search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
portable: object_qid.c make portable
[got-portable.git] / gotwebd / sockets.c
blobeacbdc8fa8acb1d85aef92bdaf14ba95977a69b1
1 /*
2 * Copyright (c) 2016, 2019, 2020-2021 Tracey Emery <tracey@traceyemery.net>
3 * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
4 * Copyright (c) 2013 David Gwynne <dlg@openbsd.org>
5 * Copyright (c) 2013 Florian Obser <florian@openbsd.org>
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 #include "got_compat.h"
21
22 #include <sys/param.h>
23 #include <sys/ioctl.h>
24 #include <sys/queue.h>
25 #include <sys/wait.h>
26 #include <sys/uio.h>
27 #include <sys/resource.h>
28 #include <sys/socket.h>
29 #include <sys/stat.h>
30 #include <sys/time.h>
31 #include <sys/types.h>
32 #include <sys/mman.h>
33 #include <sys/un.h>
34
35 #include <net/if.h>
36 #include <netinet/in.h>
37
38 #include <errno.h>
39 #include <event.h>
40 #include <fcntl.h>
41 #include <ifaddrs.h>
42 #include <limits.h>
43 #include <netdb.h>
44 #include <poll.h>
45 #include <pwd.h>
46 #include <stddef.h>
47 #include <stdio.h>
48 #include <stdlib.h>
49 #include <string.h>
50 #include <unistd.h>
51
52 #include "got_error.h"
53 #include "got_opentemp.h"
54 #include "got_reference.h"
55 #include "got_repository.h"
56
57 #include "proc.h"
58 #include "gotwebd.h"
59 #include "tmpl.h"
60
61 #define SOCKS_BACKLOG 5
62 #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b))
63
64
65 volatile int client_cnt;
66
67 static struct timeval timeout = { TIMEOUT_DEFAULT, 0 };
68
69 static void sockets_sighdlr(int, short, void *);
70 static void sockets_run(struct privsep *, struct privsep_proc *, void *);
71 static void sockets_launch(void);
72 static void sockets_purge(struct gotwebd *);
73 static void sockets_accept_paused(int, short, void *);
74 static void sockets_rlimit(int);
75
76 static int sockets_dispatch_gotwebd(int, struct privsep_proc *,
77 struct imsg *);
78 static int sockets_unix_socket_listen(struct privsep *, struct socket *);
79 static int sockets_create_socket(struct address *, in_port_t);
80 static int sockets_accept_reserve(int, struct sockaddr *, socklen_t *,
81 int, volatile int *);
82
83 static struct socket *sockets_conf_new_socket_unix(struct gotwebd *,
84 struct server *, int);
85 static struct socket *sockets_conf_new_socket_fcgi(struct gotwebd *,
86 struct server *, int, struct address *);
87
88 int cgi_inflight = 0;
89
90 static struct privsep_proc procs[] = {
91 { "gotwebd", PROC_GOTWEBD, sockets_dispatch_gotwebd },
92 };
93
94 void
95 sockets(struct privsep *ps, struct privsep_proc *p)
96 {
97 proc_run(ps, p, procs, nitems(procs), sockets_run, NULL);
98 }
99
100 static void
101 sockets_run(struct privsep *ps, struct privsep_proc *p, void *arg)
102 {
103 if (config_init(ps->ps_env) == -1)
104 fatal("failed to initialize configuration");
105
106 p->p_shutdown = sockets_shutdown;
107
108 sockets_rlimit(-1);
109
110 signal_del(&ps->ps_evsigchld);
111 signal_set(&ps->ps_evsigchld, SIGCHLD, sockets_sighdlr, ps);
112 signal_add(&ps->ps_evsigchld, NULL);
113
114 #ifndef PROFILE
115 if (pledge("stdio rpath wpath cpath inet recvfd proc exec sendfd",
116 NULL) == -1)
117 fatal("pledge");
118 #endif
119 }
120
121 void
122 sockets_parse_sockets(struct gotwebd *env)
123 {
124 struct server *srv;
125 struct address *a;
126 struct socket *new_sock = NULL;
127 int sock_id = 1;
128
