search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
check for errors from telldir(3); suggested by jamsek
[got-portable.git] / gotwebd / sockets.c
blob146e5db365e9cda374d97b57c58d20693d63e40e
1 /*
2 * Copyright (c) 2016, 2019, 2020-2021 Tracey Emery <tracey@traceyemery.net>
3 * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
4 * Copyright (c) 2013 David Gwynne <dlg@openbsd.org>
5 * Copyright (c) 2013 Florian Obser <florian@openbsd.org>
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 #include "got_compat.h"
21
22 #include <sys/param.h>
23 #include <sys/ioctl.h>
24 #include <sys/queue.h>
25 #include <sys/wait.h>
26 #include <sys/uio.h>
27 #include <sys/resource.h>
28 #include <sys/socket.h>
29 #include <sys/stat.h>
30 #include <sys/time.h>
31 #include <sys/types.h>
32 #include <sys/mman.h>
33 #include <sys/un.h>
34
35 #include <net/if.h>
36 #include <netinet/in.h>
37
38 #include <errno.h>
39 #include <event.h>
40 #include <fcntl.h>
41 #include <ifaddrs.h>
42 #include <limits.h>
43 #include <netdb.h>
44 #include <poll.h>
45 #include <pwd.h>
46 #include <stddef.h>
47 #include <stdio.h>
48 #include <stdlib.h>
49 #include <string.h>
50 #include <unistd.h>
51
52 #include "got_error.h"
53 #include "got_opentemp.h"
54 #include "got_reference.h"
55 #include "got_repository.h"
56 #include "got_privsep.h"
57
58 #include "gotwebd.h"
59 #include "log.h"
60 #include "tmpl.h"
61
62 #define SOCKS_BACKLOG 5
63 #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b))
64
65 volatile int client_cnt;
66
67 static struct timeval timeout = { TIMEOUT_DEFAULT, 0 };
68
69 static void sockets_sighdlr(int, short, void *);
70 static void sockets_shutdown(void);
71 static void sockets_launch(void);
72 static void sockets_accept_paused(int, short, void *);
73 static void sockets_rlimit(int);
74
75 static void sockets_dispatch_main(int, short, void *);
76 static int sockets_unix_socket_listen(struct gotwebd *, struct socket *);
77 static int sockets_create_socket(struct address *);
78 static int sockets_accept_reserve(int, struct sockaddr *, socklen_t *,
79 int, volatile int *);
80
81 static struct socket *sockets_conf_new_socket(struct gotwebd *,
82 int, struct address *);
83
84 int cgi_inflight = 0;
85
86 void
87 sockets(struct gotwebd *env, int fd)
88 {
89 struct event sighup, sigint, sigusr1, sigchld, sigterm;
90 struct event_base *evb;
91
92 evb = event_init();
93
94 sockets_rlimit(-1);
95
96 if ((env->iev_parent = malloc(sizeof(*env->iev_parent))) == NULL)
97 fatal("malloc");
98 if (imsgbuf_init(&env->iev_parent->ibuf, fd) == -1)
99 fatal("imsgbuf_init");
100 imsgbuf_allow_fdpass(&env->iev_parent->ibuf);
101 env->iev_parent->handler = sockets_dispatch_main;
102 env->iev_parent->data = env->iev_parent;
103 event_set(&env->iev_parent->ev, fd, EV_READ, sockets_dispatch_main,
104 env->iev_parent);
105 event_add(&env->iev_parent->ev, NULL);
106
107 signal(SIGPIPE, SIG_IGN);
108
109 signal_set(&sighup, SIGHUP, sockets_sighdlr, env);
110 signal_add(&sighup, NULL);
111 signal_set(&sigint, SIGINT, sockets_sighdlr, env);
112 signal_add(&sigint, NULL);
