/*
- * webserver.c
+ * $Id$
*
* This contains a simple multithreaded TCP server manager. It sits around
* waiting on the specified port for incoming HTTP connections. When a
* connection is established, it calls context_loop() from context_loop.c.
*
- * $Id$
*/
-#include <ctype.h>
-#include <stdlib.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#include <stdio.h>
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#include <signal.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <sys/socket.h>
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-#include <netinet/in.h>
-#include <netdb.h>
-#include <string.h>
-#include <pwd.h>
-#include <errno.h>
-#include <stdarg.h>
-#include <pthread.h>
-#include <signal.h>
+
#include "webcit.h"
#include "webserver.h"
int verbosity = 9; /* Logging level */
int msock; /* master listening socket */
+int is_https = 0; /* Nonzero if I am an HTTPS service */
extern void *context_loop(int);
extern void *housekeeping_loop(void);
extern pthread_mutex_t SessionListMutex;
char *server_cookie = NULL;
-char *defaulthost = DEFAULT_HOST;
-char *defaultport = DEFAULT_PORT;
-
-pthread_mutex_t AcceptQueue;
+char *ctdlhost = DEFAULT_HOST;
+char *ctdlport = DEFAULT_PORT;
+int setup_wizard = 0;
+char wizard_filename[PATH_MAX];
/*
* This is a generic function to set up a master socket for listening on
* a TCP port. The server shuts down if the bind fails.
*/
-int ig_tcp_server(int port_number, int queue_len)
+int ig_tcp_server(char *ip_addr, int port_number, int queue_len)
{
struct sockaddr_in sin;
int s, i;
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
- sin.sin_addr.s_addr = INADDR_ANY;
+ if (ip_addr == NULL) {
+ sin.sin_addr.s_addr = INADDR_ANY;
+ } else {
+ sin.sin_addr.s_addr = inet_addr(ip_addr);
+ }
+
+ if (sin.sin_addr.s_addr == INADDR_NONE) {
+ sin.sin_addr.s_addr = INADDR_ANY;
+ }
if (port_number == 0) {
lprintf(1, "Cannot start: no port number specified.\n");
s = socket(PF_INET, SOCK_STREAM, (getprotobyname("tcp")->p_proto));
if (s < 0) {
- lprintf(1, "Can't create a socket: %s\n",
- strerror(errno));
+ lprintf(1, "Can't create a socket: %s\n", strerror(errno));
exit(errno);
}
/* Set some socket options that make sense. */
struct timeval tv;
int retval;
+
+#ifdef HAVE_OPENSSL
+ if (is_https) {
+ return (client_read_ssl(buf, bytes, timeout));
+ }
+#endif
+
len = 0;
while (len < bytes) {
FD_ZERO(&rfds);
tv.tv_sec = timeout;
tv.tv_usec = 0;
- retval = select((sock) + 1,
- &rfds, NULL, NULL, &tv);
+ retval = select((sock) + 1, &rfds, NULL, NULL, &tv);
if (FD_ISSET(sock, &rfds) == 0) {
return (0);
}
+
rlen = read(sock, &buf[len], bytes - len);
+
if (rlen < 1) {
lprintf(2, "client_read() failed: %s\n",
- strerror(errno));
- return(-1);
+ strerror(errno));
+ return (-1);
}
len = len + rlen;
}
+
+#ifdef HTTP_TRACING
+ write(2, "\033[32m", 5);
+ write(2, buf, bytes);
+ write(2, "\033[30m", 5);
+#endif
return (1);
}
+
+ssize_t client_write(const void *buf, size_t count)
+{
+
+ if (WC->burst != NULL) {
+ WC->burst =
+ realloc(WC->burst, (WC->burst_len + count + 2));
+ memcpy(&WC->burst[WC->burst_len], buf, count);
+ WC->burst_len += count;
+ return (count);
+ }
+#ifdef HAVE_OPENSSL
+ if (is_https) {
+ client_write_ssl((char *) buf, count);
+ return (count);
+ }
+#endif
+#ifdef HTTP_TRACING
+ write(2, "\033[34m", 5);
+ write(2, buf, count);
+ write(2, "\033[30m", 5);