129 TAILQ_FOREACH(srv, &env->servers, entry) {
130 if (srv->unix_socket) {
131 new_sock = sockets_conf_new_socket_unix(env, srv,
132 sock_id);
133 if (new_sock) {
134 sock_id++;
135 TAILQ_INSERT_TAIL(&env->sockets, new_sock,
136 entry);
137 }
138 }
139
140 if (srv->fcgi_socket) {
141 if (TAILQ_EMPTY(&srv->al)) {
142 fatalx("%s: server %s has no IP addresses to "
143 "listen for FCGI connections", __func__,
144 srv->name);
145 }
146 TAILQ_FOREACH(a, &srv->al, entry) {
147 if (a->ss.ss_family != AF_INET &&
148 a->ss.ss_family != AF_INET6)
149 continue;
150 new_sock = sockets_conf_new_socket_fcgi(env,
151 srv, sock_id, a);
152 if (new_sock) {
153 sock_id++;
154 TAILQ_INSERT_TAIL(&env->sockets,
155 new_sock, entry);
156 }
157 }
158 }
159 }
160 }
161
162 static struct socket *
163 sockets_conf_new_socket_unix(struct gotwebd *env, struct server *srv, int id)
164 {
165 struct socket *sock;
166 int n;
167
168 if ((sock = calloc(1, sizeof(*sock))) == NULL)
169 fatalx("%s: calloc", __func__);
170
171 sock->conf.id = id;
172 sock->fd = -1;
173 sock->conf.af_type = AF_UNIX;
174
175 if (strlcpy(sock->conf.unix_socket_name,
176 srv->unix_socket_name,
177 sizeof(sock->conf.unix_socket_name)) >=
178 sizeof(sock->conf.unix_socket_name)) {
179 free(sock);
180 fatalx("%s: strlcpy", __func__);
181 }
182
183 n = snprintf(sock->conf.name, GOTWEBD_MAXTEXT, "%s_parent",
184 srv->name);
185 if (n < 0 || (size_t)n >= GOTWEBD_MAXTEXT) {
186 free(sock);
187 fatalx("%s: snprintf", __func__);
188 }
189
190 if (strlcpy(sock->conf.srv_name, srv->name,
191 sizeof(sock->conf.srv_name)) >= sizeof(sock->conf.srv_name)) {
192 free(sock);
193 fatalx("%s: strlcpy", __func__);
194 }
195
196 return sock;
197 }
198
199 static struct socket *
200 sockets_conf_new_socket_fcgi(struct gotwebd *env, struct server *srv, int id,
201 struct address *a)
202 {
203 struct socket *sock;
204 struct address *acp;
205 int n;
206
207 if ((sock = calloc(1, sizeof(*sock))) == NULL)
208 fatalx("%s: calloc", __func__);
209
210 sock->conf.id = id;
211 sock->fd = -1;
212 sock->conf.af_type = a->ss.ss_family;
213
214 sock->conf.fcgi_socket_port = a->port;
215
216 n = snprintf(sock->conf.name, GOTWEBD_MAXTEXT, "%s_parent",
217 srv->name);
218 if (n < 0 || (size_t)n >= GOTWEBD_MAXTEXT) {
219 free(sock);
220 fatalx("%s: snprintf", __func__);
221 }
222
223 if (strlcpy(sock->conf.srv_name, srv->name,
224 sizeof(sock->conf.srv_name)) >= sizeof(sock->conf.srv_name)) {
225 free(sock);
226 fatalx("%s: strlcpy", __func__);
227 }
228
229 acp = &sock->conf.addr;
230
231 memcpy(&acp->ss, &a->ss, sizeof(acp->ss));
232 acp->ipproto = a->ipproto;
233 acp->prefixlen = a->prefixlen;
234 acp->port = a->port;
235 if (strlen(a->ifname) != 0) {
236 if (strlcpy(acp->ifname, a->ifname,
237 sizeof(acp->ifname)) >= sizeof(acp->ifname)) {
238 fatalx("%s: interface name truncated",
239 __func__);
240 }
241 }
242
243 return (sock);
244 }
245
246 static void
247 sockets_launch(void)
248 {
249 struct socket *sock;
250
251 TAILQ_FOREACH(sock, &gotwebd_env->sockets, entry) {
252 log_debug("%s: configuring socket %d (%d)", __func__,
253 sock->conf.id, sock->fd);
254
255 event_set(&sock->ev, sock->fd, EV_READ | EV_PERSIST,
256 sockets_socket_accept, sock);
257
258 if (event_add(&sock->ev, NULL))
259 fatalx("event add sock");
260
261 evtimer_set(&sock->pause, sockets_accept_paused, sock);
262
263 log_debug("%s: running socket listener %d", __func__,
264 sock->conf.id);
265 }
266 }
