solene
/
vger
5
10
Fork 4
Code Issues Pull Requests 2 Releases Activity
vger/vger.c

469 lines
11 KiB
C
Raw Blame History

#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <ctype.h>
#include <dirent.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <pwd.h>
#include <regex.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <unistd.h>
#include "mimes.h"
#include "opts.h"
#include "utils.h"
#include "vger.h"
void
stop(const int r, const char *fmt, ...)
{
va_list ap, ap2;
fflush(stdout); /* ensure all data is sent */
/* log the request and retcode */
syslog(LOG_DAEMON, "\"%s\" %i %zd", _request, _retcode, _datasiz);
if (r != EXIT_SUCCESS) {
/* log and print error */
va_copy(ap2, ap);
va_start(ap, fmt);
vsyslog(LOG_ERR, fmt, ap);
va_end(ap);
va_start(ap2, fmt);
vfprintf(stderr, fmt, ap2);
va_end(ap2);
}
exit(r);
}
void
status(const int code, const char *fmt, ...)
{
va_list ap;
_datasiz += fprintf(stdout, "%i ", code);
va_start(ap, fmt);
_datasiz += vfprintf(stdout, fmt, ap);
va_end(ap);
_datasiz += fprintf(stdout, "\r\n"); /* make sure status end correctly */
_retcode = code; /* store return code for logs */
}
int
uridecode(char *uri)
{
int n = 0;
char c = '\0';
long l = 0;
char *pos = NULL;
if ((pos = strchr(uri, '%')) == NULL)
return n;
while ((pos = strchr(pos, '%')) != NULL) {
if (strlen(pos) < 3)
return n;
char hex[3] = {'\0'};
for (size_t i = 0; i < 2; i++)
hex[i] = tolower(pos[i + 1]);
errno = 0;
l = strtol(hex, 0, 16);
if (errno == ERANGE && (l == LONG_MAX || l == LONG_MIN))
continue; /* conversion failed */
c = (char)l;
pos[0] = c;
/* rewind of two char to remove %hex */
memmove(pos + 1, pos + 3, strlen(pos + 3) + 1); /* +1 for \0 */
n++;
pos++; /* avoid infinite loop */
}
return n;
}
void
drop_privileges(const char *user)
{
struct passwd *pw;
/*
* use chroot() if an user is specified requires root user to be
* running the program to run chroot() and then drop privileges
*/
/* is root? */
if (getuid() != 0) {
status(41, "privileges issue, see logs");
stop(EXIT_FAILURE, "%s",
"chroot requires program to be run as root");
}
/* search user uid from name */
if ((pw = getpwnam(user)) == NULL) {
status(41, "privileges issue, see logs");
stop(EXIT_FAILURE,
"the user %s can't be found on the system", user);
}
/* drop privileges */
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
status(41, "privileges issue, see logs");
stop(EXIT_FAILURE,
"dropping privileges to user %s (uid=%i) failed", \
user, pw->pw_uid);
}
}
void
set_rootdir(const char *chroot_dir, const char *cgi_dir, const char *user)
{
char capsule_dir[PATH_MAX] = {'\0'};
if (*user) {
/* chroot worked? */
if (chroot(chroot_dir) != 0) {
status(41, "privileges issue, see logs");
stop(EXIT_FAILURE,
"the chroot_dir %s can't be used for chroot", chroot_dir);
}
/* now chroot_dir is / */
esnprintf(capsule_dir, sizeof(capsule_dir), "%s", "/");
} else {
esnprintf(capsule_dir, sizeof(capsule_dir), "%s", chroot_dir);
}
#ifdef __OpenBSD__
/*
* prevent access to files other than the one in chroot_dir
*/
eunveil(capsule_dir, "r");
/* permission to execute what's inside cgi_dir */
if (*cgi_dir)
eunveil(cgi_dir, "rx");
eunveil(NULL, NULL); /* no more call to unveil() */
/* promise permissions */
if (*cgi_dir)
epledge("stdio rpath exec proc", NULL);
else
epledge("stdio rpath", NULL);
#endif
echdir(capsule_dir); /* move to the gemini data directory */
}
ssize_t
display_file(const char *path)
{
FILE *fd = NULL;
const char *file_mime;
/*
* special case : path ends with "/". The user requested a dir
*/
if ((path[strlen(path)-1] == '/') && (doautoidx)) {
/* no index.gmi, so display autoindex if enabled */
_datasiz += autoindex(path);
return _datasiz;
}
/* open the file requested */
if ((fd = fopen(path, "r")) != NULL) {
file_mime = get_file_mime(path, default_mime);
if (strcmp(file_mime, "text/gemini") == 0)
status(20, "%s; %s", file_mime, lang);
else
status(20, "%s", file_mime);
_datasiz += print_file(fd);
fclose(fd); /* close file descriptor */
} else {
/* return an error code and no content.
