void test_base64(u_int8_t *src, u_int32_t slen, struct kore_buf *res) { char *in; size_t len; u_int8_t *out; kore_buf_appendf(res, "test '%s'\n", src); if (!kore_base64_encode(src, slen, &in)) { kore_buf_appendf(res, "encoding '%s' failed\n", src); } else { kore_buf_appendf(res, "encoded: '%s'\n", in); if (!kore_base64_decode(in, &out, &len)) { kore_buf_appendf(res, "decoding failed\n"); } else { kore_buf_appendf(res, "decoded: "); kore_buf_append(res, out, len); kore_buf_appendf(res, "\n"); kore_free(out); } kore_free(in); } kore_buf_appendf(res, "\n"); }
void kore_buf_free(struct kore_buf *buf) { kore_buf_cleanup(buf); if (buf->flags & KORE_BUF_OWNER_API) kore_free(buf); }
void kore_buf_replace_string(struct kore_buf *b, char *src, void *dst, size_t len) { char *key, *end, *tmp, *p; size_t blen, off, off2, nlen, klen; off = 0; klen = strlen(src); for (;;) { blen = b->offset; nlen = blen + len; p = (char *)b->data; key = kore_mem_find(p + off, b->offset - off, src, klen); if (key == NULL) break; end = key + klen; off = key - p; off2 = ((char *)(b->data + b->offset) - end); tmp = kore_malloc(nlen); memcpy(tmp, p, off); if (dst != NULL) memcpy((tmp + off), dst, len); memcpy((tmp + off + len), end, off2); kore_free(b->data); b->data = (u_int8_t *)tmp; b->offset = off + len + off2; b->length = nlen; off = off + len; } }
void kore_buf_cleanup(struct kore_buf *buf) { kore_free(buf->data); buf->data = NULL; buf->offset = 0; buf->length = 0; }
void connection_del(struct connection *c) { printf("%p: disconnecting\n", (void *)c); if (c->hdlr_extra != NULL) kore_pgsql_cleanup(c->hdlr_extra); kore_free(c->hdlr_extra); c->hdlr_extra = NULL; }
int serve_file_upload(struct http_request *req) { u_int8_t *d; struct kore_buf *b; struct http_file *f; size_t len; char *name, buf[BUFSIZ]; b = kore_buf_alloc(asset_len_upload_html); kore_buf_append(b, asset_upload_html, asset_len_upload_html); if (req->method == HTTP_METHOD_POST) { if (req->http_body_fd != -1) kore_log(LOG_NOTICE, "file is on disk"); http_populate_multipart_form(req); if (http_argument_get_string(req, "firstname", &name)) { kore_buf_replace_string(b, "$firstname$", name, strlen(name)); } else { kore_buf_replace_string(b, "$firstname$", NULL, 0); } if ((f = http_file_lookup(req, "file")) != NULL) { (void)snprintf(buf, sizeof(buf), "%s is %ld bytes", f->filename, f->length); kore_buf_replace_string(b, "$upload$", buf, strlen(buf)); } else { kore_buf_replace_string(b, "$upload$", NULL, 0); } } else { kore_buf_replace_string(b, "$upload$", NULL, 0); kore_buf_replace_string(b, "$firstname$", NULL, 0); } d = kore_buf_release(b, &len); http_response_header(req, "content-type", "text/html"); http_response(req, 200, d, len); kore_free(d); return (KORE_RESULT_OK); }
int serve_b64test(struct http_request *req) { int i; size_t len; struct kore_buf *res; u_int8_t *data; res = kore_buf_alloc(1024); for (i = 0; b64tests[i] != NULL; i++) test_base64((u_int8_t *)b64tests[i], strlen(b64tests[i]), res); data = kore_buf_release(res, &len); http_response_header(req, "content-type", "text/plain"); http_response(req, 200, data, len); kore_free(data); return (KORE_RESULT_OK); }
