X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=http_send.c;h=2a14f4282e4b453a465dbbfeb6ee16fcf611a726;hp=7be22da07dc9c0cd60c88dcb52c031277e9c33c5;hb=6efa5f53d7c1d2f07b67f25f352a081d585df9cf;hpb=49c5a95ab4ca28d13c6faff59110447aeb0099a5 diff --git a/http_send.c b/http_send.c index 7be22da0..2a14f428 100644 --- a/http_send.c +++ b/http_send.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2007 Andre Noll + * Copyright (C) 2005-2008 Andre Noll * * Licensed under the GPL v2. For licencing details see COPYING. */ @@ -24,13 +24,11 @@ #include "net.h" #include "fd.h" #include "chunk_queue.h" +#include "acl.h" -/** \cond convert sock_addr_in to ascii */ -#define CLIENT_ADDR(hc) inet_ntoa((hc)->addr.sin_addr) -/* get the port number of a struct http_client */ -#define CLIENT_PORT(hc) (hc)->addr.sin_port +/** Message sent to clients that do not send a valid get request. */ #define HTTP_ERR_MSG "HTTP/1.0 400 Bad Request\n" -/** \endcond */ + /** The possible states of a client from the server's POV. */ enum http_status { @@ -53,14 +51,14 @@ enum http_status { /** The list of connected clients. */ static struct list_head clients; /** The whitelist/blacklist. */ -static struct list_head access_perm_list; +static struct list_head http_acl; /** Describes one client that connected the tcp port of the http sender. */ struct http_client { /** The file descriptor of the client. */ int fd; - /** Address information about the client. */ - struct sockaddr_in addr; + /** The socket `name' of the client. */ + char *name; /** The client's current status. */ enum http_status status; /** Non-zero if we included \a fd in the read set.*/ @@ -73,27 +71,16 @@ struct http_client { struct chunk_queue *cq; }; -/** - * Describes one entry in the blacklist/whitelist of the http sender. - */ -struct access_info { - /** The address to be black/whitelisted. */ - struct in_addr addr; - /** The netmask for this entry. */ - unsigned netmask; - /** The position of this entry in the access_perm_list. */ - struct list_head node; -}; - -static int server_fd = -1, numclients; +static int listen_fd = -1, numclients; static struct sender *self; static void http_shutdown_client(struct http_client *hc, const char *msg) { - PARA_INFO_LOG("shutting down %s on fd %d (%s)\n", CLIENT_ADDR(hc), - hc->fd, msg); + PARA_INFO_LOG("shutting down %s on fd %d (%s)\n", hc->name, hc->fd, + msg); numclients--; + free(hc->name); close(hc->fd); del_close_on_fork_list(hc->fd); cq_destroy(hc->cq); @@ -192,7 +179,7 @@ static void http_send( long unsigned current_chunk, queue_chunk_or_shutdown(hc, current_chunk, 0); continue; } -// PARA_DEBUG_LOG("sending %d -> %s\n", len, CLIENT_ADDR(hc)); +// PARA_DEBUG_LOG("sending %d -> %s\n", len, remote_name(hc->fd)); ret = write(hc->fd, buf, len); // PARA_DEBUG_LOG("ret: %d\n", ret); if (ret < 0) { @@ -204,26 +191,17 @@ static void http_send( long unsigned current_chunk, } } -static int host_in_access_perm_list(struct http_client *hc) -{ - struct access_info *ai, *tmp; - list_for_each_entry_safe(ai, tmp, &access_perm_list, node) { - unsigned mask = ((~0U) >> ai->netmask); - if ((hc->addr.sin_addr.s_addr & mask) == (ai->addr.s_addr & mask)) - return 1; - } - return 0; -} - static void http_post_select(fd_set *rfds, fd_set *wfds) { int i = -1, match; struct http_client *hc, *tmp; const char *err_msg; + if (listen_fd < 0) + return; list_for_each_entry_safe(hc, tmp, &clients, node) { i++; -// PARA_DEBUG_LOG("handling client %d: %s\n", i, CLIENT_ADDR(hc)); +// PARA_DEBUG_LOG("handling client %d: %s\n", i, remote_name(hc->fd)); switch (hc->status) { case HTTP_STREAMING: /* nothing to do */ case HTTP_READY_TO_STREAM: @@ -259,21 +237,22 @@ static void http_post_select(fd_set *rfds, fd_set *wfds) break; } } - if (!FD_ISSET(server_fd, rfds)) + if (!FD_ISSET(listen_fd, rfds)) return; hc = para_calloc(sizeof(struct http_client)); err_msg = "accept error"; - hc->fd = para_accept(server_fd, &hc->addr, sizeof(struct sockaddr_in)); + hc->fd = para_accept(listen_fd, NULL, 0); if (hc->fd <= 0) goto err_out; - PARA_NOTICE_LOG("connection from %s (fd %d)\n", CLIENT_ADDR(hc), hc->fd); + hc->name = make_message("%s", remote_name(hc->fd)); + PARA_NOTICE_LOG("connection from %s (fd %d)\n", hc->name, hc->fd); if (conf.http_max_clients_arg > 0 && numclients >= conf.http_max_clients_arg) { err_msg = "server full"; goto err_out; } - match = host_in_access_perm_list(hc); - PARA_DEBUG_LOG("host_in_access_perm_list: %d\n", match); + match = acl_lookup(hc->fd, &http_acl); + PARA_DEBUG_LOG("acl lookup returned %d\n", match); if ((match && !conf.http_default_deny_given) || (!match && conf.http_default_deny_given)) { err_msg = "permission denied"; @@ -281,16 +260,16 @@ static void http_post_select(fd_set *rfds, fd_set *wfds) } hc->status = HTTP_CONNECTED; hc->cq = cq_new(MAX_BACKLOG); - PARA_INFO_LOG("accepted client #%d: %s (fd %d)\n", numclients, - CLIENT_ADDR(hc), hc->fd); numclients++; + PARA_INFO_LOG("accepted client #%d: %s (fd %d)\n", numclients, + hc->name, hc->fd); para_list_add(&hc->node, &clients); add_close_on_fork_list(hc->fd); mark_fd_nonblocking(hc->fd); return; err_out: PARA_WARNING_LOG("ignoring connect request from %s (%s)\n", - CLIENT_ADDR(hc), err_msg); + hc->name, err_msg); if (hc->fd > 0) close(hc->fd); free(hc); @@ -300,9 +279,9 @@ static void http_pre_select(int *max_fileno, fd_set *rfds, fd_set *wfds) { struct http_client *hc, *tmp; - if (server_fd < 0) + if (listen_fd < 0) return; - para_fd_set(server_fd, rfds, max_fileno); + para_fd_set(listen_fd, rfds, max_fileno); list_for_each_entry_safe(hc, tmp, &clients, node) { //PARA_DEBUG_LOG("hc %p on fd %d: status %d\n", hc, hc->fd, hc->status); hc->check_r = 0; @@ -330,105 +309,69 @@ static void http_pre_select(int *max_fileno, fd_set *rfds, fd_set *wfds) } } -static int open_tcp_port(int port) +static int http_open(int port) { int ret; - server_fd = tcp_listen(port); - if (server_fd < 0) { + listen_fd = para_listen(AF_UNSPEC, IPPROTO_TCP, port); + if (listen_fd < 0) { http_shutdown_clients(); - self->status = SENDER_OFF; - return server_fd; + return listen_fd; } - ret = mark_fd_nonblocking(server_fd); + ret = mark_fd_nonblocking(listen_fd); if (ret < 0) { - PARA_EMERG_LOG("%s\n", PARA_STRERROR(-ret)); + PARA_EMERG_LOG("%s\n", para_strerror(-ret)); exit(EXIT_FAILURE); } - self->status = SENDER_ON; - add_close_on_fork_list(server_fd); + add_close_on_fork_list(listen_fd); return 1; } static int http_com_on(__a_unused struct sender_command_data *scd) { - if (self->status == SENDER_ON) + if (listen_fd >= 0) return 1; - return open_tcp_port(conf.http_port_arg); + return http_open(conf.http_port_arg); } static int http_com_off(__a_unused struct sender_command_data *scd) { - self->status = SENDER_OFF; - if (server_fd > 0) { - close(server_fd); - del_close_on_fork_list(server_fd); - server_fd = -1; - } + if (listen_fd < 0) + return 1; + PARA_NOTICE_LOG("closing http port %d\n", conf.http_port_arg); + close(listen_fd); + del_close_on_fork_list(listen_fd); http_shutdown_clients(); + listen_fd = -1; return 1; } -static void del_perm_list_entry(struct