haskell mode
This commit is contained in:
parent
7212128831
commit
0b1d5d399d
|
@ -1,2 +1,3 @@
|
|||
*.o
|
||||
vger
|
||||
*.hi
|
||||
Vger
|
||||
unit
|
||||
|
|
|
@ -0,0 +1,60 @@
|
|||
module Gemini where
|
||||
|
||||
import Data.ByteString.UTF8
|
||||
import Data.Text
|
||||
import Network.Mime
|
||||
import System.Directory (doesFileExist, doesDirectoryExist)
|
||||
import Text.Regex
|
||||
import Text.Regex.PCRE
|
||||
|
||||
|
||||
-- check :: FilePath -> IO Bool
|
||||
-- check s = do
|
||||
-- result <- doesFileExist
|
||||
-- if result
|
||||
-- then pure True
|
||||
-- else pure False
|
||||
|
||||
-- return components of the url
|
||||
-- gemini:// | hostname | uri | ? | query
|
||||
parse_url :: String -> [[String]]
|
||||
parse_url url =
|
||||
(sanitize_uri url) =~ "^(gemini:\\/\\/)([^\\/]*)\\/?([^\\?]*)(\\?)?(.*)?(\\r\\n)$"
|
||||
|
||||
-- remove any .. in the uri that could escape the location
|
||||
sanitize_uri :: String -> String
|
||||
sanitize_uri path =
|
||||
subRegex (mkRegex "\\.\\.\\/") path ""
|
||||
|
||||
|
||||
-- return a file as a string
|
||||
read_file :: String -> IO String
|
||||
read_file path = do
|
||||
text <- readFile path
|
||||
pure text
|
||||
|
||||
-- read from stdin
|
||||
get_request :: IO String
|
||||
get_request = do
|
||||
stdin <- getContents
|
||||
pure stdin
|
||||
|
||||
data Gemini = MkGemini
|
||||
{ domain :: String
|
||||
, file :: String
|
||||
, query :: String
|
||||
, mime :: String
|
||||
}
|
||||
|
||||
parse_to_gemini :: [[String]] -> Gemini
|
||||
parse_to_gemini tab =
|
||||
MkGemini
|
||||
{ domain = tab!!0!!2
|
||||
, file = tab!!0!!3
|
||||
, query = tab!!0!!5
|
||||
, mime = toString (defaultMimeLookup (pack (tab!!0!!3)))
|
||||
}
|
||||
|
||||
get_reply :: String -> Int -> String
|
||||
get_reply mime 20 =
|
||||
"20 " ++ mime ++ "\n"
|
33
Makefile
33
Makefile
|
@ -1,33 +0,0 @@
|
|||
include config.mk
|
||||
|
||||
PREFIX?=/usr/local/
|
||||
CFLAGS += -pedantic -Wall -Wextra -Wmissing-prototypes \
|
||||
-Wstrict-prototypes -Wwrite-strings ${EXTRAFLAGS}
|
||||
|
||||
.SUFFIXES: .c .o
|
||||
|
||||
.c.o:
|
||||
${CC} ${CFLAGS} -c $<
|
||||
|
||||
all: vger
|
||||
|
||||
clean:
|
||||
find . \( -name vger -o \
|
||||
-name unit_test -o \
|
||||
-name "*.o" -o \
|
||||
-name "*.core" \) \
|
||||
-delete
|
||||
|
||||
vger: main.c vger.c mimes.o utils.o opts.h
|
||||
${CC} ${CFLAGS} -o $@ main.c mimes.o utils.o
|
||||
|
||||
install: vger
|
||||
install -o root -g wheel vger ${PREFIX}/bin/
|
||||
install -o root -g wheel vger.8 ${PREFIX}/man/man8/
|
||||
|
||||
unit_test: tests.c vger.o
|
||||
${CC} ${CFLAGS} -o $@ vger.o tests.c mimes.o utils.o
|
||||
|
||||
test: vger unit_test
|
||||
./unit_test
|
||||
cd tests && sh test.sh
|
|
@ -0,0 +1,3 @@
|
|||
compilation: ls *c *h | entr make test
|
||||
haskell: ls Vger.hs Gemini.hs | entr -s "ghc Vger.hs && printf 'gemini://perso.pw/../Vger.hs\r\n' | ./Vger"
|
||||
haskell-unit: ls *hs | entr -s "ghc unit.hs && ./unit"
|
|
@ -0,0 +1,9 @@
|
|||
import Gemini
|
||||
|
||||
main :: IO ()
|
||||
main = do
|
||||
url <- get_request
|
||||
let request = parse_to_gemini (parse_url url)
|
||||
content <- read_file (file request)
|
||||
putStrLn (get_reply (mime request) 20)
|
||||
putStrLn content
|
|
@ -1,14 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
OS="$(uname -s)"
|
||||
|
||||
case "$OS" in
|
||||
Linux)
|
||||
EXTRAFLAGS=-lbsd
|
||||
;;
|
||||
*)
|
||||
EXTRAFLAGS=""
|
||||
;;
|
||||
esac
|
||||
|
||||
echo "EXTRAFLAGS=${EXTRAFLAGS}" > config.mk
|
88
main.c
88
main.c
|
@ -1,88 +0,0 @@
|
|||
#include "vger.c"
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
char request[GEMINI_REQUEST_MAX] = {'\0'};
|
||||
char user[_SC_LOGIN_NAME_MAX] = {'\0'};
|
||||
char hostname[GEMINI_REQUEST_MAX] = {'\0'};
|
||||
char query[PATH_MAX] = {'\0'};
|
||||
char path[PATH_MAX] = {'\0'};
|
||||
char chroot_dir[PATH_MAX] = DEFAULT_CHROOT;
|
||||
char file[FILENAME_MAX] = DEFAULT_INDEX;
|
||||
char dir[PATH_MAX] = {'\0'};
|
||||
int option = 0;
|
||||
int virtualhost = 0;
|
||||
|
||||
/*
|
||||
* request : contain the whole request from client : gemini://...\r\n
|
||||
* user : username, used in drop_privileges()
|
||||
* hostname : extracted from hostname. used with virtualhosts and cgi SERVER_NAME
|
||||
* query : file requested in cgi : gemini://...?query
|
||||
* file : file basename to display. Emtpy is a directory has been requested
|
||||