267
268 static void
269 sockets_purge(struct gotwebd *env)
270 {
271 struct socket *sock, *tsock;
272
273 /* shutdown and remove sockets */
274 TAILQ_FOREACH_SAFE(sock, &env->sockets, entry, tsock) {
275 if (event_initialized(&sock->ev))
276 event_del(&sock->ev);
277 if (evtimer_initialized(&sock->evt))
278 evtimer_del(&sock->evt);
279 if (evtimer_initialized(&sock->pause))
280 evtimer_del(&sock->pause);
281 if (sock->fd != -1)
282 close(sock->fd);
283 TAILQ_REMOVE(&env->sockets, sock, entry);
284 }
285 }
286
287 static int
288 sockets_dispatch_gotwebd(int fd, struct privsep_proc *p, struct imsg *imsg)
289 {
290 struct privsep *ps = p->p_ps;
291 int res = 0, cmd = 0, verbose;
292
293 switch (imsg->hdr.type) {
294 case IMSG_CFG_SRV:
295 config_getserver(gotwebd_env, imsg);
296 break;
297 case IMSG_CFG_SOCK:
298 config_getsock(gotwebd_env, imsg);
299 break;
300 case IMSG_CFG_FD:
301 config_getfd(gotwebd_env, imsg);
302 break;
303 case IMSG_CFG_DONE:
304 config_getcfg(gotwebd_env, imsg);
305 break;
306 case IMSG_CTL_START:
307 sockets_launch();
308 break;
309 case IMSG_CTL_VERBOSE:
310 IMSG_SIZE_CHECK(imsg, &verbose);
311 memcpy(&verbose, imsg->data, sizeof(verbose));
312 log_setverbose(verbose);
313 break;
314 default:
315 return -1;
316 }
317
318 switch (cmd) {
319 case 0:
320 break;
321 default:
322 if (proc_compose_imsg(ps, PROC_GOTWEBD, -1, cmd,
323 imsg->hdr.peerid, -1, &res, sizeof(res)) == -1)
324 return -1;
325 break;
326 }
327
328 return 0;
329 }
330
331 static void
332 sockets_sighdlr(int sig, short event, void *arg)
333 {
334 switch (sig) {
335 case SIGHUP:
336 log_info("%s: ignoring SIGHUP", __func__);
337 break;
338 case SIGPIPE:
339 log_info("%s: ignoring SIGPIPE", __func__);
340 break;
341 case SIGUSR1:
342 log_info("%s: ignoring SIGUSR1", __func__);
343 break;
344 case SIGCHLD:
345 break;
346 default:
347 log_info("SIGNAL: %d", sig);
348 fatalx("unexpected signal");
349 }
350 }
351
352 void
353 sockets_shutdown(void)
354 {
355 struct server *srv, *tsrv;
356 struct socket *sock, *tsock;
357 int i;
358
359 sockets_purge(gotwebd_env);
360
361 /* clean sockets */
362 TAILQ_FOREACH_SAFE(sock, &gotwebd_env->sockets, entry, tsock) {
363 TAILQ_REMOVE(&gotwebd_env->sockets, sock, entry);
364 close(sock->fd);
365 free(sock);
366 }
367
368 /* clean servers */
369 TAILQ_FOREACH_SAFE(srv, &gotwebd_env->servers, entry, tsrv) {
370 for (i = 0; i < srv->ncached_repos; i++)
371 got_repo_close(srv->cached_repos[i].repo);
372 free(srv);
373 }
374
375 free(gotwebd_env);
376 }
377
378 int
379 sockets_privinit(struct gotwebd *env, struct socket *sock)
380 {
381 struct privsep *ps = env->gotwebd_ps;
382
383 if (sock->conf.af_type == AF_UNIX) {
384 log_debug("%s: initializing unix socket %s", __func__,
385 sock->conf.unix_socket_name);
386 sock->fd = sockets_unix_socket_listen(ps, sock);
387 if (sock->fd == -1) {
388 log_warnx("%s: create unix socket failed", __func__);
389 return -1;
390 }
391 }
392
393 if (sock->conf.af_type == AF_INET || sock->conf.af_type == AF_INET6) {
394 log_debug("%s: initializing %s FCGI socket on port %d for %s",
395 __func__, sock->conf.af_type == AF_INET ? "inet" : "inet6",
396 sock->conf.fcgi_socket_port, sock->conf.name);
397 sock->fd = sockets_create_socket(&sock->conf.addr,
398 sock->conf.fcgi_socket_port);
399 if (sock->fd == -1) {
400 log_warnx("%s: create FCGI socket failed", __func__);
401 return -1;
402 }
403 }
404
405 return 0;
