/*
- * webserver.c
+ * $Id$
*
* This contains a simple multithreaded TCP server manager. It sits around
* waiting on the specified port for incoming HTTP connections. When a
* connection is established, it calls context_loop() from context_loop.c.
*
- * $Id$
*/
#include <ctype.h>
#include <limits.h>
#endif
#include <netinet/in.h>
+#include <arpa/inet.h>
#include <netdb.h>
#include <string.h>
#include <pwd.h>
#include <stdarg.h>
#include <pthread.h>
#include <signal.h>
-
#include "webcit.h"
#include "webserver.h"
int verbosity = 9; /* Logging level */
int msock; /* master listening socket */
+int is_https = 0; /* Nonzero if I am an HTTPS service */
extern void *context_loop(int);
extern void *housekeeping_loop(void);
extern pthread_mutex_t SessionListMutex;
char *server_cookie = NULL;
-char *defaulthost = DEFAULT_HOST;
-char *defaultport = DEFAULT_PORT;
+char *ctdlhost = DEFAULT_HOST;
+char *ctdlport = DEFAULT_PORT;
/*
* This is a generic function to set up a master socket for listening on
* a TCP port. The server shuts down if the bind fails.
*/
-int ig_tcp_server(int port_number, int queue_len)
+int ig_tcp_server(char *ip_addr, int port_number, int queue_len)
{
struct sockaddr_in sin;
int s, i;
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
- sin.sin_addr.s_addr = INADDR_ANY;
+ if (ip_addr == NULL) {
+ sin.sin_addr.s_addr = INADDR_ANY;
+ }
+ else {
+ sin.sin_addr.s_addr = inet_addr(ip_addr);
+ }
+
+ if (sin.sin_addr.s_addr == INADDR_NONE) {
+ sin.sin_addr.s_addr = INADDR_ANY;
+ }
if (port_number == 0) {
lprintf(1, "Cannot start: no port number specified.\n");
struct timeval tv;
int retval;
+
+#ifdef HAVE_OPENSSL
+ if (is_https) {
+ return(client_read_ssl(buf, bytes, timeout));
+ }
+#endif
+
len = 0;
while (len < bytes) {
FD_ZERO(&rfds);
if (FD_ISSET(sock, &rfds) == 0) {
return (0);
}
+
rlen = read(sock, &buf[len], bytes - len);
+
if (rlen < 1) {
lprintf(2, "client_read() failed: %s\n",
strerror(errno));
}
len = len + rlen;
}
+ /*write(2, buf, bytes); FIXME */
return (1);
}
+
+ssize_t client_write(const void *buf, size_t count) {
+#ifdef HAVE_OPENSSL
+ if (is_https) {
+ client_write_ssl((char *)buf, count);
+ return(count);
+ }
+#endif
+ /* write(2, buf, count); FIXME */
+ return(write(WC->http_sock, buf, count));
+}
+
+
/*
* Read data from the client socket with default timeout.
* (This is implemented in terms of client_read_to() and could be
void spawn_another_worker_thread() {
pthread_t SessThread; /* Thread descriptor */
pthread_attr_t attr; /* Thread attributes */
+ int ret;
lprintf(3, "Creating a new thread\n");
pthread_attr_init(&attr);
pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
+ /* Our per-thread stacks need to be bigger than the default size, otherwise
+ * the MIME parser crashes on FreeBSD, and the IMAP service crashes on
+ * 64-bit Linux.
+ */
+ if ((ret = pthread_attr_setstacksize(&attr, 1024 * 1024))) {
+ lprintf(1, "pthread_attr_setstacksize: %s\n", strerror(ret));
+ pthread_attr_destroy(&attr);
+ }
+
/* now create the thread */
if (pthread_create(&SessThread, &attr,
(void *(*)(void *)) worker_entry, NULL)
lprintf(1, "Can't create thread: %s\n",
strerror(errno));
}
+
+ /* free up the attributes */
+ pthread_attr_destroy(&attr);
}
/*
int a, i; /* General-purpose variables */
int port = PORT_NUM; /* Port to listen on */
char tracefile[PATH_MAX];
+ char ip_addr[256];
/* Parse command line */
- while ((a = getopt(argc, argv, "hp:t:c")) != EOF)
+#ifdef HAVE_OPENSSL
+ while ((a = getopt(argc, argv, "hi:p:t:cs")) != EOF)
+#else
+ while ((a = getopt(argc, argv, "hi:p:t:c")) != EOF)
+#endif
switch (a) {
+ case 'i':
+ strcpy(ip_addr, optarg);
+ break;
case 'p':
port = atoi(optarg);
break;
}
}
break;
+ case 's':
+ is_https = 1;
+ break;
default:
- fprintf(stderr, "usage: webserver [-p localport] "
+ fprintf(stderr, "usage: webserver "
+ "[-i ip_addr] [-p http_port] "
"[-t tracefile] [-c] "
+#ifdef HAVE_OPENSSL
+ "[-s] "
+#endif
"[remotehost [remoteport]]\n");
return 1;
}
if (optind < argc) {
- defaulthost = argv[optind];
+ ctdlhost = argv[optind];
if (++optind < argc)
- defaultport = argv[optind];
+ ctdlport = argv[optind];
}
/* Tell 'em who's in da house */
lprintf(1, SERVER "\n"
-"Copyright (C) 1996-2003 by the Citadel/UX development team.\n"
+"Copyright (C) 1996-2005 by the Citadel/UX development team.\n"
"This software is distributed under the terms of the GNU General Public\n"
"License. If you paid for this software, someone is ripping you off.\n\n");
lprintf(1, "Can't create TSD key: %s\n", strerror(errno));
}
+ /*
+ * Set up a place to put thread-specific SSL data.
