server.c revision 1.11
1/* $OpenBSD: server.c,v 1.11 2014/07/25 16:23:19 reyk Exp $ */ 2 3/* 4 * Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#include <sys/types.h> 20#include <sys/queue.h> 21#include <sys/time.h> 22#include <sys/stat.h> 23#include <sys/socket.h> 24#include <sys/un.h> 25#include <sys/tree.h> 26#include <sys/hash.h> 27 28#include <net/if.h> 29#include <netinet/in_systm.h> 30#include <netinet/in.h> 31#include <netinet/ip.h> 32#include <netinet/tcp.h> 33#include <arpa/inet.h> 34 35#include <errno.h> 36#include <fcntl.h> 37#include <stdlib.h> 38#include <string.h> 39#include <unistd.h> 40#include <stdio.h> 41#include <err.h> 42#include <pwd.h> 43#include <event.h> 44#include <fnmatch.h> 45 46#include <openssl/dh.h> 47#include <openssl/ssl.h> 48 49#include "httpd.h" 50 51int server_dispatch_parent(int, struct privsep_proc *, 52 struct imsg *); 53void server_shutdown(void); 54 55void server_init(struct privsep *, struct privsep_proc *p, void *); 56void server_launch(void); 57int server_socket(struct sockaddr_storage *, in_port_t, 58 struct server *, int, int); 59int server_socket_listen(struct sockaddr_storage *, in_port_t, 60 struct server *); 61 62void server_accept(int, short, void *); 63void server_input(struct client *); 64 65extern void bufferevent_read_pressure_cb(struct evbuffer *, size_t, 66 size_t, void *); 67 68volatile int server_clients; 69volatile int server_inflight = 0; 70u_int32_t server_cltid; 71 72static struct httpd *env = NULL; 73int proc_id; 74 75static struct privsep_proc procs[] = { 76 { "parent", PROC_PARENT, server_dispatch_parent } 77}; 78 79pid_t 80server(struct privsep *ps, struct privsep_proc *p) 81{ 82 pid_t pid; 83 env = ps->ps_env; 84 pid = proc_run(ps, p, procs, nitems(procs), server_init, NULL); 85 server_http(env); 86 return (pid); 87} 88 89void 90server_shutdown(void) 91{ 92 config_purge(env, CONFIG_ALL); 93 usleep(200); /* XXX server needs to shutdown last */ 94} 95 96int 97server_privinit(struct server *srv) 98{ 99 log_debug("%s: adding server %s", __func__, srv->srv_conf.name); 100 101 if ((srv->srv_s = server_socket_listen(&srv->srv_conf.ss, 102 srv->srv_conf.port, srv)) == -1) 103 return (-1); 104 105 return (0); 106} 107 108void 109server_init(struct privsep *ps, struct privsep_proc *p, void *arg) 110{ 111 server_http(ps->ps_env); 112 113 if (config_init(ps->ps_env) == -1) 114 fatal("failed to initialize configuration"); 115 116 /* Set to current prefork id */ 117 proc_id = p->p_instance; 118 119 /* We use a custom shutdown callback */ 120 p->p_shutdown = server_shutdown; 121 122 /* Unlimited file descriptors (use system limits) */ 123 socket_rlimit(-1); 124 125#if 0 126 /* Schedule statistics timer */ 127 evtimer_set(&env->sc_statev, server_statistics, NULL); 128 memcpy(&tv, &env->sc_statinterval, sizeof(tv)); 129 evtimer_add(&env->sc_statev, &tv); 130#endif 131} 132 133void 134server_launch(void) 135{ 136 struct server *srv; 137 138 TAILQ_FOREACH(srv, env->sc_servers, srv_entry) { 139 server_http_init(srv); 140 141 log_debug("%s: running server %s", __func__, 142 srv->srv_conf.name); 143 144 event_set(&srv->srv_ev, srv->srv_s, EV_READ, 145 server_accept, srv); 146 event_add(&srv->srv_ev, NULL); 147 evtimer_set(&srv->srv_evt, server_accept, srv); 148 } 149} 150 151void 152server_purge(struct server *srv) 153{ 154 struct client *clt; 155 