int serve_params_test(struct http_request *req) { struct kore_buf *b; u_int8_t *d; size_t len; int r, i; char *test, name[10]; if (req->method == HTTP_METHOD_GET) http_populate_get(req); else if (req->method == HTTP_METHOD_POST) http_populate_post(req); b = kore_buf_alloc(asset_len_params_html); kore_buf_append(b, asset_params_html, asset_len_params_html); /* * The GET parameters will be filtered out on POST. */ if (http_argument_get_string(req, "arg1", &test)) { kore_buf_replace_string(b, "$arg1$", test, strlen(test)); } else { kore_buf_replace_string(b, "$arg1$", NULL, 0); } if (http_argument_get_string(req, "arg2", &test)) { kore_buf_replace_string(b, "$arg2$", test, strlen(test)); } else { kore_buf_replace_string(b, "$arg2$", NULL, 0); } if (req->method == HTTP_METHOD_GET) { kore_buf_replace_string(b, "$test1$", NULL, 0); kore_buf_replace_string(b, "$test2$", NULL, 0); kore_buf_replace_string(b, "$test3$", NULL, 0); if (http_argument_get_uint16(req, "id", &r)) kore_log(LOG_NOTICE, "id: %d", r); else kore_log(LOG_NOTICE, "No id set"); http_response_header(req, "content-type", "text/html"); d = kore_buf_release(b, &len); http_response(req, 200, d, len); kore_free(d); return (KORE_RESULT_OK); } for (i = 1; i < 4; i++) { (void)snprintf(name, sizeof(name), "test%d", i); if (http_argument_get_string(req, name, &test)) { (void)snprintf(name, sizeof(name), "$test%d$", i); kore_buf_replace_string(b, name, test, strlen(test)); } else { (void)snprintf(name, sizeof(name), "$test%d$", i); kore_buf_replace_string(b, name, NULL, 0); } } http_response_header(req, "content-type", "text/html"); d = kore_buf_release(b, &len); http_response(req, 200, d, len); kore_free(d); return (KORE_RESULT_OK); }
int main(int argc, char *argv[]) { int ch, flags; flags = 0; #if !defined(KORE_SINGLE_BINARY) while ((ch = getopt(argc, argv, "c:dfhnrv")) != -1) { #else while ((ch = getopt(argc, argv, "dfhnrv")) != -1) { #endif flags++; switch (ch) { #if !defined(KORE_SINGLE_BINARY) case 'c': config_file = optarg; break; #endif #if defined(KORE_DEBUG) case 'd': kore_debug = 1; break; #endif case 'f': foreground = 1; break; case 'h': usage(); break; case 'n': skip_chroot = 1; break; case 'r': skip_runas = 1; break; case 'v': version(); break; default: usage(); } } argc -= optind; argv += optind; kore_mem_init(); #if !defined(KORE_SINGLE_BINARY) if (argc > 0) { if (flags) fatal("You cannot specify kore flags and a command"); return (kore_cli_main(argc, argv)); } #endif kore_pid = getpid(); nlisteners = 0; LIST_INIT(&listeners); kore_log_init(); #if !defined(KORE_NO_HTTP) kore_auth_init(); kore_validator_init(); #endif kore_domain_init(); kore_module_init(); kore_server_sslstart(); #if !defined(KORE_SINGLE_BINARY) if (config_file == NULL) usage(); #else kore_module_load(NULL, NULL); #endif kore_parse_config(); kore_platform_init(); #if !defined(KORE_NO_HTTP) kore_accesslog_init(); if (http_body_disk_offload > 0) { if (mkdir(http_body_disk_path, 0700) == -1 && errno != EEXIST) { printf("can't create http_body_disk_path '%s': %s\n", http_body_disk_path, errno_s); return (KORE_RESULT_ERROR); } } #endif sig_recv = 0; signal(SIGHUP, kore_signal); signal(SIGQUIT, kore_signal); signal(SIGTERM, kore_signal); if (foreground) signal(SIGINT, kore_signal); else signal(SIGINT, SIG_IGN); kore_server_start(); kore_log(LOG_NOTICE, "server shutting down"); kore_worker_shutdown(); if (!foreground) unlink(kore_pidfile); kore_listener_cleanup(); kore_log(LOG_NOTICE, "goodbye"); return (0); } #if !defined(KORE_NO_TLS) int kore_tls_sni_cb(SSL *ssl, int *ad, void *arg) { struct kore_domain *dom; const char *sname; sname = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); kore_debug("kore_tls_sni_cb(): received host %s", sname); if (sname != NULL && (dom = kore_domain_lookup(sname)) != NULL) { kore_debug("kore_ssl_sni_cb(): Using %s CTX", sname); SSL_set_SSL_CTX(ssl, dom->ssl_ctx); if (dom->cafile != NULL) { SSL_set_verify(ssl, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); } else { SSL_set_verify(ssl, SSL_VERIFY_NONE, NULL); } return (SSL_TLSEXT_ERR_OK); } return (SSL_TLSEXT_ERR_NOACK); } void kore_tls_info_callback(const SSL *ssl, int flags, int ret) { struct connection *c; if (flags & SSL_CB_HANDSHAKE_START) { if ((c = SSL_get_app_data(ssl)) == NULL) fatal("no SSL_get_app_data"); c->tls_reneg++; } } #endif int kore_server_bind(const char *ip, const char *port, const char *ccb) { struct listener *l; int on, r; struct addrinfo hints, *results; kore_debug("kore_server_bind(%s, %s)", ip, port); memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; hints.ai_flags = 0; r = getaddrinfo(ip, port, &hints, &results); if (r != 0) fatal("getaddrinfo(%s): %s", ip, gai_strerror(r)); l = kore_malloc(sizeof(struct listener)); l->type = KORE_TYPE_LISTENER; l->addrtype = results->ai_family; if (l->addrtype != AF_INET && l->addrtype != AF_INET6) fatal("getaddrinfo(): unknown address family %d", l->addrtype); if ((l->fd = socket(results->ai_family, SOCK_STREAM, 0)) == -1) { kore_free(l); freeaddrinfo(results); kore_debug("socket(): %s", errno_s); printf("failed to create socket: %s\n", errno_s); return (KORE_RESULT_ERROR); } if (!kore_connection_nonblock(l->fd, 1)) { kore_free(l); freeaddrinfo(results); printf("failed to make socket non blocking: %s\n", errno_s); return (KORE_RESULT_ERROR); } on = 1; if (setsockopt(l->fd, SOL_SOCKET, SO_REUSEADDR, (const char *)&on, sizeof(on)) == -1) { close(l->fd); kore_free(l); freeaddrinfo(results); kore_debug("setsockopt(): %s", errno_s); printf("failed to set SO_REUSEADDR: %s\n", errno_s); return (KORE_RESULT_ERROR); } if (bind(l->fd, results->ai_addr, results->ai_addrlen) == -1) { close(l->fd); kore_free(l); freeaddrinfo(results); kore_debug("bind(): %s", errno_s); printf("failed to bind to %s port %s: %s\n", ip, port, errno_s); return (KORE_RESULT_ERROR); } freeaddrinfo(results); if (listen(l->fd, kore_socket_backlog) == -1) { close(l->fd); kore_free(l); kore_debug("listen(): %s", errno_s); printf("failed to listen on socket: %s\n", errno_s); return (KORE_RESULT_ERROR); } if (ccb != NULL) { *(void **)&(l->connect) = kore_module_getsym(ccb); if (l->connect == NULL) { printf("no such callback: '%s'\n", ccb); close(l->fd); kore_free(l); return (KORE_RESULT_ERROR); } } else { l->connect = NULL; } nlisteners++; LIST_INSERT_HEAD(&listeners, l, list); if (foreground) { #if !defined(KORE_NO_TLS) kore_log(LOG_NOTICE, "running on https://%s:%s", ip, port); #else kore_log(LOG_NOTICE, "running on http://%s:%s", ip, port); #endif } return (KORE_RESULT_OK); } void kore_listener_cleanup(void) { struct listener *l; while (!LIST_EMPTY(&listeners)) { l = LIST_FIRST(&listeners); LIST_REMOVE(l, list); close(l->fd); kore_free(l); } } void kore_signal(int sig) { sig_recv = sig; } static void kore_server_sslstart(void) { #if !defined(KORE_NO_TLS) kore_debug("kore_server_sslstart()"); SSL_library_init(); SSL_load_error_strings(); #endif }