int main (int argc, char *argv[]) { gint ret = 1; CockpitWebServer *server = NULL; GOptionContext *context; CockpitHandlerData data; GTlsCertificate *certificate = NULL; GError *local_error = NULL; GError **error = &local_error; gchar **roots = NULL; gchar *cert_path = NULL; GMainLoop *loop = NULL; gchar *login_html = NULL; gchar *login_po_html = NULL; CockpitPipe *pipe = NULL; int outfd = -1; signal (SIGPIPE, SIG_IGN); g_setenv ("GSETTINGS_BACKEND", "memory", TRUE); g_setenv ("GIO_USE_PROXY_RESOLVER", "dummy", TRUE); g_setenv ("GIO_USE_VFS", "local", TRUE); /* Any interaction with a krb5 ccache should be explicit */ g_setenv ("KRB5CCNAME", "FILE:/dev/null", TRUE); g_setenv ("G_TLS_GNUTLS_PRIORITY", "SECURE128:%LATEST_RECORD_VERSION:-VERS-SSL3.0:-VERS-TLS1.0", FALSE); memset (&data, 0, sizeof (data)); context = g_option_context_new (NULL); g_option_context_add_main_entries (context, cmd_entries, NULL); if (!g_option_context_parse (context, &argc, &argv, error)) { goto out; } if (opt_version) { print_version (); ret = 0; goto out; } /* * This process talks on stdin/stdout. However lots of stuff wants to write * to stdout, such as g_debug, and uses fd 1 to do that. Reroute fd 1 so that * it goes to stderr, and use another fd for stdout. */ outfd = dup (1); if (outfd < 0 || dup2 (2, 1) < 1) { g_printerr ("ws couldn't redirect stdout to stderr"); if (outfd > -1) close (outfd); goto out; } cockpit_set_journal_logging (NULL, !isatty (2)); if (opt_local_session || opt_no_tls) { /* no certificate */ } else { cert_path = cockpit_certificate_locate (FALSE, error); if (cert_path != NULL) certificate = cockpit_certificate_load (cert_path, error); if (certificate == NULL) goto out; g_info ("Using certificate: %s", cert_path); } loop = g_main_loop_new (NULL, FALSE); data.os_release = cockpit_system_load_os_release (); data.auth = cockpit_auth_new (opt_local_ssh); roots = setup_static_roots (data.os_release); data.branding_roots = (const gchar **)roots; login_html = g_strdup (DATADIR "/cockpit/static/login.html"); data.login_html = (const gchar *)login_html; login_po_html = g_strdup (DATADIR "/cockpit/static/login.po.html"); data.login_po_html = (const gchar *)login_po_html; server = cockpit_web_server_new (opt_address, opt_port, certificate, NULL, error); if (server == NULL) { g_prefix_error (error, "Error starting web server: "); goto out; } cockpit_web_server_set_redirect_tls (server, !cockpit_conf_bool ("WebService", "AllowUnencrypted", FALSE)); if (cockpit_conf_string ("WebService", "UrlRoot")) { g_object_set (server, "url-root", cockpit_conf_string ("WebService", "UrlRoot"), NULL); } if (cockpit_web_server_get_socket_activated (server)) g_signal_connect_swapped (data.auth, "idling", G_CALLBACK (g_main_loop_quit), loop); /* Ignores stuff it shouldn't handle */ g_signal_connect (server, "handle-stream", G_CALLBACK (cockpit_handler_socket), &data); /* External channels, ignore stuff they shouldn't handle */ g_signal_connect (server, "handle-stream", G_CALLBACK (cockpit_handler_external), &data); /* Don't redirect to TLS for /ping */ g_object_set (server, "ssl-exception-prefix", "/ping", NULL); g_signal_connect (server, "handle-resource::/ping", G_CALLBACK (cockpit_handler_ping), &data); /* Files that cannot be cache-forever, because of well known names */ g_signal_connect (server, "handle-resource::/favicon.ico", G_CALLBACK (cockpit_handler_root), &data); g_signal_connect (server, "handle-resource::/apple-touch-icon.png", G_CALLBACK (cockpit_handler_root), &data); /* The fallback handler for everything else */ g_signal_connect (server, "handle-resource", G_CALLBACK (cockpit_handler_default), &data); if (opt_local_session) { struct passwd *pwd; if (g_str_equal (opt_local_session, "-")) { pipe = cockpit_pipe_new (opt_local_session, 0, outfd); outfd = -1; } else { const gchar *args[] = { opt_local_session, NULL }; pipe = cockpit_pipe_spawn (args, NULL, NULL, COCKPIT_PIPE_FLAGS_NONE); } /* Spawn a local session as a bridge */ pwd = getpwuid (geteuid ()); if (!pwd) { g_printerr ("Failed to resolve current user id %u\n", geteuid ()); goto out; } cockpit_auth_local_async (data.auth, pwd->pw_name, pipe, on_local_ready, g_object_ref (server)); g_object_unref (pipe); } else { /* When no local bridge, start serving immediately */ cockpit_web_server_start (server); } /* Debugging issues during testing */ #if WITH_DEBUG signal (SIGABRT, cockpit_test_signal_backtrace); signal (SIGSEGV, cockpit_test_signal_backtrace); #endif g_main_loop_run (loop); ret = 0; out: if (outfd >= 0) close (outfd); if (loop) g_main_loop_unref (loop); if (local_error) { g_printerr ("cockpit-ws: %s\n", local_error->message); g_error_free (local_error); } g_clear_object (&server); g_clear_object (&data.auth); if (data.os_release) g_hash_table_unref (data.os_release); g_clear_object (&certificate); g_free (cert_path); g_strfreev (roots); g_free (login_po_html); g_free (login_html); g_free (opt_address); g_free (opt_local_session); cockpit_conf_cleanup (); return ret; }
