diff options
-rw-r--r-- | Makefile | 16 | ||||
-rw-r--r-- | bouncer.c (renamed from linger.c) | 76 | ||||
-rw-r--r-- | bouncer.h | 32 | ||||
-rw-r--r-- | listen.c | 105 |
4 files changed, 156 insertions, 73 deletions
diff --git a/Makefile b/Makefile index 9ae0ed7..c974242 100644 --- a/Makefile +++ b/Makefile @@ -7,4 +7,18 @@ LDLIBS = -ltls -include config.mk -linger: +OBJS += bouncer.o +OBJS += listen.o + +all: tags linger + +linger: ${OBJS} + ${CC} ${LDFLAGS} ${OBJS} ${LDLIBS} -o $@ + +${OBJS}: bouncer.h + +tags: *.c *.h + ctags -w *.c *.h + +clean: + rm -f tags linger ${OBJS} diff --git a/linger.c b/bouncer.c index 3e34fab..3bf44cd 100644 --- a/linger.c +++ b/bouncer.c @@ -16,24 +16,15 @@ #include <err.h> #include <limits.h> -#include <netdb.h> -#include <netinet/in.h> #include <poll.h> #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <sys/socket.h> #include <sysexits.h> #include <tls.h> #include <unistd.h> -#ifndef DEFAULT_CERT_PATH -#define DEFAULT_CERT_PATH "/usr/local/etc/letsencrypt/live/%s/fullchain.pem" -#endif - -#ifndef DEFAULT_PRIV_PATH -#define DEFAULT_PRIV_PATH "/usr/local/etc/letsencrypt/live/%s/privkey.pem" -#endif +#include "bouncer.h" static char *censor(char *arg) { char *dup = strdup(arg); @@ -43,8 +34,6 @@ static char *censor(char *arg) { } int main(int argc, char *argv[]) { - int error; - const char *localHost = "localhost"; const char *localPort = "6697"; const char *localPass = NULL; @@ -95,73 +84,16 @@ int main(int argc, char *argv[]) { if (!user) user = nick; if (!real) real = nick; - struct tls_config *config = tls_config_new(); - if (!config) errx(EX_SOFTWARE, "tls_config_new"); - - error = tls_config_set_keypair_file(config, certPath, privPath); - if (error) { - errx( - EX_CONFIG, "tls_config_set_keypair_file: %s", - tls_config_error(config) - ); - } - - struct tls *server = tls_server(); - if (!server) errx(EX_SOFTWARE, "tls_server"); - - error = tls_configure(server, config); - if (error) errx(EX_SOFTWARE, "tls_configure: %s", tls_error(server)); - tls_config_free(config); - - struct addrinfo *head; - struct addrinfo hints = { - .ai_family = AF_UNSPEC, - .ai_socktype = SOCK_STREAM, - .ai_protocol = IPPROTO_TCP, - }; - error = getaddrinfo(localHost, localPort, &hints, &head); - if (error) { - errx(EX_NOHOST, "%s:%s: %s", localHost, localPort, gai_strerror(error)); - } - enum { PollCap = 64 }; struct pollfd fds[PollCap]; - size_t binds = 0; - for (struct addrinfo *ai = head; ai; ai = ai->ai_next) { - fds[binds].fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); - if (fds[binds].fd < 0) err(EX_OSERR, "socket"); - - error = bind(fds[binds].fd, ai->ai_addr, ai->ai_addrlen); - if (error) { - warn("%s:%s", localHost, localPort); - close(fds[binds].fd); - continue; - } - - if (++binds == PollCap) errx(EX_CONFIG, "too many sockets to bind"); - } - if (!binds) return EX_UNAVAILABLE; - freeaddrinfo(head); - - for (size_t i = 0; i < binds; ++i) { - fds[i].events = POLLIN; - error = listen(fds[i].fd, 1); - if (error) err(EX_IOERR, "listen"); - } + listenConfig(certPath, privPath); + size_t binds = listenBind(fds, PollCap, localHost, localPort); while (0 < poll(fds, binds, -1)) { for (size_t i = 0; i < binds; ++i) { if (!fds[i].revents) continue; - - int sock = accept(fds[i].fd, NULL, NULL); - if (sock < 0) err(EX_IOERR, "accept"); - - struct tls *client; - error = tls_accept_socket(server, &client, sock); - if (error) { - errx(EX_SOFTWARE, "tls_accept_socket: %s", tls_error(server)); - } + struct tls *client = listenAccept(&fds[binds], fds[i].fd); } } } diff --git a/bouncer.h b/bouncer.h new file mode 100644 index 0000000..b8e6362 --- /dev/null +++ b/bouncer.h @@ -0,0 +1,32 @@ +/* Copyright (C) 2019 C. McEnroe <june@causal.agency> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include <poll.h> +#include <stdlib.h> +#include <tls.h> + +#ifndef DEFAULT_CERT_PATH +#define DEFAULT_CERT_PATH "/usr/local/etc/letsencrypt/live/%s/fullchain.pem" +#endif + +#ifndef DEFAULT_PRIV_PATH +#define DEFAULT_PRIV_PATH "/usr/local/etc/letsencrypt/live/%s/privkey.pem" +#endif + +void listenConfig(const char *cert, const char *priv); +size_t +listenBind(struct pollfd fds[], size_t cap, const char *host, const char *port); +struct tls *listenAccept(struct pollfd *poll, int fd); diff --git a/listen.c b/listen.c new file mode 100644 index 0000000..4ecf5d3 --- /dev/null +++ b/listen.c @@ -0,0 +1,105 @@ +/* Copyright (C) 2019 C. McEnroe <june@causal.agency> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include <err.h> +#include <netdb.h> +#include <netinet/in.h> +#include <poll.h> +#include <stdlib.h> +#include <sys/socket.h> +#include <sysexits.h> +#include <tls.h> +#include <unistd.h> + +#include "bouncer.h" + +static struct tls *server; + +void listenConfig(const char *cert, const char *priv) { + struct tls_config *config = tls_config_new(); + if (!config) errx(EX_SOFTWARE, "tls_config_new"); + + int error = tls_config_set_keypair_file(config, cert, priv); + if (error) { + errx( + EX_CONFIG, "tls_config_set_keypair_file: %s", + tls_config_error(config) + ); + } + + server = tls_server(); + if (!server) errx(EX_SOFTWARE, "tls_server"); + + error = tls_configure(server, config); + if (error) errx(EX_SOFTWARE, "tls_configure: %s", tls_error(server)); + tls_config_free(config); +} + +size_t +listenBind( + struct pollfd fds[], size_t cap, + const char *host, const char *port +) { + struct addrinfo *head; + struct addrinfo hints = { + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + int error = getaddrinfo(host, port, &hints, &head); + if (error) errx(EX_NOHOST, "%s:%s: %s", host, port, gai_strerror(error)); + + size_t len = 0; + for (struct addrinfo *ai = head; ai && len < cap; ai = ai->ai_next) { + int sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); + if (sock < 0) err(EX_OSERR, "socket"); + + error = bind(sock, ai->ai_addr, ai->ai_addrlen); + if (error) { + warn("%s:%s", host, port); + close(sock); + continue; + } + + error = listen(sock, 1); + if (error) err(EX_IOERR, "listen"); + + fds[len].fd = sock; + fds[len].events = POLLIN; + len++; + } + freeaddrinfo(head); + + if (!len) errx(EX_UNAVAILABLE, "could not bind any sockets"); + return len; +} + +struct tls *listenAccept(struct pollfd *poll, int fd) { + int sock = accept(fd, NULL, NULL); + if (sock < 0) err(EX_IOERR, "accept"); + + int yes = 1; + int error = setsockopt(sock, SOL_SOCKET, SO_NOSIGPIPE, &yes, sizeof(yes)); + if (error) err(EX_OSERR, "setsockopt"); + + struct tls *client; + error = tls_accept_socket(server, &client, sock); + if (error) errx(EX_SOFTWARE, "tls_accept_socket: %s", tls_error(server)); + + poll->fd = sock; + poll->events = POLLIN; + return client; +} |