mirrors/kore
1
0
Fork 1
mirror of https://git.kore.io/kore.git synced 2024-11-12 13:19:12 +01:00
Code Issues Projects Releases Wiki Activity
2576427dc0
kore/src/filemap.c

324 lines
7.5 KiB
C
Raw Normal View History

Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
/*
bump copyright year.
2021-01-11 23:46:08 +01:00
* Copyright (c) 2019-2021 Joris Vink <joris@coders.se>
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <fcntl.h>
#include <dirent.h>
#include <unistd.h>
#include "kore.h"
#if !defined(KORE_NO_HTTP)
#include "http.h"
struct filemap_entry {
char *root;
size_t root_len;
struct kore_domain *domain;
char *ondisk;
use realpath() to resolve ondisk paths.
2018-07-08 17:40:16 +02:00
size_t ondisk_len;
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
TAILQ_ENTRY(filemap_entry) list;
};
int filemap_resolve(struct http_request *);
static void filemap_serve(struct http_request *, struct filemap_entry *);
static TAILQ_HEAD(, filemap_entry) maps;
Add filemap_ext configuration option. Allows you to specify the default extensions used for a file served via a filemap, eg: filemap_ext .html Gives us ability to provide clean urls.
2018-07-03 19:58:43 +02:00
char *kore_filemap_ext = NULL;
filemap and fileref improvements. - make sure we can serve updated files even if we have an old fileref around. - add filemap_index as a configuration option: allows one to specify what file to serve if a directory was requested (eg: index.html)
2018-06-28 23:00:42 +02:00
char *kore_filemap_index = NULL;
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
void
kore_filemap_init(void)
{
TAILQ_INIT(&maps);
}
int
kore_filemap_create(struct kore_domain *dom, const char *path, const char *root)
{
forcefully limit filemaps to GET | HEAD.
2018-07-17 15:05:20 +02:00
size_t sz;
struct stat st;
int len;
struct kore_module_handle *hdlr;
struct filemap_entry *entry;
char regex[1024], fpath[PATH_MAX];
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
sz = strlen(root);
if (sz == 0)
return (KORE_RESULT_ERROR);
if (root[0] != '/' || root[sz - 1] != '/')
return (KORE_RESULT_ERROR);
Rework worker startup/privsep config. Starting with the privsep config, this commit changes the following: - Removes the root, runas, keymgr_root, keymgr_runas, acme_root and acme_runas configuration options. Instead these are now configured via a privsep configuration context: privsep worker { root /tmp runas nobody } This is also configurable via Python using the new kore.privsep() method: kore.privsep("worker", root="/tmp", runas="nobody", skip=["chroot"]) Tied into this we also better handle worker startup: - Per worker process, wait until it signalled it is ready. - If a worker fails at startup, display its last log lines more clearly. - Don't start acme process if no domain requires acme. - Remove each process its individual startup log message in favour of a generalized one that displays its PID, root and user. - At startup, log the kore version and built-ins in a nicer way. - The worker processes now check things they need to start running before signaling they are ready (such as access to CA certs for TLS client authentication).
2021-09-07 21:59:22 +02:00
if (worker_privsep.root != NULL) {
Only use kore_root_path if its explicitly set. Otherwise a relative path works well enough.
2018-07-11 11:08:44 +02:00
len = snprintf(fpath, sizeof(fpath), "%s/%s",
Rework worker startup/privsep config. Starting with the privsep config, this commit changes the following: - Removes the root, runas, keymgr_root, keymgr_runas, acme_root and acme_runas configuration options. Instead these are now configured via a privsep configuration context: privsep worker { root /tmp runas nobody } This is also configurable via Python using the new kore.privsep() method: kore.privsep("worker", root="/tmp", runas="nobody", skip=["chroot"]) Tied into this we also better handle worker startup: - Per worker process, wait until it signalled it is ready. - If a worker fails at startup, display its last log lines more clearly. - Don't start acme process if no domain requires acme. - Remove each process its individual startup log message in favour of a generalized one that displays its PID, root and user. - At startup, log the kore version and built-ins in a nicer way. - The worker processes now check things they need to start running before signaling they are ready (such as access to CA certs for TLS client authentication).