int main (int argc, char *argv[]) { gint ret = 1; CockpitWebServer *server = NULL; GOptionContext *context; CockpitHandlerData data; GTlsCertificate *certificate = NULL; GError *local_error = NULL; GError **error = &local_error; gchar **roots = NULL; gchar *cert_path = NULL; GMainLoop *loop; signal (SIGPIPE, SIG_IGN); g_setenv ("GSETTINGS_BACKEND", "memory", TRUE); g_setenv ("GIO_USE_PROXY_RESOLVER", "dummy", TRUE); g_setenv ("GIO_USE_VFS", "local", TRUE); /* Any interaction with a krb5 ccache should be explicit */ g_setenv ("KRB5CCNAME", "FILE:/dev/null", TRUE); g_type_init (); ssh_init (); memset (&data, 0, sizeof (data)); context = g_option_context_new (NULL); g_option_context_add_main_entries (context, cmd_entries, NULL); if (!g_option_context_parse (context, &argc, &argv, error)) { goto out; } cockpit_set_journal_logging (!isatty (2)); if (opt_no_tls) { /* no certificate */ } else { cert_path = cockpit_certificate_locate (FALSE, error); if (cert_path != NULL) certificate = cockpit_certificate_load (cert_path, error); if (certificate == NULL) goto out; g_info ("Using certificate: %s", cert_path); } if (opt_uninstalled) { roots = cockpit_web_server_resolve_roots (SRCDIR "/src/static", SRCDIR "/lib", NULL); cockpit_ws_bridge_program = BUILDDIR "/cockpit-bridge"; cockpit_ws_session_program = BUILDDIR "/cockpit-session"; } else { roots = cockpit_web_server_resolve_roots (DATADIR "/cockpit/static", NULL); } data.auth = cockpit_auth_new (); data.static_roots = (const gchar **)roots; server = cockpit_web_server_new (opt_port, certificate, NULL, NULL, error); if (server == NULL) { g_prefix_error (error, "Error starting web server: "); goto out; } /* Ignores stuff it shouldn't handle */ g_signal_connect (server, "handle-stream", G_CALLBACK (cockpit_handler_socket), &data); g_signal_connect (server, "handle-resource::/login", G_CALLBACK (cockpit_handler_login), &data); /* Don't redirect to TLS for /ping */ g_object_set (server, "ssl-exception-prefix", "/ping", NULL); g_signal_connect (server, "handle-resource::/ping", G_CALLBACK (cockpit_handler_ping), &data); g_signal_connect (server, "handle-resource::/", G_CALLBACK (cockpit_handler_index), &data); g_signal_connect (server, "handle-resource::/static/", G_CALLBACK (cockpit_handler_static), &data); g_signal_connect (server, "handle-resource::/cockpit/", G_CALLBACK (cockpit_handler_resource), &data); /* Files that cannot be cache-forever, because of well known names */ g_signal_connect (server, "handle-resource::/favicon.ico", G_CALLBACK (cockpit_handler_root), &data); g_signal_connect (server, "handle-resource::/apple-touch-icon.png", G_CALLBACK (cockpit_handler_root), &data); g_info ("HTTP Server listening on port %d", opt_port); loop = g_main_loop_new (NULL, FALSE); g_main_loop_run (loop); g_main_loop_unref (loop); ret = 0; out: if (local_error) { g_printerr ("cockpit-ws: %s\n", local_error->message); g_error_free (local_error); } g_clear_object (&server); g_clear_object (&data.auth); g_clear_object (&certificate); g_free (cert_path); g_strfreev (roots); return ret; }
int main (int argc, char *argv[]) { gint ret = 1; CockpitWebServer *server = NULL; GOptionContext *context; CockpitHandlerData data; GError *local_error = NULL; GError **error = &local_error; GMainLoop *loop; g_type_init (); memset (&data, 0, sizeof (data)); context = g_option_context_new (NULL); g_option_context_add_main_entries (context, cmd_entries, NULL); if (!g_option_context_parse (context, &argc, &argv, error)) { goto out; } if (!opt_debug) cockpit_set_journal_logging (); if (opt_http_root == NULL) opt_http_root = g_strdup (PACKAGE_DATA_DIR "/cockpit/content"); if (opt_no_tls) { /* no certificate */ } else { if (!load_cert (&data.certificate, error)) goto out; } if (!opt_disable_auth) data.auth = cockpit_auth_new (); data.system_bus = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, error); if (data.system_bus == NULL) { g_prefix_error (error, "Error getting system bus: "); goto out; } server = cockpit_web_server_new (opt_port, data.certificate, opt_http_root, NULL, error); if (server == NULL) { g_prefix_error (error, "Error starting web server: "); goto out; } /* Ignores stuff it shouldn't handle */ g_signal_connect (server, "handle-resource", G_CALLBACK (cockpit_handler_socket), &data); g_signal_connect (server, "handle-resource::/login", G_CALLBACK (cockpit_handler_login), &data); g_signal_connect (server, "handle-resource::/logout", G_CALLBACK (cockpit_handler_logout), &data); g_signal_connect (server, "handle-resource::/cockpitdyn.js", G_CALLBACK (cockpit_handler_cockpitdyn), &data); g_info ("HTTP Server listening on port %d", opt_port); loop = g_main_loop_new (NULL, FALSE); g_main_loop_run (loop); g_main_loop_unref (loop); ret = 0; out: g_free (opt_http_root); if (local_error) { g_printerr ("%s (%s, %d)\n", local_error->message, g_quark_to_string (local_error->domain), local_error->code); g_error_free (local_error); } g_clear_object (&server); g_clear_object (&data.auth); g_clear_object (&data.system_bus); g_clear_object (&data.certificate); return ret; }
int main (int argc, char *argv[]) { gint ret = 1; CockpitWebServer *server = NULL; GOptionContext *context; CockpitHandlerData data; GTlsCertificate *certificate = NULL; GError *local_error = NULL; GError **error = &local_error; gchar **roots = NULL; gchar *cert_path = NULL; GMainLoop *loop = NULL; signal (SIGPIPE, SIG_IGN); g_setenv ("GSETTINGS_BACKEND", "memory", TRUE); g_setenv ("GIO_USE_PROXY_RESOLVER", "dummy", TRUE); g_setenv ("GIO_USE_VFS", "local", TRUE); /* Any interaction with a krb5 ccache should be explicit */ g_setenv ("KRB5CCNAME", "FILE:/dev/null", TRUE); g_setenv ("G_TLS_GNUTLS_PRIORITY", "SECURE128:%LATEST_RECORD_VERSION:-VERS-SSL3.0:-VERS-TLS1.0", FALSE); g_type_init (); ssh_threads_set_callbacks (ssh_threads_get_pthread()); ssh_init (); memset (&data, 0, sizeof (data)); context = g_option_context_new (NULL); g_option_context_add_main_entries (context, cmd_entries, NULL); if (!g_option_context_parse (context, &argc, &argv, error)) { goto out; } if (opt_version) { print_version (); ret = 0; goto out; } cockpit_set_journal_logging (NULL, !isatty (2)); if (opt_no_tls) { /* no certificate */ } else { cert_path = cockpit_certificate_locate (FALSE, error); if (cert_path != NULL) certificate = cockpit_certificate_load (cert_path, error); if (certificate == NULL) goto out; g_info ("Using certificate: %s", cert_path); } loop = g_main_loop_new (NULL, FALSE); data.os_release = cockpit_system_load_os_release (); data.auth = cockpit_auth_new (opt_local_ssh); roots = calculate_static_roots (data.os_release); data.static_roots = (const gchar **)roots; server = cockpit_web_server_new (opt_port, certificate, NULL, NULL, error); if (server == NULL) { g_prefix_error (error, "Error starting web server: "); goto out; } if (cockpit_web_server_get_socket_activated (server)) g_signal_connect_swapped (data.auth, "idling", G_CALLBACK (g_main_loop_quit), loop); /* Ignores stuff it shouldn't handle */ g_signal_connect (server, "handle-stream", G_CALLBACK (cockpit_handler_socket), &data); g_signal_connect (server, "handle-resource::/login", G_CALLBACK (cockpit_handler_login), &data); /* Don't redirect to TLS for /ping */ g_object_set (server, "ssl-exception-prefix", "/ping", NULL); g_signal_connect (server, "handle-resource::/ping", G_CALLBACK (cockpit_handler_ping), &data); g_signal_connect (server, "handle-resource::/", G_CALLBACK (cockpit_handler_resource), &data); g_signal_connect (server, "handle-resource::/cockpit/", G_CALLBACK (cockpit_handler_resource), &data); /* Files that cannot be cache-forever, because of well known names */ g_signal_connect (server, "handle-resource::/favicon.ico", G_CALLBACK (cockpit_handler_root), &data); g_signal_connect (server, "handle-resource::/apple-touch-icon.png", G_CALLBACK (cockpit_handler_root), &data); g_main_loop_run (loop); ret = 0; out: if (loop) g_main_loop_unref (loop); if (local_error) { g_printerr ("cockpit-ws: %s\n", local_error->message); g_error_free (local_error); } g_clear_object (&server); g_clear_object (&data.auth); if (data.os_release) g_hash_table_unref (data.os_release); g_clear_object (&certificate); g_free (cert_path); g_strfreev (roots); cockpit_conf_cleanup (); return ret; }