HANDLER_H +#define HANDLER_H + +#include "http.h" +#include <stddef.h> + +struct handler; +typedef int (*handler_fn)(const struct http_payload *p, + struct http_response *r, void *user); + +struct handler *handler_alloc(const char *tmpdir); +void handler_free(struct handler *h); +int handler_add(struct handler *h, const char *url, enum http_op op, + handler_fn f, void *user); +int handler_listen(struct handler *h, short port); + +#endif /* HANDLER_H */ @@ -0,0 +1,288 @@ +#include "html.h" +#include <dynstr.h> +#include <errno.h> +#include <stddef.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +struct html_node +{ + struct html_attribute + { + char *attr, *value; + } *attrs; + + char *element, *value; + size_t n; + struct html_node *child, *sibling; +}; + +static char *html_encode(const char *s) +{ + struct dynstr d; + + dynstr_init(&d); + + while (*s) + { + static const struct esc + { + char c; + const char *str; + } esc[] = + { + {.c = '<', .str = ">"}, + {.c = '>', .str = "<"}, + {.c = '&', .str = "&"}, + {.c = '\"', .str = """}, + {.c = '\'', .str = "'"} + }; + + char buf[sizeof "a"] = {0}; + const char *str = NULL; + + for (size_t i = 0; i < sizeof esc / sizeof *esc; i++) + { + const struct esc *const e = &esc[i]; + + if (*s == e->c) + { + str = e->str; + break; + } + } + + if (!str) + { + *buf = *s; + str = buf; + } + + if (dynstr_append(&d, "%s", str)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto failure; + } + + s++; + } + + return d.str; + +failure: + dynstr_free(&d); + return NULL; +} + +int html_node_set_value(struct html_node *const n, const char *const val) +{ + if (!(n->value = html_encode(val))) + { + fprintf(stderr, "%s: html_encode failed\n", __func__); + return -1; + } + + return 0; +} + +int html_node_set_value_unescaped(struct html_node *const n, + const char *const val) +{ + if (!(n->value = strdup(val))) + { + fprintf(stderr, "%s: strdup(3): %s\n", __func__, strerror(errno)); + return -1; + } + + return 0; +} + +int html_node_add_attr(struct html_node *const n, const char *const attr, + const char *const val) +{ + if (!(n->attrs = realloc(n->attrs, (n->n + 1) * sizeof *n->attrs))) + { + fprintf(stderr, "%s: realloc(3): %s\n", __func__, strerror(errno)); + return -1; + } + + struct html_attribute *const a = &n->attrs[n->n++]; + + *a = (const struct html_attribute){0}; + + if (!(a->attr = strdup(attr)) + || (val && !(a->value = strdup(val)))) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + free(a->attr); + free(a->value); + return -1; + } + + return 0; +} + +void html_node_add_sibling(struct html_node *const n, + struct html_node *const sibling) +{ + for (struct html_node *c = n; c; c = c->sibling) + if (!c->sibling) + { + c->sibling = sibling; + break; + } +} + +struct html_node *html_node_add_child(struct html_node *const n, + const char *const element) +{ + struct html_node *const child = html_node_alloc(element); + + if (!child) + return NULL; + else if (n->child) + html_node_add_sibling(n->child, child); + else + n->child = child; + + return child; +} + +int serialize_node(struct dynstr *const d, const struct html_node *const n, + const unsigned level) +{ + for (unsigned i = 0; i < level; i++) + dynstr_append(d, "\t"); + + dynstr_append_or_ret_nonzero(d, "<%s", n->element); + + if (n->n) + dynstr_append_or_ret_nonzero(d, " "); + + for (size_t i = 0; i < n->n; i++) + { + const struct html_attribute *const a = &n->attrs[i]; + + if (a->value) + dynstr_append_or_ret_nonzero(d, "%s=\"%s\"", a->attr, a->value); + else + dynstr_append_or_ret_nonzero(d, "%s", a->attr); + + if (i + 1 < n->n) + dynstr_append_or_ret_nonzero(d, " "); + } + + if (!n->value && !n->child) + dynstr_append_or_ret_nonzero(d, "/>"); + else + { + dynstr_append_or_ret_nonzero(d, ">"); + + if (n->value) + dynstr_append_or_ret_nonzero(d, "%s", n->value); + + if (n->child) + { + dynstr_append_or_ret_nonzero(d, "\n"); + + if (serialize_node(d, n->child, level + 1)) + { + fprintf(stderr, "%s: serialize_node failed\n", __func__); + return -1; + } + + for (unsigned i = 0; i < level; i++) + dynstr_append(d, "\t"); + } + + dynstr_append_or_ret_nonzero(d, "</%s>", n->element); + } + + /* TODO: print siblings */ + + dynstr_append_or_ret_nonzero(d, "\n"); + + if (n->sibling) + return serialize_node(d, n->sibling, level); + + return 0; +} + +int html_serialize(const struct html_node *const n, struct dynstr *const d) +{ + return serialize_node(d, n, 0); +} + +static void html_attribute_free(struct html_attribute *const a) +{ + if (a) + { + free(a->attr); + free(a->value); + } +} + +void html_node_free(struct html_node *const n) +{ + if (n) + { + struct html_node *s = n->sibling; + + html_node_free(n->child); + + while (s) + { + struct html_node *const next = s->sibling; + + html_node_free(s->child); + free(s->element); + free(s->value); + + for (size_t i = 0 ; i < s->n; i++) + html_attribute_free(&s->attrs[i]); + + free(s->attrs); + free(s); + s = next; + } + + free(n->element); + free(n->value); + + for (size_t i = 0 ; i < n->n; i++) + html_attribute_free(&n->attrs[i]); + + free(n->attrs); + } + + free(n); +} + +struct html_node *html_node_alloc(const char *const element) +{ + struct html_node *const n = malloc(sizeof *n); + + if (!n) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + goto failure; + } + + *n = (const struct html_node) + { + .element = strdup(element) + }; + + if (!n->element) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + goto failure; + } + + return n; + +failure: + html_node_free(n); + return NULL; +} @@ -0,0 +1,15 @@ +#ifndef HTML_H +#define HTML_H + +#include <dynstr.h> + +struct html_node *html_node_alloc(const char *element); +void html_node_free(struct html_node *n); +int html_node_set_value(struct html_node *n, const char *val); +int html_node_set_value_unescaped(struct html_node *n, const char *val); +int html_node_add_attr(struct html_node *n, const char *attr, const char *val); +struct html_node *html_node_add_child(struct html_node *n, const char *elem); +void html_node_add_sibling(struct html_node *n, struct html_node *sibling); +int html_serialize(const struct html_node *n, struct dynstr *d); + +#endif /* HTML_H */ @@ -0,0 +1,1612 @@ +#include "http.h" +#include <dynstr.h> +#include <sys/types.h> +#include <unistd.h> +#include <ctype.h> +#include <errno.h> +#include <inttypes.h> +#include <stdbool.h> +#include <stddef.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +struct http_ctx +{ + struct ctx + { + enum state + { + START_LINE, + HEADER_CR_LINE, + BODY_LINE + } state; + + enum + { + LINE_CR, + LINE_LF + } lstate; + + enum http_op op; + char *resource, *field, *value, *boundary; + size_t len; + + struct post + { + char *path; + unsigned long long len, read; + } post; + + union + { + struct start_line + { + enum + { + START_LINE_OP, + START_LINE_RESOURCE, + START_LINE_PROTOCOL + } state; + } sl; + + struct multiform + { + enum mf_state + { + MF_START_BOUNDARY, + MF_HEADER_CR_LINE, + MF_BODY_BOUNDARY_LINE, + MF_END_BOUNDARY_CR_LINE + } state; + + enum + { + BODY_CR, + BODY_LF, + BODY_DATA + } bstate; + + off_t len, written; + char *boundary; + const char *dir; + size_t blen, nforms, nfiles; + int fd; + struct http_post_file *files; + + struct form + { + char *name, *filename, *tmpname, *value; + } *forms; + } mf; + } u; + } ctx; + + struct write_ctx + { + bool pending; + enum state state; + struct http_response r; + off_t n; + struct dynstr d; + } wctx; + + enum version + { + HTTP_1_0, + HTTP_1_1 + } version; + + /* From RFC9112, section 3 (Request line): + * It is RECOMMENDED that all HTTP senders and recipients support, + * at a minimum, request-line lengths of 8000 octets. */ + char line[8000]; + struct http_cfg cfg; +}; + +static const char *const versions[] = +{ + [HTTP_1_0] = "HTTP/1.0", + [HTTP_1_1] = "HTTP/1.1" +}; + +static int get_version(struct http_ctx *const h, const char *const v) +{ + for (enum version i = 0; i < sizeof versions / sizeof *versions; i++) + if (!strcmp(versions[i], v)) + { + h->version = i; + return 0; + } + + return -1; +} + +static int start_line(struct http_ctx *const h) +{ + const char *const line = (const char *)h->line; + + if (!*line) + { + fprintf(stderr, "%s: expected non-empty line\n", __func__); + return 1; + } + + const char *const op = strchr(line, ' '); + + if (!op || op == line) + { + fprintf(stderr, "%s: expected resource\n", __func__); + return 1; + } + + struct ctx *const c = &h->ctx; + const size_t n = op - line; + + if (!strncmp(line, "GET", n)) + c->op = HTTP_OP_GET; + else if (!strncmp(line, "POST", n)) + c->op = HTTP_OP_POST; + else + { + fprintf(stderr, "%s: unsupported HTTP op %.*s\n", + __func__, (int)n, line); + return 1; + } + + const char *const resource = op + 1, + *const res_end = strchr(resource, ' '); + + if (!res_end) + { + fprintf(stderr, "%s: expected protocol version\n", __func__); + return 1; + } + + const size_t res_n = res_end - resource; + + if (memchr(resource, '*', res_n)) + { + fprintf(stderr, "%s: illegal character * in resource %.*s\n", + __func__, (int)res_n, resource); + return 1; + } + + const char *const protocol = res_end + 1; + + if (!*protocol) + { + fprintf(stderr, "%s: expected protocol version\n", __func__); + return 1; + } + else if (strchr(protocol, ' ')) + { + fprintf(stderr, "%s: unexpected field after protocol version\n", + __func__); + return 1; + } + + int ret = 1; + char *enc_res = NULL; + + if (get_version(h, protocol)) + { + fprintf(stderr, "%s: unsupported protocol %s\n", __func__, protocol); + goto end; + } + else if (!(enc_res = strndup(resource, res_n))) + { + fprintf(stderr, "%s: strndup(3): %s\n", __func__, strerror(errno)); + ret = -1; + goto end; + } + else if (!(c->resource = http_decode_url(enc_res))) + { + fprintf(stderr, "%s: http_decode_url failed\n", __func__); + goto end; + } + + printf("%.