void
rspamd_controller_send_ucl (struct rspamd_http_connection_entry *entry,
ucl_object_t *obj)
{
struct rspamd_http_message *msg;
rspamd_fstring_t *reply;
msg = rspamd_http_new_message (HTTP_RESPONSE);
msg->date = time (NULL);
msg->code = 200;
msg->status = rspamd_fstring_new_init ("OK", 2);
reply = rspamd_fstring_sized_new (BUFSIZ);
rspamd_ucl_emit_fstring (obj, UCL_EMIT_JSON_COMPACT, &reply);
rspamd_http_message_set_body_from_fstring_steal (msg, reply);
rspamd_http_connection_reset (entry->conn);
rspamd_http_router_insert_headers (entry->rt, msg);
rspamd_http_connection_write_message (entry->conn,
msg,
NULL,
"application/json",
entry,
entry->conn->fd,
entry->rt->ptv,
entry->rt->ev_base);
entry->is_reply = TRUE;
}
void
rspamd_controller_send_string (struct rspamd_http_connection_entry *entry,
const gchar *str)
{
struct rspamd_http_message *msg;
rspamd_fstring_t *reply;
msg = rspamd_http_new_message (HTTP_RESPONSE);
msg->date = time (NULL);
msg->code = 200;
msg->status = rspamd_fstring_new_init ("OK", 2);
reply = rspamd_fstring_new_init (str, strlen (str));
rspamd_http_message_set_body_from_fstring_steal (msg, reply);
rspamd_http_connection_reset (entry->conn);
rspamd_http_router_insert_headers (entry->rt, msg);
rspamd_http_connection_write_message (entry->conn,
msg,
NULL,
"application/json",
entry,
entry->conn->fd,
entry->rt->ptv,
entry->rt->ev_base);
entry->is_reply = TRUE;
}
void
rspamd_controller_send_error (struct rspamd_http_connection_entry *entry,
gint code, const gchar *error_msg, ...)
{
struct rspamd_http_message *msg;
va_list args;
rspamd_fstring_t *reply;
msg = rspamd_http_new_message (HTTP_RESPONSE);
va_start (args, error_msg);
msg->status = rspamd_fstring_new ();
rspamd_vprintf_fstring (&msg->status, error_msg, args);
va_end (args);
msg->date = time (NULL);
msg->code = code;
reply = rspamd_fstring_sized_new (msg->status->len + 16);
rspamd_printf_fstring (&reply, "{\"error\":\"%V\"}", msg->status);
rspamd_http_message_set_body_from_fstring_steal (msg, reply);
rspamd_http_connection_reset (entry->conn);
rspamd_http_router_insert_headers (entry->rt, msg);
rspamd_http_connection_write_message (entry->conn,
msg,
NULL,
"application/json",
entry,
entry->conn->fd,
entry->rt->ptv,
entry->rt->ev_base);
entry->is_reply = TRUE;
}
/**
* Callback for destroying HTTP callback data
*/
static void
free_http_cbdata (struct http_callback_data *cbd)
{
g_atomic_int_set (cbd->map->locked, 0);
if (cbd->remain_buf) {
g_string_free (cbd->remain_buf, TRUE);
}
rspamd_http_connection_reset (cbd->data->conn);
close (cbd->fd);
g_slice_free1 (sizeof (struct http_callback_data), cbd);
}
static int
rspamd_server_finish (struct rspamd_http_connection *conn,
struct rspamd_http_message *msg)
{
struct rspamd_http_server_session *session = conn->ud;
struct rspamd_http_message *reply;
gulong size;
const gchar *url_str;
guint url_len;
rspamd_fstring_t *body;
if (!session->reply) {
session->reply = TRUE;
reply = rspamd_http_new_message (HTTP_RESPONSE);
url_str = msg->url->str;
url_len = msg->url->len;
if (url_str[0] == '/') {
url_str ++;
url_len --;
}
if (rspamd_strtoul (url_str, url_len, &size)) {
session->req_size = size;
reply->code = 200;
reply->status = rspamd_fstring_new_init ("OK", 2);
body = rspamd_fstring_sized_new (size);
body->len = size;