* dir : directory requested. vger will chdir() in to find file
|
||||
* pos : used to parse request and split into interesting parts
|
||||
*/
|
||||
|
||||
while ((option = getopt(argc, argv, ":d:l:m:u:c:vi")) != -1) {
|
||||
switch (option) {
|
||||
case 'd':
|
||||
estrlcpy(chroot_dir, optarg, sizeof(chroot_dir));
|
||||
break;
|
||||
case 'l':
|
||||
estrlcpy(lang, "lang=", sizeof(lang));
|
||||
estrlcat(lang, optarg, sizeof(lang));
|
||||
break;
|
||||
case 'm':
|
||||
estrlcpy(default_mime, optarg, sizeof(default_mime));
|
||||
break;
|
||||
case 'u':
|
||||
estrlcpy(user, optarg, sizeof(user));
|
||||
break;
|
||||
case 'c':
|
||||
estrlcpy(cgi_dir, optarg, sizeof(cgi_dir));
|
||||
break;
|
||||
case 'v':
|
||||
virtualhost = 1;
|
||||
break;
|
||||
case 'i':
|
||||
doautoidx = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* do chroot if an user is supplied
|
||||
*/
|
||||
drop_privileges(user, chroot_dir, cgi_dir);
|
||||
|
||||
check_request(request);
|
||||
get_hostname(request, hostname, sizeof(hostname));
|
||||
get_path(request, path, sizeof(path), virtualhost, hostname);
|
||||
get_query(path, query, sizeof(query));
|
||||
|
||||
/* percent decode */
|
||||
uridecode(query);
|
||||
uridecode(path);
|
||||
|
||||
/* is it cgi ? */
|
||||
if (*cgi_dir)
|
||||
if (do_cgi(chroot_dir, cgi_dir, path, hostname, query) == 0)
|
||||
stop(EXIT_SUCCESS, NULL);
|
||||
|
||||
/* *** from here, cgi didn't run ***
|
||||
* check if path available
|
||||
*/
|
||||
check_path(path, sizeof(path), hostname, virtualhost);
|
||||
|
||||
/* split dir and filename */
|
||||
get_dir_file(path, dir, sizeof(dir), file, sizeof(file));
|
||||
|
||||
/* go to dir */
|
||||
echdir(dir);
|
||||
|
||||
/* regular file to stdout */
|
||||
display_file(file);
|
||||
|
||||
stop(EXIT_SUCCESS, NULL);
|
||||
}
|
139
mimes.c
139
mimes.c
|
@ -1,139 +0,0 @@
|
|||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "mimes.h"
|
||||
#include "opts.h"
|
||||
|
||||
/* extension to mimetype table */
|
||||
static const struct {
|
||||
const char *extension;
|
||||
const char *type;
|
||||
} database[] = {
|
||||
{"gmi", "text/gemini"},
|
||||
{"gemini", "text/gemini"},
|
||||
{"7z", "application/x-7z-compressed"},
|
||||
{"atom", "application/atom+xml"},
|
||||
{"avi", "video/x-msvideo"},
|
||||
{"bin", "application/octet-stream"},
|
||||
{"bmp", "image/x-ms-bmp"},
|
||||
{"cco", "application/x-cocoa"},
|
||||
{"crt", "application/x-x509-ca-cert"},
|
||||
{"css", "text/css"},
|
||||
{"deb", "application/octet-stream"},
|
||||
{"dll", "application/octet-stream"},
|
||||
{"dmg", "application/octet-stream"},
|
||||
{"doc", "application/msword"},
|
||||
{"eot", "application/vnd.ms-fontobject"},
|
||||
{"exe", "application/octet-stream"},
|
||||
{"flv", "video/x-flv"},
|
||||
{"fs", "application/octet-stream"},
|
||||
{"gif", "image/gif"},
|
||||
{"hqx", "application/mac-binhex40"},
|
||||
{"htc", "text/x-component"},
|
||||
{"html", "text/html"},
|
||||
{"ico", "image/x-icon"},
|
||||
{"img", "application/octet-stream"},
|
||||
{"iso", "application/octet-stream"},
|
||||
{"jad", "text/vnd.sun.j2me.app-descriptor"},
|
||||
{"jar", "application/java-archive"},
|
||||
{"jardiff", "application/x-java-archive-diff"},
|
||||
{"jng", "image/x-jng"},
|
||||
{"jnlp", "application/x-java-jnlp-file"},
|
||||
{"jpeg", "image/jpeg"},
|
||||
{"jpg", "image/jpeg"},
|
||||
{"js", "application/javascript"},
|
||||
{"json", "application/json"},
|
||||
{"kml", "application/vnd.google-earth.kml+xml"},
|
||||
{"kmz", "application/vnd.google-earth.kmz"},
|
||||
{"m3u8", "application/vnd.apple.mpegurl"},
|
||||
{"m4a", "audio/x-m4a"},
|
||||
{"m4v", "video/x-m4v"},
|
||||
{"md", "text/markdown"},
|
||||
{"mid", "audio/midi"},
|
||||
{"midi", "audio/midi"},
|
||||
{"mkv", "video/x-matroska"},
|
||||
{"mml", "text/mathml"},
|
||||
{"mng", "video/x-mng"},
|
||||
{"mov", "video/quicktime"},
|
||||
{"mp3", "audio/mpeg"},
|
||||
{"mp4", "video/mp4"},
|
||||
{"mpeg", "video/mpeg"},
|
||||
{"mpg", "video/mpeg"},
|
||||
{"msi", "application/octet-stream"},
|
||||
{"msm", "application/octet-stream"},
|
||||
{"msp", "application/octet-stream"},
|
||||
{"odb", "application/vnd.oasis.opendocument.database"},
|
||||
{"odc", "application/vnd.oasis.opendocument.chart"},
|
||||
{"odf", "application/vnd.oasis.opendocument.formula"},
|
||||
{"odg", "application/vnd.oasis.opendocument.graphics"},
|
||||
{"odi", "application/vnd.oasis.opendocument.image"},
|
||||