*s %s %s\n", (int)n, line, c->resource, protocol); + ret = 0; + c->state = HEADER_CR_LINE; + +end: + free(enc_res); + return ret; +} + +static void ctx_free(struct ctx *const c) +{ + if (c->boundary) + { + struct multiform *const m = &c->u.mf; + + free(m->files); + free(m->boundary); + + for (size_t i = 0; i < m->nforms; i++) + { + struct form *const f = &m->forms[i]; + + free(f->name); + free(f->filename); + free(f->tmpname); + free(f->value); + } + + free(m->forms); + + if (m->fd >= 0 && close(m->fd)) + fprintf(stderr, "%s: close(2) m->fd: %s\n", + __func__, strerror(errno)); + } + + free(c->field); + free(c->value); + free(c->resource); + free(c->boundary); + + *c = (const struct ctx){0}; +} + +static int prepare_headers(struct http_ctx *const h) +{ + struct write_ctx *const w = &h->wctx; + struct dynstr *const d = &w->d; + + dynstr_init(d); + + for (size_t i = 0; i < w->r.n_headers; i++) + { + const struct http_header *const hdr = &w->r.headers[i]; + + dynstr_append_or_ret_nonzero(d, "%s: %s\r\n", hdr->header, hdr->value); + free(hdr->header); + free(hdr->value); + } + + free(w->r.headers); + dynstr_append_or_ret_nonzero(d, "\r\n"); + return 0; +} + +static int rw_error(const int r, bool *const close) +{ + if (r < 0) + { + switch (errno) + { + case ECONNRESET: + *close = true; + return 1; + + case EAGAIN: + return 0; + + default: + break; + } + + fprintf(stderr, "%s: %s\n", __func__, strerror(errno)); + return -1; + } + else if (!r) + { + *close = true; + return 0; + } + + fprintf(stderr, "%s: unexpected value %d\n", __func__, r); + return -1; +} + +static int write_start_line(struct http_ctx *const h, bool *const close) +{ + struct write_ctx *const w = &h->wctx; + struct dynstr *const d = &w->d; + const size_t rem = d->len - w->n; + const int res = h->cfg.write(d->str + w->n, rem, + h->cfg.user); + + if (res <= 0) + return rw_error(res, close); + else if ((w->n += res) >= d->len) + { + char len[sizeof "18446744073709551615"]; + const int res = snprintf(len, sizeof len, "%llu", w->r.n); + + dynstr_free(d); + + if (res < 0 || res >= sizeof len) + { + fprintf(stderr, "%s: snprintf(3) failed\n", __func__); + return -1; + } + else if (http_response_add_header(&w->r, "Content-Length", len)) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + else if (prepare_headers(h)) + { + fprintf(stderr, "%s: prepare_headers failed\n", __func__); + return -1; + } + + w->state = HEADER_CR_LINE; + w->n = 0; + } + + return 0; +} + +static int write_ctx_free(struct write_ctx *const w) +{ + int ret = 0; + const struct http_response *const r = &w->r; + + if (r->free) + r->free(r->buf.rw); + + if (r->f && (ret = fclose(r->f))) + fprintf(stderr, "%s: fclose(3): %s\n", __func__, strerror(errno)); + + dynstr_free(&w->d); + *w = (const struct write_ctx){0}; + return ret; +} + +static int write_header_cr_line(struct http_ctx *const h, bool *const close) +{ + struct write_ctx *const w = &h->wctx; + struct dynstr *const d = &w->d; + const size_t rem = d->len - w->n; + const int res = h->cfg.write(d->str + w->n, rem, h->cfg.user); + + if (res <= 0) + return rw_error(res, close); + else if ((w->n += res) >= d->len) + { + dynstr_free(d); + + if (w->r.n) + { + w->state = BODY_LINE; + w->n = 0; + } + else if (write_ctx_free(w)) + { + fprintf(stderr, "%s: write_ctx_free failed\n", __func__); + return -1; + } + } + + return 0; +} + +static int write_body_mem(struct http_ctx *const h, bool *const close) +{ + struct write_ctx *const w = &h->wctx; + const struct http_response *const r = &w->r; + const size_t rem = r->n - w->n; + const int res = h->cfg.write((const char *)r->buf.ro + w->n, rem, + h->cfg.user); + + if (res <= 0) + return rw_error(res, close); + else if ((w->n += res) >= r->n) + { + if (h->version == HTTP_1_0) + *close = true; + + return write_ctx_free(w); + } + + return 0; +} + +static int write_body_file(struct http_ctx *const h, bool *const close) +{ + struct write_ctx *const w = &h->wctx; + const struct http_response *const r = &w->r; + const unsigned long long left = r->n - w->n; + char buf[1024]; + const size_t rem = left > sizeof buf ? sizeof buf : left; + + if (!fread(buf, 1, rem, r->f)) + { + fprintf(stderr, "%s: fread(3) failed, ferror=%d, feof=%d\n", + __func__, ferror(r->f), feof(r->f)); + return -1; + } + + const int res = h->cfg.write(buf, rem, h->cfg.user); + + if (res <= 0) + return rw_error(res, close); + else if ((w->n += res) >= r->n) + { + if (h->version == HTTP_1_0) + *close = true; + + return write_ctx_free(w); + } + + return 0; +} + +static int write_body_line(struct http_ctx *const h, bool *const close) +{ + const struct http_response *const r = &h->wctx.r; + + if (r->buf.ro) + return write_body_mem(h, close); + else if (r->f) + return write_body_file(h, close); + + fprintf(stderr, "%s: expected either buffer or file path\n", __func__); + return -1; +} + +static int http_write(struct http_ctx *const h, bool *const close) +{ + static int (*const fn[])(struct http_ctx *, bool *) = + { + [START_LINE] = write_start_line, + [HEADER_CR_LINE] = write_header_cr_line, + [BODY_LINE] = write_body_line, + }; + + struct write_ctx *const w = &h->wctx; + + const int ret = fn[w->state](h, close); + + if (ret) + write_ctx_free(w); + + return ret; +} + +int http_response_add_header(struct http_response *const r, + const char *const header, const char *const value) +{ + if (!(r->headers = realloc(r->headers, + sizeof (r->n_headers + 1) *sizeof *r->headers))) + { + fprintf(stderr, "%s: realloc(3): %s\n", __func__, strerror(errno)); + return -1; + } + + struct http_header *const h = &r->headers[r->n_headers++]; + + *h = (const struct http_header) + { + .header = strdup(header), + .value = strdup(value) + }; + + if (!h->header || !h->value) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + free(h->header); + free(h->value); + free(h); + return -1; + } + + return 0; +} + +static int start_response(struct http_ctx *const h) +{ + static const struct code + { + const char *descr; + int code; + } codes[] = + { +#define X(x, y, z) [HTTP_STATUS_##x] = {.descr = y, .code = z}, + HTTP_STATUSES +#undef X + }; + + struct write_ctx *const w = &h->wctx; + const struct code *const c = &codes[w->r.status]; + + w->pending = true; + dynstr_init(&w->d); + dynstr_append_or_ret_nonzero(&w->d, "%s %d %s\r\n", + versions[h->version], c->code, c->descr); + return 0; +} + +static int set_cookie(struct http_ctx *const h, const char *const cookie) +{ + struct ctx *const c = &h->ctx; + const char *const value = strchr(cookie, '='); + + if (!value) + { + fprintf(stderr, "%s: expected field=value for cookie %s\n", + __func__, cookie); + goto failure; + } + else if (!*(value + 1)) + { + fprintf(stderr, "%s: expected non-empty value for cookie %s\n", + __func__, cookie); + goto failure; + } + else if (!(c->field = strndup(cookie, value - cookie))) + { + fprintf(stderr, "%s: malloc(3) field: %s\n", __func__, strerror(errno)); + goto failure; + } + else if (!(c->value = strdup(value + 1))) + { + fprintf(stderr, "%s: malloc(3) value: %s\n", __func__, strerror(errno)); + goto failure; + } + + return 0; + +failure: + free(c->field); + free(c->value); + return -1; +} + +static int set_length(struct http_ctx *const h, const char *const len) +{ + h->ctx.post.len = strtoull(len, NULL, 10); + return 0; +} + +static int set_content_type(struct http_ctx *const h, const char *const type) +{ + const char *const sep = strchr(type, ';'); + + if (!sep) + /* No multipart/form-data expected. */ + return 0; + + const size_t n = sep - type; + + if (strncmp(type, "multipart/form-data", n)) + { + fprintf(stderr, "%s: unsupported Content-Type %.*s\n", + __func__, (int)n, type); + return 1; + } + + const char *boundary = sep + 1; + + while (*boundary == ' ') + boundary++; + + if (!*boundary) + { + fprintf(stderr, "%s: expected boundary\n", __func__); + return 1; + } + + const char *const eq = strchr(boundary, '='); + + if (!eq) + { + fprintf(stderr, "%s: expected = after boundary\n", __func__); + return 1; + } + + const size_t bn = eq - boundary; + + if (strncmp(boundary, "boundary", bn)) + { + fprintf(stderr, "%s: expected boundary, got %.*s\n", + __func__, (int)bn, boundary); + return 1; + } + + const char *val = eq + 1; + + while (*val == ' ') + val++; + + if (!*val) + { + fprintf(stderr, "%s: expected value after boundary\n", __func__); + return 1; + } + + struct ctx *const c = &h->ctx; + struct dynstr b; + + dynstr_init(&b); + + if (dynstr_append(&b, "\r\n--%s", val)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + return -1; + } + + c->boundary = b.str; + c->u.mf = (const struct multiform){.fd = -1}; + return 0; +} + +static int payload_get(struct http_ctx *const h, const char *const line) +{ + struct ctx *const c = &h->ctx; + const struct http_payload p = + { + .cookie = + { + .field = c->field, + .value = c->value + }, + + .op = c->op, + .resource = c->resource + }; + + const int ret = h->cfg.payload(&p, &h->wctx.r, h->cfg.user); + + ctx_free(c); + + if (ret) + return ret; + + return start_response(h); +} + +static int payload_post(struct http_ctx *const h, const char *const line) +{ + struct ctx *const c = &h->ctx; + const struct http_payload pl = + { + .cookie = + { + .field = c->field, + .value = c->value + }, + + .op = c->op, + .resource = c->resource + }; + + const int ret = h->cfg.payload(&pl, &h->wctx.r, h->cfg.user); + + ctx_free(c); + + if (ret) + return ret; + + return start_response(h); +} + +static int get_field_value(const char *const line, size_t *const n, + const char **const value) +{ + const char *const field = strchr(line, ':'); + + if (!field || line == field) + { + fprintf(stderr, "%s: expected field:value\n", __func__); + return 1; + } + + *n = field - line; + *value = field + 1; + + if (!**value) + { + fprintf(stderr, "%s: expected value\n", __func__); + return 1; + } + + while (**value == ' ') + (*value)++; + + return 0; +} + +static int expect(struct http_ctx *const h, const char *const value) +{ + if (!strcmp(value, "100-continue")) + { + struct ctx *const c = &h->ctx; + const struct http_payload p = + { + .u.post.expect_continue = true, + .cookie = + { + .field = c->field, + .value = c->value + }, + + .op = c->op, + .resource = c->resource + }; + + const int ret = h->cfg.payload(&p, &h->wctx.r, h->cfg.user); + + if (ret) + return ret; + + return start_response(h); + } + + return 0; +} + +static int process_header(struct http_ctx *const h, const char *const line, + const size_t n, const char *const value) +{ + static const struct header + { + const char *header; + int (*f)(struct http_ctx *, const char *); + } headers[] = + { + { + .header = "Cookie", + .f = set_cookie + }, + + { + .header = "Content-Length", + .f = set_length + }, + + { + .header = "Expect", + .f = expect + }, + + { + .header = "Content-Type", + .f = set_content_type + } + }; + + for (size_t i = 0; i < sizeof headers / sizeof *headers; i++) + { + const struct header *const hdr = &headers[i]; + int ret; + + if (!strncmp(line, hdr->header, n) && (ret = hdr->f(h, value))) + return ret; + } + + return 0; +} + +static int header_cr_line(struct http_ctx *const h) +{ + const char *const line = (const char *)h->line; + struct ctx *const c = &h->ctx; + + if (!