search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
gotwebd: swap the tags and branch listing in the index page
[got-portable.git] / gotd / listen.c
blob8bee03f37fbfa1fe37b0d0b4738265b00e7dd7ef
1 /*
2 * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "got_compat.h"
18
19 #include <sys/types.h>
20 #include <sys/queue.h>
21 #include <sys/socket.h>
22 #include <sys/uio.h>
23
24 #include <errno.h>
25 #include <event.h>
26 #include <stdint.h>
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <string.h>
30 #include <imsg.h>
31 #include <limits.h>
32 #include <signal.h>
33 #include <unistd.h>
34
35 #include "got_error.h"
36 #include "got_path.h"
37
38 #include "got_compat.h"
39
40 #include "gotd.h"
41 #include "log.h"
42 #include "listen.h"
43
44 #ifndef nitems
45 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
46 #endif
47
48 struct gotd_listen_client {
49 STAILQ_ENTRY(gotd_listen_client) entry;
50 uint32_t id;
51 int fd;
52 uid_t euid;
53 };
54 STAILQ_HEAD(gotd_listen_clients, gotd_listen_client);
55
56 static struct gotd_listen_clients gotd_listen_clients[GOTD_CLIENT_TABLE_SIZE];
57 static SIPHASH_KEY clients_hash_key;
58 static volatile int listen_client_cnt;
59 static int inflight;
60
61 struct gotd_uid_connection_counter {
62 STAILQ_ENTRY(gotd_uid_connection_counter) entry;
63 uid_t euid;
64 int nconnections;
65 };
66 STAILQ_HEAD(gotd_client_uids, gotd_uid_connection_counter);
67 static struct gotd_client_uids gotd_client_uids[GOTD_CLIENT_TABLE_SIZE];
68 static SIPHASH_KEY uid_hash_key;
69
70 static struct {
71 pid_t pid;
72 const char *title;
73 int fd;
74 struct gotd_imsgev iev;
75 struct gotd_imsgev pause;
76 struct gotd_uid_connection_limit *connection_limits;
77 size_t nconnection_limits;
78 } gotd_listen;
79
80 static int inflight;
81
82 static void listen_shutdown(void);
83
84 static void
85 listen_sighdlr(int sig, short event, void *arg)
86 {
87 /*
88 * Normal signal handler rules don't apply because libevent
89 * decouples for us.
90 */
91
92 switch (sig) {
93 case SIGHUP:
94 break;
95 case SIGUSR1:
96 break;
97 case SIGTERM:
98 case SIGINT:
99 listen_shutdown();
100 /* NOTREACHED */
101 break;
102 default:
103 fatalx("unexpected signal");
104 }
105 }
106
107 static uint64_t
108 client_hash(uint32_t client_id)
109 {
110 return SipHash24(&clients_hash_key, &client_id, sizeof(client_id));
111 }
112
113 static void
114 add_client(struct gotd_listen_client *client)
115 {
116 uint64_t slot = client_hash(client->id) % nitems(gotd_listen_clients);
117 STAILQ_INSERT_HEAD(&gotd_listen_clients[slot], client, entry);
118 listen_client_cnt++;
119 }
120
121 static struct gotd_listen_client *
122 find_client(uint32_t client_id)
123 {
124 uint64_t slot;
125 struct gotd_listen_client *c;
126
127 slot = client_hash(client_id) % nitems(gotd_listen_clients);
128 STAILQ_FOREACH(c, &gotd_listen_clients[slot], entry) {
129 if (c->id == client_id)
130 return c;
131 }
132
133 return NULL;
134 }
135
136 static uint32_t
137 get_client_id(void)
138 {
139 int duplicate = 0;
140 uint32_t id;
141
142 do {
143 id = arc4random();