113 signal_set(&sigusr1, SIGUSR1, sockets_sighdlr, env);
114 signal_add(&sigusr1, NULL);
115 signal_set(&sigchld, SIGCHLD, sockets_sighdlr, env);
116 signal_add(&sigchld, NULL);
117 signal_set(&sigterm, SIGTERM, sockets_sighdlr, env);
118 signal_add(&sigterm, NULL);
119
120 #ifndef PROFILE
121 if (pledge("stdio rpath inet recvfd proc exec sendfd unveil",
122 NULL) == -1)
123 fatal("pledge");
124 #endif
125
126 event_dispatch();
127 event_base_free(evb);
128 sockets_shutdown();
129 }
130
131 void
132 sockets_parse_sockets(struct gotwebd *env)
133 {
134 struct address *a;
135 struct socket *new_sock = NULL;
136 int sock_id = 1;
137
138 TAILQ_FOREACH(a, &env->addresses, entry) {
139 new_sock = sockets_conf_new_socket(env, sock_id, a);
140 if (new_sock) {
141 sock_id++;
142 TAILQ_INSERT_TAIL(&env->sockets,
143 new_sock, entry);
144 }
145 }
146 }
147
148 static struct socket *
149 sockets_conf_new_socket(struct gotwebd *env, int id, struct address *a)
150 {
151 struct socket *sock;
152 struct address *acp;
153
154 if ((sock = calloc(1, sizeof(*sock))) == NULL)
155 fatalx("%s: calloc", __func__);
156
157 sock->conf.id = id;
158 sock->fd = -1;
159 sock->conf.af_type = a->ss.ss_family;
160
161 if (a->ss.ss_family == AF_UNIX) {
162 struct sockaddr_un *sun;
163
164 sun = (struct sockaddr_un *)&a->ss;
165 if (strlcpy(sock->conf.unix_socket_name, sun->sun_path,
166 sizeof(sock->conf.unix_socket_name)) >=
167 sizeof(sock->conf.unix_socket_name))
168 fatalx("unix socket path too long: %s", sun->sun_path);
169 }
170
171 sock->conf.fcgi_socket_port = a->port;
172
173 acp = &sock->conf.addr;
174
175 memcpy(&acp->ss, &a->ss, sizeof(acp->ss));
176 acp->slen = a->slen;
177 acp->ai_family = a->ai_family;
178 acp->ai_socktype = a->ai_socktype;
179 acp->ai_protocol = a->ai_protocol;
180 acp->port = a->port;
181 if (*a->ifname != '\0') {
182 if (strlcpy(acp->ifname, a->ifname,
183 sizeof(acp->ifname)) >= sizeof(acp->ifname)) {
184 fatalx("%s: interface name truncated",
185 __func__);
186 }
187 }
188
189 return (sock);
190 }
191
192 static void
193 sockets_launch(void)
194 {
195 struct socket *sock;
196 struct server *srv;
197 const struct got_error *error;
198
199 TAILQ_FOREACH(sock, &gotwebd_env->sockets, entry) {
200 log_info("%s: configuring socket %d (%d)", __func__,
201 sock->conf.id, sock->fd);
202
203 event_set(&sock->ev, sock->fd, EV_READ | EV_PERSIST,
204 sockets_socket_accept, sock);
205
206 if (event_add(&sock->ev, NULL))
207 fatalx("event add sock");
208
209 evtimer_set(&sock->pause, sockets_accept_paused, sock);
210
211 log_info("%s: running socket listener %d", __func__,
212 sock->conf.id);
213 }
214
215 TAILQ_FOREACH(srv, &gotwebd_env->servers, entry) {
216 if (unveil(srv->repos_path, "r") == -1)
217 fatal("unveil %s", srv->repos_path);
218 }
219
220 error = got_privsep_unveil_exec_helpers();
221 if (error)
222 fatal("%s", error->msg);
223
224 if (unveil(NULL, NULL) == -1)
225 fatal("unveil");
226 }
227
228 void
229 sockets_purge(struct gotwebd *env)
230 {
231 struct socket *sock, *tsock;
232
233 /* shutdown and remove sockets */