406 }
407
408 static int
409 sockets_unix_socket_listen(struct privsep *ps, struct socket *sock)
410 {
411 struct gotwebd *env = ps->ps_env;
412 struct sockaddr_un sun;
413 struct socket *tsock;
414 int u_fd = -1;
415 mode_t old_umask, mode;
416
417 TAILQ_FOREACH(tsock, &env->sockets, entry) {
418 if (strcmp(tsock->conf.unix_socket_name,
419 sock->conf.unix_socket_name) == 0 &&
420 tsock->fd != -1)
421 return (tsock->fd);
422 }
423
424 /* TA: FIXME: this needs upstreaming. */
425 int socket_flags = SOCK_STREAM | SOCK_NONBLOCK;
426 #ifdef SOCK_CLOEXEC
427 socket_flags |= SOCK_CLOEXEC;
428 #endif
429 u_fd = socket(AF_UNIX, socket_flags, 0);
430 if (u_fd == -1) {
431 log_warn("%s: socket", __func__);
432 return -1;
433 }
434
435 sun.sun_family = AF_UNIX;
436 if (strlcpy(sun.sun_path, sock->conf.unix_socket_name,
437 sizeof(sun.sun_path)) >= sizeof(sun.sun_path)) {
438 log_warn("%s: %s name too long", __func__,
439 sock->conf.unix_socket_name);
440 close(u_fd);
441 return -1;
442 }
443
444 if (unlink(sock->conf.unix_socket_name) == -1) {
445 if (errno != ENOENT) {
446 log_warn("%s: unlink %s", __func__,
447 sock->conf.unix_socket_name);
448 close(u_fd);
449 return -1;
450 }
451 }
452
453 old_umask = umask(S_IXUSR|S_IXGRP|S_IWOTH|S_IROTH|S_IXOTH);
454 mode = S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP;
455
456 if (bind(u_fd, (struct sockaddr *)&sun, sizeof(sun)) == -1) {
457 log_warn("%s: bind: %s", __func__, sock->conf.unix_socket_name);
458 close(u_fd);
459 (void)umask(old_umask);
460 return -1;
461 }
462
463 (void)umask(old_umask);
464
465 if (chmod(sock->conf.unix_socket_name, mode) == -1) {
466 log_warn("%s: chmod", __func__);
467 close(u_fd);
468 (void)unlink(sock->conf.unix_socket_name);
469 return -1;
470 }
471
472 if (chown(sock->conf.unix_socket_name, ps->ps_pw->pw_uid,
473 ps->ps_pw->pw_gid) == -1) {
474 log_warn("%s: chown", __func__);
475 close(u_fd);
476 (void)unlink(sock->conf.unix_socket_name);
477 return -1;
478 }
479
480 if (listen(u_fd, SOCKS_BACKLOG) == -1) {
481 log_warn("%s: listen", __func__);
482 return -1;
483 }
484
485 return u_fd;
486 }
487
488 static int
489 sockets_create_socket(struct address *a, in_port_t port)
490 {
491 struct addrinfo hints;
492 int fd = -1, o_val = 1, flags;
493
494 memset(&hints, 0, sizeof(hints));
495 hints.ai_family = AF_UNSPEC;
496 hints.ai_socktype = SOCK_STREAM;
497 hints.ai_flags |= AI_PASSIVE;
498
499 switch (a->ss.ss_family) {
500 case AF_INET:
501 ((struct sockaddr_in *)(&a->ss))->sin_port = htons(port);
502 break;
503 case AF_INET6:
504 ((struct sockaddr_in6 *)(&a->ss))->sin6_port = htons(port);
505 break;
506 default:
507 log_warnx("%s: unknown address family", __func__);
508 return -1;
509 }
510
511 fd = socket(a->ss.ss_family, hints.ai_socktype, a->ipproto);
512 if (fd == -1)
513 return -1;
514
515 log_debug("%s: opened socket (%d) for %s", __func__,
516 fd, a->ifname);
517
518 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &o_val,
519 sizeof(int)) == -1) {
520 log_warn("%s: setsockopt error", __func__);
521 close(fd);
522 return -1;
523 }
524
525 /* non-blocking */
526 flags = fcntl(fd, F_GETFL);
527 flags |= O_NONBLOCK;
528 if (fcntl(fd, F_SETFL, flags) == -1) {
529 log_info("%s: could not enable non-blocking I/O", __func__);
530 close(fd);
531 return -1;
532 }
533
534 if (bind(fd, (struct sockaddr *)&a->ss, SS_LEN(&a->ss)) == -1) {
535 close(fd);
536 log_info("%s: can't bind to port %d", __func__,
