solene
/
vger
5
10
Fork 4
Code Issues Pull Requests 2 Releases Activity

haskell mode

This commit is contained in:
Solene Rapenne 2022-08-13 13:56:09 +02:00
parent 7212128831
commit 0b1d5d399d
19 changed files with 133 additions and 1013 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.envrc Normal file
View File

@ -0,0 +1 @@
use nix

5
.gitignore vendored
View File

@ -1,2 +1,3 @@
*.o
vger
*.hi
Vger
unit

60
Gemini.hs Normal file
View File

@ -0,0 +1,60 @@
module Gemini where
import Data.ByteString.UTF8
import Data.Text
import Network.Mime
import System.Directory (doesFileExist, doesDirectoryExist)
import Text.Regex
import Text.Regex.PCRE
-- check :: FilePath -> IO Bool
-- check s = do
-- result <- doesFileExist
-- if result
-- then pure True
-- else pure False
-- return components of the url
-- gemini:// | hostname | uri | ? | query
parse_url :: String -> [[String]]
parse_url url =
(sanitize_uri url) =~ "^(gemini:\\/\\/)([^\\/]*)\\/?([^\\?]*)(\\?)?(.*)?(\\r\\n)$"
-- remove any .. in the uri that could escape the location
sanitize_uri :: String -> String
sanitize_uri path =
subRegex (mkRegex "\\.\\.\\/") path ""
-- return a file as a string
read_file :: String -> IO String
read_file path = do
text <- readFile path
pure text
-- read from stdin
get_request :: IO String
get_request = do
stdin <- getContents
pure stdin
data Gemini = MkGemini
{ domain :: String
, file :: String
, query :: String
, mime :: String
}
parse_to_gemini :: [[String]] -> Gemini
parse_to_gemini tab =
MkGemini
{ domain = tab!!0!!2
, file = tab!!0!!3
, query = tab!!0!!5
, mime = toString (defaultMimeLookup (pack (tab!!0!!3)))
}
get_reply :: String -> Int -> String
get_reply mime 20 =
"20 " ++ mime ++ "\n"

33
Makefile
View File

@ -1,33 +0,0 @@
include config.mk
PREFIX?=/usr/local/
CFLAGS += -pedantic -Wall -Wextra -Wmissing-prototypes \
-Wstrict-prototypes -Wwrite-strings ${EXTRAFLAGS}
.SUFFIXES: .c .o
.c.o:
${CC} ${CFLAGS} -c $<
all: vger
clean:
find . \( -name vger -o \
-name unit_test -o \
-name "*.o" -o \
-name "*.core" \) \
-delete
vger: main.c vger.c mimes.o utils.o opts.h
${CC} ${CFLAGS} -o $@ main.c mimes.o utils.o
install: vger
install -o root -g wheel vger ${PREFIX}/bin/
install -o root -g wheel vger.8 ${PREFIX}/man/man8/
unit_test: tests.c vger.o
${CC} ${CFLAGS} -o $@ vger.o tests.c mimes.o utils.o
test: vger unit_test
./unit_test
cd tests && sh test.sh

3
Procfile Normal file
View File

@ -0,0 +1,3 @@
compilation: ls *c *h | entr make test
haskell: ls Vger.hs Gemini.hs | entr -s "ghc Vger.hs && printf 'gemini://perso.pw/../Vger.hs\r\n' | ./Vger"
haskell-unit: ls *hs | entr -s "ghc unit.hs && ./unit"

9
Vger.hs Normal file
View File

@ -0,0 +1,9 @@
import Gemini
main :: IO ()
main = do
url <- get_request
let request = parse_to_gemini (parse_url url)
content <- read_file (file request)
putStrLn (get_reply (mime request) 20)
putStrLn content

1
config.mk
View File

@ -1 +0,0 @@
EXTRAFLAGS=

14
configure vendored
View File

@ -1,14 +0,0 @@
#!/bin/sh
OS="$(uname -s)"
case "$OS" in
Linux)
EXTRAFLAGS=-lbsd
;;
*)
EXTRAFLAGS=""
;;
esac
echo "EXTRAFLAGS=${EXTRAFLAGS}" > config.mk