{"odm", "application/vnd.oasis.opendocument.text-master"},
|
||||
{"odp", "application/vnd.oasis.opendocument.presentation"},
|
||||
{"ods", "application/vnd.oasis.opendocument.spreadsheet"},
|
||||
{"odt", "application/vnd.oasis.opendocument.text"},
|
||||
{"ogg", "audio/ogg"},
|
||||
{"oth", "application/vnd.oasis.opendocument.text-web"},
|
||||
{"otp", "application/vnd.oasis.opendocument.presentation-template"},
|
||||
{"pac", "application/x-ns-proxy-autoconfig"},
|
||||
{"pdf", "application/pdf"},
|
||||
{"pem", "application/x-x509-ca-cert"},
|
||||
{"pl", "application/x-perl"},
|
||||
{"pm", "application/x-perl"},
|
||||
{"png", "image/png"},
|
||||
{"ppt", "application/vnd.ms-powerpoint"},
|
||||
{"ps", "application/postscript"},
|
||||
{"ra", "audio/x-realaudio"},
|
||||
{"rar", "application/x-rar-compressed"},
|
||||
{"rpm", "application/x-redhat-package-manager"},
|
||||
{"rss", "application/rss+xml"},
|
||||
{"rtf", "application/rtf"},
|
||||
{"run", "application/x-makeself"},
|
||||
{"sea", "application/x-sea"},
|
||||
{"sit", "application/x-stuffit"},
|
||||
{"svg", "image/svg+xml"},
|
||||
{"svgz", "image/svg+xml"},
|
||||
{"swf", "application/x-shockwave-flash"},
|
||||
{"tcl", "application/x-tcl"},
|
||||
{"tif", "image/tiff"},
|
||||
{"tiff", "image/tiff"},
|
||||
{"tk", "application/x-tcl"},
|
||||
{"ts", "video/mp2t"},
|
||||
{"txt", "text/plain"},
|
||||
{"war", "application/java-archive"},
|
||||
{"wbmp", "image/vnd.wap.wbmp"},
|
||||
{"webm", "video/webm"},
|
||||
{"webp", "image/webp"},
|
||||
{"wml", "text/vnd.wap.wml"},
|
||||
{"wmlc", "application/vnd.wap.wmlc"},
|
||||
{"wmv", "video/x-ms-wmv"},
|
||||
{"woff", "application/font-woff"},
|
||||
{"xhtml", "application/xhtml+xml"},
|
||||
{"xls", "application/vnd.ms-excel"},
|
||||
{"xml", "text/xml"},
|
||||
{"xpi", "application/x-xpinstall"},
|
||||
{"zip", "application/zip"}
|
||||
};
|
||||
|
||||
#ifndef nitems
|
||||
#define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
|
||||
#endif
|
||||
|
||||
const char *
|
||||
get_file_mime(const char *path, const char *default_mime)
|
||||
{
|
||||
size_t i;
|
||||
char *extension;
|
||||
|
||||
/* search for extension after last '.' in path */
|
||||
if ((extension = strrchr(path, '.')) != NULL) {
|
||||
/* look for the MIME in the database */
|
||||
for (i = 0; i < nitems(database); i++) {
|
||||
if (strcmp(database[i].extension, extension + 1) == 0)
|
||||
return (database[i].type);
|
||||
}
|
||||
}
|
||||
|
||||
/* no MIME found, set a default one */
|
||||
return default_mime;
|
||||
}
|
18
opts.h
18
opts.h
|
@ -1,18 +0,0 @@
|
|||
#include <limits.h> /* PATH_MAX */
|
||||
|
||||
/* Defaults values */
|
||||
#define DEFAULT_MIME "application/octet-stream"
|
||||
#define DEFAULT_LANG ""
|
||||
#define DEFAULT_CHROOT "/var/gemini"
|
||||
#define DEFAULT_INDEX "index.gmi"
|
||||
#define DEFAULT_AUTOIDX 0
|
||||
|
||||
/*
|
||||
* Options used later
|
||||
*/
|
||||
/* longest hardcoded mimetype is 56 long so 64 should be enough */
|
||||
static char default_mime[64] = DEFAULT_MIME;
|
||||
static char lang[16] = DEFAULT_LANG;
|
||||
static unsigned int doautoidx = DEFAULT_AUTOIDX;
|
||||
static char cgi_dir[PATH_MAX] = {'\0'};
|
||||
static int chrooted = 0;
|
|
@ -8,9 +8,14 @@ mkShell {
|
|||
kakoune
|
||||
git-up
|
||||
gdb
|
||||
cabal2nix
|
||||
(pkgs.haskellPackages.ghcWithPackages (self:
|
||||
[
|
||||
haskellPackages.regex-pcre
|
||||
haskellPackages.regex-compat
|
||||
haskellPackages.mime-types
|
||||
haskellPackages.HUnit
|
||||
haskellPackages.utf8-string
|
||||
]
|
||||
))
|
||||
];
|
||||
|
|
50
tests.c
50
tests.c
|
@ -1,50 +0,0 @@
|
|||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include "vger.h"
|
||||
|
||||
// to test
|
||||
void test_status(void);
|
||||
void test_status_error(void);
|
||||
void test_uridecode(char*, const int);
|
||||
|
||||
|
||||
void
|
||||
test_uridecode(char *str, const int result)
|
||||
{
|
||||
char reference[GEMINI_REQUEST_MAX] = {'\0'};
|
||||
strlcpy(reference, str, sizeof(reference));
|
||||
uridecode(str);
|
||||
if (strncmp(reference, str, strlen(str)) != result)
|
||||
{
|
||||
printf("uridecode error\n");
|
||||
printf("Strings should be %s\n", (result == 0) ? "identical" : "different");
|
||||
printf("passed %s\n", reference);
|
||||
printf("got %s\n", str);
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
test_status(void)
|
||||
{
|
||||
status(20, "text/gemini");
|
||||
}
|
||||
|
||||
void
|
||||