*line) + { + switch (c->op) + { + case HTTP_OP_GET: + return payload_get(h, line); + + case HTTP_OP_POST: + if (!c->post.len) + return payload_post(h, line); + + c->state = BODY_LINE; + return 0; + } + } + + const char *value; + size_t n; + const int ret = get_field_value(line, &n, &value); + + if (ret) + return ret; + + return process_header(h, line, n, value); +} + +static int send_payload(struct http_ctx *const h, + const struct http_payload *const p) +{ + struct ctx *const c = &h->ctx; + const int ret = h->cfg.payload(p, &h->wctx.r, h->cfg.user); + + ctx_free(c); + + if (ret) + return ret; + + return start_response(h); +} + +static int update_lstate(struct http_ctx *const h, bool *const close, + int (*const f)(struct http_ctx *), const char b) +{ + int ret = 1; + struct ctx *const c = &h->ctx; + + switch (c->lstate) + { + case LINE_CR: + if (b == '\r') + c->lstate = LINE_LF; + else if (c->len < sizeof h->line - 2) + h->line[c->len++] = b; + else + { + fprintf(stderr, "%s: line too long\n", __func__); + goto failure; + } + + break; + + case LINE_LF: + if (b == '\n') + { + h->line[c->len] = '\0'; + + if ((ret = f(h))) + goto failure; + + c->len = 0; + } + else if (c->len < sizeof h->line - 3) + { + h->line[c->len++] = '\r'; + h->line[c->len++] = b; + } + else + { + fprintf(stderr, "%s: line too long\n", __func__); + goto failure; + } + + c->lstate = LINE_CR; + break; + } + + return 0; + +failure: + ctx_free(c); + return ret; +} + +static int start_boundary_line(struct http_ctx *const h) +{ + struct ctx *const c = &h->ctx; + struct multiform *const m = &c->u.mf; + const char *const line = h->line; + + if (strcmp(line, c->boundary + strlen("\r\n"))) + { + fprintf(stderr, "%s: expected boundary %s, got %s\n", + __func__, c->boundary, line); + return 1; + } + + m->state = MF_HEADER_CR_LINE; + m->len = strlen(line) + strlen("\r\n"); + return 0; +} + +static int cd_fields(struct http_ctx *const h, struct form *const f, + const char *sep) +{ + do + { + while (*++sep == ' ') + ; + + if (!*sep) + break; + + const char *const op = strchr(sep, '='); + + if (!op) + { + fprintf(stderr, "%s: expected attr=value\n", __func__); + return 1; + } + + const char *const value = op + 1, *const end = strchr(value, ';'); + const size_t vlen = end ? end - value : strlen(value); + + if (*value != '\"' || value[vlen - 1] != '\"') + { + fprintf(stderr, "%s: expected \"-enclosed value, got %.*s\n", + __func__, (int)vlen, value); + return 1; + } + + const char *const evalue = value + 1; + const size_t evlen = vlen - 2; + + if (!strncmp(sep, "name", op - sep)) + { + if (!evlen) + { + fprintf(stderr, "%s: expected non-empty name\n", __func__); + return 1; + } + else if (!(f->name = strndup(evalue, evlen))) + { + fprintf(stderr, "%s: strndup(3): %s\n", + __func__, strerror(errno)); + return -1; + } + } + else if (!strncmp(sep, "filename", op - sep)) + { + if (!evlen) + { + fprintf(stderr, "%s: expected non-empty filename\n", __func__); + return 1; + } + else if (!(f->filename = strndup(evalue, evlen))) + { + fprintf(stderr, "%s: strndup(3): %s\n", __func__, strerror(errno)); + return -1; + } + } + } while ((sep = strchr(sep, ';'))); + + if (!f->name) + { + fprintf(stderr, "%s: expected name\n", __func__); + return 1; + } + + return 0; +} + +static int set_content_disposition(struct http_ctx *const h, + const char *const c) +{ + const char *const sep = strchr(c, ';'); + struct multiform *const m = &h->ctx.u.mf; + + if (!sep) + { + fprintf(stderr, "%s: no fields found\n", __func__); + return 1; + } + else if (strncmp(c, "form-data", sep - c)) + { + fprintf(stderr, "%s: expected form-data, got %.*s\n", + __func__, (int)(sep - c), c); + return 1; + } + else if (!(m->forms = realloc(m->forms, + (m->nforms + 1) * sizeof *m->forms))) + { + fprintf(stderr, "%s: realloc(3): %s\n", __func__, strerror(errno)); + return -1; + } + + struct form *const f = &m->forms[m->nforms++]; + + *f = (const struct form){0}; + return cd_fields(h, f, sep); +} + +static int mf_header_cr_line(struct http_ctx *const h) +{ + struct ctx *const c = &h->ctx; + struct multiform *const m = &c->u.mf; + const char *const line = h->line; + + m->len += strlen(line) + strlen("\r\n"); + + if (!*line) + { + const size_t n = strlen("\r\n") + strlen(c->boundary) + 1; + + if (!m->boundary && !(m->boundary = calloc(1, n))) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + return -1; + } + + m->state = MF_BODY_BOUNDARY_LINE; + return 0; + } + + const char *value; + size_t n; + int ret = get_field_value(line, &n, &value); + + if (ret) + return ret; + else if (!strncmp(line, "Content-Disposition", n) + && (ret = set_content_disposition(h, value))) + return ret; + + return 0; +} + +static int end_boundary_line(struct http_ctx *const h) +{ + const char *const line = h->line; + + if (!*line) + { + h->ctx.u.mf.state = MF_HEADER_CR_LINE; + return 0; + } + else if (!strcmp(line, "--")) + { + /* Found end boundary. */ + struct ctx *const c = &h->ctx; + struct multiform *const m = &c->u.mf; + + const struct http_payload p = + { + .cookie = + { + .field = c->field, + .value = c->value + }, + + .op = c->op, + .resource = c->resource, + .u.post = + { + .dir = m->dir, + .files = m->files, + .n = m->nfiles + } + }; + + return send_payload(h, &p); + } + + fprintf(stderr, "%s: unexpected line after boundary: %s\n", + __func__, line); + return 1; +} + +static int process_mf_line(struct http_ctx *const h) +{ + static int (*const state[])(struct http_ctx *) = + { + [MF_START_BOUNDARY] = start_boundary_line, + [MF_HEADER_CR_LINE] = mf_header_cr_line, + [MF_END_BOUNDARY_CR_LINE] = end_boundary_line + }; + + h->ctx.post.read += strlen(h->line) + strlen("\r\n"); + return state[h->ctx.u.mf.state](h); +} + +static char *get_tmp(const char *const tmpdir) +{ + struct dynstr d; + + dynstr_init(&d); + + if (dynstr_append(&d, "%s/tmp.XXXXXX", tmpdir)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + return NULL; + } + + return d.str; +} + +static int generate_mf_file(struct http_ctx *const h) +{ + struct multiform *const m = &h->ctx.u.mf; + struct form *const f = &m->forms[m->nforms - 1]; + + if (!(f->tmpname = get_tmp(h->cfg.tmpdir))) + { + fprintf(stderr, "%s: get_tmp failed\n", __func__); + return -1; + } + else if ((m->fd = mkstemp(f->tmpname)) < 0) + { + fprintf(stderr, "%s: mkstemp(3): %s\n", __func__, strerror(errno)); + return -1; + } + + return 0; +} + +static int read_mf_body_to_mem(struct http_ctx *const h, const void *const buf, + const size_t n) +{ + struct ctx *const c = &h->ctx; + struct multiform *const m = &c->u.mf; + + if (m->written + n > sizeof h->line) + { + fprintf(stderr, "%s: maximum length exceeded\n", __func__); + return 1; + } + + memcpy(&h->line[m->written], buf, n); + m->written += n; + m->len += n; + c->post.read += n; + return 0; +} + +static int read_mf_body_to_file(struct http_ctx *const h, const void *const buf, + const size_t n) +{ + struct ctx *const c = &h->ctx; + struct multiform *const m = &c->u.mf; + ssize_t res; + + if (m->fd < 0 && generate_mf_file(h)) + { + fprintf(stderr, "%s: generate_mf_file failed\n", __func__); + return -1; + } + else if ((res = pwrite(m->fd, buf, n, m->written)) < 0) + { + fprintf(stderr, "%s: pwrite(2): %s\n", __func__, strerror(errno)); + return -1; + } + + m->written += res; + m->len += res; + c->post.read += res; + return 0; +} + +static int reset_boundary(struct http_ctx *const h, const void *const buf, + const size_t n) +{ + struct multiform *const m = &h->ctx.u.mf; + struct form *const f = &m->forms[m->nforms - 1]; + const size_t len = strlen(m->boundary); + int (*const read_mf)(struct http_ctx *, const void *, size_t) = + f->filename ? read_mf_body_to_file : read_mf_body_to_mem; + const int res = read_mf(h, m->boundary, len); + + if (res) + return res; + + memset(m->boundary, '\0', len); + m->blen = 0; + return read_mf(h, buf, n); +} + +static int apply_from_file(struct http_ctx *const h, struct form *const f) +{ + struct multiform *const m = &h->ctx.u.mf; + + if (close(m->fd)) + { + fprintf(stderr, "%s: close(2): %s\n", __func__, strerror(errno)); + return -1; + } + + m->fd = -1; + + if (!(m->files = realloc(m->files, (m->nfiles + 1) * sizeof *m->files))) + { + fprintf(stderr, "%s: realloc(3): %s\n", __func__, strerror(errno)); + return -1; + } + + struct http_post_file *const pf = &m->files[m->nfiles++]; + + *pf = (const struct http_post_file) + { + .tmpname = f->tmpname, + .filename = f->filename + }; + + return 0; +} + +static int apply_from_mem(struct http_ctx *const h, struct form *const f) +{ + struct multiform *const m = &h->ctx.u.mf; + + if (!(f->value = strndup(h->line, m->written))) + { + fprintf(stderr, "%s: strndup(3): %s\n", __func__, strerror(errno)); + return -1; + } + else if (!strcmp(f->name, "dir")) + { + if (m->dir) + { + fprintf(stderr, "%s: \"dir\" defined more than once\n", __func__); + return 1; + } + + m->dir = f->value; + } + + return 0; +} + +static int read_mf_body_boundary_byte(struct http_ctx *const h, const char b, + const size_t len) +{ + struct ctx *const c = &h->ctx; + struct multiform *const m = &c->u.mf; + + if (b == c->boundary[m->blen]) + { + m->boundary[len] = b; + + if (++m->blen >= strlen(c->boundary)) + { + /* Found intermediate boundary. */ + struct form *const f = &m->forms[m->nforms - 1]; + const int ret = f->filename ? apply_from_file(h, f) + : apply_from_mem(h, f); + + memset(m->boundary, '\0', len + 1); + m->blen = 0; + m->state = MF_END_BOUNDARY_CR_LINE; + m->written = 0; + return ret; + } + } + + return 0; +} + +/* Similar to memmem(3), provided here to avoid the use of GNU extensions. */ +static const char *http_memmem(const char *const a, const void *const b, + const size_t n) +{ + const size_t len = strlen(a); + + if (len > n) + return NULL; + + const char *s = a, *st = NULL; + + for (size_t i = 0; i < n; i++) + { + const char *bc = b; + const char c = bc[i]; + + if (*s == c) + { + if (!st) + st = &bc[i]; + + if (!*++s) + return st; + } + else if (*(s = a) != c) + st = NULL; + else + { + st = &bc[i]; + + if (!