noit_listener.c

Revision 1f7cb6fc7d8ef26f3708152ed497a3d3dfaeb168, 9.8 kB (checked in by Theo Schlossnagle <jesus@omniti.com>, 5 years ago)
fixes #17
Property mode set to `100644`

Line
1	/*
2	* Copyright (c) 2007, OmniTI Computer Consulting, Inc.
3	* All rights reserved.
4	*/
5
6	#include "noit_defines.h"
7
8	#include <unistd.h>
9	#include <errno.h>
10	#include <sys/time.h>
11	#include <sys/types.h>
12	#include <sys/socket.h>
13	#include <sys/ioctl.h>
14	#include <netinet/in.h>
15	#include <sys/un.h>
16	#include <arpa/inet.h>
17
18	#include "eventer/eventer.h"
19	#include "utils/noit_log.h"
20	#include "noit_listener.h"
21	#include "noit_conf.h"
22
23	void
24	acceptor_closure_free(acceptor_closure_t *ac) {
25	if(ac->remote_cn) free(ac->remote_cn);
26	free(ac);
27	}
28
29	static int
30	noit_listener_accept_ssl(eventer_t e, int mask,
31	void closure, struct timeval tv) {
32	int rv;
33	listener_closure_t listener_closure = (listener_closure_t)closure;
34	acceptor_closure_t *ac = NULL;
35	if(!closure) goto socketfail;
36	ac = listener_closure->dispatch_closure;
37
38	rv = eventer_SSL_accept(e, &mask);
39	if(rv > 0) {
40	eventer_ssl_ctx_t *sslctx;
41	e->callback = listener_closure->dispatch_callback;
42	/* We must make a copy of the acceptor_closure_t for each new
43	* connection.
44	*/
45	if((sslctx = eventer_get_eventer_ssl_ctx(e)) != NULL) {
46	char cn, end;
47	cn = eventer_ssl_get_peer_subject(sslctx);
48	if(cn && (cn = strstr(cn, "CN=")) != NULL) {
49	cn += 3;
50	end = cn;
51	while(end && end != '/') end++;
52	ac->remote_cn = malloc(end - cn + 1);
53	memcpy(ac->remote_cn, cn, end - cn);
54	ac->remote_cn[end-cn] = '\0';
55	}
56	}
57	e->closure = ac;
58	return e->callback(e, mask, e->closure, tv);
59	}
60	if(errno == EAGAIN) return mask\|EVENTER_EXCEPTION;
61
62	socketfail:
63	if(listener_closure) free(listener_closure);
64	if(ac) acceptor_closure_free(ac);
65	eventer_remove_fd(e->fd);
66	e->opset->close(e->fd, &mask, e);
67	return 0;
68	}
69
70	static int
71	noit_listener_acceptor(eventer_t e, int mask,
72	void closure, struct timeval tv) {
73	int conn, newmask = EVENTER_READ;
74	socklen_t salen;
75	listener_closure_t listener_closure = (listener_closure_t)closure;
76	acceptor_closure_t *ac = NULL;
77
78	if(mask & EVENTER_EXCEPTION) {
79	socketfail:
80	if(ac) acceptor_closure_free(ac);
81	eventer_remove_fd(e->fd);
82	e->opset->close(e->fd, &mask, e);
83	return 0;
84	}
85
86	ac = malloc(sizeof(*ac));
87	memcpy(ac, listener_closure->dispatch_closure, sizeof(*ac));
88	conn = e->opset->accept(e->fd, &ac->remote.remote_addr, &salen, &newmask, e);
89	if(conn >= 0) {
90	socklen_t on = 1;
91	eventer_t newe;
92	if(ioctl(conn, FIONBIO, &on)) {
93	close(conn);
94	goto accept_bail;
95	}
96	newe = eventer_alloc();
97	newe->fd = conn;
98	newe->mask = EVENTER_READ \| EVENTER_WRITE \| EVENTER_EXCEPTION;
99
100	if(listener_closure->sslconfig->size) {
101	char cert, key, ca, ciphers;
102	eventer_ssl_ctx_t *ctx;
103	/* We have an SSL configuration. While our socket accept is
104	* complete, we now have to SSL_accept, which could require
105	* several reads and writes and needs its own event callback.
106	*/
107	#define SSLCONFGET(var,name) do { \
108	if(!noit_hash_retrieve(listener_closure->sslconfig, name, strlen(name), \
109	(void **)&var)) var = NULL; } while(0)
110	SSLCONFGET(cert, "certificate_file");