memset (body->str, 0, size);
rspamd_http_message_set_body_from_fstring_steal (msg, body);
}
else {
reply->code = 404;
reply->status = rspamd_fstring_new_init ("Not found", 9);
}
rspamd_http_connection_reset (conn);
rspamd_http_connection_write_message (conn, reply, NULL,
"application/octet-stream", session, session->fd,
&io_tv, session->ev_base);
}
else {
/* Destroy session */
rspamd_http_connection_unref (conn);
close (session->fd);
g_slice_free1 (sizeof (*session), session);
}
return 0;
}
static gint
rspamd_client_finish_handler (struct rspamd_http_connection *conn,
struct rspamd_http_message *msg)
{
struct rspamd_client_request *req =
(struct rspamd_client_request *)conn->ud;
struct rspamd_client_connection *c;
struct ucl_parser *parser;
GError *err;
c = req->conn;
if (!c->req_sent) {
c->req_sent = TRUE;
rspamd_http_connection_reset (c->http_conn);
rspamd_http_connection_read_message (c->http_conn,
c->req,
c->fd,
&c->timeout,
c->ev_base);
return 0;
}
else {
if (rspamd_http_message_get_body (msg, NULL) == NULL || msg->code != 200) {
err = g_error_new (RCLIENT_ERROR, msg->code, "HTTP error: %d, %.*s",
msg->code,
(gint)msg->status->len, msg->status->str);
req->cb (c, msg, c->server_name->str, NULL, req->input, req->ud, err);
g_error_free (err);
return 0;
}
parser = ucl_parser_new (0);
if (!ucl_parser_add_chunk (parser, msg->body_buf.begin, msg->body_buf.len)) {
err = g_error_new (RCLIENT_ERROR, msg->code, "Cannot parse UCL: %s",
ucl_parser_get_error (parser));
ucl_parser_free (parser);
req->cb (c, msg, c->server_name->str, NULL, req->input, req->ud, err);
g_error_free (err);
return 0;
}
req->cb (c, msg, c->server_name->str, ucl_parser_get_object (
parser), req->input, req->ud, NULL);
ucl_parser_free (parser);
}
return 0;
}
static int
http_map_finish (struct rspamd_http_connection *conn,
struct rspamd_http_message *msg)
{
struct http_callback_data *cbd = conn->ud;
struct rspamd_map *map;
rspamd_mempool_t *pool;
char fpath[PATH_MAX];
guchar *aux_data, *in = NULL;
gsize inlen = 0;
struct stat st;
map = cbd->map;
pool = cbd->map->pool;
if (msg->code == 200) {
if (cbd->stage == map_load_file) {
if (msg->last_modified) {
cbd->data->last_checked = msg->last_modified;
}
else {
cbd->data->last_checked = msg->date;
}
/* Maybe we need to check signature ? */
if (map->is_signed) {
close (cbd->out_fd);
if (map->trusted_pubkey) {
/* No need to load key */
cbd->stage = map_load_signature;
cbd->pk = rspamd_pubkey_ref (map->trusted_pubkey);
rspamd_snprintf (fpath, sizeof (fpath), "%s.sig",
cbd->tmpfile);
}
else {
rspamd_snprintf (fpath, sizeof (fpath), "%s.pub",
cbd->tmpfile);
cbd->stage = map_load_pubkey;
}
cbd->out_fd = rspamd_file_xopen (fpath, O_RDWR|O_CREAT, 00644);
if (cbd->out_fd == -1) {
msg_err_pool ("cannot open pubkey file %s for writing: %s",
fpath, strerror (errno));
goto end;
}
rspamd_http_connection_reset (cbd->conn);
write_http_request (cbd);
goto end;
}
else {
/* Unsinged version - just open file */
in = rspamd_file_xmap (cbd->tmpfile, PROT_READ, &inlen);
if (in == NULL) {
msg_err_pool ("cannot read tempfile %s: %s", cbd->tmpfile,
strerror (errno));
goto end;
}
}
}
else if (cbd->stage == map_load_pubkey) {
/* We now can load pubkey */
(void)lseek (cbd->out_fd, 0, SEEK_SET);
if (fstat (cbd->out_fd, &st) == -1) {
msg_err_pool ("cannot stat pubkey file %s: %s",