struct server_config *srv_conf; 156 157 /* shutdown and remove server */ 158 if (event_initialized(&srv->srv_ev)) 159 event_del(&srv->srv_ev); 160 if (evtimer_initialized(&srv->srv_evt)) 161 evtimer_del(&srv->srv_evt); 162 163 close(srv->srv_s); 164 TAILQ_REMOVE(env->sc_servers, srv, srv_entry); 165 166 /* cleanup sessions */ 167 while ((clt = 168 SPLAY_ROOT(&srv->srv_clients)) != NULL) 169 server_close(clt, NULL); 170 171 /* cleanup hosts */ 172 while ((srv_conf = 173 TAILQ_FIRST(&srv->srv_hosts)) != NULL) { 174 TAILQ_REMOVE(&srv->srv_hosts, srv_conf, entry); 175 176 /* It might point to our own "default" entry */ 177 if (srv_conf != &srv->srv_conf) 178 free(srv_conf); 179 } 180 181 free(srv); 182} 183 184struct server * 185server_byaddr(struct sockaddr *addr) 186{ 187 struct server *srv; 188 189 TAILQ_FOREACH(srv, env->sc_servers, srv_entry) { 190 if (sockaddr_cmp((struct sockaddr *)&srv->srv_conf.ss, 191 addr, srv->srv_conf.prefixlen) == 0) 192 return (srv); 193 } 194 195 return (NULL); 196} 197 198int 199server_socket_af(struct sockaddr_storage *ss, in_port_t port) 200{ 201 switch (ss->ss_family) { 202 case AF_INET: 203 ((struct sockaddr_in *)ss)->sin_port = port; 204 ((struct sockaddr_in *)ss)->sin_len = 205 sizeof(struct sockaddr_in); 206 break; 207 case AF_INET6: 208 ((struct sockaddr_in6 *)ss)->sin6_port = port; 209 ((struct sockaddr_in6 *)ss)->sin6_len = 210 sizeof(struct sockaddr_in6); 211 break; 212 default: 213 return (-1); 214 } 215 216 return (0); 217} 218 219in_port_t 220server_socket_getport(struct sockaddr_storage *ss) 221{ 222 switch (ss->ss_family) { 223 case AF_INET: 224 return (((struct sockaddr_in *)ss)->sin_port); 225 case AF_INET6: 226 return (((struct sockaddr_in6 *)ss)->sin6_port); 227 default: 228 return (0); 229 } 230 231 /* NOTREACHED */ 232 return (0); 233} 234 235int 236server_socket(struct sockaddr_storage *ss, in_port_t port, 237 struct server *srv, int fd, int reuseport) 238{ 239 struct linger lng; 240 int s = -1, val; 241 242 if (server_socket_af(ss, port) == -1) 243 goto bad; 244 245 s = fd == -1 ? socket(ss->ss_family, SOCK_STREAM, IPPROTO_TCP) : fd; 246 if (s == -1) 247 goto bad; 248 249 /* 250 * Socket options 251 */ 252 memset(&lng, 0, sizeof(lng)); 253 if (setsockopt(s, SOL_SOCKET, SO_LINGER, &lng, sizeof(lng)) == -1) 254 goto bad; 255 if (reuseport) { 256 val = 1; 257 if (setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &val, 258 sizeof(int)) == -1) 259 goto bad; 260 } 261 if (fcntl(s, F_SETFL, O_NONBLOCK) == -1) 262 goto bad; 263 if (srv->srv_tcpflags & TCPFLAG_BUFSIZ) { 264 val = srv->srv_tcpbufsiz; 265 if (setsockopt(s, SOL_SOCKET, SO_RCVBUF, 266 &val, sizeof(val)) == -1) 267 goto bad; 268 val = srv->srv_tcpbufsiz; 269 if (setsockopt(s, SOL_SOCKET, SO_SNDBUF, 270 &val, sizeof(val)) == -1) 271 goto bad; 272 } 273 274 /* 275 * IP options 276 */ 277 if (srv->srv_tcpflags & TCPFLAG_IPTTL) { 278 val = (int)srv->srv_tcpipttl; 279 if (setsockopt(s, IPPROTO_IP, IP_TTL, 280 &val, sizeof(val)) == -1) 281 goto bad; 282 } 283 if (srv->srv_tcpflags & TCPFLAG_IPMINTTL) { 284 val = (int)srv->srv_tcpipminttl; 285 if (setsockopt(s, IPPROTO_IP, IP_MINTTL, 286 &val, sizeof(val)) == -1) 287 goto bad; 288 } 289 290 /* 291 * TCP options 292 */ 293 if (srv->srv_tcpflags & (TCPFLAG_NODELAY|TCPFLAG_NNODELAY)) { 294 if (srv->srv_tcpflags & TCPFLAG_NNODELAY) 295 val = 0; 296 