88
main.c
View File

@ -1,88 +0,0 @@
#include "vger.c"
int
main(int argc, char **argv)
{
char request[GEMINI_REQUEST_MAX] = {'\0'};
char user[_SC_LOGIN_NAME_MAX] = {'\0'};
char hostname[GEMINI_REQUEST_MAX] = {'\0'};
char query[PATH_MAX] = {'\0'};
char path[PATH_MAX] = {'\0'};
char chroot_dir[PATH_MAX] = DEFAULT_CHROOT;
char file[FILENAME_MAX] = DEFAULT_INDEX;
char dir[PATH_MAX] = {'\0'};
int option = 0;
int virtualhost = 0;
/*
* request : contain the whole request from client : gemini://...\r\n
* user : username, used in drop_privileges()
* hostname : extracted from hostname. used with virtualhosts and cgi SERVER_NAME
* query : file requested in cgi : gemini://...?query
* file : file basename to display. Emtpy is a directory has been requested
* dir : directory requested. vger will chdir() in to find file
* pos : used to parse request and split into interesting parts
*/
while ((option = getopt(argc, argv, ":d:l:m:u:c:vi")) != -1) {
switch (option) {
case 'd':
estrlcpy(chroot_dir, optarg, sizeof(chroot_dir));
break;
case 'l':
estrlcpy(lang, "lang=", sizeof(lang));
estrlcat(lang, optarg, sizeof(lang));
break;
case 'm':
estrlcpy(default_mime, optarg, sizeof(default_mime));
break;
case 'u':
estrlcpy(user, optarg, sizeof(user));
break;
case 'c':
estrlcpy(cgi_dir, optarg, sizeof(cgi_dir));
break;
case 'v':
virtualhost = 1;
break;
case 'i':
doautoidx = 1;
break;
}
}
/*
* do chroot if an user is supplied
*/
drop_privileges(user, chroot_dir, cgi_dir);
check_request(request);
get_hostname(request, hostname, sizeof(hostname));
get_path(request, path, sizeof(path), virtualhost, hostname);
get_query(path, query, sizeof(query));
/* percent decode */
uridecode(query);
uridecode(path);
/* is it cgi ? */
if (*cgi_dir)
if (do_cgi(chroot_dir, cgi_dir, path, hostname, query) == 0)
stop(EXIT_SUCCESS, NULL);
/* *** from here, cgi didn't run ***
* check if path available
*/
check_path(path, sizeof(path), hostname, virtualhost);
/* split dir and filename */
get_dir_file(path, dir, sizeof(dir), file, sizeof(file));
/* go to dir */
echdir(dir);
/* regular file to stdout */
display_file(file);
stop(EXIT_SUCCESS, NULL);
}