fpath, strerror (errno));
goto end;
}
aux_data = mmap (NULL, st.st_size, PROT_READ, MAP_SHARED,
cbd->out_fd, 0);
close (cbd->out_fd);
cbd->out_fd = -1;
if (aux_data == MAP_FAILED) {
msg_err_pool ("cannot map pubkey file %s: %s",
fpath, strerror (errno));
goto end;
}
cbd->pk = rspamd_pubkey_from_base32 (aux_data, st.st_size,
RSPAMD_KEYPAIR_SIGN, RSPAMD_CRYPTOBOX_MODE_25519);
munmap (aux_data, st.st_size);
if (cbd->pk == NULL) {
msg_err_pool ("cannot load pubkey file %s: bad pubkey",
fpath);
goto end;
}
rspamd_snprintf (fpath, sizeof (fpath), "%s.sig", cbd->tmpfile);
cbd->out_fd = rspamd_file_xopen (fpath, O_RDWR|O_CREAT, 00644);
if (cbd->out_fd == -1) {
msg_err_pool ("cannot open signature file %s for writing: %s",
fpath, strerror (errno));
goto end;
}
cbd->stage = map_load_signature;
rspamd_http_connection_reset (cbd->conn);
write_http_request (cbd);
goto end;
}
else if (cbd->stage == map_load_signature) {
/* We can now check signature */
close (cbd->out_fd);
cbd->out_fd = -1;
in = rspamd_file_xmap (cbd->tmpfile, PROT_READ, &inlen);
if (in == NULL) {
msg_err_pool ("cannot read tempfile %s: %s", cbd->tmpfile,
strerror (errno));
goto end;
}
if (!rspamd_map_check_sig_pk (cbd->tmpfile, map, in, inlen, cbd->pk)) {
goto end;
}
}
g_assert (in != NULL);
map->read_callback (map->pool, in, inlen, &cbd->cbdata, TRUE);
map->fin_callback (map->pool, &cbd->cbdata);
*map->user_data = cbd->cbdata.cur_data;
msg_info_pool ("read map data from %s", cbd->data->host);
}
else if (msg->code == 304 && cbd->stage == map_load_file) {
msg_debug_pool ("data is not modified for server %s",
cbd->data->host);
if (msg->last_modified) {
cbd->data->last_checked = msg->last_modified;
}
else {
cbd->data->last_checked = msg->date;
}
}
else {
msg_info_pool ("cannot load map %s from %s: HTTP error %d",
map->uri, cbd->data->host, msg->code);
}
end:
REF_RELEASE (cbd);
return 0;
}
static int
http_map_finish (struct rspamd_http_connection *conn,
struct rspamd_http_message *msg)
{
struct http_callback_data *cbd = conn->ud;
struct rspamd_map *map;
struct rspamd_map_backend *bk;
guchar *aux_data, *in = NULL;
gsize inlen = 0, dlen = 0;
map = cbd->map;
bk = cbd->bk;
if (msg->code == 200) {
if (cbd->check) {
cbd->periodic->need_modify = TRUE;
/* Reset the whole chain */
cbd->periodic->cur_backend = 0;
rspamd_map_periodic_callback (-1, EV_TIMEOUT, cbd->periodic);
MAP_RELEASE (cbd, "http_callback_data");
return 0;
}
if (cbd->stage == map_load_file) {
if (msg->last_modified) {
cbd->data->last_checked = msg->last_modified;
}
else {
cbd->data->last_checked = msg->date;
}
/* Maybe we need to check signature ? */
if (bk->is_signed) {
if (bk->trusted_pubkey) {
/* No need to load key */
cbd->stage = map_load_signature;
cbd->pk = rspamd_pubkey_ref (bk->trusted_pubkey);
}
else {
cbd->stage = map_load_pubkey;
}
cbd->shmem_data = rspamd_http_message_shmem_ref (msg);
cbd->data_len = msg->body_buf.len;
rspamd_http_connection_reset (cbd->conn);
write_http_request (cbd);
MAP_RELEASE (cbd, "http_callback_data");
return 0;
}
else {
/* Unsinged version - just open file */
cbd->shmem_data = rspamd_http_message_shmem_ref (msg);
cbd->data_len = msg->body_buf.len;
goto read_data;
}
}
else if (cbd->stage == map_load_pubkey) {
/* We now can load pubkey */
cbd->shmem_pubkey = rspamd_http_message_shmem_ref (msg);