111	SSLCONFGET(key, "key_file");
112	SSLCONFGET(ca, "ca_chain");
113	SSLCONFGET(ciphers, "ciphers");
114	ctx = eventer_ssl_ctx_new(SSL_SERVER, cert, key, ca, ciphers);
115	if(!ctx) {
116	eventer_free(newe);
117	goto socketfail;
118	}
119	eventer_ssl_ctx_set_verify(ctx, eventer_ssl_verify_cert,
120	listener_closure->sslconfig);
121	EVENTER_ATTACH_SSL(newe, ctx);
122	newe->callback = noit_listener_accept_ssl;
123	newe->closure = malloc(sizeof(*listener_closure));
124	memcpy(newe->closure, listener_closure, sizeof(*listener_closure));
125	((listener_closure_t)newe->closure)->dispatch_closure = ac;
126	}
127	else {
128	newe->callback = listener_closure->dispatch_callback;
129	/* We must make a copy of the acceptor_closure_t for each new
130	* connection.
131	*/
132	newe->closure = ac;
133	}
134	eventer_add(newe);
135	}
136	accept_bail:
137	return newmask \| EVENTER_EXCEPTION;
138	}
139
140	int
141	noit_listener(char *host, unsigned short port, int type,
142	int backlog, noit_hash_table *sslconfig,
143	noit_hash_table *config,
144	eventer_func_t handler, void *service_ctx) {
145	int rv, fd;
146	int8_t family;
147	int sockaddr_len;
148	socklen_t on;
149	long reuse;
150	listener_closure_t listener_closure;
151	eventer_t event;
152	union {
153	struct in_addr addr4;
154	struct in6_addr addr6;
155	} a;
156	union {
157	struct sockaddr_in addr4;
158	struct sockaddr_in6 addr6;
159	struct sockaddr_un addru;
160	} s;
161	const char *event_name;
162
163	noitL(noit_debug, "noit_listener(%s, %d, %d, %d, %s, %p)\n",
164	host, port, type, backlog,
165	(event_name = eventer_name_for_callback(handler))?event_name:"??",
166	service_ctx);
167	if(host[0] == '/') {
168	family = AF_UNIX;
169	}
170	else {
171	family = AF_INET;
172	rv = inet_pton(family, host, &a);
173	if(rv != 1) {
174	family = AF_INET6;
175	rv = inet_pton(family, host, &a);
176	if(rv != 1) {
177	if(!strcmp(host, "*")) {
178	family = AF_INET;
179	a.addr4.s_addr = INADDR_ANY;
180	} else {
181	noitL(noit_stderr, "Cannot translate '%s' to IP\n", host);
182	return -1;
183	}
184	}
185	}
186	}
187
188	fd = socket(family, type, 0);
189	if(fd < 0) return -1;
190
191	on = 1;
192	if(ioctl(fd, FIONBIO, &on)) {
193	close(fd);
194	return -1;
195	}
196
197	reuse = 1;
198	if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR,
199	(void*)&reuse, sizeof(reuse)) != 0) {
200	close(fd);
201	return -1;
202	}
203
204	memset(&s, 0, sizeof(s));
205	if(family == AF_UNIX) {
206	struct stat sb;
207	/* unlink the path iff it is a socket */
208	if(stat(host, &sb) == -1) {
209	if(errno != ENOENT) {
210	noitL(noit_stderr, "%s: %s\n", host, strerror(errno));
211	close(fd);
212	return -1;
213	}
214	}
215	else {
216	if(sb.st_mode & S_IFSOCK)
217	unlink(host);
218	else {
219	noitL(noit_stderr, "unlink %s failed: %s\n", host, strerror(errno));
220	close(fd);
221	return -1;
222	}
223	}
224	strncpy(s.addru.sun_path, host, sizeof(s.addru.sun_path)-1);
225	sockaddr_len = sizeof(s.addru);
226	}
227	else {
228	s.addr6.sin6_family = family;
229	s.addr6.sin6_port = htons(port);
230	memcpy(&s.addr6.sin6_addr, &a, sizeof(a));
231	sockaddr_len = (family == AF_INET) ? sizeof(s.addr4) : sizeof(s.addr6);
232	}
233	if(bind(fd, (struct sockaddr *)&s, sockaddr_len) < 0) {
234	noitL(noit_stderr, "bind failed[%s]: %s\n", host, strerror(errno));
235	close(fd);