else 297 val = 1; 298 if (setsockopt(s, IPPROTO_TCP, TCP_NODELAY, 299 &val, sizeof(val)) == -1) 300 goto bad; 301 } 302 if (srv->srv_tcpflags & (TCPFLAG_SACK|TCPFLAG_NSACK)) { 303 if (srv->srv_tcpflags & TCPFLAG_NSACK) 304 val = 0; 305 else 306 val = 1; 307 if (setsockopt(s, IPPROTO_TCP, TCP_SACK_ENABLE, 308 &val, sizeof(val)) == -1) 309 goto bad; 310 } 311 312 return (s); 313 314 bad: 315 if (s != -1) 316 close(s); 317 return (-1); 318} 319 320int 321server_socket_listen(struct sockaddr_storage *ss, in_port_t port, 322 struct server *srv) 323{ 324 int s; 325 326 if ((s = server_socket(ss, port, srv, -1, 1)) == -1) 327 return (-1); 328 329 if (bind(s, (struct sockaddr *)ss, ss->ss_len) == -1) 330 goto bad; 331 if (listen(s, srv->srv_tcpbacklog) == -1) 332 goto bad; 333 334 return (s); 335 336 bad: 337 close(s); 338 return (-1); 339} 340 341void 342server_input(struct client *clt) 343{ 344 struct server_config *srv_conf = clt->clt_srv_conf; 345 evbuffercb inrd = server_read; 346 evbuffercb inwr = server_write; 347 348 if (server_httpdesc_init(clt) == -1) { 349 server_close(clt, 350 "failed to allocate http descriptor"); 351 return; 352 } 353 354 clt->clt_toread = TOREAD_HTTP_HEADER; 355 inrd = server_read_http; 356 357 /* 358 * Client <-> Server 359 */ 360 clt->clt_bev = bufferevent_new(clt->clt_s, inrd, inwr, 361 server_error, clt); 362 if (clt->clt_bev == NULL) { 363 server_close(clt, "failed to allocate input buffer event"); 364 return; 365 } 366 367 bufferevent_settimeout(clt->clt_bev, 368 srv_conf->timeout.tv_sec, srv_conf->timeout.tv_sec); 369 bufferevent_enable(clt->clt_bev, EV_READ|EV_WRITE); 370} 371 372void 373server_write(struct bufferevent *bev, void *arg) 374{ 375 struct client *clt = arg; 376 struct evbuffer *dst = EVBUFFER_OUTPUT(bev); 377 378 if (EVBUFFER_LENGTH(dst) == 0 && 379 clt->clt_toread == TOREAD_HTTP_NONE) 380 goto done; 381 382 getmonotime(&clt->clt_tv_last); 383 384 if (clt->clt_done) 385 goto done; 386 return; 387 done: 388 server_close(clt, "done"); 389 return; 390} 391 392void 393server_dump(struct client *clt, const void *buf, size_t len) 394{ 395 if (!len) 396 return; 397 398 /* 399 * This function will dump the specified message directly 400 * to the underlying client, without waiting for success 401 * of non-blocking events etc. This is useful to print an 402 * error message before gracefully closing the client. 403 */ 404#if 0 405 if (cre->ssl != NULL) 406 (void)SSL_write(cre->ssl, buf, len); 407 else 408#endif 409 (void)write(clt->clt_s, buf, len); 410} 411 412void 413server_read(struct bufferevent *bev, void *arg) 414{ 415 struct client *clt = arg; 416 struct evbuffer *src = EVBUFFER_INPUT(bev); 417 418 getmonotime(&clt->clt_tv_last); 419 420 if (!EVBUFFER_LENGTH(src)) 421 return; 422 if (server_bufferevent_write_buffer(clt, src) == -1) 423 goto fail; 424 if (clt->clt_done) 425 goto done; 426 bufferevent_enable(bev, EV_READ); 427 return; 428 done: 429 server_close(clt, "done"); 430 return; 431 fail: 432 server_close(clt, strerror(errno)); 433} 434 435void 436server_error(struct bufferevent *bev, short error, void *arg) 437{ 438 struct client *clt = arg; 439 440 if (error & EVBUFFER_TIMEOUT) { 441 server_close(clt, "buffer event timeout"); 442 return; 443 } 444 if (error & EVBUFFER_ERROR && errno == EFBIG) { 445 bufferevent_enable(bev, EV_READ); 446 return; 447 } 448 