2021-09-07 21:59:22 +02:00
worker_privsep.root, path);
Only use kore_root_path if its explicitly set. Otherwise a relative path works well enough.
2018-07-11 11:08:44 +02:00
if (len == -1 || (size_t)len >= sizeof(fpath))
fatal("kore_filemap_create: failed to concat paths");
} else {
if (kore_strlcpy(fpath, path, sizeof(fpath)) >= sizeof(fpath))
fatal("kore_filemap_create: failed to copy path");
}
Allow on-the-fly reloading of certificates/keys. This commit introduces the ability for the keymgr process to reload the certificates/keys for domains when receiving a SIGUSR1 signal. The keymgr receives 2 new configuration options: - keymgr_root_path The root path where the keymgr will live. If -n is not specified when the application starts the keymgr process will chroot into here. - keymgr_runas_user The user the keymgr will drop privileges towards if -r was not specified. All certfile and certkey configuration options are now relative to the keymgr_root_path configuration setting. The keymgr process will now also load the certificate for the domain (rather then the workers) and submit these to the worker processes so they can be reloaded when required. Worker processes will refuse connections until the TLS configuration for a given domain is completed (aka: the workers receive the certificate for that domain). Other changes: - client_certificates renamed to client_verify. - the chroot configuration option is now called root. - kore is a little more verbose if privsep options are missing. - filemaps are now relative to the root configuration option.
2018-07-11 09:44:29 +02:00
if (stat(fpath, &st) == -1)
resolve filemap paths after workers chrooted. otherwise the paths inside chrooted workers are incorrect.
2018-07-08 17:51:35 +02:00
return (KORE_RESULT_ERROR);
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
len = snprintf(regex, sizeof(regex), "^%s.*$", root);
if (len == -1 || (size_t)len >= sizeof(regex))
fatal("kore_filemap_create: buffer too small");
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
if (!kore_module_handler_new(dom, regex, "filemap_resolve",
NULL, HANDLER_TYPE_DYNAMIC))
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
return (KORE_RESULT_ERROR);
forcefully limit filemaps to GET | HEAD.
2018-07-17 15:05:20 +02:00
hdlr = NULL;
TAILQ_FOREACH(hdlr, &dom->handlers, list) {
if (!strcmp(hdlr->path, regex))
break;
}
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
forcefully limit filemaps to GET | HEAD.
2018-07-17 15:05:20 +02:00
if (hdlr == NULL)
fatal("couldn't find newly created handler for filemap");
hdlr->methods = HTTP_METHOD_GET | HTTP_METHOD_HEAD;
entry = kore_calloc(1, sizeof(*entry));
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
entry->domain = dom;
entry->root_len = sz;
entry->root = kore_strdup(root);
resolve filemap paths after workers chrooted. otherwise the paths inside chrooted workers are incorrect.
2018-07-08 17:51:35 +02:00
/*
* Resolve the ondisk component inside the workers to make sure
* realpath() resolves the correct path (they maybe chrooted).
*/
entry->ondisk_len = strlen(path);
entry->ondisk = kore_strdup(path);
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
TAILQ_INSERT_TAIL(&maps, entry, list);
return (KORE_RESULT_OK);
}
resolve filemap paths after workers chrooted. otherwise the paths inside chrooted workers are incorrect.
2018-07-08 17:51:35 +02:00
void
kore_filemap_resolve_paths(void)
{
struct filemap_entry *entry;
char rpath[PATH_MAX];
TAILQ_FOREACH(entry, &maps, list) {
if (realpath(entry->ondisk, rpath) == NULL)
fatal("realpath(%s): %s", entry->ondisk, errno_s);
kore_free(entry->ondisk);
entry->ondisk_len = strlen(rpath);
entry->ondisk = kore_strdup(rpath);
}
}
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
int
filemap_resolve(struct http_request *req)
{
size_t best_len;
struct filemap_entry *entry, *best;
limit filemaps to HEAD/GET requests.