* seems unlikely to happen unless the file vanished
* since we checked with stat() if it exists
*/
status(51, "%s", "file not found and may have vanished");
}
return _datasiz;
}
int
do_cgi(const char *rel_cgi_dir, const char *path, const char *hostname, const char *query)
{
struct stat sbcgi = {0};
struct stat sbpath = {0};
char cgifp[PATH_MAX] = {'\0'}; /* cgi file to execute */
char path_dir[PATH_MAX] = {'\0'};
char *path_info = NULL;
/* get beginning of path */
/* path_dir is initialized so there is an \0 at the end */
memcpy(path_dir, path, strlen(rel_cgi_dir));
if (stat(rel_cgi_dir, &sbcgi) + stat(path_dir, &sbpath) != 0)
goto nocgi;
/* compare inodes */
if (sbcgi.st_ino != sbpath.st_ino)
goto nocgi; /* not in cgi_dir, go to display_file */
/* set env variables for CGI
* see
* https://lists.orbitalfox.eu/archives/gemini/2020/000315.html
*/
esetenv("GATEWAY_INTERFACE", "CGI/1.1", 1);
esetenv("SERVER_PROTOCOL", "GEMINI", 1);
esetenv("SERVER_SOFTWARE", "vger/1", 1);
if (*query)
esetenv("QUERY_STRING", query, 1);
/*
* if in cgi_dir, only the first file after cgi_dir/FILE
* is to be executed
* the rest is PATH_INFO
*/
/* find next item after cgi_dir in path:
* path + strlen(rel_cgi_dir) + 1 (skip '/')
*/
/* cgi file to execute */
esnprintf(cgifp, sizeof(cgifp), "%s", path + strlen(rel_cgi_dir) + 1);
if (!(*cgifp)) /* problem with cgi file, abort */
goto nocgi;
/* check if there is something after cgi file for PATH_INFO */
path_info = strchr(cgifp, '/');
if (path_info != NULL) {
esetenv("PATH_INFO", path_info, 1);
*path_info = '\0'; /* stop cgifp before PATH_INFO */
}
esetenv("SCRIPT_NAME", cgifp, 1);
esetenv("SERVER_NAME", hostname, 1);
echdir(rel_cgi_dir);
cgi(cgifp);
return 0;
nocgi:
return 1;
}
ssize_t
autoindex(const char *path)
{
/* display list of files in path + a link to parent (..) */
int n = 0;
struct dirent **namelist; /* this must be freed at last */
size_t bs = 0;
/* use alphasort to always have the same order on every system */
if ((n = scandir(path, &namelist, NULL, alphasort)) < 0) {
status(50, "Can't scan %s", path);
} else {
status(20, "text/gemini");
bs += fprintf(stdout, "=> .. ../\n"); /* display link to parent */
for (int j = 0; j < n; j++) {
/* skip self and parent */
if ((strcmp(namelist[j]->d_name, ".") == 0) ||
(strcmp(namelist[j]->d_name, "..") == 0)) {
continue;
}
/* add "/" at the end of a directory path */
if (namelist[j]->d_type == DT_DIR) {
bs += fprintf(stdout, "=> ./%s/ %s/\n",
namelist[j]->d_name, namelist[j]->d_name);
} else {
bs += fprintf(stdout, "=> ./%s %s\n",
namelist[j]->d_name, namelist[j]->d_name);
}
free(namelist[j]);
}
free(namelist);
}
return bs;
}
void
cgi(const char *cgicmd)
{
int fildes[2] = {0};
int retcode = 0;
pid_t pid = 0;
FILE *output = NULL;
if (pipe(fildes) != 0)
goto cgierr;
if ((pid = fork()) < 0)
goto cgierr;
if (pid > 0) { /* parent */
close(fildes[1]); /* make sure entry is closed to get EOF */
if ((output = fdopen(fildes[0], "r")) == NULL)
goto cgierr;
_datasiz += print_file(output);
close(fildes[0]);
fclose(output);
waitpid(pid, &retcode, 0);
stop(EXIT_SUCCESS, "cgi ran with exit code %d", status);
} else { /* child */
/* set pipe output equal to stdout & stderr */
dup2(fildes[1], STDOUT_FILENO);
close(fildes[1]); /* no longer required */