test_status_error(void)
|
||||
{
|
||||
status(51, "file not found");
|
||||
status(50, "Forbidden path");
|
||||
status(50, "Internal server error");
|
||||
}
|
||||
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
test_status_error();
|
||||
test_status();
|
||||
//test_uridecode("host.name", 0);
|
||||
//test_uridecode("host.name/percent%25-encode%3.gmi", 1);
|
||||
return(0);
|
||||
}
|
|
@ -0,0 +1,52 @@
|
|||
import Test.HUnit
|
||||
import Gemini
|
||||
|
||||
|
||||
regex_1 = TestCase (assertEqual
|
||||
"single file request"
|
||||
[["gemini://perso.pw/index.gmi\r\n", "gemini://", "perso.pw", "index.gmi", "", "", "\r\n"]]
|
||||
(parse_url "gemini://perso.pw/index.gmi\r\n"))
|
||||
|
||||
regex_2 = TestCase (assertEqual
|
||||
"full request with file and query"
|
||||
[["gemini://perso.pw/index.gmi?query=value\r\n", "gemini://", "perso.pw", "index.gmi", "?", "query=value", "\r\n"]]
|
||||
(parse_url "gemini://perso.pw/index.gmi?query=value\r\n"))
|
||||
|
||||
regex_3 = TestCase (assertEqual
|
||||
"missing newline return"
|
||||
[]
|
||||
(parse_url "gemini://perso.pw/"))
|
||||
|
||||
regex_4 = TestCase (assertEqual
|
||||
"query without a file"
|
||||
[["gemini://perso.pw/?query=value\r\n", "gemini://", "perso.pw", "", "?", "query=value", "\r\n"]]
|
||||
(parse_url "gemini://perso.pw/?query=value\r\n"))
|
||||
|
||||
regex_5 = TestCase (assertEqual
|
||||
"domain only"
|
||||
[["gemini://perso.pw\r\n", "gemini://", "perso.pw", "", "", "", "\r\n"]]
|
||||
(parse_url "gemini://perso.pw\r\n"))
|
||||
|
||||
regex_6 = TestCase (assertEqual
|
||||
"directory requested"
|
||||
[["gemini://perso.pw/directory/\r\n", "gemini://", "perso.pw", "directory/", "", "", "\r\n"]]
|
||||
(parse_url "gemini://perso.pw/directory/\r\n"))
|
||||
|
||||
regex_7 = TestCase (assertEqual
|
||||
"path traversal attempt"
|
||||
[["gemini://perso.pw/directory/\r\n", "gemini://", "perso.pw", "directory/", "", "", "\r\n"]]
|
||||
(parse_url "gemini://perso.pw/../../directory/\r\n"))
|
||||
|
||||
tests = TestList
|
||||
[ regex_1
|
||||
, regex_2
|
||||
, regex_3
|
||||
, regex_4
|
||||
, regex_5
|
||||
, regex_6
|
||||
, regex_7
|
||||
]
|
||||
|
||||
main :: IO Counts
|
||||
main = do
|
||||
runTestTT tests
|
117
utils.c
117
utils.c
|
@ -1,117 +0,0 @@
|
|||
#include <err.h>
|
||||
#include <errno.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <syslog.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "utils.h"
|
||||
#include "vger.h"
|
||||
|
||||
#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined( __NetBSD__) || defined(__DragonFly__)
|
||||
#include <string.h>
|
||||
#else
|
||||
#include <bsd/string.h>
|
||||
#endif
|
||||
|
||||
/* e*foo() functions are the equivalent of foo() but handle errors.
|
||||
* In case an error happens:
|
||||
* The error is printed to stdout
|
||||
* return 1
|
||||
*/
|
||||
|
||||
#ifdef __OpenBSD__
|
||||
void
|
||||
eunveil(const char *path, const char *permissions)
|
||||
{
|
||||
if (unveil(path, permissions) == -1) {
|
||||
status(41, "Error when unveil(), see logs");
|
||||
stop(EXIT_FAILURE, "unveil on %s failed", path);
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
epledge(const char *promises, const char *execpromises)
|
||||
{
|
||||
if (pledge(promises, execpromises) == -1) {
|
||||
status(41, "Error when pledge(), see logs");
|
||||
stop(EXIT_FAILURE, "pledge failed for: %s", promises);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
size_t
|
||||
estrlcpy(char *dst, const char *src, size_t dstsize)
|
||||
{
|
||||
size_t n = 0;
|
||||
|
||||
n = strlcpy(dst, src, dstsize);
|
||||
if (n >= dstsize) {
|
||||
status(41, "strlcpy failed, see logs");
|
||||
stop(EXIT_FAILURE, "strlcpy() failed for %s = %s", dst, src);
|
||||
}
|
||||
|
||||
return n;
|
||||
}
|
||||
|
||||
size_t
|
||||
estrlcat(char *dst, const char *src, size_t dstsize)
|
||||
{
|
||||
size_t size;
|
||||
if ((size = strlcat(dst, src, dstsize)) >= dstsize) {
|
||||
status(41, "strlcat() failed, see logs");
|
||||
stop(EXIT_FAILURE, "strlcat on %s + %s", dst, src);
|
||||
}
|
||||
|
||||
return size;
|
||||
}
|
||||
|
||||
int
|
||||
esetenv(const char *name, const char *value, int overwrite)
|
||||
{
|
||||
int ret = 0;
|
||||
ret = setenv(name, value, overwrite);
|
||||
|
||||
if (ret != 0) {
|
||||
status(41, "setenv() failed, see logs");
|
||||
stop(EXIT_FAILURE, "setenv() %s:%s", name, value);
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
void
|
