From 2b9244fd6b80e6bd8472fe805ce6cf734754ce31 Mon Sep 17 00:00:00 2001 From: Curtis McEnroe Date: Sat, 19 Oct 2019 21:31:11 -0400 Subject: Move listen code to listen.c --- Makefile | 16 +++++- bouncer.c | 99 +++++++++++++++++++++++++++++++++++++ bouncer.h | 32 ++++++++++++ linger.c | 167 -------------------------------------------------------------- listen.c | 105 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 251 insertions(+), 168 deletions(-) create mode 100644 bouncer.c create mode 100644 bouncer.h delete mode 100644 linger.c create mode 100644 listen.c diff --git a/Makefile b/Makefile index 9ae0ed7..c974242 100644 --- a/Makefile +++ b/Makefile @@ -7,4 +7,18 @@ LDLIBS = -ltls -include config.mk -linger: +OBJS += bouncer.o +OBJS += listen.o + +all: tags linger + +linger: ${OBJS} + ${CC} ${LDFLAGS} ${OBJS} ${LDLIBS} -o $@ + +${OBJS}: bouncer.h + +tags: *.c *.h + ctags -w *.c *.h + +clean: + rm -f tags linger ${OBJS} diff --git a/bouncer.c b/bouncer.c new file mode 100644 index 0000000..3bf44cd --- /dev/null +++ b/bouncer.c @@ -0,0 +1,99 @@ +/* Copyright (C) 2019 C. McEnroe + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "bouncer.h" + +static char *censor(char *arg) { + char *dup = strdup(arg); + if (!dup) err(EX_OSERR, "strdup"); + memset(arg, '*', strlen(dup)); + return dup; +} + +int main(int argc, char *argv[]) { + const char *localHost = "localhost"; + const char *localPort = "6697"; + const char *localPass = NULL; + char certPath[PATH_MAX] = ""; + char privPath[PATH_MAX] = ""; + + const char *host = NULL; + const char *port = "6697"; + const char *pass = NULL; + const char *auth = NULL; + const char *nick = NULL; + const char *user = NULL; + const char *real = NULL; + const char *join = NULL; + + int opt; + while (0 < (opt = getopt(argc, argv, "C:H:K:P:W:a:h:j:n:p:r:u:w:"))) { + switch (opt) { + break; case 'C': strlcpy(certPath, optarg, sizeof(certPath)); + break; case 'H': localHost = optarg; + break; case 'K': strlcpy(privPath, optarg, sizeof(privPath)); + break; case 'P': localPort = optarg; + break; case 'W': localPass = censor(optarg); + break; case 'a': auth = censor(optarg); + break; case 'h': host = optarg; + break; case 'j': join = optarg; + break; case 'n': nick = optarg; + break; case 'p': port = optarg; + break; case 'r': real = optarg; + break; case 'u': user = optarg; + break; case 'w': pass = censor(optarg); + break; default: return EX_USAGE; + } + } + + if (!certPath[0]) { + snprintf(certPath, sizeof(certPath), DEFAULT_CERT_PATH, localHost); + } + if (!privPath[0]) { + snprintf(privPath, sizeof(privPath), DEFAULT_PRIV_PATH, localHost); + } + + if (!host) errx(EX_USAGE, "no host"); + if (!nick) { + nick = getenv("USER"); + if (!nick) errx(EX_CONFIG, "USER unset"); + } + if (!user) user = nick; + if (!real) real = nick; + + enum { PollCap = 64 }; + struct pollfd fds[PollCap]; + + listenConfig(certPath, privPath); + size_t binds = listenBind(fds, PollCap, localHost, localPort); + + while (0 < poll(fds, binds, -1)) { + for (size_t i = 0; i < binds; ++i) { + if (!fds[i].revents) continue; + struct tls *client = listenAccept(&fds[binds], fds[i].fd); + } + } +} diff --git a/bouncer.h b/bouncer.h new file mode 100644 index 0000000..b8e6362 --- /dev/null +++ b/bouncer.h @@ -0,0 +1,32 @@ +/* Copyright (C) 2019 C. McEnroe + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +#include +#include +#include + +#ifndef DEFAULT_CERT_PATH +#define DEFAULT_CERT_PATH "/usr/local/etc/letsencrypt/live/%s/fullchain.pem" +#endif + +#ifndef DEFAULT_PRIV_PATH +#define DEFAULT_PRIV_PATH "/usr/local/etc/letsencrypt/live/%s/privkey.pem" +#endif + +void listenConfig(const char *cert, const char *priv); +size_t +listenBind(struct pollfd fds[], size_t cap, const char *host, const char *port); +struct tls *listenAccept(struct pollfd *poll, int fd); diff --git a/linger.c b/linger.c deleted file mode 100644 index 3e34fab..0000000 --- a/linger.c +++ /dev/null @@ -1,167 +0,0 @@ -/* Copyright (C) 2019 C. McEnroe - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifndef DEFAULT_CERT_PATH -#define DEFAULT_CERT_PATH "/usr/local/etc/letsencrypt/live/%s/fullchain.pem" -#endif - -#ifndef DEFAULT_PRIV_PATH -#define DEFAULT_PRIV_PATH "/usr/local/etc/letsencrypt/live/%s/privkey.pem" -#endif - -static char *censor(char *arg) { - char *dup = strdup(arg); - if (!dup) err(EX_OSERR, "strdup"); - memset(arg, '*', strlen(dup)); - return dup; -} - -int main(int argc, char *argv[]) { - int error; - - const char *localHost = "localhost"; - const char *localPort = "6697"; - const char *localPass = NULL; - char certPath[PATH_MAX] = ""; - char privPath[PATH_MAX] = ""; - - const char *host = NULL; - const char *port = "6697"; - const char *pass = NULL; - const char *auth = NULL; - const char *nick = NULL; - const char *user = NULL; - const char *real = NULL; - const char *join = NULL; - - int opt; - while (0 < (opt = getopt(argc, argv, "C:H:K:P:W:a:h:j:n:p:r:u:w:"))) { - switch (opt) { - break; case 'C': strlcpy(certPath, optarg, sizeof(certPath)); - break; case 'H': localHost = optarg; - break; case 'K': strlcpy(privPath, optarg, sizeof(privPath)); - break; case 'P': localPort = optarg; - break; case 'W': localPass = censor(optarg); - break; case 'a': auth = censor(optarg); - break; case 'h': host = optarg; - break; case 'j': join = optarg; - break; case 'n': nick = optarg; - break; case 'p': port = optarg; - break; case 'r': real = optarg; - break; case 'u': user = optarg; - break; case 'w': pass = censor(optarg); - break; default: return EX_USAGE; - } - } - - if (!certPath[0]) { - snprintf(certPath, sizeof(certPath), DEFAULT_CERT_PATH, localHost); - } - if (!privPath[0]) { - snprintf(privPath, sizeof(privPath), DEFAULT_PRIV_PATH, localHost); - } - - if (!host) errx(EX_USAGE, "no host"); - if (!nick) { - nick = getenv("USER"); - if (!nick) errx(EX_CONFIG, "USER unset"); - } - if (!user) user = nick; - if (!real) real = nick; - - struct tls_config *config = tls_config_new(); - if (!config) errx(EX_SOFTWARE, "tls_config_new"); - - error = tls_config_set_keypair_file(config, certPath, privPath); - if (error) { - errx( - EX_CONFIG, "tls_config_set_keypair_file: %s", - tls_config_error(config) - ); - } - - struct tls *server = tls_server(); - if (!server) errx(EX_SOFTWARE, "tls_server"); - - error = tls_configure(server, config); - if (error) errx(EX_SOFTWARE, "tls_configure: %s", tls_error(server)); - tls_config_free(config); - - struct addrinfo *head; - struct addrinfo hints = { - .ai_family = AF_UNSPEC, - .ai_socktype = SOCK_STREAM, - .ai_protocol = IPPROTO_TCP, - }; - error = getaddrinfo(localHost, localPort, &hints, &head); - if (error) { - errx(EX_NOHOST, "%s:%s: %s", localHost, localPort, gai_strerror(error)); - } - - enum { PollCap = 64 }; - struct pollfd fds[PollCap]; - - size_t binds = 0; - for (struct addrinfo *ai = head; ai; ai = ai->ai_next) { - fds[binds].fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); - if (fds[binds].fd < 0) err(EX_OSERR, "socket"); - - error = bind(fds[binds].fd, ai->ai_addr, ai->ai_addrlen); - if (error) { - warn("%s:%s", localHost, localPort); - close(fds[binds].fd); - continue; - } - - if (++binds == PollCap) errx(EX_CONFIG, "too many sockets to bind"); - } - if (!binds) return EX_UNAVAILABLE; - freeaddrinfo(head); - - for (size_t i = 0; i < binds; ++i) { - fds[i].events = POLLIN; - error = listen(fds[i].fd, 1); - if (error) err(EX_IOERR, "listen"); - } - - while (0 < poll(fds, binds, -1)) { - for (size_t i = 0; i < binds; ++i) { - if (!fds[i].revents) continue; - - int sock = accept(fds[i].fd, NULL, NULL); - if (sock < 0) err(EX_IOERR, "accept"); - - struct tls *client; - error = tls_accept_socket(server, &client, sock); - if (error) { - errx(EX_SOFTWARE, "tls_accept_socket: %s", tls_error(server)); - } - } - } -} diff --git a/listen.c b/listen.c new file mode 100644 index 0000000..4ecf5d3 --- /dev/null +++ b/listen.c @@ -0,0 +1,105 @@ +/* Copyright (C) 2019 C. McEnroe + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "bouncer.h" + +static struct tls *server; + +void listenConfig(const char *cert, const char *priv) { + struct tls_config *config = tls_config_new(); + if (!config) errx(EX_SOFTWARE, "tls_config_new"); + + int error = tls_config_set_keypair_file(config, cert, priv); + if (error) { + errx( + EX_CONFIG, "tls_config_set_keypair_file: %s", + tls_config_error(config) + ); + } + + server = tls_server(); + if (!server) errx(EX_SOFTWARE, "tls_server"); + + error = tls_configure(server, config); + if (error) errx(EX_SOFTWARE, "tls_configure: %s", tls_error(server)); + tls_config_free(config); +} + +size_t +listenBind( + struct pollfd fds[], size_t cap, + const char *host, const char *port +) { + struct addrinfo *head; + struct addrinfo hints = { + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + int error = getaddrinfo(host, port, &hints, &head); + if (error) errx(EX_NOHOST, "%s:%s: %s", host, port, gai_strerror(error)); + + size_t len = 0; + for (struct addrinfo *ai = head; ai && len < cap; ai = ai->ai_next) { + int sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); + if (sock < 0) err(EX_OSERR, "socket"); + + error = bind(sock, ai->ai_addr, ai->ai_addrlen); + if (error) { + warn("%s:%s", host, port); + close(sock); + continue; + } + + error = listen(sock, 1); + if (error) err(EX_IOERR, "listen"); + + fds[len].fd = sock; + fds[len].events = POLLIN; + len++; + } + freeaddrinfo(head); + + if (!len) errx(EX_UNAVAILABLE, "could not bind any sockets"); + return len; +} + +struct tls *listenAccept(struct pollfd *poll, int fd) { + int sock = accept(fd, NULL, NULL); + if (sock < 0) err(EX_IOERR, "accept"); + + int yes = 1; + int error = setsockopt(sock, SOL_SOCKET, SO_NOSIGPIPE, &yes, sizeof(yes)); + if (error) err(EX_OSERR, "setsockopt"); + + struct tls *client; + error = tls_accept_socket(server, &client, sock); + if (error) errx(EX_SOFTWARE, "tls_accept_socket: %s", tls_error(server)); + + poll->fd = sock; + poll->events = POLLIN; + return client; +} -- cgit 1.4.1