execl(cgicmd, cgicmd, NULL);
}
cgierr:
/* if execl is ok, this will never be reached */
close(fildes[0]);
close(fildes[1]);
status(42, "error when trying run cgi");
stop(EXIT_FAILURE, "error when trying to execl %s", cgicmd);
}
char *
read_request(char *request)
{
/* read 1024 +1 chars from stdin to get the request (1024 + \0) */
if (fgets(request, GEMINI_REQUEST_MAX, stdin) == NULL) {
/* EOF reached before reading anything */
if (feof(stdin)) {
status(59, "%s", "request is too short and probably empty");
stop(EXIT_FAILURE, "%s", "request is too short and probably empty");
/* error before reading anything */
} else if (ferror(stdin)) {
status(59, "Error while reading request: %s", request);
stop(EXIT_FAILURE, "Error while reading request: %s", request);
}
}
/* check if string ends with '\n', or to long */
if (request[strnlen(request, GEMINI_REQUEST_MAX) - 1] != '\n') {
status(59, "request is too long (1024 max): %s", request);
stop(EXIT_FAILURE, "request is too long (1024 max): %s", request);
}
/* remove \r\n at the end of string */
request[strcspn(request, "\r\n")] = '\0';
/* save request for logs */
esnprintf(_request, sizeof(_request), "%s", request);
return request;
}
void
remove_double_dot(char *request)
{
char *pos = NULL;
/* remove all "/.." for safety reasons */
while ((pos = strstr(request, "/..")) != NULL)
memmove(request, pos + 3, strlen(pos) + 1 - 3); /* "/.." = 3 */
}
void
check_path(char *path, size_t pathsiz)
{
struct stat sb = {0};
char tmp[PATH_MAX] = {'\0'};
if (stat(path, &sb) == -1) {
if (lstat(path, &sb) != -1 && S_ISLNK(sb.st_mode) == 1) {
if (readlink(path, tmp, sizeof(tmp)) > 0) {
status(30, "%s", tmp);
stop(EXIT_SUCCESS, NULL);
}
}
status(51, "%s", "file not found");
stop(EXIT_SUCCESS, NULL);
}
if (S_ISDIR(sb.st_mode)) {
/* check if dir path end with "/" */
if (path[strlen(path) - 1] != '/') {
esnprintf(tmp, sizeof(tmp), "/%s/", path);
status(31, "%s", tmp);
stop(EXIT_SUCCESS, NULL);
}
/* check if DEFAULT_INDEX exists in directory */
esnprintf(tmp, sizeof(tmp), "%s/%s", path, DEFAULT_INDEX);
if (stat(tmp, &sb) == 0)
esnprintf(path, pathsiz, "%s", tmp);
}
}
void
split_request(const char *request, char *hostname, char *path, char *query)
{
size_t nmatch = SE_MAX; /* 3 "()" + 1 for whole match */
char buf[BUFSIZ] = {'\0'}; /* to handle error messages */
int ret = 0;
regex_t greg; /* compiled gemini regex */
regmatch_t match[SE_MAX]; /* matches founds */
ret = regcomp(&greg, _gemini_regex, REG_EXTENDED);
if (ret != 0) {
regerror(ret, &greg, buf, sizeof(buf));
regfree(&greg);
status(50, "Internal server error");
stop(EXIT_FAILURE, "%s", buf);
}
ret = regexec(&greg, request, nmatch, match, 0);
if (ret != 0) {
regerror(ret, &greg, buf, sizeof(buf));
regfree(&greg);
status(59, "Malformed request");
stop(EXIT_FAILURE, "Malformed request, error:%s", buf);
}
/* one may want to check the return of getsubexp
* and change memcpy to strlcpy
* to make sure we didn't try to copy too long
* and that string isn't trunkated.
* It is unlikely to happen since dest string are as long as request
*/
getsubexp(request, match[1], hostname);
getsubexp(request, match[2], path);
getsubexp(request, match[3], query);
regfree(&greg);
}
Reference in New Issue View Git Blame Copy Permalink