cbd->pubkey_len = msg->body_buf.len;
aux_data = rspamd_shmem_xmap (cbd->shmem_pubkey->shm_name,
PROT_READ, &inlen);
if (aux_data == NULL) {
msg_err_map ("cannot map pubkey file %s: %s",
cbd->shmem_pubkey->shm_name, strerror (errno));
goto err;
}
if (inlen < cbd->pubkey_len) {
msg_err_map ("cannot map pubkey file %s: %s",
cbd->shmem_pubkey->shm_name, strerror (errno));
munmap (aux_data, inlen);
goto err;
}
cbd->pk = rspamd_pubkey_from_base32 (aux_data, cbd->pubkey_len,
RSPAMD_KEYPAIR_SIGN, RSPAMD_CRYPTOBOX_MODE_25519);
munmap (aux_data, inlen);
if (cbd->pk == NULL) {
msg_err_map ("cannot load pubkey file %s: bad pubkey",
cbd->shmem_pubkey->shm_name);
goto err;
}
cbd->stage = map_load_signature;
rspamd_http_connection_reset (cbd->conn);
write_http_request (cbd);
MAP_RELEASE (cbd, "http_callback_data");
return 0;
}
else if (cbd->stage == map_load_signature) {
/* We can now check signature */
cbd->shmem_sig = rspamd_http_message_shmem_ref (msg);
cbd->sig_len = msg->body_buf.len;
aux_data = rspamd_shmem_xmap (cbd->shmem_sig->shm_name,
PROT_READ, &inlen);
if (aux_data == NULL) {
msg_err_map ("cannot map signature file %s: %s",
cbd->shmem_sig->shm_name, strerror (errno));
goto err;
}
if (inlen < cbd->sig_len) {
msg_err_map ("cannot map pubkey file %s: %s",
cbd->shmem_pubkey->shm_name, strerror (errno));
munmap (aux_data, inlen);
goto err;
}
in = rspamd_shmem_xmap (cbd->shmem_data->shm_name, PROT_READ, &dlen);
if (in == NULL) {
msg_err_map ("cannot read tempfile %s: %s",
cbd->shmem_data->shm_name,
strerror (errno));
munmap (aux_data, inlen);
goto err;
}
if (!rspamd_map_check_sig_pk_mem (aux_data, cbd->sig_len, map, in,
cbd->data_len, cbd->pk)) {
munmap (aux_data, inlen);
munmap (in, dlen);
goto err;
}
munmap (in, dlen);
}
read_data:
g_assert (cbd->shmem_data != NULL);
in = rspamd_shmem_xmap (cbd->shmem_data->shm_name, PROT_READ, &dlen);
if (in == NULL) {
msg_err_map ("cannot read tempfile %s: %s",
cbd->shmem_data->shm_name,
strerror (errno));
goto err;
}
map->read_callback (in, cbd->data_len, &cbd->periodic->cbdata, TRUE);
msg_info_map ("read map data from %s", cbd->data->host);
/*
* We know that a map is in the locked state
*/
if (g_atomic_int_compare_and_exchange (&map->cache->available, 0, 1)) {
/* Store cached data */
struct rspamd_http_map_cached_cbdata *cache_cbd;
struct timeval tv;
rspamd_strlcpy (map->cache->shmem_name, cbd->shmem_data->shm_name,
sizeof (map->cache->shmem_name));
map->cache->len = cbd->data_len;
map->cache->last_checked = cbd->data->last_checked;
cache_cbd = g_slice_alloc0 (sizeof (*cache_cbd));
cache_cbd->shm = cbd->shmem_data;
cache_cbd->map = map;
MAP_RETAIN (cache_cbd->shm, "shmem_data");
event_set (&cache_cbd->timeout, -1, EV_TIMEOUT, rspamd_map_cache_cb,
cache_cbd);
event_base_set (cbd->ev_base, &cache_cbd->timeout);
double_to_tv (map->poll_timeout, &tv);
event_add (&cache_cbd->timeout, &tv);
}
cbd->periodic->cur_backend ++;
munmap (in, dlen);
rspamd_map_periodic_callback (-1, EV_TIMEOUT, cbd->periodic);
}
else if (msg->code == 304 && (cbd->check && cbd->stage == map_load_file)) {
msg_debug_map ("data is not modified for server %s",
cbd->data->host);
if (msg->last_modified) {
cbd->data->last_checked = msg->last_modified;
}
else {
cbd->data->last_checked = msg->date;
}
cbd->periodic->cur_backend ++;