144 duplicate = (find_client(id) != NULL);
145 } while (duplicate || id == 0);
146
147 return id;
148 }
149
150 static uint64_t
151 uid_hash(uid_t euid)
152 {
153 return SipHash24(&uid_hash_key, &euid, sizeof(euid));
154 }
155
156 static void
157 add_uid_connection_counter(struct gotd_uid_connection_counter *counter)
158 {
159 uint64_t slot = uid_hash(counter->euid) % nitems(gotd_client_uids);
160 STAILQ_INSERT_HEAD(&gotd_client_uids[slot], counter, entry);
161 }
162
163 static void
164 remove_uid_connection_counter(struct gotd_uid_connection_counter *counter)
165 {
166 uint64_t slot = uid_hash(counter->euid) % nitems(gotd_client_uids);
167 STAILQ_REMOVE(&gotd_client_uids[slot], counter,
168 gotd_uid_connection_counter, entry);
169 }
170
171 static struct gotd_uid_connection_counter *
172 find_uid_connection_counter(uid_t euid)
173 {
174 uint64_t slot;
175 struct gotd_uid_connection_counter *c;
176
177 slot = uid_hash(euid) % nitems(gotd_client_uids);
178 STAILQ_FOREACH(c, &gotd_client_uids[slot], entry) {
179 if (c->euid == euid)
180 return c;
181 }
182
183 return NULL;
184 }
185
186 static const struct got_error *
187 disconnect(struct gotd_listen_client *client)
188 {
189 struct gotd_uid_connection_counter *counter;
190 uint64_t slot;
191 int client_fd;
192
193 log_debug("client on fd %d disconnecting", client->fd);
194
195 slot = client_hash(client->id) % nitems(gotd_listen_clients);
196 STAILQ_REMOVE(&gotd_listen_clients[slot], client,
197 gotd_listen_client, entry);
198
199 counter = find_uid_connection_counter(client->euid);
200 if (counter) {
201 if (counter->nconnections > 0)
202 counter->nconnections--;
203 if (counter->nconnections == 0) {
204 remove_uid_connection_counter(counter);
205 free(counter);
206 }
207 }
208
209 client_fd = client->fd;
210 free(client);
211 inflight--;
212 listen_client_cnt--;
213 if (close(client_fd) == -1)
214 return got_error_from_errno("close");
215
216 return NULL;
217 }
218
219 static int
220 accept_reserve(int fd, struct sockaddr *addr, socklen_t *addrlen,
221 int reserve, volatile int *counter)
222 {
223 int ret;
224 int sock_flags = SOCK_NONBLOCK;
225
226 #ifdef SOCK_CLOEXEC
227 sock_flags |= SOCK_CLOEXEC;
228 #endif
229
230 if (getdtablecount() + reserve +
231 ((*counter + 1) * GOTD_FD_NEEDED) >= getdtablesize()) {
232 log_debug("inflight fds exceeded");
233 errno = EMFILE;
234 return -1;
235 }
236 #ifdef __APPLE__
237 /* TA: silence warning from GCC. */
238 (void)sock_flags;
239 ret = accept(fd, addr, addrlen);
240 #else
241 ret = accept4(fd, addr, addrlen, sock_flags);
242 #endif
243
244 if (ret > -1) {
245 (*counter)++;
246 }
247
248 return ret;
249 }
250
251 static void
252 gotd_accept_paused(int fd, short event, void *arg)
253 {
254 event_add(&gotd_listen.iev.ev, NULL);
255 }
256
257 static void
258 gotd_accept(int fd, short event, void *arg)
259 {
260 struct gotd_imsgev *iev = arg;
261 struct sockaddr_storage ss;
262 struct timeval backoff;
263 socklen_t len;
264 int s = -1;
265 struct gotd_listen_client *client = NULL;
266 struct gotd_uid_connection_counter *counter = NULL;
267 struct gotd_imsg_connect iconn;
268 uid_t euid;
269 gid_t egid;
270
271 backoff.tv_sec = 1;
272 backoff.tv_usec = 0;
273
274 if (event_add(&gotd_listen.iev.ev, NULL) == -1) {
275 log_warn("event_add");
276 return;
277 }
278 if (event & EV_TIMEOUT)
279 return;
280
281 len = sizeof(ss);
282
283 /* Other backoff conditions apart from EMFILE/ENFILE? */
284 s = accept_reserve(fd, (struct sockaddr *)&ss, &len, GOTD_FD_RESERVE,
285 &inflight);
286 if (s == -1) {
287 switch (errno) {
288 case EINTR:
289 case EWOULDBLOCK:
290 case ECONNABORTED:
291 return;
292 case EMFILE:
293 case ENFILE:
294 event_del(&gotd_listen.iev.ev);
295 evtimer_add(&gotd_listen.pause.ev, &backoff);
296 return;
297 default:
298 log_warn("accept");
299 return;
300 }
301 }
302
303 if (listen_client_cnt >= GOTD_MAXCLIENTS)
304 goto err;
305
306 if (getpeereid(s, &euid, &egid) == -1) {
307 log_warn("getpeerid");
308 goto err;
309 }
310
311 counter = find_uid_connection_counter(euid);
312 if (counter == NULL) {
313 counter = calloc(1, sizeof(*counter));
314 if (counter == NULL) {
315 log_warn("%s: calloc", __func__);
316 goto err;
317 }
318 counter->euid = euid;
319 counter->nconnections = 1;
320 add_uid_connection_counter(counter);
321 } else {
322 int max_connections = GOTD_MAX_CONN_PER_UID;
323 struct gotd_uid_connection_limit *limit;
324
325 limit = gotd_find_uid_connection_limit(
326 gotd_listen.connection_limits,
327 gotd_listen.nconnection_limits, euid);
328 if (limit)
329 max_connections = limit->max_connections;
330
331 if (counter->nconnections >= max_connections) {
332 log_warnx("maximum connections exceeded for uid %d",
333 euid);
334 goto err;
335 }
336 counter->nconnections++;
337 }
338
339 client = calloc(1, sizeof(*client));
340 if (client == NULL) {
341 log_warn("%s: calloc", __func__);
342 goto err;
343 }
344 client->id = get_client_id();
345 client->fd = s;
346 client->euid = euid;
347 s = -1;
348 add_client(client);
349 log_debug("%s: new client connected on fd %d uid %d gid %d", __func__,
350 client->fd, euid, egid);
351
352 memset(&iconn, 0, sizeof(iconn));
353 iconn.client_id = client->id;
354 iconn.euid = euid;
355 iconn.egid = egid;
356 s = dup(client->fd);
357 if (s == -1) {
358 log_warn("%s: dup", __func__);
359 goto err;
360 }
361 if (gotd_imsg_compose_event(iev, GOTD_IMSG_CONNECT, PROC_LISTEN, s,
362 &iconn, sizeof(iconn)) == -1) {
363 log_warn("imsg compose CONNECT");
364 goto err;
365 }
366
367 return;
368 err:
369 inflight--;
370 if (client)
371 disconnect(client);
372 if (s != -1)
373 close(s);
374 }
375
376 static const struct got_error *
377 recv_disconnect(struct imsg *imsg)
378 {
379 struct gotd_imsg_disconnect idisconnect;
380 size_t datalen;
381 struct gotd_listen_client *client = NULL;
382
383 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
384 if (datalen != sizeof(idisconnect))
385 return got_error(GOT_ERR_PRIVSEP_LEN);
386 memcpy(&idisconnect, imsg->data, sizeof(idisconnect));
387
388 log_debug("client disconnecting");
389
390 client = find_client(idisconnect.client_id);
391 if (client == NULL)
392 return got_error(GOT_ERR_CLIENT_ID);
393
394 return disconnect(client);
395 }
396
397 static void
398 listen_dispatch(int fd, short event, void *arg)
399 {
400 const struct got_error *err = NULL;
401 struct gotd_imsgev *iev = arg;
402 struct imsgbuf *ibuf = &iev->ibuf;
403 struct imsg imsg;
404 ssize_t n;
405 int shut = 0;
406
407 if (event & EV_READ) {
408 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
409 fatal("imsg_read error");
410 if (n == 0) /* Connection closed. */
411 shut = 1;
412 }
413
414 if (event & EV_WRITE) {
415 n = msgbuf_write(&ibuf->w);
416 if (n == -1 && errno != EAGAIN)
417 fatal("msgbuf_write");
418 if (n == 0) /* Connection closed. */
419 shut = 1;
420 }
421
422 for (;;) {
423 if ((n = imsg_get(ibuf, &imsg)) == -1)
424 fatal("%s: imsg_get", __func__);
425 if (n == 0) /* No more messages. */
426 break;
427
428 switch (imsg.hdr.type) {
429 case GOTD_IMSG_DISCONNECT:
430 err = recv_disconnect(&imsg);
431 if (err)
432 log_warnx("disconnect: %s", err->msg);
433 break;
434 default:
435 log_debug("unexpected imsg %d", imsg.hdr.type);
436 break;
437 }
438
439 imsg_free(&imsg);
440 }
441
442 if (!shut) {
443 gotd_imsg_event_add(iev);
444 } else {
445 /* This pipe is dead. Remove its event handler */
446 event_del(&iev->ev);
447 event_loopexit(NULL);
448 }
449 }
450
451 void
452 listen_main(const char *title, int gotd_socket,
453 struct gotd_uid_connection_limit *connection_limits,
454 size_t nconnection_limits)
455 {
456 struct gotd_imsgev iev;
457 struct event evsigint, evsigterm, evsighup, evsigusr1;
458
459 arc4random_buf(&clients_hash_key, sizeof(clients_hash_key));
460 arc4random_buf(&uid_hash_key, sizeof(uid_hash_key));
461
462 gotd_listen.title = title;
463 gotd_listen.pid = getpid();
464 gotd_listen.fd = gotd_socket;
465 gotd_listen.connection_limits = connection_limits;
466 gotd_listen.nconnection_limits = nconnection_limits;
467
468 signal_set(&evsigint, SIGINT, listen_sighdlr, NULL);
469 signal_set(&evsigterm, SIGTERM, listen_sighdlr, NULL);
470 signal_set(&evsighup, SIGHUP, listen_sighdlr, NULL);
471 signal_set(&evsigusr1, SIGUSR1, listen_sighdlr, NULL);
472 signal(SIGPIPE, SIG_IGN);
473
474 signal_add(&evsigint, NULL);
475 signal_add(&evsigterm, NULL);
476 signal_add(&evsighup, NULL);
477 signal_add(&evsigusr1, NULL);
478
479 imsg_init(&iev.ibuf, GOTD_FILENO_MSG_PIPE);
480 iev.handler = listen_dispatch;
481 iev.events = EV_READ;
482 iev.handler_arg = NULL;
483 event_set(&iev.ev, iev.ibuf.fd, EV_READ, listen_dispatch, &iev);
484 if (event_add(&iev.ev, NULL) == -1)
485 fatalx("event add");
486
487 event_set(&gotd_listen.iev.ev, gotd_listen.fd, EV_READ | EV_PERSIST,
488 gotd_accept, &iev);
489 if (event_add(&gotd_listen.iev.ev, NULL))
490 fatalx("event add");
491 evtimer_set(&gotd_listen.pause.ev, gotd_accept_paused, NULL);
492
493 event_dispatch();
494
495 listen_shutdown();
496 }
497
498 static void
499 listen_shutdown(void)
500 {
501 log_debug("shutting down");
502
503 free(gotd_listen.connection_limits);
504 if (gotd_listen.fd != -1)
505 close(gotd_listen.fd);
506
507 exit(0);
508 }
portable version of Game of Trees