234 TAILQ_FOREACH_SAFE(sock, &env->sockets, entry, tsock) {
235 if (event_initialized(&sock->ev))
236 event_del(&sock->ev);
237 if (evtimer_initialized(&sock->evt))
238 evtimer_del(&sock->evt);
239 if (evtimer_initialized(&sock->pause))
240 evtimer_del(&sock->pause);
241 if (sock->fd != -1)
242 close(sock->fd);
243 TAILQ_REMOVE(&env->sockets, sock, entry);
244 free(sock);
245 }
246 }
247
248 static void
249 sockets_dispatch_main(int fd, short event, void *arg)
250 {
251 struct imsgev *iev = arg;
252 struct imsgbuf *ibuf;
253 struct imsg imsg;
254 struct gotwebd *env = gotwebd_env;
255 ssize_t n;
256 int shut = 0;
257
258 ibuf = &iev->ibuf;
259
260 if (event & EV_READ) {
261 if ((n = imsgbuf_read(ibuf)) == -1)
262 fatal("imsgbuf_read error");
263 if (n == 0) /* Connection closed */
264 shut = 1;
265 }
266 if (event & EV_WRITE) {
267 if (imsgbuf_write(ibuf) == -1)
268 fatal("imsgbuf_write");
269 }
270
271 for (;;) {
272 if ((n = imsg_get(ibuf, &imsg)) == -1)
273 fatal("imsg_get");
274 if (n == 0) /* No more messages. */
275 break;
276
277 switch (imsg.hdr.type) {
278 case IMSG_CFG_SRV:
279 config_getserver(env, &imsg);
280 break;
281 case IMSG_CFG_SOCK:
282 config_getsock(env, &imsg);
283 break;
284 case IMSG_CFG_FD:
285 config_getfd(env, &imsg);
286 break;
287 case IMSG_CFG_DONE:
288 config_getcfg(env, &imsg);
289 break;
290 case IMSG_CTL_START:
291 sockets_launch();
292 break;
293 default:
294 fatalx("%s: unknown imsg type %d", __func__,
295 imsg.hdr.type);
296 }
297
298 imsg_free(&imsg);
299 }
300
301 if (!shut)
302 imsg_event_add(iev);
303 else {
304 /* This pipe is dead. Remove its event handler */
305 event_del(&iev->ev);
306 event_loopexit(NULL);
307 }
308 }
309
310 static void
311 sockets_sighdlr(int sig, short event, void *arg)
312 {
313 switch (sig) {
314 case SIGHUP:
315 log_info("%s: ignoring SIGHUP", __func__);
316 break;
317 case SIGPIPE:
318 log_info("%s: ignoring SIGPIPE", __func__);
319 break;
320 case SIGUSR1:
321 log_info("%s: ignoring SIGUSR1", __func__);
322 break;
323 case SIGCHLD:
324 break;
325 case SIGINT:
326 case SIGTERM:
327 sockets_shutdown();
328 break;
329 default:
330 log_info("SIGNAL: %d", sig);
331 fatalx("unexpected signal");
332 }
333 }
334
335 static void
336 sockets_shutdown(void)
337 {
338 sockets_purge(gotwebd_env);
339
340 /* clean servers */
341 while (!TAILQ_EMPTY(&gotwebd_env->servers)) {
342 struct server *srv;
343
344 srv = TAILQ_FIRST(&gotwebd_env->servers);
345 TAILQ_REMOVE(&gotwebd_env->servers, srv, entry);
346 free(srv);
347 }
348
349 while (!TAILQ_EMPTY(&gotwebd_env->addresses)) {
350 struct address *h;
351
352 h = TAILQ_FIRST(&gotwebd_env->addresses);
353 TAILQ_REMOVE(&gotwebd_env->addresses, h, entry);
354 free(h);
355 }
356
357 imsgbuf_clear(&gotwebd_env->iev_parent->ibuf);
358 free(gotwebd_env->iev_parent);
359 free(gotwebd_env);
360
361 exit(0);
362 }
363
364 int
365 sockets_privinit(struct gotwebd *env, struct socket *sock)
366 {
367 if (sock->conf.af_type == AF_UNIX) {
368 log_info("%s: initializing unix socket %s", __func__,
369 sock->conf.unix_socket_name);
370 sock->fd = sockets_unix_socket_listen(env, sock);