rspamd_map_periodic_callback (-1, EV_TIMEOUT, cbd->periodic);
}
else {
msg_info_map ("cannot load map %s from %s: HTTP error %d",
bk->uri, cbd->data->host, msg->code);
}
MAP_RELEASE (cbd, "http_callback_data");
return 0;
err:
cbd->periodic->errored = 1;
rspamd_map_periodic_callback (-1, EV_TIMEOUT, cbd->periodic);
MAP_RELEASE (cbd, "http_callback_data");
return 0;
}
static gint
rspamd_client_finish_handler (struct rspamd_http_connection *conn,
struct rspamd_http_message *msg)
{
struct rspamd_client_request *req =
(struct rspamd_client_request *)conn->ud;
struct rspamd_client_connection *c;
struct ucl_parser *parser;
GError *err;
const rspamd_ftok_t *tok;
c = req->conn;
if (!c->req_sent) {
c->req_sent = TRUE;
rspamd_http_connection_reset (c->http_conn);
rspamd_http_connection_read_message (c->http_conn,
c->req,
c->fd,
&c->timeout,
c->ev_base);
return 0;
}
else {
if (rspamd_http_message_get_body (msg, NULL) == NULL || msg->code != 200) {
err = g_error_new (RCLIENT_ERROR, msg->code, "HTTP error: %d, %.*s",
msg->code,
(gint)msg->status->len, msg->status->str);
req->cb (c, msg, c->server_name->str, NULL, req->input, req->ud, err);
g_error_free (err);
return 0;
}
tok = rspamd_http_message_find_header (msg, "compression");
if (tok) {
/* Need to uncompress */
rspamd_ftok_t t;
t.begin = "zstd";
t.len = 4;
if (rspamd_ftok_casecmp (tok, &t) == 0) {
ZSTD_DStream *zstream;
ZSTD_inBuffer zin;
ZSTD_outBuffer zout;
guchar *out;
gsize outlen, r;
zstream = ZSTD_createDStream ();
ZSTD_initDStream (zstream);
zin.pos = 0;
zin.src = msg->body_buf.begin;
zin.size = msg->body_buf.len;
if ((outlen = ZSTD_getDecompressedSize (zin.src, zin.size)) == 0) {
outlen = ZSTD_DStreamOutSize ();
}
out = g_malloc (outlen);
zout.dst = out;
zout.pos = 0;
zout.size = outlen;
while (zin.pos < zin.size) {
r = ZSTD_decompressStream (zstream, &zout, &zin);
if (ZSTD_isError (r)) {
err = g_error_new (RCLIENT_ERROR, 500,
"Decompression error: %s",
ZSTD_getErrorName (r));
req->cb (c, msg, c->server_name->str, NULL,
req->input, req->ud, err);
g_error_free (err);
ZSTD_freeDStream (zstream);
g_free (out);
return 0;
}
if (zout.pos == zout.size) {
/* We need to extend output buffer */
zout.size = zout.size * 1.5 + 1.0;
zout.dst = g_realloc (zout.dst, zout.size);
}
}
ZSTD_freeDStream (zstream);
parser = ucl_parser_new (0);
if (!ucl_parser_add_chunk (parser, zout.dst, zout.pos)) {
err = g_error_new (RCLIENT_ERROR, msg->code, "Cannot parse UCL: %s",
ucl_parser_get_error (parser));
ucl_parser_free (parser);
req->cb (c, msg, c->server_name->str, NULL, req->input, req->ud, err);
g_error_free (err);
g_free (zout.dst);
return 0;
}
g_free (zout.dst);
}
else {
err = g_error_new (RCLIENT_ERROR, 500,
"Invalid compression method");
req->cb (c, msg, c->server_name->str, NULL,
req->input, req->ud, err);
g_error_free (err);
return 0;
}
}
else {
parser = ucl_parser_new (0);
if (!ucl_parser_add_chunk (parser, msg->body_buf.begin, msg->body_buf.len)) {
err = g_error_new (RCLIENT_ERROR, msg->code, "Cannot parse UCL: %s",
ucl_parser_get_error (parser));
ucl_parser_free (parser);
req->cb (c, msg, c->server_name->str, NULL, req->input, req->ud, err);
g_error_free (err);
return 0;
}
}
req->cb (c, msg, c->server_name->str, ucl_parser_get_object (
parser), req->input, req->ud, NULL);
ucl_parser_free (parser);
}
return 0;
}