139
mimes.c
View File

@ -1,139 +0,0 @@
#include <string.h>
#include <unistd.h>
#include <string.h>
#include "mimes.h"
#include "opts.h"
/* extension to mimetype table */
static const struct {
const char *extension;
const char *type;
} database[] = {
{"gmi", "text/gemini"},
{"gemini", "text/gemini"},
{"7z", "application/x-7z-compressed"},
{"atom", "application/atom+xml"},
{"avi", "video/x-msvideo"},
{"bin", "application/octet-stream"},
{"bmp", "image/x-ms-bmp"},
{"cco", "application/x-cocoa"},
{"crt", "application/x-x509-ca-cert"},
{"css", "text/css"},
{"deb", "application/octet-stream"},
{"dll", "application/octet-stream"},
{"dmg", "application/octet-stream"},
{"doc", "application/msword"},
{"eot", "application/vnd.ms-fontobject"},
{"exe", "application/octet-stream"},
{"flv", "video/x-flv"},
{"fs", "application/octet-stream"},
{"gif", "image/gif"},
{"hqx", "application/mac-binhex40"},
{"htc", "text/x-component"},
{"html", "text/html"},
{"ico", "image/x-icon"},
{"img", "application/octet-stream"},
{"iso", "application/octet-stream"},
{"jad", "text/vnd.sun.j2me.app-descriptor"},
{"jar", "application/java-archive"},
{"jardiff", "application/x-java-archive-diff"},
{"jng", "image/x-jng"},
{"jnlp", "application/x-java-jnlp-file"},
{"jpeg", "image/jpeg"},
{"jpg", "image/jpeg"},
{"js", "application/javascript"},
{"json", "application/json"},
{"kml", "application/vnd.google-earth.kml+xml"},
{"kmz", "application/vnd.google-earth.kmz"},
{"m3u8", "application/vnd.apple.mpegurl"},
{"m4a", "audio/x-m4a"},
{"m4v", "video/x-m4v"},
{"md", "text/markdown"},
{"mid", "audio/midi"},
{"midi", "audio/midi"},
{"mkv", "video/x-matroska"},
{"mml", "text/mathml"},
{"mng", "video/x-mng"},
{"mov", "video/quicktime"},
{"mp3", "audio/mpeg"},
{"mp4", "video/mp4"},
{"mpeg", "video/mpeg"},
{"mpg", "video/mpeg"},
{"msi", "application/octet-stream"},
{"msm", "application/octet-stream"},
{"msp", "application/octet-stream"},
{"odb", "application/vnd.oasis.opendocument.database"},
{"odc", "application/vnd.oasis.opendocument.chart"},
{"odf", "application/vnd.oasis.opendocument.formula"},
{"odg", "application/vnd.oasis.opendocument.graphics"},
{"odi", "application/vnd.oasis.opendocument.image"},
{"odm", "application/vnd.oasis.opendocument.text-master"},
{"odp", "application/vnd.oasis.opendocument.presentation"},
{"ods", "application/vnd.oasis.opendocument.spreadsheet"},
{"odt", "application/vnd.oasis.opendocument.text"},
{"ogg", "audio/ogg"},
{"oth", "application/vnd.oasis.opendocument.text-web"},
{"otp", "application/vnd.oasis.opendocument.presentation-template"},
{"pac", "application/x-ns-proxy-autoconfig"},
{"pdf", "application/pdf"},
{"pem", "application/x-x509-ca-cert"},
{"pl", "application/x-perl"},
{"pm", "application/x-perl"},
{"png", "image/png"},
{"ppt", "application/vnd.ms-powerpoint"},
{"ps", "application/postscript"},
{"ra", "audio/x-realaudio"},
{"rar", "application/x-rar-compressed"},
{"rpm", "application/x-redhat-package-manager"},
{"rss", "application/rss+xml"},
{"rtf", "application/rtf"},
{"run", "application/x-makeself"},
{"sea", "application/x-sea"},
{"sit", "application/x-stuffit"},
{"svg", "image/svg+xml"},
{"svgz", "image/svg+xml"},
{"swf", "application/x-shockwave-flash"},
{"tcl", "application/x-tcl"},
{"tif", "image/tiff"},
{"tiff", "image/tiff"},
{"tk", "application/x-tcl"},
{"ts", "video/mp2t"},
{"txt", "text/plain"},
{"war", "application/java-archive"},
{"wbmp", "image/vnd.wap.wbmp"},
{"webm", "video/webm"},
{"webp", "image/webp"},
{"wml", "text/vnd.wap.wml"},
{"wmlc", "application/vnd.wap.wmlc"},
{"wmv", "video/x-ms-wmv"},
{"woff", "application/font-woff"},
{"xhtml", "application/xhtml+xml"},
{"xls", "application/vnd.ms-excel"},
{"xml", "text/xml"},
{"xpi", "application/x-xpinstall"},
{"zip", "application/zip"}
};
#ifndef nitems
#define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
#endif
const char *
get_file_mime(const char *path, const char *default_mime)
{
size_t i;
char *extension;
/* search for extension after last '.' in path */
if ((extension = strrchr(path, '.')) != NULL) {
/* look for the MIME in the database */
for (i = 0; i < nitems(database); i++) {
if (strcmp(database[i].extension, extension + 1) == 0)
return (database[i].type);
}
}
/* no MIME found, set a default one */
return default_mime;
}

1
mimes.h
View File

@ -1 +0,0 @@
const char *get_file_mime(const char *, const char *);

18
opts.h
View File

@ -1,18 +0,0 @@
#include <limits.h> /* PATH_MAX */
/* Defaults values */
#define DEFAULT_MIME "application/octet-stream"
#define DEFAULT_LANG ""
#define DEFAULT_CHROOT "/var/gemini"
#define DEFAULT_INDEX "index.gmi"
#define DEFAULT_AUTOIDX 0
/*
* Options used later
*/
/* longest hardcoded mimetype is 56 long so 64 should be enough */
static char default_mime[64] = DEFAULT_MIME;
static char lang[16] = DEFAULT_LANG;
static unsigned int doautoidx = DEFAULT_AUTOIDX;
static char cgi_dir[PATH_MAX] = {'\0'};
static int chrooted = 0;