||||
echdir(const char *path)
|
||||
{
|
||||
if (chdir(path) == -1) {
|
||||
switch (errno) {
|
||||
case ENOTDIR: /* FALLTHROUGH */
|
||||
case ENOENT:
|
||||
status(51, "file not found");
|
||||
break;
|
||||
case EACCES:
|
||||
status(50, "Forbidden path");
|
||||
break;
|
||||
default:
|
||||
status(50, "Internal server error");
|
||||
break;
|
||||
}
|
||||
stop(EXIT_FAILURE, "chdir(%s) failed", path);
|
||||
}
|
||||
}
|
||||
|
||||
/* read the file fd byte after byte in buffer and write it to stdout
|
||||
* return number of bytes read
|
||||
*/
|
||||
size_t
|
||||
print_file(FILE *fd)
|
||||
{
|
||||
ssize_t nread = 0;
|
||||
ssize_t datasent = 0;
|
||||
char *buffer[BUFSIZ];
|
||||
|
||||
while ((nread = fread(buffer, 1, sizeof(buffer), fd)) != 0)
|
||||
datasent += fwrite(buffer, 1, nread, stdout);
|
||||
return datasent;
|
||||
}
|
8
utils.h
8
utils.h
|
@ -1,8 +0,0 @@
|
|||
void echdir (const char *);
|
||||
void epledge(const char *, const char *);
|
||||
void eunveil(const char *, const char *);
|
||||
int esetenv(const char *, const char *, int);
|
||||
size_t estrlcat(char *, const char *, size_t);
|
||||
size_t estrlcpy(char *, const char *, size_t);
|
||||
size_t print_file(FILE *fd);
|
||||
void set_errmsg(const char *, ...);
|
505
vger.c
505
vger.c
|
@ -1,505 +0,0 @@
|
|||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/wait.h>
|
||||
|
||||
#include <ctype.h>
|
||||
#include <dirent.h>
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <limits.h>
|
||||
#include <pwd.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <syslog.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "mimes.h"
|
||||
#include "opts.h"
|
||||
#include "utils.h"
|
||||
#include "vger.h"
|
||||
|
||||
void
|
||||
stop(const int r, const char *fmt, ...)
|
||||
{
|
||||
va_list ap, ap2;
|
||||
|
||||
fflush(stdout); /* ensure all data is sent */
|
||||
|
||||
/* log the request and retcode */
|
||||
syslog(LOG_DAEMON, "\"%s\" %i %zd", _request, _retcode, _datasiz);
|
||||
|
||||
if (r != EXIT_SUCCESS) {
|
||||
/* log and print error */
|
||||
va_copy(ap2, ap);
|
||||
|
||||
va_start(ap, fmt);
|
||||
vsyslog(LOG_ERR, fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
va_start(ap2, fmt);
|
||||
vfprintf(stderr, fmt, ap2);
|
||||
va_end(ap2);
|
||||
}
|
||||
|
||||
exit(r);
|
||||
}
|
||||
|
||||
void
|
||||
status(const int code, const char *fmt, ...)
|
||||
{
|
||||
va_list ap;
|
||||
|
||||
_datasiz += fprintf(stdout, "%i ", code);
|
||||
|
||||
va_start(ap, fmt);
|
||||
_datasiz += vfprintf(stdout, fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
_datasiz += fprintf(stdout, "\r\n"); /* make sure status end correctly */
|
||||
|
||||
_retcode = code; /* store return code for logs */
|
||||
}
|
||||
|
||||
int
|
||||
uridecode(char *uri)
|
||||
{
|
||||
int n = 0;
|
||||
char c = '\0';
|
||||
long l = 0;
|
||||
char *pos = NULL;
|
||||
|
||||
if ((pos = strchr(uri, '%')) == NULL)
|
||||
return n;
|
||||
|
||||
while ((pos = strchr(pos, '%')) != NULL) {
|
||||
if (strlen(pos) < 3)
|
||||
return n;
|
||||
|
||||
char hex[3] = {'\0'};
|
||||
for (size_t i = 0; i < 2; i++)
|
||||
hex[i] = tolower(pos[i + 1]);
|
||||
|
||||
errno = 0;
|
||||
l = strtol(hex, 0, 16);
|
||||
if (errno == ERANGE && (l == LONG_MAX || l == LONG_MIN))
|
||||
continue; /* conversion failed */
|
||||
|
||||
c = (char)l;
|
||||
pos[0] = c;
|
||||
/* rewind of two char to remove %hex */
|
||||
memmove(pos + 1, pos + 3, strlen(pos + 3) + 1); /* +1 for \0 */
|
||||
n++;
|
||||
pos++; /* avoid infinite loop */
|
||||
}
|
||||
return n;
|
||||
}
|
||||
|
||||
void
|
||||
drop_privileges(const char *user, const char *chroot_dir, const char *cgi_dir)
|
||||
{
|
||||
struct passwd *pw;
|
||||
|
||||
/*
|
||||
* use chroot() if an user is specified requires root user to be
|
||||
* running the program to run chroot() and then drop privileges
|
||||
*/
|
||||
if (*user) {
|
||||
|
||||
/* is root? */
|
||||
if (getuid() != 0) {
|
||||
status(41, "privileges issue, see logs");
|
||||
stop(EXIT_FAILURE, "%s",
|
||||
"chroot requires program to be run as root");
|
||||
}
|
||||
|
||||
/* search user uid from name */
|
||||
if ((pw = getpwnam(user)) == NULL) {
|
||||
status(41, "privileges issue, see logs");
|
||||
stop(EXIT_FAILURE,
|
||||
"the user %s can't be found on the system", user);
|
||||
}
|
||||
|
||||
/* chroot worked? */
|
||||
if (chroot(chroot_dir) != 0) {
|
||||
status(41, "privileges issue, see logs");