sender_command_data *scd) -{ - struct access_info *ai, *tmp; - - list_for_each_entry_safe(ai, tmp, &access_perm_list, node) { - char *nad = para_strdup(inet_ntoa(ai->addr)); - if (!strcmp(nad, inet_ntoa(scd->addr)) && - ai->netmask == scd->netmask) { - PARA_NOTICE_LOG("removing %s/%i from access list\n", - nad, ai->netmask); - list_del(&ai->node); - free(ai); - } - free(nad); - } -} - -static void add_perm_list_entry(struct sender_command_data *scd) -{ - struct access_info *ai = para_malloc(sizeof(struct access_info)); - ai->addr = scd->addr; - ai->netmask = scd->netmask; - PARA_INFO_LOG("adding %s/%i to access list\n", inet_ntoa(ai->addr), - ai->netmask); - para_list_add(&ai->node, &access_perm_list); -} - static int http_com_deny(struct sender_command_data *scd) { if (conf.http_default_deny_given) - del_perm_list_entry(scd); + acl_del_entry(&http_acl, scd->addr, scd->netmask); else - add_perm_list_entry(scd); + acl_add_entry(&http_acl, scd->addr, scd->netmask); return 1; } static int http_com_allow(struct sender_command_data *scd) { if (conf.http_default_deny_given) - add_perm_list_entry(scd); + acl_add_entry(&http_acl, scd->addr, scd->netmask); else - del_perm_list_entry(scd); + acl_del_entry(&http_acl, scd->addr, scd->netmask); return 1; } static char *http_info(void) { - char *clnts = NULL, *ap = NULL, *ret; - struct access_info *ai, *tmp_ai; + char *clnts = NULL, *ret; struct http_client *hc, *tmp_hc; - list_for_each_entry_safe(ai, tmp_ai, &access_perm_list, node) { - char *tmp = make_message("%s%s/%d ", ap? ap : "", - inet_ntoa(ai->addr), ai->netmask); - free(ap); - ap = tmp; - } + char *acl_contents = acl_get_contents(&http_acl); list_for_each_entry_safe(hc, tmp_hc, &clients, node) { - char *tmp = make_message("%s%s:%d ", clnts? clnts : "", - CLIENT_ADDR(hc), CLIENT_PORT(hc)); + char *tmp = make_message("%s%s ", clnts? clnts : "", hc->name); free(clnts); clnts = tmp; } @@ -439,48 +382,20 @@ static char *http_info(void) "http maximal number of clients: %d%s\n" "http connected clients: %s\n" "http access %s list: %s\n", - (self->status == SENDER_ON)? "on" : "off", + (listen_fd >= 0)? "on" : "off", conf.http_port_arg, numclients, conf.http_max_clients_arg, conf.http_max_clients_arg > 0? "" : " (unlimited)", clnts? clnts : "(none)", conf.http_default_deny_given? "allow" : "deny", - ap? ap : "(none)" + acl_contents? acl_contents : "(none)" ); - free(ap); + free(acl_contents); free(clnts); return ret; } -static void init_access_control_list(void) -{ - int i; - struct sender_command_data scd; - - INIT_LIST_HEAD(&access_perm_list); - for (i = 0; i < conf.http_access_given; i++) { - char *arg = para_strdup(conf.http_access_arg[i]); - char *p = strchr(arg, '/'); - if (!p) - goto err; - *p = '\0'; - if (!inet_pton(AF_INET, arg, &scd.addr)) - goto err; - scd.netmask = atoi(++p); - if (scd.netmask < 0 || scd.netmask > 32) - goto err; - add_perm_list_entry(&scd); - goto success; -err: - PARA_CRIT_LOG("syntax error for http_access option " - "#%d, ignoring\n", i); -success: - free(arg); - continue; - } -} - static char *http_help(void) { return make_message( @@ -514,8 +429,8 @@ void http_send_init(struct sender *s) s->client_cmds[SENDER_ADD] = NULL; s->client_cmds[SENDER_DELETE] = NULL; self = s; - init_access_control_list(); + acl_init(&http_acl, conf.http_access_arg, conf.http_access_given); if (!conf.http_no_autostart_given) - open_tcp_port(conf.http_port_arg); /* ignore errors */ + http_open(conf.http_port_arg); /* ignore errors */ PARA_DEBUG_LOG("%s", "http sender init complete\n"); }