2018-06-28 14:24:02 +02:00
if (req->method != HTTP_METHOD_GET &&
req->method != HTTP_METHOD_HEAD) {
http_response_header(req, "allow", "get, head");
http_response(req, HTTP_STATUS_BAD_REQUEST, NULL, 0);
return (KORE_RESULT_OK);
}
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
best = NULL;
best_len = 0;
TAILQ_FOREACH(entry, &maps, list) {
let filemaps be matched to the domains.
2018-07-04 14:26:38 +02:00
if (entry->domain != req->hdlr->dom)
continue;
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
if (!strncmp(entry->root, req->path, entry->root_len)) {
if (best == NULL || entry->root_len > best_len) {
best = entry;
best_len = entry->root_len;
continue;
}
}
}
if (best == NULL) {
http_response(req, HTTP_STATUS_NOT_FOUND, NULL, 0);
return (KORE_RESULT_OK);
}
filemap_serve(req, best);
return (KORE_RESULT_OK);
}
static void
filemap_serve(struct http_request *req, struct filemap_entry *map)
{
struct stat st;
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
struct connection *c;
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
struct kore_fileref *ref;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct kore_server *srv;
Add filemap_ext configuration option. Allows you to specify the default extensions used for a file served via a filemap, eg: filemap_ext .html Gives us ability to provide clean urls.
2018-07-03 19:58:43 +02:00
const char *path;
filemap and fileref improvements. - make sure we can serve updated files even if we have an old fileref around. - add filemap_index as a configuration option: allows one to specify what file to serve if a directory was requested (eg: index.html)
2018-06-28 23:00:42 +02:00
int len, fd, index;
use realpath() to resolve ondisk paths.
2018-07-08 17:40:16 +02:00
char fpath[PATH_MAX], rpath[PATH_MAX];
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
Add filemap_ext configuration option. Allows you to specify the default extensions used for a file served via a filemap, eg: filemap_ext .html Gives us ability to provide clean urls.
2018-07-03 19:58:43 +02:00
path = req->path + map->root_len;
len = snprintf(fpath, sizeof(fpath), "%s/%s", map->ondisk, path);
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
if (len == -1 || (size_t)len >= sizeof(fpath)) {
http_response(req, HTTP_STATUS_INTERNAL_ERROR, NULL, 0);
return;
}
run path via http_argument_urldecode().
2018-06-28 15:28:25 +02:00
if (!http_argument_urldecode(fpath)) {
http_response(req, HTTP_STATUS_BAD_REQUEST, NULL, 0);
return;
}
use realpath() to resolve ondisk paths.
2018-07-08 17:40:16 +02:00
index = 0;
lookup:
make sure we can still resolve new paths
2018-07-08 17:57:00 +02:00
if (realpath(fpath, rpath) == NULL) {
if (errno == ENOENT) {
simplify logic
2018-07-08 17:58:56 +02:00
if (index == 0 && kore_filemap_ext != NULL) {
make sure we can still resolve new paths
2018-07-08 17:57:00 +02:00
len = snprintf(fpath, sizeof(fpath),
"%s/%s%s", map->ondisk, path,
kore_filemap_ext);
if (len == -1 ||
(size_t)len >= sizeof(fpath)) {
http_response(req,
HTTP_STATUS_INTERNAL_ERROR,
NULL, 0);
return;
}
index++;
goto lookup;
}
}
http_response(req, HTTP_STATUS_NOT_FOUND, NULL, 0);
return;
}
if (strncmp(rpath, fpath, map->ondisk_len)) {
run path via http_argument_urldecode().