|
||||
stop(EXIT_FAILURE,
|
||||
"the chroot_dir %s can't be used for chroot", chroot_dir);
|
||||
}
|
||||
|
||||
chrooted = 1;
|
||||
echdir("/");
|
||||
/* drop privileges */
|
||||
if (setgroups(1, &pw->pw_gid) ||
|
||||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
|
||||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
|
||||
status(41, "privileges issue, see logs");
|
||||
stop(EXIT_FAILURE,
|
||||
"dropping privileges to user %s (uid=%i) failed", \
|
||||
user, pw->pw_uid);
|
||||
}
|
||||
}
|
||||
#ifdef __OpenBSD__
|
||||
/*
|
||||
* prevent access to files other than the one in chroot_dir
|
||||
*/
|
||||
if (chrooted)
|
||||
eunveil("/", "r");
|
||||
else
|
||||
eunveil(chroot_dir, "r");
|
||||
|
||||
/* permission to execute what's inside cgi_dir */
|
||||
if (*cgi_dir)
|
||||
eunveil(cgi_dir, "rx");
|
||||
|
||||
eunveil(NULL, NULL); /* no more call to unveil() */
|
||||
|
||||
/* promise permissions */
|
||||
if (*cgi_dir)
|
||||
epledge("stdio rpath exec", NULL);
|
||||
else
|
||||
epledge("stdio rpath", NULL);
|
||||
#endif
|
||||
if (!chrooted)
|
||||
echdir(chroot_dir); /* move to the gemini data directory */
|
||||
}
|
||||
|
||||
ssize_t
|
||||
display_file(const char *fname)
|
||||
{
|
||||
FILE *fd = NULL;
|
||||
const char *file_mime;
|
||||
|
||||
/*
|
||||
* special case : fname empty. The user requested just a dir name
|
||||
*/
|
||||
if ((strlen(fname) == 0) && (doautoidx)) {
|
||||
/* no index.gmi, so display autoindex if enabled */
|
||||
_datasiz += autoindex(".");
|
||||
return _datasiz;
|
||||
}
|
||||
|
||||
/* open the file requested */
|
||||
if ((fd = fopen(fname, "r")) != NULL) {
|
||||
file_mime = get_file_mime(fname, default_mime);
|
||||
if (strcmp(file_mime, "text/gemini") == 0)
|
||||
status(20, "%s; %s", file_mime, lang);
|
||||
else
|
||||
status(20, "%s", file_mime);
|
||||
|
||||
_datasiz += print_file(fd);
|
||||
fclose(fd); /* close file descriptor */
|
||||
} else {
|
||||
/* return an error code and no content.
|
||||
* seems unlikely to happen unless the file vanished
|
||||
* since we checked with stat() if it exists
|
||||
*/
|
||||
status(51, "%s", "file not found and may have vanished");
|
||||
}
|
||||
|
||||
return _datasiz;
|
||||
}
|
||||
|
||||
int
|
||||
do_cgi(const char *chroot_dir, const char *cgi_dir, const char *path, const char *hostname, const char *query)
|
||||
{
|
||||
|
||||
/* WARNING : this function is fragile since it
|
||||
* compares path using the string to access them.
|
||||
* It would be preferable to use stat() to check
|
||||
* if two path refer to the same inode
|
||||
*/
|
||||
|
||||
char cgirp[PATH_MAX] = {'\0'}; /* cgi dir path in chroot */
|
||||
char cgifp[PATH_MAX] = {'\0'}; /* cgi file to execute */
|
||||
char *path_info = NULL;
|
||||
|
||||
/* check if path starts with cgi_dir
|
||||
* compare beginning of path with cgi_dir
|
||||
* path + 2 : skip "./"
|
||||
* cgi_dir + strlen(chrootdir) (skip chrootdir)
|
||||
*/
|
||||
|
||||
estrlcpy(cgirp, cgi_dir + strlen(chroot_dir), sizeof(cgirp));
|
||||
/* ensure there is no leading / if user didn't end chrootdir with */
|
||||
while (*cgirp == '/')
|
||||
estrlcpy(cgirp, cgirp+1, sizeof(cgirp));
|
||||
|
||||
if (strncmp(cgirp, path+2, strlen(cgirp)) != 0)
|
||||
return 1; /* not in cgi_dir, go to display_file */
|
||||
|
||||
/* set env variables for CGI
|
||||
* see
|
||||
* https://lists.orbitalfox.eu/archives/gemini/2020/000315.html
|
||||
*/
|
||||
esetenv("GATEWAY_INTERFACE", "CGI/1.1", 1);
|
||||
esetenv("SERVER_PROTOCOL", "GEMINI", 1);
|
||||
esetenv("SERVER_SOFTWARE", "vger/1", 1);
|
||||
|
||||
if (*query)
|
||||
esetenv("QUERY_STRING", query, 1);
|
||||
|
||||
/*
|
||||
* if in cgi_dir, only the first file after cgi_dir/FILE
|
||||
* is to be executed
|
||||
* the rest is PATH_INFO
|
||||
*/
|
||||
|
||||
/* find next item after cgi_dir in path:
|
||||
* path + 2 (skip "./") + strlen(cgirp) + 1 (skip '/')
|
||||
*/
|
||||
|
||||
/* cgi file to execute */
|
||||
estrlcpy(cgifp, path + 2 + strlen(cgirp) + 1, sizeof(cgifp));
|
||||
if (!(*cgifp)) /* problem with cgi file, abort */
|
||||
return 1;
|
||||
|
||||
/* check if there is something after cgi file for PATH_INFO */
|
||||
path_info = strchr(cgifp, '/');
|
||||
|
||||
if (path_info != NULL) {
|
||||
esetenv("PATH_INFO", path_info, 1);
|
||||
*path_info = '\0'; /* stop cgifp before PATH_INFO */
|
||||
}
|
||||
|
||||
esetenv("SCRIPT_NAME", cgifp, 1);
|
||||
esetenv("SERVER_NAME", hostname, 1);
|
||||
|
||||
echdir(cgirp);
|
||||
|
||||
cgi(cgifp);
|
||||
return 0;
|
||||
}
|
||||
|
||||
ssize_t
|
||||
autoindex(const char *path)
|
||||
{
|
||||
/* display list of files in path + a link to parent (..) */
|
||||
|
||||
int n = 0;
|
||||
struct dirent **namelist; /* this must be freed at last */
|
||||
size_t bs = 0;
|
||||
|
||||
/* use alphasort to always have the same order on every system */
|
||||
if ((n = scandir(path, &namelist, NULL, alphasort)) < 0) {
|
||||
status(50, "Can't scan %s", path);
|
||||
} else {
|
||||
status(20, "text/gemini");
|
||||
bs += fprintf(stdout, "=> .. ../\n"); /* display link to parent */
|
||||
for (int j = 0; j < n; j++) {
|
||||
/* skip self and parent */
|
||||
if ((strcmp(namelist[j]->d_name, ".") == 0) ||
|
||||
(strcmp(namelist[j]->d_name, "..") == 0)) {
|
||||
continue;
|
||||
}
|
||||
/* add "/" at the end of a directory path */
|
||||
if (namelist[j]->d_type == DT_DIR) {
|
||||
bs += fprintf(stdout, "=> ./%s/ %s/\n",
|
||||
namelist[j]->d_name, namelist[j]->d_name);
|
||||
} else {
|
||||
bs += fprintf(stdout, "=> ./%s %s\n",
|
||||
namelist[j]->d_name, namelist[j]->d_name);
|
||||
}
|
||||
free(namelist[j]);
|
||||
}
|
||||
free(namelist);
|
||||
}
|
||||
|
||||
return bs;
|
||||
}
|
||||
|
||||
void
|
||||
cgi(const char *cgicmd)
|
||||
{
|
||||
/* TODO? cgi currently return the wrong data size unless we switch from execl to popen */
|
||||
|
||||
/* run cgicmd replacing current process */
|
||||
_datasiz = -1; /* bytes sent by cgi are unknown */
|
||||
execl(cgicmd, cgicmd, NULL);
|
||||
/* if execl is ok, this will never be reached */
|
||||
status(42, "error when trying run cgi");
|
||||
stop(EXIT_FAILURE, "error when trying to execl %s", cgicmd);
|
||||
|
||||
}
|
||||
|
||||
void
|
||||
strip_trailing_slash(char *path)
|
||||
{
|
||||
size_t end = strlen(path);
|
||||
if (end == 0)
|
||||
return;
|
||||
end--;
|
||||
while (path[end] == '/')
|
||||
path[end--] = '\0';
|
||||
}
|
||||
|
||||
char *
|
||||
check_request(char *request)
|
||||
{
|
||||
/*
|
||||
* read the request, check for errors and sanitize the input
|
||||
*/
|
||||
char *pos = NULL;
|
||||
|
||||
|
||||
/* read 1024 +1 chars from stdin to get the request (1024 + \0) */
|
||||
if (fgets(request, GEMINI_REQUEST_MAX, stdin) == NULL) {
|
||||
/* EOF reached before reading anything */
|
||||
if (feof(stdin)) {
|
||||
status(59, "%s", "request is too short and probably empty");
|
||||
stop(EXIT_FAILURE, "%s", "request is too short and probably empty");
|
||||
|
||||
/* error before reading anything */
|
||||
} else if (ferror(stdin)) {
|
||||
status(59, "Error while reading request: %s", request);
|
||||
stop(EXIT_FAILURE, "Error while reading request: %s", request);
|
||||
}
|
||||
}
|
||||
|
||||
/* check if string ends with '\n', or to long */
|
||||
if (request[strnlen(request, GEMINI_REQUEST_MAX) - 1] != '\n') {
|
||||
status(59, "request is too long (1024 max): %s", request);
|
||||
stop(EXIT_FAILURE, "request is too long (1024 max): %s", request);
|
||||
}
|
||||
|
||||
/* remove \r\n at the end of string */
|
||||
request[strcspn(request, "\r\n")] = '\0';
|
||||
|
||||
/*
|
||||
* check if the beginning of the request starts with
|
||||
* gemini://
|
||||
*/
|
||||
if (strncmp(request, "gemini://", GEMINI_PART) != 0) {
|
||||
/* error code url malformed */
|
||||
status(59, "request «%s» doesn't match gemini://", request);
|
||||
stop(EXIT_FAILURE, "request «%s» doesn't match gemini://", request);
|
||||
}
|
||||
|
||||
/* save request for logs */
|
||||
estrlcpy(_request, request, sizeof(_request));
|
||||
|
||||
/* remove the gemini:// part */
|
||||
memmove(request, request + GEMINI_PART, strlen(request) + 1 - GEMINI_PART);
|
||||
|
||||
/* remove all "/.." for safety reasons */
|
||||
while ((pos = strstr(request, "/..")) != NULL)
|
||||
memmove(request, pos + 3, strlen(pos) + 1 - 3); /* "/.." = 3 */
|
||||
|
||||
return request;
|
||||
}
|
||||
|
||||
char *
|
||||
get_hostname(const char *request, char *hstnm, size_t hstnmsiz)
|
||||
{
|
||||
char *pos = NULL;
|
||||
|
||||
/* first make a copy of request */
|
||||
estrlcpy(hstnm, request, hstnmsiz);
|
||||
|
||||
/* look for hostname : stops at first '/' if any */
|
||||
if ( (pos = strchr(hstnm, '/')) != NULL)
|
||||
pos[0] = '\0'; /* end string at the end of hostname */
|
||||
|
||||
/* check if client added :port at end of hostname and remove it */
|
||||