371 if (sock->fd == -1)
372 return -1;
373 }
374
375 if (sock->conf.af_type == AF_INET || sock->conf.af_type == AF_INET6) {
376 log_info("%s: initializing %s FCGI socket on port %d",
377 __func__, sock->conf.af_type == AF_INET ? "inet" : "inet6",
378 sock->conf.fcgi_socket_port);
379 sock->fd = sockets_create_socket(&sock->conf.addr);
380 if (sock->fd == -1)
381 return -1;
382 }
383
384 return 0;
385 }
386
387 static int
388 sockets_unix_socket_listen(struct gotwebd *env, struct socket *sock)
389 {
390 int u_fd = -1;
391 mode_t old_umask, mode;
392 int flags = SOCK_STREAM | SOCK_NONBLOCK;
393
394 #ifdef SOCK_CLOEXEC
395 flags |= SOCK_CLOEXEC;
396 #endif
397
398 u_fd = socket(AF_UNIX, flags, 0);
399 if (u_fd == -1) {
400 log_warn("%s: socket", __func__);
401 return -1;
402 }
403
404 if (unlink(sock->conf.unix_socket_name) == -1) {
405 if (errno != ENOENT) {
406 log_warn("%s: unlink %s", __func__,
407 sock->conf.unix_socket_name);
408 close(u_fd);
409 return -1;
410 }
411 }
412
413 old_umask = umask(S_IXUSR|S_IXGRP|S_IWOTH|S_IROTH|S_IXOTH);
414 mode = S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP;
415
416 if (bind(u_fd, (struct sockaddr *)&sock->conf.addr.ss,
417 sock->conf.addr.slen) == -1) {
418 log_warn("%s: bind: %s", __func__, sock->conf.unix_socket_name);
419 close(u_fd);
420 (void)umask(old_umask);
421 return -1;
422 }
423
424 (void)umask(old_umask);
425
426 if (chmod(sock->conf.unix_socket_name, mode) == -1) {
427 log_warn("%s: chmod", __func__);
428 close(u_fd);
429 (void)unlink(sock->conf.unix_socket_name);
430 return -1;
431 }
432
433 if (chown(sock->conf.unix_socket_name, env->pw->pw_uid,
434 env->pw->pw_gid) == -1) {
435 log_warn("%s: chown", __func__);
436 close(u_fd);
437 (void)unlink(sock->conf.unix_socket_name);
438 return -1;
439 }
440
441 if (listen(u_fd, SOCKS_BACKLOG) == -1) {
442 log_warn("%s: listen", __func__);
443 return -1;
444 }
445
446 return u_fd;
447 }
448
449 static int
450 sockets_create_socket(struct address *a)
451 {
452 int fd = -1, o_val = 1, flags;
453
454 fd = socket(a->ai_family, a->ai_socktype, a->ai_protocol);
455 if (fd == -1)
456 return -1;
457
458 log_debug("%s: opened socket (%d) for %s", __func__,
459 fd, a->ifname);
460
461 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &o_val,
462 sizeof(int)) == -1) {
463 log_warn("%s: setsockopt error", __func__);
464 close(fd);
465 return -1;
466 }
467
468 /* non-blocking */
469 flags = fcntl(fd, F_GETFL);
470 flags |= O_NONBLOCK;
471 if (fcntl(fd, F_SETFL, flags) == -1) {
472 log_warn("%s: could not enable non-blocking I/O", __func__);
473 close(fd);
474 return -1;
475 }
476
477 if (bind(fd, (struct sockaddr *)&a->ss, a->slen) == -1) {
478 close(fd);
479 log_warn("%s: can't bind to port %d", __func__, a->port);
480 return -1;
481 }
482
483 if (listen(fd, SOMAXCONN) == -1) {
484 log_warn("%s, unable to listen on socket", __func__);
485 close(fd);
486 return -1;
487 }
488
489 return (fd);
490 }
491
492 static int
493 sockets_accept_reserve(int sockfd, struct sockaddr *addr, socklen_t *addrlen,
494 int reserve, volatile int *counter)
