mirrors
/
kore
mirror of https://git.kore.io/kore.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
kore/src/config.c

397 lines
8.7 KiB
C
Raw Normal View History

add missing config.c
2013-05-01 17:17:16 +02:00
/*
* Copyright (c) 2013 Joris Vink <joris@coders.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/param.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/queue.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
#include <pwd.h>
add missing config.c
2013-05-01 17:17:16 +02:00
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
switch dynamic handlers to regex based patterns, much easier.
2013-05-29 14:29:46 +02:00
#include <regex.h>
add missing config.c
2013-05-01 17:17:16 +02:00
#include <zlib.h>
#include "spdy.h"
#include "kore.h"
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
static int configure_bind(char **);
static int configure_load(char **);
static int configure_onload(char **);
static int configure_handler(char **);
static int configure_domain(char **);
static int configure_chroot(char **);
static int configure_runas(char **);
static int configure_workers(char **);
static int configure_pidfile(char **);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
static int configure_accesslog(char **);
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
static int configure_certfile(char **);
static int configure_certkey(char **);
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
static int configure_max_connections(char **);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
static void domain_sslstart(void);
add missing config.c
2013-05-01 17:17:16 +02:00
static struct {
const char *name;
int (*configure)(char **);
} config_names[] = {
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
{ "bind", configure_bind },
{ "load", configure_load },
{ "onload", configure_onload },
{ "static", configure_handler },
{ "dynamic", configure_handler },
{ "domain", configure_domain },
{ "chroot", configure_chroot },
{ "runas", configure_runas },
{ "workers", configure_workers },
{ "worker_max_connections", configure_max_connections },
{ "pidfile", configure_pidfile },
{ "accesslog", configure_accesslog },
{ "certfile", configure_certfile },
{ "certkey", configure_certkey },
{ NULL, NULL },
add missing config.c
2013-05-01 17:17:16 +02:00
};
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
char *config_file = NULL;
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
static struct kore_domain *current_domain = NULL;
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
add missing config.c
2013-05-01 17:17:16 +02:00
void
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
kore_parse_config(void)
add missing config.c
2013-05-01 17:17:16 +02:00
{
FILE *fp;
int i, lineno;
introduce kore_split_string() to properly split strings apart. introduce kore_date_to_time() to conver http-date formatted strings to time_t.
2013-05-01 20:10:45 +02:00
char buf[BUFSIZ], *p, *t, *argv[5];
add missing config.c
2013-05-01 17:17:16 +02:00
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
if (config_file == NULL)
fatal("specify a configuration file with -c");
if ((fp = fopen(config_file, "r")) == NULL)
fatal("configuration given cannot be opened: %s", config_file);
add missing config.c
2013-05-01 17:17:16 +02:00
lineno = 1;
while (fgets(buf, sizeof(buf), fp) != NULL) {
p = buf;
buf[strcspn(buf, "\n")] = '\0';
while (isspace(*p))
p++;
if (p[0] == '#' || p[0] == '\0') {
lineno++;
continue;
}
for (t = p; *t != '\0'; t++) {
if (*t == '\t')
*t = ' ';
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (!strcmp(p, "}") && current_domain != NULL)
domain_sslstart();
introduce kore_split_string() to properly split strings apart. introduce kore_date_to_time() to conver http-date formatted strings to time_t.
2013-05-01 20:10:45 +02:00
kore_split_string(p, " ", argv, 5);
add missing config.c
2013-05-01 17:17:16 +02:00
for (i = 0; config_names[i].name != NULL; i++) {
if (!strcmp(config_names[i].name, argv[0])) {
if (!config_names[i].configure(argv)) {
fatal("configuration error on line %d",
lineno);
}
break;
}
}
lineno++;
}
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
if (!kore_module_loaded())
fatal("no site module was loaded");
if (server_ip == NULL || server_port == 0)
fatal("missing a correct bind directive in configuration");
if (chroot_path == NULL)
fatal("missing a chroot path");
if (runas_user == NULL)
fatal("missing a username to run as");
if ((pw = getpwnam(runas_user)) == NULL)
fatal("user '%s' does not exist", runas_user);
add missing config.c
2013-05-01 17:17:16 +02:00
}
static int
configure_bind(char **argv)
{
int err;
if (argv[1] == NULL || argv[2] == NULL)
return (KORE_RESULT_ERROR);
if (server_ip != NULL || server_port != 0) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate bind directive seen");
add missing config.c
2013-05-01 17:17:16 +02:00
return (KORE_RESULT_ERROR);
}
server_ip = kore_strdup(argv[1]);
server_port = kore_strtonum(argv[2], 1, 65535, &err);
if (err != KORE_RESULT_OK) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("%s is an invalid port number", argv[2]);
add missing config.c
2013-05-01 17:17:16 +02:00
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
static int
configure_load(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
kore_module_load(argv[1]);
return (KORE_RESULT_OK);
}
allow onload to be given in the config file. onload specifies what function in your module to call when the module has been loaded or reloaded.