+ * We don't stick this in the wcsession struct because SSL starts
+ * up before the session is bound, and it gets torn down between
+ * transactions.
+ */
+#ifdef HAVE_OPENSSL
+ if (pthread_key_create(&ThreadSSL, NULL) != 0) {
+ lprintf(1, "Can't create TSD key: %s\n", strerror(errno));
+ }
+#endif
+
/*
* Bind the server to our favorite port.
* There is no need to check for errors, because ig_tcp_server()
* exits if it doesn't succeed.
*/
lprintf(2, "Attempting to bind to port %d...\n", port);
- msock = ig_tcp_server(port, LISTEN_QUEUE_LENGTH);
+ msock = ig_tcp_server(ip_addr, port, LISTEN_QUEUE_LENGTH);
lprintf(2, "Listening on socket %d\n", msock);
signal(SIGPIPE, SIG_IGN);
(void *(*)(void *)) housekeeping_loop, NULL);
+ /*
+ * If this is an HTTPS server, fire up SSL
+ */
+#ifdef HAVE_OPENSSL
+ if (is_https) {
+ init_ssl();
+ }
+#endif
+
/* Start a few initial worker threads */
- for (i=0; i<(INITIAL_WORKER_THREADS); ++i) {
+ for (i=0; i<(MIN_WORKER_THREADS); ++i) {
spawn_another_worker_thread();
}
- /* now the original thread can go away. */
- pthread_exit(NULL);
+ /* now the original thread becomes another worker */
+ worker_entry();
return 0;
}
int ssock;
int i = 0;
int time_to_die = 0;
- time_t start_time, stop_time;
+ int fail_this_transaction = 0;
do {
/* Only one thread can accept at a time */
- start_time = time(NULL);
+ fail_this_transaction = 0;
ssock = accept(msock, NULL, 0);
- stop_time = time(NULL);
-
- /* Augment the thread pool if we're not blocking at all */
- if ( (stop_time - start_time) == 0L) {
- spawn_another_worker_thread();
- }
-
if (ssock < 0) {
lprintf(2, "accept() failed: %s\n", strerror(errno));
} else {
setsockopt(ssock, SOL_SOCKET, SO_REUSEADDR,
&i, sizeof(i));
- /* Perform an HTTP transaction... */
- context_loop(ssock);
+ /* If we are an HTTPS server, go crypto now. */
+#ifdef HAVE_OPENSSL
+ if (is_https) {
+ if (starttls(ssock) != 0) {
+ fail_this_transaction = 1;
+ close(ssock);
+ }
+ }
+#endif
+
+ if (fail_this_transaction == 0) {
+ /* Perform an HTTP transaction... */
+ context_loop(ssock);
+ /* ...and close the socket. */
+ lingering_close(ssock);
+ }
- /* ...and close the socket. */
- lingering_close(ssock);
}
} while (!time_to_die);
int lprintf(int loglevel, const char *format, ...)
{
va_list ap;
- char buf[4096];
-
- va_start(ap, format);
- vsprintf(buf, format, ap);
- va_end(ap);
if (loglevel <= verbosity) {
- struct timeval tv;
- struct tm *tim;
-
- gettimeofday(&tv, NULL);
- tim = localtime((time_t *)&(tv.tv_sec));
-
- if (WC && WC->wc_session) {
- fprintf(stderr,
- "%04d/%02d/%02d %2d:%02d:%02d.%03ld [%ld:%d] %s",
- tim->tm_year + 1900, tim->tm_mon + 1,
- tim->tm_mday, tim->tm_hour, tim->tm_min,
- tim->tm_sec, (long)tv.tv_usec / 1000,
- (long)pthread_self(),
- WC->wc_session, buf);
- } else {
- fprintf(stderr,
- "%04d/%02d/%02d %2d:%02d:%02d.%03ld [%ld] %s",
- tim->tm_year + 1900, tim->tm_mon + 1,
- tim->tm_mday, tim->tm_hour, tim->tm_min,
- tim->tm_sec, (long)tv.tv_usec / 1000,
- (long)pthread_self(),
- buf);
- }
+ va_start(ap, format);
+ vfprintf(stderr, format, ap);
+ va_end(ap);
fflush(stderr);
}
return 1;