if ( (pos = strchr(hstnm, ':')) != NULL)
|
||||
pos[0] = '\0'; /* end string at : */
|
||||
|
||||
return hstnm;
|
||||
}
|
||||
|
||||
char *
|
||||
get_path(const char *request, char *path, size_t pathsiz, int virtualhost, const char *hostname)
|
||||
{
|
||||
char *pos = NULL;
|
||||
|
||||
/* path must be relative to chroot */
|
||||
estrlcpy(path, "./", pathsiz);
|
||||
|
||||
/* path is in a subdir named hostname */
|
||||
if (virtualhost) {
|
||||
estrlcat(path, hostname, pathsiz);
|
||||
estrlcat(path, "/", pathsiz);
|
||||
}
|
||||
|
||||
/* path is after hostname/ */
|
||||
pos = strchr(request, '/');
|
||||
if (pos != NULL) /* append the path. pos +1 to remove leading '/' */
|
||||
estrlcat(path, pos+1, pathsiz);
|
||||
|
||||
return path;
|
||||
}
|
||||
|
||||
void
|
||||
check_path(char *path, size_t pathsiz, const char *hstnm, int virtualhost)
|
||||
{
|
||||
struct stat sb = {0};
|
||||
char tmp[PATH_MAX] = {'\0'};
|
||||
|
||||
if (stat(path, &sb) == -1) {
|
||||
if (lstat(path, &sb) != -1 && S_ISLNK(sb.st_mode) == 1) {
|
||||
if (readlink(path, tmp, sizeof(tmp)) > 0) {
|
||||
status(30, "%s", tmp);
|
||||
stop(EXIT_SUCCESS, NULL);
|
||||
}
|
||||
}
|
||||
status(51, "%s", "file not found");
|
||||
stop(EXIT_SUCCESS, NULL);
|
||||
}
|
||||
|
||||
if (S_ISDIR(sb.st_mode)) {
|
||||
/* check if dir path end with "/" */
|
||||
if (path[strlen(path) - 1] != '/') {
|
||||
/* redirect to the dir with appropriate ending '/' */
|
||||
|
||||
/* remove leading '.' for redirection*/
|
||||
if (virtualhost) /* remove ./host.name */
|
||||
memmove(path, path+2+strlen(hstnm),
|
||||
strlen(path + 2) + strlen(hstnm) + 1);
|
||||
else
|
||||
memmove(path, path+1,
|
||||
strlen(path + 1) + 1); /* +1 for \0 */
|
||||
|
||||
estrlcat(path, "/", pathsiz);
|
||||
status(31, "%s", path);
|
||||
stop(EXIT_SUCCESS, NULL);
|
||||
}
|
||||
/* check if DEFAULT_INDEX exists in directory */
|
||||
estrlcpy(tmp, path, sizeof(tmp));
|
||||
estrlcat(tmp, "/", sizeof(tmp));
|
||||
estrlcat(tmp, DEFAULT_INDEX, sizeof(tmp));
|
||||
if (stat(tmp, &sb) == 0)
|
||||
estrlcpy(path, tmp, pathsiz);
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
get_dir_file(char *path, char *dir, size_t dirsiz, char *file, size_t filesiz)
|
||||
{
|
||||
char *pos = NULL;
|
||||
|
||||
pos = strrchr(path, '/');
|
||||
if (pos != NULL) {
|
||||
estrlcpy(file, pos+1, filesiz); /* +1 : not heading / */
|
||||
pos[0] = '\0'; /* stop path at file */
|
||||
estrlcpy(dir, path, dirsiz);
|
||||
} else {
|
||||
estrlcpy(file, path, filesiz);
|
||||
}
|
||||
}
|
||||
|
||||
char *
|
||||
get_query(char *path, char *query, size_t querysiz)
|
||||
{
|
||||
char *pos = NULL;
|
||||
|
||||
/* remove a query string before percent decoding */
|
||||
/* look for "?" if any to set query for cgi, remove it */
|
||||
pos = strchr(path, '?');
|
||||
if (pos != NULL) {
|
||||
estrlcpy(query, pos + 1, querysiz);
|
||||
pos[0] = '\0'; /* path end where query begins */
|
||||
}
|
||||
return query;
|
||||
}
|
37
vger.h
37
vger.h
|
@ -1,37 +0,0 @@
|
|||
#ifndef vger_h_INCLUDED
|
||||
#define vger_h_INCLUDED
|
||||
|
||||
/* length of "gemini://" */
|
||||
#define GEMINI_PART 9
|
||||
|
||||
/*
|
||||
* number of bytes to read with fgets() : 2014 + 1.
|
||||
* fgets() reads at most size-1 (1024 here).
|
||||
* See https://gemini.circumlunar.space/docs/specification.html.
|
||||
*/
|
||||
#define GEMINI_REQUEST_MAX 1025
|
||||
|
||||
/* global vars */
|
||||
static int _retcode = 0;
|
||||
static ssize_t _datasiz = 0;
|
||||
static char _request[GEMINI_REQUEST_MAX] = {'\0'};
|
||||
|
||||
/* functions */
|
||||
ssize_t autoindex(const char *);
|
||||
void cgi(const char *);
|
||||
char * check_request(char *);
|
||||
void check_path(char *, size_t, const char *, int);
|
||||
ssize_t display_file(const char *);
|
||||
int do_cgi(const char *, const char *, const char *, const char *, const char *);
|
||||
void drop_privileges(const char *, const char *, const char *);
|
||||
void get_dir_file(char *, char *, size_t, char *, size_t);
|
||||
char * get_hostname(const char *, char *, size_t);
|
||||
char * get_path(const char *, char *, size_t, int, const char *);
|
||||
char * get_query(char *, char *, size_t);
|
||||
void status(const int, const char *, ...);
|
||||
void strip_trailing_slash(char *);
|
||||
int uridecode (char *);
|
||||
void stop(const int, const char *, ...);
|
||||
|
||||
#endif // vger_h_INCLUDED
|
||||
|
Loading…
Reference in New Issue