236	return -1;
237	}
238
239	if(type == SOCK_STREAM) {
240	if(listen(fd, backlog) < 0) {
241	close(fd);
242	return -1;
243	}
244	}
245
246	listener_closure = calloc(1, sizeof(*listener_closure));
247	listener_closure->family = family;
248	listener_closure->port = htons(port);
249	listener_closure->sslconfig = calloc(1, sizeof(noit_hash_table));
250	noit_hash_merge_as_dict(listener_closure->sslconfig, sslconfig);
251	listener_closure->dispatch_callback = handler;
252
253	listener_closure->dispatch_closure =
254	calloc(1, sizeof(*listener_closure->dispatch_closure));
255	listener_closure->dispatch_closure->config = config;
256	listener_closure->dispatch_closure->service_ctx = service_ctx;
257
258	event = eventer_alloc();
259	event->fd = fd;
260	event->mask = EVENTER_READ \| EVENTER_EXCEPTION;
261	event->callback = noit_listener_acceptor;
262	event->closure = listener_closure;
263
264	eventer_add(event);
265	return 0;
266	}
267
268	void
269	noit_listener_reconfig(const char *toplevel) {
270	int i, cnt = 0;
271	noit_conf_section_t *listener_configs;
272	char path[256];
273
274	snprintf(path, sizeof(path), "/%s/listeners//listener",
275	toplevel ? toplevel : "*");
276	listener_configs = noit_conf_get_sections(NULL, path, &cnt);
277	noitL(noit_stderr, "Found %d %s stanzas\n", cnt, path);
278	for(i=0; i<cnt; i++) {
279	char address[256];
280	char type[256];
281	unsigned short port;
282	int portint;
283	int backlog;
284	eventer_func_t f;
285	noit_conf_boolean ssl;
286	noit_hash_table sslconfig, config;
287
288	if(!noit_conf_get_stringbuf(listener_configs[i],
289	"ancestor-or-self::node()/@type",
290	type, sizeof(type))) {
291	noitL(noit_stderr, "No type specified in listener stanza %d\n", i+1);
292	continue;
293	}
294	f = eventer_callback_for_name(type);
295	if(!f) {
296	noitL(noit_stderr,
297	"Cannot find handler for listener type: '%s'\n", type);
298	continue;
299	}
300	if(!noit_conf_get_stringbuf(listener_configs[i],
301	"ancestor-or-self::node()/@address",
302	address, sizeof(address))) {
303	address[0] = '*';
304	address[1] = '\0';
305	}
306	if(!noit_conf_get_int(listener_configs[i],
307	"ancestor-or-self::node()/@port", &portint))
308	portint = 0;
309	port = (unsigned short) portint;
310	if(address[0] != '/' && (portint == 0 \|\| (port != portint))) {
311	/* UNIX sockets don't require a port (they'll ignore it if specified */
312	noitL(noit_stderr,
313	"Invalid port [%d] specified in stanza %d\n", port, i+1);
314	continue;
315	}
316	if(!noit_conf_get_int(listener_configs[i],
317	"ancestor-or-self::node()/@backlog", &backlog))
318	backlog = 5;
319
320	if(!noit_conf_get_boolean(listener_configs[i],
321	"ancestor-or-self::node()/@ssl", &ssl))
322	ssl = noit_false;
323
324	sslconfig = ssl ?
325	noit_conf_get_hash(listener_configs[i], "sslconfig") :
326	NULL;
327	config = noit_conf_get_hash(listener_configs[i], "config");
328
329	noit_listener(address, port, SOCK_STREAM, backlog,
330	sslconfig, config, f, NULL);
331	}
332	}
333	void
334	noit_listener_init(const char *toplevel) {
335	eventer_name_callback("noit_listener_acceptor", noit_listener_acceptor);
336	eventer_name_callback("noit_listener_accept_ssl", noit_listener_accept_ssl);
337	noit_listener_reconfig(toplevel);
338	}
339

Note: See TracBrowser for help on using the browser.

root/src/noit_listener.c

Download in other formats: