|
Packit |
b5b901 |
/* Copyright StrongLoop, Inc. All rights reserved.
|
|
Packit |
b5b901 |
*
|
|
Packit |
b5b901 |
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
Packit |
b5b901 |
* of this software and associated documentation files (the "Software"), to
|
|
Packit |
b5b901 |
* deal in the Software without restriction, including without limitation the
|
|
Packit |
b5b901 |
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
|
Packit |
b5b901 |
* sell copies of the Software, and to permit persons to whom the Software is
|
|
Packit |
b5b901 |
* furnished to do so, subject to the following conditions:
|
|
Packit |
b5b901 |
*
|
|
Packit |
b5b901 |
* The above copyright notice and this permission notice shall be included in
|
|
Packit |
b5b901 |
* all copies or substantial portions of the Software.
|
|
Packit |
b5b901 |
*
|
|
Packit |
b5b901 |
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
Packit |
b5b901 |
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
Packit |
b5b901 |
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
Packit |
b5b901 |
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
Packit |
b5b901 |
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
|
Packit |
b5b901 |
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
|
Packit |
b5b901 |
* IN THE SOFTWARE.
|
|
Packit |
b5b901 |
*/
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
#include "defs.h"
|
|
Packit |
b5b901 |
#include <netinet/in.h> /* INET6_ADDRSTRLEN */
|
|
Packit |
b5b901 |
#include <stdlib.h>
|
|
Packit |
b5b901 |
#include <string.h>
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
#ifndef INET6_ADDRSTRLEN
|
|
Packit |
b5b901 |
# define INET6_ADDRSTRLEN 63
|
|
Packit |
b5b901 |
#endif
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
typedef struct {
|
|
Packit |
b5b901 |
uv_getaddrinfo_t getaddrinfo_req;
|
|
Packit |
b5b901 |
server_config config;
|
|
Packit |
b5b901 |
server_ctx *servers;
|
|
Packit |
b5b901 |
uv_loop_t *loop;
|
|
Packit |
b5b901 |
} server_state;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
static void do_bind(uv_getaddrinfo_t *req, int status, struct addrinfo *ai);
|
|
Packit |
b5b901 |
static void on_connection(uv_stream_t *server, int status);
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
int server_run(const server_config *cf, uv_loop_t *loop) {
|
|
Packit |
b5b901 |
struct addrinfo hints;
|
|
Packit |
b5b901 |
server_state state;
|
|
Packit |
b5b901 |
int err;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
memset(&state, 0, sizeof(state));
|
|
Packit |
b5b901 |
state.servers = NULL;
|
|
Packit |
b5b901 |
state.config = *cf;
|
|
Packit |
b5b901 |
state.loop = loop;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
/* Resolve the address of the interface that we should bind to.
|
|
Packit |
b5b901 |
* The getaddrinfo callback starts the server and everything else.
|
|
Packit |
b5b901 |
*/
|
|
Packit |
b5b901 |
memset(&hints, 0, sizeof(hints));
|
|
Packit |
b5b901 |
hints.ai_family = AF_UNSPEC;
|
|
Packit |
b5b901 |
hints.ai_socktype = SOCK_STREAM;
|
|
Packit |
b5b901 |
hints.ai_protocol = IPPROTO_TCP;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
err = uv_getaddrinfo(loop,
|
|
Packit |
b5b901 |
&state.getaddrinfo_req,
|
|
Packit |
b5b901 |
do_bind,
|
|
Packit |
b5b901 |
cf->bind_host,
|
|
Packit |
b5b901 |
NULL,
|
|
Packit |
b5b901 |
&hints);
|
|
Packit |
b5b901 |
if (err != 0) {
|
|
Packit |
b5b901 |
pr_err("getaddrinfo: %s", uv_strerror(err));
|
|
Packit |
b5b901 |
return err;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
/* Start the event loop. Control continues in do_bind(). */
|
|
Packit |
b5b901 |
if (uv_run(loop, UV_RUN_DEFAULT)) {
|
|
Packit |
b5b901 |
abort();
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
/* Please Valgrind. */
|
|
Packit |
b5b901 |
uv_loop_delete(loop);
|
|
Packit |
b5b901 |
free(state.servers);
|
|
Packit |
b5b901 |
return 0;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
/* Bind a server to each address that getaddrinfo() reported. */
|
|
Packit |
b5b901 |
static void do_bind(uv_getaddrinfo_t *req, int status, struct addrinfo *addrs) {
|
|
Packit |
b5b901 |
char addrbuf[INET6_ADDRSTRLEN + 1];
|
|
Packit |
b5b901 |
unsigned int ipv4_naddrs;
|
|
Packit |
b5b901 |
unsigned int ipv6_naddrs;
|
|
Packit |
b5b901 |
server_state *state;
|
|
Packit |
b5b901 |
server_config *cf;
|
|
Packit |
b5b901 |
struct addrinfo *ai;
|
|
Packit |
b5b901 |
const void *addrv;
|
|
Packit |
b5b901 |
const char *what;
|
|
Packit |
b5b901 |
uv_loop_t *loop;
|
|
Packit |
b5b901 |
server_ctx *sx;
|
|
Packit |
b5b901 |
unsigned int n;
|
|
Packit |
b5b901 |
int err;
|
|
Packit |
b5b901 |
union {
|
|
Packit |
b5b901 |
struct sockaddr addr;
|
|
Packit |
b5b901 |
struct sockaddr_in addr4;
|
|
Packit |
b5b901 |
struct sockaddr_in6 addr6;
|
|
Packit |
b5b901 |
} s;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
state = CONTAINER_OF(req, server_state, getaddrinfo_req);
|
|
Packit |
b5b901 |
loop = state->loop;
|
|
Packit |
b5b901 |
cf = &state->config;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
if (status < 0) {
|
|
Packit |
b5b901 |
pr_err("getaddrinfo(\"%s\"): %s", cf->bind_host, uv_strerror(status));
|
|
Packit |
b5b901 |
uv_freeaddrinfo(addrs);
|
|
Packit |
b5b901 |
return;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
ipv4_naddrs = 0;
|
|
Packit |
b5b901 |
ipv6_naddrs = 0;
|
|
Packit |
b5b901 |
for (ai = addrs; ai != NULL; ai = ai->ai_next) {
|
|
Packit |
b5b901 |
if (ai->ai_family == AF_INET) {
|
|
Packit |
b5b901 |
ipv4_naddrs += 1;
|
|
Packit |
b5b901 |
} else if (ai->ai_family == AF_INET6) {
|
|
Packit |
b5b901 |
ipv6_naddrs += 1;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
if (ipv4_naddrs == 0 && ipv6_naddrs == 0) {
|
|
Packit |
b5b901 |
pr_err("%s has no IPv4/6 addresses", cf->bind_host);
|
|
Packit |
b5b901 |
uv_freeaddrinfo(addrs);
|
|
Packit |
b5b901 |
return;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
state->servers =
|
|
Packit |
b5b901 |
xmalloc((ipv4_naddrs + ipv6_naddrs) * sizeof(state->servers[0]));
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
n = 0;
|
|
Packit |
b5b901 |
for (ai = addrs; ai != NULL; ai = ai->ai_next) {
|
|
Packit |
b5b901 |
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) {
|
|
Packit |
b5b901 |
continue;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
if (ai->ai_family == AF_INET) {
|
|
Packit |
b5b901 |
s.addr4 = *(const struct sockaddr_in *) ai->ai_addr;
|
|
Packit |
b5b901 |
s.addr4.sin_port = htons(cf->bind_port);
|
|
Packit |
b5b901 |
addrv = &s.addr4.sin_addr;
|
|
Packit |
b5b901 |
} else if (ai->ai_family == AF_INET6) {
|
|
Packit |
b5b901 |
s.addr6 = *(const struct sockaddr_in6 *) ai->ai_addr;
|
|
Packit |
b5b901 |
s.addr6.sin6_port = htons(cf->bind_port);
|
|
Packit |
b5b901 |
addrv = &s.addr6.sin6_addr;
|
|
Packit |
b5b901 |
} else {
|
|
Packit |
b5b901 |
UNREACHABLE();
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
if (uv_inet_ntop(s.addr.sa_family, addrv, addrbuf, sizeof(addrbuf))) {
|
|
Packit |
b5b901 |
UNREACHABLE();
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
sx = state->servers + n;
|
|
Packit |
b5b901 |
sx->loop = loop;
|
|
Packit |
b5b901 |
sx->idle_timeout = state->config.idle_timeout;
|
|
Packit |
b5b901 |
CHECK(0 == uv_tcp_init(loop, &sx->tcp_handle));