+#endif
+ return (write(WC->http_sock, buf, count));
+}
+
+
+void begin_burst(void)
+{
+ if (WC->burst != NULL) {
+ free(WC->burst);
+ WC->burst = NULL;
+ }
+ WC->burst_len = 0;
+ WC->burst = malloc(SIZ);
+}
+
+
+/*
+ * compress_gzip() uses the same calling syntax as compress2(), but it
+ * creates a stream compatible with HTTP "Content-encoding: gzip"
+ */
+#ifdef HAVE_ZLIB
+#define DEF_MEM_LEVEL 8
+#define OS_CODE 0x03 /* unix */
+int ZEXPORT compress_gzip(Bytef * dest, uLongf * destLen,
+ const Bytef * source, uLong sourceLen, int level)
+{
+ const int gz_magic[2] = { 0x1f, 0x8b }; /* gzip magic header */
+
+ /* write gzip header */
+ sprintf((char *) dest, "%c%c%c%c%c%c%c%c%c%c",
+ gz_magic[0], gz_magic[1], Z_DEFLATED,
+ 0 /*flags */ , 0, 0, 0, 0 /*time */ , 0 /*xflags */ ,
+ OS_CODE);
+
+ /* normal deflate */
+ z_stream stream;
+ int err;
+ stream.next_in = (Bytef *) source;
+ stream.avail_in = (uInt) sourceLen;
+ stream.next_out = dest + 10L; // after header
+ stream.avail_out = (uInt) * destLen;
+ if ((uLong) stream.avail_out != *destLen)
+ return Z_BUF_ERROR;
+
+ stream.zalloc = (alloc_func) 0;
+ stream.zfree = (free_func) 0;
+ stream.opaque = (voidpf) 0;
+
+ err = deflateInit2(&stream, level, Z_DEFLATED, -MAX_WBITS,
+ DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY);
+ if (err != Z_OK)
+ return err;
+
+ err = deflate(&stream, Z_FINISH);
+ if (err != Z_STREAM_END) {
+ deflateEnd(&stream);
+ return err == Z_OK ? Z_BUF_ERROR : err;
+ }
+ *destLen = stream.total_out + 10L;
+
+ /* write CRC and Length */
+ uLong crc = crc32(0L, source, sourceLen);
+ int n;
+ for (n = 0; n < 4; ++n, ++*destLen) {
+ dest[*destLen] = (int) (crc & 0xff);
+ crc >>= 8;
+ }
+ uLong len = stream.total_in;
+ for (n = 0; n < 4; ++n, ++*destLen) {
+ dest[*destLen] = (int) (len & 0xff);
+ len >>= 8;
+ }
+ err = deflateEnd(&stream);
+ return err;
+}
+#endif
+
+void end_burst(void)
+{
+ size_t the_len;
+ char *the_data;
+
+ if (WC->burst == NULL)
+ return;
+
+ the_len = WC->burst_len;
+ the_data = WC->burst;
+
+ WC->burst_len = 0;
+ WC->burst = NULL;
+
+#ifdef HAVE_ZLIB
+ /* Handle gzip compression */
+ if (WC->gzip_ok) {
+ char *compressed_data = NULL;
+ uLongf compressed_len;
+
+ compressed_len = (uLongf) ((the_len * 101) / 100) + 100;
+ compressed_data = malloc(compressed_len);
+
+ if (compress_gzip((Bytef *) compressed_data,
+ &compressed_len,
+ (Bytef *) the_data,
+ (uLongf) the_len, Z_BEST_SPEED) == Z_OK) {
+ wprintf("Content-encoding: gzip\r\n");
+ free(the_data);
+ the_data = compressed_data;
+ the_len = compressed_len;
+ } else {
+ free(compressed_data);
+ }
+ }
+#endif /* HAVE_ZLIB */
+
+ wprintf("Content-length: %d\r\n\r\n", the_len);
+ client_write(the_data, the_len);
+ free(the_data);
+ return;
+}
+
+
+
/*
* Read data from the client socket with default timeout.
* (This is implemented in terms of client_read_to() and could be
exit(0);
}
-void spawn_another_worker_thread() {
+void spawn_another_worker_thread()
+{
pthread_t SessThread; /* Thread descriptor */
pthread_attr_t attr; /* Thread attributes */
+ int ret;
lprintf(3, "Creating a new thread\n");
pthread_attr_init(&attr);
pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
+ /* Our per-thread stacks need to be bigger than the default size, otherwise
+ * the MIME parser crashes on FreeBSD, and the IMAP service crashes on
+ * 64-bit Linux.
+ */
+ if ((ret = pthread_attr_setstacksize(&attr, 1024 * 1024))) {
+ lprintf(1, "pthread_attr_setstacksize: %s\n",
+ strerror(ret));
+ pthread_attr_destroy(&attr);
+ }
+
/* now create the thread */
if (pthread_create(&SessThread, &attr,
- (void *(*)(void *)) worker_entry, NULL)
- != 0) {
- lprintf(1, "Can't create thread: %s\n",
- strerror(errno));
+ (void *(*)(void *)) worker_entry, NULL)
+ != 0) {
+ lprintf(1, "Can't create thread: %s\n", strerror(errno));
}
+
+ /* free up the attributes */
+ pthread_attr_destroy(&attr);
}
/*
int a, i; /* General-purpose variables */
int port = PORT_NUM; /* Port to listen on */
char tracefile[PATH_MAX];
+ char ip_addr[256];
+ char *webcitdir = WEBCITDIR;
/* Parse command line */
- while ((a = getopt(argc, argv, "hp:t:c")) != EOF)
+#ifdef HAVE_OPENSSL
+ while ((a = getopt(argc, argv, "h:i:p:t:x:cs")) != EOF)
+#else
+ while ((a = getopt(argc, argv, "h:i:p:t:x:c")) != EOF)
+#endif
switch (a) {
+ case 'h':
+ webcitdir = strdup(optarg);
+ break;
+ case 'i':
+ safestrncpy(ip_addr, optarg, sizeof ip_addr);
+ break;
case 'p':
port = atoi(optarg);
break;
case 't':
- strcpy(tracefile, optarg);
+ safestrncpy(tracefile, optarg, sizeof tracefile);
freopen(tracefile, "w", stdout);
freopen(tracefile, "w", stderr);
freopen(tracefile, "r", stdin);
verbosity = atoi(optarg);
break;
case 'c':
- server_cookie = malloc(SIZ);
+ server_cookie = malloc(256);
if (server_cookie != NULL) {
- strcpy(server_cookie, "Set-cookie: wcserver=");
- if (gethostname(
- &server_cookie[strlen(server_cookie)],
- 200) != 0) {
+ safestrncpy(server_cookie,
+ "Set-cookie: wcserver=",
+ 256);
+ if (gethostname
+ (&server_cookie[strlen(server_cookie)],
+ 200) != 0) {
lprintf(2, "gethostname: %s\n",
strerror(errno));
free(server_cookie);
}
}
break;
+ case 's':
+ is_https = 1;
+ break;
default:
- fprintf(stderr, "usage: webserver [-p localport] "
+ fprintf(stderr, "usage: webserver "
+ "[-i ip_addr] [-p http_port] "
"[-t tracefile] [-c] "
+#ifdef HAVE_OPENSSL
+ "[-s] "
+#endif
"[remotehost [remoteport]]\n");
return 1;
}
if (optind < argc) {
- defaulthost = argv[optind];
+ ctdlhost = argv[optind];
if (++optind < argc)
- defaultport = argv[optind];
+ ctdlport = argv[optind];
}
/* Tell 'em who's in da house */
lprintf(1, SERVER "\n"
-"Copyright (C) 1996-2001 by the Citadel/UX development team.\n"
-"This software is distributed under the terms of the GNU General Public\n"
-"License. If you paid for this software, someone is ripping you off.\n\n");
+ "Copyright (C) 1996-2005 by the Citadel development team.\n"
+ "This software is distributed under the terms of the "
+ "GNU General Public License.\n\n"
+ );
- if (chdir(WEBCITDIR) != 0)
+ lprintf(9, "Changing directory to %s\n", webcitdir);
+ if (chdir(webcitdir) != 0) {
perror("chdir");
+ }
- /*
- * Set up a place to put thread-specific data.
- * We only need a single pointer per thread - it points to the
- * wcsession struct to which the thread is currently bound.
- */
- if (pthread_key_create(&MyConKey, NULL) != 0) {
- lprintf(1, "Can't create TSD key: %s\n", strerror(errno));
- }
+ /*
+ * Set up a place to put thread-specific data.
+ * We only need a single pointer per thread - it points to the
+ * wcsession struct to which the thread is currently bound.
+ */
+ if (pthread_key_create(&MyConKey, NULL) != 0) {
+ lprintf(1, "Can't create TSD key: %s\n", strerror(errno));
+ }
+
+ /*
+ * Set up a place to put thread-specific SSL data.
+ * We don't stick this in the wcsession struct because SSL starts
+ * up before the session is bound, and it gets torn down between
+ * transactions.
+ */
+#ifdef HAVE_OPENSSL
+ if (pthread_key_create(&ThreadSSL, NULL) != 0) {
+ lprintf(1, "Can't create TSD key: %s\n", strerror(errno));
+ }
+#endif
/*
* Bind the server to our favorite port.