495 {
496 int ret;
497
498 if (getdtablecount() + reserve +
499 ((*counter + 1) * FD_NEEDED) >= getdtablesize()) {
500 log_warnx("inflight fds exceeded");
501 errno = EMFILE;
502 return -1;
503 }
504 /* TA: This needs fixing upstream. */
505 #ifdef __APPLE__
506 ret = accept(sockfd, addr, addrlen);
507 #else
508 ret = accept4(sockfd, addr, addrlen, SOCK_NONBLOCK | SOCK_CLOEXEC);
509 #endif
510
511 if (ret > -1) {
512 (*counter)++;
513 log_debug("inflight incremented, now %d", *counter);
514 }
515
516 return ret;
517 }
518
519 static void
520 sockets_accept_paused(int fd, short events, void *arg)
521 {
522 struct socket *sock = (struct socket *)arg;
523
524 event_add(&sock->ev, NULL);
525 }
526
527 void
528 sockets_socket_accept(int fd, short event, void *arg)
529 {
530 struct socket *sock = (struct socket *)arg;
531 struct sockaddr_storage ss;
532 struct timeval backoff;
533 struct request *c = NULL;
534 socklen_t len;
535 int s;
536
537 backoff.tv_sec = 1;
538 backoff.tv_usec = 0;
539
540 event_add(&sock->ev, NULL);
541 if (event & EV_TIMEOUT)
542 return;
543
544 len = sizeof(ss);
545
546 s = sockets_accept_reserve(fd, (struct sockaddr *)&ss, &len,
547 FD_RESERVE, &cgi_inflight);
548
549 if (s == -1) {
550 switch (errno) {
551 case EINTR:
552 case EWOULDBLOCK:
553 case ECONNABORTED:
554 return;
555 case EMFILE:
556 case ENFILE:
557 event_del(&sock->ev);
558 evtimer_add(&sock->pause, &backoff);
559 return;
560 default:
561 log_warn("%s: accept", __func__);
562 }
563 }
564
565 if (client_cnt > GOTWEBD_MAXCLIENTS)
566 goto err;
567
568 c = calloc(1, sizeof(struct request));
569 if (c == NULL) {
570 log_warn("%s", __func__);
571 close(s);
572 cgi_inflight--;
573 return;
574 }
575
576 c->tp = template(c, &fcgi_write, c->outbuf, sizeof(c->outbuf));
577 if (c->tp == NULL) {
578 log_warn("%s", __func__);
579 close(s);
580 cgi_inflight--;
581 free(c);
582 return;
583 }
584
585 c->fd = s;
586 c->sock = sock;
587 memcpy(c->priv_fd, gotwebd_env->priv_fd, sizeof(c->priv_fd));
588 c->buf_pos = 0;
589 c->buf_len = 0;
590 c->request_started = 0;
591 c->sock->client_status = CLIENT_CONNECT;
592
593 event_set(&c->ev, s, EV_READ|EV_PERSIST, fcgi_request, c);
594 event_add(&c->ev, NULL);
595
596 evtimer_set(&c->tmo, fcgi_timeout, c);
597 evtimer_add(&c->tmo, &timeout);
598
599 client_cnt++;
600
601 return;
602 err:
603 cgi_inflight--;
604 close(s);
605 if (c != NULL)
606 free(c);
607 }
608
609 static void
610 sockets_rlimit(int maxfd)
611 {
612 struct rlimit rl;
613
614 if (getrlimit(RLIMIT_NOFILE, &rl) == -1)
615 fatal("%s: failed to get resource limit", __func__);
616 log_info("%s: max open files %llu", __func__,
617 (unsigned long long)rl.rlim_max);
618
619 /*
620 * Allow the maximum number of open file descriptors for this
621 * login class (which should be the class "daemon" by default).
622 */
623 if (maxfd == -1)
624 rl.rlim_cur = rl.rlim_max;
625 else
626 rl.rlim_cur = MAXIMUM(rl.rlim_max, (rlim_t)maxfd);
627 if (setrlimit(RLIMIT_NOFILE, &rl) == -1)
628 fatal("%s: failed to set resource limit", __func__);
629 }
portable version of Game of Trees