2013-05-30 21:26:39 +02:00
static int
configure_onload(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (kore_module_onload != NULL) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate onload directive found");
allow onload to be given in the config file. onload specifies what function in your module to call when the module has been loaded or reloaded.
2013-05-30 21:26:39 +02:00
return (KORE_RESULT_ERROR);
}
kore_module_onload = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
static int
configure_domain(char **argv)
{
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (argv[2] == NULL)
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
return (KORE_RESULT_ERROR);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain != NULL) {
kore_debug("previous domain configuration not closed");
return (KORE_RESULT_ERROR);
}
if (strcmp(argv[2], "{")) {
kore_debug("missing { for domain directive");
return (KORE_RESULT_ERROR);
}
if (!kore_domain_new(argv[1])) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("could not create new domain %s", current_domain);
switch dynamic handlers to regex based patterns, much easier.
2013-05-29 14:29:46 +02:00
return (KORE_RESULT_ERROR);
}
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
current_domain = kore_domain_lookup(argv[1]);
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
return (KORE_RESULT_OK);
}
add missing config.c
2013-05-01 17:17:16 +02:00
static int
configure_handler(char **argv)
{
int type;
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
if (current_domain == NULL) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("missing domain for page handler");
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
return (KORE_RESULT_ERROR);
}
add missing config.c
2013-05-01 17:17:16 +02:00
if (argv[1] == NULL || argv[2] == NULL)
return (KORE_RESULT_ERROR);
if (!strcmp(argv[0], "static"))
type = HANDLER_TYPE_STATIC;
else if (!strcmp(argv[0], "dynamic"))
type = HANDLER_TYPE_DYNAMIC;
else
return (KORE_RESULT_ERROR);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (!kore_module_handler_new(argv[1],
current_domain->domain, argv[2], type)) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("cannot create handler for %s", argv[1]);
add missing config.c
2013-05-01 17:17:16 +02:00
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
static int
configure_chroot(char **argv)
{
if (chroot_path != NULL) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate chroot path specified");
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
return (KORE_RESULT_ERROR);
}
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
chroot_path = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
static int
configure_runas(char **argv)
{
if (runas_user != NULL) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate runas user specified");
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
return (KORE_RESULT_ERROR);
}
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
runas_user = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
static int
configure_workers(char **argv)
{
int err;
if (worker_count != 0) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate worker directive specified");
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
return (KORE_RESULT_ERROR);
}
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
worker_count = kore_strtonum(argv[1], 1, 255, &err);
if (err != KORE_RESULT_OK) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("%s is not a correct worker number", argv[1]);
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
static int
configure_pidfile(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (strcmp(kore_pidfile, KORE_PIDFILE_DEFAULT)) {
kore_debug("duplicate pidfile directive specified");
return (KORE_RESULT_ERROR);
}
kore_pidfile = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
static int
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
configure_accesslog(char **argv)
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain == NULL) {
kore_debug("missing domain for accesslog");
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain->accesslog != -1) {
kore_debug("domain %s already has an open accesslog",
current_domain->domain);
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
return (KORE_RESULT_ERROR);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
}
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
current_domain->accesslog = open(argv[1],
O_CREAT | O_APPEND | O_WRONLY, 0755);
if (current_domain->accesslog == -1) {
kore_debug("open(%s): %s", argv[1], errno_s);
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
static int
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
configure_certfile(char **argv)
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (current_domain == NULL) {
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
kore_debug("missing domain for certfile");
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain->certfile != NULL) {
kore_debug("domain already has a certfile set");
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
current_domain->certfile = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
static int
configure_certkey(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (current_domain == NULL) {
kore_debug("missing domain for certkey");
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain->certkey != NULL) {
kore_debug("domain already has a certkey set");
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
current_domain->certkey = kore_strdup(argv[1]);
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_OK);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
static int
configure_max_connections(char **argv)
{
int err;
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
worker_max_connections = kore_strtonum(argv[1], 1, 65535, &err);
if (err != KORE_RESULT_OK)
return (KORE_RESULT_ERROR);
return (KORE_RESULT_OK);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
static void
domain_sslstart(void)
{
kore_domain_sslstart(current_domain);
current_domain = NULL;
}