* exits if it doesn't succeed.
*/
lprintf(2, "Attempting to bind to port %d...\n", port);
- msock = ig_tcp_server(port, LISTEN_QUEUE_LENGTH);
+ msock = ig_tcp_server(ip_addr, port, LISTEN_QUEUE_LENGTH);
lprintf(2, "Listening on socket %d\n", msock);
signal(SIGPIPE, SIG_IGN);
pthread_mutex_init(&SessionListMutex, NULL);
- pthread_mutex_init(&AcceptQueue, NULL);
/*
* Start up the housekeeping thread
(void *(*)(void *)) housekeeping_loop, NULL);
+ /*
+ * If this is an HTTPS server, fire up SSL
+ */
+#ifdef HAVE_OPENSSL
+ if (is_https) {
+ init_ssl();
+ }
+#endif
+
/* Start a few initial worker threads */
- for (i=0; i<(INITIAL_WORKER_THREADS); ++i) {
+ for (i = 0; i < (MIN_WORKER_THREADS); ++i) {
spawn_another_worker_thread();
}
- /* now the original thread can go away. */
- pthread_exit(NULL);
+ /* now the original thread becomes another worker */
+ worker_entry();
return 0;
}
/*
* Entry point for worker threads
*/
-void worker_entry(void) {
+void worker_entry(void)
+{
int ssock;
- struct sockaddr_in fsin;
- int alen;
int i = 0;
int time_to_die = 0;
- time_t start_time, stop_time;
+ int fail_this_transaction = 0;
do {
/* Only one thread can accept at a time */
- start_time = time(NULL);
- pthread_mutex_lock(&AcceptQueue);
- ssock = accept(msock, (struct sockaddr *) &fsin, &alen);
- pthread_mutex_unlock(&AcceptQueue);
- stop_time = time(NULL);
-
- /* Augment the thread pool if we're not blocking at all */
- if ( (stop_time - start_time) == 0L) {
- spawn_another_worker_thread();
- }
-
+ fail_this_transaction = 0;
+ ssock = accept(msock, NULL, 0);
if (ssock < 0) {
- lprintf(2, "accept() failed: %s\n", strerror(errno));
+ lprintf(2, "accept() failed: %s\n",
+ strerror(errno));
} else {
/* Set the SO_REUSEADDR socket option */
i = 1;
setsockopt(ssock, SOL_SOCKET, SO_REUSEADDR,
- &i, sizeof(i));
+ &i, sizeof(i));
+
+ /* If we are an HTTPS server, go crypto now. */
+#ifdef HAVE_OPENSSL
+ if (is_https) {
+ if (starttls(ssock) != 0) {
+ fail_this_transaction = 1;
+ close(ssock);
+ }
+ }
+#endif
- /* Perform an HTTP transaction... */
- context_loop(ssock);
+ if (fail_this_transaction == 0) {
+ /* Perform an HTTP transaction... */
+ context_loop(ssock);
+ /* ...and close the socket. */
+ lingering_close(ssock);
+ }
- /* ...and close the socket. */
- lingering_close(ssock);
}
} while (!time_to_die);
int lprintf(int loglevel, const char *format, ...)
{
va_list ap;
- char buf[4096];
-
- va_start(ap, format);
- vsprintf(buf, format, ap);
- va_end(ap);
if (loglevel <= verbosity) {
- struct timeval tv;
- struct tm *tim;
-
- gettimeofday(&tv, NULL);
- tim = localtime(&(tv.tv_sec));
-
- if (WC && WC->wc_session) {
- fprintf(stderr,
- "%04d/%02d/%02d %2d:%02d:%02d.%03ld [%ld:%d] %s",
- tim->tm_year + 1900, tim->tm_mon + 1,
- tim->tm_mday, tim->tm_hour, tim->tm_min,
- tim->tm_sec, (long)tv.tv_usec / 1000,
- pthread_self(), WC->wc_session, buf);
- } else {
- fprintf(stderr,
- "%04d/%02d/%02d %2d:%02d:%02d.%03ld [%ld] %s",
- tim->tm_year + 1900, tim->tm_mon + 1,
- tim->tm_mday, tim->tm_hour, tim->tm_min,
- tim->tm_sec, (long)tv.tv_usec / 1000,
- pthread_self(), buf);
- }
+ va_start(ap, format);
+ vfprintf(stderr, format, ap);
+ va_end(ap);
fflush(stderr);
}
return 1;
projects / citadel.git / blobdiff