5
shell.nix
View File

@ -8,9 +8,14 @@ mkShell {
kakoune
git-up
gdb
cabal2nix
(pkgs.haskellPackages.ghcWithPackages (self:
[
haskellPackages.regex-pcre
haskellPackages.regex-compat
haskellPackages.mime-types
haskellPackages.HUnit
haskellPackages.utf8-string
]
))
];

50
tests.c
View File

@ -1,50 +0,0 @@
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#include "vger.h"
// to test
void test_status(void);
void test_status_error(void);
void test_uridecode(char*, const int);
void
test_uridecode(char *str, const int result)
{
char reference[GEMINI_REQUEST_MAX] = {'\0'};
strlcpy(reference, str, sizeof(reference));
uridecode(str);
if (strncmp(reference, str, strlen(str)) != result)
{
printf("uridecode error\n");
printf("Strings should be %s\n", (result == 0) ? "identical" : "different");
printf("passed %s\n", reference);
printf("got %s\n", str);
exit(1);
}
}
void
test_status(void)
{
status(20, "text/gemini");
}
void
test_status_error(void)
{
status(51, "file not found");
status(50, "Forbidden path");
status(50, "Internal server error");
}
int
main(void)
{
test_status_error();
test_status();
//test_uridecode("host.name", 0);
//test_uridecode("host.name/percent%25-encode%3.gmi", 1);
return(0);
}

52
unit.hs Normal file
View File

@ -0,0 +1,52 @@
import Test.HUnit
import Gemini
regex_1 = TestCase (assertEqual
"single file request"
[["gemini://perso.pw/index.gmi\r\n", "gemini://", "perso.pw", "index.gmi", "", "", "\r\n"]]
(parse_url "gemini://perso.pw/index.gmi\r\n"))
regex_2 = TestCase (assertEqual
"full request with file and query"
[["gemini://perso.pw/index.gmi?query=value\r\n", "gemini://", "perso.pw", "index.gmi", "?", "query=value", "\r\n"]]
(parse_url "gemini://perso.pw/index.gmi?query=value\r\n"))
regex_3 = TestCase (assertEqual
"missing newline return"
[]
(parse_url "gemini://perso.pw/"))
regex_4 = TestCase (assertEqual
"query without a file"
[["gemini://perso.pw/?query=value\r\n", "gemini://", "perso.pw", "", "?", "query=value", "\r\n"]]
(parse_url "gemini://perso.pw/?query=value\r\n"))
regex_5 = TestCase (assertEqual
"domain only"
[["gemini://perso.pw\r\n", "gemini://", "perso.pw", "", "", "", "\r\n"]]
(parse_url "gemini://perso.pw\r\n"))
regex_6 = TestCase (assertEqual
"directory requested"
[["gemini://perso.pw/directory/\r\n", "gemini://", "perso.pw", "directory/", "", "", "\r\n"]]
(parse_url "gemini://perso.pw/directory/\r\n"))
regex_7 = TestCase (assertEqual
"path traversal attempt"
[["gemini://perso.pw/directory/\r\n", "gemini://", "perso.pw", "directory/", "", "", "\r\n"]]
(parse_url "gemini://perso.pw/../../directory/\r\n"))
tests = TestList
[ regex_1
, regex_2
, regex_3
, regex_4
, regex_5
, regex_6
, regex_7
]
main :: IO Counts
main = do
runTestTT tests