if (error & (EVBUFFER_READ|EVBUFFER_WRITE|EVBUFFER_EOF)) { 449 bufferevent_disable(bev, EV_READ|EV_WRITE); 450 451 clt->clt_done = 1; 452 server_close(clt, "done"); 453 return; 454 } 455 server_close(clt, "buffer event error"); 456 return; 457} 458 459void 460server_accept(int fd, short event, void *arg) 461{ 462 struct server *srv = arg; 463 struct client *clt = NULL; 464 socklen_t slen; 465 struct sockaddr_storage ss; 466 int s = -1; 467 468 event_add(&srv->srv_ev, NULL); 469 if ((event & EV_TIMEOUT)) 470 return; 471 472 slen = sizeof(ss); 473 if ((s = accept_reserve(fd, (struct sockaddr *)&ss, 474 &slen, FD_RESERVE, &server_inflight)) == -1) { 475 /* 476 * Pause accept if we are out of file descriptors, or 477 * libevent will haunt us here too. 478 */ 479 if (errno == ENFILE || errno == EMFILE) { 480 struct timeval evtpause = { 1, 0 }; 481 482 event_del(&srv->srv_ev); 483 evtimer_add(&srv->srv_evt, &evtpause); 484 log_debug("%s: deferring connections", __func__); 485 } 486 return; 487 } 488 if (server_clients >= SERVER_MAX_CLIENTS) 489 goto err; 490 491 if (fcntl(s, F_SETFL, O_NONBLOCK) == -1) 492 goto err; 493 494 if ((clt = calloc(1, sizeof(*clt))) == NULL) 495 goto err; 496 497 clt->clt_s = s; 498 clt->clt_fd = -1; 499 clt->clt_toread = TOREAD_UNLIMITED; 500 clt->clt_srv = srv; 501 clt->clt_srv_conf = &srv->srv_conf; 502 clt->clt_id = ++server_cltid; 503 clt->clt_srv_id = srv->srv_conf.id; 504 clt->clt_pid = getpid(); 505 clt->clt_inflight = 1; 506 switch (ss.ss_family) { 507 case AF_INET: 508 clt->clt_port = ((struct sockaddr_in *)&ss)->sin_port; 509 break; 510 case AF_INET6: 511 clt->clt_port = ((struct sockaddr_in6 *)&ss)->sin6_port; 512 break; 513 } 514 memcpy(&clt->clt_ss, &ss, sizeof(clt->clt_ss)); 515 516 getmonotime(&clt->clt_tv_start); 517 memcpy(&clt->clt_tv_last, &clt->clt_tv_start, sizeof(clt->clt_tv_last)); 518 519 server_clients++; 520 SPLAY_INSERT(client_tree, &srv->srv_clients, clt); 521 522 /* Increment the per-relay client counter */ 523 //srv->srv_stats[proc_id].last++; 524 525 /* Pre-allocate output buffer */ 526 clt->clt_output = evbuffer_new(); 527 if (clt->clt_output == NULL) { 528 server_close(clt, "failed to allocate output buffer"); 529 return; 530 } 531 532 /* Pre-allocate log buffer */ 533 clt->clt_log = evbuffer_new(); 534 if (clt->clt_log == NULL) { 535 server_close(clt, "failed to allocate log buffer"); 536 return; 537 } 538 539 server_input(clt); 540 return; 541 542 err: 543 if (s != -1) { 544 close(s); 545 if (clt != NULL) 546 free(clt); 547 /* 548 * the client struct was not completly set up, but still 549 * counted as an inflight client. account for this. 550 */ 551 server_inflight_dec(clt, __func__); 552 } 553} 554 555void 556server_inflight_dec(struct client *clt, const char *why) 557{ 558 if (clt != NULL) { 559 /* the flight already left inflight mode. */ 560 if (clt->clt_inflight == 0) 561 return; 562 clt->clt_inflight = 0; 563 } 564 565 /* the file was never opened, thus this was an inflight client. */ 566 server_inflight--; 567 log_debug("%s: inflight decremented, now %d, %s", 568 __func__, server_inflight, why); 569} 570 571void 572server_close(struct client *clt, const char *msg) 573{ 574 char ibuf[128], obuf[128], *ptr = NULL; 575 struct server *srv = clt->clt_srv; 576 struct server_config *srv_conf = clt->clt_srv_conf; 577 578 