537 ntohs(port));
538 return -1;
539 }
540
541 if (listen(fd, SOMAXCONN) == -1) {
542 log_warn("%s, unable to listen on socket", __func__);
543 close(fd);
544 return -1;
545 }
546
547 return (fd);
548 }
549
550 static int
551 sockets_accept_reserve(int sockfd, struct sockaddr *addr, socklen_t *addrlen,
552 int reserve, volatile int *counter)
553 {
554 int ret;
555
556 if (getdtablecount() + reserve +
557 ((*counter + 1) * FD_NEEDED) >= getdtablesize()) {
558 log_debug("inflight fds exceeded");
559 errno = EMFILE;
560 return -1;
561 }
562 /* TA: This needs fixing upstream. */
563 #ifdef __APPLE__
564 ret = accept(sockfd, addr, addrlen);
565 #else
566 ret = accept4(sockfd, addr, addrlen, SOCK_NONBLOCK | SOCK_CLOEXEC);
567 #endif
568
569 if (ret > -1) {
570 (*counter)++;
571 log_debug("inflight incremented, now %d", *counter);
572 }
573
574 return ret;
575 }
576
577 static void
578 sockets_accept_paused(int fd, short events, void *arg)
579 {
580 struct socket *sock = (struct socket *)arg;
581
582 event_add(&sock->ev, NULL);
583 }
584
585 void
586 sockets_socket_accept(int fd, short event, void *arg)
587 {
588 struct socket *sock = (struct socket *)arg;
589 struct sockaddr_storage ss;
590 struct timeval backoff;
591 struct request *c = NULL;
592 socklen_t len;
593 int s;
594
595 backoff.tv_sec = 1;
596 backoff.tv_usec = 0;
597
598 event_add(&sock->ev, NULL);
599 if (event & EV_TIMEOUT)
600 return;
601
602 len = sizeof(ss);
603
604 s = sockets_accept_reserve(fd, (struct sockaddr *)&ss, &len,
605 FD_RESERVE, &cgi_inflight);
606
607 if (s == -1) {
608 switch (errno) {
609 case EINTR:
610 case EWOULDBLOCK:
611 case ECONNABORTED:
612 return;
613 case EMFILE:
614 case ENFILE:
615 event_del(&sock->ev);
616 evtimer_add(&sock->pause, &backoff);
617 return;
618 default:
619 log_warn("%s: accept", __func__);
620 }
621 }
622
623 if (client_cnt > GOTWEBD_MAXCLIENTS)
624 goto err;
625
626 c = calloc(1, sizeof(struct request));
627 if (c == NULL) {
628 log_warn("%s", __func__);
629 close(s);
630 cgi_inflight--;
631 return;
632 }
633
634 c->tp = template(c, fcgi_puts, fcgi_putc);
635 if (c->tp == NULL) {
636 log_warn("%s", __func__);
637 close(s);
638 cgi_inflight--;
639 free(c);
640 return;
641 }
642
643 c->fd = s;
644 c->sock = sock;
645 memcpy(c->priv_fd, sock->priv_fd, sizeof(c->priv_fd));
646 c->buf_pos = 0;
647 c->buf_len = 0;
648 c->request_started = 0;
649 c->sock->client_status = CLIENT_CONNECT;
650
651 event_set(&c->ev, s, EV_READ|EV_PERSIST, fcgi_request, c);
652 event_add(&c->ev, NULL);
653
654 evtimer_set(&c->tmo, fcgi_timeout, c);
655 evtimer_add(&c->tmo, &timeout);
656
657 client_cnt++;
658
659 return;
660 err:
661 cgi_inflight--;
662 close(s);
663 if (c != NULL)
664 free(c);
665 }
666
667 static void
668 sockets_rlimit(int maxfd)
669 {
670 struct rlimit rl;
671
672 if (getrlimit(RLIMIT_NOFILE, &rl) == -1)
673 fatal("%s: failed to get resource limit", __func__);
674 log_debug("%s: max open files %llu", __func__,
675 (unsigned long long)rl.rlim_max);
676
677 /*
678 * Allow the maximum number of open file descriptors for this
679 * login class (which should be the class "daemon" by default).
680 */
681 if (maxfd == -1)
682 rl.rlim_cur = rl.rlim_max;
683 else
684 rl.rlim_cur = MAXIMUM(rl.rlim_max, (rlim_t)maxfd);
685 if (setrlimit(RLIMIT_NOFILE, &rl) == -1)
686 fatal("%s: failed to set resource limit", __func__);
687 }
portable version of Game of Trees