*++s) + return st; + } + } + + return NULL; +} + +static int read_mf_body_boundary(struct http_ctx *const h, + const char **const buf, size_t *const n) +{ + struct ctx *const c = &h->ctx; + struct multiform *const m = &c->u.mf; + const char *const boundary = http_memmem(&c->boundary[m->blen], *buf, *n); + int res; + + if (!boundary) + { + if ((res = reset_boundary(h, *buf, *n))) + return res; + + *n = 0; + return 0; + } + + const size_t prev = boundary - *buf; + + if ((res = reset_boundary(h, *buf, prev))) + return res; + + *buf += prev; + *n -= prev; + + const size_t len = strlen(m->boundary), + rem = strlen(c->boundary) - len, + r = rem > *n ? *n : rem; + + for (size_t i = 0; i < r; i++) + { + const char *const b = *buf; + + if ((res = read_mf_body_boundary_byte(h, b[i], len))) + return res; + } + + *buf += r; + *n -= r; + return 0; +} + +static int read_multiform_n(struct http_ctx *const h, bool *const close, + const char *buf, size_t n) +{ + struct multiform *const m = &h->ctx.u.mf; + + while (n) + { + int res; + + switch (m->state) + { + case MF_START_BOUNDARY: + /* Fall through. */ + case MF_HEADER_CR_LINE: + /* Fall through. */ + case MF_END_BOUNDARY_CR_LINE: + { + if ((res = update_lstate(h, close, process_mf_line, *buf))) + return res; + + buf++; + n--; + } + + break; + + case MF_BODY_BOUNDARY_LINE: + if ((res = read_mf_body_boundary(h, &buf, &n))) + return res; + } + } + + return 0; +} + +static int read_multiform(struct http_ctx *const h, bool *const close) +{ + /* Note: the larger the buffer below, the less CPU load. */ + char buf[sizeof h->line]; + struct post *const p = &h->ctx.post; + const unsigned long long left = p->len - p->read; + const size_t rem = left > sizeof buf ? sizeof buf : left; + const int r = h->cfg.read(buf, rem, h->cfg.user); + + if (r <= 0) + return rw_error(r, close); + + return read_multiform_n(h, close, buf, r); +} + +static int read_body_to_mem(struct http_ctx *const h, bool *const close) +{ + char b; + const int r = h->cfg.read(&b, sizeof b, h->cfg.user); + + if (r <= 0) + return rw_error(r, close); + + struct ctx *const c = &h->ctx; + struct post *const p = &c->post; + + if (p->read >= sizeof h->line) + { + fprintf(stderr, "%s: exceeded maximum length\n", __func__); + return 1; + } + + h->line[p->read++] = b; + + if (p->read >= p->len) + { + const struct http_payload pl = + { + .cookie = + { + .field = c->field, + .value = c->value + }, + + .op = c->op, + .resource = c->resource, + .u.post = + { + .data = h->line, + .n = p->len + } + }; + + return send_payload(h, &pl); + } + + return 0; +} + +static int read_body(struct http_ctx *const h, bool *const close) +{ + return h->ctx.boundary ? read_multiform(h, close) + : read_body_to_mem(h, close); +} + +static int process_line(struct http_ctx *const h) +{ + static int (*const state[])(struct http_ctx *) = + { + [START_LINE] = start_line, + [HEADER_CR_LINE] = header_cr_line + }; + + return state[h->ctx.state](h); +} + +static int http_read(struct http_ctx *const h, bool *const close) +{ + switch (h->ctx.state) + { + case START_LINE: + /* Fall through. */ + case HEADER_CR_LINE: + { + char b; + const int r = h->cfg.read(&b, sizeof b, h->cfg.user); + + if (r <= 0) + return rw_error(r, close); + + return update_lstate(h, close, process_line, b); + } + + case BODY_LINE: + return read_body(h, close); + } + + fprintf(stderr, "%s: unexpected state %d\n", __func__, h->ctx.state); + return -1; +} + +char *http_cookie_create(const char *const key, const char *const value) +{ + struct dynstr d; + + dynstr_init(&d); + dynstr_append_or_ret_null(&d, "%s=%s; HttpOnly", key, value); + return d.str; +} + +int http_update(struct http_ctx *const h, bool *const write, bool *const close) +{ + *close = false; + + struct write_ctx *const w = &h->wctx; + const int ret = w->pending ? http_write(h, close) : http_read(h, close); + + *write = w->pending; + return ret; +} + +void http_free(struct http_ctx *const h) +{ + if (h) + { + ctx_free(&h->ctx); + write_ctx_free(&h->wctx); + } + + free(h); +} + +struct http_ctx *http_alloc(const struct http_cfg *const cfg) +{ + struct http_ctx *const h = malloc(sizeof *h); + + if (!h) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + goto failure; + } + + *h = (const struct http_ctx) + { + .cfg = *cfg + }; + + return h; + +failure: + http_free(h); + return NULL; +} + +char *http_encode_url(const char *url) +{ + struct dynstr d; + char c; + + dynstr_init(&d); + + while ((c = *url++)) + { + /* Unreserved characters must not be percent-encoded. */ + if ((c >= 'A' && c <= 'Z') + || (c >= 'a' && c <= 'z') + || (c == '-') + || (c == '_') + || (c == '.') + || (c == '/') + || (c == '~')) + { + if (dynstr_append(&d, "%c", c)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto failure; + } + } + else if (dynstr_append(&d, "%%%hhx", c)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto failure; + } + } + + return d.str; + +failure: + dynstr_free(&d); + return NULL; +} + +char *http_decode_url(const char *url) +{ + char *ret = NULL; + size_t n = 0; + + while (*url) + { + if (!(ret = realloc(ret, n + 1))) + { + fprintf(stderr, "%s: realloc(3) loop: %s\n", + __func__, strerror(errno)); + goto failure; + } + else if (*url != '%') + ret[n++] = *url++; + else if (*(url + 1) && *(url + 2)) + { + const char buf[sizeof "00"] = {*(url + 1), *(url + 2)}; + + ret[n++] = strtoul(buf, NULL, 16); + url += 3; + } + else + { + fprintf(stderr, "%s: unterminated %%\n", __func__); + goto failure; + } + } + + if (!(ret = realloc(ret, n + 1))) + { + fprintf(stderr, "%s: realloc(3) end: %s\n", __func__, strerror(errno)); + goto failure; + } + + ret[n] = '\0'; + return ret; + +failure: + free(ret); + return NULL; +} @@ -0,0 +1,96 @@ +#ifndef HTTP_H +#define HTTP_H + +#include <stdbool.h> +#include <stddef.h> +#include <stdio.h> + +struct http_payload +{ + enum http_op + { + HTTP_OP_GET, + HTTP_OP_POST + } op; + + const char *resource; + + struct http_cookie + { + const char *field, *value; + } cookie; + + union + { + struct http_post + { + bool expect_continue; + const void *data; + size_t n; + const char *dir; + + const struct http_post_file + { + const char *tmpname, *filename; + } *files; + } post; + } u; +}; + +#define HTTP_STATUSES \ + X(CONTINUE, "Continue", 100) \ + X(OK, "OK", 200) \ + X(SEE_OTHER, "See other", 303) \ + X(BAD_REQUEST, "Bad Request", 400) \ + X(UNAUTHORIZED, "Unauthorized", 401) \ + X(FORBIDDEN, "Forbidden", 403) \ + X(NOT_FOUND, "Not found", 404) \ + X(INTERNAL_ERROR, "Internal Server Error", 500) + +struct http_response +{ + enum http_status + { +#define X(x, y, z) HTTP_STATUS_##x, + HTTP_STATUSES +#undef X + } status; + + struct http_header + { + char *header, *value; + } *headers; + + union + { + const void *ro; + void *rw; + } buf; + + FILE *f; + unsigned long long n; + size_t n_headers; + void (*free)(void *); +}; + +struct http_cfg +{ + int (*read)(void *buf , size_t n, void *user); + int (*write)(const void *buf, size_t n, void *user); + int (*payload)(const struct http_payload *p, struct http_response *r, + void *user); + const char *tmpdir; + void *user; +}; + +struct http_ctx *http_alloc(const struct http_cfg *cfg); +void http_free(struct http_ctx *h); +/* Positive return value: user input error, negative: fatal error. */ +int http_update(struct http_ctx *h, bool *write, bool *close); +int http_response_add_header(struct http_response *r, const char *header, + const char *value); +char *http_cookie_create(const char *key, const char *value); +char *http_encode_url(const char *url); +char *http_decode_url(const char *url); + +#endif /* HTTP_H */ @@ -0,0 +1,147 @@ +#include "jwt.h" +#include "base64.h" +#include <dynstr.h> +#include <cjson/cJSON.h> +#include <openssl/evp.h> +#include <openssl/hmac.h> +#include <openssl/sha.h> +#include <errno.h> +#include <stddef.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +static const char jwt_header[] = "{\"alg\": \"HS256\", \"typ\": \"JWT\"}"; + +static char *get_payload(const char *const name) +{ + char *ret = NULL; + struct dynstr d; + + dynstr_init(&d); + + if (dynstr_append(&d, "{\"name\": \"%s\"}", name)) + { + fprintf(stderr, "%s: dynstr_append name failed\n", __func__); + goto end; + } + else if (!(ret = base64_encode(d.str, d.len))) + { + fprintf(stderr, "%s: base64 failed\n", __func__); + goto end; + } + +end: + dynstr_free(&d); + return ret; +} + +static char *get_hmac(const void *const buf, const size_t n, + const void *const key, const size_t keyn) +{ + unsigned char hmac[SHA256_DIGEST_LENGTH]; + const EVP_MD *const md = EVP_sha256(); + char *ret = NULL; + + if (!md) + { + fprintf(stderr, "%s: EVP_sha256 failed\n", __func__); + return NULL; + } + else if (!HMAC(md, key, keyn, buf, n, hmac, NULL)) + { + fprintf(stderr, "%s: HMAC failed\n", __func__); + return NULL; + } + else if (!(ret = base64_encode(hmac, sizeof hmac))) + { + fprintf(stderr, "%s: base64 failed\n", __func__); + return NULL; + } + + return ret; +} + +char *jwt_encode(const char *const name, const void *const key, const size_t n) +{ + char *ret = NULL; + char *const header = base64_encode(jwt_header, strlen(jwt_header)), + *const payload = get_payload(name), + *hmac = NULL; + struct dynstr jwt; + + dynstr_init(&jwt); + + if (!header) + { + fprintf(stderr, "%s: base64_encode header failed\n", __func__); + goto end; + } + else if (!payload) + { + fprintf(stderr, "%s: get_payload failed\n", __func__); + goto end; + } + else if (dynstr_append(&jwt, "%s.%s", header, payload)) + { + fprintf(stderr, "%s: dynstr_append header+payload failed", __func__); + goto end; + } + else if (!(hmac = get_hmac(jwt.str, jwt.len, key, n))) + { + fprintf(stderr, "%s: get_hmac failed\n", __func__); + goto end; + } + else if (dynstr_append(&jwt, ".%s", hmac)) + { + fprintf(stderr, "%s: dynstr_append hmac failed\n", __func__); + goto end; + } + + ret = jwt.str; + +end: + free(header); + free(payload); + free(hmac); + + if (!ret) + dynstr_free(&jwt); + + return ret; +} + +int jwt_check(const char *const jwt, const void *const key, const size_t n) +{ + const char *const p = strrchr(jwt, '.'); + const EVP_MD *const md = EVP_sha256(); + unsigned char hmac[SHA256_DIGEST_LENGTH]; + char *dhmac = NULL; + size_t hmaclen; + + if (!md) + { + fprintf(stderr, "%s: EVP_sha256 failed\n", __func__); + return -1; + } + else if (!p) + { + fprintf(stderr, "%s: expected '.'\n", __func__); + return 1; + } + else if (!HMAC(md, key, n, (const unsigned char *)jwt, p - jwt, hmac, NULL)) + { + fprintf(stderr, "%s: HMAC failed\n", __func__); + return -1; + } + else if (!(dhmac = base64_decode(p + 1, &hmaclen))) + { + fprintf(stderr, "%s: base64_decode failed\n", __func__); + return -1; + } + + const int r = memcmp(dhmac, hmac, hmaclen); + + free(dhmac); + return !!r; +} @@ -0,0 +1,9 @@ +#ifndef JWT_H +#define JWT_H + +#include <stddef.h> + +char *jwt_encode(const char *name, const void *key, size_t n); +int jwt_check(const char *jwt, const void *key, size_t n); + +#endif /* JWT_H */ @@ -0,0 +1,935 @@ +#include "auth.h" +#include "handler.h" +#include "http.h" +#include "page.h" +#include <dynstr.h> +#include <libgen.h> +#include <fcntl.h> +#include <sys/stat.h> +#include <unistd.h> +#include <errno.h> +#include <limits.h> +#include <stdbool.h> +#include <stddef.h> +#include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> + +struct form +{ + char *key, *value; +}; + +static int redirect(struct http_response *const r) +{ + *r = (const struct http_response) + { + .status = HTTP_STATUS_SEE_OTHER + }; + + if (http_response_add_header(r, "Location", "/user/")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + + return 0; +} + +static int serve_index(const struct http_payload *const p, + struct http_response *const r, void *const user) +{ + struct auth *const a = user; + + if (auth_cookie(a, &p->cookie)) + return page_login(r); + + return redirect(r); +} + +static int serve_style(const struct http_payload *const p, + struct http_response *const r, void *const user) +{ + return page_style(r); +} + +static char *alloc_form_data(const char *const s, const char **const end) +{ + const char *const next = strchr(s, '&'); + const size_t len = next ? next - s : strlen(s); + char *const data = malloc(len + 1); + + if (!data) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + return NULL; + } + + memcpy(data, s, len); + data[len] = '\0'; + *end = s + len; + + if (next) + *end += 1; + + return data; +} + +static struct form *append_form(struct form *forms, const char **const s, + size_t *const n) +{ + struct form *ret = NULL; + const char *end; + char *const data = alloc_form_data(*s, &end), *key = NULL, *value = NULL; + struct form *f = NULL; + + if (!data) + { + fprintf(stderr, "%s: alloc_form_data failed\n", __func__); + goto end; + } + else if (!