SPLAY_REMOVE(client_tree, &srv->srv_clients, clt); 579 580 /* free the HTTP descriptors incl. headers */ 581 server_close_http(clt); 582 583 event_del(&clt->clt_ev); 584 if (clt->clt_bev != NULL) 585 bufferevent_disable(clt->clt_bev, EV_READ|EV_WRITE); 586 if (clt->clt_file != NULL) 587 bufferevent_disable(clt->clt_file, EV_READ|EV_WRITE); 588 589 if ((env->sc_opts & HTTPD_OPT_LOGUPDATE) && msg != NULL) { 590 memset(&ibuf, 0, sizeof(ibuf)); 591 memset(&obuf, 0, sizeof(obuf)); 592 (void)print_host(&clt->clt_ss, ibuf, sizeof(ibuf)); 593 (void)print_host(&srv_conf->ss, obuf, sizeof(obuf)); 594 if (EVBUFFER_LENGTH(clt->clt_log) && 595 evbuffer_add_printf(clt->clt_log, "\r\n") != -1) 596 ptr = evbuffer_readline(clt->clt_log); 597 log_info("server %s, " 598 "client %d (%d active), %s -> %s:%d, " 599 "%s%s%s", srv_conf->name, clt->clt_id, server_clients, 600 ibuf, obuf, ntohs(clt->clt_port), msg, 601 ptr == NULL ? "" : ",", ptr == NULL ? "" : ptr); 602 if (ptr != NULL) 603 free(ptr); 604 } 605 606 if (clt->clt_bev != NULL) 607 bufferevent_free(clt->clt_bev); 608 if (clt->clt_output != NULL) 609 evbuffer_free(clt->clt_output); 610 611 if (clt->clt_file != NULL) 612 bufferevent_free(clt->clt_file); 613 if (clt->clt_fd != -1) 614 close(clt->clt_fd); 615 if (clt->clt_s != -1) 616 close(clt->clt_s); 617 618 server_inflight_dec(clt, __func__); 619 620 if (clt->clt_log != NULL) 621 evbuffer_free(clt->clt_log); 622 623 free(clt); 624 server_clients--; 625} 626 627int 628server_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg) 629{ 630 switch (imsg->hdr.type) { 631 case IMSG_CFG_MEDIA: 632 config_getmedia(env, imsg); 633 break; 634 case IMSG_CFG_SERVER: 635 config_getserver(env, imsg); 636 break; 637 case IMSG_CFG_DONE: 638 config_getcfg(env, imsg); 639 break; 640 case IMSG_CTL_START: 641 server_launch(); 642 break; 643 case IMSG_CTL_RESET: 644 config_getreset(env, imsg); 645 break; 646 default: 647 return (-1); 648 } 649 650 return (0); 651} 652 653int 654server_bufferevent_add(struct event *ev, int timeout) 655{ 656 struct timeval tv, *ptv = NULL; 657 658 if (timeout) { 659 timerclear(&tv); 660 tv.tv_sec = timeout; 661 ptv = &tv; 662 } 663 664 return (event_add(ev, ptv)); 665} 666 667int 668server_bufferevent_print(struct client *clt, const char *str) 669{ 670 if (clt->clt_bev == NULL) 671 return (evbuffer_add(clt->clt_output, str, strlen(str))); 672 return (bufferevent_write(clt->clt_bev, str, strlen(str))); 673} 674 675int 676server_bufferevent_write_buffer(struct client *clt, struct evbuffer *buf) 677{ 678 if (clt->clt_bev == NULL) 679 return (evbuffer_add_buffer(clt->clt_output, buf)); 680 return (bufferevent_write_buffer(clt->clt_bev, buf)); 681} 682 683int 684server_bufferevent_write_chunk(struct client *clt, 685 struct evbuffer *buf, size_t size) 686{ 687 int ret; 688 ret = server_bufferevent_write(clt, buf->buffer, size); 689 if (ret != -1) 690 evbuffer_drain(buf, size); 691 return (ret); 692} 693 694int 695server_bufferevent_write(struct client *clt, void *data, size_t size) 696{ 697 if (clt->clt_bev == NULL) 698 return (evbuffer_add(clt->clt_output, data, size)); 699 return (bufferevent_write(clt->clt_bev, data, size)); 700} 701 702int 703server_client_cmp(struct client *a, struct client *b) 704{ 705 return ((int)a->clt_id - b->clt_id); 706} 707 708SPLAY_GENERATE(client_tree, client, clt_nodes, server_client_cmp); 709