X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=http_send.c;h=446cde4f72488c684696c13b41e91840df20fe0c;hp=1f28f722952b2b235e2e509c5b9b03f9a3e769dc;hb=e593b5f44255414087e226a25f4bbd392c9e7c76;hpb=28ca8e57ce76f5496f0d1ba143ec2c1c725bc90a diff --git a/http_send.c b/http_send.c index 1f28f722..446cde4f 100644 --- a/http_send.c +++ b/http_send.c @@ -1,30 +1,33 @@ /* - * Copyright (C) 2005-2007 Andre Noll + * Copyright (C) 2005-2008 Andre Noll * * Licensed under the GPL v2. For licencing details see COPYING. */ /** \file http_send.c paraslash's http sender */ +#include +#include +#include "para.h" +#include "error.h" +#include "string.h" #include "server.cmdline.h" +#include "afh.h" +#include "afs.h" #include "server.h" #include "http.h" #include "vss.h" #include "send.h" #include "list.h" #include "close_on_fork.h" -#include "error.h" #include "net.h" -#include "string.h" #include "fd.h" +#include "chunk_queue.h" -/** \cond convert sock_addr_in to ascii */ -#define CLIENT_ADDR(hc) inet_ntoa((hc)->addr.sin_addr) -/* get the port number of a struct http_client */ -#define CLIENT_PORT(hc) (hc)->addr.sin_port +/** Message sent to clients that do not send a valid get request. */ #define HTTP_ERR_MSG "HTTP/1.0 400 Bad Request\n" -/** \endcond */ + /** The possible states of a client from the server's POV. */ enum http_status { @@ -47,22 +50,14 @@ enum http_status { /** The list of connected clients. */ static struct list_head clients; /** The whitelist/blacklist. */ -static struct list_head access_perm_list; - -struct chunk_queue{ - /** The list of pending chunks for this client. */ - struct list_head q; - /** The number of pending bytes for this client. */ - unsigned long num_pending; - unsigned long max_pending; -}; +static struct list_head http_acl; /** Describes one client that connected the tcp port of the http sender. */ struct http_client { /** The file descriptor of the client. */ int fd; - /** Address information about the client. */ - struct sockaddr_in addr; + /** The socket `name' of the client. */ + char *name; /** The client's current status. */ enum http_status status; /** Non-zero if we included \a fd in the read set.*/ @@ -75,22 +70,6 @@ struct http_client { struct chunk_queue *cq; }; -/** - * Describes one queued chunk of the chunk queue. - * - * The send function of the http sender checks each client fd for writing. If a - * client fd is not ready, it tries to queue that chunk for this client until - * the number of queued bytes exceeds \p MAX_BACKLOG. - */ -struct queued_chunk { - /** The number of the queued chunk, -1U means header. */ - unsigned chunk_num; - /** The number of bytes already sent. */ - unsigned sent; - /** Position of the chunk in the chunk queue. */ - struct list_head node; -}; - /** * Describes one entry in the blacklist/whitelist of the http sender. */ @@ -99,7 +78,7 @@ struct access_info { struct in_addr addr; /** The netmask for this entry. */ unsigned netmask; - /** The position of this entry in the access_perm_list. */ + /** The position of this entry in the acl. */ struct list_head node; }; @@ -107,95 +86,12 @@ static int server_fd = -1, numclients; static struct sender *self; -static int cq_enqueue(struct chunk_queue *cq, long unsigned chunk_num, - size_t sent) -{ - struct queued_chunk *qc; - char *buf; - size_t len; - int ret; - - if (chunk_num != -1U) { - ret = vss_get_chunk(chunk_num, &buf, &len); - if (ret < 0) - return ret; - } else - buf = vss_get_header(&len); - if (cq->num_pending + len > cq->max_pending) - return -E_QUEUE; - qc = para_malloc(sizeof(struct queued_chunk)); - cq->num_pending += len; - qc->chunk_num = chunk_num; - qc->sent = sent; - list_add_tail(&qc->node, &cq->q); - PARA_DEBUG_LOG("%lu bytes queued for %p\n", cq->num_pending, &cq->q); - return 1; -} - -static struct queued_chunk *cq_peek(struct chunk_queue *cq) -{ - if (list_empty(&cq->q)) - return NULL; - return list_entry(cq->q.next, struct queued_chunk, node); -} - -int cq_dequeue(struct chunk_queue *cq) -{ - struct queued_chunk *qc = cq_peek(cq); - assert(qc); - list_del(&qc->node); - free(qc); - return 1; -} - -void cq_update(struct chunk_queue *cq, size_t sent) -{ - struct queued_chunk *qc = cq_peek(cq); - assert(qc); - qc->sent += sent; - cq->num_pending -= sent; -} - -int cq_get(struct queued_chunk *qc, char **buf, size_t *len) -{ - int ret; - - if (qc->chunk_num != -1U) { - ret = vss_get_chunk(qc->chunk_num, buf, len); - if (ret < 0) - return ret; - } else - *buf = vss_get_header(len); - assert(*len > qc->sent); - *buf += qc->sent; - *len -= qc->sent; - return 1; -} - -struct chunk_queue *cq_init(size_t max_pending) -{ - struct chunk_queue *cq = para_malloc(sizeof(*cq)); - INIT_LIST_HEAD(&cq->q); - cq->max_pending = max_pending; - cq->num_pending = 0; - return cq; -} - -void cq_destroy(struct chunk_queue *cq) -{ - struct queued_chunk *qc, *tmp; - list_for_each_entry_safe(qc, tmp, &cq->q, node) { - list_del(&qc->node); - free(qc); - } - free(cq); -} - static void http_shutdown_client(struct http_client *hc, const char *msg) { - PARA_INFO_LOG("shutting down %s on fd %d (%s)\n", CLIENT_ADDR(hc), - hc->fd, msg); + PARA_INFO_LOG("shutting down %s on fd %d (%s)\n", hc->name, hc->fd, + msg); numclients--; + free(hc->name); close(hc->fd); del_close_on_fork_list(hc->fd); cq_destroy(hc->cq); @@ -231,7 +127,6 @@ static int http_send_err_msg(struct http_client *hc) return http_send_msg(hc, HTTP_ERR_MSG); } - static int send_queued_chunks(struct http_client *hc) { struct queued_chunk *qc; @@ -244,7 +139,7 @@ static int send_queued_chunks(struct http_client *hc) cq_get(qc, &buf, &len); ret = write(hc->fd, buf, len); if (ret < 0) - return -1; /* FIXME */ + return -E_SEND_QUEUED_CHUNK; cq_update(hc->cq, ret); if (ret != len) return 1; @@ -273,11 +168,11 @@ static void http_send( long unsigned current_chunk, hc->status != HTTP_READY_TO_STREAM) continue; if (hc->status == HTTP_READY_TO_STREAM) { - unsigned hlen; + size_t hlen; char *hbuf = vss_get_header(&hlen); if (hbuf && hlen > 0 && current_chunk) { /* need to send header */ - PARA_INFO_LOG("queueing header: %d\n", hlen); + PARA_INFO_LOG("queueing header: %zu\n", hlen); if (queue_chunk_or_shutdown(hc, -1U, 0) < 0) continue; } else @@ -295,7 +190,7 @@ static void http_send( long unsigned current_chunk, queue_chunk_or_shutdown(hc, current_chunk, 0); continue; } -// PARA_DEBUG_LOG("sending %d -> %s\n", len, CLIENT_ADDR(hc)); +// PARA_DEBUG_LOG("sending %d -> %s\n", len, remote_name(hc->fd)); ret = write(hc->fd, buf, len); // PARA_DEBUG_LOG("ret: %d\n", ret); if (ret < 0) { @@ -307,14 +202,37 @@ static void http_send( long unsigned current_chunk, } } -static int host_in_access_perm_list(struct http_client *hc) +/** + * Return true if addr_1 matches addr_2 in the first `netmask' bits. + */ +static int v4_addr_match(uint32_t addr_1, uint32_t addr_2, uint8_t netmask) +{ + uint32_t mask = ~0U; + + if (netmask < 32) + mask <<= (32 - netmask); + return (htonl(addr_1) & mask) == (htonl(addr_2) & mask); +} + +static int host_in_acl(int fd, struct list_head *acl) { struct access_info *ai, *tmp; - list_for_each_entry_safe(ai, tmp, &access_perm_list, node) { - unsigned mask = ((~0U) >> ai->netmask); - if ((hc->addr.sin_addr.s_addr & mask) == (ai->addr.s_addr & mask)) - return 1; + struct sockaddr_storage ss; + socklen_t sslen = sizeof(ss); + struct in_addr v4_addr; + + if (getpeername(fd, (struct sockaddr *)&ss, &sslen) < 0) { + PARA_ERROR_LOG("Can not determine peer address: %s\n", strerror(errno)); + goto no_match; } + v4_addr = extract_v4_addr(&ss); + if (!v4_addr.s_addr) + goto no_match; + + list_for_each_entry_safe(ai, tmp, acl, node) + if (v4_addr_match(v4_addr.s_addr, ai->addr.s_addr, ai->netmask)) + return 1; +no_match: return 0; } @@ -326,7 +244,7 @@ static void http_post_select(fd_set *rfds, fd_set *wfds) list_for_each_entry_safe(hc, tmp, &clients, node) { i++; -// PARA_DEBUG_LOG("handling client %d: %s\n", i, CLIENT_ADDR(hc)); +// PARA_DEBUG_LOG("handling client %d: %s\n", i, remote_name(hc->fd)); switch (hc->status) { case HTTP_STREAMING: /* nothing to do */ case HTTP_READY_TO_STREAM: @@ -366,34 +284,35 @@ static void http_post_select(fd_set *rfds, fd_set *wfds) return; hc = para_calloc(sizeof(struct http_client)); err_msg = "accept error"; - hc->fd = para_accept(server_fd, &hc->addr, sizeof(struct sockaddr_in)); + hc->fd = para_accept(server_fd, NULL, 0); if (hc->fd <= 0) goto err_out; - PARA_NOTICE_LOG("connection from %s (fd %d)\n", CLIENT_ADDR(hc), hc->fd); + hc->name = make_message("%s", remote_name(hc->fd)); + PARA_NOTICE_LOG("connection from %s (fd %d)\n", hc->name, hc->fd); if (conf.http_max_clients_arg > 0 && numclients >= conf.http_max_clients_arg) { err_msg = "server full"; goto err_out; } - match = host_in_access_perm_list(hc); - PARA_DEBUG_LOG("host_in_access_perm_list: %d\n", match); + match = host_in_acl(hc->fd, &http_acl); + PARA_DEBUG_LOG("host_in_acl: %d\n", match); if ((match && !conf.http_default_deny_given) || (!match && conf.http_default_deny_given)) { err_msg = "permission denied"; goto err_out; } hc->status = HTTP_CONNECTED; - hc->cq = cq_init(MAX_BACKLOG); - PARA_INFO_LOG("accepted client #%d: %s (fd %d)\n", numclients, - CLIENT_ADDR(hc), hc->fd); + hc->cq = cq_new(MAX_BACKLOG); numclients++; + PARA_INFO_LOG("accepted client #%d: %s (fd %d)\n", numclients, + hc->name, hc->fd); para_list_add(&hc->node, &clients); add_close_on_fork_list(hc->fd); - mark_fd_nonblock(hc->fd); + mark_fd_nonblocking(hc->fd); return; err_out: PARA_WARNING_LOG("ignoring connect request from %s (%s)\n", - CLIENT_ADDR(hc), err_msg); + hc->name, err_msg); if (hc->fd > 0) close(hc->fd); free(hc); @@ -437,15 +356,15 @@ static int open_tcp_port(int port) { int ret; - server_fd = init_tcp_socket(port); + server_fd = para_listen(AF_UNSPEC, IPPROTO_TCP, port); if (server_fd < 0) { http_shutdown_clients(); self->status = SENDER_OFF; return server_fd; } - ret = mark_fd_nonblock(server_fd); + ret = mark_fd_nonblocking(server_fd); if (ret < 0) { - PARA_EMERG_LOG("%s\n", PARA_STRERROR(-ret)); + PARA_EMERG_LOG("%s\n", para_strerror(-ret)); exit(EXIT_FAILURE); } self->status = SENDER_ON; @@ -476,7 +395,7 @@ static void del_perm_list_entry(struct sender_command_data *scd) { struct access_info *ai, *tmp; - list_for_each_entry_safe(ai, tmp, &access_perm_list, node) { + list_for_each_entry_safe(ai, tmp, &http_acl, node) { char *nad = para_strdup(inet_ntoa(ai->addr)); if (!strcmp(nad, inet_ntoa(scd->addr)) && ai->netmask == scd->netmask) { @@ -496,7 +415,7 @@ static void add_perm_list_entry(struct sender_command_data *scd) ai->netmask = scd->netmask; PARA_INFO_LOG("adding %s/%i to access list\n", inet_ntoa(ai->addr), ai->netmask); - para_list_add(&ai->node, &access_perm_list); + para_list_add(&ai->node, &http_acl); } static int http_com_deny(struct sender_command_data *scd) @@ -517,21 +436,28 @@ static int http_com_allow(struct sender_command_data *scd) return 1; } -static char *http_info(void) +static char *get_acl_contents(struct list_head *acl) { - char *clnts = NULL, *ap = NULL, *ret; struct access_info *ai, *tmp_ai; - struct http_client *hc, *tmp_hc; + char *ret = NULL; - list_for_each_entry_safe(ai, tmp_ai, &access_perm_list, node) { - char *tmp = make_message("%s%s/%d ", ap? ap : "", + list_for_each_entry_safe(ai, tmp_ai, acl, node) { + char *tmp = make_message("%s%s/%d ", ret? ret : "", inet_ntoa(ai->addr), ai->netmask); - free(ap); - ap = tmp; + free(ret); + ret = tmp; } + return ret; +} + +static char *http_info(void) +{ + char *clnts = NULL, *ret; + struct http_client *hc, *tmp_hc; + + char *acl_contents = get_acl_contents(&http_acl); list_for_each_entry_safe(hc, tmp_hc, &clients, node) { - char *tmp = make_message("%s%s:%d ", clnts? clnts : "", - CLIENT_ADDR(hc), CLIENT_PORT(hc)); + char *tmp = make_message("%s%s ", clnts? clnts : "", hc->name); free(clnts); clnts = tmp; } @@ -549,26 +475,26 @@ static char *http_info(void) conf.http_max_clients_arg > 0? "" : " (unlimited)", clnts? clnts : "(none)", conf.http_default_deny_given? "allow" : "deny", - ap? ap : "(none)" + acl_contents? acl_contents : "(none)" ); - free(ap); + free(acl_contents); free(clnts); return ret; } -static void init_access_control_list(void) +static void init_acl(struct list_head *acl, char * const *acl_info, int num) { int i; struct sender_command_data scd; - INIT_LIST_HEAD(&access_perm_list); - for (i = 0; i < conf.http_access_given; i++) { - char *arg = para_strdup(conf.http_access_arg[i]); + INIT_LIST_HEAD(acl); + for (i = 0; i < num; i++) { + char *arg = para_strdup(acl_info[i]); char *p = strchr(arg, '/'); if (!p) goto err; *p = '\0'; - if (!inet_aton(arg, &scd.addr)) + if (!inet_pton(AF_INET, arg, &scd.addr)) goto err; scd.netmask = atoi(++p); if (scd.netmask < 0 || scd.netmask > 32) @@ -617,7 +543,7 @@ void http_send_init(struct sender *s) s->client_cmds[SENDER_ADD] = NULL; s->client_cmds[SENDER_DELETE] = NULL; self = s; - init_access_control_list(); + init_acl(&http_acl, conf.http_access_arg, conf.http_access_given); if (!conf.http_no_autostart_given) open_tcp_port(conf.http_port_arg); /* ignore errors */ PARA_DEBUG_LOG("%s", "http sender init complete\n");