(forms = realloc(forms, (*n + 1) * sizeof *forms))) + { + fprintf(stderr, "%s: realloc(3): %s\n", __func__, strerror(errno)); + goto end; + } + + const char *const sep = strchr(data, '='); + + if (!sep) + { + fprintf(stderr, "%s: strchr(3) returned NULL\n", __func__); + goto end; + } + else if (!data || !*(sep + 1)) + { + fprintf(stderr, "%s: expected key=value (%s)\n", __func__, data); + goto end; + } + + f = &forms[(*n)++]; + + const size_t keylen = sep - data; + + if (!(key = strndup(data, keylen))) + { + fprintf(stderr, "%s: strndup(3) key: %s\n", __func__, strerror(errno)); + goto end; + } + else if (!(value = strdup(sep + 1))) + { + fprintf(stderr, "%s: strdup(3) value: %s\n", __func__, strerror(errno)); + goto end; + } + + *f = (const struct form) + { + .key = http_decode_url(key), + .value = http_decode_url(value) + }; + + if (!f->key || !f->value) + { + fprintf(stderr, "%s: http_decode_url key/value failed\n", __func__); + goto end; + } + + *s = end; + ret = forms; + +end: + free(key); + free(value); + free(data); + + if (!ret) + { + if (f) + { + free(f->key); + free(f->value); + } + + return NULL; + } + + return ret; +} + +static struct form *get_forms(const struct http_payload *const pl, + size_t *const outn) +{ + const struct http_post *const p = &pl->u.post; + const char *const ref = p->data; + char *dup = NULL; + struct form *forms = NULL; + + if (!ref) + { + fprintf(stderr, "%s: expected non-NULL buffer\n", __func__); + goto failure; + } + else if (!(dup = strndup(ref, p->n))) + { + fprintf(stderr, "%s: strndup(3): %s\n", __func__, strerror(errno)); + goto failure; + } + + const char *s = dup; + + *outn = 0; + + while (*s) + if (!(forms = append_form(forms, &s, outn))) + { + fprintf(stderr, "%s: append_form failed\n", __func__); + goto failure; + } + + free(dup); + return forms; + +failure: + free(dup); + free(forms); + return NULL; +} + +static int check_credentials(struct auth *const a, + const struct form *const forms, const size_t n, char **const cookie) +{ + const char *username = NULL, *pwd = NULL; + + *cookie = NULL; + + for (size_t i = 0; i < n; i++) + { + const struct form *const f = &forms[i]; + + if (!strcmp(f->key, "username")) + username = f->value; + else if (!strcmp(f->key, "password")) + pwd = f->value; + } + + if (!username || !pwd) + { + fprintf(stderr, "%s: missing credentials\n", __func__); + return 1; + } + + const int ret = auth_login(a, username, pwd, cookie); + + if (ret < 0) + fprintf(stderr, "%s: auth_login failed\n", __func__); + + return ret; +} + +static int login(const struct http_payload *const pl, + struct http_response *const r, void *const user) +{ + int res = -1; + size_t n; + struct form *const forms = get_forms(pl, &n); + struct auth *const a = user; + char *cookie = NULL; + + if (!forms) + { + fprintf(stderr, "%s: get_forms failed\n", __func__); + goto end; + } + else if ((res = check_credentials(a, forms, n, &cookie))) + { + if (res < 0) + fprintf(stderr, "%s: check_credentials failed\n", __func__); + + goto end; + } + else if (redirect(r)) + { + fprintf(stderr, "%s: redirect failed\n", __func__); + goto end; + } + else if (cookie && http_response_add_header(r, "Set-Cookie", cookie)) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + goto end; + } + + res = 0; + +end: + if (forms) + for (size_t i = 0; i < n; i++) + { + free(forms[i].key); + free(forms[i].value); + } + + free(cookie); + free(forms); + + if (res) + { + if (page_failed_login(r)) + { + fprintf(stderr, "%s: page_failed_login failed\n", __func__); + return -1; + } + else if (http_response_add_header(r, "Location", "/")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + else if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + } + + return 0; +} + +static int logout(const struct http_payload *const p, + struct http_response *const r, void *const user) +{ + struct auth *const a = user; + const struct http_cookie *const c = &p->cookie; + const int res = auth_cookie(a, c); + + if (res < 0) + { + fprintf(stderr, "%s: auth_cookie failed\n", __func__); + return -1; + } + else if (res) + return page_forbidden(r); + + int ret = -1; + struct dynstr d; + static const char date[] = "Thu, 1 Jan 1970 00:00:00 GMT"; + + dynstr_init(&d); + + *r = (const struct http_response) + { + .status = HTTP_STATUS_SEE_OTHER + }; + + if (http_response_add_header(r, "Location", "/")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + goto end; + } + else if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + goto end; + } + /* Force expired cookie so they are removed by the browser, too. */ + else if (dynstr_append(&d, "%s=%s; Expires=%s", c->field, c->value, date)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto end; + } + else if (http_response_add_header(r, "Set-Cookie", d.str)) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + goto end; + } + + ret = 0; + +end: + dynstr_free(&d); + return ret; +} + +static int search(const struct http_payload *const p, + struct http_response *const r, void *const user) +{ + struct auth *const a = user; + + if (auth_cookie(a, &p->cookie)) + { + fprintf(stderr, "%s: auth_cookie failed\n", __func__); + return page_forbidden(r); + } + + fprintf(stderr, "%s: TODO\n", __func__); + return -1; +} + +static bool path_isrel(const char *const path) +{ + if (!strcmp(path, "..") || !strcmp(path, ".") || strstr(path, "/../")) + return true; + + static const char suffix[] = "/.."; + const size_t n = strlen(path), sn = strlen(suffix); + + if (n >= sn && !strcmp(path + n - sn, suffix)) + return true; + + return false; +} + +static char *cust_dirname(char *const d) +{ + /* + path dirname cust_dirname + /usr/lib /usr /usr/ + /usr/ / /usr/ + usr . . + / / / + . . . + .. . . + */ + + if (!strcmp(d, ".")) + return d; + + char *const s = strrchr(d, '/'); + + if (!s) + return "."; + + *(s + 1) = '\0'; + return d; +} + +static int getnode(const struct http_payload *const p, + struct http_response *const r, void *const user) +{ + struct auth *const a = user; + + if (auth_cookie(a, &p->cookie)) + { + fprintf(stderr, "%s: auth_cookie failed\n", __func__); + + *r = (const struct http_response) + { + .status = HTTP_STATUS_SEE_OTHER + }; + + if (http_response_add_header(r, "Location", "/")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + else if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + + return 0; + } + + const char *const username = p->cookie.field, + *const resource = p->resource + strlen("/user/"); + + if (path_isrel(resource)) + { + fprintf(stderr, "%s: illegal relative path %s\n", __func__, resource); + return page_forbidden(r); + } + + int ret = -1; + struct dynstr root, d; + char *const dird = strdup(p->resource), *dir = NULL; + const char *const adir = auth_dir(a); + + dynstr_init(&d); + dynstr_init(&root); + + if (!adir) + { + fprintf(stderr, "%s: auth_dir failed\n", __func__); + goto end; + } + else if (!dird) + { + fprintf(stderr, "%s: strdup(3) failed: %s\n", + __func__, strerror(errno)); + goto end; + } + else if (!(dir = cust_dirname(dird))) + { + fprintf(stderr, "%s: dirname(3) failed: %s\n", + __func__, strerror(errno)); + goto end; + } + else if (dynstr_append(&root, "%s/user/%s/", adir, username) + || dynstr_append(&d, "%s%s", root.str, resource)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto end; + } + + ret = page_resource(r, dir, root.str, d.str); + +end: + dynstr_free(&d); + dynstr_free(&root); + free(dird); + return ret; +} + +static int move_file(const char *const old, const char *const new) +{ + int ret = -1; + FILE *const f = fopen(old, "rb"); + const int fd = open(new, O_WRONLY | O_CREAT, 0600); + struct stat sb; + + if (!f) + { + fprintf(stderr, "%s: fopen(3): %s\n", __func__, strerror(errno)); + goto end; + } + else if (fd < 0) + { + fprintf(stderr, "%s: open(2): %s\n", __func__, strerror(errno)); + goto end; + } + else if (stat(old, &sb)) + { + fprintf(stderr, "%s: stat(2): %s\n", __func__, strerror(errno)); + goto end; + } + + for (off_t i = 0; i < sb.st_size;) + { + char buf[1024]; + const off_t left = sb.st_size - i; + const size_t rem = left > sizeof buf ? sizeof buf : left; + ssize_t w; + + if (!fread(buf, rem, 1, f)) + { + fprintf(stderr, "%s: fread(3) failed, feof=%d, ferror=%d\n", + __func__, feof(f), ferror(f)); + goto end; + } + else if ((w = write(fd, buf, rem)) < 0) + { + fprintf(stderr, "%s: write(2): %s\n", __func__, strerror(errno)); + goto end; + } + else if (w != rem) + { + fprintf(stderr, "%s: write(2): expected to write %zu bytes, " + "only %ju written\n", __func__, rem, (intmax_t)w); + goto end; + } + + i += rem; + } + + ret = 0; + +end: + if (fd >= 0 && close(fd)) + { + fprintf(stderr, "%s: close(2): %s\n", __func__, strerror(errno)); + ret = -1; + } + + if (f && fclose(f)) + { + fprintf(stderr, "%s: fclose(3): %s\n", __func__, strerror(errno)); + ret = -1; + } + else if (remove(old)) + { + fprintf(stderr, "%s: remove(3): %s\n", __func__, strerror(errno)); + ret = -1; + } + + return ret; +} + +static int rename_or_move(const char *const old, const char *const new) +{ + const int res = rename(old, new); + + if (res && errno == EXDEV) + return move_file(old, new); + else if (res) + fprintf(stderr, "%s: rename(3): %s\n", __func__, strerror(errno)); + + return res; +} + +static int upload_file(const struct http_post_file *const f, + const char *const user, const char *const root, const char *const dir) +{ + int ret = -1; + struct dynstr d; + + dynstr_init(&d); + + if (!root) + { + fprintf(stderr, "%s: auth_dir failed\n", __func__); + goto end; + } + else if (dynstr_append(&d, "%s/user/%s/%s%s", root, user, dir, f->filename)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto end; + } + else if (rename_or_move(f->tmpname, d.str)) + { + fprintf(stderr, "%s: rename_or_move failed\n", __func__); + goto end; + } + + ret = 0; + +end: + dynstr_free(&d); + return ret; +} + +static int redirect_to_dir(const char *const dir, + struct http_response *const r) +{ + int ret = -1; + struct dynstr d; + char *const encdir = http_encode_url(dir); + + dynstr_init(&d); + + *r = (const struct http_response) + { + .status = HTTP_STATUS_SEE_OTHER + }; + + if (!encdir) + { + fprintf(stderr, "%s: http_encode_url