117
utils.c
View File

@ -1,117 +0,0 @@
#include <err.h>
#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <syslog.h>
#include <unistd.h>
#include "utils.h"
#include "vger.h"
#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined( __NetBSD__) || defined(__DragonFly__)
#include <string.h>
#else
#include <bsd/string.h>
#endif
/* e*foo() functions are the equivalent of foo() but handle errors.
* In case an error happens:
* The error is printed to stdout
* return 1
*/
#ifdef __OpenBSD__
void
eunveil(const char *path, const char *permissions)
{
if (unveil(path, permissions) == -1) {
status(41, "Error when unveil(), see logs");
stop(EXIT_FAILURE, "unveil on %s failed", path);
}
}
void
epledge(const char *promises, const char *execpromises)
{
if (pledge(promises, execpromises) == -1) {
status(41, "Error when pledge(), see logs");
stop(EXIT_FAILURE, "pledge failed for: %s", promises);
}
}
#endif
size_t
estrlcpy(char *dst, const char *src, size_t dstsize)
{
size_t n = 0;
n = strlcpy(dst, src, dstsize);
if (n >= dstsize) {
status(41, "strlcpy failed, see logs");
stop(EXIT_FAILURE, "strlcpy() failed for %s = %s", dst, src);
}
return n;
}
size_t
estrlcat(char *dst, const char *src, size_t dstsize)
{
size_t size;
if ((size = strlcat(dst, src, dstsize)) >= dstsize) {
status(41, "strlcat() failed, see logs");
stop(EXIT_FAILURE, "strlcat on %s + %s", dst, src);
}
return size;
}
int
esetenv(const char *name, const char *value, int overwrite)
{
int ret = 0;
ret = setenv(name, value, overwrite);
if (ret != 0) {
status(41, "setenv() failed, see logs");
stop(EXIT_FAILURE, "setenv() %s:%s", name, value);
}
return ret;
}
void
echdir(const char *path)
{
if (chdir(path) == -1) {
switch (errno) {
case ENOTDIR: /* FALLTHROUGH */
case ENOENT:
status(51, "file not found");
break;
case EACCES:
status(50, "Forbidden path");
break;
default:
status(50, "Internal server error");
break;
}
stop(EXIT_FAILURE, "chdir(%s) failed", path);
}
}
/* read the file fd byte after byte in buffer and write it to stdout
* return number of bytes read
*/
size_t
print_file(FILE *fd)
{
ssize_t nread = 0;
ssize_t datasent = 0;
char *buffer[BUFSIZ];
while ((nread = fread(buffer, 1, sizeof(buffer), fd)) != 0)
datasent += fwrite(buffer, 1, nread, stdout);
return datasent;
}

8
utils.h
View File

@ -1,8 +0,0 @@
void echdir (const char *);
void epledge(const char *, const char *);
void eunveil(const char *, const char *);
int esetenv(const char *, const char *, int);
size_t estrlcat(char *, const char *, size_t);
size_t estrlcpy(char *, const char *, size_t);
size_t print_file(FILE *fd);
void set_errmsg(const char *, ...);