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
what = "uv_tcp_bind";
|
|
Packit |
b5b901 |
err = uv_tcp_bind(&sx->tcp_handle, &s.addr, 0);
|
|
Packit |
b5b901 |
if (err == 0) {
|
|
Packit |
b5b901 |
what = "uv_listen";
|
|
Packit |
b5b901 |
err = uv_listen((uv_stream_t *) &sx->tcp_handle, 128, on_connection);
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
if (err != 0) {
|
|
Packit |
b5b901 |
pr_err("%s(\"%s:%hu\"): %s",
|
|
Packit |
b5b901 |
what,
|
|
Packit |
b5b901 |
addrbuf,
|
|
Packit |
b5b901 |
cf->bind_port,
|
|
Packit |
b5b901 |
uv_strerror(err));
|
|
Packit |
b5b901 |
while (n > 0) {
|
|
Packit |
b5b901 |
n -= 1;
|
|
Packit |
b5b901 |
uv_close((uv_handle_t *) (state->servers + n), NULL);
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
break;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
pr_info("listening on %s:%hu", addrbuf, cf->bind_port);
|
|
Packit |
b5b901 |
n += 1;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
uv_freeaddrinfo(addrs);
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
static void on_connection(uv_stream_t *server, int status) {
|
|
Packit |
b5b901 |
server_ctx *sx;
|
|
Packit |
b5b901 |
client_ctx *cx;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
CHECK(status == 0);
|
|
Packit |
b5b901 |
sx = CONTAINER_OF(server, server_ctx, tcp_handle);
|
|
Packit |
b5b901 |
cx = xmalloc(sizeof(*cx));
|
|
Packit |
b5b901 |
CHECK(0 == uv_tcp_init(sx->loop, &cx->incoming.handle.tcp));
|
|
Packit |
b5b901 |
CHECK(0 == uv_accept(server, &cx->incoming.handle.stream));
|
|
Packit |
b5b901 |
client_finish_init(sx, cx);
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
int can_auth_none(const server_ctx *sx, const client_ctx *cx) {
|
|
Packit |
b5b901 |
return 1;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
int can_auth_passwd(const server_ctx *sx, const client_ctx *cx) {
|
|
Packit |
b5b901 |
return 0;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
int can_access(const server_ctx *sx,
|
|
Packit |
b5b901 |
const client_ctx *cx,
|
|
Packit |
b5b901 |
const struct sockaddr *addr) {
|
|
Packit |
b5b901 |
const struct sockaddr_in6 *addr6;
|
|
Packit |
b5b901 |
const struct sockaddr_in *addr4;
|
|
Packit |
b5b901 |
const uint32_t *p;
|
|
Packit |
b5b901 |
uint32_t a;
|
|
Packit |
b5b901 |
uint32_t b;
|
|
Packit |
b5b901 |
uint32_t c;
|
|
Packit |
b5b901 |
uint32_t d;
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
/* TODO(bnoordhuis) Implement proper access checks. For now, just reject
|
|
Packit |
b5b901 |
* traffic to localhost.
|
|
Packit |
b5b901 |
*/
|
|
Packit |
b5b901 |
if (addr->sa_family == AF_INET) {
|
|
Packit |
b5b901 |
addr4 = (const struct sockaddr_in *) addr;
|
|
Packit |
b5b901 |
d = ntohl(addr4->sin_addr.s_addr);
|
|
Packit |
b5b901 |
return (d >> 24) != 0x7F;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
if (addr->sa_family == AF_INET6) {
|
|
Packit |
b5b901 |
addr6 = (const struct sockaddr_in6 *) addr;
|
|
Packit |
b5b901 |
p = (const uint32_t *) &addr6->sin6_addr.s6_addr;
|
|
Packit |
b5b901 |
a = ntohl(p[0]);
|
|
Packit |
b5b901 |
b = ntohl(p[1]);
|
|
Packit |
b5b901 |
c = ntohl(p[2]);
|
|
Packit |
b5b901 |
d = ntohl(p[3]);
|
|
Packit |
b5b901 |
if (a == 0 && b == 0 && c == 0 && d == 1) {
|
|
Packit |
b5b901 |
return 0; /* "::1" style address. */
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
if (a == 0 && b == 0 && c == 0xFFFF && (d >> 24) == 0x7F) {
|
|
Packit |
b5b901 |
return 0; /* "::ffff:127.x.x.x" style address. */
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
return 1;
|
|
Packit |
b5b901 |
}
|
|
Packit |
b5b901 |
|
|
Packit |
b5b901 |
return 0;
|
|
Packit |
b5b901 |
}
|