failed\n", __func__); + goto end; + } + else if (dynstr_append(&d, "/user%s", encdir)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto end; + } + else if (http_response_add_header(r, "Location", d.str)) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + goto end; + } + + ret = 0; + +end: + free(encdir); + dynstr_free(&d); + return ret; +} + +static int upload_files(const struct http_payload *const p, + struct http_response *const r, const struct auth *const a) +{ + const struct http_post *const po = &p->u.post; + const char *const root = auth_dir(a), *const user = p->cookie.field, + *const dir = po->dir; + + if (!po->files) + { + fprintf(stderr, "%s: expected file list\n", __func__); + return 1; + } + else if (!root) + { + fprintf(stderr, "%s: auth_dir failed\n", __func__); + return -1; + } + else if (!dir) + { + static const char body[] = "<html>No target directory set</html>"; + + *r = (const struct http_response) + { + .status = HTTP_STATUS_BAD_REQUEST, + .buf.ro = body, + .n = strlen(body) + }; + + if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + + return 0; + } + + for (size_t i = 0; i < po->n; i++) + { + if (upload_file(&po->files[i], user, root, po->dir)) + { + fprintf(stderr, "%s: upload_file failed\n", __func__); + return -1; + } + } + + return redirect_to_dir(dir, r); +} + +static int upload(const struct http_payload *const p, + struct http_response *const r, void *const user) +{ + const struct auth *const a = user; + + if (auth_cookie(a, &p->cookie)) + { + fprintf(stderr, "%s: auth_cookie failed\n", __func__); + return page_forbidden(r); + } + else if (p->u.post.expect_continue) + { + *r = (const struct http_response) + { + .status = HTTP_STATUS_CONTINUE + }; + + return 0; + } + + return upload_files(p, r, a); +} + +static int createdir(const struct http_payload *const p, + struct http_response *const r, void *const user) +{ + struct auth *const a = user; + + if (auth_cookie(a, &p->cookie)) + { + fprintf(stderr, "%s: auth_cookie failed\n", __func__); + return page_forbidden(r); + } + + size_t n; + struct form *const forms = get_forms(p, &n); + + if (!forms) + { + fprintf(stderr, "%s: get_forms failed\n", __func__); + return page_bad_request(r); + } + else if (n != 2) + { + fprintf(stderr, "%s: expected 2 forms, got %zu\n", __func__, n); + return page_bad_request(r); + } + + char *name = NULL; + const char *dir = NULL; + + for (size_t i = 0; i < n; i++) + { + const struct form *const f = &forms[i]; + + if (!strcmp(f->key, "name")) + name = f->value; + else if (!strcmp(f->key, "dir")) + dir = f->value; + else + { + fprintf(stderr, "%s: unexpected key %s\n", __func__, f->key); + return page_bad_request(r); + } + } + + if (!name || !dir) + { + fprintf(stderr, "%s: missing name or directory\n", __func__); + return page_bad_request(r); + } + else if (path_isrel(name) || strpbrk(name, "/*")) + { + fprintf(stderr, "%s: invalid directory name %s\n", __func__, dir); + return page_bad_request(r); + } + else if (path_isrel(dir) || strchr(dir, '*')) + { + fprintf(stderr, "%s: invalid name %s\n", __func__, name); + return page_bad_request(r); + } + + /* HTML input forms use '+' for whitespace, rather than %20. */ + { + char *c = name; + + while ((c = strchr(c, '+'))) + *c = ' '; + } + + const char *const root = auth_dir(a); + + if (!root) + { + fprintf(stderr, "%s: auth_dir failed\n", __func__); + return -1; + } + + int ret = -1; + struct dynstr d, userd; + + dynstr_init(&d); + dynstr_init(&userd); + + if (dynstr_append(&d, "%s/user/%s/%s%s", root, p->cookie.field, dir, name)) + { + fprintf(stderr, "%s: dynstr_append d failed\n", __func__); + goto end; + } + else if (dynstr_append(&userd, "/user%s%s/", dir, name)) + { + fprintf(stderr, "%s: dynstr_append userd failed\n", __func__); + goto end; + } + else if (mkdir(d.str, 0700)) + { + fprintf(stderr, "%s: mkdir(2): %s\n", __func__, strerror(errno)); + + if (errno != EEXIST) + goto end; + else + { + static const char body[] = "<html>Directory already exists</html>"; + + *r = (const struct http_response) + { + .status = HTTP_STATUS_BAD_REQUEST, + .buf.ro = body, + .n = strlen(body) + }; + + if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + } + } + else + { + *r = (const struct http_response) + { + .status = HTTP_STATUS_SEE_OTHER + }; + + if (http_response_add_header(r, "Location", userd.str)) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + goto end; + } + else if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + } + + ret = 0; + +end: + dynstr_free(&userd); + dynstr_free(&d); + return ret; +} + +static void usage(char *const argv[]) +{ + fprintf(stderr, "%s [-t tmpdir] [-p port] dir\n", *argv); +} + +static int parse_args(const int argc, char *const argv[], + const char **const dir, unsigned short *const port, + const char **const tmpdir) +{ + const char *const envtmp = getenv("TMPDIR"); + int opt; + + /* Default values. */ + *port = 0; + *tmpdir = envtmp ? envtmp : "/tmp"; + + while ((opt = getopt(argc, argv, "t:p:")) != -1) + { + switch (opt) + { + case 't': + *tmpdir = optarg; + break; + + case 'p': + { + const unsigned long portul = strtoul(optarg, NULL, 10); + + if (portul > UINT16_MAX) + { + fprintf(stderr, "%s: invalid port %lu\n", __func__, portul); + return -1; + } + + *port = portul; + } + break; + + default: + usage(argv); + return -1; + } + } + + if (optind >= argc) + { + usage(argv); + return -1; + } + + *dir = argv[optind]; + return 0; +} + +int main(const int argc, char *const argv[]) +{ + int ret = EXIT_FAILURE; + struct handler *h = NULL; + struct auth *a = NULL; + const char *dir, *tmpdir; + unsigned short port; + + if (parse_args(argc, argv, &dir, &port, &tmpdir) + || !(a = auth_alloc(dir)) + || !(h = handler_alloc(tmpdir)) + || handler_add(h, "/", HTTP_OP_GET, serve_index, a) + || handler_add(h, "/index.html", HTTP_OP_GET, serve_index, a) + || handler_add(h, "/style.css", HTTP_OP_GET, serve_style, NULL) + || handler_add(h, "/user/*", HTTP_OP_GET, getnode, a) + || handler_add(h, "/login", HTTP_OP_POST, login, a) + || handler_add(h, "/logout", HTTP_OP_POST, logout, a) + || handler_add(h, "/search", HTTP_OP_POST, search, a) + || handler_add(h, "/upload", HTTP_OP_POST, upload, a) + || handler_add(h, "/mkdir", HTTP_OP_POST, createdir, a) + || handler_listen(h, port)) + goto end; + + ret = EXIT_SUCCESS; + +end: + auth_free(a); + handler_free(h); + return ret; +} @@ -0,0 +1,832 @@ +#include "page.h" +#include "http.h" +#include "html.h" +#include <dynstr.h> +#include <dirent.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <unistd.h> +#include <errno.h> +#include <stddef.h> +#include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <time.h> + +#define PROJECT_TITLE "<title>slcl, a suckless cloud</title>" +#define DOCTYPE_TAG "<!DOCTYPE html>\n" +#define PROJECT_NAME "slcl" +#define PROJECT_URL "https://gitea.privatedns.org/Xavi92/" PROJECT_NAME +#define LOGIN_HEAD \ + " <meta charset=\"UTF-8\">\n" \ + " <meta name=\"viewport\"\n" \ + " content=\"width=device-width, initial-scale=1,\n" \ + " maximum-scale=1\">\n" \ + PROJECT_TITLE "\n" +#define STYLE_A "<link href=\"/style.css\" rel=\"stylesheet\">" +#define LOGIN_BODY \ + "<header>\n" \ + " <a href=\"" PROJECT_URL "\">" PROJECT_NAME "</a>, a suckless cloud\n" \ + "</header>\n" \ + " <form action=\"/login\" method=\"post\">\n" \ + " <label for=\"username\">Username:</label>\n" \ + " <input type=\"text\" class=\"form-control\"\n" \ + " id=\"username\" name=\"username\" autofocus><br>\n" \ + " <label for=\"username\">Password:</label>\n" \ + " <input type=\"password\" class=\"form-control\" \n" \ + " id=\"password\" name=\"password\"><br>\n" \ + " <input type=\"submit\" value=\"Submit\">\n" \ + " </form>\n" + +static void free_response(void *const arg) +{ + free(arg); +} + +static int prepare_name(struct html_node *const n, struct stat *const sb, + const char *const dir, const char *const name) +{ + int ret = -1; + struct html_node *a; + struct dynstr d, dname; + const char *const sep = S_ISDIR(sb->st_mode) ? "/" : ""; + + dynstr_init(&d); + dynstr_init(&dname); + + if (dynstr_append(&d, "%s%s%s", dir, name, sep)) + { + fprintf(stderr, "%s: dynstr_append [1] failed\n", __func__); + goto end; + } + else if (!(a = html_node_add_child(n, "a"))) + { + fprintf(stderr, "%s: html_node_add_child failed\n", __func__); + goto end; + } + else if (html_node_add_attr(a, "href", d.str)) + { + fprintf(stderr, "%s: html_node_add_attr href failed\n", __func__); + goto end; + } + else if (dynstr_append(&dname, "%s%s", name, sep)) + { + fprintf(stderr, "%s: dynstr_append [2] failed\n", __func__); + goto end; + } + else if (html_node_set_value(a, dname.str)) + { + fprintf(stderr, "%s: html_node_set_value failed\n", __func__); + goto end; + } + + ret = 0; + +end: + dynstr_free(&d); + dynstr_free(&dname); + return ret; +} + +static int prepare_size(struct html_node *const n, const struct stat *const sb) +{ + if (!S_ISREG(sb->st_mode)) + return 0; + + float sz; + size_t suffix_i; + + for (sz = sb->st_size, suffix_i = 0; (off_t)sz / 1024; + suffix_i++, sz /= 1024.0f) + ; + + static const char *const suffixes[] = {"B", "KiB", "MiB", "GiB", "TiB"}; + + char buf[sizeof "18446744073709551615.0 XiB"]; + const int r = suffix_i ? + snprintf(buf, sizeof buf, "%.1f %s", sz, suffixes[suffix_i]) + : snprintf(buf, sizeof buf, "%ju %s", + (uintmax_t)sb->st_size, suffixes[suffix_i]); + + if (r >= sizeof buf || r < 0) + { + fprintf(stderr, "%s: snprintf(3) failed with %d\n", __func__, r); + return -1; + } + else if (html_node_set_value(n, buf)) + { + fprintf(stderr, "%s: html_node_set_value failed\n", __func__); + return -1; + } + + return 0; +} + +static int prepare_date(struct html_node *const n, const struct stat *const sb) +{ + struct tm tm; + + if (!localtime_r(&sb->st_mtime, &tm)) + { + fprintf(stderr, "%s: localtime_r(3): %s\n", __func__, strerror(errno)); + return -1; + } + + char date[sizeof "0000-00-00T00:00:00+0000"]; + + if (!strftime(date, sizeof date, "%Y-%m-%dT%H:%M:%S%z", &tm)) + { + fprintf(stderr, "%s: strftime(3) failed\n", __func__); + return -1; + } + else if (html_node_set_value(n, date)) + { + fprintf(stderr, "%s: html_node_set_value failed\n", __func__); + return -1; + } + + return 0; +} + +static int add_element(struct html_node *const n, const char *const dir, + const char *const res, const char *const name) +{ + int ret = -1; + enum {NAME, SIZE, DATE, COLUMNS}; + struct html_node *tr, *td[COLUMNS]; + struct dynstr path; + const char *const sep = res[strlen(res) - 1] != '/' ? "/" : ""; + + dynstr_init(&path); + + if (dynstr_append(&path, "%s%s%s", res, sep, name)) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto end; + } + else if (!(tr = html_node_add_child(n, "tr"))) + { + fprintf(stderr, "%s: html_node_add_child tr failed\n", __func__); + goto end; + } + + for (size_t i = 0; i < sizeof td / sizeof *td; i++) + if (!(td[i] = html_node_add_child(tr, "td"))) + { + fprintf(stderr, "%s: html_node_add_child td[%zu] failed\n", + __func__, i); + goto end; + } + + struct stat sb; + + if (stat(path.str, &sb)) + { + fprintf(stderr, "%s: stat(2) %s: %s\n", + __func__, path.str, strerror(errno)); + goto end; + } + else if (prepare_name(td[NAME], &sb, dir, name)) + { + fprintf(stderr, "%s: prepare_name failed\n", __func__); + goto end; + } + else if (prepare_size(td[SIZE], &sb)) + { + fprintf(stderr, "%s: prepare_size failed\n", __func__); + goto end; + } + else if (prepare_date(td[DATE], &sb)) + { + fprintf(stderr, "%s: prepare_date failed\n", __func__); + goto end; + } + + ret = 0; + +end: + dynstr_free(&path); + return ret; +} + +static int prepare_upload_form(struct html_node *const n, const char *const dir) +{ + struct html_node *div, *hidden, *form, *submit, *input; + + if (!(div = html_node_add_child(n, "div"))) + { + fprintf(stderr, "%s: html_node_add_child div failed\n", __func__); + return -1; + } + else if (!(form = html_node_add_child(div, "form"))) + { + fprintf(stderr, "%s: html_node_add_child form failed\n", __func__); + return -1; + } + else if (!(hidden = html_node_add_child(form, "input"))) + { + fprintf(stderr, "%s: html_node_add_child hidden failed\n", __func__); + return -1; + } + else if (!(input = html_node_add_child(form, "input"))) + { + fprintf(stderr, "%s: html_node_add_child input failed\n", __func__); + return -1; + } + else if (!(submit = html_node_add_child(form, "input"))) + { + fprintf(stderr, "%s: html_node_add_child submit failed\n", __func__); + return -1; + } + else if (html_node_add_attr(form, "method", "post")) + { + fprintf(stderr, "%s: html_node_add_attr method failed\n", __func__); + return -1; + } + else if (html_node_add_attr(form, "action", "/upload")) + { + fprintf(stderr, "%s: html_node_add_attr method failed\n", __func__); + return -1; + } + else if (html_node_add_attr(form, "enctype", "multipart/form-data")) + { + fprintf(stderr, "%s: html_node_add_attr enctype failed\n", __func__); + return -1; + } + else if (html_node_add_attr(hidden, "type", "hidden")) + { + fprintf(stderr, "%s: html_node_add_attr hidden failed\n", __func__); + return -1; + } + else if (html_node_add_attr(hidden, "name", "dir")) + { + fprintf(stderr, "%s: html_node_add_attr dir failed\n", __func__); + return -1; + } + else if (html_node_add_attr(hidden, "value", dir)) + { + fprintf(stderr, "%s: html_node_add_attr hidden value failed\n", + __func__); + return -1; + } + else if (html_node_add_attr(submit, "type", "submit")) + { + fprintf(stderr, "%s: html_node_add_attr submit failed\n", __func__); + return -1; + } + else if (html_node_add_attr(submit, "value", "Upload file")) + { + fprintf(stderr, "%s: html_node_add_attr value failed\n", __func__); + return -1; + } + else if (html_node_add_attr(input, "type", "file")) + { + fprintf(stderr, "%s: html_node_add_attr file failed\n", __func__); + return -1; + } + else if (html_node_add_attr(input, "name", "file")) + { + fprintf(stderr, "%s: html_node_add_attr name failed\n", __func__); + return -1; + } + else if (html_node_add_attr(input, "multiple", NULL)) + { + fprintf(stderr, "%s: html_node_add_attr multiple failed\n", __func__); + return -1; + } + + return 0; +} + +static int prepare_mkdir_form(struct html_node *const n, const char *const dir) +{ + struct html_node *div, *form, *hidden, *submit, *input; + + if (!(div = html_node_add_child(n, "div"))) + { + fprintf(stderr, "%s: html_node_add_child div failed\n", __func__); + return -1; + } + else if (!(form = html_node_add_child(div, "form"))) + { + fprintf(stderr, "%s: html_node_add_child form failed\n", __func__); + return -1; + } + else if (!(input = html_node_add_child(form, "input"))) + { + fprintf(stderr, "%s: html_node_add_child input failed\n", __func__); + return -1; + } + else if (!(hidden = html_node_add_child(form, "input"))) + { + fprintf(stderr, "%s: html_node_add_child hidden failed\n", __func__); + return -1; + } + else if (!(submit = html_node_add_child(form, "input"))) + { + fprintf(stderr, "%s: html_node_add_child submit failed\n", __func__); + return -1; + } + else if (html_node_add_attr(form, "method", "post")) + { + fprintf(stderr, "%s: html_node_add_attr method failed\n", __func__); + return -1; + } + else if (html_node_add_attr(form, "action", "/mkdir")) + { + fprintf(stderr, "%s: html_node_add_attr method failed\n", __func__); + return -1; + } + else if (html_node_add_attr(hidden, "type", "hidden")) + { + fprintf(stderr, "%s: html_node_add_attr hidden failed\n", __func__); + return -1; + } + else if (html_node_add_attr(hidden, "name", "dir")) + { + fprintf(stderr, "%s: html_node_add_attr dir failed\n", __func__); + return -1; + } + else if (html_node_add_attr(hidden, "value", dir)) + { + fprintf(stderr, "%s: html_node_add_attr hidden value failed\n", + __func__); + return -1; + } + else if (html_node_add_attr(submit, "type", "submit")) + { + fprintf(stderr, "%s: html_node_add_attr submit failed\n", __func__); + return -1; + } + else if (html_node_add_attr(submit, "value", "Create directory")) + { + fprintf(stderr, "%s: html_node_add_attr submit value failed\n", + __func__); + return -1; + } + else if (html_node_add_attr(input, "type", "text")) + { + fprintf(stderr, "%s: html_node_add_attr text failed\n", __func__); + return -1; + } + else if (html_node_add_attr(input, "name", "name")) + { + fprintf(stderr, "%s: html_node_add_attr name failed\n", __func__); + return -1; + } + + return 0; +} + +static int prepare_logout_form(struct html_node *const n) +{ + struct html_node *div, *form, *input; + + if (!(div = html_node_add_child(n, "div"))) + { + fprintf(stderr, "%s: html_node_add_child div failed\n", __func__); + return -1; + } + else if (!(form = html_node_add_child(div, "form"))) + { + fprintf(stderr, "%s: html_node_add_child form failed\n", __func__); + return -1; + } + else if (!(input = html_node_add_child(form, "input"))) + { + fprintf(stderr, "%s: html_node_add_child input failed\n", __func__); + return -1; + } + else if (html_node_add_attr(form, "method", "post")) + { + fprintf(stderr, "%s: html_node_add_attr method failed\n", __func__); + return -1; + } + else if (html_node_add_attr(form, "action", "/logout")) + { + fprintf(stderr, "%s: html_node_add_attr action failed\n", __func__); + return -1; + } + else if (html_node_add_attr(input, "type", "submit")) + { + fprintf(stderr, "%s: html_node_add_attr type failed\n", __func__); + return -1; + } + else if (html_node_add_attr(input, "value", "Logout")) + { + fprintf(stderr, "%s: html_node_add_attr value failed\n", __func__); + return -1; + } + + return 0; +} + +static int prepare_footer(struct html_node *const n) +{ + int ret = -1; + struct html_node *footer, *const a = html_node_alloc("a"); + struct dynstr d; + + dynstr_init(&d); + + if (!a) + { + fprintf(stderr, "%s: html_node_alloc failed\n", __func__); + goto end; + } + else if (!(footer = html_node_add_child(n, "footer"))) + { + fprintf(stderr, "%s: html_node_add_child footer failed\n", __func__); + goto end; + } + else if (html_node_add_attr(a, "href", PROJECT_URL)) + { + fprintf(stderr, "%s: html_node_add_attr failed\n", __func__); + goto end; + } + else if (html_node_set_value(a, PROJECT_NAME)) + { + fprintf(stderr, "%s: html_node_set_value a failed\n", __func__); + goto end; + } + else if (dynstr_append(&d, "Powered by ")) + { + fprintf(stderr, "%s: dynstr_append failed\n", __func__); + goto end; + } + else if (html_serialize(a, &d)) + { + fprintf(stderr, "%s: html_serialize failed\n", __func__); + goto end; + } + else if (html_node_set_value_unescaped(footer, d.str)) + { + fprintf(stderr, "%s: html_node_add_child a failed\n", __func__); + goto end; + } + + ret = 0; + +end: + dynstr_free(&d); + html_node_free(a); + return ret; +} + +static int list_dir(struct http_response *const r, const char *const dir, + const char *const root, const char *const res) +{ + int ret = -1; + DIR *const d = opendir(res); + struct html_node *const html = html_node_alloc("html"), + *head, *title, *body, *charset, *viewport, *table; + struct dynstr out, t; + const char *const fdir = dir + strlen("/user"); + + dynstr_init(&out); + dynstr_init(&t); + + if (!d) + { + fprintf(stderr, "%s: opendir(2): %s\n", __func__, strerror(errno)); + goto end; + } + else if (!html) + { + fprintf(stderr, "%s: html_node_alloc_failed\n", __func__); + goto end; + } + else if (!(head = html_node_add_child(html, "head"))) + { + fprintf(stderr, "%s: html_node_add_child head failed\n", __func__); + goto end; + } + else if (!(body = html_node_add_child(html, "body"))) + { + fprintf(stderr, "%s: html_node_add_child body failed\n", __func__); + goto end; + } + else if (!(table = html_node_add_child(body, "table"))) + { + fprintf(stderr, "%s: html_node_add_child table failed\n", __func__); + goto end; + } + else if (!(title = html_node_add_child(head, "title"))) + { + fprintf(stderr, "%s: html_node_add_child title failed\n", __func__); + goto end; + } + else if (!(charset = html_node_add_child(head, "meta"))) + { + fprintf(stderr, "%s: html_node_add_child charset failed\n", __func__); + goto end; + } + else if (html_node_add_attr(charset, "charset", "UTF-8")) + { + fprintf(stderr, "%s: html_node_add_attr charset failed\n", __func__); + goto end; + } + else if (dynstr_append(&t, PROJECT_NAME " - %s", fdir)) + { + fprintf(stderr, "%s: dynstr_append title failed\n", __func__); + goto end; + } + else if (html_node_set_value(title, t.str)) + { + fprintf(stderr, "%s: html_node_set_value title failed\n", __func__); + goto end; + } + else if (!