505
vger.c
View File

@ -1,505 +0,0 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <ctype.h>
#include <dirent.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <unistd.h>
#include "mimes.h"
#include "opts.h"
#include "utils.h"
#include "vger.h"
void
stop(const int r, const char *fmt, ...)
{
va_list ap, ap2;
fflush(stdout); /* ensure all data is sent */
/* log the request and retcode */
syslog(LOG_DAEMON, "\"%s\" %i %zd", _request, _retcode, _datasiz);
if (r != EXIT_SUCCESS) {
/* log and print error */
va_copy(ap2, ap);
va_start(ap, fmt);
vsyslog(LOG_ERR, fmt, ap);
va_end(ap);
va_start(ap2, fmt);
vfprintf(stderr, fmt, ap2);
va_end(ap2);
}
exit(r);
}
void
status(const int code, const char *fmt, ...)
{
va_list ap;
_datasiz += fprintf(stdout, "%i ", code);
va_start(ap, fmt);
_datasiz += vfprintf(stdout, fmt, ap);
va_end(ap);
_datasiz += fprintf(stdout, "\r\n"); /* make sure status end correctly */
_retcode = code; /* store return code for logs */
}
int
uridecode(char *uri)
{
int n = 0;
char c = '\0';
long l = 0;
char *pos = NULL;
if ((pos = strchr(uri, '%')) == NULL)
return n;
while ((pos = strchr(pos, '%')) != NULL) {
if (strlen(pos) < 3)
return n;
char hex[3] = {'\0'};
for (size_t i = 0; i < 2; i++)
hex[i] = tolower(pos[i + 1]);
errno = 0;
l = strtol(hex, 0, 16);
if (errno == ERANGE && (l == LONG_MAX || l == LONG_MIN))
continue; /* conversion failed */
c = (char)l;
pos[0] = c;
/* rewind of two char to remove %hex */
memmove(pos + 1, pos + 3, strlen(pos + 3) + 1); /* +1 for \0 */
n++;
pos++; /* avoid infinite loop */
}
return n;
}
void
drop_privileges(const char *user, const char *chroot_dir, const char *cgi_dir)
{
struct passwd *pw;
/*
* use chroot() if an user is specified requires root user to be
* running the program to run chroot() and then drop privileges
*/
if (*user) {
/* is root? */
if (getuid() != 0) {
status(41, "privileges issue, see logs");
stop(EXIT_FAILURE, "%s",
"chroot requires program to be run as root");
}
/* search user uid from name */
if ((pw = getpwnam(user)) == NULL) {
status(41, "privileges issue, see logs");
stop(EXIT_FAILURE,
"the user %s can't be found on the system", user);
}
/* chroot worked? */
if (chroot(chroot_dir) != 0) {
status(41, "privileges issue, see logs");
stop(EXIT_FAILURE,
"the chroot_dir %s can't be used for chroot", chroot_dir);
}
chrooted = 1;
echdir("/");
/* drop privileges */
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
status(41, "privileges issue, see logs");
stop(EXIT_FAILURE,
"dropping privileges to user %s (uid=%i) failed", \
user, pw->pw_uid);
}
}
#ifdef __OpenBSD__
/*
* prevent access to files other than the one in chroot_dir
*/
if (chrooted)
eunveil("/", "r");
else
eunveil(chroot_dir, "r");
/* permission to execute what's inside cgi_dir */
if (*cgi_dir)
eunveil(cgi_dir, "rx");
eunveil(NULL, NULL); /* no more call to unveil() */
/* promise permissions */
if (*cgi_dir)
epledge("stdio rpath exec", NULL);
else
epledge("stdio rpath", NULL);
#endif
if (!chrooted)
echdir(chroot_dir); /* move to the gemini data directory */
}
ssize_t
display_file(const char *fname)
{
FILE *fd = NULL;
const char *file_mime;
/*
* special case : fname empty. The user requested just a dir name
*/
if ((strlen(fname) == 0) && (doautoidx)) {
/* no index.gmi, so display autoindex if enabled */
_datasiz += autoindex(".");
return _datasiz;
}
/* open the file requested */
if ((fd = fopen(fname, "r")) != NULL) {
file_mime = get_file_mime(fname, default_mime);
if (strcmp(file_mime, "text/gemini") == 0)
status(20, "%s; %s", file_mime, lang);
else
status(20, "%s", file_mime);
_datasiz += print_file(fd);
fclose(fd); /* close file descriptor */
} else {
/* return an error code and no content.
* seems unlikely to happen unless the file vanished
* since we checked with stat() if it exists
*/
status(51, "%s", "file not found and may have vanished");
}
return _datasiz;
}
int
do_cgi(const char *chroot_dir, const char *cgi_dir, const char *path, const char *hostname, const char *query)
{
/* WARNING : this function is fragile since it
* compares path using the string to access them.
* It would be preferable to use stat() to check
* if two path refer to the same inode
*/
char cgirp[PATH_MAX] = {'\0'}; /* cgi dir path in chroot */
char cgifp[PATH_MAX] = {'\0'}; /* cgi file to execute */
char *path_info = NULL;
/* check if path starts with cgi_dir
* compare beginning of path with cgi_dir
* path + 2 : skip "./"
* cgi_dir + strlen(chrootdir) (skip chrootdir)
*/
estrlcpy(cgirp, cgi_dir + strlen(chroot_dir), sizeof(cgirp));
/* ensure there is no leading / if user didn't end chrootdir with */
while (*cgirp == '/')
estrlcpy(cgirp, cgirp+1, sizeof(cgirp));
if (strncmp(cgirp, path+2, strlen(cgirp)) != 0)
return 1; /* not in cgi_dir, go to display_file */
/* set env variables for CGI
* see
* https://lists.orbitalfox.eu/archives/gemini/2020/000315.html
*/
esetenv("GATEWAY_INTERFACE", "CGI/1.1", 1);
esetenv("SERVER_PROTOCOL", "GEMINI", 1);
esetenv("SERVER_SOFTWARE", "vger/1", 1);
if (*query)
esetenv("QUERY_STRING", query, 1);
/*
* if in cgi_dir, only the first file after cgi_dir/FILE
* is to be executed
* the rest is PATH_INFO
*/
/* find next item after cgi_dir in path:
* path + 2 (skip "./") + strlen(cgirp) + 1 (skip '/')
*/
/* cgi file to execute */
estrlcpy(cgifp, path + 2 + strlen(cgirp) + 1, sizeof(cgifp));
if (!(*cgifp)) /* problem with cgi file, abort */
return 1;
/* check if there is something after cgi file for PATH_INFO */
path_info = strchr(cgifp, '/');
if (path_info != NULL) {
esetenv("PATH_INFO", path_info, 1);
*path_info = '\0'; /* stop cgifp before PATH_INFO */
}
esetenv("SCRIPT_NAME", cgifp, 1);
esetenv("SERVER_NAME", hostname, 1);
echdir(cgirp);
cgi(cgifp);
return 0;
}
ssize_t
autoindex(const char *path)
{
/* display list of files in path + a link to parent (..) */
int n = 0;
struct dirent **namelist; /* this must be freed at last */
size_t bs = 0;
/* use alphasort to always have the same order on every system */
if ((n = scandir(path, &namelist, NULL, alphasort)) < 0) {
status(50, "Can't scan %s", path);
} else {
status(20, "text/gemini");
bs += fprintf(stdout, "=> .. ../\n"); /* display link to parent */
for (int j = 0; j < n; j++) {
/* skip self and parent */
if ((strcmp(namelist[j]->d_name, ".") == 0) ||
(strcmp(namelist[j]->d_name, "..") == 0)) {
continue;
}
/* add "/" at the end of a directory path */
if (namelist[j]->d_type == DT_DIR) {
bs += fprintf(stdout, "=> ./%s/ %s/\n",
namelist[j]->d_name, namelist[j]->d_name);
} else {
bs += fprintf(stdout, "=> ./%s %s\n",
namelist[j]->d_name, namelist[j]->d_name);
}
free(namelist[j]);
}
free(namelist);
}
return bs;
}
void
cgi(const char *cgicmd)
{
/* TODO? cgi currently return the wrong data size unless we switch from execl to popen */
/* run cgicmd replacing current process */
_datasiz = -1; /* bytes sent by cgi are unknown */
execl(cgicmd, cgicmd, NULL);
/* if execl is ok, this will never be reached */
status(42, "error when trying run cgi");
stop(EXIT_FAILURE, "error when trying to execl %s", cgicmd);
}
void
strip_trailing_slash(char *path)
{
size_t end = strlen(path);
if (end == 0)
return;
end--;
while (path[end] == '/')
path[end--] = '\0';
}
char *
check_request(char *request)
{
/*
* read the request, check for errors and sanitize the input
*/
char *pos = NULL;
/* read 1024 +1 chars from stdin to get the request (1024 + \0) */
if (fgets(request, GEMINI_REQUEST_MAX, stdin) == NULL) {
/* EOF reached before reading anything */
if (feof(stdin)) {
status(59, "%s", "request is too short and probably empty");
stop(EXIT_FAILURE, "%s", "request is too short and probably empty");
/* error before reading anything */
} else if (ferror(stdin)) {
status(59, "Error while reading request: %s", request);
stop(EXIT_FAILURE, "Error while reading request: %s", request);
}
}
/* check if string ends with '\n', or to long */
if (request[strnlen(request, GEMINI_REQUEST_MAX) - 1] != '\n') {
status(59, "request is too long (1024 max): %s", request);
stop(EXIT_FAILURE, "request is too long (1024 max): %s", request);
}
/* remove \r\n at the end of string */
request[strcspn(request, "\r\n")] = '\0';
/*
* check if the beginning of the request starts with
* gemini://
*/
if (strncmp(request, "gemini://", GEMINI_PART) != 0) {
/* error code url malformed */
status(59, "request «%s» doesn't match gemini://", request);
stop(EXIT_FAILURE, "request «%s» doesn't match gemini://", request);
}
/* save request for logs */
estrlcpy(_request, request, sizeof(_request));
/* remove the gemini:// part */
memmove(request, request + GEMINI_PART, strlen(request) + 1 - GEMINI_PART);
/* remove all "/.." for safety reasons */
while ((pos = strstr(request, "/..")) != NULL)
memmove(request, pos + 3, strlen(pos) + 1 - 3); /* "/.." = 3 */
return request;
}
char *
get_hostname(const char *request, char *hstnm, size_t hstnmsiz)
{
char *pos = NULL;
/* first make a copy of request */
estrlcpy(hstnm, request, hstnmsiz);
/* look for hostname : stops at first '/' if any */
if ( (pos = strchr(hstnm, '/')) != NULL)
pos[0] = '\0'; /* end string at the end of hostname */
/* check if client added :port at end of hostname and remove it */
if ( (pos = strchr(hstnm, ':')) != NULL)
pos[0] = '\0'; /* end string at : */
return hstnm;
}
char *
get_path(const char *request, char *path, size_t pathsiz, int virtualhost, const char *hostname)
{
char *pos = NULL;
/* path must be relative to chroot */
estrlcpy(path, "./", pathsiz);
/* path is in a subdir named hostname */
if (virtualhost) {
estrlcat(path, hostname, pathsiz);
estrlcat(path, "/", pathsiz);
}
/* path is after hostname/ */
pos = strchr(request, '/');
if (pos != NULL) /* append the path. pos +1 to remove leading '/' */
estrlcat(path, pos+1, pathsiz);
return path;
}
void
check_path(char *path, size_t pathsiz, const char *hstnm, int virtualhost)
{
struct stat sb = {0};
char tmp[PATH_MAX] = {'\0'};
if (stat(path, &sb) == -1) {
if (lstat(path, &sb) != -1 && S_ISLNK(sb.st_mode) == 1) {
if (readlink(path, tmp, sizeof(tmp)) > 0) {
status(30, "%s", tmp);
stop(EXIT_SUCCESS, NULL);
}
}
status(51, "%s", "file not found");
stop(EXIT_SUCCESS, NULL);
}
if (S_ISDIR(sb.st_mode)) {
/* check if dir path end with "/" */
if (path[strlen(path) - 1] != '/') {
/* redirect to the dir with appropriate ending '/' */
/* remove leading '.' for redirection*/
if (virtualhost) /* remove ./host.name */
memmove(path, path+2+strlen(hstnm),
strlen(path + 2) + strlen(hstnm) + 1);
else
memmove(path, path+1,
strlen(path + 1) + 1); /* +1 for \0 */
estrlcat(path, "/", pathsiz);
status(31, "%s", path);
stop(EXIT_SUCCESS, NULL);
}
/* check if DEFAULT_INDEX exists in directory */
estrlcpy(tmp, path, sizeof(tmp));
estrlcat(tmp, "/", sizeof(tmp));
estrlcat(tmp, DEFAULT_INDEX, sizeof(tmp));
if (stat(tmp, &sb) == 0)
estrlcpy(path, tmp, pathsiz);
}
}
void
get_dir_file(char *path, char *dir, size_t dirsiz, char *file, size_t filesiz)
{
char *pos = NULL;
pos = strrchr(path, '/');
if (pos != NULL) {
estrlcpy(file, pos+1, filesiz); /* +1 : not heading / */
pos[0] = '\0'; /* stop path at file */
estrlcpy(dir, path, dirsiz);
} else {
estrlcpy(file, path, filesiz);
}
}
char *
get_query(char *path, char *query, size_t querysiz)
{
char *pos = NULL;
/* remove a query string before percent decoding */
/* look for "?" if any to set query for cgi, remove it */
pos = strchr(path, '?');
if (pos != NULL) {
estrlcpy(query, pos + 1, querysiz);
pos[0] = '\0'; /* path end where query begins */
}
return query;
}

37
vger.h
View File

@ -1,37 +0,0 @@
#ifndef vger_h_INCLUDED
#define vger_h_INCLUDED
/* length of "gemini://" */
#define GEMINI_PART 9
/*
* number of bytes to read with fgets() : 2014 + 1.
* fgets() reads at most size-1 (1024 here).
* See https://gemini.circumlunar.space/docs/specification.html.
*/
#define GEMINI_REQUEST_MAX 1025
/* global vars */
static int _retcode = 0;
static ssize_t _datasiz = 0;
static char _request[GEMINI_REQUEST_MAX] = {'\0'};
/* functions */
ssize_t autoindex(const char *);
void cgi(const char *);
char * check_request(char *);
void check_path(char *, size_t, const char *, int);
ssize_t display_file(const char *);
int do_cgi(const char *, const char *, const char *, const char *, const char *);
void drop_privileges(const char *, const char *, const char *);
void get_dir_file(char *, char *, size_t, char *, size_t);
char * get_hostname(const char *, char *, size_t);
char * get_path(const char *, char *, size_t, int, const char *);
char * get_query(char *, char *, size_t);
void status(const int, const char *, ...);
void strip_trailing_slash(char *);
int uridecode (char *);
void stop(const int, const char *, ...);
#endif // vger_h_INCLUDED