2018-06-28 15:28:25 +02:00
http_response(req, HTTP_STATUS_NOT_FOUND, NULL, 0);
return;
}
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
c = req->owner;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
srv = c->owner->server;
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
if ((ref = kore_fileref_get(rpath, srv->tls)) == NULL) {
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
if ((fd = open(fpath, O_RDONLY | O_NOFOLLOW)) == -1) {
switch (errno) {
case ENOENT:
Add filemap_ext configuration option. Allows you to specify the default extensions used for a file served via a filemap, eg: filemap_ext .html Gives us ability to provide clean urls.
2018-07-03 19:58:43 +02:00
if (index || kore_filemap_ext == NULL) {
req->status = HTTP_STATUS_NOT_FOUND;
} else {
len = snprintf(fpath, sizeof(fpath),
"%s/%s%s", map->ondisk, path,
kore_filemap_ext);
if (len == -1 ||
(size_t)len >= sizeof(fpath)) {
http_response(req,
HTTP_STATUS_INTERNAL_ERROR,
NULL, 0);
return;
}
index++;
goto lookup;
}
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
break;
case EPERM:
case EACCES:
req->status = HTTP_STATUS_FORBIDDEN;
break;
default:
req->status = HTTP_STATUS_INTERNAL_ERROR;
break;
}
http_response(req, req->status, NULL, 0);
return;
}
if (fstat(fd, &st) == -1) {
http_response(req, HTTP_STATUS_INTERNAL_ERROR, NULL, 0);
goto cleanup;
}
if (S_ISREG(st.st_mode)) {
if (st.st_size <= 0) {
http_response(req,
HTTP_STATUS_NOT_FOUND, NULL, 0);
goto cleanup;
}
/* kore_fileref_create() takes ownership of the fd. */
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
ref = kore_fileref_create(srv, fpath, fd,
let filerefs to operate on ms precision for mtime.
2018-07-24 19:56:36 +02:00
st.st_size, &st.st_mtim);
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
if (ref == NULL) {
http_response(req,
HTTP_STATUS_INTERNAL_ERROR, NULL, 0);
} else {
fd = -1;
}
filemap and fileref improvements. - make sure we can serve updated files even if we have an old fileref around. - add filemap_index as a configuration option: allows one to specify what file to serve if a directory was requested (eg: index.html)
2018-06-28 23:00:42 +02:00
} else if (S_ISDIR(st.st_mode) && index == 0) {
close fd if we're a directory in filemap.
2018-12-17 16:22:36 +01:00
close(fd);
redirect to /uri/ if need be.
2018-07-09 06:28:28 +02:00
if (req->path[strlen(req->path) - 1] != '/') {
(void)snprintf(fpath,
sizeof(fpath), "%s/", req->path);
http_response_header(req, "location", fpath);
http_response(req, HTTP_STATUS_FOUND, NULL, 0);
return;
}
filemap and fileref improvements. - make sure we can serve updated files even if we have an old fileref around. - add filemap_index as a configuration option: allows one to specify what file to serve if a directory was requested (eg: index.html)
2018-06-28 23:00:42 +02:00
len = snprintf(fpath, sizeof(fpath),
Add filemap_ext configuration option. Allows you to specify the default extensions used for a file served via a filemap, eg: filemap_ext .html Gives us ability to provide clean urls.
2018-07-03 19:58:43 +02:00
"%s/%s%s", map->ondisk, path,
filemap and fileref improvements. - make sure we can serve updated files even if we have an old fileref around. - add filemap_index as a configuration option: allows one to specify what file to serve if a directory was requested (eg: index.html)
2018-06-28 23:00:42 +02:00
kore_filemap_index != NULL ?
kore_filemap_index : "index.html");
if (len == -1 || (size_t)len >= sizeof(fpath)) {
http_response(req,
HTTP_STATUS_INTERNAL_ERROR, NULL, 0);
return;
}
index++;
goto lookup;
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
} else {
http_response(req, HTTP_STATUS_NOT_FOUND, NULL, 0);
}
}
if (ref != NULL) {
http_response_fileref(req, HTTP_STATUS_OK, ref);
fd = -1;
}
cleanup:
if (fd != -1)
close(fd);
}
#endif
Reference in New Issue Copy Permalink