(viewport = html_node_add_child(head, "meta"))) + { + fprintf(stderr, "%s: html_node_add_child viewport failed\n", __func__); + goto end; + } + else if (html_node_add_attr(viewport, "name", "viewport")) + { + fprintf(stderr, "%s: html_node_add_attr name viewport failed\n", + __func__); + goto end; + } + else if (html_node_add_attr(viewport, "content", + "width=device-width, initial-scale=1, maximum-scale=1")) + { + fprintf(stderr, "%s: html_node_add_attr name viewport failed\n", + __func__); + goto end; + } + else if (prepare_upload_form(body, fdir)) + { + fprintf(stderr, "%s: prepare_upload_form failed\n", __func__); + goto end; + } + else if (prepare_mkdir_form(body, fdir)) + { + fprintf(stderr, "%s: prepare_upload_form failed\n", __func__); + goto end; + } + else if (prepare_logout_form(body)) + { + fprintf(stderr, "%s: prepare_logout_form failed\n", __func__); + goto end; + } + else if (prepare_footer(body)) + { + fprintf(stderr, "%s: prepare_footer failed\n", __func__); + goto end; + } + + struct dirent *de; + + while ((de = readdir(d))) + { + const char *const name = de->d_name; + + if (!strcmp(name, ".") + || (!strcmp(name, "..") && !strcmp(root, res))) + continue; + else if (add_element(table, dir, res, name)) + { + fprintf(stderr, "%s: add_element failed\n", __func__); + goto end; + } + } + + if (dynstr_append(&out, DOCTYPE_TAG)) + { + fprintf(stderr, "%s: dynstr_prepend failed\n", __func__); + goto end; + } + else if (html_serialize(html, &out)) + { + fprintf(stderr, "%s: html_serialize failed\n", __func__); + goto end; + } + + *r = (const struct http_response) + { + .status = HTTP_STATUS_OK, + .buf.rw = out.str, + .n = out.len, + .free = free_response + }; + + if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + goto end; + } + + ret = 0; + +end: + html_node_free(html); + dynstr_free(&t); + + if (ret) + dynstr_free(&out); + + if (closedir(d)) + { + fprintf(stderr, "%s: closedir(2): %s\n", __func__, strerror(errno)); + return -1; + } + + return ret; +} + +static int serve_file(struct http_response *const r, + const struct stat *const sb, const char *const res) +{ + FILE *const f = fopen(res, "rb"); + + if (!f) + { + fprintf(stderr, "%s: fopen(3): %s\n", __func__, strerror(errno)); + return -1; + } + + *r = (const struct http_response) + { + .status = HTTP_STATUS_OK, + .f = f, + .n = sb->st_size + }; + + return 0; +} + +int page_resource(struct http_response *const r, const char *const dir, + const char *const root, const char *const res) +{ + struct stat sb; + + if (stat(res, &sb)) + { + fprintf(stderr, "%s: stat(2) %s: %s\n", + __func__, res, strerror(errno)); + + if (errno == ENOENT) + { + *r = (const struct http_response) + { + .status = HTTP_STATUS_NOT_FOUND + }; + + return 0; + } + else + return -1; + } + + const mode_t m = sb.st_mode; + + if (S_ISDIR(m)) + return list_dir(r, dir, root, res); + else if (S_ISREG(m)) + return serve_file(r, &sb, res); + + fprintf(stderr, "%s: unexpected st_mode %jd\n", __func__, (intmax_t)m); + return -1; +} + +int page_failed_login(struct http_response *const r) +{ + static const char index[] = + DOCTYPE_TAG + "<html>\n" + " <head>\n" + " " LOGIN_HEAD "\n" + " " STYLE_A "\n" + " </head>\n" + " <p>Invalid username or password.</p>\n" + LOGIN_BODY + "</html>\n"; + + *r = (const struct http_response) + { + .status = HTTP_STATUS_UNAUTHORIZED, + .buf.ro = index, + .n = sizeof index - 1 + }; + + if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + + return 0; +} + +int page_login(struct http_response *const r) +{ + static const char index[] = + DOCTYPE_TAG + "<html>\n" + " <head>\n" + " " STYLE_A "\n" + " " LOGIN_HEAD "\n" + " </head>\n" + " " LOGIN_BODY "\n" + "</html>\n"; + + *r = (const struct http_response) + { + .status = HTTP_STATUS_OK, + .buf.ro = index, + .n = sizeof index - 1 + }; + + if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + + return 0; +} + +int page_forbidden(struct http_response *const r) +{ + static const char body[] = + DOCTYPE_TAG + "<html>\n" + "Forbidden\n" + "</html>"; + + *r = (const struct http_response) + { + .status = HTTP_STATUS_FORBIDDEN, + .buf.ro = body, + .n = sizeof body - 1 + }; + + if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + + return 0; +} + +int page_bad_request(struct http_response *const r) +{ + static const char body[] = + DOCTYPE_TAG + "<html>\n" + " <head>" + " " PROJECT_TITLE "\n" + " </head>" + "Invalid request\n" + "</html>"; + + *r = (const struct http_response) + { + .status = HTTP_STATUS_BAD_REQUEST, + .buf.ro = body, + .n = sizeof body - 1 + }; + + if (http_response_add_header(r, "Content-Type", "text/html")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + + return 0; +} + +int page_style(struct http_response *const r) +{ + static const char body[] = + "body" + "{\n" + " display: flex;\n" + " flex-direction: column;\n" + "}\n" + ".form-control\n" + "{\n" + " display: block;\n" + " border: 1px solid;\n" + " width: 60%;\n" + " border-radius: 8px;\n" + " align-content: center;\n" + "}\n"; + + *r = (const struct http_response) + { + .status = HTTP_STATUS_OK, + .buf.ro = body, + .n = sizeof body - 1 + }; + + if (http_response_add_header(r, "Content-Type", "text/css")) + { + fprintf(stderr, "%s: http_response_add_header failed\n", __func__); + return -1; + } + + return 0; +} @@ -0,0 +1,14 @@ +#ifndef PAGE_H +#define PAGE_H + +#include "http.h" + +int page_login(struct http_response *r); +int page_style(struct http_response *r); +int page_failed_login(struct http_response *r); +int page_forbidden(struct http_response *r); +int page_bad_request(struct http_response *r); +int page_resource(struct http_response *r, const char *dir, const char *root, + const char *res); + +#endif /* PAGE_H */ diff --git a/server.c b/server.c new file mode 100644 index 0000000..d867b59 --- /dev/null +++ b/server.c @@ -0,0 +1,303 @@ +#include "server.h" +#include <fcntl.h> +#include <sys/select.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <unistd.h> +#include <errno.h> +#include <signal.h> +#include <stdbool.h> +#include <stddef.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +struct server +{ + int fd; + + struct server_client + { + int fd; + bool write; + } *c; + + size_t n; +}; + +int server_close(struct server *const s) +{ + int ret = 0; + + if (!s) + return 0; + else if (s->fd >= 0) + ret = close(s->fd); + + free(s); + return ret; +} + +int server_client_close(struct server *const s, struct server_client *const c) +{ + int ret = 0; + + for (size_t i = 0; i < s->n; i++) + { + struct server_client *ref = &s->c[i]; + + if (c == ref) + { + if ((ret = close(c->fd))) + { + fprintf(stderr, "%s: close(2): %s\n", + __func__, strerror(errno)); + return -1; + } + else if (s->n - 1) + { + memcpy(ref, ref + 1, s->n - i); + + if (!(s->c = realloc(s->c, (s->n - 1) * sizeof *s->c))) + { + fprintf(stderr, "%s: realloc(3): %s\n", + __func__, strerror(errno)); + return -1; + } + } + else + { + free(s->c); + s->c = NULL; + } + + s->n--; + break; + } + } + + return ret; +} + +int server_read(void *const buf, const size_t n, struct server_client *const c) +{ + const ssize_t r = read(c->fd, buf, n); + + if (r < 0) + fprintf(stderr, "%s: read(2): %s\n", __func__, strerror(errno)); + + return r; +} + +int server_write(const void *const buf, const size_t n, + struct server_client *const c) +{ + const ssize_t w = write(c->fd, buf, n); + + if (w < 0) + fprintf(stderr, "%s: write(2): %s\n", __func__, strerror(errno)); + + return w; +} + +static struct server_client *alloc_client(struct server *const s) +{ + struct sockaddr_in addr; + socklen_t sz = sizeof addr; + const int fd = accept(s->fd, (struct sockaddr *)&addr, &sz); + + if (fd < 0) + { + fprintf(stderr, "%s: accept(2): %s\n", + __func__, strerror(errno)); + return NULL; + } + + const int flags = fcntl(fd, F_GETFL); + + if (flags < 0) + { + fprintf(stderr, "%s: fcntl(2) F_GETFL: %s\n", + __func__, strerror(errno)); + return NULL; + } + else if (fcntl(fd, F_SETFL, flags | O_NONBLOCK)) + { + fprintf(stderr, "%s: fcntl(2) F_SETFL: %s\n", + __func__, strerror(errno)); + return NULL; + } + else if (!(s->c = realloc(s->c, (s->n + 1) * sizeof *s->c))) + { + fprintf(stderr, "%s: realloc(3): %s\n", + __func__, strerror(errno)); + return NULL; + } + + s->c[s->n] = (const struct server_client) + { + .fd = fd + }; + + return &s->c[s->n++]; +} + +void server_client_write_pending(struct server_client *const c, + const bool write) +{ + c->write = write; +} + +static volatile sig_atomic_t do_exit; + +static void handle_signal(const int signum) +{ + do_exit = 1; +} + +struct server_client *server_select(struct server *const s, bool *const io, + bool *const exit) +{ + int nfds = -1; + fd_set rfds, wfds; + + *io = *exit = false; + + FD_ZERO(&rfds); + FD_ZERO(&wfds); + + for (size_t i = 0; i < s->n; i++) + { + const struct server_client *const c = &s->c[i]; + const int fd = c->fd; + + FD_SET(fd, &rfds); + + if (c->write) + FD_SET(fd, &wfds); + + if (fd > nfds) + nfds = fd; + } + + FD_SET(s->fd, &rfds); + + if (s->fd > nfds) + nfds = s->fd; + + const int res = select(nfds + 1, &rfds, &wfds, NULL, NULL); + + if (res < 0) + { + if (do_exit) + *exit = true; + else + fprintf(stderr, "%s: select(2): %s\n", __func__, strerror(errno)); + + return NULL; + } + else if (FD_ISSET(s->fd, &rfds)) + return alloc_client(s); + + for (size_t i = 0; i < s->n; i++) + { + struct server_client *const c = &s->c[i]; + + if (FD_ISSET(c->fd, &rfds) || FD_ISSET(c->fd, &wfds)) + { + *io = true; + return c; + } + } + + fprintf(stderr, "%s: unlisted fd\n", __func__); + return NULL; +} + +static int init_signals(void) +{ + struct sigaction sa = + { + .sa_handler = handle_signal, + .sa_flags = SA_RESTART + }; + + sigemptyset(&sa.sa_mask); + + if (sigaction(SIGINT, &sa, NULL)) + { + fprintf(stderr, "%s: sigaction(2) SIGINT: %s\n", + __func__, strerror(errno)); + return -1; + } + else if (sigaction(SIGTERM, &sa, NULL)) + { + fprintf(stderr, "%s: sigaction(2) SIGINT: %s\n", + __func__, strerror(errno)); + return -1; + } + + return 0; +} + +struct server *server_init(const unsigned short port) +{ + struct server *const s = malloc(sizeof *s); + + if (!s) + { + fprintf(stderr, "%s: malloc(3): %s\n", __func__, strerror(errno)); + goto failure; + } + + *s = (const struct server) + { + .fd = socket(AF_INET, SOCK_STREAM, 0) + }; + + if (s->fd < 0) + { + fprintf(stderr, "%s: socket(2): %s\n", __func__, strerror(errno)); + goto failure; + } + else if (init_signals()) + { + fprintf(stderr, "%s: init_signals failed\n", __func__); + goto failure; + } + + const struct sockaddr_in addr = + { + .sin_family = AF_INET, + .sin_port = htons(port) + }; + + enum {QUEUE_LEN = 10}; + + if (bind(s->fd, (const struct sockaddr *)&addr, sizeof addr)) + { + fprintf(stderr, "%s: bind(2): %s\n", __func__, strerror(errno)); + goto failure; + } + else if (listen(s->fd, QUEUE_LEN)) + { + fprintf(stderr, "%s: listen(2): %s\n", __func__, strerror(errno)); + goto failure; + } + + struct sockaddr_in in; + socklen_t sz = sizeof in; + + if (getsockname(s->fd, (struct sockaddr *)&in, &sz)) + { + fprintf(stderr, "%s: getsockname(2): %s\n", __func__, strerror(errno)); + goto failure; + } + + printf("Listening on port %hu\n", ntohs(in.sin_port)); + return s; + +failure: + server_close(s); + return NULL; +} diff --git a/server.h b/server.h new file mode 100644 index 0000000..74189db --- /dev/null +++ b/server.h @@ -0,0 +1,15 @@ +#ifndef SERVER_H +#define SERVER_H + +#include <stdbool.h> +#include <stddef.h> + +struct server *server_init(unsigned short port); +struct server_client *server_select(struct server *s, bool *io, bool *exit); +int server_read(void *buf, size_t n, struct server_client *c); +int server_write(const void *buf, size_t n, struct server_client *c); +int server_close(struct server *s); +int server_client_close(struct server *s, struct server_client *c); +void server_client_write_pending(struct server_client *c, bool write); + +#endif /* SERVER_H */ |